npm - @zintrust/core - Versions diffs - 0.1.0 → 0.1.2 - Mend

@zintrust/core 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (518) hide show

package/README.md +214 -0
package/bin/zintrust.d.ts.map +1 -1
package/bin/zintrust.js +18 -1
package/package.json +4 -34
package/public/index.html +535 -0
package/src/boot/Application.d.ts.map +1 -1
package/src/boot/Application.js +46 -3
package/src/boot/Server.d.ts.map +1 -1
package/src/boot/Server.js +3 -4
package/src/boot/bootstrap.js +77 -6
package/src/builder/BundleOptimizer.d.ts.map +1 -1
package/src/builder/BundleOptimizer.js +25 -29
package/src/cache/Cache.d.ts.map +1 -1
package/src/cache/Cache.js +4 -2
package/src/cache/drivers/KVDriver.d.ts.map +1 -1
package/src/cache/drivers/KVDriver.js +8 -7
package/src/cache/drivers/MemoryDriver.d.ts.map +1 -1
package/src/cache/drivers/MemoryDriver.js +5 -0
package/src/cache/drivers/RedisDriver.js +1 -1
package/src/cli/BaseCommand.d.ts +2 -2
package/src/cli/BaseCommand.d.ts.map +1 -1
package/src/cli/BaseCommand.js +2 -1
package/src/cli/CLI.d.ts.map +1 -1
package/src/cli/CLI.js +22 -18
package/src/cli/ErrorHandler.d.ts.map +1 -1
package/src/cli/ErrorHandler.js +2 -4
package/src/cli/commands/AddCommand.d.ts +81 -0
package/src/cli/commands/AddCommand.d.ts.map +1 -1
package/src/cli/commands/AddCommand.js +24 -5
package/src/cli/commands/ConfigCommand.d.ts.map +1 -1
package/src/cli/commands/ConfigCommand.js +59 -25
package/src/cli/commands/D1MigrateCommand.d.ts +4 -0
package/src/cli/commands/D1MigrateCommand.d.ts.map +1 -1
package/src/cli/commands/D1MigrateCommand.js +6 -4
package/src/cli/commands/FixCommand.d.ts.map +1 -1
package/src/cli/commands/FixCommand.js +3 -15
package/src/cli/commands/LogsCleanupCommand.d.ts +6 -0
package/src/cli/commands/LogsCleanupCommand.d.ts.map +1 -0
package/src/cli/commands/LogsCleanupCommand.js +20 -0
package/src/cli/commands/LogsCommand.d.ts.map +1 -1
package/src/cli/commands/LogsCommand.js +4 -6
package/src/cli/commands/MakeMailTemplateCommand.d.ts +10 -0
package/src/cli/commands/MakeMailTemplateCommand.d.ts.map +1 -0
package/src/cli/commands/MakeMailTemplateCommand.js +74 -0
package/src/cli/commands/MakeNotificationTemplateCommand.d.ts +10 -0
package/src/cli/commands/MakeNotificationTemplateCommand.d.ts.map +1 -0
package/src/cli/commands/MakeNotificationTemplateCommand.js +113 -0
package/src/cli/commands/MigrateCommand.d.ts.map +1 -1
package/src/cli/commands/MigrateCommand.js +3 -3
package/src/cli/commands/NewCommand.d.ts +4 -0
package/src/cli/commands/NewCommand.d.ts.map +1 -1
package/src/cli/commands/NewCommand.js +34 -19
package/src/cli/commands/PluginCommand.d.ts.map +1 -1
package/src/cli/commands/PluginCommand.js +8 -4
package/src/cli/commands/PrepareCommand.d.ts.map +1 -1
package/src/cli/commands/PrepareCommand.js +1 -1
package/src/cli/commands/QACommand.d.ts.map +1 -1
package/src/cli/commands/QACommand.js +16 -26
package/src/cli/commands/SecretsCommand.d.ts +16 -0
package/src/cli/commands/SecretsCommand.d.ts.map +1 -0
package/src/cli/commands/SecretsCommand.js +91 -0
package/src/cli/commands/StartCommand.d.ts.map +1 -1
package/src/cli/commands/StartCommand.js +2 -2
package/src/cli/commands/TemplatesCommand.d.ts +3 -0
package/src/cli/commands/TemplatesCommand.d.ts.map +1 -0
package/src/cli/commands/TemplatesCommand.js +65 -0
package/src/cli/commands/index.d.ts +5 -0
package/src/cli/commands/index.d.ts.map +1 -1
package/src/cli/commands/index.js +5 -0
package/src/cli/config/ConfigManager.js +1 -1
package/src/cli/index.d.ts +2 -1
package/src/cli/index.d.ts.map +1 -1
package/src/cli/index.js +2 -1
package/src/cli/scaffolding/ControllerGenerator.d.ts.map +1 -1
package/src/cli/scaffolding/ControllerGenerator.js +11 -10
package/src/cli/scaffolding/FeatureScaffolder.js +4 -4
package/src/cli/scaffolding/FileGenerator.js +1 -1
package/src/cli/scaffolding/MigrationGenerator.d.ts.map +1 -1
package/src/cli/scaffolding/MigrationGenerator.js +10 -9
package/src/cli/scaffolding/ModelGenerator.d.ts.map +1 -1
package/src/cli/scaffolding/ModelGenerator.js +11 -10
package/src/cli/scaffolding/ProjectScaffolder.d.ts.map +1 -1
package/src/cli/scaffolding/ProjectScaffolder.js +61 -11
package/src/cli/scaffolding/ResponseFactoryGenerator.d.ts.map +1 -1
package/src/cli/scaffolding/ResponseFactoryGenerator.js +2 -1
package/src/cli/scaffolding/RouteGenerator.d.ts.map +1 -1
