@blamejs/blamejs-shop 0.4.56 → 0.4.58
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +4 -0
- package/lib/affiliates.js +35 -4
- package/lib/api-keys.js +17 -2
- package/lib/asset-manifest.json +1 -1
- package/lib/backorder.js +21 -4
- package/lib/click-and-collect.js +11 -2
- package/lib/credit-limits.js +132 -84
- package/lib/vendor/MANIFEST.json +426 -366
- package/lib/vendor/blamejs/.github/codeql/codeql-config.yml +25 -0
- package/lib/vendor/blamejs/.github/workflows/actions-lint.yml +3 -3
- package/lib/vendor/blamejs/.github/workflows/cflite_batch.yml +1 -1
- package/lib/vendor/blamejs/.github/workflows/cflite_pr.yml +1 -1
- package/lib/vendor/blamejs/.github/workflows/ci.yml +13 -13
- package/lib/vendor/blamejs/.github/workflows/codeql.yml +8 -7
- package/lib/vendor/blamejs/.github/workflows/npm-publish.yml +2 -2
- package/lib/vendor/blamejs/.github/workflows/release-container.yml +4 -4
- package/lib/vendor/blamejs/.github/workflows/scorecard.yml +1 -1
- package/lib/vendor/blamejs/.github/workflows/sha-to-tag-verify.yml +1 -1
- package/lib/vendor/blamejs/CHANGELOG.md +2 -0
- package/lib/vendor/blamejs/api-snapshot.json +1381 -4
- package/lib/vendor/blamejs/eslint.config.mjs +1 -0
- package/lib/vendor/blamejs/examples/wiki/lib/source-comment-block-validator.js +4 -1
- package/lib/vendor/blamejs/examples/wiki/lib/symbol-index.js +5 -2
- package/lib/vendor/blamejs/examples/wiki/routes/pages.js +4 -1
- package/lib/vendor/blamejs/fuzz/guard-text.fuzz.js +20 -0
- package/lib/vendor/blamejs/index.js +2 -0
- package/lib/vendor/blamejs/lib/a2a-tasks.js +7 -23
- package/lib/vendor/blamejs/lib/acme.js +6 -5
- package/lib/vendor/blamejs/lib/agent-event-bus.js +5 -4
- package/lib/vendor/blamejs/lib/agent-idempotency.js +2 -5
- package/lib/vendor/blamejs/lib/agent-orchestrator.js +2 -5
- package/lib/vendor/blamejs/lib/agent-saga.js +3 -5
- package/lib/vendor/blamejs/lib/agent-tenant.js +2 -5
- package/lib/vendor/blamejs/lib/ai-adverse-decision.js +2 -15
- package/lib/vendor/blamejs/lib/ai-capability.js +1 -6
- package/lib/vendor/blamejs/lib/ai-dp.js +1 -5
- package/lib/vendor/blamejs/lib/ai-input.js +2 -2
- package/lib/vendor/blamejs/lib/ai-pref.js +3 -8
- package/lib/vendor/blamejs/lib/ai-quota.js +3 -14
- package/lib/vendor/blamejs/lib/api-key.js +37 -28
- package/lib/vendor/blamejs/lib/archive-adapters.js +2 -4
- package/lib/vendor/blamejs/lib/archive-entry-policy.js +32 -0
- package/lib/vendor/blamejs/lib/archive-read.js +5 -17
- package/lib/vendor/blamejs/lib/archive-tar-read.js +5 -16
- package/lib/vendor/blamejs/lib/archive.js +2 -10
- package/lib/vendor/blamejs/lib/arg-parser.js +7 -6
- package/lib/vendor/blamejs/lib/asyncapi-traits.js +2 -6
- package/lib/vendor/blamejs/lib/atomic-file.js +108 -31
- package/lib/vendor/blamejs/lib/audit-chain.js +133 -53
- package/lib/vendor/blamejs/lib/audit-daily-review.js +24 -14
- package/lib/vendor/blamejs/lib/audit-emit.js +82 -0
- package/lib/vendor/blamejs/lib/audit-sign.js +257 -0
- package/lib/vendor/blamejs/lib/audit.js +84 -0
- package/lib/vendor/blamejs/lib/auth/access-lock.js +5 -27
- package/lib/vendor/blamejs/lib/auth/dpop.js +23 -35
- package/lib/vendor/blamejs/lib/auth/fido-mds3.js +9 -15
- package/lib/vendor/blamejs/lib/auth/jwt-external.js +26 -8
- package/lib/vendor/blamejs/lib/auth/jwt.js +13 -15
- package/lib/vendor/blamejs/lib/auth/lockout.js +6 -25
- package/lib/vendor/blamejs/lib/auth/oauth.js +67 -45
- package/lib/vendor/blamejs/lib/auth/oid4vci.js +55 -32
- package/lib/vendor/blamejs/lib/auth/oid4vp.js +3 -2
- package/lib/vendor/blamejs/lib/auth/openid-federation.js +6 -6
- package/lib/vendor/blamejs/lib/auth/passkey.js +3 -3
- package/lib/vendor/blamejs/lib/auth/password.js +7 -1
- package/lib/vendor/blamejs/lib/auth/saml.js +37 -27
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-holder.js +2 -14
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-issuer.js +2 -14
- package/lib/vendor/blamejs/lib/auth/sd-jwt-vc.js +1 -1
- package/lib/vendor/blamejs/lib/auth/status-list.js +7 -7
- package/lib/vendor/blamejs/lib/auth/step-up.js +6 -12
- package/lib/vendor/blamejs/lib/auth-bot-challenge.js +6 -37
- package/lib/vendor/blamejs/lib/backup/bundle.js +11 -18
- package/lib/vendor/blamejs/lib/backup/index.js +14 -47
- package/lib/vendor/blamejs/lib/bounded-map.js +112 -1
- package/lib/vendor/blamejs/lib/breach-deadline.js +1 -11
- package/lib/vendor/blamejs/lib/cache.js +7 -18
- package/lib/vendor/blamejs/lib/cbor.js +2 -1
- package/lib/vendor/blamejs/lib/cdn-cache-control.js +8 -9
- package/lib/vendor/blamejs/lib/cert.js +3 -10
- package/lib/vendor/blamejs/lib/chain-writer.js +162 -47
- package/lib/vendor/blamejs/lib/cli.js +5 -1
- package/lib/vendor/blamejs/lib/client-hints.js +7 -9
- package/lib/vendor/blamejs/lib/cloud-events.js +40 -31
- package/lib/vendor/blamejs/lib/cluster-storage.js +2 -38
- package/lib/vendor/blamejs/lib/cms-codec.js +2 -1
- package/lib/vendor/blamejs/lib/codepoint-class.js +67 -1
