npm - @memberjunction/global - Versions diffs - 3.2.0 → 3.3.0 - Mend

@memberjunction/global 3.2.0 → 3.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/SQLExpressionValidator.d.ts +125 -0
package/dist/SQLExpressionValidator.d.ts.map +1 -0
package/dist/SQLExpressionValidator.js +270 -0
package/dist/SQLExpressionValidator.js.map +1 -0
package/dist/index.d.ts +1 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +1 -0
package/dist/index.js.map +1 -1
package/package.json +1 -1

package/dist/SQLExpressionValidator.d.ts ADDED Viewed

@@ -0,0 +1,125 @@
+/**
+ * @fileoverview Unified SQL Expression Validation
+ *
+ * Central utility for validating user-provided SQL expressions against injection attacks.
+ * Used by RunView, aggregates, smart filters, and any other feature accepting SQL input.
+ *
+ * Located in MJGlobal (lowest-level package) so all packages can use it.
+ *
+ * @module @memberjunction/global/SQLExpressionValidator
+ */
+/**
+ * Dangerous SQL keywords that are never allowed in user-provided expressions
+ */
+export declare const DANGEROUS_SQL_KEYWORDS: readonly ["DROP", "CREATE", "ALTER", "TRUNCATE", "RENAME", "INSERT", "UPDATE", "DELETE", "MERGE", "REPLACE", "GRANT", "REVOKE", "DENY", "EXEC", "EXECUTE", "CALL", "PROCEDURE", "FUNCTION", "BEGIN", "COMMIT", "ROLLBACK", "SAVEPOINT", "USE", "DATABASE", "SCHEMA", "IF", "WHILE", "LOOP", "FOR", "GOTO", "UNION", "INTERSECT", "EXCEPT", "EXISTS", "ANY", "ALL", "SOME", "BULK", "OPENROWSET", "OPENDATASOURCE", "OPENQUERY", "XP_", "SP_", "DYNAMIC", "PREPARE", "DEALLOCATE", "WAITFOR", "DELAY", "SLEEP", "SHUTDOWN", "RECONFIGURE"];
+/**
+ * Safe SQL functions allowed in expressions, organized by category
+ */
+export declare const ALLOWED_SQL_FUNCTIONS: {
+    readonly aggregates: readonly ["COUNT", "COUNT_BIG", "SUM", "AVG", "MIN", "MAX", "STDEV", "STDEVP", "VAR", "VARP", "STRING_AGG", "CHECKSUM_AGG"];
+    readonly math: readonly ["ABS", "CEILING", "FLOOR", "ROUND", "POWER", "SQRT", "LOG", "LOG10", "EXP", "SIGN", "RAND"];
+    readonly string: readonly ["LEN", "LENGTH", "UPPER", "LOWER", "LTRIM", "RTRIM", "TRIM", "LEFT", "RIGHT", "SUBSTRING", "CHARINDEX", "REPLACE", "CONCAT", "STUFF"];
+    readonly date: readonly ["DATEPART", "DATEDIFF", "DATEADD", "YEAR", "MONTH", "DAY", "HOUR", "MINUTE", "SECOND", "GETDATE", "GETUTCDATE", "SYSDATETIME", "EOMONTH"];
+    readonly conversion: readonly ["CAST", "CONVERT", "TRY_CAST", "TRY_CONVERT", "FORMAT"];
+    readonly nullHandling: readonly ["ISNULL", "COALESCE", "NULLIF", "IIF"];
+    readonly conditional: readonly ["CASE", "WHEN", "THEN", "ELSE", "END"];
+    readonly logical: readonly ["AND", "OR", "NOT", "IS", "NULL", "LIKE", "BETWEEN", "IN"];
+    readonly ordering: readonly ["ASC", "ASCENDING", "DESC", "DESCENDING", "OVER", "PARTITION", "BY", "ORDER", "ROWS", "RANGE", "UNBOUNDED", "PRECEDING", "FOLLOWING", "CURRENT", "ROW"];
+};
+/**
+ * Validation context - affects what's allowed
+ */
+export type SQLValidationContext = 'where_clause' | 'order_by' | 'aggregate' | 'field_reference';
+/**
+ * Validation result with detailed error information
+ */
+export interface SQLValidationResult {
+    /** Whether the expression passed validation */
+    valid: boolean;
+    /** Error message if validation failed */
+    error?: string;
+    /** Specific keyword or pattern that triggered the error */
+    trigger?: string;
+    /** Suggested fix if available */
+    suggestion?: string;
+}
+/**
+ * Options for SQL expression validation
+ */
+export interface SQLValidationOptions {
+    /** Validation context affects what's allowed */
+    context: SQLValidationContext;
+    /** Entity field names for validation (optional - enables field checking) */
+    entityFields?: string[];
+    /** Whether to require at least one aggregate function (for 'aggregate' context). Default: true for aggregate context */
+    requireAggregate?: boolean;
+    /** Whether to allow SELECT keyword (normally blocked for subquery prevention) */
+    allowSubqueries?: boolean;
+    /** Custom allowed keywords/functions to add */
+    additionalAllowed?: string[];
+    /** Custom blocked keywords to add */
+    additionalBlocked?: string[];
+}
+/**
+ * Central SQL expression validator for preventing SQL injection.