package/src/cli/scaffolding/RouteGenerator.js +15 -14
package/src/cli/scaffolding/SeederGenerator.js +1 -1
package/src/cli/scaffolding/ServiceIntegrationTestGenerator.d.ts.map +1 -1
package/src/cli/scaffolding/ServiceIntegrationTestGenerator.js +7 -6
package/src/cli/scaffolding/ServiceRequestFactoryGenerator.d.ts +1 -1
package/src/cli/scaffolding/ServiceRequestFactoryGenerator.d.ts.map +1 -1
package/src/cli/scaffolding/ServiceRequestFactoryGenerator.js +2 -2
package/src/cli/scaffolding/ServiceScaffolder.d.ts.map +1 -1
package/src/cli/scaffolding/ServiceScaffolder.js +13 -12
package/src/cli/scaffolding/TemplateEngine.d.ts +10 -3
package/src/cli/scaffolding/TemplateEngine.d.ts.map +1 -1
package/src/cli/scaffolding/TemplateEngine.js +15 -285
package/src/cli/scaffolding/TemplateGenerator.d.ts +40 -0
package/src/cli/scaffolding/TemplateGenerator.d.ts.map +1 -0
package/src/cli/scaffolding/TemplateGenerator.js +172 -0
package/src/cli/scaffolding/index.d.ts +1 -0
package/src/cli/scaffolding/index.d.ts.map +1 -1
package/src/cli/scaffolding/index.js +1 -0
package/src/cli/utils/spawn.js +1 -1
package/src/common/AwsSigV4.d.ts +41 -0
package/src/common/AwsSigV4.d.ts.map +1 -0
package/src/common/AwsSigV4.js +69 -0
package/src/common/index.d.ts +39 -0
package/src/common/index.d.ts.map +1 -1
package/src/common/index.js +101 -8
package/src/common/uuid.d.ts +3 -0
package/src/common/uuid.d.ts.map +1 -0
package/src/common/uuid.js +30 -0
package/src/config/FileLogWriter.d.ts +22 -0
package/src/config/FileLogWriter.d.ts.map +1 -0
package/src/config/FileLogWriter.js +192 -0
package/src/config/SecretsManager.d.ts.map +1 -1
package/src/config/SecretsManager.js +26 -0
package/src/config/StartupConfigValidator.d.ts +15 -0
package/src/config/StartupConfigValidator.d.ts.map +1 -0
package/src/config/StartupConfigValidator.js +86 -0
package/src/config/app.d.ts +2 -1
package/src/config/app.d.ts.map +1 -1
package/src/config/app.js +65 -15
package/src/config/broadcast.d.ts +47 -0
package/src/config/broadcast.d.ts.map +1 -0
package/src/config/broadcast.js +54 -0
package/src/config/cache.d.ts +13 -17
package/src/config/cache.d.ts.map +1 -1
package/src/config/cache.js +9 -11
package/src/config/cloudflare.d.ts +26 -0
package/src/config/cloudflare.d.ts.map +1 -0
package/src/config/cloudflare.js +38 -0
package/src/config/env.d.ts +6 -0
package/src/config/env.d.ts.map +1 -1
package/src/config/env.js +6 -0
package/src/config/index.d.ts +52 -28
package/src/config/index.d.ts.map +1 -1
package/src/config/index.js +3 -0
package/src/config/logger.d.ts +2 -0
package/src/config/logger.d.ts.map +1 -1
package/src/config/logger.js +270 -11
package/src/config/logging/HttpLogger.d.ts +23 -0
package/src/config/logging/HttpLogger.d.ts.map +1 -0
package/src/config/logging/HttpLogger.js +93 -0
package/src/config/logging/KvLogger.d.ts +22 -0
package/src/config/logging/KvLogger.d.ts.map +1 -0
package/src/config/logging/KvLogger.js +143 -0
package/src/config/logging/SlackLogger.d.ts +23 -0
package/src/config/logging/SlackLogger.d.ts.map +1 -0
package/src/config/logging/SlackLogger.js +119 -0
package/src/config/mail.d.ts +81 -0
package/src/config/mail.d.ts.map +1 -0
package/src/config/mail.js +73 -0
package/src/config/middleware.d.ts +8 -0
package/src/config/middleware.d.ts.map +1 -0
package/src/config/middleware.js +18 -0
package/src/config/notification.d.ts +62 -0
package/src/config/notification.d.ts.map +1 -0
package/src/config/notification.js +43 -0
package/src/config/security.d.ts.map +1 -1
package/src/config/security.js +2 -2
package/src/config/startup.d.ts +23 -0
package/src/config/startup.d.ts.map +1 -0
package/src/config/startup.js +15 -0
package/src/config/storage.d.ts +21 -35
package/src/config/storage.d.ts.map +1 -1
package/src/config/storage.js +57 -37
package/src/database/migrations/index.d.ts +1 -1
package/src/database/migrations/index.d.ts.map +1 -1
package/src/database/migrations/index.js +2 -1
package/src/features/Queue.js +1 -25
package/src/functions/lambda.d.ts.map +1 -1
package/src/functions/lambda.js +6 -1
package/src/health/RuntimeHealthProbes.d.ts +13 -0
package/src/health/RuntimeHealthProbes.d.ts.map +1 -0
package/src/health/RuntimeHealthProbes.js +62 -0
package/src/health/StartupHealthChecks.d.ts +26 -0
package/src/health/StartupHealthChecks.d.ts.map +1 -0
package/src/health/StartupHealthChecks.js +124 -0
