npm - @bgord/bun - Versions diffs - 1.9.0 → 1.9.2 - Mend

@bgord/bun 1.9.0 → 1.9.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (546) hide show

package/dist/basic-auth-password.vo.d.ts +1 -1
package/dist/basic-auth-password.vo.d.ts.map +1 -1
package/dist/basic-auth-password.vo.js +1 -1
package/dist/basic-auth-password.vo.js.map +1 -1
package/dist/basic-auth-username.vo.d.ts +1 -1
package/dist/basic-auth-username.vo.d.ts.map +1 -1
package/dist/basic-auth-username.vo.js +1 -1
package/dist/basic-auth-username.vo.js.map +1 -1
package/dist/binary.vo.d.ts +1 -1
package/dist/binary.vo.d.ts.map +1 -1
package/dist/binary.vo.js +1 -1
package/dist/binary.vo.js.map +1 -1
package/dist/cache-subject-segment-env.strategy.d.ts +3 -3
package/dist/client-ip.vo.d.ts +1 -1
package/dist/client-ip.vo.d.ts.map +1 -1
package/dist/client-ip.vo.js +1 -1
package/dist/client-ip.vo.js.map +1 -1
package/dist/client-user-agent.vo.d.ts +1 -1
package/dist/client-user-agent.vo.d.ts.map +1 -1
package/dist/client-user-agent.vo.js +1 -1
package/dist/client-user-agent.vo.js.map +1 -1
package/dist/command.types.d.ts +1 -1
package/dist/command.types.d.ts.map +1 -1
package/dist/commit-sha-value.vo.d.ts +1 -1
package/dist/commit-sha-value.vo.d.ts.map +1 -1
package/dist/commit-sha-value.vo.js +1 -1
package/dist/commit-sha-value.vo.js.map +1 -1
package/dist/correlation-id.vo.d.ts +1 -1
package/dist/correlation-id.vo.d.ts.map +1 -1
package/dist/dispatching-event-store.d.ts +1 -1
package/dist/dispatching-event-store.d.ts.map +1 -1
package/dist/encryption-key-value.vo.d.ts +1 -1
package/dist/encryption-key-value.vo.d.ts.map +1 -1
package/dist/encryption-key-value.vo.js +1 -1
package/dist/encryption-key-value.vo.js.map +1 -1
package/dist/environment-loader-encrypted.adapter.d.ts +4 -4
package/dist/environment-loader-encrypted.adapter.d.ts.map +1 -1
package/dist/environment-loader-noop.adapter.d.ts +3 -3
package/dist/environment-loader-noop.adapter.d.ts.map +1 -1
package/dist/environment-loader-process-safe.adapter.d.ts +4 -4
package/dist/environment-loader-process-safe.adapter.d.ts.map +1 -1
package/dist/environment-loader-process.adapter.d.ts +4 -4
package/dist/environment-loader-process.adapter.d.ts.map +1 -1
package/dist/environment-loader.port.d.ts +3 -3
package/dist/environment-loader.port.d.ts.map +1 -1
package/dist/event-envelope.d.ts +1 -1
package/dist/event-envelope.d.ts.map +1 -1
package/dist/event-envelope.js +1 -1
package/dist/event-envelope.js.map +1 -1
package/dist/event-handler-bare.strategy.d.ts +1 -1
package/dist/event-handler-bare.strategy.d.ts.map +1 -1
package/dist/event-handler-noop.strategy.d.ts +1 -1
package/dist/event-handler-noop.strategy.d.ts.map +1 -1
package/dist/event-handler-with-logger.strategy.d.ts +1 -1
package/dist/event-handler-with-logger.strategy.d.ts.map +1 -1
package/dist/event-handler.strategy.d.ts +1 -1
package/dist/event-handler.strategy.d.ts.map +1 -1
package/dist/event-store.d.ts +1 -1
package/dist/event-store.d.ts.map +1 -1
package/dist/event-stream.vo.d.ts +1 -1
package/dist/event-stream.vo.d.ts.map +1 -1
package/dist/event-stream.vo.js +1 -1
package/dist/event-stream.vo.js.map +1 -1
package/dist/event.types.d.ts +1 -1
package/dist/event.types.d.ts.map +1 -1
package/dist/hash-value.vo.d.ts +1 -1
package/dist/hash-value.vo.d.ts.map +1 -1
package/dist/hash-value.vo.js +1 -1
package/dist/hash-value.vo.js.map +1 -1
package/dist/hcaptcha-secret-key.vo.d.ts +1 -1
package/dist/hcaptcha-secret-key.vo.d.ts.map +1 -1
package/dist/hcaptcha-secret-key.vo.js +1 -1
package/dist/hcaptcha-secret-key.vo.js.map +1 -1
package/dist/hcaptcha-site-key.vo.d.ts +1 -1
package/dist/hcaptcha-site-key.vo.d.ts.map +1 -1
package/dist/hcaptcha-site-key.vo.js +1 -1
package/dist/hcaptcha-site-key.vo.js.map +1 -1
package/dist/healthcheck.service.d.ts +3 -3
package/dist/logger-winston-local.adapter.d.ts.map +1 -1
package/dist/logger-winston-local.adapter.js +2 -1
package/dist/logger-winston-local.adapter.js.map +1 -1
package/dist/logger-winston-production.adapter.d.ts.map +1 -1
package/dist/logger-winston-production.adapter.js +3 -2
package/dist/logger-winston-production.adapter.js.map +1 -1
package/dist/logger-winston.adapter.d.ts +2 -2
package/dist/logger.port.d.ts +3 -3
package/dist/logger.port.d.ts.map +1 -1
package/dist/logger.port.js +1 -1
package/dist/logger.port.js.map +1 -1
package/dist/mailer-content-html.vo.d.ts +1 -1
package/dist/mailer-content-html.vo.d.ts.map +1 -1
package/dist/mailer-content-html.vo.js +1 -1
package/dist/mailer-content-html.vo.js.map +1 -1
package/dist/mailer-subject.vo.d.ts +1 -1
package/dist/mailer-subject.vo.d.ts.map +1 -1
package/dist/mailer-subject.vo.js +1 -1
package/dist/mailer-subject.vo.js.map +1 -1
package/dist/modules/history/events/HISTORY_CLEARED_EVENT.d.ts +1 -1
package/dist/modules/history/events/HISTORY_CLEARED_EVENT.d.ts.map +1 -1
package/dist/modules/history/events/HISTORY_CLEARED_EVENT.js +1 -1
package/dist/modules/history/events/HISTORY_CLEARED_EVENT.js.map +1 -1
package/dist/modules/history/events/HISTORY_POPULATED_EVENT.d.ts +1 -1
package/dist/modules/history/events/HISTORY_POPULATED_EVENT.d.ts.map +1 -1
package/dist/modules/history/events/HISTORY_POPULATED_EVENT.js +1 -1
package/dist/modules/history/events/HISTORY_POPULATED_EVENT.js.map +1 -1
package/dist/modules/history/value-objects/history-created-at.d.ts +1 -1
package/dist/modules/history/value-objects/history-created-at.d.ts.map +1 -1
package/dist/modules/history/value-objects/history-operation.d.ts +1 -1
package/dist/modules/history/value-objects/history-operation.d.ts.map +1 -1
package/dist/modules/history/value-objects/history-operation.js +1 -1
package/dist/modules/history/value-objects/history-operation.js.map +1 -1
package/dist/modules/history/value-objects/history-payload.d.ts +1 -1
package/dist/modules/history/value-objects/history-payload.d.ts.map +1 -1
package/dist/modules/history/value-objects/history-payload.js +1 -1
package/dist/modules/history/value-objects/history-payload.js.map +1 -1
package/dist/modules/history/value-objects/history-subject.d.ts +1 -1
package/dist/modules/history/value-objects/history-subject.d.ts.map +1 -1
package/dist/modules/history/value-objects/history-subject.js +1 -1
package/dist/modules/history/value-objects/history-subject.js.map +1 -1
package/dist/modules/history/value-objects/history.d.ts +1 -1
package/dist/modules/history/value-objects/history.d.ts.map +1 -1
package/dist/modules/history/value-objects/history.js +1 -1
package/dist/modules/history/value-objects/history.js.map +1 -1
package/dist/modules/preferences/commands/SET_USER_LANGUAGE_COMMAND.d.ts +1 -1
package/dist/modules/preferences/commands/SET_USER_LANGUAGE_COMMAND.d.ts.map +1 -1
package/dist/modules/preferences/commands/SET_USER_LANGUAGE_COMMAND.js +1 -1
package/dist/modules/preferences/commands/SET_USER_LANGUAGE_COMMAND.js.map +1 -1
package/dist/modules/preferences/events/USER_LANGUAGE_SET_EVENT.d.ts +1 -1
package/dist/modules/preferences/events/USER_LANGUAGE_SET_EVENT.d.ts.map +1 -1
