@blamejs/blamejs-shop 0.4.55 → 0.4.57
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +4 -0
- package/lib/admin.js +385 -2
- package/lib/asset-manifest.json +1 -1
- package/lib/vendor/MANIFEST.json +426 -366
- package/lib/vendor/blamejs/.github/codeql/codeql-config.yml +25 -0
- package/lib/vendor/blamejs/.github/workflows/actions-lint.yml +3 -3
- package/lib/vendor/blamejs/.github/workflows/cflite_batch.yml +1 -1
- package/lib/vendor/blamejs/.github/workflows/cflite_pr.yml +1 -1
- package/lib/vendor/blamejs/.github/workflows/ci.yml +13 -13
- package/lib/vendor/blamejs/.github/workflows/codeql.yml +8 -7
- package/lib/vendor/blamejs/.github/workflows/npm-publish.yml +2 -2
- package/lib/vendor/blamejs/.github/workflows/release-container.yml +4 -4
- package/lib/vendor/blamejs/.github/workflows/scorecard.yml +1 -1
- package/lib/vendor/blamejs/.github/workflows/sha-to-tag-verify.yml +1 -1
- package/lib/vendor/blamejs/CHANGELOG.md +2 -0
- package/lib/vendor/blamejs/api-snapshot.json +1381 -4
- package/lib/vendor/blamejs/eslint.config.mjs +1 -0
- package/lib/vendor/blamejs/examples/wiki/lib/source-comment-block-validator.js +4 -1
- package/lib/vendor/blamejs/examples/wiki/lib/symbol-index.js +5 -2
- package/lib/vendor/blamejs/examples/wiki/routes/pages.js +4 -1
- package/lib/vendor/blamejs/fuzz/guard-text.fuzz.js +20 -0
- package/lib/vendor/blamejs/index.js +2 -0
- package/lib/vendor/blamejs/lib/a2a-tasks.js +7 -23
- package/lib/vendor/blamejs/lib/acme.js +6 -5
- package/lib/vendor/blamejs/lib/agent-event-bus.js +5 -4
- package/lib/vendor/blamejs/lib/agent-idempotency.js +2 -5
- package/lib/vendor/blamejs/lib/agent-orchestrator.js +2 -5
- package/lib/vendor/blamejs/lib/agent-saga.js +3 -5
- package/lib/vendor/blamejs/lib/agent-tenant.js +2 -5
- package/lib/vendor/blamejs/lib/ai-adverse-decision.js +2 -15
- package/lib/vendor/blamejs/lib/ai-capability.js +1 -6
- package/lib/vendor/blamejs/lib/ai-dp.js +1 -5
- package/lib/vendor/blamejs/lib/ai-input.js +2 -2
- package/lib/vendor/blamejs/lib/ai-pref.js +3 -8
- package/lib/vendor/blamejs/lib/ai-quota.js +3 -14
- package/lib/vendor/blamejs/lib/api-key.js +37 -28
- package/lib/vendor/blamejs/lib/archive-adapters.js +2 -4
- package/lib/vendor/blamejs/lib/archive-entry-policy.js +32 -0
- package/lib/vendor/blamejs/lib/archive-read.js +5 -17
- package/lib/vendor/blamejs/lib/archive-tar-read.js +5 -16
- package/lib/vendor/blamejs/lib/archive.js +2 -10
- package/lib/vendor/blamejs/lib/arg-parser.js +7 -6
- package/lib/vendor/blamejs/lib/asyncapi-traits.js +2 -6
- package/lib/vendor/blamejs/lib/atomic-file.js +108 -31
- package/lib/vendor/blamejs/lib/audit-chain.js +133 -53
- package/lib/vendor/blamejs/lib/audit-daily-review.js +24 -14
- package/lib/vendor/blamejs/lib/audit-emit.js +82 -0
- package/lib/vendor/blamejs/lib/audit-sign.js +257 -0
- package/lib/vendor/blamejs/lib/audit.js +84 -0
- package/lib/vendor/blamejs/lib/auth/access-lock.js +5 -27
- package/lib/vendor/blamejs/lib/auth/dpop.js +23 -35
- package/lib/vendor/blamejs/lib/auth/fido-mds3.js +9 -15
- package/lib/vendor/blamejs/lib/auth/jwt-external.js +26 -8
- package/lib/vendor/blamejs/lib/auth/jwt.js +13 -15
- package/lib/vendor/blamejs/lib/auth/lockout.js +6 -25
- package/lib/vendor/blamejs/lib/auth/oauth.js +67 -45
- package/lib/vendor/blamejs/lib/auth/oid4vci.js +55 -32
- package/lib/vendor/blamejs/lib/auth/oid4vp.js +3 -2
- package/lib/vendor/blamejs/lib/auth/openid-federation.js +6 -6
- package/lib/vendor/blamejs/lib/auth/passkey.js +3 -3
- package/lib/vendor/blamejs/lib/auth/password.js +7 -1
- package/lib/vendor/blamejs/lib/auth/saml.js +37 -27
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-holder.js +2 -14
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-issuer.js +2 -14
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc.js +1 -1
- package/lib/vendor/blamejs/lib/auth/status-list.js +7 -7
- package/lib/vendor/blamejs/lib/auth/step-up.js +6 -12
- package/lib/vendor/blamejs/lib/auth-bot-challenge.js +6 -37
- package/lib/vendor/blamejs/lib/backup/bundle.js +11 -18
- package/lib/vendor/blamejs/lib/backup/index.js +14 -47
- package/lib/vendor/blamejs/lib/bounded-map.js +112 -1
- package/lib/vendor/blamejs/lib/breach-deadline.js +1 -11
- package/lib/vendor/blamejs/lib/cache.js +7 -18
- package/lib/vendor/blamejs/lib/cbor.js +2 -1
- package/lib/vendor/blamejs/lib/cdn-cache-control.js +8 -9
- package/lib/vendor/blamejs/lib/cert.js +3 -10
- package/lib/vendor/blamejs/lib/chain-writer.js +162 -47
- package/lib/vendor/blamejs/lib/cli.js +5 -1
- package/lib/vendor/blamejs/lib/client-hints.js +7 -9
- package/lib/vendor/blamejs/lib/cloud-events.js +40 -31
- package/lib/vendor/blamejs/lib/cluster-storage.js +2 -38
- package/lib/vendor/blamejs/lib/cms-codec.js +2 -1
- package/lib/vendor/blamejs/lib/codepoint-class.js +67 -1
- package/lib/vendor/blamejs/lib/compliance-ai-act-logging.js +1 -6
- package/lib/vendor/blamejs/lib/compliance-ai-act-transparency.js +2 -4
- package/lib/vendor/blamejs/lib/compliance-eaa.js +1 -11
- package/lib/vendor/blamejs/lib/compliance-sanctions-fetcher.js +21 -28
- package/lib/vendor/blamejs/lib/compliance-sanctions.js +2 -14
- package/lib/vendor/blamejs/lib/compliance.js +2 -9
- package/lib/vendor/blamejs/lib/config-drift.js +2 -12
- package/lib/vendor/blamejs/lib/content-digest.js +10 -8
- package/lib/vendor/blamejs/lib/cookies.js +5 -11
- package/lib/vendor/blamejs/lib/cose.js +19 -11
- package/lib/vendor/blamejs/lib/cra-report.js +1 -11
- package/lib/vendor/blamejs/lib/crypto-field.js +5 -10
- package/lib/vendor/blamejs/lib/crypto.js +120 -3
- package/lib/vendor/blamejs/lib/csp.js +235 -3
- package/lib/vendor/blamejs/lib/daemon.js +42 -41
- package/lib/vendor/blamejs/lib/data-act.js +19 -9
- package/lib/vendor/blamejs/lib/db-query.js +6 -40
- package/lib/vendor/blamejs/lib/db.js +34 -12
- package/lib/vendor/blamejs/lib/dbsc.js +5 -6
- package/lib/vendor/blamejs/lib/ddl-change-control.js +18 -14
- package/lib/vendor/blamejs/lib/deprecate.js +4 -5
- package/lib/vendor/blamejs/lib/did.js +6 -2
- package/lib/vendor/blamejs/lib/dsr.js +8 -12
- package/lib/vendor/blamejs/lib/external-db-migrate.js +21 -22
