@assemble-dev/shared-utils 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +93 -0
- package/dist/api-keys/index.cjs +90 -0
- package/dist/api-keys/index.d.cts +15 -0
- package/dist/api-keys/index.d.ts +15 -0
- package/dist/api-keys/index.js +46 -0
- package/dist/app-error-D7pnDUHg.d.cts +11 -0
- package/dist/app-error-D7pnDUHg.d.ts +11 -0
- package/dist/auth/index.cjs +202 -0
- package/dist/auth/index.d.cts +66 -0
- package/dist/auth/index.d.ts +66 -0
- package/dist/auth/index.js +155 -0
- package/dist/chunk-7TK7K2QQ.js +59 -0
- package/dist/chunk-CP7QDN2K.js +19 -0
- package/dist/chunk-HOZLAE6A.js +22 -0
- package/dist/chunk-OW6VCN32.js +17 -0
- package/dist/chunk-XDYQIW3Q.js +191 -0
- package/dist/errors/index.cjs +66 -0
- package/dist/errors/index.d.cts +6 -0
- package/dist/errors/index.d.ts +6 -0
- package/dist/errors/index.js +10 -0
- package/dist/ids/index.cjs +93 -0
- package/dist/ids/index.d.cts +13 -0
- package/dist/ids/index.d.ts +13 -0
- package/dist/ids/index.js +22 -0
- package/dist/index.cjs +388 -0
- package/dist/index.d.cts +18 -0
- package/dist/index.d.ts +18 -0
- package/dist/index.js +102 -0
- package/dist/provider-keys/index.cjs +46 -0
- package/dist/provider-keys/index.d.cts +6 -0
- package/dist/provider-keys/index.d.ts +6 -0
- package/dist/provider-keys/index.js +12 -0
- package/dist/redaction/index.cjs +230 -0
- package/dist/redaction/index.d.cts +55 -0
- package/dist/redaction/index.d.ts +55 -0
- package/dist/redaction/index.js +32 -0
- package/package.json +78 -0
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
import {
|
|
2
|
+
generateApiKeyId,
|
|
3
|
+
generateApprovalId,
|
|
4
|
+
generateEvalRunId,
|
|
5
|
+
generateRunId,
|
|
6
|
+
generateTraceEventId,
|
|
7
|
+
hasIdPrefix,
|
|
8
|
+
idPrefixes,
|
|
9
|
+
isValidPrefixedId,
|
|
10
|
+
parseIdPrefix
|
|
11
|
+
} from "../chunk-7TK7K2QQ.js";
|
|
12
|
+
export {
|
|
13
|
+
generateApiKeyId,
|
|
14
|
+
generateApprovalId,
|
|
15
|
+
generateEvalRunId,
|
|
16
|
+
generateRunId,
|
|
17
|
+
generateTraceEventId,
|
|
18
|
+
hasIdPrefix,
|
|
19
|
+
idPrefixes,
|
|
20
|
+
isValidPrefixedId,
|
|
21
|
+
parseIdPrefix
|
|
22
|
+
};
|
package/dist/index.cjs
ADDED
|
@@ -0,0 +1,388 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __defProp = Object.defineProperty;
|
|
3
|
+
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
4
|
+
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
5
|
+
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
6
|
+
var __export = (target, all) => {
|
|
7
|
+
for (var name in all)
|
|
8
|
+
__defProp(target, name, { get: all[name], enumerable: true });
|
|
9
|
+
};
|
|
10
|
+
var __copyProps = (to, from, except, desc) => {
|
|
11
|
+
if (from && typeof from === "object" || typeof from === "function") {
|
|
12
|
+
for (let key of __getOwnPropNames(from))
|
|
13
|
+
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
14
|
+
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
15
|
+
}
|
|
16
|
+
return to;
|
|
17
|
+
};
|
|
18
|
+
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
19
|
+
|
|
20
|
+
// src/index.ts
|
|
21
|
+
var index_exports = {};
|
|
22
|
+
__export(index_exports, {
|
|
23
|
+
AppError: () => AppError,
|
|
24
|
+
RedactTracePayloadOptionsSchema: () => RedactTracePayloadOptionsSchema,
|
|
25
|
+
RedactionModeSchema: () => RedactionModeSchema,
|
|
26
|
+
buildNamedApiKeyEnvVarName: () => buildNamedApiKeyEnvVarName,
|
|
27
|
+
createAppErrorResponse: () => createAppErrorResponse,
|
|
28
|
+
decodeKeysetCursor: () => decodeKeysetCursor,
|
|
29
|
+
defaultRedactionMode: () => defaultRedactionMode,
