@blamejs/blamejs-shop 0.4.55 → 0.4.57
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +4 -0
- package/lib/admin.js +385 -2
- package/lib/asset-manifest.json +1 -1
- package/lib/vendor/MANIFEST.json +426 -366
- package/lib/vendor/blamejs/.github/codeql/codeql-config.yml +25 -0
- package/lib/vendor/blamejs/.github/workflows/actions-lint.yml +3 -3
- package/lib/vendor/blamejs/.github/workflows/cflite_batch.yml +1 -1
- package/lib/vendor/blamejs/.github/workflows/cflite_pr.yml +1 -1
- package/lib/vendor/blamejs/.github/workflows/ci.yml +13 -13
- package/lib/vendor/blamejs/.github/workflows/codeql.yml +8 -7
- package/lib/vendor/blamejs/.github/workflows/npm-publish.yml +2 -2
- package/lib/vendor/blamejs/.github/workflows/release-container.yml +4 -4
- package/lib/vendor/blamejs/.github/workflows/scorecard.yml +1 -1
- package/lib/vendor/blamejs/.github/workflows/sha-to-tag-verify.yml +1 -1
- package/lib/vendor/blamejs/CHANGELOG.md +2 -0
- package/lib/vendor/blamejs/api-snapshot.json +1381 -4
- package/lib/vendor/blamejs/eslint.config.mjs +1 -0
- package/lib/vendor/blamejs/examples/wiki/lib/source-comment-block-validator.js +4 -1
- package/lib/vendor/blamejs/examples/wiki/lib/symbol-index.js +5 -2
- package/lib/vendor/blamejs/examples/wiki/routes/pages.js +4 -1
- package/lib/vendor/blamejs/fuzz/guard-text.fuzz.js +20 -0
- package/lib/vendor/blamejs/index.js +2 -0
- package/lib/vendor/blamejs/lib/a2a-tasks.js +7 -23
- package/lib/vendor/blamejs/lib/acme.js +6 -5
- package/lib/vendor/blamejs/lib/agent-event-bus.js +5 -4
- package/lib/vendor/blamejs/lib/agent-idempotency.js +2 -5
- package/lib/vendor/blamejs/lib/agent-orchestrator.js +2 -5
- package/lib/vendor/blamejs/lib/agent-saga.js +3 -5
- package/lib/vendor/blamejs/lib/agent-tenant.js +2 -5
- package/lib/vendor/blamejs/lib/ai-adverse-decision.js +2 -15
- package/lib/vendor/blamejs/lib/ai-capability.js +1 -6
- package/lib/vendor/blamejs/lib/ai-dp.js +1 -5
- package/lib/vendor/blamejs/lib/ai-input.js +2 -2
- package/lib/vendor/blamejs/lib/ai-pref.js +3 -8
- package/lib/vendor/blamejs/lib/ai-quota.js +3 -14
- package/lib/vendor/blamejs/lib/api-key.js +37 -28
- package/lib/vendor/blamejs/lib/archive-adapters.js +2 -4
- package/lib/vendor/blamejs/lib/archive-entry-policy.js +32 -0
- package/lib/vendor/blamejs/lib/archive-read.js +5 -17
- package/lib/vendor/blamejs/lib/archive-tar-read.js +5 -16
- package/lib/vendor/blamejs/lib/archive.js +2 -10
- package/lib/vendor/blamejs/lib/arg-parser.js +7 -6
- package/lib/vendor/blamejs/lib/asyncapi-traits.js +2 -6
- package/lib/vendor/blamejs/lib/atomic-file.js +108 -31
- package/lib/vendor/blamejs/lib/audit-chain.js +133 -53
- package/lib/vendor/blamejs/lib/audit-daily-review.js +24 -14
- package/lib/vendor/blamejs/lib/audit-emit.js +82 -0
- package/lib/vendor/blamejs/lib/audit-sign.js +257 -0
- package/lib/vendor/blamejs/lib/audit.js +84 -0
- package/lib/vendor/blamejs/lib/auth/access-lock.js +5 -27
- package/lib/vendor/blamejs/lib/auth/dpop.js +23 -35
- package/lib/vendor/blamejs/lib/auth/fido-mds3.js +9 -15
- package/lib/vendor/blamejs/lib/auth/jwt-external.js +26 -8
- package/lib/vendor/blamejs/lib/auth/jwt.js +13 -15
- package/lib/vendor/blamejs/lib/auth/lockout.js +6 -25
- package/lib/vendor/blamejs/lib/auth/oauth.js +67 -45
- package/lib/vendor/blamejs/lib/auth/oid4vci.js +55 -32
- package/lib/vendor/blamejs/lib/auth/oid4vp.js +3 -2
- package/lib/vendor/blamejs/lib/auth/openid-federation.js +6 -6
- package/lib/vendor/blamejs/lib/auth/passkey.js +3 -3
- package/lib/vendor/blamejs/lib/auth/password.js +7 -1
- package/lib/vendor/blamejs/lib/auth/saml.js +37 -27
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-holder.js +2 -14
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-issuer.js +2 -14
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc.js +1 -1
- package/lib/vendor/blamejs/lib/auth/status-list.js +7 -7
- package/lib/vendor/blamejs/lib/auth/step-up.js +6 -12
- package/lib/vendor/blamejs/lib/auth-bot-challenge.js +6 -37
- package/lib/vendor/blamejs/lib/backup/bundle.js +11 -18
- package/lib/vendor/blamejs/lib/backup/index.js +14 -47
- package/lib/vendor/blamejs/lib/bounded-map.js +112 -1
- package/lib/vendor/blamejs/lib/breach-deadline.js +1 -11
- package/lib/vendor/blamejs/lib/cache.js +7 -18
- package/lib/vendor/blamejs/lib/cbor.js +2 -1
- package/lib/vendor/blamejs/lib/cdn-cache-control.js +8 -9
- package/lib/vendor/blamejs/lib/cert.js +3 -10
- package/lib/vendor/blamejs/lib/chain-writer.js +162 -47
- package/lib/vendor/blamejs/lib/cli.js +5 -1
- package/lib/vendor/blamejs/lib/client-hints.js +7 -9
- package/lib/vendor/blamejs/lib/cloud-events.js +40 -31
- package/lib/vendor/blamejs/lib/cluster-storage.js +2 -38
- package/lib/vendor/blamejs/lib/cms-codec.js +2 -1
- package/lib/vendor/blamejs/lib/codepoint-class.js +67 -1
- package/lib/vendor/blamejs/lib/compliance-ai-act-logging.js +1 -6
- package/lib/vendor/blamejs/lib/compliance-ai-act-transparency.js +2 -4
- package/lib/vendor/blamejs/lib/compliance-eaa.js +1 -11
- package/lib/vendor/blamejs/lib/compliance-sanctions-fetcher.js +21 -28
- package/lib/vendor/blamejs/lib/compliance-sanctions.js +2 -14
- package/lib/vendor/blamejs/lib/compliance.js +2 -9
- package/lib/vendor/blamejs/lib/config-drift.js +2 -12
- package/lib/vendor/blamejs/lib/content-digest.js +10 -8
- package/lib/vendor/blamejs/lib/cookies.js +5 -11
- package/lib/vendor/blamejs/lib/cose.js +19 -11
- package/lib/vendor/blamejs/lib/cra-report.js +1 -11
- package/lib/vendor/blamejs/lib/crypto-field.js +5 -10
- package/lib/vendor/blamejs/lib/crypto.js +120 -3
- package/lib/vendor/blamejs/lib/csp.js +235 -3
- package/lib/vendor/blamejs/lib/daemon.js +42 -41
- package/lib/vendor/blamejs/lib/data-act.js +19 -9
- package/lib/vendor/blamejs/lib/db-query.js +6 -40
- package/lib/vendor/blamejs/lib/db.js +34 -12
- package/lib/vendor/blamejs/lib/dbsc.js +5 -6
- package/lib/vendor/blamejs/lib/ddl-change-control.js +18 -14
- package/lib/vendor/blamejs/lib/deprecate.js +4 -5
- package/lib/vendor/blamejs/lib/did.js +6 -2
- package/lib/vendor/blamejs/lib/dsr.js +8 -12
- package/lib/vendor/blamejs/lib/external-db-migrate.js +21 -22
- package/lib/vendor/blamejs/lib/external-db.js +14 -26
- package/lib/vendor/blamejs/lib/fda-21cfr11.js +12 -8
- package/lib/vendor/blamejs/lib/fdx.js +22 -18
- package/lib/vendor/blamejs/lib/file-upload.js +80 -66
- package/lib/vendor/blamejs/lib/flag-evaluation-context.js +5 -8
- package/lib/vendor/blamejs/lib/framework-error.js +12 -0
- package/lib/vendor/blamejs/lib/framework-schema.js +19 -0
- package/lib/vendor/blamejs/lib/fsm.js +7 -12
- package/lib/vendor/blamejs/lib/gate-contract.js +869 -38
- package/lib/vendor/blamejs/lib/gdpr-ropa.js +4 -13
- package/lib/vendor/blamejs/lib/graphql-federation.js +1 -1
