@arcis/node 1.3.0 → 1.4.0

package/dist/core/{index.d.mts → constants.d.ts}

@@ -1,69 +1,14 @@
-export { A as ArcisFunction, a as ArcisMiddleware, b as ArcisOptions, E as ErrorHandlerOptions, F as FieldValidator, H as HeaderOptions, c as HstsOptions, d as HttpError, L as LogOptions, R as RateLimitEntry, e as RateLimitOptions, f as RateLimitResult, g as RateLimitStore, h as RateLimiterMiddleware, S as SafeLogger, i as SanitizeOptions, j as SanitizeResult, T as ThreatInfo, k as ThreatType, V as ValidationConfig, l as ValidationError, m as ValidationResult, n as ValidationSchema } from '../types-BOkx5YJc.mjs';
-import 'express';
-
-/**
- * @module @arcis/node/core/errors
- * Custom error classes for Arcis
- */
-/**
- * Base class for all Arcis errors
- */
-declare class ArcisError extends Error {
-    readonly statusCode: number;
-    readonly code: string;
-    /** Whether the error message is safe to expose to API clients. */
-    readonly expose: boolean;
-    constructor(message: string, statusCode?: number, code?: string);
-}
-/**
- * Error thrown when input validation fails
- */
-declare class ValidationError extends ArcisError {
-    readonly errors: string[];
-    constructor(errors: string[]);
-}
-
-/**
- * Error thrown when rate limit is exceeded
- */
-declare class RateLimitError extends ArcisError {
-    readonly retryAfter: number;
-    constructor(message: string, retryAfter: number);
-}
-/**
- * Error thrown when input is too large
- */
-declare class InputTooLargeError extends ArcisError {
-    readonly maxSize: number;
-    readonly actualSize: number;
-    constructor(maxSize: number, actualSize: number);
-}
-/**
- * Error thrown when security threat is detected
- */
-declare class SecurityThreatError extends ArcisError {
-    readonly threatType: string;
-    readonly pattern: string;
-    constructor(threatType: string, pattern: string);
-}
-/**
- * Error thrown when sanitization fails
- */
-declare class SanitizationError extends ArcisError {
-    constructor(message: string);
-}
-
 /**
  * @module @arcis/node/core/constants
  * Named constants for Arcis - no magic numbers
  */
-declare const INPUT: {
+export declare const INPUT: {
     /** Default maximum input size (1MB) */
     readonly DEFAULT_MAX_SIZE: 1000000;
     /** Maximum recursion depth for nested objects */
     readonly MAX_RECURSION_DEPTH: 10;
 };
-declare const RATE_LIMIT: {
+export declare const RATE_LIMIT: {
     /** Default window size (1 minute) */
     readonly DEFAULT_WINDOW_MS: 60000;
     /** Default max requests per window */
@@ -77,7 +22,7 @@ declare const RATE_LIMIT: {
     /** Maximum window size (24 hours) */
     readonly MAX_WINDOW_MS: 86400000;
 };
-declare const HEADERS: {
+export declare const HEADERS: {
     /** Default Content Security Policy */
     readonly DEFAULT_CSP: string;
     /** Default HSTS max age (1 year in seconds) */
@@ -97,10 +42,17 @@ declare const HEADERS: {
  * Detection patterns — used to flag whether a string contains XSS payloads.
  * Must stay in sync with XSS_REMOVE_PATTERNS below.
  */
-declare const XSS_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
-declare const SQL_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
-declare const PATH_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
-declare const COMMAND_PATTERNS: readonly [RegExp, RegExp, RegExp];
+export declare const XSS_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
+/**
+ * Removal patterns — used by sanitizeXss() to strip dangerous content.
+ * More targeted than XSS_PATTERNS: each pattern captures the full dangerous
+ * substring (tag, attribute + value, protocol) so it can be replaced safely.
+ * Must stay in sync with XSS_PATTERNS above.
+ */
+export declare const XSS_REMOVE_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
+export declare const SQL_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
+export declare const PATH_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
+export declare const COMMAND_PATTERNS: readonly [RegExp, RegExp, RegExp];
 /**
  * Prototype pollution keys to block.
  * Stored lowercase — always compare with key.toLowerCase().
@@ -112,10 +64,10 @@ declare const COMMAND_PATTERNS: readonly [RegExp, RegExp, RegExp];
  * - __defineGetter__/__defineSetter__: legacy property definition (can override getters/setters)
  * - __lookupGetter__/__lookupSetter__: legacy property introspection
  */
-declare const DANGEROUS_PROTO_KEYS: Set<string>;
+export declare const DANGEROUS_PROTO_KEYS: Set<string>;
 /** MongoDB operators to block */
-declare const NOSQL_DANGEROUS_KEYS: Set<string>;
-declare const REDACTION: {
+export declare const NOSQL_DANGEROUS_KEYS: Set<string>;
+export declare const REDACTION: {
     /** Replacement text for redacted values */
     readonly REPLACEMENT: "[REDACTED]";
     /** Truncation indicator */
@@ -127,7 +79,7 @@ declare const REDACTION: {
     /** Default sensitive keys to redact */
     readonly SENSITIVE_KEYS: Set<string>;
 };
-declare const VALIDATION: {
+export declare const VALIDATION: {
     /**
      * Email regex pattern.
