@allanoricil/nrg-sentinel 1.0.0 → 1.0.1

package/README.md

@@ -38,6 +38,7 @@ The table below is updated automatically after each CI run on `main`.
 | 18 | Deep Stack Bypass | ✅ | `4.1.7` |
 | 19 | HTTP Route Deletion | ✅ | `4.1.7` |
 | 20 | Child Process Exec | ✅ | `4.1.7` |
+| 21 | SW Fetch Interception | — | — | browser-only — verify via `start-interactive.sh` |
 | 22 | FS Read | ✅ | `4.1.7` |
 | 23 | Process Env Exfiltration | ✅ | `4.1.7` |
 | 24 | Process Exit DoS | ✅ | `4.1.7` |
@@ -50,7 +51,8 @@ The table below is updated automatically after each CI run on `main`.
 | 31 | Context Permissions | ✅ | `4.1.7` |
 | 32 | Flows Inject | ✅ | `4.1.7` |
 | 33 | Node Event Hijack | ✅ | `4.1.7` |
-_Last updated: 2026-03-17T08:03:19Z_
+| 34 | Config Node Credentials | ✅ | `4.1.7` |
+_Last updated: 2026-03-18T03:18:54Z_
 <!-- DEMO-TEST-RESULTS:END -->
 
 ## Demos
@@ -79,6 +81,7 @@ Each demo is a self-contained scenario that shows an attack against Node-RED and
 | 18  | Deep Stack Bypass                 | Chains anonymous wrappers to push the malicious frame outside the guard window   |
 | 19  | HTTP Route Deletion             | Deletes existing Express routes to disable authentication endpoints              |
 | 20  | Child Process Exec               | Spawns a shell command via `child_process` to execute arbitrary OS commands      |
+| 21  | SW Fetch Interception                      | Browser-only: editor script uses `fetch()` to exfiltrate data; Service Worker blocks it via the network-policy allowlist |
 | 22  | FS Read                                     | Reads `settings.js` via `require('fs')` to extract the credential secret         |
 | 23  | Process Env Exfiltration                | Reads `process.env` to harvest injected secrets and API keys                     |
 | 24  | Process Exit DoS                       | Calls `process.exit()` from a message handler to kill the runtime                |
@@ -91,6 +94,7 @@ Each demo is a self-contained scenario that shows an attack against Node-RED and
 | 31  | Context Permissions             | Reads or writes another node's context store without a grant                     |
 | 32  | Flows Inject                           | Injects a malicious node into the running flow via the flows API                 |
 | 33  | Node Event Hijack                 | Spies on or silences another node's input handler via EventEmitter APIs          |
+| 34  | Config Node Credentials    | Interactive: explores open / restricted / locked config-node credential access   |
 
 ## Capability grants
 
@@ -208,16 +212,17 @@ If credentials were silently self-readable, `node:credentials:read` would only b
 
 #### Reading credentials from a config node referenced in its config
 
-Config nodes exist specifically to hold and share credentials with the consumer nodes that reference them. Sentinel opens `node:credentials:read` for config nodes by default — no capability grant is needed for either the config node package or the consumer.
+Config node credentials are closed by default, the same as every other node type. A consumer that needs to access `configNode.credentials` directly must either hold `node:credentials:read` in its grant list, or be listed in the config node type's `nodeTypes` entry in `.sentinel-grants.json`.
 
-The idiomatic pattern is for the config node to read its own credentials and expose them as plain properties:
+The idiomatic pattern avoids the credential proxy entirely: the config node reads `this.credentials` in its own constructor (Sentinel only proxies nodes returned from `getNode()`, not a node's own `this`), stores the secret as a plain property, and consumers read that plain property:
 
 ```js
 // node-red-contrib-influxdb/index.js
 module.exports = function (RED) {
     function InfluxConfigNode(config) {
         RED.nodes.createNode(this, config);
-        // Config node reads its own credentials — allowed by default (no grant needed).
+        // Reads this.credentials on the raw this — not via a getNode() proxy.
+        // No credential cap needed because Sentinel only guards getNode() return values.
         this.token = this.credentials.token;
         this.host = config.host;
     }
@@ -225,7 +230,7 @@ module.exports = function (RED) {
 
     function InfluxWriteNode(config) {
         RED.nodes.createNode(this, config);
-        // Consumer accesses the config node's plain property — no credential cap needed.
+        // Consumer reads the plain property — no credential cap needed.
         var configNode = RED.nodes.getNode(config.configId);
         this.on("input", function (msg) {
             writeToInflux(configNode.host, configNode.token, msg.payload);
@@ -237,7 +242,7 @@ module.exports = function (RED) {
 ```
 
 ```js
-// settings.js — no node:credentials:read needed for either package
+// settings.js — no node:credentials:read needed for either package under this pattern
 sentinel: {
     allow: {
         "node-red-contrib-influxdb": ["registry:register"],
@@ -245,15 +250,11 @@ sentinel: {
 }
 ```
 
-If a consumer accesses `configNode.credentials.token` directly instead of a plain property, it also works without any grant — the config node default rule still applies because the proxy belongs to a config node.
-
-**Why config nodes are open by default:** if consumers were required to have `node:credentials:read` to access a config node, every single package that uses any config node — influxdb-write, mqtt-out, http-request, anything that reads a username or token from a config node — would need the grant. In a real installation with a dozen contrib packages, `node:credentials:read` would appear in nearly every entry in `settings.js`, and it would cease to be a meaningful security signal. You would no longer be able to tell at a glance which packages are genuinely handling raw secrets versus simply using a config node the way Node-RED was designed.
-
-The config node pattern is a declared contract between Node-RED packages: the config node's author published it specifically to share its credentials, and the consumer's author explicitly wired to it in their node definition. An operator who installs both has implicitly accepted that relationship. Making it require an extra grant would add friction to a legitimate, universal pattern without adding meaningful security. Operators who want to restrict which packages can read a specific config node's credentials can override this default via `.sentinel-grants.json` in the userDir — see the end of this section.
+If a consumer accesses `configNode.credentials.token` directly via the proxy returned by `getNode()`, that access goes through Sentinel's capability check. The consumer's package needs `node:credentials:read`, or the config node type must list it in a `nodeTypes` entry.
 
