@flexorch/audit 0.5.1 → 0.7.0

package/dist/index.cjs

@@ -23,11 +23,15 @@ __export(index_exports, {
   applyMask: () => applyMask,
   audit: () => audit,
   auditBatch: () => auditBatch,
+  auditStream: () => auditStream,
+  complianceReport: () => complianceReport,
   detectPii: () => detectPii,
+  estimateTokens: () => estimateTokens,
   mask: () => mask,
   noiseMetrics: () => noiseMetrics,
   noiseRatio: () => noiseRatio,
   qualityMetrics: () => qualityMetrics,
+  redactForLlm: () => redactForLlm,
   version: () => version
 });
 module.exports = __toCommonJS(index_exports);
@@ -333,6 +337,28 @@ var _EIN_INVALID_PREFIXES = /* @__PURE__ */ new Set([
 function validEinUs(s) {
   return !_EIN_INVALID_PREFIXES.has(s.slice(0, 2));
 }
+var PESEL_PL_RE = /\b(\d{11})\b/g;
+function validPeselPl(s) {
+  if (s.length !== 11 || !/^\d+$/.test(s)) return false;
+  const weights = [1, 3, 7, 9, 1, 3, 7, 9, 1, 3];
+  const total = weights.reduce((sum, w, i) => sum + w * parseInt(s[i]), 0);
+  return (10 - total % 10) % 10 === parseInt(s[10]);
+}
+var SVNR_AT_RE = /\b(\d{10})\b/g;
+function validSvnrAt(s) {
+  if (s.length !== 10 || !/^\d+$/.test(s)) return false;
+  const weights = [3, 7, 9, 0, 5, 8, 4, 2, 1, 6];
+  const total = weights.reduce((sum, w, i) => sum + w * parseInt(s[i]), 0);
+  return total % 10 === parseInt(s[3]);
+}
+var NRRNISS_BE_RE = /\b(\d{11})\b/g;
+function validNrrnissBe(s) {
+  if (s.length !== 11 || !/^\d+$/.test(s)) return false;
+  const body = parseInt(s.slice(0, 9));
+  const check = parseInt(s.slice(9));
+  if (97 - body % 97 === check) return true;
+  return 97 - (2e9 + body) % 97 === check;
+}
 var LOCALE_DETECTORS = {
   tr: /* @__PURE__ */ new Set([
     "national_id_tr",
@@ -352,7 +378,10 @@ var LOCALE_DETECTORS = {
   it: /* @__PURE__ */ new Set(["national_id_it", "tax_id_it"]),
   nl: /* @__PURE__ */ new Set(["national_id_nl", "company_id_nl"]),
   es: /* @__PURE__ */ new Set(["national_id_es", "tax_id_es"]),
-  uk: /* @__PURE__ */ new Set(["social_id_uk", "tax_id_uk"])
+  uk: /* @__PURE__ */ new Set(["social_id_uk", "tax_id_uk"]),
+  pl: /* @__PURE__ */ new Set(["national_id_pl"]),
+  at: /* @__PURE__ */ new Set(["social_id_at"]),
+  be: /* @__PURE__ */ new Set(["national_id_be"])
 };
 var UNIVERSAL = /* @__PURE__ */ new Set(["email", "iban", "credit_card", "ip", "ip_v6"]);
 function activeDetectors(locale) {
@@ -604,6 +633,27 @@ function detectPii(text, locale = "und") {
       findings.push({ type: "company_name_intl", value: m[1], start: m.index, end: m.index + m[1].length });
     }
   }
+  if (active.has("national_id_pl")) {
+    PESEL_PL_RE.lastIndex = 0;
+    let m;
+    while ((m = PESEL_PL_RE.exec(t)) !== null) {
+      if (validPeselPl(m[1])) findings.push({ type: "national_id_pl", value: m[1], start: m.index, end: m.index + m[1].length });
+    }
+  }
+  if (active.has("social_id_at")) {
+    SVNR_AT_RE.lastIndex = 0;
+    let m;
+    while ((m = SVNR_AT_RE.exec(t)) !== null) {
+      if (validSvnrAt(m[1])) findings.push({ type: "social_id_at", value: m[1], start: m.index, end: m.index + m[1].length });
+    }
+  }
+  if (active.has("national_id_be")) {
+    NRRNISS_BE_RE.lastIndex = 0;
+    let m;
+    while ((m = NRRNISS_BE_RE.exec(t)) !== null) {
+      if (validNrrnissBe(m[1])) findings.push({ type: "national_id_be", value: m[1], start: m.index, end: m.index + m[1].length });
+    }
+  }
   findings.sort((a, b) => a.start - b.start);
   const specificIbanSpans = new Set(
     findings.filter((f) => f.type === "iban_tr" || f.type === "iban_intl").map((f) => `${f.start}:${f.end}`)
@@ -659,18 +709,56 @@ function noiseMetrics(text) {
 
