@nicomatt69/streamtty 0.0.1

package/dist/security/chunk-processor.js

@@ -0,0 +1,297 @@
+"use strict";
+/**
+ * Inline security validation and sanitization for streaming chunks
+ * Handles all 10 edge cases for robust streaming
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isEmptyChunk = isEmptyChunk;
+exports.handleLargeChunk = handleLargeChunk;
+exports.normalizeLineEndings = normalizeLineEndings;
+exports.decodeHtmlEntities = decodeHtmlEntities;
+exports.normalizeUnicode = normalizeUnicode;
+exports.validateUTF8 = validateUTF8;
+exports.stripDangerousAnsiCodes = stripDangerousAnsiCodes;
+exports.stripControlChars = stripControlChars;
+exports.stripNullBytes = stripNullBytes;
+exports.validateNestingDepth = validateNestingDepth;
+exports.validateChunk = validateChunk;
+exports.sanitizeChunk = sanitizeChunk;
+exports.processChunk = processChunk;
+exports.detectSuspiciousPatterns = detectSuspiciousPatterns;
+/**
+ * Edge Case 1: Validate empty chunks
+ */
+function isEmptyChunk(chunk) {
+    return !chunk || chunk.trim().length === 0;
+}
+/**
+ * Edge Case 2: Handle very large chunks (> 50KB)
+ */
+function handleLargeChunk(chunk, maxSize = 50 * 1024) {
+    const byteLength = Buffer.byteLength(chunk, 'utf-8');
+    if (byteLength > maxSize) {
+        // Split at line boundary to preserve structure
+        const lines = chunk.split('\n');
+        let result = '';
+        let currentSize = 0;
+        for (const line of lines) {
+            const lineSize = Buffer.byteLength(line + '\n', 'utf-8');
+            if (currentSize + lineSize > maxSize) {
+                break;
+            }
+            result += line + '\n';
+            currentSize += lineSize;
+        }
+        return result || chunk.substring(0, maxSize);
+    }
+    return chunk;
+}
+/**
+ * Edge Case 3: Normalize mixed line endings
+ * Handles \r\n, \r, and \n
+ */
+function normalizeLineEndings(chunk) {
+    return chunk
+        .replace(/\r\n/g, '\n') // Windows to Unix
+        .replace(/\r/g, '\n'); // Old Mac to Unix
+}
+/**
+ * Edge Case 4: Decode HTML entities comprehensively
+ */
+function decodeHtmlEntities(chunk) {
+    let result = chunk;
+    // Named entities
+    const entities = {
+        '&': '&',
+        '&lt;': '<',
+        '&gt;': '>',
+        '&quot;': '"',
+        '&#39;': "'",
+        '&apos;': "'",
+        '&nbsp;': ' ',
+        '&copy;': '©',
+        '&reg;': '®',
+        '&deg;': '°',
+    };
+    Object.entries(entities).forEach(([entity, char]) => {
+        result = result.replace(new RegExp(entity, 'g'), char);
+    });
+    // Decimal entities: &#123;
+    result = result.replace(/&#(\d+);/g, (match, num) => {
+        try {
+            return String.fromCharCode(parseInt(num, 10));
+        }
+        catch {
+            return match;
+        }
+    });
+    // Hex entities: &#x1A;
+    result = result.replace(/&#x([a-fA-F0-9]+);/g, (match, hex) => {
+        try {
+            return String.fromCharCode(parseInt(hex, 16));
+        }
+        catch {
+            return match;
+        }
+    });
+    return result;
+}
+/**
+ * Edge Case 5: Unicode normalization NFC
+ */
+function normalizeUnicode(chunk) {
+    try {
+        return chunk.normalize('NFC');
+    }
+    catch {
+        // If normalization fails, return as-is
+        return chunk;
+    }
+}
+/**
+ * Edge Case 6: Validate UTF-8 encoding
+ */
+function validateUTF8(chunk) {
+    try {
+        // Try to encode and decode - this validates UTF-8
+        const encoded = Buffer.from(chunk, 'utf-8');
+        const decoded = encoded.toString('utf-8');
+        // Check for replacement characters (indicates invalid UTF-8)
+        if (decoded.includes('�')) {
+            return { valid: false, error: 'Invalid UTF-8 sequences detected' };
+        }
+        return { valid: true };
+    }
+    catch (error) {
+        return {
+            valid: false,
+            error: error instanceof Error ? error.message : 'UTF-8 validation failed',
+        };
+    }
+}
+/**
+ * Edge Case 7: Strip dangerous ANSI escape sequences
+ * Keep safe ones for terminal colors
+ */
+function stripDangerousAnsiCodes(chunk) {
+    // Dangerous patterns: cursor movement, clear screen, title setting
+    return chunk
+        // Clear screen / clear line
+        .replace(/\x1b\[2J/g, '')
+        .replace(/\x1b\[K/g, '')
+        // Cursor movement (ESC[H, ESC[A, ESC[B, etc)
+        .replace(/\x1b\[\d+[ABCDEFf]/g, '')
+        // Save/restore cursor
+        .replace(/\x1b\[s/g, '')
+        .replace(/\x1b\[u/g, '')
+        // Set title
