@blamejs/blamejs-shop 0.4.68 → 0.4.70

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (298) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/lib/admin.js +8 -6
  3. package/lib/asset-manifest.json +1 -1
  4. package/lib/giftcards.js +29 -5
  5. package/lib/security-middleware.js +65 -23
  6. package/lib/storefront.js +10 -7
  7. package/lib/vendor/MANIFEST.json +319 -267
  8. package/lib/vendor/blamejs/CHANGELOG.md +2 -0
  9. package/lib/vendor/blamejs/api-snapshot.json +58 -5
  10. package/lib/vendor/blamejs/examples/wiki/README.md +1 -1
  11. package/lib/vendor/blamejs/examples/wiki/docker-compose.prod.yml +9 -8
  12. package/lib/vendor/blamejs/examples/wiki/docker-compose.yml +10 -9
  13. package/lib/vendor/blamejs/examples/wiki/env-snapshot.json +4 -3
  14. package/lib/vendor/blamejs/examples/wiki/lib/build-app.js +33 -17
  15. package/lib/vendor/blamejs/examples/wiki/routes/admin.js +7 -10
  16. package/lib/vendor/blamejs/examples/wiki/server.js +5 -4
  17. package/lib/vendor/blamejs/examples/wiki/test/e2e.js +5 -0
  18. package/lib/vendor/blamejs/lib/a2a-tasks.js +38 -6
  19. package/lib/vendor/blamejs/lib/agent-event-bus.js +13 -0
  20. package/lib/vendor/blamejs/lib/agent-idempotency.js +5 -1
  21. package/lib/vendor/blamejs/lib/agent-snapshot.js +32 -2
  22. package/lib/vendor/blamejs/lib/ai-aedt-bias-audit.js +2 -1
  23. package/lib/vendor/blamejs/lib/ai-content-detect.js +1 -3
  24. package/lib/vendor/blamejs/lib/ai-frontier-protocol.js +1 -1
  25. package/lib/vendor/blamejs/lib/ai-model-manifest.js +1 -1
  26. package/lib/vendor/blamejs/lib/ai-output.js +16 -7
  27. package/lib/vendor/blamejs/lib/api-snapshot.js +4 -1
  28. package/lib/vendor/blamejs/lib/app-shutdown.js +7 -1
  29. package/lib/vendor/blamejs/lib/archive-gz.js +9 -0
  30. package/lib/vendor/blamejs/lib/archive-read.js +9 -7
  31. package/lib/vendor/blamejs/lib/archive-tar-read.js +51 -8
  32. package/lib/vendor/blamejs/lib/archive.js +4 -2
  33. package/lib/vendor/blamejs/lib/asn1-der.js +70 -22
  34. package/lib/vendor/blamejs/lib/atomic-file.js +204 -2
  35. package/lib/vendor/blamejs/lib/audit-chain.js +54 -5
  36. package/lib/vendor/blamejs/lib/audit-daily-review.js +12 -2
  37. package/lib/vendor/blamejs/lib/audit-sign.js +2 -1
  38. package/lib/vendor/blamejs/lib/audit-tools.js +108 -23
  39. package/lib/vendor/blamejs/lib/audit.js +7 -2
  40. package/lib/vendor/blamejs/lib/auth/access-lock.js +2 -2
  41. package/lib/vendor/blamejs/lib/auth/bot-challenge.js +1 -1
  42. package/lib/vendor/blamejs/lib/auth/ciba.js +43 -4
  43. package/lib/vendor/blamejs/lib/auth/dpop.js +6 -1
  44. package/lib/vendor/blamejs/lib/auth/fido-mds3.js +5 -1
  45. package/lib/vendor/blamejs/lib/auth/jwt.js +2 -2
  46. package/lib/vendor/blamejs/lib/auth/lockout.js +18 -2
  47. package/lib/vendor/blamejs/lib/auth/passkey.js +1 -1
  48. package/lib/vendor/blamejs/lib/auth/password.js +1 -1
  49. package/lib/vendor/blamejs/lib/auth/saml.js +33 -13
  50. package/lib/vendor/blamejs/lib/auth/sd-jwt-vc.js +24 -4
  51. package/lib/vendor/blamejs/lib/auth/status-list.js +14 -2
  52. package/lib/vendor/blamejs/lib/auth/step-up.js +9 -1
  53. package/lib/vendor/blamejs/lib/auth-bot-challenge.js +21 -2
  54. package/lib/vendor/blamejs/lib/backup/bundle.js +7 -2
  55. package/lib/vendor/blamejs/lib/backup/crypto.js +23 -8
  56. package/lib/vendor/blamejs/lib/backup/index.js +41 -20
  57. package/lib/vendor/blamejs/lib/backup/manifest.js +7 -1
  58. package/lib/vendor/blamejs/lib/break-glass.js +41 -22
  59. package/lib/vendor/blamejs/lib/cbor.js +34 -11
  60. package/lib/vendor/blamejs/lib/cdn-cache-control.js +7 -3
  61. package/lib/vendor/blamejs/lib/cert.js +5 -3
  62. package/lib/vendor/blamejs/lib/cli.js +5 -1
  63. package/lib/vendor/blamejs/lib/cloud-events.js +3 -2
  64. package/lib/vendor/blamejs/lib/cluster-storage.js +7 -3
  65. package/lib/vendor/blamejs/lib/codepoint-class.js +17 -0
  66. package/lib/vendor/blamejs/lib/compliance-eaa.js +1 -1
  67. package/lib/vendor/blamejs/lib/compliance-sanctions.js +9 -7
  68. package/lib/vendor/blamejs/lib/compliance.js +1 -1
  69. package/lib/vendor/blamejs/lib/config-drift.js +22 -8
  70. package/lib/vendor/blamejs/lib/content-credentials.js +11 -8
  71. package/lib/vendor/blamejs/lib/content-digest.js +11 -4
  72. package/lib/vendor/blamejs/lib/cookies.js +10 -2
  73. package/lib/vendor/blamejs/lib/cose.js +20 -0
  74. package/lib/vendor/blamejs/lib/crdt.js +2 -1
  75. package/lib/vendor/blamejs/lib/crypto-field.js +29 -23
  76. package/lib/vendor/blamejs/lib/crypto.js +18 -4
  77. package/lib/vendor/blamejs/lib/csp.js +4 -0
  78. package/lib/vendor/blamejs/lib/daemon.js +4 -1
  79. package/lib/vendor/blamejs/lib/data-act.js +27 -4
  80. package/lib/vendor/blamejs/lib/db-file-lifecycle.js +14 -6
  81. package/lib/vendor/blamejs/lib/db-query.js +69 -9
  82. package/lib/vendor/blamejs/lib/db.js +32 -15
  83. package/lib/vendor/blamejs/lib/dora.js +43 -13
  84. package/lib/vendor/blamejs/lib/dr-runbook.js +1 -1
  85. package/lib/vendor/blamejs/lib/dsa.js +2 -1
  86. package/lib/vendor/blamejs/lib/dsr.js +22 -8
  87. package/lib/vendor/blamejs/lib/early-hints.js +19 -0
  88. package/lib/vendor/blamejs/lib/eat.js +5 -1
  89. package/lib/vendor/blamejs/lib/external-db.js +60 -4
  90. package/lib/vendor/blamejs/lib/fda-21cfr11.js +30 -5
  91. package/lib/vendor/blamejs/lib/flag-providers.js +6 -2
  92. package/lib/vendor/blamejs/lib/forms.js +1 -1
  93. package/lib/vendor/blamejs/lib/gate-contract.js +46 -5
  94. package/lib/vendor/blamejs/lib/gdpr-ropa.js +18 -9
  95. package/lib/vendor/blamejs/lib/graphql-federation.js +17 -4
  96. package/lib/vendor/blamejs/lib/guard-all.js +2 -2
  97. package/lib/vendor/blamejs/lib/guard-dsn.js +1 -1
  98. package/lib/vendor/blamejs/lib/guard-envelope.js +1 -1
  99. package/lib/vendor/blamejs/lib/guard-html.js +9 -11
  100. package/lib/vendor/blamejs/lib/guard-imap-command.js +1 -1
  101. package/lib/vendor/blamejs/lib/guard-jmap.js +1 -1
  102. package/lib/vendor/blamejs/lib/guard-json.js +14 -6
  103. package/lib/vendor/blamejs/lib/guard-mail-move.js +1 -1
  104. package/lib/vendor/blamejs/lib/guard-managesieve-command.js +1 -1
  105. package/lib/vendor/blamejs/lib/guard-pop3-command.js +1 -1
  106. package/lib/vendor/blamejs/lib/guard-smtp-command.js +1 -1
  107. package/lib/vendor/blamejs/lib/guard-svg.js +8 -9
  108. package/lib/vendor/blamejs/lib/html-balance.js +7 -3
  109. package/lib/vendor/blamejs/lib/http-client-cookie-jar.js +33 -12
  110. package/lib/vendor/blamejs/lib/http-client.js +225 -53
  111. package/lib/vendor/blamejs/lib/iab-tcf.js +3 -2
  112. package/lib/vendor/blamejs/lib/importmap-integrity.js +41 -1
  113. package/lib/vendor/blamejs/lib/incident-report.js +9 -6
  114. package/lib/vendor/blamejs/lib/json-patch.js +1 -1
  115. package/lib/vendor/blamejs/lib/json-path.js +24 -3
  116. package/lib/vendor/blamejs/lib/jtd.js +2 -2
  117. package/lib/vendor/blamejs/lib/legal-hold.js +24 -8
  118. package/lib/vendor/blamejs/lib/log.js +2 -2
  119. package/lib/vendor/blamejs/lib/mail-agent.js +2 -2
  120. package/lib/vendor/blamejs/lib/mail-arf.js +1 -1
  121. package/lib/vendor/blamejs/lib/mail-auth.js +3 -3
  122. package/lib/vendor/blamejs/lib/mail-bimi.js +16 -16
  123. package/lib/vendor/blamejs/lib/mail-bounce.js +3 -3
  124. package/lib/vendor/blamejs/lib/mail-crypto-smime.js +71 -6
  125. package/lib/vendor/blamejs/lib/mail-deploy.js +9 -5
  126. package/lib/vendor/blamejs/lib/mail-greylist.js +2 -4
  127. package/lib/vendor/blamejs/lib/mail-helo.js +2 -4
  128. package/lib/vendor/blamejs/lib/mail-journal.js +11 -8
  129. package/lib/vendor/blamejs/lib/mail-mdn.js +8 -4
  130. package/lib/vendor/blamejs/lib/mail-rbl.js +2 -4
  131. package/lib/vendor/blamejs/lib/mail-scan.js +3 -5
  132. package/lib/vendor/blamejs/lib/mail-server-jmap.js +4 -1
  133. package/lib/vendor/blamejs/lib/mail-server-registry.js +1 -1
  134. package/lib/vendor/blamejs/lib/mail-server-tls.js +9 -2
