npm - @juspay/neurolink - Versions diffs - 9.32.0 → 9.32.1 - Mend

@juspay/neurolink 9.32.0 → 9.32.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (467) hide show

package/CHANGELOG.md +6 -0
package/dist/auth/anthropicOAuth.js +1 -1
package/dist/cli/commands/proxy.js +18 -5
package/dist/client/aiSdkAdapter.js +1 -1
package/dist/client/index.js +137 -501
package/dist/core/factory.js +0 -1
package/dist/core/redisConversationMemoryManager.js +1 -1
package/dist/features/ppt/slideGenerator.js +0 -1
package/dist/features/ppt/utils.js +0 -1
package/dist/lib/server/routes/claudeProxyRoutes.js +45 -9
package/dist/mcp/elicitationProtocol.js +1 -1
package/dist/mcp/servers/agent/directToolsServer.js +0 -1
package/dist/providers/azureOpenai.js +1 -1
package/dist/providers/huggingFace.js +0 -1
package/dist/providers/openaiCompatible.js +0 -1
package/dist/sdk/toolRegistration.js +0 -1
package/dist/server/openapi/generator.js +1 -1
package/dist/server/routes/claudeProxyRoutes.js +45 -9
package/dist/types/configTypes.js +0 -5
package/dist/types/modelTypes.js +0 -1
package/dist/types/tools.js +0 -1
package/dist/types/typeAliases.js +0 -1
package/dist/types/utilities.js +1 -1
package/dist/types/workflowTypes.js +0 -1
package/dist/utils/providerRetry.js +0 -1
package/dist/utils/providerUtils.js +0 -1
package/package.json +2 -2
package/dist/client/adapters/providerImageAdapter.js +0 -588
package/dist/client/adapters/tts/googleTTSHandler.js +0 -344
package/dist/client/adapters/video/directorPipeline.js +0 -516
package/dist/client/adapters/video/ffmpegAdapter.js +0 -206
package/dist/client/adapters/video/frameExtractor.js +0 -143
package/dist/client/adapters/video/vertexVideoHandler.js +0 -763
package/dist/client/adapters/video/videoAnalyzer.js +0 -238
package/dist/client/adapters/video/videoMerger.js +0 -171
package/dist/client/agent/directTools.js +0 -840
package/dist/client/auth/AuthProviderFactory.js +0 -111
package/dist/client/auth/AuthProviderRegistry.js +0 -190
package/dist/client/auth/RequestContext.js +0 -78
package/dist/client/auth/accountPool.js +0 -178
package/dist/client/auth/anthropicOAuth.js +0 -974
package/dist/client/auth/authContext.js +0 -314
package/dist/client/auth/errors.js +0 -39
package/dist/client/auth/index.js +0 -61
package/dist/client/auth/middleware/AuthMiddleware.js +0 -519
package/dist/client/auth/middleware/rateLimitByUser.js +0 -554
package/dist/client/auth/providers/BaseAuthProvider.js +0 -723
package/dist/client/auth/providers/CognitoProvider.js +0 -304
package/dist/client/auth/providers/KeycloakProvider.js +0 -393
package/dist/client/auth/providers/auth0.js +0 -274
package/dist/client/auth/providers/betterAuth.js +0 -182
package/dist/client/auth/providers/clerk.js +0 -317
package/dist/client/auth/providers/custom.js +0 -112
package/dist/client/auth/providers/firebase.js +0 -226
package/dist/client/auth/providers/jwt.js +0 -212
package/dist/client/auth/providers/oauth2.js +0 -303
package/dist/client/auth/providers/supabase.js +0 -259
package/dist/client/auth/providers/workos.js +0 -284
package/dist/client/auth/serverBridge.js +0 -25
package/dist/client/auth/sessionManager.js +0 -437
package/dist/client/auth/tokenStore.js +0 -799
package/dist/client/client/aiSdkAdapter.js +0 -487
package/dist/client/client/auth.js +0 -473
package/dist/client/client/errors.js +0 -552
package/dist/client/client/httpClient.js +0 -837
package/dist/client/client/index.js +0 -172
package/dist/client/client/interceptors.js +0 -601
package/dist/client/client/sseClient.js +0 -545
package/dist/client/client/streamingClient.js +0 -917
package/dist/client/client/wsClient.js +0 -369
package/dist/client/config/configManager.js +0 -303
package/dist/client/config/conversationMemory.js +0 -86
package/dist/client/config/taskClassificationConfig.js +0 -148
package/dist/client/constants/contextWindows.js +0 -295
package/dist/client/constants/enums.js +0 -853
package/dist/client/constants/index.js +0 -207
package/dist/client/constants/performance.js +0 -389
package/dist/client/constants/retry.js +0 -266
package/dist/client/constants/timeouts.js +0 -182
package/dist/client/constants/tokens.js +0 -380
package/dist/client/constants/videoErrors.js +0 -46
package/dist/client/context/budgetChecker.js +0 -98
package/dist/client/context/contextCompactor.js +0 -205
package/dist/client/context/emergencyTruncation.js +0 -88
package/dist/client/context/errorDetection.js +0 -171
package/dist/client/context/errors.js +0 -21
package/dist/client/context/fileTokenBudget.js +0 -127
package/dist/client/context/prompts/summarizationPrompt.js +0 -117
package/dist/client/context/stages/fileReadDeduplicator.js +0 -66
package/dist/client/context/stages/slidingWindowTruncator.js +0 -190
package/dist/client/context/stages/structuredSummarizer.js +0 -99
package/dist/client/context/stages/toolOutputPruner.js +0 -52
package/dist/client/context/summarizationEngine.js +0 -136
package/dist/client/context/toolOutputLimits.js +0 -78
package/dist/client/context/toolPairRepair.js +0 -66
package/dist/client/core/analytics.js +0 -88
package/dist/client/core/baseProvider.js +0 -1385
package/dist/client/core/constants.js +0 -140