package/dist/modules/preferences/events/USER_LANGUAGE_SET_EVENT.js +1 -1
package/dist/modules/preferences/events/USER_LANGUAGE_SET_EVENT.js.map +1 -1
package/dist/modules/system/events/HOUR_HAS_PASSED_EVENT.d.ts +1 -1
package/dist/modules/system/events/HOUR_HAS_PASSED_EVENT.d.ts.map +1 -1
package/dist/modules/system/events/HOUR_HAS_PASSED_EVENT.js +1 -1
package/dist/modules/system/events/HOUR_HAS_PASSED_EVENT.js.map +1 -1
package/dist/modules/system/events/MINUTE_HAS_PASSED_EVENT.d.ts +1 -1
package/dist/modules/system/events/MINUTE_HAS_PASSED_EVENT.d.ts.map +1 -1
package/dist/modules/system/events/MINUTE_HAS_PASSED_EVENT.js +1 -1
package/dist/modules/system/events/MINUTE_HAS_PASSED_EVENT.js.map +1 -1
package/dist/modules/system/events/SECURITY_VIOLATION_DETECTED_EVENT.d.ts +1 -1
package/dist/modules/system/events/SECURITY_VIOLATION_DETECTED_EVENT.d.ts.map +1 -1
package/dist/modules/system/events/SECURITY_VIOLATION_DETECTED_EVENT.js +1 -1
package/dist/modules/system/events/SECURITY_VIOLATION_DETECTED_EVENT.js.map +1 -1
package/dist/node-env.vo.d.ts +11 -9
package/dist/node-env.vo.d.ts.map +1 -1
package/dist/node-env.vo.js +10 -3
package/dist/node-env.vo.js.map +1 -1
package/dist/nonce-value.vo.d.ts +1 -1
package/dist/nonce-value.vo.d.ts.map +1 -1
package/dist/nonce-value.vo.js +1 -1
package/dist/nonce-value.vo.js.map +1 -1
package/dist/port.vo.d.ts +1 -1
package/dist/port.vo.d.ts.map +1 -1
package/dist/port.vo.js +1 -1
package/dist/port.vo.js.map +1 -1
package/dist/prerequisite-verifier-timezone-utc.adapter.d.ts +1 -1
package/dist/prerequisite-verifier-timezone-utc.adapter.d.ts.map +1 -1
package/dist/prerequisite-verifier-timezone-utc.adapter.js +1 -1
package/dist/prerequisite-verifier-timezone-utc.adapter.js.map +1 -1
package/dist/recaptcha-secret-key.vo.d.ts +1 -1
package/dist/recaptcha-secret-key.vo.d.ts.map +1 -1
package/dist/recaptcha-secret-key.vo.js +1 -1
package/dist/recaptcha-secret-key.vo.js.map +1 -1
package/dist/recaptcha-site-key.vo.d.ts +1 -1
package/dist/recaptcha-site-key.vo.d.ts.map +1 -1
package/dist/recaptcha-site-key.vo.js +1 -1
package/dist/recaptcha-site-key.vo.js.map +1 -1
package/dist/security-countermeasure-name.vo.d.ts +1 -1
package/dist/security-countermeasure-name.vo.d.ts.map +1 -1
package/dist/security-countermeasure-name.vo.js +1 -1
package/dist/security-countermeasure-name.vo.js.map +1 -1
package/dist/security-rule-name.vo.d.ts +1 -1
package/dist/security-rule-name.vo.d.ts.map +1 -1
package/dist/security-rule-name.vo.js +1 -1
package/dist/security-rule-name.vo.js.map +1 -1
package/dist/smtp-host.vo.d.ts +1 -1
package/dist/smtp-host.vo.d.ts.map +1 -1
package/dist/smtp-host.vo.js +1 -1
package/dist/smtp-host.vo.js.map +1 -1
package/dist/smtp-pass.vo.d.ts +1 -1
package/dist/smtp-pass.vo.d.ts.map +1 -1
package/dist/smtp-pass.vo.js +1 -1
package/dist/smtp-pass.vo.js.map +1 -1
package/dist/smtp-port.vo.d.ts +1 -1
package/dist/smtp-port.vo.d.ts.map +1 -1
package/dist/smtp-user.vo.d.ts +1 -1
package/dist/smtp-user.vo.d.ts.map +1 -1
package/dist/smtp-user.vo.js +1 -1
package/dist/smtp-user.vo.js.map +1 -1
package/dist/tsconfig.tsbuildinfo +1 -1
package/dist/uuid.vo.d.ts +1 -1
package/dist/uuid.vo.d.ts.map +1 -1
package/dist/uuid.vo.js +1 -1
package/dist/uuid.vo.js.map +1 -1
package/package.json +4 -3
package/src/antivirus-clamav.adapter.ts +34 -0
package/src/antivirus-noop.adapter.ts +8 -0
package/src/antivirus.port.ts +9 -0
package/src/api-version.middleware.ts +31 -0
package/src/basic-auth-password.vo.ts +17 -0
package/src/basic-auth-username.vo.ts +17 -0
package/src/basic-auth.service.ts +14 -0
package/src/better-auth-logger.service.ts +45 -0
package/src/binary.vo.ts +22 -0
package/src/bots.vo.ts +132 -0
package/src/build-info-repository-file.strategy.ts +23 -0
package/src/build-info-repository-noop.strategy.ts +16 -0
package/src/build-info-repository-package-json.strategy.ts +25 -0
package/src/build-info-repository.strategy.ts +13 -0
package/src/cache-file.service.ts +37 -0
package/src/cache-repository-lru-cache.adapter.ts +58 -0
package/src/cache-repository-node-cache.adapter.ts +32 -0
package/src/cache-repository-noop.adapter.ts +15 -0
package/src/cache-repository.port.ts +11 -0
package/src/cache-resolver-simple.strategy.ts +33 -0
package/src/cache-resolver.strategy.ts +17 -0
package/src/cache-response.middleware.ts +51 -0
package/src/cache-subject-application-resolver.vo.ts +34 -0
package/src/cache-subject-request-resolver.vo.ts +37 -0
package/src/cache-subject-segment-application.strategy.ts +7 -0
package/src/cache-subject-segment-build.strategy.ts +14 -0
package/src/cache-subject-segment-cookie.strategy.ts +14 -0
package/src/cache-subject-segment-env.strategy.ts +10 -0
package/src/cache-subject-segment-fixed.strategy.ts +12 -0
package/src/cache-subject-segment-header.strategy.ts +13 -0
package/src/cache-subject-segment-ip.strategy.ts +9 -0
package/src/cache-subject-segment-path.strategy.ts +8 -0
package/src/cache-subject-segment-query.strategy.ts +18 -0
package/src/cache-subject-segment-request.strategy.ts +9 -0
package/src/cache-subject-segment-user.strategy.ts +8 -0
package/src/certificate-inspector-noop.adapter.ts +10 -0
package/src/certificate-inspector-tls.adapter.ts +42 -0
package/src/certificate-inspector.port.ts +7 -0
package/src/checksum.service.ts +12 -0
package/src/client-from-hono.adapter.ts +20 -0
package/src/client-ip.vo.ts +17 -0
package/src/client-user-agent.vo.ts +17 -0
package/src/client.vo.ts +52 -0
package/src/clock-fixed.adapter.ts +14 -0
package/src/clock-offset.adapter.ts +15 -0
package/src/clock-system.adapter.ts +8 -0
package/src/clock.port.ts +5 -0
package/src/command-envelope.ts +16 -0
package/src/command-logger.service.ts +23 -0
package/src/command.types.ts +13 -0
package/src/commit-sha-value.vo.ts +18 -0
package/src/commit-sha.vo.ts +29 -0
package/src/context.middleware.ts +24 -0
package/src/correlation-id.vo.ts +6 -0
package/src/correlation-storage.service.ts +31 -0
package/src/crypto-aes-gcm.service.ts +37 -0
package/src/crypto-key-provider-file.adapter.ts +29 -0
package/src/crypto-key-provider-memory.adapter.ts +17 -0
package/src/crypto-key-provider-noop.adapter.ts +9 -0
package/src/crypto-key-provider-with-cache.adapter.ts +28 -0
package/src/crypto-key-provider.port.ts +3 -0
package/src/csv-stringifier.adapter.ts +8 -0
package/src/csv-stringifier.port.ts +8 -0
package/src/disk-space-checker-bun.adapter.ts +18 -0
package/src/disk-space-checker-noop.adapter.ts +10 -0
package/src/disk-space-checker.port.ts +5 -0
package/src/dispatching-event-store.ts +36 -0
package/src/encryption-aes-gcm.adapter.ts +57 -0
package/src/encryption-iv.vo.ts +9 -0
package/src/encryption-key-value.vo.ts +18 -0
package/src/encryption-key.vo.ts +41 -0
package/src/encryption-noop.adapter.ts +18 -0
package/src/encryption.port.ts +12 -0
package/src/environment-file-parser.service.ts +35 -0
package/src/environment-loader-encrypted.adapter.ts +31 -0