+        .replace(/\x1b\][0-2];[^\x1b]*(?:\x1b\\|BEL)/g, '')
+        // Other dangerous sequences
+        .replace(/\x1b\(B/g, '')
+        .replace(/\x1b\)0/g, '');
+    // But KEEP color codes like \x1b[31m
+}
+/**
+ * Edge Case 8: Remove control characters (but keep safe ones)
+ */
+function stripControlChars(chunk) {
+    // Keep common safe ones: \n, \t, \r (normalized earlier)
+    return chunk
+        .split('')
+        .filter(char => {
+        const code = char.charCodeAt(0);
+        // Allow: tab (9), newline (10), carriage return (13)
+        // Disallow: other control chars (0-8, 11-12, 14-31)
+        if (code === 9 || code === 10 || code === 13)
+            return true;
+        // Allow normal characters (32+)
+        if (code >= 32)
+            return true;
+        // Allow high unicode (127+)
+        if (code >= 127)
+            return true;
+        return false;
+    })
+        .join('');
+}
+/**
+ * Edge Case 9: Remove null bytes
+ */
+function stripNullBytes(chunk) {
+    return chunk.replace(/\0/g, '');
+}
+/**
+ * Edge Case 10: Validate bracket/brace nesting depth
+ * Prevents stack overflow attacks
+ */
+function validateNestingDepth(chunk, maxDepth = 100) {
+    let depth = 0;
+    let maxReached = 0;
+    for (const char of chunk) {
+        if (char === '[' || char === '(' || char === '{') {
+            depth++;
+            maxReached = Math.max(maxReached, depth);
+        }
+        else if (char === ']' || char === ')' || char === '}') {
+            depth = Math.max(0, depth - 1);
+        }
+    }
+    return {
+        valid: maxReached <= maxDepth,
+        depth: maxReached,
+    };
+}
+/**
+ * Comprehensive chunk validation
+ */
+function validateChunk(chunk) {
+    // Check 1: Empty
+    if (isEmptyChunk(chunk)) {
+        return { valid: false, error: 'Empty chunk' };
+    }
+    // Check 2: UTF-8 validity
+    const utf8Check = validateUTF8(chunk);
+    if (!utf8Check.valid) {
+        return { valid: false, error: utf8Check.error };
+    }
+    // Check 3: Nesting depth
+    const nestingCheck = validateNestingDepth(chunk);
+    if (!nestingCheck.valid) {
+        return { valid: false, error: `Nesting depth too deep: ${nestingCheck.depth}` };
+    }
+    return { valid: true };
+}
+/**
+ * Comprehensive chunk sanitization (handles all edge cases)
+ */
+function sanitizeChunk(chunk, options = {}) {
+    const { mode = 'balanced', maxBufferSize = 1024 * 100, // 100KB
+    stripControlChars: strip = true, stripDangerousAnsi: stripAnsi = true, } = options;
+    let result = chunk;
+    // 1. Handle large chunks
+    result = handleLargeChunk(result, maxBufferSize);
+    // 2. Normalize line endings
+    result = normalizeLineEndings(result);
+    // 3. Decode HTML entities
+    if (mode !== 'strict') {
+        result = decodeHtmlEntities(result);
+    }
+    // 4. Normalize unicode
+    result = normalizeUnicode(result);
+    // 5. Strip dangerous ANSI codes
+    if (stripAnsi) {
+        result = stripDangerousAnsiCodes(result);
+    }
+    // 6. Strip control characters
+    if (strip) {
+        result = stripControlChars(result);
+    }
+    // 7. Remove null bytes
+    result = stripNullBytes(result);
+    // 8. Remove trailing/leading whitespace (but preserve indentation)
+    if (mode === 'strict') {
+        result = result.trim();
+    }
+    return result;
+}
+/**
+ * Full validation + sanitization pipeline
+ */
+function processChunk(chunk, options = {}) {
+    // Validate
+    const validation = validateChunk(chunk);
+    if (!validation.valid) {
+        return validation;
+    }
+    // Sanitize
+    const sanitized = sanitizeChunk(chunk, options);
+    return {
+        valid: true,
+        sanitized,
+    };
+}
+/**
+ * Detect suspicious patterns
+ */
+function detectSuspiciousPatterns(chunk) {
+    const warnings = [];
+    // Check for potential XSS
+    if (/<script|javascript:/i.test(chunk)) {
+        warnings.push('Potential XSS detected');
+    }
+    // Check for path traversal
+    if (/\.\.\//g.test(chunk)) {
+        warnings.push('Path traversal detected');
+    }
+    // Check for SQL injection patterns
+    if (/('|").*--.*/i.test(chunk)) {
+        warnings.push('SQL injection pattern detected');
+    }
+    // Check for excessive special chars
+    const specialCharCount = (chunk.match(/[!@#$%^&*()_+=\[\]{};:'"<>,.?/]/g) || []).length;
+    if (specialCharCount > chunk.length * 0.3) {
+        warnings.push('Unusual character density');
+    }
+    return warnings;
+}
+//# sourceMappingURL=chunk-processor.js.map

