@arcis/node 1.5.2 → 1.6.1

package/dist/index.mjs

@@ -142,7 +142,16 @@ var SQL_PATTERNS = [
   /** Time-based blind: PostgreSQL pg_sleep() */
   /\bpg_sleep\s*\(/gi,
   /** Time-based blind: MSSQL WAITFOR DELAY */
-  /\bWAITFOR\s+DELAY\b/gi
+  /\bWAITFOR\s+DELAY\b/gi,
+  /**
+   * Oracle DBMS_* stdlib packages used for time-based blind SQLi
+   * (DBMS_LOCK.SLEEP, DBMS_PIPE.RECEIVE_MESSAGE) and other Oracle
+   * abuse paths. No legitimate user input contains these. Mirrors
+   * `sqli-oracle-dbms-packages` in packages/core/patterns.json —
+   * improvements.md §1.1.e Q3. Must stay in sync until Node
+   * migrates to patterns.json-at-runtime (planned v1.7).
+   */
+  /\bDBMS_(?:LOCK|PIPE|UTILITY|XSLPROCESSOR|JAVA|OUTPUT|SCHEDULER)\b/gi
 ];
 var PATH_PATTERNS = [
   /** Unix path traversal */
@@ -180,6 +189,15 @@ var COMMAND_PATTERNS = [
   /[;&|`]/g,
   /** Command substitution: $( ... ) — matched as a pair to reduce false positives */
   /\$\(/g,
+  /**
+   * POSIX shell IFS-substitution: ${IFS} or ${IFS%??}.
+   * Attackers use this to inject spaces past metacharacter filters
+   * in payloads like `;cat${IFS}/etc/passwd`. Mirrors
+   * `cmdi-ifs-bypass` in packages/core/patterns.json — improvements.md
+   * §1.1.e Q5. Must stay in sync until Node migrates to
+   * patterns.json-at-runtime (planned v1.7).
+   */
+  /\$\{IFS(?:%[^}]*)?\}/g,
   /** URL-encoded control characters (%00-%0F): null, tab, vtab, formfeed, LF, CR */
   /%0[0-9a-f]/gi
 ];
@@ -1124,6 +1142,40 @@ function detectHeaderInjection(input) {
 }
 
 // src/sanitizers/sanitize.ts
+function multiDecode(value, maxPasses = 4) {
+  for (let i = 0; i < maxPasses; i++) {
+    const prev = value;
+    try {
+      value = decodeURIComponent(value);
+    } catch {
+    }
+    value = htmlEntityDecode(value);
+    if (value === prev) break;
+  }
+  return value;
+}
+function htmlEntityDecode(s) {
+  s = s.replace(/&#(\d+);/g, (_m, n) => {
+    const code = parseInt(n, 10);
+    return Number.isFinite(code) && code >= 0 && code <= 1114111 ? String.fromCodePoint(code) : _m;
+  });
+  s = s.replace(/&#x([0-9a-fA-F]+);/g, (_m, h) => {
+    const code = parseInt(h, 16);
+    return Number.isFinite(code) && code >= 0 && code <= 1114111 ? String.fromCodePoint(code) : _m;
+  });
+  const named = {
+    "&lt;": "<",
+    "&gt;": ">",
+    "&amp;": "&",
+    "&quot;": '"',
+    "&apos;": "'",
+    "&nbsp;": " "
+  };
+  for (const [entity, ch] of Object.entries(named)) {
+    s = s.split(entity).join(ch);
+  }
+  return s;
+}
 function sanitizeString(value, options = {}) {
   if (typeof value !== "string") return value;
   const maxSize = options.maxSize ?? INPUT.DEFAULT_MAX_SIZE;
@@ -1131,7 +1183,8 @@ function sanitizeString(value, options = {}) {
     throw new InputTooLargeError(maxSize, value.length);
   }
   const reject = options.mode === "reject";
-  let result = value;
+  let result = value.normalize("NFKC");
+  result = multiDecode(result);
   if (options.sql !== false) {
     if (reject) {
       if (detectSql(result)) {
@@ -1578,7 +1631,9 @@ function encodeForCss(value) {
 var DEFAULTS = {
   maxDepth: 10,
   maxLength: 1e4,
-  blockIntrospection: true
+  blockIntrospection: true,
+  maxAliases: 50,
+  blockFragmentCycles: true
 };
 var INTROSPECTION_PATTERN = /\b__(schema|type|typeKind|directive)\b/;
 function computeDepth(query) {
@@ -1595,22 +1650,87 @@ function computeDepth(query) {
   }
   return max;
 }
+var ALIAS_PATTERN = /\b([a-zA-Z_][a-zA-Z0-9_]*)\s*:\s*([a-zA-Z_][a-zA-Z0-9_]*)\b/g;
+var FRAGMENT_DEF_PATTERN = /\bfragment\s+([a-zA-Z_][a-zA-Z0-9_]*)\s+on\s+[a-zA-Z_][a-zA-Z0-9_]*\s*\{/g;
