@blamejs/core 0.14.0 → 0.14.2

package/CHANGELOG.md

@@ -8,6 +8,10 @@ upgrading across more than a few patches at a time.
 
 ## v0.14.x
 
+- v0.14.2 (2026-05-29) — **Internal lint hygiene: the byte-literal check now flags only genuine byte-scale arithmetic, with no API or behavior changes.** A no-behavior-change cleanup of the source tree's internal lint markers. The byte-literal lint previously flagged every integer that was a multiple of 8 — which is most numbers — so the source carried a large number of suppression comments on values that were not byte sizes at all (status codes, counts, lengths, radixes, opcodes). The lint now flags only 1024-scale byte arithmetic (the case the C.BYTES.kib/mib/gib helpers exist to replace), and the now-unnecessary suppression comments have been removed while keeping their explanatory text. Several lint-suppression markers that named a check that does not exist were also corrected. None of this changes any API, wire format, or runtime behavior. **Changed:** *Source-tree lint markers cleaned up* — The internal byte-literal lint was tightened to flag only genuine byte-scale (`* 1024`) arithmetic, and the suppression comments it previously required on non-byte integers were removed (their explanatory text is retained as plain comments). A handful of suppression markers that referenced a non-existent check were pointed at the correct one or removed. This is source-comment hygiene only — there is no change to any exported API, error code, wire format, or runtime behavior.
+
+- v0.14.1 (2026-05-29) — **Correctness fixes: JAR request-object typ enforcement, byte-faithful PGP multipart/signed, and SAML InResponseTo binding.** A set of correctness fixes across the auth, mail-crypto, TLS, and encoder surfaces. The most important: JWT-secured authorization requests (RFC 9101) now require the request object to carry the registered `oauth-authz-req+jwt` typ, closing a cross-JWT-confusion vector; the PGP multipart/signed wrapper is now assembled byte-faithfully so non-ASCII signed content can't be corrupted; and SAML response verification now returns the InResponseTo of the SubjectConfirmation that actually validated. Two of these change behavior — see Changed — and are bug fixes rather than new features. **Changed:** *JAR parsing rejects untyped request objects (breaking)* — Following the typ enforcement above, a request object whose header omits `typ` is now refused. An authorization server whose clients sign request objects without the `oauth-authz-req+jwt` typ must update those clients to set it. · *PGP sign() returns multipartSigned as a Buffer (breaking)* — `b.mail.crypto.pgp.sign(...).multipartSigned` is now a Buffer instead of a string. The OpenPGP signature covers the signed-part bytes exactly, and a JS-string round trip through latin1/utf8 could corrupt non-ASCII signed content and break verification, so the RFC 3156 multipart/signed wrapper is now assembled as bytes. Code that wrote the previous string to the wire works unchanged when it writes the Buffer; code that did string operations on the value should treat it as a Buffer (its `indexOf` / `toString` still work). **Fixed:** *SAML response verification binds InResponseTo to the validated confirmation* — `verifyResponse` returned the InResponseTo of the first SubjectConfirmationData in the assertion rather than of the SubjectConfirmation that actually passed bearer validation. When a response carried more than one SubjectConfirmation, the returned value could come from a non-validated confirmation. It is now the InResponseTo of the confirmation that validated. · *checkServerIdentity9525 emits the documented CN-fallback audit code* — A CN-only legacy certificate (a Common Name present, no subjectAltName) is now refused by the exported `b.network.tls.checkServerIdentity9525` with the distinct `tls/pkix-cn-fallback-refused` code its documentation promised, so audit logs can tell a CN-only certificate apart from one carrying neither a SAN nor a CN (which still yields `tls/pkix-san-required`). The accept/refuse outcome is unchanged — both are refused; only the audit granularity improved. · *OIDC back-channel logout / JARM no longer accept dead override parameters* — `verifyBackchannelLogoutToken` and `parseJarmResponse` passed `acceptedAlgs` / `jwksUri` / `maxClockSkewMs` through to the ID-token verifier, which ignored them and applied the configured (create()-time) values. The pass-throughs are removed so the code no longer reads as if those can be overridden per call; the configured trust anchor was — and remains — what applies. · *Queue lease failures are logged* — The consumer loop's lease-acquisition error path swallowed the backend error silently; it now logs at debug so a flapping backend that has not yet tripped the circuit breaker is visible. · *Protobuf and ASN.1 encoders reject out-of-range tags* — The protobuf tag encoder rejected nothing and would have emitted a wrong tag for field numbers at or above 2^28 (where the 32-bit shift overflows); the ASN.1 context-tag writers silently truncated tag numbers above 30 (which require the multi-byte high-tag-number form). Both now throw a RangeError rather than encode silently-wrong output. The values these encoders serve are well within range, so no current caller is affected. · *oid4vci proofAlgorithms default documented accurately* — The documented default proof-algorithm list now matches the code (`["ES256", "ES384", "EdDSA"]`); the doc previously omitted EdDSA, which the runtime has always accepted by default. **Security:** *JAR request objects must carry the registered typ (RFC 9101)* — `b.auth.jar.parse` now requires the request-object JWS header to carry `typ: "oauth-authz-req+jwt"` (with or without the `application/` prefix); a request object with an absent or different typ is refused with `auth-jar/bad-typ`. RFC 9101 §10.8 specifies this media type precisely to stop a JWT minted for another purpose (an ID token, an access token, a logout token) and signed by the same client key from being replayed as a request object. The existing `iss` / `aud` / `client_id` bindings already constrained that; this restores the explicit type check as well. This is stricter than before — see Changed.
+
 - v0.14.0 (2026-05-29) — **Operator-configurable header and field names across SSE, request-id, rate-limit, age-gate, AI-Act disclosure, GraphQL federation, and the HTTP cache.** This release makes operator-facing identifiers that were hardcoded configurable. The framework already let operators rename most names (CSRF cookie/field, cookie parser, i18n header/query/cookie, mTLS CA name, and so on); this closes the remaining gaps so a custom or framework-specific name is never frozen. Every new option defaults to the value emitted today, so upgrading changes no behavior — these are additive knobs. It also fixes a request-id asymmetry (the response header is now written on the same name the inbound id is read from) and wires an SSE proxy-buffering option whose escape hatch was documented but never implemented. **Added:** *Configurable cache-status header on the HTTP client* — The outbound HTTP client annotated every cached response with a hardcoded `x-blamejs-cache: HIT|MISS|STALE|REVALIDATED` header. `b.httpClient.cache.create` now takes `statusHeader` (default "x-blamejs-cache") — pass a custom name (e.g. "x-cache") to rename it, or null/false to suppress it entirely. The decision remains available programmatically on `res.cacheStatus`. · *Configurable rate-limit header names* — `b.middleware.rateLimit` emitted the de-facto `X-RateLimit-Limit` / `X-RateLimit-Remaining` headers (which are not RFC-pinned). It now accepts `headerPrefix` (default "X-RateLimit-") so operators can match the unprefixed IETF-draft `RateLimit-*` names or an upstream gateway's convention; the limit/remaining pair is always built from the same prefix. · *Configurable age-gate and AI-Act disclosure header names* — `b.middleware.ageGate` now takes `privacyPostureHeader` (default "X-Privacy-Posture"; null/false to suppress), and `b.middleware.aiActDisclosure` takes `headerPrefix` (default "AI-Act-") that prefixes the emitted Notice / Article / Policy headers. The EU AI Act mandates the disclosure, not the HTTP spelling, so operators matching a downstream convention can rename these. · *Configurable GraphQL-federation replay-nonce header* — `b.graphqlFederation.guardSdl` read the replay nonce from the Apollo-vendor `x-apollographql-router-nonce` header with no override. It now accepts `nonceHeader` (default unchanged) so an operator fronting the gateway with a non-Apollo router can point the replay check at their own header. · *SSE proxy-buffering opt-out* — `b.sse.create` and `b.middleware.sse` set `X-Accel-Buffering: no` (the nginx hint that disables proxy buffering). They now accept `proxyBuffer` (default true) — pass false when not behind nginx, or when buffering is controlled at the load balancer, to suppress the nginx-specific header. The opt-out was previously referenced in the documentation but not implemented. **Fixed:** *Request-id middleware reflects the configured header name* — `b.log.middleware` read the inbound request id from a configurable `headerName` but always wrote the response on the literal `X-Request-Id`. An operator who set a custom `headerName` (e.g. `X-Correlation-Id`) therefore read from one header and emitted another. The response is now written on the same configured name; the default remains `X-Request-Id`, so deployments that did not set `headerName` are unaffected.
 
