@revealui/core 0.2.0 → 0.3.0

package/dist/security/gdpr.js

@@ -3,13 +3,18 @@
  *
  * Data privacy, consent management, data export, and right to be forgotten
  */
+import { createHash, createHmac } from 'node:crypto';
 import { logger } from '../observability/logger.js';
+import { InMemoryBreachStorage } from './gdpr-storage.js';
 /**
  * Consent management system
  */
 export class ConsentManager {
-    consents = new Map();
+    storage;
     consentVersion = '1.0.0';
+    constructor(storage) {
+        this.storage = storage;
+    }
     /**
      * Grant consent
      */
@@ -24,25 +29,25 @@ export class ConsentManager {
             source,
             version: this.consentVersion,
         };
-        this.consents.set(`${userId}:${type}`, consent);
+        await this.storage.setConsent(userId, type, consent);
         return consent;
     }
     /**
      * Revoke consent
      */
     async revokeConsent(userId, type) {
-        const key = `${userId}:${type}`;
-        const existing = this.consents.get(key);
+        const existing = await this.storage.getConsent(userId, type);
         if (existing) {
             existing.granted = false;
             existing.timestamp = new Date().toISOString();
+            await this.storage.setConsent(userId, type, existing);
         }
     }
     /**
      * Check if consent is granted
      */
-    hasConsent(userId, type) {
-        const consent = this.consents.get(`${userId}:${type}`);
+    async hasConsent(userId, type) {
+        const consent = await this.storage.getConsent(userId, type);
         if (!consent?.granted) {
             return false;
         }
@@ -55,8 +60,8 @@ export class ConsentManager {
     /**
      * Get all consents for user
      */
-    getUserConsents(userId) {
-        return Array.from(this.consents.values()).filter((c) => c.userId === userId);
+    async getUserConsents(userId) {
+        return this.storage.getConsentsByUser(userId);
     }
     /**
      * Update consent version
@@ -67,8 +72,8 @@ export class ConsentManager {
     /**
      * Check if consent needs renewal
      */
-    needsRenewal(userId, type, maxAge) {
-        const consent = this.consents.get(`${userId}:${type}`);
+    async needsRenewal(userId, type, maxAge) {
+        const consent = await this.storage.getConsent(userId, type);
         if (!consent?.granted) {
             return true;
         }
@@ -78,8 +83,8 @@ export class ConsentManager {
     /**
      * Get consent statistics
      */
-    getStatistics() {
-        const consents = Array.from(this.consents.values());
+    async getStatistics() {
+        const consents = await this.storage.getAllConsents();
         const now = new Date();
         const granted = consents.filter((c) => c.granted).length;
         const revoked = consents.filter((c) => !c.granted).length;
@@ -97,6 +102,19 @@ export class ConsentManager {
         };
     }
 }
+/**
+ * Escape a value for safe CSV inclusion.
+ * Prevents CSV injection by prefixing formula-triggering characters (=, +, -, @, \t, \r)
+ * with a single quote, and escapes embedded quotes/commas per RFC 4180.
+ */
+function escapeCsvField(value) {
+    // Prefix formula-triggering characters to prevent CSV injection in spreadsheet apps
+    let safe = /^[=+\-@\t\r]/.test(value) ? `'${value}` : value;
+    // RFC 4180: escape double quotes by doubling them
+    safe = safe.replace(/"/g, '""');
+    // Always quote the field to handle commas, newlines, and quotes
+    return `"${safe}"`;
+}
 /**
  * Data export system
  */
@@ -133,12 +151,12 @@ export class DataExportSystem {
         // Profile data
         lines.push('Type,Key,Value');
         Object.entries(exportData.data.profile).forEach(([key, value]) => {
-            lines.push(`Profile,${key},"${value}"`);
+            lines.push(`Profile,${escapeCsvField(key)},${escapeCsvField(String(value))}`);
         });
         // Activities
         exportData.data.activities.forEach((activity, index) => {
             Object.entries(activity).forEach(([key, value]) => {
-                lines.push(`Activity ${index + 1},${key},"${value}"`);
+                lines.push(`Activity ${index + 1},${escapeCsvField(key)},${escapeCsvField(String(value))}`);
             });
         });
         return lines.join('\n');
@@ -155,7 +173,10 @@ export class DataExportSystem {
  * Data deletion system (Right to be Forgotten)
  */
 export class DataDeletionSystem {
-    requests = new Map();
+    storage;
+    constructor(storage) {
+        this.storage = storage;
+    }
     /**
      * Request data deletion
      */
@@ -168,41 +189,44 @@ export class DataDeletionSystem {
             dataCategories,
             reason,
         };
-        this.requests.set(request.id, request);
+        await this.storage.setDeletionRequest(request);
         return request;
     }
     /**
      * Process deletion request
      */
     async processDeletion(requestId, deleteData) {
