npm - @mikkelscheike/email-provider-links - Versions diffs - 3.0.2 → 4.0.0 - Mend

@mikkelscheike/email-provider-links 3.0.2 → 4.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md +10 -7
package/dist/api.js +87 -9
package/dist/hash-verifier.js +1 -1
package/dist/loader.js +0 -4
package/dist/{secure-loader.d.ts → provider-loader.d.ts} +17 -12
package/dist/{secure-loader.js → provider-loader.js} +65 -13
package/package.json +1 -4

package/README.md CHANGED Viewed

@@ -1,6 +1,8 @@
 # Email Provider Links
-🔒 **Modern email provider detection library with enhanced TypeScript support and enterprise security**
+[![npm version](https://badge.fury.io/js/@mikkelscheike%2Femail-provider-links.svg)](https://www.npmjs.com/package/@mikkelscheike/email-provider-links)
+> **Generate direct login links for any email address across 93+ providers (Gmail, Outlook, Yahoo, etc.) to streamline user authentication flows.**
 A robust TypeScript library providing direct links to **93 email providers** (180 domains) with **concurrent DNS resolution**, **optimized performance**, **comprehensive email validation**, and advanced security features for login and password reset flows.
@@ -28,9 +30,9 @@ A robust TypeScript library providing direct links to **93 email providers** (18
 - 🌍 **Full IDN Support**: International domain names with RFC compliance and Punycode
 - ✅ **Advanced Email Validation**: International email validation with detailed error reporting
 - 🏢 **Business Domain Detection**: DNS-based detection for custom domains (Google Workspace, Microsoft 365, etc.)
-- 🔒 **Enterprise Security**: Multi-layer protection against malicious URLs and supply chain attacks
-- 🛡️ **URL Validation**: HTTPS-only enforcement with domain allowlisting
-- 🔐 **Integrity Verification**: Cryptographic hash verification for data integrity
+- 🔒 **Built-in Security**: Multi-layer protection with cryptographic hash verification, URL validation, and supply chain attack prevention
+- 🛡️ **Zero-Trust Architecture**: All provider data undergoes integrity verification - no insecure fallbacks
+- 🔐 **HTTPS-Only**: Strict HTTPS enforcement with domain allowlisting and malicious pattern detection
 - 📝 **Type Safe**: Full TypeScript support with comprehensive interfaces
 - ⚡ **Performance Optimized**: Smart DNS fallback with configurable timeouts
 - 🚦 **Rate Limiting**: Built-in DNS query rate limiting to prevent abuse
@@ -253,7 +255,7 @@ Extensively optimized for both speed and memory efficiency:
 **Speed Metrics**:
 - Initial provider load: ~0.5ms
 - Known provider lookup: <1ms
-- DNS-based detection: ~27ms average
+- DNS-based detection: ~10ms average
 - Batch processing: 1000 operations in ~1.1ms
 - Email validation: <1ms for complex IDN domains
@@ -268,7 +270,7 @@ Extensively optimized for both speed and memory efficiency:
 - 50,000+ operations/second for known providers
 - 100 concurrent DNS lookups in <1 second
 - Average latency: <1ms for cached lookups
-- Maximum latency: <5ms per lookup
+- Maximum latency: <25ms per lookup
 To run benchmarks:
 ```bash
@@ -287,7 +289,8 @@ npm run benchmark:dns
 We welcome contributions! See [CONTRIBUTING.md](docs/CONTRIBUTING.md) for guidelines on adding new email providers.
 **Quality Assurance**: This project maintains high standards with 445 comprehensive tests achieving 94.65% code coverage (95.95% function coverage).
-**Security Note**: All new providers undergo security validation and must pass our allowlist verification.
+**Security**: All provider data is protected by cryptographic hash verification, URL validation, and strict security controls. The library uses a zero-trust architecture with no insecure fallbacks - ensuring all data is verified before use.
 ## Security

package/dist/api.js CHANGED Viewed

@@ -13,7 +13,7 @@ exports.normalizeEmail = normalizeEmail;
 exports.emailsMatch = emailsMatch;
 exports.getEmailProviderFast = getEmailProviderFast;
 const concurrent_dns_1 = require("./concurrent-dns");
-const loader_1 = require("./loader");
+const provider_loader_1 = require("./provider-loader");
 /**
  * Get email provider information for any email address.
