@blamejs/blamejs-shop 0.4.56 → 0.4.58

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (402) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/lib/affiliates.js +35 -4
  3. package/lib/api-keys.js +17 -2
  4. package/lib/asset-manifest.json +1 -1
  5. package/lib/backorder.js +21 -4
  6. package/lib/click-and-collect.js +11 -2
  7. package/lib/credit-limits.js +132 -84
  8. package/lib/vendor/MANIFEST.json +426 -366
  9. package/lib/vendor/blamejs/.github/codeql/codeql-config.yml +25 -0
  10. package/lib/vendor/blamejs/.github/workflows/actions-lint.yml +3 -3
  11. package/lib/vendor/blamejs/.github/workflows/cflite_batch.yml +1 -1
  12. package/lib/vendor/blamejs/.github/workflows/cflite_pr.yml +1 -1
  13. package/lib/vendor/blamejs/.github/workflows/ci.yml +13 -13
  14. package/lib/vendor/blamejs/.github/workflows/codeql.yml +8 -7
  15. package/lib/vendor/blamejs/.github/workflows/npm-publish.yml +2 -2
  16. package/lib/vendor/blamejs/.github/workflows/release-container.yml +4 -4
  17. package/lib/vendor/blamejs/.github/workflows/scorecard.yml +1 -1
  18. package/lib/vendor/blamejs/.github/workflows/sha-to-tag-verify.yml +1 -1
  19. package/lib/vendor/blamejs/CHANGELOG.md +2 -0
  20. package/lib/vendor/blamejs/api-snapshot.json +1381 -4
  21. package/lib/vendor/blamejs/eslint.config.mjs +1 -0
  22. package/lib/vendor/blamejs/examples/wiki/lib/source-comment-block-validator.js +4 -1
  23. package/lib/vendor/blamejs/examples/wiki/lib/symbol-index.js +5 -2
  24. package/lib/vendor/blamejs/examples/wiki/routes/pages.js +4 -1
  25. package/lib/vendor/blamejs/fuzz/guard-text.fuzz.js +20 -0
  26. package/lib/vendor/blamejs/index.js +2 -0
  27. package/lib/vendor/blamejs/lib/a2a-tasks.js +7 -23
  28. package/lib/vendor/blamejs/lib/acme.js +6 -5
  29. package/lib/vendor/blamejs/lib/agent-event-bus.js +5 -4
  30. package/lib/vendor/blamejs/lib/agent-idempotency.js +2 -5
  31. package/lib/vendor/blamejs/lib/agent-orchestrator.js +2 -5
  32. package/lib/vendor/blamejs/lib/agent-saga.js +3 -5
  33. package/lib/vendor/blamejs/lib/agent-tenant.js +2 -5
  34. package/lib/vendor/blamejs/lib/ai-adverse-decision.js +2 -15
  35. package/lib/vendor/blamejs/lib/ai-capability.js +1 -6
  36. package/lib/vendor/blamejs/lib/ai-dp.js +1 -5
  37. package/lib/vendor/blamejs/lib/ai-input.js +2 -2
  38. package/lib/vendor/blamejs/lib/ai-pref.js +3 -8
  39. package/lib/vendor/blamejs/lib/ai-quota.js +3 -14
  40. package/lib/vendor/blamejs/lib/api-key.js +37 -28
  41. package/lib/vendor/blamejs/lib/archive-adapters.js +2 -4
  42. package/lib/vendor/blamejs/lib/archive-entry-policy.js +32 -0
  43. package/lib/vendor/blamejs/lib/archive-read.js +5 -17
  44. package/lib/vendor/blamejs/lib/archive-tar-read.js +5 -16
  45. package/lib/vendor/blamejs/lib/archive.js +2 -10
  46. package/lib/vendor/blamejs/lib/arg-parser.js +7 -6
  47. package/lib/vendor/blamejs/lib/asyncapi-traits.js +2 -6
  48. package/lib/vendor/blamejs/lib/atomic-file.js +108 -31
  49. package/lib/vendor/blamejs/lib/audit-chain.js +133 -53
  50. package/lib/vendor/blamejs/lib/audit-daily-review.js +24 -14
  51. package/lib/vendor/blamejs/lib/audit-emit.js +82 -0
  52. package/lib/vendor/blamejs/lib/audit-sign.js +257 -0
  53. package/lib/vendor/blamejs/lib/audit.js +84 -0
  54. package/lib/vendor/blamejs/lib/auth/access-lock.js +5 -27
  55. package/lib/vendor/blamejs/lib/auth/dpop.js +23 -35
  56. package/lib/vendor/blamejs/lib/auth/fido-mds3.js +9 -15
  57. package/lib/vendor/blamejs/lib/auth/jwt-external.js +26 -8
  58. package/lib/vendor/blamejs/lib/auth/jwt.js +13 -15
  59. package/lib/vendor/blamejs/lib/auth/lockout.js +6 -25
  60. package/lib/vendor/blamejs/lib/auth/oauth.js +67 -45
  61. package/lib/vendor/blamejs/lib/auth/oid4vci.js +55 -32
  62. package/lib/vendor/blamejs/lib/auth/oid4vp.js +3 -2
  63. package/lib/vendor/blamejs/lib/auth/openid-federation.js +6 -6
  64. package/lib/vendor/blamejs/lib/auth/passkey.js +3 -3
  65. package/lib/vendor/blamejs/lib/auth/password.js +7 -1
  66. package/lib/vendor/blamejs/lib/auth/saml.js +37 -27
  67. package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-holder.js +2 -14
  68. package/lib/vendor/blamejs/lib/auth/sd-jwt-vc-issuer.js +2 -14
  69. package/lib/vendor/blamejs/lib/auth/sd-jwt-vc.js +1 -1
  70. package/lib/vendor/blamejs/lib/auth/status-list.js +7 -7
  71. package/lib/vendor/blamejs/lib/auth/step-up.js +6 -12
  72. package/lib/vendor/blamejs/lib/auth-bot-challenge.js +6 -37
  73. package/lib/vendor/blamejs/lib/backup/bundle.js +11 -18
  74. package/lib/vendor/blamejs/lib/backup/index.js +14 -47
  75. package/lib/vendor/blamejs/lib/bounded-map.js +112 -1
  76. package/lib/vendor/blamejs/lib/breach-deadline.js +1 -11
  77. package/lib/vendor/blamejs/lib/cache.js +7 -18
  78. package/lib/vendor/blamejs/lib/cbor.js +2 -1
  79. package/lib/vendor/blamejs/lib/cdn-cache-control.js +8 -9
  80. package/lib/vendor/blamejs/lib/cert.js +3 -10
  81. package/lib/vendor/blamejs/lib/chain-writer.js +162 -47
  82. package/lib/vendor/blamejs/lib/cli.js +5 -1
  83. package/lib/vendor/blamejs/lib/client-hints.js +7 -9
  84. package/lib/vendor/blamejs/lib/cloud-events.js +40 -31
  85. package/lib/vendor/blamejs/lib/cluster-storage.js +2 -38
  86. package/lib/vendor/blamejs/lib/cms-codec.js +2 -1
  87. package/lib/vendor/blamejs/lib/codepoint-class.js +67 -1
  88. package/lib/vendor/blamejs/lib/compliance-ai-act-logging.js +1 -6
  89. package/lib/vendor/blamejs/lib/compliance-ai-act-transparency.js +2 -4
  90. package/lib/vendor/blamejs/lib/compliance-eaa.js +1 -11
  91. package/lib/vendor/blamejs/lib/compliance-sanctions-fetcher.js +21 -28
  92. package/lib/vendor/blamejs/lib/compliance-sanctions.js +2 -14
  93. package/lib/vendor/blamejs/lib/compliance.js +2 -9
  94. package/lib/vendor/blamejs/lib/config-drift.js +2 -12
  95. package/lib/vendor/blamejs/lib/content-digest.js +10 -8
  96. package/lib/vendor/blamejs/lib/cookies.js +5 -11
  97. package/lib/vendor/blamejs/lib/cose.js +19 -11
  98. package/lib/vendor/blamejs/lib/cra-report.js +1 -11
  99. package/lib/vendor/blamejs/lib/crypto-field.js +5 -10
  100. package/lib/vendor/blamejs/lib/crypto.js +120 -3
  101. package/lib/vendor/blamejs/lib/csp.js +235 -3
  102. package/lib/vendor/blamejs/lib/daemon.js +42 -41
  103. package/lib/vendor/blamejs/lib/data-act.js +19 -9
  104. package/lib/vendor/blamejs/lib/db-query.js +6 -40
  105. package/lib/vendor/blamejs/lib/db.js +34 -12
  106. package/lib/vendor/blamejs/lib/dbsc.js +5 -6
  107. package/lib/vendor/blamejs/lib/ddl-change-control.js +18 -14
  108. package/lib/vendor/blamejs/lib/deprecate.js +4 -5
  109. package/lib/vendor/blamejs/lib/did.js +6 -2
  110. package/lib/vendor/blamejs/lib/dsr.js +8 -12
  111. package/lib/vendor/blamejs/lib/external-db-migrate.js +21 -22
  112. package/lib/vendor/blamejs/lib/external-db.js +14 -26
