@blamejs/blamejs-shop 0.0.44

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1220) hide show
  1. package/CHANGELOG.md +87 -0
  2. package/LICENSE +17 -0
  3. package/README.md +117 -0
  4. package/SECURITY.md +139 -0
  5. package/lib/admin.js +952 -0
  6. package/lib/analytics.js +267 -0
  7. package/lib/cart.js +279 -0
  8. package/lib/catalog-import.js +344 -0
  9. package/lib/catalog.js +769 -0
  10. package/lib/checkout.js +320 -0
  11. package/lib/config.js +151 -0
  12. package/lib/customers.js +322 -0
  13. package/lib/email.js +242 -0
  14. package/lib/externaldb-d1.js +283 -0
  15. package/lib/index.js +57 -0
  16. package/lib/inventory-alerts.js +198 -0
  17. package/lib/newsletter.js +142 -0
  18. package/lib/order.js +380 -0
  19. package/lib/payment.js +318 -0
  20. package/lib/pricing.js +185 -0
  21. package/lib/r2-bridge.js +169 -0
  22. package/lib/shipping.js +185 -0
  23. package/lib/storefront.js +2160 -0
  24. package/lib/subscriptions.js +410 -0
  25. package/lib/tax.js +161 -0
  26. package/lib/theme.js +194 -0
  27. package/lib/vendor/MANIFEST.json +19 -0
  28. package/lib/vendor/blamejs/.clusterfuzzlite/Dockerfile +23 -0
  29. package/lib/vendor/blamejs/.clusterfuzzlite/build.sh +34 -0
  30. package/lib/vendor/blamejs/.clusterfuzzlite/project.yaml +16 -0
  31. package/lib/vendor/blamejs/.dockerignore +45 -0
  32. package/lib/vendor/blamejs/.gitattributes +42 -0
  33. package/lib/vendor/blamejs/.github/CODEOWNERS +4 -0
  34. package/lib/vendor/blamejs/.github/FUNDING.yml +2 -0
  35. package/lib/vendor/blamejs/.github/ISSUE_TEMPLATE/bug_report.md +58 -0
  36. package/lib/vendor/blamejs/.github/ISSUE_TEMPLATE/config.yml +8 -0
  37. package/lib/vendor/blamejs/.github/ISSUE_TEMPLATE/feature_request.md +99 -0
  38. package/lib/vendor/blamejs/.github/PULL_REQUEST_TEMPLATE.md +77 -0
  39. package/lib/vendor/blamejs/.github/dependabot.yml +37 -0
  40. package/lib/vendor/blamejs/.github/workflows/actions-lint.yml +148 -0
  41. package/lib/vendor/blamejs/.github/workflows/cflite_batch.yml +107 -0
  42. package/lib/vendor/blamejs/.github/workflows/cflite_pr.yml +122 -0
  43. package/lib/vendor/blamejs/.github/workflows/ci.yml +511 -0
  44. package/lib/vendor/blamejs/.github/workflows/codeql.yml +50 -0
  45. package/lib/vendor/blamejs/.github/workflows/npm-publish.yml +655 -0
  46. package/lib/vendor/blamejs/.github/workflows/release-container.yml +406 -0
  47. package/lib/vendor/blamejs/.github/workflows/scorecard.yml +101 -0
  48. package/lib/vendor/blamejs/.github/workflows/sha-to-tag-verify.yml +134 -0
  49. package/lib/vendor/blamejs/.gitignore +102 -0
  50. package/lib/vendor/blamejs/.gitleaks.toml +166 -0
  51. package/lib/vendor/blamejs/.hadolint.yaml +18 -0
  52. package/lib/vendor/blamejs/.npmrc +5 -0
  53. package/lib/vendor/blamejs/.pinact.yaml +17 -0
  54. package/lib/vendor/blamejs/ARCHITECTURE.md +158 -0
  55. package/lib/vendor/blamejs/CHANGELOG.md +1351 -0
  56. package/lib/vendor/blamejs/CODE_OF_CONDUCT.md +86 -0
  57. package/lib/vendor/blamejs/CONTRIBUTING.md +156 -0
  58. package/lib/vendor/blamejs/GOVERNANCE.md +201 -0
  59. package/lib/vendor/blamejs/LICENSE +201 -0
  60. package/lib/vendor/blamejs/LTS-CALENDAR.md +29 -0
  61. package/lib/vendor/blamejs/MIGRATING.md +29 -0
  62. package/lib/vendor/blamejs/NOTICE +81 -0
  63. package/lib/vendor/blamejs/README.md +304 -0
  64. package/lib/vendor/blamejs/SECURITY.md +432 -0
  65. package/lib/vendor/blamejs/api-snapshot.json +48709 -0
  66. package/lib/vendor/blamejs/assets/BlameJS_Logo.png +0 -0
  67. package/lib/vendor/blamejs/assets/BlameJS_Logo.svg +129 -0
  68. package/lib/vendor/blamejs/bench/README.md +77 -0
  69. package/lib/vendor/blamejs/bench/_helpers.js +70 -0
  70. package/lib/vendor/blamejs/bench/baseline.json +183 -0
  71. package/lib/vendor/blamejs/bench/crypto-hash.bench.js +19 -0
  72. package/lib/vendor/blamejs/bench/crypto-symmetric.bench.js +28 -0
  73. package/lib/vendor/blamejs/bench/run.js +140 -0
  74. package/lib/vendor/blamejs/bench/safe-json.bench.js +31 -0
  75. package/lib/vendor/blamejs/bin/blamejs.js +13 -0
  76. package/lib/vendor/blamejs/docker/caddy/Caddyfile +46 -0
  77. package/lib/vendor/blamejs/docker/coredns/Corefile +37 -0
  78. package/lib/vendor/blamejs/docker/haproxy/haproxy.cfg +52 -0
  79. package/lib/vendor/blamejs/docker/init/generate-certs.sh +118 -0
  80. package/lib/vendor/blamejs/docker/keycloak/realm-blamejs-test.json +87 -0
  81. package/lib/vendor/blamejs/docker/mitmproxy/config.yaml +16 -0
  82. package/lib/vendor/blamejs/docker/mongo/init-tls.sh +17 -0
  83. package/lib/vendor/blamejs/docker/mysql/my.cnf +12 -0
  84. package/lib/vendor/blamejs/docker/nats/nats.conf +33 -0
  85. package/lib/vendor/blamejs/docker/postgres/init-tls.sh +17 -0
  86. package/lib/vendor/blamejs/docker/postgres/postgresql.conf +18 -0
  87. package/lib/vendor/blamejs/docker/rabbitmq/rabbitmq.conf +18 -0
  88. package/lib/vendor/blamejs/docker/redis/redis.conf +15 -0
  89. package/lib/vendor/blamejs/docker/squid/squid.conf +24 -0
  90. package/lib/vendor/blamejs/docker/syslog/syslog-ng.conf +34 -0
  91. package/lib/vendor/blamejs/docker-compose.test.yml +545 -0
  92. package/lib/vendor/blamejs/docs/cis-postgres-crosswalk.md +102 -0
  93. package/lib/vendor/blamejs/docs/cis-sqlite-equivalent.md +92 -0
  94. package/lib/vendor/blamejs/eslint.config.mjs +204 -0
  95. package/lib/vendor/blamejs/examples/wiki/Caddyfile +40 -0
  96. package/lib/vendor/blamejs/examples/wiki/DEPLOY.md +218 -0
  97. package/lib/vendor/blamejs/examples/wiki/Dockerfile +120 -0
  98. package/lib/vendor/blamejs/examples/wiki/README.md +157 -0
  99. package/lib/vendor/blamejs/examples/wiki/cli-snapshot.json +250 -0
  100. package/lib/vendor/blamejs/examples/wiki/docker-compose.prod.yml +231 -0
  101. package/lib/vendor/blamejs/examples/wiki/docker-compose.yml +166 -0
  102. package/lib/vendor/blamejs/examples/wiki/env-snapshot.json +217 -0
  103. package/lib/vendor/blamejs/examples/wiki/lib/auto-site-entries.js +139 -0
  104. package/lib/vendor/blamejs/examples/wiki/lib/build-app.js +555 -0
  105. package/lib/vendor/blamejs/examples/wiki/lib/harvest-cli.js +507 -0
  106. package/lib/vendor/blamejs/examples/wiki/lib/harvest-env-vars.js +435 -0
  107. package/lib/vendor/blamejs/examples/wiki/lib/harvest-errors.js +282 -0
  108. package/lib/vendor/blamejs/examples/wiki/lib/harvest-vendored-deps.js +321 -0
  109. package/lib/vendor/blamejs/examples/wiki/lib/nav.js +15 -0
  110. package/lib/vendor/blamejs/examples/wiki/lib/opts-resolver.js +75 -0
  111. package/lib/vendor/blamejs/examples/wiki/lib/page-generator.js +508 -0
  112. package/lib/vendor/blamejs/examples/wiki/lib/section.js +276 -0
  113. package/lib/vendor/blamejs/examples/wiki/lib/source-comment-block-validator.js +587 -0
  114. package/lib/vendor/blamejs/examples/wiki/lib/source-doc-parser.js +318 -0
  115. package/lib/vendor/blamejs/examples/wiki/lib/symbol-index.js +122 -0
  116. package/lib/vendor/blamejs/examples/wiki/migrations/0001-pages-schema.js +74 -0
  117. package/lib/vendor/blamejs/examples/wiki/package.json +18 -0
  118. package/lib/vendor/blamejs/examples/wiki/public/img/blamejs-logo.png +0 -0
  119. package/lib/vendor/blamejs/examples/wiki/public/img/blamejs-logo.svg +129 -0
  120. package/lib/vendor/blamejs/examples/wiki/public/robots.txt +5 -0
  121. package/lib/vendor/blamejs/examples/wiki/public/vendor/MANIFEST.json +30 -0
  122. package/lib/vendor/blamejs/examples/wiki/public/vendor/prism.css +1 -0
  123. package/lib/vendor/blamejs/examples/wiki/public/vendor/prism.js +15 -0
  124. package/lib/vendor/blamejs/examples/wiki/public/wiki.css +1250 -0
  125. package/lib/vendor/blamejs/examples/wiki/routes/admin.js +366 -0
  126. package/lib/vendor/blamejs/examples/wiki/routes/integration.js +230 -0
  127. package/lib/vendor/blamejs/examples/wiki/routes/pages.js +266 -0
  128. package/lib/vendor/blamejs/examples/wiki/scripts/backfill-module-metadata.js +214 -0
  129. package/lib/vendor/blamejs/examples/wiki/seeders/prod/0001-default-pages.js +35 -0
  130. package/lib/vendor/blamejs/examples/wiki/seeders/prod/pages/_index.js +34 -0
  131. package/lib/vendor/blamejs/examples/wiki/seeders/prod/pages/api.js +76 -0
  132. package/lib/vendor/blamejs/examples/wiki/server.js +129 -0
  133. package/lib/vendor/blamejs/examples/wiki/site.config.js +197 -0
  134. package/lib/vendor/blamejs/examples/wiki/snippets/README.md +38 -0
  135. package/lib/vendor/blamejs/examples/wiki/snippets/auth/password-hash.example.js +15 -0
  136. package/lib/vendor/blamejs/examples/wiki/src/editor.js +103 -0
  137. package/lib/vendor/blamejs/examples/wiki/src/wiki.js +349 -0
  138. package/lib/vendor/blamejs/examples/wiki/test/AUDIT.md +155 -0
  139. package/lib/vendor/blamejs/examples/wiki/test/codebase-patterns.test.js +594 -0
  140. package/lib/vendor/blamejs/examples/wiki/test/e2e.js +741 -0
  141. package/lib/vendor/blamejs/examples/wiki/test/find-missing-pages.js +254 -0
  142. package/lib/vendor/blamejs/examples/wiki/test/integration.js +391 -0
  143. package/lib/vendor/blamejs/examples/wiki/test/validate-cli-snapshot.js +379 -0
  144. package/lib/vendor/blamejs/examples/wiki/test/validate-env-snapshot.js +346 -0
  145. package/lib/vendor/blamejs/examples/wiki/test/validate-nav-coverage.js +212 -0
  146. package/lib/vendor/blamejs/examples/wiki/test/validate-site-coverage.js +252 -0
  147. package/lib/vendor/blamejs/examples/wiki/test/validate-source-comment-blocks.js +107 -0
  148. package/lib/vendor/blamejs/examples/wiki/views/_layout.html +115 -0
  149. package/lib/vendor/blamejs/examples/wiki/views/admin/api-keys.html +51 -0
  150. package/lib/vendor/blamejs/examples/wiki/views/admin/dashboard.html +22 -0
  151. package/lib/vendor/blamejs/examples/wiki/views/admin/edit.html +17 -0
  152. package/lib/vendor/blamejs/examples/wiki/views/home.html +85 -0
  153. package/lib/vendor/blamejs/examples/wiki/views/login.html +18 -0
  154. package/lib/vendor/blamejs/examples/wiki/views/page.html +5 -0
  155. package/lib/vendor/blamejs/examples/wiki/views/partials/nav.html +13 -0
  156. package/lib/vendor/blamejs/examples/wiki/views/search.html +19 -0
  157. package/lib/vendor/blamejs/examples/wiki/wiki.config.js +15 -0
  158. package/lib/vendor/blamejs/fuzz/README.md +137 -0
  159. package/lib/vendor/blamejs/fuzz/_expected.js +35 -0
  160. package/lib/vendor/blamejs/fuzz/guard-agent-registry.fuzz.js +22 -0
  161. package/lib/vendor/blamejs/fuzz/guard-csv.fuzz.js +16 -0
  162. package/lib/vendor/blamejs/fuzz/guard-csv_seed_corpus/01-basic.csv +3 -0
  163. package/lib/vendor/blamejs/fuzz/guard-csv_seed_corpus/02-formula.csv +1 -0
  164. package/lib/vendor/blamejs/fuzz/guard-csv_seed_corpus/03-hyperlink.csv +1 -0
  165. package/lib/vendor/blamejs/fuzz/guard-dsn.fuzz.js +22 -0
  166. package/lib/vendor/blamejs/fuzz/guard-email.fuzz.js +16 -0
  167. package/lib/vendor/blamejs/fuzz/guard-email_seed_corpus/01-basic.eml +5 -0
  168. package/lib/vendor/blamejs/fuzz/guard-envelope.fuzz.js +24 -0
  169. package/lib/vendor/blamejs/fuzz/guard-event-bus-payload.fuzz.js +24 -0
  170. package/lib/vendor/blamejs/fuzz/guard-event-bus-topic.fuzz.js +20 -0
  171. package/lib/vendor/blamejs/fuzz/guard-html.fuzz.js +16 -0
  172. package/lib/vendor/blamejs/fuzz/guard-html_seed_corpus/01-basic.html +1 -0
  173. package/lib/vendor/blamejs/fuzz/guard-html_seed_corpus/02-script.html +1 -0
  174. package/lib/vendor/blamejs/fuzz/guard-html_seed_corpus/03-event.html +1 -0
  175. package/lib/vendor/blamejs/fuzz/guard-html_seed_corpus/04-jsurl.html +1 -0
  176. package/lib/vendor/blamejs/fuzz/guard-idempotency-key.fuzz.js +20 -0
  177. package/lib/vendor/blamejs/fuzz/guard-imap-command.fuzz.js +35 -0
  178. package/lib/vendor/blamejs/fuzz/guard-jmap.fuzz.js +41 -0
  179. package/lib/vendor/blamejs/fuzz/guard-json.fuzz.js +16 -0
  180. package/lib/vendor/blamejs/fuzz/guard-json_seed_corpus/01-basic.json +1 -0
  181. package/lib/vendor/blamejs/fuzz/guard-json_seed_corpus/02-proto.json +1 -0
  182. package/lib/vendor/blamejs/fuzz/guard-json_seed_corpus/03-dupkey.json +1 -0
  183. package/lib/vendor/blamejs/fuzz/guard-json_seed_corpus/04-nan.json +1 -0
  184. package/lib/vendor/blamejs/fuzz/guard-json_seed_corpus/05-bom.json +1 -0
  185. package/lib/vendor/blamejs/fuzz/guard-list-id.fuzz.js +21 -0
  186. package/lib/vendor/blamejs/fuzz/guard-list-unsubscribe.fuzz.js +25 -0
  187. package/lib/vendor/blamejs/fuzz/guard-mail-compose.fuzz.js +22 -0
  188. package/lib/vendor/blamejs/fuzz/guard-mail-move.fuzz.js +22 -0
  189. package/lib/vendor/blamejs/fuzz/guard-mail-query.fuzz.js +27 -0
  190. package/lib/vendor/blamejs/fuzz/guard-mail-reply.fuzz.js +23 -0
  191. package/lib/vendor/blamejs/fuzz/guard-mail-sieve.fuzz.js +36 -0
  192. package/lib/vendor/blamejs/fuzz/guard-managesieve-command.fuzz.js +26 -0
  193. package/lib/vendor/blamejs/fuzz/guard-markdown.fuzz.js +16 -0
  194. package/lib/vendor/blamejs/fuzz/guard-markdown_seed_corpus/01-basic.md +2 -0
  195. package/lib/vendor/blamejs/fuzz/guard-markdown_seed_corpus/02-jsurl.md +1 -0
  196. package/lib/vendor/blamejs/fuzz/guard-markdown_seed_corpus/03-jsimg.md +1 -0
  197. package/lib/vendor/blamejs/fuzz/guard-message-id.fuzz.js +26 -0
  198. package/lib/vendor/blamejs/fuzz/guard-pop3-command.fuzz.js +23 -0
  199. package/lib/vendor/blamejs/fuzz/guard-posture-chain.fuzz.js +22 -0
  200. package/lib/vendor/blamejs/fuzz/guard-saga-config.fuzz.js +32 -0
  201. package/lib/vendor/blamejs/fuzz/guard-smtp-command.fuzz.js +27 -0
  202. package/lib/vendor/blamejs/fuzz/guard-snapshot-envelope.fuzz.js +22 -0
  203. package/lib/vendor/blamejs/fuzz/guard-stream-args.fuzz.js +22 -0
  204. package/lib/vendor/blamejs/fuzz/guard-svg.fuzz.js +16 -0
  205. package/lib/vendor/blamejs/fuzz/guard-svg_seed_corpus/01-basic.svg +1 -0
  206. package/lib/vendor/blamejs/fuzz/guard-svg_seed_corpus/02-script.svg +1 -0
  207. package/lib/vendor/blamejs/fuzz/guard-tenant-id.fuzz.js +20 -0
  208. package/lib/vendor/blamejs/fuzz/guard-trace-context.fuzz.js +30 -0
  209. package/lib/vendor/blamejs/fuzz/guard-xml.fuzz.js +16 -0
  210. package/lib/vendor/blamejs/fuzz/guard-xml_seed_corpus/01-basic.xml +1 -0
  211. package/lib/vendor/blamejs/fuzz/guard-xml_seed_corpus/02-xxe.xml +1 -0
  212. package/lib/vendor/blamejs/fuzz/guard-yaml.fuzz.js +16 -0
  213. package/lib/vendor/blamejs/fuzz/guard-yaml_seed_corpus/01-basic.yaml +2 -0
  214. package/lib/vendor/blamejs/fuzz/guard-yaml_seed_corpus/02-anchor.yaml +2 -0
  215. package/lib/vendor/blamejs/fuzz/guard-yaml_seed_corpus/03-norway.yaml +1 -0
  216. package/lib/vendor/blamejs/fuzz/guard-yaml_seed_corpus/04-multidoc.yaml +4 -0
  217. package/lib/vendor/blamejs/fuzz/parsers__safe-ini.fuzz.js +16 -0
  218. package/lib/vendor/blamejs/fuzz/parsers__safe-ini_seed_corpus/01-basic.ini +2 -0
  219. package/lib/vendor/blamejs/fuzz/parsers__safe-toml.fuzz.js +16 -0
  220. package/lib/vendor/blamejs/fuzz/parsers__safe-toml_seed_corpus/01-basic.toml +4 -0
  221. package/lib/vendor/blamejs/fuzz/parsers__safe-xml.fuzz.js +16 -0
  222. package/lib/vendor/blamejs/fuzz/parsers__safe-xml_seed_corpus/01-basic.xml +1 -0
  223. package/lib/vendor/blamejs/fuzz/parsers__safe-yaml.fuzz.js +16 -0
  224. package/lib/vendor/blamejs/fuzz/parsers__safe-yaml_seed_corpus/01-basic.yaml +4 -0
  225. package/lib/vendor/blamejs/fuzz/safe-decompress.fuzz.js +49 -0
  226. package/lib/vendor/blamejs/fuzz/safe-dns.fuzz.js +29 -0
  227. package/lib/vendor/blamejs/fuzz/safe-ical.fuzz.js +16 -0
  228. package/lib/vendor/blamejs/fuzz/safe-icap.fuzz.js +42 -0
  229. package/lib/vendor/blamejs/fuzz/safe-json.fuzz.js +25 -0
  230. package/lib/vendor/blamejs/fuzz/safe-json_seed_corpus/01-object.txt +1 -0
  231. package/lib/vendor/blamejs/fuzz/safe-json_seed_corpus/02-array.txt +1 -0
  232. package/lib/vendor/blamejs/fuzz/safe-json_seed_corpus/03-string.txt +1 -0
  233. package/lib/vendor/blamejs/fuzz/safe-json_seed_corpus/04-proto.txt +1 -0
  234. package/lib/vendor/blamejs/fuzz/safe-json_seed_corpus/05-deep.txt +1 -0
  235. package/lib/vendor/blamejs/fuzz/safe-jsonpath.fuzz.js +16 -0
  236. package/lib/vendor/blamejs/fuzz/safe-jsonpath_seed_corpus/01-basic.txt +1 -0
  237. package/lib/vendor/blamejs/fuzz/safe-jsonpath_seed_corpus/02-filter.txt +1 -0
  238. package/lib/vendor/blamejs/fuzz/safe-jsonpath_seed_corpus/03-deepscan.txt +1 -0
  239. package/lib/vendor/blamejs/fuzz/safe-jsonpath_seed_corpus/04-slice.txt +1 -0
  240. package/lib/vendor/blamejs/fuzz/safe-mime.fuzz.js +27 -0
  241. package/lib/vendor/blamejs/fuzz/safe-mount-info.fuzz.js +33 -0
  242. package/lib/vendor/blamejs/fuzz/safe-sieve.fuzz.js +28 -0
  243. package/lib/vendor/blamejs/fuzz/safe-smtp.fuzz.js +64 -0
  244. package/lib/vendor/blamejs/fuzz/safe-url.fuzz.js +16 -0
  245. package/lib/vendor/blamejs/fuzz/safe-url_seed_corpus/01-basic.txt +1 -0
  246. package/lib/vendor/blamejs/fuzz/safe-url_seed_corpus/02-userinfo.txt +1 -0
  247. package/lib/vendor/blamejs/fuzz/safe-url_seed_corpus/03-dangerous.txt +1 -0
  248. package/lib/vendor/blamejs/fuzz/safe-url_seed_corpus/04-data.txt +1 -0
  249. package/lib/vendor/blamejs/fuzz/safe-url_seed_corpus/05-ipv6.txt +1 -0
  250. package/lib/vendor/blamejs/fuzz/safe-url_seed_corpus/06-idn.txt +1 -0
  251. package/lib/vendor/blamejs/fuzz/safe-vcard.fuzz.js +16 -0
  252. package/lib/vendor/blamejs/index.js +678 -0
  253. package/lib/vendor/blamejs/keys/release-pqc-pub.json +7 -0
  254. package/lib/vendor/blamejs/lib/_test/crypto-fixtures.js +67 -0
  255. package/lib/vendor/blamejs/lib/a2a-tasks.js +598 -0
  256. package/lib/vendor/blamejs/lib/a2a.js +407 -0
  257. package/lib/vendor/blamejs/lib/acme.js +1448 -0
  258. package/lib/vendor/blamejs/lib/agent-audit.js +45 -0
  259. package/lib/vendor/blamejs/lib/agent-event-bus.js +382 -0
  260. package/lib/vendor/blamejs/lib/agent-idempotency.js +497 -0
  261. package/lib/vendor/blamejs/lib/agent-orchestrator.js +717 -0
  262. package/lib/vendor/blamejs/lib/agent-posture-chain.js +366 -0
  263. package/lib/vendor/blamejs/lib/agent-saga.js +321 -0
