@vorionsys/atsf-core 0.2.3 → 0.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/api/index.d.ts +1 -1
- package/dist/api/index.js +1 -1
- package/dist/api/server.d.ts +2 -2
- package/dist/api/server.d.ts.map +1 -1
- package/dist/api/server.js +147 -184
- package/dist/api/server.js.map +1 -1
- package/dist/arbitration/index.d.ts +4 -4
- package/dist/arbitration/index.d.ts.map +1 -1
- package/dist/arbitration/index.js +41 -46
- package/dist/arbitration/index.js.map +1 -1
- package/dist/arbitration/types.d.ts +10 -10
- package/dist/arbitration/types.d.ts.map +1 -1
- package/dist/basis/evaluator.d.ts +1 -1
- package/dist/basis/evaluator.d.ts.map +1 -1
- package/dist/basis/evaluator.js +54 -56
- package/dist/basis/evaluator.js.map +1 -1
- package/dist/basis/index.d.ts +3 -3
- package/dist/basis/index.js +3 -3
- package/dist/basis/parser.d.ts +2 -2
- package/dist/basis/parser.d.ts.map +1 -1
- package/dist/basis/parser.js +25 -32
- package/dist/basis/parser.js.map +1 -1
- package/dist/basis/types.d.ts +2 -2
- package/dist/chain/index.d.ts.map +1 -1
- package/dist/chain/index.js +16 -16
- package/dist/chain/index.js.map +1 -1
- package/dist/cognigate/index.d.ts +1 -1
- package/dist/cognigate/index.d.ts.map +1 -1
- package/dist/cognigate/index.js +33 -44
- package/dist/cognigate/index.js.map +1 -1
- package/dist/common/adapters.d.ts +4 -4
- package/dist/common/adapters.d.ts.map +1 -1
- package/dist/common/adapters.js +52 -62
- package/dist/common/adapters.js.map +1 -1
- package/dist/common/config.d.ts +69 -68
- package/dist/common/config.d.ts.map +1 -1
- package/dist/common/config.js +50 -50
- package/dist/common/config.js.map +1 -1
- package/dist/common/index.d.ts +4 -4
- package/dist/common/index.js +4 -4
- package/dist/common/logger.d.ts +1 -1
- package/dist/common/logger.js +8 -8
- package/dist/common/types.d.ts +5 -5
- package/dist/common/types.js +5 -5
- package/dist/containment/index.d.ts +3 -3
- package/dist/containment/index.d.ts.map +1 -1
- package/dist/containment/index.js +105 -119
- package/dist/containment/index.js.map +1 -1
- package/dist/containment/types.d.ts +11 -11
- package/dist/containment/types.d.ts.map +1 -1
- package/dist/contracts/index.d.ts +9 -9
- package/dist/contracts/index.d.ts.map +1 -1
- package/dist/contracts/index.js +54 -59
- package/dist/contracts/index.js.map +1 -1
- package/dist/contracts/types.d.ts +12 -12
- package/dist/contracts/types.d.ts.map +1 -1
- package/dist/crewai/callback.d.ts +2 -2
- package/dist/crewai/callback.d.ts.map +1 -1
- package/dist/crewai/callback.js +27 -27
- package/dist/crewai/callback.js.map +1 -1
- package/dist/crewai/executor.d.ts +95 -4
- package/dist/crewai/executor.d.ts.map +1 -1
- package/dist/crewai/executor.js +457 -16
- package/dist/crewai/executor.js.map +1 -1
- package/dist/crewai/index.d.ts +4 -4
- package/dist/crewai/index.js +4 -4
- package/dist/crewai/tools.d.ts +1 -1
- package/dist/crewai/tools.d.ts.map +1 -1
- package/dist/crewai/tools.js +38 -39
- package/dist/crewai/tools.js.map +1 -1
- package/dist/crewai/types.d.ts +66 -3
- package/dist/crewai/types.d.ts.map +1 -1
- package/dist/enforce/index.d.ts +229 -7
- package/dist/enforce/index.d.ts.map +1 -1
- package/dist/enforce/index.js +52 -80
- package/dist/enforce/index.js.map +1 -1
- package/dist/enforce/trust-aware-enforcement-service.d.ts +8 -8
- package/dist/enforce/trust-aware-enforcement-service.d.ts.map +1 -1
- package/dist/enforce/trust-aware-enforcement-service.js +107 -125
- package/dist/enforce/trust-aware-enforcement-service.js.map +1 -1
- package/dist/governance/fluid-workflow.d.ts +8 -8
- package/dist/governance/fluid-workflow.d.ts.map +1 -1
- package/dist/governance/fluid-workflow.js +86 -114
- package/dist/governance/fluid-workflow.js.map +1 -1
- package/dist/governance/index.d.ts +7 -7
- package/dist/governance/index.d.ts.map +1 -1
- package/dist/governance/index.js +74 -81
- package/dist/governance/index.js.map +1 -1
- package/dist/governance/proof-bridge.d.ts +6 -6
- package/dist/governance/proof-bridge.d.ts.map +1 -1
- package/dist/governance/proof-bridge.js +5 -5
- package/dist/governance/proof-bridge.js.map +1 -1
- package/dist/governance/types.d.ts +9 -16
- package/dist/governance/types.d.ts.map +1 -1
- package/dist/governance/types.js.map +1 -1
- package/dist/index.d.ts +27 -29
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +25 -31
- package/dist/index.js.map +1 -1
- package/dist/intent/index.d.ts +55 -5
- package/dist/intent/index.d.ts.map +1 -1
- package/dist/intent/index.js +21 -24
- package/dist/intent/index.js.map +1 -1
- package/dist/intent/persistent-intent-service.d.ts +2 -2
- package/dist/intent/persistent-intent-service.d.ts.map +1 -1
- package/dist/intent/persistent-intent-service.js +31 -43
- package/dist/intent/persistent-intent-service.js.map +1 -1
- package/dist/intent/supabase-intent-repository.d.ts +124 -0
- package/dist/intent/supabase-intent-repository.d.ts.map +1 -0
- package/dist/intent/supabase-intent-repository.js +404 -0
- package/dist/intent/supabase-intent-repository.js.map +1 -0
- package/dist/langchain/callback.d.ts +2 -2
- package/dist/langchain/callback.d.ts.map +1 -1
- package/dist/langchain/callback.js +30 -30
- package/dist/langchain/callback.js.map +1 -1
- package/dist/langchain/executor.d.ts +4 -4
- package/dist/langchain/executor.d.ts.map +1 -1
- package/dist/langchain/executor.js +80 -82
- package/dist/langchain/executor.js.map +1 -1
- package/dist/langchain/index.d.ts +5 -5
- package/dist/langchain/index.js +5 -5
- package/dist/langchain/tools.d.ts +1 -1
- package/dist/langchain/tools.d.ts.map +1 -1
- package/dist/langchain/tools.js +34 -36
- package/dist/langchain/tools.js.map +1 -1
- package/dist/langchain/types.d.ts +3 -3
- package/dist/langchain/types.d.ts.map +1 -1
- package/dist/layers/implementations/L0-request-format.d.ts +2 -2
- package/dist/layers/implementations/L0-request-format.d.ts.map +1 -1
- package/dist/layers/implementations/L0-request-format.js +52 -54
- package/dist/layers/implementations/L0-request-format.js.map +1 -1
- package/dist/layers/implementations/L1-input-size.d.ts +2 -2
- package/dist/layers/implementations/L1-input-size.d.ts.map +1 -1
- package/dist/layers/implementations/L1-input-size.js +39 -49
- package/dist/layers/implementations/L1-input-size.js.map +1 -1
- package/dist/layers/implementations/L2-charset-sanitizer.d.ts +2 -2
- package/dist/layers/implementations/L2-charset-sanitizer.d.ts.map +1 -1
- package/dist/layers/implementations/L2-charset-sanitizer.js +71 -81
- package/dist/layers/implementations/L2-charset-sanitizer.js.map +1 -1
- package/dist/layers/implementations/L3-schema-conformance.d.ts +3 -3