-        const request = this.requests.get(requestId);
+        const request = await this.storage.getDeletionRequest(requestId);
         if (!request) {
             throw new Error('Deletion request not found');
         }
         request.status = 'processing';
+        await this.storage.setDeletionRequest(request);
         try {
             const result = await deleteData(request.userId, request.dataCategories);
             request.status = 'completed';
             request.processedAt = new Date().toISOString();
             request.deletedData = result.deleted;
             request.retainedData = result.retained;
+            await this.storage.setDeletionRequest(request);
         }
         catch (error) {
             request.status = 'failed';
+            await this.storage.setDeletionRequest(request);
             throw error;
         }
     }
     /**
      * Get deletion request
      */
-    getRequest(requestId) {
-        return this.requests.get(requestId);
+    async getRequest(requestId) {
+        return this.storage.getDeletionRequest(requestId);
     }
     /**
      * Get user deletion requests
      */
-    getUserRequests(userId) {
-        return Array.from(this.requests.values()).filter((r) => r.userId === userId);
+    async getUserRequests(userId) {
+        return this.storage.getDeletionRequestsByUser(userId);
     }
     /**
      * Check if data can be deleted
@@ -231,68 +255,70 @@ export class DataDeletionSystem {
 /**
  * Data anonymization utilities
  */
-export class DataAnonymization {
-    /**
-     * Anonymize user data
-     */
-    static anonymizeUser(user) {
-        return {
-            ...user,
-            email: DataAnonymization.hashValue(user.email),
-            name: 'Anonymous User',
-            phone: undefined,
-            address: undefined,
-            ip: undefined,
-        };
-    }
-    /**
-     * Pseudonymize data (reversible)
-     */
-    static pseudonymize(value, key) {
-        // Simple pseudonymization (use proper crypto in production)
-        return `pseudo_${DataAnonymization.hashValue(value + key).substring(0, 16)}`;
-    }
-    /**
-     * Hash value (irreversible)
-     */
-    static hashValue(value) {
-        // Simple hash (use proper crypto in production)
-        let hash = 0;
-        for (let i = 0; i < value.length; i++) {
-            const char = value.charCodeAt(i);
-            hash = (hash << 5) - hash + char;
-            hash = hash & hash;
-        }
-        return `hash_${Math.abs(hash).toString(36)}`;
-    }
-    /**
-     * Anonymize dataset
-     */
-    static anonymizeDataset(data, sensitiveFields) {
-        return data.map((item) => {
-            const anonymized = { ...item };
-            sensitiveFields.forEach((field) => {
-                if (field in anonymized && typeof anonymized[field] === 'string') {
-                    anonymized[field] = DataAnonymization.hashValue(anonymized[field]);
-                }
-            });
-            return anonymized;
-        });
-    }
-    /**
-     * K-anonymity check
-     */
-    static checkKAnonymity(data, quasiIdentifiers, k) {
-        // Group by quasi-identifiers
-        const groups = new Map();
-        data.forEach((item) => {
-            const key = quasiIdentifiers.map((field) => String(item[field])).join('|');
-            groups.set(key, (groups.get(key) || 0) + 1);
+/**
+ * Hash value (irreversible) using SHA-256
+ */
+function hashValue(value) {
+    const digest = createHash('sha256').update(value).digest('hex');
+    return `hash_${digest}`;
+}
+/**
+ * Anonymize user data
+ */
+function anonymizeUser(user) {
+    return {
+        ...user,
+        email: hashValue(user.email),
+        name: 'Anonymous User',
+        phone: undefined,
+        address: undefined,
+        ip: undefined,
+    };
+}
+/**
+ * Pseudonymize data (one-way, key-dependent)
+ *
+ * Uses HMAC-SHA256 — cryptographically bound to the key, resistant to
+ * length-extension attacks and GPU brute-force (unlike plain SHA-256).
+ */
+function pseudonymize(value, key) {
+    const hmac = createHmac('sha256', key).update(value).digest('hex');
+    return `pseudo_${hmac.substring(0, 16)}`;
+}
+/**
+ * Anonymize dataset
+ */
+function anonymizeDataset(data, sensitiveFields) {
+    return data.map((item) => {
+        const anonymized = { ...item };
+        sensitiveFields.forEach((field) => {
+            if (field in anonymized && typeof anonymized[field] === 'string') {
+                anonymized[field] = hashValue(anonymized[field]);
+            }
         });
-        // Check if all groups have at least k members
-        return Array.from(groups.values()).every((count) => count >= k);
-    }
+        return anonymized;
+    });
+}
+/**
+ * K-anonymity check
+ */
+function checkKAnonymity(data, quasiIdentifiers, k) {
+    // Group by quasi-identifiers
+    const groups = new Map();
+    data.forEach((item) => {
