npm - @easyflow/javascript-sdk - Versions diffs - 2.1.7 → 2.1.9 - Mend

@easyflow/javascript-sdk 2.1.7 → 2.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (94) hide show

package/README.md +294 -713
package/dist/index.d.ts +421 -0
package/package.json +19 -6
package/.babelrc +0 -5
package/.github/workflows/deploy-sdk-cf.yml +0 -49
package/.github/workflows/release-sdk-cdn.yml +0 -144
package/.github/workflows/release-sdk.yml +0 -112
package/.prettierrc +0 -6
package/CDN-DEPLOYMENT.md +0 -175
package/DEMO.md +0 -258
package/DEPLOYMENT.md +0 -224
package/INTEGRATION-GUIDE.md +0 -521
package/coverage/base.css +0 -224
package/coverage/block-navigation.js +0 -87
package/coverage/easyflow-javascript-sdk/index.html +0 -116
package/coverage/easyflow-javascript-sdk/libs/constants.mjs.html +0 -268
package/coverage/easyflow-javascript-sdk/libs/errors.mjs.html +0 -271
package/coverage/easyflow-javascript-sdk/libs/exception-handler.mjs.html +0 -148
package/coverage/easyflow-javascript-sdk/libs/fingerprint.mjs.html +0 -895
package/coverage/easyflow-javascript-sdk/libs/http.mjs.html +0 -502
package/coverage/easyflow-javascript-sdk/libs/index.html +0 -266
package/coverage/easyflow-javascript-sdk/libs/logger.mjs.html +0 -568
package/coverage/easyflow-javascript-sdk/libs/sanitizer.mjs.html +0 -1099
package/coverage/easyflow-javascript-sdk/libs/security.mjs.html +0 -733
package/coverage/easyflow-javascript-sdk/libs/types.mjs.html +0 -508
package/coverage/easyflow-javascript-sdk/libs/utils.mjs.html +0 -379
package/coverage/easyflow-javascript-sdk/libs/validator.mjs.html +0 -2623
package/coverage/easyflow-javascript-sdk/sdk.mjs.html +0 -2434
package/coverage/favicon.png +0 -0
package/coverage/index.html +0 -131
package/coverage/lcov-report/base.css +0 -224
package/coverage/lcov-report/block-navigation.js +0 -87
package/coverage/lcov-report/easyflow-javascript-sdk/index.html +0 -116
package/coverage/lcov-report/easyflow-javascript-sdk/libs/constants.mjs.html +0 -268
package/coverage/lcov-report/easyflow-javascript-sdk/libs/errors.mjs.html +0 -271
package/coverage/lcov-report/easyflow-javascript-sdk/libs/exception-handler.mjs.html +0 -148
package/coverage/lcov-report/easyflow-javascript-sdk/libs/fingerprint.mjs.html +0 -895
package/coverage/lcov-report/easyflow-javascript-sdk/libs/http.mjs.html +0 -502
package/coverage/lcov-report/easyflow-javascript-sdk/libs/index.html +0 -266
package/coverage/lcov-report/easyflow-javascript-sdk/libs/logger.mjs.html +0 -568
package/coverage/lcov-report/easyflow-javascript-sdk/libs/sanitizer.mjs.html +0 -1099
package/coverage/lcov-report/easyflow-javascript-sdk/libs/security.mjs.html +0 -733
package/coverage/lcov-report/easyflow-javascript-sdk/libs/types.mjs.html +0 -508
package/coverage/lcov-report/easyflow-javascript-sdk/libs/utils.mjs.html +0 -379
package/coverage/lcov-report/easyflow-javascript-sdk/libs/validator.mjs.html +0 -2623
package/coverage/lcov-report/easyflow-javascript-sdk/sdk.mjs.html +0 -2434
package/coverage/lcov-report/favicon.png +0 -0
package/coverage/lcov-report/index.html +0 -131
package/coverage/lcov-report/prettify.css +0 -1
package/coverage/lcov-report/prettify.js +0 -2
package/coverage/lcov-report/sort-arrow-sprite.png +0 -0
package/coverage/lcov-report/sorter.js +0 -196
package/coverage/lcov.info +0 -1429
package/coverage/prettify.css +0 -1
package/coverage/prettify.js +0 -2
package/coverage/sort-arrow-sprite.png +0 -0
package/coverage/sorter.js +0 -196
package/dist/435.easyflow-sdk.min.js +0 -1
package/dist/easyflow-sdk.min.js +0 -1
package/dist/easyflow-sdk.min.js.LICENSE.txt +0 -1
package/dist/index.html +0 -756
package/docs/index.html +0 -775
package/examples/lovable-integration.html +0 -410
package/index.html +0 -981
package/jest.config.js +0 -37
package/jsdoc.json +0 -42
package/libs/auto-integration.mjs +0 -333
package/libs/constants.mjs +0 -61
package/libs/constants.spec.js +0 -198
package/libs/errors.mjs +0 -62
package/libs/errors.spec.js +0 -178
package/libs/exception-handler.mjs +0 -21
package/libs/exception-handler.spec.js +0 -237
package/libs/fingerprint.mjs +0 -270
package/libs/http.mjs +0 -163
package/libs/http.spec.js +0 -427
