@mitre/hdf-utilities 3.0.1 → 3.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE.md +55 -0
- package/dist/csv/index.d.ts +27 -29
- package/dist/csv/index.d.ts.map +1 -1
- package/dist/csv/index.js +179 -218
- package/dist/csv/index.js.map +1 -1
- package/dist/hash/index.d.ts +15 -12
- package/dist/hash/index.d.ts.map +1 -1
- package/dist/hash/index.js +90 -98
- package/dist/hash/index.js.map +1 -1
- package/dist/index.d.ts +36 -9
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +55 -17
- package/dist/index.js.map +1 -1
- package/dist/json/index.d.ts +13 -9
- package/dist/json/index.d.ts.map +1 -1
- package/dist/json/index.js +45 -54
- package/dist/json/index.js.map +1 -1
- package/dist/object/index.d.ts +6 -3
- package/dist/object/index.d.ts.map +1 -1
- package/dist/object/index.js +54 -60
- package/dist/object/index.js.map +1 -1
- package/dist/string/index.d.ts +5 -2
- package/dist/string/index.d.ts.map +1 -1
- package/dist/string/index.js +55 -56
- package/dist/string/index.js.map +1 -1
- package/dist/xml/index.d.ts +13 -13
- package/dist/xml/index.d.ts.map +1 -1
- package/dist/xml/index.js +136 -166
- package/dist/xml/index.js.map +1 -1
- package/package.json +30 -30
- package/dist/severity/index.d.ts +0 -29
- package/dist/severity/index.d.ts.map +0 -1
- package/dist/severity/index.js +0 -52
- package/dist/severity/index.js.map +0 -1
package/dist/csv/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/csv/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AAEnC,OAAO,EACL,aAAa,IAAI,gBAAgB,EACjC,QAAQ,IAAI,WAAW,GACxB,MAAM,oBAAoB,CAAC;AAwB5B;;GAEG;AACH,MAAM,qBAAqB,GAAoB;IAC7C,MAAM,EAAE,IAAI;IACZ,cAAc,EAAE,IAAI;IACpB,eAAe,EAAE,SAAS;IAC1B,aAAa,EAAE,KAAK;CACrB,CAAC;AAEF;;GAEG;AACH,MAAM,2BAA2B,GAAoB;IACnD,MAAM,EAAE,KAAK;IACb,cAAc,EAAE,IAAI;IACpB,aAAa,EAAE,KAAK;CACrB,CAAC;AAEF;;GAEG;AACH,MAAM,qBAAqB,GAAoB;IAC7C,MAAM,EAAE,IAAI;IACZ,OAAO,EAAE,IAAI;IACb,cAAc,EAAE,IAAI;CACrB,CAAC;AAEF;;GAEG;AACH,SAAS,eAAe,CAAC,GAAW;IAClC,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YACnB,IAAI,QAAQ,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;gBACzD,CAAC,EAAE,CAAC,CAAC,wBAAwB;YAC/B,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG,CAAC,QAAQ,CAAC;YACvB,CAAC;QACH,CAAC;aAAM,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACxC,GAAG,EAAE,CAAC;QACR,CAAC;IACH,CAAC;IACD,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,kBAAkB,CAAC,CAAC;IACpE,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,KAAa;IACvC,IAAI,KAAK,KAAK,EAAE;QAAE,OAAO,KAAK,CAAC;IAC/B,IAAI,KAAK,KAAK,MAAM;QAAE,OAAO,IAAI,CAAC;IAClC,IAAI,KAAK,KAAK,OAAO;QAAE,OAAO,KAAK,CAAC;IACpC,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC1B,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,IAAI,EAAE,KAAK,EAAE;QAAE,OAAO,GAAG,CAAC;IACnD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,QAAQ,CACtB,GAAW,EACX,OAAkC;IAElC,IAAI,OAAO,EAAE,OAAO,KAAK,SAAS,IAAI,GAAG,CAAC,MAAM,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC;QACnE,MAAM,IAAI,KAAK,CACb,uCAAuC,GAAG,CAAC,MAAM,2BAA2B,OAAO,CAAC,OAAO,QAAQ,CACpG,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,EAAE,GAAG,qBAAqB,EAAE,GAAG,OAAO,EAAE,CAAC;IACtD,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;IAE3B,eAAe,CAAC,OAAO,CAAC,CAAC;IAEzB,MAAM,GAAG,GAAG,SAAS,CAAC,IAAI,CAAC,SAAS,IAAI,GAAG,CAAC,CAAC;IAC7C,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAClC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC;IAE3B,kCAAkC;IAClC,MAAM,OAAO,GAAG,IAAI,CAAC,eAAe;QAClC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,eAAgB,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QACxD,CAAC,CAAC,OAAO,CAAC;IAEZ,IAAI,IAAI,GAA8B,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QACvD,MAAM,GAAG,GAA4B,EAAE,CAAC;QACxC,OAAO,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE;YACzB,IAAI,KAAK,GAAY,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;YACpC,IAAI,IAAI,CAAC,aAAa,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACpD,KAAK,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;YACpC,CAAC;YACD,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YACvB,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;gBACtB,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YACnB,CAAC;QACH,CAAC,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC,CAAC,CAAC;IAEH,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;QACxB,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CACzB,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,SAAS,CAAC,CAC1E,CAAC;IACJ,CAAC;IAED,OAAO,IAAW,CAAC;AACrB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,aAAa,CAC3B,GAAW,EACX,OAAkC;IAElC,IAAI,OAAO,EAAE,OAAO,KAAK,SAAS,IAAI,GAAG,CAAC,MAAM,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC;QACnE,MAAM,IAAI,KAAK,CACb,uCAAuC,GAAG,CAAC,MAAM,2BAA2B,OAAO,CAAC,OAAO,QAAQ,CACpG,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,EAAE,GAAG,2BAA2B,EAAE,GAAG,OAAO,EAAE,CAAC;IAC5D,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;IAE3B,eAAe,CAAC,OAAO,CAAC,CAAC;IAEzB,MAAM,GAAG,GAAG,SAAS,CAAC,IAAI,CAAC,SAAS,IAAI,GAAG,CAAC,CAAC;IAC7C,IAAI,IAAI,GAAG,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IAElC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;QACxB,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IACpE,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,QAAQ,CACtB,IAAS,EACT,OAA2D;IAE3D,MAAM,EAAE,QAAQ,EAAE,GAAG,SAAS,EAAE,GAAG,OAAO,IAAI,EAAE,CAAC;IACjD,MAAM,IAAI,GAAG,EAAE,GAAG,qBAAqB,EAAE,GAAG,SAAS,EAAE,CAAC;IAExD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAEjC,IAAI,aAAa,GAAG,IAAI,CAAC;IACzB,IAAI,QAAQ,EAAE,CAAC;QACb,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAC/B,iBAAiB,CAAC,GAA8B,