@riavzon/bot-detector 1.0.0

package/dist/index.mjs

@@ -0,0 +1,776 @@
+#!/usr/bin/env node
+import { defineCommand, runMain } from "citty";
+import { __askForUserAgent, __cache, __ensureMmdbctl, __restartData } from "@riavzon/shield-base/internal";
+import { buildCitiesData, compiler, getBGPAndASN, getCrawlersIps, getGeoDatas, getJaDatabaseLmdb, getListOfProxies, getThreatLists, getTorLists, getUserAgentLmdbList } from "@riavzon/shield-base";
+import consola from "consola";
+import fs from "node:fs";
+import path from "node:path";
+import { fileURLToPath } from "node:url";
+import path$1 from "path";
+import { createConfigManager } from "@riavzon/utils";
+import z from "zod";
+import "maxmind";
+import "lmdb";
+import { pino } from "pino";
+import { existsSync, mkdirSync } from "fs";
+import "unstorage";
+import "unstorage/drivers/memory";
+import "db0";
+import { execSync } from "child_process";
+
+//#region src/botDetector/db/findDataPath.ts
+const __moduleDir = path.dirname(fileURLToPath(import.meta.url));
+function getLibraryRoot(currentDir = __moduleDir) {
+	if (fs.existsSync(path.join(currentDir, "package.json"))) return currentDir;
+	const parentDir = path.resolve(currentDir, "..");
+	if (parentDir === currentDir) throw new Error("Could not find library root");
+	return getLibraryRoot(parentDir);
+}
+
+//#endregion
+//#region src/botDetector/cli/commands/start.ts
+const startCommand = defineCommand({
+	meta: {
+		name: "Bot Detector",
+		description: "Get started with the installation wizard"
+	},
+	async run() {
+		const output = path$1.resolve(getLibraryRoot(), "_data-sources");
+		const sentinel = path$1.resolve(output, "asn.mmdb");
+		if (!process.stdout.isTTY) {
+			if (fs.existsSync(sentinel)) return;
+			consola.warn("bot-detector: data sources not found. Run `npx bot-detector init` in an interactive terminal to set up.");
+			return;
+		}
+		const cache = await __cache()._getCache() ?? {};
+		consola.start("Starting installation wizard...");
+		let mmdbPath = "";
+		if (cache.mmdbctlPath) mmdbPath = cache.mmdbctlPath;
+		else {
+			consola.start("Verifying system dependencies...");
+			mmdbPath = await __ensureMmdbctl();
+			cache.mmdbctlPath = mmdbPath;
+		}
+		let contactInfo = "";
+		if (cache.useragent) contactInfo = cache.useragent;
+		else {
+			contactInfo = await __askForUserAgent();
+			cache.useragent = contactInfo;
+		}
+		if (fs.existsSync(sentinel)) {
+			consola.success("Data sources already initialized. Run `bot-detector refresh` to update them.");
+			return;
+		}
+		cache.selectedDataTypes = [
+			"BGP",
+			"City",
+			"Geography",
+			"Proxy",
+			"Tor",
+			"SEO",
+			"firehol_l1",
+			"firehol_l2",
+			"firehol_l3",
+			"firehol_l4",
+			"firehol_anonymous",
+			"JA4",
+			"UserAgent"
+		];
+		cache.outPutPath = output;
+		await __cache()._setCache(cache);
+		consola.start("Compiling all data sources...");
+		await Promise.all([
+			getBGPAndASN(contactInfo, output, mmdbPath),
+			buildCitiesData(output, mmdbPath),
+			getTorLists(output, mmdbPath),
+			getGeoDatas(output, mmdbPath),
+			getListOfProxies(output, mmdbPath),
+			getThreatLists(output, mmdbPath, true),
+			getCrawlersIps(output, mmdbPath),
+			getUserAgentLmdbList(output),
+			getJaDatabaseLmdb(output)
+		]);
+		consola.success("All data successfully compiled. You can now start using bot-detector.");
+	}
+});
+
+//#endregion
+//#region src/botDetector/cli/commands/refresh.ts
+const refreshData = defineCommand({
+	meta: {
+		name: "refresh",
+		description: "Refresh the local data sources the bot-detector use internally"
+	},
+	async run() {
+		const cache = await __cache()._getCache() ?? {};
+		if (!cache.outPutPath || !cache.mmdbctlPath || Object.keys(cache).length === 0) {
