@noy-db/hub 0.2.0-pre.30 → 0.2.0-pre.31

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (143) hide show
  1. package/dist/adapter/index.d.ts +9 -0
  2. package/dist/adapter/index.js +14 -0
  3. package/dist/attestation/index.d.ts +1 -1
  4. package/dist/attestation/index.js +3 -3
  5. package/dist/blobs/index.d.ts +3 -3
  6. package/dist/bundle/index.d.ts +3 -3
  7. package/dist/bundle/index.js +1 -1
  8. package/dist/{chunk-Y6YUWZTS.js → chunk-L5HHBOMS.js} +2 -2
  9. package/dist/{chunk-BVKLJBJJ.js → chunk-W5NVNJDX.js} +2 -1
  10. package/dist/{chunk-BVKLJBJJ.js.map → chunk-W5NVNJDX.js.map} +1 -1
  11. package/dist/consent/index.d.ts +2 -2
  12. package/dist/{decrypt-partition-Mhjh6nnG.d.ts → decrypt-partition-CXS5KopB.d.ts} +1 -1
  13. package/dist/derivations/index.d.ts +3 -3
  14. package/dist/{dev-unlock-DJ3IhgY9.d.ts → dev-unlock-CnHTTVea.d.ts} +1 -1
  15. package/dist/guards/index.d.ts +3 -3
  16. package/dist/{hash-DLwkYf1d.d.ts → hash-oc5paYl0.d.ts} +1 -1
  17. package/dist/history/index.d.ts +3 -3
  18. package/dist/i18n/index.d.ts +2 -2
  19. package/dist/{index-CMRIx_zx.d.ts → index-BmhGztUi.d.ts} +1 -1
  20. package/dist/index.d.ts +11 -11
  21. package/dist/index.js +2 -2
  22. package/dist/kernel/index.d.ts +2 -2
  23. package/dist/materialized-views/index.d.ts +3 -3
  24. package/dist/{mime-magic-CacDBwYp.d.ts → mime-magic-JeLKHRng.d.ts} +1 -1
  25. package/dist/{noydb-5MIBD77B.js → noydb-NAU2DTFP.js} +2 -2
  26. package/dist/noydb-NAU2DTFP.js.map +1 -0
  27. package/dist/overlay-views/index.d.ts +3 -3
  28. package/dist/periods/index.d.ts +2 -2
  29. package/dist/session/index.d.ts +3 -3
  30. package/dist/shadow/index.d.ts +2 -2
  31. package/dist/snapshots/index.d.ts +2 -2
  32. package/dist/store/index.d.ts +2 -2
  33. package/dist/sync/index.d.ts +1 -1
  34. package/dist/team/index.d.ts +2 -2
  35. package/dist/{transition-guard-J04-jime.d.ts → transition-guard-Dy3NioQr.d.ts} +1 -1
  36. package/dist/tx/index.d.ts +2 -2
  37. package/dist/{with-materialized-view-DNfzC5lH.d.ts → with-materialized-view-DIVeez0W.d.ts} +1 -1
  38. package/dist/{with-overlayed-view-qk3lbhOd.d.ts → with-overlayed-view-DVZrc5Hb.d.ts} +1 -1
  39. package/dist/{with-rollup-Dd3_ZG4b.d.ts → with-rollup-CbU-O4wP.d.ts} +1 -1
  40. package/package.json +62 -221
  41. package/dist/aggregate/index.cjs +0 -1144
  42. package/dist/aggregate/index.cjs.map +0 -1
  43. package/dist/aggregate/index.d.cts +0 -39
  44. package/dist/attestation/index.cjs +0 -305
  45. package/dist/attestation/index.cjs.map +0 -1
  46. package/dist/attestation/index.d.cts +0 -54
  47. package/dist/blobs/index.cjs +0 -1967
  48. package/dist/blobs/index.cjs.map +0 -1
  49. package/dist/blobs/index.d.cts +0 -48
  50. package/dist/bundle/index.cjs +0 -41045
  51. package/dist/bundle/index.cjs.map +0 -1
  52. package/dist/bundle/index.d.cts +0 -187
  53. package/dist/consent/index.cjs +0 -204
  54. package/dist/consent/index.cjs.map +0 -1
  55. package/dist/consent/index.d.cts +0 -27
  56. package/dist/crdt/index.cjs +0 -152
  57. package/dist/crdt/index.cjs.map +0 -1