CAAC,CAC3C,CAAC;IACX,CAAC;IAED,MAAM,GAAG,GAAG,SAAS,CAAC,IAAI,CAAC,SAAS,IAAI,GAAG,CAAC,CAAC;IAC7C,IAAI,MAAc,CAAC;IAEnB,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;QAC1B,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CACrC,MAAM,CAAC,MAAM,CAAC,GAA8B,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAC1D,CAAC;QACF,MAAM,GAAG,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IAChC,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,aAA0C,CAAC,CAAC;IAClE,CAAC;IAED,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;QAC1C,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;IAC/C,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,aAAa,CAC3B,IAAgB,EAChB,OAA2D;IAE3D,MAAM,EAAE,QAAQ,EAAE,GAAG,SAAS,EAAE,GAAG,OAAO,IAAI,EAAE,CAAC;IACjD,MAAM,IAAI,GAAG,EAAE,GAAG,qBAAqB,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,SAAS,EAAE,CAAC;IAEvE,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAEjC,IAAI,aAAa,GAAG,IAAI,CAAC;IACzB,IAAI,QAAQ,EAAE,CAAC;QACb,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED,MAAM,GAAG,GAAG,SAAS,CAAC,IAAI,CAAC,SAAS,IAAI,GAAG,CAAC,CAAC;IAC7C,IAAI,MAAM,GAAG,GAAG,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;IAE3C,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;QAC1C,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;IAC/C,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,UAAU,CAAC,GAAW;IACpC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAElD,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;IAE3B,8EAA8E;IAC9E,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAEzC,IAAI,CAAC;QACH,eAAe,CAAC,OAAO,CAAC,CAAC;IAC3B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAc;IAC7C,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC1B,yDAAyD;IACzD,IAAI,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3B,OAAO,IAAI,GAAG,EAAE,CAAC;IACnB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAiB;IAChD,OAAO,MAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;AACtC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAC/B,GAAM;IAEN,MAAM,SAAS,GAA2B,EAAE,CAAC;IAC7C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/C,SAAS,CAAC,GAAG,CAAC,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IAC3C,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","names":[],"sources":["../../src/csv/index.ts"],"sourcesContent":["/**\n * CSV parsing and generation utilities using d3-dsv\n *\n * SECURITY WARNING: CSV files opened in Excel/LibreOffice may execute formulas.\n * Use sanitization options when exporting data that may contain user-controlled content.\n */\n\nimport { dsvFormat } from 'd3-dsv';\n\nexport {\n extractColumn as extractCsvColumn,\n findRows as findCsvRows,\n} from '../object/index.js';\n\n/**\n * Options for parsing CSV\n */\nexport interface CsvParseOptions {\n header?: boolean;\n skipEmptyLines?: boolean;\n transformHeader?: (header: string, index: number) => string;\n dynamicTyping?: boolean;\n delimiter?: string;\n maxSize?: number;\n}\n\n/**\n * Options for building CSV\n */\nexport interface CsvBuildOptions {\n header?: boolean;\n newline?: string;\n skipEmptyLines?: boolean;\n delimiter?: string;\n}\n\n/**\n * Default options for parsing CSV with headers\n */\nconst DEFAULT_PARSE_OPTIONS: CsvParseOptions = {\n header: true,\n skipEmptyLines: true,\n transformHeader: undefined,\n dynamicTyping: false,\n};\n\n/**\n * Default options for parsing CSV without headers\n */\nconst DEFAULT_PARSE_ARRAY_OPTIONS: CsvParseOptions = {\n header: false,\n skipEmptyLines: true,\n dynamicTyping: false,\n};\n\n/**\n * Default options for building CSV\n */\nconst DEFAULT_BUILD_OPTIONS: CsvBuildOptions = {\n header: true,\n newline: '\\n',\n skipEmptyLines: true,\n};\n\n/**\n * Validate CSV quoting — throws if unclosed quotes are found\n */\nfunction validateQuoting(csv: string): void {\n let inQuotes = false;\n let row = 0;\n for (let i = 0; i < csv.length; i++) {\n if (csv[i] === '\"') {\n if (inQuotes && i + 1 < csv.length && csv[i + 1] === '\"') {\n i++; // skip escaped quote \"\"\n } else {\n inQuotes = !inQuotes;\n }\n } else if (csv[i] === '\\n' && !inQuotes) {\n row++;\n }\n }\n if (inQuotes) {\n throw new Error(`CSV parsing failed: Row ${row}: Unclosed quote`);\n }\n}\n\n/**\n * Convert string value to number or boolean when appropriate\n */\nfunction dynamicTypeConvert(value: string): unknown {\n if (value === '') return value;\n if (value === 'true') return true;\n if (value === 'false') return false;\n const num = Number(value);\n if (!isNaN(num) && value.trim() !== '') return num;\n return value;\n}\n\n/**\n * Parse CSV string into array of objects with headers as keys\n * @param csv - CSV string to parse\n * @param options - Optional parse configuration\n * @returns Array of objects representing rows\n * @throws Error if parsing fails\n */\nexport function parseCsv<T = Record<string, unknown>>(\n csv: string,\n options?: Partial<CsvParseOptions>\n): T[] {\n if (options?.maxSize !== undefined && csv.length > options.maxSize) {\n throw new Error(\n `Input exceeds maximum allowed size: ${csv.length} bytes exceeds limit of ${options.maxSize} bytes`\n );\n }\n\n const opts = { ...DEFAULT_PARSE_OPTIONS, ...options };\n const trimmed = csv.trim();\n\n validateQuoting(trimmed);\n\n const dsv = dsvFormat(opts.delimiter ?? ',');\n const parsed = dsv.parse(trimmed);\n const { columns } = parsed;\n\n // Pre-compute transformed headers\n const headers = opts.transformHeader\n ? columns.map((col, i) => opts.transformHeader!