@carbonorm/carbonnode 6.1.0 → 6.1.1

package/dist/index.esm.js

@@ -953,7 +953,7 @@ function colorSql(sql) {
     return s;
 }
 
-var version = "6.1.0";
+var version = "6.1.1";
 
 var DEFAULT_STEP = 8;
 function parseSemver(version) {
@@ -1798,14 +1798,176 @@ var HttpExecutor$1 = /*#__PURE__*/Object.freeze({
 });
 
 function convertHexIfBinary(_col, val, columnDef) {
+    var _a;
     if (typeof val === 'string' &&
         /^[0-9a-fA-F]{32}$/.test(val) &&
         typeof columnDef === 'object' &&
-        columnDef.MYSQL_TYPE.toUpperCase().includes('BINARY')) {
+        String((_a = columnDef.MYSQL_TYPE) !== null && _a !== void 0 ? _a : '').toUpperCase().includes('BINARY')) {
         return Buffer.from(val, 'hex');
     }
     return val;
 }
+var TEMPORAL_TYPES = new Set([
+    'date',
+    'datetime',
+    'timestamp',
+    'time',
+    'year',
+]);
+var MYSQL_DATE_REGEX = /^\d{4}-\d{2}-\d{2}$/;
+var MYSQL_DATETIME_REGEX = /^\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}(?:\.\d{1,6})?$/;
+var MYSQL_TIME_REGEX = /^-?\d{2,3}:\d{2}:\d{2}(?:\.\d{1,6})?$/;
+var ISO_DATETIME_REGEX = /^(\d{4}-\d{2}-\d{2})[Tt](\d{2}:\d{2}:\d{2})(\.\d{1,6})?([zZ]|[+-]\d{2}:\d{2})?$/;
+var pad2 = function (value) { return value.toString().padStart(2, '0'); };
+function trimFraction(value, precision) {
+    var _a = value.split('.', 2), base = _a[0], fractionRaw = _a[1];
+    if (precision <= 0 || !fractionRaw)
+        return base;
+    return "".concat(base, ".").concat(fractionRaw.slice(0, precision).padEnd(precision, '0'));
+}
+function normalizeFraction(raw, precision) {
+    if (precision <= 0)
+        return '';
+    if (!raw)
+        return '';
+    var digits = raw.startsWith('.') ? raw.slice(1) : raw;
+    return ".".concat(digits.slice(0, precision).padEnd(precision, '0'));
+}
+function formatDateUtc(value) {
+    return "".concat(value.getUTCFullYear(), "-").concat(pad2(value.getUTCMonth() + 1), "-").concat(pad2(value.getUTCDate()));
+}
+function formatTimeUtc(value, precision) {
+    var base = "".concat(pad2(value.getUTCHours()), ":").concat(pad2(value.getUTCMinutes()), ":").concat(pad2(value.getUTCSeconds()));
+    if (precision <= 0)
+        return base;
+    var millis = value.getUTCMilliseconds().toString().padStart(3, '0');
+    var fraction = millis.slice(0, Math.min(precision, 3)).padEnd(precision, '0');
+    return "".concat(base, ".").concat(fraction);
+}
+function formatDateTimeUtc(value, precision) {
+    return "".concat(formatDateUtc(value), " ").concat(formatTimeUtc(value, precision));
+}
+function parseEpochNumber(value) {
+    if (!Number.isFinite(value))
+        return undefined;
+    var abs = Math.abs(value);
+    if (abs >= 1e12) {
+        var date = new Date(value);
+        return Number.isNaN(date.getTime()) ? undefined : date;
+    }
+    if (abs >= 1e9) {
+        var date = new Date(value * 1000);
+        return Number.isNaN(date.getTime()) ? undefined : date;
+    }
+    return undefined;
+}
+function parseTemporalType(columnDef) {
+    var _a;
+    var raw = String((_a = columnDef === null || columnDef === void 0 ? void 0 : columnDef.MYSQL_TYPE) !== null && _a !== void 0 ? _a : '').trim().toLowerCase();
+    if (!raw)
+        return { baseType: undefined, precision: 0 };
+    var base = raw.split(/[\s(]/, 1)[0];
+    if (!TEMPORAL_TYPES.has(base))
+        return { baseType: undefined, precision: 0 };
+    var precisionMatch = raw.match(/^(?:datetime|timestamp|time)\((\d+)\)/);
+    if (!precisionMatch)
+        return { baseType: base, precision: 0 };
+    var parsed = Number.parseInt(precisionMatch[1], 10);
+    if (!Number.isFinite(parsed))
+        return { baseType: base, precision: 0 };
+    return { baseType: base, precision: Math.max(0, Math.min(6, parsed)) };
+}
+function normalizeTemporalString(value, baseType, precision) {
+    var trimmed = value.trim();
+    if (!trimmed)
+        return value;
+    if (baseType === 'date') {
+        if (MYSQL_DATE_REGEX.test(trimmed))
+            return trimmed;
