@actuate-media/cms-core 0.12.0 → 0.14.0

package/dist/__tests__/auth/reset.test.js

@@ -0,0 +1,303 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import { generateResetToken, hashToken, createPasswordReset, executePasswordReset, } from '../../auth/reset.js';
+import { verifyPassword } from '../../auth/password.js';
+function createFakeDb(initial = {}) {
+    const users = initial.users ?? [];
+    const tokens = [];
+    const sessions = initial.sessions ?? [];
+    const emailsSent = [];
+    const db = {
+        users,
+        tokens,
+        sessions,
+        emailsSent,
+        user: {
+            findFirst: vi.fn(async ({ where }) => {
+                const target = where.email.equals.toLowerCase();
+                return users.find((u) => u.email.toLowerCase() === target) ?? null;
+            }),
+            update: vi.fn(async ({ where, data }) => {
+                const u = users.find((u) => u.id === where.id);
+                if (u)
+                    Object.assign(u, data);
+                return u;
+            }),
+        },
+        passwordResetToken: {
+            findFirst: vi.fn(async ({ where }) => {
+                return (tokens.find((t) => t.tokenHash === where.tokenHash && t.usedAt === where.usedAt) ?? null);
+            }),
+            create: vi.fn(async ({ data }) => {
+                const user = users.find((u) => u.id === data.userId);
+                const t = {
+                    id: `rt_${tokens.length + 1}`,
+                    userId: data.userId,
+                    tokenHash: data.tokenHash,
+                    expiresAt: data.expiresAt,
+                    usedAt: null,
+                    user,
+                };
+                tokens.push(t);
+                return t;
+            }),
+            update: vi.fn(async ({ where, data }) => {
+                const t = tokens.find((t) => t.id === where.id);
+                if (t)
+                    Object.assign(t, data);
+                return t;
+            }),
+            updateMany: vi.fn(async ({ where, data }) => {
+                let count = 0;
+                for (const t of tokens) {
+                    if (t.userId === where.userId && t.usedAt === where.usedAt) {
+                        Object.assign(t, data);
+                        count++;
+                    }
+                }
+                return { count };
+            }),
+        },
+        session: {
+            updateMany: vi.fn(async ({ where, data }) => {
+                let count = 0;
+                for (const s of sessions) {
+                    if (s.userId === where.userId && s.revokedAt === where.revokedAt) {
+                        Object.assign(s, data);
+                        count++;
+                    }
+                }
+                return { count };
+            }),
+        },
+        $transaction: vi.fn(async (ops) => Promise.all(ops)),
+    };
+    return db;
+}
+const TEST_CONFIG = {
+    siteUrl: 'https://example.com',
+    platform: {
+        email: {
+            send: vi.fn(),
+        },
+    },
+};
+beforeEach(() => {
+    TEST_CONFIG.platform.email.send.mockClear();
+});
+// ─── Token generation ───────────────────────────────────────────────────
+describe('generateResetToken', () => {
+    it('returns a 64-char hex raw token (32 random bytes)', () => {
+        const t = generateResetToken();
+        expect(t.raw).toMatch(/^[0-9a-f]{64}$/);
+    });
+    it('returns a SHA-256 hash of the raw token', () => {
+        const t = generateResetToken();
+        expect(t.hash).toBe(hashToken(t.raw));
+        expect(t.hash).toMatch(/^[0-9a-f]{64}$/);
+    });
+    it('produces unique tokens (≥ 100 entropy bits)', () => {
+        const set = new Set(Array.from({ length: 200 }, () => generateResetToken().raw));
+        expect(set.size).toBe(200);
+    });
+});
+// ─── createPasswordReset (request flow) ─────────────────────────────────
+describe('createPasswordReset', () => {
+    it('silently succeeds for an unknown email (user enumeration defence)', async () => {
+        const db = createFakeDb();
+        await expect(createPasswordReset(db, 'unknown@example.com', TEST_CONFIG)).resolves.toBeUndefined();
+        expect(db.passwordResetToken.create).not.toHaveBeenCalled();
+        expect(TEST_CONFIG.platform.email.send).not.toHaveBeenCalled();
+    });
+    it('silently succeeds for a deactivated user (no token, no email)', async () => {
+        const db = createFakeDb({
+            users: [
+                {
+                    id: 'u_off',
+                    email: 'off@example.com',
+                    name: 'Off',
+                    isActive: false,
+                    passwordHash: 'pbkdf2:600000:a:b',
+                },
+            ],
+        });
+        await createPasswordReset(db, 'off@example.com', TEST_CONFIG);
+        expect(db.passwordResetToken.create).not.toHaveBeenCalled();
+        expect(TEST_CONFIG.platform.email.send).not.toHaveBeenCalled();
+    });
+    it('creates a token, expires prior outstanding tokens, and sends an email', async () => {
+        const db = createFakeDb({
+            users: [
+                {
+                    id: 'u_1',
+                    email: 'a@example.com',
+                    name: 'A',
+                    isActive: true,
+                    passwordHash: 'pbkdf2:600000:a:b',
+                },
+            ],
+        });
+        await createPasswordReset(db, 'a@example.com', TEST_CONFIG);
+        expect(db.passwordResetToken.updateMany).toHaveBeenCalledWith({
+            where: { userId: 'u_1', usedAt: null },
+            data: { usedAt: expect.any(Date) },
+        });
+        expect(db.passwordResetToken.create).toHaveBeenCalledOnce();
+        expect(TEST_CONFIG.platform.email.send).toHaveBeenCalledOnce();
+        const tokenRecord = db.tokens[0];
+        // Stored value is the hash, not the raw token
+        expect(tokenRecord.tokenHash).toMatch(/^[0-9a-f]{64}$/);
+        // 1 hour expiry, give or take a few seconds
+        const ttlMs = tokenRecord.expiresAt.getTime() - Date.now();
+        expect(ttlMs).toBeGreaterThan(59 * 60 * 1000);
+        expect(ttlMs).toBeLessThanOrEqual(60 * 60 * 1000 + 5_000);
+    });
+    it('puts a fresh raw token into the email URL (not the hash)', async () => {
+        const db = createFakeDb({
+            users: [
+                {
+                    id: 'u_1',
+                    email: 'a@example.com',
+                    name: 'A',
