@prairielearn/sanitize 1.0.0

package/README.md

@@ -0,0 +1,26 @@
+# `@prairielearn/sanitize`
+
+A collection of functions for sanitizing and escaping various values.
+
+## Usage
+
+```ts
+import { sanitizeObject, escapeRegExp, recursivelyTruncateStrings } from '@prairielearn/sanitize';
+
+sanitizeObject({
+  value: 'null \u0000 byte',
+});
+
+escapeRegExp('foo*(bar)');
+
+recursivelyTruncateStrings(
+  {
+    foo: {
+      bar: {
+        baz: 'biz'.repeat(10000),
+      },
+    },
+  },
+  100
+);
+```

package/dist/index.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Recursively traverse an object and replace null bytes (\u0000) with the
+ * literal string "\u0000". This produces a new object and does not modify the
+ * provided object.
+ *
+ * @param value The object to be sanitized.
+ * @return The sanitized object.
+ */
+export declare function sanitizeObject<T>(value: T): T;
+/**
+ * Escape special characters in a RegExp string
+ * Source: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions#Using_special_characters
+ *
+ * @param str A literal string to act as a match for RegExp objects
+ * @return A string literal ready to match
+ */
+export declare function escapeRegExp(str: string): string;
+/**
+ * Recursively truncates all strings in a value to a maximum length.
+ */
+export declare function recursivelyTruncateStrings<T>(value: T, maxLength: number): T;

package/dist/index.js

@@ -0,0 +1,74 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.recursivelyTruncateStrings = exports.escapeRegExp = exports.sanitizeObject = void 0;
+/**
+ * Recursively traverse an object and replace null bytes (\u0000) with the
+ * literal string "\u0000". This produces a new object and does not modify the
+ * provided object.
+ *
+ * @param value The object to be sanitized.
+ * @return The sanitized object.
+ */
+function sanitizeObject(value) {
+    if (value === null) {
+        return null;
+    }
+    else if (Array.isArray(value)) {
+        return value.map(sanitizeObject);
+    }
+    else if (typeof value === 'string') {
+        return value.replace('\u0000', '\\u0000');
+    }
+    else if (typeof value === 'object') {
+        const sanitized = Object.entries(value).map(([key, value]) => {
+            return [key, sanitizeObject(value)];
+        });
+        return sanitized.reduce((acc, [key, value]) => {
+            acc[key] = value;
+            return acc;
+        }, {});
+    }
+    else {
+        return value;
+    }
+}
+exports.sanitizeObject = sanitizeObject;
+/**
+ * Escape special characters in a RegExp string
+ * Source: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions#Using_special_characters
+ *
+ * @param str A literal string to act as a match for RegExp objects
+ * @return A string literal ready to match
+ */
+function escapeRegExp(str) {
+    return str.replace(/[.*+\-?^${}()|[\]\\/]/g, '\\$&');
+}
+exports.escapeRegExp = escapeRegExp;
+/**
+ * Recursively truncates all strings in a value to a maximum length.
+ */
+function recursivelyTruncateStrings(value, maxLength) {
+    if (value === null) {
+        return null;
+    }
+    else if (typeof value === 'string') {
+        if (value.length <= maxLength) {
+            return value;
+        }
+        return (value.substring(0, maxLength) + '...[truncated]');
+    }
+    else if (Array.isArray(value)) {
+        return value.map((value) => recursivelyTruncateStrings(value, maxLength));
+    }
+    else if (typeof value === 'object') {
+        return Object.entries(value).reduce((acc, [key, value]) => {
+            acc[key] = recursivelyTruncateStrings(value, maxLength);
+            return acc;
+        }, {});
+    }
+    else {
+        return value;
+    }
+}
+exports.recursivelyTruncateStrings = recursivelyTruncateStrings;
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAAA;;;;;;;GAOG;AACH,SAAgB,cAAc,CAAI,KAAQ;IACxC,IAAI,KAAK,KAAK,IAAI,EAAE;QAClB,OAAO,IAAS,CAAC;KAClB;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;QAC/B,OAAO,KAAK,CAAC,GAAG,CAAC,cAAc,CAAM,CAAC;KACvC;SAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;QACpC,OAAO,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,CAAM,CAAC;KAChD;SAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;QACpC,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;YAC3D,OAAO,CAAC,GAAG,EAAE,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;QACH,OAAO,SAAS,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;YAC5C,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YACjB,OAAO,GAAG,CAAC;QACb,CAAC,EAAE,EAAS,CAAM,CAAC;KACpB;SAAM;QACL,OAAO,KAAK,CAAC;KACd;AACH,CAAC;AAlBD,wCAkBC;AAED;;;;;;GAMG;AACH,SAAgB,YAAY,CAAC,GAAW;IACtC,OAAO,GAAG,CAAC,OAAO,CAAC,wBAAwB,EAAE,MAAM,CAAC,CAAC;AACvD,CAAC;AAFD,oCAEC;AAED;;GAEG;AACH,SAAgB,0BAA0B,CAAI,KAAQ,EAAE,SAAiB;IACvE,IAAI,KAAK,KAAK,IAAI,EAAE;QAClB,OAAO,IAAS,CAAC;KAClB;SAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;QACpC,IAAI,KAAK,CAAC,MAAM,IAAI,SAAS,EAAE;YAC7B,OAAO,KAAK,CAAC;SACd;QACD,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,CAAC,GAAG,gBAAgB,CAAM,CAAC;KAChE;SAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;QAC/B,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,0BAA0B,CAAC,KAAK,EAAE,SAAS,CAAC,CAAM,CAAC;KAChF;SAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;QACpC,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;YACxD,GAAG,CAAC,GAAG,CAAC,GAAG,0BAA0B,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;YACxD,OAAO,GAAG,CAAC;QACb,CAAC,EAAE,EAAS,CAAM,CAAC;KACpB;SAAM;QACL,OAAO,KAAK,CAAC;KACd;AACH,CAAC;AAlBD,gEAkBC"}

