npm - @spring-systems/server - Versions diffs - 0.8.6 → 0.8.7 - Mend

@spring-systems/server 0.8.6 → 0.8.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (40) hide show

package/dist/api-route-handler.js +1 -19
package/dist/chunk-E4AX7MID.js +1 -0
package/dist/chunk-FXUI75TW.js +1 -0
package/dist/chunk-KEEIJ5EV.js +1 -0
package/dist/chunk-M23YQYLU.js +1 -0
package/dist/chunk-TVAJDSYB.js +1 -0
package/dist/chunk-UDRRRHFI.js +1 -0
package/dist/chunk-VB7DEUGT.js +1 -0
package/dist/client.js +1 -14
package/dist/handlers/index.js +1 -48
package/dist/index.js +1 -44
package/dist/next-adapters.js +1 -14
package/dist/proxy-middleware.js +1 -10
package/dist/rate-limiter.js +1 -15
package/dist/runtime-env.js +1 -9
package/dist/security-headers.js +1 -11
package/package.json +109 -108
package/dist/api-route-handler.js.map +0 -1
package/dist/chunk-4SUIIQDW.js +0 -158
package/dist/chunk-4SUIIQDW.js.map +0 -1
package/dist/chunk-7IUSTA5W.js +0 -113
package/dist/chunk-7IUSTA5W.js.map +0 -1
package/dist/chunk-CP33WQ5Q.js +0 -47
package/dist/chunk-CP33WQ5Q.js.map +0 -1
package/dist/chunk-KA7RJCWA.js +0 -24
package/dist/chunk-KA7RJCWA.js.map +0 -1
package/dist/chunk-NFJ25NQQ.js +0 -377
package/dist/chunk-NFJ25NQQ.js.map +0 -1
package/dist/chunk-PZWKMIA4.js +0 -513
package/dist/chunk-PZWKMIA4.js.map +0 -1
package/dist/chunk-YV6DZVPI.js +0 -43
package/dist/chunk-YV6DZVPI.js.map +0 -1
package/dist/client.js.map +0 -1
package/dist/handlers/index.js.map +0 -1
package/dist/index.js.map +0 -1
package/dist/next-adapters.js.map +0 -1
package/dist/proxy-middleware.js.map +0 -1
package/dist/rate-limiter.js.map +0 -1
package/dist/runtime-env.js.map +0 -1
package/dist/security-headers.js.map +0 -1

package/dist/chunk-4SUIIQDW.js DELETED Viewed

@@ -1,158 +0,0 @@
-import {
-  BASE_SECURITY_HEADER_VALUES
-} from "./chunk-KA7RJCWA.js";
-// src/proxy-middleware.ts
-import { getFrameworkConfig } from "@spring-systems/core/config";
-import { NextResponse } from "next/server.js";
-function toOriginSource(value) {
-  const raw = value.trim();
-  if (!raw) return [];
-  try {
-    const parsed = new URL(raw);
-    const out = [parsed.origin];
-    if (parsed.protocol === "https:") {
-      out.push(`wss://${parsed.host}`);
-    } else if (parsed.protocol === "http:") {
-      out.push(`ws://${parsed.host}`);
-    }
-    return out;
-  } catch {
-    return [];
-  }
-}
-var BLOCKED_CSP_SCHEMES = /* @__PURE__ */ new Set(["javascript:", "data:", "blob:", "vbscript:", "filesystem:"]);
-function parseCspSource(token) {
-  const value = token.trim();
-  if (!value) return null;
-  if (/[\s;,\r\n]/.test(value)) return null;
-  if (/^[a-zA-Z][a-zA-Z0-9+.-]*:$/.test(value)) {
-    const lower = value.toLowerCase();
-    if (BLOCKED_CSP_SCHEMES.has(lower)) return null;
-    return lower;
-  }
-  try {
-    const parsed = new URL(value);
-    if (!["http:", "https:", "ws:", "wss:"].includes(parsed.protocol)) return null;
-    if (parsed.username || parsed.password) return null;
-    if (parsed.pathname !== "/" || parsed.search || parsed.hash) return null;
-    return `${parsed.protocol}//${parsed.host}`;
-  } catch {
-    return null;
-  }
-}
-function parseReportUri(value) {
-  const trimmed = value.trim();
-  if (!trimmed) return null;
-  if (/[\s;,\r\n"]/.test(trimmed)) return null;
-  try {
-    const parsed = new URL(trimmed);
-    if (!["http:", "https:"].includes(parsed.protocol)) return null;
-    if (parsed.username || parsed.password) return null;
-    return parsed.toString();
-  } catch {
-    return null;
-  }
-}
-function parseCspList(value) {
-  const parsed = value.split(",").map((s) => parseCspSource(s)).filter((s) => !!s);
-  return [...new Set(parsed)];
-}
-function proxy(req) {
-  const url = req.nextUrl.clone();
-  const TARGET_ENV = process.env.TARGET_ENV || "test";
-  const isProdRuntime = TARGET_ENV === "prod" || process.env.NODE_ENV === "production";
-  const isTargetProd = TARGET_ENV === "prod";
-  const isLocalHost = url.hostname === "localhost" || url.hostname === "127.0.0.1";
-  const nonce = crypto.randomUUID().replace(/-/g, "");
-  const denyStyleAttr = process.env.CSP_DENY_STYLE_ATTR === "true";
-  const allowUnsafeInlineStyle = !isTargetProd;
-  const connectHostsEnv = parseCspList(process.env.CSP_CONNECT_HOSTS || "");
-  const apiConnectSources = toOriginSource(process.env.API_URL || "");
-  const imgHostsEnv = parseCspList(process.env.CSP_IMG_HOSTS || "");
-  const scriptHostsEnv = parseCspList(process.env.CSP_SCRIPT_HOSTS || "");
-  const frameHostsEnv = parseCspList(process.env.CSP_FRAME_HOSTS || "");
-  const cspConfig = getFrameworkConfig().csp;
-  const validatedConnectSources = cspConfig.thirdPartyConnectSources.map((s) => parseCspSource(s)).filter((s) => !!s);
-  const validatedImgSources = cspConfig.thirdPartyImageSources.map((s) => parseCspSource(s)).filter((s) => !!s);
-  const validatedScriptSources = cspConfig.thirdPartyScriptSources.map((s) => parseCspSource(s)).filter((s) => !!s);
-  const validatedFrameSources = cspConfig.thirdPartyFrameSources.map((s) => parseCspSource(s)).filter((s) => !!s);
