@blamejs/core 0.16.0 → 0.16.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (560) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/bin/blamejs.js +2 -0
  3. package/index.js +2 -0
  4. package/lib/_test/crypto-fixtures.js +2 -0
  5. package/lib/a2a-tasks.js +2 -0
  6. package/lib/a2a.js +2 -0
  7. package/lib/acme.js +7 -1
  8. package/lib/agent-audit.js +2 -0
  9. package/lib/agent-envelope-mac.js +2 -0
  10. package/lib/agent-event-bus.js +2 -0
  11. package/lib/agent-idempotency.js +2 -0
  12. package/lib/agent-orchestrator.js +2 -0
  13. package/lib/agent-posture-chain.js +2 -0
  14. package/lib/agent-saga.js +2 -0
  15. package/lib/agent-snapshot.js +2 -0
  16. package/lib/agent-stream.js +2 -0
  17. package/lib/agent-tenant.js +2 -0
  18. package/lib/agent-trace.js +2 -0
  19. package/lib/ai-adverse-decision.js +2 -0
  20. package/lib/ai-aedt-bias-audit.js +2 -0
  21. package/lib/ai-capability.js +2 -0
  22. package/lib/ai-content-detect.js +2 -0
  23. package/lib/ai-disclosure.js +2 -0
  24. package/lib/ai-dp.js +2 -0
  25. package/lib/ai-frontier-protocol.js +2 -0
  26. package/lib/ai-input.js +2 -0
  27. package/lib/ai-model-manifest.js +2 -0
  28. package/lib/ai-output.js +2 -0
  29. package/lib/ai-pref.js +2 -0
  30. package/lib/ai-prompt.js +2 -0
  31. package/lib/ai-quota.js +2 -0
  32. package/lib/api-key.js +2 -0
  33. package/lib/api-snapshot.js +2 -0
  34. package/lib/app-shutdown.js +2 -0
  35. package/lib/app.js +2 -0
  36. package/lib/archive-adapters.js +2 -0
  37. package/lib/archive-entry-policy.js +2 -0
  38. package/lib/archive-gz.js +2 -0
  39. package/lib/archive-read.js +2 -0
  40. package/lib/archive-tar-read.js +2 -0
  41. package/lib/archive-tar.js +2 -0
  42. package/lib/archive-wrap.js +2 -0
  43. package/lib/archive.js +2 -0
  44. package/lib/arg-parser.js +2 -0
  45. package/lib/argon2-builtin.js +2 -0
  46. package/lib/asn1-der.js +2 -0
  47. package/lib/asyncapi-bindings.js +2 -0
  48. package/lib/asyncapi-traits.js +2 -0
  49. package/lib/asyncapi.js +2 -0
  50. package/lib/atomic-file.js +2 -0
  51. package/lib/audit-chain.js +2 -0
  52. package/lib/audit-daily-review.js +2 -0
  53. package/lib/audit-emit.js +2 -0
  54. package/lib/audit-sign.js +2 -0
  55. package/lib/audit-tools.js +2 -0
  56. package/lib/audit.js +2 -0
  57. package/lib/auth/aal.js +2 -0
  58. package/lib/auth/access-lock.js +2 -0
  59. package/lib/auth/acr-vocabulary.js +2 -0
  60. package/lib/auth/ato-kill-switch.js +2 -0
  61. package/lib/auth/auth-time-tracker.js +2 -0
  62. package/lib/auth/bot-challenge.js +2 -0
  63. package/lib/auth/ciba.js +2 -0
  64. package/lib/auth/dpop.js +2 -0
  65. package/lib/auth/elevation-grant.js +2 -0
  66. package/lib/auth/fal.js +2 -0
  67. package/lib/auth/fido-mds3.js +2 -0
  68. package/lib/auth/jar.js +2 -0
  69. package/lib/auth/jwt-external.js +2 -0
  70. package/lib/auth/jwt.js +2 -0
  71. package/lib/auth/lockout.js +2 -0
  72. package/lib/auth/oauth.js +84 -17
  73. package/lib/auth/oid4vci.js +2 -0
  74. package/lib/auth/oid4vp.js +2 -0
  75. package/lib/auth/openid-federation.js +2 -0
  76. package/lib/auth/passkey.js +2 -0
  77. package/lib/auth/password.js +2 -0
  78. package/lib/auth/saml.js +30 -5
  79. package/lib/auth/sd-jwt-vc-disclosure.js +2 -0
  80. package/lib/auth/sd-jwt-vc-holder.js +2 -0
  81. package/lib/auth/sd-jwt-vc-issuer.js +2 -0
  82. package/lib/auth/sd-jwt-vc.js +2 -0
  83. package/lib/auth/status-list.js +2 -0
  84. package/lib/auth/step-up-policy.js +2 -0
  85. package/lib/auth/step-up.js +2 -0
  86. package/lib/auth-bot-challenge.js +2 -0
  87. package/lib/auth-header.js +2 -0
  88. package/lib/backup/bundle.js +2 -0
  89. package/lib/backup/crypto.js +2 -0
  90. package/lib/backup/index.js +14 -0
  91. package/lib/backup/manifest.js +2 -0
  92. package/lib/base32.js +2 -0
  93. package/lib/boot-gates.js +2 -0
  94. package/lib/bounded-map.js +2 -0
  95. package/lib/breach-deadline.js +2 -0
  96. package/lib/break-glass.js +2 -0
  97. package/lib/budr.js +2 -0
  98. package/lib/bundler.js +2 -0
