@umituz/react-native-ai-generation-content 1.61.32 → 1.61.34

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@umituz/react-native-ai-generation-content",
-  "version": "1.61.32",
+  "version": "1.61.34",
   "description": "Provider-agnostic AI generation orchestration for React Native with result preview components",
   "main": "src/index.ts",
   "types": "src/index.ts",

package/src/domain/entities/error.types.ts

@@ -17,7 +17,6 @@ export enum AIErrorType {
 export interface AIErrorInfo {
   type: AIErrorType;
   messageKey: string;
-  retryable: boolean;
   originalError?: unknown;
   statusCode?: number;
 }

package/src/domain/entities/job.types.ts

@@ -47,15 +47,11 @@ export type GenerationMode = "direct" | "queued";
 export interface BackgroundQueueConfig {
   readonly mode?: GenerationMode;
   readonly maxConcurrent?: number;
-  readonly retryCount?: number;
-  readonly retryDelayMs?: number;
   readonly queryKey?: readonly string[];
 }
 
 export const DEFAULT_QUEUE_CONFIG: Required<BackgroundQueueConfig> = {
   mode: "queued",
   maxConcurrent: 1,
-  retryCount: 2,
-  retryDelayMs: 2000,
   queryKey: ["ai", "background-jobs"],
 };

package/src/domain/entities/polling.types.ts

@@ -8,7 +8,7 @@ export interface PollingConfig {
   initialIntervalMs: number;
   maxIntervalMs: number;
   backoffMultiplier: number;
-  maxConsecutiveErrors: number;
+  maxTotalTimeMs?: number;
 }
 
 export const DEFAULT_POLLING_CONFIG: PollingConfig = {
@@ -16,13 +16,11 @@ export const DEFAULT_POLLING_CONFIG: PollingConfig = {
   initialIntervalMs: 1000,
   maxIntervalMs: 3000,
   backoffMultiplier: 1.2,
-  maxConsecutiveErrors: 5,
 };
 
 export interface PollingState {
   attempt: number;
   lastProgress: number;
-  consecutiveErrors: number;
   startTime: number;
 }
 

package/src/domain/interfaces/app-services.interface.ts

@@ -4,6 +4,17 @@
  * Apps implement these interfaces to provide their specific logic
  */
 
+/**
+ * Metadata types for credit cost calculation
+ */
+export interface CreditCostMetadata {
+  readonly model?: string;
+  readonly duration?: number;
+  readonly resolution?: string;
+  readonly quality?: string;
+  readonly [key: string]: string | number | boolean | undefined;
+}
+
 /**
  * Network service interface
  * Handles network availability checks
@@ -52,7 +63,7 @@ export interface ICreditService {
    */
   calculateCost: (
     capability: string,
-    metadata?: Record<string, unknown>,
+    metadata?: CreditCostMetadata,
   ) => number;
 }
 
@@ -91,6 +102,13 @@ export interface IAuthService {
   requireAuth: () => string;
 }
 
+/**
+ * Analytics event data
+ */
+export interface AnalyticsEventData {
+  readonly [key: string]: string | number | boolean | null | undefined;
+}
+
 /**
  * Analytics service interface (optional)
  * Tracks events for analytics
@@ -101,7 +119,7 @@ export interface IAnalyticsService {
    * @param event - Event name
    * @param data - Event data
    */
-  track: (event: string, data: Record<string, unknown>) => void;
+  track: (event: string, data: AnalyticsEventData) => void;
 }
 
 /**

package/src/domains/content-moderation/infrastructure/services/content-moderation.service.ts

@@ -103,7 +103,8 @@ class ContentModerationService {
       0
     );
 
-    return Math.min(1.0, score / 2);
+    // Only divide by 2 if we have violations, otherwise return 1.0
+    return violations.length > 0 ? Math.min(1.0, score / Math.max(1, violations.length)) : 1.0;
   }
 
   private determineAction(

package/src/domains/content-moderation/infrastructure/services/moderators/text.moderator.ts

