npm - @private.me/xbind - Versions diffs - 1.3.5 → 2.3.4 - Mend

@private.me/xbind 1.3.5 → 2.3.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (306) hide show

package/LICENSES.md +212 -0
package/README.md +388 -6
package/dist-standalone/_deps/mldsa-wasm/dist/mldsa.js +1 -1920
package/dist-standalone/_deps/shared/cjs/errors.js +1 -639
package/dist-standalone/_deps/shared/cjs/index.js +1 -496
package/dist-standalone/_deps/shared/cjs/types.js +1 -317
package/dist-standalone/_deps/shared/errors.js +1 -255
package/dist-standalone/_deps/shared/index.js +1 -74
package/dist-standalone/_deps/shared/types.js +1 -90
package/dist-standalone/_deps/ux-helpers/cjs/errors.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/index.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/pagination.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/progress.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/search.js +1 -1
package/dist-standalone/_deps/ux-helpers/cjs/types.js +1 -1
package/dist-standalone/_deps/ux-helpers/errors.js +1 -1
package/dist-standalone/_deps/ux-helpers/index.js +1 -1
package/dist-standalone/_deps/ux-helpers/pagination.js +1 -1
package/dist-standalone/_deps/ux-helpers/progress.js +1 -1
package/dist-standalone/_deps/ux-helpers/search.js +1 -1
package/dist-standalone/_deps/xchange/auto-accept.js +1 -1
package/dist-standalone/_deps/xchange/cjs/auto-accept.js +1 -1
package/dist-standalone/_deps/xchange/cjs/errors.js +1 -1
package/dist-standalone/_deps/xchange/cjs/index.js +1 -1
package/dist-standalone/_deps/xchange/cjs/invite-client.js +1 -1
package/dist-standalone/_deps/xchange/cjs/lazy-init.js +1 -1
package/dist-standalone/_deps/xchange/cjs/trust-integration.js +1 -1
package/dist-standalone/_deps/xchange/cjs/xchange.js +1 -1
package/dist-standalone/_deps/xchange/errors.js +1 -1
package/dist-standalone/_deps/xchange/index.js +1 -1
package/dist-standalone/_deps/xchange/invite-client.js +1 -1
package/dist-standalone/_deps/xchange/lazy-init.js +1 -1
package/dist-standalone/_deps/xchange/trust-integration.js +1 -1
package/dist-standalone/_deps/xchange/xchange.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/discovery.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/errors.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/index.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/registry.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/schema.js +1 -1
package/dist-standalone/_deps/xregistry/cjs/types.js +1 -1
package/dist-standalone/_deps/xregistry/discovery.js +1 -1
package/dist-standalone/_deps/xregistry/errors.js +1 -1
package/dist-standalone/_deps/xregistry/index.js +1 -1
package/dist-standalone/_deps/xregistry/registry.js +1 -1
package/dist-standalone/_deps/xregistry/schema.js +1 -1
package/dist-standalone/_deps/xregistry/types.js +1 -1
package/dist-standalone/agent-call.js +1 -642
package/dist-standalone/agent-sdk.js +1 -328
package/dist-standalone/agent.d.ts +95 -5
package/dist-standalone/agent.js +1 -1545
package/dist-standalone/approval.js +1 -193
package/dist-standalone/async-iterators.d.ts +275 -0
package/dist-standalone/async-iterators.js +1 -0
package/dist-standalone/auth.js +1 -219
package/dist-standalone/auto-accept.js +1 -229
package/dist-standalone/backup-config.js +1 -201
package/dist-standalone/backup.d.ts +114 -0
package/dist-standalone/backup.js +1 -0
package/dist-standalone/batch-operations.d.ts +297 -0
package/dist-standalone/batch-operations.js +1 -0
package/dist-standalone/cancellation.d.ts +301 -0
package/dist-standalone/cancellation.js +1 -0
package/dist-standalone/checkpoint.js +1 -186
package/dist-standalone/circuit-breaker.d.ts +351 -0
package/dist-standalone/circuit-breaker.js +1 -0
package/dist-standalone/cjs/agent-call.js +1 -651
package/dist-standalone/cjs/agent-sdk.js +1 -332
package/dist-standalone/cjs/agent.js +1 -1582
package/dist-standalone/cjs/approval.js +1 -199
package/dist-standalone/cjs/async-iterators.js +1 -0
package/dist-standalone/cjs/auth.js +1 -225
package/dist-standalone/cjs/auto-accept.js +1 -233
package/dist-standalone/cjs/backup-config.js +1 -207
package/dist-standalone/cjs/backup.js +1 -0
package/dist-standalone/cjs/batch-operations.js +1 -0
package/dist-standalone/cjs/cancellation.js +1 -0
package/dist-standalone/cjs/checkpoint.js +1 -193
package/dist-standalone/cjs/circuit-breaker.js +1 -0
package/dist-standalone/cjs/cli/init.js +1 -486
package/dist-standalone/cjs/config-validation.js +1 -0
package/dist-standalone/cjs/connect.js +1 -312
package/dist-standalone/cjs/connection-pool.js +1 -0
package/dist-standalone/cjs/correlation-id.js +1 -339
package/dist-standalone/cjs/crypto-utils.js +1 -0
package/dist-standalone/cjs/debug-mode.js +1 -0
package/dist-standalone/cjs/did-document.js +1 -101
package/dist-standalone/cjs/did-privateme.js +1 -130
package/dist-standalone/cjs/did-web.js +1 -201
package/dist-standalone/cjs/discovery.js +1 -462
package/dist-standalone/cjs/dual-mode.js +1 -251
package/dist-standalone/cjs/email-templates.js +1 -313
package/dist-standalone/cjs/email-transport.js +1 -239
package/dist-standalone/cjs/envelope.js +1 -510
package/dist-standalone/cjs/errors.js +1 -826
package/dist-standalone/cjs/event-emitter.js +1 -0
package/dist-standalone/cjs/gateway-state.js +1 -55
package/dist-standalone/cjs/gateway-transport.js +1 -120
package/dist-standalone/cjs/graceful-degradation.js +1 -0
package/dist-standalone/cjs/guardrails.js +1 -223
package/dist-standalone/cjs/health-check.js +1 -0
package/dist-standalone/cjs/http-compat.js +1 -272
