@adeu/core 1.6.7 → 1.6.8

package/src/ingest.ts

@@ -49,6 +49,14 @@ function _extract_blocks(container: any, comments_map: any, cleanView: boolean,
   let is_first_block = true;
   let is_first_para = true;
 
+  if (container.constructor && container.constructor.name === 'NotesPart') {
+    const header = container.note_type === 'fn' ? '## Footnotes' : '## Endnotes';
+    const sep = `---\n${header}`;
+    blocks.push(sep);
+    local_cursor += sep.length;
+    is_first_block = false;
+  }
+
   for (const item of iter_block_items(container)) {
     if (!is_first_block) local_cursor += 2;
     const block_start = local_cursor;

package/src/sanitize/core.ts

@@ -0,0 +1,104 @@
+import { DocumentObject } from '../docx/bridge.js';
+import { SanitizeReport } from './report.js';
+import * as transforms from './transforms.js';
+
+export interface FinalizeOptions {
+  filename: string;
+  sanitize_mode?: 'full' | 'keep-markup' | 'baseline';
+  accept_all?: boolean;
+  protection_mode?: 'read_only' | 'encrypt' | null;
+  password?: string | null;
+  author?: string | null;
+  export_pdf?: boolean;
+}
+
+export interface FinalizeResult {
+  reportText: string;
+  outBuffer?: Buffer;
+}
+
+export async function finalize_document(doc: DocumentObject, options: FinalizeOptions): Promise<FinalizeResult> {
+  const report = new SanitizeReport(options.filename, options.sanitize_mode || 'full', options.author || null);
+
+  if (options.sanitize_mode === 'full') {
+    const counts = transforms.count_tracked_changes(doc);
+    const total = counts[0] + counts[1] + counts[2];
+    report.tracked_changes_found = total;
+
+    if (total > 0 && !options.accept_all) {
+      report.status = 'blocked';
+      report.blocked_reason = `Document contains ${total} unresolved tracked changes (${counts[0]} insertions, ${counts[1]} deletions, ${counts[2]} formatting). Review in Word first, or set accept_all=true.`;
+      return { reportText: report.render() };
+    }
+
+    if (total > 0) {
+      const authors = transforms.get_track_change_authors(doc);
+      if (authors.size > 1) {
+        report.warnings.push(`Multiple authors detected in tracked changes: ${Array.from(authors).sort().join(', ')}. Review per-change list before sending.`);
+      }
+      report.add_transform_lines(transforms.accept_all_tracked_changes(doc));
+      report.tracked_changes_accepted = total;
+    }
+
+    const commentsSummary = transforms.get_comments_summary(doc);
+    report.comments_removed = commentsSummary.total;
+    report.add_transform_lines(transforms.remove_all_comments(doc));
+  } else if (options.sanitize_mode === 'keep-markup') {
+    // Basic support for keep-markup in TS
+    const counts = transforms.count_tracked_changes(doc);
+    report.tracked_changes_found = counts[0] + counts[1] + counts[2];
+    report.tracked_changes_kept = report.tracked_changes_found;
+
+    if (options.author) {
+      report.add_transform_lines(transforms.replace_comment_authors(doc, options.author));
+      report.add_transform_lines(transforms.replace_change_authors(doc, options.author));
+    }
+  }
+
+  // Common transforms
+  report.add_transform_lines(transforms.strip_rsid(doc));
+  report.add_transform_lines(transforms.strip_para_ids(doc));
+  report.add_transform_lines(transforms.strip_proof_errors(doc));
+  report.add_transform_lines(transforms.strip_empty_properties(doc));
+  report.add_transform_lines(transforms.strip_hidden_text(doc));
+  report.add_transform_lines(transforms.scrub_doc_properties(doc));
+  report.add_transform_lines(transforms.scrub_timestamps(doc));
+  report.add_transform_lines(transforms.strip_custom_xml(doc));
+  report.add_transform_lines(transforms.strip_image_alt_text(doc));
+  
+  const warnings = transforms.audit_hyperlinks(doc);
+  for (const w of warnings) report.warnings.push(w);
+
+  report.add_transform_lines(transforms.normalize_change_dates(doc));
+
+  // Protection (Settings injection)
+  if (options.protection_mode === 'read_only' || options.protection_mode === 'encrypt') {
+    if (options.protection_mode === 'encrypt') {
+      report.warnings.push("Encryption mode (AES compound wrappers) is strictly unsupported in the zero-dependency Node engine. Falling back to native Word Read-Only lock.");
+    }
+    
+    const settingsPart = doc.pkg.getPartByPath('word/settings.xml');
+    if (settingsPart) {
+      const docEl = settingsPart._element.ownerDocument!;
+      let prot = transforms.findDescendantsByLocalName(settingsPart._element, 'documentProtection')[0];
+      if (!prot) {
+        prot = docEl.createElement('w:documentProtection');
+        // Word expects documentProtection to be inserted before elements like w:autoFormatOverride, w:styleLockTheme, etc.
+        // For standard robustness without complex XSD enforcement, appendChild generally works.
+        settingsPart._element.appendChild(prot);
+      }
+      prot.setAttribute('w:edit', 'readOnly');
+      prot.setAttribute('w:enforcement', '1');
+      report.structural_lines.push("Document locked (Read-Only enforcement injected into settings.xml)");
+    }
+  }
+
+  if (options.export_pdf) {
+    report.warnings.push("PDF export requires the Python/Word COM environment and is skipped in this zero-dependency Node agent.");
+  }
+
+  if (report.warnings.length > 0) report.status = 'clean_with_warnings';
+
+  const outBuffer = await doc.save();
+  return { reportText: report.render(), outBuffer };
+}

