@arcjet/analyze 1.0.0-beta.8 → 1.0.0-beta.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +9 -0
- package/index.js +21 -25
- package/package.json +22 -19
package/README.md
CHANGED
|
@@ -22,6 +22,9 @@ against common attacks.
|
|
|
22
22
|
|
|
23
23
|
This is the [Arcjet][arcjet] local analysis engine.
|
|
24
24
|
|
|
25
|
+
- [npm package (`@arcjet/analyze`)](https://www.npmjs.com/package/@arcjet/analyze)
|
|
26
|
+
- [GitHub source code (`analyze/` in `arcjet/arcjet-js`)](https://github.com/arcjet/arcjet-js/tree/main/analyze)
|
|
27
|
+
|
|
25
28
|
## Installation
|
|
26
29
|
|
|
27
30
|
```shell
|
|
@@ -30,6 +33,12 @@ npm install -S @arcjet/analyze
|
|
|
30
33
|
|
|
31
34
|
## Example
|
|
32
35
|
|
|
36
|
+
<!--
|
|
37
|
+
TODO(@wooorm-arcjet): I think this example is out of date?
|
|
38
|
+
Either remove it if we don’t want people to use this.
|
|
39
|
+
Or, change the API to allow simpler use?
|
|
40
|
+
-->
|
|
41
|
+
|
|
33
42
|
```ts
|
|
34
43
|
import { generateFingerprint, isValidEmail } from "@arcjet/analyze";
|
|
35
44
|
|
package/index.js
CHANGED
|
@@ -38,9 +38,11 @@ function createCoreImports(detect) {
|
|
|
38
38
|
return "unknown";
|
|
39
39
|
},
|
|
40
40
|
},
|
|
41
|
+
// TODO(@wooorm-arcjet): figure out a test case for this with the default `detect`.
|
|
41
42
|
"arcjet:js-req/sensitive-information-identifier": {
|
|
42
43
|
detect,
|
|
43
44
|
},
|
|
45
|
+
// TODO(@wooorm-arcjet): figure out a test case for this that calls `verify`.
|
|
44
46
|
"arcjet:js-req/verify-bot": {
|
|
45
47
|
verify() {
|
|
46
48
|
return "unverifiable";
|
|
@@ -48,6 +50,7 @@ function createCoreImports(detect) {
|
|
|
48
50
|
},
|
|
49
51
|
};
|
|
50
52
|
}
|
|
53
|
+
// TODO(@wooorm-arcjet): document what is used to fingerprint.
|
|
51
54
|
/**
|
|
52
55
|
* Generate a fingerprint for the client. This is used to identify the client
|
|
53
56
|
* across multiple requests.
|
|
@@ -61,46 +64,39 @@ async function generateFingerprint(context, request) {
|
|
|
61
64
|
const analyze = await initializeWasm(coreImports);
|
|
62
65
|
if (typeof analyze !== "undefined") {
|
|
63
66
|
return analyze.generateFingerprint(JSON.stringify(request), context.characteristics);
|
|
67
|
+
// Ignore the `else` branch as we test in places that have WebAssembly.
|
|
68
|
+
/* node:coverage ignore next 4 */
|
|
64
69
|
}
|
|
65
|
-
|
|
66
|
-
log.debug("WebAssembly is not supported in this runtime");
|
|
67
|
-
}
|
|
70
|
+
log.debug("WebAssembly is not supported in this runtime");
|
|
68
71
|
return "";
|
|
69
72
|
}
|
|
73
|
+
// TODO(@wooorm-arcjet): docs.
|
|
70
74
|
async function isValidEmail(context, candidate, options) {
|
|
71
75
|
const { log } = context;
|
|
72
76
|
const coreImports = createCoreImports();
|
|
73
77
|
const analyze = await initializeWasm(coreImports);
|
|
74
78
|
if (typeof analyze !== "undefined") {
|
|
75
79
|
return analyze.isValidEmail(candidate, options);
|
|
80
|
+
// Ignore the `else` branch as we test in places that have WebAssembly.
|
|
81
|
+
/* node:coverage ignore next 4 */
|
|
76
82
|
}
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
// Skip the local evaluation of the rule if WASM is not available
|
|
80
|
-
return {
|
|
81
|
-
validity: "valid",
|
|
82
|
-
blocked: [],
|
|
83
|
-
};
|
|
84
|
-
}
|
|
83
|
+
log.debug("WebAssembly is not supported in this runtime");
|
|
84
|
+
return { blocked: [], validity: "valid" };
|
|
85
85
|
}
|
|
86
|
+
// TODO(@wooorm-arcjet): docs.
|
|
86
87
|
async function detectBot(context, request, options) {
|
|
87
88
|
const { log } = context;
|
|
88
89
|
const coreImports = createCoreImports();
|
|
89
90
|
const analyze = await initializeWasm(coreImports);
|
|
90
91
|
if (typeof analyze !== "undefined") {
|
|
91
92
|
return analyze.detectBot(JSON.stringify(request), options);
|
|
93
|
+
// Ignore the `else` branch as we test in places that have WebAssembly.
