@blamejs/blamejs-shop 0.3.4 → 0.3.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (354) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/lib/admin.js +428 -6
  3. package/lib/asset-manifest.json +1 -1
  4. package/lib/vendor/MANIFEST.json +3 -3
  5. package/lib/vendor/blamejs/CHANGELOG.md +14 -0
  6. package/lib/vendor/blamejs/api-snapshot.json +2 -2
  7. package/lib/vendor/blamejs/lib/_test/crypto-fixtures.js +3 -3
  8. package/lib/vendor/blamejs/lib/a2a-tasks.js +24 -24
  9. package/lib/vendor/blamejs/lib/a2a.js +4 -4
  10. package/lib/vendor/blamejs/lib/acme.js +3 -3
  11. package/lib/vendor/blamejs/lib/agent-idempotency.js +1 -1
  12. package/lib/vendor/blamejs/lib/agent-orchestrator.js +8 -8
  13. package/lib/vendor/blamejs/lib/agent-posture-chain.js +2 -2
  14. package/lib/vendor/blamejs/lib/agent-saga.js +1 -1
  15. package/lib/vendor/blamejs/lib/agent-snapshot.js +1 -1
  16. package/lib/vendor/blamejs/lib/agent-stream.js +1 -1
  17. package/lib/vendor/blamejs/lib/agent-tenant.js +1 -1
  18. package/lib/vendor/blamejs/lib/agent-trace.js +3 -3
  19. package/lib/vendor/blamejs/lib/ai-capability.js +1 -1
  20. package/lib/vendor/blamejs/lib/ai-dp.js +4 -4
  21. package/lib/vendor/blamejs/lib/ai-input.js +4 -4
  22. package/lib/vendor/blamejs/lib/ai-model-manifest.js +7 -7
  23. package/lib/vendor/blamejs/lib/ai-pref.js +3 -3
  24. package/lib/vendor/blamejs/lib/archive-gz.js +2 -2
  25. package/lib/vendor/blamejs/lib/archive-read.js +25 -25
  26. package/lib/vendor/blamejs/lib/archive-tar-read.js +2 -2
  27. package/lib/vendor/blamejs/lib/archive-tar.js +20 -20
  28. package/lib/vendor/blamejs/lib/archive-wrap.js +10 -10
  29. package/lib/vendor/blamejs/lib/argon2-builtin.js +1 -1
  30. package/lib/vendor/blamejs/lib/asn1-der.js +45 -34
  31. package/lib/vendor/blamejs/lib/atomic-file.js +2 -2
  32. package/lib/vendor/blamejs/lib/audit-daily-review.js +3 -3
  33. package/lib/vendor/blamejs/lib/audit-sign.js +5 -5
  34. package/lib/vendor/blamejs/lib/audit-tools.js +1 -1
  35. package/lib/vendor/blamejs/lib/audit.js +2 -2
  36. package/lib/vendor/blamejs/lib/auth/acr-vocabulary.js +2 -2
  37. package/lib/vendor/blamejs/lib/auth/bot-challenge.js +3 -3
  38. package/lib/vendor/blamejs/lib/auth/ciba.js +7 -7
  39. package/lib/vendor/blamejs/lib/auth/dpop.js +3 -3
  40. package/lib/vendor/blamejs/lib/auth/fido-mds3.js +8 -8
  41. package/lib/vendor/blamejs/lib/auth/jar.js +11 -0
  42. package/lib/vendor/blamejs/lib/auth/jwt-external.js +5 -5
  43. package/lib/vendor/blamejs/lib/auth/oauth.js +7 -9
  44. package/lib/vendor/blamejs/lib/auth/oid4vci.js +10 -10
  45. package/lib/vendor/blamejs/lib/auth/oid4vp.js +2 -2
  46. package/lib/vendor/blamejs/lib/auth/openid-federation.js +2 -2
  47. package/lib/vendor/blamejs/lib/auth/passkey.js +3 -3
  48. package/lib/vendor/blamejs/lib/auth/saml.js +31 -43
  49. package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-disclosure.js +1 -1
  50. package/lib/vendor/blamejs/lib/auth/sd-jwt-vc.js +5 -5
  51. package/lib/vendor/blamejs/lib/auth/status-list.js +10 -10
  52. package/lib/vendor/blamejs/lib/auth/step-up.js +1 -1
  53. package/lib/vendor/blamejs/lib/auth-bot-challenge.js +1 -1
  54. package/lib/vendor/blamejs/lib/backup/index.js +7 -7
  55. package/lib/vendor/blamejs/lib/base32.js +8 -8
  56. package/lib/vendor/blamejs/lib/budr.js +2 -2
  57. package/lib/vendor/blamejs/lib/cache-status.js +2 -2
  58. package/lib/vendor/blamejs/lib/calendar.js +29 -29
  59. package/lib/vendor/blamejs/lib/cbor.js +12 -12
  60. package/lib/vendor/blamejs/lib/cdn-cache-control.js +1 -1
  61. package/lib/vendor/blamejs/lib/cert.js +5 -5
  62. package/lib/vendor/blamejs/lib/cloud-events.js +5 -5
  63. package/lib/vendor/blamejs/lib/cms-codec.js +21 -21
  64. package/lib/vendor/blamejs/lib/codepoint-class.js +12 -12
  65. package/lib/vendor/blamejs/lib/compliance-sanctions-fuzzy.js +4 -4
  66. package/lib/vendor/blamejs/lib/compliance-sanctions.js +4 -4
  67. package/lib/vendor/blamejs/lib/compliance.js +29 -29
  68. package/lib/vendor/blamejs/lib/content-credentials.js +38 -38
  69. package/lib/vendor/blamejs/lib/cookies.js +1 -1
  70. package/lib/vendor/blamejs/lib/cose.js +13 -13
  71. package/lib/vendor/blamejs/lib/cra-report.js +1 -1
  72. package/lib/vendor/blamejs/lib/crdt.js +1 -1
  73. package/lib/vendor/blamejs/lib/crypto-field.js +2 -2
  74. package/lib/vendor/blamejs/lib/crypto-xwing.js +7 -7
  75. package/lib/vendor/blamejs/lib/crypto.js +6 -6
  76. package/lib/vendor/blamejs/lib/csp.js +2 -2
  77. package/lib/vendor/blamejs/lib/cwt.js +4 -4
  78. package/lib/vendor/blamejs/lib/dark-patterns.js +2 -2
  79. package/lib/vendor/blamejs/lib/data-act.js +2 -2
  80. package/lib/vendor/blamejs/lib/db-file-lifecycle.js +4 -4
  81. package/lib/vendor/blamejs/lib/db-query.js +1 -1
  82. package/lib/vendor/blamejs/lib/db.js +6 -6
  83. package/lib/vendor/blamejs/lib/dbsc.js +13 -13
  84. package/lib/vendor/blamejs/lib/did.js +17 -17
  85. package/lib/vendor/blamejs/lib/dora.js +4 -4
  86. package/lib/vendor/blamejs/lib/dsr.js +1 -1
  87. package/lib/vendor/blamejs/lib/early-hints.js +2 -2
  88. package/lib/vendor/blamejs/lib/eat.js +4 -4
  89. package/lib/vendor/blamejs/lib/external-db-migrate.js +1 -1
  90. package/lib/vendor/blamejs/lib/external-db.js +1 -1
  91. package/lib/vendor/blamejs/lib/flag-cache.js +1 -1
  92. package/lib/vendor/blamejs/lib/flag-evaluation-context.js +2 -2
  93. package/lib/vendor/blamejs/lib/graphql-federation.js +13 -6
  94. package/lib/vendor/blamejs/lib/guard-agent-registry.js +5 -5
  95. package/lib/vendor/blamejs/lib/guard-archive.js +24 -24
  96. package/lib/vendor/blamejs/lib/guard-cidr.js +34 -34
  97. package/lib/vendor/blamejs/lib/guard-csv.js +1 -1
  98. package/lib/vendor/blamejs/lib/guard-domain.js +10 -10
  99. package/lib/vendor/blamejs/lib/guard-dsn.js +4 -4
  100. package/lib/vendor/blamejs/lib/guard-email.js +19 -19
  101. package/lib/vendor/blamejs/lib/guard-event-bus-payload.js +4 -4
  102. package/lib/vendor/blamejs/lib/guard-event-bus-topic.js +6 -6
  103. package/lib/vendor/blamejs/lib/guard-filename.js +7 -7
  104. package/lib/vendor/blamejs/lib/guard-graphql.js +9 -9
  105. package/lib/vendor/blamejs/lib/guard-html-wcag-tagwalk.js +1 -1
  106. package/lib/vendor/blamejs/lib/guard-html-wcag.js +4 -4
  107. package/lib/vendor/blamejs/lib/guard-html.js +7 -7
  108. package/lib/vendor/blamejs/lib/guard-idempotency-key.js +6 -6
  109. package/lib/vendor/blamejs/lib/guard-image.js +4 -4
  110. package/lib/vendor/blamejs/lib/guard-imap-command.js +17 -17
  111. package/lib/vendor/blamejs/lib/guard-jmap.js +20 -20
  112. package/lib/vendor/blamejs/lib/guard-json.js +12 -12
  113. package/lib/vendor/blamejs/lib/guard-jsonpath.js +3 -3
  114. package/lib/vendor/blamejs/lib/guard-jwt.js +4 -4
  115. package/lib/vendor/blamejs/lib/guard-list-id.js +7 -7
  116. package/lib/vendor/blamejs/lib/guard-list-unsubscribe.js +8 -8
  117. package/lib/vendor/blamejs/lib/guard-mail-compose.js +4 -4
  118. package/lib/vendor/blamejs/lib/guard-mail-move.js +5 -5
  119. package/lib/vendor/blamejs/lib/guard-mail-query.js +3 -3
  120. package/lib/vendor/blamejs/lib/guard-mail-reply.js +3 -3
  121. package/lib/vendor/blamejs/lib/guard-mail-sieve.js +6 -6
  122. package/lib/vendor/blamejs/lib/guard-managesieve-command.js +25 -25
  123. package/lib/vendor/blamejs/lib/guard-markdown.js +31 -31
  124. package/lib/vendor/blamejs/lib/guard-message-id.js +5 -5
  125. package/lib/vendor/blamejs/lib/guard-mime.js +1 -1
  126. package/lib/vendor/blamejs/lib/guard-oauth.js +3 -3
  127. package/lib/vendor/blamejs/lib/guard-pdf.js +6 -6
  128. package/lib/vendor/blamejs/lib/guard-pop3-command.js +11 -11
  129. package/lib/vendor/blamejs/lib/guard-posture-chain.js +5 -5
  130. package/lib/vendor/blamejs/lib/guard-regex.js +10 -10
  131. package/lib/vendor/blamejs/lib/guard-saga-config.js +5 -5
  132. package/lib/vendor/blamejs/lib/guard-smtp-command.js +6 -6
  133. package/lib/vendor/blamejs/lib/guard-snapshot-envelope.js +3 -3
  134. package/lib/vendor/blamejs/lib/guard-stream-args.js +4 -4
  135. package/lib/vendor/blamejs/lib/guard-svg.js +11 -11
  136. package/lib/vendor/blamejs/lib/guard-tenant-id.js +5 -5
  137. package/lib/vendor/blamejs/lib/guard-time.js +15 -15
  138. package/lib/vendor/blamejs/lib/guard-trace-context.js +4 -4
  139. package/lib/vendor/blamejs/lib/guard-uuid.js +11 -11
  140. package/lib/vendor/blamejs/lib/guard-xml.js +12 -12
  141. package/lib/vendor/blamejs/lib/guard-yaml.js +16 -16
  142. package/lib/vendor/blamejs/lib/honeytoken.js +5 -5
  143. package/lib/vendor/blamejs/lib/http-client-cache.js +18 -1
  144. package/lib/vendor/blamejs/lib/http-client.js +13 -10
  145. package/lib/vendor/blamejs/lib/http-message-signature.js +2 -2
  146. package/lib/vendor/blamejs/lib/iab-mspa.js +3 -3
  147. package/lib/vendor/blamejs/lib/iab-tcf.js +70 -70
  148. package/lib/vendor/blamejs/lib/inbox.js +4 -4
  149. package/lib/vendor/blamejs/lib/ip-utils.js +15 -15
  150. package/lib/vendor/blamejs/lib/jose-jwe-experimental.js +2 -2
  151. package/lib/vendor/blamejs/lib/json-path.js +3 -3
  152. package/lib/vendor/blamejs/lib/json-schema.js +1 -1
  153. package/lib/vendor/blamejs/lib/jsonapi.js +3 -3
  154. package/lib/vendor/blamejs/lib/jtd.js +2 -2
  155. package/lib/vendor/blamejs/lib/link-header.js +1 -1
  156. package/lib/vendor/blamejs/lib/local-db-thin.js +1 -1
  157. package/lib/vendor/blamejs/lib/log.js +8 -3
  158. package/lib/vendor/blamejs/lib/lro.js +4 -4
  159. package/lib/vendor/blamejs/lib/mail-agent.js +1 -1
  160. package/lib/vendor/blamejs/lib/mail-arc-sign.js +6 -6
  161. package/lib/vendor/blamejs/lib/mail-auth.js +44 -44
  162. package/lib/vendor/blamejs/lib/mail-bimi.js +3 -3
  163. package/lib/vendor/blamejs/lib/mail-crypto-pgp.js +53 -45
  164. package/lib/vendor/blamejs/lib/mail-crypto-smime.js +6 -6
  165. package/lib/vendor/blamejs/lib/mail-dav.js +1 -1
  166. package/lib/vendor/blamejs/lib/mail-deploy.js +40 -40
  167. package/lib/vendor/blamejs/lib/mail-dkim.js +12 -12
  168. package/lib/vendor/blamejs/lib/mail-greylist.js +12 -12
  169. package/lib/vendor/blamejs/lib/mail-helo.js +1 -1
  170. package/lib/vendor/blamejs/lib/mail-journal.js +8 -8
  171. package/lib/vendor/blamejs/lib/mail-rbl.js +7 -7
  172. package/lib/vendor/blamejs/lib/mail-scan.js +7 -7
  173. package/lib/vendor/blamejs/lib/mail-send-deliver.js +2 -2
  174. package/lib/vendor/blamejs/lib/mail-server-imap.js +12 -12
  175. package/lib/vendor/blamejs/lib/mail-server-jmap.js +18 -20
  176. package/lib/vendor/blamejs/lib/mail-server-managesieve.js +4 -4
  177. package/lib/vendor/blamejs/lib/mail-server-mx.js +17 -17
  178. package/lib/vendor/blamejs/lib/mail-server-pop3.js +4 -4
  179. package/lib/vendor/blamejs/lib/mail-server-rate-limit.js +2 -2
  180. package/lib/vendor/blamejs/lib/mail-server-submission.js +21 -21
  181. package/lib/vendor/blamejs/lib/mail-sieve.js +2 -2
  182. package/lib/vendor/blamejs/lib/mail-spam-score.js +5 -5
  183. package/lib/vendor/blamejs/lib/mail-srs.js +12 -12
  184. package/lib/vendor/blamejs/lib/mail-store-fts.js +2 -2
  185. package/lib/vendor/blamejs/lib/mail-store.js +8 -8
  186. package/lib/vendor/blamejs/lib/mail-unsubscribe.js +4 -4
