@blamejs/blamejs-shop 0.0.44
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +87 -0
- package/LICENSE +17 -0
- package/README.md +117 -0
- package/SECURITY.md +139 -0
- package/lib/admin.js +952 -0
- package/lib/analytics.js +267 -0
- package/lib/cart.js +279 -0
- package/lib/catalog-import.js +344 -0
- package/lib/catalog.js +769 -0
- package/lib/checkout.js +320 -0
- package/lib/config.js +151 -0
- package/lib/customers.js +322 -0
- package/lib/email.js +242 -0
- package/lib/externaldb-d1.js +283 -0
- package/lib/index.js +57 -0
- package/lib/inventory-alerts.js +198 -0
- package/lib/newsletter.js +142 -0
- package/lib/order.js +380 -0
- package/lib/payment.js +318 -0
- package/lib/pricing.js +185 -0
- package/lib/r2-bridge.js +169 -0
- package/lib/shipping.js +185 -0
- package/lib/storefront.js +2160 -0
- package/lib/subscriptions.js +410 -0
- package/lib/tax.js +161 -0
- package/lib/theme.js +194 -0
- package/lib/vendor/MANIFEST.json +19 -0
- package/lib/vendor/blamejs/.clusterfuzzlite/Dockerfile +23 -0
- package/lib/vendor/blamejs/.clusterfuzzlite/build.sh +34 -0
- package/lib/vendor/blamejs/.clusterfuzzlite/project.yaml +16 -0
- package/lib/vendor/blamejs/.dockerignore +45 -0
- package/lib/vendor/blamejs/.gitattributes +42 -0
- package/lib/vendor/blamejs/.github/CODEOWNERS +4 -0
- package/lib/vendor/blamejs/.github/FUNDING.yml +2 -0
- package/lib/vendor/blamejs/.github/ISSUE_TEMPLATE/bug_report.md +58 -0
- package/lib/vendor/blamejs/.github/ISSUE_TEMPLATE/config.yml +8 -0
- package/lib/vendor/blamejs/.github/ISSUE_TEMPLATE/feature_request.md +99 -0
- package/lib/vendor/blamejs/.github/PULL_REQUEST_TEMPLATE.md +77 -0
- package/lib/vendor/blamejs/.github/dependabot.yml +37 -0
- package/lib/vendor/blamejs/.github/workflows/actions-lint.yml +148 -0
- package/lib/vendor/blamejs/.github/workflows/cflite_batch.yml +107 -0
- package/lib/vendor/blamejs/.github/workflows/cflite_pr.yml +122 -0
- package/lib/vendor/blamejs/.github/workflows/ci.yml +511 -0
- package/lib/vendor/blamejs/.github/workflows/codeql.yml +50 -0
- package/lib/vendor/blamejs/.github/workflows/npm-publish.yml +655 -0
- package/lib/vendor/blamejs/.github/workflows/release-container.yml +406 -0
- package/lib/vendor/blamejs/.github/workflows/scorecard.yml +101 -0
- package/lib/vendor/blamejs/.github/workflows/sha-to-tag-verify.yml +134 -0
- package/lib/vendor/blamejs/.gitignore +102 -0
- package/lib/vendor/blamejs/.gitleaks.toml +166 -0
- package/lib/vendor/blamejs/.hadolint.yaml +18 -0
- package/lib/vendor/blamejs/.npmrc +5 -0
- package/lib/vendor/blamejs/.pinact.yaml +17 -0
- package/lib/vendor/blamejs/ARCHITECTURE.md +158 -0
- package/lib/vendor/blamejs/CHANGELOG.md +1351 -0
- package/lib/vendor/blamejs/CODE_OF_CONDUCT.md +86 -0
- package/lib/vendor/blamejs/CONTRIBUTING.md +156 -0
- package/lib/vendor/blamejs/GOVERNANCE.md +201 -0
- package/lib/vendor/blamejs/LICENSE +201 -0
- package/lib/vendor/blamejs/LTS-CALENDAR.md +29 -0
- package/lib/vendor/blamejs/MIGRATING.md +29 -0
- package/lib/vendor/blamejs/NOTICE +81 -0
- package/lib/vendor/blamejs/README.md +304 -0
- package/lib/vendor/blamejs/SECURITY.md +432 -0
- package/lib/vendor/blamejs/api-snapshot.json +48709 -0
- package/lib/vendor/blamejs/assets/BlameJS_Logo.png +0 -0
- package/lib/vendor/blamejs/assets/BlameJS_Logo.svg +129 -0
- package/lib/vendor/blamejs/bench/README.md +77 -0
- package/lib/vendor/blamejs/bench/_helpers.js +70 -0
- package/lib/vendor/blamejs/bench/baseline.json +183 -0
- package/lib/vendor/blamejs/bench/crypto-hash.bench.js +19 -0
- package/lib/vendor/blamejs/bench/crypto-symmetric.bench.js +28 -0
- package/lib/vendor/blamejs/bench/run.js +140 -0
- package/lib/vendor/blamejs/bench/safe-json.bench.js +31 -0
- package/lib/vendor/blamejs/bin/blamejs.js +13 -0
- package/lib/vendor/blamejs/docker/caddy/Caddyfile +46 -0
- package/lib/vendor/blamejs/docker/coredns/Corefile +37 -0
- package/lib/vendor/blamejs/docker/haproxy/haproxy.cfg +52 -0
- package/lib/vendor/blamejs/docker/init/generate-certs.sh +118 -0
- package/lib/vendor/blamejs/docker/keycloak/realm-blamejs-test.json +87 -0
- package/lib/vendor/blamejs/docker/mitmproxy/config.yaml +16 -0
- package/lib/vendor/blamejs/docker/mongo/init-tls.sh +17 -0
- package/lib/vendor/blamejs/docker/mysql/my.cnf +12 -0
- package/lib/vendor/blamejs/docker/nats/nats.conf +33 -0
- package/lib/vendor/blamejs/docker/postgres/init-tls.sh +17 -0
- package/lib/vendor/blamejs/docker/postgres/postgresql.conf +18 -0
- package/lib/vendor/blamejs/docker/rabbitmq/rabbitmq.conf +18 -0
- package/lib/vendor/blamejs/docker/redis/redis.conf +15 -0
- package/lib/vendor/blamejs/docker/squid/squid.conf +24 -0
- package/lib/vendor/blamejs/docker/syslog/syslog-ng.conf +34 -0
- package/lib/vendor/blamejs/docker-compose.test.yml +545 -0
- package/lib/vendor/blamejs/docs/cis-postgres-crosswalk.md +102 -0
- package/lib/vendor/blamejs/docs/cis-sqlite-equivalent.md +92 -0
- package/lib/vendor/blamejs/eslint.config.mjs +204 -0
- package/lib/vendor/blamejs/examples/wiki/Caddyfile +40 -0
- package/lib/vendor/blamejs/examples/wiki/DEPLOY.md +218 -0
- package/lib/vendor/blamejs/examples/wiki/Dockerfile +120 -0
- package/lib/vendor/blamejs/examples/wiki/README.md +157 -0
- package/lib/vendor/blamejs/examples/wiki/cli-snapshot.json +250 -0
- package/lib/vendor/blamejs/examples/wiki/docker-compose.prod.yml +231 -0
- package/lib/vendor/blamejs/examples/wiki/docker-compose.yml +166 -0
- package/lib/vendor/blamejs/examples/wiki/env-snapshot.json +217 -0
- package/lib/vendor/blamejs/examples/wiki/lib/auto-site-entries.js +139 -0
- package/lib/vendor/blamejs/examples/wiki/lib/build-app.js +555 -0
- package/lib/vendor/blamejs/examples/wiki/lib/harvest-cli.js +507 -0
- package/lib/vendor/blamejs/examples/wiki/lib/harvest-env-vars.js +435 -0
- package/lib/vendor/blamejs/examples/wiki/lib/harvest-errors.js +282 -0
- package/lib/vendor/blamejs/examples/wiki/lib/harvest-vendored-deps.js +321 -0
- package/lib/vendor/blamejs/examples/wiki/lib/nav.js +15 -0
- package/lib/vendor/blamejs/examples/wiki/lib/opts-resolver.js +75 -0
- package/lib/vendor/blamejs/examples/wiki/lib/page-generator.js +508 -0
- package/lib/vendor/blamejs/examples/wiki/lib/section.js +276 -0
- package/lib/vendor/blamejs/examples/wiki/lib/source-comment-block-validator.js +587 -0
- package/lib/vendor/blamejs/examples/wiki/lib/source-doc-parser.js +318 -0
- package/lib/vendor/blamejs/examples/wiki/lib/symbol-index.js +122 -0
- package/lib/vendor/blamejs/examples/wiki/migrations/0001-pages-schema.js +74 -0
- package/lib/vendor/blamejs/examples/wiki/package.json +18 -0
- package/lib/vendor/blamejs/examples/wiki/public/img/blamejs-logo.png +0 -0
- package/lib/vendor/blamejs/examples/wiki/public/img/blamejs-logo.svg +129 -0
- package/lib/vendor/blamejs/examples/wiki/public/robots.txt +5 -0
- package/lib/vendor/blamejs/examples/wiki/public/vendor/MANIFEST.json +30 -0
- package/lib/vendor/blamejs/examples/wiki/public/vendor/prism.css +1 -0
- package/lib/vendor/blamejs/examples/wiki/public/vendor/prism.js +15 -0
- package/lib/vendor/blamejs/examples/wiki/public/wiki.css +1250 -0
- package/lib/vendor/blamejs/examples/wiki/routes/admin.js +366 -0
- package/lib/vendor/blamejs/examples/wiki/routes/integration.js +230 -0
- package/lib/vendor/blamejs/examples/wiki/routes/pages.js +266 -0
- package/lib/vendor/blamejs/examples/wiki/scripts/backfill-module-metadata.js +214 -0
- package/lib/vendor/blamejs/examples/wiki/seeders/prod/0001-default-pages.js +35 -0
- package/lib/vendor/blamejs/examples/wiki/seeders/prod/pages/_index.js +34 -0
- package/lib/vendor/blamejs/examples/wiki/seeders/prod/pages/api.js +76 -0
- package/lib/vendor/blamejs/examples/wiki/server.js +129 -0
- package/lib/vendor/blamejs/examples/wiki/site.config.js +197 -0
- package/lib/vendor/blamejs/examples/wiki/snippets/README.md +38 -0
- package/lib/vendor/blamejs/examples/wiki/snippets/auth/password-hash.example.js +15 -0
- package/lib/vendor/blamejs/examples/wiki/src/editor.js +103 -0
- package/lib/vendor/blamejs/examples/wiki/src/wiki.js +349 -0
- package/lib/vendor/blamejs/examples/wiki/test/AUDIT.md +155 -0
- package/lib/vendor/blamejs/examples/wiki/test/codebase-patterns.test.js +594 -0
- package/lib/vendor/blamejs/examples/wiki/test/e2e.js +741 -0
- package/lib/vendor/blamejs/examples/wiki/test/find-missing-pages.js +254 -0
- package/lib/vendor/blamejs/examples/wiki/test/integration.js +391 -0
- package/lib/vendor/blamejs/examples/wiki/test/validate-cli-snapshot.js +379 -0
- package/lib/vendor/blamejs/examples/wiki/test/validate-env-snapshot.js +346 -0
- package/lib/vendor/blamejs/examples/wiki/test/validate-nav-coverage.js +212 -0
- package/lib/vendor/blamejs/examples/wiki/test/validate-site-coverage.js +252 -0
- package/lib/vendor/blamejs/examples/wiki/test/validate-source-comment-blocks.js +107 -0
- package/lib/vendor/blamejs/examples/wiki/views/_layout.html +115 -0
- package/lib/vendor/blamejs/examples/wiki/views/admin/api-keys.html +51 -0
- package/lib/vendor/blamejs/examples/wiki/views/admin/dashboard.html +22 -0
- package/lib/vendor/blamejs/examples/wiki/views/admin/edit.html +17 -0
- package/lib/vendor/blamejs/examples/wiki/views/home.html +85 -0
- package/lib/vendor/blamejs/examples/wiki/views/login.html +18 -0
- package/lib/vendor/blamejs/examples/wiki/views/page.html +5 -0
- package/lib/vendor/blamejs/examples/wiki/views/partials/nav.html +13 -0
- package/lib/vendor/blamejs/examples/wiki/views/search.html +19 -0
- package/lib/vendor/blamejs/examples/wiki/wiki.config.js +15 -0
- package/lib/vendor/blamejs/fuzz/README.md +137 -0
- package/lib/vendor/blamejs/fuzz/_expected.js +35 -0
- package/lib/vendor/blamejs/fuzz/guard-agent-registry.fuzz.js +22 -0
- package/lib/vendor/blamejs/fuzz/guard-csv.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/guard-csv_seed_corpus/01-basic.csv +3 -0
- package/lib/vendor/blamejs/fuzz/guard-csv_seed_corpus/02-formula.csv +1 -0
- package/lib/vendor/blamejs/fuzz/guard-csv_seed_corpus/03-hyperlink.csv +1 -0
- package/lib/vendor/blamejs/fuzz/guard-dsn.fuzz.js +22 -0
- package/lib/vendor/blamejs/fuzz/guard-email.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/guard-email_seed_corpus/01-basic.eml +5 -0
- package/lib/vendor/blamejs/fuzz/guard-envelope.fuzz.js +24 -0
- package/lib/vendor/blamejs/fuzz/guard-event-bus-payload.fuzz.js +24 -0
- package/lib/vendor/blamejs/fuzz/guard-event-bus-topic.fuzz.js +20 -0
- package/lib/vendor/blamejs/fuzz/guard-html.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/guard-html_seed_corpus/01-basic.html +1 -0
- package/lib/vendor/blamejs/fuzz/guard-html_seed_corpus/02-script.html +1 -0
- package/lib/vendor/blamejs/fuzz/guard-html_seed_corpus/03-event.html +1 -0
- package/lib/vendor/blamejs/fuzz/guard-html_seed_corpus/04-jsurl.html +1 -0
- package/lib/vendor/blamejs/fuzz/guard-idempotency-key.fuzz.js +20 -0
- package/lib/vendor/blamejs/fuzz/guard-imap-command.fuzz.js +35 -0
- package/lib/vendor/blamejs/fuzz/guard-jmap.fuzz.js +41 -0
- package/lib/vendor/blamejs/fuzz/guard-json.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/guard-json_seed_corpus/01-basic.json +1 -0
- package/lib/vendor/blamejs/fuzz/guard-json_seed_corpus/02-proto.json +1 -0
- package/lib/vendor/blamejs/fuzz/guard-json_seed_corpus/03-dupkey.json +1 -0
- package/lib/vendor/blamejs/fuzz/guard-json_seed_corpus/04-nan.json +1 -0
- package/lib/vendor/blamejs/fuzz/guard-json_seed_corpus/05-bom.json +1 -0
- package/lib/vendor/blamejs/fuzz/guard-list-id.fuzz.js +21 -0
- package/lib/vendor/blamejs/fuzz/guard-list-unsubscribe.fuzz.js +25 -0
- package/lib/vendor/blamejs/fuzz/guard-mail-compose.fuzz.js +22 -0
- package/lib/vendor/blamejs/fuzz/guard-mail-move.fuzz.js +22 -0
- package/lib/vendor/blamejs/fuzz/guard-mail-query.fuzz.js +27 -0
- package/lib/vendor/blamejs/fuzz/guard-mail-reply.fuzz.js +23 -0
- package/lib/vendor/blamejs/fuzz/guard-mail-sieve.fuzz.js +36 -0
- package/lib/vendor/blamejs/fuzz/guard-managesieve-command.fuzz.js +26 -0
- package/lib/vendor/blamejs/fuzz/guard-markdown.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/guard-markdown_seed_corpus/01-basic.md +2 -0
- package/lib/vendor/blamejs/fuzz/guard-markdown_seed_corpus/02-jsurl.md +1 -0
- package/lib/vendor/blamejs/fuzz/guard-markdown_seed_corpus/03-jsimg.md +1 -0
- package/lib/vendor/blamejs/fuzz/guard-message-id.fuzz.js +26 -0
- package/lib/vendor/blamejs/fuzz/guard-pop3-command.fuzz.js +23 -0
- package/lib/vendor/blamejs/fuzz/guard-posture-chain.fuzz.js +22 -0
- package/lib/vendor/blamejs/fuzz/guard-saga-config.fuzz.js +32 -0
- package/lib/vendor/blamejs/fuzz/guard-smtp-command.fuzz.js +27 -0
- package/lib/vendor/blamejs/fuzz/guard-snapshot-envelope.fuzz.js +22 -0
- package/lib/vendor/blamejs/fuzz/guard-stream-args.fuzz.js +22 -0
- package/lib/vendor/blamejs/fuzz/guard-svg.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/guard-svg_seed_corpus/01-basic.svg +1 -0
- package/lib/vendor/blamejs/fuzz/guard-svg_seed_corpus/02-script.svg +1 -0
- package/lib/vendor/blamejs/fuzz/guard-tenant-id.fuzz.js +20 -0
- package/lib/vendor/blamejs/fuzz/guard-trace-context.fuzz.js +30 -0
- package/lib/vendor/blamejs/fuzz/guard-xml.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/guard-xml_seed_corpus/01-basic.xml +1 -0
- package/lib/vendor/blamejs/fuzz/guard-xml_seed_corpus/02-xxe.xml +1 -0
- package/lib/vendor/blamejs/fuzz/guard-yaml.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/guard-yaml_seed_corpus/01-basic.yaml +2 -0
- package/lib/vendor/blamejs/fuzz/guard-yaml_seed_corpus/02-anchor.yaml +2 -0
- package/lib/vendor/blamejs/fuzz/guard-yaml_seed_corpus/03-norway.yaml +1 -0
- package/lib/vendor/blamejs/fuzz/guard-yaml_seed_corpus/04-multidoc.yaml +4 -0
- package/lib/vendor/blamejs/fuzz/parsers__safe-ini.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/parsers__safe-ini_seed_corpus/01-basic.ini +2 -0
- package/lib/vendor/blamejs/fuzz/parsers__safe-toml.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/parsers__safe-toml_seed_corpus/01-basic.toml +4 -0
- package/lib/vendor/blamejs/fuzz/parsers__safe-xml.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/parsers__safe-xml_seed_corpus/01-basic.xml +1 -0
- package/lib/vendor/blamejs/fuzz/parsers__safe-yaml.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/parsers__safe-yaml_seed_corpus/01-basic.yaml +4 -0
- package/lib/vendor/blamejs/fuzz/safe-decompress.fuzz.js +49 -0
- package/lib/vendor/blamejs/fuzz/safe-dns.fuzz.js +29 -0
- package/lib/vendor/blamejs/fuzz/safe-ical.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/safe-icap.fuzz.js +42 -0
- package/lib/vendor/blamejs/fuzz/safe-json.fuzz.js +25 -0
- package/lib/vendor/blamejs/fuzz/safe-json_seed_corpus/01-object.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-json_seed_corpus/02-array.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-json_seed_corpus/03-string.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-json_seed_corpus/04-proto.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-json_seed_corpus/05-deep.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-jsonpath.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/safe-jsonpath_seed_corpus/01-basic.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-jsonpath_seed_corpus/02-filter.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-jsonpath_seed_corpus/03-deepscan.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-jsonpath_seed_corpus/04-slice.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-mime.fuzz.js +27 -0
- package/lib/vendor/blamejs/fuzz/safe-mount-info.fuzz.js +33 -0
- package/lib/vendor/blamejs/fuzz/safe-sieve.fuzz.js +28 -0
- package/lib/vendor/blamejs/fuzz/safe-smtp.fuzz.js +64 -0
- package/lib/vendor/blamejs/fuzz/safe-url.fuzz.js +16 -0
- package/lib/vendor/blamejs/fuzz/safe-url_seed_corpus/01-basic.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-url_seed_corpus/02-userinfo.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-url_seed_corpus/03-dangerous.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-url_seed_corpus/04-data.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-url_seed_corpus/05-ipv6.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-url_seed_corpus/06-idn.txt +1 -0
- package/lib/vendor/blamejs/fuzz/safe-vcard.fuzz.js +16 -0
- package/lib/vendor/blamejs/index.js +678 -0
- package/lib/vendor/blamejs/keys/release-pqc-pub.json +7 -0
- package/lib/vendor/blamejs/lib/_test/crypto-fixtures.js +67 -0
- package/lib/vendor/blamejs/lib/a2a-tasks.js +598 -0
- package/lib/vendor/blamejs/lib/a2a.js +407 -0
- package/lib/vendor/blamejs/lib/acme.js +1448 -0
- package/lib/vendor/blamejs/lib/agent-audit.js +45 -0
- package/lib/vendor/blamejs/lib/agent-event-bus.js +382 -0
- package/lib/vendor/blamejs/lib/agent-idempotency.js +497 -0
- package/lib/vendor/blamejs/lib/agent-orchestrator.js +717 -0
- package/lib/vendor/blamejs/lib/agent-posture-chain.js +366 -0
- package/lib/vendor/blamejs/lib/agent-saga.js +321 -0
- package/lib/vendor/blamejs/lib/agent-snapshot.js +676 -0
- package/lib/vendor/blamejs/lib/agent-stream.js +269 -0
- package/lib/vendor/blamejs/lib/agent-tenant.js +632 -0
- package/lib/vendor/blamejs/lib/agent-trace.js +281 -0
- package/lib/vendor/blamejs/lib/ai-adverse-decision.js +184 -0
- package/lib/vendor/blamejs/lib/ai-content-detect.js +268 -0
- package/lib/vendor/blamejs/lib/ai-input.js +201 -0
- package/lib/vendor/blamejs/lib/ai-model-manifest.js +363 -0
- package/lib/vendor/blamejs/lib/ai-pref.js +340 -0
- package/lib/vendor/blamejs/lib/api-key.js +721 -0
- package/lib/vendor/blamejs/lib/api-snapshot.js +458 -0
- package/lib/vendor/blamejs/lib/app-shutdown.js +557 -0
- package/lib/vendor/blamejs/lib/app.js +365 -0
- package/lib/vendor/blamejs/lib/archive.js +547 -0
- package/lib/vendor/blamejs/lib/arg-parser.js +697 -0
- package/lib/vendor/blamejs/lib/argon2-builtin.js +173 -0
- package/lib/vendor/blamejs/lib/asn1-der.js +424 -0
- package/lib/vendor/blamejs/lib/asyncapi-bindings.js +160 -0
- package/lib/vendor/blamejs/lib/asyncapi-traits.js +143 -0
- package/lib/vendor/blamejs/lib/asyncapi.js +575 -0
- package/lib/vendor/blamejs/lib/atomic-file.js +1023 -0
- package/lib/vendor/blamejs/lib/audit-chain.js +266 -0
- package/lib/vendor/blamejs/lib/audit-daily-review.js +389 -0
- package/lib/vendor/blamejs/lib/audit-sign.js +751 -0
- package/lib/vendor/blamejs/lib/audit-tools.js +1113 -0
- package/lib/vendor/blamejs/lib/audit.js +1671 -0
- package/lib/vendor/blamejs/lib/auth/aal.js +169 -0
- package/lib/vendor/blamejs/lib/auth/access-lock.js +220 -0
- package/lib/vendor/blamejs/lib/auth/acr-vocabulary.js +265 -0
- package/lib/vendor/blamejs/lib/auth/ato-kill-switch.js +112 -0
- package/lib/vendor/blamejs/lib/auth/auth-time-tracker.js +111 -0
- package/lib/vendor/blamejs/lib/auth/bot-challenge.js +573 -0
- package/lib/vendor/blamejs/lib/auth/ciba.js +637 -0
- package/lib/vendor/blamejs/lib/auth/dpop.js +516 -0
- package/lib/vendor/blamejs/lib/auth/elevation-grant.js +306 -0
- package/lib/vendor/blamejs/lib/auth/fal.js +229 -0
- package/lib/vendor/blamejs/lib/auth/fido-mds3.js +681 -0
- package/lib/vendor/blamejs/lib/auth/jwt-external.js +519 -0
- package/lib/vendor/blamejs/lib/auth/jwt.js +430 -0
- package/lib/vendor/blamejs/lib/auth/lockout.js +449 -0
- package/lib/vendor/blamejs/lib/auth/oauth.js +2141 -0
- package/lib/vendor/blamejs/lib/auth/oid4vci.js +657 -0
- package/lib/vendor/blamejs/lib/auth/oid4vp.js +531 -0
- package/lib/vendor/blamejs/lib/auth/openid-federation.js +600 -0
- package/lib/vendor/blamejs/lib/auth/passkey.js +676 -0
- package/lib/vendor/blamejs/lib/auth/password.js +693 -0
- package/lib/vendor/blamejs/lib/auth/saml.js +2109 -0
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-disclosure.js +95 -0
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-holder.js +225 -0
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-issuer.js +197 -0
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc.js +728 -0
- package/lib/vendor/blamejs/lib/auth/status-list.js +272 -0
- package/lib/vendor/blamejs/lib/auth/step-up-policy.js +335 -0
- package/lib/vendor/blamejs/lib/auth/step-up.js +454 -0
- package/lib/vendor/blamejs/lib/auth-bot-challenge.js +505 -0
- package/lib/vendor/blamejs/lib/auth-header.js +148 -0
- package/lib/vendor/blamejs/lib/backup/bundle.js +265 -0
- package/lib/vendor/blamejs/lib/backup/crypto.js +176 -0
- package/lib/vendor/blamejs/lib/backup/index.js +1001 -0
- package/lib/vendor/blamejs/lib/backup/manifest.js +443 -0
- package/lib/vendor/blamejs/lib/boot-gates.js +174 -0
- package/lib/vendor/blamejs/lib/breach-deadline.js +272 -0