 #### Reading credentials from a node that is not a config node
 
-If a node reads `.credentials` from an arbitrary non-config node (one it does not reference via its own config), the **target node's package** must have `node:credentials:read` in its grant list. Sentinel captures the owning package at `createNode` time and uses it for every subsequent access through that proxy:
+If a node reads `.credentials` from an arbitrary non-config node, the **accessing package** must have `node:credentials:read` in its grant list. Sentinel walks the call stack from `getNode()` to identify the calling package and checks its grants:
 
 ```js
 // node-red-contrib-reader/index.js — wants to read credentials from node-red-contrib-target
@@ -262,8 +263,8 @@ module.exports = function (RED) {
         RED.nodes.createNode(this, config);
         this.on("input", function (msg) {
             var target = RED.nodes.getNode(config.targetId);
-            // The proxy for `target` was created with node-red-contrib-target as the
-            // owning package. Sentinel checks that package's grants, not this one's.
+            // Sentinel identifies node-red-contrib-reader as the caller and checks
+            // its grants — not the target node's owning package.
             var secret = target.credentials.secret;
             this.send(msg);
         });
@@ -273,46 +274,127 @@ module.exports = function (RED) {
 ```
 
 ```js
-// settings.js — the TARGET package needs node:credentials:read, not the reader
+// settings.js — the ACCESSOR needs node:credentials:read, not the target's package
 sentinel: {
     allow: {
-        "node-red-contrib-reader":  ["registry:register"],
-        "node-red-contrib-target":  ["registry:register", "node:credentials:read"],
+        "node-red-contrib-reader":  ["registry:register", "node:credentials:read"],
+        "node-red-contrib-target":  ["registry:register"],
     },
 }
 ```
 
-**Why the target's package is checked, not the accessor's:** if it were the accessor's package that needed the grant, then any package granted `node:credentials:read` could call `RED.nodes.eachNode()` (with `node:list`) and iterate every node in the runtime, reading credentials from all of them in one sweep — a complete credential harvest with a single grant. The target-based check prevents that: having `node:credentials:read` only gives a package access to credentials stored in its _own_ nodes. It cannot reach into another package's nodes unless that package also has the grant, which the operator would have to explicitly add.
-
-If it were the accessor's grant that mattered, `node:credentials:read` would effectively mean "read any node's credentials in the entire runtime." Instead it means "this package's nodes are authorized to handle credentials," which is a much narrower and more auditable claim.
+**How the dual-axis check works:** `node:credentials:read` in the accessor's grant list (step 2) is a broad capability — it lets that package read `.credentials` from any node it obtains via `getNode()`. The `nodeTypes` section in `.sentinel-grants.json` provides the complementary target-side control (step 1): the target node type's author can list exactly which caller packages are approved, granting them access without requiring a broad package grant. Either axis alone is sufficient to allow the access. If neither passes, the proxy returns `undefined` for `credentials`.
 
-Sentinel also looks for a `.sentinel-grants.json` file in the **userDir** (next to `settings.js`). This file is the backing store for the **Sentinel editor panel** — the Node-RED UI exposes admin API routes that read and write it directly, so operators can manage target permissions through the browser without touching `settings.js`.
+Sentinel also looks for a `.sentinel-grants.json` file in the **userDir** (next to `settings.js`). This file is the backing store for the **Sentinel editor panel** — the Node-RED UI exposes admin API routes that read and write it directly, so operators can manage grants through the browser without touching `settings.js`.
 
 This separation is intentional. In hardened deployments `settings.js` is mounted read-only (the Docker section mounts it `:ro`) so it cannot be modified at runtime. `.sentinel-grants.json` lives in the writable userDir (`/data` in Docker), giving the UI panel a place to persist changes. The two files have different ownership: `settings.js` is managed by deployment tooling; `.sentinel-grants.json` is managed by the UI.
 
-The file grants access keyed on the **target node's type** rather than the caller's package name:
+#### File format
+
+The file has two top-level sections:
+
+```json
+{
+    "packages": {
+        "node-red-contrib-my-package": ["registry:register", "node:credentials:read"]
+    },
+    "nodeTypes": {
+        "my-config-node": {
+            "node:credentials:read": ["node-red-contrib-trusted-consumer"]
+        }
+    }
+}
+```
+
+- **`packages`** — dynamic caller grants, equivalent to `settings.sentinel.allow`. Entries here are merged with `settings.js` at runtime. This is what the Sentinel UI writes when you add a package grant through the editor.
+- **`nodeTypes`** — per-node-type target permissions. Keyed on the **target node's type**, each entry lists which caller packages are allowed to perform a given operation on nodes of that type. This is used to restrict (or explicitly allow) access to a specific node type independently of the caller's package grants.
+
+#### Node-type permissions — real-world examples
+
+**Grant specific packages access to a config node's credentials**
+
+To list which packages may read a config node's credentials via `getNode(id).credentials`, add the config node type to `nodeTypes`:
+
+```json
+{
+    "nodeTypes": {
+        "influxdb": {
+            "node:credentials:read": ["node-red-contrib-influxdb"]
+        }
+    }
+}
+```
+
+Only `node-red-contrib-influxdb` gets step-1 access via the target allowlist. Any other package without `node:credentials:read` in its grant list is blocked.
+
+**Document that no caller is listed for a config node type**
+
+An empty array `[]` records that no package is an approved caller via the target-side check. It has the same effect as not having an entry — neither grants step-1 access. Use it to make the intent explicit in the grants file:
 
 ```json
 {
-    "target-node-type": {
-        "node:credentials:read": ["node-red-contrib-reader"]
+    "nodeTypes": {
+        "my-vault-config": {
+            "node:credentials:read": []
+        }
     }
 }
 ```
 
