@metamask/permission-controller 11.0.0 → 11.0.2

package/dist/{types/utils.d.ts → utils.d.cts}

@@ -1,7 +1,7 @@
-import type { JsonRpcEngineEndCallback, JsonRpcEngineNextCallback } from '@metamask/json-rpc-engine';
-import type { Json, JsonRpcParams, JsonRpcRequest, PendingJsonRpcResponse } from '@metamask/utils';
-import type { CaveatConstraint, CaveatSpecificationConstraint, CaveatSpecificationMap } from './Caveat';
-import type { PermissionConstraint, PermissionSpecificationConstraint, PermissionSpecificationMap } from './Permission';
+import type { JsonRpcEngineEndCallback, JsonRpcEngineNextCallback } from "@metamask/json-rpc-engine";
+import type { Json, JsonRpcParams, JsonRpcRequest, PendingJsonRpcResponse } from "@metamask/utils";
+import type { CaveatConstraint, CaveatSpecificationConstraint, CaveatSpecificationMap } from "./Caveat.cjs";
+import type { PermissionConstraint, PermissionSpecificationConstraint, PermissionSpecificationMap } from "./Permission.cjs";
 export declare enum MethodNames {
     RequestPermissions = "wallet_requestPermissions",
     GetPermissions = "wallet_getPermissions",
@@ -54,4 +54,4 @@ export declare function collectUniqueAndPairedCaveats(leftPermission: Partial<Pe
     leftUniqueCaveats: CaveatConstraint[];
     rightUniqueCaveats: CaveatConstraint[];
 };
-//# sourceMappingURL=utils.d.ts.map
+//# sourceMappingURL=utils.d.cts.map

package/dist/utils.d.cts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.cts","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,wBAAwB,EACxB,yBAAyB,EAC1B,kCAAkC;AACnC,OAAO,KAAK,EACV,IAAI,EACJ,aAAa,EACb,cAAc,EACd,sBAAsB,EACvB,wBAAwB;AAEzB,OAAO,KAAK,EACV,gBAAgB,EAChB,6BAA6B,EAC7B,sBAAsB,EACvB,qBAAiB;AAClB,OAAO,KAAK,EACV,oBAAoB,EACpB,iCAAiC,EACjC,0BAA0B,EAC3B,yBAAqB;AAEtB,oBAAY,WAAW;IACrB,kBAAkB,8BAA8B;IAChD,cAAc,0BAA0B;IACxC,iBAAiB,6BAA6B;CAC/C;AAED;;;;;;;GAOG;AACH,MAAM,MAAM,qBAAqB,CAC/B,iBAAiB,SACb,sBAAsB,CAAC,6BAA6B,CAAC,GACrD,0BAA0B,CAAC,iCAAiC,CAAC,IAC/D,iBAAiB,CAAC,MAAM,iBAAiB,CAAC,CAAC;AAE/C;;GAEG;AACH,MAAM,MAAM,yBAAyB,CACnC,KAAK,EACL,MAAM,SAAS,aAAa,EAC5B,MAAM,SAAS,IAAI,IACjB,CACF,GAAG,EAAE,cAAc,CAAC,MAAM,CAAC,EAC3B,GAAG,EAAE,sBAAsB,CAAC,MAAM,CAAC,EACnC,IAAI,EAAE,yBAAyB,EAC/B,GAAG,EAAE,wBAAwB,EAC7B,KAAK,EAAE,KAAK,KACT,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AAE1B;;;;;GAKG;AACH,MAAM,MAAM,SAAS,CAAC,OAAO,IAAI;KAC9B,QAAQ,IAAI,MAAM,OAAO,GAAG,IAAI;CAClC,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,sBAAsB,CAChC,KAAK,EACL,MAAM,SAAS,aAAa,EAC5B,MAAM,SAAS,IAAI,IACjB;IACF,cAAc,EAAE,yBAAyB,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;IACjE,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;IAC5B,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,wBAAgB,6BAA6B,CAC3C,cAAc,EAAE,OAAO,CAAC,oBAAoB,CAAC,GAAG,SAAS,EACzD,eAAe,EAAE,OAAO,CAAC,oBAAoB,CAAC;;;;EAyB/C"}

package/dist/utils.d.mts

@@ -0,0 +1,57 @@
+import type { JsonRpcEngineEndCallback, JsonRpcEngineNextCallback } from "@metamask/json-rpc-engine";
+import type { Json, JsonRpcParams, JsonRpcRequest, PendingJsonRpcResponse } from "@metamask/utils";
+import type { CaveatConstraint, CaveatSpecificationConstraint, CaveatSpecificationMap } from "./Caveat.mjs";
+import type { PermissionConstraint, PermissionSpecificationConstraint, PermissionSpecificationMap } from "./Permission.mjs";
+export declare enum MethodNames {
+    RequestPermissions = "wallet_requestPermissions",
+    GetPermissions = "wallet_getPermissions",
+    RevokePermissions = "wallet_revokePermissions"
+}
+/**
+ * Utility type for extracting a union of all individual caveat or permission
+ * specification types from a {@link CaveatSpecificationMap} or
+ * {@link PermissionSpecificationMap}.
+ *
+ * @template SpecificationsMap - The caveat or permission specifications map
+ * whose specification type union to extract.
+ */
+export type ExtractSpecifications<SpecificationsMap extends CaveatSpecificationMap<CaveatSpecificationConstraint> | PermissionSpecificationMap<PermissionSpecificationConstraint>> = SpecificationsMap[keyof SpecificationsMap];
+/**
+ * A middleware function for handling a permitted method.
+ */
+export type HandlerMiddlewareFunction<Hooks, Params extends JsonRpcParams, Result extends Json> = (req: JsonRpcRequest<Params>, res: PendingJsonRpcResponse<Result>, next: JsonRpcEngineNextCallback, end: JsonRpcEngineEndCallback, hooks: Hooks) => void | Promise<void>;
+/**
+ * We use a mapped object type in order to create a type that requires the
+ * presence of the names of all hooks for the given handler.
+ * This can then be used to select only the necessary hooks whenever a method
+ * is called for purposes of POLA.
+ */
+export type HookNames<HookMap> = {
+    [Property in keyof HookMap]: true;
+};
+/**
+ * A handler for a permitted method.
+ */
+export type PermittedHandlerExport<Hooks, Params extends JsonRpcParams, Result extends Json> = {
+    implementation: HandlerMiddlewareFunction<Hooks, Params, Result>;
+    hookNames: HookNames<Hooks>;
+    methodNames: string[];
+};
+/**
+ * Given two permission objects, computes 3 sets:
+ * - The set of caveat pairs that are common to both permissions.
+ * - The set of caveats that are unique to the existing permission.
+ * - The set of caveats that are unique to the requested permission.
+ *
+ * Assumes that the caveat arrays of both permissions are valid.
+ *
+ * @param leftPermission - The left-hand permission.
+ * @param rightPermission - The right-hand permission.
+ * @returns The sets of caveat pairs and unique caveats.
+ */
+export declare function collectUniqueAndPairedCaveats(leftPermission: Partial<PermissionConstraint> | undefined, rightPermission: Partial<PermissionConstraint>): {
+    caveatPairs: [CaveatConstraint, CaveatConstraint][];
+    leftUniqueCaveats: CaveatConstraint[];
+    rightUniqueCaveats: CaveatConstraint[];
+};
+//# sourceMappingURL=utils.d.mts.map

