npm - @marslanmustafa/input-shield - Versions diffs - 0.1.0 - Mend

@marslanmustafa/input-shield 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

package/LICENSE +21 -0
package/NODEMAILER.md +144 -0
package/README.md +239 -0
package/dist/builder-C10YQjbV.d.cts +123 -0
package/dist/builder-C10YQjbV.d.ts +123 -0
package/dist/chunk-67CBN3U4.cjs +520 -0
package/dist/chunk-67CBN3U4.cjs.map +1 -0
package/dist/chunk-ADGSP522.mjs +506 -0
package/dist/chunk-ADGSP522.mjs.map +1 -0
package/dist/chunk-KVXEPETW.cjs +28 -0
package/dist/chunk-KVXEPETW.cjs.map +1 -0
package/dist/chunk-WACGX73I.mjs +22 -0
package/dist/chunk-WACGX73I.mjs.map +1 -0
package/dist/email.cjs +48 -0
package/dist/email.cjs.map +1 -0
package/dist/email.d.cts +71 -0
package/dist/email.d.ts +71 -0
package/dist/email.mjs +45 -0
package/dist/email.mjs.map +1 -0
package/dist/index.cjs +81 -0
package/dist/index.cjs.map +1 -0
package/dist/index.d.cts +217 -0
package/dist/index.d.ts +217 -0
package/dist/index.mjs +4 -0
package/dist/index.mjs.map +1 -0
package/dist/zod.cjs +59 -0
package/dist/zod.cjs.map +1 -0
package/dist/zod.d.cts +47 -0
package/dist/zod.d.ts +47 -0
package/dist/zod.mjs +53 -0
package/dist/zod.mjs.map +1 -0
package/package.json +105 -0

