npm - @jmruthers/pace-core - Versions diffs - 0.5.135 → 0.5.136 - Mend

@jmruthers/pace-core 0.5.135 → 0.5.136

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (522) hide show

package/dist/chunk-APIBCTL2.js ADDED Viewed

@@ -0,0 +1,670 @@
+import {
+  init_secureStorage,
+  secureStorage
+} from "./chunk-444EZN6N.js";
+import {
+  createLogger,
+  init_logger
+} from "./chunk-XDNLUEXI.js";
+// src/utils/validation/validation.ts
+function isValidEmail(email) {
+  const emailPattern = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+  return emailPattern.test(email);
+}
+function isEmpty(value) {
+  return value === null || value === void 0 || value.trim() === "";
+}
+function isStrongPassword(password) {
+  const passwordPattern = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d).{8,}$/;
+  return passwordPattern.test(password);
+}
+function isValidUrl(url) {
+  try {
+    new URL(url);
+    return true;
+  } catch {
+    return false;
+  }
+}
+function isValidDate(dateStr) {
+  const date = new Date(dateStr);
+  return !isNaN(date.getTime());
+}
+function isWithinRange(value, min, max) {
+  return value >= min && value <= max;
+}
+function matchesPattern(value, pattern) {
+  return pattern.test(value);
+}
+function deepMerge(target, source) {
+  const output = { ...target };
+  if (isObject(target) && isObject(source)) {
+    Object.keys(source).forEach((key) => {
+      if (isObject(source[key])) {
+        if (!(key in target)) {
+          Object.assign(output, { [key]: source[key] });
+        } else {
+          const targetKey = key;
+          const targetValue = target[targetKey];
+          if (isObject(targetValue)) {
+            output[targetKey] = deepMerge(
+              targetValue,
+              source[key]
+            );
+          }
+        }
+      } else {
+        Object.assign(output, { [key]: source[key] });
+      }
+    });
+  }
+  return output;
+}
+function isObject(item) {
+  return item !== null && typeof item === "object" && !Array.isArray(item);
+}
+// src/utils/validation/sanitization.ts
+import { z } from "zod";
+var DEFAULT_OPTIONS = {
+  allowHtml: false,
+  allowedTags: [],
+  maxLength: 1e3,
+  trim: true,
+  removeScripts: true,
+  removeEvents: true
+};
+function sanitizeUserInput(input, options = {}) {
+  if (typeof input !== "string") {
+    return "";
+  }
+  const opts = { ...DEFAULT_OPTIONS, ...options };
+  let sanitized = input;
+  if (opts.trim) {
+    sanitized = sanitized.trim();
+  }
+  if (opts.maxLength && sanitized.length > opts.maxLength) {
+    sanitized = sanitized.substring(0, opts.maxLength);
+  }
+  if (!opts.allowHtml) {
+    sanitized = sanitized.replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#x27;").replace(/\//g, "&#x2F;");
+  } else if (opts.allowedTags && opts.allowedTags.length > 0) {
+    const allowedTagsRegex = new RegExp(`<(?!/?(?:${opts.allowedTags.join("|")})s*/?>)[^>]+>`, "gi");
+    sanitized = sanitized.replace(allowedTagsRegex, "");
+  }
+  if (opts.removeScripts) {
+    sanitized = sanitized.replace(/<script[^>]*>.*?<\/script>/gi, "").replace(/javascript:/gi, "").replace(/vbscript:/gi, "").replace(/data:/gi, "");
+  }
+  if (opts.removeEvents) {
+    sanitized = sanitized.replace(/on\w+\s*=/gi, "");
+  }
+  return sanitized;
+}
+function sanitizeEmail(email) {
+  if (typeof email !== "string") {
+    return "";
+  }
+  return email.trim().toLowerCase().replace(/[^\w@.-]/g, "");
+}
+function sanitizeFormData(data, schema, sanitizationRules) {
+  try {
+    if (sanitizationRules && typeof data === "object" && data !== null) {
+      const sanitizedData = { ...data };
+      Object.entries(sanitizationRules).forEach(([field, options]) => {
+        if (typeof sanitizedData[field] === "string") {
+          sanitizedData[field] = sanitizeUserInput(sanitizedData[field], options);
+        }
+      });
