@private.me/xbind 2.3.4 → 3.0.1

package/dist-standalone/runtime/react-native.d.ts

@@ -0,0 +1,157 @@
+/**
+ * React Native Runtime Support for xBind
+ *
+ * Provides compatibility layer for React Native environments:
+ * - Polyfills for missing Node.js APIs
+ * - AsyncStorage adapter for persistence
+ * - Native crypto module integration
+ * - Cross-platform crypto primitives
+ *
+ * @module runtime/react-native
+ */
+import type { Result } from '@private.me/shared';
+/**
+ * React Native AsyncStorage interface
+ */
+export interface AsyncStorage {
+    getItem(key: string): Promise<string | null>;
+    setItem(key: string, value: string): Promise<void>;
+    removeItem(key: string): Promise<void>;
+    getAllKeys(): Promise<string[]>;
+    multiGet(keys: string[]): Promise<Array<[string, string | null]>>;
+    multiSet(keyValuePairs: Array<[string, string]>): Promise<void>;
+    multiRemove(keys: string[]): Promise<void>;
+}
+/**
+ * React Native crypto capabilities
+ */
+export interface ReactNativeCrypto {
+    getRandomValues(array: Uint8Array): void;
+    subtle?: {
+        digest(algorithm: string, data: BufferSource): Promise<ArrayBuffer>;
+        encrypt(algorithm: AlgorithmIdentifier, key: CryptoKey, data: BufferSource): Promise<ArrayBuffer>;
+        decrypt(algorithm: AlgorithmIdentifier, key: CryptoKey, data: BufferSource): Promise<ArrayBuffer>;
+        sign(algorithm: AlgorithmIdentifier, key: CryptoKey, data: BufferSource): Promise<ArrayBuffer>;
+        verify(algorithm: AlgorithmIdentifier, key: CryptoKey, signature: BufferSource, data: BufferSource): Promise<boolean>;
+        generateKey(algorithm: AlgorithmIdentifier, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey | CryptoKeyPair>;
+        importKey(format: KeyFormat, keyData: BufferSource | JsonWebKey, algorithm: AlgorithmIdentifier, extractable: boolean, keyUsages: KeyUsage[]): Promise<CryptoKey>;
+        exportKey(format: KeyFormat, key: CryptoKey): Promise<ArrayBuffer | JsonWebKey>;
+    };
+}
+/**
+ * React Native runtime configuration
+ */
+export interface ReactNativeConfig {
+    /**
+     * AsyncStorage instance (required for persistence)
+     */
+    storage: AsyncStorage;
+    /**
+     * Crypto implementation (defaults to global.crypto or react-native-quick-crypto)
+     */
+    crypto?: ReactNativeCrypto;
+    /**
+     * Storage key prefix (prevents collisions)
+     */
+    storagePrefix?: string;
+    /**
+     * Enable debug logging
+     */
+    debug?: boolean;
+}
+/**
+ * AsyncStorage adapter for xBind persistence
+ *
+ * Provides cross-platform storage for:
+ * - Agent identities (Ed25519/X25519 keys)
+ * - Nonce store (replay protection)
+ * - Trust registry cache
+ * - Connection metadata
+ */
+export declare class AsyncStorageAdapter {
+    private readonly storage;
+    private readonly prefix;
+    private readonly debug;
+    constructor(config: ReactNativeConfig);
+    /**
+     * Get value by key
+     */
+    get(key: string): Promise<Result<string | null, Error>>;
+    /**
+     * Set key-value pair
+     */
+    set(key: string, value: string): Promise<Result<void, Error>>;
+    /**
+     * Remove key
+     */
+    remove(key: string): Promise<Result<void, Error>>;
+    /**
+     * Get all keys with prefix
+     */
+    keys(): Promise<Result<string[], Error>>;
+    /**
+     * Get multiple keys (batch operation)
+     */
+    multiGet(keys: string[]): Promise<Result<Array<[string, string | null]>, Error>>;
+    /**
+     * Set multiple key-value pairs (batch operation)
+     */
+    multiSet(pairs: Array<[string, string]>): Promise<Result<void, Error>>;
+    /**
+     * Clear all xBind data
+     */
+    clear(): Promise<Result<void, Error>>;
+}
+/**
+ * Detect available crypto implementation
+ */
+export declare function detectCrypto(): ReactNativeCrypto | null;
+/**
+ * Get random bytes (cross-platform)
+ */
+export declare function getRandomBytes(length: number, crypto?: ReactNativeCrypto): Uint8Array;
+/**
+ * SHA-256 hash (cross-platform)
+ */
+export declare function sha256(data: Uint8Array, crypto?: ReactNativeCrypto): Promise<Uint8Array>;
