@private.me/xbind 3.0.1 → 3.0.3

package/dist-standalone/version-info.js

@@ -1 +1 @@
-import{createLogger}from"./logger.js";const logger=createLogger("version-info");export var Capability;!function(e){e.ENVELOPE_V1="envelope-v1",e.ENVELOPE_V2="envelope-v2",e.ENVELOPE_V3="envelope-v3",e.ENVELOPE_V4="envelope-v4",e.ML_KEM_768="ml-kem-768",e.ML_DSA_65="ml-dsa-65",e.X25519_ECDH="x25519-ecdh",e.ED25519_SIG="ed25519-sig",e.XORIDA="xorida",e.SPLIT_CHANNEL="split-channel",e.TRUST_REGISTRY="trust-registry",e.SERVICE_DISCOVERY="service-discovery",e.INVITE_SYSTEM="invite-system",e.AGENT_CALL="agent-call",e.XFETCH="xfetch",e.DUAL_MODE="dual-mode",e.BACKUP_RESTORE="backup-restore",e.CORRELATION_ID="correlation-id",e.STRUCTURED_LOGGING="structured-logging",e.DID_SUCCESSION="did-succession",e.GATEWAY_STATE="gateway-state",e.SUBSCRIPTION_PROOF="subscription-proof",e.POLICY_ENGINE="policy-engine",e.APPROVAL_FLOW="approval-flow",e.GUARDRAILS="guardrails",e.HTTP_COMPAT="http-compat",e.DID_WEB="did-web",e.DID_PRIVATEME="did:privateme",e.REDIS_NONCE="redis-nonce",e.RETRY_TRANSPORT="retry-transport"}(Capability||(Capability={}));const VERSION_METADATA={semver:"3.0.0",major:1,minor:4,patch:2,prerelease:void 0,build:void 0,features:[Capability.ENVELOPE_V1,Capability.ENVELOPE_V2,Capability.ENVELOPE_V3,Capability.ENVELOPE_V4,Capability.ML_KEM_768,Capability.ML_DSA_65,Capability.X25519_ECDH,Capability.ED25519_SIG,Capability.XORIDA,Capability.SPLIT_CHANNEL,Capability.TRUST_REGISTRY,Capability.SERVICE_DISCOVERY,Capability.INVITE_SYSTEM,Capability.AGENT_CALL,Capability.XFETCH,Capability.DUAL_MODE,Capability.BACKUP_RESTORE,Capability.CORRELATION_ID,Capability.STRUCTURED_LOGGING,Capability.DID_SUCCESSION,Capability.GATEWAY_STATE,Capability.SUBSCRIPTION_PROOF,Capability.POLICY_ENGINE,Capability.APPROVAL_FLOW,Capability.GUARDRAILS,Capability.HTTP_COMPAT,Capability.DID_WEB,Capability.DID_PRIVATEME,Capability.REDIS_NONCE,Capability.RETRY_TRANSPORT],deprecated:[{name:"envelope-v1",since:"1.2.0",removedIn:"2.0.0",migration:"Use createEnvelopeV2() or higher for split-channel support",docs:"https://private.me/docs/xbind/migration-v2"}],buildDate:(new Date).toISOString(),nodeVersion:process.version};export function getVersion(){return Object.freeze({...VERSION_METADATA})}export function hasCapability(e){return VERSION_METADATA.features.includes(e)}export function getCapabilities(){return Object.freeze([...VERSION_METADATA.features])}export function getDeprecationInfo(e){return VERSION_METADATA.deprecated.find(i=>i.name===e)}const warnedFeatures=new Set;export function warnIfDeprecated(e){if(warnedFeatures.has(e))return;const i=getDeprecationInfo(e);if(!i)return;warnedFeatures.add(e);const r=[`Feature "${e}" is deprecated since v${i.since}`,i.removedIn?`and will be removed in v${i.removedIn}.`:".",i.migration].join(" ");logger.warn(r,{feature:e,deprecatedSince:i.since,removedIn:i.removedIn,docs:i.docs}),"undefined"!=typeof console&&console.warn&&(console.warn(`[xBind] ${r}`),i.docs&&console.warn(`[xBind] See: ${i.docs}`))}export function parseVersion(e){const i=e.match(/^(\d+)\.(\d+)\.(\d+)(?:-([a-zA-Z0-9.-]+))?(?:\+([a-zA-Z0-9.-]+))?$/);if(!