package/src/sanitize/report.ts

@@ -0,0 +1,125 @@
+export class SanitizeReport {
+  public filename: string;
+  public mode: string;
+  public author: string | null;
+
+  public tracked_changes_found: number = 0;
+  public tracked_changes_accepted: number = 0;
+  public tracked_changes_kept: number = 0;
+  public change_lines: string[] = [];
+
+  public comments_removed: number = 0;
+  public comments_kept: number = 0;
+  public removed_comment_lines: string[] = [];
+  public kept_comment_lines: string[] = [];
+
+  public metadata_lines: string[] = [];
+  public structural_lines: string[] = [];
+  public warnings: string[] = [];
+
+  public status: string = "clean";
+  public blocked_reason: string | null = null;
+
+  constructor(filename: string, mode: string = "full", author: string | null = null) {
+    this.filename = filename;
+    this.mode = mode;
+    this.author = author;
+  }
+
+  public add_transform_lines(lines: string[]) {
+    for (const line of lines) {
+      const lower = line.toLowerCase();
+      if (lower.includes("tracked change") || lower.includes("insertion") || lower.includes("deletion") || lower.includes("accepted")) {
+        this.change_lines.push(line);
+      } else if (lower.includes("comment") || lower.includes("[open]") || lower.includes("[resolved]")) {
+        if (lower.includes("kept") || lower.includes("visible")) {
+          this.kept_comment_lines.push(line);
+        } else {
+          this.removed_comment_lines.push(line);
+        }
+      } else if (
+        lower.includes("author") || lower.includes("template") || lower.includes("company") || 
+        lower.includes("manager") || lower.includes("metadata") || lower.includes("timestamp") || 
+        lower.includes("custom xml") || lower.includes("last modified by") || lower.includes("revision count") || lower.includes("last printed")
+      ) {
+        this.metadata_lines.push(line);
+      } else if (lower.includes("hyperlink") || lower.includes("warning")) {
+        this.warnings.push(line);
+      } else {
+        this.structural_lines.push(line);
+      }
+    }
+  }
+
+  public render(): string {
+    const sep = "═".repeat(50);
+    const lines: string[] = [sep, `Finalization Report: ${this.filename}`];
+
+    const flags: string[] = [];
+    if (this.mode === "keep-markup") flags.push("--keep-markup");
+    if (this.author) flags.push(`--author "${this.author}"`);
+    if (this.tracked_changes_accepted > 0) flags.push("--accept-all");
+
+    if (flags.length > 0) lines.push(flags.join(" "));
+    lines.push(sep);
+
+    if (this.status === "blocked") {
+      lines.push("");
+      lines.push(`BLOCKED: ${this.blocked_reason}`);
+      lines.push(sep);
+      return lines.join("\n");
+    }
+
+    if (this.mode === "keep-markup" && (this.tracked_changes_kept > 0 || this.comments_kept > 0)) {
+      lines.push("");
+      lines.push("VISIBLE TO COUNTERPARTY");
+      if (this.tracked_changes_kept > 0) lines.push(`  Tracked changes: ${this.tracked_changes_kept}`);
+      if (this.comments_kept > 0) {
+        lines.push(`  Open comments: ${this.comments_kept}`);
+        for (const cl of this.kept_comment_lines) lines.push(`    ${cl}`);
+      }
+      if (this.author) lines.push(`  Author on all markup: "${this.author}"`);
+    }
+
+    if (this.change_lines.length > 0) {
+      lines.push("");
+      lines.push("TRACKED CHANGES");
+      for (const cl of this.change_lines) lines.push(`  ${cl}`);
+    }
+
+    if (this.removed_comment_lines.length > 0) {
+      lines.push("");
+      lines.push("COMMENTS (stripped)");
+      for (const cl of this.removed_comment_lines) lines.push(`  ${cl}`);
+    }
+
+    if (this.metadata_lines.length > 0) {
+      lines.push("");
+      lines.push("METADATA");
+      for (const ml of this.metadata_lines) lines.push(`  ${ml}`);
+    }
+
+    if (this.structural_lines.length > 0) {
+      lines.push("");
+      lines.push("STRUCTURAL & PROTECTION");
+      for (const sl of this.structural_lines) lines.push(`  ${sl}`);
+    }
+
+    if (this.warnings.length > 0) {
+      lines.push("");
+      lines.push("WARNINGS");
+      for (const w of this.warnings) lines.push(`  ⚠ ${w}`);
+    }
+
+    lines.push("");
+    lines.push(sep);
+    if (this.warnings.length > 0) {
+      lines.push(`Result: CLEAN WITH WARNINGS (${this.warnings.length} warning${this.warnings.length > 1 ? 's' : ''})`);
+    } else {
+      lines.push("Result: SECURE & READY TO SEND");
+    }
+    lines.push(sep);
+
+    return lines.join("\n");
+  }
+}

