@actuate-media/cms-core 0.1.0

package/dist/__tests__/scheduling/scheduling.test.js

@@ -0,0 +1,84 @@
+import { describe, it, expect, vi } from 'vitest';
+import { processScheduledPublish, processScheduledUnpublish, getScheduleCalendar, } from '../../scheduling/index';
+function createMockDB(docs = []) {
+    return {
+        document: {
+            findMany: vi.fn(async () => docs),
+            update: vi.fn(async ({ where, data }) => {
+                const doc = docs.find((d) => d.id === where.id);
+                if (doc)
+                    Object.assign(doc, data);
+                return doc;
+            }),
+        },
+    };
+}
+describe('processScheduledPublish', () => {
+    it('publishes documents with scheduledAt in the past', async () => {
+        const docs = [
+            { id: 'doc-1', status: 'SCHEDULED', scheduledAt: new Date(Date.now() - 10000) },
+            { id: 'doc-2', status: 'SCHEDULED', scheduledAt: new Date(Date.now() - 5000) },
+        ];
+        const db = createMockDB(docs);
+        const result = await processScheduledPublish(db);
+        expect(result.published).toBe(2);
+        expect(result.errors).toHaveLength(0);
+        expect(db.document.update).toHaveBeenCalledTimes(2);
+    });
+    it('returns empty when no documents are due', async () => {
+        const db = createMockDB([]);
+        const result = await processScheduledPublish(db);
+        expect(result.published).toBe(0);
+        expect(result.errors).toHaveLength(0);
+    });
+    it('captures errors for individual documents', async () => {
+        const docs = [{ id: 'doc-1', status: 'SCHEDULED', scheduledAt: new Date(Date.now() - 10000) }];
+        const db = createMockDB(docs);
+        db.document.update.mockRejectedValueOnce(new Error('DB error'));
+        const result = await processScheduledPublish(db);
+        expect(result.published).toBe(0);
+        expect(result.errors).toHaveLength(1);
+        expect(result.errors[0].documentId).toBe('doc-1');
+    });
+});
+describe('processScheduledUnpublish', () => {
+    it('unpublishes documents with scheduledUnpublishAt in the past', async () => {
+        const docs = [
+            { id: 'doc-1', status: 'PUBLISHED', scheduledUnpublishAt: new Date(Date.now() - 10000) },
+        ];
+        const db = createMockDB(docs);
+        const result = await processScheduledUnpublish(db);
+        expect(result.unpublished).toBe(1);
+        expect(result.errors).toHaveLength(0);
+    });
+});
+describe('getScheduleCalendar', () => {
+    it('returns entries for scheduled publish and unpublish', async () => {
+        const now = new Date();
+        const future = new Date(Date.now() + 86_400_000);
+        const docs = [
+            { id: 'doc-1', collection: 'pages', title: 'Page 1', scheduledAt: future, scheduledUnpublishAt: null },
+            { id: 'doc-2', collection: 'posts', title: 'Post 1', scheduledAt: null, scheduledUnpublishAt: future },
+        ];
+        const db = createMockDB(docs);
+        const from = new Date(Date.now() - 86_400_000);
+        const to = new Date(Date.now() + 86_400_000 * 2);
+        const entries = await getScheduleCalendar(from, to, db);
+        expect(entries).toHaveLength(2);
+        expect(entries[0].action).toBe('publish');
+        expect(entries[1].action).toBe('unpublish');
+    });
+    it('returns sorted entries', async () => {
+        const earlier = new Date(Date.now() + 10_000);
+        const later = new Date(Date.now() + 86_400_000);
+        const docs = [
+            { id: 'doc-1', collection: 'pages', title: 'Later', scheduledAt: later, scheduledUnpublishAt: null },
+            { id: 'doc-2', collection: 'pages', title: 'Earlier', scheduledAt: earlier, scheduledUnpublishAt: null },
+        ];
+        const db = createMockDB(docs);
+        const entries = await getScheduleCalendar(new Date(), new Date(Date.now() + 86_400_000 * 2), db);
+        expect(entries[0].title).toBe('Earlier');
+        expect(entries[1].title).toBe('Later');
+    });
+});
+//# sourceMappingURL=scheduling.test.js.map