  *
@@ -92,7 +92,19 @@ async function getEmailProvider(email, timeout) {
             };
         }
         // Fall back to DNS detection for business domains
-        const { providers } = (0, loader_1.loadProviders)();
+        const loadResult = (0, provider_loader_1.loadProviders)();
+        if (!loadResult.success) {
+            return {
+                provider: null,
+                email,
+                loginUrl: null,
+                error: {
+                    type: 'NETWORK_ERROR',
+                    message: 'Service temporarily unavailable'
+                }
+            };
+        }
+        const providers = loadResult.providers;
         const concurrentResult = await (0, concurrent_dns_1.detectProviderConcurrent)(domain, providers, {
             timeout: timeout || 5000,
             enableParallel: true,
@@ -215,9 +227,48 @@ function getEmailProviderSync(email) {
                 }
             };
         }
-        // Use cached providers and domain map for efficient lookup
-        const { domainMap } = (0, loader_1.loadProviders)();
-        const provider = domainMap.get(domain);
+        // Load providers with verification
+        let provider = null;
+        try {
+            const result = (0, provider_loader_1.loadProviders)();
+            // Ensure providers loaded successfully
+            if (!result.success) {
+                if (process.env.NODE_ENV !== 'test' && !process.env.JEST_WORKER_ID) {
+                    console.error('🚨 Provider lookup blocked due to validation failure');
+                }
+                return {
+                    provider: null,
+                    email,
+                    loginUrl: null,
+                    error: {
+                        type: 'NETWORK_ERROR',
+                        message: 'Service temporarily unavailable'
+                    }
+                };
+            }
+            const domainMap = new Map();
+            // Build domain map from loaded providers
+            for (const loadedProvider of result.providers) {
+                for (const domain of loadedProvider.domains) {
+                    domainMap.set(domain.toLowerCase(), loadedProvider);
+                }
+            }
+            provider = domainMap.get(domain) || null;
+        }
+        catch (error) {
+            if (process.env.NODE_ENV !== 'test' && !process.env.JEST_WORKER_ID) {
+                console.error('🚨 Provider lookup failed:', error);
+            }
+            return {
+                provider: null,
+                email,
+                loginUrl: null,
+                error: {
+                    type: 'NETWORK_ERROR',
+                    message: 'Service temporarily unavailable'
+                }
+            };
+        }
         const result = {
             provider: provider || null,
             email,
@@ -277,9 +328,24 @@ function normalizeEmail(email) {
     }
     let localPart = lowercaseEmail.slice(0, atIndex);
     const domainPart = lowercaseEmail.slice(atIndex + 1);
-    // Use cached providers for domain lookup
-    const { domainMap } = (0, loader_1.loadProviders)();
-    const provider = domainMap.get(domainPart);
+    // Use providers for domain lookup
+    let provider = null;
+    try {
+        const result = (0, provider_loader_1.loadProviders)();
+        if (!result.success) {
+            return lowercaseEmail; // Return as-is if providers can't be loaded
+        }
+        const domainMap = new Map();
+        for (const loadedProvider of result.providers) {
+            for (const domain of loadedProvider.domains) {
+                domainMap.set(domain.toLowerCase(), loadedProvider);
+            }
+        }
+        provider = domainMap.get(domainPart) || null;
+    }
+    catch (error) {
+        return lowercaseEmail; // Return as-is if error occurs
+    }
     if (provider?.alias) {
         // Provider supports aliasing
         if (provider.alias.dots) {
@@ -396,7 +462,19 @@ async function getEmailProviderFast(email, options = {}) {
             };
         }
         // Fall back to concurrent DNS detection for business domains
-        const { providers } = (0, loader_1.loadProviders)();
+        const result = (0, provider_loader_1.loadProviders)();
+        if (!result.success) {
+            return {
+                provider: null,
+                email,
+                loginUrl: null,
+                error: {
+                    type: 'NETWORK_ERROR',
+                    message: 'Service temporarily unavailable'
+                }
+            };
+        }
+        const providers = result.providers;
         const concurrentResult = await (0, concurrent_dns_1.detectProviderConcurrent)(domain, providers, {
             timeout,
             enableParallel,

package/dist/hash-verifier.js CHANGED Viewed

@@ -29,7 +29,7 @@ const KNOWN_GOOD_HASHES = {
     // SHA-256 hash of the legitimate emailproviders.json
     'emailproviders.json': '65c136a13cbcd31507241b7ddc8850f81b98196d2e57fcd9ce6060825a010cef',
     // You can add hashes for other critical files
-    'package.json': '0da24b9a8625598e89d0b7fced272ff358538ba83875c422314068c55c2e180b',
+    'package.json': 'f25435adf952a4433447a2c4584249514ceec466fd353b5456352d06b65f737d',
 };
 /**
  * Calculates SHA-256 hash of a file or string content

package/dist/loader.js CHANGED Viewed

@@ -120,7 +120,6 @@ function buildDomainMap(providers) {
     if (cachedDomainMap) {
         return cachedDomainMap;
     }
-    const startTime = Date.now();
     const domainMap = new Map();
     for (const provider of providers) {
         for (const domain of provider.domains) {
@@ -128,9 +127,6 @@ function buildDomainMap(providers) {
         }
     }
     cachedDomainMap = domainMap;
-    if (loadingStats) {
-        console.log(`🗺️  Domain map built in ${Date.now() - startTime}ms (${domainMap.size} entries)`);
-    }
     return domainMap;
 }
 /**

package/dist/{secure-loader.d.ts → provider-loader.d.ts} RENAMED Viewed

@@ -1,11 +1,11 @@
 /**
- * Secure Loader for Email Providers
+ * Email Provider Loader
  *
- * Integrates URL validation and hash verification to create a secure
- * loading system for email provider data.
