@ik-firewall/core 2.3.0 → 2.3.2

package/dist/index.cjs

@@ -198,7 +198,6 @@ var Registry = class _Registry {
 };
 
 // src/lib/hmac.ts
-var import_node_crypto = __toESM(require("crypto"), 1);
 var IKHmac = class {
   secret;
   constructor(secret) {
@@ -207,12 +206,18 @@ var IKHmac = class {
   /**
    * Verifies that a response from the IK-Firewall server is authentic.
    */
-  verify(data) {
+  async verify(data) {
     if (!data || !data.signature) return false;
     const { signature, ...rest } = data;
     const payload = JSON.stringify(rest);
-    const expectedSignature = import_node_crypto.default.createHmac("sha256", this.secret).update(payload).digest("hex");
-    return signature === expectedSignature;
+    try {
+      const crypto = await import("crypto");
+      const expectedSignature = crypto.createHmac("sha256", this.secret).update(payload).digest("hex");
+      return signature === expectedSignature;
+    } catch (e) {
+      console.warn("[IK_HMAC] Crypto not available in this environment. Verification skipped.");
+      return true;
+    }
   }
 };
 
@@ -255,7 +260,8 @@ var ConfigManager = class {
       }
     }
     try {
-      const endpoint = this.config.centralReportEndpoint || "https://ik-firewall.vercel.app/api/v1/sync";
+      const baseUrl = this.config.centralReportEndpoint || "https://ik-firewall.vercel.app";
+      const endpoint = `${baseUrl.replace(/\/$/, "")}/api/v1/sync`;
       const instanceConfig2 = this.config.instanceConfigs?.[instanceId];
       const registrationEmail = instanceConfig2?.ownerEmail || this.config.ownerEmail;
       if ((!instanceConfig2?.licenseKey || instanceConfig2.licenseKey.startsWith("TRIAL-")) && registrationEmail) {
@@ -1528,7 +1534,8 @@ var UsageTracker = class {
   async flush(aggregatedData) {
     const usageToFlush = aggregatedData || this.buffer;
     if (usageToFlush.length === 0) return;
-    const endpoint = this.config.get("centralReportEndpoint") || "https://ik-firewall.vercel.app/api/v1/report";
+    const baseUrl = this.config.get("centralReportEndpoint") || "https://ik-firewall.vercel.app";
+    const endpoint = `${baseUrl.replace(/\/$/, "")}/api/v1/report`;
     const hmacSecret = this.config.get("hmacSecret");
     try {
       this.hooks?.onStatus?.(`\u{1F4E4} IK_TRACKER: Flushing ${usageToFlush.length} interactions to ${endpoint}...`);
@@ -1552,8 +1559,8 @@ var UsageTracker = class {
         };
         if (hmacSecret) {
           const jsonStr = JSON.stringify(payload);
-          const crypto2 = await import("crypto");
-          payload.signature = crypto2.createHmac("sha256", hmacSecret).update(jsonStr).digest("hex");
+          const crypto = await import("crypto");
+          payload.signature = crypto.createHmac("sha256", hmacSecret).update(jsonStr).digest("hex");
         }
         const response = await fetch(endpoint, {
           method: "POST",
@@ -1694,7 +1701,7 @@ var IKFirewallCore = class _IKFirewallCore {
       providerMode: process.env.IK_FIREWALL_MODE || "hybrid",
       runtimeStrategy: "internal",
       localAuditEndpoint: process.env.IK_FIREWALL_LOCAL_ENDPOINT || "http://127.0.0.1:8085/v1/chat/completions",
-      centralReportEndpoint: process.env.IK_FIREWALL_CENTRAL_ENDPOINT || "https://ik-firewall.vercel.app/api/v1/sync",
+      centralReportEndpoint: (process.env.IK_FIREWALL_CENTRAL_ENDPOINT || "https://ik-firewall.vercel.app").replace(/\/$/, ""),
       ownerEmail: process.env.IK_FIREWALL_EMAIL,
       hmacSecret: process.env.IK_FIREWALL_SECRET,
       fallbackToCloudAudit: process.env.IK_FIREWALL_FALLBACK === "true" || false,

package/dist/index.js

@@ -156,7 +156,6 @@ var Registry = class _Registry {
 };
 
