@blamejs/blamejs-shop 0.2.12 → 0.2.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +4 -0
- package/README.md +1 -1
- package/lib/admin.js +616 -21
- package/lib/asset-manifest.json +5 -5
- package/lib/catalog.js +19 -0
- package/lib/storefront.js +1 -1
- package/lib/vendor/MANIFEST.json +3 -3
- package/lib/vendor/blamejs/.github/workflows/actions-lint.yml +71 -23
- package/lib/vendor/blamejs/.github/workflows/cflite_batch.yml +2 -0
- package/lib/vendor/blamejs/.github/workflows/cflite_pr.yml +2 -0
- package/lib/vendor/blamejs/.github/workflows/ci.yml +17 -0
- package/lib/vendor/blamejs/.github/workflows/npm-publish.yml +18 -10
- package/lib/vendor/blamejs/.github/workflows/release-container.yml +29 -16
- package/lib/vendor/blamejs/.github/workflows/sha-to-tag-verify.yml +22 -3
- package/lib/vendor/blamejs/.github/zizmor.yml +29 -0
- package/lib/vendor/blamejs/.pinact.yaml +24 -8
- package/lib/vendor/blamejs/CHANGELOG.md +20 -0
- package/lib/vendor/blamejs/api-snapshot.json +6 -2
- package/lib/vendor/blamejs/lib/agent-idempotency.js +50 -10
- package/lib/vendor/blamejs/lib/agent-orchestrator.js +58 -5
- package/lib/vendor/blamejs/lib/agent-saga.js +8 -4
- package/lib/vendor/blamejs/lib/agent-tenant.js +56 -4
- package/lib/vendor/blamejs/lib/agent-trace.js +4 -3
- package/lib/vendor/blamejs/lib/ai-adverse-decision.js +1 -1
- package/lib/vendor/blamejs/lib/archive-wrap.js +1 -1
- package/lib/vendor/blamejs/lib/audit-daily-review.js +3 -3
- package/lib/vendor/blamejs/lib/audit.js +11 -8
- package/lib/vendor/blamejs/lib/auth/jwt.js +7 -4
- package/lib/vendor/blamejs/lib/auth/saml.js +2 -2
- package/lib/vendor/blamejs/lib/calendar.js +14 -10
- package/lib/vendor/blamejs/lib/circuit-breaker.js +6 -4
- package/lib/vendor/blamejs/lib/compliance-ai-act-transparency.js +2 -2
- package/lib/vendor/blamejs/lib/compliance.js +7 -9
- package/lib/vendor/blamejs/lib/cookies.js +2 -2
- package/lib/vendor/blamejs/lib/cose.js +1 -1
- package/lib/vendor/blamejs/lib/crypto-field.js +8 -3
- package/lib/vendor/blamejs/lib/data-act.js +4 -3
- package/lib/vendor/blamejs/lib/did.js +1 -1
- package/lib/vendor/blamejs/lib/file-upload.js +18 -1
- package/lib/vendor/blamejs/lib/guard-archive.js +2 -2
- package/lib/vendor/blamejs/lib/guard-auth.js +5 -5
- package/lib/vendor/blamejs/lib/guard-cidr.js +4 -4
- package/lib/vendor/blamejs/lib/guard-csv.js +6 -6
- package/lib/vendor/blamejs/lib/guard-domain.js +4 -4
- package/lib/vendor/blamejs/lib/guard-email.js +6 -5
- package/lib/vendor/blamejs/lib/guard-filename.js +4 -4
- package/lib/vendor/blamejs/lib/guard-graphql.js +5 -5
- package/lib/vendor/blamejs/lib/guard-html.js +2 -2
- package/lib/vendor/blamejs/lib/guard-image.js +1 -1
- package/lib/vendor/blamejs/lib/guard-json.js +5 -5
- package/lib/vendor/blamejs/lib/guard-jsonpath.js +4 -4
- package/lib/vendor/blamejs/lib/guard-jwt.js +5 -5
- package/lib/vendor/blamejs/lib/guard-markdown.js +6 -6
- package/lib/vendor/blamejs/lib/guard-mime.js +6 -6
- package/lib/vendor/blamejs/lib/guard-oauth.js +5 -5
- package/lib/vendor/blamejs/lib/guard-pdf.js +1 -1
- package/lib/vendor/blamejs/lib/guard-regex.js +4 -4
- package/lib/vendor/blamejs/lib/guard-shell.js +4 -4
- package/lib/vendor/blamejs/lib/guard-svg.js +5 -5
- package/lib/vendor/blamejs/lib/guard-template.js +4 -4
- package/lib/vendor/blamejs/lib/guard-time.js +6 -6
- package/lib/vendor/blamejs/lib/guard-uuid.js +6 -6
- package/lib/vendor/blamejs/lib/guard-xml.js +4 -4
- package/lib/vendor/blamejs/lib/guard-yaml.js +5 -5
- package/lib/vendor/blamejs/lib/link-header.js +3 -2
- package/lib/vendor/blamejs/lib/mail-agent.js +4 -2
- package/lib/vendor/blamejs/lib/mail-bimi.js +3 -2
- package/lib/vendor/blamejs/lib/mail-crypto-pgp.js +7 -11
- package/lib/vendor/blamejs/lib/mail-crypto-smime.js +6 -5
- package/lib/vendor/blamejs/lib/mail-crypto.js +5 -5
- package/lib/vendor/blamejs/lib/mail-store.js +3 -2
- package/lib/vendor/blamejs/lib/mcp.js +2 -3
- package/lib/vendor/blamejs/lib/middleware/age-gate.js +10 -6
- package/lib/vendor/blamejs/lib/middleware/ai-act-disclosure.js +1 -1