package/dist-standalone/cjs/http-status-map.js +1 -571
package/dist-standalone/cjs/identity.js +1 -540
package/dist-standalone/cjs/index.js +1 -237
package/dist-standalone/cjs/invitation.js +1 -421
package/dist-standalone/cjs/invite.js +1 -328
package/dist-standalone/cjs/key-agreement.js +1 -246
package/dist-standalone/cjs/lazy-init.js +1 -300
package/dist-standalone/cjs/logger.js +1 -0
package/dist-standalone/cjs/mdns-discovery.js +1 -202
package/dist-standalone/cjs/nonce-store.js +1 -66
package/dist-standalone/cjs/pairing-manager.js +1 -223
package/dist-standalone/cjs/plugin-system.js +1 -0
package/dist-standalone/cjs/plugins/logging.js +1 -0
package/dist-standalone/cjs/plugins/metrics.js +1 -0
package/dist-standalone/cjs/plugins/validation.js +1 -0
package/dist-standalone/cjs/policy.js +1 -320
package/dist-standalone/cjs/progress-callbacks.js +1 -0
package/dist-standalone/cjs/redis-nonce-store.js +1 -76
package/dist-standalone/cjs/registry-middleware.js +1 -50
package/dist-standalone/cjs/retry-strategies.js +1 -0
package/dist-standalone/cjs/retry-transport.js +1 -102
package/dist-standalone/cjs/runtime/browser.js +1 -0
package/dist-standalone/cjs/runtime/edge.js +1 -0
package/dist-standalone/cjs/runtime/react-native.js +1 -0
package/dist-standalone/cjs/security-policy.js +1 -245
package/dist-standalone/cjs/serialization.js +1 -0
package/dist-standalone/cjs/split-channel.js +1 -177
package/dist-standalone/cjs/subscription-proof.js +1 -230
package/dist-standalone/cjs/succession.js +1 -148
package/dist-standalone/cjs/timeouts.js +1 -0
package/dist-standalone/cjs/trace-context.js +1 -0
package/dist-standalone/cjs/trace-spans.js +1 -0
package/dist-standalone/cjs/transport.js +1 -63
package/dist-standalone/cjs/trust-registry.js +1 -742
package/dist-standalone/cjs/types/error-response.js +1 -56
package/dist-standalone/cjs/vault-auth.js +1 -0
package/dist-standalone/cjs/vault-store-loader.js +1 -0
package/dist-standalone/cjs/verify.js +1 -25
package/dist-standalone/cjs/version-info.js +1 -0
package/dist-standalone/cjs/xfetch.js +1 -252
package/dist-standalone/cli/init.js +1 -449
package/dist-standalone/cli/setup.js +1 -514
package/dist-standalone/cli/types.js +1 -27
package/dist-standalone/cli/xbind.js +1 -148
package/dist-standalone/config-validation.d.ts +185 -0
package/dist-standalone/config-validation.js +1 -0
package/dist-standalone/connect.js +1 -274
package/dist-standalone/connection-pool.d.ts +251 -0
package/dist-standalone/connection-pool.js +1 -0
package/dist-standalone/correlation-id.js +1 -326
package/dist-standalone/crypto-utils.d.ts +60 -0
package/dist-standalone/crypto-utils.js +1 -0
package/dist-standalone/debug-mode.d.ts +286 -0
package/dist-standalone/debug-mode.js +1 -0
package/dist-standalone/did-document.js +1 -96
package/dist-standalone/did-privateme.js +1 -121
package/dist-standalone/did-web.js +1 -196
package/dist-standalone/discovery.js +1 -458
package/dist-standalone/dual-mode.js +1 -247
package/dist-standalone/email-templates.js +1 -309
package/dist-standalone/email-transport.js +1 -232
package/dist-standalone/envelope.d.ts +29 -1
package/dist-standalone/envelope.js +1 -497
package/dist-standalone/errors.d.ts +10 -0
package/dist-standalone/errors.js +1 -811
package/dist-standalone/event-emitter.d.ts +395 -0
package/dist-standalone/event-emitter.js +1 -0
package/dist-standalone/gateway-state.js +1 -51
package/dist-standalone/gateway-transport.js +1 -116
package/dist-standalone/graceful-degradation.d.ts +246 -0
package/dist-standalone/graceful-degradation.js +1 -0
package/dist-standalone/guardrails.js +1 -216
package/dist-standalone/health-check.d.ts +150 -0
package/dist-standalone/health-check.js +1 -0
package/dist-standalone/http-compat.js +1 -267
package/dist-standalone/http-status-map.js +1 -561
package/dist-standalone/identity.d.ts +64 -1
package/dist-standalone/identity.js +1 -515
package/dist-standalone/index.d.ts +45 -3
package/dist-standalone/index.js +1 -52
package/dist-standalone/invitation.js +1 -415
package/dist-standalone/invite.js +1 -324
package/dist-standalone/key-agreement.d.ts +61 -13
package/dist-standalone/key-agreement.js +1 -236
package/dist-standalone/lazy-init.js +1 -295
package/dist-standalone/logger.d.ts +77 -0
package/dist-standalone/logger.js +1 -0
package/dist-standalone/mdns-discovery.js +1 -195
package/dist-standalone/nonce-store.d.ts +16 -3
package/dist-standalone/nonce-store.js +1 -62
package/dist-standalone/package.json +0 -1
package/dist-standalone/pairing-manager.js +1 -219
package/dist-standalone/plugin-system.d.ts +145 -0
package/dist-standalone/plugin-system.js +1 -0
package/dist-standalone/policy.js +1 -315
package/dist-standalone/progress-callbacks.d.ts +394 -0
package/dist-standalone/progress-callbacks.js +1 -0
package/dist-standalone/redis-nonce-store.js +1 -72
package/dist-standalone/registry-middleware.js +1 -47
package/dist-standalone/retry-strategies.d.ts +382 -0
package/dist-standalone/retry-strategies.js +1 -0
package/dist-standalone/retry-transport.js +1 -98
package/dist-standalone/security-policy.js +1 -239
package/dist-standalone/serialization.d.ts +244 -0
package/dist-standalone/serialization.js +1 -0
package/dist-standalone/split-channel.d.ts +49 -1
package/dist-standalone/split-channel.js +1 -171
package/dist-standalone/subscription-proof.js +1 -224
package/dist-standalone/succession.js +1 -142
package/dist-standalone/timeouts.d.ts +275 -0
package/dist-standalone/timeouts.js +1 -0
package/dist-standalone/trace-context.d.ts +252 -0
