@blamejs/core 0.13.5 → 0.13.7

package/CHANGELOG.md

@@ -8,6 +8,10 @@ upgrading across more than a few patches at a time.
 
 ## v0.13.x
 
+- v0.13.7 (2026-05-26) — **Documentation accuracy — several primitives described shipped features as deferred.** A documentation sweep corrected primitive descriptions that still called features deferred after they shipped, so the wiki and inline docs now match the code. b.mdoc documents that device authentication (the ISO 18013-5 §9.1.3 signature variant, verifyDeviceAuth) is verified, not deferred — only the COSE_Mac0 device-auth variant remains refused. b.network.dns.dnssec documents that the root-to-zone chain walk against the IANA trust anchors (verifyChain) and NSEC / NSEC3 denial of existence (verifyDenial / nsec3Hash) ship, where the card previously said they were deferred. b.cose lists COSE_Mac0 and COSE_Encrypt0 among what it ships. The JMAP server documents its push channel, blob upload/download, and EmailSubmission handlers as present, and the submission server documents CHUNKING / BDAT as supported. A new test detector keeps this class of drift from recurring: it fails the build when a comment promises a feature lands in a version that has already shipped. **Fixed:** *Corrected `deferred`/`does-not-ship` docs for features that have shipped* — `b.mdoc` (device authentication, §9.1.3), `b.network.dns.dnssec` (chain walk + NSEC/NSEC3), `b.cose` (COSE_Mac0 + COSE_Encrypt0), the JMAP server (push, blob, EmailSubmission), and the submission server (BDAT/CHUNKING) all carried `@card`/`@intro` text describing shipped capabilities as deferred or not-shipped. The descriptions now match the implemented surface; genuinely-deferred items (the mdoc MAC variant, DNSSEC in-RDATA name canonicalization, COSE multi-signer/multi-recipient) remain documented as such. **Detectors:** *Overdue-defer detector in the codebase-pattern gate* — A new check fails the build when a comment promises a feature "lands in" / is "deferred to" / is "not supported in" a version that the package has already reached — catching stale deferral notes (a feature that shipped but whose comment still says otherwise, or a missed deadline) before they reach a release. An allowlist records the deliberate defer-with-condition exceptions.
+
+- v0.13.6 (2026-05-26) — **`b.ai.frontierModelProtocol` — California SB 53 frontier-AI obligations.** b.ai.frontierModelProtocol assesses a developer's obligations under California's Transparency in Frontier Artificial Intelligence Act — SB 53, Cal. Bus. & Prof. Code §22757.10, effective 2026-01-01 — from a model's training compute and the developer's revenue. It reports whether the model crosses the frontier threshold (more than 10^26 training FLOPs), whether the developer is a large frontier developer (prior-year revenue, with affiliates, above $500M), and the resulting obligations: every frontier developer must report critical safety incidents and publish a transparency report, and a large frontier developer must additionally publish an annual safety framework and disclose its catastrophic-risk assessment. Passing a candidate safety framework reports which required elements (risk identification, mitigation, governance, cybersecurity, standards alignment) are missing. b.ai.frontierModelProtocol.incidentReport validates a critical-incident type against the Act's four categories and computes the notification deadline to the California Office of Emergency Services — 15 days from discovery, or 24 hours when there is an imminent risk of death or serious physical injury. The ca-tfaia compliance posture was already in the catalog. **Added:** *`b.ai.frontierModelProtocol` — SB 53 threshold classification, obligations, and incident reporting* — `b.ai.frontierModelProtocol({ trainingFlops, annualRevenueUsd, framework? })` returns `isFrontierModel`, `isLargeFrontierDeveloper`, the `obligations` list, and (when a framework is supplied) its `frameworkGaps`. `b.ai.frontierModelProtocol.incidentReport({ type, discoveredAt, imminentRiskToLife? })` builds a critical-safety-incident report with the California OES recipient and a `dueAt` / `deadlineHours` computed from the 15-day (or 24-hour imminent-risk) statutory window; `type` must be one of the four categories in `INCIDENT_TYPES`. Throws `FrontierProtocolError` on malformed input.
+
 - v0.13.5 (2026-05-26) — **`b.ai.aedtBiasAudit` — NYC Local Law 144 bias audit.** b.ai.aedtBiasAudit computes the bias-audit figures New York City Local Law 144 requires before an Automated Employment Decision Tool may screen candidates (NYC Admin. Code §20-870 et seq.; DCWP rules 6 RCNY §5-300). Given the per-category counts an independent auditor collected — selected/total for a pass-fail tool, or scored-above-the-overall-median/total for a continuous-score tool — it returns the selection (or scoring) rate, the impact ratio (each group's rate divided by the most-selected group's rate), and an adverse-impact flag (impact ratio below the EEOC four-fifths threshold of 0.8) for every group, across the sex, race/ethnicity, and intersectional dimensions, plus the most-selected group per dimension and an overall flag. Categories under 2% of the audited data are marked excluded per DCWP discretion. It is a pure calculation that produces exactly the figures the annual published summary must contain — the law mandates the calculation, not any particular remediation. The relevant compliance postures (nyc-ll144, and ca-tfaia for California SB 53) were already in the catalog. **Added:** *`b.ai.aedtBiasAudit` — Local Law 144 selection/scoring rates and four-fifths impact ratios* — `b.ai.aedtBiasAudit({ type, metadata, categories, minCategoryShare? })` where `type` is `"selection"` (group entries `{ selected, total }`) or `"scoring"` (`{ scoredAboveMedian, total }`). Returns per-group rate, impact ratio, and `adverseImpact` flag across the `sex`, `raceEthnicity`, and `intersectional` dimensions, plus the most-selected group per dimension and an `anyAdverseImpact` summary. Categories below `minCategoryShare` (2% default) are excluded from the impact-ratio basis. Throws `AedtBiasAuditError` on malformed input.
 