+ * Integrates URL validation and hash verification to load and validate
+ * email provider data with security checks.
  */
 import type { EmailProvider } from './index';
-export interface SecureLoadResult {
+export interface LoadResult {
     success: boolean;
     providers: EmailProvider[];
     securityReport: {
@@ -19,31 +19,36 @@ export interface SecureLoadResult {
     };
 }
 /**
- * Securely loads and validates email provider data
+ * Clear the cache (useful for testing or when providers file changes)
+ */
+export declare function clearCache(): void;
+/**
+ * Loads and validates email provider data with security checks
  *
  * @param providersPath - Path to the providers JSON file
  * @param expectedHash - Optional expected hash for verification
- * @returns Secure load result with validation details
+ * @returns Load result with validation details
  */
-export declare function secureLoadProviders(providersPath?: string, expectedHash?: string): SecureLoadResult;
+export declare function loadProviders(providersPath?: string, expectedHash?: string): LoadResult;
 /**
  * Development utility to generate and display current hashes
  */
 export declare function initializeSecurity(): Record<string, string>;
 /**
- * Express middleware for secure provider loading (if using in web apps)
+ * Express middleware for provider loading with security checks (if using in web apps)
  */
 interface SecurityMiddlewareOptions {
     expectedHash?: string;
     allowInvalidUrls?: boolean;
-    onSecurityIssue?: (report: SecureLoadResult['securityReport']) => void;
-    getProviders?: () => SecureLoadResult;
+    onSecurityIssue?: (report: LoadResult['securityReport']) => void;
+    getProviders?: () => LoadResult;
 }
 export declare function createSecurityMiddleware(options?: SecurityMiddlewareOptions): (req: any, res: any, next: any) => any;
 declare const _default: {
-    secureLoadProviders: typeof secureLoadProviders;
+    loadProviders: typeof loadProviders;
     initializeSecurity: typeof initializeSecurity;
     createSecurityMiddleware: typeof createSecurityMiddleware;
+    clearCache: typeof clearCache;
 };
 export default _default;
-//# sourceMappingURL=secure-loader.d.ts.map
+//# sourceMappingURL=provider-loader.d.ts.map

package/dist/{secure-loader.js → provider-loader.js} RENAMED Viewed

@@ -1,26 +1,69 @@
 "use strict";
 /**
- * Secure Loader for Email Providers
+ * Email Provider Loader
  *
- * Integrates URL validation and hash verification to create a secure
- * loading system for email provider data.
