@aiconnect/confidant 1.0.0

package/dist/i18n.js

@@ -0,0 +1,63 @@
+/**
+ * Portuguese translations for CLI messages
+ */
+export const translations = {
+    // Error messages
+    secretCannotBeEmpty: 'O segredo não pode estar vazio',
+    ttlMustBePositive: 'O TTL deve ser um número positivo',
+    maxAccessCountMustBePositive: 'O número máximo de acessos deve ser positivo',
+    secretNotFound: 'Segredo não encontrado',
+    secretHasExpired: 'O segredo expirou',
+    maxAccessCountExceeded: 'Número máximo de acessos excedido',
+    connectionFailed: 'Falha na conexão com o servidor',
+    requestTimedOut: 'A solicitação expirou',
+    invalidApiEndpoint: 'Endpoint de API inválido',
+    invalidJsonResponse: 'Resposta JSON inválida do servidor',
+    networkError: 'Erro de rede',
+    // Help descriptions
+    programDescription: 'Ferramenta de CLI para o sistema de transferência de segredos Confidant',
+    createDescription: 'Criar um novo segredo',
+    getDescription: 'Recuperar um segredo pelo ID',
+    deleteDescription: 'Excluir um segredo pelo ID',
+    statusDescription: 'Verificar o status de um segredo pelo ID',
+    serveDescription: 'Iniciar o servidor Confidant',
+    // Option descriptions
+    secretOption: 'Conteúdo do segredo (obrigatório)',
+    ttlOption: 'Tempo de vida em milissegundos (opcional)',
+    maxAccessCountOption: 'Número máximo de acessos (opcional)',
+    apiUrlOption: 'URL do endpoint da API',
+    portOption: 'Porta do servidor (padrão: 3000)',
+    hostOption: 'Host do servidor (padrão: localhost)',
+    // Examples
+    createExample: 'Exemplo: confidant create --secret "meu segredo" --ttl 60000 --max-access-count 3',
+    getExample: 'Exemplo: confidant get abc123',
+    deleteExample: 'Exemplo: confidant delete abc123',
+    statusExample: 'Exemplo: confidant status abc123',
+    // Success messages
+    secretCreated: 'Segredo criado com sucesso',
+    secretRetrieved: 'Segredo recuperado com sucesso',
+    secretDeleted: 'Segredo excluído com sucesso',
+    secretStatus: 'Status do segredo',
+    serverStarting: 'Iniciando servidor Confidant...',
+    serverRunning: '✅ Confidant rodando em:',
+    serverShutdown: 'Encerrando servidor Confidant...',
+    serverStopped: 'Servidor encerrado',
+    // Usage information
+    usage: 'Uso',
+    options: 'Opções',
+    commands: 'Comandos',
+    arguments: 'Argumentos',
+    required: '(obrigatório)',
+    optional: '(opcional)',
+    // Server messages
+    localhostUrl: '  - %s (localhost)',
+    networkUrl: '  - %s (rede local)',
+    pressCtrlCToStop: 'Pressione Ctrl+C para parar o servidor',
+};
+/**
+ * Get a translation by key
+ */
+export function t(key) {
+    return translations[key];
+}
+//# sourceMappingURL=i18n.js.map