+var FRAGMENT_SPREAD_PATTERN = /\.\.\.\s*([a-zA-Z_][a-zA-Z0-9_]*)\b/g;
+function countAliases(query) {
+  let n = 0;
+  ALIAS_PATTERN.lastIndex = 0;
+  while (ALIAS_PATTERN.exec(query) !== null) n++;
+  return n;
+}
+function hasFragmentCycle(query) {
+  const deps = /* @__PURE__ */ new Map();
+  FRAGMENT_DEF_PATTERN.lastIndex = 0;
+  let match;
+  while ((match = FRAGMENT_DEF_PATTERN.exec(query)) !== null) {
+    const name = match[1];
+    const bodyStart = match.index + match[0].length;
+    let depth = 1;
+    let i = bodyStart;
+    while (i < query.length && depth > 0) {
+      const ch = query[i];
+      if (ch === "{") depth++;
+      else if (ch === "}") depth--;
+      i++;
+    }
+    const bodyEnd = depth === 0 ? i - 1 : i;
+    const body = query.slice(bodyStart, bodyEnd);
+    const spreads = /* @__PURE__ */ new Set();
+    FRAGMENT_SPREAD_PATTERN.lastIndex = 0;
+    let sm;
+    while ((sm = FRAGMENT_SPREAD_PATTERN.exec(body)) !== null) {
+      spreads.add(sm[1]);
+    }
+    deps.set(name, spreads);
+  }
+  if (deps.size === 0) return false;
+  const WHITE = 0;
+  const GRAY = 1;
+  const BLACK = 2;
+  const color = /* @__PURE__ */ new Map();
+  for (const name of deps.keys()) color.set(name, WHITE);
+  function visit(name) {
+    if (color.get(name) === GRAY) return true;
+    if (color.get(name) === BLACK) return false;
+    if (!deps.has(name)) return false;
+    color.set(name, GRAY);
+    for (const child of deps.get(name)) {
+      if (visit(child)) return true;
+    }
+    color.set(name, BLACK);
+    return false;
+  }
+  for (const name of deps.keys()) {
+    if (visit(name)) return true;
+  }
+  return false;
+}
 function inspectGraphqlQuery(query, options = {}) {
   const maxDepth = options.maxDepth ?? DEFAULTS.maxDepth;
   const maxLength = options.maxLength ?? DEFAULTS.maxLength;
   const blockIntrospection = options.blockIntrospection ?? DEFAULTS.blockIntrospection;
+  const maxAliases = options.maxAliases ?? DEFAULTS.maxAliases;
+  const blockFragmentCycles = options.blockFragmentCycles ?? DEFAULTS.blockFragmentCycles;
   const length = query.length;
   const depth = computeDepth(query);
+  const aliases = countAliases(query);
   if (depth > maxDepth) {
-    return { blocked: true, reason: "depth", depth, length };
+    return { blocked: true, reason: "depth", depth, length, aliases };
   }
   if (blockIntrospection && INTROSPECTION_PATTERN.test(query)) {
-    return { blocked: true, reason: "introspection", depth, length };
+    return { blocked: true, reason: "introspection", depth, length, aliases };
+  }
+  if (aliases > maxAliases) {
+    return { blocked: true, reason: "aliases", depth, length, aliases };
+  }
+  if (blockFragmentCycles && hasFragmentCycle(query)) {
+    return { blocked: true, reason: "fragment_cycle", depth, length, aliases };
   }
   if (length > maxLength) {
-    return { blocked: true, reason: "length", depth, length };
+    return { blocked: true, reason: "length", depth, length, aliases };
   }
-  return { blocked: false, depth, length };
+  return { blocked: false, depth, length, aliases };
 }
 function detectGraphqlAbuse(query, options) {
   if (typeof query !== "string" || query.length === 0) return false;
@@ -9946,6 +10066,46 @@ function signupProtection(options = {}) {
 }
 
 // src/middleware/protect.ts
+function getClientIp(req) {
+  const xff = req?.headers?.["x-forwarded-for"] ?? req?.headers?.["X-Forwarded-For"];
+  if (typeof xff === "string" && xff.length > 0) {
+    const first = xff.split(",")[0]?.trim();
+    if (first) return first;
+  }
+  if (typeof req?.ip === "string") return req.ip;
+  const remote = req?.socket?.remoteAddress;