package/src/environment-loader-noop.adapter.ts +16 -0
package/src/environment-loader-process-safe.adapter.ts +35 -0
package/src/environment-loader-process.adapter.ts +16 -0
package/src/environment-loader.port.ts +8 -0
package/src/etag-extractor.middleware.ts +18 -0
package/src/event-bus-like.types.ts +10 -0
package/src/event-envelope.ts +27 -0
package/src/event-handler-bare.strategy.ts +9 -0
package/src/event-handler-noop.strategy.ts +9 -0
package/src/event-handler-with-logger.strategy.ts +31 -0
package/src/event-handler.strategy.ts +8 -0
package/src/event-logger.service.ts +23 -0
package/src/event-loop-lag.service.ts +32 -0
package/src/event-loop-utilization.service.ts +21 -0
package/src/event-publisher.types.ts +3 -0
package/src/event-store-like.types.ts +3 -0
package/src/event-store.ts +64 -0
package/src/event-stream.vo.ts +14 -0
package/src/event.types.ts +16 -0
package/src/file-cleaner-bun-forgiving.adapter.ts +10 -0
package/src/file-cleaner-bun.adapter.ts +8 -0
package/src/file-cleaner-noop.adapter.ts +6 -0
package/src/file-cleaner.port.ts +5 -0
package/src/file-draft-zip.service.ts +34 -0
package/src/file-draft.service.ts +33 -0
package/src/file-reader-json-bun-forgiving.adapter.ts +14 -0
package/src/file-reader-json-bun.adapter.ts +10 -0
package/src/file-reader-json-noop.adapter.ts +12 -0
package/src/file-reader-json-with-cache.adapter.ts +34 -0
package/src/file-reader-json.port.ts +7 -0
package/src/file-renamer-fs-forgiving.adapter.ts +17 -0
package/src/file-renamer-fs.adapter.ts +15 -0
package/src/file-renamer-noop.adapter.ts +9 -0
package/src/file-renamer.port.ts +8 -0
package/src/file-uploader.middleware.ts +39 -0
package/src/graceful-shutdown.service.ts +68 -0
package/src/gzip-bun.adapter.ts +12 -0
package/src/gzip-noop.adapter.ts +7 -0
package/src/gzip-stream.adapter.ts +19 -0
package/src/gzip.port.ts +10 -0
package/src/hash-content-noop.strategy.ts +8 -0
package/src/hash-content-sha256-bun.strategy.ts +11 -0
package/src/hash-content.strategy.ts +5 -0
package/src/hash-file-noop.adapter.ts +14 -0
package/src/hash-file-sha256-bun.adapter.ts +23 -0
package/src/hash-file.port.ts +13 -0
package/src/hash-value.vo.ts +15 -0
package/src/hash.vo.ts +29 -0
package/src/hcaptcha-secret-key.vo.ts +15 -0
package/src/hcaptcha-site-key.vo.ts +12 -0
package/src/healthcheck.service.ts +138 -0
package/src/http-logger.middleware.ts +100 -0
package/src/i18n.service.ts +62 -0
package/src/id-provider-crypto.adapter.ts +8 -0
package/src/id-provider-deterministic.adapter.ts +21 -0
package/src/id-provider.port.ts +5 -0
package/src/image-alpha-noop.adapter.ts +7 -0
package/src/image-alpha-sharp.adapter.ts +38 -0
package/src/image-alpha.port.ts +19 -0
package/src/image-blur-noop.adapter.ts +7 -0
package/src/image-blur-sharp.adapter.ts +33 -0
package/src/image-blur.port.ts +18 -0
package/src/image-compressor-noop.adapter.ts +7 -0
package/src/image-compressor-sharp.adapter.ts +36 -0
package/src/image-compressor.port.ts +18 -0
package/src/image-exif-clear-noop.adapter.ts +7 -0
package/src/image-exif-clear-sharp.adapter.ts +30 -0
package/src/image-exif-clear.port.ts +16 -0
package/src/image-formatter-noop.adapter.ts +10 -0
package/src/image-formatter-sharp.adapter.ts +40 -0
package/src/image-formatter.port.ts +17 -0
package/src/image-info-noop.adapter.ts +15 -0
package/src/image-info-sharp.adapter.ts +27 -0
package/src/image-info.port.ts +12 -0
package/src/image-processor-noop.adapter.ts +10 -0
package/src/image-processor-sharp.adapter.ts +60 -0
package/src/image-processor.port.ts +25 -0
package/src/image-resizer-noop.adapter.ts +7 -0
package/src/image-resizer-sharp.adapter.ts +41 -0
package/src/image-resizer.port.ts +18 -0
package/src/in-flight-requests-tracker.service.ts +22 -0
package/src/in-flight-requests.middleware.ts +15 -0
package/src/index.ts +307 -0
package/src/instrumentation.service.ts +39 -0
package/src/invariant-error-handler.service.ts +22 -0
package/src/invariant.service.ts +27 -0
package/src/job-handler-bare.strategy.ts +15 -0
package/src/job-handler-noop.strategy.ts +9 -0
package/src/job-handler-with-logger.strategy.ts +44 -0
package/src/job-handler.strategy.ts +10 -0
package/src/jobs.service.ts +16 -0
package/src/logger-format-error.service.ts +27 -0
package/src/logger-noop.adapter.ts +17 -0
package/src/logger-winston-local.adapter.ts +24 -0
package/src/logger-winston-production.adapter.ts +38 -0
package/src/logger-winston.adapter.ts +63 -0
package/src/logger.port.ts +64 -0
package/src/mailer-content-html.vo.ts +11 -0
package/src/mailer-noop.adapter.ts +21 -0
package/src/mailer-smtp-with-logger.adapter.ts +33 -0
package/src/mailer-smtp.adapter.ts +33 -0
package/src/mailer-subject.vo.ts +10 -0
package/src/mailer.port.ts +6 -0
package/src/maintenance-mode.middleware.ts +15 -0
package/src/memory-consumption.service.ts +23 -0
package/src/modules/history/event-handlers/index.ts +2 -0
package/src/modules/history/event-handlers/onHistoryClearedEvent.ts +6 -0
package/src/modules/history/event-handlers/onHistoryPopulatedEvent.ts +10 -0
package/src/modules/history/events/HISTORY_CLEARED_EVENT.ts +13 -0
package/src/modules/history/events/HISTORY_POPULATED_EVENT.ts +17 -0
package/src/modules/history/events/index.ts +2 -0
package/src/modules/history/index.ts +4 -0
package/src/modules/history/ports/history-projection.ts +7 -0
package/src/modules/history/ports/history-reader.ts +5 -0
package/src/modules/history/ports/history-writer.ts +7 -0
package/src/modules/history/ports/index.ts +3 -0
package/src/modules/history/value-objects/history-created-at.ts +6 -0
package/src/modules/history/value-objects/history-id.ts +3 -0
package/src/modules/history/value-objects/history-operation.ts +12 -0
package/src/modules/history/value-objects/history-payload.ts +15 -0
package/src/modules/history/value-objects/history-subject.ts +14 -0
package/src/modules/history/value-objects/history.ts +26 -0
package/src/modules/history/value-objects/index.ts +6 -0
package/src/modules/preferences/command-handlers/handleSetUserLanguageCommand.ts +36 -0
package/src/modules/preferences/command-handlers/index.ts +1 -0
package/src/modules/preferences/commands/SET_USER_LANGUAGE_COMMAND.ts +14 -0
package/src/modules/preferences/commands/index.ts +1 -0
package/src/modules/preferences/events/USER_LANGUAGE_SET_EVENT.ts +14 -0
package/src/modules/preferences/events/index.ts +1 -0
package/src/modules/preferences/index.ts +7 -0
package/src/modules/preferences/invariants/index.ts +1 -0
package/src/modules/preferences/invariants/user-language-has-changed.ts +26 -0
package/src/modules/preferences/open-host-queries/index.ts +1 -0
package/src/modules/preferences/open-host-queries/user-language.ts +23 -0
package/src/modules/preferences/ports/index.ts +2 -0
package/src/modules/preferences/ports/user-language-query.ts +5 -0
package/src/modules/preferences/ports/user-language-resolver.ts +22 -0
package/src/modules/preferences/value-objects/index.ts +1 -0
package/src/modules/preferences/value-objects/supported-languages-set.ts +17 -0