- package/lib/vendor/blamejs/lib/external-db.js +14 -26
- package/lib/vendor/blamejs/lib/fda-21cfr11.js +12 -8
- package/lib/vendor/blamejs/lib/fdx.js +22 -18
- package/lib/vendor/blamejs/lib/file-upload.js +80 -66
- package/lib/vendor/blamejs/lib/flag-evaluation-context.js +5 -8
- package/lib/vendor/blamejs/lib/framework-error.js +12 -0
- package/lib/vendor/blamejs/lib/framework-schema.js +19 -0
- package/lib/vendor/blamejs/lib/fsm.js +7 -12
- package/lib/vendor/blamejs/lib/gate-contract.js +869 -38
- package/lib/vendor/blamejs/lib/gdpr-ropa.js +4 -13
- package/lib/vendor/blamejs/lib/graphql-federation.js +1 -1
- package/lib/vendor/blamejs/lib/guard-agent-registry.js +2 -1
- package/lib/vendor/blamejs/lib/guard-all.js +1 -0
- package/lib/vendor/blamejs/lib/guard-archive.js +9 -30
- package/lib/vendor/blamejs/lib/guard-auth.js +23 -80
- package/lib/vendor/blamejs/lib/guard-cidr.js +20 -96
- package/lib/vendor/blamejs/lib/guard-csv.js +135 -196
- package/lib/vendor/blamejs/lib/guard-domain.js +23 -106
- package/lib/vendor/blamejs/lib/guard-dsn.js +16 -13
- package/lib/vendor/blamejs/lib/guard-email.js +46 -53
- package/lib/vendor/blamejs/lib/guard-envelope.js +1 -1
- package/lib/vendor/blamejs/lib/guard-event-bus-topic.js +2 -1
- package/lib/vendor/blamejs/lib/guard-filename.js +12 -60
- package/lib/vendor/blamejs/lib/guard-graphql.js +28 -75
- package/lib/vendor/blamejs/lib/guard-html-wcag.js +15 -2
- package/lib/vendor/blamejs/lib/guard-html.js +65 -117
- package/lib/vendor/blamejs/lib/guard-idempotency-key.js +2 -1
- package/lib/vendor/blamejs/lib/guard-image.js +280 -77
- package/lib/vendor/blamejs/lib/guard-imap-command.js +8 -9
- package/lib/vendor/blamejs/lib/guard-json.js +87 -103
- package/lib/vendor/blamejs/lib/guard-jsonpath.js +20 -88
- package/lib/vendor/blamejs/lib/guard-jwt.js +32 -114
- package/lib/vendor/blamejs/lib/guard-list-id.js +2 -7
- package/lib/vendor/blamejs/lib/guard-list-unsubscribe.js +2 -7
- package/lib/vendor/blamejs/lib/guard-mail-compose.js +5 -6
- package/lib/vendor/blamejs/lib/guard-mail-move.js +2 -1
- package/lib/vendor/blamejs/lib/guard-mail-query.js +5 -3
- package/lib/vendor/blamejs/lib/guard-mail-sieve.js +6 -7
- package/lib/vendor/blamejs/lib/guard-managesieve-command.js +5 -4
- package/lib/vendor/blamejs/lib/guard-markdown.js +76 -110
- package/lib/vendor/blamejs/lib/guard-message-id.js +5 -6
- package/lib/vendor/blamejs/lib/guard-mime.js +20 -99
- package/lib/vendor/blamejs/lib/guard-oauth.js +19 -73
- package/lib/vendor/blamejs/lib/guard-pdf.js +65 -72
- package/lib/vendor/blamejs/lib/guard-pop3-command.js +12 -13
- package/lib/vendor/blamejs/lib/guard-posture-chain.js +2 -1
- package/lib/vendor/blamejs/lib/guard-regex.js +24 -99
- package/lib/vendor/blamejs/lib/guard-saga-config.js +2 -1
- package/lib/vendor/blamejs/lib/guard-shell.js +22 -87
- package/lib/vendor/blamejs/lib/guard-smtp-command.js +8 -11
- package/lib/vendor/blamejs/lib/guard-sql.js +15 -13
- package/lib/vendor/blamejs/lib/guard-stream-args.js +2 -1
- package/lib/vendor/blamejs/lib/guard-svg.js +95 -140
- package/lib/vendor/blamejs/lib/guard-template.js +23 -80
- package/lib/vendor/blamejs/lib/guard-tenant-id.js +2 -1
- package/lib/vendor/blamejs/lib/guard-text.js +592 -0
- package/lib/vendor/blamejs/lib/guard-time.js +27 -95
- package/lib/vendor/blamejs/lib/guard-uuid.js +21 -93
- package/lib/vendor/blamejs/lib/guard-xml.js +76 -106
- package/lib/vendor/blamejs/lib/guard-yaml.js +24 -60
- package/lib/vendor/blamejs/lib/http-client-cache.js +5 -12
- package/lib/vendor/blamejs/lib/http-client-cookie-jar.js +2 -4
- package/lib/vendor/blamejs/lib/http-client.js +8 -21
- package/lib/vendor/blamejs/lib/http-message-signature.js +3 -2
- package/lib/vendor/blamejs/lib/i18n-messageformat.js +5 -7
- package/lib/vendor/blamejs/lib/i18n.js +83 -26
- package/lib/vendor/blamejs/lib/inbox.js +8 -8
- package/lib/vendor/blamejs/lib/incident-report.js +3 -21
- package/lib/vendor/blamejs/lib/ip-utils.js +49 -6
- package/lib/vendor/blamejs/lib/jobs.js +3 -2
- package/lib/vendor/blamejs/lib/keychain.js +6 -18
- package/lib/vendor/blamejs/lib/legal-hold.js +6 -15
- package/lib/vendor/blamejs/lib/log-stream-cloudwatch.js +44 -112
- package/lib/vendor/blamejs/lib/log-stream-otlp-grpc.js +17 -14
- package/lib/vendor/blamejs/lib/log-stream-otlp.js +16 -80
- package/lib/vendor/blamejs/lib/log-stream-webhook.js +20 -92
- package/lib/vendor/blamejs/lib/mail-arc-sign.js +8 -3
- package/lib/vendor/blamejs/lib/mail-arf.js +3 -2
- package/lib/vendor/blamejs/lib/mail-auth.js +40 -66
- package/lib/vendor/blamejs/lib/mail-bimi.js +19 -39
- package/lib/vendor/blamejs/lib/mail-crypto-pgp.js +3 -2
- package/lib/vendor/blamejs/lib/mail-dav.js +8 -35
- package/lib/vendor/blamejs/lib/mail-deploy.js +6 -9
- package/lib/vendor/blamejs/lib/mail-dkim.js +19 -38
- package/lib/vendor/blamejs/lib/mail-greylist.js +15 -26
- package/lib/vendor/blamejs/lib/mail-helo.js +2 -3
- package/lib/vendor/blamejs/lib/mail-journal.js +2 -1
- package/lib/vendor/blamejs/lib/mail-mdn.js +4 -3
- package/lib/vendor/blamejs/lib/mail-rbl.js +5 -8
- package/lib/vendor/blamejs/lib/mail-scan.js +2 -2
- package/lib/vendor/blamejs/lib/mail-send-deliver.js +33 -20
- package/lib/vendor/blamejs/lib/mail-server-imap.js +32 -87
- package/lib/vendor/blamejs/lib/mail-server-jmap.js +35 -51
- package/lib/vendor/blamejs/lib/mail-server-managesieve.js +29 -83
- package/lib/vendor/blamejs/lib/mail-server-mx.js +33 -74
- package/lib/vendor/blamejs/lib/mail-server-net.js +177 -0
- package/lib/vendor/blamejs/lib/mail-server-pop3.js +30 -83
- package/lib/vendor/blamejs/lib/mail-server-rate-limit.js +30 -6
- package/lib/vendor/blamejs/lib/mail-server-submission.js +34 -73
- package/lib/vendor/blamejs/lib/mail-server-tls.js +89 -0
- package/lib/vendor/blamejs/lib/mail-spam-score.js +7 -8
- package/lib/vendor/blamejs/lib/mail-store.js +3 -2
- package/lib/vendor/blamejs/lib/mail.js +6 -11
- package/lib/vendor/blamejs/lib/markup-escape.js +31 -0
- package/lib/vendor/blamejs/lib/markup-tokenizer.js +54 -0
- package/lib/vendor/blamejs/lib/mcp-tool-registry.js +26 -23
