@blamejs/core 0.13.2 → 0.13.4

package/CHANGELOG.md

@@ -8,6 +8,10 @@ upgrading across more than a few patches at a time.
 
 ## v0.13.x
 
+- v0.13.4 (2026-05-26) — **`b.crdt` — conflict-free replicated data types.** b.crdt adds state-based Conflict-free Replicated Data Types: data structures that independent replicas update without coordination and still converge to the same value once they have exchanged state. Each type's merge is a join over a semilattice — commutative, associative, and idempotent — so replicas can merge in any order, any number of times, and agree, which makes these the substrate for active/active cluster state, offline-first clients that reconcile on reconnect, and eventually-consistent counters, sets, and maps. The release ships the full state-based family: grow-only and positive-negative counters (gCounter / pnCounter), grow-only, two-phase, and observed-remove sets (gSet / twoPSet / orSet), a last-write-wins register (lwwRegister), and an observed-remove map (orMap). Every type exposes the same contract — local mutators, merge(other) that returns a converged instance without mutating either operand, value() for the materialized value, and state() / fromState() for a JSON-serializable form to snapshot via b.archive or b.backup or ship to a peer — and carries a replicaId so per-replica contributions stay distinct. **Added:** *`b.crdt` — state-based CvRDT counters, sets, register, and map* — `b.crdt.gCounter` / `pnCounter` (grow-only and increment/decrement counters), `b.crdt.gSet` / `twoPSet` / `orSet` (grow-only, two-phase, and observed-remove sets — `orSet` supports re-add and resolves a concurrent add-vs-remove as add-wins), `b.crdt.lwwRegister` (last-write-wins with a deterministic replicaId tie-break), and `b.crdt.orMap` (observed-remove keys with last-write-wins values). Each exposes `merge` / `value` / `state` / `fromState` and converges by the CvRDT laws. `orSet` and `orMap` accept `tombstoneRetention` to bound tombstone memory against a remove flood.
+
+- v0.13.3 (2026-05-26) — **`b.crypto.xwing` — X-Wing hybrid post-quantum KEM.** b.crypto.xwing adds the X-Wing hybrid key-encapsulation mechanism (draft-connolly-cfrg-xwing-kem): it runs ML-KEM-768 and X25519 side by side and binds their shared secrets with SHA3-256, so an encapsulated key stays secure as long as either ML-KEM-768 or X25519 holds. That is the conservative shape for moving off classical ECDH today — a harvest-now-decrypt-later attacker must break the lattice KEM, and a hypothetical ML-KEM break still leaves X25519 standing. keygen() produces a 32-byte decapsulation seed and a 1216-byte public key; encapsulate(publicKey) returns a 1120-byte ciphertext and a 32-byte shared secret; decapsulate(secretKey, ciphertext) recovers it. The X-Wing combiner is frozen, but its specification is still an IETF Internet-Draft, so this primitive is marked experimental and sits beside the existing pre-RFC post-quantum HPKE drafts; it composes the framework's vendored ML-KEM-768 and X25519 with SHA3 and adds no new cryptographic core. The combiner is known-answer-tested byte-for-byte against the draft's definition. **Added:** *`b.crypto.xwing` — X-Wing hybrid PQ/T KEM (experimental)* — `keygen(seed?)` → `{ publicKey (1216 B), secretKey (32-byte seed) }`; `encapsulate(publicKey, eseed?)` → `{ ciphertext (1120 B), sharedSecret (32 B) }`; `decapsulate(secretKey, ciphertext)` → the 32-byte shared secret. Both `keygen` and `encapsulate` accept an optional seed for deterministic operation. The combiner — `SHA3-256(ssMLKEM ‖ ssX25519 ‖ ctX25519 ‖ pkX25519 ‖ label)` — is exposed as `combiner` for advanced use. Marked `experimental` while draft-connolly-cfrg-xwing-kem remains an Internet-Draft; the algorithm itself is frozen.
+
 - v0.13.2 (2026-05-26) — **`b.iabTcf.encode` — write TCF consent strings, and a TC-string timestamp fix.** b.iabTcf gains the encode half of its consent-string codec: b.iabTcf.encode(obj) serialises a parsed object back into an IAB TCF v2 TC string, and b.iabTcf.isValid(tcString) is a total never-throwing validity check. Vendor and purpose collections may be Sets, id arrays, or the parsed sections parseString returns; vendor sections are written with whichever of the bit-field and range forms is smaller, matching the reference CMP encoders, so a parsed string round-trips to an equivalent signal. parseString now fully decodes the Core publisher-restrictions list and the PublisherTC segment's publisher and custom purposes, where it previously reported only the segment's presence. The encoder is verified against the worked-example string in the IAB Tech Lab consent-string specification: it re-encodes that string's Core segment byte-for-byte. This release also fixes a TC-string parsing bug — the bit reader accumulated values with a 32-bit shift, so the 36-bit Created and LastUpdated timestamp fields were silently truncated for any real date; they now decode and round-trip exactly. **Added:** *`b.iabTcf.encode` / `b.iabTcf.isValid`* — `encode(obj)` serialises a TCF object (the shape `parseString` returns) into a TC string — Core plus optional DisclosedVendors, AllowedVendors, and PublisherTC segments — choosing the smaller of the bit-field and range vendor encodings. `isValid(tcString)` returns whether a string parses as a well-formed Core segment without throwing. `parseString` now fully decodes Core publisher restrictions and the PublisherTC purposes that were previously reported only as present. **Fixed:** *TC-string 36-bit timestamps were truncated on parse* — `b.iabTcf.parseString` read multi-bit fields with a 32-bit left-shift accumulation. The 36-bit Created and LastUpdated fields hold deciseconds-since-epoch, which exceeds 2^31 for any date after 1976, so those timestamps were silently corrupted. The reader now accumulates without the 32-bit truncation; timestamps decode correctly and round-trip through `encode`.
 