+      data = sanitizedData;
+    }
+    const result = schema.parse(data);
+    return { success: true, data: result };
+  } catch (error) {
+    if (error instanceof z.ZodError) {
+      return {
+        success: false,
+        error: error.errors.map((e) => e.message).join(", ")
+      };
+    }
+    return {
+      success: false,
+      error: "Validation failed"
+    };
+  }
+}
+var secureEmailSchema = z.string().min(1, "Email is required").email("Invalid email format").max(254, "Email too long").refine(
+  (email) => {
+    if (!email || typeof email !== "string") return false;
+    const domain = email.split("@")[1];
+    return domain && domain.includes(".") && domain.length > 3;
+  },
+  "Invalid email domain"
+).transform((email) => sanitizeEmail(email));
+var emailSchema = z.string().min(1, "Email is required").email("Invalid email format");
+var nameSchema = z.string().min(1, "Name is required").max(100, "Name too long").regex(/^[a-zA-Z\s'-]+$/, "Name contains invalid characters");
+var phoneSchema = z.string().regex(/^[\+]?[1-9][\d]{0,15}$/, "Invalid phone number format");
+var urlSchema = z.string().url("Invalid URL format");
+var dateSchema = z.string().regex(/^\d{4}-\d{2}-\d{2}$/, "Invalid date format (YYYY-MM-DD)");
+var secureLoginSchema = z.object({
+  email: secureEmailSchema,
+  password: z.string().min(1, "Password is required")
+});
+// src/utils/validation/validationUtils.ts
+import { z as z2 } from "zod";
+init_logger();
+var log = createLogger("ValidationUtils");
+function validateUserInput(schema, data, sanitizationRules) {
+  return sanitizeFormData(data, schema, sanitizationRules);
+}
+function sanitizeUserInput_deprecated(input) {
+  log.warn("sanitizeUserInput is deprecated. Use sanitizeUserInput from lib/sanitization instead.");
+  return sanitizeUserInput(input);
+}
+var emailSchema2 = z2.string().transform((email) => email.toLowerCase().trim()).pipe(z2.string().min(1, "Email is required").email("Invalid email format").max(254, "Email too long"));
+var passwordSchema = z2.string().min(8, "Password must be at least 8 characters").max(128, "Password too long").regex(/[A-Z]/, "Password must contain at least one uppercase letter").regex(/[a-z]/, "Password must contain at least one lowercase letter").regex(/[0-9]/, "Password must contain at least one number").regex(/[^A-Za-z0-9]/, "Password must contain at least one special character");
+var usernameSchema = z2.string().transform((username) => username.toLowerCase().trim()).pipe(z2.string().min(3, "Username must be at least 3 characters").max(30, "Username too long").regex(/^[a-zA-Z0-9_-]+$/, "Username can only contain letters, numbers, hyphens, and underscores"));
+var nameSchema2 = z2.string().min(1, "Name is required").max(100, "Name too long").refine((name) => {
+  const dangerousPatterns = [
+    /<script/i,
+    /<img/i,
+    /on\w+\s*=/i,
+    /javascript:/i,
+    /data:/i,
+    /vbscript:/i
+  ];
+  return !dangerousPatterns.some((pattern) => pattern.test(name));
+}, "Name contains invalid characters").transform((name) => sanitizeUserInput(name, {
+  allowHtml: false,
+  maxLength: 100,
+  trim: true
+}));
+var phoneSchema2 = z2.string().min(10, "Phone number must be at least 10 digits").max(20, "Phone number too long").regex(/^[\+]?[0-9\s\-\(\)\.]+$/, "Invalid phone number format").refine((phone) => {
+  const digitsOnly = phone.replace(/\D/g, "");
+  return digitsOnly.length >= 10 && digitsOnly.length <= 15;
+}, "Phone number must be between 10 and 15 digits");
+var urlSchema2 = z2.string().min(1, "URL is required").max(2048, "URL too long").refine((url) => {
+  try {
+    const parsed = new URL(url);
+    return ["http:", "https:"].includes(parsed.protocol);
+  } catch {
+    return false;
+  }
+}, "Invalid URL format").refine((url) => {
+  const dangerousPatterns = [
+    /javascript:/i,
+    /data:/i,
+    /vbscript:/i,
+    /file:/i,