+ *
+ * Provides context-aware validation for different types of SQL expressions
+ * (WHERE clauses, ORDER BY, aggregates, etc.) with detailed error reporting.
+ *
+ * @example
+ * ```typescript
+ * const validator = SQLExpressionValidator.Instance;
+ *
+ * // Validate an aggregate expression
+ * const result = validator.validate('SUM(OrderTotal)', {
+ *   context: 'aggregate',
+ *   entityFields: ['OrderTotal', 'Quantity', 'Price']
+ * });
+ *
+ * if (!result.valid) {
+ *   console.error(result.error);
+ * }
+ * ```
+ */
+export declare class SQLExpressionValidator {
+    private static _instance;
+    private constructor();
+    /**
+     * Gets the singleton instance of the validator
+     */
+    static get Instance(): SQLExpressionValidator;
+    /**
+     * Validate a SQL expression for injection and allowed patterns.
+     *
+     * @param expression The SQL expression to validate
+     * @param options Validation options including context and entity fields
+     * @returns Validation result with error details if invalid
+     */
+    validate(expression: string, options: SQLValidationOptions): SQLValidationResult;
+    /**
+     * Remove string literals to avoid false positives in keyword detection.
+     * Handles both single and double quoted strings with escaped quotes.
+     */
+    private removeStringLiterals;
+    /**
+     * Check for dangerous SQL patterns that indicate injection attempts
+     */
+    private checkDangerousPatterns;
+    /**
+     * Check that function names are in the allowlist
+     */
+    private checkFunctionNames;
+    /**
+     * Context-specific validation rules
+     */
+    private checkContextRules;
+    /**
+     * Validate field references exist in entity (lenient mode - just for logging)
+     */
+    private checkFieldReferences;
+    /**
+     * Escape special regex characters in a string
+     */
+    private escapeRegex;
+}
+//# sourceMappingURL=SQLExpressionValidator.d.ts.map

package/dist/SQLExpressionValidator.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SQLExpressionValidator.d.ts","sourceRoot":"","sources":["../src/SQLExpressionValidator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH;;GAEG;AACH,eAAO,MAAM,sBAAsB,2gBA0CzB,CAAC;AAEX;;GAEG;AACH,eAAO,MAAM,qBAAqB;;;;;;;;;;CA2BxB,CAAC;AAEX;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAC5B,cAAc,GACd,UAAU,GACV,WAAW,GACX,iBAAiB,CAAC;AAEtB;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,+CAA+C;IAC/C,KAAK,EAAE,OAAO,CAAC;IACf,yCAAyC;IACzC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,2DAA2D;IAC3D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,iCAAiC;IACjC,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,gDAAgD;IAChD,OAAO,EAAE,oBAAoB,CAAC;IAE9B,4EAA4E;IAC5E,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IAExB,wHAAwH;IACxH,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAE3B,iFAAiF;IACjF,eAAe,CAAC,EAAE,OAAO,CAAC;IAE1B,+CAA+C;IAC/C,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAE7B,qCAAqC;IACrC,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC9B;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,qBAAa,sBAAsB;IACjC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAyB;IAEjD,OAAO;IAEP;;OAEG;IACH,WAAkB,QAAQ,IAAI,sBAAsB,CAKnD;IAED;;;;;;OAMG;IACI,QAAQ,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,oBAAoB,GAAG,mBAAmB;IAiCvF;;;OAGG;IACH,OAAO,CAAC,oBAAoB;IAM5B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAgD9B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IA2B1B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAoBzB;;OAEG;IACH,OAAO,CAAC,oBAAoB;IA4B5B;;OAEG;IACH,OAAO,CAAC,WAAW;CAGpB"}

package/dist/SQLExpressionValidator.js ADDED Viewed

@@ -0,0 +1,270 @@
+"use strict";
+/**
+ * @fileoverview Unified SQL Expression Validation
+ *
+ * Central utility for validating user-provided SQL expressions against injection attacks.
