@react-vault/core 0.1.0

package/dist/pii/index.d.ts

@@ -0,0 +1,10 @@
+/**
+ * PII masking utilities. All functions take a value and return a masked string.
+ *
+ * Convention: masking happens at the display layer, NOT at storage. Always store
+ * the full value (encrypted via secureStorage) and mask only for render.
+ */
+export * from './maskers.js';
+export * from './validators.js';
+export * from './patterns.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/pii/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/pii/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,cAAc,cAAc,CAAC;AAC7B,cAAc,iBAAiB,CAAC;AAChC,cAAc,eAAe,CAAC"}

package/dist/pii/index.js

@@ -0,0 +1,10 @@
+/**
+ * PII masking utilities. All functions take a value and return a masked string.
+ *
+ * Convention: masking happens at the display layer, NOT at storage. Always store
+ * the full value (encrypted via secureStorage) and mask only for render.
+ */
+export * from './maskers.js';
+export * from './validators.js';
+export * from './patterns.js';
+//# sourceMappingURL=index.js.map

package/dist/pii/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/pii/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,cAAc,cAAc,CAAC;AAC7B,cAAc,iBAAiB,CAAC;AAChC,cAAc,eAAe,CAAC"}

package/dist/pii/maskers.d.ts

@@ -0,0 +1,63 @@
+/**
+ * PII maskers.
+ *
+ * Each masker takes a value (possibly null/undefined) and returns a string safe
+ * for display. Maskers are PURE — same input always produces same output.
+ *
+ * For interactive click-to-reveal, use the UI component <PIIMaskedDisplay>
+ * from @react-vault/ui, which uses these maskers internally.
+ */
+/**
+ * Mask a PAN. `ABCDE1234F` → `ABCDE****F`.
+ * Returns the input unchanged if it doesn't match PAN shape (defensive).
+ */
+export declare function maskPan(value: string | null | undefined): string;
+/**
+ * Mask an Aadhaar. `123456789012` → `XXXX XXXX 9012`.
+ */
+export declare function maskAadhaar(value: string | null | undefined): string;
+/**
+ * Mask an account number. Shows last 4 digits, masks the rest.
+ * `123456789012345` → `***********2345`.
+ */
+export declare function maskAccountNumber(value: string | null | undefined): string;
+/**
+ * Mask a card number. Shows last 4 digits in PCI-DSS-friendly format.
+ * `4111111111111234` → `**** **** **** 1234`.
+ */
+export declare function maskCardLast4(value: string | null | undefined): string;
+/**
+ * Mask an Indian mobile number. `+91 9876543210` or `9876543210` → `+91 ******3210`.
+ */
+export declare function maskMobile(value: string | null | undefined): string;
+/**
+ * Mask an email. `john.doe@example.com` → `j***@example.com`.
+ * If the local part is single-char, masks to `*@domain.com`.
+ */
+export declare function maskEmail(value: string | null | undefined): string;
+/**
+ * Mask a name to show initials only. `John Smith Doe` → `J. S. D.`.
+ */
+export declare function maskName(value: string | null | undefined): string;
+/**
+ * Mask an address. Shows first line + city; masks the rest.
+ * Useful when display needs *some* address context (locality) but not full.
+ */
+export declare function maskAddress(value: string | null | undefined): string;
+/**
+ * Mask a date of birth — show age range instead of date.
+ * Returns `25-30 yrs` style bucket. Useful for "I need to know roughly,
+ * but not exact DOB".
+ */
+export declare function maskDobAsAgeRange(value: string | Date | null | undefined): string;
+/**
+ * Mask a generic string. Replaces all but first and last char with `*`.
+ * Fallback when no specialised masker fits.
+ */
+export declare function maskGeneric(value: string | null | undefined): string;
+/**
+ * Convenience dispatcher. Pick a masker by name.
+ */
+export type MaskerType = 'pan' | 'aadhaar' | 'account_number' | 'card_last4' | 'mobile' | 'email' | 'name' | 'address' | 'dob' | 'generic';
+export declare function mask(type: MaskerType, value: string | null | undefined): string;
+//# sourceMappingURL=maskers.d.ts.map