+    /mailto:/i
+  ];
+  return !dangerousPatterns.some((pattern) => pattern.test(url));
+}, "URL contains invalid protocol");
+// src/utils/validation/common.ts
+import { z as z3 } from "zod";
+var emailSchema3 = z3.string().min(1, "Email is required").email("Invalid email format").max(254, "Email too long");
+var nameSchema3 = z3.string().min(1, "Name is required").max(100, "Name too long").regex(/^[a-zA-Z\s'-]+$/, "Name contains invalid characters");
+var phoneSchema3 = z3.string().regex(/^\+?[\d\s\-\(\)]+$/, "Invalid phone number format").min(10, "Phone number too short").max(20, "Phone number too long");
+var urlSchema3 = z3.string().url("Invalid URL format").max(2048, "URL too long");
+var dateSchema2 = z3.string().regex(/^\d{4}-\d{2}-\d{2}$/, "Date must be in YYYY-MM-DD format").refine((date) => {
+  const parsed = new Date(date);
+  return !isNaN(parsed.getTime());
+}, "Invalid date");
+// src/utils/validation/csrf.ts
+init_secureStorage();
+var CSRFManager = class {
+  constructor() {
+    this.tokenCache = /* @__PURE__ */ new Map();
+    this.TOKEN_EXPIRY = 30 * 60 * 1e3;
+    // 30 minutes
+    this.MAX_TOKENS_PER_SESSION = 10;
+  }
+  /**
+   * Generate a new CSRF token for the current session
+   */
+  async generateToken(sessionId) {
+    try {
+      await this.cleanupExpiredTokens();
+      const sessionTokens = Array.from(this.tokenCache.values()).filter((data) => data.sessionId === sessionId && !data.used);
+      if (sessionTokens.length >= this.MAX_TOKENS_PER_SESSION) {
+        const oldest = sessionTokens.sort((a, b) => a.timestamp - b.timestamp)[0];
+        this.tokenCache.delete(oldest.token);
+      }
+      const tokenBytes = new Uint8Array(32);
+      crypto.getRandomValues(tokenBytes);
+      const token = Array.from(
+        tokenBytes,
+        (byte) => byte.toString(16).padStart(2, "0")
+      ).join("");
+      const tokenData = {
+        token,
+        sessionId,
+        timestamp: Date.now(),
+        used: false
+      };
+      this.tokenCache.set(token, tokenData);
+      await this.persistTokens();
+      return token;
+    } catch (error) {
+      throw new Error("CSRF token generation failed");
+    }
+  }
+  /**
+   * Validate and consume a CSRF token
+   */
+  async validateToken(token, sessionId) {
+    try {
+      if (this.tokenCache.size === 0) {
+        await this.loadTokens();
+      }
+      const tokenData = this.tokenCache.get(token);
+      if (!tokenData) {
+        return false;
+      }
+      if (tokenData.sessionId !== sessionId) {
+        return false;
+      }
+      if (tokenData.used) {
+        return false;
+      }
+      if (Date.now() - tokenData.timestamp > this.TOKEN_EXPIRY) {
+        this.tokenCache.delete(token);
+        await this.persistTokens();
+        return false;
+      }
+      tokenData.used = true;
+      this.tokenCache.set(token, tokenData);
+      await this.persistTokens();
+      return true;
+    } catch (error) {
+      return false;
+    }
+  }
+  /**
+   * Get current valid token for session
+   */
+  async getCurrentToken(sessionId) {
+    if (this.tokenCache.size === 0) {
+      await this.loadTokens();
+    }
+    for (const [token, data] of this.tokenCache.entries()) {
+      if (data.sessionId === sessionId && !data.used && Date.now() - data.timestamp < this.TOKEN_EXPIRY) {
+        return token;
+      }
+    }
+    return await this.generateToken(sessionId);
+  }
+  /**
+   * Clean up expired and used tokens
+   */
+  async cleanupExpiredTokens() {
+    const now = Date.now();
+    const expiredTokens = [];
+    for (const [token, data] of this.tokenCache.entries()) {
+      if (data.used || now - data.timestamp > this.TOKEN_EXPIRY) {
+        expiredTokens.push(token);
+      }
+    }
+    expiredTokens.forEach((token) => this.tokenCache.delete(token));
+    if (expiredTokens.length > 0) {