package/dist/utils.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.mts","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,wBAAwB,EACxB,yBAAyB,EAC1B,kCAAkC;AACnC,OAAO,KAAK,EACV,IAAI,EACJ,aAAa,EACb,cAAc,EACd,sBAAsB,EACvB,wBAAwB;AAEzB,OAAO,KAAK,EACV,gBAAgB,EAChB,6BAA6B,EAC7B,sBAAsB,EACvB,qBAAiB;AAClB,OAAO,KAAK,EACV,oBAAoB,EACpB,iCAAiC,EACjC,0BAA0B,EAC3B,yBAAqB;AAEtB,oBAAY,WAAW;IACrB,kBAAkB,8BAA8B;IAChD,cAAc,0BAA0B;IACxC,iBAAiB,6BAA6B;CAC/C;AAED;;;;;;;GAOG;AACH,MAAM,MAAM,qBAAqB,CAC/B,iBAAiB,SACb,sBAAsB,CAAC,6BAA6B,CAAC,GACrD,0BAA0B,CAAC,iCAAiC,CAAC,IAC/D,iBAAiB,CAAC,MAAM,iBAAiB,CAAC,CAAC;AAE/C;;GAEG;AACH,MAAM,MAAM,yBAAyB,CACnC,KAAK,EACL,MAAM,SAAS,aAAa,EAC5B,MAAM,SAAS,IAAI,IACjB,CACF,GAAG,EAAE,cAAc,CAAC,MAAM,CAAC,EAC3B,GAAG,EAAE,sBAAsB,CAAC,MAAM,CAAC,EACnC,IAAI,EAAE,yBAAyB,EAC/B,GAAG,EAAE,wBAAwB,EAC7B,KAAK,EAAE,KAAK,KACT,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AAE1B;;;;;GAKG;AACH,MAAM,MAAM,SAAS,CAAC,OAAO,IAAI;KAC9B,QAAQ,IAAI,MAAM,OAAO,GAAG,IAAI;CAClC,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,sBAAsB,CAChC,KAAK,EACL,MAAM,SAAS,aAAa,EAC5B,MAAM,SAAS,IAAI,IACjB;IACF,cAAc,EAAE,yBAAyB,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;IACjE,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;IAC5B,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,wBAAgB,6BAA6B,CAC3C,cAAc,EAAE,OAAO,CAAC,oBAAoB,CAAC,GAAG,SAAS,EACzD,eAAe,EAAE,OAAO,CAAC,oBAAoB,CAAC;;;;EAyB/C"}

package/dist/utils.mjs

@@ -1,10 +1,40 @@
-import {
-  MethodNames,
-  collectUniqueAndPairedCaveats
-} from "./chunk-4NAVRO44.mjs";
-import "./chunk-2L4QPE5A.mjs";
-export {
-  MethodNames,
-  collectUniqueAndPairedCaveats
-};
+export var MethodNames;
+(function (MethodNames) {
+    MethodNames["RequestPermissions"] = "wallet_requestPermissions";
+    MethodNames["GetPermissions"] = "wallet_getPermissions";
+    MethodNames["RevokePermissions"] = "wallet_revokePermissions";
+})(MethodNames || (MethodNames = {}));
+/**
+ * Given two permission objects, computes 3 sets:
+ * - The set of caveat pairs that are common to both permissions.
+ * - The set of caveats that are unique to the existing permission.
+ * - The set of caveats that are unique to the requested permission.
+ *
+ * Assumes that the caveat arrays of both permissions are valid.
+ *
+ * @param leftPermission - The left-hand permission.
+ * @param rightPermission - The right-hand permission.
+ * @returns The sets of caveat pairs and unique caveats.
+ */
+export function collectUniqueAndPairedCaveats(leftPermission, rightPermission) {
+    const leftCaveats = leftPermission?.caveats?.slice() ?? [];
+    const rightCaveats = rightPermission.caveats?.slice() ?? [];
+    const leftUniqueCaveats = [];
+    const caveatPairs = [];
+    leftCaveats.forEach((leftCaveat) => {
+        const rightCaveatIndex = rightCaveats.findIndex((rightCaveat) => rightCaveat.type === leftCaveat.type);
+        if (rightCaveatIndex === -1) {
+            leftUniqueCaveats.push(leftCaveat);
+        }
+        else {
+            caveatPairs.push([leftCaveat, rightCaveats[rightCaveatIndex]]);
+            rightCaveats.splice(rightCaveatIndex, 1);
+        }
+    });
+    return {
+        caveatPairs,
+        leftUniqueCaveats,
+        rightUniqueCaveats: [...rightCaveats],
+    };
+}
 //# sourceMappingURL=utils.mjs.map