  135. package/lib/vendor/blamejs/lib/mail-spam-score.js +2 -4
  136. package/lib/vendor/blamejs/lib/mail-store-fts.js +1 -1
  137. package/lib/vendor/blamejs/lib/mail.js +22 -2
  138. package/lib/vendor/blamejs/lib/markup-tokenizer.js +24 -0
  139. package/lib/vendor/blamejs/lib/mcp.js +6 -4
  140. package/lib/vendor/blamejs/lib/mdoc.js +26 -3
  141. package/lib/vendor/blamejs/lib/metrics.js +14 -3
  142. package/lib/vendor/blamejs/lib/middleware/api-encrypt.js +2 -2
  143. package/lib/vendor/blamejs/lib/middleware/body-parser.js +10 -4
  144. package/lib/vendor/blamejs/lib/middleware/bot-guard.js +26 -18
  145. package/lib/vendor/blamejs/lib/middleware/clear-site-data.js +5 -1
  146. package/lib/vendor/blamejs/lib/middleware/compression.js +9 -0
  147. package/lib/vendor/blamejs/lib/middleware/cors.js +32 -23
  148. package/lib/vendor/blamejs/lib/middleware/csrf-protect.js +60 -21
  149. package/lib/vendor/blamejs/lib/middleware/daily-byte-quota.js +6 -4
  150. package/lib/vendor/blamejs/lib/middleware/fetch-metadata.js +28 -4
  151. package/lib/vendor/blamejs/lib/middleware/network-allowlist.js +61 -30
  152. package/lib/vendor/blamejs/lib/middleware/rate-limit.js +25 -16
  153. package/lib/vendor/blamejs/lib/middleware/scim-server.js +2 -1
  154. package/lib/vendor/blamejs/lib/middleware/security-headers.js +24 -6
  155. package/lib/vendor/blamejs/lib/middleware/speculation-rules.js +6 -3
  156. package/lib/vendor/blamejs/lib/middleware/tus-upload.js +2 -2
  157. package/lib/vendor/blamejs/lib/money.js +1 -1
  158. package/lib/vendor/blamejs/lib/mtls-ca.js +10 -6
  159. package/lib/vendor/blamejs/lib/network-dns-resolver.js +1 -1
  160. package/lib/vendor/blamejs/lib/network-dns.js +9 -2
  161. package/lib/vendor/blamejs/lib/network-dnssec.js +2 -1
  162. package/lib/vendor/blamejs/lib/network-smtp-policy.js +23 -5
  163. package/lib/vendor/blamejs/lib/network-tls.js +27 -5
  164. package/lib/vendor/blamejs/lib/network-tsig.js +2 -2
  165. package/lib/vendor/blamejs/lib/nis2-report.js +1 -1
  166. package/lib/vendor/blamejs/lib/nist-crosswalk.js +1 -1
  167. package/lib/vendor/blamejs/lib/ntp-check.js +28 -0
  168. package/lib/vendor/blamejs/lib/numeric-bounds.js +9 -0
  169. package/lib/vendor/blamejs/lib/object-store/azure-blob.js +1 -2
  170. package/lib/vendor/blamejs/lib/object-store/gcs-bucket-ops.js +4 -2
  171. package/lib/vendor/blamejs/lib/object-store/gcs.js +6 -4
  172. package/lib/vendor/blamejs/lib/object-store/http-put.js +1 -2
  173. package/lib/vendor/blamejs/lib/object-store/http-request.js +30 -1
  174. package/lib/vendor/blamejs/lib/object-store/local.js +37 -17
  175. package/lib/vendor/blamejs/lib/object-store/sigv4.js +1 -2
  176. package/lib/vendor/blamejs/lib/observability-otlp-exporter.js +20 -4
  177. package/lib/vendor/blamejs/lib/outbox.js +11 -4
  178. package/lib/vendor/blamejs/lib/parsers/safe-xml.js +1 -1
  179. package/lib/vendor/blamejs/lib/parsers/safe-yaml.js +21 -3
  180. package/lib/vendor/blamejs/lib/queue-local.js +10 -3
  181. package/lib/vendor/blamejs/lib/redact.js +7 -3
  182. package/lib/vendor/blamejs/lib/request-helpers.js +201 -23
  183. package/lib/vendor/blamejs/lib/resource-access-lock.js +3 -3
  184. package/lib/vendor/blamejs/lib/restore-bundle.js +46 -18
  185. package/lib/vendor/blamejs/lib/restore-rollback.js +10 -4
  186. package/lib/vendor/blamejs/lib/restore.js +19 -0
  187. package/lib/vendor/blamejs/lib/retention.js +20 -4
  188. package/lib/vendor/blamejs/lib/router.js +17 -4
  189. package/lib/vendor/blamejs/lib/safe-ical.js +2 -2
  190. package/lib/vendor/blamejs/lib/safe-icap.js +1 -1
  191. package/lib/vendor/blamejs/lib/safe-json.js +44 -0
  192. package/lib/vendor/blamejs/lib/safe-sieve.js +1 -1
  193. package/lib/vendor/blamejs/lib/safe-vcard.js +1 -1
  194. package/lib/vendor/blamejs/lib/sandbox-worker.js +6 -0
  195. package/lib/vendor/blamejs/lib/sandbox.js +1 -1
  196. package/lib/vendor/blamejs/lib/scheduler.js +17 -1
  197. package/lib/vendor/blamejs/lib/self-update-standalone-verifier.js +16 -0
  198. package/lib/vendor/blamejs/lib/session.js +27 -3
  199. package/lib/vendor/blamejs/lib/sql.js +3 -3
  200. package/lib/vendor/blamejs/lib/static.js +65 -13
  201. package/lib/vendor/blamejs/lib/template.js +7 -5
  202. package/lib/vendor/blamejs/lib/tenant-quota.js +52 -19
  203. package/lib/vendor/blamejs/lib/tsa.js +5 -2
  204. package/lib/vendor/blamejs/lib/vault/index.js +5 -0
  205. package/lib/vendor/blamejs/lib/vault/passphrase-ops.js +22 -26
  206. package/lib/vendor/blamejs/lib/vault/passphrase-source.js +8 -3
  207. package/lib/vendor/blamejs/lib/vault/rotate.js +13 -18
  208. package/lib/vendor/blamejs/lib/vault/seal-pem-file.js +4 -1
  209. package/lib/vendor/blamejs/lib/vc.js +1 -1
  210. package/lib/vendor/blamejs/lib/vendor/MANIFEST.json +10 -10
  211. package/lib/vendor/blamejs/lib/vendor/public-suffix-list.dat +23 -10
  212. package/lib/vendor/blamejs/lib/vendor/public-suffix-list.data.js +5498 -5494
  213. package/lib/vendor/blamejs/lib/webhook.js +16 -1
  214. package/lib/vendor/blamejs/lib/websocket.js +1 -1
  215. package/lib/vendor/blamejs/lib/worm.js +1 -1
  216. package/lib/vendor/blamejs/lib/ws-client.js +57 -46
  217. package/lib/vendor/blamejs/lib/x509-chain.js +44 -0
  218. package/lib/vendor/blamejs/package.json +1 -1
  219. package/lib/vendor/blamejs/release-notes/v0.15.14.json +122 -0
  220. package/lib/vendor/blamejs/scripts/check-vendor-currency.js +119 -4
  221. package/lib/vendor/blamejs/test/00-primitives.js +5 -1
  222. package/lib/vendor/blamejs/test/integration/mail-crypto-smime.test.js +18 -4
  223. package/lib/vendor/blamejs/test/layer-0-primitives/a2a-tasks.test.js +42 -0
  224. package/lib/vendor/blamejs/test/layer-0-primitives/agent-event-bus.test.js +36 -0
  225. package/lib/vendor/blamejs/test/layer-0-primitives/agent-idempotency.test.js +0 -0
  226. package/lib/vendor/blamejs/test/layer-0-primitives/agent-snapshot.test.js +47 -0
  227. package/lib/vendor/blamejs/test/layer-0-primitives/archive-gz.test.js +24 -0
  228. package/lib/vendor/blamejs/test/layer-0-primitives/archive-tar-hardening.test.js +160 -0
  229. package/lib/vendor/blamejs/test/layer-0-primitives/asn1-der.test.js +45 -0
  230. package/lib/vendor/blamejs/test/layer-0-primitives/atomic-file-fd-read.test.js +30 -0
  231. package/lib/vendor/blamejs/test/layer-0-primitives/atomic-file-open-nofollow.test.js +79 -0
  232. package/lib/vendor/blamejs/test/layer-0-primitives/atomic-file-write-excl.test.js +132 -0
  233. package/lib/vendor/blamejs/test/layer-0-primitives/atomic-file-write-stream.test.js +181 -0
  234. package/lib/vendor/blamejs/test/layer-0-primitives/audit-chain-corrupted-anchor.test.js +65 -0
  235. package/lib/vendor/blamejs/test/layer-0-primitives/audit-chain-incremental-verify.test.js +83 -0
  236. package/lib/vendor/blamejs/test/layer-0-primitives/audit-daily-review.test.js +48 -1
  237. package/lib/vendor/blamejs/test/layer-0-primitives/audit-signing-key-rotation.test.js +13 -3
  238. package/lib/vendor/blamejs/test/layer-0-primitives/audit-verifybundle-tamper.test.js +122 -0
  239. package/lib/vendor/blamejs/test/layer-0-primitives/auth-bot-challenge.test.js +37 -0
  240. package/lib/vendor/blamejs/test/layer-0-primitives/auth-jwt-defenses.test.js +5 -3
  241. package/lib/vendor/blamejs/test/layer-0-primitives/auth-lockout.test.js +21 -0
  242. package/lib/vendor/blamejs/test/layer-0-primitives/auth-status-list.test.js +73 -0
  243. package/lib/vendor/blamejs/test/layer-0-primitives/bot-guard.test.js +17 -0
  244. package/lib/vendor/blamejs/test/layer-0-primitives/break-glass.test.js +62 -3
  245. package/lib/vendor/blamejs/test/layer-0-primitives/clear-site-data.test.js +12 -0
  246. package/lib/vendor/blamejs/test/layer-0-primitives/cluster-storage.test.js +40 -0
  247. package/lib/vendor/blamejs/test/layer-0-primitives/codebase-patterns.test.js +146 -5
  248. package/lib/vendor/blamejs/test/layer-0-primitives/compliance-sanctions.test.js +14 -0