- package/lib/vendor/blamejs/lib/break-glass.js +1753 -0
- package/lib/vendor/blamejs/lib/budr.js +205 -0
- package/lib/vendor/blamejs/lib/bundler.js +461 -0
- package/lib/vendor/blamejs/lib/cache-redis.js +256 -0
- package/lib/vendor/blamejs/lib/cache-status.js +288 -0
- package/lib/vendor/blamejs/lib/cache.js +1331 -0
- package/lib/vendor/blamejs/lib/calendar.js +1240 -0
- package/lib/vendor/blamejs/lib/canonical-json.js +143 -0
- package/lib/vendor/blamejs/lib/cdn-cache-control.js +473 -0
- package/lib/vendor/blamejs/lib/cert.js +763 -0
- package/lib/vendor/blamejs/lib/chain-writer.js +259 -0
- package/lib/vendor/blamejs/lib/circuit-breaker.js +101 -0
- package/lib/vendor/blamejs/lib/cli-helpers.js +237 -0
- package/lib/vendor/blamejs/lib/cli.js +2328 -0
- package/lib/vendor/blamejs/lib/client-hints.js +318 -0
- package/lib/vendor/blamejs/lib/cloud-events.js +277 -0
- package/lib/vendor/blamejs/lib/cluster-provider-db.js +317 -0
- package/lib/vendor/blamejs/lib/cluster-storage.js +351 -0
- package/lib/vendor/blamejs/lib/cluster.js +1017 -0
- package/lib/vendor/blamejs/lib/cms-codec.js +826 -0
- package/lib/vendor/blamejs/lib/codepoint-class.js +262 -0
- package/lib/vendor/blamejs/lib/compliance-ai-act-logging.js +190 -0
- package/lib/vendor/blamejs/lib/compliance-ai-act-prohibited.js +205 -0
- package/lib/vendor/blamejs/lib/compliance-ai-act-risk.js +189 -0
- package/lib/vendor/blamejs/lib/compliance-ai-act-transparency.js +200 -0
- package/lib/vendor/blamejs/lib/compliance-ai-act.js +821 -0
- package/lib/vendor/blamejs/lib/compliance-eaa.js +204 -0
- package/lib/vendor/blamejs/lib/compliance-sanctions-aliases.js +167 -0
- package/lib/vendor/blamejs/lib/compliance-sanctions-fetcher.js +206 -0
- package/lib/vendor/blamejs/lib/compliance-sanctions-fuzzy.js +297 -0
- package/lib/vendor/blamejs/lib/compliance-sanctions.js +569 -0
- package/lib/vendor/blamejs/lib/compliance.js +1558 -0
- package/lib/vendor/blamejs/lib/config-drift.js +426 -0
- package/lib/vendor/blamejs/lib/config.js +446 -0
- package/lib/vendor/blamejs/lib/consent.js +369 -0
- package/lib/vendor/blamejs/lib/constants.js +209 -0
- package/lib/vendor/blamejs/lib/content-credentials.js +704 -0
- package/lib/vendor/blamejs/lib/cookies.js +560 -0
- package/lib/vendor/blamejs/lib/cra-report.js +299 -0
- package/lib/vendor/blamejs/lib/credential-hash.js +394 -0
- package/lib/vendor/blamejs/lib/crypto-field.js +1017 -0
- package/lib/vendor/blamejs/lib/crypto-hpke-pq.js +187 -0
- package/lib/vendor/blamejs/lib/crypto-hpke.js +256 -0
- package/lib/vendor/blamejs/lib/crypto.js +1908 -0
- package/lib/vendor/blamejs/lib/csp.js +271 -0
- package/lib/vendor/blamejs/lib/csv.js +418 -0
- package/lib/vendor/blamejs/lib/daemon.js +481 -0
- package/lib/vendor/blamejs/lib/dark-patterns.js +488 -0
- package/lib/vendor/blamejs/lib/data-act.js +328 -0
- package/lib/vendor/blamejs/lib/db-collection.js +587 -0
- package/lib/vendor/blamejs/lib/db-declare-row-policy.js +267 -0
- package/lib/vendor/blamejs/lib/db-declare-view.js +420 -0
- package/lib/vendor/blamejs/lib/db-file-lifecycle.js +333 -0
- package/lib/vendor/blamejs/lib/db-query.js +802 -0
- package/lib/vendor/blamejs/lib/db-role-context.js +50 -0
- package/lib/vendor/blamejs/lib/db-schema.js +322 -0
- package/lib/vendor/blamejs/lib/db.js +3111 -0
- package/lib/vendor/blamejs/lib/dbsc.js +299 -0
- package/lib/vendor/blamejs/lib/ddl-change-control.js +523 -0
- package/lib/vendor/blamejs/lib/deprecate.js +377 -0
- package/lib/vendor/blamejs/lib/dev.js +405 -0
- package/lib/vendor/blamejs/lib/dora.js +402 -0
- package/lib/vendor/blamejs/lib/dr-runbook.js +368 -0
- package/lib/vendor/blamejs/lib/dsr.js +1188 -0
- package/lib/vendor/blamejs/lib/dual-control.js +526 -0
- package/lib/vendor/blamejs/lib/early-hints.js +212 -0
- package/lib/vendor/blamejs/lib/error-page.js +420 -0
- package/lib/vendor/blamejs/lib/events.js +214 -0
- package/lib/vendor/blamejs/lib/external-db-migrate.js +659 -0
- package/lib/vendor/blamejs/lib/external-db.js +1877 -0
- package/lib/vendor/blamejs/lib/fapi2.js +394 -0
- package/lib/vendor/blamejs/lib/fda-21cfr11.js +395 -0
- package/lib/vendor/blamejs/lib/fdx.js +370 -0
- package/lib/vendor/blamejs/lib/fedcm.js +264 -0
- package/lib/vendor/blamejs/lib/file-type.js +360 -0
- package/lib/vendor/blamejs/lib/file-upload.js +1256 -0
- package/lib/vendor/blamejs/lib/flag-cache.js +136 -0
- package/lib/vendor/blamejs/lib/flag-evaluation-context.js +135 -0
- package/lib/vendor/blamejs/lib/flag-providers.js +279 -0
- package/lib/vendor/blamejs/lib/flag-targeting.js +210 -0
- package/lib/vendor/blamejs/lib/flag.js +346 -0
- package/lib/vendor/blamejs/lib/forms.js +525 -0
- package/lib/vendor/blamejs/lib/framework-error.js +724 -0
- package/lib/vendor/blamejs/lib/framework-schema.js +845 -0
- package/lib/vendor/blamejs/lib/framework-sha1-hibp.js +34 -0
- package/lib/vendor/blamejs/lib/fsm.js +469 -0
- package/lib/vendor/blamejs/lib/gate-contract.js +1661 -0
- package/lib/vendor/blamejs/lib/gdpr-ropa.js +261 -0
- package/lib/vendor/blamejs/lib/graphql-federation.js +234 -0
- package/lib/vendor/blamejs/lib/guard-agent-registry.js +179 -0
- package/lib/vendor/blamejs/lib/guard-all.js +555 -0
- package/lib/vendor/blamejs/lib/guard-archive.js +901 -0
- package/lib/vendor/blamejs/lib/guard-auth.js +451 -0
- package/lib/vendor/blamejs/lib/guard-cidr.js +676 -0
- package/lib/vendor/blamejs/lib/guard-csv.js +1176 -0
- package/lib/vendor/blamejs/lib/guard-domain.js +814 -0
- package/lib/vendor/blamejs/lib/guard-dsn.js +382 -0
- package/lib/vendor/blamejs/lib/guard-email.js +951 -0
- package/lib/vendor/blamejs/lib/guard-envelope.js +294 -0
- package/lib/vendor/blamejs/lib/guard-event-bus-payload.js +217 -0
- package/lib/vendor/blamejs/lib/guard-event-bus-topic.js +150 -0
- package/lib/vendor/blamejs/lib/guard-filename.js +956 -0
- package/lib/vendor/blamejs/lib/guard-graphql.js +731 -0
- package/lib/vendor/blamejs/lib/guard-html-wcag-aria.js +164 -0
- package/lib/vendor/blamejs/lib/guard-html-wcag-forms.js +144 -0
- package/lib/vendor/blamejs/lib/guard-html-wcag-tables.js +154 -0
- package/lib/vendor/blamejs/lib/guard-html-wcag-tagwalk.js +44 -0
- package/lib/vendor/blamejs/lib/guard-html-wcag.js +470 -0
- package/lib/vendor/blamejs/lib/guard-html.js +1209 -0
- package/lib/vendor/blamejs/lib/guard-idempotency-key.js +151 -0
- package/lib/vendor/blamejs/lib/guard-image.js +584 -0
- package/lib/vendor/blamejs/lib/guard-imap-command.js +337 -0
- package/lib/vendor/blamejs/lib/guard-jmap.js +321 -0
- package/lib/vendor/blamejs/lib/guard-json.js +935 -0
- package/lib/vendor/blamejs/lib/guard-jsonpath.js +512 -0
- package/lib/vendor/blamejs/lib/guard-jwt.js +772 -0
- package/lib/vendor/blamejs/lib/guard-list-id.js +318 -0
- package/lib/vendor/blamejs/lib/guard-list-unsubscribe.js +412 -0
- package/lib/vendor/blamejs/lib/guard-mail-compose.js +282 -0
- package/lib/vendor/blamejs/lib/guard-mail-move.js +202 -0
- package/lib/vendor/blamejs/lib/guard-mail-query.js +310 -0
- package/lib/vendor/blamejs/lib/guard-mail-reply.js +172 -0
- package/lib/vendor/blamejs/lib/guard-mail-sieve.js +207 -0
- package/lib/vendor/blamejs/lib/guard-managesieve-command.js +566 -0
- package/lib/vendor/blamejs/lib/guard-markdown.js +768 -0
- package/lib/vendor/blamejs/lib/guard-message-id.js +267 -0
- package/lib/vendor/blamejs/lib/guard-mime.js +609 -0
- package/lib/vendor/blamejs/lib/guard-oauth.js +650 -0
- package/lib/vendor/blamejs/lib/guard-pdf.js +569 -0
- package/lib/vendor/blamejs/lib/guard-pop3-command.js +317 -0
- package/lib/vendor/blamejs/lib/guard-posture-chain.js +201 -0
- package/lib/vendor/blamejs/lib/guard-regex.js +632 -0
- package/lib/vendor/blamejs/lib/guard-saga-config.js +157 -0
- package/lib/vendor/blamejs/lib/guard-shell.js +522 -0
- package/lib/vendor/blamejs/lib/guard-smtp-command.js +594 -0
- package/lib/vendor/blamejs/lib/guard-snapshot-envelope.js +168 -0
- package/lib/vendor/blamejs/lib/guard-stream-args.js +166 -0
- package/lib/vendor/blamejs/lib/guard-svg.js +1163 -0
- package/lib/vendor/blamejs/lib/guard-template.js +490 -0
- package/lib/vendor/blamejs/lib/guard-tenant-id.js +138 -0
- package/lib/vendor/blamejs/lib/guard-time.js +586 -0
- package/lib/vendor/blamejs/lib/guard-trace-context.js +172 -0
- package/lib/vendor/blamejs/lib/guard-uuid.js +548 -0
- package/lib/vendor/blamejs/lib/guard-xml.js +666 -0
- package/lib/vendor/blamejs/lib/guard-yaml.js +726 -0
- package/lib/vendor/blamejs/lib/hal.js +125 -0
- package/lib/vendor/blamejs/lib/handlers.js +350 -0
- package/lib/vendor/blamejs/lib/honeytoken.js +168 -0
- package/lib/vendor/blamejs/lib/html-balance.js +347 -0
- package/lib/vendor/blamejs/lib/http-client-cache.js +923 -0
- package/lib/vendor/blamejs/lib/http-client-cookie-jar.js +519 -0
- package/lib/vendor/blamejs/lib/http-client.js +2152 -0
- package/lib/vendor/blamejs/lib/http-message-signature.js +589 -0
- package/lib/vendor/blamejs/lib/http2-teardown.js +34 -0
- package/lib/vendor/blamejs/lib/i18n-messageformat.js +398 -0
- package/lib/vendor/blamejs/lib/i18n.js +931 -0
- package/lib/vendor/blamejs/lib/iab-mspa.js +257 -0
- package/lib/vendor/blamejs/lib/iab-tcf.js +461 -0
- package/lib/vendor/blamejs/lib/importmap-integrity.js +90 -0
- package/lib/vendor/blamejs/lib/inbox.js +435 -0
- package/lib/vendor/blamejs/lib/incident-report.js +314 -0
- package/lib/vendor/blamejs/lib/ip-utils.js +102 -0
- package/lib/vendor/blamejs/lib/jobs.js +185 -0
- package/lib/vendor/blamejs/lib/jose-jwe-experimental.js +228 -0
- package/lib/vendor/blamejs/lib/jsonapi.js +230 -0
- package/lib/vendor/blamejs/lib/keychain.js +865 -0
- package/lib/vendor/blamejs/lib/lazy-require.js +48 -0
- package/lib/vendor/blamejs/lib/legal-hold.js +374 -0
- package/lib/vendor/blamejs/lib/local-db-thin.js +321 -0
- package/lib/vendor/blamejs/lib/log-stream-cloudwatch.js +369 -0
- package/lib/vendor/blamejs/lib/log-stream-local.js +146 -0
- package/lib/vendor/blamejs/lib/log-stream-otlp-grpc.js +410 -0
- package/lib/vendor/blamejs/lib/log-stream-otlp.js +286 -0
- package/lib/vendor/blamejs/lib/log-stream-syslog.js +310 -0
- package/lib/vendor/blamejs/lib/log-stream-webhook.js +199 -0
- package/lib/vendor/blamejs/lib/log-stream.js +584 -0
- package/lib/vendor/blamejs/lib/log.js +625 -0
- package/lib/vendor/blamejs/lib/lro.js +200 -0
- package/lib/vendor/blamejs/lib/mail-agent.js +786 -0
- package/lib/vendor/blamejs/lib/mail-arc-sign.js +417 -0
- package/lib/vendor/blamejs/lib/mail-arf.js +343 -0
- package/lib/vendor/blamejs/lib/mail-auth.js +2144 -0
- package/lib/vendor/blamejs/lib/mail-bimi.js +1047 -0
- package/lib/vendor/blamejs/lib/mail-bounce.js +955 -0
- package/lib/vendor/blamejs/lib/mail-crypto-pgp.js +1286 -0
- package/lib/vendor/blamejs/lib/mail-crypto-smime.js +789 -0
- package/lib/vendor/blamejs/lib/mail-crypto.js +108 -0
- package/lib/vendor/blamejs/lib/mail-dav.js +1224 -0
- package/lib/vendor/blamejs/lib/mail-deploy.js +1119 -0
- package/lib/vendor/blamejs/lib/mail-dkim.js +1250 -0
- package/lib/vendor/blamejs/lib/mail-greylist.js +448 -0
- package/lib/vendor/blamejs/lib/mail-helo.js +473 -0
- package/lib/vendor/blamejs/lib/mail-journal.js +435 -0
- package/lib/vendor/blamejs/lib/mail-mdn.js +424 -0
- package/lib/vendor/blamejs/lib/mail-rbl.js +392 -0
- package/lib/vendor/blamejs/lib/mail-require-tls.js +198 -0
- package/lib/vendor/blamejs/lib/mail-scan.js +502 -0
- package/lib/vendor/blamejs/lib/mail-send-deliver.js +629 -0
- package/lib/vendor/blamejs/lib/mail-server-imap.js +1858 -0
- package/lib/vendor/blamejs/lib/mail-server-jmap.js +1565 -0
- package/lib/vendor/blamejs/lib/mail-server-managesieve.js +908 -0
- package/lib/vendor/blamejs/lib/mail-server-mx.js +969 -0
- package/lib/vendor/blamejs/lib/mail-server-pop3.js +915 -0
- package/lib/vendor/blamejs/lib/mail-server-rate-limit.js +315 -0
- package/lib/vendor/blamejs/lib/mail-server-registry.js +378 -0
- package/lib/vendor/blamejs/lib/mail-server-submission.js +1396 -0
- package/lib/vendor/blamejs/lib/mail-server-tls.js +445 -0
- package/lib/vendor/blamejs/lib/mail-sieve.js +557 -0
- package/lib/vendor/blamejs/lib/mail-spam-score.js +284 -0
- package/lib/vendor/blamejs/lib/mail-srs.js +248 -0
- package/lib/vendor/blamejs/lib/mail-store-fts.js +394 -0
- package/lib/vendor/blamejs/lib/mail-store.js +929 -0
- package/lib/vendor/blamejs/lib/mail-unsubscribe.js +400 -0
- package/lib/vendor/blamejs/lib/mail.js +1971 -0
- package/lib/vendor/blamejs/lib/mcp-tool-registry.js +473 -0
- package/lib/vendor/blamejs/lib/mcp.js +950 -0
- package/lib/vendor/blamejs/lib/metrics.js +1503 -0
- package/lib/vendor/blamejs/lib/middleware/age-gate.js +177 -0
- package/lib/vendor/blamejs/lib/middleware/ai-act-disclosure.js +203 -0
- package/lib/vendor/blamejs/lib/middleware/api-encrypt.js +981 -0
- package/lib/vendor/blamejs/lib/middleware/assetlinks.js +137 -0
- package/lib/vendor/blamejs/lib/middleware/asyncapi-serve.js +171 -0
- package/lib/vendor/blamejs/lib/middleware/attach-user.js +220 -0
- package/lib/vendor/blamejs/lib/middleware/bearer-auth.js +293 -0
- package/lib/vendor/blamejs/lib/middleware/body-parser.js +1519 -0
- package/lib/vendor/blamejs/lib/middleware/bot-disclose.js +183 -0
- package/lib/vendor/blamejs/lib/middleware/bot-guard.js +217 -0
- package/lib/vendor/blamejs/lib/middleware/clear-site-data.js +122 -0
- package/lib/vendor/blamejs/lib/middleware/compose-pipeline.js +355 -0
- package/lib/vendor/blamejs/lib/middleware/compression.js +489 -0
- package/lib/vendor/blamejs/lib/middleware/cookies.js +130 -0
- package/lib/vendor/blamejs/lib/middleware/cors.js +386 -0
- package/lib/vendor/blamejs/lib/middleware/csp-nonce.js +388 -0
- package/lib/vendor/blamejs/lib/middleware/csp-report.js +167 -0
- package/lib/vendor/blamejs/lib/middleware/csrf-protect.js +499 -0
- package/lib/vendor/blamejs/lib/middleware/daily-byte-quota.js +243 -0
- package/lib/vendor/blamejs/lib/middleware/db-role-for.js +304 -0
- package/lib/vendor/blamejs/lib/middleware/dpop.js +402 -0
- package/lib/vendor/blamejs/lib/middleware/error-handler.js +69 -0
- package/lib/vendor/blamejs/lib/middleware/fetch-metadata.js +168 -0
- package/lib/vendor/blamejs/lib/middleware/flag-context.js +110 -0
- package/lib/vendor/blamejs/lib/middleware/gpc.js +153 -0
- package/lib/vendor/blamejs/lib/middleware/headers.js +242 -0
- package/lib/vendor/blamejs/lib/middleware/health.js +438 -0
- package/lib/vendor/blamejs/lib/middleware/host-allowlist.js +189 -0
- package/lib/vendor/blamejs/lib/middleware/idempotency-key.js +964 -0
- package/lib/vendor/blamejs/lib/middleware/index.js +183 -0
- package/lib/vendor/blamejs/lib/middleware/nel.js +214 -0
- package/lib/vendor/blamejs/lib/middleware/network-allowlist.js +237 -0
- package/lib/vendor/blamejs/lib/middleware/no-cache.js +106 -0
- package/lib/vendor/blamejs/lib/middleware/openapi-serve.js +177 -0
- package/lib/vendor/blamejs/lib/middleware/protected-resource-metadata.js +277 -0
- package/lib/vendor/blamejs/lib/middleware/rate-limit.js +556 -0
- package/lib/vendor/blamejs/lib/middleware/request-id.js +79 -0
- package/lib/vendor/blamejs/lib/middleware/request-log.js +205 -0
- package/lib/vendor/blamejs/lib/middleware/require-aal.js +138 -0
- package/lib/vendor/blamejs/lib/middleware/require-auth.js +144 -0
- package/lib/vendor/blamejs/lib/middleware/require-bound-key.js +290 -0
- package/lib/vendor/blamejs/lib/middleware/require-content-type.js +113 -0
- package/lib/vendor/blamejs/lib/middleware/require-methods.js +97 -0
- package/lib/vendor/blamejs/lib/middleware/require-mtls.js +212 -0
- package/lib/vendor/blamejs/lib/middleware/require-step-up.js +226 -0
- package/lib/vendor/blamejs/lib/middleware/scim-server.js +375 -0
- package/lib/vendor/blamejs/lib/middleware/security-headers.js +285 -0
- package/lib/vendor/blamejs/lib/middleware/security-txt.js +170 -0
- package/lib/vendor/blamejs/lib/middleware/span-http-server.js +280 -0
- package/lib/vendor/blamejs/lib/middleware/speculation-rules.js +323 -0
- package/lib/vendor/blamejs/lib/middleware/sse.js +200 -0
- package/lib/vendor/blamejs/lib/middleware/trace-log-correlation.js +167 -0
- package/lib/vendor/blamejs/lib/middleware/trace-propagate.js +148 -0
- package/lib/vendor/blamejs/lib/middleware/tus-upload.js +749 -0
- package/lib/vendor/blamejs/lib/middleware/web-app-manifest.js +164 -0
- package/lib/vendor/blamejs/lib/migration-files.js +37 -0
- package/lib/vendor/blamejs/lib/migrations.js +385 -0
- package/lib/vendor/blamejs/lib/mime-parse.js +198 -0
- package/lib/vendor/blamejs/lib/money.js +699 -0
- package/lib/vendor/blamejs/lib/mtls-ca.js +572 -0
- package/lib/vendor/blamejs/lib/mtls-engine-default.js +501 -0
- package/lib/vendor/blamejs/lib/network-byte-quota.js +308 -0
- package/lib/vendor/blamejs/lib/network-dns-resolver.js +533 -0
- package/lib/vendor/blamejs/lib/network-dns.js +1930 -0
- package/lib/vendor/blamejs/lib/network-heartbeat.js +425 -0
- package/lib/vendor/blamejs/lib/network-nts.js +574 -0
- package/lib/vendor/blamejs/lib/network-proxy.js +265 -0
- package/lib/vendor/blamejs/lib/network-smtp-policy.js +836 -0
- package/lib/vendor/blamejs/lib/network-tls.js +3126 -0
- package/lib/vendor/blamejs/lib/network.js +346 -0
- package/lib/vendor/blamejs/lib/nis2-report.js +181 -0
- package/lib/vendor/blamejs/lib/nist-crosswalk.js +293 -0
- package/lib/vendor/blamejs/lib/nonce-store.js +177 -0
- package/lib/vendor/blamejs/lib/notify.js +683 -0
- package/lib/vendor/blamejs/lib/ntp-check.js +458 -0
- package/lib/vendor/blamejs/lib/numeric-bounds.js +111 -0
- package/lib/vendor/blamejs/lib/numeric-checks.js +40 -0
- package/lib/vendor/blamejs/lib/object-store/azure-blob-bucket-ops.js +349 -0
- package/lib/vendor/blamejs/lib/object-store/azure-blob.js +488 -0
- package/lib/vendor/blamejs/lib/object-store/gcs-bucket-ops.js +351 -0
- package/lib/vendor/blamejs/lib/object-store/gcs.js +515 -0
- package/lib/vendor/blamejs/lib/object-store/http-put.js +153 -0
- package/lib/vendor/blamejs/lib/object-store/http-request.js +38 -0
- package/lib/vendor/blamejs/lib/object-store/index.js +197 -0
- package/lib/vendor/blamejs/lib/object-store/local.js +163 -0
- package/lib/vendor/blamejs/lib/object-store/sigv4-bucket-ops.js +1133 -0
- package/lib/vendor/blamejs/lib/object-store/sigv4.js +957 -0
- package/lib/vendor/blamejs/lib/observability-otlp-exporter.js +420 -0
- package/lib/vendor/blamejs/lib/observability-tracer.js +395 -0
- package/lib/vendor/blamejs/lib/observability.js +720 -0
- package/lib/vendor/blamejs/lib/openapi-paths-builder.js +248 -0
- package/lib/vendor/blamejs/lib/openapi-schema-walk.js +192 -0
- package/lib/vendor/blamejs/lib/openapi-security.js +169 -0
- package/lib/vendor/blamejs/lib/openapi-yaml.js +154 -0
- package/lib/vendor/blamejs/lib/openapi.js +489 -0
- package/lib/vendor/blamejs/lib/otel-export.js +278 -0
- package/lib/vendor/blamejs/lib/outbox.js +547 -0
- package/lib/vendor/blamejs/lib/pagination.js +542 -0
- package/lib/vendor/blamejs/lib/parsers/index.js +91 -0
- package/lib/vendor/blamejs/lib/parsers/safe-env.js +642 -0
- package/lib/vendor/blamejs/lib/parsers/safe-ini.js +293 -0
- package/lib/vendor/blamejs/lib/parsers/safe-toml.js +784 -0
- package/lib/vendor/blamejs/lib/parsers/safe-xml.js +390 -0
- package/lib/vendor/blamejs/lib/parsers/safe-yaml.js +1015 -0
- package/lib/vendor/blamejs/lib/permissions.js +793 -0
- package/lib/vendor/blamejs/lib/pick.js +105 -0
- package/lib/vendor/blamejs/lib/pqc-agent.js +351 -0
- package/lib/vendor/blamejs/lib/pqc-gate.js +279 -0
- package/lib/vendor/blamejs/lib/pqc-software.js +271 -0
- package/lib/vendor/blamejs/lib/problem-details.js +482 -0
- package/lib/vendor/blamejs/lib/process-spawn.js +196 -0
- package/lib/vendor/blamejs/lib/promise-pool.js +162 -0
- package/lib/vendor/blamejs/lib/protobuf-encoder.js +190 -0
- package/lib/vendor/blamejs/lib/protocol-dispatcher.js +161 -0
- package/lib/vendor/blamejs/lib/public-suffix.js +403 -0
- package/lib/vendor/blamejs/lib/pubsub-cluster.js +154 -0
- package/lib/vendor/blamejs/lib/pubsub-redis.js +167 -0
- package/lib/vendor/blamejs/lib/pubsub.js +463 -0
- package/lib/vendor/blamejs/lib/queue-local.js +476 -0
- package/lib/vendor/blamejs/lib/queue-redis.js +745 -0
- package/lib/vendor/blamejs/lib/queue-sqs.js +319 -0
- package/lib/vendor/blamejs/lib/queue.js +1016 -0
- package/lib/vendor/blamejs/lib/redact.js +1007 -0
- package/lib/vendor/blamejs/lib/redis-client.js +520 -0
- package/lib/vendor/blamejs/lib/render.js +285 -0
- package/lib/vendor/blamejs/lib/request-helpers.js +767 -0
- package/lib/vendor/blamejs/lib/resource-access-lock.js +116 -0