+			consola.error("No data to restart, please first run the installation wizard");
+			throw new Error();
+		}
+		const output = path$1.resolve(getLibraryRoot(), "_data-sources");
+		consola.start("Restarting data sources...");
+		await __restartData(output, true);
+		consola.success(`✨ All data successfully restarted!`);
+	}
+});
+
+//#endregion
+//#region src/botDetector/types/configSchema.ts
+const dbConfigStorage = z.custom((val) => {
+	if (typeof val !== "object" || val === null) return false;
+	return typeof val.driver === "string";
+}, { message: "Database config must be an object with a valid \"driver\" string" });
+const store = z.object({ main: dbConfigStorage }).required().strict();
+const cache = z.custom((val) => {
+	if (typeof val !== "object" || val === null) return false;
+	return typeof val.driver === "string";
+}, { message: "Storage must be an object with a valid \"driver\" string" });
+const configSchema = z.object({
+	store,
+	banScore: z.number().max(100).min(0).default(100),
+	maxScore: z.number().max(100).min(0).default(100),
+	restoredReputationPoints: z.number().default(10),
+	setNewComputedScore: z.boolean().default(false),
+	whiteList: z.array(z.union([
+		z.ipv4(),
+		z.ipv6(),
+		z.string()
+	])).optional().default([]),
+	checksTimeRateControl: z.object({
+		checkEveryRequest: z.boolean().default(true),
+		checkEvery: z.number().default(1e3 * 60 * 5)
+	}).prefault({}),
+	batchQueue: z.object({
+		flushIntervalMs: z.number().default(5e3),
+		maxBufferSize: z.number().default(100),
+		maxRetries: z.number().default(3)
+	}).prefault({}),
+	storage: cache.optional(),
+	checkers: z.object({
+		localeMapsCheck: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			penalties: z.object({
+				ipAndHeaderMismatch: z.number().default(20),
+				missingHeader: z.number().default(20),
+				missingGeoData: z.number().default(20),
+				malformedHeader: z.number().default(30)
+			}).prefault({})
+		})]).prefault({ enable: true }),
+		knownBadUserAgents: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			penalties: z.object({
+				criticalSeverity: z.number().default(100),
+				highSeverity: z.number().default(80),
+				mediumSeverity: z.number().default(30),
+				lowSeverity: z.number().default(10)
+			}).prefault({})
+		})]).prefault({ enable: true }),
+		enableIpChecks: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			penalties: z.number().default(10)
+		})]).prefault({ enable: true }),
+		enableGoodBotsChecks: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			banUnlistedBots: z.boolean().default(true),
+			penalties: z.number().default(100)
+		})]).prefault({ enable: true }),
+		enableBehaviorRateCheck: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			behavioral_window: z.number().default(6e4),
+			behavioral_threshold: z.number().default(30),
+			penalties: z.number().default(60)
+		})]).prefault({ enable: true }),
+		enableProxyIspCookiesChecks: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			penalties: z.object({
+				cookieMissing: z.number().default(80),
+				proxyDetected: z.number().default(40),
+				multiSourceBonus2to3: z.number().default(10),
+				multiSourceBonus4plus: z.number().default(20),
+				hostingDetected: z.number().default(50),
+				ispUnknown: z.number().default(10),
+				orgUnknown: z.number().default(10)
+			}).prefault({})
+		})]).prefault({ enable: true }),
+		enableUaAndHeaderChecks: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			penalties: z.object({
+				headlessBrowser: z.number().default(100),
+				shortUserAgent: z.number().default(80),
+				tlsCheckFailed: z.number().default(60),
+				badUaChecker: z.boolean().default(true)
