@node-llm/testing 0.2.2 → 0.3.0

package/dist/Scrubber.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"Scrubber.d.ts","sourceRoot":"","sources":["../src/Scrubber.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,uBAAuB,UAInC,CAAC;AAEF,MAAM,WAAW,eAAe;IAC9B,cAAc,CAAC,EAAE,CAAC,IAAI,EAAE,OAAO,KAAK,OAAO,CAAC;IAC5C,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED,qBAAa,QAAQ;IACnB,OAAO,CAAC,cAAc,CAAC,CAA6B;IACpD,OAAO,CAAC,iBAAiB,CAAW;IACpC,OAAO,CAAC,aAAa,CAAc;gBAEvB,OAAO,GAAE,eAAoB;IAazC;;OAEG;IACI,KAAK,CAAC,IAAI,EAAE,OAAO,GAAG,OAAO;IAYpC,OAAO,CAAC,SAAS;CAqElB"}
+{"version":3,"file":"Scrubber.d.ts","sourceRoot":"","sources":["../src/Scrubber.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,uBAAuB,UAYnC,CAAC;AAEF,MAAM,WAAW,eAAe;IAC9B,cAAc,CAAC,EAAE,CAAC,IAAI,EAAE,OAAO,KAAK,OAAO,CAAC;IAC5C,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED,qBAAa,QAAQ;IACnB,OAAO,CAAC,cAAc,CAAC,CAA6B;IACpD,OAAO,CAAC,iBAAiB,CAAW;IACpC,OAAO,CAAC,aAAa,CAAc;gBAEvB,OAAO,GAAE,eAAoB;IAwBzC;;OAEG;IACI,KAAK,CAAC,IAAI,EAAE,OAAO,GAAG,OAAO;IAYpC,OAAO,CAAC,SAAS;CAqElB"}

package/dist/Scrubber.js

@@ -1,7 +1,14 @@
 export const DEFAULT_SECRET_PATTERNS = [
-    /sk-[a-zA-Z0-9]{20,}/g, // OpenAI/Anthropic likely patterns
-    /x-[a-zA-Z0-9]{20,}/g, // Generic API keys
-    /[a-zA-Z0-9]{32,}/g // Long hashes/keys
+    // API Keys & Auth Tokens
+    /sk-[a-zA-Z0-9]{20,}/g, // OpenAI/Anthropic keys
+    /x-[a-zA-Z0-9]{20,}/g, // Generic key patterns
+    /ey[a-zA-Z0-9-_=]+\.ey[a-zA-Z0-9-_=]+\.?[a-zA-Z0-9-_.+/=]*/g, // JWT tokens
+    /\b(AIza[0-9A-Za-z-_]{35})\b/g, // Google API keys
+    /\b[0-9a-f]{32,}\b/gi, // Long hex hashes/IDs (often keys)
+    // PII (Personal Identifiable Information)
+    /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/g, // Emails
+    /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/g, // IPv4 Addresses
+    /\b(access_key|secret_key|aws_access_key_id|aws_secret_access_key):\s*[^\s,{}"]+/gi // AWS-like pairs
 ];
 export class Scrubber {
     customScrubber;
@@ -13,9 +20,20 @@ export class Scrubber {
         this.sensitiveKeys = new Set([
             "key",
             "api_key",
+            "apikey",
             "token",
             "auth",
             "authorization",
+            "password",
+            "secret",
+            "cookie",
+            "set-cookie",
+            "x-api-key",
+            "x-auth-token",
+            "access_key",
+            "secret_key",
+            "bearer",
+            "credential",
             ...(options.sensitiveKeys || []).map((k) => k.toLowerCase())
         ]);
     }

