@digilogiclabs/platform-core 1.8.0 → 1.9.0

package/dist/index.d.mts

@@ -1,8 +1,9 @@
 import { p as ILogger, q as IMetrics, I as IPlatform, P as PlatformHealthStatus, u as MetricsSummary, v as ICrypto, w as EncryptOptions, x as EncryptedField, D as DeterministicEncryptedField, K as KeyRotationResult, y as CryptoKeyMetadata, e as IDatabase, k as IQueryBuilder, Q as QueryResult, l as ICache, m as IStorage, U as UploadOptions, S as StorageFile, n as IEmail, t as EmailMessage, z as EmailResult, o as IQueue, s as JobOptions, J as Job, R as RepeatOptions, A as JobState, B as JobEventType, F as JobEventHandler, G as IAI, H as AIConfig, L as AIChatRequest, O as AIChatResponse, T as AIStreamChunk, V as AIStreamCallback, W as AICompletionRequest, X as AICompletionResponse, Y as AIEmbeddingRequest, Z as AIEmbeddingResponse, _ as AIModelConfig, $ as AIModelType, a0 as AIProvider, a1 as IRAG, a2 as RAGConfig, a3 as CreateCollectionOptions, a4 as RAGCollection, a5 as RAGDocument, a6 as IngestionOptions, a7 as BulkIngestionResult, a8 as IngestionResult, a9 as DocumentStatus, aa as RAGChunk, ab as RAGSearchQuery, ac as RAGSearchResponse, ad as RAGSearchResult, ae as ContextAssemblyConfig, af as AssembledContext, ag as RAGPipeline } from './ConsoleEmail-ubSVWgTa.mjs';
 export { aI as AIChatChoice, br as AIConfigSchema, aO as AIError, aN as AIErrorCode, aC as AIErrorMessages, aJ as AIFinishReason, aF as AIMessage, bk as AIProviderSchema, aE as AIRole, aM as AIRouterConfig, aH as AITool, aG as AIToolCall, aK as AIUsageInfo, am as BackoffOptions, by as BulkheadConfigSchema, bI as CacheConfig, bn as CacheConfigSchema, be as CacheProviderSchema, aS as ChunkingConfig, aQ as ChunkingPresets, aR as ChunkingStrategy, bw as CircuitBreakerConfigSchema, C as ConsoleEmail, h as ConsoleLogger, aX as CryptoAlgorithm, bP as CryptoConfig, bt as CryptoConfigSchema, aW as CryptoKeyStatus, bH as DatabaseConfig, bm as DatabaseConfigSchema, bd as DatabaseProviderSchema, b7 as EmailAddress, b8 as EmailAttachment, bK as EmailConfig, bp as EmailConfigSchema, bg as EmailProviderSchema, E as EnvSecrets, aw as GetSecretOptions, as as HistogramStats, ah as ICacheOptions, r as ISecrets, b1 as ISpan, b0 as ITracing, aj as JobContext, ak as JobEvent, ai as JobResult, ap as LogEntry, an as LogLevel, bj as LogLevelSchema, ao as LogMeta, aq as LoggerConfig, bA as LoggingConfigSchema, aD as MemoryAI, a as MemoryCache, M as MemoryDatabase, c as MemoryEmail, i as MemoryMetrics, d as MemoryQueue, aP as MemoryRAG, f as MemorySecrets, b as MemoryStorage, a_ as MemoryTracing, ar as MetricTags, bB as MetricsConfigSchema, bO as MiddlewareConfig, bE as MiddlewareConfigSchema, N as NoopLogger, j as NoopMetrics, a$ as NoopTracing, bN as ObservabilityConfig, bD as ObservabilityConfigSchema, bG as PlatformConfig, bF as PlatformConfigSchema, bL as QueueConfig, bq as QueueConfigSchema, bh as QueueProviderSchema, al as QueueStats, bs as RAGConfigSchema, aU as RAGFilter, aV as RAGPipelineStep, bl as RAGProviderSchema, bM as ResilienceConfig, bz as ResilienceConfigSchema, bv as RetryConfigSchema, ay as RotateSecretOptions, az as RotationResult, aL as RoutingStrategy, aT as SearchMode, au as Secret, av as SecretMetadata, bQ as SecurityConfig, bu as SecurityConfigSchema, ax as SetSecretOptions, b2 as