npm - @sparkleideas/security - Versions diffs - 3.0.0-alpha.22 → 3.0.0-alpha.49 - Mend

@sparkleideas/security 3.0.0-alpha.22 → 3.0.0-alpha.49

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (54) hide show

package/dist/CVE-REMEDIATION.d.ts +86 -0
package/dist/CVE-REMEDIATION.d.ts.map +1 -0
package/dist/CVE-REMEDIATION.js +221 -0
package/dist/CVE-REMEDIATION.js.map +1 -0
package/dist/application/index.d.ts +7 -0
package/dist/application/index.d.ts.map +1 -0
package/dist/application/index.js +7 -0
package/dist/application/index.js.map +1 -0
package/dist/application/services/security-application-service.d.ts +71 -0
package/dist/application/services/security-application-service.d.ts.map +1 -0
package/dist/application/services/security-application-service.js +153 -0
package/dist/application/services/security-application-service.js.map +1 -0
package/dist/credential-generator.d.ts +176 -0
package/dist/credential-generator.d.ts.map +1 -0
package/dist/credential-generator.js +272 -0
package/dist/credential-generator.js.map +1 -0
package/dist/domain/entities/security-context.d.ts +68 -0
package/dist/domain/entities/security-context.d.ts.map +1 -0
package/dist/domain/entities/security-context.js +132 -0
package/dist/domain/entities/security-context.js.map +1 -0
package/dist/domain/index.d.ts +8 -0
package/dist/domain/index.d.ts.map +1 -0
package/dist/domain/index.js +8 -0
package/dist/domain/index.js.map +1 -0
package/dist/domain/services/security-domain-service.d.ts +71 -0
package/dist/domain/services/security-domain-service.d.ts.map +1 -0
package/dist/domain/services/security-domain-service.js +237 -0
package/dist/domain/services/security-domain-service.js.map +1 -0
package/dist/index.d.ts +119 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +145 -0
package/dist/index.js.map +1 -0
package/dist/input-validator.d.ts +338 -0
package/dist/input-validator.d.ts.map +1 -0
package/dist/input-validator.js +393 -0
package/dist/input-validator.js.map +1 -0
package/dist/password-hasher.d.ts +128 -0
package/dist/password-hasher.d.ts.map +1 -0
package/dist/password-hasher.js +183 -0
package/dist/password-hasher.js.map +1 -0
package/dist/path-validator.d.ts +148 -0
package/dist/path-validator.d.ts.map +1 -0
package/dist/path-validator.js +421 -0
package/dist/path-validator.js.map +1 -0
package/dist/safe-executor.d.ts +173 -0
package/dist/safe-executor.d.ts.map +1 -0
package/dist/safe-executor.js +370 -0
package/dist/safe-executor.js.map +1 -0
package/dist/token-generator.d.ts +224 -0
package/dist/token-generator.d.ts.map +1 -0
package/dist/token-generator.js +351 -0
package/dist/token-generator.js.map +1 -0
package/package.json +1 -1
package/tsconfig.build.tsbuildinfo +1 -0

package/dist/input-validator.d.ts ADDED Viewed

@@ -0,0 +1,338 @@
+/**
+ * Input Validator - Comprehensive Input Validation
+ *
+ * Provides Zod-based validation schemas for all security-critical inputs.
+ *
+ * Security Properties:
+ * - Type-safe validation
+ * - Custom error messages
+ * - Sanitization transforms
+ * - Reusable schemas
+ *
+ * @module v3/security/input-validator
+ */
+import { z } from 'zod';
+/**
+ * Common validation patterns as reusable regex
+ */
+declare const PATTERNS: {
+    SAFE_IDENTIFIER: RegExp;
+    SAFE_FILENAME: RegExp;
+    SAFE_PATH_SEGMENT: RegExp;
+    NO_SHELL_CHARS: RegExp;
+    SEMVER: RegExp;
+};
+/**
+ * Validation limits
+ */
+declare const LIMITS: {
+    MIN_PASSWORD_LENGTH: number;
+    MAX_PASSWORD_LENGTH: number;
+    MAX_EMAIL_LENGTH: number;
+    MAX_IDENTIFIER_LENGTH: number;
+    MAX_PATH_LENGTH: number;
+    MAX_CONTENT_LENGTH: number;
+    MAX_ARRAY_LENGTH: number;
+    MAX_OBJECT_KEYS: number;
+};
+/**
+ * Safe string that cannot contain shell metacharacters
+ */
+export declare const SafeStringSchema: z.ZodString;
+/**
+ * Safe identifier for IDs, names, etc.