+ * Used by RunView, aggregates, smart filters, and any other feature accepting SQL input.
+ *
+ * Located in MJGlobal (lowest-level package) so all packages can use it.
+ *
+ * @module @memberjunction/global/SQLExpressionValidator
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SQLExpressionValidator = exports.ALLOWED_SQL_FUNCTIONS = exports.DANGEROUS_SQL_KEYWORDS = void 0;
+/**
+ * Dangerous SQL keywords that are never allowed in user-provided expressions
+ */
+exports.DANGEROUS_SQL_KEYWORDS = [
+    // DDL (Data Definition Language)
+    'DROP', 'CREATE', 'ALTER', 'TRUNCATE', 'RENAME',
+    // DML (Data Manipulation Language)
+    'INSERT', 'UPDATE', 'DELETE', 'MERGE', 'REPLACE',
+    // DCL (Data Control Language)
+    'GRANT', 'REVOKE', 'DENY',
+    // Execution and procedures
+    'EXEC', 'EXECUTE', 'CALL', 'PROCEDURE', 'FUNCTION',
+    // Transaction control
+    'BEGIN', 'COMMIT', 'ROLLBACK', 'SAVEPOINT',
+    // Database/schema operations
+    'USE', 'DATABASE', 'SCHEMA',
+    // Control flow (dangerous in expressions)
+    'IF', 'WHILE', 'LOOP', 'FOR', 'GOTO',
+    // Union/set operations (injection vectors)
+    'UNION', 'INTERSECT', 'EXCEPT',
+    // Subquery keywords (when used maliciously)
+    'EXISTS', 'ANY', 'ALL', 'SOME',
+    // File/external operations
+    'BULK', 'OPENROWSET', 'OPENDATASOURCE', 'OPENQUERY',
+    // Extended stored procedures
+    'XP_', 'SP_',
+    // Dynamic SQL
+    'DYNAMIC', 'PREPARE', 'DEALLOCATE',
+    // Time-based injection
+    'WAITFOR', 'DELAY', 'SLEEP',
+    // System operations
+    'SHUTDOWN', 'RECONFIGURE'
+];
+/**
+ * Safe SQL functions allowed in expressions, organized by category
+ */
+exports.ALLOWED_SQL_FUNCTIONS = {
+    // Aggregate functions
+    aggregates: ['COUNT', 'COUNT_BIG', 'SUM', 'AVG', 'MIN', 'MAX', 'STDEV', 'STDEVP', 'VAR', 'VARP', 'STRING_AGG', 'CHECKSUM_AGG'],
+    // Math functions
+    math: ['ABS', 'CEILING', 'FLOOR', 'ROUND', 'POWER', 'SQRT', 'LOG', 'LOG10', 'EXP', 'SIGN', 'RAND'],
+    // String functions (read-only)
+    string: ['LEN', 'LENGTH', 'UPPER', 'LOWER', 'LTRIM', 'RTRIM', 'TRIM', 'LEFT', 'RIGHT', 'SUBSTRING', 'CHARINDEX', 'REPLACE', 'CONCAT', 'STUFF'],
+    // Date functions
+    date: ['DATEPART', 'DATEDIFF', 'DATEADD', 'YEAR', 'MONTH', 'DAY', 'HOUR', 'MINUTE', 'SECOND', 'GETDATE', 'GETUTCDATE', 'SYSDATETIME', 'EOMONTH'],
+    // Type conversion (safe subset)
+    conversion: ['CAST', 'CONVERT', 'TRY_CAST', 'TRY_CONVERT', 'FORMAT'],
+    // Null handling
+    nullHandling: ['ISNULL', 'COALESCE', 'NULLIF', 'IIF'],
+    // Case expressions
+    conditional: ['CASE', 'WHEN', 'THEN', 'ELSE', 'END'],
+    // Logical operators (as keywords)
+    logical: ['AND', 'OR', 'NOT', 'IS', 'NULL', 'LIKE', 'BETWEEN', 'IN'],
+    // Sort/order and windowing
+    ordering: ['ASC', 'ASCENDING', 'DESC', 'DESCENDING', 'OVER', 'PARTITION', 'BY', 'ORDER', 'ROWS', 'RANGE', 'UNBOUNDED', 'PRECEDING', 'FOLLOWING', 'CURRENT', 'ROW']
+};
+/**
+ * Central SQL expression validator for preventing SQL injection.
