@pawells/typescript-common 1.0.0

package/build/object/pick.js

@@ -0,0 +1,60 @@
+/**
+ * Creates a new object with only the specified keys from the source object.
+ * Type-safe implementation that preserves the original property types.
+ *
+ * @template T - The type of the source object
+ * @template K - The keys to pick (must be keys of T)
+ * @param obj - Source object to pick properties from
+ * @param keys - Array of keys to include in the result
+ * @returns New object containing only the specified keys with their original types
+ *
+ * @example
+ * ```typescript
+ * interface User {
+ *   id: number;
+ *   name: string;
+ *   email: string;
+ *   password: string;
+ *   age: number;
+ *   active: boolean;
+ * }
+ *
+ * const user: User = {
+ *   id: 1,
+ *   name: 'John Doe',
+ *   email: 'john@example.com',
+ *   password: 'secret',
+ *   age: 30,
+ *   active: true
+ * };
+ *
+ * // Pick specific properties for API response
+ * const publicUser = ObjectPick(user, ['id', 'name', 'email']);
+ * // Result: { id: 1, name: 'John Doe', email: 'john@example.com' }
+ * // Type: Pick<User, 'id' | 'name' | 'email'>
+ *
+ * // Pick minimal user info
+ * const minimalUser = ObjectPick(user, ['id', 'name']);
+ * // Result: { id: 1, name: 'John Doe' }
+ * // Type: Pick<User, 'id' | 'name'>
+ *
+ * // Type safety - prevents picking non-existent properties
+ * // const invalid = ObjectPick(user, ['id', 'nonExistent']); // TypeScript error
+ *
+ * // Handle null/undefined safely
+ * ObjectPick(null, ['id']); // Returns {}
+ * ObjectPick(undefined, ['name']); // Returns {}
+ * ```
+ */
+export function ObjectPick(obj, keys) {
+    if (!obj) {
+        return {};
+    }
+    return keys.reduce((result, key) => {
+        if (Object.hasOwn(obj, key)) {
+            result[key] = obj[key];
+        }
+        return result;
+    }, {});
+}
+//# sourceMappingURL=pick.js.map

package/build/object/pick.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pick.js","sourceRoot":"","sources":["../../src/object/pick.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+CG;AACH,MAAM,UAAU,UAAU,CAAsC,GAAM,EAAE,IAAS;IAChF,IAAI,CAAC,GAAG,EAAE,CAAC;QACV,OAAO,EAAgB,CAAC;IACzB,CAAC;IAED,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,GAAG,EAAE,EAAE;QAClC,IAAI,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC;YAC7B,MAAM,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QACxB,CAAC;QAED,OAAO,MAAM,CAAC;IACf,CAAC,EAAE,EAAgB,CAAC,CAAC;AACtB,CAAC"}