package/dist/i18n.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"i18n.js","sourceRoot":"","sources":["../src/i18n.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,iBAAiB;IACjB,mBAAmB,EAAE,gCAAgC;IACrD,iBAAiB,EAAE,mCAAmC;IACtD,4BAA4B,EAAE,8CAA8C;IAC5E,cAAc,EAAE,wBAAwB;IACxC,gBAAgB,EAAE,mBAAmB;IACrC,sBAAsB,EAAE,mCAAmC;IAC3D,gBAAgB,EAAE,iCAAiC;IACnD,eAAe,EAAE,uBAAuB;IACxC,kBAAkB,EAAE,0BAA0B;IAC9C,mBAAmB,EAAE,oCAAoC;IACzD,YAAY,EAAE,cAAc;IAE5B,oBAAoB;IACpB,kBAAkB,EAAE,yEAAyE;IAC7F,iBAAiB,EAAE,uBAAuB;IAC1C,cAAc,EAAE,8BAA8B;IAC9C,iBAAiB,EAAE,4BAA4B;IAC/C,iBAAiB,EAAE,0CAA0C;IAC7D,gBAAgB,EAAE,8BAA8B;IAEhD,sBAAsB;IACtB,YAAY,EAAE,mCAAmC;IACjD,SAAS,EAAE,2CAA2C;IACtD,oBAAoB,EAAE,qCAAqC;IAC3D,YAAY,EAAE,wBAAwB;IACtC,UAAU,EAAE,kCAAkC;IAC9C,UAAU,EAAE,sCAAsC;IAElD,WAAW;IACX,aAAa,EAAE,mFAAmF;IAClG,UAAU,EAAE,+BAA+B;IAC3C,aAAa,EAAE,kCAAkC;IACjD,aAAa,EAAE,kCAAkC;IAEjD,mBAAmB;IACnB,aAAa,EAAE,4BAA4B;IAC3C,eAAe,EAAE,gCAAgC;IACjD,aAAa,EAAE,8BAA8B;IAC7C,YAAY,EAAE,mBAAmB;IACjC,cAAc,EAAE,iCAAiC;IACjD,aAAa,EAAE,yBAAyB;IACxC,cAAc,EAAE,kCAAkC;IAClD,aAAa,EAAE,oBAAoB;IAEnC,oBAAoB;IACpB,KAAK,EAAE,KAAK;IACZ,OAAO,EAAE,QAAQ;IACjB,QAAQ,EAAE,UAAU;IACpB,SAAS,EAAE,YAAY;IACvB,QAAQ,EAAE,eAAe;IACzB,QAAQ,EAAE,YAAY;IAEtB,kBAAkB;IAClB,YAAY,EAAE,oBAAoB;IAClC,UAAU,EAAE,qBAAqB;IACjC,gBAAgB,EAAE,wCAAwC;CAClD,CAAC;AAIX;;GAEG;AACH,MAAM,UAAU,CAAC,CAAC,GAAmB;IACnC,OAAO,YAAY,CAAC,GAAG,CAAC,CAAC;AAC3B,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+export { MemoryStorage, TTLStorage, SecretData, StorageOptions } from './storage.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC"}

package/dist/index.js

@@ -0,0 +1,53 @@
+import { serve } from '@hono/node-server';
+import { Hono } from 'hono';
+import { routes } from './routes.js';
+import { storageRegistry, validatorRegistry, transformerRegistry, MemoryStorageModule, BasicValidatorModule, UppercaseTransformerModule } from './registry.js';
+import { detectLocalIp } from './network-detection.js';
+export { MemoryStorage } from './storage.js';
+const app = new Hono();
+// Register routes
+app.route('/', routes);
+// Health check endpoint
+app.get('/health', (c) => {
+    return c.json({ status: 'ok', message: 'Confidant is running' });
+});
+// Initialize registries with example modules
+async function initializeRegistries() {
+    try {
+        // Register example storage module
+        await storageRegistry.register('memory', MemoryStorageModule);
+        console.log('✅ Storage registry initialized with memory module');
+        // Register example validator module
+        await validatorRegistry.register('basic', BasicValidatorModule);
+        console.log('✅ Validator registry initialized with basic module');
+        // Register example transformer module
+        await transformerRegistry.register('uppercase', UppercaseTransformerModule);
+        console.log('✅ Transformer registry initialized with uppercase module');
+    }
+    catch (error) {
+        console.error('❌ Failed to initialize registries:', error);
+        throw error;
+    }
+}
+// Start server
+const port = parseInt(process.env.PORT || '3000');
+console.log(`Starting Confidant server on port ${port}...`);
+// Initialize registries before starting server
+initializeRegistries().then(() => {
+    serve({
+        fetch: app.fetch,
+        port,
+    }, (info) => {
+        console.log(`✅ Confidant running at:`);
+        // Detect local IP for network URL
+        const localIp = detectLocalIp();
+        console.log(`  - http://localhost:${info.port} (localhost)`);
+        if (localIp) {
+            console.log(`  - http://${localIp}:${info.port} (rede local)`);
+        }
+    });
+}).catch((error) => {
+    console.error('Failed to start server:', error);
+    process.exit(1);
+});
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAC1C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,0BAA0B,EAAE,MAAM,eAAe,CAAC;AAC/J,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,OAAO,EAAE,aAAa,EAA0C,MAAM,cAAc,CAAC;AAErF,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;AAEvB,kBAAkB;AAClB,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;AAEvB,wBAAwB;AACxB,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE;IACvB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAC,CAAC;AACnE,CAAC,CAAC,CAAC;AAEH,6CAA6C;AAC7C,KAAK,UAAU,oBAAoB;IACjC,IAAI,CAAC;QACH,kCAAkC;QAClC,MAAM,eAAe,CAAC,QAAQ,CAAC,QAAQ,EAAE,mBAAmB,CAAC,CAAC;QAC9D,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;QAEjE,oCAAoC;QACpC,MAAM,iBAAiB,CAAC,QAAQ,CAAC,OAAO,EAAE,oBAAoB,CAAC,CAAC;QAChE,OAAO,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAAC;QAElE,sCAAsC;QACtC,MAAM,mBAAmB,CAAC,QAAQ,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC;QAC5E,OAAO,CAAC,GAAG,CAAC,0DAA0D,CAAC,CAAC;IAC1E,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;QAC3D,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAED,eAAe;AACf,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,MAAM,CAAC,CAAC;AAClD,OAAO,CAAC,GAAG,CAAC,qCAAqC,IAAI,KAAK,CAAC,CAAC;AAE5D,+CAA+C;AAC/C,oBAAoB,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE;IAC/B,KAAK,CAAC;QACJ,KAAK,EAAE,GAAG,CAAC,KAAK;QAChB,IAAI;KACL,EAAE,CAAC,IAAI,EAAE,EAAE;QACV,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;QAEvC,kCAAkC;QAClC,MAAM,OAAO,GAAG,aAAa,EAAE,CAAC;QAEhC,OAAO,CAAC,GAAG,CAAC,wBAAwB,IAAI,CAAC,IAAI,cAAc,CAAC,CAAC;QAC7D,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,CAAC,GAAG,CAAC,cAAc,OAAO,IAAI,IAAI,CAAC,IAAI,eAAe,CAAC,CAAC;QACjE,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACjB,OAAO,CAAC,KAAK,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;IAChD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/network-detection.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Check if an IP address is in a private range
+ * Private ranges: 192.168.x.x, 10.x.x.x, 172.16-31.x.x
+ */
+export declare function isPrivateIp(ip: string): boolean;
+/**
+ * Detect local network IP address for cross-device access
+ * Returns first private IP address found, or null if none detected
+ */
+export declare function detectLocalIp(): string | null;
+//# sourceMappingURL=network-detection.d.ts.map