-  const connectSrc = [
-    "'self'",
-    ...validatedConnectSources,
-    ...apiConnectSources,
-    ...connectHostsEnv,
-    ...!isProdRuntime ? ["http://localhost:*", "http://127.0.0.1:*", "ws://localhost:*", "ws://127.0.0.1:*"] : []
-  ].join(" ");
-  const imgSrc = ["'self'", "data:", "blob:", ...validatedImgSources, ...imgHostsEnv].join(" ");
-  const scriptSrcHosts = [...validatedScriptSources, ...scriptHostsEnv].join(" ");
-  const frameSrcHosts = [...validatedFrameSources, ...frameHostsEnv].join(" ");
-  const reportUri = parseReportUri(process.env.CSP_REPORT_URI || "");
-  const cspDirectives = [
-    "default-src 'self'",
-    "base-uri 'self'",
-    "object-src 'none'",
-    `script-src 'self' 'nonce-${nonce}' 'strict-dynamic' ${scriptSrcHosts}`,
-    `script-src-elem 'self' 'nonce-${nonce}' 'strict-dynamic' ${scriptSrcHosts}`,
-    "script-src-attr 'none'",
-    allowUnsafeInlineStyle ? "style-src 'self' 'unsafe-inline'" : `style-src 'self' 'nonce-${nonce}'`,
-    denyStyleAttr ? "style-src-attr 'none'" : "style-src-attr 'unsafe-inline'",
-    `img-src ${imgSrc}`,
-    "media-src 'self' blob: data:",
-    "manifest-src 'self'",
-    `connect-src ${connectSrc}`,
-    `frame-src ${frameSrcHosts || "'none'"}`,
-    "frame-ancestors 'none'",
-    "form-action 'self'",
-    ...isTargetProd ? ["upgrade-insecure-requests"] : [],
-    ...reportUri ? [`report-uri ${reportUri}`, "report-to csp-violations"] : []
-  ];
-  const csp = cspDirectives.join("; ");
-  const blockedPrefixes = getFrameworkConfig().proxy.blockedPathPrefixesInProd ?? [];
-  if (isProdRuntime) {
-    for (const prefix of blockedPrefixes) {
-      if (url.pathname.startsWith(prefix)) {
-        const res2 = new NextResponse("Not Found", { status: 404 });
-        return setSecurity(res2, { isLocalHost, isTargetProd, csp, nonce, reportUri });
-      }
-    }
-  }
-  if (url.pathname === "/") {
-    const dest = new URL(url.toString());
-    if (!isLocalHost && isTargetProd) dest.protocol = "https:";
-    dest.pathname = getFrameworkConfig().app.defaultRoute;
-    dest.search = "";
-    const res2 = makeRedirect(dest, 308);
-    return setSecurity(res2, { isLocalHost, isTargetProd, csp, nonce, reportUri });
-  }
-  const requestHeaders = new Headers(req.headers);
-  requestHeaders.set("x-nonce", nonce);
-  const res = NextResponse.next({ request: { headers: requestHeaders } });
-  return setSecurity(res, { isLocalHost, isTargetProd, csp, nonce, reportUri });
-}
-function setSecurity(res, opts) {
-  const { isLocalHost, csp, nonce, reportUri } = opts;
-  if (csp) res.headers.set("Content-Security-Policy", csp);
-  for (const [key, value] of Object.entries(BASE_SECURITY_HEADER_VALUES)) {
-    res.headers.set(key, value);
-  }
-  if (opts.isTargetProd && !isLocalHost)
-    res.headers.set("Strict-Transport-Security", "max-age=63072000; includeSubDomains; preload");
-  if (reportUri) res.headers.set("Reporting-Endpoints", `csp-violations="${reportUri}"`);
-  if (nonce) res.headers.set("x-nonce", nonce);
-  return res;
-}
-function makeRedirect(to, status = 308) {
-  const res = new NextResponse(null, { status });
-  res.headers.set("Location", typeof to === "string" ? to : to.toString());
-  return res;
-}
-var proxyConfig = {
-  matcher: ["/((?!_next/static|_next/image|favicon.ico|sitemap.xml|robots.txt|api/health).*)"]
-};
-export {
-  proxy,
-  proxyConfig
-};
-//# sourceMappingURL=chunk-4SUIIQDW.js.map

package/dist/chunk-4SUIIQDW.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/proxy-middleware.ts"],"sourcesContent":["import { getFrameworkConfig } from \"@spring-systems/core/config\";\nimport { type NextRequest, NextResponse } from \"next/server.js\";\n\nimport { BASE_SECURITY_HEADER_VALUES } from \"./security-headers\";\n\nfunction toOriginSource(value: string): string[] {\n const raw = value.trim();\n if (!raw) return [];\n\n try {\n const parsed = new URL(raw);\n const out = [parsed.origin];\n\n if (parsed.protocol === \"https:\") {\n out.push(`wss://${parsed.host}`);\n } else if (parsed.protocol === \"http:\") {\n out.push(`ws://${parsed.host}`);\n }\n\n return out;\n } catch {\n return [];\n }\n}\n\nconst BLOCKED_CSP_SCHEMES = new Set([\"javascript:\", \"data:\", \"blob:\", \"vbscript:\", \"filesystem:\"]);\n\nfunction parseCspSource(token: string): string | null {\n const value = token.trim();\n if (!value) return null;\n\n // Prevent header/CSP injection via env values.\n if (/[\\s;,\\r\\n]/.test(value)) return null;\n\n // Allow safe scheme sources (e.g. https:, wss:). Block dangerous schemes\n // that enable XSS or data exfiltration when used in CSP directives.\n if (/^[a-zA-Z][a-zA-Z0-9+.-]*:$/.test(value)) {\n const lower = value.toLowerCase();\n if (BLOCKED_CSP_SCHEMES.has(lower)) return null;\n return lower;\n }\n\n try {\n const parsed = new URL(value);\n if (![\"http:\", \"https:\", \"ws:\", \"wss:\"].includes(parsed.protocol)) return null;\n if (parsed.username || parsed.password) return null;\n if (parsed.pathname !