package/dist/client/core/conversationMemoryFactory.js +0 -141
package/dist/client/core/conversationMemoryInitializer.js +0 -128
package/dist/client/core/conversationMemoryManager.js +0 -344
package/dist/client/core/dynamicModels.js +0 -358
package/dist/client/core/evaluation.js +0 -309
package/dist/client/core/evaluationProviders.js +0 -248
package/dist/client/core/factory.js +0 -412
package/dist/client/core/infrastructure/baseError.js +0 -22
package/dist/client/core/infrastructure/baseFactory.js +0 -54
package/dist/client/core/infrastructure/baseRegistry.js +0 -53
package/dist/client/core/infrastructure/index.js +0 -5
package/dist/client/core/infrastructure/retry.js +0 -20
package/dist/client/core/infrastructure/typedEventEmitter.js +0 -23
package/dist/client/core/modelConfiguration.js +0 -851
package/dist/client/core/modules/GenerationHandler.js +0 -588
package/dist/client/core/modules/MessageBuilder.js +0 -273
package/dist/client/core/modules/StreamHandler.js +0 -185
package/dist/client/core/modules/TelemetryHandler.js +0 -203
package/dist/client/core/modules/ToolsManager.js +0 -499
package/dist/client/core/modules/Utilities.js +0 -331
package/dist/client/core/redisConversationMemoryManager.js +0 -1435
package/dist/client/core/streamAnalytics.js +0 -131
package/dist/client/evaluation/contextBuilder.js +0 -134
package/dist/client/evaluation/index.js +0 -61
package/dist/client/evaluation/prompts.js +0 -73
package/dist/client/evaluation/ragasEvaluator.js +0 -110
package/dist/client/evaluation/retryManager.js +0 -78
package/dist/client/evaluation/scoring.js +0 -61
package/dist/client/factories/providerFactory.js +0 -166
package/dist/client/factories/providerRegistry.js +0 -166
package/dist/client/features/ppt/constants.js +0 -896
package/dist/client/features/ppt/contentPlanner.js +0 -529
package/dist/client/features/ppt/presentationOrchestrator.js +0 -236
package/dist/client/features/ppt/slideGenerator.js +0 -532
package/dist/client/features/ppt/slideRenderers.js +0 -2383
package/dist/client/features/ppt/slideTypeInference.js +0 -405
package/dist/client/features/ppt/types.js +0 -13
package/dist/client/features/ppt/utils.js +0 -443
package/dist/client/files/fileReferenceRegistry.js +0 -1543
package/dist/client/files/fileTools.js +0 -450
package/dist/client/files/streamingReader.js +0 -321
package/dist/client/files/types.js +0 -23
package/dist/client/hitl/hitlErrors.js +0 -54
package/dist/client/hitl/hitlManager.js +0 -460
package/dist/client/mcp/agentExposure.js +0 -356
package/dist/client/mcp/auth/index.js +0 -11
package/dist/client/mcp/auth/oauthClientProvider.js +0 -325
package/dist/client/mcp/auth/tokenStorage.js +0 -134
package/dist/client/mcp/batching/index.js +0 -10
package/dist/client/mcp/batching/requestBatcher.js +0 -441
package/dist/client/mcp/caching/index.js +0 -10
package/dist/client/mcp/caching/toolCache.js +0 -433
package/dist/client/mcp/elicitation/elicitationManager.js +0 -376
package/dist/client/mcp/elicitation/index.js +0 -11
package/dist/client/mcp/elicitation/types.js +0 -10
package/dist/client/mcp/elicitationProtocol.js +0 -375
package/dist/client/mcp/enhancedToolDiscovery.js +0 -481
package/dist/client/mcp/externalServerManager.js +0 -1478
package/dist/client/mcp/factory.js +0 -161
package/dist/client/mcp/flexibleToolValidator.js +0 -161
package/dist/client/mcp/httpRateLimiter.js +0 -391
package/dist/client/mcp/httpRetryHandler.js +0 -178
package/dist/client/mcp/index.js +0 -74
package/dist/client/mcp/mcpCircuitBreaker.js +0 -427
package/dist/client/mcp/mcpClientFactory.js +0 -708
package/dist/client/mcp/mcpRegistryClient.js +0 -488
package/dist/client/mcp/mcpServerBase.js +0 -373
package/dist/client/mcp/multiServerManager.js +0 -579
package/dist/client/mcp/registry.js +0 -158
package/dist/client/mcp/routing/index.js +0 -10
package/dist/client/mcp/routing/toolRouter.js +0 -416
package/dist/client/mcp/serverCapabilities.js +0 -502
package/dist/client/mcp/servers/agent/directToolsServer.js +0 -150
package/dist/client/mcp/toolAnnotations.js +0 -239
package/dist/client/mcp/toolConverter.js +0 -258
package/dist/client/mcp/toolDiscoveryService.js +0 -798
package/dist/client/mcp/toolIntegration.js +0 -334
package/dist/client/mcp/toolRegistry.js +0 -729
package/dist/client/memory/hippocampusInitializer.js +0 -19
package/dist/client/memory/memoryRetrievalTools.js +0 -166
package/dist/client/middleware/builtin/analytics.js +0 -132
package/dist/client/middleware/builtin/autoEvaluation.js +0 -203
package/dist/client/middleware/builtin/guardrails.js +0 -109
package/dist/client/middleware/builtin/lifecycle.js +0 -168
package/dist/client/middleware/factory.js +0 -327
package/dist/client/middleware/registry.js +0 -295
package/dist/client/middleware/utils/guardrailsUtils.js +0 -396
package/dist/client/models/anthropicModels.js +0 -527
package/dist/client/neurolink.js +0 -8233
package/dist/client/observability/exporterRegistry.js +0 -413
package/dist/client/observability/exporters/arizeExporter.js +0 -138
package/dist/client/observability/exporters/baseExporter.js +0 -190
package/dist/client/observability/exporters/braintrustExporter.js +0 -154
