@blamejs/core 0.9.14 → 0.9.16

package/lib/db.js

@@ -41,8 +41,8 @@
  * @card
  *   Database core — SQLite (node:sqlite) wrapped in encrypted-at-rest storage, sealed-column field-level crypto, append-only audit-chain integration, declarative schema reconcile, and run-once migrations.
  */
-var fs = require("fs");
-var path = require("path");
+var nodeFs = require("fs");
+var nodePath = require("path");
 var { DatabaseSync } = require("node:sqlite");
 var { Readable } = require("node:stream");
 var atomicFile = require("./atomic-file");
@@ -92,7 +92,7 @@ var _dbErr = DbError.factory;
 
 // Lazy: cluster-storage's _localDb pulls db back in, so eager require
 // would deadlock the load order. cluster-storage is only used on the
-// purge-audit-chain external-db path, which always runs after init.
+// purge-audit-chain external-db nodePath, which always runs after init.
 var clusterStorage = lazyRequire(function () { return require("./cluster-storage"); });
 
 // Lazy refs for the test-reset cascade. Each module requires db.js
@@ -639,7 +639,7 @@ function resolveTmpDir(optsTmpDir) {
   if (optsTmpDir) return optsTmpDir;
   var envTmp = safeEnv.readVar("BLAMEJS_TMPDIR");
   if (envTmp) return envTmp;
-  if (fs.existsSync("/dev/shm")) return "/dev/shm";
+  if (nodeFs.existsSync("/dev/shm")) return "/dev/shm";
   return null;
 }
 
@@ -650,8 +650,8 @@ function loadOrCreateDbKey(dataDirPath, keyPathOverride) {
   // needs to live outside `dataDir` (e.g. a separate volume mounted
   // from a KMS-fronted secret store). Default places it next to the
   // encrypted DB so backup capture is one-tarball.
-  var keyPath = keyPathOverride || path.join(dataDirPath, "db.key.enc");
-  if (fs.existsSync(keyPath)) {
+  var keyPath = keyPathOverride || nodePath.join(dataDirPath, "db.key.enc");
+  if (nodeFs.existsSync(keyPath)) {
     var sealed = atomicFile.readSync(keyPath, { encoding: "utf8" }).trim();
     var b64 = vault.unseal(sealed);
     if (!b64) {
@@ -669,18 +669,18 @@ function loadOrCreateDbKey(dataDirPath, keyPathOverride) {
 }
 
 function decryptToTmp() {
-  if (!encPath || !fs.existsSync(encPath)) return;
+  if (!encPath || !nodeFs.existsSync(encPath)) return;
   // If a plaintext file already exists in tmpfs from a prior process, prefer
   // the newer mtime (crash recovery — operator's most recent state wins).
-  if (fs.existsSync(dbPath)) {
-    var plainStat = fs.statSync(dbPath);
-    var encStat = fs.statSync(encPath);
+  if (nodeFs.existsSync(dbPath)) {
+    var plainStat = nodeFs.statSync(dbPath);
+    var encStat = nodeFs.statSync(encPath);
     if (plainStat.mtimeMs > encStat.mtimeMs && plainStat.size > 0) {
       log("plaintext is newer than encrypted — keeping plaintext (crash recovery)");
       return;
     }
   }
-  var packed = fs.readFileSync(encPath);
+  var packed = nodeFs.readFileSync(encPath);
   if (packed.length < 26) return; // too short to be a valid envelope
   // AAD binds the envelope to this deployment's data dir so two
   // installs sharing the same operator passphrase can't swap each
@@ -703,8 +703,8 @@ function encryptToDisk() {
   if (!encPath) return;
   // Force WAL checkpoint so the .db file holds all committed transactions.
   try { runSql(database, "PRAGMA wal_checkpoint(TRUNCATE)"); } catch (_e) { /* best effort */ }
-  if (!fs.existsSync(dbPath)) return;
-  atomicFile.writeSync(encPath, encryptPacked(fs.readFileSync(dbPath), encKey, _dbEncAad(dataDir)));
+  if (!nodeFs.existsSync(dbPath)) return;
+  atomicFile.writeSync(encPath, encryptPacked(nodeFs.readFileSync(dbPath), encKey, _dbEncAad(dataDir)));
 }
 