- package/lib/vendor/blamejs/lib/compliance-ai-act-logging.js +1 -6
- package/lib/vendor/blamejs/lib/compliance-ai-act-transparency.js +2 -4
- package/lib/vendor/blamejs/lib/compliance-eaa.js +1 -11
- package/lib/vendor/blamejs/lib/compliance-sanctions-fetcher.js +21 -28
- package/lib/vendor/blamejs/lib/compliance-sanctions.js +2 -14
- package/lib/vendor/blamejs/lib/compliance.js +2 -9
- package/lib/vendor/blamejs/lib/config-drift.js +2 -12
- package/lib/vendor/blamejs/lib/content-digest.js +10 -8
- package/lib/vendor/blamejs/lib/cookies.js +5 -11
- package/lib/vendor/blamejs/lib/cose.js +19 -11
- package/lib/vendor/blamejs/lib/cra-report.js +1 -11
- package/lib/vendor/blamejs/lib/crypto-field.js +5 -10
- package/lib/vendor/blamejs/lib/crypto.js +120 -3
- package/lib/vendor/blamejs/lib/csp.js +235 -3
- package/lib/vendor/blamejs/lib/daemon.js +42 -41
- package/lib/vendor/blamejs/lib/data-act.js +19 -9
- package/lib/vendor/blamejs/lib/db-query.js +6 -40
- package/lib/vendor/blamejs/lib/db.js +34 -12
- package/lib/vendor/blamejs/lib/dbsc.js +5 -6
- package/lib/vendor/blamejs/lib/ddl-change-control.js +18 -14
- package/lib/vendor/blamejs/lib/deprecate.js +4 -5
- package/lib/vendor/blamejs/lib/did.js +6 -2
- package/lib/vendor/blamejs/lib/dsr.js +8 -12
- package/lib/vendor/blamejs/lib/external-db-migrate.js +21 -22
- package/lib/vendor/blamejs/lib/external-db.js +14 -26
- package/lib/vendor/blamejs/lib/fda-21cfr11.js +12 -8
- package/lib/vendor/blamejs/lib/fdx.js +22 -18
- package/lib/vendor/blamejs/lib/file-upload.js +80 -66
- package/lib/vendor/blamejs/lib/flag-evaluation-context.js +5 -8
- package/lib/vendor/blamejs/lib/framework-error.js +12 -0
- package/lib/vendor/blamejs/lib/framework-schema.js +19 -0
- package/lib/vendor/blamejs/lib/fsm.js +7 -12
- package/lib/vendor/blamejs/lib/gate-contract.js +869 -38
- package/lib/vendor/blamejs/lib/gdpr-ropa.js +4 -13
- package/lib/vendor/blamejs/lib/graphql-federation.js +1 -1
- package/lib/vendor/blamejs/lib/guard-agent-registry.js +2 -1
- package/lib/vendor/blamejs/lib/guard-all.js +1 -0
- package/lib/vendor/blamejs/lib/guard-archive.js +9 -30
- package/lib/vendor/blamejs/lib/guard-auth.js +23 -80
- package/lib/vendor/blamejs/lib/guard-cidr.js +20 -96
- package/lib/vendor/blamejs/lib/guard-csv.js +135 -196
- package/lib/vendor/blamejs/lib/guard-domain.js +23 -106
- package/lib/vendor/blamejs/lib/guard-dsn.js +16 -13
- package/lib/vendor/blamejs/lib/guard-email.js +46 -53
- package/lib/vendor/blamejs/lib/guard-envelope.js +1 -1
- package/lib/vendor/blamejs/lib/guard-event-bus-topic.js +2 -1
- package/lib/vendor/blamejs/lib/guard-filename.js +12 -60
- package/lib/vendor/blamejs/lib/guard-graphql.js +28 -75
- package/lib/vendor/blamejs/lib/guard-html-wcag.js +15 -2
- package/lib/vendor/blamejs/lib/guard-html.js +65 -117
- package/lib/vendor/blamejs/lib/guard-idempotency-key.js +2 -1
- package/lib/vendor/blamejs/lib/guard-image.js +280 -77
- package/lib/vendor/blamejs/lib/guard-imap-command.js +8 -9
- package/lib/vendor/blamejs/lib/guard-json.js +87 -103
- package/lib/vendor/blamejs/lib/guard-jsonpath.js +20 -88
- package/lib/vendor/blamejs/lib/guard-jwt.js +32 -114
- package/lib/vendor/blamejs/lib/guard-list-id.js +2 -7
- package/lib/vendor/blamejs/lib/guard-list-unsubscribe.js +2 -7
- package/lib/vendor/blamejs/lib/guard-mail-compose.js +5 -6
- package/lib/vendor/blamejs/lib/guard-mail-move.js +2 -1
- package/lib/vendor/blamejs/lib/guard-mail-query.js +5 -3
- package/lib/vendor/blamejs/lib/guard-mail-sieve.js +6 -7
- package/lib/vendor/blamejs/lib/guard-managesieve-command.js +5 -4
- package/lib/vendor/blamejs/lib/guard-markdown.js +76 -110
- package/lib/vendor/blamejs/lib/guard-message-id.js +5 -6
- package/lib/vendor/blamejs/lib/guard-mime.js +20 -99
- package/lib/vendor/blamejs/lib/guard-oauth.js +19 -73
- package/lib/vendor/blamejs/lib/guard-pdf.js +65 -72
- package/lib/vendor/blamejs/lib/guard-pop3-command.js +12 -13
- package/lib/vendor/blamejs/lib/guard-posture-chain.js +2 -1
- package/lib/vendor/blamejs/lib/guard-regex.js +24 -99
- package/lib/vendor/blamejs/lib/guard-saga-config.js +2 -1
- package/lib/vendor/blamejs/lib/guard-shell.js +22 -87
- package/lib/vendor/blamejs/lib/guard-smtp-command.js +8 -11
- package/lib/vendor/blamejs/lib/guard-sql.js +15 -13
- package/lib/vendor/blamejs/lib/guard-stream-args.js +2 -1
- package/lib/vendor/blamejs/lib/guard-svg.js +95 -140
- package/lib/vendor/blamejs/lib/guard-template.js +23 -80
- package/lib/vendor/blamejs/lib/guard-tenant-id.js +2 -1
- package/lib/vendor/blamejs/lib/guard-text.js +592 -0
- package/lib/vendor/blamejs/lib/guard-time.js +27 -95
- package/lib/vendor/blamejs/lib/guard-uuid.js +21 -93
- package/lib/vendor/blamejs/lib/guard-xml.js +76 -106
- package/lib/vendor/blamejs/lib/guard-yaml.js +24 -60
- package/lib/vendor/blamejs/lib/http-client-cache.js +5 -12
- package/lib/vendor/blamejs/lib/http-client-cookie-jar.js +2 -4