  58. package/dist/crdt/index.d.cts +0 -30
  59. package/dist/decrypt-partition-C0iDpbSd.d.cts +0 -558
  60. package/dist/derivations/index.cjs +0 -469
  61. package/dist/derivations/index.cjs.map +0 -1
  62. package/dist/derivations/index.d.cts +0 -74
  63. package/dist/dev-unlock-0Z6yxfS7.d.cts +0 -263
  64. package/dist/discriminant-BN9REW3o.d.cts +0 -60
  65. package/dist/errors-BAWO5Z5a.d.cts +0 -1500
  66. package/dist/forget/index.cjs +0 -43
  67. package/dist/forget/index.cjs.map +0 -1
  68. package/dist/forget/index.d.cts +0 -1
  69. package/dist/guards/index.cjs +0 -455
  70. package/dist/guards/index.cjs.map +0 -1
  71. package/dist/guards/index.d.cts +0 -39
  72. package/dist/hash-Db8ncXGr.d.cts +0 -63
  73. package/dist/history/index.cjs +0 -1245
  74. package/dist/history/index.cjs.map +0 -1
  75. package/dist/history/index.d.cts +0 -65
  76. package/dist/i18n/index.cjs +0 -1280
  77. package/dist/i18n/index.cjs.map +0 -1
  78. package/dist/i18n/index.d.cts +0 -41
  79. package/dist/index-BMmajblo.d.cts +0 -362
  80. package/dist/index-C1SC1EPe.d.cts +0 -1325
  81. package/dist/index-xJEPkvMb.d.cts +0 -93
  82. package/dist/index.cjs +0 -48100
  83. package/dist/index.cjs.map +0 -1
  84. package/dist/index.d.cts +0 -1050
  85. package/dist/indexing/index.cjs +0 -803
  86. package/dist/indexing/index.cjs.map +0 -1
  87. package/dist/indexing/index.d.cts +0 -36
  88. package/dist/kernel/index.cjs +0 -751
  89. package/dist/kernel/index.cjs.map +0 -1
  90. package/dist/kernel/index.d.cts +0 -11
  91. package/dist/lazy-builder-eYZzLEL1.d.cts +0 -304
  92. package/dist/materialized-views/index.cjs +0 -1518
  93. package/dist/materialized-views/index.cjs.map +0 -1
  94. package/dist/materialized-views/index.d.cts +0 -187
  95. package/dist/mime-magic-sdMzsfVK.d.cts +0 -103
  96. package/dist/overlay-views/index.cjs +0 -399
  97. package/dist/overlay-views/index.cjs.map +0 -1
  98. package/dist/overlay-views/index.d.cts +0 -102
  99. package/dist/periods/index.cjs +0 -1041
  100. package/dist/periods/index.cjs.map +0 -1
  101. package/dist/periods/index.d.cts +0 -24
  102. package/dist/predicate-BmhBSPCH.d.cts +0 -267
  103. package/dist/query/index.cjs +0 -3480
  104. package/dist/query/index.cjs.map +0 -1
  105. package/dist/query/index.d.cts +0 -4
  106. package/dist/sealed-record/index.cjs +0 -139
  107. package/dist/sealed-record/index.cjs.map +0 -1
  108. package/dist/sealed-record/index.d.cts +0 -123
  109. package/dist/session/index.cjs +0 -495
  110. package/dist/session/index.cjs.map +0 -1
  111. package/dist/session/index.d.cts +0 -48
  112. package/dist/shadow/index.cjs +0 -133
  113. package/dist/shadow/index.cjs.map +0 -1
  114. package/dist/shadow/index.d.cts +0 -19
  115. package/dist/snapshots/index.cjs +0 -937
  116. package/dist/snapshots/index.cjs.map +0 -1
  117. package/dist/snapshots/index.d.cts +0 -30
  118. package/dist/store/index.cjs +0 -1091
  119. package/dist/store/index.cjs.map +0 -1
  120. package/dist/store/index.d.cts +0 -501
  121. package/dist/strategy-BSxFXGzb.d.cts +0 -110