 // src/mask.ts
 var import_crypto = require("crypto");
-var SYNTHETIC = {
+var TCKN_POOL = ["12345678950", "10000000146", "23456789060"];
+var IBAN_TR_POOL = ["TR330006100519786457841326", "TR390006199999888888888813"];
+var NAME_POOL = [
+  "Ahmet Yilmaz",
+  "Mehmet Demir",
+  "Ayse Kaya",
+  "Fatma Celik",
+  "Ali Sahin",
+  "Zeynep Arslan",
+  "Mustafa Ozturk",
+  "Emine Dogan",
+  "Ibrahim Kurt",
+  "Hatice Aydin",
+  "Hasan Yildiz",
+  "Elif Gunes",
+  "Huseyin Cetin",
+  "Meryem Polat",
+  "Omer Koc",
+  "Busra Tekin",
+  "Yusuf Erdogan",
+  "Selin Bozkurt",
+  "Kemal Akin",
+  "Derya Ucar"
+];
+var STATIC_SYNTHETIC = {
   email: "user@example.com",
   phone: "+1 000 000 0000",
   phone_tr: "0500 000 00 00",
-  national_id_tr: "00000000000",
+  phone_intl: "+1 000 000 0000",
   ssn: "000-00-0000",
   iban: "XX00 0000 0000 0000 0000 00",
   credit_card: "0000 0000 0000 0000",
   ip: "0.0.0.0",
-  name: "AD SOYAD"
+  ip_v6: "2001:db8::1",
+  national_id_pl: "00000000000",
+  social_id_at: "0000000000",
+  national_id_be: "00000000000"
 };
 var VALID_STRATEGIES = /* @__PURE__ */ new Set(["redact", "replace", "token", "hash"]);
+function pick(pool, seed) {
+  const h = (0, import_crypto.createHash)("sha256").update(seed).digest("hex");
+  const idx = parseInt(h.slice(0, 8), 16) % pool.length;
+  return pool[idx];
+}
+function synthetic(ptype, original) {
+  if (ptype === "national_id_tr") return pick(TCKN_POOL, original);
+  if (ptype === "iban_tr" || ptype === "iban_intl") return pick(IBAN_TR_POOL, original);
+  if (ptype === "name") return pick(NAME_POOL, original);
+  return STATIC_SYNTHETIC[ptype] ?? `[${ptype.toUpperCase()}]`;
+}
 function applyMask(text, findings, strategy = "redact") {
   if (!VALID_STRATEGIES.has(strategy)) {
     throw new Error(`Unknown strategy "${strategy}". Use: redact, replace, token, hash`);
@@ -687,7 +775,7 @@ function applyMask(text, findings, strategy = "redact") {
     if (strategy === "redact") {
       replacement = `[REDACTED_${tag}]`;
     } else if (strategy === "replace") {
-      replacement = SYNTHETIC[type] ?? `[${tag}]`;
+      replacement = synthetic(type, value);
     } else if (strategy === "token") {
       replacement = `<PII_${tag}_${counter[type]}>`;
     } else {
@@ -700,7 +788,7 @@ function applyMask(text, findings, strategy = "redact") {
 }
 