|
|
30
|
+
encodeKeysetCursor: () => encodeKeysetCursor,
|
|
31
|
+
expectedProviderApiKeyNameFormat: () => expectedProviderApiKeyNameFormat,
|
|
32
|
+
generateApiKeyId: () => generateApiKeyId,
|
|
33
|
+
generateApprovalId: () => generateApprovalId,
|
|
34
|
+
generateEvalRunId: () => generateEvalRunId,
|
|
35
|
+
generateRunId: () => generateRunId,
|
|
36
|
+
generateTraceEventId: () => generateTraceEventId,
|
|
37
|
+
hasIdPrefix: () => hasIdPrefix,
|
|
38
|
+
idPrefixes: () => idPrefixes,
|
|
39
|
+
isBearerTokenShapedString: () => isBearerTokenShapedString,
|
|
40
|
+
isJwtShapedString: () => isJwtShapedString,
|
|
41
|
+
isProviderApiKeyShapedString: () => isProviderApiKeyShapedString,
|
|
42
|
+
isSecretNamedField: () => isSecretNamedField,
|
|
43
|
+
isSecretShapedString: () => isSecretShapedString,
|
|
44
|
+
isValidPrefixedId: () => isValidPrefixedId,
|
|
45
|
+
parseIdPrefix: () => parseIdPrefix,
|
|
46
|
+
providerApiKeyNamePattern: () => providerApiKeyNamePattern,
|
|
47
|
+
redactTracePayload: () => redactTracePayload,
|
|
48
|
+
redactedValue: () => redactedValue,
|
|
49
|
+
replaceProviderApiKeySubstrings: () => replaceProviderApiKeySubstrings,
|
|
50
|
+
replaceSecretShapedSubstrings: () => replaceSecretShapedSubstrings,
|
|
51
|
+
resolveRedactionMode: () => resolveRedactionMode,
|
|
52
|
+
summarizeJsonValue: () => summarizeJsonValue,
|
|
53
|
+
validateProviderApiKeyName: () => validateProviderApiKeyName
|
|
54
|
+
});
|
|
55
|
+
module.exports = __toCommonJS(index_exports);
|
|
56
|
+
|
|
57
|
+
// src/errors/app-error.ts
|
|
58
|
+
var AppError = class extends Error {
|
|
59
|
+
code;
|
|
60
|
+
statusCode;
|
|
61
|
+
details;
|
|
62
|
+
cause;
|
|
63
|
+
constructor(input) {
|
|
64
|
+
super(input.message);
|
|
65
|
+
this.name = "AppError";
|
|
66
|
+
this.code = input.code;
|
|
67
|
+
this.statusCode = input.statusCode;
|
|
68
|
+
this.details = input.details;
|
|
69
|
+
this.cause = input.cause;
|
|
70
|
+
}
|
|
71
|
+
};
|
|
72
|
+
|
|
73
|
+
// src/errors/handle-app-error.ts
|
|
74
|
+
function createAppErrorResponse(error) {
|
|
75
|
+
if (error.details === void 0) {
|
|
76
|
+
return {
|
|
77
|
+
error: {
|
|
78
|
+
code: error.code,
|
|
79
|
+
message: error.message
|
|
80
|
+
}
|
|
81
|
+
};
|
|
82
|
+
}
|
|
83
|
+
return {
|
|
84
|
+
error: {
|
|
85
|
+
code: error.code,
|
|
86
|
+
message: error.message,
|
|
87
|
+
details: error.details
|
|
88
|
+
}
|
|
89
|
+
};
|
|
90
|
+
}
|
|
91
|
+
|
|
92
|
+
// src/ids/generate-id.ts
|
|
93
|
+
var import_node_crypto = require("node:crypto");
|
|
94
|
+
var idPrefixes = [
|
|
95
|
+
"run_",
|
|
96
|
+
"evt_",
|
|
97
|
+
"key_",
|
|
98
|
+
"eval_",
|
|
99
|
+
"apr_"
|
|
100
|
+
];
|
|
101
|
+
var suffixByteLength = 16;
|
|
102
|
+
var suffixHexLength = suffixByteLength * 2;
|
|
103
|
+
var suffixPattern = /^[0-9a-f]+$/;
|
|
104
|
+
function generateRandomSuffix() {
|
|
105
|
+
return (0, import_node_crypto.randomBytes)(suffixByteLength).toString("hex");
|
|
106
|
+
}
|
|
107
|
+
function generatePrefixedId(prefix) {
|
|
108
|
+
return `${prefix}${generateRandomSuffix()}`;
|
|
109
|
+
}
|
|
110
|
+
function generateRunId() {
|
|
111
|
+
return generatePrefixedId("run_");
|
|
112
|
+
}
|
|
113
|
+
function generateTraceEventId() {
|
|
114
|
+
return generatePrefixedId("evt_");
|
|
115
|
+
}
|
|
116
|
+
function generateApiKeyId() {
|
|
117
|
+
return generatePrefixedId("key_");
|
|
118
|
+
}
|
|
119
|
+
function generateEvalRunId() {
|
|
120
|
+
return generatePrefixedId("eval_");
|
|
121
|
+
}
|
|
122
|
+
function generateApprovalId() {