 ## v0.13.x

package/lib/_test/crypto-fixtures.js

@@ -47,15 +47,15 @@ function mintLegacyEnvelope0xE1(plaintext, recipient) {
   var nonce = bCrypto.generateBytes(C.BYTES.bytes(24));
   // Legacy 0xE1 envelope header — 4 bytes: magic, kemId, cipherId, kdfId.
   var headerAad = Buffer.from([
-    0xE1,                                                                                            // allow:raw-byte-literal — legacy 0xE1 envelope magic byte
+    0xE1,                                                                                            // legacy 0xE1 envelope magic byte
     C.KEM_IDS.ML_KEM_1024_P384,
     C.CIPHER_IDS.XCHACHA20_POLY1305,
     C.KDF_IDS.SHAKE256,
   ]);
   var ct = xchacha20poly1305(key, nonce, headerAad).encrypt(Buffer.from(plaintext, "utf8"));
-  var kemCtLen = Buffer.alloc(2); kemCtLen.writeUInt16BE(kem.ciphertext.length);                     // allow:raw-byte-literal — 16-bit length-prefix field
+  var kemCtLen = Buffer.alloc(2); kemCtLen.writeUInt16BE(kem.ciphertext.length);                     // 16-bit length-prefix field
   var ecEphDer = ephEc.publicKey;
-  var ecEphLen = Buffer.alloc(2); ecEphLen.writeUInt16BE(ecEphDer.length);                           // allow:raw-byte-literal — 16-bit length-prefix field
+  var ecEphLen = Buffer.alloc(2); ecEphLen.writeUInt16BE(ecEphDer.length);                           // 16-bit length-prefix field
   return Buffer.concat([
     headerAad,
     kemCtLen, kem.ciphertext, ecEphLen, ecEphDer, nonce, Buffer.from(ct),

package/lib/a2a-tasks.js

@@ -80,7 +80,7 @@ var TASK_ID_RE = /^[A-Za-z0-9_-]{1,64}$/;
 // Same identifier shape as MCP tool-name; consolidating would couple
 // MCP + A2A protocol identifiers into a single primitive.
 var SKILL_NAME_RE = /^[a-zA-Z][a-zA-Z0-9._-]{0,63}$/;   // allow:duplicate-regex — RFC-3986-unreserved identifier shape, shared across mcp.js + mcp-tool-registry.js
-// allow:raw-byte-literal — RFC-3986-unreserved identifier shape (length cap inside regex), not a byte count
+// RFC-3986-unreserved identifier shape (length cap inside regex), not a byte count
 
 function _emitAudit(action, metadata, outcome) {
   try {
@@ -99,7 +99,7 @@ var bCrypto = lazyRequire(function () { return require("./crypto"); });
 // satisfies the framework's unused-var policy so the helper stays
 // available without an explicit disable directive.
 function _newTaskId() {
-  return bCrypto().generateToken(12);                                                               // allow:raw-byte-literal — 96-bit task id, not byte arithmetic on payload
+  return bCrypto().generateToken(12);                                                               // 96-bit task id, not byte arithmetic on payload
 }
 