package/src/sanitize/sanitize.test.ts

@@ -0,0 +1,192 @@
+import { describe, it, expect, vi } from 'vitest';
+import { DOMParser } from '@xmldom/xmldom';
+import JSZip from 'jszip';
+import { DocumentObject, Part, DocxPackage } from '../docx/bridge.js';
+import * as transforms from './transforms.js';
+import { finalize_document } from './core.js';
+
+// --- Helper to build a lightweight in-memory DocumentObject ---
+function createMockDoc(bodyXml: string): DocumentObject {
+  const fullXml = `<w:document xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" xmlns:w14="http://schemas.microsoft.com/office/word/2010/wordml"><w:body>${bodyXml}</w:body></w:document>`;
+  const doc = new DOMParser().parseFromString(fullXml, 'text/xml');
+  const zip = new JSZip();
+  const pkg = new DocxPackage(zip);
+  
+  const part = new Part('/word/document.xml', fullXml, doc.documentElement, 'application/xml');
+  pkg.parts.push(part);
+  pkg.mainDocumentPart = part;
+  
+  return new DocumentObject(pkg, part);
+}
+
+// --- Transforms Unit Tests ---
+describe('Sanitize Transforms', () => {
+  
+  it('should strip RSID attributes and elements', () => {
+    const doc = createMockDoc(`
+      <w:p w:rsidR="00A21F3B" w:rsidP="00B33E21">
+        <w:r><w:t>Hello</w:t></w:r>
+      </w:p>
+      <w:sectPr><w:rsids><w:rsidRoot w:val="00A21F3B"/></w:rsids></w:sectPr>
+    `);
+    
+    const lines = transforms.strip_rsid(doc);
+    const xml = doc.element.toString();
+    
+    expect(lines.length).toBeGreaterThan(0);
+    expect(xml).not.toContain('w:rsidR');
+    expect(xml).not.toContain('w:rsidP');
+    expect(xml).not.toContain('w:rsids');
+  });
+
+  it('should strip w14:paraId and w14:textId', () => {
+    const doc = createMockDoc(`
+      <w:p w14:paraId="3F2A91BC" w14:textId="77777777">
+        <w:r><w:t>Test</w:t></w:r>
+      </w:p>
+    `);
+    
+    const lines = transforms.strip_para_ids(doc);
+    const xml = doc.element.toString();
+    
+    expect(lines.length).toBeGreaterThan(0);
+    expect(xml).not.toContain('w14:paraId');
+    expect(xml).not.toContain('w14:textId');
+  });
+
+  it('should strip hidden text runs', () => {
+    const doc = createMockDoc(`
+      <w:p>
+        <w:r>
+          <w:rPr><w:vanish/></w:rPr>
+          <w:t>HiddenSecret</w:t>
+        </w:r>
+        <w:r>
+          <w:t>VisibleText</w:t>
+        </w:r>
+      </w:p>
+    `);
+    
+    const lines = transforms.strip_hidden_text(doc);
+    const xml = doc.element.toString();
+    
+    expect(lines.length).toBeGreaterThan(0);
+    expect(xml).not.toContain('HiddenSecret');
+    expect(xml).toContain('VisibleText');
+  });
+
+  it('should scrub document properties', () => {
+    const doc = createMockDoc('<w:p/>');
+    
+    // Mock docProps/app.xml
+    const appXml = '<Properties><TotalTime>15</TotalTime><Template>Confidential.dotm</Template></Properties>';
+    const appEl = new DOMParser().parseFromString(appXml, 'text/xml').documentElement;
+    const appPart = new Part('/docProps/app.xml', appXml, appEl, 'application/xml');
+    doc.pkg.parts.push(appPart);
+    
+    const lines = transforms.scrub_doc_properties(doc);
+    const resultXml = appPart._element.toString();
+    
+    expect(lines.length).toBeGreaterThan(0);
+    expect(resultXml).toContain('<TotalTime>0</TotalTime>');
+    expect(resultXml).toContain('<Template/>');
+    expect(resultXml).not.toContain('Confidential.dotm');
