@ironbackend/core 1.0.0

package/dist/rules/index.js

@@ -0,0 +1,505 @@
+"use strict";
+/**
+ * IronBackend Design Rules
+ * Enforceable rules for backend development
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.rulesByCategory = exports.allRules = exports.asyncRules = exports.validationRules = exports.namingRules = exports.dataAccessRules = exports.transactionRules = exports.errorHandlingRules = exports.domainRules = exports.apiRules = void 0;
+exports.getRulesByCategory = getRulesByCategory;
+exports.getRule = getRule;
+exports.getErrorRules = getErrorRules;
+exports.getWarnRules = getWarnRules;
+exports.formatRulesForPrompt = formatRulesForPrompt;
+// ============================================================================
+// API Design Rules
+// ============================================================================
+exports.apiRules = [
+    {
+        id: 'API-001',
+        category: 'API',
+        rule: 'All endpoints must have explicit request/response schemas',
+        severity: 'ERROR',
+        rationale: 'Without schemas, API contracts are implicit and prone to breaking changes'
+    },
+    {
+        id: 'API-002',
+        category: 'API',
+        rule: 'Use plural nouns for resource collections (/users, not /user)',
+        severity: 'ERROR',
+        rationale: 'Consistent naming convention makes APIs predictable'
+    },
+    {
+        id: 'API-003',
+        category: 'API',
+        rule: 'HTTP methods must match semantics (POST=create, PUT=replace, PATCH=partial, DELETE=remove)',
+        severity: 'ERROR',
+        rationale: 'Correct HTTP semantics enable proper caching, idempotency handling'
+    },
+    {
+        id: 'API-004',
+        category: 'API',
+        rule: 'Return 201 for creation, 200 for success, 204 for no content',
+        severity: 'WARN',
+        rationale: 'Correct status codes help clients handle responses appropriately'
+    },
+    {
+        id: 'API-005',
+        category: 'API',
+        rule: 'Pagination required for list endpoints returning > 20 items',
+        severity: 'ERROR',
+        rationale: 'Unbounded lists cause performance issues and memory problems'
+    },
+    {
+        id: 'API-006',
+        category: 'API',
+        rule: 'Include X-Request-ID header in all responses',
+        severity: 'WARN',
+        rationale: 'Request tracing is essential for debugging distributed systems'
+    },
+    {
+        id: 'API-007',
+        category: 'API',
+        rule: 'Version APIs in URL path (/v1/users) or header',
+        severity: 'ERROR',
+        rationale: 'Versioning prevents breaking changes from affecting existing clients'
+    },
+    {
+        id: 'API-008',
+        category: 'API',
+        rule: 'Error responses must include error code, message, and timestamp',
+        severity: 'ERROR',
+        rationale: 'Structured errors enable programmatic error handling'
+    },
+    {
+        id: 'API-009',
+        category: 'API',
+        rule: 'Rate limiting headers must be present (X-RateLimit-*)',
+        severity: 'WARN',
+        rationale: 'Clients need to know rate limits to implement backoff'
+    },
+    {
+        id: 'API-010',
+        category: 'API',
+        rule: 'No verbs in URL paths (/users/create is wrong, use POST /users)',
+        severity: 'ERROR',
+        rationale: 'HTTP methods provide the verb, URLs should be nouns'
+    }
+];
+// ============================================================================
+// Domain Modeling Rules
+// ============================================================================
+exports.domainRules = [
+    {
+        id: 'DOM-001',
+        category: 'DOMAIN',
+        rule: 'Entities must have immutable identifiers',
+        severity: 'ERROR',
+        rationale: 'Changing IDs breaks referential integrity'
+    },
+    {
+        id: 'DOM-002',
+        category: 'DOMAIN',
+        rule: 'Value objects must be immutable and compared by value',
+        severity: 'ERROR',
+        rationale: 'Mutable value objects cause subtle bugs in collections and caching'
+    },
+    {
+        id: 'DOM-003',
+        category: 'DOMAIN',