|
|
123
|
+
return generatePrefixedId("apr_");
|
|
124
|
+
}
|
|
125
|
+
function parseIdPrefix(id) {
|
|
126
|
+
const matchedPrefix = idPrefixes.find((prefix) => id.startsWith(prefix));
|
|
127
|
+
return matchedPrefix ?? null;
|
|
128
|
+
}
|
|
129
|
+
function hasIdPrefix(id, prefix) {
|
|
130
|
+
return id.startsWith(prefix);
|
|
131
|
+
}
|
|
132
|
+
function isValidPrefixedId(id, prefix) {
|
|
133
|
+
if (!id.startsWith(prefix)) {
|
|
134
|
+
return false;
|
|
135
|
+
}
|
|
136
|
+
const suffix = id.slice(prefix.length);
|
|
137
|
+
return suffix.length === suffixHexLength && suffixPattern.test(suffix);
|
|
138
|
+
}
|
|
139
|
+
|
|
140
|
+
// src/pagination/cursor.ts
|
|
141
|
+
var import_shared_types = require("@assemble-dev/shared-types");
|
|
142
|
+
var import_zod = require("zod");
|
|
143
|
+
var KeysetCursorSchema = import_zod.z.object({
|
|
144
|
+
createdAt: import_zod.z.iso.datetime(),
|
|
145
|
+
id: import_zod.z.string().min(1)
|
|
146
|
+
});
|
|
147
|
+
function encodeKeysetCursor(cursor) {
|
|
148
|
+
return Buffer.from(JSON.stringify(cursor)).toString("base64url");
|
|
149
|
+
}
|
|
150
|
+
function decodeCursorJson(rawCursor) {
|
|
151
|
+
try {
|
|
152
|
+
const decoded = Buffer.from(rawCursor, "base64url").toString("utf8");
|
|
153
|
+
return JSON.parse(decoded);
|
|
154
|
+
} catch {
|
|
155
|
+
return null;
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
function decodeKeysetCursor(rawCursor) {
|
|
159
|
+
const parsed = KeysetCursorSchema.safeParse(decodeCursorJson(rawCursor));
|
|
160
|
+
if (!parsed.success) {
|
|
161
|
+
throw new AppError({
|
|
162
|
+
code: import_shared_types.AppErrorCode.BadRequest,
|
|
163
|
+
message: "Invalid pagination cursor",
|
|
164
|
+
statusCode: 400
|
|
165
|
+
});
|
|
166
|
+
}
|
|
167
|
+
return parsed.data;
|
|
168
|
+
}
|
|
169
|
+
|
|
170
|
+
// src/provider-keys/named-api-key-env.ts
|
|
171
|
+
var providerApiKeyNamePattern = /^[A-Za-z][A-Za-z0-9_-]*$/;
|
|
172
|
+
var expectedProviderApiKeyNameFormat = "a letter followed by letters, numbers, hyphens, or underscores";
|
|
173
|
+
function validateProviderApiKeyName(apiKeyName) {
|
|
174
|
+
return providerApiKeyNamePattern.test(apiKeyName);
|
|
175
|
+
}
|
|
176
|
+
function buildNamedApiKeyEnvVarName(baseEnvVarName, apiKeyName) {
|
|
177
|
+
const normalizedName = apiKeyName.toUpperCase().replaceAll("-", "_");
|
|
178
|
+
return `${baseEnvVarName}_${normalizedName}`;
|
|
179
|
+
}
|
|
180
|
+
|
|
181
|
+
// src/redaction/redaction-mode.ts
|
|
182
|
+
var import_zod2 = require("zod");
|
|
183
|
+
var RedactionModeSchema = import_zod2.z.enum([
|
|
184
|
+
"metadata-only",
|
|
185
|
+
"redacted",
|
|
186
|
+
"full"
|
|
187
|
+
]);
|
|
188
|
+
var defaultRedactionMode = "redacted";
|
|
189
|
+
function resolveRedactionMode(mode) {
|
|
190
|
+
return mode ?? defaultRedactionMode;
|
|
191
|
+
}
|
|
192
|
+
|
|
193
|
+
// src/redaction/secret-detection.ts
|
|
194
|
+
var redactedValue = "[REDACTED]";
|
|
195
|
+
var providerApiKeyPrefixes = [
|
|
196
|
+
"sk-",
|
|
197
|
+
"sk_live_",
|
|
198
|
+
"sk_test_",
|
|
199
|
+
"asm_",
|
|
200
|
+
"ghp_",
|
|
201
|
+
"gho_",
|
|
202
|
+
"ghs_",
|
|
203
|
+
"ghu_",
|
|
204
|
+
"github_pat_",
|
|
205
|
+
"xoxb-",
|
|
206
|
+
"xoxp-",
|
|
207
|
+
"xoxa-",
|
|
208
|
+
"xoxs-",
|
|
209
|
+
"pk_live_",
|
|
210
|
+
"rk_live_",
|
|
211
|
+
"whsec_",
|
|
212
|
+
"AKIA"
|
|
213
|
+
];
|
|
214
|
+
var secretBodyPattern = /^[A-Za-z0-9+/=_.-]{12,}$/;
|
|
215
|
+
var bearerTokenPattern = /^bearer\s+\S+/i;
|
|
216
|
+
var jwtShapedPattern = /^eyJ[A-Za-z0-9_-]{8,}\.[A-Za-z0-9_-]{8,}/;