+      await this.persistTokens();
+    }
+  }
+  /**
+   * Persist tokens to secure storage
+   */
+  async persistTokens() {
+    try {
+      const tokensArray = Array.from(this.tokenCache.entries());
+      await secureStorage.setItem(
+        "csrf_tokens",
+        JSON.stringify(tokensArray),
+        { encrypt: true, expiry: this.TOKEN_EXPIRY }
+      );
+    } catch (error) {
+    }
+  }
+  /**
+   * Load tokens from secure storage
+   */
+  async loadTokens() {
+    try {
+      const tokensData = await secureStorage.getItem("csrf_tokens");
+      if (tokensData) {
+        const tokensArray = JSON.parse(tokensData);
+        this.tokenCache = new Map(tokensArray);
+        await this.cleanupExpiredTokens();
+      }
+    } catch (error) {
+      this.tokenCache.clear();
+    }
+  }
+  /**
+   * Clear all tokens for session
+   */
+  async clearSession(sessionId) {
+    const tokensToRemove = [];
+    for (const [token, data] of this.tokenCache.entries()) {
+      if (data.sessionId === sessionId) {
+        tokensToRemove.push(token);
+      }
+    }
+    tokensToRemove.forEach((token) => this.tokenCache.delete(token));
+    await this.persistTokens();
+  }
+};
+var csrfManager = new CSRFManager();
+async function generateCSRFToken(sessionId) {
+  return csrfManager.generateToken(sessionId);
+}
+async function validateCSRFToken(token, sessionId) {
+  return csrfManager.validateToken(token, sessionId);
+}
+async function getCSRFToken(sessionId) {
+  return csrfManager.getCurrentToken(sessionId);
+}
+// src/utils/validation/sqlInjectionProtection.ts
+import { z as z4 } from "zod";
+var SQL_INJECTION_PATTERNS = [
+  /(\b(SELECT|INSERT|UPDATE|DELETE|DROP|CREATE|ALTER|EXEC|EXECUTE|UNION|SCRIPT|JAVASCRIPT)\b)/i,
+  /(\'|(\\\')|(\'\')|(\"|(\\\")|(\\")))|(\\x)|(\\u)/i,
+  /((%27)|(')|(%6F)|o|(%4F)|(%72)|r|(%52))/i,
+  // '|%27|' OR
+  /((%27)|(')|(%55)|u|(%55)|(%4E)|n|(%4E)|(%49)|i|(%49)|(%4F)|o|(%4F)|(%4E)|n|(%4E))/i,
+  // '|%27|' UNION
+  /((%3D)|(=))[^\n]*((%27)|(')|((\\x27))|((\\x2D))|((\\x23)))/i,
+  /(w*((%27)|(')|(%6F)|o|(%4F)|(%72)|r|(%52)))/i,
+  /((%27)|(')|(''))+union/i,
+  /exec(\+|\s)+(s|x)p\w+/i,
+  /\b(and|or)\b.+?(=|<|>|\bin\b|\blike\b)/i,
+  /\bunion\b.+?\bselect\b/i,
+  /\bdrop\b.+?\btable\b/i,
+  /\binsert\b.+?\binto\b/i,
+  /\bdelete\b.+?\bfrom\b/i,
+  /\bupdate\b.+?\bset\b/i,
+  /(;|(\\x3B)).+?(drop|create|alter|exec|execute|insert|update|delete)/i,
+  /(%3B|;).+?(%44|%64|d)(%52|%72|r)(%4F|%6F|o)(%50|%70|p)/i
+];
+var DANGEROUS_CHARS = /[';\"\\%]/g;
+var searchQuerySchema = z4.string().max(500, "Search query too long").refine(
+  (query) => {
+    return !SQL_INJECTION_PATTERNS.some((pattern) => pattern.test(query));
+  },
+  "Invalid characters detected in search query"
+).transform((query) => sanitizeSearchQuery(query));
+var sqlIdentifierSchema = z4.string().min(1, "Identifier cannot be empty").max(63, "Identifier too long").regex(/^[a-zA-Z_][a-zA-Z0-9_]*$/, "Invalid identifier format").refine(
+  (identifier) => {
+    const reservedWords = [
+      "SELECT",
+      "INSERT",
+      "UPDATE",
+      "DELETE",
+      "DROP",
+      "CREATE",
+      "ALTER",
+      "FROM",
+      "WHERE",
+      "JOIN",
+      "UNION",
+      "ORDER",
+      "GROUP",
+      "HAVING"
+    ];
+    return !reservedWords.includes(identifier.toUpperCase());
+  },
+  "Identifier cannot be a reserved SQL keyword"
+);
+var orderBySchema = z4.string().regex(/^[a-zA-Z_][a-zA-Z0-9_]*(\s+(ASC|DESC|asc|desc))?$/, "Invalid order by format");
+var limitOffsetSchema = z4.number().int("Must be an integer").min(0, "Must be non-negative").max(1e3, "Limit too large");
+function sanitizeSearchQuery(query) {
+  return query.replace(DANGEROUS_CHARS, "").replace(/\s+/g, " ").trim().slice(0, 500);
+}
+function escapeLikeQuery(query) {
+  return query.replace(/\\/g, "\\\\").replace(/%/g, "\\%").replace(/_/g, "\\_");
+}