package/dist/security/chunk-processor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"chunk-processor.js","sourceRoot":"","sources":["../../src/security/chunk-processor.ts"],"names":[],"mappings":";AAAA;;;GAGG;;AAkBH,oCAEC;AAKD,4CAsBC;AAMD,oDAIC;AAKD,gDAwCC;AAKD,4CAOC;AAKD,oCAkBC;AAMD,0DAiBC;AAKD,8CAgBC;AAKD,wCAEC;AAMD,oDAiBC;AAKD,sCAmBC;AAKD,sCA8CC;AAKD,oCAiBC;AAKD,4DAyBC;AAnUD;;GAEG;AACH,SAAgB,YAAY,CAAC,KAAa;IACxC,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,CAAA;AAC5C,CAAC;AAED;;GAEG;AACH,SAAgB,gBAAgB,CAAC,KAAa,EAAE,UAAkB,EAAE,GAAG,IAAI;IACzE,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;IAEpD,IAAI,UAAU,GAAG,OAAO,EAAE,CAAC;QACzB,+CAA+C;QAC/C,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QAC/B,IAAI,MAAM,GAAG,EAAE,CAAA;QACf,IAAI,WAAW,GAAG,CAAC,CAAA;QAEnB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,IAAI,GAAG,IAAI,EAAE,OAAO,CAAC,CAAA;YACxD,IAAI,WAAW,GAAG,QAAQ,GAAG,OAAO,EAAE,CAAC;gBACrC,MAAK;YACP,CAAC;YACD,MAAM,IAAI,IAAI,GAAG,IAAI,CAAA;YACrB,WAAW,IAAI,QAAQ,CAAA;QACzB,CAAC;QAED,OAAO,MAAM,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,OAAO,CAAC,CAAA;IAC9C,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;;GAGG;AACH,SAAgB,oBAAoB,CAAC,KAAa;IAChD,OAAO,KAAK;SACT,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,kBAAkB;SACzC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA,CAAC,kBAAkB;AAC5C,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,KAAa;IAC9C,IAAI,MAAM,GAAG,KAAK,CAAA;IAElB,iBAAiB;IACjB,MAAM,QAAQ,GAA2B;QACvC,OAAO,EAAE,GAAG;QACZ,MAAM,EAAE,GAAG;QACX,MAAM,EAAE,GAAG;QACX,QAAQ,EAAE,GAAG;QACb,OAAO,EAAE,GAAG;QACZ,QAAQ,EAAE,GAAG;QACb,QAAQ,EAAE,GAAG;QACb,QAAQ,EAAE,GAAG;QACb,OAAO,EAAE,GAAG;QACZ,OAAO,EAAE,GAAG;KACb,CAAA;IAED,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE;QAClD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,CAAA;IACxD,CAAC,CAAC,CAAA;IAEF,2BAA2B;IAC3B,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QAClD,IAAI,CAAC;YACH,OAAO,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAA;QAC/C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,uBAAuB;IACvB,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,qBAAqB,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QAC5D,IAAI,CAAC;YACH,OAAO,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAA;QAC/C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;GAEG;AACH,SAAgB,gBAAgB,CAAC,KAAa;IAC5C,IAAI,CAAC;QACH,OAAO,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,uCAAuC;QACvC,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAgB,YAAY,CAAC,KAAa;IACxC,IAAI,CAAC;QACH,kDAAkD;QAClD,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QAC3C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;QAEzC,6DAA6D;QAC7D,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,kCAAkC,EAAE,CAAA;QACpE,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAA;IACxB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,yBAAyB;SAC1E,CAAA;IACH,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAgB,uBAAuB,CAAC,KAAa;IACnD,mEAAmE;IACnE,OAAO,KAAK;QACV,4BAA4B;SAC3B,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC;SACxB,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC;QACxB,6CAA6C;SAC5C,OAAO,CAAC,qBAAqB,EAAE,EAAE,CAAC;QACnC,sBAAsB;SACrB,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC;SACvB,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC;QACxB,YAAY;SACX,OAAO,CAAC,qCAAqC,EAAE,EAAE,CAAC;QACnD,4BAA4B;SAC3B,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC;SACvB,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAA;IACxB,qCAAqC;AACzC,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB,CAAC,KAAa;IAC7C,yDAAyD;IACzD,OAAO,KAAK;SACT,KAAK,CAAC,EAAE,CAAC;SACT,MAAM,CAAC,IAAI,CAAC,EAAE;QACb,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;QAC/