package/dist/pii/maskers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"maskers.d.ts","sourceRoot":"","sources":["../../src/pii/maskers.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH;;;GAGG;AACH,wBAAgB,OAAO,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,CAQhE;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,CASpE;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,CAS1E;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,CAStE;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,CASnE;AAED;;;GAGG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,CAclE;AAED;;GAEG;AACH,wBAAgB,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,CASjE;AAED;;;GAGG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,CAgBpE;AAED;;;;GAIG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,CAYjF;AAED;;;GAGG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,CAQpE;AAED;;GAEG;AACH,MAAM,MAAM,UAAU,GAClB,KAAK,GACL,SAAS,GACT,gBAAgB,GAChB,YAAY,GACZ,QAAQ,GACR,OAAO,GACP,MAAM,GACN,SAAS,GACT,KAAK,GACL,SAAS,CAAC;AAEd,wBAAgB,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,CAwB/E"}

package/dist/pii/maskers.js

@@ -0,0 +1,186 @@
+/**
+ * PII maskers.
+ *
+ * Each masker takes a value (possibly null/undefined) and returns a string safe
+ * for display. Maskers are PURE — same input always produces same output.
+ *
+ * For interactive click-to-reveal, use the UI component <PIIMaskedDisplay>
+ * from @react-vault/ui, which uses these maskers internally.
+ */
+/**
+ * Mask a PAN. `ABCDE1234F` → `ABCDE****F`.
+ * Returns the input unchanged if it doesn't match PAN shape (defensive).
+ */
+export function maskPan(value) {
+    if (!value) {
+        return '';
+    }
+    if (value.length !== 10) {
+        return value;
+    }
+    return `${value.slice(0, 5)}****${value.slice(9, 10)}`;
+}
+/**
+ * Mask an Aadhaar. `123456789012` → `XXXX XXXX 9012`.
+ */
+export function maskAadhaar(value) {
+    if (!value) {
+        return '';
+    }
+    const digits = value.replace(/\D/g, '');
+    if (digits.length !== 12) {
+        return value;
+    }
+    return `XXXX XXXX ${digits.slice(-4)}`;
+}
+/**
+ * Mask an account number. Shows last 4 digits, masks the rest.
+ * `123456789012345` → `***********2345`.
+ */
+export function maskAccountNumber(value) {
+    if (!value) {
+        return '';
+    }
+    const digits = value.replace(/\D/g, '');
+    if (digits.length < 5) {
+        return value;
+    }
+    return `${'*'.repeat(digits.length - 4)}${digits.slice(-4)}`;
+}
+/**
+ * Mask a card number. Shows last 4 digits in PCI-DSS-friendly format.
+ * `4111111111111234` → `**** **** **** 1234`.
+ */
+export function maskCardLast4(value) {
+    if (!value) {
+        return '';
+    }
+    const digits = value.replace(/\D/g, '');
+    if (digits.length < 4) {
+        return value;
+    }
+    return `**** **** **** ${digits.slice(-4)}`;
+}
+/**
+ * Mask an Indian mobile number. `+91 9876543210` or `9876543210` → `+91 ******3210`.
+ */
+export function maskMobile(value) {
+    if (!value) {
+        return '';
+    }
+    const digits = value.replace(/\D/g, '');
+    if (digits.length < 4) {
+        return value;
+    }
+    return `+91 ******${digits.slice(-4)}`;
+}
+/**
+ * Mask an email. `john.doe@example.com` → `j***@example.com`.
+ * If the local part is single-char, masks to `*@domain.com`.
+ */
+export function maskEmail(value) {
+    if (!value) {
+        return '';
+    }
+    const at = value.indexOf('@');
+    if (at < 1) {
+        return value;
+    }
+    const local = value.slice(0, at);
+    const domain = value.slice(at);
+    if (local.length === 1) {
+        return `*${domain}`;
+    }
+    return `${local[0]}***${domain}`;
+}
+/**
+ * Mask a name to show initials only. `John Smith Doe` → `J. S. D.`.
+ */
+export function maskName(value) {
+    if (!value) {
+        return '';
+    }
+    return value
+        .trim()
+        .split(/\s+/)
+        .map((part) => `${(part[0] ?? '').toUpperCase()}.`)
+        .join(' ');
+}
+/**
+ * Mask an address. Shows first line + city; masks the rest.
+ * Useful when display needs *some* address context (locality) but not full.
+ */
+export function maskAddress(value) {
+    if (!value) {
+        return '';
+    }
+    const lines = value
+        .split(/[,\n]/)
+        .map((l) => l.trim())
+        .filter(Boolean);
+    if (lines.length === 0) {
+        return '';
+    }
+    if (lines.length === 1) {
+        return `${lines[0]}…`;
+    }
+    const first = lines[0];
+    return `${first}, …`;
+}
+/**
+ * Mask a date of birth — show age range instead of date.
+ * Returns `25-30 yrs` style bucket. Useful for "I need to know roughly,
+ * but not exact DOB".
+ */
+export function maskDobAsAgeRange(value) {
+    if (!value) {
+        return '';
+    }
+    const dob = value instanceof Date ? value : new Date(value);
+    if (Number.isNaN(dob.getTime())) {
+        return '';
+    }
+    const age = Math.floor((Date.now() - dob.getTime()) / (365.25 * 24 * 60 * 60 * 1000));
+    const bucketLo = Math.floor(age / 5) * 5;
+    const bucketHi = bucketLo + 4;
+    return `${bucketLo}-${bucketHi} yrs`;
+}
+/**
+ * Mask a generic string. Replaces all but first and last char with `*`.
+ * Fallback when no specialised masker fits.
+ */
+export function maskGeneric(value) {
+    if (!value) {
+        return '';
+    }
+    if (value.length <= 2) {
+        return '*'.repeat(value.length);
+    }
+    return `${value[0]}${'*'.repeat(value.length - 2)}${value[value.length - 1]}`;
+}
+export function mask(type, value) {
+    switch (type) {
+        case 'pan':
+            return maskPan(value);
+        case 'aadhaar':
+            return maskAadhaar(value);
+        case 'account_number':
+            return maskAccountNumber(value);
+        case 'card_last4':
+            return maskCardLast4(value);
+        case 'mobile':
+            return maskMobile(value);
+        case 'email':
+            return maskEmail(value);
+        case 'name':
+            return maskName(value);
+        case 'address':
+            return maskAddress(value);
+        case 'dob':
+            return maskDobAsAgeRange(value);
+        case 'generic':
+        default:
+            return maskGeneric(value);
+    }
+}
+//# sourceMappingURL=maskers.js.map