+                    isActive: true,
+                    passwordHash: null,
+                },
+            ],
+        });
+        await createPasswordReset(db, 'A@Example.com  ', TEST_CONFIG);
+        const sent = TEST_CONFIG.platform.email.send.mock.calls[0][0];
+        const tokenInUrl = sent.html.match(/token=([0-9a-f]{64})/)?.[1];
+        expect(tokenInUrl).toBeDefined();
+        expect(hashToken(tokenInUrl)).toBe(db.tokens[0].tokenHash);
+    });
+    it('normalises email casing/whitespace before lookup', async () => {
+        const db = createFakeDb({
+            users: [
+                {
+                    id: 'u_1',
+                    email: 'a@example.com',
+                    name: 'A',
+                    isActive: true,
+                    passwordHash: null,
+                },
+            ],
+        });
+        await createPasswordReset(db, '  A@Example.COM ', TEST_CONFIG);
+        expect(db.passwordResetToken.create).toHaveBeenCalledOnce();
+    });
+    it('does nothing when the email is empty / whitespace-only', async () => {
+        const db = createFakeDb();
+        await createPasswordReset(db, '   ', TEST_CONFIG);
+        expect(db.user.findFirst).not.toHaveBeenCalled();
+    });
+    it('skips email send gracefully when no email adapter is configured', async () => {
+        const db = createFakeDb({
+            users: [
+                {
+                    id: 'u_1',
+                    email: 'a@example.com',
+                    name: 'A',
+                    isActive: true,
+                    passwordHash: null,
+                },
+            ],
+        });
+        await createPasswordReset(db, 'a@example.com', { siteUrl: 'https://e.com' });
+        expect(db.passwordResetToken.create).toHaveBeenCalledOnce();
+        expect(TEST_CONFIG.platform.email.send).not.toHaveBeenCalled();
+    });
+});
+// ─── executePasswordReset (consume flow) ────────────────────────────────
+describe('executePasswordReset', () => {
+    function seedDbWithToken(opts = {}) {
+        const raw = '0'.repeat(64);
+        const db = createFakeDb({
+            users: [
+                {
+                    id: 'u_1',
+                    email: 'a@example.com',
+                    name: 'A',
+                    isActive: opts.isActive ?? true,
+                    passwordHash: null,
+                },
+            ],
+            sessions: [
+                { id: 's_active', userId: 'u_1', revokedAt: null },
+                { id: 's_other', userId: 'u_1', revokedAt: null },
+            ],
+        });
+        const t = {
+            id: 'rt_1',
+            userId: 'u_1',
+            tokenHash: hashToken(raw),
+            expiresAt: opts.expiresAt ?? new Date(Date.now() + 30 * 60 * 1000),
+            usedAt: opts.usedAt ?? null,
+            user: db.users[0],
+        };
+        db.tokens.push(t);
+        return { db, raw };
+    }
+    it('rejects an unknown token without leaking which user it belonged to', async () => {
+        const { db } = seedDbWithToken();
+        const result = await executePasswordReset(db, 'a-token-that-does-not-exist', 'P@ssword1234');
+        expect(result.success).toBe(false);
+        expect(result.error).toBe('Invalid or expired reset link.');
+        expect(db.user.update).not.toHaveBeenCalled();
+    });
+    it('rejects an expired token', async () => {
+        const { db, raw } = seedDbWithToken({
+            expiresAt: new Date(Date.now() - 60 * 1000),
+        });
+        const result = await executePasswordReset(db, raw, 'P@ssword1234');
+        expect(result.success).toBe(false);
+        expect(result.error).toMatch(/expired/i);
+        expect(db.user.update).not.toHaveBeenCalled();
+    });
+    it('rejects a token that has already been used (single-use)', async () => {
+        const { db, raw } = seedDbWithToken({ usedAt: new Date(Date.now() - 1000) });
+        const result = await executePasswordReset(db, raw, 'P@ssword1234');
+        expect(result.success).toBe(false);
+        // The "usedAt: null" filter means the token isn't found -> generic error.
+        expect(result.error).toBe('Invalid or expired reset link.');
+    });
+    it('rejects when the underlying user is deactivated', async () => {
+        const { db, raw } = seedDbWithToken({ isActive: false });
+        const result = await executePasswordReset(db, raw, 'P@ssword1234');
+        expect(result.success).toBe(false);
+        expect(result.error).toMatch(/deactivated/i);
+    });
+    it('rejects passwords that do not meet the default policy', async () => {
+        const { db, raw } = seedDbWithToken();
+        const tooShort = await executePasswordReset(db, raw, 'short1A');
+        expect(tooShort.success).toBe(false);
+        const noUpper = await executePasswordReset(db, raw, 'lowercase-only-1234');
+        expect(noUpper.success).toBe(false);
+        const noNumber = await executePasswordReset(db, raw, 'NoNumbersAtAll!');
+        expect(noNumber.success).toBe(false);
+    });
+    it('updates the password, marks the token used, and revokes all sessions atomically', async () => {
+        const { db, raw } = seedDbWithToken();
+        const result = await executePasswordReset(db, raw, 'F#reshPassword2026!');
+        expect(result.success).toBe(true);
+        expect(db.$transaction).toHaveBeenCalledOnce();
+        // 1. Password hash was updated
+        const user = db.users[0];
+        expect(user.passwordHash).toBeTruthy();
+        expect(user.passwordHash).toMatch(/^pbkdf2:/);
+        // 2. New password actually verifies against the stored hash
+        expect(await verifyPassword('F#reshPassword2026!', user.passwordHash)).toBe(true);
+        // 3. Token is marked used (single-use enforced for replay attempts)
+        const t = db.tokens[0];
+        expect(t.usedAt).toBeInstanceOf(Date);
+        // 4. All non-revoked sessions revoked
+        expect(db.sessions.every((s) => s.revokedAt !== null)).toBe(true);
+    });
+    it('a second use of the same token after a successful reset is rejected', async () => {
+        const { db, raw } = seedDbWithToken();
+        const first = await executePasswordReset(db, raw, 'F#reshPassword2026!');
+        expect(first.success).toBe(true);
+        const second = await executePasswordReset(db, raw, 'AnotherV@lidPwd2026!');
+        expect(second.success).toBe(false);
+        expect(second.error).toBe('Invalid or expired reset link.');
+    });
+});
+//# sourceMappingURL=reset.test.js.map