  187. package/lib/vendor/blamejs/lib/mail.js +4 -4
  188. package/lib/vendor/blamejs/lib/mcp-tool-registry.js +4 -4
  189. package/lib/vendor/blamejs/lib/mcp.js +15 -15
  190. package/lib/vendor/blamejs/lib/mdoc.js +2 -2
  191. package/lib/vendor/blamejs/lib/metrics.js +8 -8
  192. package/lib/vendor/blamejs/lib/middleware/age-gate.js +15 -3
  193. package/lib/vendor/blamejs/lib/middleware/ai-act-disclosure.js +11 -4
  194. package/lib/vendor/blamejs/lib/middleware/api-encrypt.js +7 -7
  195. package/lib/vendor/blamejs/lib/middleware/assetlinks.js +2 -2
  196. package/lib/vendor/blamejs/lib/middleware/asyncapi-serve.js +2 -2
  197. package/lib/vendor/blamejs/lib/middleware/bearer-auth.js +5 -5
  198. package/lib/vendor/blamejs/lib/middleware/body-parser.js +5 -5
  199. package/lib/vendor/blamejs/lib/middleware/compose-pipeline.js +16 -16
  200. package/lib/vendor/blamejs/lib/middleware/csp-report.js +4 -4
  201. package/lib/vendor/blamejs/lib/middleware/daily-byte-quota.js +1 -1
  202. package/lib/vendor/blamejs/lib/middleware/dpop.js +1 -1
  203. package/lib/vendor/blamejs/lib/middleware/headers.js +2 -2
  204. package/lib/vendor/blamejs/lib/middleware/host-allowlist.js +1 -1
  205. package/lib/vendor/blamejs/lib/middleware/idempotency-key.js +12 -12
  206. package/lib/vendor/blamejs/lib/middleware/nel.js +1 -1
  207. package/lib/vendor/blamejs/lib/middleware/openapi-serve.js +2 -2
  208. package/lib/vendor/blamejs/lib/middleware/protected-resource-metadata.js +2 -2
  209. package/lib/vendor/blamejs/lib/middleware/rate-limit.js +14 -5
  210. package/lib/vendor/blamejs/lib/middleware/require-aal.js +1 -1
  211. package/lib/vendor/blamejs/lib/middleware/require-bound-key.js +2 -2
  212. package/lib/vendor/blamejs/lib/middleware/require-content-type.js +1 -1
  213. package/lib/vendor/blamejs/lib/middleware/require-methods.js +1 -1
  214. package/lib/vendor/blamejs/lib/middleware/require-step-up.js +2 -2
  215. package/lib/vendor/blamejs/lib/middleware/scim-server.js +1 -1
  216. package/lib/vendor/blamejs/lib/middleware/security-txt.js +3 -3
  217. package/lib/vendor/blamejs/lib/middleware/sse.js +14 -8
  218. package/lib/vendor/blamejs/lib/middleware/tus-upload.js +12 -12
  219. package/lib/vendor/blamejs/lib/middleware/web-app-manifest.js +2 -2
  220. package/lib/vendor/blamejs/lib/network-byte-quota.js +1 -1
  221. package/lib/vendor/blamejs/lib/network-dns-resolver.js +23 -23
  222. package/lib/vendor/blamejs/lib/network-dns.js +29 -29
  223. package/lib/vendor/blamejs/lib/network-dnssec.js +33 -33
  224. package/lib/vendor/blamejs/lib/network-smtp-policy.js +10 -10
  225. package/lib/vendor/blamejs/lib/network-tls.js +100 -98
  226. package/lib/vendor/blamejs/lib/network-tsig.js +33 -33
  227. package/lib/vendor/blamejs/lib/nis2-report.js +1 -1
  228. package/lib/vendor/blamejs/lib/ntp-check.js +3 -3
  229. package/lib/vendor/blamejs/lib/observability-otlp-exporter.js +17 -17
  230. package/lib/vendor/blamejs/lib/observability-tracer.js +6 -6
  231. package/lib/vendor/blamejs/lib/observability.js +8 -8
  232. package/lib/vendor/blamejs/lib/openapi-yaml.js +1 -1
  233. package/lib/vendor/blamejs/lib/openapi.js +1 -1
  234. package/lib/vendor/blamejs/lib/outbox.js +6 -6
  235. package/lib/vendor/blamejs/lib/pqc-agent.js +4 -4
  236. package/lib/vendor/blamejs/lib/pqc-software.js +1 -1
  237. package/lib/vendor/blamejs/lib/privacy-pass.js +5 -5
  238. package/lib/vendor/blamejs/lib/problem-details.js +5 -5
  239. package/lib/vendor/blamejs/lib/promise-pool.js +1 -1
  240. package/lib/vendor/blamejs/lib/protobuf-encoder.js +9 -1
  241. package/lib/vendor/blamejs/lib/queue.js +4 -2
  242. package/lib/vendor/blamejs/lib/redact.js +2 -2
  243. package/lib/vendor/blamejs/lib/request-helpers.js +1 -1
  244. package/lib/vendor/blamejs/lib/router.js +10 -10
  245. package/lib/vendor/blamejs/lib/safe-async.js +2 -2
  246. package/lib/vendor/blamejs/lib/safe-decompress.js +1 -1
  247. package/lib/vendor/blamejs/lib/safe-dns.js +71 -71
  248. package/lib/vendor/blamejs/lib/safe-ical.js +19 -19
  249. package/lib/vendor/blamejs/lib/safe-icap.js +24 -24
  250. package/lib/vendor/blamejs/lib/safe-jsonpath.js +2 -2
  251. package/lib/vendor/blamejs/lib/safe-mime.js +10 -10
  252. package/lib/vendor/blamejs/lib/safe-mount-info.js +3 -3
  253. package/lib/vendor/blamejs/lib/safe-redirect.js +1 -1
  254. package/lib/vendor/blamejs/lib/safe-sieve.js +23 -23
  255. package/lib/vendor/blamejs/lib/safe-smtp.js +1 -1
  256. package/lib/vendor/blamejs/lib/safe-url.js +1 -1
  257. package/lib/vendor/blamejs/lib/safe-vcard.js +14 -14
  258. package/lib/vendor/blamejs/lib/sandbox.js +5 -5
  259. package/lib/vendor/blamejs/lib/sec-cyber.js +1 -1
  260. package/lib/vendor/blamejs/lib/self-update-standalone-verifier.js +3 -3
  261. package/lib/vendor/blamejs/lib/self-update.js +3 -3
  262. package/lib/vendor/blamejs/lib/server-timing.js +3 -3
  263. package/lib/vendor/blamejs/lib/session-device-binding.js +7 -7
  264. package/lib/vendor/blamejs/lib/session.js +8 -8
  265. package/lib/vendor/blamejs/lib/sse.js +12 -5
  266. package/lib/vendor/blamejs/lib/standard-webhooks.js +4 -4
  267. package/lib/vendor/blamejs/lib/storage.js +2 -2
  268. package/lib/vendor/blamejs/lib/stream-throttle.js +3 -3
  269. package/lib/vendor/blamejs/lib/structured-fields.js +15 -15
  270. package/lib/vendor/blamejs/lib/subject.js +1 -1
  271. package/lib/vendor/blamejs/lib/tcpa-10dlc.js +1 -1
  272. package/lib/vendor/blamejs/lib/tenant-quota.js +3 -3
  273. package/lib/vendor/blamejs/lib/test-harness.js +1 -1
  274. package/lib/vendor/blamejs/lib/tracing.js +1 -1
  275. package/lib/vendor/blamejs/lib/tsa.js +5 -5
  276. package/lib/vendor/blamejs/lib/uri-template.js +5 -5
  277. package/lib/vendor/blamejs/lib/vault/index.js +2 -2
  278. package/lib/vendor/blamejs/lib/vault/seal-pem-file.js +4 -4
  279. package/lib/vendor/blamejs/lib/vc.js +2 -2
  280. package/lib/vendor/blamejs/lib/vendor-data.js +1 -1
  281. package/lib/vendor/blamejs/lib/watcher.js +4 -4
  282. package/lib/vendor/blamejs/lib/web-push-vapid.js +21 -21
  283. package/lib/vendor/blamejs/lib/webhook.js +2 -2
  284. package/lib/vendor/blamejs/lib/websocket.js +5 -5
  285. package/lib/vendor/blamejs/lib/worker-pool.js +3 -3
  286. package/lib/vendor/blamejs/lib/ws-client.js +24 -24
  287. package/lib/vendor/blamejs/lib/xml-c14n.js +2 -2
  288. package/lib/vendor/blamejs/package.json +1 -1
  289. package/lib/vendor/blamejs/release-notes/v0.13.x.json +1248 -0
  290. package/lib/vendor/blamejs/release-notes/v0.14.0.json +43 -0
  291. package/lib/vendor/blamejs/release-notes/v0.14.1.json +60 -0
  292. package/lib/vendor/blamejs/release-notes/v0.14.2.json +18 -0
  293. package/lib/vendor/blamejs/release-notes/v0.14.3.json +18 -0
  294. package/lib/vendor/blamejs/release-notes/v0.14.4.json +18 -0
  295. package/lib/vendor/blamejs/release-notes/v0.14.5.json +18 -0
  296. package/lib/vendor/blamejs/test/00-primitives.js +15 -0
  297. package/lib/vendor/blamejs/test/layer-0-primitives/age-gate.test.js +22 -0
  298. package/lib/vendor/blamejs/test/layer-0-primitives/auth-jar.test.js +29 -0
  299. package/lib/vendor/blamejs/test/layer-0-primitives/codebase-patterns.test.js +105 -9
  300. package/lib/vendor/blamejs/test/layer-0-primitives/compliance-ai-act.test.js +15 -0
  301. package/lib/vendor/blamejs/test/layer-0-primitives/graphql-federation.test.js +10 -0
  302. package/lib/vendor/blamejs/test/layer-0-primitives/http-client-cache.test.js +12 -0
  303. package/lib/vendor/blamejs/test/layer-0-primitives/mail-crypto-pgp.test.js +7 -0
  304. package/lib/vendor/blamejs/test/layer-0-primitives/network-tls.test.js +11 -5
  305. package/lib/vendor/blamejs/test/layer-0-primitives/rate-limit-registry.test.js +34 -0
  306. package/lib/vendor/blamejs/test/layer-0-primitives/sse.test.js +12 -0
  307. package/package.json +1 -1
  308. package/lib/vendor/blamejs/release-notes/v0.13.0.json +0 -22
  309. package/lib/vendor/blamejs/release-notes/v0.13.1.json +0 -18
  310. package/lib/vendor/blamejs/release-notes/v0.13.10.json +0 -44
  311. package/lib/vendor/blamejs/release-notes/v0.13.11.json +0 -27
  312. package/lib/vendor/blamejs/release-notes/v0.13.12.json +0 -36
  313. package/lib/vendor/blamejs/release-notes/v0.13.13.json +0 -18
  314. package/lib/vendor/blamejs/release-notes/v0.13.14.json +0 -22
  315. package/lib/vendor/blamejs/release-notes/v0.13.15.json +0 -27
  316. package/lib/vendor/blamejs/release-notes/v0.13.16.json +0 -27
  317. package/lib/vendor/blamejs/release-notes/v0.13.17.json +0 -27
  318. package/lib/vendor/blamejs/release-notes/v0.13.18.json +0 -18
  319. package/lib/vendor/blamejs/release-notes/v0.13.19.json +0 -27
  320. package/lib/vendor/blamejs/release-notes/v0.13.2.json +0 -27
  321. package/lib/vendor/blamejs/release-notes/v0.13.20.json +0 -22
  322. package/lib/vendor/blamejs/release-notes/v0.13.21.json +0 -18
  323. package/lib/vendor/blamejs/release-notes/v0.13.22.json +0 -18
  324. package/lib/vendor/blamejs/release-notes/v0.13.23.json +0 -42
  325. package/lib/vendor/blamejs/release-notes/v0.13.24.json +0 -26
  326. package/lib/vendor/blamejs/release-notes/v0.13.25.json +0 -39
  327. package/lib/vendor/blamejs/release-notes/v0.13.26.json +0 -31
  328. package/lib/vendor/blamejs/release-notes/v0.13.27.json +0 -34
  329. package/lib/vendor/blamejs/release-notes/v0.13.28.json +0 -30
  330. package/lib/vendor/blamejs/release-notes/v0.13.29.json +0 -30
  331. package/lib/vendor/blamejs/release-notes/v0.13.3.json +0 -18
  332. package/lib/vendor/blamejs/release-notes/v0.13.30.json +0 -30
  333. package/lib/vendor/blamejs/release-notes/v0.13.31.json +0 -26
  334. package/lib/vendor/blamejs/release-notes/v0.13.32.json +0 -34
  335. package/lib/vendor/blamejs/release-notes/v0.13.33.json +0 -26
  336. package/lib/vendor/blamejs/release-notes/v0.13.34.json +0 -48
  337. package/lib/vendor/blamejs/release-notes/v0.13.35.json +0 -35
  338. package/lib/vendor/blamejs/release-notes/v0.13.36.json +0 -27
  339. package/lib/vendor/blamejs/release-notes/v0.13.37.json +0 -18
  340. package/lib/vendor/blamejs/release-notes/v0.13.38.json +0 -27
  341. package/lib/vendor/blamejs/release-notes/v0.13.39.json +0 -27
  342. package/lib/vendor/blamejs/release-notes/v0.13.4.json +0 -23
  343. package/lib/vendor/blamejs/release-notes/v0.13.40.json +0 -22
  344. package/lib/vendor/blamejs/release-notes/v0.13.41.json +0 -27
  345. package/lib/vendor/blamejs/release-notes/v0.13.42.json +0 -18
  346. package/lib/vendor/blamejs/release-notes/v0.13.43.json +0 -39
  347. package/lib/vendor/blamejs/release-notes/v0.13.44.json +0 -31
  348. package/lib/vendor/blamejs/release-notes/v0.13.45.json +0 -31
  349. package/lib/vendor/blamejs/release-notes/v0.13.46.json +0 -35
  350. package/lib/vendor/blamejs/release-notes/v0.13.5.json +0 -18
  351. package/lib/vendor/blamejs/release-notes/v0.13.6.json +0 -18
  352. package/lib/vendor/blamejs/release-notes/v0.13.7.json +0 -27
  353. package/lib/vendor/blamejs/release-notes/v0.13.8.json +0 -27
  354. package/lib/vendor/blamejs/release-notes/v0.13.9.json +0 -27
@@ -62,17 +62,17 @@ var A2aTasksError = defineClass("A2aTasksError", { alwaysPermanent: true });
62
62
  var JSONRPC_VERSION = "2.0";
63
63
 
