@donotdev/security 0.0.1 → 0.0.3

package/dist/client/HealthMonitor.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"HealthMonitor.d.ts","sourceRoot":"","sources":["../../src/client/HealthMonitor.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;GAUG;AAEH,MAAM,MAAM,YAAY,GAAG,SAAS,GAAG,UAAU,GAAG,WAAW,CAAC;AAEhE,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAwDD,MAAM,WAAW,mBAAoB,SAAQ,oBAAoB;IAC/D;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAiB;IACzC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAsB;IAC7C,OAAO,CAAC,OAAO,CAA2B;IAC1C;;;;OAIG;IACH,OAAO,CAAC,QAAQ,CAAS;gBAEb,MAAM,GAAE,mBAAwB;IAK5C;;;;OAIG;IACH,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,MAAM,OAAO,CAAC,CAAC,CAAC;IAuClD,qCAAqC;IACrC,IAAI,MAAM,IAAI,YAAY,CAEzB;IAED;;;OAGG;IACG,aAAa,IAAI,OAAO,CAAC,OAAO,CAAC;CAWxC"}
+{"version":3,"file":"HealthMonitor.d.ts","sourceRoot":"","sources":["../../src/client/HealthMonitor.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;GAUG;AAEH,MAAM,MAAM,YAAY,GAAG,SAAS,GAAG,UAAU,GAAG,WAAW,CAAC;AAEhE,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AA2DD,MAAM,WAAW,mBAAoB,SAAQ,oBAAoB;IAC/D;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAiB;IACzC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAsB;IAC7C,OAAO,CAAC,OAAO,CAA2B;IAC1C;;;;OAIG;IACH,OAAO,CAAC,QAAQ,CAAS;gBAEb,MAAM,GAAE,mBAAwB;IAK5C;;;;OAIG;IACH,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,MAAM,OAAO,CAAC,CAAC,CAAC;IA2ClD,qCAAqC;IACrC,IAAI,MAAM,IAAI,YAAY,CAEzB;IAED;;;OAGG;IACG,aAAa,IAAI,OAAO,CAAC,OAAO,CAAC;CAWxC"}

package/dist/client/index.d.ts

@@ -1,6 +1,6 @@
 export { HealthMonitor } from './HealthMonitor';
-export type { HealthMonitorConfig, HealthStatus, CircuitBreakerConfig } from './HealthMonitor';
-export type { SecurityContext, AuditEvent, AuditEventType } from '../common/SecurityConfig';
+export type { HealthMonitorConfig, HealthStatus, CircuitBreakerConfig, } from './HealthMonitor';
+export type { SecurityContext, AuditEvent, AuditEventType, } from '../common/SecurityConfig';
 export { AuthHardening } from '../common/AuthHardening';
-export type { AuthHardeningConfig, LockoutResult } from '../common/AuthHardening';
+export type { AuthHardeningConfig, LockoutResult, } from '../common/AuthHardening';
 //# sourceMappingURL=index.d.ts.map

package/dist/client/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,YAAY,EAAE,mBAAmB,EAAE,YAAY,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAG/F,YAAY,EAAE,eAAe,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAG5F,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,YAAY,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,YAAY,EACV,mBAAmB,EACnB,YAAY,EACZ,oBAAoB,GACrB,MAAM,iBAAiB,CAAC;AAGzB,YAAY,EACV,eAAe,EACf,UAAU,EACV,cAAc,GACf,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,YAAY,EACV,mBAAmB,EACnB,aAAa,GACd,MAAM,yBAAyB,CAAC"}

package/dist/common/SecurityConfig.d.ts

@@ -7,5 +7,5 @@
  * @since 0.0.1
  * @author AMBROISE PARK Consulting
  */
-export type { AuditEventType, AuditEvent, SecurityContext, AuthHardeningContext, ServerRateLimitConfig, ServerRateLimitResult, RateLimitBackend } from '@donotdev/core';
+export type { AuditEventType, AuditEvent, SecurityContext, AuthHardeningContext, ServerRateLimitConfig, ServerRateLimitResult, RateLimitBackend, } from '@donotdev/core';
 //# sourceMappingURL=SecurityConfig.d.ts.map

package/dist/common/SecurityConfig.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SecurityConfig.d.ts","sourceRoot":"","sources":["../../src/common/SecurityConfig.ts"],"names":[],"mappings":"AAEA;;;;;;;;GAQG;AAEH,YAAY,EAAE,cAAc,EAAE,UAAU,EAAE,eAAe,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC"}
+{"version":3,"file":"SecurityConfig.d.ts","sourceRoot":"","sources":["../../src/common/SecurityConfig.ts"],"names":[],"mappings":"AAEA;;;;;;;;GAQG;AAEH,YAAY,EACV,cAAc,EACd,UAAU,EACV,eAAe,EACf,oBAAoB,EACpB,qBAAqB,EACrB,qBAAqB,EACrB,gBAAgB,GACjB,MAAM,gBAAgB,CAAC"}