- package/lib/vendor/blamejs/lib/http-client.js +8 -21
- package/lib/vendor/blamejs/lib/http-message-signature.js +3 -2
- package/lib/vendor/blamejs/lib/i18n-messageformat.js +5 -7
- package/lib/vendor/blamejs/lib/i18n.js +83 -26
- package/lib/vendor/blamejs/lib/inbox.js +8 -8
- package/lib/vendor/blamejs/lib/incident-report.js +3 -21
- package/lib/vendor/blamejs/lib/ip-utils.js +49 -6
- package/lib/vendor/blamejs/lib/jobs.js +3 -2
- package/lib/vendor/blamejs/lib/keychain.js +6 -18
- package/lib/vendor/blamejs/lib/legal-hold.js +6 -15
- package/lib/vendor/blamejs/lib/log-stream-cloudwatch.js +44 -112
- package/lib/vendor/blamejs/lib/log-stream-otlp-grpc.js +17 -14
- package/lib/vendor/blamejs/lib/log-stream-otlp.js +16 -80
- package/lib/vendor/blamejs/lib/log-stream-webhook.js +20 -92
- package/lib/vendor/blamejs/lib/mail-arc-sign.js +8 -3
- package/lib/vendor/blamejs/lib/mail-arf.js +3 -2
- package/lib/vendor/blamejs/lib/mail-auth.js +40 -66
- package/lib/vendor/blamejs/lib/mail-bimi.js +19 -39
- package/lib/vendor/blamejs/lib/mail-crypto-pgp.js +3 -2
- package/lib/vendor/blamejs/lib/mail-dav.js +8 -35
- package/lib/vendor/blamejs/lib/mail-deploy.js +6 -9
- package/lib/vendor/blamejs/lib/mail-dkim.js +19 -38
- package/lib/vendor/blamejs/lib/mail-greylist.js +15 -26
- package/lib/vendor/blamejs/lib/mail-helo.js +2 -3
- package/lib/vendor/blamejs/lib/mail-journal.js +2 -1
- package/lib/vendor/blamejs/lib/mail-mdn.js +4 -3
- package/lib/vendor/blamejs/lib/mail-rbl.js +5 -8
- package/lib/vendor/blamejs/lib/mail-scan.js +2 -2
- package/lib/vendor/blamejs/lib/mail-send-deliver.js +33 -20
- package/lib/vendor/blamejs/lib/mail-server-imap.js +32 -87
- package/lib/vendor/blamejs/lib/mail-server-jmap.js +35 -51
- package/lib/vendor/blamejs/lib/mail-server-managesieve.js +29 -83
- package/lib/vendor/blamejs/lib/mail-server-mx.js +33 -74
- package/lib/vendor/blamejs/lib/mail-server-net.js +177 -0
- package/lib/vendor/blamejs/lib/mail-server-pop3.js +30 -83
- package/lib/vendor/blamejs/lib/mail-server-rate-limit.js +30 -6
- package/lib/vendor/blamejs/lib/mail-server-submission.js +34 -73
- package/lib/vendor/blamejs/lib/mail-server-tls.js +89 -0
- package/lib/vendor/blamejs/lib/mail-spam-score.js +7 -8
- package/lib/vendor/blamejs/lib/mail-store.js +3 -2
- package/lib/vendor/blamejs/lib/mail.js +6 -11
- package/lib/vendor/blamejs/lib/markup-escape.js +31 -0
- package/lib/vendor/blamejs/lib/markup-tokenizer.js +54 -0
- package/lib/vendor/blamejs/lib/mcp-tool-registry.js +26 -23
- package/lib/vendor/blamejs/lib/mcp.js +1 -1
- package/lib/vendor/blamejs/lib/mdoc.js +11 -12
- package/lib/vendor/blamejs/lib/metrics.js +32 -30
- package/lib/vendor/blamejs/lib/middleware/age-gate.js +3 -23
- package/lib/vendor/blamejs/lib/middleware/api-encrypt.js +11 -22
- package/lib/vendor/blamejs/lib/middleware/assetlinks.js +2 -7
- package/lib/vendor/blamejs/lib/middleware/bearer-auth.js +2 -1
- package/lib/vendor/blamejs/lib/middleware/body-parser.js +31 -48
- package/lib/vendor/blamejs/lib/middleware/bot-disclose.js +7 -10
- package/lib/vendor/blamejs/lib/middleware/bot-guard.js +2 -10
- package/lib/vendor/blamejs/lib/middleware/csrf-protect.js +13 -2
- package/lib/vendor/blamejs/lib/middleware/daily-byte-quota.js +6 -26
- package/lib/vendor/blamejs/lib/middleware/deny-response.js +19 -1
- package/lib/vendor/blamejs/lib/middleware/fetch-metadata.js +7 -0
- package/lib/vendor/blamejs/lib/middleware/idempotency-key.js +4 -20
- package/lib/vendor/blamejs/lib/middleware/rate-limit.js +20 -28
- package/lib/vendor/blamejs/lib/middleware/scim-server.js +3 -2
- package/lib/vendor/blamejs/lib/middleware/security-headers.js +9 -1
- package/lib/vendor/blamejs/lib/middleware/security-txt.js +2 -6
- package/lib/vendor/blamejs/lib/middleware/tus-upload.js +12 -27
- package/lib/vendor/blamejs/lib/middleware/web-app-manifest.js +2 -7
- package/lib/vendor/blamejs/lib/migrations.js +4 -13
- package/lib/vendor/blamejs/lib/mime-parse.js +34 -17
- package/lib/vendor/blamejs/lib/module-loader.js +44 -0
- package/lib/vendor/blamejs/lib/money.js +105 -0
- package/lib/vendor/blamejs/lib/mtls-ca.js +116 -36
- package/lib/vendor/blamejs/lib/network-byte-quota.js +4 -18
- package/lib/vendor/blamejs/lib/network-dane.js +8 -6
- package/lib/vendor/blamejs/lib/network-dns-resolver.js +97 -6
- package/lib/vendor/blamejs/lib/network-dnssec.js +16 -16
- package/lib/vendor/blamejs/lib/network-heartbeat.js +3 -2
- package/lib/vendor/blamejs/lib/network-smtp-policy.js +29 -41
- package/lib/vendor/blamejs/lib/network-tls.js +40 -42
- package/lib/vendor/blamejs/lib/nis2-report.js +1 -11
- package/lib/vendor/blamejs/lib/nonce-store.js +81 -3
- package/lib/vendor/blamejs/lib/numeric-bounds.js +22 -8
- package/lib/vendor/blamejs/lib/object-store/azure-blob-bucket-ops.js +2 -6
- package/lib/vendor/blamejs/lib/object-store/azure-blob.js +5 -45
- package/lib/vendor/blamejs/lib/object-store/gcs.js +8 -71
- package/lib/vendor/blamejs/lib/object-store/http-put.js +1 -5