package/dist/Time.d.ts

@@ -0,0 +1,33 @@
+/**
+ * Time utility for deterministic testing.
+ * Provides a clean API for freezing, advancing, and restoring system time.
+ * Built on top of Vitest's timer system.
+ */
+export declare class Time {
+    /**
+     * Freezes time at a specific date for the duration of the provided function.
+     * Automatically restores real time even if the function throws an error.
+     *
+     * @example
+     * await Time.frozen('2024-05-20', async () => {
+     *   const now = new Date();
+     *   expect(now.toISOString()).toContain('2024-05-20');
+     * });
+     */
+    static frozen<T>(date: string | Date | number, fn: () => Promise<T> | T): Promise<T>;
+    /**
+     * Freezes system time.
+     * Use this in beforeEach or for sequential time manipulation.
+     * Remember to call Time.restore() in afterEach!
+     */
+    static freeze(date: string | Date | number): void;
+    /**
+     * Advances the frozen time by a specific amount of milliseconds.
+     */
+    static advance(ms: number): void;
+    /**
+     * Restores system time to reality.
+     */
+    static restore(): void;
+}
+//# sourceMappingURL=Time.d.ts.map

package/dist/Time.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"Time.d.ts","sourceRoot":"","sources":["../src/Time.ts"],"names":[],"mappings":"AAEA;;;;GAIG;AACH,qBAAa,IAAI;IACf;;;;;;;;;OASG;WACU,MAAM,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,GAAG,IAAI,GAAG,MAAM,EAAE,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAS1F;;;;OAIG;IACH,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,GAAG,MAAM,GAAG,IAAI;IAMjD;;OAEG;IACH,MAAM,CAAC,OAAO,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI;IAIhC;;OAEG;IACH,MAAM,CAAC,OAAO,IAAI,IAAI;CAGvB"}

package/dist/Time.js

@@ -0,0 +1,49 @@
+import { vi } from "vitest";
+/**
+ * Time utility for deterministic testing.
+ * Provides a clean API for freezing, advancing, and restoring system time.
+ * Built on top of Vitest's timer system.
+ */
+export class Time {
+    /**
+     * Freezes time at a specific date for the duration of the provided function.
+     * Automatically restores real time even if the function throws an error.
+     *
+     * @example
+     * await Time.frozen('2024-05-20', async () => {
+     *   const now = new Date();
+     *   expect(now.toISOString()).toContain('2024-05-20');
+     * });
+     */
+    static async frozen(date, fn) {
+        this.freeze(date);
+        try {
+            return await fn();
+        }
+        finally {
+            this.restore();
+        }
+    }
+    /**
+     * Freezes system time.
+     * Use this in beforeEach or for sequential time manipulation.
+     * Remember to call Time.restore() in afterEach!
+     */
+    static freeze(date) {
+        const targetDate = new Date(date);
+        vi.useFakeTimers();
+        vi.setSystemTime(targetDate);
+    }
+    /**
+     * Advances the frozen time by a specific amount of milliseconds.
+     */
+    static advance(ms) {
+        vi.advanceTimersByTime(ms);
+    }
+    /**
+     * Restores system time to reality.
+     */
+    static restore() {
+        vi.useRealTimers();
+    }
+}

package/dist/index.d.ts

@@ -1,3 +1,4 @@
 export * from "./vcr.js";
 export * from "./Mocker.js";
+export * from "./Time.js";
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC;AACzB,cAAc,aAAa,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC;AACzB,cAAc,aAAa,CAAC;AAC5B,cAAc,WAAW,CAAC"}

package/dist/index.js

@@ -1,2 +1,3 @@
 export * from "./vcr.js";
 export * from "./Mocker.js";
+export * from "./Time.js";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@node-llm/testing",
-  "version": "0.2.2",
+  "version": "0.3.0",
   "description": "Deterministic testing for NodeLLM powered AI systems",
   "main": "dist/index.js",
   "type": "module",
@@ -8,7 +8,7 @@
   "devDependencies": {
     "vitest": "^1.0.0",
     "typescript": "^5.0.0",
-    "@node-llm/core": "1.8.0"
+    "@node-llm/core": "1.9.0"
   },
   "scripts": {
     "build": "tsc",