- package/lib/vendor/blamejs/lib/middleware/api-encrypt.js +3 -3
- package/lib/vendor/blamejs/lib/middleware/compose-pipeline.js +1 -1
- package/lib/vendor/blamejs/lib/middleware/csp-nonce.js +2 -2
- package/lib/vendor/blamejs/lib/middleware/flag-context.js +1 -1
- package/lib/vendor/blamejs/lib/middleware/rate-limit.js +2 -2
- package/lib/vendor/blamejs/lib/middleware/require-auth.js +2 -1
- package/lib/vendor/blamejs/lib/queue-redis.js +9 -0
- package/lib/vendor/blamejs/lib/queue.js +17 -1
- package/lib/vendor/blamejs/lib/retry.js +26 -0
- package/lib/vendor/blamejs/lib/router.js +4 -1
- package/lib/vendor/blamejs/lib/safe-decompress.js +3 -2
- package/lib/vendor/blamejs/lib/safe-icap.js +3 -2
- package/lib/vendor/blamejs/lib/safe-mime.js +1 -1
- package/lib/vendor/blamejs/lib/safe-smtp.js +1 -1
- package/lib/vendor/blamejs/lib/sec-cyber.js +1 -1
- package/lib/vendor/blamejs/lib/storage.js +20 -16
- package/lib/vendor/blamejs/lib/tsa.js +2 -1
- package/lib/vendor/blamejs/lib/vault/index.js +1 -0
- package/lib/vendor/blamejs/lib/vault-aad.js +2 -2
- package/lib/vendor/blamejs/package.json +1 -1
- package/lib/vendor/blamejs/release-notes/v0.13.23.json +42 -0
- package/lib/vendor/blamejs/release-notes/v0.13.24.json +26 -0
- package/lib/vendor/blamejs/release-notes/v0.13.25.json +39 -0
- package/lib/vendor/blamejs/release-notes/v0.13.26.json +31 -0
- package/lib/vendor/blamejs/release-notes/v0.13.27.json +34 -0
- package/lib/vendor/blamejs/release-notes/v0.13.28.json +30 -0
- package/lib/vendor/blamejs/release-notes/v0.13.29.json +30 -0
- package/lib/vendor/blamejs/release-notes/v0.13.30.json +30 -0
- package/lib/vendor/blamejs/release-notes/v0.13.31.json +26 -0
- package/lib/vendor/blamejs/release-notes/v0.13.32.json +34 -0
- package/lib/vendor/blamejs/test/20-db.js +30 -0
- package/lib/vendor/blamejs/test/integration/queue-redis.test.js +14 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/agent-idempotency.test.js +37 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/agent-orchestrator.test.js +37 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/agent-tenant.test.js +26 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-daily-review.test.js +9 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/retry.test.js +25 -0
- package/lib/vendor/blamejs/test/smoke.js +25 -0
- package/package.json +1 -1
|
@@ -441,7 +441,7 @@ function _detectIssues(input, opts) {
|
|
|
441
441
|
* @related b.guardJwt.sanitize, b.guardJwt.gate
|
|
442
442
|
*
|
|
443
443
|
* Apply the full guard-jwt threat catalog to a JWT compact-
|
|
444
|
-
* serialization string. Returns `{ ok, issues
|
|
444
|
+
* serialization string. Returns `{ ok, issues }` per
|
|
445
445
|
* `gateContract.aggregateIssues`. Detected classes include
|
|
446
446
|
* `alg-none` (always critical), `kid-traversal` (always critical),
|
|
447
447
|
* `alg-not-allowed`, `typ-confusion`, `crit-unknown`, `exp-past`,
|
|
@@ -456,7 +456,7 @@ function _detectIssues(input, opts) {
|
|
|
456
456
|
*
|
|
457
457
|
* @opts
|
|
458
458
|
* profile: "strict"|"balanced"|"permissive",
|
|
459
|
-
*
|
|
459
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
460
460
|
* allowedAlgs: string[],
|
|
461
461
|
* requiredClaims: string[],
|
|
462
462
|
* knownCrit: string[],
|
|
@@ -524,7 +524,7 @@ function validate(input, opts) {
|
|
|
524
524
|
*
|
|
525
525
|
* @opts
|
|
526
526
|
* profile: "strict"|"balanced"|"permissive",
|
|
527
|
-
*
|
|
527
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
528
528
|
* ...: every guardJwt.validate opt is honored,
|
|
529
529
|
*
|
|
530
530
|
* @example
|
|
@@ -573,13 +573,13 @@ function sanitize(input, opts) {
|
|
|
573
573
|
*
|
|
574
574
|
* @opts
|
|
575
575
|
* profile: "strict"|"balanced"|"permissive",
|
|
576
|
-
*
|
|
576
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
577
577
|
* name: string, // gate label for audit trails
|
|
578
578
|
* ...: every guardJwt.validate opt is honored,
|
|
579
579
|
*
|
|
580
580
|
* @example
|
|
581
581
|
* var jwtGate = b.guardJwt.gate({ profile: "strict" });
|
|
582
|
-
* var rv = await jwtGate.