 - v0.13.1 (2026-05-26) — **`b.worm` — write-once-read-many retention.** Store records that cannot be altered or deleted before a retention period elapses — the immutable-storage discipline regulators require (SEC 17a-4(f), CFTC 1.31, FINRA 4511). b.worm.create(opts) returns a WORM store that enforces, on every mutating call, that a record is not overwritten or deleted while it is within its retainUntil window or under a legal hold. Two modes mirror cloud Object-Lock: compliance (the default — no one, including the operator, can delete before expiry) and governance (a privileged caller may override with an audited reason). Retention can only be extended, never shortened; every record carries a SHA3-512 digest that get verifies, so tampering with the underlying bytes is detected on read; every allow/refuse decision is audited. Storage is pluggable via a synchronous store adapter, so the policy layer sits over a sealed DB table, a filesystem, or any non-S3 backend — the store-agnostic, application-level companion to b.objectStore's S3 Object Lock, with content-integrity verification that native Object Lock does not provide. **Added:** *`b.worm.create` — write-once-read-many retention* — Returns a store with `put` / `get` / `delete` / `extendRetention` / `placeLegalHold` / `releaseLegalHold` / `list`. `put` is write-once (an overwrite of a retained or held record is refused); `delete` is gated by the retention window, legal holds, and the mode (`compliance` refuses any early delete; `governance` allows a privileged override with a required, audited reason); `extendRetention` is extend-only; `get` verifies the stored SHA3-512 digest and throws `worm/tampered` on a mismatch. Storage is a pluggable synchronous adapter (`get` / `set` / `delete` / `has` / `keys`), defaulting to in-memory for tests. Use it for SEC 17a-4 / CFTC / FINRA immutable records on backends without native Object Lock; `b.objectStore` remains the path for S3 Object Lock.

package/README.md

@@ -101,6 +101,7 @@ The framework bundles the surface a typical Node app reaches for. Every primitiv
 - **AAD-bound sealed columns** — AEAD tag tied to `(table, rowId, column, schemaVersion)`; copy-paste between rows or schema-version replay surfaces as refused decrypt (`b.vault.aad`)
 - **Signed webhooks + API encryption** — SLH-DSA-SHAKE-256f default; ML-DSA-65 opt-in; ECIES API encryption (`b.webhook`, `b.crypto`)
 - **HPKE / HTTP signatures** — RFC 9180 HPKE with ML-KEM-1024 + HKDF-SHA3-512 + ChaCha20-Poly1305 (`b.crypto.hpke`); RFC 9421 HTTP Message Signatures with derived components and ed25519 / ML-DSA-65 (`b.crypto.httpSig`); RFC 9530 Content-Digest / Repr-Digest body-integrity fields (SHA-256 / SHA-512, legacy algorithms refused — `b.contentDigest`) to sign the digest rather than the whole body
+- **X-Wing hybrid KEM** — `b.crypto.xwing` (draft-connolly-cfrg-xwing-kem, experimental): ML-KEM-768 + X25519 bound by SHA3-256, secure if either component holds — the conservative key-encapsulation shape for migrating off classical ECDH. `keygen` / `encapsulate` / `decapsulate` with a 1216-byte public key, 1120-byte ciphertext, and 32-byte shared secret
 - **Link header** — RFC 8288 Web Linking codec (`b.linkHeader.parse` / `serialize`): parse and build `Link: <uri>; rel="next"` relations, the standard REST pagination mechanism; quote-aware (a comma inside a quoted parameter never splits the list)
 - **URI Templates** — RFC 6570 expansion (`b.uriTemplate.expand` / `compile`): full Level 4 — every operator, the `:N` prefix and `*` explode modifiers — turning `{/path}{?q*}` plus variables into a concrete URI; validated against the official uritemplate-test suite. The `{var}` syntax behind OpenAPI links and HAL `_links`
 - **JSON Type Definition** — RFC 8927 validation (`b.jtd.validate` / `isValid`): portable, cross-implementation schema validation (all eight forms — type / enum / elements / properties / values / discriminator / ref / empty), returning instancePath / schemaPath errors; validated against the official 316-case suite. Interop companion to the fluent `b.safeSchema` builder
@@ -231,6 +232,7 @@ The framework bundles the surface a typical Node app reaches for. Every primitiv
 ### Production
 
 - **Cluster + scheduling** — cluster leader election with fenced leases over Postgres/SQLite (`b.cluster`); cron + interval scheduler that runs exactly-once globally (`b.scheduler`)
+- **CRDTs** — state-based conflict-free replicated data types (`b.crdt`): grow-only / PN counters, grow-only / two-phase / observed-remove sets, a last-write-wins register, and an observed-remove map; each `merge` is commutative / associative / idempotent so replicas converge with no coordination — the substrate for active/active and offline-first state, with `state()` / `fromState()` for snapshot via `b.archive` / `b.backup`
 - **Reliability** — retry with full-jitter backoff + circuit breaker (`b.retry`); graceful shutdown (`b.appShutdown`); NTP boot check (`b.ntpCheck`)
 - **Transactional integration** — outbox + dedupe-on-receive inbox; exactly-once semantics across Postgres / SQLite (`b.outbox`, `b.inbox`); Debezium-shape change-event envelope on the outbox (`b.outbox.create({ envelope: "debezium" })`)
 - **Backup + restore** — end-to-end-encrypted bundles with pre-flush fail-closed mode + ML-DSA-87 signed manifests + scheduled backup-restore drills (`b.backup`, `b.backup.scheduleTest`, `b.backupBundle.verifyManifestSignature`); restore with pulled-bundle footprint preflight (`b.restore`); disaster-recovery runbook generator (HIPAA / PCI-DSS / GDPR / SOC 2 / DORA postures) (`b.drRunbook`)

package/index.js

@@ -58,6 +58,7 @@ var crypto = require("./lib/crypto");
 // the dedicated lib files; these are thin aliases.
 crypto.hpke = require("./lib/crypto-hpke");
 crypto.oprf = require("./lib/crypto-oprf");
+crypto.xwing = require("./lib/crypto-xwing");
 // Both PQ-HPKE drafts behind one opt-in sub-namespace — see
 // lib/crypto-hpke-pq.js. Operators that need a draft-codepoint
 // shape reach for b.crypto.hpke.pq.connolly / .wg explicitly; the
@@ -373,6 +374,7 @@ var dualControl = require("./lib/dual-control");
 var retention = require("./lib/retention");
 var legalHold = require("./lib/legal-hold");
 var worm = require("./lib/worm");
+var crdt = require("./lib/crdt");
 var network = require("./lib/network");
 var cloudEvents = require("./lib/cloud-events");
 var dsr = require("./lib/dsr");
@@ -712,6 +714,7 @@ module.exports = {
   retention:        retention,
   legalHold:        legalHold,
   worm:             worm,
+  crdt:             crdt,
   network:          network,
   cloudEvents:      cloudEvents,
   dsr:              dsr,

