npm - @naman_deep_singh/security - Versions diffs - 1.3.2 → 1.4.0 - Mend

@naman_deep_singh/security 1.3.2 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

package/README.md +153 -355
package/dist/cjs/core/crypto/cryptoManager.d.ts +5 -5
package/dist/cjs/core/crypto/cryptoManager.js +42 -25
package/dist/cjs/core/jwt/decode.js +4 -1
package/dist/cjs/core/jwt/generateTokens.d.ts +1 -1
package/dist/cjs/core/jwt/generateTokens.js +7 -4
package/dist/cjs/core/jwt/jwtManager.d.ts +19 -43
package/dist/cjs/core/jwt/jwtManager.js +72 -202
package/dist/cjs/core/jwt/parseDuration.js +3 -2
package/dist/cjs/core/jwt/signToken.js +2 -1
package/dist/cjs/core/jwt/validateToken.d.ts +10 -7
package/dist/cjs/core/jwt/validateToken.js +14 -11
package/dist/cjs/core/jwt/verify.d.ts +9 -10
package/dist/cjs/core/jwt/verify.js +57 -14
package/dist/cjs/core/password/hash.js +4 -4
package/dist/cjs/core/password/passwordManager.d.ts +2 -2
package/dist/cjs/core/password/passwordManager.js +43 -82
package/dist/cjs/core/password/strength.js +5 -5
package/dist/cjs/core/password/utils.d.ts +12 -0
package/dist/cjs/core/password/utils.js +16 -1
package/dist/cjs/core/password/verify.js +5 -5
package/dist/cjs/index.d.ts +2 -7
package/dist/esm/core/crypto/cryptoManager.d.ts +5 -5
package/dist/esm/core/crypto/cryptoManager.js +42 -25
package/dist/esm/core/jwt/decode.js +4 -1
package/dist/esm/core/jwt/generateTokens.d.ts +1 -1
package/dist/esm/core/jwt/generateTokens.js +7 -4
package/dist/esm/core/jwt/jwtManager.d.ts +19 -43
package/dist/esm/core/jwt/jwtManager.js +73 -203
package/dist/esm/core/jwt/parseDuration.js +3 -2
package/dist/esm/core/jwt/signToken.js +2 -1
package/dist/esm/core/jwt/validateToken.d.ts +10 -7
package/dist/esm/core/jwt/validateToken.js +14 -11
package/dist/esm/core/jwt/verify.d.ts +9 -10
package/dist/esm/core/jwt/verify.js +55 -12
package/dist/esm/core/password/hash.js +4 -4
package/dist/esm/core/password/passwordManager.d.ts +2 -2
package/dist/esm/core/password/passwordManager.js +43 -82
package/dist/esm/core/password/strength.js +5 -5
package/dist/esm/core/password/utils.d.ts +12 -0
package/dist/esm/core/password/utils.js +16 -1
package/dist/esm/core/password/verify.js +5 -5
package/dist/esm/index.d.ts +2 -7
package/dist/types/core/crypto/cryptoManager.d.ts +5 -5
package/dist/types/core/jwt/generateTokens.d.ts +1 -1
package/dist/types/core/jwt/jwtManager.d.ts +19 -43
package/dist/types/core/jwt/validateToken.d.ts +10 -7
package/dist/types/core/jwt/verify.d.ts +9 -10
package/dist/types/core/password/passwordManager.d.ts +2 -2
package/dist/types/core/password/utils.d.ts +12 -0
package/dist/types/index.d.ts +2 -7
package/package.json +2 -2

package/dist/types/core/jwt/verify.d.ts CHANGED Viewed

@@ -1,19 +1,18 @@
-import type jwt from 'jsonwebtoken';
-import { type JwtPayload, type Secret } from 'jsonwebtoken';
-import type { VerificationResult } from './types';
+import { type JwtPayload, type Secret, VerifyOptions } from 'jsonwebtoken';
+import { VerificationResult } from './types';
 /**
- * Verify token (throws if invalid or expired)
+ * Verify token (throws UnauthorizedError if invalid or expired)
  */
 export declare const verifyToken: (token: string, secret: Secret) => string | JwtPayload;
 /**
- * Safe verify — never throws, returns structured result
+ * Verify token with options
  */
-export declare const safeVerifyToken: (token: string, secret: Secret) => VerificationResult;
+export declare const verifyTokenWithOptions: (token: string, secret: Secret, options?: VerifyOptions) => string | JwtPayload;
 /**
- * Verify token with validation options
+ * Safe verify — never throws, returns structured result with UnauthorizedError on failure
  */
-export declare const verifyTokenWithOptions: (token: string, secret: Secret, options?: jwt.VerifyOptions) => string | JwtPayload;
+export declare const safeVerifyToken: (token: string, secret: Secret) => VerificationResult;
 /**
- * Safe verify with validation options
+ * Safe verify with options — never throws, returns structured result with UnauthorizedError on failure
  */
-export declare const safeVerifyTokenWithOptions: (token: string, secret: Secret, options?: jwt.VerifyOptions) => VerificationResult;
+export declare const safeVerifyTokenWithOptions: (token: string, secret: Secret, options?: VerifyOptions) => VerificationResult;