- package/lib/vendor/blamejs/lib/guard-agent-registry.js +2 -1
- package/lib/vendor/blamejs/lib/guard-all.js +1 -0
- package/lib/vendor/blamejs/lib/guard-archive.js +9 -30
- package/lib/vendor/blamejs/lib/guard-auth.js +23 -80
- package/lib/vendor/blamejs/lib/guard-cidr.js +20 -96
- package/lib/vendor/blamejs/lib/guard-csv.js +135 -196
- package/lib/vendor/blamejs/lib/guard-domain.js +23 -106
- package/lib/vendor/blamejs/lib/guard-dsn.js +16 -13
- package/lib/vendor/blamejs/lib/guard-email.js +46 -53
- package/lib/vendor/blamejs/lib/guard-envelope.js +1 -1
- package/lib/vendor/blamejs/lib/guard-event-bus-topic.js +2 -1
- package/lib/vendor/blamejs/lib/guard-filename.js +12 -60
- package/lib/vendor/blamejs/lib/guard-graphql.js +28 -75
- package/lib/vendor/blamejs/lib/guard-html-wcag.js +15 -2
- package/lib/vendor/blamejs/lib/guard-html.js +65 -117
- package/lib/vendor/blamejs/lib/guard-idempotency-key.js +2 -1
- package/lib/vendor/blamejs/lib/guard-image.js +280 -77
- package/lib/vendor/blamejs/lib/guard-imap-command.js +8 -9
- package/lib/vendor/blamejs/lib/guard-json.js +87 -103
- package/lib/vendor/blamejs/lib/guard-jsonpath.js +20 -88
- package/lib/vendor/blamejs/lib/guard-jwt.js +32 -114
- package/lib/vendor/blamejs/lib/guard-list-id.js +2 -7
- package/lib/vendor/blamejs/lib/guard-list-unsubscribe.js +2 -7
- package/lib/vendor/blamejs/lib/guard-mail-compose.js +5 -6
- package/lib/vendor/blamejs/lib/guard-mail-move.js +2 -1
- package/lib/vendor/blamejs/lib/guard-mail-query.js +5 -3
- package/lib/vendor/blamejs/lib/guard-mail-sieve.js +6 -7
- package/lib/vendor/blamejs/lib/guard-managesieve-command.js +5 -4
- package/lib/vendor/blamejs/lib/guard-markdown.js +76 -110
- package/lib/vendor/blamejs/lib/guard-message-id.js +5 -6
- package/lib/vendor/blamejs/lib/guard-mime.js +20 -99
- package/lib/vendor/blamejs/lib/guard-oauth.js +19 -73
- package/lib/vendor/blamejs/lib/guard-pdf.js +65 -72
- package/lib/vendor/blamejs/lib/guard-pop3-command.js +12 -13
- package/lib/vendor/blamejs/lib/guard-posture-chain.js +2 -1
- package/lib/vendor/blamejs/lib/guard-regex.js +24 -99
- package/lib/vendor/blamejs/lib/guard-saga-config.js +2 -1
- package/lib/vendor/blamejs/lib/guard-shell.js +22 -87
- package/lib/vendor/blamejs/lib/guard-smtp-command.js +8 -11
- package/lib/vendor/blamejs/lib/guard-sql.js +15 -13
- package/lib/vendor/blamejs/lib/guard-stream-args.js +2 -1
- package/lib/vendor/blamejs/lib/guard-svg.js +95 -140
- package/lib/vendor/blamejs/lib/guard-template.js +23 -80
- package/lib/vendor/blamejs/lib/guard-tenant-id.js +2 -1
- package/lib/vendor/blamejs/lib/guard-text.js +592 -0
- package/lib/vendor/blamejs/lib/guard-time.js +27 -95
- package/lib/vendor/blamejs/lib/guard-uuid.js +21 -93
- package/lib/vendor/blamejs/lib/guard-xml.js +76 -106
- package/lib/vendor/blamejs/lib/guard-yaml.js +24 -60
- package/lib/vendor/blamejs/lib/http-client-cache.js +5 -12
- package/lib/vendor/blamejs/lib/http-client-cookie-jar.js +2 -4
- package/lib/vendor/blamejs/lib/http-client.js +8 -21
- package/lib/vendor/blamejs/lib/http-message-signature.js +3 -2
- package/lib/vendor/blamejs/lib/i18n-messageformat.js +5 -7
- package/lib/vendor/blamejs/lib/i18n.js +83 -26
- package/lib/vendor/blamejs/lib/inbox.js +8 -8
- package/lib/vendor/blamejs/lib/incident-report.js +3 -21
- package/lib/vendor/blamejs/lib/ip-utils.js +49 -6
- package/lib/vendor/blamejs/lib/jobs.js +3 -2
- package/lib/vendor/blamejs/lib/keychain.js +6 -18
- package/lib/vendor/blamejs/lib/legal-hold.js +6 -15
- package/lib/vendor/blamejs/lib/log-stream-cloudwatch.js +44 -112
- package/lib/vendor/blamejs/lib/log-stream-otlp-grpc.js +17 -14
- package/lib/vendor/blamejs/lib/log-stream-otlp.js +16 -80
- package/lib/vendor/blamejs/lib/log-stream-webhook.js +20 -92
- package/lib/vendor/blamejs/lib/mail-arc-sign.js +8 -3
- package/lib/vendor/blamejs/lib/mail-arf.js +3 -2
- package/lib/vendor/blamejs/lib/mail-auth.js +40 -66
- package/lib/vendor/blamejs/lib/mail-bimi.js +19 -39
- package/lib/vendor/blamejs/lib/mail-crypto-pgp.js +3 -2
- package/lib/vendor/blamejs/lib/mail-dav.js +8 -35
- package/lib/vendor/blamejs/lib/mail-deploy.js +6 -9
- package/lib/vendor/blamejs/lib/mail-dkim.js +19 -38
- package/lib/vendor/blamejs/lib/mail-greylist.js +15 -26
- package/lib/vendor/blamejs/lib/mail-helo.js +2 -3
- package/lib/vendor/blamejs/lib/mail-journal.js +2 -1
- package/lib/vendor/blamejs/lib/mail-mdn.js +4 -3
- package/lib/vendor/blamejs/lib/mail-rbl.js +5 -8
- package/lib/vendor/blamejs/lib/mail-scan.js +2 -2
- package/lib/vendor/blamejs/lib/mail-send-deliver.js +33 -20
- package/lib/vendor/blamejs/lib/mail-server-imap.js +32 -87
- package/lib/vendor/blamejs/lib/mail-server-jmap.js +35 -51
- package/lib/vendor/blamejs/lib/mail-server-managesieve.js +29 -83
- package/lib/vendor/blamejs/lib/mail-server-mx.js +33 -74
- package/lib/vendor/blamejs/lib/mail-server-net.js +177 -0
- package/lib/vendor/blamejs/lib/mail-server-pop3.js +30 -83
- package/lib/vendor/blamejs/lib/mail-server-rate-limit.js +30 -6
- package/lib/vendor/blamejs/lib/mail-server-submission.js +34 -73
- package/lib/vendor/blamejs/lib/mail-server-tls.js +89 -0
- package/lib/vendor/blamejs/lib/mail-spam-score.js +7 -8
- package/lib/vendor/blamejs/lib/mail-store.js +3 -2
- package/lib/vendor/blamejs/lib/mail.js +6 -11
- package/lib/vendor/blamejs/lib/markup-escape.js +31 -0
- package/lib/vendor/blamejs/lib/markup-tokenizer.js +54 -0
- package/lib/vendor/blamejs/lib/mcp-tool-registry.js +26 -23
- package/lib/vendor/blamejs/lib/mcp.js +1 -1
- package/lib/vendor/blamejs/lib/mdoc.js +11 -12
- package/lib/vendor/blamejs/lib/metrics.js +32 -30
- package/lib/vendor/blamejs/lib/middleware/age-gate.js +3 -23
- package/lib/vendor/blamejs/lib/middleware/api-encrypt.js +11 -22
- package/lib/vendor/blamejs/lib/middleware/assetlinks.js +2 -7
- package/lib/vendor/blamejs/lib/middleware/bearer-auth.js +2 -1
- package/lib/vendor/blamejs/lib/middleware/body-parser.js +31 -48
- package/lib/vendor/blamejs/lib/middleware/bot-disclose.js +7 -10
- package/lib/vendor/blamejs/lib/middleware/bot-guard.js +2 -10
- package/lib/vendor/blamejs/lib/middleware/csrf-protect.js +13 -2
- package/lib/vendor/blamejs/lib/middleware/daily-byte-quota.js +6 -26
- package/lib/vendor/blamejs/lib/middleware/deny-response.js +19 -1
- package/lib/vendor/blamejs/lib/middleware/fetch-metadata.js +7 -0
- package/lib/vendor/blamejs/lib/middleware/idempotency-key.js +4 -20
- package/lib/vendor/blamejs/lib/middleware/rate-limit.js +20 -28
- package/lib/vendor/blamejs/lib/middleware/scim-server.js +3 -2
- package/lib/vendor/blamejs/lib/middleware/security-headers.js +9 -1
- package/lib/vendor/blamejs/lib/middleware/security-txt.js +2 -6
- package/lib/vendor/blamejs/lib/middleware/tus-upload.js +12 -27