- package/lib/vendor/blamejs/lib/mcp.js +1 -1
- package/lib/vendor/blamejs/lib/mdoc.js +11 -12
- package/lib/vendor/blamejs/lib/metrics.js +32 -30
- package/lib/vendor/blamejs/lib/middleware/age-gate.js +3 -23
- package/lib/vendor/blamejs/lib/middleware/api-encrypt.js +11 -22
- package/lib/vendor/blamejs/lib/middleware/assetlinks.js +2 -7
- package/lib/vendor/blamejs/lib/middleware/bearer-auth.js +2 -1
- package/lib/vendor/blamejs/lib/middleware/body-parser.js +31 -48
- package/lib/vendor/blamejs/lib/middleware/bot-disclose.js +7 -10
- package/lib/vendor/blamejs/lib/middleware/bot-guard.js +2 -10
- package/lib/vendor/blamejs/lib/middleware/csrf-protect.js +13 -2
- package/lib/vendor/blamejs/lib/middleware/daily-byte-quota.js +6 -26
- package/lib/vendor/blamejs/lib/middleware/deny-response.js +19 -1
- package/lib/vendor/blamejs/lib/middleware/fetch-metadata.js +7 -0
- package/lib/vendor/blamejs/lib/middleware/idempotency-key.js +4 -20
- package/lib/vendor/blamejs/lib/middleware/rate-limit.js +20 -28
- package/lib/vendor/blamejs/lib/middleware/scim-server.js +3 -2
- package/lib/vendor/blamejs/lib/middleware/security-headers.js +9 -1
- package/lib/vendor/blamejs/lib/middleware/security-txt.js +2 -6
- package/lib/vendor/blamejs/lib/middleware/tus-upload.js +12 -27
- package/lib/vendor/blamejs/lib/middleware/web-app-manifest.js +2 -7
- package/lib/vendor/blamejs/lib/migrations.js +4 -13
- package/lib/vendor/blamejs/lib/mime-parse.js +34 -17
- package/lib/vendor/blamejs/lib/module-loader.js +44 -0
- package/lib/vendor/blamejs/lib/money.js +105 -0
- package/lib/vendor/blamejs/lib/mtls-ca.js +116 -36
- package/lib/vendor/blamejs/lib/network-byte-quota.js +4 -18
- package/lib/vendor/blamejs/lib/network-dane.js +8 -6
- package/lib/vendor/blamejs/lib/network-dns-resolver.js +97 -6
- package/lib/vendor/blamejs/lib/network-dnssec.js +16 -16
- package/lib/vendor/blamejs/lib/network-heartbeat.js +3 -2
- package/lib/vendor/blamejs/lib/network-smtp-policy.js +29 -41
- package/lib/vendor/blamejs/lib/network-tls.js +40 -42
- package/lib/vendor/blamejs/lib/nis2-report.js +1 -11
- package/lib/vendor/blamejs/lib/nonce-store.js +81 -3
- package/lib/vendor/blamejs/lib/numeric-bounds.js +22 -8
- package/lib/vendor/blamejs/lib/object-store/azure-blob-bucket-ops.js +2 -6
- package/lib/vendor/blamejs/lib/object-store/azure-blob.js +5 -45
- package/lib/vendor/blamejs/lib/object-store/gcs.js +8 -71
- package/lib/vendor/blamejs/lib/object-store/http-put.js +1 -5
- package/lib/vendor/blamejs/lib/object-store/http-request.js +128 -0
- package/lib/vendor/blamejs/lib/object-store/sigv4-bucket-ops.js +2 -1
- package/lib/vendor/blamejs/lib/object-store/sigv4.js +9 -77
- package/lib/vendor/blamejs/lib/observability-otlp-exporter.js +9 -25
- package/lib/vendor/blamejs/lib/observability.js +95 -0
- package/lib/vendor/blamejs/lib/openapi-paths-builder.js +7 -3
- package/lib/vendor/blamejs/lib/otel-export.js +7 -10
- package/lib/vendor/blamejs/lib/outbox.js +43 -37
- package/lib/vendor/blamejs/lib/pagination.js +11 -15
- package/lib/vendor/blamejs/lib/parsers/safe-env.js +5 -4
- package/lib/vendor/blamejs/lib/parsers/safe-ini.js +10 -4
- package/lib/vendor/blamejs/lib/parsers/safe-toml.js +11 -9
- package/lib/vendor/blamejs/lib/parsers/safe-xml.js +2 -2
- package/lib/vendor/blamejs/lib/parsers/safe-yaml.js +7 -6
- package/lib/vendor/blamejs/lib/pick.js +63 -5
- package/lib/vendor/blamejs/lib/pipl-cn.js +69 -59
- package/lib/vendor/blamejs/lib/privacy-pass.js +8 -6
- package/lib/vendor/blamejs/lib/problem-details.js +2 -5
- package/lib/vendor/blamejs/lib/pubsub.js +4 -8
- package/lib/vendor/blamejs/lib/redact.js +2 -1
- package/lib/vendor/blamejs/lib/render.js +4 -2
- package/lib/vendor/blamejs/lib/request-helpers.js +133 -6
- package/lib/vendor/blamejs/lib/restore.js +5 -22
- package/lib/vendor/blamejs/lib/retention.js +3 -5
- package/lib/vendor/blamejs/lib/safe-async.js +457 -0
- package/lib/vendor/blamejs/lib/safe-buffer.js +137 -6
- package/lib/vendor/blamejs/lib/safe-decompress.js +2 -1
- package/lib/vendor/blamejs/lib/safe-dns.js +2 -1
- package/lib/vendor/blamejs/lib/safe-ical.js +12 -26
- package/lib/vendor/blamejs/lib/safe-json.js +7 -8
- package/lib/vendor/blamejs/lib/safe-jsonpath.js +6 -5
- package/lib/vendor/blamejs/lib/safe-mime.js +25 -29
- package/lib/vendor/blamejs/lib/safe-redirect.js +2 -5
- package/lib/vendor/blamejs/lib/safe-schema.js +7 -6
- package/lib/vendor/blamejs/lib/safe-sql.js +126 -0
- package/lib/vendor/blamejs/lib/safe-vcard.js +12 -26
- package/lib/vendor/blamejs/lib/sandbox-worker.js +9 -2
- package/lib/vendor/blamejs/lib/sandbox.js +3 -2
- package/lib/vendor/blamejs/lib/scheduler.js +5 -12
- package/lib/vendor/blamejs/lib/sec-cyber.js +82 -37
- package/lib/vendor/blamejs/lib/seeders.js +4 -11
- package/lib/vendor/blamejs/lib/self-update.js +92 -69
- package/lib/vendor/blamejs/lib/session-device-binding.js +112 -66
- package/lib/vendor/blamejs/lib/session.js +194 -6
- package/lib/vendor/blamejs/lib/sql.js +225 -78
- package/lib/vendor/blamejs/lib/sse.js +6 -10
- package/lib/vendor/blamejs/lib/static.js +136 -98
- package/lib/vendor/blamejs/lib/storage.js +4 -2
- package/lib/vendor/blamejs/lib/structured-fields.js +275 -16
- package/lib/vendor/blamejs/lib/tenant-quota.js +2 -20
- package/lib/vendor/blamejs/lib/tsa.js +11 -15
- package/lib/vendor/blamejs/lib/validate-opts.js +154 -8
- package/lib/vendor/blamejs/lib/vault/seal-pem-file.js +30 -48
- package/lib/vendor/blamejs/lib/vault-aad.js +3 -2
- package/lib/vendor/blamejs/lib/vc.js +2 -7
- package/lib/vendor/blamejs/lib/vex.js +35 -13
- package/lib/vendor/blamejs/lib/web-push-vapid.js +23 -20
- package/lib/vendor/blamejs/lib/webhook-dispatcher.js +706 -0
- package/lib/vendor/blamejs/lib/webhook.js +43 -18
- package/lib/vendor/blamejs/lib/websocket-channels.js +9 -7
- package/lib/vendor/blamejs/lib/websocket.js +7 -3
- package/lib/vendor/blamejs/lib/worm.js +2 -3
- package/lib/vendor/blamejs/lib/ws-client.js +8 -10
- package/lib/vendor/blamejs/package.json +1 -1
- package/lib/vendor/blamejs/release-notes/v0.15.13.json +81 -0
- package/lib/vendor/blamejs/scripts/check-changelog-extract.js +1 -1