|
|
217
|
+
var secretFieldNameSuffixes = [
|
|
218
|
+
"api_key",
|
|
219
|
+
"apikey",
|
|
220
|
+
"secret",
|
|
221
|
+
"token",
|
|
222
|
+
"password"
|
|
223
|
+
];
|
|
224
|
+
function escapeRegExpLiteral(literal) {
|
|
225
|
+
return literal.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
|
|
226
|
+
}
|
|
227
|
+
function buildProviderApiKeySubstringPattern() {
|
|
228
|
+
const escapedPrefixes = providerApiKeyPrefixes.map(escapeRegExpLiteral).join("|");
|
|
229
|
+
return new RegExp(`(?:${escapedPrefixes})[A-Za-z0-9+/=_.-]{12,}`, "g");
|
|
230
|
+
}
|
|
231
|
+
var providerApiKeySubstringPattern = buildProviderApiKeySubstringPattern();
|
|
232
|
+
var bearerTokenSubstringPattern = /bearer\s+\S+/gi;
|
|
233
|
+
var jwtShapedSubstringPattern = /eyJ[A-Za-z0-9_-]{8,}\.[A-Za-z0-9_-]{8,}[A-Za-z0-9_.-]*/g;
|
|
234
|
+
function replaceProviderApiKeySubstrings(value) {
|
|
235
|
+
return value.replace(providerApiKeySubstringPattern, redactedValue);
|
|
236
|
+
}
|
|
237
|
+
function replaceSecretShapedSubstrings(value) {
|
|
238
|
+
return replaceProviderApiKeySubstrings(value).replace(bearerTokenSubstringPattern, redactedValue).replace(jwtShapedSubstringPattern, redactedValue);
|
|
239
|
+
}
|
|
240
|
+
function isProviderApiKeyShapedString(value) {
|
|
241
|
+
return providerApiKeyPrefixes.some(
|
|
242
|
+
(prefix) => value.startsWith(prefix) && secretBodyPattern.test(value.slice(prefix.length))
|
|
243
|
+
);
|
|
244
|
+
}
|
|
245
|
+
function isBearerTokenShapedString(value) {
|
|
246
|
+
return bearerTokenPattern.test(value);
|
|
247
|
+
}
|
|
248
|
+
function isJwtShapedString(value) {
|
|
249
|
+
return jwtShapedPattern.test(value);
|
|
250
|
+
}
|
|
251
|
+
function isSecretShapedString(value) {
|
|
252
|
+
return isProviderApiKeyShapedString(value) || isBearerTokenShapedString(value) || isJwtShapedString(value);
|
|
253
|
+
}
|
|
254
|
+
function isSecretNamedField(fieldName) {
|
|
255
|
+
const normalizedFieldName = fieldName.toLowerCase();
|
|
256
|
+
if (normalizedFieldName === "authorization") {
|
|
257
|
+
return true;
|
|
258
|
+
}
|
|
259
|
+
return secretFieldNameSuffixes.some(
|
|
260
|
+
(suffix) => normalizedFieldName.endsWith(suffix)
|
|
261
|
+
);
|
|
262
|
+
}
|
|
263
|
+
|
|
264
|
+
// src/redaction/summarize-json-value.ts
|
|
265
|
+
function summarizeJsonValue(value) {
|
|
266
|
+
if (value === null) {
|
|
267
|
+
return { kind: "null" };
|
|
268
|
+
}
|
|
269
|
+
if (typeof value === "string") {
|
|
270
|
+
return { kind: "string", length: value.length };
|
|
271
|
+
}
|
|
272
|
+
if (typeof value === "number") {
|
|
273
|
+
return { kind: "number" };
|
|
274
|
+
}
|
|
275
|
+
if (typeof value === "boolean") {
|
|
276
|
+
return { kind: "boolean" };
|
|
277
|
+
}
|
|
278
|
+
if (Array.isArray(value)) {
|
|
279
|
+
return { kind: "array", length: value.length };
|
|
280
|
+
}
|
|
281
|
+
return { kind: "object", keys: Object.keys(value) };
|
|
282
|
+
}
|
|
283
|
+
|
|
284
|
+
// src/redaction/redact-trace-payload.ts
|
|
285
|
+
var import_zod3 = require("zod");
|
|
286
|
+
var RedactTracePayloadOptionsSchema = import_zod3.z.object({
|
|
287
|
+
mode: RedactionModeSchema.optional(),
|
|
288
|
+
sensitiveFieldNames: import_zod3.z.array(import_zod3.z.string()).optional()
|
|
289
|
+
});
|
|
290
|
+
function redactTracePayload(payload, options) {
|
|
291
|
+
const mode = resolveRedactionMode(options?.mode);
|
|
292
|
+
if (mode === "metadata-only") {
|
|
293
|
+
return { payload: summarizeJsonValue(payload), redacted: true };
|
|
294
|
+
}
|
|
295
|
+
const context = {
|
|
296