+  });
+
+  it('should strip custom XML parts and data bindings', () => {
+    const doc = createMockDoc(`
+      <w:p>
+        <w:sdt>
+          <w:sdtPr><w:dataBinding w:xpath="/test"/></w:sdtPr>
+        </w:sdt>
+      </w:p>
+    `);
+    
+    // Mock custom XML part
+    const customPart = new Part('/customXml/item1.xml', '<t/>', new DOMParser().parseFromString('<t/>', 'text/xml').documentElement, 'application/xml');
+    doc.pkg.parts.push(customPart);
+    
+    const lines = transforms.strip_custom_xml(doc);
+    
+    expect(lines.length).toBeGreaterThan(0);
+    expect(doc.pkg.parts.find(p => p.partname.includes('customXml'))).toBeUndefined();
+    expect(doc.element.toString()).not.toContain('w:dataBinding');
+  });
+
+  it('should count and accept all tracked changes', () => {
+    const doc = createMockDoc(`
+      <w:p>
+        <w:del w:id="1">
+          <w:r><w:delText>Vendor</w:delText></w:r>
+        </w:del>
+        <w:ins w:id="2">
+          <w:r><w:t>Supplier</w:t></w:r>
+        </w:ins>
+      </w:p>
+    `);
+    
+    const [ins, del, fmt] = transforms.count_tracked_changes(doc);
+    expect(ins).toBe(1);
+    expect(del).toBe(1);
+    
+    const lines = transforms.accept_all_tracked_changes(doc);
+    const xml = doc.element.toString();
+    
+    expect(lines.length).toBeGreaterThan(0);
+    expect(xml).not.toContain('w:del');
+    expect(xml).not.toContain('w:ins');
+    expect(xml).not.toContain('Vendor'); // Deletion was removed
+    expect(xml).toContain('Supplier'); // Insertion was unwrapped
+  });
+
+});
+
+// --- Orchestrator Integration Tests ---
+describe('Finalize Document (Core)', () => {
+
+  it('should inject XML locking (Read-Only) into settings.xml', async () => {
+    const doc = createMockDoc('<w:p/>');
+    
+    // Mock word/settings.xml
+    const settingsXml = '<w:settings xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main"></w:settings>';
+    const settingsEl = new DOMParser().parseFromString(settingsXml, 'text/xml').documentElement;
+    const settingsPart = new Part('/word/settings.xml', settingsXml, settingsEl, 'application/xml');
+    doc.pkg.parts.push(settingsPart);
+    
+    // Mock the doc.save buffer return
+    doc.save = vi.fn().mockResolvedValue(Buffer.from('mock'));
+    
+    const res = await finalize_document(doc, { 
+      filename: 'test.docx', 
+      protection_mode: 'read_only' 
+    });
+    
+    const finalSettings = settingsPart._element.toString();
+    
+    expect(res.reportText).toContain('Result: SECURE & READY TO SEND');
+    expect(res.reportText).toContain('Document locked (Read-Only');
+    
+    // Validate mathematical injection
+    expect(finalSettings).toContain('w:documentProtection');
+    expect(finalSettings).toContain('w:edit="readOnly"');
+    expect(finalSettings).toContain('w:enforcement="1"');
+  });
+
+  it('should return a blocked status if unaccepted changes remain and accept_all is false', async () => {
+    const doc = createMockDoc(`
+      <w:p>
+        <w:ins w:id="1"><w:r><w:t>Unresolved Edit</w:t></w:r></w:ins>
+      </w:p>
+    `);
+    
+    const res = await finalize_document(doc, { 
+      filename: 'draft.docx', 
+      sanitize_mode: 'full',
+      accept_all: false // <-- Should block
+    });
+    
+    expect(res.reportText).toContain('BLOCKED:');
+    expect(res.reportText).toContain('unresolved tracked changes');
+  });
+
+});