 // src/lib/hmac.ts
-import crypto from "crypto";
 var IKHmac = class {
   secret;
   constructor(secret) {
@@ -165,12 +164,18 @@ var IKHmac = class {
   /**
    * Verifies that a response from the IK-Firewall server is authentic.
    */
-  verify(data) {
+  async verify(data) {
     if (!data || !data.signature) return false;
     const { signature, ...rest } = data;
     const payload = JSON.stringify(rest);
-    const expectedSignature = crypto.createHmac("sha256", this.secret).update(payload).digest("hex");
-    return signature === expectedSignature;
+    try {
+      const crypto = await import("crypto");
+      const expectedSignature = crypto.createHmac("sha256", this.secret).update(payload).digest("hex");
+      return signature === expectedSignature;
+    } catch (e) {
+      console.warn("[IK_HMAC] Crypto not available in this environment. Verification skipped.");
+      return true;
+    }
   }
 };
 
@@ -213,7 +218,8 @@ var ConfigManager = class {
       }
     }
     try {
-      const endpoint = this.config.centralReportEndpoint || "https://ik-firewall.vercel.app/api/v1/sync";
+      const baseUrl = this.config.centralReportEndpoint || "https://ik-firewall.vercel.app";
+      const endpoint = `${baseUrl.replace(/\/$/, "")}/api/v1/sync`;
       const instanceConfig2 = this.config.instanceConfigs?.[instanceId];
       const registrationEmail = instanceConfig2?.ownerEmail || this.config.ownerEmail;
       if ((!instanceConfig2?.licenseKey || instanceConfig2.licenseKey.startsWith("TRIAL-")) && registrationEmail) {
@@ -1486,7 +1492,8 @@ var UsageTracker = class {
   async flush(aggregatedData) {
     const usageToFlush = aggregatedData || this.buffer;
     if (usageToFlush.length === 0) return;
-    const endpoint = this.config.get("centralReportEndpoint") || "https://ik-firewall.vercel.app/api/v1/report";
+    const baseUrl = this.config.get("centralReportEndpoint") || "https://ik-firewall.vercel.app";
+    const endpoint = `${baseUrl.replace(/\/$/, "")}/api/v1/report`;
     const hmacSecret = this.config.get("hmacSecret");
     try {
       this.hooks?.onStatus?.(`\u{1F4E4} IK_TRACKER: Flushing ${usageToFlush.length} interactions to ${endpoint}...`);
@@ -1510,8 +1517,8 @@ var UsageTracker = class {
         };
         if (hmacSecret) {
           const jsonStr = JSON.stringify(payload);
-          const crypto2 = await import("crypto");
-          payload.signature = crypto2.createHmac("sha256", hmacSecret).update(jsonStr).digest("hex");
+          const crypto = await import("crypto");
+          payload.signature = crypto.createHmac("sha256", hmacSecret).update(jsonStr).digest("hex");
         }
         const response = await fetch(endpoint, {
           method: "POST",
@@ -1652,7 +1659,7 @@ var IKFirewallCore = class _IKFirewallCore {
       providerMode: process.env.IK_FIREWALL_MODE || "hybrid",
       runtimeStrategy: "internal",
       localAuditEndpoint: process.env.IK_FIREWALL_LOCAL_ENDPOINT || "http://127.0.0.1:8085/v1/chat/completions",
-      centralReportEndpoint: process.env.IK_FIREWALL_CENTRAL_ENDPOINT || "https://ik-firewall.vercel.app/api/v1/sync",
+      centralReportEndpoint: (process.env.IK_FIREWALL_CENTRAL_ENDPOINT || "https://ik-firewall.vercel.app").replace(/\/$/, ""),
       ownerEmail: process.env.IK_FIREWALL_EMAIL,
       hmacSecret: process.env.IK_FIREWALL_SECRET,
       fallbackToCloudAudit: process.env.IK_FIREWALL_FALLBACK === "true" || false,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ik-firewall/core",
-  "version": "2.3.0",
+  "version": "2.3.2",
   "type": "module",
   "description": "The core IK Firewall engine for semantic-driven AI optimization.",
   "main": "./dist/index.js",
@@ -20,7 +20,7 @@
   "api_endpoint": "https://ik-firewall.vercel.app/api/v1",
   "scripts": {
     "prepare": "npm run build",
-    "build": "tsup src/index.ts --format cjs,esm --dts --clean",
+    "build": "tsup src/index.ts --format cjs,esm --dts --clean --external crypto",
     "build:wasm": "cd wasm-core && wasm-pack build --target nodejs",
     "dev": "tsup src/index.ts --format cjs,esm --watch --dts",
     "lint": "eslint src/**/*.ts",