- package/lib/vendor/blamejs/lib/restore-bundle.js +340 -0
- package/lib/vendor/blamejs/lib/restore-rollback.js +365 -0
- package/lib/vendor/blamejs/lib/restore.js +409 -0
- package/lib/vendor/blamejs/lib/retention.js +640 -0
- package/lib/vendor/blamejs/lib/retry.js +523 -0
- package/lib/vendor/blamejs/lib/router.js +1289 -0
- package/lib/vendor/blamejs/lib/safe-async.js +1184 -0
- package/lib/vendor/blamejs/lib/safe-buffer.js +562 -0
- package/lib/vendor/blamejs/lib/safe-decompress.js +297 -0
- package/lib/vendor/blamejs/lib/safe-dns.js +665 -0
- package/lib/vendor/blamejs/lib/safe-ical.js +634 -0
- package/lib/vendor/blamejs/lib/safe-icap.js +502 -0
- package/lib/vendor/blamejs/lib/safe-json.js +946 -0
- package/lib/vendor/blamejs/lib/safe-jsonpath.js +285 -0
- package/lib/vendor/blamejs/lib/safe-mime.js +831 -0
- package/lib/vendor/blamejs/lib/safe-mount-info.js +306 -0
- package/lib/vendor/blamejs/lib/safe-path.js +254 -0
- package/lib/vendor/blamejs/lib/safe-redirect.js +106 -0
- package/lib/vendor/blamejs/lib/safe-schema.js +1810 -0
- package/lib/vendor/blamejs/lib/safe-sieve.js +684 -0
- package/lib/vendor/blamejs/lib/safe-smtp.js +185 -0
- package/lib/vendor/blamejs/lib/safe-sql.js +363 -0
- package/lib/vendor/blamejs/lib/safe-url.js +428 -0
- package/lib/vendor/blamejs/lib/safe-vcard.js +473 -0
- package/lib/vendor/blamejs/lib/sandbox-worker.js +135 -0
- package/lib/vendor/blamejs/lib/sandbox.js +358 -0
- package/lib/vendor/blamejs/lib/scheduler.js +827 -0
- package/lib/vendor/blamejs/lib/sd-notify.js +269 -0
- package/lib/vendor/blamejs/lib/sec-cyber.js +214 -0
- package/lib/vendor/blamejs/lib/security-assert.js +395 -0
- package/lib/vendor/blamejs/lib/seeders.js +620 -0
- package/lib/vendor/blamejs/lib/self-update-standalone-verifier.js +309 -0
- package/lib/vendor/blamejs/lib/self-update.js +804 -0
- package/lib/vendor/blamejs/lib/server-timing.js +174 -0
- package/lib/vendor/blamejs/lib/session-device-binding.js +431 -0
- package/lib/vendor/blamejs/lib/session-stores.js +138 -0
- package/lib/vendor/blamejs/lib/session.js +1162 -0
- package/lib/vendor/blamejs/lib/slug.js +381 -0
- package/lib/vendor/blamejs/lib/sse.js +349 -0
- package/lib/vendor/blamejs/lib/ssrf-guard.js +792 -0
- package/lib/vendor/blamejs/lib/standard-webhooks.js +183 -0
- package/lib/vendor/blamejs/lib/static.js +1249 -0
- package/lib/vendor/blamejs/lib/storage.js +1272 -0
- package/lib/vendor/blamejs/lib/stream-throttle.js +235 -0
- package/lib/vendor/blamejs/lib/structured-fields.js +244 -0
- package/lib/vendor/blamejs/lib/subject.js +667 -0
- package/lib/vendor/blamejs/lib/tcpa-10dlc.js +175 -0
- package/lib/vendor/blamejs/lib/template.js +931 -0
- package/lib/vendor/blamejs/lib/tenant-quota.js +545 -0
- package/lib/vendor/blamejs/lib/test-harness.js +275 -0
- package/lib/vendor/blamejs/lib/testing.js +1185 -0
- package/lib/vendor/blamejs/lib/time.js +578 -0
- package/lib/vendor/blamejs/lib/tls-exporter.js +239 -0
- package/lib/vendor/blamejs/lib/totp.js +318 -0
- package/lib/vendor/blamejs/lib/tracing.js +546 -0
- package/lib/vendor/blamejs/lib/uuid.js +207 -0
- package/lib/vendor/blamejs/lib/validate-opts.js +381 -0
- package/lib/vendor/blamejs/lib/vault/index.js +638 -0
- package/lib/vendor/blamejs/lib/vault/passphrase-ops.js +311 -0
- package/lib/vendor/blamejs/lib/vault/passphrase-source.js +198 -0
- package/lib/vendor/blamejs/lib/vault/rotate.js +803 -0
- package/lib/vendor/blamejs/lib/vault/seal-pem-file.js +471 -0
- package/lib/vendor/blamejs/lib/vault/wrap.js +296 -0
- package/lib/vendor/blamejs/lib/vault-aad.js +259 -0
- package/lib/vendor/blamejs/lib/vendor/.vendor-data-pubkey +4 -0
- package/lib/vendor/blamejs/lib/vendor/MANIFEST.json +161 -0
- package/lib/vendor/blamejs/lib/vendor/bimi-trust-anchors.data.js +68 -0
- package/lib/vendor/blamejs/lib/vendor/bimi-trust-anchors.pem +33 -0
- package/lib/vendor/blamejs/lib/vendor/common-passwords-top-10000.data.js +1325 -0
- package/lib/vendor/blamejs/lib/vendor/common-passwords-top-10000.txt +10002 -0
- package/lib/vendor/blamejs/lib/vendor/noble-ciphers.cjs +9 -0
- package/lib/vendor/blamejs/lib/vendor/noble-post-quantum.cjs +18 -0
- package/lib/vendor/blamejs/lib/vendor/pki.cjs +181 -0
- package/lib/vendor/blamejs/lib/vendor/public-suffix-list.dat +16382 -0
- package/lib/vendor/blamejs/lib/vendor/public-suffix-list.data.js +5881 -0
- package/lib/vendor/blamejs/lib/vendor/simplewebauthn-server.cjs +328 -0
- package/lib/vendor/blamejs/lib/vendor/vendor-data-pubkey.js +16 -0
- package/lib/vendor/blamejs/lib/vendor-data.js +520 -0
- package/lib/vendor/blamejs/lib/vex.js +630 -0
- package/lib/vendor/blamejs/lib/watcher.js +608 -0
- package/lib/vendor/blamejs/lib/web-push-vapid.js +322 -0
- package/lib/vendor/blamejs/lib/webhook.js +977 -0
- package/lib/vendor/blamejs/lib/websocket-channels.js +327 -0
- package/lib/vendor/blamejs/lib/websocket.js +1561 -0
- package/lib/vendor/blamejs/lib/wiki-concepts.js +338 -0
- package/lib/vendor/blamejs/lib/worker-pool.js +464 -0
- package/lib/vendor/blamejs/lib/ws-client.js +978 -0
- package/lib/vendor/blamejs/lib/xml-c14n.js +506 -0
- package/lib/vendor/blamejs/memory/specs/node-26-map-getorinsert-migration.md +164 -0
- package/lib/vendor/blamejs/oss-fuzz/projects/blamejs/Dockerfile +19 -0
- package/lib/vendor/blamejs/oss-fuzz/projects/blamejs/README.md +88 -0
- package/lib/vendor/blamejs/oss-fuzz/projects/blamejs/build.sh +26 -0
- package/lib/vendor/blamejs/oss-fuzz/projects/blamejs/project.yaml +28 -0
- package/lib/vendor/blamejs/package.json +81 -0
- package/lib/vendor/blamejs/release-notes/v0.0.x.json +310 -0
- package/lib/vendor/blamejs/release-notes/v0.1.x.json +1798 -0
- package/lib/vendor/blamejs/release-notes/v0.10.x.json +1288 -0
- package/lib/vendor/blamejs/release-notes/v0.11.x.json +2551 -0
- package/lib/vendor/blamejs/release-notes/v0.12.0.json +64 -0
- package/lib/vendor/blamejs/release-notes/v0.12.1.json +32 -0
- package/lib/vendor/blamejs/release-notes/v0.12.2.json +45 -0
- package/lib/vendor/blamejs/release-notes/v0.2.x.json +706 -0
- package/lib/vendor/blamejs/release-notes/v0.3.x.json +786 -0
- package/lib/vendor/blamejs/release-notes/v0.4.x.json +588 -0
- package/lib/vendor/blamejs/release-notes/v0.5.x.json +390 -0
- package/lib/vendor/blamejs/release-notes/v0.6.x.json +1947 -0
- package/lib/vendor/blamejs/release-notes/v0.7.x.json +3811 -0
- package/lib/vendor/blamejs/release-notes/v0.8.x.json +3318 -0
- package/lib/vendor/blamejs/release-notes/v0.9.x.json +2257 -0
- package/lib/vendor/blamejs/scripts/build-vendored-sbom.js +325 -0
- package/lib/vendor/blamejs/scripts/check-api-snapshot.js +62 -0
- package/lib/vendor/blamejs/scripts/check-changelog-extract.js +108 -0
- package/lib/vendor/blamejs/scripts/check-pack-against-gitignore.js +83 -0
- package/lib/vendor/blamejs/scripts/check-services.js +483 -0
- package/lib/vendor/blamejs/scripts/check-vendor-currency.js +349 -0
- package/lib/vendor/blamejs/scripts/consolidate-release-notes.js +216 -0
- package/lib/vendor/blamejs/scripts/gen-migrating.js +275 -0
- package/lib/vendor/blamejs/scripts/generate-changelog-entry.js +577 -0
- package/lib/vendor/blamejs/scripts/generate-release-signing-key.js +79 -0
- package/lib/vendor/blamejs/scripts/publish-dep-confusion-placeholder.sh +101 -0
- package/lib/vendor/blamejs/scripts/refresh-api-snapshot.js +31 -0
- package/lib/vendor/blamejs/scripts/refresh-vendor-manifest.js +132 -0
- package/lib/vendor/blamejs/scripts/release.js +652 -0
- package/lib/vendor/blamejs/scripts/sha3-digest.js +62 -0
- package/lib/vendor/blamejs/scripts/sign-release-artifact.js +92 -0
- package/lib/vendor/blamejs/scripts/test-integration.js +181 -0
- package/lib/vendor/blamejs/scripts/test-wiki-integration.js +126 -0
- package/lib/vendor/blamejs/scripts/validate-source-comment-blocks.js +77 -0
- package/lib/vendor/blamejs/scripts/vendor-data-gen.js +186 -0
- package/lib/vendor/blamejs/scripts/vendor-data-keygen.js +101 -0
- package/lib/vendor/blamejs/scripts/vendor-update.sh +278 -0
- package/lib/vendor/blamejs/test/00-primitives.js +19075 -0
- package/lib/vendor/blamejs/test/10-state.js +622 -0
- package/lib/vendor/blamejs/test/20-db.js +561 -0
- package/lib/vendor/blamejs/test/30-chain.js +2110 -0
- package/lib/vendor/blamejs/test/40-consumers.js +2453 -0
- package/lib/vendor/blamejs/test/50-integration.js +486 -0
- package/lib/vendor/blamejs/test/_helpers.js +10 -0
- package/lib/vendor/blamejs/test/_smoke-worker.js +69 -0
- package/lib/vendor/blamejs/test/fixtures/exploit-corpus/corpus.json +368 -0
- package/lib/vendor/blamejs/test/fixtures/http-client-stream-payload.txt +2 -0
- package/lib/vendor/blamejs/test/fixtures/worker-pool/echo.js +52 -0
- package/lib/vendor/blamejs/test/helpers/_codebase-shingle-worker.js +24 -0
- package/lib/vendor/blamejs/test/helpers/_codebase-shingle.js +203 -0
- package/lib/vendor/blamejs/test/helpers/_shape-match.js +513 -0
- package/lib/vendor/blamejs/test/helpers/check.js +36 -0
- package/lib/vendor/blamejs/test/helpers/cluster.js +70 -0
- package/lib/vendor/blamejs/test/helpers/db.js +143 -0
- package/lib/vendor/blamejs/test/helpers/drivers.js +207 -0
- package/lib/vendor/blamejs/test/helpers/fs-watch.js +101 -0
- package/lib/vendor/blamejs/test/helpers/http.js +14 -0
- package/lib/vendor/blamejs/test/helpers/index.js +93 -0
- package/lib/vendor/blamejs/test/helpers/json-round-trip.js +120 -0
- package/lib/vendor/blamejs/test/helpers/mocks.js +20 -0
- package/lib/vendor/blamejs/test/helpers/otel.js +13 -0
- package/lib/vendor/blamejs/test/helpers/services.js +380 -0
- package/lib/vendor/blamejs/test/helpers/wait.js +206 -0
- package/lib/vendor/blamejs/test/integration/cache.test.js +235 -0
- package/lib/vendor/blamejs/test/integration/cluster-provider-mysql.test.js +174 -0
- package/lib/vendor/blamejs/test/integration/federation-auth.test.js +611 -0
- package/lib/vendor/blamejs/test/integration/http-client.test.js +129 -0
- package/lib/vendor/blamejs/test/integration/log-stream.test.js +219 -0
- package/lib/vendor/blamejs/test/integration/mail-crypto-smime.test.js +181 -0
- package/lib/vendor/blamejs/test/integration/mail-dkim.test.js +152 -0
- package/lib/vendor/blamejs/test/integration/mail-smtp.test.js +161 -0
- package/lib/vendor/blamejs/test/integration/mtls-ca.test.js +289 -0
- package/lib/vendor/blamejs/test/integration/network-dns.test.js +123 -0
- package/lib/vendor/blamejs/test/integration/network-heartbeat.test.js +101 -0
- package/lib/vendor/blamejs/test/integration/ntp-check.test.js +89 -0
- package/lib/vendor/blamejs/test/integration/object-store-sigv4.test.js +403 -0
- package/lib/vendor/blamejs/test/integration/pqc-pkcs8-forward-compat.test.js +271 -0
- package/lib/vendor/blamejs/test/integration/pubsub.test.js +137 -0
- package/lib/vendor/blamejs/test/integration/queue-redis.test.js +352 -0
- package/lib/vendor/blamejs/test/integration/redis-client-tls.test.js +96 -0
- package/lib/vendor/blamejs/test/integration/ssrf-guard.test.js +98 -0
- package/lib/vendor/blamejs/test/integration/websocket-permessage-deflate.test.js +261 -0
- package/lib/vendor/blamejs/test/integration/ws-client-roundtrip.test.js +230 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/a2a-tasks.test.js +211 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/a2a.test.js +59 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/access-lock.test.js +136 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/acme.test.js +219 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/age-gate.test.js +69 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/agent-event-bus.test.js +266 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/agent-idempotency.test.js +262 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/agent-orchestrator.test.js +390 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/agent-posture-chain.test.js +174 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/agent-saga.test.js +279 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/agent-snapshot.test.js +322 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/agent-stream.test.js +227 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/agent-tenant.test.js +302 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/agent-trace.test.js +150 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/ai-adverse-decision.test.js +44 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/ai-content-detect.test.js +150 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/ai-input.test.js +50 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/ai-model-manifest.test.js +96 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/ai-pref.test.js +76 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/api-encrypt.test.js +1080 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/app-shutdown.test.js +311 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/archive-zip-stream.test.js +291 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/archive.test.js +140 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/arg-parser.test.js +267 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/asn1-der.test.js +108 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/asyncapi.test.js +929 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/atomic-file-conflict-path.test.js +80 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-cve-defensive.test.js +176 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-daily-review.test.js +132 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-export-cadf.test.js +97 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-framework-namespaces.test.js +141 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-segregation.test.js +115 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-sign-ml-dsa-65.test.js +163 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-use-store.test.js +246 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/auth-bot-challenge-verifier.test.js +485 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/auth-bot-challenge.test.js +331 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/auth-jwt-defenses.test.js +352 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/auth-lockout.test.js +572 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/auth-password-audit.test.js +61 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/azure-blob-bucket-ops.test.js +258 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/backup-manifest-signature.test.js +105 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/backup-worker.test.js +34 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/bearer-auth.test.js +107 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/body-parser-chunked-malformed.test.js +131 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/body-parser-smuggling.test.js +118 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/boot-gates.test.js +85 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/breach-deadline.test.js +38 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/break-glass.test.js +861 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/budr.test.js +55 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/bundler-engine.test.js +209 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cache-status.test.js +129 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cache.test.js +871 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/calendar.test.js +891 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/canonical-json-jcs.test.js +43 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cdn-cache-control.test.js +243 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cert.test.js +550 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/clear-site-data.test.js +107 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-api-key.test.js +147 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-audit-verify-chain.test.js +104 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-backup.test.js +135 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-config-drift.test.js +67 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-erase.test.js +75 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-file-type.test.js +98 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-helpers.test.js +145 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-mtls.test.js +133 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-password.test.js +97 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-restore.test.js +160 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-retention.test.js +84 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-security.test.js +69 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-vault.test.js +142 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/client-hints.test.js +133 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cms-codec.test.js +237 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/codebase-patterns.test.js +9600 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/compliance-ai-act.test.js +575 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/compliance-cascade.test.js +89 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/compliance-eaa.test.js +36 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/compliance-sanctions.test.js +712 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/compliance.test.js +278 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/config-drift.test.js +97 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/config.test.js +424 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/content-credentials.test.js +94 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cors.test.js +357 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cra-report.test.js +31 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/credential-hash.test.js +226 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-base64url.test.js +86 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-envelope.test.js +85 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-hash-files-parallel.test.js +193 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-hash-stream.test.js +98 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-hpke-pq.test.js +132 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-hpke.test.js +155 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-mlkem768-x25519.test.js +129 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-namespace-hash.test.js +0 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-random-int.test.js +72 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/csp-builder.test.js +96 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/csp-nonce.test.js +401 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/csp-report.test.js +34 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/csv.test.js +180 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/daemon.test.js +210 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/daily-byte-quota.test.js +153 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/dark-patterns.test.js +66 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/data-act.test.js +74 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/db-collection-extensions.test.js +226 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/db-collection.test.js +136 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/db-init-extensions.test.js +165 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/db-query-cross-schema.test.js +150 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/db-query-extensions.test.js +191 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/db-role-for.test.js +228 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/db-vacuum.test.js +55 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/db-worm.test.js +89 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/ddl-change-control.test.js +184 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/declare-row-policy.test.js +203 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/declare-view.test.js +303 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/dns-dnssec-algorithm.test.js +163 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/dns-null-mx.test.js +39 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/dora.test.js +165 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/dr-runbook.test.js +59 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/dsr-state-rules.test.js +55 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/dsr.test.js +786 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/dual-control.test.js +105 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/early-hints.test.js +147 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/events.test.js +105 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/exploit-replay.test.js +243 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/external-db-hardening.test.js +181 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/external-db-migrate.test.js +190 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/external-db-routing.test.js +531 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/fal.test.js +118 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/fapi2.test.js +89 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/fda-21cfr11.test.js +156 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/fdx.test.js +79 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/fedcm-dbsc.test.js +216 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/federation-vc-suite.test.js +434 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/fido-mds3.test.js +432 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/file-type.test.js +81 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/flag.test.js +887 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/forensic-snapshot.test.js +51 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/fsm.test.js +375 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/gcs-bucket-ops.test.js +321 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/gdpr-ropa.test.js +41 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/graphql-federation.test.js +32 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-agent-registry.test.js +87 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-all.test.js +328 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-archive.test.js +339 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-csv.test.js +694 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-dsn.test.js +296 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-email.test.js +234 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-envelope.test.js +192 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-event-bus-payload.test.js +89 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-event-bus-topic.test.js +71 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-filename.test.js +386 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-html-wcag.test.js +859 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-html.test.js +357 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-idempotency-key.test.js +92 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-imap-command.test.js +0 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-jmap.test.js +174 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-json.test.js +317 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-list-id.test.js +199 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-list-unsubscribe.test.js +214 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-mail-compose.test.js +111 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-mail-move.test.js +110 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-mail-query.test.js +112 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-mail-reply.test.js +86 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-mail-sieve.test.js +92 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-managesieve-command.test.js +301 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-markdown.test.js +265 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-message-id.test.js +0 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-pop3-command.test.js +161 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-posture-chain.test.js +100 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-saga-config.test.js +79 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-smtp-command.test.js +269 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-snapshot-envelope.test.js +89 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-stream-args.test.js +78 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-svg.test.js +288 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-tenant-id.test.js +69 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-trace-context.test.js +102 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-xml.test.js +202 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-yaml.test.js +203 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/hal.test.js +51 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/honeytoken.test.js +50 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/html-balance.test.js +37 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/http-client-cache.test.js +692 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/http-client-stream.test.js +280 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/http-message-signature.test.js +225 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/i18n-messageformat.test.js +203 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/i18n.test.js +991 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/iab-mspa.test.js +63 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/iab-tcf.test.js +73 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/idempotency-key.test.js +612 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/importmap-integrity.test.js +56 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/inbox.test.js +166 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/incident-report.test.js +29 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/jose-jwe-experimental.test.js +121 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/json-api.test.js +58 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/json-round-trip-helper.test.js +110 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/jwt-external.test.js +159 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/keychain.test.js +0 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/legal-hold.test.js +118 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/local-db-thin.test.js +150 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/log-stream-cloudwatch.test.js +489 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/log-stream-otlp-grpc.test.js +207 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/log-stream-otlp.test.js +283 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/lro.test.js +65 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-agent.test.js +417 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-arf.test.js +208 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-auth.test.js +910 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-bimi.test.js +502 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-bounce.test.js +680 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-canspam.test.js +128 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-crypto-pgp-experimental.test.js +149 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-crypto-pgp.test.js +323 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-crypto-smime.test.js +297 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-dav.test.js +514 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-deploy-tlsrpt.test.js +369 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-deploy.test.js +199 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-dkim.test.js +627 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-feedback-id.test.js +56 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-greylist.test.js +217 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-helo.test.js +283 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-journal.test.js +217 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-mdn.test.js +334 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-rbl.test.js +271 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-require-tls.test.js +128 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-scan.test.js +215 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-send-deliver.test.js +336 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-imap.test.js +732 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-jmap.test.js +840 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-managesieve.test.js +130 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-mx.test.js +285 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-pop3.test.js +74 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-rate-limit.test.js +112 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-registry.test.js +229 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-submission.test.js +394 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-tls.test.js +147 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-sieve.test.js +151 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-spam-score.test.js +204 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-srs.test.js +152 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-store-fts.test.js +279 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-store.test.js +323 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-unsubscribe.test.js +165 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail.test.js +439 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mcp-tool-registry.test.js +202 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mcp.test.js +155 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/metrics-shadow-registry.test.js +112 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/metrics-snapshot.test.js +224 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/middleware-compose-pipeline.test.js +278 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/money.test.js +376 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mtls-ca-paths.test.js +89 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/nel.test.js +200 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/network-allowlist.test.js +106 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/network-byte-quota.test.js +133 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/network-dns-resolver.test.js +372 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/network-dns.test.js +635 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/network-heartbeat-passive.test.js +128 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/network-tls-build-options.test.js +130 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/network-tls-ct-inclusion.test.js +179 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/network-tls.test.js +447 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/network.test.js +369 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/nis2-report.test.js +21 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/nist-crosswalk.test.js +42 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/no-cache.test.js +98 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/notify.test.js +707 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/numeric-bounds.test.js +142 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/oauth-callback.test.js +72 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/observability-tracing.test.js +597 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/observability.test.js +190 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/openapi.test.js +877 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/otel-export.test.js +257 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/pagination.test.js +522 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/parsers-standalone.test.js +216 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/passkey.test.js +324 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/permissions.test.js +546 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/pqc-agent-curve.test.js +153 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/pqc-software.test.js +94 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/problem-details.test.js +195 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/process-spawn.test.js +62 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/promise-pool.test.js +93 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/protected-resource-metadata.test.js +68 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/protobuf-encoder.test.js +138 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/protocol-dispatcher.test.js +174 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/public-suffix.test.js +197 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/pubsub.test.js +232 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/queue-dlq-extend-lease.test.js +178 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/queue-flow-repeat.test.js +322 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/queue-priority-rate-progress.test.js +266 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/queue-sqs.test.js +300 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/rate-limit-cluster.test.js +338 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/rate-limit-registry.test.js +75 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/redact-dlp.test.js +246 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/redis-client.test.js +130 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/request-helpers.test.js +335 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/request-log.test.js +170 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/require-auth-cache-control.test.js +93 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/require-mtls.test.js +34 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/resource-access-lock.test.js +52 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/retention-floor.test.js +67 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/retry.test.js +535 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/router-cross-origin-redirect.test.js +0 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/router-tls0rtt.test.js +128 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-async-loops.test.js +163 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-async-parallel.test.js +170 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-decompress.test.js +248 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-dns.test.js +451 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-ical.test.js +289 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-icap.test.js +206 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-jsonpath.test.js +104 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-mime.test.js +339 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-mount-info.test.js +180 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-path.test.js +78 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-sieve.test.js +123 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-smtp.test.js +95 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-url-idn-homograph.test.js +77 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-vcard.test.js +257 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/saml-slo.test.js +249 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sandbox.test.js +228 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/scheduler-exactly-once.test.js +238 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/scim-server.test.js +92 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sd-jwt-vc.test.js +700 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sd-notify.test.js +67 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sec-cyber.test.js +85 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/security-assert.test.js +107 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/security-headers.test.js +175 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/seeders.test.js +816 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/self-update-standalone-verifier.test.js +168 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/self-update.test.js +302 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/server-timing.test.js +93 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/session-device-binding.test.js +247 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/session-extensions.test.js +295 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/shape-match.test.js +142 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sigv4-bucket-ops.test.js +952 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sigv4-multipart-sse.test.js +441 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/slug.test.js +330 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/smtp-policy.test.js +233 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/source-comment-blocks.test.js +105 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/speculation-rules.test.js +319 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sse.test.js +148 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/ssrf-guard.test.js +283 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/standard-webhooks.test.js +67 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/static.test.js +266 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/step-up.test.js +487 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/storage-chunk-scratch.test.js +0 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/storage-presigned-url.test.js +773 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/stream-throttle.test.js +173 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/structured-fields.test.js +180 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/tcpa-10dlc.test.js +66 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/tenant-quota.test.js +89 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/test-coverage.test.js +571 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/test-harness.test.js +190 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/testing-request.test.js +119 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/testing.test.js +522 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/time.test.js +151 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/tls-exporter.test.js +168 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/tls-ocsp-ct.test.js +275 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/tls-ocsp-verify.test.js +105 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/tls-pinset-drift.test.js +35 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/tls-preferred-groups.test.js +81 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/tracing.test.js +280 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/uuid.test.js +93 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/vault-aad.test.js +277 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/vault-seal-pem-file.test.js +252 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/vendor-data.test.js +149 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/vendor-manifest.test.js +92 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/vex.test.js +661 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/watcher.test.js +308 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/web-push-vapid.test.js +144 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/webhook.test.js +674 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/websocket-channels.test.js +360 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/worker-pool.test.js +302 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/ws-client.test.js +349 -0
- package/lib/vendor/blamejs/test/layer-1-state/api-key.test.js +717 -0
- package/lib/vendor/blamejs/test/layer-5-integration/bundler-output.test.js +444 -0
- package/lib/vendor/blamejs/test/layer-5-integration/guard-host-integration.test.js +597 -0
- package/lib/vendor/blamejs/test/layer-5-integration/security-chaos.test.js +308 -0
- package/lib/vendor/blamejs/test/smoke.js +431 -0
- package/lib/webhooks.js +305 -0
- package/package.json +43 -0
|
@@ -0,0 +1,1224 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
// codebase-patterns:allow-file raw-byte-literal — DAV is HTTP-shaped; every
|
|
3
|
+
// numeric in this file is an HTTP status code (200 / 201 / 207 / 400 / 401
|
|
4
|
+
// / 403 / 404 / 412 / 415 / 500). These are RFC 4791 / RFC 6352 / RFC 2616
|
|
5
|
+
// wire-protocol constants, not memory or byte-count caps.