+        const key = quasiIdentifiers.map((field) => String(item[field])).join('|');
+        groups.set(key, (groups.get(key) || 0) + 1);
+    });
+    // Check if all groups have at least k members
+    return Array.from(groups.values()).every((count) => count >= k);
 }
+export const DataAnonymization = {
+    anonymizeUser,
+    pseudonymize,
+    hashValue,
+    anonymizeDataset,
+    checkKAnonymity,
+};
 /**
  * Privacy policy manager
  */
@@ -373,7 +399,17 @@ export class CookieConsentManager {
             const stored = localStorage.getItem('cookie-consent');
             if (stored) {
                 try {
-                    this.config = JSON.parse(stored);
+                    const parsed = JSON.parse(stored);
+                    // Validate shape before assigning — only accept known boolean fields
+                    // to prevent malicious scripts from injecting arbitrary config.
+                    if (typeof parsed === 'object' && parsed !== null) {
+                        this.config = {
+                            necessary: true, // always required
+                            analytics: typeof parsed.analytics === 'boolean' ? parsed.analytics : false,
+                            marketing: typeof parsed.marketing === 'boolean' ? parsed.marketing : false,
+                            functional: typeof parsed.functional === 'boolean' ? parsed.functional : true,
+                        };
+                    }
                 }
                 catch {
                     // Ignore parse errors
@@ -397,7 +433,17 @@ export class CookieConsentManager {
     }
 }
 export class DataBreachManager {
-    breaches = new Map();
+    storage;
+    constructor(storage) {
+        if (storage) {
+            this.storage = storage;
+        }
+        else {
+            logger.warn('DataBreachManager: using in-memory storage — breach records will be lost on restart. ' +
+                'For production GDPR compliance, pass a database-backed BreachStorage.');
+            this.storage = new InMemoryBreachStorage();
+        }
+    }
     /**
      * Report data breach
      */
@@ -408,7 +454,7 @@ export class DataBreachManager {
             detectedAt: new Date().toISOString(),
             status: 'detected',
         };
-        this.breaches.set(fullBreach.id, fullBreach);
+        await this.storage.setBreach(fullBreach);
         // Auto-notify if critical
         if (fullBreach.severity === 'critical') {
             await this.notifyAuthorities(fullBreach);
@@ -419,8 +465,10 @@ export class DataBreachManager {
      * Notify authorities (required within 72 hours under GDPR)
      */
     async notifyAuthorities(breach) {
-        breach.reportedAt = new Date().toISOString();
-        breach.status = 'notified';
+        await this.storage.updateBreach(breach.id, {
+            reportedAt: new Date().toISOString(),
+            status: 'notified',
+        });
         // In production, integrate with data protection authority API
         logger.info('Breach reported to authorities', { breachId: breach.id });
     }
@@ -428,7 +476,7 @@ export class DataBreachManager {
      * Notify affected users
      */
     async notifyAffectedUsers(breachId, notifyFn) {
-        const breach = this.breaches.get(breachId);
+        const breach = await this.storage.getBreach(breachId);
         if (!breach) {
             throw new Error('Breach not found');
         }
@@ -449,22 +497,35 @@ export class DataBreachManager {
     /**
      * Get breach
      */
-    getBreach(id) {
-        return this.breaches.get(id);
+    async getBreach(id) {
+        return this.storage.getBreach(id);
     }
     /**
      * Get all breaches
      */
-    getAllBreaches() {
-        return Array.from(this.breaches.values());
+    async getAllBreaches() {
+        return this.storage.getAllBreaches();
     }
 }
 /**
- * Global instances
+ * Factory functions for GDPR subsystems.
+ *
+ * `ConsentManager` and `DataDeletionSystem` require a `GDPRStorage` implementation.
+ * Use `InMemoryGDPRStorage` only in tests — production MUST use a database-backed store.
+ *
+ * `DataExportSystem`, `PrivacyPolicyManager`, `CookieConsentManager`, and
+ * `DataBreachManager` are stateless or client-side only, so singletons are safe.
  */
-export const consentManager = new ConsentManager();
+export function createConsentManager(storage) {
+    return new ConsentManager(storage);
+}
+export function createDataDeletionSystem(storage) {
+    return new DataDeletionSystem(storage);
+}
 export const dataExportSystem = new DataExportSystem();
-export const dataDeletionSystem = new DataDeletionSystem();
 export const privacyPolicyManager = new PrivacyPolicyManager();
 export const cookieConsentManager = new CookieConsentManager();
+export function createDataBreachManager(storage) {
+    return new DataBreachManager(storage);
+}
 export const dataBreachManager = new DataBreachManager();