package/src/Scrubber.ts

@@ -1,7 +1,15 @@
 export const DEFAULT_SECRET_PATTERNS = [
-  /sk-[a-zA-Z0-9]{20,}/g, // OpenAI/Anthropic likely patterns
-  /x-[a-zA-Z0-9]{20,}/g, // Generic API keys
-  /[a-zA-Z0-9]{32,}/g // Long hashes/keys
+  // API Keys & Auth Tokens
+  /sk-[a-zA-Z0-9]{20,}/g, // OpenAI/Anthropic keys
+  /x-[a-zA-Z0-9]{20,}/g, // Generic key patterns
+  /ey[a-zA-Z0-9-_=]+\.ey[a-zA-Z0-9-_=]+\.?[a-zA-Z0-9-_.+/=]*/g, // JWT tokens
+  /\b(AIza[0-9A-Za-z-_]{35})\b/g, // Google API keys
+  /\b[0-9a-f]{32,}\b/gi, // Long hex hashes/IDs (often keys)
+
+  // PII (Personal Identifiable Information)
+  /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/g, // Emails
+  /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/g, // IPv4 Addresses
+  /\b(access_key|secret_key|aws_access_key_id|aws_secret_access_key):\s*[^\s,{}"]+/gi // AWS-like pairs
 ];
 
 export interface ScrubberOptions {
@@ -21,9 +29,20 @@ export class Scrubber {
     this.sensitiveKeys = new Set([
       "key",
       "api_key",
+      "apikey",
       "token",
       "auth",
       "authorization",
+      "password",
+      "secret",
+      "cookie",
+      "set-cookie",
+      "x-api-key",
+      "x-auth-token",
+      "access_key",
+      "secret_key",
+      "bearer",
+      "credential",
       ...(options.sensitiveKeys || []).map((k) => k.toLowerCase())
     ]);
   }

package/src/Time.ts

@@ -0,0 +1,52 @@
+import { vi } from "vitest";
+
+/**
+ * Time utility for deterministic testing.
+ * Provides a clean API for freezing, advancing, and restoring system time.
+ * Built on top of Vitest's timer system.
+ */
+export class Time {
+  /**
+   * Freezes time at a specific date for the duration of the provided function.
+   * Automatically restores real time even if the function throws an error.
+   *
+   * @example
+   * await Time.frozen('2024-05-20', async () => {
+   *   const now = new Date();
+   *   expect(now.toISOString()).toContain('2024-05-20');
+   * });
+   */
+  static async frozen<T>(date: string | Date | number, fn: () => Promise<T> | T): Promise<T> {
+    this.freeze(date);
+    try {
+      return await fn();
+    } finally {
+      this.restore();
+    }
+  }
+
+  /**
+   * Freezes system time.
+   * Use this in beforeEach or for sequential time manipulation.
+   * Remember to call Time.restore() in afterEach!
+   */
+  static freeze(date: string | Date | number): void {
+    const targetDate = new Date(date);
+    vi.useFakeTimers();
+    vi.setSystemTime(targetDate);
+  }
+
+  /**
+   * Advances the frozen time by a specific amount of milliseconds.
+   */
+  static advance(ms: number): void {
+    vi.advanceTimersByTime(ms);
+  }
+
+  /**
+   * Restores system time to reality.
+   */
+  static restore(): void {
+    vi.useRealTimers();
+  }
+}

package/src/index.ts

@@ -1,2 +1,3 @@
 export * from "./vcr.js";
 export * from "./Mocker.js";
+export * from "./Time.js";