package/lib/crdt.js

@@ -0,0 +1,453 @@
+"use strict";
+/**
+ * @module b.crdt
+ * @nav    Data
+ * @title  CRDTs
+ *
+ * @intro
+ *   Conflict-free Replicated Data Types — data structures that several
+ *   replicas can update independently, with no coordination, and still
+ *   converge to the same value once they have all seen each other's state.
+ *   These are the state-based CvRDTs: each type's <code>merge</code> is a
+ *   join over a semilattice, so it is commutative, associative, and
+ *   idempotent — replicas can merge in any order, any number of times, and
+ *   land on the same result. That makes them the substrate for eventually-
+ *   consistent state across an active/active cluster, offline-first clients
+ *   that reconcile on reconnect, or any "last writer need not win, but
+ *   everyone agrees" counter / set / register / map.
+ *
+ *   Every type exposes the same contract: local mutators (e.g.
+ *   <code>inc</code>, <code>add</code>, <code>set</code>),
+ *   <code>merge(other)</code> which returns a new converged instance without
+ *   mutating either operand, <code>value()</code> for the materialized value,
+ *   and <code>state()</code> / <code>fromState()</code> for a JSON-
+ *   serializable form to snapshot (via <code>b.archive</code> /
+ *   <code>b.backup</code>) or ship to a peer. Each replica carries a
+ *   <code>replicaId</code> so per-replica contributions stay distinct.
+ *
+ *   This release covers the state-based family — grow-only and PN counters,
+ *   grow-only / two-phase / observed-remove sets, a last-write-wins register,
+ *   and an observed-remove map. Operation-based sequence CRDTs (RGA), delta-
+ *   state mutators, and a live event-bus replicator are not included; the
+ *   state-based types merge correctly without a causal channel, which is the
+ *   whole point.
+ *
+ * @card
+ *   Conflict-free Replicated Data Types (`b.crdt`) — state-based CvRDT
+ *   counters, sets, a last-write-wins register, and an observed-remove map
+ *   whose `merge` is commutative, associative, and idempotent, so replicas
+ *   converge with no coordination.
+ */
+
+var bCrypto = require("./crypto");
+var safeJson = require("./safe-json");
+var { defineClass } = require("./framework-error");
+
+var CrdtError = defineClass("CrdtError", { alwaysPermanent: true });
+
+function _replicaId(opts) {
+  var id = opts && opts.replicaId;
+  if (id == null) return bCrypto.generateToken(8);   // allow:raw-byte-literal — random replica-id token length
+  if (typeof id !== "string" || id.length === 0) throw new CrdtError("crdt/bad-replica-id", "crdt: replicaId must be a non-empty string");
+  return id;
+}
+function _posInt(n, label) {
+  if (typeof n !== "number" || !isFinite(n) || n < 0 || Math.floor(n) !== n) throw new CrdtError("crdt/bad-value", "crdt: " + label + " must be a non-negative integer");
+  return n;
+}
+function _maxMerge(a, b) {
+  var out = {};
+  var k;
+  for (k in a) if (Object.prototype.hasOwnProperty.call(a, k)) out[k] = a[k];
+  for (k in b) if (Object.prototype.hasOwnProperty.call(b, k)) out[k] = (out[k] === undefined || b[k] > out[k]) ? b[k] : out[k];
+  return out;
+}
+
+/**
+ * @primitive  b.crdt.gCounter
+ * @signature  b.crdt.gCounter(opts?)
+ * @since      0.13.4
+ * @status     stable
+ * @compliance soc2
+ * @related    b.crdt.pnCounter, b.crdt.gSet
+ *
+ * A grow-only counter: each replica tracks its own increment-only tally, and
+ * the value is their sum. <code>merge</code> takes the per-replica maximum, so
+ * it converges no matter the order. Increments only — use
+ * <code>pnCounter</code> when you also need to decrement.
+ *
+ * @opts
+ *   replicaId: string,   // this replica's id (default: random)
+ *
+ * @example
+ *   var a = b.crdt.gCounter({ replicaId: "a" }).inc(3);
+ *   var c = b.crdt.gCounter({ replicaId: "c" }).inc(5);
+ *   a.merge(c).value();   // → 8
+ */
+function gCounter(opts) {
+  opts = opts || {};
+  var replicaId = _replicaId(opts);
+  var counts = {};
+  if (opts._counts) { for (var k in opts._counts) if (Object.prototype.hasOwnProperty.call(opts._counts, k)) counts[k] = opts._counts[k]; }
+
+  return {
+    type: "gCounter",
+    replicaId: replicaId,
+    inc: function (n) { n = n == null ? 1 : _posInt(n, "inc"); counts[replicaId] = (counts[replicaId] || 0) + n; return this; },
+    value: function () { var s = 0; for (var k in counts) if (Object.prototype.hasOwnProperty.call(counts, k)) s += counts[k]; return s; },
+    state: function () { return { type: "gCounter", counts: Object.assign({}, counts) }; },
+    merge: function (other) { return gCounter({ replicaId: replicaId, _counts: _maxMerge(counts, _otherState(other, "gCounter").counts) }); },
+  };
+}
+gCounter.fromState = function (s, opts) { _assertState(s, "gCounter"); return gCounter(Object.assign({}, opts, { _counts: s.counts })); };
+
+/**
+ * @primitive  b.crdt.pnCounter
+ * @signature  b.crdt.pnCounter(opts?)
+ * @since      0.13.4
+ * @status     stable
+ * @compliance soc2
+ * @related    b.crdt.gCounter, b.crdt.lwwRegister
+ *
+ * A positive-negative counter: two grow-only counters (increments and
+ * decrements) whose difference is the value, so it supports both
+ * <code>inc</code> and <code>dec</code> and still converges.
+ *
+ * @opts
+ *   replicaId: string,   // this replica's id (default: random)
+ *
+ * @example
+ *   var a = b.crdt.pnCounter({ replicaId: "a" }).inc(5).dec(2);
+ *   var c = b.crdt.pnCounter({ replicaId: "c" }).inc(1);
+ *   a.merge(c).value();   // → 4
+ */
+function pnCounter(opts) {
+  opts = opts || {};
+  var replicaId = _replicaId(opts);
+  var p = gCounter({ replicaId: replicaId, _counts: opts._p });
+  var n = gCounter({ replicaId: replicaId, _counts: opts._n });
+
+  return {
+    type: "pnCounter",
+    replicaId: replicaId,
+    inc: function (by) { p.inc(by); return this; },
+    dec: function (by) { n.inc(by); return this; },
+    value: function () { return p.value() - n.value(); },
+    state: function () { return { type: "pnCounter", p: p.state().counts, n: n.state().counts }; },
+    merge: function (other) {
+      var o = _otherState(other, "pnCounter");
+      return pnCounter({ replicaId: replicaId, _p: _maxMerge(p.state().counts, o.p), _n: _maxMerge(n.state().counts, o.n) });
+    },
+  };
+}
+pnCounter.fromState = function (s, opts) { _assertState(s, "pnCounter"); return pnCounter(Object.assign({}, opts, { _p: s.p, _n: s.n })); };
+
+/**
+ * @primitive  b.crdt.gSet
+ * @signature  b.crdt.gSet(opts?)
+ * @since      0.13.4
+ * @status     stable
+ * @compliance soc2
+ * @related    b.crdt.twoPSet, b.crdt.orSet
+ *
+ * A grow-only set: elements can be added but never removed; <code>merge</code>
+ * is set union. The simplest convergent set — reach for <code>orSet</code>
+ * when removal is needed. Elements may be strings or JSON-serializable values.
+ *
+ * @opts
+ *   replicaId: string,   // this replica's id (default: random)
+ *
+ * @example
+ *   var a = b.crdt.gSet().add("x");
+ *   var c = b.crdt.gSet().add("y");
+ *   a.merge(c).value();   // → ["x", "y"]
+ */
+function gSet(opts) {
+  opts = opts || {};