+/**
+ * Buffer polyfill for React Native
+ *
+ * Uses global Buffer if available, otherwise provides minimal implementation
+ */
+export declare class BufferPolyfill {
+    static isBuffer(obj: any): boolean;
+    static from(data: string | Uint8Array | number[], encoding?: string): Uint8Array;
+    static toString(buffer: Uint8Array, encoding?: string): string;
+    static concat(buffers: Uint8Array[]): Uint8Array;
+    static alloc(size: number, fill?: number): Uint8Array;
+    private static fromBase64;
+    private static toBase64;
+    private static fromHex;
+    private static toHex;
+}
+/**
+ * Detect React Native runtime
+ */
+export declare function isReactNative(): boolean;
+/**
+ * Detect platform (iOS/Android)
+ */
+export declare function detectPlatform(): 'ios' | 'android' | 'unknown';
+/**
+ * Initialize React Native runtime environment
+ *
+ * Sets up polyfills and validates required dependencies
+ */
+export declare function initializeReactNative(config: ReactNativeConfig): Result<void, Error>;
+declare const _default: {
+    AsyncStorageAdapter: typeof AsyncStorageAdapter;
+    detectCrypto: typeof detectCrypto;
+    getRandomBytes: typeof getRandomBytes;
+    sha256: typeof sha256;
+    BufferPolyfill: typeof BufferPolyfill;
+    isReactNative: typeof isReactNative;
+    detectPlatform: typeof detectPlatform;
+    initializeReactNative: typeof initializeReactNative;
+};
+export default _default;

package/dist-standalone/runtime/react-native.js

@@ -0,0 +1 @@
+import{ok,err}from"../_deps/shared/index.js";export class AsyncStorageAdapter{storage;prefix;debug;constructor(t){this.storage=t.storage,this.prefix=t.storagePrefix||"@xbind:",this.debug=t.debug||!1}async get(t){try{const e=this.prefix+t,r=await this.storage.getItem(e);return this.debug&&console.log(`[AsyncStorage] GET ${e}:`,r?"found":"not found"),ok(r)}catch(t){return err(new Error(`AsyncStorage get failed: ${t}`))}}async set(t,e){try{const r=this.prefix+t;return await this.storage.setItem(r,e),this.debug&&console.log(`[AsyncStorage] SET ${r}:`,e.length,"bytes"),ok(void 0)}catch(t){return err(new Error(`AsyncStorage set failed: ${t}`))}}async remove(t){try{const e=this.prefix+t;return await this.storage.removeItem(e),this.debug&&console.log(`[AsyncStorage] REMOVE ${e}`),ok(void 0)}catch(t){return err(new Error(`AsyncStorage remove failed: ${t}`))}}async keys(){try{const t=(await this.storage.getAllKeys()).filter(t=>t.startsWith(this.prefix)).map(t=>t.substring(this.prefix.length));return this.debug&&console.log("[AsyncStorage] KEYS:",t.length,"items"),ok(t)}catch(t){return err(new Error(`AsyncStorage keys failed: ${t}`))}}async multiGet(t){try{const e=t.map(t=>this.prefix+t),r=(await this.storage.multiGet(e)).map(([t,e])=>[t.substring(this.prefix.length),e]);return this.debug&&console.log("[AsyncStorage] MULTI_GET:",t.length,"keys"),ok(r)}catch(t){return err(new Error(`AsyncStorage multiGet failed: ${t}`))}}async multiSet(t){try{const e=t.map(([t,e])=>[this.prefix+t,e]);return await this.storage.multiSet(e),this.debug&&console.log("[AsyncStorage] MULTI_SET:",t.length,"pairs"),ok(void 0)}catch(t){return err(new Error(`AsyncStorage multiSet failed: ${t}`))}}async clear(){try{const t=await this.keys();if(!t.ok)return err(t.error);const e=t.value.map(t=>this.prefix+t);return e.length>0&&await this.storage.multiRemove(e),this.debug&&console.log("[AsyncStorage] CLEAR:",e.length,"items removed"),ok(void 0)}catch(t){return err(new Error(`AsyncStorage clear failed: ${t}`))}}}export function detectCrypto(){if("undefined"!