  249. package/lib/vendor/blamejs/test/layer-0-primitives/compression-range.test.js +115 -0
  250. package/lib/vendor/blamejs/test/layer-0-primitives/content-credentials.test.js +17 -5
  251. package/lib/vendor/blamejs/test/layer-0-primitives/cors.test.js +27 -5
  252. package/lib/vendor/blamejs/test/layer-0-primitives/crypto-field-per-row-key.test.js +83 -0
  253. package/lib/vendor/blamejs/test/layer-0-primitives/csrf-protect.test.js +58 -0
  254. package/lib/vendor/blamejs/test/layer-0-primitives/data-act.test.js +30 -0
  255. package/lib/vendor/blamejs/test/layer-0-primitives/db-raw-residency-gate.test.js +74 -0
  256. package/lib/vendor/blamejs/test/layer-0-primitives/dora.test.js +20 -6
  257. package/lib/vendor/blamejs/test/layer-0-primitives/dpop-alg-kty.test.js +64 -0
  258. package/lib/vendor/blamejs/test/layer-0-primitives/dsr.test.js +32 -0
  259. package/lib/vendor/blamejs/test/layer-0-primitives/fda-21cfr11.test.js +43 -0
  260. package/lib/vendor/blamejs/test/layer-0-primitives/fetch-metadata.test.js +30 -0
  261. package/lib/vendor/blamejs/test/layer-0-primitives/graphql-federation.test.js +33 -0
  262. package/lib/vendor/blamejs/test/layer-0-primitives/guard-html.test.js +34 -0
  263. package/lib/vendor/blamejs/test/layer-0-primitives/guard-json.test.js +12 -0
  264. package/lib/vendor/blamejs/test/layer-0-primitives/http-client-stream.test.js +72 -0
  265. package/lib/vendor/blamejs/test/layer-0-primitives/http-client-throttle-transform.test.js +88 -0
  266. package/lib/vendor/blamejs/test/layer-0-primitives/importmap-integrity.test.js +25 -0
  267. package/lib/vendor/blamejs/test/layer-0-primitives/legal-hold.test.js +28 -0
  268. package/lib/vendor/blamejs/test/layer-0-primitives/mail-crypto-smime.test.js +20 -0
  269. package/lib/vendor/blamejs/test/layer-0-primitives/mail-header-injection.test.js +58 -0
  270. package/lib/vendor/blamejs/test/layer-0-primitives/mail-journal.test.js +63 -9
  271. package/lib/vendor/blamejs/test/layer-0-primitives/mdoc.test.js +41 -14
  272. package/lib/vendor/blamejs/test/layer-0-primitives/network-allowlist.test.js +61 -0
  273. package/lib/vendor/blamejs/test/layer-0-primitives/object-store-range-header.test.js +51 -0
  274. package/lib/vendor/blamejs/test/layer-0-primitives/otlp-attr-redaction.test.js +35 -0
  275. package/lib/vendor/blamejs/test/layer-0-primitives/output-header-hardening.test.js +102 -0
  276. package/lib/vendor/blamejs/test/layer-0-primitives/parser-verify-hardening.test.js +191 -0
  277. package/lib/vendor/blamejs/test/layer-0-primitives/proto-shadow-allowlist.test.js +120 -0
  278. package/lib/vendor/blamejs/test/layer-0-primitives/rate-limit-xff-spoofing.test.js +75 -0
  279. package/lib/vendor/blamejs/test/layer-0-primitives/request-helpers.test.js +128 -0
  280. package/lib/vendor/blamejs/test/layer-0-primitives/restore-blob-remap.test.js +128 -0
  281. package/lib/vendor/blamejs/test/layer-0-primitives/retention-sweep-termination.test.js +104 -0
  282. package/lib/vendor/blamejs/test/layer-0-primitives/router-body-validation.test.js +98 -0
  283. package/lib/vendor/blamejs/test/layer-0-primitives/safe-json-stringify-for-script.test.js +43 -0
  284. package/lib/vendor/blamejs/test/layer-0-primitives/saml-subjectconfirmation-notonorafter.test.js +48 -5
  285. package/lib/vendor/blamejs/test/layer-0-primitives/sandbox.test.js +23 -0
  286. package/lib/vendor/blamejs/test/layer-0-primitives/sd-jwt-vc.test.js +54 -0
  287. package/lib/vendor/blamejs/test/layer-0-primitives/session-extensions.test.js +24 -0
  288. package/lib/vendor/blamejs/test/layer-0-primitives/static.test.js +42 -1
  289. package/lib/vendor/blamejs/test/layer-0-primitives/step-up.test.js +7 -0
  290. package/lib/vendor/blamejs/test/layer-0-primitives/template-escape-html.test.js +43 -0
  291. package/lib/vendor/blamejs/test/layer-0-primitives/tenant-quota.test.js +15 -0
  292. package/lib/vendor/blamejs/test/layer-0-primitives/vault-default-store.test.js +48 -0
  293. package/lib/vendor/blamejs/test/layer-0-primitives/vendor-currency-classify.test.js +77 -0
  294. package/lib/vendor/blamejs/test/layer-0-primitives/webhook.test.js +50 -0
  295. package/lib/vendor/blamejs/test/layer-0-primitives/ws-client.test.js +22 -0
  296. package/lib/vendor/blamejs/test/layer-0-primitives/x509-chain-ca-enforcement.test.js +149 -0
  297. package/lib/vendor/blamejs/test/layer-5-integration/external-db-residency.test.js +34 -0
  298. package/package.json +1 -1
@@ -91,7 +91,7 @@ function create(opts) {
91
91
  throw new GdprRopaError("gdpr-ropa/bad-id",
92
92
  "gdpr.ropa." + op + ": activity.id must be a non-empty string");
93
93
  }
94
- if (!VALID_LEGAL_BASES[activity.legalBasis]) {
94
+ if (!Object.prototype.hasOwnProperty.call(VALID_LEGAL_BASES, activity.legalBasis)) {
95
95
  throw new GdprRopaError("gdpr-ropa/bad-legal-basis",
96
96
  "gdpr.ropa." + op + ": activity.legalBasis must be one of " + Object.keys(VALID_LEGAL_BASES).join(", "));
97
97
  }
@@ -127,7 +127,7 @@ function create(opts) {
127
127
  registeredAt: existing.registeredAt,
128
128
  lastUpdatedAt: now(),
129
129
  });
130
- if (patch.legalBasis && !VALID_LEGAL_BASES[merged.legalBasis]) {
130
+ if (patch.legalBasis && !Object.prototype.hasOwnProperty.call(VALID_LEGAL_BASES, merged.legalBasis)) {
131
131
  throw new GdprRopaError("gdpr-ropa/bad-legal-basis",
132
132
  "gdpr.ropa.update: legalBasis must be one of " + Object.keys(VALID_LEGAL_BASES).join(", "));
133
133
  }
@@ -173,6 +173,21 @@ function create(opts) {
173
173
  activities: list(),
174
174
  };
175
175
  }
176
+ // Quote a CSV cell AND neutralize spreadsheet formula injection (CWE-1236):
177
+ // a value beginning with = + - @ TAB or CR is evaluated as a formula by
178
+ // Excel / Google Sheets when the export is opened, so a RoPA field like
179
+ // "=HYPERLINK(...)" or "=cmd|..." would execute. Prefix such a value with a
180
+ // single quote so the spreadsheet renders it as literal text; then RFC-4180
181
+ // quote (double internal quotes).
182
+ function _csvCell(v) {
183
+ var s = (v === undefined || v === null) ? ""
184
+ : (Array.isArray(v) ? JSON.stringify(v) : String(v));
185
+ var c0 = s.charCodeAt(0);
186
+ if (c0 === 0x3d || c0 === 0x2b || c0 === 0x2d || c0 === 0x40 || c0 === 0x09 || c0 === 0x0d) {
187
+ s = "'" + s;
188
+ }
189
+ return '"' + s.replace(/"/g, '""') + '"';
190
+ }
176
191
  function _exportCsv() {
177
192
  var headers = [
178
193
  "id", "name", "purposes", "legalBasis", "dataCategories",
@@ -183,13 +198,7 @@ function create(opts) {
183
198
  var entries = list();
184
199
  for (var i = 0; i < entries.length; i++) {
185
200
  var e = entries[i];
186
- var row = headers.map(function (h) {
187
- var v = e[h];
188
- if (v === undefined || v === null) return "";
189
- if (Array.isArray(v)) return JSON.stringify(v).replace(/"/g, "\"\"");
190
- return String(v).replace(/"/g, "\"\"");
191
- });
192
- rows.push(row.map(function (c) { return '"' + c + '"'; }).join(","));
201
+ rows.push(headers.map(function (h) { return _csvCell(e[h]); }).join(","));
193
202
  }
194
203
  return rows.join("\n");
195
204
  }
@@ -35,7 +35,13 @@ var ROUTER_TOKEN_MIN_LEN = 32;
35
35
  var NONCE_MIN_LEN = 16; // string-length floor for nonce entropy, not bytes
36
36
  var NONCE_MAX_LEN = 256; // string-length cap, not bytes
37
37
  var NONCE_PREVIEW_LEN = 8; // log-preview slice length, not bytes
38
- var SDL_PROBE_RE = /(^|[\s,{])_service\b|_entities\b/;
38
+ // Word-boundary anchored on BOTH probes. A prefix char-class ([\s,{]) on
39
+ // `_service` was bypassable by an alias with no leading space — `query{x:_service{sdl}}`
40
+ // has `:` before `_service`, which is not in the class, so the SDL trust gate
41
+ // was skipped and the subgraph leaked its full SDL. `\b` already prevents
42
+ // matching substrings like `my_service` (no boundary between `y` and `_`), so
43
+ // the prefix class only added the bypass.
44
+ var SDL_PROBE_RE = /\b_service\b|\b_entities\b/;
39
45
 