 function _validateTaskShape(task, where) {
@@ -108,7 +108,7 @@ function _validateTaskShape(task, where) {
       where + ": task must be a non-null object", true);
   }
   validateOpts.requireNonEmptyString(task.skill, where + ".skill", A2aTasksError, "a2a-tasks/bad-skill");
-  if (task.skill.length > 64 || !SKILL_NAME_RE.test(task.skill)) {                                // allow:raw-byte-literal — A2A skill-name length cap, not byte count
+  if (task.skill.length > 64 || !SKILL_NAME_RE.test(task.skill)) {                                // A2A skill-name length cap, not byte count
 
     throw new A2aTasksError("a2a-tasks/bad-skill",
       where + ".skill '" + task.skill + "' must match " + SKILL_NAME_RE);
@@ -196,7 +196,7 @@ async function get(opts) {
   }
   validateOpts.requireNonEmptyString(opts.peerUrl, "tasks.get.peerUrl", A2aTasksError, "a2a-tasks/bad-peer-url");
   validateOpts.requireNonEmptyString(opts.taskId, "tasks.get.taskId", A2aTasksError, "a2a-tasks/bad-task-id");
-  if (opts.taskId.length > 64 || !TASK_ID_RE.test(opts.taskId)) {                                  // allow:raw-byte-literal — A2A task-id length cap, not byte count
+  if (opts.taskId.length > 64 || !TASK_ID_RE.test(opts.taskId)) {                                  // A2A task-id length cap, not byte count
     throw new A2aTasksError("a2a-tasks/bad-task-id",
       "tasks.get: taskId must match " + TASK_ID_RE);
   }
@@ -239,7 +239,7 @@ async function cancel(opts) {
   }
   validateOpts.requireNonEmptyString(opts.peerUrl, "tasks.cancel.peerUrl", A2aTasksError, "a2a-tasks/bad-peer-url");
   validateOpts.requireNonEmptyString(opts.taskId, "tasks.cancel.taskId", A2aTasksError, "a2a-tasks/bad-task-id");
-  if (opts.taskId.length > 64 || !TASK_ID_RE.test(opts.taskId)) {                                  // allow:raw-byte-literal — A2A task-id length cap, not byte count
+  if (opts.taskId.length > 64 || !TASK_ID_RE.test(opts.taskId)) {                                  // A2A task-id length cap, not byte count
     throw new A2aTasksError("a2a-tasks/bad-task-id",
       "tasks.cancel: taskId must match " + TASK_ID_RE);
   }
@@ -280,7 +280,7 @@ async function _jsonRpc(url, method, params, opts) {
     throw new A2aTasksError("a2a-tasks/transport",
       "tasks." + method.split("/")[1] + ": transport error: " + (transportErr.message || transportErr));
   }
-  if (rsp.statusCode < 200 || rsp.statusCode >= 300) {                                             // allow:raw-byte-literal — HTTP status class boundaries
+  if (rsp.statusCode < 200 || rsp.statusCode >= 300) {                                             // HTTP status class boundaries
     if (opts.audit) {
       _emitAudit("a2a.tasks.http_error",
         { method: method, url: url, statusCode: rsp.statusCode, elapsedMs: Date.now() - startMs },
@@ -395,7 +395,7 @@ function middlewareTasks(opts) {
 