 // src/index.ts
-var version = "0.5.1";
+var version = "0.7.0";
 function computeQualityScore(completeness, avgLength, garbageRatio) {
   const lengthScore = Math.min(avgLength / 500, 1);
   const noiseScore = Math.max(0, 1 - garbageRatio * 10);
@@ -751,15 +839,87 @@ function auditBatch(texts, options = {}) {
 function mask(text, findings, options = {}) {
   return applyMask(text, findings, options.strategy ?? "redact");
 }
+async function* auditStream(texts, options = {}) {
+  for await (const text of texts) {
+    yield audit(text, options);
+  }
+}
+function redactForLlm(text, options = {}) {
+  const { strategy, ...auditOptions } = options;
+  const result = audit(text, auditOptions);
+  return mask(text, result.pii, { strategy });
+}
+function estimateTokens(text) {
+  if (!text || !text.trim()) return 0;
+  const words = text.trim().split(/\s+/).length;
+  return Math.max(1, Math.round(words * 4 / 3));
+}
+var HIGH_RISK_TYPES = /* @__PURE__ */ new Set([
+  "national_id_tr",
+  "ssn",
+  "credit_card",
+  "national_id_pl",
+  "national_id_be",
+  "social_id_at",
+  "social_id_de",
+  "social_id_uk",
+  "national_id_it",
+  "national_id_nl",
+  "national_id_es",
+  "national_id_us",
+  "tax_id_tr",
+  "tax_id_de"
+]);
+var MEDIUM_RISK_TYPES = /* @__PURE__ */ new Set([
+  "email",
+  "phone_tr",
+  "phone_intl",
+  "iban",
+  "iban_tr",
+  "iban_intl",
+  "name"
+]);
+function complianceReport(result) {
+  const types = [...new Set(result.pii.map((f) => f.type))].sort();
+  let risk_level = "none";
+  if (types.length > 0) {
+    if (types.some((t) => HIGH_RISK_TYPES.has(t))) risk_level = "high";
+    else if (types.some((t) => MEDIUM_RISK_TYPES.has(t))) risk_level = "medium";
+    else risk_level = "low";
+  }
+  const recommendations = [];
+  if (risk_level === "high" || risk_level === "medium") {
+    recommendations.push("Apply mask({ strategy: 'redact' }) before storing or sharing this text.");
+  }
+  if (risk_level === "high") {
+    recommendations.push(
+      "Review applicable regulations (KVKK Art. 6, GDPR Art. 9) for special category data handling."
+    );
+  }
+  if (recommendations.length === 0) {
+    recommendations.push("No PII detected \u2014 text is safe for LLM processing.");
+  }
+  return {
+    has_pii: types.length > 0,
+    pii_types: types,
+    risk_level,
+    masking_required: types.length > 0,
+    recommendations
+  };
+}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   applyMask,
   audit,
   auditBatch,
+  auditStream,
+  complianceReport,
   detectPii,
+  estimateTokens,
   mask,
   noiseMetrics,
   noiseRatio,
   qualityMetrics,
+  redactForLlm,
   version
 });

package/dist/index.d.cts

@@ -54,7 +54,7 @@ declare function applyMask(text: string, findings: PiiFinding[], strategy?: Mask
  * // "Contact: [REDACTED_EMAIL]"
  */
 