64
64
  // JSON-RPC 2.0 fixed error codes — A2A inherits these.
65
- var JSONRPC_PARSE_ERROR = -32700; // allow:raw-byte-literal — JSON-RPC fixed code / allow:raw-time-literal — not seconds
66
- var JSONRPC_INVALID_REQUEST = -32600; // allow:raw-byte-literal — JSON-RPC fixed code / allow:raw-time-literal — not seconds
67
- var JSONRPC_METHOD_NOT_FOUND = -32601; // allow:raw-byte-literal — JSON-RPC fixed code / allow:raw-time-literal — not seconds
68
- var JSONRPC_INVALID_PARAMS = -32602; // allow:raw-byte-literal — JSON-RPC fixed code / allow:raw-time-literal — not seconds
69
- var JSONRPC_INTERNAL_ERROR = -32603; // allow:raw-byte-literal — JSON-RPC fixed code / allow:raw-time-literal — not seconds
65
+ var JSONRPC_PARSE_ERROR = -32700; // allow:raw-time-literal — not seconds
66
+ var JSONRPC_INVALID_REQUEST = -32600; // allow:raw-time-literal — not seconds
67
+ var JSONRPC_METHOD_NOT_FOUND = -32601; // allow:raw-time-literal — not seconds
68
+ var JSONRPC_INVALID_PARAMS = -32602; // allow:raw-time-literal — not seconds
69
+ var JSONRPC_INTERNAL_ERROR = -32603; // allow:raw-time-literal — not seconds
70
70
 