  264. package/lib/vendor/blamejs/lib/agent-snapshot.js +676 -0
  265. package/lib/vendor/blamejs/lib/agent-stream.js +269 -0
  266. package/lib/vendor/blamejs/lib/agent-tenant.js +632 -0
  267. package/lib/vendor/blamejs/lib/agent-trace.js +281 -0
  268. package/lib/vendor/blamejs/lib/ai-adverse-decision.js +184 -0
  269. package/lib/vendor/blamejs/lib/ai-content-detect.js +268 -0
  270. package/lib/vendor/blamejs/lib/ai-input.js +201 -0
  271. package/lib/vendor/blamejs/lib/ai-model-manifest.js +363 -0
  272. package/lib/vendor/blamejs/lib/ai-pref.js +340 -0
  273. package/lib/vendor/blamejs/lib/api-key.js +721 -0
  274. package/lib/vendor/blamejs/lib/api-snapshot.js +458 -0
  275. package/lib/vendor/blamejs/lib/app-shutdown.js +557 -0
  276. package/lib/vendor/blamejs/lib/app.js +365 -0
  277. package/lib/vendor/blamejs/lib/archive.js +547 -0
  278. package/lib/vendor/blamejs/lib/arg-parser.js +697 -0
  279. package/lib/vendor/blamejs/lib/argon2-builtin.js +173 -0
  280. package/lib/vendor/blamejs/lib/asn1-der.js +424 -0
  281. package/lib/vendor/blamejs/lib/asyncapi-bindings.js +160 -0
  282. package/lib/vendor/blamejs/lib/asyncapi-traits.js +143 -0
  283. package/lib/vendor/blamejs/lib/asyncapi.js +575 -0
  284. package/lib/vendor/blamejs/lib/atomic-file.js +1023 -0
  285. package/lib/vendor/blamejs/lib/audit-chain.js +266 -0
  286. package/lib/vendor/blamejs/lib/audit-daily-review.js +389 -0
  287. package/lib/vendor/blamejs/lib/audit-sign.js +751 -0
  288. package/lib/vendor/blamejs/lib/audit-tools.js +1113 -0
  289. package/lib/vendor/blamejs/lib/audit.js +1671 -0
  290. package/lib/vendor/blamejs/lib/auth/aal.js +169 -0
  291. package/lib/vendor/blamejs/lib/auth/access-lock.js +220 -0
  292. package/lib/vendor/blamejs/lib/auth/acr-vocabulary.js +265 -0
  293. package/lib/vendor/blamejs/lib/auth/ato-kill-switch.js +112 -0
  294. package/lib/vendor/blamejs/lib/auth/auth-time-tracker.js +111 -0
  295. package/lib/vendor/blamejs/lib/auth/bot-challenge.js +573 -0
  296. package/lib/vendor/blamejs/lib/auth/ciba.js +637 -0
  297. package/lib/vendor/blamejs/lib/auth/dpop.js +516 -0
  298. package/lib/vendor/blamejs/lib/auth/elevation-grant.js +306 -0
  299. package/lib/vendor/blamejs/lib/auth/fal.js +229 -0
  300. package/lib/vendor/blamejs/lib/auth/fido-mds3.js +681 -0
  301. package/lib/vendor/blamejs/lib/auth/jwt-external.js +519 -0
  302. package/lib/vendor/blamejs/lib/auth/jwt.js +430 -0
  303. package/lib/vendor/blamejs/lib/auth/lockout.js +449 -0
  304. package/lib/vendor/blamejs/lib/auth/oauth.js +2141 -0
  305. package/lib/vendor/blamejs/lib/auth/oid4vci.js +657 -0
  306. package/lib/vendor/blamejs/lib/auth/oid4vp.js +531 -0
  307. package/lib/vendor/blamejs/lib/auth/openid-federation.js +600 -0
  308. package/lib/vendor/blamejs/lib/auth/passkey.js +676 -0
  309. package/lib/vendor/blamejs/lib/auth/password.js +693 -0
  310. package/lib/vendor/blamejs/lib/auth/saml.js +2109 -0
  311. package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-disclosure.js +95 -0
  312. package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-holder.js +225 -0
  313. package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-issuer.js +197 -0
  314. package/lib/vendor/blamejs/lib/auth/sd-jwt-vc.js +728 -0
  315. package/lib/vendor/blamejs/lib/auth/status-list.js +272 -0
  316. package/lib/vendor/blamejs/lib/auth/step-up-policy.js +335 -0
  317. package/lib/vendor/blamejs/lib/auth/step-up.js +454 -0
  318. package/lib/vendor/blamejs/lib/auth-bot-challenge.js +505 -0
  319. package/lib/vendor/blamejs/lib/auth-header.js +148 -0
  320. package/lib/vendor/blamejs/lib/backup/bundle.js +265 -0
  321. package/lib/vendor/blamejs/lib/backup/crypto.js +176 -0
  322. package/lib/vendor/blamejs/lib/backup/index.js +1001 -0
  323. package/lib/vendor/blamejs/lib/backup/manifest.js +443 -0
  324. package/lib/vendor/blamejs/lib/boot-gates.js +174 -0
  325. package/lib/vendor/blamejs/lib/breach-deadline.js +272 -0
  326. package/lib/vendor/blamejs/lib/break-glass.js +1753 -0
  327. package/lib/vendor/blamejs/lib/budr.js +205 -0
  328. package/lib/vendor/blamejs/lib/bundler.js +461 -0
  329. package/lib/vendor/blamejs/lib/cache-redis.js +256 -0
  330. package/lib/vendor/blamejs/lib/cache-status.js +288 -0
  331. package/lib/vendor/blamejs/lib/cache.js +1331 -0
  332. package/lib/vendor/blamejs/lib/calendar.js +1240 -0
  333. package/lib/vendor/blamejs/lib/canonical-json.js +143 -0
  334. package/lib/vendor/blamejs/lib/cdn-cache-control.js +473 -0
  335. package/lib/vendor/blamejs/lib/cert.js +763 -0
  336. package/lib/vendor/blamejs/lib/chain-writer.js +259 -0
  337. package/lib/vendor/blamejs/lib/circuit-breaker.js +101 -0
  338. package/lib/vendor/blamejs/lib/cli-helpers.js +237 -0
  339. package/lib/vendor/blamejs/lib/cli.js +2328 -0
  340. package/lib/vendor/blamejs/lib/client-hints.js +318 -0
  341. package/lib/vendor/blamejs/lib/cloud-events.js +277 -0
  342. package/lib/vendor/blamejs/lib/cluster-provider-db.js +317 -0
  343. package/lib/vendor/blamejs/lib/cluster-storage.js +351 -0
  344. package/lib/vendor/blamejs/lib/cluster.js +1017 -0
  345. package/lib/vendor/blamejs/lib/cms-codec.js +826 -0
  346. package/lib/vendor/blamejs/lib/codepoint-class.js +262 -0
  347. package/lib/vendor/blamejs/lib/compliance-ai-act-logging.js +190 -0
  348. package/lib/vendor/blamejs/lib/compliance-ai-act-prohibited.js +205 -0
  349. package/lib/vendor/blamejs/lib/compliance-ai-act-risk.js +189 -0
  350. package/lib/vendor/blamejs/lib/compliance-ai-act-transparency.js +200 -0
  351. package/lib/vendor/blamejs/lib/compliance-ai-act.js +821 -0
  352. package/lib/vendor/blamejs/lib/compliance-eaa.js +204 -0
  353. package/lib/vendor/blamejs/lib/compliance-sanctions-aliases.js +167 -0
  354. package/lib/vendor/blamejs/lib/compliance-sanctions-fetcher.js +206 -0
  355. package/lib/vendor/blamejs/lib/compliance-sanctions-fuzzy.js +297 -0
  356. package/lib/vendor/blamejs/lib/compliance-sanctions.js +569 -0
  357. package/lib/vendor/blamejs/lib/compliance.js +1558 -0
  358. package/lib/vendor/blamejs/lib/config-drift.js +426 -0
  359. package/lib/vendor/blamejs/lib/config.js +446 -0
  360. package/lib/vendor/blamejs/lib/consent.js +369 -0
  361. package/lib/vendor/blamejs/lib/constants.js +209 -0
  362. package/lib/vendor/blamejs/lib/content-credentials.js +704 -0
  363. package/lib/vendor/blamejs/lib/cookies.js +560 -0
  364. package/lib/vendor/blamejs/lib/cra-report.js +299 -0
  365. package/lib/vendor/blamejs/lib/credential-hash.js +394 -0
  366. package/lib/vendor/blamejs/lib/crypto-field.js +1017 -0
  367. package/lib/vendor/blamejs/lib/crypto-hpke-pq.js +187 -0
  368. package/lib/vendor/blamejs/lib/crypto-hpke.js +256 -0
  369. package/lib/vendor/blamejs/lib/crypto.js +1908 -0
  370. package/lib/vendor/blamejs/lib/csp.js +271 -0
  371. package/lib/vendor/blamejs/lib/csv.js +418 -0
  372. package/lib/vendor/blamejs/lib/daemon.js +481 -0
  373. package/lib/vendor/blamejs/lib/dark-patterns.js +488 -0
  374. package/lib/vendor/blamejs/lib/data-act.js +328 -0
  375. package/lib/vendor/blamejs/lib/db-collection.js +587 -0
  376. package/lib/vendor/blamejs/lib/db-declare-row-policy.js +267 -0
  377. package/lib/vendor/blamejs/lib/db-declare-view.js +420 -0
  378. package/lib/vendor/blamejs/lib/db-file-lifecycle.js +333 -0
  379. package/lib/vendor/blamejs/lib/db-query.js +802 -0
  380. package/lib/vendor/blamejs/lib/db-role-context.js +50 -0
  381. package/lib/vendor/blamejs/lib/db-schema.js +322 -0
  382. package/lib/vendor/blamejs/lib/db.js +3111 -0
  383. package/lib/vendor/blamejs/lib/dbsc.js +299 -0
  384. package/lib/vendor/blamejs/lib/ddl-change-control.js +523 -0
  385. package/lib/vendor/blamejs/lib/deprecate.js +377 -0
  386. package/lib/vendor/blamejs/lib/dev.js +405 -0
  387. package/lib/vendor/blamejs/lib/dora.js +402 -0
  388. package/lib/vendor/blamejs/lib/dr-runbook.js +368 -0
  389. package/lib/vendor/blamejs/lib/dsr.js +1188 -0
  390. package/lib/vendor/blamejs/lib/dual-control.js +526 -0
  391. package/lib/vendor/blamejs/lib/early-hints.js +212 -0
  392. package/lib/vendor/blamejs/lib/error-page.js +420 -0
  393. package/lib/vendor/blamejs/lib/events.js +214 -0
  394. package/lib/vendor/blamejs/lib/external-db-migrate.js +659 -0
  395. package/lib/vendor/blamejs/lib/external-db.js +1877 -0
  396. package/lib/vendor/blamejs/lib/fapi2.js +394 -0
  397. package/lib/vendor/blamejs/lib/fda-21cfr11.js +395 -0
  398. package/lib/vendor/blamejs/lib/fdx.js +370 -0
  399. package/lib/vendor/blamejs/lib/fedcm.js +264 -0
  400. package/lib/vendor/blamejs/lib/file-type.js +360 -0
  401. package/lib/vendor/blamejs/lib/file-upload.js +1256 -0
  402. package/lib/vendor/blamejs/lib/flag-cache.js +136 -0
  403. package/lib/vendor/blamejs/lib/flag-evaluation-context.js +135 -0
  404. package/lib/vendor/blamejs/lib/flag-providers.js +279 -0
  405. package/lib/vendor/blamejs/lib/flag-targeting.js +210 -0
  406. package/lib/vendor/blamejs/lib/flag.js +346 -0
  407. package/lib/vendor/blamejs/lib/forms.js +525 -0
  408. package/lib/vendor/blamejs/lib/framework-error.js +724 -0
  409. package/lib/vendor/blamejs/lib/framework-schema.js +845 -0
  410. package/lib/vendor/blamejs/lib/framework-sha1-hibp.js +34 -0
  411. package/lib/vendor/blamejs/lib/fsm.js +469 -0
  412. package/lib/vendor/blamejs/lib/gate-contract.js +1661 -0
  413. package/lib/vendor/blamejs/lib/gdpr-ropa.js +261 -0
  414. package/lib/vendor/blamejs/lib/graphql-federation.js +234 -0
  415. package/lib/vendor/blamejs/lib/guard-agent-registry.js +179 -0
  416. package/lib/vendor/blamejs/lib/guard-all.js +555 -0
  417. package/lib/vendor/blamejs/lib/guard-archive.js +901 -0
  418. package/lib/vendor/blamejs/lib/guard-auth.js +451 -0
  419. package/lib/vendor/blamejs/lib/guard-cidr.js +676 -0
  420. package/lib/vendor/blamejs/lib/guard-csv.js +1176 -0
  421. package/lib/vendor/blamejs/lib/guard-domain.js +814 -0
  422. package/lib/vendor/blamejs/lib/guard-dsn.js +382 -0
  423. package/lib/vendor/blamejs/lib/guard-email.js +951 -0
  424. package/lib/vendor/blamejs/lib/guard-envelope.js +294 -0
  425. package/lib/vendor/blamejs/lib/guard-event-bus-payload.js +217 -0
  426. package/lib/vendor/blamejs/lib/guard-event-bus-topic.js +150 -0
  427. package/lib/vendor/blamejs/lib/guard-filename.js +956 -0
  428. package/lib/vendor/blamejs/lib/guard-graphql.js +731 -0
  429. package/lib/vendor/blamejs/lib/guard-html-wcag-aria.js +164 -0
  430. package/lib/vendor/blamejs/lib/guard-html-wcag-forms.js +144 -0
  431. package/lib/vendor/blamejs/lib/guard-html-wcag-tables.js +154 -0
  432. package/lib/vendor/blamejs/lib/guard-html-wcag-tagwalk.js +44 -0
  433. package/lib/vendor/blamejs/lib/guard-html-wcag.js +470 -0
  434. package/lib/vendor/blamejs/lib/guard-html.js +1209 -0
  435. package/lib/vendor/blamejs/lib/guard-idempotency-key.js +151 -0
  436. package/lib/vendor/blamejs/lib/guard-image.js +584 -0
  437. package/lib/vendor/blamejs/lib/guard-imap-command.js +337 -0
  438. package/lib/vendor/blamejs/lib/guard-jmap.js +321 -0
  439. package/lib/vendor/blamejs/lib/guard-json.js +935 -0
  440. package/lib/vendor/blamejs/lib/guard-jsonpath.js +512 -0
  441. package/lib/vendor/blamejs/lib/guard-jwt.js +772 -0
  442. package/lib/vendor/blamejs/lib/guard-list-id.js +318 -0
  443. package/lib/vendor/blamejs/lib/guard-list-unsubscribe.js +412 -0
  444. package/lib/vendor/blamejs/lib/guard-mail-compose.js +282 -0
  445. package/lib/vendor/blamejs/lib/guard-mail-move.js +202 -0
  446. package/lib/vendor/blamejs/lib/guard-mail-query.js +310 -0
  447. package/lib/vendor/blamejs/lib/guard-mail-reply.js +172 -0
  448. package/lib/vendor/blamejs/lib/guard-mail-sieve.js +207 -0
  449. package/lib/vendor/blamejs/lib/guard-managesieve-command.js +566 -0
  450. package/lib/vendor/blamejs/lib/guard-markdown.js +768 -0
  451. package/lib/vendor/blamejs/lib/guard-message-id.js +267 -0
  452. package/lib/vendor/blamejs/lib/guard-mime.js +609 -0
  453. package/lib/vendor/blamejs/lib/guard-oauth.js +650 -0
  454. package/lib/vendor/blamejs/lib/guard-pdf.js +569 -0
  455. package/lib/vendor/blamejs/lib/guard-pop3-command.js +317 -0
  456. package/lib/vendor/blamejs/lib/guard-posture-chain.js +201 -0
  457. package/lib/vendor/blamejs/lib/guard-regex.js +632 -0
  458. package/lib/vendor/blamejs/lib/guard-saga-config.js +157 -0
  459. package/lib/vendor/blamejs/lib/guard-shell.js +522 -0
  460. package/lib/vendor/blamejs/lib/guard-smtp-command.js +594 -0
  461. package/lib/vendor/blamejs/lib/guard-snapshot-envelope.js +168 -0
  462. package/lib/vendor/blamejs/lib/guard-stream-args.js +166 -0
  463. package/lib/vendor/blamejs/lib/guard-svg.js +1163 -0
  464. package/lib/vendor/blamejs/lib/guard-template.js +490 -0
  465. package/lib/vendor/blamejs/lib/guard-tenant-id.js +138 -0
  466. package/lib/vendor/blamejs/lib/guard-time.js +586 -0
  467. package/lib/vendor/blamejs/lib/guard-trace-context.js +172 -0
  468. package/lib/vendor/blamejs/lib/guard-uuid.js +548 -0
  469. package/lib/vendor/blamejs/lib/guard-xml.js +666 -0
  470. package/lib/vendor/blamejs/lib/guard-yaml.js +726 -0
  471. package/lib/vendor/blamejs/lib/hal.js +125 -0
  472. package/lib/vendor/blamejs/lib/handlers.js +350 -0
  473. package/lib/vendor/blamejs/lib/honeytoken.js +168 -0
  474. package/lib/vendor/blamejs/lib/html-balance.js +347 -0
  475. package/lib/vendor/blamejs/lib/http-client-cache.js +923 -0
  476. package/lib/vendor/blamejs/lib/http-client-cookie-jar.js +519 -0
  477. package/lib/vendor/blamejs/lib/http-client.js +2152 -0
  478. package/lib/vendor/blamejs/lib/http-message-signature.js +589 -0
  479. package/lib/vendor/blamejs/lib/http2-teardown.js +34 -0
  480. package/lib/vendor/blamejs/lib/i18n-messageformat.js +398 -0
  481. package/lib/vendor/blamejs/lib/i18n.js +931 -0
  482. package/lib/vendor/blamejs/lib/iab-mspa.js +257 -0
  483. package/lib/vendor/blamejs/lib/iab-tcf.js +461 -0
  484. package/lib/vendor/blamejs/lib/importmap-integrity.js +90 -0
  485. package/lib/vendor/blamejs/lib/inbox.js +435 -0
  486. package/lib/vendor/blamejs/lib/incident-report.js +314 -0
  487. package/lib/vendor/blamejs/lib/ip-utils.js +102 -0
  488. package/lib/vendor/blamejs/lib/jobs.js +185 -0
  489. package/lib/vendor/blamejs/lib/jose-jwe-experimental.js +228 -0
  490. package/lib/vendor/blamejs/lib/jsonapi.js +230 -0
  491. package/lib/vendor/blamejs/lib/keychain.js +865 -0
  492. package/lib/vendor/blamejs/lib/lazy-require.js +48 -0
  493. package/lib/vendor/blamejs/lib/legal-hold.js +374 -0
  494. package/lib/vendor/blamejs/lib/local-db-thin.js +321 -0
  495. package/lib/vendor/blamejs/lib/log-stream-cloudwatch.js +369 -0
  496. package/lib/vendor/blamejs/lib/log-stream-local.js +146 -0
  497. package/lib/vendor/blamejs/lib/log-stream-otlp-grpc.js +410 -0
  498. package/lib/vendor/blamejs/lib/log-stream-otlp.js +286 -0
  499. package/lib/vendor/blamejs/lib/log-stream-syslog.js +310 -0
  500. package/lib/vendor/blamejs/lib/log-stream-webhook.js +199 -0
  501. package/lib/vendor/blamejs/lib/log-stream.js +584 -0
  502. package/lib/vendor/blamejs/lib/log.js +625 -0
  503. package/lib/vendor/blamejs/lib/lro.js +200 -0
  504. package/lib/vendor/blamejs/lib/mail-agent.js +786 -0
  505. package/lib/vendor/blamejs/lib/mail-arc-sign.js +417 -0
  506. package/lib/vendor/blamejs/lib/mail-arf.js +343 -0
  507. package/lib/vendor/blamejs/lib/mail-auth.js +2144 -0
  508. package/lib/vendor/blamejs/lib/mail-bimi.js +1047 -0
  509. package/lib/vendor/blamejs/lib/mail-bounce.js +955 -0
  510. package/lib/vendor/blamejs/lib/mail-crypto-pgp.js +1286 -0
  511. package/lib/vendor/blamejs/lib/mail-crypto-smime.js +789 -0
  512. package/lib/vendor/blamejs/lib/mail-crypto.js +108 -0
  513. package/lib/vendor/blamejs/lib/mail-dav.js +1224 -0
  514. package/lib/vendor/blamejs/lib/mail-deploy.js +1119 -0
  515. package/lib/vendor/blamejs/lib/mail-dkim.js +1250 -0
  516. package/lib/vendor/blamejs/lib/mail-greylist.js +448 -0
  517. package/lib/vendor/blamejs/lib/mail-helo.js +473 -0
  518. package/lib/vendor/blamejs/lib/mail-journal.js +435 -0
  519. package/lib/vendor/blamejs/lib/mail-mdn.js +424 -0
  520. package/lib/vendor/blamejs/lib/mail-rbl.js +392 -0
  521. package/lib/vendor/blamejs/lib/mail-require-tls.js +198 -0
  522. package/lib/vendor/blamejs/lib/mail-scan.js +502 -0
  523. package/lib/vendor/blamejs/lib/mail-send-deliver.js +629 -0
  524. package/lib/vendor/blamejs/lib/mail-server-imap.js +1858 -0
  525. package/lib/vendor/blamejs/lib/mail-server-jmap.js +1565 -0
  526. package/lib/vendor/blamejs/lib/mail-server-managesieve.js +908 -0
  527. package/lib/vendor/blamejs/lib/mail-server-mx.js +969 -0
  528. package/lib/vendor/blamejs/lib/mail-server-pop3.js +915 -0
  529. package/lib/vendor/blamejs/lib/mail-server-rate-limit.js +315 -0
  530. package/lib/vendor/blamejs/lib/mail-server-registry.js +378 -0
  531. package/lib/vendor/blamejs/lib/mail-server-submission.js +1396 -0
  532. package/lib/vendor/blamejs/lib/mail-server-tls.js +445 -0
  533. package/lib/vendor/blamejs/lib/mail-sieve.js +557 -0
  534. package/lib/vendor/blamejs/lib/mail-spam-score.js +284 -0
  535. package/lib/vendor/blamejs/lib/mail-srs.js +248 -0
  536. package/lib/vendor/blamejs/lib/mail-store-fts.js +394 -0
  537. package/lib/vendor/blamejs/lib/mail-store.js +929 -0
  538. package/lib/vendor/blamejs/lib/mail-unsubscribe.js +400 -0
  539. package/lib/vendor/blamejs/lib/mail.js +1971 -0
  540. package/lib/vendor/blamejs/lib/mcp-tool-registry.js +473 -0
  541. package/lib/vendor/blamejs/lib/mcp.js +950 -0
  542. package/lib/vendor/blamejs/lib/metrics.js +1503 -0
  543. package/lib/vendor/blamejs/lib/middleware/age-gate.js +177 -0
  544. package/lib/vendor/blamejs/lib/middleware/ai-act-disclosure.js +203 -0
  545. package/lib/vendor/blamejs/lib/middleware/api-encrypt.js +981 -0
  546. package/lib/vendor/blamejs/lib/middleware/assetlinks.js +137 -0
  547. package/lib/vendor/blamejs/lib/middleware/asyncapi-serve.js +171 -0
  548. package/lib/vendor/blamejs/lib/middleware/attach-user.js +220 -0