+ *
+ * Provides context-aware validation for different types of SQL expressions
+ * (WHERE clauses, ORDER BY, aggregates, etc.) with detailed error reporting.
+ *
+ * @example
+ * ```typescript
+ * const validator = SQLExpressionValidator.Instance;
+ *
+ * // Validate an aggregate expression
+ * const result = validator.validate('SUM(OrderTotal)', {
+ *   context: 'aggregate',
+ *   entityFields: ['OrderTotal', 'Quantity', 'Price']
+ * });
+ *
+ * if (!result.valid) {
+ *   console.error(result.error);
+ * }
+ * ```
+ */
+class SQLExpressionValidator {
+    constructor() { }
+    /**
+     * Gets the singleton instance of the validator
+     */
+    static get Instance() {
+        if (!this._instance) {
+            this._instance = new SQLExpressionValidator();
+        }
+        return this._instance;
+    }
+    /**
+     * Validate a SQL expression for injection and allowed patterns.
+     *
+     * @param expression The SQL expression to validate
+     * @param options Validation options including context and entity fields
+     * @returns Validation result with error details if invalid
+     */
+    validate(expression, options) {
+        if (!expression || typeof expression !== 'string') {
+            return { valid: false, error: 'Expression cannot be empty' };
+        }
+        const trimmed = expression.trim();
+        if (!trimmed) {
+            return { valid: false, error: 'Expression cannot be empty' };
+        }
+        // Step 1: Remove string literals to avoid false positives
+        const withoutStrings = this.removeStringLiterals(trimmed);
+        // Step 2: Check for dangerous patterns
+        const dangerCheck = this.checkDangerousPatterns(withoutStrings, options);
+        if (!dangerCheck.valid)
+            return dangerCheck;
+        // Step 3: Validate function names are in allowlist
+        const functionCheck = this.checkFunctionNames(withoutStrings, options);
+        if (!functionCheck.valid)
+            return functionCheck;
+        // Step 4: Context-specific validation
+        const contextCheck = this.checkContextRules(withoutStrings, options);
+        if (!contextCheck.valid)
+            return contextCheck;
+        // Step 5: Optional field reference validation (lenient - just logs warnings)
+        if (options.entityFields?.length) {
+            this.checkFieldReferences(withoutStrings, options.entityFields);
+        }
+        return { valid: true };
+    }
+    /**
+     * Remove string literals to avoid false positives in keyword detection.
+     * Handles both single and double quoted strings with escaped quotes.
