@blamejs/core 0.16.0 → 0.16.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +4 -0
- package/bin/blamejs.js +2 -0
- package/index.js +2 -0
- package/lib/_test/crypto-fixtures.js +2 -0
- package/lib/a2a-tasks.js +2 -0
- package/lib/a2a.js +2 -0
- package/lib/acme.js +7 -1
- package/lib/agent-audit.js +2 -0
- package/lib/agent-envelope-mac.js +2 -0
- package/lib/agent-event-bus.js +2 -0
- package/lib/agent-idempotency.js +2 -0
- package/lib/agent-orchestrator.js +2 -0
- package/lib/agent-posture-chain.js +2 -0
- package/lib/agent-saga.js +2 -0
- package/lib/agent-snapshot.js +2 -0
- package/lib/agent-stream.js +2 -0
- package/lib/agent-tenant.js +2 -0
- package/lib/agent-trace.js +2 -0
- package/lib/ai-adverse-decision.js +2 -0
- package/lib/ai-aedt-bias-audit.js +2 -0
- package/lib/ai-capability.js +2 -0
- package/lib/ai-content-detect.js +2 -0
- package/lib/ai-disclosure.js +2 -0
- package/lib/ai-dp.js +2 -0
- package/lib/ai-frontier-protocol.js +2 -0
- package/lib/ai-input.js +2 -0
- package/lib/ai-model-manifest.js +2 -0
- package/lib/ai-output.js +2 -0
- package/lib/ai-pref.js +2 -0
- package/lib/ai-prompt.js +2 -0
- package/lib/ai-quota.js +2 -0
- package/lib/api-key.js +2 -0
- package/lib/api-snapshot.js +2 -0
- package/lib/app-shutdown.js +2 -0
- package/lib/app.js +2 -0
- package/lib/archive-adapters.js +2 -0
- package/lib/archive-entry-policy.js +2 -0
- package/lib/archive-gz.js +2 -0
- package/lib/archive-read.js +2 -0
- package/lib/archive-tar-read.js +2 -0
- package/lib/archive-tar.js +2 -0
- package/lib/archive-wrap.js +2 -0
- package/lib/archive.js +2 -0
- package/lib/arg-parser.js +2 -0
- package/lib/argon2-builtin.js +2 -0
- package/lib/asn1-der.js +2 -0
- package/lib/asyncapi-bindings.js +2 -0
- package/lib/asyncapi-traits.js +2 -0
- package/lib/asyncapi.js +2 -0
- package/lib/atomic-file.js +2 -0
- package/lib/audit-chain.js +2 -0
- package/lib/audit-daily-review.js +2 -0
- package/lib/audit-emit.js +2 -0
- package/lib/audit-sign.js +2 -0
- package/lib/audit-tools.js +2 -0
- package/lib/audit.js +2 -0
- package/lib/auth/aal.js +2 -0
- package/lib/auth/access-lock.js +2 -0
- package/lib/auth/acr-vocabulary.js +2 -0
- package/lib/auth/ato-kill-switch.js +2 -0
- package/lib/auth/auth-time-tracker.js +2 -0
- package/lib/auth/bot-challenge.js +2 -0
- package/lib/auth/ciba.js +2 -0
- package/lib/auth/dpop.js +2 -0
- package/lib/auth/elevation-grant.js +2 -0
- package/lib/auth/fal.js +2 -0
- package/lib/auth/fido-mds3.js +2 -0
- package/lib/auth/jar.js +2 -0
- package/lib/auth/jwt-external.js +2 -0
- package/lib/auth/jwt.js +2 -0
- package/lib/auth/lockout.js +2 -0
- package/lib/auth/oauth.js +84 -17
- package/lib/auth/oid4vci.js +2 -0
- package/lib/auth/oid4vp.js +2 -0
- package/lib/auth/openid-federation.js +2 -0
- package/lib/auth/passkey.js +2 -0
- package/lib/auth/password.js +2 -0
- package/lib/auth/saml.js +30 -5
- package/lib/auth/sd-jwt-vc-disclosure.js +2 -0
- package/lib/auth/sd-jwt-vc-holder.js +2 -0
- package/lib/auth/sd-jwt-vc-issuer.js +2 -0
- package/lib/auth/sd-jwt-vc.js +2 -0
- package/lib/auth/status-list.js +2 -0
- package/lib/auth/step-up-policy.js +2 -0
- package/lib/auth/step-up.js +2 -0
- package/lib/auth-bot-challenge.js +2 -0
- package/lib/auth-header.js +2 -0
- package/lib/backup/bundle.js +2 -0
- package/lib/backup/crypto.js +2 -0
- package/lib/backup/index.js +14 -0
- package/lib/backup/manifest.js +2 -0
- package/lib/base32.js +2 -0
- package/lib/boot-gates.js +2 -0
- package/lib/bounded-map.js +2 -0
- package/lib/breach-deadline.js +2 -0
- package/lib/break-glass.js +2 -0
- package/lib/budr.js +2 -0