(col, i))\n : columns;\n\n let rows: Record<string, unknown>[] = parsed.map((row) => {\n const obj: Record<string, unknown> = {};\n columns.forEach((col, i) => {\n let value: unknown = row[col] ?? '';\n if (opts.dynamicTyping && typeof value === 'string') {\n value = dynamicTypeConvert(value);\n }\n const key = headers[i];\n if (key !== undefined) {\n obj[key] = value;\n }\n });\n return obj;\n });\n\n if (opts.skipEmptyLines) {\n rows = rows.filter((row) =>\n Object.values(row).some((v) => v !== '' && v !== null && v !== undefined)\n );\n }\n\n return rows as T[];\n}\n\n/**\n * Parse CSV string into array of arrays without treating first row as headers\n * @param csv - CSV string to parse\n * @param options - Optional parse configuration\n * @returns Array of arrays representing rows\n * @throws Error if parsing fails\n */\nexport function parseCsvArray(\n csv: string,\n options?: Partial<CsvParseOptions>\n): string[][] {\n if (options?.maxSize !== undefined && csv.length > options.maxSize) {\n throw new Error(\n `Input exceeds maximum allowed size: ${csv.length} bytes exceeds limit of ${options.maxSize} bytes`\n );\n }\n\n const opts = { ...DEFAULT_PARSE_ARRAY_OPTIONS, ...options };\n const trimmed = csv.trim();\n\n validateQuoting(trimmed);\n\n const dsv = dsvFormat(opts.delimiter ?? ',');\n let rows = dsv.parseRows(trimmed);\n\n if (opts.skipEmptyLines) {\n rows = rows.filter((row) => !(row.length === 1 && row[0] === ''));\n }\n\n return rows;\n}\n\n/**\n * Build CSV string from array of objects\n *\n * SECURITY: Set sanitize=true when data may contain user-controlled content\n * to prevent CSV formula injection attacks in Excel/LibreOffice.\n *\n * @param data - Array of objects to convert to CSV\n * @param options - Optional build configuration and sanitize flag\n * @returns CSV string\n */\nexport function buildCsv<T = Record<string, unknown>>(\n data: T[],\n options?: Partial<CsvBuildOptions> & { sanitize?: boolean }\n): string {\n const { sanitize, ...buildOpts } = options || {};\n const opts = { ...DEFAULT_BUILD_OPTIONS, ...buildOpts };\n\n if (data.length === 0) return '';\n\n let processedData = data;\n if (sanitize) {\n processedData = data.map((row) =>\n sanitizeCsvObject(row as Record<string, unknown>)\n ) as T[];\n }\n\n const dsv = dsvFormat(opts.delimiter ?? ',');\n let result: string;\n\n if (opts.header === false) {\n const rows = processedData.map((row) =>\n Object.values(row as Record<string, unknown>).map(String)\n );\n result = dsv.formatRows(rows);\n } else {\n result = dsv.format(processedData as Record<string, unknown>[]);\n }\n\n if (opts.newline && opts.newline !== '\\n') {\n result = result.replace(/\\n/g, opts.newline);\n }\n\n return result;\n}\n\n/**\n * Build CSV string from array of arrays\n *\n * SECURITY: Set sanitize=true when data may contain user-controlled content\n * to prevent CSV formula injection attacks in Excel/LibreOffice.\n *\n * @param data - Array of arrays to convert to CSV\n * @param options - Optional build configuration and sanitize flag\n * @returns CSV string\n */\nexport function buildCsvArray(\n data: string[][],\n options?: Partial<CsvBuildOptions> & { sanitize?: boolean }\n): string {\n const { sanitize, ...buildOpts } = options || {};\n const opts = { ...DEFAULT_BUILD_OPTIONS, header: false, ...buildOpts };\n\n if (data.length === 0) return '';\n\n let processedData = data;\n if (sanitize) {\n processedData = data.map((row) => sanitizeCsvArray(row));\n }\n\n const dsv = dsvFormat(opts.delimiter ?? ',');\n let result = dsv.formatRows(processedData);\n\n if (opts.newline && opts.newline !== '\\n') {\n result = result.replace(/\\n/g, opts.newline);\n }\n\n return result;\n}\n\n/**\n * Validate CSV format\n * @param csv - CSV string to validate\n * @returns True if valid CSV, false otherwise\n */\nexport function isValidCsv(csv: string): boolean {\n if (!csv || csv.trim().length === 0) return false;\n\n const trimmed = csv.trim();\n\n // CSV must have at least one delimiter (comma) to be considered CSV structure\n if (!trimmed.includes(',')) return false;\n\n try {\n validateQuoting(trimmed);\n } catch {\n return false;\n }\n\n return true;\n}\n\n/**\n * Sanitize a single CSV value to prevent formula injection\n *\n * Prefixes values starting with =, +, -, @, |, or % with a single quote\n * to prevent Excel/LibreOffice from interpreting them as formulas.\n *\n * @param value - Value to sanitize\n * @returns Sanitized value\n */\nexport function sanitizeCsvValue(value: unknown): string {\n const str = String(value);\n // Check if string starts with formula trigger characters\n if (/^[=+\\-@|%]/.test(str)) {\n return `'${str}`;\n }\n return str;\n}\n\n/**\n * Sanitize all values in an array to prevent formula injection\n *\n * @param values - Array of values to sanitize\n * @returns Array with sanitized values\n */\nexport function sanitizeCsvArray(values: unknown[]): string[] {\n return values.map(sanitizeCsvValue);\n}\n\n/**\n * Sanitize all values in an object to prevent formula injection\n *\n * @param obj - Object with values to sanitize\n * @returns New object with sanitized values\n */\nexport function sanitizeCsvObject<T extends Record<string, unknown>>(\n obj: T\n): Record<string, string> {\n const sanitized: Record<string, string> = {};\n for (const [key, value] of Object.entries(obj)) {\n sanitized[key] = sanitizeCsvValue(value);\n }\n return