package/src/http/ErrorResponse.d.ts +28 -0
package/src/http/ErrorResponse.d.ts.map +1 -0
package/src/http/ErrorResponse.js +42 -0
package/src/http/Kernel.d.ts +5 -0
package/src/http/Kernel.d.ts.map +1 -1
package/src/http/Kernel.js +96 -30
package/src/http/Request.d.ts +1 -1
package/src/http/Request.d.ts.map +1 -1
package/src/http/RequestContext.d.ts +20 -0
package/src/http/RequestContext.d.ts.map +1 -0
package/src/http/RequestContext.js +77 -0
package/src/index.d.ts +9 -1
package/src/index.d.ts.map +1 -1
package/src/index.js +8 -2
package/src/microservices/MicroserviceBootstrap.d.ts.map +1 -1
package/src/microservices/MicroserviceBootstrap.js +6 -5
package/src/microservices/MicroserviceManager.d.ts.map +1 -1
package/src/microservices/MicroserviceManager.js +7 -5
package/src/microservices/PostgresAdapter.d.ts.map +1 -1
package/src/microservices/PostgresAdapter.js +7 -4
package/src/microservices/ServiceBundler.d.ts.map +1 -1
package/src/microservices/ServiceBundler.js +3 -1
package/src/microservices/ServiceHealthMonitor.d.ts.map +1 -1
package/src/microservices/ServiceHealthMonitor.js +7 -3
package/src/middleware/CsrfMiddleware.d.ts.map +1 -1
package/src/middleware/CsrfMiddleware.js +2 -19
package/src/middleware/ErrorHandlerMiddleware.d.ts +6 -0
package/src/middleware/ErrorHandlerMiddleware.d.ts.map +1 -0
package/src/middleware/ErrorHandlerMiddleware.js +33 -0
package/src/middleware/LoggingMiddleware.d.ts +9 -0
package/src/middleware/LoggingMiddleware.d.ts.map +1 -0
package/src/middleware/LoggingMiddleware.js +36 -0
package/src/middleware/index.d.ts +2 -0
package/src/middleware/index.d.ts.map +1 -1
package/src/middleware/index.js +2 -0
package/src/node-singletons/async_hooks.d.ts +9 -0
package/src/node-singletons/async_hooks.d.ts.map +1 -0
package/src/node-singletons/async_hooks.js +8 -0
package/src/node-singletons/fs.d.ts +2 -2
package/src/node-singletons/fs.d.ts.map +1 -1
package/src/node-singletons/fs.js +2 -2
package/src/node-singletons/http.d.ts +1 -1
package/src/node-singletons/http.d.ts.map +1 -1
package/src/node-singletons/http.js +1 -1
package/src/node-singletons/index.d.ts +4 -0
package/src/node-singletons/index.d.ts.map +1 -1
package/src/node-singletons/index.js +4 -0
package/src/node-singletons/net.d.ts +9 -0
package/src/node-singletons/net.d.ts.map +1 -0
package/src/node-singletons/net.js +8 -0
package/src/node-singletons/os.d.ts +3 -3
package/src/node-singletons/os.d.ts.map +1 -1
package/src/node-singletons/os.js +3 -4
package/src/node-singletons/path.d.ts +3 -1
package/src/node-singletons/path.d.ts.map +1 -1
package/src/node-singletons/path.js +3 -1
package/src/node-singletons/perf-hooks.d.ts +3 -1
package/src/node-singletons/perf-hooks.d.ts.map +1 -1
package/src/node-singletons/perf-hooks.js +3 -1
package/src/node-singletons/process.d.ts +23 -0
package/src/node-singletons/process.d.ts.map +1 -0
package/src/node-singletons/process.js +8 -0
package/src/node-singletons/readline.d.ts +3 -3
package/src/node-singletons/readline.d.ts.map +1 -1
package/src/node-singletons/readline.js +3 -4
package/src/node-singletons/tls.d.ts +9 -0
package/src/node-singletons/tls.d.ts.map +1 -0
package/src/node-singletons/tls.js +8 -0
package/src/node-singletons/url.d.ts +3 -1
package/src/node-singletons/url.d.ts.map +1 -1
package/src/node-singletons/url.js +3 -1
package/src/orm/ConnectionManager.d.ts +6 -1
package/src/orm/ConnectionManager.d.ts.map +1 -1
package/src/orm/ConnectionManager.js +14 -0
package/src/orm/DatabaseAdapter.d.ts +6 -0
package/src/orm/DatabaseAdapter.d.ts.map +1 -1
package/src/orm/QueryBuilder.d.ts +8 -1
package/src/orm/QueryBuilder.d.ts.map +1 -1
package/src/orm/QueryBuilder.js +188 -28
package/src/orm/adapters/D1Adapter.d.ts.map +1 -1
package/src/orm/adapters/D1Adapter.js +18 -12
package/src/orm/adapters/MySQLAdapter.d.ts.map +1 -1
package/src/orm/adapters/MySQLAdapter.js +4 -0
package/src/orm/adapters/PostgreSQLAdapter.d.ts.map +1 -1
package/src/orm/adapters/PostgreSQLAdapter.js +4 -0
package/src/orm/adapters/SQLServerAdapter.d.ts.map +1 -1
package/src/orm/adapters/SQLServerAdapter.js +4 -0
package/src/orm/adapters/SQLiteAdapter.d.ts.map +1 -1
package/src/orm/adapters/SQLiteAdapter.js +4 -0
package/src/performance/Benchmark.d.ts.map +1 -1
package/src/performance/Benchmark.js +3 -0
package/src/performance/CodeGenerationBenchmark.js +3 -3