  549. package/lib/vendor/blamejs/lib/middleware/bearer-auth.js +293 -0
  550. package/lib/vendor/blamejs/lib/middleware/body-parser.js +1519 -0
  551. package/lib/vendor/blamejs/lib/middleware/bot-disclose.js +183 -0
  552. package/lib/vendor/blamejs/lib/middleware/bot-guard.js +217 -0
  553. package/lib/vendor/blamejs/lib/middleware/clear-site-data.js +122 -0
  554. package/lib/vendor/blamejs/lib/middleware/compose-pipeline.js +355 -0
  555. package/lib/vendor/blamejs/lib/middleware/compression.js +489 -0
  556. package/lib/vendor/blamejs/lib/middleware/cookies.js +130 -0
  557. package/lib/vendor/blamejs/lib/middleware/cors.js +386 -0
  558. package/lib/vendor/blamejs/lib/middleware/csp-nonce.js +388 -0
  559. package/lib/vendor/blamejs/lib/middleware/csp-report.js +167 -0
  560. package/lib/vendor/blamejs/lib/middleware/csrf-protect.js +499 -0
  561. package/lib/vendor/blamejs/lib/middleware/daily-byte-quota.js +243 -0
  562. package/lib/vendor/blamejs/lib/middleware/db-role-for.js +304 -0
  563. package/lib/vendor/blamejs/lib/middleware/dpop.js +402 -0
  564. package/lib/vendor/blamejs/lib/middleware/error-handler.js +69 -0
  565. package/lib/vendor/blamejs/lib/middleware/fetch-metadata.js +168 -0
  566. package/lib/vendor/blamejs/lib/middleware/flag-context.js +110 -0
  567. package/lib/vendor/blamejs/lib/middleware/gpc.js +153 -0
  568. package/lib/vendor/blamejs/lib/middleware/headers.js +242 -0
  569. package/lib/vendor/blamejs/lib/middleware/health.js +438 -0
  570. package/lib/vendor/blamejs/lib/middleware/host-allowlist.js +189 -0
  571. package/lib/vendor/blamejs/lib/middleware/idempotency-key.js +964 -0
  572. package/lib/vendor/blamejs/lib/middleware/index.js +183 -0
  573. package/lib/vendor/blamejs/lib/middleware/nel.js +214 -0
  574. package/lib/vendor/blamejs/lib/middleware/network-allowlist.js +237 -0
  575. package/lib/vendor/blamejs/lib/middleware/no-cache.js +106 -0
  576. package/lib/vendor/blamejs/lib/middleware/openapi-serve.js +177 -0
  577. package/lib/vendor/blamejs/lib/middleware/protected-resource-metadata.js +277 -0
  578. package/lib/vendor/blamejs/lib/middleware/rate-limit.js +556 -0
  579. package/lib/vendor/blamejs/lib/middleware/request-id.js +79 -0
  580. package/lib/vendor/blamejs/lib/middleware/request-log.js +205 -0
  581. package/lib/vendor/blamejs/lib/middleware/require-aal.js +138 -0
  582. package/lib/vendor/blamejs/lib/middleware/require-auth.js +144 -0
  583. package/lib/vendor/blamejs/lib/middleware/require-bound-key.js +290 -0
  584. package/lib/vendor/blamejs/lib/middleware/require-content-type.js +113 -0
  585. package/lib/vendor/blamejs/lib/middleware/require-methods.js +97 -0
  586. package/lib/vendor/blamejs/lib/middleware/require-mtls.js +212 -0
  587. package/lib/vendor/blamejs/lib/middleware/require-step-up.js +226 -0
  588. package/lib/vendor/blamejs/lib/middleware/scim-server.js +375 -0
  589. package/lib/vendor/blamejs/lib/middleware/security-headers.js +285 -0
  590. package/lib/vendor/blamejs/lib/middleware/security-txt.js +170 -0
  591. package/lib/vendor/blamejs/lib/middleware/span-http-server.js +280 -0
  592. package/lib/vendor/blamejs/lib/middleware/speculation-rules.js +323 -0
  593. package/lib/vendor/blamejs/lib/middleware/sse.js +200 -0
  594. package/lib/vendor/blamejs/lib/middleware/trace-log-correlation.js +167 -0
  595. package/lib/vendor/blamejs/lib/middleware/trace-propagate.js +148 -0
  596. package/lib/vendor/blamejs/lib/middleware/tus-upload.js +749 -0
  597. package/lib/vendor/blamejs/lib/middleware/web-app-manifest.js +164 -0
  598. package/lib/vendor/blamejs/lib/migration-files.js +37 -0
  599. package/lib/vendor/blamejs/lib/migrations.js +385 -0
  600. package/lib/vendor/blamejs/lib/mime-parse.js +198 -0
  601. package/lib/vendor/blamejs/lib/money.js +699 -0
  602. package/lib/vendor/blamejs/lib/mtls-ca.js +572 -0
  603. package/lib/vendor/blamejs/lib/mtls-engine-default.js +501 -0
  604. package/lib/vendor/blamejs/lib/network-byte-quota.js +308 -0
  605. package/lib/vendor/blamejs/lib/network-dns-resolver.js +533 -0
  606. package/lib/vendor/blamejs/lib/network-dns.js +1930 -0
  607. package/lib/vendor/blamejs/lib/network-heartbeat.js +425 -0
  608. package/lib/vendor/blamejs/lib/network-nts.js +574 -0
  609. package/lib/vendor/blamejs/lib/network-proxy.js +265 -0
  610. package/lib/vendor/blamejs/lib/network-smtp-policy.js +836 -0
  611. package/lib/vendor/blamejs/lib/network-tls.js +3126 -0
  612. package/lib/vendor/blamejs/lib/network.js +346 -0
  613. package/lib/vendor/blamejs/lib/nis2-report.js +181 -0
  614. package/lib/vendor/blamejs/lib/nist-crosswalk.js +293 -0
  615. package/lib/vendor/blamejs/lib/nonce-store.js +177 -0
  616. package/lib/vendor/blamejs/lib/notify.js +683 -0
  617. package/lib/vendor/blamejs/lib/ntp-check.js +458 -0
  618. package/lib/vendor/blamejs/lib/numeric-bounds.js +111 -0
  619. package/lib/vendor/blamejs/lib/numeric-checks.js +40 -0
  620. package/lib/vendor/blamejs/lib/object-store/azure-blob-bucket-ops.js +349 -0
  621. package/lib/vendor/blamejs/lib/object-store/azure-blob.js +488 -0
  622. package/lib/vendor/blamejs/lib/object-store/gcs-bucket-ops.js +351 -0
  623. package/lib/vendor/blamejs/lib/object-store/gcs.js +515 -0
  624. package/lib/vendor/blamejs/lib/object-store/http-put.js +153 -0
  625. package/lib/vendor/blamejs/lib/object-store/http-request.js +38 -0
  626. package/lib/vendor/blamejs/lib/object-store/index.js +197 -0
  627. package/lib/vendor/blamejs/lib/object-store/local.js +163 -0
  628. package/lib/vendor/blamejs/lib/object-store/sigv4-bucket-ops.js +1133 -0
  629. package/lib/vendor/blamejs/lib/object-store/sigv4.js +957 -0
  630. package/lib/vendor/blamejs/lib/observability-otlp-exporter.js +420 -0
  631. package/lib/vendor/blamejs/lib/observability-tracer.js +395 -0
  632. package/lib/vendor/blamejs/lib/observability.js +720 -0
  633. package/lib/vendor/blamejs/lib/openapi-paths-builder.js +248 -0
  634. package/lib/vendor/blamejs/lib/openapi-schema-walk.js +192 -0
  635. package/lib/vendor/blamejs/lib/openapi-security.js +169 -0
  636. package/lib/vendor/blamejs/lib/openapi-yaml.js +154 -0
  637. package/lib/vendor/blamejs/lib/openapi.js +489 -0
  638. package/lib/vendor/blamejs/lib/otel-export.js +278 -0
  639. package/lib/vendor/blamejs/lib/outbox.js +547 -0
  640. package/lib/vendor/blamejs/lib/pagination.js +542 -0
  641. package/lib/vendor/blamejs/lib/parsers/index.js +91 -0
  642. package/lib/vendor/blamejs/lib/parsers/safe-env.js +642 -0
  643. package/lib/vendor/blamejs/lib/parsers/safe-ini.js +293 -0
  644. package/lib/vendor/blamejs/lib/parsers/safe-toml.js +784 -0
  645. package/lib/vendor/blamejs/lib/parsers/safe-xml.js +390 -0
  646. package/lib/vendor/blamejs/lib/parsers/safe-yaml.js +1015 -0
  647. package/lib/vendor/blamejs/lib/permissions.js +793 -0
  648. package/lib/vendor/blamejs/lib/pick.js +105 -0
  649. package/lib/vendor/blamejs/lib/pqc-agent.js +351 -0
  650. package/lib/vendor/blamejs/lib/pqc-gate.js +279 -0
  651. package/lib/vendor/blamejs/lib/pqc-software.js +271 -0
  652. package/lib/vendor/blamejs/lib/problem-details.js +482 -0
  653. package/lib/vendor/blamejs/lib/process-spawn.js +196 -0
  654. package/lib/vendor/blamejs/lib/promise-pool.js +162 -0
  655. package/lib/vendor/blamejs/lib/protobuf-encoder.js +190 -0
  656. package/lib/vendor/blamejs/lib/protocol-dispatcher.js +161 -0
  657. package/lib/vendor/blamejs/lib/public-suffix.js +403 -0
  658. package/lib/vendor/blamejs/lib/pubsub-cluster.js +154 -0
  659. package/lib/vendor/blamejs/lib/pubsub-redis.js +167 -0
  660. package/lib/vendor/blamejs/lib/pubsub.js +463 -0
  661. package/lib/vendor/blamejs/lib/queue-local.js +476 -0
  662. package/lib/vendor/blamejs/lib/queue-redis.js +745 -0
  663. package/lib/vendor/blamejs/lib/queue-sqs.js +319 -0
  664. package/lib/vendor/blamejs/lib/queue.js +1016 -0
  665. package/lib/vendor/blamejs/lib/redact.js +1007 -0
  666. package/lib/vendor/blamejs/lib/redis-client.js +520 -0
  667. package/lib/vendor/blamejs/lib/render.js +285 -0
  668. package/lib/vendor/blamejs/lib/request-helpers.js +767 -0
  669. package/lib/vendor/blamejs/lib/resource-access-lock.js +116 -0
  670. package/lib/vendor/blamejs/lib/restore-bundle.js +340 -0
  671. package/lib/vendor/blamejs/lib/restore-rollback.js +365 -0
  672. package/lib/vendor/blamejs/lib/restore.js +409 -0
  673. package/lib/vendor/blamejs/lib/retention.js +640 -0
  674. package/lib/vendor/blamejs/lib/retry.js +523 -0
  675. package/lib/vendor/blamejs/lib/router.js +1289 -0
  676. package/lib/vendor/blamejs/lib/safe-async.js +1184 -0
  677. package/lib/vendor/blamejs/lib/safe-buffer.js +562 -0
  678. package/lib/vendor/blamejs/lib/safe-decompress.js +297 -0
  679. package/lib/vendor/blamejs/lib/safe-dns.js +665 -0
  680. package/lib/vendor/blamejs/lib/safe-ical.js +634 -0
  681. package/lib/vendor/blamejs/lib/safe-icap.js +502 -0
  682. package/lib/vendor/blamejs/lib/safe-json.js +946 -0
  683. package/lib/vendor/blamejs/lib/safe-jsonpath.js +285 -0
  684. package/lib/vendor/blamejs/lib/safe-mime.js +831 -0
  685. package/lib/vendor/blamejs/lib/safe-mount-info.js +306 -0
  686. package/lib/vendor/blamejs/lib/safe-path.js +254 -0
  687. package/lib/vendor/blamejs/lib/safe-redirect.js +106 -0
  688. package/lib/vendor/blamejs/lib/safe-schema.js +1810 -0
  689. package/lib/vendor/blamejs/lib/safe-sieve.js +684 -0
  690. package/lib/vendor/blamejs/lib/safe-smtp.js +185 -0
  691. package/lib/vendor/blamejs/lib/safe-sql.js +363 -0
  692. package/lib/vendor/blamejs/lib/safe-url.js +428 -0
  693. package/lib/vendor/blamejs/lib/safe-vcard.js +473 -0
  694. package/lib/vendor/blamejs/lib/sandbox-worker.js +135 -0
  695. package/lib/vendor/blamejs/lib/sandbox.js +358 -0
  696. package/lib/vendor/blamejs/lib/scheduler.js +827 -0
  697. package/lib/vendor/blamejs/lib/sd-notify.js +269 -0
  698. package/lib/vendor/blamejs/lib/sec-cyber.js +214 -0
  699. package/lib/vendor/blamejs/lib/security-assert.js +395 -0
  700. package/lib/vendor/blamejs/lib/seeders.js +620 -0
  701. package/lib/vendor/blamejs/lib/self-update-standalone-verifier.js +309 -0
  702. package/lib/vendor/blamejs/lib/self-update.js +804 -0
  703. package/lib/vendor/blamejs/lib/server-timing.js +174 -0
  704. package/lib/vendor/blamejs/lib/session-device-binding.js +431 -0
  705. package/lib/vendor/blamejs/lib/session-stores.js +138 -0
  706. package/lib/vendor/blamejs/lib/session.js +1162 -0
  707. package/lib/vendor/blamejs/lib/slug.js +381 -0
  708. package/lib/vendor/blamejs/lib/sse.js +349 -0
  709. package/lib/vendor/blamejs/lib/ssrf-guard.js +792 -0
  710. package/lib/vendor/blamejs/lib/standard-webhooks.js +183 -0
  711. package/lib/vendor/blamejs/lib/static.js +1249 -0
  712. package/lib/vendor/blamejs/lib/storage.js +1272 -0
  713. package/lib/vendor/blamejs/lib/stream-throttle.js +235 -0
  714. package/lib/vendor/blamejs/lib/structured-fields.js +244 -0
  715. package/lib/vendor/blamejs/lib/subject.js +667 -0
  716. package/lib/vendor/blamejs/lib/tcpa-10dlc.js +175 -0
  717. package/lib/vendor/blamejs/lib/template.js +931 -0
  718. package/lib/vendor/blamejs/lib/tenant-quota.js +545 -0
  719. package/lib/vendor/blamejs/lib/test-harness.js +275 -0
  720. package/lib/vendor/blamejs/lib/testing.js +1185 -0
  721. package/lib/vendor/blamejs/lib/time.js +578 -0
  722. package/lib/vendor/blamejs/lib/tls-exporter.js +239 -0
  723. package/lib/vendor/blamejs/lib/totp.js +318 -0
  724. package/lib/vendor/blamejs/lib/tracing.js +546 -0
  725. package/lib/vendor/blamejs/lib/uuid.js +207 -0
  726. package/lib/vendor/blamejs/lib/validate-opts.js +381 -0
  727. package/lib/vendor/blamejs/lib/vault/index.js +638 -0
  728. package/lib/vendor/blamejs/lib/vault/passphrase-ops.js +311 -0
  729. package/lib/vendor/blamejs/lib/vault/passphrase-source.js +198 -0
  730. package/lib/vendor/blamejs/lib/vault/rotate.js +803 -0
  731. package/lib/vendor/blamejs/lib/vault/seal-pem-file.js +471 -0
  732. package/lib/vendor/blamejs/lib/vault/wrap.js +296 -0
  733. package/lib/vendor/blamejs/lib/vault-aad.js +259 -0
  734. package/lib/vendor/blamejs/lib/vendor/.vendor-data-pubkey +4 -0
  735. package/lib/vendor/blamejs/lib/vendor/MANIFEST.json +161 -0
  736. package/lib/vendor/blamejs/lib/vendor/bimi-trust-anchors.data.js +68 -0
  737. package/lib/vendor/blamejs/lib/vendor/bimi-trust-anchors.pem +33 -0
  738. package/lib/vendor/blamejs/lib/vendor/common-passwords-top-10000.data.js +1325 -0
  739. package/lib/vendor/blamejs/lib/vendor/common-passwords-top-10000.txt +10002 -0
  740. package/lib/vendor/blamejs/lib/vendor/noble-ciphers.cjs +9 -0
  741. package/lib/vendor/blamejs/lib/vendor/noble-post-quantum.cjs +18 -0
  742. package/lib/vendor/blamejs/lib/vendor/pki.cjs +181 -0
  743. package/lib/vendor/blamejs/lib/vendor/public-suffix-list.dat +16382 -0
  744. package/lib/vendor/blamejs/lib/vendor/public-suffix-list.data.js +5881 -0
  745. package/lib/vendor/blamejs/lib/vendor/simplewebauthn-server.cjs +328 -0
  746. package/lib/vendor/blamejs/lib/vendor/vendor-data-pubkey.js +16 -0
  747. package/lib/vendor/blamejs/lib/vendor-data.js +520 -0
  748. package/lib/vendor/blamejs/lib/vex.js +630 -0
  749. package/lib/vendor/blamejs/lib/watcher.js +608 -0
  750. package/lib/vendor/blamejs/lib/web-push-vapid.js +322 -0
  751. package/lib/vendor/blamejs/lib/webhook.js +977 -0
  752. package/lib/vendor/blamejs/lib/websocket-channels.js +327 -0
  753. package/lib/vendor/blamejs/lib/websocket.js +1561 -0
  754. package/lib/vendor/blamejs/lib/wiki-concepts.js +338 -0
  755. package/lib/vendor/blamejs/lib/worker-pool.js +464 -0
  756. package/lib/vendor/blamejs/lib/ws-client.js +978 -0
  757. package/lib/vendor/blamejs/lib/xml-c14n.js +506 -0
  758. package/lib/vendor/blamejs/memory/specs/node-26-map-getorinsert-migration.md +164 -0
  759. package/lib/vendor/blamejs/oss-fuzz/projects/blamejs/Dockerfile +19 -0
  760. package/lib/vendor/blamejs/oss-fuzz/projects/blamejs/README.md +88 -0
  761. package/lib/vendor/blamejs/oss-fuzz/projects/blamejs/build.sh +26 -0
  762. package/lib/vendor/blamejs/oss-fuzz/projects/blamejs/project.yaml +28 -0
  763. package/lib/vendor/blamejs/package.json +81 -0
  764. package/lib/vendor/blamejs/release-notes/v0.0.x.json +310 -0
  765. package/lib/vendor/blamejs/release-notes/v0.1.x.json +1798 -0
  766. package/lib/vendor/blamejs/release-notes/v0.10.x.json +1288 -0
  767. package/lib/vendor/blamejs/release-notes/v0.11.x.json +2551 -0
  768. package/lib/vendor/blamejs/release-notes/v0.12.0.json +64 -0
  769. package/lib/vendor/blamejs/release-notes/v0.12.1.json +32 -0
  770. package/lib/vendor/blamejs/release-notes/v0.12.2.json +45 -0
  771. package/lib/vendor/blamejs/release-notes/v0.2.x.json +706 -0
  772. package/lib/vendor/blamejs/release-notes/v0.3.x.json +786 -0
  773. package/lib/vendor/blamejs/release-notes/v0.4.x.json +588 -0
  774. package/lib/vendor/blamejs/release-notes/v0.5.x.json +390 -0
  775. package/lib/vendor/blamejs/release-notes/v0.6.x.json +1947 -0
  776. package/lib/vendor/blamejs/release-notes/v0.7.x.json +3811 -0
  777. package/lib/vendor/blamejs/release-notes/v0.8.x.json +3318 -0
  778. package/lib/vendor/blamejs/release-notes/v0.9.x.json +2257 -0
  779. package/lib/vendor/blamejs/scripts/build-vendored-sbom.js +325 -0
  780. package/lib/vendor/blamejs/scripts/check-api-snapshot.js +62 -0
  781. package/lib/vendor/blamejs/scripts/check-changelog-extract.js +108 -0
  782. package/lib/vendor/blamejs/scripts/check-pack-against-gitignore.js +83 -0
  783. package/lib/vendor/blamejs/scripts/check-services.js +483 -0
  784. package/lib/vendor/blamejs/scripts/check-vendor-currency.js +349 -0
  785. package/lib/vendor/blamejs/scripts/consolidate-release-notes.js +216 -0
  786. package/lib/vendor/blamejs/scripts/gen-migrating.js +275 -0
  787. package/lib/vendor/blamejs/scripts/generate-changelog-entry.js +577 -0
  788. package/lib/vendor/blamejs/scripts/generate-release-signing-key.js +79 -0
  789. package/lib/vendor/blamejs/scripts/publish-dep-confusion-placeholder.sh +101 -0
  790. package/lib/vendor/blamejs/scripts/refresh-api-snapshot.js +31 -0
  791. package/lib/vendor/blamejs/scripts/refresh-vendor-manifest.js +132 -0
  792. package/lib/vendor/blamejs/scripts/release.js +652 -0
  793. package/lib/vendor/blamejs/scripts/sha3-digest.js +62 -0
  794. package/lib/vendor/blamejs/scripts/sign-release-artifact.js +92 -0
  795. package/lib/vendor/blamejs/scripts/test-integration.js +181 -0
  796. package/lib/vendor/blamejs/scripts/test-wiki-integration.js +126 -0
  797. package/lib/vendor/blamejs/scripts/validate-source-comment-blocks.js +77 -0
  798. package/lib/vendor/blamejs/scripts/vendor-data-gen.js +186 -0
  799. package/lib/vendor/blamejs/scripts/vendor-data-keygen.js +101 -0
  800. package/lib/vendor/blamejs/scripts/vendor-update.sh +278 -0
  801. package/lib/vendor/blamejs/test/00-primitives.js +19075 -0
  802. package/lib/vendor/blamejs/test/10-state.js +622 -0
  803. package/lib/vendor/blamejs/test/20-db.js +561 -0
  804. package/lib/vendor/blamejs/test/30-chain.js +2110 -0
  805. package/lib/vendor/blamejs/test/40-consumers.js +2453 -0
  806. package/lib/vendor/blamejs/test/50-integration.js +486 -0
  807. package/lib/vendor/blamejs/test/_helpers.js +10 -0
  808. package/lib/vendor/blamejs/test/_smoke-worker.js +69 -0
  809. package/lib/vendor/blamejs/test/fixtures/exploit-corpus/corpus.json +368 -0
  810. package/lib/vendor/blamejs/test/fixtures/http-client-stream-payload.txt +2 -0
  811. package/lib/vendor/blamejs/test/fixtures/worker-pool/echo.js +52 -0
  812. package/lib/vendor/blamejs/test/helpers/_codebase-shingle-worker.js +24 -0
  813. package/lib/vendor/blamejs/test/helpers/_codebase-shingle.js +203 -0
  814. package/lib/vendor/blamejs/test/helpers/_shape-match.js +513 -0
  815. package/lib/vendor/blamejs/test/helpers/check.js +36 -0
  816. package/lib/vendor/blamejs/test/helpers/cluster.js +70 -0
  817. package/lib/vendor/blamejs/test/helpers/db.js +143 -0
