@striae-org/striae 5.4.1 → 5.4.3

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@striae-org/striae",
-  "version": "5.4.1",
+  "version": "5.4.3",
   "private": false,
   "description": "Striae is a specialized, cloud-native platform designed to streamline forensic firearms identification by providing an intuitive environment for digital comparison image annotation, authenticated confirmations, and automated report generation.",
   "license": "Apache-2.0",
@@ -128,7 +128,7 @@
     "typescript": "^5.9.3",
     "vite": "^6.4.1",
     "vite-tsconfig-paths": "^6.1.1",
-    "wrangler": "^4.79.0"
+    "wrangler": "^4.80.0"
   },
   "overrides": {
     "@tootallnate/once": "3.0.1",

package/worker-configuration.d.ts

@@ -1,6 +1,6 @@
 /* eslint-disable */
-// Generated by Wrangler by running `wrangler types` (hash: d8f8f87d89a635e81e94aa31fb52008f)
-// Runtime types generated with workerd@1.20250823.0 2026-03-26 nodejs_compat
+// Generated by Wrangler by running `wrangler types` (hash: df3e4db815fe1724ed2abbb4f6b2065f)
+// Runtime types generated with workerd@1.20250823.0 2026-03-31 nodejs_compat
 declare namespace Cloudflare {
 	interface Env {
 		ACCOUNT_ID: string;
@@ -52,6 +52,7 @@ declare namespace Cloudflare {
 		IMAGES_WORKER_DOMAIN: string;
 		IMAGE_SIGNED_URL_SECRET: string;
 		IMAGE_SIGNED_URL_TTL_SECONDS: string;
+		IMAGE_SIGNED_URL_BASE_URL: string;
 		PDF_WORKER_NAME: string;
 		PDF_WORKER_DOMAIN: string;
 		PDF_WORKER_AUTH: string;
@@ -64,7 +65,7 @@ type StringifyValues<EnvType extends Record<string, unknown>> = {
 	[Binding in keyof EnvType]: EnvType[Binding] extends string ? EnvType[Binding] : string;
 };
 declare namespace NodeJS {
-	interface ProcessEnv extends StringifyValues<Pick<Cloudflare.Env, "ACCOUNT_ID" | "USER_DB_AUTH" | "R2_KEY_SECRET" | "IMAGES_API_TOKEN" | "API_KEY" | "AUTH_DOMAIN" | "PROJECT_ID" | "STORAGE_BUCKET" | "MESSAGING_SENDER_ID" | "APP_ID" | "MEASUREMENT_ID" | "FIREBASE_SERVICE_ACCOUNT_EMAIL" | "FIREBASE_SERVICE_ACCOUNT_PRIVATE_KEY" | "USER_KV_ENCRYPTION_PRIVATE_KEY" | "USER_KV_ENCRYPTION_KEY_ID" | "USER_KV_ENCRYPTION_PUBLIC_KEY" | "USER_KV_WRITE_ENDPOINTS_ENABLED" | "USER_KV_ENCRYPTION_KEYS_JSON" | "USER_KV_ENCRYPTION_ACTIVE_KEY_ID" | "MANIFEST_SIGNING_PRIVATE_KEY" | "MANIFEST_SIGNING_KEY_ID" | "MANIFEST_SIGNING_PUBLIC_KEY" | "EXPORT_ENCRYPTION_PRIVATE_KEY" | "EXPORT_ENCRYPTION_KEY_ID" | "EXPORT_ENCRYPTION_PUBLIC_KEY" | "EXPORT_ENCRYPTION_KEYS_JSON" | "EXPORT_ENCRYPTION_ACTIVE_KEY_ID" | "DATA_AT_REST_ENCRYPTION_ENABLED" | "DATA_AT_REST_ENCRYPTION_PRIVATE_KEY" | "DATA_AT_REST_ENCRYPTION_KEY_ID" | "DATA_AT_REST_ENCRYPTION_PUBLIC_KEY" | "DATA_AT_REST_ENCRYPTION_KEYS_JSON" | "DATA_AT_REST_ENCRYPTION_ACTIVE_KEY_ID" | "PAGES_PROJECT_NAME" | "PAGES_CUSTOM_DOMAIN" | "USER_WORKER_NAME" | "USER_WORKER_DOMAIN" | "KV_STORE_ID" | "DATA_WORKER_NAME" | "DATA_BUCKET_NAME" | "FILES_BUCKET_NAME" | "DATA_WORKER_DOMAIN" | "AUDIT_WORKER_NAME" | "AUDIT_BUCKET_NAME" | "AUDIT_WORKER_DOMAIN" | "IMAGES_WORKER_NAME" | "IMAGES_WORKER_DOMAIN" | "IMAGE_SIGNED_URL_SECRET" | "IMAGE_SIGNED_URL_TTL_SECONDS" | "PDF_WORKER_NAME" | "PDF_WORKER_DOMAIN" | "PDF_WORKER_AUTH" | "BROWSER_API_TOKEN" | "PRIMERSHEAR_EMAILS">> {}
+	interface ProcessEnv extends StringifyValues<Pick<Cloudflare.Env, "ACCOUNT_ID" | "USER_DB_AUTH" | "R2_KEY_SECRET" | "IMAGES_API_TOKEN" | "API_KEY" | "AUTH_DOMAIN" | "PROJECT_ID" | "STORAGE_BUCKET" | "MESSAGING_SENDER_ID" | "APP_ID" | "MEASUREMENT_ID" | "FIREBASE_SERVICE_ACCOUNT_EMAIL" | "FIREBASE_SERVICE_ACCOUNT_PRIVATE_KEY" | "USER_KV_ENCRYPTION_PRIVATE_KEY" | "USER_KV_ENCRYPTION_KEY_ID" | "USER_KV_ENCRYPTION_PUBLIC_KEY" | "USER_KV_WRITE_ENDPOINTS_ENABLED" | "USER_KV_ENCRYPTION_KEYS_JSON" | "USER_KV_ENCRYPTION_ACTIVE_KEY_ID" | "MANIFEST_SIGNING_PRIVATE_KEY" | "MANIFEST_SIGNING_KEY_ID" | "MANIFEST_SIGNING_PUBLIC_KEY" | "EXPORT_ENCRYPTION_PRIVATE_KEY" | "EXPORT_ENCRYPTION_KEY_ID" | "EXPORT_ENCRYPTION_PUBLIC_KEY" | "EXPORT_ENCRYPTION_KEYS_JSON" | "EXPORT_ENCRYPTION_ACTIVE_KEY_ID" | "DATA_AT_REST_ENCRYPTION_ENABLED" | "DATA_AT_REST_ENCRYPTION_PRIVATE_KEY" | "DATA_AT_REST_ENCRYPTION_KEY_ID" | "DATA_AT_REST_ENCRYPTION_PUBLIC_KEY" | "DATA_AT_REST_ENCRYPTION_KEYS_JSON" | "DATA_AT_REST_ENCRYPTION_ACTIVE_KEY_ID" | "PAGES_PROJECT_NAME" | "PAGES_CUSTOM_DOMAIN" | "USER_WORKER_NAME" | "USER_WORKER_DOMAIN" | "KV_STORE_ID" | "DATA_WORKER_NAME" | "DATA_BUCKET_NAME" | "FILES_BUCKET_NAME" | "DATA_WORKER_DOMAIN" | "AUDIT_WORKER_NAME" | "AUDIT_BUCKET_NAME" | "AUDIT_WORKER_DOMAIN" | "IMAGES_WORKER_NAME" | "IMAGES_WORKER_DOMAIN" | "IMAGE_SIGNED_URL_SECRET" | "IMAGE_SIGNED_URL_TTL_SECONDS" | "IMAGE_SIGNED_URL_BASE_URL" | "PDF_WORKER_NAME" | "PDF_WORKER_DOMAIN" | "PDF_WORKER_AUTH" | "BROWSER_API_TOKEN" | "PRIMERSHEAR_EMAILS">> {}
 }
 