- package/lib/vendor/blamejs/lib/object-store/http-request.js +128 -0
- package/lib/vendor/blamejs/lib/object-store/sigv4-bucket-ops.js +2 -1
- package/lib/vendor/blamejs/lib/object-store/sigv4.js +9 -77
- package/lib/vendor/blamejs/lib/observability-otlp-exporter.js +9 -25
- package/lib/vendor/blamejs/lib/observability.js +95 -0
- package/lib/vendor/blamejs/lib/openapi-paths-builder.js +7 -3
- package/lib/vendor/blamejs/lib/otel-export.js +7 -10
- package/lib/vendor/blamejs/lib/outbox.js +43 -37
- package/lib/vendor/blamejs/lib/pagination.js +11 -15
- package/lib/vendor/blamejs/lib/parsers/safe-env.js +5 -4
- package/lib/vendor/blamejs/lib/parsers/safe-ini.js +10 -4
- package/lib/vendor/blamejs/lib/parsers/safe-toml.js +11 -9
- package/lib/vendor/blamejs/lib/parsers/safe-xml.js +2 -2
- package/lib/vendor/blamejs/lib/parsers/safe-yaml.js +7 -6
- package/lib/vendor/blamejs/lib/pick.js +63 -5
- package/lib/vendor/blamejs/lib/pipl-cn.js +69 -59
- package/lib/vendor/blamejs/lib/privacy-pass.js +8 -6
- package/lib/vendor/blamejs/lib/problem-details.js +2 -5
- package/lib/vendor/blamejs/lib/pubsub.js +4 -8
- package/lib/vendor/blamejs/lib/redact.js +2 -1
- package/lib/vendor/blamejs/lib/render.js +4 -2
- package/lib/vendor/blamejs/lib/request-helpers.js +133 -6
- package/lib/vendor/blamejs/lib/restore.js +5 -22
- package/lib/vendor/blamejs/lib/retention.js +3 -5
- package/lib/vendor/blamejs/lib/safe-async.js +457 -0
- package/lib/vendor/blamejs/lib/safe-buffer.js +137 -6
- package/lib/vendor/blamejs/lib/safe-decompress.js +2 -1
- package/lib/vendor/blamejs/lib/safe-dns.js +2 -1
- package/lib/vendor/blamejs/lib/safe-ical.js +12 -26
- package/lib/vendor/blamejs/lib/safe-json.js +7 -8
- package/lib/vendor/blamejs/lib/safe-jsonpath.js +6 -5
- package/lib/vendor/blamejs/lib/safe-mime.js +25 -29
- package/lib/vendor/blamejs/lib/safe-redirect.js +2 -5
- package/lib/vendor/blamejs/lib/safe-schema.js +7 -6
- package/lib/vendor/blamejs/lib/safe-sql.js +126 -0
- package/lib/vendor/blamejs/lib/safe-vcard.js +12 -26
- package/lib/vendor/blamejs/lib/sandbox-worker.js +9 -2
- package/lib/vendor/blamejs/lib/sandbox.js +3 -2
- package/lib/vendor/blamejs/lib/scheduler.js +5 -12
- package/lib/vendor/blamejs/lib/sec-cyber.js +82 -37
- package/lib/vendor/blamejs/lib/seeders.js +4 -11
- package/lib/vendor/blamejs/lib/self-update.js +92 -69
- package/lib/vendor/blamejs/lib/session-device-binding.js +112 -66
- package/lib/vendor/blamejs/lib/session.js +194 -6
- package/lib/vendor/blamejs/lib/sql.js +225 -78
- package/lib/vendor/blamejs/lib/sse.js +6 -10
- package/lib/vendor/blamejs/lib/static.js +136 -98
- package/lib/vendor/blamejs/lib/storage.js +4 -2
- package/lib/vendor/blamejs/lib/structured-fields.js +275 -16
- package/lib/vendor/blamejs/lib/tenant-quota.js +2 -20
- package/lib/vendor/blamejs/lib/tsa.js +11 -15
- package/lib/vendor/blamejs/lib/validate-opts.js +154 -8
- package/lib/vendor/blamejs/lib/vault/seal-pem-file.js +30 -48
- package/lib/vendor/blamejs/lib/vault-aad.js +3 -2
- package/lib/vendor/blamejs/lib/vc.js +2 -7
- package/lib/vendor/blamejs/lib/vex.js +35 -13
- package/lib/vendor/blamejs/lib/web-push-vapid.js +23 -20
- package/lib/vendor/blamejs/lib/webhook-dispatcher.js +706 -0
- package/lib/vendor/blamejs/lib/webhook.js +43 -18
- package/lib/vendor/blamejs/lib/websocket-channels.js +9 -7
- package/lib/vendor/blamejs/lib/websocket.js +7 -3
- package/lib/vendor/blamejs/lib/worm.js +2 -3
- package/lib/vendor/blamejs/lib/ws-client.js +8 -10
- package/lib/vendor/blamejs/package.json +1 -1
- package/lib/vendor/blamejs/release-notes/v0.15.13.json +81 -0
- package/lib/vendor/blamejs/scripts/check-changelog-extract.js +1 -1
- package/lib/vendor/blamejs/test/00-primitives.js +136 -7
- package/lib/vendor/blamejs/test/10-state.js +9 -3
- package/lib/vendor/blamejs/test/30-chain.js +40 -0
- package/lib/vendor/blamejs/test/helpers/check.js +18 -0
- package/lib/vendor/blamejs/test/helpers/db.js +4 -0
- package/lib/vendor/blamejs/test/helpers/index.js +1 -0
- package/lib/vendor/blamejs/test/integration/audit-chain-external-db.test.js +2 -1
- package/lib/vendor/blamejs/test/integration/audit-stack-postgres.test.js +2 -1
- package/lib/vendor/blamejs/test/integration/data-layer-mysql.test.js +8 -1
- package/lib/vendor/blamejs/test/integration/data-layer-pg.test.js +1 -1
- package/lib/vendor/blamejs/test/integration/framework-schema-mysql.test.js +2 -1
- package/lib/vendor/blamejs/test/integration/webhook-dispatcher-pg.test.js +269 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/atomic-file-fd-read.test.js +149 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-framework-namespaces.test.js +51 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-sign-anchor.test.js +88 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/audit-use-store.test.js +55 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/backup-object-store-adapter.test.js +2 -2