  113. package/lib/vendor/blamejs/lib/fda-21cfr11.js +12 -8
  114. package/lib/vendor/blamejs/lib/fdx.js +22 -18
  115. package/lib/vendor/blamejs/lib/file-upload.js +80 -66
  116. package/lib/vendor/blamejs/lib/flag-evaluation-context.js +5 -8
  117. package/lib/vendor/blamejs/lib/framework-error.js +12 -0
  118. package/lib/vendor/blamejs/lib/framework-schema.js +19 -0
  119. package/lib/vendor/blamejs/lib/fsm.js +7 -12
  120. package/lib/vendor/blamejs/lib/gate-contract.js +869 -38
  121. package/lib/vendor/blamejs/lib/gdpr-ropa.js +4 -13
  122. package/lib/vendor/blamejs/lib/graphql-federation.js +1 -1
  123. package/lib/vendor/blamejs/lib/guard-agent-registry.js +2 -1
  124. package/lib/vendor/blamejs/lib/guard-all.js +1 -0
  125. package/lib/vendor/blamejs/lib/guard-archive.js +9 -30
  126. package/lib/vendor/blamejs/lib/guard-auth.js +23 -80
  127. package/lib/vendor/blamejs/lib/guard-cidr.js +20 -96
  128. package/lib/vendor/blamejs/lib/guard-csv.js +135 -196
  129. package/lib/vendor/blamejs/lib/guard-domain.js +23 -106
  130. package/lib/vendor/blamejs/lib/guard-dsn.js +16 -13
  131. package/lib/vendor/blamejs/lib/guard-email.js +46 -53
  132. package/lib/vendor/blamejs/lib/guard-envelope.js +1 -1
  133. package/lib/vendor/blamejs/lib/guard-event-bus-topic.js +2 -1
  134. package/lib/vendor/blamejs/lib/guard-filename.js +12 -60
  135. package/lib/vendor/blamejs/lib/guard-graphql.js +28 -75
  136. package/lib/vendor/blamejs/lib/guard-html-wcag.js +15 -2
  137. package/lib/vendor/blamejs/lib/guard-html.js +65 -117
  138. package/lib/vendor/blamejs/lib/guard-idempotency-key.js +2 -1
  139. package/lib/vendor/blamejs/lib/guard-image.js +280 -77
  140. package/lib/vendor/blamejs/lib/guard-imap-command.js +8 -9
  141. package/lib/vendor/blamejs/lib/guard-json.js +87 -103
  142. package/lib/vendor/blamejs/lib/guard-jsonpath.js +20 -88
  143. package/lib/vendor/blamejs/lib/guard-jwt.js +32 -114
  144. package/lib/vendor/blamejs/lib/guard-list-id.js +2 -7
  145. package/lib/vendor/blamejs/lib/guard-list-unsubscribe.js +2 -7
  146. package/lib/vendor/blamejs/lib/guard-mail-compose.js +5 -6
  147. package/lib/vendor/blamejs/lib/guard-mail-move.js +2 -1
  148. package/lib/vendor/blamejs/lib/guard-mail-query.js +5 -3
  149. package/lib/vendor/blamejs/lib/guard-mail-sieve.js +6 -7
  150. package/lib/vendor/blamejs/lib/guard-managesieve-command.js +5 -4
  151. package/lib/vendor/blamejs/lib/guard-markdown.js +76 -110
  152. package/lib/vendor/blamejs/lib/guard-message-id.js +5 -6
  153. package/lib/vendor/blamejs/lib/guard-mime.js +20 -99
  154. package/lib/vendor/blamejs/lib/guard-oauth.js +19 -73
  155. package/lib/vendor/blamejs/lib/guard-pdf.js +65 -72
  156. package/lib/vendor/blamejs/lib/guard-pop3-command.js +12 -13
  157. package/lib/vendor/blamejs/lib/guard-posture-chain.js +2 -1
  158. package/lib/vendor/blamejs/lib/guard-regex.js +24 -99
  159. package/lib/vendor/blamejs/lib/guard-saga-config.js +2 -1
  160. package/lib/vendor/blamejs/lib/guard-shell.js +22 -87
  161. package/lib/vendor/blamejs/lib/guard-smtp-command.js +8 -11
  162. package/lib/vendor/blamejs/lib/guard-sql.js +15 -13
  163. package/lib/vendor/blamejs/lib/guard-stream-args.js +2 -1
  164. package/lib/vendor/blamejs/lib/guard-svg.js +95 -140
  165. package/lib/vendor/blamejs/lib/guard-template.js +23 -80
  166. package/lib/vendor/blamejs/lib/guard-tenant-id.js +2 -1
  167. package/lib/vendor/blamejs/lib/guard-text.js +592 -0
  168. package/lib/vendor/blamejs/lib/guard-time.js +27 -95
  169. package/lib/vendor/blamejs/lib/guard-uuid.js +21 -93
  170. package/lib/vendor/blamejs/lib/guard-xml.js +76 -106
  171. package/lib/vendor/blamejs/lib/guard-yaml.js +24 -60
  172. package/lib/vendor/blamejs/lib/http-client-cache.js +5 -12
  173. package/lib/vendor/blamejs/lib/http-client-cookie-jar.js +2 -4
  174. package/lib/vendor/blamejs/lib/http-client.js +8 -21
  175. package/lib/vendor/blamejs/lib/http-message-signature.js +3 -2
  176. package/lib/vendor/blamejs/lib/i18n-messageformat.js +5 -7
  177. package/lib/vendor/blamejs/lib/i18n.js +83 -26
  178. package/lib/vendor/blamejs/lib/inbox.js +8 -8
  179. package/lib/vendor/blamejs/lib/incident-report.js +3 -21
  180. package/lib/vendor/blamejs/lib/ip-utils.js +49 -6
  181. package/lib/vendor/blamejs/lib/jobs.js +3 -2
  182. package/lib/vendor/blamejs/lib/keychain.js +6 -18
  183. package/lib/vendor/blamejs/lib/legal-hold.js +6 -15
  184. package/lib/vendor/blamejs/lib/log-stream-cloudwatch.js +44 -112
  185. package/lib/vendor/blamejs/lib/log-stream-otlp-grpc.js +17 -14
  186. package/lib/vendor/blamejs/lib/log-stream-otlp.js +16 -80
  187. package/lib/vendor/blamejs/lib/log-stream-webhook.js +20 -92
  188. package/lib/vendor/blamejs/lib/mail-arc-sign.js +8 -3
  189. package/lib/vendor/blamejs/lib/mail-arf.js +3 -2
  190. package/lib/vendor/blamejs/lib/mail-auth.js +40 -66
  191. package/lib/vendor/blamejs/lib/mail-bimi.js +19 -39
  192. package/lib/vendor/blamejs/lib/mail-crypto-pgp.js +3 -2
  193. package/lib/vendor/blamejs/lib/mail-dav.js +8 -35
  194. package/lib/vendor/blamejs/lib/mail-deploy.js +6 -9
  195. package/lib/vendor/blamejs/lib/mail-dkim.js +19 -38
  196. package/lib/vendor/blamejs/lib/mail-greylist.js +15 -26
  197. package/lib/vendor/blamejs/lib/mail-helo.js +2 -3
  198. package/lib/vendor/blamejs/lib/mail-journal.js +2 -1
  199. package/lib/vendor/blamejs/lib/mail-mdn.js +4 -3
  200. package/lib/vendor/blamejs/lib/mail-rbl.js +5 -8
  201. package/lib/vendor/blamejs/lib/mail-scan.js +2 -2
  202. package/lib/vendor/blamejs/lib/mail-send-deliver.js +33 -20
  203. package/lib/vendor/blamejs/lib/mail-server-imap.js +32 -87
  204. package/lib/vendor/blamejs/lib/mail-server-jmap.js +35 -51
  205. package/lib/vendor/blamejs/lib/mail-server-managesieve.js +29 -83
  206. package/lib/vendor/blamejs/lib/mail-server-mx.js +33 -74
  207. package/lib/vendor/blamejs/lib/mail-server-net.js +177 -0
  208. package/lib/vendor/blamejs/lib/mail-server-pop3.js +30 -83
  209. package/lib/vendor/blamejs/lib/mail-server-rate-limit.js +30 -6
  210. package/lib/vendor/blamejs/lib/mail-server-submission.js +34 -73
  211. package/lib/vendor/blamejs/lib/mail-server-tls.js +89 -0
  212. package/lib/vendor/blamejs/lib/mail-spam-score.js +7 -8
  213. package/lib/vendor/blamejs/lib/mail-store.js +3 -2
  214. package/lib/vendor/blamejs/lib/mail.js +6 -11
  215. package/lib/vendor/blamejs/lib/markup-escape.js +31 -0
  216. package/lib/vendor/blamejs/lib/markup-tokenizer.js +54 -0
  217. package/lib/vendor/blamejs/lib/mcp-tool-registry.js +26 -23
  218. package/lib/vendor/blamejs/lib/mcp.js +1 -1
  219. package/lib/vendor/blamejs/lib/mdoc.js +11 -12
  220. package/lib/vendor/blamejs/lib/metrics.js +32 -30
  221. package/lib/vendor/blamejs/lib/middleware/age-gate.js +3 -23