40
46
  /**
41
47
  * @primitive b.graphqlFederation.queryProbesSdl
@@ -173,14 +179,21 @@ function guardSdl(opts) {
173
179
  return function graphqlFedGuard(req, res, next) {
174
180
  Promise.resolve().then(function () {
175
181
  return _readBody(req, errorClass).then(function (rawBody) {
176
- var query = null;
182
+ var probesSdl = false;
177
183
  try {
178
184
  var parsed = typeof rawBody === "string" ? safeJson.parse(rawBody, { maxBytes: C.BYTES.mib(1) }) : rawBody; // routed via safeJson.parse
179
- query = parsed && typeof parsed === "object" ? parsed.query : null;
185
+ // A GraphQL HTTP batch is a JSON ARRAY of operations; probe EVERY
186
+ // element's query, not just `parsed.query` (which is undefined for an
187
+ // array → the SDL gate was skipped and a batched `_service{sdl}`
188
+ // operation leaked the SDL on batching-enabled subgraphs).
189
+ var candidates = Array.isArray(parsed)
190
+ ? parsed.map(function (o) { return o && typeof o === "object" ? o.query : null; })
191
+ : [parsed && typeof parsed === "object" ? parsed.query : null];
192
+ probesSdl = candidates.some(queryProbesSdl);
180
193
  } catch (_e) { /* not JSON; pass through */ }
181
194
  if (req.body === undefined) req.body = rawBody;
182
195
 