+			}).prefault({})
+		})]).prefault({ enable: true }),
+		enableBrowserAndDeviceChecks: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			penalties: z.object({
+				cliOrLibrary: z.number().default(100),
+				internetExplorer: z.number().default(100),
+				linuxOs: z.number().default(10),
+				impossibleBrowserCombinations: z.number().default(30),
+				browserTypeUnknown: z.number().default(10),
+				browserNameUnknown: z.number().default(10),
+				desktopWithoutOS: z.number().default(10),
+				deviceVendorUnknown: z.number().default(10),
+				browserVersionUnknown: z.number().default(10),
+				deviceModelUnknown: z.number().default(5)
+			}).prefault({})
+		})]).prefault({ enable: true }),
+		enableGeoChecks: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			bannedCountries: z.array(z.string()).optional().default([]),
+			penalties: z.object({
+				countryUnknown: z.number().default(10),
+				regionUnknown: z.number().default(10),
+				latLonUnknown: z.number().default(10),
+				districtUnknown: z.number().default(10),
+				cityUnknown: z.number().default(10),
+				timezoneUnknown: z.number().default(10),
+				subregionUnknown: z.number().default(10),
+				phoneUnknown: z.number().default(10),
+				continentUnknown: z.number().default(10)
+			}).prefault({})
+		})]).prefault({ enable: true }),
+		enableKnownThreatsDetections: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			penalties: z.object({
+				anonymiseNetwork: z.number().default(20),
+				threatLevels: z.object({
+					criticalLevel1: z.number().default(40),
+					currentAttacksLevel2: z.number().default(30),
+					threatLevel3: z.number().default(20),
+					threatLevel4: z.number().default(10)
+				}).prefault({})
+			}).prefault({})
+		})]).prefault({ enable: true }),
+		enableAsnClassification: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			penalties: z.object({
+				contentClassification: z.number().default(20),
+				unknownClassification: z.number().default(10),
+				lowVisibilityPenalty: z.number().default(10),
+				lowVisibilityThreshold: z.number().default(15),
+				comboHostingLowVisibility: z.number().default(20)
+			}).prefault({})
+		})]).prefault({ enable: true }),
+		enableTorAnalysis: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			penalties: z.object({
+				runningNode: z.number().default(15),
+				exitNode: z.number().default(20),
+				webExitCapable: z.number().default(15),
+				guardNode: z.number().default(10),
+				badExit: z.number().default(40),
+				obsoleteVersion: z.number().default(10)
+			}).prefault({})
+		})]).prefault({ enable: true }),
+		enableTimezoneConsistency: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			penalties: z.number().default(20)
+		})]).prefault({ enable: true }),
+		honeypot: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			paths: z.array(z.string()).default([])
+		})]).prefault({ enable: true }),
+		enableSessionCoherence: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			penalties: z.object({
+				pathMismatch: z.number().default(10),
+				missingReferer: z.number().default(20),
+				domainMismatch: z.number().default(30)
+			}).prefault({})
+		})]).prefault({ enable: true }),
+		enableVelocityFingerprint: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			cvThreshold: z.number().default(.1),
+			penalties: z.number().default(40)
+		})]).prefault({ enable: true }),
+		enableKnownBadIpsCheck: z.discriminatedUnion("enable", [z.object({ enable: z.literal(false) }), z.object({
+			enable: z.literal(true),
+			highRiskPenalty: z.number().default(30)
+		})]).prefault({ enable: true })
+	}),
+	generator: z.object({
+		scoreThreshold: z.number().default(70),
+		generateTypes: z.boolean().default(false),