- package/lib/bundler.js +2 -0
- package/lib/cache-redis.js +2 -0
- package/lib/cache-status.js +2 -0
- package/lib/cache.js +2 -0
- package/lib/calendar.js +2 -0
- package/lib/canonical-json.js +2 -0
- package/lib/cbor.js +2 -0
- package/lib/cdn-cache-control.js +2 -0
- package/lib/cert.js +2 -0
- package/lib/chain-writer.js +2 -0
- package/lib/circuit-breaker.js +2 -0
- package/lib/cli-helpers.js +2 -0
- package/lib/cli.js +57 -20
- package/lib/client-hints.js +2 -0
- package/lib/cloud-events.js +2 -0
- package/lib/cluster-provider-db.js +2 -0
- package/lib/cluster-storage.js +2 -0
- package/lib/cluster.js +2 -0
- package/lib/cms-codec.js +2 -0
- package/lib/codepoint-class.js +2 -0
- package/lib/compliance-ai-act-logging.js +2 -0
- package/lib/compliance-ai-act-prohibited.js +2 -0
- package/lib/compliance-ai-act-risk.js +2 -0
- package/lib/compliance-ai-act-transparency.js +2 -0
- package/lib/compliance-ai-act.js +2 -0
- package/lib/compliance-eaa.js +2 -0
- package/lib/compliance-sanctions-aliases.js +2 -0
- package/lib/compliance-sanctions-fetcher.js +2 -0
- package/lib/compliance-sanctions-fuzzy.js +2 -0
- package/lib/compliance-sanctions.js +2 -0
- package/lib/compliance.js +2 -0
- package/lib/config-drift.js +2 -0
- package/lib/config.js +2 -0
- package/lib/consent.js +2 -0
- package/lib/constants.js +2 -0
- package/lib/content-credentials.js +2 -0
- package/lib/content-digest.js +2 -0
- package/lib/cookies.js +2 -0
- package/lib/cose.js +2 -0
- package/lib/cra-report.js +2 -0
- package/lib/crdt.js +2 -0
- package/lib/credential-hash.js +2 -0
- package/lib/crypto-field.js +2 -0
- package/lib/crypto-hpke-pq.js +2 -0
- package/lib/crypto-hpke.js +2 -0
- package/lib/crypto-oprf.js +2 -0
- package/lib/crypto-xwing.js +2 -0
- package/lib/crypto.js +2 -0
- package/lib/csp.js +2 -0
- package/lib/csv.js +2 -0
- package/lib/cwt.js +2 -0
- package/lib/daemon.js +2 -0
- package/lib/dark-patterns.js +2 -0
- package/lib/data-act.js +2 -0
- package/lib/db-collection.js +2 -0
- package/lib/db-declare-row-policy.js +2 -0
- package/lib/db-declare-view.js +2 -0
- package/lib/db-file-lifecycle.js +2 -0
- package/lib/db-query.js +2 -0
- package/lib/db-role-context.js +2 -0
- package/lib/db-schema.js +2 -0
- package/lib/db.js +2 -0
- package/lib/dbsc.js +2 -0
- package/lib/ddl-change-control.js +2 -0
- package/lib/deprecate.js +2 -0
- package/lib/dev.js +2 -0
- package/lib/did.js +2 -0
- package/lib/dora.js +2 -0
- package/lib/dr-runbook.js +2 -0
- package/lib/dsa.js +2 -0
- package/lib/dsr.js +2 -0
- package/lib/dual-control.js +2 -0
- package/lib/early-hints.js +2 -0
- package/lib/eat.js +2 -0
- package/lib/error-page.js +2 -0
- package/lib/events.js +2 -0
- package/lib/external-db-migrate.js +2 -0
- package/lib/external-db.js +2 -0
- package/lib/fapi2.js +2 -0
- package/lib/fda-21cfr11.js +2 -0
- package/lib/fdx.js +2 -0
- package/lib/fedcm.js +2 -0
- package/lib/file-type.js +2 -0
- package/lib/file-upload.js +2 -0
- package/lib/flag-cache.js +2 -0
- package/lib/flag-evaluation-context.js +2 -0
- package/lib/flag-providers.js +2 -0
- package/lib/flag-targeting.js +2 -0
- package/lib/flag.js +2 -0
- package/lib/forms.js +2 -0
- package/lib/framework-error.js +2 -0
- package/lib/framework-files.js +2 -0
- package/lib/framework-schema.js +2 -0
- package/lib/framework-sha1-hibp.js +2 -0
- package/lib/fsm.js +2 -0
- package/lib/gate-contract.js +2 -0
- package/lib/gdpr-ropa.js +2 -0
- package/lib/graphql-federation.js +2 -0
- package/lib/guard-agent-registry.js +2 -0
- package/lib/guard-all.js +2 -0
- package/lib/guard-archive.js +2 -0
- package/lib/guard-auth.js +2 -0
- package/lib/guard-cidr.js +2 -0