      * Rejects consecutive dots in local part (e.g. test..foo@example.com),
@@ -143,7 +95,7 @@ declare const VALIDATION: {
     /** UUID regex pattern (v4) */
     readonly UUID: RegExp;
 };
-declare const ERRORS: {
+export declare const ERRORS: {
     /** Generic error message (production) */
     readonly INTERNAL_SERVER_ERROR: "Internal Server Error";
     /** Input too large error */
@@ -165,6 +117,5 @@ declare const ERRORS: {
         readonly MAX_ITEMS: (field: string, max: number) => string;
     };
 };
-declare const BLOCKED: "[BLOCKED]";
-
-export { ArcisError, ValidationError as ArcisValidationError, BLOCKED, COMMAND_PATTERNS, DANGEROUS_PROTO_KEYS, ERRORS, HEADERS, INPUT, InputTooLargeError, NOSQL_DANGEROUS_KEYS, PATH_PATTERNS, RATE_LIMIT, REDACTION, RateLimitError, SQL_PATTERNS, SanitizationError, SecurityThreatError, VALIDATION, XSS_PATTERNS };
+export declare const BLOCKED: "[BLOCKED]";
+//# sourceMappingURL=constants.d.ts.map

package/dist/core/constants.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/core/constants.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,eAAO,MAAM,KAAK;IAChB,uCAAuC;;IAEvC,iDAAiD;;CAEzC,CAAC;AAKX,eAAO,MAAM,UAAU;IACrB,qCAAqC;;IAErC,sCAAsC;;IAEtC,0DAA0D;;IAE1D,4BAA4B;;IAE5B,qCAAqC;;IAErC,qCAAqC;;CAE7B,CAAC;AAKX,eAAO,MAAM,OAAO;IAClB,sCAAsC;;IAUtC,+CAA+C;;IAE/C,oCAAoC;;IAEpC,2CAA2C;;IAE3C,oCAAoC;;IAEpC,uCAAuC;;IAEvC,+CAA+C;;CAEvC,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,YAAY,2FAqBf,CAAC;AAEX;;;;;GAKG;AACH,eAAO,MAAM,mBAAmB,2HA0BtB,CAAC;AAKX,eAAO,MAAM,YAAY,mHAyBf,CAAC;AAKX,eAAO,MAAM,aAAa,mGAsBhB,CAAC;AAKX,eAAO,MAAM,gBAAgB,mCAenB,CAAC;AAMX;;;;;;;;;;GAUG;AACH,eAAO,MAAM,oBAAoB,aAQ/B,CAAC;AAEH,iCAAiC;AACjC,eAAO,MAAM,oBAAoB,aAc/B,CAAC;AAKH,eAAO,MAAM,SAAS;IACpB,2CAA2C;;IAE3C,2BAA2B;;IAE3B,0BAA0B;;IAE1B,iCAAiC;;IAEjC,uCAAuC;;CAS/B,CAAC;AAKX,eAAO,MAAM,UAAU;IACrB;;;;OAIG;;IAEH;;;;OAIG;;IAEH,8BAA8B;;CAEtB,CAAC;AAKX,eAAO,MAAM,MAAM;IACjB,yCAAyC;;IAEzC,4BAA4B;wCACD,MAAM;IACjC,gCAAgC;;mCAEZ,MAAM;uCACF,MAAM,QAAQ,MAAM;qCACtB,MAAM,OAAO,MAAM;qCACnB,MAAM,OAAO,MAAM;oCACpB,MAAM,OAAO,MAAM;oCACnB,MAAM,OAAO,MAAM;yCACd,MAAM;wCACP,MAAM;sCACR,MAAM;uCACL,MAAM;uCACN,MAAM,UAAU,OAAO,EAAE;oCAC5B,MAAM,OAAO,MAAM;oCACnB,MAAM,OAAO,MAAM;;CAEhC,CAAC;AAKX,eAAO,MAAM,OAAO,EAAG,WAAoB,CAAC"}

package/dist/core/errors.d.ts

@@ -0,0 +1,53 @@
+/**
+ * @module @arcis/node/core/errors
+ * Custom error classes for Arcis
+ */
+/**
+ * Base class for all Arcis errors
+ */
+export declare class ArcisError extends Error {
+    readonly statusCode: number;
+    readonly code: string;
+    /** Whether the error message is safe to expose to API clients. */
+    readonly expose: boolean;
+    constructor(message: string, statusCode?: number, code?: string);
+}
+/**
+ * Error thrown when input validation fails
+ */
+export declare class ValidationError extends ArcisError {
+    readonly errors: string[];
+    constructor(errors: string[]);
+}
+/** Alias for ValidationError (backwards compatibility) */
+export { ValidationError as ArcisValidationError };
+/**
+ * Error thrown when rate limit is exceeded
+ */
+export declare class RateLimitError extends ArcisError {
+    readonly retryAfter: number;
+    constructor(message: string, retryAfter: number);
+}
+/**
+ * Error thrown when input is too large
+ */
+export declare class InputTooLargeError extends ArcisError {
+    readonly maxSize: number;
+    readonly actualSize: number;
+    constructor(maxSize: number, actualSize: number);
+}
+/**
+ * Error thrown when security threat is detected
+ */
+export declare class SecurityThreatError extends ArcisError {
+    readonly threatType: string;
+    readonly pattern: string;
+    constructor(threatType: string, pattern: string);
+}
+/**
+ * Error thrown when sanitization fails
+ */
+export declare class SanitizationError extends ArcisError {
+    constructor(message: string);
+}
+//# sourceMappingURL=errors.d.ts.map