+        var iso_1 = trimmed.match(ISO_DATETIME_REGEX);
+        if (iso_1) {
+            var datePart = iso_1[1], timezonePart = iso_1[4];
+            if (!timezonePart)
+                return datePart;
+            var parsed_1 = new Date(trimmed);
+            return Number.isNaN(parsed_1.getTime()) ? value : formatDateUtc(parsed_1);
+        }
+        var parsed_2 = new Date(trimmed);
+        return Number.isNaN(parsed_2.getTime()) ? value : formatDateUtc(parsed_2);
+    }
+    if (baseType === 'time') {
+        if (MYSQL_TIME_REGEX.test(trimmed))
+            return trimFraction(trimmed, precision);
+        var iso_2 = trimmed.match(ISO_DATETIME_REGEX);
+        if (iso_2) {
+            var timePart = iso_2[2], fractionPart = iso_2[3], timezonePart = iso_2[4];
+            if (!timezonePart) {
+                return "".concat(timePart).concat(normalizeFraction(fractionPart, precision));
+            }
+            var parsed_3 = new Date(trimmed);
+            return Number.isNaN(parsed_3.getTime()) ? value : formatTimeUtc(parsed_3, precision);
+        }
+        var parsed_4 = new Date(trimmed);
+        return Number.isNaN(parsed_4.getTime()) ? value : formatTimeUtc(parsed_4, precision);
+    }
+    if (baseType === 'year') {
+        if (/^\d{2,4}$/.test(trimmed))
+            return trimmed;
+        var parsed_5 = new Date(trimmed);
+        return Number.isNaN(parsed_5.getTime()) ? value : String(parsed_5.getUTCFullYear());
+    }
+    if (MYSQL_DATETIME_REGEX.test(trimmed))
+        return trimFraction(trimmed, precision);
+    var iso = trimmed.match(ISO_DATETIME_REGEX);
+    if (iso) {
+        var datePart = iso[1], timePart = iso[2], fractionPart = iso[3], timezonePart = iso[4];
+        if (!timezonePart) {
+            return "".concat(datePart, " ").concat(timePart).concat(normalizeFraction(fractionPart, precision));
+        }
+        var parsed_6 = new Date(trimmed);
+        return Number.isNaN(parsed_6.getTime()) ? value : formatDateTimeUtc(parsed_6, precision);
+    }
+    var parsed = new Date(trimmed);
+    return Number.isNaN(parsed.getTime()) ? value : formatDateTimeUtc(parsed, precision);
+}
+function convertTemporalIfNeeded(value, columnDef) {
+    var _a = parseTemporalType(columnDef), baseType = _a.baseType, precision = _a.precision;
+    if (!baseType)
+        return value;
+    if (value === null || value === undefined)
+        return value;
+    if (typeof Buffer !== 'undefined' && Buffer.isBuffer && Buffer.isBuffer(value))
+        return value;
+    if (value instanceof Date) {
+        if (baseType === 'date')
+            return formatDateUtc(value);
+        if (baseType === 'time')
+            return formatTimeUtc(value, precision);
+        if (baseType === 'year')
+            return String(value.getUTCFullYear());
+        return formatDateTimeUtc(value, precision);
+    }
+    if (typeof value === 'number') {
+        var parsed = parseEpochNumber(value);
+        if (!parsed)
+            return value;
+        if (baseType === 'date')
+            return formatDateUtc(parsed);
+        if (baseType === 'time')
+            return formatTimeUtc(parsed, precision);
+        if (baseType === 'year')
+            return String(parsed.getUTCFullYear());
+        return formatDateTimeUtc(parsed, precision);
+    }
+    if (typeof value === 'string') {
+        return normalizeTemporalString(value, baseType, precision);
+    }
+    return value;
+}
+function convertSqlValueForColumn(col, val, columnDef) {
+    var binaryConverted = convertHexIfBinary(col, val, columnDef);
+    return convertTemporalIfNeeded(binaryConverted, columnDef);
+}
 
 // ========================
 // SQL Operators & Expressions
@@ -2451,16 +2613,8 @@ var ConditionBuilder = /** @class */ (function (_super) {
             Object.values(table.COLUMNS).includes(column));
     };
     ConditionBuilder.prototype.addParam = function (params, column, value) {
-        var _a, _b, _c, _d, _e;
