NillionNetwork
diff --git a/‎.github/workflows/cd.yaml‎
Lines changed: 26 additions & 12 deletions b/‎.github/workflows/cd.yaml‎
Lines changed: 26 additions & 12 deletions
diff --git a/‎.github/workflows/ci.yaml‎
Lines changed: 1 addition & 0 deletions b/‎.github/workflows/ci.yaml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎README.md‎
Lines changed: 15 additions & 14 deletions b/‎README.md‎
Lines changed: 15 additions & 14 deletions
diff --git a/‎bin/check-version.ts‎
Lines changed: 53 additions & 0 deletions b/‎bin/check-version.ts‎
Lines changed: 53 additions & 0 deletions
diff --git a/‎biome.jsonc‎
Lines changed: 14 additions & 6 deletions b/‎biome.jsonc‎
Lines changed: 14 additions & 6 deletions
diff --git a/‎package.json‎
Lines changed: 22 additions & 24 deletions b/‎package.json‎
Lines changed: 22 additions & 24 deletions
@@ -1,32 +1,46 @@
 name: CD
 
 on:
+  push:
+    branches: [ "main" ]
   workflow_dispatch:
-    inputs:
-      tag:
-        description: 'NPM tag'
-        type: choice
-        required: true
-        options:
-          - next
-          - latest
 
 concurrency:
   group: "publish"
   cancel-in-progress: true
+
 jobs:
-  publish-nilql:
+  check-version:
+    runs-on: ubuntu-latest
+    outputs:
+      should_publish: ${{ steps.check-version.outputs.local_version_is_higher }}
+      tag: ${{ steps.check-version.outputs.tag }}
+      version: ${{ steps.check-version.outputs.local_version }}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "24"
+      - uses: pnpm/action-setup@v4
+      - run: pnpm install
+      - id: check-version
+        run: pnpm exec tsx bin/check-version.ts
+
+  publish:
+    needs: check-version
+    if: needs.check-version.outputs.should_publish == 'true'
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
+        with:
+          submodules: 'recursive'
       - uses: actions/setup-node@v4
         with:
-          node-version: "23"
+          node-version: "24"
           registry-url: "https://registry.npmjs.org"
       - uses: pnpm/action-setup@v4
       - run: pnpm install
       - run: pnpm build
-      - run: pnpm exportscheck
       - env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
-        run: pnpm publish --tag ${{ github.event.inputs.tag }}
+        run: pnpm publish --tag ${{ needs.check-version.outputs.tag }} --no-git-checks
@@ -30,6 +30,7 @@ jobs:
           pnpm install
           pnpm biome ci
           pnpm typecheck
+          pnpm attw
 
   test:
     name: Test and report coverage
 
@@ -1,13 +1,14 @@
-# nilQL
-[![npm](https://badge.fury.io/js/nilql.svg)](https://www.npmjs.com/package/@nillion/nilql)
-[![ci](https://github.com/nillionnetwork/nilql-ts/actions/workflows/ci.yaml/badge.svg)](https://github.com/nillionnetwork/nilql-ts/actions)
-[![coveralls](https://coveralls.io/repos/github/NillionNetwork/nilql-ts/badge.svg?branch=main)](https://coveralls.io/github/NillionNetwork/nilql-ts)
+# blindfold-ts
+
+[![npm](https://badge.fury.io/js/blindfold.svg)](https://www.npmjs.com/package/@nillion/blindfold)
+[![ci](https://github.com/nillionnetwork/blindfold-ts/actions/workflows/ci.yaml/badge.svg)](https://github.com/nillionnetwork/blindfold-ts/actions)
+[![coveralls](https://coveralls.io/repos/github/NillionNetwork/blindfold-ts/badge.svg?branch=main)](https://coveralls.io/github/NillionNetwork/blindfold-ts)
 
 Library for working with encrypted data within nilDB queries and replies.
 