-declare const version = "0.5.1";
+declare const version = "0.7.0";
 type QualityGrade = "A" | "B" | "C" | "D";
 interface PiiSummaryEntry {
     type: string;
@@ -116,5 +116,57 @@ declare function auditBatch(texts: string[], options?: AuditOptions): BatchAudit
  * Apply masking to PII findings in *text*.
  */
 declare function mask(text: string, findings: PiiFinding[], options?: MaskOptions): string;
+/**
+ * Async generator that audits texts one at a time from an async iterable.
+ *
+ * Yields one AuditResult per input text. Processing is sequential.
+ *
+ * @example
+ * async function* lines() {
+ *   for (const line of data) yield line;
+ * }
+ * for await (const result of auditStream(lines())) {
+ *   console.log(result.quality_grade, result.pii_summary);
+ * }
+ */
+declare function auditStream(texts: AsyncIterable<string>, options?: AuditOptions): AsyncGenerator<AuditResult>;
+/**
+ * Audit *text* and return a PII-free version ready for LLM processing.
+ *
+ * One-shot convenience wrapper around audit() + mask(). Equivalent to:
+ *   const result = audit(text, { locale })
+ *   return mask(text, result.pii, { strategy })
+ *
+ * @example
+ * const clean = redactForLlm("TCKN: 12345678950, email: ali@example.com", { locale: "tr" })
+ * // "TCKN: [REDACTED_NATIONAL_ID_TR], email: [REDACTED_EMAIL]"
+ */
+declare function redactForLlm(text: string, options?: AuditOptions & MaskOptions): string;
+/**
+ * Estimate the token count of *text* using a word-based heuristic.
+ *
+ * Uses the standard approximation: 1 token ≈ 0.75 words (words × 4/3).
+ * No external dependencies — accuracy within ~15% of real tokenizers for
+ * English and most European languages. Treat as a planning estimate.
+ *
+ * @example
+ * estimateTokens("The quick brown fox")   // → 7
+ * estimateTokens("")                       // → 0
+ */
+declare function estimateTokens(text: string): number;
+type RiskLevel = "none" | "low" | "medium" | "high";
+interface ComplianceReport {
+    has_pii: boolean;
+    pii_types: string[];
+    risk_level: RiskLevel;
+    masking_required: boolean;
+    recommendations: string[];
+}
+/**
+ * Generate a KVKK/GDPR compliance summary for an AuditResult.
+ *
+ * This is a technical summary only — not a legal document or regulatory opinion.
+ */
+declare function complianceReport(result: AuditResult): ComplianceReport;
 
-export { type AuditOptions, type AuditResult, type BatchAuditResult, type MaskOptions, type MaskStrategy, type NoiseMetrics, type PiiFinding, type PiiSummaryEntry, type QualityGrade, type QualityMetrics, applyMask, audit, auditBatch, detectPii, mask, noiseMetrics, noiseRatio, qualityMetrics, version };
+export { type AuditOptions, type AuditResult, type BatchAuditResult, type ComplianceReport, type MaskOptions, type MaskStrategy, type NoiseMetrics, type PiiFinding, type PiiSummaryEntry, type QualityGrade, type QualityMetrics, type RiskLevel, applyMask, audit, auditBatch, auditStream, complianceReport, detectPii, estimateTokens, mask, noiseMetrics, noiseRatio, qualityMetrics, redactForLlm, version };

package/dist/index.d.ts

@@ -54,7 +54,7 @@ declare function applyMask(text: string, findings: PiiFinding[], strategy?: Mask
  * // "Contact: [REDACTED_EMAIL]"
  */
 
-declare const version = "0.5.1";
+declare const version = "0.7.0";
 type QualityGrade = "A" | "B" | "C" | "D";
 interface PiiSummaryEntry {
     type: string;
@@ -116,5 +116,57 @@ declare function auditBatch(texts: string[], options?: AuditOptions): BatchAudit
  * Apply masking to PII findings in *text*.
  */
 declare function mask(text: string, findings: PiiFinding[], options?: MaskOptions): string;
+/**
+ * Async generator that audits texts one at a time from an async iterable.
+ *
+ * Yields one AuditResult per input text. Processing is sequential.
+ *
+ * @example
+ * async function* lines() {
+ *   for (const line of data) yield line;
+ * }
+ * for await (const result of auditStream(lines())) {
+ *   console.log(result.quality_grade, result.pii_summary);
+ * }
+ */
+declare function auditStream(texts: AsyncIterable<string>, options?: AuditOptions): AsyncGenerator<AuditResult>;
+/**
+ * Audit *text* and return a PII-free version ready for LLM processing.
+ *
+ * One-shot convenience wrapper around audit() + mask(). Equivalent to:
+ *   const result = audit(text, { locale })
+ *   return mask(text, result.pii, { strategy })
+ *
+ * @example
+ * const clean = redactForLlm("TCKN: 12345678950, email: ali@example.com", { locale: "tr" })
+ * // "TCKN: [REDACTED_NATIONAL_ID_TR], email: [REDACTED_EMAIL]"
+ */
+declare function redactForLlm(text: string, options?: AuditOptions & MaskOptions): string;
+/**
+ * Estimate the token count of *text* using a word-based heuristic.
+ *
+ * Uses the standard approximation: 1 token ≈ 0.75 words (words × 4/3).
+ * No external dependencies — accuracy within ~15% of real tokenizers for
+ * English and most European languages. Treat as a planning estimate.
+ *
+ * @example
+ * estimateTokens("The quick brown fox")   // → 7
+ * estimateTokens("")                       // → 0
+ */
+declare function estimateTokens(text: string): number;
+type RiskLevel = "none" | "low" | "medium" | "high";
+interface ComplianceReport {
+    has_pii: boolean;
+    pii_types: string[];
+    risk_level: RiskLevel;
+    masking_required: boolean;
+    recommendations: string[];
+}
+/**
+ * Generate a KVKK/GDPR compliance summary for an AuditResult.
+ *
+ * This is a technical summary only — not a legal document or regulatory opinion.
+ */
+declare function complianceReport(result: AuditResult): ComplianceReport;
 