+  return typeof remote === "string" ? remote : "";
+}
+function correlationMiddleware(opts) {
+  const vector = opts.vector ?? "request";
+  const usernameField = opts.usernameField ?? "username";
+  const statusCode = opts.statusCode ?? 429;
+  const message = opts.message ?? "Suspicious request pattern detected.";
+  return function(req, res, next) {
+    const ip = getClientIp(req);
+    if (!ip) return next();
+    const route = opts.route ?? (req.path || req.url || "/");
+    const username = req?.body?.[usernameField];
+    const distinctValue = typeof username === "string" && username.length > 0 ? username : void 0;
+    const detections = opts.window.record(
+      ip,
+      vector,
+      route,
+      req.method || "GET",
+      distinctValue
+    );
+    if (detections.scanner || detections.credentialStuffing || detections.raceWindow) {
+      res.status(statusCode).json({
+        error: message,
+        scanner: detections.scanner,
+        credential_stuffing: detections.credentialStuffing,
+        race_window: detections.raceWindow
+      });
+      return;
+    }
+    next();
+  };
+}
 function resolve(override, defaults) {
   if (override === false) return null;
   if (override === void 0) return defaults;
@@ -9965,6 +10125,11 @@ function protectLogin(options = {}) {
   if (csrf) middlewares.push(csrfProtection(csrf));
   const sanitize = resolve(options.sanitize, {});
   if (sanitize) middlewares.push(createSanitizer(sanitize));
+  if (options.correlation) {
+    middlewares.push(
+      correlationMiddleware({ vector: "login", ...options.correlation })
+    );
+  }
   return middlewares;
 }
 function protectSignup(options = {}) {
@@ -9981,6 +10146,11 @@ function protectSignup(options = {}) {
   if (sanitize) middlewares.push(createSanitizer(sanitize));
   const signup = resolve(options.signup, {});
   if (signup) middlewares.push(signupProtection(signup));
+  if (options.correlation) {
+    middlewares.push(
+      correlationMiddleware({ vector: "signup", ...options.correlation })
+    );
+  }
   return middlewares;
 }
 function protectApi(options = {}) {
@@ -9991,6 +10161,11 @@ function protectApi(options = {}) {
   if (cors) middlewares.push(safeCors(cors));
   const sanitize = resolve(options.sanitize, {});
   if (sanitize) middlewares.push(createSanitizer(sanitize));
+  if (options.correlation) {
+    middlewares.push(
+      correlationMiddleware({ vector: "api", ...options.correlation })
+    );
+  }
   return middlewares;
 }
 
@@ -9998,7 +10173,9 @@ function protectApi(options = {}) {
 var DEFAULT_MESSAGES = {
   depth: "Query exceeds maximum nesting depth",
   length: "Query exceeds maximum length",
-  introspection: "Introspection queries are disabled"
+  introspection: "Introspection queries are disabled",
+  aliases: "Query exceeds maximum alias count (alias-bomb protection)",
+  fragment_cycle: "Query contains a cyclic fragment definition"
 };
 function extractQuery(req) {
   const bodyQuery = typeof req.body === "object" && req.body !== null ? req.body.query : void 0;
@@ -10034,6 +10211,186 @@ function graphqlGuard(options = {}) {
   };
 }
 
+// src/middleware/correlation.ts
+var EMPTY_DETECTIONS = Object.freeze({
+  scanner: false,
+  credentialStuffing: false,
+  raceWindow: false,
+  distinctVectors: 0,
+  distinctValues: 0,
+  requestsInWindow: 0
+});
+function normalizePair(a, b) {
+  return a < b ? `${a}
${b}` : `${b}
${a}`;
+}
+var CorrelationWindow = class {
+  constructor(options = {}) {
+    // Map iteration order in JS is insertion order, so re-inserting on
+    // access gives us LRU behaviour without a separate linked list.