- package/lib/vendor/blamejs/lib/middleware/web-app-manifest.js +2 -7
- package/lib/vendor/blamejs/lib/migrations.js +4 -13
- package/lib/vendor/blamejs/lib/mime-parse.js +34 -17
- package/lib/vendor/blamejs/lib/module-loader.js +44 -0
- package/lib/vendor/blamejs/lib/money.js +105 -0
- package/lib/vendor/blamejs/lib/mtls-ca.js +116 -36
- package/lib/vendor/blamejs/lib/network-byte-quota.js +4 -18
- package/lib/vendor/blamejs/lib/network-dane.js +8 -6
- package/lib/vendor/blamejs/lib/network-dns-resolver.js +97 -6
- package/lib/vendor/blamejs/lib/network-dnssec.js +16 -16
- package/lib/vendor/blamejs/lib/network-heartbeat.js +3 -2
- package/lib/vendor/blamejs/lib/network-smtp-policy.js +29 -41
- package/lib/vendor/blamejs/lib/network-tls.js +40 -42
- package/lib/vendor/blamejs/lib/nis2-report.js +1 -11
- package/lib/vendor/blamejs/lib/nonce-store.js +81 -3
- package/lib/vendor/blamejs/lib/numeric-bounds.js +22 -8
- package/lib/vendor/blamejs/lib/object-store/azure-blob-bucket-ops.js +2 -6
- package/lib/vendor/blamejs/lib/object-store/azure-blob.js +5 -45
- package/lib/vendor/blamejs/lib/object-store/gcs.js +8 -71
- package/lib/vendor/blamejs/lib/object-store/http-put.js +1 -5
- package/lib/vendor/blamejs/lib/object-store/http-request.js +128 -0
- package/lib/vendor/blamejs/lib/object-store/sigv4-bucket-ops.js +2 -1
- package/lib/vendor/blamejs/lib/object-store/sigv4.js +9 -77
- package/lib/vendor/blamejs/lib/observability-otlp-exporter.js +9 -25
- package/lib/vendor/blamejs/lib/observability.js +95 -0
- package/lib/vendor/blamejs/lib/openapi-paths-builder.js +7 -3
- package/lib/vendor/blamejs/lib/otel-export.js +7 -10
- package/lib/vendor/blamejs/lib/outbox.js +43 -37
- package/lib/vendor/blamejs/lib/pagination.js +11 -15
- package/lib/vendor/blamejs/lib/parsers/safe-env.js +5 -4
- package/lib/vendor/blamejs/lib/parsers/safe-ini.js +10 -4
- package/lib/vendor/blamejs/lib/parsers/safe-toml.js +11 -9
- package/lib/vendor/blamejs/lib/parsers/safe-xml.js +2 -2
- package/lib/vendor/blamejs/lib/parsers/safe-yaml.js +7 -6
- package/lib/vendor/blamejs/lib/pick.js +63 -5
- package/lib/vendor/blamejs/lib/pipl-cn.js +69 -59
- package/lib/vendor/blamejs/lib/privacy-pass.js +8 -6
- package/lib/vendor/blamejs/lib/problem-details.js +2 -5
- package/lib/vendor/blamejs/lib/pubsub.js +4 -8
- package/lib/vendor/blamejs/lib/redact.js +2 -1
- package/lib/vendor/blamejs/lib/render.js +4 -2
- package/lib/vendor/blamejs/lib/request-helpers.js +133 -6
- package/lib/vendor/blamejs/lib/restore.js +5 -22
- package/lib/vendor/blamejs/lib/retention.js +3 -5
- package/lib/vendor/blamejs/lib/safe-async.js +457 -0
- package/lib/vendor/blamejs/lib/safe-buffer.js +137 -6
- package/lib/vendor/blamejs/lib/safe-decompress.js +2 -1
- package/lib/vendor/blamejs/lib/safe-dns.js +2 -1
- package/lib/vendor/blamejs/lib/safe-ical.js +12 -26
- package/lib/vendor/blamejs/lib/safe-json.js +7 -8
- package/lib/vendor/blamejs/lib/safe-jsonpath.js +6 -5
- package/lib/vendor/blamejs/lib/safe-mime.js +25 -29
- package/lib/vendor/blamejs/lib/safe-redirect.js +2 -5
- package/lib/vendor/blamejs/lib/safe-schema.js +7 -6
- package/lib/vendor/blamejs/lib/safe-sql.js +126 -0
- package/lib/vendor/blamejs/lib/safe-vcard.js +12 -26
- package/lib/vendor/blamejs/lib/sandbox-worker.js +9 -2
- package/lib/vendor/blamejs/lib/sandbox.js +3 -2
- package/lib/vendor/blamejs/lib/scheduler.js +5 -12
- package/lib/vendor/blamejs/lib/sec-cyber.js +82 -37
- package/lib/vendor/blamejs/lib/seeders.js +4 -11
- package/lib/vendor/blamejs/lib/self-update.js +92 -69
- package/lib/vendor/blamejs/lib/session-device-binding.js +112 -66
- package/lib/vendor/blamejs/lib/session.js +194 -6
- package/lib/vendor/blamejs/lib/sql.js +225 -78
- package/lib/vendor/blamejs/lib/sse.js +6 -10
- package/lib/vendor/blamejs/lib/static.js +136 -98
- package/lib/vendor/blamejs/lib/storage.js +4 -2
- package/lib/vendor/blamejs/lib/structured-fields.js +275 -16
- package/lib/vendor/blamejs/lib/tenant-quota.js +2 -20
- package/lib/vendor/blamejs/lib/tsa.js +11 -15
- package/lib/vendor/blamejs/lib/validate-opts.js +154 -8
- package/lib/vendor/blamejs/lib/vault/seal-pem-file.js +30 -48
- package/lib/vendor/blamejs/lib/vault-aad.js +3 -2
- package/lib/vendor/blamejs/lib/vc.js +2 -7
- package/lib/vendor/blamejs/lib/vex.js +35 -13
- package/lib/vendor/blamejs/lib/web-push-vapid.js +23 -20
- package/lib/vendor/blamejs/lib/webhook-dispatcher.js +706 -0
- package/lib/vendor/blamejs/lib/webhook.js +43 -18
- package/lib/vendor/blamejs/lib/websocket-channels.js +9 -7
- package/lib/vendor/blamejs/lib/websocket.js +7 -3
- package/lib/vendor/blamejs/lib/worm.js +2 -3
- package/lib/vendor/blamejs/lib/ws-client.js +8 -10
- package/lib/vendor/blamejs/package.json +1 -1
- package/lib/vendor/blamejs/release-notes/v0.15.13.json +81 -0
- package/lib/vendor/blamejs/scripts/check-changelog-extract.js +1 -1
- package/lib/vendor/blamejs/test/00-primitives.js +136 -7
- package/lib/vendor/blamejs/test/10-state.js +9 -3
- package/lib/vendor/blamejs/test/30-chain.js +40 -0
- package/lib/vendor/blamejs/test/helpers/check.js +18 -0
- package/lib/vendor/blamejs/test/helpers/db.js +4 -0
- package/lib/vendor/blamejs/test/helpers/index.js +1 -0
- package/lib/vendor/blamejs/test/integration/audit-chain-external-db.test.js +2 -1
- package/lib/vendor/blamejs/test/integration/audit-stack-postgres.test.js +2 -1
- package/lib/vendor/blamejs/test/integration/data-layer-mysql.test.js +8 -1
- package/lib/vendor/blamejs/test/integration/data-layer-pg.test.js +1 -1
- package/lib/vendor/blamejs/test/integration/framework-schema-mysql.test.js +2 -1
- package/lib/vendor/blamejs/test/integration/webhook-dispatcher-pg.test.js +269 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/atomic-file-fd-read.test.js +149 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-framework-namespaces.test.js +51 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-sign-anchor.test.js +88 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-use-store.test.js +55 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/backup-object-store-adapter.test.js +2 -2
- package/lib/vendor/blamejs/test/layer-0-primitives/bot-guard.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/bounded-map.test.js +129 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/chain-writer-multichain.test.js +107 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-api-key.test.js +12 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/codebase-patterns.test.js +2788 -3214