+     */
+    removeStringLiterals(expression) {
+        // Match both single and double quoted strings, handling escaped quotes
+        const stringPattern = /(['"])(?:(?=(\\?))\2[\s\S])*?\1/g;
+        return expression.replace(stringPattern, '');
+    }
+    /**
+     * Check for dangerous SQL patterns that indicate injection attempts
+     */
+    checkDangerousPatterns(expression, options) {
+        const upper = expression.toUpperCase();
+        // Build blocked list - explicitly typed as string[] for mutability
+        const blocked = [...exports.DANGEROUS_SQL_KEYWORDS];
+        if (options.additionalBlocked) {
+            blocked.push(...options.additionalBlocked);
+        }
+        // Add SELECT to blocked unless explicitly allowed (prevents subqueries)
+        if (!options.allowSubqueries && !blocked.includes('SELECT')) {
+            blocked.push('SELECT');
+        }
+        for (const keyword of blocked) {
+            // Use word boundaries to avoid false positives (e.g., "DESCRIPTION" containing "EXEC")
+            const pattern = new RegExp(`\\b${this.escapeRegex(keyword)}\\b`, 'i');
+            if (pattern.test(upper)) {
+                return {
+                    valid: false,
+                    error: `Dangerous SQL keyword detected: ${keyword}`,
+                    trigger: keyword,
+                    suggestion: keyword === 'SELECT' ? 'Subqueries are not allowed. Use a direct expression instead.' : undefined
+                };
+            }
+        }
+        // Check comment patterns (common injection technique)
+        if (upper.includes('--') || upper.includes('/*') || upper.includes('*/')) {
+            return {
+                valid: false,
+                error: 'Comments are not allowed in SQL expressions',
+                trigger: 'comment'
+            };
+        }
+        // Check statement terminator (prevents multi-statement injection)
+        if (expression.includes(';')) {
+            return {
+                valid: false,
+                error: 'Semicolons are not allowed in SQL expressions',
+                trigger: ';'
+            };
+        }
+        return { valid: true };
+    }
+    /**
+     * Check that function names are in the allowlist
+     */
+    checkFunctionNames(expression, options) {
+        // Extract function calls (word followed by opening paren)
+        const functionPattern = /\b([A-Z_][A-Z0-9_]*)\s*\(/gi;
+        let match;
+        // Build allowed functions list from all categories
+        const allowed = new Set();
+        Object.values(exports.ALLOWED_SQL_FUNCTIONS).flat().forEach(fn => allowed.add(fn.toUpperCase()));
+        if (options.additionalAllowed) {
+            options.additionalAllowed.forEach(fn => allowed.add(fn.toUpperCase()));
+        }
+        while ((match = functionPattern.exec(expression)) !== null) {
+            const fnName = match[1].toUpperCase();
+            if (!allowed.has(fnName)) {
+                return {
+                    valid: false,
+                    error: `Function '${fnName}' is not allowed`,
+                    trigger: fnName,
+                    suggestion: `Allowed functions include: ${exports.ALLOWED_SQL_FUNCTIONS.aggregates.join(', ')}, ${exports.ALLOWED_SQL_FUNCTIONS.math.slice(0, 5).join(', ')}...`
+                };
+            }
+        }
+        return { valid: true };
+    }
+    /**
+     * Context-specific validation rules
+     */
+    checkContextRules(expression, options) {
+        // For aggregate context, require at least one aggregate function (unless explicitly disabled)
+        if (options.context === 'aggregate' && options.requireAggregate !== false) {
+            const hasAggregate = exports.ALLOWED_SQL_FUNCTIONS.aggregates.some(fn => {
+                const pattern = new RegExp(`\\b${fn}\\s*\\(`, 'i');
