npm - @congzhen/changewayguard - Versions diffs - 6.8.12 - Mend

@congzhen/changewayguard 6.8.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (329) hide show

package/LICENSE +21 -0
package/README.md +270 -0
package/dashboard-dist/api/104.index.js +1420 -0
package/dashboard-dist/api/104.index.js.map +1 -0
package/dashboard-dist/api/113.index.js +496 -0
package/dashboard-dist/api/113.index.js.map +1 -0
package/dashboard-dist/api/18.index.js +67 -0
package/dashboard-dist/api/18.index.js.map +1 -0
package/dashboard-dist/api/217.index.js +44 -0
package/dashboard-dist/api/217.index.js.map +1 -0
package/dashboard-dist/api/222.index.js +90 -0
package/dashboard-dist/api/222.index.js.map +1 -0
package/dashboard-dist/api/25.index.js +3562 -0
package/dashboard-dist/api/25.index.js.map +1 -0
package/dashboard-dist/api/280.index.js +206 -0
package/dashboard-dist/api/280.index.js.map +1 -0
package/dashboard-dist/api/369.index.js +115 -0
package/dashboard-dist/api/369.index.js.map +1 -0
package/dashboard-dist/api/377.index.js +1176 -0
package/dashboard-dist/api/377.index.js.map +1 -0
package/dashboard-dist/api/411.index.js +4250 -0
package/dashboard-dist/api/411.index.js.map +1 -0
package/dashboard-dist/api/424.index.js +135 -0
package/dashboard-dist/api/424.index.js.map +1 -0
package/dashboard-dist/api/573.index.js +806 -0
package/dashboard-dist/api/573.index.js.map +1 -0
package/dashboard-dist/api/598.index.js +328 -0
package/dashboard-dist/api/598.index.js.map +1 -0
package/dashboard-dist/api/62.index.js +4151 -0
package/dashboard-dist/api/62.index.js.map +1 -0
package/dashboard-dist/api/67.index.js +23383 -0
package/dashboard-dist/api/67.index.js.map +1 -0
package/dashboard-dist/api/678.index.js +2734 -0
package/dashboard-dist/api/678.index.js.map +1 -0
package/dashboard-dist/api/698.index.js +1896 -0
package/dashboard-dist/api/698.index.js.map +1 -0
package/dashboard-dist/api/720.index.js +98 -0
package/dashboard-dist/api/720.index.js.map +1 -0
package/dashboard-dist/api/830.index.js +95 -0
package/dashboard-dist/api/830.index.js.map +1 -0
package/dashboard-dist/api/831.index.js +99 -0
package/dashboard-dist/api/831.index.js.map +1 -0
package/dashboard-dist/api/84.index.js +64 -0
package/dashboard-dist/api/84.index.js.map +1 -0
package/dashboard-dist/api/900.index.js +65 -0
package/dashboard-dist/api/900.index.js.map +1 -0
package/dashboard-dist/api/917.index.js +88 -0
package/dashboard-dist/api/917.index.js.map +1 -0
package/dashboard-dist/api/948.index.js +64 -0
package/dashboard-dist/api/948.index.js.map +1 -0
package/dashboard-dist/api/953.index.js +67 -0
package/dashboard-dist/api/953.index.js.map +1 -0
package/dashboard-dist/api/975.index.js +374 -0
package/dashboard-dist/api/975.index.js.map +1 -0
package/dashboard-dist/api/drizzle/sqlite/0000_short_captain_stacy.sql +70 -0
package/dashboard-dist/api/drizzle/sqlite/0001_closed_magus.sql +10 -0
package/dashboard-dist/api/drizzle/sqlite/0002_agent_capability_observation.sql +38 -0
package/dashboard-dist/api/drizzle/sqlite/0003_auth_magic_link.sql +28 -0
package/dashboard-dist/api/drizzle/sqlite/0004_static_scan_fields.sql +8 -0
package/dashboard-dist/api/drizzle/sqlite/0005_gateway_activity.sql +24 -0
package/dashboard-dist/api/drizzle/sqlite/0006_sour_marauders.sql +41 -0
package/dashboard-dist/api/drizzle/sqlite/meta/0000_snapshot.json +460 -0
package/dashboard-dist/api/drizzle/sqlite/meta/0001_snapshot.json +536 -0
package/dashboard-dist/api/drizzle/sqlite/meta/0006_snapshot.json +1249 -0
package/dashboard-dist/api/drizzle/sqlite/meta/_journal.json +55 -0
package/dashboard-dist/api/index.js +27340 -0
package/dashboard-dist/api/index.js.map +1 -0
package/dashboard-dist/api/package.json +16 -0
package/dashboard-dist/api/sourcemap-register.cjs +1 -0
package/dashboard-dist/web/assets/index-CqWIeBTD.js +158 -0
package/dashboard-dist/web/assets/index-Dw7--9q4.css +1 -0
package/dashboard-dist/web/changeway-logo.png +0 -0
package/dashboard-dist/web/favicon.svg +29 -0
package/dashboard-dist/web/index.html +14 -0
package/dashboard-dist/web/logo.svg +16 -0
package/dist/agent/auth.d.ts +37 -0
package/dist/agent/auth.d.ts.map +1 -0
package/dist/agent/auth.js +151 -0
package/dist/agent/auth.js.map +1 -0
package/dist/agent/behavior-detector.d.ts +150 -0
package/dist/agent/behavior-detector.d.ts.map +1 -0
package/dist/agent/behavior-detector.js +573 -0
package/dist/agent/behavior-detector.js.map +1 -0
package/dist/agent/business-reporter.d.ts +114 -0
package/dist/agent/business-reporter.d.ts.map +1 -0
package/dist/agent/business-reporter.js +359 -0
package/dist/agent/business-reporter.js.map +1 -0
package/dist/agent/config-sync.d.ts +70 -0
package/dist/agent/config-sync.d.ts.map +1 -0
package/dist/agent/config-sync.js +133 -0
package/dist/agent/config-sync.js.map +1 -0
package/dist/agent/config.d.ts +97 -0
package/dist/agent/config.d.ts.map +1 -0
package/dist/agent/config.js +359 -0
package/dist/agent/config.js.map +1 -0
package/dist/agent/content-injection-scanner.d.ts +35 -0
package/dist/agent/content-injection-scanner.d.ts.map +1 -0
package/dist/agent/content-injection-scanner.js +270 -0
package/dist/agent/content-injection-scanner.js.map +1 -0
package/dist/agent/engine-log-writer.d.ts +6 -0