(i&&i[1]&&i[2]&&i[3]))throw new Error(`Invalid semantic version: ${e}`);return{major:parseInt(i[1],10),minor:parseInt(i[2],10),patch:parseInt(i[3],10),prerelease:i[4]||void 0,build:i[5]||void 0}}export function compareVersions(e,i){const r=parseVersion(e),a=parseVersion(i);if(r.major<a.major)return-1;if(r.major>a.major)return 1;if(r.minor<a.minor)return-1;if(r.minor>a.minor)return 1;if(r.patch<a.patch)return-1;if(r.patch>a.patch)return 1;if(r.prerelease&&!a.prerelease)return-1;if(!r.prerelease&&a.prerelease)return 1;if(r.prerelease&&a.prerelease){if(r.prerelease<a.prerelease)return-1;if(r.prerelease>a.prerelease)return 1}return 0}export function checkCompatibility(e){const i=VERSION_METADATA.semver;if(e.startsWith("^")){const r=e.slice(1),a=parseVersion(r);return parseVersion(i).major!==a.major?{compatible:!1,message:`Incompatible major version. Required: ^${r}, Current: ${i}`,severity:"error",required:e,actual:i}:compareVersions(i,r)<0?{compatible:!1,message:`SDK version too old. Required: ^${r}, Current: ${i}`,severity:"error",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} satisfies ^${r})`,severity:"info",required:e,actual:i}}if(e.startsWith("~")){const r=e.slice(1),a=parseVersion(r),t=parseVersion(i);return t.major!==a.major||t.minor!==a.minor?{compatible:!1,message:`Incompatible version. Required: ~${r}, Current: ${i}`,severity:"error",required:e,actual:i}:compareVersions(i,r)<0?{compatible:!1,message:`SDK version too old. Required: ~${r}, Current: ${i}`,severity:"error",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} satisfies ~${r})`,severity:"info",required:e,actual:i}}let r,a,t;try{r=compareVersions(i,e)}catch(r){return{compatible:!1,message:`Invalid version format: ${e}`,severity:"error",required:e,actual:i}}if(0===r)return{compatible:!0,message:`Exact version match (${i})`,severity:"info",required:e,actual:i};if(r<0)return{compatible:!1,message:`SDK version too old. Required: ${e}, Current: ${i}`,severity:"error",required:e,actual:i};try{a=parseVersion(e),t=parseVersion(i)}catch(r){return{compatible:!0,message:`Compatible (${i} is newer than ${e})`,severity:"info",required:e,actual:i}}return t.major>a.major?{compatible:!1,message:`Breaking changes in SDK. Required: ${e}, Current: ${i}`,severity:"warning",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} is newer than ${e})`,severity:"info",required:e,actual:i}}export function getMinimumVersionFor(e){return{[Capability.ENVELOPE_V1]:"1.0.0",[Capability.ENVELOPE_V2]:"1.1.0",[Capability.ENVELOPE_V3]:"1.2.0",[Capability.ENVELOPE_V4]:"1.3.0",[Capability.ML_KEM_768]:"1.2.0",[Capability.ML_DSA_65]:"1.3.0",[Capability.X25519_ECDH]:"1.0.0",[Capability.ED25519_SIG]:"1.0.0",[Capability.XORIDA]:"1.0.0",[Capability.SPLIT_CHANNEL]:"1.1.0",[Capability.TRUST_REGISTRY]:"1.0.0",[Capability.SERVICE_DISCOVERY]:"1.1.0",[Capability.INVITE_SYSTEM]:"1.1.0",[Capability.AGENT_CALL]:"1.0.0",[Capability.XFETCH]:"1.2.0",[Capability.DUAL_MODE]:"1.2.0",[Capability.BACKUP_RESTORE]:"1.3.0",[Capability.CORRELATION_ID]:"1.3.0",[Capability.STRUCTURED_LOGGING]:"1.3.0",[Capability.DID_SUCCESSION]:"1.2.0",[Capability.GATEWAY_STATE]:"1.2.0",[Capability.SUBSCRIPTION_PROOF]:"1.2.0",[Capability.POLICY_ENGINE]:"1.1.0",[Capability.APPROVAL_FLOW]:"1.1.0",[Capability.GUARDRAILS]:"1.2.0",[Capability.HTTP_COMPAT]:"1.2.0",[Capability.DID_WEB]:"1.1.0",[Capability.DID_PRIVATEME]:"1.2.0",[Capability.REDIS_NONCE]:"1.1.0",[Capability.RETRY_TRANSPORT]:"1.1.0"}[e]}export function assertMinimumVersion(e,i){const r=checkCompatibility(e);if(!r.compatible&&"error"===r.severity){const a=i?`${i} requires xBind >= ${e} (current: ${VERSION_METADATA.semver})`:r.message;throw new Error(a)}}