package/dist-standalone/trace-context.js +1 -0
package/dist-standalone/trace-spans.d.ts +360 -0
package/dist-standalone/trace-spans.js +1 -0
package/dist-standalone/transport.js +1 -59
package/dist-standalone/trust-registry.d.ts +106 -5
package/dist-standalone/trust-registry.js +1 -702
package/dist-standalone/vault-auth.d.ts +91 -0
package/dist-standalone/vault-auth.js +1 -0
package/dist-standalone/vault-store-loader.d.ts +110 -0
package/dist-standalone/vault-store-loader.js +1 -0
package/dist-standalone/verify.js +1 -16
package/dist-standalone/version-info.d.ts +259 -0
package/dist-standalone/version-info.js +1 -0
package/dist-standalone/xfetch.js +1 -247
package/llms.txt +1 -0
package/package.json +65 -5
package/share1.dat +0 -0
package/dist-standalone/_deps/crypto/base64.d.ts +0 -29
package/dist-standalone/_deps/crypto/base64.js +0 -222
package/dist-standalone/_deps/crypto/cjs/base64.js +0 -665
package/dist-standalone/_deps/crypto/cjs/errors.js +0 -675
package/dist-standalone/_deps/crypto/cjs/hmac.js +0 -473
package/dist-standalone/_deps/crypto/cjs/index.js +0 -852
package/dist-standalone/_deps/crypto/cjs/package.json +0 -1
package/dist-standalone/_deps/crypto/cjs/padding.js +0 -511
package/dist-standalone/_deps/crypto/cjs/share-header.js +0 -372
package/dist-standalone/_deps/crypto/cjs/shares.js +0 -874
package/dist-standalone/_deps/crypto/cjs/tlv.js +0 -1021
package/dist-standalone/_deps/crypto/cjs/uuid.js +0 -443
package/dist-standalone/_deps/crypto/cjs/verify.js +0 -414
package/dist-standalone/_deps/crypto/cjs/xorida.js +0 -923
package/dist-standalone/_deps/crypto/errors.d.ts +0 -51
package/dist-standalone/_deps/crypto/errors.js +0 -199
package/dist-standalone/_deps/crypto/hmac.d.ts +0 -39
package/dist-standalone/_deps/crypto/hmac.js +0 -134
package/dist-standalone/_deps/crypto/index.d.ts +0 -20
package/dist-standalone/_deps/crypto/index.js +0 -145
package/dist-standalone/_deps/crypto/padding.d.ts +0 -19
package/dist-standalone/_deps/crypto/padding.js +0 -159
package/dist-standalone/_deps/crypto/share-header.d.ts +0 -44
package/dist-standalone/_deps/crypto/share-header.js +0 -92
package/dist-standalone/_deps/crypto/shares.d.ts +0 -27
package/dist-standalone/_deps/crypto/shares.js +0 -295
package/dist-standalone/_deps/crypto/tlv.d.ts +0 -26
package/dist-standalone/_deps/crypto/tlv.js +0 -364
package/dist-standalone/_deps/crypto/uuid.d.ts +0 -22
package/dist-standalone/_deps/crypto/uuid.js +0 -136
package/dist-standalone/_deps/crypto/verify.d.ts +0 -15
package/dist-standalone/_deps/crypto/verify.js +0 -71
package/dist-standalone/_deps/crypto/xorida.d.ts +0 -44
package/dist-standalone/_deps/crypto/xorida.js +0 -366
package/dist-standalone/_deps/shared/errors.d.ts.map +0 -1
package/dist-standalone/_deps/shared/errors.js.map +0 -1
package/dist-standalone/_deps/shared/index.d.ts.map +0 -1
package/dist-standalone/_deps/shared/index.js.map +0 -1
package/dist-standalone/_deps/shared/types.d.ts.map +0 -1
package/dist-standalone/_deps/shared/types.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/errors.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/errors.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/index.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/index.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/pagination.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/pagination.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/progress.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/progress.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/search.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/search.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/types.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/cjs/types.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/errors.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/errors.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/index.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/index.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/pagination.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/pagination.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/progress.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/progress.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/search.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/search.js.map +0 -1
package/dist-standalone/_deps/ux-helpers/types.d.ts.map +0 -1
package/dist-standalone/_deps/ux-helpers/types.js.map +0 -1
package/dist-standalone/_deps/xregistry/discovery.d.ts.map +0 -1
package/dist-standalone/_deps/xregistry/discovery.js.map +0 -1
package/dist-standalone/_deps/xregistry/errors.d.ts.map +0 -1
package/dist-standalone/_deps/xregistry/errors.js.map +0 -1
package/dist-standalone/_deps/xregistry/index.d.ts.map +0 -1
package/dist-standalone/_deps/xregistry/index.js.map +0 -1
package/dist-standalone/_deps/xregistry/registry.d.ts.map +0 -1
package/dist-standalone/_deps/xregistry/registry.js.map +0 -1
package/dist-standalone/_deps/xregistry/schema.d.ts.map +0 -1
package/dist-standalone/_deps/xregistry/schema.js.map +0 -1
package/dist-standalone/_deps/xregistry/types.d.ts.map +0 -1
package/dist-standalone/_deps/xregistry/types.js.map +0 -1

package/dist-standalone/trace-spans.d.ts ADDED Viewed

@@ -0,0 +1,360 @@
+/**
+ * @module trace-spans
+ * Distributed tracing spans with parent-child relationships
+ *
+ * Provides span tracking for distributed tracing with automatic timing,
+ * attribute collection, and integration with W3C Trace Context.