package/dist/pii/maskers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"maskers.js","sourceRoot":"","sources":["../../src/pii/maskers.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH;;;GAGG;AACH,MAAM,UAAU,OAAO,CAAC,KAAgC;IACtD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,IAAI,KAAK,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACxB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;AACzD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,KAAgC;IAC1D,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACxC,IAAI,MAAM,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,aAAa,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AACzC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,KAAgC;IAChE,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACxC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AAC/D,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,KAAgC;IAC5D,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACxC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,kBAAkB,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,KAAgC;IACzD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACxC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,aAAa,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AACzC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,SAAS,CAAC,KAAgC;IACxD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC9B,IAAI,EAAE,GAAG,CAAC,EAAE,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACjC,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,IAAI,MAAM,EAAE,CAAC;IACtB,CAAC;IACD,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,MAAM,MAAM,EAAE,CAAC;AACnC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,QAAQ,CAAC,KAAgC;IACvD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO,KAAK;SACT,IAAI,EAAE;SACN,KAAK,CAAC,KAAK,CAAC;SACZ,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,GAAG,CAAC;SAClD,IAAI,CAAC,GAAG,CAAC,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAC,KAAgC;IAC1D,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,KAAK,GAAG,KAAK;SAChB,KAAK,CAAC,OAAO,CAAC;SACd,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,OAAO,CAAC,CAAC;IACnB,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC;IACxB,CAAC;IACD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;IACxB,OAAO,GAAG,KAAK,KAAK,CAAC;AACvB,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,iBAAiB,CAAC,KAAuC;IACvE,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,GAAG,GAAG,KAAK,YAAY,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5D,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC;QAChC,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,MAAM,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC;IACtF,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACzC,MAAM,QAAQ,GAAG,QAAQ,GAAG,CAAC,CAAC;IAC9B,OAAO,GAAG,QAAQ,IAAI,QAAQ,MAAM,CAAC;AACvC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAC,KAAgC;IAC1D,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACtB,OAAO,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAClC,CAAC;IACD,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,CAAC;AAChF,CAAC;AAiBD,MAAM,UAAU,IAAI,CAAC,IAAgB,EAAE,KAAgC;IACrE,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,KAAK;YACR,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC;QACxB,KAAK,SAAS;YACZ,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC;QAC5B,KAAK,gBAAgB;YACnB,OAAO,iBAAiB,CAAC,KAAK,CAAC,CAAC;QAClC,KAAK,YAAY;YACf,OAAO,aAAa,CAAC,KAAK,CAAC,CAAC;QAC9B,KAAK,QAAQ;YACX,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC;QAC3B,KAAK,OAAO;YACV,OAAO,SAAS,CAAC,KAAK,CAAC,CAAC;QAC1B,KAAK,MAAM;YACT,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC;QACzB,KAAK,SAAS;YACZ,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC;QAC5B,KAAK,KAAK;YACR,OAAO,iBAAiB,CAAC,KAAK,CAAC,CAAC;QAClC,KAAK,SAAS,CAAC;QACf;YACE,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC;IAC9B,CAAC;AACH,CAAC"}

