@noony-serverless/core 0.1.1 → 0.2.0

package/build/middlewares/guards/config/GuardConfiguration.js

@@ -19,7 +19,28 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GuardConfiguration = exports.MonitoringLevel = exports.CacheInvalidationStrategy = exports.PermissionResolutionStrategy = void 0;
 /**
- * Permission resolution strategies for wildcard permissions
+ * Permission resolution strategies for wildcard permissions.
+ * Determines how wildcard patterns are processed for optimal performance.
+ *
+ * @example
+ * Pre-expansion strategy (production recommended):
+ * ```typescript
+ * const productionConfig = {
+ *   permissionResolutionStrategy: PermissionResolutionStrategy.PRE_EXPANSION,
+ *   // Expands "admin.*" to ["admin.users", "admin.reports", "admin.settings"]
+ *   // at user context load time for O(1) runtime checks
+ * };
+ * ```
+ *
+ * @example
+ * On-demand strategy (memory efficient):
+ * ```typescript
+ * const memoryEfficientConfig = {
+ *   permissionResolutionStrategy: PermissionResolutionStrategy.ON_DEMAND,
+ *   // Matches "admin.*" pattern against user permissions at runtime
+ *   // Lower memory usage but requires pattern matching overhead
+ * };
+ * ```
  *
  * PRE_EXPANSION: Expand wildcards at user context load time
  * - Pros: Faster runtime permission checks (O(1) set lookups)
@@ -53,25 +74,155 @@ var MonitoringLevel;
     MonitoringLevel["VERBOSE"] = "verbose";
 })(MonitoringLevel || (exports.MonitoringLevel = MonitoringLevel = {}));
 /**
- * GuardConfiguration class implementation
+ * GuardConfiguration class implementation.
+ * Immutable configuration object for the Noony guard system with factory methods
+ * for creating configurations from environment profiles or predefined templates.
+ *
+ * @example
+ * Create from environment profile:
+ * ```typescript
+ * import { GuardConfiguration } from '@noony/core';
+ *
+ * const config = GuardConfiguration.fromEnvironmentProfile({
+ *   environment: 'production',
+ *   cacheType: 'redis',
+ *   security: { ... },
+ *   cache: { ... },
+ *   monitoring: { ... }
+ * });
+ * ```
+ *
+ * @example
+ * Use predefined configurations:
+ * ```typescript
+ * // Development configuration
+ * const devConfig = GuardConfiguration.development();
+ *
+ * // Production configuration
+ * const prodConfig = GuardConfiguration.production();
+ *
+ * // Testing configuration
+ * const testConfig = GuardConfiguration.testing();
+ * ```
+ *
+ * @example
+ * Manual configuration:
+ * ```typescript
+ * const customConfig = new GuardConfiguration(
+ *   { permissionResolutionStrategy: PermissionResolutionStrategy.PRE_EXPANSION },
+ *   { maxEntries: 10000, defaultTtlMs: 300000 },
+ *   { enablePerformanceTracking: true, logLevel: 'info' }
+ * );
+ * ```
  */
 class GuardConfiguration {
+    /**
+     * Security configuration settings.
+     * Contains permission resolution strategies and security limits.
+     */
     security;
+    /**
+     * Cache configuration settings.
+     * Contains cache size limits and TTL values.
+     */
     cache;
+    /**
+     * Monitoring configuration settings.
+     * Contains logging and metrics collection settings.
+     */
     monitoring;
+    /**
+     * Creates a new GuardConfiguration instance.
+     *
+     * @param security - Security configuration settings
+     * @param cache - Cache configuration settings
+     * @param monitoring - Monitoring configuration settings
+     *
+     * @example
+     * ```typescript
+     * const config = new GuardConfiguration(
+     *   {
+     *     permissionResolutionStrategy: PermissionResolutionStrategy.PRE_EXPANSION,
+     *     conservativeCacheInvalidation: true,
+     *     maxExpressionComplexity: 100
+     *   },
+     *   {
+     *     maxEntries: 10000,
+     *     defaultTtlMs: 300000,
+     *     userContextTtlMs: 600000,
+     *     authTokenTtlMs: 900000
+     *   },
+     *   {
+     *     enablePerformanceTracking: true,
+     *     enableDetailedLogging: false,
+     *     logLevel: 'info',
+     *     metricsCollectionInterval: 60000
