@lockllm/sdk 1.0.0

package/CHANGELOG.md

@@ -0,0 +1,81 @@
+# Changelog
+
+## [1.1.0] - 2026-01-16
+
+### Added
+
+#### Universal Provider Support
+- **Generic Wrapper Factory**: Added `createClient()` function to create clients for any LLM provider using their official SDK
+- **OpenAI-Compatible Helper**: Added `createOpenAICompatible()` for easy integration with OpenAI-compatible providers
+- **15 New Provider Wrappers**: Pre-configured factory functions for all remaining providers:
+  - `createGroq()` - Groq (fast inference)
+  - `createDeepSeek()` - DeepSeek (reasoning models)
+  - `createPerplexity()` - Perplexity (online models with search)
+  - `createMistral()` - Mistral AI
+  - `createOpenRouter()` - OpenRouter (access to 200+ models)
+  - `createTogether()` - Together AI
+  - `createXAI()` - xAI (Grok)
+  - `createFireworks()` - Fireworks AI
+  - `createAnyscale()` - Anyscale
+  - `createHuggingFace()` - Hugging Face
+  - `createGemini()` - Google Gemini
+  - `createCohere()` - Cohere
+  - `createAzure()` - Azure OpenAI
+  - `createBedrock()` - AWS Bedrock
+  - `createVertexAI()` - Google Vertex AI
+
+#### Utility Functions
+- **`getProxyURL(provider)`**: Get the LockLLM proxy URL for any specific provider
+- **`getAllProxyURLs()`**: Get all available proxy URLs for all 17 providers
+- **Type Export**: Added `ProviderName` type export for better TypeScript support
+
+#### Examples
+- **`examples/wrapper-generic.ts`**: Comprehensive example showing three ways to integrate with any provider
+- **`examples/wrapper-all-providers.ts`**: Complete example demonstrating all 17 providers
+
+#### Documentation
+- Updated README with provider comparison table showing wrapper functions and compatibility
+- Added three integration methods with examples (provider-specific, generic, official SDKs)
+- Expanded "Supported Providers" section with detailed integration patterns
+- Added examples for Groq, DeepSeek, Mistral, Perplexity, OpenRouter, and Azure
+- Updated API Reference with all new wrapper functions and utilities
+- Enhanced examples README with new example descriptions
+
+### Changed
+- Build system updated to properly generate both CommonJS (`.js`) and ESM (`.mjs`) outputs
+- Fixed `tsconfig.esm.json` to work with TypeScript 5.9.3
+- Improved documentation structure and clarity
+
+### Technical Details
+
+#### Integration Methods
+
+**Method 1: Provider-Specific Wrappers (Easiest)**
+```typescript
+import { createOpenAI, createGroq, createAnthropic } from '@lockllm/sdk';
+const client = createGroq({ apiKey: process.env.LOCKLLM_API_KEY });
+```
+
+**Method 2: Generic Wrappers (Flexible)**
+```typescript
+import { createClient, createOpenAICompatible } from '@lockllm/sdk';
+// For OpenAI-compatible providers
+const client = createOpenAICompatible('deepseek', { apiKey });
+// For custom SDKs
+const cohere = createClient('cohere', CohereClient, { apiKey });
+```
+
+**Method 3: Official SDKs Directly (Most Control)**
+```typescript
+import OpenAI from 'openai';
+import { getProxyURL } from '@lockllm/sdk';
+const client = new OpenAI({
+  apiKey: process.env.LOCKLLM_API_KEY,
+  baseURL: getProxyURL('mistral')
+});
+```
+
+### Notes
+- All 15+ providers are now fully supported with multiple integration options
+- Zero breaking changes - existing code continues to work
+- Backward compatible with v1.0.0

