@naylence/runtime 0.3.21 → 0.4.0

package/dist/cjs/naylence/fame/security/auth/policy/local-file-authorization-policy-source-factory.js

@@ -0,0 +1,101 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LocalFileAuthorizationPolicySourceFactory = exports.FACTORY_META = void 0;
+const lazy_import_js_1 = require("../../../util/lazy-import.js");
+const authorization_policy_source_factory_js_1 = require("./authorization-policy-source-factory.js");
+let localFileModulePromise = null;
+async function getLocalFileModule() {
+    if (!localFileModulePromise) {
+        localFileModulePromise = (0, lazy_import_js_1.safeImport)(() => Promise.resolve().then(() => __importStar(require('./local-file-authorization-policy-source.js'))), 'local-file-authorization-policy-source');
+    }
+    return localFileModulePromise;
+}
+function normalizeConfig(config) {
+    if (!config) {
+        throw new Error('LocalFileAuthorizationPolicySourceFactory requires a configuration with a path');
+    }
+    const candidate = config;
+    const path = candidate.path;
+    if (typeof path !== 'string' || path.trim().length === 0) {
+        throw new Error('LocalFileAuthorizationPolicySourceConfig requires a non-empty path');
+    }
+    const format = candidate.format;
+    if (format !== undefined && !['yaml', 'json', 'auto'].includes(format)) {
+        throw new Error(`Invalid format "${String(format)}". Must be "yaml", "json", or "auto"`);
+    }
+    const policyFactory = candidate.policyFactory;
+    return {
+        path: path.trim(),
+        format: format ?? 'auto',
+        policyFactory,
+    };
+}
+/**
+ * Factory metadata for registration.
+ */
+exports.FACTORY_META = {
+    base: authorization_policy_source_factory_js_1.AUTHORIZATION_POLICY_SOURCE_FACTORY_BASE_TYPE,
+    key: 'LocalFileAuthorizationPolicySource',
+};
+/**
+ * Factory for creating LocalFileAuthorizationPolicySource instances.
+ *
+ * This factory uses lazy loading to avoid pulling in Node.js-specific
+ * code (filesystem operations) in browser environments.
+ */
+class LocalFileAuthorizationPolicySourceFactory extends authorization_policy_source_factory_js_1.AuthorizationPolicySourceFactory {
+    constructor() {
+        super(...arguments);
+        this.type = 'LocalFileAuthorizationPolicySource';
+    }
+    /**
+     * Creates a LocalFileAuthorizationPolicySource from the given configuration.
+     *
+     * @param config - Configuration specifying the policy file path and options
+     * @returns The created policy source
+     */
+    async create(config) {
+        const normalized = normalizeConfig(config);
+        const { LocalFileAuthorizationPolicySource } = await getLocalFileModule();
+        return new LocalFileAuthorizationPolicySource({
+            path: normalized.path,
+            format: normalized.format,
+            policyFactory: normalized.policyFactory,
+        });
+    }
+}
+exports.LocalFileAuthorizationPolicySourceFactory = LocalFileAuthorizationPolicySourceFactory;
+exports.default = LocalFileAuthorizationPolicySourceFactory;

package/dist/cjs/naylence/fame/security/auth/policy/local-file-authorization-policy-source.js