- package/lib/vendor/blamejs/test/layer-0-primitives/bot-guard.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/bounded-map.test.js +129 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/chain-writer-multichain.test.js +107 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/cli-api-key.test.js +12 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/codebase-patterns.test.js +2788 -3214
- package/lib/vendor/blamejs/test/layer-0-primitives/codepoint-class.test.js +78 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-base64url.test.js +63 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/crypto-hash-stream.test.js +2 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/csp-builder.test.js +50 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/csp-nonce.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/daemon.test.js +2 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/defineguard-resolve-opts.test.js +76 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/flag.test.js +9 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/gate-contract-content-gate.test.js +290 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-csv.test.js +84 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-email.test.js +78 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-filename.test.js +23 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-gate-disposition-coverage.test.js +93 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-html.test.js +60 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-image.test.js +184 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-imap-command.test.js +0 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-json.test.js +54 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-managesieve-command.test.js +10 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-markdown.test.js +45 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-pdf.test.js +101 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-pop3-command.test.js +18 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-svg.test.js +76 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-text.test.js +365 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-xml.test.js +35 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/guard-yaml.test.js +36 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/i18n.test.js +20 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/inbox.test.js +15 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/ip-utils.test.js +83 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-arf.test.js +10 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-auth.test.js +39 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-dkim.test.js +36 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-greylist.test.js +17 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-tls.test.js +39 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mail-store.test.js +17 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mime-parse.test.js +106 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/money.test.js +17 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/mtls-ca-revocation.test.js +98 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/nonce-store-release.test.js +77 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/observability.test.js +48 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/rate-limit-memory-getorinsert.test.js +100 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/request-helpers.test.js +88 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-async-loops.test.js +278 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-buffer-linear-scans.test.js +37 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/safe-jsonpath.test.js +14 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sandbox.test.js +19 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/security-headers.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/self-update.test.js +2 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/session-device-binding.test.js +18 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/session-extensions.test.js +1 -1
- package/lib/vendor/blamejs/test/layer-0-primitives/session-valid-from.test.js +73 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/sql.test.js +100 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/structured-fields.test.js +80 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/validate-opts-shape.test.js +235 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/webhook-dispatcher.test.js +374 -0
- package/lib/vendor/blamejs/test/layer-0-primitives/webhook.test.js +75 -8
- package/lib/vendor/blamejs/test/layer-5-integration/guard-host-integration.test.js +3 -3
- package/package.json +1 -1
|
@@ -41,11 +41,9 @@
|
|
|
41
41
|
* Shell-argument content-safety guard — refuses user-supplied strings that carry shell-injection shapes BEFORE they reach a child-process spawn.