 // Begin runtime types

package/workers/audit-worker/package.json

@@ -9,7 +9,7 @@
 	},
 	"devDependencies": {
 		"@cloudflare/puppeteer": "^1.0.6",
-		"wrangler": "^4.78.0"
+		"wrangler": "^4.80.0"
 	},
 	"overrides": {
 		"undici": "7.24.1",

package/workers/audit-worker/src/audit-worker.example.ts

@@ -4,7 +4,7 @@ import type { CreateResponse, Env } from './types';
 
 const corsHeaders: Record<string, string> = {
   'Access-Control-Allow-Origin': 'PAGES_CUSTOM_DOMAIN',
-  'Access-Control-Allow-Methods': 'GET, POST, DELETE, OPTIONS',
+  'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
   'Access-Control-Allow-Headers': 'Content-Type, X-Custom-Auth-Key',
   'Content-Type': 'application/json'
 };

package/workers/audit-worker/src/handlers/audit-routes.ts

@@ -92,34 +92,5 @@ export async function handleAuditRequest(
     }
   }
 
-  if (request.method === 'DELETE') {
-    if (!userId) {
-      return respond({ error: 'userId parameter is required' }, 400);
-    }
-
-    try {
-      const prefix = `audit-trails/${userId}/`;
-      let deletedCount = 0;
-      let cursor: string | undefined;
-
-      do {
-        const listed = await bucket.list({ prefix, cursor, limit: 1000 });
-
-        const keys = listed.objects.map((obj) => obj.key);
-        if (keys.length > 0) {
-          await bucket.delete(keys);
-          deletedCount += keys.length;
-        }
-
-        cursor = listed.truncated ? listed.cursor : undefined;
-      } while (cursor !== undefined);
-
-      return respond({ success: true, deletedCount });
-    } catch (error) {
-      const errorMessage = error instanceof Error ? error.message : 'Unknown error occurred';
-      return respond({ error: `Failed to delete audit entries: ${errorMessage}` }, 500);
-    }
-  }
-
-  return respond({ error: 'Method not allowed for audit endpoints. Only GET, POST, and DELETE are supported.' }, 405);
+  return respond({ error: 'Method not allowed for audit endpoints. Only GET and POST are supported.' }, 405);
 }

package/workers/audit-worker/wrangler.jsonc.example

@@ -7,7 +7,7 @@
   "name": "AUDIT_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/audit-worker.ts",
-  "compatibility_date": "2026-03-31",
+  "compatibility_date": "2026-04-02",
   "compatibility_flags": [
     "nodejs_compat"
   ], 

package/workers/data-worker/package.json

@@ -1,18 +1,18 @@
 {
-	"name": "data-worker",
-	"version": "0.0.0",
-	"private": true,
-	"scripts": {
-		"deploy": "wrangler deploy",
-		"dev": "wrangler dev",
-		"start": "wrangler dev"
-	},
-	"devDependencies": {
-		"@cloudflare/puppeteer": "^1.0.6",
-		"wrangler": "^4.78.0"
-	},
-	"overrides": {
-		"undici": "7.24.1",
-		"yauzl": "3.2.1"
-	}
-}
+  "name": "data-worker",
+  "version": "0.0.0",
+  "private": true,
+  "scripts": {
+    "deploy": "wrangler deploy",
+    "dev": "wrangler dev",
+    "start": "wrangler dev"
+  },
+  "devDependencies": {
+    "@cloudflare/puppeteer": "^1.0.6",
+    "wrangler": "^4.80.0"
+  },
+  "overrides": {
+    "undici": "7.24.1",
+    "yauzl": "3.2.1"
+  }
+}

package/workers/data-worker/src/encryption-utils.ts

@@ -224,7 +224,7 @@ export async function decryptJsonFromStorage(
 }
 
 /**
- * Decrypt data file (plaintext JSON/CSV)
+ * Decrypt data file (plaintext JSON)
  */
 export async function decryptExportData(
   encryptedDataBase64: string,

package/workers/data-worker/src/signing-payload-utils.ts

@@ -18,6 +18,7 @@ export interface ConfirmationSignatureMetadata {
   version: string;
   hash: string;
   originalExportCreatedAt?: string;
+  originalCaseOwnerUid?: string;
 }
 
 export interface ConfirmationRecord {
@@ -36,8 +37,8 @@ export interface ConfirmationSigningPayload {
   confirmations: Record<string, ConfirmationRecord[]>;
 }
 