package/dist/client/observability/exporters/datadogExporter.js +0 -196
package/dist/client/observability/exporters/laminarExporter.js +0 -302
package/dist/client/observability/exporters/langfuseExporter.js +0 -209
package/dist/client/observability/exporters/langsmithExporter.js +0 -143
package/dist/client/observability/exporters/otelExporter.js +0 -164
package/dist/client/observability/exporters/posthogExporter.js +0 -287
package/dist/client/observability/exporters/sentryExporter.js +0 -165
package/dist/client/observability/index.js +0 -31
package/dist/client/observability/metricsAggregator.js +0 -556
package/dist/client/observability/otelBridge.js +0 -131
package/dist/client/observability/retryPolicy.js +0 -383
package/dist/client/observability/sampling/samplers.js +0 -216
package/dist/client/observability/spanProcessor.js +0 -303
package/dist/client/observability/tokenTracker.js +0 -413
package/dist/client/observability/types/exporterTypes.js +0 -5
package/dist/client/observability/types/index.js +0 -4
package/dist/client/observability/types/spanTypes.js +0 -92
package/dist/client/observability/utils/safeMetadata.js +0 -25
package/dist/client/observability/utils/spanSerializer.js +0 -292
package/dist/client/processors/archive/ArchiveProcessor.js +0 -1308
package/dist/client/processors/base/BaseFileProcessor.js +0 -614
package/dist/client/processors/base/types.js +0 -82
package/dist/client/processors/config/fileTypes.js +0 -520
package/dist/client/processors/config/index.js +0 -92
package/dist/client/processors/config/languageMap.js +0 -410
package/dist/client/processors/config/mimeTypes.js +0 -363
package/dist/client/processors/config/sizeLimits.js +0 -258
package/dist/client/processors/document/ExcelProcessor.js +0 -590
package/dist/client/processors/document/OpenDocumentProcessor.js +0 -212
package/dist/client/processors/document/PptxProcessor.js +0 -157
package/dist/client/processors/document/RtfProcessor.js +0 -361
package/dist/client/processors/document/WordProcessor.js +0 -353
package/dist/client/processors/errors/FileErrorCode.js +0 -255
package/dist/client/processors/errors/errorHelpers.js +0 -386
package/dist/client/processors/errors/errorSerializer.js +0 -507
package/dist/client/processors/errors/index.js +0 -49
package/dist/client/processors/markup/SvgProcessor.js +0 -240
package/dist/client/processors/media/AudioProcessor.js +0 -707
package/dist/client/processors/media/VideoProcessor.js +0 -1045
package/dist/client/providers/amazonBedrock.js +0 -1512
package/dist/client/providers/amazonSagemaker.js +0 -162
package/dist/client/providers/anthropic.js +0 -831
package/dist/client/providers/azureOpenai.js +0 -143
package/dist/client/providers/googleAiStudio.js +0 -1200
package/dist/client/providers/googleNativeGemini3.js +0 -543
package/dist/client/providers/googleVertex.js +0 -2936
package/dist/client/providers/huggingFace.js +0 -315
package/dist/client/providers/litellm.js +0 -488
package/dist/client/providers/mistral.js +0 -157
package/dist/client/providers/ollama.js +0 -1579
package/dist/client/providers/openAI.js +0 -627
package/dist/client/providers/openRouter.js +0 -543
package/dist/client/providers/openaiCompatible.js +0 -290
package/dist/client/providers/providerTypeUtils.js +0 -46
package/dist/client/providers/sagemaker/adaptive-semaphore.js +0 -215
package/dist/client/providers/sagemaker/client.js +0 -472
package/dist/client/providers/sagemaker/config.js +0 -317
package/dist/client/providers/sagemaker/detection.js +0 -606
package/dist/client/providers/sagemaker/error-constants.js +0 -227
package/dist/client/providers/sagemaker/errors.js +0 -299
package/dist/client/providers/sagemaker/language-model.js +0 -775
package/dist/client/providers/sagemaker/parsers.js +0 -634
package/dist/client/providers/sagemaker/streaming.js +0 -331
package/dist/client/providers/sagemaker/structured-parser.js +0 -625
package/dist/client/proxy/accountQuota.js +0 -162
package/dist/client/proxy/claudeFormat.js +0 -595
package/dist/client/proxy/modelRouter.js +0 -29
package/dist/client/proxy/oauthFetch.js +0 -367
package/dist/client/proxy/proxyFetch.js +0 -586
package/dist/client/proxy/requestLogger.js +0 -207
package/dist/client/proxy/tokenRefresh.js +0 -124
package/dist/client/proxy/usageStats.js +0 -74
package/dist/client/proxy/utils/noProxyUtils.js +0 -149
package/dist/client/rag/ChunkerFactory.js +0 -320
package/dist/client/rag/ChunkerRegistry.js +0 -421
package/dist/client/rag/chunkers/BaseChunker.js +0 -143
package/dist/client/rag/chunkers/CharacterChunker.js +0 -28
package/dist/client/rag/chunkers/HTMLChunker.js +0 -38
package/dist/client/rag/chunkers/JSONChunker.js +0 -68
package/dist/client/rag/chunkers/LaTeXChunker.js +0 -63
package/dist/client/rag/chunkers/MarkdownChunker.js +0 -306
package/dist/client/rag/chunkers/RecursiveChunker.js +0 -139
package/dist/client/rag/chunkers/SemanticMarkdownChunker.js +0 -138
package/dist/client/rag/chunkers/SentenceChunker.js +0 -66
package/dist/client/rag/chunkers/TokenChunker.js +0 -61
package/dist/client/rag/chunkers/index.js +0 -15
package/dist/client/rag/chunking/characterChunker.js +0 -142
package/dist/client/rag/chunking/chunkerRegistry.js +0 -194