-        // Determine column definition from C6.TABLES to support type-aware conversions (e.g., BINARY hex -> Buffer)
-        var columnDef;
-        if (typeof column === 'string' && column.includes('.')) {
-            var _f = column.split('.', 2), tableName = _f[0], colName = _f[1];
-            var table = (_b = (_a = this.config.C6) === null || _a === void 0 ? void 0 : _a.TABLES) === null || _b === void 0 ? void 0 : _b[tableName];
-            // Support both short-keyed and fully-qualified TYPE_VALIDATION entries
-            columnDef = (_d = (_c = table === null || table === void 0 ? void 0 : table.TYPE_VALIDATION) === null || _c === void 0 ? void 0 : _c[colName]) !== null && _d !== void 0 ? _d : (_e = table === null || table === void 0 ? void 0 : table.TYPE_VALIDATION) === null || _e === void 0 ? void 0 : _e["".concat(tableName, ".").concat(colName)];
-        }
-        var val = convertHexIfBinary(column, value, columnDef);
+        var columnDef = this.resolveColumnDefinition(column);
+        var val = convertSqlValueForColumn(column, value, columnDef);
         if (this.useNamedParams) {
             var key = "param".concat(Object.keys(params).length);
             params[key] = val;
@@ -3774,6 +3928,7 @@ function normalizeSingularRequest(requestMethod, request, restModel, removedPrim
     return __assign(__assign({}, normalized), { dataInsertMultipleRows: dataInsertMultipleRows, cacheResults: cacheResults, skipReactBootstrap: skipReactBootstrap, fetchDependencies: fetchDependencies, debug: debug, success: success, error: error });
 }
 
+var DEFAULT_NORMALIZER_CACHE_KEY = "__default__";
 var allowListCache = new Map();
 var ANSI_ESCAPE_REGEX = /\x1b\[[0-9;]*m/g;
 var COLLAPSED_BIND_ROW_REGEX = /\(\?\s*×\d+\)/g;
@@ -3825,7 +3980,17 @@ var normalizeSql = function (sql) {
     normalized = normalized.replace(/;\s*$/, "");
     return normalized.replace(/\s+/g, " ").trim();
 };
-var parseAllowList = function (raw, sourcePath) {
+var normalizeSqlWith = function (sql, sqlQueryNormalizer) {
+    var normalized = normalizeSql(sql);
+    if (!sqlQueryNormalizer)
+        return normalized;
+    var customized = sqlQueryNormalizer(normalized);
+    if (typeof customized !== "string") {
+        throw new Error("sqlQueryNormalizer must return a string.");
+    }
+    return customized.replace(/\s+/g, " ").trim();
+};
+var parseAllowList = function (raw, sourcePath, sqlQueryNormalizer) {
     var parsed;
     try {
         parsed = JSON.parse(raw);
@@ -3838,59 +4003,63 @@ var parseAllowList = function (raw, sourcePath) {
     }
     var sqlEntries = parsed
         .filter(function (entry) { return typeof entry === "string"; })
-        .map(normalizeSql)
+        .map(function (entry) { return normalizeSqlWith(entry, sqlQueryNormalizer); })
         .filter(function (entry) { return entry.length > 0; });
     if (sqlEntries.length !== parsed.length) {
         throw new Error("SQL allowlist at ".concat(sourcePath, " must contain only string entries."));
     }
     return sqlEntries;
 };
-var loadSqlAllowList = function (allowListPath) { return __awaiter(void 0, void 0, void 0, function () {
-    var _a, readFile, stat, fileStat, cached, raw, sqlEntries, allowList;
-    return __generator(this, function (_b) {
-        switch (_b.label) {
+var loadSqlAllowList = function (allowListPath, sqlQueryNormalizer) { return __awaiter(void 0, void 0, void 0, function () {
+    var _a, readFile, stat, fileStat, pathCache, cacheKey, cached, raw, sqlEntries, allowList;
+    var _b;
+    return __generator(this, function (_c) {
+        switch (_c.label) {
             case 0:
                 if (!isNode()) {
                     throw new Error("SQL allowlist validation requires a Node runtime.");
                 }
                 return [4 /*yield*/, import('node:fs/promises')];
             case 1:
-                _a = _b.sent(), readFile = _a.readFile, stat = _a.stat;
-                _b.label = 2;
+                _a = _c.sent(), readFile = _a.readFile, stat = _a.stat;
+                _c.label = 2;