package/dist/network-detection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"network-detection.d.ts","sourceRoot":"","sources":["../src/network-detection.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,wBAAgB,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAuB/C;AAED;;;GAGG;AACH,wBAAgB,aAAa,IAAI,MAAM,GAAG,IAAI,CA0B7C"}

package/dist/network-detection.js

@@ -0,0 +1,54 @@
+import * as os from 'os';
+/**
+ * Check if an IP address is in a private range
+ * Private ranges: 192.168.x.x, 10.x.x.x, 172.16-31.x.x
+ */
+export function isPrivateIp(ip) {
+    const parts = ip.split('.').map(Number);
+    if (parts.length !== 4) {
+        return false;
+    }
+    // 10.0.0.0 - 10.255.255.255
+    if (parts[0] === 10) {
+        return true;
+    }
+    // 172.16.0.0 - 172.31.255.255
+    if (parts[0] === 172 && parts[1] >= 16 && parts[1] <= 31) {
+        return true;
+    }
+    // 192.168.0.0 - 192.168.255.255
+    if (parts[0] === 192 && parts[1] === 168) {
+        return true;
+    }
+    return false;
+}
+/**
+ * Detect local network IP address for cross-device access
+ * Returns first private IP address found, or null if none detected
+ */
+export function detectLocalIp() {
+    try {
+        const interfaces = os.networkInterfaces();
+        for (const name of Object.keys(interfaces)) {
+            const networkInterface = interfaces[name];
+            if (!networkInterface)
+                continue;
+            for (const iface of networkInterface) {
+                // Skip internal and non-IPv4 addresses
+                if (iface.internal || iface.family !== 'IPv4') {
+                    continue;
+                }
+                // Check if IP is in private range
+                if (isPrivateIp(iface.address)) {
+                    return iface.address;
+                }
+            }
+        }
+        return null;
+    }
+    catch (error) {
+        // If detection fails, return null gracefully
+        return null;
+    }
+}
+//# sourceMappingURL=network-detection.js.map