@@ -0,0 +1,164 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LocalFileAuthorizationPolicySource = void 0;
+const yaml_1 = require("yaml");
+const logging_js_1 = require("../../../util/logging.js");
+const authorization_policy_factory_js_1 = require("./authorization-policy-factory.js");
+const logger = (0, logging_js_1.getLogger)('naylence.fame.security.auth.policy.local_file_authorization_policy_source');
+function isPlainObject(value) {
+    return Boolean(value) && typeof value === 'object' && !Array.isArray(value);
+}
+function parseJson(content) {
+    const parsed = JSON.parse(content);
+    if (!isPlainObject(parsed)) {
+        throw new Error('Parsed JSON policy must be an object');
+    }
+    return parsed;
+}
+function parseYamlContent(content) {
+    const parsed = (0, yaml_1.parse)(content ?? '');
+    if (parsed == null) {
+        return {};
+    }
+    if (!isPlainObject(parsed)) {
+        throw new Error('Parsed YAML policy must be an object');
+    }
+    return parsed;
+}
+function detectFormat(filePath) {
+    const lower = filePath.toLowerCase();
+    if (lower.endsWith('.yaml') || lower.endsWith('.yml')) {
+        return 'yaml';
+    }
+    if (lower.endsWith('.json')) {
+        return 'json';
+    }
+    // Default to YAML for unknown extensions
+    return 'yaml';
+}
+/**
+ * An authorization policy source that loads policy definitions from a local file.
+ *
+ * Supports YAML and JSON formats. The file must contain a valid policy
+ * configuration object that can be used to create an AuthorizationPolicy
+ * via the factory system.
+ *
+ * This is a Node.js-only implementation that uses the filesystem.
+ */
+class LocalFileAuthorizationPolicySource {
+    constructor(options) {
+        this.cachedPolicy = null;
+        this.path = options.path;
+        this.format = options.format ?? 'auto';
+        this.policyFactoryConfig = options.policyFactory;
+    }
+    /**
+     * Loads the authorization policy from the configured file.
+     *
+     * The file is read and parsed according to the configured format.
+     * The parsed content is then used to create an AuthorizationPolicy
+     * via the factory system.
+     *
+     * @returns The loaded authorization policy
+     */
+    async loadPolicy() {
+        // Return cached policy if available
+        if (this.cachedPolicy) {
+            return this.cachedPolicy;
+        }
+        logger.debug('loading_policy_from_file', { path: this.path });
+        // Dynamic import of fs for Node.js
+        const fs = await Promise.resolve().then(() => __importStar(require('node:fs/promises')));
+        // Read the file
+        const content = await fs.readFile(this.path, 'utf-8');
+        // Determine format
+        const effectiveFormat = this.format === 'auto' ? detectFormat(this.path) : this.format;
+        // Parse the content
+        let policyDefinition;
+        if (effectiveFormat === 'json') {
+            policyDefinition = parseJson(content);
+        }
+        else {
+            policyDefinition = parseYamlContent(content);
+        }
+        logger.debug('parsed_policy_definition', {
+            path: this.path,
+            format: effectiveFormat,
+            hasType: 'type' in policyDefinition,
+        });
+        // Determine the factory configuration to use
+        const factoryConfig = this.policyFactoryConfig ?? policyDefinition;
+        // Ensure we have a type field for the factory
+        if (!('type' in factoryConfig) || typeof factoryConfig.type !== 'string') {
+            throw new Error(`Policy definition at ${this.path} must have a 'type' field, ` +
+                `or policyFactory config must be provided`);
+        }
+        // Build the factory config with the policy definition
+        // The file content IS the policy definition, so we extract the type
+        // and wrap the remaining content as the policyDefinition
+        const { type, ...restOfFile } = policyDefinition;
+        const mergedConfig = this.policyFactoryConfig != null
+            ? { ...this.policyFactoryConfig, policyDefinition }
+            : { type: factoryConfig.type, policyDefinition: restOfFile };
+        // Create the policy using the factory system
+        const policy = await authorization_policy_factory_js_1.AuthorizationPolicyFactory.createAuthorizationPolicy(mergedConfig);
+        if (!policy) {
+            throw new Error(`Failed to create authorization policy from ${this.path}`);
+        }
+        this.cachedPolicy = policy;
+        logger.info('loaded_policy_from_file', {
+            path: this.path,
+            policyType: factoryConfig.type,
+        });
+        return policy;
+    }
+    /**
+     * Clears the cached policy, forcing a reload on the next loadPolicy() call.
+     */
+    clearCache() {
+        this.cachedPolicy = null;
+    }
+    /**
+     * Reloads the policy from the file, clearing any cached version.
+     *
+     * @returns The reloaded authorization policy
+     */
+    async reloadPolicy() {
+        this.clearCache();
+        return this.loadPolicy();
+    }
+}
+exports.LocalFileAuthorizationPolicySource = LocalFileAuthorizationPolicySource;