package/dist/utils.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
+{"version":3,"file":"utils.mjs","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAsBA,MAAM,CAAN,IAAY,WAIX;AAJD,WAAY,WAAW;IACrB,+DAAgD,CAAA;IAChD,uDAAwC,CAAA;IACxC,6DAA8C,CAAA;AAChD,CAAC,EAJW,WAAW,KAAX,WAAW,QAItB;AAsDD;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,6BAA6B,CAC3C,cAAyD,EACzD,eAA8C;IAE9C,MAAM,WAAW,GAAG,cAAc,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IAC3D,MAAM,YAAY,GAAG,eAAe,CAAC,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IAC5D,MAAM,iBAAiB,GAAuB,EAAE,CAAC;IACjD,MAAM,WAAW,GAA2C,EAAE,CAAC;IAE/D,WAAW,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;QACjC,MAAM,gBAAgB,GAAG,YAAY,CAAC,SAAS,CAC7C,CAAC,WAAW,EAAE,EAAE,CAAC,WAAW,CAAC,IAAI,KAAK,UAAU,CAAC,IAAI,CACtD,CAAC;QAEF,IAAI,gBAAgB,KAAK,CAAC,CAAC,EAAE;YAC3B,iBAAiB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;SACpC;aAAM;YACL,WAAW,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,YAAY,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC;YAC/D,YAAY,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC,CAAC,CAAC;SAC1C;IACH,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,WAAW;QACX,iBAAiB;QACjB,kBAAkB,EAAE,CAAC,GAAG,YAAY,CAAC;KACtC,CAAC;AACJ,CAAC","sourcesContent":["import type {\n  JsonRpcEngineEndCallback,\n  JsonRpcEngineNextCallback,\n} from '@metamask/json-rpc-engine';\nimport type {\n  Json,\n  JsonRpcParams,\n  JsonRpcRequest,\n  PendingJsonRpcResponse,\n} from '@metamask/utils';\n\nimport type {\n  CaveatConstraint,\n  CaveatSpecificationConstraint,\n  CaveatSpecificationMap,\n} from './Caveat';\nimport type {\n  PermissionConstraint,\n  PermissionSpecificationConstraint,\n  PermissionSpecificationMap,\n} from './Permission';\n\nexport enum MethodNames {\n  RequestPermissions = 'wallet_requestPermissions',\n  GetPermissions = 'wallet_getPermissions',\n  RevokePermissions = 'wallet_revokePermissions',\n}\n\n/**\n * Utility type for extracting a union of all individual caveat or permission\n * specification types from a {@link CaveatSpecificationMap} or\n * {@link PermissionSpecificationMap}.\n *\n * @template SpecificationsMap - The caveat or permission specifications map\n * whose specification type union to extract.\n */\nexport type ExtractSpecifications<\n  SpecificationsMap extends\n    | CaveatSpecificationMap<CaveatSpecificationConstraint>\n    | PermissionSpecificationMap<PermissionSpecificationConstraint>,\n> = SpecificationsMap[keyof SpecificationsMap];\n\n/**\n * A middleware function for handling a permitted method.\n */\nexport type HandlerMiddlewareFunction<\n  Hooks,\n  Params extends JsonRpcParams,\n  Result extends Json,\n> = (\n  req: JsonRpcRequest<Params>,\n  res: PendingJsonRpcResponse<Result>,\n  next: JsonRpcEngineNextCallback,\n  end: JsonRpcEngineEndCallback,\n  hooks: Hooks,\n) => void | Promise<void>;\n\n/**\n * We use a mapped object type in order to create a type that requires the\n * presence of the names of all hooks for the given handler.\n * This can then be used to select only the necessary hooks whenever a method\n * is called for purposes of POLA.\n */\nexport type HookNames<HookMap> = {\n  [Property in keyof HookMap]: true;\n};\n\n/**\n * A handler for a permitted method.\n */\nexport type PermittedHandlerExport<\n  Hooks,\n  Params extends JsonRpcParams,\n  Result extends Json,\n> = {\n  implementation: HandlerMiddlewareFunction<Hooks, Params, Result>;\n  hookNames: HookNames<Hooks>;\n  methodNames: string[];\n};\n\n/**\n * Given two permission objects, computes 3 sets:\n * - The set of caveat pairs that are common to both permissions.\n * - The set of caveats that are unique to the existing permission.\n * - The set of caveats that are unique to the requested permission.\n *\n * Assumes that the caveat arrays of both permissions are valid.\n *\n * @param leftPermission - The left-hand permission.\n * @param rightPermission - The right-hand permission.\n * @returns The sets of caveat pairs and unique caveats.\n */\nexport function collectUniqueAndPairedCaveats(\n  leftPermission: Partial<PermissionConstraint> | undefined,\n  rightPermission: Partial<PermissionConstraint>,\n) {\n  const leftCaveats = leftPermission?.caveats?.slice() ?? [];\n  const rightCaveats = rightPermission.caveats?.slice() ?? [];\n  const leftUniqueCaveats: CaveatConstraint[] = [];\n  const caveatPairs: [CaveatConstraint, CaveatConstraint][] = [];\n\n  leftCaveats.forEach((leftCaveat) => {\n    const rightCaveatIndex = rightCaveats.findIndex(\n      (rightCaveat) => rightCaveat.type === leftCaveat.type,\n    );\n\n    if (rightCaveatIndex === -1) {\n      leftUniqueCaveats.push(leftCaveat);\n    } else {\n      caveatPairs.push([leftCaveat, rightCaveats[rightCaveatIndex]]);\n      rightCaveats.splice(rightCaveatIndex, 1);\n    }\n  });\n\n  return {\n    caveatPairs,\n    leftUniqueCaveats,\n    rightUniqueCaveats: [...rightCaveats],\n  };\n}\n"]}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@metamask/permission-controller",
-  "version": "11.0.0",
+  "version": "11.0.2",
   "description": "Mediates access to JSON-RPC methods, used to interact with pieces of the MetaMask stack, via middleware for json-rpc-engine",
   "keywords": [
     "MetaMask",
@@ -18,32 +18,38 @@
   "sideEffects": false,
   "exports": {
     ".": {
-      "import": "./dist/index.mjs",
-      "require": "./dist/index.js",
-      "types": "./dist/types/index.d.ts"
+      "import": {
+        "types": "./dist/index.d.mts",
+        "default": "./dist/index.mjs"
+      },
+      "require": {
+        "types": "./dist/index.d.cts",
+        "default": "./dist/index.cjs"
+      }
     },
     "./package.json": "./package.json"
   },
-  "main": "./dist/index.js",
-  "types": "./dist/types/index.d.ts",
+  "main": "./dist/index.cjs",
+  "types": "./dist/index.d.cts",
   "files": [
     "dist/"
   ],
   "scripts": {
-    "build": "tsup --config ../../tsup.config.ts --tsconfig ./tsconfig.build.json --clean",
+    "build": "ts-bridge --project tsconfig.build.json --verbose --clean --no-references",
     "build:docs": "typedoc",
     "changelog:update": "../../scripts/update-changelog.sh @metamask/permission-controller",
     "changelog:validate": "../../scripts/validate-changelog.sh @metamask/permission-controller",
     "publish:preview": "yarn npm publish --tag preview",
+    "since-latest-release": "../../scripts/since-latest-release.sh",
     "test": "NODE_OPTIONS=--experimental-vm-modules jest --reporters=jest-silent-reporter",
     "test:clean": "NODE_OPTIONS=--experimental-vm-modules jest --clearCache",
     "test:verbose": "NODE_OPTIONS=--experimental-vm-modules jest --verbose",
     "test:watch": "NODE_OPTIONS=--experimental-vm-modules jest --watch"
   },
   "dependencies": {
-    "@metamask/base-controller": "^6.0.2",
-    "@metamask/controller-utils": "^11.0.2",
-    "@metamask/json-rpc-engine": "^9.0.2",
+    "@metamask/base-controller": "^7.0.1",
+    "@metamask/controller-utils": "^11.3.0",
+    "@metamask/json-rpc-engine": "^9.0.3",
     "@metamask/rpc-errors": "^6.3.1",
     "@metamask/utils": "^9.1.0",
     "@types/deep-freeze-strict": "^1.1.0",
@@ -52,7 +58,7 @@
     "nanoid": "^3.1.31"
   },
   "devDependencies": {
-    "@metamask/approval-controller": "^7.0.2",
+    "@metamask/approval-controller": "^7.0.4",
     "@metamask/auto-changelog": "^3.4.4",
     "@types/jest": "^27.4.1",
     "deepmerge": "^4.2.2",
@@ -60,7 +66,7 @@
     "ts-jest": "^27.1.4",
     "typedoc": "^0.24.8",
     "typedoc-plugin-missing-exports": "^2.0.0",
-    "typescript": "~5.0.4"
+    "typescript": "~5.2.2"
   },
   "peerDependencies": {
     "@metamask/approval-controller": "^7.0.0"

package/dist/Caveat.js

@@ -1,12 +0,0 @@
-"use strict";Object.defineProperty(exports, "__esModule", {value: true});
-
-
-var _chunk3YOPLPVYjs = require('./chunk-3YOPLPVY.js');
-require('./chunk-ZH4MLSXX.js');
-require('./chunk-FYADAA2G.js');
-require('./chunk-Z2XKIXLS.js');
-
-
-
-exports.decorateWithCaveats = _chunk3YOPLPVYjs.decorateWithCaveats; exports.isRestrictedMethodCaveatSpecification = _chunk3YOPLPVYjs.isRestrictedMethodCaveatSpecification;
-//# sourceMappingURL=Caveat.js.map

package/dist/Caveat.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":[],"names":[],"mappings":""}

package/dist/Permission.js

@@ -1,14 +0,0 @@
-"use strict";Object.defineProperty(exports, "__esModule", {value: true});
-
-
-
-
-var _chunkZH4MLSXXjs = require('./chunk-ZH4MLSXX.js');
-require('./chunk-Z2XKIXLS.js');
-
-
-
-
-
-exports.PermissionType = _chunkZH4MLSXXjs.PermissionType; exports.constructPermission = _chunkZH4MLSXXjs.constructPermission; exports.findCaveat = _chunkZH4MLSXXjs.findCaveat; exports.hasSpecificationType = _chunkZH4MLSXXjs.hasSpecificationType;
-//# sourceMappingURL=Permission.js.map

package/dist/Permission.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":[],"names":[],"mappings":""}

