@de-otio/trellis 0.7.1 → 0.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +661 -0
- package/dist/db.js +10 -18
- package/dist/db.js.map +1 -1
- package/dist/env.d.ts +66 -6
- package/dist/env.d.ts.map +1 -1
- package/dist/env.js +89 -70
- package/dist/env.js.map +1 -1
- package/dist/extensions.js +3 -8
- package/dist/extensions.js.map +1 -1
- package/dist/index.d.ts +2 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -9
- package/dist/index.js.map +1 -1
- package/dist/lambda/cleanup-cron.d.ts.map +1 -1
- package/dist/lambda/cleanup-cron.js +20 -24
- package/dist/lambda/cleanup-cron.js.map +1 -1
- package/dist/lambda/create-auth-challenge.d.ts.map +1 -1
- package/dist/lambda/create-auth-challenge.js +17 -19
- package/dist/lambda/create-auth-challenge.js.map +1 -1
- package/dist/lambda/custom-message.js +1 -5
- package/dist/lambda/custom-message.js.map +1 -1
- package/dist/lambda/define-auth-challenge.js +1 -5
- package/dist/lambda/define-auth-challenge.js.map +1 -1
- package/dist/lambda/delete-account-worker.d.ts.map +1 -1
- package/dist/lambda/delete-account-worker.js +25 -58
- package/dist/lambda/delete-account-worker.js.map +1 -1
- package/dist/lambda/diagnostics-proxy.d.ts.map +1 -1
- package/dist/lambda/diagnostics-proxy.js +14 -49
- package/dist/lambda/diagnostics-proxy.js.map +1 -1
- package/dist/lambda/e2e-sweeper.d.ts.map +1 -1
- package/dist/lambda/e2e-sweeper.js +30 -38
- package/dist/lambda/e2e-sweeper.js.map +1 -1
- package/dist/lambda/federation-outbox-worker.d.ts.map +1 -1
- package/dist/lambda/federation-outbox-worker.js +4 -6
- package/dist/lambda/federation-outbox-worker.js.map +1 -1
- package/dist/lambda/followers-events-worker.d.ts.map +1 -1
- package/dist/lambda/followers-events-worker.js +4 -6
- package/dist/lambda/followers-events-worker.js.map +1 -1
- package/dist/lambda/hourly-cron.d.ts.map +1 -1
- package/dist/lambda/hourly-cron.js +100 -32
- package/dist/lambda/hourly-cron.js.map +1 -1
- package/dist/lambda/link-check-worker.d.ts.map +1 -1
- package/dist/lambda/link-check-worker.js +4 -6
- package/dist/lambda/link-check-worker.js.map +1 -1
- package/dist/lambda/maintenance-cron.d.ts.map +1 -1
- package/dist/lambda/maintenance-cron.js +30 -63
- package/dist/lambda/maintenance-cron.js.map +1 -1
- package/dist/lambda/media-processing-worker.d.ts.map +1 -1
- package/dist/lambda/media-processing-worker.js +11 -46
- package/dist/lambda/media-processing-worker.js.map +1 -1
- package/dist/lambda/media-reconciliation-worker.d.ts.map +1 -1
- package/dist/lambda/media-reconciliation-worker.js +4 -6
- package/dist/lambda/media-reconciliation-worker.js.map +1 -1
- package/dist/lambda/nightly-cron.d.ts.map +1 -1
- package/dist/lambda/nightly-cron.js +67 -112
- package/dist/lambda/nightly-cron.js.map +1 -1
- package/dist/lambda/post-confirmation.d.ts.map +1 -1
- package/dist/lambda/post-confirmation.js +203 -47
- package/dist/lambda/post-confirmation.js.map +1 -1
- package/dist/lambda/pre-signup.js +7 -11
- package/dist/lambda/pre-signup.js.map +1 -1
- package/dist/lambda/pre-token-generation.d.ts.map +1 -1
- package/dist/lambda/pre-token-generation.js +27 -35
- package/dist/lambda/pre-token-generation.js.map +1 -1
- package/dist/lambda/tools/check-health.js +1 -5
- package/dist/lambda/tools/check-health.js.map +1 -1
- package/dist/lambda/tools/describe-services.js +4 -8
- package/dist/lambda/tools/describe-services.js.map +1 -1
- package/dist/lambda/tools/get-cost-report.js +4 -8
- package/dist/lambda/tools/get-cost-report.js.map +1 -1
- package/dist/lambda/tools/get-errors.js +5 -9
- package/dist/lambda/tools/get-errors.js.map +1 -1
- package/dist/lambda/tools/get-feature-flags.js +4 -8
- package/dist/lambda/tools/get-feature-flags.js.map +1 -1
- package/dist/lambda/tools/get-queue-status.js +5 -9
- package/dist/lambda/tools/get-queue-status.js.map +1 -1
- package/dist/lambda/tools/search-logs.js +5 -9
- package/dist/lambda/tools/search-logs.js.map +1 -1
- package/dist/lambda/tools/send-alert.js +4 -8
- package/dist/lambda/tools/send-alert.js.map +1 -1
- package/dist/lambda/verify-auth-challenge.d.ts.map +1 -1
- package/dist/lambda/verify-auth-challenge.js +10 -12
- package/dist/lambda/verify-auth-challenge.js.map +1 -1
- package/dist/lib/abuse-metrics.d.ts.map +1 -1
- package/dist/lib/abuse-metrics.js +10 -13
- package/dist/lib/abuse-metrics.js.map +1 -1
- package/dist/lib/activitypub/activity-processor.d.ts +1 -1
- package/dist/lib/activitypub/activity-processor.d.ts.map +1 -1
- package/dist/lib/activitypub/activity-processor.js +9 -43
- package/dist/lib/activitypub/activity-processor.js.map +1 -1
- package/dist/lib/activitypub/activity-service.js +1 -5
- package/dist/lib/activitypub/activity-service.js.map +1 -1
- package/dist/lib/activitypub/actor.d.ts +1 -1
- package/dist/lib/activitypub/actor.d.ts.map +1 -1
- package/dist/lib/activitypub/actor.js +1 -5
- package/dist/lib/activitypub/actor.js.map +1 -1
- package/dist/lib/activitypub/audience-service.d.ts +2 -2
- package/dist/lib/activitypub/audience-service.d.ts.map +1 -1
- package/dist/lib/activitypub/audience-service.js +8 -12
- package/dist/lib/activitypub/audience-service.js.map +1 -1
- package/dist/lib/activitypub/crypto.d.ts +1 -1
- package/dist/lib/activitypub/crypto.d.ts.map +1 -1
- package/dist/lib/activitypub/crypto.js +3 -41
- package/dist/lib/activitypub/crypto.js.map +1 -1
- package/dist/lib/activitypub/delivery-service.d.ts +5 -5
- package/dist/lib/activitypub/delivery-service.d.ts.map +1 -1
- package/dist/lib/activitypub/delivery-service.js +10 -47
- package/dist/lib/activitypub/delivery-service.js.map +1 -1
- package/dist/lib/activitypub/dispatchers/entity-actor.d.ts +3 -2
- package/dist/lib/activitypub/dispatchers/entity-actor.d.ts.map +1 -1
- package/dist/lib/activitypub/dispatchers/entity-actor.js +19 -23
- package/dist/lib/activitypub/dispatchers/entity-actor.js.map +1 -1
- package/dist/lib/activitypub/dispatchers/group-actor.d.ts +3 -2
- package/dist/lib/activitypub/dispatchers/group-actor.d.ts.map +1 -1
- package/dist/lib/activitypub/dispatchers/group-actor.js +19 -23
- package/dist/lib/activitypub/dispatchers/group-actor.js.map +1 -1
- package/dist/lib/activitypub/dispatchers/user-actor.d.ts +3 -2
- package/dist/lib/activitypub/dispatchers/user-actor.d.ts.map +1 -1
- package/dist/lib/activitypub/dispatchers/user-actor.js +16 -20
- package/dist/lib/activitypub/dispatchers/user-actor.js.map +1 -1
- package/dist/lib/activitypub/dm-service.js +1 -5
- package/dist/lib/activitypub/dm-service.js.map +1 -1
- package/dist/lib/activitypub/entity-profile-service.d.ts +1 -1
- package/dist/lib/activitypub/entity-profile-service.d.ts.map +1 -1
- package/dist/lib/activitypub/entity-profile-service.js +6 -10
- package/dist/lib/activitypub/entity-profile-service.js.map +1 -1
- package/dist/lib/activitypub/fedify/config.d.ts +3 -3
- package/dist/lib/activitypub/fedify/config.d.ts.map +1 -1
- package/dist/lib/activitypub/fedify/config.js +5 -8
- package/dist/lib/activitypub/fedify/config.js.map +1 -1
- package/dist/lib/activitypub/fedify/context.d.ts +1 -1
- package/dist/lib/activitypub/fedify/context.d.ts.map +1 -1
- package/dist/lib/activitypub/fedify/context.js +8 -12
- package/dist/lib/activitypub/fedify/context.js.map +1 -1
- package/dist/lib/activitypub/fedify/runtime.d.ts +1 -1
- package/dist/lib/activitypub/fedify/runtime.d.ts.map +1 -1
- package/dist/lib/activitypub/fedify/runtime.js +3 -6
- package/dist/lib/activitypub/fedify/runtime.js.map +1 -1
- package/dist/lib/activitypub/friendship-service.js +1 -5
- package/dist/lib/activitypub/friendship-service.js.map +1 -1
- package/dist/lib/activitypub/group-service.d.ts +1 -1
- package/dist/lib/activitypub/group-service.d.ts.map +1 -1
- package/dist/lib/activitypub/group-service.js +9 -46
- package/dist/lib/activitypub/group-service.js.map +1 -1
- package/dist/lib/activitypub/http-signatures.js +8 -45
- package/dist/lib/activitypub/http-signatures.js.map +1 -1
- package/dist/lib/activitypub/jsonld.d.ts +1 -1
- package/dist/lib/activitypub/jsonld.d.ts.map +1 -1
- package/dist/lib/activitypub/jsonld.js +1 -5
- package/dist/lib/activitypub/jsonld.js.map +1 -1
- package/dist/lib/activitypub/listeners/friends-collection.d.ts +1 -1
- package/dist/lib/activitypub/listeners/friends-collection.d.ts.map +1 -1
- package/dist/lib/activitypub/listeners/friends-collection.js +17 -20
- package/dist/lib/activitypub/listeners/friends-collection.js.map +1 -1
- package/dist/lib/activitypub/listeners/http-signatures.d.ts +1 -1
- package/dist/lib/activitypub/listeners/http-signatures.d.ts.map +1 -1
- package/dist/lib/activitypub/listeners/http-signatures.js +9 -46
- package/dist/lib/activitypub/listeners/http-signatures.js.map +1 -1
- package/dist/lib/activitypub/listeners/inbox.d.ts +2 -2
- package/dist/lib/activitypub/listeners/inbox.d.ts.map +1 -1
- package/dist/lib/activitypub/listeners/inbox.js +31 -35
- package/dist/lib/activitypub/listeners/inbox.js.map +1 -1
- package/dist/lib/activitypub/listeners/outbox.d.ts +1 -1
- package/dist/lib/activitypub/listeners/outbox.d.ts.map +1 -1
- package/dist/lib/activitypub/listeners/outbox.js +17 -20
- package/dist/lib/activitypub/listeners/outbox.js.map +1 -1
- package/dist/lib/activitypub/remote-fetch-service.d.ts +6 -6
- package/dist/lib/activitypub/remote-fetch-service.d.ts.map +1 -1
- package/dist/lib/activitypub/remote-fetch-service.js +6 -10
- package/dist/lib/activitypub/remote-fetch-service.js.map +1 -1
- package/dist/lib/activitypub/services/abuse-prevention.d.ts +1 -1
- package/dist/lib/activitypub/services/abuse-prevention.d.ts.map +1 -1
- package/dist/lib/activitypub/services/abuse-prevention.js +11 -17
- package/dist/lib/activitypub/services/abuse-prevention.js.map +1 -1
- package/dist/lib/activitypub/services/dm-service-fedify.d.ts +4 -4
- package/dist/lib/activitypub/services/dm-service-fedify.d.ts.map +1 -1
- package/dist/lib/activitypub/services/dm-service-fedify.js +24 -59
- package/dist/lib/activitypub/services/dm-service-fedify.js.map +1 -1
- package/dist/lib/activitypub/services/fedify-converters.d.ts +2 -2
- package/dist/lib/activitypub/services/fedify-converters.d.ts.map +1 -1
- package/dist/lib/activitypub/services/fedify-converters.js +3 -8
- package/dist/lib/activitypub/services/fedify-converters.js.map +1 -1
- package/dist/lib/activitypub/services/fedify-delivery.d.ts +2 -2
- package/dist/lib/activitypub/services/fedify-delivery.d.ts.map +1 -1
- package/dist/lib/activitypub/services/fedify-delivery.js +19 -56
- package/dist/lib/activitypub/services/fedify-delivery.js.map +1 -1
- package/dist/lib/activitypub/services/follow-activity-service.d.ts +2 -2
- package/dist/lib/activitypub/services/follow-activity-service.d.ts.map +1 -1
- package/dist/lib/activitypub/services/follow-activity-service.js +8 -12
- package/dist/lib/activitypub/services/follow-activity-service.js.map +1 -1
- package/dist/lib/activitypub/services/post-service-fedify.d.ts +2 -2
- package/dist/lib/activitypub/services/post-service-fedify.d.ts.map +1 -1
- package/dist/lib/activitypub/services/post-service-fedify.js +33 -65
- package/dist/lib/activitypub/services/post-service-fedify.js.map +1 -1
- package/dist/lib/activitypub/services/remote-activity-handler.d.ts +2 -2
- package/dist/lib/activitypub/services/remote-activity-handler.d.ts.map +1 -1
- package/dist/lib/activitypub/services/remote-activity-handler.js +25 -28
- package/dist/lib/activitypub/services/remote-activity-handler.js.map +1 -1
- package/dist/lib/activitypub/standalone-mode.d.ts +1 -1
- package/dist/lib/activitypub/standalone-mode.d.ts.map +1 -1
- package/dist/lib/activitypub/standalone-mode.js +13 -50
- package/dist/lib/activitypub/standalone-mode.js.map +1 -1
- package/dist/lib/activitypub/webfinger/server.d.ts +1 -1
- package/dist/lib/activitypub/webfinger/server.d.ts.map +1 -1
- package/dist/lib/activitypub/webfinger/server.js +18 -54
- package/dist/lib/activitypub/webfinger/server.js.map +1 -1
- package/dist/lib/age-gate-middleware.d.ts +4 -4
- package/dist/lib/age-gate-middleware.d.ts.map +1 -1
- package/dist/lib/age-gate-middleware.js +3 -6
- package/dist/lib/age-gate-middleware.js.map +1 -1
- package/dist/lib/age-gate.js +3 -8
- package/dist/lib/age-gate.js.map +1 -1
- package/dist/lib/age-tier-transition.d.ts +1 -1
- package/dist/lib/age-tier-transition.d.ts.map +1 -1
- package/dist/lib/age-tier-transition.js +7 -44
- package/dist/lib/age-tier-transition.js.map +1 -1
- package/dist/lib/app.d.ts +76 -0
- package/dist/lib/app.d.ts.map +1 -0
- package/dist/lib/app.js +400 -0
- package/dist/lib/app.js.map +1 -0
- package/dist/lib/audit/csv-export.js +6 -13
- package/dist/lib/audit/csv-export.js.map +1 -1
- package/dist/lib/audit/pii-filter.d.ts +9 -0
- package/dist/lib/audit/pii-filter.d.ts.map +1 -1
- package/dist/lib/audit/pii-filter.js +57 -7
- package/dist/lib/audit/pii-filter.js.map +1 -1
- package/dist/lib/audit-actions.d.ts +94 -0
- package/dist/lib/audit-actions.d.ts.map +1 -0
- package/dist/lib/audit-actions.js +107 -0
- package/dist/lib/audit-actions.js.map +1 -0
- package/dist/lib/audit-composer.d.ts +174 -0
- package/dist/lib/audit-composer.d.ts.map +1 -0
- package/dist/lib/audit-composer.js +421 -0