+ *
+ * Performance target: <1ms overhead per operation
+ *
+ * Usage:
+ * ```typescript
+ * import { TraceSpan, SpanRecorder } from '@private.me/xbind';
+ *
+ * // Create a span recorder
+ * const recorder = new SpanRecorder();
+ *
+ * // Start a span
+ * const span = recorder.startSpan('operation-name', { attr: 'value' });
+ *
+ * // Do work...
+ *
+ * // End the span
+ * span.end();
+ *
+ * // Get completed spans
+ * const spans = recorder.getCompletedSpans();
+ * ```
+ */
+import { TraceContext } from './trace-context.js';
+/**
+ * Span status codes (aligned with OpenTelemetry)
+ */
+export declare enum SpanStatusCode {
+    /** Operation completed successfully */
+    OK = 0,
+    /** Operation encountered an error */
+    ERROR = 1,
+    /** Status is unset (default) */
+    UNSET = 2
+}
+/**
+ * Span status
+ */
+export interface SpanStatus {
+    code: SpanStatusCode;
+    message?: string;
+}
+/**
+ * Span attributes (key-value pairs)
+ */
+export interface SpanAttributes {
+    [key: string]: string | number | boolean | undefined;
+}
+/**
+ * Span event (timestamped log entry within a span)
+ */
+export interface SpanEvent {
+    /** Event name */
+    name: string;
+    /** Event timestamp (milliseconds since epoch) */
+    timestamp: number;
+    /** Event attributes */
+    attributes?: SpanAttributes;
+}
+/**
+ * Span kind (aligned with OpenTelemetry)
+ */
+export declare enum SpanKind {
+    /** Internal span (default) */
+    INTERNAL = 0,
+    /** Server span (handling incoming request) */
+    SERVER = 1,
+    /** Client span (outgoing request) */
+    CLIENT = 2,
+    /** Producer span (message queue producer) */
+    PRODUCER = 3,
+    /** Consumer span (message queue consumer) */
+    CONSUMER = 4
+}
+/**
+ * Completed span data
+ */
+export interface SpanData {
+    /** Span ID (16 hex characters) */
+    spanId: string;
+    /** Trace ID (32 hex characters) */
+    traceId: string;
+    /** Parent span ID (16 hex characters, if any) */
+    parentSpanId?: string;
+    /** Span name */
+    name: string;
+    /** Span kind */
+    kind: SpanKind;
+    /** Start timestamp (milliseconds since epoch) */
+    startTime: number;
+    /** End timestamp (milliseconds since epoch) */
+    endTime: number;
+    /** Duration in milliseconds */
+    duration: number;
+    /** Span status */
+    status: SpanStatus;
+    /** Span attributes */
+    attributes: SpanAttributes;
+    /** Span events */
+    events: SpanEvent[];
+}
+/**
+ * Trace span for distributed tracing
+ *
+ * Represents a single unit of work in a distributed trace with automatic timing.
+ */
+export declare class TraceSpan {
+    /** Span ID (unique within trace) */
+    readonly spanId: string;
+    /** Trace context */
+    readonly traceContext: TraceContext;
+    /** Span name */
+    readonly name: string;
+    /** Span kind */
+    readonly kind: SpanKind;
+    /** Parent span ID */
+    readonly parentSpanId?: string;
+    /** Start timestamp (milliseconds since epoch) */
+    readonly startTime: number;
+    /** End timestamp (milliseconds since epoch, undefined if not ended) */
+    private endTime?;
+    /** Span status */
+    private status;
+    /** Span attributes */
+    private attributes;
+    /** Span events */
+    private events;
+    /** Whether span has ended */
+    private ended;
+    /**
+     * Create a trace span
+     *
+     * @param name - Span name
+     * @param traceContext - Trace context
+     * @param options - Span options
+     */
+    constructor(name: string, traceContext: TraceContext, options?: {
+        kind?: SpanKind;
+        parentSpanId?: string;
+        attributes?: SpanAttributes;
+    });
+    /**
+     * Set span attribute
+     *
+     * @param key - Attribute key
+     * @param value - Attribute value
+     * @returns This span (for chaining)
+     */
+    setAttribute(key: string, value: string | number | boolean): this;
+    /**
+     * Set multiple span attributes
+     *
+     * @param attributes - Attributes to set
+     * @returns This span (for chaining)
+     */
+    setAttributes(attributes: SpanAttributes): this;
+    /**
+     * Add an event to the span
+     *
+     * Events are timestamped log entries within a span.
+     *
+     * @param name - Event name
+     * @param attributes - Optional event attributes
+     * @returns This span (for chaining)
+     */
+    addEvent(name: string, attributes?: SpanAttributes): this;
+    /**
+     * Set span status
+     *
+     * @param code - Status code
+     * @param message - Optional status message
+     * @returns This span (for chaining)
+     */
+    setStatus(code: SpanStatusCode, message?: string): this;
+    /**
+     * Record an exception in the span
+     *
+     * Automatically sets status to ERROR and adds exception event.