  818. package/lib/vendor/blamejs/test/helpers/drivers.js +207 -0
  819. package/lib/vendor/blamejs/test/helpers/fs-watch.js +101 -0
  820. package/lib/vendor/blamejs/test/helpers/http.js +14 -0
  821. package/lib/vendor/blamejs/test/helpers/index.js +93 -0
  822. package/lib/vendor/blamejs/test/helpers/json-round-trip.js +120 -0
  823. package/lib/vendor/blamejs/test/helpers/mocks.js +20 -0
  824. package/lib/vendor/blamejs/test/helpers/otel.js +13 -0
  825. package/lib/vendor/blamejs/test/helpers/services.js +380 -0
  826. package/lib/vendor/blamejs/test/helpers/wait.js +206 -0
  827. package/lib/vendor/blamejs/test/integration/cache.test.js +235 -0
  828. package/lib/vendor/blamejs/test/integration/cluster-provider-mysql.test.js +174 -0
  829. package/lib/vendor/blamejs/test/integration/federation-auth.test.js +611 -0
  830. package/lib/vendor/blamejs/test/integration/http-client.test.js +129 -0
  831. package/lib/vendor/blamejs/test/integration/log-stream.test.js +219 -0
  832. package/lib/vendor/blamejs/test/integration/mail-crypto-smime.test.js +181 -0
  833. package/lib/vendor/blamejs/test/integration/mail-dkim.test.js +152 -0
  834. package/lib/vendor/blamejs/test/integration/mail-smtp.test.js +161 -0
  835. package/lib/vendor/blamejs/test/integration/mtls-ca.test.js +289 -0
  836. package/lib/vendor/blamejs/test/integration/network-dns.test.js +123 -0
  837. package/lib/vendor/blamejs/test/integration/network-heartbeat.test.js +101 -0
  838. package/lib/vendor/blamejs/test/integration/ntp-check.test.js +89 -0
  839. package/lib/vendor/blamejs/test/integration/object-store-sigv4.test.js +403 -0
  840. package/lib/vendor/blamejs/test/integration/pqc-pkcs8-forward-compat.test.js +271 -0
  841. package/lib/vendor/blamejs/test/integration/pubsub.test.js +137 -0
  842. package/lib/vendor/blamejs/test/integration/queue-redis.test.js +352 -0
  843. package/lib/vendor/blamejs/test/integration/redis-client-tls.test.js +96 -0
  844. package/lib/vendor/blamejs/test/integration/ssrf-guard.test.js +98 -0
  845. package/lib/vendor/blamejs/test/integration/websocket-permessage-deflate.test.js +261 -0
  846. package/lib/vendor/blamejs/test/integration/ws-client-roundtrip.test.js +230 -0
  847. package/lib/vendor/blamejs/test/layer-0-primitives/a2a-tasks.test.js +211 -0
  848. package/lib/vendor/blamejs/test/layer-0-primitives/a2a.test.js +59 -0
  849. package/lib/vendor/blamejs/test/layer-0-primitives/access-lock.test.js +136 -0
  850. package/lib/vendor/blamejs/test/layer-0-primitives/acme.test.js +219 -0
  851. package/lib/vendor/blamejs/test/layer-0-primitives/age-gate.test.js +69 -0
  852. package/lib/vendor/blamejs/test/layer-0-primitives/agent-event-bus.test.js +266 -0
  853. package/lib/vendor/blamejs/test/layer-0-primitives/agent-idempotency.test.js +262 -0
  854. package/lib/vendor/blamejs/test/layer-0-primitives/agent-orchestrator.test.js +390 -0
  855. package/lib/vendor/blamejs/test/layer-0-primitives/agent-posture-chain.test.js +174 -0
  856. package/lib/vendor/blamejs/test/layer-0-primitives/agent-saga.test.js +279 -0
  857. package/lib/vendor/blamejs/test/layer-0-primitives/agent-snapshot.test.js +322 -0
  858. package/lib/vendor/blamejs/test/layer-0-primitives/agent-stream.test.js +227 -0
  859. package/lib/vendor/blamejs/test/layer-0-primitives/agent-tenant.test.js +302 -0
  860. package/lib/vendor/blamejs/test/layer-0-primitives/agent-trace.test.js +150 -0
  861. package/lib/vendor/blamejs/test/layer-0-primitives/ai-adverse-decision.test.js +44 -0
  862. package/lib/vendor/blamejs/test/layer-0-primitives/ai-content-detect.test.js +150 -0
  863. package/lib/vendor/blamejs/test/layer-0-primitives/ai-input.test.js +50 -0
  864. package/lib/vendor/blamejs/test/layer-0-primitives/ai-model-manifest.test.js +96 -0
  865. package/lib/vendor/blamejs/test/layer-0-primitives/ai-pref.test.js +76 -0
  866. package/lib/vendor/blamejs/test/layer-0-primitives/api-encrypt.test.js +1080 -0
  867. package/lib/vendor/blamejs/test/layer-0-primitives/app-shutdown.test.js +311 -0
  868. package/lib/vendor/blamejs/test/layer-0-primitives/archive-zip-stream.test.js +291 -0
  869. package/lib/vendor/blamejs/test/layer-0-primitives/archive.test.js +140 -0
  870. package/lib/vendor/blamejs/test/layer-0-primitives/arg-parser.test.js +267 -0
  871. package/lib/vendor/blamejs/test/layer-0-primitives/asn1-der.test.js +108 -0
  872. package/lib/vendor/blamejs/test/layer-0-primitives/asyncapi.test.js +929 -0
  873. package/lib/vendor/blamejs/test/layer-0-primitives/atomic-file-conflict-path.test.js +80 -0
  874. package/lib/vendor/blamejs/test/layer-0-primitives/audit-cve-defensive.test.js +176 -0
  875. package/lib/vendor/blamejs/test/layer-0-primitives/audit-daily-review.test.js +132 -0
  876. package/lib/vendor/blamejs/test/layer-0-primitives/audit-export-cadf.test.js +97 -0
  877. package/lib/vendor/blamejs/test/layer-0-primitives/audit-framework-namespaces.test.js +141 -0
  878. package/lib/vendor/blamejs/test/layer-0-primitives/audit-segregation.test.js +115 -0
  879. package/lib/vendor/blamejs/test/layer-0-primitives/audit-sign-ml-dsa-65.test.js +163 -0
  880. package/lib/vendor/blamejs/test/layer-0-primitives/audit-use-store.test.js +246 -0
  881. package/lib/vendor/blamejs/test/layer-0-primitives/auth-bot-challenge-verifier.test.js +485 -0
  882. package/lib/vendor/blamejs/test/layer-0-primitives/auth-bot-challenge.test.js +331 -0
  883. package/lib/vendor/blamejs/test/layer-0-primitives/auth-jwt-defenses.test.js +352 -0
  884. package/lib/vendor/blamejs/test/layer-0-primitives/auth-lockout.test.js +572 -0
  885. package/lib/vendor/blamejs/test/layer-0-primitives/auth-password-audit.test.js +61 -0
  886. package/lib/vendor/blamejs/test/layer-0-primitives/azure-blob-bucket-ops.test.js +258 -0
  887. package/lib/vendor/blamejs/test/layer-0-primitives/backup-manifest-signature.test.js +105 -0
  888. package/lib/vendor/blamejs/test/layer-0-primitives/backup-worker.test.js +34 -0
  889. package/lib/vendor/blamejs/test/layer-0-primitives/bearer-auth.test.js +107 -0
  890. package/lib/vendor/blamejs/test/layer-0-primitives/body-parser-chunked-malformed.test.js +131 -0
  891. package/lib/vendor/blamejs/test/layer-0-primitives/body-parser-smuggling.test.js +118 -0
  892. package/lib/vendor/blamejs/test/layer-0-primitives/boot-gates.test.js +85 -0
  893. package/lib/vendor/blamejs/test/layer-0-primitives/breach-deadline.test.js +38 -0
  894. package/lib/vendor/blamejs/test/layer-0-primitives/break-glass.test.js +861 -0
  895. package/lib/vendor/blamejs/test/layer-0-primitives/budr.test.js +55 -0
  896. package/lib/vendor/blamejs/test/layer-0-primitives/bundler-engine.test.js +209 -0
  897. package/lib/vendor/blamejs/test/layer-0-primitives/cache-status.test.js +129 -0
  898. package/lib/vendor/blamejs/test/layer-0-primitives/cache.test.js +871 -0
  899. package/lib/vendor/blamejs/test/layer-0-primitives/calendar.test.js +891 -0
  900. package/lib/vendor/blamejs/test/layer-0-primitives/canonical-json-jcs.test.js +43 -0
  901. package/lib/vendor/blamejs/test/layer-0-primitives/cdn-cache-control.test.js +243 -0
  902. package/lib/vendor/blamejs/test/layer-0-primitives/cert.test.js +550 -0
  903. package/lib/vendor/blamejs/test/layer-0-primitives/clear-site-data.test.js +107 -0
  904. package/lib/vendor/blamejs/test/layer-0-primitives/cli-api-key.test.js +147 -0
  905. package/lib/vendor/blamejs/test/layer-0-primitives/cli-audit-verify-chain.test.js +104 -0
  906. package/lib/vendor/blamejs/test/layer-0-primitives/cli-backup.test.js +135 -0
  907. package/lib/vendor/blamejs/test/layer-0-primitives/cli-config-drift.test.js +67 -0
  908. package/lib/vendor/blamejs/test/layer-0-primitives/cli-erase.test.js +75 -0
  909. package/lib/vendor/blamejs/test/layer-0-primitives/cli-file-type.test.js +98 -0
  910. package/lib/vendor/blamejs/test/layer-0-primitives/cli-helpers.test.js +145 -0
  911. package/lib/vendor/blamejs/test/layer-0-primitives/cli-mtls.test.js +133 -0
  912. package/lib/vendor/blamejs/test/layer-0-primitives/cli-password.test.js +97 -0
  913. package/lib/vendor/blamejs/test/layer-0-primitives/cli-restore.test.js +160 -0
  914. package/lib/vendor/blamejs/test/layer-0-primitives/cli-retention.test.js +84 -0
  915. package/lib/vendor/blamejs/test/layer-0-primitives/cli-security.test.js +69 -0
  916. package/lib/vendor/blamejs/test/layer-0-primitives/cli-vault.test.js +142 -0
  917. package/lib/vendor/blamejs/test/layer-0-primitives/client-hints.test.js +133 -0
  918. package/lib/vendor/blamejs/test/layer-0-primitives/cms-codec.test.js +237 -0
  919. package/lib/vendor/blamejs/test/layer-0-primitives/codebase-patterns.test.js +9600 -0
  920. package/lib/vendor/blamejs/test/layer-0-primitives/compliance-ai-act.test.js +575 -0
  921. package/lib/vendor/blamejs/test/layer-0-primitives/compliance-cascade.test.js +89 -0
  922. package/lib/vendor/blamejs/test/layer-0-primitives/compliance-eaa.test.js +36 -0
  923. package/lib/vendor/blamejs/test/layer-0-primitives/compliance-sanctions.test.js +712 -0
  924. package/lib/vendor/blamejs/test/layer-0-primitives/compliance.test.js +278 -0
  925. package/lib/vendor/blamejs/test/layer-0-primitives/config-drift.test.js +97 -0
  926. package/lib/vendor/blamejs/test/layer-0-primitives/config.test.js +424 -0
  927. package/lib/vendor/blamejs/test/layer-0-primitives/content-credentials.test.js +94 -0
  928. package/lib/vendor/blamejs/test/layer-0-primitives/cors.test.js +357 -0
  929. package/lib/vendor/blamejs/test/layer-0-primitives/cra-report.test.js +31 -0
  930. package/lib/vendor/blamejs/test/layer-0-primitives/credential-hash.test.js +226 -0
  931. package/lib/vendor/blamejs/test/layer-0-primitives/crypto-base64url.test.js +86 -0
  932. package/lib/vendor/blamejs/test/layer-0-primitives/crypto-envelope.test.js +85 -0
  933. package/lib/vendor/blamejs/test/layer-0-primitives/crypto-hash-files-parallel.test.js +193 -0
  934. package/lib/vendor/blamejs/test/layer-0-primitives/crypto-hash-stream.test.js +98 -0
  935. package/lib/vendor/blamejs/test/layer-0-primitives/crypto-hpke-pq.test.js +132 -0
  936. package/lib/vendor/blamejs/test/layer-0-primitives/crypto-hpke.test.js +155 -0
  937. package/lib/vendor/blamejs/test/layer-0-primitives/crypto-mlkem768-x25519.test.js +129 -0
  938. package/lib/vendor/blamejs/test/layer-0-primitives/crypto-namespace-hash.test.js +0 -0
  939. package/lib/vendor/blamejs/test/layer-0-primitives/crypto-random-int.test.js +72 -0
  940. package/lib/vendor/blamejs/test/layer-0-primitives/csp-builder.test.js +96 -0
  941. package/lib/vendor/blamejs/test/layer-0-primitives/csp-nonce.test.js +401 -0
  942. package/lib/vendor/blamejs/test/layer-0-primitives/csp-report.test.js +34 -0
  943. package/lib/vendor/blamejs/test/layer-0-primitives/csv.test.js +180 -0
  944. package/lib/vendor/blamejs/test/layer-0-primitives/daemon.test.js +210 -0
  945. package/lib/vendor/blamejs/test/layer-0-primitives/daily-byte-quota.test.js +153 -0
  946. package/lib/vendor/blamejs/test/layer-0-primitives/dark-patterns.test.js +66 -0
  947. package/lib/vendor/blamejs/test/layer-0-primitives/data-act.test.js +74 -0
  948. package/lib/vendor/blamejs/test/layer-0-primitives/db-collection-extensions.test.js +226 -0
  949. package/lib/vendor/blamejs/test/layer-0-primitives/db-collection.test.js +136 -0
  950. package/lib/vendor/blamejs/test/layer-0-primitives/db-init-extensions.test.js +165 -0
  951. package/lib/vendor/blamejs/test/layer-0-primitives/db-query-cross-schema.test.js +150 -0
  952. package/lib/vendor/blamejs/test/layer-0-primitives/db-query-extensions.test.js +191 -0
  953. package/lib/vendor/blamejs/test/layer-0-primitives/db-role-for.test.js +228 -0
  954. package/lib/vendor/blamejs/test/layer-0-primitives/db-vacuum.test.js +55 -0
  955. package/lib/vendor/blamejs/test/layer-0-primitives/db-worm.test.js +89 -0
  956. package/lib/vendor/blamejs/test/layer-0-primitives/ddl-change-control.test.js +184 -0
  957. package/lib/vendor/blamejs/test/layer-0-primitives/declare-row-policy.test.js +203 -0
  958. package/lib/vendor/blamejs/test/layer-0-primitives/declare-view.test.js +303 -0
  959. package/lib/vendor/blamejs/test/layer-0-primitives/dns-dnssec-algorithm.test.js +163 -0
  960. package/lib/vendor/blamejs/test/layer-0-primitives/dns-null-mx.test.js +39 -0
  961. package/lib/vendor/blamejs/test/layer-0-primitives/dora.test.js +165 -0
  962. package/lib/vendor/blamejs/test/layer-0-primitives/dr-runbook.test.js +59 -0
  963. package/lib/vendor/blamejs/test/layer-0-primitives/dsr-state-rules.test.js +55 -0
  964. package/lib/vendor/blamejs/test/layer-0-primitives/dsr.test.js +786 -0
  965. package/lib/vendor/blamejs/test/layer-0-primitives/dual-control.test.js +105 -0
  966. package/lib/vendor/blamejs/test/layer-0-primitives/early-hints.test.js +147 -0
  967. package/lib/vendor/blamejs/test/layer-0-primitives/events.test.js +105 -0
  968. package/lib/vendor/blamejs/test/layer-0-primitives/exploit-replay.test.js +243 -0
  969. package/lib/vendor/blamejs/test/layer-0-primitives/external-db-hardening.test.js +181 -0
  970. package/lib/vendor/blamejs/test/layer-0-primitives/external-db-migrate.test.js +190 -0
  971. package/lib/vendor/blamejs/test/layer-0-primitives/external-db-routing.test.js +531 -0
  972. package/lib/vendor/blamejs/test/layer-0-primitives/fal.test.js +118 -0
  973. package/lib/vendor/blamejs/test/layer-0-primitives/fapi2.test.js +89 -0
  974. package/lib/vendor/blamejs/test/layer-0-primitives/fda-21cfr11.test.js +156 -0
  975. package/lib/vendor/blamejs/test/layer-0-primitives/fdx.test.js +79 -0
  976. package/lib/vendor/blamejs/test/layer-0-primitives/fedcm-dbsc.test.js +216 -0
  977. package/lib/vendor/blamejs/test/layer-0-primitives/federation-vc-suite.test.js +434 -0
  978. package/lib/vendor/blamejs/test/layer-0-primitives/fido-mds3.test.js +432 -0
  979. package/lib/vendor/blamejs/test/layer-0-primitives/file-type.test.js +81 -0
  980. package/lib/vendor/blamejs/test/layer-0-primitives/flag.test.js +887 -0
  981. package/lib/vendor/blamejs/test/layer-0-primitives/forensic-snapshot.test.js +51 -0
  982. package/lib/vendor/blamejs/test/layer-0-primitives/fsm.test.js +375 -0
  983. package/lib/vendor/blamejs/test/layer-0-primitives/gcs-bucket-ops.test.js +321 -0
  984. package/lib/vendor/blamejs/test/layer-0-primitives/gdpr-ropa.test.js +41 -0
  985. package/lib/vendor/blamejs/test/layer-0-primitives/graphql-federation.test.js +32 -0
  986. package/lib/vendor/blamejs/test/layer-0-primitives/guard-agent-registry.test.js +87 -0
  987. package/lib/vendor/blamejs/test/layer-0-primitives/guard-all.test.js +328 -0
  988. package/lib/vendor/blamejs/test/layer-0-primitives/guard-archive.test.js +339 -0
  989. package/lib/vendor/blamejs/test/layer-0-primitives/guard-csv.test.js +694 -0
  990. package/lib/vendor/blamejs/test/layer-0-primitives/guard-dsn.test.js +296 -0
  991. package/lib/vendor/blamejs/test/layer-0-primitives/guard-email.test.js +234 -0
  992. package/lib/vendor/blamejs/test/layer-0-primitives/guard-envelope.test.js +192 -0
  993. package/lib/vendor/blamejs/test/layer-0-primitives/guard-event-bus-payload.test.js +89 -0
  994. package/lib/vendor/blamejs/test/layer-0-primitives/guard-event-bus-topic.test.js +71 -0
  995. package/lib/vendor/blamejs/test/layer-0-primitives/guard-filename.test.js +386 -0
  996. package/lib/vendor/blamejs/test/layer-0-primitives/guard-html-wcag.test.js +859 -0
  997. package/lib/vendor/blamejs/test/layer-0-primitives/guard-html.test.js +357 -0
  998. package/lib/vendor/blamejs/test/layer-0-primitives/guard-idempotency-key.test.js +92 -0
  999. package/lib/vendor/blamejs/test/layer-0-primitives/guard-imap-command.test.js +0 -0
  1000. package/lib/vendor/blamejs/test/layer-0-primitives/guard-jmap.test.js +174 -0
  1001. package/lib/vendor/blamejs/test/layer-0-primitives/guard-json.test.js +317 -0
  1002. package/lib/vendor/blamejs/test/layer-0-primitives/guard-list-id.test.js +199 -0
  1003. package/lib/vendor/blamejs/test/layer-0-primitives/guard-list-unsubscribe.test.js +214 -0
  1004. package/lib/vendor/blamejs/test/layer-0-primitives/guard-mail-compose.test.js +111 -0
  1005. package/lib/vendor/blamejs/test/layer-0-primitives/guard-mail-move.test.js +110 -0
  1006. package/lib/vendor/blamejs/test/layer-0-primitives/guard-mail-query.test.js +112 -0
  1007. package/lib/vendor/blamejs/test/layer-0-primitives/guard-mail-reply.test.js +86 -0
  1008. package/lib/vendor/blamejs/test/layer-0-primitives/guard-mail-sieve.test.js +92 -0
  1009. package/lib/vendor/blamejs/test/layer-0-primitives/guard-managesieve-command.test.js +301 -0
  1010. package/lib/vendor/blamejs/test/layer-0-primitives/guard-markdown.test.js +265 -0
  1011. package/lib/vendor/blamejs/test/layer-0-primitives/guard-message-id.test.js +0 -0
  1012. package/lib/vendor/blamejs/test/layer-0-primitives/guard-pop3-command.test.js +161 -0
  1013. package/lib/vendor/blamejs/test/layer-0-primitives/guard-posture-chain.test.js +100 -0
  1014. package/lib/vendor/blamejs/test/layer-0-primitives/guard-saga-config.test.js +79 -0
  1015. package/lib/vendor/blamejs/test/layer-0-primitives/guard-smtp-command.test.js +269 -0
  1016. package/lib/vendor/blamejs/test/layer-0-primitives/guard-snapshot-envelope.test.js +89 -0
  1017. package/lib/vendor/blamejs/test/layer-0-primitives/guard-stream-args.test.js +78 -0
  1018. package/lib/vendor/blamejs/test/layer-0-primitives/guard-svg.test.js +288 -0
  1019. package/lib/vendor/blamejs/test/layer-0-primitives/guard-tenant-id.test.js +69 -0
  1020. package/lib/vendor/blamejs/test/layer-0-primitives/guard-trace-context.test.js +102 -0
  1021. package/lib/vendor/blamejs/test/layer-0-primitives/guard-xml.test.js +202 -0
  1022. package/lib/vendor/blamejs/test/layer-0-primitives/guard-yaml.test.js +203 -0
  1023. package/lib/vendor/blamejs/test/layer-0-primitives/hal.test.js +51 -0
  1024. package/lib/vendor/blamejs/test/layer-0-primitives/honeytoken.test.js +50 -0
  1025. package/lib/vendor/blamejs/test/layer-0-primitives/html-balance.test.js +37 -0
