npm - @arcis/node - Versions diffs - 1.4.4 → 1.5.1 - Mend

@arcis/node 1.4.4 → 1.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (144) hide show

package/LICENSE +21 -0
package/README.md +36 -6
package/dist/astro/index.js +6141 -0
package/dist/astro/index.js.map +1 -0
package/dist/astro/index.mjs +6136 -0
package/dist/astro/index.mjs.map +1 -0
package/dist/bun/index.js +6195 -0
package/dist/bun/index.js.map +1 -0
package/dist/bun/index.mjs +6189 -0
package/dist/bun/index.mjs.map +1 -0
package/dist/core/constants.d.ts +3 -2
package/dist/core/constants.d.ts.map +1 -1
package/dist/core/index.js +4 -3
package/dist/core/index.js.map +1 -1
package/dist/core/index.mjs +4 -3
package/dist/core/index.mjs.map +1 -1
package/dist/core/types.d.ts +32 -0
package/dist/core/types.d.ts.map +1 -1
package/dist/fastify/index.js +6160 -0
package/dist/fastify/index.js.map +1 -0
package/dist/fastify/index.mjs +6155 -0
package/dist/fastify/index.mjs.map +1 -0
package/dist/guards.d.ts +156 -0
package/dist/guards.d.ts.map +1 -0
package/dist/hono/index.js +6159 -0
package/dist/hono/index.js.map +1 -0
package/dist/hono/index.mjs +6154 -0
package/dist/hono/index.mjs.map +1 -0
package/dist/index.d.ts +23 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +7126 -178
package/dist/index.js.map +1 -1
package/dist/index.mjs +7088 -179
package/dist/index.mjs.map +1 -1
package/dist/koa/index.js +6158 -0
package/dist/koa/index.js.map +1 -0
package/dist/koa/index.mjs +6153 -0
package/dist/koa/index.mjs.map +1 -0
package/dist/logging/index.js.map +1 -1
package/dist/logging/index.mjs.map +1 -1
package/dist/logging/redactor.d.ts.map +1 -1
package/dist/middleware/astro.d.ts +64 -0
package/dist/middleware/astro.d.ts.map +1 -0
package/dist/middleware/bot-detection.d.ts.map +1 -1
package/dist/middleware/bun.d.ts +75 -0
package/dist/middleware/bun.d.ts.map +1 -0
package/dist/middleware/csrf.d.ts.map +1 -1
package/dist/middleware/error-handler.d.ts.map +1 -1
package/dist/middleware/fastify.d.ts +89 -0
package/dist/middleware/fastify.d.ts.map +1 -0
package/dist/middleware/graphql.d.ts +35 -0
package/dist/middleware/graphql.d.ts.map +1 -0
package/dist/middleware/hono.d.ts +63 -0
package/dist/middleware/hono.d.ts.map +1 -0
package/dist/middleware/index.d.ts +12 -0
package/dist/middleware/index.d.ts.map +1 -1
package/dist/middleware/index.js +6469 -119
package/dist/middleware/index.js.map +1 -1
package/dist/middleware/index.mjs +6459 -120
package/dist/middleware/index.mjs.map +1 -1
package/dist/middleware/koa.d.ts +84 -0
package/dist/middleware/koa.d.ts.map +1 -0
package/dist/middleware/main.d.ts +0 -30
package/dist/middleware/main.d.ts.map +1 -1
package/dist/middleware/mass-assign.d.ts +81 -0
package/dist/middleware/mass-assign.d.ts.map +1 -0
package/dist/middleware/method-allowlist.d.ts +66 -0
package/dist/middleware/method-allowlist.d.ts.map +1 -0
package/dist/middleware/nestjs.d.ts +62 -0
package/dist/middleware/nestjs.d.ts.map +1 -0
package/dist/middleware/nextjs.d.ts +102 -0
package/dist/middleware/nextjs.d.ts.map +1 -0
package/dist/middleware/nuxt.d.ts +61 -0