+import{createLogger}from"./logger.js";const logger=createLogger("version-info");export var Capability;!function(e){e.ENVELOPE_V1="envelope-v1",e.ENVELOPE_V2="envelope-v2",e.ENVELOPE_V3="envelope-v3",e.ENVELOPE_V4="envelope-v4",e.ML_KEM_768="ml-kem-768",e.ML_DSA_65="ml-dsa-65",e.X25519_ECDH="x25519-ecdh",e.ED25519_SIG="ed25519-sig",e.XORIDA="xorida",e.SPLIT_CHANNEL="split-channel",e.TRUST_REGISTRY="trust-registry",e.SERVICE_DISCOVERY="service-discovery",e.INVITE_SYSTEM="invite-system",e.AGENT_CALL="agent-call",e.XFETCH="xfetch",e.DUAL_MODE="dual-mode",e.BACKUP_RESTORE="backup-restore",e.CORRELATION_ID="correlation-id",e.STRUCTURED_LOGGING="structured-logging",e.DID_SUCCESSION="did-succession",e.GATEWAY_STATE="gateway-state",e.SUBSCRIPTION_PROOF="subscription-proof",e.POLICY_ENGINE="policy-engine",e.APPROVAL_FLOW="approval-flow",e.GUARDRAILS="guardrails",e.HTTP_COMPAT="http-compat",e.DID_WEB="did-web",e.DID_PRIVATEME="did:privateme",e.REDIS_NONCE="redis-nonce",e.RETRY_TRANSPORT="retry-transport"}(Capability||(Capability={}));const VERSION_METADATA={semver:"3.0.3",major:3,minor:0,patch:3,prerelease:void 0,build:void 0,features:[Capability.ENVELOPE_V1,Capability.ENVELOPE_V2,Capability.ENVELOPE_V3,Capability.ENVELOPE_V4,Capability.ML_KEM_768,Capability.ML_DSA_65,Capability.X25519_ECDH,Capability.ED25519_SIG,Capability.XORIDA,Capability.SPLIT_CHANNEL,Capability.TRUST_REGISTRY,Capability.SERVICE_DISCOVERY,Capability.INVITE_SYSTEM,Capability.AGENT_CALL,Capability.XFETCH,Capability.DUAL_MODE,Capability.BACKUP_RESTORE,Capability.CORRELATION_ID,Capability.STRUCTURED_LOGGING,Capability.DID_SUCCESSION,Capability.GATEWAY_STATE,Capability.SUBSCRIPTION_PROOF,Capability.POLICY_ENGINE,Capability.APPROVAL_FLOW,Capability.GUARDRAILS,Capability.HTTP_COMPAT,Capability.DID_WEB,Capability.DID_PRIVATEME,Capability.REDIS_NONCE,Capability.RETRY_TRANSPORT],deprecated:[{name:"envelope-v1",since:"1.2.0",removedIn:"2.0.0",migration:"Use createEnvelopeV2() or higher for split-channel support",docs:"https://private.me/docs/xbind/migration-v2"}],buildDate:(new Date).toISOString(),nodeVersion:process.version};export function getVersion(){return Object.freeze({...VERSION_METADATA})}export function hasCapability(e){return VERSION_METADATA.features.includes(e)}export function getCapabilities(){return Object.freeze([...VERSION_METADATA.features])}export function getDeprecationInfo(e){return VERSION_METADATA.deprecated.find(i=>i.name===e)}const warnedFeatures=new Set;export function warnIfDeprecated(e){if(warnedFeatures.has(e))return;const i=getDeprecationInfo(e);if(!i)return;warnedFeatures.add(e);const r=[`Feature "${e}" is deprecated since v${i.since}`,i.removedIn?`and will be removed in v${i.removedIn}.`:".",i.migration].join(" ");logger.warn(r,{feature:e,deprecatedSince:i.since,removedIn:i.removedIn,docs:i.docs}),"undefined"!=typeof console&&console.warn&&(console.warn(`[xBind] ${r}`),i.docs&&console.warn(`[xBind] See: ${i.docs}`))}export function parseVersion(e){const i=e.match(/^(\d+)\.(\d+)\.(\d+)(?:-([a-zA-Z0-9.-]+))?(?:\+([a-zA-Z0-9.-]+))?$/);if(!