|
|
42
42
|
*/
|
|
43
43
|
|
|
44
|
-
var codepointClass = require("./codepoint-class");
|
|
45
44
|
var lazyRequire = require("./lazy-require");
|
|
46
45
|
var gateContract = require("./gate-contract");
|
|
47
46
|
var C = require("./constants");
|
|
48
|
-
var numericBounds = require("./numeric-bounds");
|
|
49
47
|
var { GuardShellError } = require("./framework-error");
|
|
50
48
|
|
|
51
49
|
var observability = lazyRequire(function () { return require("./observability"); });
|
|
@@ -76,10 +74,7 @@ var NEWLINE_RE = /[\r\n]/;
|
|
|
76
74
|
|
|
77
75
|
var PROFILES = Object.freeze({
|
|
78
76
|
"strict": {
|
|
79
|
-
|
|
80
|
-
controlPolicy: "reject",
|
|
81
|
-
nullBytePolicy: "reject",
|
|
82
|
-
zeroWidthPolicy: "reject",
|
|
77
|
+
...gateContract.CHAR_THREATS_REJECT_ALL,
|
|
83
78
|
posixMetaPolicy: "reject",
|
|
84
79
|
cmdMetaPolicy: "reject",
|
|
85
80
|
dollarSubstPolicy: "reject",
|
|
@@ -91,10 +86,7 @@ var PROFILES = Object.freeze({
|
|
|
91
86
|
maxRuntimeMs: C.TIME.seconds(2),
|
|
92
87
|
},
|
|
93
88
|
"balanced": {
|
|
94
|
-
|
|
95
|
-
controlPolicy: "reject",
|
|
96
|
-
nullBytePolicy: "reject",
|
|
97
|
-
zeroWidthPolicy: "reject",
|
|
89
|
+
...gateContract.CHAR_THREATS_REJECT_ALL,
|
|
98
90
|
posixMetaPolicy: "audit",
|
|
99
91
|
cmdMetaPolicy: "audit",
|
|
100
92
|
dollarSubstPolicy: "reject",
|
|
@@ -106,10 +98,7 @@ var PROFILES = Object.freeze({
|
|
|
106
98
|
maxRuntimeMs: C.TIME.seconds(2),
|
|
107
99
|
},
|
|
108
100
|
"permissive": {
|
|
109
|
-
|
|
110
|
-
controlPolicy: "reject", // controls refused at every profile
|
|
111
|
-
nullBytePolicy: "reject", // null refused at every profile
|
|
112
|
-
zeroWidthPolicy: "reject", // zero-width refused at every profile
|
|
101
|
+
...gateContract.CHAR_THREATS_REJECT_ALL,
|
|
113
102
|
posixMetaPolicy: "audit",
|
|
114
103
|
cmdMetaPolicy: "audit",
|
|
115
104
|
dollarSubstPolicy: "reject", // command substitution refused at every profile
|
|
@@ -122,54 +111,14 @@ var PROFILES = Object.freeze({
|
|
|
122
111
|
},
|
|
123
112
|
});
|
|
124
113
|
|
|
125
|
-
var DEFAULTS =
|
|
126
|
-
mode: "enforce",
|
|
127
|
-
}));
|
|
114
|
+
var DEFAULTS = gateContract.strictDefaults(PROFILES);
|
|
128
115
|
|
|
129
|
-
var COMPLIANCE_POSTURES =
|
|
130
|
-
"hipaa": Object.assign({}, PROFILES["strict"], {
|
|
131
|
-
forensicSnippetBytes: C.BYTES.bytes(256),
|
|
132
|
-
}),
|
|
133
|
-
"pci-dss": Object.assign({}, PROFILES["strict"], {
|
|
134
|
-
forensicSnippetBytes: C.BYTES.bytes(256),
|
|
135
|
-
}),
|
|
136
|
-
"gdpr": Object.assign({}, PROFILES["balanced"], {
|
|
137
|
-
forensicSnippetBytes: C.BYTES.bytes(128),
|
|
138
|
-
}),
|
|
139
|
-
"soc2": Object.assign({}, PROFILES["strict"], {
|
|
140
|
-
forensicSnippetBytes: C.BYTES.bytes(512),
|
|
141
|
-
}),
|
|
142
|
-
});
|
|
143
|
-
|
|
144
|
-
function _resolveOpts(opts) {
|
|
145
|
-
return gateContract.resolveProfileAndPosture(opts, {
|
|
146
|
-
profiles: PROFILES,
|
|
147
|
-
compliancePostures: COMPLIANCE_POSTURES,
|
|
148
|
-
defaults: DEFAULTS,
|
|
149
|
-
errorClass: GuardShellError,
|
|
150
|
-
errCodePrefix: "shell",
|
|
151
|
-
});
|
|
152
|
-
}
|
|
116
|
+
var COMPLIANCE_POSTURES = gateContract.compliancePostures(PROFILES, { base: 256 });
|
|
153
117
|
|
|
154
118
|
function _detectIssues(input, opts) {
|
|
155
|
-
var
|
|
156
|
-
if (
|
|
157
|
-
|
|
158
|
-
ruleId: "shell.bad-input",
|
|
159
|
-
snippet: "shell arg is not a string" }];
|
|
160
|
-
}
|
|
161
|
-
if (input.length === 0) {
|
|
162
|
-
// Empty arg is not necessarily a threat (legit blank args exist).
|
|
163
|
-
return [];
|
|
164
|
-
}
|
|
165
|
-
if (Buffer.byteLength(input, "utf8") > opts.maxBytes) {
|
|
166
|
-
return [{ kind: "shell-cap", severity: "high",
|
|
167
|
-
ruleId: "shell.shell-cap",
|
|
168
|
-
snippet: "shell arg exceeds maxBytes " + opts.maxBytes }];
|
|
169
|
-
}
|
|
170
|
-
|
|
171
|
-
var charThreats = codepointClass.detectCharThreats(input, opts, "shell");
|
|
172
|
-
for (var ci = 0; ci < charThreats.length; ci += 1) issues.push(charThreats[ci]);
|
|
119
|
+
var pre = gateContract.detectStringInput(input, opts, { name: "shell", noun: "shell arg", emptyMode: "ok", cap: { bytes: opts.maxBytes, snippet: "shell arg exceeds maxBytes " + opts.maxBytes } });
|
|
120
|
+
if (pre.done) return pre.issues;
|
|
121
|
+
var issues = pre.issues;
|
|
173
122
|
|
|
174
123
|
// $(...) / ${...} / backtick — universal refuse.
|
|
175
124
|
if (opts.dollarSubstPolicy !== "allow" &&
|
|
@@ -285,13 +234,10 @@ function _detectIssues(input, opts) {
|
|
|
285
234
|
* hostile.ok; // → false
|
|
286
235
|
* hostile.issues.some(function (i) { return i.kind === "posix-metachar"; }); // → true
|
|
287
236
|
*/
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
"guardShell.validate", GuardShellError, "shell.bad-opt");
|
|
293
|
-
return gateContract.aggregateIssues(_detectIssues(input, opts));
|
|
294
|
-
}
|
|
237
|
+
// validate is assembled by gateContract.defineGuard from `detect`
|
|
238
|
+
// (_detectIssues) below — `validate(input, opts) = aggregateIssues(detect(
|
|
239
|
+
// input, resolveOpts(opts)))`, with the maxBytes cap declared via `intOpts`.