-export { type AuditOptions, type AuditResult, type BatchAuditResult, type MaskOptions, type MaskStrategy, type NoiseMetrics, type PiiFinding, type PiiSummaryEntry, type QualityGrade, type QualityMetrics, applyMask, audit, auditBatch, detectPii, mask, noiseMetrics, noiseRatio, qualityMetrics, version };
+export { type AuditOptions, type AuditResult, type BatchAuditResult, type ComplianceReport, type MaskOptions, type MaskStrategy, type NoiseMetrics, type PiiFinding, type PiiSummaryEntry, type QualityGrade, type QualityMetrics, type RiskLevel, applyMask, audit, auditBatch, auditStream, complianceReport, detectPii, estimateTokens, mask, noiseMetrics, noiseRatio, qualityMetrics, redactForLlm, version };

package/dist/index.js

@@ -299,6 +299,28 @@ var _EIN_INVALID_PREFIXES = /* @__PURE__ */ new Set([
 function validEinUs(s) {
   return !_EIN_INVALID_PREFIXES.has(s.slice(0, 2));
 }
+var PESEL_PL_RE = /\b(\d{11})\b/g;
+function validPeselPl(s) {
+  if (s.length !== 11 || !/^\d+$/.test(s)) return false;
+  const weights = [1, 3, 7, 9, 1, 3, 7, 9, 1, 3];
+  const total = weights.reduce((sum, w, i) => sum + w * parseInt(s[i]), 0);
+  return (10 - total % 10) % 10 === parseInt(s[10]);
+}
+var SVNR_AT_RE = /\b(\d{10})\b/g;
+function validSvnrAt(s) {
+  if (s.length !== 10 || !/^\d+$/.test(s)) return false;
+  const weights = [3, 7, 9, 0, 5, 8, 4, 2, 1, 6];
+  const total = weights.reduce((sum, w, i) => sum + w * parseInt(s[i]), 0);
+  return total % 10 === parseInt(s[3]);
+}
+var NRRNISS_BE_RE = /\b(\d{11})\b/g;
+function validNrrnissBe(s) {
+  if (s.length !== 11 || !/^\d+$/.test(s)) return false;
+  const body = parseInt(s.slice(0, 9));
+  const check = parseInt(s.slice(9));
+  if (97 - body % 97 === check) return true;
+  return 97 - (2e9 + body) % 97 === check;
+}
 var LOCALE_DETECTORS = {
   tr: /* @__PURE__ */ new Set([
     "national_id_tr",
@@ -318,7 +340,10 @@ var LOCALE_DETECTORS = {
   it: /* @__PURE__ */ new Set(["national_id_it", "tax_id_it"]),
   nl: /* @__PURE__ */ new Set(["national_id_nl", "company_id_nl"]),
   es: /* @__PURE__ */ new Set(["national_id_es", "tax_id_es"]),
-  uk: /* @__PURE__ */ new Set(["social_id_uk", "tax_id_uk"])
+  uk: /* @__PURE__ */ new Set(["social_id_uk", "tax_id_uk"]),
+  pl: /* @__PURE__ */ new Set(["national_id_pl"]),
+  at: /* @__PURE__ */ new Set(["social_id_at"]),
+  be: /* @__PURE__ */ new Set(["national_id_be"])
 };
 var UNIVERSAL = /* @__PURE__ */ new Set(["email", "iban", "credit_card", "ip", "ip_v6"]);
 function activeDetectors(locale) {
@@ -570,6 +595,27 @@ function detectPii(text, locale = "und") {
       findings.push({ type: "company_name_intl", value: m[1], start: m.index, end: m.index + m[1].length });
     }
   }
+  if (active.has("national_id_pl")) {
+    PESEL_PL_RE.lastIndex = 0;
+    let m;
+    while ((m = PESEL_PL_RE.exec(t)) !== null) {
+      if (validPeselPl(m[1])) findings.push({ type: "national_id_pl", value: m[1], start: m.index, end: m.index + m[1].length });
+    }
+  }
+  if (active.has("social_id_at")) {
+    SVNR_AT_RE.lastIndex = 0;
+    let m;
+    while ((m = SVNR_AT_RE.exec(t)) !== null) {
+      if (validSvnrAt(m[1])) findings.push({ type: "social_id_at", value: m[1], start: m.index, end: m.index + m[1].length });
+    }
+  }
+  if (active.has("national_id_be")) {
+    NRRNISS_BE_RE.lastIndex = 0;
+    let m;
+    while ((m = NRRNISS_BE_RE.exec(t)) !== null) {
+      if (validNrrnissBe(m[1])) findings.push({ type: "national_id_be", value: m[1], start: m.index, end: m.index + m[1].length });
+    }
+  }
   findings.sort((a, b) => a.start - b.start);
   const specificIbanSpans = new Set(
     findings.filter((f) => f.type === "iban_tr" || f.type === "iban_intl").map((f) => `${f.start}:${f.end}`)
@@ -625,18 +671,56 @@ function noiseMetrics(text) {
 