+ */
+export declare const IdentifierSchema: z.ZodString;
+/**
+ * Safe filename
+ */
+export declare const FilenameSchema: z.ZodString;
+/**
+ * Email schema with length limit
+ */
+export declare const EmailSchema: z.ZodString;
+/**
+ * Password schema with complexity requirements
+ */
+export declare const PasswordSchema: z.ZodString;
+/**
+ * UUID schema
+ */
+export declare const UUIDSchema: z.ZodString;
+/**
+ * URL schema with HTTPS enforcement
+ */
+export declare const HttpsUrlSchema: z.ZodString;
+/**
+ * URL schema (allows HTTP for development)
+ */
+export declare const UrlSchema: z.ZodString;
+/**
+ * Semantic version schema
+ */
+export declare const SemverSchema: z.ZodString;
+/**
+ * Port number schema
+ */
+export declare const PortSchema: z.ZodNumber;
+/**
+ * IP address schema (v4)
+ */
+export declare const IPv4Schema: any;
+/**
+ * IP address schema (v4 or v6)
+ */
+export declare const IPSchema: any;
+/**
+ * User role schema
+ */
+export declare const UserRoleSchema: z.ZodEnum<{
+    admin: "admin";
+    operator: "operator";
+    developer: "developer";
+    viewer: "viewer";
+    service: "service";
+}>;
+/**
+ * Permission schema
+ */
+export declare const PermissionSchema: z.ZodEnum<{
+    "swarm.create": "swarm.create";
+    "swarm.read": "swarm.read";
+    "swarm.update": "swarm.update";
+    "swarm.delete": "swarm.delete";
+    "swarm.scale": "swarm.scale";
+    "agent.spawn": "agent.spawn";
+    "agent.read": "agent.read";
+    "agent.terminate": "agent.terminate";
+    "task.create": "task.create";
+    "task.read": "task.read";
+    "task.cancel": "task.cancel";
+    "metrics.read": "metrics.read";
+    "system.admin": "system.admin";
+    "api.access": "api.access";
+}>;
+/**
+ * Login request schema
+ */
+export declare const LoginRequestSchema: z.ZodObject<{
+    email: z.ZodString;
+    password: z.ZodString;
+    mfaCode: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+/**
+ * User creation schema
+ */
+export declare const CreateUserSchema: z.ZodObject<{
+    email: z.ZodString;
+    password: z.ZodString;
+    role: z.ZodEnum<{
+        admin: "admin";
+        operator: "operator";
+        developer: "developer";
+        viewer: "viewer";
+        service: "service";
+    }>;
+    permissions: z.ZodOptional<z.ZodArray<z.ZodEnum<{
+        "swarm.create": "swarm.create";
+        "swarm.read": "swarm.read";
+        "swarm.update": "swarm.update";
+        "swarm.delete": "swarm.delete";
+        "swarm.scale": "swarm.scale";
+        "agent.spawn": "agent.spawn";
+        "agent.read": "agent.read";
+        "agent.terminate": "agent.terminate";
+        "task.create": "task.create";
+        "task.read": "task.read";
+        "task.cancel": "task.cancel";
+        "metrics.read": "metrics.read";
+        "system.admin": "system.admin";
+        "api.access": "api.access";
+    }>>>;
+    isActive: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+}, z.core.$strip>;
+/**
+ * API key creation schema
+ */
+export declare const CreateApiKeySchema: z.ZodObject<{
+    name: z.ZodString;
+    permissions: z.ZodOptional<z.ZodArray<z.ZodEnum<{
+        "swarm.create": "swarm.create";
+        "swarm.read": "swarm.read";
+        "swarm.update": "swarm.update";
+        "swarm.delete": "swarm.delete";
+        "swarm.scale": "swarm.scale";
+        "agent.spawn": "agent.spawn";
+        "agent.read": "agent.read";
+        "agent.terminate": "agent.terminate";
+        "task.create": "task.create";
+        "task.read": "task.read";
+        "task.cancel": "task.cancel";
+        "metrics.read": "metrics.read";
+        "system.admin": "system.admin";
+        "api.access": "api.access";
+    }>>>;
+    expiresAt: z.ZodOptional<z.ZodDate>;
+}, z.core.$strip>;
+/**
+ * Agent type schema
+ */
+export declare const AgentTypeSchema: z.ZodEnum<{
+    coder: "coder";
+    reviewer: "reviewer";
+    tester: "tester";
+    planner: "planner";