- package/lib/vendor/blamejs/test/00-primitives.js +136 -7
- package/lib/vendor/blamejs/test/10-state.js +9 -3
- package/lib/vendor/blamejs/test/30-chain.js +40 -0
- package/lib/vendor/blamejs/test/helpers/check.js +18 -0
- package/lib/vendor/blamejs/test/helpers/db.js +4 -0
- package/lib/vendor/blamejs/test/helpers/index.js +1 -0
- package/lib/vendor/blamejs/test/integration/audit-chain-external-db.test.js +2 -1
- package/lib/vendor/blamejs/test/integration/audit-stack-postgres.test.js +2 -1
- package/lib/vendor/blamejs/test/integration/data-layer-mysql.test.js +8 -1
- package/lib/vendor/blamejs/test/integration/data-layer-pg.test.js +1 -1
- package/lib/vendor/blamejs/test/integration/framework-schema-mysql.test.js +2 -1
- package/lib/vendor/blamejs/test/integration/webhook-dispatcher-pg.test.js +269 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/atomic-file-fd-read.test.js +149 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-framework-namespaces.test.js +51 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-sign-anchor.test.js +88 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-use-store.test.js +55 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/backup-object-store-adapter.test.js +2 -2
- package/lib/vendor/blamejs/test/layer-0-primitives/bot-guard.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/bounded-map.test.js +129 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/chain-writer-multichain.test.js +107 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-api-key.test.js +12 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/codebase-patterns.test.js +2788 -3214
- package/lib/vendor/blamejs/test/layer-0-primitives/codepoint-class.test.js +78 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-base64url.test.js +63 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-hash-stream.test.js +2 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/csp-builder.test.js +50 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/csp-nonce.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/daemon.test.js +2 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/defineguard-resolve-opts.test.js +76 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/flag.test.js +9 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/gate-contract-content-gate.test.js +290 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-csv.test.js +84 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-email.test.js +78 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-filename.test.js +23 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-gate-disposition-coverage.test.js +93 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-html.test.js +60 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-image.test.js +184 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-imap-command.test.js +0 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-json.test.js +54 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-managesieve-command.test.js +10 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-markdown.test.js +45 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-pdf.test.js +101 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-pop3-command.test.js +18 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-svg.test.js +76 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-text.test.js +365 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-xml.test.js +35 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-yaml.test.js +36 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/i18n.test.js +20 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/inbox.test.js +15 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/ip-utils.test.js +83 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-arf.test.js +10 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-auth.test.js +39 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-dkim.test.js +36 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-greylist.test.js +17 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-tls.test.js +39 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-store.test.js +17 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mime-parse.test.js +106 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/money.test.js +17 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mtls-ca-revocation.test.js +98 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/nonce-store-release.test.js +77 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/observability.test.js +48 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/rate-limit-memory-getorinsert.test.js +100 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/request-helpers.test.js +88 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-async-loops.test.js +278 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-buffer-linear-scans.test.js +37 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-jsonpath.test.js +14 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sandbox.test.js +19 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/security-headers.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/self-update.test.js +2 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/session-device-binding.test.js +18 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/session-extensions.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/session-valid-from.test.js +73 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sql.test.js +100 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/structured-fields.test.js +80 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/validate-opts-shape.test.js +235 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/webhook-dispatcher.test.js +374 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/webhook.test.js +75 -8
- package/lib/vendor/blamejs/test/layer-5-integration/guard-host-integration.test.js +3 -3
- package/lib/winback-campaigns.js +202 -42
- package/package.json +1 -1
|
@@ -60,7 +60,6 @@
|
|
|
60
60
|
* on policy denials (already-held / not-held / invalid-citation).