|
|
582
|
+
* var rv = await jwtGate.check({
|
|
583
583
|
* identifier:
|
|
584
584
|
* "eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0." +
|
|
585
585
|
* "eyJzdWIiOiJhdHRhY2tlciJ9.",
|
|
@@ -505,7 +505,7 @@ function _detectIssues(input, opts) {
|
|
|
505
505
|
*
|
|
506
506
|
* @opts
|
|
507
507
|
* profile: "strict"|"balanced"|"permissive",
|
|
508
|
-
*
|
|
508
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
509
509
|
* bidiPolicy: "reject"|"strip"|"audit"|"allow",
|
|
510
510
|
* controlPolicy: "reject"|"strip"|"allow",
|
|
511
511
|
* nullBytePolicy: "reject"|"strip"|"allow",
|
|
@@ -568,7 +568,7 @@ function validate(input, opts) {
|
|
|
568
568
|
*
|
|
569
569
|
* @opts
|
|
570
570
|
* profile: "strict"|"balanced"|"permissive",
|
|
571
|
-
*
|
|
571
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
572
572
|
* ...: same shape as b.guardMarkdown.validate opts,
|
|
573
573
|
*
|
|
574
574
|
* @example
|
|
@@ -606,7 +606,7 @@ function sanitize(input, opts) {
|
|
|
606
606
|
* @compliance hipaa, pci-dss, gdpr, soc2
|
|
607
607
|
* @related b.guardMarkdown.validate, b.guardMarkdown.sanitize, b.guardAll.gate, b.staticServe.create
|
|
608
608
|
*
|
|
609
|
-
* Build
|
|
609
|
+
* Build a guard gate whose async `check(ctx)` returns `{ ok, action, issues }`, consumable
|
|
610
610
|
* by `b.guardAll`, `b.staticServe`, `b.fileUpload`, and any host
|
|
611
611
|
* that ingests user-supplied markdown. The gate decodes
|
|
612
612
|
* `ctx.bytes` / `ctx.bodyText`, runs `validate`, and maps
|
|
@@ -617,15 +617,15 @@ function sanitize(input, opts) {
|
|
|
617
617
|
* @opts
|
|
618
618
|
* name: string, // gate label for audit / observability
|
|
619
619
|
* profile: "strict"|"balanced"|"permissive",
|
|
620
|
-
*
|
|
620
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
621
621
|
* ...: same shape as b.guardMarkdown.validate opts,
|
|
622
622
|
*
|
|
623
623
|
* @example
|
|
624
624
|
* var g = b.guardMarkdown.gate({ profile: "strict" });
|
|
625
|
-
* var rv = await g({ bytes: Buffer.from("# hello\n", "utf8") });
|
|
625
|
+
* var rv = await g.check({ bytes: Buffer.from("# hello\n", "utf8") });
|
|
626
626
|
* rv.action; // → "serve"
|
|
627
627
|
*
|
|
628
|
-
* var bad = await g({ bytes: Buffer.from("[x](javascript:1)", "utf8") });
|
|
628
|
+
* var bad = await g.check({ bytes: Buffer.from("[x](javascript:1)", "utf8") });
|
|
629
629
|
* bad.action; // → "refuse"
|
|
630
630
|
*/
|
|
631
631
|
function gate(opts) {
|
|
@@ -369,7 +369,7 @@ function _detectIssues(input, opts) {
|
|
|
369
369
|
*
|
|
370
370
|
* @opts
|
|
371
371
|
* profile: "strict"|"balanced"|"permissive",
|
|
372
|
-
*
|
|
372
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
373
373
|
* bidiPolicy: "reject"|"strip"|"audit"|"allow",
|
|
374
374
|
* controlPolicy: "reject"|"strip"|"allow",
|
|
375
375
|
* nullBytePolicy: "reject"|"strip"|"allow",
|
|
@@ -423,7 +423,7 @@ function validate(input, opts) {
|
|
|
423
423
|
*
|
|
424
424
|
* @opts
|
|
425
425
|
* profile: "strict"|"balanced"|"permissive",
|
|
426
|
-
*
|
|
426
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
427
427
|
* ...: same shape as b.guardMime.validate opts,
|
|
428
428
|
*
|
|
429
429
|
* @example
|
|
@@ -467,7 +467,7 @@ function sanitize(input, opts) {
|
|
|
467
467
|
* @compliance hipaa, pci-dss, gdpr, soc2
|
|
468
468
|
* @related b.guardMime.validate, b.guardMime.sanitize, b.guardAll.gate
|
|
469
469
|
*
|
|
470
|
-
* Build
|
|
470
|
+
* Build a guard gate whose async `check(ctx)` returns `{ ok, action, issues }`, consumable
|
|
471
471
|
* by `b.guardAll`, `b.staticServe`, `b.fileUpload`, and any other
|
|
472
472
|
* host that integrates the guard contract. The gate reads
|
|
473
473
|
* `ctx.identifier` (or `ctx.mime`), runs `validate`, and maps
|
|
@@ -477,15 +477,15 @@ function sanitize(input, opts) {
|
|
|
477
477
|
* @opts
|
|
478
478
|
* name: string, // gate label for audit / observability
|
|
479
479
|
* profile: "strict"|"balanced"|"permissive",
|
|
480
|
-
*
|
|
480
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
481
481
|
* ...: same shape as b.guardMime.validate opts,
|
|
482
482
|
*
|
|
483
483
|
* @example
|
|
484
484
|
* var g = b.guardMime.gate({ profile: "strict" });
|
|
485
|
-
* var rv = await g({ identifier: "application/json" });
|
|
485
|
+
* var rv = await g.check({ identifier: "application/json" });
|
|
486
486
|
* rv.action; // → "serve"
|
|
487
487
|
*
|
|
488
|
-
* var bad = await g({ identifier: "application/x-msdownload" });
|
|
488
|
+
* var bad = await g.check({ identifier: "application/x-msdownload" });
|
|
489
489
|
* bad.action; // → "refuse"
|
|
490
490
|
*/
|
|
491
491
|
function gate(opts) {
|
|
@@ -352,7 +352,7 @@ function _detectIssues(flow, opts) {
|
|
|
352
352
|
* @related b.guardOauth.sanitize, b.guardOauth.gate
|
|
353
353
|
*
|
|
354
354
|
* Apply the full guard-oauth threat catalog to a flow bundle.
