npm - @qnsp/tenant-sdk - Versions diffs - 0.3.1 → 0.3.2 - Mend

@qnsp/tenant-sdk 0.3.1 → 0.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

package/README.md +1 -1
package/dist/index.d.ts +379 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +251 -3
package/dist/index.js.map +1 -1
package/dist/sdk-package-version.d.ts +2 -0
package/dist/sdk-package-version.d.ts.map +1 -0
package/dist/sdk-package-version.js +6 -0
package/dist/sdk-package-version.js.map +1 -0
package/package.json +27 -13
package/.turbo/turbo-build.log +0 -4
package/src/index.test.ts +0 -237
package/src/index.ts +0 -1095
package/src/observability.ts +0 -152
package/src/validation.ts +0 -21
package/tsconfig.build.json +0 -10
package/tsconfig.json +0 -10
package/tsconfig.tsbuildinfo +0 -1
package/vitest.config.ts +0 -9

package/src/index.test.ts DELETED Viewed

@@ -1,237 +0,0 @@
-import { clearActivationCache } from "@qnsp/sdk-activation";
-import { beforeEach, describe, expect, it, vi } from "vitest";
-import { TenantClient } from "./index.js";
-describe("TenantClient Security Tests", () => {
-	const mockFetch = vi.fn();
-	global.fetch = mockFetch;
-	beforeEach(() => {
-		clearActivationCache();
-		vi.clearAllMocks();
-	});
-	describe("HTTPS Enforcement", () => {
-		it("should reject HTTP URLs in production", () => {
-			const originalEnv = process.env["NODE_ENV"];
-			process.env["NODE_ENV"] = "production";
-			expect(() => {
-				new TenantClient({
-					baseUrl: "http://example.com",
-					apiKey: "test-api-key",
-				});
-			}).toThrow("baseUrl must use HTTPS in production");
-			process.env["NODE_ENV"] = originalEnv;
-		});
-		it("should allow HTTP localhost in development", () => {
-			const originalEnv = process.env["NODE_ENV"];
-			process.env["NODE_ENV"] = "development";
-			expect(() => {
-				new TenantClient({
-					baseUrl: "http://localhost:3000",
-					apiKey: "test-api-key",
-				});
-			}).not.toThrow();
-			process.env["NODE_ENV"] = originalEnv;
-		});
-	});
-	describe("Input Validation", () => {
-		const client = new TenantClient({
-			baseUrl: "https://api.example.com",
-			apiKey: "test-api-key",
-		});
-		it("should reject invalid UUIDs", async () => {
-			await expect(client.getTenant("not-a-uuid")).rejects.toThrow("Invalid id");
-		});
-		it("should reject SQL injection in tenantId", async () => {
-			await expect(client.getTenant("'; DROP TABLE tenants; --")).rejects.toThrow("Invalid id");
-		});
-		it("should reject path traversal in tenantId", async () => {
-			await expect(client.getTenant("../../etc/passwd")).rejects.toThrow("Invalid id");
-		});
-		it("should reject XSS attempts in tenantId", async () => {
-			await expect(client.getTenant("<script>alert('xss')</script>")).rejects.toThrow("Invalid id");
-		});
-	});
-	describe("Error Message Sanitization", () => {
-		const client = new TenantClient({
-			baseUrl: "https://api.example.com",
-			apiKey: "test-api-key",
-		});
-		it("should not expose sensitive data in error messages", async () => {
-			// activation mock (first network call per client instance)
-			mockFetch.mockResolvedValueOnce({
-				ok: true,
-				status: 200,
-				headers: new Headers(),
-				json: async () => ({
-					activated: true,
-					tenantId: "a1b2c3d4-e5f6-4789-8abc-def012345678",
-					tier: "dev-pro",
-					activationToken: "tok_test",
-					expiresInSeconds: 3600,
-					activatedAt: new Date().toISOString(),
-					limits: {
-						storageGB: 50,
-						apiCalls: 100_000,
-						enclavesEnabled: false,
-						aiTrainingEnabled: false,
-						aiInferenceEnabled: true,
-						sseEnabled: true,
-						vaultEnabled: true,
-					},
-				}),
-			});
-			mockFetch.mockResolvedValueOnce({
-				ok: false,
-				status: 500,
-				statusText: "Internal Server Error",
-				headers: new Headers(),
