@apart-tech/intelligence-core 1.0.6 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (41) hide show
  1. package/dist/index.d.ts +7 -0
  2. package/dist/index.d.ts.map +1 -1
  3. package/dist/index.js +5 -0
  4. package/dist/index.js.map +1 -1
  5. package/dist/lib/__tests__/crypto.test.d.ts +2 -0
  6. package/dist/lib/__tests__/crypto.test.d.ts.map +1 -0
  7. package/dist/lib/__tests__/crypto.test.js +63 -0
  8. package/dist/lib/__tests__/crypto.test.js.map +1 -0
  9. package/dist/lib/crypto.d.ts +14 -0
  10. package/dist/lib/crypto.d.ts.map +1 -0
  11. package/dist/lib/crypto.js +33 -0
  12. package/dist/lib/crypto.js.map +1 -0
  13. package/dist/services/__tests__/pii-detector-service.test.d.ts +2 -0
  14. package/dist/services/__tests__/pii-detector-service.test.d.ts.map +1 -0
  15. package/dist/services/__tests__/pii-detector-service.test.js +75 -0
  16. package/dist/services/__tests__/pii-detector-service.test.js.map +1 -0
  17. package/dist/services/__tests__/pii-encryption-service.test.d.ts +2 -0
  18. package/dist/services/__tests__/pii-encryption-service.test.d.ts.map +1 -0
  19. package/dist/services/__tests__/pii-encryption-service.test.js +151 -0
  20. package/dist/services/__tests__/pii-encryption-service.test.js.map +1 -0
  21. package/dist/services/node-service.d.ts +11 -1
  22. package/dist/services/node-service.d.ts.map +1 -1
  23. package/dist/services/node-service.js +90 -27
  24. package/dist/services/node-service.js.map +1 -1
  25. package/dist/services/org-embedding-config-service.d.ts.map +1 -1
  26. package/dist/services/org-embedding-config-service.js +4 -21
  27. package/dist/services/org-embedding-config-service.js.map +1 -1
  28. package/dist/services/org-pii-config-service.d.ts +30 -0
  29. package/dist/services/org-pii-config-service.d.ts.map +1 -0
  30. package/dist/services/org-pii-config-service.js +97 -0
  31. package/dist/services/org-pii-config-service.js.map +1 -0
  32. package/dist/services/pii-detector-service.d.ts +24 -0
  33. package/dist/services/pii-detector-service.d.ts.map +1 -0
  34. package/dist/services/pii-detector-service.js +89 -0
  35. package/dist/services/pii-detector-service.js.map +1 -0
  36. package/dist/services/pii-encryption-service.d.ts +55 -0
  37. package/dist/services/pii-encryption-service.d.ts.map +1 -0
  38. package/dist/services/pii-encryption-service.js +216 -0
  39. package/dist/services/pii-encryption-service.js.map +1 -0
  40. package/package.json +2 -1
  41. package/prisma/schema.prisma +17 -0
package/dist/index.d.ts CHANGED
@@ -3,6 +3,7 @@ export type { Database } from "./db/connection.js";
3
3
  export { PrismaClient } from "@prisma/client";
4
4
  export { createTenantClient, tenantWhere, SINGLE_TENANT_ORG_ID } from "./db/tenant.js";
5
5
  export type { TenantContext } from "./db/tenant.js";
6
+ export { encryptAesGcm, decryptAesGcm, deriveKey } from "./lib/crypto.js";
6
7
  export * from "./types/index.js";
7
8
  export { loadConfig } from "./config/index.js";
8
9
  export { NodeService } from "./services/node-service.js";
@@ -14,6 +15,12 @@ export { WorkspaceService } from "./services/workspace-service.js";
14
15
  export type { WorkspaceFilter, CreateWorkspaceInput, UpdateWorkspaceInput } from "./services/workspace-service.js";
15
16
  export { CleaningService } from "./services/cleaning-service.js";
16
17
  export { OrgEmbeddingConfigService } from "./services/org-embedding-config-service.js";
18
+ export { PiiDetectorService } from "./services/pii-detector-service.js";
19
+ export type { PiiMatch, PiiDetectionResult } from "./services/pii-detector-service.js";
20
+ export { PiiEncryptionService } from "./services/pii-encryption-service.js";
21
+ export type { PiiEncryptionOptions, PiiReport, PiiProcessingResult } from "./services/pii-encryption-service.js";
22
+ export { OrgPiiConfigService } from "./services/org-pii-config-service.js";
23
+ export type { OrgPiiConfig, OrgPiiConfigWithKey, PiiMode } from "./services/org-pii-config-service.js";
17
24
  export type { OrgEmbeddingConfig, OrgEmbeddingConfigWithKey } from "./services/org-embedding-config-service.js";
18
25
  export type { OrphanNode, DuplicatePair, HealthReport, LinkSuggestion, Island, IslandBridge, ValidationReport, ValidationIssue, ValidationCategory, ValidationSeverity, NormalizeSuggestion, NormalizeReport } from "./services/cleaning-service.js";
19
26
  export { createEmbeddingProvider, validateEmbeddingKey, OpenAIEmbeddingProvider, VoyageEmbeddingProvider, OllamaEmbeddingProvider } from "./providers/index.js";
package/dist/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AACjE,YAAY,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,kBAAkB,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AACvF,YAAY,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAGpD,cAAc,kBAAkB,CAAC;AAGjC,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAG/C,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,YAAY,EAAE,eAAe,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,MAAM,iCAAiC,CAAC;AACnH,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AACjE,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AACvF,YAAY,EAAE,kBAAkB,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AAChH,YAAY,EAAE,UAAU,EAAE,aAAa,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,EAAE,YAAY,EAAE,gBAAgB,EAAE,eAAe,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AAGrP,OAAO,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,uBAAuB,EAAE,uBAAuB,EAAE,uBAAuB,EAAE,MAAM,sBAAsB,CAAC;AAChK,YAAY,EAAE,8BAA8B,EAAE,MAAM,sBAAsB,CAAC;AAC3E,OAAO,EAAE,yBAAyB,EAAE,MAAM,yBAAyB,CAAC;AACpE,YAAY,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EAAE,wBAAwB,EAAE,kBAAkB,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACpG,YAAY,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AACxD,YAAY,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AACjE,YAAY,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,kBAAkB,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AACvF,YAAY,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAGpD,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAG1E,cAAc,kBAAkB,CAAC;AAGjC,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAG/C,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,YAAY,EAAE,eAAe,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,MAAM,iCAAiC,CAAC;AACnH,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AACjE,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AACvF,OAAO,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AACxE,YAAY,EAAE,QAAQ,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AACvF,OAAO,EAAE,oBAAoB,EAAE,MAAM,sCAAsC,CAAC;AAC5E,YAAY,EAAE,oBAAoB,EAAE,SAAS,EAAE,mBAAmB,EAAE,MAAM,sCAAsC,CAAC;AACjH,OAAO,EAAE,mBAAmB,EAAE,MAAM,sCAAsC,CAAC;AAC3E,YAAY,EAAE,YAAY,EAAE,mBAAmB,EAAE,OAAO,EAAE,MAAM,sCAAsC,CAAC;AACvG,YAAY,EAAE,kBAAkB,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AAChH,YAAY,EAAE,UAAU,EAAE,aAAa,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,EAAE,YAAY,EAAE,gBAAgB,EAAE,eAAe,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AAGrP,OAAO,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,uBAAuB,EAAE,uBAAuB,EAAE,uBAAuB,EAAE,MAAM,sBAAsB,CAAC;AAChK,YAAY,EAAE,8BAA8B,EAAE,MAAM,sBAAsB,CAAC;AAC3E,OAAO,EAAE,yBAAyB,EAAE,MAAM,yBAAyB,CAAC;AACpE,YAAY,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EAAE,wBAAwB,EAAE,kBAAkB,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACpG,YAAY,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AACxD,YAAY,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC"}
package/dist/index.js CHANGED
@@ -2,6 +2,8 @@
2
2
  export { getDb, getTenantDb, closeDb } from "./db/connection.js";
3
3
  export { PrismaClient } from "@prisma/client";
4
4
  export { createTenantClient, tenantWhere, SINGLE_TENANT_ORG_ID } from "./db/tenant.js";
5
+ // Crypto
6
+ export { encryptAesGcm, decryptAesGcm, deriveKey } from "./lib/crypto.js";
5
7
  // Types
6
8
  export * from "./types/index.js";
7
9
  // Config
@@ -15,6 +17,9 @@ export { DomainService } from "./services/domain-service.js";
15
17
  export { WorkspaceService } from "./services/workspace-service.js";
16
18
  export { CleaningService } from "./services/cleaning-service.js";
17
19
  export { OrgEmbeddingConfigService } from "./services/org-embedding-config-service.js";
20
+ export { PiiDetectorService } from "./services/pii-detector-service.js";
21
+ export { PiiEncryptionService } from "./services/pii-encryption-service.js";
22
+ export { OrgPiiConfigService } from "./services/org-pii-config-service.js";
18
23
  // Providers
19
24
  export { createEmbeddingProvider, validateEmbeddingKey, OpenAIEmbeddingProvider, VoyageEmbeddingProvider, OllamaEmbeddingProvider } from "./providers/index.js";
20
25
  export { BatchingEmbeddingProvider } from "./providers/batching.js";
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,WAAW;AACX,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAEjE,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,kBAAkB,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AAGvF,QAAQ;AACR,cAAc,kBAAkB,CAAC;AAEjC,SAAS;AACT,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE/C,WAAW;AACX,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AAEnE,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AACjE,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AAIvF,YAAY;AACZ,OAAO,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,uBAAuB,EAAE,uBAAuB,EAAE,uBAAuB,EAAE,MAAM,sBAAsB,CAAC;AAEhK,OAAO,EAAE,yBAAyB,EAAE,MAAM,yBAAyB,CAAC;AAEpE,OAAO,EAAE,wBAAwB,EAAE,kBAAkB,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEpG,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,WAAW;AACX,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAEjE,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,kBAAkB,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AAGvF,SAAS;AACT,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAE1E,QAAQ;AACR,cAAc,kBAAkB,CAAC;AAEjC,SAAS;AACT,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE/C,WAAW;AACX,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AAEnE,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AACjE,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AACvF,OAAO,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AAExE,OAAO,EAAE,oBAAoB,EAAE,MAAM,sCAAsC,CAAC;AAE5E,OAAO,EAAE,mBAAmB,EAAE,MAAM,sCAAsC,CAAC;AAK3E,YAAY;AACZ,OAAO,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,uBAAuB,EAAE,uBAAuB,EAAE,uBAAuB,EAAE,MAAM,sBAAsB,CAAC;AAEhK,OAAO,EAAE,yBAAyB,EAAE,MAAM,yBAAyB,CAAC;AAEpE,OAAO,EAAE,wBAAwB,EAAE,kBAAkB,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEpG,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC"}
package/dist/lib/__tests__/crypto.test.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ export {};
2
+ //# sourceMappingURL=crypto.test.d.ts.map
package/dist/lib/__tests__/crypto.test.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"crypto.test.d.ts","sourceRoot":"","sources":["../../../src/lib/__tests__/crypto.test.ts"],"names":[],"mappings":""}