-export type AuditExportFormat = 'csv' | 'json' | 'txt';
-export type AuditExportType = 'entries' | 'trail' | 'report';
+export type AuditExportFormat = 'json';
+export type AuditExportType = 'trail';
 export type AuditExportScopeType = 'case' | 'user';
 
 export interface AuditExportSigningPayload {
@@ -153,6 +154,13 @@ export function isValidConfirmationPayload(
     return false;
   }
 
+  if (
+    typeof metadata.originalCaseOwnerUid !== 'undefined' &&
+    (typeof metadata.originalCaseOwnerUid !== 'string' || metadata.originalCaseOwnerUid.trim().length === 0)
+  ) {
+    return false;
+  }
+
   for (const [imageId, confirmationList] of Object.entries(candidate.confirmations)) {
     if (!imageId || !Array.isArray(confirmationList)) {
       return false;
@@ -179,11 +187,11 @@ export function isValidAuditExportPayload(
     return false;
   }
 
-  if (candidate.exportFormat !== 'csv' && candidate.exportFormat !== 'json' && candidate.exportFormat !== 'txt') {
+  if (candidate.exportFormat !== 'json') {
     return false;
   }
 
-  if (candidate.exportType !== 'entries' && candidate.exportType !== 'trail' && candidate.exportType !== 'report') {
+  if (candidate.exportType !== 'trail') {
     return false;
   }
 
@@ -271,6 +279,9 @@ export function createConfirmationSigningPayload(confirmationData: ConfirmationS
       hash: confirmationData.metadata.hash.toUpperCase(),
       ...(confirmationData.metadata.originalExportCreatedAt
         ? { originalExportCreatedAt: confirmationData.metadata.originalExportCreatedAt }
+        : {}),
+      ...(confirmationData.metadata.originalCaseOwnerUid
+        ? { originalCaseOwnerUid: confirmationData.metadata.originalCaseOwnerUid }
         : {})
     },
     confirmations: normalizeConfirmations(confirmationData.confirmations)

package/workers/data-worker/wrangler.jsonc.example

@@ -5,7 +5,7 @@
   "name": "DATA_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/data-worker.ts",
-  "compatibility_date": "2026-03-31",
+  "compatibility_date": "2026-04-02",
   "compatibility_flags": [
     "nodejs_compat"
   ], 

package/workers/image-worker/package.json

@@ -9,7 +9,7 @@
 	},
 	"devDependencies": {
 		"@cloudflare/puppeteer": "^1.0.6",
-		"wrangler": "^4.78.0"
+		"wrangler": "^4.80.0"
 	},
 	"overrides": {
 		"undici": "7.24.1",

package/workers/image-worker/wrangler.jsonc.example

@@ -2,7 +2,7 @@
   "name": "IMAGES_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/image-worker.ts",
-  "compatibility_date": "2026-03-31",
+  "compatibility_date": "2026-04-02",
   "compatibility_flags": [
     "nodejs_compat"
   ], 

package/workers/pdf-worker/package.json

@@ -10,7 +10,7 @@
 	},
 	"devDependencies": {
 		"@cloudflare/puppeteer": "^1.0.6",
-		"wrangler": "^4.78.0"
+		"wrangler": "^4.80.0"
 	},
 	"overrides": {
 		"undici": "7.24.1",

package/workers/pdf-worker/wrangler.jsonc.example

@@ -2,7 +2,7 @@
   "name": "PDF_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/pdf-worker.ts",
-  "compatibility_date": "2026-03-31",
+  "compatibility_date": "2026-04-02",
   "compatibility_flags": [
     "nodejs_compat"
   ],

package/workers/user-worker/package.json

@@ -9,7 +9,7 @@
   },
   "devDependencies": {
     "@cloudflare/puppeteer": "^1.0.6",
-    "wrangler": "^4.78.0"
+    "wrangler": "^4.80.0"
   },
   "overrides": {
     "undici": "7.24.1",

package/workers/user-worker/wrangler.jsonc.example

@@ -2,7 +2,7 @@
   "name": "USER_WORKER_NAME",
   "account_id": "ACCOUNT_ID",
   "main": "src/user-worker.ts",
-  "compatibility_date": "2026-03-31",
+  "compatibility_date": "2026-04-02",
   "compatibility_flags": [
     "nodejs_compat"
   ], 