+        rule: 'Aggregates must have a single root entity',
+        severity: 'ERROR',
+        rationale: 'Multiple roots create ambiguous transaction boundaries'
+    },
+    {
+        id: 'DOM-004',
+        category: 'DOMAIN',
+        rule: 'Domain events named in past tense (OrderCreated, not CreateOrder)',
+        severity: 'ERROR',
+        rationale: 'Events represent facts that happened, not intentions'
+    },
+    {
+        id: 'DOM-005',
+        category: 'DOMAIN',
+        rule: 'Domain logic must not depend on framework code',
+        severity: 'ERROR',
+        rationale: 'Domain should be portable and testable without framework'
+    },
+    {
+        id: 'DOM-006',
+        category: 'DOMAIN',
+        rule: 'Business rules encapsulated in domain layer, not services',
+        severity: 'WARN',
+        rationale: 'Anemic domain models lead to scattered business logic'
+    },
+    {
+        id: 'DOM-007',
+        category: 'DOMAIN',
+        rule: 'No primitive obsession: use value objects for domain concepts',
+        severity: 'WARN',
+        rationale: 'Email, Money, UserId should be types, not strings/numbers'
+    },
+    {
+        id: 'DOM-008',
+        category: 'DOMAIN',
+        rule: 'Aggregate references by ID only, not object reference',
+        severity: 'ERROR',
+        rationale: 'Object references create coupling and lazy loading issues'
+    }
+];
+// ============================================================================
+// Error Handling Rules
+// ============================================================================
+exports.errorHandlingRules = [
+    {
+        id: 'ERR-001',
+        category: 'ERROR_HANDLING',
+        rule: 'Use typed exceptions/errors, not generic Error class',
+        severity: 'ERROR',
+        rationale: 'Typed exceptions enable proper error handling and recovery'
+    },
+    {
+        id: 'ERR-002',
+        category: 'ERROR_HANDLING',
+        rule: 'Exceptions must include error code and message',
+        severity: 'ERROR',
+        rationale: 'Error codes enable programmatic handling, messages for humans'
+    },
+    {
+        id: 'ERR-003',
+        category: 'ERROR_HANDLING',
+        rule: 'Never expose stack traces in production API responses',
+        severity: 'ERROR',
+        rationale: 'Stack traces leak implementation details and security info'
+    },
+    {
+        id: 'ERR-004',
+        category: 'ERROR_HANDLING',
+        rule: 'Log all errors with correlation ID',
+        severity: 'ERROR',
+        rationale: 'Correlation IDs enable tracing errors across services'
+    },
+    {
+        id: 'ERR-005',
+        category: 'ERROR_HANDLING',
+        rule: 'Distinguish between client errors (4xx) and server errors (5xx)',
+        severity: 'ERROR',
+        rationale: 'Clients need to know if error is their fault or server issue'
+    },
+    {
+        id: 'ERR-006',
+        category: 'ERROR_HANDLING',
+        rule: 'Implement global exception handler',
+        severity: 'ERROR',
+        rationale: 'Unhandled exceptions should never leak to clients'
+    },
+    {
+        id: 'ERR-007',
+        category: 'ERROR_HANDLING',
+        rule: 'Expected failures (validation) use Result type, not exceptions',
+        severity: 'WARN',
+        rationale: 'Exceptions for control flow are expensive and unclear'
+    },
+    {
+        id: 'ERR-008',
+        category: 'ERROR_HANDLING',
+        rule: 'Unexpected failures throw exceptions',
+        severity: 'WARN',
+        rationale: 'Exceptions signal truly exceptional conditions'
+    }
+];
+// ============================================================================
+// Transaction Rules
+// ============================================================================
+exports.transactionRules = [
+    {
+        id: 'TXN-001',
+        category: 'TRANSACTIONS',
+        rule: 'Transactions scoped to single aggregate modification',
+        severity: 'ERROR',
+        rationale: 'Cross-aggregate transactions create scaling bottlenecks'
+    },
+    {
+        id: 'TXN-002',
+        category: 'TRANSACTIONS',