- package/lib/guard-csv.js +2 -0
- package/lib/guard-domain.js +2 -0
- package/lib/guard-dsn.js +2 -0
- package/lib/guard-email.js +2 -0
- package/lib/guard-envelope.js +2 -0
- package/lib/guard-event-bus-payload.js +2 -0
- package/lib/guard-event-bus-topic.js +2 -0
- package/lib/guard-filename.js +2 -0
- package/lib/guard-graphql.js +2 -0
- package/lib/guard-html-wcag-aria.js +2 -0
- package/lib/guard-html-wcag-forms.js +2 -0
- package/lib/guard-html-wcag-tables.js +2 -0
- package/lib/guard-html-wcag-tagwalk.js +2 -0
- package/lib/guard-html-wcag.js +2 -0
- package/lib/guard-html.js +2 -0
- package/lib/guard-idempotency-key.js +2 -0
- package/lib/guard-image.js +2 -0
- package/lib/guard-imap-command.js +2 -0
- package/lib/guard-jmap.js +2 -0
- package/lib/guard-json.js +2 -0
- package/lib/guard-jsonpath.js +2 -0
- package/lib/guard-jwt.js +2 -0
- package/lib/guard-list-id.js +2 -0
- package/lib/guard-list-unsubscribe.js +2 -0
- package/lib/guard-mail-compose.js +2 -0
- package/lib/guard-mail-move.js +2 -0
- package/lib/guard-mail-query.js +2 -0
- package/lib/guard-mail-reply.js +2 -0
- package/lib/guard-mail-sieve.js +2 -0
- package/lib/guard-managesieve-command.js +2 -0
- package/lib/guard-markdown.js +2 -0
- package/lib/guard-message-id.js +2 -0
- package/lib/guard-mime.js +2 -0
- package/lib/guard-oauth.js +2 -0
- package/lib/guard-pdf.js +2 -0
- package/lib/guard-pop3-command.js +2 -0
- package/lib/guard-posture-chain.js +2 -0
- package/lib/guard-regex.js +2 -0
- package/lib/guard-saga-config.js +2 -0
- package/lib/guard-shell.js +2 -0
- package/lib/guard-smtp-command.js +2 -0
- package/lib/guard-snapshot-envelope.js +2 -0
- package/lib/guard-sql.js +2 -0
- package/lib/guard-stream-args.js +2 -0
- package/lib/guard-svg.js +2 -0
- package/lib/guard-template.js +2 -0
- package/lib/guard-tenant-id.js +2 -0
- package/lib/guard-text.js +2 -0
- package/lib/guard-time.js +2 -0
- package/lib/guard-trace-context.js +2 -0
- package/lib/guard-uuid.js +2 -0
- package/lib/guard-xml.js +2 -0
- package/lib/guard-yaml.js +2 -0
- package/lib/hal.js +2 -0
- package/lib/handlers.js +2 -0
- package/lib/honeytoken.js +2 -0
- package/lib/html-balance.js +2 -0
- package/lib/http-client-cache.js +2 -0
- package/lib/http-client-cookie-jar.js +2 -0
- package/lib/http-client.js +2 -0
- package/lib/http-message-signature.js +2 -0
- package/lib/http2-teardown.js +2 -0
- package/lib/i18n-messageformat.js +2 -0
- package/lib/i18n.js +2 -0
- package/lib/iab-mspa.js +2 -0
- package/lib/iab-tcf.js +2 -0
- package/lib/importmap-integrity.js +2 -0
- package/lib/inbox.js +2 -0
- package/lib/incident-report.js +2 -0
- package/lib/ip-utils.js +2 -0
- package/lib/jobs.js +2 -0
- package/lib/jose-jwe-experimental.js +2 -0
- package/lib/json-merge-patch.js +2 -0
- package/lib/json-patch.js +2 -0
- package/lib/json-path.js +2 -0
- package/lib/json-pointer.js +2 -0
- package/lib/json-schema.js +2 -0
- package/lib/jsonapi.js +2 -0
- package/lib/jtd.js +2 -0
- package/lib/jwk.js +2 -0
- package/lib/keychain.js +32 -10
- package/lib/lazy-require.js +2 -0
- package/lib/legal-hold.js +2 -0
- package/lib/link-header.js +2 -0
- package/lib/local-db-thin.js +2 -0
- package/lib/log-stream-cloudwatch.js +2 -0
- package/lib/log-stream-local.js +2 -0
- package/lib/log-stream-otlp-grpc.js +2 -0
- package/lib/log-stream-otlp.js +2 -0
- package/lib/log-stream-syslog.js +2 -0
- package/lib/log-stream-webhook.js +2 -0
- package/lib/log-stream.js +2 -0
- package/lib/log.js +2 -0
- package/lib/lro.js +2 -0
- package/lib/mail-agent.js +2 -0
- package/lib/mail-arc-reuse-token.js +2 -0