- package/dist/lib/audit-composer.js.map +1 -0
- package/dist/lib/auth/auth-context.d.ts +1 -1
- package/dist/lib/auth/auth-context.js +1 -2
- package/dist/lib/auth/auth-context.js.map +1 -1
- package/dist/lib/auth/auth-middleware.d.ts +16 -2
- package/dist/lib/auth/auth-middleware.d.ts.map +1 -1
- package/dist/lib/auth/auth-middleware.js +36 -45
- package/dist/lib/auth/auth-middleware.js.map +1 -1
- package/dist/lib/auth/capabilities.js +2 -5
- package/dist/lib/auth/capabilities.js.map +1 -1
- package/dist/lib/auth/claims-cache.d.ts +2 -2
- package/dist/lib/auth/claims-cache.js +19 -24
- package/dist/lib/auth/claims-cache.js.map +1 -1
- package/dist/lib/auth/cognito-jwt.d.ts +20 -2
- package/dist/lib/auth/cognito-jwt.d.ts.map +1 -1
- package/dist/lib/auth/cognito-jwt.js +83 -23
- package/dist/lib/auth/cognito-jwt.js.map +1 -1
- package/dist/lib/auth/idp-redirect-builder.d.ts +1 -1
- package/dist/lib/auth/idp-redirect-builder.d.ts.map +1 -1
- package/dist/lib/auth/idp-redirect-builder.js +4 -10
- package/dist/lib/auth/idp-redirect-builder.js.map +1 -1
- package/dist/lib/auth/require.d.ts +4 -4
- package/dist/lib/auth/require.d.ts.map +1 -1
- package/dist/lib/auth/require.js +11 -18
- package/dist/lib/auth/require.js.map +1 -1
- package/dist/lib/auth/role-grants.d.ts +1 -1
- package/dist/lib/auth/role-grants.d.ts.map +1 -1
- package/dist/lib/auth/role-grants.js +28 -31
- package/dist/lib/auth/role-grants.js.map +1 -1
- package/dist/lib/auth-context-manager.js +1 -5
- package/dist/lib/auth-context-manager.js.map +1 -1
- package/dist/lib/auth-handler.d.ts +5 -5
- package/dist/lib/auth-handler.d.ts.map +1 -1
- package/dist/lib/auth-handler.js +5 -9
- package/dist/lib/auth-handler.js.map +1 -1
- package/dist/lib/badge-handler.d.ts +1 -1
- package/dist/lib/badge-handler.d.ts.map +1 -1
- package/dist/lib/badge-handler.js +14 -52
- package/dist/lib/badge-handler.js.map +1 -1
- package/dist/lib/circle-handler.d.ts +10 -10
- package/dist/lib/circle-handler.d.ts.map +1 -1
- package/dist/lib/circle-handler.js +10 -47
- package/dist/lib/circle-handler.js.map +1 -1
- package/dist/lib/cognito/idp-sdk.js +11 -18
- package/dist/lib/cognito/idp-sdk.js.map +1 -1
- package/dist/lib/cognito/issuer-probe.js +9 -14
- package/dist/lib/cognito/issuer-probe.js.map +1 -1
- package/dist/lib/comment-handler.d.ts +10 -10
- package/dist/lib/comment-handler.d.ts.map +1 -1
- package/dist/lib/comment-handler.js +61 -97
- package/dist/lib/comment-handler.js.map +1 -1
- package/dist/lib/compliance/baseline.d.ts +2 -2
- package/dist/lib/compliance/baseline.d.ts.map +1 -1
- package/dist/lib/compliance/baseline.js +15 -18
- package/dist/lib/compliance/baseline.js.map +1 -1
- package/dist/lib/compliance/tenant-merge.d.ts +1 -1
- package/dist/lib/compliance/tenant-merge.d.ts.map +1 -1
- package/dist/lib/compliance/tenant-merge.js +1 -4
- package/dist/lib/compliance/tenant-merge.js.map +1 -1
- package/dist/lib/compliance/types.d.ts +1 -1
- package/dist/lib/compliance/types.js +2 -3
- package/dist/lib/compliance/types.js.map +1 -1
- package/dist/lib/connection-code-handler.d.ts +7 -7
- package/dist/lib/connection-code-handler.d.ts.map +1 -1
- package/dist/lib/connection-code-handler.js +13 -50
- package/dist/lib/connection-code-handler.js.map +1 -1
- package/dist/lib/content-discovery.d.ts +1 -1
- package/dist/lib/content-discovery.d.ts.map +1 -1
- package/dist/lib/content-discovery.js +15 -52
- package/dist/lib/content-discovery.js.map +1 -1
- package/dist/lib/context-aware-data-access.d.ts +1 -1
- package/dist/lib/context-aware-data-access.d.ts.map +1 -1
- package/dist/lib/context-aware-data-access.js +1 -5
- package/dist/lib/context-aware-data-access.js.map +1 -1
- package/dist/lib/cors-handler.d.ts +1 -1
- package/dist/lib/cors-handler.d.ts.map +1 -1
- package/dist/lib/cors-handler.js +13 -17
- package/dist/lib/cors-handler.js.map +1 -1
- package/dist/lib/cost-accumulator.d.ts.map +1 -1
- package/dist/lib/cost-accumulator.js +7 -11
- package/dist/lib/cost-accumulator.js.map +1 -1
- package/dist/lib/crypto/voting/elgamal-encryption.js +1 -5
- package/dist/lib/crypto/voting/elgamal-encryption.js.map +1 -1
- package/dist/lib/crypto/voting/encryption-scheme.js +1 -2
- package/dist/lib/crypto/voting/encryption-scheme.js.map +1 -1
- package/dist/lib/crypto/voting/hash-utils.js +6 -12
- package/dist/lib/crypto/voting/hash-utils.js.map +1 -1
- package/dist/lib/crypto/voting/hybrid-encryption.js +5 -9
- package/dist/lib/crypto/voting/hybrid-encryption.js.map +1 -1
- package/dist/lib/crypto/voting/index.js +4 -14
- package/dist/lib/crypto/voting/index.js.map +1 -1
- package/dist/lib/crypto/voting/post-quantum-encryption.js +1 -5
- package/dist/lib/crypto/voting/post-quantum-encryption.js.map +1 -1
- package/dist/lib/csrf.d.ts +2 -2
- package/dist/lib/csrf.d.ts.map +1 -1
- package/dist/lib/csrf.js +1 -5
- package/dist/lib/csrf.js.map +1 -1
- package/dist/lib/data-router.d.ts +5 -4
- package/dist/lib/data-router.d.ts.map +1 -1
- package/dist/lib/data-router.js +67 -90
- package/dist/lib/data-router.js.map +1 -1
- package/dist/lib/database-circuit-breaker.d.ts +61 -34
- package/dist/lib/database-circuit-breaker.d.ts.map +1 -1
- package/dist/lib/database-circuit-breaker.js +102 -109
- package/dist/lib/database-circuit-breaker.js.map +1 -1
- package/dist/lib/database-config.js +1 -4
- package/dist/lib/database-config.js.map +1 -1
- package/dist/lib/database-connection-manager.d.ts +42 -2
- package/dist/lib/database-connection-manager.d.ts.map +1 -1
- package/dist/lib/database-connection-manager.js +178 -74
- package/dist/lib/database-connection-manager.js.map +1 -1
- package/dist/lib/database-monitor.d.ts +1 -1
- package/dist/lib/database-monitor.d.ts.map +1 -1
- package/dist/lib/database-monitor.js +5 -9
- package/dist/lib/database-monitor.js.map +1 -1
- package/dist/lib/database-rate-limiter.d.ts +1 -1
- package/dist/lib/database-rate-limiter.d.ts.map +1 -1
- package/dist/lib/database-rate-limiter.js +3 -7
- package/dist/lib/database-rate-limiter.js.map +1 -1
- package/dist/lib/database-wrapper-helper.d.ts +2 -2
- package/dist/lib/database-wrapper-helper.d.ts.map +1 -1
- package/dist/lib/database-wrapper-helper.js +7 -11
- package/dist/lib/database-wrapper-helper.js.map +1 -1
- package/dist/lib/database-wrapper.d.ts +1 -1
- package/dist/lib/database-wrapper.d.ts.map +1 -1
- package/dist/lib/database-wrapper.js +5 -9
- package/dist/lib/database-wrapper.js.map +1 -1
- package/dist/lib/db-query-helper.d.ts +3 -3
- package/dist/lib/db-query-helper.d.ts.map +1 -1
- package/dist/lib/db-query-helper.js +4 -9
- package/dist/lib/db-query-helper.js.map +1 -1
- package/dist/lib/discovery-exposure.d.ts +42 -0
- package/dist/lib/discovery-exposure.d.ts.map +1 -0
- package/dist/lib/discovery-exposure.js +89 -0
- package/dist/lib/discovery-exposure.js.map +1 -0
- package/dist/lib/discovery-handler.d.ts +6 -6
- package/dist/lib/discovery-handler.d.ts.map +1 -1
- package/dist/lib/discovery-handler.js +10 -43
- package/dist/lib/discovery-handler.js.map +1 -1
- package/dist/lib/domain-reputation-service.d.ts +1 -1
- package/dist/lib/domain-reputation-service.d.ts.map +1 -1
- package/dist/lib/domain-reputation-service.js +12 -15
- package/dist/lib/domain-reputation-service.js.map +1 -1
- package/dist/lib/email-privacy.js +4 -8
- package/dist/lib/email-privacy.js.map +1 -1
- package/dist/lib/email-provider.d.ts +2 -2
- package/dist/lib/email-provider.d.ts.map +1 -1
- package/dist/lib/email-provider.js +8 -16
- package/dist/lib/email-provider.js.map +1 -1
- package/dist/lib/entity-handler.d.ts +5 -6
- package/dist/lib/entity-handler.d.ts.map +1 -1
- package/dist/lib/entity-handler.js +52 -81
- package/dist/lib/entity-handler.js.map +1 -1
- package/dist/lib/entity-relationship-handler.d.ts +9 -9
- package/dist/lib/entity-relationship-handler.d.ts.map +1 -1
- package/dist/lib/entity-relationship-handler.js +14 -51
- package/dist/lib/entity-relationship-handler.js.map +1 -1
- package/dist/lib/entity-tagging-errors.js +4 -11
- package/dist/lib/entity-tagging-errors.js.map +1 -1
- package/dist/lib/entity-tagging-validator.d.ts +3 -3
- package/dist/lib/entity-tagging-validator.d.ts.map +1 -1
- package/dist/lib/entity-tagging-validator.js +6 -11
- package/dist/lib/entity-tagging-validator.js.map +1 -1
- package/dist/lib/exif-stripper.js +1 -4
- package/dist/lib/exif-stripper.js.map +1 -1
- package/dist/lib/extension-context.d.ts +2 -2
- package/dist/lib/extension-context.d.ts.map +1 -1
- package/dist/lib/extension-context.js +1 -4
- package/dist/lib/extension-context.js.map +1 -1
- package/dist/lib/extension-route-wrapper.d.ts +1 -1
- package/dist/lib/extension-route-wrapper.d.ts.map +1 -1
- package/dist/lib/extension-route-wrapper.js +17 -55
- package/dist/lib/extension-route-wrapper.js.map +1 -1
- package/dist/lib/extension-validator.js +3 -6
- package/dist/lib/extension-validator.js.map +1 -1
- package/dist/lib/feature-flags.d.ts +5 -2
- package/dist/lib/feature-flags.d.ts.map +1 -1
- package/dist/lib/feature-flags.js +15 -48
- package/dist/lib/feature-flags.js.map +1 -1
- package/dist/lib/feature-toggle-global-client.d.ts +6 -0
- package/dist/lib/feature-toggle-global-client.d.ts.map +1 -0
- package/dist/lib/feature-toggle-global-client.js +73 -0
- package/dist/lib/feature-toggle-global-client.js.map +1 -0
- package/dist/lib/feature-toggle-service.d.ts +137 -27
- package/dist/lib/feature-toggle-service.d.ts.map +1 -1
- package/dist/lib/feature-toggle-service.js +302 -119
- package/dist/lib/feature-toggle-service.js.map +1 -1
- package/dist/lib/feed-handler.d.ts +8 -8
- package/dist/lib/feed-handler.d.ts.map +1 -1
- package/dist/lib/feed-handler.js +33 -62
- package/dist/lib/feed-handler.js.map +1 -1
- package/dist/lib/feed-pagination.d.ts +26 -0
- package/dist/lib/feed-pagination.d.ts.map +1 -1
- package/dist/lib/feed-pagination.js +31 -11
- package/dist/lib/feed-pagination.js.map +1 -1
- package/dist/lib/feed-personalization.d.ts +1 -1
- package/dist/lib/feed-personalization.d.ts.map +1 -1
- package/dist/lib/feed-personalization.js +6 -43
- package/dist/lib/feed-personalization.js.map +1 -1
- package/dist/lib/followers-events.js +8 -13
- package/dist/lib/followers-events.js.map +1 -1
- package/dist/lib/friends-handler.d.ts +2 -2
- package/dist/lib/friends-handler.d.ts.map +1 -1
- package/dist/lib/friends-handler.js +9 -46
- package/dist/lib/friends-handler.js.map +1 -1
- package/dist/lib/geo/entity-geo-repository.d.ts +67 -0
- package/dist/lib/geo/entity-geo-repository.d.ts.map +1 -0
- package/dist/lib/geo/entity-geo-repository.js +91 -0
- package/dist/lib/geo/entity-geo-repository.js.map +1 -0
- package/dist/lib/graph/errors.d.ts.map +1 -1
- package/dist/lib/graph/errors.js +13 -18
- package/dist/lib/graph/errors.js.map +1 -1
- package/dist/lib/graph/graph-factory.d.ts +12 -53
- package/dist/lib/graph/graph-factory.d.ts.map +1 -1
- package/dist/lib/graph/graph-factory.js +67 -162
- package/dist/lib/graph/graph-factory.js.map +1 -1
- package/dist/lib/graph/graph-service.d.ts +1 -1
- package/dist/lib/graph/graph-service.d.ts.map +1 -1
- package/dist/lib/graph/graph-service.js +1 -2
- package/dist/lib/graph/graph-service.js.map +1 -1
- package/dist/lib/graph/index.d.ts +10 -14
- package/dist/lib/graph/index.d.ts.map +1 -1
- package/dist/lib/graph/index.js +12 -46
- package/dist/lib/graph/index.js.map +1 -1
- package/dist/lib/graph/postgres/_shared.d.ts +18 -0
- package/dist/lib/graph/postgres/_shared.d.ts.map +1 -0
- package/dist/lib/graph/postgres/_shared.js +24 -0
- package/dist/lib/graph/postgres/_shared.js.map +1 -0
- package/dist/lib/graph/postgres/circles.d.ts +66 -0
- package/dist/lib/graph/postgres/circles.d.ts.map +1 -0
- package/dist/lib/graph/postgres/circles.js +513 -0
- package/dist/lib/graph/postgres/circles.js.map +1 -0
- package/dist/lib/graph/postgres/discovery.d.ts +165 -0
- package/dist/lib/graph/postgres/discovery.d.ts.map +1 -0
- package/dist/lib/graph/postgres/discovery.js +579 -0
- package/dist/lib/graph/postgres/discovery.js.map +1 -0
- package/dist/lib/graph/postgres/entity-relationships.d.ts +53 -0
- package/dist/lib/graph/postgres/entity-relationships.d.ts.map +1 -0
- package/dist/lib/graph/postgres/entity-relationships.js +304 -0
- package/dist/lib/graph/postgres/entity-relationships.js.map +1 -0
- package/dist/lib/graph/postgres/interaction-events.d.ts +106 -0
- package/dist/lib/graph/postgres/interaction-events.d.ts.map +1 -0
- package/dist/lib/graph/postgres/interaction-events.js +162 -0
- package/dist/lib/graph/postgres/interaction-events.js.map +1 -0
- package/dist/lib/graph/postgres/postgres-graph-service.d.ts +74 -0
- package/dist/lib/graph/postgres/postgres-graph-service.d.ts.map +1 -0
- package/dist/lib/graph/postgres/postgres-graph-service.js +167 -0
- package/dist/lib/graph/postgres/postgres-graph-service.js.map +1 -0
- package/dist/lib/graph/postgres/relationships.d.ts +58 -0
- package/dist/lib/graph/postgres/relationships.d.ts.map +1 -0
- package/dist/lib/graph/postgres/relationships.js +314 -0
- package/dist/lib/graph/postgres/relationships.js.map +1 -0
- package/dist/lib/graph/postgres/scoring.d.ts +74 -0
- package/dist/lib/graph/postgres/scoring.d.ts.map +1 -0