  222. package/lib/vendor/blamejs/lib/middleware/api-encrypt.js +11 -22
  223. package/lib/vendor/blamejs/lib/middleware/assetlinks.js +2 -7
  224. package/lib/vendor/blamejs/lib/middleware/bearer-auth.js +2 -1
  225. package/lib/vendor/blamejs/lib/middleware/body-parser.js +31 -48
  226. package/lib/vendor/blamejs/lib/middleware/bot-disclose.js +7 -10
  227. package/lib/vendor/blamejs/lib/middleware/bot-guard.js +2 -10
  228. package/lib/vendor/blamejs/lib/middleware/csrf-protect.js +13 -2
  229. package/lib/vendor/blamejs/lib/middleware/daily-byte-quota.js +6 -26
  230. package/lib/vendor/blamejs/lib/middleware/deny-response.js +19 -1
  231. package/lib/vendor/blamejs/lib/middleware/fetch-metadata.js +7 -0
  232. package/lib/vendor/blamejs/lib/middleware/idempotency-key.js +4 -20
  233. package/lib/vendor/blamejs/lib/middleware/rate-limit.js +20 -28
  234. package/lib/vendor/blamejs/lib/middleware/scim-server.js +3 -2
  235. package/lib/vendor/blamejs/lib/middleware/security-headers.js +9 -1
  236. package/lib/vendor/blamejs/lib/middleware/security-txt.js +2 -6
  237. package/lib/vendor/blamejs/lib/middleware/tus-upload.js +12 -27
  238. package/lib/vendor/blamejs/lib/middleware/web-app-manifest.js +2 -7
  239. package/lib/vendor/blamejs/lib/migrations.js +4 -13
  240. package/lib/vendor/blamejs/lib/mime-parse.js +34 -17
  241. package/lib/vendor/blamejs/lib/module-loader.js +44 -0
  242. package/lib/vendor/blamejs/lib/money.js +105 -0
  243. package/lib/vendor/blamejs/lib/mtls-ca.js +116 -36
  244. package/lib/vendor/blamejs/lib/network-byte-quota.js +4 -18
  245. package/lib/vendor/blamejs/lib/network-dane.js +8 -6
  246. package/lib/vendor/blamejs/lib/network-dns-resolver.js +97 -6
  247. package/lib/vendor/blamejs/lib/network-dnssec.js +16 -16
  248. package/lib/vendor/blamejs/lib/network-heartbeat.js +3 -2
  249. package/lib/vendor/blamejs/lib/network-smtp-policy.js +29 -41
  250. package/lib/vendor/blamejs/lib/network-tls.js +40 -42
  251. package/lib/vendor/blamejs/lib/nis2-report.js +1 -11
  252. package/lib/vendor/blamejs/lib/nonce-store.js +81 -3
  253. package/lib/vendor/blamejs/lib/numeric-bounds.js +22 -8
  254. package/lib/vendor/blamejs/lib/object-store/azure-blob-bucket-ops.js +2 -6
  255. package/lib/vendor/blamejs/lib/object-store/azure-blob.js +5 -45
  256. package/lib/vendor/blamejs/lib/object-store/gcs.js +8 -71
  257. package/lib/vendor/blamejs/lib/object-store/http-put.js +1 -5
  258. package/lib/vendor/blamejs/lib/object-store/http-request.js +128 -0
  259. package/lib/vendor/blamejs/lib/object-store/sigv4-bucket-ops.js +2 -1
  260. package/lib/vendor/blamejs/lib/object-store/sigv4.js +9 -77
  261. package/lib/vendor/blamejs/lib/observability-otlp-exporter.js +9 -25
  262. package/lib/vendor/blamejs/lib/observability.js +95 -0
  263. package/lib/vendor/blamejs/lib/openapi-paths-builder.js +7 -3
  264. package/lib/vendor/blamejs/lib/otel-export.js +7 -10
  265. package/lib/vendor/blamejs/lib/outbox.js +43 -37
  266. package/lib/vendor/blamejs/lib/pagination.js +11 -15
  267. package/lib/vendor/blamejs/lib/parsers/safe-env.js +5 -4
  268. package/lib/vendor/blamejs/lib/parsers/safe-ini.js +10 -4
  269. package/lib/vendor/blamejs/lib/parsers/safe-toml.js +11 -9
  270. package/lib/vendor/blamejs/lib/parsers/safe-xml.js +2 -2
  271. package/lib/vendor/blamejs/lib/parsers/safe-yaml.js +7 -6
  272. package/lib/vendor/blamejs/lib/pick.js +63 -5
  273. package/lib/vendor/blamejs/lib/pipl-cn.js +69 -59
  274. package/lib/vendor/blamejs/lib/privacy-pass.js +8 -6
  275. package/lib/vendor/blamejs/lib/problem-details.js +2 -5
  276. package/lib/vendor/blamejs/lib/pubsub.js +4 -8
  277. package/lib/vendor/blamejs/lib/redact.js +2 -1
  278. package/lib/vendor/blamejs/lib/render.js +4 -2
  279. package/lib/vendor/blamejs/lib/request-helpers.js +133 -6
  280. package/lib/vendor/blamejs/lib/restore.js +5 -22
  281. package/lib/vendor/blamejs/lib/retention.js +3 -5
  282. package/lib/vendor/blamejs/lib/safe-async.js +457 -0
  283. package/lib/vendor/blamejs/lib/safe-buffer.js +137 -6
  284. package/lib/vendor/blamejs/lib/safe-decompress.js +2 -1
  285. package/lib/vendor/blamejs/lib/safe-dns.js +2 -1
  286. package/lib/vendor/blamejs/lib/safe-ical.js +12 -26
  287. package/lib/vendor/blamejs/lib/safe-json.js +7 -8
  288. package/lib/vendor/blamejs/lib/safe-jsonpath.js +6 -5
  289. package/lib/vendor/blamejs/lib/safe-mime.js +25 -29
  290. package/lib/vendor/blamejs/lib/safe-redirect.js +2 -5
  291. package/lib/vendor/blamejs/lib/safe-schema.js +7 -6
  292. package/lib/vendor/blamejs/lib/safe-sql.js +126 -0
  293. package/lib/vendor/blamejs/lib/safe-vcard.js +12 -26
  294. package/lib/vendor/blamejs/lib/sandbox-worker.js +9 -2
  295. package/lib/vendor/blamejs/lib/sandbox.js +3 -2
  296. package/lib/vendor/blamejs/lib/scheduler.js +5 -12
  297. package/lib/vendor/blamejs/lib/sec-cyber.js +82 -37
  298. package/lib/vendor/blamejs/lib/seeders.js +4 -11
  299. package/lib/vendor/blamejs/lib/self-update.js +92 -69
  300. package/lib/vendor/blamejs/lib/session-device-binding.js +112 -66
  301. package/lib/vendor/blamejs/lib/session.js +194 -6
  302. package/lib/vendor/blamejs/lib/sql.js +225 -78
  303. package/lib/vendor/blamejs/lib/sse.js +6 -10
  304. package/lib/vendor/blamejs/lib/static.js +136 -98
  305. package/lib/vendor/blamejs/lib/storage.js +4 -2
  306. package/lib/vendor/blamejs/lib/structured-fields.js +275 -16
  307. package/lib/vendor/blamejs/lib/tenant-quota.js +2 -20
  308. package/lib/vendor/blamejs/lib/tsa.js +11 -15
  309. package/lib/vendor/blamejs/lib/validate-opts.js +154 -8
  310. package/lib/vendor/blamejs/lib/vault/seal-pem-file.js +30 -48
  311. package/lib/vendor/blamejs/lib/vault-aad.js +3 -2
  312. package/lib/vendor/blamejs/lib/vc.js +2 -7
  313. package/lib/vendor/blamejs/lib/vex.js +35 -13
  314. package/lib/vendor/blamejs/lib/web-push-vapid.js +23 -20
  315. package/lib/vendor/blamejs/lib/webhook-dispatcher.js +706 -0
  316. package/lib/vendor/blamejs/lib/webhook.js +43 -18
  317. package/lib/vendor/blamejs/lib/websocket-channels.js +9 -7
  318. package/lib/vendor/blamejs/lib/websocket.js +7 -3
  319. package/lib/vendor/blamejs/lib/worm.js +2 -3
  320. package/lib/vendor/blamejs/lib/ws-client.js +8 -10
  321. package/lib/vendor/blamejs/package.json +1 -1
  322. package/lib/vendor/blamejs/release-notes/v0.15.13.json +81 -0
  323. package/lib/vendor/blamejs/scripts/check-changelog-extract.js +1 -1
  324. package/lib/vendor/blamejs/test/00-primitives.js +136 -7
  325. package/lib/vendor/blamejs/test/10-state.js +9 -3
  326. package/lib/vendor/blamejs/test/30-chain.js +40 -0
  327. package/lib/vendor/blamejs/test/helpers/check.js +18 -0
  328. package/lib/vendor/blamejs/test/helpers/db.js +4 -0
  329. package/lib/vendor/blamejs/test/helpers/index.js +1 -0