package/wrangler.toml.example

@@ -1,6 +1,6 @@
 #:schema node_modules/wrangler/config-schema.json
 name = "PAGES_PROJECT_NAME"
-compatibility_date = "2026-03-31"
+compatibility_date = "2026-04-02"
 compatibility_flags = ["nodejs_compat"]
 pages_build_output_dir = "./build/client"
 

package/app/components/audit/viewer/use-audit-viewer-export.ts

@@ -1,176 +0,0 @@
-import { useCallback } from 'react';
-import type { Dispatch, SetStateAction } from 'react';
-import type { User } from 'firebase/auth';
-import { auditExportService } from '~/services/audit';
-import type { AuditTrail, ValidationAuditEntry } from '~/types';
-
-interface UseAuditViewerExportParams {
-  user: User | null;
-  effectiveCaseNumber?: string;
-  filteredEntries: ValidationAuditEntry[];
-  auditTrail: AuditTrail | null;
-  setError: Dispatch<SetStateAction<string>>;
-}
-
-export const useAuditViewerExport = ({
-  user,
-  effectiveCaseNumber,
-  filteredEntries,
-  auditTrail,
-  setError
-}: UseAuditViewerExportParams) => {
-  const resolveExportContext = useCallback(() => {
-    if (!user) {
-      return null;
-    }
-
-    const identifier = effectiveCaseNumber || user.uid;
-    const scopeType: 'case' | 'user' = effectiveCaseNumber ? 'case' : 'user';
-
-    return {
-      identifier,
-      scopeType,
-      context: {
-        user,
-        scopeType,
-        scopeIdentifier: identifier,
-        caseNumber: effectiveCaseNumber || undefined
-      } as const
-    };
-  }, [user, effectiveCaseNumber]);
-
-  const handleExportCSV = useCallback(async () => {
-    const exportContextData = resolveExportContext();
-    if (!exportContextData) {
-      return;
-    }
-
-    const filename = auditExportService.generateFilename(
-      exportContextData.scopeType,
-      exportContextData.identifier,
-      'csv'
-    );
-
-    try {
-      if (auditTrail && effectiveCaseNumber) {
-        await auditExportService.exportAuditTrailToCSV(auditTrail, filename, exportContextData.context);
-      } else {
-        await auditExportService.exportToCSV(filteredEntries, filename, exportContextData.context);
-      }
-    } catch (exportError) {
-      console.error('Export failed:', exportError);
-      setError('Failed to export audit trail to CSV');
-    }
-  }, [resolveExportContext, auditTrail, effectiveCaseNumber, filteredEntries, setError]);
-
-  const handleExportJSON = useCallback(async () => {
-    const exportContextData = resolveExportContext();
-    if (!exportContextData) {
-      return;
-    }
-
-    const filename = auditExportService.generateFilename(
-      exportContextData.scopeType,
-      exportContextData.identifier,
-      'json'
-    );
-
-    try {
-      if (auditTrail && effectiveCaseNumber) {
-        await auditExportService.exportAuditTrailToJSON(auditTrail, filename, exportContextData.context);
-      } else {
-        await auditExportService.exportToJSON(filteredEntries, filename, exportContextData.context);
-      }
-    } catch (exportError) {
-      console.error('Export failed:', exportError);
-      setError('Failed to export audit trail to JSON');
-    }
-  }, [resolveExportContext, auditTrail, effectiveCaseNumber, filteredEntries, setError]);
-
-  const handleGenerateReport = useCallback(async () => {
-    const exportContextData = resolveExportContext();
-    if (!exportContextData) {