package/dist/common/index.d.ts

@@ -1,2 +1,2 @@
-export type { AuditEventType, AuditEvent, SecurityContext } from './SecurityConfig';
+export type { AuditEventType, AuditEvent, SecurityContext, } from './SecurityConfig';
 //# sourceMappingURL=index.d.ts.map

package/dist/common/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/common/index.ts"],"names":[],"mappings":"AAEA,YAAY,EAAE,cAAc,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/common/index.ts"],"names":[],"mappings":"AAEA,YAAY,EACV,cAAc,EACd,UAAU,EACV,eAAe,GAChB,MAAM,kBAAkB,CAAC"}

package/dist/index.d.ts

@@ -1,6 +1,6 @@
 export { HealthMonitor } from './client/HealthMonitor';
-export type { HealthMonitorConfig, HealthStatus, CircuitBreakerConfig } from './client/HealthMonitor';
-export type { SecurityContext, AuditEvent, AuditEventType } from './common/SecurityConfig';
+export type { HealthMonitorConfig, HealthStatus, CircuitBreakerConfig, } from './client/HealthMonitor';
+export type { SecurityContext, AuditEvent, AuditEventType, } from './common/SecurityConfig';
 export { AuthHardening } from './common/AuthHardening';
-export type { AuthHardeningConfig, LockoutResult } from './common/AuthHardening';
+export type { AuthHardeningConfig, LockoutResult, } from './common/AuthHardening';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,YAAY,EAAE,mBAAmB,EAAE,YAAY,EAAE,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AAEtG,YAAY,EAAE,eAAe,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAG3F,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,YAAY,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,YAAY,EACV,mBAAmB,EACnB,YAAY,EACZ,oBAAoB,GACrB,MAAM,wBAAwB,CAAC;AAEhC,YAAY,EACV,eAAe,EACf,UAAU,EACV,cAAc,GACf,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,YAAY,EACV,mBAAmB,EACnB,aAAa,GACd,MAAM,wBAAwB,CAAC"}

package/dist/server/AnomalyDetector.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"AnomalyDetector.d.ts","sourceRoot":"","sources":["../../src/server/AnomalyDetector.ts"],"names":[],"mappings":"AAEA;;;;;;;;GAQG;AAEH,MAAM,MAAM,WAAW,GACnB,eAAe,GACf,cAAc,GACd,YAAY,GACZ,cAAc,GACd,qBAAqB,CAAC;AAE1B,MAAM,WAAW,iBAAiB;IAChC;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;;;;OAKG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;;;GAKG;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,KAAK,IAAI,CAAC;AA8BzF,qBAAa,eAAe;IAC1B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAmC;IAC5D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAA8B;IACzD,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAiB;gBAE/B,UAAU,GAAE,iBAAsB,EAAE,SAAS,CAAC,EAAE,cAAc;IA0B1E;;;;OAIG;IACH,MAAM,CAAC,IAAI,EAAE,WAAW,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI;IA4BhD,OAAO,CAAC,YAAY;IAUpB,OAAO,CAAC,aAAa;IAQrB,8DAA8D;IAC9D,QAAQ,CAAC,IAAI,EAAE,WAAW,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM;CAOrD"}
+{"version":3,"file":"AnomalyDetector.d.ts","sourceRoot":"","sources":["../../src/server/AnomalyDetector.ts"],"names":[],"mappings":"AAEA;;;;;;;;GAQG;AAEH,MAAM,MAAM,WAAW,GACnB,eAAe,GACf,cAAc,GACd,YAAY,GACZ,cAAc,GACd,qBAAqB,CAAC;AAE1B,MAAM,WAAW,iBAAiB;IAChC;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;;;;OAKG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;;;GAKG;AACH,MAAM,MAAM,cAAc,GAAG,CAC3B,IAAI,EAAE,WAAW,EACjB,KAAK,EAAE,MAAM,EACb,MAAM,CAAC,EAAE,MAAM,KACZ,IAAI,CAAC;AA8BV,qBAAa,eAAe;IAC1B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAmC;IAC5D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAA8B;IACzD,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAiB;gBAE/B,UAAU,GAAE,iBAAsB,EAAE,SAAS,CAAC,EAAE,cAAc;IA4B1E;;;;OAIG;IACH,MAAM,CAAC,IAAI,EAAE,WAAW,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI;IA4BhD,OAAO,CAAC,YAAY;IAepB,OAAO,CAAC,aAAa;IAQrB,8DAA8D;IAC9D,QAAQ,CAAC,IAAI,EAAE,WAAW,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM;CAOrD"}