@@ -7,11 +7,91 @@ import type { Violation } from "../../../domain/entities/moderation.types";
 import { patternMatcherService } from "../pattern-matcher.service";
 import { rulesRegistry } from "../../rules/rules-registry";
 import { BaseModerator, type ModerationResult } from "./base.moderator";
+import { DEFAULT_MAX_TEXT_LENGTH } from "../../../../infrastructure/constants/content.constants";
 
 declare const __DEV__: boolean;
 
-const DEFAULT_MAX_LENGTH = 10000;
+/**
+ * HTML entity encoding detection
+ * More reliable than regex for detecting encoded malicious content
+ */
+function containsHTMLEntities(content: string): boolean {
+  const htmlEntities = [
+    /</gi, />/gi, /"/gi, /&/gi, /'/gi,
+    /&#\d+;/gi, /&#x[0-9a-fA-F]+;/gi,
+  ];
+  return htmlEntities.some(entity => entity.test(content));
+}
+
+/**
+ * Safe string matching for malicious code detection
+ * Uses string operations instead of regex where possible
+ */
+function containsMaliciousPatterns(content: string): boolean {
+  const lowerContent = content.toLowerCase();
+
+  // Check for script tags (case-insensitive)
+  const scriptPatterns = ["<script", "</script>", "javascript:", "onclick=", "onerror=", "onload="];
+  for (const pattern of scriptPatterns) {
+    if (lowerContent.includes(pattern)) {
+      return true;
+    }
+  }
+
+  // Check for HTML entities (potential evasion)
+  if (containsHTMLEntities(content)) {
+    return true;
+  }
+
+  return false;
+}
+
+/**
+ * Multi-layered prompt injection detection
+ * Combines regex with string matching for better security
+ */
+function containsPromptInjection(content: string): boolean {
+  const lowerContent = content.toLowerCase();
+
+  // Critical injection patterns (string-based for safety)
+  const criticalPatterns = [
+    "ignore all instructions",
+    "ignore previous instructions",
+    "disregard all instructions",
+    "forget all instructions",
+    "you are now a",
+    "jailbreak",
+    "dan mode",
+    "developer mode",
+    "system:",
+    "[system]",
+    "<<system>>",
+  ];
+
+  for (const pattern of criticalPatterns) {
+    if (lowerContent.includes(pattern)) {
+      return true;
+    }
+  }
+
+  // Additional regex patterns for more complex matching
+  const regexPatterns = [
+    /act\s+as\s+(if|though)\s+you/gi,
+    /pretend\s+(you\s+are|to\s+be)/gi,
+    /bypass\s+(your\s+)?(safety|content|moderation)/gi,
+    /override\s+(your\s+)?(restrictions?|limitations?|rules?)/gi,
+  ];
+
+  return regexPatterns.some(pattern => {
+    try {
+      return pattern.test(content);
+    } catch {
+      return false;
+    }
+  });
+}
 
+// Kept for reference but no longer used directly - using safer functions above
 const MALICIOUS_CODE_PATTERNS = [
   /<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi,
   /javascript:/gi,
@@ -36,7 +116,7 @@ const PROMPT_INJECTION_PATTERNS = [
 ];
 
 class TextModerator extends BaseModerator {
-  private maxLength = DEFAULT_MAX_LENGTH;
+  private maxLength = DEFAULT_MAX_TEXT_LENGTH;
 
   setMaxLength(length: number): void {
     this.maxLength = length;
@@ -106,11 +186,11 @@ class TextModerator extends BaseModerator {
   }
 
   private containsMaliciousCode(content: string): boolean {
-    return MALICIOUS_CODE_PATTERNS.some((pattern) => pattern.test(content));
+    return containsMaliciousPatterns(content);
   }
 
   private containsPromptInjection(content: string): boolean {
-    return PROMPT_INJECTION_PATTERNS.some((pattern) => pattern.test(content));
+    return containsPromptInjection(content);
   }
 
   private evaluateRules(content: string): Violation[] {

package/src/domains/content-moderation/infrastructure/services/pattern-matcher.service.ts