- package/lib/vendor/blamejs/test/layer-0-primitives/codepoint-class.test.js +78 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-base64url.test.js +63 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-hash-stream.test.js +2 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/csp-builder.test.js +50 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/csp-nonce.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/daemon.test.js +2 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/defineguard-resolve-opts.test.js +76 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/flag.test.js +9 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/gate-contract-content-gate.test.js +290 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-csv.test.js +84 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-email.test.js +78 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-filename.test.js +23 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-gate-disposition-coverage.test.js +93 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-html.test.js +60 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-image.test.js +184 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-imap-command.test.js +0 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-json.test.js +54 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-managesieve-command.test.js +10 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-markdown.test.js +45 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-pdf.test.js +101 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-pop3-command.test.js +18 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-svg.test.js +76 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-text.test.js +365 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-xml.test.js +35 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-yaml.test.js +36 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/i18n.test.js +20 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/inbox.test.js +15 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/ip-utils.test.js +83 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-arf.test.js +10 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-auth.test.js +39 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-dkim.test.js +36 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-greylist.test.js +17 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-tls.test.js +39 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-store.test.js +17 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mime-parse.test.js +106 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/money.test.js +17 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mtls-ca-revocation.test.js +98 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/nonce-store-release.test.js +77 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/observability.test.js +48 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/rate-limit-memory-getorinsert.test.js +100 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/request-helpers.test.js +88 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-async-loops.test.js +278 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-buffer-linear-scans.test.js +37 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-jsonpath.test.js +14 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sandbox.test.js +19 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/security-headers.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/self-update.test.js +2 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/session-device-binding.test.js +18 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/session-extensions.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/session-valid-from.test.js +73 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sql.test.js +100 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/structured-fields.test.js +80 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/validate-opts-shape.test.js +235 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/webhook-dispatcher.test.js +374 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/webhook.test.js +75 -8
- package/lib/vendor/blamejs/test/layer-5-integration/guard-host-integration.test.js +3 -3
- package/lib/winback-campaigns.js +202 -42
- package/package.json +1 -1
|
@@ -128,7 +128,10 @@ function _knownPrimitiveSet(docs, seederIndex, parser) {
|
|
|
128
128
|
var headingRe = /<h[23](?:\s+[^>]*)?>([\s\S]*?)<\/h[23]>/g;
|
|
129
129
|
var m;
|
|
130
130
|
while ((m = headingRe.exec(page.body)) !== null) {
|
|
131
|
-
var inner = m[1]
|
|
131
|
+
var inner = m[1];
|
|
132
|
+
var prevInner; // strip tags until stable (incomplete-multi-char-sanitization)
|
|
133
|
+
do { prevInner = inner; inner = inner.replace(/<[^>]+>/g, ""); } while (inner !== prevInner);
|
|
134
|
+
inner = inner.replace(/&/g, "&");
|
|
132
135
|
var sigRe = /b\.[a-zA-Z][a-zA-Z0-9_.]*/g;
|
|
133
136
|
var sm;
|
|
134
137
|
while ((sm = sigRe.exec(inner)) !== null) set[_bare(sm[0])] = true;
|
|
@@ -26,8 +26,11 @@ function _stripAnchorMarkup(s) {
|
|
|
26
26
|
// double-decodes &lt; -> <).
|
|
27
27
|
var stripped = String(s)
|
|
28
28
|
.replace(/<a\s+class="anchor"[^>]*>[\s\S]*?<\/a>/g, "")
|
|
29
|
-
.replace(/<\/?code>/g, "")
|
|
30
|
-
|
|
29
|
+
.replace(/<\/?code>/g, "");
|
|
30
|
+
// Re-run the generic tag strip until stable so nested-bracket residue
|
|
31
|
+
// can't survive a single pass (incomplete-multi-character-sanitization).
|
|
32
|
+
var prev;
|
|
33
|
+
do { prev = stripped; stripped = stripped.replace(/<[^>]+>/g, ""); } while (stripped !== prev);
|
|
31
34
|
return htmlEntities.unescapeBuiltinEntities(stripped)
|
|
32
35
|
.replace(/\s+/g, " ")
|
|
33
36
|
.replace(/^\s+|\s+$/g, "");
|
|
@@ -58,7 +58,10 @@ function _synthDescription(body, fallback) {
|
|
|
58
58
|
if (typeof body !== "string") return fallback;
|
|
59
59
|
var m = body.match(/<p[^>]*>([\s\S]*?)<\/p>/i);
|
|
60
60
|
if (!m) return fallback;
|
|
61
|
-
var text = m[1]
|
|
61
|
+
var text = m[1];
|
|
62
|
+
var prevText; // strip tags until stable (incomplete-multi-char-sanitization)
|
|
63
|
+
do { prevText = text; text = text.replace(/<[^>]+>/g, ""); } while (text !== prevText);
|
|
64
|
+
text = text.replace(/&[a-z0-9#]+;/gi, " ").replace(/\s+/g, " ").trim();
|
|
62
65
|
if (!text) return fallback;
|
|
63
66
|
var maxLen = b.constants.BYTES.bytes(160);
|
|
64
67
|
if (text.length > maxLen) text = text.slice(0, maxLen - 3).trimEnd() + "...";
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
|
|
3
|
+
var b = require("..");
|
|
4
|
+
var expected = require("./_expected");
|
|
5
|
+
|
|
6
|
+
// Fuzz the free-text guard's two parsing surfaces: validate() (pure inspection,
|
|
7
|
+
// must never throw on arbitrary bytes) and sanitize() (strip pass, must either
|
|
8
|
+
// return a shrunk string or throw a recognized GuardTextError, never crash).