package/dist/PermissionController.js

@@ -1,15 +0,0 @@
-"use strict";Object.defineProperty(exports, "__esModule", {value: true});
-
-
-var _chunkB6PDRQ7Njs = require('./chunk-B6PDRQ7N.js');
-require('./chunk-3YOPLPVY.js');
-require('./chunk-ZH4MLSXX.js');
-require('./chunk-F5TBMVWC.js');
-require('./chunk-FYADAA2G.js');
-require('./chunk-VQPP5PWS.js');
-require('./chunk-Z2XKIXLS.js');
-
-
-
-exports.CaveatMutatorOperation = _chunkB6PDRQ7Njs.CaveatMutatorOperation; exports.PermissionController = _chunkB6PDRQ7Njs.PermissionController;
-//# sourceMappingURL=PermissionController.js.map

package/dist/PermissionController.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":[],"names":[],"mappings":""}

package/dist/SubjectMetadataController.js

@@ -1,10 +0,0 @@
-"use strict";Object.defineProperty(exports, "__esModule", {value: true});
-
-
-var _chunkVSDHL2GQjs = require('./chunk-VSDHL2GQ.js');
-require('./chunk-Z2XKIXLS.js');
-
-
-
-exports.SubjectMetadataController = _chunkVSDHL2GQjs.SubjectMetadataController; exports.SubjectType = _chunkVSDHL2GQjs.SubjectType;
-//# sourceMappingURL=SubjectMetadataController.js.map

package/dist/SubjectMetadataController.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":[],"names":[],"mappings":""}

package/dist/chunk-2L4QPE5A.mjs

@@ -1,25 +0,0 @@
-var __defProp = Object.defineProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __accessCheck = (obj, member, msg) => {
-  if (!member.has(obj))
-    throw TypeError("Cannot " + msg);
-};
-var __privateAdd = (obj, member, value) => {
-  if (member.has(obj))
-    throw TypeError("Cannot add the same private member more than once");
-  member instanceof WeakSet ? member.add(obj) : member.set(obj, value);
-};
-var __privateMethod = (obj, member, method) => {
-  __accessCheck(obj, member, "access private method");
-  return method;
-};
-
-export {
-  __export,
-  __privateAdd,
-  __privateMethod
-};
-//# sourceMappingURL=chunk-2L4QPE5A.mjs.map

package/dist/chunk-2L4QPE5A.mjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/chunk-3WWJKO7P.mjs

@@ -1,37 +0,0 @@
-import {
-  CaveatSpecificationMismatchError,
-  UnrecognizedCaveatTypeError
-} from "./chunk-G4BWJ7EA.mjs";
-
-// src/Caveat.ts
-import { hasProperty } from "@metamask/utils";
-function isRestrictedMethodCaveatSpecification(specification) {
-  return hasProperty(specification, "decorator");
-}
-function decorateWithCaveats(methodImplementation, permission, caveatSpecifications) {
-  const { caveats } = permission;
-  if (!caveats) {
-    return methodImplementation;
-  }
-  let decorated = async (args) => methodImplementation(args);
-  for (const caveat of caveats) {
-    const specification = caveatSpecifications[caveat.type];
-    if (!specification) {
-      throw new UnrecognizedCaveatTypeError(caveat.type);
-    }
-    if (!isRestrictedMethodCaveatSpecification(specification)) {
-      throw new CaveatSpecificationMismatchError(
-        specification,
-        "RestrictedMethod" /* RestrictedMethod */
-      );
-    }
-    decorated = specification.decorator(decorated, caveat);
-  }
-  return decorated;
-}
-
-export {
-  isRestrictedMethodCaveatSpecification,
-  decorateWithCaveats
-};
-//# sourceMappingURL=chunk-3WWJKO7P.mjs.map