package/dist/core/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/core/errors.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;GAEG;AACH,qBAAa,UAAW,SAAQ,KAAK;IACnC,SAAgB,UAAU,EAAE,MAAM,CAAC;IACnC,SAAgB,IAAI,EAAE,MAAM,CAAC;IAC7B,kEAAkE;IAClE,SAAgB,MAAM,EAAE,OAAO,CAAC;gBAEpB,OAAO,EAAE,MAAM,EAAE,UAAU,SAAM,EAAE,IAAI,SAAgB;CAcpE;AAED;;GAEG;AACH,qBAAa,eAAgB,SAAQ,UAAU;IAC7C,SAAgB,MAAM,EAAE,MAAM,EAAE,CAAC;gBAErB,MAAM,EAAE,MAAM,EAAE;CAK7B;AAED,0DAA0D;AAC1D,OAAO,EAAE,eAAe,IAAI,oBAAoB,EAAE,CAAC;AAEnD;;GAEG;AACH,qBAAa,cAAe,SAAQ,UAAU;IAC5C,SAAgB,UAAU,EAAE,MAAM,CAAC;gBAEvB,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM;CAKhD;AAED;;GAEG;AACH,qBAAa,kBAAmB,SAAQ,UAAU;IAChD,SAAgB,OAAO,EAAE,MAAM,CAAC;IAChC,SAAgB,UAAU,EAAE,MAAM,CAAC;gBAEvB,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM;CAMhD;AAED;;GAEG;AACH,qBAAa,mBAAoB,SAAQ,UAAU;IACjD,SAAgB,UAAU,EAAE,MAAM,CAAC;IACnC,SAAgB,OAAO,EAAE,MAAM,CAAC;gBAEpB,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;CAMhD;AAED;;GAEG;AACH,qBAAa,iBAAkB,SAAQ,UAAU;gBACnC,OAAO,EAAE,MAAM;CAI5B"}

package/dist/core/index.d.ts

@@ -1,170 +1,8 @@
-export { A as ArcisFunction, a as ArcisMiddleware, b as ArcisOptions, E as ErrorHandlerOptions, F as FieldValidator, H as HeaderOptions, c as HstsOptions, d as HttpError, L as LogOptions, R as RateLimitEntry, e as RateLimitOptions, f as RateLimitResult, g as RateLimitStore, h as RateLimiterMiddleware, S as SafeLogger, i as SanitizeOptions, j as SanitizeResult, T as ThreatInfo, k as ThreatType, V as ValidationConfig, l as ValidationError, m as ValidationResult, n as ValidationSchema } from '../types-BOkx5YJc.js';
-import 'express';
-
 /**
- * @module @arcis/node/core/errors
- * Custom error classes for Arcis
+ * @module @arcis/node/core
+ * Core types, constants, and errors for Arcis
  */
-/**
- * Base class for all Arcis errors
- */
-declare class ArcisError extends Error {
-    readonly statusCode: number;
-    readonly code: string;
-    /** Whether the error message is safe to expose to API clients. */
-    readonly expose: boolean;
-    constructor(message: string, statusCode?: number, code?: string);
-}
-/**
- * Error thrown when input validation fails
- */
-declare class ValidationError extends ArcisError {
-    readonly errors: string[];
-    constructor(errors: string[]);
-}
-
-/**
- * Error thrown when rate limit is exceeded
- */
-declare class RateLimitError extends ArcisError {
-    readonly retryAfter: number;
-    constructor(message: string, retryAfter: number);
-}
-/**
- * Error thrown when input is too large
- */
-declare class InputTooLargeError extends ArcisError {
-    readonly maxSize: number;
-    readonly actualSize: number;
-    constructor(maxSize: number, actualSize: number);
-}
-/**
- * Error thrown when security threat is detected
- */
-declare class SecurityThreatError extends ArcisError {
-    readonly threatType: string;
-    readonly pattern: string;
-    constructor(threatType: string, pattern: string);
-}
-/**
- * Error thrown when sanitization fails
- */
-declare class SanitizationError extends ArcisError {
-    constructor(message: string);
-}
-
-/**
- * @module @arcis/node/core/constants
- * Named constants for Arcis - no magic numbers
- */
-declare const INPUT: {
-    /** Default maximum input size (1MB) */
-    readonly DEFAULT_MAX_SIZE: 1000000;
-    /** Maximum recursion depth for nested objects */
-    readonly MAX_RECURSION_DEPTH: 10;
-};
-declare const RATE_LIMIT: {
-    /** Default window size (1 minute) */
-    readonly DEFAULT_WINDOW_MS: 60000;
-    /** Default max requests per window */
-    readonly DEFAULT_MAX_REQUESTS: 100;
-    /** Default HTTP status code for rate limited responses */
-    readonly DEFAULT_STATUS_CODE: 429;
-    /** Default error message */
-    readonly DEFAULT_MESSAGE: "Too many requests, please try again later.";
-    /** Minimum window size (1 second) */
-    readonly MIN_WINDOW_MS: 1000;
-    /** Maximum window size (24 hours) */
-    readonly MAX_WINDOW_MS: 86400000;
-};
-declare const HEADERS: {
-    /** Default Content Security Policy */
-    readonly DEFAULT_CSP: string;
-    /** Default HSTS max age (1 year in seconds) */
-    readonly HSTS_MAX_AGE: 31536000;
-    /** Default X-Frame-Options value */
-    readonly FRAME_OPTIONS: "DENY";
-    /** Default X-Content-Type-Options value */
-    readonly CONTENT_TYPE_OPTIONS: "nosniff";
-    /** Default Referrer-Policy value */
-    readonly REFERRER_POLICY: "strict-origin-when-cross-origin";
-    /** Default Permissions-Policy value */
-    readonly PERMISSIONS_POLICY: "geolocation=(), microphone=(), camera=()";
-    /** Default Cache-Control value for security */
-    readonly CACHE_CONTROL: "no-store, no-cache, must-revalidate, proxy-revalidate";
-};
-/**
- * Detection patterns — used to flag whether a string contains XSS payloads.
