@riotprompt/riotprompt 0.0.21 → 1.0.0

package/dist/security/rate-limiter.d.ts

@@ -0,0 +1,117 @@
+/**
+ * Rate Limiter Interfaces
+ *
+ * Provides interfaces and basic implementations for rate limiting.
+ * Production applications should use dedicated rate limiting libraries
+ * (e.g., rate-limiter-flexible, express-rate-limit) for distributed systems.
+ *
+ * @packageDocumentation
+ */
+/**
+ * Rate limiter interface
+ * Implementation is left to users (use your preferred library)
+ */
+export interface RateLimiter {
+    /**
+     * Check if request is allowed
+     * @param key - Unique identifier for the rate limit bucket (e.g., user ID, IP)
+     * @returns true if allowed, false if rate limited
+     */
+    check(key: string): Promise<boolean>;
+    /**
+     * Get remaining requests in the current window
+     * @param key - Unique identifier for the rate limit bucket
+     * @returns Number of remaining requests
+     */
+    remaining(key: string): Promise<number>;
+    /**
+     * Reset rate limit for a key
+     * @param key - Unique identifier for the rate limit bucket
+     */
+    reset(key: string): Promise<void>;
+}
+/**
+ * Rate limiter configuration
+ */
+export interface RateLimiterConfig {
+    /** Time window in milliseconds */
+    windowMs: number;
+    /** Maximum requests allowed in the window */
+    maxRequests: number;
+    /** Optional function to generate keys from context */
+    keyGenerator?: (context: unknown) => string;
+}
+/**
+ * No-op rate limiter that always allows requests
+ * Use this as a default when rate limiting is not needed
+ */
+export declare class NoOpRateLimiter implements RateLimiter {
+    check(_key: string): Promise<boolean>;
+    remaining(_key: string): Promise<number>;
+    reset(_key: string): Promise<void>;
+}
+/**
+ * Simple in-memory rate limiter
+ *
+ * **Warning**: This implementation is NOT suitable for production use in
+ * distributed systems. Use a Redis-backed solution for production.
+ *
+ * @example
+ * ```typescript
+ * const limiter = new MemoryRateLimiter({
+ *   windowMs: 60000,  // 1 minute
+ *   maxRequests: 100, // 100 requests per minute
+ * });
+ *
+ * if (await limiter.check('user-123')) {
+ *   // Process request
+ * } else {
+ *   // Rate limited
+ * }
+ * ```
+ */
+export declare class MemoryRateLimiter implements RateLimiter {
+    private requests;
+    private config;
+    private cleanupInterval;
+    constructor(config: RateLimiterConfig);
+    check(key: string): Promise<boolean>;
+    remaining(key: string): Promise<number>;
+    reset(key: string): Promise<void>;
+    /**
+     * Clean up expired entries to prevent memory leaks
+     */
+    private cleanup;
+    /**
+     * Stop the cleanup interval (call when done with the limiter)
+     */
+    destroy(): void;
+}
+/**
+ * Create a rate limiter with the given configuration
+ *
+ * @param config - Rate limiter configuration
+ * @returns Rate limiter instance
+ */
+export declare function createRateLimiter(config: RateLimiterConfig): RateLimiter;
+/**
+ * Create a no-op rate limiter that always allows requests
+ *
+ * @returns No-op rate limiter instance
+ */
+export declare function createNoOpRateLimiter(): RateLimiter;
+/**
+ * Get the global rate limiter instance
+ * Returns a no-op limiter if not configured
+ */
+export declare function getRateLimiter(): RateLimiter;
+/**
+ * Configure the global rate limiter
+ *
+ * @param config - Rate limiter configuration
+ */
+export declare function configureRateLimiter(config: RateLimiterConfig): void;
+/**
+ * Reset the global rate limiter to the default no-op implementation
+ */
+export declare function resetRateLimiter(): void;

package/dist/security/rate-limiter.js

@@ -0,0 +1,165 @@
+/**
+ * Rate Limiter Interfaces
+ * 
+ * Provides interfaces and basic implementations for rate limiting.
+ * Production applications should use dedicated rate limiting libraries
+ * (e.g., rate-limiter-flexible, express-rate-limit) for distributed systems.