   return function a2aTasksMiddleware(req, res) {
     if ((req.method || "").toUpperCase() !== "POST") {
-      res.statusCode = 405;                                                                        // allow:raw-byte-literal — HTTP 405 Method Not Allowed
+      res.statusCode = 405;                                                                        // HTTP 405 Method Not Allowed
       res.setHeader("Content-Type", "application/json");
       res.setHeader("Allow", "POST");
       res.end(JSON.stringify(_jsonRpcError(null, JSONRPC_INVALID_REQUEST, "method must be POST")));
@@ -403,7 +403,7 @@ function middlewareTasks(opts) {
     }
     var ctype = (req.headers && (req.headers["content-type"] || req.headers["Content-Type"])) || "";
     if (typeof ctype === "string" && ctype.indexOf("application/json") !== 0 && ctype.indexOf("application/json") === -1) {
-      res.statusCode = 415;                                                                        // allow:raw-byte-literal — HTTP 415 Unsupported Media Type
+      res.statusCode = 415;                                                                        // HTTP 415 Unsupported Media Type
       res.setHeader("Content-Type", "application/json");
       res.end(JSON.stringify(_jsonRpcError(null, JSONRPC_INVALID_REQUEST, "Content-Type must be application/json")));
       return;
@@ -414,14 +414,14 @@ function middlewareTasks(opts) {
       try {
         body = safeJson.parse(rawBytes.toString("utf8"), { maxBytes: maxBytes });
       } catch (_parseErr) {
-        res.statusCode = 400;                                                                      // allow:raw-byte-literal — HTTP 400 Bad Request
+        res.statusCode = 400;                                                                      // HTTP 400 Bad Request
         res.setHeader("Content-Type", "application/json");
         res.end(JSON.stringify(_jsonRpcError(null, JSONRPC_PARSE_ERROR, "invalid JSON body")));
         return;
       }
       if (!body || typeof body !== "object" || body.jsonrpc !== JSONRPC_VERSION ||
           typeof body.method !== "string") {
-        res.statusCode = 400;                                                                      // allow:raw-byte-literal — HTTP 400 Bad Request
+        res.statusCode = 400;                                                                      // HTTP 400 Bad Request
         res.setHeader("Content-Type", "application/json");
         res.end(JSON.stringify(_jsonRpcError(body && body.id, JSONRPC_INVALID_REQUEST,
           "expected JSON-RPC 2.0 envelope { jsonrpc, id?, method, params? }")));
@@ -429,7 +429,7 @@ function middlewareTasks(opts) {
       }
       var reqId = body.id !== undefined ? body.id : null;
       if (ALLOWED_METHODS.indexOf(body.method) === -1) {
-        res.statusCode = 200;                                                                      // allow:raw-byte-literal — JSON-RPC errors return 200 with error envelope
+        res.statusCode = 200;                                                                      // JSON-RPC errors return 200 with error envelope
         res.setHeader("Content-Type", "application/json");
         res.end(JSON.stringify(_jsonRpcError(reqId, JSONRPC_METHOD_NOT_FOUND,
           "method '" + body.method + "' not in [" + ALLOWED_METHODS.join(", ") + "]")));
@@ -440,7 +440,7 @@ function middlewareTasks(opts) {
       // Scope enforcement for tasks/send (task references a skill).
       if (body.method === "tasks/send" && scopes) {
         if (!params.task || typeof params.task !== "object" || typeof params.task.skill !== "string") {
-          res.statusCode = 200;                                                                    // allow:raw-byte-literal — JSON-RPC error envelope returns 200
+          res.statusCode = 200;                                                                    // JSON-RPC error envelope returns 200
           res.setHeader("Content-Type", "application/json");
           res.end(JSON.stringify(_jsonRpcError(reqId, JSONRPC_INVALID_PARAMS,
             "tasks/send: params.task.skill required")));
@@ -454,7 +454,7 @@ function middlewareTasks(opts) {
               _emitAudit("a2a.tasks.scope_denied",
                 { skill: params.task.skill, requiredScope: requiredScope }, "denied");
             }
-            res.statusCode = 200;                                                                  // allow:raw-byte-literal — JSON-RPC error envelope returns 200
+            res.statusCode = 200;                                                                  // JSON-RPC error envelope returns 200
             res.setHeader("Content-Type", "application/json");
             res.end(JSON.stringify(_jsonRpcError(reqId, A2A_SCOPE_DENIED,
               "scope '" + requiredScope + "' required for skill '" + params.task.skill + "'")));
@@ -476,7 +476,7 @@ function middlewareTasks(opts) {
             _emitAudit("a2a.tasks.handled",
               { method: body.method, skill: params.task && params.task.skill, taskId: params.taskId });
           }
-          res.statusCode = 200;                                                                    // allow:raw-byte-literal — JSON-RPC 200 with result envelope
+          res.statusCode = 200;                                                                    // JSON-RPC 200 with result envelope
           res.setHeader("Content-Type", "application/json");
           res.end(JSON.stringify({
             jsonrpc: JSONRPC_VERSION,
@@ -491,12 +491,12 @@ function middlewareTasks(opts) {
             _emitAudit("a2a.tasks.handler_error",
               { method: body.method, errorMessage: msg, errorCode: code }, "warning");
           }
-          res.statusCode = 200;                                                                    // allow:raw-byte-literal — JSON-RPC error envelope returns 200
+          res.statusCode = 200;                                                                    // JSON-RPC error envelope returns 200
           res.setHeader("Content-Type", "application/json");
           res.end(JSON.stringify(_jsonRpcError(reqId, code, msg)));
         });
     }).catch(function (readErr) {
-      res.statusCode = 400;                                                                        // allow:raw-byte-literal — HTTP 400 Bad Request
+      res.statusCode = 400;                                                                        // HTTP 400 Bad Request
       res.setHeader("Content-Type", "application/json");
       res.end(JSON.stringify(_jsonRpcError(null, JSONRPC_PARSE_ERROR,
         "could not read request body: " + (readErr.message || readErr))));
@@ -573,12 +573,12 @@ function middlewareAgentCard(opts) {
   var cardJson = JSON.stringify(opts.card);
   return function a2aAgentCardMiddleware(req, res) {
     if ((req.method || "").toUpperCase() !== "GET") {
-      res.statusCode = 405;                                                                        // allow:raw-byte-literal — HTTP 405 Method Not Allowed
+      res.statusCode = 405;                                                                        // HTTP 405 Method Not Allowed
       res.setHeader("Allow", "GET");
       res.end();
       return;
     }
-    res.statusCode = 200;                                                                          // allow:raw-byte-literal — HTTP 200 OK
+    res.statusCode = 200;                                                                          // HTTP 200 OK
     res.setHeader("Content-Type", "application/json");
     res.setHeader("Cache-Control", "public, max-age=" + maxAgeSec);
     res.end(cardJson);

package/lib/a2a.js

@@ -39,10 +39,10 @@ var audit = require("./audit");
 var { A2aError } = require("./framework-error");
 
 var REQUIRED_CARD_FIELDS = ["issuer", "agentId", "capabilities", "version"];
-var ID_MAX     = 256;                                                                       // allow:raw-byte-literal — string-length cap, not bytes
-var SEMVER_MAX = 64;                                                                        // allow:raw-byte-literal — string-length cap, not bytes
-var CAP_NAME_MAX = 128;                                                                     // allow:raw-byte-literal — string-length cap, not bytes
-var SHAKE256_BYTES = 64;                                                                    // allow:raw-byte-literal — SHA3-512 output is 64 bytes (FIPS 202)
+var ID_MAX     = 256;                                                                       // string-length cap, not bytes
+var SEMVER_MAX = 64;                                                                        // string-length cap, not bytes
+var CAP_NAME_MAX = 128;                                                                     // string-length cap, not bytes
+var SHAKE256_BYTES = 64;                                                                    // SHA3-512 output is 64 bytes (FIPS 202)
 var ID_RE     = /^[a-zA-Z0-9._:/-]{1,256}$/;
 var SEMVER_RE = /^[0-9]+\.[0-9]+(?:\.[0-9]+)?(?:-[A-Za-z0-9.-]+)?$/;
 