  122. package/dist/strategy-mJExw4LQ.d.cts +0 -1069
  123. package/dist/sync/index.cjs +0 -1062
  124. package/dist/sync/index.cjs.map +0 -1
  125. package/dist/sync/index.d.cts +0 -45
  126. package/dist/team/index.cjs +0 -2805
  127. package/dist/team/index.cjs.map +0 -1
  128. package/dist/team/index.d.cts +0 -120
  129. package/dist/transition-guard-tWZIsaXe.d.cts +0 -165
  130. package/dist/tx/index.cjs +0 -614
  131. package/dist/tx/index.cjs.map +0 -1
  132. package/dist/tx/index.d.cts +0 -39
  133. package/dist/types-CdVfiQgt.d.cts +0 -15275
  134. package/dist/ulid-DRH25k3y.d.cts +0 -66
  135. package/dist/util/index.cjs +0 -237
  136. package/dist/util/index.cjs.map +0 -1
  137. package/dist/util/index.d.cts +0 -79
  138. package/dist/with-materialized-view-DfgPcvi9.d.cts +0 -27
  139. package/dist/with-overlayed-view-Cvfkx1lg.d.cts +0 -13
  140. package/dist/with-rollup-nIxo7h9z.d.cts +0 -47
  141. /package/dist/{noydb-5MIBD77B.js.map → adapter/index.js.map} +0 -0
  142. /package/dist/{chunk-Y6YUWZTS.js.map → chunk-L5HHBOMS.js.map} +0 -0
  143. /package/dist/{types-DHn9lEP0.d.ts → index-DHn9lEP0.d.ts} +0 -0
@@ -1,187 +0,0 @@
1
- import { T as TransferSealPayload } from '../decrypt-partition-C0iDpbSd.cjs';
2
- export { C as COMPRESSION_BROTLI, a as COMPRESSION_GZIP, b as COMPRESSION_NONE, c as CompressionAlgo, D as DecryptedRecord, F as FLAG_COMPRESSED, d as FLAG_HAS_INTEGRITY_HASH, N as NOYDB_BUNDLE_FORMAT_VERSION, e as NOYDB_BUNDLE_MAGIC, f as NOYDB_BUNDLE_PREFIX_BYTES, g as NoydbBundleHeader, h as NoydbBundleReadResult, R as ReadNoydbBundleOptions, W as WriteNoydbBundleOptions, i as decryptExtractedPartition, j as encodeBundleHeader, r as readNoydbBundle, k as readNoydbBundleHeader, l as resetBrotliSupportCache, v as validateBundleHeader, w as writeNoydbBundle } from '../decrypt-partition-C0iDpbSd.cjs';
3
- export { g as generateULID, i as isULID } from '../ulid-DRH25k3y.cjs';
4
- import { bh as Vault, aW as NoydbStore, bd as SealingKeyProvider, bi as RecoveryEnrollmentInput, bj as ShamirRecoveryProvider } from '../types-CdVfiQgt.cjs';
5
- export { t as AdoptionStateError, B as BackupCorruptedError, u as BackupLedgerError, v as BundleIntegrityError, w as BundleSealMismatchError, x as BundleVersionConflictError, P as PartitionExtractionError, y as TransferSealError } from '../errors-BAWO5Z5a.cjs';
6
- import '../lazy-builder-eYZzLEL1.cjs';
7
- import '../predicate-BmhBSPCH.cjs';
8
- import '../strategy-mJExw4LQ.cjs';
9
- import '../strategy-BSxFXGzb.cjs';
10
- import '../index-BMmajblo.cjs';
11
- import '../index-C1SC1EPe.cjs';
12
- import '@noy-db/attestation';
13
-
14
- /**
15
- * Transitive-closure FK walker. Computes the set of
16
- * (collection, id) tuples reachable from seed predicates, so a
17
- * partition extraction ships a referentially-complete subset.
18
- *
19
- * Two-phase, plaintext, read-only (runs inside the unlocked vault
20
- * session — see foundation §13.4 / spec invariant 7):
21
- * 1. INBOUND expansion: from selected records, pull every record
22
- * that references them (children travel with parents), to a
23
- * fixed point.