+     *   }
+     * );
+     * ```
+     */
     constructor(security, cache, monitoring) {
         this.security = security;
         this.cache = cache;
         this.monitoring = monitoring;
     }
     /**
-     * Create GuardConfiguration from environment profile
+     * Create GuardConfiguration from environment profile.
+     * Factory method that constructs a configuration from a complete environment profile.
+     *
+     * @param profile - Complete environment profile with all configuration sections
+     * @returns New GuardConfiguration instance
+     *
+     * @example
+     * Create from production profile:
+     * ```typescript
+     * const productionProfile: GuardEnvironmentProfile = {
+     *   environment: 'production',
+     *   cacheType: 'redis',
+     *   security: {
+     *     permissionResolutionStrategy: PermissionResolutionStrategy.PRE_EXPANSION,
+     *     conservativeCacheInvalidation: true,
+     *     maxExpressionComplexity: 100
+     *   },
+     *   cache: {
+     *     maxEntries: 50000,
+     *     defaultTtlMs: 600000,
+     *     userContextTtlMs: 1800000,
+     *     authTokenTtlMs: 3600000
+     *   },
+     *   monitoring: {
+     *     enablePerformanceTracking: true,
+     *     enableDetailedLogging: false,
+     *     logLevel: 'error',
+     *     metricsCollectionInterval: 60000
+     *   }
+     * };
+     *
+     * const config = GuardConfiguration.fromEnvironmentProfile(productionProfile);
+     * ```
      */
     static fromEnvironmentProfile(profile) {
         return new GuardConfiguration(profile.security, profile.cache, profile.monitoring);
     }
     /**
-     * Create default development configuration
+     * Create default development configuration.
+     * Pre-configured settings optimized for development environments with fast refresh
+     * and detailed logging for debugging.
+     *
+     * @returns GuardConfiguration optimized for development
+     *
+     * @example
+     * ```typescript
+     * const devConfig = GuardConfiguration.development();
+     *
+     * // Configuration includes:
+     * // - On-demand permission resolution (lower memory, dynamic)
+     * // - Conservative cache invalidation disabled (faster refresh)
+     * // - Lower complexity limits for faster feedback
+     * // - Shorter TTL values for rapid development cycles
+     * // - Detailed logging and debug level
+     * // - Frequent metrics collection (30 seconds)
+     * ```
      */
     static development() {
         return new GuardConfiguration({
@@ -93,7 +244,24 @@ class GuardConfiguration {
         });
     }
     /**
-     * Create default production configuration
+     * Create default production configuration.
+     * Pre-configured settings optimized for production environments with high performance,
+     * security, and stability.
+     *
+     * @returns GuardConfiguration optimized for production
+     *
+     * @example
+     * ```typescript
+     * const prodConfig = GuardConfiguration.production();
+     *
+     * // Configuration includes:
+     * // - Pre-expansion permission resolution (high performance)
+     * // - Conservative cache invalidation enabled (high security)
+     * // - Higher complexity limits for production workloads
+     * // - Longer TTL values for better performance
+     * // - Performance tracking enabled, detailed logging disabled
+     * // - Standard metrics collection (1 minute intervals)
+     * ```
      */
     static production() {
         return new GuardConfiguration({
@@ -115,17 +283,105 @@ class GuardConfiguration {
         });
     }
     /**
-     * Validate configuration
+     * Validate configuration settings.
+     * Ensures all configuration values are within acceptable bounds and constraints
+     * to prevent security vulnerabilities and performance issues.
+     *
+     * @throws Error if any configuration value is invalid
+     *
+     * @example
+     * ```typescript
+     * const config = new GuardConfiguration(securityConfig, cacheConfig, monitoringConfig);