 - v0.13.4 (2026-05-26) — **`b.crdt` — conflict-free replicated data types.** b.crdt adds state-based Conflict-free Replicated Data Types: data structures that independent replicas update without coordination and still converge to the same value once they have exchanged state. Each type's merge is a join over a semilattice — commutative, associative, and idempotent — so replicas can merge in any order, any number of times, and agree, which makes these the substrate for active/active cluster state, offline-first clients that reconcile on reconnect, and eventually-consistent counters, sets, and maps. The release ships the full state-based family: grow-only and positive-negative counters (gCounter / pnCounter), grow-only, two-phase, and observed-remove sets (gSet / twoPSet / orSet), a last-write-wins register (lwwRegister), and an observed-remove map (orMap). Every type exposes the same contract — local mutators, merge(other) that returns a converged instance without mutating either operand, value() for the materialized value, and state() / fromState() for a JSON-serializable form to snapshot via b.archive or b.backup or ship to a peer — and carries a replicaId so per-replica contributions stay distinct. **Added:** *`b.crdt` — state-based CvRDT counters, sets, register, and map* — `b.crdt.gCounter` / `pnCounter` (grow-only and increment/decrement counters), `b.crdt.gSet` / `twoPSet` / `orSet` (grow-only, two-phase, and observed-remove sets — `orSet` supports re-add and resolves a concurrent add-vs-remove as add-wins), `b.crdt.lwwRegister` (last-write-wins with a deterministic replicaId tie-break), and `b.crdt.orMap` (observed-remove keys with last-write-wins values). Each exposes `merge` / `value` / `state` / `fromState` and converges by the CvRDT laws. `orSet` and `orMap` accept `tombstoneRetention` to bound tombstone memory against a remove flood.