@@ -1,6 +1,6 @@
 /**
  * Pattern Matcher Service
- * Utility service for regex pattern matching
+ * Utility service for regex pattern matching with security validations
  */
 
 export interface PatternMatch {
@@ -10,8 +10,70 @@ export interface PatternMatch {
   position?: number;
 }
 
+/**
+ * Validates that a regex pattern is safe to use
+ * Prevents ReDoS (Regular Expression Denial of Service) attacks
+ */
+function isValidRegexPattern(pattern: string): boolean {
+  if (!pattern || typeof pattern !== "string") {
+    return false;
+  }
+
+  // Check for dangerous patterns that could cause ReDoS
+  const dangerousPatterns = [
+    /\([^)]*\+\([^)]*\+\)/, // Nested repeated groups
+    /\([^)]*\*[^)]*\*\)/, // Multiple nested stars
+    /\.\*\.*/, // Multiple wildcards
+    /\.\+\.+/, // Multiple repeated wildcards
+  ];
+
+  for (const dangerous of dangerousPatterns) {
+    if (dangerous.test(pattern)) {
+      return false;
+    }
+  }
+
+  // Limit pattern length to prevent potential attacks
+  const MAX_PATTERN_LENGTH = 1000;
+  if (pattern.length > MAX_PATTERN_LENGTH) {
+    return false;
+  }
+
+  try {
+    // Test if pattern compiles without errors
+    new RegExp(pattern);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+/**
+ * Safely escapes special regex characters in user input
+ */
+function escapeRegExp(str: string): string {
+  return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+
 class PatternMatcherService {
   matchPattern(content: string, pattern: string): PatternMatch {
+    // Validate inputs
+    if (!content || typeof content !== "string") {
+      return { pattern, matched: false };
+    }
+
+    if (!pattern || typeof pattern !== "string") {
+      return { pattern, matched: false };
+    }
+
+    // Validate pattern safety before using it
+    if (!isValidRegexPattern(pattern)) {
+      if (typeof __DEV__ !== "undefined" && __DEV__) {
+        console.warn("[PatternMatcher] Invalid or unsafe pattern rejected:", pattern);
+      }
+      return { pattern, matched: false };
+    }
+
     try {
       const regex = new RegExp(pattern, "gi");
       const match = regex.exec(content);
@@ -26,11 +88,32 @@ class PatternMatcherService {
       }
 
       return { pattern, matched: false };
-    } catch {
+    } catch (error) {
+      if (typeof __DEV__ !== "undefined" && __DEV__) {
+        console.warn("[PatternMatcher] Regex error:", error);
+      }
       return { pattern, matched: false };
     }
   }
 
+  /**
+   * Safe string matching without regex (for user-provided search terms)
+   */
+  safeStringMatch(content: string, searchTerm: string): boolean {
+    if (!content || !searchTerm) {
+      return false;
+    }
+
+    try {
+      const escaped = escapeRegExp(searchTerm);
+      const regex = new RegExp(escaped, "gi");
+      return regex.test(content);
+    } catch {
+      // Fallback to simple includes if regex fails
+      return content.toLowerCase().includes(searchTerm.toLowerCase());
+    }
+  }
+
   matchAnyPattern(content: string, patterns: string[]): PatternMatch[] {
     return patterns.map((pattern) => this.matchPattern(content, pattern));
   }

package/src/domains/creations/infrastructure/repositories/CreationsWriter.ts

@@ -43,8 +43,15 @@ export class CreationsWriter {
       await setDoc(docRef, data);
       if (typeof __DEV__ !== "undefined" && __DEV__) console.log("[CreationsWriter] create() success");
     } catch (error) {
-      if (typeof __DEV__ !== "undefined" && __DEV__) console.error("[CreationsWriter] create() error", error);
-      throw error;
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      if (typeof __DEV__ !== "undefined" && __DEV__) {
+        console.error("[CreationsWriter] create() error", {
+          userId,
+          creationId: creation.id,
+          error: errorMessage,
+        });
+      }
+      throw new Error(`Failed to create creation ${creation.id}: ${errorMessage}`);
     }
   }
 
@@ -52,7 +59,12 @@ export class CreationsWriter {
     if (typeof __DEV__ !== "undefined" && __DEV__) console.log("[CreationsWriter] update()", { userId, id });
 
     const docRef = this.pathResolver.getDocRef(userId, id);
-    if (!docRef) return false;
+    if (!docRef) {
+      if (typeof __DEV__ !== "undefined" && __DEV__) {
+        console.error("[CreationsWriter] update() - Firestore not initialized", { userId, id });
+      }
+      return false;
+    }
 
     try {
       const updateData: Record<string, unknown> = {};
@@ -62,7 +74,14 @@ export class CreationsWriter {
       await updateDoc(docRef, updateData);
       return true;
     } catch (error) {
-      if (typeof __DEV__ !== "undefined" && __DEV__) console.error("[CreationsWriter] update() error", error);
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      if (typeof __DEV__ !== "undefined" && __DEV__) {
+        console.error("[CreationsWriter] update() error", {
+          userId,
+          creationId: id,
+          error: errorMessage,
+        });
+      }
       return false;
     }
   }
@@ -73,7 +92,15 @@ export class CreationsWriter {
     try {
       await updateDoc(docRef, { deletedAt: new Date() });
       return true;
-    } catch {
+    } catch (error) {
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      if (typeof __DEV__ !== "undefined" && __DEV__) {
+        console.error("[CreationsWriter] delete() error", {
+          userId,
+          creationId,
+          error: errorMessage,
+        });
+      }
       return false;
     }
   }
@@ -84,7 +111,15 @@ export class CreationsWriter {
     try {
       await deleteDoc(docRef);
       return true;
-    } catch {
+    } catch (error) {
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      if (typeof __DEV__ !== "undefined" && __DEV__) {
+        console.error("[CreationsWriter] hardDelete() error", {
+          userId,
+          creationId,
+          error: errorMessage,
+        });
+      }
       return false;
     }
   }
@@ -95,7 +130,15 @@ export class CreationsWriter {
     try {
       await updateDoc(docRef, { deletedAt: null });
       return true;
-    } catch {
+    } catch (error) {
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      if (typeof __DEV__ !== "undefined" && __DEV__) {
+        console.error("[CreationsWriter] restore() error", {
+          userId,
+          creationId,
+          error: errorMessage,
+        });
+      }
       return false;
     }
   }
@@ -106,7 +149,16 @@ export class CreationsWriter {
     try {
       await updateDoc(docRef, { isShared });
       return true;
-    } catch {
+    } catch (error) {
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      if (typeof __DEV__ !== "undefined" && __DEV__) {
+        console.error("[CreationsWriter] updateShared() error", {
+          userId,
+          creationId,
+          isShared,
+          error: errorMessage,
+        });
+      }
       return false;
     }
   }
@@ -118,7 +170,10 @@ export class CreationsWriter {
     const docRef = this.pathResolver.getDocRef(userId, creationId);
     if (!docRef) {
       if (typeof __DEV__ !== "undefined" && __DEV__) {
-        console.log("[CreationsWriter] updateFavorite() - no docRef");
+        console.warn("[CreationsWriter] updateFavorite() - Firestore not initialized", {
+          userId,
+          creationId,
+        });
       }
       return false;
     }
@@ -129,8 +184,14 @@ export class CreationsWriter {
       }
       return true;
     } catch (error) {
+      const errorMessage = error instanceof Error ? error.message : String(error);
       if (typeof __DEV__ !== "undefined" && __DEV__) {
-        console.error("[CreationsWriter] updateFavorite() error", error);
+        console.error("[CreationsWriter] updateFavorite() error", {
+          userId,
+          creationId,
+          isFavorite,
+          error: errorMessage,
+        });
       }
       return false;
     }
@@ -143,19 +204,41 @@ export class CreationsWriter {
     try {
       await updateDoc(docRef, { rating, ratedAt: new Date() });
       if (description || rating) {
-        await submitFeedback({
+        try {
+          await submitFeedback({
+            userId,
+            userEmail: null,
+            type: "creation_rating",
+            title: `Creation Rating: ${rating} Stars`,
+            description: description || `User rated creation ${rating} stars`,
+            rating,
+            status: "pending",
+          });
+        } catch (feedbackError) {
+          // Log but don't fail - the rating was saved successfully
+          const feedbackErrorMessage = feedbackError instanceof Error
+            ? feedbackError.message
+            : String(feedbackError);
+          if (typeof __DEV__ !== "undefined" && __DEV__) {
+            console.warn("[CreationsWriter] rate() - feedback submission failed", {
+              userId,
+              creationId,
+              error: feedbackErrorMessage,
+            });
+          }
+        }
+      }
+      return true;
+    } catch (error) {
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      if (typeof __DEV__ !== "undefined" && __DEV__) {
+        console.error("[CreationsWriter] rate() error", {
           userId,
-          userEmail: null,
-          type: "creation_rating",
-          title: `Creation Rating: ${rating} Stars`,
-          description: description || `User rated creation ${rating} stars`,
+          creationId,
           rating,
-          status: "pending",
+          error: errorMessage,
         });
       }
-      return true;
-    } catch (error) {
-      if (typeof __DEV__ !== "undefined" && __DEV__) console.error("[CreationsWriter] rate() error", error);
       return false;
     }
   }

package/src/domains/creations/presentation/hooks/useAdvancedFilter.ts

@@ -88,10 +88,19 @@ export function useAdvancedFilter<T extends FilterableCreation>({
     setFilter(DEFAULT_CREATION_FILTER);
   }, []);
 
-  const hasActiveFilters =
-    filter.type !== "all" || filter.status !== "all" || !!filter.searchQuery;
-  const activeMediaFilter = (filter.type as string) || "all";
-  const activeStatusFilter = (filter.status as string) || "all";
+  const hasActiveFilters = useMemo(
+    () =>
+      filter.type !== "all" || filter.status !== "all" || !!filter.searchQuery,
+    [filter.type, filter.status, filter.searchQuery]
+  );
+  const activeMediaFilter = useMemo(
+    () => (filter.type as string) || "all",
+    [filter.type]
+  );
+  const activeStatusFilter = useMemo(
+    () => (filter.status as string) || "all",
+    [filter.status]
+  );
 
   return {
     filtered,

package/src/domains/creations/presentation/hooks/useProcessingJobsPoller.ts

@@ -8,6 +8,7 @@
 import { useEffect, useRef, useCallback, useMemo } from "react";
 import { providerRegistry } from "../../../../infrastructure/services/provider-registry.service";
 import { QUEUE_STATUS, CREATION_STATUS } from "../../../../domain/constants/queue-status.constants";
+import { GALLERY_POLL_INTERVAL_MS } from "../../../../infrastructure/constants/polling.constants";
 import {
   extractResultUrl,
   type FalResult,
@@ -17,8 +18,6 @@ import type { ICreationsRepository } from "../../domain/repositories/ICreationsR
 
 declare const __DEV__: boolean;
 
-const POLL_INTERVAL_MS = 5000; // Gallery polls slower than wizard
-
 export interface UseProcessingJobsPollerConfig {
   readonly userId?: string | null;
   readonly creations: Creation[];
@@ -43,12 +42,13 @@ export function useProcessingJobsPoller(
   const pollingRef = useRef<Set<string>>(new Set());
   const intervalRef = useRef<ReturnType<typeof setInterval> | null>(null);
 