package/src/performance/Optimizer.d.ts +1 -1
package/src/performance/Optimizer.d.ts.map +1 -1
package/src/performance/Optimizer.js +157 -80
package/src/performance/establish-baseline.js +3 -3
package/src/runtime/PluginManager.d.ts +3 -1
package/src/runtime/PluginManager.d.ts.map +1 -1
package/src/runtime/PluginManager.js +124 -28
package/src/runtime/RuntimeDetector.d.ts.map +1 -1
package/src/runtime/RuntimeDetector.js +47 -5
package/src/runtime/adapters/CloudflareAdapter.js +2 -2
package/src/runtime/adapters/DenoAdapter.js +9 -7
package/src/runtime/adapters/FargateAdapter.d.ts.map +1 -1
package/src/runtime/adapters/FargateAdapter.js +4 -3
package/src/runtime/adapters/LambdaAdapter.d.ts.map +1 -1
package/src/runtime/adapters/LambdaAdapter.js +4 -2
package/src/runtime/adapters/NodeServerAdapter.d.ts.map +1 -1
package/src/runtime/adapters/NodeServerAdapter.js +7 -6
package/src/scheduler/ScheduleRunner.d.ts +18 -0
package/src/scheduler/ScheduleRunner.d.ts.map +1 -0
package/src/scheduler/ScheduleRunner.js +155 -0
package/src/scheduler/index.d.ts +3 -0
package/src/scheduler/index.d.ts.map +1 -0
package/src/scheduler/index.js +1 -0
package/src/scheduler/types.d.ts +16 -0
package/src/scheduler/types.d.ts.map +1 -0
package/src/scheduler/types.js +4 -0
package/src/schedules/index.d.ts +2 -0
package/src/schedules/index.d.ts.map +1 -0
package/src/schedules/index.js +1 -0
package/src/schedules/log-cleanup.d.ts +4 -0
package/src/schedules/log-cleanup.d.ts.map +1 -0
package/src/schedules/log-cleanup.js +18 -0
package/src/scripts/GenerateEnvArtifacts.d.ts +13 -0
package/src/scripts/GenerateEnvArtifacts.d.ts.map +1 -0
package/src/scripts/GenerateEnvArtifacts.js +171 -0
package/src/scripts/TemplateSync.js +109 -70
package/src/security/CsrfTokenManager.js +1 -1
package/src/security/Encryptor.js +1 -1
package/src/security/Hash.d.ts +14 -0
package/src/security/Hash.d.ts.map +1 -0
package/src/security/Hash.js +81 -0
package/src/security/StartupSecretValidation.d.ts +20 -0
package/src/security/StartupSecretValidation.d.ts.map +1 -0
package/src/security/StartupSecretValidation.js +61 -0
package/src/security/UrlValidator.d.ts +0 -1
package/src/security/UrlValidator.d.ts.map +1 -1
package/src/security/UrlValidator.js +1 -2
package/src/security/Xss.d.ts +14 -0
package/src/security/Xss.d.ts.map +1 -0
package/src/security/Xss.js +57 -0
package/src/security/XssProtection.d.ts.map +1 -1
package/src/security/XssProtection.js +150 -16
package/src/templates/adapters/MySQLAdapter.ts.tpl +5 -0
package/src/templates/adapters/PostgreSQLAdapter.ts.tpl +5 -0
package/src/templates/adapters/SQLServerAdapter.ts.tpl +5 -0
package/src/templates/adapters/SQLiteAdapter.ts.tpl +5 -0
package/src/templates/features/Queue.ts.tpl +1 -29
package/src/templates/project/basic/.env.example.tpl +48 -0
package/src/templates/project/basic/.env.tpl +89 -94
package/src/templates/project/basic/app/Toolkit/Broadcast/sendBroadcast.ts.tpl +7 -0
package/src/templates/project/basic/app/Toolkit/Mail/sendWelcomeEmail.ts.tpl +30 -0
package/src/templates/project/basic/app/Toolkit/Notification/sendSlackNotification.ts.tpl +10 -0
package/src/templates/project/basic/app/Toolkit/Notification/sendSms.ts.tpl +13 -0
package/src/templates/project/basic/config/FileLogWriter.ts.tpl +240 -0
package/src/templates/project/basic/config/SecretsManager.ts.tpl +32 -1
package/src/templates/project/basic/config/StartupConfigValidator.ts.tpl +151 -0
package/src/templates/project/basic/config/app.ts.tpl +84 -15
package/src/templates/project/basic/config/broadcast.ts.tpl +97 -0
package/src/templates/project/basic/config/cache.ts.tpl +19 -23
package/src/templates/project/basic/config/cloudflare.ts.tpl +57 -0
package/src/templates/project/basic/config/env.ts.tpl +7 -1
package/src/templates/project/basic/config/index.ts.tpl +3 -0
package/src/templates/project/basic/config/logger.ts.tpl +301 -11
package/src/templates/project/basic/config/logging/HttpLogger.ts.tpl +121 -0
package/src/templates/project/basic/config/logging/KvLogger.ts.tpl +181 -0
package/src/templates/project/basic/config/logging/SlackLogger.ts.tpl +156 -0
package/src/templates/project/basic/config/mail.ts.tpl +141 -0
package/src/templates/project/basic/config/middleware.ts.tpl +27 -0
package/src/templates/project/basic/config/notification.ts.tpl +86 -0
package/src/templates/project/basic/config/security.ts.tpl +4 -5