package/libs/integration-wrapper.mjs +0 -285
package/libs/logger.mjs +0 -161
package/libs/logger.spec.js +0 -389
package/libs/sanitizer.mjs +0 -340
package/libs/sanitizer.spec.js +0 -583
package/libs/security.mjs +0 -217
package/libs/types.mjs +0 -141
package/libs/utils.mjs +0 -368
package/libs/utils.spec.js +0 -231
package/libs/validator.mjs +0 -952
package/libs/validator.spec.js +0 -615
package/mocks/offer.mock.js +0 -77
package/scripts/publish-npm.sh +0 -82
package/sdk.mjs +0 -945
package/sdk.spec.js +0 -796
package/test-setup.cjs +0 -211
package/test.html +0 -154
package/webpack.config.cjs +0 -41

package/libs/sanitizer.spec.js DELETED Viewed

@@ -1,583 +0,0 @@
-import { jest } from '@jest/globals'
-import { Sanitizer, sanitizeOrderData } from './sanitizer.mjs'
-// Mock deepClone
-jest.mock('./utils.mjs', () => ({
-    deepClone: jest.fn((data) => JSON.parse(JSON.stringify(data))),
-}))
-describe('Sanitizer', () => {
-    describe('sanitizeHeaders', () => {
-        test('should remove dangerous headers', () => {
-            const headers = {
-                'Content-Type': 'application/json',
-                'x-forwarded-for': 'malicious-ip',
-                Authorization: 'Bearer token',
-                'x-real-ip': 'another-malicious-ip',
-            }
-            const result = Sanitizer.sanitizeHeaders(headers)
-            expect(result).toEqual({
-                'Content-Type': 'application/json',
-                Authorization: 'Bearer token',
-            })
-            expect(result['x-forwarded-for']).toBeUndefined()
-            expect(result['x-real-ip']).toBeUndefined()
-        })
-        test('should handle case-insensitive header names', () => {
-            const headers = {
-                'X-Forwarded-For': 'malicious-ip',
-                'X-REAL-IP': 'another-malicious-ip',
-                'Content-Type': 'application/json',
-            }
-            const result = Sanitizer.sanitizeHeaders(headers)
-            expect(result).toEqual({
-                'Content-Type': 'application/json',
-            })
-        })
-        test('should return empty object for empty headers', () => {
-            const result = Sanitizer.sanitizeHeaders({})
-            expect(result).toEqual({})
-        })
-        test('should handle undefined headers', () => {
-            const result = Sanitizer.sanitizeHeaders(undefined)
-            expect(result).toEqual({})
-        })
-        test('should preserve safe headers', () => {
-            const headers = {
-                'Content-Type': 'application/json',
-                Authorization: 'Bearer token',
-                'User-Agent': 'Mozilla/5.0',
-                Accept: 'application/json',
-            }
-            const result = Sanitizer.sanitizeHeaders(headers)
-            expect(result).toEqual(headers)
-        })
-    })
-    describe('sanitizeInput', () => {
-        test('should sanitize string with dangerous characters', () => {
-            const input = '<script>alert("xss")</script>'
-            const result = Sanitizer.sanitizeInput(input)
-            expect(result).toBe('scriptalert("xss")/script')
-        })
-        test('should remove javascript: protocol', () => {
-            const input = 'javascript:alert("xss")'
-            const result = Sanitizer.sanitizeInput(input)
-            expect(result).toBe('alert("xss")')
-        })
-        test('should remove data: protocol', () => {
-            const input = 'data:text/html,<script>alert("xss")</script>'
-            const result = Sanitizer.sanitizeInput(input)
-            expect(result).toBe('text/html,scriptalert("xss")/script')
-        })
-        test('should remove vbscript: protocol', () => {
-            const input = 'vbscript:msgbox("xss")'
-            const result = Sanitizer.sanitizeInput(input)
-            expect(result).toBe('msgbox("xss")')
-        })
-        test('should trim whitespace', () => {
-            const input = '  test value  '
-            const result = Sanitizer.sanitizeInput(input)
-            expect(result).toBe('test value')
-        })
-        test('should return non-string values unchanged', () => {