+                return pattern.test(expression);
+            });
+            if (!hasAggregate) {
+                return {
+                    valid: false,
+                    error: 'Aggregate expression must contain at least one aggregate function',
+                    suggestion: `Use one of: ${exports.ALLOWED_SQL_FUNCTIONS.aggregates.join(', ')}`
+                };
+            }
+        }
+        return { valid: true };
+    }
+    /**
+     * Validate field references exist in entity (lenient mode - just for logging)
+     */
+    checkFieldReferences(expression, entityFields) {
+        // Extract potential field names (words not followed by parentheses)
+        const fieldPattern = /\b([A-Z_][A-Z0-9_]*)\b(?!\s*\()/gi;
+        const fieldSet = new Set(entityFields.map(f => f.toUpperCase()));
+        // Build set of all allowed keywords (not just functions)
+        const allAllowed = new Set();
+        Object.values(exports.ALLOWED_SQL_FUNCTIONS).flat().forEach(k => allAllowed.add(k.toUpperCase()));
+        let match;
+        const unknownFields = [];
+        while ((match = fieldPattern.exec(expression)) !== null) {
+            const word = match[1].toUpperCase();
+            // Skip if it's an allowed keyword or a known field
+            if (!allAllowed.has(word) && !fieldSet.has(word)) {
+                unknownFields.push(match[1]);
+            }
+        }
+        // Lenient mode: just log warnings, don't fail validation
+        // This allows computed columns and virtual fields not in the fields array
+        if (unknownFields.length > 0) {
+            // Could emit a warning here if we had a logging mechanism
+            // For now, we allow it to pass
+        }
+    }
+    /**
+     * Escape special regex characters in a string
+     */
+    escapeRegex(str) {
+        return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+    }
+}
+exports.SQLExpressionValidator = SQLExpressionValidator;
+//# sourceMappingURL=SQLExpressionValidator.js.map

package/dist/SQLExpressionValidator.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SQLExpressionValidator.js","sourceRoot":"","sources":["../src/SQLExpressionValidator.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;;AAEH;;GAEG;AACU,QAAA,sBAAsB,GAAG;IACpC,iCAAiC;IACjC,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ;IAE/C,mCAAmC;IACnC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS;IAEhD,8BAA8B;IAC9B,OAAO,EAAE,QAAQ,EAAE,MAAM;IAEzB,2BAA2B;IAC3B,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,WAAW,EAAE,UAAU;IAElD,sBAAsB;IACtB,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW;IAE1C,6BAA6B;IAC7B,KAAK,EAAE,UAAU,EAAE,QAAQ;IAE3B,0CAA0C;IAC1C,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM;IAEpC,2CAA2C;IAC3C,OAAO,EAAE,WAAW,EAAE,QAAQ;IAE9B,4CAA4C;IAC5C,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM;IAE9B,2BAA2B;IAC3B,MAAM,EAAE,YAAY,EAAE,gBAAgB,EAAE,WAAW;IAEnD,6BAA6B;IAC7B,KAAK,EAAE,KAAK;IAEZ,cAAc;IACd,SAAS,EAAE,SAAS,EAAE,YAAY;IAElC,uBAAuB;IACvB,SAAS,EAAE,OAAO,EAAE,OAAO;IAE3B,oBAAoB;IACpB,UAAU,EAAE,aAAa;CACjB,CAAC;AAEX;;GAEG;AACU,QAAA,qBAAqB,GAAG;IACnC,sBAAsB;IACtB,UAAU,EAAE,CAAC,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,YAAY,EAAE,cAAc,CAAC;IAE9H,iBAAiB;IACjB,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC;IAElG,+BAA+B;IAC/B,MAAM,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,OAAO,CAAC;IAE9I,iBAAiB;IACjB,IAAI,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,CAAC;IAEhJ,gCAAgC;IAChC,UAAU,EAAE,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,aAAa,EAAE,QAAQ,CAAC;IAEpE,gBAAgB;IAChB,YAAY,EAAE,CAAC,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,KAAK,CAAC;IAErD,mBAAmB;IACnB,WAAW,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC;IAEpD,kCAAkC;IAClC,OAAO,EAAE,CAAC,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC;IAEpE,2BAA2B;IAC3B,QAAQ,EAAE,CAAC,