- package/dist/layers/implementations/L3-schema-conformance.d.ts.map +1 -1
- package/dist/layers/implementations/L3-schema-conformance.js +73 -82
- package/dist/layers/implementations/L3-schema-conformance.js.map +1 -1
- package/dist/layers/implementations/L4-injection-detector.d.ts +4 -4
- package/dist/layers/implementations/L4-injection-detector.d.ts.map +1 -1
- package/dist/layers/implementations/L4-injection-detector.js +81 -85
- package/dist/layers/implementations/L4-injection-detector.js.map +1 -1
- package/dist/layers/implementations/L5-rate-limiter.d.ts +2 -2
- package/dist/layers/implementations/L5-rate-limiter.d.ts.map +1 -1
- package/dist/layers/implementations/L5-rate-limiter.js +20 -20
- package/dist/layers/implementations/L5-rate-limiter.js.map +1 -1
- package/dist/layers/implementations/index.d.ts +6 -6
- package/dist/layers/implementations/index.d.ts.map +1 -1
- package/dist/layers/implementations/index.js +6 -6
- package/dist/layers/implementations/index.js.map +1 -1
- package/dist/layers/index.d.ts +3 -3
- package/dist/layers/index.d.ts.map +1 -1
- package/dist/layers/index.js +71 -99
- package/dist/layers/index.js.map +1 -1
- package/dist/layers/types.d.ts +16 -16
- package/dist/layers/types.d.ts.map +1 -1
- package/dist/persistence/file.d.ts +3 -3
- package/dist/persistence/file.d.ts.map +1 -1
- package/dist/persistence/file.js +28 -32
- package/dist/persistence/file.js.map +1 -1
- package/dist/persistence/index.d.ts +7 -7
- package/dist/persistence/index.d.ts.map +1 -1
- package/dist/persistence/index.js +18 -18
- package/dist/persistence/index.js.map +1 -1
- package/dist/persistence/memory.d.ts +3 -3
- package/dist/persistence/memory.d.ts.map +1 -1
- package/dist/persistence/memory.js +8 -10
- package/dist/persistence/memory.js.map +1 -1
- package/dist/persistence/sqlite.d.ts +3 -3
- package/dist/persistence/sqlite.d.ts.map +1 -1
- package/dist/persistence/sqlite.js +40 -39
- package/dist/persistence/sqlite.js.map +1 -1
- package/dist/persistence/supabase.d.ts +3 -3
- package/dist/persistence/supabase.d.ts.map +1 -1
- package/dist/persistence/supabase.js +45 -43
- package/dist/persistence/supabase.js.map +1 -1
- package/dist/persistence/types.d.ts +5 -5
- package/dist/phase6/ceiling.d.ts +5 -5
- package/dist/phase6/ceiling.d.ts.map +1 -1
- package/dist/phase6/ceiling.js +36 -69
- package/dist/phase6/ceiling.js.map +1 -1
- package/dist/phase6/context.d.ts +3 -3
- package/dist/phase6/context.d.ts.map +1 -1
- package/dist/phase6/context.js +47 -93
- package/dist/phase6/context.js.map +1 -1
- package/dist/phase6/index.d.ts +12 -12
- package/dist/phase6/index.d.ts.map +1 -1
- package/dist/phase6/index.js +15 -15
- package/dist/phase6/index.js.map +1 -1
- package/dist/phase6/presets.d.ts +2 -2
- package/dist/phase6/presets.d.ts.map +1 -1
- package/dist/phase6/presets.js +33 -39
- package/dist/phase6/presets.js.map +1 -1
- package/dist/phase6/provenance.d.ts +4 -4
- package/dist/phase6/provenance.d.ts.map +1 -1
- package/dist/phase6/provenance.js +35 -42
- package/dist/phase6/provenance.js.map +1 -1
- package/dist/phase6/role-gates/index.d.ts +2 -2
- package/dist/phase6/role-gates/index.js +2 -2
- package/dist/phase6/role-gates/kernel.d.ts.map +1 -1
- package/dist/phase6/role-gates/kernel.js +16 -16
- package/dist/phase6/role-gates/kernel.js.map +1 -1
- package/dist/phase6/role-gates/policy.d.ts +2 -2
- package/dist/phase6/role-gates/policy.js +6 -6
- package/dist/phase6/role-gates.d.ts +4 -4
- package/dist/phase6/role-gates.d.ts.map +1 -1
- package/dist/phase6/role-gates.js +58 -80
- package/dist/phase6/role-gates.js.map +1 -1
- package/dist/phase6/types.d.ts +20 -19
- package/dist/phase6/types.d.ts.map +1 -1
- package/dist/phase6/types.js +82 -177
- package/dist/phase6/types.js.map +1 -1
- package/dist/phase6/weight-presets/canonical.d.ts.map +1 -1
- package/dist/phase6/weight-presets/canonical.js +10 -10
- package/dist/phase6/weight-presets/canonical.js.map +1 -1
- package/dist/phase6/weight-presets/deltas.d.ts +2 -2
- package/dist/phase6/weight-presets/deltas.d.ts.map +1 -1
- package/dist/phase6/weight-presets/deltas.js +27 -27
- package/dist/phase6/weight-presets/deltas.js.map +1 -1
- package/dist/phase6/weight-presets/index.d.ts +3 -3
- package/dist/phase6/weight-presets/index.js +3 -3
- package/dist/phase6/weight-presets/merger.d.ts +2 -2
- package/dist/phase6/weight-presets/merger.d.ts.map +1 -1
- package/dist/phase6/weight-presets/merger.js +43 -39
- package/dist/phase6/weight-presets/merger.js.map +1 -1
- package/dist/proof/index.d.ts +3 -3
- package/dist/proof/index.d.ts.map +1 -1
- package/dist/proof/index.js +38 -44
- package/dist/proof/index.js.map +1 -1
- package/dist/proof/merkle.d.ts +24 -3
- package/dist/proof/merkle.d.ts.map +1 -1
- package/dist/proof/merkle.js +116 -32
- package/dist/proof/merkle.js.map +1 -1
- package/dist/proof/zk-proofs.d.ts +6 -6
- package/dist/proof/zk-proofs.d.ts.map +1 -1
- package/dist/proof/zk-proofs.js +43 -42
- package/dist/proof/zk-proofs.js.map +1 -1
- package/dist/provenance/index.d.ts +3 -3
- package/dist/provenance/index.d.ts.map +1 -1
- package/dist/provenance/index.js +17 -19
- package/dist/provenance/index.js.map +1 -1
- package/dist/provenance/types.d.ts +4 -4
- package/dist/provenance/types.d.ts.map +1 -1
- package/dist/sandbox-training/challenges.d.ts +1 -1
- package/dist/sandbox-training/challenges.d.ts.map +1 -1
- package/dist/sandbox-training/challenges.js +228 -228
- package/dist/sandbox-training/challenges.js.map +1 -1
- package/dist/sandbox-training/graduation.d.ts +1 -1
- package/dist/sandbox-training/graduation.d.ts.map +1 -1
- package/dist/sandbox-training/graduation.js +15 -14
- package/dist/sandbox-training/graduation.js.map +1 -1
- package/dist/sandbox-training/index.d.ts +9 -9
- package/dist/sandbox-training/index.d.ts.map +1 -1
- package/dist/sandbox-training/index.js +6 -6
- package/dist/sandbox-training/index.js.map +1 -1
- package/dist/sandbox-training/promotion-service.d.ts +4 -4
- package/dist/sandbox-training/promotion-service.d.ts.map +1 -1
- package/dist/sandbox-training/promotion-service.js +5 -5
- package/dist/sandbox-training/promotion-service.js.map +1 -1
- package/dist/sandbox-training/runner.d.ts +1 -1
- package/dist/sandbox-training/runner.d.ts.map +1 -1
- package/dist/sandbox-training/runner.js +73 -74
- package/dist/sandbox-training/runner.js.map +1 -1
- package/dist/sandbox-training/scorer.d.ts +4 -4
- package/dist/sandbox-training/scorer.js +5 -5
- package/dist/sandbox-training/types.d.ts +4 -4
- package/dist/sandbox-training/types.d.ts.map +1 -1
- package/dist/sandbox-training/types.js +7 -11
- package/dist/sandbox-training/types.js.map +1 -1
- package/dist/trust-engine/ceiling-enforcement/audit.d.ts +1 -1
