npm - @mainwp/control - Versions diffs - 1.0.0 - Mend

@mainwp/control 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (204) hide show

package/LICENSE +674 -0
package/README.md +583 -0
package/bin/_exit.js +12 -0
package/bin/dev.js +7 -0
package/bin/run.js +7 -0
package/dist/chat/chat-engine.d.ts +213 -0
package/dist/chat/chat-engine.d.ts.map +1 -0
package/dist/chat/chat-engine.js +636 -0
package/dist/chat/chat-engine.js.map +1 -0
package/dist/chat/index.d.ts +10 -0
package/dist/chat/index.d.ts.map +1 -0
package/dist/chat/index.js +14 -0
package/dist/chat/index.js.map +1 -0
package/dist/chat/providers/anthropic.d.ts +52 -0
package/dist/chat/providers/anthropic.d.ts.map +1 -0
package/dist/chat/providers/anthropic.js +292 -0
package/dist/chat/providers/anthropic.js.map +1 -0
package/dist/chat/providers/gemini.d.ts +52 -0
package/dist/chat/providers/gemini.d.ts.map +1 -0
package/dist/chat/providers/gemini.js +284 -0
package/dist/chat/providers/gemini.js.map +1 -0
package/dist/chat/providers/index.d.ts +19 -0
package/dist/chat/providers/index.d.ts.map +1 -0
package/dist/chat/providers/index.js +23 -0
package/dist/chat/providers/index.js.map +1 -0
package/dist/chat/providers/local.d.ts +37 -0
package/dist/chat/providers/local.d.ts.map +1 -0
package/dist/chat/providers/local.js +130 -0
package/dist/chat/providers/local.js.map +1 -0
package/dist/chat/providers/openai-compatible.d.ts +155 -0
package/dist/chat/providers/openai-compatible.d.ts.map +1 -0
package/dist/chat/providers/openai-compatible.js +264 -0
package/dist/chat/providers/openai-compatible.js.map +1 -0
package/dist/chat/providers/openai.d.ts +24 -0
package/dist/chat/providers/openai.d.ts.map +1 -0
package/dist/chat/providers/openai.js +62 -0
package/dist/chat/providers/openai.js.map +1 -0
package/dist/chat/providers/openrouter.d.ts +26 -0
package/dist/chat/providers/openrouter.d.ts.map +1 -0
package/dist/chat/providers/openrouter.js +65 -0
package/dist/chat/providers/openrouter.js.map +1 -0
package/dist/chat/providers/provider-fetch.d.ts +15 -0
package/dist/chat/providers/provider-fetch.d.ts.map +1 -0
package/dist/chat/providers/provider-fetch.js +35 -0
package/dist/chat/providers/provider-fetch.js.map +1 -0
package/dist/chat/providers/provider.d.ts +214 -0
package/dist/chat/providers/provider.d.ts.map +1 -0
package/dist/chat/providers/provider.js +166 -0
package/dist/chat/providers/provider.js.map +1 -0
package/dist/chat/providers/sse-reader.d.ts +21 -0
package/dist/chat/providers/sse-reader.d.ts.map +1 -0
package/dist/chat/providers/sse-reader.js +48 -0
package/dist/chat/providers/sse-reader.js.map +1 -0
package/dist/chat/system-prompt.d.ts +33 -0
package/dist/chat/system-prompt.d.ts.map +1 -0
package/dist/chat/system-prompt.js +166 -0
package/dist/chat/system-prompt.js.map +1 -0
package/dist/chat/tool-envelope.d.ts +72 -0
package/dist/chat/tool-envelope.d.ts.map +1 -0
package/dist/chat/tool-envelope.js +263 -0
package/dist/chat/tool-envelope.js.map +1 -0
package/dist/commands/abilities/info.d.ts +21 -0
package/dist/commands/abilities/info.d.ts.map +1 -0
package/dist/commands/abilities/info.js +80 -0
package/dist/commands/abilities/info.js.map +1 -0
package/dist/commands/abilities/list.d.ts +19 -0
package/dist/commands/abilities/list.d.ts.map +1 -0
package/dist/commands/abilities/list.js +98 -0
package/dist/commands/abilities/list.js.map +1 -0
package/dist/commands/abilities/run.d.ts +75 -0
package/dist/commands/abilities/run.d.ts.map +1 -0
package/dist/commands/abilities/run.js +468 -0
package/dist/commands/abilities/run.js.map +1 -0
package/dist/commands/chat.d.ts +54 -0
package/dist/commands/chat.d.ts.map +1 -0
package/dist/commands/chat.js +384 -0
package/dist/commands/chat.js.map +1 -0
package/dist/commands/config/show.d.ts +54 -0
package/dist/commands/config/show.d.ts.map +1 -0
package/dist/commands/config/show.js +324 -0
package/dist/commands/config/show.js.map +1 -0
package/dist/commands/doctor.d.ts +77 -0
package/dist/commands/doctor.d.ts.map +1 -0
package/dist/commands/doctor.js +412 -0
package/dist/commands/doctor.js.map +1 -0
package/dist/commands/jobs/watch.d.ts +50 -0
package/dist/commands/jobs/watch.d.ts.map +1 -0
package/dist/commands/jobs/watch.js +269 -0
package/dist/commands/jobs/watch.js.map +1 -0
package/dist/commands/login.d.ts +25 -0
package/dist/commands/login.d.ts.map +1 -0
package/dist/commands/login.js +165 -0
package/dist/commands/login.js.map +1 -0
package/dist/commands/profile/delete.d.ts +22 -0
package/dist/commands/profile/delete.d.ts.map +1 -0
package/dist/commands/profile/delete.js +57 -0
package/dist/commands/profile/delete.js.map +1 -0
package/dist/commands/profile/list.d.ts +19 -0
package/dist/commands/profile/list.d.ts.map +1 -0
package/dist/commands/profile/list.js +53 -0
package/dist/commands/profile/list.js.map +1 -0