package/dist/__tests__/auth/reset.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"reset.test.js","sourceRoot":"","sources":["../../../src/__tests__/auth/reset.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AAC7D,OAAO,EACL,kBAAkB,EAClB,SAAS,EACT,mBAAmB,EACnB,oBAAoB,GACrB,MAAM,qBAAqB,CAAA;AAC5B,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAA;AAyBvD,SAAS,YAAY,CAAC,UAA4D,EAAE;IAClF,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,EAAE,CAAA;IACjC,MAAM,MAAM,GAAqB,EAAE,CAAA;IACnC,MAAM,QAAQ,GAAkB,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAA;IACtD,MAAM,UAAU,GAA2C,EAAE,CAAA;IAE7D,MAAM,EAAE,GAAG;QACT,KAAK;QACL,MAAM;QACN,QAAQ;QACR,UAAU;QACV,IAAI,EAAE;YACJ,SAAS,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,EAAE,KAAK,EAAO,EAAE,EAAE;gBACxC,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,WAAW,EAAE,CAAA;gBAC/C,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,EAAE,KAAK,MAAM,CAAC,IAAI,IAAI,CAAA;YACpE,CAAC,CAAC;YACF,MAAM,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,EAAO,EAAE,EAAE;gBAC3C,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,KAAK,CAAC,EAAE,CAAC,CAAA;gBAC9C,IAAI,CAAC;oBAAE,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,CAAA;gBAC7B,OAAO,CAAE,CAAA;YACX,CAAC,CAAC;SACH;QACD,kBAAkB,EAAE;YAClB,SAAS,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,EAAE,KAAK,EAAO,EAAE,EAAE;gBACxC,OAAO,CACL,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,KAAK,CAAC,SAAS,IAAI,CAAC,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM,CAAC,IAAI,IAAI,CACzF,CAAA;YACH,CAAC,CAAC;YACF,MAAM,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,EAAE,IAAI,EAAO,EAAE,EAAE;gBACpC,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,CAAC,MAAM,CAAE,CAAA;gBACrD,MAAM,CAAC,GAAmB;oBACxB,EAAE,EAAE,MAAM,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE;oBAC7B,MAAM,EAAE,IAAI,CAAC,MAAM;oBACnB,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,MAAM,EAAE,IAAI;oBACZ,IAAI;iBACL,CAAA;gBACD,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;gBACd,OAAO,CAAC,CAAA;YACV,CAAC,CAAC;YACF,MAAM,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,EAAO,EAAE,EAAE;gBAC3C,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,KAAK,CAAC,EAAE,CAAC,CAAA;gBAC/C,IAAI,CAAC;oBAAE,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,CAAA;gBAC7B,OAAO,CAAE,CAAA;YACX,CAAC,CAAC;YACF,UAAU,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,EAAO,EAAE,EAAE;gBAC/C,IAAI,KAAK,GAAG,CAAC,CAAA;gBACb,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;oBACvB,IAAI,CAAC,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM,IAAI,CAAC,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM,EAAE,CAAC;wBAC3D,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,CAAA;wBACtB,KAAK,EAAE,CAAA;oBACT,CAAC;gBACH,CAAC;gBACD,OAAO,EAAE,KAAK,EAAE,CAAA;YAClB,CAAC,CAAC;SACH;QACD,OAAO,EAAE;YACP,UAAU,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,EAAO,EAAE,EAAE;gBAC/C,IAAI,KAAK,GAAG,CAAC,CAAA;gBACb,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;oBACzB,IAAI,CAAC,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM,IAAI,CAAC,CAAC,SAAS,KAAK,KAAK,CAAC,SAAS,EAAE,CAAC;wBACjE,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,CAAA;wBACtB,KAAK,EAAE,CAAA;oBACT,CAAC;gBACH,CAAC;gBACD,OAAO,EAAE,KAAK,EAAE,CAAA;YAClB,CAAC,CAAC;SACH;QACD,YAAY,EAAE,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,GAAuB,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;KACzE,CAAA;IACD,OAAO,EAAE,CAAA;AACX,CAAC;AAED,MAAM,WAAW,GAAG;IAClB,OAAO,EAAE,qBAAqB;IAC9B,QAAQ,EAAE;QACR,KAAK,EAAE;YACL,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE;SACd;KACF;CACF,CAAA;AAED,UAAU,CAAC,GAAG,EAAE;IACd,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE,CAAA;AAC7C,CAAC,CAAC,CAAA;AAEF,2EAA2E;AAE3E,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC3D,MAAM,CAAC,GAAG,kBAAkB,EAAE,CAAA;QAC9B,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAA;IACzC,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,MAAM,CAAC,GAAG,kBAAkB,EAAE,CAAA;QAC9B,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;QACrC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAA;IAC1C,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,EAAE,CAAC,kBAAkB,EAAE,CAAC,GAAG,CAAC,CAAC,CAAA;QAChF,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAC5B,CAAC,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,2EAA2E;AAE3E,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,EAAE,CAAC,mEAAmE,EAAE,KAAK,IAAI,EAAE;QACjF,MAAM,EAAE,GAAG,YAAY,EAAE,CAAA;QACzB,MAAM,MAAM,CACV,mBAAmB,CAAC,EAAE,EAAE,qBAAqB,EAAE,WAAW,CAAC,CAC5D,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAA;QAC1B,MAAM,CAAC,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;QAC3D,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;IAChE,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,+DAA+D,EAAE,KAAK,IAAI,EAAE;QAC7E,MAAM,EAAE,GAAG,YAAY,CAAC;YACtB,KAAK,EAAE;gBACL;oBACE,EAAE,EAAE,OAAO;oBACX,KAAK,EAAE,iBAAiB;oBACxB,IAAI,EAAE,KAAK;oBACX,QAAQ,EAAE,KAAK;oBACf,YAAY,EAAE,mBAAmB;iBAClC;aACF;SACF,CAAC,CAAA;QACF,MAAM,mBAAmB,CAAC,EAAE,EAAE,iBAAiB,EAAE,WAAW,CAAC,CAAA;QAC7D,MAAM,CAAC,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;QAC3D,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;IAChE,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,uEAAuE,EAAE,KAAK,IAAI,EAAE;QACrF,MAAM,EAAE,GAAG,YAAY,CAAC;YACtB,KAAK,EAAE;gBACL;oBACE,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE,eAAe;oBACtB,IAAI,EAAE,GAAG;oBACT,QAAQ,EAAE,IAAI;oBACd,YAAY,EAAE,mBAAmB;iBAClC;aACF;SACF,CAAC,CAAA;QACF,MAAM,mBAAmB,CAAC,EAAE,EAAE,eAAe,EAAE,WAAW,CAAC,CAAA;QAC3D,MAAM,CAAC,EAAE,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC,oBAAoB,CAAC;YAC5D,KAAK,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE;YACtC,IAAI,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;SACnC,CAAC,CAAA;QACF,MAAM,CAAC,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,oBAAoB,EAAE,CAAA;QAC3D,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,oBAAoB,EAAE,CAAA;QAE9D,MAAM,WAAW,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,CAAE,CAAA;QACjC,8CAA8C;QAC9C,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAA;QACvD,4CAA4C;QAC5C,MAAM,KAAK,GAAG,WAAW,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QAC1D,MAAM,CAAC,KAAK,CAAC,CAAC,eAAe,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;QAC7C,MAAM,CAAC,KAAK,CAAC,CAAC,mBAAmB,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,GAAG,KAAK,CAAC,CAAA;IAC3D,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,0DAA0D,EAAE,KAAK,IAAI,EAAE;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC;YACtB,KAAK,EAAE;gBACL;oBACE,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE,eAAe;oBACtB,IAAI,EAAE,GAAG;oBACT,QAAQ,EAAE,IAAI;oBACd,YAAY,EAAE,IAAI;iBACnB;aACF;SACF,CAAC,CAAA;QACF,MAAM,mBAAmB,CAAC,EAAE,EAAE,iBAAiB,EAAE,WAAW,CAAC,CAAA;QAC7D,MAAM,IAAI,GAAG,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,CAAC,CAAE,CAAA;QAC/D,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,sBAAsB,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;QAC/D,MAAM,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAA;QAChC,MAAM,CAAC,SAAS,CAAC,UAAW,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC,SAAS,CAAC,CAAA;IAC9D,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;QAChE,MAAM,EAAE,GAAG,YAAY,CAAC;YACtB,KAAK,EAAE;gBACL;oBACE,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE,eAAe;oBACtB,IAAI,EAAE,GAAG;oBACT,QAAQ,EAAE,IAAI;oBACd,YAAY,EAAE,IAAI;iBACnB;aACF;SACF,CAAC,CAAA;QACF,MAAM,mBAAmB,CAAC,EAAE,EAAE,kBAAkB,EAAE,WAAW,CAAC,CAAA;QAC9D,MAAM,CAAC,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,oBAAoB,EAAE,CAAA;IAC7D,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACtE,MAAM,EAAE,GAAG,YAAY,EAAE,CAAA;QACzB,MAAM,mBAAmB,CAAC,EAAE,EAAE,KAAK,EAAE,WAAW,CAAC,CAAA;QACjD,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;IAClD,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,iEAAiE,EAAE,KAAK,IAAI,EAAE;QAC/E,MAAM,EAAE,GAAG,YAAY,CAAC;YACtB,KAAK,EAAE;gBACL;oBACE,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE,eAAe;oBACtB,IAAI,EAAE,GAAG;oBACT,QAAQ,EAAE,IAAI;oBACd,YAAY,EAAE,IAAI;iBACnB;aACF;SACF,CAAC,CAAA;QACF,MAAM,mBAAmB,CAAC,EAAE,EAAE,eAAe,EAAE,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,CAAA;QAC5E,MAAM,CAAC,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,oBAAoB,EAAE,CAAA;QAC3D,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;IAChE,CAAC,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,2EAA2E;AAE3E,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,SAAS,eAAe,CACtB,OAII,EAAE;QAEN,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;QAC1B,MAAM,EAAE,GAAG,YAAY,CAAC;YACtB,KAAK,EAAE;gBACL;oBACE,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE,eAAe;oBACtB,IAAI,EAAE,GAAG;oBACT,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,IAAI;oBAC/B,YAAY,EAAE,IAAI;iBACnB;aACF;YACD,QAAQ,EAAE;gBACR,EAAE,EAAE,EAAE,UAAU,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE;gBAClD,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE;aAClD;SACF,CAAC,CAAA;QACF,MAAM,CAAC,GAAmB;YACxB,EAAE,EAAE,MAAM;YACV,MAAM,EAAE,KAAK;YACb,SAAS,EAAE,SAAS,CAAC,GAAG,CAAC;YACzB,SAAS,EAAE,IAAI,CAAC,SAAS,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;YAClE,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,IAAI;YAC3B,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAE;SACnB,CAAA;QACD,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACjB,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,CAAA;IACpB,CAAC;IAED,EAAE,CAAC,oEAAoE,EAAE,KAAK,IAAI,EAAE;QAClF,MAAM,EAAE,EAAE,EAAE,GAAG,eAAe,EAAE,CAAA;QAChC,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,EAAE,EAAE,6BAA6B,EAAE,cAAc,CAAC,CAAA;QAC5F,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAClC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAA;QAC3D,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;IAC/C,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,0BAA0B,EAAE,KAAK,IAAI,EAAE;QACxC,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,eAAe,CAAC;YAClC,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;SAC5C,CAAC,CAAA;QACF,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,EAAE,EAAE,GAAG,EAAE,cAAc,CAAC,CAAA;QAClE,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAClC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;QACxC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;IAC/C,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;QACvE,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,eAAe,CAAC,EAAE,MAAM,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC,CAAA;QAC5E,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,EAAE,EAAE,GAAG,EAAE,cAAc,CAAC,CAAA;QAClE,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAClC,0EAA0E;QAC1E,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAA;IAC7D,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QAC/D,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,eAAe,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAA;QACxD,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,EAAE,EAAE,GAAG,EAAE,cAAc,CAAC,CAAA;QAClE,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAClC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;IAC9C,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,uDAAuD,EAAE,KAAK,IAAI,EAAE;QACrE,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,eAAe,EAAE,CAAA;QACrC,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CAAC,EAAE,EAAE,GAAG,EAAE,SAAS,CAAC,CAAA;QAC/D,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAEpC,MAAM,OAAO,GAAG,MAAM,oBAAoB,CAAC,EAAE,EAAE,GAAG,EAAE,qBAAqB,CAAC,CAAA;QAC1E,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAEnC,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CAAC,EAAE,EAAE,GAAG,EAAE,iBAAiB,CAAC,CAAA;QACvE,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;IACtC,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,iFAAiF,EAAE,KAAK,IAAI,EAAE;QAC/F,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,eAAe,EAAE,CAAA;QACrC,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,EAAE,EAAE,GAAG,EAAE,qBAAqB,CAAC,CAAA;QACzE,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,CAAC,EAAE,CAAC,YAAY,CAAC,CAAC,oBAAoB,EAAE,CAAA;QAE9C,+BAA+B;QAC/B,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAE,CAAA;QACzB,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,UAAU,EAAE,CAAA;QACtC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;QAC7C,4DAA4D;QAC5D,MAAM,CAAC,MAAM,cAAc,CAAC,qBAAqB,EAAE,IAAI,CAAC,YAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAClF,oEAAoE;QACpE,MAAM,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,CAAE,CAAA;QACvB,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,CAAA;QACrC,sCAAsC;QACtC,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACnE,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,qEAAqE,EAAE,KAAK,IAAI,EAAE;QACnF,MAAM,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,eAAe,EAAE,CAAA;QACrC,MAAM,KAAK,GAAG,MAAM,oBAAoB,CAAC,EAAE,EAAE,GAAG,EAAE,qBAAqB,CAAC,CAAA;QACxE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAChC,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,EAAE,EAAE,GAAG,EAAE,sBAAsB,CAAC,CAAA;QAC1E,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAClC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAA;IAC7D,CAAC,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA"}