+ * 
+ * @packageDocumentation
+ */ /**
+ * Rate limiter interface
+ * Implementation is left to users (use your preferred library)
+ */ function _define_property(obj, key, value) {
+    if (key in obj) {
+        Object.defineProperty(obj, key, {
+            value: value,
+            enumerable: true,
+            configurable: true,
+            writable: true
+        });
+    } else {
+        obj[key] = value;
+    }
+    return obj;
+}
+/**
+ * No-op rate limiter that always allows requests
+ * Use this as a default when rate limiting is not needed
+ */ class NoOpRateLimiter {
+    async check(_key) {
+        return true;
+    }
+    async remaining(_key) {
+        return Number.MAX_SAFE_INTEGER;
+    }
+    async reset(_key) {
+    // No-op
+    }
+}
+/**
+ * Simple in-memory rate limiter
+ * 
+ * **Warning**: This implementation is NOT suitable for production use in
+ * distributed systems. Use a Redis-backed solution for production.
+ * 
+ * @example
+ * ```typescript
+ * const limiter = new MemoryRateLimiter({
+ *   windowMs: 60000,  // 1 minute
+ *   maxRequests: 100, // 100 requests per minute
+ * });
+ * 
+ * if (await limiter.check('user-123')) {
+ *   // Process request
+ * } else {
+ *   // Rate limited
+ * }
+ * ```
+ */ class MemoryRateLimiter {
+    async check(key) {
+        const now = Date.now();
+        const record = this.requests.get(key);
+        // No record or expired - create new window
+        if (!record || record.resetAt < now) {
+            this.requests.set(key, {
+                count: 1,
+                resetAt: now + this.config.windowMs
+            });
+            return true;
+        }
+        // Check if limit exceeded
+        if (record.count >= this.config.maxRequests) {
+            return false;
+        }
+        // Increment count
+        record.count++;
+        return true;
+    }
+    async remaining(key) {
+        const record = this.requests.get(key);
+        if (!record || record.resetAt < Date.now()) {
+            return this.config.maxRequests;
+        }
+        return Math.max(0, this.config.maxRequests - record.count);
+    }
+    async reset(key) {
+        this.requests.delete(key);
+    }
+    /**
+     * Clean up expired entries to prevent memory leaks
+     */ cleanup() {
+        const now = Date.now();
+        for (const [key, record] of this.requests.entries()){
+            if (record.resetAt < now) {
+                this.requests.delete(key);
+            }
+        }
+    }
+    /**
+     * Stop the cleanup interval (call when done with the limiter)
+     */ destroy() {
+        if (this.cleanupInterval) {
+            clearInterval(this.cleanupInterval);
+            this.cleanupInterval = null;
+        }
+        this.requests.clear();
+    }
+    constructor(config){
+        _define_property(this, "requests", new Map());
+        _define_property(this, "config", void 0);
+        _define_property(this, "cleanupInterval", null);
+        this.config = config;
+        // Periodically clean up expired entries
+        this.cleanupInterval = setInterval(()=>{
+            this.cleanup();
+        }, config.windowMs);
+    }
+}
+/**
+ * Create a rate limiter with the given configuration
+ * 
+ * @param config - Rate limiter configuration
+ * @returns Rate limiter instance
+ */ function createRateLimiter(config) {
+    return new MemoryRateLimiter(config);
+}
+/**
+ * Create a no-op rate limiter that always allows requests
+ * 
+ * @returns No-op rate limiter instance
+ */ function createNoOpRateLimiter() {
+    return new NoOpRateLimiter();
+}
+// Global rate limiter instance
+let globalRateLimiter = null;
+/**
+ * Get the global rate limiter instance
+ * Returns a no-op limiter if not configured
+ */ function getRateLimiter() {
+    if (!globalRateLimiter) {