package/dist/cjs/naylence/fame/security/auth/policy/pattern-matcher.js

@@ -0,0 +1,195 @@
+"use strict";
+/**
+ * Pattern matching utilities for authorization policies.
+ *
+ * Supports:
+ * - Glob patterns: `*` (single segment), `**` (any depth), `?` (single char)
+ * - Regex patterns: patterns starting with `^` (for advanced/BSL use only)
+ *
+ * The OSS/basic policy uses glob-only matching via `compileGlobPattern()`.
+ * The advanced/BSL policy may use `compilePattern()` which interprets `^` as regex.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isRegexPattern = isRegexPattern;
+exports.assertNotRegexPattern = assertNotRegexPattern;
+exports.compilePattern = compilePattern;
+exports.compileGlobPattern = compileGlobPattern;
+exports.getCompiledPattern = getCompiledPattern;
+exports.getCompiledGlobPattern = getCompiledGlobPattern;
+exports.matchPattern = matchPattern;
+exports.clearPatternCache = clearPatternCache;
+/**
+ * Checks if a pattern string is a regex pattern.
+ * Regex patterns start with `^`.
+ */
+function isRegexPattern(pattern) {
+    return pattern.startsWith('^');
+}
+/**
+ * Asserts that a pattern is not a regex pattern.
+ * Throws an error if the pattern starts with `^`.
+ *
+ * Use this in OSS/basic policy to reject regex patterns.
+ *
+ * @param pattern - The pattern to check
+ * @param context - Optional context for the error message (e.g., "address", "scope")
+ * @throws Error if the pattern is a regex pattern
+ */
+function assertNotRegexPattern(pattern, context) {
+    if (pattern.startsWith('^')) {
+        const contextStr = context ? ` in ${context}` : '';
+        throw new Error(`Regex patterns are not supported${contextStr} in OSS/basic policy. ` +
+            `Pattern "${pattern}" starts with '^'. Use glob patterns instead.`);
+    }
+}
+/**
+ * Escapes special regex characters in a string.
+ */
+function escapeRegex(str) {
+    return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+/**
+ * Converts a glob pattern to a regex pattern.
+ *
+ * Glob syntax:
+ * - `*` matches a single segment (no dots)
+ * - `**` matches any number of segments (including zero)
+ * - Other characters are matched literally
+ *
+ * @param glob - The glob pattern to convert
+ * @returns A regex pattern string (without anchors)
+ */
+function globToRegex(glob) {
+    const parts = [];
+    let i = 0;
+    while (i < glob.length) {
+        if (glob[i] === '*') {
+            if (glob[i + 1] === '*') {
+                // `**` matches any characters (including dots)
+                parts.push('.*');
+                i += 2;
+            }
+            else {
+                // `*` matches any characters except dots (single segment)
+                parts.push('[^.]*');
+                i += 1;
+            }
+        }
+        else if (glob[i] === '?') {
+            // `?` matches a single character (not a dot)
+            parts.push('[^.]');
+            i += 1;
+        }
+        else {
+            // Escape and add literal character
+            parts.push(escapeRegex(glob[i]));
+            i += 1;
+        }
+    }
+    return parts.join('');
+}
+/**
+ * Compiles a pattern string into an efficient matcher.
+ *
+ * @param pattern - Glob pattern or regex (starting with `^`)
+ * @returns A compiled pattern object
+ * @throws Error if the regex pattern is invalid
+ */
+function compilePattern(pattern) {
+    if (isRegexPattern(pattern)) {
+        // Regex pattern - compile directly
+        const regex = new RegExp(pattern);
+        return {
+            source: pattern,
+            isRegex: true,
+            match: (value) => regex.test(value),
+        };
+    }
+    // Glob pattern - convert to regex with anchors
+    const regexStr = `^${globToRegex(pattern)}$`;
+    const regex = new RegExp(regexStr);
+    return {
+        source: pattern,
+        isRegex: false,
+        match: (value) => regex.test(value),
+    };
+}
+/**
+ * Compiles a pattern string as a glob pattern only (no regex interpretation).
+ *
+ * This is the preferred method for OSS/basic policy evaluation.
+ * Patterns starting with `^` are rejected with an error.
+ *
+ * @param pattern - Glob pattern (regex patterns rejected)
+ * @param context - Optional context for error messages
+ * @returns A compiled pattern object
+ * @throws Error if pattern starts with `^` (regex attempt)
+ */
+function compileGlobPattern(pattern, context) {
+    // Reject regex patterns in OSS/basic policy
+    assertNotRegexPattern(pattern, context);
+    // Convert glob to regex with anchors
+    const regexStr = `^${globToRegex(pattern)}$`;
+    const regex = new RegExp(regexStr);
+    return {
+        source: pattern,
+        isRegex: false,
+        match: (value) => regex.test(value),
+    };
+}
+/**
+ * Cache for compiled patterns to avoid recompilation.
+ */
+const patternCache = new Map();
+/**
+ * Cache for glob-only compiled patterns.
+ */
+const globPatternCache = new Map();
+/**
+ * Gets or compiles a pattern, with caching.
+ *
+ * @param pattern - Glob pattern or regex
+ * @returns A compiled pattern object
+ */
+function getCompiledPattern(pattern) {
+    let compiled = patternCache.get(pattern);
+    if (!compiled) {
+        compiled = compilePattern(pattern);
+        patternCache.set(pattern, compiled);
+    }
+    return compiled;
+}
+/**
+ * Gets or compiles a glob-only pattern, with caching.
+ *
+ * This is the preferred method for OSS/basic policy evaluation.
+ * Patterns are always treated as globs, never regex.
+ *
+ * @param pattern - Glob pattern (never interpreted as regex)
+ * @returns A compiled pattern object
+ */
+function getCompiledGlobPattern(pattern) {
+    let compiled = globPatternCache.get(pattern);
+    if (!compiled) {
+        compiled = compileGlobPattern(pattern);
+        globPatternCache.set(pattern, compiled);
+    }
+    return compiled;
+}
+/**
+ * Matches a value against a pattern string.
+ *
+ * @param pattern - Glob pattern or regex (starting with `^`)
+ * @param value - The value to match
+ * @returns True if the value matches the pattern
+ */
+function matchPattern(pattern, value) {
+    return getCompiledPattern(pattern).match(value);
+}
+/**
+ * Clears the pattern cache.
+ * Useful for testing or when memory is a concern.
+ */
+function clearPatternCache() {
+    patternCache.clear();
+}