package/build/object/property-paths.d.ts

@@ -0,0 +1,115 @@
+/**
+ * Safely gets a nested property from an object using a path string with dot notation.
+ * Returns the default value if the path doesn't exist or any intermediate value is null/undefined.
+ *
+ * **Security Features:**
+ * - Prevents access to dangerous internal properties
+ * - Validates property paths to prevent path traversal attacks
+ * - Blocks access to prototype chain properties
+ *
+ * @template T - The expected type of the property value
+ * @param obj - Source object to navigate
+ * @param path - Path to the property using dot notation (e.g., 'user.address.street')
+ * @param defaultValue - Default value to return if the path doesn't exist
+ * @returns The value at the path or the default value
+ *
+ * @example
+ * ```typescript
+ * const user = {
+ *   name: 'John',
+ *   profile: {
+ *     address: {
+ *       street: '123 Main St',
+ *       city: 'NYC',
+ *       coordinates: { lat: 40.7128, lng: -74.0060 }
+ *     },
+ *     preferences: {
+ *       theme: 'dark',
+ *       notifications: true
+ *     }
+ *   }
+ * };
+ *
+ * // Basic property access
+ * ObjectGetPropertyByPath(user, 'name'); // 'John'
+ * ObjectGetPropertyByPath(user, 'profile.address.street'); // '123 Main St'
+ * ObjectGetPropertyByPath(user, 'profile.address.city'); // 'NYC'
+ *
+ * // Deep nested access
+ * ObjectGetPropertyByPath(user, 'profile.address.coordinates.lat'); // 40.7128
+ * ObjectGetPropertyByPath(user, 'profile.preferences.theme'); // 'dark'
+ *
+ * // Non-existent paths with defaults
+ * ObjectGetPropertyByPath(user, 'profile.avatar', 'default.jpg'); // 'default.jpg'
+ * ObjectGetPropertyByPath(user, 'settings.language', 'en'); // 'en'
+ * ObjectGetPropertyByPath(user, 'profile.social.twitter'); // undefined
+ *
+ * // Type safety with generics
+ * const lat = ObjectGetPropertyByPath<number>(user, 'profile.address.coordinates.lat', 0);
+ * const theme = ObjectGetPropertyByPath<string>(user, 'profile.preferences.theme', 'light');
+ *
+ * // Handles null/undefined safely
+ * ObjectGetPropertyByPath(null, 'any.path', 'default'); // 'default'
+ * ObjectGetPropertyByPath(user, '', 'default'); // 'default'
+ * ```
+ */
+export declare function ObjectGetPropertyByPath<T = any>(obj: any, path: string, defaultValue?: T): T | undefined;
+/**
+ * Sets a nested property on an object using a path string with dot notation.
+ * Automatically creates intermediate objects if they don't exist or are not objects.
+ * Modifies the original object in place.
+ *
+ * **Security Features:**
+ * - Prevents prototype pollution by blocking dangerous property names
+ * - Validates property paths to prevent path traversal attacks
+ * - Sanitizes input to prevent injection attacks
+ *
+ * @template T - The type of the value being set
+ * @param obj - Target object to modify
+ * @param path - Path to the property using dot notation (e.g., 'user.address.street')
+ * @param value - Value to set at the specified path
+ *
+ * @example
+ * ```typescript
+ * const user = { name: 'John' };
+ *
+ * // Set simple nested properties
+ * ObjectSetPropertyByPath(user, 'profile.age', 30);
+ * ObjectSetPropertyByPath(user, 'profile.email', 'john@example.com');
+ * console.log(user);
+ * // {
+ * //   name: 'John',
+ * //   profile: { age: 30, email: 'john@example.com' }
+ * // }
+ *
+ * // Set deeply nested properties
+ * ObjectSetPropertyByPath(user, 'profile.address.street', '123 Main St');
+ * ObjectSetPropertyByPath(user, 'profile.address.city', 'NYC');
+ * ObjectSetPropertyByPath(user, 'profile.preferences.theme', 'dark');
+ * console.log(user);
+ * // {
+ * //   name: 'John',
+ * //   profile: {
+ * //     age: 30,
+ * //     email: 'john@example.com',
+ * //     address: { street: '123 Main St', city: 'NYC' },
+ * //     preferences: { theme: 'dark' }
+ * //   }
+ * // }
+ *
+ * // Overwrite existing values
+ * ObjectSetPropertyByPath(user, 'profile.age', 31);
+ * ObjectSetPropertyByPath(user, 'profile.address.street', '456 Oak Ave');
+ *
+ * // Handle different value types
+ * ObjectSetPropertyByPath(user, 'profile.active', true);
+ * ObjectSetPropertyByPath(user, 'profile.tags', ['developer', 'javascript']);
+ * ObjectSetPropertyByPath(user, 'profile.metadata.created', new Date());
+ *
+ * // Safe handling of edge cases
+ * ObjectSetPropertyByPath(null, 'any.path', 'value'); // No effect, safely ignored
+ * ObjectSetPropertyByPath(user, '', 'value'); // No effect, safely ignored
+ * ```
+ */
+export declare function ObjectSetPropertyByPath<T = any>(obj: any, path: string, value: T): void;
+//# sourceMappingURL=property-paths.d.ts.map

