@arcis/node 1.2.0 → 1.4.0

package/dist/sanitizers/pii.d.ts

@@ -0,0 +1,80 @@
+/**
+ * @module @arcis/node/sanitizers/pii
+ * PII (Personally Identifiable Information) detection and redaction
+ *
+ * Detects: email addresses, phone numbers, credit card numbers, SSNs, IP addresses
+ */
+export type PiiType = 'email' | 'phone' | 'credit_card' | 'ssn' | 'ip_address';
+export interface PiiMatch {
+    type: PiiType;
+    value: string;
+    start: number;
+    end: number;
+}
+export interface PiiScanOptions {
+    /** PII types to scan for. Default: all types */
+    types?: PiiType[];
+}
+export interface PiiRedactOptions extends PiiScanOptions {
+    /** Replacement for redacted values. Default: '[REDACTED]' */
+    replacement?: string;
+    /** Use type-specific replacements like '[EMAIL]', '[SSN]'. Default: false */
+    typeLabels?: boolean;
+}
+/**
+ * Scan a string for PII and return all matches.
+ *
+ * @param input - String to scan
+ * @param options - Optional scan configuration
+ * @returns Array of PII matches with type, value, and position
+ *
+ * @example
+ * scanPii('Call me at 555-123-4567 or email john@example.com')
+ * // [
+ * //   { type: 'phone', value: '555-123-4567', start: 11, end: 23 },
+ * //   { type: 'email', value: 'john@example.com', start: 33, end: 49 }
+ * // ]
+ */
+export declare function scanPii(input: string, options?: PiiScanOptions): PiiMatch[];
+/**
+ * Check if a string contains any PII.
+ *
+ * @param input - String to check
+ * @param options - Optional scan configuration
+ * @returns true if PII is detected
+ */
+export declare function detectPii(input: string, options?: PiiScanOptions): boolean;
+/**
+ * Redact PII from a string, replacing matches with a placeholder.
+ *
+ * @param input - String to redact
+ * @param options - Redaction options
+ * @returns String with PII replaced
+ *
+ * @example
+ * redactPii('Email: john@example.com, SSN: 123-45-6789')
+ * // 'Email: [REDACTED], SSN: [REDACTED]'
+ *
+ * redactPii('Email: john@example.com', { typeLabels: true })
+ * // 'Email: [EMAIL]'
+ */
+export declare function redactPii(input: string, options?: PiiRedactOptions): string;
+/**
+ * Scan an object's string values for PII recursively.
+ *
+ * @param obj - Object to scan
+ * @param options - Optional scan configuration
+ * @returns Array of PII matches with the field path prepended
+ */
+export declare function scanObjectPii(obj: Record<string, unknown>, options?: PiiScanOptions, path?: string): (PiiMatch & {
+    field: string;
+})[];
+/**
+ * Redact PII from all string values in an object recursively.
+ *
+ * @param obj - Object to redact
+ * @param options - Redaction options
+ * @returns New object with PII redacted
+ */
+export declare function redactObjectPii<T extends Record<string, unknown>>(obj: T, options?: PiiRedactOptions): T;
+//# sourceMappingURL=pii.d.ts.map

package/dist/sanitizers/pii.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pii.d.ts","sourceRoot":"","sources":["../../src/sanitizers/pii.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,MAAM,MAAM,OAAO,GAAG,OAAO,GAAG,OAAO,GAAG,aAAa,GAAG,KAAK,GAAG,YAAY,CAAC;AAE/E,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,OAAO,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,cAAc;IAC7B,gDAAgD;IAChD,KAAK,CAAC,EAAE,OAAO,EAAE,CAAC;CACnB;AAED,MAAM,WAAW,gBAAiB,SAAQ,cAAc;IACtD,6DAA6D;IAC7D,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,6EAA6E;IAC7E,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAkED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,GAAE,cAAmB,GAAG,QAAQ,EAAE,CAuC/E;AAED;;;;;;GAMG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,GAAE,cAAmB,GAAG,OAAO,CAE9E;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,GAAE,gBAAqB,GAAG,MAAM,CAiB/E;AAED;;;;;;GAMG;AACH,wBAAgB,aAAa,CAC3B,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC5B,OAAO,GAAE,cAAmB,EAC5B,IAAI,SAAK,GACR,CAAC,QAAQ,GAAG;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,EAAE,CA8BlC;AAED;;;;;;GAMG;AACH,wBAAgB,eAAe,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/D,GAAG,EAAE,CAAC,EACN,OAAO,GAAE,gBAAqB,GAC7B,CAAC,CAsBH"}