+    researcher: "researcher";
+    "security-architect": "security-architect";
+    "security-auditor": "security-auditor";
+    "memory-specialist": "memory-specialist";
+    "swarm-specialist": "swarm-specialist";
+    "integration-architect": "integration-architect";
+    "performance-engineer": "performance-engineer";
+    "core-architect": "core-architect";
+    "test-architect": "test-architect";
+    "queen-coordinator": "queen-coordinator";
+    "project-coordinator": "project-coordinator";
+}>;
+/**
+ * Agent spawn request schema
+ */
+export declare const SpawnAgentSchema: z.ZodObject<{
+    type: z.ZodEnum<{
+        coder: "coder";
+        reviewer: "reviewer";
+        tester: "tester";
+        planner: "planner";
+        researcher: "researcher";
+        "security-architect": "security-architect";
+        "security-auditor": "security-auditor";
+        "memory-specialist": "memory-specialist";
+        "swarm-specialist": "swarm-specialist";
+        "integration-architect": "integration-architect";
+        "performance-engineer": "performance-engineer";
+        "core-architect": "core-architect";
+        "test-architect": "test-architect";
+        "queen-coordinator": "queen-coordinator";
+        "project-coordinator": "project-coordinator";
+    }>;
+    id: z.ZodOptional<z.ZodString>;
+    config: z.ZodOptional<z.ZodRecord<z.core.$ZodRecordKey, z.core.SomeType>>;
+    timeout: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strip>;
+/**
+ * Task input schema
+ */
+export declare const TaskInputSchema: z.ZodObject<{
+    taskId: z.ZodString;
+    content: z.ZodString;
+    agentType: z.ZodEnum<{
+        coder: "coder";
+        reviewer: "reviewer";
+        tester: "tester";
+        planner: "planner";
+        researcher: "researcher";
+        "security-architect": "security-architect";
+        "security-auditor": "security-auditor";
+        "memory-specialist": "memory-specialist";
+        "swarm-specialist": "swarm-specialist";
+        "integration-architect": "integration-architect";
+        "performance-engineer": "performance-engineer";
+        "core-architect": "core-architect";
+        "test-architect": "test-architect";
+        "queen-coordinator": "queen-coordinator";
+        "project-coordinator": "project-coordinator";
+    }>;
+    priority: z.ZodOptional<z.ZodEnum<{
+        critical: "critical";
+        high: "high";
+        medium: "medium";
+        low: "low";
+    }>>;
+    metadata: z.ZodOptional<z.ZodRecord<z.core.$ZodRecordKey, z.core.SomeType>>;
+}, z.core.$strip>;
+/**
+ * Command argument schema
+ */
+export declare const CommandArgumentSchema: z.ZodString;
+/**
+ * Path schema
+ */
+export declare const PathSchema: z.ZodString;
+/**
+ * Security configuration schema
+ */
+export declare const SecurityConfigSchema: z.ZodObject<{
+    bcryptRounds: z.ZodDefault<z.ZodNumber>;
+    jwtExpiresIn: z.ZodDefault<z.ZodString>;
+    sessionTimeout: z.ZodDefault<z.ZodNumber>;
+    maxLoginAttempts: z.ZodDefault<z.ZodNumber>;
+    lockoutDuration: z.ZodDefault<z.ZodNumber>;
+    requireMFA: z.ZodDefault<z.ZodBoolean>;
+}, z.core.$strip>;
+/**
+ * Executor configuration schema
+ */
+export declare const ExecutorConfigSchema: z.ZodObject<{
+    allowedCommands: z.ZodArray<z.ZodString>;
+    blockedPatterns: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    timeout: z.ZodDefault<z.ZodNumber>;
+    maxBuffer: z.ZodDefault<z.ZodNumber>;
+    cwd: z.ZodOptional<z.ZodString>;
+    allowSudo: z.ZodDefault<z.ZodBoolean>;
+}, z.core.$strip>;
+/**
+ * Sanitizes a string by removing dangerous characters
+ */
+export declare function sanitizeString(input: string): string;
+/**
+ * Sanitizes HTML entities
+ */
+export declare function sanitizeHtml(input: string): string;
+/**
+ * Sanitizes a path by removing traversal patterns
+ */
+export declare function sanitizePath(input: string): string;
+export declare class InputValidator {
+    /**