 ## Description and Purpose
 
-This library provides cryptographic operations that are compatible with nilDB nodes and clusters, allowing developers to leverage certain privacy-enhancing technologies (PETs) when storing, operating upon, and retrieving data while working with nilDB. The table below summarizes the functionalities available in nilQL.
+This library provides cryptographic operations that are compatible with nilDB nodes and clusters, allowing developers to leverage certain privacy-enhancing technologies (PETs) when storing, operating upon, and retrieving data while working with nilDB. The table below summarizes the functionalities available in blindfold.
 
 | Cluster        | Operation | Implementation Details                                            | Supported Types                                   |
 |----------------|-----------|-------------------------------------------------------------------|---------------------------------------------------|
@@ -38,7 +39,7 @@ pnpm install
 The library can be imported in the usual way:
 
 ```ts
-import { nilql } from "@nillion/nilql";
+import { blindfold } from "@nillion/blindfold";
 ```
 
 ### Example: Generating Keys
@@ -47,35 +48,35 @@ The example below generates a `SecretKey` instance for a single-node cluster:
 
 ```ts
 const cluster = {"nodes": [{}]};
-const secretKey = await nilql.SecretKey.generate(cluster, {"store": true});
+const secretKey = await blindfold.SecretKey.generate(cluster, {"store": true});
 ```
 
 The example below generates a `SecretKey` instance for a multiple-node (*i.e.*, three-node) cluster with a two-share decryption threshold:
 
 ```ts
 const cluster = {"nodes": [{}, {}, {}]};
-const secretKey = await nilql.SecretKey.generate(cluster, {"sum": true}, 2);
+const secretKey = await blindfold.SecretKey.generate(cluster, {"sum": true}, 2);
 ```
 
 ### Example: Encrypting and Decrypting Data
 
 The below example encrypts and decrypts a string:
 
 ```ts
-const secretKey = await nilql.SecretKey.generate({"nodes": [{}]}, {"store": true});
+const secretKey = await blindfold.SecretKey.generate({"nodes": [{}]}, {"store": true});
 const plaintext = "abc";
-const ciphertext = await nilql.encrypt(secretKey, plaintext);
-const decrypted = await nilql.decrypt(secretKey, ciphertext);
+const ciphertext = await blindfold.encrypt(secretKey, plaintext);
+const decrypted = await blindfold.decrypt(secretKey, ciphertext);
 console.log(plaintext, decrypted); // Should output `abc abc`.
 ```
 
 The below example encrypts and decrypts an integer:
 
 ```ts
-const secretKey = await nilql.SecretKey.generate({"nodes": [{}, {}, {}]}, {"sum": true}, 2);
+const secretKey = await blindfold.SecretKey.generate({"nodes": [{}, {}, {}]}, {"sum": true}, 2);
 const plaintext = BigInt(123);
-const ciphertext = await nilql.encrypt(secretKey, plaintext);
-const decrypted = await nilql.decrypt(secretKey, ciphertext);
+const ciphertext = await blindfold.encrypt(secretKey, plaintext);
+const decrypted = await blindfold.decrypt(secretKey, ciphertext);
 console.log(plaintext, decrypted); // Should output `123n 123n`.
 ```
 
 
@@ -0,0 +1,53 @@
+#!/usr/bin/env tsx
+
+import { appendFileSync } from "node:fs";
+import semver from "semver";
+import packageJson from "../package.json";
+
+interface NpmRegistryResponse {
+  "dist-tags": Record<string, string>;
+}
+
+async function getNpmVersion(
+  packageName: string,
+  distTag: string,
+): Promise<string> {
+  const response = await fetch(`https://registry.npmjs.org/${packageName}`);
+  if (response.ok) {
+    const data = (await response.json()) as NpmRegistryResponse;
+    return data["dist-tags"][distTag] || "0.0.0";
+  }
+  return "0.0.0";
+}
+
+function writeGitHubOutput(key: string, value: string): void {
+  const githubOutput = process.env.GITHUB_OUTPUT;
+  if (githubOutput) {
+    appendFileSync(githubOutput, `${key}=${value}\n`);
+  }
+  console.log(`${key}=${value}`);
+}
+
+async function main(): Promise<void> {
+  // Validate version format
+  if (!semver.valid(packageJson.version)) {
+    throw new Error(`Invalid version format: ${packageJson.version}`);
+  }
+
+  // Determine tag based on pre-release status
+  const distTag = semver.prerelease(packageJson.version) ? "next" : "latest";
+  const localVersion = packageJson.version;
+  const publicVersion = await getNpmVersion(packageJson.name, distTag);
+  const localVersionIsHigher = semver.gt(localVersion, publicVersion);
+
+  // Write outputs
+  writeGitHubOutput("local_version_is_higher", localVersionIsHigher.toString());
+  writeGitHubOutput("local_version", localVersion);
+  writeGitHubOutput("published_version", publicVersion);
+  writeGitHubOutput("tag", distTag);
+}
+
+// E.g. if this file is the entry point
+if (import.meta.url === `file://${process.argv[1]}`) {
+  main().catch(console.error);
+}
@@ -1,21 +1,19 @@
 {
-  "$schema": "https://biomejs.dev/schemas/1.9.4/schema.json",
+  "$schema": "https://biomejs.dev/schemas/2.0.4/schema.json",
   "vcs": {
     "enabled": true,
     "clientKind": "git",
     "useIgnoreFile": true
   },
   "files": {
     "ignoreUnknown": false,
-    "include": ["**/*.ts", "**/*.mjs", "**/*.json"]
+    "includes": ["**/*.ts", "**/*.mjs", "**/*.json"]
   },
   "formatter": {
     "enabled": true,
     "indentStyle": "space"
   },
-  "organizeImports": {
-    "enabled": true
-  },
+  "assist": { "actions": { "source": { "organizeImports": "on" } } },
   "linter": {
     "enabled": true,
     "rules": {
@@ -24,7 +22,17 @@
         "useExhaustiveDependencies": "off"
       },
       "style": {
-        "noNonNullAssertion": "warn"
+        "noNonNullAssertion": "warn",
+        "noParameterAssign": "error",
+        "useAsConstAssertion": "error",
+        "useDefaultParameterLast": "error",
+        "useEnumInitializers": "error",
+        "useSelfClosingElements": "error",
+        "useSingleVarDeclarator": "error",
+        "noUnusedTemplateLiteral": "error",
+        "useNumberNamespace": "error",
+        "noInferrableTypes": "error",
+        "noUselessElse": "error"
       }
     }
   },
 