 /**
@@ -737,11 +737,11 @@ function snapshot() {
   // so the snapshot reflects the current logical state, not just the
   // pre-WAL pages.
   try { runSql(database, "PRAGMA wal_checkpoint(TRUNCATE)"); } catch (_e) { /* best effort */ }
-  if (!fs.existsSync(dbPath)) {
+  if (!nodeFs.existsSync(dbPath)) {
     throw _dbErr("db/snapshot-no-source",
       "snapshot: plaintext DB at " + dbPath + " is missing — did init complete?");
   }
-  var plain = fs.readFileSync(dbPath);
+  var plain = nodeFs.readFileSync(dbPath);
   if (!encPath || !encKey) {
     // atRest: 'plain' — return the raw bytes. Operators wanting an
     // encrypted snapshot under plain mode wrap with their own
@@ -756,9 +756,9 @@ function snapshot() {
 // database.close().
 function removePlaintextFiles() {
   if (!dbPath) return;
-  try { fs.unlinkSync(dbPath); } catch (_e) { /* cleanup */ }
-  try { fs.unlinkSync(dbPath + "-wal"); } catch (_e) { /* cleanup */ }
-  try { fs.unlinkSync(dbPath + "-shm"); } catch (_e) { /* cleanup */ }
+  try { nodeFs.unlinkSync(dbPath); } catch (_e) { /* cleanup */ }
+  try { nodeFs.unlinkSync(dbPath + "-wal"); } catch (_e) { /* cleanup */ }
+  try { nodeFs.unlinkSync(dbPath + "-shm"); } catch (_e) { /* cleanup */ }
 }
 
 // Clean up stale plaintext DB files left by previously-crashed processes.
@@ -771,9 +771,9 @@ function cleanStaleTmpDbs(tmpDir) {
   for (var i = 0; i < entries.length; i++) {
     var full = entries[i].fullPath;
     if (full === dbPath) continue;
-    try { fs.unlinkSync(full); } catch (_e) { /* concurrent cleanup */ }
-    try { fs.unlinkSync(full + "-wal"); } catch (_e) { /* may not exist */ }
-    try { fs.unlinkSync(full + "-shm"); } catch (_e) { /* may not exist */ }
+    try { nodeFs.unlinkSync(full); } catch (_e) { /* concurrent cleanup */ }
+    try { nodeFs.unlinkSync(full + "-wal"); } catch (_e) { /* may not exist */ }
+    try { nodeFs.unlinkSync(full + "-shm"); } catch (_e) { /* may not exist */ }
   }
 }
 
@@ -865,7 +865,7 @@ async function init(opts) {
     streamLimit = opts.streamLimit;
   }
   dataDir = opts.dataDir;
-  if (!fs.existsSync(dataDir)) fs.mkdirSync(dataDir, { recursive: true });
+  if (!nodeFs.existsSync(dataDir)) nodeFs.mkdirSync(dataDir, { recursive: true });
 
   if (atRest === "encrypted") {
     var tmpDir = resolveTmpDir(opts.tmpDir);
@@ -874,7 +874,7 @@ async function init(opts) {
         "FATAL: atRest: 'encrypted' (default) requires tmpfs but none was found. " +
         "Provide opts.tmpDir or set BLAMEJS_TMPDIR, or pass atRest: 'plain' (with warning).");
     }
-    if (!fs.existsSync(tmpDir)) fs.mkdirSync(tmpDir, { recursive: true });
+    if (!nodeFs.existsSync(tmpDir)) nodeFs.mkdirSync(tmpDir, { recursive: true });
 