B,qDAAqD;QACrD,oDAAoD;QACpD,IAAI,IAAI,KAAK,CAAC,IAAI,IAAI,KAAK,EAAE,IAAI,IAAI,KAAK,EAAE;YAAE,OAAO,IAAI,CAAA;QACzD,gCAAgC;QAChC,IAAI,IAAI,IAAI,EAAE;YAAE,OAAO,IAAI,CAAA;QAC3B,4BAA4B;QAC5B,IAAI,IAAI,IAAI,GAAG;YAAE,OAAO,IAAI,CAAA;QAC5B,OAAO,KAAK,CAAA;IACd,CAAC,CAAC;SACD,IAAI,CAAC,EAAE,CAAC,CAAA;AACb,CAAC;AAED;;GAEG;AACH,SAAgB,cAAc,CAAC,KAAa;IAC1C,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;AACjC,CAAC;AAED;;;GAGG;AACH,SAAgB,oBAAoB,CAAC,KAAa,EAAE,WAAmB,GAAG;IACxE,IAAI,KAAK,GAAG,CAAC,CAAA;IACb,IAAI,UAAU,GAAG,CAAC,CAAA;IAElB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;YACjD,KAAK,EAAE,CAAA;YACP,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,CAAC,CAAA;QAC1C,CAAC;aAAM,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;YACxD,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAA;QAChC,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,UAAU,IAAI,QAAQ;QAC7B,KAAK,EAAE,UAAU;KAClB,CAAA;AACH,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa,CAAC,KAAa;IACzC,iBAAiB;IACjB,IAAI,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,CAAA;IAC/C,CAAC;IAED,0BAA0B;IAC1B,MAAM,SAAS,GAAG,YAAY,CAAC,KAAK,CAAC,CAAA;IACrC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACrB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,CAAC,KAAK,EAAE,CAAA;IACjD,CAAC;IAED,yBAAyB;IACzB,MAAM,YAAY,GAAG,oBAAoB,CAAC,KAAK,CAAC,CAAA;IAChD,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;QACxB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,2BAA2B,YAAY,CAAC,KAAK,EAAE,EAAE,CAAA;IACjF,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAA;AACxB,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa,CAC3B,KAAa,EACb,UAA+B,EAAE;IAEjC,MAAM,EACJ,IAAI,GAAG,UAAU,EACjB,aAAa,GAAG,IAAI,GAAG,GAAG,EAAE,QAAQ;IACpC,iBAAiB,EAAE,KAAK,GAAG,IAAI,EAC/B,kBAAkB,EAAE,SAAS,GAAG,IAAI,GACrC,GAAG,OAAO,CAAA;IAEX,IAAI,MAAM,GAAG,KAAK,CAAA;IAElB,yBAAyB;IACzB,MAAM,GAAG,gBAAgB,CAAC,MAAM,EAAE,aAAa,CAAC,CAAA;IAEhD,4BAA4B;IAC5B,MAAM,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAA;IAErC,0BAA0B;IAC1B,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtB,MAAM,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAA;IACrC,CAAC;IAED,uBAAuB;IACvB,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAA;IAEjC,gCAAgC;IAChC,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAA;IAC1C,CAAC;IAED,8BAA8B;IAC9B,IAAI,KAAK,EAAE,CAAC;QACV,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAA;IACpC,CAAC;IAED,uBAAuB;IACvB,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC,CAAA;IAE/B,mEAAmE;IACnE,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtB,MAAM,GAAG,MAAM,CAAC,IAAI,EAAE,CAAA;IACxB,CAAC;IAED,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;GAEG;AACH,SAAgB,YAAY,CAC1B,KAAa,EACb,UAA+B,EAAE;IAEjC,WAAW;IACX,MAAM,UAAU,GAAG,aAAa,CAAC,KAAK,CAAC,CAAA;IACvC,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QACtB,OAAO,UAAU,CAAA;IACnB,CAAC;IAED,WAAW;IACX,MAAM,SAAS,GAAG,aAAa,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;IAE/C,OAAO;QACL,KAAK,EAAE,IAAI;QACX,SAAS;KACV,CAAA;AACH,CAAC;AAED;;GAEG;AACH,SAAgB,wBAAwB,CAAC,KAAa;IACpD,MAAM,QAAQ,GAAa,EAAE,CAAA;IAE7B,0BAA0B;IAC1B,IAAI,sBAAsB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QACvC,QAAQ,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAA;IACzC,CAAC;IAED,2BAA2B;IAC3B,IAAI,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAA;IAC1C,CAAC;IAED,mCAAmC;IACnC,IAAI,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAA;IACjD,CAAC;IAED,oCAAoC;IACpC,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,kCAAkC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAA;IACvF,IAAI,gBAAgB,GAAG,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QAC1C,QAAQ,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAA;IAC5C,CAAC;IAED,OAAO,QAAQ,CAAA;AACjB,CAAC"}