+  var replicaId = _replicaId(opts);
+  var els = new Set(opts._els || []);
+
+  return {
+    type: "gSet",
+    replicaId: replicaId,
+    add: function (x) { els.add(_key(x)); return this; },
+    has: function (x) { return els.has(_key(x)); },
+    value: function () { return _decodeKeys(els); },
+    state: function () { return { type: "gSet", els: Array.from(els) }; },
+    merge: function (other) { var o = _otherState(other, "gSet"); var u = new Set(els); o.els.forEach(function (e) { u.add(e); }); return gSet({ replicaId: replicaId, _els: u }); },
+  };
+}
+gSet.fromState = function (s, opts) { _assertState(s, "gSet"); return gSet(Object.assign({}, opts, { _els: s.els })); };
+
+/**
+ * @primitive  b.crdt.twoPSet
+ * @signature  b.crdt.twoPSet(opts?)
+ * @since      0.13.4
+ * @status     stable
+ * @compliance soc2
+ * @related    b.crdt.gSet, b.crdt.orSet
+ *
+ * A two-phase set: an add-set and a remove-set (tombstones). An element can be
+ * added and removed, but once removed it can never be re-added — remove wins
+ * permanently. When re-adding must work, use <code>orSet</code>.
+ *
+ * @opts
+ *   replicaId: string,   // this replica's id (default: random)
+ *
+ * @example
+ *   var s = b.crdt.twoPSet().add("a").add("b").remove("a");
+ *   s.value();   // → ["b"]
+ */
+function twoPSet(opts) {
+  opts = opts || {};
+  var replicaId = _replicaId(opts);
+  var adds = new Set(opts._adds || []);
+  var removes = new Set(opts._removes || []);
+
+  return {
+    type: "twoPSet",
+    replicaId: replicaId,
+    add: function (x) { adds.add(_key(x)); return this; },
+    remove: function (x) { var k = _key(x); if (adds.has(k)) removes.add(k); return this; },
+    has: function (x) { var k = _key(x); return adds.has(k) && !removes.has(k); },
+    value: function () { var live = new Set(); adds.forEach(function (k) { if (!removes.has(k)) live.add(k); }); return _decodeKeys(live); },
+    state: function () { return { type: "twoPSet", adds: Array.from(adds), removes: Array.from(removes) }; },
+    merge: function (other) {
+      var o = _otherState(other, "twoPSet");
+      var a = new Set(adds), r = new Set(removes);
+      o.adds.forEach(function (e) { a.add(e); });
+      o.removes.forEach(function (e) { r.add(e); });
+      return twoPSet({ replicaId: replicaId, _adds: a, _removes: r });
+    },
+  };
+}
+twoPSet.fromState = function (s, opts) { _assertState(s, "twoPSet"); return twoPSet(Object.assign({}, opts, { _adds: s.adds, _removes: s.removes })); };
+
+/**
+ * @primitive  b.crdt.orSet
+ * @signature  b.crdt.orSet(opts?)
+ * @since      0.13.4
+ * @status     stable
+ * @compliance soc2
+ * @related    b.crdt.gSet, b.crdt.twoPSet, b.crdt.orMap
+ *
+ * An observed-remove set: each add stamps a unique tag, and remove tombstones
+ * the tags it has observed for that element, so an element survives if any
+ * concurrent add was not seen by the remove — re-adding works, and a
+ * concurrent add-vs-remove resolves add-wins. <code>tombstoneRetention</code>
+ * optionally caps the tombstone set to bound memory against a remove flood; it
+ * drops the oldest tombstones, which can resurrect a concurrently-removed
+ * element, so leave it unset unless that trade-off is acceptable.
+ *
+ * Each add stamps a unique tag; remove tombstones the tags currently observed
+ * for that element. An element is present if it has a live (un-tombstoned) tag.
+ *
+ * @opts
+ *   replicaId:          string,   // this replica's id (default: random)
+ *   tombstoneRetention: number,   // optional cap on retained tombstones (default: unbounded)
+ *
+ * @example
+ *   var a = b.crdt.orSet().add("x");
+ *   var c = b.crdt.orSet.fromState(a.state()).add("x");  // re-add elsewhere
+ *   a.remove("x");
+ *   a.merge(c).value();   // → ["x"]  (concurrent re-add survives)
+ */
+function orSet(opts) {
+  opts = opts || {};
+  var replicaId = _replicaId(opts);
+  var tombstoneRetention = opts.tombstoneRetention;
+  if (tombstoneRetention != null) _posInt(tombstoneRetention, "tombstoneRetention");
+  // elems: key -> array of tags ; tombstones: Set of removed tags
+  var elems = {};
+  if (opts._elems) { for (var k in opts._elems) if (Object.prototype.hasOwnProperty.call(opts._elems, k)) elems[k] = opts._elems[k].slice(); }
+  var tombstones = new Set(opts._tombstones || []);
+  var seq = 0;
+
+  function _tag() { return replicaId + ":" + (++seq) + ":" + bCrypto.generateToken(4); }
+  function _liveTags(key) { return (elems[key] || []).filter(function (t) { return !tombstones.has(t); }); }
+  function _gcTombstones() {
+    if (tombstoneRetention == null || tombstones.size <= tombstoneRetention) return;
+    // Bounded-memory tradeoff (opt-in): drop oldest tombstones. Documented to
+    // possibly resurrect a concurrently-removed element — full causal GC ships
+    // with the replicator slice.
+    var arr = Array.from(tombstones);
+    tombstones = new Set(arr.slice(arr.length - tombstoneRetention));
+  }
+
+  return {
+    type: "orSet",
+    replicaId: replicaId,
+    add: function (x) { var key = _key(x); (elems[key] = elems[key] || []).push(_tag()); return this; },
+    remove: function (x) { var key = _key(x); _liveTags(key).forEach(function (t) { tombstones.add(t); }); _gcTombstones(); return this; },
+    has: function (x) { return _liveTags(_key(x)).length > 0; },
+    value: function () { var live = []; for (var key in elems) if (Object.prototype.hasOwnProperty.call(elems, key) && _liveTags(key).length > 0) live.push(key); return _decodeKeys(new Set(live)); },
+    state: function () { var e = {}; for (var key in elems) if (Object.prototype.hasOwnProperty.call(elems, key)) e[key] = elems[key].slice(); return { type: "orSet", elems: e, tombstones: Array.from(tombstones) }; },
+    merge: function (other) {
+      var o = _otherState(other, "orSet");
+      var e = {};
+      var key;
+      for (key in elems) if (Object.prototype.hasOwnProperty.call(elems, key)) e[key] = elems[key].slice();
+      for (key in o.elems) if (Object.prototype.hasOwnProperty.call(o.elems, key)) {
+        var merged = (e[key] || []).concat(o.elems[key]);
+        e[key] = Array.from(new Set(merged));   // union of tags, dedup
+      }
+      var ts = new Set(tombstones);
+      o.tombstones.forEach(function (t) { ts.add(t); });
+      return orSet({ replicaId: replicaId, tombstoneRetention: tombstoneRetention, _elems: e, _tombstones: ts });
+    },
+  };
+}
+orSet.fromState = function (s, opts) { _assertState(s, "orSet"); return orSet(Object.assign({}, opts, { _elems: s.elems, _tombstones: s.tombstones })); };
+
+/**
+ * @primitive  b.crdt.lwwRegister
+ * @signature  b.crdt.lwwRegister(opts?)
+ * @since      0.13.4
+ * @status     stable
+ * @compliance soc2
+ * @related    b.crdt.pnCounter, b.crdt.orMap
+ *
+ * A last-write-wins register: holds a single value with a timestamp;
+ * <code>merge</code> keeps the higher-timestamped write, breaking ties by the
+ * higher <code>replicaId</code> so the outcome is deterministic. Pass an
+ * explicit timestamp to <code>set</code> for a logical clock, or omit it to
+ * use wall-clock milliseconds.
+ *