sanitized;\n}\n"],"mappings":";;;;;;;;;;;;AAuCA,MAAM,wBAAyC;CAC7C,QAAQ;CACR,gBAAgB;CAChB,iBAAiB,KAAA;CACjB,eAAe;CAChB;;;;AAKD,MAAM,8BAA+C;CACnD,QAAQ;CACR,gBAAgB;CAChB,eAAe;CAChB;;;;AAKD,MAAM,wBAAyC;CAC7C,QAAQ;CACR,SAAS;CACT,gBAAgB;CACjB;;;;AAKD,SAAS,gBAAgB,KAAmB;CAC1C,IAAI,WAAW;CACf,IAAI,MAAM;AACV,MAAK,IAAI,IAAI,GAAG,IAAI,IAAI,QAAQ,IAC9B,KAAI,IAAI,OAAO,KACb,KAAI,YAAY,IAAI,IAAI,IAAI,UAAU,IAAI,IAAI,OAAO,KACnD;KAEA,YAAW,CAAC;UAEL,IAAI,OAAO,QAAQ,CAAC,SAC7B;AAGJ,KAAI,SACF,OAAM,IAAI,MAAM,2BAA2B,IAAI,kBAAkB;;;;;AAOrE,SAAS,mBAAmB,OAAwB;AAClD,KAAI,UAAU,GAAI,QAAO;AACzB,KAAI,UAAU,OAAQ,QAAO;AAC7B,KAAI,UAAU,QAAS,QAAO;CAC9B,MAAM,MAAM,OAAO,MAAM;AACzB,KAAI,CAAC,MAAM,IAAI,IAAI,MAAM,MAAM,KAAK,GAAI,QAAO;AAC/C,QAAO;;;;;;;;;AAUT,SAAgB,SACd,KACA,SACK;AACL,KAAI,SAAS,YAAY,KAAA,KAAa,IAAI,SAAS,QAAQ,QACzD,OAAM,IAAI,MACR,uCAAuC,IAAI,OAAO,0BAA0B,QAAQ,QAAQ,QAC7F;CAGH,MAAM,OAAO;EAAE,GAAG;EAAuB,GAAG;EAAS;CACrD,MAAM,UAAU,IAAI,MAAM;AAE1B,iBAAgB,QAAQ;CAGxB,MAAM,SADM,UAAU,KAAK,aAAa,IAAI,CACzB,MAAM,QAAQ;CACjC,MAAM,EAAE,YAAY;CAGpB,MAAM,UAAU,KAAK,kBACjB,QAAQ,KAAK,KAAK,MAAM,KAAK,gBAAiB,KAAK,EAAE,CAAC,GACtD;CAEJ,IAAI,OAAkC,OAAO,KAAK,QAAQ;EACxD,MAAM,MAA+B,EAAE;AACvC,UAAQ,SAAS,KAAK,MAAM;GAC1B,IAAI,QAAiB,IAAI,QAAQ;AACjC,OAAI,KAAK,iBAAiB,OAAO,UAAU,SACzC,SAAQ,mBAAmB,MAAM;GAEnC,MAAM,MAAM,QAAQ;AACpB,OAAI,QAAQ,KAAA,EACV,KAAI,OAAO;IAEb;AACF,SAAO;GACP;AAEF,KAAI,KAAK,eACP,QAAO,KAAK,QAAQ,QAClB,OAAO,OAAO,IAAI,CAAC,MAAM,MAAM,MAAM,MAAM,MAAM,QAAQ,MAAM,KAAA,EAAU,CAC1E;AAGH,QAAO;;;;;;;;;AAUT,SAAgB,cACd,KACA,SACY;AACZ,KAAI,SAAS,YAAY,KAAA,KAAa,IAAI,SAAS,QAAQ,QACzD,OAAM,IAAI,MACR,uCAAuC,IAAI,OAAO,0BAA0B,QAAQ,QAAQ,QAC7F;CAGH,MAAM,OAAO;EAAE,GAAG;EAA6B,GAAG;EAAS;CAC3D,MAAM,UAAU,IAAI,MAAM;AAE1B,iBAAgB,QAAQ;CAGxB,IAAI,OADQ,UAAU,KAAK,aAAa,IAAI,CAC7B,UAAU,QAAQ;AAEjC,KAAI,KAAK,eACP,QAAO,KAAK,QAAQ,QAAQ,EAAE,IAAI,WAAW,KAAK,IAAI,OAAO,IAAI;AAGnE,QAAO;;;;;;;;;;;;AAaT,SAAgB,SACd,MACA,SACQ;CACR,MAAM,EAAE,UAAU,GAAG,cAAc,WAAW,EAAE;CAChD,MAAM,OAAO;EAAE,GAAG;EAAuB,GAAG;EAAW;AAEvD,KAAI,KAAK,WAAW,EAAG,QAAO;CAE9B,IAAI,gBAAgB;AACpB,KAAI,SACF,iBAAgB,KAAK,KAAK,QACxB,kBAAkB,IAA+B,CAClD;CAGH,MAAM,MAAM,UAAU,KAAK,aAAa,IAAI;CAC5C,IAAI;AAEJ,KAAI,KAAK,WAAW,OAAO;EACzB,MAAM,OAAO,cAAc,KAAK,QAC9B,OAAO,OAAO,IAA+B,CAAC,IAAI,OAAO,CAC1D;AACD,WAAS,IAAI,WAAW,KAAK;OAE7B,UAAS,IAAI,OAAO,cAA2C;AAGjE,KAAI,KAAK,WAAW,KAAK,YAAY,KACnC,UAAS,OAAO,QAAQ,OAAO,KAAK,QAAQ;AAG9C,QAAO;;;;;;;;;;;;AAaT,SAAgB,cACd,MACA,SACQ;CACR,MAAM,EAAE,UAAU,GAAG,cAAc,WAAW,EAAE;CAChD,MAAM,OAAO;EAAE,GAAG;EAAuB,QAAQ;EAAO,GAAG;EAAW;AAEtE,KAAI,KAAK,WAAW,EAAG,QAAO;CAE9B,IAAI,gBAAgB;AACpB,KAAI,SACF,iBAAgB,KAAK,KAAK,QAAQ,iBAAiB,IAAI,CAAC;CAI1D,IAAI,SADQ,UAAU,KAAK,aAAa,IAAI,CAC3B,WAAW,cAAc;AAE1C,KAAI,KAAK,WAAW,KAAK,YAAY,KACnC,UAAS,OAAO,QAAQ,OAAO,KAAK,QAAQ;AAG9C,QAAO;;;;;;;AAQT,SAAgB,WAAW,KAAsB;AAC/C,KAAI,CAAC,OAAO,IAAI,MAAM,CAAC,WAAW,EAAG,QAAO;CAE5C,MAAM,UAAU,IAAI,MAAM;AAG1B,KAAI,CAAC,QAAQ,SAAS,IAAI,CAAE,QAAO;AAEnC,KAAI;AACF,kBAAgB,QAAQ;SAClB;AACN,SAAO;;AAGT,QAAO;;;;;;;;;;;AAYT,SAAgB,iBAAiB,OAAwB;CACvD,MAAM,MAAM,OAAO,MAAM;AAEzB,KAAI,aAAa,KAAK,IAAI,CACxB,QAAO,IAAI;AAEb,QAAO;;;;;;;;AAST,SAAgB,iBAAiB,QAA6B;AAC5D,QAAO,OAAO,IAAI,iBAAiB;;;;;;;;AASrC,SAAgB,kBACd,KACwB;CACxB,MAAM,YAAoC,EAAE;AAC5C,MAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,IAAI,CAC5C,WAAU,OAAO,iBAAiB,MAAM;AAE1C,QAAO"}
|
package/dist/hash/index.d.ts
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
//#region src/hash/index.d.ts
|
|
1
2
|
/**
|
|
2
3
|
* Hash utilities for HDF content
|
|
3
4
|
* Provides cryptographic hashing functions for content identification and integrity verification
|
|
@@ -6,19 +7,19 @@
|
|
|
6
7
|
/**
|
|
7
8
|
* Supported hash algorithms
|
|
8
9
|
*/
|
|
9
|
-
|
|
10
|
+
type HashAlgorithm = 'sha256' | 'sha512';
|
|
10
11
|
/**
|
|
11
12
|
* Supported output encodings
|
|
12
13
|
*/
|
|
13
|
-
|
|
14
|
+
type HashEncoding = 'hex' | 'base64';
|
|
14
15
|
/**
|
|
15
16
|
* Options for hash generation
|
|
16
17
|
*/
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
18
|
+
interface HashOptions {
|
|
19
|
+
/** Hash algorithm (default: 'sha256') */
|
|
20
|
+
algorithm?: HashAlgorithm;
|
|
21
|
+
/** Output encoding (default: 'hex') */
|
|
22
|
+
encoding?: HashEncoding;
|
|
22
23
|
}
|
|
23
24
|
/**
|
|
24
25
|
* Generate a hash of the given data
|
|
@@ -33,7 +34,7 @@ export interface HashOptions {
|
|
|
33
34
|
* // Returns: 'b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9'
|
|
34
35
|
* ```
|
|
35
36
|
*/
|
|
36
|
-
|
|
37
|
+
declare function generateHash(data: string, options?: HashOptions): Promise<string>;
|
|
37
38
|
/**
|
|
38
39
|
* Generate a SHA-256 hash (recommended for most use cases)
|
|
39
40
|
*
|
|
@@ -46,7 +47,7 @@ export declare function generateHash(data: string, options?: HashOptions): Promi
|
|
|
46
47
|
* // Returns: 'b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9'
|
|
47
48
|
* ```
|
|
48
49
|
*/
|
|
49
|
-
|
|
50
|
+
declare function sha256(data: string): Promise<string>;
|
|
50
51
|
/**
|
|
51
52
|
* Generate a SHA-512 hash (enhanced security for sensitive data)
|
|
52
53
|
*
|
|
@@ -59,7 +60,7 @@ export declare function sha256(data: string): Promise<string>;
|
|
|
59
60
|
* // Returns: '309ecc489c12d6eb4cc40f50c902f2b4d0ed77ee511a7c7a9bcd3ca86d4cd86f989dd35bc5ff499670da34255b45b0cfd830e81f605dcf7dc5542e93ae9cd76f'
|
|
60
61
|
* ```
|
|
61
62
|
*/
|
|
62
|
-
|
|
63
|
+
declare function sha512(data: string): Promise<string>;
|
|
63
64
|
/**
|
|
64
65
|
* Generate a hash of an object by stringifying it first
|
|
65
66
|
* Useful for hashing HDF control objects or other structured data
|
|
@@ -75,7 +76,7 @@ export declare function sha512(data: string): Promise<string>;
|
|
|
75
76
|
* // Returns hash of the JSON-stringified object
|
|
76
77
|
* ```
|
|
77
78
|
*/
|
|
78
|
-
|
|
79
|
+
declare function hashObject(obj: unknown, options?: HashOptions): Promise<string>;
|
|
79
80
|
/**
|
|
80
81
|
* Verify that data matches a given hash
|
|
81
82
|
*
|
|
@@ -91,5 +92,7 @@ export declare function hashObject(obj: unknown, options?: HashOptions): Promise
|