== \"/\" || parsed.search || parsed.hash) return null;\n return `${parsed.protocol}//${parsed.host}`;\n } catch {\n return null;\n }\n}\n\nfunction parseReportUri(value: string): string | null {\n const trimmed = value.trim();\n if (!trimmed) return null;\n // Block header injection characters and double-quotes (used in Reporting-Endpoints structured header).\n if (/[\\s;,\\r\\n\"]/.test(trimmed)) return null;\n try {\n const parsed = new URL(trimmed);\n if (![\"http:\", \"https:\"].includes(parsed.protocol)) return null;\n if (parsed.username || parsed.password) return null;\n return parsed.toString();\n } catch {\n return null;\n }\n}\n\nfunction parseCspList(value: string): string[] {\n const parsed = value\n .split(\",\")\n .map((s) => parseCspSource(s))\n .filter((s): s is string => !!s);\n return [...new Set(parsed)];\n}\n\nexport function proxy(req: NextRequest) {\n const url = req.nextUrl.clone();\n\n const TARGET_ENV = process.env.TARGET_ENV || \"test\";\n const isProdRuntime = TARGET_ENV === \"prod\" || process.env.NODE_ENV === \"production\";\n const isTargetProd = TARGET_ENV === \"prod\";\n\n const isLocalHost = url.hostname === \"localhost\" || url.hostname === \"127.0.0.1\";\n\n const nonce = crypto.randomUUID().replace(/-/g, \"\");\n const denyStyleAttr = process.env.CSP_DENY_STYLE_ATTR === \"true\";\n const allowUnsafeInlineStyle = !isTargetProd;\n\n const connectHostsEnv = parseCspList(process.env.CSP_CONNECT_HOSTS || \"\");\n const apiConnectSources = toOriginSource(process.env.API_URL || \"\");\n const imgHostsEnv = parseCspList(process.env.CSP_IMG_HOSTS || \"\");\n const scriptHostsEnv = parseCspList(process.env.CSP_SCRIPT_HOSTS || \"\");\n const frameHostsEnv = parseCspList(process.env.CSP_FRAME_HOSTS || \"\");\n\n const cspConfig = getFrameworkConfig().csp;\n\n // Validate framework config CSP sources through parseCspSource to prevent injection\n const validatedConnectSources = cspConfig.thirdPartyConnectSources\n .map((s) => parseCspSource(s))\n .filter((s): s is string => !!s);\n const validatedImgSources = cspConfig.thirdPartyImageSources\n .map((s) => parseCspSource(s))\n .filter((s): s is string => !!s);\n const validatedScriptSources = cspConfig.thirdPartyScriptSources\n .map((s) => parseCspSource(s))\n .filter((s): s is string => !!s);\n const validatedFrameSources = cspConfig.thirdPartyFrameSources\n .map((s) => parseCspSource(s))\n .filter((s): s is string => !!s);\n\n const connectSrc = [\n \"'self'\",\n ...validatedConnectSources,\n ...apiConnectSources,\n ...connectHostsEnv,\n ...(!isProdRuntime ? [\"http://localhost:*\", \"http://127.0.0.1:*\", \"ws://localhost:*\", \"ws://127.0.0.1:*\"] : []),\n ].join(\" \");\n\n const imgSrc = [\"'self'\", \"data:\", \"blob:\", ...validatedImgSources, ...imgHostsEnv].join(\" \");\n\n const scriptSrcHosts = [...validatedScriptSources, ...scriptHostsEnv].join(\" \");\n const frameSrcHosts = [...validatedFrameSources, ...frameHostsEnv].join(\" \");\n\n const reportUri = parseReportUri(process.env.CSP_REPORT_URI || \"\");\n\n const cspDirectives = [\n \"default-src 'self'\",\n \"base-uri 'self'\",\n \"object-src 'none'\",\n `script-src 'self' 'nonce-${nonce}' 'strict-dynamic' ${scriptSrcHosts}`,\n `script-src-elem 'self' 'nonce-${nonce}' 'strict-dynamic' ${scriptSrcHosts}`,\n \"script-src-attr 'none'\",\n allowUnsafeInlineStyle ? \"style-src 'self' 'unsafe-inline'\" : `style-src 'self' 'nonce-${nonce}'`,\n denyStyleAttr ? \"style-src-attr 'none'\" : \"style-src-attr 'unsafe-inline'\",\n `img-src ${imgSrc}`,\n \"media-src 'self' blob: data:\",\n \"manifest-src 'self'\",\n `connect-src ${connectSrc}`,\n `frame-src ${frameSrcHosts || \"'none'\"}`,\n \"frame-ancestors 'none'\",\n \"form-action 'self'\",\n ...(isTargetProd ? [\"upgrade-insecure-requests\"] : []),\n ...(reportUri ? [`report-uri ${reportUri}`, \"report-to csp-violations\"] : []),\n ];\n const csp = cspDirectives.join(\"; \");\n\n const blockedPrefixes = getFrameworkConfig().proxy.blockedPathPrefixesInProd ?? [];\n if (isProdRuntime) {\n for (const prefix of blockedPrefixes) {\n if (url.pathname.startsWith(prefix)) {\n const res = new NextResponse(\"Not Found\", { status: 404 });\n return setSecurity(res, { isLocalHost, isTargetProd, csp, nonce, reportUri });\n }\n }\n }\n\n if (url.pathname === \"/\") {\n const dest = new URL(url.toString());\n if (!isLocalHost && isTargetProd) dest.protocol = \"https:\";\n dest.pathname = getFrameworkConfig().app.defaultRoute;\n dest.search = \"\";\n\n const res = makeRedirect(dest, 308);\n return setSecurity(res, { isLocalHost, isTargetProd, csp, nonce, reportUri });\n }\n\n const requestHeaders = new Headers(req.headers);\n requestHeaders.set(\"x-nonce\", nonce);\n\n const res = NextResponse.next({ request: { headers: requestHeaders } });\n return setSecurity(res, { isLocalHost, isTargetProd, csp, nonce, reportUri });\n}\n\nfunction setSecurity(\n res: NextResponse,\n opts: { isLocalHost: boolean; isTargetProd: boolean; csp?: string; nonce?: string; reportUri?: string | null },\n) {\n const { isLocalHost, csp, nonce, reportUri } = opts;\n if (csp) res.headers.set(\"Content-Security-Policy\", csp);\n for (const [key, value] of Object.entries(BASE_SECURITY_HEADER_VALUES)) {\n res.headers.set(key, value);\n }\n if (opts.isTargetProd && !isLocalHost)\n res.headers.set(\"Strict-Transport-Security\", \"max-age=63072000; includeSubDomains; preload\");\n if (reportUri) res.headers.set(\"Reporting-Endpoints\", `csp-violations=\"${reportUri}\"`);\n if (nonce) res.headers.set(\"x-nonce\", nonce);\n return res;\n}\n\nfunction makeRedirect(to: URL | string, status = 308) {\n const res = new NextResponse(null, { status });\n res.headers.set(\"Location\", typeof to === \"string\" ? to : to.toString());\n return res;\n}\n\nexport const proxyConfig = {\n matcher: [\"/((?!