package/dist/security/headers.d.ts

@@ -163,11 +163,13 @@ export declare const CORSPresets: {
      */
     moderate: (allowedOrigins: string[]) => CORSConfig;
     /**
-     * Permissive CORS (all origins)
+     * Permissive CORS (all origins) — development only.
+     * Logs a warning if used when NODE_ENV === 'production'.
      */
     permissive: () => CORSConfig;
     /**
-     * API CORS (for public APIs)
+     * API CORS (public read-only APIs) — credentials disabled.
+     * Logs a warning if used when NODE_ENV === 'production'.
      */
     api: () => CORSConfig;
 };

package/dist/security/headers.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"headers.d.ts","sourceRoot":"","sources":["../../src/security/headers.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,WAAW,qBAAqB;IACpC,qBAAqB,CAAC,EAAE,MAAM,GAAG,2BAA2B,CAAA;IAC5D,uBAAuB,CAAC,EAAE,OAAO,GAAG,UAAU,CAAA;IAC9C,aAAa,CAAC,EAAE,MAAM,GAAG,YAAY,GAAG,MAAM,CAAA;IAC9C,mBAAmB,CAAC,EAAE,OAAO,CAAA;IAC7B,cAAc,CAAC,EAAE,mBAAmB,CAAA;IACpC,iBAAiB,CAAC,EAAE,MAAM,GAAG,uBAAuB,CAAA;IACpD,yBAAyB,CAAC,EAAE,cAAc,GAAG,gBAAgB,CAAA;IAC7D,uBAAuB,CAAC,EAAE,aAAa,GAAG,0BAA0B,GAAG,aAAa,CAAA;IACpF,yBAAyB,CAAC,EAAE,aAAa,GAAG,WAAW,GAAG,cAAc,CAAA;CACzE;AAED,MAAM,WAAW,2BAA2B;IAC1C,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;IACrB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;IACpB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;IACnB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;IACjB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;IACrB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;IACnB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;IACpB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;IACnB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;IACpB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;IACnB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;IACrB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;IACtB,uBAAuB,CAAC,EAAE,OAAO,CAAA;IACjC,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAC9B,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAA;IACd,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,OAAO,CAAC,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,MAAM,mBAAmB,GAC3B,aAAa,GACb,4BAA4B,GAC5B,QAAQ,GACR,0BAA0B,GAC1B,aAAa,GACb,eAAe,GACf,iCAAiC,GACjC,YAAY,CAAA;AAEhB,MAAM,WAAW,uBAAuB;IACtC,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;IACxB,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC7B,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;IACnB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;IACjB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;IACrB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;IACtB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;IACpB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;IACvB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;IACrB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;IACf,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC3B,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC/B,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAA;IACd,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;IACnB,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAA;CAC7B;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,CAAA;IAC1D,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,WAAW,CAAC,EAAE,OAAO,CAAA;IACrB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,oBAAoB,CAAC,EAAE,MAAM,CAAA;CAC9B;AAED;;GAEG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,MAAM,CAAuB;gBAEzB,MAAM,GAAE,qBAA0B;IAI9C;;OAEG;IACH,UAAU,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAiDpC;;OAEG;IACH,OAAO,CAAC,QAAQ;IAgDhB;;OAEG;IACH,OAAO,CAAC,SAAS;IAuBjB;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAqB9B;;OAEG;IACH,YAAY,CAAC,QAAQ,EAAE,QAAQ,GAAG,QAAQ;CAS3C;AAED;;GAEG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAsB;gBAExB,MAAM,GAAE,UAAe;IAanC;;OAEG;IACH,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAsBxC;;OAEG;IACH,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAqBtD;;OAEG;IACH,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAe3D;;OAEG;IACH,aAAa,CAAC,OAAO,EAAE,OAAO,GAAG,QAAQ,GAAG,IAAI;IAehD;;OAEG;IACH,eAAe,CAAC,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,QAAQ;IAa5D;;OAEG;IACH,YAAY,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,GAAG,QAAQ;CAa3D;AAED;;GAEG;AACH,eAAO,MAAM,eAAe;IAC1B;;OAEG;kBACS,qBAAqB;IA4BjC;;OAEG;oBACW,qBAAqB;IAmBnC;;OAEG;uBACc,qBAAqB;CAIvC,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,WAAW;IACtB;;OAEG;kBACS,UAAU;IAQtB;;OAEG;+BACwB,MAAM,EAAE,KAAG,UAAU;IAShD;;OAEG;sBACa,UAAU;IAQ1B;;OAEG;eACM,UAAU;CAQpB,CAAA;AAED;;GAEG;AACH,wBAAgB,wBAAwB,CACtC,cAAc,CAAC,EAAE,qBAAqB,EACtC,UAAU,CAAC,EAAE,UAAU,IAKT,SAAS,OAAO,EAAE,MAAM,MAAM,OAAO,CAAC,QAAQ,CAAC,KAAG,OAAO,CAAC,QAAQ,CAAC,CAwBlF;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,QAAQ,EAClB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,MAAM,GACZ,IAAI,CAIN"}
+{"version":3,"file":"headers.d.ts","sourceRoot":"","sources":["../../src/security/headers.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,MAAM,WAAW,qBAAqB;IACpC,qBAAqB,CAAC,EAAE,MAAM,GAAG,2BAA2B,CAAC;IAC7D,uBAAuB,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAC/C,aAAa,CAAC,EAAE,MAAM,GAAG,YAAY,GAAG,MAAM,CAAC;IAC/C,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,cAAc,CAAC,EAAE,mBAAmB,CAAC;IACrC,iBAAiB,CAAC,EAAE,MAAM,GAAG,uBAAuB,CAAC;IACrD,yBAAyB,CAAC,EAAE,cAAc,GAAG,gBAAgB,CAAC;IAC9D,uBAAuB,CAAC,EAAE,aAAa,GAAG,0BAA0B,GAAG,aAAa,CAAC;IACrF,yBAAyB,CAAC,EAAE,aAAa,GAAG,WAAW,GAAG,cAAc,CAAC;CAC1E;AAED,MAAM,WAAW,2BAA2B;IAC1C,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,MAAM,mBAAmB,GAC3B,aAAa,GACb,4BAA4B,GAC5B,QAAQ,GACR,0BAA0B,GAC1B,aAAa,GACb,eAAe,GACf,iCAAiC,GACjC,YAAY,CAAC;AAEjB,MAAM,WAAW,uBAAuB;IACtC,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;IAChC,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC9B;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,CAAC;IAC3D,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED;;GAEG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,MAAM,CAAwB;gBAE1B,MAAM,GAAE,qBAA0B;IAI9C;;OAEG;IACH,UAAU,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAiDpC;;OAEG;IACH,OAAO,CAAC,QAAQ;IAgDhB;;OAEG;IACH,OAAO,CAAC,SAAS;IAuBjB;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAqB9B;;OAEG;IACH,YAAY,CAAC,QAAQ,EAAE,QAAQ,GAAG,QAAQ;CAS3C;AAED;;GAEG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAuB;gBAEzB,MAAM,GAAE,UAAe;IAanC;;OAEG;IACH,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAsBxC;;OAEG;IACH,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IA2BtD;;OAEG;IACH,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAe3D;;OAEG;IACH,aAAa,CAAC,OAAO,EAAE,OAAO,GAAG,QAAQ,GAAG,IAAI;IAehD;;OAEG;IACH,eAAe,CAAC,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,GAAG,QAAQ;IAa5D;;OAEG;IACH,YAAY,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,GAAG,QAAQ;CAa3D;AAED;;GAEG;AACH,eAAO,MAAM,eAAe;IAC1B;;OAEG;kBACS,qBAAqB;IA4BjC;;OAEG;oBACW,qBAAqB;IAmBnC;;OAEG;uBACc,qBAAqB;CAIvC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,WAAW;IACtB;;OAEG;kBACS,UAAU;IAQtB;;OAEG;+BACwB,MAAM,EAAE,KAAG,UAAU;IAShD;;;OAGG;sBACa,UAAU;IAe1B;;;OAGG;eACM,UAAU;CAepB,CAAC;AAEF;;GAEG;AACH,wBAAgB,wBAAwB,CACtC,cAAc,CAAC,EAAE,qBAAqB,EACtC,UAAU,CAAC,EAAE,UAAU,IAKT,SAAS,OAAO,EAAE,MAAM,MAAM,OAAO,CAAC,QAAQ,CAAC,KAAG,OAAO,CAAC,QAAQ,CAAC,CAwBlF;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,QAAQ,EAClB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,MAAM,GACZ,IAAI,CAIN"}