package/dist/__tests__/scheduling/scheduling.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scheduling.test.js","sourceRoot":"","sources":["../../../src/__tests__/scheduling/scheduling.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,EACL,uBAAuB,EACvB,yBAAyB,EACzB,mBAAmB,GACpB,MAAM,wBAAwB,CAAC;AAEhC,SAAS,YAAY,CAAC,OAAc,EAAE;IACpC,OAAO;QACL,QAAQ,EAAE;YACR,QAAQ,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,IAAI,CAAC;YACjC,MAAM,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,EAAO,EAAE,EAAE;gBAC3C,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,KAAK,CAAC,EAAE,CAAC,CAAC;gBAChD,IAAI,GAAG;oBAAE,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBAClC,OAAO,GAAG,CAAC;YACb,CAAC,CAAC;SACH;KACF,CAAC;AACJ,CAAC;AAED,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;IACvC,EAAE,CAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;QAChE,MAAM,IAAI,GAAG;YACX,EAAE,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,WAAW,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,EAAE;YAC/E,EAAE,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,WAAW,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE;SAC/E,CAAC;QACF,MAAM,EAAE,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QAE9B,MAAM,MAAM,GAAG,MAAM,uBAAuB,CAAC,EAAE,CAAC,CAAC;QACjD,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACjC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACtC,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yCAAyC,EAAE,KAAK,IAAI,EAAE;QACvD,MAAM,EAAE,GAAG,YAAY,CAAC,EAAE,CAAC,CAAC;QAC5B,MAAM,MAAM,GAAG,MAAM,uBAAuB,CAAC,EAAE,CAAC,CAAC;QACjD,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACjC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0CAA0C,EAAE,KAAK,IAAI,EAAE;QACxD,MAAM,IAAI,GAAG,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,WAAW,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC;QAC/F,MAAM,EAAE,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QAC9B,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,qBAAqB,CAAC,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC;QAEhE,MAAM,MAAM,GAAG,MAAM,uBAAuB,CAAC,EAAE,CAAC,CAAC;QACjD,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACjC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACtC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,2BAA2B,EAAE,GAAG,EAAE;IACzC,EAAE,CAAC,6DAA6D,EAAE,KAAK,IAAI,EAAE;QAC3E,MAAM,IAAI,GAAG;YACX,EAAE,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,oBAAoB,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,EAAE;SACzF,CAAC;QACF,MAAM,EAAE,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QAE9B,MAAM,MAAM,GAAG,MAAM,yBAAyB,CAAC,EAAE,CAAC,CAAC;QACnD,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;QACnE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,MAAM,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,CAAC;QACjD,MAAM,IAAI,GAAG;YACX,EAAE,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,EAAE,oBAAoB,EAAE,IAAI,EAAE;YACtG,EAAE,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,IAAI,EAAE,oBAAoB,EAAE,MAAM,EAAE;SACvG,CAAC;QACF,MAAM,EAAE,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QAE9B,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,CAAC;QAC/C,MAAM,EAAE,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,GAAG,CAAC,CAAC,CAAC;QAEjD,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,IAAI,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;QACxD,MAAM,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAE,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,CAAC,CAAE,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wBAAwB,EAAE,KAAK,IAAI,EAAE;QACtC,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,CAAC;QAChD,MAAM,IAAI,GAAG;YACX,EAAE,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,oBAAoB,EAAE,IAAI,EAAE;YACpG,EAAE,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE;SACzG,CAAC;QACF,MAAM,EAAE,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QAE9B,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,IAAI,IAAI,EAAE,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACjG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAE,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC1C,MAAM,CAAC,OAAO,CAAC,CAAC,CAAE,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/__tests__/security/access.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=access.test.d.ts.map

package/dist/__tests__/security/access.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"access.test.d.ts","sourceRoot":"","sources":["../../../src/__tests__/security/access.test.ts"],"names":[],"mappings":""}