package/dist/commands/profile/use.d.ts +22 -0
package/dist/commands/profile/use.d.ts.map +1 -0
package/dist/commands/profile/use.js +46 -0
package/dist/commands/profile/use.js.map +1 -0
package/dist/config/fs-utils.d.ts +14 -0
package/dist/config/fs-utils.d.ts.map +1 -0
package/dist/config/fs-utils.js +31 -0
package/dist/config/fs-utils.js.map +1 -0
package/dist/config/keychain.d.ts +53 -0
package/dist/config/keychain.d.ts.map +1 -0
package/dist/config/keychain.js +175 -0
package/dist/config/keychain.js.map +1 -0
package/dist/config/profile-store.d.ts +85 -0
package/dist/config/profile-store.d.ts.map +1 -0
package/dist/config/profile-store.js +228 -0
package/dist/config/profile-store.js.map +1 -0
package/dist/config/settings.d.ts +71 -0
package/dist/config/settings.d.ts.map +1 -0
package/dist/config/settings.js +151 -0
package/dist/config/settings.js.map +1 -0
package/dist/core/abilities-executor.d.ts +126 -0
package/dist/core/abilities-executor.d.ts.map +1 -0
package/dist/core/abilities-executor.js +264 -0
package/dist/core/abilities-executor.js.map +1 -0
package/dist/core/batch-manager.d.ts +113 -0
package/dist/core/batch-manager.d.ts.map +1 -0
package/dist/core/batch-manager.js +244 -0
package/dist/core/batch-manager.js.map +1 -0
package/dist/core/http-client.d.ts +111 -0
package/dist/core/http-client.d.ts.map +1 -0
package/dist/core/http-client.js +329 -0
package/dist/core/http-client.js.map +1 -0
package/dist/core/safety-controller.d.ts +114 -0
package/dist/core/safety-controller.d.ts.map +1 -0
package/dist/core/safety-controller.js +229 -0
package/dist/core/safety-controller.js.map +1 -0
package/dist/hooks/command-not-found.d.ts +12 -0
package/dist/hooks/command-not-found.d.ts.map +1 -0
package/dist/hooks/command-not-found.js +58 -0
package/dist/hooks/command-not-found.js.map +1 -0
package/dist/index.d.ts +7 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +7 -0
package/dist/index.js.map +1 -0
package/dist/lib/base-command.d.ts +123 -0
package/dist/lib/base-command.d.ts.map +1 -0
package/dist/lib/base-command.js +285 -0
package/dist/lib/base-command.js.map +1 -0
package/dist/output/formatter.d.ts +48 -0
package/dist/output/formatter.d.ts.map +1 -0
package/dist/output/formatter.js +138 -0
package/dist/output/formatter.js.map +1 -0
package/dist/output/json-envelope.d.ts +43 -0
package/dist/output/json-envelope.d.ts.map +1 -0
package/dist/output/json-envelope.js +73 -0
package/dist/output/json-envelope.js.map +1 -0
package/dist/utils/audit-logger.d.ts +97 -0
package/dist/utils/audit-logger.d.ts.map +1 -0
package/dist/utils/audit-logger.js +169 -0
package/dist/utils/audit-logger.js.map +1 -0
package/dist/utils/colors.d.ts +29 -0
package/dist/utils/colors.d.ts.map +1 -0
package/dist/utils/colors.js +36 -0
package/dist/utils/colors.js.map +1 -0
package/dist/utils/errors.d.ts +107 -0
package/dist/utils/errors.d.ts.map +1 -0
package/dist/utils/errors.js +149 -0
package/dist/utils/errors.js.map +1 -0
package/dist/utils/exit-codes.d.ts +21 -0
package/dist/utils/exit-codes.d.ts.map +1 -0
package/dist/utils/exit-codes.js +20 -0
package/dist/utils/exit-codes.js.map +1 -0
package/dist/utils/format.d.ts +64 -0
package/dist/utils/format.d.ts.map +1 -0
package/dist/utils/format.js +69 -0
package/dist/utils/format.js.map +1 -0
package/dist/utils/prompt.d.ts +34 -0
package/dist/utils/prompt.d.ts.map +1 -0
package/dist/utils/prompt.js +132 -0
package/dist/utils/prompt.js.map +1 -0
package/dist/utils/retry.d.ts +59 -0
package/dist/utils/retry.d.ts.map +1 -0
package/dist/utils/retry.js +96 -0
package/dist/utils/retry.js.map +1 -0
package/dist/utils/terminal-sanitizer.d.ts +60 -0
package/dist/utils/terminal-sanitizer.d.ts.map +1 -0
package/dist/utils/terminal-sanitizer.js +166 -0
package/dist/utils/terminal-sanitizer.js.map +1 -0
package/dist/validation/input-sanitizer.d.ts +76 -0
package/dist/validation/input-sanitizer.d.ts.map +1 -0
package/dist/validation/input-sanitizer.js +199 -0
package/dist/validation/input-sanitizer.js.map +1 -0
package/dist/validation/schema-validator.d.ts +75 -0
package/dist/validation/schema-validator.d.ts.map +1 -0
package/dist/validation/schema-validator.js +147 -0
package/dist/validation/schema-validator.js.map +1 -0
package/oclif.manifest.json +857 -0
package/package.json +101 -0
package/scripts/completions/README.md +221 -0
package/scripts/completions/mainwpcontrol.bash +193 -0
package/scripts/completions/mainwpcontrol.zsh +267 -0
package/scripts/completions/profile-completer.sh +35 -0
package/scripts/completions/regenerate.sh +78 -0

package/dist/utils/terminal-sanitizer.js ADDED Viewed

@@ -0,0 +1,166 @@
+/**
+ * Terminal Output Sanitizer for mainwpcontrol
+ *
+ * Security utility to strip ANSI escape sequences and control characters
+ * from untrusted data before rendering to terminal output.