+ * @opts
+ *   replicaId: string,   // this replica's id (default: random)
+ *
+ * @example
+ *   var a = b.crdt.lwwRegister({ replicaId: "a" }).set("first", 1);
+ *   var c = b.crdt.lwwRegister({ replicaId: "c" }).set("second", 2);
+ *   a.merge(c).value();   // → "second"
+ */
+function lwwRegister(opts) {
+  opts = opts || {};
+  var replicaId = _replicaId(opts);
+  var current = opts._current || { value: null, ts: -1, replicaId: "" };
+
+  function _beats(a, b) { return a.ts > b.ts || (a.ts === b.ts && a.replicaId > b.replicaId); }
+  return {
+    type: "lwwRegister",
+    replicaId: replicaId,
+    set: function (v, ts) { ts = ts == null ? Date.now() : _posInt(ts, "ts"); var cand = { value: v, ts: ts, replicaId: replicaId }; if (_beats(cand, current)) current = cand; return this; },
+    value: function () { return current.value; },
+    timestamp: function () { return current.ts; },
+    state: function () { return { type: "lwwRegister", current: { value: current.value, ts: current.ts, replicaId: current.replicaId } }; },
+    merge: function (other) { var o = _otherState(other, "lwwRegister"); var win = _beats(o.current, current) ? o.current : current; return lwwRegister({ replicaId: replicaId, _current: { value: win.value, ts: win.ts, replicaId: win.replicaId } }); },
+  };
+}
+lwwRegister.fromState = function (s, opts) { _assertState(s, "lwwRegister"); return lwwRegister(Object.assign({}, opts, { _current: s.current })); };
+
+/**
+ * @primitive  b.crdt.orMap
+ * @signature  b.crdt.orMap(opts?)
+ * @since      0.13.4
+ * @status     stable
+ * @compliance soc2
+ * @related    b.crdt.orSet, b.crdt.lwwRegister
+ *
+ * An observed-remove map: key presence follows observed-remove-set semantics
+ * (a key can be set, removed, and set again), and each key's value is a
+ * last-write-wins register, so concurrent writes to a live key converge by
+ * timestamp (higher wins, ties by replicaId). Removing a key clears its value
+ * register locally, so a re-add on the same replica starts clean; across
+ * replicas the value is strictly last-write-wins by timestamp — supply
+ * monotonic timestamps (the default wall-clock does) for re-add to win. Keys
+ * are non-empty strings.
+ *
+ * Keys follow OR-Set add/remove semantics; each key's value is an LWW register,
+ * so concurrent writes to the same key converge by last-write-wins.
+ *
+ * @opts
+ *   replicaId: string,   // this replica's id (default: random)
+ *
+ * @example
+ *   var a = b.crdt.orMap({ replicaId: "a" }).set("k", "v1", 1);
+ *   var c = b.crdt.orMap({ replicaId: "c" }).set("k", "v2", 2);
+ *   a.merge(c).value();   // → { k: "v2" }
+ */
+function orMap(opts) {
+  opts = opts || {};
+  var replicaId = _replicaId(opts);
+  var keys = orSet({ replicaId: replicaId, _elems: opts._keyElems, _tombstones: opts._keyTombstones });
+  var vals = {};   // key -> lwwRegister state
+  if (opts._vals) { for (var k in opts._vals) if (Object.prototype.hasOwnProperty.call(opts._vals, k)) vals[k] = opts._vals[k]; }
+
+  function _reg(key) { return lwwRegister.fromState(vals[key] || { type: "lwwRegister", current: { value: null, ts: -1, replicaId: "" } }, { replicaId: replicaId }); }
+  // Keys pass to the OR-Set raw (it encodes internally) and index `vals`
+  // directly, so the materialized value is keyed by the plain string.
+  return {
+    type: "orMap",
+    replicaId: replicaId,
+    set: function (key, v, ts) { key = _mapKey(key); keys.add(key); vals[key] = _reg(key).set(v, ts).state(); return this; },
+    // Removing a key clears its value register, so re-adding the key on this
+    // replica starts from a clean last-write-wins state rather than reusing the
+    // pre-remove value. (Across replicas the value still follows last-write-wins
+    // by timestamp — a concurrent, un-removed higher-timestamped write wins;
+    // making a re-add causally supersede needs vector clocks, which ship with
+    // the replicator slice.)
+    remove: function (key) { key = _mapKey(key); keys.remove(key); delete vals[key]; return this; },
+    has: function (key) { return keys.has(_mapKey(key)); },
+    get: function (key) { key = _mapKey(key); return keys.has(key) ? _reg(key).value() : undefined; },
+    value: function () { var out = {}; keys.value().forEach(function (key) { out[key] = _reg(key).value(); }); return out; },
+    state: function () { var ks = keys.state(); return { type: "orMap", keyElems: ks.elems, keyTombstones: ks.tombstones, vals: Object.assign({}, vals) }; },
+    merge: function (other) {
+      var o = _otherState(other, "orMap");
+      var mergedKeys = keys.merge({ state: function () { return { type: "orSet", elems: o.keyElems, tombstones: o.keyTombstones }; } }).state();
+      var v = {};
+      var key;
+      for (key in vals) if (Object.prototype.hasOwnProperty.call(vals, key)) v[key] = vals[key];
+      for (key in o.vals) if (Object.prototype.hasOwnProperty.call(o.vals, key)) {
+        if (!v[key]) { v[key] = o.vals[key]; }
+        else {
+          var merged = lwwRegister.fromState(v[key], { replicaId: replicaId }).merge({ state: function () { return o.vals[key]; } });
+          v[key] = merged.state();
+        }
+      }
+      return orMap({ replicaId: replicaId, _keyElems: mergedKeys.elems, _keyTombstones: mergedKeys.tombstones, _vals: v });
+    },
+  };
+}
+orMap.fromState = function (s, opts) { _assertState(s, "orMap"); return orMap(Object.assign({}, opts, { _keyElems: s.keyElems, _keyTombstones: s.keyTombstones, _vals: s.vals })); };
+
+// ---- shared helpers --------------------------------------------------------
+
+// Set/map elements are keyed by a reversible string so structured values work.
+function _key(x) {
+  if (typeof x === "string") return "s:" + x;
+  return "j:" + JSON.stringify(x);
+}
+function _mapKey(k) {
+  if (typeof k !== "string" || k.length === 0) throw new CrdtError("crdt/bad-key", "crdt.orMap: keys must be non-empty strings");
+  return k;
+}
+function _decodeKeys(set) {
+  // Sort by the encoded key (a deterministic, unique string for every element,
+  // including structured ones) BEFORE decoding, so the materialized array order
+  // is identical regardless of merge order — structured elements would all
+  // collapse to "[object Object]" if sorted by their decoded value.
+  return Array.from(set).sort().map(function (k) {
+    return k.charAt(0) === "s" ? k.slice(2) : safeJson.parse(k.slice(2));
+  });
+}
+function _otherState(other, expected) {
+  var s = other && typeof other.state === "function" ? other.state() : other;
+  _assertState(s, expected);
+  return s;
+}
+function _assertState(s, expected) {
+  if (!s || typeof s !== "object") throw new CrdtError("crdt/bad-state", "crdt: expected a " + expected + " state object");
+  if (s.type !== expected) throw new CrdtError("crdt/type-mismatch", "crdt: expected a " + expected + " state, got '" + s.type + "'");
+}
+
+module.exports = {
+  gCounter:    gCounter,
+  pnCounter:   pnCounter,
+  gSet:        gSet,
+  twoPSet:     twoPSet,
+  orSet:       orSet,
+  lwwRegister: lwwRegister,
+  orMap:       orMap,
+  CrdtError:   CrdtError,
+};