- package/dist/trust-engine/ceiling-enforcement/audit.d.ts.map +1 -1
- package/dist/trust-engine/ceiling-enforcement/audit.js +4 -3
- package/dist/trust-engine/ceiling-enforcement/audit.js.map +1 -1
- package/dist/trust-engine/ceiling-enforcement/index.d.ts +2 -2
- package/dist/trust-engine/ceiling-enforcement/index.js +2 -2
- package/dist/trust-engine/ceiling-enforcement/kernel.d.ts +12 -10
- package/dist/trust-engine/ceiling-enforcement/kernel.d.ts.map +1 -1
- package/dist/trust-engine/ceiling-enforcement/kernel.js +26 -20
- package/dist/trust-engine/ceiling-enforcement/kernel.js.map +1 -1
- package/dist/trust-engine/context-policy/enforcement.d.ts.map +1 -1
- package/dist/trust-engine/context-policy/factory.d.ts +1 -1
- package/dist/trust-engine/context-policy/factory.d.ts.map +1 -1
- package/dist/trust-engine/context-policy/factory.js +1 -1
- package/dist/trust-engine/context-policy/factory.js.map +1 -1
- package/dist/trust-engine/context-policy/index.d.ts +2 -2
- package/dist/trust-engine/context-policy/index.js +2 -2
- package/dist/trust-engine/creation-modifiers/index.d.ts +1 -1
- package/dist/trust-engine/creation-modifiers/index.js +1 -1
- package/dist/trust-engine/creation-modifiers/types.d.ts.map +1 -1
- package/dist/trust-engine/creation-modifiers/types.js +3 -2
- package/dist/trust-engine/creation-modifiers/types.js.map +1 -1
- package/dist/trust-engine/decay-profiles.d.ts +37 -136
- package/dist/trust-engine/decay-profiles.d.ts.map +1 -1
- package/dist/trust-engine/decay-profiles.js +68 -178
- package/dist/trust-engine/decay-profiles.js.map +1 -1
- package/dist/trust-engine/index.d.ts +135 -168
- package/dist/trust-engine/index.d.ts.map +1 -1
- package/dist/trust-engine/index.js +239 -525
- package/dist/trust-engine/index.js.map +1 -1
- package/dist/trust-engine/phase6-types.d.ts +18 -11
- package/dist/trust-engine/phase6-types.d.ts.map +1 -1
- package/dist/trust-engine/phase6-types.js +33 -29
- package/dist/trust-engine/phase6-types.js.map +1 -1
- package/package.json +1 -1
- package/dist/enforce/types.d.ts +0 -234
- package/dist/enforce/types.d.ts.map +0 -1
- package/dist/enforce/types.js +0 -10
- package/dist/enforce/types.js.map +0 -1
- package/dist/intent/types.d.ts +0 -69
- package/dist/intent/types.d.ts.map +0 -1
- package/dist/intent/types.js +0 -10
- package/dist/intent/types.js.map +0 -1
- package/dist/intent-gateway/index.d.ts +0 -522
- package/dist/intent-gateway/index.d.ts.map +0 -1
- package/dist/intent-gateway/index.js +0 -1499
- package/dist/intent-gateway/index.js.map +0 -1
- package/dist/trust-engine/types.d.ts +0 -77
- package/dist/trust-engine/types.d.ts.map +0 -1
- package/dist/trust-engine/types.js +0 -20
- package/dist/trust-engine/types.js.map +0 -1
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
*
|
|
6
6
|
* @packageDocumentation
|
|
7
7
|
*/
|
|
8
|
-
import type { TrustLevel } from
|
|
8
|
+
import type { TrustLevel } from '../common/types.js';
|
|
9
9
|
/**
|
|
10
10
|
* Trust-aware agent configuration
|
|
11
11
|
*/
|
|
@@ -35,7 +35,7 @@ export interface TrustAwareAgentConfig {
|
|
|
35
35
|
/**
|
|
36
36
|
* Trust callback event types
|
|
37
37
|
*/
|
|
38
|
-
export type TrustCallbackEvent =
|
|
38
|
+
export type TrustCallbackEvent = 'tool_start' | 'tool_end' | 'tool_error' | 'llm_start' | 'llm_end' | 'llm_error' | 'chain_start' | 'chain_end' | 'chain_error' | 'agent_action' | 'agent_finish';
|
|
39
39
|
/**
|
|
40
40
|
* Trust signal source
|
|
41
41
|
*/
|
|
@@ -72,7 +72,7 @@ export interface TrustedExecutionResult<T = unknown> {
|
|
|
72
72
|
/**
|
|
73
73
|
* LLM error classification for better error handling
|
|
74
74
|
*/
|
|
75
|
-
export type LLMErrorType =
|
|
75
|
+
export type LLMErrorType = 'rate_limit' | 'context_length' | 'authentication' | 'model_unavailable' | 'content_filter' | 'timeout' | 'network' | 'invalid_request' | 'server_error' | 'unknown';
|
|
76
76
|
/**
|
|
77
77
|
* Classified LLM error with metadata
|
|
78
78
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/langchain/types.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAErD;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,8BAA8B;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,yCAAyC;IACzC,iBAAiB,CAAC,EAAE,UAAU,CAAC;IAC/B,iDAAiD;IACjD,aAAa,CAAC,EAAE,UAAU,CAAC;IAC3B,yDAAyD;IACzD,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,wDAAwD;IACxD,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,kDAAkD;IAClD,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,4BAA4B;IAC5B,aAAa,CAAC,EAAE;QACd,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAC1B,YAAY,GACZ,UAAU,GACV,YAAY,GACZ,WAAW,GACX,SAAS,GACT,WAAW,GACX,aAAa,GACb,WAAW,GACX,aAAa,GACb,cAAc,GACd,cAAc,CAAC;AAEnB;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,kBAAkB,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,KAAK,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,UAAU,CAAC;IACzB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,UAAU,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB,CAAC,CAAC,GAAG,OAAO;IACjD,MAAM,EAAE,CAAC,CAAC;IACV,UAAU,EAAE,gBAAgB,CAAC;IAC7B,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,UAAU,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,MAAM,YAAY,GACpB,YAAY,GACZ,gBAAgB,GAChB,gBAAgB,GAChB,mBAAmB,GACnB,gBAAgB,GAChB,SAAS,GACT,SAAS,GACT,iBAAiB,GACjB,cAAc,GACd,SAAS,CAAC;AAEd;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,YAAY,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,KAAK,CAAC;IACrB,SAAS,EAAE,OAAO,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,oDAAoD;IACpD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,uDAAuD;IACvD,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,2DAA2D;IAC3D,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,sDAAsD;IACtD,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,kGAAkG;IAClG,eAAe,CAAC,EAAE,YAAY,EAAE,CAAC;IACjC,uCAAuC;IACvC,OAAO,CAAC,EAAE,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/langchain/types.