package/dist/__tests__/diagnostics/env.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=env.test.d.ts.map

package/dist/__tests__/diagnostics/env.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"env.test.d.ts","sourceRoot":"","sources":["../../../src/__tests__/diagnostics/env.test.ts"],"names":[],"mappings":""}

package/dist/__tests__/diagnostics/env.test.js

@@ -0,0 +1,119 @@
+import { describe, it, expect } from 'vitest';
+import { validateEnvShape } from '../../diagnostics/env.js';
+function envFrom(values) {
+    return { get: (name) => values[name] };
+}
+describe('validateEnvShape', () => {
+    it('returns ok=false when CMS_SECRET is missing', () => {
+        const r = validateEnvShape(envFrom({ DATABASE_URL: 'postgres://x' }));
+        expect(r.ok).toBe(false);
+        const secret = r.checks.find((c) => c.name === 'CMS_SECRET');
+        expect(secret?.status).toBe('missing');
+    });
+    it('flags a CMS_SECRET shorter than 32 chars as an error', () => {
+        const r = validateEnvShape(envFrom({
+            CMS_SECRET: 'too-short',
+            DATABASE_URL: 'postgres://x',
+        }));
+        expect(r.ok).toBe(false);
+        expect(r.checks.find((c) => c.name === 'CMS_SECRET')?.status).toBe('error');
+    });
+    it('flags placeholder-looking CMS_SECRET values', () => {
+        const r = validateEnvShape(envFrom({
+            CMS_SECRET: 'change-me-in-prod-this-is-a-placeholder-string-xx',
+            DATABASE_URL: 'postgres://x',
+        }));
+        expect(r.checks.find((c) => c.name === 'CMS_SECRET')?.status).toBe('error');
+    });
+    it('flags a CMS_ENCRYPTION_KEY that is not 64 hex chars', () => {
+        const r = validateEnvShape(envFrom({
+            CMS_SECRET: 'a'.repeat(40),
+            DATABASE_URL: 'postgres://x',
+            CMS_ENCRYPTION_KEY: 'aes256-local-dev-key-change-in-prod',
+        }));
+        expect(r.ok).toBe(false);
+        const enc = r.checks.find((c) => c.name === 'CMS_ENCRYPTION_KEY');
+        expect(enc?.status).toBe('error');
+    });
+    it('accepts a valid 64-hex-char CMS_ENCRYPTION_KEY', () => {
+        const r = validateEnvShape(envFrom({
+            CMS_SECRET: 'a'.repeat(40),
+            DATABASE_URL: 'postgres://x',
+            CMS_ENCRYPTION_KEY: 'a1b2'.repeat(16), // 64 hex chars
+        }));
+        expect(r.checks.find((c) => c.name === 'CMS_ENCRYPTION_KEY')?.status).toBe('ok');
+    });
+    it('flags non-hex chars in the encryption key', () => {
+        const r = validateEnvShape(envFrom({
+            CMS_SECRET: 'a'.repeat(40),
+            DATABASE_URL: 'postgres://x',
+            CMS_ENCRYPTION_KEY: 'z'.repeat(64), // wrong alphabet
+        }));
+        expect(r.checks.find((c) => c.name === 'CMS_ENCRYPTION_KEY')?.status).toBe('error');
+    });
+    it('flags an invalid Upstash URL when only one of URL/token is set', () => {
+        const r = validateEnvShape(envFrom({
+            CMS_SECRET: 'a'.repeat(40),
+            DATABASE_URL: 'postgres://x',
+            UPSTASH_REDIS_REST_URL: 'https://r.upstash.io',
+            // no token
+        }));
+        expect(r.checks.find((c) => c.name === 'UPSTASH_REDIS_REST_TOKEN')?.status).toBe('error');
+    });
+    it('flags a CRON_SECRET that is too short', () => {
+        const r = validateEnvShape(envFrom({
+            CMS_SECRET: 'a'.repeat(40),
+            DATABASE_URL: 'postgres://x',
+            CRON_SECRET: 'short',
+        }));
+        expect(r.checks.find((c) => c.name === 'CRON_SECRET')?.status).toBe('error');
+    });
+    it('returns ok=true when every required var is well-formed', () => {
+        const r = validateEnvShape(envFrom({
+            CMS_SECRET: 'a'.repeat(40),
+            DATABASE_URL: 'postgres://user:pass@host:5432/db',
+            CMS_ENCRYPTION_KEY: 'a1b2'.repeat(16),
+            CRON_SECRET: 'a-real-cron-secret-of-sufficient-length',
+            BLOB_READ_WRITE_TOKEN: 'vercel_blob_rw_xxx',
+            RESEND_API_KEY: 're_xxx',
+        }));
+        expect(r.ok).toBe(true);
+        expect(r.errorCount).toBe(0);
+    });
+    // Bugbot review (PR #41): the unauthenticated /health endpoint surfaces
+    // these messages, and the previous "ok" wording (`Configured (42 chars).`)
+    // leaked exact secret lengths to anyone who could reach the URL — narrowing
+    // brute-force search space with no operational benefit. Lengths must not
+    // appear in any "ok" message.
+    it.each([
+        [
+            'CMS_SECRET',
+            {
+                CMS_SECRET: 'a'.repeat(42),
+                DATABASE_URL: 'postgres://x',
+            },
+        ],
+        [
+            'CMS_ENCRYPTION_KEY',
+            {
+                CMS_SECRET: 'a'.repeat(40),
+                DATABASE_URL: 'postgres://x',
+                CMS_ENCRYPTION_KEY: 'a1b2'.repeat(16),
+            },
+        ],
+        [
+            'CRON_SECRET',
+            {
+                CMS_SECRET: 'a'.repeat(40),
+                DATABASE_URL: 'postgres://x',
+                CRON_SECRET: 'a-real-cron-secret-of-sufficient-length',
+            },
+        ],
+    ])('does not include exact length in the "ok" message for %s', (name, env) => {
+        const r = validateEnvShape(envFrom(env));
+        const check = r.checks.find((c) => c.name === name);
+        expect(check?.status).toBe('ok');
+        expect(check?.message ?? '').not.toMatch(/\d+\s*chars?/i);
+    });
+});
+//# sourceMappingURL=env.test.js.map