package/dist/client/rag/chunking/htmlChunker.js +0 -247
package/dist/client/rag/chunking/index.js +0 -17
package/dist/client/rag/chunking/jsonChunker.js +0 -281
package/dist/client/rag/chunking/latexChunker.js +0 -251
package/dist/client/rag/chunking/markdownChunker.js +0 -373
package/dist/client/rag/chunking/recursiveChunker.js +0 -148
package/dist/client/rag/chunking/semanticChunker.js +0 -306
package/dist/client/rag/chunking/sentenceChunker.js +0 -230
package/dist/client/rag/chunking/tokenChunker.js +0 -183
package/dist/client/rag/document/MDocument.js +0 -392
package/dist/client/rag/document/index.js +0 -5
package/dist/client/rag/document/loaders.js +0 -500
package/dist/client/rag/errors/RAGError.js +0 -274
package/dist/client/rag/errors/index.js +0 -6
package/dist/client/rag/graphRag/graphRAG.js +0 -401
package/dist/client/rag/graphRag/index.js +0 -4
package/dist/client/rag/index.js +0 -141
package/dist/client/rag/metadata/MetadataExtractorFactory.js +0 -418
package/dist/client/rag/metadata/MetadataExtractorRegistry.js +0 -362
package/dist/client/rag/metadata/index.js +0 -9
package/dist/client/rag/metadata/metadataExtractor.js +0 -280
package/dist/client/rag/pipeline/RAGPipeline.js +0 -436
package/dist/client/rag/pipeline/contextAssembly.js +0 -341
package/dist/client/rag/pipeline/index.js +0 -5
package/dist/client/rag/ragIntegration.js +0 -321
package/dist/client/rag/reranker/RerankerFactory.js +0 -430
package/dist/client/rag/reranker/RerankerRegistry.js +0 -402
package/dist/client/rag/reranker/index.js +0 -9
package/dist/client/rag/reranker/reranker.js +0 -277
package/dist/client/rag/resilience/CircuitBreaker.js +0 -431
package/dist/client/rag/resilience/RetryHandler.js +0 -304
package/dist/client/rag/resilience/index.js +0 -7
package/dist/client/rag/retrieval/hybridSearch.js +0 -335
package/dist/client/rag/retrieval/index.js +0 -5
package/dist/client/rag/retrieval/vectorQueryTool.js +0 -307
package/dist/client/rag/types.js +0 -8
package/dist/client/sdk/toolRegistration.js +0 -377
package/dist/client/server/abstract/baseServerAdapter.js +0 -575
package/dist/client/server/adapters/expressAdapter.js +0 -486
package/dist/client/server/adapters/fastifyAdapter.js +0 -472
package/dist/client/server/adapters/honoAdapter.js +0 -632
package/dist/client/server/adapters/koaAdapter.js +0 -510
package/dist/client/server/errors.js +0 -486
package/dist/client/server/factory/serverAdapterFactory.js +0 -160
package/dist/client/server/index.js +0 -108
package/dist/client/server/middleware/abortSignal.js +0 -111
package/dist/client/server/middleware/auth.js +0 -388
package/dist/client/server/middleware/cache.js +0 -359
package/dist/client/server/middleware/common.js +0 -281
package/dist/client/server/middleware/deprecation.js +0 -190
package/dist/client/server/middleware/mcpBodyAttachment.js +0 -63
package/dist/client/server/middleware/rateLimit.js +0 -227
package/dist/client/server/middleware/validation.js +0 -388
package/dist/client/server/openapi/generator.js +0 -398
package/dist/client/server/openapi/index.js +0 -36
package/dist/client/server/openapi/schemas.js +0 -695
package/dist/client/server/openapi/templates.js +0 -374
package/dist/client/server/routes/agentRoutes.js +0 -189
package/dist/client/server/routes/claudeProxyRoutes.js +0 -1600
package/dist/client/server/routes/healthRoutes.js +0 -187
package/dist/client/server/routes/index.js +0 -57
package/dist/client/server/routes/mcpRoutes.js +0 -342
package/dist/client/server/routes/memoryRoutes.js +0 -350
package/dist/client/server/routes/openApiRoutes.js +0 -126
package/dist/client/server/routes/toolRoutes.js +0 -199
package/dist/client/server/streaming/dataStream.js +0 -486
package/dist/client/server/streaming/index.js +0 -11
package/dist/client/server/types.js +0 -67
package/dist/client/server/utils/redaction.js +0 -334
package/dist/client/server/utils/validation.js +0 -243
package/dist/client/server/websocket/WebSocketHandler.js +0 -383
package/dist/client/server/websocket/index.js +0 -4
package/dist/client/services/server/ai/observability/instrumentation.js +0 -808
package/dist/client/telemetry/attributes.js +0 -100
package/dist/client/telemetry/index.js +0 -26
package/dist/client/telemetry/telemetryService.js +0 -308
package/dist/client/telemetry/tracers.js +0 -17
package/dist/client/telemetry/withSpan.js +0 -34
package/dist/client/types/actionTypes.js +0 -6
package/dist/client/types/analytics.js +0 -5
package/dist/client/types/authTypes.js +0 -9
package/dist/client/types/circuitBreakerErrors.js +0 -34
package/dist/client/types/cli.js +0 -21
package/dist/client/types/clientTypes.js +0 -10
package/dist/client/types/common.js +0 -51
package/dist/client/types/configTypes.js +0 -49
package/dist/client/types/content.js +0 -19
package/dist/client/types/contextTypes.js +0 -400
package/dist/client/types/conversation.js +0 -47
package/dist/client/types/conversationMemoryInterface.js +0 -6
package/dist/client/types/domainTypes.js +0 -5
package/dist/client/types/errors.js +0 -167
package/dist/client/types/evaluation.js +0 -5
package/dist/client/types/evaluationProviders.js +0 -5
package/dist/client/types/evaluationTypes.js +0 -1