=typeof global&&global.crypto)return global.crypto;try{return require("react-native-quick-crypto")}catch{}try{const t=require("expo-crypto");return{getRandomValues:e=>{const r=t.getRandomBytes(e.length);e.set(r)}}}catch{}return null}export function getRandomBytes(t,e){const r=e||detectCrypto();if(!r)throw new Error("No crypto implementation available. Install react-native-quick-crypto or expo-crypto.");const o=new Uint8Array(t);return r.getRandomValues(o),o}export async function sha256(t,e){const r=e||detectCrypto();if(!r?.subtle)throw new Error("No SubtleCrypto implementation available. Install react-native-quick-crypto.");const o=new Uint8Array(t).buffer,n=await r.subtle.digest("SHA-256",o);return new Uint8Array(n)}export class BufferPolyfill{static isBuffer(t){return t instanceof Uint8Array}static from(t,e){if("string"==typeof t){if("base64"===e)return this.fromBase64(t);if("hex"===e)return this.fromHex(t);return(new TextEncoder).encode(t)}return Array.isArray(t),new Uint8Array(t)}static toString(t,e){if("base64"===e)return this.toBase64(t);if("hex"===e)return this.toHex(t);return(new TextDecoder).decode(t)}static concat(t){const e=t.reduce((t,e)=>t+e.length,0),r=new Uint8Array(e);let o=0;for(const e of t)r.set(e,o),o+=e.length;return r}static alloc(t,e){const r=new Uint8Array(t);return void 0!==e&&r.fill(e),r}static fromBase64(t){const e=atob(t),r=new Uint8Array(e.length);for(let t=0;t<e.length;t++)r[t]=e.charCodeAt(t);return r}static toBase64(t){let e="";for(let r=0;r<t.length;r++){const o=t[r];void 0!==o&&(e+=String.fromCharCode(o))}return btoa(e)}static fromHex(t){const e=new Uint8Array(t.length/2);for(let r=0;r<e.length;r++)e[r]=parseInt(t.substr(2*r,2),16);return e}static toHex(t){return Array.from(t).map(t=>t.toString(16).padStart(2,"0")).join("")}}export function isReactNative(){return"undefined"!=typeof navigator&&"ReactNative"===navigator.product}export function detectPlatform(){if("undefined"==typeof navigator)return"unknown";const t=navigator.userAgent||"";return/iPhone|iPad|iPod/.test(t)?"ios":/Android/.test(t)?"android":"unknown"}export function initializeReactNative(t){try{if(!t.storage)return err(new Error("AsyncStorage is required for React Native runtime"));const e=t.crypto||detectCrypto();return e?(global.crypto||(global.crypto=e),global.Buffer||(global.Buffer=BufferPolyfill),t.debug&&console.log("[xBind] React Native runtime initialized:",{platform:detectPlatform(),crypto:e.subtle?"full":"basic",storage:"AsyncStorage",prefix:t.storagePrefix||"@xbind:"}),ok(void 0)):err(new Error("No crypto implementation found. Install react-native-quick-crypto or expo-crypto."))}catch(t){return err(new Error(`React Native initialization failed: ${t}`))}}export default{AsyncStorageAdapter:AsyncStorageAdapter,detectCrypto:detectCrypto,getRandomBytes:getRandomBytes,sha256:sha256,BufferPolyfill:BufferPolyfill,isReactNative:isReactNative,detectPlatform:detectPlatform,initializeReactNative:initializeReactNative};

package/dist-standalone/types/error-response.d.ts

@@ -0,0 +1,209 @@
+/**
+ * Error Response Types
+ *
+ * Dual-code error response system supporting both AWS standard codes
+ * and legacy xBind codes for backward compatibility.
+ *
+ * @packageDocumentation
+ */
+/**
+ * Standardized error response structure with dual-code support
+ *
+ * Supports multiple code formats:
+ * - AWS standard codes (primary): InvalidParameterException, UnauthorizedException
+ * - Legacy xBind codes (deprecated): XBIND_INVALID_SIGNATURE, XBIND_AUTH_FAILED
+ * - gRPC status codes: INVALID_ARGUMENT, UNAUTHENTICATED
+ * - HTTP status codes: 400, 401, 403, etc.
+ *
+ * @example
+ * ```typescript
+ * const error: ErrorResponse = {
+ *   code: 'UnauthorizedException',
+ *   legacyCode: 'XBIND_AUTH_FAILED',
+ *   httpStatus: 401,
+ *   grpcCode: 'UNAUTHENTICATED',
+ *   message: 'Invalid signature',
+ *   hint: 'Ensure DID signature is correct',
+ *   docs: 'https://private.me/docs/xbind#authentication',
+ *   requestId: 'req_abc123',
+ *   timestamp: Date.now()
+ * };
+ * ```
+ */
+export interface ErrorResponse {
+    /**
+     * AWS standard error code (primary)
+     *
+     * Examples:
+     * - InvalidParameterException
+     * - UnauthorizedException
+     * - ResourceNotFoundException
+     * - InternalServerException
+     * - ServiceUnavailableException
+     * - ThrottlingException
+     *
+     * This is the primary code format. All new integrations should use this.
+     */
+    code: string;
+    /**
+     * Legacy xBind error code (deprecated)
+     *
+     * Examples:
+     * - XBIND_INVALID_SIGNATURE
+     * - XBIND_AUTH_FAILED
+     * - XBIND_DID_NOT_FOUND
+     * - XBIND_RATE_LIMIT
+     *
+     * Provided for backward compatibility only.