|
|
6
|
+
/**
|
|
7
|
+
* @module b.mail.dav
|
|
8
|
+
* @nav Mail
|
|
9
|
+
* @title Mail CalDAV / CardDAV
|
|
10
|
+
* @order 560
|
|
11
|
+
*
|
|
12
|
+
* @intro
|
|
13
|
+
* CalDAV (RFC 4791) + CardDAV (RFC 6352) HTTP route handlers. Where
|
|
14
|
+
* the mail-server primitives mount as TCP listeners, the DAV stack
|
|
15
|
+
* rides the existing HTTP surface: operators mount the returned
|
|
16
|
+
* handlers under `b.router` / `b.createApp` and reuse their auth
|
|
17
|
+
* middleware, TLS termination, and rate-limit posture.
|
|
18
|
+
*
|
|
19
|
+
* The framework owns the wire protocol — method dispatch, XML body
|
|
20
|
+
* parsing (via `b.xmlC14n.parse`), per-tenant URL isolation,
|
|
21
|
+
* `If-Match` / `If-None-Match` ETag invariants, response-shape
|
|
22
|
+
* generation, and (critically) PUT-body validation through
|
|
23
|
+
* `b.safeIcal.parse` (CalDAV) and `b.safeVcard.parse` (CardDAV).
|
|
24
|
+
* Operators wire the storage backend — `listCalendars`,
|
|
25
|
+
* `getComponent`, `listComponents`, `putComponent`,
|
|
26
|
+
* `deleteComponent` for CalDAV; the equivalent contact-shaped set
|
|
27
|
+
* for CardDAV — so the framework never assumes a single DB shape.
|
|
28
|
+
*
|
|
29
|
+
* ## Public surface
|
|
30
|
+
*
|
|
31
|
+
* ```js
|
|
32
|
+
* var dav = b.mail.dav.create({
|
|
33
|
+
* storage: {
|
|
34
|
+
* calendar: {
|
|
35
|
+
* listCalendars: async function (principalId) { ... },
|
|
36
|
+
* getComponent: async function (principalId, calendarId, componentId) { ... },
|
|
37
|
+
* listComponents: async function (principalId, calendarId, filter) { ... },
|
|
38
|
+
* putComponent: async function (principalId, calendarId, componentId, icalBytes, ifMatch) { ... },
|
|
39
|
+
* deleteComponent: async function (principalId, calendarId, componentId, ifMatch) { ... },
|
|
40
|
+
* mkcalendar: async function (principalId, calendarId, props) { ... },
|
|
41
|
+
* },
|
|
42
|
+
* addressbook: {
|
|
43
|
+
* listAddressbooks: async function (principalId) { ... },
|
|
44
|
+
* getCard: async function (principalId, addressbookId, cardId) { ... },
|
|
45
|
+
* listCards: async function (principalId, addressbookId, filter) { ... },
|
|
46
|
+
* putCard: async function (principalId, addressbookId, cardId, vcardBytes, ifMatch) { ... },
|
|
47
|
+
* deleteCard: async function (principalId, addressbookId, cardId, ifMatch) { ... },
|
|
48
|
+
* mkcol: async function (principalId, addressbookId, props) { ... },
|
|
49
|
+
* },
|
|
50
|
+
* },
|
|
51
|
+
* profile: "strict", // safeIcal / safeVcard
|
|
52
|
+
* audit: b.audit,
|
|
53
|
+
* });
|
|
54
|
+
*
|
|
55
|
+
* app.use("/.well-known/caldav", dav.discoveryHandler);
|
|
56
|
+
* app.use("/.well-known/carddav", dav.discoveryHandler);
|
|
57
|
+
* app.use("/caldav", b.middleware.bearerAuth({...}), dav.caldavHandler);
|
|
58
|
+
* app.use("/carddav", b.middleware.bearerAuth({...}), dav.carddavHandler);
|
|
59
|
+
* ```
|
|
60
|
+
*
|
|
61
|
+
* ## URL shape
|
|
62
|
+
*
|
|
63
|
+
* - CalDAV: `/caldav/<principal>/<calendar>/<component>.ics`
|
|
64
|
+
* - CardDAV: `/carddav/<principal>/<addressbook>/<card>.vcf`
|
|
65
|
+
*
|
|
66
|
+
* Every URL carries the principal ID at the first path segment.
|
|
67
|
+
* Cross-principal access is refused at the handler boundary; the
|
|
68
|
+
* storage backend never sees a principal ID it did not authorize.
|
|
69
|
+
*
|
|
70
|
+
* ## Verbs (v1)
|
|
71
|
+
*
|
|
72
|
+
* Common: `OPTIONS`, `PROPFIND`, `REPORT`, `GET`, `PUT`, `DELETE`.
|
|
73
|
+
* CalDAV-specific: `MKCALENDAR` (RFC 4791 §5.2.1).
|
|
74
|
+
* CardDAV-specific: `MKCOL` (RFC 4918 §9.3).
|
|
75
|
+
*
|
|
76
|
+
* PROPFIND responds Multi-Status (207) for `Depth: 0` (resource
|
|
77
|
+
* props) / `Depth: 1` (collection contents). REPORT bodies
|
|
78
|
+
* supported: `calendar-query`, `calendar-multiget`,
|
|
79
|
+
* `addressbook-query`, `addressbook-multiget`. `sync-collection`
|
|
80
|
+
* (RFC 6578) ships when the storage backend declares its sync-token
|
|
81
|
+
* capability.
|
|
82
|
+
*
|
|
83
|
+
* ## Status codes
|
|
84
|
+
*
|
|
85
|
+
* - 200 — GET / OPTIONS success
|
|
86
|
+
* - 201 — PUT created / MKCALENDAR / MKCOL success
|
|
87
|
+
* - 204 — PUT / DELETE success (existing resource)
|
|
88
|
+
* - 207 — PROPFIND / REPORT Multi-Status (RFC 4918 §13)
|
|
89
|
+
* - 401 — auth required (operator middleware did not populate actor)
|
|
90
|
+
* - 403 — cross-principal access / forbidden by storage
|
|
91
|
+
* - 404 — resource not found
|
|
92
|
+
* - 412 — `If-Match` ETag mismatch on PUT / DELETE (RFC 4918 §10.4)
|
|
93
|
+
* - 415 — PUT body failed safeIcal / safeVcard validation
|
|
94
|
+
*
|
|
95
|
+
* ## Explicitly deferred (v1)
|
|
96
|
+
*
|
|
97
|
+
* - **WebDAV ACL (RFC 3744)** — operator wires authorization at
|
|
98
|
+
* their HTTP middleware (per-principal scoping is already
|
|
99
|
+
* enforced by the URL invariant; richer ACE / privilege grammar
|
|
100
|
+
* is opt-in).
|
|
101
|
+
* - **CalDAV scheduling (RFC 6638)** — the iTIP scheduling outbox /
|
|
102
|
+
* inbox routes call back into `b.mail.submission`; ships in a
|
|
103
|
+
* later slice so the cross-protocol contract is settled first.
|
|
104
|
+
* - **Free-busy reports (RFC 4791 §7.10)** — basic free-busy shape
|
|
105
|
+
* parses; the full availability merge across attendees defers to
|
|
106
|
+
* the scheduling slice.
|
|
107
|
+
* - **VTIMEZONE inline composition** — operators reference IANA
|
|
108
|
+
* timezone names; full VTIMEZONE generation lives in JSCalendar.
|
|
109
|
+
* - **iMIP (RFC 6047)** — iTIP-over-mail handler defers to the
|
|
110
|
+
* scheduling slice with its MX hook.
|
|
111
|
+
*
|
|
112
|
+
* ## CVE defense composition
|
|
113
|
+
*
|
|
114
|
+
* - `b.safeIcal` rejects RRULE COUNT > 10000 / BYxxx list > 24 →
|
|
115
|
+
* defends CVE-2024-39687 (ical4j RRULE recursion / Outlook
|
|
116
|
+
* calendar bomb) on the PUT path.
|
|
117
|
+
* - `b.xmlC14n.parse` rejects DOCTYPE / ENTITY in the
|
|
118
|
+
* PROPFIND / REPORT body → defends XXE / billion-laughs on the
|
|
119
|
+
* query path.
|
|
120
|
+
* - URL-encoded path traversal (`..`, `%2e%2e`, null bytes) is
|
|
121
|
+
* refused before the storage backend sees the IDs.
|
|
122
|
+
*
|
|
123
|
+
* @card
|
|
124
|
+
* CalDAV (RFC 4791) + CardDAV (RFC 6352) HTTP handlers — operators
|
|
125
|
+
* mount under their HTTP router. Composes b.safeIcal / b.safeVcard
|
|
126
|
+
* for PUT-body validation, b.xmlC14n.parse for PROPFIND / REPORT
|
|
127
|
+
* bodies. Per-principal URL isolation; operator-supplied storage
|
|
128
|
+
* backend. Defends CVE-2024-39687 at the PUT boundary.
|
|
129
|
+
*/
|
|
130
|
+
|
|
131
|
+
var lazyRequire = require("./lazy-require");
|
|
132
|
+
var C = require("./constants");
|
|
133
|
+
var safeIcal = require("./safe-ical");
|
|
134
|
+
var safeVcard = require("./safe-vcard");
|
|
135
|
+
var safeBuffer = require("./safe-buffer");
|
|
136
|
+
var validateOpts = require("./validate-opts");
|
|
137
|
+
var xmlC14n = require("./xml-c14n");
|
|
138
|
+
var { defineClass } = require("./framework-error");
|
|
139
|
+
|
|
140
|
+
var audit = lazyRequire(function () { return require("./audit"); });
|
|
141
|
+
|
|
142
|
+
var MailDavError = defineClass("MailDavError", { alwaysPermanent: true });
|
|
143
|
+
|
|
144
|
+
// HTTP method method-set per RFC 4791 §5.3 (CalDAV) + RFC 6352 §6
|
|
145
|
+
// (CardDAV) + RFC 4918 §9 (base WebDAV).
|
|
146
|
+
var CALDAV_METHODS = ["OPTIONS", "PROPFIND", "REPORT", "GET", "PUT", "DELETE", "MKCALENDAR"];
|
|
147
|
+
var CARDDAV_METHODS = ["OPTIONS", "PROPFIND", "REPORT", "GET", "PUT", "DELETE", "MKCOL"];
|
|
148
|
+
|
|
149
|
+
// DAV-class header values per RFC 4791 §5.1 + RFC 6352 §6.1.
|
|
150
|
+
var CALDAV_DAV_HEADER = "1, 2, 3, calendar-access";
|
|
151
|
+
var CARDDAV_DAV_HEADER = "1, 2, 3, addressbook";
|
|
152
|
+
|
|
153
|
+
// Per-request body cap — applies to PROPFIND / REPORT bodies AND to
|
|
154
|
+
// PUT bodies before they are forwarded to safeIcal / safeVcard. The
|
|
155
|
+
// downstream parsers re-cap per profile; this is the outer envelope.
|
|
156
|
+
var MAX_REQUEST_BODY_BYTES = C.BYTES.mib(8);
|
|
157
|
+
|
|
158
|
+
// Per-request actor scope — every operator middleware populates
|
|
159
|
+
// `req.user.principalId` (or `req.actor.principalId`); the handler
|
|
160
|
+
// refuses on miss.
|
|
161
|
+
function _actorPrincipalId(req) {
|
|
162
|
+
var actor = req.user || req.actor || null;
|
|
163
|
+
if (!actor) return null;
|
|
164
|
+
if (typeof actor.principalId === "string") return actor.principalId;
|
|
165
|
+
if (typeof actor.id === "string") return actor.id;
|
|
166
|
+
if (typeof actor.username === "string") return actor.username;
|
|
167
|
+
return null;
|
|
168
|
+
}
|
|
169
|
+
|
|
170
|
+
/**
|
|
171
|
+
* @primitive b.mail.dav.create
|
|
172
|
+
* @signature b.mail.dav.create(opts)
|
|
173
|
+
* @since 0.9.81
|
|
174
|
+
* @status stable
|
|
175
|
+
* @related b.safeIcal.parse, b.safeVcard.parse, b.xmlC14n.parse
|
|
176
|
+
*
|
|
177
|
+
* Build a CalDAV + CardDAV route-handler bundle. Returns a handle
|
|
178
|
+
* exposing `caldavHandler` / `carddavHandler` / `discoveryHandler`
|
|
179
|
+
* (Express-style `(req, res, next)` functions) plus `dispatchCaldav` /
|
|
180
|
+
* `dispatchCarddav` for operators on a non-Express transport.
|
|
181
|
+
*
|
|
182
|
+
* @opts
|
|
183
|
+
* storage: { calendar, addressbook }, // operator-supplied
|
|
184
|
+
* profile: "strict" | "balanced" | "permissive", // default strict
|
|
185
|
+
* compliancePosture: "hipaa" | "pci-dss" | "gdpr" | "soc2", // optional
|
|
186
|
+
* maxRequestBodyBytes: number, // default 8 MiB
|
|
187
|
+
* audit: b.audit, // optional
|
|
188
|
+
*
|
|
189
|
+
* @example
|
|
190
|
+
* var dav = b.mail.dav.create({
|
|
191
|
+
* storage: {
|
|
192
|
+
* calendar: { listCalendars, getComponent, listComponents,
|
|
193
|
+
* putComponent, deleteComponent, mkcalendar },
|
|
194
|
+
* addressbook: { listAddressbooks, getCard, listCards,
|
|
195
|
+
* putCard, deleteCard, mkcol },
|
|
196
|
+
* },
|
|
197
|
+
* profile: "strict",
|
|
198
|
+
* });
|
|
199
|
+
*
|
|
200
|
+
* app.use("/.well-known/caldav", dav.discoveryHandler);
|
|
201
|
+
* app.use("/.well-known/carddav", dav.discoveryHandler);
|
|
202
|
+
* app.use("/caldav", bearerAuth, dav.caldavHandler);
|
|
203
|
+
* app.use("/carddav", bearerAuth, dav.carddavHandler);
|
|
204
|
+
*/
|
|
205
|
+
function create(opts) {
|
|
206
|
+
validateOpts.requireObject(opts, "mail.dav.create", MailDavError, "mail-dav/bad-opts");
|
|
207
|
+
if (!opts.storage || typeof opts.storage !== "object") {
|
|
208
|
+
throw new MailDavError("mail-dav/no-storage",
|
|
209
|
+
"mail.dav.create: opts.storage is required " +
|
|
210
|
+
"({ calendar: { listCalendars, ... }, addressbook: { listAddressbooks, ... } })");
|
|
211
|
+
}
|
|
212
|
+
var profile = opts.profile || "strict";
|
|
213
|
+
var compliancePosture = opts.compliancePosture || null;
|
|
214
|
+
var maxBody = (typeof opts.maxRequestBodyBytes === "number" &&
|
|
215
|
+
isFinite(opts.maxRequestBodyBytes) &&
|
|
216
|
+
opts.maxRequestBodyBytes > 0)
|
|
217
|
+
? opts.maxRequestBodyBytes
|
|
218
|
+
: MAX_REQUEST_BODY_BYTES;
|
|
219
|
+
|
|
220
|
+
var calStorage = opts.storage.calendar || null;
|
|
221
|
+
var cardStorage = opts.storage.addressbook || null;
|
|
222
|
+
|
|
223
|
+
function _emit(action, metadata, outcome) {
|
|
224
|
+
try {
|
|
225
|
+
audit().safeEmit({
|
|
226
|
+
action: action,
|
|
227
|
+
outcome: outcome || "success",
|
|
228
|
+
metadata: metadata || {},
|
|
229
|
+
});
|
|
230
|
+
} catch (_e) { /* drop-silent — audit best-effort */ }
|
|
231
|
+
}
|
|
232
|
+
|
|
233
|
+
// ---- URL parsing (per-tenant principal isolation) ----------------------
|
|
234
|
+
//
|
|
235
|
+
// CalDAV URLs: /caldav/<principal>/<calendar>/<component>
|
|
236
|
+
// CardDAV URLs: /carddav/<principal>/<addressbook>/<card>
|
|
237
|
+
//
|
|
238
|
+
// The mount prefix (`/caldav` / `/carddav`) is stripped by the
|
|
239
|
+
// operator's router before the handler runs. `req.url` therefore
|
|
240
|
+
// starts with `/<principal>/...`.
|
|
241
|
+
function _parsePath(reqUrl) {
|
|
242
|
+
// Strip query string.
|
|
243
|
+
var qIdx = reqUrl.indexOf("?");
|
|
244
|
+
var path = qIdx >= 0 ? reqUrl.slice(0, qIdx) : reqUrl;
|
|
245
|
+
// Refuse path traversal / null bytes before decoding.