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,217 @@
+import { V as ValidationResult, G as GibberishSensitivity } from './builder-C10YQjbV.js';
+export { F as FailReason, I as InputShieldValidator, a as ValidationOptions, c as createValidator } from './builder-C10YQjbV.js';
+/**
+ * presets.ts
+ *
+ * Ready-to-use validators for the most common field types.
+ * Zero config — import and call.
+ *
+ * All presets are pre-configured InputShieldValidator instances.
+ * You can also use them as a starting point and extend with .custom():
+ *
+ *   import { usernameValidator } from 'input-shield/presets';
+ *   // They're factories, so each call gives a fresh instance:
+ *   const myValidator = usernameValidator().custom(t => t === 'admin', 'custom', 'reserved name');
+ */
+/**
+ * Username / display name.
+ * 3–30 chars, no profanity, strict gibberish detection, no spam.
+ * Repeated words allowed (e.g. "John John" as a nickname).
+ */
+declare function validateUsername(text: string): ValidationResult;
+/**
+ * Short text / name fields (product name, company name, form title).
+ * 2–100 chars, no profanity, normal gibberish, no spam.
+ */
+declare function validateShortText(text: string, fieldName?: string): ValidationResult;
+/**
+ * Bio / description / about me.
+ * 10–300 chars, no profanity, no spam, loose gibberish (allows natural language).
+ * Repeated words NOT flagged (natural in prose).
+ */
+declare function validateBio(text: string): ValidationResult;
+/**
+ * Long-form text (comment, review, feedback).
+ * 5–2000 chars, no profanity, no spam. No gibberish check
+ * (long text can contain intentional fragments, code, etc.)
+ */
+declare function validateLongText(text: string, fieldName?: string): ValidationResult;
+/**
+ * Search query input.
+ * 1–200 chars, no spam URLs (but allows short/fragmentary text).
+ * Does NOT flag gibberish (code snippets, SKUs, part numbers are valid queries).
+ */
+declare function validateSearchQuery(text: string): ValidationResult;
+/**
+ * normalize.ts
+ *
+ * THREE-STAGE normalization pipeline.
+ * This is THE most important file in the package.
+ *
+ * Stage 1 — Unicode NFKC:
+ *   Collapses compatibility variants before anything else.
+ *   "Ａ" (fullwidth) → "A", "ﬁ" (ligature) → "fi", "𝐅" (math bold) → "F"
+ *   This also handles bidirectional control characters and zero-width spaces.
+ *
+ * Stage 2 — Homoglyph map:
+ *   Catches Cyrillic/Greek/Armenian lookalikes that survive NFKC.
+ *   "о" (U+043E Cyrillic) → "o", "а" (U+0430 Cyrillic) → "a"
+ *   This is the CVE-2025-27611 class of bypass — NFKC alone doesn't fix it.
+ *
+ * Stage 3 — Leet-speak map:
+ *   Classic ASCII substitutions: "3" → "e", "@" → "a", "$" → "s", etc.
+ *   Runs LAST so homoglyphs don't interfere with leet detection.
+ *
+ * Result: "P.0.r.n" → "porn", "ſhit" → "shit", "аss" (Cyrillic а) → "ass"
+ *
+ * IMPORTANT: This output is ONLY for pattern matching — never display it.
+ * Always return error messages that reference the original input.
+ */
+/**
+ * Produce a "skeleton" string for pattern matching ONLY.
+ *
+ * Pipeline:
+ *   raw → NFKC → stripSeparators → homoglyph → lowercase → leet → strip non-alpha → collapse spaces
+ *
+ * @param t - Raw input string
+ * @returns Normalized string safe for regex pattern matching
+ */
+declare function toSkeleton(t: string): string;
+/**
+ * Lightweight normalization for structural checks (length, symbol ratio).
+ * Does NOT apply leet/homoglyph maps — just trims and normalizes whitespace.
+ * Preserves symbols so hasExcessiveSymbols() works correctly.
+ */
+declare function toStructural(t: string): string;
+/**
+ * profanity.ts
+ *
+ * Profanity detection. All patterns run against the skeleton (toSkeleton()),
+ * meaning they automatically handle:
+ *   - Leet-speak:     "f4ck", "@ss", "sh!t"
+ *   - Homoglyphs:     "fuсk" (Cyrillic с), "аss" (Cyrillic а)
+ *   - Separator dots: "f.u.c.k", "s-h-i-t"
+ *   - Fullwidth:      "ｆｕｃｋ"
+ *   - Repeated chars: "fuuuuck", "shhhhit"
+ *
+ * Pattern design:
+ *   - Use \b word boundaries so "classic" doesn't match "ass"
+ *   - Use + quantifiers to catch character stretching ("fuuuuck")
+ *   - Cover plurals and -er/-ing forms (shits, bitch, bitching)
+ */
+/**
+ * Returns true if the skeleton of `text` matches any profanity pattern.
+ * Always check skeleton — never raw — so bypasses don't work.
+ */
+declare function containsProfanity(text: string): boolean;
+/**
+ * Returns the specific pattern that matched, or null.
+ * Useful for debug logging (never expose to users directly).
+ */
+declare function getMatchedProfanityPattern(text: string): RegExp | null;
+/**
+ * spam.ts
+ *
+ * Spam detection.
+ *
+ * CRITICAL DESIGN DECISION:
+ *   URL and domain patterns MUST run on the raw (or NFKC-only) text.
+ *   If you normalize first (stripping dots, slashes, colons), URLs become
+ *   undetectable. "https://spam.com" → after skeleton → "httpsspamcom" which
+ *   no URL regex can match.
+ *
+ *   So: keyword spam runs on skeleton (catches leet evasion),
+ *       URL/domain spam runs on NFKC-normalized raw text only.
+ */
+/**
+ * Returns true if text contains spam keywords (checked on skeleton)
+ * or URLs/domains (checked on NFKC-only normalized text).
+ */
+declare function containsSpam(text: string): boolean;
+/**
+ * gibberish.ts
+ *
+ * Gibberish / keyboard-mash detection with a configurable sensitivity scale.
+ *
+ * Why sensitivity levels?
+ *   "Strict" mode is needed for display names & usernames.
+ *   "Loose" mode prevents false positives on:
+ *     - Polish names:        "Krzysztof", "Szczepański"
+ *     - Technical strings:   "kubectl", "nginx", "src"
+ *     - Abbreviations:       "HVAC", "VLSI"
+ *     - Short legitimate words like "nth", "gym", "lynx"
+ *
+ * Heuristics used (layered by sensitivity):
+ *   LOOSE:  7+ consonants in a row (obvious keyboard mash only)
+ *   NORMAL: 6+ consonants in a row OR vowel ratio < 10% on words ≥ 8 chars
+ *   STRICT: 5+ consonants in a row OR vowel ratio < 15% on words ≥ 6 chars
+ *           OR no vowels at all on words ≥ 4 chars
+ *
+ * All checks run on the skeleton so leet/homoglyphs are already resolved.
+ */
+/**
+ * Returns true if any word in the text looks like gibberish.
+ *
+ * Filters out very short words (< 4 chars) before applying heuristics
+ * to prevent false positives on "by", "mr", "st", "nth", etc.
+ */
+declare function isGibberish(text: string, sensitivity?: GibberishSensitivity): boolean;
+/**
+ * Returns true if the text contains 5+ of the same character consecutively.
+ * e.g. "aaaaaaa", "!!!!!!", "heeeeey" (5 e's)
+ * Runs on skeleton so leet chars are already resolved.
+ */
+declare function hasRepeatingChars(text: string): boolean;
+/**
+ * structure.ts
+ *
+ * Structural quality checks. These run on the NFKC-normalized original text
+ * (not the full skeleton), because they're measuring the *shape* of the input
+ * (symbol density, letter presence) — not its semantic content.
+ *
+ * Running these on the skeleton would give wrong results because the skeleton
+ * strips ALL symbols, making everything look clean structurally.
+ */
+/**
+ * Returns true if more than 40% of characters are symbols
+ * (not letters, digits, or whitespace).
+ *
+ * Short strings (< 5 chars) are excluded — too noisy to judge.
+ * e.g. "!!??@@##" → 100% symbols → flagged
+ *      "Hello!!"  → 22% symbols → pass
+ */
+declare function hasExcessiveSymbols(text: string): boolean;
+/**
+ * Returns true if fewer than 20% of characters are letters AND
+ * there are fewer than 3 total letter characters.
+ *
+ * This catches strings like "123 456", "--- ---", "42", "!2!"
+ * but allows legitimate short inputs like "QA", "IT", "Go".
+ *
+ * Both conditions must be true to avoid false positives.
+ */
+declare function hasLowAlphabetRatio(text: string): boolean;
+/**
+ * Detects repeated *content* words (length > 3).
+ * Stop words ("the", "and", "for") are excluded to avoid false positives
+ * in natural English sentences.
+ *
+ * Flags only when 2+ distinct content words appear more than once.
+ * "the cat sat on the mat" → 0 repeated content words → pass
+ * "cat cat cat dog dog"    → "cat" repeated, "dog" repeated → flag
+ */
+declare function hasRepeatedContentWords(text: string): boolean;
+/**
+ * Returns true if the skeleton of `text` exactly matches a known low-effort phrase.
+ */
+declare function isLowEffortExact(skeletonText: string): boolean;
+export { GibberishSensitivity, ValidationResult, containsProfanity, containsSpam, getMatchedProfanityPattern, hasExcessiveSymbols, hasLowAlphabetRatio, hasRepeatedContentWords, hasRepeatingChars, isGibberish, isLowEffortExact, toSkeleton, toStructural, validateBio, validateLongText, validateSearchQuery, validateShortText, validateUsername };