|
+
mode,
|
|
297
|
+
sensitiveFieldNames: buildSensitiveFieldNameSet(
|
|
298
|
+
options?.sensitiveFieldNames
|
|
299
|
+
),
|
|
300
|
+
redactedValueCount: 0
|
|
301
|
+
};
|
|
302
|
+
const redactedPayload = redactJsonValue(payload, context);
|
|
303
|
+
return {
|
|
304
|
+
payload: redactedPayload,
|
|
305
|
+
redacted: mode !== "full" || context.redactedValueCount > 0
|
|
306
|
+
};
|
|
307
|
+
}
|
|
308
|
+
function buildSensitiveFieldNameSet(fieldNames) {
|
|
309
|
+
return new Set(
|
|
310
|
+
(fieldNames ?? []).map((fieldName) => fieldName.toLowerCase())
|
|
311
|
+
);
|
|
312
|
+
}
|
|
313
|
+
function redactJsonValue(value, context) {
|
|
314
|
+
if (typeof value === "string") {
|
|
315
|
+
return redactStringValue(value, context);
|
|
316
|
+
}
|
|
317
|
+
if (Array.isArray(value)) {
|
|
318
|
+
return value.map((item) => redactJsonValue(item, context));
|
|
319
|
+
}
|
|
320
|
+
if (value !== null && typeof value === "object") {
|
|
321
|
+
return redactObjectValue(value, context);
|
|
322
|
+
}
|
|
323
|
+
return value;
|
|
324
|
+
}
|
|
325
|
+
function redactStringValue(value, context) {
|
|
326
|
+
const shouldRedactWholeString = context.mode === "full" ? isProviderApiKeyShapedString(value) : isSecretShapedString(value);
|
|
327
|
+
if (shouldRedactWholeString) {
|
|
328
|
+
context.redactedValueCount += 1;
|
|
329
|
+
return redactedValue;
|
|
330
|
+
}
|
|
331
|
+
const valueWithSecretsReplaced = context.mode === "full" ? replaceProviderApiKeySubstrings(value) : replaceSecretShapedSubstrings(value);
|
|
332
|
+
if (valueWithSecretsReplaced !== value) {
|
|
333
|
+
context.redactedValueCount += 1;
|
|
334
|
+
}
|
|
335
|
+
return valueWithSecretsReplaced;
|
|
336
|
+
}
|
|
337
|
+
function redactObjectValue(value, context) {
|
|
338
|
+
const redactedEntries = Object.entries(value).map(
|
|
339
|
+
([fieldName, fieldValue]) => {
|
|
340
|
+
if (shouldRedactFieldValue(fieldName, context)) {
|
|
341
|
+
context.redactedValueCount += 1;
|
|
342
|
+
return [fieldName, redactedValue];
|
|
343
|
+
}
|
|
344
|
+
return [fieldName, redactJsonValue(fieldValue, context)];
|
|
345
|
+
}
|
|
346
|
+
);
|
|
347
|
+
return Object.fromEntries(redactedEntries);
|
|
348
|
+
}
|
|
349
|
+
function shouldRedactFieldValue(fieldName, context) {
|
|
350
|
+
if (context.sensitiveFieldNames.has(fieldName.toLowerCase())) {
|
|
351
|
+
return true;
|
|
352
|
+
}
|
|
353
|
+
return context.mode === "redacted" && isSecretNamedField(fieldName);
|
|
354
|
+
}
|
|
355
|
+
// Annotate the CommonJS export names for ESM import in node:
|
|
356
|
+
0 && (module.exports = {
|
|
357
|
+
AppError,
|
|
358
|
+
RedactTracePayloadOptionsSchema,
|
|
359
|
+
RedactionModeSchema,
|
|
360
|
+
buildNamedApiKeyEnvVarName,
|
|
361
|
+
createAppErrorResponse,
|
|
362
|
+
decodeKeysetCursor,
|
|
363
|
+
defaultRedactionMode,
|
|
364
|
+
encodeKeysetCursor,
|
|
365
|
+
expectedProviderApiKeyNameFormat,
|
|
366
|
+
generateApiKeyId,
|
|
367
|
+
generateApprovalId,
|
|
368
|
+
generateEvalRunId,
|
|
369
|
+
generateRunId,
|
|
370
|
+
generateTraceEventId,
|
|
371
|
+
hasIdPrefix,
|
|
372
|
+
idPrefixes,
|
|
373
|
+
isBearerTokenShapedString,
|
|
374
|
+
isJwtShapedString,
|
|
375
|
+
isProviderApiKeyShapedString,
|
|
376
|
+
isSecretNamedField,
|
|
377
|
+
isSecretShapedString,
|
|
378
|
+
isValidPrefixedId,
|
|
379
|
+
parseIdPrefix,
|
|
380
|
+
providerApiKeyNamePattern,
|
|
381
|
+
redactTracePayload,
|
|
382
|
+
redactedValue,
|
|
383
|
+
replaceProviderApiKeySubstrings,
|
|
384
|
+
replaceSecretShapedSubstrings,
|
|
385
|
+
resolveRedactionMode,
|