|
|
91
92
|
* const isValid = await verifyHash(data, hash); // true
|
|
92
93
|
* ```
|
|
93
94
|
*/
|
|
94
|
-
|
|
95
|
+
declare function verifyHash(data: string, expectedHash: string, options?: HashOptions): Promise<boolean>;
|
|
96
|
+
//#endregion
|
|
97
|
+
export { HashAlgorithm, HashEncoding, HashOptions, generateHash, hashObject, sha256, sha512, verifyHash };
|
|
95
98
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/hash/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","
|
|
1
|
+
{"version":3,"file":"index.d.ts","names":[],"sources":["../../src/hash/index.ts"],"mappings":";;AASA;;;;;AAKA;;KALY,aAAA;;;AAUZ;KALY,YAAA;;;;UAKK,WAAA;EAIf;EAFA,SAAA,GAAY,aAAA;EAEW;EAAvB,QAAA,GAAW,YAAA;AAAA;;;;;;;;;;AA8Db;;;;iBApBsB,YAAA,CAAa,IAAA,UAAc,OAAA,GAAS,WAAA,GAAmB,OAAA;AAoC7E;;;;;AAmBA;;;;;;;AAnBA,iBAhBsB,MAAA,CAAO,IAAA,WAAe,OAAA;;;AAwD5C;;;;;;;;;;iBAxCsB,MAAA,CAAO,IAAA,WAAe,OAAA;;;;;;;;;;;;;;;;iBAmBtB,UAAA,CAAW,GAAA,WAAc,OAAA,GAAS,WAAA,GAAmB,OAAA;;;;;;;;;;;;;;;;iBAqBrD,UAAA,CACpB,IAAA,UACA,YAAA,UACA,OAAA,GAAS,WAAA,GACR,OAAA"}
|
package/dist/hash/index.js
CHANGED
|
@@ -1,118 +1,110 @@
|
|
|
1
|
-
|
|
2
|
-
* Hash utilities for HDF content
|
|
3
|
-
* Provides cryptographic hashing functions for content identification and integrity verification
|
|
4
|
-
* Uses the Web Crypto API (globalThis.crypto.subtle) for browser and Node.js compatibility
|
|
5
|
-
*/
|
|
1
|
+
//#region src/hash/index.ts
|
|
6
2
|
/** Map our algorithm names to Web Crypto algorithm identifiers */
|
|
7
3
|
const ALGORITHM_MAP = {
|
|
8
|
-
|
|
9
|
-
|
|
4
|
+
sha256: "SHA-256",
|
|
5
|
+
sha512: "SHA-512"
|
|
10
6
|
};
|
|
11
7
|
/** Convert an ArrayBuffer to a hex string */
|
|
12
8
|
function bufferToHex(buffer) {
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
}
|
|
18
|
-
return hex;
|
|
9
|
+
const bytes = new Uint8Array(buffer);
|
|
10
|
+
let hex = "";
|
|
11
|
+
for (const b of bytes) hex += b.toString(16).padStart(2, "0");
|
|
12
|
+
return hex;
|
|
19
13
|
}
|
|
20
14
|
/** Convert an ArrayBuffer to a base64 string */
|
|
21
15
|
function bufferToBase64(buffer) {
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
}
|
|
27
|
-
return btoa(binary);
|
|
16
|
+
const bytes = new Uint8Array(buffer);
|
|
17
|
+
let binary = "";
|
|
18
|
+
for (const b of bytes) binary += String.fromCharCode(b);
|
|
19
|
+
return btoa(binary);
|
|
28
20
|
}
|
|
29
21
|
/**
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
22
|
+
* Generate a hash of the given data
|
|
23
|
+
*
|
|
24
|
+
* @param data - String data to hash
|
|
25
|
+
* @param options - Hash generation options
|
|
26
|
+
* @returns Hex-encoded hash string
|
|
27
|
+
*
|
|
28
|
+
* @example
|
|
29
|
+
* ```typescript
|
|
30
|
+
* const hash = await generateHash('hello world');
|
|
31
|
+
* // Returns: 'b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9'
|
|
32
|
+
* ```
|
|
33
|
+
*/
|
|
34
|
+
async function generateHash(data, options = {}) {
|
|
35
|
+
const { algorithm = "sha256", encoding = "hex" } = options;
|
|
36
|
+
const webAlgorithm = ALGORITHM_MAP[algorithm];
|
|
37
|
+
const encoded = new TextEncoder().encode(data);
|
|
38
|
+
const hashBuffer = await globalThis.crypto.subtle.digest(webAlgorithm, encoded);
|
|
39
|
+
return encoding === "base64" ? bufferToBase64(hashBuffer) : bufferToHex(hashBuffer);
|
|
48
40
|
}
|
|
49
41
|
/**
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
42
|
+
* Generate a SHA-256 hash (recommended for most use cases)
|
|
43
|
+
*
|
|
44
|
+
* @param data - String data to hash
|
|
45
|
+
* @returns Hex-encoded SHA-256 hash
|
|
46
|
+
*
|
|
47
|
+
* @example
|
|
48
|
+
* ```typescript
|
|
49
|
+
* const hash = await sha256('hello world');
|
|
50
|
+
* // Returns: 'b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9'
|
|
51
|
+
* ```
|
|
52
|
+
*/
|
|
53
|
+
async function sha256(data) {
|
|
54
|
+
return generateHash(data, { algorithm: "sha256" });
|
|
63
55
|
}
|
|
64
56
|
/**
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
57
|
+
* Generate a SHA-512 hash (enhanced security for sensitive data)
|
|
58
|
+
*
|
|
59
|
+
* @param data - String data to hash
|
|
60
|
+
* @returns Hex-encoded SHA-512 hash
|
|
61
|
+
*
|
|
62
|
+
* @example
|
|
63
|
+
* ```typescript
|
|
64
|
+
* const hash = await sha512('hello world');
|
|
65
|
+
* // Returns: '309ecc489c12d6eb4cc40f50c902f2b4d0ed77ee511a7c7a9bcd3ca86d4cd86f989dd35bc5ff499670da34255b45b0cfd830e81f605dcf7dc5542e93ae9cd76f'
|
|
66
|
+
* ```
|
|
67
|
+
*/
|
|
68
|
+
async function sha512(data) {
|
|
69
|
+
return generateHash(data, { algorithm: "sha512" });
|
|
78
70
|
}
|
|
79
71
|
/**
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
const stringified = obj === undefined ? 'undefined' : JSON.stringify(obj);
|
|
97
|
-
return generateHash(stringified, options);
|
|
72
|
+
* Generate a hash of an object by stringifying it first
|
|
73
|
+
* Useful for hashing HDF control objects or other structured data
|
|
74
|
+
*
|
|
75
|
+
* @param obj - Object to hash
|
|
76
|
+
* @param options - Hash generation options
|
|
77
|
+
* @returns Hex-encoded hash string
|
|
78
|
+
*
|
|
79
|
+
* @example
|
|
80
|
+
* ```typescript
|
|
81
|
+
* const control = { id: 'V-12345', title: 'Test Control' };
|
|
82
|
+
* const hash = await hashObject(control);
|
|
83
|
+
* // Returns hash of the JSON-stringified object
|
|
84
|
+
* ```
|
|
85
|
+
*/
|
|
86
|
+
async function hashObject(obj, options = {}) {
|
|
87
|
+
return generateHash(obj === void 0 ? "undefined" : JSON.stringify(obj), options);
|
|
98
88
|
}
|
|
99
89
|
/**
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