package/dist/client/types/externalMcp.js +0 -6
package/dist/client/types/fileReferenceTypes.js +0 -8
package/dist/client/types/fileTypes.js +0 -4
package/dist/client/types/generateTypes.js +0 -1
package/dist/client/types/guardrails.js +0 -1
package/dist/client/types/hitlTypes.js +0 -8
package/dist/client/types/index.js +0 -57
package/dist/client/types/mcpTypes.js +0 -5
package/dist/client/types/middlewareTypes.js +0 -1
package/dist/client/types/modelTypes.js +0 -30
package/dist/client/types/multimodal.js +0 -135
package/dist/client/types/observability.js +0 -6
package/dist/client/types/pptTypes.js +0 -82
package/dist/client/types/providers.js +0 -111
package/dist/client/types/proxyTypes.js +0 -16
package/dist/client/types/ragTypes.js +0 -7
package/dist/client/types/sdkTypes.js +0 -8
package/dist/client/types/serviceTypes.js +0 -5
package/dist/client/types/streamTypes.js +0 -1
package/dist/client/types/subscriptionTypes.js +0 -9
package/dist/client/types/taskClassificationTypes.js +0 -5
package/dist/client/types/tools.js +0 -24
package/dist/client/types/ttsTypes.js +0 -57
package/dist/client/types/typeAliases.js +0 -48
package/dist/client/types/utilities.js +0 -4
package/dist/client/types/workflowTypes.js +0 -30
package/dist/client/utils/async/withTimeout.js +0 -98
package/dist/client/utils/asyncMutex.js +0 -60
package/dist/client/utils/conversationMemory.js +0 -431
package/dist/client/utils/csvProcessor.js +0 -846
package/dist/client/utils/errorHandling.js +0 -936
package/dist/client/utils/evaluationUtils.js +0 -131
package/dist/client/utils/factoryProcessing.js +0 -589
package/dist/client/utils/fileDetector.js +0 -2161
package/dist/client/utils/imageCache.js +0 -376
package/dist/client/utils/imageProcessor.js +0 -704
package/dist/client/utils/logger.js +0 -491
package/dist/client/utils/mcpDefaults.js +0 -134
package/dist/client/utils/messageBuilder.js +0 -1653
package/dist/client/utils/modelAliasResolver.js +0 -54
package/dist/client/utils/modelDetection.js +0 -80
package/dist/client/utils/modelRouter.js +0 -292
package/dist/client/utils/multimodalOptionsBuilder.js +0 -65
package/dist/client/utils/observabilityHelpers.js +0 -47
package/dist/client/utils/parameterValidation.js +0 -966
package/dist/client/utils/pdfProcessor.js +0 -410
package/dist/client/utils/performance.js +0 -222
package/dist/client/utils/pricing.js +0 -340
package/dist/client/utils/promptRedaction.js +0 -62
package/dist/client/utils/providerConfig.js +0 -1009
package/dist/client/utils/providerHealth.js +0 -1237
package/dist/client/utils/providerRetry.js +0 -112
package/dist/client/utils/providerUtils.js +0 -434
package/dist/client/utils/rateLimiter.js +0 -200
package/dist/client/utils/redis.js +0 -368
package/dist/client/utils/retryHandler.js +0 -269
package/dist/client/utils/retryability.js +0 -22
package/dist/client/utils/sanitizers/svg.js +0 -481
package/dist/client/utils/schemaConversion.js +0 -255
package/dist/client/utils/taskClassificationUtils.js +0 -149
package/dist/client/utils/taskClassifier.js +0 -94
package/dist/client/utils/thinkingConfig.js +0 -104
package/dist/client/utils/timeout.js +0 -359
package/dist/client/utils/tokenEstimation.js +0 -142
package/dist/client/utils/tokenLimits.js +0 -125
package/dist/client/utils/tokenUtils.js +0 -239
package/dist/client/utils/toolUtils.js +0 -75
package/dist/client/utils/transformationUtils.js +0 -554
package/dist/client/utils/ttsProcessor.js +0 -286
package/dist/client/utils/typeUtils.js +0 -97
package/dist/client/utils/videoAnalysisProcessor.js +0 -67
package/dist/client/workflow/config.js +0 -398
package/dist/client/workflow/core/ensembleExecutor.js +0 -407
package/dist/client/workflow/core/judgeScorer.js +0 -544
package/dist/client/workflow/core/responseConditioner.js +0 -225
package/dist/client/workflow/core/types/conditionerTypes.js +0 -7
package/dist/client/workflow/core/types/ensembleTypes.js +0 -7
package/dist/client/workflow/core/types/index.js +0 -7
package/dist/client/workflow/core/types/judgeTypes.js +0 -7
package/dist/client/workflow/core/types/layerTypes.js +0 -7
package/dist/client/workflow/core/types/registryTypes.js +0 -7
package/dist/client/workflow/core/workflowRegistry.js +0 -304
package/dist/client/workflow/core/workflowRunner.js +0 -586
package/dist/client/workflow/index.js +0 -50
package/dist/client/workflow/types.js +0 -9
package/dist/client/workflow/utils/types/index.js +0 -7
package/dist/client/workflow/utils/workflowMetrics.js +0 -311
package/dist/client/workflow/utils/workflowValidation.js +0 -420
package/dist/client/workflow/workflows/adaptiveWorkflow.js +0 -366
package/dist/client/workflow/workflows/consensusWorkflow.js +0 -192
package/dist/client/workflow/workflows/fallbackWorkflow.js +0 -225
package/dist/client/workflow/workflows/multiJudgeWorkflow.js +0 -351
/package/dist/client/{client/reactHooks.js → reactHooks.js} +0 -0

package/dist/client/utils/sanitizers/svg.js DELETED Viewed

@@ -1,481 +0,0 @@
-/**
- * SVG Sanitization Utilities
- * OWASP-compliant SVG sanitization using allowlist approach
- *
- * This module addresses:
- * - Script tag injection
- * - Event handler injection (onload, onerror, etc.)