package/dist/security/headers.js

@@ -3,6 +3,7 @@
  *
  * HTTP security headers and CORS policy management
  */
+import { defaultLogger } from '../instance/logger.js';
 /**
  * Security headers manager
  */
@@ -192,6 +193,11 @@ export class CORSManager {
         if (this.isOriginAllowed(origin)) {
             headers['Access-Control-Allow-Origin'] = this.config.origin === '*' ? '*' : origin;
         }
+        // Vary: Origin — required when Access-Control-Allow-Origin is not '*' so caches
+        // don't serve a response allowed for origin A to origin B.
+        if (this.config.origin !== '*') {
+            headers.Vary = 'Origin';
+        }
         // Access-Control-Allow-Credentials — incompatible with origin: '*' per Fetch spec
         if (this.config.credentials && this.config.origin !== '*') {
             headers['Access-Control-Allow-Credentials'] = 'true';
@@ -345,26 +351,38 @@ export const CORSPresets = {
         maxAge: 86400,
     }),
     /**
-     * Permissive CORS (all origins)
+     * Permissive CORS (all origins) — development only.
+     * Logs a warning if used when NODE_ENV === 'production'.
      */
-    permissive: () => ({
-        origin: '*',
-        methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
-        allowedHeaders: ['*'],
-        credentials: false,
-        maxAge: 86400,
-    }),
+    permissive: () => {
+        if (process.env.NODE_ENV === 'production') {
+            defaultLogger.warn('[SecurityPresets] CORS permissive preset used in production — this allows all origins. Use moderate() with explicit origins instead.');
+        }
+        return {
+            origin: '*',
+            methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
+            allowedHeaders: ['*'],
+            credentials: false,
+            maxAge: 86400,
+        };
+    },
     /**
-     * API CORS (for public APIs)
+     * API CORS (public read-only APIs) — credentials disabled.
+     * Logs a warning if used when NODE_ENV === 'production'.
      */
-    api: () => ({
-        origin: '*',
-        methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH'],
-        allowedHeaders: ['Content-Type', 'Authorization', 'X-API-Key'],
-        exposedHeaders: ['X-RateLimit-Limit', 'X-RateLimit-Remaining', 'X-RateLimit-Reset'],
-        credentials: false,
-        maxAge: 86400,
-    }),
+    api: () => {
+        if (process.env.NODE_ENV === 'production') {
+            defaultLogger.warn('[SecurityPresets] CORS api preset uses origin:"*". For production, pass explicit origins to moderate() instead.');
+        }
+        return {
+            origin: '*',
+            methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH'],
+            allowedHeaders: ['Content-Type', 'Authorization', 'X-API-Key'],
+            exposedHeaders: ['X-RateLimit-Limit', 'X-RateLimit-Remaining', 'X-RateLimit-Reset'],
+            credentials: false,
+            maxAge: 86400,
+        };
+    },
 };
 /**
  * Security middleware creator

package/dist/security/index.d.ts

@@ -1,19 +1,6 @@
 /**
- * Security & Compliance
- *
- * Comprehensive security infrastructure for authentication, authorization,
- * encryption, audit logging, GDPR compliance, and secure headers
+ * Security & Compliance — re-exported from @revealui/security
+ * New code should import directly from '@revealui/security'.
  */
-export type { AuditEvent, AuditEventType, AuditQuery, AuditSeverity, AuditStorage, } from './audit';
-export { AuditReportGenerator, AuditSystem, AuditTrail, audit, createAuditMiddleware, InMemoryAuditStorage, } from './audit';
-export type { AuthConfig, AuthSession, AuthToken, JWTPayload, OAuthConfig, User, } from './auth';
-export { AuthSystem, OAuthClient, OAuthProviders, PasswordHasher, TwoFactorAuth, } from './auth';
-export type { AuthorizationContext, Permission, Policy, PolicyCondition, Role, } from './authorization';
-export { AuthorizationSystem, authorization, CommonRoles, canAccessResource, checkAttributeAccess, createAuthorizationMiddleware, PermissionBuilder, PermissionCache, PolicyBuilder, permissionCache, RequirePermission, RequireRole, } from './authorization';
-export type { EncryptedData, EncryptionConfig, } from './encryption';
-export { DataMasking, EncryptionSystem, EnvelopeEncryption, encryption, FieldEncryption, KeyRotationManager, TokenGenerator, } from './encryption';
-export type { ConsentRecord, ConsentType, CookieConsentConfig, DataBreach, DataCategory, DataDeletionRequest, DataProcessingPurpose, PersonalDataExport, } from './gdpr';
-export { ConsentManager, CookieConsentManager, consentManager, cookieConsentManager, DataAnonymization, DataBreachManager, DataDeletionSystem, DataExportSystem, dataBreachManager, dataDeletionSystem, dataExportSystem, PrivacyPolicyManager, privacyPolicyManager, } from './gdpr';
-export type { CORSConfig, ContentSecurityPolicyConfig, HSTSConfig, PermissionsPolicyConfig, ReferrerPolicyValue, SecurityHeadersConfig, } from './headers';
-export { CORSManager, CORSPresets, createSecurityMiddleware, SecurityHeaders, SecurityPresets, setRateLimitHeaders, } from './headers';
+export * from '@revealui/security';
 //# sourceMappingURL=index.d.ts.map