package/dist/__tests__/diagnostics/env.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"env.test.js","sourceRoot":"","sources":["../../../src/__tests__/diagnostics/env.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAC7C,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAA;AAE3D,SAAS,OAAO,CAAC,MAA0C;IACzD,OAAO,EAAE,GAAG,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAA;AAChD,CAAC;AAED,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;IAChC,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,MAAM,CAAC,GAAG,gBAAgB,CAAC,OAAO,CAAC,EAAE,YAAY,EAAE,cAAc,EAAE,CAAC,CAAC,CAAA;QACrE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QACxB,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,CAAC,CAAA;QAC5D,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IACxC,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;QAC9D,MAAM,CAAC,GAAG,gBAAgB,CACxB,OAAO,CAAC;YACN,UAAU,EAAE,WAAW;YACvB,YAAY,EAAE,cAAc;SAC7B,CAAC,CACH,CAAA;QACD,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QACxB,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IAC7E,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,MAAM,CAAC,GAAG,gBAAgB,CACxB,OAAO,CAAC;YACN,UAAU,EAAE,mDAAmD;YAC/D,YAAY,EAAE,cAAc;SAC7B,CAAC,CACH,CAAA;QACD,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IAC7E,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;QAC7D,MAAM,CAAC,GAAG,gBAAgB,CACxB,OAAO,CAAC;YACN,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YAC1B,YAAY,EAAE,cAAc;YAC5B,kBAAkB,EAAE,qCAAqC;SAC1D,CAAC,CACH,CAAA;QACD,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QACxB,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,oBAAoB,CAAC,CAAA;QACjE,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACnC,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,MAAM,CAAC,GAAG,gBAAgB,CACxB,OAAO,CAAC;YACN,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YAC1B,YAAY,EAAE,cAAc;YAC5B,kBAAkB,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,eAAe;SACvD,CAAC,CACH,CAAA;QACD,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,oBAAoB,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAClF,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,CAAC,GAAG,gBAAgB,CACxB,OAAO,CAAC;YACN,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YAC1B,YAAY,EAAE,cAAc;YAC5B,kBAAkB,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,iBAAiB;SACtD,CAAC,CACH,CAAA;QACD,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,oBAAoB,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACrF,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,gEAAgE,EAAE,GAAG,EAAE;QACxE,MAAM,CAAC,GAAG,gBAAgB,CACxB,OAAO,CAAC;YACN,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YAC1B,YAAY,EAAE,cAAc;YAC5B,sBAAsB,EAAE,sBAAsB;YAC9C,WAAW;SACZ,CAAC,CACH,CAAA;QACD,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,0BAA0B,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IAC3F,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,CAAC,GAAG,gBAAgB,CACxB,OAAO,CAAC;YACN,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YAC1B,YAAY,EAAE,cAAc;YAC5B,WAAW,EAAE,OAAO;SACrB,CAAC,CACH,CAAA;QACD,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,aAAa,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IAC9E,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;QAChE,MAAM,CAAC,GAAG,gBAAgB,CACxB,OAAO,CAAC;YACN,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YAC1B,YAAY,EAAE,mCAAmC;YACjD,kBAAkB,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;YACrC,WAAW,EAAE,yCAAyC;YACtD,qBAAqB,EAAE,oBAAoB;YAC3C,cAAc,EAAE,QAAQ;SACzB,CAAC,CACH,CAAA;QACD,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACvB,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IAC9B,CAAC,CAAC,CAAA;IAEF,wEAAwE;IACxE,2EAA2E;IAC3E,4EAA4E;IAC5E,yEAAyE;IACzE,8BAA8B;IAC9B,EAAE,CAAC,IAAI,CAAC;QACN;YACE,YAAY;YACZ;gBACE,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1B,YAAY,EAAE,cAAc;aAC7B;SACF;QACD;YACE,oBAAoB;YACpB;gBACE,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1B,YAAY,EAAE,cAAc;gBAC5B,kBAAkB,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;aACtC;SACF;QACD;YACE,aAAa;YACb;gBACE,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1B,YAAY,EAAE,cAAc;gBAC5B,WAAW,EAAE,yCAAyC;aACvD;SACF;KACF,CAAC,CAAC,0DAA0D,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QAC3E,MAAM,CAAC,GAAG,gBAAgB,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAA;QACxC,MAAM,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAA;QACnD,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAChC,MAAM,CAAC,KAAK,EAAE,OAAO,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,CAAA;IAC3D,CAAC,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA"}