|
|
240
|
+
// The @primitive block above documents the resulting public ABI.
|
|
295
241
|
|
|
296
242
|
/**
|
|
297
243
|
* @primitive b.guardShell.sanitize
|
|
@@ -334,17 +280,11 @@ function validate(input, opts) {
|
|
|
334
280
|
* e.code; // → "shell.posix-metachar"
|
|
335
281
|
* }
|
|
336
282
|
*/
|
|
337
|
-
|
|
338
|
-
|
|
339
|
-
|
|
340
|
-
|
|
341
|
-
|
|
342
|
-
// Shell args can't be repaired — sanitize either passes through
|
|
343
|
-
// valid input or throws.
|
|
344
|
-
var issues = _detectIssues(input, opts);
|
|
345
|
-
gateContract.throwOnRefusalSeverity(issues, {
|
|
346
|
-
errorClass: GuardShellError, codePrefix: "shell",
|
|
347
|
-
});
|
|
283
|
+
// _sanitizeTransform — the guard-specific normalize applied by defineGuard's
|
|
284
|
+
// generated sanitize AFTER resolve → detect → throw-on-refusal. Shell args
|
|
285
|
+
// cannot be repaired, so the transform is pass-through: an already-validated
|
|
286
|
+
// clean string is returned unchanged (a hostile string refuses upstream).
|
|
287
|
+
function _sanitizeTransform(input) {
|
|
348
288
|
return input;
|
|
349
289
|
}
|
|
350
290
|
|
|
@@ -364,14 +304,8 @@ function sanitize(input, opts) {
|
|
|
364
304
|
// in gate-contract.js, instantiated per guard by the page generator.
|
|
365
305
|
|
|
366
306
|
// ---- adaptive integration-test fixtures (consumed by layer-5 host harness) ----
|
|
367
|
-
|
|
368
|
-
|
|
369
|
-
benignBytes: Buffer.from("safe-arg-value", "utf8"),
|
|
370
|
-
hostileBytes: Buffer.from("safe; rm -rf /", "utf8"),
|
|
371
|
-
benignIdentifier: "safe-arg-value",
|
|
372
|
-
// Hostile: command-injection via metacharacter chain.
|
|
373
|
-
hostileIdentifier: "safe; rm -rf /",
|
|
374
|
-
});
|
|
307
|
+
// Hostile: command-injection via metacharacter chain.
|
|
308
|
+
var INTEGRATION_FIXTURES = gateContract.identifierFixtures("safe-arg-value", "safe; rm -rf /");
|
|
375
309
|
|
|
376
310
|
// Assembled from the gate-contract guard factory: error class, registry
|
|
377
311
|
// exports (NAME / KIND / INTEGRATION_FIXTURES), buildProfile /
|
|
@@ -386,7 +320,8 @@ module.exports = gateContract.defineGuard({
|
|
|
386
320
|
defaults: DEFAULTS,
|
|
387
321
|
postures: COMPLIANCE_POSTURES,
|
|
388
322
|
integrationFixtures: INTEGRATION_FIXTURES,
|
|
389
|
-
|
|
390
|
-
|
|
323
|
+
detect: _detectIssues,
|
|
324
|
+
sanitizeTransform: _sanitizeTransform,
|
|
325
|
+
intOpts: ["maxBytes"],
|
|
391
326
|
ctxFields: ["identifier", "arg"],
|
|
392
327
|
});
|
|
@@ -89,6 +89,7 @@
|
|
|
89
89
|
|
|
90
90
|
var { defineClass } = require("./framework-error");
|
|
91
91
|
var gateContract = require("./gate-contract");
|
|
92
|
+
var codepointClass = require("./codepoint-class");
|
|
92
93
|
|
|
93
94
|
var GuardSmtpCommandError = defineClass("GuardSmtpCommandError", { alwaysPermanent: true });
|
|
94
95
|
|
|
@@ -196,7 +197,7 @@ function validate(line, opts) {
|
|
|
196
197
|
// so the documented allowBareLf path actually accepts LF (Codex
|
|
197
198
|
// caught this: permissive profile was effectively broken).
|
|
198
199
|
if (c === 0x0a && caps.allowBareLf) continue; // RFC 5321 §2.3.8 LF, permissive bypass
|
|
199
|
-
if (c
|
|
200
|
+
if (codepointClass.isForbiddenControlChar(c, { forbidTab: true })) { // RFC 5321 §2.3.8 forbids C0 / DEL
|
|
200
201
|
throw new GuardSmtpCommandError("guard-smtp-command/control-char",
|
|
201
202
|
"guardSmtpCommand.validate: control char 0x" + c.toString(16) + " refused");
|
|
202
203
|
}
|
|
@@ -550,16 +551,12 @@ function detectBodySmuggling(buf) {
|
|
|
550
551
|
return false;
|
|
551
552
|
}
|
|
552
553
|
|
|
553
|
-
|
|
554
|
-
|
|
555
|
-
|
|
556
|
-
|
|
557
|
-
|
|
558
|
-
|
|
559
|
-
hostileBytes: Buffer.from("MAIL FROM:<a@b.com>\r\n.\r\nMAIL FROM:<evil@x.com>", "ascii"),
|
|
560
|
-
benignIdentifier: "EHLO mail.example.com",
|
|
561
|
-
hostileIdentifier: "MAIL FROM:<a@b.com>\r\n.\r\nMAIL FROM:<evil@x.com>",
|
|
562
|
-
});
|
|
554
|
+
// Benign: standard EHLO greeting.
|
|
555
|
+
// Hostile: CRLF smuggling attempt — bare CR inside a command line
|
|
556
|
+
// (CVE-2023-51764 / 51765 / 51766 class).