- package/dist/lib/graph/postgres/scoring.js +297 -0
- package/dist/lib/graph/postgres/scoring.js.map +1 -0
- package/dist/lib/graph/postgres/sync.d.ts +149 -0
- package/dist/lib/graph/postgres/sync.d.ts.map +1 -0
- package/dist/lib/graph/postgres/sync.js +269 -0
- package/dist/lib/graph/postgres/sync.js.map +1 -0
- package/dist/lib/graph/scoring-engine.d.ts +7 -1
- package/dist/lib/graph/scoring-engine.d.ts.map +1 -1
- package/dist/lib/graph/scoring-engine.js +29 -35
- package/dist/lib/graph/scoring-engine.js.map +1 -1
- package/dist/lib/graph/types.d.ts +18 -1
- package/dist/lib/graph/types.d.ts.map +1 -1
- package/dist/lib/graph/types.js +1 -2
- package/dist/lib/graph/types.js.map +1 -1
- package/dist/lib/hook-dispatcher.d.ts +1 -1
- package/dist/lib/hook-dispatcher.d.ts.map +1 -1
- package/dist/lib/hook-dispatcher.js +8 -12
- package/dist/lib/hook-dispatcher.js.map +1 -1
- package/dist/lib/input-sanitizer.js +1 -5
- package/dist/lib/input-sanitizer.js.map +1 -1
- package/dist/lib/internal-docs-handler.d.ts +2 -2
- package/dist/lib/internal-docs-handler.d.ts.map +1 -1
- package/dist/lib/internal-docs-handler.js +20 -28
- package/dist/lib/internal-docs-handler.js.map +1 -1
- package/dist/lib/internal-docs-navigation.js +2 -6
- package/dist/lib/internal-docs-navigation.js.map +1 -1
- package/dist/lib/invitation-handler.d.ts +2 -2
- package/dist/lib/invitation-handler.d.ts.map +1 -1
- package/dist/lib/invitation-handler.js +41 -82
- package/dist/lib/invitation-handler.js.map +1 -1
- package/dist/lib/ip-scrubber.js +3 -8
- package/dist/lib/ip-scrubber.js.map +1 -1
- package/dist/lib/link-security-handler.d.ts +3 -2
- package/dist/lib/link-security-handler.d.ts.map +1 -1
- package/dist/lib/link-security-handler.js +8 -44
- package/dist/lib/link-security-handler.js.map +1 -1
- package/dist/lib/logger.d.ts +31 -82
- package/dist/lib/logger.d.ts.map +1 -1
- package/dist/lib/logger.js +43 -185
- package/dist/lib/logger.js.map +1 -1
- package/dist/lib/media-cleanup-handler.d.ts +2 -2
- package/dist/lib/media-cleanup-handler.d.ts.map +1 -1
- package/dist/lib/media-cleanup-handler.js +7 -11
- package/dist/lib/media-cleanup-handler.js.map +1 -1
- package/dist/lib/media-handler.d.ts +1 -1
- package/dist/lib/media-handler.d.ts.map +1 -1
- package/dist/lib/media-handler.js +36 -73
- package/dist/lib/media-handler.js.map +1 -1
- package/dist/lib/media-metadata-extractor.d.ts +1 -1
- package/dist/lib/media-metadata-extractor.d.ts.map +1 -1
- package/dist/lib/media-metadata-extractor.js +3 -7
- package/dist/lib/media-metadata-extractor.js.map +1 -1
- package/dist/lib/media-metrics.d.ts +2 -2
- package/dist/lib/media-metrics.d.ts.map +1 -1
- package/dist/lib/media-metrics.js +3 -7
- package/dist/lib/media-metrics.js.map +1 -1
- package/dist/lib/metadata/index.d.ts +5 -5
- package/dist/lib/metadata/index.d.ts.map +1 -1
- package/dist/lib/metadata/index.js +5 -21
- package/dist/lib/metadata/index.js.map +1 -1
- package/dist/lib/metadata/metadata-config.js +2 -5
- package/dist/lib/metadata/metadata-config.js.map +1 -1
- package/dist/lib/metadata/metadata-errors.js +2 -7
- package/dist/lib/metadata/metadata-errors.js.map +1 -1
- package/dist/lib/metadata/metadata-extractor.d.ts +1 -1
- package/dist/lib/metadata/metadata-extractor.d.ts.map +1 -1
- package/dist/lib/metadata/metadata-extractor.js +42 -82
- package/dist/lib/metadata/metadata-extractor.js.map +1 -1
- package/dist/lib/metadata/metadata-sanitizer.js +17 -24
- package/dist/lib/metadata/metadata-sanitizer.js.map +1 -1
- package/dist/lib/metadata/metadata-schemas.d.ts +16 -100
- package/dist/lib/metadata/metadata-schemas.d.ts.map +1 -1
- package/dist/lib/metadata/metadata-schemas.js +31 -34
- package/dist/lib/metadata/metadata-schemas.js.map +1 -1
- package/dist/lib/mfa/mfa-handler.d.ts +1 -1
- package/dist/lib/mfa/mfa-handler.d.ts.map +1 -1
- package/dist/lib/mfa/mfa-handler.js +13 -17
- package/dist/lib/mfa/mfa-handler.js.map +1 -1
- package/dist/lib/mfa/totp-service.js +8 -18
- package/dist/lib/mfa/totp-service.js.map +1 -1
- package/dist/lib/middleware/comment-rate-limit.d.ts +1 -1
- package/dist/lib/middleware/comment-rate-limit.d.ts.map +1 -1
- package/dist/lib/middleware/comment-rate-limit.js +7 -10
- package/dist/lib/middleware/comment-rate-limit.js.map +1 -1
- package/dist/lib/middleware/feature-toggle-rate-limit.d.ts +1 -1
- package/dist/lib/middleware/feature-toggle-rate-limit.d.ts.map +1 -1
- package/dist/lib/middleware/feature-toggle-rate-limit.js +8 -13
- package/dist/lib/middleware/feature-toggle-rate-limit.js.map +1 -1
- package/dist/lib/middleware/idempotency-store.js +20 -26
- package/dist/lib/middleware/idempotency-store.js.map +1 -1
- package/dist/lib/middleware/idempotency.d.ts +2 -2
- package/dist/lib/middleware/idempotency.d.ts.map +1 -1
- package/dist/lib/middleware/idempotency.js +12 -50
- package/dist/lib/middleware/idempotency.js.map +1 -1
- package/dist/lib/middleware.d.ts +22 -9
- package/dist/lib/middleware.d.ts.map +1 -1
- package/dist/lib/middleware.js +72 -153
- package/dist/lib/middleware.js.map +1 -1
- package/dist/lib/moderation-handler.d.ts +1 -1
- package/dist/lib/moderation-handler.d.ts.map +1 -1
- package/dist/lib/moderation-handler.js +15 -54
- package/dist/lib/moderation-handler.js.map +1 -1
- package/dist/lib/net/trusted-client-ip.d.ts +8 -30
- package/dist/lib/net/trusted-client-ip.d.ts.map +1 -1
- package/dist/lib/net/trusted-client-ip.js +13 -94
- package/dist/lib/net/trusted-client-ip.js.map +1 -1
- package/dist/lib/notification-handler.d.ts +1 -1
- package/dist/lib/notification-handler.d.ts.map +1 -1
- package/dist/lib/notification-handler.js +10 -15
- package/dist/lib/notification-handler.js.map +1 -1
- package/dist/lib/notification-preferences-handler.d.ts +1 -1
- package/dist/lib/notification-preferences-handler.d.ts.map +1 -1
- package/dist/lib/notification-preferences-handler.js +7 -11
- package/dist/lib/notification-preferences-handler.js.map +1 -1
- package/dist/lib/oauth/cognito-issuer.d.ts +1 -1
- package/dist/lib/oauth/cognito-issuer.d.ts.map +1 -1
- package/dist/lib/oauth/cognito-issuer.js +5 -10
- package/dist/lib/oauth/cognito-issuer.js.map +1 -1
- package/dist/lib/oauth/device-authorization.d.ts +1 -1
- package/dist/lib/oauth/device-authorization.d.ts.map +1 -1
- package/dist/lib/oauth/device-authorization.js +62 -77
- package/dist/lib/oauth/device-authorization.js.map +1 -1
- package/dist/lib/oauth/envelope-crypto.d.ts +2 -2
- package/dist/lib/oauth/envelope-crypto.js +22 -34
- package/dist/lib/oauth/envelope-crypto.js.map +1 -1
- package/dist/lib/oauth/refresh-detection.js +42 -52
- package/dist/lib/oauth/refresh-detection.js.map +1 -1
- package/dist/lib/openai-budget.d.ts.map +1 -1
- package/dist/lib/openai-budget.js +7 -44
- package/dist/lib/openai-budget.js.map +1 -1
- package/dist/lib/openapi/generator.d.ts +1 -1
- package/dist/lib/openapi/generator.d.ts.map +1 -1
- package/dist/lib/openapi/generator.js +2 -6
- package/dist/lib/openapi/generator.js.map +1 -1
- package/dist/lib/orphaned-media-handler.d.ts +1 -1
- package/dist/lib/orphaned-media-handler.d.ts.map +1 -1
- package/dist/lib/orphaned-media-handler.js +9 -46
- package/dist/lib/orphaned-media-handler.js.map +1 -1
- package/dist/lib/parental-control-handler.d.ts +2 -2
- package/dist/lib/parental-control-handler.d.ts.map +1 -1
- package/dist/lib/parental-control-handler.js +18 -55
- package/dist/lib/parental-control-handler.js.map +1 -1
- package/dist/lib/parental-link-handler.d.ts +8 -8
- package/dist/lib/parental-link-handler.d.ts.map +1 -1
- package/dist/lib/parental-link-handler.js +10 -14
- package/dist/lib/parental-link-handler.js.map +1 -1
- package/dist/lib/performance-metrics.d.ts +1 -1
- package/dist/lib/performance-metrics.d.ts.map +1 -1
- package/dist/lib/performance-metrics.js +3 -6
- package/dist/lib/performance-metrics.js.map +1 -1
- package/dist/lib/post-handler.d.ts +9 -9
- package/dist/lib/post-handler.d.ts.map +1 -1
- package/dist/lib/post-handler.js +67 -101
- package/dist/lib/post-handler.js.map +1 -1
- package/dist/lib/privacy-defaults.js +3 -8
- package/dist/lib/privacy-defaults.js.map +1 -1
- package/dist/lib/privacy-handler.d.ts +2 -2
- package/dist/lib/privacy-handler.d.ts.map +1 -1
- package/dist/lib/privacy-handler.js +6 -10
- package/dist/lib/privacy-handler.js.map +1 -1
- package/dist/lib/pseudonym.d.ts +56 -0
- package/dist/lib/pseudonym.d.ts.map +1 -0
- package/dist/lib/pseudonym.js +85 -0
- package/dist/lib/pseudonym.js.map +1 -0
- package/dist/lib/queue-consumers/media-reconciliation-consumer.d.ts +2 -2
- package/dist/lib/queue-consumers/media-reconciliation-consumer.d.ts.map +1 -1
- package/dist/lib/queue-consumers/media-reconciliation-consumer.js +5 -8
- package/dist/lib/queue-consumers/media-reconciliation-consumer.js.map +1 -1
- package/dist/lib/quiet-hours.js +2 -6
- package/dist/lib/quiet-hours.js.map +1 -1
- package/dist/lib/rate-limit.d.ts +58 -47
- package/dist/lib/rate-limit.d.ts.map +1 -1
- package/dist/lib/rate-limit.js +168 -157
- package/dist/lib/rate-limit.js.map +1 -1
- package/dist/lib/reaction-handler.d.ts +10 -10
- package/dist/lib/reaction-handler.d.ts.map +1 -1
- package/dist/lib/reaction-handler.js +44 -80
- package/dist/lib/reaction-handler.js.map +1 -1
- package/dist/lib/recaptcha.js +6 -9
- package/dist/lib/recaptcha.js.map +1 -1
- package/dist/lib/redirect-resolver.d.ts +2 -2
- package/dist/lib/redirect-resolver.d.ts.map +1 -1
- package/dist/lib/redirect-resolver.js +5 -9
- package/dist/lib/redirect-resolver.js.map +1 -1
- package/dist/lib/region-config.d.ts +3 -3
- package/dist/lib/region-config.d.ts.map +1 -1
- package/dist/lib/region-config.js +15 -58
- package/dist/lib/region-config.js.map +1 -1
- package/dist/lib/region-detection.d.ts +55 -24
- package/dist/lib/region-detection.d.ts.map +1 -1
- package/dist/lib/region-detection.js +140 -199
- package/dist/lib/region-detection.js.map +1 -1
- package/dist/lib/region-registry.d.ts +49 -0
- package/dist/lib/region-registry.d.ts.map +1 -0
- package/dist/lib/region-registry.js +112 -0
- package/dist/lib/region-registry.js.map +1 -0
- package/dist/lib/relationship-handler.d.ts +9 -9
- package/dist/lib/relationship-handler.d.ts.map +1 -1
- package/dist/lib/relationship-handler.js +12 -49
- package/dist/lib/relationship-handler.js.map +1 -1
- package/dist/lib/request-context.d.ts +16 -16
- package/dist/lib/request-context.d.ts.map +1 -1
- package/dist/lib/request-context.js +14 -22
- package/dist/lib/request-context.js.map +1 -1
- package/dist/lib/route-helpers.d.ts +3 -4
- package/dist/lib/route-helpers.d.ts.map +1 -1
- package/dist/lib/route-helpers.js +20 -75
- package/dist/lib/route-helpers.js.map +1 -1
- package/dist/lib/routes/activitypub/actor.d.ts +1 -1
- package/dist/lib/routes/activitypub/actor.d.ts.map +1 -1
- package/dist/lib/routes/activitypub/actor.js +20 -23
- package/dist/lib/routes/activitypub/actor.js.map +1 -1
- package/dist/lib/routes/activitypub/audiences.d.ts +1 -1
- package/dist/lib/routes/activitypub/audiences.d.ts.map +1 -1
- package/dist/lib/routes/activitypub/audiences.js +76 -80
- package/dist/lib/routes/activitypub/audiences.js.map +1 -1
- package/dist/lib/routes/activitypub/collections.d.ts +1 -1
- package/dist/lib/routes/activitypub/collections.d.ts.map +1 -1
- package/dist/lib/routes/activitypub/collections.js +24 -26
- package/dist/lib/routes/activitypub/collections.js.map +1 -1
- package/dist/lib/routes/activitypub/entity-profile.d.ts +1 -1
- package/dist/lib/routes/activitypub/entity-profile.d.ts.map +1 -1
- package/dist/lib/routes/activitypub/entity-profile.js +36 -39
- package/dist/lib/routes/activitypub/entity-profile.js.map +1 -1
- package/dist/lib/routes/activitypub/friends.d.ts +1 -1
- package/dist/lib/routes/activitypub/friends.d.ts.map +1 -1
- package/dist/lib/routes/activitypub/friends.js +9 -12
- package/dist/lib/routes/activitypub/friends.js.map +1 -1
- package/dist/lib/routes/activitypub/group.d.ts +1 -1
- package/dist/lib/routes/activitypub/group.d.ts.map +1 -1
- package/dist/lib/routes/activitypub/group.js +91 -94
- package/dist/lib/routes/activitypub/group.js.map +1 -1
- package/dist/lib/routes/activitypub/inbox.d.ts +1 -1
- package/dist/lib/routes/activitypub/inbox.d.ts.map +1 -1
- package/dist/lib/routes/activitypub/inbox.js +30 -33
- package/dist/lib/routes/activitypub/inbox.js.map +1 -1
- package/dist/lib/routes/activitypub/messages.d.ts +1 -1
- package/dist/lib/routes/activitypub/messages.d.ts.map +1 -1
- package/dist/lib/routes/activitypub/messages.js +79 -83
- package/dist/lib/routes/activitypub/messages.js.map +1 -1
- package/dist/lib/routes/activitypub/outbox.d.ts +1 -1
- package/dist/lib/routes/activitypub/outbox.d.ts.map +1 -1
- package/dist/lib/routes/activitypub/outbox.js +9 -12
- package/dist/lib/routes/activitypub/outbox.js.map +1 -1
- package/dist/lib/routes/activitypub/post.d.ts +1 -1
- package/dist/lib/routes/activitypub/post.d.ts.map +1 -1
- package/dist/lib/routes/activitypub/post.js +32 -35
- package/dist/lib/routes/activitypub/post.js.map +1 -1
- package/dist/lib/routes/activitypub/webfinger.d.ts +1 -1
- package/dist/lib/routes/activitypub/webfinger.d.ts.map +1 -1