|
|
61
61
|
*/
|
|
62
62
|
var bCrypto = require("./crypto");
|
|
63
|
-
var lazyRequire = require("./lazy-require");
|
|
64
63
|
var safeJson = require("./safe-json");
|
|
65
64
|
var validateOpts = require("./validate-opts");
|
|
66
65
|
var sql = require("./sql");
|
|
@@ -77,7 +76,7 @@ var { defineClass } = require("./framework-error");
|
|
|
77
76
|
var HOLD_TABLE = "_blamejs_legal_hold"; // allow:hand-rolled-sql — canonical local table-name; passed to b.sql with quoteName
|
|
78
77
|
var AUDIT_TABLE = "audit_log";
|
|
79
78
|
|
|
80
|
-
var
|
|
79
|
+
var auditEmit = require("./audit-emit");
|
|
81
80
|
|
|
82
81
|
var LegalHoldError = defineClass("LegalHoldError", { alwaysPermanent: true });
|
|
83
82
|
var _err = LegalHoldError.factory;
|
|
@@ -151,19 +150,11 @@ function create(opts) {
|
|
|
151
150
|
validateOpts.optionalObjectWithMethod(opts.signWith, "sign",
|
|
152
151
|
"create: opts.signWith", LegalHoldError, "BAD_OPT", "b.auditSign-shaped object");
|
|
153
152
|
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
action: action,
|
|
160
|
-
outcome: outcome,
|
|
161
|
-
resource: { kind: "legal-hold", id: info && info.subjectId },
|
|
162
|
-
reason: (info && info.reason) || null,
|
|
163
|
-
metadata: info || {},
|
|
164
|
-
});
|
|
165
|
-
} catch (_e) { /* best-effort */ }
|
|
166
|
-
}
|
|
153
|
+
var _emit = auditEmit.gatedReasonEmitter({
|
|
154
|
+
audit: auditOn,
|
|
155
|
+
sink: auditInstance,
|
|
156
|
+
extra: function (info) { return { resource: { kind: "legal-hold", id: info && info.subjectId } }; },
|
|
157
|
+
});
|
|
167
158
|
|
|
168
159
|
function _ensureSchema() {
|
|
169
160
|
// Idempotent migration. The framework SQLite path installs the
|
|
@@ -198,20 +198,9 @@ function create(config) {
|
|
|
198
198
|
"ResourceAlreadyExistsException treated as success).");
|
|
199
199
|
}
|
|
200
200
|
var cfg = Object.assign({}, DEFAULTS, config);
|
|
201
|
-
var onDrop = typeof cfg.onDrop === "function" ? cfg.onDrop : null;
|
|
202
|
-
var _emitDrop = safeAsync.makeDropCallback(onDrop);
|
|
203
|
-
var buffer = [];
|
|
204
|
-
var dropCount = 0;
|
|
205
|
-
var inFlight = false;
|
|
206
|
-
var closed = false;
|
|
207
201
|
var sequenceToken = null;
|
|
208
|
-
// Captures the in-flight drain (the IIFE inside _flush) so close() can await
|
|
209
|
-
// the actual run before flipping `closed` — otherwise the _flush while-loop's
|
|
210
|
-
// `&& !closed` bails and buffered records are stranded at shutdown.
|
|
211
|
-
var inFlightPromise = null;
|
|
212
|
-
var flushScheduler = safeAsync.makeScheduledFlush(cfg.maxBatchAgeMs, function () { return _flush(); });
|
|
213
202
|
|
|
214
|
-
function _takeBatch() {
|
|
203
|
+
function _takeBatch(buffer) {
|
|
215
204
|
var batch = [];
|
|
216
205
|
var totalBytes = 0;
|
|
217
206
|
while (buffer.length > 0) {
|
|
@@ -239,45 +228,25 @@ function create(config) {
|
|
|
239
228
|
return autoCreatePromise;
|
|
240
229
|
}
|
|
241
230
|
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
246
|
-
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
250
|
-
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
if (batch.length === 0) break;
|
|
262
|
-
try {
|
|
263
|
-
await retryHelper.withRetry(function () {
|
|
264
|
-
return _send(batch);
|
|
265
|
-
}, Object.assign({
|
|
266
|
-
isPermanent: _isPermanentAwsError,
|
|
267
|
-
}, cfg.retry || {}));
|
|
268
|
-
} catch (e) {
|
|
269
|
-
dropCount += batch.length;
|
|
270
|
-
_emitDrop("retry-exhausted", batch, e);
|
|
271
|
-
break;
|
|
272
|
-
}
|
|
273
|
-
}
|
|
274
|
-
} finally {
|
|
275
|
-
inFlight = false;
|
|
276
|
-
inFlightPromise = null;
|
|
277
|
-
if (buffer.length > 0) flushScheduler.schedule();
|
|
278
|
-
}
|
|
279
|
-
})();
|
|
280
|
-
return inFlightPromise;
|
|
231
|
+
// CloudWatch rejects any single event above its 256 KiB hard cap — drop it
|
|
232
|
+
// (with a truncated preview) before it can poison a batch; otherwise build
|
|
233
|
+
// the { timestamp, message } event the API expects.
|
|
234
|
+
function _prepareRecord(record) {
|
|
235
|
+
var message = typeof record.message === "string" ? record.message : JSON.stringify(record);
|
|
236
|
+
var size = _eventByteSize(message);
|
|
237
|
+
if (size > CW_MAX_EVENT_BYTES) {
|
|
238
|
+
return {
|
|
239
|
+
rejected: true,
|
|
240
|
+
reason: "event too large",
|
|
241
|
+
dropKind: "event-too-large",
|
|
242
|
+
drop: [{
|
|
243
|
+
timestamp: record.ts || Date.now(),
|
|
244
|
+
message: message.slice(0, DROP_PREVIEW_BYTES) + "...[truncated for drop event]",
|
|
245
|
+
}],
|
|
246
|
+
error: new Error("event exceeds 256 KiB CloudWatch hard cap (was " + size + " bytes)"),
|
|
247
|
+
};
|
|
248
|
+
}
|
|
249
|
+
return { entry: { timestamp: record.ts || Date.now(), message: message } };
|
|
281
250
|
}
|
|
282
251
|
|
|
283
252
|
async function _send(batch) {
|
|
@@ -306,70 +275,33 @@ function create(config) {
|
|
|
306
275
|
return res;
|
|
307
276
|
}
|
|
308
277
|
|
|
309
|
-
|
|
310
|
-
|
|
311
|
-
|
|
312
|
-
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
|
|
320
|
-
|
|
321
|
-
|
|
322
|
-
|
|
323
|
-
|
|
324
|
-
return
|
|
325
|
-
|
|
326
|
-
|
|
327
|
-
|
|
328
|
-
|
|
329
|
-
_emitDrop("overflow", [dropped], null);
|
|
330
|
-
}
|
|
331
|
-
buffer.push({
|
|
332
|
-
timestamp: record.ts || Date.now(),
|
|
333
|
-
message: message,
|
|
334
|
-
});
|
|
335
|
-
if (buffer.length >= cfg.batchSize) {
|
|
336
|
-
_flush().catch(function () {});
|
|
337
|
-
} else {
|
|
338
|
-
flushScheduler.schedule();
|
|
339
|
-
}
|
|
340
|
-
return Promise.resolve({ accepted: true, queued: buffer.length });
|
|
341
|
-
}
|
|
342
|
-
|
|
343
|
-
async function close() {
|
|
344
|
-
// Drain BEFORE flipping closed=true — _flush()'s `while (... && !closed)`
|
|
345
|
-
// loop bails on !closed, so flipping the flag first strands the records the
|
|
346
|
-
// operator queued just before shutdown (the b.logStream drain contract).