package/dist/sanitizers/prototype.d.ts

@@ -0,0 +1,34 @@
+/**
+ * @module @arcis/node/sanitizers/prototype
+ * Prototype pollution prevention
+ */
+/**
+ * Checks if a key is dangerous for prototype pollution.
+ * Case-insensitive — catches __PROTO__, Constructor, etc.
+ *
+ * @param key - The key to check
+ * @returns True if the key could cause prototype pollution
+ *
+ * @example
+ * isDangerousProtoKey('__proto__')   // true
+ * isDangerousProtoKey('__PROTO__')   // true
+ * isDangerousProtoKey('Constructor') // true
+ * isDangerousProtoKey('name')        // false
+ */
+export declare function isDangerousProtoKey(key: string): boolean;
+/**
+ * Recursively checks if an object contains prototype pollution keys.
+ *
+ * @param obj - The object to check
+ * @param maxDepth - Maximum recursion depth (default: 10)
+ * @returns True if dangerous keys found
+ */
+export declare function detectPrototypePollution(obj: unknown, maxDepth?: number): boolean;
+/**
+ * Get list of all keys considered dangerous for prototype pollution.
+ * Useful for documentation or custom validation.
+ *
+ * @returns Array of dangerous key strings
+ */
+export declare function getDangerousProtoKeys(): string[];
+//# sourceMappingURL=prototype.d.ts.map

package/dist/sanitizers/prototype.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"prototype.d.ts","sourceRoot":"","sources":["../../src/sanitizers/prototype.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH;;;;;;;;;;;;GAYG;AACH,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAExD;AAED;;;;;;GAMG;AACH,wBAAgB,wBAAwB,CAAC,GAAG,EAAE,OAAO,EAAE,QAAQ,SAAK,GAAG,OAAO,CAsB7E;AAED;;;;;GAKG;AACH,wBAAgB,qBAAqB,IAAI,MAAM,EAAE,CAEhD"}

package/dist/sanitizers/sanitize.d.ts

@@ -0,0 +1,51 @@
+/**
+ * @module @arcis/node/sanitizers/sanitize
+ * Main sanitization functions that combine all sanitizers
+ */
+import type { RequestHandler } from 'express';
+import type { SanitizeOptions } from '../core/types';
+/**
+ * Sanitize a string value against multiple attack vectors.
+ *
+ * Order matters: We do XSS encoding LAST because:
+ * 1. Other sanitizers need to see the original patterns (e.g., SQL keywords)
+ * 2. HTML encoding is the final safe output transformation
+ * 3. Encoded entities like < shouldn't be treated as SQL/command threats
+ *
+ * @param value - The string to sanitize
+ * @param options - Sanitization options
+ * @returns The sanitized string
+ *
+ * @example
+ * sanitizeString("<script>alert('xss')</script>")
+ * // Returns: "&lt;script&gt;alert(&#x27;xss&#x27;)&lt;/script&gt;"
+ *
+ * @example
+ * sanitizeString("../../etc/passwd")
+ * // Returns: "etc/passwd"
+ */
+export declare function sanitizeString(value: string, options?: SanitizeOptions): string;
+/**
+ * Sanitize an object recursively, including nested objects and arrays.
+ * Also removes prototype pollution and NoSQL injection keys.
+ *
+ * @param obj - The object to sanitize
+ * @param options - Sanitization options
+ * @returns The sanitized object
+ */
+export declare function sanitizeObject(obj: unknown, options?: SanitizeOptions): unknown;
+/**
+ * Create Express middleware for request sanitization.
+ * Sanitizes req.body, req.query, and req.params.
+ *
+ * @param options - Sanitization options
+ * @returns Express middleware
+ *
+ * @example
+ * app.use(createSanitizer());
+ *
+ * @example
+ * app.use(createSanitizer({ xss: true, sql: true, nosql: true }));
+ */
+export declare function createSanitizer(options?: SanitizeOptions): RequestHandler;
+//# sourceMappingURL=sanitize.d.ts.map