+        globalRateLimiter = new NoOpRateLimiter();
+    }
+    return globalRateLimiter;
+}
+/**
+ * Configure the global rate limiter
+ * 
+ * @param config - Rate limiter configuration
+ */ function configureRateLimiter(config) {
+    // Clean up existing limiter if it's a MemoryRateLimiter
+    if (globalRateLimiter instanceof MemoryRateLimiter) {
+        globalRateLimiter.destroy();
+    }
+    globalRateLimiter = new MemoryRateLimiter(config);
+}
+/**
+ * Reset the global rate limiter to the default no-op implementation
+ */ function resetRateLimiter() {
+    if (globalRateLimiter instanceof MemoryRateLimiter) {
+        globalRateLimiter.destroy();
+    }
+    globalRateLimiter = null;
+}
+
+export { MemoryRateLimiter, NoOpRateLimiter, configureRateLimiter, createNoOpRateLimiter, createRateLimiter, getRateLimiter, resetRateLimiter };
+//# sourceMappingURL=rate-limiter.js.map

package/dist/security/rate-limiter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limiter.js","sources":["../../src/security/rate-limiter.ts"],"sourcesContent":["/**\n * Rate Limiter Interfaces\n * \n * Provides interfaces and basic implementations for rate limiting.\n * Production applications should use dedicated rate limiting libraries\n * (e.g., rate-limiter-flexible, express-rate-limit) for distributed systems.\n * \n * @packageDocumentation\n */\n\n/**\n * Rate limiter interface\n * Implementation is left to users (use your preferred library)\n */\nexport interface RateLimiter {\n    /**\n     * Check if request is allowed\n     * @param key - Unique identifier for the rate limit bucket (e.g., user ID, IP)\n     * @returns true if allowed, false if rate limited\n     */\n    check(key: string): Promise<boolean>;\n\n    /**\n     * Get remaining requests in the current window\n     * @param key - Unique identifier for the rate limit bucket\n     * @returns Number of remaining requests\n     */\n    remaining(key: string): Promise<number>;\n\n    /**\n     * Reset rate limit for a key\n     * @param key - Unique identifier for the rate limit bucket\n     */\n    reset(key: string): Promise<void>;\n}\n\n/**\n * Rate limiter configuration\n */\nexport interface RateLimiterConfig {\n    /** Time window in milliseconds */\n    windowMs: number;\n    /** Maximum requests allowed in the window */\n    maxRequests: number;\n    /** Optional function to generate keys from context */\n    keyGenerator?: (context: unknown) => string;\n}\n\n/**\n * No-op rate limiter that always allows requests\n * Use this as a default when rate limiting is not needed\n */\nexport class NoOpRateLimiter implements RateLimiter {\n    async check(_key: string): Promise<boolean> {\n        return true;\n    }\n\n    async remaining(_key: string): Promise<number> {\n        return Number.MAX_SAFE_INTEGER;\n    }\n\n    async reset(_key: string): Promise<void> {\n        // No-op\n    }\n}\n\ninterface RateLimitRecord {\n    count: number;\n    resetAt: number;\n}\n\n/**\n * Simple in-memory rate limiter\n * \n * **Warning**: This implementation is NOT suitable for production use in\n * distributed systems. Use a Redis-backed solution for production.\n * \n * @example\n * ```typescript\n * const limiter = new MemoryRateLimiter({\n *   windowMs: 60000,  // 1 minute\n *   maxRequests: 100, // 100 requests per minute\n * });\n * \n * if (await limiter.check('user-123')) {\n *   // Process request\n * } else {\n *   // Rate limited\n * }\n * ```\n */\nexport class MemoryRateLimiter implements RateLimiter {\n    private requests: Map<string, RateLimitRecord> = new Map();\n    private config: RateLimiterConfig;\n    private cleanupInterval: ReturnType<typeof setInterval> | null = null;\n\n    constructor(config: RateLimiterConfig) {\n        this.config = config;\n        \n        // Periodically clean up expired entries\n        