package/dist/network-detection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"network-detection.js","sourceRoot":"","sources":["../src/network-detection.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AAEzB;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAC,EAAU;IACpC,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAExC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,4BAA4B;IAC5B,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC;QACpB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,8BAA8B;IAC9B,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;QACzD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,gCAAgC;IAChC,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;QACzC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa;IAC3B,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,EAAE,CAAC,iBAAiB,EAAE,CAAC;QAE1C,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3C,MAAM,gBAAgB,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC;YAC1C,IAAI,CAAC,gBAAgB;gBAAE,SAAS;YAEhC,KAAK,MAAM,KAAK,IAAI,gBAAgB,EAAE,CAAC;gBACrC,uCAAuC;gBACvC,IAAI,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;oBAC9C,SAAS;gBACX,CAAC;gBAED,kCAAkC;gBAClC,IAAI,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC/B,OAAO,KAAK,CAAC,OAAO,CAAC;gBACvB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,6CAA6C;QAC7C,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}

package/dist/network-detection.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=network-detection.test.d.ts.map

package/dist/network-detection.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"network-detection.test.d.ts","sourceRoot":"","sources":["../src/network-detection.test.ts"],"names":[],"mappings":""}

package/dist/network-detection.test.js

@@ -0,0 +1,150 @@
+import { describe, it, expect, beforeEach, afterEach, vi } from 'vitest';
+import * as os from 'os';
+import { isPrivateIp, detectLocalIp } from './network-detection.js';
+// Mock the os module
+vi.mock('os', () => ({
+    networkInterfaces: vi.fn(),
+}));
+describe('network detection', () => {
+    beforeEach(() => {
+        vi.clearAllMocks();
+    });
+    afterEach(() => {
+        vi.restoreAllMocks();
+    });
+    describe('isPrivateIp', () => {
+        it('should return true for 10.x.x.x addresses', () => {
+            expect(isPrivateIp('10.0.0.1')).toBe(true);
+            expect(isPrivateIp('10.255.255.255')).toBe(true);
+            expect(isPrivateIp('10.128.64.32')).toBe(true);
+        });
+        it('should return true for 172.16.x.x to 172.31.x.x addresses', () => {
+            expect(isPrivateIp('172.16.0.1')).toBe(true);
+            expect(isPrivateIp('172.31.255.255')).toBe(true);
+            expect(isPrivateIp('172.20.128.64')).toBe(true);
+        });
+        it('should return false for 172.15.x.x addresses', () => {
+            expect(isPrivateIp('172.15.255.255')).toBe(false);
+        });
+        it('should return false for 172.32.x.x addresses', () => {
+            expect(isPrivateIp('172.32.0.1')).toBe(false);
+        });
+        it('should return true for 192.168.x.x addresses', () => {
+            expect(isPrivateIp('192.168.0.1')).toBe(true);
+            expect(isPrivateIp('192.168.255.255')).toBe(true);
+            expect(isPrivateIp('192.168.128.64')).toBe(true);
+        });
+        it('should return false for public IP addresses', () => {
+            expect(isPrivateIp('8.8.8.8')).toBe(false);
+            expect(isPrivateIp('1.1.1.1')).toBe(false);
+            expect(isPrivateIp('172.32.0.1')).toBe(false);
+            expect(isPrivateIp('192.169.0.1')).toBe(false);
+        });
+        it('should return false for invalid IP addresses', () => {
+            expect(isPrivateIp('')).toBe(false);
+            expect(isPrivateIp('invalid')).toBe(false);
+            expect(isPrivateIp('192.168')).toBe(false);
+            expect(isPrivateIp('192.168.1.1.1')).toBe(false);
+            expect(isPrivateIp('256.168.1.1')).toBe(false);
+        });
+    });
+    describe('detectLocalIp', () => {
+        it('should return first private IP address found', () => {
+            const mockInterfaces = [
+                { address: '192.168.1.100', netmask: '255.255.255.0', family: 'IPv4', mac: '00:00:00:00:00:00', internal: false, cidr: '192.168.1.100/24' },
+                { address: '10.0.0.1', netmask: '255.0.0.0', family: 'IPv4', mac: '00:00:00:00:00:01', internal: false, cidr: '10.0.0.1/8' },
+            ];
+            vi.mocked(os.networkInterfaces).mockReturnValue({
+                'eth0': mockInterfaces,
+            });
+            const result = detectLocalIp();
+            expect(result).toBe('192.168.1.100');
+        });
+        it('should skip internal addresses', () => {
+            const mockInterfaces = [