- package/lib/mail-arc-sign.js +2 -0
- package/lib/mail-arf.js +2 -0
- package/lib/mail-auth.js +7 -1
- package/lib/mail-bimi.js +2 -0
- package/lib/mail-bounce.js +2 -0
- package/lib/mail-crypto-pgp.js +2 -0
- package/lib/mail-crypto-smime.js +2 -0
- package/lib/mail-crypto.js +2 -0
- package/lib/mail-dav.js +2 -0
- package/lib/mail-deploy.js +2 -0
- package/lib/mail-dkim.js +2 -0
- package/lib/mail-greylist.js +2 -0
- package/lib/mail-helo.js +2 -0
- package/lib/mail-journal.js +2 -0
- package/lib/mail-mdn.js +2 -0
- package/lib/mail-rbl.js +2 -0
- package/lib/mail-require-tls.js +2 -0
- package/lib/mail-scan.js +2 -0
- package/lib/mail-send-deliver.js +2 -0
- package/lib/mail-server-imap.js +2 -0
- package/lib/mail-server-jmap.js +2 -0
- package/lib/mail-server-managesieve.js +2 -0
- package/lib/mail-server-mx.js +2 -0
- package/lib/mail-server-net.js +2 -0
- package/lib/mail-server-pop3.js +2 -0
- package/lib/mail-server-rate-limit.js +2 -0
- package/lib/mail-server-registry.js +2 -0
- package/lib/mail-server-submission.js +2 -0
- package/lib/mail-server-tls.js +2 -0
- package/lib/mail-sieve.js +2 -0
- package/lib/mail-spam-score.js +2 -0
- package/lib/mail-srs.js +2 -0
- package/lib/mail-store-fts.js +2 -0
- package/lib/mail-store.js +2 -0
- package/lib/mail-unsubscribe.js +2 -0
- package/lib/mail.js +2 -0
- package/lib/markup-escape.js +2 -0
- package/lib/markup-tokenizer.js +2 -0
- package/lib/mcp-tool-registry.js +2 -0
- package/lib/mcp.js +2 -0
- package/lib/mdoc.js +2 -0
- package/lib/metrics.js +2 -0
- package/lib/middleware/age-gate.js +2 -0
- package/lib/middleware/ai-act-disclosure.js +2 -0
- package/lib/middleware/api-encrypt.js +2 -0
- package/lib/middleware/assetlinks.js +2 -0
- package/lib/middleware/asyncapi-serve.js +2 -0
- package/lib/middleware/attach-user.js +2 -0
- package/lib/middleware/bearer-auth.js +2 -0
- package/lib/middleware/body-parser.js +2 -0
- package/lib/middleware/bot-disclose.js +2 -0
- package/lib/middleware/bot-guard.js +2 -0
- package/lib/middleware/clear-site-data.js +2 -0
- package/lib/middleware/compose-pipeline.js +2 -0
- package/lib/middleware/compression.js +2 -0
- package/lib/middleware/cookies.js +2 -0
- package/lib/middleware/cors.js +2 -0
- package/lib/middleware/csp-nonce.js +2 -0
- package/lib/middleware/csp-report.js +2 -0
- package/lib/middleware/csrf-protect.js +2 -0
- package/lib/middleware/daily-byte-quota.js +2 -0
- package/lib/middleware/db-role-for.js +2 -0
- package/lib/middleware/deny-response.js +2 -0
- package/lib/middleware/dpop.js +2 -0
- package/lib/middleware/error-handler.js +2 -0
- package/lib/middleware/fetch-metadata.js +2 -0
- package/lib/middleware/flag-context.js +2 -0
- package/lib/middleware/gpc.js +2 -0
- package/lib/middleware/headers.js +2 -0
- package/lib/middleware/health.js +2 -0
- package/lib/middleware/host-allowlist.js +2 -0
- package/lib/middleware/idempotency-key.js +2 -0
- package/lib/middleware/index.js +2 -0
- package/lib/middleware/nel.js +2 -0
- package/lib/middleware/network-allowlist.js +2 -0
- package/lib/middleware/no-cache.js +2 -0
- package/lib/middleware/openapi-serve.js +2 -0
- package/lib/middleware/protected-resource-metadata.js +2 -0
- package/lib/middleware/rate-limit.js +2 -0
- package/lib/middleware/request-id.js +2 -0
- package/lib/middleware/request-log.js +2 -0
- package/lib/middleware/require-aal.js +2 -0
- package/lib/middleware/require-auth.js +2 -0
- package/lib/middleware/require-bound-key.js +2 -0
- package/lib/middleware/require-content-type.js +2 -0
- package/lib/middleware/require-methods.js +2 -0
- package/lib/middleware/require-mtls.js +2 -0