  1026. package/lib/vendor/blamejs/test/layer-0-primitives/http-client-cache.test.js +692 -0
  1027. package/lib/vendor/blamejs/test/layer-0-primitives/http-client-stream.test.js +280 -0
  1028. package/lib/vendor/blamejs/test/layer-0-primitives/http-message-signature.test.js +225 -0
  1029. package/lib/vendor/blamejs/test/layer-0-primitives/i18n-messageformat.test.js +203 -0
  1030. package/lib/vendor/blamejs/test/layer-0-primitives/i18n.test.js +991 -0
  1031. package/lib/vendor/blamejs/test/layer-0-primitives/iab-mspa.test.js +63 -0
  1032. package/lib/vendor/blamejs/test/layer-0-primitives/iab-tcf.test.js +73 -0
  1033. package/lib/vendor/blamejs/test/layer-0-primitives/idempotency-key.test.js +612 -0
  1034. package/lib/vendor/blamejs/test/layer-0-primitives/importmap-integrity.test.js +56 -0
  1035. package/lib/vendor/blamejs/test/layer-0-primitives/inbox.test.js +166 -0
  1036. package/lib/vendor/blamejs/test/layer-0-primitives/incident-report.test.js +29 -0
  1037. package/lib/vendor/blamejs/test/layer-0-primitives/jose-jwe-experimental.test.js +121 -0
  1038. package/lib/vendor/blamejs/test/layer-0-primitives/json-api.test.js +58 -0
  1039. package/lib/vendor/blamejs/test/layer-0-primitives/json-round-trip-helper.test.js +110 -0
  1040. package/lib/vendor/blamejs/test/layer-0-primitives/jwt-external.test.js +159 -0
  1041. package/lib/vendor/blamejs/test/layer-0-primitives/keychain.test.js +0 -0
  1042. package/lib/vendor/blamejs/test/layer-0-primitives/legal-hold.test.js +118 -0
  1043. package/lib/vendor/blamejs/test/layer-0-primitives/local-db-thin.test.js +150 -0
  1044. package/lib/vendor/blamejs/test/layer-0-primitives/log-stream-cloudwatch.test.js +489 -0
  1045. package/lib/vendor/blamejs/test/layer-0-primitives/log-stream-otlp-grpc.test.js +207 -0
  1046. package/lib/vendor/blamejs/test/layer-0-primitives/log-stream-otlp.test.js +283 -0
  1047. package/lib/vendor/blamejs/test/layer-0-primitives/lro.test.js +65 -0
  1048. package/lib/vendor/blamejs/test/layer-0-primitives/mail-agent.test.js +417 -0
  1049. package/lib/vendor/blamejs/test/layer-0-primitives/mail-arf.test.js +208 -0
  1050. package/lib/vendor/blamejs/test/layer-0-primitives/mail-auth.test.js +910 -0
  1051. package/lib/vendor/blamejs/test/layer-0-primitives/mail-bimi.test.js +502 -0
  1052. package/lib/vendor/blamejs/test/layer-0-primitives/mail-bounce.test.js +680 -0
  1053. package/lib/vendor/blamejs/test/layer-0-primitives/mail-canspam.test.js +128 -0
  1054. package/lib/vendor/blamejs/test/layer-0-primitives/mail-crypto-pgp-experimental.test.js +149 -0
  1055. package/lib/vendor/blamejs/test/layer-0-primitives/mail-crypto-pgp.test.js +323 -0
  1056. package/lib/vendor/blamejs/test/layer-0-primitives/mail-crypto-smime.test.js +297 -0
  1057. package/lib/vendor/blamejs/test/layer-0-primitives/mail-dav.test.js +514 -0
  1058. package/lib/vendor/blamejs/test/layer-0-primitives/mail-deploy-tlsrpt.test.js +369 -0
  1059. package/lib/vendor/blamejs/test/layer-0-primitives/mail-deploy.test.js +199 -0
  1060. package/lib/vendor/blamejs/test/layer-0-primitives/mail-dkim.test.js +627 -0
  1061. package/lib/vendor/blamejs/test/layer-0-primitives/mail-feedback-id.test.js +56 -0
  1062. package/lib/vendor/blamejs/test/layer-0-primitives/mail-greylist.test.js +217 -0
  1063. package/lib/vendor/blamejs/test/layer-0-primitives/mail-helo.test.js +283 -0
  1064. package/lib/vendor/blamejs/test/layer-0-primitives/mail-journal.test.js +217 -0
  1065. package/lib/vendor/blamejs/test/layer-0-primitives/mail-mdn.test.js +334 -0
  1066. package/lib/vendor/blamejs/test/layer-0-primitives/mail-rbl.test.js +271 -0
  1067. package/lib/vendor/blamejs/test/layer-0-primitives/mail-require-tls.test.js +128 -0
  1068. package/lib/vendor/blamejs/test/layer-0-primitives/mail-scan.test.js +215 -0
  1069. package/lib/vendor/blamejs/test/layer-0-primitives/mail-send-deliver.test.js +336 -0
  1070. package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-imap.test.js +732 -0
  1071. package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-jmap.test.js +840 -0
  1072. package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-managesieve.test.js +130 -0
  1073. package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-mx.test.js +285 -0
  1074. package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-pop3.test.js +74 -0
  1075. package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-rate-limit.test.js +112 -0
  1076. package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-registry.test.js +229 -0
  1077. package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-submission.test.js +394 -0
  1078. package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-tls.test.js +147 -0
  1079. package/lib/vendor/blamejs/test/layer-0-primitives/mail-sieve.test.js +151 -0
  1080. package/lib/vendor/blamejs/test/layer-0-primitives/mail-spam-score.test.js +204 -0
  1081. package/lib/vendor/blamejs/test/layer-0-primitives/mail-srs.test.js +152 -0
  1082. package/lib/vendor/blamejs/test/layer-0-primitives/mail-store-fts.test.js +279 -0
  1083. package/lib/vendor/blamejs/test/layer-0-primitives/mail-store.test.js +323 -0
  1084. package/lib/vendor/blamejs/test/layer-0-primitives/mail-unsubscribe.test.js +165 -0
  1085. package/lib/vendor/blamejs/test/layer-0-primitives/mail.test.js +439 -0
  1086. package/lib/vendor/blamejs/test/layer-0-primitives/mcp-tool-registry.test.js +202 -0
  1087. package/lib/vendor/blamejs/test/layer-0-primitives/mcp.test.js +155 -0
  1088. package/lib/vendor/blamejs/test/layer-0-primitives/metrics-shadow-registry.test.js +112 -0
  1089. package/lib/vendor/blamejs/test/layer-0-primitives/metrics-snapshot.test.js +224 -0
  1090. package/lib/vendor/blamejs/test/layer-0-primitives/middleware-compose-pipeline.test.js +278 -0
  1091. package/lib/vendor/blamejs/test/layer-0-primitives/money.test.js +376 -0
  1092. package/lib/vendor/blamejs/test/layer-0-primitives/mtls-ca-paths.test.js +89 -0
  1093. package/lib/vendor/blamejs/test/layer-0-primitives/nel.test.js +200 -0
  1094. package/lib/vendor/blamejs/test/layer-0-primitives/network-allowlist.test.js +106 -0
  1095. package/lib/vendor/blamejs/test/layer-0-primitives/network-byte-quota.test.js +133 -0
  1096. package/lib/vendor/blamejs/test/layer-0-primitives/network-dns-resolver.test.js +372 -0
  1097. package/lib/vendor/blamejs/test/layer-0-primitives/network-dns.test.js +635 -0
  1098. package/lib/vendor/blamejs/test/layer-0-primitives/network-heartbeat-passive.test.js +128 -0
  1099. package/lib/vendor/blamejs/test/layer-0-primitives/network-tls-build-options.test.js +130 -0
  1100. package/lib/vendor/blamejs/test/layer-0-primitives/network-tls-ct-inclusion.test.js +179 -0
  1101. package/lib/vendor/blamejs/test/layer-0-primitives/network-tls.test.js +447 -0
  1102. package/lib/vendor/blamejs/test/layer-0-primitives/network.test.js +369 -0
  1103. package/lib/vendor/blamejs/test/layer-0-primitives/nis2-report.test.js +21 -0
  1104. package/lib/vendor/blamejs/test/layer-0-primitives/nist-crosswalk.test.js +42 -0
  1105. package/lib/vendor/blamejs/test/layer-0-primitives/no-cache.test.js +98 -0
  1106. package/lib/vendor/blamejs/test/layer-0-primitives/notify.test.js +707 -0
  1107. package/lib/vendor/blamejs/test/layer-0-primitives/numeric-bounds.test.js +142 -0
  1108. package/lib/vendor/blamejs/test/layer-0-primitives/oauth-callback.test.js +72 -0
  1109. package/lib/vendor/blamejs/test/layer-0-primitives/observability-tracing.test.js +597 -0
  1110. package/lib/vendor/blamejs/test/layer-0-primitives/observability.test.js +190 -0
  1111. package/lib/vendor/blamejs/test/layer-0-primitives/openapi.test.js +877 -0
  1112. package/lib/vendor/blamejs/test/layer-0-primitives/otel-export.test.js +257 -0
  1113. package/lib/vendor/blamejs/test/layer-0-primitives/pagination.test.js +522 -0
  1114. package/lib/vendor/blamejs/test/layer-0-primitives/parsers-standalone.test.js +216 -0
  1115. package/lib/vendor/blamejs/test/layer-0-primitives/passkey.test.js +324 -0
  1116. package/lib/vendor/blamejs/test/layer-0-primitives/permissions.test.js +546 -0
  1117. package/lib/vendor/blamejs/test/layer-0-primitives/pqc-agent-curve.test.js +153 -0
  1118. package/lib/vendor/blamejs/test/layer-0-primitives/pqc-software.test.js +94 -0
  1119. package/lib/vendor/blamejs/test/layer-0-primitives/problem-details.test.js +195 -0
  1120. package/lib/vendor/blamejs/test/layer-0-primitives/process-spawn.test.js +62 -0
  1121. package/lib/vendor/blamejs/test/layer-0-primitives/promise-pool.test.js +93 -0
  1122. package/lib/vendor/blamejs/test/layer-0-primitives/protected-resource-metadata.test.js +68 -0
  1123. package/lib/vendor/blamejs/test/layer-0-primitives/protobuf-encoder.test.js +138 -0
  1124. package/lib/vendor/blamejs/test/layer-0-primitives/protocol-dispatcher.test.js +174 -0
  1125. package/lib/vendor/blamejs/test/layer-0-primitives/public-suffix.test.js +197 -0
  1126. package/lib/vendor/blamejs/test/layer-0-primitives/pubsub.test.js +232 -0
  1127. package/lib/vendor/blamejs/test/layer-0-primitives/queue-dlq-extend-lease.test.js +178 -0
  1128. package/lib/vendor/blamejs/test/layer-0-primitives/queue-flow-repeat.test.js +322 -0
  1129. package/lib/vendor/blamejs/test/layer-0-primitives/queue-priority-rate-progress.test.js +266 -0
  1130. package/lib/vendor/blamejs/test/layer-0-primitives/queue-sqs.test.js +300 -0
  1131. package/lib/vendor/blamejs/test/layer-0-primitives/rate-limit-cluster.test.js +338 -0
  1132. package/lib/vendor/blamejs/test/layer-0-primitives/rate-limit-registry.test.js +75 -0
  1133. package/lib/vendor/blamejs/test/layer-0-primitives/redact-dlp.test.js +246 -0
  1134. package/lib/vendor/blamejs/test/layer-0-primitives/redis-client.test.js +130 -0
  1135. package/lib/vendor/blamejs/test/layer-0-primitives/request-helpers.test.js +335 -0
  1136. package/lib/vendor/blamejs/test/layer-0-primitives/request-log.test.js +170 -0
  1137. package/lib/vendor/blamejs/test/layer-0-primitives/require-auth-cache-control.test.js +93 -0
  1138. package/lib/vendor/blamejs/test/layer-0-primitives/require-mtls.test.js +34 -0
  1139. package/lib/vendor/blamejs/test/layer-0-primitives/resource-access-lock.test.js +52 -0
  1140. package/lib/vendor/blamejs/test/layer-0-primitives/retention-floor.test.js +67 -0
  1141. package/lib/vendor/blamejs/test/layer-0-primitives/retry.test.js +535 -0
  1142. package/lib/vendor/blamejs/test/layer-0-primitives/router-cross-origin-redirect.test.js +0 -0
  1143. package/lib/vendor/blamejs/test/layer-0-primitives/router-tls0rtt.test.js +128 -0
  1144. package/lib/vendor/blamejs/test/layer-0-primitives/safe-async-loops.test.js +163 -0
  1145. package/lib/vendor/blamejs/test/layer-0-primitives/safe-async-parallel.test.js +170 -0
  1146. package/lib/vendor/blamejs/test/layer-0-primitives/safe-decompress.test.js +248 -0
  1147. package/lib/vendor/blamejs/test/layer-0-primitives/safe-dns.test.js +451 -0
  1148. package/lib/vendor/blamejs/test/layer-0-primitives/safe-ical.test.js +289 -0
  1149. package/lib/vendor/blamejs/test/layer-0-primitives/safe-icap.test.js +206 -0
  1150. package/lib/vendor/blamejs/test/layer-0-primitives/safe-jsonpath.test.js +104 -0
  1151. package/lib/vendor/blamejs/test/layer-0-primitives/safe-mime.test.js +339 -0
  1152. package/lib/vendor/blamejs/test/layer-0-primitives/safe-mount-info.test.js +180 -0
  1153. package/lib/vendor/blamejs/test/layer-0-primitives/safe-path.test.js +78 -0
  1154. package/lib/vendor/blamejs/test/layer-0-primitives/safe-sieve.test.js +123 -0
  1155. package/lib/vendor/blamejs/test/layer-0-primitives/safe-smtp.test.js +95 -0
  1156. package/lib/vendor/blamejs/test/layer-0-primitives/safe-url-idn-homograph.test.js +77 -0
  1157. package/lib/vendor/blamejs/test/layer-0-primitives/safe-vcard.test.js +257 -0
  1158. package/lib/vendor/blamejs/test/layer-0-primitives/saml-slo.test.js +249 -0
  1159. package/lib/vendor/blamejs/test/layer-0-primitives/sandbox.test.js +228 -0
  1160. package/lib/vendor/blamejs/test/layer-0-primitives/scheduler-exactly-once.test.js +238 -0
  1161. package/lib/vendor/blamejs/test/layer-0-primitives/scim-server.test.js +92 -0
  1162. package/lib/vendor/blamejs/test/layer-0-primitives/sd-jwt-vc.test.js +700 -0
  1163. package/lib/vendor/blamejs/test/layer-0-primitives/sd-notify.test.js +67 -0
  1164. package/lib/vendor/blamejs/test/layer-0-primitives/sec-cyber.test.js +85 -0
  1165. package/lib/vendor/blamejs/test/layer-0-primitives/security-assert.test.js +107 -0
  1166. package/lib/vendor/blamejs/test/layer-0-primitives/security-headers.test.js +175 -0
  1167. package/lib/vendor/blamejs/test/layer-0-primitives/seeders.test.js +816 -0
  1168. package/lib/vendor/blamejs/test/layer-0-primitives/self-update-standalone-verifier.test.js +168 -0
  1169. package/lib/vendor/blamejs/test/layer-0-primitives/self-update.test.js +302 -0
  1170. package/lib/vendor/blamejs/test/layer-0-primitives/server-timing.test.js +93 -0
  1171. package/lib/vendor/blamejs/test/layer-0-primitives/session-device-binding.test.js +247 -0
  1172. package/lib/vendor/blamejs/test/layer-0-primitives/session-extensions.test.js +295 -0
  1173. package/lib/vendor/blamejs/test/layer-0-primitives/shape-match.test.js +142 -0
  1174. package/lib/vendor/blamejs/test/layer-0-primitives/sigv4-bucket-ops.test.js +952 -0
  1175. package/lib/vendor/blamejs/test/layer-0-primitives/sigv4-multipart-sse.test.js +441 -0
  1176. package/lib/vendor/blamejs/test/layer-0-primitives/slug.test.js +330 -0
  1177. package/lib/vendor/blamejs/test/layer-0-primitives/smtp-policy.test.js +233 -0
  1178. package/lib/vendor/blamejs/test/layer-0-primitives/source-comment-blocks.test.js +105 -0
  1179. package/lib/vendor/blamejs/test/layer-0-primitives/speculation-rules.test.js +319 -0
  1180. package/lib/vendor/blamejs/test/layer-0-primitives/sse.test.js +148 -0
  1181. package/lib/vendor/blamejs/test/layer-0-primitives/ssrf-guard.test.js +283 -0
  1182. package/lib/vendor/blamejs/test/layer-0-primitives/standard-webhooks.test.js +67 -0
  1183. package/lib/vendor/blamejs/test/layer-0-primitives/static.test.js +266 -0
  1184. package/lib/vendor/blamejs/test/layer-0-primitives/step-up.test.js +487 -0
  1185. package/lib/vendor/blamejs/test/layer-0-primitives/storage-chunk-scratch.test.js +0 -0
  1186. package/lib/vendor/blamejs/test/layer-0-primitives/storage-presigned-url.test.js +773 -0
  1187. package/lib/vendor/blamejs/test/layer-0-primitives/stream-throttle.test.js +173 -0
  1188. package/lib/vendor/blamejs/test/layer-0-primitives/structured-fields.test.js +180 -0
  1189. package/lib/vendor/blamejs/test/layer-0-primitives/tcpa-10dlc.test.js +66 -0
  1190. package/lib/vendor/blamejs/test/layer-0-primitives/tenant-quota.test.js +89 -0
  1191. package/lib/vendor/blamejs/test/layer-0-primitives/test-coverage.test.js +571 -0
  1192. package/lib/vendor/blamejs/test/layer-0-primitives/test-harness.test.js +190 -0
  1193. package/lib/vendor/blamejs/test/layer-0-primitives/testing-request.test.js +119 -0
  1194. package/lib/vendor/blamejs/test/layer-0-primitives/testing.test.js +522 -0
  1195. package/lib/vendor/blamejs/test/layer-0-primitives/time.test.js +151 -0
  1196. package/lib/vendor/blamejs/test/layer-0-primitives/tls-exporter.test.js +168 -0
  1197. package/lib/vendor/blamejs/test/layer-0-primitives/tls-ocsp-ct.test.js +275 -0
  1198. package/lib/vendor/blamejs/test/layer-0-primitives/tls-ocsp-verify.test.js +105 -0
  1199. package/lib/vendor/blamejs/test/layer-0-primitives/tls-pinset-drift.test.js +35 -0
  1200. package/lib/vendor/blamejs/test/layer-0-primitives/tls-preferred-groups.test.js +81 -0
  1201. package/lib/vendor/blamejs/test/layer-0-primitives/tracing.test.js +280 -0
  1202. package/lib/vendor/blamejs/test/layer-0-primitives/uuid.test.js +93 -0
  1203. package/lib/vendor/blamejs/test/layer-0-primitives/vault-aad.test.js +277 -0
  1204. package/lib/vendor/blamejs/test/layer-0-primitives/vault-seal-pem-file.test.js +252 -0
  1205. package/lib/vendor/blamejs/test/layer-0-primitives/vendor-data.test.js +149 -0
  1206. package/lib/vendor/blamejs/test/layer-0-primitives/vendor-manifest.test.js +92 -0
  1207. package/lib/vendor/blamejs/test/layer-0-primitives/vex.test.js +661 -0
  1208. package/lib/vendor/blamejs/test/layer-0-primitives/watcher.test.js +308 -0
  1209. package/lib/vendor/blamejs/test/layer-0-primitives/web-push-vapid.test.js +144 -0
  1210. package/lib/vendor/blamejs/test/layer-0-primitives/webhook.test.js +674 -0
  1211. package/lib/vendor/blamejs/test/layer-0-primitives/websocket-channels.test.js +360 -0
  1212. package/lib/vendor/blamejs/test/layer-0-primitives/worker-pool.test.js +302 -0
  1213. package/lib/vendor/blamejs/test/layer-0-primitives/ws-client.test.js +349 -0
  1214. package/lib/vendor/blamejs/test/layer-1-state/api-key.test.js +717 -0
  1215. package/lib/vendor/blamejs/test/layer-5-integration/bundler-output.test.js +444 -0
  1216. package/lib/vendor/blamejs/test/layer-5-integration/guard-host-integration.test.js +597 -0
  1217. package/lib/vendor/blamejs/test/layer-5-integration/security-chaos.test.js +308 -0
  1218. package/lib/vendor/blamejs/test/smoke.js +431 -0
  1219. package/lib/webhooks.js +305 -0
  1220. package/package.json +43 -0
package/lib/vendor/blamejs/lib/file-upload.js ADDED
@@ -0,0 +1,1256 @@
1
+ "use strict";
2
+ /**
3
+ * @module b.fileUpload
4
+ * @nav HTTP
5
+ * @title File Upload
6
+ *
7
+ * @intro
8
+ * Streaming multipart upload with content-safety guards wired on
9
+ * by default. Init / acceptChunk / finalize lifecycle: operator
10
+ * calls `init` to allocate per-upload staging, streams chunks via
11
+ * `acceptChunk` (each carrying its own SHA3-512 hex), then calls
12
+ * `finalize` with a manifest so the framework can verify per-chunk
13
+ * + total hash, sniff magic bytes against an `allowedFileTypes`
14
+ * allowlist, and hand off to the operator's `onFinalize` (buffer
15
+ * for small uploads, Readable stream above `maxStreamReassemblyBytes`).