-This is purely additive: if the caller is in the list, access is granted immediately. If it is not, Sentinel falls through to `settings.js` as normal — the file cannot block anything that `settings.js` already allows.
+No package can read credentials from `my-vault-config` nodes through the target-based check. A package that has `node:credentials:read` in its `packages` entry (either in `settings.js` or in the `packages` section of this file) can still override this — the `[]` only closes the target-based path, not the caller-based path.
+
+**Allow multiple consumers, block all others**
+
+```json
+{
+    "nodeTypes": {
+        "mqtt-broker": {
+            "node:credentials:read": [
+                "node-red-contrib-mqtt-in",
+                "node-red-contrib-mqtt-out",
+                "node-red-contrib-mqtt-dynamic"
+            ]
+        }
+    }
+}
+```
 
-The one place it does restrict behaviour is the config node default. Normally any caller can read a config node's credentials without any grant (see above). If you add a `node:credentials:read` entry for a config node type in `.sentinel-grants.json`, that default is suppressed and access is limited to the listed callers (plus whatever `settings.js` grants):
+**Restrict wire rewiring to a specific tool package**
 
 ```json
 {
-    "my-config-node": {
-        "node:credentials:read": ["node-red-contrib-trusted-consumer"]
+    "nodeTypes": {
+        "function": {
+            "node:wires:write": ["node-red-contrib-flow-manager"],
+            "node:wires:read":  ["node-red-contrib-flow-manager", "node-red-contrib-flow-auditor"]
+        }
     }
 }
 ```
 
-With this in place, `node-red-contrib-trusted-consumer` can read `my-config-node` credentials via the permissions file, and any package that has `node:credentials:read` in `settings.js` can still read them too. Packages with neither are blocked, even though `my-config-node` is a config node.
+**Complete example combining both sections**
+
+```json
+{
+    "packages": {
+        "node-red-contrib-influxdb":   ["registry:register", "node:credentials:read"],
+        "node-red-contrib-flow-audit": ["registry:register", "node:list"]
+    },
+    "nodeTypes": {
+        "influxdb": {
+            "node:credentials:read": ["node-red-contrib-influxdb"]
+        },
+        "mqtt-broker": {
+            "node:credentials:read": ["node-red-contrib-mqtt-in", "node-red-contrib-mqtt-out"]
+        },
+        "my-internal-config": {
+            "node:credentials:read": []
+        }
+    }
+}
+```
+
+The `nodeTypes` section is purely additive: if the caller is in the list, access is granted immediately. If it is not, Sentinel falls through to the `packages` section and `settings.js` grants as normal. An entry here cannot block a package that already holds the capability in its grants.
 
 ### Grants are per package, not per node type
 
@@ -425,6 +507,23 @@ sentinel: {
 
 This pattern is useful when multiple consumer packages need the same privileged operation: centralise it in one well-audited service package, grant only that package the capability, and consumers remain unprivileged. The service becomes the policy enforcement point — it decides what it exposes, and Sentinel enforces that nothing bypasses it.
 
+## Defense architecture
+
+Sentinel runs inside the same Node.js process as every package it protects against — there is no sandbox, no separate process, and no OS-level isolation. Meaningful enforcement in that environment requires layered hardening techniques:
+
+| Layer | Technique | What it closes |
+|---|---|---|
+| 0 — Prototype hardening | `Object.preventExtensions` on all built-in prototypes | Prototype pollution before any third-party code runs |
+| 1 — Module interception | `Module._load` hook + non-configurable lock | `require()` of `fs`, `http`, `child_process`, `vm`, `worker_threads` |
+| 2 — Node isolation | ES6 `Proxy` on every `getNode()` return value | Property reads, writes, and `defineProperty` on live node instances |
+| 3 — Surface hardening | Guarded Express routing, `process.env` Proxy, router-stack Proxy | Post-init manipulation of the HTTP server and environment |
+| 4 — Network policy | Outbound HTTP/HTTPS/socket allowlist | Exfiltration paths not covered by the module gate |
+| Cross-cutting | Intrinsic capture, call-stack introspection, file integrity watchdog | Prototype mutation of guard helpers, call-identity forgery, on-disk tampering |
+
+All built-in methods used by guard logic are pinned as standalone bound functions before the first `require()`, so a package that overwrites `String.prototype.includes` cannot blind the stack-frame checks. The `Module._load` hook is locked `configurable: false` immediately after installation so it cannot be stripped. Every node proxy intercepts `defineProperty` in addition to `get`/`set`, closing the bypass that would otherwise let a caller install a getter on a proxied node.
+
+For the full reference — every technique explained with code examples and attack scenarios — see **[docs/defense-techniques.md](docs/defense-techniques.md)**.
+
 