             case 2:
-                _b.trys.push([2, 4, , 5]);
+                _c.trys.push([2, 4, , 5]);
                 return [4 /*yield*/, stat(allowListPath)];
             case 3:
-                fileStat = _b.sent();
+                fileStat = _c.sent();
                 return [3 /*break*/, 5];
             case 4:
-                _b.sent();
+                _c.sent();
                 throw new Error("SQL allowlist file not found at ".concat(allowListPath, "."));
             case 5:
-                cached = allowListCache.get(allowListPath);
+                pathCache = (_b = allowListCache.get(allowListPath)) !== null && _b !== void 0 ? _b : new Map();
+                cacheKey = sqlQueryNormalizer !== null && sqlQueryNormalizer !== void 0 ? sqlQueryNormalizer : DEFAULT_NORMALIZER_CACHE_KEY;
+                cached = pathCache.get(cacheKey);
                 if (cached &&
                     cached.mtimeMs === fileStat.mtimeMs &&
                     cached.size === fileStat.size) {
                     return [2 /*return*/, cached.allowList];
                 }
-                _b.label = 6;
+                _c.label = 6;
             case 6:
-                _b.trys.push([6, 8, , 9]);
+                _c.trys.push([6, 8, , 9]);
                 return [4 /*yield*/, readFile(allowListPath, "utf-8")];
             case 7:
-                raw = _b.sent();
+                raw = _c.sent();
                 return [3 /*break*/, 9];
             case 8:
-                _b.sent();
+                _c.sent();
                 throw new Error("SQL allowlist file not found at ".concat(allowListPath, "."));
             case 9:
-                sqlEntries = parseAllowList(raw, allowListPath);
+                sqlEntries = parseAllowList(raw, allowListPath, sqlQueryNormalizer);
                 allowList = new Set(sqlEntries);
-                allowListCache.set(allowListPath, {
+                pathCache.set(cacheKey, {
                     allowList: allowList,
                     mtimeMs: fileStat.mtimeMs,
                     size: fileStat.size,
                 });
+                allowListCache.set(allowListPath, pathCache);
                 return [2 /*return*/, allowList];
         }
     });
@@ -3917,15 +4086,15 @@ var extractSqlEntries = function (payload) {
     }
     return [];
 };
-var collectSqlAllowListEntries = function (payload, entries) {
+var collectSqlAllowListEntries = function (payload, entries, sqlQueryNormalizer) {
     if (entries === void 0) { entries = new Set(); }
     var sqlEntries = extractSqlEntries(payload)
-        .map(normalizeSql)
+        .map(function (entry) { return normalizeSqlWith(entry, sqlQueryNormalizer); })
         .filter(function (entry) { return entry.length > 0; });
     sqlEntries.forEach(function (entry) { return entries.add(entry); });
     return entries;
 };
-var compileSqlAllowList = function (allowListPath, entries) { return __awaiter(void 0, void 0, void 0, function () {
+var compileSqlAllowList = function (allowListPath, entries, sqlQueryNormalizer) { return __awaiter(void 0, void 0, void 0, function () {
     var _a, writeFile, mkdir, path, compiled;
     return __generator(this, function (_b) {
         switch (_b.label) {
@@ -3943,7 +4112,7 @@ var compileSqlAllowList = function (allowListPath, entries) { return __awaiter(v
             case 3:
                 _b.sent();
                 compiled = Array.from(new Set(Array.from(entries)
-                    .map(normalizeSql)
+                    .map(function (entry) { return normalizeSqlWith(entry, sqlQueryNormalizer); })
                     .filter(function (entry) { return entry.length > 0; }))).sort();
                 return [4 /*yield*/, writeFile(allowListPath, JSON.stringify(compiled, null, 2))];
             case 4:
@@ -4796,7 +4965,7 @@ var SqlExecutor = /** @class */ (function (_super) {
     };
     SqlExecutor.prototype.validateSqlAllowList = function (sql) {
         return __awaiter(this, void 0, void 0, function () {