package/dist/chunk-3WWJKO7P.mjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/Caveat.ts"],"sourcesContent":["import type { Json } from '@metamask/utils';\nimport { hasProperty } from '@metamask/utils';\n\nimport {\n  CaveatSpecificationMismatchError,\n  UnrecognizedCaveatTypeError,\n} from './errors';\nimport type {\n  AsyncRestrictedMethod,\n  RestrictedMethod,\n  PermissionConstraint,\n  RestrictedMethodParameters,\n} from './Permission';\nimport { PermissionType } from './Permission';\n// eslint-disable-next-line @typescript-eslint/no-unused-vars\nimport type { PermissionController } from './PermissionController';\n\nexport type CaveatConstraint = {\n  /**\n   * The type of the caveat. The type is presumed to be meaningful in the\n   * context of the capability it is associated with.\n   *\n   * In MetaMask, every permission can only have one caveat of each type.\n   */\n  readonly type: string;\n\n  /**\n   * Any additional data necessary to enforce the caveat.\n   */\n  readonly value: Json;\n};\n\n/**\n * A `ZCAP-LD`-like caveat object. A caveat is associated with a particular\n * permission, and stored in its `caveats` array. Conceptually, a caveat is\n * an arbitrary attenuation of the authority granted by its associated\n * permission. It is the responsibility of the host to interpret and apply\n * the restriction represented by a caveat.\n *\n * @template Type - The type of the caveat.\n * @template Value - The value associated with the caveat.\n */\nexport type Caveat<Type extends string, Value extends Json> = {\n  /**\n   * The type of the caveat. The type is presumed to be meaningful in the\n   * context of the capability it is associated with.\n   *\n   * In MetaMask, every permission can only have one caveat of each type.\n   */\n  readonly type: Type;\n\n  /**\n   * Any additional data necessary to enforce the caveat.\n   */\n  readonly value: Value;\n};\n\n// Next, we define types used for specifying caveats at the consumer layer,\n// and a function for applying caveats to a restricted method request. This is\n// Accomplished by decorating the restricted method implementation with the\n// the corresponding caveat functions.\n\n/**\n * A function for applying caveats to a restricted method request.\n *\n * @template ParentCaveat - The caveat type associated with this decorator.\n * @param decorated - The restricted method implementation to be decorated.\n * The method may have already been decorated with other caveats.\n * @param caveat - The caveat object.\n * @returns The decorated restricted method implementation.\n */\nexport type CaveatDecorator<ParentCaveat extends CaveatConstraint> = (\n  decorated: AsyncRestrictedMethod<RestrictedMethodParameters, Json>,\n  caveat: ParentCaveat,\n) => AsyncRestrictedMethod<RestrictedMethodParameters, Json>;\n\n/**\n * Extracts a caveat value type from a caveat decorator.\n *\n * @template Decorator - The {@link CaveatDecorator} to extract a caveat value\n * type from.\n */\ntype ExtractCaveatValueFromDecorator<\n  Decorator extends CaveatDecorator<CaveatConstraint>,\n> = Decorator extends (\n  decorated: AsyncRestrictedMethod<RestrictedMethodParameters, Json>,\n  caveat: infer ParentCaveat,\n) => AsyncRestrictedMethod<RestrictedMethodParameters, Json>\n  ? ParentCaveat extends CaveatConstraint\n    ? ParentCaveat['value']\n    : never\n  : never;\n\n/**\n * A function for validating caveats of a particular type.\n *\n * @see `validator` in {@link CaveatSpecificationBase} for more details.\n * @template ParentCaveat - The caveat type associated with this validator.\n * @param caveat - The caveat object to validate.\n * @param origin - The origin associated with the parent permission.\n * @param target - The target of the parent permission.\n */\nexport type CaveatValidator<ParentCaveat extends CaveatConstraint> = (\n  caveat: { type: ParentCaveat['type']; value: unknown },\n  origin?: string,\n  target?: string,\n) => void;\n\n/**\n * A map of caveat type strings to {@link CaveatDiff} values.\n */\nexport type CaveatDiffMap<ParentCaveat extends CaveatConstraint> = {\n  [CaveatType in ParentCaveat['type']]: ParentCaveat['value'];\n};\n\n/**\n * A function that merges two caveat values of the same type. The values must be\n * merged in the fashion of a right-biased union.\n *\n * @see `ARCHITECTURE.md` for more details.\n * @template Value - The type of the values to merge.\n * @param leftValue - The left-hand value.\n * @param rightValue - The right-hand value.\n * @returns `[newValue, diff]`, i.e. the merged value and the diff between the left value\n * and the new value. The diff must be expressed in the same type as the value itself.\n */\nexport type CaveatValueMerger<Value extends Json> = (\n  leftValue: Value,\n  rightValue: Value,\n) => [Value, Value] | [];\n\nexport type CaveatSpecificationBase = {\n  /**\n   * The string type of the caveat.\n   */\n  type: string;\n\n  /**\n   * The validator function used to validate caveats of the associated type\n   * whenever they are instantiated. Caveat are instantiated whenever they are\n   * created or mutated.\n   *\n   * The validator should throw an appropriate JSON-RPC error if validation fails.\n   *\n   * If no validator is specified, no validation of caveat values will be\n   * performed. Although caveats can also be validated by permission validators,\n   * validating caveat values separately is strongly recommended.\n   */\n  // TODO: Replace `any` with type\n  // eslint-disable-next-line @typescript-eslint/no-explicit-any\n  validator?: CaveatValidator<any>;\n\n  /**\n   * The merger function used to merge a pair of values of the associated caveat type\n   * during incremental permission requests. The values must be merged in the fashion\n   * of a right-biased union.\n   *\n   * @see `ARCHITECTURE.md` for more details.\n   */\n  // TODO: Replace `any` with type\n  // eslint-disable-next-line @typescript-eslint/no-explicit-any\n  merger?: CaveatValueMerger<any>;\n};\n\nexport type RestrictedMethodCaveatSpecificationConstraint =\n  CaveatSpecificationBase & {\n    /**\n     * The decorator function used to apply the caveat to restricted method\n     * requests.\n     */\n    decorator: CaveatDecorator<CaveatConstraint>;\n  };\n\nexport type EndowmentCaveatSpecificationConstraint = CaveatSpecificationBase;\n\n/**\n * The constraint for caveat specification objects. Every {@link Caveat}\n * supported by a {@link PermissionController} must have an associated\n * specification, which is the source of truth for all caveat-related types.\n * In addition, a caveat specification may include a decorator function used\n * to apply the caveat's attenuation to a restricted method. It may also include\n * a validator function specified by the consumer.\n *\n * See the README for more details.\n */\nexport type CaveatSpecificationConstraint =\n  | RestrictedMethodCaveatSpecificationConstraint\n  | EndowmentCaveatSpecificationConstraint;\n\n/**\n * Options for {@link CaveatSpecificationBuilder} functions.\n */\ntype CaveatSpecificationBuilderOptions<\n  DecoratorHooks extends Record<string, unknown>,\n  ValidatorHooks extends Record<string, unknown>,\n> = {\n  type?: string;\n  decoratorHooks?: DecoratorHooks;\n  validatorHooks?: ValidatorHooks;\n};\n\n/**\n * A function that builds caveat specifications. Modules that specify caveats\n * for external consumption should make this their primary / default export so\n * that host applications can use them to generate concrete specifications\n * tailored to their requirements.\n */\nexport type CaveatSpecificationBuilder<\n  Options extends CaveatSpecificationBuilderOptions<\n    Record<string, unknown>,\n    Record<string, unknown>\n  >,\n  Specification extends CaveatSpecificationConstraint,\n> = (options: Options) => Specification;\n\n/**\n * A caveat specification export object, containing the\n * {@link CaveatSpecificationBuilder} function and \"hook name\" objects.\n */\nexport type CaveatSpecificationBuilderExportConstraint = {\n  specificationBuilder: CaveatSpecificationBuilder<\n    CaveatSpecificationBuilderOptions<\n      Record<string, unknown>,\n      Record<string, unknown>\n    >,\n    CaveatSpecificationConstraint\n  >;\n  decoratorHookNames?: Record<string, true>;\n  validatorHookNames?: Record<string, true>;\n};\n\n/**\n * The specifications for all caveats supported by a particular\n * {@link PermissionController}.\n *\n * @template Specifications - The union of all {@link CaveatSpecificationConstraint} types.\n */\nexport type CaveatSpecificationMap<\n  CaveatSpecification extends CaveatSpecificationConstraint,\n> = Record<CaveatSpecification['type'], CaveatSpecification>;\n\n/**\n * Extracts the union of all caveat types specified by the given\n * {@link CaveatSpecificationConstraint} type.\n *\n * @template CaveatSpecification - The {@link CaveatSpecificationConstraint} to extract a\n * caveat type union from.\n */\nexport type ExtractCaveats<\n  CaveatSpecification extends CaveatSpecificationConstraint,\n> = CaveatSpecification extends RestrictedMethodCaveatSpecificationConstraint\n  ? Caveat<\n      CaveatSpecification['type'],\n      ExtractCaveatValueFromDecorator<\n        RestrictedMethodCaveatSpecificationConstraint['decorator']\n      >\n    >\n  : Caveat<CaveatSpecification['type'], Json>;\n\n/**\n * Extracts the type of a specific {@link Caveat} from a union of caveat\n * specifications.\n *\n * @template CaveatSpecifications - The union of all caveat specifications.\n * @template CaveatType - The type of the caveat to extract.\n */\nexport type ExtractCaveat<\n  CaveatSpecifications extends CaveatSpecificationConstraint,\n  CaveatType extends string,\n> = Extract<ExtractCaveats<CaveatSpecifications>, { type: CaveatType }>;\n\n/**\n * Extracts the value type of a specific {@link Caveat} from a union of caveat\n * specifications.\n *\n * @template CaveatSpecifications - The union of all caveat specifications.\n * @template CaveatType - The type of the caveat whose value to extract.\n */\nexport type ExtractCaveatValue<\n  CaveatSpecifications extends CaveatSpecificationConstraint,\n  CaveatType extends string,\n> = ExtractCaveat<CaveatSpecifications, CaveatType>['value'];\n\n/**\n * Determines whether a caveat specification is a restricted method caveat specification.\n *\n * @param specification - The caveat specification.\n * @returns True if the caveat specification is a restricted method caveat specification, otherwise false.\n */\nexport function isRestrictedMethodCaveatSpecification(\n  specification: CaveatSpecificationConstraint,\n): specification is RestrictedMethodCaveatSpecificationConstraint {\n  return hasProperty(specification, 'decorator');\n}\n\n/**\n * Decorate a restricted method implementation with its caveats.\n *\n * Note that all caveat functions (i.e. the argument and return value of the\n * decorator) must be awaited.\n *\n * @param methodImplementation - The restricted method implementation\n * @param permission - The origin's potential permission\n * @param caveatSpecifications - All caveat implementations\n * @returns The decorated method implementation\n */\nexport function decorateWithCaveats<\n  CaveatSpecifications extends CaveatSpecificationConstraint,\n>(\n  methodImplementation: RestrictedMethod<RestrictedMethodParameters, Json>,\n  permission: Readonly<PermissionConstraint>, // bound to the requesting origin\n  caveatSpecifications: CaveatSpecificationMap<CaveatSpecifications>, // all caveat implementations\n): RestrictedMethod<RestrictedMethodParameters, Json> {\n  const { caveats } = permission;\n  if (!caveats) {\n    return methodImplementation;\n  }\n\n  let decorated = async (\n    args: Parameters<RestrictedMethod<RestrictedMethodParameters, Json>>[0],\n  ) => methodImplementation(args);\n\n  for (const caveat of caveats) {\n    const specification =\n      caveatSpecifications[caveat.type as CaveatSpecifications['type']];\n    if (!specification) {\n      throw new UnrecognizedCaveatTypeError(caveat.type);\n    }\n\n    if (!isRestrictedMethodCaveatSpecification(specification)) {\n      throw new CaveatSpecificationMismatchError(\n        specification,\n        PermissionType.RestrictedMethod,\n      );\n    }\n    decorated = specification.decorator(decorated, caveat);\n  }\n\n  return decorated;\n}\n"],"mappings":";;;;;;AACA,SAAS,mBAAmB;AAgSrB,SAAS,sCACd,eACgE;AAChE,SAAO,YAAY,eAAe,WAAW;AAC/C;AAaO,SAAS,oBAGd,sBACA,YACA,sBACoD;AACpD,QAAM,EAAE,QAAQ,IAAI;AACpB,MAAI,CAAC,SAAS;AACZ,WAAO;AAAA,EACT;AAEA,MAAI,YAAY,OACd,SACG,qBAAqB,IAAI;AAE9B,aAAW,UAAU,SAAS;AAC5B,UAAM,gBACJ,qBAAqB,OAAO,IAAoC;AAClE,QAAI,CAAC,eAAe;AAClB,YAAM,IAAI,4BAA4B,OAAO,IAAI;AAAA,IACnD;AAEA,QAAI,CAAC,sCAAsC,aAAa,GAAG;AACzD,YAAM,IAAI;AAAA,QACR;AAAA;AAAA,MAEF;AAAA,IACF;AACA,gBAAY,cAAc,UAAU,WAAW,MAAM;AAAA,EACvD;AAEA,SAAO;AACT;","names":[]}

