@arcis/node 1.6.0 → 1.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (46) hide show
  1. package/dist/astro/index.js.map +1 -1
  2. package/dist/astro/index.mjs.map +1 -1
  3. package/dist/bun/index.js.map +1 -1
  4. package/dist/bun/index.mjs.map +1 -1
  5. package/dist/hono/index.js.map +1 -1
  6. package/dist/hono/index.mjs.map +1 -1
  7. package/dist/index.js +2 -1
  8. package/dist/index.js.map +1 -1
  9. package/dist/index.mjs +2 -1
  10. package/dist/index.mjs.map +1 -1
  11. package/dist/koa/index.js.map +1 -1
  12. package/dist/koa/index.mjs.map +1 -1
  13. package/dist/middleware/astro.d.ts +6 -1
  14. package/dist/middleware/astro.d.ts.map +1 -1
  15. package/dist/middleware/bun.d.ts +8 -1
  16. package/dist/middleware/bun.d.ts.map +1 -1
  17. package/dist/middleware/hono.d.ts +6 -0
  18. package/dist/middleware/hono.d.ts.map +1 -1
  19. package/dist/middleware/index.js +2 -1
  20. package/dist/middleware/index.js.map +1 -1
  21. package/dist/middleware/index.mjs +2 -1
  22. package/dist/middleware/index.mjs.map +1 -1
  23. package/dist/middleware/koa.d.ts +5 -0
  24. package/dist/middleware/koa.d.ts.map +1 -1
  25. package/dist/middleware/nextjs.d.ts +9 -1
  26. package/dist/middleware/nextjs.d.ts.map +1 -1
  27. package/dist/middleware/nuxt.d.ts +6 -1
  28. package/dist/middleware/nuxt.d.ts.map +1 -1
  29. package/dist/middleware/sveltekit.d.ts +6 -1
  30. package/dist/middleware/sveltekit.d.ts.map +1 -1
  31. package/dist/nestjs/index.js +2 -1
  32. package/dist/nestjs/index.js.map +1 -1
  33. package/dist/nestjs/index.mjs +2 -1
  34. package/dist/nestjs/index.mjs.map +1 -1
  35. package/dist/nextjs/index.js.map +1 -1
  36. package/dist/nextjs/index.mjs.map +1 -1
  37. package/dist/nuxt/index.js.map +1 -1
  38. package/dist/nuxt/index.mjs.map +1 -1
  39. package/dist/sanitizers/index.js +2 -1
  40. package/dist/sanitizers/index.js.map +1 -1
  41. package/dist/sanitizers/index.mjs +2 -1
  42. package/dist/sanitizers/index.mjs.map +1 -1
  43. package/dist/sanitizers/ldap.d.ts.map +1 -1
  44. package/dist/sveltekit/index.js.map +1 -1
  45. package/dist/sveltekit/index.mjs.map +1 -1
  46. package/package.json +11 -11
package/dist/middleware/astro.d.ts CHANGED
@@ -1,7 +1,12 @@
1
1
  /**
2
2
  * @module @arcis/node/astro
3
3
  *
4
- * Astro adapter for Arcis. Drop into `src/middleware.ts`:
4
+ * Astro adapter for Arcis. Drop into `src/middleware.ts`.
5
+ *
6
+ * **Scope:** rate-limit + bot detection + security headers. For
7
+ * XSS/SQL/SSTI/etc. body-payload blocking, call `sanitizeObject` from
8
+ * `@arcis/node/sanitizers` inside your endpoint handler. v1 keeps the
9
+ * middleware surface narrow.
