Follow-up from #562, raised by Copilot review.
#562 renamed the Node Encryption() client's auth field from config.strategy to config.authStrategy (keeping strategy as a deprecated alias). The @cipherstash/stack/wasm-inline entry (Deno / Edge / Workers / Bun) still exposes the strategy under config.strategy — via WasmClientConfig and resolveStrategy in packages/stack/src/wasm-inline.ts. This leaves the package with two different field names for the same concept depending on entry point.
Why it was deferred from #562
The wasm path is not a straight rename: WasmClientConfig is a discriminated union where strategy is mutually exclusive with accessKey (strategy?: never on the access-key arm, strategy: WasmAuthStrategy on the other), and resolveStrategy enforces that at runtime for plain-JS/Deno callers. Adding an authStrategy alias means widening the union to a three-way shape and updating the mutual-exclusivity guards + wasm tests — larger and higher-risk than the focused Node rename, so it was kept out to keep #562 reviewable.
Scope
- Add
authStrategy to WasmClientConfig as the documented field; keep strategy as a deprecated alias.
- Update
resolveStrategy to read authStrategy ?? strategy, preserving the accessKey mutual-exclusivity guard against both fields.
- Update the wasm-inline top-level docs/examples and the offline
resolveStrategy tests.
- Decide whether the wasm path needs a runtime deprecation warning too (Node emits one).
Related
Follow-up from #562, raised by Copilot review.
#562 renamed the Node
Encryption()client's auth field fromconfig.strategytoconfig.authStrategy(keepingstrategyas a deprecated alias). The@cipherstash/stack/wasm-inlineentry (Deno / Edge / Workers / Bun) still exposes the strategy underconfig.strategy— viaWasmClientConfigandresolveStrategyinpackages/stack/src/wasm-inline.ts. This leaves the package with two different field names for the same concept depending on entry point.Why it was deferred from #562
The wasm path is not a straight rename:
WasmClientConfigis a discriminated union wherestrategyis mutually exclusive withaccessKey(strategy?: neveron the access-key arm,strategy: WasmAuthStrategyon the other), andresolveStrategyenforces that at runtime for plain-JS/Deno callers. Adding anauthStrategyalias means widening the union to a three-way shape and updating the mutual-exclusivity guards + wasm tests — larger and higher-risk than the focused Node rename, so it was kept out to keep #562 reviewable.Scope
authStrategytoWasmClientConfigas the documented field; keepstrategyas a deprecated alias.resolveStrategyto readauthStrategy ?? strategy, preserving theaccessKeymutual-exclusivity guard against both fields.resolveStrategytests.Related