package/dist/__tests__/diagnostics/logger.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=logger.test.d.ts.map

package/dist/__tests__/diagnostics/logger.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.test.d.ts","sourceRoot":"","sources":["../../../src/__tests__/diagnostics/logger.test.ts"],"names":[],"mappings":""}

package/dist/__tests__/diagnostics/logger.test.js

@@ -0,0 +1,111 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { createLogger } from '../../diagnostics/logger.js';
+describe('createLogger', () => {
+    const errorSpy = vi.spyOn(console, 'error').mockImplementation(() => { });
+    const warnSpy = vi.spyOn(console, 'warn').mockImplementation(() => { });
+    const infoSpy = vi.spyOn(console, 'info').mockImplementation(() => { });
+    const debugSpy = vi.spyOn(console, 'debug').mockImplementation(() => { });
+    const originalLevel = process.env.ACTUATE_LOG_LEVEL;
+    const originalFormat = process.env.ACTUATE_LOG_FORMAT;
+    const originalNodeEnv = process.env.NODE_ENV;
+    beforeEach(() => {
+        errorSpy.mockClear();
+        warnSpy.mockClear();
+        infoSpy.mockClear();
+        debugSpy.mockClear();
+    });
+    afterEach(() => {
+        if (originalLevel === undefined)
+            delete process.env.ACTUATE_LOG_LEVEL;
+        else
+            process.env.ACTUATE_LOG_LEVEL = originalLevel;
+        if (originalFormat === undefined)
+            delete process.env.ACTUATE_LOG_FORMAT;
+        else
+            process.env.ACTUATE_LOG_FORMAT = originalFormat;
+        if (originalNodeEnv === undefined)
+            delete process.env.NODE_ENV;
+        else
+            process.env.NODE_ENV = originalNodeEnv;
+    });
+    it('emits all levels by default in non-production', () => {
+        delete process.env.NODE_ENV;
+        delete process.env.ACTUATE_LOG_LEVEL;
+        const log = createLogger('test');
+        log.error('e');
+        log.warn('w');
+        log.info('i');
+        log.debug('d');
+        expect(errorSpy).toHaveBeenCalled();
+        expect(warnSpy).toHaveBeenCalled();
+        expect(infoSpy).toHaveBeenCalled();
+        // info-level default does NOT include debug
+        expect(debugSpy).not.toHaveBeenCalled();
+    });
+    it('silences info+debug when level=warn', () => {
+        process.env.ACTUATE_LOG_LEVEL = 'warn';
+        const log = createLogger('test');
+        log.error('e');
+        log.warn('w');
+        log.info('i');
+        log.debug('d');
+        expect(errorSpy).toHaveBeenCalled();
+        expect(warnSpy).toHaveBeenCalled();
+        expect(infoSpy).not.toHaveBeenCalled();
+        expect(debugSpy).not.toHaveBeenCalled();
+    });
+    it('only emits errors when level=error', () => {
+        process.env.ACTUATE_LOG_LEVEL = 'error';
+        const log = createLogger('test');
+        log.error('e');
+        log.warn('w');
+        log.info('i');
+        expect(errorSpy).toHaveBeenCalled();
+        expect(warnSpy).not.toHaveBeenCalled();
+        expect(infoSpy).not.toHaveBeenCalled();
+    });
+    it('emits nothing when level=silent', () => {
+        process.env.ACTUATE_LOG_LEVEL = 'silent';
+        const log = createLogger('test');
+        log.error('e');
+        log.warn('w');
+        expect(errorSpy).not.toHaveBeenCalled();
+        expect(warnSpy).not.toHaveBeenCalled();
+    });
+    it('defaults to warn in NODE_ENV=production', () => {
+        process.env.NODE_ENV = 'production';
+        delete process.env.ACTUATE_LOG_LEVEL;
+        const log = createLogger('test');
+        log.error('e');
+        log.warn('w');
+        log.info('i');
+        expect(errorSpy).toHaveBeenCalled();
+        expect(warnSpy).toHaveBeenCalled();
+        expect(infoSpy).not.toHaveBeenCalled();
+    });
+    it('emits one-line JSON when format=json', () => {
+        process.env.ACTUATE_LOG_LEVEL = 'info';
+        process.env.ACTUATE_LOG_FORMAT = 'json';
+        const log = createLogger('rate-limit');
+        log.error('boom', { reason: 'upstream-down', retry: 3 });
+        expect(errorSpy).toHaveBeenCalledOnce();
+        const line = errorSpy.mock.calls[0][0];
+        expect(typeof line).toBe('string');
+        const parsed = JSON.parse(line);
+        expect(parsed.level).toBe('error');
+        expect(parsed.scope).toBe('rate-limit');
+        expect(parsed.msg).toBe('boom');
+        expect(parsed.details).toEqual({ reason: 'upstream-down', retry: 3 });
+        expect(typeof parsed.ts).toBe('string');
+    });
+    it('uses [actuate][scope] prefix in text mode', () => {
+        process.env.ACTUATE_LOG_LEVEL = 'info';
+        delete process.env.ACTUATE_LOG_FORMAT;
+        const log = createLogger('rate-limit');
+        log.warn('hi');
+        expect(warnSpy).toHaveBeenCalledOnce();
+        expect(warnSpy.mock.calls[0][0]).toBe('[actuate][rate-limit]');
+        expect(warnSpy.mock.calls[0][1]).toBe('hi');
+    });
+});
+//# sourceMappingURL=logger.test.js.map