package/src/modules/system/events/HOUR_HAS_PASSED_EVENT.ts +13 -0
package/src/modules/system/events/MINUTE_HAS_PASSED_EVENT.ts +13 -0
package/src/modules/system/events/SECURITY_VIOLATION_DETECTED_EVENT.ts +23 -0
package/src/modules/system/events/index.ts +3 -0
package/src/modules/system/index.ts +2 -0
package/src/modules/system/services/index.ts +2 -0
package/src/modules/system/services/passage-of-time-hourly.service.ts +35 -0
package/src/modules/system/services/passage-of-time-minute.service.ts +35 -0
package/src/node-env.vo.ts +12 -0
package/src/nonce-provider-crypto.adapter.ts +18 -0
package/src/nonce-provider-deterministic.adapter.ts +21 -0
package/src/nonce-provider-noop.adapter.ts +8 -0
package/src/nonce-provider.port.ts +5 -0
package/src/nonce-value.vo.ts +18 -0
package/src/pdf-generator-noop.adapter.ts +23 -0
package/src/pdf-generator.port.ts +5 -0
package/src/ping.service.ts +7 -0
package/src/port.vo.ts +14 -0
package/src/prerequisite-runner-startup.service.ts +44 -0
package/src/prerequisite-verifier-binary.adapter.ts +21 -0
package/src/prerequisite-verifier-bun.adapter.ts +21 -0
package/src/prerequisite-verifier-clock-drift.adapter.ts +32 -0
package/src/prerequisite-verifier-directory.adapter.ts +48 -0
package/src/prerequisite-verifier-dns.adapter.ts +20 -0
package/src/prerequisite-verifier-external-api.adapter.ts +20 -0
package/src/prerequisite-verifier-file.adapter.ts +49 -0
package/src/prerequisite-verifier-jobs.adapter.ts +15 -0
package/src/prerequisite-verifier-log-file.adapter.ts +29 -0
package/src/prerequisite-verifier-mailer.adapter.ts +22 -0
package/src/prerequisite-verifier-memory.adapter.ts +22 -0
package/src/prerequisite-verifier-node.adapter.ts +21 -0
package/src/prerequisite-verifier-os.adapter.ts +22 -0
package/src/prerequisite-verifier-outside-connectivity.adapter.ts +23 -0
package/src/prerequisite-verifier-port.adapter.ts +23 -0
package/src/prerequisite-verifier-ram.adapter.ts +20 -0
package/src/prerequisite-verifier-running-user.adapter.ts +17 -0
package/src/prerequisite-verifier-self.adapter.ts +11 -0
package/src/prerequisite-verifier-space.adapter.ts +32 -0
package/src/prerequisite-verifier-sqlite.adapter.ts +25 -0
package/src/prerequisite-verifier-ssl-certificate-expiry.adapter.ts +28 -0
package/src/prerequisite-verifier-timezone-utc.adapter.ts +20 -0
package/src/prerequisite-verifier-translations.adapter.ts +65 -0
package/src/prerequisite-verifier-with-cache.adapter.ts +35 -0
package/src/prerequisite-verifier-with-fail-safe.adapter.ts +37 -0
package/src/prerequisite-verifier-with-logger.adapter.ts +51 -0
package/src/prerequisite-verifier-with-retry.adapter.ts +35 -0
package/src/prerequisite-verifier-with-timeout.adapter.ts +31 -0
package/src/prerequisite-verifier.decorator.ts +49 -0
package/src/prerequisite-verifier.port.ts +38 -0
package/src/prerequisite.vo.ts +28 -0
package/src/recaptcha-secret-key.vo.ts +15 -0
package/src/recaptcha-site-key.vo.ts +12 -0
package/src/redactor-compact-array.strategy.ts +10 -0
package/src/redactor-compact-object.strategy.ts +25 -0
package/src/redactor-composite.strategy.ts +9 -0
package/src/redactor-mask.strategy.ts +38 -0
package/src/redactor-noop.strategy.ts +7 -0
package/src/redactor.strategy.ts +3 -0
package/src/remote-file-storage-disk.adapter.ts +72 -0
package/src/remote-file-storage-noop.adapter.ts +70 -0
package/src/remote-file-storage.port.ts +17 -0
package/src/retry-backoff-exponential.strategy.ts +10 -0
package/src/retry-backoff-fibonacci.strategy.ts +16 -0
package/src/retry-backoff-linear.strategy.ts +10 -0
package/src/retry-backoff-noop.strategy.ts +8 -0
package/src/retry-backoff.strategy.ts +5 -0
package/src/retry.service.ts +37 -0
package/src/safe-parse-body.service.ts +12 -0
package/src/sealer-aes-gcm.adapter.ts +38 -0
package/src/sealer-noop.adapter.ts +11 -0
package/src/sealer.port.ts +4 -0
package/src/security-context.vo.ts +13 -0
package/src/security-countermeasure-ban.strategy.ts +63 -0
package/src/security-countermeasure-mirage.strategy.ts +31 -0
package/src/security-countermeasure-name.vo.ts +22 -0
package/src/security-countermeasure-noop.strategy.ts +12 -0
package/src/security-countermeasure-report.strategy.ts +27 -0
package/src/security-countermeasure-tarpit.strategy.ts +31 -0
package/src/security-countermeasure.strategy.ts +16 -0
package/src/security-policy.vo.ts +9 -0
package/src/security-rule-and.strategy.ts +25 -0
package/src/security-rule-bait-routes.strategy.ts +15 -0
package/src/security-rule-fail.strategy.ts +12 -0
package/src/security-rule-honey-pot-field.strategy.ts +20 -0
package/src/security-rule-name.vo.ts +22 -0
package/src/security-rule-or.strategy.ts +25 -0
package/src/security-rule-pass.strategy.ts +12 -0
package/src/security-rule-user-agent.strategy.ts +20 -0
package/src/security-rule-violation-threshold.strategy.ts +50 -0
package/src/security-rule.strategy.ts +8 -0
package/src/setup.service.ts +102 -0
package/src/shield-api-key.strategy.ts +20 -0
package/src/shield-auth.strategy.ts +38 -0
package/src/shield-basic-auth.strategy.ts +17 -0
package/src/shield-csrf.strategy.ts +23 -0
package/src/shield-hcaptcha-local.strategy.ts +22 -0
package/src/shield-hcaptcha.strategy.ts +24 -0
package/src/shield-noop.strategy.ts +6 -0
package/src/shield-rate-limit.strategy.ts +41 -0
package/src/shield-recaptcha.strategy.ts +49 -0
package/src/shield-security.strategy.ts +80 -0
package/src/shield-timeout.strategy.ts +19 -0
package/src/shield.strategy.ts +5 -0
package/src/simulated-error.middleware.ts +8 -0
package/src/sleeper-noop.adapter.ts +5 -0
package/src/sleeper-system.adapter.ts +8 -0
package/src/sleeper.port.ts +5 -0
package/src/slower.middleware.ts +14 -0
package/src/smtp-host.vo.ts +17 -0
package/src/smtp-pass.vo.ts +17 -0
package/src/smtp-port.vo.ts +5 -0
package/src/smtp-user.vo.ts +17 -0
package/src/ssr.ts +57 -0
package/src/static-files.service.ts +85 -0
package/src/stopwatch.service.ts +30 -0
package/src/temporary-file-absolute.adapter.ts +31 -0
package/src/temporary-file-noop.adapter.ts +16 -0
package/src/temporary-file.port.ts +9 -0
package/src/time-zone-offset.middleware.ts +24 -0
package/src/timekeeper-google.adapter.ts +18 -0
package/src/timekeeper-noop.adapter.ts +12 -0
package/src/timekeeper.port.ts +5 -0
package/src/timeout-cancellable-runner-bare.adapter.ts +35 -0
package/src/timeout-cancellable-runner-noop.adapter.ts +9 -0
package/src/timeout-cancellable-runner.port.ts +7 -0
package/src/timeout-runner-bare.adapter.ts +23 -0
package/src/timeout-runner-error.adapter.ts +8 -0
package/src/timeout-runner-monitor.adapter.ts +24 -0
package/src/timeout-runner-noop.adapter.ts +8 -0
package/src/timeout-runner.port.ts +7 -0
package/src/to-event-map.types.ts +3 -0
package/src/translations.service.ts +20 -0
package/src/uptime.service.ts +17 -0
package/src/uuid.vo.ts +7 -0
package/src/visitor-id-client.strategy.ts +20 -0
package/src/visitor-id.strategy.ts +5 -0
package/src/weak-etag-extractor.middleware.ts +17 -0