package/lib/acme.js

@@ -138,7 +138,7 @@ function _signJws(privateKey, protectedHeader, payload) {
   // ECDSA from node:crypto returns DER-encoded (r,s); RFC 7515 requires
   // raw concatenation of r||s, each padded to the curve byte size (32
   // for P-256).
-  var rawSig = _ecdsaDerToRaw(derSig, 32);                                       // allow:raw-byte-literal — RFC 7518 §3.4 ES256 signature half-length (P-256 byte size)
+  var rawSig = _ecdsaDerToRaw(derSig, 32);                                       // RFC 7518 §3.4 ES256 signature half-length (P-256 byte size)
   return {
     protected: protB64,
     payload:   payloadB64,
@@ -1432,8 +1432,8 @@ function _base32lc(buf) {
   var bits = 0;
   var value = 0;
   for (var i = 0; i < buf.length; i += 1) {
-    value = (value << 8) | buf[i];   // allow:raw-byte-literal — bit-shift count, byte boundary
-    bits += 8;                       // allow:raw-byte-literal — bits-per-byte constant
+    value = (value << 8) | buf[i];   // bit-shift count, byte boundary
+    bits += 8;                       // bits-per-byte constant
     while (bits >= 5) {
       out += alphabet[(value >>> (bits - 5)) & 31];
       bits -= 5;

package/lib/agent-idempotency.js

@@ -430,7 +430,7 @@ function _actorIdHash(actorId) {
 
 function _truncHash(hash) {
   if (typeof hash !== "string") return "";
-  return hash.slice(0, 16);                                                                            // allow:raw-byte-literal — audit-log truncation length, not a size cap
+  return hash.slice(0, 16);                                                                            // audit-log truncation length, not a size cap
 }
 
 function _fingerprintArgs(args) {

package/lib/agent-orchestrator.js

@@ -117,7 +117,7 @@ function _unsealRegistryRow(row) {
 }
 
 var DEFAULT_DRAIN_TIMEOUT_MS = C.TIME.minutes(2);
-var STREAM_ID_RAND_BYTES     = 8;                                                                     // allow:raw-byte-literal — stream-id random-suffix byte length, not a size cap
+var STREAM_ID_RAND_BYTES     = 8;                                                                     // stream-id random-suffix byte length, not a size cap
 var DEFAULT_PER_CONSUMER_STOP_MS = C.TIME.seconds(5);
 // SUBSTRATE-20 — FNV-1a offset basis salted with the first 32 bits of
 // SHA3-512(vault master). Attackers who don't have read access to the
@@ -428,7 +428,7 @@ function _spawnConsumers(ctx, args) {
       "spawnConsumers: queue with .consume() required");
   }
   var shards = typeof args.shards === "number" ? args.shards : 1;
-  if (!Number.isInteger(shards) || shards < 1 || shards > 256) {                                      // allow:raw-byte-literal — shard cap
+  if (!Number.isInteger(shards) || shards < 1 || shards > 256) {                                      // shard cap
     throw new AgentOrchestratorError("agent-orchestrator/bad-shard-count",
       "spawnConsumers: shards must be an integer in 1..256");
   }
@@ -508,21 +508,21 @@ function _saltedFnvBasis() {
   var v;
   try { v = vault(); } catch (_e) { v = null; }
   if (!v || typeof v.getKeysJson !== "function") {
-    _saltedFnvBasisCache = 2166136261;                                                                  // allow:raw-byte-literal — FNV-1a offset basis (vault-less fallback)
+    _saltedFnvBasisCache = 2166136261;                                                                  // FNV-1a offset basis (vault-less fallback)
     return _saltedFnvBasisCache;
   }
   var keysJson;
   try { keysJson = v.getKeysJson(); }
   catch (_e) {
-    _saltedFnvBasisCache = 2166136261;                                                                  // allow:raw-byte-literal — FNV-1a offset basis (vault-init-pending fallback)
+    _saltedFnvBasisCache = 2166136261;                                                                  // FNV-1a offset basis (vault-init-pending fallback)
     return _saltedFnvBasisCache;
   }
   var hashHex = bCrypto.sha3Hash(keysJson);
   // Read the first 32 bits as the salt; mix into the offset basis via
   // XOR so the distribution properties of FNV are preserved.
-  var saltBuf = Buffer.from(hashHex.slice(0, 8), "hex");                                                // allow:raw-byte-literal — 32-bit prefix of SHA3-512 hex (4 bytes = 8 hex chars)
+  var saltBuf = Buffer.from(hashHex.slice(0, 8), "hex");                                                // 32-bit prefix of SHA3-512 hex (4 bytes = 8 hex chars)
   var salt = saltBuf.readUInt32BE(0);
-  _saltedFnvBasisCache = ((2166136261 ^ salt) >>> 0);                                                   // allow:raw-byte-literal — FNV-1a offset basis (vault-salted)
+  _saltedFnvBasisCache = ((2166136261 ^ salt) >>> 0);                                                   // FNV-1a offset basis (vault-salted)
   return _saltedFnvBasisCache;
 }
 
@@ -535,7 +535,7 @@ function shardFor(shardKey, shards) {
   var h = _saltedFnvBasis();
   for (var i = 0; i < shardKey.length; i += 1) {
     h ^= shardKey.charCodeAt(i);
-    h = (h * 16777619) >>> 0;                                                                         // allow:raw-byte-literal — FNV-1a prime
+    h = (h * 16777619) >>> 0;                                                                         // FNV-1a prime
   }
   return h % shards;
 }
@@ -710,7 +710,7 @@ async function _quiesceInFlight(ctx, startedAt, timeoutMs) {
     }
     if (!anyInFlight) return true;
     await new Promise(function (r) {
-      var t = setTimeout(r, 50);                                                                       // allow:raw-byte-literal — 50ms in-flight poll interval
+      var t = setTimeout(r, 50);                                                                       // 50ms in-flight poll interval
       if (t && typeof t.unref === "function") t.unref();
     });
   }