package/dist/server/AuditLogger.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"AuditLogger.d.ts","sourceRoot":"","sources":["../../src/server/AuditLogger.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AAE3D,MAAM,WAAW,kBAAkB;IACjC,kCAAkC;IAClC,KAAK,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IAC5C,+DAA+D;IAC/D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,iEAAiE;IACjE,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,IAAI,CAAC;CAClD;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAA2C;IACjE,OAAO,CAAC,QAAQ,CAAC,KAAK,CAA2C;gBAErD,IAAI,GAAE,kBAAuB;IAqBzC;;;OAGG;IACH,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,GAAG;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI;CAUzE"}
+{"version":3,"file":"AuditLogger.d.ts","sourceRoot":"","sources":["../../src/server/AuditLogger.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AAE3D,MAAM,WAAW,kBAAkB;IACjC,kCAAkC;IAClC,KAAK,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IAC5C,+DAA+D;IAC/D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,iEAAiE;IACjE,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,IAAI,CAAC;CAClD;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAA2C;IACjE,OAAO,CAAC,QAAQ,CAAC,KAAK,CAA2C;gBAErD,IAAI,GAAE,kBAAuB;IAuBzC;;;OAGG;IACH,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,GAAG;QAAE,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI;CAUzE"}

package/dist/server/AuthHardening.d.ts

@@ -1,3 +1,3 @@
 export { AuthHardening } from '../common/AuthHardening';
-export type { AuthHardeningConfig, LockoutResult } from '../common/AuthHardening';
+export type { AuthHardeningConfig, LockoutResult, } from '../common/AuthHardening';
 //# sourceMappingURL=AuthHardening.d.ts.map

package/dist/server/AuthHardening.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"AuthHardening.d.ts","sourceRoot":"","sources":["../../src/server/AuthHardening.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,YAAY,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC"}
+{"version":3,"file":"AuthHardening.d.ts","sourceRoot":"","sources":["../../src/server/AuthHardening.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AACxD,YAAY,EACV,mBAAmB,EACnB,aAAa,GACd,MAAM,yBAAyB,CAAC"}

package/dist/server/DndevSecurity.d.ts

@@ -29,7 +29,7 @@ export interface DndevSecurityConfig {
      * Store in your secret manager — never in code.
      */
     piiSecret?: string;
-    /** PII encryption salt override (default: 'dndev-pii-v1') */
+    /** PII encryption salt — required when piiSecret is set (no default) */
     piiSalt?: string;
     /** Rate limiter options (default: 100 writes/min, 500 reads/min) */
     rateLimit?: RateLimiterOptions;