SpanContext, bc as SpanEvent, b5 as SpanKind, b3 as SpanOptions, b4 as SpanStatus, bb as SpanStatusCode, bJ as StorageConfig, bo as StorageConfigSchema, bf as StorageProviderSchema, bx as TimeoutConfigSchema, at as TimingStats, b6 as TracingConfig, bC as TracingConfigSchema, bi as TracingProviderSchema, b9 as calculateBackoff, aA as createAIError, g as createPlatform, aY as createPlatformAsync, aZ as createScopedMetrics, ba as generateJobId, bU as getDefaultConfig, aB as isAIError, bR as loadConfig, bT as safeValidateConfig, bS as validateConfig } from './ConsoleEmail-ubSVWgTa.mjs';
 export { w as IMigrationDatabase, I as IMigrator, q as Migration, r as MigrationRecord, t as MigrationResult, u as MigrationStatus, M as Migrator, v as MigratorConfig, S as SQL, o as createBetaInvitesTable, n as createBetaSettingsTable, p as createBetaTestersTable, f as createDomainVerificationsTable, c as createMigration, b as createSsoOidcConfigsTable, m as createSsoSessionsTable, k as createTenantInvitationsTable, j as createTenantMembersTable, l as createTenantUsageTable, i as createTenantsTable, h as createVerifiedDomainsTable, d as defineMigration, e as enterpriseMigrations, g as generateVersion, a as getEnterpriseMigrations, s as sqlMigration } from './index-DzQ0Js5Z.mjs';
-import { aZ as IBeta, a_ as BetaConfig, a$ as BetaSettings, b0 as UpdateBetaSettingsOptions, b1 as CreateBetaCodesOptions, b2 as BetaInviteCode, b3 as ListBetaCodesOptions, b4 as BetaValidationResult, b5 as BetaConsumeResult, b6 as BetaTester, b7 as BetaStats, b8 as BetaCodeUsageReport } from './env-jqNJdZVt.mjs';
-export { as as AllowlistConfig, A as ApiError, k as ApiErrorCode, m as ApiErrorCodeType, o as ApiPaginatedResponse, _ as ApiSecurityConfig, a0 as ApiSecurityContext, n as ApiSuccessResponse, aK as AuditRequest, P as AuthCookiesConfig, W as AuthMethod, aS as BetaClientConfig, bd as BetaCodeStatus, C as CommonApiErrors, ay as CommonRateLimits, aj as DateRangeInput, ad as DateRangeSchema, an as DeploymentStage, ah as EmailInput, a6 as EmailSchema, E as EnvValidationConfig, x as EnvValidationResult, ap as FlagDefinition, aq as FlagDefinitions, ao as FlagValue, bi as HTML_TAG_PATTERN, z as KEYCLOAK_DEFAULT_ROLES, N as KeycloakCallbacksConfig, K as KeycloakConfig, O as KeycloakJwtFields, y as KeycloakTokenSet, al as LoginInput, af as LoginSchema, b9 as MemoryBeta, aF as OpsAuditActor, aH as OpsAuditEvent, aJ as OpsAuditLoggerOptions, aI as OpsAuditRecord, aG as OpsAuditResource, bj as PG_ERROR_MAP, ai as PaginationInput, ac as PaginationSchema, a7 as PasswordSchema, aa as PersonNameSchema, a9 as PhoneSchema, ax as RateLimitCheckResult, b as RateLimitOptions, Y as RateLimitPreset, a as RateLimitRule, R as RateLimitStore, S as RedirectCallbackConfig, ar as ResolvedFlags, X as RouteAuditConfig, ak as SearchQueryInput, ae as SearchQuerySchema, $ as SecuritySession, am as SignupInput, ag as SignupSchema, a8 as SlugSchema, aM as StandardAuditActionType, aL as StandardAuditActions, Z as StandardRateLimitPresets, T as TokenRefreshResult, bh as URL_DOMAIN_PATTERN, bg as URL_PROTOCOL_PATTERN, a5 as WrapperPresets, av as buildAllowlist, Q as buildAuthCookies, a4 as buildErrorBody, V as buildKeycloakCallbacks, l as buildPagination, a3 as buildRateLimitHeaders, aD as buildRateLimitResponseHeaders, U