+        rule: 'No transactions spanning multiple aggregates',
+        severity: 'ERROR',
+        rationale: 'Use saga pattern for cross-aggregate consistency instead'
+    },
+    {
+        id: 'TXN-003',
+        category: 'TRANSACTIONS',
+        rule: 'Use saga pattern for cross-aggregate consistency',
+        severity: 'WARN',
+        rationale: 'Sagas enable eventual consistency without distributed transactions'
+    },
+    {
+        id: 'TXN-004',
+        category: 'TRANSACTIONS',
+        rule: 'Transaction timeout must be explicit (< 30 seconds)',
+        severity: 'ERROR',
+        rationale: 'Long transactions cause lock contention and resource exhaustion'
+    },
+    {
+        id: 'TXN-005',
+        category: 'TRANSACTIONS',
+        rule: 'Read operations should not acquire write locks',
+        severity: 'WARN',
+        rationale: 'Unnecessary locking reduces concurrency'
+    },
+    {
+        id: 'TXN-006',
+        category: 'TRANSACTIONS',
+        rule: 'Retry logic required for transient failures',
+        severity: 'WARN',
+        rationale: 'Transient failures (deadlocks, timeouts) are recoverable'
+    }
+];
+// ============================================================================
+// Data Access Rules
+// ============================================================================
+exports.dataAccessRules = [
+    {
+        id: 'DAT-001',
+        category: 'DATA_ACCESS',
+        rule: 'Repositories return domain entities, not database records',
+        severity: 'ERROR',
+        rationale: 'Domain layer should not know about database structure'
+    },
+    {
+        id: 'DAT-002',
+        category: 'DATA_ACCESS',
+        rule: 'Query logic in repository, not in service layer',
+        severity: 'ERROR',
+        rationale: 'Repositories encapsulate data access, services orchestrate'
+    },
+    {
+        id: 'DAT-003',
+        category: 'DATA_ACCESS',
+        rule: 'No raw SQL in application code (except repository layer)',
+        severity: 'ERROR',
+        rationale: 'SQL scattered in app code is unmaintainable and insecure'
+    },
+    {
+        id: 'DAT-004',
+        category: 'DATA_ACCESS',
+        rule: 'Database indexes for all frequently-queried columns',
+        severity: 'WARN',
+        rationale: 'Missing indexes cause slow queries at scale'
+    },
+    {
+        id: 'DAT-005',
+        category: 'DATA_ACCESS',
+        rule: 'Connection pooling mandatory',
+        severity: 'ERROR',
+        rationale: 'Creating connections per request is expensive'
+    },
+    {
+        id: 'DAT-006',
+        category: 'DATA_ACCESS',
+        rule: 'No N+1 queries (use eager loading or batching)',
+        severity: 'ERROR',
+        rationale: 'N+1 queries cause severe performance degradation'
+    },
+    {
+        id: 'DAT-007',
+        category: 'DATA_ACCESS',
+        rule: 'Soft delete preferred over hard delete for audit trails',
+        severity: 'WARN',
+        rationale: 'Hard deletes lose historical data and break referential integrity'
+    }
+];
+// ============================================================================
+// Naming Rules
+// ============================================================================
+exports.namingRules = [
+    {
+        id: 'NAM-001',
+        category: 'NAMING',
+        rule: 'Classes use PascalCase',
+        severity: 'ERROR',
+        rationale: 'Consistent naming convention across all code'
+    },
+    {
+        id: 'NAM-002',
+        category: 'NAMING',
+        rule: 'Methods/functions use camelCase',
+        severity: 'ERROR',
+        rationale: 'Consistent naming convention across all code'
+    },
+    {
+        id: 'NAM-003',
+        category: 'NAMING',
+        rule: 'Constants use SCREAMING_SNAKE_CASE',
+        severity: 'ERROR',
+        rationale: 'Constants should be visually distinct from variables'
+    },
+    {
+        id: 'NAM-004',
+        category: 'NAMING',
+        rule: 'Interfaces prefixed with I or suffixed with role (Repository, Service)',
+        severity: 'WARN',
