npm - @mars-stack/core - Versions diffs - 8.0.0 → 8.0.2 - Mend

@mars-stack/core 8.0.0 → 8.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/cursor/rules/mars-testing.mdc +1 -1
package/dist/auth/password-hash.d.ts +10 -0
package/dist/auth/password-hash.d.ts.map +1 -0
package/dist/auth/password-hash.js +1 -0
package/dist/auth/password-schema.d.ts +4 -0
package/dist/auth/password-schema.d.ts.map +1 -0
package/dist/auth/password-schema.js +1 -0
package/dist/auth/password.d.ts +2 -26
package/dist/auth/password.d.ts.map +1 -1
package/dist/auth/password.js +3 -1
package/dist/auth/validators.js +1 -1
package/dist/{chunk-WO6FHJHG.js → chunk-6WI62GWT.js} +2 -9
package/dist/chunk-BJY4ZUID.js +9 -0
package/package.json +9 -1

package/cursor/rules/mars-testing.mdc CHANGED Viewed

@@ -27,4 +27,4 @@ alwaysApply: false
 End-to-end specs live in **`e2e/`** (`yarn test:e2e`). When you add or materially change **user-facing** behaviour (pages, flows, CLI-generated features), extend **`e2e/*.spec.ts`** so at least one **stable happy path** is covered. Prefer role/label selectors; avoid sleep-only assertions.
-**Mars monorepo:** The template’s catalog and CLI-wide CI expectations are defined in **`docs/design-docs/scaffold-testing-strategy.md`** (Decision 7) and ticket **MARS-041**; update **`template/e2e/`** and its README when you change generators or template routes.
+**Mars monorepo:** Catalog and CI expectations are in **`docs/design-docs/scaffold-testing-strategy.md`** (Decision 7). Update **`template/e2e/`** (baseline), **`template/e2e-kitchen-sink/`** (kitchen-sink catalog), and **`template/e2e/README.md`** when you change generators or template routes. See **MARS-041** (done).

package/dist/auth/password-hash.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+/**
+ * Hashes a password using SHA-256 prehash followed by bcrypt (cost 12).
+ * Safe to import from Prisma seed scripts and other Node contexts outside Next.js.
+ */
+export declare function hashPassword(password: string): Promise<string>;
+/**
+ * Verifies a plaintext password against a stored bcrypt hash.
+ */
+export declare function verifyPassword(plainPassword: string, hashedPassword: string): Promise<boolean>;
+//# sourceMappingURL=password-hash.d.ts.map

package/dist/auth/password-hash.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"password-hash.d.ts","sourceRoot":"","sources":["../../src/auth/password-hash.ts"],"names":[],"mappings":"AAWA;;;GAGG;AACH,wBAAsB,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAIpE;AAED;;GAEG;AACH,wBAAsB,cAAc,CAClC,aAAa,EAAE,MAAM,EACrB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,OAAO,CAAC,CAMlB"}

package/dist/auth/password-hash.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { hashPassword, verifyPassword } from '../chunk-6WI62GWT.js';

package/dist/auth/password-schema.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import { z } from 'zod';
+/** Zod schema enforcing password strength rules: 8-100 chars, mixed case, digit, special char, no common patterns. */
+export declare const passwordSchema: z.ZodString;
+//# sourceMappingURL=password-schema.d.ts.map

package/dist/auth/password-schema.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"password-schema.d.ts","sourceRoot":"","sources":["../../src/auth/password-schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,sHAAsH;AACtH,eAAO,MAAM,cAAc,aAYqE,CAAC"}

package/dist/auth/password-schema.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { passwordSchema } from '../chunk-BJY4ZUID.js';

package/dist/auth/password.d.ts CHANGED Viewed

@@ -1,28 +1,4 @@
 import 'server-only';
-import { z } from 'zod';
-/** Zod schema enforcing password strength rules: 8-100 chars, mixed case, digit, special char, no common patterns. */
-export declare const passwordSchema: z.ZodString;
-/**
- * Hashes a password using SHA-256 prehash followed by bcrypt (cost 12).
- * The prehash step allows bcrypt to work with passwords of any length while
- * maintaining a domain separator to prevent cross-protocol collisions.
- *
- * @param password - The plaintext password to hash
- * @returns The bcrypt hash string
- * @example
- * const hash = await hashPassword('mySecureP@ss1');
- */
-export declare function hashPassword(password: string): Promise<string>;
-/**
- * Verifies a plaintext password against a stored bcrypt hash.
- * Attempts prehashed comparison first, then falls back to direct comparison
- * for backwards compatibility with legacy hashes.
- *
- * @param plainPassword - The plaintext password to verify
- * @param hashedPassword - The stored bcrypt hash
- * @returns True if the password matches
- * @example
- * const valid = await verifyPassword('mySecureP@ss1', storedHash);
- */
-export declare function verifyPassword(plainPassword: string, hashedPassword: string): Promise<boolean>;
+export { passwordSchema } from './password-schema';
+export { hashPassword, verifyPassword } from './password-hash';
 //# sourceMappingURL=password.d.ts.map