+ * Integrates URL validation and hash verification to load and validate
+ * email provider data with security checks.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.secureLoadProviders = secureLoadProviders;
+exports.clearCache = clearCache;
+exports.loadProviders = loadProviders;
 exports.initializeSecurity = initializeSecurity;
 exports.createSecurityMiddleware = createSecurityMiddleware;
 const fs_1 = require("fs");
 const path_1 = require("path");
 const url_validator_1 = require("./url-validator");
 const hash_verifier_1 = require("./hash-verifier");
+const schema_1 = require("./schema");
+// Cache for load results
+let cachedLoadResult = null;
 /**
- * Securely loads and validates email provider data
+ * Clear the cache (useful for testing or when providers file changes)
+ */
+function clearCache() {
+    cachedLoadResult = null;
+}
+/**
+ * Convert compressed provider to EmailProvider format
+ */
+function convertProviderToEmailProvider(compressedProvider) {
+    if (!compressedProvider.type) {
+        console.warn(`Missing type for provider ${compressedProvider.id}`);
+    }
+    const provider = {
+        companyProvider: compressedProvider.companyProvider,
+        loginUrl: compressedProvider.loginUrl || null,
+        domains: compressedProvider.domains || [],
+        type: compressedProvider.type,
+        alias: compressedProvider.alias
+    };
+    // Include DNS detection patterns for business email services and proxy services
+    const needsCustomDomainDetection = compressedProvider.type === 'custom_provider' ||
+        compressedProvider.type === 'proxy_service';
+    if (needsCustomDomainDetection && (compressedProvider.mx?.length || compressedProvider.txt?.length)) {
+        provider.customDomainDetection = {};
+        if (compressedProvider.mx?.length) {
+            provider.customDomainDetection.mxPatterns = compressedProvider.mx;
+        }
+        if (compressedProvider.txt?.length) {
+            // Decompress TXT patterns
+            provider.customDomainDetection.txtPatterns = compressedProvider.txt.map(schema_1.decompressTxtPattern);
+        }
+    }
+    return provider;
+}
+/**
+ * Loads and validates email provider data with security checks
  *
  * @param providersPath - Path to the providers JSON file
  * @param expectedHash - Optional expected hash for verification
- * @returns Secure load result with validation details
+ * @returns Load result with validation details
  */
-function secureLoadProviders(providersPath, expectedHash) {
+function loadProviders(providersPath, expectedHash) {
+    // Return cached result if available (both success and failure)
+    if (cachedLoadResult) {
+        return cachedLoadResult;
+    }
     const filePath = providersPath || (0, path_1.join)(__dirname, '..', 'providers', 'emailproviders.json');
     const issues = [];
     let providers = [];
@@ -42,7 +85,12 @@ function secureLoadProviders(providersPath, expectedHash) {
     try {
         const fileContent = (0, fs_1.readFileSync)(filePath, 'utf8');
         const data = JSON.parse(fileContent);
-        providers = data.providers || [];
+        // Validate format
+        if (!data.version || !data.providers || !Array.isArray(data.providers)) {
+            throw new Error('Invalid provider data format');
+        }
+        // Convert to EmailProvider format
+        providers = data.providers.map(convertProviderToEmailProvider);
     }
     catch (error) {
         issues.push(`Failed to load providers file: ${error instanceof Error ? error.message : 'Unknown error'}`);
@@ -91,7 +139,7 @@ function secureLoadProviders(providersPath, expectedHash) {
     else if (urlAudit.invalid > 0 || issues.length > 0) {
         securityLevel = 'WARNING';
     }
-    return {
+    const loadResult = {
         success: securityLevel !== 'CRITICAL',
         providers: secureProviders,
         securityReport: {
@@ -104,6 +152,9 @@ function secureLoadProviders(providersPath, expectedHash) {
             issues
         }
     };
+    // Cache the result for future calls
+    cachedLoadResult = loadResult;
+    return loadResult;
 }
 /**
  * Development utility to generate and display current hashes
@@ -121,7 +172,7 @@ function initializeSecurity() {
 function createSecurityMiddleware(options = {}) {
     return (req, res, next) => {
         // If a custom providers getter is provided, use that instead of loading from file
-        const result = options.getProviders ? options.getProviders() : secureLoadProviders(undefined, options.expectedHash);
+        const result = options.getProviders ? options.getProviders() : loadProviders(undefined, options.expectedHash);
         // Handle security level
         if (result.securityReport.securityLevel === 'CRITICAL' && !options.allowInvalidUrls) {
             if (options.onSecurityIssue) {
@@ -139,8 +190,9 @@ function createSecurityMiddleware(options = {}) {
     };
 }
 exports.default = {
-    secureLoadProviders,
+    loadProviders,
     initializeSecurity,
-    createSecurityMiddleware
+    createSecurityMiddleware,
+    clearCache
 };
-//# sourceMappingURL=secure-loader.js.map
+//# sourceMappingURL=provider-loader.js.map

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@mikkelscheike/email-provider-links",
-  "version": "3.0.2",
+  "version": "4.0.0",
   "description": "TypeScript library for email provider detection with 93 providers (207 domains), concurrent DNS resolution, optimized performance, 94.65% test coverage, and enterprise security for login and password reset flows",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -23,9 +23,6 @@
     "pretest": "node scripts/sync-versions.js",
     "prebuild": "node scripts/sync-versions.js",
     "update-hashes": "tsx scripts/update-hashes.ts",
-    "release:major": "tsx scripts/prepare-release.ts",
-    "release:minor": "tsx scripts/prepare-release.ts",
-    "release:patch": "tsx scripts/prepare-release.ts",
     "benchmark:memory": "tsx --expose-gc scripts/benchmark-memory.ts",
     "benchmark:dns": "tsx scripts/benchmark-concurrent-dns.ts"
   },