package/dist/security/index.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Security - Clean Exports
+ * Only exports the new ANSI sanitizer
+ */
+export * from './ansi-sanitizer';
+//# sourceMappingURL=index.d.ts.map

package/dist/security/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,cAAc,kBAAkB,CAAC"}

package/dist/security/index.js

@@ -0,0 +1,22 @@
+"use strict";
+/**
+ * Security - Clean Exports
+ * Only exports the new ANSI sanitizer
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./ansi-sanitizer"), exports);
+//# sourceMappingURL=index.js.map

package/dist/security/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;;;;;;;;;;;AAEH,mDAAiC"}

package/dist/security/input-validator.d.ts

@@ -0,0 +1,55 @@
+import { SecurityConfig } from '../types';
+/**
+ * Input validator for markdown content
+ * Prevents buffer overflow, injection attacks, and validates content
+ */
+export declare class InputValidator {
+    private config;
+    constructor(config?: SecurityConfig);
+    /**
+     * Validate markdown input
+     */
+    validate(input: string): ValidationResult;
+    /**
+     * Validate link prefixes
+     */
+    private validateLinks;
+    /**
+     * Validate image prefixes
+     */
+    private validateImages;
+    /**
+     * Check for blessed tag injection
+     */
+    private checkBlessedInjection;
+    /**
+     * Sanitize HTML entities
+     */
+    private sanitizeHtmlEntities;
+    /**
+     * Update configuration
+     */
+    updateConfig(config: Partial<SecurityConfig>): void;
+    /**
+     * Get current configuration
+     */
+    getConfig(): Required<SecurityConfig>;
+}
+/**
+ * Validation result
+ */
+export interface ValidationResult {
+    valid: boolean;
+    sanitized: string;
+    errors: string[];
+    warnings: string[];
+}
+/**
+ * Singleton instance
+ */
+export declare const inputValidator: InputValidator;
+/**
+ * Validate input with default validator
+ */
+export declare function validateInput(input: string, config?: SecurityConfig): ValidationResult;
+//# sourceMappingURL=input-validator.d.ts.map

package/dist/security/input-validator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"input-validator.d.ts","sourceRoot":"","sources":["../../src/security/input-validator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAG1C;;;GAGG;AACH,qBAAa,cAAc;IACvB,OAAO,CAAC,MAAM,CAA2B;gBAE7B,MAAM,GAAE,cAAmB;IAWvC;;OAEG;IACH,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,gBAAgB;IA0DzC;;OAEG;IACH,OAAO,CAAC,aAAa;IAwBrB;;OAEG;IACH,OAAO,CAAC,cAAc;IAwBtB;;OAEG;IACH,OAAO,CAAC,qBAAqB;IA+B7B;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAiC5B;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,cAAc,CAAC,GAAG,IAAI;IAInD;;OAEG;IACH,SAAS,IAAI,QAAQ,CAAC,cAAc,CAAC;CAGxC;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC7B,KAAK,EAAE,OAAO,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,QAAQ,EAAE,MAAM,EAAE,CAAC;CACtB;AAED;;GAEG;AACH,eAAO,MAAM,cAAc,gBAAuB,CAAC;AAEnD;;GAEG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,cAAc,GAAG,gBAAgB,CAMtF"}