@@ -1,16 +1,9 @@
 {
-  "name": "@nillion/nilql",
-  "version": "0.0.0-alpha.15",
+  "name": "@nillion/blindfold",
+  "version": "0.1.0-rc.0",
   "description": "Library for working with encrypted data within NilDB queries and replies.",
   "license": "MIT",
-  "homepage": "https://github.com/nillionnetwork/nilql-ts",
-  "bugs": {
-    "url": "https://github.com/nillionnetwork/nilql-ts/issues"
-  },
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/nillionnetwork/nilql-ts.git"
-  },
+  "homepage": "https://github.com/nillionnetwork/blindfold-ts",
   "type": "module",
   "module": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -32,7 +25,7 @@
     "test": "vitest run",
     "lint": "biome check",
     "typecheck": "tsc",
-    "exportscheck": "attw --pack .",
+    "attw": "attw --pack .",
     "install-hooks": "lefthook install"
   },
   "engines": {
@@ -44,24 +37,29 @@
     "paillier-bigint": "^3.4.3"
   },
   "devDependencies": {
-    "@arethetypeswrong/cli": "^0.17.4",
-    "@biomejs/biome": "^1.9.4",
-    "@commitlint/cli": "^19.8.0",
-    "@commitlint/config-conventional": "^19.8.0",
-    "@commitlint/types": "^19.8.0",
+    "@arethetypeswrong/cli": "^0.18.2",
+    "@biomejs/biome": "^2.0.4",
+    "@commitlint/cli": "^19.8.1",
+    "@commitlint/config-conventional": "^19.8.1",
+    "@commitlint/types": "^19.8.1",
     "@types/libsodium-wrappers": "^0.7.14",
     "@types/libsodium-wrappers-sumo": "^0.7.8",
-    "@types/node": "^22.14.1",
-    "@vitest/coverage-v8": "^3.1.1",
+    "@types/node": "^24.0.3",
+    "@types/semver": "^7.7.0",
+    "@vitest/coverage-v8": "^3.2.4",
     "coveralls": "^3.1.1",
     "crypto-browserify": "^3.12.1",
-    "lefthook": "^1.11.10",
-    "tsup": "^8.4.0",
+    "lefthook": "^1.11.14",
+    "semver": "^7.7.2",
+    "tsup": "^8.5.0",
+    "tsx": "^4.20.3",
     "typescript": "^5.8.3",
-    "vite": "^6.2.6",
+    "vite": "^6.3.5",
     "vite-tsconfig-paths": "^5.1.4",
-    "vitest": "^3.1.1"
+    "vitest": "^3.2.4"
   },
-  "files": ["dist"],
-  "packageManager": "[email protected]"
+  "files": [
+    "dist"
+  ],
+  "packageManager": "[email protected]"
 }