as buildRedirectCallback, I as buildTokenRefreshParams, u as checkEnvVars, aA as checkRateLimit, i as classifyError, aY as clearStoredBetaCode, c as constantTimeEqual, f as containsHtml, d as containsUrls, aQ as createAuditActor, aR as createAuditLogger, aT as createBetaClient, au as createFeatureFlags, az as createMemoryRateLimitStore, ab as createSafeTextSchema, be as defangUrl, at as detectStage, e as escapeHtml, aN as extractAuditIp, aP as extractAuditRequestId, aO as extractAuditUserAgent, a2 as extractClientIp, aU as fetchBetaSettings, ba as generateBetaCode, bc as generateBetaId, r as getBoolEnv, h as getCorrelationId, L as getEndSessionEndpoint, w as getEnvSummary, t as getIntEnv, q as getOptionalEnv, aB as getRateLimitStatus, p as getRequiredEnv, aX as getStoredBetaCode, J as getTokenEndpoint, G as hasAllRoles, F as hasAnyRole, D as hasRole, aw as isAllowlisted, j as isApiError, H as isTokenExpired, bb as normalizeBetaCode, B as parseKeycloakRoles, M as refreshKeycloakToken, aC as resetRateLimitForKey, aE as resolveIdentifier, a1 as resolveRateLimitIdentifier, g as sanitizeApiError, bf as sanitizeForEmail, aW as storeBetaCode, s as stripHtml, aV as validateBetaCode, v as validateEnvVars } from './env-jqNJdZVt.mjs';
+import { aS as IBeta, aT as BetaConfig, aU as BetaSettings, aV as UpdateBetaSettingsOptions, aW as CreateBetaCodesOptions, aX as BetaInviteCode, aY as ListBetaCodesOptions, aZ as BetaValidationResult, a_ as BetaConsumeResult, a$ as BetaTester, b0 as BetaStats, b1 as BetaCodeUsageReport } from './env-DHPZR3Lv.mjs';
+export { al as AllowlistConfig, A as ApiError, d as ApiErrorCode, f as ApiErrorCodeType, h as ApiPaginatedResponse, Q as ApiSecurityConfig, V as ApiSecurityContext, g as ApiSuccessResponse, aD as AuditRequest, H as AuthCookiesConfig, N as AuthMethod, aL as BetaClientConfig, b6 as BetaCodeStatus, C as CommonApiErrors, ar as CommonRateLimits, ac as DateRangeInput, a6 as DateRangeSchema, ag as DeploymentStage, aa as EmailInput, $ as EmailSchema, E as EnvValidationConfig, p as EnvValidationResult, ai as FlagDefinition, aj as FlagDefinitions, ah as FlagValue, r as KEYCLOAK_DEFAULT_ROLES, F as KeycloakCallbacksConfig, K as KeycloakConfig, G as KeycloakJwtFields, q as KeycloakTokenSet, ae as LoginInput, a8 as LoginSchema, b2 as MemoryBeta, ay as OpsAuditActor, aA as OpsAuditEvent, aC as OpsAuditLoggerOptions, aB as OpsAuditRecord, az as OpsAuditResource, b7 as PG_ERROR_MAP, ab as PaginationInput, a5 as PaginationSchema, a0 as PasswordSchema, a3 as PersonNameSchema, a2 as PhoneSchema, aq as RateLimitCheckResult, b as RateLimitOptions, P as RateLimitPreset, a as RateLimitRule, R as RateLimitStore, J as RedirectCallbackConfig, ak as ResolvedFlags, O as RouteAuditConfig, ad as SearchQueryInput, a7 as SearchQuerySchema, U as SecuritySession, af as SignupInput, a9 as SignupSchema, a1 as SlugSchema, aF as StandardAuditActionType, aE as StandardAuditActions, S as StandardRateLimitPresets, T as TokenRefreshResult, _ as WrapperPresets, ao as buildAllowlist, I as buildAuthCookies, Z as buildErrorBody, M as buildKeycloakCallbacks, e as buildPagination, Y as buildRateLimitHeaders, aw as buildRateLimitResponseHeaders, L as buildRedirectCallback, y as buildTokenRefreshParams, n as checkEnvVars, at as checkRateLimit, c