package/dist/security/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,YAAY,EACV,UAAU,EACV,cAAc,EACd,UAAU,EACV,aAAa,EACb,YAAY,GACb,MAAM,SAAS,CAAA;AAEhB,OAAO,EACL,oBAAoB,EACpB,WAAW,EACX,UAAU,EACV,KAAK,EACL,qBAAqB,EACrB,oBAAoB,GACrB,MAAM,SAAS,CAAA;AAChB,YAAY,EACV,UAAU,EACV,WAAW,EACX,SAAS,EACT,UAAU,EACV,WAAW,EACX,IAAI,GACL,MAAM,QAAQ,CAAA;AAEf,OAAO,EACL,UAAU,EACV,WAAW,EACX,cAAc,EACd,cAAc,EACd,aAAa,GACd,MAAM,QAAQ,CAAA;AACf,YAAY,EACV,oBAAoB,EACpB,UAAU,EACV,MAAM,EACN,eAAe,EACf,IAAI,GACL,MAAM,iBAAiB,CAAA;AAExB,OAAO,EACL,mBAAmB,EACnB,aAAa,EACb,WAAW,EACX,iBAAiB,EACjB,oBAAoB,EACpB,6BAA6B,EAC7B,iBAAiB,EACjB,eAAe,EACf,aAAa,EACb,eAAe,EACf,iBAAiB,EACjB,WAAW,GACZ,MAAM,iBAAiB,CAAA;AACxB,YAAY,EACV,aAAa,EACb,gBAAgB,GACjB,MAAM,cAAc,CAAA;AAErB,OAAO,EACL,WAAW,EACX,gBAAgB,EAChB,kBAAkB,EAClB,UAAU,EACV,eAAe,EACf,kBAAkB,EAClB,cAAc,GACf,MAAM,cAAc,CAAA;AACrB,YAAY,EACV,aAAa,EACb,WAAW,EACX,mBAAmB,EACnB,UAAU,EACV,YAAY,EACZ,mBAAmB,EACnB,qBAAqB,EACrB,kBAAkB,GACnB,MAAM,QAAQ,CAAA;AAEf,OAAO,EACL,cAAc,EACd,oBAAoB,EACpB,cAAc,EACd,oBAAoB,EACpB,iBAAiB,EACjB,iBAAiB,EACjB,kBAAkB,EAClB,gBAAgB,EAChB,iBAAiB,EACjB,kBAAkB,EAClB,gBAAgB,EAChB,oBAAoB,EACpB,oBAAoB,GACrB,MAAM,QAAQ,CAAA;AACf,YAAY,EACV,UAAU,EACV,2BAA2B,EAC3B,UAAU,EACV,uBAAuB,EACvB,mBAAmB,EACnB,qBAAqB,GACtB,MAAM,WAAW,CAAA;AAElB,OAAO,EACL,WAAW,EACX,WAAW,EACX,wBAAwB,EACxB,eAAe,EACf,eAAe,EACf,mBAAmB,GACpB,MAAM,WAAW,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,cAAc,oBAAoB,CAAC"}

package/dist/security/index.js

@@ -1,18 +1,5 @@
 /**
- * Security & Compliance
- *
- * Comprehensive security infrastructure for authentication, authorization,
- * encryption, audit logging, GDPR compliance, and secure headers
+ * Security & Compliance — re-exported from @revealui/security
+ * New code should import directly from '@revealui/security'.
  */
-// Audit logging
-export { AuditReportGenerator, AuditSystem, AuditTrail, audit, createAuditMiddleware, InMemoryAuditStorage, } from './audit';
-// Authentication
-export { AuthSystem, OAuthClient, OAuthProviders, PasswordHasher, TwoFactorAuth, } from './auth';
-// Authorization
-export { AuthorizationSystem, authorization, CommonRoles, canAccessResource, checkAttributeAccess, createAuthorizationMiddleware, PermissionBuilder, PermissionCache, PolicyBuilder, permissionCache, RequirePermission, RequireRole, } from './authorization';
-// Encryption
-export { DataMasking, EncryptionSystem, EnvelopeEncryption, encryption, FieldEncryption, KeyRotationManager, TokenGenerator, } from './encryption';
-// GDPR compliance
-export { ConsentManager, CookieConsentManager, consentManager, cookieConsentManager, DataAnonymization, DataBreachManager, DataDeletionSystem, DataExportSystem, dataBreachManager, dataDeletionSystem, dataExportSystem, PrivacyPolicyManager, privacyPolicyManager, } from './gdpr';
-// Security headers
-export { CORSManager, CORSPresets, createSecurityMiddleware, SecurityHeaders, SecurityPresets, setRateLimitHeaders, } from './headers';
+export * from '@revealui/security';