|
|
9
|
+
module.exports.fuzz = function (data) {
|
|
10
|
+
var input;
|
|
11
|
+
try { input = data.toString("utf8"); }
|
|
12
|
+
catch (_e) { return; }
|
|
13
|
+
try {
|
|
14
|
+
b.guardText.validate(input, { profile: "strict" });
|
|
15
|
+
b.guardText.sanitize(input, { profile: "balanced" });
|
|
16
|
+
} catch (e) {
|
|
17
|
+
if (expected.isExpected(e)) return;
|
|
18
|
+
throw e;
|
|
19
|
+
}
|
|
20
|
+
};
|
|
@@ -225,6 +225,7 @@ var guardYaml = require("./lib/guard-yaml");
|
|
|
225
225
|
var guardXml = require("./lib/guard-xml");
|
|
226
226
|
var guardMarkdown = require("./lib/guard-markdown");
|
|
227
227
|
var guardEmail = require("./lib/guard-email");
|
|
228
|
+
var guardText = require("./lib/guard-text");
|
|
228
229
|
var guardDomain = require("./lib/guard-domain");
|
|
229
230
|
var guardUuid = require("./lib/guard-uuid");
|
|
230
231
|
var guardCidr = require("./lib/guard-cidr");
|
|
@@ -609,6 +610,7 @@ module.exports = {
|
|
|
609
610
|
guardXml: guardXml,
|
|
610
611
|
guardMarkdown: guardMarkdown,
|
|
611
612
|
guardEmail: guardEmail,
|
|
613
|
+
guardText: guardText,
|
|
612
614
|
guardDomain: guardDomain,
|
|
613
615
|
guardUuid: guardUuid,
|
|
614
616
|
guardCidr: guardCidr,
|
|
@@ -51,7 +51,7 @@ var validateOpts = require("./validate-opts");
|
|
|
51
51
|
var { defineClass } = require("./framework-error");
|
|
52
52
|
|
|
53
53
|
var httpClient = lazyRequire(function () { return require("./http-client"); });
|
|
54
|
-
var
|
|
54
|
+
var auditEmit = require("./audit-emit");
|
|
55
55
|
var C = require("./constants");
|
|
56
56
|
|
|
57
57
|
// A2aTasksError is the per-call error class — separate from A2aError
|
|
@@ -82,15 +82,7 @@ var TASK_ID_RE = /^[A-Za-z0-9_-]{1,64}$/;
|
|
|
82
82
|
var SKILL_NAME_RE = /^[a-zA-Z][a-zA-Z0-9._-]{0,63}$/; // allow:duplicate-regex — RFC-3986-unreserved identifier shape, shared across mcp.js + mcp-tool-registry.js
|
|
83
83
|
// RFC-3986-unreserved identifier shape (length cap inside regex), not a byte count
|
|
84
84
|
|
|
85
|
-
|
|
86
|
-
try {
|
|
87
|
-
audit().safeEmit({
|
|
88
|
-
action: action,
|
|
89
|
-
outcome: outcome || "success",
|
|
90
|
-
metadata: metadata,
|
|
91
|
-
});
|
|
92
|
-
} catch (_e) { /* best-effort */ }
|
|
93
|
-
}
|
|
85
|
+
var _emitAudit = auditEmit.emit;
|
|
94
86
|
|
|
95
87
|
var bCrypto = lazyRequire(function () { return require("./crypto"); });
|
|
96
88
|
|
|
@@ -515,19 +507,11 @@ function _jsonRpcError(id, code, message, data) {
|
|
|
515
507
|
}
|
|
516
508
|
|
|
517
509
|
function _readBody(req, maxBytes) {
|
|
518
|
-
return
|
|
519
|
-
|
|
520
|
-
|
|
521
|
-
|
|
522
|
-
|
|
523
|
-
sizeMessage: "a2a-tasks: request body exceeded " + maxBytes + " bytes",
|
|
524
|
-
});
|
|
525
|
-
req.on("data", function (chunk) {
|
|
526
|
-
try { collector.push(chunk); }
|
|
527
|
-
catch (capErr) { reject(capErr); }
|
|
528
|
-
});
|
|
529
|
-
req.on("end", function () { resolve(collector.result()); });
|
|
530
|
-
req.on("error", function (e) { reject(e); });
|
|
510
|
+
return safeBuffer.collectStream(req, {
|
|
511
|
+
maxBytes: maxBytes,
|
|
512
|
+
errorClass: A2aTasksError,
|
|
513
|
+
sizeCode: "a2a-tasks/body-too-large",
|
|
514
|
+
sizeMessage: "a2a-tasks: request body exceeded " + maxBytes + " bytes",
|
|
531
515
|
});
|
|
532
516
|
}
|
|
533
517
|
|
|
@@ -42,6 +42,7 @@
|
|
|
42
42
|
*/
|
|
43
43
|
|
|
44
44
|
var nodeCrypto = require("node:crypto");
|
|
45
|
+
var safeBuffer = require("./safe-buffer");
|
|
45
46
|
|
|
46
47
|
var C = require("./constants");
|
|
47
48
|
var asn1 = require("./asn1-der");
|
|
@@ -553,7 +554,7 @@ function create(opts) {
|
|
|
553
554
|
var id = orderOpts.identifiers[i];
|
|
554
555
|
if (!id || typeof id.type !== "string" || typeof id.value !== "string" ||
|
|
555
556
|
id.type.length === 0 || id.value.length === 0 ||
|
|
556
|
-
id.value
|
|
557
|
+
safeBuffer.byteLengthOf(id.value) > C.BYTES.bytes(255)) {
|
|
557
558
|
throw _err("acme/bad-identifier",
|
|
558
559
|
"newOrder: identifier must be { type: string, value: string<=255 }", true);
|
|
559
560
|
}
|
|
@@ -569,7 +570,7 @@ function create(opts) {
|
|
|
569
570
|
// the field. v1-defensible scope: refuse non-string + cap length so
|
|
570
571
|
// attacker-supplied profile values can't bloat the JSON payload.