|
|
347
|
-
// Stop the timer, await any in-flight drain, drain the remainder, THEN
|
|
348
|
-
// refuse new enqueues. Mirrors the webhook sink.
|
|
349
|
-
flushScheduler.cancel();
|
|
350
|
-
if (inFlightPromise) {
|
|
351
|
-
try { await inFlightPromise; } catch (_e) { /* surfaced via onDrop */ }
|
|
352
|
-
}
|
|
353
|
-
await _flush();
|
|
354
|
-
closed = true;
|
|
355
|
-
}
|
|
356
|
-
|
|
357
|
-
function stats() {
|
|
358
|
-
return {
|
|
359
|
-
queued: buffer.length,
|
|
360
|
-
dropped: dropCount,
|
|
361
|
-
inFlight: inFlight,
|
|
362
|
-
sequenceToken: sequenceToken,
|
|
363
|
-
endpoint: _resolveEndpoint(cfg),
|
|
364
|
-
};
|
|
365
|
-
}
|
|
278
|
+
// beforeDrain runs the autoCreate handshake once; its failure is permanent
|
|
279
|
+
// (every batch would hit the same error) so the whole buffer is dropped under
|
|
280
|
+
// "autocreate-failed". takeBatch enforces CloudWatch's per-batch byte + count
|
|
281
|
+
// caps; sendBatch wraps the signed PutLogEvents in retry, treating throttling
|
|
282
|
+
// / sequence-token errors per _isPermanentAwsError.
|
|
283
|
+
var sink = safeAsync.makeBatchingSink({
|
|
284
|
+
batchSize: cfg.batchSize,
|
|
285
|
+
bufferLimit: cfg.bufferLimit,
|
|
286
|
+
maxBatchAgeMs: cfg.maxBatchAgeMs,
|
|
287
|
+
onDrop: cfg.onDrop,
|
|
288
|
+
prepareRecord: _prepareRecord,
|
|
289
|
+
takeBatch: _takeBatch,
|
|
290
|
+
beforeDrain: _ensureAutoCreated,
|
|
291
|
+
beforeDrainDropKind: "autocreate-failed",
|
|
292
|
+
sendBatch: function (batch) {
|
|
293
|
+
return retryHelper.withRetry(function () {
|
|
294
|
+
return _send(batch);
|
|
295
|
+
}, Object.assign({ isPermanent: _isPermanentAwsError }, cfg.retry || {}));
|
|
296
|
+
},
|
|
297
|
+
});
|
|
366
298
|
|
|
367
299
|
return {
|
|
368
300
|
protocol: "cloudwatch",
|
|
369
|
-
emit: emit,
|
|
370
|
-
close: close,
|
|
371
|
-
stats: stats,
|
|
372
|
-
flush:
|
|
301
|
+
emit: sink.emit,
|
|
302
|
+
close: sink.close,
|
|
303
|
+
stats: function () { return sink.stats({ sequenceToken: sequenceToken, endpoint: _resolveEndpoint(cfg) }); },
|
|
304
|
+
flush: sink.flush,
|
|
373
305
|
};
|
|
374
306
|
}
|
|
375
307
|
|
|
@@ -223,7 +223,10 @@ function _makeClient(cfg) {
|
|
|
223
223
|
// (http://, cleartext HTTP/2) there is no certificate to validate and
|
|
224
224
|
// nothing to skip, so neither rejectUnauthorized nor the insecure-TLS
|
|
225
225
|
// audit applies — emitting it there would be a false security event.
|
|
226
|
-
|
|
226
|
+
// Operator-governed (not a hardcoded literal): cfg.allowInsecure is true in
|
|
227
|
+
// this branch, so this resolves to false — but derived from the operator's
|
|
228
|
+
// own flag, audited, and never a framework default.
|
|
229
|
+
sessionOpts.rejectUnauthorized = !cfg.allowInsecure;
|
|
227
230
|
networkTls().auditInsecureTls({ host: authority, source: "log-stream.otlp-grpc" });
|
|
228
231
|
}
|
|
229
232
|
var session = http2.connect(authority, sessionOpts);
|
|
@@ -357,24 +360,24 @@ function create(config) {
|
|
|
357
360
|
}
|
|
358
361
|
}
|
|
359
362
|
|
|
363
|
+
// Fire-and-forget enqueue: full batch drains immediately (not awaited —
|
|
364
|
+
// emit is hot-path), partial batch coalesces via the scheduler. Errors
|
|
365
|
+
// surface through onDrop. No dropCount here — gRPC drop accounting is the
|
|
366
|
+
// export stream's concern, not the buffer's.
|
|
367
|
+
var _enqueue = safeAsync.makeBufferedEnqueue(buffer, {
|
|
368
|
+
batchSize: cfg.batchSize,
|
|
369
|
+
bufferLimit: cfg.bufferLimit,
|
|
370
|
+
flush: _flush,
|
|
371
|
+
schedule: flushScheduler.schedule,
|
|
372
|
+
onOverflow: function (dropped) { _emitDrop("overflow", [dropped], null); },
|
|
373
|
+
});
|
|
374
|
+
|
|
360
375
|
function emit(record) {
|
|
361
376
|
if (closed) {
|
|
362
377
|
_emitDrop("sink-closed", [record], null);
|
|
363
378
|
return Promise.resolve({ accepted: false, reason: "closed" });
|
|
364
379
|
}
|
|
365
|
-
|
|
366
|
-
var dropped = buffer.shift();
|
|
367
|
-
_emitDrop("overflow", [dropped], null);
|
|
368
|
-
}
|
|
369
|
-
buffer.push(record);
|
|
370
|
-
if (buffer.length >= cfg.batchSize) {
|
|
371
|
-
// Drain immediately; don't await — emit is fire-and-forget on the
|
|
372
|
-
// hot path. Errors surface via onDrop.