package/dist/lib/__tests__/crypto.test.js ADDED
@@ -0,0 +1,63 @@
1
+ import { describe, it, expect } from "vitest";
2
+ import { encryptAesGcm, decryptAesGcm, deriveKey } from "../crypto.js";
3
+ describe("crypto", () => {
4
+ const key = deriveKey("test-secret");
5
+ describe("deriveKey", () => {
6
+ it("returns a 32-byte buffer", () => {
7
+ expect(key.length).toBe(32);
8
+ });
9
+ it("is deterministic", () => {
10
+ expect(deriveKey("test-secret")).toEqual(key);
11
+ });
12
+ it("produces different keys for different secrets", () => {
13
+ expect(deriveKey("other-secret")).not.toEqual(key);
14
+ });
15
+ });
16
+ describe("encryptAesGcm / decryptAesGcm", () => {
17
+ it("roundtrips plaintext correctly", () => {
18
+ const plaintext = "hello world";
19
+ const encrypted = encryptAesGcm(plaintext, key);
20
+ const decrypted = decryptAesGcm(encrypted, key);
21
+ expect(decrypted).toBe(plaintext);
22
+ });
23
+ it("produces iv:tag:ciphertext format", () => {
24
+ const encrypted = encryptAesGcm("test", key);
25
+ const parts = encrypted.split(":");
26
+ expect(parts).toHaveLength(3);
27
+ // Each part should be valid base64
28
+ for (const part of parts) {
29
+ expect(() => Buffer.from(part, "base64")).not.toThrow();
30
+ }
31
+ });
32
+ it("produces different ciphertext each time (random IV)", () => {
33
+ const a = encryptAesGcm("same text", key);
34
+ const b = encryptAesGcm("same text", key);
35
+ expect(a).not.toBe(b);
36
+ // But both decrypt to same value
37
+ expect(decryptAesGcm(a, key)).toBe("same text");
38
+ expect(decryptAesGcm(b, key)).toBe("same text");
39
+ });
40
+ it("fails with wrong key", () => {
41
+ const encrypted = encryptAesGcm("secret", key);
42
+ const wrongKey = deriveKey("wrong-secret");
43
+ expect(() => decryptAesGcm(encrypted, wrongKey)).toThrow();
44
+ });
45
+ it("fails with tampered ciphertext", () => {
46
+ const encrypted = encryptAesGcm("secret", key);
47
+ const parts = encrypted.split(":");
48
+ // Tamper with the ciphertext part
49
+ const tampered = parts[0] + ":" + parts[1] + ":AAAA";
50
+ expect(() => decryptAesGcm(tampered, key)).toThrow();
51
+ });
52
+ it("handles empty string", () => {
53
+ const encrypted = encryptAesGcm("", key);
54
+ expect(decryptAesGcm(encrypted, key)).toBe("");
55
+ });
56
+ it("handles unicode", () => {
57
+ const plaintext = "Hello 🌍 — résumé";
58
+ const encrypted = encryptAesGcm(plaintext, key);
59
+ expect(decryptAesGcm(encrypted, key)).toBe(plaintext);
60
+ });
61
+ });
62
+ });
63
+ //# sourceMappingURL=crypto.test.js.map
package/dist/lib/__tests__/crypto.test.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"crypto.test.js","sourceRoot":"","sources":["../../../src/lib/__tests__/crypto.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEvE,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE;IACtB,MAAM,GAAG,GAAG,SAAS,CAAC,aAAa,CAAC,CAAC;IAErC,QAAQ,CAAC,WAAW,EAAE,GAAG,EAAE;QACzB,EAAE,CAAC,0BAA0B,EAAE,GAAG,EAAE;YAClC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC9B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kBAAkB,EAAE,GAAG,EAAE;YAC1B,MAAM,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;YACvD,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACrD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,+BAA+B,EAAE,GAAG,EAAE;QAC7C,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,SAAS,GAAG,aAAa,CAAC;YAChC,MAAM,SAAS,GAAG,aAAa,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;YAChD,MAAM,SAAS,GAAG,aAAa,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;YAChD,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;YAC7C,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACnC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YAC9B,mCAAmC;YACnC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,MAAM,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;YAC1D,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;YAC7D,MAAM,CAAC,GAAG,aAAa,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;YAC1C,MAAM,CAAC,GAAG,aAAa,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;YAC1C,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACtB,iCAAiC;YACjC,MAAM,CAAC,aAAa,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAChD,MAAM,CAAC,aAAa,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAClD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sBAAsB,EAAE,GAAG,EAAE;YAC9B,MAAM,SAAS,GAAG,aAAa,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YAC/C,MAAM,QAAQ,GAAG,SAAS,CAAC,cAAc,CAAC,CAAC;YAC3C,MAAM,CAAC,GAAG,EAAE,CAAC,aAAa,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;QAC7D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,SAAS,GAAG,aAAa,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YAC/C,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACnC,kCAAkC;YAClC,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC;YACrD,MAAM,CAAC,GAAG,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;QACvD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sBAAsB,EAAE,GAAG,EAAE;YAC9B,MAAM,SAAS,GAAG,aAAa,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;YACzC,MAAM,CAAC,aAAa,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iBAAiB,EAAE,GAAG,EAAE;YACzB,MAAM,SAAS,GAAG,mBAAmB,CAAC;YACtC,MAAM,SAAS,GAAG,aAAa,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;YAChD,MAAM,CAAC,aAAa,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
package/dist/lib/crypto.d.ts ADDED
@@ -0,0 +1,14 @@
1
+ /**
2
+ * Derive a 32-byte AES key from a secret string using SHA-256.