_next/static|_next/image|favicon.ico|sitemap.xml|robots.txt|api/health).*)\"],\n};\n"],"mappings":";;;;;AAAA,SAAS,0BAA0B;AACnC,SAA2B,oBAAoB;AAI/C,SAAS,eAAe,OAAyB;AAC7C,QAAM,MAAM,MAAM,KAAK;AACvB,MAAI,CAAC,IAAK,QAAO,CAAC;AAElB,MAAI;AACA,UAAM,SAAS,IAAI,IAAI,GAAG;AAC1B,UAAM,MAAM,CAAC,OAAO,MAAM;AAE1B,QAAI,OAAO,aAAa,UAAU;AAC9B,UAAI,KAAK,SAAS,OAAO,IAAI,EAAE;AAAA,IACnC,WAAW,OAAO,aAAa,SAAS;AACpC,UAAI,KAAK,QAAQ,OAAO,IAAI,EAAE;AAAA,IAClC;AAEA,WAAO;AAAA,EACX,QAAQ;AACJ,WAAO,CAAC;AAAA,EACZ;AACJ;AAEA,IAAM,sBAAsB,oBAAI,IAAI,CAAC,eAAe,SAAS,SAAS,aAAa,aAAa,CAAC;AAEjG,SAAS,eAAe,OAA8B;AAClD,QAAM,QAAQ,MAAM,KAAK;AACzB,MAAI,CAAC,MAAO,QAAO;AAGnB,MAAI,aAAa,KAAK,KAAK,EAAG,QAAO;AAIrC,MAAI,6BAA6B,KAAK,KAAK,GAAG;AAC1C,UAAM,QAAQ,MAAM,YAAY;AAChC,QAAI,oBAAoB,IAAI,KAAK,EAAG,QAAO;AAC3C,WAAO;AAAA,EACX;AAEA,MAAI;AACA,UAAM,SAAS,IAAI,IAAI,KAAK;AAC5B,QAAI,CAAC,CAAC,SAAS,UAAU,OAAO,MAAM,EAAE,SAAS,OAAO,QAAQ,EAAG,QAAO;AAC1E,QAAI,OAAO,YAAY,OAAO,SAAU,QAAO;AAC/C,QAAI,OAAO,aAAa,OAAO,OAAO,UAAU,OAAO,KAAM,QAAO;AACpE,WAAO,GAAG,OAAO,QAAQ,KAAK,OAAO,IAAI;AAAA,EAC7C,QAAQ;AACJ,WAAO;AAAA,EACX;AACJ;AAEA,SAAS,eAAe,OAA8B;AAClD,QAAM,UAAU,MAAM,KAAK;AAC3B,MAAI,CAAC,QAAS,QAAO;AAErB,MAAI,cAAc,KAAK,OAAO,EAAG,QAAO;AACxC,MAAI;AACA,UAAM,SAAS,IAAI,IAAI,OAAO;AAC9B,QAAI,CAAC,CAAC,SAAS,QAAQ,EAAE,SAAS,OAAO,QAAQ,EAAG,QAAO;AAC3D,QAAI,OAAO,YAAY,OAAO,SAAU,QAAO;AAC/C,WAAO,OAAO,SAAS;AAAA,EAC3B,QAAQ;AACJ,WAAO;AAAA,EACX;AACJ;AAEA,SAAS,aAAa,OAAyB;AAC3C,QAAM,SAAS,MACV,MAAM,GAAG,EACT,IAAI,CAAC,MAAM,eAAe,CAAC,CAAC,EAC5B,OAAO,CAAC,MAAmB,CAAC,CAAC,CAAC;AACnC,SAAO,CAAC,GAAG,IAAI,IAAI,MAAM,CAAC;AAC9B;AAEO,SAAS,MAAM,KAAkB;AACpC,QAAM,MAAM,IAAI,QAAQ,MAAM;AAE9B,QAAM,aAAa,QAAQ,IAAI,cAAc;AAC7C,QAAM,gBAAgB,eAAe,UAAU,QAAQ,IAAI,aAAa;AACxE,QAAM,eAAe,eAAe;AAEpC,QAAM,cAAc,IAAI,aAAa,eAAe,IAAI,aAAa;AAErE,QAAM,QAAQ,OAAO,WAAW,EAAE,QAAQ,MAAM,EAAE;AAClD,QAAM,gBAAgB,QAAQ,IAAI,wBAAwB;AAC1D,QAAM,yBAAyB,CAAC;AAEhC,QAAM,kBAAkB,aAAa,QAAQ,IAAI,qBAAqB,EAAE;AACxE,QAAM,oBAAoB,eAAe,QAAQ,IAAI,WAAW,EAAE;AAClE,QAAM,cAAc,aAAa,QAAQ,IAAI,iBAAiB,EAAE;AAChE,QAAM,iBAAiB,aAAa,QAAQ,IAAI,oBAAoB,EAAE;AACtE,QAAM,gBAAgB,aAAa,QAAQ,IAAI,mBAAmB,EAAE;AAEpE,QAAM,YAAY,mBAAmB,EAAE;AAGvC,QAAM,0BAA0B,UAAU,yBACrC,IAAI,CAAC,MAAM,eAAe,CAAC,CAAC,EAC5B,OAAO,CAAC,MAAmB,CAAC,CAAC,CAAC;AACnC,QAAM,sBAAsB,UAAU,uBACjC,IAAI,CAAC,MAAM,eAAe,CAAC,CAAC,EAC5B,OAAO,CAAC,MAAmB,CAAC,CAAC,CAAC;AACnC,QAAM,yBAAyB,UAAU,wBACpC,IAAI,CAAC,MAAM,eAAe,CAAC,CAAC,EAC5B,OAAO,CAAC,MAAmB,CAAC,CAAC,CAAC;AACnC,QAAM,wBAAwB,UAAU,uBACnC,IAAI,CAAC,MAAM,eAAe,CAAC,CAAC,EAC5B,OAAO,CAAC,MAAmB,CAAC,CAAC,CAAC;AAEnC,QAAM,aAAa;AAAA,IACf;AAAA,IACA,GAAG;AAAA,IACH,GAAG;AAAA,IACH,GAAG;AAAA,IACH,GAAI,CAAC,gBAAgB,CAAC,sBAAsB,sBAAsB,oBAAoB,kBAAkB,IAAI,CAAC;AAAA,EACjH,EAAE,KAAK,GAAG;AAEV,QAAM,SAAS,CAAC,UAAU,SAAS,SAAS,GAAG,qBAAqB,GAAG,WAAW,EAAE,KAAK,GAAG;AAE5F,QAAM,iBAAiB,CAAC,GAAG,wBAAwB,GAAG,cAAc,EAAE,KAAK,GAAG;AAC9E,QAAM,gBAAgB,CAAC,GAAG,uBAAuB,GAAG,aAAa,EAAE,KAAK,GAAG;AAE3E,QAAM,YAAY,eAAe,QAAQ,IAAI,kBAAkB,EAAE;AAEjE,QAAM,gBAAgB;AAAA,IAClB;AAAA,IACA;AAAA,IACA;AAAA,IACA,4BAA4B,KAAK,sBAAsB,cAAc;AAAA,IACrE,iCAAiC,KAAK,sBAAsB,cAAc;AAAA,IAC1E;AAAA,IACA,yBAAyB,qCAAqC,2BAA2B,KAAK;AAAA,IAC9F,gBAAgB,0BAA0B;AAAA,IAC1C,WAAW,MAAM;AAAA,IACjB;AAAA,IACA;AAAA,IACA,eAAe,UAAU;AAAA,IACzB,aAAa,iBAAiB,QAAQ;AAAA,IACtC;AAAA,IACA;AAAA,IACA,GAAI,eAAe,CAAC,2BAA2B,IAAI,CAAC;AAAA,IACpD,GAAI,YAAY,CAAC,cAAc,SAAS,IAAI,0BAA0B,IAAI,CAAC;AAAA,EAC/E;AACA,QAAM,MAAM,cAAc,KAAK,IAAI;AAEnC,QAAM,kBAAkB,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AACjF,MAAI,eAAe;AACf,eAAW,UAAU,iBAAiB;AAClC,UAAI,IAAI,SAAS,WAAW,MAAM,GAAG;AACjC,cAAMA,OAAM,IAAI,aAAa,aAAa,EAAE,QAAQ,IAAI,CAAC;AACzD,eAAO,YAAYA,MAAK,EAAE,aAAa,cAAc,KAAK,OAAO,UAAU,CAAC;AAAA,MAChF;AAAA,IACJ;AAAA,EACJ;AAEA,MAAI,IAAI,aAAa,KAAK;AACtB,UAAM,OAAO,IAAI,IAAI,IAAI,SAAS,CAAC;AACnC,QAAI,CAAC,eAAe,aAAc,MAAK,WAAW;AAClD,SAAK,WAAW,mBAAmB,EAAE,IAAI;AACzC,SAAK,SAAS;AAEd,UAAMA,OAAM,aAAa,MAAM,GAAG;AAClC,WAAO,YAAYA,MAAK,EAAE,aAAa,cAAc,KAAK,OAAO,UAAU,CAAC;AAAA,EAChF;AAEA,QAAM,iBAAiB,IAAI,QAAQ,IAAI,OAAO;AAC9C,iBAAe,IAAI,WAAW,KAAK;AAEnC,QAAM,MAAM,aAAa,KAAK,EAAE,SAAS,EAAE,SAAS,eAAe,EAAE,CAAC;AACtE,SAAO,YAAY,KAAK,EAAE,aAAa,cAAc,KAAK,OAAO,UAAU,CAAC;AAChF;AAEA,SAAS,YACL,KACA,MACF;AACE,QAAM,EAAE,aAAa,KAAK,OAAO,UAAU,IAAI;AAC/C,MAAI,IAAK,KAAI,QAAQ,IAAI,2BAA2B,GAAG;AACvD,aAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,2BAA2B,GAAG;AACpE,QAAI,QAAQ,IAAI,KAAK,KAAK;AAAA,EAC9B;AACA,MAAI,KAAK,gBAAgB,CAAC;AACtB,QAAI,QAAQ,IAAI,6BAA6B,8CAA8C;AAC/F,MAAI,UAAW,KAAI,QAAQ,IAAI,uBAAuB,mBAAmB,SAAS,GAAG;AACrF,MAAI,MAAO,KAAI,QAAQ,IAAI,WAAW,KAAK;AAC3C,SAAO;AACX;AAEA,SAAS,aAAa,IAAkB,SAAS,KAAK;AAClD,QAAM,MAAM,IAAI,aAAa,MAAM,EAAE,OAAO,CAAC;AAC7C,MAAI,QAAQ,IAAI,YAAY,OAAO,OAAO,WAAW,KAAK,GAAG,SAAS,CAAC;AACvE,SAAO;AACX;AAEO,IAAM,cAAc;AAAA,EACvB,SAAS,CAAC,iFAAiF;AAC/F;","names":["res"]}