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAErD;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,8BAA8B;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,yCAAyC;IACzC,iBAAiB,CAAC,EAAE,UAAU,CAAC;IAC/B,iDAAiD;IACjD,aAAa,CAAC,EAAE,UAAU,CAAC;IAC3B,yDAAyD;IACzD,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,wDAAwD;IACxD,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,kDAAkD;IAClD,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,4BAA4B;IAC5B,aAAa,CAAC,EAAE;QACd,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAC1B,YAAY,GACZ,UAAU,GACV,YAAY,GACZ,WAAW,GACX,SAAS,GACT,WAAW,GACX,aAAa,GACb,WAAW,GACX,aAAa,GACb,cAAc,GACd,cAAc,CAAC;AAEnB;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,kBAAkB,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,KAAK,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,UAAU,CAAC;IACzB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,UAAU,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB,CAAC,CAAC,GAAG,OAAO;IACjD,MAAM,EAAE,CAAC,CAAC;IACV,UAAU,EAAE,gBAAgB,CAAC;IAC7B,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,UAAU,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,MAAM,YAAY,GACpB,YAAY,GACZ,gBAAgB,GAChB,gBAAgB,GAChB,mBAAmB,GACnB,gBAAgB,GAChB,SAAS,GACT,SAAS,GACT,iBAAiB,GACjB,cAAc,GACd,SAAS,CAAC;AAEd;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,YAAY,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,KAAK,CAAC;IACrB,SAAS,EAAE,OAAO,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,oDAAoD;IACpD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,uDAAuD;IACvD,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,2DAA2D;IAC3D,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,sDAAsD;IACtD,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,kGAAkG;IAClG,eAAe,CAAC,EAAE,YAAY,EAAE,CAAC;IACjC,uCAAuC;IACvC,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,kBAAkB,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;CACjF;AAED;;GAEG;AACH,MAAM,WAAW,8BAA+B,SAAQ,qBAAqB;IAC3E,8BAA8B;IAC9B,WAAW,CAAC,EAAE,cAAc,CAAC;IAC7B,8BAA8B;IAC9B,eAAe,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,kBAAkB,CAAC;CACxD"}
|
|
@@ -10,8 +10,8 @@
|
|
|
10
10
|
*
|
|
11
11
|
* @packageDocumentation
|
|
12
12
|
*/
|
|
13
|
-
import { BaseSecurityLayer } from
|
|
14
|
-
import type { LayerInput, LayerExecutionResult } from
|
|
13
|
+
import { BaseSecurityLayer } from '../index.js';
|
|
14
|
+
import type { LayerInput, LayerExecutionResult } from '../types.js';
|
|
15
15
|
/**
|
|
16
16
|
* L0 Request Format Validator
|
|
17
17
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"L0-request-format.d.ts","sourceRoot":"","sources":["../../../src/layers/implementations/L0-request-format.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,iBAAiB,EAAqB,MAAM,aAAa,CAAC;AACnE,OAAO,KAAK,
|
|
1
|
+
{"version":3,"file":"L0-request-format.d.ts","sourceRoot":"","sources":["../../../src/layers/implementations/L0-request-format.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,iBAAiB,EAAqB,MAAM,aAAa,CAAC;AACnE,OAAO,KAAK,EAAE,UAAU,EAAE,oBAAoB,EAA6B,MAAM,aAAa,CAAC;AAW/F;;;;;GAKG;AACH,qBAAa,wBAAyB,SAAQ,iBAAiB;;IAiBvD,OAAO,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAuI/D;;OAEG;IACH,OAAO,CAAC,YAAY;IAgBpB;;OAEG;IACH,OAAO,CAAC,SAAS;IAWjB;;OAEG;IACH,OAAO,CAAC,wBAAwB;CAmBjC"}
|
|
@@ -10,13 +10,13 @@
|
|
|
10
10
|
*
|
|
11
11
|
* @packageDocumentation
|
|
12
12
|
*/
|
|
13
|
-
import { BaseSecurityLayer, createLayerConfig } from
|
|
13
|
+
import { BaseSecurityLayer, createLayerConfig } from '../index.js';
|
|
14
14
|
// Maximum depth for nested objects to prevent stack overflow / complexity attacks
|
|
15
15
|
const MAX_NESTING_DEPTH = 20;
|
|
16
16
|
// Maximum number of keys in a single object
|
|
17
17
|
const MAX_OBJECT_KEYS = 500;
|
|
18
18
|
// Required payload fields for a well-formed request
|
|
19
|
-
const REQUIRED_PAYLOAD_FIELDS = [
|
|
19
|
+
const REQUIRED_PAYLOAD_FIELDS = ['action', 'content'];
|
|
20
20
|
/**
|
|
21
21
|
* L0 Request Format Validator
|
|
22
22
|
*
|
|
@@ -25,12 +25,12 @@ const REQUIRED_PAYLOAD_FIELDS = ["action", "content"];
|
|
|
25
25
|
*/
|
|
26
26
|
export class L0RequestFormatValidator extends BaseSecurityLayer {
|
|
27
27
|
constructor() {
|
|
28
|
-
super(createLayerConfig(0,
|
|
29
|
-
description:
|
|
30
|
-
tier:
|
|
31
|
-
primaryThreat:
|
|
32
|
-
secondaryThreats: [
|
|
33
|
-
failMode:
|
|
28
|
+
super(createLayerConfig(0, 'Request Format Validator', {
|
|
29
|
+
description: 'Validates request structure, required fields, and payload shape',
|
|
30
|
+
tier: 'input_validation',
|
|
31
|
+
primaryThreat: 'prompt_injection',
|
|
32
|
+
secondaryThreats: ['denial_of_service'],
|
|
33
|
+
failMode: 'block',
|
|
34
34
|
required: true,
|
|
35
35
|
timeoutMs: 200,
|
|
36
36
|
parallelizable: true,
|
|
@@ -46,9 +46,9 @@ export class L0RequestFormatValidator extends BaseSecurityLayer {
|
|
|
46
46
|
if (!inputValidation.valid) {
|
|
47
47
|
for (const err of inputValidation.errors) {
|
|
48
48
|
findings.push({
|
|
49
|
-
type:
|
|
50
|
-
severity:
|
|
51
|
-
code:
|
|
49
|
+
type: 'threat_detected',
|
|
50
|
+
severity: 'high',
|
|
51
|
+
code: 'L0_MISSING_FIELD',
|
|
52
52
|
description: `Missing required field: ${err.field}`,
|
|
53
53
|
evidence: [err.message],
|
|
54
54
|
remediation: `Provide the required field '${err.field}'`,
|
|
@@ -57,16 +57,14 @@ export class L0RequestFormatValidator extends BaseSecurityLayer {
|
|
|
57
57
|
}
|
|
58
58
|
// 2. Validate payload is a plain object
|
|
59
59
|
if (input.payload !== null && input.payload !== undefined) {
|
|
60
|
-
if (typeof input.payload !==
|
|
60
|
+
if (typeof input.payload !== 'object' || Array.isArray(input.payload)) {
|
|
61
61
|
findings.push({
|
|
62
|
-
type:
|
|
63
|
-
severity:
|
|
64
|
-
code:
|
|
65
|
-
description:
|
|
66
|
-
evidence: [
|
|
67
|
-
|
|
68
|
-
],
|
|
69
|
-
remediation: "Provide payload as a plain JSON object",
|
|
62
|
+
type: 'threat_detected',
|
|
63
|
+
severity: 'high',
|
|
64
|
+
code: 'L0_INVALID_PAYLOAD_TYPE',
|
|
65
|
+
description: 'Payload must be a plain object, not an array or primitive',
|
|
66
|
+
evidence: [`Received type: ${Array.isArray(input.payload) ? 'array' : typeof input.payload}`],
|
|
67
|
+
remediation: 'Provide payload as a plain JSON object',
|
|
70
68
|
});
|
|
71
69
|
}
|
|
72
70
|
else {
|
|
@@ -74,9 +72,9 @@ export class L0RequestFormatValidator extends BaseSecurityLayer {
|
|
|
74
72
|
const depth = this.measureDepth(input.payload, 0);
|
|
75
73
|
if (depth > MAX_NESTING_DEPTH) {
|
|
76
74
|
findings.push({
|
|
77
|
-
type:
|
|
78
|
-
severity:
|
|
79
|
-
code:
|
|
75
|
+
type: 'threat_detected',
|
|
76
|
+
severity: 'high',
|
|
77
|
+
code: 'L0_EXCESSIVE_NESTING',
|
|
80
78
|
description: `Payload nesting depth ${depth} exceeds maximum ${MAX_NESTING_DEPTH}`,
|
|
81
79
|
evidence: [`depth=${depth}, max=${MAX_NESTING_DEPTH}`],
|
|
82
80
|
remediation: `Flatten payload structure to at most ${MAX_NESTING_DEPTH} levels`,
|
|
@@ -86,21 +84,21 @@ export class L0RequestFormatValidator extends BaseSecurityLayer {
|
|
|
86
84
|
const keyCount = this.countKeys(input.payload);
|
|
87
85
|
if (keyCount > MAX_OBJECT_KEYS) {
|
|
88
86
|
findings.push({
|
|
89
|
-
type:
|
|
90
|
-
severity:
|
|
91
|
-
code:
|
|
87
|
+
type: 'threat_detected',
|
|
88
|
+
severity: 'medium',
|
|
89
|
+
code: 'L0_EXCESSIVE_KEYS',
|
|
92
90
|
description: `Payload contains ${keyCount} keys, exceeding maximum ${MAX_OBJECT_KEYS}`,