|
|
355
|
-
* Returns `{ ok, issues
|
|
355
|
+
* Returns `{ ok, issues }` per
|
|
356
356
|
* `gateContract.aggregateIssues`. Detected classes include
|
|
357
357
|
* `pkce-missing`, `pkce-method` (e.g. plain under require-s256),
|
|
358
358
|
* `state-missing`, `redirect-uri-not-allowed`,
|
|
@@ -365,7 +365,7 @@ function _detectIssues(flow, opts) {
|
|
|
365
365
|
*
|
|
366
366
|
* @opts
|
|
367
367
|
* profile: "strict"|"balanced"|"permissive",
|
|
368
|
-
*
|
|
368
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
369
369
|
* pkcePolicy: "require-s256"|"require-any"|"audit"|"allow",
|
|
370
370
|
* statePolicy: "require"|"audit"|"allow",
|
|
371
371
|
* redirectUriPolicy: "require-exact-allowlist"|"audit"|"allow",
|
|
@@ -427,7 +427,7 @@ function validate(input, opts) {
|
|
|
427
427
|
*
|
|
428
428
|
* @opts
|
|
429
429
|
* profile: "strict"|"balanced"|"permissive",
|
|
430
|
-
*
|
|
430
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
431
431
|
* ...: every guardOauth.validate opt is honored,
|
|
432
432
|
*
|
|
433
433
|
* @example
|
|
@@ -475,7 +475,7 @@ function sanitize(input, opts) {
|
|
|
475
475
|
*
|
|
476
476
|
* @opts
|
|
477
477
|
* profile: "strict"|"balanced"|"permissive",
|
|
478
|
-
*
|
|
478
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
479
479
|
* name: string, // gate label for audit trails
|
|
480
480
|
* ...: every guardOauth.validate opt is honored,
|
|
481
481
|
*
|
|
@@ -484,7 +484,7 @@ function sanitize(input, opts) {
|
|
|
484
484
|
* profile: "strict",
|
|
485
485
|
* allowedRedirectUris: ["https://app.example.com/callback"],
|
|
486
486
|
* });
|
|
487
|
-
* var rv = await oauthGate.
|
|
487
|
+
* var rv = await oauthGate.check({
|
|
488
488
|
* oauthFlow: {
|
|
489
489
|
* response_type: "code",
|
|
490
490
|
* redirect_uri: "https://attacker.example/callback",
|
|
@@ -410,7 +410,7 @@ function sanitize(input, opts) {
|
|
|
410
410
|
*
|
|
411
411
|
* @opts
|
|
412
412
|
* profile: "strict"|"balanced"|"permissive",
|
|
413
|
-
*
|
|
413
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
414
414
|
* name: string,
|
|
415
415
|
* ...: any validate opt
|
|
416
416
|
*
|
|
@@ -30,7 +30,7 @@
|
|
|
30
30
|
* Profiles: `strict` / `balanced` / `permissive`. Compliance
|
|
31
31
|
* postures: `hipaa` / `pci-dss` / `gdpr` / `soc2`. Operators
|
|
32
32
|
* select via `{ profile: "strict" }` or
|
|
33
|
-
* `{
|
|
33
|
+
* `{ compliancePosture: "hipaa" }`; postures overlay on top of the
|
|
34
34
|
* profile baseline. Nested-quantifier rejection holds at every
|
|
35
35
|
* profile — the catastrophic class is never an operator opt-in.
|
|
36
36
|
*
|
|
@@ -368,7 +368,7 @@ function _detectNestedExtglob(input, opts, issues) {
|
|
|
368
368
|
*
|
|
369
369
|
* @opts
|
|
370
370
|
* profile: "strict"|"balanced"|"permissive",
|
|
371
|
-
*
|
|
371
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
372
372
|
* bidiPolicy: "reject"|"audit"|"allow",
|
|
373
373
|
* controlPolicy: "reject"|"audit"|"allow",
|
|
374
374
|
* nullBytePolicy: "reject"|"audit"|"allow",
|
|
@@ -422,7 +422,7 @@ function validate(input, opts) {
|
|
|
422
422
|
*
|
|
423
423
|
* @opts
|
|
424
424
|
* profile: "strict"|"balanced"|"permissive",
|
|
425
|
-
*
|
|
425
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
426
426
|
* nestedQuantPolicy: "reject"|"audit"|"allow",
|
|
427
427
|
* alternationQuantPolicy: "reject"|"audit"|"allow",
|
|
428
428
|
* boundedRepeatPolicy: "reject"|"audit"|"allow",
|
|
@@ -477,7 +477,7 @@ function sanitize(input, opts) {
|
|
|
477
477
|
*
|
|
478
478
|
* @opts
|
|
479
479
|
* profile: "strict"|"balanced"|"permissive",
|
|
480
|
-
*
|
|
480
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
481
481
|
* name: string, // override gate name in audit emissions
|
|
482
482
|
* nestedQuantPolicy: "reject"|"audit"|"allow",
|
|
483
483
|
* alternationQuantPolicy: "reject"|"audit"|"allow",
|
|
@@ -28,7 +28,7 @@
|
|
|
28
28
|
*
|
|
29
29
|
* Profiles: `strict` / `balanced` / `permissive`. Compliance
|
|
30
30
|
* postures: `hipaa` / `pci-dss` / `gdpr` / `soc2`. Operators select
|
|
31
|
-
* via `{ profile: "strict" }` or `{
|
|
31
|
+
* via `{ profile: "strict" }` or `{ compliancePosture: "hipaa" }`;
|
|
32
32
|
* postures overlay on top of the profile baseline.