this.cleanupInterval = setInterval(() => {\n            this.cleanup();\n        }, config.windowMs);\n    }\n\n    async check(key: string): Promise<boolean> {\n        const now = Date.now();\n        const record = this.requests.get(key);\n\n        // No record or expired - create new window\n        if (!record || record.resetAt < now) {\n            this.requests.set(key, { count: 1, resetAt: now + this.config.windowMs });\n            return true;\n        }\n\n        // Check if limit exceeded\n        if (record.count >= this.config.maxRequests) {\n            return false;\n        }\n\n        // Increment count\n        record.count++;\n        return true;\n    }\n\n    async remaining(key: string): Promise<number> {\n        const record = this.requests.get(key);\n        if (!record || record.resetAt < Date.now()) {\n            return this.config.maxRequests;\n        }\n        return Math.max(0, this.config.maxRequests - record.count);\n    }\n\n    async reset(key: string): Promise<void> {\n        this.requests.delete(key);\n    }\n\n    /**\n     * Clean up expired entries to prevent memory leaks\n     */\n    private cleanup(): void {\n        const now = Date.now();\n        for (const [key, record] of this.requests.entries()) {\n            if (record.resetAt < now) {\n                this.requests.delete(key);\n            }\n        }\n    }\n\n    /**\n     * Stop the cleanup interval (call when done with the limiter)\n     */\n    destroy(): void {\n        if (this.cleanupInterval) {\n            clearInterval(this.cleanupInterval);\n            this.cleanupInterval = null;\n        }\n        this.requests.clear();\n    }\n}\n\n/**\n * Create a rate limiter with the given configuration\n * \n * @param config - Rate limiter configuration\n * @returns Rate limiter instance\n */\nexport function createRateLimiter(config: RateLimiterConfig): RateLimiter {\n    return new MemoryRateLimiter(config);\n}\n\n/**\n * Create a no-op rate limiter that always allows requests\n * \n * @returns No-op rate limiter instance\n */\nexport function createNoOpRateLimiter(): RateLimiter {\n    return new NoOpRateLimiter();\n}\n\n// Global rate limiter instance\nlet globalRateLimiter: RateLimiter | null = null;\n\n/**\n * Get the global rate limiter instance\n * Returns a no-op limiter if not configured\n */\nexport function getRateLimiter(): RateLimiter {\n    if (!globalRateLimiter) {\n        globalRateLimiter = new NoOpRateLimiter();\n    }\n    return globalRateLimiter;\n}\n\n/**\n * Configure the global rate limiter\n * \n * @param config - Rate limiter configuration\n */\nexport function configureRateLimiter(config: RateLimiterConfig): void {\n    // Clean up existing limiter if it's a MemoryRateLimiter\n    if (globalRateLimiter instanceof MemoryRateLimiter) {\n        globalRateLimiter.destroy();\n    }\n    globalRateLimiter = new MemoryRateLimiter(config);\n}\n\n/**\n * Reset the global rate limiter to the default no-op implementation\n */\nexport function resetRateLimiter(): void {\n    if (globalRateLimiter instanceof MemoryRateLimiter) {\n        globalRateLimiter.destroy();\n    }\n    globalRateLimiter = null;\n}\n\n"],"names":["NoOpRateLimiter","check","_key","remaining","Number","MAX_SAFE_INTEGER","reset","MemoryRateLimiter","key","now","Date","record","requests","get","resetAt","set","count","config","windowMs","maxRequests","Math","max","delete","cleanup","entries","destroy","cleanupInterval","clearInterval","clear","Map","setInterval","createRateLimiter","createNoOpRateLimiter","globalRateLimiter","getRateLimiter","configureRateLimiter","resetRateLimiter"],"mappings":"AAAA;;;;;;;;;;;AAaC,IAAA,SAAA,gBAAA,CAAA,GAAA,EAAA,GAAA,EAAA,KAAA,EAAA;;;;;;;;;;;;;AAmCD;;;AAGC,IACM,MAAMA,eAAAA,CAAAA;IACT,MAAMC,KAAAA,CAAMC,IAAY,EAAoB;QACxC,OAAO,IAAA;AACX,IAAA;IAEA,MAAMC,SAAAA,CAAUD,IAAY,EAAmB;AAC3C,QAAA,OAAOE,OAAOC,gBAAgB;AAClC,IAAA;IAEA,MAAMC,KAAAA,CAAMJ,IAAY,EAAiB;;AAEzC,IAAA;AACJ;AAOA;;;;;;;;;;;;;;;;;;;AAmBC,IACM,MAAMK,iBAAAA,CAAAA;IAcT,MAAMN,KAAAA,CAAMO,GAAW,EAAoB;QACvC,MAAMC,GAAAA,GAAMC,KAAKD,GAAG,EAAA;AACpB,QAAA,MAAME,SAAS,IAAI,CAACC,QAAQ,CAACC,GAAG,CAACL,GAAAA,CAAAA;;AAGjC,QAAA,IAAI,CAACG,MAAAA,IAAUA,MAAAA,CAAOG,OAAO,GAAGL,GAAAA,EAAK;AACjC,YAAA,IAAI,CAACG,QAAQ,CAACG,GAAG,CAACP,GAAAA,EAAK;gBAAEQ,KAAAA,EAAO,CAAA;AAAGF,gBAAAA,OAAAA,EAASL,GAAAA,GAAM,IAAI,CAACQ,MAAM,CAACC;AAAS,aAAA,CAAA;YACvE,OAAO,IAAA;AACX,QAAA;;QAGA,IAAIP,MAAAA,CAAOK,KAAK,IAAI,IAAI,CAACC,MAAM,CAACE,WAAW,EAAE;YACzC,OAAO,KAAA;AACX,QAAA;;AAGAR,QAAAA,MAAAA,CAAOK,KAAK,EAAA;QACZ,OAAO,IAAA;AACX,IAAA;IAEA,MAAMb,SAAAA,CAAUK,GAAW,EAAmB;AAC1C,QAAA,MAAMG,SAAS,IAAI,CAACC,QAAQ,CAACC,GAAG,CAACL,GAAAA,CAAAA;AACjC,QAAA,IAAI,CAACG,MAAAA,IAAUA,MAAAA,CAAOG,OAAO,GAAGJ,IAAAA,CAAKD,GAAG,EAAA,EAAI;AACxC,YAAA,OAAO,IAAI,CAACQ,MAAM,CAACE,WAAW;AAClC,QAAA;QACA,OAAOC,IAAAA,CAAKC,GAAG,CAAC,CAAA,EAAG,IAAI,CAACJ,MAAM,CAACE,WAAW,GAAGR,MAAAA,CAAOK,KAAK,CAAA;AAC7D,IAAA;IAEA,MAAMV,KAAAA,CAAME,GAAW,EAAiB;AACpC,QAAA,IAAI,CAACI,QAAQ,CAACU,MAAM,CAACd,GAAAA,CAAAA;AACzB,IAAA;AAEA;;AAEC,QACD,OAAQe,GAAgB;QACpB,MAAMd,GAAAA,GAAMC,KAAKD,GAAG,EAAA;QACpB,KAAK,MAAM,CAACD,GAAAA,EAAKG,MAAAA,CAAO,IAAI,IAAI,CAACC,QAAQ,CAACY,OAAO,EAAA,CAAI;YACjD,IAAIb,MAAAA,CAAOG,OAAO,GAAGL,GAAAA,EAAK;AACtB,gBAAA,IAAI,CAACG,QAAQ,CAACU,MAAM,CAACd,GAAAA,CAAAA;AACzB,YAAA;AACJ,QAAA;AACJ,IAAA;AAEA;;AAEC,QACDiB,OAAAA,GAAgB;QACZ,IAAI,IAAI,CAACC,eAAe,EAAE;YACtBC,aAAAA,CAAc,IAAI,CAACD,eAAe,CAAA;YAClC,IAAI,CAACA,eAAe,GAAG,IAAA;AAC3B,QAAA;QACA,IAAI,CAACd,QAAQ,CAACgB,KAAK,EAAA;AACvB,IAAA;AA9DA,IAAA,WAAA,CAAYX,MAAyB,CAAE;AAJvC,QAAA,gBAAA,CAAA,IAAA,EAAQL,YAAyC,IAAIiB,GAAAA,EAAAA,CAAAA;AACrD,QAAA,gBAAA,CAAA,IAAA,EAAQZ,UAAR,MAAA,CAAA;AACA,QAAA,gBAAA,CAAA,IAAA,EAAQS,iBAAAA,EAAyD,IAAA,CAAA;QAG7D,IAAI,CAACT,MAAM,GAAGA,MAAAA;;QAGd,IAAI,CAACS,eAAe,GAAGI,WAAAA,CAAY,IAAA;AAC/B,YAAA,IAAI,CAACP,OAAO,EAAA;AAChB,QAAA,CAAA,EAAGN,OAAOC,QAAQ,CAAA;AACtB,IAAA;AAwDJ;AAEA;;;;;IAMO,SAASa,iBAAAA,CAAkBd,MAAyB,EAAA;AACvD,IAAA,OAAO,IAAIV,iBAAAA,CAAkBU,MAAAA,CAAAA;AACjC;AAEA;;;;AAIC,IACM,SAASe,qBAAAA,GAAAA;AACZ,IAAA,OAAO,IAAIhC,eAAAA,EAAAA;AACf;AAEA;AACA,IAAIiC,iBAAAA,GAAwC,IAAA;AAE5C;;;AAGC,IACM,SAASC,cAAAA,GAAAA;AACZ,IAAA,IAAI,CAACD,iBAAAA,EAAmB;AACpBA,QAAAA,iBAAAA,GAAoB,IAAIjC,eAAAA,EAAAA;AAC5B,IAAA;IACA,OAAOiC,iBAAAA;AACX;AAEA;;;;IAKO,SAASE,oBAAAA,CAAqBlB,MAAyB,EAAA;;AAE1D,IAAA,IAAIgB,6BAA6B1B,iBAAAA,EAAmB;AAChD0B,QAAAA,iBAAAA,CAAkBR,OAAO,EAAA;AAC7B,IAAA;AACAQ,IAAAA,iBAAAA,GAAoB,IAAI1B,iBAAAA,CAAkBU,MAAAA,CAAAA;AAC9C;AAEA;;AAEC,IACM,SAASmB,gBAAAA,GAAAA;AACZ,IAAA,IAAIH,6BAA6B1B,iBAAAA,EAAmB;AAChD0B,QAAAA,iBAAAA,CAAkBR,OAAO,EAAA;AAC7B,IAAA;IACAQ,iBAAAA,GAAoB,IAAA;AACxB;;;;"}

package/dist/security/serialization-schemas.d.ts

@@ -0,0 +1,183 @@
+import { z } from 'zod';
+/**
+ * Schema version for forward compatibility
+ */
+export declare const SCHEMA_VERSION = "1.0.0";
+/**
+ * Maximum sizes for serialized data
+ */
+export declare const SERIALIZATION_LIMITS: {
+    maxContentLength: number;
+    maxArgumentsLength: number;
+    maxMessages: number;
+    maxContextItems: number;
+    maxStringLength: number;
+    maxToolCalls: number;
+};
+/**
+ * Tool call schema
+ */
+export declare const ToolCallSchema: z.ZodObject<{
+    id: z.ZodString;
+    type: z.ZodLiteral<"function">;
+    function: z.ZodObject<{
+        name: z.ZodString;
+        arguments: z.ZodString;
+    }, z.core.$strip>;
+}, z.core.$strip>;
+export type ToolCall = z.infer<typeof ToolCallSchema>;
+/**
+ * Conversation message schema
+ */
+export declare const ConversationMessageSchema: z.ZodObject<{
+    role: z.ZodEnum<{
+        system: "system";
+        user: "user";
+        assistant: "assistant";
+        tool: "tool";
+    }>;
+    content: z.ZodNullable<z.ZodString>;