package/dist/sanitizers/sanitize.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitize.d.ts","sourceRoot":"","sources":["../../src/sanitizers/sanitize.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAmC,cAAc,EAAE,MAAM,SAAS,CAAC;AAG/E,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAMrD;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,GAAE,eAAoB,GAAG,MAAM,CA8CnF;AAED;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,OAAO,EAAE,OAAO,GAAE,eAAoB,GAAG,OAAO,CAQnF;AA+CD;;;;;;;;;;;;GAYG;AACH,wBAAgB,eAAe,CAAC,OAAO,GAAE,eAAoB,GAAG,cAAc,CAoB7E"}

package/dist/sanitizers/sql.d.ts

@@ -0,0 +1,28 @@
+/**
+ * @module @arcis/node/sanitizers/sql
+ * SQL injection prevention
+ */
+import type { SanitizeResult } from '../core/types';
+/**
+ * Sanitizes a string to prevent SQL injection attacks.
+ * Replaces dangerous SQL patterns with [BLOCKED].
+ *
+ * @param input - The string to sanitize
+ * @param collectThreats - Whether to collect threat information (default: false for performance)
+ * @returns Sanitized string or SanitizeResult if collectThreats is true
+ *
+ * @example
+ * sanitizeSql("'; DROP TABLE users; --")
+ * // Returns: "';  TABLE users  "
+ */
+export declare function sanitizeSql(input: string, collectThreats?: false): string;
+export declare function sanitizeSql(input: string, collectThreats: true): SanitizeResult;
+/**
+ * Checks if a string contains potential SQL injection patterns.
+ * Does not sanitize — use sanitizeSql() for that.
+ *
+ * @param input - The string to check
+ * @returns True if SQL injection patterns detected
+ */
+export declare function detectSql(input: string): boolean;
+//# sourceMappingURL=sql.d.ts.map

package/dist/sanitizers/sql.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sql.d.ts","sourceRoot":"","sources":["../../src/sanitizers/sql.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,cAAc,EAAc,MAAM,eAAe,CAAC;AAEhE;;;;;;;;;;;GAWG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC;AAC3E,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,GAAG,cAAc,CAAC;AA8CjF;;;;;;GAMG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAWhD"}

package/dist/sanitizers/ssti.d.ts

@@ -0,0 +1,20 @@
+/**
+ * @module @arcis/node/sanitizers/ssti
+ * Server-Side Template Injection (SSTI) prevention
+ */
+import type { SanitizeResult } from '../core/types';
+/**
+ * Sanitizes a string to prevent SSTI attacks.
+ * Removes template expression syntax.
+ */
+export declare function sanitizeSsti(input: string, collectThreats?: false): string;
+export declare function sanitizeSsti(input: string, collectThreats: true): SanitizeResult;
+/**
+ * Checks if a string contains SSTI patterns.
+ * Does not sanitize — use sanitizeSsti() for that.
+ *
+ * @param input - The string to check
+ * @returns True if SSTI patterns detected
+ */
+export declare function detectSsti(input: string): boolean;
+//# sourceMappingURL=ssti.d.ts.map

package/dist/sanitizers/ssti.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ssti.d.ts","sourceRoot":"","sources":["../../src/sanitizers/ssti.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAc,MAAM,eAAe,CAAC;AAkChE;;;GAGG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC;AAC5E,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,GAAG,cAAc,CAAC;AA0ClF;;;;;;GAMG;AACH,wBAAgB,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAWjD"}