package/dist/chunk-3YOPLPVY.js

@@ -1,37 +0,0 @@
-"use strict";Object.defineProperty(exports, "__esModule", {value: true});
-
-
-var _chunkFYADAA2Gjs = require('./chunk-FYADAA2G.js');
-
-// src/Caveat.ts
-var _utils = require('@metamask/utils');
-function isRestrictedMethodCaveatSpecification(specification) {
-  return _utils.hasProperty.call(void 0, specification, "decorator");
-}
-function decorateWithCaveats(methodImplementation, permission, caveatSpecifications) {
-  const { caveats } = permission;
-  if (!caveats) {
-    return methodImplementation;
-  }
-  let decorated = async (args) => methodImplementation(args);
-  for (const caveat of caveats) {
-    const specification = caveatSpecifications[caveat.type];
-    if (!specification) {
-      throw new (0, _chunkFYADAA2Gjs.UnrecognizedCaveatTypeError)(caveat.type);
-    }
-    if (!isRestrictedMethodCaveatSpecification(specification)) {
-      throw new (0, _chunkFYADAA2Gjs.CaveatSpecificationMismatchError)(
-        specification,
-        "RestrictedMethod" /* RestrictedMethod */
-      );
-    }
-    decorated = specification.decorator(decorated, caveat);
-  }
-  return decorated;
-}
-
-
-
-
-exports.isRestrictedMethodCaveatSpecification = isRestrictedMethodCaveatSpecification; exports.decorateWithCaveats = decorateWithCaveats;
-//# sourceMappingURL=chunk-3YOPLPVY.js.map