package/test/unit/Time.test.ts

@@ -0,0 +1,50 @@
+import { describe, it, expect } from "vitest";
+import { Time } from "../../src/Time.js";
+
+describe("Testing Utility: Time", () => {
+  describe("Time.frozen", () => {
+    it("freezes time and restores it automatically", async () => {
+      const realStart = new Date().getTime();
+      const target = "2024-05-20T10:00:00.000Z";
+
+      await Time.frozen(target, async () => {
+        expect(new Date().toISOString()).toBe(target);
+      });
+
+      // After restoration, time should represent reality again
+      const realEnd = new Date().getTime();
+      expect(realEnd).toBeGreaterThanOrEqual(realStart);
+      expect(new Date().toISOString()).not.toBe(target);
+    });
+
+    it("restores time even on error", async () => {
+      const target = "2024-01-01T00:00:00.000Z";
+
+      try {
+        await Time.frozen(target, () => {
+          throw new Error("BOOM");
+        });
+      } catch {
+        // Ignored
+      }
+
+      expect(new Date().toISOString()).not.toBe(target);
+    });
+  });
+
+  describe("Stateful API (freeze / advance / restore)", () => {
+    it("allows manual manipulation of time flow", () => {
+      const start = "2024-12-31T23:59:59.000Z";
+      Time.freeze(start);
+
+      expect(new Date().toISOString()).toBe(start);
+
+      // Advance by 2 seconds
+      Time.advance(2000);
+      expect(new Date().toISOString()).toBe("2025-01-01T00:00:01.000Z");
+
+      Time.restore();
+      expect(new Date().toISOString()).not.toBe("2025-01-01T00:00:01.000Z");
+    });
+  });
+});

package/test/unit/auto_scrubbing_enhanced.test.ts

@@ -0,0 +1,69 @@
+import { describe, it, expect } from "vitest";
+import { Scrubber } from "../../src/Scrubber.js";
+
+describe("Enhanced Auto-Scrubbing", () => {
+  const scrubber = new Scrubber();
+
+  it("should scrub email addresses from strings", () => {
+    const input = "Contact me at user@example.com or support@company.co.uk";
+    const result = scrubber.scrub(input);
+    expect(result).toBe("Contact me at [REDACTED] or [REDACTED]");
+  });
+
+  it("should scrub JWT tokens", () => {
+    const jwt =
+      "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c";
+    const result = scrubber.scrub(jwt);
+    expect(result).toBe("Bearer [REDACTED]");
+  });
+
+  it("should scrub IPv4 addresses", () => {
+    const input = "Server IP is 192.168.1.1 and gateway is 10.0.0.1";
+    const result = scrubber.scrub(input);
+    expect(result).toBe("Server IP is [REDACTED] and gateway is [REDACTED]");
+  });
+
+  it("should scrub Google API keys", () => {
+    const input = "key=AIzaSyA1B2C3D4E5F6G7H8I9J0K1L2M3N4O5P6Q";
+    const result = scrubber.scrub(input);
+    expect(result).toBe("key=[REDACTED]");
+  });
+
+  it("should scrub sensitive keys in nested objects", () => {
+    const input = {
+      user: {
+        email: "test@example.com",
+        password: "secretpassword123",
+        settings: {
+          apiKey: "sk-1234567890abcdef1234567890"
+        }
+      },
+      status: "ok"
+    };
+    const result = scrubber.scrub(input) as any;
+
+    expect(result.user.email).toBe("[REDACTED]");
+    expect(result.user.password).toBe("[REDACTED]");
+    expect(result.user.settings.apiKey).toBe("[REDACTED]");
+    expect(result.status).toBe("ok");
+  });
+
+  it("should scrub custom sensitive keys like 'cookie'", () => {
+    const input = {
+      headers: {
+        Cookie: "sessionid=12345; user=abc",
+        "Content-Type": "application/json"
+      }
+    };
+    const result = scrubber.scrub(input) as any;
+    expect(result.headers.Cookie).toBe("[REDACTED]");
+    expect(result.headers["Content-Type"]).toBe("application/json");
+  });
+
+  it("should scrub AWS-like credential pairs in strings", () => {
+    const input =
+      "Using access_key: AKIA1234567890EXAMPLE and secret_key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY";
+    const result = scrubber.scrub(input);
+    expect(result).toBe("Using [REDACTED] and [REDACTED]");
+  });
+});