package/dist/index.mjs ADDED Viewed

@@ -0,0 +1,4 @@
+export { validateBio, validateLongText, validateSearchQuery, validateShortText, validateUsername } from './chunk-WACGX73I.mjs';
+export { InputShieldValidator, containsProfanity, containsSpam, createValidator, getMatchedProfanityPattern, hasExcessiveSymbols, hasLowAlphabetRatio, hasRepeatedContentWords, hasRepeatingChars, isGibberish, isLowEffortExact, toSkeleton, toStructural } from './chunk-ADGSP522.mjs';
+//# sourceMappingURL=index.mjs.map
+//# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"sources":[],"names":[],"mappings":"","file":"index.mjs"}

package/dist/zod.cjs ADDED Viewed

@@ -0,0 +1,59 @@
+'use strict';
+var chunkKVXEPETW_cjs = require('./chunk-KVXEPETW.cjs');
+var chunk67CBN3U4_cjs = require('./chunk-67CBN3U4.cjs');
+var zod = require('zod');
+function shieldString(configure) {
+  const validator = configure(chunk67CBN3U4_cjs.createValidator());
+  return zod.z.string().superRefine((val, ctx) => {
+    const result = validator.validate(val);
+    if (!result.isValid) {
+      ctx.addIssue({
+        code: zod.z.ZodIssueCode.custom,
+        message: result.message,
+        params: { reason: result.reason }
+      });
+    }
+  });
+}
+function zodUsername() {
+  return zod.z.string().superRefine((val, ctx) => {
+    const result = chunkKVXEPETW_cjs.validateUsername(val);
+    if (!result.isValid) {
+      ctx.addIssue({ code: zod.z.ZodIssueCode.custom, message: result.message });
+    }
+  });
+}
+function zodBio() {
+  return zod.z.string().superRefine((val, ctx) => {
+    const result = chunkKVXEPETW_cjs.validateBio(val);
+    if (!result.isValid) {
+      ctx.addIssue({ code: zod.z.ZodIssueCode.custom, message: result.message });
+    }
+  });
+}
+function zodShortText(fieldName) {
+  return zod.z.string().superRefine((val, ctx) => {
+    const result = chunkKVXEPETW_cjs.validateShortText(val, fieldName);
+    if (!result.isValid) {
+      ctx.addIssue({ code: zod.z.ZodIssueCode.custom, message: result.message });
+    }
+  });
+}
+function zodLongText(fieldName) {
+  return zod.z.string().superRefine((val, ctx) => {
+    const result = chunkKVXEPETW_cjs.validateLongText(val, fieldName);
+    if (!result.isValid) {
+      ctx.addIssue({ code: zod.z.ZodIssueCode.custom, message: result.message });
+    }
+  });
+}
+exports.shieldString = shieldString;
+exports.zodBio = zodBio;
+exports.zodLongText = zodLongText;
+exports.zodShortText = zodShortText;
+exports.zodUsername = zodUsername;
+//# sourceMappingURL=zod.cjs.map
+//# sourceMappingURL=zod.cjs.map