package/dist/middleware/nuxt.d.ts.map +1 -0
package/dist/middleware/overload.d.ts +92 -0
package/dist/middleware/overload.d.ts.map +1 -0
package/dist/middleware/protect.d.ts +91 -0
package/dist/middleware/protect.d.ts.map +1 -0
package/dist/middleware/rate-limit-sliding.d.ts.map +1 -1
package/dist/middleware/rate-limit-token.d.ts.map +1 -1
package/dist/middleware/rate-limit.d.ts.map +1 -1
package/dist/middleware/response-splitting.d.ts +83 -0
package/dist/middleware/response-splitting.d.ts.map +1 -0
package/dist/middleware/sveltekit.d.ts +68 -0
package/dist/middleware/sveltekit.d.ts.map +1 -0
package/dist/middleware/token-budget.d.ts +75 -0
package/dist/middleware/token-budget.d.ts.map +1 -0
package/dist/nestjs/index.js +1724 -0
package/dist/nestjs/index.js.map +1 -0
package/dist/nestjs/index.mjs +1717 -0
package/dist/nestjs/index.mjs.map +1 -0
package/dist/nextjs/index.js +6184 -0
package/dist/nextjs/index.js.map +1 -0
package/dist/nextjs/index.mjs +6178 -0
package/dist/nextjs/index.mjs.map +1 -0
package/dist/nuxt/index.js +6141 -0
package/dist/nuxt/index.js.map +1 -0
package/dist/nuxt/index.mjs +6136 -0
package/dist/nuxt/index.mjs.map +1 -0
package/dist/sanitizers/encode.d.ts.map +1 -1
package/dist/sanitizers/graphql.d.ts +72 -0
package/dist/sanitizers/graphql.d.ts.map +1 -0
package/dist/sanitizers/headers.d.ts +18 -0
package/dist/sanitizers/headers.d.ts.map +1 -1
package/dist/sanitizers/index.d.ts +4 -1
package/dist/sanitizers/index.d.ts.map +1 -1
package/dist/sanitizers/index.js +140 -66
package/dist/sanitizers/index.js.map +1 -1
package/dist/sanitizers/index.mjs +135 -67
package/dist/sanitizers/index.mjs.map +1 -1
package/dist/sanitizers/prompt-injection.d.ts +62 -0
package/dist/sanitizers/prompt-injection.d.ts.map +1 -0
package/dist/sanitizers/sanitize.d.ts +1 -1
package/dist/sanitizers/sanitize.d.ts.map +1 -1
package/dist/sanitizers/xpath.d.ts +37 -0
package/dist/sanitizers/xpath.d.ts.map +1 -0
package/dist/stores/index.js +4 -4
package/dist/stores/index.js.map +1 -1
package/dist/stores/index.mjs +4 -4
package/dist/stores/index.mjs.map +1 -1
package/dist/stores/redis.d.ts +7 -1
package/dist/stores/redis.d.ts.map +1 -1
package/dist/sveltekit/index.js +6142 -0
package/dist/sveltekit/index.js.map +1 -0
package/dist/sveltekit/index.mjs +6137 -0
package/dist/sveltekit/index.mjs.map +1 -0
package/dist/validation/index.d.ts +2 -0
package/dist/validation/index.d.ts.map +1 -1
package/dist/validation/index.js +137 -12
package/dist/validation/index.js.map +1 -1
package/dist/validation/index.mjs +116 -13
package/dist/validation/index.mjs.map +1 -1
package/dist/validation/redirect.d.ts.map +1 -1
package/dist/validation/schema.d.ts.map +1 -1
package/dist/validation/url-async.d.ts +137 -0
package/dist/validation/url-async.d.ts.map +1 -0
package/package.json +57 -12
package/scripts/postinstall.cjs +26 -0
package/dist/cli/arcis.d.ts +0 -23
package/dist/cli/arcis.d.ts.map +0 -1
package/dist/cli/arcis.js +0 -312
package/dist/cli/arcis.js.map +0 -1
package/dist/cli/arcis.mjs +0 -309
package/dist/cli/arcis.mjs.map +0 -1