package/lib/agent-posture-chain.js

@@ -72,12 +72,12 @@ var BUILTIN_REGIMES = Object.freeze(["hipaa", "pci-dss", "gdpr", "soc2"]);
 // SHAPE, not authenticity). Defense is a keyed MAC over the canonical
 // envelope bytes, computed at appendHop and verified at validate.
 var ENVELOPE_MAC_LABEL = "blamejs.agent.postureChain/v1";
-var ENVELOPE_MAC_KEY_BYTES = 32;                                                                        // allow:raw-byte-literal — HMAC-SHA3-512 keyed bytes
+var ENVELOPE_MAC_KEY_BYTES = 32;                                                                        // HMAC-SHA3-512 keyed bytes
 // SUBSTRATE-21 — hop count cap defends infinite recursion across
 // agent delegation. 16 is the spec default; operators can lower via
 // opts.maxHopCount but never raise (audit fan-out without a cap is a
 // DoS class).
-var DEFAULT_MAX_HOP_COUNT = 16;                                                                         // allow:raw-byte-literal — hop count cap
+var DEFAULT_MAX_HOP_COUNT = 16;                                                                         // hop count cap
 var _macKeyCache = null;                                                                                // memoized per-vault-master key
 
 function _resolveMacKey() {

package/lib/agent-saga.js

@@ -80,7 +80,7 @@ var audit              = lazyRequire(function () { return require("./audit"); })
 
 var AgentSagaError = defineClass("AgentSagaError", { alwaysPermanent: true });
 
-var SAGA_ID_RAND_BYTES = 8;                                                                           // allow:raw-byte-literal — saga-id random-suffix byte length
+var SAGA_ID_RAND_BYTES = 8;                                                                           // saga-id random-suffix byte length
 
 /**
  * @primitive b.agent.saga.create

package/lib/agent-snapshot.js

@@ -71,7 +71,7 @@ var DEFAULT_DRAIN_TIMEOUT_MS     = C.TIME.minutes(2);
 var DEFAULT_SNAPSHOT_INTERVAL_MS = C.TIME.minutes(5);
 var DEFAULT_MAX_SNAPSHOT_BYTES   = C.BYTES.mib(50);
 var SCHEMA_VERSION               = 1;
-var SNAPSHOT_ID_RAND_BYTES       = 8;                                                                 // allow:raw-byte-literal — snapshot-id random suffix
+var SNAPSHOT_ID_RAND_BYTES       = 8;                                                                 // snapshot-id random suffix
 
 /**
  * @primitive b.agent.snapshot.create

package/lib/agent-stream.js

@@ -66,7 +66,7 @@ var audit             = lazyRequire(function () { return require("./audit"); });
 
 var AgentStreamError = defineClass("AgentStreamError", { alwaysPermanent: true });
 
-var DEFAULT_BATCH_SIZE = 256;                                                                          // allow:raw-byte-literal — cursor batch row count, not bytes
+var DEFAULT_BATCH_SIZE = 256;                                                                          // cursor batch row count, not bytes
 
 /**
  * @primitive b.agent.stream.create

package/lib/agent-tenant.js

@@ -121,7 +121,7 @@ var TENANT_KDF_LABEL = "blamejs.agent.tenant/v1";
 // 32 bytes — XChaCha20-Poly1305 key length. Distinct from the audit
 // truncation buffer so future key-length bumps don't have to chase a
 // magic constant.
-var TENANT_KEY_BYTES = 32;                                                                              // allow:raw-byte-literal — XChaCha20-Poly1305 key length (256 bits)
+var TENANT_KEY_BYTES = 32;                                                                              // XChaCha20-Poly1305 key length (256 bits)
 
 /**
  * @primitive b.agent.tenant.create

package/lib/agent-trace.js

@@ -78,7 +78,7 @@ function _emitFirstFailureAudit(auditImpl, kind, message) {
   if (_failureAuditEmittedFor[kind]) return;
   _failureAuditEmittedFor[kind] = true;
   agentAudit.safeAudit(auditImpl, "agent.trace.tracer_failure", null, {
-    kind: kind, message: message ? String(message).slice(0, 256) : "",                                  // allow:raw-byte-literal — audit-message char cap
+    kind: kind, message: message ? String(message).slice(0, 256) : "",                                  // audit-message char cap
     rateLimited: "first-occurrence-only",
   });
 }
@@ -249,8 +249,8 @@ function _shouldSample(globalRate, perMethod, method, traceId) {
     // Use the low 32 bits of the trace-id as the sampling roll
     // (W3C-compatible). Hash modulo 1e9 → divide by 1e9 puts the
     // result in [0,1) deterministically.
-    var lo = parseInt(traceId.slice(-8), 16);                                                          // allow:raw-byte-literal — low 32 bits of trace-id hex
-    var roll = (lo >>> 0) / 0x100000000;                                                                // allow:raw-byte-literal — 2^32 normalization divisor
+    var lo = parseInt(traceId.slice(-8), 16);                                                          // low 32 bits of trace-id hex
+    var roll = (lo >>> 0) / 0x100000000;                                                                // 2^32 normalization divisor
     return roll < rate;
   }
   // No trace-id supplied — start of a new trace. Operators wire

package/lib/ai-capability.js

@@ -74,7 +74,7 @@ var REASONING_TIERS = ["none", "basic", "standard", "advanced"];
 // descriptor fields are costPer1kInputTokens / costPer1kOutputTokens).
 // Dividing a token count by this rate unit converts a per-1k rate into
 // the per-token multiplier — a rate denominator, not a byte size.
-var COST_RATE_TOKEN_UNIT = 1000;   // allow:raw-byte-literal — per-1k-token cost-rate denominator, not a byte count
+var COST_RATE_TOKEN_UNIT = 1000;   // per-1k-token cost-rate denominator, not a byte count
 
 var DESCRIPTOR_KEYS = [
   "maxContextTokens", "maxOutputTokens", "modalitiesIn", "modalitiesOut",

package/lib/ai-dp.js

@@ -73,7 +73,7 @@ var ACCOUNTINGS = ["basic", "rdp"];
 // integer-exact discrete-Gaussian sampler. 2^32 keeps the deviation
 // from the target σ² below 2^-32 — far under the noise scale — while
 // keeping the BigInt denominators bounded.
-var SIGMA2_RATIONAL_DEN = 4294967296;          // allow:raw-byte-literal — 2^32 rational-approx denominator, not a byte size
+var SIGMA2_RATIONAL_DEN = 4294967296;          // 2^32 rational-approx denominator, not a byte size
 