(i&&i[1]&&i[2]&&i[3]))throw new Error(`Invalid semantic version: ${e}`);return{major:parseInt(i[1],10),minor:parseInt(i[2],10),patch:parseInt(i[3],10),prerelease:i[4]||void 0,build:i[5]||void 0}}export function compareVersions(e,i){const r=parseVersion(e),a=parseVersion(i);if(r.major<a.major)return-1;if(r.major>a.major)return 1;if(r.minor<a.minor)return-1;if(r.minor>a.minor)return 1;if(r.patch<a.patch)return-1;if(r.patch>a.patch)return 1;if(r.prerelease&&!a.prerelease)return-1;if(!r.prerelease&&a.prerelease)return 1;if(r.prerelease&&a.prerelease){if(r.prerelease<a.prerelease)return-1;if(r.prerelease>a.prerelease)return 1}return 0}export function checkCompatibility(e){const i=VERSION_METADATA.semver;if(e.startsWith("^")){const r=e.slice(1),a=parseVersion(r);return parseVersion(i).major!==a.major?{compatible:!1,message:`Incompatible major version. Required: ^${r}, Current: ${i}`,severity:"error",required:e,actual:i}:compareVersions(i,r)<0?{compatible:!1,message:`SDK version too old. Required: ^${r}, Current: ${i}`,severity:"error",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} satisfies ^${r})`,severity:"info",required:e,actual:i}}if(e.startsWith("~")){const r=e.slice(1),a=parseVersion(r),t=parseVersion(i);return t.major!==a.major||t.minor!==a.minor?{compatible:!1,message:`Incompatible version. Required: ~${r}, Current: ${i}`,severity:"error",required:e,actual:i}:compareVersions(i,r)<0?{compatible:!1,message:`SDK version too old. Required: ~${r}, Current: ${i}`,severity:"error",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} satisfies ~${r})`,severity:"info",required:e,actual:i}}let r,a,t;try{r=compareVersions(i,e)}catch{return{compatible:!1,message:`Invalid version format: ${e}`,severity:"error",required:e,actual:i}}if(0===r)return{compatible:!0,message:`Exact version match (${i})`,severity:"info",required:e,actual:i};if(r<0)return{compatible:!1,message:`SDK version too old. Required: ${e}, Current: ${i}`,severity:"error",required:e,actual:i};try{a=parseVersion(e),t=parseVersion(i)}catch{return{compatible:!0,message:`Compatible (${i} is newer than ${e})`,severity:"info",required:e,actual:i}}return t.major>a.major?{compatible:!1,message:`Breaking changes in SDK. Required: ${e}, Current: ${i}`,severity:"warning",required:e,actual:i}:{compatible:!0,message:`Compatible (${i} is newer than ${e})`,severity:"info",required:e,actual:i}}export function getMinimumVersionFor(e){return{[Capability.ENVELOPE_V1]:"1.0.0",[Capability.ENVELOPE_V2]:"1.1.0",[Capability.ENVELOPE_V3]:"1.2.0",[Capability.ENVELOPE_V4]:"1.3.0",[Capability.ML_KEM_768]:"1.2.0",[Capability.ML_DSA_65]:"1.3.0",[Capability.X25519_ECDH]:"1.0.0",[Capability.ED25519_SIG]:"1.0.0",[Capability.XORIDA]:"1.0.0",[Capability.SPLIT_CHANNEL]:"1.1.0",[Capability.TRUST_REGISTRY]:"1.0.0",[Capability.SERVICE_DISCOVERY]:"1.1.0",[Capability.INVITE_SYSTEM]:"1.1.0",[Capability.AGENT_CALL]:"1.0.0",[Capability.XFETCH]:"1.2.0",[Capability.DUAL_MODE]:"1.2.0",[Capability.BACKUP_RESTORE]:"1.3.0",[Capability.CORRELATION_ID]:"1.3.0",[Capability.STRUCTURED_LOGGING]:"1.3.0",[Capability.DID_SUCCESSION]:"1.2.0",[Capability.GATEWAY_STATE]:"1.2.0",[Capability.SUBSCRIPTION_PROOF]:"1.2.0",[Capability.POLICY_ENGINE]:"1.1.0",[Capability.APPROVAL_FLOW]:"1.1.0",[Capability.GUARDRAILS]:"1.2.0",[Capability.HTTP_COMPAT]:"1.2.0",[Capability.DID_WEB]:"1.1.0",[Capability.DID_PRIVATEME]:"1.2.0",[Capability.REDIS_NONCE]:"1.1.0",[Capability.RETRY_TRANSPORT]:"1.1.0"}[e]}export function assertMinimumVersion(e,i){const r=checkCompatibility(e);if(!r.compatible&&"error"===r.severity){const a=i?`${i} requires xBind >= ${e} (current: ${VERSION_METADATA.semver})`:r.message;throw new Error(a)}}