package/dist/server/DndevSecurity.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"DndevSecurity.d.ts","sourceRoot":"","sources":["../../src/server/DndevSecurity.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAGlD,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACxD,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACxD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAC3D,OAAO,KAAK,EAAE,iBAAiB,EAAE,cAAc,EAAe,MAAM,mBAAmB,CAAC;AACxF,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,KAAK,EAAE,eAAe,EAAE,UAAU,EAAE,oBAAoB,EAAE,gBAAgB,EAAyB,MAAM,0BAA0B,CAAC;AAE3I,MAAM,WAAW,mBAAmB;IAClC;;;;OAIG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,6DAA6D;IAC7D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,oEAAoE;IACpE,SAAS,CAAC,EAAE,kBAAkB,CAAC;IAC/B,+EAA+E;IAC/E,IAAI,CAAC,EAAE,mBAAmB,CAAC;IAC3B,6CAA6C;IAC7C,OAAO,CAAC,EAAE,iBAAiB,GAAG;QAAE,SAAS,CAAC,EAAE,cAAc,CAAA;KAAE,CAAC;IAC7D,qDAAqD;IACrD,SAAS,CAAC,EAAE,eAAe,EAAE,CAAC;IAC9B,qDAAqD;IACrD,MAAM,CAAC,EAAE,kBAAkB,CAAC;IAC5B;;;;;;;;;;;;OAYG;IACH,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;CACrC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AACH,qBAAa,aAAc,YAAW,eAAe;IACnD,4CAA4C;IAC5C,QAAQ,CAAC,WAAW,EAAE,WAAW,CAAC;IAClC,oFAAoF;IACpF,QAAQ,CAAC,WAAW,EAAE,gBAAgB,CAAC;IACvC,2DAA2D;IAC3D,QAAQ,CAAC,YAAY,EAAE,YAAY,GAAG,IAAI,CAAC;IAC3C;;;;OAIG;IACH,QAAQ,CAAC,aAAa,EAAE,aAAa,GAAG,oBAAoB,CAAC;IAC7D,2DAA2D;IAC3D,QAAQ,CAAC,eAAe,EAAE,eAAe,CAAC;IAC1C,6DAA6D;IAC7D,QAAQ,CAAC,cAAc,EAAE,cAAc,CAAC;IACxC,2FAA2F;IAC3F,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAmB;IACtD,sFAAsF;IACtF,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAwB;IAC5D,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAwB;gBAE/C,MAAM,GAAE,mBAAwB;IAkC5C;;OAEG;IACH,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,GAAG,IAAI;IAOjD;;;;;OAKG;IACG,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAqB7E,gFAAgF;IAChF,UAAU,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,CAAC;IAK9E,8DAA8D;IAC9D,UAAU,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,CAAC;IAK9E;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAMxC;IAEH,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI;CASnD"}
+{"version":3,"file":"DndevSecurity.d.ts","sourceRoot":"","sources":["../../src/server/DndevSecurity.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACxD,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACxD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAC3D,OAAO,KAAK,EACV,iBAAiB,EACjB,cAAc,EAEf,MAAM,mBAAmB,CAAC;AAC3B,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,KAAK,EACV,eAAe,EACf,UAAU,EACV,oBAAoB,EACpB,gBAAgB,EAEjB,MAAM,0BAA0B,CAAC;AAElC,MAAM,WAAW,mBAAmB;IAClC;;;;OAIG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,wEAAwE;IACxE,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,oEAAoE;IACpE,SAAS,CAAC,EAAE,kBAAkB,CAAC;IAC/B,+EAA+E;IAC/E,IAAI,CAAC,EAAE,mBAAmB,CAAC;IAC3B,6CAA6C;IAC7C,OAAO,CAAC,EAAE,iBAAiB,GAAG;QAAE,SAAS,CAAC,EAAE,cAAc,CAAA;KAAE,CAAC;IAC7D,qDAAqD;IACrD,SAAS,CAAC,EAAE,eAAe,EAAE,CAAC;IAC9B,qDAAqD;IACrD,MAAM,CAAC,EAAE,kBAAkB,CAAC;IAC5B;;;;;;;;;;;;OAYG;IACH,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;CACrC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AACH,qBAAa,aAAc,YAAW,eAAe;IACnD,4CAA4C;IAC5C,QAAQ,CAAC,WAAW,EAAE,WAAW,CAAC;IAClC,oFAAoF;IACpF,QAAQ,CAAC,WAAW,EAAE,gBAAgB,CAAC;IACvC,2DAA2D;IAC3D,QAAQ,CAAC,YAAY,EAAE,YAAY,GAAG,IAAI,CAAC;IAC3C;;;;OAIG;IACH,QAAQ,CAAC,aAAa,EAAE,aAAa,GAAG,oBAAoB,CAAC;IAC7D,2DAA2D;IAC3D,QAAQ,CAAC,eAAe,EAAE,eAAe,CAAC;IAC1C,6DAA6D;IAC7D,QAAQ,CAAC,cAAc,EAAE,cAAc,CAAC;IACxC,2FAA2F;IAC3F,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAmB;IACtD,sFAAsF;IACtF,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAwB;IAC5D,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAwB;gBAE/C,MAAM,GAAE,mBAAwB;IAwC5C;;OAEG;IACH,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,GAAG,IAAI;IAKjD;;;;;OAKG;IACG,cAAc,CAClB,GAAG,EAAE,MAAM,EACX,SAAS,EAAE,MAAM,GAAG,OAAO,GAC1B,OAAO,CAAC,IAAI,CAAC;IAuBhB,gFAAgF;IAChF,UAAU,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC1C,IAAI,EAAE,CAAC,EACP,SAAS,EAAE,MAAM,EAAE,GAClB,CAAC;IAKJ,8DAA8D;IAC9D,UAAU,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC1C,IAAI,EAAE,CAAC,EACP,SAAS,EAAE,MAAM,EAAE,GAClB,CAAC;IAKJ;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAOtC;IAEL,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI;CASnD"}