- * - javascript: URL schemes
- * - CSS-based XSS (expression(), url(), -moz-binding)
- * - SMIL animation attacks
- * - foreignObject-based HTML injection
- * - External reference attacks (use, image elements)
- * - XXE via DOCTYPE/ENTITY declarations
- *
- * Uses regex-based approach for robustness without external dependencies.
- *
- * @see https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
- */
-/**
- * Safe SVG elements (allowlist)
- * Only these elements will be preserved in sanitized output
- */
-const SAFE_SVG_ELEMENTS = new Set([
-    // Container elements
-    "svg",
-    "g",
-    "defs",
-    "symbol",
-    "marker",
-    // Basic shapes
-    "rect",
-    "circle",
-    "ellipse",
-    "line",
-    "polyline",
-    "polygon",
-    "path",
-    // Text
-    "text",
-    "tspan",
-    // Gradients and patterns
-    "linearGradient",
-    "radialGradient",
-    "stop",
-    "pattern",
-    // Clipping and masking
-    "clipPath",
-    "mask",
-    // Filters (limited - no custom filters that could reference external resources)
-    "filter",
-    "feGaussianBlur",
-    "feOffset",
-    "feBlend",
-    "feColorMatrix",
-    "feMerge",
-    "feMergeNode",
-    // Metadata (safe)
-    "title",
-    "desc",
-    "metadata",
-]);
-/**
- * Dangerous SVG elements (blocklist)
- * These elements are explicitly blocked due to XSS risks
- */
-const DANGEROUS_SVG_ELEMENTS = new Set([
-    "script", // Direct script execution
-    "style", // Can contain CSS with XSS vectors
-    "foreignObject", // Can contain HTML with XSS
-    "use", // Can reference external SVG with malicious content
-    "image", // Can reference external resources or data: URLs
-    "a", // Can have href with javascript:
-    "animate", // SMIL animations can set dangerous attributes
-    "set", // SMIL - can set href to javascript:
-    "animateMotion", // SMIL animation
-    "animateTransform", // SMIL animation
-    "animateColor", // SMIL animation (deprecated but still works in some browsers)
-    "iframe", // Can embed external content
-    "object", // Can embed external content
-    "embed", // Can embed external content
-]);
-/**
- * Safe SVG attributes (allowlist)
- */
-const SAFE_SVG_ATTRIBUTES = new Set([
-    // Core attributes
-    "id",
-    "class",
-    // Geometry
-    "x",
-    "y",
-    "width",
-    "height",
-    "cx",
-    "cy",
-    "r",
-    "rx",
-    "ry",
-    "d",
-    "points",
-    "x1",
-    "y1",
-    "x2",
-    "y2",
-    // Appearance (limited - style is intentionally excluded)
-    "fill",
-    "stroke",
-    "stroke-width",
-    "stroke-dasharray",
-    "stroke-linecap",
-    "stroke-linejoin",
-    "opacity",
-    "fill-opacity",
-    "stroke-opacity",
-    "fill-rule",
-    // Transform
-    "transform",
-    // SVG-specific
-    "viewBox",
-    "xmlns",
-    "xmlns:xlink",
-    "preserveAspectRatio",
-    "version",
-    // Gradient/Pattern
-    "offset",
-    "stop-color",
-    "stop-opacity",
-    "gradientUnits",
-    "gradientTransform",
-    "patternUnits",
-    "patternTransform",
-    "spreadMethod",
-    // Text
-    "font-family",
-    "font-size",
-    "font-weight",
-    "font-style",
-    "text-anchor",
-    "dominant-baseline",
-    "alignment-baseline",
-    "letter-spacing",
-    // Filter
-    "stdDeviation",
-    "dx",
-    "dy",
-    "in",
-    "in2",
-    "result",
-    "mode",
-    "type",
-    "values",
-    // Clip/Mask
-    "clipPathUnits",
-    "maskUnits",
-    "maskContentUnits",
-    // Marker
-    "markerWidth",
-    "markerHeight",
-    "refX",
-    "refY",
-    "orient",
-    "markerUnits",
-]);
-/**
- * Dangerous SVG attributes (blocklist)
- * These are explicitly blocked even if they appear on safe elements
- */
-const DANGEROUS_SVG_ATTRIBUTES = new Set([
-    "style", // Can contain CSS with expression(), url(), -moz-binding
-    "href", // Can contain javascript:
-    "xlink:href", // Can contain javascript:
-    // Event handlers (comprehensive list)
-    "onload",
-    "onerror",
-    "onclick",
-    "onmouseover",
-    "onmouseout",
-    "onmousedown",
-    "onmouseup",
-    "onmousemove",
-    "onfocus",
-    "onblur",
-    "onabort",
-    "onbegin",
-    "onend",
-    "onrepeat",
-    "onactivate",
-    "onscroll",
-    "onresize",
-    "onzoom",
-    "oninput",
-    "onchange",
-    "onsubmit",
-    "onreset",
-    "onkeydown",
-    "onkeyup",
-    "onkeypress",
-    "ondrag",
-    "ondragstart",
-    "ondragend",
-    "ondragenter",
-    "ondragleave",
-    "ondragover",
-    "ondrop",
-    // SVG-specific event handlers
-    "onunload",
-    "oncopy",
-    "oncut",
-    "onpaste",
-]);
-/**
- * Sanitize SVG content by removing dangerous elements and attributes.
- * Uses OWASP-compliant allowlist approach with regex-based parsing.
- *
- * @param svgContent - Raw SVG content to sanitize
- * @returns Sanitized SVG content
- * @throws Error if SVG content is invalid or contains XXE declarations
- *
- * @example
- * const malicious = '<svg><script>alert(1)</script></svg>';
- * const safe = sanitizeSvgContent(malicious); // '<svg></svg>'
- *
- * @example
- * const xss = '<svg onload="alert(1)"><rect fill="red"/></svg>';
- * const safe = sanitizeSvgContent(xss); // '<svg><rect fill="red"/></svg>'
- */
-export function sanitizeSvgContent(svgContent) {
-    const result = sanitizeSvgContentDetailed(svgContent);
-    return result.content;
-}
-/**
- * Sanitize SVG content with detailed information about what was removed.