package/dist/auth/password.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"password.d.ts","sourceRoot":"","sources":["../../src/auth/password.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,CAAC;AAErB,OAAO,EAAE,~~CAAC~~,EAAE,MAAM,~~KAAK~~,CAAC;~~AAaxB~~,~~sHAAsH;AACtH~~,~~eAAO~~,~~MAAM,cAAc,aAYqE,CAAC;AAEjG;;;;;;;;;GASG;AACH,wBAAsB,~~YAAY,~~CAAC,QAAQ,~~EAAE,~~MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAIpE;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,~~cAAc,~~CAClC,aAAa,~~EAAE,MAAM,~~EACrB~~,~~cAAc,EAAE,MAAM,GACrB,OAAO,~~CAAC~~,OAAO,CAAC,CAMlB~~"}
1	+ {"version":3,"file":"password.d.ts","sourceRoot":"","sources":["../../src/auth/password.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,CAAC;AAErB,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/auth/password.js CHANGED Viewed

@@ -1 +1,3 @@
-export { hashPassword, passwordSchema, verifyPassword } from '../chunk-WO6FHJHG.js';
+export { passwordSchema } from '../chunk-BJY4ZUID.js';
+export { hashPassword, verifyPassword } from '../chunk-6WI62GWT.js';
+import 'server-only';

package/dist/auth/validators.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import { passwordSchema } from '../chunk-WO6FHJHG.js';
+import { passwordSchema } from '../chunk-BJY4ZUID.js';
 // src/auth/validators.ts
 function validateEmail(value) {

package/dist/{chunk-WO6FHJHG.js → chunk-6WI62GWT.js} RENAMED Viewed

@@ -1,7 +1,4 @@
-import 'server-only';
-import { z } from 'zod';
-// src/auth/password.ts
+// src/auth/password-hash.ts
 var PASSWORD_PREHASH_DOMAIN = "mars-password-v1";
 async function sha256Prehash(password) {
   const payload = `${PASSWORD_PREHASH_DOMAIN}:${password}`;
@@ -9,10 +6,6 @@ async function sha256Prehash(password) {
   const digest = await crypto.subtle.digest("SHA-256", data);
   return Array.from(new Uint8Array(digest)).map((b) => b.toString(16).padStart(2, "0")).join("");
 }
-var passwordSchema = z.string().min(8, "Password must be at least 8 characters").max(100, "Password must be less than 100 characters").regex(/[A-Z]/, "Password must contain at least one uppercase letter").regex(/[a-z]/, "Password must contain at least one lowercase letter").regex(/[0-9]/, "Password must contain at least one number").regex(/[^A-Za-z0-9]/, "Password must contain at least one special character").refine(
-  (password) => !password.toLowerCase().includes("password"),
-  "Password cannot contain 'password'"
-).refine((password) => !password.includes("123"), "Password cannot contain sequential numbers");
 async function hashPassword(password) {
   const { hash } = await import('bcryptjs');
   const prehashed = await sha256Prehash(password);
@@ -26,4 +19,4 @@ async function verifyPassword(plainPassword, hashedPassword) {
   return compare(plainPassword, hashedPassword);
 }
-export { hashPassword, passwordSchema, verifyPassword };
+export { hashPassword, verifyPassword };

package/dist/chunk-BJY4ZUID.js ADDED Viewed

@@ -0,0 +1,9 @@
+import { z } from 'zod';
+// src/auth/password-schema.ts
+var passwordSchema = z.string().min(8, "Password must be at least 8 characters").max(100, "Password must be less than 100 characters").regex(/[A-Z]/, "Password must contain at least one uppercase letter").regex(/[a-z]/, "Password must contain at least one lowercase letter").regex(/[0-9]/, "Password must contain at least one number").regex(/[^A-Za-z0-9]/, "Password must contain at least one special character").refine(
+  (password) => !password.toLowerCase().includes("password"),
+  "Password cannot contain 'password'"
+).refine((password) => !password.includes("123"), "Password cannot contain sequential numbers");
+export { passwordSchema };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@mars-stack/core",
-  "version": "8.0.0",
+  "version": "8.0.2",
   "license": "MIT",
   "repository": {
     "type": "git",
@@ -32,6 +32,14 @@
       "types": "./dist/auth/password.d.ts",
       "import": "./dist/auth/password.js"
     },
+    "./auth/password-schema": {
+      "types": "./dist/auth/password-schema.d.ts",
+      "import": "./dist/auth/password-schema.js"
+    },
+    "./auth/password-hash": {
+      "types": "./dist/auth/password-hash.d.ts",
+      "import": "./dist/auth/password-hash.js"
+    },
     "./auth/verification": {
       "types": "./dist/auth/verification.d.ts",
       "import": "./dist/auth/verification.js"