|
|
93
91
|
evidence: [`keys=${keyCount}, max=${MAX_OBJECT_KEYS}`],
|
|
94
|
-
remediation:
|
|
92
|
+
remediation: 'Reduce the number of fields in the payload',
|
|
95
93
|
});
|
|
96
94
|
}
|
|
97
95
|
// 5. Check for required payload fields
|
|
98
96
|
for (const field of REQUIRED_PAYLOAD_FIELDS) {
|
|
99
97
|
if (!(field in input.payload)) {
|
|
100
98
|
findings.push({
|
|
101
|
-
type:
|
|
102
|
-
severity:
|
|
103
|
-
code:
|
|
99
|
+
type: 'warning',
|
|
100
|
+
severity: 'medium',
|
|
101
|
+
code: 'L0_MISSING_PAYLOAD_FIELD',
|
|
104
102
|
description: `Payload missing recommended field '${field}'`,
|
|
105
103
|
evidence: [`Field '${field}' not found in payload`],
|
|
106
104
|
remediation: `Include '${field}' in the payload object`,
|
|
@@ -111,12 +109,12 @@ export class L0RequestFormatValidator extends BaseSecurityLayer {
|
|
|
111
109
|
const pollutionAttempts = this.detectPrototypePollution(input.payload);
|
|
112
110
|
for (const attempt of pollutionAttempts) {
|
|
113
111
|
findings.push({
|
|
114
|
-
type:
|
|
115
|
-
severity:
|
|
116
|
-
code:
|
|
112
|
+
type: 'threat_detected',
|
|
113
|
+
severity: 'critical',
|
|
114
|
+
code: 'L0_PROTOTYPE_POLLUTION',
|
|
117
115
|
description: `Prototype pollution attempt detected via key '${attempt}'`,
|
|
118
116
|
evidence: [`Dangerous key: ${attempt}`],
|
|
119
|
-
remediation:
|
|
117
|
+
remediation: 'Remove __proto__, constructor, and prototype keys from payload',
|
|
120
118
|
});
|
|
121
119
|
}
|
|
122
120
|
}
|
|
@@ -125,20 +123,20 @@ export class L0RequestFormatValidator extends BaseSecurityLayer {
|
|
|
125
123
|
if (input.metadata) {
|
|
126
124
|
if (!input.metadata.requestTimestamp) {
|
|
127
125
|
findings.push({
|
|
128
|
-
type:
|
|
129
|
-
severity:
|
|
130
|
-
code:
|
|
131
|
-
description:
|
|
132
|
-
evidence: [
|
|
126
|
+
type: 'warning',
|
|
127
|
+
severity: 'low',
|
|
128
|
+
code: 'L0_MISSING_TIMESTAMP',
|
|
129
|
+
description: 'Request metadata missing timestamp',
|
|
130
|
+
evidence: ['metadata.requestTimestamp is empty'],
|
|
133
131
|
});
|
|
134
132
|
}
|
|
135
133
|
if (!input.metadata.source) {
|
|
136
134
|
findings.push({
|
|
137
|
-
type:
|
|
138
|
-
severity:
|
|
139
|
-
code:
|
|
140
|
-
description:
|
|
141
|
-
evidence: [
|
|
135
|
+
type: 'warning',
|
|
136
|
+
severity: 'low',
|
|
137
|
+
code: 'L0_MISSING_SOURCE',
|
|
138
|
+
description: 'Request metadata missing source identifier',
|
|
139
|
+
evidence: ['metadata.source is empty'],
|
|
142
140
|
});
|
|
143
141
|
}
|
|
144
142
|
}
|
|
@@ -151,13 +149,13 @@ export class L0RequestFormatValidator extends BaseSecurityLayer {
|
|
|
151
149
|
waitTimeMs: 0,
|
|
152
150
|
processingTimeMs: durationMs,
|
|
153
151
|
};
|
|
154
|
-
const hasCritical = findings.some((f) => f.severity ===
|
|
155
|
-
const hasHigh = findings.some((f) => f.severity ===
|
|
152
|
+
const hasCritical = findings.some((f) => f.severity === 'critical');
|
|
153
|
+
const hasHigh = findings.some((f) => f.severity === 'high');
|
|
156
154
|
const passed = !hasCritical && !hasHigh;
|
|
157
155
|
if (passed) {
|
|
158
|
-
return this.createSuccessResult(
|
|
156
|
+
return this.createSuccessResult('allow', 0.95, findings, [], timing);
|
|
159
157
|
}
|
|
160
|
-
return this.createFailureResult(hasCritical ?
|
|
158
|
+
return this.createFailureResult(hasCritical ? 'deny' : 'escalate', 0.9, findings, timing);
|
|
161
159
|
}
|
|
162
160
|
/**
|
|
163
161
|
* Measure nesting depth of an object, with early bail-out.
|
|
@@ -165,12 +163,12 @@ export class L0RequestFormatValidator extends BaseSecurityLayer {
|
|
|
165
163
|
measureDepth(obj, current) {
|
|
166
164
|
if (current > MAX_NESTING_DEPTH)
|
|
167
165
|
return current; // bail out early
|
|
168
|
-
if (obj === null || typeof obj !==
|
|
166
|
+
if (obj === null || typeof obj !== 'object')
|
|
169
167
|
return current;
|
|
170
168
|
let max = current;
|
|
171
169
|
const entries = Object.values(obj);
|
|
172
170
|
for (const val of entries) {
|
|
173
|
-
if (val !== null && typeof val ===
|
|
171
|
+
if (val !== null && typeof val === 'object') {
|
|
174
172
|
const d = this.measureDepth(val, current + 1);
|
|
175
173
|
if (d > max)
|
|
176
174
|
max = d;
|
|
@@ -186,7 +184,7 @@ export class L0RequestFormatValidator extends BaseSecurityLayer {
|
|
|
186
184
|
countKeys(obj) {
|
|
187
185
|
let count = Object.keys(obj).length;
|
|
188
186
|
for (const val of Object.values(obj)) {
|
|
189
|
-
if (val !== null && typeof val ===
|
|
187
|
+
if (val !== null && typeof val === 'object' && !Array.isArray(val)) {
|
|
190
188
|
count += this.countKeys(val);
|
|
191
189
|
if (count > MAX_OBJECT_KEYS)
|
|
192
190
|
return count; // bail early
|
|
@@ -198,7 +196,7 @@ export class L0RequestFormatValidator extends BaseSecurityLayer {
|
|
|
198
196
|
* Detect prototype pollution attempts (__proto__, constructor, prototype).
|
|
199
197
|
*/
|
|
200
198
|
detectPrototypePollution(obj) {
|
|
201
|
-
const dangerous = [
|
|
199
|
+
const dangerous = ['__proto__', 'constructor', 'prototype'];
|
|
202
200
|
const found = [];
|
|
203
201
|
const check = (o, path) => {
|
|
204
202
|
for (const key of Object.keys(o)) {
|
|
@@ -206,12 +204,12 @@ export class L0RequestFormatValidator extends BaseSecurityLayer {
|
|
|
206
204
|
found.push(path ? `${path}.${key}` : key);
|
|
207
205
|
}
|
|
208
206
|
const val = o[key];
|
|
209
|
-
if (val !== null && typeof val ===
|
|
207
|
+
if (val !== null && typeof val === 'object' && !Array.isArray(val)) {
|
|
210
208
|
check(val, path ? `${path}.${key}` : key);
|
|
211
209
|
}
|
|
212
210
|
}
|
|
213
211
|
};
|
|
214
|
-
check(obj,
|
|
212
|
+
check(obj, '');
|
|
215
213
|
return found;
|
|
216
214
|
}
|
|
217
215