- package/dist/lib/routes/activitypub/webfinger.js +5 -8
- package/dist/lib/routes/activitypub/webfinger.js.map +1 -1
- package/dist/lib/routes/admin-costs.d.ts +1 -1
- package/dist/lib/routes/admin-costs.d.ts.map +1 -1
- package/dist/lib/routes/admin-costs.js +22 -26
- package/dist/lib/routes/admin-costs.js.map +1 -1
- package/dist/lib/routes/admin.d.ts +1 -1
- package/dist/lib/routes/admin.d.ts.map +1 -1
- package/dist/lib/routes/admin.js +290 -269
- package/dist/lib/routes/admin.js.map +1 -1
- package/dist/lib/routes/agent-authorize.d.ts +5 -5
- package/dist/lib/routes/agent-authorize.d.ts.map +1 -1
- package/dist/lib/routes/agent-authorize.js +68 -74
- package/dist/lib/routes/agent-authorize.js.map +1 -1
- package/dist/lib/routes/agent-sessions.d.ts +4 -4
- package/dist/lib/routes/agent-sessions.d.ts.map +1 -1
- package/dist/lib/routes/agent-sessions.js +30 -35
- package/dist/lib/routes/agent-sessions.js.map +1 -1
- package/dist/lib/routes/agent-surface.d.ts +2 -2
- package/dist/lib/routes/agent-surface.d.ts.map +1 -1
- package/dist/lib/routes/agent-surface.js +20 -24
- package/dist/lib/routes/agent-surface.js.map +1 -1
- package/dist/lib/routes/auth-discover.d.ts +1 -1
- package/dist/lib/routes/auth-discover.d.ts.map +1 -1
- package/dist/lib/routes/auth-discover.js +20 -56
- package/dist/lib/routes/auth-discover.js.map +1 -1
- package/dist/lib/routes/auth.d.ts +1 -1
- package/dist/lib/routes/auth.d.ts.map +1 -1
- package/dist/lib/routes/auth.js +13 -16
- package/dist/lib/routes/auth.js.map +1 -1
- package/dist/lib/routes/badges.d.ts +1 -1
- package/dist/lib/routes/badges.d.ts.map +1 -1
- package/dist/lib/routes/badges.js +20 -23
- package/dist/lib/routes/badges.js.map +1 -1
- package/dist/lib/routes/circles.d.ts +1 -1
- package/dist/lib/routes/circles.d.ts.map +1 -1
- package/dist/lib/routes/circles.js +40 -44
- package/dist/lib/routes/circles.js.map +1 -1
- package/dist/lib/routes/comments.d.ts +1 -1
- package/dist/lib/routes/comments.d.ts.map +1 -1
- package/dist/lib/routes/comments.js +67 -71
- package/dist/lib/routes/comments.js.map +1 -1
- package/dist/lib/routes/connection-codes.d.ts +1 -1
- package/dist/lib/routes/connection-codes.d.ts.map +1 -1
- package/dist/lib/routes/connection-codes.js +30 -34
- package/dist/lib/routes/connection-codes.js.map +1 -1
- package/dist/lib/routes/content-discovery.d.ts +1 -1
- package/dist/lib/routes/content-discovery.d.ts.map +1 -1
- package/dist/lib/routes/content-discovery.js +31 -34
- package/dist/lib/routes/content-discovery.js.map +1 -1
- package/dist/lib/routes/dashboard.d.ts +1 -1
- package/dist/lib/routes/dashboard.d.ts.map +1 -1
- package/dist/lib/routes/dashboard.js +251 -288
- package/dist/lib/routes/dashboard.js.map +1 -1
- package/dist/lib/routes/deletion.d.ts +1 -1
- package/dist/lib/routes/deletion.d.ts.map +1 -1
- package/dist/lib/routes/deletion.js +37 -74
- package/dist/lib/routes/deletion.js.map +1 -1
- package/dist/lib/routes/discovery.d.ts +1 -1
- package/dist/lib/routes/discovery.d.ts.map +1 -1
- package/dist/lib/routes/discovery.js +20 -24
- package/dist/lib/routes/discovery.js.map +1 -1
- package/dist/lib/routes/employees.d.ts +1 -1
- package/dist/lib/routes/employees.d.ts.map +1 -1
- package/dist/lib/routes/employees.js +15 -52
- package/dist/lib/routes/employees.js.map +1 -1
- package/dist/lib/routes/entities.d.ts +1 -1
- package/dist/lib/routes/entities.d.ts.map +1 -1
- package/dist/lib/routes/entities.js +133 -137
- package/dist/lib/routes/entities.js.map +1 -1
- package/dist/lib/routes/entity-relationships.d.ts +1 -1
- package/dist/lib/routes/entity-relationships.d.ts.map +1 -1
- package/dist/lib/routes/entity-relationships.js +35 -39
- package/dist/lib/routes/entity-relationships.js.map +1 -1
- package/dist/lib/routes/errors.d.ts +1 -1
- package/dist/lib/routes/errors.d.ts.map +1 -1
- package/dist/lib/routes/errors.js +4 -10
- package/dist/lib/routes/errors.js.map +1 -1
- package/dist/lib/routes/export.d.ts +1 -1
- package/dist/lib/routes/export.d.ts.map +1 -1
- package/dist/lib/routes/export.js +31 -35
- package/dist/lib/routes/export.js.map +1 -1
- package/dist/lib/routes/feature-flags.d.ts +1 -1
- package/dist/lib/routes/feature-flags.d.ts.map +1 -1
- package/dist/lib/routes/feature-flags.js +20 -23
- package/dist/lib/routes/feature-flags.js.map +1 -1
- package/dist/lib/routes/feeds.d.ts +1 -1
- package/dist/lib/routes/feeds.d.ts.map +1 -1
- package/dist/lib/routes/feeds.js +42 -46
- package/dist/lib/routes/feeds.js.map +1 -1
- package/dist/lib/routes/friends.d.ts +1 -1
- package/dist/lib/routes/friends.d.ts.map +1 -1
- package/dist/lib/routes/friends.js +35 -39
- package/dist/lib/routes/friends.js.map +1 -1
- package/dist/lib/routes/health.d.ts +1 -1
- package/dist/lib/routes/health.d.ts.map +1 -1
- package/dist/lib/routes/health.js +23 -27
- package/dist/lib/routes/health.js.map +1 -1
- package/dist/lib/routes/index.d.ts +2 -7
- package/dist/lib/routes/index.d.ts.map +1 -1
- package/dist/lib/routes/index.js +137 -158
- package/dist/lib/routes/index.js.map +1 -1
- package/dist/lib/routes/internal-docs.d.ts +1 -1
- package/dist/lib/routes/internal-docs.d.ts.map +1 -1
- package/dist/lib/routes/internal-docs.js +13 -16
- package/dist/lib/routes/internal-docs.js.map +1 -1
- package/dist/lib/routes/invitations.d.ts +1 -1
- package/dist/lib/routes/invitations.d.ts.map +1 -1
- package/dist/lib/routes/invitations.js +19 -22
- package/dist/lib/routes/invitations.js.map +1 -1
- package/dist/lib/routes/link-reports.d.ts +2 -2
- package/dist/lib/routes/link-reports.d.ts.map +1 -1
- package/dist/lib/routes/link-reports.js +86 -48
- package/dist/lib/routes/link-reports.js.map +1 -1
- package/dist/lib/routes/map.d.ts +1 -1
- package/dist/lib/routes/map.d.ts.map +1 -1
- package/dist/lib/routes/map.js +5 -8
- package/dist/lib/routes/map.js.map +1 -1
- package/dist/lib/routes/media-metadata-visibility.d.ts +1 -1
- package/dist/lib/routes/media-metadata-visibility.d.ts.map +1 -1
- package/dist/lib/routes/media-metadata-visibility.js +30 -67
- package/dist/lib/routes/media-metadata-visibility.js.map +1 -1
- package/dist/lib/routes/media.d.ts +1 -1
- package/dist/lib/routes/media.d.ts.map +1 -1
- package/dist/lib/routes/media.js +156 -193
- package/dist/lib/routes/media.js.map +1 -1
- package/dist/lib/routes/mfa.d.ts +1 -1
- package/dist/lib/routes/mfa.d.ts.map +1 -1
- package/dist/lib/routes/mfa.js +60 -64
- package/dist/lib/routes/mfa.js.map +1 -1
- package/dist/lib/routes/notifications.d.ts +1 -1
- package/dist/lib/routes/notifications.d.ts.map +1 -1
- package/dist/lib/routes/notifications.js +68 -72
- package/dist/lib/routes/notifications.js.map +1 -1
- package/dist/lib/routes/oauth.d.ts +1 -1
- package/dist/lib/routes/oauth.d.ts.map +1 -1
- package/dist/lib/routes/oauth.js +20 -23
- package/dist/lib/routes/oauth.js.map +1 -1
- package/dist/lib/routes/orphaned-media-health.d.ts +1 -1
- package/dist/lib/routes/orphaned-media-health.d.ts.map +1 -1
- package/dist/lib/routes/orphaned-media-health.js +10 -13
- package/dist/lib/routes/orphaned-media-health.js.map +1 -1
- package/dist/lib/routes/orphaned-media.d.ts +1 -1
- package/dist/lib/routes/orphaned-media.d.ts.map +1 -1
- package/dist/lib/routes/orphaned-media.js +20 -57
- package/dist/lib/routes/orphaned-media.js.map +1 -1
- package/dist/lib/routes/out.d.ts +1 -1
- package/dist/lib/routes/out.d.ts.map +1 -1
- package/dist/lib/routes/out.js +21 -24
- package/dist/lib/routes/out.js.map +1 -1
- package/dist/lib/routes/parental-controls.d.ts +1 -1
- package/dist/lib/routes/parental-controls.d.ts.map +1 -1
- package/dist/lib/routes/parental-controls.js +91 -95
- package/dist/lib/routes/parental-controls.js.map +1 -1
- package/dist/lib/routes/posts.d.ts +1 -1
- package/dist/lib/routes/posts.d.ts.map +1 -1
- package/dist/lib/routes/posts.js +101 -105
- package/dist/lib/routes/posts.js.map +1 -1
- package/dist/lib/routes/privacy.d.ts +1 -1
- package/dist/lib/routes/privacy.d.ts.map +1 -1
- package/dist/lib/routes/privacy.js +21 -25
- package/dist/lib/routes/privacy.js.map +1 -1
- package/dist/lib/routes/products.d.ts +1 -1
- package/dist/lib/routes/products.d.ts.map +1 -1
- package/dist/lib/routes/products.js +44 -48
- package/dist/lib/routes/products.js.map +1 -1
- package/dist/lib/routes/relationships.d.ts +1 -1
- package/dist/lib/routes/relationships.d.ts.map +1 -1
- package/dist/lib/routes/relationships.js +35 -39
- package/dist/lib/routes/relationships.js.map +1 -1
- package/dist/lib/routes/sentiments.d.ts +1 -1
- package/dist/lib/routes/sentiments.d.ts.map +1 -1
- package/dist/lib/routes/sentiments.js +71 -75
- package/dist/lib/routes/sentiments.js.map +1 -1
- package/dist/lib/routes/setup-status.d.ts +1 -1
- package/dist/lib/routes/setup-status.d.ts.map +1 -1
- package/dist/lib/routes/setup-status.js +17 -20
- package/dist/lib/routes/setup-status.js.map +1 -1
- package/dist/lib/routes/taxonomy-analytics.d.ts +1 -1
- package/dist/lib/routes/taxonomy-analytics.d.ts.map +1 -1
- package/dist/lib/routes/taxonomy-analytics.js +29 -33
- package/dist/lib/routes/taxonomy-analytics.js.map +1 -1
- package/dist/lib/routes/taxonomy.d.ts +1 -1
- package/dist/lib/routes/taxonomy.d.ts.map +1 -1
- package/dist/lib/routes/taxonomy.js +48 -51
- package/dist/lib/routes/taxonomy.js.map +1 -1
- package/dist/lib/routes/tenant-audit.d.ts +1 -1
- package/dist/lib/routes/tenant-audit.d.ts.map +1 -1
- package/dist/lib/routes/tenant-audit.js +35 -92
- package/dist/lib/routes/tenant-audit.js.map +1 -1
- package/dist/lib/routes/tenant-compliance.d.ts +1 -1
- package/dist/lib/routes/tenant-compliance.d.ts.map +1 -1
- package/dist/lib/routes/tenant-compliance.js +16 -52
- package/dist/lib/routes/tenant-compliance.js.map +1 -1
- package/dist/lib/routes/tenant-domains.d.ts +1 -1
- package/dist/lib/routes/tenant-domains.d.ts.map +1 -1
- package/dist/lib/routes/tenant-domains.js +27 -30
- package/dist/lib/routes/tenant-domains.js.map +1 -1
- package/dist/lib/routes/tenant-idp.d.ts +1 -1
- package/dist/lib/routes/tenant-idp.d.ts.map +1 -1
- package/dist/lib/routes/tenant-idp.js +27 -30
- package/dist/lib/routes/tenant-idp.js.map +1 -1
- package/dist/lib/routes/tenant-members.d.ts +1 -1
- package/dist/lib/routes/tenant-members.d.ts.map +1 -1
- package/dist/lib/routes/tenant-members.js +21 -24
- package/dist/lib/routes/tenant-members.js.map +1 -1
- package/dist/lib/routes/tenant-role-mappings.d.ts +1 -1
- package/dist/lib/routes/tenant-role-mappings.d.ts.map +1 -1
- package/dist/lib/routes/tenant-role-mappings.js +27 -30
- package/dist/lib/routes/tenant-role-mappings.js.map +1 -1
- package/dist/lib/routes/tenants.d.ts +1 -1
- package/dist/lib/routes/tenants.d.ts.map +1 -1
- package/dist/lib/routes/tenants.js +37 -40
- package/dist/lib/routes/tenants.js.map +1 -1
- package/dist/lib/routes/types.d.ts +10 -5
- package/dist/lib/routes/types.d.ts.map +1 -1
- package/dist/lib/routes/types.js +1 -2
- package/dist/lib/routes/types.js.map +1 -1
- package/dist/lib/routes/upload-sessions.d.ts +1 -1
- package/dist/lib/routes/upload-sessions.d.ts.map +1 -1
- package/dist/lib/routes/upload-sessions.js +57 -94
- package/dist/lib/routes/upload-sessions.js.map +1 -1
- package/dist/lib/routes/user.d.ts +1 -1
- package/dist/lib/routes/user.d.ts.map +1 -1
- package/dist/lib/routes/user.js +137 -85
- package/dist/lib/routes/user.js.map +1 -1
- package/dist/lib/routes.d.ts +2 -2
- package/dist/lib/routes.d.ts.map +1 -1
- package/dist/lib/routes.js +2 -7
- package/dist/lib/routes.js.map +1 -1
- package/dist/lib/scaling-health.d.ts.map +1 -1
- package/dist/lib/scaling-health.js +6 -9
- package/dist/lib/scaling-health.js.map +1 -1
- package/dist/lib/scheduled/media-stale-cleanup.js +5 -8
- package/dist/lib/scheduled/media-stale-cleanup.js.map +1 -1
- package/dist/lib/scheduled/orphaned-media-monitor.d.ts +1 -1
- package/dist/lib/scheduled/orphaned-media-monitor.d.ts.map +1 -1
- package/dist/lib/scheduled/orphaned-media-monitor.js +5 -42
- package/dist/lib/scheduled/orphaned-media-monitor.js.map +1 -1
- package/dist/lib/schemas.d.ts +85 -204
- package/dist/lib/schemas.d.ts.map +1 -1
- package/dist/lib/schemas.js +71 -74
- package/dist/lib/schemas.js.map +1 -1
- package/dist/lib/secrets/idp-secrets.d.ts +1 -1
- package/dist/lib/secrets/idp-secrets.js +13 -19
- package/dist/lib/secrets/idp-secrets.js.map +1 -1
- package/dist/lib/security-event-cleaner.js +1 -5
- package/dist/lib/security-event-cleaner.js.map +1 -1
- package/dist/lib/security-headers.js +1 -5
- package/dist/lib/security-headers.js.map +1 -1
- package/dist/lib/security-monitor.d.ts +4 -2
- package/dist/lib/security-monitor.d.ts.map +1 -1
- package/dist/lib/security-monitor.js +16 -18
- package/dist/lib/security-monitor.js.map +1 -1
- package/dist/lib/sentiment-digest.d.ts +1 -1
- package/dist/lib/sentiment-digest.d.ts.map +1 -1
- package/dist/lib/sentiment-digest.js +5 -8
- package/dist/lib/sentiment-digest.js.map +1 -1
- package/dist/lib/sentiment-display.js +3 -7
- package/dist/lib/sentiment-display.js.map +1 -1
- package/dist/lib/services/image-normalizer.js +1 -5
- package/dist/lib/services/image-normalizer.js.map +1 -1
- package/dist/lib/services/media-reconciliation-service.d.ts +1 -1