+    name: z.ZodOptional<z.ZodString>;
+    tool_calls: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        type: z.ZodLiteral<"function">;
+        function: z.ZodObject<{
+            name: z.ZodString;
+            arguments: z.ZodString;
+        }, z.core.$strip>;
+    }, z.core.$strip>>>;
+    tool_call_id: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+export type ConversationMessage = z.infer<typeof ConversationMessageSchema>;
+/**
+ * Conversation metadata schema
+ */
+export declare const ConversationMetadataSchema: z.ZodObject<{
+    model: z.ZodString;
+    created: z.ZodString;
+    lastModified: z.ZodString;
+    messageCount: z.ZodNumber;
+    toolCallCount: z.ZodNumber;
+}, z.core.$strip>;
+export type ConversationMetadata = z.infer<typeof ConversationMetadataSchema>;
+/**
+ * Serialized conversation schema
+ */
+export declare const SerializedConversationSchema: z.ZodObject<{
+    version: z.ZodOptional<z.ZodString>;
+    messages: z.ZodArray<z.ZodObject<{
+        role: z.ZodEnum<{
+            system: "system";
+            user: "user";
+            assistant: "assistant";
+            tool: "tool";
+        }>;
+        content: z.ZodNullable<z.ZodString>;
+        name: z.ZodOptional<z.ZodString>;
+        tool_calls: z.ZodOptional<z.ZodArray<z.ZodObject<{
+            id: z.ZodString;
+            type: z.ZodLiteral<"function">;
+            function: z.ZodObject<{
+                name: z.ZodString;
+                arguments: z.ZodString;
+            }, z.core.$strip>;
+        }, z.core.$strip>>>;
+        tool_call_id: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>>;
+    metadata: z.ZodObject<{
+        model: z.ZodString;
+        created: z.ZodString;
+        lastModified: z.ZodString;
+        messageCount: z.ZodNumber;
+        toolCallCount: z.ZodNumber;
+    }, z.core.$strip>;
+    contextProvided: z.ZodOptional<z.ZodArray<z.ZodString>>;
+}, z.core.$strip>;
+export type SerializedConversation = z.infer<typeof SerializedConversationSchema>;
+/**
+ * Prompt serialization schema (flexible for various prompt structures)
+ */
+export declare const SerializedPromptSchema: z.ZodObject<{
+    version: z.ZodOptional<z.ZodString>;
+    persona: z.ZodOptional<z.ZodAny>;
+    instructions: z.ZodOptional<z.ZodAny>;
+    contexts: z.ZodOptional<z.ZodAny>;
+    content: z.ZodOptional<z.ZodAny>;
+}, z.core.$strip>;
+export type SerializedPrompt = z.infer<typeof SerializedPromptSchema>;
+/**
+ * Logged conversation schema (for conversation-logger)
+ */
+export declare const LoggedConversationSchema: z.ZodObject<{
+    id: z.ZodString;
+    metadata: z.ZodObject<{
+        startTime: z.ZodUnion<readonly [z.ZodString, z.ZodDate]>;
+        endTime: z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodDate]>>;
+        duration: z.ZodOptional<z.ZodNumber>;
+        model: z.ZodString;
+        template: z.ZodOptional<z.ZodString>;
+        userContext: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
+    }, z.core.$strip>;
+    prompt: z.ZodOptional<z.ZodObject<{
+        persona: z.ZodOptional<z.ZodString>;
+        instructions: z.ZodOptional<z.ZodString>;
+        content: z.ZodOptional<z.ZodArray<z.ZodString>>;
+        context: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    }, z.core.$strip>>;
+    messages: z.ZodArray<z.ZodObject<{
+        index: z.ZodNumber;
+        timestamp: z.ZodString;
+        role: z.ZodString;
+        content: z.ZodNullable<z.ZodString>;
+        tool_calls: z.ZodOptional<z.ZodArray<z.ZodObject<{
+            id: z.ZodString;
+            type: z.ZodLiteral<"function">;
+            function: z.ZodObject<{
+                name: z.ZodString;
+                arguments: z.ZodString;
+            }, z.core.$strip>;
+        }, z.core.$strip>>>;
+        tool_call_id: z.ZodOptional<z.ZodString>;