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,SAAS,EAAE,KAAK,CAAC;CAC1J,CAAC;AAgDX;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAa,sBAAsB;IAGjC,gBAAuB,CAAC;IAExB;;OAEG;IACI,MAAM,KAAK,QAAQ;QACxB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,IAAI,CAAC,SAAS,GAAG,IAAI,sBAAsB,EAAE,CAAC;QAChD,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;;;;;OAMG;IACI,QAAQ,CAAC,UAAkB,EAAE,OAA6B;QAC/D,IAAI,CAAC,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;YAClD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,4BAA4B,EAAE,CAAC;QAC/D,CAAC;QAED,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC;QAClC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,4BAA4B,EAAE,CAAC;QAC/D,CAAC;QAED,0DAA0D;QAC1D,MAAM,cAAc,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QAE1D,uCAAuC;QACvC,MAAM,WAAW,GAAG,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;QACzE,IAAI,CAAC,WAAW,CAAC,KAAK;YAAE,OAAO,WAAW,CAAC;QAE3C,mDAAmD;QACnD,MAAM,aAAa,GAAG,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;QACvE,IAAI,CAAC,aAAa,CAAC,KAAK;YAAE,OAAO,aAAa,CAAC;QAE/C,sCAAsC;QACtC,MAAM,YAAY,GAAG,IAAI,CAAC,iBAAiB,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;QACrE,IAAI,CAAC,YAAY,CAAC,KAAK;YAAE,OAAO,YAAY,CAAC;QAE7C,6EAA6E;QAC7E,IAAI,OAAO,CAAC,YAAY,EAAE,MAAM,EAAE,CAAC;YACjC,IAAI,CAAC,oBAAoB,CAAC,cAAc,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;QAClE,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACzB,CAAC;IAED;;;OAGG;IACK,oBAAoB,CAAC,UAAkB;QAC7C,uEAAuE;QACvE,MAAM,aAAa,GAAG,kCAAkC,CAAC;QACzD,OAAO,UAAU,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACK,sBAAsB,CAAC,UAAkB,EAAE,OAA6B;QAC9E,MAAM,KAAK,GAAG,UAAU,CAAC,WAAW,EAAE,CAAC;QAEvC,mEAAmE;QACnE,MAAM,OAAO,GAAa,CAAC,GAAG,8BAAsB,CAAC,CAAC;QACtD,IAAI,OAAO,CAAC,iBAAiB,EAAE,CAAC;YAC9B,OAAO,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;QAC7C,CAAC;QAED,wEAAwE;QACxE,IAAI,CAAC,OAAO,CAAC,eAAe,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5D,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACzB,CAAC;QAED,KAAK,MAAM,OAAO,IAAI,OAAO,EAAE,CAAC;YAC9B,uFAAuF;YACvF,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YACtE,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;gBACxB,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,mCAAmC,OAAO,EAAE;oBACnD,OAAO,EAAE,OAAO;oBAChB,UAAU,EAAE,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,8DAA8D,CAAC,CAAC,CAAC,SAAS;iBAC9G,CAAC;YACJ,CAAC;QACH,CAAC;QAED,sDAAsD;QACtD,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YACzE,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,6CAA6C;gBACpD,OAAO,EAAE,SAAS;aACnB,CAAC;QACJ,CAAC;QAED,kEAAkE;QAClE,IAAI,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7B,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,+CAA+C;gBACtD,OAAO,EAAE,GAAG;aACb,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,UAAkB,EAAE,OAA6B;QAC1E,0DAA0D;QAC1D,MAAM,eAAe,GAAG,6BAA6B,CAAC;QACtD,IAAI,KAAK,CAAC;QAEV,mDAAmD;QACnD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;QAClC,MAAM,CAAC,MAAM,CAAC,6BAAqB,CAAC,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QACzF,IAAI,OAAO,CAAC,iBAAiB,EAAE,CAAC;YAC9B,OAAO,CAAC,iBAAiB,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QACzE,CAAC;QAED,OAAO,CAAC,KAAK,GAAG,eAAe,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC3D,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YACtC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;gBACzB,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,aAAa,MAAM,kBAAkB;oBAC5C,OAAO,EAAE,MAAM;oBACf,UAAU,EAAE,8BAA8B,6BAAqB,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,6BAAqB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK;iBACjJ,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,UAAkB,EAAE,OAA6B;QACzE,8FAA8F;QAC9F,IAAI,OAAO,CAAC,OAAO,KAAK,WAAW,IAAI,OAAO,CAAC,gBAAgB,KAAK,KAAK,EAAE,CAAC;YAC1E,MAAM,YAAY,GAAG,6BAAqB,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE;gBAC9D