+function sanitizeFilters(filters) {
+  const sanitized = {};
+  for (const [key, value] of Object.entries(filters)) {
+    const keyValidation = sqlIdentifierSchema.safeParse(key);
+    if (!keyValidation.success) {
+      console.warn(`[SECURITY] Invalid filter key detected and removed: ${key}`);
+      continue;
+    }
+    if (typeof value === "string") {
+      const valueValidation = searchQuerySchema.safeParse(value);
+      if (valueValidation.success) {
+        sanitized[key] = valueValidation.data;
+      }
+    } else if (typeof value === "number") {
+      if (Number.isFinite(value)) {
+        sanitized[key] = value;
+      }
+    } else if (typeof value === "boolean") {
+      sanitized[key] = value;
+    } else if (Array.isArray(value)) {
+      const sanitizedArray = value.filter((item) => typeof item === "string" || typeof item === "number").map((item) => typeof item === "string" ? sanitizeSearchQuery(item) : item).slice(0, 100);
+      if (sanitizedArray.length > 0) {
+        sanitized[key] = sanitizedArray;
+      }
+    }
+  }
+  return sanitized;
+}
+function buildSafeQueryParams(params) {
+  const safe = {};
+  if (params.select) {
+    const selectFields = params.select.split(",").map((field) => field.trim());
+    const validFields = selectFields.filter((field) => {
+      return sqlIdentifierSchema.safeParse(field).success;
+    });
+    if (validFields.length > 0) {
+      safe.select = validFields.join(", ");
+    }
+  }
+  if (params.filters) {
+    safe.filters = sanitizeFilters(params.filters);
+  }
+  if (params.orderBy) {
+    const orderByValidation = orderBySchema.safeParse(params.orderBy);
+    if (orderByValidation.success) {
+      safe.orderBy = orderByValidation.data;
+    }
+  }
+  if (params.limit !== void 0) {
+    const limitValidation = limitOffsetSchema.safeParse(params.limit);
+    if (limitValidation.success) {
+      safe.limit = limitValidation.data;
+    }
+  }
+  if (params.offset !== void 0) {
+    const offsetValidation = limitOffsetSchema.safeParse(params.offset);
+    if (offsetValidation.success) {
+      safe.offset = offsetValidation.data;
+    }
+  }
+  if (params.search) {
+    const searchValidation = searchQuerySchema.safeParse(params.search);
+    if (searchValidation.success) {
+      safe.search = searchValidation.data;
+    }
+  }
+  return safe;
+}
+function detectSQLInjection(input) {
+  const detectedPatterns = [];
+  let maxRisk = "low";
+  SQL_INJECTION_PATTERNS.forEach((pattern, index) => {
+    if (pattern.test(input)) {
+      detectedPatterns.push(`Pattern ${index + 1}`);
+      if (index < 3) {
+        maxRisk = "critical";
+      } else if (index < 7 && maxRisk !== "critical") {
+        maxRisk = "high";
+      } else if (index < 12 && !["critical", "high"].includes(maxRisk)) {
+        maxRisk = "medium";
+      }
+    }
+  });
+  return {
+    isSuspicious: detectedPatterns.length > 0,
+    patterns: detectedPatterns,
+    riskLevel: maxRisk
+  };
+}
+// src/utils/validation/passwordSchema.ts
+import { z as z5 } from "zod";
+var COMMON_PASSWORDS = /* @__PURE__ */ new Set([
+  "password",
+  "123456",
+  "123456789",
+  "qwerty",
+  "abc123",
+  "password123",
+  "admin",
+  "letmein",
+  "welcome",
+  "monkey",
+  "1234567890",
+  "password1"
+]);
+var WEAK_PATTERNS = [
+  /^(.)\1+$/,
+  // All same character
+  /^(012|123|234|345|456|567|678|789|890|987|876|765|654|543|432|321|210)+/,
+  // Sequential numbers
+  /^(abc|bcd|cde|def|efg|fgh|ghi|hij|ijk|jkl|klm|lmn|mno|nop|opq|pqr|qrs|rst|stu|tuv|uvw|vwx|wxy|xyz)+/i
+  // Sequential letters
+];
+var securePasswordSchema = z5.string().min(8, "Password must be at least 8 characters long").max(128, "Password must not exceed 128 characters").refine(
+  (password) => /[a-z]/.test(password),
+  "Password must contain at least one lowercase letter"
+).refine(
+  (password) => /[A-Z]/.test(password),