     // D-H7 — if the resolved tmpDir is NOT actually tmpfs, the
     // plaintext DB file lives on persistent storage. statvfs/statfs
@@ -884,7 +884,7 @@ async function init(opts) {
     // out-of-band.
     if (process.platform === "linux") {
       var realTmp = "";
-      try { realTmp = fs.realpathSync(tmpDir); } catch (_e) { /* stat best-effort */ }
+      try { realTmp = nodeFs.realpathSync(tmpDir); } catch (_e) { /* stat best-effort */ }
       if (realTmp.indexOf("/dev/shm") !== 0 && realTmp.indexOf("/run/shm") !== 0 &&
           realTmp.indexOf("/run/user/") !== 0 && realTmp.indexOf("/tmp") !== 0) {
         log.warn("WARNING: db.init: tmpDir '" + tmpDir + "' (real: '" + realTmp +
@@ -894,13 +894,13 @@ async function init(opts) {
       }
     }
 
-    // Operator overrides for the encrypted-DB on-disk path. `opts.encryptedDbPath`
-    // takes a fully-qualified path; `opts.encryptedDbName` overrides
+    // Operator overrides for the encrypted-DB on-disk nodePath. `opts.encryptedDbPath`
+    // takes a fully-qualified nodePath; `opts.encryptedDbName` overrides
     // just the basename under `dataDir` (default "db.enc"). Helps when
     // multiple framework-shaped instances share a dataDir.
     encPath = opts.encryptedDbPath ||
-              path.join(dataDir, opts.encryptedDbName || "db.enc");
-    dbPath  = path.join(tmpDir, "blamejs-" + generateToken(C.BYTES.bytes(16)) + ".db");
+              nodePath.join(dataDir, opts.encryptedDbName || "db.enc");
+    dbPath  = nodePath.join(tmpDir, "blamejs-" + generateToken(C.BYTES.bytes(16)) + ".db");
     encKey  = loadOrCreateDbKey(dataDir, opts.dbKeyPath);
 
     cleanStaleTmpDbs(tmpDir);
@@ -910,7 +910,7 @@ async function init(opts) {
     log.warn("WARNING: atRest: 'plain' — DB structure and row counts visible on disk.");
     log.warn("         Field-level encryption (sealedFields) still protects sealed columns,");
     log.warn("         but the simpler at-rest model is opt-out only. Default is 'encrypted'.");
-    dbPath = path.join(dataDir, "blamejs.db");
+    dbPath = nodePath.join(dataDir, "blamejs.db");
     encPath = null;
     encKey = null;
   }
@@ -1499,7 +1499,7 @@ function stream(sql) {
 // review can reconstruct schema evolution from the chain alone (D-M1).
 var DDL_RE = /^\s*(CREATE|DROP|ALTER|TRUNCATE|RENAME|ATTACH|DETACH|REINDEX)\b/i;
 
-// D-L7 — slow-query observability buckets for the local SQLite path.
+// D-L7 — slow-query observability buckets for the local SQLite nodePath.
 // Highest matched bucket wins so the per-query emit is single-shot;
 // operators dashboard on the `bucket` label.
 var _SLOW_QUERY_BUCKETS_LOCAL = Object.freeze([
@@ -1907,7 +1907,7 @@ function exportCsv(opts) {
  * cluster leader, re-encrypts the live tmpfs database back to
  * `<dataDir>/db.enc`, closes the SQLite handle (releasing the file
  * lock on Windows), then unlinks the plaintext sidecar files in
- * tmpfs. Safe to call multiple times — no-ops after the first
+ * tmpnodeFs. Safe to call multiple times — no-ops after the first
  * successful close.
  *
  * @example
@@ -2327,8 +2327,8 @@ function eraseHard(tableName, rowId, opts) {
 // Read the audit.tip sidecar file in dataDir and compare to the current
 // audit_log MAX(monotonicCounter). Refuse boot on rollback (current < tip).
 function _checkRollback(dataDirPath) {
-  var tipPath = path.join(dataDirPath, "audit.tip");
-  if (!fs.existsSync(tipPath)) {
+  var tipPath = nodePath.join(dataDirPath, "audit.tip");
+  if (!nodeFs.existsSync(tipPath)) {
     log("no audit.tip sidecar — skipping rollback check (first boot or operator-cleared)");
     return;
   }
@@ -3104,7 +3104,7 @@ module.exports = {
   // Helper for audit.checkpoint to write the rollback-detection sidecar
   _writeAuditTip: function (tip) {
     if (!dataDir) return;
-    var tipPath = path.join(dataDir, "audit.tip");
+    var tipPath = nodePath.join(dataDir, "audit.tip");
     atomicFile.writeSync(tipPath, JSON.stringify(tip, null, 2), { fileMode: 0o600 });
   },
 };