package/dist/sanitizers/utils.d.ts

@@ -0,0 +1,19 @@
+/**
+ * @module @arcis/node/sanitizers/utils
+ * Shared utilities for sanitizers
+ */
+/**
+ * Encodes HTML entities to prevent interpretation as markup.
+ *
+ * @param str - The string to encode
+ * @returns The encoded string
+ */
+export declare function encodeHtmlEntities(str: string): string;
+/**
+ * Checks if a value is a plain object (not null, array, Date, etc.)
+ *
+ * @param value - Value to check
+ * @returns True if plain object
+ */
+export declare function isPlainObject(value: unknown): value is Record<string, unknown>;
+//# sourceMappingURL=utils.d.ts.map

package/dist/sanitizers/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/sanitizers/utils.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAOtD;AAED;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAS9E"}

package/dist/sanitizers/xss.d.ts

@@ -0,0 +1,35 @@
+/**
+ * @module @arcis/node/sanitizers/xss
+ * XSS (Cross-Site Scripting) prevention
+ */
+import type { SanitizeResult } from '../core/types';
+/**
+ * Sanitizes a string to prevent XSS attacks.
+ *
+ * Strategy:
+ * 1. Remove dangerous patterns (script tags, event handlers, etc.)
+ * 2. HTML-encode the remaining content
+ *
+ * @param input - The string to sanitize
+ * @param collectThreats - Whether to collect threat information (default: false for performance)
+ * @returns Sanitized string or SanitizeResult if collectThreats is true
+ *
+ * @example
+ * sanitizeXss("<script>alert('xss')</script>")
+ * // Returns: "&lt;script&gt;alert(&#x27;xss&#x27;)&lt;/script&gt;"
+ *
+ * @example
+ * sanitizeXss("<img onerror='alert(1)'>")
+ * // Returns: "&lt;img&gt;" (event handler removed)
+ */
+export declare function sanitizeXss(input: string, collectThreats?: false, htmlEncode?: boolean): string;
+export declare function sanitizeXss(input: string, collectThreats: true, htmlEncode?: boolean): SanitizeResult;
+/**
+ * Checks if a string contains potential XSS patterns.
+ * Does not sanitize — use sanitizeXss() for that.
+ *
+ * @param input - The string to check
+ * @returns True if XSS patterns detected
+ */
+export declare function detectXss(input: string): boolean;
+//# sourceMappingURL=xss.d.ts.map

package/dist/sanitizers/xss.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"xss.d.ts","sourceRoot":"","sources":["../../src/sanitizers/xss.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAE,cAAc,EAAc,MAAM,eAAe,CAAC;AAEhE;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,KAAK,EAAE,UAAU,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;AACjG,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,UAAU,CAAC,EAAE,OAAO,GAAG,cAAc,CAAC;AAwDvG;;;;;;GAMG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAoBhD"}

package/dist/sanitizers/xxe.d.ts

@@ -0,0 +1,20 @@
+/**
+ * @module @arcis/node/sanitizers/xxe
+ * XML External Entity (XXE) injection prevention
+ */
+import type { SanitizeResult } from '../core/types';
+/**
+ * Sanitizes a string to prevent XXE attacks.
+ * Removes DOCTYPE, ENTITY, and CDATA constructs.
+ */
+export declare function sanitizeXxe(input: string, collectThreats?: false): string;
+export declare function sanitizeXxe(input: string, collectThreats: true): SanitizeResult;
+/**
+ * Checks if a string contains XXE patterns.
+ * Does not sanitize — use sanitizeXxe() for that.
+ *
+ * @param input - The string to check
+ * @returns True if XXE patterns detected
+ */
+export declare function detectXxe(input: string): boolean;
+//# sourceMappingURL=xxe.d.ts.map

package/dist/sanitizers/xxe.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"xxe.d.ts","sourceRoot":"","sources":["../../src/sanitizers/xxe.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAc,MAAM,eAAe,CAAC;AAiChE;;;GAGG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC;AAC3E,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,GAAG,cAAc,CAAC;AA0CjF;;;;;;GAMG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAWhD"}