+        rationale: 'Interfaces should be distinguishable from implementations'
+    },
+    {
+        id: 'NAM-005',
+        category: 'NAMING',
+        rule: 'Boolean variables prefixed with is, has, should, can',
+        severity: 'WARN',
+        rationale: 'Boolean intent should be clear from the name'
+    },
+    {
+        id: 'NAM-006',
+        category: 'NAMING',
+        rule: 'Avoid abbreviations except widely-known ones (ID, HTTP, URL)',
+        severity: 'ERROR',
+        rationale: 'Abbreviations reduce readability and cause inconsistency'
+    },
+    {
+        id: 'NAM-007',
+        category: 'NAMING',
+        rule: 'Collection variables use plural nouns',
+        severity: 'ERROR',
+        rationale: 'users is clearly a collection, user is ambiguous'
+    }
+];
+// ============================================================================
+// Validation Rules
+// ============================================================================
+exports.validationRules = [
+    {
+        id: 'VAL-001',
+        category: 'VALIDATION',
+        rule: 'Validate at system boundaries (API input)',
+        severity: 'ERROR',
+        rationale: 'Never trust input from outside the system'
+    },
+    {
+        id: 'VAL-002',
+        category: 'VALIDATION',
+        rule: 'Use schema validation libraries, not manual checks',
+        severity: 'WARN',
+        rationale: 'Schema validators are consistent, tested, and declarative'
+    },
+    {
+        id: 'VAL-003',
+        category: 'VALIDATION',
+        rule: 'Return all validation errors at once, not one at a time',
+        severity: 'ERROR',
+        rationale: 'Users should fix all issues in one attempt'
+    },
+    {
+        id: 'VAL-004',
+        category: 'VALIDATION',
+        rule: 'Domain entities validate invariants on construction',
+        severity: 'ERROR',
+        rationale: 'Invalid entities should never exist in memory'
+    },
+    {
+        id: 'VAL-005',
+        category: 'VALIDATION',
+        rule: 'Sanitize all user input before storage',
+        severity: 'ERROR',
+        rationale: 'Unsanitized input enables injection attacks'
+    }
+];
+// ============================================================================
+// Async / Concurrency Rules
+// ============================================================================
+exports.asyncRules = [
+    {
+        id: 'ASY-001',
+        category: 'ASYNC',
+        rule: 'Async handlers must be idempotent',
+        severity: 'ERROR',
+        rationale: 'Messages can be delivered multiple times'
+    },
+    {
+        id: 'ASY-002',
+        category: 'ASYNC',
+        rule: 'Include message ID for deduplication',
+        severity: 'ERROR',
+        rationale: 'Deduplication requires a unique identifier'
+    },
+    {
+        id: 'ASY-003',
+        category: 'ASYNC',
+        rule: 'Dead letter queue required for failed messages',
+        severity: 'ERROR',
+        rationale: 'Failed messages should not block the queue or be lost'
+    },
+    {
+        id: 'ASY-004',
+        category: 'ASYNC',
+        rule: 'Set explicit timeout for async operations',
+        severity: 'ERROR',
+        rationale: 'Operations without timeout can hang forever'
+    },
+    {
+        id: 'ASY-005',
+        category: 'ASYNC',
+        rule: 'Use optimistic locking for concurrent updates',
+        severity: 'WARN',
+        rationale: 'Optimistic locking is more scalable than pessimistic'
+    },
+    {
+        id: 'ASY-006',
+        category: 'ASYNC',
+        rule: 'Document eventual consistency boundaries',
+        severity: 'WARN',
+        rationale: 'Developers need to know where data can be stale'
+    }
+];
+// ============================================================================
+// Aggregated Exports
+// ============================================================================
+exports.allRules = [
+    ...exports.apiRules,
+    ...exports.domainRules,
+    ...exports.errorHandlingRules,
+    ...exports.transactionRules,
+    ...exports.dataAccessRules,
+    ...exports.namingRules,
+    ...exports.validationRules,
+    ...exports.asyncRules,