16
+ *
17
+ * Default-on safety: `b.guardAll.byExtension({ profile: "strict" })`
18
+ * for content gating and `b.guardFilename.gate({ profile: "strict" })`
19
+ * for filename gating. Operators opt out via `contentSafety: null`
20
+ * / `filenameSafety: null` (audited at create time so a security
21
+ * review can find the disabled-on-deploy rows). Per-chunk hooks
22
+ * (`onChunk`) are the integration point for virus scanners and
23
+ * schema-shape checks; rejecting from the hook surfaces as a
24
+ * permanent `FileUploadError`.
25
+ *
26
+ * Quotas: `maxFileBytes`, `maxChunkBytes`, `maxStagingBytes`,
27
+ * `maxActiveUploadsPerActor`, `maxChunks`, `incompleteTtlMs`,
28
+ * `maxIdleMs`. `purgeIncomplete()` reclaims TTL'd / idle staging
29
+ * directories — operators wire it to `b.scheduler` for a cron-shaped
30
+ * sweep. Permission scopes (`fileUpload.init` / `accept` / `finalize`
31
+ * / `status` / `list` / `cancel`) are checked through `b.permissions`
32
+ * when wired.
33
+ *
34
+ * @card
35
+ * Streaming multipart upload with content-safety guards wired on by default.
36
+ */
37
+ /**
38
+ * b.fileUpload — chunked file upload primitive.
39
+ *
40
+ * var uploads = b.fileUpload.create({
41
+ * stagingDir: "/var/lib/myapp/uploads",
42
+ * maxFileBytes: C.BYTES.gib(2),
43
+ * maxChunkBytes: C.BYTES.mib(8),
44
+ * maxStreamReassemblyBytes: C.BYTES.mib(64), // > this → stream onFinalize
45
+ * maxStagingBytes: C.BYTES.gib(50),
46
+ * maxActiveUploadsPerActor: 5,
47
+ * maxChunks: 16384,
48
+ * incompleteTtlMs: C.TIME.hours(24),
49
+ * maxIdleMs: C.TIME.minutes(30),
50
+ * allowedFileTypes: ["image/jpeg", "image/png", "application/pdf"],
51
+ * audit: b.audit,
52
+ * observability: b.observability,
53
+ * permissions: b.permissions, // optional
54
+ * fileType: b.fileType, // optional — needed for allowedFileTypes
55
+ * onChunk: async function (info) { ... }, // optional per-chunk hook
56
+ * onFinalize: async function (info) { ... }, // operator decides final storage
57
+ * });
58
+ *
59
+ * // Lifecycle:
60
+ * var initRv = await uploads.init({ uploadId, metadata, actor });
61
+ * await uploads.acceptChunk({ uploadId, index, body, sha3, actor });
62
+ * var rv = await uploads.finalize({ uploadId, manifest, actor });
63
+ *
64
+ * // Operator dashboards:
65
+ * var st = uploads.status(uploadId, { actor }); // { received, totalBytesAccepted, createdAt, ... }
66
+ * var active = uploads.list({ actor }); // active uploads for this actor
67
+ * await uploads.cancelUpload(uploadId, { actor }); // operator-cancel
68
+ *
69
+ * // Periodic cleanup (wire to b.scheduler):
70
+ * await uploads.purgeIncomplete(); // → { purged, ids }
71
+ *
72
+ * Surface (returned by create):
73
+ *
74
+ * init(opts) → { uploadId, expiresAt, ... }
75
+ * Allocates staging dir, stores metadata + actor +
76
+ * createdAt. Required before acceptChunk. Permission-
77
+ * checked: action "fileUpload.init".
78
+ *
79
+ * acceptChunk(opts) → { received, totalBytesAccepted, status }
80
+ * Validates body length + per-chunk SHA3-512.
81
+ * Per-chunk hook (onChunk) runs before write.
82
+ * Permission-checked: action "fileUpload.accept".
83
+ * Idempotent on re-PUT of same (uploadId, index)
84
+ * with matching body.
85
+ *
86
+ * finalize(opts) → result of onFinalize (or framework default)
87
+ * Walks chunks in manifest order, verifies per-chunk
88
+ * + total SHA3-512, sniffs MIME (when fileType
89
+ * wired) and gates against allowedFileTypes, hands
90
+ * assembled buffer (or readable stream when size >
91
+ * maxStreamReassemblyBytes) to onFinalize. Removes
92
+ * staging dir on success. Permission-checked:
93
+ * action "fileUpload.finalize".
94
+ *
95
+ * status(uploadId, opts) → { received, totalBytesAccepted, createdAt,
96
+ * lastChunkAt, metadata, expiresAt } | null
97
+ * Permission-checked: action "fileUpload.status".
98
+ * Returns null if upload not found.
99
+ *
100
+ * list(opts) → [{ uploadId, metadata, createdAt, lastChunkAt,
101
+ * totalBytesAccepted, actor }]
102
+ * Operator dashboards. Permission-checked: action
103
+ * "fileUpload.list". Filter by actor + since.
104
+ *
105
+ * cancelUpload(id,opts) → { ok, uploadId }
106
+ * Force-removes staging. Permission-checked:
107
+ * action "fileUpload.cancel".
108
+ *
109
+ * purgeIncomplete() → { purged: N, ids: [string] }
110
+ * Reclaims staging dirs that exceeded
111
+ * incompleteTtlMs (since createdAt) OR maxIdleMs
112
+ * (since lastChunkAt). Operator wires to
113
+ * b.scheduler or triggers on-demand.
114
+ *
115
+ * close() → void
116
+ * Lifecycle parity with other framework primitives.
117
+ *
118
+ * Design posture:
119
+ *
120
+ * - **init() before any chunk**: explicit lifecycle. Init records
121
+ * createdAt + actor + metadata + signing key in a per-upload sidecar
122
+ * so subsequent acceptChunk / finalize / status calls can authenticate
123
+ * and audit consistently.
124
+ *
125
+ * - **Framework owns chunk lifecycle**, not final storage. Operator
126
+ * decides via `onFinalize` what to do with the assembled buffer
127
+ * OR streamed chunks. Framework doesn't dictate the storage layer.
128
+ *
129
+ * - **SHA3-512** is the hash. PQC-first; SHA-256 is not offered.
130
+ * Per-chunk hash + total hash both verified.
131
+ *
132
+ * - **Stream reassembly above maxStreamReassemblyBytes**: in-memory
133
+ * Buffer.concat of a 2 GiB upload would OOM the process. When the
134
+ * upload exceeds the threshold, finalize calls onFinalize with a
135
+ * readable stream reading the chunk files in order; the body
136
+ * parameter is null. Operator pipes to disk / S3 / etc.
137
+ *
138
+ * - **MIME / file-type gate**: when allowedFileTypes is set and the
139
+ * fileType primitive is wired, finalize sniffs the assembled bytes
140
+ * (or first chunk for streamed uploads) and rejects if the magic
141
+ * bytes don't classify into one of the allowed types. Defense
142
+ * against `.exe disguised as .jpg` and similar mismatches.
143
+ *
144
+ * - **Per-actor + total staging quotas**: maxActiveUploadsPerActor
145
+ * prevents one actor from holding open dozens of uploads;
146
+ * maxStagingBytes prevents the staging dir from filling the disk
147
+ * across all actors. Both checked at init() time before any
148
+ * filesystem allocation.
149
+ *
150
+ * - **Permissions integration**: when `permissions` opt is wired,
151
+ * every operator-facing call checks the action via
152
+ * `permissions.check(actor, "fileUpload.<op>")` before acting.
153
+ * Action names: init / accept / finalize / status / list / cancel.
154
+ *
155
+ * - **Tombstone cleanup**: purgeIncomplete() walks staging entries
156
+ * and reclaims those exceeding incompleteTtlMs (since createdAt)
157
+ * OR maxIdleMs (since lastChunkAt — for in-flight uploads
158
+ * abandoned mid-stream). Audit emission on every purge.
159
+ *
160
+ * - **Validation errors are permanent**: chunk-hash mismatch,
161
+ * oversized chunk, oversized total file, manifest verification
162
+ * failure, MIME-type rejection, quota exhaustion all throw
163
+ * `FileUploadError` with `permanent: true` — no retry will
164
+ * succeed.
165
+ *
166
+ * Security defaults:
167
+ *
168
+ * - Per-chunk SHA3-512 mandatory.
169
+ * - Upload ID format: 1-128 chars from [A-Za-z0-9._-]; hostile
170
+ * values (`..`, `/`, `\`, `\0`, glob chars) refused.
171
+ * - Staging dir mode 0o700.
172
+ * - allowedFileTypes default empty (no whitelist; operator opts in).
173
+ * When set without fileType primitive wired, finalize throws at
174
+ * create() — fail-fast on misconfig.
175
+ *
176
+ * What this primitive intentionally does NOT do:
177
+ *
178
+ * - Resumable uploads via Range header — operator builds on top by
179
+ * reading status()'s `received` indices and resuming at index N+1
180
+ * client-side.
181
+ * - Direct browser → S3 presigned-PUT bypass — operators with that
182
+ * requirement use b.objectStore.presignedUploadUrl directly.
183
+ * - Background virus scanning — onChunk hook is the integration
184
+ * point. Operator wires their scanner of choice.
185
+ */
186
+
187
+ var nodeFs = require("node:fs");
188
+ var nodePath = require("node:path");
189
+ var nodeStream = require("node:stream");
190
+ var atomicFile = require("./atomic-file");
191
+ var C = require("./constants");
192
+ var bCrypto = require("./crypto");
193
+ var gateContract = require("./gate-contract");
194
+ var lazyRequire = require("./lazy-require");
195
+ var numericBounds = require("./numeric-bounds");
196
+ var requestHelpers = require("./request-helpers");
197
+ var safeBuffer = require("./safe-buffer");
198
+ var safeJson = require("./safe-json");
199
+ var validateOpts = require("./validate-opts");
200
+ var { FileUploadError } = require("./framework-error");
201
+
202
+ // guard-* family is wired on by default; lazy-loaded to avoid eager
203
+ // import cycles (guards consume framework primitives that may not be
204
+ // resolved at file-upload load-time).
205
+ var guardAll = lazyRequire(function () { return require("./guard-all"); });
206
+ var guardFilename = lazyRequire(function () { return require("./guard-filename"); });
207
+
208
+ var _err = FileUploadError.factory;
209
+
210
+ var DEFAULTS = Object.freeze({
211
+ maxFileBytes: C.BYTES.gib(2),
212
+ maxChunkBytes: C.BYTES.mib(8),
213
+ maxStreamReassemblyBytes: C.BYTES.mib(64),
214
+ maxStagingBytes: C.BYTES.gib(50),
215
+ maxActiveUploadsPerActor: 0x10,
216
+ maxChunks: 0x4000,
217
+ incompleteTtlMs: C.TIME.hours(24),
218
+ maxIdleMs: C.TIME.minutes(30),
219
+ // Empty array = no MIME allowlist gate (any type accepted).
220
+ allowedFileTypes: Object.freeze([]),
221
+ });
222
+
223
+ // SHA3-512 produces 64 bytes; named here so the chunk + manifest
224
+ // hash-shape checks read intentionally instead of as a raw 128.
225
+ var SHA3_512_HEX_LENGTH = C.BYTES.bytes(128);
226
+ // Cap on the bytes the per-upload sidecar files can grow to.
227
+ var SIDECAR_MAX_BYTES = C.BYTES.kib(256);
228
+ // Metadata cap — operators stash filename / mimeType / app-bag here.
229
+ // 64 KiB is generous for normal use and refuses payloads that look
230
+ // like the operator is trying to use the upload sidecar as a row store.
231
+ var METADATA_MAX_BYTES = C.BYTES.kib(64);
232
+
233
+ var UPLOAD_ID_RE = /^[A-Za-z0-9._-]+$/;
234
+ var UPLOAD_ID_MAX_LENGTH = C.BYTES.bytes(128);
235
+
236
+ function _validateUploadId(id) {
237
+ if (typeof id !== "string" ||
238
+ id.length === 0 ||
239
+ id.length > UPLOAD_ID_MAX_LENGTH ||
240
+ !UPLOAD_ID_RE.test(id)) {
241
+ var ID_PREVIEW_CHARS = C.BYTES.bytes(64);
242
+ throw _err("BAD_UPLOAD_ID",
243
+ "fileUpload: uploadId must be 1-128 chars matching " + UPLOAD_ID_RE +
244
+ " (path-traversal-hostile inputs refused before any filesystem op), got " +
245
+ JSON.stringify(typeof id === "string" ? id.slice(0, ID_PREVIEW_CHARS) : id));
246
+ }
247
+ return id;
248
+ }
249
+
250
+ function _validateCreateOpts(opts) {
251
+ validateOpts.requireObject(opts, "fileUpload.create", FileUploadError);
252
+ validateOpts.requireNonEmptyString(opts.stagingDir, "fileUpload.create: stagingDir", FileUploadError);
253
+ if (!nodePath.isAbsolute(opts.stagingDir)) {
254
+ throw _err("BAD_OPT", "fileUpload.create: stagingDir must be an absolute path, got " +
255
+ JSON.stringify(opts.stagingDir));
256
+ }
257
+ validateOpts.optionalFunction(opts.onFinalize, "fileUpload.create: onFinalize", FileUploadError);
258
+ validateOpts.optionalFunction(opts.onChunk, "fileUpload.create: onChunk", FileUploadError);
259
+ numericBounds.requireAllPositiveFiniteIntIfPresent(opts,
260
+ ["maxFileBytes", "maxChunkBytes", "maxStreamReassemblyBytes",
261
+ "maxStagingBytes", "maxActiveUploadsPerActor"],
262
+ "fileUpload.create", FileUploadError, "BAD_OPT");
263
+ numericBounds.requireNonNegativeFiniteIntIfPresent(opts.incompleteTtlMs,
264
+ "fileUpload.create: incompleteTtlMs", FileUploadError, "BAD_OPT");
265
+ numericBounds.requireNonNegativeFiniteIntIfPresent(opts.maxIdleMs,
266
+ "fileUpload.create: maxIdleMs", FileUploadError, "BAD_OPT");
267
+ numericBounds.requirePositiveFiniteIntIfPresent(opts.maxChunks,
268
+ "fileUpload.create: maxChunks", FileUploadError, "BAD_OPT");
269
+ validateOpts.auditShape(opts.audit, "fileUpload.create", FileUploadError);
270
+ validateOpts.observabilityShape(opts.observability, "fileUpload.create", FileUploadError);
271
+ validateOpts.optionalFunction(opts.clock, "fileUpload.create: clock", FileUploadError);
272
+ // allowedFileTypes — operator's MIME allowlist. Empty / undefined
273
+ // disables the gate. Setting it without wiring a fileType primitive
274
+ // is a misconfig — the gate would have nothing to enforce against.
275
+ validateOpts.optionalNonEmptyStringArray(opts.allowedFileTypes,
276
+ "fileUpload.create: allowedFileTypes", FileUploadError, "BAD_OPT");
277
+ if (Array.isArray(opts.allowedFileTypes) && opts.allowedFileTypes.length > 0 &&
278
+ (!opts.fileType || typeof opts.fileType.detect !== "function")) {
279
+ throw _err("BAD_OPT",
280
+ "fileUpload.create: allowedFileTypes is set but fileType primitive is not wired " +
281
+ "(pass fileType: b.fileType so the framework can sniff magic bytes at finalize)");
282
+ }
283
+ // permissions — when set, must expose check(actor, scope) → boolean.
284
+ validateOpts.optionalObjectWithMethod(opts.permissions, "check",
285
+ "fileUpload.create: permissions", FileUploadError, "BAD_OPT",
286
+ "must be a b.permissions instance (check fn)");
287
+ // contentSafety — extension-keyed gate map for per-extension content
288
+ // validation. Default behaviour: when undefined, the framework wires
289
+ // b.guardAll.byExtension({ profile: "strict" }) automatically so every
290
+ // shipped guard is ON by default. Explicit opt-out: contentSafety:
291
+ // null (audited at create() time so a security review can reconstruct
292
+ // which deploys disabled the default-on protection).
293
+ // Example: contentSafety: { ".csv": b.guardCsv.gate({ profile: "strict" }) }
294
+ if (opts.contentSafety !== undefined && opts.contentSafety !== null) {
295
+ validateOpts.optionalPlainObject(opts.contentSafety,
296
+ "fileUpload.create: contentSafety", FileUploadError, "BAD_OPT",
297
+ "must be a plain { ext: gate } object, null to opt out, or " +
298
+ "undefined for the default-on b.guardAll wiring");
299
+ var safetyKeys = Object.keys(opts.contentSafety);
300
+ for (var sk = 0; sk < safetyKeys.length; sk++) {
301
+ var ext = safetyKeys[sk];
302
+ var g = opts.contentSafety[ext];
303
+ if (!g || typeof g.check !== "function") {
304
+ throw _err("BAD_OPT",
305
+ "fileUpload.create: contentSafety[" + JSON.stringify(ext) +
306
+ "] must be a gate (b.guardCsv.gate / b.guardHtml.gate / etc.)");
307
+ }
308
+ }
309
+ }
310
+ // filenameSafety — single gate for filename validation. Default: on.
311
+ // Operator opts out with filenameSafety: null (audited).
312
+ if (opts.filenameSafety !== undefined && opts.filenameSafety !== null) {
313
+ validateOpts.optionalObjectWithMethod(opts.filenameSafety, "check",
314
+ "fileUpload.create: filenameSafety", FileUploadError, "BAD_OPT",
315
+ "must be a gate (b.guardFilename.gate(...)), null to opt out, or " +
316
+ "undefined for the default-on wiring");
317
+ }
318
+ }
319
+
320
+ /**
321
+ * @primitive b.fileUpload.create
322
+ * @signature b.fileUpload.create(opts)
323
+ * @since 0.7.2
324
+ * @related b.fileType.detect, b.fileType.assertOneOf
325
+ *
326
+ * Builds an upload manager bound to `opts.stagingDir`. The returned
327
+ * object exposes `init`, `acceptChunk`, `finalize`, `status`, `list`,
328
+ * `cancelUpload`, `purgeIncomplete`, and `close`. Uploads are written
329
+ * chunk-per-file under a per-upload directory (mode 0o700); finalize
330
+ * walks the manifest in order, verifies per-chunk + total SHA3-512,
331
+ * runs the magic-byte allowlist (when `allowedFileTypes` is set), and
332
+ * hands the assembled buffer (or a stream above `maxStreamReassemblyBytes`)
333
+ * to the operator's `onFinalize`.
334
+ *
335
+ * Per-chunk and per-upload audits flow through the wired `audit` and
336
+ * `observability` instances. Quota refusals, hash mismatches, MIME-claim
337
+ * disagreement, filename-safety refusal, and content-safety refusal all
338
+ * throw `FileUploadError` with `permanent: true` — no retry succeeds.