+     * Will be removed in future major version.
+     *
+     * @deprecated Use `code` field instead
+     */
+    legacyCode?: string;
+    /**
+     * HTTP status code
+     *
+     * Standard HTTP status codes:
+     * - 400: Bad Request (InvalidParameterException)
+     * - 401: Unauthorized (UnauthorizedException)
+     * - 403: Forbidden (AccessDeniedException)
+     * - 404: Not Found (ResourceNotFoundException)
+     * - 429: Too Many Requests (ThrottlingException)
+     * - 500: Internal Server Error (InternalServerException)
+     * - 503: Service Unavailable (ServiceUnavailableException)
+     */
+    httpStatus: number;
+    /**
+     * gRPC status code (optional)
+     *
+     * Examples:
+     * - INVALID_ARGUMENT
+     * - UNAUTHENTICATED
+     * - PERMISSION_DENIED
+     * - NOT_FOUND
+     * - RESOURCE_EXHAUSTED
+     * - INTERNAL
+     * - UNAVAILABLE
+     *
+     * Provided for gRPC-based integrations.
+     */
+    grpcCode?: string;
+    /**
+     * Human-readable error message
+     *
+     * Should be clear and actionable. Avoid technical jargon where possible.
+     *
+     * Example: "Invalid signature" instead of "ECDSA verification failed"
+     */
+    message: string;
+    /**
+     * Developer hint for resolving the error (optional)
+     *
+     * Provides actionable guidance for fixing the issue.
+     *
+     * Example: "Ensure DID signature is correct and not expired"
+     */
+    hint?: string;
+    /**
+     * Documentation URL for detailed error information (optional)
+     *
+     * Links to relevant documentation section for this error type.
+     *
+     * Example: "https://private.me/docs/xbind#authentication"
+     */
+    docs?: string;
+    /**
+     * Request ID for correlation and debugging (optional)
+     *
+     * Unique identifier for this request. Used for:
+     * - Log correlation across distributed systems
+     * - Customer support troubleshooting
+     * - Audit trail tracking
+     *
+     * Format: "req_" + random alphanumeric (e.g., "req_abc123def456")
+     */
+    requestId?: string;
+    /**
+     * Error timestamp in milliseconds since Unix epoch (optional)
+     *
+     * When the error occurred. Useful for:
+     * - Time-based debugging
+     * - Rate limit tracking
+     * - Audit logs
+     *
+     * Format: Unix timestamp in milliseconds (Date.now())
+     */
+    timestamp?: number;
+    /**
+     * Correlation ID for distributed tracing (optional)
+     *
+     * Tracks a single logical operation across multiple services.
+     * Different from requestId (per-request) - this spans multiple requests.
+     *
+     * Format: UUID or similar distributed trace ID
+     *
+     * Example: "trace_789xyz" spans: Auth request → DID lookup → Billing check
+     */
+    correlationId?: string;
+}
+/**
+ * Error response with additional metadata for internal use
+ *
+ * Extends ErrorResponse with internal fields that should NOT be
+ * exposed to external clients.
+ *
+ * @internal
+ */
+export interface InternalErrorResponse extends ErrorResponse {
+    /**
+     * Stack trace (internal only, never exposed externally)
+     *
+     * @internal
+     */
+    stack?: string;
+    /**
+     * Internal error code for debugging (internal only)
+     *
+     * @internal
+     */
+    internalCode?: string;
+    /**
+     * Service name that generated the error
+     *
+     * @internal
+     */
+    service?: string;
+}
+/**
+ * Type guard to check if a value is an ErrorResponse
+ *
+ * @param value - Value to check
+ * @returns True if value is an ErrorResponse
+ *
+ * @example
+ * ```typescript
+ * if (isErrorResponse(result)) {
+ *   console.error(result.message);
+ * }
+ * ```
+ */
+export declare function isErrorResponse(value: unknown): value is ErrorResponse;