package/src/templates/project/basic/config/startup.ts.tpl +27 -0
package/src/templates/project/basic/config/storage.ts.tpl +77 -42
package/src/templates/project/basic/database/migrations/index.ts.tpl +1 -1
package/src/templates/project/basic/package.json.tpl +1 -1
package/src/templates/project/basic/routes/api.ts.tpl +9 -37
package/src/templates/project/basic/routes/broadcast.ts.tpl +32 -0
package/src/templates/project/basic/routes/health.ts.tpl +134 -0
package/src/templates/project/basic/src/index.ts.tpl +38 -11
package/src/templates/project/basic/template.json +3 -0
package/src/toolkit/Secrets/EnvFile.d.ts +15 -0
package/src/toolkit/Secrets/EnvFile.d.ts.map +1 -0
package/src/toolkit/Secrets/EnvFile.js +63 -0
package/src/toolkit/Secrets/Manifest.d.ts +24 -0
package/src/toolkit/Secrets/Manifest.d.ts.map +1 -0
package/src/toolkit/Secrets/Manifest.js +71 -0
package/src/toolkit/Secrets/index.d.ts +42 -0
package/src/toolkit/Secrets/index.d.ts.map +1 -0
package/src/toolkit/Secrets/index.js +119 -0
package/src/toolkit/Secrets/providers/AwsSecretsManager.d.ts +14 -0
package/src/toolkit/Secrets/providers/AwsSecretsManager.d.ts.map +1 -0
package/src/toolkit/Secrets/providers/AwsSecretsManager.js +131 -0
package/src/toolkit/Secrets/providers/CloudflareKv.d.ts +9 -0
package/src/toolkit/Secrets/providers/CloudflareKv.d.ts.map +1 -0
package/src/toolkit/Secrets/providers/CloudflareKv.js +73 -0
package/src/tools/broadcast/Broadcast.d.ts +7 -0
package/src/tools/broadcast/Broadcast.d.ts.map +1 -0
package/src/tools/broadcast/Broadcast.js +37 -0
package/src/tools/broadcast/drivers/BaseDriver.d.ts +5 -0
package/src/tools/broadcast/drivers/BaseDriver.d.ts.map +1 -0
package/src/tools/broadcast/drivers/BaseDriver.js +8 -0
package/src/tools/broadcast/drivers/InMemory.d.ts +18 -0
package/src/tools/broadcast/drivers/InMemory.d.ts.map +1 -0
package/src/tools/broadcast/drivers/InMemory.js +16 -0
package/src/tools/broadcast/drivers/Pusher.d.ts +8 -0
package/src/tools/broadcast/drivers/Pusher.d.ts.map +1 -0
package/src/tools/broadcast/drivers/Pusher.js +75 -0
package/src/tools/broadcast/drivers/Redis.d.ts +19 -0
package/src/tools/broadcast/drivers/Redis.d.ts.map +1 -0
package/src/tools/broadcast/drivers/Redis.js +73 -0
package/src/tools/broadcast/drivers/RedisHttps.d.ts +14 -0
package/src/tools/broadcast/drivers/RedisHttps.d.ts.map +1 -0
package/src/tools/broadcast/drivers/RedisHttps.js +50 -0
package/src/tools/broadcast/index.d.ts +7 -0
package/src/tools/broadcast/index.d.ts.map +1 -0
package/src/tools/broadcast/index.js +6 -0
package/src/tools/http/Http.d.ts +51 -0
package/src/tools/http/Http.d.ts.map +1 -0
package/src/tools/http/Http.js +171 -0
package/src/tools/http/HttpResponse.d.ts +32 -0
package/src/tools/http/HttpResponse.d.ts.map +1 -0
package/src/tools/http/HttpResponse.js +80 -0
package/src/tools/http/index.d.ts +15 -0
package/src/tools/http/index.d.ts.map +1 -0
package/src/tools/http/index.js +9 -0
package/src/tools/mail/Mail.d.ts +22 -0
package/src/tools/mail/Mail.d.ts.map +1 -0
package/src/tools/mail/Mail.js +105 -0
package/src/tools/mail/attachments.d.ts +23 -0
package/src/tools/mail/attachments.d.ts.map +1 -0
package/src/tools/mail/attachments.js +26 -0
package/src/tools/mail/drivers/BaseDriver.d.ts +5 -0
package/src/tools/mail/drivers/BaseDriver.d.ts.map +1 -0
package/src/tools/mail/drivers/BaseDriver.js +8 -0
package/src/tools/mail/drivers/Mailgun.d.ts +31 -0
package/src/tools/mail/drivers/Mailgun.d.ts.map +1 -0
package/src/tools/mail/drivers/Mailgun.js +81 -0
package/src/tools/mail/drivers/SendGrid.d.ts +29 -0
package/src/tools/mail/drivers/SendGrid.d.ts.map +1 -0
package/src/tools/mail/drivers/SendGrid.js +57 -0
package/src/tools/mail/drivers/Ses.d.ts +24 -0
package/src/tools/mail/drivers/Ses.d.ts.map +1 -0
package/src/tools/mail/drivers/Ses.js +116 -0
package/src/tools/mail/drivers/Smtp.d.ts +38 -0
package/src/tools/mail/drivers/Smtp.d.ts.map +1 -0
package/src/tools/mail/drivers/Smtp.js +327 -0
package/src/tools/mail/templates/index.d.ts +27 -0
package/src/tools/mail/templates/index.d.ts.map +1 -0
package/src/tools/mail/templates/index.js +35 -0
package/src/tools/mail/templates/markdown/index.d.ts +17 -0
package/src/tools/mail/templates/markdown/index.d.ts.map +1 -0
package/src/tools/mail/templates/markdown/index.js +49 -0
package/src/tools/mail/templates/markdown/registry.d.ts +15 -0