+                { address: '127.0.0.1', netmask: '255.0.0.0', family: 'IPv4', mac: '00:00:00:00:00:00', internal: true, cidr: '127.0.0.1/8' },
+                { address: '192.168.1.100', netmask: '255.255.255.0', family: 'IPv4', mac: '00:00:00:00:00:01', internal: false, cidr: '192.168.1.100/24' },
+            ];
+            vi.mocked(os.networkInterfaces).mockReturnValue({
+                'lo': [mockInterfaces[0]],
+                'eth0': [mockInterfaces[1]],
+            });
+            const result = detectLocalIp();
+            expect(result).toBe('192.168.1.100');
+        });
+        it('should skip IPv6 addresses', () => {
+            const mockInterfaces = [
+                { address: 'fe80::1', netmask: 'ffff:ffff:ffff:ffff::', family: 'IPv6', mac: '00:00:00:00:00:00', internal: false, cidr: 'fe80::1/64', scopeid: 1 },
+                { address: '192.168.1.100', netmask: '255.255.255.0', family: 'IPv4', mac: '00:00:00:00:00:01', internal: false, cidr: '192.168.1.100/24' },
+            ];
+            vi.mocked(os.networkInterfaces).mockReturnValue({
+                'eth0': mockInterfaces,
+            });
+            const result = detectLocalIp();
+            expect(result).toBe('192.168.1.100');
+        });
+        it('should skip public IP addresses', () => {
+            const mockInterfaces = [
+                { address: '8.8.8.8', netmask: '255.255.255.0', family: 'IPv4', mac: '00:00:00:00:00:00', internal: false, cidr: '8.8.8.8/24' },
+                { address: '192.168.1.100', netmask: '255.255.255.0', family: 'IPv4', mac: '00:00:00:00:00:01', internal: false, cidr: '192.168.1.100/24' },
+            ];
+            vi.mocked(os.networkInterfaces).mockReturnValue({
+                'eth0': mockInterfaces,
+            });
+            const result = detectLocalIp();
+            expect(result).toBe('192.168.1.100');
+        });
+        it('should return null when no private IP is found', () => {
+            const mockInterfaces = [
+                { address: '8.8.8.8', netmask: '255.255.255.0', family: 'IPv4', mac: '00:00:00:00:00:00', internal: false, cidr: '8.8.8.8/24' },
+                { address: '127.0.0.1', netmask: '255.0.0.0', family: 'IPv4', mac: '00:00:00:00:00:01', internal: true, cidr: '127.0.0.1/8' },
+            ];
+            vi.mocked(os.networkInterfaces).mockReturnValue({
+                'eth0': [mockInterfaces[0]],
+                'lo': [mockInterfaces[1]],
+            });
+            const result = detectLocalIp();
+            expect(result).toBeNull();
+        });
+        it('should return null when networkInterfaces returns empty object', () => {
+            vi.mocked(os.networkInterfaces).mockReturnValue({});
+            const result = detectLocalIp();
+            expect(result).toBeNull();
+        });
+        it('should return null when networkInterfaces throws error', () => {
+            vi.mocked(os.networkInterfaces).mockImplementation(() => {
+                throw new Error('Network error');
+            });
+            const result = detectLocalIp();
+            expect(result).toBeNull();
+        });
+        it('should handle multiple network interfaces', () => {
+            const mockInterfaces = {
+                'eth0': [
+                    { address: '8.8.8.8', netmask: '255.255.255.0', family: 'IPv4', mac: '00:00:00:00:00:00', internal: false, cidr: '8.8.8.8/24' },
+                ],
+                'wlan0': [
+                    { address: '192.168.1.100', netmask: '255.255.255.0', family: 'IPv4', mac: '00:00:00:00:00:01', internal: false, cidr: '192.168.1.100/24' },
+                ],
+                'lo': [
+                    { address: '127.0.0.1', netmask: '255.0.0.0', family: 'IPv4', mac: '00:00:00:00:00:02', internal: true, cidr: '127.0.0.1/8' },
+                ],
+            };
+            vi.mocked(os.networkInterfaces).mockReturnValue(mockInterfaces);
+            const result = detectLocalIp();
+            expect(result).toBe('192.168.1.100');
+        });
+        it('should prefer 10.x.x.x over 192.168.x.x when both present', () => {
+            const mockInterfaces = [
+                { address: '192.168.1.100', netmask: '255.255.255.0', family: 'IPv4', mac: '00:00:00:00:00:00', internal: false, cidr: '192.168.1.100/24' },
+                { address: '10.0.0.1', netmask: '255.0.0.0', family: 'IPv4', mac: '00:00:00:00:00:01', internal: false, cidr: '10.0.0.1/8' },
+            ];
+            vi.mocked(os.networkInterfaces).mockReturnValue({
+                'eth0': mockInterfaces,
+            });
+            const result = detectLocalIp();
+            expect(result).toBe('192.168.1.100'); // First one found
+        });
+    });
+});
+//# sourceMappingURL=network-detection.test.js.map