+];
+exports.rulesByCategory = {
+    'API': exports.apiRules,
+    'DOMAIN': exports.domainRules,
+    'ERROR_HANDLING': exports.errorHandlingRules,
+    'TRANSACTIONS': exports.transactionRules,
+    'DATA_ACCESS': exports.dataAccessRules,
+    'NAMING': exports.namingRules,
+    'VALIDATION': exports.validationRules,
+    'ASYNC': exports.asyncRules,
+};
+/**
+ * Get rules by category
+ */
+function getRulesByCategory(category) {
+    return exports.rulesByCategory[category] || [];
+}
+/**
+ * Get rule by ID
+ */
+function getRule(id) {
+    return exports.allRules.find(rule => rule.id === id);
+}
+/**
+ * Get all ERROR severity rules
+ */
+function getErrorRules() {
+    return exports.allRules.filter(rule => rule.severity === 'ERROR');
+}
+/**
+ * Get all WARN severity rules
+ */
+function getWarnRules() {
+    return exports.allRules.filter(rule => rule.severity === 'WARN');
+}
+/**
+ * Format rules for AI prompt
+ */
+function formatRulesForPrompt(rules) {
+    return rules.map(rule => `[${rule.severity}] ${rule.id}: ${rule.rule}`).join('\n');
+}
+//# sourceMappingURL=index.js.map

package/dist/rules/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/rules/index.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAweH,gDAEC;AAKD,0BAEC;AAKD,sCAEC;AAKD,oCAEC;AAKD,oDAIC;AApgBD,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAElE,QAAA,QAAQ,GAAiB;IAClC;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,KAAK;QACf,IAAI,EAAE,2DAA2D;QACjE,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,2EAA2E;KACzF;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,KAAK;QACf,IAAI,EAAE,+DAA+D;QACrE,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,qDAAqD;KACnE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,KAAK;QACf,IAAI,EAAE,4FAA4F;QAClG,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,oEAAoE;KAClF;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,KAAK;QACf,IAAI,EAAE,8DAA8D;QACpE,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,kEAAkE;KAChF;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,KAAK;QACf,IAAI,EAAE,6DAA6D;QACnE,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,8DAA8D;KAC5E;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,KAAK;QACf,IAAI,EAAE,8CAA8C;QACpD,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,gEAAgE;KAC9E;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,KAAK;QACf,IAAI,EAAE,gDAAgD;QACtD,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,sEAAsE;KACpF;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,KAAK;QACf,IAAI,EAAE,iEAAiE;QACvE,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,sDAAsD;KACpE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,KAAK;QACf,IAAI,EAAE,uDAAuD;QAC7D,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,uDAAuD;KACrE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,KAAK;QACf,IAAI,EAAE,iEAAiE;QACvE,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,qDAAqD;KACnE;CACJ,CAAC;AAEF,+EAA+E;AAC/E,wBAAwB;AACxB,+EAA+E;AAElE,QAAA,WAAW,GAAiB;IACrC;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,0CAA0C;QAChD,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,2CAA2C;KACzD;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,uDAAuD;QAC7D,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,oEAAoE;KAClF;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,2CAA2C;QACjD,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,wDAAwD;KACtE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,mEAAmE;QACzE,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,sDAAsD;KACpE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,gDAAgD;QACtD,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,0DAA0D;KACxE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,2DAA2D;QACjE,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,uDAAuD;KACrE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,+DAA+D;QACrE,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,2DAA2D;KACzE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,uDAAuD;QAC7D,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,2DAA2D;KACzE;CACJ,CAAC;AAEF,+EAA+E;AAC/E,uBAAuB;AACvB,+EAA+E;AAElE,QAAA,kBAAkB,GAAiB;IAC5C;