,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;gBACnD,OAAO,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAClC,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,mEAAmE;oBAC1E,UAAU,EAAE,eAAe,6BAAqB,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;iBACzE,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,oBAAoB,CAAC,UAAkB,EAAE,YAAsB;QACrE,oEAAoE;QACpE,MAAM,YAAY,GAAG,mCAAmC,CAAC;QACzD,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAEjE,yDAAyD;QACzD,MAAM,UAAU,GAAG,IAAI,GAAG,EAAU,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,6BAAqB,CAAC,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAE1F,IAAI,KAAK,CAAC;QACV,MAAM,aAAa,GAAa,EAAE,CAAC;QAEnC,OAAO,CAAC,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACxD,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YACpC,mDAAmD;YACnD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBACjD,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC/B,CAAC;QACH,CAAC;QAED,yDAAyD;QACzD,0EAA0E;QAC1E,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC7B,0DAA0D;YAC1D,+BAA+B;QACjC,CAAC;IACH,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,GAAW;QAC7B,OAAO,GAAG,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;IACpD,CAAC;CACF;AA9MD,wDA8MC"}

package/dist/index.d.ts CHANGED Viewed

@@ -9,6 +9,7 @@ export * from './util/PatternUtils';
 export * from './ValidationTypes';
 export * from './JSONValidator';
 export * from './SafeExpressionEvaluator';
+export * from './SQLExpressionValidator';
 export * from './warningManager';
 export * from './EncryptionUtils';
 export * from './Global';

package/dist/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AAChE,cAAc,aAAa,CAAA;AAC3B,cAAc,QAAQ,CAAA;AACtB,cAAc,eAAe,CAAA;AAC7B,cAAc,iBAAiB,CAAA;AAC/B,cAAc,YAAY,CAAA;AAC1B,cAAc,cAAc,CAAA;AAC5B,cAAc,qBAAqB,CAAC;AACpC,cAAc,mBAAmB,CAAA;AACjC,cAAc,iBAAiB,CAAA;AAC/B,cAAc,2BAA2B,CAAA;AACzC,cAAc,kBAAkB,CAAA;AAChC,cAAc,mBAAmB,CAAA;AAMjC,cAAc,UAAU,CAAA;AACxB,cAAc,iBAAiB,CAAA"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AAChE,cAAc,aAAa,CAAA;AAC3B,cAAc,QAAQ,CAAA;AACtB,cAAc,eAAe,CAAA;AAC7B,cAAc,iBAAiB,CAAA;AAC/B,cAAc,YAAY,CAAA;AAC1B,cAAc,cAAc,CAAA;AAC5B,cAAc,qBAAqB,CAAC;AACpC,cAAc,mBAAmB,CAAA;AACjC,cAAc,iBAAiB,CAAA;AAC/B,cAAc,2BAA2B,CAAA;AACzC,cAAc,0BAA0B,CAAA;AACxC,cAAc,kBAAkB,CAAA;AAChC,cAAc,mBAAmB,CAAA;AAMjC,cAAc,UAAU,CAAA;AACxB,cAAc,iBAAiB,CAAA"}

package/dist/index.js CHANGED Viewed

@@ -29,6 +29,7 @@ __exportStar(require("./util/PatternUtils"), exports);
 __exportStar(require("./ValidationTypes"), exports);
 __exportStar(require("./JSONValidator"), exports);
 __exportStar(require("./SafeExpressionEvaluator"), exports);
+__exportStar(require("./SQLExpressionValidator"), exports);
 __exportStar(require("./warningManager"), exports);
 __exportStar(require("./EncryptionUtils"), exports);
 // NOTE: TelemetryManager has moved to @memberjunction/core

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,iCAAiC;AACjC,+CAAgE;AAAvD,4GAAA,YAAY,OAAA;AAAE,iHAAA,iBAAiB,OAAA;AACxC,8CAA2B;AAC3B,yCAAsB;AACtB,gDAA6B;AAC7B,kDAA+B;AAC/B,6CAA0B;AAC1B,+CAA4B;AAC5B,sDAAoC;AACpC,oDAAiC;AACjC,kDAA+B;AAC/B,4DAAyC;AACzC,mDAAgC;AAChC,oDAAiC;AAEjC,2DAA2D;AAC3D,oCAAoC;AAEpC,0BAA0B;AAC1B,2CAAwB;AACxB,kDAA+B;AAE/B,6DAA6D;AAC7D,oCAAoC"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,iCAAiC;AACjC,+CAAgE;AAAvD,4GAAA,YAAY,OAAA;AAAE,iHAAA,iBAAiB,OAAA;AACxC,8CAA2B;AAC3B,yCAAsB;AACtB,gDAA6B;AAC7B,kDAA+B;AAC/B,6CAA0B;AAC1B,+CAA4B;AAC5B,sDAAoC;AACpC,oDAAiC;AACjC,kDAA+B;AAC/B,4DAAyC;AACzC,2DAAwC;AACxC,mDAAgC;AAChC,oDAAiC;AAEjC,2DAA2D;AAC3D,oCAAoC;AAEpC,0BAA0B;AAC1B,2CAAwB;AACxB,kDAA+B;AAE/B,6DAA6D;AAC7D,oCAAoC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@memberjunction/global",
-  "version": "3.2.0",
+  "version": "3.3.0",
   "description": "MemberJunction: Global Object - Needed for ALL other MJ components",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",