package/dist/server/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAGH,OAAO,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AAEtE,OAAO,EAAE,wBAAwB,EAAE,MAAM,mCAAmC,CAAA;AAC5E,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAA;AAC7D,YAAY,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAA;AAE7E,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,2BAA2B,CAAA;AAEhE,cAAc,6BAA6B,CAAA;AAQ3C,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAGH,OAAO,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AAEvE,OAAO,EAAE,wBAAwB,EAAE,MAAM,mCAAmC,CAAC;AAC7E,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,YAAY,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAC;AAE9E,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,2BAA2B,CAAC;AAEjE,cAAc,6BAA6B,CAAC;AAQ5C,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/server/renderPage.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"renderPage.d.ts","sourceRoot":"","sources":["../../src/server/renderPage.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAA;AAGvD,YAAY,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAA;AAcxE;;;;;;;;;;;GAWG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAE9C;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;IACjB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CACxC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,eAAe,CAAC,OAAO,GAAE,gBAAqB,GAAG,MAAM,CA6CtE;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,GAAG,MAAM,CAoB1E"}
+{"version":3,"file":"renderPage.d.ts","sourceRoot":"","sources":["../../src/server/renderPage.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAGxD,YAAY,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAczE;;;;;;;;;;;GAWG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAE9C;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACzC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,eAAe,CAAC,OAAO,GAAE,gBAAqB,GAAG,MAAM,CA6CtE;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,GAAG,MAAM,CAqB1E"}

package/dist/storage/index.d.ts

@@ -1 +1,2 @@
+export { vercelBlobStorage } from './vercel-blob.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/storage/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/storage/index.ts"],"names":[],"mappings":""}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/storage/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC"}

package/dist/storage/index.js

@@ -1,4 +1,2 @@
-"use strict";
-// Temporarily commented out to get CMS running
-// // Re-export storage adapters
-// export { vercelBlobStorage } from './vercel-blob.js'
+// Re-export storage adapters
+export { vercelBlobStorage } from './vercel-blob.js';

package/dist/storage/vercel-blob.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"vercel-blob.d.ts","sourceRoot":"","sources":["../../src/storage/vercel-blob.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAE/C,MAAM,WAAW,uBAAuB;IACtC,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB,WAAW,CAAC,EAAE;QACZ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;KACvB,CAAA;IACD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB;AAED,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,uBAAuB,GAAG,MAAM,CAqFzE"}
+{"version":3,"file":"vercel-blob.d.ts","sourceRoot":"","sources":["../../src/storage/vercel-blob.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAEhD,MAAM,WAAW,uBAAuB;IACtC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,WAAW,CAAC,EAAE;QACZ,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;KACxB,CAAC;IACF,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,uBAAuB,GAAG,MAAM,CAqFzE"}

package/dist/translations/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/translations/index.ts"],"names":[],"mappings":"AACA,MAAM,WAAW,gBAAgB;IAC/B,CAAC,GAAG,EAAE,MAAM,GAAG;QACb,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG;YAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;SAAE,CAAA;KAClD,CAAA;CACF;AAED,MAAM,WAAW,yBAAyB;IACxC,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;KAAE,CAAA;CAClD;AAED,MAAM,WAAW,IAAI;IACnB,CAAC,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAA;CAC1D;AAED,MAAM,MAAM,UAAU,GAAG,IAAI,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/translations/index.ts"],"names":[],"mappings":"AACA,MAAM,WAAW,gBAAgB;IAC/B,CAAC,GAAG,EAAE,MAAM,GAAG;QACb,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG;YAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;SAAE,CAAC;KACnD,CAAC;CACH;AAED,MAAM,WAAW,yBAAyB;IACxC,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;KAAE,CAAC;CACnD;AAED,MAAM,WAAW,IAAI;IACnB,CAAC,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC;CAC3D;AAED,MAAM,MAAM,UAAU,GAAG,IAAI,CAAC"}