package/dist/stores/index.d.ts

@@ -1,106 +1,8 @@
-import { g as RateLimitStore, R as RateLimitEntry } from '../types-CsOFHoD9.js';
-import 'express';
-
 /**
- * @module @arcis/node/stores/memory
- * In-memory rate limit store
+ * @module @arcis/node/stores
+ * Rate limit stores for Arcis
  */
-
-/**
- * In-memory rate limit store.
- * Suitable for single-instance deployments.
- * For distributed systems, use RedisStore or a custom store.
- *
- * @example
- * const store = new MemoryStore(60000); // 1 minute window
- * const limiter = createRateLimiter({ store });
- */
-declare class MemoryStore implements RateLimitStore {
-    private store;
-    private cleanupInterval;
-    private windowMs;
-    constructor(windowMs?: number);
-    /**
-     * Start the cleanup interval to remove expired entries.
-     */
-    private startCleanup;
-    get(key: string): Promise<RateLimitEntry | null>;
-    set(key: string, entry: RateLimitEntry): Promise<void>;
-    increment(key: string): Promise<number>;
-    decrement(key: string): Promise<void>;
-    reset(key: string): Promise<void>;
-    close(): Promise<void>;
-    /**
-     * Get current store size (for monitoring).
-     */
-    get size(): number;
-}
-
-/**
- * @module @arcis/node/stores/redis
- * Redis rate limit store
- *
- * Note: This is a reference implementation. You'll need to install
- * the 'ioredis' or 'redis' package and pass your client instance.
- */
-
-/** Generic Redis client interface (works with ioredis, redis, etc.) */
-interface RedisClientLike {
-    get(key: string): Promise<string | null>;
-    set(key: string, value: string, mode?: string, duration?: number): Promise<unknown>;
-    setex(key: string, seconds: number, value: string): Promise<unknown>;
-    expire(key: string, seconds: number): Promise<unknown>;
-    incr(key: string): Promise<number>;
-    decr(key: string): Promise<number>;
-    del(key: string): Promise<number>;
-    ttl(key: string): Promise<number>;
-    quit?(): Promise<unknown>;
-    disconnect?(): Promise<unknown>;
-}
-interface RedisStoreOptions {
-    /** Redis client instance */
-    client: RedisClientLike;
-    /** Key prefix. Default: 'arcis:rl:' */
-    prefix?: string;
-    /** Window size in milliseconds. Default: 60000 */
-    windowMs?: number;
-}
-/**
- * Redis rate limit store for distributed deployments.
- *
- * @example
- * import Redis from 'ioredis';
- *
- * const redis = new Redis();
- * const store = new RedisStore({ client: redis });
- * const limiter = createRateLimiter({ store });
- *
- * // Cleanup on shutdown
- * process.on('SIGTERM', async () => {
- *   await store.close();
- * });
- */
-declare class RedisStore implements RateLimitStore {
-    private client;
-    private prefix;
-    private windowMs;
-    private windowSec;
-    constructor(options: RedisStoreOptions);
-    private getKey;
-    get(key: string): Promise<RateLimitEntry | null>;
-    set(key: string, entry: RateLimitEntry): Promise<void>;
-    increment(key: string): Promise<number>;
-    decrement(key: string): Promise<void>;
-    reset(key: string): Promise<void>;
-    close(): Promise<void>;
-}
-/**
- * Create a Redis store with the given options.
- * Convenience function for functional programming style.
- *
- * @example
- * const store = createRedisStore({ client: redisClient });
- */
-declare function createRedisStore(options: RedisStoreOptions): RedisStore;
-
-export { MemoryStore, type RedisClientLike, RedisStore, type RedisStoreOptions, createRedisStore };
+export { MemoryStore } from './memory';
+export { RedisStore, createRedisStore } from './redis';
+export type { RedisClientLike, RedisStoreOptions } from './redis';
+//# sourceMappingURL=index.d.ts.map