71
71
  // A2A-specific error codes per the spec's task-error vocabulary.
72
72
  // A2A_TASK_NOT_FOUND (-32002) + A2A_TASK_NOT_CANCELABLE (-32003) are
73
73
  // raised by operator handlers — they're reserved here for documentation
74
74
  // purposes only.
75
- var A2A_SCOPE_DENIED = -32001; // allow:raw-byte-literal — JSON-RPC server-error range / allow:raw-time-literal — not seconds
75
+ var A2A_SCOPE_DENIED = -32001; // allow:raw-time-literal — not seconds
76
76
 
77
77
  var ALLOWED_METHODS = Object.freeze(["tasks/send", "tasks/get", "tasks/cancel"]);
78
78
 
@@ -80,7 +80,7 @@ var TASK_ID_RE = /^[A-Za-z0-9_-]{1,64}$/;
80
80
  // Same identifier shape as MCP tool-name; consolidating would couple
81
81
  // MCP + A2A protocol identifiers into a single primitive.
82
82
  var SKILL_NAME_RE = /^[a-zA-Z][a-zA-Z0-9._-]{0,63}$/; // allow:duplicate-regex — RFC-3986-unreserved identifier shape, shared across mcp.js + mcp-tool-registry.js
83
- // allow:raw-byte-literal — RFC-3986-unreserved identifier shape (length cap inside regex), not a byte count
83
+ // RFC-3986-unreserved identifier shape (length cap inside regex), not a byte count
84
84
 
85
85
  function _emitAudit(action, metadata, outcome) {
86
86
  try {
@@ -99,7 +99,7 @@ var bCrypto = lazyRequire(function () { return require("./crypto"); });
99
99
  // satisfies the framework's unused-var policy so the helper stays
100
100
  // available without an explicit disable directive.
101
101
  function _newTaskId() {
102
- return bCrypto().generateToken(12); // allow:raw-byte-literal — 96-bit task id, not byte arithmetic on payload
102
+ return bCrypto().generateToken(12); // 96-bit task id, not byte arithmetic on payload
103
103
  }
104
104
 
105
105
  function _validateTaskShape(task, where) {
@@ -108,7 +108,7 @@ function _validateTaskShape(task, where) {
108
108
  where + ": task must be a non-null object", true);
109
109
  }
110
110
  validateOpts.requireNonEmptyString(task.skill, where + ".skill", A2aTasksError, "a2a-tasks/bad-skill");
111
- if (task.skill.length > 64 || !SKILL_NAME_RE.test(task.skill)) { // allow:raw-byte-literal — A2A skill-name length cap, not byte count
111
+ if (task.skill.length > 64 || !SKILL_NAME_RE.test(task.skill)) { // A2A skill-name length cap, not byte count
112
112
 
113
113
  throw new A2aTasksError("a2a-tasks/bad-skill",
114
114
  where + ".skill '" + task.skill + "' must match " + SKILL_NAME_RE);
@@ -196,7 +196,7 @@ async function get(opts) {
196
196
  }
197
197
  validateOpts.requireNonEmptyString(opts.peerUrl, "tasks.get.peerUrl", A2aTasksError, "a2a-tasks/bad-peer-url");
198
198
  validateOpts.requireNonEmptyString(opts.taskId, "tasks.get.taskId", A2aTasksError, "a2a-tasks/bad-task-id");
199
- if (opts.taskId.length > 64 || !TASK_ID_RE.test(opts.taskId)) { // allow:raw-byte-literal — A2A task-id length cap, not byte count
199
+ if (opts.taskId.length > 64 || !TASK_ID_RE.test(opts.taskId)) { // A2A task-id length cap, not byte count
200
200
  throw new A2aTasksError("a2a-tasks/bad-task-id",
201
201
  "tasks.get: taskId must match " + TASK_ID_RE);
202
202
  }
@@ -239,7 +239,7 @@ async function cancel(opts) {
239
239
  }
240
240
  validateOpts.requireNonEmptyString(opts.peerUrl, "tasks.cancel.peerUrl", A2aTasksError, "a2a-tasks/bad-peer-url");
241
241
  validateOpts.requireNonEmptyString(opts.taskId, "tasks.cancel.taskId", A2aTasksError, "a2a-tasks/bad-task-id");
242
- if (opts.taskId.length > 64 || !TASK_ID_RE.test(opts.taskId)) { // allow:raw-byte-literal — A2A task-id length cap, not byte count
242
+ if (opts.taskId.length > 64 || !TASK_ID_RE.test(opts.taskId)) { // A2A task-id length cap, not byte count
243
243
  throw new A2aTasksError("a2a-tasks/bad-task-id",
244
244
  "tasks.cancel: taskId must match " + TASK_ID_RE);
245
245
  }
@@ -280,7 +280,7 @@ async function _jsonRpc(url, method, params, opts) {
280
280
  throw new A2aTasksError("a2a-tasks/transport",
281
281
  "tasks." + method.split("/")[1] + ": transport error: " + (transportErr.message || transportErr));
282
282
  }
283
- if (rsp.statusCode < 200 || rsp.statusCode >= 300) { // allow:raw-byte-literal — HTTP status class boundaries
283
+ if (rsp.statusCode < 200 || rsp.statusCode >= 300) { // HTTP status class boundaries
284
284
  if (opts.audit) {
285
285
  _emitAudit("a2a.tasks.http_error",
286
286
  { method: method, url: url, statusCode: rsp.statusCode, elapsedMs: Date.now() - startMs },
@@ -395,7 +395,7 @@ function middlewareTasks(opts) {
395
395
 