package/dist/__tests__/security/access.test.js

@@ -0,0 +1,181 @@
+import { describe, it, expect } from 'vitest';
+import { checkAccess, getPermissionsForRole, filterFieldsByRole, applyFieldAccess } from '../../security/access';
+describe('checkAccess', () => {
+    it('ADMIN can access everything', () => {
+        expect(checkAccess('ADMIN', 'ADMIN')).toBe(true);
+        expect(checkAccess('ADMIN', 'EDITOR')).toBe(true);
+        expect(checkAccess('ADMIN', 'AUTHOR')).toBe(true);
+        expect(checkAccess('ADMIN', 'CLIENT')).toBe(true);
+    });
+    it('EDITOR can access AUTHOR level', () => {
+        expect(checkAccess('EDITOR', 'AUTHOR')).toBe(true);
+        expect(checkAccess('EDITOR', 'CLIENT')).toBe(true);
+        expect(checkAccess('EDITOR', 'EDITOR')).toBe(true);
+    });
+    it('EDITOR cannot access ADMIN level', () => {
+        expect(checkAccess('EDITOR', 'ADMIN')).toBe(false);
+    });
+    it('AUTHOR cannot access EDITOR level', () => {
+        expect(checkAccess('AUTHOR', 'EDITOR')).toBe(false);
+        expect(checkAccess('AUTHOR', 'ADMIN')).toBe(false);
+    });
+    it('AUTHOR can access AUTHOR and CLIENT levels', () => {
+        expect(checkAccess('AUTHOR', 'AUTHOR')).toBe(true);
+        expect(checkAccess('AUTHOR', 'CLIENT')).toBe(true);
+    });
+    it('CLIENT cannot access AUTHOR level', () => {
+        expect(checkAccess('CLIENT', 'AUTHOR')).toBe(false);
+        expect(checkAccess('CLIENT', 'EDITOR')).toBe(false);
+        expect(checkAccess('CLIENT', 'ADMIN')).toBe(false);
+    });
+    it('CLIENT can access CLIENT level', () => {
+        expect(checkAccess('CLIENT', 'CLIENT')).toBe(true);
+    });
+});
+describe('getPermissionsForRole', () => {
+    it('ADMIN gets delete permission', () => {
+        const perms = getPermissionsForRole('ADMIN');
+        const actions = perms.map((p) => p.action);
+        expect(actions).toContain('delete');
+        expect(actions).toContain('create');
+        expect(actions).toContain('read');
+        expect(actions).toContain('update');
+        expect(actions).toContain('publish');
+    });
+    it('EDITOR gets publish but not delete', () => {
+        const perms = getPermissionsForRole('EDITOR');
+        const actions = perms.map((p) => p.action);
+        expect(actions).toContain('publish');
+        expect(actions).toContain('read');
+        expect(actions).toContain('create');
+        expect(actions).not.toContain('delete');
+    });
+    it('AUTHOR gets create but not delete', () => {
+        const perms = getPermissionsForRole('AUTHOR');
+        const actions = perms.map((p) => p.action);
+        expect(actions).toContain('read');
+        expect(actions).toContain('create');
+        expect(actions).not.toContain('delete');
+        expect(actions).not.toContain('publish');
+    });
+    it('CLIENT only gets read permission', () => {
+        const perms = getPermissionsForRole('CLIENT');
+        const actions = perms.map((p) => p.action);
+        expect(actions).toEqual(['read']);
+    });
+    it('AUTHOR has "update own" but not "update *"', () => {
+        const perms = getPermissionsForRole('AUTHOR');
+        const updatePerms = perms.filter((p) => p.action === 'update');
+        expect(updatePerms).toHaveLength(1);
+        expect(updatePerms[0].resource).toBe('own');
+    });
+    it('EDITOR has "update *" (all resources)', () => {
+        const perms = getPermissionsForRole('EDITOR');
+        const updatePerms = perms.filter((p) => p.action === 'update');
+        const resources = updatePerms.map((p) => p.resource);
+        expect(resources).toContain('*');
+    });
+});
+describe('filterFieldsByRole', () => {
+    const adminUser = { id: 'admin-1', role: 'ADMIN' };
+    const clientUser = { id: 'client-1', role: 'CLIENT' };
+    it('returns all fields when no access control is defined', async () => {
+        const fields = {
+            title: { type: 'text', label: 'Title', required: true },
+            body: { type: 'richText', label: 'Body' },
+        };
+        const filtered = await filterFieldsByRole(fields, clientUser);
+        expect(Object.keys(filtered)).toEqual(['title', 'body']);
+    });
+    it('returns a shallow copy, not the same reference', async () => {
+        const fields = {
+            name: { type: 'text', label: 'Name' },
+        };
+        const filtered = await filterFieldsByRole(fields, adminUser);
+        expect(filtered).not.toBe(fields);
+        expect(filtered).toEqual(fields);
+    });
+    it('filters out fields the user cannot read', async () => {
+        const fields = {
+            title: { type: 'text', label: 'Title' },
+            secret: {
+                type: 'text',
+                label: 'Secret',
+                access: {
+                    read: async ({ user }) => user?.role === 'ADMIN',
+                },
+            },
+        };
+        const clientFiltered = await filterFieldsByRole(fields, clientUser);
+        expect(Object.keys(clientFiltered)).toEqual(['title']);
+        const adminFiltered = await filterFieldsByRole(fields, adminUser);
+        expect(Object.keys(adminFiltered)).toEqual(['title', 'secret']);
+    });
+});
+describe('applyFieldAccess', () => {
+    const adminUser = { id: 'admin-1', role: 'ADMIN' };
+    const clientUser = { id: 'client-1', role: 'CLIENT' };
+    it('read mode: strips fields the user cannot read', async () => {
+        const fields = {
+            title: { type: 'text', label: 'Title' },
+            internal: {
+                type: 'text',
+                label: 'Internal',
+                access: {
+                    read: async ({ user }) => user?.role === 'ADMIN',
+                },
+            },
+        };
+        const data = { title: 'Hello', internal: 'secret-value', extra: 'kept' };
+        const clientResult = await applyFieldAccess('read', fields, data, clientUser);
+        expect(clientResult).toEqual({ title: 'Hello', extra: 'kept' });
+        const adminResult = await applyFieldAccess('read', fields, data, adminUser);
+        expect(adminResult).toEqual({ title: 'Hello', internal: 'secret-value', extra: 'kept' });
+    });
+    it('write mode: strips fields the user cannot update', async () => {
+        const fields = {
+            title: { type: 'text', label: 'Title' },
+            locked: {
+                type: 'text',
+                label: 'Locked',
+                access: {
+                    update: async ({ user }) => user?.role === 'ADMIN',
+                },
+            },
+        };
+        const data = { title: 'New Title', locked: 'overwrite-attempt' };
+        const clientResult = await applyFieldAccess('write', fields, data, clientUser);
+        expect(clientResult).toEqual({ title: 'New Title' });
+        const adminResult = await applyFieldAccess('write', fields, data, adminUser);
+        expect(adminResult).toEqual({ title: 'New Title', locked: 'overwrite-attempt' });
+    });
+    it('passes through unknown keys on read', async () => {
+        const fields = {
+            title: { type: 'text', label: 'Title' },
+        };
+        const data = { title: 'Hello', unknownField: 'value' };
+        const result = await applyFieldAccess('read', fields, data, clientUser);
+        expect(result).toEqual({ title: 'Hello', unknownField: 'value' });
+    });
+    it('strips unknown keys on write (mass assignment prevention)', async () => {
+        const fields = {
+            title: { type: 'text', label: 'Title' },
+        };
+        const data = { title: 'Hello', isAdmin: true, role: 'ADMIN' };
+        const result = await applyFieldAccess('write', fields, data, clientUser);
+        expect(result).toEqual({ title: 'Hello' });
+        expect(result).not.toHaveProperty('isAdmin');
+        expect(result).not.toHaveProperty('role');
+    });
+    it('allows system keys on write', async () => {
+        const fields = {
+            body: { type: 'richText', label: 'Body' },
+        };
+        const data = { body: '<p>Hi</p>', title: 'My Page', slug: 'my-page', status: 'PUBLISHED' };
+        const result = await applyFieldAccess('write', fields, data, clientUser);
+        expect(result).toHaveProperty('title');
+        expect(result).toHaveProperty('slug');
+        expect(result).toHaveProperty('status');
+    });
+});
+//# sourceMappingURL=access.test.js.map