package/dist/index.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/index.test.js

@@ -0,0 +1,103 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const chai_1 = require("chai");
+const index_1 = require("./index");
+describe('sanitizeObject', () => {
+    it('sanitizes an empty object', () => {
+        const input = {};
+        const expected = {};
+        chai_1.assert.deepEqual(expected, (0, index_1.sanitizeObject)(input));
+    });
+    it('handles null byte in top-level string', () => {
+        const input = { test: 'test\u0000ing' };
+        const expected = { test: 'test\\u0000ing' };
+        chai_1.assert.deepEqual(expected, (0, index_1.sanitizeObject)(input));
+    });
+    it('handles null byte in nested string', () => {
+        const input = {
+            test: {
+                nestedTest: 'test\u0000ing',
+            },
+        };
+        const expected = {
+            test: {
+                nestedTest: 'test\\u0000ing',
+            },
+        };
+        chai_1.assert.deepEqual(expected, (0, index_1.sanitizeObject)(input));
+    });
+    it('handles null byte in top-level array', () => {
+        const input = {
+            test: ['testing', 'test\u0000ing'],
+        };
+        const expected = {
+            test: ['testing', 'test\\u0000ing'],
+        };
+        chai_1.assert.deepEqual(expected, (0, index_1.sanitizeObject)(input));
+    });
+    it('handles null byte in nested array', () => {
+        const input = {
+            test: {
+                test2: ['testing', 'test\u0000ing'],
+            },
+        };
+        const expected = {
+            test: {
+                test2: ['testing', 'test\\u0000ing'],
+            },
+        };
+        chai_1.assert.deepEqual(expected, (0, index_1.sanitizeObject)(input));
+    });
+    it('handles numbers correctly', () => {
+        const input = {
+            test: 'test\u0000ing',
+            a: 1,
+            b: 2.45,
+        };
+        const expected = {
+            test: 'test\\u0000ing',
+            a: 1,
+            b: 2.45,
+        };
+        chai_1.assert.deepEqual(expected, (0, index_1.sanitizeObject)(input));
+    });
+    it('handles null values correctly', () => {
+        const input = {
+            test: 'test\u0000ing',
+            a: null,
+        };
+        const expected = {
+            test: 'test\\u0000ing',
+            a: null,
+        };
+        chai_1.assert.deepEqual(expected, (0, index_1.sanitizeObject)(input));
+    });
+});
+describe('recursivelyTruncateStrings', () => {
+    it('handles empty object', () => {
+        chai_1.assert.deepEqual((0, index_1.recursivelyTruncateStrings)({}, 10), {});
+    });
+    it('handles null and undefined', () => {
+        chai_1.assert.deepEqual((0, index_1.recursivelyTruncateStrings)({ test: null }, 10), { test: null });
+        chai_1.assert.deepEqual((0, index_1.recursivelyTruncateStrings)({ test: undefined }, 10), { test: undefined });
+    });
+    it('handles legal string', () => {
+        chai_1.assert.deepEqual((0, index_1.recursivelyTruncateStrings)({ test: 'test' }, 10), { test: 'test' });
+    });
+    it('handles long string', () => {
+        chai_1.assert.deepEqual((0, index_1.recursivelyTruncateStrings)({ test: 'testtest' }, 4), {
+            test: 'test...[truncated]',
+        });
+    });
+    it('handles long string in array', () => {
+        chai_1.assert.deepEqual((0, index_1.recursivelyTruncateStrings)({ test: ['testtest'] }, 4), {
+            test: ['test...[truncated]'],
+        });
+    });
+    it('handles long string in object in array', () => {
+        chai_1.assert.deepEqual((0, index_1.recursivelyTruncateStrings)({ test: [{ test: 'testtest' }] }, 4), {
+            test: [{ test: 'test...[truncated]' }],
+        });
+    });
+});
+//# sourceMappingURL=index.test.js.map