5
10
  *
6
11
  * ```ts
7
12
  * import { defineMiddleware } from 'astro:middleware';
package/dist/middleware/astro.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"astro.d.ts","sourceRoot":"","sources":["../../src/middleware/astro.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAIH,OAAO,KAAK,EACV,aAAa,EAEb,gBAAgB,EACjB,MAAM,eAAe,CAAC;AACvB,OAAO,EAEL,KAAK,oBAAoB,EAE1B,MAAM,iBAAiB,CAAC;AAIzB,UAAU,YAAY;IACpB,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG;QAAE,KAAK,EAAE,MAAM,CAAA;KAAE,GAAG,SAAS,CAAC;IACjD,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;QAAE,IAAI,CAAC,EAAE,MAAM,CAAC;QAAC,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,GAAG,IAAI,CAAC;IACvF,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;QAAE,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC;CACtD;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,GAAG,EAAE,GAAG,CAAC;IACT,OAAO,EAAE,YAAY,CAAC;IACtB,sEAAsE;IACtE,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,MAAM,mBAAmB,GAAG,MAAM,OAAO,CAAC,QAAQ,CAAC,CAAC;AAE1D,MAAM,MAAM,sBAAsB,GAAG,CACnC,OAAO,EAAE,eAAe,EACxB,IAAI,EAAE,mBAAmB,KACtB,OAAO,CAAC,QAAQ,CAAC,CAAC;AAIvB,MAAM,WAAW,iBAAiB;IAChC,iFAAiF;IACjF,OAAO,CAAC,EAAE,OAAO,GAAG,aAAa,CAAC;IAClC,2FAA2F;IAC3F,SAAS,CAAC,EAAE,OAAO,GAAG,gBAAgB,CAAC;IACvC,kDAAkD;IAClD,GAAG,CAAC,EAAE,OAAO,GAAG,oBAAoB,CAAC;CACtC;AAwHD;;;;;GAKG;AACH,wBAAgB,SAAS,CAAC,OAAO,GAAE,iBAAsB,GAAG,sBAAsB,CA+DjF;AAED,eAAe,SAAS,CAAC"}
1
+ {"version":3,"file":"astro.d.ts","sourceRoot":"","sources":["../../src/middleware/astro.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAIH,OAAO,KAAK,EACV,aAAa,EAEb,gBAAgB,EACjB,MAAM,eAAe,CAAC;AACvB,OAAO,EAEL,KAAK,oBAAoB,EAE1B,MAAM,iBAAiB,CAAC;AAIzB,UAAU,YAAY;IACpB,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG;QAAE,KAAK,EAAE,MAAM,CAAA;KAAE,GAAG,SAAS,CAAC;IACjD,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;QAAE,IAAI,CAAC,EAAE,MAAM,CAAC;QAAC,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,GAAG,IAAI,CAAC;IACvF,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;QAAE,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC;CACtD;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,GAAG,EAAE,GAAG,CAAC;IACT,OAAO,EAAE,YAAY,CAAC;IACtB,sEAAsE;IACtE,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,MAAM,mBAAmB,GAAG,MAAM,OAAO,CAAC,QAAQ,CAAC,CAAC;AAE1D,MAAM,MAAM,sBAAsB,GAAG,CACnC,OAAO,EAAE,eAAe,EACxB,IAAI,EAAE,mBAAmB,KACtB,OAAO,CAAC,QAAQ,CAAC,CAAC;AAIvB,MAAM,WAAW,iBAAiB;IAChC,iFAAiF;IACjF,OAAO,CAAC,EAAE,OAAO,GAAG,aAAa,CAAC;IAClC,2FAA2F;IAC3F,SAAS,CAAC,EAAE,OAAO,GAAG,gBAAgB,CAAC;IACvC,kDAAkD;IAClD,GAAG,CAAC,EAAE,OAAO,GAAG,oBAAoB,CAAC;CACtC;AAwHD;;;;;GAKG;AACH,wBAAgB,SAAS,CAAC,OAAO,GAAE,iBAAsB,GAAG,sBAAsB,CA+DjF;AAED,eAAe,SAAS,CAAC"}
package/dist/middleware/bun.d.ts CHANGED
@@ -1,7 +1,14 @@
1
1
  /**
2
2
  * @module @arcis/node/bun
3
3
  *
4
- * Bun + Hono adapter for Arcis. Two entry points:
4
+ * Bun + Hono adapter for Arcis. Two entry points.
5
+ *
6
+ * **Scope:** rate-limit + bot detection + security headers. Bun's
7
+ * Web Fetch runtime cannot easily inspect request bodies inside this
8
+ * adapter (consuming the stream defeats the downstream handler). For
9
+ * XSS/SQL/SSTI/etc. body-payload blocking, call
10
+ * `sanitizeObject(await req.json())` from `@arcis/node/sanitizers`
11
+ * inside your route handler.