- * Must stay in sync with XSS_REMOVE_PATTERNS below.
- */
-declare const XSS_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
-declare const SQL_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
-declare const PATH_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
-declare const COMMAND_PATTERNS: readonly [RegExp, RegExp, RegExp];
-/**
- * Prototype pollution keys to block.
- * Stored lowercase — always compare with key.toLowerCase().
- *
- * Includes:
- * - __proto__: direct prototype assignment
- * - constructor: access to constructor.prototype chain
- * - prototype: direct prototype property
- * - __defineGetter__/__defineSetter__: legacy property definition (can override getters/setters)
- * - __lookupGetter__/__lookupSetter__: legacy property introspection
- */
-declare const DANGEROUS_PROTO_KEYS: Set<string>;
-/** MongoDB operators to block */
-declare const NOSQL_DANGEROUS_KEYS: Set<string>;
-declare const REDACTION: {
-    /** Replacement text for redacted values */
-    readonly REPLACEMENT: "[REDACTED]";
-    /** Truncation indicator */
-    readonly TRUNCATED: "[TRUNCATED]";
-    /** Max depth indicator */
-    readonly MAX_DEPTH: "[MAX_DEPTH]";
-    /** Default max message length */
-    readonly DEFAULT_MAX_LENGTH: 10000;
-    /** Default sensitive keys to redact */
-    readonly SENSITIVE_KEYS: Set<string>;
-};
-declare const VALIDATION: {
-    /**
-     * Email regex pattern.
-     * Rejects consecutive dots in local part (e.g. test..foo@example.com),
-     * leading/trailing dots, and other common invalid forms.
-     */
-    readonly EMAIL: RegExp;
-    /**
-     * URL regex pattern.
-     * Only allows http:// and https:// — explicitly rejects javascript:,
-     * data:, vbscript:, and other dangerous URI schemes.
-     */
-    readonly URL: RegExp;
-    /** UUID regex pattern (v4) */
-    readonly UUID: RegExp;
-};
-declare const ERRORS: {
-    /** Generic error message (production) */
-    readonly INTERNAL_SERVER_ERROR: "Internal Server Error";
-    /** Input too large error */
-    readonly INPUT_TOO_LARGE: (maxSize: number) => string;
-    /** Validation error messages */
-    readonly VALIDATION: {
-        readonly REQUIRED: (field: string) => string;
-        readonly INVALID_TYPE: (field: string, type: string) => string;
-        readonly MIN_LENGTH: (field: string, min: number) => string;
-        readonly MAX_LENGTH: (field: string, max: number) => string;
-        readonly MIN_VALUE: (field: string, min: number) => string;
-        readonly MAX_VALUE: (field: string, max: number) => string;
-        readonly INVALID_FORMAT: (field: string) => string;
-        readonly INVALID_EMAIL: (field: string) => string;
-        readonly INVALID_URL: (field: string) => string;
-        readonly INVALID_UUID: (field: string) => string;
-        readonly INVALID_ENUM: (field: string, values: unknown[]) => string;
-        readonly MIN_ITEMS: (field: string, min: number) => string;
-        readonly MAX_ITEMS: (field: string, max: number) => string;
-    };
-};
-declare const BLOCKED: "[BLOCKED]";
-
-export { ArcisError, ValidationError as ArcisValidationError, BLOCKED, COMMAND_PATTERNS, DANGEROUS_PROTO_KEYS, ERRORS, HEADERS, INPUT, InputTooLargeError, NOSQL_DANGEROUS_KEYS, PATH_PATTERNS, RATE_LIMIT, REDACTION, RateLimitError, SQL_PATTERNS, SanitizationError, SecurityThreatError, VALIDATION, XSS_PATTERNS };
+export type { ArcisOptions, ArcisFunction, ArcisMiddleware, SanitizeOptions, SanitizeResult, ThreatInfo, ThreatType, RateLimitOptions, RateLimitStore, RateLimitEntry, RateLimitResult, RateLimiterMiddleware, HeaderOptions, HstsOptions, ValidationConfig, ValidationSchema, FieldValidator, ValidationResult, ValidationError, LogOptions, SafeLogger, ErrorHandlerOptions, HttpError, } from './types';
+export { INPUT, RATE_LIMIT, HEADERS, XSS_PATTERNS, SQL_PATTERNS, PATH_PATTERNS, COMMAND_PATTERNS, DANGEROUS_PROTO_KEYS, NOSQL_DANGEROUS_KEYS, REDACTION, VALIDATION, ERRORS, BLOCKED, } from './constants';
+export { ArcisError, ValidationError as ArcisValidationError, RateLimitError, InputTooLargeError, SecurityThreatError, SanitizationError, } from './errors';
+//# sourceMappingURL=index.d.ts.map