package/dist/chunk-3YOPLPVY.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/Caveat.ts"],"names":[],"mappings":";;;;;;AACA,SAAS,mBAAmB;AAgSrB,SAAS,sCACd,eACgE;AAChE,SAAO,YAAY,eAAe,WAAW;AAC/C;AAaO,SAAS,oBAGd,sBACA,YACA,sBACoD;AACpD,QAAM,EAAE,QAAQ,IAAI;AACpB,MAAI,CAAC,SAAS;AACZ,WAAO;AAAA,EACT;AAEA,MAAI,YAAY,OACd,SACG,qBAAqB,IAAI;AAE9B,aAAW,UAAU,SAAS;AAC5B,UAAM,gBACJ,qBAAqB,OAAO,IAAoC;AAClE,QAAI,CAAC,eAAe;AAClB,YAAM,IAAI,4BAA4B,OAAO,IAAI;AAAA,IACnD;AAEA,QAAI,CAAC,sCAAsC,aAAa,GAAG;AACzD,YAAM,IAAI;AAAA,QACR;AAAA;AAAA,MAEF;AAAA,IACF;AACA,gBAAY,cAAc,UAAU,WAAW,MAAM;AAAA,EACvD;AAEA,SAAO;AACT","sourcesContent":["import type { Json } from '@metamask/utils';\nimport { hasProperty } from '@metamask/utils';\n\nimport {\n  CaveatSpecificationMismatchError,\n  UnrecognizedCaveatTypeError,\n} from './errors';\nimport type {\n  AsyncRestrictedMethod,\n  RestrictedMethod,\n  PermissionConstraint,\n  RestrictedMethodParameters,\n} from './Permission';\nimport { PermissionType } from './Permission';\n// eslint-disable-next-line @typescript-eslint/no-unused-vars\nimport type { PermissionController } from './PermissionController';\n\nexport type CaveatConstraint = {\n  /**\n   * The type of the caveat. The type is presumed to be meaningful in the\n   * context of the capability it is associated with.\n   *\n   * In MetaMask, every permission can only have one caveat of each type.\n   */\n  readonly type: string;\n\n  /**\n   * Any additional data necessary to enforce the caveat.\n   */\n  readonly value: Json;\n};\n\n/**\n * A `ZCAP-LD`-like caveat object. A caveat is associated with a particular\n * permission, and stored in its `caveats` array. Conceptually, a caveat is\n * an arbitrary attenuation of the authority granted by its associated\n * permission. It is the responsibility of the host to interpret and apply\n * the restriction represented by a caveat.\n *\n * @template Type - The type of the caveat.\n * @template Value - The value associated with the caveat.\n */\nexport type Caveat<Type extends string, Value extends Json> = {\n  /**\n   * The type of the caveat. The type is presumed to be meaningful in the\n   * context of the capability it is associated with.\n   *\n   * In MetaMask, every permission can only have one caveat of each type.\n   */\n  readonly type: Type;\n\n  /**\n   * Any additional data necessary to enforce the caveat.\n   */\n  readonly value: Value;\n};\n\n// Next, we define types used for specifying caveats at the consumer layer,\n// and a function for applying caveats to a restricted method request. This is\n// Accomplished by decorating the restricted method implementation with the\n// the corresponding caveat functions.\n\n/**\n * A function for applying caveats to a restricted method request.\n *\n * @template ParentCaveat - The caveat type associated with this decorator.\n * @param decorated - The restricted method implementation to be decorated.\n * The method may have already been decorated with other caveats.\n * @param caveat - The caveat object.\n * @returns The decorated restricted method implementation.\n */\nexport type CaveatDecorator<ParentCaveat extends CaveatConstraint> = (\n  decorated: AsyncRestrictedMethod<RestrictedMethodParameters, Json>,\n  caveat: ParentCaveat,\n) => AsyncRestrictedMethod<RestrictedMethodParameters, Json>;\n\n/**\n * Extracts a caveat value type from a caveat decorator.\n *\n * @template Decorator - The {@link CaveatDecorator} to extract a caveat value\n * type from.\n */\ntype ExtractCaveatValueFromDecorator<\n  Decorator extends CaveatDecorator<CaveatConstraint>,\n> = Decorator extends (\n  decorated: AsyncRestrictedMethod<RestrictedMethodParameters, Json>,\n  caveat: infer ParentCaveat,\n) => AsyncRestrictedMethod<RestrictedMethodParameters, Json>\n  ? ParentCaveat extends CaveatConstraint\n    ? ParentCaveat['value']\n    : never\n  : never;\n\n/**\n * A function for validating caveats of a particular type.\n *\n * @see `validator` in {@link CaveatSpecificationBase} for more details.\n * @template ParentCaveat - The caveat type associated with this validator.\n * @param caveat - The caveat object to validate.\n * @param origin - The origin associated with the parent permission.\n * @param target - The target of the parent permission.\n */\nexport type CaveatValidator<ParentCaveat extends CaveatConstraint> = (\n  caveat: { type: ParentCaveat['type']; value: unknown },\n  origin?: string,\n  target?: string,\n) => void;\n\n/**\n * A map of caveat type strings to {@link CaveatDiff} values.\n */\nexport type CaveatDiffMap<ParentCaveat extends CaveatConstraint> = {\n  [CaveatType in ParentCaveat['type']]: ParentCaveat['value'];\n};\n\n/**\n * A function that merges two caveat values of the same type. The values must be\n * merged in the fashion of a right-biased union.\n *\n * @see `ARCHITECTURE.md` for more details.\n * @template Value - The type of the values to merge.\n * @param leftValue - The left-hand value.\n * @param rightValue - The right-hand value.\n * @returns `[newValue, diff]`, i.e. the merged value and the diff between the left value\n * and the new value. The diff must be expressed in the same type as the value itself.\n */\nexport type CaveatValueMerger<Value extends Json> = (\n  leftValue: Value,\n  rightValue: Value,\n) => [Value, Value] | [];\n\nexport type CaveatSpecificationBase = {\n  /**\n   * The string type of the caveat.\n   */\n  type: string;\n\n  /**\n   * The validator function used to validate caveats of the associated type\n   * whenever they are instantiated. Caveat are instantiated whenever they are\n   * created or mutated.\n   *\n   * The validator should throw an appropriate JSON-RPC error if validation fails.\n   *\n   * If no validator is specified, no validation of caveat values will be\n   * performed. Although caveats can also be validated by permission validators,\n   * validating caveat values separately is strongly recommended.\n   */\n  // TODO: Replace `any` with type\n  // eslint-disable-next-line @typescript-eslint/no-explicit-any\n  validator?: CaveatValidator<any>;\n\n  /**\n   * The merger function used to merge a pair of values of the associated caveat type\n   * during incremental permission requests. The values must be merged in the fashion\n   * of a right-biased union.\n   *\n   * @see `ARCHITECTURE.md` for more details.\n   */\n  // TODO: Replace `any` with type\n  // eslint-disable-next-line @typescript-eslint/no-explicit-any\n  merger?: CaveatValueMerger<any>;\n};\n\nexport type RestrictedMethodCaveatSpecificationConstraint =\n  CaveatSpecificationBase & {\n    /**\n     * The decorator function used to apply the caveat to restricted method\n     * requests.\n     */\n    decorator: CaveatDecorator<CaveatConstraint>;\n  };\n\nexport type EndowmentCaveatSpecificationConstraint = CaveatSpecificationBase;\n\n/**\n * The constraint for caveat specification objects. Every {@link Caveat}\n * supported by a {@link PermissionController} must have an associated\n * specification, which is the source of truth for all caveat-related types.\n * In addition, a caveat specification may include a decorator function used\n * to apply the caveat's attenuation to a restricted method. It may also include\n * a validator function specified by the consumer.\n *\n * See the README for more details.\n */\nexport type CaveatSpecificationConstraint =\n  | RestrictedMethodCaveatSpecificationConstraint\n  | EndowmentCaveatSpecificationConstraint;\n\n/**\n * Options for {@link CaveatSpecificationBuilder} functions.\n */\ntype CaveatSpecificationBuilderOptions<\n  DecoratorHooks extends Record<string, unknown>,\n  ValidatorHooks extends Record<string, unknown>,\n> = {\n  type?: string;\n  decoratorHooks?: DecoratorHooks;\n  validatorHooks?: ValidatorHooks;\n};\n\n/**\n * A function that builds caveat specifications. Modules that specify caveats\n * for external consumption should make this their primary / default export so\n * that host applications can use them to generate concrete specifications\n * tailored to their requirements.\n */\nexport type CaveatSpecificationBuilder<\n  Options extends CaveatSpecificationBuilderOptions<\n    Record<string, unknown>,\n    Record<string, unknown>\n  >,\n  Specification extends CaveatSpecificationConstraint,\n> = (options: Options) => Specification;\n\n/**\n * A caveat specification export object, containing the\n * {@link CaveatSpecificationBuilder} function and \"hook name\" objects.\n */\nexport type CaveatSpecificationBuilderExportConstraint = {\n  specificationBuilder: CaveatSpecificationBuilder<\n    CaveatSpecificationBuilderOptions<\n      Record<string, unknown>,\n      Record<string, unknown>\n    >,\n    CaveatSpecificationConstraint\n  >;\n  decoratorHookNames?: Record<string, true>;\n  validatorHookNames?: Record<string, true>;\n};\n\n/**\n * The specifications for all caveats supported by a particular\n * {@link PermissionController}.\n *\n * @template Specifications - The union of all {@link CaveatSpecificationConstraint} types.\n */\nexport type CaveatSpecificationMap<\n  CaveatSpecification extends CaveatSpecificationConstraint,\n> = Record<CaveatSpecification['type'], CaveatSpecification>;\n\n/**\n * Extracts the union of all caveat types specified by the given\n * {@link CaveatSpecificationConstraint} type.\n *\n * @template CaveatSpecification - The {@link CaveatSpecificationConstraint} to extract a\n * caveat type union from.\n */\nexport type ExtractCaveats<\n  CaveatSpecification extends CaveatSpecificationConstraint,\n> = CaveatSpecification extends RestrictedMethodCaveatSpecificationConstraint\n  ? Caveat<\n      CaveatSpecification['type'],\n      ExtractCaveatValueFromDecorator<\n        RestrictedMethodCaveatSpecificationConstraint['decorator']\n      >\n    >\n  : Caveat<CaveatSpecification['type'], Json>;\n\n/**\n * Extracts the type of a specific {@link Caveat} from a union of caveat\n * specifications.\n *\n * @template CaveatSpecifications - The union of all caveat specifications.\n * @template CaveatType - The type of the caveat to extract.\n */\nexport type ExtractCaveat<\n  CaveatSpecifications extends CaveatSpecificationConstraint,\n  CaveatType extends string,\n> = Extract<ExtractCaveats<CaveatSpecifications>, { type: CaveatType }>;\n\n/**\n * Extracts the value type of a specific {@link Caveat} from a union of caveat\n * specifications.\n *\n * @template CaveatSpecifications - The union of all caveat specifications.\n * @template CaveatType - The type of the caveat whose value to extract.\n */\nexport type ExtractCaveatValue<\n  CaveatSpecifications extends CaveatSpecificationConstraint,\n  CaveatType extends string,\n> = ExtractCaveat<CaveatSpecifications, CaveatType>['value'];\n\n/**\n * Determines whether a caveat specification is a restricted method caveat specification.\n *\n * @param specification - The caveat specification.\n * @returns True if the caveat specification is a restricted method caveat specification, otherwise false.\n */\nexport function isRestrictedMethodCaveatSpecification(\n  specification: CaveatSpecificationConstraint,\n): specification is RestrictedMethodCaveatSpecificationConstraint {\n  return hasProperty(specification, 'decorator');\n}\n\n/**\n * Decorate a restricted method implementation with its caveats.\n *\n * Note that all caveat functions (i.e. the argument and return value of the\n * decorator) must be awaited.\n *\n * @param methodImplementation - The restricted method implementation\n * @param permission - The origin's potential permission\n * @param caveatSpecifications - All caveat implementations\n * @returns The decorated method implementation\n */\nexport function decorateWithCaveats<\n  CaveatSpecifications extends CaveatSpecificationConstraint,\n>(\n  methodImplementation: RestrictedMethod<RestrictedMethodParameters, Json>,\n  permission: Readonly<PermissionConstraint>, // bound to the requesting origin\n  caveatSpecifications: CaveatSpecificationMap<CaveatSpecifications>, // all caveat implementations\n): RestrictedMethod<RestrictedMethodParameters, Json> {\n  const { caveats } = permission;\n  if (!caveats) {\n    return methodImplementation;\n  }\n\n  let decorated = async (\n    args: Parameters<RestrictedMethod<RestrictedMethodParameters, Json>>[0],\n  ) => methodImplementation(args);\n\n  for (const caveat of caveats) {\n    const specification =\n      caveatSpecifications[caveat.type as CaveatSpecifications['type']];\n    if (!specification) {\n      throw new UnrecognizedCaveatTypeError(caveat.type);\n    }\n\n    if (!isRestrictedMethodCaveatSpecification(specification)) {\n      throw new CaveatSpecificationMismatchError(\n        specification,\n        PermissionType.RestrictedMethod,\n      );\n    }\n    decorated = specification.decorator(decorated, caveat);\n  }\n\n  return decorated;\n}\n"]}