package/dist/chunk-7IUSTA5W.js DELETED Viewed

@@ -1,113 +0,0 @@
-// src/rate-limiter.ts
-var InMemoryRateLimiter = class {
-  ipStore = /* @__PURE__ */ new Map();
-  accountStore = /* @__PURE__ */ new Map();
-  getStore(store) {
-    return store === "ip" ? this.ipStore : this.accountStore;
-  }
-  get(store, key) {
-    return this.getStore(store).get(key) ?? null;
-  }
-  set(store, key, entry) {
-    this.getStore(store).set(key, entry);
-  }
-  delete(store, key) {
-    this.getStore(store).delete(key);
-  }
-  size(store) {
-    return this.getStore(store).size;
-  }
-  evictOldest(store, count) {
-    const map = this.getStore(store);
-    const entries = [...map.entries()].sort((a, b) => a[1].windowStartedAt - b[1].windowStartedAt);
-    for (let i = 0; i < count && i < entries.length; i++) {
-      const candidate = entries[i];
-      if (!candidate) break;
-      map.delete(candidate[0]);
-    }
-  }
-  sweepExpired(store, now, windowMs) {
-    const map = this.getStore(store);
-    for (const [key, entry] of map.entries()) {
-      const windowExpired = now - entry.windowStartedAt > windowMs;
-      const noActiveBlock = entry.blockedUntil <= now;
-      if (windowExpired && noActiveBlock) {
-        map.delete(key);
-      }
-    }
-  }
-};
-var adapter = new InMemoryRateLimiter();
-var hasWarnedInMemory = false;
-function setRateLimiterAdapter(custom) {
-  adapter = custom;
-}
-function getRateLimiterAdapter() {
-  return adapter;
-}
-function checkRateLimit(ipKey, accountKey, policy) {
-  if (!hasWarnedInMemory && adapter instanceof InMemoryRateLimiter && process.env.NODE_ENV === "production") {
-    hasWarnedInMemory = true;
-    console.warn("[server] Rate limiter is using in-memory storage in production. For multi-instance deployments, call setRateLimiterAdapter() with a shared-storage adapter.");
-  }
-  const now = Date.now();
-  const ipResult = checkSingleLimit(adapter, "ip", ipKey, policy.maxAttemptsByIpAndAccount, policy, now);
-  if (ipResult) return ipResult;
-  if (accountKey) {
-    const accountResult = checkSingleLimit(adapter, "account", accountKey, policy.maxAttemptsByAccount, policy, now);
-    if (accountResult) return accountResult;
-  }
-  return null;
-}
-function recordFailedAttempt(ipKey, accountKey, policy) {
-  const now = Date.now();
-  recordAttempt(adapter, "ip", ipKey, policy, now);
-  if (accountKey) {
-    recordAttempt(adapter, "account", accountKey, policy, now);
-  }
-}
-function clearRateLimitEntries(ipKey, accountKey) {
-  adapter.delete("ip", ipKey);
-  if (accountKey) {
-    adapter.delete("account", accountKey);
-  }
-}
-function checkSingleLimit(adap, store, key, maxAttempts, policy, now) {
-  const entry = adap.get(store, key);
-  if (!entry) return null;
-  if (entry.blockedUntil > now) {
-    const remainSec = Math.ceil((entry.blockedUntil - now) / 1e3);
-    return `Rate limited (${store}). Try again in ${remainSec}s.`;
-  }
-  if (now - entry.windowStartedAt > policy.windowMs) {
-    adap.delete(store, key);
-    return null;
-  }
-  if (entry.count >= maxAttempts) {
-    entry.blockedUntil = now + policy.blockMs;
-    adap.set(store, key, entry);
-    return `Too many attempts (${store}). Blocked for ${Math.ceil(policy.blockMs / 1e3)}s.`;
-  }
-  return null;
-}
-function recordAttempt(adap, store, key, policy, now) {
-  if (adap.size(store) >= policy.maxKeys) {
-    adap.evictOldest(store, Math.floor(policy.maxKeys * 0.1));
-  }
-  const entry = adap.get(store, key);
-  if (!entry || now - entry.windowStartedAt > policy.windowMs) {
-    adap.set(store, key, { count: 1, windowStartedAt: now, blockedUntil: 0 });
-  } else {
-    entry.count++;
-    adap.set(store, key, entry);
-  }
-}
-export {
-  setRateLimiterAdapter,
-  getRateLimiterAdapter,
-  checkRateLimit,
-  recordFailedAttempt,
-  clearRateLimitEntries
-};
-//# sourceMappingURL=chunk-7IUSTA5W.js.map

package/dist/chunk-7IUSTA5W.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/rate-limiter.ts"],"sourcesContent":["/**\n * Pluggable rate limiter for API proxy authentication.\n *\n * The default implementation uses in-memory Maps (suitable for single-instance deployments).\n * Multi-instance deployments can replace this with a custom adapter via `setRateLimiterAdapter()`.\n *\n * @example\n * ```ts\n * import { setRateLimiterAdapter } from \"@spring-systems/server/rate-limiter\";\n * import { createCustomRateLimiter } from \"./my-rate-limiter\";\n *\n * setRateLimiterAdapter(createCustomRateLimiter());\n * ```\n *\n * @module rate-limiter\n */\n\nexport interface RateLimitEntry {\n count: number;\n windowStartedAt: number;\n blockedUntil: number;\n}\n\nexport interface RateLimitPolicy {\n windowMs: number;\n blockMs: number;\n maxAttemptsByIpAndAccount: number;\n maxAttemptsByAccount: number;\n maxKeys: number;\n}\n\n/**\n * Rate limiter adapter interface. Implementations must be async-safe.