@blamejs/blamejs-shop 0.4.56 → 0.4.57
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +2 -0
- package/lib/asset-manifest.json +1 -1
- package/lib/vendor/MANIFEST.json +426 -366
- package/lib/vendor/blamejs/.github/codeql/codeql-config.yml +25 -0
- package/lib/vendor/blamejs/.github/workflows/actions-lint.yml +3 -3
- package/lib/vendor/blamejs/.github/workflows/cflite_batch.yml +1 -1
- package/lib/vendor/blamejs/.github/workflows/cflite_pr.yml +1 -1
- package/lib/vendor/blamejs/.github/workflows/ci.yml +13 -13
- package/lib/vendor/blamejs/.github/workflows/codeql.yml +8 -7
- package/lib/vendor/blamejs/.github/workflows/npm-publish.yml +2 -2
- package/lib/vendor/blamejs/.github/workflows/release-container.yml +4 -4
- package/lib/vendor/blamejs/.github/workflows/scorecard.yml +1 -1
- package/lib/vendor/blamejs/.github/workflows/sha-to-tag-verify.yml +1 -1
- package/lib/vendor/blamejs/CHANGELOG.md +2 -0
- package/lib/vendor/blamejs/api-snapshot.json +1381 -4
- package/lib/vendor/blamejs/eslint.config.mjs +1 -0
- package/lib/vendor/blamejs/examples/wiki/lib/source-comment-block-validator.js +4 -1
- package/lib/vendor/blamejs/examples/wiki/lib/symbol-index.js +5 -2
- package/lib/vendor/blamejs/examples/wiki/routes/pages.js +4 -1
- package/lib/vendor/blamejs/fuzz/guard-text.fuzz.js +20 -0
- package/lib/vendor/blamejs/index.js +2 -0
- package/lib/vendor/blamejs/lib/a2a-tasks.js +7 -23
- package/lib/vendor/blamejs/lib/acme.js +6 -5
- package/lib/vendor/blamejs/lib/agent-event-bus.js +5 -4
- package/lib/vendor/blamejs/lib/agent-idempotency.js +2 -5
- package/lib/vendor/blamejs/lib/agent-orchestrator.js +2 -5
- package/lib/vendor/blamejs/lib/agent-saga.js +3 -5
- package/lib/vendor/blamejs/lib/agent-tenant.js +2 -5
- package/lib/vendor/blamejs/lib/ai-adverse-decision.js +2 -15
- package/lib/vendor/blamejs/lib/ai-capability.js +1 -6
- package/lib/vendor/blamejs/lib/ai-dp.js +1 -5
- package/lib/vendor/blamejs/lib/ai-input.js +2 -2
- package/lib/vendor/blamejs/lib/ai-pref.js +3 -8
- package/lib/vendor/blamejs/lib/ai-quota.js +3 -14
- package/lib/vendor/blamejs/lib/api-key.js +37 -28
- package/lib/vendor/blamejs/lib/archive-adapters.js +2 -4
- package/lib/vendor/blamejs/lib/archive-entry-policy.js +32 -0
- package/lib/vendor/blamejs/lib/archive-read.js +5 -17
- package/lib/vendor/blamejs/lib/archive-tar-read.js +5 -16
- package/lib/vendor/blamejs/lib/archive.js +2 -10
- package/lib/vendor/blamejs/lib/arg-parser.js +7 -6
- package/lib/vendor/blamejs/lib/asyncapi-traits.js +2 -6
- package/lib/vendor/blamejs/lib/atomic-file.js +108 -31
- package/lib/vendor/blamejs/lib/audit-chain.js +133 -53
- package/lib/vendor/blamejs/lib/audit-daily-review.js +24 -14
- package/lib/vendor/blamejs/lib/audit-emit.js +82 -0
- package/lib/vendor/blamejs/lib/audit-sign.js +257 -0
- package/lib/vendor/blamejs/lib/audit.js +84 -0
- package/lib/vendor/blamejs/lib/auth/access-lock.js +5 -27
- package/lib/vendor/blamejs/lib/auth/dpop.js +23 -35
- package/lib/vendor/blamejs/lib/auth/fido-mds3.js +9 -15
- package/lib/vendor/blamejs/lib/auth/jwt-external.js +26 -8
- package/lib/vendor/blamejs/lib/auth/jwt.js +13 -15
- package/lib/vendor/blamejs/lib/auth/lockout.js +6 -25
- package/lib/vendor/blamejs/lib/auth/oauth.js +67 -45
- package/lib/vendor/blamejs/lib/auth/oid4vci.js +55 -32
- package/lib/vendor/blamejs/lib/auth/oid4vp.js +3 -2
- package/lib/vendor/blamejs/lib/auth/openid-federation.js +6 -6
- package/lib/vendor/blamejs/lib/auth/passkey.js +3 -3
- package/lib/vendor/blamejs/lib/auth/password.js +7 -1
- package/lib/vendor/blamejs/lib/auth/saml.js +37 -27
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-holder.js +2 -14
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-issuer.js +2 -14
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc.js +1 -1
- package/lib/vendor/blamejs/lib/auth/status-list.js +7 -7
- package/lib/vendor/blamejs/lib/auth/step-up.js +6 -12
- package/lib/vendor/blamejs/lib/auth-bot-challenge.js +6 -37
- package/lib/vendor/blamejs/lib/backup/bundle.js +11 -18
- package/lib/vendor/blamejs/lib/backup/index.js +14 -47
- package/lib/vendor/blamejs/lib/bounded-map.js +112 -1
- package/lib/vendor/blamejs/lib/breach-deadline.js +1 -11
- package/lib/vendor/blamejs/lib/cache.js +7 -18
- package/lib/vendor/blamejs/lib/cbor.js +2 -1
- package/lib/vendor/blamejs/lib/cdn-cache-control.js +8 -9
- package/lib/vendor/blamejs/lib/cert.js +3 -10
- package/lib/vendor/blamejs/lib/chain-writer.js +162 -47
- package/lib/vendor/blamejs/lib/cli.js +5 -1
- package/lib/vendor/blamejs/lib/client-hints.js +7 -9
- package/lib/vendor/blamejs/lib/cloud-events.js +40 -31
- package/lib/vendor/blamejs/lib/cluster-storage.js +2 -38
- package/lib/vendor/blamejs/lib/cms-codec.js +2 -1
- package/lib/vendor/blamejs/lib/codepoint-class.js +67 -1
- package/lib/vendor/blamejs/lib/compliance-ai-act-logging.js +1 -6
- package/lib/vendor/blamejs/lib/compliance-ai-act-transparency.js +2 -4
- package/lib/vendor/blamejs/lib/compliance-eaa.js +1 -11
- package/lib/vendor/blamejs/lib/compliance-sanctions-fetcher.js +21 -28
- package/lib/vendor/blamejs/lib/compliance-sanctions.js +2 -14
- package/lib/vendor/blamejs/lib/compliance.js +2 -9
- package/lib/vendor/blamejs/lib/config-drift.js +2 -12
- package/lib/vendor/blamejs/lib/content-digest.js +10 -8
- package/lib/vendor/blamejs/lib/cookies.js +5 -11
- package/lib/vendor/blamejs/lib/cose.js +19 -11
- package/lib/vendor/blamejs/lib/cra-report.js +1 -11
- package/lib/vendor/blamejs/lib/crypto-field.js +5 -10
- package/lib/vendor/blamejs/lib/crypto.js +120 -3
- package/lib/vendor/blamejs/lib/csp.js +235 -3
- package/lib/vendor/blamejs/lib/daemon.js +42 -41
- package/lib/vendor/blamejs/lib/data-act.js +19 -9
- package/lib/vendor/blamejs/lib/db-query.js +6 -40
- package/lib/vendor/blamejs/lib/db.js +34 -12
- package/lib/vendor/blamejs/lib/dbsc.js +5 -6
- package/lib/vendor/blamejs/lib/ddl-change-control.js +18 -14
- package/lib/vendor/blamejs/lib/deprecate.js +4 -5
- package/lib/vendor/blamejs/lib/did.js +6 -2
- package/lib/vendor/blamejs/lib/dsr.js +8 -12
- package/lib/vendor/blamejs/lib/external-db-migrate.js +21 -22
- package/lib/vendor/blamejs/lib/external-db.js +14 -26