  330. package/lib/vendor/blamejs/test/integration/audit-chain-external-db.test.js +2 -1
  331. package/lib/vendor/blamejs/test/integration/audit-stack-postgres.test.js +2 -1
  332. package/lib/vendor/blamejs/test/integration/data-layer-mysql.test.js +8 -1
  333. package/lib/vendor/blamejs/test/integration/data-layer-pg.test.js +1 -1
  334. package/lib/vendor/blamejs/test/integration/framework-schema-mysql.test.js +2 -1
  335. package/lib/vendor/blamejs/test/integration/webhook-dispatcher-pg.test.js +269 -0
  336. package/lib/vendor/blamejs/test/layer-0-primitives/atomic-file-fd-read.test.js +149 -0
  337. package/lib/vendor/blamejs/test/layer-0-primitives/audit-framework-namespaces.test.js +51 -0
  338. package/lib/vendor/blamejs/test/layer-0-primitives/audit-sign-anchor.test.js +88 -0
  339. package/lib/vendor/blamejs/test/layer-0-primitives/audit-use-store.test.js +55 -1
  340. package/lib/vendor/blamejs/test/layer-0-primitives/backup-object-store-adapter.test.js +2 -2
  341. package/lib/vendor/blamejs/test/layer-0-primitives/bot-guard.test.js +1 -1
  342. package/lib/vendor/blamejs/test/layer-0-primitives/bounded-map.test.js +129 -0
  343. package/lib/vendor/blamejs/test/layer-0-primitives/chain-writer-multichain.test.js +107 -0
  344. package/lib/vendor/blamejs/test/layer-0-primitives/cli-api-key.test.js +12 -0
  345. package/lib/vendor/blamejs/test/layer-0-primitives/codebase-patterns.test.js +2788 -3214
  346. package/lib/vendor/blamejs/test/layer-0-primitives/codepoint-class.test.js +78 -0
  347. package/lib/vendor/blamejs/test/layer-0-primitives/crypto-base64url.test.js +63 -0
  348. package/lib/vendor/blamejs/test/layer-0-primitives/crypto-hash-stream.test.js +2 -1
  349. package/lib/vendor/blamejs/test/layer-0-primitives/csp-builder.test.js +50 -0
  350. package/lib/vendor/blamejs/test/layer-0-primitives/csp-nonce.test.js +1 -1
  351. package/lib/vendor/blamejs/test/layer-0-primitives/daemon.test.js +2 -1
  352. package/lib/vendor/blamejs/test/layer-0-primitives/defineguard-resolve-opts.test.js +76 -0
  353. package/lib/vendor/blamejs/test/layer-0-primitives/flag.test.js +9 -0
  354. package/lib/vendor/blamejs/test/layer-0-primitives/gate-contract-content-gate.test.js +290 -0
  355. package/lib/vendor/blamejs/test/layer-0-primitives/guard-csv.test.js +84 -0
  356. package/lib/vendor/blamejs/test/layer-0-primitives/guard-email.test.js +78 -0
  357. package/lib/vendor/blamejs/test/layer-0-primitives/guard-filename.test.js +23 -0
  358. package/lib/vendor/blamejs/test/layer-0-primitives/guard-gate-disposition-coverage.test.js +93 -0
  359. package/lib/vendor/blamejs/test/layer-0-primitives/guard-html.test.js +60 -0
  360. package/lib/vendor/blamejs/test/layer-0-primitives/guard-image.test.js +184 -0
  361. package/lib/vendor/blamejs/test/layer-0-primitives/guard-imap-command.test.js +0 -0
  362. package/lib/vendor/blamejs/test/layer-0-primitives/guard-json.test.js +54 -0
  363. package/lib/vendor/blamejs/test/layer-0-primitives/guard-managesieve-command.test.js +10 -0
  364. package/lib/vendor/blamejs/test/layer-0-primitives/guard-markdown.test.js +45 -0
  365. package/lib/vendor/blamejs/test/layer-0-primitives/guard-pdf.test.js +101 -0
  366. package/lib/vendor/blamejs/test/layer-0-primitives/guard-pop3-command.test.js +18 -0
  367. package/lib/vendor/blamejs/test/layer-0-primitives/guard-svg.test.js +76 -0
  368. package/lib/vendor/blamejs/test/layer-0-primitives/guard-text.test.js +365 -0
  369. package/lib/vendor/blamejs/test/layer-0-primitives/guard-xml.test.js +35 -0
  370. package/lib/vendor/blamejs/test/layer-0-primitives/guard-yaml.test.js +36 -0
  371. package/lib/vendor/blamejs/test/layer-0-primitives/i18n.test.js +20 -0
  372. package/lib/vendor/blamejs/test/layer-0-primitives/inbox.test.js +15 -0
  373. package/lib/vendor/blamejs/test/layer-0-primitives/ip-utils.test.js +83 -0
  374. package/lib/vendor/blamejs/test/layer-0-primitives/mail-arf.test.js +10 -0
  375. package/lib/vendor/blamejs/test/layer-0-primitives/mail-auth.test.js +39 -0
  376. package/lib/vendor/blamejs/test/layer-0-primitives/mail-dkim.test.js +36 -0
  377. package/lib/vendor/blamejs/test/layer-0-primitives/mail-greylist.test.js +17 -0
  378. package/lib/vendor/blamejs/test/layer-0-primitives/mail-server-tls.test.js +39 -0
  379. package/lib/vendor/blamejs/test/layer-0-primitives/mail-store.test.js +17 -0
  380. package/lib/vendor/blamejs/test/layer-0-primitives/mime-parse.test.js +106 -0
  381. package/lib/vendor/blamejs/test/layer-0-primitives/money.test.js +17 -0
  382. package/lib/vendor/blamejs/test/layer-0-primitives/mtls-ca-revocation.test.js +98 -0
  383. package/lib/vendor/blamejs/test/layer-0-primitives/nonce-store-release.test.js +77 -0
  384. package/lib/vendor/blamejs/test/layer-0-primitives/observability.test.js +48 -0
  385. package/lib/vendor/blamejs/test/layer-0-primitives/rate-limit-memory-getorinsert.test.js +100 -0
  386. package/lib/vendor/blamejs/test/layer-0-primitives/request-helpers.test.js +88 -0
  387. package/lib/vendor/blamejs/test/layer-0-primitives/safe-async-loops.test.js +278 -0
  388. package/lib/vendor/blamejs/test/layer-0-primitives/safe-buffer-linear-scans.test.js +37 -0
  389. package/lib/vendor/blamejs/test/layer-0-primitives/safe-jsonpath.test.js +14 -0
  390. package/lib/vendor/blamejs/test/layer-0-primitives/sandbox.test.js +19 -0
  391. package/lib/vendor/blamejs/test/layer-0-primitives/security-headers.test.js +1 -1
  392. package/lib/vendor/blamejs/test/layer-0-primitives/self-update.test.js +2 -1
  393. package/lib/vendor/blamejs/test/layer-0-primitives/session-device-binding.test.js +18 -0
  394. package/lib/vendor/blamejs/test/layer-0-primitives/session-extensions.test.js +1 -1
  395. package/lib/vendor/blamejs/test/layer-0-primitives/session-valid-from.test.js +73 -0
  396. package/lib/vendor/blamejs/test/layer-0-primitives/sql.test.js +100 -0
  397. package/lib/vendor/blamejs/test/layer-0-primitives/structured-fields.test.js +80 -0
  398. package/lib/vendor/blamejs/test/layer-0-primitives/validate-opts-shape.test.js +235 -0
  399. package/lib/vendor/blamejs/test/layer-0-primitives/webhook-dispatcher.test.js +374 -0
  400. package/lib/vendor/blamejs/test/layer-0-primitives/webhook.test.js +75 -8
  401. package/lib/vendor/blamejs/test/layer-5-integration/guard-host-integration.test.js +3 -3
  402. package/package.json +1 -1
@@ -69,7 +69,6 @@ var codepointClass = require("./codepoint-class");
69
69
  var lazyRequire = require("./lazy-require");
70
70
  var gateContract = require("./gate-contract");
71
71
  var C = require("./constants");
72
- var numericBounds = require("./numeric-bounds");
73
72
  var safeYamlLazy = lazyRequire(function () { return require("./parsers/safe-yaml"); });
74
73
  var { GuardYamlError } = require("./framework-error");
75
74
 