+ *
+ * Prevents:
+ * - Terminal escape sequence injection
+ * - Fake prompt attacks
+ * - Screen manipulation/overwriting
+ * - OSC command execution
+ */
+/**
+ * Regular expressions for matching escape sequences
+ */
+const ESCAPE_PATTERNS = {
+    // ANSI escape sequences: ESC [ ... (CSI sequences)
+    // Matches: colors, cursor movement, screen clearing, etc.
+    csi: /\x1b\[[0-9;]*[A-Za-z]/g,
+    // Operating System Command sequences: ESC ] ... ST
+    // Used for setting window titles, clipboard, etc.
+    osc: /\x1b\][\s\S]*?(?:\x07|\x1b\\)/g,
+    // Single-character escape sequences: ESC followed by single char
+    singleEsc: /\x1b[^[\]]/g,
+    // C1 control characters (0x80-0x9F)
+    c1: /[\x80-\x9f]/g,
+    // Device Control Strings: ESC P ... ST
+    dcs: /\x1bP[\s\S]*?(?:\x1b\\)/g,
+    // Application Program Command: ESC _ ... ST
+    apc: /\x1b_[\s\S]*?(?:\x1b\\)/g,
+    // Privacy Message: ESC ^ ... ST
+    pm: /\x1b\^[\s\S]*?(?:\x1b\\)/g,
+    // Start of String: ESC X ... ST
+    sos: /\x1bX[\s\S]*?(?:\x1b\\)/g,
+};
+/**
+ * C0 control characters to remove (0x00-0x1F)
+ * Preserves: \t (0x09), \n (0x0A), \r (0x0D)
+ */
+const C0_UNSAFE = /[\x00-\x08\x0b\x0c\x0e-\x1f]/g;
+/**
+ * Strip all ANSI escape sequences and control characters from a string.
+ *
+ * This is the core sanitization function that removes:
+ * - ANSI CSI sequences (colors, cursor movement, screen control)
+ * - OSC sequences (window titles, clipboard commands)
+ * - Other escape sequences (DCS, APC, PM, SOS)
+ * - C0 control characters (except tab, newline, carriage return)
+ * - C1 control characters
+ *
+ * @param str - The string to sanitize
+ * @returns The sanitized string with all escape sequences removed
+ */
+export function stripControlChars(str) {
+    if (typeof str !== 'string') {
+        return '';
+    }
+    let result = str;
+    // Remove all escape sequence types
+    result = result.replace(ESCAPE_PATTERNS.osc, '');
+    result = result.replace(ESCAPE_PATTERNS.dcs, '');
+    result = result.replace(ESCAPE_PATTERNS.apc, '');
+    result = result.replace(ESCAPE_PATTERNS.pm, '');
+    result = result.replace(ESCAPE_PATTERNS.sos, '');
+    result = result.replace(ESCAPE_PATTERNS.csi, '');
+    result = result.replace(ESCAPE_PATTERNS.singleEsc, '');
+    // Remove control characters
+    result = result.replace(ESCAPE_PATTERNS.c1, '');
+    result = result.replace(C0_UNSAFE, '');
+    // Remove any remaining bare ESC characters
+    result = result.replace(/\x1b/g, '');
+    return result;
+}
+/**
+ * Recursively sanitize a value for safe terminal output.
+ *
+ * Handles:
+ * - Strings: strips control characters
+ * - Arrays: recursively sanitizes each element
+ * - Objects: recursively sanitizes each value
+ * - Other types: converted to string and sanitized
+ *
+ * @param value - The value to sanitize
+ * @returns A sanitized copy of the value (original is not modified)
+ */
+export function sanitizeForTerminal(value) {
+    if (value === null || value === undefined) {
+        return value;
+    }
+    if (typeof value === 'string') {
+        return stripControlChars(value);
+    }
+    if (typeof value === 'number' || typeof value === 'boolean') {
+        return value;
+    }
+    if (Array.isArray(value)) {
+        return value.map((item) => sanitizeForTerminal(item));
+    }
+    if (typeof value === 'object') {
+        const sanitized = {};
+        for (const [key, val] of Object.entries(value)) {
+            // Sanitize both keys and values
+            const sanitizedKey = stripControlChars(key);
+            sanitized[sanitizedKey] = sanitizeForTerminal(val);
+        }
+        return sanitized;
+    }
+    // For other types (functions, symbols, etc.), convert to string and sanitize
+    return stripControlChars(String(value));
+}
+/**
+ * Sanitize a string for safe display, preserving safe content.