- package/lib/vendor/blamejs/lib/fda-21cfr11.js +12 -8
- package/lib/vendor/blamejs/lib/fdx.js +22 -18
- package/lib/vendor/blamejs/lib/file-upload.js +80 -66
- package/lib/vendor/blamejs/lib/flag-evaluation-context.js +5 -8
- package/lib/vendor/blamejs/lib/framework-error.js +12 -0
- package/lib/vendor/blamejs/lib/framework-schema.js +19 -0
- package/lib/vendor/blamejs/lib/fsm.js +7 -12
- package/lib/vendor/blamejs/lib/gate-contract.js +869 -38
- package/lib/vendor/blamejs/lib/gdpr-ropa.js +4 -13
- package/lib/vendor/blamejs/lib/graphql-federation.js +1 -1
- package/lib/vendor/blamejs/lib/guard-agent-registry.js +2 -1
- package/lib/vendor/blamejs/lib/guard-all.js +1 -0
- package/lib/vendor/blamejs/lib/guard-archive.js +9 -30
- package/lib/vendor/blamejs/lib/guard-auth.js +23 -80
- package/lib/vendor/blamejs/lib/guard-cidr.js +20 -96
- package/lib/vendor/blamejs/lib/guard-csv.js +135 -196
- package/lib/vendor/blamejs/lib/guard-domain.js +23 -106
- package/lib/vendor/blamejs/lib/guard-dsn.js +16 -13
- package/lib/vendor/blamejs/lib/guard-email.js +46 -53
- package/lib/vendor/blamejs/lib/guard-envelope.js +1 -1
- package/lib/vendor/blamejs/lib/guard-event-bus-topic.js +2 -1
- package/lib/vendor/blamejs/lib/guard-filename.js +12 -60
- package/lib/vendor/blamejs/lib/guard-graphql.js +28 -75
- package/lib/vendor/blamejs/lib/guard-html-wcag.js +15 -2
- package/lib/vendor/blamejs/lib/guard-html.js +65 -117
- package/lib/vendor/blamejs/lib/guard-idempotency-key.js +2 -1
- package/lib/vendor/blamejs/lib/guard-image.js +280 -77
- package/lib/vendor/blamejs/lib/guard-imap-command.js +8 -9
- package/lib/vendor/blamejs/lib/guard-json.js +87 -103
- package/lib/vendor/blamejs/lib/guard-jsonpath.js +20 -88
- package/lib/vendor/blamejs/lib/guard-jwt.js +32 -114
- package/lib/vendor/blamejs/lib/guard-list-id.js +2 -7
- package/lib/vendor/blamejs/lib/guard-list-unsubscribe.js +2 -7
- package/lib/vendor/blamejs/lib/guard-mail-compose.js +5 -6
- package/lib/vendor/blamejs/lib/guard-mail-move.js +2 -1
- package/lib/vendor/blamejs/lib/guard-mail-query.js +5 -3
- package/lib/vendor/blamejs/lib/guard-mail-sieve.js +6 -7
- package/lib/vendor/blamejs/lib/guard-managesieve-command.js +5 -4
- package/lib/vendor/blamejs/lib/guard-markdown.js +76 -110
- package/lib/vendor/blamejs/lib/guard-message-id.js +5 -6
- package/lib/vendor/blamejs/lib/guard-mime.js +20 -99
- package/lib/vendor/blamejs/lib/guard-oauth.js +19 -73
- package/lib/vendor/blamejs/lib/guard-pdf.js +65 -72
- package/lib/vendor/blamejs/lib/guard-pop3-command.js +12 -13
- package/lib/vendor/blamejs/lib/guard-posture-chain.js +2 -1
- package/lib/vendor/blamejs/lib/guard-regex.js +24 -99
- package/lib/vendor/blamejs/lib/guard-saga-config.js +2 -1
- package/lib/vendor/blamejs/lib/guard-shell.js +22 -87
- package/lib/vendor/blamejs/lib/guard-smtp-command.js +8 -11
- package/lib/vendor/blamejs/lib/guard-sql.js +15 -13
- package/lib/vendor/blamejs/lib/guard-stream-args.js +2 -1
- package/lib/vendor/blamejs/lib/guard-svg.js +95 -140
- package/lib/vendor/blamejs/lib/guard-template.js +23 -80
- package/lib/vendor/blamejs/lib/guard-tenant-id.js +2 -1
- package/lib/vendor/blamejs/lib/guard-text.js +592 -0
- package/lib/vendor/blamejs/lib/guard-time.js +27 -95
- package/lib/vendor/blamejs/lib/guard-uuid.js +21 -93
- package/lib/vendor/blamejs/lib/guard-xml.js +76 -106
- package/lib/vendor/blamejs/lib/guard-yaml.js +24 -60
- package/lib/vendor/blamejs/lib/http-client-cache.js +5 -12
- package/lib/vendor/blamejs/lib/http-client-cookie-jar.js +2 -4
- package/lib/vendor/blamejs/lib/http-client.js +8 -21
- package/lib/vendor/blamejs/lib/http-message-signature.js +3 -2
- package/lib/vendor/blamejs/lib/i18n-messageformat.js +5 -7
- package/lib/vendor/blamejs/lib/i18n.js +83 -26
- package/lib/vendor/blamejs/lib/inbox.js +8 -8
- package/lib/vendor/blamejs/lib/incident-report.js +3 -21
- package/lib/vendor/blamejs/lib/ip-utils.js +49 -6
- package/lib/vendor/blamejs/lib/jobs.js +3 -2
- package/lib/vendor/blamejs/lib/keychain.js +6 -18
- package/lib/vendor/blamejs/lib/legal-hold.js +6 -15
- package/lib/vendor/blamejs/lib/log-stream-cloudwatch.js +44 -112
- package/lib/vendor/blamejs/lib/log-stream-otlp-grpc.js +17 -14
- package/lib/vendor/blamejs/lib/log-stream-otlp.js +16 -80
- package/lib/vendor/blamejs/lib/log-stream-webhook.js +20 -92
- package/lib/vendor/blamejs/lib/mail-arc-sign.js +8 -3
- package/lib/vendor/blamejs/lib/mail-arf.js +3 -2
- package/lib/vendor/blamejs/lib/mail-auth.js +40 -66
- package/lib/vendor/blamejs/lib/mail-bimi.js +19 -39
- package/lib/vendor/blamejs/lib/mail-crypto-pgp.js +3 -2
- package/lib/vendor/blamejs/lib/mail-dav.js +8 -35
- package/lib/vendor/blamejs/lib/mail-deploy.js +6 -9
- package/lib/vendor/blamejs/lib/mail-dkim.js +19 -38
- package/lib/vendor/blamejs/lib/mail-greylist.js +15 -26
- package/lib/vendor/blamejs/lib/mail-helo.js +2 -3
- package/lib/vendor/blamejs/lib/mail-journal.js +2 -1
- package/lib/vendor/blamejs/lib/mail-mdn.js +4 -3
- package/lib/vendor/blamejs/lib/mail-rbl.js +5 -8
- package/lib/vendor/blamejs/lib/mail-scan.js +2 -2
- package/lib/vendor/blamejs/lib/mail-send-deliver.js +33 -20
- package/lib/vendor/blamejs/lib/mail-server-imap.js +32 -87
- package/lib/vendor/blamejs/lib/mail-server-jmap.js +35 -51
- package/lib/vendor/blamejs/lib/mail-server-managesieve.js +29 -83
- package/lib/vendor/blamejs/lib/mail-server-mx.js +33 -74
- package/lib/vendor/blamejs/lib/mail-server-net.js +177 -0
- package/lib/vendor/blamejs/lib/mail-server-pop3.js +30 -83
- package/lib/vendor/blamejs/lib/mail-server-rate-limit.js +30 -6
- package/lib/vendor/blamejs/lib/mail-server-submission.js +34 -73
- package/lib/vendor/blamejs/lib/mail-server-tls.js +89 -0
- package/lib/vendor/blamejs/lib/mail-spam-score.js +7 -8
- package/lib/vendor/blamejs/lib/mail-store.js +3 -2
- package/lib/vendor/blamejs/lib/mail.js +6 -11
- package/lib/vendor/blamejs/lib/markup-escape.js +31 -0
- package/lib/vendor/blamejs/lib/markup-tokenizer.js +54 -0
- package/lib/vendor/blamejs/lib/mcp-tool-registry.js +26 -23
- package/lib/vendor/blamejs/lib/mcp.js +1 -1
- package/lib/vendor/blamejs/lib/mdoc.js +11 -12