package/dist/stores/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/stores/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AACvC,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,MAAM,SAAS,CAAC;AACvD,YAAY,EAAE,eAAe,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAC"}

package/dist/stores/memory.d.ts

@@ -0,0 +1,35 @@
+/**
+ * @module @arcis/node/stores/memory
+ * In-memory rate limit store
+ */
+import type { RateLimitStore, RateLimitEntry } from '../core/types';
+/**
+ * In-memory rate limit store.
+ * Suitable for single-instance deployments.
+ * For distributed systems, use RedisStore or a custom store.
+ *
+ * @example
+ * const store = new MemoryStore(60000); // 1 minute window
+ * const limiter = createRateLimiter({ store });
+ */
+export declare class MemoryStore implements RateLimitStore {
+    private store;
+    private cleanupInterval;
+    private windowMs;
+    constructor(windowMs?: number);
+    /**
+     * Start the cleanup interval to remove expired entries.
+     */
+    private startCleanup;
+    get(key: string): Promise<RateLimitEntry | null>;
+    set(key: string, entry: RateLimitEntry): Promise<void>;
+    increment(key: string): Promise<number>;
+    decrement(key: string): Promise<void>;
+    reset(key: string): Promise<void>;
+    close(): Promise<void>;
+    /**
+     * Get current store size (for monitoring).
+     */
+    get size(): number;
+}
+//# sourceMappingURL=memory.d.ts.map

package/dist/stores/memory.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"memory.d.ts","sourceRoot":"","sources":["../../src/stores/memory.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAGpE;;;;;;;;GAQG;AACH,qBAAa,WAAY,YAAW,cAAc;IAChD,OAAO,CAAC,KAAK,CAA0C;IACvD,OAAO,CAAC,eAAe,CAA+C;IACtE,OAAO,CAAC,QAAQ,CAAS;gBAEb,QAAQ,GAAE,MAAqC;IAU3D;;OAEG;IACH,OAAO,CAAC,YAAY;IAuBd,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;IAahD,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;IAItD,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAcvC,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOrC,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIjC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ5B;;OAEG;IACH,IAAI,IAAI,IAAI,MAAM,CAEjB;CACF"}

package/dist/stores/{index.d.mts → redis.d.ts}

@@ -1,41 +1,3 @@
-import { g as RateLimitStore, R as RateLimitEntry } from '../types-CsOFHoD9.mjs';
-import 'express';
-
-/**
- * @module @arcis/node/stores/memory
- * In-memory rate limit store
- */
-
-/**
- * In-memory rate limit store.
- * Suitable for single-instance deployments.
- * For distributed systems, use RedisStore or a custom store.
- *
- * @example
- * const store = new MemoryStore(60000); // 1 minute window
- * const limiter = createRateLimiter({ store });
- */
-declare class MemoryStore implements RateLimitStore {
-    private store;
-    private cleanupInterval;
-    private windowMs;
-    constructor(windowMs?: number);
-    /**
-     * Start the cleanup interval to remove expired entries.
-     */
-    private startCleanup;
-    get(key: string): Promise<RateLimitEntry | null>;
-    set(key: string, entry: RateLimitEntry): Promise<void>;
-    increment(key: string): Promise<number>;
-    decrement(key: string): Promise<void>;
-    reset(key: string): Promise<void>;
-    close(): Promise<void>;
-    /**
-     * Get current store size (for monitoring).
-     */
-    get size(): number;
-}
-
 /**
  * @module @arcis/node/stores/redis
  * Redis rate limit store
@@ -43,9 +5,9 @@ declare class MemoryStore implements RateLimitStore {
  * Note: This is a reference implementation. You'll need to install
  * the 'ioredis' or 'redis' package and pass your client instance.
  */
-
+import type { RateLimitStore, RateLimitEntry } from '../core/types';
 /** Generic Redis client interface (works with ioredis, redis, etc.) */
-interface RedisClientLike {
+export interface RedisClientLike {
     get(key: string): Promise<string | null>;
     set(key: string, value: string, mode?: string, duration?: number): Promise<unknown>;
     setex(key: string, seconds: number, value: string): Promise<unknown>;
@@ -57,7 +19,7 @@ interface RedisClientLike {
     quit?(): Promise<unknown>;
     disconnect?(): Promise<unknown>;
 }
-interface RedisStoreOptions {
+export interface RedisStoreOptions {
     /** Redis client instance */
     client: RedisClientLike;
     /** Key prefix. Default: 'arcis:rl:' */
@@ -80,7 +42,7 @@ interface RedisStoreOptions {
  *   await store.close();
  * });
  */
-declare class RedisStore implements RateLimitStore {
+export declare class RedisStore implements RateLimitStore {
     private client;
     private prefix;
     private windowMs;
@@ -101,6 +63,5 @@ declare class RedisStore implements RateLimitStore {
  * @example
  * const store = createRedisStore({ client: redisClient });
  */
-declare function createRedisStore(options: RedisStoreOptions): RedisStore;
-
-export { MemoryStore, type RedisClientLike, RedisStore, type RedisStoreOptions, createRedisStore };
+export declare function createRedisStore(options: RedisStoreOptions): RedisStore;
+//# sourceMappingURL=redis.d.ts.map