+ *
+ * This is a convenience wrapper that handles non-string inputs
+ * by converting them to JSON first.
+ *
+ * @param value - The value to sanitize for display
+ * @returns A safe string suitable for terminal output
+ */
+export function safeString(value) {
+    if (value === null) {
+        return 'null';
+    }
+    if (value === undefined) {
+        return 'undefined';
+    }
+    if (typeof value === 'string') {
+        return stripControlChars(value);
+    }
+    if (typeof value === 'number' || typeof value === 'boolean') {
+        return String(value);
+    }
+    // For objects and arrays, sanitize then stringify
+    const sanitized = sanitizeForTerminal(value);
+    return JSON.stringify(sanitized);
+}
+/**
+ * Check if a string contains potentially dangerous escape sequences.
+ *
+ * Useful for logging or debugging when you want to detect
+ * but not necessarily remove escape sequences.
+ *
+ * @param str - The string to check
+ * @returns True if the string contains escape sequences
+ */
+export function containsEscapeSequences(str) {
+    if (typeof str !== 'string') {
+        return false;
+    }
+    // Reset lastIndex on global regexes before test() to avoid
+    // alternating true/false results from stateful .test() calls
+    ESCAPE_PATTERNS.csi.lastIndex = 0;
+    ESCAPE_PATTERNS.osc.lastIndex = 0;
+    ESCAPE_PATTERNS.singleEsc.lastIndex = 0;
+    ESCAPE_PATTERNS.c1.lastIndex = 0;
+    ESCAPE_PATTERNS.dcs.lastIndex = 0;
+    C0_UNSAFE.lastIndex = 0;
+    return (ESCAPE_PATTERNS.csi.test(str) ||
+        ESCAPE_PATTERNS.osc.test(str) ||
+        ESCAPE_PATTERNS.singleEsc.test(str) ||
+        ESCAPE_PATTERNS.c1.test(str) ||
+        ESCAPE_PATTERNS.dcs.test(str) ||
+        C0_UNSAFE.test(str) ||
+        str.includes('\x1b'));
+}
+//# sourceMappingURL=terminal-sanitizer.js.map

package/dist/utils/terminal-sanitizer.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"terminal-sanitizer.js","sourceRoot":"","sources":["../../src/utils/terminal-sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH;;GAEG;AACH,MAAM,eAAe,GAAG;IACtB,mDAAmD;IACnD,0DAA0D;IAC1D,GAAG,EAAE,wBAAwB;IAE7B,mDAAmD;IACnD,kDAAkD;IAClD,GAAG,EAAE,gCAAgC;IAErC,iEAAiE;IACjE,SAAS,EAAE,aAAa;IAExB,oCAAoC;IACpC,EAAE,EAAE,cAAc;IAElB,uCAAuC;IACvC,GAAG,EAAE,0BAA0B;IAE/B,4CAA4C;IAC5C,GAAG,EAAE,0BAA0B;IAE/B,gCAAgC;IAChC,EAAE,EAAE,2BAA2B;IAE/B,gCAAgC;IAChC,GAAG,EAAE,0BAA0B;CAChC,CAAC;AAEF;;;GAGG;AACH,MAAM,SAAS,GAAG,+BAA+B,CAAC;AAElD;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,iBAAiB,CAAC,GAAW;IAC3C,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,IAAI,MAAM,GAAG,GAAG,CAAC;IAEjB,mCAAmC;IACnC,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACjD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACjD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACjD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAChD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACjD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACjD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;IAEvD,4BAA4B;IAC5B,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAChD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;IAEvC,2CAA2C;IAC3C,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;IAErC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,mBAAmB,CAAC,KAAc;IAChD,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QAC1C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,iBAAiB,CAAC,KAAK,CAAC,CAAC;IAClC,CAAC;IAED,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,KAAK,SAAS,EAAE,CAAC;QAC5D,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC;IACxD,CAAC;IAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,MAAM,SAAS,GAA4B,EAAE,CAAC;QAC9C,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/C,gCAAgC;YAChC,MAAM,YAAY,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC;YAC5C,SAAS,CAAC,YAAY,CAAC,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC;QACrD,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,6EAA6E;IAC7E,OAAO,iBAAiB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;AAC1C,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,UAAU,CAAC,KAAc;IACvC,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QACnB,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACxB,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,iBAAiB,CAAC,KAAK,CAAC,CAAC;IAClC,CAAC;IAED,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,KAAK,SAAS,EAAE,CAAC;QAC5D,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC;IAED,kDAAkD;IAClD,MAAM,SAAS,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC;IAC7C,OAAO,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;AACnC,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,uBAAuB,CAAC,GAAW;IACjD,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,2DAA2D;IAC3D,6DAA6D;IAC7D,eAAe,CAAC,GAAG,CAAC,SAAS,GAAG,CAAC,CAAC;IAClC,eAAe,CAAC,GAAG,CAAC,SAAS,GAAG,CAAC,CAAC;IAClC,eAAe,CAAC,SAAS,CAAC,SAAS,GAAG,CAAC,CAAC;IACxC,eAAe,CAAC,EAAE,CAAC,SAAS,GAAG,CAAC,CAAC;IACjC,eAAe,CAAC,GAAG,CAAC,SAAS,GAAG,CAAC,CAAC;IAClC,SAAS,CAAC,SAAS,GAAG,CAAC,CAAC;IAExB,OAAO,CACL,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC;QAC7B,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC;QAC7B,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC;QACnC,eAAe,CAAC,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC;QAC5B,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC;QAC7B,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC;QACnB,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CACrB,CAAC;AACJ,CAAC"}

