npm - @blamejs/blamejs-shop - Versions diffs - 0.4.30 → 0.4.32 - Mend

@blamejs/blamejs-shop 0.4.30 → 0.4.32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (338) hide show

package/lib/vendor/blamejs/fuzz/guard-sql.fuzz.js ADDED Viewed

@@ -0,0 +1,36 @@
+"use strict";
+/**
+ * Fuzz target: b.guardSql (validate / sanitize)
+ *
+ * Targets the raw-SQL guard's tokenizer-first contract: the encoding
+ * gate (string / Buffer-or-refuse), the comment-strip + literal-mask
+ * normalizer, and the injection / exfil / OS-reach detector pipeline.
+ *
+ * validate() must NEVER throw on arbitrary bytes - it classifies and
+ * returns { ok, issues }; any throw out of it is a finding. sanitize()
+ * refuses unrepairable input with GuardSqlError (code prefix "sql.").
+ */
+var b        = require("..");
+var expected = require("./_expected");
+function expectedRefusal(e) {
+  if (expected.isExpected(e)) return true;
+  if (e && typeof e.code === "string" && e.code.indexOf("sql.") === 0) return true;
+  return false;
+}
+module.exports.fuzz = function (data) {
+  // No-throw classification contract (default + strict profiles).
+  b.guardSql.validate(data);
+  b.guardSql.validate(data, { profile: "strict" });
+  // Refusal path: sanitize throws GuardSqlError on hostile / unrepairable
+  // input; anything else is an unexpected crash.
+  try {
+    b.guardSql.sanitize(data);
+  } catch (e) {
+    if (expectedRefusal(e)) return;
+    throw e;
+  }
+};

package/lib/vendor/blamejs/index.js CHANGED Viewed

@@ -120,6 +120,7 @@ var clusterStorage = require("./lib/cluster-storage");
 var safeAsync = require("./lib/safe-async");
 var handlers = require("./lib/handlers");
 var safeSql = require("./lib/safe-sql");
+var sql = require("./lib/sql");
 var chainWriter = require("./lib/chain-writer");
 var safeBuffer = require("./lib/safe-buffer");
 var safeDecompress = require("./lib/safe-decompress").safeDecompress;
@@ -181,6 +182,7 @@ var guardSvg = require("./lib/guard-svg");
 var guardFilename = require("./lib/guard-filename");
 var guardMessageId = require("./lib/guard-message-id");
 var guardSmtpCommand = require("./lib/guard-smtp-command");
+var guardSql = require("./lib/guard-sql");
 var guardImapCommand = require("./lib/guard-imap-command");
 var guardPop3Command = require("./lib/guard-pop3-command");
 var guardManageSieveCommand = require("./lib/guard-managesieve-command");
@@ -520,6 +522,7 @@ module.exports = {
   safeAsync:        safeAsync,
   handlers:         handlers,
   safeSql:          safeSql,
+  sql:              sql,
   chainWriter:      chainWriter,
   safeBuffer:       safeBuffer,
   safeDecompress:   safeDecompress,
@@ -569,6 +572,7 @@ module.exports = {
   guardFilename:    guardFilename,
   guardMessageId:   guardMessageId,
   guardSmtpCommand: guardSmtpCommand,
+  guardSql:         guardSql,
   guardImapCommand: guardImapCommand,
   guardPop3Command: guardPop3Command,
   guardManageSieveCommand: guardManageSieveCommand,