as classifyError, aR as clearStoredBetaCode, aJ as createAuditActor, aK as createAuditLogger, aM as createBetaClient, an as createFeatureFlags, as as createMemoryRateLimitStore, a4 as createSafeTextSchema, am as detectStage, aG as extractAuditIp, aI as extractAuditRequestId, aH as extractAuditUserAgent, X as extractClientIp, aN as fetchBetaSettings, b3 as generateBetaCode, b5 as generateBetaId, l as getBoolEnv, B as getEndSessionEndpoint, o as getEnvSummary, m as getIntEnv, k as getOptionalEnv, au as getRateLimitStatus, j as getRequiredEnv, aQ as getStoredBetaCode, z as getTokenEndpoint, w as hasAllRoles, u as hasAnyRole, t as hasRole, ap as isAllowlisted, i as isApiError, x as isTokenExpired, b4 as normalizeBetaCode, s as parseKeycloakRoles, D as refreshKeycloakToken, av as resetRateLimitForKey, ax as resolveIdentifier, W as resolveRateLimitIdentifier, aP as storeBetaCode, aO as validateBetaCode, v as validateEnvVars } from './env-DHPZR3Lv.mjs';
+export { H as HTML_TAG_PATTERN, i as URL_DOMAIN_PATTERN, U as URL_PROTOCOL_PATTERN, c as constantTimeEqual, b as containsHtml, a as containsUrls, f as defangUrl, e as escapeHtml, g as getCorrelationId, d as sanitizeApiError, h as sanitizeForEmail, s as stripHtml } from './security-BvLXaQkv.mjs';
 export { NextHeaderEntry, SecurityHeaderPresets, SecurityHeadersConfig, generateSecurityHeaders } from './security-headers.mjs';
 import { SupabaseClient } from '@supabase/supabase-js';
 import { Pool } from 'pg';

package/dist/index.d.ts

@@ -1,8 +1,9 @@
 import { p as ILogger, q as IMetrics, I as IPlatform, P as PlatformHealthStatus, u as MetricsSummary, v as ICrypto, w as EncryptOptions, x as EncryptedField, D as DeterministicEncryptedField, K as KeyRotationResult, y as CryptoKeyMetadata, e as IDatabase, k as IQueryBuilder, Q as QueryResult, l as ICache, m as IStorage, U as UploadOptions, S as StorageFile, n as IEmail, t as EmailMessage, z as EmailResult, o as IQueue, s as JobOptions, J as Job, R as RepeatOptions, A as JobState, B as JobEventType, F as JobEventHandler, G as IAI, H as AIConfig, L as AIChatRequest, O as AIChatResponse, T as AIStreamChunk, V as AIStreamCallback, W as AICompletionRequest, X as AICompletionResponse, Y as AIEmbeddingRequest, Z as AIEmbeddingResponse, _ as AIModelConfig, $ as AIModelType, a0 as AIProvider, a1 as IRAG, a2 as RAGConfig, a3 as CreateCollectionOptions, a4 as RAGCollection, a5 as RAGDocument, a6 as IngestionOptions, a7 as BulkIngestionResult, a8 as IngestionResult, a9 as DocumentStatus, aa as RAGChunk, ab as RAGSearchQuery, ac as RAGSearchResponse, ad as RAGSearchResult, ae as ContextAssemblyConfig, af as AssembledContext, ag as RAGPipeline } from './ConsoleEmail-ubSVWgTa.js';
 export { aI as AIChatChoice, br as AIConfigSchema, aO as AIError, aN as AIErrorCode, aC as AIErrorMessages, aJ as AIFinishReason, aF as AIMessage, bk as AIProviderSchema, aE as AIRole, aM as AIRouterConfig, aH as AITool, aG as AIToolCall, aK as AIUsageInfo, am as BackoffOptions, by as BulkheadConfigSchema, bI as CacheConfig, bn as CacheConfigSchema, be as CacheProviderSchema, aS as ChunkingConfig, aQ as ChunkingPresets, aR as ChunkingStrategy, bw as CircuitBreakerConfigSchema, C as ConsoleEmail, h as ConsoleLogger, aX as CryptoAlgorithm, bP as CryptoConfig, bt as CryptoConfigSchema, aW