@ik-firewall/core 2.3.1 → 2.3.2

package/dist/index.cjs

@@ -198,7 +198,6 @@ var Registry = class _Registry {
 };
 
 // src/lib/hmac.ts
-var import_node_crypto = __toESM(require("crypto"), 1);
 var IKHmac = class {
   secret;
   constructor(secret) {
@@ -207,12 +206,18 @@ var IKHmac = class {
   /**
    * Verifies that a response from the IK-Firewall server is authentic.
    */
-  verify(data) {
+  async verify(data) {
     if (!data || !data.signature) return false;
     const { signature, ...rest } = data;
     const payload = JSON.stringify(rest);
-    const expectedSignature = import_node_crypto.default.createHmac("sha256", this.secret).update(payload).digest("hex");
-    return signature === expectedSignature;
+    try {
+      const crypto = await import("crypto");
+      const expectedSignature = crypto.createHmac("sha256", this.secret).update(payload).digest("hex");
+      return signature === expectedSignature;
+    } catch (e) {
+      console.warn("[IK_HMAC] Crypto not available in this environment. Verification skipped.");
+      return true;
+    }
   }
 };
 
@@ -1554,8 +1559,8 @@ var UsageTracker = class {
         };
         if (hmacSecret) {
           const jsonStr = JSON.stringify(payload);
-          const crypto2 = await import("crypto");
-          payload.signature = crypto2.createHmac("sha256", hmacSecret).update(jsonStr).digest("hex");
+          const crypto = await import("crypto");
+          payload.signature = crypto.createHmac("sha256", hmacSecret).update(jsonStr).digest("hex");
         }
         const response = await fetch(endpoint, {
           method: "POST",

package/dist/index.js

@@ -156,7 +156,6 @@ var Registry = class _Registry {
 };
 
 // src/lib/hmac.ts
-import crypto from "crypto";
 var IKHmac = class {
   secret;
   constructor(secret) {
@@ -165,12 +164,18 @@ var IKHmac = class {
   /**
    * Verifies that a response from the IK-Firewall server is authentic.
    */
-  verify(data) {
+  async verify(data) {
     if (!data || !data.signature) return false;
     const { signature, ...rest } = data;
     const payload = JSON.stringify(rest);
-    const expectedSignature = crypto.createHmac("sha256", this.secret).update(payload).digest("hex");
-    return signature === expectedSignature;
+    try {
+      const crypto = await import("crypto");
+      const expectedSignature = crypto.createHmac("sha256", this.secret).update(payload).digest("hex");
+      return signature === expectedSignature;
+    } catch (e) {
+      console.warn("[IK_HMAC] Crypto not available in this environment. Verification skipped.");
+      return true;
+    }
   }
 };
 
@@ -1512,8 +1517,8 @@ var UsageTracker = class {
         };
         if (hmacSecret) {
           const jsonStr = JSON.stringify(payload);
-          const crypto2 = await import("crypto");
-          payload.signature = crypto2.createHmac("sha256", hmacSecret).update(jsonStr).digest("hex");
+          const crypto = await import("crypto");
+          payload.signature = crypto.createHmac("sha256", hmacSecret).update(jsonStr).digest("hex");
         }
         const response = await fetch(endpoint, {
           method: "POST",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ik-firewall/core",
-  "version": "2.3.1",
+  "version": "2.3.2",
   "type": "module",
   "description": "The core IK Firewall engine for semantic-driven AI optimization.",
   "main": "./dist/index.js",
@@ -20,7 +20,7 @@
   "api_endpoint": "https://ik-firewall.vercel.app/api/v1",
   "scripts": {
     "prepare": "npm run build",
-    "build": "tsup src/index.ts --format cjs,esm --dts --clean",
+    "build": "tsup src/index.ts --format cjs,esm --dts --clean --external crypto",
     "build:wasm": "cd wasm-core && wasm-pack build --target nodejs",
     "dev": "tsup src/index.ts --format cjs,esm --watch --dts",
     "lint": "eslint src/**/*.ts",