From bc6a9730d63e8c701dd9da629a3c518f03d54f9d Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 21 Mar 2026 22:24:29 +0000 Subject: [PATCH 1/2] Initial plan From 9a0d56bfba81bc0cca05ee1e99ba48d569f5c4ff Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 21 Mar 2026 22:28:50 +0000 Subject: [PATCH 2/2] Add KV v2 destroySecretVersions command Add the destroySecretVersions command to support the HashiCorp Vault KV v2 "Destroy Secret Versions" API endpoint (POST /secret/destroy/:path). - Add command in src/commands.js with configurable mount_point (defaults to "secret") - Add schema validation requiring versions array with minItems: 1 - Add TypeScript declaration in index.d.ts - Add unit tests for default and custom mount point usage - Regenerate features.md Co-authored-by: aviadhahami <7353632+aviadhahami@users.noreply.github.com> Agent-Logs-Url: https://github.com/nodevault/node-vault/sessions/6b90d6f5-1e0a-484c-8a8a-e3b3cb5b1ffa --- features.md | 5 +++++ index.d.ts | 1 + src/commands.js | 19 +++++++++++++++++++ test/unit.js | 26 ++++++++++++++++++++++++++ 4 files changed, 51 insertions(+) diff --git a/features.md b/features.md index 330b813..60c9013 100644 --- a/features.md +++ b/features.md @@ -405,3 +405,8 @@ ## vault.stepDown `PUT /sys/step-down` + + +## vault.destroySecretVersions + +`POST /{{mount_point}}{{^mount_point}}secret{{/mount_point}}/destroy/{{path}}` diff --git a/index.d.ts b/index.d.ts index 0a0d2fa..fb9fb14 100644 --- a/index.d.ts +++ b/index.d.ts @@ -145,6 +145,7 @@ declare namespace NodeVault { transitListKeys(options?: Option): Promise; transitDeleteKey(options?: Option): Promise; generateDatabaseCredentials(options?: Option): Promise; + destroySecretVersions(options?: Option): Promise; } interface VaultOptions { diff --git a/src/commands.js b/src/commands.js index 47bd49b..efffce7 100644 --- a/src/commands.js +++ b/src/commands.js @@ -1374,4 +1374,23 @@ module.exports = { method: 'PUT', path: '/sys/step-down', }, + destroySecretVersions: { + method: 'POST', + path: '/{{mount_point}}{{^mount_point}}secret{{/mount_point}}/destroy/{{path}}', + schema: { + req: { + type: 'object', + properties: { + versions: { + type: 'array', + items: { + type: 'integer', + }, + minItems: 1, + }, + }, + required: ['versions'], + }, + }, + }, } \ No newline at end of file diff --git a/test/unit.js b/test/unit.js index cc3bb4f..94c7e31 100644 --- a/test/unit.js +++ b/test/unit.js @@ -868,6 +868,32 @@ describe('node-vault', () => { }); }); + describe('KV v2 commands', () => { + it('should have destroySecretVersions function', () => { + vault.destroySecretVersions.should.be.a('function'); + }); + + it('should call destroySecretVersions with correct path and method', (done) => { + const params = { + method: 'POST', + path: '/secret/destroy/my-secret', + }; + vault.destroySecretVersions({ path: 'my-secret', versions: [1, 2] }) + .then(assertRequest(request, params, done)) + .catch(done); + }); + + it('should call destroySecretVersions with custom mount point', (done) => { + const params = { + method: 'POST', + path: '/custom-kv/destroy/my-secret', + }; + vault.destroySecretVersions({ mount_point: 'custom-kv', path: 'my-secret', versions: [1, 2] }) + .then(assertRequest(request, params, done)) + .catch(done); + }); + }); + describe('commands export', () => { it('should expose commands object on client', () => { vault.commands.should.be.an('object');