as CryptoKeyStatus, bH as DatabaseConfig, bm as DatabaseConfigSchema, bd as DatabaseProviderSchema, b7 as EmailAddress, b8 as EmailAttachment, bK as EmailConfig, bp as EmailConfigSchema, bg as EmailProviderSchema, E as EnvSecrets, aw as GetSecretOptions, as as HistogramStats, ah as ICacheOptions, r as ISecrets, b1 as ISpan, b0 as ITracing, aj as JobContext, ak as JobEvent, ai as JobResult, ap as LogEntry, an as LogLevel, bj as LogLevelSchema, ao as LogMeta, aq as LoggerConfig, bA as LoggingConfigSchema, aD as MemoryAI, a as MemoryCache, M as MemoryDatabase, c as MemoryEmail, i as MemoryMetrics, d as MemoryQueue, aP as MemoryRAG, f as MemorySecrets, b as MemoryStorage, a_ as MemoryTracing, ar as MetricTags, bB as MetricsConfigSchema, bO as MiddlewareConfig, bE as MiddlewareConfigSchema, N as NoopLogger, j as NoopMetrics, a$ as NoopTracing, bN as ObservabilityConfig, bD as ObservabilityConfigSchema, bG as PlatformConfig, bF as PlatformConfigSchema, bL as QueueConfig, bq as QueueConfigSchema, bh as QueueProviderSchema, al as QueueStats, bs as RAGConfigSchema, aU as RAGFilter, aV as RAGPipelineStep, bl as RAGProviderSchema, bM as ResilienceConfig, bz as ResilienceConfigSchema, bv as RetryConfigSchema, ay as RotateSecretOptions, az as RotationResult, aL as RoutingStrategy, aT as SearchMode, au as Secret, av as SecretMetadata, bQ as SecurityConfig, bu as SecurityConfigSchema, ax as SetSecretOptions, b2 as SpanContext, bc as SpanEvent, b5 as SpanKind, b3 as SpanOptions, b4 as SpanStatus, bb as SpanStatusCode, bJ as StorageConfig, bo as StorageConfigSchema, bf as StorageProviderSchema, bx as TimeoutConfigSchema, at as TimingStats, b6 as TracingConfig, bC as TracingConfigSchema, bi as TracingProviderSchema, b9 as calculateBackoff, aA as createAIError, g as createPlatform, aY as createPlatformAsync, aZ as createScopedMetrics, ba as generateJobId, bU as getDefaultConfig, aB as isAIError, bR as loadConfig, bT as safeValidateConfig, bS as validateConfig } from './ConsoleEmail-ubSVWgTa.js';
 export { w as IMigrationDatabase, I as IMigrator, q as Migration, r as MigrationRecord, t as MigrationResult, u as MigrationStatus, M as Migrator, v as MigratorConfig, S as SQL, o as createBetaInvitesTable, n as createBetaSettingsTable, p as createBetaTestersTable, f as createDomainVerificationsTable, c as createMigration, b as createSsoOidcConfigsTable, m as createSsoSessionsTable, k as createTenantInvitationsTable, j as createTenantMembersTable, l as createTenantUsageTable, i as createTenantsTable, h as createVerifiedDomainsTable, d as defineMigration, e as enterpriseMigrations, g as generateVersion, a as getEnterpriseMigrations, s as sqlMigration } from './index-DzQ0Js5Z.js';
-import { aZ as IBeta, a_ as BetaConfig, a$ as BetaSettings, b0 as UpdateBetaSettingsOptions, b1 as CreateBetaCodesOptions, b2 as BetaInviteCode, b3 as ListBetaCodesOptions, b4 as BetaValidationResult, b5 as BetaConsumeResult, b6 as BetaTester, b7 as BetaStats, b8 as BetaCodeUsageReport } from './env-jqNJdZVt.js';