  99. package/lib/cache-redis.js +2 -0
  100. package/lib/cache-status.js +2 -0
  101. package/lib/cache.js +2 -0
  102. package/lib/calendar.js +2 -0
  103. package/lib/canonical-json.js +2 -0
  104. package/lib/cbor.js +2 -0
  105. package/lib/cdn-cache-control.js +2 -0
  106. package/lib/cert.js +2 -0
  107. package/lib/chain-writer.js +2 -0
  108. package/lib/circuit-breaker.js +2 -0
  109. package/lib/cli-helpers.js +2 -0
  110. package/lib/cli.js +57 -20
  111. package/lib/client-hints.js +2 -0
  112. package/lib/cloud-events.js +2 -0
  113. package/lib/cluster-provider-db.js +2 -0
  114. package/lib/cluster-storage.js +2 -0
  115. package/lib/cluster.js +2 -0
  116. package/lib/cms-codec.js +2 -0
  117. package/lib/codepoint-class.js +2 -0
  118. package/lib/compliance-ai-act-logging.js +2 -0
  119. package/lib/compliance-ai-act-prohibited.js +2 -0
  120. package/lib/compliance-ai-act-risk.js +2 -0
  121. package/lib/compliance-ai-act-transparency.js +2 -0
  122. package/lib/compliance-ai-act.js +2 -0
  123. package/lib/compliance-eaa.js +2 -0
  124. package/lib/compliance-sanctions-aliases.js +2 -0
  125. package/lib/compliance-sanctions-fetcher.js +2 -0
  126. package/lib/compliance-sanctions-fuzzy.js +2 -0
  127. package/lib/compliance-sanctions.js +2 -0
  128. package/lib/compliance.js +2 -0
  129. package/lib/config-drift.js +2 -0
  130. package/lib/config.js +2 -0
  131. package/lib/consent.js +2 -0
  132. package/lib/constants.js +2 -0
  133. package/lib/content-credentials.js +2 -0
  134. package/lib/content-digest.js +2 -0
  135. package/lib/cookies.js +2 -0
  136. package/lib/cose.js +2 -0
  137. package/lib/cra-report.js +2 -0
  138. package/lib/crdt.js +2 -0
  139. package/lib/credential-hash.js +2 -0
  140. package/lib/crypto-field.js +2 -0
  141. package/lib/crypto-hpke-pq.js +2 -0
  142. package/lib/crypto-hpke.js +2 -0
  143. package/lib/crypto-oprf.js +2 -0
  144. package/lib/crypto-xwing.js +2 -0
  145. package/lib/crypto.js +2 -0
  146. package/lib/csp.js +2 -0
  147. package/lib/csv.js +2 -0
  148. package/lib/cwt.js +2 -0
  149. package/lib/daemon.js +2 -0
  150. package/lib/dark-patterns.js +2 -0
  151. package/lib/data-act.js +2 -0
  152. package/lib/db-collection.js +2 -0
  153. package/lib/db-declare-row-policy.js +2 -0
  154. package/lib/db-declare-view.js +2 -0
  155. package/lib/db-file-lifecycle.js +2 -0
  156. package/lib/db-query.js +2 -0
  157. package/lib/db-role-context.js +2 -0
  158. package/lib/db-schema.js +2 -0
  159. package/lib/db.js +2 -0
  160. package/lib/dbsc.js +2 -0
  161. package/lib/ddl-change-control.js +2 -0
  162. package/lib/deprecate.js +2 -0
  163. package/lib/dev.js +2 -0
  164. package/lib/did.js +2 -0
  165. package/lib/dora.js +2 -0
  166. package/lib/dr-runbook.js +2 -0
  167. package/lib/dsa.js +2 -0
  168. package/lib/dsr.js +2 -0
  169. package/lib/dual-control.js +2 -0
  170. package/lib/early-hints.js +2 -0
  171. package/lib/eat.js +2 -0
  172. package/lib/error-page.js +2 -0
  173. package/lib/events.js +2 -0
  174. package/lib/external-db-migrate.js +2 -0
  175. package/lib/external-db.js +2 -0
  176. package/lib/fapi2.js +2 -0
  177. package/lib/fda-21cfr11.js +2 -0
  178. package/lib/fdx.js +2 -0
  179. package/lib/fedcm.js +2 -0
  180. package/lib/file-type.js +2 -0
  181. package/lib/file-upload.js +2 -0
  182. package/lib/flag-cache.js +2 -0
  183. package/lib/flag-evaluation-context.js +2 -0
  184. package/lib/flag-providers.js +2 -0
  185. package/lib/flag-targeting.js +2 -0
  186. package/lib/flag.js +2 -0
  187. package/lib/forms.js +2 -0
  188. package/lib/framework-error.js +2 -0
  189. package/lib/framework-files.js +2 -0
  190. package/lib/framework-schema.js +2 -0
  191. package/lib/framework-sha1-hibp.js +2 -0
  192. package/lib/fsm.js +2 -0
  193. package/lib/gate-contract.js +2 -0
  194. package/lib/gdpr-ropa.js +2 -0
  195. package/lib/graphql-federation.js +2 -0
  196. package/lib/guard-agent-registry.js +2 -0
  197. package/lib/guard-all.js +2 -0
  198. package/lib/guard-archive.js +2 -0
  199. package/lib/guard-auth.js +2 -0