package/README.md

@@ -190,6 +190,7 @@ The framework bundles the surface a typical Node app reaches for. Every primitiv
 - **AI usage quotas** — per-tenant / per-model budgets metered by tokens / requests / cost-usd / compute-hours over calendar-aligned windows, with an atomic conditional reserve (no charge-then-refund race) + hard/soft/warn enforcement and an optional cross-node store; defends OWASP LLM10:2025 unbounded consumption / denial-of-wallet (`b.ai.quota`)
 - **AI capability routing** — model-capability registry (context window / modalities / tool use / reasoning tier / cost rates) + a router that picks the cheapest model satisfying a request's requirements, refusing capability mismatches before the inference call (NIST AI RMF MAP + Model Cards); composes with `b.ai.quota` cost budgets (`b.ai.capability`)
 - **AEDT bias audit** — NYC Local Law 144 bias-audit figures (`b.ai.aedtBiasAudit`): selection / scoring rates and EEOC four-fifths-rule impact ratios across sex, race/ethnicity, and their intersection, with the most-selected group and adverse-impact flags (impact ratio < 0.8) for the annual published summary; sub-2% categories excludable per DCWP §5-301
+- **Frontier AI protocol** — California SB 53 (Transparency in Frontier AI Act) obligations (`b.ai.frontierModelProtocol`): classify the frontier-model (>10²⁶ training FLOPs) and large-frontier-developer (>$500M revenue) thresholds, enumerate the resulting obligations, check a safety framework for required elements, and build a critical-safety-incident report with the 15-day / 24-hour California OES notification deadline (`.incidentReport`)
 ### Compliance regimes
 
 - **Posture coordinator** — `b.compliance` cascades operator-declared regime into retention / audit / db / cryptoField via POSTURE_DEFAULTS:

package/index.js

@@ -478,6 +478,7 @@ module.exports = {
     capability:      require("./lib/ai-capability"),
     dp:              require("./lib/ai-dp"),
     aedtBiasAudit:   require("./lib/ai-aedt-bias-audit"),
+    frontierModelProtocol: require("./lib/ai-frontier-protocol"),
   },
   promisePool:      require("./lib/promise-pool"),
   sdNotify:         require("./lib/sd-notify"),

package/lib/ai-disclosure.js

@@ -187,9 +187,8 @@ function chatbot(session, opts) {
  * machine-readable manner. This primitive returns the disclosure
  * payload (visible label + structured metadata) the operator wires
  * into the encoder / response pipeline. C2PA manifest emission is
- * deferred to v0.12.21 `b.contentCredentials` — this primitive
- * supplies the label markup and the metadata schema that the C2PA
- * adapter consumes when it lands.
+ * handled by `b.contentCredentials`; this primitive supplies the label
+ * markup and the metadata schema that the C2PA adapter consumes.
  *
  * @opts
  *   contentType:   "image" | "audio" | "video" | "text",        // required