package/dist/core/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,YAAY,EAEV,YAAY,EACZ,aAAa,EACb,eAAe,EAEf,eAAe,EACf,cAAc,EACd,UAAU,EACV,UAAU,EAEV,gBAAgB,EAChB,cAAc,EACd,cAAc,EACd,eAAe,EACf,qBAAqB,EAErB,aAAa,EACb,WAAW,EAEX,gBAAgB,EAChB,gBAAgB,EAChB,cAAc,EACd,gBAAgB,EAChB,eAAe,EAEf,UAAU,EACV,UAAU,EAEV,mBAAmB,EACnB,SAAS,GACV,MAAM,SAAS,CAAC;AAGjB,OAAO,EACL,KAAK,EACL,UAAU,EACV,OAAO,EACP,YAAY,EACZ,YAAY,EACZ,aAAa,EACb,gBAAgB,EAChB,oBAAoB,EACpB,oBAAoB,EACpB,SAAS,EACT,UAAU,EACV,MAAM,EACN,OAAO,GACR,MAAM,aAAa,CAAC;AAGrB,OAAO,EACL,UAAU,EACV,eAAe,IAAI,oBAAoB,EACvC,cAAc,EACd,kBAAkB,EAClB,mBAAmB,EACnB,iBAAiB,GAClB,MAAM,UAAU,CAAC"}

package/dist/{types-BOkx5YJc.d.mts → core/types.d.ts}

@@ -1,12 +1,10 @@
-import { Request, RequestHandler, Response, NextFunction } from 'express';
-
 /**
  * @module @arcis/node/core/types
  * All TypeScript interfaces and types for Arcis
  */
-
+import type { Request, Response, NextFunction, RequestHandler } from 'express';
 /** Main Arcis configuration options */
-interface ArcisOptions {
+export interface ArcisOptions {
     /** Enable/configure input sanitization. Default: true */
     sanitize?: boolean | SanitizeOptions;
     /** Enable/configure rate limiting. Default: true */
@@ -17,7 +15,7 @@ interface ArcisOptions {
     logging?: boolean | LogOptions;
 }
 /** Sanitization configuration */
-interface SanitizeOptions {
+export interface SanitizeOptions {
     /** Sanitize XSS attempts. Default: true */
     xss?: boolean;
     /** Sanitize SQL injection attempts. Default: true */
@@ -48,7 +46,7 @@ interface SanitizeOptions {
     freeze?: boolean;
 }
 /** Result of sanitizing a string */
-interface SanitizeResult {
+export interface SanitizeResult {
     /** The sanitized value */
     value: string;
     /** Whether any sanitization was applied */
@@ -57,7 +55,7 @@ interface SanitizeResult {
     threats: ThreatInfo[];
 }
 /** Information about a detected threat */
-interface ThreatInfo {
+export interface ThreatInfo {
     /** Type of threat detected */
     type: ThreatType;
     /** Pattern that matched */
@@ -68,9 +66,9 @@ interface ThreatInfo {
     location?: string;
 }
 /** Types of security threats */
-type ThreatType = 'xss' | 'sql_injection' | 'nosql_injection' | 'path_traversal' | 'command_injection' | 'prototype_pollution' | 'header_injection' | 'ssti' | 'xxe';
+export type ThreatType = 'xss' | 'sql_injection' | 'nosql_injection' | 'path_traversal' | 'command_injection' | 'prototype_pollution' | 'header_injection' | 'ssti' | 'xxe';
 /** Rate limiting configuration */
-interface RateLimitOptions {
+export interface RateLimitOptions {
     /** Maximum requests per window. Default: 100 */
     max?: number;
     /** Window size in milliseconds. Default: 60000 (1 minute) */
@@ -87,7 +85,7 @@ interface RateLimitOptions {
     store?: RateLimitStore;
 }
 /** External store interface for distributed rate limiting */
-interface RateLimitStore {
+export interface RateLimitStore {
     /** Get current count for a key */
     get(key: string): Promise<RateLimitEntry | null>;
     /** Set entry for a key */
@@ -102,26 +100,26 @@ interface RateLimitStore {
     close?(): Promise<void>;
 }
 /** Rate limit entry stored in a store */
-interface RateLimitEntry {
+export interface RateLimitEntry {
     /** Number of requests in the current window */
     count: number;
     /** Timestamp when the window resets */
     resetTime: number;
 }
 /** Result from incrementing a rate limit counter */
-interface RateLimitResult {
+export interface RateLimitResult {
     /** Current request count */
     count: number;
     /** When the window resets */
     resetTime: Date;
 }
 /** Rate limiter middleware with cleanup support */
-interface RateLimiterMiddleware extends RequestHandler {
+export interface RateLimiterMiddleware extends RequestHandler {
     /** Clean up the rate limiter (clear intervals, close stores) */
     close: () => void;
 }
 /** Security headers configuration */
-interface HeaderOptions {
+export interface HeaderOptions {
     /** Content Security Policy. true = default, string = custom, false = disabled */
     contentSecurityPolicy?: boolean | string;