-export { as as AllowlistConfig, A as ApiError, k as ApiErrorCode, m as ApiErrorCodeType, o as ApiPaginatedResponse, _ as ApiSecurityConfig, a0 as ApiSecurityContext, n as ApiSuccessResponse, aK as AuditRequest, P as AuthCookiesConfig, W as AuthMethod, aS as BetaClientConfig, bd as BetaCodeStatus, C as CommonApiErrors, ay as CommonRateLimits, aj as DateRangeInput, ad as DateRangeSchema, an as DeploymentStage, ah as EmailInput, a6 as EmailSchema, E as EnvValidationConfig, x as EnvValidationResult, ap as FlagDefinition, aq as FlagDefinitions, ao as FlagValue, bi as HTML_TAG_PATTERN, z as KEYCLOAK_DEFAULT_ROLES, N as KeycloakCallbacksConfig, K as KeycloakConfig, O as KeycloakJwtFields, y as KeycloakTokenSet, al as LoginInput, af as LoginSchema, b9 as MemoryBeta, aF as OpsAuditActor, aH as OpsAuditEvent, aJ as OpsAuditLoggerOptions, aI as OpsAuditRecord, aG as OpsAuditResource, bj as PG_ERROR_MAP, ai as PaginationInput, ac as PaginationSchema, a7 as PasswordSchema, aa as PersonNameSchema, a9 as PhoneSchema, ax as RateLimitCheckResult, b as RateLimitOptions, Y as RateLimitPreset, a as RateLimitRule, R as RateLimitStore, S as RedirectCallbackConfig, ar as ResolvedFlags, X as RouteAuditConfig, ak as SearchQueryInput, ae as SearchQuerySchema, $ as SecuritySession, am as SignupInput, ag as SignupSchema, a8 as SlugSchema, aM as StandardAuditActionType, aL as StandardAuditActions, Z as StandardRateLimitPresets, T as TokenRefreshResult, bh as URL_DOMAIN_PATTERN, bg as URL_PROTOCOL_PATTERN, a5 as WrapperPresets, av as buildAllowlist, Q as buildAuthCookies, a4 as buildErrorBody, V as buildKeycloakCallbacks, l as buildPagination, a3 as buildRateLimitHeaders, aD as buildRateLimitResponseHeaders, U as buildRedirectCallback, I as buildTokenRefreshParams, u as checkEnvVars, aA as checkRateLimit, i as classifyError, aY as clearStoredBetaCode, c as constantTimeEqual, f as containsHtml, d as containsUrls, aQ as createAuditActor, aR as createAuditLogger, aT as createBetaClient, au as createFeatureFlags, az as createMemoryRateLimitStore, ab as createSafeTextSchema, be as defangUrl, at as detectStage, e as escapeHtml, aN as extractAuditIp, aP as extractAuditRequestId, aO as extractAuditUserAgent, a2 as extractClientIp, aU as fetchBetaSettings, ba as generateBetaCode, bc as generateBetaId, r as getBoolEnv, h as getCorrelationId, L as getEndSessionEndpoint, w as getEnvSummary, t as getIntEnv, q as getOptionalEnv, aB as getRateLimitStatus, p as getRequiredEnv, aX as getStoredBetaCode, J as getTokenEndpoint, G as hasAllRoles, F as hasAnyRole, D as hasRole, aw as isAllowlisted, j as isApiError, H as isTokenExpired, bb as normalizeBetaCode, B as parseKeycloakRoles, M as refreshKeycloakToken, aC as resetRateLimitForKey, aE as resolveIdentifier, a1 as resolveRateLimitIdentifier, g as sanitizeApiError, bf as sanitizeForEmail, aW as storeBetaCode, s as stripHtml, aV as validateBetaCode, v as validateEnvVars } from './env-jqNJdZVt.js';
+import { aS as IBeta, aT as BetaConfig, aU as BetaSettings, aV as UpdateBetaSettingsOptions, aW as CreateBetaCodesOptions, aX as BetaInviteCode, aY as ListBetaCodesOptions, aZ as BetaValidationResult, a_ as BetaConsumeResult, a$ as BetaTester, b0 as BetaStats, b1 as BetaCodeUsageReport } from './env-DHPZR3Lv.js';