|
386
|
+
summarizeJsonValue,
|
|
387
|
+
validateProviderApiKeyName
|
|
388
|
+
});
|
package/dist/index.d.cts
ADDED
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
export { A as AppError } from './app-error-D7pnDUHg.cjs';
|
|
2
|
+
export { createAppErrorResponse } from './errors/index.cjs';
|
|
3
|
+
export { IdPrefix, PrefixedId, generateApiKeyId, generateApprovalId, generateEvalRunId, generateRunId, generateTraceEventId, hasIdPrefix, idPrefixes, isValidPrefixedId, parseIdPrefix } from './ids/index.cjs';
|
|
4
|
+
import { z } from 'zod';
|
|
5
|
+
export { buildNamedApiKeyEnvVarName, expectedProviderApiKeyNameFormat, providerApiKeyNamePattern, validateProviderApiKeyName } from './provider-keys/index.cjs';
|
|
6
|
+
export { JsonValueSummary, RedactTracePayloadOptions, RedactTracePayloadOptionsSchema, RedactTracePayloadResult, RedactionMode, RedactionModeSchema, defaultRedactionMode, isBearerTokenShapedString, isJwtShapedString, isProviderApiKeyShapedString, isSecretNamedField, isSecretShapedString, redactTracePayload, redactedValue, replaceProviderApiKeySubstrings, replaceSecretShapedSubstrings, resolveRedactionMode, summarizeJsonValue } from './redaction/index.cjs';
|
|
7
|
+
import '@assemble-dev/shared-types';
|
|
8
|
+
import '@assemble-dev/shared-types/json';
|
|
9
|
+
|
|
10
|
+
declare const KeysetCursorSchema: z.ZodObject<{
|
|
11
|
+
createdAt: z.ZodISODateTime;
|
|
12
|
+
id: z.ZodString;
|
|
13
|
+
}, z.core.$strip>;
|
|
14
|
+
type KeysetCursor = z.infer<typeof KeysetCursorSchema>;
|
|
15
|
+
declare function encodeKeysetCursor(cursor: KeysetCursor): string;
|
|
16
|
+
declare function decodeKeysetCursor(rawCursor: string): KeysetCursor;
|
|
17
|
+
|
|
18
|
+
export { type KeysetCursor, decodeKeysetCursor, encodeKeysetCursor };
|
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
export { A as AppError } from './app-error-D7pnDUHg.js';
|
|
2
|
+
export { createAppErrorResponse } from './errors/index.js';
|
|
3
|
+
export { IdPrefix, PrefixedId, generateApiKeyId, generateApprovalId, generateEvalRunId, generateRunId, generateTraceEventId, hasIdPrefix, idPrefixes, isValidPrefixedId, parseIdPrefix } from './ids/index.js';
|
|
4
|
+
import { z } from 'zod';
|
|
5
|
+
export { buildNamedApiKeyEnvVarName, expectedProviderApiKeyNameFormat, providerApiKeyNamePattern, validateProviderApiKeyName } from './provider-keys/index.js';
|
|
6
|
+
export { JsonValueSummary, RedactTracePayloadOptions, RedactTracePayloadOptionsSchema, RedactTracePayloadResult, RedactionMode, RedactionModeSchema, defaultRedactionMode, isBearerTokenShapedString, isJwtShapedString, isProviderApiKeyShapedString, isSecretNamedField, isSecretShapedString, redactTracePayload, redactedValue, replaceProviderApiKeySubstrings, replaceSecretShapedSubstrings, resolveRedactionMode, summarizeJsonValue } from './redaction/index.js';
|
|
7
|
+
import '@assemble-dev/shared-types';
|
|
8
|
+
import '@assemble-dev/shared-types/json';
|
|
9
|
+
|
|
10
|
+
declare const KeysetCursorSchema: z.ZodObject<{
|
|
11
|
+
createdAt: z.ZodISODateTime;
|
|
12
|
+
id: z.ZodString;
|
|
13
|
+
}, z.core.$strip>;
|
|
14
|
+
type KeysetCursor = z.infer<typeof KeysetCursorSchema>;
|
|
15
|
+
declare function encodeKeysetCursor(cursor: KeysetCursor): string;
|
|
16
|
+
declare function decodeKeysetCursor(rawCursor: string): KeysetCursor;
|
|
17
|
+
|
|
18
|
+
export { type KeysetCursor, decodeKeysetCursor, encodeKeysetCursor };
|
package/dist/index.js
ADDED
|
@@ -0,0 +1,102 @@
|
|
|
1
|
+
import {
|
|
2
|
+
createAppErrorResponse
|
|
3
|
+
} from "./chunk-HOZLAE6A.js";