return actualHash === expectedHash;
|
|
90
|
+
* Verify that data matches a given hash
|
|
91
|
+
*
|
|
92
|
+
* @param data - String data to verify
|
|
93
|
+
* @param expectedHash - Expected hash value
|
|
94
|
+
* @param options - Hash generation options (must match hash generation)
|
|
95
|
+
* @returns True if data matches the hash
|
|
96
|
+
*
|
|
97
|
+
* @example
|
|
98
|
+
* ```typescript
|
|
99
|
+
* const data = 'hello world';
|
|
100
|
+
* const hash = await sha256(data);
|
|
101
|
+
* const isValid = await verifyHash(data, hash); // true
|
|
102
|
+
* ```
|
|
103
|
+
*/
|
|
104
|
+
async function verifyHash(data, expectedHash, options = {}) {
|
|
105
|
+
return await generateHash(data, options) === expectedHash;
|
|
117
106
|
}
|
|
107
|
+
//#endregion
|
|
108
|
+
export { generateHash, hashObject, sha256, sha512, verifyHash };
|
|
109
|
+
|
|
118
110
|
//# sourceMappingURL=index.js.map
|
package/dist/hash/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","
|
|
1
|
+
{"version":3,"file":"index.js","names":[],"sources":["../../src/hash/index.ts"],"sourcesContent":["/**\n * Hash utilities for HDF content\n * Provides cryptographic hashing functions for content identification and integrity verification\n * Uses the Web Crypto API (globalThis.crypto.subtle) for browser and Node.js compatibility\n */\n\n/**\n * Supported hash algorithms\n */\nexport type HashAlgorithm = 'sha256' | 'sha512';\n\n/**\n * Supported output encodings\n */\nexport type HashEncoding = 'hex' | 'base64';\n\n/**\n * Options for hash generation\n */\nexport interface HashOptions {\n /** Hash algorithm (default: 'sha256') */\n algorithm?: HashAlgorithm;\n /** Output encoding (default: 'hex') */\n encoding?: HashEncoding;\n}\n\n/** Map our algorithm names to Web Crypto algorithm identifiers */\nconst ALGORITHM_MAP: Record<HashAlgorithm, string> = {\n sha256: 'SHA-256',\n sha512: 'SHA-512',\n};\n\n/** Convert an ArrayBuffer to a hex string */\nfunction bufferToHex(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let hex = '';\n for (const b of bytes) {\n hex += b.toString(16).padStart(2, '0');\n }\n return hex;\n}\n\n/** Convert an ArrayBuffer to a base64 string */\nfunction bufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (const b of bytes) {\n binary += String.fromCharCode(b);\n }\n return btoa(binary);\n}\n\n/**\n * Generate a hash of the given data\n *\n * @param data - String data to hash\n * @param options - Hash generation options\n * @returns Hex-encoded hash string\n *\n * @example\n * ```typescript\n * const hash = await generateHash('hello world');\n * // Returns: 'b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9'\n * ```\n */\nexport async function generateHash(data: string, options: HashOptions = {}): Promise<string> {\n const { algorithm = 'sha256', encoding = 'hex' } = options;\n const webAlgorithm = ALGORITHM_MAP[algorithm];\n const encoded = new TextEncoder().encode(data);\n const hashBuffer = await globalThis.crypto.subtle.digest(webAlgorithm, encoded);\n return encoding === 'base64' ? bufferToBase64(hashBuffer) : bufferToHex(hashBuffer);\n}\n\n/**\n * Generate a SHA-256 hash (recommended for most use cases)\n *\n * @param data - String data to hash\n * @returns Hex-encoded SHA-256 hash\n *\n * @example\n * ```typescript\n * const hash = await sha256('hello world');\n * // Returns: 'b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9'\n * ```\n */\nexport async function sha256(data: string): Promise<string> {\n return generateHash(data, { algorithm: 'sha256' });\n}\n\n/**\n * Generate a SHA-512 hash (enhanced security for sensitive data)\n *\n * @param data - String data to hash\n * @returns Hex-encoded SHA-512 hash\n *\n * @example\n * ```typescript\n * const hash = await sha512('hello world');\n * // Returns: '309ecc489c12d6eb4cc40f50c902f2b4d0ed77ee511a7c7a9bcd3ca86d4cd86f989dd35bc5ff499670da34255b45b0cfd830e81f605dcf7dc5542e93ae9cd76f'\n * ```\n */\nexport async function sha512(data: string): Promise<string> {\n return generateHash(data, { algorithm: 'sha512' });\n}\n\n/**\n * Generate a hash of an object by stringifying it first\n * Useful for hashing HDF control objects or other structured data\n *\n * @param obj - Object to hash\n * @param options - Hash generation options\n * @returns Hex-encoded hash string\n *\n * @example\n * ```typescript\n * const control = { id: 'V-12345', title: 'Test Control' };\n * const hash = await hashObject(control);\n * // Returns hash of the JSON-stringified object\n * ```\n */\nexport async function hashObject(obj: unknown, options: HashOptions = {}): Promise<string> {\n // JSON.stringify returns undefined for undefined, so handle it explicitly\n const stringified = obj === undefined ? 'undefined' : JSON.stringify(obj);\n return generateHash(stringified, options);\n}\n\n/**\n * Verify that data matches a given hash\n *\n * @param data - String data to verify\n * @param expectedHash - Expected hash value\n * @param options - Hash generation options (must match hash generation)\n * @returns True if data matches the hash\n *\n * @example\n * ```typescript\n * const data = 'hello world';\n * const hash = await sha256(data);\n * const isValid = await verifyHash(data, hash); // true\n * ```\n */\nexport async function verifyHash(\n data: string,\n expectedHash: string,\n options: HashOptions = {}\n): Promise<boolean> {\n const actualHash = await generateHash(data, options);\n return actualHash === expectedHash;\n}\n"],"mappings":";;AA2BA,MAAM,gBAA+C;CACnD,QAAQ;CACR,QAAQ;CACT;;AAGD,SAAS,YAAY,QAA6B;CAChD,MAAM,QAAQ,IAAI,WAAW,OAAO;CACpC,IAAI,MAAM;AACV,MAAK,MAAM,KAAK,MACd,QAAO,EAAE,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI;AAExC,QAAO;;;AAIT,SAAS,eAAe,QAA6B;CACnD,MAAM,QAAQ,IAAI,WAAW,OAAO;CACpC,IAAI,SAAS;AACb,MAAK,MAAM,KAAK,MACd,WAAU,OAAO,aAAa,EAAE;AAElC,QAAO,KAAK,OAAO;;;;;;;;;;;;;;;AAgBrB,eAAsB,aAAa,MAAc,UAAuB,EAAE,EAAmB;CAC3F,MAAM,EAAE,YAAY,UAAU,WAAW,UAAU;CACnD,MAAM,eAAe,cAAc;CACnC,MAAM,UAAU,IAAI,aAAa,CAAC,OAAO,KAAK;CAC9C,MAAM,aAAa,MAAM,WAAW,OAAO,OAAO,OAAO,cAAc,QAAQ;AAC/E,QAAO,aAAa,WAAW,eAAe,WAAW,GAAG,YAAY,WAAW;;;;;;;;;;;;;;AAerF,eAAsB,OAAO,MAA+B;AAC1D,QAAO,aAAa,MAAM,EAAE,WAAW,UAAU,CAAC;;;;;;;;;;;;;;AAepD,eAAsB,OAAO,MAA+B;AAC1D,QAAO,aAAa,MAAM,EAAE,WAAW,UAAU,CAAC;;;;;;;;;;;;;;;;;AAkBpD,eAAsB,WAAW,KAAc,UAAuB,EAAE,EAAmB;AAGzF,QAAO,aADa,QAAQ,KAAA,IAAY,cAAc,KAAK,UAAU,IAAI,EACxC,QAAQ;;;;;;;;;;;;;;;;;AAkB3C,eAAsB,WACpB,MACA,cACA,UAAuB,EAAE,EACP;AAElB,QADmB,MAAM,aAAa,MAAM,QAAQ,KAC9B"}