  200. package/lib/guard-cidr.js +2 -0
  201. package/lib/guard-csv.js +2 -0
  202. package/lib/guard-domain.js +2 -0
  203. package/lib/guard-dsn.js +2 -0
  204. package/lib/guard-email.js +2 -0
  205. package/lib/guard-envelope.js +2 -0
  206. package/lib/guard-event-bus-payload.js +2 -0
  207. package/lib/guard-event-bus-topic.js +2 -0
  208. package/lib/guard-filename.js +2 -0
  209. package/lib/guard-graphql.js +2 -0
  210. package/lib/guard-html-wcag-aria.js +2 -0
  211. package/lib/guard-html-wcag-forms.js +2 -0
  212. package/lib/guard-html-wcag-tables.js +2 -0
  213. package/lib/guard-html-wcag-tagwalk.js +2 -0
  214. package/lib/guard-html-wcag.js +2 -0
  215. package/lib/guard-html.js +2 -0
  216. package/lib/guard-idempotency-key.js +2 -0
  217. package/lib/guard-image.js +2 -0
  218. package/lib/guard-imap-command.js +2 -0
  219. package/lib/guard-jmap.js +2 -0
  220. package/lib/guard-json.js +2 -0
  221. package/lib/guard-jsonpath.js +2 -0
  222. package/lib/guard-jwt.js +2 -0
  223. package/lib/guard-list-id.js +2 -0
  224. package/lib/guard-list-unsubscribe.js +2 -0
  225. package/lib/guard-mail-compose.js +2 -0
  226. package/lib/guard-mail-move.js +2 -0
  227. package/lib/guard-mail-query.js +2 -0
  228. package/lib/guard-mail-reply.js +2 -0
  229. package/lib/guard-mail-sieve.js +2 -0
  230. package/lib/guard-managesieve-command.js +2 -0
  231. package/lib/guard-markdown.js +2 -0
  232. package/lib/guard-message-id.js +2 -0
  233. package/lib/guard-mime.js +2 -0
  234. package/lib/guard-oauth.js +2 -0
  235. package/lib/guard-pdf.js +2 -0
  236. package/lib/guard-pop3-command.js +2 -0
  237. package/lib/guard-posture-chain.js +2 -0
  238. package/lib/guard-regex.js +2 -0
  239. package/lib/guard-saga-config.js +2 -0
  240. package/lib/guard-shell.js +2 -0
  241. package/lib/guard-smtp-command.js +2 -0
  242. package/lib/guard-snapshot-envelope.js +2 -0
  243. package/lib/guard-sql.js +2 -0
  244. package/lib/guard-stream-args.js +2 -0
  245. package/lib/guard-svg.js +2 -0
  246. package/lib/guard-template.js +2 -0
  247. package/lib/guard-tenant-id.js +2 -0
  248. package/lib/guard-text.js +2 -0
  249. package/lib/guard-time.js +2 -0
  250. package/lib/guard-trace-context.js +2 -0
  251. package/lib/guard-uuid.js +2 -0
  252. package/lib/guard-xml.js +2 -0
  253. package/lib/guard-yaml.js +2 -0
  254. package/lib/hal.js +2 -0
  255. package/lib/handlers.js +2 -0
  256. package/lib/honeytoken.js +2 -0
  257. package/lib/html-balance.js +2 -0
  258. package/lib/http-client-cache.js +2 -0
  259. package/lib/http-client-cookie-jar.js +2 -0
  260. package/lib/http-client.js +2 -0
  261. package/lib/http-message-signature.js +2 -0
  262. package/lib/http2-teardown.js +2 -0
  263. package/lib/i18n-messageformat.js +2 -0
  264. package/lib/i18n.js +2 -0
  265. package/lib/iab-mspa.js +2 -0
  266. package/lib/iab-tcf.js +2 -0
  267. package/lib/importmap-integrity.js +2 -0
  268. package/lib/inbox.js +2 -0
  269. package/lib/incident-report.js +2 -0
  270. package/lib/ip-utils.js +2 -0
  271. package/lib/jobs.js +2 -0
  272. package/lib/jose-jwe-experimental.js +2 -0
  273. package/lib/json-merge-patch.js +2 -0
  274. package/lib/json-patch.js +2 -0
  275. package/lib/json-path.js +2 -0
  276. package/lib/json-pointer.js +2 -0
  277. package/lib/json-schema.js +2 -0
  278. package/lib/jsonapi.js +2 -0
  279. package/lib/jtd.js +2 -0
  280. package/lib/jwk.js +2 -0
  281. package/lib/keychain.js +32 -10
  282. package/lib/lazy-require.js +2 -0
  283. package/lib/legal-hold.js +2 -0
  284. package/lib/link-header.js +2 -0
  285. package/lib/local-db-thin.js +2 -0
  286. package/lib/log-stream-cloudwatch.js +2 -0
  287. package/lib/log-stream-local.js +2 -0
  288. package/lib/log-stream-otlp-grpc.js +2 -0
  289. package/lib/log-stream-otlp.js +2 -0
  290. package/lib/log-stream-syslog.js +2 -0
  291. package/lib/log-stream-webhook.js +2 -0
  292. package/lib/log-stream.js +2 -0
  293. package/lib/log.js +2 -0
  294. package/lib/lro.js +2 -0
  295. package/lib/mail-agent.js +2 -0