package/dist/validation/input-sanitizer.d.ts ADDED Viewed

@@ -0,0 +1,76 @@
+/**
+ * Input Sanitizer for mainwpcontrol
+ *
+ * Security sanitization for inputs:
+ * - Input limits (string length, array elements, object depth)
+ * - Error sanitization (path redaction, credential stripping)
+ */
+/**
+ * Default limits for input sanitization
+ */
+export declare const DEFAULT_LIMITS: {
+    /** Maximum string length */
+    readonly maxStringLength: 65536;
+    /** Maximum array elements */
+    readonly maxArrayElements: 1000;
+    /** Maximum object depth */
+    readonly maxObjectDepth: 10;
+    /** Maximum object keys */
+    readonly maxObjectKeys: 100;
+    /** Maximum total input size (approximate) */
+    readonly maxInputSize: 1048576;
+};
+/**
+ * Sanitization options
+ */
+export interface SanitizeOptions {
+    maxStringLength?: number;
+    maxArrayElements?: number;
+    maxObjectDepth?: number;
+    maxObjectKeys?: number;
+    maxInputSize?: number;
+}
+/**
+ * Input Sanitizer class
+ */
+export declare class InputSanitizer {
+    private readonly limits;
+    constructor(options?: SanitizeOptions);
+    /**
+     * Sanitize and validate input
+     *
+     * @param input - Input data to sanitize
+     * @throws InputError if input exceeds limits
+     * @returns Sanitized input (same object if valid)
+     */
+    sanitize(input: Record<string, unknown>): Record<string, unknown>;
+    /**
+     * Recursively validate a value
+     */
+    private validateValue;
+    /**
+     * Check if a key name appears to contain sensitive data
+     */
+    isSensitiveKey(key: string): boolean;
+    /**
+     * Redact sensitive values in an object (for logging/errors)
+     */
+    redactSensitive(data: Record<string, unknown>): Record<string, unknown>;
+    /**
+     * Recursively redact sensitive values
+     */
+    private redactValue;
+    /**
+     * Sanitize error message to remove sensitive paths and data
+     */
+    sanitizeErrorMessage(message: string): string;
+    /**
+     * Sanitize an error object for safe logging
+     */
+    sanitizeError(error: Error): Error;
+}
+/**
+ * Get the input sanitizer singleton
+ */
+export declare function getInputSanitizer(): InputSanitizer;
+//# sourceMappingURL=input-sanitizer.d.ts.map

package/dist/validation/input-sanitizer.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"input-sanitizer.d.ts","sourceRoot":"","sources":["../../src/validation/input-sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH;;GAEG;AACH,eAAO,MAAM,cAAc;IACzB,4BAA4B;;IAE5B,6BAA6B;;IAE7B,2BAA2B;;IAE3B,0BAA0B;;IAE1B,6CAA6C;;CAErC,CAAC;AAEX;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AA8BD;;GAEG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA4B;gBAEvC,OAAO,CAAC,EAAE,eAAe;IAUrC;;;;;;OAMG;IACH,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAiBjE;;OAEG;IACH,OAAO,CAAC,aAAa;IAsDrB;;OAEG;IACH,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;IAIpC;;OAEG;IACH,eAAe,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAIvE;;OAEG;IACH,OAAO,CAAC,WAAW;IAwBnB;;OAEG;IACH,oBAAoB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM;IA6B7C;;OAEG;IACH,aAAa,CAAC,KAAK,EAAE,KAAK,GAAG,KAAK;CAenC;AAOD;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,cAAc,CAKlD"}

package/dist/validation/input-sanitizer.js ADDED Viewed

@@ -0,0 +1,199 @@
+/**
+ * Input Sanitizer for mainwpcontrol
+ *
+ * Security sanitization for inputs:
+ * - Input limits (string length, array elements, object depth)
+ * - Error sanitization (path redaction, credential stripping)
+ */
+import { InputError } from '../utils/errors.js';
+/**
+ * Default limits for input sanitization
+ */
+export const DEFAULT_LIMITS = {
+    /** Maximum string length */
+    maxStringLength: 65536, // 64KB
+    /** Maximum array elements */
+    maxArrayElements: 1000,
+    /** Maximum object depth */
+    maxObjectDepth: 10,
+    /** Maximum object keys */
+    maxObjectKeys: 100,
+    /** Maximum total input size (approximate) */
+    maxInputSize: 1048576, // 1MB
+};
+/**
+ * Patterns that indicate sensitive data
+ */
+const SENSITIVE_PATTERNS = [
+    /password/i,
+    /secret/i,
+    /token/i,
+    /api[_-]?key/i,
+    /auth/i,
+    /credential/i,
+    /private[_-]?key/i,
+    /bearer/i,
+    /signing[_-]?key/i,
+    /encryption[_-]?key/i,
+];
+/**
+ * Patterns for redacting file paths
+ */
+const PATH_PATTERNS = [
+    // Absolute paths