package/lib/ai-frontier-protocol.js

@@ -0,0 +1,196 @@
+"use strict";
+/**
+ * @module b.ai.frontierModelProtocol
+ * @nav    Compliance
+ * @title  Frontier AI Protocol
+ *
+ * @intro
+ *   Assess a developer's obligations under California's Transparency in
+ *   Frontier Artificial Intelligence Act — SB 53, Cal. Bus. & Prof. Code
+ *   §22757.10 et seq., signed 2025-09-29 and effective 2026-01-01 — and build
+ *   the critical-safety-incident report the law requires. SB 53 attaches
+ *   obligations by two thresholds: a <em>frontier model</em> is one trained
+ *   with more than 10<sup>26</sup> floating-point operations (including
+ *   cumulative fine-tuning), and a <em>large frontier developer</em> is a
+ *   frontier developer whose annual revenue, with affiliates, exceeded
+ *   $500,000,000 in the prior calendar year. Frontier developers must report
+ *   critical safety incidents; large frontier developers must additionally
+ *   publish an annual frontier-AI safety framework.
+ *
+ *   <code>frontierModelProtocol(opts)</code> takes the model's training compute
+ *   and the developer's revenue and returns which thresholds are crossed and
+ *   the resulting obligations, optionally checking that a supplied safety
+ *   framework carries the elements the Act expects (risk identification,
+ *   mitigation, governance, cybersecurity, and alignment with a recognized
+ *   standard such as the NIST AI RMF or ISO/IEC 42001).
+ *   <code>frontierModelProtocol.incidentReport(opts)</code> validates a
+ *   critical-incident type against the Act's four definitions and computes the
+ *   notification deadline: a routine report goes to the California Office of
+ *   Emergency Services within 15 days of discovery; an imminent risk of death
+ *   or serious physical injury is reported to an applicable authority within 24
+ *   hours.
+ *
+ * @card
+ *   California SB 53 frontier-AI protocol (`b.ai.frontierModelProtocol`) —
+ *   classify frontier-model / large-developer thresholds (10²⁶ FLOPs, $500M
+ *   revenue), enumerate obligations, and build the critical-safety-incident
+ *   report with the 15-day / 24-hour OES notification deadline.
+ */
+
+var C = require("./constants");
+var { defineClass } = require("./framework-error");
+
+var FrontierProtocolError = defineClass("FrontierProtocolError", { alwaysPermanent: true });
+
+// SB 53 thresholds.
+var FRONTIER_FLOP_THRESHOLD = 1e26;          // > 10^26 training FLOPs → frontier model
+var LARGE_DEVELOPER_REVENUE_USD = 5e8;       // > $500,000,000 prior-year revenue → large developer
+var INCIDENT_DEADLINE_MS = C.TIME.days(15);  // report to CA OES within 15 days of discovery
+var IMMINENT_DEADLINE_MS = C.TIME.hours(24); // within 24 hours if imminent risk to life
+
+// The four critical safety incident categories (Cal. Bus. & Prof. Code §22757.10).
+var CRITICAL_INCIDENT_TYPES = {
+  "weights-exfiltration-harm":         "Unauthorized access, modification, or exfiltration of frontier-model weights resulting in death or bodily injury",
+  "catastrophic-risk-materialization": "Harm resulting from the materialization of a catastrophic risk (including loss of life or property from a dangerous capability)",
+  "loss-of-control-harm":              "Loss of control of a frontier model causing death or bodily injury",
+  "deceptive-control-subversion":      "A frontier model using deceptive techniques to subvert developer controls, demonstrating materially increased catastrophic risk",
+};
+
+// Elements a large frontier developer's published safety framework must address.
+var REQUIRED_FRAMEWORK_ELEMENTS = ["riskIdentification", "riskMitigation", "governance", "cybersecurity", "standardsAlignment"];
+
+function _posNum(v, label) {
+  if (typeof v !== "number" || !isFinite(v) || v < 0) throw new FrontierProtocolError("frontier/bad-value", "frontierModelProtocol: " + label + " must be a non-negative finite number");
+  return v;
+}
+
+/**
+ * @primitive  b.ai.frontierModelProtocol
+ * @signature  b.ai.frontierModelProtocol(opts)
+ * @since      0.13.6
+ * @status     stable
+ * @compliance ca-tfaia, soc2
+ * @related    b.ai.aedtBiasAudit, b.ai.disclosure.applyAll
+ *
+ * Determine SB 53 obligations from a model's training compute and the
+ * developer's revenue. Returns <code>isFrontierModel</code> (training FLOPs
+ * above 10<sup>26</sup>), <code>isLargeFrontierDeveloper</code> (a frontier
+ * developer with revenue above $500M), and the resulting
+ * <code>obligations</code>. When <code>framework</code> is supplied, its
+ * required elements are checked and reported in <code>frameworkGaps</code>.
+ * Throws <code>FrontierProtocolError</code> on malformed input.
+ *
+ * @opts
+ *   trainingFlops:    number,   // total training FLOPs incl. fine-tuning (required)
+ *   annualRevenueUsd: number,   // developer prior-year revenue with affiliates (default: 0)
+ *   framework:        object,   // optional safety framework to check for required elements
+ *
+ * @example
+ *   var p = b.ai.frontierModelProtocol({ trainingFlops: 5e26, annualRevenueUsd: 1e9 });
+ *   p.isFrontierModel;           // → true
+ *   p.isLargeFrontierDeveloper;  // → true
+ *   p.obligations;               // → ["report-critical-safety-incidents", "publish-annual-safety-framework", ...]
+ */
+function frontierModelProtocol(opts) {