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"L0-request-format.js","sourceRoot":"","sources":["../../../src/layers/implementations/L0-request-format.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"L0-request-format.js","sourceRoot":"","sources":["../../../src/layers/implementations/L0-request-format.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAGnE,kFAAkF;AAClF,MAAM,iBAAiB,GAAG,EAAE,CAAC;AAE7B,4CAA4C;AAC5C,MAAM,eAAe,GAAG,GAAG,CAAC;AAE5B,oDAAoD;AACpD,MAAM,uBAAuB,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAU,CAAC;AAE/D;;;;;GAKG;AACH,MAAM,OAAO,wBAAyB,SAAQ,iBAAiB;IAC7D;QACE,KAAK,CACH,iBAAiB,CAAC,CAAC,EAAE,0BAA0B,EAAE;YAC/C,WAAW,EAAE,iEAAiE;YAC9E,IAAI,EAAE,kBAAkB;YACxB,aAAa,EAAE,kBAAkB;YACjC,gBAAgB,EAAE,CAAC,mBAAmB,CAAC;YACvC,QAAQ,EAAE,OAAO;YACjB,QAAQ,EAAE,IAAI;YACd,SAAS,EAAE,GAAG;YACd,cAAc,EAAE,IAAI;YACpB,YAAY,EAAE,EAAE;SACjB,CAAC,CACH,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,KAAiB;QAC7B,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC3C,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,QAAQ,GAAmB,EAAE,CAAC;QAEpC,qCAAqC;QACrC,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QAClD,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;YAC3B,KAAK,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,EAAE,CAAC;gBACzC,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,iBAAiB;oBACvB,QAAQ,EAAE,MAAM;oBAChB,IAAI,EAAE,kBAAkB;oBACxB,WAAW,EAAE,2BAA2B,GAAG,CAAC,KAAK,EAAE;oBACnD,QAAQ,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC;oBACvB,WAAW,EAAE,+BAA+B,GAAG,CAAC,KAAK,GAAG;iBACzD,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,wCAAwC;QACxC,IAAI,KAAK,CAAC,OAAO,KAAK,IAAI,IAAI,KAAK,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1D,IAAI,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;gBACtE,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,iBAAiB;oBACvB,QAAQ,EAAE,MAAM;oBAChB,IAAI,EAAE,yBAAyB;oBAC/B,WAAW,EAAE,2DAA2D;oBACxE,QAAQ,EAAE,CAAC,kBAAkB,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC,OAAO,EAAE,CAAC;oBAC7F,WAAW,EAAE,wCAAwC;iBACtD,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,2DAA2D;gBAC3D,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;gBAClD,IAAI,KAAK,GAAG,iBAAiB,EAAE,CAAC;oBAC9B,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,iBAAiB;wBACvB,QAAQ,EAAE,MAAM;wBAChB,IAAI,EAAE,sBAAsB;wBAC5B,WAAW,EAAE,yBAAyB,KAAK,oBAAoB,iBAAiB,EAAE;wBAClF,QAAQ,EAAE,CAAC,SAAS,KAAK,SAAS,iBAAiB,EAAE,CAAC;wBACtD,WAAW,EAAE,wCAAwC,iBAAiB,SAAS;qBAChF,CAAC,CAAC;gBACL,CAAC;gBAED,oDAAoD;gBACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;gBAC/C,IAAI,QAAQ,GAAG,eAAe,EAAE,CAAC;oBAC/B,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,iBAAiB;wBACvB,QAAQ,EAAE,QAAQ;wBAClB,IAAI,EAAE,mBAAmB;wBACzB,WAAW,EAAE,oBAAoB,QAAQ,4BAA4B,eAAe,EAAE;wBACtF,QAAQ,EAAE,CAAC,QAAQ,QAAQ,SAAS,eAAe,EAAE,CAAC;wBACtD,WAAW,EAAE,4CAA4C;qBAC1D,CAAC,CAAC;gBACL,CAAC;gBAED,uCAAuC;gBACvC,KAAK,MAAM,KAAK,IAAI,uBAAuB,EAAE,CAAC;oBAC5C,IAAI,CAAC,CAAC,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;wBAC9B,QAAQ,CAAC,IAAI,CAAC;4BACZ,IAAI,EAAE,SAAS;4BACf,QAAQ,EAAE,QAAQ;4BAClB,IAAI,EAAE,0BAA0B;4BAChC,WAAW,EAAE,sCAAsC,KAAK,GAAG;4BAC3D,QAAQ,EAAE,CAAC,UAAU,KAAK,wBAAwB,CAAC;4BACnD,WAAW,EAAE,YAAY,KAAK,yBAAyB;yBACxD,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;gBAED,yCAAyC;gBACzC,MAAM,iBAAiB,GAAG,IAAI,CAAC,wBAAwB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;gBACvE,KAAK,MAAM,OAAO,IAAI,iBAAiB,EAAE,CAAC;oBACxC,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,iBAAiB;wBACvB,QAAQ,EAAE,UAAU;wBACpB,IAAI,EAAE,wBAAwB;wBAC9B,WAAW,EAAE,iDAAiD,OAAO,GAAG;wBACxE,QAAQ,EAAE,CAAC,kBAAkB,OAAO,EAAE,CAAC;wBACvC,WAAW,EAAE,gEAAgE;qBAC9E,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,kCAAkC;QAClC,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;YACnB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,gBAAgB,EAAE,CAAC;gBACrC,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,SAAS;oBACf,QAAQ,EAAE,KAAK;oBACf,IAAI,EAAE,sBAAsB;oBAC5B,WAAW,EAAE,oCAAoC;oBACjD,QAAQ,EAAE,CAAC,oCAAoC,CAAC;iBACjD,CAAC,CAAC;YACL,CAAC;YACD,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;gBAC3B,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,SAAS;oBACf,QAAQ,EAAE,KAAK;oBACf,IAAI,EAAE,mBAAmB;oBACzB,WAAW,EAAE,4CAA4C;oBACzD,QAAQ,EAAE,CAAC,0BAA0B,CAAC;iBACvC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC7C,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QAC1C,MAAM,MAAM,GAAgB;YAC1B,SAAS;YACT,WAAW;YACX,UAAU;YACV,UAAU,EAAE,CAAC;YACb,gBAAgB,EAAE,UAAU;SAC7B,CAAC;QAEF,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACpE,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QAC5D,MAAM,MAAM,GAAG,CAAC,WAAW,IAAI,CAAC,OAAO,CAAC;QAExC,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,mBAAmB,CAAC,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;QACvE,CAAC;QAED,OAAO,IAAI,CAAC,mBAAmB,CAC7B,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,EACjC,GAAG,EACH,QAAQ,EACR,MAAM,CACP,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,YAAY,CAAC,GAAY,EAAE,OAAe;QAChD,IAAI,OAAO,GAAG,iBAAiB;YAAE,OAAO,OAAO,CAAC,CAAC,iBAAiB;QAClE,IAAI,GAAG,KAAK,IAAI,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,OAAO,OAAO,CAAC;QAE5D,IAAI,GAAG,GAAG,OAAO,CAAC;QAClB,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,GAA8B,CAAC,CAAC;QAC9D,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;YAC1B,IAAI,GAAG,KAAK,IAAI,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;gBAC5C,MAAM,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,OAAO,GAAG,CAAC,CAAC,CAAC;gBAC9C,IAAI,CAAC,GAAG,GAAG;oBAAE,GAAG,GAAG,CAAC,CAAC;gBACrB,IAAI,GAAG,GAAG,iBAAiB;oBAAE,OAAO,GAAG,CAAC,CAAC,OAAO;YAClD,CAAC;QACH,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;OAEG;IACK,SAAS,CAAC,GAA4B;QAC5C,IAAI,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;QACpC,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACrC,IAAI,GAAG,KAAK,IAAI,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBACnE,KAAK,IAAI,IAAI,CAAC,SAAS,CAAC,GAA8B,CAAC,CAAC;gBACxD,IAAI,KAAK,GAAG,eAAe;oBAAE,OAAO,KAAK,CAAC,CAAC,aAAa;YAC1D,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,wBAAwB,CAAC,GAA4B;QAC3D,MAAM,SAAS,GAAG,CAAC,WAAW,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC;QAC5D,MAAM,KAAK,GAAa,EAAE,CAAC;QAE3B,MAAM,KAAK,GAAG,CAAC,CAA0B,EAAE,IAAY,EAAE,EAAE;YACzD,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjC,IAAI,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC5B,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;gBAC5C,CAAC;gBACD,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;gBACnB,IAAI,GAAG,KAAK,IAAI,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;oBACnE,KAAK,CAAC,GAA8B,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;gBACvE,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,KAAK,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACf,OAAO,KAAK,CAAC;IACf,CAAC;CACF"}
|
|
@@ -9,8 +9,8 @@
|
|
|
9
9
|
*
|
|
10
10
|
* @packageDocumentation
|
|
11
11
|
*/
|
|
12
|
-
import { BaseSecurityLayer } from
|
|
13
|
-
import type { LayerInput, LayerExecutionResult } from
|
|
12
|
+
import { BaseSecurityLayer } from '../index.js';
|
|
13
|
+
import type { LayerInput, LayerExecutionResult } from '../types.js';
|
|
14
14
|
/** Default limits — can be overridden via constructor options */
|
|
15
15
|
export interface L1SizeLimits {
|
|
16
16
|
/** Maximum total payload size in bytes (default: 1MB) */
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"L1-input-size.d.ts","sourceRoot":"","sources":["../../../src/layers/implementations/L1-input-size.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,iBAAiB,EAAqB,MAAM,aAAa,CAAC;AACnE,OAAO,KAAK,
|
|
1
|
+