+    this.buckets = /* @__PURE__ */ new Map();
+    const {
+      windowSeconds = 60,
+      maxIps = 1e4,
+      maxEventsPerIp = 200,
+      scannerDistinctVectors = 3,
+      scannerMinRequests = 20,
+      credentialStuffingDistinctValues = 10,
+      raceWindowMs = 200,
+      racePairs
+    } = options;
+    if (windowSeconds <= 0) throw new Error("windowSeconds must be > 0");
+    if (maxIps < 1) throw new Error("maxIps must be >= 1");
+    if (maxEventsPerIp < 1) throw new Error("maxEventsPerIp must be >= 1");
+    this.windowSeconds = windowSeconds;
+    this.maxIps = maxIps;
+    this.maxEventsPerIp = maxEventsPerIp;
+    this.scannerDistinctVectors = scannerDistinctVectors;
+    this.scannerMinRequests = scannerMinRequests;
+    this.csDistinctValues = credentialStuffingDistinctValues;
+    this.raceWindowSeconds = raceWindowMs / 1e3;
+    this.racePairKeys = /* @__PURE__ */ new Set();
+    this.racePairTuples = [];
+    if (racePairs) {
+      for (const [a, b] of racePairs) {
+        const key = normalizePair(a, b);
+        if (!this.racePairKeys.has(key)) {
+          this.racePairKeys.add(key);
+          const sorted = a < b ? [a, b] : [b, a];
+          this.racePairTuples.push(sorted);
+        }
+      }
+    }
+  }
+  record(ip, vector, route, method = "GET", distinctValue, now) {
+    if (!ip) return EMPTY_DETECTIONS;
+    const ts = now ?? Date.now() / 1e3;
+    const event = {
+      timestamp: ts,
+      vector,
+      route,
+      method,
+      distinctValue
+    };
+    let bucket = this.buckets.get(ip);
+    if (bucket === void 0) {
+      bucket = { events: [] };
+      this.buckets.set(ip, bucket);
+      while (this.buckets.size > this.maxIps) {
+        const oldest = this.buckets.keys().next().value;
+        if (oldest === void 0) break;
+        this.buckets.delete(oldest);
+      }
+    } else {
+      this.buckets.delete(ip);
+      this.buckets.set(ip, bucket);
+    }
+    bucket.events.push(event);
+    this.evictStale(bucket, ts);
+    return this.evaluate(bucket, route);
+  }
+  detectScanner(ip, now) {
+    const bucket = this.buckets.get(ip);
+    if (bucket === void 0) return false;
+    this.evictStale(bucket, now ?? Date.now() / 1e3);
+    return this.isScanner(bucket);
+  }
+  detectCredentialStuffing(ip, route, now) {
+    const bucket = this.buckets.get(ip);
+    if (bucket === void 0) return false;
+    this.evictStale(bucket, now ?? Date.now() / 1e3);
+    return this.isCredentialStuffing(bucket, route);
+  }
+  detectRaceWindow(ip, routePair, now) {
+    const bucket = this.buckets.get(ip);
+    if (bucket === void 0) return false;
+    this.evictStale(bucket, now ?? Date.now() / 1e3);
+    const sorted = routePair[0] < routePair[1] ? routePair : [routePair[1], routePair[0]];
+    return this.racePairInBucket(bucket, sorted);
+  }
+  reset(ip) {
+    if (ip === void 0) {
+      this.buckets.clear();
+    } else {
+      this.buckets.delete(ip);
+    }
+  }
+  stats() {
+    let events = 0;
+    for (const b of this.buckets.values()) events += b.events.length;
+    return { trackedIps: this.buckets.size, eventsInWindow: events };
+  }
+  // -------------------------------------------------------- internals
+  evictStale(bucket, now) {
+    const cutoff = now - this.windowSeconds;
+    let drop = 0;
+    while (drop < bucket.events.length && bucket.events[drop].timestamp < cutoff) {
+      drop++;
+    }
+    if (drop > 0) bucket.events.splice(0, drop);
+    if (bucket.events.length > this.maxEventsPerIp) {
+      bucket.events.splice(0, bucket.events.length - this.maxEventsPerIp);
+    }
+  }
+  evaluate(bucket, route) {
+    const vectors = /* @__PURE__ */ new Set();
+    const values = /* @__PURE__ */ new Set();
+    for (const e of bucket.events) {
+      vectors.add(e.vector);
+      if (e.route === route && e.distinctValue !== void 0) {
+        values.add(e.distinctValue);
+      }
+    }