24
- * 2. OUTBOUND completion: pull every parent the selected set
25
- * references (no dangling FKs), transitively, WITHOUT
26
- * re-expanding inbound from those parents (bounds the closure).
27
- *
28
- * The FK graph is auto-derived from the vault's existing RefRegistry
29
- * (the `ref('target')` declarations on collections) — no hand-written
30
- * edge list. See the design spec §4.1.
31
- *
32
- * @module
33
- */
34
-
35
- /** Seed predicate per collection. Records that return true become roots. */
36
- interface WalkClosureOptions {
37
- readonly seeds: Record<string, (record: Record<string, unknown>) => boolean | Promise<boolean>>;
38
- /** Max fixed-point iterations before throwing. Default 16. */
39
- readonly maxDepth?: number;
40
- }
41
- interface ClosureResult {
42
- /** collection → set of record ids that travel together. */
43
- readonly closure: Map<string, Set<string>>;
44
- readonly graph: {
45
- /** Fixed-point iterations the walk needed to converge. */
46
- readonly depth: number;
47
- /** True if an edge pointed back to an already-selected node. */
48
- readonly cyclesDetected: boolean;
49
- };
50
- }
51
- declare function walkClosure(vault: Vault, opts: WalkClosureOptions): Promise<ClosureResult>;
52
-
53
- /**
54
- * Partition-extraction dry-run. Read-only preview of what an
55
- * `extractPartition` would move: record counts, byte totals, and the
56
- * timestamp span per collection — computed from raw encrypted
57
- * envelopes WITHOUT decrypting them. Writes nothing, mutates nothing.
58
- *
59
- * @module
60
- */
61
-
62
- interface ExtractionPreview {
63
- readonly totalRecords: number;
64
- /** Sum of serialized encrypted-envelope sizes (bytes). */
65
- readonly totalBytes: number;
66
- readonly byCollection: ReadonlyArray<{
67
- readonly name: string;
68
- readonly recordCount: number;
69
- readonly bytes: number;
70
- /** Earliest envelope `_ts` in this collection (lexicographic). */
71
- readonly oldestTs?: string;
72
- readonly newestTs?: string;
73
- }>;
74
- readonly graph: {
75
- readonly depth: number;
76
- readonly cyclesDetected: boolean;
77
- };
78
- /** Records the walk reached but whose envelope couldn't be read. */
79
- readonly inaccessible: ReadonlyArray<{
80
- readonly collection: string;
81
- readonly id: string;
82
- }>;
83
- }
84
- declare function describeExtraction(vault: Vault, opts: WalkClosureOptions): Promise<ExtractionPreview>;
85
-
86
- /**
87
- * Partition extraction. Walks the FK closure, re-encrypts
88
- * the selected records under fresh per-collection DEKs, seals those DEKs
89
- * under a one-time transfer key, and serializes an unowned
90
- * `extracted-partition` bundle.
91
- *
92
- * @module
93
- */
94
-
95
- interface ExtractPartitionResult {
96
- readonly bundleBytes: Uint8Array;
97
- /** Raw 32-byte transfer key — deliver out-of-band; required to adopt. */
98
- readonly transferKey: Uint8Array;
99
- readonly sealId: string;
100
- }
101
- /**
102
- * Extract a re-keyed, transfer-sealed partition. Owner-only
103
- * (invariant 5): producing a standalone re-keyed vault is an
104
- * ownership operation. Non-destructive on the source.
105
- */
106
- declare function extractPartition(vault: Vault, opts: WalkClosureOptions & {
107
- readonly compression?: 'auto' | 'brotli' | 'gzip' | 'none';
108
- readonly carrySchemas?: boolean;
109
- readonly carryLedger?: boolean;
110
- /**
111
- * FR-7 structural field projection: per-collection allow-list of fields
112
- * to keep. Non-listed fields are dropped from each record BEFORE
113
- * re-encryption (so they never travel in the bundle); `id` is always
114
- * preserved. A projected collection's persisted schema is NOT carried.
115
- * Absent/empty → un-projected behavior (byte-identical to today).