package/dist/pii/patterns.d.ts

@@ -0,0 +1,20 @@
+/**
+ * PII regex patterns. Mirror of packages/claude-toolkit/skills/bfsi-form/references/validation-regex.md.
+ * Keep this file as the single source of truth — Zod schemas import from here.
+ */
+export declare const PII_PATTERNS: {
+    readonly pan: RegExp;
+    readonly aadhaar: RegExp;
+    readonly mobileIndia: RegExp;
+    readonly email: RegExp;
+    readonly pincodeIndia: RegExp;
+    readonly accountNumber: RegExp;
+    readonly ifsc: RegExp;
+    readonly micr: RegExp;
+    readonly upiVpa: RegExp;
+    readonly swiftBic: RegExp;
+    readonly gstin: RegExp;
+    readonly passportIndia: RegExp;
+};
+export type PiiPatternKey = keyof typeof PII_PATTERNS;
+//# sourceMappingURL=patterns.d.ts.map

package/dist/pii/patterns.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../src/pii/patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,eAAO,MAAM,YAAY;;;;;;;;;;;;;CAaf,CAAC;AAEX,MAAM,MAAM,aAAa,GAAG,MAAM,OAAO,YAAY,CAAC"}

package/dist/pii/patterns.js

@@ -0,0 +1,19 @@
+/**
+ * PII regex patterns. Mirror of packages/claude-toolkit/skills/bfsi-form/references/validation-regex.md.
+ * Keep this file as the single source of truth — Zod schemas import from here.
+ */
+export const PII_PATTERNS = {
+    pan: /^[A-Z]{5}[0-9]{4}[A-Z]$/,
+    aadhaar: /^\d{12}$/,
+    mobileIndia: /^[6-9]\d{9}$/,
+    email: /^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}$/,
+    pincodeIndia: /^\d{6}$/,
+    accountNumber: /^\d{9,18}$/,
+    ifsc: /^[A-Z]{4}0[A-Z0-9]{6}$/,
+    micr: /^\d{9}$/,
+    upiVpa: /^[a-zA-Z0-9.\-_]{2,256}@[a-zA-Z]{2,64}$/,
+    swiftBic: /^[A-Z]{4}[A-Z]{2}[A-Z0-9]{2}([A-Z0-9]{3})?$/,
+    gstin: /^\d{2}[A-Z]{5}\d{4}[A-Z][A-Z\d][Z][A-Z\d]$/,
+    passportIndia: /^[A-Z][0-9]{7}$/,
+};
+//# sourceMappingURL=patterns.js.map

package/dist/pii/patterns.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../src/pii/patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,GAAG,EAAE,yBAAyB;IAC9B,OAAO,EAAE,UAAU;IACnB,WAAW,EAAE,cAAc;IAC3B,KAAK,EAAE,kDAAkD;IACzD,YAAY,EAAE,SAAS;IACvB,aAAa,EAAE,YAAY;IAC3B,IAAI,EAAE,wBAAwB;IAC9B,IAAI,EAAE,SAAS;IACf,MAAM,EAAE,yCAAyC;IACjD,QAAQ,EAAE,6CAA6C;IACvD,KAAK,EAAE,4CAA4C;IACnD,aAAa,EAAE,iBAAiB;CACxB,CAAC"}

package/dist/pii/validators.d.ts

@@ -0,0 +1,10 @@
+export declare function aadhaarVerhoeff(value: string): boolean;
+export declare function isValidPan(value: string): boolean;
+export declare function isValidAadhaar(value: string): boolean;
+export declare function isValidIndianMobile(value: string): boolean;
+export declare function isValidIfsc(value: string): boolean;
+export declare function isValidAccountNumber(value: string): boolean;
+export declare function isValidEmail(value: string): boolean;
+export declare function isValidUpiVpa(value: string): boolean;
+export declare function isValidGstin(value: string): boolean;
+//# sourceMappingURL=validators.d.ts.map

package/dist/pii/validators.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validators.d.ts","sourceRoot":"","sources":["../../src/pii/validators.ts"],"names":[],"mappings":"AAiCA,wBAAgB,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAStD;AAED,wBAAgB,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAEjD;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAErD;AAED,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAE1D;AAED,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAElD;AAED,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAE3D;AAED,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAEnD;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAEpD;AAED,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAEnD"}