|
|
246
|
+
if (path.indexOf("\0") >= 0 || // allow:raw-byte-literal — NUL byte refusal
|
|
247
|
+
/(?:^|\/)\.\.(?:\/|$)/.test(path) ||
|
|
248
|
+
/%2e%2e/i.test(path) ||
|
|
249
|
+
/%00/i.test(path)) {
|
|
250
|
+
return { principalId: null, parts: [], rejected: "traversal" };
|
|
251
|
+
}
|
|
252
|
+
var segs = path.split("/").filter(function (s) { return s.length > 0; });
|
|
253
|
+
var decoded = [];
|
|
254
|
+
for (var i = 0; i < segs.length; i++) {
|
|
255
|
+
try { decoded.push(decodeURIComponent(segs[i])); }
|
|
256
|
+
catch (_e) { return { principalId: null, parts: [], rejected: "malformed-uri" }; }
|
|
257
|
+
}
|
|
258
|
+
return {
|
|
259
|
+
principalId: decoded[0] || null,
|
|
260
|
+
parts: decoded.slice(1),
|
|
261
|
+
rejected: null,
|
|
262
|
+
};
|
|
263
|
+
}
|
|
264
|
+
|
|
265
|
+
function _refuseStatus(res, code, message) {
|
|
266
|
+
res.statusCode = code;
|
|
267
|
+
res.setHeader("Content-Type", "text/plain; charset=utf-8");
|
|
268
|
+
res.end(message || "");
|
|
269
|
+
}
|
|
270
|
+
|
|
271
|
+
function _readBodyBytes(req) {
|
|
272
|
+
return new Promise(function (resolve, reject) {
|
|
273
|
+
if (req.body !== undefined && req.body !== null) {
|
|
274
|
+
// Body parser already ran.
|
|
275
|
+
if (Buffer.isBuffer(req.body)) {
|
|
276
|
+
if (req.body.length > maxBody) {
|
|
277
|
+
reject(new MailDavError("mail-dav/oversize-body",
|
|
278
|
+
"request body exceeds " + maxBody + " bytes"));
|
|
279
|
+
return;
|
|
280
|
+
}
|
|
281
|
+
resolve(req.body);
|
|
282
|
+
return;
|
|
283
|
+
}
|
|
284
|
+
if (typeof req.body === "string") {
|
|
285
|
+
var buf = Buffer.from(req.body, "utf8");
|
|
286
|
+
if (buf.length > maxBody) {
|
|
287
|
+
reject(new MailDavError("mail-dav/oversize-body",
|
|
288
|
+
"request body exceeds " + maxBody + " bytes"));
|
|
289
|
+
return;
|
|
290
|
+
}
|
|
291
|
+
resolve(buf);
|
|
292
|
+
return;
|
|
293
|
+
}
|
|
294
|
+
// Object — body parser already JSON-parsed; treat as a
|
|
295
|
+
// signal that the operator misconfigured a body parser
|
|
296
|
+
// upstream. Re-serialize as JSON bytes (DAV bodies are XML,
|
|
297
|
+
// so this will fail downstream — fine).
|
|
298
|
+
resolve(Buffer.from(JSON.stringify(req.body), "utf8"));
|
|
299
|
+
return;
|
|
300
|
+
}
|
|
301
|
+
// safeBuffer.boundedChunkCollector enforces maxBytes inside
|
|
302
|
+
// push(); any chunk that would overflow throws + we reject the
|
|
303
|
+
// promise. The body is bounded BEFORE the cap is reached so the
|
|
304
|
+
// single allocation in result() is bounded by maxBytes.
|
|
305
|
+
var collector = safeBuffer.boundedChunkCollector({
|
|
306
|
+
maxBytes: maxBody,
|
|
307
|
+
errorClass: MailDavError,
|
|
308
|
+
sizeCode: "mail-dav/oversize-body",
|
|
309
|
+
sizeMessage: "request body exceeds " + maxBody + " bytes",
|
|
310
|
+
});
|
|
311
|
+
req.on("data", function (chunk) {
|
|
312
|
+
try { collector.push(chunk); }
|
|
313
|
+
catch (e) {
|
|
314
|
+
req.destroy();
|
|
315
|
+
reject(e);
|
|
316
|
+
}
|
|
317
|
+
});
|
|
318
|
+
req.on("end", function () {
|
|
319
|
+
try { resolve(collector.result()); }
|
|
320
|
+
catch (e) { reject(e); }
|
|
321
|
+
});
|
|
322
|
+
req.on("error", function (e) { reject(e); });
|
|
323
|
+
});
|
|
324
|
+
}
|
|
325
|
+
|
|
326
|
+
// ---- Response builders ------------------------------------------------
|
|
327
|
+
|
|
328
|
+
function _multiStatus(responses) {
|
|
329
|
+
// RFC 4918 §14.16 — Multi-Status response body.
|
|
330
|
+
var lines = ["<?xml version=\"1.0\" encoding=\"utf-8\"?>"];
|
|
331
|
+
lines.push("<D:multistatus xmlns:D=\"DAV:\" xmlns:C=\"urn:ietf:params:xml:ns:caldav\" xmlns:A=\"urn:ietf:params:xml:ns:carddav\">");
|
|
332
|
+
for (var i = 0; i < responses.length; i++) {
|
|
333
|
+
var r = responses[i];
|
|
334
|
+
lines.push("<D:response>");
|
|
335
|
+
lines.push("<D:href>" + _xmlEscape(r.href) + "</D:href>");
|
|
336
|
+
if (r.status) {
|
|
337
|
+
lines.push("<D:status>HTTP/1.1 " + r.status + " " + _statusText(r.status) + "</D:status>");
|
|
338
|
+
}
|
|
339
|
+
if (r.propstat) {
|
|
340
|
+
for (var j = 0; j < r.propstat.length; j++) {
|
|
341
|
+
var ps = r.propstat[j];
|
|
342
|
+
lines.push("<D:propstat>");
|
|
343
|
+
lines.push("<D:prop>" + (ps.propXml || "") + "</D:prop>");
|
|
344
|
+
lines.push("<D:status>HTTP/1.1 " + ps.status + " " + _statusText(ps.status) + "</D:status>");
|
|
345
|
+
lines.push("</D:propstat>");
|
|
346
|
+
}
|
|
347
|
+
}
|
|
348
|
+
lines.push("</D:response>");
|
|
349
|
+
}
|
|
350
|
+
lines.push("</D:multistatus>");
|
|
351
|
+
return lines.join("\n");
|
|
352
|
+
}
|
|
353
|
+
|
|
354
|
+
function _statusText(code) {
|
|
355
|
+
switch (code) {
|
|
356
|
+
case 200: return "OK";
|
|
357
|
+
case 201: return "Created";
|
|
358
|
+
case 204: return "No Content";
|
|
359
|
+
case 207: return "Multi-Status";
|
|
360
|
+
case 401: return "Unauthorized";
|
|
361
|
+
case 403: return "Forbidden";
|
|
362
|
+
case 404: return "Not Found";
|
|
363
|
+
case 412: return "Precondition Failed";
|
|
364
|
+
case 415: return "Unsupported Media Type";
|
|
365
|
+
case 500: return "Internal Server Error";
|
|
366
|
+
default: return "Status";
|
|
367
|
+
}
|
|
368
|
+
}
|
|
369
|
+
|
|
370
|
+
function _xmlEscape(s) {
|
|
371
|
+
if (s === null || s === undefined) return "";
|
|
372
|
+
return String(s)
|
|
373
|
+
.replace(/&/g, "&")
|
|
374
|
+
.replace(/</g, "<")
|
|
375
|
+
.replace(/>/g, ">")
|
|
376
|
+
.replace(/"/g, """)
|
|
377
|
+
.replace(/'/g, "'");
|
|
378
|
+
}
|
|
379
|
+
|
|
380
|
+
// Render a small subset of well-known DAV / CalDAV / CardDAV
|
|
381
|
+
// properties for PROPFIND responses. Operator-supplied storage
|
|
382
|
+
// resources can carry an `etag` / `ctag` / `displayName` /
|
|
383
|
+
// `resourcetype` field which this picker turns into XML.
|
|
384
|
+
function _renderProps(resource, requestedProps) {
|
|
385
|
+
if (!resource) return "";
|
|
386
|
+
var out = [];
|
|
387
|
+
function maybe(propName, value) {
|
|
388
|
+
if (value === null || value === undefined) return;
|
|
389
|
+
if (requestedProps && requestedProps.length > 0 &&
|
|
390
|
+
requestedProps.indexOf(propName) < 0) return;
|
|
391
|
+
out.push(value);
|
|
392
|
+
}
|
|
393
|
+
maybe("displayname",
|
|
394
|
+
"<D:displayname>" + _xmlEscape(resource.displayName || resource.id || "") + "</D:displayname>");
|
|
395
|
+
maybe("resourcetype",
|
|
396
|
+
"<D:resourcetype>" + (resource.resourcetype || "") + "</D:resourcetype>");
|
|
397
|
+
maybe("getetag",
|
|
398
|
+
resource.etag ? "<D:getetag>" + _xmlEscape(resource.etag) + "</D:getetag>" : null);
|
|
399
|
+
maybe("getcontenttype",
|
|
400
|
+
resource.contentType ? "<D:getcontenttype>" + _xmlEscape(resource.contentType) + "</D:getcontenttype>" : null);
|
|
401
|
+
maybe("getcontentlength",
|
|
402
|
+
typeof resource.size === "number" ?
|
|
403
|
+
"<D:getcontentlength>" + resource.size + "</D:getcontentlength>" : null);
|
|
404
|
+
maybe("getlastmodified",
|
|
405
|
+
resource.lastModified ? "<D:getlastmodified>" + _xmlEscape(resource.lastModified) + "</D:getlastmodified>" : null);
|
|
406
|
+
maybe("calendar-data",
|
|
407
|
+
resource.icalBytes ? "<C:calendar-data>" + _xmlEscape(_bufToText(resource.icalBytes)) + "</C:calendar-data>" : null);
|
|
408
|
+
maybe("address-data",
|
|
409
|
+
resource.vcardBytes ? "<A:address-data>" + _xmlEscape(_bufToText(resource.vcardBytes)) + "</A:address-data>" : null);
|
|
410
|
+
return out.join("");
|
|
411
|
+
}
|
|
412
|
+
|
|
413
|
+
function _bufToText(b) {
|
|
414
|
+
if (typeof b === "string") return b;
|
|
415
|
+
if (Buffer.isBuffer(b)) return b.toString("utf8");
|
|
416
|
+
return String(b);
|
|
417
|
+
}
|
|
418
|
+
|
|
419
|
+
// ---- PROPFIND body parsing -------------------------------------------
|
|
420
|
+
//
|
|
421
|
+
// Returns `{ allprop: boolean, propname: boolean, props: string[] }`.
|
|
422
|
+
// Empty body == allprop per RFC 4918 §9.1.
|
|
423
|
+
|
|
424
|
+
function _parsePropfindBody(bodyBuf) {
|
|
425
|
+
var s = bodyBuf.toString("utf8").trim();
|
|
426
|
+
if (s.length === 0) return { allprop: true, propname: false, props: [] };
|
|
427
|
+
var tree;
|
|
428
|
+
try { tree = xmlC14n.parse(s); }
|
|
429
|
+
catch (e) {
|
|
430
|
+
throw new MailDavError("mail-dav/bad-propfind-body",
|
|
431
|
+
"PROPFIND body XML refused: " + (e && e.message));
|
|
432
|
+
}
|
|
433
|
+
var props = [];
|
|
434
|
+
var allprop = false;
|
|
435
|
+
var propname = false;
|
|
436
|
+
_walkXml(tree, function (node) {
|
|
437
|
+
var local = _localName(node.name);
|
|
438
|
+
if (local === "allprop") allprop = true;
|
|
439
|
+
else if (local === "propname") propname = true;
|
|
440
|
+
else if (local === "prop" && node.children) {
|
|
441
|
+
for (var i = 0; i < node.children.length; i++) {
|
|
442
|
+
var c = node.children[i];
|
|
443
|
+
if (c.type === "element") props.push(_localName(c.name));
|
|
444
|
+
}
|
|
445
|
+
}
|
|
446
|
+
});
|
|
447
|
+
return { allprop: allprop, propname: propname, props: props };
|
|
448
|
+
}
|
|
449
|
+
|
|
450
|
+
function _localName(n) {
|
|
451
|
+
if (typeof n !== "string") return "";
|
|
452
|
+
var colonIdx = n.indexOf(":");
|
|
453
|
+
return (colonIdx >= 0 ? n.slice(colonIdx + 1) : n).toLowerCase();
|
|
454
|
+
}
|
|
455
|
+
|
|
456
|
+
function _walkXml(node, visitor) {
|
|
457
|
+
if (!node) return;
|
|
458
|
+
if (node.type === "element") visitor(node);
|
|
459
|
+
if (node.children) {
|
|
460
|
+
for (var i = 0; i < node.children.length; i++) {
|
|
461
|
+
_walkXml(node.children[i], visitor);
|
|
462
|
+
}
|
|
463
|
+
}
|
|
464
|
+
}
|
|
465
|
+
|
|
466
|
+
// ---- REPORT body parsing ---------------------------------------------
|
|
467
|
+
//
|
|
468
|
+
// Returns `{ kind, props, hrefs, filter }`. Recognized kinds:
|
|
469
|
+
// calendar-query / calendar-multiget / addressbook-query /
|
|
470
|
+
// addressbook-multiget.
|
|
471
|
+
|
|
472
|
+
function _parseReportBody(bodyBuf) {
|
|
473
|
+
var s = bodyBuf.toString("utf8").trim();
|
|
474
|
+
if (s.length === 0) {
|
|
475
|
+
throw new MailDavError("mail-dav/bad-report-body",
|
|
476
|
+
"REPORT body is empty");
|
|
477
|
+
}
|
|
478
|
+
var tree;
|
|
479
|
+
try { tree = xmlC14n.parse(s); }
|
|
480
|
+
catch (e) {
|
|
481
|
+
throw new MailDavError("mail-dav/bad-report-body",
|
|
482
|
+
"REPORT body XML refused: " + (e && e.message));
|
|
483
|
+
}
|
|
484
|
+
var kind = _localName(tree.name);
|
|
485
|
+
var props = [];
|
|
486
|
+
var hrefs = [];
|
|
487
|
+
var filter = null;
|
|
488
|
+
_walkXml(tree, function (node) {
|
|
489
|
+
var local = _localName(node.name);
|
|
490
|
+
if (local === "prop" && node.children) {
|
|
491
|
+
for (var i = 0; i < node.children.length; i++) {
|
|
492
|
+
var c = node.children[i];
|
|
493
|
+
if (c.type === "element") props.push(_localName(c.name));
|
|
494
|
+
}
|
|
495
|
+
} else if (local === "href" && node.children) {
|
|
496
|
+
for (var j = 0; j < node.children.length; j++) {
|
|
497
|
+
if (node.children[j].type === "text") {
|
|
498
|
+
hrefs.push(node.children[j].value || node.children[j].text || "");
|
|
499
|
+
}
|
|
500
|
+
}
|
|
501
|
+
} else if (local === "filter") {
|
|
502
|
+
filter = node;
|
|
503
|
+
}
|
|
504
|
+
});
|
|
505
|
+
return { kind: kind, props: props, hrefs: hrefs, filter: filter };
|
|
506
|
+
}
|
|
507
|
+
|
|
508
|
+
// ---- CalDAV dispatch -------------------------------------------------
|
|
509
|
+
|
|
510
|
+
async function dispatchCaldav(actorPrincipalId, req, res) {
|
|
511
|
+
var method = (req.method || "GET").toUpperCase();
|
|
512
|
+
if (CALDAV_METHODS.indexOf(method) < 0) {
|
|
513
|
+
_emit("mail.dav.refused",
|
|
514
|
+
{ method: method, kind: "caldav" }, "denied");
|
|
515
|
+
return _refuseStatus(res, 405, "Method not allowed: " + method);
|
|
516
|
+
}
|
|
517
|
+
if (!actorPrincipalId) {
|
|
518
|
+
_emit("mail.dav.refused",
|
|
519
|
+
{ method: method, kind: "caldav", reason: "no-actor" }, "denied");
|
|
520
|
+
return _refuseStatus(res, 401, "Authentication required");
|
|
521
|
+
}
|
|
522
|
+
if (!calStorage) {
|
|
523
|
+
return _refuseStatus(res, 501,
|
|
524
|
+
"CalDAV not configured (opts.storage.calendar required)");
|
|
525
|
+
}
|
|
526
|
+
|
|
527
|
+
if (method === "OPTIONS") {
|
|
528
|
+
res.statusCode = 200;
|
|
529
|
+
res.setHeader("DAV", CALDAV_DAV_HEADER);
|
|
530
|
+
res.setHeader("Allow", CALDAV_METHODS.join(", "));
|
|
531
|
+
res.setHeader("MS-Author-Via", "DAV");
|
|
532
|
+
res.end();
|
|
533
|
+
_emit("mail.dav.options", { kind: "caldav" });
|
|
534
|
+
return;
|
|
535
|
+
}
|
|
536
|
+
|
|
537
|
+
var parsed = _parsePath(req.url || "");
|
|
538
|
+
if (parsed.rejected) {
|
|
539
|
+
_emit("mail.dav.refused",
|
|
540
|
+
{ method: method, reason: parsed.rejected }, "denied");
|
|
541
|
+
return _refuseStatus(res, 400, "Bad URL: " + parsed.rejected);
|
|
542
|
+
}
|
|
543
|
+
if (!parsed.principalId) {
|
|
544
|
+
// Allow PROPFIND at the root for principal-discovery patterns.
|
|
545
|
+
if (method !== "PROPFIND") {
|
|
546
|
+
return _refuseStatus(res, 400, "Principal segment required");
|
|
547
|
+
}
|
|
548
|
+
} else if (parsed.principalId !== actorPrincipalId) {
|
|
549
|
+
_emit("mail.dav.refused",
|
|
550
|
+
{ method: method, kind: "caldav",
|
|
551
|
+
urlPrincipal: parsed.principalId,
|
|
552
|
+
actorPrincipal: actorPrincipalId,
|
|
553
|
+
reason: "cross-principal" }, "denied");
|
|
554
|
+
return _refuseStatus(res, 403,
|
|
555
|
+
"Cross-principal access refused");
|
|
556
|
+
}
|
|
557
|
+
|
|
558
|
+
var calendarId = parsed.parts[0] || null;
|
|
559
|
+
var componentId = parsed.parts[1] || null;
|
|
560
|
+
|
|
561
|
+
try {
|
|
562
|
+
switch (method) {
|
|
563
|
+
case "PROPFIND": return await _handleCaldavPropfind(req, res, actorPrincipalId, calendarId, componentId);
|
|
564
|
+
case "REPORT": return await _handleCaldavReport(req, res, actorPrincipalId, calendarId);
|
|
565
|
+
case "GET": return await _handleCaldavGet(req, res, actorPrincipalId, calendarId, componentId);
|
|
566
|
+
case "PUT": return await _handleCaldavPut(req, res, actorPrincipalId, calendarId, componentId);
|
|
567
|
+
case "DELETE": return await _handleCaldavDelete(req, res, actorPrincipalId, calendarId, componentId);
|
|
568
|
+
case "MKCALENDAR": return await _handleMkcalendar(req, res, actorPrincipalId, calendarId);
|
|
569
|
+
default:
|
|
570
|
+
// CALDAV_METHODS allowlist gate is enforced above; this
|
|
571
|
+
// branch is unreachable but eslint requires it.