+     *
+     * try {
+     *   config.validate();
+     *   console.log('Configuration is valid');
+     * } catch (error) {
+     *   console.error('Invalid configuration:', error.message);
+     *   // Handle configuration error
+     * }
+     * ```
+     *
+     * @example
+     * Validation constraints:
+     * ```typescript
+     * // These will throw validation errors:
+     * // maxPatternDepth must be 2 or 3 (prevents deep recursion)
+     * // maxNestingDepth must be 2 (prevents complex expressions)
+     * // maxExpressionComplexity must be positive
+     * // defaultTtlMs must be at least 1000ms (1 second)
+     * ```
+     */
+    /**
+     * Check if caching is enabled via environment variable.
+     *
+     * Caching is disabled by default for security-first approach.
+     * Only enabled when NOONY_GUARD_CACHE_ENABLE is explicitly set to 'true'.
+     *
+     * @returns true if caching should be enabled, false otherwise
+     *
+     * @example
+     * ```typescript
+     * // Caching disabled (default)
+     * process.env.NOONY_GUARD_CACHE_ENABLE = undefined;
+     * console.log(GuardConfiguration.isCachingEnabled()); // false
+     *
+     * // Caching enabled
+     * process.env.NOONY_GUARD_CACHE_ENABLE = 'true';
+     * console.log(GuardConfiguration.isCachingEnabled()); // true
+     *
+     * // Caching disabled (any other value)
+     * process.env.NOONY_GUARD_CACHE_ENABLE = 'false';
+     * console.log(GuardConfiguration.isCachingEnabled()); // false
+     * ```
      */
+    static isCachingEnabled() {
+        return process.env.NOONY_GUARD_CACHE_ENABLE === 'true';
+    }
+    /**
+     * Get effective cache type considering environment variable override.
+     *
+     * Environment variable takes precedence for security:
+     * - If NOONY_GUARD_CACHE_ENABLE is not 'true', returns 'none'
+     * - Otherwise returns the specified cacheType
+     *
+     * @param cacheType - Configured cache type
+     * @returns Effective cache type after environment variable consideration
+     *
+     * @example
+     * ```typescript
+     * // Environment variable not set - caching disabled
+     * process.env.NOONY_GUARD_CACHE_ENABLE = undefined;
+     * console.log(GuardConfiguration.getEffectiveCacheType('memory')); // 'none'
+     * console.log(GuardConfiguration.getEffectiveCacheType('redis')); // 'none'
+     * console.log(GuardConfiguration.getEffectiveCacheType('none')); // 'none'
+     *
+     * // Environment variable enabled - respect cacheType
+     * process.env.NOONY_GUARD_CACHE_ENABLE = 'true';
+     * console.log(GuardConfiguration.getEffectiveCacheType('memory')); // 'memory'
+     * console.log(GuardConfiguration.getEffectiveCacheType('redis')); // 'redis'
+     * console.log(GuardConfiguration.getEffectiveCacheType('none')); // 'none'
+     * ```
+     */
+    static getEffectiveCacheType(cacheType) {
+        // If caching is disabled by environment variable, always return 'none'
+        if (!GuardConfiguration.isCachingEnabled()) {
+            return 'none';
+        }
+        // Otherwise return the specified cache type
+        return cacheType;
+    }
     validate() {
-        if (this.security.maxPatternDepth < 2 ||
-            this.security.maxPatternDepth > 3) {
+        if (this.security.maxPatternDepth !== undefined &&
+            (this.security.maxPatternDepth < 2 || this.security.maxPatternDepth > 3)) {
             throw new Error('maxPatternDepth must be 2 or 3');
         }
-        if (this.security.maxNestingDepth !== 2) {
+        if (this.security.maxNestingDepth !== undefined &&
+            this.security.maxNestingDepth !== 2) {
             throw new Error('maxNestingDepth must be 2');
         }
-        if (this.security.maxExpressionComplexity < 1) {
+        if (this.security.maxExpressionComplexity !== undefined &&
+            this.security.maxExpressionComplexity < 1) {
             throw new Error('maxExpressionComplexity must be positive');
         }
         if (this.cache.defaultTtlMs < 1000) {