package/dist/security/input-validator.js

@@ -0,0 +1,201 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.inputValidator = exports.InputValidator = void 0;
+exports.validateInput = validateInput;
+const ansi_sanitizer_1 = require("./ansi-sanitizer");
+/**
+ * Input validator for markdown content
+ * Prevents buffer overflow, injection attacks, and validates content
+ */
+class InputValidator {
+    config;
+    constructor(config = {}) {
+        this.config = {
+            enabled: config.enabled ?? true,
+            allowedLinkPrefixes: config.allowedLinkPrefixes ?? ['http://', 'https://'],
+            allowedImagePrefixes: config.allowedImagePrefixes ?? ['http://', 'https://'],
+            maxBufferSize: config.maxBufferSize ?? 10 * 1024 * 1024, // 10MB default
+            stripDangerousAnsi: config.stripDangerousAnsi ?? true,
+            sanitizeHtml: config.sanitizeHtml ?? true,
+        };
+    }
+    /**
+     * Validate markdown input
+     */
+    validate(input) {
+        const errors = [];
+        const warnings = [];
+        let sanitized = input;
+        if (!this.config.enabled) {
+            return { valid: true, sanitized, errors, warnings };
+        }
+        // Check buffer size
+        if (input.length > this.config.maxBufferSize) {
+            errors.push(`Input exceeds maximum buffer size (${input.length} > ${this.config.maxBufferSize})`);
+            return { valid: false, sanitized, errors, warnings };
+        }
+        // Sanitize ANSI codes if enabled
+        if (this.config.stripDangerousAnsi) {
+            const originalLength = sanitized.length;
+            sanitized = (0, ansi_sanitizer_1.sanitizeForTerminal)(sanitized);
+            if (sanitized.length !== originalLength) {
+                warnings.push('Dangerous ANSI escape sequences were removed');
+            }
+        }
+        // Validate links
+        const linkValidation = this.validateLinks(sanitized);
+        if (!linkValidation.valid) {
+            warnings.push(...linkValidation.warnings);
+        }
+        // Validate images
+        const imageValidation = this.validateImages(sanitized);
+        if (!imageValidation.valid) {
+            warnings.push(...imageValidation.warnings);
+        }
+        // Check for blessed tag injection
+        const injectionCheck = this.checkBlessedInjection(sanitized);
+        if (!injectionCheck.valid) {
+            errors.push(...injectionCheck.errors);
+            sanitized = injectionCheck.sanitized;
+        }
+        // Sanitize HTML if enabled
+        if (this.config.sanitizeHtml) {
+            sanitized = this.sanitizeHtmlEntities(sanitized);
+        }
+        return {
+            valid: errors.length === 0,
+            sanitized,
+            errors,
+            warnings,
+        };
+    }
+    /**
+     * Validate link prefixes
+     */
+    validateLinks(input) {
+        const warnings = [];
+        const linkRegex = /\[([^\]]+)\]\(([^)]+)\)/g;
+        let match;
+        while ((match = linkRegex.exec(input)) !== null) {
+            const url = match[2];
+            const isAllowed = this.config.allowedLinkPrefixes.some(prefix => prefix === '*' || url.startsWith(prefix));
+            if (!isAllowed) {
+                warnings.push(`Link with prefix '${url.split(':')[0]}' is not in allowed list`);
+            }
+        }
+        return {
+            valid: true, // Links are warnings, not errors
+            sanitized: input,
+            warnings,
+            errors: [],
+        };
+    }
+    /**
+     * Validate image prefixes
+     */
+    validateImages(input) {
+        const warnings = [];
+        const imageRegex = /!\[([^\]]*)\]\(([^)]+)\)/g;
+        let match;
+        while ((match = imageRegex.exec(input)) !== null) {
+            const url = match[2];
+            const isAllowed = this.config.allowedImagePrefixes.some(prefix => prefix === '*' || url.startsWith(prefix));
+            if (!isAllowed) {
+                warnings.push(`Image with prefix '${url.split(':')[0]}' is not in allowed list`);
+            }
+        }
+        return {
+            valid: true, // Images are warnings, not errors
+            sanitized: input,
+            warnings,
+            errors: [],
+        };
+    }
+    /**
+     * Check for blessed tag injection
+     */
+    checkBlessedInjection(input) {
+        const errors = [];
+        let sanitized = input;
+        // Check for unbalanced tags
+        const openTags = (input.match(/\{[a-z-]+}/gi) || []).length;
+        const closeTags = (input.match(/\{\/[a-z-]+}/gi) || []).length;
+        if (openTags !== closeTags) {
+            errors.push('Unbalanced blessed tags detected');
+            // Escape all blessed tags
+            sanitized = sanitized.replace(/\{/g, '\\{');
+        }
+        // Check for potentially malicious tags
+        const dangerousTags = ['open', 'close', 'exec', 'eval'];
+        for (const tag of dangerousTags) {
+            if (input.includes(`{${tag}}`) || input.includes(`{/${tag}}`)) {
+                errors.push(`Potentially dangerous blessed tag detected: ${tag}`);
+                sanitized = sanitized.replace(new RegExp(`\\{\\/?${tag}\\}`, 'gi'), '');
+            }
+        }
+        return {
+            valid: errors.length === 0,
+            sanitized,
+            errors,
+            warnings: [],
+        };
+    }
+    /**
+     * Sanitize HTML entities
+     */
+    sanitizeHtmlEntities(input) {
+        const entityMap = {
+            '&': '&',
+            '<': '&lt;',
+            '>': '&gt;',
+            '"': '&quot;',
+            "'": '&#39;',
+        };
+        // Only sanitize if not already in markdown code
+        let result = input;
+        const codeBlockRegex = /```[\s\S]*?```|`[^`]+`/g;
+        const codeBlocks = [];
+        // Preserve code blocks
+        result = result.replace(codeBlockRegex, (match) => {
+            codeBlocks.push(match);
+            return `__CODE_BLOCK_${codeBlocks.length - 1}__`;
+        });
+        // Sanitize outside code blocks (only in HTML contexts)
+        result = result.replace(/<[^>]+>/g, (tag) => {
+            return tag.replace(/[&<>"']/g, char => entityMap[char] || char);
+        });
+        // Restore code blocks
+        result = result.replace(/__CODE_BLOCK_(\d+)__/g, (match, index) => {
+            return codeBlocks[parseInt(index)];
+        });
+        return result;
+    }
+    /**
+     * Update configuration
+     */
+    updateConfig(config) {
+        this.config = { ...this.config, ...config };
+    }
+    /**
+     * Get current configuration
+     */
+    getConfig() {
+        return { ...this.config };
+    }
+}
+exports.InputValidator = InputValidator;
+/**
+ * Singleton instance
+ */
+exports.inputValidator = new InputValidator();
+/**
+ * Validate input with default validator
+ */
+function validateInput(input, config) {
+    if (config) {
+        const validator = new InputValidator(config);
+        return validator.validate(input);
+    }
+    return exports.inputValidator.validate(input);
+}
+//# sourceMappingURL=input-validator.js.map