@@ -120,10 +119,7 @@ var PROFILES = Object.freeze({
120
119
  leadingZeroPolicy: "reject",
121
120
  duplicateKeyPolicy: "reject",
122
121
  mergeKeyPolicy: "reject",
123
- bidiPolicy: "reject",
124
- controlPolicy: "reject",
125
- nullBytePolicy: "reject",
126
- zeroWidthPolicy: "reject",
122
+ ...gateContract.CHAR_THREATS_REJECT_ALL,
127
123
  safeCoreTagsAllowed: false,
128
124
  maxBytes: C.BYTES.mib(2),
129
125
  maxDepth: 8, // recursion depth, not byte size
@@ -177,37 +173,13 @@ var PROFILES = Object.freeze({
177
173
  },
178
174
  });
179
175
 
180
- var DEFAULTS = Object.freeze(Object.assign({}, PROFILES["strict"], {
181
- mode: "enforce",
182
- maxRuntimeMs: C.TIME.seconds(10),
183
- }));
184
-
185
- var COMPLIANCE_POSTURES = Object.freeze({
186
- "hipaa": Object.assign({}, PROFILES["strict"], {
187
- forensicSnippetBytes: C.BYTES.bytes(256),
188
- }),
189
- "pci-dss": Object.assign({}, PROFILES["strict"], {
190
- forensicSnippetBytes: C.BYTES.bytes(256),
191
- }),
192
- "gdpr": Object.assign({}, PROFILES["balanced"], {
193
- forensicSnippetBytes: C.BYTES.bytes(128),
194
- }),
195
- "soc2": Object.assign({}, PROFILES["strict"], {
196
- forensicSnippetBytes: C.BYTES.bytes(512),
197
- }),
176
+ var DEFAULTS = gateContract.strictDefaults(PROFILES, {
177
+ maxRuntimeMs: C.TIME.seconds(10),
198
178
  });
199
179
 
200
- // ---- Helpers ----
180
+ var COMPLIANCE_POSTURES = gateContract.compliancePostures(PROFILES, { base: 256 });
201
181
 
202
- function _resolveOpts(opts) {
203
- return gateContract.resolveProfileAndPosture(opts, {
204
- profiles: PROFILES,
205
- compliancePostures: COMPLIANCE_POSTURES,
206
- defaults: DEFAULTS,
207
- errorClass: GuardYamlError,
208
- errCodePrefix: "yaml",
209
- });
210
- }
182
+ // ---- Helpers ----
211
183
 
212
184
  function _isDangerousTag(tag) {
213
185
  for (var i = 0; i < DANGEROUS_TAG_PREFIXES.length; i += 1) {
@@ -237,16 +209,9 @@ function _scanTags(text) {
237
209
  }
238
210
 
239
211
  function _detectIssues(input, opts) {
240
- var issues = [];
241
- if (typeof input !== "string") {
242
- return [{ kind: "bad-input", severity: "high",
243
- snippet: "input is not a string" }];
244
- }
245
- if (input.length > opts.maxBytes) {
246
- return [{ kind: "too-large", severity: "high", ruleId: "yaml.too-large",
247
- snippet: "input " + input.length +
248
- " bytes exceeds maxBytes " + opts.maxBytes }];
249
- }
212
+ var pre = gateContract.detectStringInput(input, opts, { name: "yaml", noun: "input", emptyMode: "skip", scanCodepoints: false, cap: { bytes: opts.maxBytes, kind: "too-large", snippet: function (byteLen, max) { return "input " + byteLen + " bytes exceeds maxBytes " + max; } } });
213
+ if (pre.done) return pre.issues;
214
+ var issues = pre.issues;
250
215
 
251
216
  // 1. Tag-injection scan.
252
217
  var tagHits = _scanTags(input);
@@ -496,21 +461,12 @@ function _detectDuplicateKeysYaml(text) {
496
461
  * rv.ok; // → false
497
462
  * rv.issues.some(function (i) { return i.kind === "dangerous-tag"; }); // → true
498
463
  */
499
- function validate(input, opts) {
500
- opts = _resolveOpts(opts);
501
- numericBounds.requireAllPositiveFiniteIntIfPresent(opts,
502
- ["maxBytes", "maxDepth", "maxAnchors", "maxAliasDepth",
503
- "maxDocuments", "maxNodes", "maxScalarLength"],
504
- "guardYaml.validate", GuardYamlError, "yaml.bad-opt");
505
- if (typeof input !== "string") {
506
- return {
507
- ok: false,
508
- issues: [{ kind: "bad-input", severity: "high",
509
- snippet: "input is not a string" }],
510
- };
511
- }
512
- return gateContract.aggregateIssues(_detectIssues(input, opts));
513
- }
464
+ // validate is assembled by gateContract.defineGuard from `detect`
465
+ // (_detectIssues) below — `validate(input, opts) = aggregateIssues(detect(
466
+ // input, resolveOpts(opts)))`, with the positive-finite-int opt caps declared
467
+ // via `intOpts`. A non-string input refuses through `_detectIssues`'s own
468
+ // bad-input branch, so the result shape is unchanged. The @primitive block
469
+ // above documents the resulting public ABI.
514
470
 
515
471
  /**
516
472
  * @primitive b.guardYaml.parse
@@ -548,7 +504,13 @@ function validate(input, opts) {
548
504
  * safe.age; // → 30
549
505
  */
550
506
  function parse(input, opts) {
551
- opts = _resolveOpts(opts);
507
+ opts = gateContract.resolveProfileAndPosture(opts, {
508
+ profiles: PROFILES,
509
+ compliancePostures: COMPLIANCE_POSTURES,
510
+ defaults: DEFAULTS,
511
+ errorClass: GuardYamlError,
512
+ errCodePrefix: "yaml",
513
+ });
552
514
  if (typeof input !== "string") {
553
515
  throw _err("yaml.bad-input", "parse requires string input");
554
516
  }
@@ -605,7 +567,9 @@ module.exports = gateContract.defineGuard({
605
567
  mimeTypes: ["application/yaml", "application/x-yaml", "text/yaml", "text/x-yaml"],
606
568
  extensions: [".yml", ".yaml"],
607
569
  integrationFixtures: INTEGRATION_FIXTURES,
608
- validate: validate,
570
+ detect: _detectIssues,
571
+ intOpts: ["maxBytes", "maxDepth", "maxAnchors", "maxAliasDepth",
572
+ "maxDocuments", "maxNodes", "maxScalarLength"],
609
573
  extra: {
610
574
  parse: parse,
611
575
  DANGEROUS_TAG_PREFIXES: DANGEROUS_TAG_PREFIXES,
@@ -47,6 +47,7 @@ var canonicalJson = require("./canonical-json");
47
47
  var safeUrl = require("./safe-url");
48
48
  var structuredFields = require("./structured-fields");
49
49
  var validateOpts = require("./validate-opts");
50
+ var numericBounds = require("./numeric-bounds");
50
51
  var { HttpClientError } = require("./framework-error");
51
52
 