|
package/dist/index.d.ts
CHANGED
|
@@ -1,12 +1,39 @@
|
|
|
1
|
+
import { extractColumn, findRows, findValuesByKey } from "./object/index.js";
|
|
2
|
+
import { CsvBuildOptions, CsvParseOptions, buildCsv, buildCsvArray, isValidCsv, parseCsv, parseCsvArray, sanitizeCsvArray, sanitizeCsvObject, sanitizeCsvValue } from "./csv/index.js";
|
|
3
|
+
import { HashAlgorithm, HashEncoding, HashOptions, generateHash, hashObject, sha256, sha512, verifyHash } from "./hash/index.js";
|
|
4
|
+
import { StringifyOptions, isValidJSON, parseJSON, stringifyJSON } from "./json/index.js";
|
|
5
|
+
import { buildXml, extractTextFromXml, isValidXml, parseXml, parseXmlWithArrays } from "./xml/index.js";
|
|
6
|
+
import { parseTimestamp, stripHtml } from "./string/index.js";
|
|
7
|
+
|
|
8
|
+
//#region src/severity/index.d.ts
|
|
1
9
|
/**
|
|
2
|
-
*
|
|
3
|
-
*
|
|
10
|
+
* Severity-to-impact mapping utilities.
|
|
11
|
+
*
|
|
12
|
+
* These define the canonical bidirectional mapping between severity labels
|
|
13
|
+
* (critical, high, medium, low, informational) and HDF impact scores (0.0–1.0),
|
|
14
|
+
* aligned with CVSS 3.x severity bands normalized to 0–1.
|
|
15
|
+
*
|
|
16
|
+
* Threshold ranges (used by impactToSeverity):
|
|
17
|
+
* >=0.9 = critical (CVSS 9.0–10.0)
|
|
18
|
+
* [0.7, 0.9) = high (CVSS 7.0–8.9)
|
|
19
|
+
* [0.4, 0.7) = medium (CVSS 4.0–6.9)
|
|
20
|
+
* (0.0, 0.4) = low (CVSS 0.1–3.9)
|
|
21
|
+
* 0.0 = informational (CVSS 0.0)
|
|
4
22
|
*/
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
23
|
+
/**
|
|
24
|
+
* Map a severity string to an impact score.
|
|
25
|
+
*
|
|
26
|
+
* @param severity - Severity level (case-insensitive)
|
|
27
|
+
* @returns Impact score between 0.0 and 1.0; defaults to 0.5 for unrecognized values
|
|
28
|
+
*/
|
|
29
|
+
declare function severityToImpact(severity: string): number;
|
|
30
|
+
/**
|
|
31
|
+
* Map an impact score to a severity string.
|
|
32
|
+
*
|
|
33
|
+
* @param impact - Impact score (0.0 to 1.0)
|
|
34
|
+
* @returns Severity level string
|
|
35
|
+
*/
|
|
36
|
+
declare function impactToSeverity(impact: number): string;
|
|
37
|
+
//#endregion
|
|
38
|
+
export { type CsvBuildOptions, type CsvParseOptions, type HashAlgorithm, type HashEncoding, type HashOptions, type StringifyOptions, buildCsv, buildCsvArray, buildXml, extractColumn, extractColumn as extractCsvColumn, extractTextFromXml, findRows as findCsvRows, findRows, findValuesByKey as findJsonValues, findValuesByKey, findValuesByKey as findXmlValues, generateHash, hashObject, impactToSeverity, isValidCsv, isValidJSON, isValidXml, parseCsv, parseCsvArray, parseJSON, parseTimestamp, parseXml, parseXmlWithArrays, sanitizeCsvArray, sanitizeCsvObject, sanitizeCsvValue, severityToImpact, sha256, sha512, stringifyJSON, stripHtml, verifyHash };
|
|
12
39
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","
|
|
1
|
+
{"version":3,"file":"index.d.ts","names":[],"sources":["../src/severity/index.ts"],"mappings":";;;;;;;;;;;;;;;;AAgCA;;;;;AAWA;;;;;;;iBAXgB,gBAAA,CAAiB,QAAA;;;;;;;iBAWjB,gBAAA,CAAiB,MAAA"}
|
package/dist/index.js
CHANGED
|
@@ -1,19 +1,57 @@
|
|
|
1
|
+
import { extractColumn, findRows, findValuesByKey } from "./object/index.js";
|
|
2
|
+
import { isValidJSON, parseJSON, stringifyJSON } from "./json/index.js";
|
|
3
|
+
import { generateHash, hashObject, sha256, sha512, verifyHash } from "./hash/index.js";
|
|
4
|
+
import { buildXml, extractTextFromXml, isValidXml, parseXml, parseXmlWithArrays } from "./xml/index.js";
|
|
5
|
+
import { buildCsv, buildCsvArray, isValidCsv, parseCsv, parseCsvArray, sanitizeCsvArray, sanitizeCsvObject, sanitizeCsvValue } from "./csv/index.js";
|
|
6
|
+
import { parseTimestamp, stripHtml } from "./string/index.js";
|
|
7
|
+
//#region src/severity/index.ts
|
|
1
8
|
/**
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
9
|
+
* Severity-to-impact mapping utilities.
|
|
10
|
+
*
|
|
11
|
+
* These define the canonical bidirectional mapping between severity labels
|
|
12
|
+
* (critical, high, medium, low, informational) and HDF impact scores (0.0–1.0),
|
|
13
|
+
* aligned with CVSS 3.x severity bands normalized to 0–1.
|
|
14
|
+
*
|
|
15
|
+
* Threshold ranges (used by impactToSeverity):
|
|
16
|
+
* >=0.9 = critical (CVSS 9.0–10.0)
|
|
17
|
+
* [0.7, 0.9) = high (CVSS 7.0–8.9)
|
|
18
|
+
* [0.4, 0.7) = medium (CVSS 4.0–6.9)
|
|
19
|
+
* (0.0, 0.4) = low (CVSS 0.1–3.9)
|
|
20
|
+
* 0.0 = informational (CVSS 0.0)
|
|
21
|
+
*/
|
|
22
|
+
const severityMap = {
|
|
23
|
+
critical: .9,
|
|
24
|
+
high: .7,
|
|
25
|
+
medium: .5,
|
|
26
|
+
low: .3,
|
|
27
|
+
info: 0,
|
|
28
|
+
none: 0,
|
|
29
|
+
informational: 0,
|
|
30
|
+
information: 0
|
|
31
|
+
};
|
|
32
|
+
/**
|
|
33
|
+
* Map a severity string to an impact score.