package/lib/crypto-xwing.js

@@ -0,0 +1,213 @@
+"use strict";
+/**
+ * @module b.crypto.xwing
+ * @nav    Crypto
+ * @title  X-Wing KEM
+ *
+ * @intro
+ *   X-Wing is a general-purpose hybrid post-quantum / traditional key
+ *   encapsulation mechanism: it runs ML-KEM-768 and X25519 side by side and
+ *   binds their shared secrets with SHA3-256, so the resulting key stays
+ *   secure as long as <em>either</em> ML-KEM-768 or X25519 holds. That is the
+ *   conservative shape for migrating off classical ECDH today — a harvest-now-
+ *   decrypt-later attacker must break the lattice KEM, and a hypothetical
+ *   ML-KEM break still leaves X25519 standing.
+ *
+ *   The construction follows
+ *   <code>draft-connolly-cfrg-xwing-kem</code>. The combiner is frozen — it
+ *   hashes the ML-KEM shared secret, the X25519 shared secret, the X25519
+ *   ephemeral public key, the recipient's X25519 public key, and a fixed
+ *   six-byte label — but the document is still an IETF Internet-Draft, so this
+ *   primitive is marked <code>experimental</code> and sits beside the other
+ *   pre-RFC post-quantum drafts (<code>b.crypto.hpke.pq</code>). The wire
+ *   sizes are fixed: a 1216-byte public key (ML-KEM-768 1184 ‖ X25519 32), a
+ *   1120-byte ciphertext (ML-KEM-768 1088 ‖ X25519 32), a 32-byte decapsulation
+ *   seed, and a 32-byte shared secret.
+ *
+ *   X-Wing composes the framework's vendored ML-KEM-768 and X25519 plus
+ *   SHA3 — it adds no new cryptographic core, only the standard combiner and
+ *   wire framing.
+ *
+ * @card
+ *   X-Wing hybrid PQ/T KEM (`b.crypto.xwing`) — ML-KEM-768 + X25519 bound by
+ *   SHA3-256 per draft-connolly-cfrg-xwing-kem, secure if either component
+ *   holds. 1216-byte key, 1120-byte ciphertext, 32-byte shared secret.
+ */
+
+var nodeCrypto = require("node:crypto");
+var pqc = require("./vendor/noble-post-quantum.cjs");
+var { defineClass } = require("./framework-error");
+
+var XWingError = defineClass("XWingError", { alwaysPermanent: true });
+
+var mlkem = pqc.ml_kem768;
+
+// draft-connolly-cfrg-xwing-kem: the combiner label, ASCII "\./" + "/^\".
+var XWING_LABEL = Buffer.from("5c2e2f2f5e5c", "hex");
+
+// Component + composite sizes (bytes), fixed by the draft — protocol wire
+// widths, not buffer-capacity tunables.
+var ML_KEM_PK = 1184;                  // allow:raw-byte-literal — ML-KEM-768 public key
+var ML_KEM_CT = 1088;                  // allow:raw-byte-literal — ML-KEM-768 ciphertext
+var X25519_LEN = 32;                   // allow:raw-byte-literal — X25519 key/share length
+var SEED_LEN = 32;                     // allow:raw-byte-literal — X-Wing seed length
+var SS_LEN = 32;                       // allow:raw-byte-literal — shared-secret length
+var PK_LEN = ML_KEM_PK + X25519_LEN;   // 1216
+var CT_LEN = ML_KEM_CT + X25519_LEN;   // 1120
+var MLKEM_SEED = 64;                   // allow:raw-byte-literal — d ‖ z for ML-KEM KeyGen_internal
+var EXPAND_LEN = 96;                   // allow:raw-byte-literal — SHAKE256(seed) → d ‖ z ‖ sk_X
+
+// X25519 raw-scalar helpers via fixed PKCS8 / SPKI DER prefixes (OID
+// 1.3.101.110). Node clamps the scalar per RFC 7748 on use, matching X-Wing.
+var X25519_PKCS8_PREFIX = Buffer.from("302e020100300506032b656e04220420", "hex");
+var X25519_SPKI_PREFIX  = Buffer.from("302a300506032b656e032100", "hex");
+
+function _x25519Public(sk) {
+  var key = nodeCrypto.createPrivateKey({ key: Buffer.concat([X25519_PKCS8_PREFIX, sk]), format: "der", type: "pkcs8" });
+  var spki = nodeCrypto.createPublicKey(key).export({ format: "der", type: "spki" });
+  return spki.subarray(spki.length - X25519_LEN);
+}
+function _x25519Shared(sk, pk) {
+  return nodeCrypto.diffieHellman({
+    privateKey: nodeCrypto.createPrivateKey({ key: Buffer.concat([X25519_PKCS8_PREFIX, sk]), format: "der", type: "pkcs8" }),
+    publicKey:  nodeCrypto.createPublicKey({ key: Buffer.concat([X25519_SPKI_PREFIX, pk]), format: "der", type: "spki" }),
+  });
+}
+
+function _shake256(buf, outLen) { return nodeCrypto.createHash("shake256", { outputLength: outLen }).update(buf).digest(); }
+
+/**
+ * @primitive  b.crypto.xwing.combiner
+ * @signature  b.crypto.xwing.combiner(ssM, ssX, ctX, pkX)
+ * @since      0.13.3
+ * @status     experimental
+ * @compliance soc2
+ * @related    b.crypto.xwing.encapsulate, b.crypto.xwing.decapsulate
+ *
+ * The X-Wing combiner: <code>SHA3-256(ssM ‖ ssX ‖ ctX ‖ pkX ‖ label)</code>,
+ * where the label is the fixed six bytes the draft defines. Exposed for
+ * advanced use and known-answer testing; <code>encapsulate</code> and
+ * <code>decapsulate</code> call it internally. Each input must be 32 bytes.
+ *
+ * @example
+ *   var ss = b.crypto.xwing.combiner(ssMlkem, ssX25519, ephPub, recipientPub);
+ *   // → 32-byte shared secret
+ */
+function combiner(ssM, ssX, ctX, pkX) {
+  [["ssM", ssM, SS_LEN], ["ssX", ssX, X25519_LEN], ["ctX", ctX, X25519_LEN], ["pkX", pkX, X25519_LEN]].forEach(function (t) {
+    // ML-KEM outputs are Uint8Array; X25519 outputs are Buffer — accept both.
+    if (!(Buffer.isBuffer(t[1]) || t[1] instanceof Uint8Array) || t[1].length !== t[2]) throw new XWingError("xwing/bad-input", "xwing.combiner: " + t[0] + " must be a " + t[2] + "-byte byte array");
+  });