52
53
  // ---- Tunables ----------------------------------------------------------
@@ -393,18 +394,10 @@ function memoryStore(opts) {
393
394
  if (typeof opts !== "object") {
394
395
  throw _hcErr("httpclient/cache-bad-opts", "memoryStore: opts must be an object");
395
396
  }
396
- if (opts.maxBytes !== undefined &&
397
- (typeof opts.maxBytes !== "number" || !isFinite(opts.maxBytes) ||
398
- opts.maxBytes <= 0 || Math.floor(opts.maxBytes) !== opts.maxBytes)) {
399
- throw _hcErr("httpclient/cache-bad-opts",
400
- "memoryStore: maxBytes must be a positive integer");
401
- }
402
- if (opts.maxEntries !== undefined &&
403
- (typeof opts.maxEntries !== "number" || !isFinite(opts.maxEntries) ||
404
- opts.maxEntries <= 0 || Math.floor(opts.maxEntries) !== opts.maxEntries)) {
405
- throw _hcErr("httpclient/cache-bad-opts",
406
- "memoryStore: maxEntries must be a positive integer");
407
- }
397
+ numericBounds.requirePositiveFiniteIntIfPresent(opts.maxBytes,
398
+ "memoryStore: maxBytes", HttpClientError, "httpclient/cache-bad-opts", { permanent: true });
399
+ numericBounds.requirePositiveFiniteIntIfPresent(opts.maxEntries,
400
+ "memoryStore: maxEntries", HttpClientError, "httpclient/cache-bad-opts", { permanent: true });
408
401
  if (opts.evictionPolicy !== undefined && opts.evictionPolicy !== "lru") {
409
402
  throw _hcErr("httpclient/cache-bad-opts",
410
403
  "memoryStore: evictionPolicy must be 'lru' (got " + JSON.stringify(opts.evictionPolicy) + ")");
@@ -170,10 +170,8 @@ function create(opts) {
170
170
  }
171
171
  var vault = opts.vault || null;
172
172
  if (persist === "vault") {
173
- if (!vault || typeof vault.seal !== "function" || typeof vault.unseal !== "function") {
174
- throw _err("BAD_OPT",
175
- "cookieJar.create: persist: 'vault' requires opts.vault with seal/unseal (pass b.vault)");
176
- }
173
+ validateOpts.requireMethods(vault, ["seal", "unseal"],
174
+ "cookieJar.create: persist: 'vault' opts.vault (pass b.vault)", CookieJarError, "BAD_OPT");
177
175
  }
178
176
  var filePath = null;
179
177
  if (persist === "file") {
@@ -53,6 +53,7 @@ var safeBuffer = require("./safe-buffer");
53
53
  var safeUrl = require("./safe-url");
54
54
  var ssrfGuard = require("./ssrf-guard");
55
55
  var networkProxy = require("./network-proxy");
56
+ var numericBounds = require("./numeric-bounds");
56
57
  var validateOpts = require("./validate-opts");
57
58
  var { FrameworkError, HttpClientError } = require("./framework-error");
58
59
 
@@ -165,15 +166,9 @@ function configurePool(opts) {
165
166
  "'. Allowed: " + allowed.join(", "));
166
167
  }
167
168
  }
168
- function _requirePositiveInt(name, value) {
169
- if (typeof value !== "number" || !isFinite(value) || value <= 0 || Math.floor(value) !== value) {
170
- throw new Error("httpClient.configurePool: " + name +
171
- " must be a positive integer, got " + JSON.stringify(value));
172
- }
173
- }
174
- if (opts.maxSockets !== undefined) _requirePositiveInt("maxSockets", opts.maxSockets);
175
- if (opts.maxFreeSockets !== undefined) _requirePositiveInt("maxFreeSockets", opts.maxFreeSockets);
176
- if (opts.keepAliveMsecs !== undefined) _requirePositiveInt("keepAliveMsecs", opts.keepAliveMsecs);
169
+ numericBounds.requireAllPositiveFiniteIntIfPresent(opts,
170
+ ["maxSockets", "maxFreeSockets", "keepAliveMsecs"], "httpClient.configurePool",
171
+ HttpClientError, "httpclient/bad-opts", { permanent: true });
177
172
  if (opts.keepAlive !== undefined && typeof opts.keepAlive !== "boolean") {
178
173
  throw new Error("httpClient.configurePool: keepAlive must be a boolean");
179
174
  }
@@ -1825,12 +1820,8 @@ function _validateDownloadOpts(opts) {
1825
1820
  }
1826
1821
  validateOpts.optionalPositiveFinite(opts.timeoutMs, "downloadStream: timeoutMs",
1827
1822
  HttpClientError, "httpclient/bad-opts");
1828
- if (opts.maxBytes !== undefined &&
1829
- (typeof opts.maxBytes !== "number" || !isFinite(opts.maxBytes) || opts.maxBytes <= 0 ||
1830
- Math.floor(opts.maxBytes) !== opts.maxBytes)) {
1831
- throw _hcErr("httpclient/bad-opts",
1832
- "downloadStream: maxBytes must be a positive finite integer");
1833
- }
1823
+ numericBounds.requirePositiveFiniteIntIfPresent(opts.maxBytes,
1824
+ "downloadStream: maxBytes", HttpClientError, "httpclient/bad-opts", { permanent: true });
1834
1825
  }
1835
1826
 
1836
1827
  function _emitAudit(opts, action, outcome, metadata) {
@@ -2050,12 +2041,8 @@ function _validateUploadOpts(opts) {
2050
2041
  }
2051
2042
  validateOpts.optionalPositiveFinite(opts.timeoutMs, "uploadMultipartStream: timeoutMs",
2052
2043
  HttpClientError, "httpclient/bad-opts");
2053
- if (opts.maxBytes !== undefined &&
2054
- (typeof opts.maxBytes !== "number" || !isFinite(opts.maxBytes) || opts.maxBytes <= 0 ||
2055
- Math.floor(opts.maxBytes) !== opts.maxBytes)) {
2056
- throw _hcErr("httpclient/bad-opts",
2057
- "uploadMultipartStream: maxBytes must be a positive finite integer");
2058
- }
2044
+ numericBounds.requirePositiveFiniteIntIfPresent(opts.maxBytes,
2045
+ "uploadMultipartStream: maxBytes", HttpClientError, "httpclient/bad-opts", { permanent: true });
2059
2046
  }
2060
2047
 
2061
2048
  /**
@@ -542,8 +542,9 @@ function verify(msg, opts) {
542
542
  var member = digestMembers[di].trim();
543
543
  var deq = member.indexOf("=");
544
544
  if (deq < 1) continue;
545
- if (member.slice(0, deq).trim().toLowerCase() !== "sha3-512") continue;
546
- var memberCanonical = "sha3-512=" + member.slice(deq + 1).trim();
545
+ var dkv = structuredFields.parseKeyValuePiece(member);
546
+ if (dkv.key !== "sha3-512") continue;
547
+ var memberCanonical = "sha3-512=" + dkv.value.trim();
547
548
  // crypto.timingSafeEqual is the length-tolerant constant-time wrapper
548
549
  // (returns false for unequal lengths without leaking via a length branch).
549
550
  if (bCrypto.timingSafeEqual(memberCanonical, expectedDigest)) { matchedDigest = true; break; }
@@ -45,6 +45,7 @@
45
45
  * shaped JSON entries continue to work unchanged.
46
46
  */
47
47
  var lazyRequire = require("./lazy-require");
48
+ var boundedMap = require("./bounded-map");
48
49
  var { defineClass } = require("./framework-error");
49
50
 
50
51
  var I18nMessageFormatError = defineClass("I18nMessageFormatError",
@@ -314,12 +315,9 @@ function _skipWs(state) {
314
315
  var _pluralRulesCache = new Map();
315
316
  function _pluralRules(locale, type) {
316
317
  var key = locale + "\x1f" + type;
317
- var pr = _pluralRulesCache.get(key);
318
- if (!pr) {
319
- pr = new Intl.PluralRules(locale, { type: type });
320
- _pluralRulesCache.set(key, pr);
321
- }
322
- return pr;
318
+ return boundedMap.getOrInsert(_pluralRulesCache, key, function () {
319
+ return new Intl.PluralRules(locale, { type: type });
320
+ });
323
321
  }
324
322
 
325
323
  function format(template, vars, locale) {
@@ -382,7 +380,7 @@ function looksLikeMessageFormat(template) {
382
380
  if (typeof template !== "string") return false;
383
381
  // Cheap structural check — full-syntax detection comes from parse()
384
382
  // throwing if it isn't valid MessageFormat.
385
- return /\{[^}]+,\s*(plural|select|selectordinal)\b/.test(template);
383
+ return /\{[^{}]+,\s*(plural|select|selectordinal)\b/.test(template);
386
384
  }
387
385
 
388
386
  module.exports = {
@@ -64,7 +64,7 @@ var requestHelpers = require("./request-helpers");
64
64
  var safeJson = require("./safe-json");
65
65
  var validateOpts = require("./validate-opts");
66
66
  var { I18nError } = require("./framework-error");
67
- var { boundedMap } = require("./bounded-map");
67
+ var { boundedMap, getOrInsert } = require("./bounded-map");
68
68
 
69
69
  // Per-instance formatter caches are keyed on (locale, JSON.stringify
70
70
  // formatOpts). A fixed `locales` set bounds the locale axis, but operators
@@ -133,6 +133,80 @@ function _validateLocaleArray(name, value) {
133
133
  }
134
134
  }
135
135
 