|
|
33
33
|
*
|
|
34
34
|
* Shell args cannot be repaired safely — `sanitize` either passes
|
|
@@ -262,7 +262,7 @@ function _detectIssues(input, opts) {
|
|
|
262
262
|
*
|
|
263
263
|
* @opts
|
|
264
264
|
* profile: "strict"|"balanced"|"permissive",
|
|
265
|
-
*
|
|
265
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
266
266
|
* bidiPolicy: "reject"|"audit"|"allow",
|
|
267
267
|
* controlPolicy: "reject"|"audit"|"allow",
|
|
268
268
|
* nullBytePolicy: "reject"|"audit"|"allow",
|
|
@@ -314,7 +314,7 @@ function validate(input, opts) {
|
|
|
314
314
|
*
|
|
315
315
|
* @opts
|
|
316
316
|
* profile: "strict"|"balanced"|"permissive",
|
|
317
|
-
*
|
|
317
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
318
318
|
* posixMetaPolicy: "reject"|"audit"|"allow",
|
|
319
319
|
* cmdMetaPolicy: "reject"|"audit"|"allow",
|
|
320
320
|
* dollarSubstPolicy: "reject"|"audit"|"allow",
|
|
@@ -369,7 +369,7 @@ function sanitize(input, opts) {
|
|
|
369
369
|
*
|
|
370
370
|
* @opts
|
|
371
371
|
* profile: "strict"|"balanced"|"permissive",
|
|
372
|
-
*
|
|
372
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
373
373
|
* name: string, // override gate name in audit emissions
|
|
374
374
|
* posixMetaPolicy: "reject"|"audit"|"allow",
|
|
375
375
|
* cmdMetaPolicy: "reject"|"audit"|"allow",
|
|
@@ -1017,9 +1017,9 @@ function sanitize(input, opts) {
|
|
|
1017
1017
|
* @status stable
|
|
1018
1018
|
* @related b.guardSvg.validate, b.guardSvg.sanitize, b.fileUpload, b.staticServe
|
|
1019
1019
|
*
|
|
1020
|
-
* Build a uniform gate over guard-* family contract. Returns
|
|
1021
|
-
* async
|
|
1022
|
-
* sanitized? }` where `action` is `serve` / `audit-only` /
|
|
1020
|
+
* Build a uniform gate over the guard-* family contract. Returns a
|
|
1021
|
+
* gate whose async `check(ctx)` produces a verdict `{ ok, action,
|
|
1022
|
+
* issues?, sanitized? }` where `action` is `serve` / `audit-only` /
|
|
1023
1023
|
* `sanitize` / `refuse`. SVGZ inputs always refuse — operators
|
|
1024
1024
|
* ungzip and re-gate the inner SVG. External `xlink:href` on
|
|
1025
1025
|
* `<use>` / `<feImage>` refuses under `strict` (SSRF + XSS chain).
|
|
@@ -1042,13 +1042,13 @@ function sanitize(input, opts) {
|
|
|
1042
1042
|
*
|
|
1043
1043
|
* @example
|
|
1044
1044
|
* var g = b.guardSvg.gate({ profile: "strict" });
|
|
1045
|
-
* var verdict = await g({
|
|
1045
|
+
* var verdict = await g.check({
|
|
1046
1046
|
* bytes: Buffer.from('<svg><circle r="10"/></svg>', "utf8"),
|
|
1047
1047
|
* });
|
|
1048
1048
|
* verdict.action; // → "serve"
|
|
1049
1049
|
*
|
|
1050
1050
|
* // Refuses external xlink:href under strict:
|
|
1051
|
-
* var refuse = await g({
|
|
1051
|
+
* var refuse = await g.check({
|
|
1052
1052
|
* bytes: Buffer.from(
|
|
1053
1053
|
* '<svg><use xlink:href="https://evil.example/x.svg#a"/></svg>',
|
|
1054
1054
|
* "utf8"),
|
|
@@ -34,7 +34,7 @@
|
|
|
34
34
|
* Profiles: `strict` / `balanced` / `permissive`. Compliance
|
|
35
35
|
* postures: `hipaa` / `pci-dss` / `gdpr` / `soc2`. Operators
|
|
36
36
|
* select via `{ profile: "strict" }` or
|
|
37
|
-
* `{
|
|
37
|
+
* `{ compliancePosture: "hipaa" }`; postures overlay on top of the
|
|
38
38
|
* profile baseline. Jinja / ERB / Pug shape rejection holds at
|
|
39
39
|
* every profile — the SSTI class is never an operator opt-in.
|
|
40
40
|
*
|
|
@@ -237,7 +237,7 @@ function _detectIssues(input, opts) {
|
|
|
237
237
|
*
|
|
238
238
|
* @opts
|
|
239
239
|
* profile: "strict"|"balanced"|"permissive",
|
|
240
|
-
*
|
|
240
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
241
241
|
* bidiPolicy: "reject"|"audit"|"allow",
|
|
242
242
|
* controlPolicy: "reject"|"audit"|"allow",
|
|
243
243
|
* nullBytePolicy: "reject"|"audit"|"allow",
|
|
@@ -287,7 +287,7 @@ function validate(input, opts) {
|
|
|
287
287
|
*
|
|
288
288
|
* @opts
|
|
289
289
|
* profile: "strict"|"balanced"|"permissive",
|
|
290
|
-
*
|
|
290
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
291
291
|
* jinjaPolicy: "reject"|"audit"|"allow",
|
|
292
292
|
* erbPolicy: "reject"|"audit"|"allow",
|
|
293
293
|
* pugPolicy: "reject"|"audit"|"allow",
|
|
@@ -339,7 +339,7 @@ function sanitize(input, opts) {
|
|
|
339
339
|
*
|
|
340
340
|
* @opts
|
|
341
341
|
* profile: "strict"|"balanced"|"permissive",
|
|
342
|
-
*
|
|
342
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
343
343
|
* name: string, // override gate name in audit emissions
|
|
344
344
|
* jinjaPolicy: "reject"|"audit"|"allow",
|
|
345
345
|
* erbPolicy: "reject"|"audit"|"allow",
|
|
@@ -347,7 +347,7 @@ function _detectIssues(input, opts) {
|
|
|
347
347
|
*
|
|
348
348
|
* @opts
|
|
349
349
|
* profile: "strict"|"balanced"|"permissive",
|
|
350
|
-
*
|
|
350
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
351
351
|
* bidiPolicy: "reject"|"strip"|"audit"|"allow",
|
|
352
352
|
* controlPolicy: "reject"|"strip"|"allow",
|
|
353
353
|
* nullBytePolicy: "reject"|"strip"|"allow",
|
|
@@ -403,7 +403,7 @@ function validate(input, opts) {
|
|
|
403
403
|
*
|
|
404
404
|
* @opts
|
|
405
405
|
* profile: "strict"|"balanced"|"permissive",
|
|
406
|
-
*
|
|
406
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
407
407
|
* ...: same shape as b.guardTime.validate opts,
|
|
408
408
|
*
|
|
409
409
|
* @example
|
|
@@ -442,7 +442,7 @@ function sanitize(input, opts) {
|
|
|
442
442
|
* @compliance hipaa, pci-dss, gdpr, soc2
|
|
443
443
|
* @related b.guardTime.validate, b.guardTime.sanitize, b.guardAll.gate
|
|
444
444
|
*
|
|
445
|
-
* Build
|
|
445
|
+