  296. package/lib/mail-arc-reuse-token.js +2 -0
  297. package/lib/mail-arc-sign.js +2 -0
  298. package/lib/mail-arf.js +2 -0
  299. package/lib/mail-auth.js +7 -1
  300. package/lib/mail-bimi.js +2 -0
  301. package/lib/mail-bounce.js +2 -0
  302. package/lib/mail-crypto-pgp.js +2 -0
  303. package/lib/mail-crypto-smime.js +2 -0
  304. package/lib/mail-crypto.js +2 -0
  305. package/lib/mail-dav.js +2 -0
  306. package/lib/mail-deploy.js +2 -0
  307. package/lib/mail-dkim.js +2 -0
  308. package/lib/mail-greylist.js +2 -0
  309. package/lib/mail-helo.js +2 -0
  310. package/lib/mail-journal.js +2 -0
  311. package/lib/mail-mdn.js +2 -0
  312. package/lib/mail-rbl.js +2 -0
  313. package/lib/mail-require-tls.js +2 -0
  314. package/lib/mail-scan.js +2 -0
  315. package/lib/mail-send-deliver.js +2 -0
  316. package/lib/mail-server-imap.js +2 -0
  317. package/lib/mail-server-jmap.js +2 -0
  318. package/lib/mail-server-managesieve.js +2 -0
  319. package/lib/mail-server-mx.js +2 -0
  320. package/lib/mail-server-net.js +2 -0
  321. package/lib/mail-server-pop3.js +2 -0
  322. package/lib/mail-server-rate-limit.js +2 -0
  323. package/lib/mail-server-registry.js +2 -0
  324. package/lib/mail-server-submission.js +2 -0
  325. package/lib/mail-server-tls.js +2 -0
  326. package/lib/mail-sieve.js +2 -0
  327. package/lib/mail-spam-score.js +2 -0
  328. package/lib/mail-srs.js +2 -0
  329. package/lib/mail-store-fts.js +2 -0
  330. package/lib/mail-store.js +2 -0
  331. package/lib/mail-unsubscribe.js +2 -0
  332. package/lib/mail.js +2 -0
  333. package/lib/markup-escape.js +2 -0
  334. package/lib/markup-tokenizer.js +2 -0
  335. package/lib/mcp-tool-registry.js +2 -0
  336. package/lib/mcp.js +2 -0
  337. package/lib/mdoc.js +2 -0
  338. package/lib/metrics.js +2 -0
  339. package/lib/middleware/age-gate.js +2 -0
  340. package/lib/middleware/ai-act-disclosure.js +2 -0
  341. package/lib/middleware/api-encrypt.js +2 -0
  342. package/lib/middleware/assetlinks.js +2 -0
  343. package/lib/middleware/asyncapi-serve.js +2 -0
  344. package/lib/middleware/attach-user.js +2 -0
  345. package/lib/middleware/bearer-auth.js +2 -0
  346. package/lib/middleware/body-parser.js +2 -0
  347. package/lib/middleware/bot-disclose.js +2 -0
  348. package/lib/middleware/bot-guard.js +2 -0
  349. package/lib/middleware/clear-site-data.js +2 -0
  350. package/lib/middleware/compose-pipeline.js +2 -0
  351. package/lib/middleware/compression.js +2 -0
  352. package/lib/middleware/cookies.js +2 -0
  353. package/lib/middleware/cors.js +2 -0
  354. package/lib/middleware/csp-nonce.js +2 -0
  355. package/lib/middleware/csp-report.js +2 -0
  356. package/lib/middleware/csrf-protect.js +2 -0
  357. package/lib/middleware/daily-byte-quota.js +2 -0
  358. package/lib/middleware/db-role-for.js +2 -0
  359. package/lib/middleware/deny-response.js +2 -0
  360. package/lib/middleware/dpop.js +2 -0
  361. package/lib/middleware/error-handler.js +2 -0
  362. package/lib/middleware/fetch-metadata.js +2 -0
  363. package/lib/middleware/flag-context.js +2 -0
  364. package/lib/middleware/gpc.js +2 -0
  365. package/lib/middleware/headers.js +2 -0
  366. package/lib/middleware/health.js +2 -0
  367. package/lib/middleware/host-allowlist.js +2 -0
  368. package/lib/middleware/idempotency-key.js +2 -0
  369. package/lib/middleware/index.js +2 -0
  370. package/lib/middleware/nel.js +2 -0
  371. package/lib/middleware/network-allowlist.js +2 -0
  372. package/lib/middleware/no-cache.js +2 -0
  373. package/lib/middleware/openapi-serve.js +2 -0
  374. package/lib/middleware/protected-resource-metadata.js +2 -0
  375. package/lib/middleware/rate-limit.js +2 -0
  376. package/lib/middleware/request-id.js +2 -0
  377. package/lib/middleware/request-log.js +2 -0
  378. package/lib/middleware/require-aal.js +2 -0
  379. package/lib/middleware/require-auth.js +2 -0
  380. package/lib/middleware/require-bound-key.js +2 -0
  381. package/lib/middleware/require-content-type.js +2 -0
  382. package/lib/middleware/require-methods.js +2 -0
  383. package/lib/middleware/require-mtls.js +2 -0