+    return {
+      scanner: this.isScanner(bucket),
+      credentialStuffing: this.isCredentialStuffing(bucket, route),
+      raceWindow: this.isRaceAny(bucket),
+      distinctVectors: vectors.size,
+      distinctValues: values.size,
+      requestsInWindow: bucket.events.length
+    };
+  }
+  isScanner(bucket) {
+    if (bucket.events.length < this.scannerMinRequests) return false;
+    const vectors = /* @__PURE__ */ new Set();
+    for (const e of bucket.events) vectors.add(e.vector);
+    return vectors.size >= this.scannerDistinctVectors;
+  }
+  isCredentialStuffing(bucket, route) {
+    const values = /* @__PURE__ */ new Set();
+    for (const e of bucket.events) {
+      if (e.route === route && e.distinctValue !== void 0) {
+        values.add(e.distinctValue);
+      }
+    }
+    return values.size >= this.csDistinctValues;
+  }
+  racePairInBucket(bucket, sorted) {
+    const [a, b] = sorted;
+    const aTs = [];
+    const bTs = [];
+    for (const e of bucket.events) {
+      if (e.route === a) aTs.push(e.timestamp);
+      else if (e.route === b) bTs.push(e.timestamp);
+    }
+    if (aTs.length === 0 || bTs.length === 0) return false;
+    let ai = 0;
+    let bi = 0;
+    while (ai < aTs.length && bi < bTs.length) {
+      const diff = aTs[ai] - bTs[bi];
+      if (Math.abs(diff) <= this.raceWindowSeconds) return true;
+      if (diff < 0) ai++;
+      else bi++;
+    }
+    return false;
+  }
+  isRaceAny(bucket) {
+    for (const pair of this.racePairTuples) {
+      if (this.racePairInBucket(bucket, pair)) return true;
+    }
+    return false;
+  }
+};
+
 // src/sanitizers/prompt-injection.ts
 var SIGNATURES = [
   // --- HIGH severity: clear override / jailbreak attempts ---
@@ -10163,6 +10520,47 @@ var SIGNATURES = [
     severity: "medium",
     description: "ROT13 / Caesar-cipher decode hint"
   },
+  // ── V32: AI agent toolcall injection (improvements.md §1.2) ────────
+  // Modern LLM agents (Claude tool-use, OpenAI function-calling,
+  // ReAct loops) read tool definitions from the system prompt and
+  // JSON-shaped requests from the model. A malicious user can embed
+  // those shapes in their input to make the host think they invoked
+  // a tool, or to trick the model into echoing a synthesized
+  // tool_call that the runtime then executes.
+  //
+  // Narrow patterns — match the literal JSON keys and inline
+  // tool-name shapes. Won't false-positive on plain English text
+  // discussing tools.
+  {
+    rule: "agent-toolcall-marker",
+    pattern: /"(?:tool_call|function_call|call_tool|tool_use|toolUse)"\s*:\s*\{/i,
+    severity: "high",
+    description: 'Injected agent tool-call JSON shape (e.g. {"tool_call":{...}})'
+  },
+  {
+    rule: "agent-tool-name-spoof",
+    pattern: /"name"\s*:\s*"(?:exec|shell|run_command|system|bash|cmd|python|eval|read_file|write_file|delete_file)"/i,
+    severity: "high",
+    description: "Forged tool-name attempting privileged tool invocation"
+  },
+  {
+    rule: "agent-tool-result-marker",
+    pattern: /"(?:tool_result|function_result|tool_output)"\s*:\s*[\{\["]/i,
+    severity: "high",
+    description: "Injected fake tool-result block (trick agent into trusting fabricated output)"
+  },
+  {
+    rule: "ansi-escape-sequence",
+    pattern: /\x1b\[/,
+    severity: "medium",
+    description: "ANSI escape sequence (terminal hijack / output spoofing on CLI agents)"
+  },
+  {
+    rule: "claude-tool-use-tags",
+    pattern: /<\/?\s*(?:tool_use|tool_result|invoke|function_calls?|parameter)\b/i,
+    severity: "high",
+    description: "Claude/OpenAI tool-use XML-style tag forgery"
+  },
   // --- LOW severity: ambiguous but worth flagging in strict mode ---
   {
     rule: "from-now-on",
@@ -10716,6 +11114,6 @@ function createRedisStore(options) {
   return new RedisStore(options);
 }
 