package/lib/dev.js

@@ -11,7 +11,7 @@
  *   spawned app's logs unchanged.
  *
  *   The hot-reload loop spawns the app as a child process, watches the
- *   source directories with `fs.watch({ recursive: true })`, and
+ *   source directories with `nodeFs.watch({ recursive: true })`, and
  *   restarts the child when an unignored file changes. On-disk state
  *   (vault keys, encrypted DB, sealed cookies) survives the restart
  *   because the child re-opens the files; only in-process state is
@@ -41,18 +41,18 @@
  *
  *   Test seams: `opts._spawn(cmd, args, sopts)` and
  *   `opts._watch(dir, wopts, listener)` default to `child_process.spawn`
- *   and `fs.watch`; unit tests pass fakes to drive the engine without
+ *   and `nodeFs.watch`; unit tests pass fakes to drive the engine without
  *   real subprocesses.
  *
  * @card
  *   Dev-mode helpers — hot-reload signal (file watch + child-process restart), route-list dump exposed via `dev.stats()`, and a request inspector courtesy of `stdio: 'inherit'` so the operator sees the spawned app's logs unchanged.
  */
 
-var path = require("path");
-var fs = require("fs");
+var nodePath = require("path");
+var nodeFs = require("fs");
 var lazyRequire = require("./lazy-require");
 var logModule = require("./log");
-var nb = require("./numeric-bounds");
+var numericBounds = require("./numeric-bounds");
 var safeEnv = require("./parsers/safe-env");
 var validateOpts = require("./validate-opts");
 var { FrameworkError } = require("./framework-error");
@@ -166,11 +166,11 @@ function create(opts) {
   var ignore       = Array.isArray(opts.ignore)
     ? DEFAULT_IGNORE.concat(opts.ignore)
     : DEFAULT_IGNORE.slice();
-  nb.requireNonNegativeFiniteIntIfPresent(opts.graceMs,
+  numericBounds.requireNonNegativeFiniteIntIfPresent(opts.graceMs,
     "dev.create: opts.graceMs", DevError, "dev/bad-grace-ms");
   var graceMs = opts.graceMs !== undefined ? opts.graceMs : DEFAULT_GRACE_MS;
   var killSignal   = typeof opts.killSignal === "string" ? opts.killSignal : DEFAULT_KILL_SIGNAL;
-  nb.requireNonNegativeFiniteIntIfPresent(opts.killTimeoutMs,
+  numericBounds.requireNonNegativeFiniteIntIfPresent(opts.killTimeoutMs,
     "dev.create: opts.killTimeoutMs", DevError, "dev/bad-kill-timeout-ms");
   var killTimeoutMs = opts.killTimeoutMs !== undefined ? opts.killTimeoutMs : DEFAULT_KILL_TIMEOUT_MS;
   var log          = opts.log || null;
@@ -198,7 +198,7 @@ function create(opts) {
     return childProcess().spawn(cmd, sargs, sopts);
   };
   var watchFn = opts._watch || function (dir, wopts, listener) {
-    return fs.watch(dir, wopts, listener);
+    return nodeFs.watch(dir, wopts, listener);
   };
   var setTimeoutFn  = opts._setTimeout  || setTimeout;
   var clearTimeoutFn = opts._clearTimeout || clearTimeout;
@@ -313,7 +313,7 @@ function create(opts) {
   function _onWatchEvent(dir, eventType, filename) {
     if (!filename) return;
     var rel = String(filename);
-    var full = path.join(dir, rel);
+    var full = nodePath.join(dir, rel);
     if (_matchesAny(ignore, rel) || _matchesAny(ignore, full)) return;
     _scheduleRestart(eventType + ":" + rel);
   }
@@ -321,7 +321,7 @@ function create(opts) {
   function _armWatchers() {
     for (var i = 0; i < watch.length; i++) {
       (function (dir) {
-        var resolved = path.isAbsolute(dir) ? dir : path.resolve(cwd, dir);
+        var resolved = nodePath.isAbsolute(dir) ? dir : nodePath.resolve(cwd, dir);
         var w;
         try {
           w = watchFn(resolved, { recursive: true, persistent: false }, function (eventType, filename) {