- * Useful for logging and security auditing.
- *
- * @param svgContent - Raw SVG content to sanitize
- * @returns Detailed sanitization result with removed items
- * @throws Error if SVG content is invalid or contains XXE declarations
- */
-export function sanitizeSvgContentDetailed(svgContent) {
-    if (!svgContent || typeof svgContent !== "string") {
-        throw new Error("SVG content is required and must be a string");
-    }
-    const removedItems = [];
-    let content = svgContent;
-    const originalContent = svgContent;
-    // 1. Block DOCTYPE and ENTITY declarations (XXE prevention)
-    if (content.includes("<!DOCTYPE") || content.includes("<!ENTITY")) {
-        throw new Error("SVG contains DOCTYPE or ENTITY declarations which are not allowed for security reasons");
-    }
-    // 2. Remove XML stylesheet processing instructions
-    const stylesheetRegex = /<\?xml-stylesheet[^?]*\?>/gi;
-    if (stylesheetRegex.test(content)) {
-        removedItems.push("XML stylesheet processing instruction");
-        content = content.replace(stylesheetRegex, "");
-    }
-    // 3. Remove CDATA sections that might contain malicious content
-    const cdataRegex = /<!\[CDATA\[[\s\S]*?\]\]>/gi;
-    const cdataMatches = content.match(cdataRegex);
-    if (cdataMatches) {
-        removedItems.push(`CDATA sections (${cdataMatches.length} found)`);
-        content = content.replace(cdataRegex, "");
-    }
-    // 4. Remove all dangerous elements with their content
-    const dangerousElements = Array.from(DANGEROUS_SVG_ELEMENTS);
-    for (let i = 0; i < dangerousElements.length; i++) {
-        const element = dangerousElements[i];
-        // Match both self-closing and paired tags
-        const pairedRegex = new RegExp(`<${element}[^>]*>[\\s\\S]*?<\\/${element}>`, "gi");
-        const selfClosingRegex = new RegExp(`<${element}[^>]*\\/?>`, "gi");
-        if (pairedRegex.test(content)) {
-            removedItems.push(`Element: <${element}> (with content)`);
-            content = content.replace(pairedRegex, "");
-        }
-        if (selfClosingRegex.test(content)) {
-            removedItems.push(`Element: <${element}>`);
-            content = content.replace(selfClosingRegex, "");
-        }
-    }
-    // 5. Remove unknown elements (not in safe list)
-    // Match element tags and check against allowlist
-    const elementRegex = /<\/?([a-zA-Z][a-zA-Z0-9]*)[^>]*\/?>/g;
-    content = content.replace(elementRegex, (match, tagName) => {
-        const lowerTagName = tagName.toLowerCase();
-        // Skip XML declaration
-        if (lowerTagName === "xml") {
-            return match;
-        }
-        // Check if it's a safe element
-        if (!SAFE_SVG_ELEMENTS.has(tagName) &&
-            !SAFE_SVG_ELEMENTS.has(lowerTagName)) {
-            // Check case-insensitive match for camelCase elements like linearGradient
-            const isSafe = Array.from(SAFE_SVG_ELEMENTS).some((safe) => safe.toLowerCase() === lowerTagName);
-            if (!isSafe) {
-                removedItems.push(`Unknown element: <${tagName}>`);
-                return "";
-            }
-        }
-        return match;
-    });
-    // 6. Remove dangerous attributes from remaining elements
-    content = removeDangerousAttributes(content, removedItems);
-    // 7. Remove javascript: URLs from any remaining attribute values
-    const jsUrlRegex = /(?:=\s*["']?)javascript:[^"'\s>]*/gi;
-    if (jsUrlRegex.test(content)) {
-        removedItems.push("javascript: URL scheme");
-        content = content.replace(jsUrlRegex, '=""');
-    }
-    // 8. Remove data: URLs (except for safe image types)
-    const dataUrlRegex = /(?:=\s*["']?)data:(?!image\/(?:png|jpeg|jpg|gif|svg\+xml))[^"'\s>]*/gi;
-    if (dataUrlRegex.test(content)) {
-        removedItems.push("Suspicious data: URL");
-        content = content.replace(dataUrlRegex, '=""');
-    }
-    // 9. Remove vbscript: URLs
-    const vbscriptRegex = /(?:=\s*["']?)vbscript:[^"'\s>]*/gi;
-    if (vbscriptRegex.test(content)) {
-        removedItems.push("vbscript: URL scheme");
-        content = content.replace(vbscriptRegex, '=""');
-    }
-    // 10. Clean up any empty elements left behind
-    content = content.replace(/\s+/g, " ").trim();
-    return {
-        content,
-        removedItems: Array.from(new Set(removedItems)), // Deduplicate
-        wasModified: content !== originalContent,
-    };
-}
-/**
- * Remove dangerous attributes from SVG elements.
- * Keeps only attributes in the safe allowlist.