package/dist/__tests__/security/access.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"access.test.js","sourceRoot":"","sources":["../../../src/__tests__/security/access.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAIjH,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IAC3B,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;QACrC,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACjD,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClD,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClD,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnD,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnD,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACpD,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;QACpD,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnD,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACpD,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACpD,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;QACtC,MAAM,KAAK,GAAG,qBAAqB,CAAC,OAAO,CAAC,CAAC;QAC7C,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACpC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACpC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAClC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACpC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,KAAK,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAC9C,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACrC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAClC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACpC,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,KAAK,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAC9C,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAClC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACpC,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACxC,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,KAAK,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAC9C,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;QACpD,MAAM,KAAK,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAC9C,MAAM,WAAW,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC;QAC/D,MAAM,CAAC,WAAW,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAE,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,KAAK,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAC9C,MAAM,WAAW,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC;QAC/D,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACrD,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,MAAM,SAAS,GAAoB,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IACpE,MAAM,UAAU,GAAoB,EAAE,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAEvE,EAAE,CAAC,sDAAsD,EAAE,KAAK,IAAI,EAAE;QACpE,MAAM,MAAM,GAAoC;YAC9C,KAAK,EAAE,EAAE,IAAI,EAAE,MAAe,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE;YAChE,IAAI,EAAE,EAAE,IAAI,EAAE,UAAmB,EAAE,KAAK,EAAE,MAAM,EAAE;SACnD,CAAC;QACF,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QAC9D,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gDAAgD,EAAE,KAAK,IAAI,EAAE;QAC9D,MAAM,MAAM,GAAoC;YAC9C,IAAI,EAAE,EAAE,IAAI,EAAE,MAAe,EAAE,KAAK,EAAE,MAAM,EAAE;SAC/C,CAAC;QACF,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QAC7D,MAAM,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAClC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yCAAyC,EAAE,KAAK,IAAI,EAAE;QACvD,MAAM,MAAM,GAAoC;YAC9C,KAAK,EAAE,EAAE,IAAI,EAAE,MAAe,EAAE,KAAK,EAAE,OAAO,EAAE;YAChD,MAAM,EAAE;gBACN,IAAI,EAAE,MAAe;gBACrB,KAAK,EAAE,QAAQ;gBACf,MAAM,EAAE;oBACN,IAAI,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,IAAI,KAAK,OAAO;iBACjD;aACF;SACF,CAAC;QACF,MAAM,cAAc,GAAG,MAAM,kBAAkB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QACpE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;QAEvD,MAAM,aAAa,GAAG,MAAM,kBAAkB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QAClE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;IAChC,MAAM,SAAS,GAAoB,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IACpE,MAAM,UAAU,GAAoB,EAAE,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAEvE,EAAE,CAAC,+CAA+C,EAAE,KAAK,IAAI,EAAE;QAC7D,MAAM,MAAM,GAAoC;YAC9C,KAAK,EAAE,EAAE,IAAI,EAAE,MAAe,EAAE,KAAK,EAAE,OAAO,EAAE;YAChD,QAAQ,EAAE;gBACR,IAAI,EAAE,MAAe;gBACrB,KAAK,EAAE,UAAU;gBACjB,MAAM,EAAE;oBACN,IAAI,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,IAAI,KAAK,OAAO;iBACjD;aACF;SACF,CAAC;QACF,MAAM,IAAI,GAAG,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC;QAEzE,MAAM,YAAY,GAAG,MAAM,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;QAC9E,MAAM,CAAC,YAAY,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QAEhE,MAAM,WAAW,GAAG,MAAM,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QAC5E,MAAM,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;IAC3F,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;QAChE,MAAM,MAAM,GAAoC;YAC9C,KAAK,EAAE,EAAE,IAAI,EAAE,MAAe,EAAE,KAAK,EAAE,OAAO,EAAE;YAChD,MAAM,EAAE;gBACN,IAAI,EAAE,MAAe;gBACrB,KAAK,EAAE,QAAQ;gBACf,MAAM,EAAE;oBACN,MAAM,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,EAAE,IAAI,KAAK,OAAO;iBACnD;aACF;SACF,CAAC;QACF,MAAM,IAAI,GAAG,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAC;QAEjE,MAAM,YAAY,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;QAC/E,MAAM,CAAC,YAAY,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;QAErD,MAAM,WAAW,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QAC7E,MAAM,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAC,CAAC;IACnF,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qCAAqC,EAAE,KAAK,IAAI,EAAE;QACnD,MAAM,MAAM,GAAoC;YAC9C,KAAK,EAAE,EAAE,IAAI,EAAE,MAAe,EAAE,KAAK,EAAE,OAAO,EAAE;SACjD,CAAC;QACF,MAAM,IAAI,GAAG,EAAE,KAAK,EAAE,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC;QACvD,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;QACxE,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC,CAAC;IACpE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2DAA2D,EAAE,KAAK,IAAI,EAAE;QACzE,MAAM,MAAM,GAAoC;YAC9C,KAAK,EAAE,EAAE,IAAI,EAAE,MAAe,EAAE,KAAK,EAAE,OAAO,EAAE;SACjD,CAAC;QACF,MAAM,IAAI,GAAG,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;QAC9D,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;QACzE,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;QAC7C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6BAA6B,EAAE,KAAK,IAAI,EAAE;QAC3C,MAAM,MAAM,GAAoC;YAC9C,IAAI,EAAE,EAAE,IAAI,EAAE,UAAmB,EAAE,KAAK,EAAE,MAAM,EAAE;SACnD,CAAC;QACF,MAAM,IAAI,GAAG,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;QAC3F,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;QACzE,MAAM,CAAC,MAAM,CAAC,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QACtC,MAAM,CAAC,MAAM,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/__tests__/security/csrf.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=csrf.test.d.ts.map