package/dist/agent/engine-log-writer.d.ts.map +1 -0
package/dist/agent/engine-log-writer.js +18 -0
package/dist/agent/engine-log-writer.js.map +1 -0
package/dist/agent/env.d.ts +19 -0
package/dist/agent/env.d.ts.map +1 -0
package/dist/agent/env.js +43 -0
package/dist/agent/env.js.map +1 -0
package/dist/agent/event-reporter.d.ts +87 -0
package/dist/agent/event-reporter.d.ts.map +1 -0
package/dist/agent/event-reporter.js +315 -0
package/dist/agent/event-reporter.js.map +1 -0
package/dist/agent/file-watcher.d.ts +50 -0
package/dist/agent/file-watcher.d.ts.map +1 -0
package/dist/agent/file-watcher.js +135 -0
package/dist/agent/file-watcher.js.map +1 -0
package/dist/agent/fs-utils.d.ts +22 -0
package/dist/agent/fs-utils.d.ts.map +1 -0
package/dist/agent/fs-utils.js +41 -0
package/dist/agent/fs-utils.js.map +1 -0
package/dist/agent/gateway-manager.d.ts +59 -0
package/dist/agent/gateway-manager.d.ts.map +1 -0
package/dist/agent/gateway-manager.js +583 -0
package/dist/agent/gateway-manager.js.map +1 -0
package/dist/agent/hook-types.d.ts +276 -0
package/dist/agent/hook-types.d.ts.map +1 -0
package/dist/agent/hook-types.js +51 -0
package/dist/agent/hook-types.js.map +1 -0
package/dist/agent/index.d.ts +8 -0
package/dist/agent/index.d.ts.map +1 -0
package/dist/agent/index.js +8 -0
package/dist/agent/index.js.map +1 -0
package/dist/agent/prompt-gate.d.ts +13 -0
package/dist/agent/prompt-gate.d.ts.map +1 -0
package/dist/agent/prompt-gate.js +28 -0
package/dist/agent/prompt-gate.js.map +1 -0
package/dist/agent/prompt-input.d.ts +9 -0
package/dist/agent/prompt-input.d.ts.map +1 -0
package/dist/agent/prompt-input.js +158 -0
package/dist/agent/prompt-input.js.map +1 -0
package/dist/agent/prompt-output.d.ts +4 -0
package/dist/agent/prompt-output.d.ts.map +1 -0
package/dist/agent/prompt-output.js +19 -0
package/dist/agent/prompt-output.js.map +1 -0
package/dist/agent/runner.d.ts +23 -0
package/dist/agent/runner.d.ts.map +1 -0
package/dist/agent/runner.js +154 -0
package/dist/agent/runner.js.map +1 -0
package/dist/agent/sanitizer.d.ts +10 -0
package/dist/agent/sanitizer.d.ts.map +1 -0
package/dist/agent/sanitizer.js +175 -0
package/dist/agent/sanitizer.js.map +1 -0
package/dist/agent/scan-activity.d.ts +18 -0
package/dist/agent/scan-activity.d.ts.map +1 -0
package/dist/agent/scan-activity.js +32 -0
package/dist/agent/scan-activity.js.map +1 -0
package/dist/agent/types.d.ts +177 -0
package/dist/agent/types.d.ts.map +1 -0
package/dist/agent/types.js +5 -0
package/dist/agent/types.js.map +1 -0
package/dist/agent/workspace-scanner.d.ts +35 -0
package/dist/agent/workspace-scanner.d.ts.map +1 -0
package/dist/agent/workspace-scanner.js +137 -0
package/dist/agent/workspace-scanner.js.map +1 -0
package/dist/dashboard-launcher.d.ts +52 -0
package/dist/dashboard-launcher.d.ts.map +1 -0
package/dist/dashboard-launcher.js +363 -0
package/dist/dashboard-launcher.js.map +1 -0
package/dist/gateway/activity.d.ts +52 -0
package/dist/gateway/activity.d.ts.map +1 -0
package/dist/gateway/activity.js +111 -0
package/dist/gateway/activity.js.map +1 -0
package/dist/gateway/config.d.ts +50 -0
package/dist/gateway/config.d.ts.map +1 -0
package/dist/gateway/config.js +200 -0
package/dist/gateway/config.js.map +1 -0
package/dist/gateway/gateway/activity.d.ts +52 -0
package/dist/gateway/gateway/activity.d.ts.map +1 -0
package/dist/gateway/gateway/activity.js +111 -0
package/dist/gateway/gateway/activity.js.map +1 -0
package/dist/gateway/gateway/config.d.ts +50 -0
package/dist/gateway/gateway/config.d.ts.map +1 -0
package/dist/gateway/gateway/config.js +200 -0
package/dist/gateway/gateway/config.js.map +1 -0
package/dist/gateway/gateway/handlers/anthropic.d.ts +12 -0
package/dist/gateway/gateway/handlers/anthropic.d.ts.map +1 -0
package/dist/gateway/gateway/handlers/anthropic.js +254 -0
package/dist/gateway/gateway/handlers/anthropic.js.map +1 -0
package/dist/gateway/gateway/handlers/gemini.d.ts +12 -0
package/dist/gateway/gateway/handlers/gemini.d.ts.map +1 -0
package/dist/gateway/gateway/handlers/gemini.js +101 -0
package/dist/gateway/gateway/handlers/gemini.js.map +1 -0
package/dist/gateway/gateway/handlers/models.d.ts +4 -0
package/dist/gateway/gateway/handlers/models.d.ts.map +1 -0
package/dist/gateway/gateway/handlers/models.js +36 -0
package/dist/gateway/gateway/handlers/models.js.map +1 -0
package/dist/gateway/gateway/handlers/openai.d.ts +16 -0
package/dist/gateway/gateway/handlers/openai.d.ts.map +1 -0
package/dist/gateway/gateway/handlers/openai.js +254 -0
package/dist/gateway/gateway/handlers/openai.js.map +1 -0
package/dist/gateway/gateway/index.d.ts +27 -0
package/dist/gateway/gateway/index.d.ts.map +1 -0
package/dist/gateway/gateway/index.js +293 -0
package/dist/gateway/gateway/index.js.map +1 -0
package/dist/gateway/gateway/mapping-store.d.ts +38 -0
package/dist/gateway/gateway/mapping-store.d.ts.map +1 -0
package/dist/gateway/gateway/mapping-store.js +74 -0
package/dist/gateway/gateway/mapping-store.js.map +1 -0
package/dist/gateway/gateway/restorer.d.ts +63 -0
package/dist/gateway/gateway/restorer.d.ts.map +1 -0
package/dist/gateway/gateway/restorer.js +284 -0
package/dist/gateway/gateway/restorer.js.map +1 -0
package/dist/gateway/gateway/sanitizer.d.ts +17 -0