package/dist/server/DndevSecurity.js

@@ -1 +1 @@
-import{AuditLogger as n}from"./AuditLogger";import{DndevRateLimiter as o}from"./RateLimiter";import{PiiEncryptor as d}from"./PiiEncryptor";import{AuthHardening as s}from"./AuthHardening";import{AnomalyDetector as c}from"./AnomalyDetector";import{PrivacyManager as m}from"./PrivacyManager";import{scrubSecrets as l}from"./SecretValidator";class i{auditLogger;rateLimiter;piiEncryptor;authHardening;anomalyDetector;privacyManager;_rateLimitBackend;_backendWriteConfig;_backendReadConfig;constructor(t={}){if(this.auditLogger=new n(t.logger),this.rateLimiter=new o(t.rateLimit),t.piiSecret&&!t.piiSalt)throw new Error("[dndev/security] DndevSecurity: PII encryption requires both piiSecret and piiSalt configuration. Provide a per-deployment unique salt stored in your secret manager.");this.piiEncryptor=t.piiSecret&&t.piiSalt?new d(t.piiSecret,t.piiSalt):null,this.authHardening=new s(t.auth),this.anomalyDetector=new c(t.anomaly,t.anomaly?.onAnomaly),this.privacyManager=new m(t.retention),this._rateLimitBackend=t.rateLimitBackend;const e=(t.rateLimit?.writes?.durationSeconds??60)*1e3,r=(t.rateLimit?.reads?.durationSeconds??60)*1e3;this._backendWriteConfig={maxAttempts:t.rateLimit?.writes?.points??100,windowMs:e,blockDurationMs:e},this._backendReadConfig={maxAttempts:t.rateLimit?.reads?.points??500,windowMs:r,blockDurationMs:r}}audit(t){const e=t.metadata?l(t.metadata):void 0;this.auditLogger.log({...t,metadata:e})}async checkRateLimit(t,e){if(this._rateLimitBackend){const r=e==="write"?this._backendWriteConfig:this._backendReadConfig,a=await this._rateLimitBackend.check(t,r);if(!a.allowed)throw this.anomalyDetector.record("rate_limit.exceeded",t),new Error(`Rate limit exceeded. Try again in ${a.blockRemainingSeconds} seconds.`);return}try{await this.rateLimiter.check(t,e)}catch(r){throw this.anomalyDetector.record("rate_limit.exceeded",t),r}}encryptPii(t,e){return!this.piiEncryptor||e.length===0?t:this.piiEncryptor.encryptFields(t,e)}decryptPii(t,e){return!this.piiEncryptor||e.length===0?t:this.piiEncryptor.decryptFields(t,e)}static VALID_ANOMALY_TYPES=new Set(["auth.failures","bulk.deletes","bulk.reads","bulk.exports","rate_limit.exceeded"]);recordAnomaly(t,e){if(!i.VALID_ANOMALY_TYPES.has(t))throw new Error(`[dndev/security] DndevSecurity: unknown anomaly type "${t}". Valid types: ${[...i.VALID_ANOMALY_TYPES].join(", ")}`);this.anomalyDetector.record(t,e)}}export{i as DndevSecurity};
+import{AuditLogger as o}from"./AuditLogger";import{DndevRateLimiter as s}from"./RateLimiter";import{PiiEncryptor as c}from"./PiiEncryptor";import{AuthHardening as d}from"./AuthHardening";import{AnomalyDetector as m}from"./AnomalyDetector";import{PrivacyManager as l}from"./PrivacyManager";class i{auditLogger;rateLimiter;piiEncryptor;authHardening;anomalyDetector;privacyManager;_rateLimitBackend;_backendWriteConfig;_backendReadConfig;constructor(t={}){if(this.auditLogger=new o(t.logger),this.rateLimiter=new s(t.rateLimit),t.piiSecret&&!t.piiSalt)throw new Error("[dndev/security] DndevSecurity: PII encryption requires both piiSecret and piiSalt configuration. Provide a per-deployment unique salt stored in your secret manager.");this.piiEncryptor=t.piiSecret&&t.piiSalt?new c(t.piiSecret,t.piiSalt):null,this.authHardening=new d(t.auth),this.anomalyDetector=new m(t.anomaly,t.anomaly?.onAnomaly),this.privacyManager=new l(t.retention),this._rateLimitBackend=t.rateLimitBackend;const e=(t.rateLimit?.writes?.durationSeconds??60)*1e3,r=(t.rateLimit?.reads?.durationSeconds??60)*1e3;this._backendWriteConfig={maxAttempts:t.rateLimit?.writes?.points??100,windowMs:e,blockDurationMs:e},this._backendReadConfig={maxAttempts:t.rateLimit?.reads?.points??500,windowMs:r,blockDurationMs:r}}audit(t){this.auditLogger.log(t)}async checkRateLimit(t,e){if(this._rateLimitBackend){const r=e==="write"?this._backendWriteConfig:this._backendReadConfig,a=await this._rateLimitBackend.check(t,r);if(!a.allowed){this.anomalyDetector.record("rate_limit.exceeded",t);const n=a.blockRemainingSeconds??"a few";throw new Error(`Rate limit exceeded. Try again in ${n} seconds.`)}return}try{await this.rateLimiter.check(t,e)}catch(r){throw this.anomalyDetector.record("rate_limit.exceeded",t),r}}encryptPii(t,e){return!this.piiEncryptor||e.length===0?t:this.piiEncryptor.encryptFields(t,e)}decryptPii(t,e){return!this.piiEncryptor||e.length===0?t:this.piiEncryptor.decryptFields(t,e)}static VALID_ANOMALY_TYPES=new Set(["auth.failures","bulk.deletes","bulk.reads","bulk.exports","rate_limit.exceeded"]);recordAnomaly(t,e){if(!i.VALID_ANOMALY_TYPES.has(t))throw new Error(`[dndev/security] DndevSecurity: unknown anomaly type "${t}". Valid types: ${[...i.VALID_ANOMALY_TYPES].join(", ")}`);this.anomalyDetector.record(t,e)}}export{i as DndevSecurity};