\n */\nexport interface RateLimiterAdapter {\n /** Get the current rate limit entry for a key, or null if no entry exists. */\n get(store: \"ip\" | \"account\", key: string): RateLimitEntry | null;\n\n /** Set/update the rate limit entry for a key. */\n set(store: \"ip\" | \"account\", key: string, entry: RateLimitEntry): void;\n\n /** Delete an entry (e.g. on successful login). */\n delete(store: \"ip\" | \"account\", key: string): void;\n\n /** Get the total number of tracked keys (for eviction logic). */\n size(store: \"ip\" | \"account\"): number;\n\n /** Clear the oldest entries when maxKeys is exceeded. */\n evictOldest(store: \"ip\" | \"account\", count: number): void;\n\n /**\n * Remove expired entries for a store.\n * Optional to preserve compatibility with existing custom adapters.\n */\n sweepExpired?(store: \"ip\" | \"account\", now: number, windowMs: number): void;\n}\n\n// ---------------------------------------------------------------------------\n// Default in-memory implementation\n// ---------------------------------------------------------------------------\n\nclass InMemoryRateLimiter implements RateLimiterAdapter {\n private ipStore = new Map<string, RateLimitEntry>();\n private accountStore = new Map<string, RateLimitEntry>();\n\n private getStore(store: \"ip\" | \"account\"): Map<string, RateLimitEntry> {\n return store === \"ip\" ? this.ipStore : this.accountStore;\n }\n\n get(store: \"ip\" | \"account\", key: string): RateLimitEntry | null {\n return this.getStore(store).get(key) ?? null;\n }\n\n set(store: \"ip\" | \"account\", key: string, entry: RateLimitEntry): void {\n this.getStore(store).set(key, entry);\n }\n\n delete(store: \"ip\" | \"account\", key: string): void {\n this.getStore(store).delete(key);\n }\n\n size(store: \"ip\" | \"account\"): number {\n return this.getStore(store).size;\n }\n\n evictOldest(store: \"ip\" | \"account\", count: number): void {\n const map = this.getStore(store);\n const entries = [...map.entries()].sort((a, b) => a[1].windowStartedAt - b[1].windowStartedAt);\n for (let i = 0; i < count && i < entries.length; i++) {\n const candidate = entries[i];\n if (!candidate) break;\n map.delete(candidate[0]);\n }\n }\n\n sweepExpired(store: \"ip\" | \"account\", now: number, windowMs: number): void {\n const map = this.getStore(store);\n for (const [key, entry] of map.entries()) {\n const windowExpired = now - entry.windowStartedAt > windowMs;\n const noActiveBlock = entry.blockedUntil <= now;\n if (windowExpired && noActiveBlock) {\n map.delete(key);\n }\n }\n }\n}\n\n// Singleton adapter\nlet adapter: RateLimiterAdapter = new InMemoryRateLimiter();\nlet hasWarnedInMemory = false;\n\n/** Replace the default in-memory rate limiter with a custom adapter. */\nexport function setRateLimiterAdapter(custom: RateLimiterAdapter): void {\n adapter = custom;\n}\n\n/** Get the current rate limiter adapter. */\nexport function getRateLimiterAdapter(): RateLimiterAdapter {\n return adapter;\n}\n\n/**\n * Check if a login attempt should be rate-limited.\n * @returns A reason string if blocked, or null if allowed.\n */\nexport function checkRateLimit(\n ipKey: string,\n accountKey: string | null,\n policy: RateLimitPolicy,\n): string | null {\n if (!hasWarnedInMemory && adapter instanceof InMemoryRateLimiter && process.env.NODE_ENV === \"production\") {\n hasWarnedInMemory = true;\n console.warn(\"[server] Rate limiter is using in-memory storage in production. For multi-instance deployments, call setRateLimiterAdapter() with a shared-storage adapter.\");\n }\n const now = Date.now();\n\n // Check IP-based limit\n const ipResult = checkSingleLimit(adapter, \"ip\", ipKey, policy.maxAttemptsByIpAndAccount, policy, now);\n if (ipResult) return ipResult;\n\n // Check account-based limit\n if (accountKey) {\n const accountResult = checkSingleLimit(adapter, \"account\", accountKey, policy.maxAttemptsByAccount, policy, now);\n if (accountResult) return accountResult;\n }\n\n return null;\n}\n\n/**\n * Record a failed login attempt.\n */\nexport function recordFailedAttempt(\n ipKey: string,\n accountKey: string | null,\n policy: RateLimitPolicy,\n): void {\n const now = Date.now();\n recordAttempt(adapter, \"ip\", ipKey, policy, now);\n if (accountKey) {\n recordAttempt(adapter, \"account\", accountKey, policy, now);\n }\n}\n\n/**\n * Clear rate limit entries for a key (e.g. on successful login).\n */\nexport function clearRateLimitEntries(ipKey: string, accountKey: string | null): void {\n adapter.delete(\"ip\", ipKey);\n if (accountKey) {\n adapter.delete(\"account\", accountKey);\n }\n}\n\n// ---------------------------------------------------------------------------\n// Internal helpers\n// ---------------------------------------------------------------------------\n\nfunction checkSingleLimit(\n adap: RateLimiterAdapter,\n store: \"ip\" | \"account\",\n key: string,\n maxAttempts: number,\n policy: RateLimitPolicy,\n now: number,\n): string | null {\n const entry = adap.get(store, key);\n if (!entry) return null;\n\n if (entry.blockedUntil > now) {\n const remainSec = Math.ceil((entry.blockedUntil - now) / 1000);\n return `Rate limited (${store}). Try again in ${remainSec}s.