+  opts = opts || {};
+  if (typeof opts !== "object") throw new FrontierProtocolError("frontier/bad-opts", "frontierModelProtocol: opts must be an object");
+  var allowed = { trainingFlops: 1, annualRevenueUsd: 1, framework: 1 };
+  Object.keys(opts).forEach(function (k) { if (!allowed[k]) throw new FrontierProtocolError("frontier/bad-opts", "frontierModelProtocol: unknown option '" + k + "'"); });
+
+  var flops = _posNum(opts.trainingFlops, "trainingFlops");
+  var revenue = opts.annualRevenueUsd != null ? _posNum(opts.annualRevenueUsd, "annualRevenueUsd") : 0;
+
+  var isFrontierModel = flops > FRONTIER_FLOP_THRESHOLD;
+  var isLargeFrontierDeveloper = isFrontierModel && revenue > LARGE_DEVELOPER_REVENUE_USD;
+
+  var obligations = [];
+  if (isFrontierModel) {
+    obligations.push("report-critical-safety-incidents");
+    obligations.push("publish-transparency-report");
+  }
+  if (isLargeFrontierDeveloper) {
+    obligations.push("publish-annual-safety-framework");
+    obligations.push("disclose-catastrophic-risk-assessment");
+  }
+
+  var out = {
+    isFrontierModel: isFrontierModel,
+    isLargeFrontierDeveloper: isLargeFrontierDeveloper,
+    thresholds: { frontierFlops: FRONTIER_FLOP_THRESHOLD, largeDeveloperRevenueUsd: LARGE_DEVELOPER_REVENUE_USD },
+    obligations: obligations,
+  };
+
+  if (opts.framework != null) {
+    if (typeof opts.framework !== "object") throw new FrontierProtocolError("frontier/bad-value", "frontierModelProtocol: framework must be an object");
+    var gaps = REQUIRED_FRAMEWORK_ELEMENTS.filter(function (el) { return !opts.framework[el]; });
+    out.frameworkGaps = gaps;
+    out.frameworkComplete = gaps.length === 0;
+  }
+  return out;
+}
+
+/**
+ * @primitive  b.ai.frontierModelProtocol.incidentReport
+ * @signature  b.ai.frontierModelProtocol.incidentReport(opts)
+ * @since      0.13.6
+ * @status     stable
+ * @compliance ca-tfaia, soc2
+ * @related    b.ai.frontierModelProtocol, b.ai.aedtBiasAudit
+ *
+ * Build a critical-safety-incident report and compute its notification
+ * deadline to the California Office of Emergency Services. <code>type</code>
+ * must be one of the Act's four categories; <code>discoveredAt</code> is when
+ * the incident was discovered. The deadline is 15 days from discovery, or 24
+ * hours when <code>imminentRiskToLife</code> is set. Returns the structured
+ * report with <code>dueAt</code> and <code>deadlineHours</code>. Throws
+ * <code>FrontierProtocolError</code> on an unknown type or bad timestamp.
+ *
+ * @opts
+ *   type:               string,   // one of b.ai.frontierModelProtocol.INCIDENT_TYPES (required)
+ *   discoveredAt:       Date,     // discovery time (Date or epoch-ms; default: now)
+ *   imminentRiskToLife: boolean,  // true → 24-hour deadline (default: false → 15 days)
+ *   description:        string,   // free-text incident description (optional)
+ *
+ * @example
+ *   var r = b.ai.frontierModelProtocol.incidentReport({
+ *     type: "loss-of-control-harm", discoveredAt: new Date("2026-06-01T00:00:00Z"),
+ *   });
+ *   r.deadlineHours;   // → 360  (15 days)
+ *   r.recipient;       // → "California Office of Emergency Services"
+ */
+function incidentReport(opts) {
+  opts = opts || {};
+  if (typeof opts !== "object") throw new FrontierProtocolError("frontier/bad-opts", "incidentReport: opts must be an object");
+  if (!CRITICAL_INCIDENT_TYPES[opts.type]) throw new FrontierProtocolError("frontier/bad-incident-type", "incidentReport: type must be one of " + Object.keys(CRITICAL_INCIDENT_TYPES).join(", "));
+
+  var discoveredMs;
+  if (opts.discoveredAt == null) discoveredMs = Date.now();
+  else if (opts.discoveredAt instanceof Date) discoveredMs = opts.discoveredAt.getTime();
+  else discoveredMs = Number(opts.discoveredAt);
+  if (!isFinite(discoveredMs) || discoveredMs < 0) throw new FrontierProtocolError("frontier/bad-value", "incidentReport: discoveredAt must be a Date or non-negative epoch-ms");
+
+  var imminent = opts.imminentRiskToLife === true;
+  var windowMs = imminent ? IMMINENT_DEADLINE_MS : INCIDENT_DEADLINE_MS;
+
+  return {
+    type:               opts.type,
+    typeDescription:    CRITICAL_INCIDENT_TYPES[opts.type],
+    description:        typeof opts.description === "string" ? opts.description : null,
+    imminentRiskToLife: imminent,
+    discoveredAt:       new Date(discoveredMs).toISOString(),
+    dueAt:              new Date(discoveredMs + windowMs).toISOString(),
+    deadlineHours:      windowMs / C.TIME.hours(1),
+    // §22757.13: the routine report goes to OES within 15 days; an imminent
+    // risk of death or serious physical injury is reported to an applicable
+    // authority within 24 hours, which the operator selects for the incident.
+    recipient:          imminent ? "An applicable authority with jurisdiction (e.g. law enforcement or a public-safety agency)" : "California Office of Emergency Services",
+    citation:           "Cal. Bus. & Prof. Code §22757.13 (SB 53)",
+  };
+}
+
+frontierModelProtocol.incidentReport = incidentReport;
+frontierModelProtocol.INCIDENT_TYPES = Object.keys(CRITICAL_INCIDENT_TYPES);
+frontierModelProtocol.REQUIRED_FRAMEWORK_ELEMENTS = REQUIRED_FRAMEWORK_ELEMENTS;
+frontierModelProtocol.FrontierProtocolError = FrontierProtocolError;
+
+module.exports = frontierModelProtocol;