package/lib/vendor/blamejs/lib/agent-envelope-mac.js ADDED Viewed

@@ -0,0 +1,104 @@
+"use strict";
+/**
+ * b.agent._envelopeMac — internal shared keyed-MAC mechanism for
+ * authenticating agent cross-process envelopes (`b.agent.postureChain`
+ * delegation envelopes, `b.agent.eventBus` wire envelopes, and any
+ * future agent boundary that carries security-relevant fields over a
+ * shared transport).
+ *
+ * The threat is uniform across these boundaries: an attacker with write
+ * access to the shared transport (queue / pubsub) can forge or tamper an
+ * envelope's authority-bearing fields — posture set, tenant id, topic —
+ * because schema/shape validation alone proves nothing about
+ * authenticity. The defense is a keyed MAC (HMAC-SHA3-512) over the
+ * canonical bytes of exactly those fields, keyed off the vault master so
+ * an attacker without the vault key cannot forge it and a vault rotation
+ * invalidates every in-flight MAC.
+ *
+ * Each calling domain supplies a stable `label` (domain separation) and
+ * the canonical bytes of the fields it protects; the key derivation,
+ * HMAC construction, and constant-time comparison live here so there is
+ * a single mechanism to audit, not one per agent module.
+ *
+ * Internal — operator-facing surface is each primitive's envelope
+ * sign/verify behaviour; this is the implementation detail.
+ */
+var nodeCrypto = require("node:crypto");
+var lazyRequire = require("./lazy-require");
+var { defineClass } = require("./framework-error");
+var bCrypto = require("./crypto");
+var vault = lazyRequire(function () { return require("./vault"); });
+var AgentEnvelopeMacError = defineClass("AgentEnvelopeMacError", { alwaysPermanent: true });
+var ENVELOPE_MAC_KEY_BYTES = 32;                                                                        // HMAC-SHA3-512 keyed bytes
+// Per-label memoized keys — each domain-separation label derives its own
+// sub-key from the vault master so a MAC minted for one boundary can
+// never validate on another. Memoization is process-local; a vault
+// rotation implies an operator restart (which clears the cache).
+var _macKeyCache = Object.create(null);
+// Resolve (and memoize) the MAC sub-key for a domain-separation `label`,
+// derived from the vault master. Throws when the vault is not
+// initialized — there is no key to authenticate with, so callers MUST
+// treat that as fail-closed for any cross-tenant / authority decision
+// rather than proceeding unauthenticated.
+function resolveKey(label) {
+  if (typeof label !== "string" || label.length === 0) {
+    throw new AgentEnvelopeMacError("agent-envelope-mac/bad-label",
+      "resolveKey: label must be a non-empty string");
+  }
+  if (_macKeyCache[label]) return _macKeyCache[label];
+  var v;
+  try { v = vault(); } catch (_e) { v = null; }
+  if (!v || typeof v.getKeysJson !== "function") {
+    throw new AgentEnvelopeMacError("agent-envelope-mac/vault-not-initialized",
+      "envelope MAC: vault must be initialized before agent envelopes can be authenticated " +
+      "(operator wires b.vault.init() at boot)");
+  }
+  var keysJson;
+  try { keysJson = v.getKeysJson(); }
+  catch (e) {
+    throw new AgentEnvelopeMacError("agent-envelope-mac/vault-not-initialized",
+      "envelope MAC: vault.getKeysJson threw — " + (e && e.message ? e.message : String(e)));
+  }
+  var rootBytes = Buffer.from(bCrypto.sha3Hash(keysJson), "hex");
+  var input = Buffer.concat([
+    Buffer.from(label, "utf8"),
+    Buffer.from([0x00]),
+    rootBytes,
+  ]);
+  _macKeyCache[label] = bCrypto.kdf(input, ENVELOPE_MAC_KEY_BYTES);
+  return _macKeyCache[label];
+}
+// Compute the base64 HMAC-SHA3-512 of `canonicalBytes` under the
+// `label`'s vault-derived sub-key.
+function sign(label, canonicalBytes) {
+  var key = resolveKey(label);
+  return nodeCrypto.createHmac("sha3-512", key).update(canonicalBytes).digest().toString("base64");
+}
+// Constant-time verify that `mac` (base64) is the correct HMAC for
+// `canonicalBytes` under the `label`'s sub-key. Returns false for a
+// missing / malformed `mac`; propagates AgentEnvelopeMacError from
+// resolveKey when the vault is absent so the caller fails closed rather
+// than treating a missing key as a verification pass.
+function verify(label, canonicalBytes, mac) {
+  if (typeof mac !== "string" || mac.length === 0) return false;
+  var expected = sign(label, canonicalBytes);
+  return bCrypto.timingSafeEqual(mac, expected);
+}
+module.exports = {
+  resolveKey:             resolveKey,
+  sign:                   sign,
+  verify:                 verify,
+  AgentEnvelopeMacError:  AgentEnvelopeMacError,
+  ENVELOPE_MAC_KEY_BYTES: ENVELOPE_MAC_KEY_BYTES,
+  // Test-only — flush the memoized per-label MAC keys after a vault reset.
+  _resetForTest:          function () { _macKeyCache = Object.create(null); },
+};