package/dist/zod.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/zod.ts"],"names":["createValidator","z","validateUsername","validateBio","validateShortText","validateLongText"],"mappings":";;;;;;AA0CO,SAAS,aACd,SAAA,EAC2B;AAC3B,EAAA,MAAM,SAAA,GAAY,SAAA,CAAUA,iCAAA,EAAiB,CAAA;AAC7C,EAAA,OAAOC,MAAE,MAAA,EAAO,CAAE,WAAA,CAAY,CAAC,KAAK,GAAA,KAAQ;AAC1C,IAAA,MAAM,MAAA,GAAS,SAAA,CAAU,QAAA,CAAS,GAAG,CAAA;AACrC,IAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,MAAA,GAAA,CAAI,QAAA,CAAS;AAAA,QACX,IAAA,EAAMA,MAAE,YAAA,CAAa,MAAA;AAAA,QACrB,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,MAAA,EAAQ,EAAE,MAAA,EAAQ,MAAA,CAAO,MAAA;AAAO,OACjC,CAAA;AAAA,IACH;AAAA,EACF,CAAC,CAAA;AACH;AAGO,SAAS,WAAA,GAAyC;AACvD,EAAA,OAAOA,MAAE,MAAA,EAAO,CAAE,WAAA,CAAY,CAAC,KAAK,GAAA,KAAQ;AAC1C,IAAA,MAAM,MAAA,GAASC,mCAAiB,GAAG,CAAA;AACnC,IAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,MAAA,GAAA,CAAI,QAAA,CAAS,EAAE,IAAA,EAAMD,KAAA,CAAE,aAAa,MAAA,EAAQ,OAAA,EAAS,MAAA,CAAO,OAAA,EAAS,CAAA;AAAA,IACvE;AAAA,EACF,CAAC,CAAA;AACH;AAGO,SAAS,MAAA,GAAoC;AAClD,EAAA,OAAOA,MAAE,MAAA,EAAO,CAAE,WAAA,CAAY,CAAC,KAAK,GAAA,KAAQ;AAC1C,IAAA,MAAM,MAAA,GAASE,8BAAY,GAAG,CAAA;AAC9B,IAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,MAAA,GAAA,CAAI,QAAA,CAAS,EAAE,IAAA,EAAMF,KAAA,CAAE,aAAa,MAAA,EAAQ,OAAA,EAAS,MAAA,CAAO,OAAA,EAAS,CAAA;AAAA,IACvE;AAAA,EACF,CAAC,CAAA;AACH;AAGO,SAAS,aAAa,SAAA,EAA+C;AAC1E,EAAA,OAAOA,MAAE,MAAA,EAAO,CAAE,WAAA,CAAY,CAAC,KAAK,GAAA,KAAQ;AAC1C,IAAA,MAAM,MAAA,GAASG,mCAAA,CAAkB,GAAA,EAAK,SAAS,CAAA;AAC/C,IAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,MAAA,GAAA,CAAI,QAAA,CAAS,EAAE,IAAA,EAAMH,KAAA,CAAE,aAAa,MAAA,EAAQ,OAAA,EAAS,MAAA,CAAO,OAAA,EAAS,CAAA;AAAA,IACvE;AAAA,EACF,CAAC,CAAA;AACH;AAGO,SAAS,YAAY,SAAA,EAA+C;AACzE,EAAA,OAAOA,MAAE,MAAA,EAAO,CAAE,WAAA,CAAY,CAAC,KAAK,GAAA,KAAQ;AAC1C,IAAA,MAAM,MAAA,GAASI,kCAAA,CAAiB,GAAA,EAAK,SAAS,CAAA;AAC9C,IAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,MAAA,GAAA,CAAI,QAAA,CAAS,EAAE,IAAA,EAAMJ,KAAA,CAAE,aAAa,MAAA,EAAQ,OAAA,EAAS,MAAA,CAAO,OAAA,EAAS,CAAA;AAAA,IACvE;AAAA,EACF,CAAC,CAAA;AACH","file":"zod.cjs","sourcesContent":["/**\n * zod.ts (exported as 'input-shield/zod')\n *\n * Zod integration helpers. Import from the subpath to keep Zod out of the\n * main bundle if you don't use it — zero cost if unused.\n *\n * Usage:\n * import { z } from 'zod';\n * import { shieldString } from 'input-shield/zod';\n *\n * const schema = z.object({\n * username: shieldString(v => v.min(3).max(20).noProfanity().noGibberish()),\n * bio: shieldString(v => v.min(10).max(300).noProfanity().noSpam()),\n * });\n *\n * Or use the preset helpers:\n * import { zodUsername, zodBio } from 'input-shield/zod';\n *\n * const schema = z.object({\n * username: zodUsername(),\n * bio: zodBio(),\n * });\n */\n\nimport { z } from 'zod';\nimport { createValidator, InputShieldValidator } from './validators/builder.js';\nimport {\n validateUsername,\n validateBio,\n validateShortText,\n validateLongText,\n} from './validators/presets.js';\n\n/**\n * Wraps a configured InputShieldValidator as a Zod string schema.\n *\n * @param configure - Callback that receives a fresh validator and returns it configured\n * @returns z.ZodEffects<z.ZodString>\n *\n * @example\n * shieldString(v => v.field('Bio').min(10).noProfanity().noSpam())\n */\nexport function shieldString(\n configure: (v: InputShieldValidator) => InputShieldValidator\n): z.ZodEffects<z.ZodString> {\n const validator = configure(createValidator());\n return z.string().superRefine((val, ctx) => {\n const result = validator.validate(val);\n if (!result.isValid) {\n ctx.addIssue({\n code: z.ZodIssueCode.custom,\n message: result.message,\n params: { reason: result.reason },\n });\n }\n });\n}\n\n/** Zod schema for usernames (3–30 chars, no profanity, strict gibberish) */\nexport function zodUsername(): z.ZodEffects<z.ZodString> {\n return z.string().superRefine((val, ctx) => {\n const result = validateUsername(val);\n if (!result.isValid) {\n ctx.addIssue({ code: z.ZodIssueCode.custom, message: result.message });\n }\n });\n}\n\n/** Zod schema for bios (10–300 chars, no profanity, no spam) */\nexport function zodBio(): z.ZodEffects<z.ZodString> {\n return z.string().superRefine((val, ctx) => {\n const result = validateBio(val);\n if (!result.isValid) {\n ctx.addIssue({ code: z.ZodIssueCode.custom, message: result.message });\n }\n });\n}\n\n/** Zod schema for short text fields (2–100 chars) */\nexport function zodShortText(fieldName?: string): z.ZodEffects<z.ZodString> {\n return z.string().superRefine((val, ctx) => {\n const result = validateShortText(val, fieldName);\n if (!result.isValid) {\n ctx.addIssue({ code: z.ZodIssueCode.custom, message: result.message });\n }\n });\n}\n\n/** Zod schema for long text / comments (5–2000 chars) */\nexport function zodLongText(fieldName?: string): z.ZodEffects<z.ZodString> {\n return z.string().superRefine((val, ctx) => {\n const result = validateLongText(val, fieldName);\n if (!result.isValid) {\n ctx.addIssue({ code: z.ZodIssueCode.custom, message: result.message });\n }\n });\n}\n"]}