136
+ // Pure resolution-chain builder — the subtag-strip walk shared by the
137
+ // instance lookup and the public localeChain primitive. Start at the requested
138
+ // locale and strip subtag suffixes right-to-left ("pt-BR" -> "pt"); subtag
139
+ // stripping always applies (same language, less specific). Cross-locale
140
+ // fallback (to fallbackLocale, then defaultLocale) fires only when
141
+ // fallbackLocale is non-null — fallbackLocale: null is strict "this locale or
142
+ // miss". No duplicate baseline.
143
+ function _buildLocaleChain(locale, fallbackLocale, defaultLocale) {
144
+ var chain = [];
145
+ var current = locale;
146
+ while (current && chain.indexOf(current) === -1) {
147
+ chain.push(current);
148
+ var dash = current.lastIndexOf("-");
149
+ if (dash === -1) break;
150
+ current = current.slice(0, dash);
151
+ }
152
+ if (fallbackLocale === null) return chain;
153
+ if (chain.indexOf(fallbackLocale) === -1) chain.push(fallbackLocale);
154
+ if (chain.indexOf(defaultLocale) === -1) chain.push(defaultLocale);
155
+ return chain;
156
+ }
157
+
158
+ /**
159
+ * @primitive b.i18n.localeChain
160
+ * @signature b.i18n.localeChain(locale, opts)
161
+ * @since 0.15.13
162
+ * @status stable
163
+ * @related b.i18n.create
164
+ *
165
+ * Resolve a requested BCP 47 locale to its ordered fallback chain — the same
166
+ * subtag-strip logic the file-backed `t()` lookup uses, surfaced as a pure,
167
+ * instance-independent function so a data-backed consumer (translations in a
168
+ * database row, a CMS page, a CDN-cached asset) can drive its own per-`(resource,
169
+ * locale, field)` lookups on the framework's BCP 47 fallback instead of
170
+ * re-deriving subtag stripping by hand.
171
+ *
172
+ * Pure: no file loading, no message lookup. The chain is the requested locale,
173
+ * then each subtag-stripped parent ("fr-CA" -> "fr"), then `fallbackLocale`,
174
+ * then `defaultLocale`, de-duplicated. `fallbackLocale: null` gives strict
175
+ * "this locale or its parents only" (no cross-locale jump).
176
+ *
177
+ * @opts
178
+ * defaultLocale: string, // BCP 47; required; the final baseline
179
+ * fallbackLocale: string | null, // null = strict; omitted = defaultLocale
180
+ * locales: string[], // optional configured set; when given, defaultLocale + fallbackLocale must be members
181
+ *
182
+ * @example
183
+ * b.i18n.localeChain("fr-CA", { defaultLocale: "en", fallbackLocale: "en" });
184
+ * // → ["fr-CA", "fr", "en"]
185
+ * b.i18n.localeChain("zh-Hant-TW", { defaultLocale: "en", fallbackLocale: null });
186
+ * // → ["zh-Hant-TW", "zh-Hant", "zh"] (strict — no jump to en)
187
+ */
188
+ function localeChain(locale, opts) {
189
+ opts = opts || {};
190
+ _validateLocale("i18n.localeChain: locale", locale);
191
+ _validateLocale("i18n.localeChain: defaultLocale", opts.defaultLocale);
192
+ var defaultLocale = opts.defaultLocale;
193
+ var fallbackLocale = (opts.fallbackLocale === null) ? null
194
+ : ((opts.fallbackLocale === undefined) ? defaultLocale : opts.fallbackLocale);
195
+ if (fallbackLocale !== null) _validateLocale("i18n.localeChain: fallbackLocale", fallbackLocale);
196
+ if (opts.locales !== undefined) {
197
+ _validateLocaleArray("i18n.localeChain: locales", opts.locales);
198
+ if (opts.locales.indexOf(defaultLocale) === -1) {
199
+ throw _err("BAD_OPT", "i18n.localeChain: defaultLocale '" + defaultLocale +
200
+ "' must be one of the configured locales");
201
+ }
202
+ if (fallbackLocale !== null && opts.locales.indexOf(fallbackLocale) === -1) {
203
+ throw _err("BAD_OPT", "i18n.localeChain: fallbackLocale '" + fallbackLocale +
204
+ "' must be one of the configured locales");
205
+ }
206
+ }
207
+ return _buildLocaleChain(locale, fallbackLocale, defaultLocale);
208
+ }
209
+
136
210
  function _validateInterpolation(value) {
137
211
  if (value === undefined) return DEFAULTS.interpolation;
138
212
  if (typeof value !== "object" || value === null) {
@@ -366,13 +440,11 @@ function _makeFormatterCache(make, kind, emitObs) {
366
440
  return function getFormatter(locale, formatOpts) {
367
441
  var optsKey = formatOpts ? JSON.stringify(formatOpts) : "";
368
442
  var cacheKey = locale + "\x1f" + optsKey;
369
- var f = cache.get(cacheKey);
370
- if (!f) {
371
- f = make(locale, formatOpts);
372
- cache.set(cacheKey, f);
443
+ return getOrInsert(cache, cacheKey, function () {
444
+ var f = make(locale, formatOpts);
373
445
  emitObs("i18n.format.created", { kind: kind, locale: locale });
374
- }
375
- return f;
446
+ return f;
447
+ });
376
448
  };
377
449
  }
378
450
 
@@ -572,25 +644,9 @@ function create(opts) {
572
644
  }
573
645
 
574
646
  function _localeChain(locale) {
575
- // Build the resolution chain. Start with the requested locale and
576
- // strip subtag suffixes (`pt-BR` `pt`); subtag stripping always
577
- // applies because it's "same language, less specific" rather than a
578
- // cross-locale jump. Cross-locale fallback (to fallbackLocale, then
579
- // defaultLocale) only fires when fallbackLocale is non-null —
580
- // operators who set fallbackLocale: null get strict "this locale or
581
- // miss" semantics.
582
- var chain = [];
583
- var current = locale;
584
- while (current && chain.indexOf(current) === -1) {
585
- chain.push(current);
586
- var dash = current.lastIndexOf("-");
587
- if (dash === -1) break;
588
- current = current.slice(0, dash);
589
- }
590
- if (fallbackLocale === null) return chain;
591
- if (chain.indexOf(fallbackLocale) === -1) chain.push(fallbackLocale);
592
- if (chain.indexOf(defaultLocale) === -1) chain.push(defaultLocale);
593
- return chain;
647
+ // Delegates to the module-level pure builder; fallbackLocale /
648
+ // defaultLocale are this instance's resolved config.
649
+ return _buildLocaleChain(locale, fallbackLocale, defaultLocale);
594
650
  }
595
651
 
596
652
  function _lookupRaw(key, locale) {
@@ -932,6 +988,7 @@ var messageFormat = require("./i18n-messageformat");
932
988
 
933
989
  module.exports = {
934
990
  create: create,
991
+ localeChain: localeChain,
935
992
  messageFormat: messageFormat,
936
993
  I18nError: I18nError,
937
994
  DEFAULTS: DEFAULTS,
@@ -43,9 +43,11 @@
43
43
  */
44
44
 
45
45
  var C = require("./constants");
46
+ var codepointClass = require("./codepoint-class");
46
47
  var lazyRequire = require("./lazy-require");
47
48
  var safeJson = require("./safe-json");
48
49
  var safeSql = require("./safe-sql");
50
+ var safeBuffer = require("./safe-buffer");
49
51
  var sql = require("./sql");
50
52
  var validateOpts = require("./validate-opts");
51
53
  var { defineClass } = require("./framework-error");
@@ -204,13 +206,11 @@ function create(opts) {
204
206
  }
205
207
 
206
208
  function _rejectControlChars(value, label, field) {
207
- for (var i = 0; i < value.length; i += 1) {
208
- var code = value.charCodeAt(i);
209
- if (code === 0 || (code < 32 && code !== 9) || code === 127) { // ASCII control codepoints (NUL + C0 + DEL); allow tab
210
- throw new InboxError("inbox/bad-receive",
211
- label + ": " + field + " contains control character at index " + i +
212
- " (codepoint " + code + ")");
213
- }
209
+ var _off = codepointClass.firstControlCharOffset(value); // allow tab (RFC 5322 folding WS)
210
+ if (_off !== -1) {
211
+ throw new InboxError("inbox/bad-receive",
212
+ label + ": " + field + " contains control character at index " + _off +
213
+ " (codepoint " + value.charCodeAt(_off) + ")");
214
214
  }
215
215
  }
216
216
 
@@ -223,7 +223,7 @@ function create(opts) {
223
223
  var metaJson = null;
224
224
  if (receiveOpts.metadata != null) {
225
225
  var serialized = safeJson.stringify(receiveOpts.metadata);
226
- if (serialized.length > maxPayloadBytes) {
226
+ if (safeBuffer.byteLengthOf(serialized) > maxPayloadBytes) {
227
227
  throw new InboxError("inbox/bad-receive",
228
228
  "recordReceive: metadata serialized exceeds maxPayloadBytes (" +
229
229
  maxPayloadBytes + " bytes)");
@@ -138,7 +138,6 @@ function create(opts) {
138
138
  "audit", "persist", "onStage", "deadlines", "now",
139
139
  ], "incident.report");
140
140
 
141
- var auditOn = opts.audit !== false;
142
141
  var persist = typeof opts.persist === "function" ? opts.persist : null;
143
142
  var onStage = typeof opts.onStage === "function" ? opts.onStage : null;
144
143
  var deadlinesOverride = opts.deadlines || null;
@@ -150,20 +149,8 @@ function create(opts) {
150
149
  var incidents = new Map();
151
150
  var seq = 0;
152
151
 