package/lib/vendor/blamejs/lib/agent-event-bus.js CHANGED Viewed

@@ -67,11 +67,25 @@ var { defineClass }       = require("./framework-error");
 var guardEventBusTopic    = require("./guard-event-bus-topic");
 var guardEventBusPayload  = require("./guard-event-bus-payload");
 var agentAudit            = require("./agent-audit");
+var envelopeMac           = require("./agent-envelope-mac");
+var safeJson              = require("./safe-json");
+var bCrypto               = require("./crypto");
 var audit                 = lazyRequire(function () { return require("./audit"); });
 var AgentEventBusError = defineClass("AgentEventBusError", { alwaysPermanent: true });
+// Wire-envelope authentication. An attacker with pubsub write access can
+// set _tenantId to a victim subscriber's tenant + a schema-valid payload
+// and forge a cross-tenant event; the tenant/posture/schema checks at the
+// consumer prove SHAPE, not authenticity. Defense is a keyed MAC over the
+// envelope's authority-bearing fields, minted at publish and verified at
+// the consumer BEFORE the tenant/schema checks. The key derivation +
+// HMAC live in the shared b.agent.envelopeMac mechanism (one keyed-MAC
+// mechanism for every agent boundary); this label domain-separates the
+// event-bus MAC from the posture-chain MAC.
+var ENVELOPE_MAC_LABEL = "blamejs.agent.eventBus/v1";
 /**
  * @primitive b.agent.eventBus.create
  * @signature b.agent.eventBus.create(opts)
@@ -88,6 +102,7 @@ var AgentEventBusError = defineClass("AgentEventBusError", { alwaysPermanent: tr
  *   pubsub:       { publish, subscribe, unsubscribe },   // required
  *   audit:        b.audit namespace,                      // optional
  *   permissions:  b.permissions instance,                  // optional
+ *   requireMac:   boolean,                                 // default: true — keyed-MAC envelope auth; false only for single-process unit tests with no vault
  *
  * @example
  *   var bus = b.agent.eventBus.create({ pubsub: myPubsub });
@@ -109,12 +124,18 @@ function create(opts) {
   var auditImpl   = opts.audit || audit();
   var permissions = opts.permissions || null;
   var topics      = new Map();
+  // Envelope MAC (M6): default ON. Only single-process unit tests with no
+  // vault should opt out. When off, the cross-tenant MAC gate is bypassed
+  // and that is audit-visible at publish + delivery; production /
+  // multi-process / queue-spanning deployments leave the default so a
+  // pubsub-write attacker can't forge a cross-tenant event.
+  var requireMac  = opts.requireMac !== false;
   return {
     registerTopic:   function (name, topicOpts)    { return _registerTopic(topics, name, topicOpts || {}, auditImpl); },
     unregisterTopic: function (name)               { return _unregisterTopic(topics, name, auditImpl); },
-    publish:         function (name, payload, pOpts) { return _publish(topics, opts.pubsub, name, payload, pOpts || {}, permissions, auditImpl); },
-    subscribe:       function (name, handler, sOpts) { return _subscribe(topics, opts.pubsub, name, handler, sOpts || {}, permissions, auditImpl); },
+    publish:         function (name, payload, pOpts) { return _publish(topics, opts.pubsub, name, payload, pOpts || {}, permissions, auditImpl, requireMac); },
+    subscribe:       function (name, handler, sOpts) { return _subscribe(topics, opts.pubsub, name, handler, sOpts || {}, permissions, auditImpl, requireMac); },
     listTopics:      function (args)                { return _listTopics(topics, args || {}, permissions); },
     AgentEventBusError: AgentEventBusError,
     guards: {
@@ -201,7 +222,30 @@ function _listTopics(topics, args, permissions) {
 // ---- Publish --------------------------------------------------------------
-async function _publish(topics, pubsub, name, payload, pOpts, permissions, auditImpl) {
+// Canonical bytes the MAC covers: _topic, _tenantId, _posture,
+// _publishedAt, and a hash of the payload (so the payload can't be
+// swapped without invalidating the MAC, without copying the whole
+// payload into the signed preimage). Field set matches the consumer's
+// authority decision inputs. Built as an ordered [key,value] tuple list
+// so the canonical preimage is stable regardless of source key order.
+function _macField(value, kind) {
+  if (kind === "string") return typeof value === "string" ? value : null;
+  if (kind === "number") return typeof value === "number" ? value : null;
+  return value === undefined ? null : value;   // pass-through (posture)
+}
+function _envelopeMacBytes(wrapped) {