- package/lib/middleware/require-step-up.js +2 -0
- package/lib/middleware/scim-server.js +2 -0
- package/lib/middleware/security-headers.js +2 -0
- package/lib/middleware/security-txt.js +2 -0
- package/lib/middleware/span-http-server.js +2 -0
- package/lib/middleware/speculation-rules.js +2 -0
- package/lib/middleware/sse.js +2 -0
- package/lib/middleware/trace-log-correlation.js +2 -0
- package/lib/middleware/trace-propagate.js +2 -0
- package/lib/middleware/tus-upload.js +2 -0
- package/lib/middleware/web-app-manifest.js +2 -0
- package/lib/migration-files.js +2 -0
- package/lib/migrations.js +2 -0
- package/lib/mime-parse.js +2 -0
- package/lib/module-loader.js +2 -0
- package/lib/money.js +2 -0
- package/lib/mtls-ca.js +2 -0
- package/lib/mtls-engine-default.js +2 -0
- package/lib/network-byte-quota.js +2 -0
- package/lib/network-dane.js +2 -0
- package/lib/network-dns-resolver.js +2 -0
- package/lib/network-dns.js +2 -0
- package/lib/network-dnssec.js +2 -0
- package/lib/network-heartbeat.js +2 -0
- package/lib/network-nts.js +2 -0
- package/lib/network-proxy.js +2 -0
- package/lib/network-smtp-policy.js +6 -1
- package/lib/network-tls.js +2 -0
- package/lib/network-tsig.js +2 -0
- package/lib/network.js +2 -0
- package/lib/nis2-report.js +2 -0
- package/lib/nist-crosswalk.js +2 -0
- package/lib/nonce-store.js +2 -0
- package/lib/notify.js +2 -0
- package/lib/ntp-check.js +2 -0
- package/lib/numeric-bounds.js +2 -0
- package/lib/numeric-checks.js +2 -0
- package/lib/object-store/azure-blob-bucket-ops.js +2 -0
- package/lib/object-store/azure-blob.js +2 -0
- package/lib/object-store/gcs-bucket-ops.js +2 -0
- package/lib/object-store/gcs.js +2 -0
- package/lib/object-store/http-put.js +2 -0
- package/lib/object-store/http-request.js +2 -0
- package/lib/object-store/index.js +2 -0
- package/lib/object-store/local.js +2 -0
- package/lib/object-store/sigv4-bucket-ops.js +2 -0
- package/lib/object-store/sigv4.js +2 -0
- package/lib/observability-otlp-exporter.js +2 -0
- package/lib/observability-tracer.js +2 -0
- package/lib/observability.js +2 -0
- package/lib/openapi-paths-builder.js +2 -0
- package/lib/openapi-schema-walk.js +2 -0
- package/lib/openapi-security.js +2 -0
- package/lib/openapi-yaml.js +2 -0
- package/lib/openapi.js +2 -0
- package/lib/otel-export.js +2 -0
- package/lib/outbox.js +2 -0
- package/lib/pagination.js +2 -0
- package/lib/parsers/index.js +2 -0
- package/lib/parsers/safe-env.js +2 -0
- package/lib/parsers/safe-ini.js +2 -0
- package/lib/parsers/safe-toml.js +2 -0
- package/lib/parsers/safe-xml.js +2 -0
- package/lib/parsers/safe-yaml.js +2 -0
- package/lib/permissions.js +2 -0
- package/lib/pick.js +2 -0
- package/lib/pipl-cn.js +2 -0
- package/lib/pqc-agent.js +2 -0
- package/lib/pqc-gate.js +2 -0
- package/lib/pqc-software.js +2 -0
- package/lib/privacy-pass.js +2 -0
- package/lib/privacy.js +2 -0
- package/lib/problem-details.js +2 -0
- package/lib/process-spawn.js +2 -0
- package/lib/promise-pool.js +2 -0
- package/lib/protobuf-encoder.js +2 -0
- package/lib/protocol-dispatcher.js +2 -0
- package/lib/public-suffix.js +2 -0
- package/lib/pubsub-cluster.js +2 -0
- package/lib/pubsub-redis.js +2 -0
- package/lib/pubsub.js +2 -0
- package/lib/queue-local.js +2 -0
- package/lib/queue-redis.js +2 -0
- package/lib/queue-sqs.js +2 -0
- package/lib/queue.js +2 -0
- package/lib/redact.js +2 -0
- package/lib/redis-client.js +2 -0
- package/lib/render.js +2 -0
- package/lib/request-helpers.js +2 -0
- package/lib/resource-access-lock.js +2 -0
- package/lib/restore-bundle.js +2 -0
- package/lib/restore-rollback.js +2 -0
- package/lib/restore.js +2 -0