|
|
34
|
+
*
|
|
35
|
+
* @param severity - Severity level (case-insensitive)
|
|
36
|
+
* @returns Impact score between 0.0 and 1.0; defaults to 0.5 for unrecognized values
|
|
37
|
+
*/
|
|
38
|
+
function severityToImpact(severity) {
|
|
39
|
+
return severityMap[severity.toLowerCase()] ?? .5;
|
|
40
|
+
}
|
|
41
|
+
/**
|
|
42
|
+
* Map an impact score to a severity string.
|
|
43
|
+
*
|
|
44
|
+
* @param impact - Impact score (0.0 to 1.0)
|
|
45
|
+
* @returns Severity level string
|
|
46
|
+
*/
|
|
47
|
+
function impactToSeverity(impact) {
|
|
48
|
+
if (impact >= .9) return "critical";
|
|
49
|
+
if (impact >= .7) return "high";
|
|
50
|
+
if (impact >= .4) return "medium";
|
|
51
|
+
if (impact > 0) return "low";
|
|
52
|
+
return "informational";
|
|
53
|
+
}
|
|
54
|
+
//#endregion
|
|
55
|
+
export { buildCsv, buildCsvArray, buildXml, extractColumn, extractColumn as extractCsvColumn, extractTextFromXml, findRows as findCsvRows, findRows, findValuesByKey as findJsonValues, findValuesByKey, findValuesByKey as findXmlValues, generateHash, hashObject, impactToSeverity, isValidCsv, isValidJSON, isValidXml, parseCsv, parseCsvArray, parseJSON, parseTimestamp, parseXml, parseXmlWithArrays, sanitizeCsvArray, sanitizeCsvObject, sanitizeCsvValue, severityToImpact, sha256, sha512, stringifyJSON, stripHtml, verifyHash };
|
|
56
|
+
|
|
19
57
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","
|
|
1
|
+
{"version":3,"file":"index.js","names":[],"sources":["../src/severity/index.ts"],"sourcesContent":["/**\n * Severity-to-impact mapping utilities.\n *\n * These define the canonical bidirectional mapping between severity labels\n * (critical, high, medium, low, informational) and HDF impact scores (0.0–1.0),\n * aligned with CVSS 3.x severity bands normalized to 0–1.\n *\n * Threshold ranges (used by impactToSeverity):\n * >=0.9 = critical (CVSS 9.0–10.0)\n * [0.7, 0.9) = high (CVSS 7.0–8.9)\n * [0.4, 0.7) = medium (CVSS 4.0–6.9)\n * (0.0, 0.4) = low (CVSS 0.1–3.9)\n * 0.0 = informational (CVSS 0.0)\n */\n\nconst severityMap: Record<string, number> = {\n critical: 0.9,\n high: 0.7,\n medium: 0.5,\n low: 0.3,\n info: 0.0,\n none: 0.0,\n informational: 0.0,\n information: 0.0,\n};\n\n/**\n * Map a severity string to an impact score.\n *\n * @param severity - Severity level (case-insensitive)\n * @returns Impact score between 0.0 and 1.0; defaults to 0.5 for unrecognized values\n */\nexport function severityToImpact(severity: string): number {\n const normalized = severity.toLowerCase();\n return severityMap[normalized] ?? 0.5;\n}\n\n/**\n * Map an impact score to a severity string.\n *\n * @param impact - Impact score (0.0 to 1.0)\n * @returns Severity level string\n */\nexport function impactToSeverity(impact: number): string {\n if (impact >= 0.9) return 'critical';\n if (impact >= 0.7) return 'high';\n if (impact >= 0.4) return 'medium';\n if (impact > 0.0) return 'low';\n return 'informational';\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;AAeA,MAAM,cAAsC;CAC1C,UAAU;CACV,MAAM;CACN,QAAQ;CACR,KAAK;CACL,MAAM;CACN,MAAM;CACN,eAAe;CACf,aAAa;CACd;;;;;;;AAQD,SAAgB,iBAAiB,UAA0B;AAEzD,QAAO,YADY,SAAS,aAAa,KACP;;;;;;;;AASpC,SAAgB,iBAAiB,QAAwB;AACvD,KAAI,UAAU,GAAK,QAAO;AAC1B,KAAI,UAAU,GAAK,QAAO;AAC1B,KAAI,UAAU,GAAK,QAAO;AAC1B,KAAI,SAAS,EAAK,QAAO;AACzB,QAAO"}
|
package/dist/json/index.d.ts
CHANGED
|
@@ -1,12 +1,14 @@
|
|
|
1
|
-
|
|
1
|
+
import { findValuesByKey } from "../object/index.js";
|
|
2
|
+
|
|
3
|
+
//#region src/json/index.d.ts
|
|
2
4
|
/**
|
|
3
5
|
* Options for JSON stringification
|
|
4
6
|
*/
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
7
|
+
interface StringifyOptions {
|
|
8
|
+
/** Enable pretty printing with indentation */
|
|
9
|
+
pretty?: boolean;
|
|
10
|
+
/** Number of spaces for indentation (default: 2) */
|
|
11
|
+
indent?: number;
|
|
10
12
|
}
|
|
11
13
|
/**
|
|
12
14
|
* Safely parse a JSON string
|
|
@@ -14,7 +16,7 @@ export interface StringifyOptions {
|
|
|
14
16
|
* @returns Parsed JSON value
|
|
15
17
|
* @throws Error if input is not valid JSON
|
|
16
18
|
*/
|
|
17
|
-
|
|
19
|
+
declare function parseJSON<T = unknown>(input: string): T;
|
|
18
20
|
/**
|
|
19
21
|
* Safely stringify a value to JSON
|
|
20
22
|
* @param value - Value to stringify
|
|
@@ -22,11 +24,13 @@ export declare function parseJSON<T = unknown>(input: string): T;
|
|
|
22
24
|
* @returns JSON string
|
|
23
25
|
* @throws Error if value contains circular references or cannot be stringified
|
|
24
26
|
*/
|
|
25
|
-
|
|
27
|
+
declare function stringifyJSON(value: unknown, options?: StringifyOptions): string;
|
|
26
28
|
/**
|
|
27
29
|
* Check if a string is valid JSON
|
|
28
30
|
* @param input - String to validate
|
|
29
31
|
* @returns true if input is valid JSON, false otherwise
|
|
30
32
|
*/
|
|
31
|
-
|
|
33
|
+
declare function isValidJSON(input: unknown): boolean;
|
|
34
|
+
//#endregion
|
|
35
|
+
export { StringifyOptions, findValuesByKey as findJsonValues, isValidJSON, parseJSON, stringifyJSON };
|
|
32
36
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/json/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","
|
|
1
|
+
{"version":3,"file":"index.d.ts","names":[],"sources":["../../src/json/index.ts"],"mappings":";;;;;AAKA;UAAiB,gBAAA;;EAEf,MAAA;EAEM;EAAN,MAAA;AAAA;;;;;;;iBASc,SAAA,aAAA,CAAuB,KAAA,WAAgB,CAAA;AAuBvD;;;;;;;AAAA,iBAAgB,aAAA,CAAc,KAAA,WAAgB,OAAA,GAAS,gBAAA;;AAkBvD;;;;iBAAgB,WAAA,CAAY,KAAA"}
|