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,gBAAgB;QAC1B,IAAI,EAAE,sDAAsD;QAC5D,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,4DAA4D;KAC1E;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,gBAAgB;QAC1B,IAAI,EAAE,gDAAgD;QACtD,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,+DAA+D;KAC7E;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,gBAAgB;QAC1B,IAAI,EAAE,uDAAuD;QAC7D,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,4DAA4D;KAC1E;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,gBAAgB;QAC1B,IAAI,EAAE,oCAAoC;QAC1C,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,uDAAuD;KACrE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,gBAAgB;QAC1B,IAAI,EAAE,iEAAiE;QACvE,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,8DAA8D;KAC5E;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,gBAAgB;QAC1B,IAAI,EAAE,oCAAoC;QAC1C,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,mDAAmD;KACjE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,gBAAgB;QAC1B,IAAI,EAAE,gEAAgE;QACtE,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,uDAAuD;KACrE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,gBAAgB;QAC1B,IAAI,EAAE,sCAAsC;QAC5C,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,gDAAgD;KAC9D;CACJ,CAAC;AAEF,+EAA+E;AAC/E,oBAAoB;AACpB,+EAA+E;AAElE,QAAA,gBAAgB,GAAiB;IAC1C;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,cAAc;QACxB,IAAI,EAAE,sDAAsD;QAC5D,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,yDAAyD;KACvE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,cAAc;QACxB,IAAI,EAAE,8CAA8C;QACpD,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,0DAA0D;KACxE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,cAAc;QACxB,IAAI,EAAE,kDAAkD;QACxD,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,oEAAoE;KAClF;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,cAAc;QACxB,IAAI,EAAE,qDAAqD;QAC3D,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,iEAAiE;KAC/E;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,cAAc;QACxB,IAAI,EAAE,gDAAgD;QACtD,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,yCAAyC;KACvD;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,cAAc;QACxB,IAAI,EAAE,6CAA6C;QACnD,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,0DAA0D;KACxE;CACJ,CAAC;AAEF,+EAA+E;AAC/E,oBAAoB;AACpB,+EAA+E;AAElE,QAAA,eAAe,GAAiB;IACzC;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,aAAa;QACvB,IAAI,EAAE,2DAA2D;QACjE,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,uDAAuD;KACrE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,aAAa;QACvB,IAAI,EAAE,iDAAiD;QACvD,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,4DAA4D;KAC1E;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,aAAa;QACvB,IAAI,EAAE,0DAA0D;QAChE,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,0DAA0D;KACxE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,aAAa;QACvB,IAAI,EAAE,qDAAqD;QAC3D,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,6CAA6C;KAC3D;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,aAAa;QACvB,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,+CAA+C;KAC7D;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,aAAa;QACvB,IAAI,EAAE,gDAAgD;QACtD,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,kDAAkD;KAChE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,aAAa;QACvB,IAAI,EAAE,yDAAyD;QAC/D,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,mEAAmE;KACjF;CACJ,CAAC;AAEF,+EAA+E;AAC/E,eAAe;AACf,+EAA+E;AAElE,QAAA,WAAW,GAAiB;IACrC;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,wBAAwB;QAC9B,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,8CAA8C;KAC5D;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,iCAAiC;QACvC,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,8CAA8C;KAC5D;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,oCAAoC;QAC1C,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,sDAAsD;KACpE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,wEAAwE;QAC9E,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,2DAA2D;KACzE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,sDAAsD;QAC5D,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,8CAA8C;KAC5D;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