package/build/middlewares/guards/guards/FastAuthGuard.d.ts

@@ -43,7 +43,7 @@ export interface AuthenticationResult {
     success: boolean;
     user?: UserContext;
     token?: {
-        decoded: any;
+        decoded: unknown;
         raw: string;
         expiresAt: string;
         issuer?: string;
@@ -63,7 +63,7 @@ export interface AuthGuardConfig {
     allowedIssuers?: string[];
     requireEmailVerification: boolean;
     allowInactiveUsers: boolean;
-    customValidation?: (token: any, user: UserContext) => Promise<boolean>;
+    customValidation?: (token: unknown, user: UserContext) => Promise<boolean>;
 }
 /**
  * Token validation service interface
@@ -74,17 +74,17 @@ export interface TokenValidator {
      */
     validateToken(token: string): Promise<{
         valid: boolean;
-        decoded?: any;
+        decoded?: unknown;
         error?: string;
     }>;
     /**
      * Extract user ID from decoded token
      */
-    extractUserId(decoded: any): string;
+    extractUserId(decoded: unknown): string;
     /**
      * Check if token is expired
      */
-    isTokenExpired(decoded: any): boolean;
+    isTokenExpired(decoded: unknown): boolean;
 }
 /**
  * Fast Authentication Guard Implementation

package/build/middlewares/guards/guards/PermissionGuardFactory.d.ts

@@ -39,7 +39,7 @@ import { PermissionResolverType, PermissionCheckResult, PermissionExpression } f
  */
 export interface GuardConfig {
     requireAuth: boolean;
-    permissions: any;
+    permissions: string | string[] | PermissionExpression | Record<string, unknown>;
     resolverType?: PermissionResolverType;
     cacheResults: boolean;
     auditTrail: boolean;
@@ -141,7 +141,7 @@ export declare class PermissionGuardFactory {
      * @returns Composite permission guard instance
      */
     createCompositeGuard(requirements: Array<{
-        permissions: any;
+        permissions: string | string[] | PermissionExpression | Record<string, unknown>;
         resolverType: PermissionResolverType;
         required: boolean;
     }>, config?: Partial<GuardConfig>): BasePermissionGuard;
@@ -155,23 +155,15 @@ export declare class PermissionGuardFactory {
      * @param config - Optional guard configuration
      * @returns Optimally configured permission guard
      */
-    createAutoGuard(permissions: any, config?: Partial<GuardConfig>): BasePermissionGuard;
+    createAutoGuard(permissions: string | string[] | PermissionExpression | Record<string, unknown>, config?: Partial<GuardConfig>): BasePermissionGuard;
     /**
      * Get factory statistics
      */
     getStats(): {
         totalGuards: number;
         guardsByType: Record<string, number>;
-        individualGuardStats: {
-            guardType: string;
-            checkCount: number;
-            successCount: number;
-            failureCount: number;
-            successRate: number;
-            averageProcessingTimeUs: number;
-            totalProcessingTimeUs: number;
-        }[];
-        aggregatedStats: any;
+        individualGuardStats: Record<string, unknown>[];
+        aggregatedStats: Record<string, unknown>;
     };
     /**
      * Clear guard cache