+    /\/Users\/[^/\s]+/g,
+    /\/home\/[^/\s]+/g,
+    /C:\\Users\\[^\\]+/gi,
+    // Config directories
+    /\.config\/mainwpcontrol/g,
+];
+/**
+ * Input Sanitizer class
+ */
+export class InputSanitizer {
+    limits;
+    constructor(options) {
+        this.limits = {
+            maxStringLength: options?.maxStringLength ?? DEFAULT_LIMITS.maxStringLength,
+            maxArrayElements: options?.maxArrayElements ?? DEFAULT_LIMITS.maxArrayElements,
+            maxObjectDepth: options?.maxObjectDepth ?? DEFAULT_LIMITS.maxObjectDepth,
+            maxObjectKeys: options?.maxObjectKeys ?? DEFAULT_LIMITS.maxObjectKeys,
+            maxInputSize: options?.maxInputSize ?? DEFAULT_LIMITS.maxInputSize,
+        };
+    }
+    /**
+     * Sanitize and validate input
+     *
+     * @param input - Input data to sanitize
+     * @throws InputError if input exceeds limits
+     * @returns Sanitized input (same object if valid)
+     */
+    sanitize(input) {
+        // Check total size
+        const serialized = JSON.stringify(input);
+        if (serialized.length > this.limits.maxInputSize) {
+            throw new InputError(`Input size exceeds limit: ${serialized.length} bytes (max: ${this.limits.maxInputSize})`, { size: serialized.length, limit: this.limits.maxInputSize }, 'Reduce the size of your input or split into multiple requests');
+        }
+        // Validate structure
+        this.validateValue(input, 0, 'input');
+        return input;
+    }
+    /**
+     * Recursively validate a value
+     */
+    validateValue(value, depth, path) {
+        // Check depth
+        if (depth > this.limits.maxObjectDepth) {
+            throw new InputError(`Input exceeds maximum depth at "${path}"`, { path, depth, limit: this.limits.maxObjectDepth }, 'Simplify your input structure or reduce nesting depth');
+        }
+        if (value === null || value === undefined) {
+            return;
+        }
+        if (typeof value === 'string') {
+            if (value.length > this.limits.maxStringLength) {
+                throw new InputError(`String exceeds maximum length at "${path}"`, { path, length: value.length, limit: this.limits.maxStringLength }, 'Use shorter strings or split into multiple requests');
+            }
+            return;
+        }
+        if (Array.isArray(value)) {
+            if (value.length > this.limits.maxArrayElements) {
+                throw new InputError(`Array exceeds maximum elements at "${path}"`, { path, length: value.length, limit: this.limits.maxArrayElements }, 'Reduce the number of array elements or split into multiple requests');
+            }
+            value.forEach((item, index) => {
+                this.validateValue(item, depth + 1, `${path}[${index}]`);
+            });
+            return;
+        }
+        if (typeof value === 'object') {
+            const keys = Object.keys(value);
+            if (keys.length > this.limits.maxObjectKeys) {
+                throw new InputError(`Object exceeds maximum keys at "${path}"`, { path, count: keys.length, limit: this.limits.maxObjectKeys }, 'Reduce the number of object properties or split into multiple requests');
+            }
+            for (const key of keys) {
+                this.validateValue(value[key], depth + 1, `${path}.${key}`);
+            }
+        }
+    }
+    /**
+     * Check if a key name appears to contain sensitive data
+     */
+    isSensitiveKey(key) {
+        return SENSITIVE_PATTERNS.some((pattern) => pattern.test(key));
+    }
+    /**
+     * Redact sensitive values in an object (for logging/errors)
+     */
+    redactSensitive(data) {
+        return this.redactValue(data);
+    }
+    /**
+     * Recursively redact sensitive values
+     */
+    redactValue(value) {
+        if (value === null || value === undefined) {
+            return value;
+        }
+        if (Array.isArray(value)) {
+            return value.map((item) => this.redactValue(item));
+        }
+        if (typeof value === 'object') {
+            const result = {};
+            for (const [key, val] of Object.entries(value)) {
+                if (this.isSensitiveKey(key)) {
+                    result[key] = '[REDACTED]';
+                }
+                else {
+                    result[key] = this.redactValue(val);
+                }
+            }
+            return result;
+        }
+        return value;
+    }
+    /**
+     * Sanitize error message to remove sensitive paths and data
+     */
+    sanitizeErrorMessage(message) {
+        let sanitized = message;
+        // Redact file paths
+        for (const pattern of PATH_PATTERNS) {
+            sanitized = sanitized.replace(pattern, '[PATH]');
+        }
+        // Redact URLs with credentials
+        sanitized = sanitized.replace(/https?:\/\/[^:]+:[^@]+@[^\s]+/g, '[URL_WITH_CREDENTIALS]');
+        // Redact base64 that might be auth headers