package/src/security-rule-fail.strategy.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { SecurityRuleStrategy } from "./security-rule.strategy";
+import { SecurityRuleName } from "./security-rule-name.vo";
+export class SecurityRuleFailStrategy implements SecurityRuleStrategy {
+  async isViolated() {
+    return true;
+  }
+  get name() {
+    return SecurityRuleName.parse("fail");
+  }
+}

package/src/security-rule-honey-pot-field.strategy.ts ADDED Viewed

@@ -0,0 +1,20 @@
+import type { Context } from "hono";
+import type { SecurityRuleStrategy } from "./security-rule.strategy";
+import { SecurityRuleName } from "./security-rule-name.vo";
+export class SecurityRuleHoneyPotFieldStrategy implements SecurityRuleStrategy {
+  constructor(private readonly field: string) {}
+  async isViolated(c: Context) {
+    const request = c.req.raw.clone();
+    const body = await request.json().catch(() => ({}));
+    const value = body[this.field];
+    return value !== undefined && value !== null && value !== "";
+  }
+  get name() {
+    return SecurityRuleName.parse("honey_pot_field");
+  }
+}

package/src/security-rule-name.vo.ts ADDED Viewed

@@ -0,0 +1,22 @@
+import * as z from "zod/v4";
+export const SecurityRuleNameError = {
+  Type: "security.rule.name.type",
+  Empty: "security.rule.name.empty",
+  TooLong: "security.rule.name.too.long",
+  BadChars: "security.rule.name.bad.chars",
+};
+// One to sixty four letters, digits, or underscores
+const CHARS_WHITELIST = /^[a-zA-Z0-9_]{1,512}$/;
+// Stryker disable all
+export const SecurityRuleName = z
+  // Stryker restore all
+  .string(SecurityRuleNameError.Type)
+  .min(1, SecurityRuleNameError.Empty)
+  .max(512, SecurityRuleNameError.TooLong)
+  .regex(CHARS_WHITELIST, SecurityRuleNameError.BadChars)
+  .brand("SecurityRuleName");
+export type SecurityRuleNameType = z.infer<typeof SecurityRuleName>;