package/dist/__tests__/diagnostics/logger.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.test.js","sourceRoot":"","sources":["../../../src/__tests__/diagnostics/logger.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAA;AACxE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAA;AAE1D,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;IAC5B,MAAM,QAAQ,GAAG,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;IACxE,MAAM,OAAO,GAAG,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;IACtE,MAAM,OAAO,GAAG,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;IACtE,MAAM,QAAQ,GAAG,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;IAExE,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAA;IACnD,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAA;IACrD,MAAM,eAAe,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAA;IAE5C,UAAU,CAAC,GAAG,EAAE;QACd,QAAQ,CAAC,SAAS,EAAE,CAAA;QACpB,OAAO,CAAC,SAAS,EAAE,CAAA;QACnB,OAAO,CAAC,SAAS,EAAE,CAAA;QACnB,QAAQ,CAAC,SAAS,EAAE,CAAA;IACtB,CAAC,CAAC,CAAA;IAEF,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,aAAa,KAAK,SAAS;YAAE,OAAO,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAA;;YAChE,OAAO,CAAC,GAAG,CAAC,iBAAiB,GAAG,aAAa,CAAA;QAClD,IAAI,cAAc,KAAK,SAAS;YAAE,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAA;;YAClE,OAAO,CAAC,GAAG,CAAC,kBAAkB,GAAG,cAAc,CAAA;QACpD,IAAI,eAAe,KAAK,SAAS;YAAE,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAA;;YACzD,OAAO,CAAC,GAAG,CAAC,QAAQ,GAAG,eAAe,CAAA;IAC7C,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAA;QAC3B,OAAO,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAA;QACpC,MAAM,GAAG,GAAG,YAAY,CAAC,MAAM,CAAC,CAAA;QAChC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACd,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QACb,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QACb,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACd,MAAM,CAAC,QAAQ,CAAC,CAAC,gBAAgB,EAAE,CAAA;QACnC,MAAM,CAAC,OAAO,CAAC,CAAC,gBAAgB,EAAE,CAAA;QAClC,MAAM,CAAC,OAAO,CAAC,CAAC,gBAAgB,EAAE,CAAA;QAClC,4CAA4C;QAC5C,MAAM,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;IACzC,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;QAC7C,OAAO,CAAC,GAAG,CAAC,iBAAiB,GAAG,MAAM,CAAA;QACtC,MAAM,GAAG,GAAG,YAAY,CAAC,MAAM,CAAC,CAAA;QAChC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACd,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QACb,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QACb,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACd,MAAM,CAAC,QAAQ,CAAC,CAAC,gBAAgB,EAAE,CAAA;QACnC,MAAM,CAAC,OAAO,CAAC,CAAC,gBAAgB,EAAE,CAAA;QAClC,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;QACtC,MAAM,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;IACzC,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,OAAO,CAAC,GAAG,CAAC,iBAAiB,GAAG,OAAO,CAAA;QACvC,MAAM,GAAG,GAAG,YAAY,CAAC,MAAM,CAAC,CAAA;QAChC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACd,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QACb,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QACb,MAAM,CAAC,QAAQ,CAAC,CAAC,gBAAgB,EAAE,CAAA;QACnC,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;QACtC,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;IACxC,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,OAAO,CAAC,GAAG,CAAC,iBAAiB,GAAG,QAAQ,CAAA;QACxC,MAAM,GAAG,GAAG,YAAY,CAAC,MAAM,CAAC,CAAA;QAChC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACd,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QACb,MAAM,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;QACvC,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;IACxC,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,OAAO,CAAC,GAAG,CAAC,QAAQ,GAAG,YAAY,CAAA;QACnC,OAAO,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAA;QACpC,MAAM,GAAG,GAAG,YAAY,CAAC,MAAM,CAAC,CAAA;QAChC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACd,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QACb,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QACb,MAAM,CAAC,QAAQ,CAAC,CAAC,gBAAgB,EAAE,CAAA;QACnC,MAAM,CAAC,OAAO,CAAC,CAAC,gBAAgB,EAAE,CAAA;QAClC,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAA;IACxC,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,OAAO,CAAC,GAAG,CAAC,iBAAiB,GAAG,MAAM,CAAA;QACtC,OAAO,CAAC,GAAG,CAAC,kBAAkB,GAAG,MAAM,CAAA;QACvC,MAAM,GAAG,GAAG,YAAY,CAAC,YAAY,CAAC,CAAA;QACtC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAA;QACxD,MAAM,CAAC,QAAQ,CAAC,CAAC,oBAAoB,EAAE,CAAA;QACvC,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,CAAC,CAAW,CAAA;QACjD,MAAM,CAAC,OAAO,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAClC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QAC/B,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAClC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QACvC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAC/B,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAA;QACrE,MAAM,CAAC,OAAO,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACzC,CAAC,CAAC,CAAA;IAEF,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,OAAO,CAAC,GAAG,CAAC,iBAAiB,GAAG,MAAM,CAAA;QACtC,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAA;QACrC,MAAM,GAAG,GAAG,YAAY,CAAC,YAAY,CAAC,CAAA;QACtC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACd,MAAM,CAAC,OAAO,CAAC,CAAC,oBAAoB,EAAE,CAAA;QACtC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAA;QAC/D,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC9C,CAAC,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA"}

package/dist/__tests__/security/api-key-enhanced.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=api-key-enhanced.test.d.ts.map

package/dist/__tests__/security/api-key-enhanced.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-key-enhanced.test.d.ts","sourceRoot":"","sources":["../../../src/__tests__/security/api-key-enhanced.test.ts"],"names":[],"mappings":""}