package/src/tools/mail/templates/markdown/registry.d.ts.map +1 -0
package/src/tools/mail/templates/markdown/registry.js +34 -0
package/src/tools/mail/templates/markdown/validator.d.ts +16 -0
package/src/tools/mail/templates/markdown/validator.d.ts.map +1 -0
package/src/tools/mail/templates/markdown/validator.js +24 -0
package/src/tools/mail/testing.d.ts +41 -0
package/src/tools/mail/testing.d.ts.map +1 -0
package/src/tools/mail/testing.js +34 -0
package/src/tools/notification/Driver.d.ts +11 -0
package/src/tools/notification/Driver.d.ts.map +1 -0
package/src/tools/notification/Driver.js +1 -0
package/src/tools/notification/Notification.d.ts +11 -0
package/src/tools/notification/Notification.d.ts.map +1 -0
package/src/tools/notification/Notification.js +11 -0
package/src/tools/notification/Registry.d.ts +10 -0
package/src/tools/notification/Registry.d.ts.map +1 -0
package/src/tools/notification/Registry.js +22 -0
package/src/tools/notification/Service.d.ts +6 -0
package/src/tools/notification/Service.d.ts.map +1 -0
package/src/tools/notification/Service.js +18 -0
package/src/tools/notification/config.d.ts +5 -0
package/src/tools/notification/config.d.ts.map +1 -0
package/src/tools/notification/config.js +5 -0
package/src/tools/notification/drivers/BaseDriver.d.ts +5 -0
package/src/tools/notification/drivers/BaseDriver.d.ts.map +1 -0
package/src/tools/notification/drivers/BaseDriver.js +8 -0
package/src/tools/notification/drivers/Console.d.ts +7 -0
package/src/tools/notification/drivers/Console.d.ts.map +1 -0
package/src/tools/notification/drivers/Console.js +13 -0
package/src/tools/notification/drivers/Slack.d.ts +16 -0
package/src/tools/notification/drivers/Slack.d.ts.map +1 -0
package/src/tools/notification/drivers/Slack.js +24 -0
package/src/tools/notification/drivers/Termii.d.ts +10 -0
package/src/tools/notification/drivers/Termii.d.ts.map +1 -0
package/src/tools/notification/drivers/Termii.js +47 -0
package/src/tools/notification/drivers/Twilio.d.ts +21 -0
package/src/tools/notification/drivers/Twilio.d.ts.map +1 -0
package/src/tools/notification/drivers/Twilio.js +48 -0
package/src/tools/notification/templates/markdown/index.d.ts +15 -0
package/src/tools/notification/templates/markdown/index.d.ts.map +1 -0
package/src/tools/notification/templates/markdown/index.js +38 -0
package/src/tools/notification/templates/markdown/registry.d.ts +15 -0
package/src/tools/notification/templates/markdown/registry.d.ts.map +1 -0
package/src/tools/notification/templates/markdown/registry.js +36 -0
package/src/tools/notification/testing.d.ts +19 -0
package/src/tools/notification/testing.d.ts.map +1 -0
package/src/tools/notification/testing.js +35 -0
package/src/tools/notification/testingHelpers.d.ts +12 -0
package/src/tools/notification/testingHelpers.d.ts.map +1 -0
package/src/tools/notification/testingHelpers.js +32 -0
package/src/tools/queue/Queue.d.ts +23 -0
package/src/tools/queue/Queue.d.ts.map +1 -0
package/src/tools/queue/Queue.js +38 -0
package/src/tools/queue/drivers/InMemory.d.ts +10 -0
package/src/tools/queue/drivers/InMemory.d.ts.map +1 -0
package/src/tools/queue/drivers/InMemory.js +55 -0
package/src/tools/queue/drivers/Redis.d.ts +10 -0
package/src/tools/queue/drivers/Redis.d.ts.map +1 -0
package/src/tools/queue/drivers/Redis.js +91 -0
package/src/tools/storage/drivers/Gcs.d.ts +20 -0
package/src/tools/storage/drivers/Gcs.d.ts.map +1 -0
package/src/tools/storage/drivers/Gcs.js +152 -0
package/src/tools/storage/drivers/Local.d.ts +17 -0
package/src/tools/storage/drivers/Local.d.ts.map +1 -0
package/src/tools/storage/drivers/Local.js +63 -0
package/src/tools/storage/drivers/R2.d.ts +20 -0
package/src/tools/storage/drivers/R2.d.ts.map +1 -0
package/src/tools/storage/drivers/R2.js +73 -0
package/src/tools/storage/drivers/S3.d.ts +26 -0
package/src/tools/storage/drivers/S3.d.ts.map +1 -0
package/src/tools/storage/drivers/S3.js +258 -0
package/src/tools/storage/index.d.ts +24 -0
package/src/tools/storage/index.d.ts.map +1 -0
package/src/tools/storage/index.js +112 -0
package/src/tools/storage/testing.d.ts +23 -0
package/src/tools/storage/testing.d.ts.map +1 -0
package/src/tools/storage/testing.js +52 -0
package/src/tools/templates/MarkdownRenderer.d.ts +14 -0
package/src/tools/templates/MarkdownRenderer.d.ts.map +1 -0
package/src/tools/templates/MarkdownRenderer.js +300 -0
