@verriflo/secure 1.0.0

package/LICENSE

@@ -0,0 +1,24 @@
+VERRIFLO SECURE - COMMERCIAL SOFTWARE LICENSE
+
+Copyright (c) 2026 Verriflo. All rights reserved.
+
+This is a legally binding agreement between you (the individual or entity) and Verriflo. By installing, copying, or otherwise using this software, you agree to be bound by the terms of this license.
+
+1. GRANT OF LICENSE
+   Verriflo grants you a limited, non-exclusive, non-transferable license to use the @verriflo/secure package in your own commercial or personal projects, strictly contingent upon maintaining an active and valid Verriflo License Key.
+
+2. RESTRICTIONS
+   You may NOT under any circumstances:
+   a) Redistribute, share, sub-license, or resell this software, in whole or in part, in source or binary form.
+   b) Reverse-engineer, decompile, deobfuscate, disassemble, or attempt to derive the source code or underlying logic of the software.
+   c) Modify, bypass, or disable the license key verification mechanisms.
+   d) Create derivative works based on this software.
+
+3. VERIFICATION
+   This software requires external network communication to Verriflo servers to validate your license key. Tampering with this network request is a direct violation of this agreement and will result in immediate license termination.
+
+4. TERMINATION
+   This license is effective until terminated. Verriflo reserves the right to terminate your license immediately if you fail to comply with any term of this agreement. Upon termination, you must remove all copies of the software from your applications.
+
+5. DISCLAIMER OF WARRANTY
+   THIS SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. IN NO EVENT SHALL VERRIFLO BE LIABLE FOR ANY CLAIM, DAMAGES, OR OTHER LIABILITY ARISING FROM, OUT OF, OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

package/README.md

@@ -0,0 +1,66 @@
+# @verriflo/secure
+
+Drop-in, client-side security and DevTools restriction for web applications.
+
+Verriflo Secure provides strict, path-based enforcement to prevent unauthorized inspection, debugging, and content scraping. It is designed to be lightweight, incredibly difficult to bypass, and completely invisible in your dependency tree.
+
+> **Note:** This is a commercial package. A valid Verriflo Organization ID is required for initialization.
+
+## Features
+
+- 🛡️ **DevTools Blocking**: Detects and aggressively blocks browser developer tools across all major browsers.
+- 📍 **Granular Routing**: Enable protection only where you need it (e.g., `['/dashboard/*', '/checkout']`).
+- 📋 **Scraping Prevention**: Disable copy, cut, paste, and text selection on sensitive routes.
+- ⚡ **Zero Overhead**: The initialization and license check are optimized to prevent blocking your main thread.
+- 🔒 **Tamper Resistant**: Self-defending logic prevents users from pausing execution or stepping through the security code.
+
+## Installation
+
+```bash
+pnpm add @verriflo/secure
+```
+
+## Quick Start
+
+Initialize Verriflo Secure as early as possible in your application lifecycle (e.g., in `main.ts`, `index.js`, or `_app.tsx`):
+
+```typescript
+import VerrifloSecure from "@verriflo/secure";
+
+VerrifloSecure.init({
+  licenseKey: "your-organization-id", // Required
+  disablePaths: ["*"], // Block DevTools globally
+  disableCopyPaths: ["/premium-content/*"], // Block copying on specific routes
+  onDevToolOpen: (type, next) => {
+    // Optional: Log attempts to your own backend
+    console.warn(`Security alert: DevTools opened via ${type}`);
+
+    // Call next() to proceed with the default blocking behavior
+    next();
+  },
+});
+```
+
+## Configuration API
+
+| Option               | Type       | Default         | Description                                                 |
+| :------------------- | :--------- | :-------------- | :---------------------------------------------------------- |
+| `licenseKey`         | `string`   | `undefined`     | **Required.** Your active Verriflo Organization ID.         |
+| `disablePaths`       | `string[]` | `[]`            | Array of route patterns where DevTools are blocked.         |
+| `disableCopyPaths`   | `string[]` | `[]`            | Array of route patterns where copying text is blocked.      |
+| `disableCutPaths`    | `string[]` | `[]`            | Array of route patterns where cutting text is blocked.      |
+| `disablePastePaths`  | `string[]` | `[]`            | Array of route patterns where pasting is blocked.           |
+| `disableSelectPaths` | `string[]` | `[]`            | Array of route patterns where text highlighting is blocked. |
+| `onDevToolOpen`      | `function` | `undefined`     | Callback fired when an inspection attempt is caught.        |
+| `blockedUrl`         | `string`   | `'about:blank'` | Where to redirect the user if they force-open DevTools.     |
+
+## Network Behavior & Edge Cases
+
+Because `@verriflo/secure` verifies your license key at runtime, it makes a single, lightweight, asynchronous request on initialization.
+
+- If the license is valid, the security policies are silently enforced.
+- If the license key is invalid, expired, or the network request is intentionally blocked by the client, the security module will fail closed and log a standard error to the console.
+
+## License
+
+Commercial Proprietary License. See `LICENSE` for exact terms. Unauthorized copying, decompilation, or redistribution is strictly prohibited.