+		deleteAfterBuild: z.boolean().default(false),
+		mmdbctlPath: z.string().default("mmdbctl")
+	}).prefault({}),
+	headerOptions: z.object({
+		weightPerMustHeader: z.number().default(20),
+		missingBrowserEngine: z.number().default(30),
+		postManOrInsomiaHeaders: z.number().default(50),
+		AJAXHeaderExists: z.number().default(30),
+		connectionHeaderIsClose: z.number().default(20),
+		originHeaderIsNULL: z.number().default(10),
+		originHeaderMismatch: z.number().default(30),
+		omittedAcceptHeader: z.number().default(30),
+		clientHintsMissingForBlink: z.number().default(30),
+		teHeaderUnexpectedForBlink: z.number().default(10),
+		clientHintsUnexpectedForGecko: z.number().default(30),
+		teHeaderMissingForGecko: z.number().default(20),
+		aggressiveCacheControlOnGet: z.number().default(15),
+		crossSiteRequestMissingReferer: z.number().default(10),
+		inconsistentSecFetchMode: z.number().default(20),
+		hostMismatchWeight: z.number().default(40)
+	}).prefault({}),
+	pathTraveler: z.object({
+		maxIterations: z.number().default(3),
+		maxPathLength: z.number().default(1500),
+		pathLengthToLong: z.number().default(100),
+		longDecoding: z.number().default(100),
+		traversalDetected: z.number().default(60)
+	}).prefault({}),
+	punishmentType: z.object({ enableFireWallBan: z.boolean().default(false) }).prefault({}),
+	logLevel: z.enum([
+		"debug",
+		"info",
+		"warn",
+		"error",
+		"fatal"
+	]).default("info")
+});
+
+//#endregion
+//#region src/botDetector/utils/logger.ts
+const LOG_DIR = path$1.resolve(process.cwd(), process.env.LOG_DIR || "bot-detector-logs");
+if (!existsSync(LOG_DIR)) mkdirSync(LOG_DIR, { recursive: true });
+const transport = pino.transport({ targets: [
+	{
+		target: "pino/file",
+		level: "info",
+		options: {
+			destination: `${LOG_DIR}/info.log`,
+			mkdir: true
+		}
+	},
+	{
+		target: "pino/file",
+		level: "warn",
+		options: {
+			destination: `${LOG_DIR}/warn.log`,
+			mkdir: true
+		}
+	},
+	{
+		target: "pino/file",
+		level: "error",
+		options: {
+			destination: `${LOG_DIR}/errors.log`,
+			mkdir: true
+		}
+	}
+] });
+let logger;
+function getLogger() {
+	if (logger) return logger;
+	const { logLevel } = getConfiguration();
+	logger = pino({
+		level: logLevel,
+		timestamp: pino.stdTimeFunctions.isoTime,
+		mixin() {
+			return { uptime: process.uptime() };
+		},
+		redact: {
+			paths: [
+				"*.password",
+				"*.email",
+				"name",
+				"Name",
+				"*.cookies",
+				"*.cookie",
+				"cookies",
+				"cookie",
+				"*.accessToken",
+				"*.refresh_token",
+				"*.secret"
+			],
+			censor: "[SECRET]"
+		}
+	}, transport);
+	return logger;
+}
+
+//#endregion
+//#region src/botDetector/db/dialectUtils.ts
+function isMySQL(db) {
+	return db.dialect === "mysql";
+}
+function isSQLite(db) {
+	return db.dialect === "sqlite";
+}
+/** Convert ? placeholders to $1, $2, for PostgreSQL. */
+function prep(db, sql) {
+	if (db.dialect !== "postgresql") return db.prepare(sql);
+	let i = 0;
+	return db.prepare(sql.replace(/\?/g, () => `$${String(++i)}`));
+}
+/** Generate positional placeholders for a dynamic list of values. */
+function placeholders(db, count, offset = 0) {
+	return Array.from({ length: count }, (_, i) => db.dialect === "postgresql" ? `$${String(offset + i + 1)}` : "?").join(", ");
+}
+
+//#endregion
+//#region src/botDetector/checkers/CheckerRegistry.ts
+let registeredCheckers = [];
+const CheckerRegistry = {
+	register(checker) {
+		consola.log(`Loaded plugin: ${checker.name}`);
+		registeredCheckers.push(checker);
+	},
+	getEnabled(phase, config) {
+		return registeredCheckers.filter((checker) => checker.phase === phase && checker.isEnabled(config));
+	},
+	clear() {
+		registeredCheckers = [];
