npm - @node-llm/core - Versions diffs - 1.4.0 → 1.4.2 - Mend

@node-llm/core 1.4.0 → 1.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md +31 -23
package/dist/aliases.json +132 -0
package/dist/utils/sanitize.d.ts +21 -0
package/dist/utils/sanitize.d.ts.map +1 -0
package/dist/utils/sanitize.js +76 -0
package/package.json +43 -10

package/README.md CHANGED Viewed

@@ -3,9 +3,13 @@
 </p>
 # NodeLLM
-**An opinionated architectural layer for using Large Language Models in Node.js.**
-Build chatbots, autonomous agents, and RAG pipelines without the SDK fatigue. NodeLLM provides a unified, production-oriented API for interacting with over **540+ models** across multiple providers (OpenAI, Gemini, Anthropic, DeepSeek, OpenRouter, Ollama, etc.) without coupling your application to any single SDK.
+**An opinionated architectural layer for integrating Large Language Models in Node.js.**
+**Provider-agnostic by design.**
+Most LLM SDKs **tightly couple** your application to vendors, APIs, and churn. NodeLLM provides a unified, production-oriented API for interacting with over 540+ models across multiple providers (OpenAI, Gemini, Anthropic, DeepSeek, OpenRouter, Ollama, etc.) without the SDK fatigue.
 <br/>
@@ -36,7 +40,31 @@ Build chatbots, autonomous agents, and RAG pipelines without the SDK fatigue. No
 ---
-## ⚡ The Golden Path
+## 🛑 What NodeLLM is NOT
+NodeLLM represents a clear architectural boundary between your system and LLM vendors.
+NodeLLM is **NOT**:
+ - A wrapper around a single provider SDK (like `openai` or `@google/generative-ai`)
+ - A prompt-engineering framework
+ - An agent playground or experimental toy
+---
+## 🏗️ Why NodeLLM?
+Most AI integrations today are provider-specific, SDK-driven, and leaky at abstraction boundaries. This creates long-term architectural risk. **LLMs should be treated as infrastructure**, and NodeLLM exists to help you integrate them without vendor lock-in.
+NodeLLM exists to solve **architectural problems**, not just provide API access. It is the core architectural layer for LLMs in the Node.js ecosystem.
+### Strategic Goals
+- **Provider Isolation**: Decouple your services from vendor SDKs.
+- **Production-Ready**: Native support for streaming, retries, and unified error handling.
+- **Predictable API**: Consistent behavior for Tools, Vision, and Structured Outputs across all models.
+---
+## ⚡ The Architectural Path
 ```ts
 import { NodeLLM } from "@node-llm/core";
@@ -55,26 +83,6 @@ for await (const chunk of chat.stream("Explain event-driven architecture")) {
 }
 ```
----
-## Why`NodeLLM`?
-Most AI integrations today are provider-specific, SDK-driven, and leaky at abstraction boundaries. This creates long-term architectural risk. Switching models should not mean a total rewrite of your business logic.
-NodeLLMexists to solve **architectural problems**, not just provide API access.
-### Strategic Goals
-- **Provider Isolation**: Your application logic never touches a provider-specific SDK.
-- **Unified Mental Model**: Chat, streaming, tools, and structured outputs feel identical across providers.
-- **Production-Ready**: Streaming, retries, and errors are first-class concerns.
-- **The "Standard Library" Voice**: It provides a beautiful, native-feeling API for modern Node.js.
-### Non-Goals
-- It is **not** a thin wrapper that mirrors every provider's unique API knobs.
-- It is **not** a UI framework or a simple chatbot builder.
-- It prioritizes **architectural clarity** over raw SDK convenience.
 ---