3
+ */
4
+ export declare function deriveKey(secret: string): Buffer;
5
+ /**
6
+ * Encrypt plaintext using AES-256-GCM.
7
+ * Returns a string in the format: base64(iv):base64(authTag):base64(ciphertext)
8
+ */
9
+ export declare function encryptAesGcm(plaintext: string, key: Buffer): string;
10
+ /**
11
+ * Decrypt an AES-256-GCM encoded string (iv:tag:ciphertext format).
12
+ */
13
+ export declare function decryptAesGcm(encoded: string, key: Buffer): string;
14
+ //# sourceMappingURL=crypto.d.ts.map
package/dist/lib/crypto.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../src/lib/crypto.ts"],"names":[],"mappings":"AAKA;;GAEG;AACH,wBAAgB,SAAS,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAEhD;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM,CAMpE;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM,CAQlE"}
package/dist/lib/crypto.js ADDED
@@ -0,0 +1,33 @@
1
+ import { createCipheriv, createDecipheriv, randomBytes, createHash } from "node:crypto";
2
+ const ALGORITHM = "aes-256-gcm";
3
+ const IV_LENGTH = 16;
4
+ /**
5
+ * Derive a 32-byte AES key from a secret string using SHA-256.
6
+ */
7
+ export function deriveKey(secret) {
8
+ return createHash("sha256").update(secret).digest();
9
+ }
10
+ /**
11
+ * Encrypt plaintext using AES-256-GCM.
12
+ * Returns a string in the format: base64(iv):base64(authTag):base64(ciphertext)
13
+ */
14
+ export function encryptAesGcm(plaintext, key) {
15
+ const iv = randomBytes(IV_LENGTH);
16
+ const cipher = createCipheriv(ALGORITHM, key, iv);
17
+ const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
18
+ const tag = cipher.getAuthTag();
19
+ return `${iv.toString("base64")}:${tag.toString("base64")}:${encrypted.toString("base64")}`;
20
+ }
21
+ /**
22
+ * Decrypt an AES-256-GCM encoded string (iv:tag:ciphertext format).
23
+ */
24
+ export function decryptAesGcm(encoded, key) {
25
+ const [ivB64, tagB64, ciphertextB64] = encoded.split(":");
26
+ const iv = Buffer.from(ivB64, "base64");
27
+ const tag = Buffer.from(tagB64, "base64");
28
+ const ciphertext = Buffer.from(ciphertextB64, "base64");
29
+ const decipher = createDecipheriv(ALGORITHM, key, iv);
30
+ decipher.setAuthTag(tag);
31
+ return Buffer.concat([decipher.update(ciphertext), decipher.final()]).toString("utf8");
32
+ }
33
+ //# sourceMappingURL=crypto.js.map
package/dist/lib/crypto.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../src/lib/crypto.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAExF,MAAM,SAAS,GAAG,aAAa,CAAC;AAChC,MAAM,SAAS,GAAG,EAAE,CAAC;AAErB;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,MAAc;IACtC,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC;AACtD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,SAAiB,EAAE,GAAW;IAC1D,MAAM,EAAE,GAAG,WAAW,CAAC,SAAS,CAAC,CAAC;IAClC,MAAM,MAAM,GAAG,cAAc,CAAC,SAAS,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAClD,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IACpF,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;IAChC,OAAO,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;AAC9F,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,OAAe,EAAE,GAAW;IACxD,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,aAAa,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC1D,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC1C,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;IACxD,MAAM,QAAQ,GAAG,gBAAgB,CAAC,SAAS,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IACtD,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IACzB,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;AACzF,CAAC"}
package/dist/services/__tests__/pii-detector-service.test.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ export {};
2
+ //# sourceMappingURL=pii-detector-service.test.d.ts.map
package/dist/services/__tests__/pii-detector-service.test.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"pii-detector-service.test.d.ts","sourceRoot":"","sources":["../../../src/services/__tests__/pii-detector-service.test.ts"],"names":[],"mappings":""}
package/dist/services/__tests__/pii-detector-service.test.js ADDED
@@ -0,0 +1,75 @@
1
+ import { describe, it, expect } from "vitest";
2
+ import { PiiDetectorService } from "../pii-detector-service.js";
3
+ describe("PiiDetectorService", () => {
4
+ const detector = new PiiDetectorService();
5
+ describe("detect", () => {
6
+ it("detects email addresses", () => {
7
+ const result = detector.detect("Contact john@example.com for details");
8
+ expect(result.hasPii).toBe(true);
9
+ expect(result.matches).toHaveLength(1);
10
+ expect(result.matches[0].type).toBe("email");
11
+ expect(result.matches[0].value).toBe("john@example.com");
12
+ });
13
+ it("detects phone numbers", () => {
14
+ const result = detector.detect("Call me at (555) 123-4567");
15
+ expect(result.hasPii).toBe(true);
16
+ expect(result.matches.some((m) => m.type === "phone_number")).toBe(true);
17
+ });
18
+ it("detects credit card numbers", () => {
19
+ const result = detector.detect("Card: 4111-1111-1111-1111");
20
+ expect(result.hasPii).toBe(true);
21
+ expect(result.matches.some((m) => m.type === "credit_card")).toBe(true);
22
+ });
23
+ it("detects US SSNs", () => {
24
+ const result = detector.detect("SSN: 123-45-6789");
25
+ expect(result.hasPii).toBe(true);
26
+ expect(result.matches.some((m) => m.type === "ssn_us")).toBe(true);
27
+ });
28
+ it("returns no matches for clean text", () => {
29
+ const result = detector.detect("This is a normal sentence about software engineering.");
30
+ expect(result.hasPii).toBe(false);
31
+ expect(result.matches).toHaveLength(0);
32
+ });
33
+ it("handles empty string", () => {
34
+ const result = detector.detect("");
35
+ expect(result.hasPii).toBe(false);
36
+ expect(result.matches).toHaveLength(0);
37
+ });
38