- package/lib/retention.js +2 -0
- package/lib/retry.js +2 -0
- package/lib/rfc3339.js +2 -0
- package/lib/router.js +83 -18
- package/lib/safe-archive.js +2 -0
- package/lib/safe-async.js +2 -0
- package/lib/safe-buffer.js +2 -0
- package/lib/safe-decompress.js +2 -0
- package/lib/safe-dns.js +2 -0
- package/lib/safe-ical.js +2 -0
- package/lib/safe-icap.js +2 -0
- package/lib/safe-json.js +2 -0
- package/lib/safe-jsonpath.js +2 -0
- package/lib/safe-mime.js +2 -0
- package/lib/safe-mount-info.js +2 -0
- package/lib/safe-path.js +2 -0
- package/lib/safe-redirect.js +2 -0
- package/lib/safe-schema.js +2 -0
- package/lib/safe-sieve.js +2 -0
- package/lib/safe-smtp.js +2 -0
- package/lib/safe-sql.js +2 -0
- package/lib/safe-url.js +2 -0
- package/lib/safe-vcard.js +2 -0
- package/lib/sandbox-worker.js +2 -0
- package/lib/sandbox.js +2 -0
- package/lib/scheduler.js +2 -0
- package/lib/scitt.js +2 -0
- package/lib/sd-notify.js +2 -0
- package/lib/sec-cyber.js +2 -0
- package/lib/security-assert.js +2 -0
- package/lib/seeders.js +2 -0
- package/lib/self-update-standalone-verifier.js +2 -0
- package/lib/self-update.js +2 -0
- package/lib/server-timing.js +2 -0
- package/lib/session-device-binding.js +2 -0
- package/lib/session-stores.js +2 -0
- package/lib/session.js +2 -0
- package/lib/slug.js +2 -0
- package/lib/sql.js +2 -0
- package/lib/sse.js +2 -0
- package/lib/ssrf-guard.js +2 -0
- package/lib/standard-webhooks.js +2 -0
- package/lib/static.js +2 -0
- package/lib/storage.js +2 -0
- package/lib/stream-throttle.js +2 -0
- package/lib/structured-fields.js +2 -0
- package/lib/subject.js +2 -0
- package/lib/tcpa-10dlc.js +2 -0
- package/lib/template.js +2 -0
- package/lib/tenant-quota.js +2 -0
- package/lib/test-harness.js +2 -0
- package/lib/testing.js +2 -0
- package/lib/time.js +2 -0
- package/lib/tls-exporter.js +2 -0
- package/lib/totp.js +2 -0
- package/lib/tracing.js +2 -0
- package/lib/tsa.js +2 -0
- package/lib/uri-template.js +2 -0
- package/lib/uuid.js +2 -0
- package/lib/validate-opts.js +2 -0
- package/lib/vault/index.js +2 -0
- package/lib/vault/passphrase-ops.js +2 -0
- package/lib/vault/passphrase-source.js +2 -0
- package/lib/vault/rotate.js +2 -0
- package/lib/vault/seal-pem-file.js +2 -0
- package/lib/vault/wrap.js +2 -0
- package/lib/vault-aad.js +2 -0
- package/lib/vc.js +2 -0
- package/lib/vendor-data.js +2 -0
- package/lib/vex.js +2 -0
- package/lib/watcher.js +2 -0
- package/lib/web-push-vapid.js +2 -0
- package/lib/webhook-dispatcher.js +2 -0
- package/lib/webhook.js +2 -0
- package/lib/websocket-channels.js +2 -0
- package/lib/websocket.js +2 -0
- package/lib/wiki-concepts.js +2 -0
- package/lib/worker-pool.js +2 -0
- package/lib/worm.js +2 -0
- package/lib/ws-client.js +2 -0
- package/lib/x509-chain.js +2 -0
- package/lib/xml-c14n.js +2 -0
- package/package.json +1 -1
- package/sbom.cdx.json +6 -6
package/lib/keychain.js
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
// SPDX-License-Identifier: Apache-2.0
|
|
2
|
+
// Copyright (c) blamejs contributors
|
|
1
3
|
"use strict";
|
|
2
4
|
/**
|
|
3
5
|
* @module b.keychain
|
|
@@ -647,9 +649,20 @@ async function store(opts) {
|
|
|
647
649
|
}
|
|
648
650
|
|
|
649
651
|
_validateFallbackFile(opts.fallbackFile, "keychain.store");
|
|
650
|
-
|
|
651
|
-
|
|
652
|
-
|
|
652
|
+
// The lock sentinel lives beside fallbackFile, so its parent directory must
|
|
653
|
+
// exist before the FIRST writer can lock — otherwise the lock (added to
|
|
654
|
+
// serialize the RMW below) fails where the pre-lock atomicFile.write used to
|
|
655
|
+
// create the directory lazily on first store.