339
+ *
340
+ * @opts
341
+ * stagingDir: string, // absolute path; created mode 0o700 if missing
342
+ * maxFileBytes: number, // default 2 GiB
343
+ * maxChunkBytes: number, // default 8 MiB
344
+ * maxStreamReassemblyBytes: number, // above this finalize streams; default 64 MiB
345
+ * maxStagingBytes: number, // default 50 GiB
346
+ * maxActiveUploadsPerActor: number, // default 16
347
+ * maxChunks: number, // default 16384
348
+ * incompleteTtlMs: number, // since createdAt; default 24h
349
+ * maxIdleMs: number, // since lastChunkAt; default 30m
350
+ * allowedFileTypes: string[], // MIME allowlist; "image/*" wildcard supported
351
+ * audit: b.audit,
352
+ * observability: b.observability,
353
+ * permissions: b.permissions, // optional; gates init/accept/finalize/status/list/cancel
354
+ * fileType: b.fileType, // required when allowedFileTypes is non-empty
355
+ * contentSafety: Object | null, // ext→gate map; null = audited opt-out; undefined = b.guardAll.byExtension({ profile: "strict" })
356
+ * filenameSafety: Object | null, // gate; null = audited opt-out; undefined = b.guardFilename.gate({ profile: "strict" })
357
+ * onChunk: async function (info), // optional per-chunk hook
358
+ * onFinalize: async function (info), // operator decides final storage
359
+ * clock: function () → number, // test-fixture clock; default Date.now
360
+ *
361
+ * @example
362
+ * var uploads = b.fileUpload.create({
363
+ * stagingDir: "/var/lib/myapp/uploads",
364
+ * maxFileBytes: C.BYTES.gib(2),
365
+ * allowedFileTypes: ["image/png", "image/jpeg", "application/pdf"],
366
+ * fileType: b.fileType,
367
+ * audit: b.audit,
368
+ * observability: b.observability,
369
+ * onFinalize: async function (info) {
370
+ * // → info.body / info.stream → operator's storage layer
371
+ * return { ok: true, sha3: info.sha3, size: info.size };
372
+ * },
373
+ * });
374
+ *
375
+ * await uploads.init({ uploadId: "u-1", actor: { id: "ada" }, metadata: { filename: "photo.png" } });
376
+ * // → { uploadId: "u-1", createdAt: 1762560000000, expiresAt: 1762646400000 }
377
+ */
378
+ function create(opts) {
379
+ _validateCreateOpts(opts);
380
+ var cfg = validateOpts.applyDefaults(opts, DEFAULTS);
381
+ var stagingDir = opts.stagingDir;
382
+ var onFinalize = opts.onFinalize || null;
383
+ var onChunk = opts.onChunk || null;
384
+ var fileType = opts.fileType || null;
385
+ var permissions = opts.permissions || null;
386
+ // ---- Default-on safety wiring ----
387
+ // contentSafety: undefined → wire b.guardAll.byExtension({ profile: "strict" })
388
+ // contentSafety: null → explicit opt-out, audit row emitted
389
+ // contentSafety: { ... } → use operator-supplied map
390
+ var contentSafety;
391
+ if (opts.contentSafety === undefined) {
392
+ // Strict profile is the security-correct default — every shipped
393
+ // guard's full threat catalog refused, including dangerous tags
394
+ // (script / style / iframe), event handlers, dangerous URL
395
+ // schemes, formula injection, DOCTYPE / SVGZ / animation-href
396
+ // hijack. Operators who need a broader content vocabulary opt up
397
+ // explicitly via contentSafety: b.guardAll.byExtension({
398
+ // profile: "balanced" | "permissive" }).
399
+ contentSafety = guardAll().byExtension({
400
+ profile: "strict",
401
+ audit: opts.audit,
402
+ observability: opts.observability,
403
+ });
404
+ } else if (opts.contentSafety === null) {
405
+ if (opts.audit && typeof opts.audit.safeEmit === "function") {
406
+ try {
407
+ opts.audit.safeEmit({
408
+ action: "fileUpload.contentSafety.disabled",
409
+ actor: {},
410
+ outcome: "success",
411
+ metadata: {
412
+ reason: opts.contentSafetyDisabledReason || "operator-explicit-opt-out",
413
+ },
414
+ });
415
+ } catch (_e) { /* audit best-effort */ }
416
+ }
417
+ contentSafety = null;
418
+ } else {
419
+ contentSafety = opts.contentSafety;
420
+ }
421
+ // filenameSafety: undefined → b.guardFilename.gate({ profile: "strict" })
422
+ // filenameSafety: null → explicit opt-out, audit row emitted
423
+ // filenameSafety: gate → use operator-supplied gate
424
+ var filenameSafety;
425
+ if (opts.filenameSafety === undefined) {
426
+ // Strict filename profile: ASCII-only, single-dot, 64-byte leaf
427
+ // cap, refuses every shell-exec extension (.exe / .bat / .vbs /
428
+ // .ps1 / .lnk / .scr / .dll / .so / .dmg / .msi / etc.). Operators
429
+ // accepting Unicode filenames or executable-extension artifacts
430
+ // opt up explicitly via filenameSafety: b.guardFilename.gate({
431
+ // profile: "balanced" | "permissive" }).
432
+ filenameSafety = guardFilename().gate({
433
+ profile: "strict",
434
+ audit: opts.audit,
435
+ observability: opts.observability,
436
+ });
437
+ } else if (opts.filenameSafety === null) {
438
+ if (opts.audit && typeof opts.audit.safeEmit === "function") {
439
+ try {
440
+ opts.audit.safeEmit({
441
+ action: "fileUpload.filenameSafety.disabled",
442
+ actor: {},
443
+ outcome: "success",
444
+ metadata: {
445
+ reason: opts.filenameSafetyDisabledReason || "operator-explicit-opt-out",
446
+ },
447
+ });
448
+ } catch (_e) { /* audit best-effort */ }
449
+ }
450
+ filenameSafety = null;
451
+ } else {
452
+ filenameSafety = opts.filenameSafety;
453
+ }
454
+ var maxFileBytes = cfg.maxFileBytes;
455
+ var maxChunkBytes = cfg.maxChunkBytes;
456
+ var maxStreamReassemblyBytes = cfg.maxStreamReassemblyBytes;
457
+ var maxStagingBytes = cfg.maxStagingBytes;
458
+ var maxActiveUploadsPerActor = cfg.maxActiveUploadsPerActor;
459
+ var maxChunks = cfg.maxChunks;
460
+ var incompleteTtlMs = cfg.incompleteTtlMs;
461
+ var maxIdleMs = cfg.maxIdleMs;
462
+ var allowedFileTypes = cfg.allowedFileTypes;
463
+ var audit = opts.audit || null;
464
+ var clock = opts.clock || function () { return Date.now(); };
465
+
466
+ var _emitAudit = validateOpts.makeAuditEmitter(audit);
467
+ function _emitObs(name, value, labels) {
468
+ if (opts.observability) opts.observability.safeEvent(name, value, labels || {});
469
+ }
470
+
471
+ // Staging dir mode 0o700 — only the framework process reads its own
472
+ // staging files.
473
+ atomicFile.ensureDir(stagingDir, 0o700);
474
+
475
+ function _uploadDir(uploadId) { return nodePath.join(stagingDir, uploadId); }
476
+ function _chunkPath(uploadId, index) { return nodePath.join(_uploadDir(uploadId), String(index)); }
477
+ function _receivedPath(uploadId) { return nodePath.join(_uploadDir(uploadId), "_received.json"); }
478
+ function _metaPath(uploadId) { return nodePath.join(_uploadDir(uploadId), "_meta.json"); }
479
+
480
+ function _checkPermission(action, actor) {
481
+ if (!permissions) return;
482
+ var allowed;
483
+ try { allowed = permissions.check(actor, "fileUpload." + action); }
484
+ catch (_e) { allowed = false; }
485
+ if (!allowed) {
486
+ _emitObs("fileUpload.permission_denied", 1, { action: action });
487
+ throw _err("PERMISSION_DENIED",
488
+ "fileUpload." + action + ": actor lacks permission scope 'fileUpload." + action + "'");
489
+ }
490
+ }
491
+
492
+ function _readReceivedIndices(uploadId) {
493
+ var p = _receivedPath(uploadId);
494
+ if (!nodeFs.existsSync(p)) return [];
495
+ try {
496
+ var raw = atomicFile.readSync(p, { maxBytes: SIDECAR_MAX_BYTES });
497
+ var parsed = safeJson.parse(raw.toString("utf8"));
498
+ return Array.isArray(parsed) ? parsed : [];
499
+ } catch (_e) { return []; }
500
+ }
501
+ function _writeReceivedIndices(uploadId, indices) {
502
+ atomicFile.writeSync(_receivedPath(uploadId), JSON.stringify(indices), { mode: 0o600 });
503
+ }
504
+
505
+ function _readMeta(uploadId) {
506
+ var p = _metaPath(uploadId);
507
+ if (!nodeFs.existsSync(p)) return null;
508
+ try {
509
+ var raw = atomicFile.readSync(p, { maxBytes: SIDECAR_MAX_BYTES });
510
+ return safeJson.parse(raw.toString("utf8"));
511
+ } catch (_e) { return null; }
512
+ }
513
+ function _writeMeta(uploadId, meta) {
514
+ atomicFile.writeSync(_metaPath(uploadId), JSON.stringify(meta), { mode: 0o600 });
515
+ }
516
+
517
+ function _actorKey(actor) {
518
+ // Actor identity for quota grouping. id field if present; otherwise
519
+ // anonymous bucket. Operators with un-id'd actors share quota.
520
+ return (actor && (actor.id || actor.userId)) || "_anonymous";
521
+ }
522
+
523
+ function _enumerateUploads() {
524
+ if (!nodeFs.existsSync(stagingDir)) return [];
525
+ var entries;
526
+ try { entries = atomicFile.listDir(stagingDir, { includeStat: true }); }
527
+ catch (_e) { return []; }
528
+ var uploads = [];
529
+ for (var i = 0; i < entries.length; i++) {
530
+ var e = entries[i];
531
+ if (!e.isDirectory) continue;
532
+ var meta = _readMeta(e.name);
533
+ uploads.push({
534
+ uploadId: e.name,
535
+ meta: meta,
536
+ mtimeMs: e.mtimeMs,
537
+ });
538
+ }
539
+ return uploads;
540
+ }
541
+
542
+ function _stagingTotalBytes() {
543
+ var uploads = _enumerateUploads();
544
+ var total = 0;
545
+ for (var i = 0; i < uploads.length; i++) {
546
+ total += (uploads[i].meta && uploads[i].meta.totalBytesAccepted) || 0;
547
+ }
548
+ return total;
549
+ }
550
+
551
+ function _activeUploadsForActor(actorId) {
552
+ var uploads = _enumerateUploads();
553
+ var count = 0;
554
+ for (var i = 0; i < uploads.length; i++) {
555
+ if (uploads[i].meta && uploads[i].meta.actorId === actorId) count += 1;
556
+ }
557
+ return count;
558
+ }
559
+
560
+ // ---- init ----
561
+
562
+ async function init(callerOpts) {
563
+ validateOpts.requireObject(callerOpts, "fileUpload.init", FileUploadError);
564
+ var uploadId = _validateUploadId(callerOpts.uploadId);
565
+ var actor = callerOpts.actor || null;
566
+ var metadata = callerOpts.metadata !== undefined ? callerOpts.metadata : {};
567
+
568
+ _checkPermission("init", actor);
569
+
570
+ if (typeof metadata !== "object" || metadata === null || Array.isArray(metadata)) {
571
+ throw _err("BAD_METADATA",
572
+ "fileUpload.init: metadata must be a plain object (operator app-bag)");
573
+ }
574
+ var metadataJson = JSON.stringify(metadata);
575
+ if (Buffer.byteLength(metadataJson, "utf8") > METADATA_MAX_BYTES) {
576
+ throw _err("METADATA_TOO_LARGE",
577
+ "fileUpload.init: metadata exceeds " + METADATA_MAX_BYTES + " bytes");
578
+ }
579
+
580
+ // Refuse re-init of an existing upload (caller-side bug).
581
+ if (nodeFs.existsSync(_uploadDir(uploadId))) {
582
+ throw _err("UPLOAD_EXISTS",
583
+ "fileUpload.init: upload '" + uploadId + "' already exists; cancel or finalize first");
584
+ }
585
+
586
+ var actorId = _actorKey(actor);
587
+ if (_activeUploadsForActor(actorId) >= maxActiveUploadsPerActor) {
588
+ _emitObs("fileUpload.actor_quota_exceeded", 1);
589
+ throw _err("ACTOR_QUOTA_EXCEEDED",
590
+ "fileUpload.init: actor '" + actorId + "' has " + maxActiveUploadsPerActor +
591
+ " active uploads (cap maxActiveUploadsPerActor)");
592
+ }
593
+ if (_stagingTotalBytes() >= maxStagingBytes) {
594
+ _emitObs("fileUpload.staging_quota_exceeded", 1);
595
+ throw _err("STAGING_QUOTA_EXCEEDED",
596
+ "fileUpload.init: total staging exceeds " + maxStagingBytes + " bytes (maxStagingBytes)");
597
+ }
598
+
599
+ atomicFile.ensureDir(_uploadDir(uploadId), 0o700);
600
+ var now = clock();
601
+ var meta = {
602
+ uploadId: uploadId,
603
+ actorId: actorId,
604
+ metadata: metadata,
605
+ createdAt: now,
606
+ lastChunkAt: now,
607
+ totalBytesAccepted: 0,
608
+ };
609
+ _writeMeta(uploadId, meta);
610
+ _writeReceivedIndices(uploadId, []);
611
+
612
+ _emitObs("fileUpload.init", 1);
613
+ _emitAudit("fileUpload.init", {
614
+ actor: requestHelpers.extractActorContext(actor),
615
+ resource: { kind: "fileUpload", id: uploadId },
616
+ outcome: "success",
617
+ metadata: { metadata: metadata },
618
+ });
619
+
620
+ return {
621
+ uploadId: uploadId,
622
+ createdAt: now,
623
+ expiresAt: now + incompleteTtlMs,
624
+ };
625
+ }
626
+
627
+ // ---- acceptChunk ----
628
+
629
+ async function acceptChunk(callerOpts) {
630
+ validateOpts.requireObject(callerOpts, "fileUpload.acceptChunk", FileUploadError);
631
+ var uploadId = _validateUploadId(callerOpts.uploadId);
632
+ var index = callerOpts.index;
633
+ var body = callerOpts.body;
634
+ var sha3Hex = callerOpts.sha3;
635
+ var actor = callerOpts.actor;
636
+
637
+ _checkPermission("accept", actor);
638
+
639
+ var meta = _readMeta(uploadId);
640
+ if (!meta) {
641
+ throw _err("UNKNOWN_UPLOAD",
642
+ "fileUpload.acceptChunk: no init() seen for '" + uploadId + "'; call init() first");
643
+ }
644
+ if (clock() - meta.lastChunkAt > maxIdleMs) {
645
+ // Idle-timed-out — too much time since init or last chunk.
646
+ throw _err("UPLOAD_IDLE_EXPIRED",
647
+ "fileUpload.acceptChunk: upload '" + uploadId + "' exceeded maxIdleMs (" + maxIdleMs +
648
+ " ms since last chunk or init)");
649
+ }
650
+
651
+ if (!Number.isInteger(index) || index < 0 || index >= maxChunks) {
652
+ throw _err("BAD_INDEX",
653
+ "fileUpload.acceptChunk: index must be a non-negative integer < " + maxChunks +
654
+ ", got " + numericBounds.shape(index));
655
+ }
656
+ if (!Buffer.isBuffer(body)) {
657
+ throw _err("BAD_BODY",
658
+ "fileUpload.acceptChunk: body must be a Buffer, got " + typeof body);
659
+ }
660
+ if (body.length === 0) {
661
+ throw _err("EMPTY_CHUNK",
662
+ "fileUpload.acceptChunk: body is empty (0 bytes)");
663
+ }
664
+ if (body.length > maxChunkBytes) {
665
+ _emitObs("fileUpload.chunk_too_large", 1);
666
+ throw _err("CHUNK_TOO_LARGE",
667
+ "fileUpload.acceptChunk: chunk body is " + body.length +
668
+ " bytes, exceeds maxChunkBytes (" + maxChunkBytes + ")");
669
+ }
670
+ if (!safeBuffer.isHex(sha3Hex) || sha3Hex.length !== SHA3_512_HEX_LENGTH) {
671
+ throw _err("BAD_CHUNK_HASH",
672
+ "fileUpload.acceptChunk: sha3 must be a SHA3-512 hex string (" +
673
+ SHA3_512_HEX_LENGTH + " chars); got " +
674
+ (typeof sha3Hex === "string" ? sha3Hex.length + " chars" : typeof sha3Hex));
675
+ }
676
+
677
+ // Verify chunk hash matches the supplied header.
678
+ var actualHex = bCrypto.sha3Hash(body);
679
+ if (!bCrypto.timingSafeEqual(actualHex, sha3Hex)) {
680
+ _emitObs("fileUpload.chunk_hash_mismatch", 1);
681
+ _emitAudit("fileUpload.chunk_received", {
682
+ actor: requestHelpers.extractActorContext(actor),
683
+ resource: { kind: "fileUpload", id: uploadId },
684
+ outcome: "failure",
685
+ reason: "chunk-hash-mismatch",
686
+ metadata: { index: index, size: body.length },
687
+ });
688
+ throw _err("CHUNK_HASH_MISMATCH",
689
+ "fileUpload.acceptChunk: chunk SHA3-512 mismatch — supplied does not equal computed");
690
+ }
691
+
692
+ // Per-chunk operator hook (e.g. virus scan, schema check). May
693
+ // throw to refuse the chunk.
694
+ if (onChunk) {
695
+ try {
696
+ await onChunk({
697
+ uploadId: uploadId,
698
+ index: index,
699
+ body: body,
700
+ sha3: actualHex,
701
+ actor: actor,
702
+ metadata: meta.metadata,
703
+ });
704
+ } catch (e) {
705
+ _emitObs("fileUpload.onchunk_rejected", 1);
706
+ _emitAudit("fileUpload.chunk_received", {
707
+ actor: requestHelpers.extractActorContext(actor),
708
+ resource: { kind: "fileUpload", id: uploadId },
709
+ outcome: "failure",
710
+ reason: "onchunk-rejected",
711
+ metadata: { index: index, size: body.length,
712
+ error: (e && e.message) || String(e) },
713
+ });
714
+ throw e;
715
+ }
716
+ }
717
+
718
+ // Idempotent re-PUT: if this index is already received with a
719
+ // matching body, no-op. Different body = caller bug.
720
+ var p = _chunkPath(uploadId, index);
721
+ if (nodeFs.existsSync(p)) {
722
+ var existing = atomicFile.readSync(p, { maxBytes: maxChunkBytes });
723
+ if (bCrypto.timingSafeEqual(bCrypto.sha3Hash(existing), sha3Hex)) {
724
+ return {
725
+ received: _readReceivedIndices(uploadId).length,
726
+ totalBytesAccepted: meta.totalBytesAccepted,
727
+ status: "in-progress",
728
+ duplicate: true,
729
+ };
730
+ }
731
+ throw _err("CHUNK_REUSE_MISMATCH",
732
+ "fileUpload.acceptChunk: chunk " + index +
733
+ " already received with a different body (caller-side bug; refusing overwrite)");
734
+ }
735
+
736
+ atomicFile.writeSync(p, body, { mode: 0o600 });
737
+ var receivedIndices = _readReceivedIndices(uploadId);
738
+ if (receivedIndices.indexOf(index) === -1) {
739
+ receivedIndices.push(index);
740
+ _writeReceivedIndices(uploadId, receivedIndices);
741
+ }
742
+
743
+ // Update meta.
744
+ meta.lastChunkAt = clock();
745
+ meta.totalBytesAccepted = (meta.totalBytesAccepted || 0) + body.length;
746
+ if (meta.totalBytesAccepted > maxFileBytes) {
747
+ // Reclaim staging — the upload exceeded the cap mid-nodeStream.
748
+ try { nodeFs.rmSync(_uploadDir(uploadId), { recursive: true, force: true }); }
749
+ catch (_e) { /* purgeIncomplete will reclaim */ }
750
+ _emitObs("fileUpload.file_too_large", 1);
751
+ throw _err("FILE_TOO_LARGE",
752
+ "fileUpload.acceptChunk: cumulative upload exceeded maxFileBytes (" + maxFileBytes +
753
+ "); upload reclaimed");
754
+ }
755
+ _writeMeta(uploadId, meta);
756
+
757
+ _emitObs("fileUpload.chunks_received", 1);
758
+ _emitObs("fileUpload.bytes_received", body.length);
759
+ _emitAudit("fileUpload.chunk_received", {
760
+ actor: requestHelpers.extractActorContext(actor),
761
+ resource: { kind: "fileUpload", id: uploadId },
762
+ outcome: "success",
763
+ metadata: { index: index, size: body.length },
764
+ });
765
+
766
+ return {
767
+ received: receivedIndices.length,
768
+ totalBytesAccepted: meta.totalBytesAccepted,
769
+ status: "in-progress",
770
+ };
771
+ }
772
+
773
+ // ---- finalize ----
774
+
775
+ function _validateManifest(manifest) {
776
+ validateOpts.requireObject(manifest, "fileUpload.finalize: manifest", FileUploadError);
777
+ if (!Array.isArray(manifest.chunks) || manifest.chunks.length === 0) {
778
+ throw _err("BAD_MANIFEST",
779
+ "fileUpload.finalize: manifest.chunks must be a non-empty array");
780
+ }
781
+ if (manifest.chunks.length > maxChunks) {
782
+ throw _err("TOO_MANY_CHUNKS",
783
+ "fileUpload.finalize: manifest declares " + manifest.chunks.length +
784
+ " chunks, exceeds maxChunks (" + maxChunks + ")");
785
+ }
786
+ if (!Number.isInteger(manifest.totalBytes) || manifest.totalBytes <= 0) {
787
+ throw _err("BAD_MANIFEST",
788
+ "fileUpload.finalize: manifest.totalBytes must be a positive integer");
789
+ }
790
+ if (manifest.totalBytes > maxFileBytes) {
791
+ throw _err("FILE_TOO_LARGE",
792
+ "fileUpload.finalize: manifest.totalBytes (" + manifest.totalBytes +
793
+ ") exceeds maxFileBytes (" + maxFileBytes + ")");
794
+ }
795
+ if (!safeBuffer.isHex(manifest.sha3) || manifest.sha3.length !== SHA3_512_HEX_LENGTH) {
796
+ throw _err("BAD_MANIFEST",
797
+ "fileUpload.finalize: manifest.sha3 must be a SHA3-512 hex string (" +
798
+ SHA3_512_HEX_LENGTH + " chars)");
799
+ }
800
+ }
801
+
802
+ function _verifyChunksOnDisk(uploadId, manifest) {
803
+ // Returns sorted chunk paths + verifies per-chunk + total hash.
804
+ // For small uploads we walk + concat; for large we just walk and
805
+ // verify, returning paths so the streaming path can read on
806
+ // demand.