+ it("detects multiple PII types in one string", () => {
39
+ const result = detector.detect("Email john@example.com or call (555) 123-4567");
40
+ expect(result.hasPii).toBe(true);
41
+ const types = result.matches.map((m) => m.type);
42
+ expect(types).toContain("email");
43
+ expect(types).toContain("phone_number");
44
+ });
45
+ it("includes correct start/end positions", () => {
46
+ const text = "Contact john@example.com please";
47
+ const result = detector.detect(text);
48
+ expect(result.matches).toHaveLength(1);
49
+ const match = result.matches[0];
50
+ expect(text.slice(match.start, match.end)).toBe("john@example.com");
51
+ });
52
+ });
53
+ describe("detectInObject", () => {
54
+ it("detects PII in string values", () => {
55
+ const results = detector.detectInObject({
56
+ name: "John",
57
+ email: "john@example.com",
58
+ age: 30,
59
+ });
60
+ expect(results["email"]).toBeDefined();
61
+ expect(results["email"].hasPii).toBe(true);
62
+ // Non-string values should not be in results
63
+ expect(results["age"]).toBeUndefined();
64
+ });
65
+ it("handles object with no PII", () => {
66
+ const results = detector.detectInObject({
67
+ title: "Hello world",
68
+ content: "Just a normal string",
69
+ });
70
+ expect(results["title"].hasPii).toBe(false);
71
+ expect(results["content"].hasPii).toBe(false);
72
+ });
73
+ });
74
+ });
75
+ //# sourceMappingURL=pii-detector-service.test.js.map
package/dist/services/__tests__/pii-detector-service.test.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"pii-detector-service.test.js","sourceRoot":"","sources":["../../../src/services/__tests__/pii-detector-service.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAEhE,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,MAAM,QAAQ,GAAG,IAAI,kBAAkB,EAAE,CAAC;IAE1C,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE;QACtB,EAAE,CAAC,yBAAyB,EAAE,GAAG,EAAE;YACjC,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,sCAAsC,CAAC,CAAC;YACvE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACvC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC7C,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAC3D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uBAAuB,EAAE,GAAG,EAAE;YAC/B,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,2BAA2B,CAAC,CAAC;YAC5D,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;YACrC,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,2BAA2B,CAAC,CAAC;YAC5D,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iBAAiB,EAAE,GAAG,EAAE;YACzB,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;YACnD,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,uDAAuD,CAAC,CAAC;YACxF,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACzC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sBAAsB,EAAE,GAAG,EAAE;YAC9B,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YACnC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACzC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;YAClD,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,+CAA+C,CAAC,CAAC;YAChF,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjC,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAChD,MAAM,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;YACjC,MAAM,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;YAC9C,MAAM,IAAI,GAAG,iCAAiC,CAAC;YAC/C,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACrC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACvC,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;YAChC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACtE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;YACtC,MAAM,OAAO,GAAG,QAAQ,CAAC,cAAc,CAAC;gBACtC,IAAI,EAAE,MAAM;gBACZ,KAAK,EAAE,kBAAkB;gBACzB,GAAG,EAAE,EAAE;aACR,CAAC,CAAC;YACH,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YACvC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC3C,6CAA6C;YAC7C,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC;QACzC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;YACpC,MAAM,OAAO,GAAG,QAAQ,CAAC,cAAc,CAAC;gBACtC,KAAK,EAAE,aAAa;gBACpB,OAAO,EAAE,sBAAsB;aAChC,CAAC,CAAC;YACH,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
package/dist/services/__tests__/pii-encryption-service.test.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ export {};
2
+ //# sourceMappingURL=pii-encryption-service.test.d.ts.map
package/dist/services/__tests__/pii-encryption-service.test.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"pii-encryption-service.test.d.ts","sourceRoot":"","sources":["../../../src/services/__tests__/pii-encryption-service.test.ts"],"names":[],"mappings":""}
package/dist/services/__tests__/pii-encryption-service.test.js ADDED
@@ -0,0 +1,151 @@
1
+ import { describe, it, expect } from "vitest";
2
+ import { PiiEncryptionService } from "../pii-encryption-service.js";
3
+ import { PiiDetectorService } from "../pii-detector-service.js";
4
+ import { deriveKey } from "../../lib/crypto.js";
5
+ describe("PiiEncryptionService", () => {
6
+ const detector = new PiiDetectorService();
7
+ const service = new PiiEncryptionService(detector);
8
+ const orgKey = deriveKey("test-org-key");
9
+ describe("processText", () => {
10
+ it("encrypts PII and replaces with tokens", () => {
11
+ const result = service.processText("Email john@example.com for info", {
12
+ orgKey,
13
+ mode: "encrypt",
14
+ });
15
+ expect(result.text).not.toContain("john@example.com");
16
+ expect(result.text).toMatch(/\[PII:email:[^\]]+\]/);
17
+ expect(result.report.matchCount).toBe(1);
18
+ expect(result.report.encryptedCount).toBe(1);
19
+ expect(result.report.mode).toBe("encrypt");
20
+ });
21
+ it("detect-warn mode reports but does not encrypt", () => {
22
+ const result = service.processText("Email john@example.com for info", {
23
+ orgKey,
24
+ mode: "detect-warn",
25
+ });
26