+/**
+ * Create a standardized error response
+ *
+ * @param params - Error response parameters
+ * @returns Standardized ErrorResponse object
+ *
+ * @example
+ * ```typescript
+ * const error = createErrorResponse({
+ *   code: 'UnauthorizedException',
+ *   legacyCode: 'XBIND_AUTH_FAILED',
+ *   httpStatus: 401,
+ *   message: 'Invalid signature'
+ * });
+ * ```
+ */
+export declare function createErrorResponse(params: Omit<ErrorResponse, 'timestamp'> & {
+    timestamp?: number;
+}): ErrorResponse;

package/dist-standalone/types/error-response.js

@@ -0,0 +1 @@
+export function isErrorResponse(t){if(!t||"object"!=typeof t)return!1;const e=t;return"string"==typeof e.code&&"number"==typeof e.httpStatus&&"string"==typeof e.message}export function createErrorResponse(t){return{...t,timestamp:t.timestamp??Date.now()}}

package/dist-standalone/version-info.js

@@ -1 +1 @@
-import{createLogger}from"./logger.js";const logger=createLogger("version-info");export var Capability;!function(e){e.ENVELOPE_V1="envelope-v1",e.ENVELOPE_V2="envelope-v2",e.ENVELOPE_V3="envelope-v3",e.ENVELOPE_V4="envelope-v4",e.ML_KEM_768="ml-kem-768",e.ML_DSA_65="ml-dsa-65",e.X25519_ECDH="x25519-ecdh",e.ED25519_SIG="ed25519-sig",e.XORIDA="xorida",e.SPLIT_CHANNEL="split-channel",e.TRUST_REGISTRY="trust-registry",e.SERVICE_DISCOVERY="service-discovery",e.INVITE_SYSTEM="invite-system",e.AGENT_CALL="agent-call",e.XFETCH="xfetch",e.DUAL_MODE="dual-mode",e.BACKUP_RESTORE="backup-restore",e.CORRELATION_ID="correlation-id",e.STRUCTURED_LOGGING="structured-logging",e.DID_SUCCESSION="did-succession",e.GATEWAY_STATE="gateway-state",e.SUBSCRIPTION_PROOF="subscription-proof",e.POLICY_ENGINE="policy-engine",e.APPROVAL_FLOW="approval-flow",e.GUARDRAILS="guardrails",e.HTTP_COMPAT="http-compat",e.DID_WEB="did-web",e.DID_PRIVATEME="did:privateme",e.REDIS_NONCE="redis-nonce",e.RETRY_TRANSPORT="retry-transport"}(Capability||(Capability={}));const VERSION_METADATA={semver:"2.3.4",major:1,minor:4,patch:2,prerelease:void 0,build:void 0,features:[Capability.ENVELOPE_V1,Capability.ENVELOPE_V2,Capability.ENVELOPE_V3,Capability.ENVELOPE_V4,Capability.ML_KEM_768,Capability.ML_DSA_65,Capability.X25519_ECDH,Capability.ED25519_SIG,Capability.XORIDA,Capability.SPLIT_CHANNEL,Capability.TRUST_REGISTRY,Capability.SERVICE_DISCOVERY,Capability.INVITE_SYSTEM,Capability.AGENT_CALL,Capability.XFETCH,Capability.DUAL_MODE,Capability.BACKUP_RESTORE,Capability.CORRELATION_ID,Capability.STRUCTURED_LOGGING,Capability.DID_SUCCESSION,Capability.GATEWAY_STATE,Capability.SUBSCRIPTION_PROOF,Capability.POLICY_ENGINE,Capability.APPROVAL_FLOW,Capability.GUARDRAILS,Capability.HTTP_COMPAT,Capability.DID_WEB,Capability.DID_PRIVATEME,Capability.REDIS_NONCE,Capability.RETRY_TRANSPORT],deprecated:[{name:"envelope-v1",since:"1.2.0",removedIn:"2.0.0",migration:"Use createEnvelopeV2() or higher for split-channel support",docs:"https://private.me/docs/xbind/migration-v2"}],buildDate:(new Date).toISOString(),nodeVersion:process.version};export function getVersion(){return Object.freeze({...VERSION_METADATA})}export function hasCapability(e){return VERSION_METADATA.features.includes(e)}export function getCapabilities(){return Object.freeze([...VERSION_METADATA.features])}export function getDeprecationInfo(e){return VERSION_METADATA.deprecated.find(i=>i.name===e)}const warnedFeatures=new Set;export function warnIfDeprecated(e){if(warnedFeatures.has(e))return;const i=getDeprecationInfo(e);if(!i)return;warnedFeatures.add(e);const r=[`Feature "${e}" is deprecated since v${i.since}`,i.removedIn?`and will be removed in v${i.removedIn}.`:".",i.migration].join(" ");logger.warn(r,{feature:e,deprecatedSince:i.since,removedIn:i.removedIn,docs:i.docs}),"undefined"!