-            var allowListPath, allowList, normalized;
+            var allowListPath, sqlQueryNormalizer, allowList, normalized;
             var _a;
             return __generator(this, function (_b) {
                 switch (_b.label) {
@@ -4805,10 +4974,11 @@ var SqlExecutor = /** @class */ (function (_super) {
                         if (!allowListPath) {
                             return [2 /*return*/, "not verified"];
                         }
-                        return [4 /*yield*/, loadSqlAllowList(allowListPath)];
+                        sqlQueryNormalizer = this.config.sqlQueryNormalizer;
+                        return [4 /*yield*/, loadSqlAllowList(allowListPath, sqlQueryNormalizer)];
                     case 1:
                         allowList = _b.sent();
-                        normalized = normalizeSql(sql);
+                        normalized = normalizeSqlWith(sql, sqlQueryNormalizer);
                         if (!allowList.has(normalized)) {
                             throw createSqlAllowListBlockedError({
                                 tableName: typeof ((_a = this.config.restModel) === null || _a === void 0 ? void 0 : _a.TABLE_NAME) === "string"
@@ -5056,5 +5226,5 @@ function isVerbose() {
     return resolveLogLevel() >= LogLevel.DEBUG;
 }
 
-export { A, AggregateBuilder, C6C, C6Constants, ConditionBuilder, DELETE, DeleteQueryBuilder, Executor, ExpressHandler, F, GET, HttpExecutor, JoinBuilder, LogLevel, POST, PUT, PaginationBuilder, PostQueryBuilder, SQL_KNOWN_FUNCTIONS, SelectQueryBuilder, SqlExecutor, TestRestfulResponse, UpdateQueryBuilder, alias, apiRequestCache, applyLogLevelDefaults, axiosInstance, bbox, call, carbonNodeQsStringify, checkAllRequestsComplete, checkCache, clearCache, collectSqlAllowListEntries, colorSql, compileSqlAllowList, convertForRequestBody, convertHexIfBinary, derivedTable, determineRuntimeJsType, distSphere, distinct, eFetchDependencies, error, evictCacheEntry, extractSqlEntries, fieldEq, fn, getEnv, getEnvBool, getEnvDebug, getEnvLogLevel, getLogContext, getPrimaryKeyTypes, group, info, isDerivedTableKey, isLocal, isNode, isTest, isVerbose, lit, loadSqlAllowList, logSql, logWithLevel, normalizeSingularRequest, normalizeSql, notifyToast, onError, onSuccess, order, parseLogLevel, removeInvalidKeys, removePrefixIfExists, resolveDerivedTable, resolveLogLevel, restExpressRequest, restOrm, restRequest, serializeSqlExpression, setCache, setToastHandler, shouldLog, sortAndSerializeQueryObject, stContains, timeout, toastOptions, toastOptionsDevs, userCustomClearCache, versionToRgb as versionColor, warn };
+export { A, AggregateBuilder, C6C, C6Constants, ConditionBuilder, DELETE, DeleteQueryBuilder, Executor, ExpressHandler, F, GET, HttpExecutor, JoinBuilder, LogLevel, POST, PUT, PaginationBuilder, PostQueryBuilder, SQL_KNOWN_FUNCTIONS, SelectQueryBuilder, SqlExecutor, TestRestfulResponse, UpdateQueryBuilder, alias, apiRequestCache, applyLogLevelDefaults, axiosInstance, bbox, call, carbonNodeQsStringify, checkAllRequestsComplete, checkCache, clearCache, collectSqlAllowListEntries, colorSql, compileSqlAllowList, convertForRequestBody, convertHexIfBinary, convertSqlValueForColumn, derivedTable, determineRuntimeJsType, distSphere, distinct, eFetchDependencies, error, evictCacheEntry, extractSqlEntries, fieldEq, fn, getEnv, getEnvBool, getEnvDebug, getEnvLogLevel, getLogContext, getPrimaryKeyTypes, group, info, isDerivedTableKey, isLocal, isNode, isTest, isVerbose, lit, loadSqlAllowList, logSql, logWithLevel, normalizeSingularRequest, normalizeSql, normalizeSqlWith, notifyToast, onError, onSuccess, order, parseLogLevel, removeInvalidKeys, removePrefixIfExists, resolveDerivedTable, resolveLogLevel, restExpressRequest, restOrm, restRequest, serializeSqlExpression, setCache, setToastHandler, shouldLog, sortAndSerializeQueryObject, stContains, timeout, toastOptions, toastOptionsDevs, userCustomClearCache, versionToRgb as versionColor, warn };
 //# sourceMappingURL=index.esm.js.map