-            expect(Sanitizer.sanitizeInput(123)).toBe(123)
-            expect(Sanitizer.sanitizeInput(true)).toBe(true)
-            expect(Sanitizer.sanitizeInput(null)).toBe(null)
-            expect(Sanitizer.sanitizeInput(undefined)).toBe(undefined)
-            expect(Sanitizer.sanitizeInput({})).toEqual({})
-            expect(Sanitizer.sanitizeInput([])).toEqual([])
-        })
-        test('should handle empty string', () => {
-            const result = Sanitizer.sanitizeInput('')
-            expect(result).toBe('')
-        })
-        test('should handle string with only dangerous characters', () => {
-            const input = '<>"\'&'
-            const result = Sanitizer.sanitizeInput(input)
-            expect(result).toBe('"\'')
-        })
-    })
-    describe('sanitizeCreditCard', () => {
-        test('should sanitize all credit card fields', () => {
-            const creditCard = {
-                cardNumber: '4111 1111 1111 1111',
-                cvv: '123',
-                month: '12',
-                year: '2025',
-                holderName: 'John Doe',
-            }
-            const result = Sanitizer.sanitizeCreditCard(creditCard)
-            expect(result).toEqual({
-                cardNumber: '4111 1111 1111 1111',
-                cvv: '123',
-                month: '12',
-                year: '2025',
-                holderName: 'John Doe',
-            })
-        })
-        test('should sanitize credit card with dangerous characters', () => {
-            const creditCard = {
-                cardNumber: '4111<script>1111</script>1111',
-                cvv: '123',
-                month: '12',
-                year: '2025',
-                holderName: '<script>alert("xss")</script>John Doe',
-            }
-            const result = Sanitizer.sanitizeCreditCard(creditCard)
-            expect(result).toEqual({
-                cardNumber: '4111script1111/script1111',
-                cvv: '123',
-                month: '12',
-                year: '2025',
-                holderName: 'scriptalert("xss")/scriptJohn Doe',
-            })
-        })
-        test('should handle missing fields', () => {
-            const creditCard = {
-                cardNumber: '4111111111111111',
-            }
-            const result = Sanitizer.sanitizeCreditCard(creditCard)
-            expect(result).toEqual({
-                cardNumber: '4111111111111111',
-                cvv: undefined,
-                month: undefined,
-                year: undefined,
-                holderName: undefined,
-            })
-        })
-    })
-})
-describe('sanitizeOrderData', () => {
-    test('should sanitize buyer information', () => {
-        const order = {
-            buyer: {
-                name: '<script>alert("xss")</script>John Doe',
-                email: 'john@example.com',
-                document: {
-                    number: '123<script>456</script>789',
-                    type: 'CPF',
-                },
-                phone: {
-                    number: '119999<script>99999</script>',
-                    areaCode: '11',
-                },
-                address: {
-                    zipCode: '01234<script>567</script>',
-                    street: 'Main Street',
-                    complement: 'Apt 123',
-                    neighborhood: 'Downtown',
-                    city: 'São Paulo',
-                    state: 'SP',
-                    number: '123',
-                },
-            },
-        }
-        const result = sanitizeOrderData(order)
-        expect(result.buyer.name).toBe('scriptalert("xss")/scriptJohn Doe')
-        expect(result.buyer.email).toBe('john@example.com')
-        expect(result.buyer.document.number).toBe('123script456/script789')
-        expect(result.buyer.document.type).toBe('CPF')
-        expect(result.buyer.phone.number).toBe('119999script99999/script')
-        expect(result.buyer.phone.areaCode).toBe('11')
-        expect(result.buyer.address.zipCode).toBe('01234script567/script')
-        expect(result.buyer.address.street).toBe('Main Street')
-        expect(result.buyer.address.complement).toBe('Apt 123')