- package/dist/lib/services/media-reconciliation-service.d.ts.map +1 -1
- package/dist/lib/services/media-reconciliation-service.js +7 -11
- package/dist/lib/services/media-reconciliation-service.js.map +1 -1
- package/dist/lib/services/media-upload-service.d.ts +1 -1
- package/dist/lib/services/media-upload-service.d.ts.map +1 -1
- package/dist/lib/services/media-upload-service.js +4 -8
- package/dist/lib/services/media-upload-service.js.map +1 -1
- package/dist/lib/services/user-data-deletion.d.ts +45 -2
- package/dist/lib/services/user-data-deletion.d.ts.map +1 -1
- package/dist/lib/services/user-data-deletion.js +87 -9
- package/dist/lib/services/user-data-deletion.js.map +1 -1
- package/dist/lib/session-awareness.js +2 -6
- package/dist/lib/session-awareness.js.map +1 -1
- package/dist/lib/session-config.js +8 -17
- package/dist/lib/session-config.js.map +1 -1
- package/dist/lib/{session-manager.d.ts → session-cookie.d.ts} +58 -15
- package/dist/lib/session-cookie.d.ts.map +1 -0
- package/dist/lib/session-cookie.js +0 -0
- package/dist/lib/session-cookie.js.map +1 -0
- package/dist/lib/signup-metadata.d.ts +129 -0
- package/dist/lib/signup-metadata.d.ts.map +1 -0
- package/dist/lib/signup-metadata.js +127 -0
- package/dist/lib/signup-metadata.js.map +1 -0
- package/dist/lib/sso-auth-handler.js +1 -5
- package/dist/lib/sso-auth-handler.js.map +1 -1
- package/dist/lib/tag-suggestions-handler.d.ts +1 -1
- package/dist/lib/tag-suggestions-handler.d.ts.map +1 -1
- package/dist/lib/tag-suggestions-handler.js +1 -5
- package/dist/lib/tag-suggestions-handler.js.map +1 -1
- package/dist/lib/taxonomy-handler-factory.d.ts +2 -2
- package/dist/lib/taxonomy-handler-factory.d.ts.map +1 -1
- package/dist/lib/taxonomy-handler-factory.js +7 -10
- package/dist/lib/taxonomy-handler-factory.js.map +1 -1
- package/dist/lib/taxonomy-handler.d.ts +2 -2
- package/dist/lib/taxonomy-handler.d.ts.map +1 -1
- package/dist/lib/taxonomy-handler.js +8 -8
- package/dist/lib/taxonomy-handler.js.map +1 -1
- package/dist/lib/taxonomy-metrics.js +5 -9
- package/dist/lib/taxonomy-metrics.js.map +1 -1
- package/dist/lib/taxonomy-search-metrics.d.ts +2 -2
- package/dist/lib/taxonomy-search-metrics.d.ts.map +1 -1
- package/dist/lib/taxonomy-search-metrics.js +3 -7
- package/dist/lib/taxonomy-search-metrics.js.map +1 -1
- package/dist/lib/tenant/audit-emit.d.ts +18 -8
- package/dist/lib/tenant/audit-emit.d.ts.map +1 -1
- package/dist/lib/tenant/audit-emit.js +50 -11
- package/dist/lib/tenant/audit-emit.js.map +1 -1
- package/dist/lib/tenant/derive-domain.js +1 -4
- package/dist/lib/tenant/derive-domain.js.map +1 -1
- package/dist/lib/tenant/domain-handler.d.ts +2 -2
- package/dist/lib/tenant/domain-handler.d.ts.map +1 -1
- package/dist/lib/tenant/domain-handler.js +50 -62
- package/dist/lib/tenant/domain-handler.js.map +1 -1
- package/dist/lib/tenant/domain-validator.d.ts +1 -1
- package/dist/lib/tenant/domain-validator.js +10 -13
- package/dist/lib/tenant/domain-validator.js.map +1 -1
- package/dist/lib/tenant/domain-verifier.d.ts +3 -3
- package/dist/lib/tenant/domain-verifier.js +8 -11
- package/dist/lib/tenant/domain-verifier.js.map +1 -1
- package/dist/lib/tenant/idp-handler.d.ts +4 -4
- package/dist/lib/tenant/idp-handler.d.ts.map +1 -1
- package/dist/lib/tenant/idp-handler.js +45 -82
- package/dist/lib/tenant/idp-handler.js.map +1 -1
- package/dist/lib/tenant/idp-name.js +1 -4
- package/dist/lib/tenant/idp-name.js.map +1 -1
- package/dist/lib/tenant/member-handler.d.ts +2 -2
- package/dist/lib/tenant/member-handler.d.ts.map +1 -1
- package/dist/lib/tenant/member-handler.js +30 -67
- package/dist/lib/tenant/member-handler.js.map +1 -1
- package/dist/lib/tenant/reserved-slugs.d.ts +1 -1
- package/dist/lib/tenant/reserved-slugs.d.ts.map +1 -1
- package/dist/lib/tenant/reserved-slugs.js +8 -14
- package/dist/lib/tenant/reserved-slugs.js.map +1 -1
- package/dist/lib/tenant/resolve-role.js +1 -4
- package/dist/lib/tenant/resolve-role.js.map +1 -1
- package/dist/lib/tenant/role-mapping-handler.d.ts +2 -2
- package/dist/lib/tenant/role-mapping-handler.d.ts.map +1 -1
- package/dist/lib/tenant/role-mapping-handler.js +24 -61
- package/dist/lib/tenant/role-mapping-handler.js.map +1 -1
- package/dist/lib/tenant/setup-status.d.ts +1 -1
- package/dist/lib/tenant/setup-status.d.ts.map +1 -1
- package/dist/lib/tenant/setup-status.js +3 -40
- package/dist/lib/tenant/setup-status.js.map +1 -1
- package/dist/lib/tenant/slug-validator.js +3 -6
- package/dist/lib/tenant/slug-validator.js.map +1 -1
- package/dist/lib/tenant/tenant-handler.d.ts +2 -2
- package/dist/lib/tenant/tenant-handler.d.ts.map +1 -1
- package/dist/lib/tenant/tenant-handler.js +31 -68
- package/dist/lib/tenant/tenant-handler.js.map +1 -1
- package/dist/lib/tenant/transfer-ownership.js +2 -6
- package/dist/lib/tenant/transfer-ownership.js.map +1 -1
- package/dist/lib/tenant-scope.d.ts +97 -0
- package/dist/lib/tenant-scope.d.ts.map +1 -0
- package/dist/lib/tenant-scope.js +270 -0
- package/dist/lib/tenant-scope.js.map +1 -0
- package/dist/lib/terminology.d.ts.map +1 -1
- package/dist/lib/terminology.js +7 -9
- package/dist/lib/terminology.js.map +1 -1
- package/dist/lib/theme.js +2 -6
- package/dist/lib/theme.js.map +1 -1
- package/dist/lib/threat-intel-service.d.ts +2 -2
- package/dist/lib/threat-intel-service.d.ts.map +1 -1
- package/dist/lib/threat-intel-service.js +3 -7
- package/dist/lib/threat-intel-service.js.map +1 -1
- package/dist/lib/types/media-reconciliation.js +1 -2
- package/dist/lib/types/media-reconciliation.js.map +1 -1
- package/dist/lib/upload-session-handler.d.ts +1 -1
- package/dist/lib/upload-session-handler.d.ts.map +1 -1
- package/dist/lib/upload-session-handler.js +13 -50
- package/dist/lib/upload-session-handler.js.map +1 -1
- package/dist/lib/user/derive-handle.d.ts +22 -0
- package/dist/lib/user/derive-handle.d.ts.map +1 -1
- package/dist/lib/user/derive-handle.js +18 -6
- package/dist/lib/user/derive-handle.js.map +1 -1
- package/dist/lib/user-badge.js +6 -14
- package/dist/lib/user-badge.js.map +1 -1
- package/dist/lib/user-deletion-handler-enhanced.d.ts +2 -2
- package/dist/lib/user-deletion-handler-enhanced.d.ts.map +1 -1
- package/dist/lib/user-deletion-handler-enhanced.js +16 -53
- package/dist/lib/user-deletion-handler-enhanced.js.map +1 -1
- package/dist/lib/user-deprovisioning.d.ts +1 -1
- package/dist/lib/user-deprovisioning.d.ts.map +1 -1
- package/dist/lib/user-deprovisioning.js +16 -20
- package/dist/lib/user-deprovisioning.js.map +1 -1
- package/dist/lib/user-export-handler.d.ts +4 -4
- package/dist/lib/user-export-handler.d.ts.map +1 -1
- package/dist/lib/user-export-handler.js +11 -15
- package/dist/lib/user-export-handler.js.map +1 -1
- package/dist/lib/validate-request.js +8 -13
- package/dist/lib/validate-request.js.map +1 -1
- package/dist/lib/validation/feature-toggle-schemas.d.ts +130 -249
- package/dist/lib/validation/feature-toggle-schemas.d.ts.map +1 -1
- package/dist/lib/validation/feature-toggle-schemas.js +50 -59
- package/dist/lib/validation/feature-toggle-schemas.js.map +1 -1
- package/dist/lib/validation/validate-request.d.ts.map +1 -1
- package/dist/lib/validation/validate-request.js +12 -23
- package/dist/lib/validation/validate-request.js.map +1 -1
- package/dist/lib/validation.js +1 -5
- package/dist/lib/validation.js.map +1 -1
- package/dist/lib/version.js +3 -8
- package/dist/lib/version.js.map +1 -1
- package/dist/server.d.ts +1 -1
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +29 -69
- package/dist/server.js.map +1 -1
- package/dist/types/cloudflare-compat.d.ts +3 -93
- package/dist/types/cloudflare-compat.d.ts.map +1 -1
- package/dist/types/cloudflare-compat.js +1 -2
- package/dist/types/cloudflare-compat.js.map +1 -1
- package/dist/worker.d.ts +6 -6
- package/dist/worker.d.ts.map +1 -1
- package/dist/worker.js +6 -13
- package/dist/worker.js.map +1 -1
- package/package.json +28 -15
- package/prisma/migrations/20260602054730_add_entity_geo_and_pending_schema/migration.sql +113 -0
- package/prisma/migrations/20260602162901_research_foundations/migration.sql +65 -0
- package/prisma/migrations/20260604130000_surveillance_phase0_enablers/migration.sql +107 -0
- package/prisma/migrations/20260604140000_fold_link_reports_into_reports/migration.sql +23 -0
- package/prisma/migrations/20260604140000_fold_link_reports_into_reports/rollback.reference.sql +31 -0
- package/prisma/migrations/20260606000000_handle_canonical_identity/migration.sql +18 -0
- package/prisma/schema.prisma +426 -68
- package/src/lambda/cleanup-cron.ts +10 -7
- package/src/lambda/create-auth-challenge.ts +6 -3
- package/src/lambda/delete-account-worker.ts +17 -12
- package/src/lambda/diagnostics-proxy.ts +9 -6
- package/src/lambda/e2e-sweeper.ts +17 -23
- package/src/lambda/federation-outbox-worker.ts +4 -1
- package/src/lambda/followers-events-worker.ts +4 -1
- package/src/lambda/hourly-cron.ts +112 -20
- package/src/lambda/link-check-worker.ts +4 -1
- package/src/lambda/maintenance-cron.ts +24 -13
- package/src/lambda/media-processing-worker.ts +5 -2
- package/src/lambda/media-reconciliation-worker.ts +4 -1
- package/src/lambda/nightly-cron.ts +53 -54
- package/src/lambda/post-confirmation.ts +262 -76
- package/src/lambda/pre-token-generation.ts +39 -44
- package/src/lambda/verify-auth-challenge.ts +4 -1
- package/dist/lib/audit/emit.d.ts +0 -56
- package/dist/lib/audit/emit.d.ts.map +0 -1
- package/dist/lib/audit/emit.js +0 -124
- package/dist/lib/audit/emit.js.map +0 -1
- package/dist/lib/audit/event-types.d.ts +0 -36
- package/dist/lib/audit/event-types.d.ts.map +0 -1
- package/dist/lib/audit/event-types.js +0 -69
- package/dist/lib/audit/event-types.js.map +0 -1
- package/dist/lib/audit-logger.d.ts +0 -142
- package/dist/lib/audit-logger.d.ts.map +0 -1
- package/dist/lib/audit-logger.js +0 -326
- package/dist/lib/audit-logger.js.map +0 -1
- package/dist/lib/circuit-breaker.d.ts +0 -27
- package/dist/lib/circuit-breaker.d.ts.map +0 -1
- package/dist/lib/circuit-breaker.js +0 -63
- package/dist/lib/circuit-breaker.js.map +0 -1
- package/dist/lib/graph/dual-write-service.d.ts +0 -116
- package/dist/lib/graph/dual-write-service.d.ts.map +0 -1
- package/dist/lib/graph/dual-write-service.js +0 -332
- package/dist/lib/graph/dual-write-service.js.map +0 -1
- package/dist/lib/graph/dual-write.d.ts +0 -396
- package/dist/lib/graph/dual-write.d.ts.map +0 -1
- package/dist/lib/graph/dual-write.js +0 -53
- package/dist/lib/graph/dual-write.js.map +0 -1
- package/dist/lib/graph/graph-schema-init.d.ts +0 -31
- package/dist/lib/graph/graph-schema-init.d.ts.map +0 -1
- package/dist/lib/graph/graph-schema-init.js +0 -105
- package/dist/lib/graph/graph-schema-init.js.map +0 -1
- package/dist/lib/graph/neo4j-graph-service.d.ts +0 -186
- package/dist/lib/graph/neo4j-graph-service.d.ts.map +0 -1
- package/dist/lib/graph/neo4j-graph-service.js +0 -1625
- package/dist/lib/graph/neo4j-graph-service.js.map +0 -1
- package/dist/lib/graph/reconciliation-service.d.ts +0 -113
- package/dist/lib/graph/reconciliation-service.d.ts.map +0 -1
- package/dist/lib/graph/reconciliation-service.js +0 -533
- package/dist/lib/graph/reconciliation-service.js.map +0 -1
- package/dist/lib/id-generator.d.ts +0 -29
- package/dist/lib/id-generator.d.ts.map +0 -1
- package/dist/lib/id-generator.js +0 -51
- package/dist/lib/id-generator.js.map +0 -1
- package/dist/lib/kv/dynamodb-kv.d.ts +0 -39
- package/dist/lib/kv/dynamodb-kv.d.ts.map +0 -1
- package/dist/lib/kv/dynamodb-kv.js +0 -239
- package/dist/lib/kv/dynamodb-kv.js.map +0 -1
- package/dist/lib/queue/sqs-queue.d.ts +0 -16
- package/dist/lib/queue/sqs-queue.d.ts.map +0 -1
- package/dist/lib/queue/sqs-queue.js +0 -39
- package/dist/lib/queue/sqs-queue.js.map +0 -1
- package/dist/lib/route-matcher.d.ts +0 -24
- package/dist/lib/route-matcher.d.ts.map +0 -1
- package/dist/lib/route-matcher.js +0 -96
- package/dist/lib/route-matcher.js.map +0 -1
- package/dist/lib/router.d.ts +0 -26
- package/dist/lib/router.d.ts.map +0 -1
- package/dist/lib/router.js +0 -90
- package/dist/lib/router.js.map +0 -1
- package/dist/lib/routes-all.d.ts +0 -9
- package/dist/lib/routes-all.d.ts.map +0 -1
- package/dist/lib/routes-all.js +0 -170
- package/dist/lib/routes-all.js.map +0 -1
- package/dist/lib/secret-resolver.d.ts +0 -88
- package/dist/lib/secret-resolver.d.ts.map +0 -1
- package/dist/lib/secret-resolver.js +0 -183
- package/dist/lib/secret-resolver.js.map +0 -1
- package/dist/lib/session-manager.d.ts.map +0 -1
- package/dist/lib/session-manager.js +0 -492
- package/dist/lib/session-manager.js.map +0 -1
- package/dist/lib/storage/s3-storage.d.ts +0 -29
- package/dist/lib/storage/s3-storage.d.ts.map +0 -1
- package/dist/lib/storage/s3-storage.js +0 -135
- package/dist/lib/storage/s3-storage.js.map +0 -1
- package/dist/lib/tenant-context.d.ts +0 -35
- package/dist/lib/tenant-context.d.ts.map +0 -1
- package/dist/lib/tenant-context.js +0 -54
- package/dist/lib/tenant-context.js.map +0 -1
package/dist/lib/schemas.js
CHANGED
|
@@ -1,30 +1,27 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/**
|
|
3
2
|
* Validation Schemas
|
|
4
3
|
*
|
|
5
4
|
* Zod schemas for runtime input validation.