+     *
+     * @param error - Error to record
+     * @returns This span (for chaining)
+     */
+    recordException(error: Error | unknown): this;
+    /**
+     * End the span
+     *
+     * Records the end timestamp and marks the span as complete.
+     * If status is UNSET, automatically sets to OK.
+     *
+     * @param endTime - Optional end timestamp (defaults to now)
+     */
+    end(endTime?: number): void;
+    /**
+     * Check if span has ended
+     *
+     * @returns True if ended
+     */
+    isEnded(): boolean;
+    /**
+     * Get span duration in milliseconds
+     *
+     * @returns Duration or null if not ended
+     */
+    getDuration(): number | null;
+    /**
+     * Export span data
+     *
+     * @returns Span data (throws if span not ended)
+     */
+    toData(): SpanData;
+    /**
+     * Create a child span
+     *
+     * The child span will have the same trace ID but a new span ID.
+     *
+     * @param name - Child span name
+     * @param options - Span options
+     * @returns New child span
+     */
+    createChild(name: string, options?: {
+        kind?: SpanKind;
+        attributes?: SpanAttributes;
+    }): TraceSpan;
+}
+/**
+ * Span recorder for collecting completed spans
+ *
+ * Manages span lifecycle and provides access to completed span data.
+ */
+export declare class SpanRecorder {
+    /** Active spans (not yet ended) */
+    private activeSpans;
+    /** Completed spans */
+    private completedSpans;
+    /** Maximum number of completed spans to keep (prevent memory leak) */
+    private maxSpans;
+    /** Trace context for root spans */
+    private rootContext?;
+    /**
+     * Create a span recorder
+     *
+     * @param options - Recorder options
+     */
+    constructor(options?: {
+        maxSpans?: number;
+        traceContext?: TraceContext;
+    });
+    /**
+     * Start a new span
+     *
+     * @param name - Span name
+     * @param options - Span options
+     * @returns New span
+     */
+    startSpan(name: string, options?: {
+        kind?: SpanKind;
+        attributes?: SpanAttributes;
+        traceContext?: TraceContext;
+        parentSpan?: TraceSpan;
+    }): TraceSpan;
+    /**
+     * End a span and record its data
+     *
+     * @param span - Span to end
+     */
+    private endSpan;
+    /**
+     * Get all completed spans
+     *
+     * @returns Array of completed span data
+     */
+    getCompletedSpans(): readonly SpanData[];
+    /**
+     * Get active spans
+     *
+     * @returns Array of active spans
+     */
+    getActiveSpans(): readonly TraceSpan[];
+    /**
+     * Clear all completed spans
+     */
+    clearCompletedSpans(): void;
+    /**
+     * Get span count
+     *
+     * @returns Object with active and completed span counts
+     */
+    getSpanCount(): {
+        active: number;
+        completed: number;
+    };
+    /**
+     * Find completed spans by trace ID
+     *
+     * @param traceId - Trace ID to search for
+     * @returns Array of matching spans
+     */
+    findSpansByTraceId(traceId: string): SpanData[];
+    /**
+     * Build trace tree from completed spans
+     *
+     * Groups spans by trace ID and builds parent-child relationships.
+     *
+     * @param traceId - Trace ID to build tree for
+     * @returns Tree structure
+     */
+    buildTraceTree(traceId: string): SpanTree | null;
+}
+/**
+ * Span tree node (for visualization)
+ */
+export interface SpanTree {
+    span: SpanData;
+    children: SpanTree[];
+}
+/**
+ * Helper function to measure async operation with automatic span tracking
+ *
+ * @param recorder - Span recorder
+ * @param name - Span name
+ * @param fn - Async function to measure
+ * @param options - Span options
+ * @returns Result of async function
+ *
+ * @example
+ * ```typescript
+ * const result = await measureAsync(recorder, 'database-query', async () => {
+ *   return await db.query('SELECT * FROM users');
+ * });
+ * ```
+ */
+export declare function measureAsync<T>(recorder: SpanRecorder, name: string, fn: () => Promise<T>, options?: {
+    kind?: SpanKind;
+    attributes?: SpanAttributes;
+}): Promise<T>;
+/**
+ * Helper function to measure sync operation with automatic span tracking
+ *
+ * @param recorder - Span recorder
+ * @param name - Span name
+ * @param fn - Sync function to measure
+ * @param options - Span options
+ * @returns Result of sync function
+ *
+ * @example
+ * ```typescript
+ * const result = measureSync(recorder, 'encryption', () => {
+ *   return encrypt(data, key);
+ * });
+ * ```
+ */
+export declare function measureSync<T>(recorder: SpanRecorder, name: string, fn: () => T, options?: {
+    kind?: SpanKind;
+    attributes?: SpanAttributes;
+}): T;

package/dist-standalone/trace-spans.js ADDED Viewed

@@ -0,0 +1 @@