package/dist/cjs/naylence/fame/security/auth/policy/scope-matcher.js

@@ -0,0 +1,169 @@
+"use strict";
+/**
+ * Scope matching utilities for authorization policies.
+ *
+ * Supports:
+ * - Simple string patterns (glob only in OSS/basic policy)
+ * - Logical operators: any_of, all_of, none_of
+ * - Recursive nesting with depth limits
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.normalizeScopeRequirement = normalizeScopeRequirement;
+exports.evaluateNormalizedScopeRequirement = evaluateNormalizedScopeRequirement;
+exports.evaluateScopeRequirement = evaluateScopeRequirement;
+exports.compileScopeRequirement = compileScopeRequirement;
+exports.compileGlobOnlyScopeRequirement = compileGlobOnlyScopeRequirement;
+const authorization_policy_definition_js_1 = require("./authorization-policy-definition.js");
+const pattern_matcher_js_1 = require("./pattern-matcher.js");
+/**
+ * Checks if any of the granted scopes match the given pattern.
+ */
+function anyScopeMatchesPattern(grantedScopes, pattern) {
+    return grantedScopes.some((scope) => (0, pattern_matcher_js_1.matchPattern)(pattern, scope));
+}
+/**
+ * Normalizes a scope requirement into a typed structure.
+ *
+ * @param requirement - The scope requirement to normalize
+ * @param depth - Current nesting depth (for recursion limit)
+ * @returns Normalized scope requirement
+ * @throws Error if nesting exceeds maximum depth
+ */
+function normalizeScopeRequirement(requirement, depth = 0) {
+    if (depth > authorization_policy_definition_js_1.MAX_SCOPE_NESTING_DEPTH) {
+        throw new Error(`Scope requirement nesting exceeds maximum depth of ${authorization_policy_definition_js_1.MAX_SCOPE_NESTING_DEPTH}`);
+    }
+    // Simple string pattern
+    if (typeof requirement === 'string') {
+        return { type: 'pattern', pattern: requirement };
+    }
+    // Object with logical operator
+    if (typeof requirement !== 'object' || requirement === null) {
+        throw new Error(`Invalid scope requirement: ${String(requirement)}`);
+    }
+    const keys = Object.keys(requirement);
+    if (keys.length !== 1) {
+        throw new Error(`Scope requirement object must have exactly one key (any_of, all_of, or none_of), got: ${keys.join(', ')}`);
+    }
+    const key = keys[0];
+    const value = requirement[key];
+    if (!Array.isArray(value)) {
+        throw new Error(`Scope requirement "${key}" must have an array value, got: ${typeof value}`);
+    }
+    const nested = value.map((item) => normalizeScopeRequirement(item, depth + 1));
+    switch (key) {
+        case 'any_of':
+            return { type: 'any_of', requirements: nested };
+        case 'all_of':
+            return { type: 'all_of', requirements: nested };
+        case 'none_of':
+            return { type: 'none_of', requirements: nested };
+        default:
+            throw new Error(`Unknown scope requirement operator: "${key}". Expected any_of, all_of, or none_of`);
+    }
+}
+/**
+ * Evaluates a normalized scope requirement against granted scopes.
+ *
+ * @param requirement - The normalized scope requirement
+ * @param grantedScopes - The scopes granted to the principal
+ * @returns True if the requirement is satisfied
+ */
+function evaluateNormalizedScopeRequirement(requirement, grantedScopes) {
+    switch (requirement.type) {
+        case 'pattern':
+            return anyScopeMatchesPattern(grantedScopes, requirement.pattern);
+        case 'any_of':
+            return requirement.requirements.some((req) => evaluateNormalizedScopeRequirement(req, grantedScopes));
+        case 'all_of':
+            return requirement.requirements.every((req) => evaluateNormalizedScopeRequirement(req, grantedScopes));
+        case 'none_of':