package/lib/dr-runbook.js

@@ -42,8 +42,8 @@
  *   Disaster-recovery runbook executor — composes pre-recorded regulatory steps, operator confirmation gates, and the framework's audit chain into a posture-appropriate Markdown runbook a regulator can read alongside `b.audit`.
  */
 
-var fs = require("fs");
-var path = require("path");
+var nodeFs = require("fs");
+var nodePath = require("path");
 var C = require("./constants");
 var atomicFile = require("./atomic-file");
 var lazyRequire = require("./lazy-require");
@@ -333,11 +333,11 @@ async function emit(opts) {
   var body = sections.join("\n");
 
   // Ensure outDir exists.
-  if (!fs.existsSync(opts.outDir)) {
-    fs.mkdirSync(opts.outDir, { recursive: true });
+  if (!nodeFs.existsSync(opts.outDir)) {
+    nodeFs.mkdirSync(opts.outDir, { recursive: true });
   }
   var filename = opts.filename || ("runbook-" + opts.posture + ".md");
-  var outPath = path.join(opts.outDir, filename);
+  var outPath = nodePath.join(opts.outDir, filename);
   atomicFile.writeSync(outPath, body, { fileMode: 0o644 });
 
   if (auditOn) {

package/lib/dual-control.js

@@ -31,7 +31,7 @@
  *   M-of-N approval workflow for destructive operations (eraseHard, key rotation, etc.).
  */
 var lazyRequire = require("./lazy-require");
-var crypto = require("./crypto");
+var bCrypto = require("./crypto");
 var requestHelpers = require("./request-helpers");
 var validateOpts = require("./validate-opts");
 var C = require("./constants");
@@ -261,7 +261,7 @@ function create(opts) {
     if (reasonProblem) {
       return Object.assign({ grantId: null }, reasonProblem);
     }
-    var grantId = "dc-" + crypto.generateToken(C.BYTES.bytes(8));
+    var grantId = "dc-" + bCrypto.generateToken(C.BYTES.bytes(8));
     var nowMs = Date.now();
     var record = {
       grantId:        grantId,

package/lib/external-db-migrate.js

@@ -48,7 +48,7 @@
  *   - externaldb.migrate.lock.acquired   { holder }
  *   - externaldb.migrate.lock.released   { holder }
  */
-var path = require("path");
+var nodePath = require("path");
 var atomicFile = require("./atomic-file");
 var canonicalJson = require("./canonical-json");
 var { sha3Hash } = require("./crypto");
@@ -64,7 +64,7 @@ var ExternalDbMigrateError = defineClass("ExternalDbMigrateError", { alwaysPerma
 