package/src/tools/templates/index.d.ts +5 -0
package/src/tools/templates/index.d.ts.map +1 -0
package/src/tools/templates/index.js +4 -0

package/src/scripts/TemplateSync.js CHANGED Viewed

@@ -4,14 +4,13 @@
  * Runs during npm run build
  */
 import { TemplateRegistry } from '../templates/TemplateRegistry.js';
+import { ensureDir, esmDirname } from '../common/index';
 import { Logger } from '../config/logger';
 import { ErrorFactory } from '../exceptions/ZintrustError';
 import * as crypto from '../node-singletons/crypto';
 import fs from '../node-singletons/fs';
-import { fileURLToPath } from '../node-singletons/url';
-import * as path from 'node:path';
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = path.dirname(__filename);
+import * as path from '../node-singletons/path';
+const __dirname = esmDirname(import.meta.url);
 const ROOT_DIR = path.resolve(__dirname, '../../');
 /**
  * Calculate SHA1 hash of file content
@@ -48,14 +47,6 @@ function extractTemplateContent(filePath) {
         throw ErrorFactory.createTryCatchError(`Failed to extract template from: ${filePath}`, error);
     }
 }
-/**
- * Ensure directory exists, create if needed
- */
-function ensureDir(dirPath) {
-    if (!fs.existsSync(dirPath)) {
-        fs.mkdirSync(dirPath, { recursive: true });
-    }
-}
 const shouldSkipEntry = (name) => {
     return (name === 'node_modules' ||
         name === 'dist' ||
@@ -117,64 +108,28 @@ const syncProjectTemplateDir = (params) => {
     }
     return { updated, skipped, total: files.length };
 };
-/**
- * Load existing checksums from JSON file
- */
-function loadChecksums() {
-    const checksumPath = path.join(ROOT_DIR, '.template-checksums.json');
-    if (fs.existsSync(checksumPath)) {
-        try {
-            const content = fs.readFileSync(checksumPath, 'utf8');
-            return JSON.parse(content);
-        }
-        catch (error) {
-            Logger.error('Could not parse .template-checksums.json, starting fresh', error);
-            return {};
-        }
-    }
-    return {};
-}
-/**
- * Save checksums to JSON file
- */
-function saveChecksums(checksums) {
-    const checksumPath = path.join(ROOT_DIR, '.template-checksums.json');
-    fs.writeFileSync(checksumPath, JSON.stringify(checksums, null, 2));
-}
-/**
- * Main sync function
- */
-// eslint-disable-next-line @typescript-eslint/require-await
-async function syncTemplates() {
-    Logger.info('🔄 Syncing templates...\n');
-    const checksums = loadChecksums();
-    const mappings = TemplateRegistry.getMappings();
+const syncRegistryMappings = (params) => {
     let updated = 0;
     let skipped = 0;
-    for (const mapping of mappings) {
+    for (const mapping of params.mappings) {
         const basePath = path.join(ROOT_DIR, mapping.basePath);
         const templatePath = path.join(ROOT_DIR, mapping.templatePath);
-        // Check if base file exists
         if (!fs.existsSync(basePath)) {
             Logger.warn(`⚠️  Base file not found: ${mapping.basePath}`);
             continue;
         }
-        // Calculate current hash
         const currentHash = hashFile(basePath);
-        const storedHash = checksums[mapping.basePath];
-        // Check if update is needed
+        const storedHash = params.checksums[mapping.basePath];
         if (currentHash === storedHash && fs.existsSync(templatePath)) {
             Logger.info(`✓ ${mapping.description} (in sync)`);
             skipped++;
             continue;
         }
-        // Extract and write template
         try {
             const templateContent = extractTemplateContent(basePath);
             ensureDir(path.dirname(templatePath));
             fs.writeFileSync(templatePath, templateContent, 'utf8');
-            // Update checksum
-            checksums[mapping.basePath] = currentHash;
+            params.checksums[mapping.basePath] = currentHash;
             Logger.info(`✓ Updated: ${mapping.description}`);
             updated++;
         }
@@ -183,46 +138,130 @@ async function syncTemplates() {
             process.exit(1);
         }
     }
-    // Sync starter project templates (basic) from base framework folders.
-    // Spec: app/* -> app/*, src/config/* -> config/*, src/database/* -> database/*, routes/* -> routes/*
-    // plus .env (generated from .env.example with sensitive values blanked).