`;\n }\n\n if (now - entry.windowStartedAt > policy.windowMs) {\n adap.delete(store, key);\n return null;\n }\n\n if (entry.count >= maxAttempts) {\n entry.blockedUntil = now + policy.blockMs;\n adap.set(store, key, entry);\n return `Too many attempts (${store}). Blocked for ${Math.ceil(policy.blockMs / 1000)}s.`;\n }\n\n return null;\n}\n\nfunction recordAttempt(\n adap: RateLimiterAdapter,\n store: \"ip\" | \"account\",\n key: string,\n policy: RateLimitPolicy,\n now: number,\n): void {\n // Evict old entries if needed\n if (adap.size(store) >= policy.maxKeys) {\n adap.evictOldest(store, Math.floor(policy.maxKeys * 0.1));\n }\n\n const entry = adap.get(store, key);\n if (!entry || now - entry.windowStartedAt > policy.windowMs) {\n adap.set(store, key, { count: 1, windowStartedAt: now, blockedUntil: 0 });\n } else {\n entry.count++;\n adap.set(store, key, entry);\n }\n}\n"],"mappings":";AA6DA,IAAM,sBAAN,MAAwD;AAAA,EAC5C,UAAU,oBAAI,IAA4B;AAAA,EAC1C,eAAe,oBAAI,IAA4B;AAAA,EAE/C,SAAS,OAAsD;AACnE,WAAO,UAAU,OAAO,KAAK,UAAU,KAAK;AAAA,EAChD;AAAA,EAEA,IAAI,OAAyB,KAAoC;AAC7D,WAAO,KAAK,SAAS,KAAK,EAAE,IAAI,GAAG,KAAK;AAAA,EAC5C;AAAA,EAEA,IAAI,OAAyB,KAAa,OAA6B;AACnE,SAAK,SAAS,KAAK,EAAE,IAAI,KAAK,KAAK;AAAA,EACvC;AAAA,EAEA,OAAO,OAAyB,KAAmB;AAC/C,SAAK,SAAS,KAAK,EAAE,OAAO,GAAG;AAAA,EACnC;AAAA,EAEA,KAAK,OAAiC;AAClC,WAAO,KAAK,SAAS,KAAK,EAAE;AAAA,EAChC;AAAA,EAEA,YAAY,OAAyB,OAAqB;AACtD,UAAM,MAAM,KAAK,SAAS,KAAK;AAC/B,UAAM,UAAU,CAAC,GAAG,IAAI,QAAQ,CAAC,EAAE,KAAK,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,kBAAkB,EAAE,CAAC,EAAE,eAAe;AAC7F,aAAS,IAAI,GAAG,IAAI,SAAS,IAAI,QAAQ,QAAQ,KAAK;AAClD,YAAM,YAAY,QAAQ,CAAC;AAC3B,UAAI,CAAC,UAAW;AAChB,UAAI,OAAO,UAAU,CAAC,CAAC;AAAA,IAC3B;AAAA,EACJ;AAAA,EAEA,aAAa,OAAyB,KAAa,UAAwB;AACvE,UAAM,MAAM,KAAK,SAAS,KAAK;AAC/B,eAAW,CAAC,KAAK,KAAK,KAAK,IAAI,QAAQ,GAAG;AACtC,YAAM,gBAAgB,MAAM,MAAM,kBAAkB;AACpD,YAAM,gBAAgB,MAAM,gBAAgB;AAC5C,UAAI,iBAAiB,eAAe;AAChC,YAAI,OAAO,GAAG;AAAA,MAClB;AAAA,IACJ;AAAA,EACJ;AACJ;AAGA,IAAI,UAA8B,IAAI,oBAAoB;AAC1D,IAAI,oBAAoB;AAGjB,SAAS,sBAAsB,QAAkC;AACpE,YAAU;AACd;AAGO,SAAS,wBAA4C;AACxD,SAAO;AACX;AAMO,SAAS,eACZ,OACA,YACA,QACa;AACb,MAAI,CAAC,qBAAqB,mBAAmB,uBAAuB,QAAQ,IAAI,aAAa,cAAc;AACvG,wBAAoB;AACpB,YAAQ,KAAK,6JAA6J;AAAA,EAC9K;AACA,QAAM,MAAM,KAAK,IAAI;AAGrB,QAAM,WAAW,iBAAiB,SAAS,MAAM,OAAO,OAAO,2BAA2B,QAAQ,GAAG;AACrG,MAAI,SAAU,QAAO;AAGrB,MAAI,YAAY;AACZ,UAAM,gBAAgB,iBAAiB,SAAS,WAAW,YAAY,OAAO,sBAAsB,QAAQ,GAAG;AAC/G,QAAI,cAAe,QAAO;AAAA,EAC9B;AAEA,SAAO;AACX;AAKO,SAAS,oBACZ,OACA,YACA,QACI;AACJ,QAAM,MAAM,KAAK,IAAI;AACrB,gBAAc,SAAS,MAAM,OAAO,QAAQ,GAAG;AAC/C,MAAI,YAAY;AACZ,kBAAc,SAAS,WAAW,YAAY,QAAQ,GAAG;AAAA,EAC7D;AACJ;AAKO,SAAS,sBAAsB,OAAe,YAAiC;AAClF,UAAQ,OAAO,MAAM,KAAK;AAC1B,MAAI,YAAY;AACZ,YAAQ,OAAO,WAAW,UAAU;AAAA,EACxC;AACJ;AAMA,SAAS,iBACL,MACA,OACA,KACA,aACA,QACA,KACa;AACb,QAAM,QAAQ,KAAK,IAAI,OAAO,GAAG;AACjC,MAAI,CAAC,MAAO,QAAO;AAEnB,MAAI,MAAM,eAAe,KAAK;AAC1B,UAAM,YAAY,KAAK,MAAM,MAAM,eAAe,OAAO,GAAI;AAC7D,WAAO,iBAAiB,KAAK,mBAAmB,SAAS;AAAA,EAC7D;AAEA,MAAI,MAAM,MAAM,kBAAkB,OAAO,UAAU;AAC/C,SAAK,OAAO,OAAO,GAAG;AACtB,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,SAAS,aAAa;AAC5B,UAAM,eAAe,MAAM,OAAO;AAClC,SAAK,IAAI,OAAO,KAAK,KAAK;AAC1B,WAAO,sBAAsB,KAAK,kBAAkB,KAAK,KAAK,OAAO,UAAU,GAAI,CAAC;AAAA,EACxF;AAEA,SAAO;AACX;AAEA,SAAS,cACL,MACA,OACA,KACA,QACA,KACI;AAEJ,MAAI,KAAK,KAAK,KAAK,KAAK,OAAO,SAAS;AACpC,SAAK,YAAY,OAAO,KAAK,MAAM,OAAO,UAAU,GAAG,CAAC;AAAA,EAC5D;AAEA,QAAM,QAAQ,KAAK,IAAI,OAAO,GAAG;AACjC,MAAI,CAAC,SAAS,MAAM,MAAM,kBAAkB,OAAO,UAAU;AACzD,SAAK,IAAI,OAAO,KAAK,EAAE,OAAO,GAAG,iBAAiB,KAAK,cAAc,EAAE,CAAC;AAAA,EAC5E,OAAO;AACH,UAAM;AACN,SAAK,IAAI,OAAO,KAAK,KAAK;AAAA,EAC9B;AACJ;","names":[]}

package/dist/chunk-CP33WQ5Q.js DELETED Viewed

@@ -1,47 +0,0 @@
-// src/next-adapters.ts
-import nextDynamic from "next/dynamic";
-import NextImage from "next/image";
-import NextLink from "next/link";
-import {
-  useParams as useNextParams,
-  usePathname as useNextPathname,
-  useRouter as useNextRouter,
-  useSearchParams as useNextSearchParams
-} from "next/navigation";
-var hasLoggedDefaultSsrWarning = false;
-function createNextRouteAdapter() {
-  return {
-    usePathname: useNextPathname,
-    useSearchParams: () => useNextSearchParams() ?? new URLSearchParams(),
-    useParams: () => useNextParams() ?? {},
-    useRouter: useNextRouter
-  };
-}
-function createNextUIAdapter(options) {
-  const defaultDynamicSsr = options?.defaultDynamicSsr ?? true;
-  if (options?.defaultDynamicSsr === void 0 && !hasLoggedDefaultSsrWarning && process.env.NODE_ENV !== "production") {
-    hasLoggedDefaultSsrWarning = true;
-    console.warn(
-      "[server] createNextUIAdapter() defaults dynamic imports to ssr:true. For client-only apps use createClientOnlyNextUIAdapter() or pass { defaultDynamicSsr: false }."