+     * Validates input against a schema
+     */
+    static validate<T>(schema: z.ZodSchema<T>, input: unknown): T;
+    /**
+     * Safely validates input, returning result
+     */
+    static safeParse<T>(schema: z.ZodSchema<T>, input: unknown): z.SafeParseReturnType<unknown, T>;
+    /**
+     * Validates email
+     */
+    static validateEmail(email: string): string;
+    /**
+     * Validates password
+     */
+    static validatePassword(password: string): string;
+    /**
+     * Validates identifier
+     */
+    static validateIdentifier(id: string): string;
+    /**
+     * Validates path
+     */
+    static validatePath(path: string): string;
+    /**
+     * Validates command argument
+     */
+    static validateCommandArg(arg: string): string;
+    /**
+     * Validates login request
+     */
+    static validateLoginRequest(data: unknown): z.infer<typeof LoginRequestSchema>;
+    /**
+     * Validates user creation request
+     */
+    static validateCreateUser(data: unknown): z.infer<typeof CreateUserSchema>;
+    /**
+     * Validates task input
+     */
+    static validateTaskInput(data: unknown): z.infer<typeof TaskInputSchema>;
+}
+export { z, PATTERNS, LIMITS, };
+//# sourceMappingURL=input-validator.d.ts.map

package/dist/input-validator.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"input-validator.d.ts","sourceRoot":"","sources":["../src/input-validator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AA8BxB;;GAEG;AACH,QAAA,MAAM,QAAQ;;;;;;CAeb,CAAC;AAEF;;GAEG;AACH,QAAA,MAAM,MAAM;;;;;;;;;CASX,CAAC;AAMF;;GAEG;AACH,eAAO,MAAM,gBAAgB,aAG0C,CAAC;AAExE;;GAEG;AACH,eAAO,MAAM,gBAAgB,aAGkC,CAAC;AAEhE;;GAEG;AACH,eAAO,MAAM,cAAc,aAGgC,CAAC;AAE5D;;GAEG;AACH,eAAO,MAAM,WAAW,aAGR,CAAC;AAEjB;;GAEG;AACH,eAAO,MAAM,cAAc,aAKsC,CAAC;AAElE;;GAEG;AACH,eAAO,MAAM,UAAU,aAAyC,CAAC;AAEjE;;GAEG;AACH,eAAO,MAAM,cAAc,aAKxB,CAAC;AAEJ;;GAEG;AACH,eAAO,MAAM,SAAS,aACM,CAAC;AAE7B;;GAEG;AACH,eAAO,MAAM,YAAY,aACmC,CAAC;AAE7D;;GAEG;AACH,eAAO,MAAM,UAAU,aAGoB,CAAC;AAE5C;;GAEG;AACH,eAAO,MAAM,UAAU,KACkC,CAAC;AAE1D;;GAEG;AACH,eAAO,MAAM,QAAQ,KACmB,CAAC;AAMzC;;GAEG;AACH,eAAO,MAAM,cAAc;;;;;;EAMzB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;EAe3B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,kBAAkB;;;;iBAI7B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAM3B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;iBAI7B,CAAC;AAMH;;GAEG;AACH,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;EAgB1B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;iBAK3B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAM1B,CAAC;AAMH;;GAEG;AACH,eAAO,MAAM,qBAAqB,aAS/B,CAAC;AAEJ;;GAEG;AACH,eAAO,MAAM,UAAU,aASpB,CAAC;AAMJ;;GAEG;AACH,eAAO,MAAM,oBAAoB;;;;;;;iBAO/B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,oBAAoB;;;;;;;iBAO/B,CAAC;AAMH;;GAEG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAOpD;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAOlD;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAOlD;AAMD,qBAAa,cAAc;IACzB;;OAEG;IACH,MAAM,CAAC,QAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,GAAG,CAAC;IAI7D;;OAEG;IACH,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,GAAG,CAAC,CAAC,mBAAmB,CAAC,OAAO,EAAE,CAAC,CAAC;IAI9F;;OAEG;IACH,MAAM,CAAC,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAI3C;;OAEG;IACH,MAAM,CAAC,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAIjD;;OAEG;IACH,MAAM,CAAC,kBAAkB,CAAC,EAAE,EAAE,MAAM,GAAG,MAAM;IAI7C;;OAEG;IACH,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;IAIzC;;OAEG;IACH,MAAM,CAAC,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM;IAI9C;;OAEG;IACH,MAAM,CAAC,oBAAoB,CAAC,IAAI,EAAE,OAAO,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC;IAI9E;;OAEG;IACH,MAAM,CAAC,kBAAkB,CAAC,IAAI,EAAE,OAAO,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC;IAI1E;;OAEG;IACH,MAAM,CAAC,iBAAiB,CAAC,IAAI,EAAE,OAAO,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC;CAGzE;AAMD,OAAO,EACL,CAAC,EACD,QAAQ,EACR,MAAM,GACP,CAAC"}