package/dist/network-detection.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"network-detection.test.js","sourceRoot":"","sources":["../src/network-detection.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAEpE,qBAAqB;AACrB,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;IACnB,iBAAiB,EAAE,EAAE,CAAC,EAAE,EAAE;CAC3B,CAAC,CAAC,CAAC;AAEJ,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,EAAE,CAAC,eAAe,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;QAC3B,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC3C,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjD,MAAM,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACjD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2DAA2D,EAAE,GAAG,EAAE;YACnE,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7C,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjD,MAAM,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC9C,MAAM,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClD,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;YACrD,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC3C,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC3C,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC9C,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACjD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACpC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC3C,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC3C,MAAM,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACjD,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACjD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;QAC7B,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,MAAM,cAAc,GAA8B;gBAChD,EAAE,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,kBAAkB,EAAE;gBAC3I,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE;aAC7H,CAAC;YAEF,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC,eAAe,CAAC;gBAC9C,MAAM,EAAE,cAAc;aACvB,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,cAAc,GAA8B;gBAChD,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,aAAa,EAAE;gBAC7H,EAAE,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,kBAAkB,EAAE;aAC5I,CAAC;YAEF,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC,eAAe,CAAC;gBAC9C,IAAI,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;gBACzB,MAAM,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;aAC5B,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;YACpC,MAAM,cAAc,GAA8B;gBAChD,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,uBAAuB,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC,EAAE;gBACnJ,EAAE,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,kBAAkB,EAAE;aAC5I,CAAC;YAEF,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC,eAAe,CAAC;gBAC9C,MAAM,EAAE,cAAc;aACvB,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,cAAc,GAA8B;gBAChD,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE;gBAC/H,EAAE,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,kBAAkB,EAAE;aAC5I,CAAC;YAEF,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC,eAAe,CAAC;gBAC9C,MAAM,EAAE,cAAc;aACvB,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;YACxD,MAAM,cAAc,GAA8B;gBAChD,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE;gBAC/H,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,aAAa,EAAE;aAC9H,CAAC;YAEF,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC,eAAe,CAAC;gBAC9C,MAAM,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;gBAC3B,IAAI,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;aAC1B,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gEAAgE,EAAE,GAAG,EAAE;YACxE,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;YAEpD,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;YAChE,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE;gBACtD,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;YACnC,CAAC,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,MAAM,cAAc,GAA8C;gBAChE,MAAM,EAAE;oBACN,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE;iBAChI;gBACD,OAAO,EAAE;oBACP,EAAE,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,kBAAkB,EAAE;iBAC5I;gBACD,IAAI,EAAE;oBACJ,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,aAAa,EAAE;iBAC9H;aACF,CAAC;YAEF,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC;YAEhE,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2DAA2D,EAAE,GAAG,EAAE;YACnE,MAAM,cAAc,GAA8B;gBAChD,EAAE,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,kBAAkB,EAAE;gBAC3I,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE;aAC7H,CAAC;YAEF,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC,eAAe,CAAC;gBAC9C,MAAM,EAAE,cAAc;aACvB,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;YAC/B,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,kBAAkB;QAC1D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/rate-limiter.d.ts