116
- */
117
- readonly fieldProjection?: Record<string, readonly string[]>;
118
- }): Promise<ExtractPartitionResult>;
119
-
120
- /**
121
- * Reverse of `sealDeks`. Imports the transfer key, decrypts the
122
- * sealed `{ collection: base64(rawDEK) }` map (layout iv(12)‖ct‖tag), and
123
- * re-imports each DEK as an AES-GCM key. Throws `TransferSealError` on a
124
- * wrong key (AES-GCM auth-tag failure) or malformed payload.
125
- */
126
- declare function unsealDeks(seal: TransferSealPayload, transferKey: Uint8Array): Promise<Map<string, CryptoKey>>;
127
- interface AdoptPartitionOptions {
128
- readonly transferKey: Uint8Array;
129
- readonly destinationStore: NoydbStore;
130
- readonly vaultName: string;
131
- }
132
- interface AdoptPartitionResult {
133
- readonly vaultName: string;
134
- readonly needsOwner: true;
135
- readonly sealId: string;
136
- }
137
- declare function adoptPartition(bundleBytes: Uint8Array, opts: AdoptPartitionOptions): Promise<AdoptPartitionResult>;
138
- interface CreateOwnerResult {
139
- readonly vaultName: string;
140
- readonly userId: string;
141
- }
142
- /** Standard-mode owner: recipient supplies the passphrase. */
143
- interface CreateOwnerStandardOptions {
144
- readonly userId: string;
145
- readonly passphrase: string;
146
- readonly transferKey: Uint8Array;
147
- }
148
- /**
149
- * Managed-mode owner: the passphrase is minted + sealed under
150
- * a `SealingKeyProvider` (e.g. an `at-*` OS keychain) so the partition
151
- * auto-unlocks on the recipient's device. Managed mode mandates a strong
152
- * (Shamir) recovery profile at creation, which needs the
153
- * `shamirRecovery` provider injected.
154
- */
155
- interface CreateOwnerManagedOptions {
156
- readonly userId: string;
157
- readonly passphraseMode: 'managed';
158
- readonly sealingKey: SealingKeyProvider;
159
- readonly recovery: ReadonlyArray<RecoveryEnrollmentInput>;
160
- readonly shamirRecovery: ShamirRecoveryProvider;
161
- readonly transferKey: Uint8Array;
162
- }
163
- type CreateOwnerOptions = CreateOwnerStandardOptions | CreateOwnerManagedOptions;
164
- /**
165
- * Mint the first owner keyring on an adopted-but-unowned partition,
166
- * then destroy the transfer seal.
167
- *
168
- * Standard mode: the recipient supplies a passphrase. Managed mode: the
169
- * passphrase is minted + sealed under a `SealingKeyProvider` and a strong
170
- * (Shamir) recovery profile is enrolled — orchestrated via the existing
171
- * `openVaultAndEnrollRecovery` ceremony.
172
- *
173
- * Either way, reuses `createOwnerKeyring` to derive the KEK + write the base
174
- * keyring, then wraps the partition's DEKs (recovered from the seal) under that
175
- * KEK and re-persists the merged keyring file.
176
- *
177
- * Idempotent under retry: the seal is destroyed LAST (Stage D), after the
178
- * keyring (Stage A), the ledger transition (Stage B), and — in managed mode —
179
- * strong-recovery enrollment (Stage C). A failure in the fallible enrollment
180
- * step leaves the seal intact, and re-running with the same `userId` +
181
- * `transferKey` resumes from the first incomplete stage. (Multi-profile recovery
182
- * arrays may re-enroll an already-enrolled profile on retry; managed mode's
183
- * mandated single Shamir profile does not.)