396
396
  return function a2aTasksMiddleware(req, res) {
397
397
  if ((req.method || "").toUpperCase() !== "POST") {
398
- res.statusCode = 405; // allow:raw-byte-literal — HTTP 405 Method Not Allowed
398
+ res.statusCode = 405; // HTTP 405 Method Not Allowed
399
399
  res.setHeader("Content-Type", "application/json");
400
400
  res.setHeader("Allow", "POST");
401
401
  res.end(JSON.stringify(_jsonRpcError(null, JSONRPC_INVALID_REQUEST, "method must be POST")));
@@ -403,7 +403,7 @@ function middlewareTasks(opts) {
403
403
  }
404
404
  var ctype = (req.headers && (req.headers["content-type"] || req.headers["Content-Type"])) || "";
405
405
  if (typeof ctype === "string" && ctype.indexOf("application/json") !== 0 && ctype.indexOf("application/json") === -1) {
406
- res.statusCode = 415; // allow:raw-byte-literal — HTTP 415 Unsupported Media Type
406
+ res.statusCode = 415; // HTTP 415 Unsupported Media Type
407
407
  res.setHeader("Content-Type", "application/json");
408
408
  res.end(JSON.stringify(_jsonRpcError(null, JSONRPC_INVALID_REQUEST, "Content-Type must be application/json")));
409
409
  return;
@@ -414,14 +414,14 @@ function middlewareTasks(opts) {
414
414
  try {
415
415
  body = safeJson.parse(rawBytes.toString("utf8"), { maxBytes: maxBytes });
416
416
  } catch (_parseErr) {
417
- res.statusCode = 400; // allow:raw-byte-literal — HTTP 400 Bad Request
417
+ res.statusCode = 400; // HTTP 400 Bad Request
418
418
  res.setHeader("Content-Type", "application/json");
419
419
  res.end(JSON.stringify(_jsonRpcError(null, JSONRPC_PARSE_ERROR, "invalid JSON body")));
420
420
  return;
421
421
  }
422
422
  if (!body || typeof body !== "object" || body.jsonrpc !== JSONRPC_VERSION ||
423
423
  typeof body.method !== "string") {
424
- res.statusCode = 400; // allow:raw-byte-literal — HTTP 400 Bad Request
424
+ res.statusCode = 400; // HTTP 400 Bad Request
425
425
  res.setHeader("Content-Type", "application/json");
426
426
  res.end(JSON.stringify(_jsonRpcError(body && body.id, JSONRPC_INVALID_REQUEST,
427
427
  "expected JSON-RPC 2.0 envelope { jsonrpc, id?, method, params? }")));
@@ -429,7 +429,7 @@ function middlewareTasks(opts) {
429
429
  }
430
430
  var reqId = body.id !== undefined ? body.id : null;
431
431
  if (ALLOWED_METHODS.indexOf(body.method) === -1) {
432
- res.statusCode = 200; // allow:raw-byte-literal — JSON-RPC errors return 200 with error envelope
432
+ res.statusCode = 200; // JSON-RPC errors return 200 with error envelope
433
433
  res.setHeader("Content-Type", "application/json");
434
434
  res.end(JSON.stringify(_jsonRpcError(reqId, JSONRPC_METHOD_NOT_FOUND,
435
435
  "method '" + body.method + "' not in [" + ALLOWED_METHODS.join(", ") + "]")));
@@ -440,7 +440,7 @@ function middlewareTasks(opts) {
440
440
  // Scope enforcement for tasks/send (task references a skill).
441
441
  if (body.method === "tasks/send" && scopes) {
442
442
  if (!params.task || typeof params.task !== "object" || typeof params.task.skill !== "string") {
443
- res.statusCode = 200; // allow:raw-byte-literal — JSON-RPC error envelope returns 200
443
+ res.statusCode = 200; // JSON-RPC error envelope returns 200
444
444
  res.setHeader("Content-Type", "application/json");
445
445
  res.end(JSON.stringify(_jsonRpcError(reqId, JSONRPC_INVALID_PARAMS,
446
446
  "tasks/send: params.task.skill required")));
@@ -454,7 +454,7 @@ function middlewareTasks(opts) {
454
454
  _emitAudit("a2a.tasks.scope_denied",
455
455
  { skill: params.task.skill, requiredScope: requiredScope }, "denied");
456
456
  }
457
- res.statusCode = 200; // allow:raw-byte-literal — JSON-RPC error envelope returns 200
457
+ res.statusCode = 200; // JSON-RPC error envelope returns 200
458
458
  res.setHeader("Content-Type", "application/json");
459
459
  res.end(JSON.stringify(_jsonRpcError(reqId, A2A_SCOPE_DENIED,
460
460
  "scope '" + requiredScope + "' required for skill '" + params.task.skill + "'")));
@@ -476,7 +476,7 @@ function middlewareTasks(opts) {
476
476
  _emitAudit("a2a.tasks.handled",
477
477
  { method: body.method, skill: params.task && params.task.skill, taskId: params.taskId });
478
478
  }
479
- res.statusCode = 200; // allow:raw-byte-literal — JSON-RPC 200 with result envelope
479
+ res.statusCode = 200; // JSON-RPC 200 with result envelope
480
480
  res.setHeader("Content-Type", "application/json");
481
481
  res.end(JSON.stringify({
482
482
  jsonrpc: JSONRPC_VERSION,
@@ -491,12 +491,12 @@ function middlewareTasks(opts) {
491
491
  _emitAudit("a2a.tasks.handler_error",
492
492
  { method: body.method, errorMessage: msg, errorCode: code }, "warning");
493
493
  }
494
- res.statusCode = 200; // allow:raw-byte-literal — JSON-RPC error envelope returns 200
494
+ res.statusCode = 200; // JSON-RPC error envelope returns 200
495
495
  res.setHeader("Content-Type", "application/json");
496
496
  res.end(JSON.stringify(_jsonRpcError(reqId, code, msg)));
497
497
  });
498
498
  }).catch(function (readErr) {
499
- res.statusCode = 400; // allow:raw-byte-literal — HTTP 400 Bad Request
499
+ res.statusCode = 400; // HTTP 400 Bad Request
500
500
  res.setHeader("Content-Type", "application/json");
501
501
  res.end(JSON.stringify(_jsonRpcError(null, JSONRPC_PARSE_ERROR,
502
502
  "could not read request body: " + (readErr.message || readErr))));
@@ -573,12 +573,12 @@ function middlewareAgentCard(opts) {
573
573
  var cardJson = JSON.stringify(opts.card);
574
574
  return function a2aAgentCardMiddleware(req, res) {
575
575
  if ((req.method || "").toUpperCase() !== "GET") {
576
- res.statusCode = 405; // allow:raw-byte-literal — HTTP 405 Method Not Allowed
576
+ res.statusCode = 405; // HTTP 405 Method Not Allowed
577
577
  res.setHeader("Allow", "GET");
578
578
  res.end();
579
579
  return;
580
580
  }
581
- res.statusCode = 200; // allow:raw-byte-literal — HTTP 200 OK
581
+ res.statusCode = 200; // HTTP 200 OK
582
582
  res.setHeader("Content-Type", "application/json");
583
583
  res.setHeader("Cache-Control", "public, max-age=" + maxAgeSec);
584
584
  res.end(cardJson);
@@ -39,10 +39,10 @@ var audit = require("./audit");
39
39
  var { A2aError } = require("./framework-error");
40
40
 
41
41
  var REQUIRED_CARD_FIELDS = ["issuer", "agentId", "capabilities", "version"];
42
- var ID_MAX = 256; // allow:raw-byte-literal — string-length cap, not bytes
43
- var SEMVER_MAX = 64; // allow:raw-byte-literal — string-length cap, not bytes
44
- var CAP_NAME_MAX = 128; // allow:raw-byte-literal — string-length cap, not bytes
45
- var SHAKE256_BYTES = 64; // allow:raw-byte-literal — SHA3-512 output is 64 bytes (FIPS 202)
42
+ var ID_MAX = 256; // string-length cap, not bytes
43
+ var SEMVER_MAX = 64; // string-length cap, not bytes
44
+ var CAP_NAME_MAX = 128; // string-length cap, not bytes
45
+ var SHAKE256_BYTES = 64; // SHA3-512 output is 64 bytes (FIPS 202)
46
46
  var ID_RE = /^[a-zA-Z0-9._:/-]{1,256}$/;
47
47
  var SEMVER_RE = /^[0-9]+\.[0-9]+(?:\.[0-9]+)?(?:-[A-Za-z0-9.-]+)?$/;
48
48
 
@@ -138,7 +138,7 @@ function _signJws(privateKey, protectedHeader, payload) {
138
138
  // ECDSA from node:crypto returns DER-encoded (r,s); RFC 7515 requires
139
139
  // raw concatenation of r||s, each padded to the curve byte size (32
140
140
  // for P-256).
141
- var rawSig = _ecdsaDerToRaw(derSig, 32); // allow:raw-byte-literal — RFC 7518 §3.4 ES256 signature half-length (P-256 byte size)
141
+ var rawSig = _ecdsaDerToRaw(derSig, 32); // RFC 7518 §3.4 ES256 signature half-length (P-256 byte size)
142
142
  return {
143
143
  protected: protB64,
144
144
  payload: payloadB64,
@@ -1432,8 +1432,8 @@ function _base32lc(buf) {
1432
1432
  var bits = 0;
1433
1433
  var value = 0;
1434
1434
  for (var i = 0; i < buf.length; i += 1) {
1435
- value = (value << 8) | buf[i]; // allow:raw-byte-literal — bit-shift count, byte boundary
1436
- bits += 8; // allow:raw-byte-literal — bits-per-byte constant
1435
+ value = (value << 8) | buf[i]; // bit-shift count, byte boundary
1436
+ bits += 8; // bits-per-byte constant
1437
1437
  while (bits >= 5) {
1438
1438
  out += alphabet[(value >>> (bits - 5)) & 31];
1439
1439
  bits -= 5;
@@ -430,7 +430,7 @@ function _actorIdHash(actorId) {
430
430
 
431
431
  function _truncHash(hash) {
432
432
  if (typeof hash !== "string") return "";
433
- return hash.slice(0, 16); // allow:raw-byte-literal — audit-log truncation length, not a size cap
433
+ return hash.slice(0, 16); // audit-log truncation length, not a size cap
434
434
  }
435
435
 
436
436
  function _fingerprintArgs(args) {
@@ -117,7 +117,7 @@ function _unsealRegistryRow(row) {
117
117
  }
118
118
 
119
119
  var DEFAULT_DRAIN_TIMEOUT_MS = C.TIME.minutes(2);
120
- var STREAM_ID_RAND_BYTES = 8; // allow:raw-byte-literal — stream-id random-suffix byte length, not a size cap
120
+ var STREAM_ID_RAND_BYTES = 8; // stream-id random-suffix byte length, not a size cap
121
121
  var DEFAULT_PER_CONSUMER_STOP_MS = C.TIME.seconds(5);
122
122
  // SUBSTRATE-20 — FNV-1a offset basis salted with the first 32 bits of
123
123
  // SHA3-512(vault master). Attackers who don't have read access to the
@@ -428,7 +428,7 @@ function _spawnConsumers(ctx, args) {
428
428
  "spawnConsumers: queue with .consume() required");
429
429
  }
430
430
  var shards = typeof args.shards === "number" ? args.shards : 1;
431
- if (!Number.isInteger(shards) || shards < 1 || shards > 256) { // allow:raw-byte-literal — shard cap
431
+ if (!Number.isInteger(shards) || shards < 1 || shards > 256) { // shard cap
432
432
  throw new AgentOrchestratorError("agent-orchestrator/bad-shard-count",
433
433
  "spawnConsumers: shards must be an integer in 1..256");
434
434
  }
@@ -508,21 +508,21 @@ function _saltedFnvBasis() {
508
508
  var v;
509
509
  try { v = vault(); } catch (_e) { v = null; }
510
510
  if (!v || typeof v.getKeysJson !== "function") {
511
- _saltedFnvBasisCache = 2166136261; // allow:raw-byte-literal — FNV-1a offset basis (vault-less fallback)
511
+ _saltedFnvBasisCache = 2166136261; // FNV-1a offset basis (vault-less fallback)
512
512
  return _saltedFnvBasisCache;
513
513
  }
514
514
  var keysJson;
515
515
  try { keysJson = v.getKeysJson(); }
516
516
  catch (_e) {
517
- _saltedFnvBasisCache = 2166136261; // allow:raw-byte-literal — FNV-1a offset basis (vault-init-pending fallback)
517
+ _saltedFnvBasisCache = 2166136261; // FNV-1a offset basis (vault-init-pending fallback)
518
518
  return _saltedFnvBasisCache;
519
519
  }
520
520
  var hashHex = bCrypto.sha3Hash(keysJson);
521
521
  // Read the first 32 bits as the salt; mix into the offset basis via
522
522
  // XOR so the distribution properties of FNV are preserved.
523
- var saltBuf = Buffer.from(hashHex.slice(0, 8), "hex"); // allow:raw-byte-literal — 32-bit prefix of SHA3-512 hex (4 bytes = 8 hex chars)
523
+ var saltBuf = Buffer.from(hashHex.slice(0, 8), "hex"); // 32-bit prefix of SHA3-512 hex (4 bytes = 8 hex chars)
524
524
  var salt = saltBuf.readUInt32BE(0);
525
- _saltedFnvBasisCache = ((2166136261 ^ salt) >>> 0); // allow:raw-byte-literal — FNV-1a offset basis (vault-salted)
525
+ _saltedFnvBasisCache = ((2166136261 ^ salt) >>> 0); // FNV-1a offset basis (vault-salted)
526
526
  return _saltedFnvBasisCache;
527
527
  }
528
528
 