{"version":3,"file":"L1-input-size.d.ts","sourceRoot":"","sources":["../../../src/layers/implementations/L1-input-size.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,iBAAiB,EAAqB,MAAM,aAAa,CAAC;AACnE,OAAO,KAAK,EAAE,UAAU,EAAE,oBAAoB,EAA6B,MAAM,aAAa,CAAC;AAE/F,iEAAiE;AACjE,MAAM,WAAW,YAAY;IAC3B,yDAAyD;IACzD,eAAe,EAAE,MAAM,CAAC;IACxB,kEAAkE;IAClE,eAAe,EAAE,MAAM,CAAC;IACxB,yDAAyD;IACzD,cAAc,EAAE,MAAM,CAAC;IACvB,gFAAgF;IAChF,cAAc,EAAE,MAAM,CAAC;CACxB;AASD;;;;GAIG;AACH,qBAAa,kBAAmB,SAAQ,iBAAiB;IACvD,OAAO,CAAC,MAAM,CAAe;gBAEjB,MAAM,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC;IAiBpC,OAAO,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAqH/D,OAAO,CAAC,WAAW;CAUpB"}
|
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
*
|
|
10
10
|
* @packageDocumentation
|
|
11
11
|
*/
|
|
12
|
-
import { BaseSecurityLayer, createLayerConfig } from
|
|
12
|
+
import { BaseSecurityLayer, createLayerConfig } from '../index.js';
|
|
13
13
|
const DEFAULT_LIMITS = {
|
|
14
14
|
maxPayloadBytes: 1_048_576, // 1 MB
|
|
15
15
|
maxStringLength: 102_400, // 100 KB
|
|
@@ -24,12 +24,12 @@ const DEFAULT_LIMITS = {
|
|
|
24
24
|
export class L1InputSizeLimiter extends BaseSecurityLayer {
|
|
25
25
|
limits;
|
|
26
26
|
constructor(limits) {
|
|
27
|
-
super(createLayerConfig(1,
|
|
28
|
-
description:
|
|
29
|
-
tier:
|
|
30
|
-
primaryThreat:
|
|
31
|
-
secondaryThreats: [
|
|
32
|
-
failMode:
|
|
27
|
+
super(createLayerConfig(1, 'Input Size Limiter', {
|
|
28
|
+
description: 'Enforces payload size, string length, array length, and total field count limits',
|
|
29
|
+
tier: 'input_validation',
|
|
30
|
+
primaryThreat: 'denial_of_service',
|
|
31
|
+
secondaryThreats: ['resource_abuse'],
|
|
32
|
+
failMode: 'block',
|
|
33
33
|
required: true,
|
|
34
34
|
timeoutMs: 200,
|
|
35
35
|
parallelizable: true,
|
|
@@ -49,27 +49,23 @@ export class L1InputSizeLimiter extends BaseSecurityLayer {
|
|
|
49
49
|
}
|
|
50
50
|
catch {
|
|
51
51
|
const timing = this.buildTiming(startedAt, t0);
|
|
52
|
-
return this.createFailureResult(
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
},
|
|
61
|
-
], timing);
|
|
52
|
+
return this.createFailureResult('deny', 0.95, [{
|
|
53
|
+
type: 'threat_detected',
|
|
54
|
+
severity: 'high',
|
|
55
|
+
code: 'L1_UNSERIALIZABLE',
|
|
56
|
+
description: 'Payload cannot be serialized to JSON — possible circular reference or exotic object',
|
|
57
|
+
evidence: ['JSON.stringify failed'],
|
|
58
|
+
remediation: 'Ensure payload is a plain, serializable JSON object',
|
|
59
|
+
}], timing);
|
|
62
60
|
}
|
|
63
61
|
const payloadBytes = new TextEncoder().encode(serialized).length;
|
|
64
62
|
if (payloadBytes > this.limits.maxPayloadBytes) {
|
|
65
63
|
findings.push({
|
|
66
|
-
type:
|
|
67
|
-
severity:
|
|
68
|
-
code:
|
|
64
|
+
type: 'threat_detected',
|
|
65
|
+
severity: 'high',
|
|
66
|
+
code: 'L1_PAYLOAD_TOO_LARGE',
|
|
69
67
|
description: `Payload size ${payloadBytes} bytes exceeds limit of ${this.limits.maxPayloadBytes} bytes`,
|
|
70
|
-
evidence: [
|
|
71
|
-
`size=${payloadBytes}, limit=${this.limits.maxPayloadBytes}`,
|
|
72
|
-
],
|
|
68
|
+
evidence: [`size=${payloadBytes}, limit=${this.limits.maxPayloadBytes}`],
|
|
73
69
|
remediation: `Reduce payload size to under ${this.limits.maxPayloadBytes} bytes`,
|
|
74
70
|
});
|
|
75
71
|
}
|
|
@@ -79,16 +75,14 @@ export class L1InputSizeLimiter extends BaseSecurityLayer {
|
|
|
79
75
|
const walk = (obj, path) => {
|
|
80
76
|
if (obj === null || obj === undefined)
|
|
81
77
|
return;
|
|
82
|
-
if (typeof obj ===
|
|
78
|
+
if (typeof obj === 'string') {
|
|
83
79
|
if (obj.length > this.limits.maxStringLength) {
|
|
84
80
|
violations.push({
|
|
85
|
-
type:
|
|
86
|
-
severity:
|
|
87
|
-
code:
|
|
81
|
+
type: 'threat_detected',
|
|
82
|
+
severity: 'high',
|
|
83
|
+
code: 'L1_STRING_TOO_LONG',
|
|
88
84
|
description: `String at '${path}' is ${obj.length} chars, exceeding limit of ${this.limits.maxStringLength}`,
|
|
89
|
-
evidence: [
|
|
90
|
-
`path=${path}, length=${obj.length}, limit=${this.limits.maxStringLength}`,
|
|
91
|
-
],
|
|
85
|
+
evidence: [`path=${path}, length=${obj.length}, limit=${this.limits.maxStringLength}`],
|
|
92
86
|
remediation: `Shorten the string at '${path}'`,
|
|
93
87
|
});
|
|
94
88
|
}
|
|
@@ -97,13 +91,11 @@ export class L1InputSizeLimiter extends BaseSecurityLayer {
|
|
|
97
91
|
if (Array.isArray(obj)) {
|
|
98
92
|
if (obj.length > this.limits.maxArrayLength) {
|
|
99
93
|
violations.push({
|
|
100
|
-
type:
|
|
101
|
-
severity:
|
|
102
|
-
code:
|
|
94
|
+
type: 'threat_detected',
|
|
95
|
+
severity: 'high',
|
|
96
|
+
code: 'L1_ARRAY_TOO_LONG',
|
|
103
97
|
description: `Array at '${path}' has ${obj.length} elements, exceeding limit of ${this.limits.maxArrayLength}`,
|
|
104
|
-
evidence: [
|
|
105
|
-
`path=${path}, length=${obj.length}, limit=${this.limits.maxArrayLength}`,
|
|
106
|
-
],
|
|
98
|
+
evidence: [`path=${path}, length=${obj.length}, limit=${this.limits.maxArrayLength}`],
|
|
107
99
|
remediation: `Reduce array size at '${path}'`,
|
|
108
100
|
});
|
|
109
101
|
}
|
|
@@ -114,19 +106,17 @@ export class L1InputSizeLimiter extends BaseSecurityLayer {
|
|
|
114
106
|
}
|
|
115
107
|
return;
|
|
116
108
|
}
|
|
117
|
-
if (typeof obj ===
|
|
109
|
+
if (typeof obj === 'object') {
|
|
118
110
|
const keys = Object.keys(obj);
|
|
119
111
|
totalFields += keys.length;
|
|
120
112
|
if (totalFields > this.limits.maxTotalFields) {
|
|
121
113
|
violations.push({
|
|
122
|
-
type:
|
|
123
|
-
severity:
|
|
124
|
-
code:
|
|
114
|
+
type: 'threat_detected',
|
|
115
|
+
severity: 'medium',
|
|
116
|
+
code: 'L1_TOO_MANY_FIELDS',
|
|
125
117
|
description: `Total field count ${totalFields} exceeds limit of ${this.limits.maxTotalFields}`,
|
|
126
|
-
evidence: [
|
|
127
|
-
|
|
128
|
-
],
|
|
129
|
-
remediation: "Reduce the number of fields in the payload",
|
|
118
|
+
evidence: [`totalFields=${totalFields}, limit=${this.limits.maxTotalFields}`],
|
|
119
|
+
remediation: 'Reduce the number of fields in the payload',
|
|
130
120
|
});
|
|
131
121
|
return; // stop walking
|
|
132
122
|
}
|
|
@@ -135,16 +125,16 @@ export class L1InputSizeLimiter extends BaseSecurityLayer {
|
|
|
135
125
|
}
|
|
136
126
|
}
|
|
137
127
|
};
|
|
138
|
-
walk(payload,
|
|
128
|
+
walk(payload, '');
|
|
139
129
|
findings.push(...violations);
|
|
140
130
|
const timing = this.buildTiming(startedAt, t0);
|
|
141
|
-
const hasCritical = findings.some((f) => f.severity ===
|
|
142
|
-
const hasHigh = findings.some((f) => f.severity ===
|
|
131
|
+
const hasCritical = findings.some((f) => f.severity === 'critical');
|
|
132
|
+
const hasHigh = findings.some((f) => f.severity === 'high');
|
|
143
133
|
const passed = !hasCritical && !hasHigh;