+  return nodeCrypto.createHash("sha3-256").update(Buffer.concat([ssM, ssX, ctX, pkX, XWING_LABEL])).digest();
+}
+
+// Expand a 32-byte seed into ML-KEM key material + the X25519 scalar.
+function _expand(seed) {
+  var e = _shake256(seed, EXPAND_LEN);
+  var kp = mlkem.keygen(e.subarray(0, MLKEM_SEED));     // KeyGen_internal(d, z)
+  var skX = e.subarray(MLKEM_SEED, EXPAND_LEN);
+  return { skM: kp.secretKey, pkM: kp.publicKey, skX: skX, pkX: _x25519Public(skX) };
+}
+
+/**
+ * @primitive  b.crypto.xwing.keygen
+ * @signature  b.crypto.xwing.keygen(seed?)
+ * @since      0.13.3
+ * @status     experimental
+ * @compliance soc2
+ * @related    b.crypto.xwing.encapsulate, b.crypto.xwing.decapsulate
+ *
+ * Generate an X-Wing keypair. The decapsulation key is a 32-byte seed (store
+ * this); the encapsulation key is the 1216-byte public key to publish. Pass a
+ * 32-byte <code>seed</code> for deterministic generation, or omit it for a
+ * random key.
+ *
+ * @example
+ *   var kp = b.crypto.xwing.keygen();
+ *   kp.publicKey.length;   // → 1216
+ *   kp.secretKey.length;   // → 32  (the seed — keep it secret)
+ */
+function keygen(seed) {
+  if (seed == null) seed = nodeCrypto.randomBytes(SEED_LEN);
+  if (!Buffer.isBuffer(seed) || seed.length !== SEED_LEN) throw new XWingError("xwing/bad-seed", "xwing.keygen: seed must be a " + SEED_LEN + "-byte Buffer");
+  var k = _expand(seed);
+  return { publicKey: Buffer.concat([k.pkM, k.pkX]), secretKey: Buffer.from(seed) };
+}
+
+/**
+ * @primitive  b.crypto.xwing.encapsulate
+ * @signature  b.crypto.xwing.encapsulate(publicKey, eseed?)
+ * @since      0.13.3
+ * @status     experimental
+ * @compliance soc2
+ * @related    b.crypto.xwing.decapsulate, b.crypto.xwing.keygen
+ *
+ * Encapsulate to a 1216-byte X-Wing public key. Returns the 1120-byte
+ * <code>ciphertext</code> to send and the 32-byte <code>sharedSecret</code> to
+ * key a symmetric cipher with. Pass a 64-byte <code>eseed</code>
+ * (X25519 ephemeral scalar ‖ ML-KEM coins) for deterministic encapsulation, or
+ * omit it for fresh randomness.
+ *
+ * @example
+ *   var enc = b.crypto.xwing.encapsulate(recipientPublicKey);
+ *   enc.ciphertext.length;   // → 1120
+ *   enc.sharedSecret.length; // → 32
+ */
+function encapsulate(publicKey, eseed) {
+  if (!Buffer.isBuffer(publicKey) || publicKey.length !== PK_LEN) throw new XWingError("xwing/bad-public-key", "xwing.encapsulate: publicKey must be a " + PK_LEN + "-byte Buffer");
+  var pkM = publicKey.subarray(0, ML_KEM_PK);
+  var pkX = publicKey.subarray(ML_KEM_PK, PK_LEN);
+  var ekX, mlkemCoins = null;
+  if (eseed == null) {
+    ekX = nodeCrypto.randomBytes(X25519_LEN);
+  } else {
+    if (!Buffer.isBuffer(eseed) || eseed.length !== 2 * X25519_LEN) throw new XWingError("xwing/bad-eseed", "xwing.encapsulate: eseed must be a " + (2 * X25519_LEN) + "-byte Buffer");
+    // draft EncapsulateDerand: eseed[0:32] = ML-KEM coins, eseed[32:64] = X25519
+    // ephemeral scalar. This order matches the draft's test vectors.
+    mlkemCoins = eseed.subarray(0, X25519_LEN);
+    ekX = eseed.subarray(X25519_LEN, 2 * X25519_LEN);
+  }
+  var ctX = _x25519Public(ekX);
+  var ssX = _x25519Shared(ekX, pkX);
+  var kem = mlkemCoins ? mlkem.encapsulate(pkM, mlkemCoins) : mlkem.encapsulate(pkM);
+  var ss = combiner(kem.sharedSecret, ssX, ctX, pkX);
+  return { ciphertext: Buffer.concat([kem.cipherText, ctX]), sharedSecret: ss };
+}
+
+/**
+ * @primitive  b.crypto.xwing.decapsulate
+ * @signature  b.crypto.xwing.decapsulate(secretKey, ciphertext)
+ * @since      0.13.3
+ * @status     experimental
+ * @compliance soc2
+ * @related    b.crypto.xwing.encapsulate, b.crypto.xwing.keygen
+ *
+ * Recover the 32-byte shared secret from a 1120-byte X-Wing ciphertext using
+ * the 32-byte decapsulation seed. ML-KEM-768's implicit-rejection means a
+ * tampered ciphertext yields a different (still 32-byte) secret rather than an
+ * error, so never branch on success — derive keys and let the AEAD tag fail.
+ *
+ * @example
+ *   var ss = b.crypto.xwing.decapsulate(kp.secretKey, enc.ciphertext);
+ *   ss.equals(enc.sharedSecret);   // → true
+ */
+function decapsulate(secretKey, ciphertext) {
+  if (!Buffer.isBuffer(secretKey) || secretKey.length !== SEED_LEN) throw new XWingError("xwing/bad-seed", "xwing.decapsulate: secretKey must be a " + SEED_LEN + "-byte Buffer");
+  if (!Buffer.isBuffer(ciphertext) || ciphertext.length !== CT_LEN) throw new XWingError("xwing/bad-ciphertext", "xwing.decapsulate: ciphertext must be a " + CT_LEN + "-byte Buffer");
+  var k = _expand(secretKey);
+  var ctM = ciphertext.subarray(0, ML_KEM_CT);
+  var ctX = ciphertext.subarray(ML_KEM_CT, CT_LEN);
+  var ssM = mlkem.decapsulate(ctM, k.skM);
+  var ssX = _x25519Shared(k.skX, ctX);
+  return combiner(ssM, ssX, ctX, k.pkX);
+}
+
+module.exports = {
+  NAME:        "X-Wing",
+  keygen:      keygen,
+  encapsulate: encapsulate,
+  decapsulate: decapsulate,
+  combiner:    combiner,
+  SIZES:       { publicKey: PK_LEN, ciphertext: CT_LEN, secretKey: SEED_LEN, sharedSecret: SS_LEN },
+  XWingError:  XWingError,
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@blamejs/core",
-  "version": "0.13.2",
+  "version": "0.13.4",
   "description": "The Node framework that owns its stack.",
   "license": "Apache-2.0",
   "author": "blamejs contributors",