183
- if (!queryProbesSdl(query)) {
196
+ if (!probesSdl) {
184
197
  if (typeof next === "function") next();
185
198
  return;
186
199
  }
@@ -128,12 +128,12 @@ function _verifyParity() {
128
128
  failures.push(g.NAME + ": missing gate(opts) function");
129
129
  }
130
130
  SHARED_PROFILES.forEach(function (p) {
131
- if (!g.PROFILES || !g.PROFILES[p]) {
131
+ if (!g.PROFILES || !Object.prototype.hasOwnProperty.call(g.PROFILES, p)) {
132
132
  failures.push(g.NAME + ": does not declare shared profile " + JSON.stringify(p));
133
133
  }
134
134
  });
135
135
  SHARED_POSTURES.forEach(function (p) {
136
- if (!g.COMPLIANCE_POSTURES || !g.COMPLIANCE_POSTURES[p]) {
136
+ if (!g.COMPLIANCE_POSTURES || !Object.prototype.hasOwnProperty.call(g.COMPLIANCE_POSTURES, p)) {
137
137
  failures.push(g.NAME + ": does not declare shared compliance posture " + JSON.stringify(p));
138
138
  }
139
139
  });
@@ -210,7 +210,7 @@ function parse(deliveryStatusBody, opts) {
210
210
  "parse: per-recipient block missing Action (RFC 3464 §2.3.3)");
211
211
  }
212
212
  var action = fields["action"].toLowerCase();
213
- if (!KNOWN_ACTIONS[action]) {
213
+ if (!Object.prototype.hasOwnProperty.call(KNOWN_ACTIONS, action)) {
214
214
  throw new GuardDsnError("guard-dsn/bad-action",
215
215
  "parse: Action '" + action + "' not in RFC 3464 §2.3.3 vocabulary");
216
216
  }
@@ -148,7 +148,7 @@ var COMPLIANCE_POSTURES = gateContract.ALL_STRICT_POSTURES;
148
148
  function check(ctx, opts) {
149
149
  opts = opts || {};
150
150
  var profile = gateContract.resolveProfileName(opts, COMPLIANCE_POSTURES, DEFAULT_PROFILE);
151
- if (!PROFILES[profile]) {
151
+ if (!Object.prototype.hasOwnProperty.call(PROFILES, profile)) {
152
152
  throw new GuardEnvelopeError("guard-envelope/bad-profile",
153
153
  "check: unknown profile '" + profile + "'");
154
154
  }
@@ -107,7 +107,6 @@ var observability = lazyRequire(function () { return require("./observability");
107
107
  void observability;
108
108
 
