@primitivedotdev/sdk 0.35.1 → 0.35.2

package/dist/address-parser-CA6G7R-h.d.ts

@@ -0,0 +1,91 @@
+//#region src/parser/address-parser.d.ts
+/**
+ * A validated RFC 5322 address. Returned by the strict parser, which
+ * deliberately does not expose a display name.
+ *
+ * `address` is normalized to lowercase. Both the local-part and the
+ * domain are lowercased: RFC 5321 §2.4 permits case-sensitive local-
+ * parts, but every consumer mailbox in practice treats them as
+ * case-insensitive, and a case-sensitive grant key would split
+ * `Bob@x.com` from `bob@x.com` into separate rows and defeat the
+ * primary-key index on lookup.
+ */
+interface ValidatedAddress {
+  address: string;
+}
+/**
+ * A parsed RFC 5322 address with its display name. Returned by the
+ * loose parser for display-only call sites.
+ *
+ * `address` is lowercased on the same rationale as
+ * {@link ValidatedAddress}. The display name is preserved as provided
+ * (after addressparser's quote / encoded-word handling), or null if the
+ * header had no display name. Names from the loose parser are NOT
+ * trustworthy for downstream mail building: addressparser's recovery
+ * mode can fold trailing tokens or a second bracketed address into the
+ * name field. Treat as opaque text, sanitize before re-emitting.
+ */
+interface ParsedAddress {
+  address: string;
+  name: string | null;
+}
+/**
+ * Reason a strict From-header parse rejected the input. Stable enum so
+ * callers can branch on the reason without parsing message text.
+ */
+type ParseFromHeaderFailureReason = "empty" | "too_long" | "multiple_addresses" | "group_syntax" | "invalid_address";
+type ParseFromHeaderResult = {
+  ok: true;
+  value: ValidatedAddress;
+} | {
+  ok: false;
+  reason: ParseFromHeaderFailureReason;
+};
+/**
+ * Strict parser for RFC 5322 From-style headers in security-bearing
+ * contexts (allowlist gates, permission grants).
+ *
+ * Rejects, without falling back to a "best guess":
+ *   - empty / whitespace-only input
+ *   - inputs longer than RFC 5322's 998-octet line limit
+ *   - multi-address From (RFC 5322 allows it but it is vanishingly
+ *     rare and ambiguous as an identity)
+ *   - group syntax ("Friends: a@b.com, c@d.com;")
+ *   - any address that fails validator's isEmail check with our chosen
+ *     options. That covers per-part length limits, dot-atom rules,
+ *     hostname-label rules, TLD requirement, and other RFC 5321/5322
+ *     conformance checks.
+ *
+ * Returns ONLY the validated address, with no display name. Strict
+ * exists for gating decisions, where the address is the security-
+ * bearing field. Display names from addressparser are not trustworthy
+ * here: weird inputs like `Name <user@x.com> <attacker@y.com>` get
+ * parsed as a single entry whose `name` silently includes the second
+ * address. Surfacing that as a "parsed name" would invite downstream
+ * misuse, so we drop it. If you need the name, call
+ * {@link parseFromHeaderLoose} alongside (it returns null on failure
+ * anyway, so you can still gate on strict's Result).
+ *
+ * Returns a typed Result so callers can map the failure reason to
+ * stable error codes without inspecting message text.
+ */
+declare function parseFromHeader(header: string | null | undefined): ParseFromHeaderResult;
+/**
+ * Lenient parser for display-only call sites (inbox card "from",
+ * log lines, debugging). Returns the first parseable address with its
+ * display name, or null.
+ *
+ * Differences from {@link parseFromHeader}:
+ *   - Multi-address From returns the first address instead of rejecting
+ *   - Group syntax is flattened into its member addresses
+ *   - Returns null instead of a typed reason on failure
+ *   - Includes the parsed display name in the result
+ *
+ * Do not use for permission gates or any decision that grants access.
+ * That is what {@link parseFromHeader} is for. Names returned here can
+ * include addressparser's recovery output (trailing tokens, garbage
+ * before the address); treat as opaque text for display.
+ */
+declare function parseFromHeaderLoose(header: string | null | undefined): ParsedAddress | null;
+//#endregion
+export { parseFromHeader as a, ValidatedAddress as i, ParseFromHeaderResult as n, parseFromHeaderLoose as o, ParsedAddress as r, ParseFromHeaderFailureReason as t };

package/dist/parser/address.d.ts

@@ -0,0 +1,2 @@
+import { a as parseFromHeader, i as ValidatedAddress, n as ParseFromHeaderResult, o as parseFromHeaderLoose, r as ParsedAddress, t as ParseFromHeaderFailureReason } from "../address-parser-CA6G7R-h.js";
+export { type ParseFromHeaderFailureReason, type ParseFromHeaderResult, type ParsedAddress, type ValidatedAddress, parseFromHeader, parseFromHeaderLoose };

package/dist/parser/address.js

@@ -0,0 +1,2 @@
+import { n as parseFromHeaderLoose, t as parseFromHeader } from "../address-parser-CQbFjgRC.js";
+export { parseFromHeader, parseFromHeaderLoose };

package/dist/parser/index.d.ts

@@ -1,95 +1,6 @@
 import { M as WebhookAttachment, S as ParsedDataComplete, s as EmailAddress } from "../types-yNU-Oiea.js";
+import { a as parseFromHeader, i as ValidatedAddress, n as ParseFromHeaderResult, o as parseFromHeaderLoose, r as ParsedAddress, t as ParseFromHeaderFailureReason } from "../address-parser-CA6G7R-h.js";
 