-    );
-  }
-  return {
-    Image: NextImage,
-    Link: NextLink,
-    dynamic: (loader, opts) => nextDynamic(loader, { ssr: opts?.ssr ?? defaultDynamicSsr })
-  };
-}
-function createClientOnlyNextUIAdapter() {
-  return createNextUIAdapter({ defaultDynamicSsr: false });
-}
-function createSsrNextUIAdapter() {
-  return createNextUIAdapter({ defaultDynamicSsr: true });
-}
-export {
-  createNextRouteAdapter,
-  createNextUIAdapter,
-  createClientOnlyNextUIAdapter,
-  createSsrNextUIAdapter
-};
-//# sourceMappingURL=chunk-CP33WQ5Q.js.map

package/dist/chunk-CP33WQ5Q.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/next-adapters.ts"],"sourcesContent":["\"use client\";\n\n/**\n * Next.js adapter presets for RouteAdapter and UIAdapter.\n * Consumer app calls these in Root.tsx / layout.tsx to register the Next.js implementations.\n * @module next-adapters\n */\n\nimport type { ImageProps, LinkProps, RouteAdapter, UIAdapter } from \"@spring-systems/ui/adapters\";\nimport nextDynamic from \"next/dynamic\";\nimport NextImage from \"next/image\";\nimport NextLink from \"next/link\";\nimport {\n useParams as useNextParams,\n usePathname as useNextPathname,\n useRouter as useNextRouter,\n useSearchParams as useNextSearchParams,\n} from \"next/navigation\";\nimport type React from \"react\";\n\nlet hasLoggedDefaultSsrWarning = false;\n\nexport interface NextUIAdapterOptions {\n /**\n * Default SSR behavior for `dynamic` when call-site does not provide `{ ssr }`.\n * Defaults to `true` for backward compatibility.\n */\n defaultDynamicSsr?: boolean;\n}\n\n/** Creates a RouteAdapter backed by Next.js App Router hooks. */\nexport function createNextRouteAdapter(): RouteAdapter {\n return {\n usePathname: useNextPathname,\n useSearchParams: () => useNextSearchParams() ?? new URLSearchParams(),\n useParams: () => (useNextParams() ?? {}) as Record<string, string | string[]>,\n useRouter: useNextRouter,\n };\n}\n\n/** Creates a UIAdapter backed by Next.js Image, Link, and dynamic imports. */\nexport function createNextUIAdapter(options?: NextUIAdapterOptions): UIAdapter {\n const defaultDynamicSsr = options?.defaultDynamicSsr ?? true;\n if (options?.defaultDynamicSsr === undefined && !hasLoggedDefaultSsrWarning && process.env.NODE_ENV !== \"production\") {\n hasLoggedDefaultSsrWarning = true;\n // Keeping backward-compatible default SSR behavior, but warn in dev to avoid accidental use in client-only apps.\n console.warn(\n \"[server] createNextUIAdapter() defaults dynamic imports to ssr:true. For client-only apps use createClientOnlyNextUIAdapter() or pass { defaultDynamicSsr: false }.\"\n );\n }\n return {\n Image: NextImage as React.ComponentType<ImageProps>,\n Link: NextLink as React.ComponentType<LinkProps>,\n dynamic: <T extends React.ComponentType<React.ComponentProps<T>>>(\n loader: () => Promise<{ default: T }>,\n opts?: { ssr?: boolean },\n ) => nextDynamic(loader, { ssr: opts?.ssr ?? defaultDynamicSsr }) as unknown as T,\n };\n}\n\n/** Creates a UIAdapter preset optimized for client-only apps (dynamic imports default to `ssr: false`). */\nexport function createClientOnlyNextUIAdapter(): UIAdapter {\n return createNextUIAdapter({ defaultDynamicSsr: false });\n}\n\n/** Creates a UIAdapter preset with SSR-enabled dynamic imports by default. */\nexport function createSsrNextUIAdapter(): UIAdapter {\n return createNextUIAdapter({ defaultDynamicSsr: true });\n}\n"],"mappings":";AASA,OAAO,iBAAiB;AACxB,OAAO,eAAe;AACtB,OAAO,cAAc;AACrB;AAAA,EACI,aAAa;AAAA,EACb,eAAe;AAAA,EACf,aAAa;AAAA,EACb,mBAAmB;AAAA,OAChB;AAGP,IAAI,6BAA6B;AAW1B,SAAS,yBAAuC;AACnD,SAAO;AAAA,IACH,aAAa;AAAA,IACb,iBAAiB,MAAM,oBAAoB,KAAK,IAAI,gBAAgB;AAAA,IACpE,WAAW,MAAO,cAAc,KAAK,CAAC;AAAA,IACtC,WAAW;AAAA,EACf;AACJ;AAGO,SAAS,oBAAoB,SAA2C;AAC3E,QAAM,oBAAoB,SAAS,qBAAqB;AACxD,MAAI,SAAS,sBAAsB,UAAa,CAAC,8BAA8B,QAAQ,IAAI,aAAa,cAAc;AAClH,iCAA6B;AAE7B,YAAQ;AAAA,MACJ;AAAA,IACJ;AAAA,EACJ;AACA,SAAO;AAAA,IACH,OAAO;AAAA,IACP,MAAM;AAAA,IACN,SAAS,CACL,QACA,SACC,YAAY,QAAQ,EAAE,KAAK,MAAM,OAAO,kBAAkB,CAAC;AAAA,EACpE;AACJ;AAGO,SAAS,gCAA2C;AACvD,SAAO,oBAAoB,EAAE,mBAAmB,MAAM,CAAC;AAC3D;AAGO,SAAS,yBAAoC;AAChD,SAAO,oBAAoB,EAAE,mBAAmB,KAAK,CAAC;AAC1D;","names":[]}

package/dist/chunk-KA7RJCWA.js DELETED Viewed

@@ -1,24 +0,0 @@
-// src/security-headers.ts
-var PERMISSIONS_POLICY_VALUE = "accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), browsing-topics=()";
-var BASE_SECURITY_HEADER_VALUES = Object.freeze({
-  "Referrer-Policy": "strict-origin-when-cross-origin",
-  "X-Content-Type-Options": "nosniff",
-  "X-Frame-Options": "DENY",
-  "Cross-Origin-Opener-Policy": "same-origin",
-  "Cross-Origin-Resource-Policy": "same-origin",
-  "X-DNS-Prefetch-Control": "off",
-  "X-Permitted-Cross-Domain-Policies": "none",
-  "Origin-Agent-Cluster": "?1",
-  "Permissions-Policy": PERMISSIONS_POLICY_VALUE
-});
-var BASE_SECURITY_HEADERS = Object.entries(BASE_SECURITY_HEADER_VALUES).map(([key, value]) => ({
-  key,
-  value
-}));
-export {
-  PERMISSIONS_POLICY_VALUE,
-  BASE_SECURITY_HEADER_VALUES,
-  BASE_SECURITY_HEADERS
-};
-//# sourceMappingURL=chunk-KA7RJCWA.js.map

package/dist/chunk-KA7RJCWA.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/security-headers.ts"],"sourcesContent":["export const PERMISSIONS_POLICY_VALUE =\n \"accelerometer=(), autoplay=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), browsing-topics=()\";\n\nexport const BASE_SECURITY_HEADER_VALUES: Readonly<Record<string, string>> = Object.freeze({\n \"Referrer-Policy\": \"strict-origin-when-cross-origin\",\n \"X-Content-Type-Options\": \"nosniff\",\n \"X-Frame-Options\": \"DENY\",\n \"Cross-Origin-Opener-Policy\": \"same-origin\",\n \"Cross-Origin-Resource-Policy\": \"same-origin\",\n \"X-DNS-Prefetch-Control\": \"off\",\n \"X-Permitted-Cross-Domain-Policies\": \"none\",\n \"Origin-Agent-Cluster\": \"?1\",\n \"Permissions-Policy\": PERMISSIONS_POLICY_VALUE,\n});\n\nexport const BASE_SECURITY_HEADERS = Object.entries(BASE_SECURITY_HEADER_VALUES).map(([key, value]) => ({\n key,\n value,\n}));\n"],"mappings":";AAAO,IAAM,2BACT;AAEG,IAAM,8BAAgE,OAAO,OAAO;AAAA,EACvF,mBAAmB;AAAA,EACnB,0BAA0B;AAAA,EAC1B,mBAAmB;AAAA,EACnB,8BAA8B;AAAA,EAC9B,gCAAgC;AAAA,EAChC,0BAA0B;AAAA,EAC1B,qCAAqC;AAAA,EACrC,wBAAwB;AAAA,EACxB,sBAAsB;AAC1B,CAAC;AAEM,IAAM,wBAAwB,OAAO,QAAQ,2BAA2B,EAAE,IAAI,CAAC,CAAC,KAAK,KAAK,OAAO;AAAA,EACpG;AAAA,EACA;AACJ,EAAE;","names":[]}