package/dist/aliases.json ADDED Viewed

@@ -0,0 +1,132 @@
+{
+    "chatgpt-4o": {
+        "openai": "chatgpt-4o-latest",
+        "openrouter": "openai/chatgpt-4o-latest"
+    },
+    "claude-3-5-haiku": {
+        "anthropic": "claude-3-5-haiku-20241022",
+        "openrouter": "anthropic/claude-3.5-haiku",
+        "bedrock": "anthropic.claude-3-5-haiku-20241022-v1:0"
+    },
+    "claude-3-5-sonnet": {
+        "anthropic": "claude-3-5-sonnet-20240620",
+        "openrouter": "anthropic/claude-3.5-sonnet",
+        "bedrock": "anthropic.claude-3-5-sonnet-20240620-v1:0"
+    },
+    "claude-sonnet-4-5": {
+        "anthropic": "claude-sonnet-4-5-20250929"
+    },
+    "claude-sonnet-4": {
+        "anthropic": "claude-sonnet-4-20250514"
+    },
+    "claude-3-7-sonnet": {
+        "anthropic": "claude-3-7-sonnet-20250219",
+        "openrouter": "anthropic/claude-3.7-sonnet",
+        "bedrock": "us.anthropic.claude-3-7-sonnet-20250219-v1:0"
+    },
+    "claude-3-haiku": {
+        "anthropic": "claude-3-haiku-20240307",
+        "openrouter": "anthropic/claude-3-haiku",
+        "bedrock": "anthropic.claude-3-haiku-20240307-v1:0:200k"
+    },
+    "claude-3-opus": {
+        "anthropic": "claude-3-opus-20240229",
+        "openrouter": "anthropic/claude-3-opus",
+        "bedrock": "anthropic.claude-3-opus-20240229-v1:0:200k"
+    },
+    "claude-3-sonnet": {
+        "bedrock": "anthropic.claude-3-sonnet-20240229-v1:0"
+    },
+    "deepseek-chat": {
+        "deepseek": "deepseek-chat",
+        "openrouter": "deepseek/deepseek-chat"
+    },
+    "gemini-flash": {
+        "gemini": "gemini-flash-latest",
+        "vertexai": "gemini-flash-latest",
+        "openrouter": "google/gemini-flash-latest"
+    },
+    "gemini-pro": {
+        "gemini": "gemini-1.5-pro-001",
+        "vertexai": "gemini-1.5-pro-001",
+        "openrouter": "google/gemini-1.5-pro-001"
+    },
+    "gemini-1.5-flash": {
+        "gemini": "gemini-1.5-flash-001",
+        "vertexai": "gemini-1.5-flash-001",
+        "openrouter": "google/gemini-1.5-flash-001"
+    },
+    "gemini-1.5-pro": {
+        "gemini": "gemini-1.5-pro-001",
+        "vertexai": "gemini-1.5-pro-001",
+        "openrouter": "google/gemini-1.5-pro-001"
+    },
+    "gemini-2.0-flash": {
+        "gemini": "gemini-2.0-flash",
+        "vertexai": "gemini-2.0-flash"
+    },
+    "gemini-2.0-flash-001": {
+        "gemini": "gemini-2.0-flash-001",
+        "openrouter": "google/gemini-2.0-flash-001",
+        "vertexai": "gemini-2.0-flash-001"
+    },
+    "gpt-3.5-turbo": {
+        "openai": "gpt-3.5-turbo",
+        "openrouter": "openai/gpt-3.5-turbo"
+    },
+    "gpt-4": {
+        "openai": "gpt-4",
+        "openrouter": "openai/gpt-4"
+    },
+    "gpt-4-turbo": {
+        "openai": "gpt-4-turbo",
+        "openrouter": "openai/gpt-4-turbo"
+    },
+    "gpt-4o": {
+        "openai": "gpt-4o",
+        "openrouter": "openai/gpt-4o"
+    },
+    "gpt-4o-mini": {
+        "openai": "gpt-4o-mini",
+        "openrouter": "openai/gpt-4o-mini"
+    },
+    "llama-3-1-405b": {
+        "openrouter": "meta-llama/llama-3.1-405b"
+    },
+    "llama-3-1-405b-instruct": {
+        "openrouter": "meta-llama/llama-3.1-405b-instruct"
+    },
+    "llama-3-1-70b": {
+        "openrouter": "meta-llama/llama-3.1-70b"
+    },
+    "llama-3-1-70b-instruct": {
+        "openrouter": "meta-llama/llama-3.1-70b-instruct"
+    },
+    "llama-3-1-8b": {
+        "openrouter": "meta-llama/llama-3.1-8b"
+    },
+    "llama-3-1-8b-instruct": {
+        "openrouter": "meta-llama/llama-3.1-8b-instruct"
+    },
+    "llama-3-2-1b-instruct": {
+        "openrouter": "meta-llama/llama-3.2-1b-instruct"
+    },
+    "llama-3-2-3b-instruct": {
+        "openrouter": "meta-llama/llama-3.2-3b-instruct"
+    },
+    "llama-3-3-70b-instruct": {
+        "openrouter": "meta-llama/llama-3.3-70b-instruct"
+    },
+    "mistral-large": {
+        "mistral": "mistral-large-latest",
+        "openrouter": "mistralai/mistral-large"
+    },
+    "mistral-medium": {
+        "mistral": "mistral-medium-latest",
+        "openrouter": "mistralai/mistral-medium"
+    },
+    "mistral-small": {
+        "mistral": "mistral-small-latest",
+        "openrouter": "mistralai/mistral-small"
+    }
+}

package/dist/utils/sanitize.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Utility functions for sanitizing sensitive data from error messages and objects
+ */
+/**
+ * Sanitizes API keys and other sensitive data from strings
+ * @param text - The text to sanitize
+ * @returns Sanitized text with sensitive data redacted
+ */
+export declare function sanitizeText(text: string): string;
+/**
+ * Sanitizes an error object by redacting sensitive data
+ * @param error - The error object to sanitize
+ * @returns Sanitized error object
+ */
+export declare function sanitizeError(error: any): any;
+/**
+ * Logs an error with sanitized output
+ * @param error - The error to log
+ */
+export declare function logSanitizedError(error: any): void;
+//# sourceMappingURL=sanitize.d.ts.map

package/dist/utils/sanitize.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"sanitize.d.ts","sourceRoot":"","sources":["../../src/utils/sanitize.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAiCjD;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,GAAG,GAAG,GAAG,CA+B7C;AAiBD;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,GAAG,GAAG,IAAI,CAGlD"}