- */
-function removeDangerousAttributes(content, removedItems) {
-    // Match elements with attributes
-    const elementWithAttrsRegex = /<([a-zA-Z][a-zA-Z0-9]*)([^>]*)>/g;
-    return content.replace(elementWithAttrsRegex, (match, tagName, attrs) => {
-        if (!attrs || !attrs.trim()) {
-            return match;
-        }
-        // Parse attributes
-        const attrRegex = /([a-zA-Z][a-zA-Z0-9:_-]*)\s*=\s*(?:"([^"]*)"|'([^']*)')/g;
-        const safeAttrs = [];
-        for (let attrMatch = attrRegex.exec(attrs); attrMatch !== null; attrMatch = attrRegex.exec(attrs)) {
-            const attrName = attrMatch[1];
-            const attrValue = attrMatch[2] ?? attrMatch[3] ?? "";
-            const lowerAttrName = attrName.toLowerCase();
-            // Check if attribute is explicitly dangerous
-            if (DANGEROUS_SVG_ATTRIBUTES.has(lowerAttrName)) {
-                removedItems.push(`Attribute: ${attrName}`);
-                continue;
-            }
-            // Check if attribute starts with 'on' (event handler pattern)
-            if (lowerAttrName.startsWith("on")) {
-                removedItems.push(`Event handler: ${attrName}`);
-                continue;
-            }
-            // Check if attribute is in safe list
-            if (!SAFE_SVG_ATTRIBUTES.has(attrName) &&
-                !SAFE_SVG_ATTRIBUTES.has(lowerAttrName)) {
-                // Check case-insensitive match for hyphenated attributes
-                const isSafe = Array.from(SAFE_SVG_ATTRIBUTES).some((safe) => safe.toLowerCase() === lowerAttrName);
-                if (!isSafe) {
-                    removedItems.push(`Unknown attribute: ${attrName}`);
-                    continue;
-                }
-            }
-            // Validate attribute value
-            const lowerValue = attrValue.toLowerCase();
-            // Block javascript: URLs
-            if (lowerValue.includes("javascript:")) {
-                removedItems.push(`javascript: URL in ${attrName}`);
-                continue;
-            }
-            // Block suspicious data: URLs (allow safe image types)
-            if (lowerValue.startsWith("data:") &&
-                !lowerValue.startsWith("data:image/png") &&
-                !lowerValue.startsWith("data:image/jpeg") &&
-                !lowerValue.startsWith("data:image/jpg") &&
-                !lowerValue.startsWith("data:image/gif") &&
-                !lowerValue.startsWith("data:image/svg+xml")) {
-                removedItems.push(`Suspicious data: URL in ${attrName}`);
-                continue;
-            }
-            // Block expression() and other CSS XSS vectors in values
-            if (lowerValue.includes("expression(") ||
-                lowerValue.includes("-moz-binding") ||
-                lowerValue.includes("behavior:")) {
-                removedItems.push(`CSS XSS vector in ${attrName}`);
-                continue;
-            }
-            // Attribute is safe, keep it
-            safeAttrs.push(`${attrName}="${escapeAttributeValue(attrValue)}"`);
-        }
-        // Also keep standalone attributes (like xmlns without value in some cases)
-        const standaloneAttrRegex = /\s([a-zA-Z][a-zA-Z0-9:_-]*)(?=\s|>|$|\/)/g;
-        let standaloneMatch = standaloneAttrRegex.exec(attrs);
-        let iterations = 0;
-        const MAX_ITERATIONS = 1000;
-        while (standaloneMatch !== null && iterations++ < MAX_ITERATIONS) {
-            const attrName = standaloneMatch[1];
-            // Only keep if it looks like a valid attribute and is safe
-            if (SAFE_SVG_ATTRIBUTES.has(attrName) ||
-                SAFE_SVG_ATTRIBUTES.has(attrName.toLowerCase())) {
-                // Avoid duplicates
-                if (!safeAttrs.some((a) => a.startsWith(`${attrName}=`))) {
-                    safeAttrs.push(attrName);
-                }
-            }
-            standaloneMatch = standaloneAttrRegex.exec(attrs);
-        }
-        if (safeAttrs.length > 0) {
-            return `<${tagName} ${safeAttrs.join(" ")}>`;
-        }
-        return `<${tagName}>`;
-    });
-}
-/**
- * Escape attribute value to prevent injection
- */
-function escapeAttributeValue(value) {
-    return value
-        .replace(/&/g, "&amp;")
-        .replace(/"/g, "&quot;")
-        .replace(/</g, "&lt;")
-        .replace(/>/g, "&gt;");
-}
-/**
- * Check if SVG content appears to be safe (quick validation).
- * Does NOT sanitize - use sanitizeSvgContent for that.
- *
- * @param svgContent - SVG content to check
- * @returns true if content appears safe, false if it contains suspicious patterns
- */
-export function isSvgContentSafe(svgContent) {
-    if (!svgContent || typeof svgContent !== "string") {
-        return false;
-    }
-    const lowerContent = svgContent.toLowerCase();
-    // Check for XXE
-    if (lowerContent.includes("<!doctype") || lowerContent.includes("<!entity")) {
-        return false;
-    }
-    // Check for dangerous elements
-    const dangerousElementsArray = Array.from(DANGEROUS_SVG_ELEMENTS);
-    for (let i = 0; i < dangerousElementsArray.length; i++) {
-        const element = dangerousElementsArray[i];
-        if (lowerContent.includes(`<${element.toLowerCase()}`)) {
-            return false;
-        }
-    }
-    // Check for event handlers
-    if (/\bon[a-z]+\s*=/i.test(svgContent)) {
-        return false;
-    }
-    // Check for javascript: URLs
-    if (lowerContent.includes("javascript:")) {
-        return false;
-    }
-    return true;
-}
-/**
- * Legacy alias for sanitizeSvgContent.
- * Maintained for backward compatibility.
- *
- * @param svgContent - Raw SVG content
- * @returns Sanitized SVG content
- */
-export function sanitizeSvg(svgContent) {
-    return sanitizeSvgContent(svgContent);
-}
-/**
- * Get lists of safe and dangerous elements/attributes for reference.
- * Useful for documentation and debugging.
- */
-export function getSvgSanitizationRules() {
-    return {
-        safeElements: Array.from(SAFE_SVG_ELEMENTS),
-        dangerousElements: Array.from(DANGEROUS_SVG_ELEMENTS),
-        safeAttributes: Array.from(SAFE_SVG_ATTRIBUTES),
-        dangerousAttributes: Array.from(DANGEROUS_SVG_ATTRIBUTES),
-    };
-}