  384. package/lib/middleware/require-step-up.js +2 -0
  385. package/lib/middleware/scim-server.js +2 -0
  386. package/lib/middleware/security-headers.js +2 -0
  387. package/lib/middleware/security-txt.js +2 -0
  388. package/lib/middleware/span-http-server.js +2 -0
  389. package/lib/middleware/speculation-rules.js +2 -0
  390. package/lib/middleware/sse.js +2 -0
  391. package/lib/middleware/trace-log-correlation.js +2 -0
  392. package/lib/middleware/trace-propagate.js +2 -0
  393. package/lib/middleware/tus-upload.js +2 -0
  394. package/lib/middleware/web-app-manifest.js +2 -0
  395. package/lib/migration-files.js +2 -0
  396. package/lib/migrations.js +2 -0
  397. package/lib/mime-parse.js +2 -0
  398. package/lib/module-loader.js +2 -0
  399. package/lib/money.js +2 -0
  400. package/lib/mtls-ca.js +2 -0
  401. package/lib/mtls-engine-default.js +2 -0
  402. package/lib/network-byte-quota.js +2 -0
  403. package/lib/network-dane.js +2 -0
  404. package/lib/network-dns-resolver.js +2 -0
  405. package/lib/network-dns.js +2 -0
  406. package/lib/network-dnssec.js +2 -0
  407. package/lib/network-heartbeat.js +2 -0
  408. package/lib/network-nts.js +2 -0
  409. package/lib/network-proxy.js +2 -0
  410. package/lib/network-smtp-policy.js +6 -1
  411. package/lib/network-tls.js +2 -0
  412. package/lib/network-tsig.js +2 -0
  413. package/lib/network.js +2 -0
  414. package/lib/nis2-report.js +2 -0
  415. package/lib/nist-crosswalk.js +2 -0
  416. package/lib/nonce-store.js +2 -0
  417. package/lib/notify.js +2 -0
  418. package/lib/ntp-check.js +2 -0
  419. package/lib/numeric-bounds.js +2 -0
  420. package/lib/numeric-checks.js +2 -0
  421. package/lib/object-store/azure-blob-bucket-ops.js +2 -0
  422. package/lib/object-store/azure-blob.js +2 -0
  423. package/lib/object-store/gcs-bucket-ops.js +2 -0
  424. package/lib/object-store/gcs.js +2 -0
  425. package/lib/object-store/http-put.js +2 -0
  426. package/lib/object-store/http-request.js +2 -0
  427. package/lib/object-store/index.js +2 -0
  428. package/lib/object-store/local.js +2 -0
  429. package/lib/object-store/sigv4-bucket-ops.js +2 -0
  430. package/lib/object-store/sigv4.js +2 -0
  431. package/lib/observability-otlp-exporter.js +2 -0
  432. package/lib/observability-tracer.js +2 -0
  433. package/lib/observability.js +2 -0
  434. package/lib/openapi-paths-builder.js +2 -0
  435. package/lib/openapi-schema-walk.js +2 -0
  436. package/lib/openapi-security.js +2 -0
  437. package/lib/openapi-yaml.js +2 -0
  438. package/lib/openapi.js +2 -0
  439. package/lib/otel-export.js +2 -0
  440. package/lib/outbox.js +2 -0
  441. package/lib/pagination.js +2 -0
  442. package/lib/parsers/index.js +2 -0
  443. package/lib/parsers/safe-env.js +2 -0
  444. package/lib/parsers/safe-ini.js +2 -0
  445. package/lib/parsers/safe-toml.js +2 -0
  446. package/lib/parsers/safe-xml.js +2 -0
  447. package/lib/parsers/safe-yaml.js +2 -0
  448. package/lib/permissions.js +2 -0
  449. package/lib/pick.js +2 -0
  450. package/lib/pipl-cn.js +2 -0
  451. package/lib/pqc-agent.js +2 -0
  452. package/lib/pqc-gate.js +2 -0
  453. package/lib/pqc-software.js +2 -0
  454. package/lib/privacy-pass.js +2 -0
  455. package/lib/privacy.js +2 -0
  456. package/lib/problem-details.js +2 -0
  457. package/lib/process-spawn.js +2 -0
  458. package/lib/promise-pool.js +2 -0
  459. package/lib/protobuf-encoder.js +2 -0
  460. package/lib/protocol-dispatcher.js +2 -0
  461. package/lib/public-suffix.js +2 -0
  462. package/lib/pubsub-cluster.js +2 -0
  463. package/lib/pubsub-redis.js +2 -0
  464. package/lib/pubsub.js +2 -0
  465. package/lib/queue-local.js +2 -0
  466. package/lib/queue-redis.js +2 -0
  467. package/lib/queue-sqs.js +2 -0
  468. package/lib/queue.js +2 -0
  469. package/lib/redact.js +2 -0
  470. package/lib/redis-client.js +2 -0
  471. package/lib/render.js +2 -0
  472. package/lib/request-helpers.js +2 -0
  473. package/lib/resource-access-lock.js +2 -0
  474. package/lib/restore-bundle.js +2 -0
  475. package/lib/restore-rollback.js +2 -0