     /** Enable X-XSS-Protection header. Default: true (sends '0' to disable legacy XSS auditor) */
@@ -150,7 +148,7 @@ interface HeaderOptions {
     dnsPrefetchControl?: boolean;
 }
 /** HSTS (HTTP Strict Transport Security) options */
-interface HstsOptions {
+export interface HstsOptions {
     /** Max age in seconds. Default: 31536000 (1 year) */
     maxAge?: number;
     /** Include subdomains. Default: true */
@@ -159,18 +157,18 @@ interface HstsOptions {
     preload?: boolean;
 }
 /** Validation configuration */
-interface ValidationConfig {
+export interface ValidationConfig {
     /** Strip fields not in schema. Default: true (prevents mass assignment) */
     stripUnknown?: boolean;
     /** Stop on first error. Default: false */
     abortEarly?: boolean;
 }
 /** Validation schema for request data */
-interface ValidationSchema {
+export interface ValidationSchema {
     [key: string]: FieldValidator;
 }
 /** Field validation rules */
-interface FieldValidator {
+export interface FieldValidator {
     /** Expected data type */
     type: 'string' | 'number' | 'boolean' | 'email' | 'url' | 'uuid' | 'array' | 'object';
     /** Whether field is required. Default: false */
@@ -194,7 +192,7 @@ interface FieldValidator {
     custom?: (value: unknown) => true | false | string;
 }
 /** Validation result */
-interface ValidationResult {
+export interface ValidationResult {
     /** Whether validation passed */
     valid: boolean;
     /** Validation errors */
@@ -203,7 +201,7 @@ interface ValidationResult {
     data: Record<string, unknown>;
 }
 /** Single validation error */
-interface ValidationError {
+export interface ValidationError {
     /** Field that failed validation */
     field: string;
     /** Human-readable error message */
@@ -212,8 +210,8 @@ interface ValidationError {
     code: string;
 }
 /** Safe logging configuration */
-type LogLevel = 'debug' | 'info' | 'warn' | 'error' | 'silent';
-interface LogOptions {
+export type LogLevel = 'debug' | 'info' | 'warn' | 'error' | 'silent';
+export interface LogOptions {
     /** Additional keys to redact beyond defaults */
     redactKeys?: string[];
     /** Maximum message length before truncation. Default: 10000 */
@@ -224,7 +222,7 @@ interface LogOptions {
     level?: LogLevel;
 }
 /** Safe logger interface */
-interface SafeLogger {
+export interface SafeLogger {
     /** Log at specified level */
     log: (level: string, message: string, data?: unknown) => void;
     /** Log info message */
@@ -237,7 +235,7 @@ interface SafeLogger {
     debug: (message: string, data?: unknown) => void;
 }
 /** Error handler configuration */
-interface ErrorHandlerOptions {
+export interface ErrorHandlerOptions {
     /** Show stack traces and detailed errors. Default: false */
     isDev?: boolean;
     /** Log errors. Default: true */
@@ -248,7 +246,7 @@ interface ErrorHandlerOptions {
     customHandler?: (err: Error, req: Request, res: Response) => void;
 }
 /** Extended Error with optional status code */
-interface HttpError extends Error {
+export interface HttpError extends Error {
     statusCode?: number;
     status?: number;
     /**
@@ -259,14 +257,14 @@ interface HttpError extends Error {
     expose?: boolean;
 }
 /** Generic Arcis middleware type */
-type ArcisMiddleware = (req: Request, res: Response, next: NextFunction) => void | Promise<void>;
+export type ArcisMiddleware = (req: Request, res: Response, next: NextFunction) => void | Promise<void>;
 /** Array of middlewares returned by arcis() with an attached cleanup method */
-type ArcisMiddlewareStack = RequestHandler[] & {
+export type ArcisMiddlewareStack = RequestHandler[] & {
     /** Clean up resources created by arcis() (rate limiter intervals, etc.) */
     close: () => void;
 };
 /** Arcis function with attached utilities */
-interface ArcisFunction {
+export interface ArcisFunction {
     (options?: ArcisOptions): ArcisMiddlewareStack;
     sanitize: (options?: SanitizeOptions) => RequestHandler;
     rateLimit: (options?: RateLimitOptions) => RateLimiterMiddleware;
@@ -275,5 +273,4 @@ interface ArcisFunction {
     logger: (options?: LogOptions) => SafeLogger;