|
|
94
|
+
/* node:coverage ignore next 4 */
|
|
92
95
|
}
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
// Skip the local evaluation of the rule if Wasm is not available
|
|
96
|
-
return {
|
|
97
|
-
allowed: [],
|
|
98
|
-
denied: [],
|
|
99
|
-
spoofed: false,
|
|
100
|
-
verified: false,
|
|
101
|
-
};
|
|
102
|
-
}
|
|
96
|
+
log.debug("WebAssembly is not supported in this runtime");
|
|
97
|
+
return { allowed: [], denied: [], spoofed: false, verified: false };
|
|
103
98
|
}
|
|
99
|
+
// TODO(@wooorm-arcjet): docs.
|
|
104
100
|
async function detectSensitiveInfo(context, candidate, entities, contextWindowSize, detect) {
|
|
105
101
|
const { log } = context;
|
|
106
102
|
const coreImports = createCoreImports(detect);
|
|
@@ -112,11 +108,11 @@ async function detectSensitiveInfo(context, candidate, entities, contextWindowSi
|
|
|
112
108
|
contextWindowSize,
|
|
113
109
|
skipCustomDetect,
|
|
114
110
|
});
|
|
111
|
+
// Ignore the `else` branch as we test in places that have WebAssembly.
|
|
112
|
+
/* node:coverage ignore next 4 */
|
|
115
113
|
}
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
throw new Error("SENSITIVE_INFO rule failed to run because Wasm is not supported in this environment.");
|
|
119
|
-
}
|
|
114
|
+
log.debug("WebAssembly is not supported in this runtime");
|
|
115
|
+
throw new Error("SENSITIVE_INFO rule failed to run because Wasm is not supported in this environment.");
|
|
120
116
|
}
|
|
121
117
|
|
|
122
118
|
export { detectBot, detectSensitiveInfo, generateFingerprint, isValidEmail };
|
package/package.json
CHANGED
|
@@ -1,7 +1,15 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@arcjet/analyze",
|
|
3
|
-
"version": "1.0.0-beta.
|
|
3
|
+
"version": "1.0.0-beta.9",
|
|
4
4
|
"description": "Arcjet local analysis engine",
|
|
5
|
+
"keywords": [
|
|
6
|
+
"analyze",
|
|
7
|
+
"arcjet",
|
|
8
|
+
"attack",
|
|
9
|
+
"limit",
|
|
10
|
+
"protect",
|
|
11
|
+
"verify"
|
|
12
|
+
],
|
|
5
13
|
"license": "Apache-2.0",
|
|
6
14
|
"homepage": "https://arcjet.com",
|
|
7
15
|
"repository": {
|
|
@@ -25,34 +33,29 @@
|
|
|
25
33
|
"main": "./index.js",
|
|
26
34
|
"types": "./index.d.ts",
|
|
27
35
|
"files": [
|
|
28
|
-
"
|
|
29
|
-
"
|
|
30
|
-
"_virtual/",
|
|
31
|
-
"wasm/",
|
|
32
|
-
"*.js",
|
|
33
|
-
"*.d.ts",
|
|
34
|
-
"!*.config.js"
|
|
36
|
+
"index.d.ts",
|
|
37
|
+
"index.js"
|
|
35
38
|
],
|
|
36
39
|
"scripts": {
|
|
37
|
-
"prepublishOnly": "npm run build",
|
|
38
40
|
"build": "rollup --config rollup.config.js",
|
|
39
41
|
"lint": "eslint .",
|
|
40
|
-
"
|
|
41
|
-
"test": "node --test
|
|
42
|
+
"prepublishOnly": "npm run build",
|
|
43
|
+
"test-api": "node --test",
|
|
44
|
+
"test-coverage": "node --experimental-test-coverage --test",
|
|
45
|
+
"test": "npm run build && npm run lint && npm run test-coverage"
|
|
42
46
|
},
|
|
43
47
|
"dependencies": {
|
|
44
|
-
"@arcjet/analyze-wasm": "1.0.0-beta.
|
|
45
|
-
"@arcjet/protocol": "1.0.0-beta.
|
|
48
|
+
"@arcjet/analyze-wasm": "1.0.0-beta.9",
|
|
49
|
+
"@arcjet/protocol": "1.0.0-beta.9"
|
|
46
50
|
},
|
|
47
51
|
"devDependencies": {
|
|
48
|
-
"@arcjet/eslint-config": "1.0.0-beta.
|
|
49
|
-
"@arcjet/rollup-config": "1.0.0-beta.
|
|
50
|
-
"@arcjet/tsconfig": "1.0.0-beta.
|
|
52
|
+
"@arcjet/eslint-config": "1.0.0-beta.9",
|
|
53
|
+
"@arcjet/rollup-config": "1.0.0-beta.9",
|
|
54
|
+
"@arcjet/tsconfig": "1.0.0-beta.9",
|
|
51
55
|
"@bytecodealliance/jco": "1.5.0",
|
|
52
|
-
"@rollup/wasm-node": "4.
|
|
56
|
+
"@rollup/wasm-node": "4.44.2",
|
|
53
57
|
"@types/node": "18.18.0",
|
|
54
|
-
"eslint": "9.
|
|
55
|
-
"expect": "29.7.0",
|
|
58
|
+
"eslint": "9.30.1",
|
|
56
59
|
"typescript": "5.8.3"
|
|
57
60
|
},
|
|
58
61
|
"publishConfig": {
|