+        metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
+    }, z.core.$strip>>;
+    summary: z.ZodObject<{
+        totalMessages: z.ZodNumber;
+        totalTokens: z.ZodOptional<z.ZodNumber>;
+        toolCallsExecuted: z.ZodNumber;
+        iterations: z.ZodNumber;
+        finalOutput: z.ZodOptional<z.ZodString>;
+        success: z.ZodBoolean;
+    }, z.core.$strip>;
+}, z.core.$strip>;
+export type LoggedConversation = z.infer<typeof LoggedConversationSchema>;
+/**
+ * Validate serialized conversation data
+ *
+ * @param data - The data to validate
+ * @returns Validation result
+ */
+export declare function validateConversation(data: unknown): {
+    success: boolean;
+    data?: SerializedConversation;
+    error?: string;
+};
+/**
+ * Validate logged conversation data
+ *
+ * @param data - The data to validate
+ * @returns Validation result
+ */
+export declare function validateLoggedConversation(data: unknown): {
+    success: boolean;
+    data?: LoggedConversation;
+    error?: string;
+};
+/**
+ * Safe JSON parse with schema validation
+ *
+ * @param json - JSON string to parse
+ * @param schema - Zod schema to validate against
+ * @returns Parsed and validated data
+ * @throws Error if parsing or validation fails
+ */
+export declare function safeJsonParse<T>(json: string, schema: z.ZodSchema<T>): T;

package/dist/security/serialization-schemas.js

@@ -0,0 +1,174 @@
+import { z } from 'zod';
+
+/**
+ * Schema version for forward compatibility
+ */ const SCHEMA_VERSION = '1.0.0';
+/**
+ * Maximum sizes for serialized data
+ */ const SERIALIZATION_LIMITS = {
+    maxContentLength: 1000000,
+    maxArgumentsLength: 100000,
+    maxMessages: 10000,
+    maxContextItems: 1000,
+    maxStringLength: 100,
+    maxToolCalls: 100
+};
+/**
+ * Tool call schema
+ */ const ToolCallSchema = z.object({
+    id: z.string().max(SERIALIZATION_LIMITS.maxStringLength),
+    type: z.literal('function'),
+    function: z.object({
+        name: z.string().max(SERIALIZATION_LIMITS.maxStringLength),
+        arguments: z.string().max(SERIALIZATION_LIMITS.maxArgumentsLength)
+    })
+});
+/**
+ * Conversation message schema
+ */ const ConversationMessageSchema = z.object({
+    role: z.enum([
+        'system',
+        'user',
+        'assistant',
+        'tool'
+    ]),
+    content: z.string().nullable().refine((val)=>val === null || val.length <= SERIALIZATION_LIMITS.maxContentLength, {
+        message: `Content exceeds maximum length of ${SERIALIZATION_LIMITS.maxContentLength}`
+    }),
+    name: z.string().max(SERIALIZATION_LIMITS.maxStringLength).optional(),
+    tool_calls: z.array(ToolCallSchema).max(SERIALIZATION_LIMITS.maxToolCalls).optional(),
+    tool_call_id: z.string().max(SERIALIZATION_LIMITS.maxStringLength).optional()
+});
+/**
+ * Conversation metadata schema
+ */ const ConversationMetadataSchema = z.object({
+    model: z.string().max(SERIALIZATION_LIMITS.maxStringLength),
+    created: z.string().datetime(),
+    lastModified: z.string().datetime(),
+    messageCount: z.number().int().nonnegative(),
+    toolCallCount: z.number().int().nonnegative()
+});
+/**
+ * Serialized conversation schema
+ */ const SerializedConversationSchema = z.object({
+    // Optional version for forward compatibility
+    version: z.string().optional(),
+    messages: z.array(ConversationMessageSchema).max(SERIALIZATION_LIMITS.maxMessages),
+    metadata: ConversationMetadataSchema,
+    contextProvided: z.array(z.string().max(1000)).max(SERIALIZATION_LIMITS.maxContextItems).optional()
+});
+/**
+ * Prompt serialization schema (flexible for various prompt structures)
+ */ const SerializedPromptSchema = z.object({
+    version: z.string().optional(),
+    persona: z.any().optional(),
+    instructions: z.any().optional(),
+    contexts: z.any().optional(),