+	}
+};
+
+//#endregion
+//#region src/botDetector/checkers/badUaChecker.ts
+const SEVERITY_ORDER = [
+	"critical",
+	"high",
+	"medium",
+	"low"
+];
+let patterns = [];
+function loadUaPatterns() {
+	const db = getDataSources().getUserAgentLmdb();
+	const bucketStrings = new Map(SEVERITY_ORDER.map((sev) => [sev, []]));
+	for (const { value } of db.getRange({ limit: 1e4 })) {
+		const sev = value.metadata_severity;
+		bucketStrings.get(sev)?.push(value.useragent_rx);
+	}
+	patterns = SEVERITY_ORDER.map((severity) => {
+		const patterns = bucketStrings.get(severity) ?? [];
+		if (patterns.length === 0) return null;
+		const combined = patterns.map((p) => `(?:${p})`).join("|");
+		return {
+			rx: new RegExp(combined, "i"),
+			severity
+		};
+	}).filter((p) => p !== null);
+}
+var BadUaChecker = class {
+	constructor() {
+		this.name = "Bad User Agent list";
+		this.phase = "heavy";
+	}
+	isEnabled(config) {
+		return config.checkers.knownBadUserAgents.enable;
+	}
+	run(ctx, config) {
+		const { knownBadUserAgents } = config.checkers;
+		const reasons = [];
+		let score = 0;
+		if (!knownBadUserAgents.enable) return {
+			score,
+			reasons
+		};
+		if (patterns.length === 0) loadUaPatterns();
+		const rawUa = ctx.req.get("User-Agent") ?? "";
+		for (const { rx, severity } of patterns) if (rx.test(rawUa)) {
+			reasons.push("BAD_UA_DETECTED");
+			switch (severity) {
+				case "critical":
+					score += knownBadUserAgents.penalties.criticalSeverity;
+					break;
+				case "high":
+					score += knownBadUserAgents.penalties.highSeverity;
+					break;
+				case "medium":
+					score += knownBadUserAgents.penalties.mediumSeverity;
+					break;
+				case "low":
+					score += knownBadUserAgents.penalties.lowSeverity;
+					break;
+			}
+			break;
+		}
+		return {
+			score,
+			reasons
+		};
+	}
+};
+CheckerRegistry.register(new BadUaChecker());
+
+//#endregion
+//#region src/botDetector/config/config.ts
+const { defineConfiguration, getConfiguration } = createConfigManager(configSchema, "Bot Detector");
+let globalDataSources;
+let globalDb;
+function getDb() {
+	if (!globalDb) {
+		consola.trace("Premature getDb() call");
+		throw new Error("DB not ready. Call configuration() first.");
+	}
+	return globalDb;
+}
+function getDataSources() {
+	if (!globalDataSources) {
+		consola.trace("Premature getDataSources() call");
+		throw new Error(`##### Must be initialized globally #####
+      Bot Detector: DataSources not ready. Call configuration() first.`);
+	}
+	return globalDataSources;
+}
+
+//#endregion
+//#region src/botDetector/db/generator.ts
+const MMDB_DIR = path.resolve(getLibraryRoot(), "_data-sources");
+async function buildBannedMmdb(generateTypes, mmdbctlPath) {
+	const log = getLogger().child({
+		service: "BOT DETECTOR",
+		branch: "generator",
+		db: "banned"
+	});
+	const db = getDb();
+	const rows = await db.prepare(`SELECT ip_address, country, user_agent, reason, score
+         FROM banned
+         WHERE ip_address IS NOT NULL`).all();
+	if (rows.length === 0) {
+		log.info("No banned IPs — skipping banned.mmdb");
+		return;
+	}
+	const data = rows.map((r) => ({
+		range: r.ip_address,
+		score: r.score,
+		country: r.country,
+		userAgent: r.user_agent,
+		reason: r.reason,
+		comment: "Automatically generated by @riavzon/botDetector"
+	}));
+	await compiler({
+		type: "mmdb",
+		input: {
+			data,
+			dataBaseName: "banned",
+			outputPath: MMDB_DIR,
+			mmdbPath: mmdbctlPath,
+			generateTypes
+		}
+	});
+	log.info(`banned.mmdb compiled — ${String(data.length)} entries`);
+	if (getConfiguration().generator.deleteAfterBuild) {
+		const compiled = rows.map((r) => r.ip_address);