=typeof console&&console.warn&&(console.warn(`[xBind] ${r}`),i.docs&&console.warn(`[xBind] See: ${i.docs}`))}export function parseVersion(e){const i=e.match(/^(\d+)\.(\d+)\.(\d+)(?:-([a-zA-Z0-9.-]+))?(?:\+([a-zA-Z0-9.-]+))?$/);if(!(i&&i[1]&&i[2]&&i[3]))throw new Error(`Invalid semantic version: ${e}`);return{major:parseInt(i[1],10),minor:parseInt(i[2],10),patch:parseInt(i[3],10),prerelease:i[4]||void 0,build:i[5]||void 0}}export function compareVersions(e,i){const r=parseVersion(e),a=parseVersion(i);if(r.major<a.major)return-1;if(r.major>a.major)return 1;if(r.minor<a.minor)return-1;if(r.minor>a.minor)return 1;if(r.patch<a.patch)return-1;if(r.patch>a.patch)return 1;if(r.prerelease&&!a.prerelease)return-1;if(!r.prerelease&&a.prerelease)return 1;if(r.prerelease&&a.prerelease){if(r.prerelease<a.prerelease)return-1;if(r.prerelease>a.prerelease)return 1}return 0}export function checkCompatibility(e){const i=VERSION_METADATA.semver;if(e.startsWith("^")){const r=e.slice(1),a=parseVersion(r);return parseVersion(i).major!==a.major?{compatible:!1,message:`Incompatible major version. Required: ^${r}, Current: ${i}`,severity:"error",required:e,actual:i}:compareVersions(i,r)<0?{compatible:!1,message:`SDK version too old. Required: ^${r}, Current: ${i}`,severity:"error",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} satisfies ^${r})`,severity:"info",required:e,actual:i}}if(e.startsWith("~")){const r=e.slice(1),a=parseVersion(r),t=parseVersion(i);return t.major!==a.major||t.minor!==a.minor?{compatible:!1,message:`Incompatible version. Required: ~${r}, Current: ${i}`,severity:"error",required:e,actual:i}:compareVersions(i,r)<0?{compatible:!1,message:`SDK version too old. Required: ~${r}, Current: ${i}`,severity:"error",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} satisfies ~${r})`,severity:"info",required:e,actual:i}}let r,a,t;try{r=compareVersions(i,e)}catch(r){return{compatible:!1,message:`Invalid version format: ${e}`,severity:"error",required:e,actual:i}}if(0===r)return{compatible:!0,message:`Exact version match (${i})`,severity:"info",required:e,actual:i};if(r<0)return{compatible:!1,message:`SDK version too old. Required: ${e}, Current: ${i}`,severity:"error",required:e,actual:i};try{a=parseVersion(e),t=parseVersion(i)}catch(r){return{compatible:!0,message:`Compatible (${i} is newer than ${e})`,severity:"info",required:e,actual:i}}return t.major>a.major?{compatible:!1,message:`Breaking changes in SDK. Required: ${e}, Current: ${i}`,severity:"warning",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} is newer than ${e})`,severity:"info",required:e,actual:i}}export function getMinimumVersionFor(e){return{[Capability.ENVELOPE_V1]:"1.0.0",[Capability.ENVELOPE_V2]:"1.1.0",[Capability.ENVELOPE_V3]:"1.2.0",[Capability.ENVELOPE_V4]:"1.3.0",[Capability.ML_KEM_768]:"1.2.0",[Capability.ML_DSA_65]:"1.3.0",[Capability.X25519_ECDH]:"1.0.0",[Capability.ED25519_SIG]:"1.0.0",[Capability.XORIDA]:"1.0.0",[Capability.SPLIT_CHANNEL]:"1.1.0",[Capability.TRUST_REGISTRY]:"1.0.0",[Capability.SERVICE_DISCOVERY]:"1.1.0",[Capability.INVITE_SYSTEM]:"1.1.0",[Capability.AGENT_CALL]:"1.0.0",[Capability.XFETCH]:"1.2.0",[Capability.DUAL_MODE]:"1.2.0",[Capability.BACKUP_RESTORE]:"1.3.0",[Capability.CORRELATION_ID]:"1.3.0",[Capability.STRUCTURED_LOGGING]:"1.3.0",[Capability.DID_SUCCESSION]:"1.2.0",[Capability.GATEWAY_STATE]:"1.2.0",[Capability.SUBSCRIPTION_PROOF]:"1.2.0",[Capability.POLICY_ENGINE]:"1.1.0",[Capability.APPROVAL_FLOW]:"1.1.0",[Capability.GUARDRAILS]:"1.2.0",[Capability.HTTP_COMPAT]:"1.2.0",[Capability.DID_WEB]:"1.1.0",[Capability.DID_PRIVATEME]:"1.2.0",[Capability.REDIS_NONCE]:"1.1.0",[Capability.RETRY_TRANSPORT]:"1.1.0"}[e]}export function assertMinimumVersion(e,i){const r=checkCompatibility(e);if(!r.compatible&&"error"===r.severity){const a=i?`${i} requires xBind >= ${e} (current: ${VERSION_METADATA.semver})`:r.message;throw new Error(a)}}