 ## Module access gates
 

package/bin/node-red.js

@@ -1,8 +1,8 @@
 #!/usr/bin/env node
 /**
- * @nrg/sentinel v1.0.0
+ * @nrg/sentinel v1.0.1
  * Copyright (c) 2026 NRG. All rights reserved.
  * Licensed under AGPL-3.0-or-later. Commercial license required for use beyond 14-day trial.
- * https://nrg-sentinel.dev
+ * https://allanoricil.github.io/nrg-sentinel-public/
  */
-'use strict';const _0x21d9e5=_0x4f23;(function(stringArrayFunction,_0x125b6b){const _0x475112=_0x4f23,stringArray=stringArrayFunction();while(!![]){try{const _0x389b1c=parseInt(_0x475112(0x10d))/0x1+parseInt(_0x475112(0x114))/0x2*(parseInt(_0x475112(0x101))/0x3)+parseInt(_0x475112(0x115))/0x4*(parseInt(_0x475112(0xfa))/0x5)+-parseInt(_0x475112(0x102))/0x6+parseInt(_0x475112(0x113))/0x7+parseInt(_0x475112(0x112))/0x8*(parseInt(_0x475112(0x103))/0x9)+-parseInt(_0x475112(0x116))/0xa*(parseInt(_0x475112(0x10b))/0xb);if(_0x389b1c===_0x125b6b)break;else stringArray['push'](stringArray['shift']());}catch(_0xf15394){stringArray['push'](stringArray['shift']());}}}(_0xb344,0x84d93));const {createVerify}=require('crypto'),{readFileSync,existsSync}=require('fs'),{spawn}=require('child_process'),path=require('path');function _findCoInstalledNodeRed(){const _0xeff464=_0x4f23;var _0x2df7e7=path['resolve'](path[_0xeff464(0x100)](process['argv'][0x1]),'..'),_0x1cdf5e=_0x2df7e7;while(!![]){var _0x386fbd=path['dirname'](_0x1cdf5e);if(_0x386fbd===_0x1cdf5e)break;var _0x4b2d65=path['join'](_0x386fbd,'node-red','package.json');if(existsSync(_0x4b2d65)){if(_0xeff464(0x105)===_0xeff464(0xfb))console['error']('[@allanoricil/nrg-sentinel] Public key not found:',_0x36e277),process['exit'](0x1);else try{var _0x2fec33=JSON['parse'](readFileSync(_0x4b2d65,'utf8')),_0x3e76b6=_0x2fec33[_0xeff464(0x104)]&&_0x2fec33[_0xeff464(0x104)]['node-red']||_0x2fec33[_0xeff464(0xfe)];return path['resolve'](path['dirname'](_0x4b2d65),_0x3e76b6);}catch(_0x3c1631){}}_0x1cdf5e=_0x386fbd;}return null;}const args=process[_0x21d9e5(0xf7)][_0x21d9e5(0xf8)](0x2),sIdx=args['findIndex'](_0x1232aa=>_0x1232aa==='-s'||_0x1232aa==='--settings'),settingsPath=sIdx!==-0x1?path[_0x21d9e5(0xff)](args[sIdx+0x1]):path['resolve'](_0x21d9e5(0x107)),keyPath=process[_0x21d9e5(0x117)][_0x21d9e5(0x10f)];if(keyPath){const sigPath=settingsPath+_0x21d9e5(0x111);!existsSync(keyPath)&&(console['error']('[@allanoricil/nrg-sentinel] Public key not found:',keyPath),process[_0x21d9e5(0x10a)](0x1));!existsSync(sigPath)&&(console['error']('[@allanoricil/nrg-sentinel] Signature file not found:',sigPath),console['error']('  Sign it first:  nrg-sentinel sign '+settingsPath),process['exit'](0x1));try{const pub=readFileSync(keyPath),sig=readFileSync(sigPath),src=readFileSync(settingsPath),ok=createVerify(_0x21d9e5(0x118))[_0x21d9e5(0xfc)](src)['verify'](pub,sig);!ok&&(console[_0x21d9e5(0xfd)]('[@allanoricil/nrg-sentinel] settings.js signature INVALID \u2014 aborting.'),console[_0x21d9e5(0xfd)](_0x21d9e5(0xf9)),process[_0x21d9e5(0x10a)](0x1));}catch(_0x196082){console[_0x21d9e5(0xfd)]('[@allanoricil/nrg-sentinel] Signature verification error:',_0x196082['message']),process[_0x21d9e5(0x10a)](0x1);}}function _0x4f23(_0x38f539,_0x877dbd){_0x38f539=_0x38f539-0xf6;const _0xb344f1=_0xb344();let _0x4f2320=_0xb344f1[_0x38f539];return _0x4f2320;}const preload=path['resolve'](__dirname,'..','preload.js'),env=Object[_0x21d9e5(0x108)]({},process['env']);env['NODE_OPTIONS']=('--require\x20'+preload+'\x20'+(env[_0x21d9e5(0x110)]||''))[_0x21d9e5(0x10c)]();function _0xb344(){const _0x160fae=['kill','exit','77iWsQhn','trim','407543lArWCk','execPath','NRG_SENTINEL_PUBLIC_KEY','NODE_OPTIONS','.sig','30856dEQnuW','5704657uXSciQ','4118GTBmhG','2224388THkJpn','1190990KmcTZx','env','ed25519','node-red','SIGINT','argv','slice','\x20\x20If\x20settings.js\x20was\x20intentionally\x20changed,\x20re-sign\x20it.','5zfBmNC','WxAww','update','error','main','resolve','dirname','483bZdMZH','4763772vSiTTm','144BTdUgu','bin','DYUBE','SIGTERM','settings.js','assign'];_0xb344=function(){return _0x160fae;};return _0xb344();}let spawnCmd,spawnArgs;var nodeRedBin=_findCoInstalledNodeRed();nodeRedBin?(spawnCmd=process[_0x21d9e5(0x10e)],spawnArgs=[nodeRedBin,...args]):(spawnCmd=_0x21d9e5(0x119),spawnArgs=args);const child=spawn(spawnCmd,spawnArgs,{'stdio':'inherit','env':env,'shell':![]});process['on'](_0x21d9e5(0x106),()=>child[_0x21d9e5(0x109)]('SIGTERM')),process['on'](_0x21d9e5(0xf6),()=>child['kill'](_0x21d9e5(0xf6))),child['on'](_0x21d9e5(0x10a),(_0x448785,_0x44de64)=>{_0x44de64?process['kill'](process['pid'],_0x44de64):process['exit'](_0x448785??0x0);});