package/dist/pii/validators.js

@@ -0,0 +1,66 @@
+/**
+ * PII validators. Used by Zod schemas (via `.refine()`) and standalone.
+ */
+import { PII_PATTERNS } from './patterns.js';
+/**
+ * Verhoeff checksum verification for Aadhaar.
+ * Aadhaar's 12th digit is a Verhoeff check digit.
+ */
+const VERHOEFF_D = [
+    [0, 1, 2, 3, 4, 5, 6, 7, 8, 9],
+    [1, 2, 3, 4, 0, 6, 7, 8, 9, 5],
+    [2, 3, 4, 0, 1, 7, 8, 9, 5, 6],
+    [3, 4, 0, 1, 2, 8, 9, 5, 6, 7],
+    [4, 0, 1, 2, 3, 9, 5, 6, 7, 8],
+    [5, 9, 8, 7, 6, 0, 4, 3, 2, 1],
+    [6, 5, 9, 8, 7, 1, 0, 4, 3, 2],
+    [7, 6, 5, 9, 8, 2, 1, 0, 4, 3],
+    [8, 7, 6, 5, 9, 3, 2, 1, 0, 4],
+    [9, 8, 7, 6, 5, 4, 3, 2, 1, 0],
+];
+const VERHOEFF_P = [
+    [0, 1, 2, 3, 4, 5, 6, 7, 8, 9],
+    [1, 5, 7, 6, 2, 8, 3, 0, 9, 4],
+    [5, 8, 0, 3, 7, 9, 6, 1, 4, 2],
+    [8, 9, 1, 6, 0, 4, 3, 5, 2, 7],
+    [9, 4, 5, 3, 1, 2, 6, 8, 7, 0],
+    [4, 2, 8, 6, 5, 7, 3, 9, 0, 1],
+    [2, 7, 9, 3, 8, 0, 6, 4, 1, 5],
+    [7, 0, 4, 6, 9, 1, 3, 2, 5, 8],
+];
+export function aadhaarVerhoeff(value) {
+    if (!PII_PATTERNS.aadhaar.test(value))
+        return false;
+    let c = 0;
+    const reversed = value.split('').reverse().map(Number);
+    for (let i = 0; i < reversed.length; i++) {
+        const digit = reversed[i];
+        c = VERHOEFF_D[c][VERHOEFF_P[i % 8][digit]];
+    }
+    return c === 0;
+}
+export function isValidPan(value) {
+    return PII_PATTERNS.pan.test(value);
+}
+export function isValidAadhaar(value) {
+    return PII_PATTERNS.aadhaar.test(value) && aadhaarVerhoeff(value);
+}
+export function isValidIndianMobile(value) {
+    return PII_PATTERNS.mobileIndia.test(value);
+}
+export function isValidIfsc(value) {
+    return PII_PATTERNS.ifsc.test(value);
+}
+export function isValidAccountNumber(value) {
+    return PII_PATTERNS.accountNumber.test(value);
+}
+export function isValidEmail(value) {
+    return PII_PATTERNS.email.test(value);
+}
+export function isValidUpiVpa(value) {
+    return PII_PATTERNS.upiVpa.test(value);
+}
+export function isValidGstin(value) {
+    return PII_PATTERNS.gstin.test(value);
+}
+//# sourceMappingURL=validators.js.map

package/dist/pii/validators.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"validators.js","sourceRoot":"","sources":["../../src/pii/validators.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAE7C;;;GAGG;AACH,MAAM,UAAU,GAAG;IACjB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;CAC/B,CAAC;AAEF,MAAM,UAAU,GAAG;IACjB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;CAC/B,CAAC;AAEF,MAAM,UAAU,eAAe,CAAC,KAAa;IAC3C,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACpD,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACvD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,KAAK,GAAG,QAAQ,CAAC,CAAC,CAAE,CAAC;QAC3B,CAAC,GAAG,UAAU,CAAC,CAAC,CAAE,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,CAAE,CAAC,KAAK,CAAE,CAAE,CAAC;IAClD,CAAC;IACD,OAAO,CAAC,KAAK,CAAC,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,KAAa;IACtC,OAAO,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AACtC,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,KAAa;IAC1C,OAAO,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,eAAe,CAAC,KAAK,CAAC,CAAC;AACpE,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,KAAa;IAC/C,OAAO,YAAY,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC9C,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,KAAa;IACvC,OAAO,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,KAAa;IAChD,OAAO,YAAY,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAChD,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,KAAa;IACxC,OAAO,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AACxC,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,OAAO,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AACzC,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,KAAa;IACxC,OAAO,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AACxC,CAAC"}