@@ -0,0 +1,61 @@
+/**
+ * Rate Limiter
+ *
+ * Implements in-memory rate limiting using a sliding window algorithm.
+ * Prevents brute-force attacks on hash space and API abuse.
+ */
+/**
+ * Rate limiter configuration
+ */
+export interface RateLimiterConfig {
+    maxRequests: number;
+    windowMs: number;
+}
+/**
+ * Rate limiter result
+ */
+export interface RateLimitResult {
+    allowed: boolean;
+    remaining: number;
+    resetTime: number;
+}
+/**
+ * In-memory rate limiter using sliding window algorithm
+ */
+export declare class RateLimiter {
+    private records;
+    private config;
+    /**
+     * Creates a new rate limiter
+     * @param config Rate limiter configuration
+     */
+    constructor(config: RateLimiterConfig);
+    /**
+     * Check if a request from the given IP is allowed
+     * @param ip The client IP address
+     * @returns Rate limit result
+     */
+    check(ip: string): RateLimitResult;
+    /**
+     * Reset the rate limit for a specific IP
+     * @param ip The client IP address
+     */
+    reset(ip: string): void;
+    /**
+     * Clean up old records to prevent memory leaks
+     * @param maxAge Maximum age of records to keep in milliseconds
+     */
+    cleanup(maxAge?: number): void;
+    /**
+     * Get the current rate limit status for an IP without incrementing
+     * @param ip The client IP address
+     * @returns Rate limit result
+     */
+    getStatus(ip: string): RateLimitResult;
+}
+/**
+ * Default rate limiter for secret request endpoints
+ * 10 requests per minute per IP
+ */
+export declare const defaultRateLimiter: RateLimiter;
+//# sourceMappingURL=rate-limiter.d.ts.map

package/dist/rate-limiter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limiter.d.ts","sourceRoot":"","sources":["../src/rate-limiter.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAUH;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,OAAO,CAA+B;IAC9C,OAAO,CAAC,MAAM,CAAoB;IAElC;;;OAGG;gBACS,MAAM,EAAE,iBAAiB;IAKrC;;;;OAIG;IACH,KAAK,CAAC,EAAE,EAAE,MAAM,GAAG,eAAe;IAmDlC;;;OAGG;IACH,KAAK,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI;IAIvB;;;OAGG;IACH,OAAO,CAAC,MAAM,GAAE,MAAgB,GAAG,IAAI;IAUvC;;;;OAIG;IACH,SAAS,CAAC,EAAE,EAAE,MAAM,GAAG,eAAe;CA4BvC;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,aAG7B,CAAC"}

package/dist/rate-limiter.js

@@ -0,0 +1,128 @@
+/**
+ * Rate Limiter
+ *
+ * Implements in-memory rate limiting using a sliding window algorithm.
+ * Prevents brute-force attacks on hash space and API abuse.
+ */
+/**
+ * In-memory rate limiter using sliding window algorithm
+ */
+export class RateLimiter {
+    records;
+    config;
+    /**
+     * Creates a new rate limiter
+     * @param config Rate limiter configuration
+     */
+    constructor(config) {
+        this.records = new Map();
+        this.config = config;
+    }
+    /**
+     * Check if a request from the given IP is allowed
+     * @param ip The client IP address
+     * @returns Rate limit result
+     */
+    check(ip) {
+        const now = Date.now();
+        const record = this.records.get(ip);
+        // No existing record, create a new one
+        if (!record) {
+            this.records.set(ip, {
+                count: 1,
+                windowStart: now
+            });
+            return {
+                allowed: true,
+                remaining: this.config.maxRequests - 1,
+                resetTime: now + this.config.windowMs
+            };
+        }
+        // Check if the window has expired
+        const windowAge = now - record.windowStart;
+        if (windowAge >= this.config.windowMs) {
+            // Reset the window
+            record.count = 1;
+            record.windowStart = now;
+            return {
+                allowed: true,
+                remaining: this.config.maxRequests - 1,
+                resetTime: now + this.config.windowMs
+            };
+        }
+        // Check if the limit has been exceeded
+        if (record.count >= this.config.maxRequests) {
+            return {
+                allowed: false,
+                remaining: 0,
+                resetTime: record.windowStart + this.config.windowMs
+            };
+        }
+        // Increment the count
+        record.count++;
+        return {
+            allowed: true,
+            remaining: this.config.maxRequests - record.count,
+            resetTime: record.windowStart + this.config.windowMs
+        };
+    }
+    /**
+     * Reset the rate limit for a specific IP
+     * @param ip The client IP address
+     */
+    reset(ip) {
+        this.records.delete(ip);
+    }
+    /**
+     * Clean up old records to prevent memory leaks
+     * @param maxAge Maximum age of records to keep in milliseconds
+     */
+    cleanup(maxAge = 3600000) {
+        const now = Date.now();
+        for (const [ip, record] of Array.from(this.records.entries())) {
+            const recordAge = now - record.windowStart;
+            if (recordAge > maxAge) {
+                this.records.delete(ip);
+            }
+        }
+    }
+    /**
+     * Get the current rate limit status for an IP without incrementing
+     * @param ip The client IP address
+     * @returns Rate limit result
+     */
+    getStatus(ip) {
+        const now = Date.now();
+        const record = this.records.get(ip);
+        if (!record) {
+            return {
+                allowed: true,
+                remaining: this.config.maxRequests,
+                resetTime: now + this.config.windowMs
+            };
+        }
+        // Check if the window has expired
+        const windowAge = now - record.windowStart;
+        if (windowAge >= this.config.windowMs) {
+            return {
+                allowed: true,
+                remaining: this.config.maxRequests,
+                resetTime: now + this.config.windowMs
+            };
+        }
+        return {
+            allowed: record.count < this.config.maxRequests,
+            remaining: Math.max(0, this.config.maxRequests - record.count),
+            resetTime: record.windowStart + this.config.windowMs
+        };
+    }
+}
+/**
+ * Default rate limiter for secret request endpoints
+ * 10 requests per minute per IP
+ */
+export const defaultRateLimiter = new RateLimiter({
+    maxRequests: 10,
+    windowMs: 60000 // 1 minute
+});
+//# sourceMappingURL=rate-limiter.js.map