package/src/security-rule-or.strategy.ts ADDED Viewed

@@ -0,0 +1,25 @@
+import type { Context } from "hono";
+import type { SecurityRuleStrategy } from "./security-rule.strategy";
+import { SecurityRuleName } from "./security-rule-name.vo";
+export const SecurityRuleOrStrategyError = {
+  MissingRules: "security.rule.or.adapter.error.missing.rules",
+  MaxRules: "security.rule.or.adapter.error.max.rules",
+};
+export class SecurityRuleOrStrategy implements SecurityRuleStrategy {
+  constructor(private readonly rules: SecurityRuleStrategy[]) {
+    if (rules.length === 0) throw new Error(SecurityRuleOrStrategyError.MissingRules);
+    if (rules.length > 5) throw new Error(SecurityRuleOrStrategyError.MaxRules);
+  }
+  async isViolated(c: Context) {
+    const reports = await Promise.all(this.rules.map((rule) => rule.isViolated(c)));
+    return reports.some(Boolean);
+  }
+  get name() {
+    return SecurityRuleName.parse(`or_${this.rules.map((rule) => rule.name).join("_")}`);
+  }
+}

package/src/security-rule-pass.strategy.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { SecurityRuleStrategy } from "./security-rule.strategy";
+import { SecurityRuleName } from "./security-rule-name.vo";
+export class SecurityRulePassStrategy implements SecurityRuleStrategy {
+  async isViolated() {
+    return false;
+  }
+  get name() {
+    return SecurityRuleName.parse("pass");
+  }
+}

package/src/security-rule-user-agent.strategy.ts ADDED Viewed

@@ -0,0 +1,20 @@
+import type { Context } from "hono";
+import { ALL_BOTS } from "./bots.vo";
+import { ClientFromHono } from "./client-from-hono.adapter";
+import { ClientUserAgent } from "./client-user-agent.vo";
+import type { SecurityRuleStrategy } from "./security-rule.strategy";
+import { SecurityRuleName } from "./security-rule-name.vo";
+export class SecurityRuleUserAgentStrategy implements SecurityRuleStrategy {
+  constructor(private readonly blacklist: string[] = ALL_BOTS) {}
+  async isViolated(c: Context) {
+    const client = ClientFromHono.translate(c);
+    return this.blacklist.some((bot) => client.matchesUa(ClientUserAgent.parse(bot)));
+  }
+  get name() {
+    return SecurityRuleName.parse("user_agent");
+  }
+}

package/src/security-rule-violation-threshold.strategy.ts ADDED Viewed

@@ -0,0 +1,50 @@
+import * as tools from "@bgord/tools";
+import type { Context } from "hono";
+import type { CacheRepositoryPort } from "./cache-repository.port";
+import { CacheSubjectRequestResolver } from "./cache-subject-request-resolver.vo";
+import { CacheSubjectSegmentFixedStrategy } from "./cache-subject-segment-fixed.strategy";
+import { CacheSubjectSegmentIpStrategy } from "./cache-subject-segment-ip.strategy";
+import type { HashContentStrategy } from "./hash-content.strategy";
+import type { SecurityRuleStrategy } from "./security-rule.strategy";
+import { SecurityRuleName } from "./security-rule-name.vo";
+type Dependencies = { CacheRepository: CacheRepositoryPort; HashContent: HashContentStrategy };
+export class SecurityRuleViolationThresholdStrategy implements SecurityRuleStrategy {
+  constructor(
+    private readonly rule: SecurityRuleStrategy,
+    private readonly config: { threshold: tools.IntegerPositiveType },
+    private readonly deps: Dependencies,
+  ) {}
+  // Best-effort increment, occasional lost increments are acceptable for concurrent requests.
+  async isViolated(c: Context) {
+    const resolver = new CacheSubjectRequestResolver(
+      [new CacheSubjectSegmentFixedStrategy(this.name), new CacheSubjectSegmentIpStrategy()],
+      this.deps,
+    );
+    const subject = await resolver.resolve(c);
+    const violated = await this.rule.isViolated(c);
+    if (!violated) return false;
+    try {
+      const count = (await this.deps.CacheRepository.get<tools.IntegerNonNegativeType>(subject.hex)) ?? 0;
+      await this.deps.CacheRepository.set<tools.IntegerNonNegativeType>(
+        subject.hex,
+        tools.IntegerNonNegative.parse(count + 1),
+      );
+      if (count + 1 >= this.config.threshold) return true;
+      return false;
+    } catch {
+      return false;
+    }
+  }
+  get name() {
+    return SecurityRuleName.parse(`violation_threshold_${this.config.threshold}_${this.rule.name}`);
+  }
+}

package/src/security-rule.strategy.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import type { Context } from "hono";
+import type { SecurityRuleNameType } from "./security-rule-name.vo";
+export interface SecurityRuleStrategy {
+  isViolated(c: Context): Promise<boolean>;
+  get name(): SecurityRuleNameType;
+}

package/src/setup.service.ts ADDED Viewed

@@ -0,0 +1,102 @@
+import * as tools from "@bgord/tools";
+import { bodyLimit } from "hono/body-limit";
+import { cors } from "hono/cors";
+import { languageDetector } from "hono/language";
+import { requestId } from "hono/request-id";
+import { secureHeaders } from "hono/secure-headers";
+import { timing } from "hono/timing";
+import { ApiVersion } from "./api-version.middleware";
+import type { BuildInfoRepositoryStrategy } from "./build-info-repository.strategy";
+import type { CacheResolverStrategy } from "./cache-resolver.strategy";
+import type { ClockPort } from "./clock.port";
+import { Context } from "./context.middleware";
+import { CorrelationStorage } from "./correlation-storage.service";
+import { ETagExtractor } from "./etag-extractor.middleware";
+import type { HashContentStrategy } from "./hash-content.strategy";
+import { HttpLogger, type HttpLoggerOptions } from "./http-logger.middleware";
+import type { I18nConfigType } from "./i18n.service";
+import type { IdProviderPort } from "./id-provider.port";
+import type { LoggerPort } from "./logger.port";
+import { MaintenanceMode, type MaintenanceModeConfigType } from "./maintenance-mode.middleware";
+import { type ShieldCsrfConfigType, ShieldCsrfStrategy } from "./shield-csrf.strategy";
+import { TimeZoneOffset } from "./time-zone-offset.middleware";
+import { WeakETagExtractor } from "./weak-etag-extractor.middleware";
+type SetupConfigType = {
+  csrf: ShieldCsrfConfigType;
+  cors?: Parameters<typeof cors>[0];
+  httpLogger?: HttpLoggerOptions;
+  maintenanceMode?: MaintenanceModeConfigType;
+  BODY_LIMIT_MAX_SIZE?: tools.Size;
+};
+type Dependencies = {
+  Logger: LoggerPort;
+  IdProvider: IdProviderPort;
+  I18n: I18nConfigType;
+  Clock: ClockPort;
+  CacheResolver: CacheResolverStrategy;
+  HashContent: HashContentStrategy;
+  BuildInfoRepository: BuildInfoRepositoryStrategy;
+};
+export class Setup {
+  static essentials(config: SetupConfigType, deps: Dependencies) {
+    const BODY_LIMIT_MAX_SIZE = config.BODY_LIMIT_MAX_SIZE ?? tools.Size.fromKb(128);
+    return [
+      MaintenanceMode.build(config.maintenanceMode),
+      requestId({
+        limitLength: 36,
+        headerName: "x-correlation-id",
+        generator: () => deps.IdProvider.generate(),
+      }),
+      ApiVersion.build(deps),
+      new ShieldCsrfStrategy(config.csrf).verify,
+      secureHeaders({
+        referrerPolicy: "no-referrer",
+        xContentTypeOptions: "nosniff",
+        xDnsPrefetchControl: false,
+        xDownloadOptions: true,
+        xPermittedCrossDomainPolicies: false,
+        crossOriginEmbedderPolicy: false,
+        crossOriginOpenerPolicy: false,
+        crossOriginResourcePolicy: false,
+        originAgentCluster: false,
+        xFrameOptions: false,
+      }),
+      bodyLimit({ maxSize: BODY_LIMIT_MAX_SIZE.toBytes() }),
+      cors({
+        // Stryker disable all
+        origin: (origin, c) => {
+          // server-to-server, curl, same-origin navigation
+          if (!origin) return undefined;
+          // same-origin fetch
+          if (origin === new URL(c.req.url).origin) return origin;
+          // deny cross-origin
+          return null;
+        },
+        // Stryker restore all
+        credentials: false,
+        maxAge: tools.Duration.Minutes(10).seconds,
+        ...config.cors,
+      }),
+      languageDetector({
+        supportedLanguages: Object.keys(deps.I18n.supportedLanguages),
+        fallbackLanguage: deps.I18n.defaultLanguage,
+        // Stryker disable all
+        caches: false,
+        // Stryker restore all
+      }),
+      TimeZoneOffset.attach,
+      Context.attach,
+      WeakETagExtractor.attach,
+      ETagExtractor.attach,
+      HttpLogger.build(deps, config.httpLogger),
+      timing(),
+      CorrelationStorage.handle(),
+    ];
+  }
+}