package/lib/archive-tar.js

@@ -56,11 +56,10 @@
  *     - CVE-2024-12905 / CVE-2025-48387 (tar-fs path traversal).
  *     - CVE-2025-4138 / 4330 (Python tarfile data filter bypass).
  *
- *   Out of scope (v1):
+ *   Compression is via `b.archive.gz` composition (tar.gz). Out of scope
+ *   (v1):
  *     - Sparse-file emission (read reconstructs them; write doesn't
  *       produce sparse).
- *     - Compression (tar.gz lands v0.12.9 via `b.archive.gz`
- *       composition).
  *     - BSD-tar extensions beyond pax.
  *
  * @card

package/lib/backup/index.js

@@ -1028,9 +1028,8 @@ module.exports = {
  * Adapter-driven storage backend. Wraps the bundle directory's file
  * tree into per-file key-value pairs routed through an operator-
  * supplied byte-store adapter so backup bundles can land anywhere
- * that exposes the contract (local fs is the v0.12.7 default; tar
- * folding lands v0.12.8, tar.gz v0.12.9, S3/MinIO/Azure/GCS
- * objectStore v0.12.11).
+ * that exposes the contract: local fs (the default), tar / tar.gz
+ * folding, and S3 / MinIO / Azure / GCS objectStore adapters.
  *
  * The adapter contract (small surface; an `fs` implementation is the
  * default + ships in `lib/backup/_adapter-fs.js`):

package/lib/cose.js

@@ -41,9 +41,10 @@
  *   2) listing a header label the verifier does not understand is
  *   refused (RFC 9052 §3.1) — a crit-bypass defense.
  *
- *   v1 ships COSE_Sign1 (single-signer) with an attached payload.
- *   Detached payload, COSE_Sign (multi-signer), COSE_Mac0, and
- *   COSE_Encrypt are deferred-with-condition (operator demand).
+ *   Ships COSE_Sign1 (single-signer, attached payload), COSE_Mac0, and
+ *   COSE_Encrypt0 (single-recipient AEAD). Detached payload, COSE_Sign
+ *   (multi-signer), and COSE_Encrypt (multi-recipient) are
+ *   deferred-with-condition (operator demand).
  *
  * @card
  *   COSE_Sign1 sign / verify (RFC 9052) over the in-tree CBOR codec —