109
109
  var _err = GuardHtmlError.factory;
110
- var HEX_RADIX = 16; // base-16 radix, not byte size
111
110
 
112
111
  // ---- Codepoint catalog (shared via lib/codepoint-class) ----
113
112
 
@@ -390,14 +389,11 @@ var NAMED_ENTITY_ASCII = {
390
389
  // scheme. Returns "" if no scheme.
391
390
  function _extractScheme(rawUrl) {
392
391
  var s = String(rawUrl || "").trim();
393
- // Decode HTML numeric entities just enough to expose hidden schemes
394
- // like &#x6A;avascript:... or &#106;avascript:...
395
- s = s.replace(/&#x([0-9a-f]+);/gi, function (_m, h) {
396
- return String.fromCharCode(parseInt(h, HEX_RADIX));
397
- });
398
- s = s.replace(/&#(\d+);/g, function (_m, d) {
399
- return String.fromCharCode(parseInt(d, 10));
400
- });
392
+ // Decode HTML numeric entities (hex &#x..; and decimal &#..;, semicolon
393
+ // OPTIONAL) just enough to expose hidden schemes like &#x6A;avascript: or
394
+ // the browser-decoded no-semicolon form &#106avascript:. Shared decoder so
395
+ // guard-html / guard-svg / guard-markdown can't drift (see codepoint-class).
396
+ s = codepointClass.decodeNumericEntities(s);
401
397
  // Decode HTML5 named entities that browsers honor inside URL
402
398
  // contexts. Without this, payloads like `java&Tab;script:alert(1)`
403
399
  // bypass the scheme allowlist (the literal `&Tab;` between `java`
@@ -482,9 +478,11 @@ function _tokenize(input, maxBytes) {
482
478
 
483
479
  // Comment / CDATA / doctype
484
480
  if (s.startsWith("<!--", lt)) {
485
- var endC = s.indexOf("-->", lt + 4);
481
+ // WHATWG comment end (covers "--!>" + abrupt "<!-->" / "<!--->"), not
482
+ // only "-->", so a smuggled element after an early terminator is split
483
+ // out as a live token instead of hidden inside the comment (mXSS).
484
+ var endC = markupTokenizer.htmlCommentEnd(s, lt);
486
485
  if (endC === -1) endC = len;
487
- else endC += 3;
488
486
  tokens.push({ type: "comment", raw: s.slice(lt, endC), start: lt, end: endC });
489
487
  pos = endC; continue;
490
488
  }
@@ -242,7 +242,7 @@ function validate(line, opts) {
242
242
  var verb = (verbSpace === -1 ? rest : rest.slice(0, verbSpace)).toUpperCase();
243
243
  var args = verbSpace === -1 ? "" : rest.slice(verbSpace + 1);
244
244
 