package/dist/zod.d.cts ADDED Viewed

@@ -0,0 +1,47 @@
+import { z } from 'zod';
+import { I as InputShieldValidator } from './builder-C10YQjbV.cjs';
+/**
+ * zod.ts  (exported as 'input-shield/zod')
+ *
+ * Zod integration helpers. Import from the subpath to keep Zod out of the
+ * main bundle if you don't use it — zero cost if unused.
+ *
+ * Usage:
+ *   import { z } from 'zod';
+ *   import { shieldString } from 'input-shield/zod';
+ *
+ *   const schema = z.object({
+ *     username: shieldString(v => v.min(3).max(20).noProfanity().noGibberish()),
+ *     bio:      shieldString(v => v.min(10).max(300).noProfanity().noSpam()),
+ *   });
+ *
+ * Or use the preset helpers:
+ *   import { zodUsername, zodBio } from 'input-shield/zod';
+ *
+ *   const schema = z.object({
+ *     username: zodUsername(),
+ *     bio: zodBio(),
+ *   });
+ */
+/**
+ * Wraps a configured InputShieldValidator as a Zod string schema.
+ *
+ * @param configure - Callback that receives a fresh validator and returns it configured
+ * @returns z.ZodEffects<z.ZodString>
+ *
+ * @example
+ * shieldString(v => v.field('Bio').min(10).noProfanity().noSpam())
+ */
+declare function shieldString(configure: (v: InputShieldValidator) => InputShieldValidator): z.ZodEffects<z.ZodString>;
+/** Zod schema for usernames (3–30 chars, no profanity, strict gibberish) */
+declare function zodUsername(): z.ZodEffects<z.ZodString>;
+/** Zod schema for bios (10–300 chars, no profanity, no spam) */
+declare function zodBio(): z.ZodEffects<z.ZodString>;
+/** Zod schema for short text fields (2–100 chars) */
+declare function zodShortText(fieldName?: string): z.ZodEffects<z.ZodString>;
+/** Zod schema for long text / comments (5–2000 chars) */
+declare function zodLongText(fieldName?: string): z.ZodEffects<z.ZodString>;
+export { shieldString, zodBio, zodLongText, zodShortText, zodUsername };