-      return;
-    }
-
-    const resolvedUser = exportContextData.context.user;
-
-    const filename = `${exportContextData.scopeType}-audit-report-${exportContextData.identifier}-${new Date().toISOString().split('T')[0]}.txt`;
-
-    try {
-      let reportContent: string;
-
-      if (auditTrail && effectiveCaseNumber) {
-        reportContent = await auditExportService.generateReportSummary(auditTrail, exportContextData.context);
-      } else {
-        const totalEntries = filteredEntries.length;
-        const successfulActions = filteredEntries.filter(entry => entry.result === 'success').length;
-        const failedActions = filteredEntries.filter(entry => entry.result === 'failure').length;
-
-        const actionCounts = filteredEntries.reduce((accumulator, entry) => {
-          accumulator[entry.action] = (accumulator[entry.action] || 0) + 1;
-          return accumulator;
-        }, {} as Record<string, number>);
-
-        const detectedDateRange = filteredEntries.length > 0
-          ? {
-              earliest: new Date(Math.min(...filteredEntries.map(entry => new Date(entry.timestamp).getTime()))),
-              latest: new Date(Math.max(...filteredEntries.map(entry => new Date(entry.timestamp).getTime())))
-            }
-          : null;
-
-        reportContent = `${effectiveCaseNumber ? 'CASE' : 'USER'} AUDIT REPORT
-Generated: ${new Date().toISOString()}
-      ${effectiveCaseNumber ? `Case: ${effectiveCaseNumber}` : `User: ${resolvedUser.email}`}
-      ${effectiveCaseNumber ? '' : `User ID: ${resolvedUser.uid}`}
-
-=== SUMMARY ===
-Total Actions: ${totalEntries}
-Successful: ${successfulActions}
-Failed: ${failedActions}
-Success Rate: ${totalEntries > 0 ? ((successfulActions / totalEntries) * 100).toFixed(1) : 0}%
-
-${detectedDateRange ? `Date Range: ${detectedDateRange.earliest.toLocaleDateString()} - ${detectedDateRange.latest.toLocaleDateString()}` : 'No entries found'}
-
-=== ACTION BREAKDOWN ===
-${Object.entries(actionCounts)
-  .sort(([, actionCountA], [, actionCountB]) => actionCountB - actionCountA)
-  .map(([action, count]) => `${action}: ${count}`)
-  .join('\n')}
-
-=== RECENT ACTIVITIES ===
-${filteredEntries.slice(0, 10).map(entry =>
-  `${new Date(entry.timestamp).toLocaleString()} | ${entry.action} | ${entry.result}${entry.details.caseNumber ? ` | Case: ${entry.details.caseNumber}` : ''}`
-).join('\n')}
-
-Generated by Striae
-`;
-
-        reportContent = await auditExportService.appendSignedReportIntegrity(
-          reportContent,
-          exportContextData.context,
-          totalEntries
-        );
-      }
-
-      const blob = new Blob([reportContent], { type: 'text/plain' });
-      const url = URL.createObjectURL(blob);
-      const anchor = document.createElement('a');
-      anchor.href = url;
-      anchor.download = filename;
-      document.body.appendChild(anchor);
-      anchor.click();
-      document.body.removeChild(anchor);
-      URL.revokeObjectURL(url);
-    } catch (reportError) {
-      console.error('Report generation failed:', reportError);
-      setError('Failed to generate audit report');
-    }
-  }, [resolveExportContext, auditTrail, effectiveCaseNumber, filteredEntries, setError]);
-
-  return {
-    handleExportCSV,
-    handleExportJSON,
-    handleGenerateReport
-  };
-};