+  var payloadForHash = wrapped.payload === undefined ? null : wrapped.payload;
+  var tuples = [
+    ["_topic",       _macField(wrapped._topic, "string")],
+    ["_tenantId",    _macField(wrapped._tenantId, "string")],
+    ["_posture",     _macField(wrapped._posture, "any")],
+    ["_publishedAt", _macField(wrapped._publishedAt, "number")],
+    ["payloadHash",  bCrypto.sha3Hash(safeJson.canonical(payloadForHash))],
+  ];
+  return Buffer.from(safeJson.canonical(tuples), "utf8");
+}
+async function _publish(topics, pubsub, name, payload, pOpts, permissions, auditImpl, requireMac) {
   guardEventBusTopic.validate(name);
   var entry = topics.get(name);
   if (!entry) {
@@ -256,6 +300,32 @@ async function _publish(topics, pubsub, name, payload, pOpts, permissions, audit
     _publishedAt: Date.now(),
     payload:      payload,
   };
+  // Authenticate the envelope's authority-bearing fields with a keyed MAC
+  // (M6). The consumer verifies this BEFORE the tenant/schema checks, so a
+  // pubsub-write attacker can't forge a cross-tenant event. If the vault
+  // isn't initialized there's no key to mint with — fail closed at publish
+  // (requireMac default) rather than emit an unauthenticatable envelope
+  // onto the bus. requireMac:false is the single-process unit-test escape
+  // hatch and is audit-visible.
+  try {
+    wrapped._mac = envelopeMac.sign(ENVELOPE_MAC_LABEL, _envelopeMacBytes(wrapped));
+  } catch (e) {
+    if (requireMac) {
+      _safeAudit(auditImpl, "agent.event_bus.publish_denied", pOpts.actor || null, {
+        topic: name, reason: "envelope-mac-unavailable",
+      });
+      throw new AgentEventBusError("agent-event-bus/envelope-mac-unavailable",
+        "publish: cannot authenticate the event envelope — " +
+        ((e && e.message) || String(e)) +
+        " (vault must be initialized so the bus MAC key is derivable, or " +
+        "set requireMac:false for single-process unit tests)");
+    }
+    // Escape hatch: no key + requireMac disabled → emit unauthenticated.
+    wrapped._mac = null;
+    _safeAudit(auditImpl, "agent.event_bus.mac_bypassed", pOpts.actor || null, {
+      topic: name, reason: "require-mac-disabled", phase: "publish",
+    });
+  }
   await pubsub.publish(name, wrapped);
   _safeAudit(auditImpl, "agent.event_bus.published", pOpts.actor, {
     topic: name, posture: entry.posture,
@@ -265,7 +335,7 @@ async function _publish(topics, pubsub, name, payload, pOpts, permissions, audit
 // ---- Subscribe ------------------------------------------------------------
-async function _subscribe(topics, pubsub, name, handler, sOpts, permissions, auditImpl) {
+async function _subscribe(topics, pubsub, name, handler, sOpts, permissions, auditImpl, requireMac) {
   guardEventBusTopic.validate(name);
   var entry = topics.get(name);
   if (!entry) {
@@ -320,6 +390,37 @@ async function _subscribe(topics, pubsub, name, handler, sOpts, permissions, aud
         { topic: name, reason: "malformed-envelope" });
       return;
     }
+    // Envelope authentication FIRST (M6): verify the keyed MAC over the
+    // authority-bearing fields (_topic / _tenantId / _posture /
+    // _publishedAt / payload-hash) BEFORE trusting _tenantId / _posture
+    // for any routing or schema decision. A pubsub-write attacker who
+    // forges _tenantId (cross-tenant routing) or tampers _posture / the
+    // payload produces a MAC mismatch and the delivery drops. If the
+    // vault key is unavailable, verify() throws — we fail CLOSED (drop),
+    // never deliver an unauthenticatable envelope cross-tenant.
+    // requireMac:false is the single-process unit-test escape hatch and
+    // is audit-visible.
+    if (requireMac) {
+      var macOk = false;
+      try {
+        macOk = envelopeMac.verify(ENVELOPE_MAC_LABEL, _envelopeMacBytes(wrapped), wrapped._mac);
+      } catch (_e) {
+        macOk = false;
+      }
+      if (!macOk) {
+        _safeAudit(auditImpl, "agent.event_bus.cross_tenant_drop", sOpts.actor, {
+          topic: name,
+          publisherTenant:  typeof wrapped._tenantId === "string" ? wrapped._tenantId : null,
+          subscriberTenant: subscriberTenant,
+          reason: "envelope-mac-invalid",
+        });
+        return;
+      }
+    } else {
+      _safeAudit(auditImpl, "agent.event_bus.mac_bypassed", sOpts.actor, {
+        topic: name, reason: "require-mac-disabled", phase: "delivery",
+      });
+    }
     // Tenant-scope check: subscriber's tenantId must match the
     // publisher's tenantId from the wire envelope. If the envelope
     // lacks _tenantId (publisher omitted), that's a tampered or