package/dist/zod.d.ts ADDED Viewed

@@ -0,0 +1,47 @@
+import { z } from 'zod';
+import { I as InputShieldValidator } from './builder-C10YQjbV.js';
+/**
+ * zod.ts  (exported as 'input-shield/zod')
+ *
+ * Zod integration helpers. Import from the subpath to keep Zod out of the
+ * main bundle if you don't use it — zero cost if unused.
+ *
+ * Usage:
+ *   import { z } from 'zod';
+ *   import { shieldString } from 'input-shield/zod';
+ *
+ *   const schema = z.object({
+ *     username: shieldString(v => v.min(3).max(20).noProfanity().noGibberish()),
+ *     bio:      shieldString(v => v.min(10).max(300).noProfanity().noSpam()),
+ *   });
+ *
+ * Or use the preset helpers:
+ *   import { zodUsername, zodBio } from 'input-shield/zod';
+ *
+ *   const schema = z.object({
+ *     username: zodUsername(),
+ *     bio: zodBio(),
+ *   });
+ */
+/**
+ * Wraps a configured InputShieldValidator as a Zod string schema.
+ *
+ * @param configure - Callback that receives a fresh validator and returns it configured
+ * @returns z.ZodEffects<z.ZodString>
+ *
+ * @example
+ * shieldString(v => v.field('Bio').min(10).noProfanity().noSpam())
+ */
+declare function shieldString(configure: (v: InputShieldValidator) => InputShieldValidator): z.ZodEffects<z.ZodString>;
+/** Zod schema for usernames (3–30 chars, no profanity, strict gibberish) */
+declare function zodUsername(): z.ZodEffects<z.ZodString>;
+/** Zod schema for bios (10–300 chars, no profanity, no spam) */
+declare function zodBio(): z.ZodEffects<z.ZodString>;
+/** Zod schema for short text fields (2–100 chars) */
+declare function zodShortText(fieldName?: string): z.ZodEffects<z.ZodString>;
+/** Zod schema for long text / comments (5–2000 chars) */
+declare function zodLongText(fieldName?: string): z.ZodEffects<z.ZodString>;
+export { shieldString, zodBio, zodLongText, zodShortText, zodUsername };

package/dist/zod.mjs ADDED Viewed

@@ -0,0 +1,53 @@
+import { validateUsername, validateBio, validateShortText, validateLongText } from './chunk-WACGX73I.mjs';
+import { createValidator } from './chunk-ADGSP522.mjs';
+import { z } from 'zod';
+function shieldString(configure) {
+  const validator = configure(createValidator());
+  return z.string().superRefine((val, ctx) => {
+    const result = validator.validate(val);
+    if (!result.isValid) {
+      ctx.addIssue({
+        code: z.ZodIssueCode.custom,
+        message: result.message,
+        params: { reason: result.reason }
+      });
+    }
+  });
+}
+function zodUsername() {
+  return z.string().superRefine((val, ctx) => {
+    const result = validateUsername(val);
+    if (!result.isValid) {
+      ctx.addIssue({ code: z.ZodIssueCode.custom, message: result.message });
+    }
+  });
+}
+function zodBio() {
+  return z.string().superRefine((val, ctx) => {
+    const result = validateBio(val);
+    if (!result.isValid) {
+      ctx.addIssue({ code: z.ZodIssueCode.custom, message: result.message });
+    }
+  });
+}
+function zodShortText(fieldName) {
+  return z.string().superRefine((val, ctx) => {
+    const result = validateShortText(val, fieldName);
+    if (!result.isValid) {
+      ctx.addIssue({ code: z.ZodIssueCode.custom, message: result.message });
+    }
+  });
+}
+function zodLongText(fieldName) {
+  return z.string().superRefine((val, ctx) => {
+    const result = validateLongText(val, fieldName);
+    if (!result.isValid) {
+      ctx.addIssue({ code: z.ZodIssueCode.custom, message: result.message });
+    }
+  });
+}
+export { shieldString, zodBio, zodLongText, zodShortText, zodUsername };
+//# sourceMappingURL=zod.mjs.map
+//# sourceMappingURL=zod.mjs.map