* Build a guard gate whose async `check(ctx)` returns `{ ok, action, issues }`, consumable
|
|
446
446
|
* by `b.guardAll`, audit pipelines, scheduling primitives, and
|
|
447
447
|
* retention readers. The gate reads `ctx.identifier` (or
|
|
448
448
|
* `ctx.timestamp` / `ctx.time`), runs `validate`, and maps
|
|
@@ -452,15 +452,15 @@ function sanitize(input, opts) {
|
|
|
452
452
|
* @opts
|
|
453
453
|
* name: string, // gate label for audit / observability
|
|
454
454
|
* profile: "strict"|"balanced"|"permissive",
|
|
455
|
-
*
|
|
455
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
456
456
|
* ...: same shape as b.guardTime.validate opts,
|
|
457
457
|
*
|
|
458
458
|
* @example
|
|
459
459
|
* var g = b.guardTime.gate({ profile: "strict" });
|
|
460
|
-
* var rv = await g({ identifier: "2026-05-05T12:34:56Z" });
|
|
460
|
+
* var rv = await g.check({ identifier: "2026-05-05T12:34:56Z" });
|
|
461
461
|
* rv.action; // → "serve"
|
|
462
462
|
*
|
|
463
|
-
* var bad = await g({ identifier: "2026-05-05 12:34:56" });
|
|
463
|
+
* var bad = await g.check({ identifier: "2026-05-05 12:34:56" });
|
|
464
464
|
* bad.action; // → "refuse"
|
|
465
465
|
*/
|
|
466
466
|
function gate(opts) {
|
|
@@ -307,7 +307,7 @@ function _detectIssues(input, opts) {
|
|
|
307
307
|
*
|
|
308
308
|
* @opts
|
|
309
309
|
* profile: "strict"|"balanced"|"permissive",
|
|
310
|
-
*
|
|
310
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
311
311
|
* bidiPolicy: "reject"|"strip"|"audit"|"allow",
|
|
312
312
|
* controlPolicy: "reject"|"strip"|"allow",
|
|
313
313
|
* nullBytePolicy: "reject"|"strip"|"allow",
|
|
@@ -361,7 +361,7 @@ function validate(input, opts) {
|
|
|
361
361
|
*
|
|
362
362
|
* @opts
|
|
363
363
|
* profile: "strict"|"balanced"|"permissive",
|
|
364
|
-
*
|
|
364
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
365
365
|
* ...: same shape as b.guardUuid.validate opts,
|
|
366
366
|
*
|
|
367
367
|
* @example
|
|
@@ -406,7 +406,7 @@ function sanitize(input, opts) {
|
|
|
406
406
|
* @compliance hipaa, pci-dss, gdpr, soc2
|
|
407
407
|
* @related b.guardUuid.validate, b.guardUuid.sanitize, b.guardAll.gate
|
|
408
408
|
*
|
|
409
|
-
* Build
|
|
409
|
+
* Build a guard gate whose async `check(ctx)` returns `{ ok, action, issues }`, consumable
|
|
410
410
|
* by `b.guardAll`, ID validators, and any host that handles
|
|
411
411
|
* UUID-shaped tokens. The gate reads `ctx.identifier` (or
|
|
412
412
|
* `ctx.uuid`), runs `validate`, and maps severity to action: zero
|
|
@@ -416,15 +416,15 @@ function sanitize(input, opts) {
|
|
|
416
416
|
* @opts
|
|
417
417
|
* name: string, // gate label for audit / observability
|
|
418
418
|
* profile: "strict"|"balanced"|"permissive",
|
|
419
|
-
*
|
|
419
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
420
420
|
* ...: same shape as b.guardUuid.validate opts,
|
|
421
421
|
*
|
|
422
422
|
* @example
|
|
423
423
|
* var g = b.guardUuid.gate({ profile: "strict" });
|
|
424
|
-
* var rv = await g({ identifier: "550e8400-e29b-41d4-a716-446655440000" });
|
|
424
|
+
* var rv = await g.check({ identifier: "550e8400-e29b-41d4-a716-446655440000" });
|
|
425
425
|
* rv.action; // → "serve"
|
|
426
426
|
*
|
|
427
|
-
* var bad = await g({ identifier: "{550e8400-e29b-41d4-a716-446655440000}" });
|
|
427
|
+
* var bad = await g.check({ identifier: "{550e8400-e29b-41d4-a716-446655440000}" });
|
|
428
428
|
* bad.action; // → "refuse"
|
|
429
429
|
*/
|
|
430
430
|
function gate(opts) {
|
|
@@ -371,7 +371,7 @@ function _detectIssues(input, opts) {
|
|
|
371
371
|
*
|
|
372
372
|
* Inspect `input` (string of XML source) for the full guard-xml
|
|
373
373
|
* threat catalog without invoking a parser. Returns
|
|
374
|
-
* `{ ok, issues
|
|
374
|
+
* `{ ok, issues }` where `issues` enumerates every
|
|
375
375
|
* DOCTYPE declaration, `<!ENTITY>` definition (including parameter
|
|
376
376
|
* entities), SYSTEM/PUBLIC external-entity reference, XInclude
|
|
377
377
|
* directive, xsi:schemaLocation hint, processing instruction (after
|
|
@@ -388,7 +388,7 @@ function _detectIssues(input, opts) {
|
|
|
388
388
|
*
|
|
389
389
|
* @opts
|
|
390
390
|
* profile: "strict"|"balanced"|"permissive",
|
|
391
|
-
*
|
|
391
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
392
392
|
* doctypePolicy: "reject"|"audit"|"allow",
|
|
393
393
|
* entityPolicy: "reject"|"audit"|"allow",
|
|
394
394
|
* externalEntityPolicy: "reject"|"audit"|"allow",
|
|
@@ -455,7 +455,7 @@ function validate(input, opts) {
|
|
|
455
455
|
*
|
|
456
456
|
* @opts
|
|
457
457
|
* profile: "strict"|"balanced"|"permissive",
|
|
458
|
-
*
|
|
458
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
459
459
|
* bidiPolicy: "reject"|"strip"|"audit"|"allow",
|
|
460
460
|
* controlPolicy: "reject"|"strip"|"allow",
|
|
461
461
|
* nullBytePolicy: "reject"|"strip"|"allow",
|
|
@@ -514,7 +514,7 @@ function sanitize(input, opts) {
|
|
|
514
514
|
*
|
|
515
515
|
* @opts
|
|
516
516
|
* profile: "strict"|"balanced"|"permissive",
|
|
517
|
-
*
|
|
517
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
518
518
|
* name: string, // gate identity for audit / observability
|
|
519
519
|
*
|
|
520
520
|
* @example
|
|
@@ -58,7 +58,7 @@
|
|
|
58
58
|
*
|
|
59
59
|
* Profiles: `strict` / `balanced` / `permissive`. Compliance
|
|
60
60
|
* postures: `hipaa` / `pci-dss` / `gdpr` / `soc2`. Operators select
|
|
61
|
-
* via `{ profile: "strict" }` or `{
|
|
61
|
+
* via `{ profile: "strict" }` or `{ compliancePosture: "hipaa" }`;
|
|
62
62
|
* postures overlay on top of the profile baseline.