package/dist/middleware/hono.d.ts ADDED Viewed

@@ -0,0 +1,63 @@
+/**
+ * @module @arcis/node/hono
+ *
+ * Hono adapter for Arcis. Hono runs on Web Fetch primitives (Request /
+ * Response / Headers) so the same Edge-native pipeline that powers the
+ * SvelteKit / Astro / Nuxt / Next.js / Bun adapters drives this one.
+ * That means it works in any runtime Hono targets: Cloudflare Workers,
+ * Deno Deploy, Bun, AWS Lambda, Node, and so on.
+ *
+ * Quick start:
+ *
+ * ```ts
+ * import { Hono } from 'hono';
+ * import { arcisHono } from '@arcis/node/hono';
+ *
+ * const app = new Hono();
+ * app.use('*', arcisHono({ rateLimit: { max: 100 }, bot: true }));
+ * app.get('/', (c) => c.text('hello'));
+ * ```
+ *
+ * No runtime dependency on `hono` — its types are imported only at
+ * compile time. The adapter ships in every Arcis install regardless of
+ * whether the consumer uses Hono.
+ *
+ * For users running Hono on top of Bun, the dedicated `@arcis/node/bun`
+ * adapter ships with a tighter Bun integration; this adapter is for
+ * everyone else (Workers, Deno, Lambda, plain Node + Hono).
+ */
+import type { HeaderOptions, RateLimitOptions } from '../core/types';
+import { type BotProtectionOptions } from './bot-detection';
+interface HonoContextLike {
+    req: {
+        raw: Request;
+    };
+    res: Response;
+    env?: Record<string, unknown>;
+}
+export type HonoMiddleware = (c: HonoContextLike, next: () => Promise<void>) => Promise<Response | void>;
+export interface ArcisHonoOptions {
+    /** Security headers configuration. Default: enabled. Pass `false` to disable. */
+    headers?: boolean | HeaderOptions;
+    /** Rate limiter configuration. Default: 100 req/60s in-memory. Pass `false` to disable. */
+    rateLimit?: boolean | RateLimitOptions;
+    /**
+     * Bot protection. Default: disabled (opt-in to avoid surprising behavior on
+     * legitimate crawlers). Pass `true` for sensible defaults or an options
+     * object for full control.
+     */
+    bot?: boolean | BotProtectionOptions;
+}
+/**
+ * Build a Hono middleware handler that applies Arcis protections in
+ * this order: rate limit (returns 429 if exceeded), bot detection
+ * (returns 403 if the bot is in the deny list), runs `next()`, then
+ * mutates the resulting `c.res` headers with security defaults.
+ *
+ * Hono's `c.res` is a regular `Response` whose `headers` are mutable
+ * mid-request, so the security-header pass is in-place — no
+ * Response-rebuild needed.
+ */
+export declare function arcisHono(options?: ArcisHonoOptions): HonoMiddleware;
+export default arcisHono;
+//# sourceMappingURL=hono.d.ts.map

package/dist/middleware/hono.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"hono.d.ts","sourceRoot":"","sources":["../../src/middleware/hono.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAIH,OAAO,KAAK,EACV,aAAa,EAEb,gBAAgB,EACjB,MAAM,eAAe,CAAC;AACvB,OAAO,EAEL,KAAK,oBAAoB,EAE1B,MAAM,iBAAiB,CAAC;AAMzB,UAAU,eAAe;IACvB,GAAG,EAAE;QAAE,GAAG,EAAE,OAAO,CAAA;KAAE,CAAC;IACtB,GAAG,EAAE,QAAQ,CAAC;IACd,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAC/B;AAED,MAAM,MAAM,cAAc,GAAG,CAC3B,CAAC,EAAE,eAAe,EAClB,IAAI,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,KACtB,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;AAE9B,MAAM,WAAW,gBAAgB;IAC/B,iFAAiF;IACjF,OAAO,CAAC,EAAE,OAAO,GAAG,aAAa,CAAC;IAClC,2FAA2F;IAC3F,SAAS,CAAC,EAAE,OAAO,GAAG,gBAAgB,CAAC;IACvC;;;;OAIG;IACH,GAAG,CAAC,EAAE,OAAO,GAAG,oBAAoB,CAAC;CACtC;AAoJD;;;;;;;;;GASG;AACH,wBAAgB,SAAS,CAAC,OAAO,GAAE,gBAAqB,GAAG,cAAc,CAuExE;AAED,eAAe,SAAS,CAAC"}