package/build/middlewares/guards/guards/PermissionGuardFactory.js

@@ -531,10 +531,10 @@ let PermissionGuardFactory = class PermissionGuardFactory {
             };
         }
         const totals = guardStats.reduce((acc, stats) => ({
-            checkCount: acc.checkCount + stats.checkCount,
-            successCount: acc.successCount + stats.successCount,
-            failureCount: acc.failureCount + stats.failureCount,
-            totalProcessingTimeUs: acc.totalProcessingTimeUs + stats.totalProcessingTimeUs,
+            checkCount: acc.checkCount + (stats.checkCount || 0),
+            successCount: acc.successCount + (stats.successCount || 0),
+            failureCount: acc.failureCount + (stats.failureCount || 0),
+            totalProcessingTimeUs: acc.totalProcessingTimeUs + (stats.totalProcessingTimeUs || 0),
         }), {
             checkCount: 0,
             successCount: 0,

package/build/middlewares/guards/index.d.ts

@@ -15,7 +15,7 @@
  * @author Noony Framework Team
  * @version 1.0.0
  */
-export { RouteGuards, RouteGuardOptions, GuardSystemStats, } from './RouteGuards';
+export { RouteGuards, RouteGuardOptions, GuardSystemStats, AnyTokenValidator, } from './RouteGuards';
 export { GuardConfiguration, GuardEnvironmentProfile, PermissionResolutionStrategy, GuardSecurityConfig, GuardCacheConfig, GuardMonitoringConfig, } from './config/GuardConfiguration';
 export { CacheAdapter, CacheStats, CacheKeyBuilder, } from './cache/CacheAdapter';
 export { MemoryCacheAdapter } from './cache/MemoryCacheAdapter';
@@ -29,6 +29,7 @@ export { PermissionRegistry } from './registry/PermissionRegistry';
 export { FastUserContextService, UserContext, UserPermissionSource, PermissionCheckOptions, } from './services/FastUserContextService';
 export { FastAuthGuard, AuthenticationResult, AuthGuardConfig, TokenValidator, } from './guards/FastAuthGuard';
 export { PermissionGuardFactory, GuardConfig, } from './guards/PermissionGuardFactory';
+export { CustomTokenVerificationPortAdapter, TokenVerificationAdapterFactory, AdapterConfig, } from './adapters/CustomTokenVerificationPortAdapter';
 export declare const GUARD_DEFAULTS: {
     readonly CACHE_TTL_MS: number;
     readonly AUTH_TOKEN_TTL_MS: number;
@@ -49,18 +50,59 @@ import { GuardEnvironmentProfile } from './config/GuardConfiguration';
 export declare class GuardSetup {
     /**
      * Development environment setup
+     *
+     * Note: Caching is disabled by default unless NOONY_GUARD_CACHE_ENABLE=true is set.
+     * Even with cacheType: 'memory', the environment variable takes precedence.
+     *
+     * @example
+     * ```bash
+     * # Caching disabled (default)
+     * npm run dev
+     *
+     * # Caching enabled
+     * NOONY_GUARD_CACHE_ENABLE=true npm run dev
+     * ```
      */
     static development(): GuardEnvironmentProfile;
     /**
      * Production environment setup
+     *
+     * Note: Caching is disabled by default unless NOONY_GUARD_CACHE_ENABLE=true is set.
+     * This provides a security-first approach where caching must be explicitly enabled.
+     *
+     * @example
+     * ```bash
+     * # Production with caching enabled (recommended)
+     * NOONY_GUARD_CACHE_ENABLE=true node dist/index.js
+     *
+     * # Production with caching disabled (debugging/troubleshooting)
+     * node dist/index.js
+     * ```
      */
     static production(): GuardEnvironmentProfile;
     /**
      * Serverless environment setup (optimized for cold starts)
+     *
+     * Note: Caching is disabled by default unless NOONY_GUARD_CACHE_ENABLE=true is set.
+     * For serverless environments, consider enabling caching to improve performance
+     * across warm invocations.
+     *
+     * @example
+     * ```bash
+     * # Serverless with caching enabled (recommended for warm starts)
+     * NOONY_GUARD_CACHE_ENABLE=true serverless deploy
+     *
+     * # Serverless with caching disabled (cold start optimization)
+     * serverless deploy
+     * ```
      */
     static serverless(): GuardEnvironmentProfile;
     /**
      * Testing environment setup
+     *
+     * Note: Uses cacheType: 'none' explicitly, so caching is always disabled
+     * regardless of NOONY_GUARD_CACHE_ENABLE environment variable.
+     * This ensures predictable test behavior.
      */
     static testing(): GuardEnvironmentProfile;
 }