package/build/object/property-paths.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"property-paths.d.ts","sourceRoot":"","sources":["../../src/object/property-paths.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsDG;AACH,wBAAgB,uBAAuB,CAAC,CAAC,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,SAAS,CAgCxG;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwDG;AACH,wBAAgB,uBAAuB,CAAC,CAAC,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,GAAG,IAAI,CAoCvF"}

package/build/object/property-paths.js

@@ -0,0 +1,170 @@
+import { isPropertyPathSafe, isPropertyKeySafe } from './security-utils.js';
+/**
+ * Safely gets a nested property from an object using a path string with dot notation.
+ * Returns the default value if the path doesn't exist or any intermediate value is null/undefined.
+ *
+ * **Security Features:**
+ * - Prevents access to dangerous internal properties
+ * - Validates property paths to prevent path traversal attacks
+ * - Blocks access to prototype chain properties
+ *
+ * @template T - The expected type of the property value
+ * @param obj - Source object to navigate
+ * @param path - Path to the property using dot notation (e.g., 'user.address.street')
+ * @param defaultValue - Default value to return if the path doesn't exist
+ * @returns The value at the path or the default value
+ *
+ * @example
+ * ```typescript
+ * const user = {
+ *   name: 'John',
+ *   profile: {
+ *     address: {
+ *       street: '123 Main St',
+ *       city: 'NYC',
+ *       coordinates: { lat: 40.7128, lng: -74.0060 }
+ *     },
+ *     preferences: {
+ *       theme: 'dark',
+ *       notifications: true
+ *     }
+ *   }
+ * };
+ *
+ * // Basic property access
+ * ObjectGetPropertyByPath(user, 'name'); // 'John'
+ * ObjectGetPropertyByPath(user, 'profile.address.street'); // '123 Main St'
+ * ObjectGetPropertyByPath(user, 'profile.address.city'); // 'NYC'
+ *
+ * // Deep nested access
+ * ObjectGetPropertyByPath(user, 'profile.address.coordinates.lat'); // 40.7128
+ * ObjectGetPropertyByPath(user, 'profile.preferences.theme'); // 'dark'
+ *
+ * // Non-existent paths with defaults
+ * ObjectGetPropertyByPath(user, 'profile.avatar', 'default.jpg'); // 'default.jpg'
+ * ObjectGetPropertyByPath(user, 'settings.language', 'en'); // 'en'
+ * ObjectGetPropertyByPath(user, 'profile.social.twitter'); // undefined
+ *
+ * // Type safety with generics
+ * const lat = ObjectGetPropertyByPath<number>(user, 'profile.address.coordinates.lat', 0);
+ * const theme = ObjectGetPropertyByPath<string>(user, 'profile.preferences.theme', 'light');
+ *
+ * // Handles null/undefined safely
+ * ObjectGetPropertyByPath(null, 'any.path', 'default'); // 'default'
+ * ObjectGetPropertyByPath(user, '', 'default'); // 'default'
+ * ```
+ */
+export function ObjectGetPropertyByPath(obj, path, defaultValue) {
+    if (!obj || !path) {
+        return defaultValue;
+    }
+    // Security validation: Check if the path is safe
+    if (!isPropertyPathSafe(path)) {
+        return defaultValue;
+    }
+    const keys = path.split('.');
+    let result = obj;
+    for (const key of keys) {
+        // Security check for each key
+        if (!isPropertyKeySafe(key)) {
+            return defaultValue;
+        }
+        if (result === null || result === undefined || typeof result !== 'object') {
+            return defaultValue;
+        }
+        // Use Object.hasOwnProperty to prevent prototype chain access
+        if (!Object.prototype.hasOwnProperty.call(result, key)) {
+            return defaultValue;
+        }
+        result = result[key];
+    }
+    return result === undefined ? defaultValue : result;
+}
+/**
+ * Sets a nested property on an object using a path string with dot notation.
+ * Automatically creates intermediate objects if they don't exist or are not objects.
+ * Modifies the original object in place.
+ *
+ * **Security Features:**
+ * - Prevents prototype pollution by blocking dangerous property names
+ * - Validates property paths to prevent path traversal attacks
+ * - Sanitizes input to prevent injection attacks
+ *
+ * @template T - The type of the value being set
+ * @param obj - Target object to modify
+ * @param path - Path to the property using dot notation (e.g., 'user.address.street')
+ * @param value - Value to set at the specified path
+ *
+ * @example
+ * ```typescript
+ * const user = { name: 'John' };
+ *
+ * // Set simple nested properties
+ * ObjectSetPropertyByPath(user, 'profile.age', 30);
+ * ObjectSetPropertyByPath(user, 'profile.email', 'john@example.com');
+ * console.log(user);
+ * // {
+ * //   name: 'John',
+ * //   profile: { age: 30, email: 'john@example.com' }
+ * // }
+ *
+ * // Set deeply nested properties
+ * ObjectSetPropertyByPath(user, 'profile.address.street', '123 Main St');
+ * ObjectSetPropertyByPath(user, 'profile.address.city', 'NYC');
+ * ObjectSetPropertyByPath(user, 'profile.preferences.theme', 'dark');
+ * console.log(user);
+ * // {
+ * //   name: 'John',
+ * //   profile: {
+ * //     age: 30,
+ * //     email: 'john@example.com',
+ * //     address: { street: '123 Main St', city: 'NYC' },
+ * //     preferences: { theme: 'dark' }
+ * //   }
+ * // }
+ *
+ * // Overwrite existing values
+ * ObjectSetPropertyByPath(user, 'profile.age', 31);
+ * ObjectSetPropertyByPath(user, 'profile.address.street', '456 Oak Ave');
+ *
+ * // Handle different value types
+ * ObjectSetPropertyByPath(user, 'profile.active', true);
+ * ObjectSetPropertyByPath(user, 'profile.tags', ['developer', 'javascript']);
+ * ObjectSetPropertyByPath(user, 'profile.metadata.created', new Date());
+ *
+ * // Safe handling of edge cases
+ * ObjectSetPropertyByPath(null, 'any.path', 'value'); // No effect, safely ignored
+ * ObjectSetPropertyByPath(user, '', 'value'); // No effect, safely ignored
+ * ```
+ */
+export function ObjectSetPropertyByPath(obj, path, value) {
+    if (!obj || !path) {
+        return;
+    }
+    // Security validation: Check if the path is safe
+    if (!isPropertyPathSafe(path)) {
+        return;
+    }
+    const keys = path.split('.');
+    const lastKey = keys.pop();
+    if (lastKey === undefined) {
+        return;
+    }
+    // Additional security check for the final key
+    if (!isPropertyKeySafe(lastKey)) {
+        return;
+    }
+    let current = obj;
+    for (const key of keys) {
+        // Security check for each intermediate key
+        if (!isPropertyKeySafe(key)) {
+            return;
+        }
+        if (current[key] === null || current[key] === undefined || typeof current[key] !== 'object') {
+            current[key] = {};
+        }
+        current = current[key];
+    }
+    current[lastKey] = value;
+}
+//# sourceMappingURL=property-paths.js.map