  476. package/lib/restore.js +2 -0
  477. package/lib/retention.js +2 -0
  478. package/lib/retry.js +2 -0
  479. package/lib/rfc3339.js +2 -0
  480. package/lib/router.js +83 -18
  481. package/lib/safe-archive.js +2 -0
  482. package/lib/safe-async.js +2 -0
  483. package/lib/safe-buffer.js +2 -0
  484. package/lib/safe-decompress.js +2 -0
  485. package/lib/safe-dns.js +2 -0
  486. package/lib/safe-ical.js +2 -0
  487. package/lib/safe-icap.js +2 -0
  488. package/lib/safe-json.js +2 -0
  489. package/lib/safe-jsonpath.js +2 -0
  490. package/lib/safe-mime.js +2 -0
  491. package/lib/safe-mount-info.js +2 -0
  492. package/lib/safe-path.js +2 -0
  493. package/lib/safe-redirect.js +2 -0
  494. package/lib/safe-schema.js +2 -0
  495. package/lib/safe-sieve.js +2 -0
  496. package/lib/safe-smtp.js +2 -0
  497. package/lib/safe-sql.js +2 -0
  498. package/lib/safe-url.js +2 -0
  499. package/lib/safe-vcard.js +2 -0
  500. package/lib/sandbox-worker.js +2 -0
  501. package/lib/sandbox.js +2 -0
  502. package/lib/scheduler.js +2 -0
  503. package/lib/scitt.js +2 -0
  504. package/lib/sd-notify.js +2 -0
  505. package/lib/sec-cyber.js +2 -0
  506. package/lib/security-assert.js +2 -0
  507. package/lib/seeders.js +2 -0
  508. package/lib/self-update-standalone-verifier.js +2 -0
  509. package/lib/self-update.js +2 -0
  510. package/lib/server-timing.js +2 -0
  511. package/lib/session-device-binding.js +2 -0
  512. package/lib/session-stores.js +2 -0
  513. package/lib/session.js +2 -0
  514. package/lib/slug.js +2 -0
  515. package/lib/sql.js +2 -0
  516. package/lib/sse.js +2 -0
  517. package/lib/ssrf-guard.js +2 -0
  518. package/lib/standard-webhooks.js +2 -0
  519. package/lib/static.js +2 -0
  520. package/lib/storage.js +2 -0
  521. package/lib/stream-throttle.js +2 -0
  522. package/lib/structured-fields.js +2 -0
  523. package/lib/subject.js +2 -0
  524. package/lib/tcpa-10dlc.js +2 -0
  525. package/lib/template.js +2 -0
  526. package/lib/tenant-quota.js +2 -0
  527. package/lib/test-harness.js +2 -0
  528. package/lib/testing.js +2 -0
  529. package/lib/time.js +2 -0
  530. package/lib/tls-exporter.js +2 -0
  531. package/lib/totp.js +2 -0
  532. package/lib/tracing.js +2 -0
  533. package/lib/tsa.js +2 -0
  534. package/lib/uri-template.js +2 -0
  535. package/lib/uuid.js +2 -0
  536. package/lib/validate-opts.js +2 -0
  537. package/lib/vault/index.js +2 -0
  538. package/lib/vault/passphrase-ops.js +2 -0
  539. package/lib/vault/passphrase-source.js +2 -0
  540. package/lib/vault/rotate.js +2 -0
  541. package/lib/vault/seal-pem-file.js +2 -0
  542. package/lib/vault/wrap.js +2 -0
  543. package/lib/vault-aad.js +2 -0
  544. package/lib/vc.js +2 -0
  545. package/lib/vendor-data.js +2 -0
  546. package/lib/vex.js +2 -0
  547. package/lib/watcher.js +2 -0
  548. package/lib/web-push-vapid.js +2 -0
  549. package/lib/webhook-dispatcher.js +2 -0
  550. package/lib/webhook.js +2 -0
  551. package/lib/websocket-channels.js +2 -0
  552. package/lib/websocket.js +2 -0
  553. package/lib/wiki-concepts.js +2 -0
  554. package/lib/worker-pool.js +2 -0
  555. package/lib/worm.js +2 -0
  556. package/lib/ws-client.js +2 -0
  557. package/lib/x509-chain.js +2 -0
  558. package/lib/xml-c14n.js +2 -0
  559. package/package.json +1 -1
  560. package/sbom.cdx.json +6 -6
package/lib/keychain.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.keychain
@@ -647,9 +649,20 @@ async function store(opts) {
647
649
  }
648
650
 
649
651
  _validateFallbackFile(opts.fallbackFile, "keychain.store");
650
- var doc = await _readFile(opts.fallbackFile, opts.passphrase);
651
- doc.entries[_bindingKey(opts.service, opts.account)] = String(opts.password);
652
- await _writeFile(opts.fallbackFile, doc, opts.passphrase);
652
+ // The lock sentinel lives beside fallbackFile, so its parent directory must
653
+ // exist before the FIRST writer can lock — otherwise the lock (added to
654
+ // serialize the RMW below) fails where the pre-lock atomicFile.write used to
655
+ // create the directory lazily on first store.