package/dist/index.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.test.js","sourceRoot":"","sources":["../src/index.test.ts"],"names":[],"mappings":";;AAAA,+BAA8B;AAE9B,mCAAqE;AAErE,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;IAC9B,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACnC,MAAM,KAAK,GAAG,EAAE,CAAC;QACjB,MAAM,QAAQ,GAAG,EAAE,CAAC;QACpB,aAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAA,sBAAc,EAAC,KAAK,CAAC,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,KAAK,GAAG,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC;QACxC,MAAM,QAAQ,GAAG,EAAE,IAAI,EAAE,gBAAgB,EAAE,CAAC;QAC5C,aAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAA,sBAAc,EAAC,KAAK,CAAC,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,KAAK,GAAG;YACZ,IAAI,EAAE;gBACJ,UAAU,EAAE,eAAe;aAC5B;SACF,CAAC;QACF,MAAM,QAAQ,GAAG;YACf,IAAI,EAAE;gBACJ,UAAU,EAAE,gBAAgB;aAC7B;SACF,CAAC;QACF,aAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAA,sBAAc,EAAC,KAAK,CAAC,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,KAAK,GAAG;YACZ,IAAI,EAAE,CAAC,SAAS,EAAE,eAAe,CAAC;SACnC,CAAC;QACF,MAAM,QAAQ,GAAG;YACf,IAAI,EAAE,CAAC,SAAS,EAAE,gBAAgB,CAAC;SACpC,CAAC;QACF,aAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAA,sBAAc,EAAC,KAAK,CAAC,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,KAAK,GAAG;YACZ,IAAI,EAAE;gBACJ,KAAK,EAAE,CAAC,SAAS,EAAE,eAAe,CAAC;aACpC;SACF,CAAC;QACF,MAAM,QAAQ,GAAG;YACf,IAAI,EAAE;gBACJ,KAAK,EAAE,CAAC,SAAS,EAAE,gBAAgB,CAAC;aACrC;SACF,CAAC;QACF,aAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAA,sBAAc,EAAC,KAAK,CAAC,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACnC,MAAM,KAAK,GAAG;YACZ,IAAI,EAAE,eAAe;YACrB,CAAC,EAAE,CAAC;YACJ,CAAC,EAAE,IAAI;SACR,CAAC;QACF,MAAM,QAAQ,GAAG;YACf,IAAI,EAAE,gBAAgB;YACtB,CAAC,EAAE,CAAC;YACJ,CAAC,EAAE,IAAI;SACR,CAAC;QACF,aAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAA,sBAAc,EAAC,KAAK,CAAC,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,MAAM,KAAK,GAAG;YACZ,IAAI,EAAE,eAAe;YACrB,CAAC,EAAE,IAAI;SACR,CAAC;QACF,MAAM,QAAQ,GAAG;YACf,IAAI,EAAE,gBAAgB;YACtB,CAAC,EAAE,IAAI;SACR,CAAC;QACF,aAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAA,sBAAc,EAAC,KAAK,CAAC,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,4BAA4B,EAAE,GAAG,EAAE;IAC1C,EAAE,CAAC,sBAAsB,EAAE,GAAG,EAAE;QAC9B,aAAM,CAAC,SAAS,CAAC,IAAA,kCAA0B,EAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;QACpC,aAAM,CAAC,SAAS,CAAC,IAAA,kCAA0B,EAAC,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACjF,aAAM,CAAC,SAAS,CAAC,IAAA,kCAA0B,EAAC,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;IAC7F,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sBAAsB,EAAE,GAAG,EAAE;QAC9B,aAAM,CAAC,SAAS,CAAC,IAAA,kCAA0B,EAAC,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;IACvF,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qBAAqB,EAAE,GAAG,EAAE;QAC7B,aAAM,CAAC,SAAS,CAAC,IAAA,kCAA0B,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC,EAAE;YACpE,IAAI,EAAE,oBAAoB;SAC3B,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;QACtC,aAAM,CAAC,SAAS,CAAC,IAAA,kCAA0B,EAAC,EAAE,IAAI,EAAE,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE;YACtE,IAAI,EAAE,CAAC,oBAAoB,CAAC;SAC7B,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,aAAM,CAAC,SAAS,CAAC,IAAA,kCAA0B,EAAC,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE;YAChF,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,oBAAoB,EAAE,CAAC;SACvC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/package.json