package/lib/mail-server-jmap.js

@@ -95,17 +95,17 @@
  *     - `urn:ietf:params:jmap:error:accountNotFound`
  *     - `urn:ietf:params:jmap:error:serverFail` (opaque last-resort)
  *
+ *   ## Beyond Core + Mail, this also ships
+ *
+ *   - **Push channel (RFC 8887)** — `eventSourceHandler` (SSE) and
+ *     `webSocketHandler` (WebSocket, with `StateChange` push).
+ *   - **Blob upload/download (RFC 8620 §6)** — `uploadHandler` /
+ *     `downloadHandler`, routing uploads through the guard-* family.
+ *   - **EmailSubmission/set (RFC 8621 §7.5)** — `emailSubmissionSetHandler`,
+ *     composing `b.mail.send.deliver`.
+ *
  *   ## What v1 does NOT ship
  *
- *   - **Push channel (SSE + WebSocket per RFC 8887)** — operator wires
- *     `b.sse` or `b.websocket` to the `pushSubscribe` hook. v1.5
- *     bundles a turnkey push handler.
- *   - **Blob upload/download endpoints** — operator wires their own
- *     `/jmap/upload` / `/jmap/download` handlers; the framework
- *     supplies `b.storage` + `b.objectStore` + the guard-* family
- *     for the actual upload path.
- *   - **EmailSubmission (RFC 8621 §7)** — operator wires the bridge
- *     to `b.mail.server.submission`'s outbound agent.
  *   - **Calendars / Contacts (RFC 9610)**, **Sieve (RFC 9404)**,
  *     **MDN (RFC 9007)** — opt-in capabilities.
  *

package/lib/mail-server-submission.js

@@ -79,11 +79,12 @@
  *
  *   - **DKIM signing pre-relay** — operator wires `b.mail.dkim.sign`
  *     in their outbound agent.
- *   - **CHUNKING (BDAT) extension** — RFC 3030 BDAT not yet
- *     supported on submission; clients use DATA instead.
  *   - **Per-actor outbound quota** — operator implements via
  *     `b.dailyByteQuota` against the authenticated actor.
  *
+ *   (CHUNKING / BDAT, RFC 3030, IS supported — advertised in EHLO and
+ *   handled alongside DATA.)
+ *
  *   ## Composition contract
  *
  *   Every gate is a primitive that already exists. Submission listener

package/lib/mdoc.js

@@ -30,22 +30,22 @@
  *   <code>opts.trustAnchorsPem</code> additionally verifies the issuer
  *   certificate chain and its validity at the asserted time.
  *
- *   <strong>Scope.</strong> This is issuer-data authentication
- *   (ISO 18013-5 §9.1.2.4) — the data is genuine and issuer-signed. The
- *   mdoc <em>device authentication</em> half (DeviceSigned / the
- *   SessionTranscript-bound holder-binding proof, §9.1.3) is deferred:
- *   it needs the live session transcript a verifier negotiates, so it is
- *   a presentation-protocol concern rather than a credential check.
- *   Composes <code>b.cose</code> + <code>b.cbor</code>; no new runtime
- *   dependency. Distinct from W3C VCDM (<code>b.vc</code>) and IETF
- *   SD-JWT VC (<code>b.auth.sdJwtVc</code>) — the three credential
- *   ecosystems.
+ *   <strong>Scope.</strong> Two halves are verified: issuer-data
+ *   authentication (ISO 18013-5 §9.1.2.4 — the data is genuine and
+ *   issuer-signed, via <code>verifyIssuerSigned</code>) and mdoc device
+ *   authentication (§9.1.3 — holder binding over the verifier's
+ *   <code>SessionTranscript</code>, via <code>verifyDeviceAuth</code>).
+ *   Device auth covers the COSE_Sign1 signature variant; the COSE_Mac0
+ *   (deviceMac) variant is refused rather than mis-verified. Composes
+ *   <code>b.cose</code> + <code>b.cbor</code>; no new runtime dependency.
+ *   Distinct from W3C VCDM (<code>b.vc</code>) and IETF SD-JWT VC
+ *   (<code>b.auth.sdJwtVc</code>) — the three credential ecosystems.
  *
  * @card
- *   ISO 18013-5 mdoc / mDL issuer-data verification — checks the
- *   COSE_Sign1 IssuerAuth, the MSO validity window, and every disclosed
- *   element's digest against the Mobile Security Object. Composes
- *   b.cose + b.cbor; device-auth holder-binding deferred.
+ *   ISO 18013-5 mdoc / mDL verification — issuer-data (COSE_Sign1
+ *   IssuerAuth, MSO validity window, disclosed-element digests) plus
+ *   device-auth holder binding (§9.1.3 signature variant over the session
+ *   transcript). Composes b.cose + b.cbor.
  */
 