package/dist/gateway/gateway/sanitizer.d.ts.map +1 -0
package/dist/gateway/gateway/sanitizer.js +228 -0
package/dist/gateway/gateway/sanitizer.js.map +1 -0
package/dist/gateway/gateway/types.d.ts +53 -0
package/dist/gateway/gateway/types.d.ts.map +1 -0
package/dist/gateway/gateway/types.js +5 -0
package/dist/gateway/gateway/types.js.map +1 -0
package/dist/gateway/handlers/anthropic.d.ts +12 -0
package/dist/gateway/handlers/anthropic.d.ts.map +1 -0
package/dist/gateway/handlers/anthropic.js +254 -0
package/dist/gateway/handlers/anthropic.js.map +1 -0
package/dist/gateway/handlers/gemini.d.ts +12 -0
package/dist/gateway/handlers/gemini.d.ts.map +1 -0
package/dist/gateway/handlers/gemini.js +101 -0
package/dist/gateway/handlers/gemini.js.map +1 -0
package/dist/gateway/handlers/models.d.ts +4 -0
package/dist/gateway/handlers/models.d.ts.map +1 -0
package/dist/gateway/handlers/models.js +36 -0
package/dist/gateway/handlers/models.js.map +1 -0
package/dist/gateway/handlers/openai.d.ts +16 -0
package/dist/gateway/handlers/openai.d.ts.map +1 -0
package/dist/gateway/handlers/openai.js +254 -0
package/dist/gateway/handlers/openai.js.map +1 -0
package/dist/gateway/index.d.ts +27 -0
package/dist/gateway/index.d.ts.map +1 -0
package/dist/gateway/index.js +293 -0
package/dist/gateway/index.js.map +1 -0
package/dist/gateway/mapping-store.d.ts +38 -0
package/dist/gateway/mapping-store.d.ts.map +1 -0
package/dist/gateway/mapping-store.js +74 -0
package/dist/gateway/mapping-store.js.map +1 -0
package/dist/gateway/restorer.d.ts +63 -0
package/dist/gateway/restorer.d.ts.map +1 -0
package/dist/gateway/restorer.js +284 -0
package/dist/gateway/restorer.js.map +1 -0
package/dist/gateway/sanitizer.d.ts +17 -0
package/dist/gateway/sanitizer.d.ts.map +1 -0
package/dist/gateway/sanitizer.js +228 -0
package/dist/gateway/sanitizer.js.map +1 -0
package/dist/gateway/types.d.ts +53 -0
package/dist/gateway/types.d.ts.map +1 -0
package/dist/gateway/types.js +5 -0
package/dist/gateway/types.js.map +1 -0
package/dist/index.d.ts +19 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +2084 -0
package/dist/index.js.map +1 -0
package/dist/memory/index.d.ts +5 -0
package/dist/memory/index.d.ts.map +1 -0
package/dist/memory/index.js +5 -0
package/dist/memory/index.js.map +1 -0
package/dist/memory/store.d.ts +82 -0
package/dist/memory/store.d.ts.map +1 -0
package/dist/memory/store.js +194 -0
package/dist/memory/store.js.map +1 -0
package/dist/platform-client/index.d.ts +63 -0
package/dist/platform-client/index.d.ts.map +1 -0
package/dist/platform-client/index.js +294 -0
package/dist/platform-client/index.js.map +1 -0
package/dist/platform-client/types.d.ts +109 -0
package/dist/platform-client/types.d.ts.map +1 -0
package/dist/platform-client/types.js +3 -0
package/dist/platform-client/types.js.map +1 -0
package/gateway/activity.d.ts +52 -0
package/gateway/activity.d.ts.map +1 -0
package/gateway/activity.js +111 -0
package/gateway/activity.js.map +1 -0
package/gateway/config.d.ts +50 -0
package/gateway/config.d.ts.map +1 -0
package/gateway/config.js +200 -0
package/gateway/config.js.map +1 -0
package/gateway/handlers/anthropic.d.ts +12 -0
package/gateway/handlers/anthropic.d.ts.map +1 -0
package/gateway/handlers/anthropic.js +254 -0
package/gateway/handlers/anthropic.js.map +1 -0
package/gateway/handlers/gemini.d.ts +12 -0
package/gateway/handlers/gemini.d.ts.map +1 -0
package/gateway/handlers/gemini.js +101 -0
package/gateway/handlers/gemini.js.map +1 -0
package/gateway/handlers/models.d.ts +4 -0
package/gateway/handlers/models.d.ts.map +1 -0
package/gateway/handlers/models.js +36 -0
package/gateway/handlers/models.js.map +1 -0
package/gateway/handlers/openai.d.ts +16 -0
package/gateway/handlers/openai.d.ts.map +1 -0
package/gateway/handlers/openai.js +254 -0
package/gateway/handlers/openai.js.map +1 -0
package/gateway/index.d.ts +27 -0
package/gateway/index.d.ts.map +1 -0
package/gateway/index.js +293 -0
package/gateway/index.js.map +1 -0
package/gateway/mapping-store.d.ts +38 -0
package/gateway/mapping-store.d.ts.map +1 -0
package/gateway/mapping-store.js +74 -0
package/gateway/mapping-store.js.map +1 -0
package/gateway/restorer.d.ts +63 -0
package/gateway/restorer.d.ts.map +1 -0
package/gateway/restorer.js +284 -0
package/gateway/restorer.js.map +1 -0
package/gateway/sanitizer.d.ts +17 -0
package/gateway/sanitizer.d.ts.map +1 -0
package/gateway/sanitizer.js +228 -0
package/gateway/sanitizer.js.map +1 -0
package/gateway/types.d.ts +53 -0
package/gateway/types.d.ts.map +1 -0
package/gateway/types.js +5 -0
package/gateway/types.js.map +1 -0
package/openclaw.plugin.json +86 -0
package/package.json +74 -0
package/samples/Untitled +1 -0
package/samples/clean-email.txt +20 -0
package/samples/test-document.md +53 -0
package/samples/test-email-popup.txt +44 -0
package/samples/test-email.txt +32 -0
package/samples/test-webpage.html +51 -0
package/scripts/enterprise-enroll.sh +89 -0
package/scripts/enterprise-unenroll.sh +75 -0

package/dist/gateway/index.js ADDED Viewed

@@ -0,0 +1,293 @@
+#!/usr/bin/env node
+/**
+ * OpenGuardrails AI Security Gateway
+ *
+ * Local HTTP proxy that intercepts LLM API calls, sanitizes sensitive data
+ * before sending to providers, and restores it in responses.