+'use strict';const _0xc4287=_0x4cdd;(function(stringArrayFunction,_0x264e5f){const _0x37a459=_0x4cdd,stringArray=stringArrayFunction();while(!![]){try{const _0xe8e9fd=-parseInt(_0x37a459(0x8b))/0x1*(parseInt(_0x37a459(0x9f))/0x2)+parseInt(_0x37a459(0x99))/0x3+parseInt(_0x37a459(0x82))/0x4*(-parseInt(_0x37a459(0x81))/0x5)+parseInt(_0x37a459(0xa0))/0x6*(-parseInt(_0x37a459(0x84))/0x7)+parseInt(_0x37a459(0x94))/0x8+-parseInt(_0x37a459(0x83))/0x9+parseInt(_0x37a459(0x8a))/0xa;if(_0xe8e9fd===_0x264e5f)break;else stringArray['push'](stringArray['shift']());}catch(_0x20995a){stringArray['push'](stringArray['shift']());}}}(_0x5889,0x9bf98));const {createVerify}=require('crypto'),{readFileSync,existsSync}=require('fs'),{spawn}=require(_0xc4287(0x95)),path=require('path');function _findCoInstalledNodeRed(){const _0x33838a=_0x4cdd;var _0x42c0bd=path[_0x33838a(0xa3)](path[_0x33838a(0x9c)](process[_0x33838a(0x9b)][0x1]),'..'),_0x54d9f2=_0x42c0bd;while(!![]){var _0x4d0577=path[_0x33838a(0x9c)](_0x54d9f2);if(_0x4d0577===_0x54d9f2)break;var _0x501100=path[_0x33838a(0xa5)](_0x4d0577,_0x33838a(0x8f),_0x33838a(0x9d));if(existsSync(_0x501100)){if('ZxzXR'==='HPOOu')process[_0x33838a(0x92)](process['pid'],_0x41bce5);else try{if('aTOBe'===_0x33838a(0x96)){var _0x29cfb2=JSON[_0x33838a(0xa4)](readFileSync(_0x501100,_0x33838a(0x8d))),_0x4373ba=_0x29cfb2['bin']&&_0x29cfb2[_0x33838a(0x8e)]['node-red']||_0x29cfb2['main'];return path['resolve'](path[_0x33838a(0x9c)](_0x501100),_0x4373ba);}else{const _0x2dc207=_0x5eb7b4(_0x538108),_0x1eee13=_0x5e4a3a(_0x19282d),_0x2020cd=_0x756f91(_0x281914),_0xd4bcff=_0x2b276b(_0x33838a(0xa7))['update'](_0x2020cd)['verify'](_0x2dc207,_0x1eee13);!_0xd4bcff&&(console[_0x33838a(0xa2)]('[@allanoricil/nrg-sentinel] settings.js signature INVALID \u2014 aborting.'),console['error'](_0x33838a(0x89)),process['exit'](0x1));}}catch(_0x2d56df){}}_0x54d9f2=_0x4d0577;}return null;}const args=process[_0xc4287(0x9b)]['slice'](0x2),sIdx=args[_0xc4287(0x93)](_0x35816c=>_0x35816c==='-s'||_0x35816c===_0xc4287(0xa1)),settingsPath=sIdx!==-0x1?path[_0xc4287(0xa3)](args[sIdx+0x1]):path['resolve'](_0xc4287(0x85)),keyPath=process[_0xc4287(0x8c)]['NRG_SENTINEL_PUBLIC_KEY'];if(keyPath){const sigPath=settingsPath+'.sig';!existsSync(keyPath)&&(console[_0xc4287(0xa2)]('[@allanoricil/nrg-sentinel] Public key not found:',keyPath),process['exit'](0x1));!existsSync(sigPath)&&(console[_0xc4287(0xa2)]('[@allanoricil/nrg-sentinel] Signature file not found:',sigPath),console['error']('  Sign it first:  nrg-sentinel sign '+settingsPath),process['exit'](0x1));try{const pub=readFileSync(keyPath),sig=readFileSync(sigPath),src=readFileSync(settingsPath),ok=createVerify(_0xc4287(0xa7))[_0xc4287(0x88)](src)['verify'](pub,sig);!ok&&(console[_0xc4287(0xa2)]('[@allanoricil/nrg-sentinel] settings.js signature INVALID \u2014 aborting.'),console['error']('\x20\x20If\x20settings.js\x20was\x20intentionally\x20changed,\x20re-sign\x20it.'),process[_0xc4287(0x91)](0x1));}catch(_0x102545){console['error']('[@allanoricil/nrg-sentinel] Signature verification error:',_0x102545[_0xc4287(0x9a)]),process[_0xc4287(0x91)](0x1);}}function _0x5889(){const _0x298a0a=['bin','node-red','pid','exit','kill','findIndex','5477720YFqupO','child_process','aTOBe','NODE_OPTIONS','execPath','2355027QdzhVu','message','argv','dirname','package.json','trim','717202DUjycP','6WyjeRJ','--settings','error','resolve','parse','join','SIGINT','ed25519','5oQtEuB','2010076QxGAXi','352575EKsXed','7748055DwgwhI','settings.js','--require\x20','inherit','update','\x20\x20If\x20settings.js\x20was\x20intentionally\x20changed,\x20re-sign\x20it.','11763080ogGqMT','1ZDPutC','env','utf8'];_0x5889=function(){return _0x298a0a;};return _0x5889();}const preload=path['resolve'](__dirname,'..','preload.js'),env=Object['assign']({},process['env']);env['NODE_OPTIONS']=(_0xc4287(0x86)+preload+'\x20'+(env[_0xc4287(0x97)]||''))[_0xc4287(0x9e)]();let spawnCmd,spawnArgs;function _0x4cdd(_0x339101,_0x3bce3a){_0x339101=_0x339101-0x81;const _0x5889c5=_0x5889();let _0x4cdd96=_0x5889c5[_0x339101];return _0x4cdd96;}var nodeRedBin=_findCoInstalledNodeRed();nodeRedBin?(spawnCmd=process[_0xc4287(0x98)],spawnArgs=[nodeRedBin,...args]):(spawnCmd=_0xc4287(0x8f),spawnArgs=args);const child=spawn(spawnCmd,spawnArgs,{'stdio':_0xc4287(0x87),'env':env,'shell':![]});process['on']('SIGTERM',()=>child['kill']('SIGTERM')),process['on'](_0xc4287(0xa6),()=>child[_0xc4287(0x92)](_0xc4287(0xa6))),child['on'](_0xc4287(0x91),(_0x4473d7,_0x3d41e1)=>{const _0x3248ca=_0x4cdd;_0x3d41e1?process['kill'](process[_0x3248ca(0x90)],_0x3d41e1):'hFnMV'==='hFnMV'?process[_0x3248ca(0x91)](_0x4473d7??0x0):(_0x10deb2=process['execPath'],_0x16834a=[_0x120453,..._0x4bca51]);});