package/build/object/property-paths.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"property-paths.js","sourceRoot":"","sources":["../../src/object/property-paths.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAE5E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsDG;AACH,MAAM,UAAU,uBAAuB,CAAU,GAAQ,EAAE,IAAY,EAAE,YAAgB;IACxF,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QACnB,OAAO,YAAY,CAAC;IACrB,CAAC;IAED,iDAAiD;IACjD,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,OAAO,YAAY,CAAC;IACrB,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,MAAM,GAAG,GAAG,CAAC;IAEjB,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACxB,8BAA8B;QAC9B,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7B,OAAO,YAAY,CAAC;QACrB,CAAC;QAED,IAAI,MAAM,KAAK,IAAI,IAAI,MAAM,KAAK,SAAS,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC3E,OAAO,YAAY,CAAC;QACrB,CAAC;QAED,8DAA8D;QAC9D,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,CAAC;YACxD,OAAO,YAAY,CAAC;QACrB,CAAC;QAED,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IACtB,CAAC;IAED,OAAO,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,MAAW,CAAC;AAC1D,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwDG;AACH,MAAM,UAAU,uBAAuB,CAAU,GAAQ,EAAE,IAAY,EAAE,KAAQ;IAChF,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QACnB,OAAO;IACR,CAAC;IAED,iDAAiD;IACjD,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,OAAO;IACR,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC3B,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;QAC3B,OAAO;IACR,CAAC;IAED,8CAA8C;IAC9C,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,EAAE,CAAC;QACjC,OAAO;IACR,CAAC;IAED,IAAI,OAAO,GAAG,GAAG,CAAC;IAElB,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACxB,2CAA2C;QAC3C,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7B,OAAO;QACR,CAAC;QAED,IAAI,OAAO,CAAC,GAAG,CAAC,KAAK,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,KAAK,SAAS,IAAI,OAAO,OAAO,CAAC,GAAG,CAAC,KAAK,QAAQ,EAAE,CAAC;YAC7F,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;QACnB,CAAC;QACD,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IACxB,CAAC;IAED,OAAO,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC;AAC1B,CAAC"}