|
|
571
572
|
if (typeof orderOpts.profile === "string") {
|
|
572
|
-
if (orderOpts.profile.length === 0 || orderOpts.profile
|
|
573
|
+
if (orderOpts.profile.length === 0 || safeBuffer.byteLengthOf(orderOpts.profile) > C.BYTES.bytes(64)) {
|
|
573
574
|
throw _err("acme/bad-profile",
|
|
574
575
|
"newOrder: profile name must be a non-empty string <= 64 bytes", true);
|
|
575
576
|
}
|
|
@@ -611,7 +612,7 @@ function create(opts) {
|
|
|
611
612
|
} else {
|
|
612
613
|
throw _err("acme/bad-csr", "finalize: csr must be a DER Buffer or PEM string", true);
|
|
613
614
|
}
|
|
614
|
-
if (csrDer.length === 0 || csrDer
|
|
615
|
+
if (csrDer.length === 0 || safeBuffer.byteLengthOf(csrDer) > C.BYTES.kib(64)) {
|
|
615
616
|
throw _err("acme/bad-csr",
|
|
616
617
|
"finalize: CSR DER size out of range (got " + csrDer.length + " bytes)", true);
|
|
617
618
|
}
|
|
@@ -842,7 +843,7 @@ function create(opts) {
|
|
|
842
843
|
}
|
|
843
844
|
for (var di = 0; di < opts2.domains.length; di += 1) {
|
|
844
845
|
var d = opts2.domains[di];
|
|
845
|
-
if (typeof d !== "string" || d.length === 0 || d
|
|
846
|
+
if (typeof d !== "string" || d.length === 0 || safeBuffer.byteLengthOf(d) > C.BYTES.bytes(255)) {
|
|
846
847
|
throw _err("acme/bad-csr-domain",
|
|
847
848
|
"buildCsr: domains[" + di + "] must be a non-empty string <= 255 bytes", true);
|
|
848
849
|
}
|
|
@@ -1328,7 +1329,7 @@ function create(opts) {
|
|
|
1328
1329
|
if (!opts2 || typeof opts2 !== "object" || typeof opts2.identifier !== "string" || opts2.identifier.length === 0) {
|
|
1329
1330
|
throw _err("acme/bad-identifier", "dnsAccount01ChallengeRecord: opts.identifier (host) is required", true);
|
|
1330
1331
|
}
|
|
1331
|
-
if (opts2.identifier
|
|
1332
|
+
if (safeBuffer.byteLengthOf(opts2.identifier) > C.BYTES.bytes(255)) {
|
|
1332
1333
|
throw _err("acme/bad-identifier", "dnsAccount01ChallengeRecord: identifier exceeds 255 bytes", true);
|
|
1333
1334
|
}
|
|
1334
1335
|
if (!state.accountUrl) {
|
|
@@ -70,6 +70,7 @@ var agentAudit = require("./agent-audit");
|
|
|
70
70
|
var envelopeMac = require("./agent-envelope-mac");
|
|
71
71
|
var safeJson = require("./safe-json");
|
|
72
72
|
var bCrypto = require("./crypto");
|
|
73
|
+
var boundedMap = require("./bounded-map");
|
|
73
74
|
|
|
74
75
|
var audit = lazyRequire(function () { return require("./audit"); });
|
|
75
76
|
|
|
@@ -149,10 +150,10 @@ function create(opts) {
|
|
|
149
150
|
|
|
150
151
|
function _registerTopic(topics, name, topicOpts, auditImpl) {
|
|
151
152
|
guardEventBusTopic.validate(name);
|
|
152
|
-
|
|
153
|
+
boundedMap.requireAbsent(topics, name, function () {
|
|
153
154
|
throw new AgentEventBusError("agent-event-bus/topic-duplicate",
|
|
154
155
|
"registerTopic: '" + name + "' already registered");
|
|
155
|
-
}
|
|
156
|
+
});
|
|
156
157
|
if (!topicOpts.schema || typeof topicOpts.schema !== "object") {
|
|
157
158
|
throw new AgentEventBusError("agent-event-bus/bad-schema",
|
|
158
159
|
"registerTopic: schema required (flat key→type map)");
|
|
@@ -193,10 +194,10 @@ function _registerTopic(topics, name, topicOpts, auditImpl) {
|
|
|
193
194
|
// lifecycle traceability.
|
|
194
195
|
function _unregisterTopic(topics, name, auditImpl) {
|
|
195
196
|
guardEventBusTopic.validate(name);
|
|
196
|
-
|
|
197
|
+
boundedMap.requirePresent(topics, name, function () {
|
|
197
198
|
throw new AgentEventBusError("agent-event-bus/unknown-topic",
|
|
198
199
|
"unregisterTopic: '" + name + "' not registered");
|
|
199
|
-
}
|
|
200
|
+
});
|
|
200
201
|
topics.delete(name);
|
|
201
202
|
_safeAudit(auditImpl, "agent.event_bus.topic_unregistered", null, { name: name });
|
|
202
203
|
}
|
|
@@ -143,11 +143,8 @@ function _ensureSealTable() {
|
|
|
143
143
|
function create(opts) {
|
|
144
144
|
opts = opts || {};
|
|
145
145
|
var store = opts.store || _inMemoryBackend(opts.maxInMemoryEntries);
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
throw new AgentIdempotencyError("agent-idempotency/bad-store",
|
|
149
|
-
"create: store must expose { get, put, delete }");
|
|
150
|
-
}
|
|
146
|
+
validateOpts.requireMethods(store, ["get", "put", "delete"],
|
|
147
|
+
"create: store", AgentIdempotencyError, "agent-idempotency/bad-store");
|
|
151
148
|
var ttlMs = typeof opts.ttlMs === "number" ? opts.ttlMs : DEFAULT_TTL_MS;
|
|
152
149
|
if (!Number.isFinite(ttlMs) || ttlMs <= 0) {
|
|
153
150
|
throw new AgentIdempotencyError("agent-idempotency/bad-ttl",
|
|
@@ -157,11 +157,8 @@ var _saltedFnvBasisCache = null;
|
|
|
157
157
|
function create(opts) {
|
|
158
158
|
opts = opts || {};
|
|
159
159
|
var backend = opts.backend || _inMemoryBackend();
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
throw new AgentOrchestratorError("agent-orchestrator/bad-backend",
|
|
163
|
-
"b.agent.orchestrator.create: backend must expose { get, set, delete, list }");
|
|
164
|
-
}
|
|
160
|
+
validateOpts.requireMethods(backend, ["get", "set", "delete", "list"],
|
|
161
|
+
"b.agent.orchestrator.create: backend", AgentOrchestratorError, "agent-orchestrator/bad-backend");
|
|
165
162
|
var clusterImpl = opts.cluster || cluster();
|
|
166
163
|
var auditImpl = opts.audit || audit();
|
|
167
164
|
var permissions = opts.permissions || null;
|
|
@@ -71,6 +71,7 @@
|
|
|
71
71
|
|
|
72
72
|
var lazyRequire = require("./lazy-require");
|
|
73
73
|
var { defineClass } = require("./framework-error");
|
|
74
|
+
var validateOpts = require("./validate-opts");
|
|
74
75
|
var guardSagaConfig = require("./guard-saga-config");
|
|
75
76
|
var bCrypto = require("./crypto");
|
|
76
77
|
var agentAudit = require("./agent-audit");
|
|
@@ -118,11 +119,8 @@ function create(config) {
|
|
|
118
119
|
// `agent.saga.no_state_store` surfaces the posture per call).
|
|
119
120
|
var stateStore = config.stateStore || null;
|
|
120
121
|
if (stateStore !== null) {
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
throw new AgentSagaError("agent-saga/bad-state-store",
|
|
124
|
-
"create: stateStore must expose { saveStep, loadResumePoint, markCompleted?, markFailed? }");
|
|
125
|
-
}
|
|
122
|
+
validateOpts.requireMethods(stateStore, ["saveStep", "loadResumePoint"],
|
|
123
|
+
"create: stateStore", AgentSagaError, "agent-saga/bad-state-store");
|
|
126
124
|
}
|
|
127
125
|
return {
|
|
128
126
|
run: function (ctx, initialState, opts) { return _run(config, auditImpl, stateStore, ctx, initialState, opts || {}); },
|
|
@@ -153,11 +153,8 @@ var TENANT_KEY_BYTES = 32;
|
|
|
153
153
|
function create(opts) {
|
|
154
154
|