+ expect(result.text).toContain("john@example.com");
27
+ expect(result.report.matchCount).toBe(1);
28
+ expect(result.report.encryptedCount).toBe(0);
29
+ expect(result.report.bypassedCount).toBe(1);
30
+ });
31
+ it("disabled mode does no processing", () => {
32
+ const result = service.processText("Email john@example.com for info", {
33
+ orgKey,
34
+ mode: "disabled",
35
+ });
36
+ expect(result.text).toBe("Email john@example.com for info");
37
+ expect(result.report.matchCount).toBe(0);
38
+ });
39
+ it("bypass skips encryption", () => {
40
+ const result = service.processText("Email john@example.com for info", {
41
+ orgKey,
42
+ mode: "encrypt",
43
+ bypass: true,
44
+ });
45
+ expect(result.text).toContain("john@example.com");
46
+ expect(result.report.bypassed).toBe(true);
47
+ expect(result.report.encryptedCount).toBe(0);
48
+ });
49
+ it("allowedPiiTypes skips specified types", () => {
50
+ const result = service.processText("Email john@example.com, SSN: 123-45-6789", {
51
+ orgKey,
52
+ mode: "encrypt",
53
+ allowedPiiTypes: ["email"],
54
+ });
55
+ // Email should still be in plaintext
56
+ expect(result.text).toContain("john@example.com");
57
+ // SSN should be encrypted
58
+ expect(result.text).not.toContain("123-45-6789");
59
+ expect(result.text).toMatch(/\[PII:ssn_us:[^\]]+\]/);
60
+ });
61
+ it("handles text with no PII", () => {
62
+ const result = service.processText("Just a normal sentence", {
63
+ orgKey,
64
+ mode: "encrypt",
65
+ });
66
+ expect(result.text).toBe("Just a normal sentence");
67
+ expect(result.report.matchCount).toBe(0);
68
+ expect(result.report.encryptedCount).toBe(0);
69
+ });
70
+ });
71
+ describe("decryptText", () => {
72
+ it("roundtrips: encrypt then decrypt yields original", () => {
73
+ const original = "Contact john@example.com or call (555) 123-4567";
74
+ const encrypted = service.processText(original, { orgKey, mode: "encrypt" });
75
+ const decrypted = service.decryptText(encrypted.text, orgKey);
76
+ expect(decrypted).toBe(original);
77
+ });
78
+ it("leaves non-PII text unchanged", () => {
79
+ const text = "No PII here";
80
+ expect(service.decryptText(text, orgKey)).toBe(text);
81
+ });
82
+ it("handles wrong key gracefully (leaves tokens intact)", () => {
83
+ const encrypted = service.processText("Email john@example.com", {
84
+ orgKey,
85
+ mode: "encrypt",
86
+ });
87
+ const wrongKey = deriveKey("wrong-key");
88
+ const result = service.decryptText(encrypted.text, wrongKey);
89
+ // Should still contain the token (decryption failed gracefully)
90
+ expect(result).toMatch(/\[PII:email:[^\]]+\]/);
91
+ });
92
+ });
93
+ describe("processNodeFields", () => {
94
+ it("processes title, content, and metadata", () => {
95
+ const result = service.processNodeFields({
96
+ title: "Contact john@example.com",
97
+ content: "Call (555) 123-4567 for details",
98
+ metadata: { note: "SSN is 123-45-6789" },
99
+ }, { orgKey, mode: "encrypt" });
100
+ expect(result.title).not.toContain("john@example.com");
101
+ expect(result.content).not.toContain("(555) 123-4567");
102
+ expect(result.report.matchCount).toBeGreaterThan(0);
103
+ expect(result.report.encryptedCount).toBeGreaterThan(0);
104
+ });
105
+ it("disabled mode passes through unchanged", () => {
106
+ const input = {
107
+ title: "john@example.com",
108
+ content: "test",
109
+ metadata: { key: "value" },
110
+ };
111
+ const result = service.processNodeFields(input, { orgKey, mode: "disabled" });
112
+ expect(result.title).toBe(input.title);
113
+ expect(result.content).toBe(input.content);
114
+ expect(result.metadata).toEqual(input.metadata);
115
+ });
116
+ });
117
+ describe("decryptNodeFields", () => {
118
+ it("decrypts PII in all node fields", () => {
119
+ const original = {
120
+ title: "Contact john@example.com",
121
+ content: "Call (555) 123-4567",
122
+ metadata: { note: "regular text" },
123
+ };
124
+ const encrypted = service.processNodeFields(original, { orgKey, mode: "encrypt" });
125
+ const node = {
126
+ id: "test",
127
+ title: encrypted.title,
128
+ content: encrypted.content,
129
+ metadata: encrypted.metadata ?? {},
130
+ };
131
+ const decrypted = service.decryptNodeFields(node, orgKey);
132
+ expect(decrypted.title).toBe(original.title);
133
+ expect(decrypted.content).toBe(original.content);
134
+ });
135
+ });
136
+ describe("token format", () => {
137
+ it("produces parseable PII tokens", () => {
138
+ const result = service.processText("Email john@example.com", {
139
+ orgKey,
140
+ mode: "encrypt",
141
+ });
142
+ const tokenRegex = /\[PII:(\w+):([A-Za-z0-9+/=]+:[A-Za-z0-9+/=]+:[A-Za-z0-9+/=]+)\]/g;
143
+ const match = tokenRegex.exec(result.text);
144
+ expect(match).not.toBeNull();
145
+ expect(match[1]).toBe("email");
146
+ // The encrypted payload should have 3 colon-separated base64 parts
147
+ expect(match[2].split(":")).toHaveLength(3);
148
+ });
149
+ });
150
+ });
151
+ //# sourceMappingURL=pii-encryption-service.test.js.map