 // src/mask.ts
 import { createHash } from "crypto";
-var SYNTHETIC = {
+var TCKN_POOL = ["12345678950", "10000000146", "23456789060"];
+var IBAN_TR_POOL = ["TR330006100519786457841326", "TR390006199999888888888813"];
+var NAME_POOL = [
+  "Ahmet Yilmaz",
+  "Mehmet Demir",
+  "Ayse Kaya",
+  "Fatma Celik",
+  "Ali Sahin",
+  "Zeynep Arslan",
+  "Mustafa Ozturk",
+  "Emine Dogan",
+  "Ibrahim Kurt",
+  "Hatice Aydin",
+  "Hasan Yildiz",
+  "Elif Gunes",
+  "Huseyin Cetin",
+  "Meryem Polat",
+  "Omer Koc",
+  "Busra Tekin",
+  "Yusuf Erdogan",
+  "Selin Bozkurt",
+  "Kemal Akin",
+  "Derya Ucar"
+];
+var STATIC_SYNTHETIC = {
   email: "user@example.com",
   phone: "+1 000 000 0000",
   phone_tr: "0500 000 00 00",
-  national_id_tr: "00000000000",
+  phone_intl: "+1 000 000 0000",
   ssn: "000-00-0000",
   iban: "XX00 0000 0000 0000 0000 00",
   credit_card: "0000 0000 0000 0000",
   ip: "0.0.0.0",
-  name: "AD SOYAD"
+  ip_v6: "2001:db8::1",
+  national_id_pl: "00000000000",
+  social_id_at: "0000000000",
+  national_id_be: "00000000000"
 };
 var VALID_STRATEGIES = /* @__PURE__ */ new Set(["redact", "replace", "token", "hash"]);
+function pick(pool, seed) {
+  const h = createHash("sha256").update(seed).digest("hex");
+  const idx = parseInt(h.slice(0, 8), 16) % pool.length;
+  return pool[idx];
+}
+function synthetic(ptype, original) {
+  if (ptype === "national_id_tr") return pick(TCKN_POOL, original);
+  if (ptype === "iban_tr" || ptype === "iban_intl") return pick(IBAN_TR_POOL, original);
+  if (ptype === "name") return pick(NAME_POOL, original);
+  return STATIC_SYNTHETIC[ptype] ?? `[${ptype.toUpperCase()}]`;
+}
 function applyMask(text, findings, strategy = "redact") {
   if (!VALID_STRATEGIES.has(strategy)) {
     throw new Error(`Unknown strategy "${strategy}". Use: redact, replace, token, hash`);
@@ -653,7 +737,7 @@ function applyMask(text, findings, strategy = "redact") {
     if (strategy === "redact") {
       replacement = `[REDACTED_${tag}]`;
     } else if (strategy === "replace") {
-      replacement = SYNTHETIC[type] ?? `[${tag}]`;
+      replacement = synthetic(type, value);
     } else if (strategy === "token") {
       replacement = `<PII_${tag}_${counter[type]}>`;
     } else {
@@ -666,7 +750,7 @@ function applyMask(text, findings, strategy = "redact") {
 }
 