 var nodeCrypto = require("node:crypto");

package/lib/network-dnssec.js

@@ -30,16 +30,18 @@
  *   <code>dnssec/uncanonicalizable-type</code> rather than mis-validated
  *   — the security-critical DNSKEY / DS and the name-free address /
  *   text types (A, AAAA, TXT, …) are fully supported. The recursive
- *   chain-walk (root → TLD → zone), NSEC / NSEC3 denial-of-existence,
- *   and the IANA root trust-anchor bundle are deferred: these primitives
- *   are the per-RRset building blocks a chain-walker composes.
+ *   chain-walk (root → TLD → zone via <code>verifyChain</code> against the
+ *   bundled IANA root trust anchors) and NSEC / NSEC3 denial-of-existence
+ *   (<code>verifyDenial</code> / <code>nsec3Hash</code>) ship alongside the
+ *   per-RRset verification core.
  *
  * @card
- *   Local DNSSEC verification (RFC 4035) — verify an RRSIG over a
- *   canonicalised RRset against a DNSKEY (RSA / ECDSA P-256·P-384 /
- *   Ed25519), plus DS-digest + key-tag. Don't trust the upstream AD bit;
- *   verify the signature. Name-bearing RR types are refused, not
- *   mis-validated; chain-walk + NSEC3 deferred.
+ *   Local DNSSEC verification (RFC 4035 / 4034 / 5155) — verify an RRSIG
+ *   over a canonicalised RRset against a DNSKEY (RSA / ECDSA P-256·P-384 /
+ *   Ed25519) + DS-digest + key-tag, walk the root→zone chain to the IANA
+ *   trust anchors, and check NSEC / NSEC3 denial of existence. Don't trust
+ *   the upstream AD bit; verify the signature. Name-bearing RR types are
+ *   refused, not mis-validated.
  */
 
 var nodeCrypto = require("node:crypto");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@blamejs/core",
-  "version": "0.13.5",
+  "version": "0.13.7",
   "description": "The Node framework that owns its stack.",
   "license": "Apache-2.0",
   "author": "blamejs contributors",

package/sbom.cdx.json

@@ -2,10 +2,10 @@
   "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json",
   "bomFormat": "CycloneDX",
   "specVersion": "1.5",
-  "serialNumber": "urn:uuid:6a334753-7eb6-4d7f-8dbb-f70506773504",
+  "serialNumber": "urn:uuid:22a52afe-2217-4e18-a7a1-15e6a137ec0c",
   "version": 1,
   "metadata": {
-    "timestamp": "2026-05-27T02:26:01.865Z",
+    "timestamp": "2026-05-27T04:39:38.785Z",
     "lifecycles": [
       {
         "phase": "build"
@@ -19,14 +19,14 @@
       }
     ],
     "component": {
-      "bom-ref": "@blamejs/core@0.13.5",
+      "bom-ref": "@blamejs/core@0.13.7",
       "type": "application",
       "name": "blamejs",
-      "version": "0.13.5",
+      "version": "0.13.7",
       "scope": "required",
       "author": "blamejs contributors",
       "description": "The Node framework that owns its stack.",
-      "purl": "pkg:npm/%40blamejs/core@0.13.5",
+      "purl": "pkg:npm/%40blamejs/core@0.13.7",
       "properties": [],
       "externalReferences": [
         {
@@ -54,7 +54,7 @@
   "components": [],
   "dependencies": [
     {
-      "ref": "@blamejs/core@0.13.5",
+      "ref": "@blamejs/core@0.13.7",
       "dependsOn": []
     }
   ]