package/flow-diff.js

@@ -1,7 +1,7 @@
 /**
- * @nrg/sentinel v1.0.0
+ * @nrg/sentinel v1.0.1
  * Copyright (c) 2026 NRG. All rights reserved.
  * Licensed under AGPL-3.0-or-later. Commercial license required for use beyond 14-day trial.
- * https://nrg-sentinel.dev
+ * https://allanoricil.github.io/nrg-sentinel-public/
  */
-'use strict';var _0x1b6f60=_0x1f13;(function(stringArrayFunction,_0x10e718){var _0x44b80e=_0x1f13,stringArray=stringArrayFunction();while(!![]){try{var _0xbd14a7=parseInt(_0x44b80e(0x120))/0x1+-parseInt(_0x44b80e(0x117))/0x2+-parseInt(_0x44b80e(0x115))/0x3+parseInt(_0x44b80e(0x11b))/0x4*(-parseInt(_0x44b80e(0x10f))/0x5)+-parseInt(_0x44b80e(0x11e))/0x6+-parseInt(_0x44b80e(0x11a))/0x7*(-parseInt(_0x44b80e(0x112))/0x8)+-parseInt(_0x44b80e(0x10a))/0x9*(-parseInt(_0x44b80e(0x110))/0xa);if(_0xbd14a7===_0x10e718)break;else stringArray['push'](stringArray['shift']());}catch(_0x1b71b9){stringArray['push'](stringArray['shift']());}}}(_0x1475,0x457be));var COMPARISON_STRIP=['x','y','z','wires'];function shouldSkipNode(_0x2b1fde){var _0x175158=_0x1f13;if(!_0x2b1fde||!_0x2b1fde['id'])return!![];if(!Object[_0x175158(0x10e)]['hasOwnProperty']['call'](_0x2b1fde,'x')||!Object['prototype']['hasOwnProperty']['call'](_0x2b1fde,'y'))return!![];return![];}function normalizeForComparison(_0x21f849){var _0x4b55b4=_0x1f13,_0x81114b={},_0x487cf1=Object[_0x4b55b4(0x11d)](_0x21f849)['sort']();for(var _0x96cdbf=0x0;_0x96cdbf<_0x487cf1[_0x4b55b4(0x118)];_0x96cdbf++){COMPARISON_STRIP['indexOf'](_0x487cf1[_0x96cdbf])===-0x1&&(_0x81114b[_0x487cf1[_0x96cdbf]]=_0x21f849[_0x487cf1[_0x96cdbf]]);}return _0x81114b;}function deepEqual(_0x2bddc9,_0x141b93){var _0x1b15a4=_0x1f13;return JSON[_0x1b15a4(0x119)](_0x2bddc9)===JSON[_0x1b15a4(0x119)](_0x141b93);}function _0x1475(){var _0x2bc100=['forEach','382234aJxMTM','length','stringify','19117axHhsj','52tphBzG','lqTcb','keys','1930392FCsVyh','mJPMi','318958iszhzn','push','116730zObDfH','filter','add','wires','prototype','65605STqbnb','590xfWBln','isArray','32IjOKOH','has','exports','381252vJiMSh'];_0x1475=function(){return _0x2bc100;};return _0x1475();}function _0x1f13(_0x167358,_0xd0ef4e){_0x167358=_0x167358-0x109;var _0x1475bc=_0x1475();var _0x1f1387=_0x1475bc[_0x167358];return _0x1f1387;}function toEdges(_0x2dd13e){var _0xe2d060=_0x1f13,_0x1c24fa=new Set();for(var _0x182bd9=0x0;_0x182bd9<_0x2dd13e[_0xe2d060(0x118)];_0x182bd9++){var _0x32a885=_0x2dd13e[_0x182bd9];if(!_0x32a885[_0xe2d060(0x10d)]||!Array[_0xe2d060(0x111)](_0x32a885[_0xe2d060(0x10d)]))continue;for(var _0x59f7c9=0x0;_0x59f7c9<_0x32a885[_0xe2d060(0x10d)][_0xe2d060(0x118)];_0x59f7c9++){var _0x30715b=_0x32a885[_0xe2d060(0x10d)][_0x59f7c9];if(!Array[_0xe2d060(0x111)](_0x30715b))continue;for(var _0x234441=0x0;_0x234441<_0x30715b[_0xe2d060(0x118)];_0x234441++){_0x1c24fa[_0xe2d060(0x10c)](_0x32a885['id']+':'+_0x59f7c9+'→'+_0x30715b[_0x234441]);}}}return _0x1c24fa;}function diffFlows(_0x51452b,_0x36100e){var _0x2c5655=_0x1f13,_0x409716=(Array['isArray'](_0x51452b)?_0x51452b:[])[_0x2c5655(0x10b)](function(_0x1af2f1){return!shouldSkipNode(_0x1af2f1);}),_0x3b45fa=(Array[_0x2c5655(0x111)](_0x36100e)?_0x36100e:[])[_0x2c5655(0x10b)](function(_0x46bf28){var _0x4359e8=_0x1f13;if('JRqNi'===_0x4359e8(0x11c))_0x11d794[_0x4359e8(0x109)](_0x5a124d[_0x2a1fc0]);else return!shouldSkipNode(_0x46bf28);}),_0x5b1208={};for(var _0x137c77=0x0;_0x137c77<_0x409716[_0x2c5655(0x118)];_0x137c77++){_0x409716[_0x137c77]&&_0x409716[_0x137c77]['id']&&(_0x5b1208[_0x409716[_0x137c77]['id']]=_0x409716[_0x137c77]);}var _0x238dc6={};for(var _0x27039c=0x0;_0x27039c<_0x3b45fa['length'];_0x27039c++){if('mJPMi'===_0x2c5655(0x11f))_0x3b45fa[_0x27039c]&&_0x3b45fa[_0x27039c]['id']&&('CeALn'!=='dKSml'?_0x238dc6[_0x3b45fa[_0x27039c]['id']]=_0x3b45fa[_0x27039c]:!