+            return !requirement.requirements.some((req) => evaluateNormalizedScopeRequirement(req, grantedScopes));
+        default:
+            // Exhaustive check
+            throw new Error(`Unknown scope requirement type: ${requirement.type}`);
+    }
+}
+/**
+ * Evaluates a scope requirement against granted scopes.
+ *
+ * This is the main entry point for scope matching.
+ *
+ * @param requirement - The scope requirement (string or object)
+ * @param grantedScopes - The scopes granted to the principal
+ * @returns True if the requirement is satisfied
+ */
+function evaluateScopeRequirement(requirement, grantedScopes) {
+    const normalized = normalizeScopeRequirement(requirement);
+    return evaluateNormalizedScopeRequirement(normalized, grantedScopes);
+}
+/**
+ * Pre-compiles a scope requirement for efficient repeated evaluation.
+ *
+ * @param requirement - The scope requirement to compile
+ * @returns A function that evaluates the requirement against granted scopes
+ */
+function compileScopeRequirement(requirement) {
+    const normalized = normalizeScopeRequirement(requirement);
+    return (grantedScopes) => evaluateNormalizedScopeRequirement(normalized, grantedScopes);
+}
+/**
+ * Pre-compiles a scope requirement for OSS/basic policy (glob-only, no regex).
+ *
+ * This version rejects patterns starting with `^` at compile time.
+ *
+ * @param requirement - The scope requirement to compile
+ * @param ruleId - Rule ID for error messages
+ * @returns A compiled scope requirement
+ * @throws Error if any pattern starts with `^` (regex attempt)
+ */
+function compileGlobOnlyScopeRequirement(requirement, ruleId) {
+    const context = `scope in rule "${ruleId}"`;
+    // Compile the requirement, pre-compiling all patterns as globs
+    const compiled = compileGlobOnlyNormalized(normalizeScopeRequirement(requirement), context);
+    return {
+        evaluate: (grantedScopes) => evaluateCompiledScope(compiled, grantedScopes),
+    };
+}
+/**
+ * Compiles a normalized scope requirement into efficient matchers (glob-only).
+ */
+function compileGlobOnlyNormalized(requirement, context) {
+    switch (requirement.type) {
+        case 'pattern':
+            return {
+                type: 'pattern',
+                matcher: (0, pattern_matcher_js_1.compileGlobPattern)(requirement.pattern, context),
+            };
+        case 'any_of':
+            return {
+                type: 'any_of',
+                requirements: requirement.requirements.map((r) => compileGlobOnlyNormalized(r, context)),
+            };
+        case 'all_of':
+            return {
+                type: 'all_of',
+                requirements: requirement.requirements.map((r) => compileGlobOnlyNormalized(r, context)),
+            };
+        case 'none_of':
+            return {
+                type: 'none_of',
+                requirements: requirement.requirements.map((r) => compileGlobOnlyNormalized(r, context)),
+            };
+    }
+}
+/**
+ * Evaluates a compiled scope node against granted scopes.
+ */
+function evaluateCompiledScope(node, grantedScopes) {
+    switch (node.type) {
+        case 'pattern':
+            return grantedScopes.some((scope) => node.matcher.match(scope));
+        case 'any_of':
+            return node.requirements.some((r) => evaluateCompiledScope(r, grantedScopes));
+        case 'all_of':
+            return node.requirements.every((r) => evaluateCompiledScope(r, grantedScopes));
+        case 'none_of':
+            return !node.requirements.some((r) => evaluateCompiledScope(r, grantedScopes));
+    }
+}

package/dist/cjs/naylence/fame/security/auth/policy-authorizer.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });