npm - @truesift/express - Versions diffs - 0.1.0 - Mend

@truesift/express 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/CHANGELOG.md +191 -0
package/LICENSE +21 -0
package/README.md +567 -0
package/dist/errors/index.d.ts +1 -0
package/dist/errors/index.js +158 -0
package/dist/index-DWCqfBfQ.d.ts +135 -0
package/dist/index.d.ts +280 -0
package/dist/index.js +921 -0
package/package.json +60 -0

package/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,191 @@
+# Changelog
+All notable changes to the TrueSift Express SDK will be documented in this file.
+The format follows a simple internal changelog structure while the package is still unpublished.
+Product:
+```txt
+TrueSift — Next-Gen Human Verification made in Germany
+```
+Package:
+```txt
+@truesift/express
+```
+---
+## [0.1.0] - 2026-06-16
+### Status
+Internal work in progress.
+This is the first internal package setup for the TrueSift server-side Node/Express SDK.
+The package is not published yet and remains private.
+### Added
+- Initialized standalone SDK package structure.
+- Added TypeScript-first project setup.
+- Added ESM package configuration.
+- Added Node.js 20+ runtime target.
+- Added `tsup` build setup.
+- Added declaration file generation.
+- Added Vitest as test runner.
+- Added strict TypeScript configuration.
+- Added initial package identity:
+```txt
+@truesift/express
+```
+- Added proprietary internal license placeholder.
+- Added initial README documentation.
+- Added package metadata for future npm or private registry publishing.
+- Added initial source architecture:
+```txt
+src/client
+src/errors
+src/types
+src/utils
+src/http
+src/validation
+```
+- Added initial test architecture:
+```txt
+tests/unit
+tests/integration
+```
+- Added documentation folders:
+```txt
+docs
+examples/express
+examples/next
+```
+### Architecture
+The SDK is locked as a thin server-side service client.
+It is intended to communicate with the TrueSift API from backend code only.
+The first SDK version is planned to expose:
+```txt
+createBotGuardClient(config)
+BotGuardClient
+createChallenge()
+verifyChallenge()
+isAllowed()
+isReview()
+isBlocked()
+BotGuard error classes
+BotGuard/TrueSift types
+```
+### Security
+The SDK is designed as backend-only.
+The following principles are locked for the first version:
+- no browser usage
+- no React client component usage
+- no frontend bundle usage
+- no `NEXT_PUBLIC_*` secret usage
+- no automatic secret logging
+- no default logging
+- no business policy decisions inside the SDK
+- no automatic Express middleware in the first version
+- no automatic retry for challenge verification
+### Build
+Current build commands:
+```bash
+pnpm typecheck
+pnpm build
+```
+Both commands are expected to pass with the current empty SDK skeleton.
+### Notes
+The package still uses some early internal `BotGuard` naming in the planned API and file structure because the original backend module and locked blueprint were created under the BotGuard name.
+The product-facing name is now:
+```txt
+TrueSift
+```
+Future refactoring may decide whether the internal API remains `BotGuardClient` for compatibility with the backend module or moves fully to `TrueSiftClient`.
+### Publishing
+Publishing is not decided yet.
+Possible future distribution options:
+- public npm package
+- private npm package
+- GitHub Packages
+- internal registry
+- own package server
+- local workspace package
+The SDK architecture is intentionally independent from the final publishing strategy.
+---
+## Future planned versions
+### [0.2.0] - Planned
+Expected scope:
+- Implement core type definitions.
+- Implement SDK error model.
+- Implement config validation.
+- Implement decision normalization.
+- Implement request timeout handling.
+- Implement response parsing and validation.
+- Implement `createChallenge()`.
+- Implement `verifyChallenge()`.
+- Add unit tests for core behavior.
+### [0.3.0] - Planned
+Expected scope:
+- Add example Express controller usage.
+- Add example Next.js route handler usage.
+- Add fail-open observe example.
+- Add protect-mode block example.
+- Add security documentation.
+- Add smoke test against a development TrueSift API.
+### [1.0.0] - Planned
+Expected scope:
+- Stable internal release.
+- Clean typecheck.
+- Clean build.
+- Core unit tests.
+- Secret redaction tests.
+- Timeout tests.
+- Basic integration smoke test.
+- README usage finalized.
+- Publishing strategy decided.

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 WebDigiTech - Ventsislav Kolev
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.