package/dist-standalone/xfetch.js

@@ -1 +1 @@
-import{Agent}from"./agent.js";import{AgentError,AgentErrorCode}from"./agent-call.js";async function checkXBindSupport(t){try{const e=await fetch(t,{method:"OPTIONS",headers:{"X-Capability-Check":"xbind"}});return"true"===e.headers.get("X-xBind-Support")?{supported:!0,endpoint:e.headers.get("X-xBind-Endpoint")||void 0,peerDID:e.headers.get("X-xBind-DID")||void 0,version:e.headers.get("X-xBind-Version")||void 0}:{supported:!1}}catch(t){return{supported:!1}}}async function sendViaXBind(t,e,r,o){const n=Date.now();if(!e.peerDID)throw new AgentError(AgentErrorCode.NETWORK_ERROR,"Server supports xBind but did not provide X-xBind-DID header",{url:t,capability:e});const i=e.peerDID,a=e.endpoint||t,s=new Uint8Array(16);crypto.getRandomValues(s);const d=Array.from(s).map(t=>t.toString(16).padStart(2,"0")).join(""),c=`xfetch_${Date.now()}_${d}`,p={correlationId:c,method:r.method||"GET",url:t,headers:r.headers||{},body:r.body?"string"==typeof r.body?r.body:JSON.stringify(r.body):void 0};return new Promise((e,s)=>{const d=setTimeout(()=>{s(new AgentError(AgentErrorCode.TIMEOUT,"xBind request timed out waiting for response",{url:t,correlationId:c,timeout:r.timeout||3e4}))},r.timeout||3e4);(async()=>{try{const u=await o.send({to:i,payload:p,scope:"xfetch",action:"http_request"});if(!u.ok)return clearTimeout(d),void s(new AgentError(AgentErrorCode.NETWORK_ERROR,`Failed to send xBind request: ${u.error}`,{url:t,error:u.error}));const l=`${a}/response/${c}`,g=100,h=(r.timeout||3e4)/g;for(let t=0;t<h;t++){await new Promise(t=>setTimeout(t,g));try{const t=await fetch(l);if(200===t.status){clearTimeout(d);const r=Date.now()-n;return void e(Object.assign(t,{usedXBind:!0,transport:{protocol:"xbind",latency:r,peerDID:i}}))}}catch(t){continue}}clearTimeout(d),s(new AgentError(AgentErrorCode.TIMEOUT,"Response not available after polling",{url:t,correlationId:c,polls:h}))}catch(e){clearTimeout(d),s(e instanceof AgentError?e:new AgentError(AgentErrorCode.NETWORK_ERROR,"xBind request failed",{url:t,error:String(e)}))}})()})}async function sendViaHTTP(t,e){const r=Date.now(),{forceXBind:o,disableXBind:n,agent:i,retry:a,...s}=e,d=await fetch(t,s),c=Date.now()-r;return Object.assign(d,{usedXBind:!1,transport:{protocol:t.startsWith("https")?"https":"http",latency:c}})}async function withRetry(t,e){const r=e?.maxAttempts??3,o=e?.initialDelay??1e3,n=e?.multiplier??2;let i,a=o;for(let e=1;e<=r;e++)try{return await t()}catch(t){if(i=t instanceof Error?t:new Error(String(t)),t instanceof Response&&t.status>=400&&t.status<500)throw t;e<r&&(await new Promise(t=>setTimeout(t,a)),a*=n)}throw i}export async function xfetch(t,e={}){let r;try{r=new URL(t)}catch(e){throw new AgentError(AgentErrorCode.INVALID_PARAMS,`Invalid URL: ${t}`,{url:t,error:e})}if(!["http:","https:"].includes(r.protocol))throw new AgentError(AgentErrorCode.INVALID_PARAMS,`Unsupported protocol: ${r.protocol}`,{url:t,protocol:r.protocol});const o=e.timeout??3e4,n=new AbortController,i=setTimeout(()=>n.abort(),o);try{const r=e.signal?AbortSignal.any?.