@@ -0,0 +1,22 @@
+{
+  "name": "@prairielearn/sanitize",
+  "version": "1.0.0",
+  "main": "./dist/index.js",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/PrairieLearn/PrairieLearn.git",
+    "directory": "packages/sanitize"
+  },
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch --preserveWatchOutput",
+    "test": "mocha --no-config --require ts-node/register src/*.test.ts"
+  },
+  "devDependencies": {
+    "@prairielearn/tsconfig": "^0.0.0",
+    "@types/node": "^18.15.11",
+    "mocha": "^10.2.0",
+    "ts-node": "^10.9.1",
+    "typescript": "^4.9.4"
+  }
+}

package/src/index.test.ts

@@ -0,0 +1,114 @@
+import { assert } from 'chai';
+
+import { sanitizeObject, recursivelyTruncateStrings } from './index';
+
+describe('sanitizeObject', () => {
+  it('sanitizes an empty object', () => {
+    const input = {};
+    const expected = {};
+    assert.deepEqual(expected, sanitizeObject(input));
+  });
+
+  it('handles null byte in top-level string', () => {
+    const input = { test: 'test\u0000ing' };
+    const expected = { test: 'test\\u0000ing' };
+    assert.deepEqual(expected, sanitizeObject(input));
+  });
+
+  it('handles null byte in nested string', () => {
+    const input = {
+      test: {
+        nestedTest: 'test\u0000ing',
+      },
+    };
+    const expected = {
+      test: {
+        nestedTest: 'test\\u0000ing',
+      },
+    };
+    assert.deepEqual(expected, sanitizeObject(input));
+  });
+
+  it('handles null byte in top-level array', () => {
+    const input = {
+      test: ['testing', 'test\u0000ing'],
+    };
+    const expected = {
+      test: ['testing', 'test\\u0000ing'],
+    };
+    assert.deepEqual(expected, sanitizeObject(input));
+  });
+
+  it('handles null byte in nested array', () => {
+    const input = {
+      test: {
+        test2: ['testing', 'test\u0000ing'],
+      },
+    };
+    const expected = {
+      test: {
+        test2: ['testing', 'test\\u0000ing'],
+      },
+    };
+    assert.deepEqual(expected, sanitizeObject(input));
+  });
+
+  it('handles numbers correctly', () => {
+    const input = {
+      test: 'test\u0000ing',
+      a: 1,
+      b: 2.45,
+    };
+    const expected = {
+      test: 'test\\u0000ing',
+      a: 1,
+      b: 2.45,
+    };
+    assert.deepEqual(expected, sanitizeObject(input));
+  });
+
+  it('handles null values correctly', () => {
+    const input = {
+      test: 'test\u0000ing',
+      a: null,
+    };
+    const expected = {
+      test: 'test\\u0000ing',
+      a: null,
+    };
+    assert.deepEqual(expected, sanitizeObject(input));
+  });
+});
+
+describe('recursivelyTruncateStrings', () => {
+  it('handles empty object', () => {
+    assert.deepEqual(recursivelyTruncateStrings({}, 10), {});
+  });
+
+  it('handles null and undefined', () => {
+    assert.deepEqual(recursivelyTruncateStrings({ test: null }, 10), { test: null });
+    assert.deepEqual(recursivelyTruncateStrings({ test: undefined }, 10), { test: undefined });