+import{createLogger}from"./logger.js";const logger=createLogger("version-info");export var Capability;!function(e){e.ENVELOPE_V1="envelope-v1",e.ENVELOPE_V2="envelope-v2",e.ENVELOPE_V3="envelope-v3",e.ENVELOPE_V4="envelope-v4",e.ML_KEM_768="ml-kem-768",e.ML_DSA_65="ml-dsa-65",e.X25519_ECDH="x25519-ecdh",e.ED25519_SIG="ed25519-sig",e.XORIDA="xorida",e.SPLIT_CHANNEL="split-channel",e.TRUST_REGISTRY="trust-registry",e.SERVICE_DISCOVERY="service-discovery",e.INVITE_SYSTEM="invite-system",e.AGENT_CALL="agent-call",e.XFETCH="xfetch",e.DUAL_MODE="dual-mode",e.BACKUP_RESTORE="backup-restore",e.CORRELATION_ID="correlation-id",e.STRUCTURED_LOGGING="structured-logging",e.DID_SUCCESSION="did-succession",e.GATEWAY_STATE="gateway-state",e.SUBSCRIPTION_PROOF="subscription-proof",e.POLICY_ENGINE="policy-engine",e.APPROVAL_FLOW="approval-flow",e.GUARDRAILS="guardrails",e.HTTP_COMPAT="http-compat",e.DID_WEB="did-web",e.DID_PRIVATEME="did:privateme",e.REDIS_NONCE="redis-nonce",e.RETRY_TRANSPORT="retry-transport"}(Capability||(Capability={}));const VERSION_METADATA={semver:"3.0.0",major:1,minor:4,patch:2,prerelease:void 0,build:void 0,features:[Capability.ENVELOPE_V1,Capability.ENVELOPE_V2,Capability.ENVELOPE_V3,Capability.ENVELOPE_V4,Capability.ML_KEM_768,Capability.ML_DSA_65,Capability.X25519_ECDH,Capability.ED25519_SIG,Capability.XORIDA,Capability.SPLIT_CHANNEL,Capability.TRUST_REGISTRY,Capability.SERVICE_DISCOVERY,Capability.INVITE_SYSTEM,Capability.AGENT_CALL,Capability.XFETCH,Capability.DUAL_MODE,Capability.BACKUP_RESTORE,Capability.CORRELATION_ID,Capability.STRUCTURED_LOGGING,Capability.DID_SUCCESSION,Capability.GATEWAY_STATE,Capability.SUBSCRIPTION_PROOF,Capability.POLICY_ENGINE,Capability.APPROVAL_FLOW,Capability.GUARDRAILS,Capability.HTTP_COMPAT,Capability.DID_WEB,Capability.DID_PRIVATEME,Capability.REDIS_NONCE,Capability.RETRY_TRANSPORT],deprecated:[{name:"envelope-v1",since:"1.2.0",removedIn:"2.0.0",migration:"Use createEnvelopeV2() or higher for split-channel support",docs:"https://private.me/docs/xbind/migration-v2"}],buildDate:(new Date).toISOString(),nodeVersion:process.version};export function getVersion(){return Object.freeze({...VERSION_METADATA})}export function hasCapability(e){return VERSION_METADATA.features.includes(e)}export function getCapabilities(){return Object.freeze([...VERSION_METADATA.features])}export function getDeprecationInfo(e){return VERSION_METADATA.deprecated.find(i=>i.name===e)}const warnedFeatures=new Set;export function warnIfDeprecated(e){if(warnedFeatures.has(e))return;const i=getDeprecationInfo(e);if(!i)return;warnedFeatures.add(e);const r=[`Feature "${e}" is deprecated since v${i.since}`,i.removedIn?`and will be removed in v${i.removedIn}.`:".",i.migration].join(" ");logger.warn(r,{feature:e,deprecatedSince:i.since,removedIn:i.removedIn,docs:i.docs}),"undefined"!=typeof console&&console.warn&&(console.warn(`[xBind] ${r}`),i.docs&&console.warn(`[xBind] See: ${i.docs}`))}export function parseVersion(e){const i=e.match(/^(\d+)\.(\d+)\.(\d+)(?:-([a-zA-Z0-9.-]+))?(?:\+([a-zA-Z0-9.-]+))?$/);if(!(i&&i[1]&&i[2]&&i[3]))throw new Error(`Invalid semantic version: ${e}`);return{major:parseInt(i[1],10),minor:parseInt(i[2],10),patch:parseInt(i[3],10),prerelease:i[4]||void 0,build:i[5]||void 0}}export function compareVersions(e,i){const r=parseVersion(e),a=parseVersion(i);if(r.major<a.major)return-1;if(r.major>a.major)return 1;if(r.minor<a.minor)return-1;if(r.minor>a.minor)return 1;if(r.patch<a.patch)return-1;if(r.patch>a.patch)return 1;if(r.prerelease&&!a.prerelease)return-1;if(!r.prerelease&&a.prerelease)return 1;if(r.prerelease&&a.prerelease){if(r.prerelease<a.prerelease)return-1;if(r.prerelease>a.prerelease)return 1}return 0}export function checkCompatibility(e){const i=VERSION_METADATA.semver;if(e.startsWith("^")){const r=e.slice(1),a=parseVersion(r);return parseVersion(i).major!