package/dist/__tests__/security/csrf.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"csrf.test.d.ts","sourceRoot":"","sources":["../../../src/__tests__/security/csrf.test.ts"],"names":[],"mappings":""}

package/dist/__tests__/security/csrf.test.js

@@ -0,0 +1,40 @@
+import { describe, it, expect } from 'vitest';
+import { generateToken, validateToken } from '../../security/csrf.js';
+describe('generateToken', () => {
+    it('returns a 64-char hex string', async () => {
+        const token = await generateToken();
+        expect(token).toHaveLength(64);
+        expect(token).toMatch(/^[0-9a-f]{64}$/);
+    });
+    it('generates unique tokens on each call', async () => {
+        const token1 = await generateToken();
+        const token2 = await generateToken();
+        expect(token1).not.toBe(token2);
+    });
+});
+describe('validateToken', () => {
+    it('returns true for matching tokens', async () => {
+        const token = await generateToken();
+        expect(validateToken(token, token)).toBe(true);
+    });
+    it('returns true for identical manually-constructed tokens', () => {
+        const token = 'a'.repeat(64);
+        expect(validateToken(token, token)).toBe(true);
+    });
+    it('returns false for different tokens of the same length', async () => {
+        const token1 = await generateToken();
+        const token2 = await generateToken();
+        expect(validateToken(token1, token2)).toBe(false);
+    });
+    it('returns false for tokens of different lengths', () => {
+        const short = 'abcdef';
+        const long = 'abcdefabcdef';
+        expect(validateToken(short, long)).toBe(false);
+    });
+    it('returns false when one token is empty', async () => {
+        const token = await generateToken();
+        expect(validateToken(token, '')).toBe(false);
+        expect(validateToken('', token)).toBe(false);
+    });
+});
+//# sourceMappingURL=csrf.test.js.map