-  // Find creations that need polling - stabilize reference with useMemo
+  // Find creations that need polling - use Set for O(1) lookups
   const processingJobIds = useMemo(
-    () => creations
-      .filter((c) => c.status === CREATION_STATUS.PROCESSING && c.requestId && c.model)
-      .map((c) => c.id)
-      .join(","),
+    () => new Set(
+      creations
+        .filter((c) => c.status === CREATION_STATUS.PROCESSING && c.requestId && c.model)
+        .map((c) => c.id)
+    ),
     [creations],
   );
 
@@ -56,8 +56,7 @@ export function useProcessingJobsPoller(
     () => creations.filter(
       (c) => c.status === CREATION_STATUS.PROCESSING && c.requestId && c.model,
     ),
-    // eslint-disable-next-line react-hooks/exhaustive-deps
-    [processingJobIds],
+    [creations],
   );
 
   const pollJob = useCallback(
@@ -134,6 +133,8 @@ export function useProcessingJobsPoller(
         clearInterval(intervalRef.current);
         intervalRef.current = null;
       }
+      // Clear polling set to prevent memory leak
+      pollingRef.current.clear();
     };
   }, [enabled, userId, processingJobs, pollJob]);
 

package/src/domains/face-detection/presentation/hooks/useFaceDetection.ts

@@ -52,7 +52,7 @@ export const useFaceDetection = ({ aiAnalyzer, model }: UseFaceDetectionProps):
     setState(initialState);
   }, []);
 
-  const isValid = state.result ? isValidFace(state.result) : false;
+  const isValid = state.result !== null && state.result !== undefined ? isValidFace(state.result) : false;
 
   return {
     state,

package/src/domains/generation/infrastructure/flow/useFlow.ts

@@ -29,25 +29,29 @@ let flowStoreInstance: FlowStoreType | null = null;
 
 export const useFlow = (config: UseFlowConfig): UseFlowReturn => {
   const storeRef = useRef<FlowStoreType | null>(null);
-  const prevConfigRef = useRef<{ initialStepIndex?: number; initialStepId?: string } | undefined>(undefined);
+  const prevConfigRef = useRef<{ initialStepIndex?: number; initialStepId?: string; stepsCount: number } | undefined>(undefined);
+  const isResettingRef = useRef(false);
 
-  // Detect config changes (initialStepIndex or initialStepId changed)
+  // Detect config changes (initialStepIndex, initialStepId, or steps changed)
   const configChanged =
     prevConfigRef.current !== undefined &&
     (prevConfigRef.current.initialStepIndex !== config.initialStepIndex ||
-      prevConfigRef.current.initialStepId !== config.initialStepId);
+      prevConfigRef.current.initialStepId !== config.initialStepId ||
+      prevConfigRef.current.stepsCount !== config.steps.length);
 
-  // If config changed, reset and recreate store
-  if (configChanged) {
+  // If config changed, reset and recreate store (with guard against multiple resets)
+  if (configChanged && !isResettingRef.current) {
+    isResettingRef.current = true;
     if (flowStoreInstance) {
       flowStoreInstance.getState().reset();
     }
     flowStoreInstance = null;
     storeRef.current = null;
+    isResettingRef.current = false;
   }
 
   // Initialize store if needed
-  if (!storeRef.current) {
+  if (!storeRef.current && !isResettingRef.current) {
     if (!flowStoreInstance) {
       flowStoreInstance = createFlowStore({
         steps: config.steps,
@@ -62,6 +66,7 @@ export const useFlow = (config: UseFlowConfig): UseFlowReturn => {
   prevConfigRef.current = {
     initialStepIndex: config.initialStepIndex,
     initialStepId: config.initialStepId,
+    stepsCount: config.steps.length,
   };
 
   const store = storeRef.current;