==a.major?{compatible:!1,message:`Incompatible major version. Required: ^${r}, Current: ${i}`,severity:"error",required:e,actual:i}:compareVersions(i,r)<0?{compatible:!1,message:`SDK version too old. Required: ^${r}, Current: ${i}`,severity:"error",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} satisfies ^${r})`,severity:"info",required:e,actual:i}}if(e.startsWith("~")){const r=e.slice(1),a=parseVersion(r),t=parseVersion(i);return t.major!==a.major||t.minor!==a.minor?{compatible:!1,message:`Incompatible version. Required: ~${r}, Current: ${i}`,severity:"error",required:e,actual:i}:compareVersions(i,r)<0?{compatible:!1,message:`SDK version too old. Required: ~${r}, Current: ${i}`,severity:"error",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} satisfies ~${r})`,severity:"info",required:e,actual:i}}let r,a,t;try{r=compareVersions(i,e)}catch(r){return{compatible:!1,message:`Invalid version format: ${e}`,severity:"error",required:e,actual:i}}if(0===r)return{compatible:!0,message:`Exact version match (${i})`,severity:"info",required:e,actual:i};if(r<0)return{compatible:!1,message:`SDK version too old. Required: ${e}, Current: ${i}`,severity:"error",required:e,actual:i};try{a=parseVersion(e),t=parseVersion(i)}catch(r){return{compatible:!0,message:`Compatible (${i} is newer than ${e})`,severity:"info",required:e,actual:i}}return t.major>a.major?{compatible:!1,message:`Breaking changes in SDK. Required: ${e}, Current: ${i}`,severity:"warning",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} is newer than ${e})`,severity:"info",required:e,actual:i}}export function getMinimumVersionFor(e){return{[Capability.ENVELOPE_V1]:"1.0.0",[Capability.ENVELOPE_V2]:"1.1.0",[Capability.ENVELOPE_V3]:"1.2.0",[Capability.ENVELOPE_V4]:"1.3.0",[Capability.ML_KEM_768]:"1.2.0",[Capability.ML_DSA_65]:"1.3.0",[Capability.X25519_ECDH]:"1.0.0",[Capability.ED25519_SIG]:"1.0.0",[Capability.XORIDA]:"1.0.0",[Capability.SPLIT_CHANNEL]:"1.1.0",[Capability.TRUST_REGISTRY]:"1.0.0",[Capability.SERVICE_DISCOVERY]:"1.1.0",[Capability.INVITE_SYSTEM]:"1.1.0",[Capability.AGENT_CALL]:"1.0.0",[Capability.XFETCH]:"1.2.0",[Capability.DUAL_MODE]:"1.2.0",[Capability.BACKUP_RESTORE]:"1.3.0",[Capability.CORRELATION_ID]:"1.3.0",[Capability.STRUCTURED_LOGGING]:"1.3.0",[Capability.DID_SUCCESSION]:"1.2.0",[Capability.GATEWAY_STATE]:"1.2.0",[Capability.SUBSCRIPTION_PROOF]:"1.2.0",[Capability.POLICY_ENGINE]:"1.1.0",[Capability.APPROVAL_FLOW]:"1.1.0",[Capability.GUARDRAILS]:"1.2.0",[Capability.HTTP_COMPAT]:"1.2.0",[Capability.DID_WEB]:"1.1.0",[Capability.DID_PRIVATEME]:"1.2.0",[Capability.REDIS_NONCE]:"1.1.0",[Capability.RETRY_TRANSPORT]:"1.1.0"}[e]}export function assertMinimumVersion(e,i){const r=checkCompatibility(e);if(!r.compatible&&"error"===r.severity){const a=i?`${i} requires xBind >= ${e} (current: ${VERSION_METADATA.semver})`:r.message;throw new Error(a)}}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@private.me/xbind",
-  "version": "2.3.4",
+  "version": "3.0.1",
   "description": "Identity-based M2M authentication (Contains encryption - export restrictions apply)",
   "license": "Proprietary",
   "author": "Private.Me Contributors",
@@ -83,6 +83,9 @@
     "dist-standalone/cli/**",
     "dist-standalone/cjs/**",
     "dist-standalone/_deps/**",
+    "dist-standalone/runtime/**",
+    "dist-standalone/plugins/**",
+    "dist-standalone/types/**",
     "!dist-standalone/_deps/crypto/**",
     "dist-standalone/package.json",
     "dist-standalone/vault-store-loader.js",