|
|
63
63
|
*
|
|
64
64
|
* @card
|
|
@@ -452,7 +452,7 @@ function _detectDuplicateKeysYaml(text) {
|
|
|
452
452
|
*
|
|
453
453
|
* Inspect `input` (string of YAML source) for the full guard-yaml
|
|
454
454
|
* threat catalog without committing to a parsed value. Returns
|
|
455
|
-
* `{ ok, issues
|
|
455
|
+
* `{ ok, issues }` where `issues` is the aggregated
|
|
456
456
|
* detector output — every dangerous-tag prefix, custom-tag use,
|
|
457
457
|
* anchor / alias amplification, multi-document split, Norway-
|
|
458
458
|
* problem implicit boolean, leading-zero octal, merge-key chain,
|
|
@@ -468,7 +468,7 @@ function _detectDuplicateKeysYaml(text) {
|
|
|
468
468
|
*
|
|
469
469
|
* @opts
|
|
470
470
|
* profile: "strict"|"balanced"|"permissive",
|
|
471
|
-
*
|
|
471
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
472
472
|
* tagPolicy: "reject"|"audit"|"allow",
|
|
473
473
|
* aliasPolicy: "reject"|"audit"|"allow",
|
|
474
474
|
* multiDocPolicy: "reject"|"audit"|"allow",
|
|
@@ -535,7 +535,7 @@ function validate(input, opts) {
|
|
|
535
535
|
*
|
|
536
536
|
* @opts
|
|
537
537
|
* profile: "strict"|"balanced"|"permissive",
|
|
538
|
-
*
|
|
538
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
539
539
|
* tagPolicy: "reject"|"audit"|"allow",
|
|
540
540
|
* aliasPolicy: "reject"|"audit"|"allow",
|
|
541
541
|
* maxBytes: number, maxDepth: number, maxNodes: number,
|
|
@@ -586,7 +586,7 @@ function parse(input, opts) {
|
|
|
586
586
|
*
|
|
587
587
|
* @opts
|
|
588
588
|
* profile: "strict"|"balanced"|"permissive",
|
|
589
|
-
*
|
|
589
|
+
* compliancePosture: "hipaa"|"pci-dss"|"gdpr"|"soc2",
|
|
590
590
|
* name: string, // gate identity for audit / observability
|
|
591
591
|
*
|
|
592
592
|
* @example
|
|
@@ -125,8 +125,9 @@ function _serParam(name, value) {
|
|
|
125
125
|
* Build an HTTP <code>Link</code> header value from an array of
|
|
126
126
|
* <code>{ uri, rel, params? }</code> (or a single such object). The URI
|
|
127
127
|
* is angle-bracketed, <code>rel</code> (string or array) is emitted
|
|
128
|
-
* first, and
|
|
129
|
-
*
|
|
128
|
+
* first, and every parameter value is double-quoted (always valid under
|
|
129
|
+
* RFC 8288, and required for space-separated multi-rel and media-type
|
|
130
|
+
* values like <code>text/html</code>). Useful for emitting standard REST
|
|
130
131
|
* pagination links.
|
|
131
132
|
*
|
|
132
133
|
* @example
|
|
@@ -156,8 +156,10 @@ var COMPOSE_HINT = Object.freeze({
|
|
|
156
156
|
* @related b.mailStore, b.mail.agent.consumer
|
|
157
157
|
*
|
|
158
158
|
* Create the agent facade. Returns an object with read / write / sieve
|
|
159
|
-
* / identity / mdn / export / import
|
|
160
|
-
* synchronous-shaped via promises; writes audit on completion.
|
|
159
|
+
* / identity / mdn / export / import methods. Reads stay
|
|
160
|
+
* synchronous-shaped via promises; writes audit on completion. (The
|
|
161
|
+
* queue consumer is the sibling export <code>b.mail.agent.consumer</code>,
|
|
162
|
+
* not a method on this object.)
|
|
161
163
|
*
|
|
162
164
|
* @opts
|
|
163
165
|
* store: b.mailStore instance, // required
|
|
@@ -34,8 +34,9 @@
|
|
|
34
34
|
* subjectAltName URI matches the BIMI domain, and confirms the
|
|
35
35
|
* cert carries the BIMI mark-verification policy OID
|
|
36
36
|
* (1.3.6.1.5.5.7.3.31). The verified mark is returned as
|
|
37
|
-
* { svg, evidenceDocument } pulled from RFC 3709
|
|
38
|
-
* when present
|
|
37
|
+
* { svg, evidenceDocument } — `svg` pulled from the RFC 3709
|
|
38
|
+
* logotype extension when present, `evidenceDocument` echoed from the
|
|
39
|
+
* operator-supplied opts.evidenceDocument.