package/lib/vendor/blamejs/lib/agent-posture-chain.js CHANGED Viewed

@@ -51,15 +51,13 @@
  */
 var lazyRequire             = require("./lazy-require");
-var nodeCrypto              = require("node:crypto");
 var { defineClass }         = require("./framework-error");
 var guardPostureChain       = require("./guard-posture-chain");
 var agentAudit              = require("./agent-audit");
 var safeJson                = require("./safe-json");
-var bCrypto                 = require("./crypto");
+var envelopeMac             = require("./agent-envelope-mac");
 var audit                   = lazyRequire(function () { return require("./audit"); });
-var vault                   = lazyRequire(function () { return require("./vault"); });
 var AgentPostureChainError = defineClass("AgentPostureChainError", { alwaysPermanent: true });
@@ -70,44 +68,16 @@ var BUILTIN_REGIMES = Object.freeze(["hipaa", "pci-dss", "gdpr", "soc2"]);
 // strips postureSet to [] and re-sends a saga / sub-agent envelope
 // can bypass the downgrade refusal in _validate (which only checks
 // SHAPE, not authenticity). Defense is a keyed MAC over the canonical
-// envelope bytes, computed at appendHop and verified at validate.
+// envelope bytes, computed at appendHop and verified at validate. The
+// key derivation + HMAC construction live in the shared
+// b.agent.envelopeMac mechanism (one keyed-MAC mechanism for every
+// agent boundary); this label domain-separates the posture-chain MAC.
 var ENVELOPE_MAC_LABEL = "blamejs.agent.postureChain/v1";
-var ENVELOPE_MAC_KEY_BYTES = 32;                                                                        // HMAC-SHA3-512 keyed bytes
 // Hop count cap defends infinite recursion across
 // agent delegation. 16 is the spec default; operators can lower via
 // opts.maxHopCount but never raise (audit fan-out without a cap is a
 // DoS class).
 var DEFAULT_MAX_HOP_COUNT = 16;                                                                         // hop count cap
-var _macKeyCache = null;                                                                                // memoized per-vault-master key
-function _resolveMacKey() {
-  // Lazy derivation keyed off the vault master. Operator rotating
-  // vault keys invalidates every in-flight MAC — desired property.
-  // Memoization is process-local; if vault rotates within the same
-  // process the operator restarts (vault rotation already implies it).
-  if (_macKeyCache) return _macKeyCache;
-  var v;
-  try { v = vault(); } catch (_e) { v = null; }
-  if (!v || typeof v.getKeysJson !== "function") {
-    throw new AgentPostureChainError("agent-posture-chain/vault-not-initialized",
-      "envelope MAC: vault must be initialized before posture-chain envelopes can be authenticated " +
-      "(operator wires b.vault.init() at boot)");