- package/lib/vendor/blamejs/lib/metrics.js +32 -30
- package/lib/vendor/blamejs/lib/middleware/age-gate.js +3 -23
- package/lib/vendor/blamejs/lib/middleware/api-encrypt.js +11 -22
- package/lib/vendor/blamejs/lib/middleware/assetlinks.js +2 -7
- package/lib/vendor/blamejs/lib/middleware/bearer-auth.js +2 -1
- package/lib/vendor/blamejs/lib/middleware/body-parser.js +31 -48
- package/lib/vendor/blamejs/lib/middleware/bot-disclose.js +7 -10
- package/lib/vendor/blamejs/lib/middleware/bot-guard.js +2 -10
- package/lib/vendor/blamejs/lib/middleware/csrf-protect.js +13 -2
- package/lib/vendor/blamejs/lib/middleware/daily-byte-quota.js +6 -26
- package/lib/vendor/blamejs/lib/middleware/deny-response.js +19 -1
- package/lib/vendor/blamejs/lib/middleware/fetch-metadata.js +7 -0
- package/lib/vendor/blamejs/lib/middleware/idempotency-key.js +4 -20
- package/lib/vendor/blamejs/lib/middleware/rate-limit.js +20 -28
- package/lib/vendor/blamejs/lib/middleware/scim-server.js +3 -2
- package/lib/vendor/blamejs/lib/middleware/security-headers.js +9 -1
- package/lib/vendor/blamejs/lib/middleware/security-txt.js +2 -6
- package/lib/vendor/blamejs/lib/middleware/tus-upload.js +12 -27
- package/lib/vendor/blamejs/lib/middleware/web-app-manifest.js +2 -7
- package/lib/vendor/blamejs/lib/migrations.js +4 -13
- package/lib/vendor/blamejs/lib/mime-parse.js +34 -17
- package/lib/vendor/blamejs/lib/module-loader.js +44 -0
- package/lib/vendor/blamejs/lib/money.js +105 -0
- package/lib/vendor/blamejs/lib/mtls-ca.js +116 -36
- package/lib/vendor/blamejs/lib/network-byte-quota.js +4 -18
- package/lib/vendor/blamejs/lib/network-dane.js +8 -6
- package/lib/vendor/blamejs/lib/network-dns-resolver.js +97 -6
- package/lib/vendor/blamejs/lib/network-dnssec.js +16 -16
- package/lib/vendor/blamejs/lib/network-heartbeat.js +3 -2
- package/lib/vendor/blamejs/lib/network-smtp-policy.js +29 -41
- package/lib/vendor/blamejs/lib/network-tls.js +40 -42
- package/lib/vendor/blamejs/lib/nis2-report.js +1 -11
- package/lib/vendor/blamejs/lib/nonce-store.js +81 -3
- package/lib/vendor/blamejs/lib/numeric-bounds.js +22 -8
- package/lib/vendor/blamejs/lib/object-store/azure-blob-bucket-ops.js +2 -6
- package/lib/vendor/blamejs/lib/object-store/azure-blob.js +5 -45
- package/lib/vendor/blamejs/lib/object-store/gcs.js +8 -71
- package/lib/vendor/blamejs/lib/object-store/http-put.js +1 -5
- package/lib/vendor/blamejs/lib/object-store/http-request.js +128 -0
- package/lib/vendor/blamejs/lib/object-store/sigv4-bucket-ops.js +2 -1
- package/lib/vendor/blamejs/lib/object-store/sigv4.js +9 -77
- package/lib/vendor/blamejs/lib/observability-otlp-exporter.js +9 -25
- package/lib/vendor/blamejs/lib/observability.js +95 -0
- package/lib/vendor/blamejs/lib/openapi-paths-builder.js +7 -3
- package/lib/vendor/blamejs/lib/otel-export.js +7 -10
- package/lib/vendor/blamejs/lib/outbox.js +43 -37
- package/lib/vendor/blamejs/lib/pagination.js +11 -15
- package/lib/vendor/blamejs/lib/parsers/safe-env.js +5 -4
- package/lib/vendor/blamejs/lib/parsers/safe-ini.js +10 -4
- package/lib/vendor/blamejs/lib/parsers/safe-toml.js +11 -9
- package/lib/vendor/blamejs/lib/parsers/safe-xml.js +2 -2
- package/lib/vendor/blamejs/lib/parsers/safe-yaml.js +7 -6
- package/lib/vendor/blamejs/lib/pick.js +63 -5
- package/lib/vendor/blamejs/lib/pipl-cn.js +69 -59
- package/lib/vendor/blamejs/lib/privacy-pass.js +8 -6
- package/lib/vendor/blamejs/lib/problem-details.js +2 -5
- package/lib/vendor/blamejs/lib/pubsub.js +4 -8
- package/lib/vendor/blamejs/lib/redact.js +2 -1
- package/lib/vendor/blamejs/lib/render.js +4 -2
- package/lib/vendor/blamejs/lib/request-helpers.js +133 -6
- package/lib/vendor/blamejs/lib/restore.js +5 -22
- package/lib/vendor/blamejs/lib/retention.js +3 -5
- package/lib/vendor/blamejs/lib/safe-async.js +457 -0
- package/lib/vendor/blamejs/lib/safe-buffer.js +137 -6
- package/lib/vendor/blamejs/lib/safe-decompress.js +2 -1
- package/lib/vendor/blamejs/lib/safe-dns.js +2 -1
- package/lib/vendor/blamejs/lib/safe-ical.js +12 -26
- package/lib/vendor/blamejs/lib/safe-json.js +7 -8
- package/lib/vendor/blamejs/lib/safe-jsonpath.js +6 -5
- package/lib/vendor/blamejs/lib/safe-mime.js +25 -29
- package/lib/vendor/blamejs/lib/safe-redirect.js +2 -5
- package/lib/vendor/blamejs/lib/safe-schema.js +7 -6
- package/lib/vendor/blamejs/lib/safe-sql.js +126 -0
- package/lib/vendor/blamejs/lib/safe-vcard.js +12 -26
- package/lib/vendor/blamejs/lib/sandbox-worker.js +9 -2
- package/lib/vendor/blamejs/lib/sandbox.js +3 -2
- package/lib/vendor/blamejs/lib/scheduler.js +5 -12
- package/lib/vendor/blamejs/lib/sec-cyber.js +82 -37
- package/lib/vendor/blamejs/lib/seeders.js +4 -11
- package/lib/vendor/blamejs/lib/self-update.js +92 -69
- package/lib/vendor/blamejs/lib/session-device-binding.js +112 -66
- package/lib/vendor/blamejs/lib/session.js +194 -6
- package/lib/vendor/blamejs/lib/sql.js +225 -78
- package/lib/vendor/blamejs/lib/sse.js +6 -10
- package/lib/vendor/blamejs/lib/static.js +136 -98
- package/lib/vendor/blamejs/lib/storage.js +4 -2
- package/lib/vendor/blamejs/lib/structured-fields.js +275 -16
- package/lib/vendor/blamejs/lib/tenant-quota.js +2 -20
- package/lib/vendor/blamejs/lib/tsa.js +11 -15
- package/lib/vendor/blamejs/lib/validate-opts.js +154 -8
- package/lib/vendor/blamejs/lib/vault/seal-pem-file.js +30 -48
- package/lib/vendor/blamejs/lib/vault-aad.js +3 -2
- package/lib/vendor/blamejs/lib/vc.js +2 -7
- package/lib/vendor/blamejs/lib/vex.js +35 -13
- package/lib/vendor/blamejs/lib/web-push-vapid.js +23 -20
- package/lib/vendor/blamejs/lib/webhook-dispatcher.js +706 -0
- package/lib/vendor/blamejs/lib/webhook.js +43 -18
- package/lib/vendor/blamejs/lib/websocket-channels.js +9 -7
- package/lib/vendor/blamejs/lib/websocket.js +7 -3
- package/lib/vendor/blamejs/lib/worm.js +2 -3
- package/lib/vendor/blamejs/lib/ws-client.js +8 -10
- package/lib/vendor/blamejs/package.json +1 -1
- package/lib/vendor/blamejs/release-notes/v0.15.13.json +81 -0
- package/lib/vendor/blamejs/scripts/check-changelog-extract.js +1 -1
- package/lib/vendor/blamejs/test/00-primitives.js +136 -7
- package/lib/vendor/blamejs/test/10-state.js +9 -3