|
|
557
|
+
var INTEGRATION_FIXTURES = gateContract.identifierFixtures(
|
|
558
|
+
"EHLO mail.example.com",
|
|
559
|
+
"MAIL FROM:<a@b.com>\r\n.\r\nMAIL FROM:<evil@x.com>", "ascii");
|
|
563
560
|
|
|
564
561
|
// Assembled from the gate-contract parser factory: error class,
|
|
565
562
|
// compliancePosture wiring, PROFILES / COMPLIANCE_POSTURES, the `validate`
|
|
@@ -140,6 +140,7 @@
|
|
|
140
140
|
*/
|
|
141
141
|
|
|
142
142
|
var gateContract = require("./gate-contract");
|
|
143
|
+
var codepointClass = require("./codepoint-class");
|
|
143
144
|
var safeSql = require("./safe-sql");
|
|
144
145
|
var C = require("./constants");
|
|
145
146
|
var bCrypto = require("./crypto");
|
|
@@ -459,15 +460,14 @@ var PROFILES = Object.freeze({
|
|
|
459
460
|
},
|
|
460
461
|
});
|
|
461
462
|
|
|
462
|
-
var DEFAULTS =
|
|
463
|
-
mode: "enforce",
|
|
463
|
+
var DEFAULTS = gateContract.strictDefaults(PROFILES, {
|
|
464
464
|
contextMode: DEFAULT_CONTEXT_MODE,
|
|
465
465
|
maxBytes: C.BYTES.bytes(1048576), // 1 MiB raw-SQL cap
|
|
466
466
|
maxRuntimeMs: C.TIME.seconds(5),
|
|
467
467
|
// gdprRedact controls whether the audited fragment body is replaced
|
|
468
468
|
// by a salted hash fingerprint (set by the gdpr posture overlay).
|
|
469
469
|
gdprRedact: false,
|
|
470
|
-
})
|
|
470
|
+
});
|
|
471
471
|
|
|
472
472
|
// All four postures map to the strict floor — a regulated deployment
|
|
473
473
|
// gets the tightest raw-SQL gate regardless of which framework it cites.
|
|
@@ -1197,7 +1197,7 @@ function _identifierHazard(ident) {
|
|
|
1197
1197
|
// rest are reported by code point.
|
|
1198
1198
|
for (var k = 0; k < ident.length; k += 1) {
|
|
1199
1199
|
var c = ident.charCodeAt(k);
|
|
1200
|
-
if (c
|
|
1200
|
+
if (codepointClass.isForbiddenControlChar(c, { forbidTab: true })) {
|
|
1201
1201
|
return c === 0 ? "contains a null byte"
|
|
1202
1202
|
: "contains a control byte 0x" + c.toString(16);
|
|
1203
1203
|
}
|
|
@@ -1267,9 +1267,11 @@ function _identifierHazard(ident) {
|
|
|
1267
1267
|
function validate(input, opts) {
|
|
1268
1268
|
opts = _resolveOpts(opts);
|
|
1269
1269
|
var contextMode = _resolveContextMode(opts);
|
|
1270
|
-
|
|
1271
|
-
|
|
1272
|
-
|
|
1270
|
+
// "bytes" contract — accept string/Buffer and pass it RAW: _inspect runs an
|
|
1271
|
+
// encoding gate on raw bytes before any decode, so coercing to text first
|
|
1272
|
+
// would hide the very bytes it checks. The closure binds contextMode.
|
|
1273
|
+
return gateContract.runIssueValidator(input, opts,
|
|
1274
|
+
function (subject, o) { return _inspect(subject, o, contextMode); }, "bytes");
|
|
1273
1275
|
}
|
|
1274
1276
|
|
|
1275
1277
|
/**
|
|
@@ -1408,11 +1410,10 @@ function _emitDecisionAudit(sql, issues, opts, contextMode, ctx) {
|
|
|
1408
1410
|
var refused = _firstRefusal(issues) !== null;
|
|
1409
1411
|
var text = Buffer.isBuffer(sql) ? sql.toString("utf8") : String(sql);
|
|
1410
1412
|
var body = opts.gdprRedact ? _fingerprint(text) : _truncateForAudit(text);
|
|
1411
|
-
audit().
|
|
1412
|
-
|
|
1413
|
-
|
|
1414
|
-
|
|
1415
|
-
metadata: {
|
|
1413
|
+
audit().namespaced("guardSql.gate")(
|
|
1414
|
+
refused ? "refused" : (issues.length > 0 ? "audited" : "served"),
|
|
1415
|
+
refused ? "denied" : "success",
|
|
1416
|
+
{
|
|
1416
1417
|
contextMode: contextMode,
|
|
1417
1418
|
profile: opts.profile || "strict",
|
|
1418
1419
|
route: ctx && ctx.route,
|
|
@@ -1420,7 +1421,8 @@ function _emitDecisionAudit(sql, issues, opts, contextMode, ctx) {
|
|
|
1420
1421
|
sqlRedacted: !!opts.gdprRedact,
|
|
1421
1422
|
issues: gateContract.summarizeIssues(issues),
|
|
1422
1423
|
},
|
|
1423
|
-
|
|
1424
|
+
{ actor: ctx && ctx.actor }
|
|
1425
|
+
);
|
|
1424
1426
|
} catch (_e) { /* drop-silent — audit sinks must never crash the producer */ }
|
|
1425
1427
|
}
|
|
1426
1428
|
|
|
@@ -21,6 +21,7 @@
|
|
|
21
21
|
|
|
22
22
|
var { defineClass } = require("./framework-error");
|
|
23
23
|
var gateContract = require("./gate-contract");
|
|
24
|
+
var pick = require("./pick");
|
|
24
25
|
|
|
25
26
|
var GuardStreamArgsError = defineClass("GuardStreamArgsError", { alwaysPermanent: true });
|
|
26
27
|
|
|
@@ -122,7 +123,7 @@ function _checkCursorOpts(cursorOpts, depth) {
|
|
|
122
123
|
}
|
|
123
124
|
var keys = Object.keys(cursorOpts);
|
|
124
125
|
for (var k = 0; k < keys.length; k += 1) {
|
|
125
|
-
if (keys[k]
|
|
126
|
+
if (pick.isPoisonedKey(keys[k])) {
|
|
126
127
|
throw new GuardStreamArgsError("stream-args/proto-key",
|
|
127
128
|
"guardStreamArgs.validate: forbidden key '" + keys[k] + "' in cursorOpts");
|
|
128
129
|
}
|