184
- */
185
- declare function createOwnerOnAdoptedPartition(store: NoydbStore, vaultName: string, opts: CreateOwnerOptions): Promise<CreateOwnerResult>;
186
-
187
- export { type AdoptPartitionOptions, type AdoptPartitionResult, type ClosureResult, type CreateOwnerManagedOptions, type CreateOwnerOptions, type CreateOwnerResult, type CreateOwnerStandardOptions, type ExtractPartitionResult, type ExtractionPreview, type WalkClosureOptions, adoptPartition, createOwnerOnAdoptedPartition, describeExtraction, extractPartition, unsealDeks, walkClosure };
@@ -1,204 +0,0 @@
1
- "use strict";
2
- var __defProp = Object.defineProperty;
3
- var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
- var __getOwnPropNames = Object.getOwnPropertyNames;
5
- var __hasOwnProp = Object.prototype.hasOwnProperty;
6
- var __export = (target, all) => {
7
- for (var name in all)
8
- __defProp(target, name, { get: all[name], enumerable: true });
9
- };
10
- var __copyProps = (to, from, except, desc) => {
11
- if (from && typeof from === "object" || typeof from === "function") {
12
- for (let key of __getOwnPropNames(from))
13
- if (!__hasOwnProp.call(to, key) && key !== except)
14
- __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
15
- }
16
- return to;
17
- };
18
- var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
19
-
20
- // src/consent/index.ts
21
- var consent_exports = {};
22
- __export(consent_exports, {
23
- CONSENT_AUDIT_COLLECTION: () => CONSENT_AUDIT_COLLECTION,
24
- loadConsentEntries: () => loadConsentEntries,
25
- withConsent: () => withConsent,
26
- writeConsentEntry: () => writeConsentEntry
27
- });
28
- module.exports = __toCommonJS(consent_exports);
29
-
30
- // src/errors.ts
31
- var NoydbError = class extends Error {
32
- /** Machine-readable error code. Stable across library versions. */
33
- code;
34
- constructor(code, message) {
35
- super(message);
36
- this.name = "NoydbError";
37
- this.code = code;
38
- }
39
- };
40
- var DecryptionError = class extends NoydbError {
41
- constructor(message = "Decryption failed") {
42
- super("DECRYPTION_FAILED", message);
43
- this.name = "DecryptionError";
44
- }
45
- };
46
- var TamperedError = class extends NoydbError {
47
- constructor(message = "Data integrity check failed \u2014 record may have been tampered with") {
48
- super("TAMPERED", message);
49
- this.name = "TamperedError";
50
- }
51
- };
52
-
53
- // src/crypto.ts
54
- var IV_BYTES = 12;
55
- var subtle = globalThis.crypto.subtle;
56
- async function encrypt(plaintext, dek) {
57
- const iv = generateIV();
58
- const encoded = new TextEncoder().encode(plaintext);
59
- const ciphertext = await subtle.encrypt(
60
- { name: "AES-GCM", iv },
61
- dek,
62
- encoded
63
- );
64
- return {
65
- iv: bufferToBase64(iv),
66
- data: bufferToBase64(ciphertext)
67
- };
68
- }
69
- async function decrypt(ivBase64, dataBase64, dek) {
70
- const iv = base64ToBuffer(ivBase64);
71
- const ciphertext = base64ToBuffer(dataBase64);
72
- try {
73
- const plaintext = await subtle.decrypt(
74
- { name: "AES-GCM", iv },
75
- dek,
76
- ciphertext
77
- );
78
- return new TextDecoder().decode(plaintext);
79
- } catch (err) {
80
- if (err instanceof Error && err.name === "OperationError") {
81
- throw new TamperedError();
82
- }
83
- throw new DecryptionError(
84
- err instanceof Error ? err.message : "Decryption failed"
85
- );
86
- }
87
- }
88
- function generateIV() {
89
- return globalThis.crypto.getRandomValues(new Uint8Array(IV_BYTES));
90
- }
91
- function bufferToBase64(buffer) {
92
- const bytes = buffer instanceof Uint8Array ? buffer : new Uint8Array(buffer);
93
- let binary = "";
94
- for (let i = 0; i < bytes.length; i++) {
95
- binary += String.fromCharCode(bytes[i]);
96
- }
97
- return btoa(binary);
98
- }
99