-        expect(result.buyer.address.neighborhood).toBe('Downtown')
-        expect(result.buyer.address.city).toBe('São Paulo')
-        expect(result.buyer.address.state).toBe('SP')
-        expect(result.buyer.address.number).toBe('123')
-    })
-    test('should sanitize delivery address', () => {
-        const order = {
-            buyer: {
-                deliveryAddress: {
-                    zipCode: '01234<script>567</script>',
-                    street: 'Delivery Street',
-                    complement: 'Apt 456',
-                    neighborhood: 'Uptown',
-                    city: 'Rio de Janeiro',
-                    state: 'RJ',
-                    number: '456',
-                },
-            },
-        }
-        const result = sanitizeOrderData(order)
-        expect(result.buyer.deliveryAddress.zipCode).toBe(
-            '01234script567/script'
-        )
-        expect(result.buyer.deliveryAddress.street).toBe('Delivery Street')
-        expect(result.buyer.deliveryAddress.complement).toBe('Apt 456')
-        expect(result.buyer.deliveryAddress.neighborhood).toBe('Uptown')
-        expect(result.buyer.deliveryAddress.city).toBe('Rio de Janeiro')
-        expect(result.buyer.deliveryAddress.state).toBe('RJ')
-        expect(result.buyer.deliveryAddress.number).toBe('456')
-    })
-    test('should sanitize credit card payments', () => {
-        const order = {
-            payments: [
-                {
-                    method: 'credit-card',
-                    creditCard: {
-                        cardNumber: '4111<script>1111</script>1111',
-                        cvv: '123',
-                        month: '12',
-                        year: '2025',
-                        holderName: '<script>alert("xss")</script>John Doe',
-                    },
-                },
-            ],
-        }
-        const result = sanitizeOrderData(order)
-        expect(result.payments[0].creditCard.cardNumber).toBe(
-            '4111script1111/script1111'
-        )
-        expect(result.payments[0].creditCard.cvv).toBe('123')
-        expect(result.payments[0].creditCard.month).toBe('12')
-        expect(result.payments[0].creditCard.year).toBe('2025')
-        expect(result.payments[0].creditCard.holderName).toBe(
-            'scriptalert("xss")/scriptJohn Doe'
-        )
-    })
-    test('should sanitize order items', () => {
-        const order = {
-            items: [
-                {
-                    externalReferenceId: 'ref<script>123</script>',
-                    description: 'Product<script>description</script>',
-                    name: 'Product<script>Name</script>',
-                    quantity: 1,
-                    priceInCents: 1000,
-                },
-            ],
-        }
-        const result = sanitizeOrderData(order)
-        expect(result.items[0].externalReferenceId).toBe('refscript123/script')
-        expect(result.items[0].description).toBe(
-            'Productscriptdescription/script'
-        )
-        expect(result.items[0].name).toBe('ProductscriptName/script')
-        expect(result.items[0].quantity).toBe(1)
-        expect(result.items[0].priceInCents).toBe(1000)
-    })
-    test('should sanitize metadata', () => {
-        const order = {
-            metadata: [
-                {
-                    key: 'custom<script>key</script>',
-                    value: 'custom<script>value</script>',
-                },
-            ],
-        }
-        const result = sanitizeOrderData(order)
-        expect(result.metadata[0].key).toBe('customscriptkey/script')
-        expect(result.metadata[0].value).toBe('customscriptvalue/script')
-    })
-    test('should handle order without buyer information', () => {
-        const order = {
-            payments: [{ method: 'pix' }],
-        }
-        const result = sanitizeOrderData(order)
-        expect(result.buyer).toBeUndefined()
-        expect(result.payments).toEqual([{ method: 'pix' }])
-    })
-    test('should handle order without payments', () => {
-        const order = {
-            buyer: { name: 'John Doe' },
-        }