 // src/index.ts
-var version = "0.5.1";
+var version = "0.7.0";
 function computeQualityScore(completeness, avgLength, garbageRatio) {
   const lengthScore = Math.min(avgLength / 500, 1);
   const noiseScore = Math.max(0, 1 - garbageRatio * 10);
@@ -717,14 +801,86 @@ function auditBatch(texts, options = {}) {
 function mask(text, findings, options = {}) {
   return applyMask(text, findings, options.strategy ?? "redact");
 }
+async function* auditStream(texts, options = {}) {
+  for await (const text of texts) {
+    yield audit(text, options);
+  }
+}
+function redactForLlm(text, options = {}) {
+  const { strategy, ...auditOptions } = options;
+  const result = audit(text, auditOptions);
+  return mask(text, result.pii, { strategy });
+}
+function estimateTokens(text) {
+  if (!text || !text.trim()) return 0;
+  const words = text.trim().split(/\s+/).length;
+  return Math.max(1, Math.round(words * 4 / 3));
+}
+var HIGH_RISK_TYPES = /* @__PURE__ */ new Set([
+  "national_id_tr",
+  "ssn",
+  "credit_card",
+  "national_id_pl",
+  "national_id_be",
+  "social_id_at",
+  "social_id_de",
+  "social_id_uk",
+  "national_id_it",
+  "national_id_nl",
+  "national_id_es",
+  "national_id_us",
+  "tax_id_tr",
+  "tax_id_de"
+]);
+var MEDIUM_RISK_TYPES = /* @__PURE__ */ new Set([
+  "email",
+  "phone_tr",
+  "phone_intl",
+  "iban",
+  "iban_tr",
+  "iban_intl",
+  "name"
+]);
+function complianceReport(result) {
+  const types = [...new Set(result.pii.map((f) => f.type))].sort();
+  let risk_level = "none";
+  if (types.length > 0) {
+    if (types.some((t) => HIGH_RISK_TYPES.has(t))) risk_level = "high";
+    else if (types.some((t) => MEDIUM_RISK_TYPES.has(t))) risk_level = "medium";
+    else risk_level = "low";
+  }
+  const recommendations = [];
+  if (risk_level === "high" || risk_level === "medium") {
+    recommendations.push("Apply mask({ strategy: 'redact' }) before storing or sharing this text.");
+  }
+  if (risk_level === "high") {
+    recommendations.push(
+      "Review applicable regulations (KVKK Art. 6, GDPR Art. 9) for special category data handling."
+    );
+  }
+  if (recommendations.length === 0) {
+    recommendations.push("No PII detected \u2014 text is safe for LLM processing.");
+  }
+  return {
+    has_pii: types.length > 0,
+    pii_types: types,
+    risk_level,
+    masking_required: types.length > 0,
+    recommendations
+  };
+}
 export {
   applyMask,
   audit,
   auditBatch,
+  auditStream,
+  complianceReport,
   detectPii,
+  estimateTokens,
   mask,
   noiseMetrics,
   noiseRatio,
   qualityMetrics,
+  redactForLlm,
   version
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@flexorch/audit",
-  "version": "0.5.1",
+  "version": "0.7.0",
   "description": "Zero-dependency PII + quality + noise audit for LLM datasets (TR/EU/US)",
   "keywords": [
     "pii",
@@ -14,7 +14,7 @@
   ],
   "license": "MIT",
   "author": "FlexOrch",
-  "homepage": "https://github.com/flexorch/flexorch-audit-js",
+  "homepage": "https://flexorch.com",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/flexorch/flexorch-audit-js.git"