package/dist/stores/redis.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"redis.d.ts","sourceRoot":"","sources":["../../src/stores/redis.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAGpE,uEAAuE;AACvE,MAAM,WAAW,eAAe;IAC9B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACpF,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACrE,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACvD,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACnC,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAClC,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAClC,IAAI,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;IAC1B,UAAU,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;CACjC;AAED,MAAM,WAAW,iBAAiB;IAChC,4BAA4B;IAC5B,MAAM,EAAE,eAAe,CAAC;IACxB,uCAAuC;IACvC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,kDAAkD;IAClD,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;;;;;;;;;;;;GAcG;AACH,qBAAa,UAAW,YAAW,cAAc;IAC/C,OAAO,CAAC,MAAM,CAAkB;IAChC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,SAAS,CAAS;gBAEd,OAAO,EAAE,iBAAiB;IAOtC,OAAO,CAAC,MAAM;IAIR,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;IAwBhD,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;IAQtD,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAgBvC,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAKrC,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAKjC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAI7B;AAED;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,iBAAiB,GAAG,UAAU,CAEvE"}

package/dist/utils/duration.d.ts

@@ -0,0 +1,34 @@
+/**
+ * @module @arcis/node/utils/duration
+ * Parse human-readable duration strings into milliseconds.
+ *
+ * Supports: ms, s, m, h, d
+ *
+ * @example
+ * parseDuration('5m')    // 300000
+ * parseDuration('2h')    // 7200000
+ * parseDuration(60000)   // 60000 (passthrough)
+ * parseDuration('500ms') // 500
+ */
+/**
+ * Parse a duration string or number into milliseconds.
+ *
+ * @param value - Duration string (e.g. "5m", "2h", "30s") or number (ms)
+ * @returns Duration in milliseconds
+ * @throws {Error} If the value is not a valid duration
+ *
+ * @example
+ * parseDuration('15m')   // 900000
+ * parseDuration('1d')    // 86400000
+ * parseDuration('500ms') // 500
+ * parseDuration(60000)   // 60000
+ */
+export declare function parseDuration(value: string | number): number;
+/**
+ * Format milliseconds into a human-readable duration string.
+ *
+ * @param ms - Duration in milliseconds
+ * @returns Human-readable string (e.g. "5m", "2h 30m")
+ */
+export declare function formatDuration(ms: number): string;
+//# sourceMappingURL=duration.d.ts.map

package/dist/utils/duration.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"duration.d.ts","sourceRoot":"","sources":["../../src/utils/duration.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAeH;;;;;;;;;;;;GAYG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,CA4B5D;AAED;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,EAAE,EAAE,MAAM,GAAG,MAAM,CAiBjD"}