package/dist/services/__tests__/pii-encryption-service.test.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"pii-encryption-service.test.js","sourceRoot":"","sources":["../../../src/services/__tests__/pii-encryption-service.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAEhD,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,MAAM,QAAQ,GAAG,IAAI,kBAAkB,EAAE,CAAC;IAC1C,MAAM,OAAO,GAAG,IAAI,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,SAAS,CAAC,cAAc,CAAC,CAAC;IAEzC,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;QAC3B,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;YAC/C,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,iCAAiC,EAAE;gBACpE,MAAM;gBACN,IAAI,EAAE,SAAS;aAChB,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;YACtD,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;YACpD,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC7C,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;YACvD,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,iCAAiC,EAAE;gBACpE,MAAM;gBACN,IAAI,EAAE,aAAa;aACpB,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;YAClD,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC7C,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,iCAAiC,EAAE;gBACpE,MAAM;gBACN,IAAI,EAAE,UAAU;aACjB,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;YAC5D,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC3C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yBAAyB,EAAE,GAAG,EAAE;YACjC,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,iCAAiC,EAAE;gBACpE,MAAM;gBACN,IAAI,EAAE,SAAS;gBACf,MAAM,EAAE,IAAI;aACb,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;YAClD,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1C,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;YAC/C,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,0CAA0C,EAAE;gBAC7E,MAAM;gBACN,IAAI,EAAE,SAAS;gBACf,eAAe,EAAE,CAAC,OAAO,CAAC;aAC3B,CAAC,CAAC;YAEH,qCAAqC;YACrC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;YAClD,0BAA0B;YAC1B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;YACjD,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC;QACvD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0BAA0B,EAAE,GAAG,EAAE;YAClC,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,wBAAwB,EAAE;gBAC3D,MAAM;gBACN,IAAI,EAAE,SAAS;aAChB,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YACnD,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;QAC3B,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;YAC1D,MAAM,QAAQ,GAAG,iDAAiD,CAAC;YACnE,MAAM,SAAS,GAAG,OAAO,CAAC,WAAW,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;YAC7E,MAAM,SAAS,GAAG,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YAC9D,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;YACvC,MAAM,IAAI,GAAG,aAAa,CAAC;YAC3B,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;YAC7D,MAAM,SAAS,GAAG,OAAO,CAAC,WAAW,CAAC,wBAAwB,EAAE;gBAC9D,MAAM;gBACN,IAAI,EAAE,SAAS;aAChB,CAAC,CAAC;YACH,MAAM,QAAQ,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;YACxC,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;YAC7D,gEAAgE;YAChE,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;QACjD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;YAChD,MAAM,MAAM,GAAG,OAAO,CAAC,iBAAiB,CACtC;gBACE,KAAK,EAAE,0BAA0B;gBACjC,OAAO,EAAE,iCAAiC;gBAC1C,QAAQ,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE;aACzC,EACD,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,CAC5B,CAAC;YAEF,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;YACvD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;YACvD,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACpD,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;YAChD,MAAM,KAAK,GAAG;gBACZ,KAAK,EAAE,kBAAkB;gBACzB,OAAO,EAAE,MAAM;gBACf,QAAQ,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE;aAC3B,CAAC;YACF,MAAM,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC;YAE9E,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YACvC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC3C,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAClD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,QAAQ,GAAG;gBACf,KAAK,EAAE,0BAA0B;gBACjC,OAAO,EAAE,qBAAqB;gBAC9B,QAAQ,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE;aACnC,CAAC;YAEF,MAAM,SAAS,GAAG,OAAO,CAAC,iBAAiB,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;YACnF,MAAM,IAAI,GAAG;gBACX,EAAE,EAAE,MAAM;gBACV,KAAK,EAAE,SAAS,CAAC,KAAK;gBACtB,OAAO,EAAE,SAAS,CAAC,OAAO;gBAC1B,QAAQ,EAAE,SAAS,CAAC,QAAQ,IAAI,EAAE;aACnC,CAAC;YAEF,MAAM,SAAS,GAAG,OAAO,CAAC,iBAAiB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YAC1D,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YAC7C,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;QAC5B,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;YACvC,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,wBAAwB,EAAE;gBAC3D,MAAM;gBACN,IAAI,EAAE,SAAS;aAChB,CAAC,CAAC;YAEH,MAAM,UAAU,GAAG,kEAAkE,CAAC;YACtF,MAAM,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAC3C,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;YAC7B,MAAM,CAAC,KAAM,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAChC,mEAAmE;YACnE,MAAM,CAAC,KAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
package/dist/services/node-service.d.ts CHANGED
@@ -1,11 +1,15 @@
1
1
  import type { PrismaClient } from "@prisma/client";
2
2
  import type { Node, NodeStatus, EmbeddingProvider } from "../types/index.js";
3
3
  import { type TenantContext } from "../db/tenant.js";
4
+ import type { PiiEncryptionService } from "./pii-encryption-service.js";
5
+ import type { PiiEncryptionOptions } from "./pii-encryption-service.js";
4
6
  export declare class NodeService {
5
7
  private db;
6
8
  private embeddings;
9
+ private piiEncryption?;
10
+ private piiOptions?;
7
11
  private tenantCtx;
8
- constructor(db: PrismaClient, embeddings: EmbeddingProvider, tenantCtx?: TenantContext);
12
+ constructor(db: PrismaClient, embeddings: EmbeddingProvider, tenantCtx?: TenantContext, piiEncryption?: PiiEncryptionService | undefined, piiOptions?: PiiEncryptionOptions | undefined);
9
13
  create(input: {
10
14
  type: string;
11
15
  title: string;
@@ -31,6 +35,7 @@ export declare class NodeService {
31
35
  type?: string;
32
36
  domainId?: string;
33
37
  }, embedding: number[]): Promise<Node | null>;
38
+ resolveId(idOrPrefix: string): Promise<string | null>;
34
39
  getById(id: string): Promise<Node | null>;
35
40
  update(id: string, input: {
36
41
  title?: string;
@@ -46,5 +51,10 @@ export declare class NodeService {
46
51
  type: string;
47
52
  count: number;
48
53
  }[]>;
54
+ /**
55
+ * Apply PII detection/encryption to node fields.