     errorHandler: (options?: ErrorHandlerOptions | boolean) => (err: Error, req: Request, res: Response, next: NextFunction) => void;
 }
-
-export type { ArcisFunction as A, ErrorHandlerOptions as E, FieldValidator as F, HeaderOptions as H, LogOptions as L, RateLimitEntry as R, SafeLogger as S, ThreatInfo as T, ValidationConfig as V, ArcisMiddleware as a, ArcisOptions as b, HstsOptions as c, HttpError as d, RateLimitOptions as e, RateLimitResult as f, RateLimitStore as g, RateLimiterMiddleware as h, SanitizeOptions as i, SanitizeResult as j, ThreatType as k, ValidationError as l, ValidationResult as m, ValidationSchema as n, ArcisMiddlewareStack as o };
+//# sourceMappingURL=types.d.ts.map

package/dist/core/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/core/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAM/E,uCAAuC;AACvC,MAAM,WAAW,YAAY;IAC3B,yDAAyD;IACzD,QAAQ,CAAC,EAAE,OAAO,GAAG,eAAe,CAAC;IACrC,oDAAoD;IACpD,SAAS,CAAC,EAAE,OAAO,GAAG,gBAAgB,CAAC;IACvC,uDAAuD;IACvD,OAAO,CAAC,EAAE,OAAO,GAAG,aAAa,CAAC;IAClC,mDAAmD;IACnD,OAAO,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;CAChC;AAMD,iCAAiC;AACjC,MAAM,WAAW,eAAe;IAC9B,2CAA2C;IAC3C,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,qDAAqD;IACrD,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,uDAAuD;IACvD,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,sDAAsD;IACtD,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,yDAAyD;IACzD,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,yDAAyD;IACzD,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,0DAA0D;IAC1D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB;;;;OAIG;IACH,IAAI,CAAC,EAAE,UAAU,GAAG,QAAQ,CAAC;IAC7B;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,wFAAwF;IACxF,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,oCAAoC;AACpC,MAAM,WAAW,cAAc;IAC7B,0BAA0B;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,2CAA2C;IAC3C,YAAY,EAAE,OAAO,CAAC;IACtB,qCAAqC;IACrC,OAAO,EAAE,UAAU,EAAE,CAAC;CACvB;AAED,0CAA0C;AAC1C,MAAM,WAAW,UAAU;IACzB,8BAA8B;IAC9B,IAAI,EAAE,UAAU,CAAC;IACjB,2BAA2B;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,+BAA+B;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,4CAA4C;IAC5C,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,gCAAgC;AAChC,MAAM,MAAM,UAAU,GAClB,KAAK,GACL,eAAe,GACf,iBAAiB,GACjB,gBAAgB,GAChB,mBAAmB,GACnB,qBAAqB,GACrB,kBAAkB,GAClB,MAAM,GACN,KAAK,CAAC;AAMV,kCAAkC;AAClC,MAAM,WAAW,gBAAgB;IAC/B,gDAAgD;IAChD,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,6DAA6D;IAC7D,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,wCAAwC;IACxC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,gEAAgE;IAChE,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,uDAAuD;IACvD,YAAY,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,CAAC;IACxC,0DAA0D;IAC1D,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,OAAO,CAAC;IACjC,4DAA4D;IAC5D,KAAK,CAAC,EAAE,cAAc,CAAC;CACxB;AAED,6DAA6D;AAC7D,MAAM,WAAW,cAAc;IAC7B,kCAAkC;IAClC,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAAC;IACjD,0BAA0B;IAC1B,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACvD,gCAAgC;IAChC,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACxC,qDAAqD;IACrD,SAAS,CAAC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACvC,4BAA4B;IAC5B,KAAK,CAAC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACnC,4CAA4C;IAC5C,KAAK,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CACzB;AAED,yCAAyC;AACzC,MAAM,WAAW,cAAc;IAC7B,+CAA+C;IAC/C,KAAK,EAAE,MAAM,CAAC;IACd,uCAAuC;IACvC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,oDAAoD;AACpD,MAAM,WAAW,eAAe;IAC9B,4BAA4B;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,6BAA6B;IAC7B,SAAS,EAAE,IAAI,CAAC;CACjB;AAED,mDAAmD;AACnD,MAAM,WAAW,qBAAsB,SAAQ,cAAc;IAC3D,gEAAgE;IAChE,KAAK,EAAE,MAAM,IAAI,CAAC;CACnB;AAMD,qCAAqC;AACrC,MAAM,WAAW,aAAa;IAC5B,iFAAiF;IACjF,qBAAqB,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;IACzC,8FAA8F;IAC9F,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,4DAA4D;IAC5D,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,6CAA6C;IAC7C,YAAY,CAAC,EAAE,MAAM,GAAG,YAAY,GAAG,KAAK,CAAC;IAC7C,wCAAwC;IACxC,IAAI,CAAC,EAAE,OAAO,GAAG,WAAW,CAAC;IAC7B,wEAAwE;IACxE,cAAc,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IAChC,+BAA+B;IAC/B,iBAAiB,