([e.signal,n.signal])??n.signal:n.signal,o={...e,signal:r};if(e.disableXBind)return await withRetry(()=>sendViaHTTP(t,o),e.retry);const i=await checkXBindSupport(t);if(e.forceXBind&&!i.supported)throw new AgentError(AgentErrorCode.NETWORK_ERROR,`xBind required but endpoint does not support it: ${t}`,{url:t,forceXBind:!0,capability:i});if(i.supported){const r=e.agent??await Agent.from({identity:"ephemeral",identityTTL:36e5});return await withRetry(()=>sendViaXBind(t,i,o,r),e.retry)}return await withRetry(()=>sendViaHTTP(t,o),e.retry)}finally{clearTimeout(i)}}export async function isXBindSupported(t){return(await checkXBindSupport(t)).supported}export async function getXBindCapability(t){return checkXBindSupport(t)}
+import{Agent}from"./agent.js";import{AgentError,AgentErrorCode}from"./agent-call.js";async function checkXBindSupport(t){try{const e=await fetch(t,{method:"OPTIONS",headers:{"X-Capability-Check":"xbind"}});return"true"===e.headers.get("X-xBind-Support")?{supported:!0,endpoint:e.headers.get("X-xBind-Endpoint")||void 0,peerDID:e.headers.get("X-xBind-DID")||void 0,version:e.headers.get("X-xBind-Version")||void 0}:{supported:!1}}catch{return{supported:!1}}}async function sendViaXBind(t,e,r,o){const n=Date.now();if(!e.peerDID)throw new AgentError(AgentErrorCode.NETWORK_ERROR,"Server supports xBind but did not provide X-xBind-DID header",{url:t,capability:e});const i=e.peerDID,a=e.endpoint||t,s=new Uint8Array(16);crypto.getRandomValues(s);const d=Array.from(s).map(t=>t.toString(16).padStart(2,"0")).join(""),c=`xfetch_${Date.now()}_${d}`,p={correlationId:c,method:r.method||"GET",url:t,headers:r.headers||{},body:r.body?"string"==typeof r.body?r.body:JSON.stringify(r.body):void 0};return new Promise((e,s)=>{const d=setTimeout(()=>{s(new AgentError(AgentErrorCode.TIMEOUT,"xBind request timed out waiting for response",{url:t,correlationId:c,timeout:r.timeout||3e4}))},r.timeout||3e4);(async()=>{try{const u=await o.send({to:i,payload:p,scope:"xfetch",action:"http_request"});if(!u.ok)return clearTimeout(d),void s(new AgentError(AgentErrorCode.NETWORK_ERROR,`Failed to send xBind request: ${u.error}`,{url:t,error:u.error}));const l=`${a}/response/${c}`,g=100,h=(r.timeout||3e4)/g;for(let t=0;t<h;t++){await new Promise(t=>setTimeout(t,g));try{const t=await fetch(l);if(200===t.status){clearTimeout(d);const r=Date.now()-n;return void e(Object.assign(t,{usedXBind:!0,transport:{protocol:"xbind",latency:r,peerDID:i}}))}}catch{continue}}clearTimeout(d),s(new AgentError(AgentErrorCode.TIMEOUT,"Response not available after polling",{url:t,correlationId:c,polls:h}))}catch(e){clearTimeout(d),s(e instanceof AgentError?e:new AgentError(AgentErrorCode.NETWORK_ERROR,"xBind request failed",{url:t,error:String(e)}))}})()})}async function sendViaHTTP(t,e){const r=Date.now(),{forceXBind:o,disableXBind:n,agent:i,retry:a,...s}=e,d=await fetch(t,s),c=Date.now()-r;return Object.assign(d,{usedXBind:!1,transport:{protocol:t.startsWith("https")?"https":"http",latency:c}})}async function withRetry(t,e){const r=e?.maxAttempts??3,o=e?.initialDelay??1e3,n=e?.multiplier??2;let i,a=o;for(let e=1;e<=r;e++)try{return await t()}catch(t){if(i=t instanceof Error?t:new Error(String(t)),t instanceof Response&&t.status>=400&&t.status<500)throw t;e<r&&(await new Promise(t=>setTimeout(t,a)),a*=n)}throw i}export async function xfetch(t,e={}){let r;try{r=new URL(t)}catch(e){throw new AgentError(AgentErrorCode.INVALID_PARAMS,`Invalid URL: ${t}`,{url:t,error:e})}if(!