807
+ var sortedChunks = manifest.chunks.slice().sort(function (a, b) {
808
+ return a.index - b.index;
809
+ });
810
+ var paths = [];
811
+ var hasher = require("node:crypto").createHash("sha3-512");
812
+ var totalBytes = 0;
813
+
814
+ for (var i = 0; i < sortedChunks.length; i++) {
815
+ var ck = sortedChunks[i];
816
+ if (!Number.isInteger(ck.index) || ck.index !== i) {
817
+ throw _err("MANIFEST_INDEX_GAP",
818
+ "fileUpload.finalize: chunk " + i + " in manifest has index " + ck.index +
819
+ " (expected " + i + " — chunk indices must be 0..N-1 contiguous)");
820
+ }
821
+ if (!safeBuffer.isHex(ck.sha3) || ck.sha3.length !== SHA3_512_HEX_LENGTH) {
822
+ throw _err("BAD_MANIFEST",
823
+ "fileUpload.finalize: chunk " + i + ".sha3 must be a SHA3-512 hex string (" +
824
+ SHA3_512_HEX_LENGTH + " chars)");
825
+ }
826
+ var chunkPath = _chunkPath(uploadId, ck.index);
827
+ if (!nodeFs.existsSync(chunkPath)) {
828
+ throw _err("MISSING_CHUNK",
829
+ "fileUpload.finalize: chunk " + ck.index + " missing from staging");
830
+ }
831
+ var chunkBody = atomicFile.readSync(chunkPath, { maxBytes: maxChunkBytes });
832
+ var actualChunkHex = bCrypto.sha3Hash(chunkBody);
833
+ if (!bCrypto.timingSafeEqual(actualChunkHex, ck.sha3)) {
834
+ throw _err("CHUNK_HASH_MISMATCH",
835
+ "fileUpload.finalize: chunk " + ck.index +
836
+ " on-disk SHA3-512 doesn't match manifest");
837
+ }
838
+ paths.push(chunkPath);
839
+ totalBytes += chunkBody.length;
840
+ if (totalBytes > maxFileBytes) {
841
+ throw _err("FILE_TOO_LARGE",
842
+ "fileUpload.finalize: reassembly exceeds maxFileBytes mid-walk");
843
+ }
844
+ hasher.update(chunkBody);
845
+ }
846
+ if (totalBytes !== manifest.totalBytes) {
847
+ throw _err("MANIFEST_SIZE_MISMATCH",
848
+ "fileUpload.finalize: reassembled " + totalBytes +
849
+ " bytes, manifest declares " + manifest.totalBytes);
850
+ }
851
+ var totalHashHex = hasher.digest("hex");
852
+ if (!bCrypto.timingSafeEqual(totalHashHex, manifest.sha3)) {
853
+ throw _err("MANIFEST_HASH_MISMATCH",
854
+ "fileUpload.finalize: reassembled SHA3-512 doesn't match manifest.sha3");
855
+ }
856
+ return { paths: paths, totalBytes: totalBytes, totalHashHex: totalHashHex };
857
+ }
858
+
859
+ function _checkAllowedFileType(firstChunkBody, claimedMime) {
860
+ if (!allowedFileTypes || allowedFileTypes.length === 0) return;
861
+ if (!fileType) return; // create() guards this; defensive
862
+ var detected = fileType.detect(firstChunkBody);
863
+ var detectedMime = detected && detected.mime;
864
+ if (!detectedMime) {
865
+ throw _err("MIME_NOT_DETECTED",
866
+ "fileUpload.finalize: could not classify magic bytes against allowedFileTypes");
867
+ }
868
+ var ok = false;
869
+ for (var i = 0; i < allowedFileTypes.length; i++) {
870
+ var allowed = allowedFileTypes[i];
871
+ if (allowed === detectedMime) { ok = true; break; }
872
+ // Wildcard support: "image/*" matches "image/png".
873
+ if (allowed.endsWith("/*")) {
874
+ var prefix = allowed.slice(0, -1); // "image/"
875
+ if (detectedMime.indexOf(prefix) === 0) { ok = true; break; }
876
+ }
877
+ }
878
+ if (!ok) {
879
+ throw _err("MIME_NOT_ALLOWED",
880
+ "fileUpload.finalize: detected MIME '" + detectedMime +
881
+ "' not in allowedFileTypes (" + allowedFileTypes.join(", ") + ")");
882
+ }
883
+ // Cross-check claimed MIME (Content-Type header) against detected
884
+ // magic bytes. When both exist and disagree, refuse — downstream
885
+ // renderers / storage layers that trust metadata.contentType
886
+ // (CDN cache routing, MIME-sniff fallbacks, attachment-disposition
887
+ // decisions) will mis-handle the file. The strict-MIME check is
888
+ // load-bearing for image-pipelines that pass to image processors:
889
+ // a "image/png" claim with PDF magic bytes lands in image-rendering
890
+ // code-paths that will exec PDF parsers with surprising semantics.
891
+ if (claimedMime && typeof claimedMime === "string" && claimedMime.indexOf("/") !== -1) {
892
+ var claimedNormalized = claimedMime.split(";")[0].trim().toLowerCase();
893
+ if (claimedNormalized && claimedNormalized !== detectedMime) {
894
+ // Wildcard / family acceptance: "image/jpeg" claim + "image/jpg"
895
+ // detect (synonyms) is OK; "image/png" claim + "image/jpeg"
896
+ // detect is NOT.
897
+ var claimedFamily = claimedNormalized.split("/")[0];
898
+ var detectedFamily = detectedMime.split("/")[0];
899
+ if (claimedFamily !== detectedFamily) {
900
+ throw _err("MIME_CLAIM_MISMATCH",
901
+ "fileUpload.finalize: claimed Content-Type '" + claimedNormalized +
902
+ "' disagrees with detected magic-byte MIME '" + detectedMime +
903
+ "'. Refusing to proceed with mis-typed file.");
904
+ }
905
+ }
906
+ }
907
+ }
908
+
909
+ function _streamFromChunkPaths(paths /* totalBytes */) {
910
+ // Sequential ReadableStream over chunk files. Operator's
911
+ // onFinalize reads through to wherever they're piping.
912
+ async function* generate() {
913
+ for (var i = 0; i < paths.length; i += 1) {
914
+ var fh = nodeFs.createReadStream(paths[i]);
915
+ for await (var chunk of fh) {
916
+ yield chunk;
917
+ }
918
+ }
919
+ }
920
+ return nodeStream.Readable.from(generate(), { objectMode: false });
921
+ }
922
+
923
+ async function finalize(callerOpts) {
924
+ validateOpts.requireObject(callerOpts, "fileUpload.finalize", FileUploadError);
925
+ var uploadId = _validateUploadId(callerOpts.uploadId);
926
+ var manifest = callerOpts.manifest;
927
+ var actor = callerOpts.actor;
928
+
929
+ _checkPermission("finalize", actor);
930
+
931
+ var meta = _readMeta(uploadId);
932
+ if (!meta) {
933
+ throw _err("UNKNOWN_UPLOAD",
934
+ "fileUpload.finalize: no init() seen for '" + uploadId + "'");
935
+ }
936
+
937
+ _validateManifest(manifest);
938
+
939
+ var verified = _verifyChunksOnDisk(uploadId, manifest);
940
+
941
+ // Decide buffer-vs-stream based on size.
942
+ var useStream = verified.totalBytes > maxStreamReassemblyBytes;
943
+ var bodyBuffer = null;
944
+ var bodyStream = null;
945
+ var firstChunk = null;
946
+
947
+ if (useStream) {
948
+ // Read just the first chunk for the MIME sniff; the operator
949
+ // gets the stream for the actual data.
950
+ firstChunk = atomicFile.readSync(verified.paths[0], { maxBytes: maxChunkBytes });
951
+ bodyStream = _streamFromChunkPaths(verified.paths, verified.totalBytes);
952
+ } else {
953
+ // Small enough to assemble in memory. Buffer.concat.
954
+ var pieces = [];
955
+ for (var i = 0; i < verified.paths.length; i++) {
956
+ pieces.push(atomicFile.readSync(verified.paths[i], { maxBytes: maxChunkBytes }));
957
+ }
958
+ bodyBuffer = Buffer.concat(pieces, verified.totalBytes);
959
+ firstChunk = pieces[0];
960
+ }
961
+
962
+ // MIME allowlist gate (if configured). Pass the operator-supplied
963
+ // contentType from upload metadata so the cross-check can refuse
964
+ // claimed-vs-detected mismatches.
965
+ var claimedMime = (meta && meta.metadata && meta.metadata.contentType) || null;
966
+ try { _checkAllowedFileType(firstChunk, claimedMime); }
967
+ catch (e) {
968
+ _emitObs("fileUpload.mime_rejected", 1);
969
+ _emitAudit("fileUpload.finalize", {
970
+ actor: requestHelpers.extractActorContext(actor),
971
+ resource: { kind: "fileUpload", id: uploadId },
972
+ outcome: "failure",
973
+ reason: "mime-not-allowed",
974
+ metadata: { size: verified.totalBytes,
975
+ error: (e && e.message) || String(e) },
976
+ });
977
+ throw e;
978
+ }
979
+
980
+ // Content-safety gate — operator-supplied per-extension gate
981
+ // (b.guardCsv.gate / b.guardHtml.gate / etc.). Routes the assembled
982
+ // body through the gate's check() before handing to onFinalize. The
983
+ // decision is honored:
984
+ // - serve → continue with the original buffer
985
+ // - sanitize → continue with decision.sanitized (operator's
986
+ // onFinalize sees the cleaned bytes)
987
+ // - refuse → throw FileUploadError; operator route surfaces the
988
+ // rejection to the client
989
+ // filenameSafety — single gate that validates the filename string
990
+ // (path traversal / null-byte / Windows reserved names / NTFS ADS /
991
+ // RTLO bidi / overlong UTF-8 / shell-exec / double-extension).
992
+ // Runs BEFORE contentSafety because a refused filename obviates
993
+ // the need to validate the body.
994
+ var filename = (meta.metadata && meta.metadata.filename) || uploadId;
995
+ if (filenameSafety && typeof filenameSafety.check === "function") {
996
+ var fnDecision;
997
+ try {
998
+ fnDecision = await filenameSafety.check({
999
+ filename: filename,
1000
+ actor: actor,
1001
+ direction: "inbound",
1002
+ metadata: meta.metadata,
1003
+ });
1004
+ } catch (fnErr) {
1005
+ _emitObs("fileUpload.filename_safety_threw", 1);
1006
+ _emitAudit("fileUpload.finalize_failure", {
1007
+ actor: requestHelpers.extractActorContext(actor),
1008
+ outcome: "failure", reason: "filename-safety-threw",
1009
+ metadata: { uploadId: uploadId, error: fnErr && fnErr.message },
1010
+ });
1011
+ throw _err("FILENAME_SAFETY_THREW",
1012
+ "fileUpload.finalize: filenameSafety gate threw: " + (fnErr && fnErr.message));
1013
+ }
1014
+ if (!fnDecision.ok || fnDecision.action === "refuse") {
1015
+ _emitObs("fileUpload.filename_safety_refused", 1);
1016
+ _emitAudit("fileUpload.finalize_failure", {
1017
+ actor: requestHelpers.extractActorContext(actor),
1018
+ outcome: "failure", reason: "filename-safety-refused",
1019
+ metadata: {
1020
+ uploadId: uploadId, filename: filename,
1021
+ issues: gateContract.summarizeIssues(fnDecision.issues),
1022
+ },
1023
+ });
1024
+ throw _err("FILENAME_SAFETY_REFUSED",
1025
+ "fileUpload.finalize: filenameSafety refused " + JSON.stringify(filename) +
1026
+ ": " + gateContract.summarizeIssues(fnDecision.issues));
1027
+ }
1028
+ // sanitize: replace metadata.filename with the sanitized form so
1029
+ // downstream code sees the cleaned name.
1030
+ if (fnDecision.action === "sanitize" && fnDecision.sanitizedFilename) {
1031
+ meta.metadata = Object.assign({}, meta.metadata || {},
1032
+ { filename: fnDecision.sanitizedFilename });
1033
+ filename = fnDecision.sanitizedFilename;
1034
+ }
1035
+ }
1036
+ if (contentSafety) {
1037
+ var safetyExt = nodePath.extname(filename).toLowerCase();
1038
+ var safetyGate = contentSafety[safetyExt];
1039
+ if (safetyGate && typeof safetyGate.check === "function" && bodyBuffer) {
1040
+ var safetyDecision;
1041
+ try {
1042
+ safetyDecision = await safetyGate.check({
1043
+ bytes: bodyBuffer,
1044
+ filename: filename,
1045
+ actor: actor,
1046
+ direction: "inbound",
1047
+ metadata: meta.metadata,
1048
+ });
1049
+ } catch (gateErr) {
1050
+ _emitObs("fileUpload.content_safety_threw", 1);
1051
+ _emitAudit("fileUpload.finalize_failure", {
1052
+ actor: requestHelpers.extractActorContext(actor),
1053
+ outcome: "failure", reason: "content-safety-threw",
1054
+ metadata: { uploadId: uploadId, error: gateErr && gateErr.message },
1055
+ });
1056
+ throw _err("CONTENT_SAFETY_THREW",
1057
+ "fileUpload.finalize: contentSafety gate threw: " + (gateErr && gateErr.message));
1058
+ }
1059
+ if (!safetyDecision.ok || safetyDecision.action === "refuse") {
1060
+ _emitObs("fileUpload.content_safety_refused", 1, { ext: safetyExt });
1061
+ _emitAudit("fileUpload.finalize_failure", {
1062
+ actor: requestHelpers.extractActorContext(actor),
1063
+ outcome: "failure", reason: "content-safety-refused",
1064
+ metadata: {
1065
+ uploadId: uploadId, ext: safetyExt,
1066
+ issues: gateContract.summarizeIssues(safetyDecision.issues),
1067
+ },
1068
+ });
1069
+ throw _err("CONTENT_SAFETY_REFUSED",
1070
+ "fileUpload.finalize: contentSafety gate refused upload (" +
1071
+ (safetyDecision.issues || []).map(function (i) { return i.kind; }).join(", ") + ")");
1072
+ }
1073
+ if (safetyDecision.action === "sanitize" && safetyDecision.sanitized) {
1074
+ // Replace the body buffer with the sanitized variant.
1075
+ bodyBuffer = safetyDecision.sanitized;
1076
+ // Clear the streaming alias if present — sanitized fits in memory.
1077
+ bodyStream = null;
1078
+ }
1079
+ }
1080
+ }
1081
+
1082
+ // Hand to operator's onFinalize.
1083
+ var rv;
1084
+ try {
1085
+ if (onFinalize) {
1086
+ rv = await onFinalize({
1087
+ uploadId: uploadId,
1088
+ body: bodyBuffer,
1089
+ stream: bodyStream,
1090
+ sha3: verified.totalHashHex,
1091
+ size: verified.totalBytes,
1092
+ actor: actor,
1093
+ metadata: meta.metadata,
1094
+ });
1095
+ } else {
1096
+ rv = { ok: true, sha3: verified.totalHashHex, size: verified.totalBytes };
1097
+ }
1098
+ } catch (e) {
1099
+ _emitObs("fileUpload.finalize_failure", 1);
1100
+ _emitAudit("fileUpload.finalize", {
1101
+ actor: requestHelpers.extractActorContext(actor),
1102
+ resource: { kind: "fileUpload", id: uploadId },
1103
+ outcome: "failure",
1104
+ reason: "onfinalize-threw",
1105
+ metadata: { size: verified.totalBytes, sha3: verified.totalHashHex,
1106
+ error: (e && e.message) || String(e) },
1107
+ });
1108
+ throw e;
1109
+ }
1110
+
1111
+ // Cleanup staging on success.
1112
+ try { nodeFs.rmSync(_uploadDir(uploadId), { recursive: true, force: true }); }
1113
+ catch (_e) { /* best-effort */ }
1114
+
1115
+ _emitObs("fileUpload.finalize_success", 1);
1116
+ _emitObs("fileUpload.finalize_bytes", verified.totalBytes);
1117
+ _emitAudit("fileUpload.finalize", {
1118
+ actor: requestHelpers.extractActorContext(actor),
1119
+ resource: { kind: "fileUpload", id: uploadId },
1120
+ outcome: "success",
1121
+ metadata: { size: verified.totalBytes, sha3: verified.totalHashHex,
1122
+ mode: useStream ? "stream" : "buffer" },
1123
+ });
1124
+
1125
+ return rv;
1126
+ }
1127
+
1128
+ // ---- status / list / cancel ----
1129
+
1130
+ function status(uploadId, callerOpts) {
1131
+ callerOpts = callerOpts || {};
1132
+ _validateUploadId(uploadId);
1133
+ _checkPermission("status", callerOpts.actor);
1134
+ var meta = _readMeta(uploadId);
1135
+ if (!meta) return null;
1136
+ var indices = _readReceivedIndices(uploadId).slice().sort(function (a, b) { return a - b; });
1137
+ return {
1138
+ uploadId: uploadId,
1139
+ received: indices,
1140
+ totalBytesAccepted: meta.totalBytesAccepted || 0,
1141
+ createdAt: meta.createdAt,
1142
+ lastChunkAt: meta.lastChunkAt,
1143
+ metadata: meta.metadata || {},
1144
+ expiresAt: meta.createdAt + incompleteTtlMs,
1145
+ };
1146
+ }
1147
+
1148
+ function list(callerOpts) {
1149
+ callerOpts = callerOpts || {};
1150
+ _checkPermission("list", callerOpts.actor);
1151
+ var actorFilter = callerOpts.actor && (callerOpts.actor.id || callerOpts.actor.userId);
1152
+ var sinceMs = (typeof callerOpts.since === "number") ? callerOpts.since : 0;
1153
+ var uploads = _enumerateUploads();
1154
+ var out = [];
1155
+ for (var i = 0; i < uploads.length; i++) {
1156
+ var u = uploads[i];
1157
+ if (!u.meta) continue;
1158
+ if (sinceMs && u.meta.createdAt < sinceMs) continue;
1159
+ if (actorFilter && callerOpts.scopeToActor !== false && u.meta.actorId !== actorFilter) continue;
1160
+ out.push({
1161
+ uploadId: u.meta.uploadId,
1162
+ actorId: u.meta.actorId,
1163
+ metadata: u.meta.metadata || {},
1164
+ createdAt: u.meta.createdAt,
1165
+ lastChunkAt: u.meta.lastChunkAt,
1166
+ totalBytesAccepted: u.meta.totalBytesAccepted || 0,
1167
+ });
1168
+ }
1169
+ return out;
1170
+ }
1171
+
1172
+ async function cancelUpload(uploadId, callerOpts) {
1173
+ callerOpts = callerOpts || {};
1174
+ _validateUploadId(uploadId);
1175
+ _checkPermission("cancel", callerOpts.actor);
1176
+ var meta = _readMeta(uploadId);
1177
+ if (!meta) return { ok: false, uploadId: uploadId, reason: "not-found" };
1178
+ try { nodeFs.rmSync(_uploadDir(uploadId), { recursive: true, force: true }); }
1179
+ catch (_e) { /* best-effort */ }
1180
+ _emitObs("fileUpload.cancelled", 1);
1181
+ _emitAudit("fileUpload.cancelled", {
1182
+ actor: requestHelpers.extractActorContext(callerOpts.actor),
1183
+ resource: { kind: "fileUpload", id: uploadId },
1184
+ outcome: "success",
1185
+ metadata: { totalBytesAccepted: meta.totalBytesAccepted || 0 },
1186
+ });
1187
+ return { ok: true, uploadId: uploadId };
1188
+ }
1189
+
1190
+ // ---- purgeIncomplete ----
1191
+
1192
+ function purgeIncomplete() {
1193
+ if (!nodeFs.existsSync(stagingDir)) return { purged: 0, ids: [] };
1194
+ var now = clock();
1195
+ var entries;
1196
+ try { entries = atomicFile.listDir(stagingDir, { includeStat: true }); }
1197
+ catch (_e) { return { purged: 0, ids: [] }; }
1198
+ var purged = [];
1199
+ for (var i = 0; i < entries.length; i++) {
1200
+ var e = entries[i];
1201
+ if (!e.isDirectory) continue;
1202
+ var meta = _readMeta(e.name);
1203
+ var purgeReason = null;
1204
+ if (meta) {
1205
+ if (now - meta.createdAt > incompleteTtlMs) purgeReason = "ttl-exceeded";
1206
+ else if (now - meta.lastChunkAt > maxIdleMs) purgeReason = "idle-exceeded";
1207
+ } else {
1208
+ // No meta sidecar → orphaned dir from a prior version or
1209
+ // failed init. Reclaim by mtime.
1210
+ if (now - e.mtimeMs > incompleteTtlMs) purgeReason = "orphan";
1211
+ }
1212
+ if (!purgeReason) continue;
1213
+ try {
1214
+ nodeFs.rmSync(e.fullPath, { recursive: true, force: true });
1215
+ purged.push({ id: e.name, reason: purgeReason });
1216
+ } catch (_e2) { /* best-effort; will retry */ }
1217
+ }
1218
+ if (purged.length > 0) {
1219
+ _emitObs("fileUpload.purged_incomplete", purged.length);
1220
+ _emitAudit("fileUpload.purged", {
1221
+ actor: { kind: "framework" },
1222
+ resource: { kind: "fileUpload", id: stagingDir },
1223
+ outcome: "success",
1224
+ metadata: { purgedIds: purged.map(function (p) { return p.id; }),
1225
+ count: purged.length },
1226
+ });
1227
+ }
1228
+ return {
1229
+ purged: purged.length,
1230
+ ids: purged.map(function (p) { return p.id; }),
1231
+ reasons: purged,
1232
+ };
1233
+ }
1234
+
1235
+ function close() {
1236
+ // Lifecycle parity. No timers / connections to release.
1237
+ }
1238
+
1239
+ return {
1240
+ init: init,
1241
+ acceptChunk: acceptChunk,
1242
+ finalize: finalize,
1243
+ status: status,
1244
+ list: list,
1245
+ cancelUpload: cancelUpload,
1246
+ purgeIncomplete: purgeIncomplete,
1247
+ close: close,
1248
+ };
1249
+ }
1250
+
1251
+ module.exports = {
1252
+ create: create,
1253
+ FileUploadError: FileUploadError,
1254
+ DEFAULTS: DEFAULTS,
1255
+ UPLOAD_ID_RE: UPLOAD_ID_RE,
1256
+ };