- function base64ToBuffer(base64) {
100
- const binary = atob(base64);
101
- const bytes = new Uint8Array(binary.length);
102
- for (let i = 0; i < binary.length; i++) {
103
- bytes[i] = binary.charCodeAt(i);
104
- }
105
- return bytes;
106
- }
107
-
108
- // src/bundle/ulid.ts
109
- var CROCKFORD_ALPHABET = "0123456789ABCDEFGHJKMNPQRSTVWXYZ";
110
- function encodeBase32(value, length) {
111
- let out = "";
112
- let v = value;
113
- for (let i = 0; i < length; i++) {
114
- out = CROCKFORD_ALPHABET[v % 32] + out;
115
- v = Math.floor(v / 32);
116
- }
117
- return out;
118
- }
119
- function generateULID() {
120
- const now = Date.now();
121
- const timestampHigh = Math.floor(now / 16777216);
122
- const timestampLow = now & 16777215;
123
- const tsPart = encodeBase32(timestampHigh, 5) + encodeBase32(timestampLow, 5);
124
- const randBytes = new Uint8Array(10);
125
- crypto.getRandomValues(randBytes);
126
- const rand1 = randBytes[0] * 2 ** 32 + (randBytes[1] << 24 >>> 0) + (randBytes[2] << 16) + (randBytes[3] << 8) + randBytes[4];
127
- const rand2 = randBytes[5] * 2 ** 32 + (randBytes[6] << 24 >>> 0) + (randBytes[7] << 16) + (randBytes[8] << 8) + randBytes[9];
128
- const randPart = encodeBase32(rand1, 8) + encodeBase32(rand2, 8);
129
- return tsPart + randPart;
130
- }
131
-
132
- // src/consent/consent.ts
133
- var CONSENT_AUDIT_COLLECTION = "_consent_audit";
134
- async function writeConsentEntry(adapter, vault, encrypted, entry, getDEK) {
135
- const id = generateULID();
136
- const full = {
137
- id,
138
- timestamp: (/* @__PURE__ */ new Date()).toISOString(),
139
- ...entry
140
- };
141
- const envelope = await buildEnvelope(full, encrypted, getDEK);
142
- await adapter.put(vault, CONSENT_AUDIT_COLLECTION, id, envelope);
143
- }
144
- async function loadConsentEntries(adapter, vault, encrypted, getDEK, filter = {}) {
145
- const ids = await adapter.list(vault, CONSENT_AUDIT_COLLECTION);
146
- const entries = [];
147
- for (const id of ids.sort()) {
148
- const envelope = await adapter.get(vault, CONSENT_AUDIT_COLLECTION, id);
149
- if (!envelope) continue;
150
- const entry = await decryptEntry(envelope, encrypted, getDEK);
151
- if (!matchesFilter(entry, filter)) continue;
152
- entries.push(entry);
153
- }
154
- return entries;
155
- }
156
- async function buildEnvelope(entry, encrypted, getDEK) {
157
- const json = JSON.stringify(entry);
158
- if (!encrypted) {
159
- return {
160
- _noydb: 1,
161
- _v: 1,
162
- _ts: entry.timestamp,
163
- _iv: "",
164
- _data: json
165
- };
166
- }
167
- const dek = await getDEK(CONSENT_AUDIT_COLLECTION);
168
- const { iv, data } = await encrypt(json, dek);
169
- return {
170
- _noydb: 1,
171
- _v: 1,
172
- _ts: entry.timestamp,
173
- _iv: iv,
174
- _data: data
175
- };
176
- }
177
- async function decryptEntry(envelope, encrypted, getDEK) {
178
- const json = encrypted ? await decrypt(envelope._iv, envelope._data, await getDEK(CONSENT_AUDIT_COLLECTION)) : envelope._data;
179
- return JSON.parse(json);
180
- }
181
- function matchesFilter(entry, f) {
182
- if (f.since && entry.timestamp < f.since) return false;
183
- if (f.until && entry.timestamp > f.until) return false;
184
- if (f.collection && entry.collection !== f.collection) return false;
185
- if (f.actor && entry.actor !== f.actor) return false;
186
- if (f.purpose && entry.purpose !== f.purpose) return false;
187
- return true;
188
- }
189
-
190
- // src/consent/active.ts
191
- function withConsent() {
192
- return {
193
- write: writeConsentEntry,
194
- read: loadConsentEntries
195
- };
196
- }
197
- // Annotate the CommonJS export names for ESM import in node:
198
- 0 && (module.exports = {
199
- CONSENT_AUDIT_COLLECTION,
200
- loadConsentEntries,
201
- withConsent,
202
- writeConsentEntry
203
- });
204
- //# sourceMappingURL=index.cjs.map