package/build/middlewares/guards/index.js

@@ -17,7 +17,7 @@
  * @version 1.0.0
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.GuardSetup = exports.PERMISSION_PATTERNS = exports.GUARD_DEFAULTS = exports.PermissionGuardFactory = exports.FastAuthGuard = exports.FastUserContextService = exports.ExpressionPermissionResolver = exports.WildcardPermissionResolver = exports.PlainPermissionResolver = exports.PermissionUtils = exports.PermissionResolverType = exports.PermissionResolver = exports.InvalidationScope = exports.InvalidationType = exports.ConservativeCacheInvalidation = exports.NoopCacheAdapter = exports.MemoryCacheAdapter = exports.CacheKeyBuilder = exports.PermissionResolutionStrategy = exports.GuardConfiguration = exports.RouteGuards = void 0;
+exports.GuardSetup = exports.PERMISSION_PATTERNS = exports.GUARD_DEFAULTS = exports.TokenVerificationAdapterFactory = exports.CustomTokenVerificationPortAdapter = exports.PermissionGuardFactory = exports.FastAuthGuard = exports.FastUserContextService = exports.ExpressionPermissionResolver = exports.WildcardPermissionResolver = exports.PlainPermissionResolver = exports.PermissionUtils = exports.PermissionResolverType = exports.PermissionResolver = exports.InvalidationScope = exports.InvalidationType = exports.ConservativeCacheInvalidation = exports.NoopCacheAdapter = exports.MemoryCacheAdapter = exports.CacheKeyBuilder = exports.PermissionResolutionStrategy = exports.GuardConfiguration = exports.RouteGuards = void 0;
 // Main facade - primary entry point
 var RouteGuards_1 = require("./RouteGuards");
 Object.defineProperty(exports, "RouteGuards", { enumerable: true, get: function () { return RouteGuards_1.RouteGuards; } });
@@ -55,6 +55,10 @@ var FastAuthGuard_1 = require("./guards/FastAuthGuard");
 Object.defineProperty(exports, "FastAuthGuard", { enumerable: true, get: function () { return FastAuthGuard_1.FastAuthGuard; } });
 var PermissionGuardFactory_1 = require("./guards/PermissionGuardFactory");
 Object.defineProperty(exports, "PermissionGuardFactory", { enumerable: true, get: function () { return PermissionGuardFactory_1.PermissionGuardFactory; } });
+// Token verification adapters for integration with AuthenticationMiddleware
+var CustomTokenVerificationPortAdapter_1 = require("./adapters/CustomTokenVerificationPortAdapter");
+Object.defineProperty(exports, "CustomTokenVerificationPortAdapter", { enumerable: true, get: function () { return CustomTokenVerificationPortAdapter_1.CustomTokenVerificationPortAdapter; } });
+Object.defineProperty(exports, "TokenVerificationAdapterFactory", { enumerable: true, get: function () { return CustomTokenVerificationPortAdapter_1.TokenVerificationAdapterFactory; } });
 // Utility types and constants
 exports.GUARD_DEFAULTS = {
     CACHE_TTL_MS: 15 * 60 * 1000, // 15 minutes
@@ -77,6 +81,18 @@ const GuardConfiguration_2 = require("./config/GuardConfiguration");
 class GuardSetup {
     /**
      * Development environment setup
+     *
+     * Note: Caching is disabled by default unless NOONY_GUARD_CACHE_ENABLE=true is set.
+     * Even with cacheType: 'memory', the environment variable takes precedence.
+     *
+     * @example
+     * ```bash
+     * # Caching disabled (default)
+     * npm run dev
+     *
+     * # Caching enabled
+     * NOONY_GUARD_CACHE_ENABLE=true npm run dev
+     * ```
      */
     static development() {
         return {
@@ -105,6 +121,18 @@ class GuardSetup {
     }
     /**
      * Production environment setup
+     *
+     * Note: Caching is disabled by default unless NOONY_GUARD_CACHE_ENABLE=true is set.
+     * This provides a security-first approach where caching must be explicitly enabled.
+     *
+     * @example
+     * ```bash
+     * # Production with caching enabled (recommended)
+     * NOONY_GUARD_CACHE_ENABLE=true node dist/index.js
+     *
+     * # Production with caching disabled (debugging/troubleshooting)
+     * node dist/index.js
+     * ```
      */
     static production() {
         return {
@@ -133,6 +161,19 @@ class GuardSetup {
     }
     /**
      * Serverless environment setup (optimized for cold starts)
+     *
+     * Note: Caching is disabled by default unless NOONY_GUARD_CACHE_ENABLE=true is set.
+     * For serverless environments, consider enabling caching to improve performance
+     * across warm invocations.
+     *
+     * @example
+     * ```bash
+     * # Serverless with caching enabled (recommended for warm starts)
+     * NOONY_GUARD_CACHE_ENABLE=true serverless deploy
+     *
+     * # Serverless with caching disabled (cold start optimization)
+     * serverless deploy
+     * ```
      */
     static serverless() {
         return {
@@ -161,6 +202,10 @@ class GuardSetup {
     }
     /**
      * Testing environment setup
+     *
+     * Note: Uses cacheType: 'none' explicitly, so caching is always disabled
+     * regardless of NOONY_GUARD_CACHE_ENABLE environment variable.
+     * This ensures predictable test behavior.
      */
     static testing() {
         return {