package/dist/security/input-validator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"input-validator.js","sourceRoot":"","sources":["../../src/security/input-validator.ts"],"names":[],"mappings":";;;AA+OA,sCAMC;AApPD,qDAAuD;AAEvD;;;GAGG;AACH,MAAa,cAAc;IACf,MAAM,CAA2B;IAEzC,YAAY,SAAyB,EAAE;QACnC,IAAI,CAAC,MAAM,GAAG;YACV,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,IAAI;YAC/B,mBAAmB,EAAE,MAAM,CAAC,mBAAmB,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC;YAC1E,oBAAoB,EAAE,MAAM,CAAC,oBAAoB,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC;YAC5E,aAAa,EAAE,MAAM,CAAC,aAAa,IAAI,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,eAAe;YACxE,kBAAkB,EAAE,MAAM,CAAC,kBAAkB,IAAI,IAAI;YACrD,YAAY,EAAE,MAAM,CAAC,YAAY,IAAI,IAAI;SAC5C,CAAC;IACN,CAAC;IAED;;OAEG;IACH,QAAQ,CAAC,KAAa;QAClB,MAAM,MAAM,GAAa,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,IAAI,SAAS,GAAG,KAAK,CAAC;QAEtB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACvB,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;QACxD,CAAC;QAED,oBAAoB;QACpB,IAAI,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YAC3C,MAAM,CAAC,IAAI,CACP,sCAAsC,KAAK,CAAC,MAAM,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,GAAG,CACvF,CAAC;YACF,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;QACzD,CAAC;QAED,iCAAiC;QACjC,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;YACjC,MAAM,cAAc,GAAG,SAAS,CAAC,MAAM,CAAC;YACxC,SAAS,GAAG,IAAA,oCAAmB,EAAC,SAAS,CAAC,CAAC;YAC3C,IAAI,SAAS,CAAC,MAAM,KAAK,cAAc,EAAE,CAAC;gBACtC,QAAQ,CAAC,IAAI,CAAC,8CAA8C,CAAC,CAAC;YAClE,CAAC;QACL,CAAC;QAED,iBAAiB;QACjB,MAAM,cAAc,GAAG,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;QACrD,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,CAAC;YACxB,QAAQ,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;QAC9C,CAAC;QAED,kBAAkB;QAClB,MAAM,eAAe,GAAG,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;QACvD,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;YACzB,QAAQ,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;QAC/C,CAAC;QAED,kCAAkC;QAClC,MAAM,cAAc,GAAG,IAAI,CAAC,qBAAqB,CAAC,SAAS,CAAC,CAAC;QAC7D,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,CAAC;YACxB,MAAM,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;YACtC,SAAS,GAAG,cAAc,CAAC,SAAS,CAAC;QACzC,CAAC;QAED,2BAA2B;QAC3B,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YAC3B,SAAS,GAAG,IAAI,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAC;QACrD,CAAC;QAED,OAAO;YACH,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;YAC1B,SAAS;YACT,MAAM;YACN,QAAQ;SACX,CAAC;IACN,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,KAAa;QAC/B,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,MAAM,SAAS,GAAG,0BAA0B,CAAC;QAC7C,IAAI,KAAK,CAAC;QAEV,OAAO,CAAC,KAAK,GAAG,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACrB,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAC5D,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAC3C,CAAC;YAEF,IAAI,CAAC,SAAS,EAAE,CAAC;gBACb,QAAQ,CAAC,IAAI,CAAC,qBAAqB,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC;YACpF,CAAC;QACL,CAAC;QAED,OAAO;YACH,KAAK,EAAE,IAAI,EAAE,iCAAiC;YAC9C,SAAS,EAAE,KAAK;YAChB,QAAQ;YACR,MAAM,EAAE,EAAE;SACb,CAAC;IACN,CAAC;IAED;;OAEG;IACK,cAAc,CAAC,KAAa;QAChC,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,MAAM,UAAU,GAAG,2BAA2B,CAAC;QAC/C,IAAI,KAAK,CAAC;QAEV,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC/C,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACrB,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,oBAAoB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAC7D,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAC3C,CAAC;YAEF,IAAI,CAAC,SAAS,EAAE,CAAC;gBACb,QAAQ,CAAC,IAAI,CAAC,sBAAsB,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC;YACrF,CAAC;QACL,CAAC;QAED,OAAO;YACH,KAAK,EAAE,IAAI,EAAE,kCAAkC;YAC/C,SAAS,EAAE,KAAK;YAChB,QAAQ;YACR,MAAM,EAAE,EAAE;SACb,CAAC;IACN,CAAC;IAED;;OAEG;IACK,qBAAqB,CAAC,KAAa;QACvC,MAAM,MAAM,GAAa,EAAE,CAAC;QAC5B,IAAI,SAAS,GAAG,KAAK,CAAC;QAEtB,4BAA4B;QAC5B,MAAM,QAAQ,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;QAC5D,MAAM,SAAS,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;QAE/D,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YACzB,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;YAChD,0BAA0B;YAC1B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAChD,CAAC;QAED,uCAAuC;QACvC,MAAM,aAAa,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;QACxD,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,KAAK,GAAG,GAAG,CAAC,EAAE,CAAC;gBAC5D,MAAM,CAAC,IAAI,CAAC,+CAA+C,GAAG,EAAE,CAAC,CAAC;gBAClE,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,UAAU,GAAG,KAAK,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;YAC5E,CAAC;QACL,CAAC;QAED,OAAO;YACH,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;YAC1B,SAAS;YACT,MAAM;YACN,QAAQ,EAAE,EAAE;SACf,CAAC;IACN,CAAC;IAED;;OAEG;IACK,oBAAoB,CAAC,KAAa;QACtC,MAAM,SAAS,GAA2B;YACtC,GAAG,EAAE,OAAO;YACZ,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,QAAQ;YACb,GAAG,EAAE,OAAO;SACf,CAAC;QAEF,gDAAgD;QAChD,IAAI,MAAM,GAAG,KAAK,CAAC;QACnB,MAAM,cAAc,GAAG,yBAAyB,CAAC;QACjD,MAAM,UAAU,GAAa,EAAE,CAAC;QAEhC,uBAAuB;QACvB,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC,KAAK,EAAE,EAAE;YAC9C,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACvB,OAAO,gBAAgB,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC;QACrD,CAAC,CAAC,CAAC;QAEH,uDAAuD;QACvD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE;YACxC,OAAO,GAAG,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;QAEH,sBAAsB;QACtB,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,uBAAuB,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YAC9D,OAAO,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IAClB,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,MAA+B;QACxC,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;IAChD,CAAC;IAED;;OAEG;IACH,SAAS;QACL,OAAO,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;IAC9B,CAAC;CACJ;AApND,wCAoNC;AAYD;;GAEG;AACU,QAAA,cAAc,GAAG,IAAI,cAAc,EAAE,CAAC;AAEnD;;GAEG;AACH,SAAgB,aAAa,CAAC,KAAa,EAAE,MAAuB;IAChE,IAAI,MAAM,EAAE,CAAC;QACT,MAAM,SAAS,GAAG,IAAI,cAAc,CAAC,MAAM,CAAC,CAAC;QAC7C,OAAO,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC;IACD,OAAO,sBAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAC1C,CAAC"}