|
|
6
5
|
* Used to validate request bodies and query parameters.
|
|
7
6
|
*/
|
|
8
|
-
|
|
9
|
-
exports.getSentimentUsersSchema = exports.feedQuerySchema = exports.emailRequestSchema = exports.friendRequestSchema = exports.connectionCodeSchema = exports.signupModeSchema = exports.featureToggleSchema = exports.deleteAccountConfirmationSchema = exports.validateInvitationSchema = exports.createInvitationSchema = exports.privacyPreferencesSchema = exports.badgeSchema = exports.sentimentSchema = exports.createCommentSchema = exports.editPostSchema = exports.createPostSchema = exports.paginationSchema = void 0;
|
|
10
|
-
const zod_1 = require("zod");
|
|
7
|
+
import { z } from "zod";
|
|
11
8
|
/**
|
|
12
9
|
* Pagination query parameters
|
|
13
10
|
*/
|
|
14
|
-
|
|
15
|
-
limit:
|
|
16
|
-
cursor:
|
|
17
|
-
offset:
|
|
11
|
+
export const paginationSchema = z.object({
|
|
12
|
+
limit: z.coerce.number().int().min(1).max(100).default(20),
|
|
13
|
+
cursor: z.string().optional(),
|
|
14
|
+
offset: z.coerce.number().int().min(0).max(10000).optional(),
|
|
18
15
|
});
|
|
19
16
|
/**
|
|
20
17
|
* Create post request body
|
|
21
18
|
*/
|
|
22
|
-
|
|
23
|
-
text:
|
|
24
|
-
visibility:
|
|
25
|
-
radius:
|
|
26
|
-
entityRefs:
|
|
27
|
-
.array(
|
|
19
|
+
export const createPostSchema = z.object({
|
|
20
|
+
text: z.string().min(1).max(3000).trim(),
|
|
21
|
+
visibility: z.enum(["public", "friends-only", "private"]).optional(),
|
|
22
|
+
radius: z.enum(["SHOUT", "LOUD", "NORMAL", "WHISPER"]).optional(),
|
|
23
|
+
entityRefs: z
|
|
24
|
+
.array(z
|
|
28
25
|
.string()
|
|
29
26
|
.trim()
|
|
30
27
|
.min(1)
|
|
@@ -33,26 +30,26 @@ exports.createPostSchema = zod_1.z.object({
|
|
|
33
30
|
.max(20) // Maximum 20 entities per post
|
|
34
31
|
.optional()
|
|
35
32
|
.default([]),
|
|
36
|
-
taxonomyTags:
|
|
37
|
-
.array(
|
|
33
|
+
taxonomyTags: z
|
|
34
|
+
.array(z
|
|
38
35
|
.string()
|
|
39
36
|
.trim()
|
|
40
37
|
.regex(/^[a-z-]+:[a-z-]+:[a-z-]+$/, "Invalid taxon ID format"))
|
|
41
38
|
.max(20) // Maximum 20 taxonomy tags per post
|
|
42
39
|
.optional()
|
|
43
40
|
.default([]),
|
|
44
|
-
geoData:
|
|
41
|
+
geoData: z
|
|
45
42
|
.object({
|
|
46
|
-
lat:
|
|
47
|
-
lng:
|
|
48
|
-
place:
|
|
43
|
+
lat: z.number().min(-90).max(90),
|
|
44
|
+
lng: z.number().min(-180).max(180),
|
|
45
|
+
place: z.string().optional(),
|
|
49
46
|
})
|
|
50
47
|
.optional(),
|
|
51
|
-
contentWarnings:
|
|
52
|
-
media:
|
|
53
|
-
.array(
|
|
54
|
-
id:
|
|
55
|
-
alt:
|
|
48
|
+
contentWarnings: z.array(z.string()).max(10).optional(),
|
|
49
|
+
media: z
|
|
50
|
+
.array(z.object({
|
|
51
|
+
id: z.string(), // MediaFile ID
|
|
52
|
+
alt: z.string().max(500).optional(), // Alt text for accessibility
|
|
56
53
|
}))
|
|
57
54
|
.max(4) // Maximum 4 images per post
|
|
58
55
|
.optional(),
|
|
@@ -63,17 +60,17 @@ exports.createPostSchema = zod_1.z.object({
|
|
|
63
60
|
* Used for PATCH /api/posts/:postId endpoint.
|
|
64
61
|
* Allows editing text, media, and visibility.
|
|
65
62
|
*/
|
|
66
|
-
|
|
67
|
-
text:
|
|
63
|
+
export const editPostSchema = z.object({
|
|
64
|
+
text: z
|
|
68
65
|
.string()
|
|
69
66
|
.min(1, "Post text is required")
|
|
70
67
|
.max(3000, "Post text exceeds maximum length")
|
|
71
68
|
.trim(),
|
|
72
|
-
visibility:
|
|
73
|
-
media:
|
|
74
|
-
.array(
|
|
75
|
-
id:
|
|
76
|
-
alt:
|
|
69
|
+
visibility: z.enum(["public", "friends-only", "private"]).optional(),
|
|
70
|
+
media: z
|
|
71
|
+
.array(z.object({
|
|
72
|
+
id: z.string().optional(), // Existing media ID
|
|
73
|
+
alt: z.string().max(500).optional(), // Alt text for accessibility
|
|
77
74
|
}))
|
|
78
75
|
.max(10) // Maximum 10 media attachments
|
|
79
76
|
.optional(),
|
|
@@ -81,14 +78,14 @@ exports.editPostSchema = zod_1.z.object({
|
|
|
81
78
|
/**
|
|
82
79
|
* Create comment request body
|
|
83
80
|
*/
|
|
84
|
-
|
|
85
|
-
text:
|
|
81
|
+
export const createCommentSchema = z.object({
|
|
82
|
+
text: z.string().min(1).max(3000).trim(),
|
|
86
83
|
});
|
|
87
84
|
/**
|
|
88
85
|
* Update sentiment request body
|
|
89
86
|
*/
|
|
90
|
-
|
|
91
|
-
sentiment:
|
|
87
|
+
export const sentimentSchema = z.object({
|
|
88
|
+
sentiment: z.enum([
|
|
92
89
|
"joy",
|
|
93
90
|
"gratitude",
|
|
94
91
|
"calm",
|
|
@@ -105,92 +102,92 @@ exports.sentimentSchema = zod_1.z.object({
|
|
|
105
102
|
/**
|
|
106
103
|
* Badge visibility request body
|
|
107
104
|
*/
|
|
108
|
-
|
|
109
|
-
showVerifiedBadge:
|
|
105
|
+
export const badgeSchema = z.object({
|
|
106
|
+
showVerifiedBadge: z.boolean(),
|
|
110
107
|
});
|
|
111
108
|
/**
|
|
112
109
|
* Privacy preferences request body
|
|
113
110
|
*/
|
|
114
|
-
|
|
115
|
-
profileVisibility:
|
|
116
|
-
showEmail:
|
|
117
|
-
showLocation:
|
|
118
|
-
allowFriendRequests:
|
|
111
|
+
export const privacyPreferencesSchema = z.object({
|
|
112
|
+
profileVisibility: z.enum(["public", "followers", "private"]).optional(),
|
|
113
|
+
showEmail: z.boolean().optional(),
|
|
114
|
+
showLocation: z.boolean().optional(),
|
|
115
|
+
allowFriendRequests: z.boolean().optional(),
|
|
119
116
|
});
|
|
120
117
|
/**
|
|
121
118
|
* Invitation creation request body
|
|
122
119
|
*/
|
|
123
|
-
|
|
124
|
-
email:
|
|
125
|
-
expiresInDays:
|
|
126
|
-
recaptchaToken:
|
|
120
|
+
export const createInvitationSchema = z.object({
|
|
121
|
+
email: z.string().email().toLowerCase().optional(),
|
|
122
|
+
expiresInDays: z.coerce.number().int().min(1).max(365).default(30),
|
|
123
|
+
recaptchaToken: z.string().optional(),
|
|
127
124
|
});
|
|
128
125
|
/**
|
|
129
126
|
* Validate invitation request body
|
|
130
127
|
*/
|
|
131
|
-
|
|
132
|
-
code:
|
|
133
|
-
email:
|
|
128
|
+
export const validateInvitationSchema = z.object({
|
|
129
|
+
code: z.string().min(1).max(100).trim().toUpperCase(),
|
|
130
|
+
email: z.string().email().toLowerCase().optional(),
|
|
134
131
|
});
|
|
135
132
|
/**
|
|
136
133
|
* Delete account confirmation request body
|
|
137
134
|
*/
|
|
138
|
-
|
|
139
|
-
confirmationCode:
|
|
135
|
+
export const deleteAccountConfirmationSchema = z.object({
|
|
136
|
+
confirmationCode: z.string().min(1).max(100).trim(),
|
|
140
137
|
});
|
|
141
138
|
/**
|
|
142
139
|
* Feature toggle request body
|
|
143
140
|
*/
|
|
144
|
-
|
|
145
|
-
enabled:
|
|
141
|
+
export const featureToggleSchema = z.object({
|
|
142
|
+
enabled: z.boolean(),
|
|
146
143
|
});
|
|
147
144
|
/**
|
|
148
145
|
* User signup mode request body
|
|
149
146
|
*/
|
|
150
|
-
|
|
151
|
-
mode:
|
|
147
|
+
export const signupModeSchema = z.object({
|
|
148
|
+
mode: z.enum(["open", "invitation_only"]),
|
|
152
149
|
});
|
|
153
150
|
/**
|
|
154
151
|
* Connection code request body
|
|
155
152
|
*/
|
|
156
|
-
|
|
157
|
-
code:
|
|
153
|
+
export const connectionCodeSchema = z.object({
|
|
154
|
+
code: z.string().min(1).max(100).trim(),
|
|
158
155
|
});
|
|
159
156
|
/**
|
|
160
157
|
* Friend request body
|
|
161
158
|
*/
|
|
162
|
-
|
|
163
|
-
inviterId:
|
|
159
|
+
export const friendRequestSchema = z.object({
|
|
160
|
+
inviterId: z.string().min(1).max(200).optional(),
|
|
164
161
|
});
|
|
165
162
|
/**
|
|
166
163
|
* Email request body (for password reset, etc.)