-				text: async () =>
-					JSON.stringify({
-						error: "Database connection failed",
-						stack: "at TenantService.getTenant()",
-						apiKey: "api_key_example_123",
-						password: "secret123",
-					}),
-			});
-			// second call in the IIFE below — activationPromise already resolved
-			mockFetch.mockResolvedValueOnce({
-				ok: false,
-				status: 500,
-				statusText: "Internal Server Error",
-				headers: new Headers(),
-				text: async () =>
-					JSON.stringify({
-						error: "Database connection failed",
-						stack: "at TenantService.getTenant()",
-						apiKey: "api_key_example_123",
-						password: "secret123",
-					}),
-			});
-			await expect(client.getTenant("123e4567-e89b-12d3-a456-426614174000")).rejects.toThrow(
-				"Tenant API error: 500 Internal Server Error",
-			);
-			const errorMessage = await (async () => {
-				try {
-					await client.getTenant("123e4567-e89b-12d3-a456-426614174000");
-					return "";
-				} catch (error) {
-					return error instanceof Error ? error.message : String(error);
-				}
-			})();
-			expect(errorMessage).not.toContain("api_key_example_123");
-			expect(errorMessage).not.toContain("secret123");
-			expect(errorMessage).not.toContain("Database connection failed");
-			expect(errorMessage).not.toContain("stack");
-		});
-	});
-	describe("Rate Limiting", () => {
-		const client = new TenantClient({
-			baseUrl: "https://api.example.com",
-			apiKey: "test-api-key",
-			maxRetries: 2,
-			retryDelayMs: 10,
-		});
-		it("should retry on 429 with Retry-After header", async () => {
-			// activation mock consumed before mockImplementation kicks in
-			mockFetch.mockResolvedValueOnce({
-				ok: true,
-				status: 200,
-				headers: new Headers(),
-				json: async () => ({
-					activated: true,
-					tenantId: "a1b2c3d4-e5f6-4789-8abc-def012345678",
-					tier: "dev-pro",
-					activationToken: "tok_test",
-					expiresInSeconds: 3600,
-					activatedAt: new Date().toISOString(),
-					limits: {
-						storageGB: 50,
-						apiCalls: 100_000,
-						enclavesEnabled: false,
-						aiTrainingEnabled: false,
-						aiInferenceEnabled: true,
-						sseEnabled: true,
-						vaultEnabled: true,
-					},
-				}),
-			});
-			let attemptCount = 0;
-			mockFetch.mockImplementation(async () => {
-				attemptCount++;
-				if (attemptCount === 1) {
-					return {
-						ok: false,
-						status: 429,
-						statusText: "Too Many Requests",
-						headers: new Headers({ "Retry-After": "1" }),
-						text: async () => "",
-					};
-				}
-				return {
-					ok: true,
-					status: 200,
-					headers: new Headers(),
-					json: async () => ({
-						id: "123e4567-e89b-12d3-a456-426614174000",
-						name: "test-tenant",
-						slug: "test-tenant",
-						status: "active",
-						plan: "basic",
-						region: "us-east-1",
-						complianceTags: [],
-						metadata: {},
-						security: {
-							controlPlaneTokenSha256: null,
-							pqcSignatures: [],
-							hardwareProvider: null,
-							attestationStatus: null,
-							attestationProof: null,
-						},
-						domains: [],
-						createdAt: "2024-01-01T00:00:00Z",
-						updatedAt: "2024-01-01T00:00:00Z",
-					}),
-				};
-			});
-			const result = await client.getTenant("123e4567-e89b-12d3-a456-426614174000");
-			expect(result.id).toBe("123e4567-e89b-12d3-a456-426614174000");
-			expect(attemptCount).toBe(2);
-		});
-		it("should fail after max retries", async () => {
-			mockFetch.mockResolvedValue({
-				ok: false,
-				status: 429,
-				statusText: "Too Many Requests",
-				headers: new Headers(),
-				text: async () => "",
-			});
-			await expect(client.getTenant("123e4567-e89b-12d3-a456-426614174000")).rejects.toThrow(
-				"Rate limit exceeded after 2 retries",
-			);
-		});
-	});
-});