package/build/object/security-utils.d.ts

@@ -0,0 +1,59 @@
+/**
+ * Security utilities for object manipulation functions
+ * Provides protection against prototype pollution, path traversal, and other security vulnerabilities
+ *
+ * @author Security Auditor Agent
+ * @version 1.0.0
+ */
+/**
+ * Validates if a property key is safe to use (not dangerous for prototype pollution)
+ *
+ * @param key - The property key to validate
+ * @returns True if the key is safe, false if it's dangerous
+ */
+export declare function isPropertyKeySafe(key: string): boolean;
+/**
+ * Validates a property path for security issues
+ *
+ * @param path - The property path to validate (dot notation)
+ * @returns True if the path is safe, false if it contains security risks
+ */
+export declare function isPropertyPathSafe(path: string): boolean;
+/**
+ * Sanitizes a property key by removing or replacing dangerous characters
+ *
+ * @param key - The property key to sanitize
+ * @returns Sanitized key or null if the key is too dangerous to sanitize
+ */
+export declare function sanitizePropertyKey(key: string): string | null;
+/**
+ * Filters out dangerous keys from an object
+ *
+ * @param obj - The object to filter
+ * @returns New object with only safe keys
+ */
+export declare function filterDangerousKeys<T extends Record<string, any>>(obj: T): Partial<T>;
+/**
+ * Interface for circular reference detector
+ */
+export interface ICircularReferenceDetector {
+    markVisited(obj: object): void;
+    isVisited(obj: object): boolean;
+    clear(): void;
+}
+/**
+ * Creates a circular reference detection utility using WeakSet
+ *
+ * @returns Object with methods to track and check for circular references
+ */
+export declare function createCircularReferenceDetector(): ICircularReferenceDetector;
+/**
+ * Validates input for common security issues.
+ * Designed for property path validation, not general string validation.
+ *
+ * @param input - Input to validate
+ * @param maxLength - Maximum allowed length
+ * @returns True if input is safe
+ */
+export declare function isInputSafe(input: any, maxLength?: number): boolean;
+//# sourceMappingURL=security-utils.d.ts.map

package/build/object/security-utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-utils.d.ts","sourceRoot":"","sources":["../../src/object/security-utils.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAwBH;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAuBtD;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAkBxD;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAO9D;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAUrF;AAED;;GAEG;AACH,MAAM,WAAW,0BAA0B;IAC1C,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;IAChC,KAAK,IAAI,IAAI,CAAC;CACd;AAED;;;;GAIG;AACH,wBAAgB,+BAA+B,IAAI,0BAA0B,CA6B5E;AAKD;;;;;;;GAOG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,SAAS,GAAE,MAAiC,GAAG,OAAO,CAqB7F"}