package/dist/server/PiiEncryptor.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"PiiEncryptor.d.ts","sourceRoot":"","sources":["../../src/server/PiiEncryptor.ts"],"names":[],"mappings":"AAmCA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAE7B;;;;;OAKG;gBACS,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM;IAexC;;;OAGG;IACH,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM;IAWlC;;;;OAIG;IACH,OAAO,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM;IA8BnC;;;OAGG;IACH,aAAa,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,CAAC;IAYjF;;;;OAIG;IACH,OAAO,CAAC,WAAW;IAgBnB,gFAAgF;IAChF,OAAO,IAAI,IAAI;IAIf,iDAAiD;IACjD,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI;IAIxB;;;;OAIG;IACH,aAAa,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,CAAC;CAYlF"}
+{"version":3,"file":"PiiEncryptor.d.ts","sourceRoot":"","sources":["../../src/server/PiiEncryptor.ts"],"names":[],"mappings":"AAmCA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAE7B;;;;;OAKG;gBACS,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM;IAiBxC;;;OAGG;IACH,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM;IAWlC;;;;OAIG;IACH,OAAO,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM;IAgCnC;;;OAGG;IACH,aAAa,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC7C,IAAI,EAAE,CAAC,EACP,SAAS,EAAE,MAAM,EAAE,GAClB,CAAC;IAYJ;;;;OAIG;IACH,OAAO,CAAC,WAAW;IAgBnB,gFAAgF;IAChF,OAAO,IAAI,IAAI;IAIf,iDAAiD;IACjD,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI;IAIxB;;;;OAIG;IACH,aAAa,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC7C,IAAI,EAAE,CAAC,EACP,SAAS,EAAE,MAAM,EAAE,GAClB,CAAC;CAYL"}

package/dist/server/RateLimiter.d.ts

@@ -8,7 +8,7 @@
  * briefly double the effective rate. Use a Redis-backed backend with a true
  * sliding-window for strict rate control in production.
  *
- * For distributed (multi-replica) deployments, implement RateLimiterBackend
+ * For distributed (multi-replica) deployments, implement RateLimitStorageBackend
  * and provide a Redis-backed implementation.
  *
  * @version 0.0.1
@@ -28,7 +28,7 @@ export interface RateLimitWindow {
  * @since 0.0.1
  * @author AMBROISE PARK Consulting
  */
-export interface RateLimiterBackend {
+export interface RateLimitStorageBackend {
     increment(key: string, windowMs: number): Promise<number>;
     reset(key: string): Promise<void>;
 }
@@ -41,7 +41,7 @@ export interface RateLimiterBackend {
  * @since 0.0.1
  * @author AMBROISE PARK Consulting
  */
-export declare class MemoryRateLimiterBackend implements RateLimiterBackend {
+export declare class MemoryRateLimitStorageBackend implements RateLimitStorageBackend {
     private readonly store;
     increment(key: string, windowMs: number): Promise<number>;
     reset(key: string): Promise<void>;
@@ -50,8 +50,8 @@ export declare class MemoryRateLimiterBackend implements RateLimiterBackend {
 export interface RateLimiterOptions {
     writes?: Partial<RateLimitWindow>;
     reads?: Partial<RateLimitWindow>;
-    /** Custom backend (default: MemoryRateLimiterBackend) */
-    backend?: RateLimiterBackend;
+    /** Custom backend (default: MemoryRateLimitStorageBackend) */
+    backend?: RateLimitStorageBackend;
 }
 /**
  * Rate limiter with separate write/read limits (SOC2 CC6.6).

package/dist/server/RateLimiter.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"RateLimiter.d.ts","sourceRoot":"","sources":["../../src/server/RateLimiter.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;;;;;;;GAgBG;AAEH,MAAM,WAAW,eAAe;IAC9B,sEAAsE;IACtE,MAAM,EAAE,MAAM,CAAC;IACf,+CAA+C;IAC/C,eAAe,EAAE,MAAM,CAAC;CACzB;AASD;;;;;;GAMG;AACH,MAAM,WAAW,kBAAkB;IACjC,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC1D,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACnC;AAKD;;;;;;;;GAQG;AACH,qBAAa,wBAAyB,YAAW,kBAAkB;IACjE,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAkC;IAElD,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAiBzD,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIvC,OAAO,CAAC,aAAa;CAStB;AAED,MAAM,WAAW,kBAAkB;IACjC,MAAM,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IAClC,KAAK,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IACjC,yDAAyD;IACzD,OAAO,CAAC,EAAE,kBAAkB,CAAC;CAC9B;AAED;;;;;;;;;;;;GAYG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAqB;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAkB;IACzC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAkB;gBAE5B,IAAI,GAAE,kBAAuB;IAYzC;;;OAGG;IACG,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;CAWrE"}
+{"version":3,"file":"RateLimiter.d.ts","sourceRoot":"","sources":["../../src/server/RateLimiter.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;;;;;;;GAgBG;AAEH,MAAM,WAAW,eAAe;IAC9B,sEAAsE;IACtE,MAAM,EAAE,MAAM,CAAC;IACf,+CAA+C;IAC/C,eAAe,EAAE,MAAM,CAAC;CACzB;AASD;;;;;;GAMG;AACH,MAAM,WAAW,uBAAuB;IACtC,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC1D,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACnC;AAKD;;;;;;;;GAQG;AACH,qBAAa,6BAA8B,YAAW,uBAAuB;IAC3E,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAkC;IAElD,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAiBzD,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIvC,OAAO,CAAC,aAAa;CAStB;AAED,MAAM,WAAW,kBAAkB;IACjC,MAAM,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IAClC,KAAK,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IACjC,8DAA8D;IAC9D,OAAO,CAAC,EAAE,uBAAuB,CAAC;CACnC;AAED;;;;;;;;;;;;GAYG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAA0B;IAClD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAkB;IACzC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAkB;gBAE5B,IAAI,GAAE,kBAAuB;IAYzC;;;OAGG;IACG,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;CAWrE"}