package/build/middlewares/guards/resolvers/ExpressionPermissionResolver.d.ts

@@ -118,7 +118,7 @@ export declare class ExpressionPermissionResolver extends PermissionResolver<Per
     /**
      * Check if this resolver can handle the given requirement type
      */
-    canHandle(requirement: any): requirement is PermissionExpression;
+    canHandle(requirement: unknown): requirement is PermissionExpression;
     /**
      * Normalize expression for consistent cache keys
      *

package/build/middlewares/guards/resolvers/ExpressionPermissionResolver.js

@@ -412,7 +412,7 @@ class ExpressionPermissionResolver extends PermissionResolver_1.PermissionResolv
      * Check if this resolver can handle the given requirement type
      */
     canHandle(requirement) {
-        return (requirement &&
+        return Boolean(requirement &&
             typeof requirement === 'object' &&
             PermissionResolver_1.PermissionUtils.isValidExpression(requirement));
     }

package/build/middlewares/guards/resolvers/PermissionResolver.d.ts

@@ -19,7 +19,7 @@
  * different types of permission requirements. The generic type T represents
  * the specific requirement format for each resolver.
  */
-export declare abstract class PermissionResolver<T = any> {
+export declare abstract class PermissionResolver<T = unknown> {
     /**
      * Check if user permissions satisfy the requirement
      *

package/build/middlewares/guards/resolvers/PlainPermissionResolver.d.ts

@@ -96,6 +96,6 @@ export declare class PlainPermissionResolver extends PermissionResolver<string[]
      * @param requirement - The requirement to check
      * @returns true if this resolver can handle the requirement
      */
-    canHandle(requirement: any): requirement is string[];
+    canHandle(requirement: unknown): requirement is string[];
 }
 //# sourceMappingURL=PlainPermissionResolver.d.ts.map

package/build/middlewares/guards/resolvers/WildcardPermissionResolver.d.ts

@@ -141,6 +141,6 @@ export declare class WildcardPermissionResolver extends PermissionResolver<strin
     /**
      * Check if this resolver can handle the given requirement type
      */
-    canHandle(requirement: any): requirement is string[];
+    canHandle(requirement: unknown): requirement is string[];
 }
 //# sourceMappingURL=WildcardPermissionResolver.d.ts.map