5
12
  *
6
13
  * **1. `Bun.serve` fetch wrapper:**
7
14
  *
package/dist/middleware/bun.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"bun.d.ts","sourceRoot":"","sources":["../../src/middleware/bun.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AAIH,OAAO,KAAK,EACV,aAAa,EAEb,gBAAgB,EACjB,MAAM,eAAe,CAAC;AACvB,OAAO,EAEL,KAAK,oBAAoB,EAE1B,MAAM,iBAAiB,CAAC;AAIzB,MAAM,WAAW,aAAa;IAC5B,SAAS,CAAC,GAAG,EAAE,OAAO,GAAG;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC;CACrF;AAED,MAAM,MAAM,eAAe,GAAG,CAC5B,GAAG,EAAE,OAAO,EACZ,MAAM,CAAC,EAAE,aAAa,KACnB,OAAO,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAC;AAElC,UAAU,eAAe;IACvB,GAAG,EAAE,OAAO,CAAC;IACb,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CAC1C;AAED,MAAM,WAAW,eAAe;IAC9B,GAAG,EAAE,eAAe,CAAC;IACrB,GAAG,EAAE,QAAQ,CAAC;IACd,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,QAAQ,CAAC;CAClD;AAED,MAAM,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;AAC3C,MAAM,MAAM,qBAAqB,GAAG,CAClC,CAAC,EAAE,eAAe,EAClB,IAAI,EAAE,QAAQ,KACX,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;AAI9B,MAAM,WAAW,eAAe;IAC9B,iFAAiF;IACjF,OAAO,CAAC,EAAE,OAAO,GAAG,aAAa,CAAC;IAClC,2FAA2F;IAC3F,SAAS,CAAC,EAAE,OAAO,GAAG,gBAAgB,CAAC;IACvC,kDAAkD;IAClD,GAAG,CAAC,EAAE,OAAO,GAAG,oBAAoB,CAAC;CACtC;AAwLD;;;;GAIG;AACH,wBAAgB,QAAQ,CACtB,OAAO,EAAE,eAAe,EACxB,OAAO,EAAE,eAAe,GACvB,eAAe,CAoCjB;AAED;;;;GAIG;AACH,wBAAgB,SAAS,CAAC,OAAO,GAAE,eAAoB,GAAG,qBAAqB,CAkC9E;AAED,eAAe,QAAQ,CAAC"}
1
+ {"version":3,"file":"bun.d.ts","sourceRoot":"","sources":["../../src/middleware/bun.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AAIH,OAAO,KAAK,EACV,aAAa,EAEb,gBAAgB,EACjB,MAAM,eAAe,CAAC;AACvB,OAAO,EAEL,KAAK,oBAAoB,EAE1B,MAAM,iBAAiB,CAAC;AAIzB,MAAM,WAAW,aAAa;IAC5B,SAAS,CAAC,GAAG,EAAE,OAAO,GAAG;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC;CACrF;AAED,MAAM,MAAM,eAAe,GAAG,CAC5B,GAAG,EAAE,OAAO,EACZ,MAAM,CAAC,EAAE,aAAa,KACnB,OAAO,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAC;AAElC,UAAU,eAAe;IACvB,GAAG,EAAE,OAAO,CAAC;IACb,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CAC1C;AAED,MAAM,WAAW,eAAe;IAC9B,GAAG,EAAE,eAAe,CAAC;IACrB,GAAG,EAAE,QAAQ,CAAC;IACd,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,QAAQ,CAAC;CAClD;AAED,MAAM,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;AAC3C,MAAM,MAAM,qBAAqB,GAAG,CAClC,CAAC,EAAE,eAAe,EAClB,IAAI,EAAE,QAAQ,KACX,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;AAI9B,MAAM,WAAW,eAAe;IAC9B,iFAAiF;IACjF,OAAO,CAAC,EAAE,OAAO,GAAG,aAAa,CAAC;IAClC,2FAA2F;IAC3F,SAAS,CAAC,EAAE,OAAO,GAAG,gBAAgB,CAAC;IACvC,kDAAkD;IAClD,GAAG,CAAC,EAAE,OAAO,GAAG,oBAAoB,CAAC;CACtC;AAwLD;;;;GAIG;AACH,wBAAgB,QAAQ,CACtB,OAAO,EAAE,eAAe,EACxB,OAAO,EAAE,eAAe,GACvB,eAAe,CAoCjB;AAED;;;;GAIG;AACH,wBAAgB,SAAS,CAAC,OAAO,GAAE,eAAoB,GAAG,qBAAqB,CAkC9E;AAED,eAAe,QAAQ,CAAC"}
package/dist/middleware/hono.d.ts CHANGED
@@ -7,6 +7,12 @@
7
7
  * That means it works in any runtime Hono targets: Cloudflare Workers,
8
8
  * Deno Deploy, Bun, AWS Lambda, Node, and so on.