package/dist/storage/index.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Tiered, policy-driven storage. Defaults to memory-only.
+ *
+ * Sensitivity levels:
+ *   - `transient`  — memory only, cleared on tab close
+ *   - `session`    — sessionStorage (per-tab, cleared on close)
+ *   - `persistent` — encrypted IndexedDB (survives close)
+ *
+ * Never use raw localStorage. The BFSI principle: PII never sits in
+ * a place readable by `document.cookie` or `localStorage.getItem`.
+ */
+export * from './secureStorage.js';
+export * from './types.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/storage/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/storage/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,cAAc,oBAAoB,CAAC;AACnC,cAAc,YAAY,CAAC"}

package/dist/storage/index.js

@@ -0,0 +1,14 @@
+/**
+ * Tiered, policy-driven storage. Defaults to memory-only.
+ *
+ * Sensitivity levels:
+ *   - `transient`  — memory only, cleared on tab close
+ *   - `session`    — sessionStorage (per-tab, cleared on close)
+ *   - `persistent` — encrypted IndexedDB (survives close)
+ *
+ * Never use raw localStorage. The BFSI principle: PII never sits in
+ * a place readable by `document.cookie` or `localStorage.getItem`.
+ */
+export * from './secureStorage.js';
+export * from './types.js';
+//# sourceMappingURL=index.js.map

package/dist/storage/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/storage/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,cAAc,oBAAoB,CAAC;AACnC,cAAc,YAAY,CAAC"}

package/dist/storage/secureStorage.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Secure storage abstraction. In-memory by default; sessionStorage on opt-in;
+ * encrypted IndexedDB for persistent needs.
+ *
+ * v0.1: in-memory + sessionStorage tiers implemented. Persistent (encrypted IDB)
+ * is stubbed and throws — implement in a follow-up.
+ */
+import type { Sensitivity, SecureStorageOptions } from './types.js';
+/**
+ * Put a value into secure storage.
+ */
+export declare function put<T>(key: string, value: T, opts?: SecureStorageOptions): void;
+/**
+ * Get a value. Returns null if absent or expired.
+ */
+export declare function get<T>(key: string, opts?: {
+    sensitivity?: Sensitivity;
+}): T | null;
+export declare function del(key: string, opts?: {
+    sensitivity?: Sensitivity;
+}): void;
+/**
+ * Clear ALL stored values in the given tier. For logout flows.
+ */
+export declare function clearAll(opts?: {
+    sensitivity?: Sensitivity;
+}): void;
+//# sourceMappingURL=secureStorage.d.ts.map

package/dist/storage/secureStorage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"secureStorage.d.ts","sourceRoot":"","sources":["../../src/storage/secureStorage.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,OAAO,KAAK,EAAE,WAAW,EAAE,oBAAoB,EAAiB,MAAM,YAAY,CAAC;AA8EnF;;GAEG;AACH,wBAAgB,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,GAAE,oBAAyB,GAAG,IAAI,CAcnF;AAED;;GAEG;AACH,wBAAgB,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,GAAE;IAAE,WAAW,CAAC,EAAE,WAAW,CAAA;CAAO,GAAG,CAAC,GAAG,IAAI,CAYtF;AAED,wBAAgB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,GAAE;IAAE,WAAW,CAAC,EAAE,WAAW,CAAA;CAAO,GAAG,IAAI,CAc/E;AAED;;GAEG;AACH,wBAAgB,QAAQ,CAAC,IAAI,GAAE;IAAE,WAAW,CAAC,EAAE,WAAW,CAAA;CAAO,GAAG,IAAI,CAoBvE"}