-        const result = sanitizeOrderData(order)
-        expect(result.buyer.name).toBe('John Doe')
-        expect(result.payments).toBeUndefined()
-    })
-    test('should handle order without items', () => {
-        const order = {
-            buyer: { name: 'John Doe' },
-        }
-        const result = sanitizeOrderData(order)
-        expect(result.buyer.name).toBe('John Doe')
-        expect(result.items).toBeUndefined()
-    })
-    test('should handle order without metadata', () => {
-        const order = {
-            buyer: { name: 'John Doe' },
-        }
-        const result = sanitizeOrderData(order)
-        expect(result.buyer.name).toBe('John Doe')
-        expect(result.metadata).toBeUndefined()
-    })
-    test('should return deep clone of original order', () => {
-        const order = {
-            buyer: { name: 'John Doe' },
-            payments: [{ method: 'pix' }],
-        }
-        const result = sanitizeOrderData(order)
-        expect(result).not.toBe(order)
-        expect(result.buyer).not.toBe(order.buyer)
-        expect(result.payments).not.toBe(order.payments)
-    })
-})
-describe('sanitizeObjectFields', () => {
-    test('should sanitize simple object with string fields', () => {
-        const obj = {
-            name: '<script>alert("xss")</script>',
-            email: 'user@example.com',
-            age: 25,
-            active: true,
-        }
-        const result = Sanitizer.sanitizeObjectFields(obj)
-        expect(result.name).toBe('scriptalert("xss")/script')
-        expect(result.email).toBe('user@example.com')
-        expect(result.age).toBe(25)
-        expect(result.active).toBe(true)
-    })
-    test('should sanitize nested objects recursively', () => {
-        const obj = {
-            user: {
-                name: '<script>malicious</script>',
-                profile: {
-                    bio: 'Bio with <strong>HTML</strong>',
-                    website: 'javascript:alert("xss")',
-                },
-            },
-            settings: {
-                theme: 'dark',
-                notifications: true,
-            },
-        }
-        const result = Sanitizer.sanitizeObjectFields(obj)
-        expect(result.user.name).toBe('scriptmalicious/script')
-        expect(result.user.profile.bio).toBe('Bio with strongHTML/strong')
-        expect(result.user.profile.website).toBe('alert("xss")')
-        expect(result.settings.theme).toBe('dark')
-        expect(result.settings.notifications).toBe(true)
-    })
-    test('should sanitize arrays of objects', () => {
-        const obj = {
-            users: [
-                {
-                    name: '<script>user1</script>',
-                    email: 'user1@example.com',
-                },
-                {
-                    name: '<script>user2</script>',
-                    email: 'user2@example.com',
-                },
-            ],
-            tags: ['tag1', '<script>malicious</script>', 'tag3'],
-        }
-        const result = Sanitizer.sanitizeObjectFields(obj)
-        expect(result.users[0].name).toBe('scriptuser1/script')
-        expect(result.users[0].email).toBe('user1@example.com')
-        expect(result.users[1].name).toBe('scriptuser2/script')
-        expect(result.users[1].email).toBe('user2@example.com')
-        expect(result.tags[0]).toBe('tag1')
-        expect(result.tags[1]).toBe('scriptmalicious/script')
-        expect(result.tags[2]).toBe('tag3')
-    })
-    test('should handle primitive values correctly', () => {
-        const obj = {
-            string: '<script>test</script>',
-            number: 42,
-            boolean: false,
-            nullValue: null,
-            undefinedValue: undefined,
-        }
-        const result = Sanitizer.sanitizeObjectFields(obj)
-        expect(result.string).toBe('scripttest/script')
-        expect(result.number).toBe(42)
-        expect(result.boolean).toBe(false)
-        expect(result.nullValue).toBe(null)
-        expect(result.undefinedValue).toBe(undefined)
-    })
-    test('should handle empty objects and arrays', () => {
-        const obj = {
-            emptyObj: {},
-            emptyArray: [],