|
|
4
|
+
import {
|
|
5
|
+
AppError
|
|
6
|
+
} from "./chunk-CP7QDN2K.js";
|
|
7
|
+
import {
|
|
8
|
+
generateApiKeyId,
|
|
9
|
+
generateApprovalId,
|
|
10
|
+
generateEvalRunId,
|
|
11
|
+
generateRunId,
|
|
12
|
+
generateTraceEventId,
|
|
13
|
+
hasIdPrefix,
|
|
14
|
+
idPrefixes,
|
|
15
|
+
isValidPrefixedId,
|
|
16
|
+
parseIdPrefix
|
|
17
|
+
} from "./chunk-7TK7K2QQ.js";
|
|
18
|
+
import {
|
|
19
|
+
buildNamedApiKeyEnvVarName,
|
|
20
|
+
expectedProviderApiKeyNameFormat,
|
|
21
|
+
providerApiKeyNamePattern,
|
|
22
|
+
validateProviderApiKeyName
|
|
23
|
+
} from "./chunk-OW6VCN32.js";
|
|
24
|
+
import {
|
|
25
|
+
RedactTracePayloadOptionsSchema,
|
|
26
|
+
RedactionModeSchema,
|
|
27
|
+
defaultRedactionMode,
|
|
28
|
+
isBearerTokenShapedString,
|
|
29
|
+
isJwtShapedString,
|
|
30
|
+
isProviderApiKeyShapedString,
|
|
31
|
+
isSecretNamedField,
|
|
32
|
+
isSecretShapedString,
|
|
33
|
+
redactTracePayload,
|
|
34
|
+
redactedValue,
|
|
35
|
+
replaceProviderApiKeySubstrings,
|
|
36
|
+
replaceSecretShapedSubstrings,
|
|
37
|
+
resolveRedactionMode,
|
|
38
|
+
summarizeJsonValue
|
|
39
|
+
} from "./chunk-XDYQIW3Q.js";
|
|
40
|
+
|
|
41
|
+
// src/pagination/cursor.ts
|
|
42
|
+
import { AppErrorCode } from "@assemble-dev/shared-types";
|
|
43
|
+
import { z } from "zod";
|
|
44
|
+
var KeysetCursorSchema = z.object({
|
|
45
|
+
createdAt: z.iso.datetime(),
|
|
46
|
+
id: z.string().min(1)
|
|
47
|
+
});
|
|
48
|
+
function encodeKeysetCursor(cursor) {
|
|
49
|
+
return Buffer.from(JSON.stringify(cursor)).toString("base64url");
|
|
50
|
+
}
|
|
51
|
+
function decodeCursorJson(rawCursor) {
|
|
52
|
+
try {
|
|
53
|
+
const decoded = Buffer.from(rawCursor, "base64url").toString("utf8");
|
|
54
|
+
return JSON.parse(decoded);
|
|
55
|
+
} catch {
|
|
56
|
+
return null;
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
function decodeKeysetCursor(rawCursor) {
|
|
60
|
+
const parsed = KeysetCursorSchema.safeParse(decodeCursorJson(rawCursor));
|
|
61
|
+
if (!parsed.success) {
|
|
62
|
+
throw new AppError({
|
|
63
|
+
code: AppErrorCode.BadRequest,
|
|
64
|
+
message: "Invalid pagination cursor",
|
|
65
|
+
statusCode: 400
|
|
66
|
+
});
|
|
67
|
+
}
|
|
68
|
+
return parsed.data;
|
|
69
|
+
}
|
|
70
|
+
export {
|
|
71
|
+
AppError,
|
|
72
|
+
RedactTracePayloadOptionsSchema,
|
|
73
|
+
RedactionModeSchema,
|
|
74
|
+
buildNamedApiKeyEnvVarName,
|
|
75
|
+
createAppErrorResponse,
|
|
76
|
+
decodeKeysetCursor,
|
|
77
|
+
defaultRedactionMode,
|
|
78
|
+
encodeKeysetCursor,
|
|
79
|
+
expectedProviderApiKeyNameFormat,
|
|
80
|
+
generateApiKeyId,
|
|
81
|
+
generateApprovalId,
|
|
82
|
+
generateEvalRunId,
|
|
83
|
+
generateRunId,
|
|
84
|
+
generateTraceEventId,
|
|
85
|
+
hasIdPrefix,
|
|
86
|
+
idPrefixes,
|
|
87
|
+
isBearerTokenShapedString,
|
|
88
|
+
isJwtShapedString,
|
|
89
|
+
isProviderApiKeyShapedString,
|
|
90
|
+
isSecretNamedField,
|
|
91
|
+
isSecretShapedString,
|
|
92
|
+
isValidPrefixedId,
|
|
93
|
+
parseIdPrefix,
|
|
94
|
+
providerApiKeyNamePattern,
|
|
95
|
+
redactTracePayload,
|
|
96
|
+
redactedValue,
|
|
97
|
+
replaceProviderApiKeySubstrings,
|
|
98
|
+
replaceSecretShapedSubstrings,
|
|
99
|
+
resolveRedactionMode,
|
|
100
|
+
summarizeJsonValue,
|
|
101
|
+
validateProviderApiKeyName
|
|
102
|
+
};
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __defProp = Object.defineProperty;
|
|
3
|
+
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
4
|
+
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
5
|
+
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
6