@@ -535,7 +535,7 @@ function shardFor(shardKey, shards) {
535
535
  var h = _saltedFnvBasis();
536
536
  for (var i = 0; i < shardKey.length; i += 1) {
537
537
  h ^= shardKey.charCodeAt(i);
538
- h = (h * 16777619) >>> 0; // allow:raw-byte-literal — FNV-1a prime
538
+ h = (h * 16777619) >>> 0; // FNV-1a prime
539
539
  }
540
540
  return h % shards;
541
541
  }
@@ -710,7 +710,7 @@ async function _quiesceInFlight(ctx, startedAt, timeoutMs) {
710
710
  }
711
711
  if (!anyInFlight) return true;
712
712
  await new Promise(function (r) {
713
- var t = setTimeout(r, 50); // allow:raw-byte-literal — 50ms in-flight poll interval
713
+ var t = setTimeout(r, 50); // 50ms in-flight poll interval
714
714
  if (t && typeof t.unref === "function") t.unref();
715
715
  });
716
716
  }
@@ -72,12 +72,12 @@ var BUILTIN_REGIMES = Object.freeze(["hipaa", "pci-dss", "gdpr", "soc2"]);
72
72
  // SHAPE, not authenticity). Defense is a keyed MAC over the canonical
73
73
  // envelope bytes, computed at appendHop and verified at validate.
74
74
  var ENVELOPE_MAC_LABEL = "blamejs.agent.postureChain/v1";
75
- var ENVELOPE_MAC_KEY_BYTES = 32; // allow:raw-byte-literal — HMAC-SHA3-512 keyed bytes
75
+ var ENVELOPE_MAC_KEY_BYTES = 32; // HMAC-SHA3-512 keyed bytes
76
76
  // SUBSTRATE-21 — hop count cap defends infinite recursion across
77
77
  // agent delegation. 16 is the spec default; operators can lower via
78
78
  // opts.maxHopCount but never raise (audit fan-out without a cap is a
79
79
  // DoS class).
80
- var DEFAULT_MAX_HOP_COUNT = 16; // allow:raw-byte-literal — hop count cap
80
+ var DEFAULT_MAX_HOP_COUNT = 16; // hop count cap
81
81
  var _macKeyCache = null; // memoized per-vault-master key
82
82
 
83
83
  function _resolveMacKey() {
@@ -80,7 +80,7 @@ var audit = lazyRequire(function () { return require("./audit"); })
80
80
 
81
81
  var AgentSagaError = defineClass("AgentSagaError", { alwaysPermanent: true });
82
82
 
83
- var SAGA_ID_RAND_BYTES = 8; // allow:raw-byte-literal — saga-id random-suffix byte length
83
+ var SAGA_ID_RAND_BYTES = 8; // saga-id random-suffix byte length
84
84
 
85
85
  /**
86
86
  * @primitive b.agent.saga.create
@@ -71,7 +71,7 @@ var DEFAULT_DRAIN_TIMEOUT_MS = C.TIME.minutes(2);
71
71
  var DEFAULT_SNAPSHOT_INTERVAL_MS = C.TIME.minutes(5);
72
72
  var DEFAULT_MAX_SNAPSHOT_BYTES = C.BYTES.mib(50);
73
73
  var SCHEMA_VERSION = 1;
74
- var SNAPSHOT_ID_RAND_BYTES = 8; // allow:raw-byte-literal — snapshot-id random suffix
74
+ var SNAPSHOT_ID_RAND_BYTES = 8; // snapshot-id random suffix
75
75
 
76
76
  /**
77
77
  * @primitive b.agent.snapshot.create
@@ -66,7 +66,7 @@ var audit = lazyRequire(function () { return require("./audit"); });
66
66
 
67
67
  var AgentStreamError = defineClass("AgentStreamError", { alwaysPermanent: true });
68
68
 
69
- var DEFAULT_BATCH_SIZE = 256; // allow:raw-byte-literal — cursor batch row count, not bytes
69
+ var DEFAULT_BATCH_SIZE = 256; // cursor batch row count, not bytes
70
70
 
71
71
  /**
72
72
  * @primitive b.agent.stream.create
@@ -121,7 +121,7 @@ var TENANT_KDF_LABEL = "blamejs.agent.tenant/v1";
121
121
  // 32 bytes — XChaCha20-Poly1305 key length. Distinct from the audit
122
122
  // truncation buffer so future key-length bumps don't have to chase a
123
123
  // magic constant.
124
- var TENANT_KEY_BYTES = 32; // allow:raw-byte-literal — XChaCha20-Poly1305 key length (256 bits)
124
+ var TENANT_KEY_BYTES = 32; // XChaCha20-Poly1305 key length (256 bits)
125
125
 
126
126
  /**
127
127
  * @primitive b.agent.tenant.create
@@ -78,7 +78,7 @@ function _emitFirstFailureAudit(auditImpl, kind, message) {
78
78
  if (_failureAuditEmittedFor[kind]) return;
79
79
  _failureAuditEmittedFor[kind] = true;
80
80
  agentAudit.safeAudit(auditImpl, "agent.trace.tracer_failure", null, {
81
- kind: kind, message: message ? String(message).slice(0, 256) : "", // allow:raw-byte-literal — audit-message char cap
81
+ kind: kind, message: message ? String(message).slice(0, 256) : "", // audit-message char cap
82
82
  rateLimited: "first-occurrence-only",
83
83
  });
84
84
  }
@@ -249,8 +249,8 @@ function _shouldSample(globalRate, perMethod, method, traceId) {
249
249
  // Use the low 32 bits of the trace-id as the sampling roll
250
250
  // (W3C-compatible). Hash modulo 1e9 → divide by 1e9 puts the
251
251
  // result in [0,1) deterministically.
252
- var lo = parseInt(traceId.slice(-8), 16); // allow:raw-byte-literal — low 32 bits of trace-id hex
253
- var roll = (lo >>> 0) / 0x100000000; // allow:raw-byte-literal — 2^32 normalization divisor
252
+ var lo = parseInt(traceId.slice(-8), 16); // low 32 bits of trace-id hex
253
+ var roll = (lo >>> 0) / 0x100000000; // 2^32 normalization divisor
254
254
  return roll < rate;
255
255
  }
256
256
  // No trace-id supplied — start of a new trace. Operators wire
@@ -74,7 +74,7 @@ var REASONING_TIERS = ["none", "basic", "standard", "advanced"];
74
74
  // descriptor fields are costPer1kInputTokens / costPer1kOutputTokens).
75
75
  // Dividing a token count by this rate unit converts a per-1k rate into
76
76
  // the per-token multiplier — a rate denominator, not a byte size.
77
- var COST_RATE_TOKEN_UNIT = 1000; // allow:raw-byte-literal — per-1k-token cost-rate denominator, not a byte count
77
+ var COST_RATE_TOKEN_UNIT = 1000; // per-1k-token cost-rate denominator, not a byte count
78
78
 
79
79
  var DESCRIPTOR_KEYS = [
80
80
  "maxContextTokens", "maxOutputTokens", "modalitiesIn", "modalitiesOut",
@@ -73,7 +73,7 @@ var ACCOUNTINGS = ["basic", "rdp"];
73
73
  // integer-exact discrete-Gaussian sampler. 2^32 keeps the deviation
74
74
  // from the target σ² below 2^-32 — far under the noise scale — while
75
75
  // keeping the BigInt denominators bounded.
76
- var SIGMA2_RATIONAL_DEN = 4294967296; // allow:raw-byte-literal — 2^32 rational-approx denominator, not a byte size
76
+ var SIGMA2_RATIONAL_DEN = 4294967296; // 2^32 rational-approx denominator, not a byte size
77
77
 
78
78
  // ---- Minimal exact rational (BigInt num / den, den > 0) ----
79
79
 
@@ -105,7 +105,7 @@ function _uniformBelow(m) {
105
105
  if (m <= 0n) throw new AiDpError("ai-dp/internal", "ai.dp: _uniformBelow needs m > 0");
106
106
  if (m === 1n) return 0n;
107
107
  var bits = m.toString(2).length;
108
- var bytes = Math.ceil(bits / 8); // allow:raw-byte-literal — bits-per-byte divisor, not a size
108
+ var bytes = Math.ceil(bits / 8); // bits-per-byte divisor, not a size
109
109
  var mask = (1n << BigInt(bits)) - 1n;
110
110
  for (;;) {
111
111
  var buf = bCrypto.generateBytes(bytes);
@@ -121,7 +121,7 @@ function _uniformBelow(m) {
121
121
  // the BigInt rejection sampler (accumulating 53 bits in a JS Number
122
122
  // would overflow the 2^53 safe-integer range and skew the draw), then
123
123
  // mapped (val + 1) / 2^53 → (0, 1].
124
- var TWO_POW_53 = 9007199254740992; // allow:raw-byte-literal — 2^53 mantissa range, not a byte size
124
+ var TWO_POW_53 = 9007199254740992; // 2^53 mantissa range, not a byte size
125
125
  function _uniformOpen() {
126
126
  var v = Number(_uniformBelow(9007199254740992n)); // [0, 2^53) exact
127
127
  return (v + 1) / TWO_POW_53; // (0, 1]
@@ -231,7 +231,7 @@ function _snappingLaplace(value, scale, bound) {
231
231
 