package/dist/server/RateLimiter.js

@@ -1 +1 @@
-const c=1e4;class o{store=new Map;async increment(t,s){const e=Date.now(),n=this.store.get(t);return!n||e-n.windowStart>s?(!n&&this.store.size>=1e4&&this._evictExpired(e),this.store.set(t,{count:1,windowStart:e,windowMs:s}),1):(n.count+=1,n.count)}async reset(t){this.store.delete(t)}_evictExpired(t){for(const[s,e]of this.store)t-e.windowStart>e.windowMs&&this.store.delete(s)}}class d{backend;writes;reads;constructor(t={}){this.backend=t.backend??new o,this.writes={points:t.writes?.points??100,durationSeconds:t.writes?.durationSeconds??60},this.reads={points:t.reads?.points??500,durationSeconds:t.reads?.durationSeconds??60}}async check(t,s){const e=s==="write"?this.writes:this.reads,n=e.durationSeconds*1e3,i=await this.backend.increment(`${s}:${t}`,n);if(i>e.points)throw new Error(`Rate limit exceeded: ${i}/${e.points} ${s} requests in ${e.durationSeconds}s`)}}export{d as DndevRateLimiter,o as MemoryRateLimiterBackend};
+const c=1e4;class o{store=new Map;async increment(t,s){const e=Date.now(),n=this.store.get(t);return!n||e-n.windowStart>s?(!n&&this.store.size>=1e4&&this._evictExpired(e),this.store.set(t,{count:1,windowStart:e,windowMs:s}),1):(n.count+=1,n.count)}async reset(t){this.store.delete(t)}_evictExpired(t){for(const[s,e]of this.store)t-e.windowStart>e.windowMs&&this.store.delete(s)}}class d{backend;writes;reads;constructor(t={}){this.backend=t.backend??new o,this.writes={points:t.writes?.points??100,durationSeconds:t.writes?.durationSeconds??60},this.reads={points:t.reads?.points??500,durationSeconds:t.reads?.durationSeconds??60}}async check(t,s){const e=s==="write"?this.writes:this.reads,n=e.durationSeconds*1e3,i=await this.backend.increment(`${s}:${t}`,n);if(i>e.points)throw new Error(`Rate limit exceeded: ${i}/${e.points} ${s} requests in ${e.durationSeconds}s`)}}export{d as DndevRateLimiter,o as MemoryRateLimitStorageBackend};

package/dist/server/SecretValidator.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SecretValidator.d.ts","sourceRoot":"","sources":["../../src/server/SecretValidator.ts"],"names":[],"mappings":"AAqCA;;;;;;;;;;;GAWG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAsBpD;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI,CAmBnE"}
+{"version":3,"file":"SecretValidator.d.ts","sourceRoot":"","sources":["../../src/server/SecretValidator.ts"],"names":[],"mappings":"AAsCA;;;;;;;;;;;GAWG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAwBpD;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI,CAmBnE"}