153
- function _emitAudit(action, outcome, metadata) {
154
- if (!auditOn) return;
155
- try {
156
- audit().safeEmit({
157
- action: "incident.report." + action,
158
- outcome: outcome,
159
- metadata: metadata || {},
160
- });
161
- } catch (_e) { /* drop-silent */ }
162
- }
163
- function _emitMetric(verb, n, labels) {
164
- try { observability().safeEvent("incident.report." + verb, n || 1, labels || {}); }
165
- catch (_e) { /* drop-silent */ }
166
- }
152
+ var _emitAudit = audit().namespaced("incident.report", opts.audit);
153
+ var _emitMetric = observability().namespaced("incident.report");
167
154
 
168
155
  function _genIncidentId(regime, detectedAt) {
169
156
  seq += 1;
@@ -339,12 +326,7 @@ function createDeadlineClock(opts) {
339
326
  var tracked = new Map(); // incidentId -> { detectedAt, dueBy, regime, acked, fired }
340
327
  var timer = null;
341
328
 
342
- function _emit(action, outcome, metadata) {
343
- if (!auditOn) return;
344
- try {
345
- audit().safeEmit({ action: "incident.report.clock." + action, outcome: outcome, metadata: metadata || {} });
346
- } catch (_e) { /* drop-silent — by design */ }
347
- }
329
+ var _emit = audit().namespaced("incident.report.clock", auditOn);
348
330
  function _notify(payload) {
349
331
  if (!notify) return;
350
332
  try {
@@ -82,9 +82,9 @@ function expandIpv6Groups(ip) {
82
82
  // Loose IPv4 textual-form check — for primitives that need to
83
83
  // classify a string as "looks like dotted-quad IPv4" but don't need
84
84
  // the strict per-octet bound check (callers that DO need octet
85
- // bounds use the strict form in `mail-rbl.js` etc.). Shared so
86
- // `lib/mail.js`, `lib/mail-helo.js`, and `lib/redis-client.js`
87
- // don't drift on the same shape.
85
+ // bounds use `isIPv4` below). Shared so `lib/mail.js`,
86
+ // `lib/mail-helo.js`, and `lib/redis-client.js` don't drift on the
87
+ // same shape.
88
88
  //
89
89
  // isIPv4Shape("1.2.3.4") → true
90
90
  // isIPv4Shape("999.0.0.0") → true (shape only; octets unbounded)
@@ -95,8 +95,51 @@ function isIPv4Shape(s) {
95
95
  return typeof s === "string" && IPV4_SHAPE_RE.test(s);
96
96
  }
97
97
 
98
+ // Strict RFC 791 dotted-quad IPv4: four 0-255 octets separated by `.`.
99
+ // The single source for textual IPv4 validation across the framework
100
+ // — `b.mail.greylist` / `b.mail.rbl` CIDR fingerprinting, `b.mail.helo`
101
+ // RFC 5321 §4.1.3 address-literals, `b.guardDomain` IPv4-as-domain
102
+ // detection, and `b.safeSchema` `.ip()`. Hand-rolling the per-octet
103
+ // alternation had drifted into several spellings; this is canonical.
104
+ //
105
+ // isIPv4("203.0.113.42") → true
106
+ // isIPv4("256.0.0.1") → false (octet > 255)
107
+ // isIPv4("1.2.3") → false (three octets)
108
+ var IPV4_RE = /^(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}$/; // allow:regex-no-length-cap — anchored + per-octet repeat-cap
109
+ function isIPv4(s) {
110
+ return typeof s === "string" && IPV4_RE.test(s);
111
+ }
112
+
113
+ // RFC 5321 §4.1.3 IPv4 address-literal `[1.2.3.4]`. Capture group 1 is
114
+ // the inner dotted-quad; `b.mail.helo` matches a claimed literal
115
+ // against the connection IP. Same per-octet bound as `IPV4_RE`.
116
+ var IPV4_ADDR_LITERAL_RE = /^\[((?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})\]$/; // allow:regex-no-length-cap — anchored + per-octet repeat-cap
117
+
118
+ // Loose IPv6 textual pre-filter: hex digits + colons only, bounded to
119
+ // the RFC 4291 §2.2 max no-IPv4-tail textual length (8 groups × 4 hex
120
+ // + 7 colons = 39). A cheap fail-fast before the full `expandIpv6Hex`
121
+ // parse — NOT a complete validator; callers follow with
122
+ // `expandIpv6Hex`. A hex-colon string longer than 39 chars is never a
123
+ // valid IPv6 textual form, so the bound only rejects garbage.
124
+ //
125
+ // looksLikeIPv6Hex("2001:db8::1") → true
126
+ // looksLikeIPv6Hex("::1") → true
127
+ // looksLikeIPv6Hex("::ffff:1.2.3.4")→ false (dotted tail — use expandIpv6Hex)
128
+ // looksLikeIPv6Hex("nothex") → false
129
+ var IPV6_TEXT_MAX_LEN = 39; // RFC 4291 §2.2 max no-IPv4-tail textual length
130
+ var IPV6_HEX_RE = /^[0-9a-fA-F:]+$/; // allow:regex-no-length-cap — length-bounded by IPV6_TEXT_MAX_LEN in looksLikeIPv6Hex
131
+ function looksLikeIPv6Hex(s) {
132
+ return typeof s === "string" && s.length <= IPV6_TEXT_MAX_LEN && IPV6_HEX_RE.test(s);
133
+ }
134
+
98
135
  module.exports = {
99
- expandIpv6Hex: expandIpv6Hex,
100
- expandIpv6Groups: expandIpv6Groups,
101
- isIPv4Shape: isIPv4Shape,
136
+ expandIpv6Hex: expandIpv6Hex,
137
+ expandIpv6Groups: expandIpv6Groups,
138
+ isIPv4Shape: isIPv4Shape,
139
+ isIPv4: isIPv4,
140
+ IPV4_RE: IPV4_RE,
141
+ IPV4_ADDR_LITERAL_RE: IPV4_ADDR_LITERAL_RE,
142
+ looksLikeIPv6Hex: looksLikeIPv6Hex,
143
+ IPV6_HEX_RE: IPV6_HEX_RE,
144
+ IPV6_TEXT_MAX_LEN: IPV6_TEXT_MAX_LEN,
102
145
  };
@@ -77,6 +77,7 @@ var { boot } = require("./log");
77
77
  var queue = require("./queue");
78
78
  var validateOpts = require("./validate-opts");
79
79
  var { JobsError } = require("./framework-error");
80
+ var boundedMap = require("./bounded-map");
80
81
 
81
82
  var log = boot("jobs");
82
83
 
@@ -102,10 +103,10 @@ function create(opts) {
102
103
  if (typeof handler !== "function") {
103
104
  throw _err("INVALID_HANDLER", "jobs.define: handler must be a function", true);
104
105
  }
105
- if (registry.has(name)) {
106
+ boundedMap.requireAbsent(registry, name, function () {
106
107
  throw _err("DUPLICATE_NAME",
107
108
  "jobs.define: '" + name + "' is already defined", true);
108
- }
109
+ });
109
110
  if (started) {
110
111
  // Defining after start would mean the new handler doesn't run
111
112
  // until the next start cycle. Reject loudly so operators don't
@@ -242,24 +242,12 @@ async function _writeFile(fallbackFile, doc, passphrase) {
242
242
  // Drain a stream into a Buffer, honoring an upper byte cap so a
243
243
  // runaway tool can't OOM the framework.
244
244
  function _drain(stream, capBytes) {
245
- return new Promise(function (resolve, reject) {
246
- if (!stream) { resolve(Buffer.alloc(0)); return; }
247
- var collector = safeBuffer.boundedChunkCollector({
248
- maxBytes: capBytes,
249
- errorClass: KeychainError,
250
- sizeCode: "keychain/native-output-too-large",
251
- sizeMessage: "native tool output exceeded " + capBytes + " bytes",
252
- });
253
- stream.on("data", function (chunk) {
254
- try {
255
- collector.push(chunk);
256
- } catch (e) {
257
- try { stream.destroy(); } catch (_e) { /* destroy best-effort */ }
258
- reject(e);
259
- }
260
- });
261
- stream.on("end", function () { resolve(collector.result()); });
262
- stream.on("error", function (e) { reject(e); });
245
+ if (!stream) return Promise.resolve(Buffer.alloc(0));
246
+ return safeBuffer.collectStream(stream, {
247
+ maxBytes: capBytes,
248
+ errorClass: KeychainError,
249
+ sizeCode: "keychain/native-output-too-large",
250
+ sizeMessage: "native tool output exceeded " + capBytes + " bytes",
263
251
  });
264
252
  }
265
253