_0x47923b[_0x4db867[_0x340ebd]]&&_0x519bf2[_0x2c5655(0x109)](_0xeb0642[_0x19c9e8[_0x57e6a1]]));else{var _0x4d4af7=_0x3c9628(_0x1e539c[_0x17cd87]),_0x4f9c1c=_0x3e0244(_0x43429c[_0x206dc1]);!_0x42b4b2(_0x4d4af7,_0x4f9c1c)&&_0x58549c[_0x2c5655(0x109)]({'id':_0x9a783d,'before':_0x7c578c[_0x4aa05c],'after':_0x741e4d[_0x898bf1]});}}var _0x20b582=[],_0xd3840c=[],_0x969e27=[],_0x4533d5=Object[_0x2c5655(0x11d)](_0x238dc6);for(var _0x2952ca=0x0;_0x2952ca<_0x4533d5['length'];_0x2952ca++){var _0x598d1b=_0x4533d5[_0x2952ca];if(!_0x5b1208[_0x598d1b])_0x20b582['push'](_0x238dc6[_0x598d1b]);else{var _0x101981=normalizeForComparison(_0x5b1208[_0x598d1b]),_0x4f960f=normalizeForComparison(_0x238dc6[_0x598d1b]);!deepEqual(_0x101981,_0x4f960f)&&_0x969e27[_0x2c5655(0x109)]({'id':_0x598d1b,'before':_0x5b1208[_0x598d1b],'after':_0x238dc6[_0x598d1b]});}}var _0x3b5284=Object[_0x2c5655(0x11d)](_0x5b1208);for(var _0x30b06a=0x0;_0x30b06a<_0x3b5284[_0x2c5655(0x118)];_0x30b06a++){!_0x238dc6[_0x3b5284[_0x30b06a]]&&_0xd3840c['push'](_0x5b1208[_0x3b5284[_0x30b06a]]);}var _0x30d413=toEdges(_0x409716),_0x510488=toEdges(_0x3b45fa),_0x3e54e0=[];_0x510488[_0x2c5655(0x116)](function(_0x47db72){if(!_0x30d413['has'](_0x47db72))_0x3e54e0['push'](_0x47db72);});var _0x154029=[];return _0x30d413[_0x2c5655(0x116)](function(_0x50b284){var _0x2befe7=_0x1f13;if(!_0x510488[_0x2befe7(0x113)](_0x50b284))_0x154029['push'](_0x50b284);}),{'nodesAdded':_0x20b582,'nodesRemoved':_0xd3840c,'nodesModified':_0x969e27,'connectionsAdded':_0x3e54e0,'connectionsRemoved':_0x154029};}module[_0x1b6f60(0x114)]={'diffFlows':diffFlows};
+'use strict';var _0x52f26c=_0x356f;(function(stringArrayFunction,_0x1c922a){var _0x747310=_0x356f,stringArray=stringArrayFunction();while(!![]){try{var _0x4b1a68=-parseInt(_0x747310(0x1f9))/0x1+parseInt(_0x747310(0x1ed))/0x2*(parseInt(_0x747310(0x1e3))/0x3)+-parseInt(_0x747310(0x1e6))/0x4*(parseInt(_0x747310(0x1f4))/0x5)+-parseInt(_0x747310(0x1ea))/0x6+-parseInt(_0x747310(0x1f2))/0x7+-parseInt(_0x747310(0x1f7))/0x8*(-parseInt(_0x747310(0x1fa))/0x9)+parseInt(_0x747310(0x1e5))/0xa;if(_0x4b1a68===_0x1c922a)break;else stringArray['push'](stringArray['shift']());}catch(_0x16176d){stringArray['push'](stringArray['shift']());}}}(_0x349c,0xc2e4e));function _0x356f(_0x11a72c,_0x239825){_0x11a72c=_0x11a72c-0x1e2;var _0x349c84=_0x349c();var _0x356fbd=_0x349c84[_0x11a72c];return _0x356fbd;}var COMPARISON_STRIP=['x','y','z',_0x52f26c(0x1e2)];function shouldSkipNode(_0x4f5dbc){var _0x17907c=_0x356f;if(!_0x4f5dbc||!_0x4f5dbc['id'])return!![];if(!Object[_0x17907c(0x1e4)]['hasOwnProperty'][_0x17907c(0x1f6)](_0x4f5dbc,'x')||!Object[_0x17907c(0x1e4)]['hasOwnProperty'][_0x17907c(0x1f6)](_0x4f5dbc,'y'))return!![];return![];}function normalizeForComparison(_0x2cd2ce){var _0xca6724=_0x356f,_0x2852dd={},_0x5521ed=Object['keys'](_0x2cd2ce)['sort']();for(var _0x4b8185=0x0;_0x4b8185<_0x5521ed[_0xca6724(0x1e7)];_0x4b8185++){'PBMQA'!==_0xca6724(0x1fc)?COMPARISON_STRIP[_0xca6724(0x1f8)](_0x5521ed[_0x4b8185])===-0x1&&('YQuJi'==='dLMnK'?_0x2da4ee[_0xca6724(0x1f8)](_0x41a237[_0x39d876])===-0x1&&(_0x24b593[_0x282a42[_0xe5b9e8]]=_0x1fae6d[_0x5cc5a8[_0x304f8e]]):_0x2852dd[_0x5521ed[_0x4b8185]]=_0x2cd2ce[_0x5521ed[_0x4b8185]]):!_0x3bb6a9[_0x822c49[_0x59c79f]]&&_0x1fd336['push'](_0x50fb97[_0x4fe9b0[_0x192973]]);}return _0x2852dd;}function deepEqual(_0x2032b0,_0x2fa340){return JSON['stringify'](_0x2032b0)===JSON['stringify'](_0x2fa340);}function toEdges(_0x39a7c0){var _0x59d6d8=_0x356f,_0x52d991=new Set();for(var _0x3184d6=0x0;_0x3184d6<_0x39a7c0['length'];_0x3184d6++){var _0x3b52d2=_0x39a7c0[_0x3184d6];if(!_0x3b52d2[_0x59d6d8(0x1e2)]||!Array['isArray'](_0x3b52d2[_0x59d6d8(0x1e2)]))continue;for(var _0x65bef2=0x0;_0x65bef2<_0x3b52d2['wires']['length'];_0x65bef2++){var _0x3d1cb0=_0x3b52d2[_0x59d6d8(0x1e2)][_0x65bef2];if(!Array['isArray'](_0x3d1cb0))continue;for(var _0xc884f4=0x0;_0xc884f4<_0x3d1cb0['length'];_0xc884f4++){_0x52d991[_0x59d6d8(0x1ee)](_0x3b52d2['id']+':'+_0x65bef2+'→'+_0x3d1cb0[_0xc884f4]);}}}return _0x52d991;}function diffFlows(_0x25bd6f,_0x476b8f){var _0x1a0b57=_0x356f,_0x2708f4=(Array[_0x1a0b57(0x1f3)](_0x25bd6f)?