232
232
  // ---- Rényi-DP costs (Mironov 2017) ----
233
233
 
234
- var RDP_ORDERS = [1.25, 1.5, 1.75, 2, 2.5, 3, 4, 5, 6, 8, 12, 16, 24, 32, 48, 64, 128, 256]; // allow:raw-byte-literal — Rényi DP orders (α), not byte sizes
234
+ var RDP_ORDERS = [1.25, 1.5, 1.75, 2, 2.5, 3, 4, 5, 6, 8, 12, 16, 24, 32, 48, 64, 128, 256]; // Rényi DP orders (α), not byte sizes
235
235
 
236
236
  // Gaussian mechanism with noise-to-sensitivity z = sigma / sensitivity:
237
237
  // RDP(alpha) = alpha / (2 z^2).
@@ -25,8 +25,8 @@ var numericBounds = require("./numeric-bounds");
25
25
  var audit = require("./audit");
26
26
  var { AiInputError } = require("./framework-error");
27
27
 
28
- var SAMPLE_TRUNC = 80; // allow:raw-byte-literal — sample truncation length, not bytes
29
- var CONFIDENCE_BASE = 60; // allow:raw-byte-literal — confidence percentage base / allow:raw-time-literal — not seconds
28
+ var SAMPLE_TRUNC = 80; // sample truncation length, not bytes
29
+ var CONFIDENCE_BASE = 60; // allow:raw-time-literal — not seconds
30
30
 
31
31
  var PATTERNS = [
32
32
  { id: "ignore-prior-instructions", severity: 3, re:
@@ -44,7 +44,7 @@ var PATTERNS = [
44
44
  { id: "exfil-callback", severity: 3, re:
45
45
  /\b(?:send|post|fetch|exfil|leak|paste|forward)\b[\s\S]{0,40}(?:secret|key|token|password|cred|env|\.ssh|private)/i },
46
46
  { id: "base64-marker-around-instructions", severity: 2, re:
47
- /(?:[A-Za-z0-9+/]{40,}={0,2})\s+(?:means|decodes?\s+to|=)/i }, // allow:raw-byte-literal — regex repetition floor, not bytes
47
+ /(?:[A-Za-z0-9+/]{40,}={0,2})\s+(?:means|decodes?\s+to|=)/i }, // regex repetition floor, not bytes
48
48
  { id: "rot13-shape", severity: 2, re:
49
49
  /\b(?:rot13|rotcipher|cipher|caesar)\s*[:=]\s*[a-zA-Z]{20,}/i },
50
50
  { id: "markdown-injection", severity: 2, re:
@@ -138,7 +138,7 @@ function classify(input, opts) {
138
138
  else if (signals[j].severity === 2) sev2++;
139
139
  }
140
140
  var verdict = sev3 > 0 ? "malicious" : (sev2 >= 2 ? "suspicious" : "clean");
141
- var confidence = sev3 === 0 && sev2 === 0 ? 0 : Math.min(100, CONFIDENCE_BASE + sev3 * 15 + sev2 * 5); // allow:raw-byte-literal — confidence ceiling 100, not bytes/seconds
141
+ var confidence = sev3 === 0 && sev2 === 0 ? 0 : Math.min(100, CONFIDENCE_BASE + sev3 * 15 + sev2 * 5); // confidence ceiling 100, not bytes/seconds
142
142
 
143
143
  if (auditOn && verdict !== "clean") {
144
144
  audit.safeEmit({
@@ -50,7 +50,7 @@ var VALID_DATA_TYPES = Object.freeze({
50
50
  patch: true, platform: true, "test-case": true,
51
51
  });
52
52
  var ISO8601_RE = /^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(?:\.\d+)?Z$/; // allow:duplicate-regex — ISO-8601 instant shape ships in three primitives (metrics text-render, content-credentials, mail-server-imap APPEND); each is bounded by its own caller and the regex itself is 50 bytes — extracting into a cross-module dep wouldn't carry its weight
53
- var BOM_REF_RE = /^[A-Za-z0-9._:/+-]{1,256}$/; // allow:raw-byte-literal — CycloneDX bom-ref string-length cap, not bytes
53
+ var BOM_REF_RE = /^[A-Za-z0-9._:/+-]{1,256}$/; // CycloneDX bom-ref string-length cap, not bytes
54
54
 
55
55
  function _requireString(obj, key, ownerName) {
56
56
  if (typeof obj[key] !== "string" || obj[key].length === 0) {
@@ -67,7 +67,7 @@ function _validateModelComponent(c) {
67
67
  _requireString(c, "name", "build.model");
68
68
  _requireString(c, "version", "build.model");
69
69
  if (c["bom-ref"] !== undefined) {
70
- if (typeof c["bom-ref"] !== "string" || c["bom-ref"].length > 256) { // allow:raw-byte-literal — bom-ref string-length cap, not bytes
70
+ if (typeof c["bom-ref"] !== "string" || c["bom-ref"].length > 256) { // bom-ref string-length cap, not bytes
71
71
  throw new AiModelManifestError("aibom/bad-bom-ref",
72
72
  "build.model: bom-ref must be a string of length 1-256");
73
73
  }
@@ -332,12 +332,12 @@ function verify(envelope, publicKeyPem, opts) {
332
332
  // UUIDv4 via the framework's CSPRNG path. Used for `serialNumber`
333
333
  // defaults — operators may supply their own for cross-build stability.
334
334
  function _uuidUrn() {
335
- var b = bCrypto.generateBytes(16); // allow:raw-byte-literal — RFC 9562 §4.1 UUIDv4 is a 16-byte (128-bit) primitive
336
- b[6] = (b[6] & 0x0f) | 0x40; // allow:raw-byte-literal — UUIDv4 version nibble (RFC 9562 §4.4)
337
- b[8] = (b[8] & 0x3f) | 0x80; // allow:raw-byte-literal — UUIDv4 variant nibble (RFC 9562 §4.4)
335
+ var b = bCrypto.generateBytes(16); // RFC 9562 §4.1 UUIDv4 is a 16-byte (128-bit) primitive
336
+ b[6] = (b[6] & 0x0f) | 0x40; // UUIDv4 version nibble (RFC 9562 §4.4)
337
+ b[8] = (b[8] & 0x3f) | 0x80; // UUIDv4 variant nibble (RFC 9562 §4.4)
338
338
  var h = b.toString("hex");
339
- return "urn:uuid:" + h.slice(0, 8) + "-" + h.slice(8, 12) + "-" + // allow:raw-byte-literal — RFC 9562 §4 UUID text representation hex offsets (8-4-4-4-12)
340
- h.slice(12, 16) + "-" + h.slice(16, 20) + "-" + h.slice(20); // allow:raw-byte-literal — RFC 9562 §4 UUID hex offsets
339
+ return "urn:uuid:" + h.slice(0, 8) + "-" + h.slice(8, 12) + "-" + // RFC 9562 §4 UUID text representation hex offsets (8-4-4-4-12)
340
+ h.slice(12, 16) + "-" + h.slice(16, 20) + "-" + h.slice(20); // RFC 9562 §4 UUID hex offsets
341
341
  }
342
342
 
343
343
  // package.json read lives behind the call to dodge a circular-load
@@ -142,7 +142,7 @@ function parseHeader(value) {
142
142
  if (typeof value !== "string" || value.length === 0) {
143
143
  throw AiPrefError.factory("ai-pref/bad-header", "aiPref.parseHeader: value required");
144
144
  }
145
- if (value.length > 1024) { // allow:raw-byte-literal — header value cap, not bytes
145
+ if (value.length > 1024) { // header value cap, not bytes
146
146
  throw AiPrefError.factory("ai-pref/header-too-large",
147
147
  "aiPref.parseHeader: value exceeds 1024 chars");
148
148
  }
@@ -205,7 +205,7 @@ function parseHeader(value) {
205
205
  function robotsBlock(opts) {
206
206
  var v = _validate(opts);
207
207
  var ua = opts.userAgent || "*";
208
- if (typeof ua !== "string" || ua.length === 0 || ua.length > 256) { // allow:raw-byte-literal — UA-string cap, not bytes
208
+ if (typeof ua !== "string" || ua.length === 0 || ua.length > 256) { // UA-string cap, not bytes
209
209
  throw AiPrefError.factory("ai-pref/bad-user-agent",
210
210
  "aiPref.robotsBlock: userAgent must be 1-256 char string (or omit for *)");
211
211
  }
@@ -314,7 +314,7 @@ function refusePaidCrawl(req, res, opts) {
314
314
  res.setHeader("Content-Type", "application/json");
315
315
  res.setHeader("Cache-Control", "no-store");
316
316
  }
317
- res.statusCode = 402; // allow:raw-byte-literal — HTTP 402 Payment Required (RFC 9110)
317
+ res.statusCode = 402; // HTTP 402 Payment Required (RFC 9110)
318
318
  res.end(body);
319
319
  audit.safeEmit({
320
320
  action: "aipref.paid_crawl_refused",
@@ -25,8 +25,8 @@ var archiveRead = lazyRequire(function () { return require("./archive-read"); })
25
25
  var archiveTarRead = lazyRequire(function () { return require("./archive-tar-read"); });
26
26
 
27
27
  // gzip magic — RFC 1952 §2.2 ("ID1=0x1f, ID2=0x8b").
28
- var GZIP_MAGIC_0 = 0x1f; // allow:raw-byte-literal — RFC 1952 §2.2 ID1
29
- var GZIP_MAGIC_1 = 0x8b; // allow:raw-byte-literal — RFC 1952 §2.2 ID2
28
+ var GZIP_MAGIC_0 = 0x1f; // RFC 1952 §2.2 ID1
29
+ var GZIP_MAGIC_1 = 0x8b; // RFC 1952 §2.2 ID2
30
30
 