 // ---- Minimal exact rational (BigInt num / den, den > 0) ----
 
@@ -105,7 +105,7 @@ function _uniformBelow(m) {
   if (m <= 0n) throw new AiDpError("ai-dp/internal", "ai.dp: _uniformBelow needs m > 0");
   if (m === 1n) return 0n;
   var bits = m.toString(2).length;
-  var bytes = Math.ceil(bits / 8);                        // allow:raw-byte-literal — bits-per-byte divisor, not a size
+  var bytes = Math.ceil(bits / 8);                        // bits-per-byte divisor, not a size
   var mask = (1n << BigInt(bits)) - 1n;
   for (;;) {
     var buf = bCrypto.generateBytes(bytes);
@@ -121,7 +121,7 @@ function _uniformBelow(m) {
 // the BigInt rejection sampler (accumulating 53 bits in a JS Number
 // would overflow the 2^53 safe-integer range and skew the draw), then
 // mapped (val + 1) / 2^53 → (0, 1].
-var TWO_POW_53 = 9007199254740992;                         // allow:raw-byte-literal — 2^53 mantissa range, not a byte size
+var TWO_POW_53 = 9007199254740992;                         // 2^53 mantissa range, not a byte size
 function _uniformOpen() {
   var v = Number(_uniformBelow(9007199254740992n));        // [0, 2^53) exact
   return (v + 1) / TWO_POW_53;                             // (0, 1]
@@ -231,7 +231,7 @@ function _snappingLaplace(value, scale, bound) {
 
 // ---- Rényi-DP costs (Mironov 2017) ----
 
-var RDP_ORDERS = [1.25, 1.5, 1.75, 2, 2.5, 3, 4, 5, 6, 8, 12, 16, 24, 32, 48, 64, 128, 256];   // allow:raw-byte-literal — Rényi DP orders (α), not byte sizes
+var RDP_ORDERS = [1.25, 1.5, 1.75, 2, 2.5, 3, 4, 5, 6, 8, 12, 16, 24, 32, 48, 64, 128, 256];   // Rényi DP orders (α), not byte sizes
 
 // Gaussian mechanism with noise-to-sensitivity z = sigma / sensitivity:
 // RDP(alpha) = alpha / (2 z^2).

package/lib/ai-input.js

@@ -25,7 +25,7 @@ var numericBounds = require("./numeric-bounds");
 var audit = require("./audit");
 var { AiInputError } = require("./framework-error");
 
-var SAMPLE_TRUNC = 80;                                                                       // allow:raw-byte-literal — sample truncation length, not bytes
+var SAMPLE_TRUNC = 80;                                                                       // sample truncation length, not bytes
 var CONFIDENCE_BASE = 60;                                                                    // allow:raw-byte-literal — confidence percentage base / allow:raw-time-literal — not seconds
 
 var PATTERNS = [
@@ -44,7 +44,7 @@ var PATTERNS = [
   { id: "exfil-callback",            severity: 3, re:
     /\b(?:send|post|fetch|exfil|leak|paste|forward)\b[\s\S]{0,40}(?:secret|key|token|password|cred|env|\.ssh|private)/i },
   { id: "base64-marker-around-instructions", severity: 2, re:
-    /(?:[A-Za-z0-9+/]{40,}={0,2})\s+(?:means|decodes?\s+to|=)/i },                          // allow:raw-byte-literal — regex repetition floor, not bytes
+    /(?:[A-Za-z0-9+/]{40,}={0,2})\s+(?:means|decodes?\s+to|=)/i },                          // regex repetition floor, not bytes
   { id: "rot13-shape",               severity: 2, re:
     /\b(?:rot13|rotcipher|cipher|caesar)\s*[:=]\s*[a-zA-Z]{20,}/i },
   { id: "markdown-injection",        severity: 2, re:
@@ -138,7 +138,7 @@ function classify(input, opts) {
     else if (signals[j].severity === 2) sev2++;
   }
   var verdict = sev3 > 0 ? "malicious" : (sev2 >= 2 ? "suspicious" : "clean");
-  var confidence = sev3 === 0 && sev2 === 0 ? 0 : Math.min(100, CONFIDENCE_BASE + sev3 * 15 + sev2 * 5);                                // allow:raw-byte-literal — confidence ceiling 100, not bytes/seconds
+  var confidence = sev3 === 0 && sev2 === 0 ? 0 : Math.min(100, CONFIDENCE_BASE + sev3 * 15 + sev2 * 5);                                // confidence ceiling 100, not bytes/seconds
 
   if (auditOn && verdict !== "clean") {
     audit.safeEmit({

package/lib/ai-model-manifest.js

@@ -50,7 +50,7 @@ var VALID_DATA_TYPES = Object.freeze({
   patch: true, platform: true, "test-case": true,
 });
 var ISO8601_RE = /^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(?:\.\d+)?Z$/;                                // allow:duplicate-regex — ISO-8601 instant shape ships in three primitives (metrics text-render, content-credentials, mail-server-imap APPEND); each is bounded by its own caller and the regex itself is 50 bytes — extracting into a cross-module dep wouldn't carry its weight
-var BOM_REF_RE = /^[A-Za-z0-9._:/+-]{1,256}$/;                                                  // allow:raw-byte-literal — CycloneDX bom-ref string-length cap, not bytes
+var BOM_REF_RE = /^[A-Za-z0-9._:/+-]{1,256}$/;                                                  // CycloneDX bom-ref string-length cap, not bytes
 