+		await prep(db, `DELETE FROM banned WHERE ip_address IN (${placeholders(db, compiled.length)})`).run(...compiled);
+		log.info(`Deleted ${String(compiled.length)} rows from banned after build`);
+	}
+}
+async function buildHighRiskMmdb(scoreThreshold, generateTypes, mmdbctlPath) {
+	const log = getLogger().child({
+		service: "BOT DETECTOR",
+		branch: "generator",
+		db: "highRisk"
+	});
+	const db = getDb();
+	const rows = await prep(db, `SELECT
+           ip_address, visitor_id, suspicious_activity_score,
+           country, region, region_name, city, lat, lon, timezone,
+           isp, org, browser, browserType, browserVersion, os,
+           device_type, deviceVendor, deviceModel,
+           proxy, hosting, request_count, first_seen, last_seen
+         FROM visitors
+         WHERE suspicious_activity_score >= ? AND ip_address IS NOT NULL`).all(scoreThreshold);
+	if (rows.length === 0) {
+		log.info(`No high-risk visitors (score >= ${String(scoreThreshold)}) — skipping highRisk.mmdb`);
+		return;
+	}
+	const data = rows.map((r) => ({
+		range: r.ip_address,
+		visitorId: r.visitor_id,
+		score: r.suspicious_activity_score,
+		country: r.country,
+		region: r.region,
+		regionName: r.region_name,
+		city: r.city,
+		lat: r.lat,
+		lon: r.lon,
+		timezone: r.timezone,
+		isp: r.isp,
+		org: r.org,
+		browser: r.browser,
+		browserType: r.browserType,
+		browserVersion: r.browserVersion,
+		os: r.os,
+		deviceType: r.device_type,
+		deviceVendor: r.deviceVendor,
+		deviceModel: r.deviceModel,
+		proxy: Boolean(r.proxy),
+		hosting: Boolean(r.hosting),
+		requestCount: r.request_count,
+		firstSeen: r.first_seen ? r.first_seen.toISOString() : null,
+		lastSeen: r.last_seen ? r.last_seen.toISOString() : null,
+		comment: "Automatically generated by @riavzon/botDetector"
+	}));
+	await compiler({
+		type: "mmdb",
+		input: {
+			data,
+			dataBaseName: "highRisk",
+			outputPath: MMDB_DIR,
+			mmdbPath: mmdbctlPath,
+			generateTypes
+		}
+	});
+	log.info(`highRisk.mmdb compiled — ${String(data.length)} entries`);
+	if (getConfiguration().generator.deleteAfterBuild) {
+		const compiled = rows.map((r) => r.ip_address);
+		await prep(db, `DELETE FROM visitors WHERE ip_address IN (${placeholders(db, compiled.length)}) AND suspicious_activity_score >= ${placeholders(db, 1, compiled.length)}`).run(...compiled, scoreThreshold);
+		log.info(`Deleted ${String(compiled.length)} rows from visitors after build`);
+	}
+}
+async function runCycle() {
+	const log = getLogger().child({
+		service: "BOT DETECTOR",
+		branch: "generator"
+	});
+	const { generator } = getConfiguration();
+	log.info("MMDB generation cycle started");
+	try {
+		await Promise.all([buildBannedMmdb(generator.generateTypes, generator.mmdbctlPath), buildHighRiskMmdb(generator.scoreThreshold, generator.generateTypes, generator.mmdbctlPath)]);
+		log.info("MMDB generation cycle complete");
+	} catch (err) {
+		log.error({ err }, "MMDB generation cycle failed");
+	}
+}
+async function runGeneration() {
+	return runCycle();
+}
+
+//#endregion
+//#region src/botDetector/cli/commands/cleanUp.ts
+const cleanUp = defineCommand({
+	meta: {
+		name: "generate",
+		description: "Run the generator: reads banned and high-risk visitors from your database and compiles them into an optimized binary (based on your generator configuration)"
+	},
+	async run() {
+		const { generator } = getConfiguration();
+		try {
+			execSync(`${generator.mmdbctlPath} --help`, { stdio: "ignore" });
+		} catch {
+			consola.warn(`The configurable mmdbctl path cannot be resolved at ${generator.mmdbctlPath}, You will be prompted to install it.`);
+			const path = await __ensureMmdbctl();