opts = opts || {};
|
|
155
155
|
var backend = opts.backend || _inMemoryBackend();
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
throw new AgentTenantError("agent-tenant/bad-backend",
|
|
159
|
-
"create: backend must expose { get, set, delete, list }");
|
|
160
|
-
}
|
|
156
|
+
validateOpts.requireMethods(backend, ["get", "set", "delete", "list"],
|
|
157
|
+
"create: backend", AgentTenantError, "agent-tenant/bad-backend");
|
|
161
158
|
var auditImpl = opts.audit || audit();
|
|
162
159
|
var permissions = opts.permissions || null;
|
|
163
160
|
var ctx = {
|
|
@@ -99,25 +99,12 @@ function wrap(opts) {
|
|
|
99
99
|
var legalBasis = opts.legalBasis;
|
|
100
100
|
var decide = opts.decide;
|
|
101
101
|
var onAdverse = typeof opts.onAdverse === "function" ? opts.onAdverse : null;
|
|
102
|
-
var auditOn = opts.audit !== false;
|
|
103
102
|
var now = typeof opts.now === "function" ? opts.now : function () { return Date.now(); };
|
|
104
103
|
|
|
105
104
|
var deadlines = REGIME_DEADLINES[legalBasis] || REGIME_DEADLINES["operator-defined"];
|
|
106
105
|
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
try {
|
|
110
|
-
audit().safeEmit({
|
|
111
|
-
action: "ai.adverse_decision." + action,
|
|
112
|
-
outcome: outcome,
|
|
113
|
-
metadata: metadata || {},
|
|
114
|
-
});
|
|
115
|
-
} catch (_e) { /* drop-silent */ }
|
|
116
|
-
}
|
|
117
|
-
function _emitMetric(verb, n, labels) {
|
|
118
|
-
try { observability().safeEvent("ai.adverse_decision." + verb, n || 1, labels || {}); }
|
|
119
|
-
catch (_e) { /* drop-silent */ }
|
|
120
|
-
}
|
|
106
|
+
var _emitAudit = audit().namespaced("ai.adverse_decision", opts.audit);
|
|
107
|
+
var _emitMetric = observability().namespaced("ai.adverse_decision");
|
|
121
108
|
|
|
122
109
|
return async function adverseDecisionDecorated(subject) {
|
|
123
110
|
if (!subject || typeof subject !== "object") {
|
|
@@ -239,12 +239,7 @@ function create(opts) {
|
|
|
239
239
|
}
|
|
240
240
|
var auditOn = opts.audit !== false;
|
|
241
241
|
|
|
242
|
-
|
|
243
|
-
if (!auditOn) return;
|
|
244
|
-
try {
|
|
245
|
-
audit().safeEmit({ action: action, outcome: outcome, metadata: metadata || {} });
|
|
246
|
-
} catch (_e) { /* audit best-effort — drop-silent */ }
|
|
247
|
-
}
|
|
242
|
+
var _emitAudit = audit().namespaced(null, { audit: auditOn });
|
|
248
243
|
|
|
249
244
|
function describe(modelId) {
|
|
250
245
|
var d = registry.get(modelId);
|
|
@@ -429,11 +429,7 @@ function budget(opts) {
|
|
|
429
429
|
var spentDelta = 0;
|
|
430
430
|
var rdp = RDP_ORDERS.map(function () { return 0; }); // rdp accounting
|
|
431
431
|
|
|
432
|
-
|
|
433
|
-
if (!auditOn) return;
|
|
434
|
-
try { audit().safeEmit({ action: action, outcome: outcome, metadata: metadata || {} }); }
|
|
435
|
-
catch (_e) { /* drop-silent */ }
|
|
436
|
-
}
|
|
432
|
+
var _emitAudit = audit().namespaced(null, { audit: auditOn });
|
|
437
433
|
|
|
438
434
|
function _currentEpsilon(rdpCurve) {
|
|
439
435
|
if (accounting === "basic") return spentEpsilon;
|
|
@@ -23,6 +23,7 @@
|
|
|
23
23
|
var C = require("./constants");
|
|
24
24
|
var numericBounds = require("./numeric-bounds");
|
|
25
25
|
var audit = require("./audit");
|
|
26
|
+
var codepointClass = require("./codepoint-class");
|
|
26
27
|
var { AiInputError } = require("./framework-error");
|
|
27
28
|
|
|
28
29
|
var SAMPLE_TRUNC = 80; // sample truncation length, not bytes
|
|
@@ -69,8 +70,7 @@ function _featuresOf(input) {
|
|
|
69
70
|
var cp = input.charCodeAt(i);
|
|
70
71
|
if ((cp >= 0x202a && cp <= 0x202e) || (cp >= 0x2066 && cp <= 0x2069)) bidi++;
|
|
71
72
|
else if (cp === 0x200b || cp === 0x200c || cp === 0x200d || cp === 0xfeff || cp === 0x2060) zw++;
|
|
72
|
-
else if (cp
|
|
73
|
-
else if (cp === 0x7f) ctrl++;
|
|
73
|
+
else if (codepointClass.isForbiddenControlChar(cp, { allowLf: true, allowCr: true })) ctrl++;
|
|
74
74
|
}
|
|
75
75
|
return {
|
|
76
76
|
length: input.length,
|
|
@@ -152,13 +152,8 @@ function parseHeader(value) {
|
|
|
152
152
|
label: "aiPref.parseHeader",
|
|
153
153
|
});
|
|
154
154
|
var out = { train: null, infer: null, snippet: null, price: null };
|
|
155
|
-
var
|
|
156
|
-
|
|
157
|
-
var p = pairs[i].trim();
|
|
158
|
-
var eq = p.indexOf("=");
|
|
159
|
-
if (eq === -1) continue;
|
|
160
|
-
var k = p.slice(0, eq).trim().toLowerCase();
|
|
161
|
-
var val = p.slice(eq + 1).trim();
|
|
155
|
+
var kvps = structuredFields.parseKeyValuePieces(value.split(","));
|
|
156
|
+
structuredFields.forEachKeyValue(kvps, function (k, val) {
|
|
162
157
|
if (k === "train" && TRAIN_VALUES.indexOf(val) !== -1) out.train = val;
|
|
163
158
|
else if (k === "infer" && INFER_VALUES.indexOf(val) !== -1) out.infer = val;
|
|
164
159
|
else if (k === "snippet" && SNIPPET_VALUES.indexOf(val) !== -1) out.snippet = val;
|
|
@@ -169,7 +164,7 @@ function parseHeader(value) {
|
|
|
169
164
|
var pt = parseInt(val, 10);
|
|
170
165
|
if (isFinite(pt) && pt > 0) out.price = Object.assign({ perTokens: pt }, out.price || {});
|
|
171
166
|
}
|
|
172
|
-
}
|
|
167
|
+
});
|
|
173
168
|
return out;
|
|
174
169
|
}
|
|
175
170
|
|
|
@@ -318,12 +318,7 @@ function create(opts) {
|
|
|
318
318
|
return null;
|
|
319
319
|
}
|
|
320
320
|
|
|
321
|
-
|
|
322
|
-
if (!auditOn) return;
|
|
323
|
-
try {
|
|
324
|
-
audit().safeEmit({ action: action, outcome: outcome, metadata: metadata || {} });
|
|
325
|
-
} catch (_e) { /* audit best-effort — drop-silent */ }
|
|
326
|
-
}
|
|
321
|
+
var _emitAudit = audit().namespaced(null, { audit: auditOn });
|
|
327
322
|
|
|
328
323
|
function _emitMetric(name, n) {
|
|
329
324
|
try { observability().safeEvent(name, n || 1, {}); }
|
|
@@ -507,14 +502,8 @@ function _validateLimitMap(map, label) {
|
|
|
507
502
|
}
|
|
508
503
|
|
|
509
504
|
function _validateStore(store) {
|
|
510
|
-
|
|
511
|
-
|
|
512
|
-
typeof store.add !== "function" ||
|
|
513
|
-
typeof store.get !== "function" ||
|
|
514
|
-
typeof store.reset !== "function") {
|
|
515
|
-
throw new AiQuotaError("ai-quota/bad-store",
|
|
516
|
-
"ai.quota.create: store must expose reserve / add / get / reset functions");
|
|
517
|
-
}
|
|
505
|
+
validateOpts.requireMethods(store, ["reserve", "add", "get", "reset"],
|
|
506
|
+
"ai.quota.create: store", AiQuotaError, "ai-quota/bad-store");
|
|
518
507
|
}
|
|
519
508
|
|
|
520
509
|
module.exports = {
|
|
@@ -134,37 +134,46 @@ function _validateIdentifier(name, value) {
|
|
|
134
134
|
}
|
|
135
135
|
|
|
136
136
|
function _validateCreateOpts(opts) {
|
|
137
|
-
validateOpts.