package/dist/__tests__/security/csrf.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"csrf.test.js","sourceRoot":"","sources":["../../../src/__tests__/security/csrf.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAEtE,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,EAAE,CAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;QAC5C,MAAM,KAAK,GAAG,MAAM,aAAa,EAAE,CAAC;QACpC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;QAC/B,MAAM,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;QACpD,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;QACrC,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,EAAE,CAAC,kCAAkC,EAAE,KAAK,IAAI,EAAE;QAChD,MAAM,KAAK,GAAG,MAAM,aAAa,EAAE,CAAC;QACpC,MAAM,CAAC,aAAa,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;QAChE,MAAM,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC7B,MAAM,CAAC,aAAa,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uDAAuD,EAAE,KAAK,IAAI,EAAE;QACrE,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;QACrC,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;QACrC,MAAM,CAAC,aAAa,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,MAAM,KAAK,GAAG,QAAQ,CAAC;QACvB,MAAM,IAAI,GAAG,cAAc,CAAC;QAC5B,MAAM,CAAC,aAAa,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;QACrD,MAAM,KAAK,GAAG,MAAM,aAAa,EAAE,CAAC;QACpC,MAAM,CAAC,aAAa,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC7C,MAAM,CAAC,aAAa,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/__tests__/security/rate-limit.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=rate-limit.test.d.ts.map

package/dist/__tests__/security/rate-limit.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limit.test.d.ts","sourceRoot":"","sources":["../../../src/__tests__/security/rate-limit.test.ts"],"names":[],"mappings":""}

package/dist/__tests__/security/rate-limit.test.js

@@ -0,0 +1,62 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { createRateLimiter } from '../../security/rate-limit.js';
+describe('createRateLimiter', () => {
+    beforeEach(() => {
+        vi.useFakeTimers();
+    });
+    afterEach(() => {
+        vi.useRealTimers();
+    });
+    it('allows requests under the limit', async () => {
+        const limiter = createRateLimiter({ windowMs: 60_000, maxRequests: 5 });
+        const r1 = await limiter.check('ip:127.0.0.1');
+        expect(r1.allowed).toBe(true);
+        expect(r1.remaining).toBe(4);
+        const r2 = await limiter.check('ip:127.0.0.1');
+        expect(r2.allowed).toBe(true);
+        expect(r2.remaining).toBe(3);
+    });
+    it('blocks requests over the limit', async () => {
+        const limiter = createRateLimiter({ windowMs: 60_000, maxRequests: 3 });
+        await limiter.check('ip:test');
+        await limiter.check('ip:test');
+        await limiter.check('ip:test');
+        const blocked = await limiter.check('ip:test');
+        expect(blocked.allowed).toBe(false);
+        expect(blocked.remaining).toBe(0);
+        expect(blocked.retryAfter).toBeDefined();
+        expect(blocked.retryAfter).toBeGreaterThan(0);
+    });
+    it('resets after window expires', async () => {
+        const limiter = createRateLimiter({ windowMs: 10_000, maxRequests: 2 });
+        await limiter.check('ip:expire');
+        await limiter.check('ip:expire');
+        const blocked = await limiter.check('ip:expire');
+        expect(blocked.allowed).toBe(false);
+        vi.advanceTimersByTime(11_000);
+        const afterReset = await limiter.check('ip:expire');
+        expect(afterReset.allowed).toBe(true);
+        expect(afterReset.remaining).toBe(1);
+    });
+    it('reset() clears the counter', async () => {
+        const limiter = createRateLimiter({ windowMs: 60_000, maxRequests: 2 });
+        await limiter.check('ip:reset');
+        await limiter.check('ip:reset');
+        const blocked = await limiter.check('ip:reset');
+        expect(blocked.allowed).toBe(false);
+        await limiter.reset('ip:reset');
+        const afterReset = await limiter.check('ip:reset');
+        expect(afterReset.allowed).toBe(true);
+        expect(afterReset.remaining).toBe(1);
+    });
+    it('tracks different keys independently', async () => {
+        const limiter = createRateLimiter({ windowMs: 60_000, maxRequests: 1 });
+        const r1 = await limiter.check('key-a');
+        expect(r1.allowed).toBe(true);
+        const r2 = await limiter.check('key-b');
+        expect(r2.allowed).toBe(true);
+        const r3 = await limiter.check('key-a');
+        expect(r3.allowed).toBe(false);
+    });
+});
+//# sourceMappingURL=rate-limit.test.js.map

package/dist/__tests__/security/rate-limit.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limit.test.js","sourceRoot":"","sources":["../../../src/__tests__/security/rate-limit.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AAEjE,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,EAAE,CAAC,aAAa,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;QAC/C,MAAM,OAAO,GAAG,iBAAiB,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,CAAC;QAExE,MAAM,EAAE,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;QAC/C,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9B,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAE7B,MAAM,EAAE,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;QAC/C,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9B,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;QAC9C,MAAM,OAAO,GAAG,iBAAiB,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,CAAC;QAExE,MAAM,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAC/B,MAAM,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAC/B,MAAM,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAE/B,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACpC,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;QACzC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6BAA6B,EAAE,KAAK,IAAI,EAAE;QAC3C,MAAM,OAAO,GAAG,iBAAiB,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,CAAC;QAExE,MAAM,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QACjC,MAAM,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAEjC,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QACjD,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAEpC,EAAE,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAE/B,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4BAA4B,EAAE,KAAK,IAAI,EAAE;QAC1C,MAAM,OAAO,GAAG,iBAAiB,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,CAAC;QAExE,MAAM,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAChC,MAAM,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAEhC,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAChD,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAEpC,MAAM,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAEhC,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACnD,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qCAAqC,EAAE,KAAK,IAAI,EAAE;QACnD,MAAM,OAAO,GAAG,iBAAiB,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,CAAC;QAExE,MAAM,EAAE,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACxC,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE9B,MAAM,EAAE,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACxC,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE9B,MAAM,EAAE,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACxC,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/__tests__/security/reauth.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=reauth.test.d.ts.map