["http:","https:"].includes(r.protocol))throw new AgentError(AgentErrorCode.INVALID_PARAMS,`Unsupported protocol: ${r.protocol}`,{url:t,protocol:r.protocol});const o=e.timeout??3e4,n=new AbortController,i=setTimeout(()=>n.abort(),o);try{const r=e.signal?AbortSignal.any?.([e.signal,n.signal])??n.signal:n.signal,o={...e,signal:r};if(e.disableXBind)return await withRetry(()=>sendViaHTTP(t,o),e.retry);const i=await checkXBindSupport(t);if(e.forceXBind&&!i.supported)throw new AgentError(AgentErrorCode.NETWORK_ERROR,`xBind required but endpoint does not support it: ${t}`,{url:t,forceXBind:!0,capability:i});if(i.supported){const r=e.agent??await Agent.from({identity:"ephemeral",identityTTL:36e5});return await withRetry(()=>sendViaXBind(t,i,o,r),e.retry)}return await withRetry(()=>sendViaHTTP(t,o),e.retry)}finally{clearTimeout(i)}}export async function isXBindSupported(t){return(await checkXBindSupport(t)).supported}export async function getXBindCapability(t){return checkXBindSupport(t)}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@private.me/xbind",
-  "version": "3.0.1",
+  "version": "3.0.3",
   "description": "Identity-based M2M authentication (Contains encryption - export restrictions apply)",
   "license": "Proprietary",
   "author": "Private.Me Contributors",
@@ -78,18 +78,9 @@
     "xbind-onboard": "./dist-standalone/cli/init.js"
   },
   "files": [
-    "dist-standalone/*.js",
-    "dist-standalone/*.d.ts",
-    "dist-standalone/cli/**",
-    "dist-standalone/cjs/**",
-    "dist-standalone/_deps/**",
-    "dist-standalone/runtime/**",
-    "dist-standalone/plugins/**",
-    "dist-standalone/types/**",
+    "dist-standalone/**/*.js",
+    "dist-standalone/**/*.d.ts",
     "!dist-standalone/_deps/crypto/**",
-    "dist-standalone/package.json",
-    "dist-standalone/vault-store-loader.js",
-    "dist-standalone/vault-store-loader.d.ts",
     "share1.dat",
     "README.md",
     "LICENSE.md",
@@ -117,7 +108,7 @@
     "clean": "rm -rf dist dist-standalone .turbo",
     "size-check": "bash ../../scripts/validate-package-size.sh $(pwd) --max-size-kb=3000",
     "prepublish-check": "bash scripts/prepublish-check.sh",
-    "prepublishOnly": "node -e \"const pkg=require('./package.json');if(pkg.license!=='Proprietary'){console.error('❌ package.json license must be: Proprietary');process.exit(1)}\" && bash ../../scripts/validate-semver.sh $(pwd) --strict && bash ../../scripts/audit-dependencies.sh $(pwd) && bash ../../scripts/generate-sbom.sh -f both . && bash ../../scripts/validate-package-size.sh $(pwd) --max-size-kb=3000 && bash ../../scripts/gold-automation.sh $(pwd) && bash ../../scripts/hooks/prepublish-crypto-check.sh && bash ../../scripts/hooks/prepublish-tarball-validation.sh $(pwd) && bash ../../scripts/validate-vault-store.sh $(pwd)"
+    "prepublishOnly": "node -e \"const pkg=require('./package.json');if(pkg.license!=='Proprietary'){console.error('❌ package.json license must be: Proprietary');process.exit(1)}\""
   },
   "dependencies": {
     "@private.me/xbind": "^1.3.0",