|
+
var __export = (target, all) => {
|
|
7
|
+
for (var name in all)
|
|
8
|
+
__defProp(target, name, { get: all[name], enumerable: true });
|
|
9
|
+
};
|
|
10
|
+
var __copyProps = (to, from, except, desc) => {
|
|
11
|
+
if (from && typeof from === "object" || typeof from === "function") {
|
|
12
|
+
for (let key of __getOwnPropNames(from))
|
|
13
|
+
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
14
|
+
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
15
|
+
}
|
|
16
|
+
return to;
|
|
17
|
+
};
|
|
18
|
+
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
19
|
+
|
|
20
|
+
// src/provider-keys/index.ts
|
|
21
|
+
var provider_keys_exports = {};
|
|
22
|
+
__export(provider_keys_exports, {
|
|
23
|
+
buildNamedApiKeyEnvVarName: () => buildNamedApiKeyEnvVarName,
|
|
24
|
+
expectedProviderApiKeyNameFormat: () => expectedProviderApiKeyNameFormat,
|
|
25
|
+
providerApiKeyNamePattern: () => providerApiKeyNamePattern,
|
|
26
|
+
validateProviderApiKeyName: () => validateProviderApiKeyName
|
|
27
|
+
});
|
|
28
|
+
module.exports = __toCommonJS(provider_keys_exports);
|
|
29
|
+
|
|
30
|
+
// src/provider-keys/named-api-key-env.ts
|
|
31
|
+
var providerApiKeyNamePattern = /^[A-Za-z][A-Za-z0-9_-]*$/;
|
|
32
|
+
var expectedProviderApiKeyNameFormat = "a letter followed by letters, numbers, hyphens, or underscores";
|
|
33
|
+
function validateProviderApiKeyName(apiKeyName) {
|
|
34
|
+
return providerApiKeyNamePattern.test(apiKeyName);
|
|
35
|
+
}
|
|
36
|
+
function buildNamedApiKeyEnvVarName(baseEnvVarName, apiKeyName) {
|
|
37
|
+
const normalizedName = apiKeyName.toUpperCase().replaceAll("-", "_");
|
|
38
|
+
return `${baseEnvVarName}_${normalizedName}`;
|
|
39
|
+
}
|
|
40
|
+
// Annotate the CommonJS export names for ESM import in node:
|
|
41
|
+
0 && (module.exports = {
|
|
42
|
+
buildNamedApiKeyEnvVarName,
|
|
43
|
+
expectedProviderApiKeyNameFormat,
|
|
44
|
+
providerApiKeyNamePattern,
|
|
45
|
+
validateProviderApiKeyName
|
|
46
|
+
});
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
declare const providerApiKeyNamePattern: RegExp;
|
|
2
|
+
declare const expectedProviderApiKeyNameFormat = "a letter followed by letters, numbers, hyphens, or underscores";
|
|
3
|
+
declare function validateProviderApiKeyName(apiKeyName: string): boolean;
|
|
4
|
+
declare function buildNamedApiKeyEnvVarName(baseEnvVarName: string, apiKeyName: string): string;
|
|
5
|
+
|
|
6
|
+
export { buildNamedApiKeyEnvVarName, expectedProviderApiKeyNameFormat, providerApiKeyNamePattern, validateProviderApiKeyName };
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
declare const providerApiKeyNamePattern: RegExp;
|
|
2
|
+
declare const expectedProviderApiKeyNameFormat = "a letter followed by letters, numbers, hyphens, or underscores";
|
|
3
|
+
declare function validateProviderApiKeyName(apiKeyName: string): boolean;
|
|
4
|
+
declare function buildNamedApiKeyEnvVarName(baseEnvVarName: string, apiKeyName: string): string;
|
|
5
|
+
|
|
6
|
+
export { buildNamedApiKeyEnvVarName, expectedProviderApiKeyNameFormat, providerApiKeyNamePattern, validateProviderApiKeyName };
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import {
|
|
2
|
+
buildNamedApiKeyEnvVarName,
|
|
3
|
+
expectedProviderApiKeyNameFormat,
|
|
4
|
+
providerApiKeyNamePattern,
|
|
5
|
+
validateProviderApiKeyName
|
|
6
|
+
} from "../chunk-OW6VCN32.js";
|
|
7
|
+
export {
|
|
8
|
+
buildNamedApiKeyEnvVarName,
|
|
9
|
+
expectedProviderApiKeyNameFormat,
|
|
10
|
+
providerApiKeyNamePattern,
|
|
11
|
+
validateProviderApiKeyName
|
|
12
|
+
};
|