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IACnC,4DAA4D;IAC5D,YAAY,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;IAChC,kFAAkF;IAClF,uBAAuB,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IACzC,oFAAoF;IACpF,yBAAyB,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IAC3C,qFAAqF;IACrF,yBAAyB,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;IAC3C,iFAAiF;IACjF,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,mFAAmF;IACnF,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B;AAED,oDAAoD;AACpD,MAAM,WAAW,WAAW;IAC1B,qDAAqD;IACrD,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,wCAAwC;IACxC,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,0CAA0C;IAC1C,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAMD,+BAA+B;AAC/B,MAAM,WAAW,gBAAgB;IAC/B,2EAA2E;IAC3E,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,0CAA0C;IAC1C,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,yCAAyC;AACzC,MAAM,WAAW,gBAAgB;IAC/B,CAAC,GAAG,EAAE,MAAM,GAAG,cAAc,CAAC;CAC/B;AAED,6BAA6B;AAC7B,MAAM,WAAW,cAAc;IAC7B,yBAAyB;IACzB,IAAI,EAAE,QAAQ,GAAG,QAAQ,GAAG,SAAS,GAAG,OAAO,GAAG,KAAK,GAAG,MAAM,GAAG,OAAO,GAAG,QAAQ,CAAC;IACtF,gDAAgD;IAChD,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,sDAAsD;IACtD,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,sDAAsD;IACtD,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,0CAA0C;IAC1C,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,qBAAqB;IACrB,IAAI,CAAC,EAAE,OAAO,EAAE,CAAC;IACjB,mDAAmD;IACnD,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB;;;;;OAKG;IACH,MAAM,CAAC,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,IAAI,GAAG,KAAK,GAAG,MAAM,CAAC;CACpD;AAED,wBAAwB;AACxB,MAAM,WAAW,gBAAgB;IAC/B,gCAAgC;IAChC,KAAK,EAAE,OAAO,CAAC;IACf,wBAAwB;IACxB,MAAM,EAAE,eAAe,EAAE,CAAC;IAC1B,mCAAmC;IACnC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAC/B;AAED,8BAA8B;AAC9B,MAAM,WAAW,eAAe;IAC9B,mCAAmC;IACnC,KAAK,EAAE,MAAM,CAAC;IACd,mCAAmC;IACnC,OAAO,EAAE,MAAM,CAAC;IAChB,2CAA2C;IAC3C,IAAI,EAAE,MAAM,CAAC;CACd;AAMD,iCAAiC;AACjC,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,QAAQ,CAAC;AAEtE,MAAM,WAAW,UAAU;IACzB,gDAAgD;IAChD,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,+DAA+D;IAC/D,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,0DAA0D;IAC1D,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,qGAAqG;IACrG,KAAK,CAAC,EAAE,QAAQ,CAAC;CAClB;AAED,4BAA4B;AAC5B,MAAM,WAAW,UAAU;IACzB,6BAA6B;IAC7B,GAAG,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,KAAK,IAAI,CAAC;IAC9D,uBAAuB;IACvB,IAAI,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,KAAK,IAAI,CAAC;IAChD,0BAA0B;IAC1B,IAAI,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,KAAK,IAAI,CAAC;IAChD,wBAAwB;IACxB,KAAK,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,KAAK,IAAI,CAAC;IACjD,wBAAwB;IACxB,KAAK,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,KAAK,IAAI,CAAC;CAClD;AAMD,kCAAkC;AAClC,MAAM,WAAW,mBAAmB;IAClC,4DAA4D;IAC5D,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,gCAAgC;IAChC,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,0BAA0B;IAC1B,MAAM,CAAC,EAAE,UAAU,CAAC;IACpB,2BAA2B;IAC3B,aAAa,CAAC,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,KAAK,IAAI,CAAC;CACnE;AAED,+CAA+C;AAC/C,MAAM,WAAW,SAAU,SAAQ,KAAK;IACtC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;;OAIG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAMD,oCAAoC;AACpC,MAAM,MAAM,eAAe,GAAG,CAC5B,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,KACf,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AAE1B,+EAA+E;AAC/E,MAAM,MAAM,oBAAoB,GAAG,cAAc,EAAE,GAAG;IACpD,2EAA2E;IAC3E,KAAK,EAAE,MAAM,IAAI,CAAC;CACnB,CAAC;AAEF,6CAA6C;AAC7C,MAAM,WAAW,aAAa;IAC5B,CAAC,OAAO,CAAC,EAAE,YAAY,GAAG,oBAAoB,CAAC;IAC/C,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,eAAe,KAAK,cAAc,CAAC;IACxD,SAAS,EAAE,CAAC,OAAO,CAAC,EAAE,gBAAgB,KAAK,qBAAqB,CAAC;IACjE,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE,aAAa,KAAK,cAAc,CAAC;IACrD,QAAQ,EAAE,CAAC,MAAM,EAAE,gBAAgB,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,QAAQ,KAAK,cAAc,CAAC;IAC7F,MAAM,EAAE,CAAC,OAAO,CAAC,EAAE,UAAU,KAAK,UAAU,CAAC;IAC7C,YAAY,EAAE,CAAC,OAAO,CAAC,EAAE,mBAAmB,GAAG,OAAO,KAAK,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,KAAK,IAAI,CAAC;CAClI"}