package/dist/chunk-42QSJHWO.mjs

@@ -1,155 +0,0 @@
-// src/SubjectMetadataController.ts
-import { BaseController } from "@metamask/base-controller";
-var controllerName = "SubjectMetadataController";
-var SubjectType = /* @__PURE__ */ ((SubjectType2) => {
-  SubjectType2["Extension"] = "extension";
-  SubjectType2["Internal"] = "internal";
-  SubjectType2["Unknown"] = "unknown";
-  SubjectType2["Website"] = "website";
-  SubjectType2["Snap"] = "snap";
-  return SubjectType2;
-})(SubjectType || {});
-var stateMetadata = {
-  subjectMetadata: { persist: true, anonymous: false }
-};
-var defaultState = {
-  subjectMetadata: {}
-};
-var SubjectMetadataController = class _SubjectMetadataController extends BaseController {
-  constructor({
-    messenger,
-    subjectCacheLimit,
-    state = {}
-  }) {
-    if (!Number.isInteger(subjectCacheLimit) || subjectCacheLimit < 1) {
-      throw new Error(
-        `subjectCacheLimit must be a positive integer. Received: "${subjectCacheLimit}"`
-      );
-    }
-    const hasPermissions = (origin) => {
-      return messenger.call("PermissionController:hasPermissions", origin);
-    };
-    super({
-      name: controllerName,
-      metadata: stateMetadata,
-      messenger,
-      state: {
-        ..._SubjectMetadataController.getTrimmedState(state, hasPermissions)
-      }
-    });
-    this.subjectHasPermissions = hasPermissions;
-    this.subjectCacheLimit = subjectCacheLimit;
-    this.subjectsWithoutPermissionsEncounteredSinceStartup = /* @__PURE__ */ new Set();
-    this.messagingSystem.registerActionHandler(
-      // ESLint is confused by the string literal type.
-      // eslint-disable-next-line @typescript-eslint/restrict-template-expressions
-      `${this.name}:getSubjectMetadata`,
-      this.getSubjectMetadata.bind(this)
-    );
-    this.messagingSystem.registerActionHandler(
-      // ESLint is confused by the string literal type.
-      // eslint-disable-next-line @typescript-eslint/restrict-template-expressions
-      `${this.name}:addSubjectMetadata`,
-      this.addSubjectMetadata.bind(this)
-    );
-  }
-  /**
-   * Clears the state of this controller. Also resets the cache of subjects
-   * encountered since startup, so as to not prematurely reach the cache limit.
-   */
-  clearState() {
-    this.subjectsWithoutPermissionsEncounteredSinceStartup.clear();
-    this.update((_draftState) => {
-      return { ...defaultState };
-    });
-  }
-  /**
-   * Stores domain metadata for the given origin (subject). Deletes metadata for
-   * subjects without permissions in a FIFO manner once more than
-   * {@link SubjectMetadataController.subjectCacheLimit} distinct origins have
-   * been added since boot.
-   *
-   * In order to prevent a degraded user experience,
-   * metadata is never deleted for subjects with permissions, since metadata
-   * cannot yet be requested on demand.
-   *
-   * @param metadata - The subject metadata to store.
-   */
-  addSubjectMetadata(metadata) {
-    const { origin } = metadata;
-    const newMetadata = {
-      ...metadata,
-      extensionId: metadata.extensionId || null,
-      iconUrl: metadata.iconUrl || null,
-      name: metadata.name || null,
-      subjectType: metadata.subjectType || null
-    };
-    let originToForget = null;
-    if (this.subjectsWithoutPermissionsEncounteredSinceStartup.size >= this.subjectCacheLimit) {
-      const cachedOrigin = this.subjectsWithoutPermissionsEncounteredSinceStartup.values().next().value;
-      this.subjectsWithoutPermissionsEncounteredSinceStartup.delete(
-        cachedOrigin
-      );
-      if (!this.subjectHasPermissions(cachedOrigin)) {
-        originToForget = cachedOrigin;
-      }
-    }
-    this.subjectsWithoutPermissionsEncounteredSinceStartup.add(origin);
-    this.update((draftState) => {
-      draftState.subjectMetadata[origin] = newMetadata;
-      if (typeof originToForget === "string") {
-        delete draftState.subjectMetadata[originToForget];
-      }
-    });
-  }
-  /**
-   * Gets the subject metadata for the given origin, if any.
-   *
-   * @param origin - The origin for which to get the subject metadata.
-   * @returns The subject metadata, if any, or `undefined` otherwise.
-   */
-  getSubjectMetadata(origin) {
-    return this.state.subjectMetadata[origin];
-  }
-  /**
-   * Deletes all subjects without permissions from the controller's state.
-   */
-  trimMetadataState() {
-    this.update((draftState) => {
-      return _SubjectMetadataController.getTrimmedState(
-        draftState,
-        this.subjectHasPermissions
-      );
-    });
-  }
-  /**
-   * Returns a new state object that only includes subjects with permissions.
-   * This method is static because we want to call it in the constructor, before
-   * the controller's state is initialized.
-   *
-   * @param state - The state object to trim.
-   * @param hasPermissions - A function that returns a boolean indicating
-   * whether a particular subject (identified by its origin) has any
-   * permissions.
-   * @returns The new state object. If the specified `state` object has no
-   * subject metadata, the returned object will be equivalent to the default
-   * state of this controller.
-   */
-  static getTrimmedState(state, hasPermissions) {
-    const { subjectMetadata = {} } = state;
-    return {
-      subjectMetadata: Object.keys(subjectMetadata).reduce((newSubjectMetadata, origin) => {
-        if (hasPermissions(origin)) {
-          newSubjectMetadata[origin] = subjectMetadata[origin];
-        }
-        return newSubjectMetadata;
-      }, {})
-    };
-  }
-};
-
-export {
-  SubjectType,
-  SubjectMetadataController
-};
-//# sourceMappingURL=chunk-42QSJHWO.mjs.map