-  }
-  var keysJson;
-  try { keysJson = v.getKeysJson(); }
-  catch (e) {
-    throw new AgentPostureChainError("agent-posture-chain/vault-not-initialized",
-      "envelope MAC: vault.getKeysJson threw — " + (e && e.message ? e.message : String(e)));
-  }
-  var rootBytes = Buffer.from(bCrypto.sha3Hash(keysJson), "hex");
-  var input = Buffer.concat([
-    Buffer.from(ENVELOPE_MAC_LABEL, "utf8"),
-    Buffer.from([0x00]),
-    rootBytes,
-  ]);
-  _macKeyCache = bCrypto.kdf(input, ENVELOPE_MAC_KEY_BYTES);
-  return _macKeyCache;
-}
 function _envelopeMacBytes(envelope) {
   // Sign every field that downstream consumers verify off the wire,
@@ -124,15 +94,11 @@ function _envelopeMacBytes(envelope) {
 }
 function _signEnvelope(envelope) {
-  var key = _resolveMacKey();
-  var mac = nodeCrypto.createHmac("sha3-512", key).update(_envelopeMacBytes(envelope)).digest();
-  return mac.toString("base64");
+  return envelopeMac.sign(ENVELOPE_MAC_LABEL, _envelopeMacBytes(envelope));
 }
 function _verifyEnvelopeMac(envelope) {
-  if (typeof envelope._mac !== "string" || envelope._mac.length === 0) return false;
-  var expected = _signEnvelope(envelope);
-  return bCrypto.timingSafeEqual(envelope._mac, expected);
+  return envelopeMac.verify(ENVELOPE_MAC_LABEL, _envelopeMacBytes(envelope), envelope._mac);
 }
 /**
@@ -362,5 +328,5 @@ module.exports = {
     chain: guardPostureChain,
   },
   // Test-only — flush the memoized MAC key after a vault reset.
-  _resetForTest: function () { _macKeyCache = null; },
+  _resetForTest: function () { envelopeMac._resetForTest(); },
 };

package/lib/vendor/blamejs/lib/ai-content-detect.js CHANGED Viewed

@@ -43,6 +43,7 @@ var lazyRequire = require("./lazy-require");
 var contentCredentials = lazyRequire(function () { return require("./content-credentials"); });
 var audit = require("./audit");
 var { defineClass } = require("./framework-error");
+var gateContract = require("./gate-contract");
 var AiContentDetectError = defineClass("AiContentDetectError", { alwaysPermanent: true });
@@ -64,16 +65,14 @@ var COMPLIANCE_POSTURES = Object.freeze({
   "nist-ai-rmf":        "balanced",
 });
-function _resolveProfile(opts) {
-  if (opts && typeof opts.posture === "string") {
-    var profile = COMPLIANCE_POSTURES[opts.posture];
-    if (profile) return PROFILES[profile];
-  }
-  if (opts && typeof opts.profile === "string" && PROFILES[opts.profile]) {
-    return PROFILES[opts.profile];
-  }
-  return PROFILES[DEFAULT_PROFILE];
-}
+var _resolveProfile = gateContract.makeProfileResolver({
+  profiles:   PROFILES,
+  postures:   COMPLIANCE_POSTURES,
+  defaults:   DEFAULT_PROFILE,
+  errorClass: AiContentDetectError,
+  codePrefix: "ai-content-detect",
+  byObject:   true,
+});
 /**
  * @primitive b.ai.aiContentDetect.report