package/dist/storage/secureStorage.js

@@ -0,0 +1,140 @@
+const PREFIX = 'bfsi:';
+const memoryStore = new Map();
+function nowMs() {
+    return Date.now();
+}
+function buildRecord(value, ttlMs) {
+    const storedAt = nowMs();
+    return {
+        value,
+        storedAt,
+        expiresAt: ttlMs ? storedAt + ttlMs : undefined,
+    };
+}
+function isExpired(rec) {
+    return rec.expiresAt !== undefined && rec.expiresAt < nowMs();
+}
+function memPut(key, value, ttlMs) {
+    memoryStore.set(key, buildRecord(value, ttlMs));
+}
+function memGet(key) {
+    const rec = memoryStore.get(key);
+    if (!rec)
+        return null;
+    if (isExpired(rec)) {
+        memoryStore.delete(key);
+        return null;
+    }
+    return rec.value;
+}
+function memDel(key) {
+    memoryStore.delete(key);
+}
+function sessionPut(key, value, ttlMs) {
+    if (typeof sessionStorage === 'undefined') {
+        memPut(key, value, ttlMs);
+        return;
+    }
+    try {
+        sessionStorage.setItem(PREFIX + key, JSON.stringify(buildRecord(value, ttlMs)));
+    }
+    catch {
+        // Quota or privacy mode — fall back to memory
+        memPut(key, value, ttlMs);
+    }
+}
+function sessionGet(key) {
+    if (typeof sessionStorage === 'undefined')
+        return memGet(key);
+    try {
+        const raw = sessionStorage.getItem(PREFIX + key);
+        if (!raw)
+            return null;
+        const rec = JSON.parse(raw);
+        if (isExpired(rec)) {
+            sessionStorage.removeItem(PREFIX + key);
+            return null;
+        }
+        return rec.value;
+    }
+    catch {
+        return null;
+    }
+}
+function sessionDel(key) {
+    if (typeof sessionStorage === 'undefined') {
+        memDel(key);
+        return;
+    }
+    sessionStorage.removeItem(PREFIX + key);
+}
+/**
+ * Put a value into secure storage.
+ */
+export function put(key, value, opts = {}) {
+    const sensitivity = opts.sensitivity ?? 'transient';
+    switch (sensitivity) {
+        case 'transient':
+            memPut(key, value, opts.ttlMs);
+            return;
+        case 'session':
+            sessionPut(key, value, opts.ttlMs);
+            return;
+        case 'persistent':
+            throw new Error('persistent storage requires encrypted-IndexedDB adapter — not implemented in v0.1');
+    }
+}
+/**
+ * Get a value. Returns null if absent or expired.
+ */
+export function get(key, opts = {}) {
+    const sensitivity = opts.sensitivity ?? 'transient';
+    switch (sensitivity) {
+        case 'transient':
+            return memGet(key);
+        case 'session':
+            return sessionGet(key);
+        case 'persistent':
+            throw new Error('persistent storage requires encrypted-IndexedDB adapter — not implemented in v0.1');
+    }
+}
+export function del(key, opts = {}) {
+    const sensitivity = opts.sensitivity ?? 'transient';
+    switch (sensitivity) {
+        case 'transient':
+            memDel(key);
+            return;
+        case 'session':
+            sessionDel(key);
+            return;
+        case 'persistent':
+            throw new Error('persistent storage requires encrypted-IndexedDB adapter — not implemented in v0.1');
+    }
+}
+/**
+ * Clear ALL stored values in the given tier. For logout flows.
+ */
+export function clearAll(opts = {}) {
+    const sensitivity = opts.sensitivity ?? 'transient';
+    if (sensitivity === 'transient') {
+        memoryStore.clear();
+        return;
+    }
+    if (sensitivity === 'session') {
+        if (typeof sessionStorage === 'undefined') {
+            memoryStore.clear();
+            return;
+        }
+        const toRemove = [];
+        for (let i = 0; i < sessionStorage.length; i++) {
+            const k = sessionStorage.key(i);
+            if (k?.startsWith(PREFIX))
+                toRemove.push(k);
+        }
+        for (const k of toRemove)
+            sessionStorage.removeItem(k);
+        return;
+    }
+    throw new Error('persistent storage requires encrypted-IndexedDB adapter — not implemented in v0.1');
+}
+//# sourceMappingURL=secureStorage.js.map