package/CODE_OF_CONDUCT.md

@@ -0,0 +1,130 @@
+# Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community.
+
+## Our Standards
+
+### Positive Behavior
+
+Examples of behavior that contributes to a positive environment:
+
+- Using welcoming and inclusive language
+- Being respectful of differing viewpoints and experiences
+- Gracefully accepting constructive criticism
+- Focusing on what is best for the community
+- Showing empathy towards other community members
+- Giving and gracefully accepting constructive feedback
+- Accepting responsibility and apologizing to those affected by our mistakes
+- Learning from mistakes and improving our behavior
+
+### Unacceptable Behavior
+
+Examples of unacceptable behavior include:
+
+- The use of sexualized language or imagery
+- Trolling, insulting or derogatory comments, and personal or political attacks
+- Public or private harassment
+- Publishing others' private information without explicit permission
+- Violent threats or language directed against another person
+- Sexist, racist, homophobic, transphobic, ableist, or otherwise discriminatory jokes and language
+- Advocating for, or encouraging, any of the above behavior
+- Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Scope
+
+This Code of Conduct applies within all community spaces, including but not limited to:
+
+- GitHub repositories (issues, pull requests, discussions)
+- Project communication channels (email, chat, forums)
+- Social media accounts representing the project
+- Project events (conferences, meetups, online events)
+
+This Code of Conduct also applies when an individual is officially representing the community in public spaces.
+
+## Enforcement Responsibilities
+
+Project maintainers are responsible for clarifying and enforcing our standards of acceptable behavior. They will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned with this Code of Conduct. They will communicate reasons for moderation decisions when appropriate.
+
+## Reporting Issues
+
+If you experience or witness unacceptable behavior, or have any other concerns, please report it by contacting the project team at:
+
+**support@lockllm.com**
+
+All reports will be handled with discretion and confidentiality.
+
+### What to Include in Your Report
+
+To help us address the issue effectively, please include:
+
+- Your contact information
+- Names (real, nicknames, or pseudonyms) of individuals involved
+- Description of the incident, including specific behavior
+- Date and time of the incident
+- Location/platform where the incident occurred
+- Whether the incident is ongoing
+- Any additional context or information
+- If you believe any other individuals witnessed the incident
+
+### Confidentiality
+
+All reports will be reviewed and investigated. We respect the privacy and security of the reporter of any incident.
+
+## Enforcement Guidelines
+
+Project maintainers will follow these Community Impact Guidelines in determining consequences for any action deemed in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed unprofessional or unwelcome.
+
+**Consequence**: A private, written warning from project maintainers, providing clarity around the nature of the violation and an explanation of why the behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, for a specified period. This includes avoiding interactions in community spaces as well as external channels. Violating these terms may lead to a temporary or permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public communication with the community for a specified period. No public or private interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, is allowed during this period. Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 2.1, available at
+https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
+
+Community Impact Guidelines were inspired by [Mozilla's code of conduct enforcement ladder](https://github.com/mozilla/diversity).
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see the FAQ at
+https://www.contributor-covenant.org/faq. Translations are available at
+https://www.contributor-covenant.org/translations.
+
+## Contact
+
+- **Security Issues**: support@lockllm.com (see [SECURITY.md](SECURITY.md))
+
+## Acknowledgment
+
+By participating in this community, you agree to abide by this Code of Conduct. We are committed to providing a welcoming and inspiring community for all.
+
+---
+
+**Last Updated**: January 2026