+ * Supports Anthropic, OpenAI, and Gemini protocols.
+ */
+import { createServer } from "node:http";
+import { loadConfig, validateConfig, findBackendByApiKey, findDefaultBackend, findBackendByPathPrefix } from "./config.js";
+import { handleAnthropicRequest } from "./handlers/anthropic.js";
+import { handleOpenAIRequest } from "./handlers/openai.js";
+import { handleGeminiRequest } from "./handlers/gemini.js";
+import { handleModelsRequest } from "./handlers/models.js";
+let config;
+let currentServer = null;
+/**
+ * Extract API key from request headers
+ */
+function extractApiKey(req) {
+    // Try x-api-key header (Anthropic style)
+    const xApiKey = req.headers["x-api-key"];
+    if (xApiKey && typeof xApiKey === "string") {
+        return xApiKey;
+    }
+    // Try Authorization: Bearer (OpenAI style)
+    const auth = req.headers["authorization"];
+    if (auth && typeof auth === "string" && auth.startsWith("Bearer ")) {
+        return auth.slice(7);
+    }
+    // Try x-goog-api-key (Gemini style)
+    const googKey = req.headers["x-goog-api-key"];
+    if (googKey && typeof googKey === "string") {
+        return googKey;
+    }
+    return null;
+}
+/**
+ * Resolve backend for a request based on path prefix, API key, or defaults
+ * Priority: pathPrefix > apiKey > defaultBackend
+ */
+function resolveBackend(req, apiType) {
+    const url = req.url || "";
+    // 1. Try to find backend by path prefix (most specific)
+    const byPath = findBackendByPathPrefix(url, config);
+    if (byPath) {
+        return byPath;
+    }
+    // 2. Try to find backend by API key
+    const apiKey = extractApiKey(req);
+    if (apiKey) {
+        const byKey = findBackendByApiKey(apiKey, config);
+        if (byKey) {
+            return byKey;
+        }
+    }
+    // 3. Fall back to default backend for the API type
+    return findDefaultBackend(apiType, config);
+}
+/**
+ * Main request handler
+ */
+async function handleRequest(req, res) {
+    const { method, url } = req;
+    // Log request (skip health checks to reduce noise)
+    if (url !== "/health") {
+        console.log(`[ai-security-gateway] ${method} ${url}`);
+    }
+    // CORS headers (for browser-based clients)
+    res.setHeader("Access-Control-Allow-Origin", "*");
+    res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
+    res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization, x-api-key, anthropic-version");
+    // Handle OPTIONS for CORS preflight
+    if (method === "OPTIONS") {
+        res.writeHead(204);
+        res.end();
+        return;
+    }
+    // Health check (allow GET)
+    if (url === "/health") {
+        res.writeHead(200, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ status: "ok", version: "1.0.0" }));
+        return;
+    }
+    // Handle GET /v1/models — proxy to configured backend's models endpoint
+    if (method === "GET" && url === "/v1/models") {
+        await handleModelsRequest(res, config);
+        return;
+    }
+    // Only allow POST for API endpoints
+    if (method !== "POST") {
+        res.writeHead(405, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "Method not allowed" }));
+        return;
+    }
+    // Route to appropriate handler based on path suffix
+    // This allows flexible path prefixes (e.g., /v1/coding/chat/completions)
+    try {
+        if (url?.endsWith("/messages")) {
+            // Anthropic Messages API (matches /v1/messages, /v1/xxx/messages, etc.)