package/app/services/audit/audit-export-csv.ts

@@ -1,130 +0,0 @@
-import { type ValidationAuditEntry } from '~/types';
-
-export const AUDIT_CSV_ENTRY_HEADERS = [
-  'Timestamp',
-  'User Email',
-  'Action',
-  'Result',
-  'File Name',
-  'File Type',
-  'Case Number',
-  'Confirmation ID',
-  'Original Examiner UID',
-  'Reviewing Examiner UID',
-  'File ID',
-  'Original Filename',
-  'File Size (MB)',
-  'MIME Type',
-  'Upload Method',
-  'Delete Reason',
-  'Annotation ID',
-  'Annotation Type',
-  'Annotation Tool',
-  'Session ID',
-  'User Agent',
-  'Processing Time (ms)',
-  'Hash Valid',
-  'Validation Errors',
-  'Security Issues',
-  'Workflow Phase',
-  'Profile Field',
-  'Old Value',
-  'New Value',
-  'Badge/ID',
-  'Total Confirmations In File',
-  'Confirmations Successfully Imported',
-  'Validation Steps Failed',
-  'Case Name',
-  'Total Files',
-  'MFA Method',
-  'Security Incident Type',
-  'Security Severity',
-  'Confirmed Files'
-];
-
-const formatForCSV = (value?: string | number | null): string => {
-  if (value === undefined || value === null) return '';
-  const str = String(value);
-  if (str.includes(',') || str.includes('"') || str.includes('\n')) {
-    return `"${str.replace(/"/g, '""')}"`;
-  }
-  return str;
-};
-
-const getSecurityIssues = (entry: ValidationAuditEntry): string => {
-  const securityChecks = entry.details.securityChecks;
-  if (!securityChecks) {
-    return '';
-  }
-
-  const issues = [];
-
-  if (securityChecks.selfConfirmationPrevented === true) {
-    issues.push('selfConfirmationPrevented');
-  }
-
-  if (securityChecks.fileIntegrityValid === false) {
-    issues.push('fileIntegrityValid');
-  }
-
-  if (securityChecks.exporterUidValidated === false) {
-    issues.push('exporterUidValidated');
-  }
-
-  return issues.join('; ');
-};
-
-export const entryToCSVRow = (entry: ValidationAuditEntry): string => {
-  const fileDetails = entry.details.fileDetails;
-  const annotationDetails = entry.details.annotationDetails;
-  const sessionDetails = entry.details.sessionDetails;
-  const userProfileDetails = entry.details.userProfileDetails;
-  const caseDetails = entry.details.caseDetails;
-  const performanceMetrics = entry.details.performanceMetrics;
-  const securityDetails = entry.details.securityDetails;
-  const securityIssues = getSecurityIssues(entry);
-
-  const values = [
-    formatForCSV(entry.timestamp),
-    formatForCSV(entry.userEmail),
-    formatForCSV(entry.action),
-    formatForCSV(entry.result),
-    formatForCSV(entry.details.fileName),
-    formatForCSV(entry.details.fileType),
-    formatForCSV(entry.details.caseNumber),
-    formatForCSV(entry.details.confirmationId),
-    formatForCSV(entry.details.originalExaminerUid),
-    formatForCSV(entry.details.reviewingExaminerUid),
-    formatForCSV(fileDetails?.fileId),
-    formatForCSV(fileDetails?.originalFileName),
-    fileDetails?.fileSize ? (fileDetails.fileSize / 1024 / 1024).toFixed(2) : '',
-    formatForCSV(fileDetails?.mimeType),
-    formatForCSV(fileDetails?.uploadMethod),
-    formatForCSV(fileDetails?.deleteReason),
-    formatForCSV(annotationDetails?.annotationId),
-    formatForCSV(annotationDetails?.annotationType),
-    formatForCSV(annotationDetails?.tool),
-    formatForCSV(sessionDetails?.sessionId),
-    formatForCSV(sessionDetails?.userAgent),
-    performanceMetrics?.processingTimeMs || '',
-    entry.details.hashValid !== undefined ? (entry.details.hashValid ? 'Yes' : 'No') : '',
-    formatForCSV(entry.details.validationErrors?.join('; ')),
-    formatForCSV(securityIssues),
-    formatForCSV(entry.details.workflowPhase),
-    formatForCSV(userProfileDetails?.profileField),
-    formatForCSV(userProfileDetails?.oldValue),
-    formatForCSV(userProfileDetails?.newValue),
-    formatForCSV(userProfileDetails?.badgeId),
-    caseDetails?.totalAnnotations?.toString() || '',
-    performanceMetrics?.validationStepsCompleted?.toString() || '',
-    performanceMetrics?.validationStepsFailed?.toString() || '',
-    formatForCSV(caseDetails?.newCaseName || caseDetails?.oldCaseName),
-    caseDetails?.totalFiles?.toString() || '',
-    formatForCSV(securityDetails?.mfaMethod),
-    formatForCSV(securityDetails?.incidentType),
-    formatForCSV(securityDetails?.severity),
-    formatForCSV(caseDetails?.confirmedFileNames?.join('; '))
-  ];
-
-  return values.join(',');
-};