+    content: z.any().optional()
+});
+/**
+ * Logged conversation schema (for conversation-logger)
+ */ const LoggedConversationSchema = z.object({
+    id: z.string().max(200),
+    metadata: z.object({
+        startTime: z.union([
+            z.string().datetime(),
+            z.date()
+        ]),
+        endTime: z.union([
+            z.string().datetime(),
+            z.date()
+        ]).optional(),
+        duration: z.number().nonnegative().optional(),
+        model: z.string().max(SERIALIZATION_LIMITS.maxStringLength),
+        template: z.string().max(SERIALIZATION_LIMITS.maxStringLength).optional(),
+        userContext: z.record(z.string(), z.any()).optional()
+    }),
+    prompt: z.object({
+        persona: z.string().optional(),
+        instructions: z.string().optional(),
+        content: z.array(z.string()).optional(),
+        context: z.array(z.string()).optional()
+    }).optional(),
+    messages: z.array(z.object({
+        index: z.number().int().nonnegative(),
+        timestamp: z.string(),
+        role: z.string(),
+        content: z.string().nullable(),
+        tool_calls: z.array(ToolCallSchema).optional(),
+        tool_call_id: z.string().optional(),
+        metadata: z.record(z.string(), z.any()).optional()
+    })).max(SERIALIZATION_LIMITS.maxMessages),
+    summary: z.object({
+        totalMessages: z.number().int().nonnegative(),
+        totalTokens: z.number().int().nonnegative().optional(),
+        toolCallsExecuted: z.number().int().nonnegative(),
+        iterations: z.number().int().nonnegative(),
+        finalOutput: z.string().optional(),
+        success: z.boolean()
+    })
+});
+/**
+ * Validate serialized conversation data
+ *
+ * @param data - The data to validate
+ * @returns Validation result
+ */ function validateConversation(data) {
+    const result = SerializedConversationSchema.safeParse(data);
+    if (result.success) {
+        return {
+            success: true,
+            data: result.data
+        };
+    }
+    // Create safe error message (don't leak full schema details)
+    const issues = result.error.issues.slice(0, 3) // Limit to first 3 issues
+    .map((i)=>`${i.path.join('.')}: ${i.message}`).join('; ');
+    return {
+        success: false,
+        error: issues
+    };
+}
+/**
+ * Validate logged conversation data
+ *
+ * @param data - The data to validate
+ * @returns Validation result
+ */ function validateLoggedConversation(data) {
+    const result = LoggedConversationSchema.safeParse(data);
+    if (result.success) {
+        return {
+            success: true,
+            data: result.data
+        };
+    }
+    const issues = result.error.issues.slice(0, 3).map((i)=>`${i.path.join('.')}: ${i.message}`).join('; ');
+    return {
+        success: false,
+        error: issues
+    };
+}
+/**
+ * Safe JSON parse with schema validation
+ *
+ * @param json - JSON string to parse
+ * @param schema - Zod schema to validate against
+ * @returns Parsed and validated data
+ * @throws Error if parsing or validation fails
+ */ function safeJsonParse(json, schema) {
+    let parsed;
+    try {
+        parsed = JSON.parse(json);
+    } catch  {
+        throw new Error('Invalid JSON format');
+    }
+    const result = schema.safeParse(parsed);
+    if (!result.success) {
+        const issues = result.error.issues.slice(0, 3).map((i)=>`${i.path.join('.')}: ${i.message}`).join('; ');
+        throw new Error(`Validation failed: ${issues}`);
+    }
+    return result.data;
+}
+
+export { ConversationMessageSchema, ConversationMetadataSchema, LoggedConversationSchema, SCHEMA_VERSION, SERIALIZATION_LIMITS, SerializedConversationSchema, SerializedPromptSchema, ToolCallSchema, safeJsonParse, validateConversation, validateLoggedConversation };
+//# sourceMappingURL=serialization-schemas.js.map