package/sbom.cdx.json

@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.5",
-  "serialNumber": "urn:uuid:45c82292-580f-4bfa-aa46-23d8f36d6b83",
+  "serialNumber": "urn:uuid:832111fb-8b91-4fb8-bb5f-c491bae476c5",
   "version": 1,
   "metadata": {
-    "timestamp": "2026-05-26T23:17:31.244Z",
+    "timestamp": "2026-05-27T01:19:38.243Z",
     "lifecycles": [
       {
         "phase": "build"
@@ -19,14 +19,14 @@
       }
     ],
     "component": {
-      "bom-ref": "@blamejs/core@0.13.2",
+      "bom-ref": "@blamejs/core@0.13.4",
       "type": "application",
       "name": "blamejs",
-      "version": "0.13.2",
+      "version": "0.13.4",
       "scope": "required",
       "author": "blamejs contributors",
       "description": "The Node framework that owns its stack.",
-      "purl": "pkg:npm/%40blamejs/core@0.13.2",
+      "purl": "pkg:npm/%40blamejs/core@0.13.4",
       "properties": [],
       "externalReferences": [
         {
@@ -54,7 +54,7 @@
   "components": [],
   "dependencies": [
     {
-      "ref": "@blamejs/core@0.13.2",
+      "ref": "@blamejs/core@0.13.4",
       "dependsOn": []
     }
   ]