+ import{TraceContext,generateSpanId}from"./trace-context.js";export var SpanStatusCode;!function(t){t[t.OK=0]="OK",t[t.ERROR=1]="ERROR",t[t.UNSET=2]="UNSET"}(SpanStatusCode||(SpanStatusCode={}));export var SpanKind;!function(t){t[t.INTERNAL=0]="INTERNAL",t[t.SERVER=1]="SERVER",t[t.CLIENT=2]="CLIENT",t[t.PRODUCER=3]="PRODUCER",t[t.CONSUMER=4]="CONSUMER"}(SpanKind||(SpanKind={}));export class TraceSpan{spanId;traceContext;name;kind;parentSpanId;startTime;endTime;status;attributes;events;ended;constructor(t,e,n={}){this.spanId=generateSpanId(),this.traceContext=e,this.name=t,this.kind=n.kind??SpanKind.INTERNAL,this.parentSpanId=n.parentSpanId,this.startTime=Date.now(),this.status={code:SpanStatusCode.UNSET},this.attributes=n.attributes??{},this.events=[],this.ended=!1}setAttribute(t,e){if(this.ended)throw new Error("Cannot set attribute on ended span");return this.attributes[t]=e,this}setAttributes(t){if(this.ended)throw new Error("Cannot set attributes on ended span");return Object.assign(this.attributes,t),this}addEvent(t,e){if(this.ended)throw new Error("Cannot add event to ended span");return this.events.push({name:t,timestamp:Date.now(),attributes:e}),this}setStatus(t,e){if(this.ended)throw new Error("Cannot set status on ended span");return this.status={code:t,message:e},this}recordException(t){if(this.ended)throw new Error("Cannot record exception on ended span");this.setStatus(SpanStatusCode.ERROR);const e={};return t instanceof Error?(e["exception.type"]=t.name,e["exception.message"]=t.message,t.stack&&(e["exception.stacktrace"]=t.stack)):e["exception.message"]=String(t),this.addEvent("exception",e),this}end(t){this.ended||(this.endTime=t??Date.now(),this.ended=!0,this.status.code===SpanStatusCode.UNSET&&(this.status={code:SpanStatusCode.OK}))}isEnded(){return this.ended}getDuration(){return this.ended&&this.endTime?this.endTime-this.startTime:null}toData(){if(!this.ended||!this.endTime)throw new Error("Cannot export data from active span. Call end() first.");return{spanId:this.spanId,traceId:this.traceContext.traceId,parentSpanId:this.parentSpanId,name:this.name,kind:this.kind,startTime:this.startTime,endTime:this.endTime,duration:this.endTime-this.startTime,status:{...this.status},attributes:{...this.attributes},events:this.events.map(t=>({name:t.name,timestamp:t.timestamp,attributes:t.attributes?{...t.attributes}:void 0}))}}createChild(t,e={}){return new TraceSpan(t,this.traceContext,{...e,parentSpanId:this.spanId})}}export class SpanRecorder{activeSpans;completedSpans;maxSpans;rootContext;constructor(t={}){this.activeSpans=new Map,this.completedSpans=[],this.maxSpans=t.maxSpans??1e3,this.rootContext=t.traceContext}startSpan(t,e={}){const n=e.traceContext??e.parentSpan?.traceContext??this.rootContext??TraceContext.create(),a=new TraceSpan(t,n,{kind:e.kind,attributes:e.attributes,parentSpanId:e.parentSpan?.spanId});this.activeSpans.set(a.spanId,a);const s=setTimeout(()=>{a.isEnded()||(a.setStatus(SpanStatusCode.ERROR,"Span not ended (auto-ended by recorder)"),this.endSpan(a))},6e4),r=a.end.bind(a);return a.end=t=>{clearTimeout(s),r(t),this.endSpan(a)},a}endSpan(t){t.isEnded()||t.end(),this.activeSpans.delete(t.spanId);const e=t.toData();this.completedSpans.push(e),this.completedSpans.length>this.maxSpans&&this.completedSpans.shift()}getCompletedSpans(){return[...this.completedSpans]}getActiveSpans(){return Array.from(this.activeSpans.values())}clearCompletedSpans(){this.completedSpans=[]}getSpanCount(){return{active:this.activeSpans.size,completed:this.completedSpans.length}}findSpansByTraceId(t){return this.completedSpans.filter(e=>e.traceId===t)}buildTraceTree(t){const e=this.findSpansByTraceId(t);if(0===e.length)return null;const n=e.find(t=>!t.parentSpanId);return n?buildSpanTreeNode(n,e):null}}function buildSpanTreeNode(t,e){const n=e.filter(e=>e.parentSpanId===t.spanId).map(t=>buildSpanTreeNode(t,e));return{span:t,children:n}}export async function measureAsync(t,e,n,a){const s=t.startSpan(e,a);try{const t=await n();return s.setStatus(SpanStatusCode.OK),t}catch(t){throw s.recordException(t),t}finally{s.end()}}export function measureSync(t,e,n,a){const s=t.startSpan(e,a);try{const t=n();return s.setStatus(SpanStatusCode.OK),t}catch(t){throw s.recordException(t),t}finally{s.end()}}

package/dist-standalone/transport.js CHANGED Viewed

@@ -1,59 +1 @@
-import { ok, err } from"./_deps/shared/index.js";
-/**
- * HTTPS transport adapter — sends envelopes as JSON POST requests.
- *
- * Recipient URL resolved as: baseUrl/deliver/{recipientDid}
- * This is the SDK's default transport for server-to-server delivery.
- */
-export class HttpsTransportAdapter {
-    baseUrl;
-    timeoutMs;
-    fetchFn;
-    handlers = [];
-    constructor(opts) {
-        this.baseUrl = opts.baseUrl.replace(/\/$/, '');
-        this.timeoutMs = opts.timeoutMs ?? 10_000;
-        this.fetchFn = opts.fetch ?? globalThis.fetch.bind(globalThis);
-    }
-    async send(envelope, recipientDid) {
-        const url = `${this.baseUrl}/deliver/${encodeURIComponent(recipientDid)}`;
-        try {
-            const controller = new AbortController();
-            const timer = setTimeout(() => controller.abort(), this.timeoutMs);
-            const response = await this.fetchFn(url, {
-                method: 'POST',
-                headers: { 'Content-Type': 'application/json' },
-                body: JSON.stringify(envelope),
-                signal: controller.signal,
-            });
-            clearTimeout(timer);
-            if (!response.ok) {
-                return err(response.status === 404
-                    ? 'RECIPIENT_UNREACHABLE'
-                    : 'SEND_FAILED');
-            }
-            return ok(undefined);
-        }
-        catch (e) {
-            if (e instanceof DOMException && e.name === 'AbortError') {
-                return err('TIMEOUT');
-            }
-            return err('NETWORK_ERROR');
-        }
-    }
-    onReceive(handler) {
-        this.handlers.push(handler);
-    }
-    /**
-     * Dispatch a received envelope to all handlers.