31
31
  var DEFAULT_MAX_OUTPUT_BYTES = C.BYTES.gib(1);
32
32
  var DEFAULT_MAX_RATIO = 100;
@@ -58,12 +58,12 @@ var archiveAdapters = lazyRequire(function () { return require("./archive-adapte
58
58
  // Aligned with the write-side `lib/archive.js`. APPNOTE.TXT § references
59
59
  // follow each signature so a future spec bump is mechanical.
60
60
 
61
- var SIG_LFH = 0x04034b50; // allow:raw-byte-literal — APPNOTE §4.3.7 LFH magic dword (wire-format-fixed)
62
- var SIG_CFH = 0x02014b50; // allow:raw-byte-literal — APPNOTE §4.3.12 CFH magic dword (wire-format-fixed)
63
- var SIG_EOCD = 0x06054b50; // allow:raw-byte-literal — APPNOTE §4.3.16 EOCD magic dword (wire-format-fixed)
64
- var SIG_EOCD64 = 0x06064b50; // allow:raw-byte-literal — APPNOTE §4.3.14 ZIP64 EOCD magic dword (wire-format-fixed)
65
- var SIG_EOCD64_LOCATOR = 0x07064b50; // allow:raw-byte-literal — APPNOTE §4.3.15 ZIP64 EOCD locator magic dword (wire-format-fixed)
66
- var SIG_DATA_DESCRIPTOR = 0x08074b50; // allow:raw-byte-literal — APPNOTE §4.3.9 data-descriptor magic dword (wire-format-fixed)
61
+ var SIG_LFH = 0x04034b50; // APPNOTE §4.3.7 LFH magic dword (wire-format-fixed)
62
+ var SIG_CFH = 0x02014b50; // APPNOTE §4.3.12 CFH magic dword (wire-format-fixed)
63
+ var SIG_EOCD = 0x06054b50; // APPNOTE §4.3.16 EOCD magic dword (wire-format-fixed)
64
+ var SIG_EOCD64 = 0x06064b50; // APPNOTE §4.3.14 ZIP64 EOCD magic dword (wire-format-fixed)
65
+ var SIG_EOCD64_LOCATOR = 0x07064b50; // APPNOTE §4.3.15 ZIP64 EOCD locator magic dword (wire-format-fixed)
66
+ var SIG_DATA_DESCRIPTOR = 0x08074b50; // APPNOTE §4.3.9 data-descriptor magic dword (wire-format-fixed)
67
67
  void SIG_EOCD64; void SIG_EOCD64_LOCATOR;
68
68
 
69
69
  var METHOD_STORE_ID = 0;
@@ -94,7 +94,7 @@ var MSDOS_EPOCH_YEAR = 1980;
94
94
  // ---- Default zip-bomb / entry caps ---------------------------------------
95
95
 
96
96
  var DEFAULT_BOMB_POLICY = Object.freeze({
97
- maxEntries: 65535, // allow:raw-byte-literal — APPNOTE §4.4.21 16-bit entry-count field's max (ZIP64 deferred)
97
+ maxEntries: 65535, // APPNOTE §4.4.21 16-bit entry-count field's max (ZIP64 deferred)
98
98
  maxEntryDecompressedBytes: C.BYTES.mib(128), // per-entry cap
99
99
  maxTotalDecompressedBytes: C.BYTES.gib(4), // archive-wide cap
100
100
  maxExpansionRatio: 100, // compressed → decompressed ratio cap
@@ -193,10 +193,10 @@ async function _locateEocd(adapter) {
193
193
  eocdOffset: scanOffset + i,
194
194
  diskNumber: tail.readUInt16LE(i + 4),
195
195
  cdDiskNumber: tail.readUInt16LE(i + 6),
196
- entriesOnThisDisk: tail.readUInt16LE(i + 8), // allow:raw-byte-literal — APPNOTE §4.3.16 EOCD field offset
197
- totalEntries: tail.readUInt16LE(i + 10), // allow:raw-byte-literal — APPNOTE §4.3.16 EOCD field offset
198
- cdSize: tail.readUInt32LE(i + 12), // allow:raw-byte-literal — APPNOTE §4.3.16 EOCD field offset
199
- cdOffset: tail.readUInt32LE(i + 16), // allow:raw-byte-literal — APPNOTE §4.3.16 EOCD field offset
196
+ entriesOnThisDisk: tail.readUInt16LE(i + 8), // APPNOTE §4.3.16 EOCD field offset
197
+ totalEntries: tail.readUInt16LE(i + 10), // APPNOTE §4.3.16 EOCD field offset
198
+ cdSize: tail.readUInt32LE(i + 12), // APPNOTE §4.3.16 EOCD field offset
199
+ cdOffset: tail.readUInt32LE(i + 16), // APPNOTE §4.3.16 EOCD field offset
200
200
  commentLength: commentLen,
201
201
  };
202
202
  }
@@ -234,20 +234,20 @@ async function _readCentralDirectory(adapter, eocd) {
234
234
  if (cdBytes.readUInt32LE(pos) !== SIG_CFH) {
235
235
  throw new ArchiveReadError("archive-read/bad-cd-signature",
236
236
  "central directory entry " + n + " has bad signature " +
237
- "0x" + cdBytes.readUInt32LE(pos).toString(16)); // allow:raw-byte-literal — radix=16 for hex parse, not byte count
237
+ "0x" + cdBytes.readUInt32LE(pos).toString(16)); // radix=16 for hex parse, not byte count
238
238
  }
239
- var generalFlags = cdBytes.readUInt16LE(pos + 8); // allow:raw-byte-literal — APPNOTE §4.3.12 CFH field offset
240
- var method = cdBytes.readUInt16LE(pos + 10); // allow:raw-byte-literal — APPNOTE §4.3.12 CFH field offset
241
- var dosTime = cdBytes.readUInt16LE(pos + 12); // allow:raw-byte-literal — APPNOTE §4.3.12 CFH field offset
242
- var dosDate = cdBytes.readUInt16LE(pos + 14); // allow:raw-byte-literal — APPNOTE §4.3.12 CFH field offset
243
- var crc32 = cdBytes.readUInt32LE(pos + 16); // allow:raw-byte-literal — APPNOTE §4.3.12 CFH field offset
244
- var compressedSize = cdBytes.readUInt32LE(pos + 20); // allow:raw-byte-literal — APPNOTE §4.3.12 CFH field offset
245
- var uncompressedSize = cdBytes.readUInt32LE(pos + 24); // allow:raw-byte-literal — APPNOTE §4.3.12 CFH field offset
246
- var nameLen = cdBytes.readUInt16LE(pos + 28); // allow:raw-byte-literal — APPNOTE §4.3.12 CFH field offset
247
- var extraLen = cdBytes.readUInt16LE(pos + 30); // allow:raw-byte-literal — APPNOTE §4.3.12 CFH field offset
248
- var commentLen = cdBytes.readUInt16LE(pos + 32); // allow:raw-byte-literal — APPNOTE §4.3.12 CFH field offset
249
- var externalAttrs = cdBytes.readUInt32LE(pos + 38); // allow:raw-byte-literal — APPNOTE §4.3.12 CFH field offset
250
- var lfhOffset = cdBytes.readUInt32LE(pos + 42); // allow:raw-byte-literal — APPNOTE §4.3.12 CFH field offset
239
+ var generalFlags = cdBytes.readUInt16LE(pos + 8); // APPNOTE §4.3.12 CFH field offset
240
+ var method = cdBytes.readUInt16LE(pos + 10); // APPNOTE §4.3.12 CFH field offset
241
+ var dosTime = cdBytes.readUInt16LE(pos + 12); // APPNOTE §4.3.12 CFH field offset
242
+ var dosDate = cdBytes.readUInt16LE(pos + 14); // APPNOTE §4.3.12 CFH field offset
243
+ var crc32 = cdBytes.readUInt32LE(pos + 16); // APPNOTE §4.3.12 CFH field offset
244
+ var compressedSize = cdBytes.readUInt32LE(pos + 20); // APPNOTE §4.3.12 CFH field offset
245
+ var uncompressedSize = cdBytes.readUInt32LE(pos + 24); // APPNOTE §4.3.12 CFH field offset
246
+ var nameLen = cdBytes.readUInt16LE(pos + 28); // APPNOTE §4.3.12 CFH field offset
247
+ var extraLen = cdBytes.readUInt16LE(pos + 30); // APPNOTE §4.3.12 CFH field offset
248
+ var commentLen = cdBytes.readUInt16LE(pos + 32); // APPNOTE §4.3.12 CFH field offset
249
+ var externalAttrs = cdBytes.readUInt32LE(pos + 38); // APPNOTE §4.3.12 CFH field offset
250
+ var lfhOffset = cdBytes.readUInt32LE(pos + 42); // APPNOTE §4.3.12 CFH field offset
251
251
  var nameStart = pos + CFH_FIXED_BYTES;
252
252
  var extraStart = nameStart + nameLen;
253
253
  var totalLen = CFH_FIXED_BYTES + nameLen + extraLen + commentLen;
@@ -292,7 +292,7 @@ async function _verifyLfhMatchesCd(adapter, entry) {
292
292
  if (lfhPrefix.readUInt32LE(0) !== SIG_LFH) {
293
293
  throw new ArchiveReadError("archive-read/bad-lfh-signature",
294
294
  "local file header for " + JSON.stringify(entry.name) +
295
- " has bad signature 0x" + lfhPrefix.readUInt32LE(0).toString(16)); // allow:raw-byte-literal — radix=16 for hex parse, not byte count
295
+ " has bad signature 0x" + lfhPrefix.readUInt32LE(0).toString(16)); // radix=16 for hex parse, not byte count
296
296
  }
297
297
  var lfhMethod = lfhPrefix.readUInt16LE(8);
298
298
  var lfhCrc = lfhPrefix.readUInt32LE(14);