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
(
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
137
|
+
validateOpts.shape(opts, {
|
|
138
|
+
namespace: function (v, l) { _validateIdentifier(l, v); },
|
|
139
|
+
prefix: function (v, l) { if (v !== undefined) _validateIdentifier(l, v); },
|
|
140
|
+
idBytes: "optional-positive-int",
|
|
141
|
+
secretBytes: "optional-positive-int",
|
|
142
|
+
trackLastUsedAt: "optional-boolean",
|
|
143
|
+
auditFailures: "optional-boolean",
|
|
144
|
+
auditSuccess: "optional-boolean",
|
|
145
|
+
purgeAfterMs: "optional-non-negative",
|
|
146
|
+
hashAlgo: function (v) {
|
|
147
|
+
if (v !== undefined) {
|
|
148
|
+
if (typeof v !== "string" || (v !== "shake256" && v !== "argon2id")) {
|
|
149
|
+
throw _err("BAD_OPT", "apiKey.create: hashAlgo must be 'shake256' or 'argon2id', got " +
|
|
150
|
+
JSON.stringify(v));
|
|
151
|
+
}
|
|
152
|
+
}
|
|
153
|
+
},
|
|
154
|
+
audit: function (v) { validateOpts.auditShape(v, "apiKey.create", ApiKeyError); },
|
|
155
|
+
clock: "optional-function",
|
|
156
|
+
}, "apiKey.create", ApiKeyError);
|
|
155
157
|
}
|
|
156
158
|
|
|
157
159
|
function _validateIssueOpts(opts) {
|
|
158
|
-
validateOpts.
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
160
|
+
validateOpts.shape(opts, {
|
|
161
|
+
ownerId: { rule: "required-string", code: "MISSING_OWNER" },
|
|
162
|
+
scopes: { rule: "optional-string-array", code: "BAD_SCOPES" },
|
|
163
|
+
metadata: { rule: "optional-plain-object", code: "BAD_METADATA" },
|
|
164
|
+
expiresAt: function (v) {
|
|
165
|
+
if (v !== undefined && v !== null) {
|
|
166
|
+
if (typeof v !== "number" || !isFinite(v) || v < 0) {
|
|
167
|
+
throw _err("BAD_OPT", "apiKey.issue: expiresAt must be a non-negative finite number (unix ms) or null");
|
|
168
|
+
}
|
|
169
|
+
}
|
|
170
|
+
},
|
|
171
|
+
}, "apiKey.issue", ApiKeyError, undefined, {
|
|
172
|
+
// `req` / `context` are the audit-actor pass-through bag — forwarded
|
|
173
|
+
// verbatim to requestHelpers.resolveActorWithOverride (via _actor)
|
|
174
|
+
// to populate the issue audit's 5 W's, not validated locally.
|
|
175
|
+
allow: ["req", "context"],
|
|
176
|
+
});
|
|
168
177
|
}
|
|
169
178
|
|
|
170
179
|
// ---- Token format ----
|
|
@@ -547,10 +547,8 @@ function http(url, opts) {
|
|
|
547
547
|
* for await (var e of reader.entries()) entries.push(e);
|
|
548
548
|
*/
|
|
549
549
|
function trustedStream(readable, opts) {
|
|
550
|
-
|
|
551
|
-
|
|
552
|
-
"trustedStream: arg must be a Readable (or pipe/on-compatible stream)");
|
|
553
|
-
}
|
|
550
|
+
validateOpts.requireMethods(readable, ["pipe", "on"],
|
|
551
|
+
"trustedStream: arg (Readable / pipe-on-compatible stream)", AdapterError, "adapter/bad-arg");
|
|
554
552
|
if (!(readable instanceof nodeStream.Readable) && !readable.readable) {
|
|
555
553
|
// Accept stream-like duck-typed objects; many libraries return
|
|
556
554
|
// Readable-flavored bytes via Symbol.asyncIterator only.
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* lib/archive-entry-policy.js — the entry-type extraction policy shared by the
|
|
4
|
+
* ZIP (archive-read) and TAR (archive-tar-read) readers.
|
|
5
|
+
*
|
|
6
|
+
* Special archive entry types — symlinks, hardlinks, device nodes, FIFOs, and
|
|
7
|
+
* sockets — are a malicious-archive vector (symlink traversal out of the
|
|
8
|
+
* extraction root, device-node creation, etc.), so every type is DENIED by
|
|
9
|
+
* default; an operator opts a type in explicitly per archive. Both readers
|
|
10
|
+
* normalized the same default the same way, so the policy + its overlay live
|
|
11
|
+
* here once rather than drifting between the two formats.
|
|
12
|
+
*/
|
|
13
|
+
|
|
14
|
+
var DEFAULT_ENTRY_TYPE_POLICY = Object.freeze({
|
|
15
|
+
symlinks: false,
|
|
16
|
+
hardlinks: false,
|
|
17
|
+
devices: false,
|
|
18
|
+
fifos: false,
|
|
19
|
+
sockets: false,
|
|
20
|
+
});
|
|
21
|
+
|
|
22
|
+
// normalize(p) — overlay an operator policy onto the all-denied default and
|
|
23
|
+
// freeze it. A falsy `p` returns the shared default object (no allocation).
|
|
24
|
+
function normalize(p) {
|
|
25
|
+
if (!p) return DEFAULT_ENTRY_TYPE_POLICY;
|
|
26
|
+
return Object.freeze(Object.assign({}, DEFAULT_ENTRY_TYPE_POLICY, p));
|
|
27
|
+
}
|
|
28
|
+
|
|
29
|
+
module.exports = {
|
|
30
|
+
DEFAULT_ENTRY_TYPE_POLICY: DEFAULT_ENTRY_TYPE_POLICY,
|
|
31
|
+
normalize: normalize,
|
|
32
|
+
};
|
|
@@ -54,6 +54,8 @@ var guardArchive = lazyRequire(function () { return require("./guard-archive");
|
|
|
54
54
|
var safeDecompress = lazyRequire(function () { return require("./safe-decompress"); });
|
|
55
55
|
var safeBuffer = lazyRequire(function () { return require("./safe-buffer"); });
|
|
56
56
|
var archiveAdapters = lazyRequire(function () { return require("./archive-adapters"); });
|
|
57
|
+
var archiveEntryPolicy = require("./archive-entry-policy");
|
|
58
|
+
var auditEmit = require("./audit-emit");
|
|
57
59
|
|
|
58
60
|
// ---- Wire-format constants ------------------------------------------------
|
|
59
61
|
// Aligned with the write-side `lib/archive.js`. APPNOTE.TXT § references
|
|
@@ -120,13 +122,7 @@ var DEFAULT_BOMB_POLICY = Object.freeze({
|
|
|
120
122
|
maxExpansionRatio: 100, // compressed → decompressed ratio cap
|
|
121
123
|
});
|
|
122
124
|
|
|
123
|
-
var DEFAULT_ENTRY_TYPE_POLICY =
|
|
124
|
-
symlinks: false,
|
|
125
|
-
hardlinks: false,
|
|
126
|
-
devices: false,
|
|
127
|
-
fifos: false,
|
|
128
|
-
sockets: false,
|
|
129
|
-
});
|
|
125
|
+
var DEFAULT_ENTRY_TYPE_POLICY = archiveEntryPolicy.DEFAULT_ENTRY_TYPE_POLICY;
|
|
130
126
|
|
|
131
127
|
// ---- Helpers --------------------------------------------------------------
|
|
132
128
|
|
|
@@ -629,17 +625,9 @@ function _normalizeBombPolicy(p) {
|
|
|
629
625
|
return Object.freeze(Object.assign({}, DEFAULT_BOMB_POLICY, p));
|
|
630
626
|
}
|
|
631
627
|
|
|
632
|
-
|
|
633
|
-
if (!p) return DEFAULT_ENTRY_TYPE_POLICY;
|
|
634
|
-
return Object.freeze(Object.assign({}, DEFAULT_ENTRY_TYPE_POLICY, p));
|
|
635
|
-
}
|
|
628
|
+
var _normalizeEntryTypePolicy = archiveEntryPolicy.normalize;
|
|
636
629
|
|
|
637
|
-
|
|
638
|
-
if (!opts || !opts.audit || typeof opts.audit.safeEmit !== "function") return;
|
|
639
|
-
try {
|
|
640
|
-
opts.audit.safeEmit({ action: action, outcome: outcome, metadata: metadata });
|
|
641
|
-
} catch (_e) { /* drop-silent — audit sinks must never crash the reader */ }
|
|
642
|
-
}
|
|
630
|
+
var _emitAudit = auditEmit.emitToSink; // operator-sink audit emit (opts.audit)
|
|
643
631
|
|
|
644
632
|
/**
|
|
645
633
|
* @primitive b.archive.read.zip
|