+export { al as AllowlistConfig, A as ApiError, d as ApiErrorCode, f as ApiErrorCodeType, h as ApiPaginatedResponse, Q as ApiSecurityConfig, V as ApiSecurityContext, g as ApiSuccessResponse, aD as AuditRequest, H as AuthCookiesConfig, N as AuthMethod, aL as BetaClientConfig, b6 as BetaCodeStatus, C as CommonApiErrors, ar as CommonRateLimits, ac as DateRangeInput, a6 as DateRangeSchema, ag as DeploymentStage, aa as EmailInput, $ as EmailSchema, E as EnvValidationConfig, p as EnvValidationResult, ai as FlagDefinition, aj as FlagDefinitions, ah as FlagValue, r as KEYCLOAK_DEFAULT_ROLES, F as KeycloakCallbacksConfig, K as KeycloakConfig, G as KeycloakJwtFields, q as KeycloakTokenSet, ae as LoginInput, a8 as LoginSchema, b2 as MemoryBeta, ay as OpsAuditActor, aA as OpsAuditEvent, aC as OpsAuditLoggerOptions, aB as OpsAuditRecord, az as OpsAuditResource, b7 as PG_ERROR_MAP, ab as PaginationInput, a5 as PaginationSchema, a0 as PasswordSchema, a3 as PersonNameSchema, a2 as PhoneSchema, aq as RateLimitCheckResult, b as RateLimitOptions, P as RateLimitPreset, a as RateLimitRule, R as RateLimitStore, J as RedirectCallbackConfig, ak as ResolvedFlags, O as RouteAuditConfig, ad as SearchQueryInput, a7 as SearchQuerySchema, U as SecuritySession, af as SignupInput, a9 as SignupSchema, a1 as SlugSchema, aF as StandardAuditActionType, aE as StandardAuditActions, S as StandardRateLimitPresets, T as TokenRefreshResult, _ as WrapperPresets, ao as buildAllowlist, I as buildAuthCookies, Z as buildErrorBody, M as buildKeycloakCallbacks, e as buildPagination, Y as buildRateLimitHeaders, aw as buildRateLimitResponseHeaders, L as buildRedirectCallback, y as buildTokenRefreshParams, n as checkEnvVars, at as checkRateLimit, c as classifyError, aR as clearStoredBetaCode, aJ as createAuditActor, aK as createAuditLogger, aM as createBetaClient, an as createFeatureFlags, as as createMemoryRateLimitStore, a4 as createSafeTextSchema, am as detectStage, aG as extractAuditIp, aI as extractAuditRequestId, aH as extractAuditUserAgent, X as extractClientIp, aN as fetchBetaSettings, b3 as generateBetaCode, b5 as generateBetaId, l as getBoolEnv, B as getEndSessionEndpoint, o as getEnvSummary, m as getIntEnv, k as getOptionalEnv, au as getRateLimitStatus, j as getRequiredEnv, aQ as getStoredBetaCode, z as getTokenEndpoint, w as hasAllRoles, u as hasAnyRole, t as hasRole, ap as isAllowlisted, i as isApiError, x as isTokenExpired, b4 as normalizeBetaCode, s as parseKeycloakRoles, D as refreshKeycloakToken, av as resetRateLimitForKey, ax as resolveIdentifier, W as resolveRateLimitIdentifier, aP as storeBetaCode, aO as validateBetaCode, v as validateEnvVars } from './env-DHPZR3Lv.js';
+export { H as HTML_TAG_PATTERN, i as URL_DOMAIN_PATTERN, U as URL_PROTOCOL_PATTERN, c as constantTimeEqual, b as containsHtml, a as containsUrls, f as defangUrl, e as escapeHtml, g as getCorrelationId, d as sanitizeApiError, h as sanitizeForEmail, s as stripHtml } from './security-BvLXaQkv.js';
 export { NextHeaderEntry, SecurityHeaderPresets, SecurityHeadersConfig, generateSecurityHeaders } from './security-headers.js';
 import { SupabaseClient } from '@supabase/supabase-js';
 import { Pool } from 'pg';

package/dist/index.js

@@ -14363,7 +14363,10 @@ var MemoryBeta = class {
       return { valid: false, message: "This invite code has expired." };
     }
     if (invite.currentUses >= invite.maxUses) {
-      return { valid: false, message: "This invite code has reached its usage limit." };
+      return {
+        valid: false,
+        message: "This invite code has reached its usage limit."