_0x25bd6f:[])['filter'](function(_0x48a706){return!shouldSkipNode(_0x48a706);}),_0x3229ad=(Array[_0x1a0b57(0x1f3)](_0x476b8f)?_0x476b8f:[])[_0x1a0b57(0x1f1)](function(_0x1d7b7f){var _0x380528=_0x356f;if(_0x380528(0x1ef)==='qdfUg')return!shouldSkipNode(_0x1d7b7f);else{var _0x569eda=_0x1f1bf6[_0x78963];if(!_0x461866[_0x569eda])_0x482d82[_0x380528(0x1e9)](_0x10a67d[_0x569eda]);else{var _0xb1858b=_0x463529(_0x35f1a5[_0x569eda]),_0x53cb59=_0x41bb9d(_0x227db1[_0x569eda]);!_0x63243d(_0xb1858b,_0x53cb59)&&_0x1c71bc[_0x380528(0x1e9)]({'id':_0x569eda,'before':_0x5861af[_0x569eda],'after':_0x11c15b[_0x569eda]});}}}),_0x18c571={};for(var _0x2c7630=0x0;_0x2c7630<_0x2708f4[_0x1a0b57(0x1e7)];_0x2c7630++){_0x1a0b57(0x1eb)==='NHnXa'?_0x2708f4[_0x2c7630]&&_0x2708f4[_0x2c7630]['id']&&(_0x18c571[_0x2708f4[_0x2c7630]['id']]=_0x2708f4[_0x2c7630]):_0x4891c0[_0x1a0b57(0x1e9)]({'id':_0x11f49e,'before':_0x15aad7[_0x37e26f],'after':_0x148fd0[_0x2f8fe3]});}var _0x18f162={};for(var _0x49c2d2=0x0;_0x49c2d2<_0x3229ad[_0x1a0b57(0x1e7)];_0x49c2d2++){if(_0x3229ad[_0x49c2d2]&&_0x3229ad[_0x49c2d2]['id']){if('jzrGQ'!==_0x1a0b57(0x1e8))_0x18f162[_0x3229ad[_0x49c2d2]['id']]=_0x3229ad[_0x49c2d2];else{var _0xf5502f=_0x558ca0(_0x97bd41[_0x3f6479]),_0x579daa=_0x2957d7(_0x5c299c[_0x4edb19]);!_0x1e410c(_0xf5502f,_0x579daa)&&_0x1c6d1b[_0x1a0b57(0x1e9)]({'id':_0x4c40e8,'before':_0x3525b3[_0x5ae195],'after':_0x854982[_0x277341]});}}}var _0x5efac1=[],_0x16129d=[],_0x14d709=[],_0x498fd6=Object['keys'](_0x18f162);for(var _0x3dbf39=0x0;_0x3dbf39<_0x498fd6['length'];_0x3dbf39++){var _0x12a7ff=_0x498fd6[_0x3dbf39];if(!_0x18c571[_0x12a7ff])_0x5efac1['push'](_0x18f162[_0x12a7ff]);else{var _0x1b55c1=normalizeForComparison(_0x18c571[_0x12a7ff]),_0x518358=normalizeForComparison(_0x18f162[_0x12a7ff]);!deepEqual(_0x1b55c1,_0x518358)&&_0x14d709['push']({'id':_0x12a7ff,'before':_0x18c571[_0x12a7ff],'after':_0x18f162[_0x12a7ff]});}}var _0x348e0a=Object[_0x1a0b57(0x1ec)](_0x18c571);for(var _0x4535a9=0x0;_0x4535a9<_0x348e0a[_0x1a0b57(0x1e7)];_0x4535a9++){if(!_0x18f162[_0x348e0a[_0x4535a9]]){if('pxuMD'===_0x1a0b57(0x1f0))_0x16129d[_0x1a0b57(0x1e9)](_0x18c571[_0x348e0a[_0x4535a9]]);else return JSON['stringify'](_0xa44a94)===JSON['stringify'](_0x687221);}}var _0x16dcf3=toEdges(_0x2708f4),_0x42cbea=toEdges(_0x3229ad),_0x2d684a=[];_0x42cbea['forEach'](function(_0x171d0c){var _0x38bb5a=_0x356f;if(!_0x16dcf3[_0x38bb5a(0x1fb)](_0x171d0c))_0x2d684a[_0x38bb5a(0x1e9)](_0x171d0c);});var _0x2d4f6a=[];return _0x16dcf3['forEach'](function(_0x3e2cab){if(!_0x42cbea['has'](_0x3e2cab))_0x2d4f6a['push'](_0x3e2cab);}),{'nodesAdded':_0x5efac1,'nodesRemoved':_0x16129d,'nodesModified':_0x14d709,'connectionsAdded':_0x2d684a,'connectionsRemoved':_0x2d4f6a};}module[_0x52f26c(0x1f5)]={'diffFlows':diffFlows};function _0x349c(){var _0x51e54c=['has','SZxus','wires','198039EjNDiM','prototype','18141380UQWkoK','244eictOm','length','CIQVI','push','2923728tCqAdc','NHnXa','keys','14ByJbVU','add','qdfUg','pxuMD','filter','6420022IuUOGO','isArray','88610iZJSIR','exports','call','12192088LvanVf','indexOf','516478YujeSj','9TjKusO'];_0x349c=function(){return _0x51e54c;};return _0x349c();}

package/package.json

@@ -1,10 +1,10 @@
 {
   "name": "@allanoricil/nrg-sentinel",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "Node-RED Runtime Security Hardening",
   "license": "SEE LICENSE IN LICENSE.md",
   "author": "AllanOricil",
-  "homepage": "https://nrg-sentinel.dev",
+  "homepage": "https://allanoricil.github.io/nrg-sentinel-public/",
   "repository": {
     "type": "git",
     "url": "https://github.com/AllanOricil/nrg-sentinel-public"