|
|
167
164
|
*/
|
|
168
|
-
|
|
169
|
-
email:
|
|
165
|
+
export const emailRequestSchema = z.object({
|
|
166
|
+
email: z.string().email().toLowerCase(),
|
|
170
167
|
});
|
|
171
168
|
/**
|
|
172
169
|
* Feed query parameters (extends pagination)
|
|
173
170
|
*/
|
|
174
|
-
|
|
175
|
-
entityRef:
|
|
176
|
-
entityRefs:
|
|
177
|
-
taxonomyTags:
|
|
178
|
-
.array(
|
|
171
|
+
export const feedQuerySchema = paginationSchema.extend({
|
|
172
|
+
entityRef: z.string().optional(), // Filter by single entity (for backward compatibility with existing queries)
|
|
173
|
+
entityRefs: z.array(z.string()).max(20).optional(), // Filter by multiple entities
|
|
174
|
+
taxonomyTags: z
|
|
175
|
+
.array(z
|
|
179
176
|
.string()
|
|
180
177
|
.trim()
|
|
181
178
|
.regex(/^[a-z-]+:[a-z-]+:[a-z-]+$/, "Invalid taxon ID format"))
|
|
182
179
|
.max(20)
|
|
183
180
|
.optional(), // Filter by taxonomy tags (taxonIds)
|
|
184
|
-
personalized:
|
|
185
|
-
personalizationEntityIds:
|
|
181
|
+
personalized: z.coerce.boolean().optional(), // Enable personalization based on user's entity tags
|
|
182
|
+
personalizationEntityIds: z.array(z.string()).max(20).optional(), // Specific entity IDs for personalization
|
|
186
183
|
});
|
|
187
184
|
/**
|
|
188
185
|
* Get sentiment users query parameters
|
|
189
186
|
* For "who reacted" feature - returns users who reacted with specific sentiments
|
|
190
187
|
*/
|
|
191
|
-
|
|
192
|
-
postId:
|
|
193
|
-
sentiment:
|
|
188
|
+
export const getSentimentUsersSchema = z.object({
|
|
189
|
+
postId: z.string().uuid("Post ID must be a valid UUID"),
|
|
190
|
+
sentiment: z
|
|
194
191
|
.enum([
|
|
195
192
|
"joy",
|
|
196
193
|
"gratitude",
|
|
@@ -205,13 +202,13 @@ exports.getSentimentUsersSchema = zod_1.z.object({
|
|
|
205
202
|
"insightful",
|
|
206
203
|
])
|
|
207
204
|
.optional(),
|
|
208
|
-
limit:
|
|
205
|
+
limit: z.coerce
|
|
209
206
|
.number()
|
|
210
207
|
.int("Limit must be an integer")
|
|
211
208
|
.min(1, "Limit must be at least 1")
|
|
212
209
|
.max(100, "Limit must not exceed 100")
|
|
213
210
|
.default(20),
|
|
214
|
-
cursor:
|
|
211
|
+
cursor: z
|
|
215
212
|
.string()
|
|
216
213
|
.refine((c) => {
|
|
217
214
|
try {
|
package/dist/lib/schemas.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"schemas.js","sourceRoot":"","sources":["../../src/lib/schemas.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"schemas.js","sourceRoot":"","sources":["../../src/lib/schemas.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IACvC,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC1D,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC7B,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,QAAQ,EAAE;CAC7D,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IACvC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE;IACxC,UAAU,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,cAAc,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE;IACpE,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE;IACjE,UAAU,EAAE,CAAC;SACV,KAAK,CACJ,CAAC;SACE,MAAM,EAAE;SACR,IAAI,EAAE;SACN,GAAG,CAAC,CAAC,CAAC;SACN,GAAG,CAAC,GAAG,CAAC;SACR,KAAK,CAAC,aAAa,EAAE,0BAA0B,CAAC,CACpD;SACA,GAAG,CAAC,EAAE,CAAC,CAAC,+BAA+B;SACvC,QAAQ,EAAE;SACV,OAAO,CAAC,EAAE,CAAC;IACd,YAAY,EAAE,CAAC;SACZ,KAAK,CACJ,CAAC;SACE,MAAM,EAAE;SACR,IAAI,EAAE;SACN,KAAK,CAAC,2BAA2B,EAAE,yBAAyB,CAAC,CACjE;SACA,GAAG,CAAC,EAAE,CAAC,CAAC,oCAAoC;SAC5C,QAAQ,EAAE;SACV,OAAO,CAAC,EAAE,CAAC;IACd,OAAO,EAAE,CAAC;SACP,MAAM,CAAC;QACN,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC;QAChC,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;QAClC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KAC7B,CAAC;SACD,QAAQ,EAAE;IACb,eAAe,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE;IACvD,KAAK,EAAE,CAAC;SACL,KAAK,CACJ,CAAC,CAAC,MAAM,CAAC;QACP,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,eAAe;QAC/B,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,6BAA6B;KACnE,CAAC,CACH;SACA,GAAG,CAAC,CAAC,CAAC,CAAC,4BAA4B;SACnC,QAAQ,EAAE;CACd,CAAC,CAAC;AAEH;;;;;GAKG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IACrC,IAAI,EAAE,CAAC;SACJ,MAAM,EAAE;SACR,GAAG,CAAC,CAAC,EAAE,uBAAuB,CAAC;SAC/B,GAAG,CAAC,IAAI,EAAE,kCAAkC,CAAC;SAC7C,IAAI,EAAE;IACT,UAAU,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,cAAc,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE;IACpE,KAAK,EAAE,CAAC;SACL,KAAK,CACJ,CAAC,CAAC,MAAM,CAAC;QACP,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE,oBAAoB;QAC/C,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,6BAA6B;KACnE,CAAC,CACH;SACA,GAAG,CAAC,EAAE,CAAC,CAAC,+BAA+B;SACvC,QAAQ,EAAE;CACd,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1C,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE;CACzC,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC;IACtC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC;QAChB,KAAK;QACL,WAAW;QACX,MAAM;QACN,MAAM;QACN,MAAM;QACN,YAAY;QACZ,KAAK;QACL,SAAS;QACT,OAAO;QACP,MAAM;QACN,YAAY;KACb,CAAC;CACH,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,CAAC,MAAM,CAAC;IAClC,iBAAiB,EAAE,CAAC,CAAC,OAAO,EAAE;CAC/B,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/C,iBAAiB,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE;IACxE,SAAS,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACjC,YAAY,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IACpC,mBAAmB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;CAC5C,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC7C,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE;IAClD,aAAa,EAAE,CAAC,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAClE,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACtC,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/C,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE;IACrD,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE;CACnD,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,+BAA+B,GAAG,CAAC,CAAC,MAAM,CAAC;IACtD,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE;CACpD,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1C,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE;CACrB,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IACvC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC;CAC1C,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3C,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE;CACxC,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1C,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;CACjD,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IACzC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE;CACxC,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,gBAAgB,CAAC,MAAM,CAAC;IACrD,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE,6EAA6E;IAC/G,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE,EAAE,8BAA8B;IAClF,YAAY,EAAE,CAAC;SACZ,KAAK,CACJ,CAAC;SACE,MAAM,EAAE;SACR,IAAI,EAAE;SACN,KAAK,CAAC,2BAA2B,EAAE,yBAAyB,CAAC,CACjE;SACA,GAAG,CAAC,EAAE,CAAC;SACP,QAAQ,EAAE,EAAE,qCAAqC;IACpD,YAAY,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,EAAE,qDAAqD;IAClG,wBAAwB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE,EAAE,0CAA0C;CAC7G,CAAC,CAAC;AAEH;;;GAGG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9C,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,8BAA8B,CAAC;IACvD,SAAS,EAAE,CAAC;SACT,IAAI,CAAC;QACJ,KAAK;QACL,WAAW;QACX,MAAM;QACN,MAAM;QACN,MAAM;QACN,YAAY;QACZ,KAAK;QACL,SAAS;QACT,OAAO;QACP,MAAM;QACN,YAAY;KACb,CAAC;SACD,QAAQ,EAAE;IACb,KAAK,EAAE,CAAC,CAAC,MAAM;SACZ,MAAM,EAAE;SACR,GAAG,CAAC,0BAA0B,CAAC;SAC/B,GAAG,CAAC,CAAC,EAAE,0BAA0B,CAAC;SAClC,GAAG,CAAC,GAAG,EAAE,2BAA2B,CAAC;SACrC,OAAO,CAAC,EAAE,CAAC;IACd,MAAM,EAAE,CAAC;SACN,MAAM,EAAE;SACR,MAAM,CACL,CAAC,CAAC,EAAE,EAAE;QACJ,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;YAChE,OAAO,CACL,OAAO,OAAO,KAAK,QAAQ;gBAC3B,OAAO,KAAK,IAAI;gBAChB,OAAO,OAAO,CAAC,MAAM,KAAK,QAAQ;gBAClC,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC;gBACzB,OAAO,CAAC,MAAM,CAAC,MAAM,IAAI,GAAG;gBAC5B,OAAO,OAAO,CAAC,aAAa,KAAK,QAAQ;gBACzC,OAAO,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC;gBAChC,OAAO,CAAC,aAAa,CAAC,MAAM,IAAI,EAAE;gBAClC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,CAClC,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC,EACD,EAAE,OAAO,EAAE,uBAAuB,EAAE,CACrC;SACA,QAAQ,EAAE;CACd,CAAC,CAAC"}
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
* Secrets Manager wrapper for IdP client secrets.
|
|
3
3
|
*
|
|
4
4
|
* Naming convention: `tenant/{tenantId}/idp-client-secret`. The IAM policy
|
|
5
|
-
* grants
|
|
5
|
+
* grants Trellis's task role only `secretsmanager:CreateSecret`,
|
|
6
6
|
* `PutSecretValue`, `DeleteSecret`, `DescribeSecret`, `GetSecretValue` on
|
|
7
7
|
* `arn:aws:secretsmanager:{region}:{account}:secret:tenant/*` so a leak in
|
|
8
8
|
* the IdP CRUD path can never read or rewrite secrets outside that prefix.
|
|
@@ -1,13 +1,8 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.IdpSecretsClient = exports.IDP_SECRET_SUFFIX = exports.IDP_SECRET_PREFIX = void 0;
|
|
4
|
-
exports.idpSecretName = idpSecretName;
|
|
5
|
-
exports.createIdpSecretsClient = createIdpSecretsClient;
|
|
6
1
|
/**
|
|
7
2
|
* Secrets Manager wrapper for IdP client secrets.
|
|
8
3
|
*
|
|
9
4
|
* Naming convention: `tenant/{tenantId}/idp-client-secret`. The IAM policy
|
|
10
|
-
* grants
|
|
5
|
+
* grants Trellis's task role only `secretsmanager:CreateSecret`,
|
|
11
6
|
* `PutSecretValue`, `DeleteSecret`, `DescribeSecret`, `GetSecretValue` on
|
|
12
7
|
* `arn:aws:secretsmanager:{region}:{account}:secret:tenant/*` so a leak in
|
|
13
8
|
* the IdP CRUD path can never read or rewrite secrets outside that prefix.
|
|
@@ -16,13 +11,13 @@ exports.createIdpSecretsClient = createIdpSecretsClient;
|
|
|
16
11
|
* to Secrets Manager. It is never logged here. Callers must not log it
|
|
17
12
|
* either.
|
|
18
13
|
*/
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
function idpSecretName(tenantId) {
|
|
23
|
-
return `${
|
|
14
|
+
import { SecretsManagerClient, CreateSecretCommand, PutSecretValueCommand, DeleteSecretCommand, DescribeSecretCommand, } from "@aws-sdk/client-secrets-manager";
|
|
15
|
+
export const IDP_SECRET_PREFIX = "tenant/";
|
|
16
|
+
export const IDP_SECRET_SUFFIX = "/idp-client-secret";
|
|
17
|
+
export function idpSecretName(tenantId) {
|
|
18
|
+
return `${IDP_SECRET_PREFIX}${tenantId}${IDP_SECRET_SUFFIX}`;
|
|
24
19
|
}
|
|
25
|
-
class IdpSecretsClient {
|
|
20
|
+
export class IdpSecretsClient {
|
|
26
21
|
client;
|
|
27
22
|
constructor(client) {
|
|
28
23
|
this.client = client;
|
|
@@ -35,7 +30,7 @@ class IdpSecretsClient {
|
|
|
35
30
|
*/
|
|
36
31
|
async create(tenantId, plaintext) {
|
|
37
32
|
const name = idpSecretName(tenantId);
|
|
38
|
-
const result = await this.client.send(new
|
|
33
|
+
const result = await this.client.send(new CreateSecretCommand({
|
|
39
34
|
Name: name,
|
|
40
35
|
SecretString: plaintext,
|
|
41
36
|
Tags: [
|
|
@@ -54,7 +49,7 @@ class IdpSecretsClient {
|
|
|
54
49
|
*/
|
|
55
50
|
async rotate(tenantId, plaintext) {
|
|
56
51
|
const name = idpSecretName(tenantId);
|
|
57
|
-
const result = await this.client.send(new
|
|
52
|
+
const result = await this.client.send(new PutSecretValueCommand({
|
|
58
53
|
SecretId: name,
|
|
59
54
|
SecretString: plaintext,
|
|
60
55
|
}));
|
|
@@ -72,7 +67,7 @@ class IdpSecretsClient {
|
|
|
72
67
|
async delete(tenantId) {
|
|
73
68
|
const name = idpSecretName(tenantId);
|
|
74
69
|
try {
|
|
75
|
-
await this.client.send(new
|
|
70
|
+
await this.client.send(new DeleteSecretCommand({
|
|
76
71
|
SecretId: name,
|
|
77
72
|
ForceDeleteWithoutRecovery: true,
|
|
78
73
|
}));
|
|
@@ -91,7 +86,7 @@ class IdpSecretsClient {
|
|
|
91
86
|
async describe(tenantId) {
|
|
92
87
|
const name = idpSecretName(tenantId);
|
|
93
88
|
try {
|
|
94
|
-
const result = await this.client.send(new
|
|
89
|
+
const result = await this.client.send(new DescribeSecretCommand({ SecretId: name }));
|
|
95
90
|
if (!result.ARN)
|
|
96
91
|
return null;
|
|
97
92
|
return { arn: result.ARN };
|
|
@@ -104,8 +99,7 @@ class IdpSecretsClient {
|
|
|
104
99
|
}
|
|
105
100
|
}
|
|
106
101
|
}
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
return new IdpSecretsClient(new client_secrets_manager_1.SecretsManagerClient({ region: region ?? process.env.AWS_REGION ?? "eu-central-1" }));
|
|
102
|
+
export function createIdpSecretsClient(region) {
|
|
103
|
+
return new IdpSecretsClient(new SecretsManagerClient({ region: region ?? process.env.AWS_REGION ?? "eu-central-1" }));
|
|
110
104
|
}
|
|
111
105
|
//# sourceMappingURL=idp-secrets.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"idp-secrets.js","sourceRoot":"","sources":["../../../src/lib/secrets/idp-secrets.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"idp-secrets.js","sourceRoot":"","sources":["../../../src/lib/secrets/idp-secrets.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AACH,OAAO,EACL,oBAAoB,EACpB,mBAAmB,EACnB,qBAAqB,EACrB,mBAAmB,EACnB,qBAAqB,GACtB,MAAM,iCAAiC,CAAC;AAEzC,MAAM,CAAC,MAAM,iBAAiB,GAAG,SAAS,CAAC;AAC3C,MAAM,CAAC,MAAM,iBAAiB,GAAG,oBAAoB,CAAC;AAEtD,MAAM,UAAU,aAAa,CAAC,QAAgB;IAC5C,OAAO,GAAG,iBAAiB,GAAG,QAAQ,GAAG,iBAAiB,EAAE,CAAC;AAC/D,CAAC;AAOD,MAAM,OAAO,gBAAgB;IACE;IAA7B,YAA6B,MAA4B;QAA5B,WAAM,GAAN,MAAM,CAAsB;IAAG,CAAC;IAE7D;;;;;OAKG;IACH,KAAK,CAAC,MAAM,CAAC,QAAgB,EAAE,SAAiB;QAC9C,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;QACrC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACnC,IAAI,mBAAmB,CAAC;YACtB,IAAI,EAAE,IAAI;YACV,YAAY,EAAE,SAAS;YACvB,IAAI,EAAE;gBACJ,EAAE,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,EAAE;gBACpC,EAAE,GAAG,EAAE,SAAS,EAAE,KAAK,EAAE,mBAAmB,EAAE;aAC/C;SACF,CAAC,CACH,CAAC;QACF,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;QAClE,CAAC;QACD,OAAO,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;IAC3F,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,MAAM,CAAC,QAAgB,EAAE,SAAiB;QAC9C,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;QACrC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACnC,IAAI,qBAAqB,CAAC;YACxB,QAAQ,EAAE,IAAI;YACd,YAAY,EAAE,SAAS;SACxB,CAAC,CACH,CAAC;QACF,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;QACpE,CAAC;QACD,OAAO,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;IAC3F,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,MAAM,CAAC,QAAgB;QAC3B,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACpB,IAAI,mBAAmB,CAAC;gBACtB,QAAQ,EAAE,IAAI;gBACd,0BAA0B,EAAE,IAAI;aACjC,CAAC,CACH,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GAAI,GAAyB,CAAC,IAAI,CAAC;YAChD,IAAI,OAAO,KAAK,2BAA2B;gBAAE,OAAO;YACpD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,QAAQ,CAAC,QAAgB;QAC7B,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACnC,IAAI,qBAAqB,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAC9C,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,GAAG;gBAAE,OAAO,IAAI,CAAC;YAC7B,OAAO,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC;QAC7B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GAAI,GAAyB,CAAC,IAAI,CAAC;YAChD,IAAI,OAAO,KAAK,2BAA2B;gBAAE,OAAO,IAAI,CAAC;YACzD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AAED,MAAM,UAAU,sBAAsB,CAAC,MAAe;IACpD,OAAO,IAAI,gBAAgB,CACzB,IAAI,oBAAoB,CAAC,EAAE,MAAM,EAAE,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,cAAc,EAAE,CAAC,CACzF,CAAC;AACJ,CAAC"}
|
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/**
|
|
3
2
|
* Security Event Cleaner
|
|
4
3
|
*
|
|
@@ -16,14 +15,12 @@
|
|
|
16
15
|
*
|
|
17
16
|
* @see doc/01-business/features/b2c-features/border-safety-mode/preparatory-design-changes/06-metadata.md
|
|
18
17
|
*/
|
|
19
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
20
|
-
exports.SecurityEventCleaner = void 0;
|
|
21
18
|
/**
|
|
22
19
|
* Security Event Cleaner
|
|
23
20
|
*
|
|
24
21
|
* Manages cleanup of expired security events. Currently a stub.