package/dist/__tests__/security/reauth.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"reauth.test.d.ts","sourceRoot":"","sources":["../../../src/__tests__/security/reauth.test.ts"],"names":[],"mappings":""}

package/dist/__tests__/security/reauth.test.js

@@ -0,0 +1,30 @@
+import { describe, it, expect } from 'vitest';
+import { requiresReauth, DEFAULT_REAUTH_CONFIG } from '../../security/reauth';
+describe('requiresReauth', () => {
+    it('returns false for actions not in the required list', () => {
+        const result = requiresReauth({ lastAuthAt: new Date(0), action: 'view_dashboard' }, DEFAULT_REAUTH_CONFIG);
+        expect(result).toBe(false);
+    });
+    it('returns false when recently authenticated', () => {
+        const result = requiresReauth({ lastAuthAt: new Date(), action: 'delete_user' }, DEFAULT_REAUTH_CONFIG);
+        expect(result).toBe(false);
+    });
+    it('returns true when authentication is stale', () => {
+        const staleDate = new Date(Date.now() - 600_000);
+        const result = requiresReauth({ lastAuthAt: staleDate, action: 'delete_user' }, DEFAULT_REAUTH_CONFIG);
+        expect(result).toBe(true);
+    });
+    it('returns true for change_settings when stale', () => {
+        const staleDate = new Date(Date.now() - 600_000);
+        const result = requiresReauth({ lastAuthAt: staleDate, action: 'change_settings' }, DEFAULT_REAUTH_CONFIG);
+        expect(result).toBe(true);
+    });
+    it('respects custom maxAgeSeconds', () => {
+        const config = { maxAgeSeconds: 10, requiredForActions: ['test_action'] };
+        const recentEnough = new Date(Date.now() - 5_000);
+        expect(requiresReauth({ lastAuthAt: recentEnough, action: 'test_action' }, config)).toBe(false);
+        const tooOld = new Date(Date.now() - 15_000);
+        expect(requiresReauth({ lastAuthAt: tooOld, action: 'test_action' }, config)).toBe(true);
+    });
+});
+//# sourceMappingURL=reauth.test.js.map

package/dist/__tests__/security/reauth.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"reauth.test.js","sourceRoot":"","sources":["../../../src/__tests__/security/reauth.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAE9E,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;IAC9B,EAAE,CAAC,oDAAoD,EAAE,GAAG,EAAE;QAC5D,MAAM,MAAM,GAAG,cAAc,CAC3B,EAAE,UAAU,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,gBAAgB,EAAE,EACrD,qBAAqB,CACtB,CAAC;QACF,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,MAAM,GAAG,cAAc,CAC3B,EAAE,UAAU,EAAE,IAAI,IAAI,EAAE,EAAE,MAAM,EAAE,aAAa,EAAE,EACjD,qBAAqB,CACtB,CAAC;QACF,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,CAAC;QACjD,MAAM,MAAM,GAAG,cAAc,CAC3B,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,EAAE,aAAa,EAAE,EAChD,qBAAqB,CACtB,CAAC;QACF,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,CAAC;QACjD,MAAM,MAAM,GAAG,cAAc,CAC3B,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,EAAE,iBAAiB,EAAE,EACpD,qBAAqB,CACtB,CAAC;QACF,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,MAAM,MAAM,GAAG,EAAE,aAAa,EAAE,EAAE,EAAE,kBAAkB,EAAE,CAAC,aAAa,CAAC,EAAE,CAAC;QAC1E,MAAM,YAAY,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,CAAC;QAClD,MAAM,CAAC,cAAc,CAAC,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,EAAE,aAAa,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAEhG,MAAM,MAAM,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,CAAC;QAC7C,MAAM,CAAC,cAAc,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC3F,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/__tests__/security/sanitize.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=sanitize.test.d.ts.map

package/dist/__tests__/security/sanitize.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitize.test.d.ts","sourceRoot":"","sources":["../../../src/__tests__/security/sanitize.test.ts"],"names":[],"mappings":""}