+            const resolved = resolveBackend(req, "anthropic");
+            if (!resolved) {
+                res.writeHead(500, { "Content-Type": "application/json" });
+                res.end(JSON.stringify({ error: "No Anthropic-compatible backend configured" }));
+                return;
+            }
+            await handleAnthropicRequest(req, res, resolved.backend);
+        }
+        else if (url?.endsWith("/chat/completions")) {
+            // OpenAI/OpenRouter Chat Completions API
+            // Try to extract backend name from URL: /backend/{name}/chat/completions
+            const backendMatch = url.match(/^\/backend\/([^/]+)\//);
+            let resolved = null;
+            if (backendMatch) {
+                const backendName = backendMatch[1];
+                const backend = config.backends[backendName];
+                if (backend) {
+                    resolved = { name: backendName, backend };
+                    console.log(`[ai-security-gateway] Backend from URL: ${backendName}`);
+                }
+            }
+            // Fallback to path prefix or default
+            if (!resolved) {
+                resolved = resolveBackend(req, "openai");
+                console.log(`[ai-security-gateway] Resolved backend: ${resolved?.name}`);
+            }
+            // Check explicit routing config
+            const explicitBackendName = config.routing?.["/v1/chat/completions"];
+            const backend = explicitBackendName
+                ? config.backends[explicitBackendName]
+                : resolved?.backend;
+            if (!backend) {
+                res.writeHead(500, { "Content-Type": "application/json" });
+                res.end(JSON.stringify({ error: "No OpenAI-compatible backend configured" }));
+                return;
+            }
+            const extraHeaders = {};
+            if (backend.referer) {
+                extraHeaders["HTTP-Referer"] = backend.referer;
+            }
+            if (backend.title) {
+                extraHeaders["X-Title"] = backend.title;
+            }
+            await handleOpenAIRequest(req, res, backend, extraHeaders);
+        }
+        else if (url?.match(/\/models\/(.+):generateContent$/)) {
+            // Gemini API (matches any path ending with /models/{model}:generateContent)
+            const match = url.match(/\/models\/(.+):generateContent$/);
+            const modelName = match?.[1];
+            if (modelName) {
+                const resolved = resolveBackend(req, "gemini");
+                if (!resolved) {
+                    res.writeHead(500, { "Content-Type": "application/json" });
+                    res.end(JSON.stringify({ error: "No Gemini backend configured" }));
+                    return;
+                }
+                await handleGeminiRequest(req, res, resolved.backend, modelName);
+            }
+            else {
+                res.writeHead(404, { "Content-Type": "application/json" });
+                res.end(JSON.stringify({ error: "Model name required" }));
+            }
+        }
+        else {
+            // Unknown endpoint
+            res.writeHead(404, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Not found", url }));
+        }
+    }
+    catch (error) {
+        console.error("[ai-security-gateway] Request handler error:", error);
+        res.writeHead(500, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({
+            error: "Internal server error",
+            message: error instanceof Error ? error.message : String(error),
+        }));
+    }
+}
+/**
+ * Stop the gateway server
+ */
+export function stopGateway() {
+    return new Promise((resolve) => {
+        if (currentServer) {
+            currentServer.close(() => {
+                currentServer = null;
+                console.log("[ai-security-gateway] Server stopped");
+                resolve();
+            });
+        }
+        else {
+            resolve();
+        }
+    });
+}
+/**
+ * Check if gateway is running
+ */
+export function isGatewayServerRunning() {
+    return currentServer !== null;
+}
+/**
+ * Start gateway server
+ * @param configPath - Path to config file
+ * @param embedded - If true, don't call process.exit on errors (for in-process use)
+ */
+export function startGateway(configPath, embedded = false) {
+    // Stop existing server if running (same process)
+    if (currentServer) {
+        if (!embedded)
+            console.log("[ai-security-gateway] Stopping existing server for restart...");
+        currentServer.close();
+        currentServer = null;
+    }
+    try {
+        // Load and validate configuration
+        config = loadConfig(configPath);
+        validateConfig(config);
+        if (!embedded) {
+            console.log("[ai-security-gateway] Configuration loaded:");
+            console.log(`  Port: ${config.port}`);
+            console.log(`  Backends: ${Object.keys(config.backends).join(", ") || "(none)"}`);
+        }
+        // Create HTTP server
+        const server = createServer(handleRequest);
+        currentServer = server;
+        // Handle server errors
+        server.on("error", (err) => {
+            console.error("[ai-security-gateway] Server error:", err);
+            currentServer = null;
+            if (!embedded) {
+                process.exit(1);
+                return;
+            }
+            // Embedded mode: never crash host process on gateway bind/runtime errors.
+            // The plugin can continue running and other features remain available.
+            console.warn("[ai-security-gateway] Embedded mode: gateway error ignored");
+        });
+        // Start listening
+        server.listen(config.port, "127.0.0.1", () => {
+            if (!embedded) {
+                console.log(`[ai-security-gateway] Server listening on http://127.0.0.1:${config.port}`);
+                console.log("[ai-security-gateway] Ready to proxy requests");
+                console.log("");
+                console.log("Endpoints:");
+                console.log(`  POST http://127.0.0.1:${config.port}/v1/messages - Anthropic`);
+                console.log(`  POST http://127.0.0.1:${config.port}/v1/chat/completions - OpenAI / OpenRouter`);
+                console.log(`  POST http://127.0.0.1:${config.port}/v1/models/:model:generateContent - Gemini`);
+                console.log(`  GET  http://127.0.0.1:${config.port}/v1/models - List models (OpenAI / OpenRouter)`);
+                console.log(`  GET  http://127.0.0.1:${config.port}/health - Health check`);