+      };
     }
     return {
       valid: true,
@@ -14413,7 +14416,9 @@ var MemoryBeta = class {
   async getStats() {
     const codes = Array.from(this.codes.values());
     const activeCodes = codes.filter((c) => c.isActive);
-    const testers = Array.from(this.testers.values()).filter((t) => t.isBetaTester);
+    const testers = Array.from(this.testers.values()).filter(
+      (t) => t.isBetaTester
+    );
     const joinDates = testers.map((t) => t.betaJoinedAt).sort((a, b) => a.getTime() - b.getTime());
     return {
       totalBetaTesters: testers.length,
@@ -19242,14 +19247,11 @@ function createBetaClient(config = {}) {
 async function fetchBetaSettings(config = {}) {
   const cfg = { ...DEFAULT_CONFIG, ...config };
   try {
-    const response = await fetch(
-      `${cfg.baseUrl}${cfg.settingsEndpoint}`,
-      {
-        method: "GET",
-        headers: { "Content-Type": "application/json" },
-        cache: "no-store"
-      }
-    );
+    const response = await fetch(`${cfg.baseUrl}${cfg.settingsEndpoint}`, {
+      method: "GET",
+      headers: { "Content-Type": "application/json" },
+      cache: "no-store"
+    });
     if (!response.ok) {
       throw new Error(`Failed to fetch beta settings: ${response.status}`);
     }
@@ -19277,14 +19279,11 @@ async function validateBetaCode(code, config = {}) {
     };
   }
   try {
-    const response = await fetch(
-      `${cfg.baseUrl}${cfg.validateEndpoint}`,
-      {
-        method: "POST",
-        headers: { "Content-Type": "application/json" },
-        body: JSON.stringify({ code: code.trim().toUpperCase() })
-      }
-    );
+    const response = await fetch(`${cfg.baseUrl}${cfg.validateEndpoint}`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ code: code.trim().toUpperCase() })
+    });
     if (response.status === 429) {
       return {
         valid: false,
@@ -31444,17 +31443,20 @@ var PostgresBeta = class {
           updated_by VARCHAR(255)
         )
       `);
-      await client.query(`
+      await client.query(
+        `
         INSERT INTO ${this.t("beta_settings")} (key, value, description) VALUES
           ('beta_mode', $1, 'Whether the app is in beta mode'),
           ('require_invite_code', $2, 'Whether an invite code is required to sign up'),
           ('beta_message', $3, 'Message displayed during beta')
         ON CONFLICT (key) DO NOTHING
-      `, [
-        String(this.config.defaultBetaMode),
-        String(this.config.defaultRequireInviteCode),
-        this.config.defaultBetaMessage
-      ]);
+      `,
+        [
+          String(this.config.defaultBetaMode),
+          String(this.config.defaultRequireInviteCode),
+          this.config.defaultBetaMessage
+        ]
+      );
       await client.query(`
         CREATE TABLE IF NOT EXISTS ${this.t("beta_invites")} (
           id VARCHAR(255) PRIMARY KEY,
@@ -31529,7 +31531,10 @@ var PostgresBeta = class {
         updates.push({ key: "beta_mode", value: String(options.betaMode) });
       }
       if (options.requireInviteCode !== void 0) {
-        updates.push({ key: "require_invite_code", value: String(options.requireInviteCode) });
+        updates.push({
+          key: "require_invite_code",
+          value: String(options.requireInviteCode)
+        });
       }
       if (options.betaMessage !== void 0) {
         updates.push({ key: "beta_message", value: options.betaMessage });
@@ -31588,7 +31593,9 @@ var PostgresBeta = class {
           }
         }
         if (!inserted) {
-          throw new Error(`Failed to generate unique code after ${attempts} attempts`);
+          throw new Error(
+            `Failed to generate unique code after ${attempts} attempts`
+          );
         }
         if (options.code) break;
       }
@@ -31699,7 +31706,10 @@ var PostgresBeta = class {
         return { valid: false, message: "This invite code has expired." };
       }
       if (existRow.current_uses >= existRow.max_uses) {
-        return { valid: false, message: "This invite code has reached its usage limit." };
+        return {
+          valid: false,
+          message: "This invite code has reached its usage limit."
+        };
       }
       return { valid: false, message: "Invalid invite code." };
     }