 function _requireString(obj, key, ownerName) {
   if (typeof obj[key] !== "string" || obj[key].length === 0) {
@@ -67,7 +67,7 @@ function _validateModelComponent(c) {
   _requireString(c, "name", "build.model");
   _requireString(c, "version", "build.model");
   if (c["bom-ref"] !== undefined) {
-    if (typeof c["bom-ref"] !== "string" || c["bom-ref"].length > 256) {                         // allow:raw-byte-literal — bom-ref string-length cap, not bytes
+    if (typeof c["bom-ref"] !== "string" || c["bom-ref"].length > 256) {                         // bom-ref string-length cap, not bytes
       throw new AiModelManifestError("aibom/bad-bom-ref",
         "build.model: bom-ref must be a string of length 1-256");
     }
@@ -332,12 +332,12 @@ function verify(envelope, publicKeyPem, opts) {
 // UUIDv4 via the framework's CSPRNG path. Used for `serialNumber`
 // defaults — operators may supply their own for cross-build stability.
 function _uuidUrn() {
-  var b = bCrypto.generateBytes(16);                                                            // allow:raw-byte-literal — RFC 9562 §4.1 UUIDv4 is a 16-byte (128-bit) primitive
-  b[6] = (b[6] & 0x0f) | 0x40;                                                                  // allow:raw-byte-literal — UUIDv4 version nibble (RFC 9562 §4.4)
-  b[8] = (b[8] & 0x3f) | 0x80;                                                                  // allow:raw-byte-literal — UUIDv4 variant nibble (RFC 9562 §4.4)
+  var b = bCrypto.generateBytes(16);                                                            // RFC 9562 §4.1 UUIDv4 is a 16-byte (128-bit) primitive
+  b[6] = (b[6] & 0x0f) | 0x40;                                                                  // UUIDv4 version nibble (RFC 9562 §4.4)
+  b[8] = (b[8] & 0x3f) | 0x80;                                                                  // UUIDv4 variant nibble (RFC 9562 §4.4)
   var h = b.toString("hex");
-  return "urn:uuid:" + h.slice(0, 8) + "-" + h.slice(8, 12) + "-" +                              // allow:raw-byte-literal — RFC 9562 §4 UUID text representation hex offsets (8-4-4-4-12)
-         h.slice(12, 16) + "-" + h.slice(16, 20) + "-" + h.slice(20);                            // allow:raw-byte-literal — RFC 9562 §4 UUID hex offsets
+  return "urn:uuid:" + h.slice(0, 8) + "-" + h.slice(8, 12) + "-" +                              // RFC 9562 §4 UUID text representation hex offsets (8-4-4-4-12)
+         h.slice(12, 16) + "-" + h.slice(16, 20) + "-" + h.slice(20);                            // RFC 9562 §4 UUID hex offsets
 }
 
 // package.json read lives behind the call to dodge a circular-load

package/lib/ai-pref.js

@@ -142,7 +142,7 @@ function parseHeader(value) {
   if (typeof value !== "string" || value.length === 0) {
     throw AiPrefError.factory("ai-pref/bad-header", "aiPref.parseHeader: value required");
   }
-  if (value.length > 1024) {                                                                   // allow:raw-byte-literal — header value cap, not bytes
+  if (value.length > 1024) {                                                                   // header value cap, not bytes
     throw AiPrefError.factory("ai-pref/header-too-large",
       "aiPref.parseHeader: value exceeds 1024 chars");
   }
@@ -205,7 +205,7 @@ function parseHeader(value) {
 function robotsBlock(opts) {
   var v = _validate(opts);
   var ua = opts.userAgent || "*";
-  if (typeof ua !== "string" || ua.length === 0 || ua.length > 256) {                          // allow:raw-byte-literal — UA-string cap, not bytes
+  if (typeof ua !== "string" || ua.length === 0 || ua.length > 256) {                          // UA-string cap, not bytes
     throw AiPrefError.factory("ai-pref/bad-user-agent",
       "aiPref.robotsBlock: userAgent must be 1-256 char string (or omit for *)");
   }
@@ -314,7 +314,7 @@ function refusePaidCrawl(req, res, opts) {
     res.setHeader("Content-Type", "application/json");
     res.setHeader("Cache-Control", "no-store");
   }
-  res.statusCode = 402;                                                                        // allow:raw-byte-literal — HTTP 402 Payment Required (RFC 9110)
+  res.statusCode = 402;                                                                        // HTTP 402 Payment Required (RFC 9110)
   res.end(body);
   audit.safeEmit({
     action:   "aipref.paid_crawl_refused",

package/lib/archive-gz.js

@@ -25,8 +25,8 @@ var archiveRead = lazyRequire(function () { return require("./archive-read"); })
 var archiveTarRead = lazyRequire(function () { return require("./archive-tar-read"); });
 
 // gzip magic — RFC 1952 §2.2 ("ID1=0x1f, ID2=0x8b").
-var GZIP_MAGIC_0 = 0x1f;                                                              // allow:raw-byte-literal — RFC 1952 §2.2 ID1
-var GZIP_MAGIC_1 = 0x8b;                                                              // allow:raw-byte-literal — RFC 1952 §2.2 ID2
+var GZIP_MAGIC_0 = 0x1f;                                                              // RFC 1952 §2.2 ID1
+var GZIP_MAGIC_1 = 0x8b;                                                              // RFC 1952 §2.2 ID2
 
 var DEFAULT_MAX_OUTPUT_BYTES = C.BYTES.gib(1);
 var DEFAULT_MAX_RATIO = 100;