|
|
572
|
+
return _refuseStatus(res, 405, "Method not allowed: " + method);
|
|
573
|
+
}
|
|
574
|
+
} catch (e) {
|
|
575
|
+
_emit("mail.dav.handler_threw",
|
|
576
|
+
{ method: method, kind: "caldav",
|
|
577
|
+
error: (e && e.message) || String(e) }, "failure");
|
|
578
|
+
return _refuseStatus(res, 500, "Server error");
|
|
579
|
+
}
|
|
580
|
+
}
|
|
581
|
+
|
|
582
|
+
async function _handleCaldavPropfind(req, res, principalId, calendarId, componentId) {
|
|
583
|
+
var depth = (req.headers && (req.headers.depth || req.headers.Depth)) || "0";
|
|
584
|
+
var bodyBuf = await _readBodyBytes(req);
|
|
585
|
+
var body = _parsePropfindBody(bodyBuf);
|
|
586
|
+
var responses = [];
|
|
587
|
+
|
|
588
|
+
if (!calendarId) {
|
|
589
|
+
// Principal-level: list calendars (Depth: 1) or report principal (Depth: 0).
|
|
590
|
+
if (depth === "0") {
|
|
591
|
+
responses.push({
|
|
592
|
+
href: "/caldav/" + principalId + "/",
|
|
593
|
+
propstat: [{
|
|
594
|
+
status: 200,
|
|
595
|
+
propXml: _renderProps({
|
|
596
|
+
displayName: principalId,
|
|
597
|
+
resourcetype: "<D:collection/>",
|
|
598
|
+
}, body.props),
|
|
599
|
+
}],
|
|
600
|
+
});
|
|
601
|
+
} else {
|
|
602
|
+
var cals = await calStorage.listCalendars(principalId);
|
|
603
|
+
responses.push({
|
|
604
|
+
href: "/caldav/" + principalId + "/",
|
|
605
|
+
propstat: [{ status: 200,
|
|
606
|
+
propXml: _renderProps({ displayName: principalId,
|
|
607
|
+
resourcetype: "<D:collection/>" }, body.props) }],
|
|
608
|
+
});
|
|
609
|
+
for (var i = 0; i < (cals || []).length; i++) {
|
|
610
|
+
var cal = cals[i];
|
|
611
|
+
responses.push({
|
|
612
|
+
href: "/caldav/" + principalId + "/" + cal.id + "/",
|
|
613
|
+
propstat: [{ status: 200,
|
|
614
|
+
propXml: _renderProps({
|
|
615
|
+
displayName: cal.displayName || cal.id,
|
|
616
|
+
resourcetype: "<D:collection/><C:calendar/>",
|
|
617
|
+
etag: cal.etag,
|
|
618
|
+
}, body.props) }],
|
|
619
|
+
});
|
|
620
|
+
}
|
|
621
|
+
}
|
|
622
|
+
} else if (!componentId) {
|
|
623
|
+
// Calendar collection: list components.
|
|
624
|
+
var components = await calStorage.listComponents(principalId, calendarId, null);
|
|
625
|
+
responses.push({
|
|
626
|
+
href: "/caldav/" + principalId + "/" + calendarId + "/",
|
|
627
|
+
propstat: [{ status: 200,
|
|
628
|
+
propXml: _renderProps({ displayName: calendarId,
|
|
629
|
+
resourcetype: "<D:collection/><C:calendar/>" }, body.props) }],
|
|
630
|
+
});
|
|
631
|
+
if (depth !== "0") {
|
|
632
|
+
for (var j = 0; j < (components || []).length; j++) {
|
|
633
|
+
var c = components[j];
|
|
634
|
+
responses.push({
|
|
635
|
+
href: "/caldav/" + principalId + "/" + calendarId + "/" + c.id,
|
|
636
|
+
propstat: [{ status: 200,
|
|
637
|
+
propXml: _renderProps({
|
|
638
|
+
displayName: c.id,
|
|
639
|
+
resourcetype: "",
|
|
640
|
+
etag: c.etag,
|
|
641
|
+
contentType: "text/calendar; charset=utf-8",
|
|
642
|
+
size: c.size,
|
|
643
|
+
icalBytes: body.props.indexOf("calendar-data") >= 0 ? c.icalBytes : null,
|
|
644
|
+
}, body.props) }],
|
|
645
|
+
});
|
|
646
|
+
}
|
|
647
|
+
}
|
|
648
|
+
} else {
|
|
649
|
+
// Single component.
|
|
650
|
+
var comp = await calStorage.getComponent(principalId, calendarId, componentId);
|
|
651
|
+
if (!comp) {
|
|
652
|
+
responses.push({ href: req.url, status: 404 });
|
|
653
|
+
} else {
|
|
654
|
+
responses.push({
|
|
655
|
+
href: req.url,
|
|
656
|
+
propstat: [{ status: 200,
|
|
657
|
+
propXml: _renderProps({
|
|
658
|
+
displayName: comp.id,
|
|
659
|
+
etag: comp.etag,
|
|
660
|
+
contentType: "text/calendar; charset=utf-8",
|
|
661
|
+
size: comp.size,
|
|
662
|
+
icalBytes: body.props.indexOf("calendar-data") >= 0 ? comp.icalBytes : null,
|
|
663
|
+
}, body.props) }],
|
|
664
|
+
});
|
|
665
|
+
}
|
|
666
|
+
}
|
|
667
|
+
res.statusCode = 207;
|
|
668
|
+
res.setHeader("Content-Type", "application/xml; charset=utf-8");
|
|
669
|
+
res.setHeader("DAV", CALDAV_DAV_HEADER);
|
|
670
|
+
res.end(_multiStatus(responses));
|
|
671
|
+
_emit("mail.dav.propfind",
|
|
672
|
+
{ kind: "caldav", principalId: principalId, calendarId: calendarId,
|
|
673
|
+
depth: depth, responseCount: responses.length });
|
|
674
|
+
}
|
|
675
|
+
|
|
676
|
+
async function _handleCaldavReport(req, res, principalId, calendarId) {
|
|
677
|
+
var bodyBuf = await _readBodyBytes(req);
|
|
678
|
+
var report = _parseReportBody(bodyBuf);
|
|
679
|
+
var responses = [];
|
|
680
|
+
if (report.kind === "calendar-multiget") {
|
|
681
|
+
for (var i = 0; i < report.hrefs.length; i++) {
|
|
682
|
+
var href = report.hrefs[i];
|
|
683
|
+
var hrefParsed = _parsePath(href);
|
|
684
|
+
if (hrefParsed.rejected || hrefParsed.principalId !== principalId) {
|
|
685
|
+
responses.push({ href: href, status: 403 });
|
|
686
|
+
continue;
|
|
687
|
+
}
|
|
688
|
+
var hrefCalId = hrefParsed.parts[0];
|
|
689
|
+
var hrefCompId = hrefParsed.parts[1];
|
|
690
|
+
var comp = await calStorage.getComponent(principalId, hrefCalId, hrefCompId);
|
|
691
|
+
if (!comp) {
|
|
692
|
+
responses.push({ href: href, status: 404 });
|
|
693
|
+
} else {
|
|
694
|
+
responses.push({
|
|
695
|
+
href: href,
|
|
696
|
+
propstat: [{ status: 200,
|
|
697
|
+
propXml: _renderProps({
|
|
698
|
+
etag: comp.etag,
|
|
699
|
+
contentType: "text/calendar; charset=utf-8",
|
|
700
|
+
size: comp.size,
|
|
701
|
+
icalBytes: comp.icalBytes,
|
|
702
|
+
}, report.props.length > 0 ? report.props : ["getetag", "calendar-data"]) }],
|
|
703
|
+
});
|
|
704
|
+
}
|
|
705
|
+
}
|
|
706
|
+
} else if (report.kind === "calendar-query") {
|
|
707
|
+
var rows = await calStorage.listComponents(principalId, calendarId, report.filter);
|
|
708
|
+
for (var j = 0; j < (rows || []).length; j++) {
|
|
709
|
+
var r = rows[j];
|
|
710
|
+
responses.push({
|
|
711
|
+
href: "/caldav/" + principalId + "/" + calendarId + "/" + r.id,
|
|
712
|
+
propstat: [{ status: 200,
|
|
713
|
+
propXml: _renderProps({
|
|
714
|
+
etag: r.etag,
|
|
715
|
+
contentType: "text/calendar; charset=utf-8",
|
|
716
|
+
size: r.size,
|
|
717
|
+
icalBytes: r.icalBytes,
|
|
718
|
+
}, report.props.length > 0 ? report.props : ["getetag", "calendar-data"]) }],
|
|
719
|
+
});
|
|
720
|
+
}
|
|
721
|
+
} else {
|
|
722
|
+
return _refuseStatus(res, 422, "Unsupported REPORT kind: " + report.kind);
|
|
723
|
+
}
|
|
724
|
+
res.statusCode = 207;
|
|
725
|
+
res.setHeader("Content-Type", "application/xml; charset=utf-8");
|
|
726
|
+
res.setHeader("DAV", CALDAV_DAV_HEADER);
|
|
727
|
+
res.end(_multiStatus(responses));
|
|
728
|
+
_emit("mail.dav.report",
|
|
729
|
+
{ kind: "caldav", reportKind: report.kind, responseCount: responses.length });
|
|
730
|
+
}
|
|
731
|
+
|
|
732
|
+
async function _handleCaldavGet(req, res, principalId, calendarId, componentId) {
|
|
733
|
+
if (!componentId) {
|
|
734
|
+
return _refuseStatus(res, 404, "GET requires a component path");
|
|
735
|
+
}
|
|
736
|
+
var comp = await calStorage.getComponent(principalId, calendarId, componentId);
|
|
737
|
+
if (!comp) return _refuseStatus(res, 404, "Component not found");
|
|
738
|
+
res.statusCode = 200;
|
|
739
|
+
res.setHeader("Content-Type", "text/calendar; charset=utf-8");
|
|
740
|
+
if (comp.etag) res.setHeader("ETag", comp.etag);
|
|
741
|
+
res.end(comp.icalBytes);
|
|
742
|
+
_emit("mail.dav.get",
|
|
743
|
+
{ kind: "caldav", principalId: principalId, calendarId: calendarId,
|
|
744
|
+
componentId: componentId });
|
|
745
|
+
}
|
|
746
|
+
|
|
747
|
+
async function _handleCaldavPut(req, res, principalId, calendarId, componentId) {
|
|
748
|
+
if (!componentId) {
|
|
749
|
+
return _refuseStatus(res, 400, "PUT requires a component path");
|
|
750
|
+
}
|
|
751
|
+
var bodyBuf = await _readBodyBytes(req);
|
|
752
|
+
// Validate iCal body via safeIcal — defends CVE-2024-39687 at the
|
|
753
|
+
// ingest boundary.
|
|
754
|
+
try {
|
|
755
|
+
safeIcal.parse(bodyBuf, {
|
|
756
|
+
profile: profile,
|
|
757
|
+
compliancePosture: compliancePosture,
|
|
758
|
+
});
|
|
759
|
+
} catch (e) {
|
|
760
|
+
_emit("mail.dav.refused",
|
|
761
|
+
{ kind: "caldav", method: "PUT", reason: "ical-refused",
|
|
762
|
+
error: (e && e.code) || (e && e.message) }, "denied");
|
|
763
|
+
return _refuseStatus(res, 415,
|
|
764
|
+
"iCalendar body refused: " + ((e && e.message) || String(e)));
|
|
765
|
+
}
|
|
766
|
+
var ifMatch = (req.headers && (req.headers["if-match"] || req.headers["If-Match"])) || null;
|
|
767
|
+
var ifNoneMatch = (req.headers && (req.headers["if-none-match"] || req.headers["If-None-Match"])) || null;
|
|
768
|
+
var result;
|
|
769
|
+
try {
|
|
770
|
+
result = await calStorage.putComponent(principalId, calendarId, componentId,
|
|
771
|
+
bodyBuf, { ifMatch: ifMatch, ifNoneMatch: ifNoneMatch });
|
|
772
|
+
} catch (e) {
|
|
773
|
+
if (e && (e.code === "etag-mismatch" || e.statusCode === 412)) {
|
|
774
|
+
return _refuseStatus(res, 412, "ETag precondition failed");
|
|
775
|
+
}
|
|
776
|
+
throw e;
|
|
777
|
+
}
|
|
778
|
+
res.statusCode = result && result.created ? 201 : 204;
|
|
779
|
+
if (result && result.etag) res.setHeader("ETag", result.etag);
|
|
780
|
+
res.end();
|
|
781
|
+
_emit("mail.dav.put",
|
|
782
|
+
{ kind: "caldav", principalId: principalId, calendarId: calendarId,
|
|
783
|
+
componentId: componentId, created: !!(result && result.created) });
|
|
784
|
+
}
|
|
785
|
+
|
|
786
|
+
async function _handleCaldavDelete(req, res, principalId, calendarId, componentId) {
|
|
787
|
+
if (!componentId) {
|
|
788
|
+
return _refuseStatus(res, 400, "DELETE requires a component path");
|
|
789
|
+
}
|
|
790
|
+
var ifMatch = (req.headers && (req.headers["if-match"] || req.headers["If-Match"])) || null;
|
|
791
|
+
try {
|
|
792
|
+
var r = await calStorage.deleteComponent(principalId, calendarId, componentId,
|
|
793
|
+
{ ifMatch: ifMatch });
|
|
794
|
+
if (!r || r.notFound) return _refuseStatus(res, 404, "Component not found");
|
|
795
|
+
} catch (e) {
|
|
796
|
+
if (e && (e.code === "etag-mismatch" || e.statusCode === 412)) {
|
|
797
|
+
return _refuseStatus(res, 412, "ETag precondition failed");
|
|
798
|
+
}
|
|
799
|
+
throw e;
|
|
800
|
+
}
|
|
801
|
+
res.statusCode = 204;
|
|
802
|
+
res.end();
|
|
803
|
+
_emit("mail.dav.delete",
|
|
804
|
+
{ kind: "caldav", principalId: principalId, calendarId: calendarId,
|
|
805
|
+
componentId: componentId });
|
|
806
|
+
}
|
|
807
|
+
|
|
808
|
+
async function _handleMkcalendar(req, res, principalId, calendarId) {
|
|
809
|
+
if (!calendarId) {
|
|
810
|
+
return _refuseStatus(res, 400, "MKCALENDAR requires a calendar path");
|
|
811
|
+
}
|
|
812
|
+
if (typeof calStorage.mkcalendar !== "function") {
|
|
813
|
+
return _refuseStatus(res, 501,
|
|
814
|
+
"MKCALENDAR not supported (storage.calendar.mkcalendar undefined)");
|
|
815
|
+
}
|
|
816
|
+
var bodyBuf = await _readBodyBytes(req);
|
|
817
|
+
var props = Object.create(null);
|
|
818
|
+
if (bodyBuf.length > 0) {
|
|
819
|
+
try {
|
|
820
|
+
var tree = xmlC14n.parse(bodyBuf.toString("utf8"));
|
|
821
|
+
_walkXml(tree, function (node) {
|
|
822
|
+
if (_localName(node.name) === "prop" && node.children) {
|
|
823
|
+
for (var i = 0; i < node.children.length; i++) {
|
|
824
|
+
var c = node.children[i];
|
|
825
|
+
if (c.type === "element" && c.children) {
|
|
826
|
+
var text = "";
|
|
827
|
+
for (var j = 0; j < c.children.length; j++) {
|
|
828
|
+
if (c.children[j].type === "text") {
|
|
829
|
+
text += c.children[j].value || c.children[j].text || "";
|
|
830
|
+
}
|
|
831
|
+
}
|
|
832
|
+
props[_localName(c.name)] = text;
|
|
833
|
+
}
|
|
834
|
+
}
|
|
835
|
+
}
|
|
836
|
+
});
|
|
837
|
+
} catch (_e) {
|
|
838
|
+
return _refuseStatus(res, 400, "MKCALENDAR body XML refused");
|
|
839
|
+
}
|
|
840
|
+
}
|
|
841
|
+
var r = await calStorage.mkcalendar(principalId, calendarId, props);
|
|
842
|
+
res.statusCode = (r && r.created) ? 201 : 200;
|
|
843
|
+
res.end();
|
|
844
|
+
_emit("mail.dav.mkcalendar",
|
|
845
|
+
{ principalId: principalId, calendarId: calendarId });
|
|
846
|
+
}
|
|
847
|
+
|
|
848
|
+
// ---- CardDAV dispatch ------------------------------------------------
|
|
849
|
+
|
|
850
|
+
async function dispatchCarddav(actorPrincipalId, req, res) {
|
|
851
|
+
var method = (req.method || "GET").toUpperCase();
|
|
852
|
+
if (CARDDAV_METHODS.indexOf(method) < 0) {
|
|
853
|
+
_emit("mail.dav.refused",
|
|
854
|
+
{ method: method, kind: "carddav" }, "denied");
|
|
855
|
+
return _refuseStatus(res, 405, "Method not allowed: " + method);
|
|
856
|
+
}
|
|
857
|
+
if (!actorPrincipalId) {
|
|
858
|
+
_emit("mail.dav.refused",
|
|
859
|
+
{ method: method, kind: "carddav", reason: "no-actor" }, "denied");
|
|
860
|
+
return _refuseStatus(res, 401, "Authentication required");
|
|
861
|
+
}
|
|
862
|
+
if (!cardStorage) {
|
|
863
|
+
return _refuseStatus(res, 501,
|
|
864
|
+
"CardDAV not configured (opts.storage.addressbook required)");
|
|
865
|
+
}
|
|
866
|
+
|
|
867
|
+
if (method === "OPTIONS") {
|
|
868
|
+
res.statusCode = 200;
|
|
869
|
+
res.setHeader("DAV", CARDDAV_DAV_HEADER);
|
|
870
|
+
res.setHeader("Allow", CARDDAV_METHODS.join(", "));
|
|
871
|
+
res.setHeader("MS-Author-Via", "DAV");
|
|
872
|
+
res.end();
|
|
873
|
+
_emit("mail.dav.options", { kind: "carddav" });
|
|
874
|
+
return;
|
|
875
|
+
}
|
|
876
|
+
|
|
877
|
+
var parsed = _parsePath(req.url || "");
|
|
878
|
+
if (parsed.rejected) {
|
|
879
|
+
_emit("mail.dav.refused",
|
|
880
|
+
{ method: method, reason: parsed.rejected }, "denied");
|
|
881
|
+
return _refuseStatus(res, 400, "Bad URL: " + parsed.rejected);
|
|
882
|
+
}
|
|
883
|
+
if (!parsed.principalId) {
|
|
884
|
+
if (method !== "PROPFIND") {
|
|
885
|
+
return _refuseStatus(res, 400, "Principal segment required");
|
|
886
|
+
}
|
|
887
|
+
} else if (parsed.principalId !== actorPrincipalId) {
|
|
888
|
+
_emit("mail.dav.refused",
|
|
889
|
+
{ method: method, kind: "carddav",
|
|
890
|
+
urlPrincipal: parsed.principalId,
|
|
891
|
+
actorPrincipal: actorPrincipalId,
|
|
892
|
+
reason: "cross-principal" }, "denied");
|
|
893
|
+
return _refuseStatus(res, 403, "Cross-principal access refused");
|
|
894
|
+
}
|
|
895
|
+
|
|
896
|
+
var addressbookId = parsed.parts[0] || null;
|
|
897
|
+
var cardId = parsed.parts[1] || null;
|
|
898
|
+
|
|
899
|
+
try {
|
|
900
|
+
switch (method) {
|
|
901
|
+
case "PROPFIND": return await _handleCarddavPropfind(req, res, actorPrincipalId, addressbookId, cardId);
|
|
902
|
+
case "REPORT": return await _handleCarddavReport(req, res, actorPrincipalId, addressbookId);
|
|
903
|
+
case "GET": return await _handleCarddavGet(req, res, actorPrincipalId, addressbookId, cardId);
|
|
904
|
+
case "PUT": return await _handleCarddavPut(req, res, actorPrincipalId, addressbookId, cardId);
|
|
905
|
+
case "DELETE": return await _handleCarddavDelete(req, res, actorPrincipalId, addressbookId, cardId);
|
|
906
|
+
case "MKCOL": return await _handleMkcol(req, res, actorPrincipalId, addressbookId);
|
|
907
|
+
default:
|
|
908
|
+
// CARDDAV_METHODS allowlist gate is enforced above; this
|
|
909
|
+
// branch is unreachable but eslint requires it.