package/dist/__tests__/security/sanitize.test.js

@@ -0,0 +1,75 @@
+import { describe, it, expect } from 'vitest';
+import { sanitizeHtml, stripHtml } from '../../security/sanitize';
+describe('sanitizeHtml', () => {
+    it('strips script tags', () => {
+        const input = '<p>Hello</p><script>alert("xss")</script>';
+        const result = sanitizeHtml(input);
+        expect(result).not.toContain('<script');
+        expect(result).toContain('<p>Hello</p>');
+    });
+    it('strips onerror attributes', () => {
+        const input = '<img src="x" onerror="alert(1)" alt="test" />';
+        const result = sanitizeHtml(input);
+        expect(result).not.toContain('onerror');
+        expect(result).toContain('alt="test"');
+    });
+    it('strips javascript: URLs from hrefs', () => {
+        const input = '<a href="javascript:alert(1)">click</a>';
+        const result = sanitizeHtml(input);
+        expect(result).not.toContain('javascript:');
+    });
+    it('preserves safe HTML', () => {
+        const input = '<h1>Title</h1><p>Text with <strong>bold</strong> and <a href="https://example.com">link</a></p>';
+        const result = sanitizeHtml(input);
+        expect(result).toContain('<h1>');
+        expect(result).toContain('<strong>bold</strong>');
+        expect(result).toContain('href="https://example.com"');
+    });
+    it('preserves image tags with allowed attributes', () => {
+        const input = '<img src="https://example.com/img.jpg" alt="photo" width="100" />';
+        const result = sanitizeHtml(input);
+        expect(result).toContain('src="https://example.com/img.jpg"');
+        expect(result).toContain('alt="photo"');
+    });
+    it('preserves tables', () => {
+        const input = '<table><thead><tr><th>Header</th></tr></thead><tbody><tr><td>Cell</td></tr></tbody></table>';
+        const result = sanitizeHtml(input);
+        expect(result).toContain('<table>');
+        expect(result).toContain('<th>Header</th>');
+        expect(result).toContain('<td>Cell</td>');
+    });
+    it('strips everything with stripAll option', () => {
+        const input = '<p>Hello <strong>world</strong></p>';
+        const result = sanitizeHtml(input, { stripAll: true });
+        expect(result).toBe('Hello world');
+    });
+    it('strips style tags', () => {
+        const input = '<style>body{display:none}</style><p>visible</p>';
+        const result = sanitizeHtml(input);
+        expect(result).not.toContain('<style');
+        expect(result).toContain('<p>visible</p>');
+    });
+    it('strips iframe tags', () => {
+        const input = '<iframe src="https://evil.com"></iframe><p>safe</p>';
+        const result = sanitizeHtml(input);
+        expect(result).not.toContain('<iframe');
+        expect(result).toContain('<p>safe</p>');
+    });
+});
+describe('stripHtml', () => {
+    it('returns plain text from HTML', () => {
+        const input = '<p>Hello <strong>world</strong></p>';
+        expect(stripHtml(input)).toBe('Hello world');
+    });
+    it('handles empty string', () => {
+        expect(stripHtml('')).toBe('');
+    });
+    it('strips nested tags', () => {
+        const input = '<div><ul><li>Item 1</li><li>Item 2</li></ul></div>';
+        const result = stripHtml(input);
+        expect(result).toContain('Item 1');
+        expect(result).toContain('Item 2');
+        expect(result).not.toContain('<');
+    });
+});
+//# sourceMappingURL=sanitize.test.js.map

package/dist/__tests__/security/sanitize.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitize.test.js","sourceRoot":"","sources":["../../../src/__tests__/security/sanitize.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAC;AAElE,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;IAC5B,EAAE,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAC5B,MAAM,KAAK,GAAG,2CAA2C,CAAC;QAC1D,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACnC,MAAM,KAAK,GAAG,+CAA+C,CAAC;QAC9D,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,KAAK,GAAG,yCAAyC,CAAC;QACxD,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qBAAqB,EAAE,GAAG,EAAE;QAC7B,MAAM,KAAK,GAAG,iGAAiG,CAAC;QAChH,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,uBAAuB,CAAC,CAAC;QAClD,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,4BAA4B,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;QACtD,MAAM,KAAK,GAAG,mEAAmE,CAAC;QAClF,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,mCAAmC,CAAC,CAAC;QAC9D,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kBAAkB,EAAE,GAAG,EAAE;QAC1B,MAAM,KAAK,GAAG,6FAA6F,CAAC;QAC5G,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACpC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;QAC5C,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,KAAK,GAAG,qCAAqC,CAAC;QACpD,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;QACvD,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mBAAmB,EAAE,GAAG,EAAE;QAC3B,MAAM,KAAK,GAAG,iDAAiD,CAAC;QAChE,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAC5B,MAAM,KAAK,GAAG,qDAAqD,CAAC;QACpE,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,WAAW,EAAE,GAAG,EAAE;IACzB,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;QACtC,MAAM,KAAK,GAAG,qCAAqC,CAAC;QACpD,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sBAAsB,EAAE,GAAG,EAAE;QAC9B,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAC5B,MAAM,KAAK,GAAG,oDAAoD,CAAC;QACnE,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QAChC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/__tests__/webhooks/webhooks.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=webhooks.test.d.ts.map

package/dist/__tests__/webhooks/webhooks.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"webhooks.test.d.ts","sourceRoot":"","sources":["../../../src/__tests__/webhooks/webhooks.test.ts"],"names":[],"mappings":""}