package/dist/stream-protocol.d.ts

@@ -0,0 +1,61 @@
+/**
+ * Stream Protocol Implementation
+ *
+ * This module provides utilities for validating, transforming, and
+ * processing stream events according to the AI SDK protocol.
+ */
+import { StreamEvent, StreamEventOptions, ToolCallEvent, ToolResultEvent, TextDeltaEvent, ThinkingEvent, StatusEvent, ErrorEvent } from './types/stream-events';
+export declare class StreamProtocol {
+    private static readonly VALID_EVENT_TYPES;
+    /**
+     * Validate a stream event structure
+     */
+    static validateEvent(event: any): event is StreamEvent;
+    private static validateToolCallEvent;
+    private static validateToolResultEvent;
+    private static validateTextDeltaEvent;
+    private static validateThinkingEvent;
+    private static validateStatusEvent;
+    private static validateErrorEvent;
+    /**
+     * Transform a generic event into a typed event
+     */
+    static transformEvent(event: StreamEvent): StreamEvent;
+    /**
+     * Create a text delta event
+     */
+    static createTextDelta(content: string, metadata?: Record<string, any>): TextDeltaEvent;
+    /**
+     * Create a tool call event
+     */
+    static createToolCall(toolName: string, toolArgs: Record<string, any>, metadata?: Record<string, any>): ToolCallEvent;
+    /**
+     * Create a tool result event
+     */
+    static createToolResult(toolResult: any, metadata?: Record<string, any>): ToolResultEvent;
+    /**
+     * Create a thinking event
+     */
+    static createThinking(content: string, metadata?: Record<string, any>): ThinkingEvent;
+    /**
+     * Create a reasoning event
+     */
+    static createReasoning(content: string, metadata?: Record<string, any>): ThinkingEvent;
+    /**
+     * Create a status event
+     */
+    static createStatus(content: string, status?: 'pending' | 'running' | 'completed' | 'failed', metadata?: Record<string, any>): StatusEvent;
+    /**
+     * Create an error event
+     */
+    static createError(content: string, error?: Error, metadata?: Record<string, any>): ErrorEvent;
+    /**
+     * Check if an event should be rendered based on options
+     */
+    static shouldRenderEvent(event: StreamEvent, options?: StreamEventOptions): boolean;
+    /**
+     * Get event priority for rendering order
+     */
+    static getEventPriority(event: StreamEvent): number;
+}
+//# sourceMappingURL=stream-protocol.d.ts.map