- package/lib/vendor/blamejs/test/30-chain.js +40 -0
- package/lib/vendor/blamejs/test/helpers/check.js +18 -0
- package/lib/vendor/blamejs/test/helpers/db.js +4 -0
- package/lib/vendor/blamejs/test/helpers/index.js +1 -0
- package/lib/vendor/blamejs/test/integration/audit-chain-external-db.test.js +2 -1
- package/lib/vendor/blamejs/test/integration/audit-stack-postgres.test.js +2 -1
- package/lib/vendor/blamejs/test/integration/data-layer-mysql.test.js +8 -1
- package/lib/vendor/blamejs/test/integration/data-layer-pg.test.js +1 -1
- package/lib/vendor/blamejs/test/integration/framework-schema-mysql.test.js +2 -1
- package/lib/vendor/blamejs/test/integration/webhook-dispatcher-pg.test.js +269 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/atomic-file-fd-read.test.js +149 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-framework-namespaces.test.js +51 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-sign-anchor.test.js +88 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-use-store.test.js +55 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/backup-object-store-adapter.test.js +2 -2
- package/lib/vendor/blamejs/test/layer-0-primitives/bot-guard.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/bounded-map.test.js +129 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/chain-writer-multichain.test.js +107 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-api-key.test.js +12 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/codebase-patterns.test.js +2788 -3214
- package/lib/vendor/blamejs/test/layer-0-primitives/codepoint-class.test.js +78 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-base64url.test.js +63 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-hash-stream.test.js +2 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/csp-builder.test.js +50 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/csp-nonce.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/daemon.test.js +2 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/defineguard-resolve-opts.test.js +76 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/flag.test.js +9 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/gate-contract-content-gate.test.js +290 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-csv.test.js +84 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-email.test.js +78 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-filename.test.js +23 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-gate-disposition-coverage.test.js +93 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-html.test.js +60 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-image.test.js +184 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-imap-command.test.js +0 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-json.test.js +54 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-managesieve-command.test.js +10 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-markdown.test.js +45 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-pdf.test.js +101 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-pop3-command.test.js +18 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-svg.test.js +76 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-text.test.js +365 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-xml.test.js +35 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-yaml.test.js +36 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/i18n.test.js +20 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/inbox.test.js +15 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/ip-utils.test.js +83 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-arf.test.js +10 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-auth.test.js +39 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-dkim.test.js +36 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-greylist.test.js +17 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-tls.test.js +39 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-store.test.js +17 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mime-parse.test.js +106 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/money.test.js +17 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mtls-ca-revocation.test.js +98 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/nonce-store-release.test.js +77 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/observability.test.js +48 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/rate-limit-memory-getorinsert.test.js +100 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/request-helpers.test.js +88 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-async-loops.test.js +278 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-buffer-linear-scans.test.js +37 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-jsonpath.test.js +14 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sandbox.test.js +19 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/security-headers.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/self-update.test.js +2 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/session-device-binding.test.js +18 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/session-extensions.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/session-valid-from.test.js +73 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sql.test.js +100 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/structured-fields.test.js +80 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/validate-opts-shape.test.js +235 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/webhook-dispatcher.test.js +374 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/webhook.test.js +75 -8
- package/lib/vendor/blamejs/test/layer-5-integration/guard-host-integration.test.js +3 -3
- package/package.json +1 -1
|
@@ -159,43 +159,50 @@ function _requireRecordedAt(value, label) {
|
|
|
159
159
|
function sccFilingAssessment(opts) {
|
|
160
160
|
validateOpts.requireObject(opts, "b.pipl.sccFilingAssessment: opts", PiplError, "pipl/bad-opts");
|
|
161
161
|
validateOpts(opts, SCC_ASSESSMENT_ALLOWED_KEYS, "b.pipl.sccFilingAssessment");
|
|
162
|
-
validateOpts.
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
"b.pipl.sccFilingAssessment: opts.
|
|
166
|
-
|
|
167
|
-
|
|
162
|
+
validateOpts.shape(opts, {
|
|
163
|
+
assessmentId: { rule: "required-string", code: "pipl/bad-assessment-id", label: "b.pipl.sccFilingAssessment: opts.assessmentId" },
|
|
164
|
+
transferType: { rule: "required-string", code: "pipl/bad-transfer-type", label: "b.pipl.sccFilingAssessment: opts.transferType" },
|
|
165
|
+
recipientJurisdiction: { rule: "required-string", code: "pipl/bad-recipient", label: "b.pipl.sccFilingAssessment: opts.recipientJurisdiction" },
|
|
166
|
+
dataCategories: function (value) {
|
|
167
|
+
if (!Array.isArray(value) || value.length === 0) {
|
|
168
|
+
throw new PiplError("pipl/bad-data-categories",
|
|
169
|
+
"b.pipl.sccFilingAssessment: opts.dataCategories must be a non-empty array of strings");
|
|
170
|
+
}
|
|
171
|
+
validateOpts.optionalNonEmptyStringArray(value,
|
|
172
|
+
"b.pipl.sccFilingAssessment: opts.dataCategories", PiplError, "pipl/bad-data-categories");
|
|
173
|
+
},
|
|
174
|
+
legalBasis: function (value) {
|
|
175
|
+
if (LEGAL_BASES.indexOf(value) === -1) {
|
|
176
|
+
throw new PiplError("pipl/bad-legal-basis",
|
|
177
|
+
"b.pipl.sccFilingAssessment: opts.legalBasis must be one of " +
|
|
178
|
+
LEGAL_BASES.join(" | ") + " (PIPL Art. 38(1)) — got " + JSON.stringify(value));
|
|
179
|
+
}
|
|
180
|
+
},
|
|
181
|
+
volume: function (value) {
|
|
182
|
+
if (typeof value !== "number" || !isFinite(value) || value < 0) {
|
|
183
|
+
throw new PiplError("pipl/bad-volume",
|
|
184
|
+
"b.pipl.sccFilingAssessment: opts.volume must be a non-negative finite number (data-subject count)");
|
|
185
|
+
}
|
|
186
|
+
},
|
|
187
|
+
sensitivePI: function (value) {
|
|
188
|
+
if (typeof value !== "boolean") {
|
|
189
|
+
throw new PiplError("pipl/bad-sensitive-pi",
|
|
190
|
+
"b.pipl.sccFilingAssessment: opts.sensitivePI must be a boolean");
|
|
191
|
+
}
|
|
192
|
+
},
|
|
193
|
+
ciio: { rule: "optional-boolean", code: "pipl/bad-ciio", label: "b.pipl.sccFilingAssessment: opts.ciio" },
|
|
194
|
+
importantData: { rule: "optional-boolean", code: "pipl/bad-important-data", label: "b.pipl.sccFilingAssessment: opts.importantData" },
|
|
195
|
+
cumulativePI: { rule: "optional-non-negative", code: "pipl/bad-cumulative-pi", label: "b.pipl.sccFilingAssessment: opts.cumulativePI" },
|
|
196
|
+
cumulativeSensitivePI: { rule: "optional-non-negative", code: "pipl/bad-cumulative-sensitive-pi", label: "b.pipl.sccFilingAssessment: opts.cumulativeSensitivePI" },
|
|
197
|
+
recordedAt: function (value) {
|
|
198
|
+
_requireRecordedAt(value, "b.pipl.sccFilingAssessment: opts.recordedAt");
|
|
199
|
+
},
|
|
200
|
+
}, "b.pipl.sccFilingAssessment: opts", PiplError, "pipl/bad-opts", { allow: ["audit"] });
|
|
168
201
|
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
validateOpts.optionalNonEmptyStringArray(opts.dataCategories,
|
|
174
|
-
"b.pipl.sccFilingAssessment: opts.dataCategories", PiplError, "pipl/bad-data-categories");
|
|
175
|
-
|
|
176
|
-
if (LEGAL_BASES.indexOf(opts.legalBasis) === -1) {
|
|
177
|
-
throw new PiplError("pipl/bad-legal-basis",
|
|
178
|
-
"b.pipl.sccFilingAssessment: opts.legalBasis must be one of " +
|
|
179
|
-
LEGAL_BASES.join(" | ") + " (PIPL Art. 38(1)) — got " + JSON.stringify(opts.legalBasis));
|
|
180
|
-
}
|
|
181
|
-
|
|
182
|
-
if (typeof opts.volume !== "number" || !isFinite(opts.volume) || opts.volume < 0) {
|
|
183
|
-
throw new PiplError("pipl/bad-volume",
|
|
184
|
-
"b.pipl.sccFilingAssessment: opts.volume must be a non-negative finite number (data-subject count)");
|
|
185
|
-
}
|
|
186
|
-
if (typeof opts.sensitivePI !== "boolean") {
|
|
187
|
-
throw new PiplError("pipl/bad-sensitive-pi",
|
|
188
|
-
"b.pipl.sccFilingAssessment: opts.sensitivePI must be a boolean");
|
|
189
|
-
}
|
|
190
|
-
|
|
191
|
-
var ciio = opts.ciio === undefined ? false
|
|
192
|
-
: validateOpts.optionalBoolean(opts.ciio, "b.pipl.sccFilingAssessment: opts.ciio", PiplError, "pipl/bad-ciio");
|
|
193
|
-
var importantData = opts.importantData === undefined ? false
|
|
194
|
-
: validateOpts.optionalBoolean(opts.importantData, "b.pipl.sccFilingAssessment: opts.importantData", PiplError, "pipl/bad-important-data");
|
|
195
|
-
var cumulativePI = opts.cumulativePI === undefined ? 0
|
|
196
|
-
: validateOpts.optionalFiniteNonNegative(opts.cumulativePI, "b.pipl.sccFilingAssessment: opts.cumulativePI", PiplError, "pipl/bad-cumulative-pi");
|
|
197
|
-
var cumulativeSensitivePI = opts.cumulativeSensitivePI === undefined ? 0
|
|
198
|
-
: validateOpts.optionalFiniteNonNegative(opts.cumulativeSensitivePI, "b.pipl.sccFilingAssessment: opts.cumulativeSensitivePI", PiplError, "pipl/bad-cumulative-sensitive-pi");
|
|
202
|
+
var ciio = opts.ciio === undefined ? false : opts.ciio;
|
|
203
|
+
var importantData = opts.importantData === undefined ? false : opts.importantData;
|
|
204
|
+
var cumulativePI = opts.cumulativePI === undefined ? 0 : opts.cumulativePI;
|
|
205
|
+
var cumulativeSensitivePI = opts.cumulativeSensitivePI === undefined ? 0 : opts.cumulativeSensitivePI;
|
|
199
206
|
|
|
200
207
|
var recordedAt = _requireRecordedAt(opts.recordedAt, "b.pipl.sccFilingAssessment: opts.recordedAt");
|
|
201
208
|
// Resolve + shape-validate the audit sink at the entry-point tier (THROWS
|
|
@@ -306,30 +313,33 @@ function sccFilingAssessment(opts) {
|
|
|
306
313
|
function securityAssessmentCertificate(opts) {
|
|
307
314
|
validateOpts.requireObject(opts, "b.pipl.securityAssessmentCertificate: opts", PiplError, "pipl/bad-opts");
|
|
308
315
|
validateOpts(opts, SECURITY_CERT_ALLOWED_KEYS, "b.pipl.securityAssessmentCertificate");
|
|
309
|
-
validateOpts.
|
|
310
|
-
|
|
311
|
-
|
|
312
|
-
"b.pipl.securityAssessmentCertificate: opts.
|
|
313
|
-
|
|
314
|
-
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
|
|
320
|
-
|
|
321
|
-
|
|
322
|
-
|
|
323
|
-
|
|
324
|
-
|
|
325
|
-
|
|
326
|
-
|
|
327
|
-
|
|
328
|
-
|
|
329
|
-
"b.pipl.securityAssessmentCertificate: opts.
|
|
316
|
+
validateOpts.shape(opts, {
|
|
317
|
+
certId: { rule: "required-string", code: "pipl/bad-cert-id", label: "b.pipl.securityAssessmentCertificate: opts.certId" },
|
|
318
|
+
assessmentScope: { rule: "required-string", code: "pipl/bad-scope", label: "b.pipl.securityAssessmentCertificate: opts.assessmentScope" },
|
|
319
|
+
dataExporter: { rule: "required-string", code: "pipl/bad-exporter", label: "b.pipl.securityAssessmentCertificate: opts.dataExporter" },
|
|
320
|
+
overseasRecipient: { rule: "required-string", code: "pipl/bad-recipient", label: "b.pipl.securityAssessmentCertificate: opts.overseasRecipient" },
|
|
321
|
+
riskRating: function (value) {
|
|
322
|
+
if (RISK_RATINGS.indexOf(value) === -1) {
|
|
323
|
+
throw new PiplError("pipl/bad-risk-rating",
|
|
324
|
+
"b.pipl.securityAssessmentCertificate: opts.riskRating must be one of " +
|
|
325
|
+
RISK_RATINGS.join(" | ") + " — got " + JSON.stringify(value));
|
|
326
|
+
}
|
|
327
|
+
},
|
|
328
|
+
safeguards: function (value) {
|
|
329
|
+
if (!Array.isArray(value) || value.length === 0) {
|
|
330
|
+
throw new PiplError("pipl/bad-safeguards",
|
|
331
|
+
"b.pipl.securityAssessmentCertificate: opts.safeguards must be a non-empty array of strings");
|
|
332
|
+
}
|
|
333
|
+
validateOpts.optionalNonEmptyStringArray(value,
|
|
334
|
+
"b.pipl.securityAssessmentCertificate: opts.safeguards", PiplError, "pipl/bad-safeguards");
|
|
335
|
+
},
|
|
336
|
+
filingRef: { rule: "optional-string", code: "pipl/bad-filing-ref", label: "b.pipl.securityAssessmentCertificate: opts.filingRef" },
|
|
337
|
+
recordedAt: function (value) {
|
|
338
|
+
_requireRecordedAt(value, "b.pipl.securityAssessmentCertificate: opts.recordedAt");
|
|
339
|
+
},
|
|
340
|
+
}, "b.pipl.securityAssessmentCertificate: opts", PiplError, "pipl/bad-opts", { allow: ["audit"] });
|
|
330
341
|
|
|
331
|
-
var filingRef =
|
|
332
|
-
"b.pipl.securityAssessmentCertificate: opts.filingRef", PiplError, "pipl/bad-filing-ref");
|
|
342
|
+
var filingRef = opts.filingRef;
|
|
333
343
|
|
|
334
344
|
var recordedAt = _requireRecordedAt(opts.recordedAt, "b.pipl.securityAssessmentCertificate: opts.recordedAt");
|
|
335
345
|
// Entry-point shape-validate the audit sink (THROWS) before the drop-silent
|
|
@@ -36,6 +36,7 @@
|
|
|
36
36
|
|
|
37
37
|
var nodeCrypto = require("node:crypto");
|
|
38
38
|
var bCrypto = require("./crypto");
|
|
39
|
+
var safeBuffer = require("./safe-buffer");
|
|
39
40
|
var validateOpts = require("./validate-opts");
|
|
40
41
|
var { defineClass } = require("./framework-error");
|
|
41
42
|
|
|
@@ -58,12 +59,13 @@ function _b64urlPadded(buf) {
|
|
|
58
59
|
return s;
|
|
59
60
|
}
|
|
60
61
|
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
62
|
+
var _bytes = safeBuffer.makeByteCoercer({
|
|
63
|
+
errorClass: PrivacyPassError,
|
|
64
|
+
typeCode: "privacy-pass/bad-bytes",
|
|
65
|
+
messagePrefix: "privacyPass: ",
|
|
66
|
+
messageSuffix: " must be a Buffer / Uint8Array / base64 string",
|
|
67
|
+
encoding: "base64",
|
|
68
|
+
});
|
|
67
69
|
|
|
68
70
|
// Import the issuer public key and capture the SubjectPublicKeyInfo
|
|
69
71
|
// bytes used to derive token_key_id. When the caller supplies the
|
|
@@ -378,11 +378,8 @@ function fromError(err, opts2) {
|
|
|
378
378
|
* // res.statusCode: 400
|
|
379
379
|
*/
|
|
380
380
|
function respond(res, problem, req) {
|
|
381
|
-
|
|
382
|
-
|
|
383
|
-
throw new ProblemDetailsError("problem-details/bad-res",
|
|
384
|
-
"respond: res must be an HTTP response object (setHeader + end)", true);
|
|
385
|
-
}
|
|
381
|
+
validateOpts.requireMethods(res, ["setHeader", "end"],
|
|
382
|
+
"respond: res (HTTP response object)", ProblemDetailsError, "problem-details/bad-res", true);
|
|
386
383
|
if (!problem || typeof problem !== "object" || Array.isArray(problem)) {
|
|
387
384
|
throw new ProblemDetailsError("problem-details/bad-problem",
|
|
388
385
|
"respond: problem must be a non-null object", true);
|
|
@@ -41,6 +41,7 @@ var C = require("./constants");
|
|
|
41
41
|
var lazyRequire = require("./lazy-require");
|
|
42
42
|
var safeJson = require("./safe-json");
|
|
43
43
|
var validateOpts = require("./validate-opts");
|
|
44
|
+
var boundedMap = require("./bounded-map");
|
|
44
45
|
var { defineClass } = require("./framework-error");
|
|
45
46
|
|
|
46
47
|
var audit = lazyRequire(function () { return require("./audit"); });
|
|
@@ -58,12 +59,8 @@ function _err(code, message) { return new PubsubError(code, message, true); }
|
|
|
58
59
|
function _resolveBackend(opts) {
|
|
59
60
|
var requested = opts.backend;
|
|
60
61
|
if (requested && typeof requested === "object") {
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
typeof requested.stop !== "function") {
|
|
64
|
-
throw _err("BAD_BACKEND",
|
|
65
|
-
"pubsub: custom backend must implement { publishRemote, start, stop }");
|
|
66
|
-
}
|
|
62
|
+
validateOpts.requireMethods(requested, ["publishRemote", "start", "stop"],
|
|
63
|
+
"pubsub: custom backend", PubsubError, "BAD_BACKEND", true);
|
|
67
64
|
return Object.assign({ name: "custom" }, requested);
|
|
68
65
|
}
|
|
69
66
|
if (!requested || requested === "local") {
|
|
@@ -347,8 +344,7 @@ function create(opts) {
|
|
|
347
344
|
throw _err("BAD_OPT", "pubsub.subscribe: handler must be a function");
|
|
348
345
|
}
|
|
349
346
|
var rec = { channel: channel, handler: handler, isPattern: false };
|
|
350
|
-
var set =
|
|
351
|
-
if (!set) { set = new Set(); exactSubs.set(channel, set); }
|
|
347
|
+
var set = boundedMap.getOrInsert(exactSubs, channel, function () { return new Set(); });
|
|
352
348
|
set.add(rec);
|
|
353
349
|
// Remote subscribe is fire-and-forget from the caller's perspective;
|
|
354
350
|
// the redis backend awaits the SUBSCRIBE ack internally before its
|
|
@@ -37,6 +37,7 @@
|
|
|
37
37
|
*/
|
|
38
38
|
|
|
39
39
|
var C = require("./constants");
|
|
40
|
+
var safeBuffer = require("./safe-buffer");
|
|
40
41
|
var lazyRequire = require("./lazy-require");
|
|
41
42
|
var safeJson = require("./safe-json");
|
|
42
43
|
var validateOpts = require("./validate-opts");
|
|
@@ -149,7 +150,7 @@ var VALUE_DETECTORS = [
|
|
|
149
150
|
name: "connection-string",
|
|
150
151
|
test: function (v) {
|
|
151
152
|
if (typeof v !== "string" || v.length < C.BYTES.bytes(8)) return false; // bound BEFORE regex test
|
|
152
|
-
if (v
|
|
153
|
+
if (safeBuffer.byteLengthOf(v) > C.BYTES.kib(8)) return false;
|
|
153
154
|
// user may be empty (e.g. redis://:password@host); password
|
|
154
155
|
// segment is required to flag this as a credentialed URI.
|
|
155
156
|
return /\b[a-zA-Z][a-zA-Z0-9+.-]*:\/\/[^\s:/?#]*:[^\s@/?#]+@/.test(v);
|
|
@@ -28,6 +28,8 @@
|
|
|
28
28
|
* Server-side HTML / JSON / XML response helpers.
|
|
29
29
|
*/
|
|
30
30
|
|
|
31
|
+
var validateOpts = require("./validate-opts");
|
|
32
|
+
|
|
31
33
|
var DEFAULT_CHARSET = "utf-8";
|
|
32
34
|
|
|
33
35
|
function _alreadyDone(res) {
|
|
@@ -53,8 +55,8 @@ function _writeResponse(res, status, headers, body) {
|
|
|
53
55
|
function _mergedHeaders(base, extra) {
|
|
54
56
|
if (!extra) return base;
|
|
55
57
|
var out = {};
|
|
56
|
-
|
|
57
|
-
|
|
58
|
+
validateOpts.assignOwnEnumerable(out, base);
|
|
59
|
+
validateOpts.assignOwnEnumerable(out, extra);
|
|
58
60
|
return out;
|
|
59
61
|
}
|
|
60
62
|
|
|
@@ -42,6 +42,8 @@
|
|
|
42
42
|
// every consumer reads HTTP_STATUS.<NAME> rather than the underlying
|
|
43
43
|
// integer, so the hex form is purely an internal storage detail.
|
|
44
44
|
var structuredFields = require("./structured-fields");
|
|
45
|
+
var pick = require("./pick");
|
|
46
|
+
var codepointClass = require("./codepoint-class");
|
|
45
47
|
|
|
46
48
|
var HTTP_STATUS = Object.freeze({
|
|
47
49
|
OK: 0xC8,
|
|
@@ -468,6 +470,91 @@ function resolveRoute(req) {
|
|
|
468
470
|
return qIdx === -1 ? url : url.slice(0, qIdx);
|
|
469
471
|
}
|
|
470
472
|
|
|
473
|
+
/**
|
|
474
|
+
* @primitive b.requestHelpers.makeSkipMatcher
|
|
475
|
+
* @signature b.requestHelpers.makeSkipMatcher(opts, label)
|
|
476
|
+
* @since 0.15.13
|
|
477
|
+
* @status stable
|
|
478
|
+
* @related b.requestHelpers.resolveRoute
|
|
479
|
+
*
|
|
480
|
+
* Build a `(req) => boolean` path-match predicate shared by the state-change
|
|
481
|
+
* guards (`csrfProtect` / `fetchMetadata` / `botGuard` / `rateLimit`) AND the
|
|
482
|
+
* route-exemption / mount checks in `auth.accessLock`, `middleware.ageGate`,
|
|
483
|
+
* `middleware.botDisclose`, and `middleware.dailyByteQuota` — so a single route
|
|
484
|
+
* can be exempted (or a middleware mounted on a path subset) without each caller
|
|
485
|
+
* re-rolling the loop. `opts.skipPaths` entries are validated at build time —
|
|
486
|
+
* each must be a string or a RegExp — so an operator typo dies at boot, not on
|
|
487
|
+
* the first request; the optional `opts.skip(req)` predicate is validated the
|
|
488
|
+
* same way.
|
|
489
|
+
*
|
|
490
|
+
* A STRING entry matches on a SEGMENT BOUNDARY, not a raw prefix: `"/api"`
|
|
491
|
+
* matches `/api` and `/api/x` but NOT `/apixyz` — a raw `startsWith` would skip
|
|
492
|
+
* the guard on an unintended sibling path (a guard-bypass class). An entry that
|
|
493
|
+
* already ends in `/` is itself a segment prefix. Pass `exact: true` to require
|
|
494
|
+
* a whole-path match (no descendant). A RegExp entry uses `.test(path)`. The
|
|
495
|
+
* tested path is `req.pathname || req.url || req.originalUrl || "/"` with the
|
|
496
|
+
* query string stripped (matching is on the path, never the query). A `skip`
|
|
497
|
+
* predicate that throws is treated as "do not skip", so a buggy exemption can
|
|
498
|
+
* only keep the guard ON, never silently bypass it.
|
|
499
|
+
*
|
|
500
|
+
* @opts
|
|
501
|
+
* skipPaths: Array<string|RegExp>, // string = segment-boundary match; RegExp = .test(path)
|
|
502
|
+
* exact: boolean, // string entries match whole-path only (no descendant). default false
|
|
503
|
+
* skip: function, // (req) => boolean, optional route-aware predicate
|
|
504
|
+
*
|
|
505
|
+
* @example
|
|
506
|
+
* var shouldSkip = b.requestHelpers.makeSkipMatcher(
|
|
507
|
+
* { skipPaths: ["/healthz", /^\/webhooks\//] }, "middleware.csrfProtect");
|
|
508
|
+
* if (shouldSkip(req)) return next();
|
|
509
|
+
*/
|
|
510
|
+
// _skipStrMatch — does the request path match a single STRING skip entry?
|
|
511
|
+
// SEGMENT-BOUNDARY semantics, NOT a raw `startsWith`: entry "/api" matches
|
|
512
|
+
// "/api" and "/api/x" but NOT "/apixyz" (a raw prefix would wrongly skip the
|
|
513
|
+
// guard on the sibling path — a guard-bypass class). An entry that already
|
|
514
|
+
// ends in "/" is itself a segment prefix ("/webhooks/" matches "/webhooks/x").
|
|
515
|
+
// `exact` restricts to a whole-path equality (no descendant match).
|
|
516
|
+
function _skipStrMatch(path, entry, exact) {
|
|
517
|
+
if (exact) return path === entry;
|
|
518
|
+
if (entry.charAt(entry.length - 1) === "/") return path.indexOf(entry) === 0;
|
|
519
|
+
return path === entry || path.indexOf(entry + "/") === 0;
|
|
520
|
+
}
|
|
521
|
+
|
|
522
|
+
function makeSkipMatcher(opts, label) {
|
|
523
|
+
opts = opts || {};
|
|
524
|
+
label = label || "makeSkipMatcher";
|
|
525
|
+
var skipPaths = opts.skipPaths || [];
|
|
526
|
+
if (!Array.isArray(skipPaths)) {
|
|
527
|
+
throw new TypeError(label + ": skipPaths must be an array of string prefixes or RegExp");
|
|
528
|
+
}
|
|
529
|
+
for (var i = 0; i < skipPaths.length; i++) {
|
|
530
|
+
if (typeof skipPaths[i] !== "string" && !(skipPaths[i] instanceof RegExp)) {
|
|
531
|
+
throw new TypeError(label + ": skipPaths[" + i + "] must be a string prefix or RegExp, got " +
|
|
532
|
+
typeof skipPaths[i]);
|
|
533
|
+
}
|
|
534
|
+
}
|
|
535
|
+
var skipFn = opts.skip;
|
|
536
|
+
if (skipFn !== undefined && skipFn !== null && typeof skipFn !== "function") {
|
|
537
|
+
throw new TypeError(label + ": skip must be a function (req) => boolean");
|
|
538
|
+
}
|
|
539
|
+
var exact = opts.exact === true;
|
|
540
|
+
return function _shouldSkip(req) {
|
|
541
|
+
var path = (req && (req.pathname || req.url || req.originalUrl)) || "/";
|
|
542
|
+
var qpos = path.indexOf("?");
|
|
543
|
+
if (qpos !== -1) path = path.slice(0, qpos); // match on the path, never the query string
|
|
544
|
+
for (var j = 0; j < skipPaths.length; j++) {
|
|
545
|
+
var entry = skipPaths[j];
|
|
546
|
+
if (typeof entry === "string" ? _skipStrMatch(path, entry, exact) : entry.test(path)) {
|
|
547
|
+
return true;
|
|
548
|
+
}
|
|
549
|
+
}
|
|
550
|
+
if (skipFn) {
|
|
551
|
+
try { return skipFn(req) === true; }
|
|
552
|
+
catch (_e) { return false; }
|
|
553
|
+
}
|
|
554
|
+
return false;
|
|
555
|
+
};
|
|
556
|
+
}
|
|
557
|
+
|
|
471
558
|
/**
|
|
472
559
|
* @primitive b.requestHelpers.captureResponseStatus
|
|
473
560
|
* @signature b.requestHelpers.captureResponseStatus(res, onEnd)
|
|
@@ -667,11 +754,8 @@ function extractBearer(req) {
|
|
|
667
754
|
if (raw.indexOf(",") !== -1) return null;
|
|
668
755
|
// Reject ASCII control characters BEFORE prefix-matching so a header
|
|
669
756
|
// like "Bearer\rinjected" never reaches consumers.
|
|
670
|
-
|
|
671
|
-
|
|
672
|
-
if (cc === 0x00 || cc === 0x0A || cc === 0x0D || cc === 0x09 || cc < 0x20 || cc === 0x7F) {
|
|
673
|
-
return null;
|
|
674
|
-
}
|
|
757
|
+
if (codepointClass.firstControlCharOffset(raw, { forbidTab: true }) !== -1) {
|
|
758
|
+
return null;
|
|
675
759
|
}
|
|
676
760
|
// RFC 6750 §2.1 — auth-scheme is case-insensitive. The "Bearer "
|
|
677
761
|
// prefix + at least one token byte must be present; the literal
|
|
@@ -747,15 +831,58 @@ function safeHeadersDistinct(req) {
|
|
|
747
831
|
// skip __proto__ / constructor / prototype as keys — they are the
|
|
748
832
|
// exact strings that triggered the upstream getter throw, and we
|
|
749
833
|
// refuse to surface them as accessible header names.