|
|
656
|
+
atomicFile.ensureDir(nodePath.dirname(opts.fallbackFile), 0o700);
|
|
657
|
+
// Serialize the read-modify-write so concurrent stores to the same
|
|
658
|
+
// fallbackFile can't each read the pre-update document and clobber one
|
|
659
|
+
// another's binding on write. atomicFile.lock is a cross-process file
|
|
660
|
+
// mutex; _removeFromFile serializes its RMW through the same lock.
|
|
661
|
+
await atomicFile.lock(opts.fallbackFile, async function () {
|
|
662
|
+
var doc = await _readFile(opts.fallbackFile, opts.passphrase);
|
|
663
|
+
doc.entries[_bindingKey(opts.service, opts.account)] = String(opts.password);
|
|
664
|
+
await _writeFile(opts.fallbackFile, doc, opts.passphrase);
|
|
665
|
+
});
|
|
653
666
|
_emit("keychain.stored", "success", {
|
|
654
667
|
service: opts.service, account: opts.account, backend: "file",
|
|
655
668
|
}, auditOn);
|
|
@@ -816,13 +829,18 @@ async function remove(opts) {
|
|
|
816
829
|
}
|
|
817
830
|
}
|
|
818
831
|
|
|
832
|
+
// Validate a supplied fallbackFile (reject a relative path) BEFORE the
|
|
833
|
+
// exists check, so a relative path throws keychain/relative-fallback-file
|
|
834
|
+
// consistently with store/retrieve instead of silently no-op'ing.
|
|
835
|
+
if (opts.fallbackFile) {
|
|
836
|
+
_validateFallbackFile(opts.fallbackFile, "keychain.remove");
|
|
837
|
+
}
|
|
819
838
|
if (!opts.fallbackFile || !atomicFile.exists(opts.fallbackFile)) {
|
|
820
839
|
_emit("keychain.removed", "no-op", {
|
|
821
840
|
service: opts.service, account: opts.account, backend: "file",
|
|
822
841
|
}, auditOn);
|
|
823
842
|
return false;
|
|
824
843
|
}
|
|
825
|
-
_validateFallbackFile(opts.fallbackFile, "keychain.remove");
|
|
826
844
|
var existed = await _removeFromFile(opts.fallbackFile, opts.service, opts.account, opts.passphrase);
|
|
827
845
|
_emit("keychain.removed", existed ? "success" : "no-op", {
|
|
828
846
|
service: opts.service, account: opts.account, backend: "file",
|
|
@@ -831,12 +849,16 @@ async function remove(opts) {
|
|
|
831
849
|
}
|
|
832
850
|
|
|
833
851
|
async function _removeFromFile(fallbackFile, service, account, passphrase) {
|
|
834
|
-
|
|
835
|
-
|
|
836
|
-
|
|
837
|
-
|
|
838
|
-
|
|
839
|
-
|
|
852
|
+
// Same serialized read-modify-write as store: hold the file mutex across
|
|
853
|
+
// read -> delete -> write so a concurrent store/remove can't lose the edit.