+            }
+        });
+        // In embedded mode, don't let the server prevent process exit
+        if (embedded) {
+            server.unref();
+        }
+        // Only register shutdown handlers if not embedded
+        if (!embedded) {
+            process.on("SIGINT", () => {
+                console.log("\n[ai-security-gateway] Shutting down...");
+                server.close(() => {
+                    console.log("[ai-security-gateway] Server stopped");
+                    process.exit(0);
+                });
+            });
+            process.on("SIGTERM", () => {
+                console.log("\n[ai-security-gateway] Shutting down...");
+                server.close(() => {
+                    console.log("[ai-security-gateway] Server stopped");
+                    process.exit(0);
+                });
+            });
+        }
+    }
+    catch (error) {
+        console.error("[ai-security-gateway] Failed to start:", error);
+        currentServer = null;
+        if (!embedded) {
+            process.exit(1);
+        }
+        throw error;
+    }
+}
+// Re-export for programmatic use
+export { sanitize, sanitizeMessages } from "./sanitizer.js";
+export { restore, restoreJSON, restoreSSELine } from "./restorer.js";
+export { addActivityListener, removeActivityListener, clearActivityListeners, } from "./activity.js";
+// Start if run directly
+if (import.meta.url === `file://${process.argv[1]}`) {
+    const configPath = process.argv[2];
+    startGateway(configPath);
+}
+//# sourceMappingURL=index.js.map

package/dist/gateway/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA;;;;;;GAMG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAEzC,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,uBAAuB,EAAqB,MAAM,aAAa,CAAC;AAE9I,OAAO,EAAE,sBAAsB,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAE3D,IAAI,MAAqB,CAAC;AAC1B,IAAI,aAAa,GAA2C,IAAI,CAAC;AAEjE;;GAEG;AACH,SAAS,aAAa,CAAC,GAAoB;IACzC,yCAAyC;IACzC,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IACzC,IAAI,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;QAC3C,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,2CAA2C;IAC3C,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;IAC1C,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACnE,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACvB,CAAC;IAED,oCAAoC;IACpC,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAC9C,IAAI,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;QAC3C,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,SAAS,cAAc,CACrB,GAAoB,EACpB,OAAgB;IAEhB,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,IAAI,EAAE,CAAC;IAE1B,wDAAwD;IACxD,MAAM,MAAM,GAAG,uBAAuB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IACpD,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,oCAAoC;IACpC,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,KAAK,GAAG,mBAAmB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAClD,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,mDAAmD;IACnD,OAAO,kBAAkB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;AAC7C,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,aAAa,CAC1B,GAAoB,EACpB,GAAmB;IAEnB,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC;IAE5B,mDAAmD;IACnD,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,yBAAyB,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC;IACxD,CAAC;IAED,2CAA2C;IAC3C,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;IAClD,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,oBAAoB,CAAC,CAAC;IACpE,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,2DAA2D,CAAC,CAAC;IAE3G,oCAAoC;IACpC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACnB,GAAG,CAAC,GAAG,EAAE,CAAC;QACV,OAAO;IACT,CAAC;IAED,2BAA2B;IAC3B,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;QACtB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC;QAC5D,OAAO;IACT,CAAC;IAED,wEAAwE;IACxE,IAAI,MAAM,KAAK,KAAK,IAAI,GAAG,KAAK,YAAY,EAAE,CAAC;QAC7C,MAAM,mBAAmB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACvC,OAAO;IACT,CAAC;IAED,oCAAoC;IACpC,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,CAAC,CAAC,CAAC;QACzD,OAAO;IACT,CAAC;IAED,oDAAoD;IACpD,yEAAyE;IACzE,IAAI,CAAC;QACH,IAAI,GAAG,EAAE,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YAC/B,wEAAwE;YACxE,MAAM,QAAQ,GAAG,cAAc,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;YAClD,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;gBAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,4CAA4C,EAAE,CAAC,CAAC,CAAC;gBACjF,OAAO;YACT,CAAC;YACD,MAAM,sBAAsB,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC3D,CAAC;aAAM,IAAI,GAAG,EAAE,QAAQ,CAAC,mBAAmB,CAAC,EAAE,CAAC;YAC9C,yCAAyC;YACzC,yEAAyE;YACzE,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;YACxD,IAAI,QAAQ,GAAoD,IAAI,CAAC;YAErE,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,WAAW,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC;gBACpC,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;gBAC7C,IAAI,OAAO,EAAE,CAAC;oBACZ,QAAQ,GAAG,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,CAAC;oBAC1C,OAAO,CAAC,GAAG,CAAC,2CAA2C,WAAW,EAAE,CAAC,CAAC;gBACxE,CAAC;YACH,CAAC;YAED,qCAAqC;YACrC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,QAAQ,GAAG,cAAc,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;gBACzC,OAAO,CAAC,GAAG,CAAC,2CAA2C,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;YAC3E,CAAC;YAED,gCAAgC;YAChC,MAAM,mBAAmB,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC,sBAAsB,CAAC,CAAC;YACrE,MAAM,OAAO,GAAG,mBAAmB;gBACjC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAAC;gBACtC,CAAC,CAAC,QAAQ,EAAE,OAAO,CAAC;YAEtB,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;gBAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,yCAAyC,EAAE,CAAC,CAAC,CAAC;gBAC9E,OAAO;YACT,CAAC;YAED,MAAM,YAAY,GAA2B,EAAE,CAAC;YAChD,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;gBACpB,YAAY,CAAC,cAAc,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;YACjD,CAAC;YACD,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;gBAClB,YAAY,CAAC,SAAS,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC;YAC1C,CAAC;YACD,MAAM,mBAAmB,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;QAC7D,CAAC;aAAM,IAAI,GAAG,EAAE,KAAK,CAAC,iCAAiC,CAAC,EAAE,CAAC;YACzD,4EAA4E;YAC5E,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;YAC3D,MAAM,SAAS,GAAG,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;YAC7B,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,QAAQ,GAAG,cAAc,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;gBAC/C,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACd,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;oBAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,8BAA8B,EAAE,CAAC,CAAC,CAAC;oBACnE,OAAO;gBACT,CAAC;gBACD,MAAM,mBAAmB,CAAC,GAAG,EAAE,GAAG,EAAE,QAAQ,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;YACnE,CAAC;iBAAM,CAAC;gBACN,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;gBAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,qBAAqB,EAAE,CAAC,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;aAAM,CAAC;YACN,mBAAmB;YACnB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;YAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,8CAA8C,EAAE,KAAK,CAAC,CAAC;QACrE,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC3D,GAAG,CAAC,GAAG,CACL,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,uBAAuB;YAC9B,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAChE,CAAC,CACH,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW;IACzB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,IAAI,aAAa,EAAE,CAAC;YAClB,aAAa,CAAC,KAAK,CAAC,GAAG,EAAE;gBACvB,aAAa,GAAG,IAAI,CAAC;gBACrB,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;gBACpD,OAAO,EAAE,CAAC;YACZ,CAAC,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB;IACpC,OAAO,aAAa,KAAK,IAAI,CAAC;AAChC,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,YAAY,CAAC,UAAmB,EAAE,QAAQ,GAAG,KAAK;IAChE,iDAAiD;IACjD,IAAI,aAAa,EAAE,CAAC;QAClB,IAAI,CAAC,QAAQ;YAAE,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;QAC5F,aAAa,CAAC,KAAK,EAAE,CAAC;QACtB,aAAa,GAAG,IAAI,CAAC;IACvB,CAAC;IAED,IAAI,CAAC;QACH,kCAAkC;QAClC,MAAM,GAAG,UAAU,CAAC,UAAU,CAAC,CAAC;QAChC,cAAc,CAAC,MAAM,CAAC,CAAC;QAEvB,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;YAC3D,OAAO,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;YACtC,OAAO,CAAC,GAAG,CACT,eAAe,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,QAAQ,EAAE,CACrE,CAAC;QACJ,CAAC;QAED,qBAAqB;QACrB,MAAM,MAAM,GAAG,YAAY,CAAC,aAAa,CAAC,CAAC;QAC3C,aAAa,GAAG,MAAM,CAAC;QAEvB,uBAAuB;QACvB,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAA0B,EAAE,EAAE;YAChD,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE,GAAG,CAAC,CAAC;YAC1D,aAAa,GAAG,IAAI,CAAC;YACrB,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,MAAM,GAAG,CAAC;QACZ,CAAC,CAAC,CAAC;QAEH,kBAAkB;QAClB,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,WAAW,EAAE,GAAG,EAAE;YAC3C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,GAAG,CACT,8DAA8D,MAAM,CAAC,IAAI,EAAE,CAC5E,CAAC;gBACF,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;gBAC7D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBAChB,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;gBAC1B,OAAO,CAAC,GAAG,CAAC,2BAA2B,MAAM,CAAC,IAAI,0BAA0B,CAAC,CAAC;gBAC9E,OAAO,CAAC,GAAG,CAAC,2BAA2B,MAAM,CAAC,IAAI,4CAA4C,CAAC,CAAC;gBAChG,OAAO,CAAC,GAAG,CAAC,2BAA2B,MAAM,CAAC,IAAI,4CAA4C,CAAC,CAAC;gBAChG,OAAO,CAAC,GAAG,CAAC,2BAA2B,MAAM,CAAC,IAAI,gDAAgD,CAAC,CAAC;gBACpG,OAAO,CAAC,GAAG,CAAC,2BAA2B,MAAM,CAAC,IAAI,wBAAwB,CAAC,CAAC;YAC9E,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,8DAA8D;QAC9D,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,CAAC;QAED,kDAAkD;QAClD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE;gBACxB,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;gBACxD,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE;oBAChB,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;oBACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAClB,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YAEH,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;gBACzB,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;gBACxD,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE;oBAChB,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;oBACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAClB,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,wCAAwC,EAAE,KAAK,CAAC,CAAC;QAC/D,aAAa,GAAG,IAAI,CAAC;QACrB,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAED,iCAAiC;AACjC,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AACrE,OAAO,EACL,mBAAmB,EACnB,sBAAsB,EACtB,sBAAsB,GACvB,MAAM,eAAe,CAAC;AAWvB,wBAAwB;AACxB,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,UAAU,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IACpD,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACnC,YAAY,CAAC,UAAU,CAAC,CAAC;AAC3B,CAAC"}

package/dist/gateway/mapping-store.d.ts ADDED Viewed

@@ -0,0 +1,38 @@
+/**
+ * Persistent Mapping Store
+ *
+ * Maintains a global mapping between original values and placeholders.
+ * This ensures the same sensitive data always gets the same placeholder,
+ * allowing restoration to work across multiple requests in a conversation.
+ */
+import type { MappingTable } from "./types.js";
+/**
+ * Get or create a placeholder for an original value
+ * If the value was seen before, returns the same placeholder
+ */
+export declare function getOrCreatePlaceholder(originalValue: string, entityType: string): string;
+/**
+ * Get the original value for a placeholder
+ */
+export declare function getOriginalValue(placeholder: string): string | undefined;
+/**
+ * Check if a string is a known placeholder
+ */
+export declare function isKnownPlaceholder(text: string): boolean;
+/**
+ * Get all placeholders and their original values as a MappingTable
+ * This is used for restoration
+ */
+export declare function getGlobalMappingTable(): MappingTable;
+/**
+ * Get current statistics
+ */
+export declare function getMappingStats(): {
+    totalMappings: number;
+    byType: Record<string, number>;
+};
+/**
+ * Clear all mappings (for testing or reset)
+ */
+export declare function clearMappings(): void;
+//# sourceMappingURL=mapping-store.d.ts.map

package/dist/gateway/mapping-store.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"mapping-store.d.ts","sourceRoot":"","sources":["../src/mapping-store.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAW/C;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,aAAa,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM,CAmBxF;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAExE;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAExD;AAED;;;GAGG;AACH,wBAAgB,qBAAqB,IAAI,YAAY,CAEpD;AAED;;GAEG;AACH,wBAAgB,eAAe,IAAI;IAAE,aAAa,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAAE,CAS3F;AAED;;GAEG;AACH,wBAAgB,aAAa,IAAI,IAAI,CAIpC"}

package/dist/gateway/mapping-store.js ADDED Viewed

@@ -0,0 +1,74 @@
+/**
+ * Persistent Mapping Store
+ *
+ * Maintains a global mapping between original values and placeholders.
+ * This ensures the same sensitive data always gets the same placeholder,
+ * allowing restoration to work across multiple requests in a conversation.