package/dist/zod.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/zod.ts"],"names":[],"mappings":";;;;AA0CO,SAAS,aACd,SAAA,EAC2B;AAC3B,EAAA,MAAM,SAAA,GAAY,SAAA,CAAU,eAAA,EAAiB,CAAA;AAC7C,EAAA,OAAO,EAAE,MAAA,EAAO,CAAE,WAAA,CAAY,CAAC,KAAK,GAAA,KAAQ;AAC1C,IAAA,MAAM,MAAA,GAAS,SAAA,CAAU,QAAA,CAAS,GAAG,CAAA;AACrC,IAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,MAAA,GAAA,CAAI,QAAA,CAAS;AAAA,QACX,IAAA,EAAM,EAAE,YAAA,CAAa,MAAA;AAAA,QACrB,SAAS,MAAA,CAAO,OAAA;AAAA,QAChB,MAAA,EAAQ,EAAE,MAAA,EAAQ,MAAA,CAAO,MAAA;AAAO,OACjC,CAAA;AAAA,IACH;AAAA,EACF,CAAC,CAAA;AACH;AAGO,SAAS,WAAA,GAAyC;AACvD,EAAA,OAAO,EAAE,MAAA,EAAO,CAAE,WAAA,CAAY,CAAC,KAAK,GAAA,KAAQ;AAC1C,IAAA,MAAM,MAAA,GAAS,iBAAiB,GAAG,CAAA;AACnC,IAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,MAAA,GAAA,CAAI,QAAA,CAAS,EAAE,IAAA,EAAM,CAAA,CAAE,aAAa,MAAA,EAAQ,OAAA,EAAS,MAAA,CAAO,OAAA,EAAS,CAAA;AAAA,IACvE;AAAA,EACF,CAAC,CAAA;AACH;AAGO,SAAS,MAAA,GAAoC;AAClD,EAAA,OAAO,EAAE,MAAA,EAAO,CAAE,WAAA,CAAY,CAAC,KAAK,GAAA,KAAQ;AAC1C,IAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,IAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,MAAA,GAAA,CAAI,QAAA,CAAS,EAAE,IAAA,EAAM,CAAA,CAAE,aAAa,MAAA,EAAQ,OAAA,EAAS,MAAA,CAAO,OAAA,EAAS,CAAA;AAAA,IACvE;AAAA,EACF,CAAC,CAAA;AACH;AAGO,SAAS,aAAa,SAAA,EAA+C;AAC1E,EAAA,OAAO,EAAE,MAAA,EAAO,CAAE,WAAA,CAAY,CAAC,KAAK,GAAA,KAAQ;AAC1C,IAAA,MAAM,MAAA,GAAS,iBAAA,CAAkB,GAAA,EAAK,SAAS,CAAA;AAC/C,IAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,MAAA,GAAA,CAAI,QAAA,CAAS,EAAE,IAAA,EAAM,CAAA,CAAE,aAAa,MAAA,EAAQ,OAAA,EAAS,MAAA,CAAO,OAAA,EAAS,CAAA;AAAA,IACvE;AAAA,EACF,CAAC,CAAA;AACH;AAGO,SAAS,YAAY,SAAA,EAA+C;AACzE,EAAA,OAAO,EAAE,MAAA,EAAO,CAAE,WAAA,CAAY,CAAC,KAAK,GAAA,KAAQ;AAC1C,IAAA,MAAM,MAAA,GAAS,gBAAA,CAAiB,GAAA,EAAK,SAAS,CAAA;AAC9C,IAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,MAAA,GAAA,CAAI,QAAA,CAAS,EAAE,IAAA,EAAM,CAAA,CAAE,aAAa,MAAA,EAAQ,OAAA,EAAS,MAAA,CAAO,OAAA,EAAS,CAAA;AAAA,IACvE;AAAA,EACF,CAAC,CAAA;AACH","file":"zod.mjs","sourcesContent":["/**\n * zod.ts (exported as 'input-shield/zod')\n *\n * Zod integration helpers. Import from the subpath to keep Zod out of the\n * main bundle if you don't use it — zero cost if unused.\n *\n * Usage:\n * import { z } from 'zod';\n * import { shieldString } from 'input-shield/zod';\n *\n * const schema = z.object({\n * username: shieldString(v => v.min(3).max(20).noProfanity().noGibberish()),\n * bio: shieldString(v => v.min(10).max(300).noProfanity().noSpam()),\n * });\n *\n * Or use the preset helpers:\n * import { zodUsername, zodBio } from 'input-shield/zod';\n *\n * const schema = z.object({\n * username: zodUsername(),\n * bio: zodBio(),\n * });\n */\n\nimport { z } from 'zod';\nimport { createValidator, InputShieldValidator } from './validators/builder.js';\nimport {\n validateUsername,\n validateBio,\n validateShortText,\n validateLongText,\n} from './validators/presets.js';\n\n/**\n * Wraps a configured InputShieldValidator as a Zod string schema.\n *\n * @param configure - Callback that receives a fresh validator and returns it configured\n * @returns z.ZodEffects<z.ZodString>\n *\n * @example\n * shieldString(v => v.field('Bio').min(10).noProfanity().noSpam())\n */\nexport function shieldString(\n configure: (v: InputShieldValidator) => InputShieldValidator\n): z.ZodEffects<z.ZodString> {\n const validator = configure(createValidator());\n return z.string().superRefine((val, ctx) => {\n const result = validator.validate(val);\n if (!result.isValid) {\n ctx.addIssue({\n code: z.ZodIssueCode.custom,\n message: result.message,\n params: { reason: result.reason },\n });\n }\n });\n}\n\n/** Zod schema for usernames (3–30 chars, no profanity, strict gibberish) */\nexport function zodUsername(): z.ZodEffects<z.ZodString> {\n return z.string().superRefine((val, ctx) => {\n const result = validateUsername(val);\n if (!result.isValid) {\n ctx.addIssue({ code: z.ZodIssueCode.custom, message: result.message });\n }\n });\n}\n\n/** Zod schema for bios (10–300 chars, no profanity, no spam) */\nexport function zodBio(): z.ZodEffects<z.ZodString> {\n return z.string().superRefine((val, ctx) => {\n const result = validateBio(val);\n if (!result.isValid) {\n ctx.addIssue({ code: z.ZodIssueCode.custom, message: result.message });\n }\n });\n}\n\n/** Zod schema for short text fields (2–100 chars) */\nexport function zodShortText(fieldName?: string): z.ZodEffects<z.ZodString> {\n return z.string().superRefine((val, ctx) => {\n const result = validateShortText(val, fieldName);\n if (!result.isValid) {\n ctx.addIssue({ code: z.ZodIssueCode.custom, message: result.message });\n }\n });\n}\n\n/** Zod schema for long text / comments (5–2000 chars) */\nexport function zodLongText(fieldName?: string): z.ZodEffects<z.ZodString> {\n return z.string().superRefine((val, ctx) => {\n const result = validateLongText(val, fieldName);\n if (!result.isValid) {\n ctx.addIssue({ code: z.ZodIssueCode.custom, message: result.message });\n }\n });\n}\n"]}