+        sanitized = sanitized.replace(/Basic\s+[A-Za-z0-9+/]+=*/gi, 'Basic [REDACTED]');
+        // Redact bearer tokens
+        sanitized = sanitized.replace(/Bearer\s+[A-Za-z0-9._-]+/gi, 'Bearer [REDACTED]');
+        return sanitized;
+    }
+    /**
+     * Sanitize an error object for safe logging
+     */
+    sanitizeError(error) {
+        const sanitizedMessage = this.sanitizeErrorMessage(error.message);
+        if (sanitizedMessage === error.message) {
+            return error;
+        }
+        const sanitizedError = new Error(sanitizedMessage);
+        sanitizedError.name = error.name;
+        if (error.stack) {
+            sanitizedError.stack = this.sanitizeErrorMessage(error.stack);
+        }
+        return sanitizedError;
+    }
+}
+/**
+ * Singleton instance
+ */
+let instance = null;
+/**
+ * Get the input sanitizer singleton
+ */
+export function getInputSanitizer() {
+    if (!instance) {
+        instance = new InputSanitizer();
+    }
+    return instance;
+}
+//# sourceMappingURL=input-sanitizer.js.map

package/dist/validation/input-sanitizer.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"input-sanitizer.js","sourceRoot":"","sources":["../../src/validation/input-sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAEhD;;GAEG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,4BAA4B;IAC5B,eAAe,EAAE,KAAK,EAAE,OAAO;IAC/B,6BAA6B;IAC7B,gBAAgB,EAAE,IAAI;IACtB,2BAA2B;IAC3B,cAAc,EAAE,EAAE;IAClB,0BAA0B;IAC1B,aAAa,EAAE,GAAG;IAClB,6CAA6C;IAC7C,YAAY,EAAE,OAAO,EAAE,MAAM;CACrB,CAAC;AAaX;;GAEG;AACH,MAAM,kBAAkB,GAAG;IACzB,WAAW;IACX,SAAS;IACT,QAAQ;IACR,cAAc;IACd,OAAO;IACP,aAAa;IACb,kBAAkB;IAClB,SAAS;IACT,kBAAkB;IAClB,qBAAqB;CACtB,CAAC;AAEF;;GAEG;AACH,MAAM,aAAa,GAAG;IACpB,iBAAiB;IACjB,mBAAmB;IACnB,kBAAkB;IAClB,qBAAqB;IACrB,qBAAqB;IACrB,0BAA0B;CAC3B,CAAC;AAEF;;GAEG;AACH,MAAM,OAAO,cAAc;IACR,MAAM,CAA4B;IAEnD,YAAY,OAAyB;QACnC,IAAI,CAAC,MAAM,GAAG;YACZ,eAAe,EAAE,OAAO,EAAE,eAAe,IAAI,cAAc,CAAC,eAAe;YAC3E,gBAAgB,EAAE,OAAO,EAAE,gBAAgB,IAAI,cAAc,CAAC,gBAAgB;YAC9E,cAAc,EAAE,OAAO,EAAE,cAAc,IAAI,cAAc,CAAC,cAAc;YACxE,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,cAAc,CAAC,aAAa;YACrE,YAAY,EAAE,OAAO,EAAE,YAAY,IAAI,cAAc,CAAC,YAAY;SACnE,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACH,QAAQ,CAAC,KAA8B;QACrC,mBAAmB;QACnB,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QACzC,IAAI,UAAU,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YACjD,MAAM,IAAI,UAAU,CAClB,6BAA6B,UAAU,CAAC,MAAM,gBAAgB,IAAI,CAAC,MAAM,CAAC,YAAY,GAAG,EACzF,EAAE,IAAI,EAAE,UAAU,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,EAC5D,+DAA+D,CAChE,CAAC;QACJ,CAAC;QAED,qBAAqB;QACrB,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC,EAAE,OAAO,CAAC,CAAC;QAEtC,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,KAAc,EAAE,KAAa,EAAE,IAAY;QAC/D,cAAc;QACd,IAAI,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;YACvC,MAAM,IAAI,UAAU,CAClB,mCAAmC,IAAI,GAAG,EAC1C,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,EAClD,uDAAuD,CACxD,CAAC;QACJ,CAAC;QAED,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YAC1C,OAAO;QACT,CAAC;QAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;gBAC/C,MAAM,IAAI,UAAU,CAClB,qCAAqC,IAAI,GAAG,EAC5C,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,EAClE,qDAAqD,CACtD,CAAC;YACJ,CAAC;YACD,OAAO;QACT,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,IAAI,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC;gBAChD,MAAM,IAAI,UAAU,CAClB,sCAAsC,IAAI,GAAG,EAC7C,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,EACnE,qEAAqE,CACtE,CAAC;YACJ,CAAC;YACD,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;gBAC5B,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,KAAK,GAAG,CAAC,EAAE,GAAG,IAAI,IAAI,KAAK,GAAG,CAAC,CAAC;YAC3D,CAAC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAChC,IAAI,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;gBAC5C,MAAM,IAAI,UAAU,CAClB,mCAAmC,IAAI,GAAG,EAC1C,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,EAC9D,wEAAwE,CACzE,CAAC;YACJ,CAAC;YACD,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;gBACvB,IAAI,CAAC,aAAa,CAAE,KAAiC,CAAC,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,EAAE,GAAG,IAAI,IAAI,GAAG,EAAE,CAAC,CAAC;YAC3F,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,GAAW;QACxB,OAAO,kBAAkB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACjE,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,IAA6B;QAC3C,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,CAA4B,CAAC;IAC3D,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,KAAc;QAChC,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YAC1C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC;QACrD,CAAC;QAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,MAAM,GAA4B,EAAE,CAAC;YAC3C,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC/C,IAAI,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC7B,MAAM,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;gBAC7B,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;gBACtC,CAAC;YACH,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACH,oBAAoB,CAAC,OAAe;QAClC,IAAI,SAAS,GAAG,OAAO,CAAC;QAExB,oBAAoB;QACpB,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;YACpC,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QACnD,CAAC;QAED,+BAA+B;QAC/B,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,gCAAgC,EAChC,wBAAwB,CACzB,CAAC;QAEF,2CAA2C;QAC3C,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,4BAA4B,EAC5B,kBAAkB,CACnB,CAAC;QAEF,uBAAuB;QACvB,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,4BAA4B,EAC5B,mBAAmB,CACpB,CAAC;QAEF,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,KAAY;QACxB,MAAM,gBAAgB,GAAG,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAElE,IAAI,gBAAgB,KAAK,KAAK,CAAC,OAAO,EAAE,CAAC;YACvC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,cAAc,GAAG,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;QACnD,cAAc,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC;QACjC,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;YAChB,cAAc,CAAC,KAAK,GAAG,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAChE,CAAC;QAED,OAAO,cAAc,CAAC;IACxB,CAAC;CACF;AAED;;GAEG;AACH,IAAI,QAAQ,GAA0B,IAAI,CAAC;AAE3C;;GAEG;AACH,MAAM,UAAU,iBAAiB;IAC/B,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,QAAQ,GAAG,IAAI,cAAc,EAAE,CAAC;IAClC,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/validation/schema-validator.d.ts ADDED Viewed

@@ -0,0 +1,75 @@
+/**
+ * Schema Validator for mainwpcontrol
+ *
+ * AJV-based input validation against ability JSON schemas.
+ * Caches compiled schemas for performance.
+ */
+/**
+ * Validation result
+ */
+export interface ValidationResult {
+    valid: boolean;
+    errors?: ValidationError[];
+    /** Coerced copy of input after AJV applies type coercion and defaults */
+    coerced?: Record<string, unknown>;
+}
+/**
+ * Structured validation error
+ */
+export interface ValidationError {
+    path: string;
+    message: string;
+    keyword: string;
+    params: Record<string, unknown>;
+}
+/**
+ * Schema Validator class
+ */
+export declare class SchemaValidator {
+    private readonly ajv;
+    private readonly schemaCache;
+    constructor();
+    /**
+     * Validate input against a JSON schema
+     *
+     * @param input - The input data to validate
+     * @param schema - The JSON schema to validate against
+     * @param schemaId - Optional ID for caching compiled schema
+     * @returns Validation result with any errors
+     */
+    validate(input: Record<string, unknown>, schema: Record<string, unknown>, schemaId?: string): ValidationResult;
+    /**
+     * Validate input and throw if invalid
+     *
+     * @param input - The input data to validate
+     * @param schema - The JSON schema to validate against
+     * @param abilityName - Name of the ability (for error message)
+     * @throws SchemaValidationError if validation fails
+     */
+    validateOrThrow(input: Record<string, unknown>, schema: Record<string, unknown>, abilityName: string): ValidationResult;
+    /**
+     * Check if input would be valid (without detailed errors)
+     */
+    isValid(input: Record<string, unknown>, schema: Record<string, unknown>, schemaId?: string): boolean;
+    /**
+     * Get or compile schema
+     */
+    private getCompiledSchema;
+    /**
+     * Format AJV errors into structured errors
+     */
+    private formatErrors;
+    /**
+     * Format a single error into a human-readable message
+     */
+    private formatErrorMessage;
+    /**
+     * Clear the schema cache
+     */
+    clearCache(): void;
+}
+/**
+ * Get the schema validator singleton
+ */
+export declare function getSchemaValidator(): SchemaValidator;
+//# sourceMappingURL=schema-validator.d.ts.map

package/dist/validation/schema-validator.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"schema-validator.d.ts","sourceRoot":"","sources":["../../src/validation/schema-validator.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAQH;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,eAAe,EAAE,CAAC;IAC3B,yEAAyE;IACzE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC;AAKD;;GAEG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAc;IAClC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA4C;;IAYxE;;;;;;;OAOG;IACH,QAAQ,CACN,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC9B,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,QAAQ,CAAC,EAAE,MAAM,GAChB,gBAAgB;IAcnB;;;;;;;OAOG;IACH,eAAe,CACb,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC9B,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,WAAW,EAAE,MAAM,GAClB,gBAAgB;IAenB;;OAEG;IACH,OAAO,CACL,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC9B,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,QAAQ,CAAC,EAAE,MAAM,GAChB,OAAO;IAKV;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAuBzB;;OAEG;IACH,OAAO,CAAC,YAAY;IASpB;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAqC1B;;OAEG;IACH,UAAU,IAAI,IAAI;CAGnB;AAOD;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,eAAe,CAKpD"}