 // Lazy require — external-db imports back into this module via its
 // public `migrate` namespace; load-order would cycle without lazy.
-var externalDbModule = lazyRequire(function () { return require("./external-db"); });
+var externalDb = lazyRequire(function () { return require("./external-db"); });
 
 var TRACKING_TABLE = "_blamejs_externaldb_migrations";
 var LOCK_TABLE     = "_blamejs_externaldb_migrations_lock";
@@ -285,7 +285,7 @@ function _list(dir) {
 }
 
 function _loadMigration(file, dir) {
-  var fullPath = path.join(dir, file);
+  var fullPath = nodePath.join(dir, file);
   // Drop the require cache so a test/dev that edits a file picks up the
   // new content. Matches lib/migrations.js semantics.
   try { delete require.cache[require.resolve(fullPath)]; } catch (_e) { /* not yet cached */ }
@@ -327,7 +327,7 @@ function _resolveBackendName(opts) {
   }
   // Default to the externalDb's defaultBackend; throw clear if not initialized.
   var listed;
-  try { listed = externalDbModule().listBackends(); }
+  try { listed = externalDb().listBackends(); }
   catch (_e) {
     throw _err("externaldb-migrate/not-initialized",
       "externalDb is not initialized — call b.externalDb.init({ backends }) first");
@@ -363,14 +363,14 @@ function create(opts) {
 
   function _ctx(backendName) {
     return {
-      externalDb:  externalDbModule(),
+      externalDb:  externalDb(),
       backendName: backendName,
     };
   }
 
   async function status() {
     var backendName = _resolveBackendName(opts);
-    return await externalDbModule().transaction(async function (xdb) {
+    return await externalDb().transaction(async function (xdb) {
       await _ensureTrackingTable(xdb);
       var res = await xdb.query(
         "SELECT name, description, appliedAt FROM " + Q_TRACKING +
@@ -394,7 +394,7 @@ function create(opts) {
     var backendName = _resolveBackendName(opts);
     var ctx = _ctx(backendName);
 
-    return await externalDbModule().transaction(async function (xdb) {
+    return await externalDb().transaction(async function (xdb) {
       await _ensureTrackingTable(xdb);
       await _ensureLockTable(xdb);
       await _ensureHistoryTable(xdb);
@@ -404,7 +404,7 @@ function create(opts) {
       // pool acquisition for the lock connection — the migrate runner
       // serializes apply order, so this single-connection lock is
       // sufficient.
-      var lockResult = await externalDbModule().transaction(async function (xdb) {
+      var lockResult = await externalDb().transaction(async function (xdb) {
         return await _acquireLock(xdb, opts);
       }, { backend: backendName });
       var lockHolder = lockResult.holder;
@@ -421,7 +421,7 @@ function create(opts) {
       }
 
       try {
-        var appliedRes = await externalDbModule().query(
+        var appliedRes = await externalDb().query(
           "SELECT name FROM " + Q_TRACKING, [], { backend: backendName }
         );
         var appliedSet = new Set(((appliedRes && appliedRes.rows) || []).map(function (r) { return r.name; }));
@@ -435,7 +435,7 @@ function create(opts) {
           var mod = _loadMigration(file, dir);
           var t0 = Date.now();
           try {
-            await externalDbModule().transaction(async function (xdb) {
+            await externalDb().transaction(async function (xdb) {
               await mod.up(xdb, ctx);
               var ranAt = new Date().toISOString();
               await xdb.query(
@@ -489,7 +489,7 @@ function create(opts) {
         return { applied: applied, skipped: skipped, backend: backendName };
       } finally {
         try {
-          await externalDbModule().transaction(async function (xdb) {
+          await externalDb().transaction(async function (xdb) {
             await _releaseLock(xdb, lockHolder);
           }, { backend: backendName });
           _emit(audit, "externaldb.migrate.lock.released", "success",
@@ -509,12 +509,12 @@ function create(opts) {
     var backendName = _resolveBackendName(opts);
     var ctx = _ctx(backendName);
 