656
+ atomicFile.ensureDir(nodePath.dirname(opts.fallbackFile), 0o700);
657
+ // Serialize the read-modify-write so concurrent stores to the same
658
+ // fallbackFile can't each read the pre-update document and clobber one
659
+ // another's binding on write. atomicFile.lock is a cross-process file
660
+ // mutex; _removeFromFile serializes its RMW through the same lock.
661
+ await atomicFile.lock(opts.fallbackFile, async function () {
662
+ var doc = await _readFile(opts.fallbackFile, opts.passphrase);
663
+ doc.entries[_bindingKey(opts.service, opts.account)] = String(opts.password);
664
+ await _writeFile(opts.fallbackFile, doc, opts.passphrase);
665
+ });
653
666
  _emit("keychain.stored", "success", {
654
667
  service: opts.service, account: opts.account, backend: "file",
655
668
  }, auditOn);
@@ -816,13 +829,18 @@ async function remove(opts) {
816
829
  }
817
830
  }
818
831
 
832
+ // Validate a supplied fallbackFile (reject a relative path) BEFORE the
833
+ // exists check, so a relative path throws keychain/relative-fallback-file
834
+ // consistently with store/retrieve instead of silently no-op'ing.
835
+ if (opts.fallbackFile) {
836
+ _validateFallbackFile(opts.fallbackFile, "keychain.remove");
837
+ }
819
838
  if (!opts.fallbackFile || !atomicFile.exists(opts.fallbackFile)) {
820
839
  _emit("keychain.removed", "no-op", {
821
840
  service: opts.service, account: opts.account, backend: "file",
822
841
  }, auditOn);
823
842
  return false;
824
843
  }
825
- _validateFallbackFile(opts.fallbackFile, "keychain.remove");
826
844
  var existed = await _removeFromFile(opts.fallbackFile, opts.service, opts.account, opts.passphrase);
827
845
  _emit("keychain.removed", existed ? "success" : "no-op", {
828
846
  service: opts.service, account: opts.account, backend: "file",
@@ -831,12 +849,16 @@ async function remove(opts) {
831
849
  }
832
850
 
833
851
  async function _removeFromFile(fallbackFile, service, account, passphrase) {
834
- var doc = await _readFile(fallbackFile, passphrase);
835
- var bindingKey = _bindingKey(service, account);
836
- if (!Object.prototype.hasOwnProperty.call(doc.entries, bindingKey)) return false;
837
- delete doc.entries[bindingKey];
838
- await _writeFile(fallbackFile, doc, passphrase);
839
- return true;
852
+ // Same serialized read-modify-write as store: hold the file mutex across
853
+ // read -> delete -> write so a concurrent store/remove can't lose the edit.
854
+ return await atomicFile.lock(fallbackFile, async function () {
855
+ var doc = await _readFile(fallbackFile, passphrase);
856
+ var bindingKey = _bindingKey(service, account);
857
+ if (!Object.prototype.hasOwnProperty.call(doc.entries, bindingKey)) return false;
858
+ delete doc.entries[bindingKey];
859
+ await _writeFile(fallbackFile, doc, passphrase);
860
+ return true;
861
+ });
840
862
  }
841
863
 
842
864
  // ---- Test seam -------------------------------------------------------------
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * Lazy-require — cached deferred-load helper.
package/lib/legal-hold.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * legal-hold — subject-level litigation/regulatory hold registry.
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.linkHeader
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * b.localDb.thin — lightweight node:sqlite wrapper for desktop-daemon-
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * AWS CloudWatch Logs sink — PutLogEvents over HTTPS with SigV4.
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * Local file-based log sink with append-only journaling + rotation.
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * OTLP gRPC log sink — OpenTelemetry Protocol logs over gRPC.
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * OTLP/HTTP-JSON log sink — OpenTelemetry Protocol logs over HTTP/JSON.
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * Syslog log-stream sink — RFC 5424 framing over UDP / TCP / TLS.