package/CONTRIBUTING.md

@@ -0,0 +1,259 @@
+# Contributing to LockLLM JavaScript/TypeScript SDK
+
+Thank you for your interest in contributing to LockLLM! We welcome contributions from the community to help make AI security more accessible and effective.
+
+## Table of Contents
+
+- [Code of Conduct](#code-of-conduct)
+- [How Can I Contribute?](#how-can-i-contribute)
+- [Development Setup](#development-setup)
+- [Pull Request Process](#pull-request-process)
+- [Coding Standards](#coding-standards)
+- [Testing Guidelines](#testing-guidelines)
+- [Reporting Bugs](#reporting-bugs)
+- [Suggesting Enhancements](#suggesting-enhancements)
+
+## Code of Conduct
+
+This project adheres to a Code of Conduct that all contributors are expected to follow. Please read [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md) before contributing.
+
+## How Can I Contribute?
+
+### Reporting Bugs
+
+Before creating bug reports, please check the existing issues to avoid duplicates. When creating a bug report, include:
+
+- A clear and descriptive title
+- Detailed steps to reproduce the issue
+- Expected behavior vs actual behavior
+- Code samples demonstrating the issue
+- Your environment (Node.js version, OS, SDK version)
+- Error messages and stack traces
+
+### Suggesting Enhancements
+
+Enhancement suggestions are tracked as GitHub issues. When suggesting an enhancement:
+
+- Use a clear and descriptive title
+- Provide a detailed description of the proposed functionality
+- Explain why this enhancement would be useful
+- Include code examples if applicable
+
+### Code Contributions
+
+1. **Fork the repository** and create your branch from `main`
+2. **Make your changes** following our coding standards
+3. **Add tests** for any new functionality
+4. **Update documentation** as needed
+5. **Submit a pull request**
+
+## Development Setup
+
+### Prerequisites
+
+- Node.js 18+ and npm
+- TypeScript knowledge
+- Git
+
+### Setup Steps
+
+1. Fork and clone the repository:
+```bash
+git clone https://github.com/YOUR-USERNAME/lockllm-npm.git
+cd lockllm-npm
+```
+
+2. Install dependencies:
+```bash
+npm install
+```
+
+3. Install peer dependencies for testing:
+```bash
+npm install openai @anthropic-ai/sdk
+```
+
+4. Run tests to ensure everything works:
+```bash
+npm test
+```
+
+5. Build the project:
+```bash
+npm run build
+```
+
+### Available Scripts
+
+- `npm run build` - Build both CommonJS and ESM versions
+- `npm test` - Run the test suite
+- `npm run test:watch` - Run tests in watch mode
+- `npm run test:coverage` - Generate coverage report
+- `npm run lint` - Lint the codebase
+- `npm run format` - Format code with Prettier
+- `npm run typecheck` - Run TypeScript type checking
+
+## Pull Request Process
+
+1. **Update Documentation**: Ensure README.md and relevant documentation reflect your changes
+
+2. **Add Tests**: All new features and bug fixes must include tests
+
+3. **Run the Full Test Suite**:
+```bash
+npm run typecheck
+npm test
+npm run lint
+```
+
+4. **Update CHANGELOG**: Add your changes to the Unreleased section
+
+5. **Write Clear Commit Messages**:
+   - Use present tense ("Add feature" not "Added feature")
+   - Use imperative mood ("Move cursor to..." not "Moves cursor to...")
+   - Reference issues and pull requests when relevant
+
+6. **Submit PR**:
+   - Fill out the PR template completely
+   - Link related issues
+   - Request review from maintainers
+
+7. **Address Review Feedback**: Be responsive to review comments and make requested changes
+
+## Coding Standards
+
+### TypeScript Style
+
+- Use TypeScript for all source code
+- Enable strict mode in `tsconfig.json`
+- Provide type definitions for all public APIs
+- Avoid using `any` - use `unknown` or proper types
+
+### Code Style
+
+We use ESLint and Prettier for consistent code style:
+
+```bash
+# Format code
+npm run format
+
+# Check linting
+npm run lint
+```
+
+### Naming Conventions
+
+- **Classes**: PascalCase (e.g., `LockLLM`, `PromptInjectionError`)
+- **Functions/Methods**: camelCase (e.g., `createOpenAI`, `scanPrompt`)
+- **Constants**: UPPER_SNAKE_CASE (e.g., `DEFAULT_TIMEOUT`)
+- **Interfaces/Types**: PascalCase (e.g., `ScanRequest`, `ClientConfig`)
+- **Private members**: Prefix with underscore (e.g., `_processRequest`)
+
+### File Organization
+
+- Place source code in `src/`
+- Place tests alongside source files with `.test.ts` extension
+- Export public API through `src/index.ts`
+- Keep files focused and single-purpose
+
+## Testing Guidelines
+
+### Test Requirements
+
+- All new features must include tests
+- Bug fixes should include regression tests
+- Aim for >90% code coverage
+- Tests should be isolated and deterministic
+
+### Writing Tests
+
+We use Vitest for testing:
+
+```typescript
+import { describe, it, expect } from 'vitest';
+import { LockLLM } from '../index';
+
+describe('LockLLM', () => {
+  it('should scan input successfully', async () => {
+    const client = new LockLLM({ apiKey: 'test-key' });
+    const result = await client.scan({ input: 'Hello world' });
+    expect(result.safe).toBe(true);
+  });
+});
+```
+
+### Test Categories
+
+- **Unit Tests**: Test individual functions and classes
+- **Integration Tests**: Test wrapper functions with provider SDKs
+- **Error Handling Tests**: Verify proper error handling
+
+### Running Tests
+
+```bash
+# Run all tests
+npm test
+
+# Run specific test file
+npm test -- scan.test.ts
+
+# Run with coverage
+npm run test:coverage
+
+# Run in watch mode during development
+npm run test:watch
+```
+
+## Documentation
+
+### Code Documentation
+
+- Add JSDoc comments for all public APIs
+- Include parameter descriptions and return types
+- Provide usage examples in comments
+
+Example:
+```typescript
+/**
+ * Scans input text for security threats
+ * @param request - The scan request containing input text and options
+ * @returns Promise resolving to scan results with safety classification
+ * @throws {AuthenticationError} If API key is invalid
+ * @example
+ * ```typescript
+ * const result = await client.scan({
+ *   input: 'User input here',
+ *   sensitivity: 'medium'
+ * });
+ * ```
+ */
+async scan(request: ScanRequest): Promise<ScanResponse>
+```
+
+### README Updates
+
+- Update feature lists when adding capabilities
+- Add examples for new functionality
+- Keep API reference section current
+- Update performance metrics if applicable
+
+## Security Considerations
+
+- Never commit API keys or secrets
+- Be cautious with user input in examples
+- Follow security best practices
+- Report security vulnerabilities privately (see [SECURITY.md](SECURITY.md))
+
+## Questions?
+
+- Open an issue for questions about contributing
+- Email support@lockllm.com for private inquiries
+- Check existing issues and pull requests for similar discussions
+
+## License
+
+By contributing to LockLLM, you agree that your contributions will be licensed under the MIT License.
+
+---
+
+Thank you for contributing to LockLLM! Your efforts help make AI applications more secure for everyone.

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 LockLLM
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.