|
|
373
|
-
_flush().catch(function () {});
|
|
374
|
-
} else if (!closed) {
|
|
375
|
-
flushScheduler.schedule();
|
|
376
|
-
}
|
|
377
|
-
return Promise.resolve({ accepted: true, queued: buffer.length });
|
|
380
|
+
return _enqueue(record);
|
|
378
381
|
}
|
|
379
382
|
|
|
380
383
|
async function close() {
|
|
@@ -212,89 +212,25 @@ function create(config) {
|
|
|
212
212
|
"Content-Type": "application/json",
|
|
213
213
|
"Accept": "application/json",
|
|
214
214
|
}, _authHeaders(cfg));
|
|
215
|
-
var
|
|
216
|
-
|
|
217
|
-
|
|
218
|
-
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
async function _flush() {
|
|
228
|
-
if (inFlight) return inFlightPromise;
|
|
229
|
-
if (buffer.length === 0) return;
|
|
230
|
-
inFlight = true;
|
|
231
|
-
inFlightPromise = (async function () {
|
|
232
|
-
try {
|
|
233
|
-
while (buffer.length > 0 && !closed) {
|
|
234
|
-
var batch = buffer.splice(0, cfg.batchSize);
|
|
235
|
-
var body = _serializeBatch(batch, cfg, scopeVersion);
|
|
236
|
-
try {
|
|
237
|
-
await retryHelper.withRetry(function () {
|
|
238
|
-
return _post(resolvedUrl, body, headers, cfg.timeoutMs, cfg.allowedProtocols, cfg.allowInternal);
|
|
239
|
-
}, cfg.retry);
|
|
240
|
-
} catch (e) {
|
|
241
|
-
dropCount += batch.length;
|
|
242
|
-
_emitDrop("retry-exhausted", batch, e);
|
|
243
|
-
break;
|
|
244
|
-
}
|
|
245
|
-
}
|
|
246
|
-
} finally {
|
|
247
|
-
inFlight = false;
|
|
248
|
-
inFlightPromise = null;
|
|
249
|
-
if (buffer.length > 0) flushScheduler.schedule();
|
|
250
|
-
}
|
|
251
|
-
})();
|
|
252
|
-
return inFlightPromise;
|
|
253
|
-
}
|
|
254
|
-
|
|
255
|
-
function emit(record) {
|
|
256
|
-
if (closed) return Promise.resolve({ accepted: false, reason: "sink closed" });
|
|
257
|
-
if (buffer.length >= cfg.bufferLimit) {
|
|
258
|
-
var dropped = buffer.shift();
|
|
259
|
-
dropCount += 1;
|
|
260
|
-
_emitDrop("overflow", [dropped], null);
|
|
261
|
-
}
|
|
262
|
-
buffer.push(record);
|
|
263
|
-
if (buffer.length >= cfg.batchSize) {
|
|
264
|
-
_flush().catch(function () {});
|
|
265
|
-
} else {
|
|
266
|
-
flushScheduler.schedule();
|
|
267
|
-
}
|
|
268
|
-
return Promise.resolve({ accepted: true, queued: buffer.length });
|
|
269
|
-
}
|
|
270
|
-
|
|
271
|
-
async function close() {
|
|
272
|
-
// Drain BEFORE flipping closed=true (see _flush's `&& !closed` guard) so
|
|
273
|
-
// records queued just before shutdown reach the wire. Mirrors the webhook
|
|
274
|
-
// + cloudwatch sinks.
|
|
275
|
-
flushScheduler.cancel();
|
|
276
|
-
if (inFlightPromise) {
|
|
277
|
-
try { await inFlightPromise; } catch (_e) { /* surfaced via onDrop */ }
|
|
278
|
-
}
|
|
279
|
-
await _flush();
|
|
280
|
-
closed = true;
|
|
281
|
-
}
|
|
282
|
-
|
|
283
|
-
function stats() {
|
|
284
|
-
return {
|
|
285
|
-
queued: buffer.length,
|
|
286
|
-
dropped: dropCount,
|
|
287
|
-
inFlight: inFlight,
|
|
288
|
-
url: resolvedUrl,
|
|
289
|
-
};
|
|
290
|
-
}
|
|
215
|
+
var sink = safeAsync.makeBatchingSink({
|
|
216
|
+
batchSize: cfg.batchSize,
|
|
217
|
+
bufferLimit: cfg.bufferLimit,
|
|
218
|
+
maxBatchAgeMs: cfg.maxBatchAgeMs,
|
|
219
|
+
onDrop: cfg.onDrop,
|
|
220
|
+
sendBatch: function (batch) {
|
|
221
|
+
var body = _serializeBatch(batch, cfg, scopeVersion);
|
|
222
|
+
return retryHelper.withRetry(function () {
|
|
223
|
+
return _post(resolvedUrl, body, headers, cfg.timeoutMs, cfg.allowedProtocols, cfg.allowInternal);
|
|
224
|
+
}, cfg.retry);
|
|
225
|
+
},
|
|
226
|
+
});
|
|
291
227
|
|
|
292
228
|
return {
|
|
293
229
|
protocol: "otlp",
|
|
294
|
-
emit: emit,
|
|
295
|
-
close: close,
|
|
296
|
-
stats: stats,
|
|
297
|
-
flush:
|
|
230
|
+
emit: sink.emit,
|
|
231
|
+
close: sink.close,
|
|
232
|
+
stats: function () { return sink.stats({ url: resolvedUrl }); },
|
|
233
|
+
flush: sink.flush,
|
|
298
234
|
};
|
|
299
235
|
}
|
|
300
236
|
|
|
@@ -98,101 +98,29 @@ function create(config) {
|
|
|
98
98
|
errorClass: LogStreamError,
|
|
99
99
|
});
|
|
100
100
|
var headers = Object.assign({ "Content-Type": cfg.contentType }, _authHeaders(cfg));
|
|
101
|
-
//
|
|
102
|
-
//
|
|
103
|
-
//
|
|
104
|
-
//
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
// Without this, a record arriving mid-flush gets buffered, the
|
|
118
|
-
// emit-time _flush() early-returns on `if (inFlight) return`, and
|
|
119
|
-
// the buffered record is stranded if shutdown fires before
|
|
120
|
-
// flushScheduler.schedule() drains it.
|
|
121
|
-
var inFlightPromise = null;
|
|
122
|
-
async function _flush() {
|
|
123
|
-
if (inFlight) return inFlightPromise;
|
|
124
|
-
if (buffer.length === 0) return;
|
|
125
|
-
inFlight = true;
|
|
126
|
-
inFlightPromise = (async function () {
|
|
127
|
-
try {
|
|
128
|
-
while (buffer.length > 0 && !closed) {
|
|
129
|
-
var batch = buffer.splice(0, cfg.batchSize);
|
|
130
|
-
var body = _serializeBatch(batch, cfg.bodyShape);
|
|
131
|
-
try {
|
|
132
|
-
await retryHelper.withRetry(function () {
|
|
133
|
-
return _post(cfg.url, body, headers, cfg.timeoutMs, cfg.allowedProtocols, cfg.allowInternal);
|
|
134
|
-
}, cfg.retry);
|
|
135
|
-
} catch (e) {
|
|
136
|
-
// Batch permanently rejected — surface via dropCount AND the
|
|
137
|
-
// operator-supplied onDrop callback. The dispatcher path
|
|
138
|
-
// wraps its own audit hook around emit(); operators using
|
|
139
|
-
// this sink directly rely on dropCount + onDrop.