package/build/object/security-utils.js

@@ -0,0 +1,165 @@
+/**
+ * Security utilities for object manipulation functions
+ * Provides protection against prototype pollution, path traversal, and other security vulnerabilities
+ *
+ * @author Security Auditor Agent
+ * @version 1.0.0
+ */
+/**
+ * List of dangerous property names that should be blocked to prevent prototype pollution.
+ * Only the three canonical prototype-pollution vectors are blocked; other Object.prototype
+ * methods (toString, valueOf, hasOwnProperty, etc.) are legitimate property names.
+ */
+const DANGEROUS_PROPERTY_NAMES = new Set([
+    '__proto__',
+    'constructor',
+    'prototype',
+]);
+/**
+ * Regular expression patterns for detecting path traversal attempts
+ */
+const PATH_TRAVERSAL_PATTERNS = [
+    /%2e%2e/i, // URL encoded ..
+    /%252e%252e/i, // Double URL encoded ..
+    new RegExp(String.fromCharCode(0)), // Null byte injection
+    /%00/i, // URL encoded null byte
+    /\uFEFF|\uFFFE|\uFFFF/, // Unicode BOM and invalid characters
+];
+/**
+ * Validates if a property key is safe to use (not dangerous for prototype pollution)
+ *
+ * @param key - The property key to validate
+ * @returns True if the key is safe, false if it's dangerous
+ */
+export function isPropertyKeySafe(key) {
+    if (typeof key !== 'string') {
+        return false;
+    }
+    // Check against dangerous property names
+    if (DANGEROUS_PROPERTY_NAMES.has(key)) {
+        return false;
+    }
+    // Check for properties starting with __ (dunder methods)
+    if (key.startsWith('__')) {
+        return false;
+    }
+    // Check for path traversal patterns
+    for (const pattern of PATH_TRAVERSAL_PATTERNS) {
+        if (pattern.test(key)) {
+            return false;
+        }
+    }
+    return true;
+}
+/**
+ * Validates a property path for security issues
+ *
+ * @param path - The property path to validate (dot notation)
+ * @returns True if the path is safe, false if it contains security risks
+ */
+export function isPropertyPathSafe(path) {
+    if (!path || typeof path !== 'string') {
+        return false;
+    }
+    // Check if path starts or ends with a dot
+    if (path.startsWith('.') || path.endsWith('.')) {
+        return false;
+    }
+    // Check for consecutive dots (potential traversal)
+    if (path.includes('..')) {
+        return false;
+    }
+    // Validate each segment of the path
+    const segments = path.split('.');
+    return segments.every((segment) => isPropertyKeySafe(segment));
+}
+/**
+ * Sanitizes a property key by removing or replacing dangerous characters
+ *
+ * @param key - The property key to sanitize
+ * @returns Sanitized key or null if the key is too dangerous to sanitize
+ */
+export function sanitizePropertyKey(key) {
+    if (!isPropertyKeySafe(key)) {
+        return null;
+    }
+    // Additional sanitization for edge cases
+    return key.trim();
+}
+/**
+ * Filters out dangerous keys from an object
+ *
+ * @param obj - The object to filter
+ * @returns New object with only safe keys
+ */
+export function filterDangerousKeys(obj) {
+    const filtered = {};
+    for (const key in obj) {
+        if (Object.hasOwn(obj, key) && isPropertyKeySafe(key)) {
+            filtered[key] = obj[key];
+        }
+    }
+    return filtered;
+}
+/**
+ * Creates a circular reference detection utility using WeakSet
+ *
+ * @returns Object with methods to track and check for circular references
+ */
+export function createCircularReferenceDetector() {
+    let visited = new WeakSet();
+    return {
+        /**
+         * Marks an object as visited
+         * @param obj - Object to mark as visited
+         */
+        markVisited(obj) {
+            visited.add(obj);
+        },
+        /**
+         * Checks if an object has been visited (circular reference)
+         * @param obj - Object to check
+         * @returns True if object was already visited
+         */
+        isVisited(obj) {
+            return visited.has(obj);
+        },
+        /**
+         * Clears the visited objects set
+         */
+        clear() {
+            // WeakSet doesn't have a clear method, so we create a new one
+            visited = new WeakSet();
+        },
+    };
+}
+/** Default maximum input length for security validation */
+const DEFAULT_MAX_INPUT_LENGTH = 10000;
+/**
+ * Validates input for common security issues.
+ * Designed for property path validation, not general string validation.
+ *
+ * @param input - Input to validate
+ * @param maxLength - Maximum allowed length
+ * @returns True if input is safe
+ */
+export function isInputSafe(input, maxLength = DEFAULT_MAX_INPUT_LENGTH) {
+    // Check for null/undefined
+    if (input === null || input === undefined) {
+        return true;
+    }
+    // Check string length to prevent DoS
+    if (typeof input === 'string' && input.length > maxLength) {
+        return false;
+    }
+    // Check for dangerous string patterns
+    if (typeof input === 'string') {
+        for (const pattern of PATH_TRAVERSAL_PATTERNS) {
+            if (pattern.test(input)) {
+                return false;
+            }
+        }
+    }
+    return true;
+}
+//# sourceMappingURL=security-utils.js.map