package/src/shield-api-key.strategy.ts ADDED Viewed

@@ -0,0 +1,20 @@
+import type * as tools from "@bgord/tools";
+import { createMiddleware } from "hono/factory";
+import { HTTPException } from "hono/http-exception";
+import type { ShieldStrategy } from "./shield.strategy";
+type ApiKeyShieldConfigType = { API_KEY: tools.ApiKeyType };
+export const ShieldApiKeyError = new HTTPException(403, { message: "shield.api.key" });
+export class ShieldApiKeyStrategy implements ShieldStrategy {
+  static readonly HEADER_NAME = "bgord-api-key";
+  constructor(private readonly config: ApiKeyShieldConfigType) {}
+  verify = createMiddleware(async (context, next) => {
+    if (context.req.header(ShieldApiKeyStrategy.HEADER_NAME) === this.config.API_KEY) return next();
+    throw ShieldApiKeyError;
+  });
+}

package/src/shield-auth.strategy.ts ADDED Viewed

@@ -0,0 +1,38 @@
+import type { betterAuth } from "better-auth";
+import type hono from "hono";
+import { createMiddleware } from "hono/factory";
+import { HTTPException } from "hono/http-exception";
+export const ShieldAuthError = new HTTPException(403, { message: "shield.auth" });
+export class ShieldAuthStrategy {
+  constructor(private readonly Auth: ReturnType<typeof betterAuth>) {}
+  attach = createMiddleware(async (c: hono.Context, next: hono.Next) => {
+    const session = await this.Auth.api.getSession({ headers: c.req.raw.headers });
+    if (!session) {
+      c.set("user", null);
+      c.set("session", null);
+      return next();
+    }
+    c.set("user", session.user);
+    c.set("session", session.session);
+    return next();
+  });
+  verify = createMiddleware(async (c: hono.Context, next: hono.Next) => {
+    const user = c.get("user");
+    if (!user) throw ShieldAuthError;
+    return next();
+  });
+  reverse = createMiddleware(async (c: hono.Context, next: hono.Next) => {
+    const user = c.get("user");
+    if (user) throw ShieldAuthError;
+    return next();
+  });
+}

package/src/shield-basic-auth.strategy.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import { basicAuth } from "hono/basic-auth";
+import { createMiddleware } from "hono/factory";
+import type { BasicAuthPasswordType } from "./basic-auth-password.vo";
+import type { BasicAuthUsernameType } from "./basic-auth-username.vo";
+import type { ShieldStrategy } from "./shield.strategy";
+type ShieldBasicAuthConfigType = { username: BasicAuthUsernameType; password: BasicAuthPasswordType };
+export class ShieldBasicAuthStrategy implements ShieldStrategy {
+  private readonly basicAuth;
+  constructor(config: ShieldBasicAuthConfigType) {
+    this.basicAuth = basicAuth(config);
+  }
+  verify = createMiddleware(async (context, next) => this.basicAuth(context, next));
+}

package/src/shield-csrf.strategy.ts ADDED Viewed

@@ -0,0 +1,23 @@
+import { createMiddleware } from "hono/factory";
+import { HTTPException } from "hono/http-exception";
+import type { ShieldStrategy } from "./shield.strategy";
+const STATE_CHANGING_METHODS = ["POST", "PUT", "PATCH", "DELETE"];
+export type ShieldCsrfConfigType = { origin: string[] };
+export const ShieldCsrfError = new HTTPException(403, { message: "shield.csrf" });
+export class ShieldCsrfStrategy implements ShieldStrategy {
+  constructor(private readonly config: ShieldCsrfConfigType) {}
+  verify = createMiddleware(async (context, next) => {
+    if (!STATE_CHANGING_METHODS.includes(context.req.method)) return next();
+    const origin = context.req.header("origin");
+    if (!origin) return next();
+    if (!this.config.origin.includes(origin)) throw ShieldCsrfError;
+    return next();
+  });
+}

package/src/shield-hcaptcha-local.strategy.ts ADDED Viewed

@@ -0,0 +1,22 @@
+import hcaptcha from "hcaptcha";
+import { createMiddleware } from "hono/factory";
+import { HTTPException } from "hono/http-exception";
+import type { HCaptchaSecretKeyType } from "./hcaptcha-secret-key.vo";
+import type { ShieldStrategy } from "./shield.strategy";
+export const ShieldHcaptchaLocalError = new HTTPException(403, { message: "shield.hcaptcha.local" });
+export class ShieldHcaptchaLocalStrategy implements ShieldStrategy {
+  constructor(private readonly secretKey: HCaptchaSecretKeyType) {}
+  verify = createMiddleware(async (_, next) => {
+    try {
+      const result = await hcaptcha.verify(this.secretKey, "10000000-aaaa-bbbb-cccc-000000000001");
+      if (!result.success) throw ShieldHcaptchaLocalError;
+      return next();
+    } catch {
+      throw ShieldHcaptchaLocalError;
+    }
+  });
+}

package/src/shield-hcaptcha.strategy.ts ADDED Viewed

@@ -0,0 +1,24 @@
+import hcaptcha from "hcaptcha";
+import { createMiddleware } from "hono/factory";
+import { HTTPException } from "hono/http-exception";
+import type { HCaptchaSecretKeyType } from "./hcaptcha-secret-key.vo";
+import type { ShieldStrategy } from "./shield.strategy";
+export const ShieldHcaptchaError = new HTTPException(403, { message: "shield.hcaptcha" });
+export class ShieldHcaptchaStrategy implements ShieldStrategy {
+  constructor(private readonly secretKey: HCaptchaSecretKeyType) {}
+  verify = createMiddleware(async (context, next) => {
+    try {
+      const form = await context.req.formData();
+      const hcaptchaTokenFormData = form.get("h-captcha-response")?.toString() as string;
+      const result = await hcaptcha.verify(this.secretKey, hcaptchaTokenFormData);
+      if (!result.success) throw ShieldHcaptchaError;
+      return next();
+    } catch {
+      throw ShieldHcaptchaError;
+    }
+  });
+}

package/src/shield-noop.strategy.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import { createMiddleware } from "hono/factory";
+import type { ShieldStrategy } from "./shield.strategy";
+export class ShieldNoopStrategy implements ShieldStrategy {
+  verify = createMiddleware(async (_, next) => next());
+}