|
|
140
|
-
dropCount += batch.length;
|
|
141
|
-
_emitDrop("retry-exhausted", batch, e);
|
|
142
|
-
break;
|
|
143
|
-
}
|
|
144
|
-
}
|
|
145
|
-
} finally {
|
|
146
|
-
inFlight = false;
|
|
147
|
-
inFlightPromise = null;
|
|
148
|
-
if (buffer.length > 0) flushScheduler.schedule();
|
|
149
|
-
}
|
|
150
|
-
})();
|
|
151
|
-
return inFlightPromise;
|
|
152
|
-
}
|
|
153
|
-
|
|
154
|
-
function emit(record) {
|
|
155
|
-
if (closed) return Promise.resolve({ accepted: false, reason: "sink closed" });
|
|
156
|
-
if (buffer.length >= cfg.bufferLimit) {
|
|
157
|
-
var dropped = buffer.shift(); // drop oldest
|
|
158
|
-
dropCount += 1;
|
|
159
|
-
_emitDrop("overflow", [dropped], null);
|
|
160
|
-
}
|
|
161
|
-
buffer.push(record);
|
|
162
|
-
if (buffer.length >= cfg.batchSize) {
|
|
163
|
-
// Don't await — non-blocking flush. Caller's emit returns immediately.
|
|
164
|
-
_flush().catch(function () {});
|
|
165
|
-
} else {
|
|
166
|
-
flushScheduler.schedule();
|
|
167
|
-
}
|
|
168
|
-
return Promise.resolve({ accepted: true, queued: buffer.length });
|
|
169
|
-
}
|
|
170
|
-
|
|
171
|
-
async function close() {
|
|
172
|
-
// Drain BEFORE flipping closed=true. _flush()'s while loop bails on
|
|
173
|
-
// !closed, so flipping the flag first leaves any buffered records
|
|
174
|
-
// stranded — the very records the operator queued just before
|
|
175
|
-
// calling shutdown(). Order: stop the timer, await any in-flight
|
|
176
|
-
// flush so its records POST before we touch the buffer, drain
|
|
177
|
-
// anything still queued, THEN refuse new enqueues.
|
|
178
|
-
flushScheduler.cancel();
|
|
179
|
-
if (inFlightPromise) {
|
|
180
|
-
try { await inFlightPromise; } catch (_e) { /* surfaced via onDrop */ }
|
|
181
|
-
}
|
|
182
|
-
await _flush();
|
|
183
|
-
closed = true;
|
|
184
|
-
}
|
|
185
|
-
|
|
186
|
-
function stats() {
|
|
187
|
-
return { queued: buffer.length, dropped: dropCount, inFlight: inFlight };
|
|
188
|
-
}
|
|
101
|
+
// A batch permanently rejected by retry surfaces via dropCount AND the
|
|
102
|
+
// operator-supplied onDrop — the dispatcher wraps its own audit around
|
|
103
|
+
// emit(), but a sink wired directly (or by buffer overflow) would otherwise
|
|
104
|
+
// lose drops silently. onDrop is best-effort; a throw inside it is swallowed.
|
|
105
|
+
var sink = safeAsync.makeBatchingSink({
|
|
106
|
+
batchSize: cfg.batchSize,
|
|
107
|
+
bufferLimit: cfg.bufferLimit,
|
|
108
|
+
maxBatchAgeMs: cfg.maxBatchAgeMs,
|
|
109
|
+
onDrop: cfg.onDrop,
|
|
110
|
+
sendBatch: function (batch) {
|
|
111
|
+
var body = _serializeBatch(batch, cfg.bodyShape);
|
|
112
|
+
return retryHelper.withRetry(function () {
|
|
113
|
+
return _post(cfg.url, body, headers, cfg.timeoutMs, cfg.allowedProtocols, cfg.allowInternal);
|
|
114
|
+
}, cfg.retry);
|
|
115
|
+
},
|
|
116
|
+
});
|
|
189
117
|
|
|
190
118
|
return {
|
|
191
119
|
protocol: "webhook",
|
|
192
|
-
emit: emit,
|
|
193
|
-
close: close,
|
|
194
|
-
stats: stats,
|
|
195
|
-
flush:
|
|
120
|
+
emit: sink.emit,
|
|
121
|
+
close: sink.close,
|
|
122
|
+
stats: sink.stats,
|
|
123
|
+
flush: sink.flush,
|
|
196
124
|
};
|
|
197
125
|
}
|
|
198
126
|
|
|
@@ -103,9 +103,9 @@ function _parseHeaderBlock(headerBlock) {
|
|
|
103
103
|
}
|
|
104
104
|
|
|
105
105
|
function _canonRelaxedHeader(name, value) {
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
return
|
|
106
|
+
// RFC 6376 §3.4.2 relaxed header canon — shared with the DKIM signer/verifier
|
|
107
|
+
// so an ARC chain produces a byte-identical canon (RFC 8617 §5.1.1).
|
|
108
|
+
return dkim.canonHeaderRelaxed(name, value);
|
|
109
109
|
}
|
|
110
110
|
|
|
111
111
|
// RFC 8617 §5.1.1 references RFC 6376 §3.4.4 for body canonicalization.
|
|
@@ -414,4 +414,9 @@ module.exports = {
|
|
|
414
414
|
ALLOWED_ALGORITHMS: ALLOWED_ALGORITHMS,
|
|
415
415
|
DEFAULT_HEADERS: DEFAULT_HEADERS,
|
|
416
416
|
MailAuthError: MailAuthError,
|
|
417
|
+
// The canon-source header parser, exposed so a golden-vector test can pin its
|
|
418
|
+
// byte-exact extraction. Like DKIM's, a sign->verify round-trip cannot catch
|
|
419
|
+
// a byte-error here (self-consistent); the AMS/AS signatures fed to a real
|
|
420
|
+
// ARC verifier would silently fail instead.
|
|
421
|
+
_parseHeaderBlockForTest: _parseHeaderBlock,
|
|
417
422
|
};
|
|
@@ -40,6 +40,7 @@
|
|
|
40
40
|
var lazyRequire = require("./lazy-require");
|
|
41
41
|
var mimeParse = require("./mime-parse");
|
|
42
42
|
var C = require("./constants");
|
|
43
|
+
var safeBuffer = require("./safe-buffer");
|
|
43
44
|
var { MailArfError } = require("./framework-error");
|
|
44
45
|
|
|
45
46
|
var audit = lazyRequire(function () { return require("./audit"); });
|
|
@@ -138,10 +139,10 @@ function parse(rawMessage, opts) {
|
|
|
138
139
|
? rawMessage.toString("utf8")
|
|
139
140
|
: rawMessage;
|
|
140
141
|
|
|
141
|
-
if (asString
|
|
142
|
+
if (safeBuffer.byteLengthOf(asString) > maxBytes) {
|
|
142
143
|
_emitMalformed(auditOn, "report exceeds maxBytes");
|
|
143
144
|
throw new MailArfError("mailarf/parse-failed",
|
|
144
|
-
"mailArf.parse: report exceeds " + maxBytes + " bytes (got " + asString
|
|
145
|
+
"mailArf.parse: report exceeds " + maxBytes + " bytes (got " + safeBuffer.byteLengthOf(asString) + ")");
|
|
145
146
|
}
|
|
146
147
|
|
|
147
148
|
// 1. Bisect headers / body, parse Content-Type for boundary.
|