package/build/object/security-utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-utils.js","sourceRoot":"","sources":["../../src/object/security-utils.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH;;;;GAIG;AACH,MAAM,wBAAwB,GAAG,IAAI,GAAG,CAAC;IACxC,WAAW;IACX,aAAa;IACb,WAAW;CACX,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,uBAAuB,GAAG;IAC/B,SAAS,EAAiB,iBAAiB;IAC3C,aAAa,EAAa,wBAAwB;IAClD,IAAI,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,sBAAsB;IAC1D,MAAM,EAAoB,wBAAwB;IAClD,sBAAsB,EAAK,qCAAqC;CAChE,CAAC;AAEF;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,GAAW;IAC5C,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC7B,OAAO,KAAK,CAAC;IACd,CAAC;IAED,yCAAyC;IACzC,IAAI,wBAAwB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;QACvC,OAAO,KAAK,CAAC;IACd,CAAC;IAED,yDAAyD;IACzD,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAC1B,OAAO,KAAK,CAAC;IACd,CAAC;IAED,oCAAoC;IACpC,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;QAC/C,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACvB,OAAO,KAAK,CAAC;QACd,CAAC;IACF,CAAC;IAED,OAAO,IAAI,CAAC;AACb,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,kBAAkB,CAAC,IAAY;IAC9C,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACvC,OAAO,KAAK,CAAC;IACd,CAAC;IAED,0CAA0C;IAC1C,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACd,CAAC;IAED,mDAAmD;IACnD,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC;IACd,CAAC;IAED,oCAAoC;IACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACjC,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,CAAC;AAChE,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,mBAAmB,CAAC,GAAW;IAC9C,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC;IACb,CAAC;IAED,yCAAyC;IACzC,OAAO,GAAG,CAAC,IAAI,EAAE,CAAC;AACnB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,mBAAmB,CAAgC,GAAM;IACxE,MAAM,QAAQ,GAAe,EAAE,CAAC;IAEhC,KAAK,MAAM,GAAG,IAAI,GAAG,EAAE,CAAC;QACvB,IAAI,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,iBAAiB,CAAC,GAAG,CAAC,EAAE,CAAC;YACvD,QAAQ,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAC1B,CAAC;IACF,CAAC;IAED,OAAO,QAAQ,CAAC;AACjB,CAAC;AAWD;;;;GAIG;AACH,MAAM,UAAU,+BAA+B;IAC9C,IAAI,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;IAE5B,OAAO;QACN;;;WAGG;QACH,WAAW,CAAC,GAAW;YACtB,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAClB,CAAC;QAED;;;;WAIG;QACH,SAAS,CAAC,GAAW;YACpB,OAAO,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACzB,CAAC;QAED;;WAEG;QACH,KAAK;YACJ,8DAA8D;YAC9D,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;QACzB,CAAC;KACD,CAAC;AACH,CAAC;AAED,2DAA2D;AAC3D,MAAM,wBAAwB,GAAG,KAAK,CAAC;AAEvC;;;;;;;GAOG;AACH,MAAM,UAAU,WAAW,CAAC,KAAU,EAAE,YAAoB,wBAAwB;IACnF,2BAA2B;IAC3B,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QAC3C,OAAO,IAAI,CAAC;IACb,CAAC;IAED,qCAAqC;IACrC,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3D,OAAO,KAAK,CAAC;IACd,CAAC;IAED,sCAAsC;IACtC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC/B,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;YAC/C,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;gBACzB,OAAO,KAAK,CAAC;YACd,CAAC;QACF,CAAC;IACF,CAAC;IAED,OAAO,IAAI,CAAC;AACb,CAAC"}