,8DAA8D;QACpE,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,0DAA0D;KACxE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,uCAAuC;QAC7C,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,kDAAkD;KAChE;CACJ,CAAC;AAEF,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAElE,QAAA,eAAe,GAAiB;IACzC;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,YAAY;QACtB,IAAI,EAAE,2CAA2C;QACjD,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,2CAA2C;KACzD;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,YAAY;QACtB,IAAI,EAAE,oDAAoD;QAC1D,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,2DAA2D;KACzE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,YAAY;QACtB,IAAI,EAAE,yDAAyD;QAC/D,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,4CAA4C;KAC1D;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,YAAY;QACtB,IAAI,EAAE,qDAAqD;QAC3D,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,+CAA+C;KAC7D;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,YAAY;QACtB,IAAI,EAAE,wCAAwC;QAC9C,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,6CAA6C;KAC3D;CACJ,CAAC;AAEF,+EAA+E;AAC/E,4BAA4B;AAC5B,+EAA+E;AAElE,QAAA,UAAU,GAAiB;IACpC;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,OAAO;QACjB,IAAI,EAAE,mCAAmC;QACzC,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,0CAA0C;KACxD;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,OAAO;QACjB,IAAI,EAAE,sCAAsC;QAC5C,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,4CAA4C;KAC1D;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,OAAO;QACjB,IAAI,EAAE,gDAAgD;QACtD,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,uDAAuD;KACrE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,OAAO;QACjB,IAAI,EAAE,2CAA2C;QACjD,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,6CAA6C;KAC3D;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,OAAO;QACjB,IAAI,EAAE,+CAA+C;QACrD,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,sDAAsD;KACpE;IACD;QACI,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,OAAO;QACjB,IAAI,EAAE,0CAA0C;QAChD,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,iDAAiD;KAC/D;CACJ,CAAC;AAEF,+EAA+E;AAC/E,qBAAqB;AACrB,+EAA+E;AAElE,QAAA,QAAQ,GAAiB;IAClC,GAAG,gBAAQ;IACX,GAAG,mBAAW;IACd,GAAG,0BAAkB;IACrB,GAAG,wBAAgB;IACnB,GAAG,uBAAe;IAClB,GAAG,mBAAW;IACd,GAAG,uBAAe;IAClB,GAAG,kBAAU;CAChB,CAAC;AAEW,QAAA,eAAe,GAAuC;IAC/D,KAAK,EAAE,gBAAQ;IACf,QAAQ,EAAE,mBAAW;IACrB,gBAAgB,EAAE,0BAAkB;IACpC,cAAc,EAAE,wBAAgB;IAChC,aAAa,EAAE,uBAAe;IAC9B,QAAQ,EAAE,mBAAW;IACrB,YAAY,EAAE,uBAAe;IAC7B,OAAO,EAAE,kBAAU;CACtB,CAAC;AAEF;;GAEG;AACH,SAAgB,kBAAkB,CAAC,QAAsB;IACrD,OAAO,uBAAe,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;AAC3C,CAAC;AAED;;GAEG;AACH,SAAgB,OAAO,CAAC,EAAU;IAC9B,OAAO,gBAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AACjD,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa;IACzB,OAAO,gBAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;AAC9D,CAAC;AAED;;GAEG;AACH,SAAgB,YAAY;IACxB,OAAO,gBAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;AAC7D,CAAC;AAED;;GAEG;AACH,SAAgB,oBAAoB,CAAC,KAAmB;IACpD,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CACpB,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC,EAAE,KAAK,IAAI,CAAC,IAAI,EAAE,CAChD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACjB,CAAC"}

package/dist/security/index.d.ts

@@ -0,0 +1,15 @@
+/**
+ * IronBackend Security & Reliability Playbooks
+ */
+import type { SecurityPlaybook, AuthConfig } from '../types.js';
+export declare const authStrategies: AuthConfig[];
+export declare const securityPlaybook: SecurityPlaybook;
+/**
+ * Get authentication strategy by type
+ */
+export declare function getAuthStrategy(strategy: string): AuthConfig | undefined;
+/**
+ * Format security playbook section for prompt
+ */
+export declare function formatSecurityForPrompt(): string;
+//# sourceMappingURL=index.d.ts.map

package/dist/security/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAMhE,eAAO,MAAM,cAAc,EAAE,UAAU,EAiFtC,CAAC;AAMF,eAAO,MAAM,gBAAgB,EAAE,gBAoH9B,CAAC;AAEF;;GAEG;AACH,wBAAgB,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,UAAU,GAAG,SAAS,CAExE;AAED;;GAEG;AACH,wBAAgB,uBAAuB,IAAI,MAAM,CA0BhD"}