+			consola.box(`mmdbctl installed successfully. Add the next path in generator.mmdbctlPath configuration option and run the command again: ${path}`);
+			process.exit(1);
+		}
+		consola.start("Starting clean up operation...");
+		await runGeneration();
+		consola.success("Success!");
+	}
+});
+
+//#endregion
+//#region src/botDetector/db/schema.ts
+function visitorIdDefault(db) {
+	if (isMySQL(db)) return "NOT NULL DEFAULT (UUID())";
+	if (db.dialect === "postgresql") return "NOT NULL DEFAULT gen_random_uuid()";
+	return "NOT NULL";
+}
+function lastSeenDef(db) {
+	if (isMySQL(db)) return "TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP";
+	if (isSQLite(db)) return "TEXT DEFAULT CURRENT_TIMESTAMP";
+	return "TIMESTAMP DEFAULT CURRENT_TIMESTAMP";
+}
+function tableOptions(db) {
+	return isMySQL(db) ? "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci" : "";
+}
+function timestampType(db) {
+	return isSQLite(db) ? "TEXT" : "TIMESTAMP";
+}
+async function createTables(db) {
+	const visitorId = visitorIdDefault(db);
+	const lastSeen = lastSeenDef(db);
+	const tblOpts = tableOptions(db);
+	const createVisitorsTable = `
+        CREATE TABLE IF NOT EXISTS visitors (
+            visitor_id CHAR(36) ${visitorId},
+            canary_id VARCHAR(64) PRIMARY KEY,
+            ip_address VARCHAR(45),
+            user_agent TEXT,
+            country VARCHAR(64),
+            region VARCHAR(64),
+            region_name VARCHAR(350),
+            city VARCHAR(64),
+            district VARCHAR(260),
+            lat VARCHAR(150),
+            lon VARCHAR(150),
+            timezone VARCHAR(64),
+            currency VARCHAR(64),
+            isp VARCHAR(64),
+            org VARCHAR(64),
+            as_org VARCHAR(64),
+            device_type VARCHAR(64),
+            browser VARCHAR(64),
+            proxy BOOLEAN,
+            hosting BOOLEAN,
+            is_bot BOOLEAN DEFAULT false,
+            first_seen ${timestampType(db)} DEFAULT CURRENT_TIMESTAMP,
+            last_seen ${lastSeen},
+            request_count INT DEFAULT 1,
+            deviceVendor VARCHAR(64) DEFAULT 'unknown',
+            deviceModel VARCHAR(64) DEFAULT 'unknown',
+            browserType VARCHAR(64) DEFAULT 'unknown',
+            browserVersion VARCHAR(64) DEFAULT 'unknown',
+            os VARCHAR(64) DEFAULT 'unknown',
+            suspicious_activity_score INT DEFAULT 0
+        ) ${tblOpts}
+    `;
+	const createBannedTable = `
+        CREATE TABLE IF NOT EXISTS banned (
+            canary_id VARCHAR(64) PRIMARY KEY,
+            ip_address VARCHAR(45),
+            country VARCHAR(64),
+            user_agent TEXT,
+            reason TEXT,
+            score INT DEFAULT NULL,
+            FOREIGN KEY (canary_id) REFERENCES visitors(canary_id)
+        )
+    `;
+	try {
+		await db.exec(createVisitorsTable);
+		await db.exec(createBannedTable);
+		consola.success("Tables created successfully.");
+	} catch (error) {
+		consola.error("Error creating tables:", error);
+		throw error;
+	}
+}
+
+//#endregion
+//#region src/botDetector/cli/commands/makeTables.ts
+const makeTables = defineCommand({
+	meta: {
+		name: "load-schema",
+		description: "Create database tables"
+	},
+	async run() {
+		const db = getDb();
+		consola.start(`Creating tables for ${db.dialect}...`);
+		await createTables(db);
+	}
+});
+
+//#endregion
+//#region src/botDetector/cli/index.ts
+const main = defineCommand({
+	meta: {
+		name: "bot-detector",
+		description: "Automatic traffic analysis and detection",
+		version: "1.0.0"
+	},
+	subCommands: {
+		init: startCommand,
+		refresh: refreshData,
+		generate: cleanUp,
+		"load-schema": makeTables
+	}
+});
+await runMain(main);
+
+//#endregion
+export { main };
+//# sourceMappingURL=index.mjs.map