-            nestedEmpty: {
-                empty: {},
-                array: [],
-            },
-        }
-        const result = Sanitizer.sanitizeObjectFields(obj)
-        expect(result.emptyObj).toEqual({})
-        expect(result.emptyArray).toEqual([])
-        expect(result.nestedEmpty.empty).toEqual({})
-        expect(result.nestedEmpty.array).toEqual([])
-    })
-    test('should handle null and undefined input', () => {
-        expect(Sanitizer.sanitizeObjectFields(null)).toBe(null)
-        expect(Sanitizer.sanitizeObjectFields(undefined)).toBe(undefined)
-    })
-    test('should handle non-object inputs', () => {
-        expect(
-            Sanitizer.sanitizeObjectFields('test<script>string</script>')
-        ).toBe('testscriptstring/script')
-        expect(Sanitizer.sanitizeObjectFields(123)).toBe(123)
-        expect(Sanitizer.sanitizeObjectFields(true)).toBe(true)
-        expect(Sanitizer.sanitizeObjectFields('')).toBe('')
-    })
-    test('should preserve object structure', () => {
-        const obj = {
-            level1: {
-                level2: {
-                    level3: {
-                        value: '<script>deep</script>',
-                    },
-                },
-            },
-            array: [
-                {
-                    nested: {
-                        value: '<script>nested</script>',
-                    },
-                },
-            ],
-        }
-        const result = Sanitizer.sanitizeObjectFields(obj)
-        // Verify structure is preserved
-        expect(result.level1).toBeDefined()
-        expect(result.level1.level2).toBeDefined()
-        expect(result.level1.level2.level3).toBeDefined()
-        expect(result.array).toBeDefined()
-        expect(result.array[0]).toBeDefined()
-        expect(result.array[0].nested).toBeDefined()
-        // Verify values are sanitized
-        expect(result.level1.level2.level3.value).toBe('scriptdeep/script')
-        expect(result.array[0].nested.value).toBe('scriptnested/script')
-    })
-    test('should handle circular references gracefully', () => {
-        const obj = { name: '<script>test</script>' }
-        obj.self = obj
-        // This should not cause infinite recursion
-        const result = Sanitizer.sanitizeObjectFields(obj)
-        expect(result.name).toBe('scripttest/script')
-        expect(result.self).toBeDefined()
-    })
-    test('should sanitize complex nested structures', () => {
-        const obj = {
-            company: {
-                name: 'Company<script>Name</script>',
-                departments: [
-                    {
-                        name: 'IT<script>Dept</script>',
-                        employees: [
-                            {
-                                name: 'John<script>Doe</script>',
-                                skills: [
-                                    'JavaScript',
-                                    '<script>malicious</script>',
-                                    'React',
-                                ],
-                            },
-                        ],
-                    },
-                ],
-                settings: {
-                    theme: 'light<script>theme</script>',
-                    features: {
-                        enabled: true,
-                        name: 'Feature<script>Name</script>',
-                    },
-                },
-            },
-        }
-        const result = Sanitizer.sanitizeObjectFields(obj)
-        // Verify complex structure is sanitized
-        expect(result.company.name).toBe('CompanyscriptName/script')
-        expect(result.company.departments[0].name).toBe('ITscriptDept/script')
-        expect(result.company.departments[0].employees[0].name).toBe(
-            'JohnscriptDoe/script'
-        )
-        expect(result.company.departments[0].employees[0].skills[1]).toBe(
-            'scriptmalicious/script'
-        )
-        expect(result.company.settings.theme).toBe('lightscripttheme/script')
-        expect(result.company.settings.features.name).toBe(
-            'FeaturescriptName/script'
-        )
-    })
-})