package/package.json ADDED Viewed

@@ -0,0 +1,105 @@
+{
+  "name": "@marslanmustafa/input-shield",
+  "version": "0.1.0",
+  "description": "One install. No config. Clean inputs. Profanity, spam, gibberish, and homoglyph detection in a single TypeScript-native zero-dependency package.",
+  "author": {
+    "name": "Muhammad Arslan Mustafa",
+    "email": "marslanmustafa391@gmail.com",
+    "url": "https://marslanmustafa.com"
+  },
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/marslanmustafa/input-shield"
+  },
+  "homepage": "https://github.com/marslanmustafa/input-shield#readme",
+  "bugs": {
+    "url": "https://github.com/marslanmustafa/input-shield/issues"
+  },
+  "type": "module",
+  "sideEffects": false,
+  "exports": {
+    ".": {
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.cjs",
+      "types": "./dist/index.d.ts"
+    },
+    "./zod": {
+      "import": "./dist/zod.mjs",
+      "require": "./dist/zod.cjs",
+      "types": "./dist/zod.d.ts"
+    },
+    "./email": {
+      "import": "./dist/email.mjs",
+      "require": "./dist/email.cjs",
+      "types": "./dist/email.d.ts"
+    }
+  },
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.mjs",
+  "types": "./dist/index.d.ts",
+  "files": [
+    "dist",
+    "README.md",
+    "NODEMAILER.md",
+    "LICENSE",
+    "CHANGELOG.md"
+  ],
+  "keywords": [
+    "profanity",
+    "profanity-filter",
+    "spam-detection",
+    "gibberish",
+    "input-validation",
+    "text-validation",
+    "content-moderation",
+    "leet-speak",
+    "homoglyph",
+    "unicode",
+    "typescript",
+    "zero-dependency",
+    "form-validation",
+    "zod"
+  ],
+  "scripts": {
+    "build": "tsup",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "coverage": "vitest run --coverage",
+    "lint": "tsc --noEmit",
+    "size": "size-limit",
+    "prepublishOnly": "npm run lint && npm run test && npm run build",
+    "release:patch": "npm version patch && git push --follow-tags",
+    "release:minor": "npm version minor && git push --follow-tags",
+    "release:major": "npm version major && git push --follow-tags"
+  },
+  "devDependencies": {
+    "@size-limit/preset-small-lib": "^11.0.0",
+    "@vitest/coverage-v8": "^1.6.0",
+    "tsup": "^8.0.0",
+    "typescript": "^5.4.0",
+    "vitest": "^1.6.0",
+    "zod": "^3.22.0"
+  },
+  "peerDependencies": {
+    "zod": ">=3.0.0"
+  },
+  "peerDependenciesMeta": {
+    "zod": {
+      "optional": true
+    }
+  },
+  "size-limit": [
+    {
+      "path": "./dist/index.mjs",
+      "limit": "8 KB"
+    },
+    {
+      "path": "./dist/zod.mjs",
+      "limit": "2 KB"
+    }
+  ],
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}