245
- if (!KNOWN_VERBS[verb]) {
245
+ if (!Object.prototype.hasOwnProperty.call(KNOWN_VERBS, verb)) {
246
246
  throw new GuardImapCommandError("guard-imap-command/unknown-verb",
247
247
  "guardImapCommand.validate: unknown verb '" + verb + "'");
248
248
  }
@@ -196,7 +196,7 @@ function validate(rawBody, opts) {
196
196
  throw new GuardJmapError("urn:ietf:params:jmap:error:invalidArguments",
197
197
  "guardJmap.validate: `using[" + ui + "]` must be a string capability URI");
198
198
  }
199
- if (!CORE_CAPABILITIES[cap] && !serverCaps[cap]) {
199
+ if (!Object.prototype.hasOwnProperty.call(CORE_CAPABILITIES, cap) && !serverCaps[cap]) {
200
200
  throw new GuardJmapError("urn:ietf:params:jmap:error:unknownCapability",
201
201
  "guardJmap.validate: capability '" + cap + "' not advertised by this server");
202
202
  }
@@ -76,6 +76,7 @@ var pick = require("./pick");
76
76
  var gateContract = require("./gate-contract");
77
77
  var C = require("./constants");
78
78
  var safeJson = require("./safe-json");
79
+ var safeBuffer = require("./safe-buffer");
79
80
  var { GuardJsonError } = require("./framework-error");
80
81
 
81
82
  var observability = lazyRequire(function () { return require("./observability"); });
@@ -229,12 +230,19 @@ function _scanTree(value, opts, ctx) {
229
230
  return ctx;
230
231
  }
231
232
  if (value === null || typeof value !== "object") {
232
- if (typeof value === "string" && value.length > opts.maxStringLength) {
233
- ctx.stringTooLongHits.push({
234
- kind: "string-too-long",
235
- snippet: "string length " + value.length +
236
- " exceeds maxStringLength " + opts.maxStringLength,
237
- });
233
+ // maxStringLength is a BYTE cap (profiles set it via C.BYTES.*). Measure
234
+ // UTF-8 byte length, not value.length (UTF-16 code units) — otherwise a
235
+ // multibyte string (emoji / CJK / accented) under-enforces the cap by up
236
+ // to ~3x and the snippet mislabels the count.
237
+ if (typeof value === "string") {
238
+ var strBytes = safeBuffer.byteLengthOf(value);
239
+ if (strBytes > opts.maxStringLength) {
240
+ ctx.stringTooLongHits.push({
241
+ kind: "string-too-long",
242
+ snippet: "string byte length " + strBytes +
243
+ " exceeds maxStringLength " + opts.maxStringLength + " bytes",
244
+ });
245
+ }
238
246
  }
239
247
  return ctx;
240
248
  }
@@ -123,7 +123,7 @@ function validate(move, opts) {
123
123
 
124
124
  // System-folder allowlist OR admin scope OR allowed-folders.
125
125
  var dest = move.toFolder;
126
- if (SYSTEM_FOLDERS[dest]) return move;
126
+ if (Object.prototype.hasOwnProperty.call(SYSTEM_FOLDERS, dest)) return move;
127
127
  var isAdmin = move.actor.mailScope === "admin";
128
128
  if (isAdmin) return move;
129
129
  var allowed = Array.isArray(move.actor.allowedFolders) ? move.actor.allowedFolders : null;
@@ -249,7 +249,7 @@ function validate(line, opts) {
249
249
  var verb = (firstSpace === -1 ? line : line.slice(0, firstSpace)).toUpperCase();
250
250
  var rest = firstSpace === -1 ? "" : line.slice(firstSpace + 1);
251
251
 
252
- if (!KNOWN_VERBS[verb]) {
252
+ if (!Object.prototype.hasOwnProperty.call(KNOWN_VERBS, verb)) {
253
253
  throw new GuardManageSieveCommandError("guard-managesieve-command/unknown-verb",
254
254
  "guardManageSieveCommand.validate: unknown verb '" + verb + "' (RFC 5804 §2)");
255
255
  }
@@ -183,7 +183,7 @@ function validate(line, opts) {
183
183
  var verb = (firstSpace === -1 ? line : line.slice(0, firstSpace)).toUpperCase();
184
184
  var rest = firstSpace === -1 ? "" : line.slice(firstSpace + 1);
185
185
 
186
- if (!KNOWN_VERBS[verb]) {
186
+ if (!Object.prototype.hasOwnProperty.call(KNOWN_VERBS, verb)) {
187
187
  throw new GuardPop3CommandError("guard-pop3-command/unknown-verb",
188
188
  "guardPop3Command.validate: unknown verb '" + verb + "' (RFC 1939 §6)");
189
189
  }
@@ -210,7 +210,7 @@ function validate(line, opts) {
210
210
  var verb = (firstSpace === -1 ? line : line.slice(0, firstSpace)).toUpperCase();
211
211
  var rest = firstSpace === -1 ? "" : line.slice(firstSpace + 1);
212
212
 
213
- if (!KNOWN_VERBS[verb]) {
213
+ if (!Object.prototype.hasOwnProperty.call(KNOWN_VERBS, verb)) {
214
214
  throw new GuardSmtpCommandError("guard-smtp-command/unknown-verb",
215
215
  "guardSmtpCommand.validate: unknown verb '" + verb + "' (RFC 5321 §3)");
216
216
  }
@@ -119,7 +119,6 @@ var observability = lazyRequire(function () { return require("./observability");
119
119
  void observability;
120
120
 
121
121
  var _err = GuardSvgError.factory;
122
- var HEX_RADIX = 16; // base-16 radix, not byte size
123
122
 
124
123
  // ---- Codepoint catalog (shared via lib/codepoint-class) ----
125
124
 
@@ -329,12 +328,9 @@ var SVG_NAMED_ENTITY_ASCII = {
329
328
 
330
329
  function _extractScheme(rawUrl) {
331
330
  var s = String(rawUrl || "").trim();
332
- s = s.replace(/&#x([0-9a-f]+);/gi, function (_m, h) {
333
- return String.fromCharCode(parseInt(h, HEX_RADIX));
334
- });
335
- s = s.replace(/&#(\d+);/g, function (_m, d) {
336
- return String.fromCharCode(parseInt(d, 10));
337
- });
331
+ // Numeric entities (hex/decimal, semicolon OPTIONAL) via the shared decoder
332
+ // so guard-html / guard-svg / guard-markdown can't drift (see codepoint-class).
333
+ s = codepointClass.decodeNumericEntities(s);
338
334
  s = s.replace(/&([A-Za-z][A-Za-z0-9]+);/g, function (m, name) {
339
335
  if (Object.prototype.hasOwnProperty.call(SVG_NAMED_ENTITY_ASCII, name)) {
340
336
  return SVG_NAMED_ENTITY_ASCII[name];
@@ -401,8 +397,11 @@ function _tokenize(input, maxBytes) {
401
397
  }
402
398
 