-    await externalDbModule().transaction(async function (xdb) {
+    await externalDb().transaction(async function (xdb) {
       await _ensureTrackingTable(xdb);
       await _ensureLockTable(xdb);
     }, { backend: backendName });
 
-    var lockResultDown = await externalDbModule().transaction(async function (xdb) {
+    var lockResultDown = await externalDb().transaction(async function (xdb) {
       return await _acquireLock(xdb, opts);
     }, { backend: backendName });
     var lockHolder = lockResultDown.holder;
@@ -528,7 +528,7 @@ function create(opts) {
     }
 
     try {
-      var appliedRes = await externalDbModule().query(
+      var appliedRes = await externalDb().query(
         "SELECT name FROM " + Q_TRACKING + " ORDER BY appliedAt DESC, name DESC LIMIT $1",
         [steps], { backend: backendName }
       );
@@ -543,7 +543,7 @@ function create(opts) {
         }
         var t0 = Date.now();
         try {
-          await externalDbModule().transaction(async function (xdb) {
+          await externalDb().transaction(async function (xdb) {
             await mod.down(xdb, ctx);
             await xdb.query(
               "DELETE FROM " + Q_TRACKING + " WHERE name = $1",
@@ -564,7 +564,7 @@ function create(opts) {
       return { reverted: reverted, backend: backendName };
     } finally {
       try {
-        await externalDbModule().transaction(async function (xdb) {
+        await externalDb().transaction(async function (xdb) {
           await _releaseLock(xdb, lockHolder);
         }, { backend: backendName });
         _emit(audit, "externaldb.migrate.lock.released", "success",
@@ -588,7 +588,7 @@ function create(opts) {
   async function history(historyOpts) {
     historyOpts = historyOpts || {};
     var backendName = _resolveBackendName(opts);
-    return await externalDbModule().transaction(async function (xdb) {
+    return await externalDb().transaction(async function (xdb) {
       await _ensureHistoryTable(xdb);
       var res = await xdb.query(
         "SELECT version, ranAt, ranBy, schemaIntrospectionHash, signature, publicKeyFingerprint " +

package/lib/external-db.js

@@ -754,8 +754,8 @@ async function transaction(fn, opts) {
           if (isTransient && attempt <= maxRetries) {
             _emitMetric("externaldb.transaction.retry", 1,
               { backend: b.name, code: txErr.code, attempt: String(attempt) });
-            var nodeCryptoRetry = require("node:crypto");
-            var jitter = nodeCryptoRetry.randomInt(0, 6);                          // allow:raw-byte-literal — 0-5ms jitter
+            var nodeCrypto = require("node:crypto");
+            var jitter = nodeCrypto.randomInt(0, 6);                          // allow:raw-byte-literal — 0-5ms jitter
             await safeAsync.sleep(attempt * 5 + jitter);                           // allow:raw-time-literal — sub-second backoff
             continue;
           }

package/lib/fdx.js

@@ -85,7 +85,7 @@ var fapi2 = require("./fapi2");
 var C = require("./constants");
 var audit = require("./audit");
 var validateOpts = require("./validate-opts");
-var nb = require("./numeric-bounds");
+var numericBounds = require("./numeric-bounds");
 var { defineClass } = require("./framework-error");
 var FdxError = defineClass("FdxError", { alwaysPermanent: true });
 
@@ -327,7 +327,7 @@ function consentReceipt(opts) {
     throw FdxError.factory("BAD_SCOPES",
       "fdx.consentReceipt: scopes must be a non-empty array");
   }
-  nb.requirePositiveFiniteIntIfPresent(opts.durationMs,
+  numericBounds.requirePositiveFiniteIntIfPresent(opts.durationMs,
     "fdx.consentReceipt: durationMs", FdxError, "BAD_DURATION");
 
   var issuedAt = Date.now();