|
|
750
|
-
if (lower
|
|
834
|
+
if (pick.isPoisonedKey(lower)) continue;
|
|
751
835
|
if (out[lower]) out[lower].push(value);
|
|
752
836
|
else out[lower] = [value];
|
|
753
837
|
}
|
|
754
838
|
return out;
|
|
755
839
|
}
|
|
756
840
|
|
|
841
|
+
/**
|
|
842
|
+
* @primitive b.requestHelpers.makeResourceAuditEmitter
|
|
843
|
+
* @signature b.requestHelpers.makeResourceAuditEmitter(sink, resourceKind, idFor?)
|
|
844
|
+
* @since 0.15.13
|
|
845
|
+
* @status stable
|
|
846
|
+
* @related b.requestHelpers.extractActorContext
|
|
847
|
+
*
|
|
848
|
+
* Build a drop-silent audit emitter `(action, key, outcome, metadata, req)` for
|
|
849
|
+
* a request-scoped resource. The emitter is disabled when `sink` is falsy (the
|
|
850
|
+
* operator supplied no audit instance), so a primitive can wire it
|
|
851
|
+
* unconditionally and let the operator opt in by passing `opts.audit`. Each
|
|
852
|
+
* event carries `resource: { kind, id }` and, when a request is passed, the
|
|
853
|
+
* actor extracted from it (`extractActorContext`); a throwing sink is swallowed
|
|
854
|
+
* so audit emission can never break the request the event describes.
|
|
855
|
+
*
|
|
856
|
+
* The auth lockout / bot-challenge and session device-binding primitives emit
|
|
857
|
+
* this exact shape, varying only in the resource kind and how the id derives
|
|
858
|
+
* from the per-call key. `idFor(key)` maps the per-call key to the resource id
|
|
859
|
+
* (default: the key verbatim); pass it when the id needs a prefix or transform.
|
|
860
|
+
*
|
|
861
|
+
* @example
|
|
862
|
+
* var emitAudit = b.requestHelpers.makeResourceAuditEmitter(
|
|
863
|
+
* opts.audit, "auth.lockout", function (key) { return ns + ":" + key; });
|
|
864
|
+
* emitAudit("locked", key, "denied", { attempts: n }, req);
|
|
865
|
+
*/
|
|
866
|
+
function makeResourceAuditEmitter(sink, resourceKind, idFor) {
|
|
867
|
+
return function (action, key, outcome, metadata, req) {
|
|
868
|
+
if (!sink) return;
|
|
869
|
+
try {
|
|
870
|
+
var event = {
|
|
871
|
+
action: action,
|
|
872
|
+
outcome: outcome,
|
|
873
|
+
resource: { kind: resourceKind, id: idFor ? idFor(key) : key },
|
|
874
|
+
metadata: metadata || {},
|
|
875
|
+
};
|
|
876
|
+
if (req) event.actor = extractActorContext(req);
|
|
877
|
+
sink.safeEmit(event);
|
|
878
|
+
} catch (_e) { /* audit best-effort — never let a sink throw escape */ }
|
|
879
|
+
};
|
|
880
|
+
}
|
|
881
|
+
|
|
757
882
|
module.exports = {
|
|
758
883
|
resolveRoute: resolveRoute,
|
|
884
|
+
makeResourceAuditEmitter: makeResourceAuditEmitter,
|
|
885
|
+
makeSkipMatcher: makeSkipMatcher,
|
|
759
886
|
captureResponseStatus: captureResponseStatus,
|
|
760
887
|
extractActorContext: extractActorContext,
|
|
761
888
|
resolveActorWithOverride: resolveActorWithOverride,
|
|
@@ -59,9 +59,8 @@ var bCrypto = require("./crypto");
|
|
|
59
59
|
var numericChecks = require("./numeric-checks");
|
|
60
60
|
var restoreBundle = require("./restore-bundle");
|
|
61
61
|
var restoreRollback = require("./restore-rollback");
|
|
62
|
-
var lazyRequire = require("./lazy-require");
|
|
63
62
|
var validateOpts = require("./validate-opts");
|
|
64
|
-
var
|
|
63
|
+
var auditEmit = require("./audit-emit");
|
|
65
64
|
var { FrameworkError } = require("./framework-error");
|
|
66
65
|
|
|
67
66
|
class RestoreError extends FrameworkError {
|
|
@@ -74,17 +73,9 @@ class RestoreError extends FrameworkError {
|
|
|
74
73
|
}
|
|
75
74
|
|
|
76
75
|
function _validateStorage(storage) {
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
}
|
|
81
|
-
var required = ["readBundle", "listBundles", "hasBundle"];
|
|
82
|
-
for (var i = 0; i < required.length; i++) {
|
|
83
|
-
if (typeof storage[required[i]] !== "function") {
|
|
84
|
-
throw new RestoreError("restore/bad-storage",
|
|
85
|
-
"storage backend missing method '" + required[i] + "'");
|
|
86
|
-
}
|
|
87
|
-
}
|
|
76
|
+
validateOpts.requireMethods(storage,
|
|
77
|
+
["readBundle", "listBundles", "hasBundle"],
|
|
78
|
+
"storage backend", RestoreError, "restore/bad-storage");
|
|
88
79
|
}
|
|
89
80
|
|
|
90
81
|
function create(opts) {
|
|
@@ -152,15 +143,7 @@ function create(opts) {
|
|
|
152
143
|
return { totalBytes: totalBytes, fileCount: fileCount };
|
|
153
144
|
}
|
|
154
145
|
|
|
155
|
-
|
|
156
|
-
if (!auditOn) return;
|
|
157
|
-
audit().safeEmit({
|
|
158
|
-
action: action,
|
|
159
|
-
outcome: outcome,
|
|
160
|
-
metadata: info || {},
|
|
161
|
-
reason: info && info.reason ? info.reason : null,
|
|
162
|
-
});
|
|
163
|
-
}
|
|
146
|
+
var _emitAudit = auditEmit.gatedReasonEmitter({ audit: auditOn });
|
|
164
147
|
|
|
165
148
|
async function list() { return await storage.listBundles(); }
|
|
166
149
|
|
|
@@ -47,6 +47,7 @@ var lazyRequire = require("./lazy-require");
|
|
|
47
47
|
var validateOpts = require("./validate-opts");
|
|
48
48
|
var safeSql = require("./safe-sql");
|
|
49
49
|
var sql = require("./sql");
|
|
50
|
+
var numericBounds = require("./numeric-bounds");
|
|
50
51
|
var { defineClass } = require("./framework-error");
|
|
51
52
|
|
|
52
53
|
var audit = lazyRequire(function () { return require("./audit"); });
|
|
@@ -116,11 +117,8 @@ function _validateRule(rule) {
|
|
|
116
117
|
throw _err("BAD_RULE",
|
|
117
118
|
"rule.action string must be 'erase' / 'delete' / 'soft-delete', got " + JSON.stringify(action));
|
|
118
119
|
}
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
rule.batchSize <= 0 || Math.floor(rule.batchSize) !== rule.batchSize)) {
|
|
122
|
-
throw _err("BAD_RULE", "rule.batchSize must be a positive integer");
|
|
123
|
-
}
|
|
120
|
+
numericBounds.requirePositiveFiniteIntIfPresent(rule.batchSize,
|
|
121
|
+
"rule.batchSize", RetentionError, "BAD_RULE");
|
|
124
122
|
if (rule.softDeleteField !== undefined &&
|
|
125
123
|
(typeof rule.softDeleteField !== "string" || rule.softDeleteField.length === 0)) {
|
|
126
124
|
throw _err("BAD_RULE", "rule.softDeleteField must be a non-empty string");
|