403
399
  if (s.startsWith("<!--", lt)) {
404
- var endC = s.indexOf("-->", lt + 4);
405
- if (endC === -1) endC = len; else endC += 3;
400
+ // WHATWG comment end ("--!>" + abrupt "<!-->" / "<!--->"), not only
401
+ // "-->", so the comment boundary matches a browser parsing inline SVG
402
+ // and no element is smuggled past the sanitizer (mXSS differential).
403
+ var endC = markupTokenizer.htmlCommentEnd(s, lt);
404
+ if (endC === -1) endC = len;
406
405
  tokens.push({ type: "comment", raw: s.slice(lt, endC), start: lt, end: endC });
407
406
  pos = endC; continue;
408
407
  }
@@ -110,7 +110,10 @@ function check(html) {
110
110
  html.charCodeAt(i + 1) === 0x21 /* ! */ &&
111
111
  html.charCodeAt(i + 2) === 0x2D &&
112
112
  html.charCodeAt(i + 3) === 0x2D) {
113
- var endComment = html.indexOf("-->", i + 4);
113
+ // WHATWG comment end ("--!>" + abrupt "<!-->" / "<!--->"), not only
114
+ // "-->", so the structural scan agrees with a browser on where the
115
+ // comment ends (the comment-parser differential).
116
+ var endComment = markupTokenizer.htmlCommentEnd(html, i);
114
117
  if (endComment === -1) {
115
118
  var pos = _posToLineColumn(html, i);
116
119
  return {
@@ -121,7 +124,7 @@ function check(html) {
121
124
  column: pos.column,
122
125
  };
123
126
  }
124
- i = endComment + 3;
127
+ i = endComment;
125
128
  continue;
126
129
  }
127
130
 
@@ -218,7 +221,7 @@ function check(html) {
218
221
  // Open tag (or self-closing).
219
222
  if (selfClose || VOID_TAGS[tag]) {
220
223
  // No push.
221
- } else if (RAW_TEXT_TAGS[tag]) {
224
+ } else if (Object.prototype.hasOwnProperty.call(RAW_TEXT_TAGS, tag)) {
222
225
  // Skip raw-text content AND its closing tag entirely. Inside
223
226
  // <script>/<style>/<textarea>/<title> the `<` characters are
224
227
  // text, not markup — re-entering the tag scanner on
@@ -294,6 +297,7 @@ function check(html) {
294
297
  // distinguish a structural problem from a content-safety reject.
295
298
  var lazyRequire = require("./lazy-require");
296
299
  var _guardHtml = lazyRequire(function () { return require("./guard-html"); });
300
+ var markupTokenizer = require("./markup-tokenizer");
297
301
 
298
302
  /**
299
303
  * @primitive b.htmlBalance.checkSafe
@@ -60,9 +60,9 @@
60
60
  * }
61
61
  */
62
62
 
63
- var nodeFs = require("node:fs");
64
63
  var nodePath = require("node:path");
65
64
  var C = require("./constants");
65
+ var atomicFile = require("./atomic-file");
66
66
  var numericBounds = require("./numeric-bounds");
67
67
  var safeAsync = require("./safe-async");
68
68
  var safeJson = require("./safe-json");
@@ -439,7 +439,10 @@ function create(opts) {
439
439
  var rows = getAll();
440
440
  var serialized = JSON.stringify(rows);
441
441
  var blob = vault ? vault.seal(serialized) : serialized;
442
- nodeFs.writeFileSync(filePath, blob);
442
+ // Atomic, symlink-refusing write: a bare writeFileSync follows a symlink
443
+ // planted at filePath (CWE-59) and can leave a torn jar if the process
444
+ // dies mid-write. writeSync stages into a no-follow exclusive temp + renames.
445
+ atomicFile.writeSync(filePath, blob, { fileMode: 0o600 });
443
446
  }
444
447
  var flushScheduler = safeAsync.makeScheduledFlush(flushDebounceMs, function () {
445
448
  if (!filePath) return;
@@ -475,18 +478,36 @@ function create(opts) {
475
478
  // Persist file may be operator-tampered (or vault-sealed) — route through
476
479
  // safeJson with an explicit byte cap so a maliciously-large file can't
477
480
  // OOM the process before the parse fails.
478
- if (filePath && nodeFs.existsSync(filePath)) {
481
+ if (filePath) {
482
+ // Capped fd-bound read (no existsSync check-then-read window): the cap now
483
+ // precedes the file allocation so a maliciously-large persist file can't OOM
484
+ // the process before parse. refuseSymlink+inodeCheck: the jar file is
485
+ // operator-local + may hold a vault-sealed (secret) blob, and is never a
486
+ // k8s-style projected-secret mount. A MISSING file is the normal first run.
487
+ var raw = null;
479
488
  try {
480
- var raw = nodeFs.readFileSync(filePath, "utf8");
481
- var serialized = vault ? vault.unseal(raw) : raw;
482
- if (serialized && serialized.length > 0) {
483
- var rows = safeJson.parse(serialized, { maxBytes: C.BYTES.mib(16) });
484
- setFromSerialized(rows);
485
- }
489
+ raw = atomicFile.fdSafeReadSync(filePath, {
490
+ maxBytes: C.BYTES.mib(16), encoding: "utf8", refuseSymlink: true, inodeCheck: true,
491
+ });
486
492
  } catch (e) {
487
- throw _err("LOAD_FAILED",
488
- "cookieJar.create: failed to load persist file '" + filePath + "': " +
489
- (e.message || String(e)));
493
+ if (e && e.code === "ENOENT") { raw = null; } // first run — no persist file yet
494
+ else {
495
+ throw _err("LOAD_FAILED",
496
+ "cookieJar.create: failed to load persist file '" + filePath + "': " +
497
+ (e.message || String(e)));
498
+ }
499
+ }
500
+ if (raw !== null) {
501
+ try {
502
+ var serialized = vault ? vault.unseal(raw) : raw;
503
+ if (serialized && serialized.length > 0) {
504
+ setFromSerialized(safeJson.parse(serialized, { maxBytes: C.BYTES.mib(16) }));
505
+ }
506
+ } catch (e) {
507
+ throw _err("LOAD_FAILED",
508
+ "cookieJar.create: failed to load persist file '" + filePath + "': " +
509
+ (e.message || String(e)));
510
+ }
490
511
  }
491
512
  }
492
513