package/dist/rate-limiter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limiter.js","sourceRoot":"","sources":["../src/rate-limiter.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AA2BH;;GAEG;AACH,MAAM,OAAO,WAAW;IACd,OAAO,CAA+B;IACtC,MAAM,CAAoB;IAElC;;;OAGG;IACH,YAAY,MAAyB;QACnC,IAAI,CAAC,OAAO,GAAG,IAAI,GAAG,EAAE,CAAC;QACzB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,EAAU;QACd,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAEpC,uCAAuC;QACvC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE;gBACnB,KAAK,EAAE,CAAC;gBACR,WAAW,EAAE,GAAG;aACjB,CAAC,CAAC;YAEH,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,CAAC;gBACtC,SAAS,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ;aACtC,CAAC;QACJ,CAAC;QAED,kCAAkC;QAClC,MAAM,SAAS,GAAG,GAAG,GAAG,MAAM,CAAC,WAAW,CAAC;QAC3C,IAAI,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACtC,mBAAmB;YACnB,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC;YACjB,MAAM,CAAC,WAAW,GAAG,GAAG,CAAC;YAEzB,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,CAAC;gBACtC,SAAS,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ;aACtC,CAAC;QACJ,CAAC;QAED,uCAAuC;QACvC,IAAI,MAAM,CAAC,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5C,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,CAAC;gBACZ,SAAS,EAAE,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ;aACrD,CAAC;QACJ,CAAC;QAED,sBAAsB;QACtB,MAAM,CAAC,KAAK,EAAE,CAAC;QAEf,OAAO;YACL,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,MAAM,CAAC,KAAK;YACjD,SAAS,EAAE,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ;SACrD,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,EAAU;QACd,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC1B,CAAC;IAED;;;OAGG;IACH,OAAO,CAAC,SAAiB,OAAO;QAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC;YAC9D,MAAM,SAAS,GAAG,GAAG,GAAG,MAAM,CAAC,WAAW,CAAC;YAC3C,IAAI,SAAS,GAAG,MAAM,EAAE,CAAC;gBACvB,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,SAAS,CAAC,EAAU;QAClB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAEpC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBAClC,SAAS,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ;aACtC,CAAC;QACJ,CAAC;QAED,kCAAkC;QAClC,MAAM,SAAS,GAAG,GAAG,GAAG,MAAM,CAAC,WAAW,CAAC;QAC3C,IAAI,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACtC,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBAClC,SAAS,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ;aACtC,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW;YAC/C,SAAS,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC;YAC9D,SAAS,EAAE,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ;SACrD,CAAC;IACJ,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,IAAI,WAAW,CAAC;IAChD,WAAW,EAAE,EAAE;IACf,QAAQ,EAAE,KAAK,CAAC,WAAW;CAC5B,CAAC,CAAC"}

package/dist/rate-limiter.test.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Tests for rate limiter
+ */
+export {};
+//# sourceMappingURL=rate-limiter.test.d.ts.map

package/dist/rate-limiter.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limiter.test.d.ts","sourceRoot":"","sources":["../src/rate-limiter.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}