|
|
25
22
|
*/
|
|
26
|
-
class SecurityEventCleaner {
|
|
23
|
+
export class SecurityEventCleaner {
|
|
27
24
|
/**
|
|
28
25
|
* Clean up expired security events
|
|
29
26
|
*
|
|
@@ -70,5 +67,4 @@ class SecurityEventCleaner {
|
|
|
70
67
|
return 0;
|
|
71
68
|
}
|
|
72
69
|
}
|
|
73
|
-
exports.SecurityEventCleaner = SecurityEventCleaner;
|
|
74
70
|
//# sourceMappingURL=security-event-cleaner.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"security-event-cleaner.js","sourceRoot":"","sources":["../../src/lib/security-event-cleaner.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"security-event-cleaner.js","sourceRoot":"","sources":["../../src/lib/security-event-cleaner.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH;;;;GAIG;AACH,MAAM,OAAO,oBAAoB;IAC/B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAkCG;IACH,KAAK,CAAC,oBAAoB;QACxB,wCAAwC;QACxC,iFAAiF;QACjF,aAAa;QACb,uEAAuE;QACvE,oEAAoE;QACpE,4BAA4B;QAC5B,oCAAoC;QAEpC,OAAO,CAAC,CAAC;IACX,CAAC;CACF"}
|
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
"use strict";
|
|
2
1
|
/**
|
|
3
2
|
* Security Headers
|
|
4
3
|
*
|
|
@@ -9,12 +8,10 @@
|
|
|
9
8
|
* - CSP_SCRIPT_SRC: Override for CSP script-src directive
|
|
10
9
|
* - CSP_STYLE_SRC: Override for CSP style-src directive
|
|
11
10
|
*/
|
|
12
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
13
|
-
exports.SecurityHeaders = void 0;
|
|
14
11
|
/**
|
|
15
12
|
* Security Headers manager class
|
|
16
13
|
*/
|
|
17
|
-
class SecurityHeaders {
|
|
14
|
+
export class SecurityHeaders {
|
|
18
15
|
headers;
|
|
19
16
|
constructor(env) {
|
|
20
17
|
// Build CSP policy based on environment
|
|
@@ -83,5 +80,4 @@ class SecurityHeaders {
|
|
|
83
80
|
return this.addSecurityHeaders(response);
|
|
84
81
|
}
|
|
85
82
|
}
|
|
86
|
-
exports.SecurityHeaders = SecurityHeaders;
|
|
87
83
|
//# sourceMappingURL=security-headers.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"security-headers.js","sourceRoot":"","sources":["../../src/lib/security-headers.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"security-headers.js","sourceRoot":"","sources":["../../src/lib/security-headers.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAQH;;GAEG;AACH,MAAM,OAAO,eAAe;IAClB,OAAO,CAAyB;IAExC,YAAY,GAAwB;QAClC,wCAAwC;QACxC,MAAM,aAAa,GAAG,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;QACnD,MAAM,YAAY,GAChB,GAAG,EAAE,cAAc,IAAI,gCAAgC,CAAC;QAC1D,2EAA2E;QAC3E,4EAA4E;QAC5E,MAAM,WAAW,GAAG,GAAG,EAAE,aAAa,IAAI,qCAAqC,CAAC;QAEhF,MAAM,GAAG,GAAG;YACV,oBAAoB;YACpB,cAAc,YAAY,EAAE;YAC5B,aAAa,WAAW,EAAE;YAC1B,6BAA6B;YAC7B,iDAAiD;YACjD,eAAe,aAAa,EAAE;YAC9B,wBAAwB;SACzB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEb,IAAI,CAAC,OAAO,GAAG;YACb,wBAAwB,EAAE,SAAS;YACnC,iBAAiB,EAAE,MAAM;YACzB,kBAAkB,EAAE,eAAe;YACnC,iBAAiB,EAAE,iCAAiC;YACpD,2BAA2B,EACzB,8CAA8C;YAChD,yBAAyB,EAAE,GAAG;SAC/B,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,GAAwB;QACjD,MAAM,QAAQ,GAAG;YACf,QAAQ;YACR,qBAAqB;YACrB,qBAAqB;YACrB,yBAAyB;SAC1B,CAAC;QAEF,IAAI,GAAG,EAAE,eAAe,EAAE,CAAC;YACzB,0CAA0C;YAC1C,MAAM,iBAAiB,GAAG,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAClE,OAAO,CAAC,GAAG,QAAQ,EAAE,GAAG,iBAAiB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACvD,CAAC;QAED,OAAO,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC5B,CAAC;IAED;;;OAGG;IACH,kBAAkB,CAAC,QAAkB;QACnC,sDAAsD;QACtD,MAAM,WAAW,GAAG,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE;YAC9C,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,OAAO,EAAE,QAAQ,CAAC,OAAO;SAC1B,CAAC,CAAC;QAEH,kEAAkE;QAClE,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;YACpD,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;QAEH,OAAO,WAAW,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,oBAAoB,CAAC,IAAqB,EAAE,IAAmB;QAC7D,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC1C,OAAO,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IAC3C,CAAC;CACF"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type { AnalyticsEngineDataset } from "../types/cloudflare-compat";
|
|
1
|
+
import type { AnalyticsEngineDataset } from "../types/cloudflare-compat.js";
|
|
2
2
|
export type SecurityEventType = "sso_login" | "sso_failed" | "sso_config_error" | "rate_limit_exceeded" | "suspicious_activity" | "unauthorized_access" | "database_connection_failure";
|
|
3
3
|
export type SecurityEventSeverity = "low" | "medium" | "high" | "critical";
|
|
4
4
|
export interface SecurityEvent {
|
|
@@ -47,7 +47,9 @@ export declare class SecurityMonitor {
|
|
|
47
47
|
* - low: 7 days
|
|
48
48
|
*
|
|
49
49
|
* @param severity - Event severity level
|
|
50
|
-
* @returns Date when the event should be deleted
|
|
50
|
+
* @returns Date when the event should be deleted (always set — the column is
|
|
51
|
+
* NON-NULLABLE as of Surveillance-hardening Phase 0; a NULL would escape
|
|
52
|
+
* the hourly-cron pruning forever).
|
|
51
53
|
*/
|
|
52
54
|
private calculateRetentionUntil;
|
|
53
55
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"security-monitor.d.ts","sourceRoot":"","sources":["../../src/lib/security-monitor.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"security-monitor.d.ts","sourceRoot":"","sources":["../../src/lib/security-monitor.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AAW5E,MAAM,MAAM,iBAAiB,GACzB,WAAW,GACX,YAAY,GACZ,kBAAkB,GAClB,qBAAqB,GACrB,qBAAqB,GACrB,qBAAqB,GACrB,6BAA6B,CAAC;AAElC,MAAM,MAAM,qBAAqB,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAE3E,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,iBAAiB,CAAC;IACxB,QAAQ,EAAE,qBAAqB,CAAC;IAChC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAChC;AAED,MAAM,WAAW,GAAG;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,SAAS,CAAC,EAAE,sBAAsB,CAAC;IAGnC,yBAAyB,CAAC,EAAE,MAAM,CAAC;CACpC;AAED;;GAEG;AACH,qBAAa,eAAe;IAC1B;;OAEG;IACG,WAAW,CACf,KAAK,EAAE;QACL,IAAI,EAAE,WAAW,GAAG,YAAY,GAAG,kBAAkB,CAAC;QACtD,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,QAAQ,EAAE,MAAM,CAAC;QACjB,SAAS,EAAE,MAAM,CAAC;QAClB,SAAS,EAAE,MAAM,CAAC;QAClB,OAAO,EAAE,OAAO,CAAC;QACjB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;KAChC,EACD,GAAG,EAAE,GAAG,GACP,OAAO,CAAC,IAAI,CAAC;IAkBhB;;;;;;;;;;;;;;;;OAgBG;IACH,OAAO,CAAC,uBAAuB;IAc/B;;;;OAIG;IACG,gBAAgB,CAAC,KAAK,EAAE,aAAa,EAAE,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC;IA+DrE;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAyBzB;;OAEG;YACW,uBAAuB;IAyDrC;;;;;;;;;;;;OAYG;YACW,mBAAmB;IA4BjC;;;;OAIG;YACW,gBAAgB;IA4C9B;;OAEG;YACW,SAAS;CAmCxB"}
|
|
@@ -1,17 +1,14 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.SecurityMonitor = void 0;
|
|
4
1
|
/**
|
|
5
2
|
* Security Monitor
|
|
6
3
|
*
|
|
7
4
|
* Handles security event logging, monitoring, and alerting for SSO authentication.
|
|
8
5
|
*/
|
|
9
|
-
|
|
10
|
-
|
|
6
|
+
import { createPrisma } from "../db.js";
|
|
7
|
+
import { getLogger } from "./logger.js";
|
|
11
8
|
/**
|
|
12
9
|
* Security Monitor class for logging and monitoring security events
|
|
13
10
|
*/
|
|
14
|
-
class SecurityMonitor {
|
|
11
|
+
export class SecurityMonitor {
|
|
15
12
|
/**
|
|
16
13
|
* Log SSO authentication event
|
|
17
14
|
*/
|
|
@@ -41,7 +38,9 @@ class SecurityMonitor {
|
|
|
41
38
|
* - low: 7 days
|
|
42
39
|
*
|
|
43
40
|
* @param severity - Event severity level
|
|
44
|
-
* @returns Date when the event should be deleted
|
|
41
|
+
* @returns Date when the event should be deleted (always set — the column is
|
|
42
|
+
* NON-NULLABLE as of Surveillance-hardening Phase 0; a NULL would escape
|
|
43
|
+
* the hourly-cron pruning forever).
|
|
45
44
|
*/
|
|
46
45
|
calculateRetentionUntil(severity) {
|
|
47
46
|
const retentionDays = {
|
|
@@ -62,7 +61,7 @@ class SecurityMonitor {
|
|
|
62
61
|
*/
|
|
63
62
|
async logSecurityEvent(event, env) {
|
|
64
63
|
try {
|
|
65
|
-
const db =
|
|
64
|
+
const db = createPrisma(env);
|
|
66
65
|
// PREPARATORY: Calculate retention date for future cleanup job
|
|
67
66
|
// FUTURE USE: Cleanup job will delete events where retentionUntil < NOW()
|
|
68
67
|
const retentionUntil = this.calculateRetentionUntil(event.severity);
|
|
@@ -95,7 +94,7 @@ class SecurityMonitor {
|
|
|
95
94
|
// Table might not exist yet - log to console for now
|
|
96
95
|
// This is expected until migration is run
|
|
97
96
|
// If retention_until column doesn't exist, the insert will fail - that's okay for now
|
|
98
|
-
|
|
97
|
+
getLogger().warn("[SecurityMonitor] Database logging failed (table may not exist, migration needed):", dbError);
|
|
99
98
|
}
|
|
100
99
|
// Send to monitoring system
|
|
101
100
|
await this.sendToMonitoring(event, env);
|
|
@@ -110,7 +109,7 @@ class SecurityMonitor {
|
|
|
110
109
|
}
|
|
111
110
|
catch (error) {
|
|
112
111
|
// Don't fail the request if logging fails
|
|
113
|
-
|
|
112
|
+
getLogger().error("[SecurityMonitor] Failed to log security event:", error);
|
|
114
113
|
}
|
|
115
114
|
}
|
|
116
115
|
/**
|
|
@@ -144,7 +143,7 @@ class SecurityMonitor {
|
|
|
144
143
|
if (!event.ipAddress)
|
|
145
144
|
return;
|
|
146
145
|
try {
|
|
147
|
-
const db =
|
|
146
|
+
const db = createPrisma(env);
|
|
148
147
|
// Check for multiple failed attempts from same IP in last 15 minutes
|
|
149
148
|
try {
|
|
150
149
|
const recentFailures = await db.$queryRawUnsafe(`
|
|
@@ -173,11 +172,11 @@ class SecurityMonitor {
|
|
|
173
172
|
}
|
|
174
173
|
catch (error) {
|
|
175
174
|
// Table might not exist yet - skip pattern detection
|
|
176
|
-
|
|
175
|
+
getLogger().warn("[SecurityMonitor] Failed to detect failed auth pattern (table may not exist):", error);
|
|
177
176
|
}
|
|
178
177
|
}
|
|
179
178
|
catch (error) {
|
|
180
|
-
|
|
179
|
+
getLogger().error("[SecurityMonitor] Failed to detect failed auth pattern:", error);
|
|
181
180
|
}
|
|
182
181
|
}
|
|
183
182
|
/**
|
|
@@ -242,12 +241,12 @@ class SecurityMonitor {
|
|
|
242
241
|
});
|
|
243
242
|
}
|
|
244
243
|
catch (error) {
|
|
245
|
-
|
|
244
|
+
getLogger().error("[SecurityMonitor] Analytics write failed:", error);
|
|
246
245
|
// Don't throw - analytics failures shouldn't break the app
|
|
247
246
|
}
|
|
248
247
|
}
|
|
249
248
|
// Log to console for development
|
|
250
|
-
|
|
249
|
+
getLogger().info("[SecurityMonitor]", {
|
|
251
250
|
type: event.type,
|
|
252
251
|
severity: event.severity,
|
|
253
252
|
provider: event.provider,
|
|
@@ -261,7 +260,7 @@ class SecurityMonitor {
|
|
|
261
260
|
async sendAlert(event, env) {
|
|
262
261
|
if (!env.SECURITY_WEBHOOK_URL) {
|
|
263
262
|
// No webhook configured - just log
|
|
264
|
-
|
|
263
|
+
getLogger().warn("[SecurityMonitor] Security alert (no webhook configured):", event);
|
|
265
264
|
return;
|
|
266
265
|
}
|
|
267
266
|
try {
|
|
@@ -284,9 +283,8 @@ class SecurityMonitor {
|
|
|
284
283
|
});
|
|
285
284
|
}
|
|
286
285
|
catch (error) {
|
|
287
|
-
|
|
286
|
+
getLogger().error("[SecurityMonitor] Failed to send alert:", error);
|
|
288
287
|
}
|
|
289
288
|
}
|
|
290
289
|
}
|
|
291
|
-
exports.SecurityMonitor = SecurityMonitor;
|
|
292
290
|
//# sourceMappingURL=security-monitor.js.map
|