-export { ArcisError, ValidationError as ArcisValidationError, BLOCKED, ERRORS, Guards, HEADERS, INPUT, InputTooLargeError, MemoryStore, RATE_LIMIT, REDACTION, RateLimitError, RedisStore, ResponseSplittingError, SanitizationError, SecurityThreatError, TelemetryClient, TelemetryHttpError, VALIDATION, arcis, arcisWithMethods as arcisFunction, botProtection, checkSignup, createCors, createCsrf, createErrorHandler, createHeaders, createHpp, createRateLimiter, createRedactor, createRedisStore, createSafeLogger, createSanitizer, createSecureCookies, createSlidingWindowLimiter, createTokenBucketLimiter, createValidator, csrfProtection, main_default as default, detectBot, detectClientIp, detectCommandInjection, detectGraphqlAbuse, detectHeaderInjection, detectJsonpInjection, detectNoSqlInjection, detectPathTraversal, detectPii, detectPromptInjection, detectPrototypePollution, detectResponseSplitting, detectSql, detectSsti, detectXss, detectXxe, encodeForAttribute, encodeForCss, encodeForHtml, encodeForJs, encodeForUrl, enforceSecureCookie, errorHandler, eventLoopProtection, fingerprint, formatDuration, generateCsrfToken, graphqlGuard, hpp, inspectGraphqlQuery, isDangerousExtension, isDangerousNoSqlKey, isDangerousProtoKey, isPrivateIp, isRedirectSafe, isUrlSafe, isValidEmailSyntax, massAssign, methodAllowlist, parseDuration, pinnedDnsLookup, protectApi, protectLogin, protectSignup, rateLimit, redactObjectPii, redactPii, responseSplittingGuard, safeCors, safeFollowRedirect, safeLog, sanitizeCommand, sanitizeFilename, sanitizeHeaderValue, sanitizeHeaders, sanitizeJsonpCallback, sanitizeObject, sanitizePath, sanitizePromptInjection, sanitizeResponseHeader, sanitizeSql, sanitizeSsti, sanitizeString, sanitizeXss, sanitizeXxe, scanObjectPii, scanPii, secureCookieDefaults, securityHeaders, signupProtection, tokenBudget, validate, validateCsrfToken, validateEmail, validateFile, validateRedirect, validateUrl, validateUrlAsync, verifyEmailMx };
+export { ArcisError, ValidationError as ArcisValidationError, BLOCKED, CorrelationWindow, ERRORS, Guards, HEADERS, INPUT, InputTooLargeError, MemoryStore, RATE_LIMIT, REDACTION, RateLimitError, RedisStore, ResponseSplittingError, SanitizationError, SecurityThreatError, TelemetryClient, TelemetryHttpError, VALIDATION, arcis, arcisWithMethods as arcisFunction, botProtection, checkSignup, createCors, createCsrf, createErrorHandler, createHeaders, createHpp, createRateLimiter, createRedactor, createRedisStore, createSafeLogger, createSanitizer, createSecureCookies, createSlidingWindowLimiter, createTokenBucketLimiter, createValidator, csrfProtection, main_default as default, detectBot, detectClientIp, detectCommandInjection, detectGraphqlAbuse, detectHeaderInjection, detectJsonpInjection, detectNoSqlInjection, detectPathTraversal, detectPii, detectPromptInjection, detectPrototypePollution, detectResponseSplitting, detectSql, detectSsti, detectXss, detectXxe, encodeForAttribute, encodeForCss, encodeForHtml, encodeForJs, encodeForUrl, enforceSecureCookie, errorHandler, eventLoopProtection, fingerprint, formatDuration, generateCsrfToken, graphqlGuard, hpp, inspectGraphqlQuery, isDangerousExtension, isDangerousNoSqlKey, isDangerousProtoKey, isPrivateIp, isRedirectSafe, isUrlSafe, isValidEmailSyntax, massAssign, methodAllowlist, parseDuration, pinnedDnsLookup, protectApi, protectLogin, protectSignup, rateLimit, redactObjectPii, redactPii, responseSplittingGuard, safeCors, safeFollowRedirect, safeLog, sanitizeCommand, sanitizeFilename, sanitizeHeaderValue, sanitizeHeaders, sanitizeJsonpCallback, sanitizeObject, sanitizePath, sanitizePromptInjection, sanitizeResponseHeader, sanitizeSql, sanitizeSsti, sanitizeString, sanitizeXss, sanitizeXxe, scanObjectPii, scanPii, secureCookieDefaults, securityHeaders, signupProtection, tokenBudget, validate, validateCsrfToken, validateEmail, validateFile, validateRedirect, validateUrl, validateUrlAsync, verifyEmailMx };
 //# sourceMappingURL=index.mjs.map
 //# sourceMappingURL=index.mjs.map