package/build/object/sort-keys.d.ts

@@ -0,0 +1,26 @@
+/**
+ * Sorts the keys of an object alphabetically and returns a new object with the same type
+ *
+ * @template T - The type of the input object
+ * @param object - Object whose keys should be sorted
+ * @returns A new object with sorted keys maintaining the original type
+ *
+ * @example
+ * ```typescript
+ * const input = { z: 1, a: 2, m: 3 };
+ * const sorted = ObjectSortKeys(input);
+ * // Result: { a: 2, m: 3, z: 1 }
+ *
+ * // With complex object
+ * const user = {
+ *   name: 'John',
+ *   age: 30,
+ *   email: 'john@example.com',
+ *   active: true
+ * };
+ * const sortedUser = ObjectSortKeys(user);
+ * // Result: { active: true, age: 30, email: 'john@example.com', name: 'John' }
+ * ```
+ */
+export declare function ObjectSortKeys<T extends Record<string, any>>(object: T): T;
+//# sourceMappingURL=sort-keys.d.ts.map

package/build/object/sort-keys.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sort-keys.d.ts","sourceRoot":"","sources":["../../src/object/sort-keys.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,wBAAgB,cAAc,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC,GAAG,CAAC,CA+B1E"}

package/build/object/sort-keys.js

@@ -0,0 +1,52 @@
+/**
+ * Sorts the keys of an object alphabetically and returns a new object with the same type
+ *
+ * @template T - The type of the input object
+ * @param object - Object whose keys should be sorted
+ * @returns A new object with sorted keys maintaining the original type
+ *
+ * @example
+ * ```typescript
+ * const input = { z: 1, a: 2, m: 3 };
+ * const sorted = ObjectSortKeys(input);
+ * // Result: { a: 2, m: 3, z: 1 }
+ *
+ * // With complex object
+ * const user = {
+ *   name: 'John',
+ *   age: 30,
+ *   email: 'john@example.com',
+ *   active: true
+ * };
+ * const sortedUser = ObjectSortKeys(user);
+ * // Result: { active: true, age: 30, email: 'john@example.com', name: 'John' }
+ * ```
+ */
+export function ObjectSortKeys(object) {
+    if (!object || typeof object !== 'object' || Array.isArray(object)) {
+        return object;
+    }
+    const sorted = Object.keys(object).sort((a, b) => {
+        if (a < b)
+            return -1;
+        if (a > b)
+            return 1;
+        return 0;
+    })
+        .reduce((entry, key) => {
+        entry[key] = object[key];
+        return entry;
+    }, {});
+    // Preserve non-enumerable properties
+    const allKeys = Object.getOwnPropertyNames(object);
+    for (const key of allKeys) {
+        if (!Object.prototype.hasOwnProperty.call(sorted, key)) {
+            const descriptor = Object.getOwnPropertyDescriptor(object, key);
+            if (descriptor) {
+                Object.defineProperty(sorted, key, descriptor);
+            }
+        }
+    }
+    return sorted;
+}
+//# sourceMappingURL=sort-keys.js.map