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * Generic webhook log sink — HTTP POST one event (or a batch) at a time.
package/lib/log-stream.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.logStream
package/lib/log.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.log
package/lib/lro.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.lro
package/lib/mail-agent.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.agent
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * Internal handshake token shared between the DKIM verifier (mail-dkim) and
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * b.mail.arc.sign — RFC 8617 ARC chain construction.
package/lib/mail-arf.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mailArf
package/lib/mail-auth.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * b.mail.spf + b.mail.dmarc + b.mail.arc — inbound mail authentication
@@ -292,7 +294,7 @@ function _ipv4InCidr(ip, cidr) {
292
294
  var slash = cidr.indexOf("/");
293
295
  var net = slash === -1 ? cidr : cidr.slice(0, slash);
294
296
  var mask = slash === -1 ? 32 : parseInt(cidr.slice(slash + 1), 10); // IPv4 max prefix
295
- if (mask < 0 || mask > 32) return false; // IPv4 max prefix
297
+ if (!isFinite(mask) || mask < 0 || mask > 32) return false; // IPv4 max prefix
296
298
  var ipInt = _ipv4ToInt(ip);
297
299
  var netInt = _ipv4ToInt(net);
298
300
  if (ipInt === null || netInt === null) return false;
@@ -2121,6 +2123,10 @@ function authResultsEmit(opts) {
2121
2123
 
2122
2124
  var version = (opts.version === undefined || opts.version === null)
2123
2125
  ? "1" : String(opts.version);
2126
+ if (/[\r\n\0]/.test(version)) {
2127
+ throw new MailAuthError("mail-auth/ar-bad-version",
2128
+ "authResults.emit: version contains forbidden control characters");
2129
+ }
2124
2130
  var head = opts.authservId + (version === "1" ? "" : " " + version);
2125
2131
 
2126
2132
  if (opts.results.length === 0) {
package/lib/mail-bimi.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.bimi
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mailBounce
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  // codebase-patterns:allow-file raw-byte-literal — RFC 9580 OpenPGP packet
3
5
  // framing carries protocol-mandated byte-shape constants throughout (32-byte
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.crypto.smime
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.crypto
package/lib/mail-dav.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  // codebase-patterns:allow-file raw-byte-literal — DAV is HTTP-shaped; every
3
5
  // numeric in this file is an HTTP status code (200 / 201 / 207 / 400 / 401
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
 
3
5
  /**
package/lib/mail-dkim.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * mail-dkim — DKIM-Signature header generation for outbound mail.
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.greylist
package/lib/mail-helo.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.helo
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
 
3
5
  /**
package/lib/mail-mdn.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mailMdn
package/lib/mail-rbl.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.rbl
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.requireTls
package/lib/mail-scan.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.scan
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.send.deliver
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.server.imap
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.server.jmap
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.server.managesieve
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.server.mx
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
 
3
5
  // mail-server-net — the TCP-listener lifecycle shared by the mailbox / transfer
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.server.pop3
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.server.rateLimit
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.serverRegistry
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.server.submission
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.server.tls
package/lib/mail-sieve.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
 
3
5
  /**
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.spamScore
package/lib/mail-srs.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail.srs
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mailStore.fts
package/lib/mail-store.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mailStore
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * mail-unsubscribe — RFC 8058 / RFC 2369 / RFC 2919 List-* support.
package/lib/mail.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mail
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
 
3
5
  // markup-escape — the shared XML/HTML text + attribute escaper used wherever
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
 
3
5
  // markup-tokenizer — neutral lexing helpers shared by the markup sanitizers
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mcp.toolRegistry
package/lib/mcp.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mcp
package/lib/mdoc.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.mdoc
package/lib/metrics.js CHANGED
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.metrics
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * ageGate middleware — request-level age classification + high-privacy
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * ai-act-disclosure middleware — auto-inject the EU AI Act Article 50
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * api-encrypt — end-to-end PQC payload encryption for operator-
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * assetlinks middleware — emits Digital Asset Links at
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * asyncapi-serve middleware — expose an AsyncAPI 3.0 document at a
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * attach-user middleware — populates req.user (and req.session) from a
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * bearer-auth middleware — extracts `Authorization: Bearer <token>`,
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * body-parser — request-body buffering + parsing middleware.
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * botDisclose middleware — California SB 1001 bot-disclosure.
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * Bot-guard middleware — fingerprint-based detection of obviously-non-
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.middleware.clearSiteData
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * @module b.middleware.composePipeline
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * compression — gzip + brotli response compression.
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * b.middleware.cookies — inbound cookie-header threat detection.
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * CORS middleware — allow-list-only by default. No '*' wildcard support
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * csp-nonce — per-request CSP nonce + render integration.
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * b.middleware.cspReport — Reporting-API endpoint for CSP / COEP /
@@ -1,3 +1,5 @@
1
+ // SPDX-License-Identifier: Apache-2.0
2
+ // Copyright (c) blamejs contributors
1
3
  "use strict";
2
4
  /**
3
5
  * csrf-protect — middleware that issues CSRF tokens to safe-method