+  });
+
+  it('handles legal string', () => {
+    assert.deepEqual(recursivelyTruncateStrings({ test: 'test' }, 10), { test: 'test' });
+  });
+
+  it('handles long string', () => {
+    assert.deepEqual(recursivelyTruncateStrings({ test: 'testtest' }, 4), {
+      test: 'test...[truncated]',
+    });
+  });
+
+  it('handles long string in array', () => {
+    assert.deepEqual(recursivelyTruncateStrings({ test: ['testtest'] }, 4), {
+      test: ['test...[truncated]'],
+    });
+  });
+
+  it('handles long string in object in array', () => {
+    assert.deepEqual(recursivelyTruncateStrings({ test: [{ test: 'testtest' }] }, 4), {
+      test: [{ test: 'test...[truncated]' }],
+    });
+  });
+});

package/src/index.ts

@@ -0,0 +1,61 @@
+/**
+ * Recursively traverse an object and replace null bytes (\u0000) with the
+ * literal string "\u0000". This produces a new object and does not modify the
+ * provided object.
+ *
+ * @param value The object to be sanitized.
+ * @return The sanitized object.
+ */
+export function sanitizeObject<T>(value: T): T {
+  if (value === null) {
+    return null as T;
+  } else if (Array.isArray(value)) {
+    return value.map(sanitizeObject) as T;
+  } else if (typeof value === 'string') {
+    return value.replace('\u0000', '\\u0000') as T;
+  } else if (typeof value === 'object') {
+    const sanitized = Object.entries(value).map(([key, value]) => {
+      return [key, sanitizeObject(value)];
+    });
+    return sanitized.reduce((acc, [key, value]) => {
+      acc[key] = value;
+      return acc;
+    }, {} as any) as T;
+  } else {
+    return value;
+  }
+}
+
+/**
+ * Escape special characters in a RegExp string
+ * Source: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions#Using_special_characters
+ *
+ * @param str A literal string to act as a match for RegExp objects
+ * @return A string literal ready to match
+ */
+export function escapeRegExp(str: string) {
+  return str.replace(/[.*+\-?^${}()|[\]\\/]/g, '\\$&');
+}
+
+/**
+ * Recursively truncates all strings in a value to a maximum length.
+ */
+export function recursivelyTruncateStrings<T>(value: T, maxLength: number): T {
+  if (value === null) {
+    return null as T;
+  } else if (typeof value === 'string') {
+    if (value.length <= maxLength) {
+      return value;
+    }
+    return (value.substring(0, maxLength) + '...[truncated]') as T;
+  } else if (Array.isArray(value)) {
+    return value.map((value) => recursivelyTruncateStrings(value, maxLength)) as T;
+  } else if (typeof value === 'object') {
+    return Object.entries(value).reduce((acc, [key, value]) => {
+      acc[key] = recursivelyTruncateStrings(value, maxLength);
+      return acc;
+    }, {} as any) as T;
+  } else {
+    return value;
+  }
+}

package/tsconfig.json

@@ -0,0 +1,8 @@
+{
+  "extends": "@prairielearn/tsconfig",
+  "compilerOptions": {
+    "outDir": "./dist",
+    "rootDir": "./src",
+    "types": ["mocha", "node"],
+  }
+}