package/dist/server/index.d.ts

@@ -1,16 +1,16 @@
 export { AuditLogger } from './AuditLogger';
 export type { AuditLoggerOptions } from './AuditLogger';
-export { DndevRateLimiter, MemoryRateLimiterBackend } from './RateLimiter';
-export type { RateLimiterBackend, RateLimiterOptions, RateLimitWindow } from './RateLimiter';
+export { DndevRateLimiter, MemoryRateLimitStorageBackend } from './RateLimiter';
+export type { RateLimitStorageBackend, RateLimiterOptions, RateLimitWindow, } from './RateLimiter';
 export { PiiEncryptor } from './PiiEncryptor';
 export { AuthHardening } from './AuthHardening';
 export type { AuthHardeningConfig, LockoutResult } from './AuthHardening';
 export { AnomalyDetector } from './AnomalyDetector';
-export type { AnomalyThresholds, AnomalyHandler, AnomalyType } from './AnomalyDetector';
+export type { AnomalyThresholds, AnomalyHandler, AnomalyType, } from './AnomalyDetector';
 export { PrivacyManager } from './PrivacyManager';
-export type { RetentionPolicy, ErasureRequest, ErasureResult } from './PrivacyManager';
+export type { RetentionPolicy, ErasureRequest, ErasureResult, } from './PrivacyManager';
 export { scrubSecrets, assertNoSecrets } from './SecretValidator';
 export { DndevSecurity } from './DndevSecurity';
 export type { DndevSecurityConfig } from './DndevSecurity';
-export type { SecurityContext, AuditEvent, AuditEventType } from '../common/SecurityConfig';
+export type { SecurityContext, AuditEvent, AuditEventType, RateLimitBackend, ServerRateLimitConfig, ServerRateLimitResult, AuthHardeningContext, } from '../common/SecurityConfig';
 //# sourceMappingURL=index.d.ts.map

package/dist/server/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,YAAY,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAExD,OAAO,EAAE,gBAAgB,EAAE,wBAAwB,EAAE,MAAM,eAAe,CAAC;AAC3E,YAAY,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAE7F,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,YAAY,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAE1E,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,YAAY,EAAE,iBAAiB,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAExF,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,YAAY,EAAE,eAAe,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEvF,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAElE,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,YAAY,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAG3D,YAAY,EAAE,eAAe,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,YAAY,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAExD,OAAO,EAAE,gBAAgB,EAAE,6BAA6B,EAAE,MAAM,eAAe,CAAC;AAChF,YAAY,EACV,uBAAuB,EACvB,kBAAkB,EAClB,eAAe,GAChB,MAAM,eAAe,CAAC;AAEvB,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,YAAY,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAE1E,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,YAAY,EACV,iBAAiB,EACjB,cAAc,EACd,WAAW,GACZ,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,YAAY,EACV,eAAe,EACf,cAAc,EACd,aAAa,GACd,MAAM,kBAAkB,CAAC;AAE1B,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAElE,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,YAAY,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAG3D,YAAY,EACV,eAAe,EACf,UAAU,EACV,cAAc,EACd,gBAAgB,EAChB,qBAAqB,EACrB,qBAAqB,EACrB,oBAAoB,GACrB,MAAM,0BAA0B,CAAC"}

package/dist/server/index.js

@@ -1 +1 @@
-import{AuditLogger as o}from"./AuditLogger";import{DndevRateLimiter as m,MemoryRateLimiterBackend as i}from"./RateLimiter";import{PiiEncryptor as p}from"./PiiEncryptor";import{AuthHardening as f}from"./AuthHardening";import{AnomalyDetector as x}from"./AnomalyDetector";import{PrivacyManager as s}from"./PrivacyManager";import{scrubSecrets as g,assertNoSecrets as u}from"./SecretValidator";import{DndevSecurity as A}from"./DndevSecurity";export{x as AnomalyDetector,o as AuditLogger,f as AuthHardening,m as DndevRateLimiter,A as DndevSecurity,i as MemoryRateLimiterBackend,p as PiiEncryptor,s as PrivacyManager,u as assertNoSecrets,g as scrubSecrets};
+import{AuditLogger as o}from"./AuditLogger";import{DndevRateLimiter as m,MemoryRateLimitStorageBackend as a}from"./RateLimiter";import{PiiEncryptor as p}from"./PiiEncryptor";import{AuthHardening as f}from"./AuthHardening";import{AnomalyDetector as x}from"./AnomalyDetector";import{PrivacyManager as g}from"./PrivacyManager";import{scrubSecrets as y,assertNoSecrets as u}from"./SecretValidator";import{DndevSecurity as v}from"./DndevSecurity";export{x as AnomalyDetector,o as AuditLogger,f as AuthHardening,m as DndevRateLimiter,v as DndevSecurity,a as MemoryRateLimitStorageBackend,p as PiiEncryptor,g as PrivacyManager,u as assertNoSecrets,y as scrubSecrets};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@donotdev/security",
-  "version": "0.0.1",
+  "version": "0.0.3",
   "private": false,
   "type": "module",
   "license": "SEE LICENSE IN LICENSE.md",
@@ -22,13 +22,13 @@
   "scripts": {
     "dev": "tsc --noEmit --watch --listFiles false --listEmittedFiles false",
     "clean": "rimraf dist tsconfig.tsbuildinfo",
-    "type-check": "tsc --noEmit",
+    "type-check": "bunx tsc --noEmit",
     "test": "vitest run",
     "test:watch": "vitest"
   },
   "dependencies": {},
   "peerDependencies": {
-    "@donotdev/core": "^0.0.24"
+    "@donotdev/core": "^0.0.25"
   },
   "files": [
     "dist",