package/src/shield-rate-limit.strategy.ts ADDED Viewed

@@ -0,0 +1,41 @@
+import * as tools from "@bgord/tools";
+import { createMiddleware } from "hono/factory";
+import { HTTPException } from "hono/http-exception";
+import type { CacheResolverStrategy } from "./cache-resolver.strategy";
+import type { CacheSubjectRequestResolver } from "./cache-subject-request-resolver.vo";
+import type { ClockPort } from "./clock.port";
+import type { ShieldStrategy } from "./shield.strategy";
+type ShieldRateLimitOptionsType = {
+  enabled: boolean;
+  resolver: CacheSubjectRequestResolver;
+  window: tools.Duration;
+};
+type Dependencies = { Clock: ClockPort; CacheResolver: CacheResolverStrategy };
+export const ShieldRateLimitError = new HTTPException(429, { message: "shield.rate.limit" });
+export class ShieldRateLimitStrategy implements ShieldStrategy {
+  constructor(
+    private readonly options: ShieldRateLimitOptionsType,
+    private readonly deps: Dependencies,
+  ) {}
+  verify = createMiddleware(async (context, next) => {
+    if (!this.options.enabled) return next();
+    const subject = await this.options.resolver.resolve(context);
+    const limiter = await this.deps.CacheResolver.resolve(
+      subject.hex,
+      async () => new tools.RateLimiter(this.options.window),
+    );
+    const result = limiter.verify(this.deps.Clock.now());
+    if (!result.allowed) throw ShieldRateLimitError;
+    return next();
+  });
+}

package/src/shield-recaptcha.strategy.ts ADDED Viewed

@@ -0,0 +1,49 @@
+import * as tools from "@bgord/tools";
+import { createMiddleware } from "hono/factory";
+import { HTTPException } from "hono/http-exception";
+import type { RecaptchaSecretKeyType } from "./recaptcha-secret-key.vo";
+import type { ShieldStrategy } from "./shield.strategy";
+export type RecaptchaVerifierConfigType = { secretKey: RecaptchaSecretKeyType };
+export type RecaptchaResultType = { success: boolean; score: number };
+export const ShieldRecaptchaError = new HTTPException(403, { message: "shield.recaptcha" });
+export class ShieldRecaptchaStrategy implements ShieldStrategy {
+  private static readonly URL = tools.UrlWithoutSlash.parse(
+    "https://www.google.com/recaptcha/api/siteverify",
+  );
+  constructor(private readonly config: RecaptchaVerifierConfigType) {}
+  verify = createMiddleware(async (context, next) => {
+    try {
+      const header = context.req.header("x-recaptcha-token");
+      const query = context.req.query("recaptchaToken");
+      const form = (await context.req.formData()).get("g-recaptcha-response")?.toString();
+      const token = header ?? query ?? form;
+      if (!token) throw ShieldRecaptchaError;
+      // cSpell:ignore remoteip
+      const remoteip = context.req.header("x-forwarded-for") ?? "";
+      const params = new URLSearchParams({ secret: this.config.secretKey, response: token, remoteip });
+      const response = await fetch(ShieldRecaptchaStrategy.URL, {
+        method: "POST",
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        body: params,
+      });
+      const result: RecaptchaResultType = await response.json();
+      if (!result.success || result.score < 0.5) throw ShieldRecaptchaError;
+      await next();
+    } catch {
+      throw ShieldRecaptchaError;
+    }
+  });
+}

package/src/shield-security.strategy.ts ADDED Viewed

@@ -0,0 +1,80 @@
+import { createMiddleware } from "hono/factory";
+import type { ContentfulStatusCode } from "hono/utils/http-status";
+import { ClientFromHono } from "./client-from-hono.adapter";
+import { SecurityContext } from "./security-context.vo";
+import type { SecurityPolicy } from "./security-policy.vo";
+import type { ShieldStrategy } from "./shield.strategy";
+import type { SleeperPort } from "./sleeper.port";
+type Dependencies = { Sleeper: SleeperPort };
+export const ShieldSecurityAdapterError = {
+  Unhandled: "shield.security.adapter.error.unhandled",
+  MissingPolicies: "shield.security.adapter.error.missing.policies",
+  MaxPolicies: "shield.security.adapter.error.max.policies",
+};
+export class ShieldSecurityStrategy implements ShieldStrategy {
+  constructor(
+    private readonly policies: SecurityPolicy[],
+    private readonly deps: Dependencies,
+  ) {
+    if (policies.length === 0) throw new Error(ShieldSecurityAdapterError.MissingPolicies);
+    if (policies.length > 5) throw new Error(ShieldSecurityAdapterError.MaxPolicies);
+  }
+  verify = createMiddleware(async (c, next) => {
+    for (const policy of this.policies) {
+      const violation = await policy.rule.isViolated(c);
+      if (!violation) continue;
+      const context = new SecurityContext(
+        policy.rule.name,
+        policy.countermeasure.name,
+        ClientFromHono.translate(c),
+        // Stryker disable all
+        c.get("user")?.id,
+        // Stryker restore all
+      );
+      const action = await policy.countermeasure.execute(context);
+      // Stryker disable all
+      switch (action.kind) {
+        case "allow":
+          return next();
+        case "deny":
+          return c.text(action.reason, action.response.status as ContentfulStatusCode);
+        case "mirage":
+          return c.json({}, action.response.status as ContentfulStatusCode);
+        case "delay": {
+          await this.deps.Sleeper.wait(action.duration);
+          switch (action.after.kind) {
+            case "allow":
+              return next();
+            case "deny":
+              return c.text(action.after.reason, action.after.response.status as ContentfulStatusCode);
+            case "mirage":
+              return c.json({}, action.after.response.status as ContentfulStatusCode);
+            case "delay":
+              throw new Error(ShieldSecurityAdapterError.Unhandled);
+            default:
+              throw new Error(ShieldSecurityAdapterError.Unhandled);
+          }
+        }
+      }
+      // Stryker restore all
+    }
+    return next();
+  });
+}

package/src/shield-timeout.strategy.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import type * as tools from "@bgord/tools";
+import { createMiddleware } from "hono/factory";
+import { HTTPException } from "hono/http-exception";
+import { timeout } from "hono/timeout";
+import type { ShieldStrategy } from "./shield.strategy";
+export const ShieldTimeoutError = new HTTPException(408, { message: "shield.timeout" });
+type ShieldTimeoutConfigType = { duration: tools.Duration };
+export class ShieldTimeoutStrategy implements ShieldStrategy {
+  private readonly timeout;
+  constructor(config: ShieldTimeoutConfigType) {
+    this.timeout = timeout(config.duration.ms, ShieldTimeoutError);
+  }
+  verify = createMiddleware(async (context, next) => this.timeout(context, next));
+}

package/src/shield.strategy.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import type { MiddlewareHandler } from "hono";
+export interface ShieldStrategy {
+  verify: MiddlewareHandler;
+}

package/src/simulated-error.middleware.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import { createMiddleware } from "hono/factory";
+export class SimulatedError {
+  static handle = () =>
+    createMiddleware(async (_, _next) => {
+      throw new Error("Simulated error");
+    });
+}

package/src/sleeper-noop.adapter.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import type { SleeperPort } from "./sleeper.port";
+export class SleeperNoopAdapter implements SleeperPort {
+  async wait() {}
+}

package/src/sleeper-system.adapter.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import type * as tools from "@bgord/tools";
+import type { SleeperPort } from "./sleeper.port";
+export class SleeperSystemAdapter implements SleeperPort {
+  async wait(duration: tools.Duration) {
+    await Bun.sleep(duration.ms);
+  }
+}