-     * Called by the server when an incoming POST is received.
-     */
-    dispatch(envelope) {
-        for (const handler of this.handlers) {
-            handler(envelope);
-        }
-    }
-    dispose() {
-        this.handlers = [];
-    }
-}
+import{ok,err}from"./_deps/shared/index.js";export class HttpsTransportAdapter{baseUrl;timeoutMs;fetchFn;handlers=[];constructor(t){this.baseUrl=t.baseUrl.replace(/\/$/,""),this.timeoutMs=t.timeoutMs??1e4,this.fetchFn=t.fetch??globalThis.fetch.bind(globalThis)}async send(t,e){const s=`${this.baseUrl}/deliver/${encodeURIComponent(e)}`;try{const e=new AbortController,r=setTimeout(()=>e.abort(),this.timeoutMs),o=await this.fetchFn(s,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(t),signal:e.signal});return clearTimeout(r),o.ok?ok(void 0):err(404===o.status?"RECIPIENT_UNREACHABLE":"SEND_FAILED")}catch(t){return t instanceof DOMException&&"AbortError"===t.name?err("TIMEOUT"):err("NETWORK_ERROR")}}onReceive(t){this.handlers.push(t)}dispatch(t){for(const e of this.handlers)e(t)}dispose(){this.handlers=[]}}

package/dist-standalone/trust-registry.d.ts CHANGED Viewed

@@ -1,7 +1,81 @@
 import type { Result } from '@private.me/shared';
 import type { DIDStateCheckpoint } from './checkpoint.js';
+/**
+ * Rate limiter for DID registration endpoints.
+ *
+ * Implements sliding window algorithm with:
+ * - Per-IP limit: 10 registrations/hour
+ * - Global limit: 1000 registrations/hour
+ *
+ * Prevents DID registration spam attacks (SCALE-1).
+ */
+export declare class RegistrationRateLimiter {
+    private readonly perIPTimestamps;
+    private readonly globalTimestamps;
+    private readonly perIPLimit;
+    private readonly globalLimit;
+    private readonly windowMs;
+    private cleanupInterval;
+    /**
+     * Create a new registration rate limiter.
+     *
+     * @param perIPLimit - Maximum registrations per IP in time window (default: 10)
+     * @param globalLimit - Maximum global registrations in time window (default: 1000)
+     * @param windowMs - Time window in milliseconds (default: 3600000 = 1 hour)
+     */
+    constructor(perIPLimit?: number, globalLimit?: number, windowMs?: number);
+    /**
+     * Check if registration is allowed for the given IP.
+     *
+     * @param ip - Client IP address
+     * @returns True if allowed, false if rate limited
+     */
+    checkLimit(ip: string): boolean;
+    /**
+     * Record a registration attempt.
+     *
+     * Call this AFTER successful registration to avoid counting failures.
+     *
+     * @param ip - Client IP address
+     */
+    recordRegistration(ip: string): void;
+    /**
+     * Get remaining registrations for an IP.
+     *
+     * @param ip - Client IP address
+     * @returns Remaining registrations allowed
+     */
+    getRemainingForIP(ip: string): number;
+    /**
+     * Get remaining global registrations.
+     *
+     * @returns Remaining global registrations allowed
+     */
+    getRemainingGlobal(): number;
+    /**
+     * Get reset time for an IP's rate limit.
+     *
+     * @param ip - Client IP address
+     * @returns Unix timestamp (ms) when limit resets, or null if not rate limited
+     */
+    getResetTimeForIP(ip: string): number | null;
+    /**
+     * Cleanup old timestamps to prevent memory leaks.
+     *
+     * Removes entries with no requests in the last window period.
+     */
+    cleanup(): void;
+    /**
+     * Stop cleanup interval (for testing or shutdown).
+     */
+    destroy(): void;
+    /**
+     * Reset all rate limits (for testing).
+     */
+    reset(): void;
+}
 /** Trust registry error codes. */
-export type RegistryError = 'NOT_FOUND' | 'ALREADY_REGISTERED' | 'REVOKED' | 'NETWORK_ERROR';
+export type RegistryError = 'NOT_FOUND' | 'ALREADY_REGISTERED' | 'REVOKED' | 'EXPIRED' | 'NETWORK_ERROR' | 'RATE_LIMIT_EXCEEDED';
 /** Metadata stored for a registered DID. */
 export interface RegistryEntry {
     readonly did: string;
@@ -21,6 +95,14 @@ export interface RegistryEntry {
     readonly xchange?: boolean;
     /** Current rotation sequence for this DID (prevents rollback attacks). */
     readonly rotation_sequence: number;
+    /** SDK version (semver format, e.g., "1.2.3"). Optional for backward compatibility. */
+    readonly sdkVersion?: string;
+    /** Minimum supported envelope version. Optional for backward compatibility. */
+    readonly minEnvelopeVersion?: number;
+    /** Maximum supported envelope version. Optional for backward compatibility. */
+    readonly maxEnvelopeVersion?: number;
+    /** Unix timestamp (milliseconds) when this entry expires. Undefined = never expires. */
+    readonly expiresAt?: number;
 }
 /** Trust event types for real-time registry updates. */
 export interface TrustEvent {
@@ -40,7 +122,7 @@ export interface TrustEvent {
  */
 export interface TrustRegistry {
     /** Register a DID with its public key, name, and scopes. */
-    register(did: string, publicKey: Uint8Array, name: string, scopes?: string[], x25519PublicKey?: Uint8Array, mlKemPublicKey?: Uint8Array, mlDsaPublicKey?: Uint8Array, xchange?: boolean, receiveScopes?: string[]): Promise<Result<void, RegistryError>>;
+    register(did: string, publicKey: Uint8Array, name: string, scopes?: string[], x25519PublicKey?: Uint8Array, mlKemPublicKey?: Uint8Array, mlDsaPublicKey?: Uint8Array, xchange?: boolean, receiveScopes?: string[], sdkVersion?: string, minEnvelopeVersion?: number, maxEnvelopeVersion?: number, ttlMs?: number, clientIP?: string): Promise<Result<void, RegistryError>>;
     /** Resolve a DID to its raw public key bytes. */
     resolve(did: string): Promise<Result<Uint8Array, RegistryError>>;
     /** Check if a DID has a specific scope permission. */
@@ -76,19 +158,33 @@ export interface TrustRegistry {
      * @param scopes - New scopes (replaces existing)
      */
     updateScopes?(did: string, scopes: string[]): Promise<Result<void, RegistryError>>;
+    /**
+     * Remove all expired entries from the registry.