+  "Password must contain at least one uppercase letter"
+).refine(
+  (password) => /\d/.test(password),
+  "Password must contain at least one number"
+).refine(
+  (password) => /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]/.test(password),
+  "Password must contain at least one special character"
+).refine(
+  (password) => !COMMON_PASSWORDS.has(password.toLowerCase()),
+  "Password is too common. Please choose a stronger password"
+).refine(
+  (password) => !WEAK_PATTERNS.some((pattern) => pattern.test(password)),
+  "Password contains weak patterns. Please choose a more complex password"
+).refine(
+  (password) => {
+    const keyboardPatterns = ["qwerty", "asdfgh", "zxcvbn", "1234567890"];
+    return !keyboardPatterns.some(
+      (pattern) => password.toLowerCase().includes(pattern)
+    );
+  },
+  "Password contains keyboard patterns. Please choose a more secure password"
+);
+var passwordSchema2 = z5.string().min(6, "Password must be at least 6 characters long").max(128, "Password must not exceed 128 characters");
+function calculatePasswordStrength(password) {
+  let score = 0;
+  const feedback = [];
+  if (password.length >= 8) score += 20;
+  else if (password.length >= 6) score += 10;
+  else feedback.push("Use at least 8 characters");
+  if (/[a-z]/.test(password)) score += 15;
+  else feedback.push("Add lowercase letters");
+  if (/[A-Z]/.test(password)) score += 15;
+  else feedback.push("Add uppercase letters");
+  if (/\d/.test(password)) score += 15;
+  else feedback.push("Add numbers");
+  if (/[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]/.test(password)) score += 15;
+  else feedback.push("Add special characters");
+  if (password.length >= 12) score += 10;
+  if (/[^a-zA-Z0-9]/.test(password)) score += 10;
+  if (COMMON_PASSWORDS.has(password.toLowerCase())) {
+    score -= 30;
+    feedback.push("Avoid common passwords");
+  }
+  if (WEAK_PATTERNS.some((pattern) => pattern.test(password))) {
+    score -= 20;
+    feedback.push("Avoid predictable patterns");
+  }
+  let level;
+  if (score < 30) level = "very-weak";
+  else if (score < 50) level = "weak";
+  else if (score < 70) level = "fair";
+  else if (score < 90) level = "good";
+  else level = "strong";
+  return { score: Math.max(0, Math.min(100, score)), feedback, level };
+}
+// src/utils/validation/user.ts
+import { z as z6 } from "zod";
+var userProfileSchema = z6.object({
+  name: nameSchema3,
+  email: emailSchema3,
+  phone: z6.string().optional(),
+  website: z6.string().url().optional(),
+  bio: z6.string().max(500).optional()
+});
+var userSettingsSchema = z6.object({
+  notifications: z6.object({
+    email: z6.boolean(),
+    push: z6.boolean()
+  }),
+  language: z6.string()
+});
+var userPreferencesSchema = z6.object({
+  displayName: nameSchema3,
+  timezone: z6.string(),
+  dateFormat: z6.string(),
+  currency: z6.string()
+});
+export {
+  isValidEmail,
+  isEmpty,
+  isStrongPassword,
+  isValidUrl,
+  isValidDate,
+  isWithinRange,
+  matchesPattern,
+  deepMerge,
+  isObject,
+  sanitizeUserInput,
+  sanitizeFormData,
+  validateUserInput,
+  sanitizeUserInput_deprecated,
+  emailSchema2 as emailSchema,
+  passwordSchema,
+  usernameSchema,
+  nameSchema2 as nameSchema,
+  phoneSchema2 as phoneSchema,
+  urlSchema2 as urlSchema,
+  emailSchema3 as emailSchema2,
+  nameSchema3 as nameSchema2,
+  phoneSchema3 as phoneSchema2,
+  urlSchema3 as urlSchema2,
+  dateSchema2 as dateSchema,
+  csrfManager,
+  generateCSRFToken,
+  validateCSRFToken,
+  getCSRFToken,
+  searchQuerySchema,
+  sqlIdentifierSchema,
+  orderBySchema,
+  limitOffsetSchema,
+  sanitizeSearchQuery,
+  escapeLikeQuery,
+  sanitizeFilters,
+  buildSafeQueryParams,
+  detectSQLInjection,
+  passwordSchema2,
+  calculatePasswordStrength,
+  userSettingsSchema,
+  userPreferencesSchema
+};
+//# sourceMappingURL=chunk-APIBCTL2.js.map