|
|
910
|
+
return _refuseStatus(res, 405, "Method not allowed: " + method);
|
|
911
|
+
}
|
|
912
|
+
} catch (e) {
|
|
913
|
+
_emit("mail.dav.handler_threw",
|
|
914
|
+
{ method: method, kind: "carddav",
|
|
915
|
+
error: (e && e.message) || String(e) }, "failure");
|
|
916
|
+
return _refuseStatus(res, 500, "Server error");
|
|
917
|
+
}
|
|
918
|
+
}
|
|
919
|
+
|
|
920
|
+
async function _handleCarddavPropfind(req, res, principalId, addressbookId, cardId) {
|
|
921
|
+
var depth = (req.headers && (req.headers.depth || req.headers.Depth)) || "0";
|
|
922
|
+
var bodyBuf = await _readBodyBytes(req);
|
|
923
|
+
var body = _parsePropfindBody(bodyBuf);
|
|
924
|
+
var responses = [];
|
|
925
|
+
|
|
926
|
+
if (!addressbookId) {
|
|
927
|
+
if (depth === "0") {
|
|
928
|
+
responses.push({
|
|
929
|
+
href: "/carddav/" + principalId + "/",
|
|
930
|
+
propstat: [{ status: 200,
|
|
931
|
+
propXml: _renderProps({ displayName: principalId,
|
|
932
|
+
resourcetype: "<D:collection/>" }, body.props) }],
|
|
933
|
+
});
|
|
934
|
+
} else {
|
|
935
|
+
var books = await cardStorage.listAddressbooks(principalId);
|
|
936
|
+
responses.push({
|
|
937
|
+
href: "/carddav/" + principalId + "/",
|
|
938
|
+
propstat: [{ status: 200,
|
|
939
|
+
propXml: _renderProps({ displayName: principalId,
|
|
940
|
+
resourcetype: "<D:collection/>" }, body.props) }],
|
|
941
|
+
});
|
|
942
|
+
for (var i = 0; i < (books || []).length; i++) {
|
|
943
|
+
var bk = books[i];
|
|
944
|
+
responses.push({
|
|
945
|
+
href: "/carddav/" + principalId + "/" + bk.id + "/",
|
|
946
|
+
propstat: [{ status: 200,
|
|
947
|
+
propXml: _renderProps({
|
|
948
|
+
displayName: bk.displayName || bk.id,
|
|
949
|
+
resourcetype: "<D:collection/><A:addressbook/>",
|
|
950
|
+
etag: bk.etag,
|
|
951
|
+
}, body.props) }],
|
|
952
|
+
});
|
|
953
|
+
}
|
|
954
|
+
}
|
|
955
|
+
} else if (!cardId) {
|
|
956
|
+
var cards = await cardStorage.listCards(principalId, addressbookId, null);
|
|
957
|
+
responses.push({
|
|
958
|
+
href: "/carddav/" + principalId + "/" + addressbookId + "/",
|
|
959
|
+
propstat: [{ status: 200,
|
|
960
|
+
propXml: _renderProps({ displayName: addressbookId,
|
|
961
|
+
resourcetype: "<D:collection/><A:addressbook/>" }, body.props) }],
|
|
962
|
+
});
|
|
963
|
+
if (depth !== "0") {
|
|
964
|
+
for (var j = 0; j < (cards || []).length; j++) {
|
|
965
|
+
var card = cards[j];
|
|
966
|
+
responses.push({
|
|
967
|
+
href: "/carddav/" + principalId + "/" + addressbookId + "/" + card.id,
|
|
968
|
+
propstat: [{ status: 200,
|
|
969
|
+
propXml: _renderProps({
|
|
970
|
+
displayName: card.id,
|
|
971
|
+
etag: card.etag,
|
|
972
|
+
contentType: "text/vcard; charset=utf-8",
|
|
973
|
+
size: card.size,
|
|
974
|
+
vcardBytes: body.props.indexOf("address-data") >= 0 ? card.vcardBytes : null,
|
|
975
|
+
}, body.props) }],
|
|
976
|
+
});
|
|
977
|
+
}
|
|
978
|
+
}
|
|
979
|
+
} else {
|
|
980
|
+
var single = await cardStorage.getCard(principalId, addressbookId, cardId);
|
|
981
|
+
if (!single) {
|
|
982
|
+
responses.push({ href: req.url, status: 404 });
|
|
983
|
+
} else {
|
|
984
|
+
responses.push({
|
|
985
|
+
href: req.url,
|
|
986
|
+
propstat: [{ status: 200,
|
|
987
|
+
propXml: _renderProps({
|
|
988
|
+
displayName: single.id,
|
|
989
|
+
etag: single.etag,
|
|
990
|
+
contentType: "text/vcard; charset=utf-8",
|
|
991
|
+
size: single.size,
|
|
992
|
+
vcardBytes: body.props.indexOf("address-data") >= 0 ? single.vcardBytes : null,
|
|
993
|
+
}, body.props) }],
|
|
994
|
+
});
|
|
995
|
+
}
|
|
996
|
+
}
|
|
997
|
+
res.statusCode = 207;
|
|
998
|
+
res.setHeader("Content-Type", "application/xml; charset=utf-8");
|
|
999
|
+
res.setHeader("DAV", CARDDAV_DAV_HEADER);
|
|
1000
|
+
res.end(_multiStatus(responses));
|
|
1001
|
+
_emit("mail.dav.propfind",
|
|
1002
|
+
{ kind: "carddav", principalId: principalId,
|
|
1003
|
+
addressbookId: addressbookId, depth: depth,
|
|
1004
|
+
responseCount: responses.length });
|
|
1005
|
+
}
|
|
1006
|
+
|
|
1007
|
+
async function _handleCarddavReport(req, res, principalId, addressbookId) {
|
|
1008
|
+
var bodyBuf = await _readBodyBytes(req);
|
|
1009
|
+
var report = _parseReportBody(bodyBuf);
|
|
1010
|
+
var responses = [];
|
|
1011
|
+
if (report.kind === "addressbook-multiget") {
|
|
1012
|
+
for (var i = 0; i < report.hrefs.length; i++) {
|
|
1013
|
+
var href = report.hrefs[i];
|
|
1014
|
+
var hp = _parsePath(href);
|
|
1015
|
+
if (hp.rejected || hp.principalId !== principalId) {
|
|
1016
|
+
responses.push({ href: href, status: 403 });
|
|
1017
|
+
continue;
|
|
1018
|
+
}
|
|
1019
|
+
var hpBookId = hp.parts[0];
|
|
1020
|
+
var hpCardId = hp.parts[1];
|
|
1021
|
+
var card = await cardStorage.getCard(principalId, hpBookId, hpCardId);
|
|
1022
|
+
if (!card) {
|
|
1023
|
+
responses.push({ href: href, status: 404 });
|
|
1024
|
+
} else {
|
|
1025
|
+
responses.push({
|
|
1026
|
+
href: href,
|
|
1027
|
+
propstat: [{ status: 200,
|
|
1028
|
+
propXml: _renderProps({
|
|
1029
|
+
etag: card.etag,
|
|
1030
|
+
contentType: "text/vcard; charset=utf-8",
|
|
1031
|
+
size: card.size,
|
|
1032
|
+
vcardBytes: card.vcardBytes,
|
|
1033
|
+
}, report.props.length > 0 ? report.props : ["getetag", "address-data"]) }],
|
|
1034
|
+
});
|
|
1035
|
+
}
|
|
1036
|
+
}
|
|
1037
|
+
} else if (report.kind === "addressbook-query") {
|
|
1038
|
+
var rows = await cardStorage.listCards(principalId, addressbookId, report.filter);
|
|
1039
|
+
for (var j = 0; j < (rows || []).length; j++) {
|
|
1040
|
+
var r = rows[j];
|
|
1041
|
+
responses.push({
|
|
1042
|
+
href: "/carddav/" + principalId + "/" + addressbookId + "/" + r.id,
|
|
1043
|
+
propstat: [{ status: 200,
|
|
1044
|
+
propXml: _renderProps({
|
|
1045
|
+
etag: r.etag,
|
|
1046
|
+
contentType: "text/vcard; charset=utf-8",
|
|
1047
|
+
size: r.size,
|
|
1048
|
+
vcardBytes: r.vcardBytes,
|
|
1049
|
+
}, report.props.length > 0 ? report.props : ["getetag", "address-data"]) }],
|
|
1050
|
+
});
|
|
1051
|
+
}
|
|
1052
|
+
} else {
|
|
1053
|
+
return _refuseStatus(res, 422, "Unsupported REPORT kind: " + report.kind);
|
|
1054
|
+
}
|
|
1055
|
+
res.statusCode = 207;
|
|
1056
|
+
res.setHeader("Content-Type", "application/xml; charset=utf-8");
|
|
1057
|
+
res.setHeader("DAV", CARDDAV_DAV_HEADER);
|
|
1058
|
+
res.end(_multiStatus(responses));
|
|
1059
|
+
_emit("mail.dav.report",
|
|
1060
|
+
{ kind: "carddav", reportKind: report.kind, responseCount: responses.length });
|
|
1061
|
+
}
|
|
1062
|
+
|
|
1063
|
+
async function _handleCarddavGet(req, res, principalId, addressbookId, cardId) {
|
|
1064
|
+
if (!cardId) return _refuseStatus(res, 404, "GET requires a card path");
|
|
1065
|
+
var card = await cardStorage.getCard(principalId, addressbookId, cardId);
|
|
1066
|
+
if (!card) return _refuseStatus(res, 404, "Card not found");
|
|
1067
|
+
res.statusCode = 200;
|
|
1068
|
+
res.setHeader("Content-Type", "text/vcard; charset=utf-8");
|
|
1069
|
+
if (card.etag) res.setHeader("ETag", card.etag);
|
|
1070
|
+
res.end(card.vcardBytes);
|
|
1071
|
+
_emit("mail.dav.get",
|
|
1072
|
+
{ kind: "carddav", principalId: principalId,
|
|
1073
|
+
addressbookId: addressbookId, cardId: cardId });
|
|
1074
|
+
}
|
|
1075
|
+
|
|
1076
|
+
async function _handleCarddavPut(req, res, principalId, addressbookId, cardId) {
|
|
1077
|
+
if (!cardId) return _refuseStatus(res, 400, "PUT requires a card path");
|
|
1078
|
+
var bodyBuf = await _readBodyBytes(req);
|
|
1079
|
+
try {
|
|
1080
|
+
safeVcard.parse(bodyBuf, {
|
|
1081
|
+
profile: profile,
|
|
1082
|
+
compliancePosture: compliancePosture,
|
|
1083
|
+
});
|
|
1084
|
+
} catch (e) {
|
|
1085
|
+
_emit("mail.dav.refused",
|
|
1086
|
+
{ kind: "carddav", method: "PUT", reason: "vcard-refused",
|
|
1087
|
+
error: (e && e.code) || (e && e.message) }, "denied");
|
|
1088
|
+
return _refuseStatus(res, 415,
|
|
1089
|
+
"vCard body refused: " + ((e && e.message) || String(e)));
|
|
1090
|
+
}
|
|
1091
|
+
var ifMatch = (req.headers && (req.headers["if-match"] || req.headers["If-Match"])) || null;
|
|
1092
|
+
var ifNoneMatch = (req.headers && (req.headers["if-none-match"] || req.headers["If-None-Match"])) || null;
|
|
1093
|
+
var result;
|
|
1094
|
+
try {
|
|
1095
|
+
result = await cardStorage.putCard(principalId, addressbookId, cardId,
|
|
1096
|
+
bodyBuf, { ifMatch: ifMatch, ifNoneMatch: ifNoneMatch });
|
|
1097
|
+
} catch (e) {
|
|
1098
|
+
if (e && (e.code === "etag-mismatch" || e.statusCode === 412)) {
|
|
1099
|
+
return _refuseStatus(res, 412, "ETag precondition failed");
|
|
1100
|
+
}
|
|
1101
|
+
throw e;
|
|
1102
|
+
}
|
|
1103
|
+
res.statusCode = result && result.created ? 201 : 204;
|
|
1104
|
+
if (result && result.etag) res.setHeader("ETag", result.etag);
|
|
1105
|
+
res.end();
|
|
1106
|
+
_emit("mail.dav.put",
|
|
1107
|
+
{ kind: "carddav", principalId: principalId,
|
|
1108
|
+
addressbookId: addressbookId, cardId: cardId,
|
|
1109
|
+
created: !!(result && result.created) });
|
|
1110
|
+
}
|
|
1111
|
+
|
|
1112
|
+
async function _handleCarddavDelete(req, res, principalId, addressbookId, cardId) {
|
|
1113
|
+
if (!cardId) return _refuseStatus(res, 400, "DELETE requires a card path");
|
|
1114
|
+
var ifMatch = (req.headers && (req.headers["if-match"] || req.headers["If-Match"])) || null;
|
|
1115
|
+
try {
|
|
1116
|
+
var r = await cardStorage.deleteCard(principalId, addressbookId, cardId,
|
|
1117
|
+
{ ifMatch: ifMatch });
|
|
1118
|
+
if (!r || r.notFound) return _refuseStatus(res, 404, "Card not found");
|
|
1119
|
+
} catch (e) {
|
|
1120
|
+
if (e && (e.code === "etag-mismatch" || e.statusCode === 412)) {
|
|
1121
|
+
return _refuseStatus(res, 412, "ETag precondition failed");
|
|
1122
|
+
}
|
|
1123
|
+
throw e;
|
|
1124
|
+
}
|
|
1125
|
+
res.statusCode = 204;
|
|
1126
|
+
res.end();
|
|
1127
|
+
_emit("mail.dav.delete",
|
|
1128
|
+
{ kind: "carddav", principalId: principalId,
|
|
1129
|
+
addressbookId: addressbookId, cardId: cardId });
|
|
1130
|
+
}
|
|
1131
|
+
|
|
1132
|
+
async function _handleMkcol(req, res, principalId, addressbookId) {
|
|
1133
|
+
if (!addressbookId) {
|
|
1134
|
+
return _refuseStatus(res, 400, "MKCOL requires an addressbook path");
|
|
1135
|
+
}
|
|
1136
|
+
if (typeof cardStorage.mkcol !== "function") {
|
|
1137
|
+
return _refuseStatus(res, 501,
|
|
1138
|
+
"MKCOL not supported (storage.addressbook.mkcol undefined)");
|
|
1139
|
+
}
|
|
1140
|
+
var bodyBuf = await _readBodyBytes(req);
|
|
1141
|
+
var props = Object.create(null);
|
|
1142
|
+
if (bodyBuf.length > 0) {
|
|
1143
|
+
try {
|
|
1144
|
+
var tree = xmlC14n.parse(bodyBuf.toString("utf8"));
|
|
1145
|
+
_walkXml(tree, function (node) {
|
|
1146
|
+
if (_localName(node.name) === "prop" && node.children) {
|
|
1147
|
+
for (var i = 0; i < node.children.length; i++) {
|
|
1148
|
+
var c = node.children[i];
|
|
1149
|
+
if (c.type === "element" && c.children) {
|
|
1150
|
+
var text = "";
|
|
1151
|
+
for (var j = 0; j < c.children.length; j++) {
|
|
1152
|
+
if (c.children[j].type === "text") {
|
|
1153
|
+
text += c.children[j].value || c.children[j].text || "";
|
|
1154
|
+
}
|
|
1155
|
+
}
|
|
1156
|
+
props[_localName(c.name)] = text;
|
|
1157
|
+
}
|
|
1158
|
+
}
|
|
1159
|
+
}
|
|
1160
|
+
});
|
|
1161
|
+
} catch (_e) {
|
|
1162
|
+
return _refuseStatus(res, 400, "MKCOL body XML refused");
|
|
1163
|
+
}
|
|
1164
|
+
}
|
|
1165
|
+
var r = await cardStorage.mkcol(principalId, addressbookId, props);
|
|
1166
|
+
res.statusCode = (r && r.created) ? 201 : 200;
|
|
1167
|
+
res.end();
|
|
1168
|
+
_emit("mail.dav.mkcol",
|
|
1169
|
+
{ principalId: principalId, addressbookId: addressbookId });
|
|
1170
|
+
}
|
|
1171
|
+
|
|
1172
|
+
// ---- HTTP handlers (Express-style) -----------------------------------
|
|
1173
|
+
|
|
1174
|
+
function caldavHandler(req, res) {
|
|
1175
|
+
var actorPrincipalId = _actorPrincipalId(req);
|
|
1176
|
+
dispatchCaldav(actorPrincipalId, req, res).catch(function (err) {
|
|
1177
|
+
_emit("mail.dav.handler_threw",
|
|
1178
|
+
{ kind: "caldav", error: (err && err.message) || String(err) }, "failure");
|
|
1179
|
+
try { _refuseStatus(res, 500, "Server error"); } catch (_e) { /* response already sent */ }
|
|
1180
|
+
});
|
|
1181
|
+
}
|
|
1182
|
+
|
|
1183
|
+
function carddavHandler(req, res) {
|
|
1184
|
+
var actorPrincipalId = _actorPrincipalId(req);
|
|
1185
|
+
dispatchCarddav(actorPrincipalId, req, res).catch(function (err) {
|
|
1186
|
+
_emit("mail.dav.handler_threw",
|
|
1187
|
+
{ kind: "carddav", error: (err && err.message) || String(err) }, "failure");
|
|
1188
|
+
try { _refuseStatus(res, 500, "Server error"); } catch (_e) { /* response already sent */ }
|
|
1189
|
+
});
|
|
1190
|
+
}
|
|
1191
|
+
|
|
1192
|
+
// RFC 6764 — .well-known/caldav + .well-known/carddav. SHOULD return
|
|
1193
|
+
// a 301 redirect to the principal URL (the operator's auth layer
|
|
1194
|
+
// resolves the principal from the bearer token first). For the
|
|
1195
|
+
// framework default, redirect to the static collection root and let
|
|
1196
|
+
// the client follow current-user-principal.
|
|
1197
|
+
function discoveryHandler(req, res) {
|
|
1198
|
+
var path = (req.url || "/").toLowerCase();
|
|
1199
|
+
var target;
|
|
1200
|
+
if (path.indexOf("carddav") >= 0) {
|
|
1201
|
+
target = opts.carddavBaseUrl || "/carddav/";
|
|
1202
|
+
} else {
|
|
1203
|
+
target = opts.caldavBaseUrl || "/caldav/";
|
|
1204
|
+
}
|
|
1205
|
+
res.statusCode = 301;
|
|
1206
|
+
res.setHeader("Location", target);
|
|
1207
|
+
res.end();
|
|
1208
|
+
_emit("mail.dav.discovery", { target: target });
|
|
1209
|
+
}
|
|
1210
|
+
|
|
1211
|
+
return {
|
|
1212
|
+
caldavHandler: caldavHandler,
|
|
1213
|
+
carddavHandler: carddavHandler,
|
|
1214
|
+
discoveryHandler: discoveryHandler,
|
|
1215
|
+
dispatchCaldav: dispatchCaldav,
|
|
1216
|
+
dispatchCarddav: dispatchCarddav,
|
|
1217
|
+
MailDavError: MailDavError,
|
|
1218
|
+
};
|
|
1219
|
+
}
|
|
1220
|
+
|
|
1221
|
+
module.exports = {
|
|
1222
|
+
create: create,
|
|
1223
|
+
MailDavError: MailDavError,
|
|
1224
|
+
};
|