|
|
854
|
+
return await atomicFile.lock(fallbackFile, async function () {
|
|
855
|
+
var doc = await _readFile(fallbackFile, passphrase);
|
|
856
|
+
var bindingKey = _bindingKey(service, account);
|
|
857
|
+
if (!Object.prototype.hasOwnProperty.call(doc.entries, bindingKey)) return false;
|
|
858
|
+
delete doc.entries[bindingKey];
|
|
859
|
+
await _writeFile(fallbackFile, doc, passphrase);
|
|
860
|
+
return true;
|
|
861
|
+
});
|
|
840
862
|
}
|
|
841
863
|
|
|
842
864
|
// ---- Test seam -------------------------------------------------------------
|
package/lib/lazy-require.js
CHANGED
package/lib/legal-hold.js
CHANGED
package/lib/link-header.js
CHANGED
package/lib/local-db-thin.js
CHANGED
package/lib/log-stream-local.js
CHANGED
package/lib/log-stream-otlp.js
CHANGED
package/lib/log-stream-syslog.js
CHANGED
package/lib/log-stream.js
CHANGED
package/lib/log.js
CHANGED
package/lib/lro.js
CHANGED
package/lib/mail-agent.js
CHANGED
package/lib/mail-arc-sign.js
CHANGED
package/lib/mail-arf.js
CHANGED
package/lib/mail-auth.js
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
// SPDX-License-Identifier: Apache-2.0
|
|
2
|
+
// Copyright (c) blamejs contributors
|
|
1
3
|
"use strict";
|
|
2
4
|
/**
|
|
3
5
|
* b.mail.spf + b.mail.dmarc + b.mail.arc — inbound mail authentication
|
|
@@ -292,7 +294,7 @@ function _ipv4InCidr(ip, cidr) {
|
|
|
292
294
|
var slash = cidr.indexOf("/");
|
|
293
295
|
var net = slash === -1 ? cidr : cidr.slice(0, slash);
|
|
294
296
|
var mask = slash === -1 ? 32 : parseInt(cidr.slice(slash + 1), 10); // IPv4 max prefix
|
|
295
|
-
if (mask < 0 || mask > 32) return false;
|
|
297
|
+
if (!isFinite(mask) || mask < 0 || mask > 32) return false; // IPv4 max prefix
|
|
296
298
|
var ipInt = _ipv4ToInt(ip);
|
|
297
299
|
var netInt = _ipv4ToInt(net);
|
|
298
300
|
if (ipInt === null || netInt === null) return false;
|
|
@@ -2121,6 +2123,10 @@ function authResultsEmit(opts) {
|
|
|
2121
2123
|
|
|
2122
2124
|
var version = (opts.version === undefined || opts.version === null)
|
|
2123
2125
|
? "1" : String(opts.version);
|
|
2126
|
+
if (/[\r\n\0]/.test(version)) {
|
|
2127
|
+
throw new MailAuthError("mail-auth/ar-bad-version",
|
|
2128
|
+
"authResults.emit: version contains forbidden control characters");
|
|
2129
|
+
}
|
|
2124
2130
|
var head = opts.authservId + (version === "1" ? "" : " " + version);
|
|
2125
2131
|
|
|
2126
2132
|
if (opts.results.length === 0) {
|
package/lib/mail-bimi.js
CHANGED
package/lib/mail-bounce.js
CHANGED
package/lib/mail-crypto-pgp.js
CHANGED
package/lib/mail-crypto-smime.js
CHANGED
package/lib/mail-crypto.js
CHANGED
package/lib/mail-dav.js
CHANGED
package/lib/mail-deploy.js
CHANGED
package/lib/mail-dkim.js
CHANGED
package/lib/mail-greylist.js
CHANGED
package/lib/mail-helo.js
CHANGED
package/lib/mail-journal.js
CHANGED
package/lib/mail-mdn.js
CHANGED
package/lib/mail-rbl.js
CHANGED
package/lib/mail-require-tls.js
CHANGED
package/lib/mail-scan.js
CHANGED
package/lib/mail-send-deliver.js
CHANGED
package/lib/mail-server-imap.js
CHANGED
package/lib/mail-server-jmap.js
CHANGED
package/lib/mail-server-mx.js
CHANGED
package/lib/mail-server-net.js
CHANGED
package/lib/mail-server-pop3.js
CHANGED
package/lib/mail-server-tls.js
CHANGED
package/lib/mail-sieve.js
CHANGED
package/lib/mail-spam-score.js
CHANGED
package/lib/mail-srs.js
CHANGED
package/lib/mail-store-fts.js
CHANGED
package/lib/mail-store.js
CHANGED
package/lib/mail-unsubscribe.js
CHANGED
package/lib/mail.js
CHANGED
package/lib/markup-escape.js
CHANGED
package/lib/markup-tokenizer.js
CHANGED
package/lib/mcp-tool-registry.js
CHANGED
package/lib/mcp.js
CHANGED
package/lib/mdoc.js
CHANGED
package/lib/metrics.js
CHANGED
package/lib/middleware/cors.js
CHANGED