package/dist/utils/sanitize.js ADDED Viewed

@@ -0,0 +1,76 @@
+/**
+ * Utility functions for sanitizing sensitive data from error messages and objects
+ */
+/**
+ * Sanitizes API keys and other sensitive data from strings
+ * @param text - The text to sanitize
+ * @returns Sanitized text with sensitive data redacted
+ */
+export function sanitizeText(text) {
+    if (!text)
+        return text;
+    // Sanitize API keys (various formats)
+    // OpenAI: sk-...
+    // Anthropic: sk-ant-...
+    // Generic patterns
+    let sanitized = text;
+    // Pattern: sk-ant-api03-... or sk-...
+    sanitized = sanitized.replace(/sk-ant-[a-zA-Z0-9_-]{8,}/g, (match) => `sk-ant-***${match.slice(-4)}`);
+    sanitized = sanitized.replace(/sk-[a-zA-Z0-9_-]{20,}/g, (match) => `sk-***${match.slice(-4)}`);
+    // Pattern: Bearer tokens
+    sanitized = sanitized.replace(/Bearer\s+[a-zA-Z0-9_-]{20,}/gi, (match) => `Bearer ***${match.slice(-4)}`);
+    // Pattern: API keys in error messages like "Incorrect API key provided: 8TAXX2TT***..."
+    sanitized = sanitized.replace(/API key[^:]*:\s*[a-zA-Z0-9]{4,}\**/gi, 'API key: [REDACTED]');
+    return sanitized;
+}
+/**
+ * Sanitizes an error object by redacting sensitive data
+ * @param error - The error object to sanitize
+ * @returns Sanitized error object
+ */
+export function sanitizeError(error) {
+    if (!error)
+        return error;
+    // Handle Error instances
+    if (error instanceof Error) {
+        const sanitized = new Error(sanitizeText(error.message));
+        sanitized.name = error.name;
+        sanitized.stack = error.stack ? sanitizeText(error.stack) : undefined;
+        // Copy other properties
+        Object.keys(error).forEach(key => {
+            if (key !== 'message' && key !== 'stack' && key !== 'name') {
+                sanitized[key] = sanitizeErrorValue(error[key]);
+            }
+        });
+        return sanitized;
+    }
+    // Handle plain objects
+    if (typeof error === 'object') {
+        const sanitized = Array.isArray(error) ? [] : {};
+        for (const key in error) {
+            sanitized[key] = sanitizeErrorValue(error[key]);
+        }
+        return sanitized;
+    }
+    return error;
+}
+/**
+ * Sanitizes a single value (recursive helper)
+ */
+function sanitizeErrorValue(value) {
+    if (typeof value === 'string') {
+        return sanitizeText(value);
+    }
+    if (typeof value === 'object' && value !== null) {
+        return sanitizeError(value);
+    }
+    return value;
+}
+/**
+ * Logs an error with sanitized output
+ * @param error - The error to log
+ */
+export function logSanitizedError(error) {
+    const sanitized = sanitizeError(error);
+    console.error('[NodeLLM Error]', sanitized);
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@node-llm/core",
-  "version": "1.4.0",
+  "version": "1.4.2",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -11,15 +11,55 @@
     }
   },
   "description": "A provider-agnostic LLM core for Node.js, inspired by ruby-llm.",
+  "keywords": [
+    "llm",
+    "large-language-models",
+    "ai",
+    "nodejs",
+    "llm-integration",
+    "architecture",
+    "integration-layer",
+    "provider-agnostic",
+    "vendor-agnostic",
+    "infrastructure",
+    "openai",
+    "anthropic",
+    "gemini",
+    "deepseek",
+    "openrouter",
+    "ollama",
+    "chat",
+    "streaming",
+    "rag",
+    "production"
+  ],
   "author": "NodeLLM contributors",
   "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/eshaiju/node-llm",
+    "directory": "packages/core"
+  },
+  "homepage": "https://node-llm.eshaiju.com",
+  "bugs": {
+    "url": "https://github.com/eshaiju/node-llm/issues"
+  },
   "engines": {
     "node": ">=20.0.0"
   },
   "files": [
     "dist",
-    "README.md"
+    "README.md",
+    "LICENSE"
   ],
+  "scripts": {
+    "build": "tsc -p tsconfig.json",
+    "dev": "tsc -w",
+    "lint": "tsc --noEmit",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "prepublishOnly": "npm run build"
+  },
   "dependencies": {
     "zod": "^3.23.8",
     "zod-to-json-schema": "^3.25.1"
@@ -29,12 +69,5 @@
     "@pollyjs/adapter-node-http": "^6.0.6",
     "@pollyjs/core": "^6.0.6",
     "@pollyjs/persister-fs": "^6.0.6"
-  },
-  "scripts": {
-    "build": "tsc -p tsconfig.json",
-    "dev": "tsc -w",
-    "lint": "tsc --noEmit",
-    "test": "vitest run",
-    "test:watch": "vitest"
   }
-}
+}