|
|
39
40
|
*
|
|
40
41
|
* `validateTinyPsSvg` enforces the AuthIndicators-WG Tiny PS subset:
|
|
41
42
|
* single root <svg>, version="1.2", baseProfile="tiny-ps", viewBox
|
|
@@ -57,19 +57,15 @@
|
|
|
57
57
|
* to a known operator key rather than trusting any key that
|
|
58
58
|
* happens to match the signature.
|
|
59
59
|
*
|
|
60
|
-
*
|
|
60
|
+
* Now live (promoted to the stable top-level surface in v0.11.32):
|
|
61
61
|
* - In-process encrypt + decrypt (Message Encrypted Session Key +
|
|
62
62
|
* Symmetrically Encrypted Integrity Protected Data packets,
|
|
63
|
-
* RFC 9580 §5.1 / §5.13)
|
|
64
|
-
*
|
|
65
|
-
*
|
|
66
|
-
* substrate
|
|
67
|
-
*
|
|
68
|
-
*
|
|
69
|
-
* on-each-side across two patches. Cheap escape hatch (pre-
|
|
70
|
-
* v0.10.14): operators wire a third-party OpenPGP library in
|
|
71
|
-
* their own consumer code and call this module's sign() /
|
|
72
|
-
* verify() on the resulting cleartext blob.
|
|
63
|
+
* RFC 9580 §5.1 / §5.13) as `b.mail.crypto.pgp.encrypt` /
|
|
64
|
+
* `.decrypt`, and WKD key discovery (draft-koch-openpgp-webkey-
|
|
65
|
+
* service) as `b.mail.crypto.pgp.wkd` — all on the same `b.cms`
|
|
66
|
+
* substrate that backs S/MIME sign/verify.
|
|
67
|
+
*
|
|
68
|
+
* Deferred (with the documented condition for opting in):
|
|
73
69
|
* - v6 signature packets (RFC 9580 §5.2.3, packet version 6 with
|
|
74
70
|
* SHA2-512 fingerprints and salted hashes). Defer condition: v6
|
|
75
71
|
* is not yet emitted by GnuPG 2.4 LTS or by Sequoia stable, so
|
|
@@ -670,14 +670,15 @@ function _wrapBase64(s) {
|
|
|
670
670
|
* Operator-side cert preflight that lights up at boot: refuses
|
|
671
671
|
* SHA-1 / MD5 signatures, RSA keys < 2048 bits, MD2 / MD5 / SHA-1
|
|
672
672
|
* as the certificate-signature algorithm. Returns the parsed cert
|
|
673
|
-
* shape
|
|
674
|
-
*
|
|
675
|
-
*
|
|
676
|
-
* the cert is outside its
|
|
673
|
+
* shape: the full subject / issuer DN strings, the validity window,
|
|
674
|
+
* the signature algorithm (name + OID), the key type, and the SHA-256
|
|
675
|
+
* fingerprint. Throws `mail-crypto/smime/bad-cert` on any of the above;
|
|
676
|
+
* throws `mail-crypto/smime/expired-cert` if the cert is outside its
|
|
677
|
+
* validity window.
|
|
677
678
|
*
|
|
678
679
|
* @example
|
|
679
680
|
* var info = b.mail.crypto.smime.checkCert({ certPem: pem });
|
|
680
|
-
* // → {
|
|
681
|
+
* // → { subject, issuer, validFrom, validTo, sigAlgName, sigAlgOid, keyType, fingerprint256 }
|
|
681
682
|
*/
|
|
682
683
|
function checkCert(opts) {
|
|
683
684
|
opts = validateOpts.requireObject(opts, "mail.crypto.smime.checkCert",
|
|
@@ -22,11 +22,11 @@
|
|
|
22
22
|
* (pub-alg 1, EMSA-PKCS1-v1_5 + SHA-256, 2048-bit floor per
|
|
23
23
|
* RFC 8301).
|
|
24
24
|
* - `b.mail.crypto.smime` — S/MIME 4.0 per RFC 8551 with CMS
|
|
25
|
-
* SignedData per RFC 5652.
|
|
26
|
-
*
|
|
27
|
-
*
|
|
28
|
-
* the
|
|
29
|
-
*
|
|
25
|
+
* SignedData per RFC 5652. Surface: sign() + verify() + verifyAll()
|
|
26
|
+
* (built on the `b.cms` substrate — digest recompute + timing-safe
|
|
27
|
+
* compare + PQC signature verify + X.509 chain walk) plus
|
|
28
|
+
* checkCert(), the operator-side preflight that refuses SHA-1 /
|
|
29
|
+
* MD5 / < 2048-bit RSA certs at boot.
|
|
30
30
|
*
|
|
31
31
|
* Both sub-namespaces share `MailCryptoError` (FrameworkError
|
|
32
32
|
* subclass via defineClass with alwaysPermanent: true) so operator
|
|
@@ -90,8 +90,9 @@ var DEFAULT_FOLDERS = Object.freeze([
|
|
|
90
90
|
* @related b.safeMime, b.guardMessageId, b.cryptoField
|
|
91
91
|
*
|
|
92
92
|
* Build a mail-store handle. Returns an object with `appendMessage` /
|
|
93
|
-
* `fetchByObjectId` / `
|
|
94
|
-
* `
|
|
93
|
+
* `fetchByObjectId` / `search` / `queryByModseq` / `setFlags` /
|
|
94
|
+
* `createFolder` / `listFolders` / `threadFor` / `quota` /
|
|
95
|
+
* `moveMessages` / `setLegalHold` / `hardExpunge`.
|
|
95
96
|
*
|
|
96
97
|
* @opts
|
|
97
98
|
* backend: object, // required — sqlite-shaped { prepare(sql) → { run, get, all }, transaction(fn) }
|