-//#region src/parser/address-parser.d.ts
-/**
- * A validated RFC 5322 address. Returned by the strict parser, which
- * deliberately does not expose a display name.
- *
- * `address` is normalized to lowercase. Both the local-part and the
- * domain are lowercased: RFC 5321 §2.4 permits case-sensitive local-
- * parts, but every consumer mailbox in practice treats them as
- * case-insensitive, and a case-sensitive grant key would split
- * `Bob@x.com` from `bob@x.com` into separate rows and defeat the
- * primary-key index on lookup.
- */
-interface ValidatedAddress {
-  address: string;
-}
-/**
- * A parsed RFC 5322 address with its display name. Returned by the
- * loose parser for display-only call sites.
- *
- * `address` is lowercased on the same rationale as
- * {@link ValidatedAddress}. The display name is preserved as provided
- * (after addressparser's quote / encoded-word handling), or null if the
- * header had no display name. Names from the loose parser are NOT
- * trustworthy for downstream mail building: addressparser's recovery
- * mode can fold trailing tokens or a second bracketed address into the
- * name field. Treat as opaque text, sanitize before re-emitting.
- */
-interface ParsedAddress {
-  address: string;
-  name: string | null;
-}
-/**
- * Reason a strict From-header parse rejected the input. Stable enum so
- * callers can branch on the reason without parsing message text.
- */
-type ParseFromHeaderFailureReason = "empty" | "too_long" | "multiple_addresses" | "group_syntax" | "invalid_address";
-type ParseFromHeaderResult = {
-  ok: true;
-  value: ValidatedAddress;
-} | {
-  ok: false;
-  reason: ParseFromHeaderFailureReason;
-};
-/**
- * Strict parser for RFC 5322 From-style headers in security-bearing
- * contexts (allowlist gates, permission grants).
- *
- * Rejects, without falling back to a "best guess":
- *   - empty / whitespace-only input
- *   - inputs longer than RFC 5322's 998-octet line limit
- *   - multi-address From (RFC 5322 allows it but it is vanishingly
- *     rare and ambiguous as an identity)
- *   - group syntax ("Friends: a@b.com, c@d.com;")
- *   - any address that fails validator's isEmail check with our chosen
- *     options. That covers per-part length limits, dot-atom rules,
- *     hostname-label rules, TLD requirement, and other RFC 5321/5322
- *     conformance checks.
- *
- * Returns ONLY the validated address, with no display name. Strict
- * exists for gating decisions, where the address is the security-
- * bearing field. Display names from addressparser are not trustworthy
- * here: weird inputs like `Name <user@x.com> <attacker@y.com>` get
- * parsed as a single entry whose `name` silently includes the second
- * address. Surfacing that as a "parsed name" would invite downstream
- * misuse, so we drop it. If you need the name, call
- * {@link parseFromHeaderLoose} alongside (it returns null on failure
- * anyway, so you can still gate on strict's Result).
- *
- * Returns a typed Result so callers can map the failure reason to
- * stable error codes without inspecting message text.
- */
-declare function parseFromHeader(header: string | null | undefined): ParseFromHeaderResult;
-/**
- * Lenient parser for display-only call sites (inbox card "from",
- * log lines, debugging). Returns the first parseable address with its
- * display name, or null.
- *
- * Differences from {@link parseFromHeader}:
- *   - Multi-address From returns the first address instead of rejecting
- *   - Group syntax is flattened into its member addresses
- *   - Returns null instead of a typed reason on failure
- *   - Includes the parsed display name in the result
- *
- * Do not use for permission gates or any decision that grants access.
- * That is what {@link parseFromHeader} is for. Names returned here can
- * include addressparser's recovery output (trailing tokens, garbage
- * before the address); treat as opaque text for display.
- */
-declare function parseFromHeaderLoose(header: string | null | undefined): ParsedAddress | null;
-//#endregion
 //#region src/parser/attachment-parser.d.ts
 interface ParsedAttachment {
   id: string;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@primitivedotdev/sdk",
-  "version": "0.35.1",
+  "version": "0.35.2",
   "description": "Official Primitive Node.js SDK: webhook, api, openapi, contract, and parser runtime modules.",
   "type": "module",
   "module": "./dist/index.js",
@@ -35,6 +35,11 @@
       "types": "./dist/parser/index.d.ts",
       "import": "./dist/parser/index.js",
       "default": "./dist/parser/index.js"
+    },
+    "./parser/address": {
+      "types": "./dist/parser/address.d.ts",
+      "import": "./dist/parser/address.js",
+      "default": "./dist/parser/address.js"
     }
   },
   "sideEffects": false,