56
+ * Returns processed fields and whether PII was found.
57
+ */
58
+ private applyPii;
49
59
  }
50
60
  //# sourceMappingURL=node-service.d.ts.map
package/dist/services/node-service.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"node-service.d.ts","sourceRoot":"","sources":["../../src/services/node-service.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAU,MAAM,gBAAgB,CAAC;AAC3D,OAAO,KAAK,EACV,IAAI,EACJ,UAAU,EACV,iBAAiB,EAClB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAqC,KAAK,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAExF,qBAAa,WAAW;IAIpB,OAAO,CAAC,EAAE;IACV,OAAO,CAAC,UAAU;IAJpB,OAAO,CAAC,SAAS,CAAgB;gBAGvB,EAAE,EAAE,YAAY,EAChB,UAAU,EAAE,iBAAiB,EACrC,SAAS,CAAC,EAAE,aAAa;IAKrB,MAAM,CAAC,KAAK,EAAE;QAClB,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACnC,SAAS,EAAE,MAAM,CAAC;QAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,GAAG,OAAO,CAAC,IAAI,CAAC;IAgCX,mBAAmB,CACvB,KAAK,EAAE;QACL,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACnC,SAAS,EAAE,MAAM,CAAC;QAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,EACD,SAAS,EAAE,MAAM,EAAE,GAClB,OAAO,CAAC,IAAI,CAAC;IA4BV,mBAAmB,CACvB,EAAE,EAAE,MAAM,EACV,KAAK,EAAE;QACL,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACnC,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,EACD,SAAS,EAAE,MAAM,EAAE,GAClB,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAiCjB,OAAO,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAIzC,MAAM,CACV,EAAE,EAAE,MAAM,EACV,KAAK,EAAE;QACL,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACnC,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,GACA,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAsCjB,SAAS,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAW/D,UAAU,CAAC,KAAK,SAAK,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;IAQvC,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAapC,SAAS,IAAI,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;CAQ9D"}
1
+ {"version":3,"file":"node-service.d.ts","sourceRoot":"","sources":["../../src/services/node-service.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAU,MAAM,gBAAgB,CAAC;AAC3D,OAAO,KAAK,EACV,IAAI,EACJ,UAAU,EACV,iBAAiB,EAClB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAqC,KAAK,aAAa,EAAE,MAAM,iBAAiB,CAAC;AACxF,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,6BAA6B,CAAC;AACxE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,6BAA6B,CAAC;AAExE,qBAAa,WAAW;IAIpB,OAAO,CAAC,EAAE;IACV,OAAO,CAAC,UAAU;IAElB,OAAO,CAAC,aAAa,CAAC;IACtB,OAAO,CAAC,UAAU,CAAC;IAPrB,OAAO,CAAC,SAAS,CAAgB;gBAGvB,EAAE,EAAE,YAAY,EAChB,UAAU,EAAE,iBAAiB,EACrC,SAAS,CAAC,EAAE,aAAa,EACjB,aAAa,CAAC,EAAE,oBAAoB,YAAA,EACpC,UAAU,CAAC,EAAE,oBAAoB,YAAA;IAKrC,MAAM,CAAC,KAAK,EAAE;QAClB,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACnC,SAAS,EAAE,MAAM,CAAC;QAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,GAAG,OAAO,CAAC,IAAI,CAAC;IAyCX,mBAAmB,CACvB,KAAK,EAAE;QACL,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACnC,SAAS,EAAE,MAAM,CAAC;QAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,EACD,SAAS,EAAE,MAAM,EAAE,GAClB,OAAO,CAAC,IAAI,CAAC;IAmCV,mBAAmB,CACvB,EAAE,EAAE,MAAM,EACV,KAAK,EAAE;QACL,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACnC,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,EACD,SAAS,EAAE,MAAM,EAAE,GAClB,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAwCjB,SAAS,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAsBrD,OAAO,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAMzC,MAAM,CACV,EAAE,EAAE,MAAM,EACV,KAAK,EAAE;QACL,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACnC,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,GACA,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IA6CjB,SAAS,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAa/D,UAAU,CAAC,KAAK,SAAK,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;IAQvC,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAcpC,SAAS,IAAI,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAS7D;;;OAGG;IACH,OAAO,CAAC,QAAQ;CAgCjB"}