package/dist/middleware/index.d.ts CHANGED Viewed

@@ -15,4 +15,16 @@ export { botProtection, detectBot } from './bot-detection';
 export { csrfProtection, createCsrf, generateCsrfToken, validateCsrfToken } from './csrf';
 export { signupProtection, checkSignup } from './signup-protection';
 export type { SignupProtectionOptions, SignupCheckResult, SignupBlockReason, SignupProtectionMiddleware } from './signup-protection';
+export { methodAllowlist } from './method-allowlist';
+export type { MethodAllowlistOptions } from './method-allowlist';
+export { eventLoopProtection } from './overload';
+export type { EventLoopProtectionOptions, EventLoopProtectionMiddleware, } from './overload';
+export { massAssign } from './mass-assign';
+export type { MassAssignOptions } from './mass-assign';
+export { protectLogin, protectSignup, protectApi } from './protect';
+export type { ProtectLoginOptions, ProtectSignupOptions, ProtectApiOptions, } from './protect';
+export { graphqlGuard } from './graphql';
+export type { GraphqlGuardMiddlewareOptions } from './graphql';
+export { responseSplittingGuard, detectResponseSplitting, sanitizeResponseHeader, ResponseSplittingError, } from './response-splitting';
+export type { ResponseSplittingGuardOptions } from './response-splitting';
 //# sourceMappingURL=index.d.ts.map

package/dist/middleware/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,QAAQ,CAAC;AAGjC,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAC5D,OAAO,EAAE,0BAA0B,EAAE,MAAM,sBAAsB,CAAC;AAClE,OAAO,EAAE,wBAAwB,EAAE,MAAM,oBAAoB,CAAC;AAC9D,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AACnE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAC;AAC3F,OAAO,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,QAAQ,CAAC;AAC1F,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AACpE,YAAY,EAAE,uBAAuB,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,0BAA0B,EAAE,MAAM,qBAAqB,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,QAAQ,CAAC;AAGjC,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAC5D,OAAO,EAAE,0BAA0B,EAAE,MAAM,sBAAsB,CAAC;AAClE,OAAO,EAAE,wBAAwB,EAAE,MAAM,oBAAoB,CAAC;AAC9D,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AACnE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAC;AAC3F,OAAO,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,QAAQ,CAAC;AAC1F,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AACpE,YAAY,EAAE,uBAAuB,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,0BAA0B,EAAE,MAAM,qBAAqB,CAAC;AACrI,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrD,YAAY,EAAE,sBAAsB,EAAE,MAAM,oBAAoB,CAAC;AACjE,OAAO,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AACjD,YAAY,EACV,0BAA0B,EAC1B,6BAA6B,GAC9B,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,YAAY,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AACpE,YAAY,EACV,mBAAmB,EACnB,oBAAoB,EACpB,iBAAiB,GAClB,MAAM,WAAW,CAAC;AACnB,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,YAAY,EAAE,6BAA6B,EAAE,MAAM,WAAW,CAAC;AAC/D,OAAO,EACL,sBAAsB,EACtB,uBAAuB,EACvB,sBAAsB,EACtB,sBAAsB,GACvB,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EAAE,6BAA6B,EAAE,MAAM,sBAAsB,CAAC"}