package/dist/storage/secureStorage.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"secureStorage.js","sourceRoot":"","sources":["../../src/storage/secureStorage.ts"],"names":[],"mappings":"AASA,MAAM,MAAM,GAAG,OAAO,CAAC;AAEvB,MAAM,WAAW,GAAG,IAAI,GAAG,EAAkC,CAAC;AAE9D,SAAS,KAAK;IACZ,OAAO,IAAI,CAAC,GAAG,EAAE,CAAC;AACpB,CAAC;AAED,SAAS,WAAW,CAAI,KAAQ,EAAE,KAAc;IAC9C,MAAM,QAAQ,GAAG,KAAK,EAAE,CAAC;IACzB,OAAO;QACL,KAAK;QACL,QAAQ;QACR,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS;KAChD,CAAC;AACJ,CAAC;AAED,SAAS,SAAS,CAAI,GAAqB;IACzC,OAAO,GAAG,CAAC,SAAS,KAAK,SAAS,IAAI,GAAG,CAAC,SAAS,GAAG,KAAK,EAAE,CAAC;AAChE,CAAC;AAED,SAAS,MAAM,CAAI,GAAW,EAAE,KAAQ,EAAE,KAAc;IACtD,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,WAAW,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;AAClD,CAAC;AAED,SAAS,MAAM,CAAI,GAAW;IAC5B,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,GAAG,CAAiC,CAAC;IACjE,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,IAAI,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC;QACnB,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACxB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,GAAG,CAAC,KAAK,CAAC;AACnB,CAAC;AAED,SAAS,MAAM,CAAC,GAAW;IACzB,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;AAC1B,CAAC;AAED,SAAS,UAAU,CAAI,GAAW,EAAE,KAAQ,EAAE,KAAc;IAC1D,IAAI,OAAO,cAAc,KAAK,WAAW,EAAE,CAAC;QAC1C,MAAM,CAAC,GAAG,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;QAC1B,OAAO;IACT,CAAC;IACD,IAAI,CAAC;QACH,cAAc,CAAC,OAAO,CAAC,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;IAClF,CAAC;IAAC,MAAM,CAAC;QACP,8CAA8C;QAC9C,MAAM,CAAC,GAAG,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;IAC5B,CAAC;AACH,CAAC;AAED,SAAS,UAAU,CAAI,GAAW;IAChC,IAAI,OAAO,cAAc,KAAK,WAAW;QAAE,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;IAC9D,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,cAAc,CAAC,OAAO,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC;QACjD,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QACtB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAqB,CAAC;QAChD,IAAI,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC;YACnB,cAAc,CAAC,UAAU,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC;YACxC,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,GAAG,CAAC,KAAK,CAAC;IACnB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,UAAU,CAAC,GAAW;IAC7B,IAAI,OAAO,cAAc,KAAK,WAAW,EAAE,CAAC;QAC1C,MAAM,CAAC,GAAG,CAAC,CAAC;QACZ,OAAO;IACT,CAAC;IACD,cAAc,CAAC,UAAU,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC;AAC1C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,GAAG,CAAI,GAAW,EAAE,KAAQ,EAAE,OAA6B,EAAE;IAC3E,MAAM,WAAW,GAAgB,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC;IACjE,QAAQ,WAAW,EAAE,CAAC;QACpB,KAAK,WAAW;YACd,MAAM,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;YAC/B,OAAO;QACT,KAAK,SAAS;YACZ,UAAU,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;YACnC,OAAO;QACT,KAAK,YAAY;YACf,MAAM,IAAI,KAAK,CACb,mFAAmF,CACpF,CAAC;IACN,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,GAAG,CAAI,GAAW,EAAE,OAAsC,EAAE;IAC1E,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC;IACpD,QAAQ,WAAW,EAAE,CAAC;QACpB,KAAK,WAAW;YACd,OAAO,MAAM,CAAI,GAAG,CAAC,CAAC;QACxB,KAAK,SAAS;YACZ,OAAO,UAAU,CAAI,GAAG,CAAC,CAAC;QAC5B,KAAK,YAAY;YACf,MAAM,IAAI,KAAK,CACb,mFAAmF,CACpF,CAAC;IACN,CAAC;AACH,CAAC;AAED,MAAM,UAAU,GAAG,CAAC,GAAW,EAAE,OAAsC,EAAE;IACvE,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC;IACpD,QAAQ,WAAW,EAAE,CAAC;QACpB,KAAK,WAAW;YACd,MAAM,CAAC,GAAG,CAAC,CAAC;YACZ,OAAO;QACT,KAAK,SAAS;YACZ,UAAU,CAAC,GAAG,CAAC,CAAC;YAChB,OAAO;QACT,KAAK,YAAY;YACf,MAAM,IAAI,KAAK,CACb,mFAAmF,CACpF,CAAC;IACN,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,QAAQ,CAAC,OAAsC,EAAE;IAC/D,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC;IACpD,IAAI,WAAW,KAAK,WAAW,EAAE,CAAC;QAChC,WAAW,CAAC,KAAK,EAAE,CAAC;QACpB,OAAO;IACT,CAAC;IACD,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,IAAI,OAAO,cAAc,KAAK,WAAW,EAAE,CAAC;YAC1C,WAAW,CAAC,KAAK,EAAE,CAAC;YACpB,OAAO;QACT,CAAC;QACD,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC/C,MAAM,CAAC,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAChC,IAAI,CAAC,EAAE,UAAU,CAAC,MAAM,CAAC;gBAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC9C,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,QAAQ;YAAE,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QACvD,OAAO;IACT,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,mFAAmF,CAAC,CAAC;AACvG,CAAC"}