+     * Optional method - not all implementations support cleanup.
+     *
+     * @returns Number of entries removed.
+     */
+    cleanup?(): Promise<number>;
 }
 /**
  * In-memory trust registry for development and testing.
  */
 export declare class MemoryTrustRegistry implements TrustRegistry {
     private readonly entries;
-    register(did: string, publicKey: Uint8Array, name: string, scopes?: string[], x25519PublicKey?: Uint8Array, mlKemPublicKey?: Uint8Array, mlDsaPublicKey?: Uint8Array, xchange?: boolean, receiveScopes?: string[]): Promise<Result<void, RegistryError>>;
+    private readonly rateLimiter?;
+    constructor(opts?: {
+        enableRateLimiting?: boolean;
+        rateLimiter?: RegistrationRateLimiter;
+    });
+    register(did: string, publicKey: Uint8Array, name: string, scopes?: string[], x25519PublicKey?: Uint8Array, mlKemPublicKey?: Uint8Array, mlDsaPublicKey?: Uint8Array, xchange?: boolean, receiveScopes?: string[], sdkVersion?: string, minEnvelopeVersion?: number, maxEnvelopeVersion?: number, ttlMs?: number, clientIP?: string): Promise<Result<void, RegistryError>>;
     resolve(did: string): Promise<Result<Uint8Array, RegistryError>>;
     hasScope(did: string, scope: string): Promise<boolean>;
     hasReceiveScope(did: string, scope: string): Promise<boolean>;
     revoke(did: string): Promise<Result<void, RegistryError>>;
     getEntry(did: string): Promise<Result<RegistryEntry, RegistryError>>;
     updateScopes(did: string, scopes: string[]): Promise<Result<void, RegistryError>>;
+    /** Remove all expired entries from the registry. */
+    cleanup(): Promise<number>;
     /** Number of entries (for testing). */
     get size(): number;
 }
@@ -126,7 +222,7 @@ export declare class HttpTrustRegistry implements TrustRegistry {
     constructor(opts: HttpTrustRegistryOptions);
     /** Clear all cached entries. Call after registration or revocation. */
     clearCache(): void;
-    register(did: string, publicKey: Uint8Array, name: string, scopes?: string[], x25519PublicKey?: Uint8Array, mlKemPublicKey?: Uint8Array, mlDsaPublicKey?: Uint8Array, xchange?: boolean, receiveScopes?: string[]): Promise<Result<void, RegistryError>>;
+    register(did: string, publicKey: Uint8Array, name: string, scopes?: string[], x25519PublicKey?: Uint8Array, mlKemPublicKey?: Uint8Array, mlDsaPublicKey?: Uint8Array, xchange?: boolean, receiveScopes?: string[], sdkVersion?: string, minEnvelopeVersion?: number, maxEnvelopeVersion?: number, ttlMs?: number, clientIP?: string): Promise<Result<void, RegistryError>>;
     resolve(did: string): Promise<Result<Uint8Array, RegistryError>>;
     hasScope(did: string, scope: string): Promise<boolean>;
     hasReceiveScope(did: string, scope: string): Promise<boolean>;
@@ -226,13 +322,15 @@ export declare class FileTrustRegistry implements TrustRegistry {
     private init;
     /** Append record to JSONL file. */
     private append;
-    register(did: string, publicKey: Uint8Array, name: string, scopes?: string[], x25519PublicKey?: Uint8Array, mlKemPublicKey?: Uint8Array, mlDsaPublicKey?: Uint8Array, xchange?: boolean, receiveScopes?: string[]): Promise<Result<void, RegistryError>>;
+    register(did: string, publicKey: Uint8Array, name: string, scopes?: string[], x25519PublicKey?: Uint8Array, mlKemPublicKey?: Uint8Array, mlDsaPublicKey?: Uint8Array, xchange?: boolean, receiveScopes?: string[], sdkVersion?: string, minEnvelopeVersion?: number, maxEnvelopeVersion?: number, ttlMs?: number, clientIP?: string): Promise<Result<void, RegistryError>>;
     resolve(did: string): Promise<Result<Uint8Array, RegistryError>>;
     hasScope(did: string, scope: string): Promise<boolean>;
     hasReceiveScope(did: string, scope: string): Promise<boolean>;
     revoke(did: string): Promise<Result<void, RegistryError>>;
     getEntry(did: string): Promise<Result<RegistryEntry, RegistryError>>;
     updateScopes(did: string, scopes: string[]): Promise<Result<void, RegistryError>>;
+    /** Remove all expired entries from the registry. */
+    cleanup(): Promise<number>;
     /**
      * Rotate a DID to a new public key with rollback protection.
      *
@@ -282,5 +380,8 @@ export declare function createEnterpriseTrustRegistry(opts: {
         mlKemPublicKey?: Uint8Array;
         mlDsaPublicKey?: Uint8Array;
         xchange?: boolean;
+        sdkVersion?: string;
+        minEnvelopeVersion?: number;
+        maxEnvelopeVersion?: number;
     }>;
 }): Promise<TrustRegistry>;