package/dist/types/core/password/passwordManager.d.ts CHANGED Viewed

@@ -23,7 +23,7 @@ export declare class PasswordManager implements IPasswordManager {
      */
     checkStrength(password: string): PasswordStrength;
     /**
-     * Check if password hash needs upgrade (different salt rounds)
+     * Check if password hash needs upgrade (saltRounds change)
      */
-    needsUpgrade(hash: string, currentConfig: PasswordConfig): boolean;
+    needsUpgrade(_hash: string, _currentConfig: PasswordConfig): boolean;
 }

package/dist/types/core/password/utils.d.ts CHANGED Viewed

@@ -1,4 +1,16 @@
+/**
+ * Ensure password is a valid non-empty string
+ */
 export declare function ensureValidPassword(password: string): void;
+/**
+ * Timing-safe comparison between two strings
+ */
 export declare function safeCompare(a: string, b: string): boolean;
+/**
+ * Estimate password entropy based on character pool
+ */
 export declare function estimatePasswordEntropy(password: string): number;
+/**
+ * Normalize password string to a consistent form
+ */
 export declare function normalizePassword(password: string): string;

package/dist/types/index.d.ts CHANGED Viewed

@@ -21,16 +21,11 @@ declare const _default: {
     generateTokens: (payload: Record<string, unknown>, accessSecret: import("node_modules/@types/jsonwebtoken").Secret, refreshSecret: import("node_modules/@types/jsonwebtoken").Secret, accessExpiry?: string | number, refreshExpiry?: string | number) => JWTUtils.TokenPair;
     parseDuration(input: string | number): number;
     signToken: (payload: Record<string, unknown>, secret: import("node_modules/@types/jsonwebtoken").Secret, expiresIn?: string | number, options?: import("node_modules/@types/jsonwebtoken").SignOptions) => string;
-    validateTokenPayload(payload: Record<string, unknown>, rules?: JWTUtils.TokenRequirements): {
-        valid: true;
-    } | {
-        valid: false;
-        error: string;
-    };
+    validateTokenPayload(payload: Record<string, unknown>, rules?: JWTUtils.TokenRequirements): void;
     isTokenExpired(payload: import("node_modules/@types/jsonwebtoken").JwtPayload): boolean;
     verifyToken: (token: string, secret: import("node_modules/@types/jsonwebtoken").Secret) => string | import("node_modules/@types/jsonwebtoken").JwtPayload;
-    safeVerifyToken: (token: string, secret: import("node_modules/@types/jsonwebtoken").Secret) => JWTUtils.VerificationResult;
     verifyTokenWithOptions: (token: string, secret: import("node_modules/@types/jsonwebtoken").Secret, options?: import("node_modules/@types/jsonwebtoken").VerifyOptions) => string | import("node_modules/@types/jsonwebtoken").JwtPayload;
+    safeVerifyToken: (token: string, secret: import("node_modules/@types/jsonwebtoken").Secret) => JWTUtils.VerificationResult;
     safeVerifyTokenWithOptions: (token: string, secret: import("node_modules/@types/jsonwebtoken").Secret, options?: import("node_modules/@types/jsonwebtoken").VerifyOptions) => JWTUtils.VerificationResult;
     hashPasswordWithPepper(password: string, pepper: string): Promise<string>;
     hashPasswordWithPepperSync(password: string, pepper: string): string;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@naman_deep_singh/security",
-  "version": "1.3.2",
+  "version": "1.4.0",
   "description": "Security utilities for password hashing and JWT token management with TypeScript",
   "type": "module",
   "main": "./dist/cjs/index.js",
@@ -28,7 +28,7 @@
   "author": "Naman Deep Singh",
   "license": "ISC",
   "dependencies": {
-    "@naman_deep_singh/errors-utils": "^1.1.1",
+    "@naman_deep_singh/errors-utils": "^1.3.4",
     "@naman_deep_singh/js-extensions": "^1.3.2",
     "bcryptjs": "^3.0.3",
     "jsonwebtoken": "^9.0.2"