9
9
  *
10
+ * **Scope:** rate-limit + bot detection + security headers. The
11
+ * Web Fetch shape means consuming the body stream in this adapter
12
+ * would defeat the downstream handler. For XSS/SQL/SSTI/etc. body
13
+ * payload blocking, call `sanitizeObject(await c.req.json())` from
14
+ * `@arcis/node/sanitizers` inside your route handler.
15
+ *
10
16
  * Quick start:
11
17
  *
12
18
  * ```ts
package/dist/middleware/hono.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"hono.d.ts","sourceRoot":"","sources":["../../src/middleware/hono.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAIH,OAAO,KAAK,EACV,aAAa,EAEb,gBAAgB,EACjB,MAAM,eAAe,CAAC;AACvB,OAAO,EAEL,KAAK,oBAAoB,EAE1B,MAAM,iBAAiB,CAAC;AAMzB,UAAU,eAAe;IACvB,GAAG,EAAE;QAAE,GAAG,EAAE,OAAO,CAAA;KAAE,CAAC;IACtB,GAAG,EAAE,QAAQ,CAAC;IACd,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAC/B;AAED,MAAM,MAAM,cAAc,GAAG,CAC3B,CAAC,EAAE,eAAe,EAClB,IAAI,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,KACtB,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;AAE9B,MAAM,WAAW,gBAAgB;IAC/B,iFAAiF;IACjF,OAAO,CAAC,EAAE,OAAO,GAAG,aAAa,CAAC;IAClC,2FAA2F;IAC3F,SAAS,CAAC,EAAE,OAAO,GAAG,gBAAgB,CAAC;IACvC;;;;OAIG;IACH,GAAG,CAAC,EAAE,OAAO,GAAG,oBAAoB,CAAC;CACtC;AAoJD;;;;;;;;;GASG;AACH,wBAAgB,SAAS,CAAC,OAAO,GAAE,gBAAqB,GAAG,cAAc,CAuExE;AAED,eAAe,SAAS,CAAC"}
1
+ {"version":3,"file":"hono.d.ts","sourceRoot":"","sources":["../../src/middleware/hono.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AAIH,OAAO,KAAK,EACV,aAAa,EAEb,gBAAgB,EACjB,MAAM,eAAe,CAAC;AACvB,OAAO,EAEL,KAAK,oBAAoB,EAE1B,MAAM,iBAAiB,CAAC;AAMzB,UAAU,eAAe;IACvB,GAAG,EAAE;QAAE,GAAG,EAAE,OAAO,CAAA;KAAE,CAAC;IACtB,GAAG,EAAE,QAAQ,CAAC;IACd,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAC/B;AAED,MAAM,MAAM,cAAc,GAAG,CAC3B,CAAC,EAAE,eAAe,EAClB,IAAI,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,KACtB,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;AAE9B,MAAM,WAAW,gBAAgB;IAC/B,iFAAiF;IACjF,OAAO,CAAC,EAAE,OAAO,GAAG,aAAa,CAAC;IAClC,2FAA2F;IAC3F,SAAS,CAAC,EAAE,OAAO,GAAG,gBAAgB,CAAC;IACvC;;;;OAIG;IACH,GAAG,CAAC,EAAE,OAAO,GAAG,oBAAoB,CAAC;CACtC;AAoJD;;;;;;;;;GASG;AACH,wBAAgB,SAAS,CAAC,OAAO,GAAE,gBAAqB,GAAG,cAAc,CAuExE;AAED,eAAe,SAAS,CAAC"}
package/dist/middleware/index.js CHANGED
@@ -945,9 +945,10 @@ function detectXxe(input) {
945
945
  // src/sanitizers/ldap.ts
946
946
  var LDAP_DETECT_PATTERN = /[*()\\\x00]/;
947
947
  var LDAP_INJECTION_PATTERN = /\)\s*\(|\*\s*\)\s*\(/;
948
+ var LDAP_NOT_BYPASS_PATTERN = /\)\s*\(\s*!|&\s*\(\s*!|\|\s*\(\s*!/;
948
949
  function detectLdapInjection(input) {
949
950
  if (typeof input !== "string") return false;
950
- return LDAP_DETECT_PATTERN.test(input) || LDAP_INJECTION_PATTERN.test(input);
951
+ return LDAP_DETECT_PATTERN.test(input) || LDAP_INJECTION_PATTERN.test(input) || LDAP_NOT_BYPASS_PATTERN.test(input);
951
952
  }
952
953
 
953
954
  // src/sanitizers/xpath.ts