+ */
+// Global mapping: original value -> placeholder
+const originalToPlaceholder = new Map();
+// Global mapping: placeholder -> original value (reverse lookup for restoration)
+const placeholderToOriginal = new Map();
+// Global counter per entity type
+const typeCounters = new Map();
+/**
+ * Get or create a placeholder for an original value
+ * If the value was seen before, returns the same placeholder
+ */
+export function getOrCreatePlaceholder(originalValue, entityType) {
+    // Check if we already have a placeholder for this value
+    const existing = originalToPlaceholder.get(originalValue);
+    if (existing) {
+        return existing;
+    }
+    // Create a new placeholder
+    const counter = (typeCounters.get(entityType) ?? 0) + 1;
+    typeCounters.set(entityType, counter);
+    const paddedId = counter.toString().padStart(8, "0");
+    const placeholder = `__PII_${entityType}_${paddedId}__`;
+    // Store both directions
+    originalToPlaceholder.set(originalValue, placeholder);
+    placeholderToOriginal.set(placeholder, originalValue);
+    return placeholder;
+}
+/**
+ * Get the original value for a placeholder
+ */
+export function getOriginalValue(placeholder) {
+    return placeholderToOriginal.get(placeholder);
+}
+/**
+ * Check if a string is a known placeholder
+ */
+export function isKnownPlaceholder(text) {
+    return placeholderToOriginal.has(text);
+}
+/**
+ * Get all placeholders and their original values as a MappingTable
+ * This is used for restoration
+ */
+export function getGlobalMappingTable() {
+    return new Map(placeholderToOriginal);
+}
+/**
+ * Get current statistics
+ */
+export function getMappingStats() {
+    const byType = {};
+    for (const [type, count] of typeCounters.entries()) {
+        byType[type] = count;
+    }
+    return {
+        totalMappings: placeholderToOriginal.size,
+        byType,
+    };
+}
+/**
+ * Clear all mappings (for testing or reset)
+ */
+export function clearMappings() {
+    originalToPlaceholder.clear();
+    placeholderToOriginal.clear();
+    typeCounters.clear();
+}
+//# sourceMappingURL=mapping-store.js.map

package/dist/gateway/mapping-store.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"mapping-store.js","sourceRoot":"","sources":["../src/mapping-store.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,gDAAgD;AAChD,MAAM,qBAAqB,GAAG,IAAI,GAAG,EAAkB,CAAC;AAExD,iFAAiF;AACjF,MAAM,qBAAqB,GAAG,IAAI,GAAG,EAAkB,CAAC;AAExD,iCAAiC;AACjC,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkB,CAAC;AAE/C;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,aAAqB,EAAE,UAAkB;IAC9E,wDAAwD;IACxD,MAAM,QAAQ,GAAG,qBAAqB,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC1D,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,2BAA2B;IAC3B,MAAM,OAAO,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IACxD,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAEtC,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACrD,MAAM,WAAW,GAAG,SAAS,UAAU,IAAI,QAAQ,IAAI,CAAC;IAExD,wBAAwB;IACxB,qBAAqB,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;IACtD,qBAAqB,CAAC,GAAG,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAEtD,OAAO,WAAW,CAAC;AACrB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,WAAmB;IAClD,OAAO,qBAAqB,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;AAChD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,IAAY;IAC7C,OAAO,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AACzC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,qBAAqB;IACnC,OAAO,IAAI,GAAG,CAAC,qBAAqB,CAAC,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe;IAC7B,MAAM,MAAM,GAA2B,EAAE,CAAC;IAC1C,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,YAAY,CAAC,OAAO,EAAE,EAAE,CAAC;QACnD,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC;IACvB,CAAC;IACD,OAAO;QACL,aAAa,EAAE,qBAAqB,CAAC,IAAI;QACzC,MAAM;KACP,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa;IAC3B,qBAAqB,CAAC,KAAK,EAAE,CAAC;IAC9B,qBAAqB,CAAC,KAAK,EAAE,CAAC;IAC9B,YAAY,CAAC,KAAK,EAAE,CAAC;AACvB,CAAC"}

package/dist/gateway/restorer.d.ts ADDED Viewed

@@ -0,0 +1,63 @@
+/**
+ * AI Security Gateway - Content Restorer
+ *
+ * Restores sanitized placeholders back to original values.
+ * Handles LLM corruption patterns (missing underscores, case variations).
+ *
+ * Placeholder format: __PII_<ENTITY_TYPE>_<SERIAL_ID>__
+ */
+import type { MappingTable } from "./types.js";
+/**
+ * Restore any content (object, array, string) using the mapping table
+ */
+export declare function restore(content: unknown, mappingTable: MappingTable): unknown;
+/**
+ * Restore a JSON string
+ * Useful for SSE streaming where each chunk is a JSON string
+ */
+export declare function restoreJSON(jsonString: string, mappingTable: MappingTable): string;
+/**
+ * Restore SSE data line (for streaming responses)
+ * Format: "data: {...}\n"
+ */
+export declare function restoreSSELine(line: string, mappingTable: MappingTable): string;
+/**
+ * StreamRestorer - Stateful streaming restoration with smart buffering
+ *
+ * Only buffers when `__` is detected (potential placeholder start).
+ * Otherwise streams through immediately for best UX.
+ */
+export declare class StreamRestorer {
+    private buffer;
+    private mappingTable;
+    constructor(mappingTable: MappingTable);
+    /**
+     * Process incoming text chunk
+     * Returns text that can be safely output (already restored or confirmed non-placeholder)
+     */
+    process(chunk: string): string;
+    /**
+     * Flush what we can safely output
+     * Keeps potential incomplete placeholders in buffer
+     */
+    private flush;
+    /**
+     * Check if text could be the start of a placeholder
+     * Returns true if it matches the beginning of __PII_<TYPE>_<ID>__
+     */
+    private couldBePlaceholder;
+    /**
+     * Finalize stream - flush any remaining buffer
+     * Call this at end of stream to ensure nothing is lost
+     */
+    finalize(): string;
+    /**
+     * Check if there's pending data in buffer
+     */
+    hasPendingData(): boolean;
+}
+/**
+ * Create a streaming restorer for a response
+ */
+export declare function createStreamRestorer(mappingTable: MappingTable): StreamRestorer;
+//# sourceMappingURL=restorer.d.ts.map

package/dist/gateway/restorer.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"restorer.d.ts","sourceRoot":"","sources":["../src/restorer.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAyG/C;;GAEG;AACH,wBAAgB,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,YAAY,GAAG,OAAO,CAG7E;AAED;;;GAGG;AACH,wBAAgB,WAAW,CAAC,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,YAAY,GAAG,MAAM,CAWlF;AAED;;;GAGG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,YAAY,EAAE,YAAY,GAAG,MAAM,CAe/E;AAYD;;;;;GAKG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,MAAM,CAAc;IAC5B,OAAO,CAAC,YAAY,CAAe;gBAEvB,YAAY,EAAE,YAAY;IAItC;;;OAGG;IACH,OAAO,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAU9B;;;OAGG;IACH,OAAO,CAAC,KAAK;IAqEb;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IAoB1B;;;OAGG;IACH,QAAQ,IAAI,MAAM;IASlB;;OAEG;IACH,cAAc,IAAI,OAAO;CAG1B;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,YAAY,EAAE,YAAY,GAAG,cAAc,CAE/E"}