|
|
144
134
|
if (passed) {
|
|
145
|
-
return this.createSuccessResult(
|
|
135
|
+
return this.createSuccessResult('allow', 0.95, findings, [], timing);
|
|
146
136
|
}
|
|
147
|
-
return this.createFailureResult(
|
|
137
|
+
return this.createFailureResult('deny', 0.9, findings, timing);
|
|
148
138
|
}
|
|
149
139
|
buildTiming(startedAt, t0) {
|
|
150
140
|
const durationMs = performance.now() - t0;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"L1-input-size.js","sourceRoot":"","sources":["../../../src/layers/implementations/L1-input-size.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"L1-input-size.js","sourceRoot":"","sources":["../../../src/layers/implementations/L1-input-size.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAenE,MAAM,cAAc,GAAiB;IACnC,eAAe,EAAE,SAAS,EAAE,OAAO;IACnC,eAAe,EAAE,OAAO,EAAI,SAAS;IACrC,cAAc,EAAE,MAAM;IACtB,cAAc,EAAE,KAAK;CACtB,CAAC;AAEF;;;;GAIG;AACH,MAAM,OAAO,kBAAmB,SAAQ,iBAAiB;IAC/C,MAAM,CAAe;IAE7B,YAAY,MAA8B;QACxC,KAAK,CACH,iBAAiB,CAAC,CAAC,EAAE,oBAAoB,EAAE;YACzC,WAAW,EAAE,kFAAkF;YAC/F,IAAI,EAAE,kBAAkB;YACxB,aAAa,EAAE,mBAAmB;YAClC,gBAAgB,EAAE,CAAC,gBAAgB,CAAC;YACpC,QAAQ,EAAE,OAAO;YACjB,QAAQ,EAAE,IAAI;YACd,SAAS,EAAE,GAAG;YACd,cAAc,EAAE,IAAI;YACpB,YAAY,EAAE,EAAE;SACjB,CAAC,CACH,CAAC;QACF,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;IACjD,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,KAAiB;QAC7B,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC3C,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,QAAQ,GAAmB,EAAE,CAAC;QAEpC,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;QAE9B,wDAAwD;QACxD,IAAI,UAAkB,CAAC;QACvB,IAAI,CAAC;YACH,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACvC,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;YAC/C,OAAO,IAAI,CAAC,mBAAmB,CAC7B,MAAM,EACN,IAAI,EACJ,CAAC;oBACC,IAAI,EAAE,iBAAiB;oBACvB,QAAQ,EAAE,MAAM;oBAChB,IAAI,EAAE,mBAAmB;oBACzB,WAAW,EAAE,qFAAqF;oBAClG,QAAQ,EAAE,CAAC,uBAAuB,CAAC;oBACnC,WAAW,EAAE,qDAAqD;iBACnE,CAAC,EACF,MAAM,CACP,CAAC;QACJ,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC;QACjE,IAAI,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;YAC/C,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,MAAM;gBAChB,IAAI,EAAE,sBAAsB;gBAC5B,WAAW,EAAE,gBAAgB,YAAY,2BAA2B,IAAI,CAAC,MAAM,CAAC,eAAe,QAAQ;gBACvG,QAAQ,EAAE,CAAC,QAAQ,YAAY,WAAW,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;gBACxE,WAAW,EAAE,gCAAgC,IAAI,CAAC,MAAM,CAAC,eAAe,QAAQ;aACjF,CAAC,CAAC;QACL,CAAC;QAED,+DAA+D;QAC/D,IAAI,WAAW,GAAG,CAAC,CAAC;QACpB,MAAM,UAAU,GAAmB,EAAE,CAAC;QAEtC,MAAM,IAAI,GAAG,CAAC,GAAY,EAAE,IAAY,EAAQ,EAAE;YAChD,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS;gBAAE,OAAO;YAE9C,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;gBAC5B,IAAI,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;oBAC7C,UAAU,CAAC,IAAI,CAAC;wBACd,IAAI,EAAE,iBAAiB;wBACvB,QAAQ,EAAE,MAAM;wBAChB,IAAI,EAAE,oBAAoB;wBAC1B,WAAW,EAAE,cAAc,IAAI,QAAQ,GAAG,CAAC,MAAM,8BAA8B,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE;wBAC5G,QAAQ,EAAE,CAAC,QAAQ,IAAI,YAAY,GAAG,CAAC,MAAM,WAAW,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;wBACtF,WAAW,EAAE,0BAA0B,IAAI,GAAG;qBAC/C,CAAC,CAAC;gBACL,CAAC;gBACD,OAAO;YACT,CAAC;YAED,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBACvB,IAAI,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;oBAC5C,UAAU,CAAC,IAAI,CAAC;wBACd,IAAI,EAAE,iBAAiB;wBACvB,QAAQ,EAAE,MAAM;wBAChB,IAAI,EAAE,mBAAmB;wBACzB,WAAW,EAAE,aAAa,IAAI,SAAS,GAAG,CAAC,MAAM,iCAAiC,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE;wBAC9G,QAAQ,EAAE,CAAC,QAAQ,IAAI,YAAY,GAAG,CAAC,MAAM,WAAW,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;wBACrF,WAAW,EAAE,yBAAyB,IAAI,GAAG;qBAC9C,CAAC,CAAC;gBACL,CAAC;gBACD,iEAAiE;gBACjE,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;gBAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;oBACpC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC;gBAChC,CAAC;gBACD,OAAO;YACT,CAAC;YAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;gBAC5B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAA8B,CAAC,CAAC;gBACzD,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC;gBAE3B,IAAI,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;oBAC7C,UAAU,CAAC,IAAI,CAAC;wBACd,IAAI,EAAE,iBAAiB;wBACvB,QAAQ,EAAE,QAAQ;wBAClB,IAAI,EAAE,oBAAoB;wBAC1B,WAAW,EAAE,qBAAqB,WAAW,qBAAqB,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE;wBAC9F,QAAQ,EAAE,CAAC,eAAe,WAAW,WAAW,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;wBAC7E,WAAW,EAAE,4CAA4C;qBAC1D,CAAC,CAAC;oBACH,OAAO,CAAC,eAAe;gBACzB,CAAC;gBAED,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;oBACvB,IAAI,CAAE,GAA+B,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;gBAC7E,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAClB,QAAQ,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,CAAC;QAE7B,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAC/C,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACpE,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QAC5D,MAAM,MAAM,GAAG,CAAC,WAAW,IAAI,CAAC,OAAO,CAAC;QAExC,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,mBAAmB,CAAC,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;QACvE,CAAC;QAED,OAAO,IAAI,CAAC,mBAAmB,CAAC,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;IACjE,CAAC;IAEO,WAAW,CAAC,SAAiB,EAAE,EAAU;QAC/C,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QAC1C,OAAO;YACL,SAAS;YACT,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACrC,UAAU;YACV,UAAU,EAAE,CAAC;YACb,gBAAgB,EAAE,UAAU;SAC7B,CAAC;IACJ,CAAC;CACF"}
|
|
@@ -10,8 +10,8 @@
|
|
|
10
10
|
*
|
|
11
11
|
* @packageDocumentation
|
|
12
12
|
*/
|
|
13
|
-
import { BaseSecurityLayer } from
|
|
14
|
-
import type { LayerInput, LayerExecutionResult } from
|
|
13
|
+
import { BaseSecurityLayer } from '../index.js';
|
|
14
|
+
import type { LayerInput, LayerExecutionResult } from '../types.js';
|
|
15
15
|
/**
|
|
16
16
|
* L2 Character Set Sanitizer
|
|
17
17
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"L2-charset-sanitizer.d.ts","sourceRoot":"","sources":["../../../src/layers/implementations/L2-charset-sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,iBAAiB,EAAqB,MAAM,aAAa,CAAC;AACnE,OAAO,KAAK,EACV,UAAU,EACV,oBAAoB,EAIrB,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"L2-charset-sanitizer.d.ts","sourceRoot":"","sources":["../../../src/layers/implementations/L2-charset-sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,iBAAiB,EAAqB,MAAM,aAAa,CAAC;AACnE,OAAO,KAAK,EACV,UAAU,EACV,oBAAoB,EAIrB,MAAM,aAAa,CAAC;AA0FrB;;;;GAIG;AACH,qBAAa,kBAAmB,SAAQ,iBAAiB;;IAiBjD,OAAO,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,oBAAoB,CAAC;IA0B/D,OAAO,CAAC,UAAU;IA6BlB,OAAO,CAAC,UAAU;IAkDlB,OAAO,CAAC,gBAAgB;IAqBxB,OAAO,CAAC,WAAW;CAUpB"}
|