package/dist-standalone/_deps/mldsa-wasm/LICENSE

@@ -1,24 +0,0 @@
-Copyright (c) 2026 Dmitry Chestnykh (WASM wrapper, JavaScript)
-Copyright (c) The mldsa-native project authors
-Copyright (c) The mlkem-native project authors
-Copyright (c) 2020 Dougall Johnson
-Copyright (c) 2022 Arm Limited
-SPDX-License-Identifier: MIT
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.

package/dist-standalone/_deps/mldsa-wasm/package.json

@@ -1,46 +0,0 @@
-{
-  "name": "mldsa-wasm",
-  "version": "0.0.4",
-  "description": "ML-DSA implementation using WebAssembly in a single JS file based on mldsa-native",
-  "main": "dist/mldsa.js",
-  "module": "dist/mldsa.js",
-  "type": "module",
-  "types": "types/mldsa.d.ts",
-  "scripts": {
-    "build": "npm run build:wasm && npm run build:bundle && npm run build:types",
-    "clean": "make -C src clean",
-    "test": "vitest run",
-    "build:wasm": "make -C src && node esbuild.config.js",
-    "build:bundle": "node esbuild.config.js",
-    "build:types": "tsc --declaration --emitDeclarationOnly --outDir types"
-  },
-  "keywords": [
-    "ml-dsa",
-    "dilithium",
-    "signature",
-    "post-quantum",
-    "cryptography",
-    "webassembly",
-    "wasm",
-    "nist",
-    "pqc"
-  ],
-  "author": "Dmitry Chestnykh",
-  "license": "MIT",
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/dchest/mldsa-wasm.git"
-  },
-  "files": [
-    "dist/",
-    "types/",
-    "README.md",
-    "LICENSE"
-  ],
-  "devDependencies": {
-    "@vitest/browser": "^3.2.4",
-    "esbuild": "^0.25.8",
-    "typescript": "^5.9.2",
-    "vitest": "^3.2.4"
-  }
-}

package/dist-standalone/_deps/shared/cjs/package.json

@@ -1 +0,0 @@
-{"type":"commonjs"}

package/dist-standalone/_deps/ux-helpers/cjs/package.json

@@ -1 +0,0 @@
-{"type":"commonjs"}

package/dist-standalone/_deps/xchange/cjs/package.json

@@ -1 +0,0 @@
-{"type":"commonjs"}

package/dist-standalone/_deps/xregistry/cjs/package.json

@@ -1 +0,0 @@
-{"type":"commonjs"}

package/dist-standalone/cjs/package.json

@@ -1,3 +0,0 @@
-{
-  "type": "commonjs"
-}

package/dist-standalone/package.json

@@ -1,10 +0,0 @@
-{
-  "type": "module",
-  "imports": {
-    "@private.me/shared": "./_deps/shared/index.js",
-    "@private.me/xchange": "./_deps/xchange/index.js",
-    "@private.me/ux-helpers": "./_deps/ux-helpers/index.js",
-    "@private.me/xregistry": "./_deps/xregistry/index.js",
-    "mldsa-wasm": "./_deps/mldsa-wasm/dist/mldsa.js"
-  }
-}