-    Logger.info('');
-    Logger.info('🔄 Syncing starter project templates (basic)...');
-    const projectRoot = 'src/templates/project/basic';
+    return { updated, skipped };
+};
+const syncStarterEnvTemplate = (params) => {
+    const envExampleAbs = fs.existsSync(path.join(ROOT_DIR, '.env.example'))
+        ? path.join(ROOT_DIR, '.env.example')
+        : path.join(ROOT_DIR, '.env.example.generated');
+    const envTemplateAbs = path.join(ROOT_DIR, params.projectRoot, '.env.tpl');
+    const envChecksumKey = 'starter/.env';
+    if (!fs.existsSync(envExampleAbs)) {
+        Logger.warn('⚠️  .env.example not found; skipping starter .env template generation');
+        return { updated: 0, skipped: 0, total: 1 };
+    }
+    const currentHash = hashFile(envExampleAbs);
+    const storedHash = params.checksums[envChecksumKey];
+    if (currentHash === storedHash && fs.existsSync(envTemplateAbs)) {
+        return { updated: 0, skipped: 1, total: 1 };
+    }
+    const raw = fs.readFileSync(envExampleAbs, 'utf8');
+    const lines = raw.split(/\r?\n/);
+    const rendered = lines
+        .map((line) => {
+        if (line.trim() === '' || line.startsWith('#'))
+            return line;
+        const eq = line.indexOf('=');
+        if (eq === -1)
+            return line;
+        const key = line.slice(0, eq).trim();
+        if (key === '')
+            return line;
+        if (key === 'NODE_ENV')
+            return 'NODE_ENV=development';
+        return `${key}=`;
+    })
+        .join('\n') + '\n';
+    ensureDir(path.dirname(envTemplateAbs));
+    fs.writeFileSync(envTemplateAbs, rendered, 'utf8');
+    params.checksums[envChecksumKey] = currentHash;
+    Logger.info('✓ Starter project .env (generated)');
+    return { updated: 1, skipped: 0, total: 1 };
+};
+const syncStarterProjectTemplates = (params) => {
     const s1 = syncProjectTemplateDir({
-        checksums,
+        checksums: params.checksums,
         baseDirRel: 'app',
-        templateDirRel: `${projectRoot}/app`,
+        templateDirRel: `${params.projectRoot}/app`,
         description: 'Starter project app/*',
     });
     const s2 = syncProjectTemplateDir({
-        checksums,
+        checksums: params.checksums,
         baseDirRel: 'src/config',
-        templateDirRel: `${projectRoot}/config`,
+        templateDirRel: `${params.projectRoot}/config`,
         description: 'Starter project config/* (from src/config/*)',
     });
     const s3 = syncProjectTemplateDir({
-        checksums,
+        checksums: params.checksums,
         baseDirRel: 'src/database',
-        templateDirRel: `${projectRoot}/database`,
+        templateDirRel: `${params.projectRoot}/database`,
         description: 'Starter project database/* (from src/database/*)',
     });
     const s4 = syncProjectTemplateDir({
-        checksums,
+        checksums: params.checksums,
         baseDirRel: 'routes',
-        templateDirRel: `${projectRoot}/routes`,
+        templateDirRel: `${params.projectRoot}/routes`,
         description: 'Starter project routes/*',
     });
-    const s5 = { updated: 0, skipped: 0 };
-    updated += s1.updated + s2.updated + s3.updated + s4.updated + s5.updated;
-    skipped += s1.skipped + s2.skipped + s3.skipped + s4.skipped + s5.skipped;
+    const s5 = syncStarterEnvTemplate({
+        checksums: params.checksums,
+        projectRoot: params.projectRoot,
+    });
+    return {
+        updated: s1.updated + s2.updated + s3.updated + s4.updated + s5.updated,
+        skipped: s1.skipped + s2.skipped + s3.skipped + s4.skipped + s5.skipped,
+        total: s1.total + s2.total + s3.total + s4.total + s5.total,
+    };
+};
+/**
+ * Load existing checksums from JSON file
+ */
+function loadChecksums() {
+    const checksumPath = path.join(ROOT_DIR, '.template-checksums.json');
+    if (fs.existsSync(checksumPath)) {
+        try {
+            const content = fs.readFileSync(checksumPath, 'utf8');
+            return JSON.parse(content);
+        }
+        catch (error) {
+            Logger.error('Could not parse .template-checksums.json, starting fresh', error);
+            return {};
+        }
+    }
+    return {};
+}
+/**
+ * Save checksums to JSON file
+ */
+function saveChecksums(checksums) {
+    const checksumPath = path.join(ROOT_DIR, '.template-checksums.json');
+    fs.writeFileSync(checksumPath, JSON.stringify(checksums, null, 2));
+}
+/**
+ * Main sync function
+ */
+// eslint-disable-next-line @typescript-eslint/require-await
+async function syncTemplates() {
+    Logger.info('🔄 Syncing templates...\n');
+    const checksums = loadChecksums();
+    const mappings = TemplateRegistry.getMappings();
+    const registry = syncRegistryMappings({ checksums, mappings });
+    // Sync starter project templates (basic) from base framework folders.
+    // Spec: app/* -> app/*, src/config/* -> config/*, src/database/* -> database/*, routes/* -> routes/*
+    // plus .env (generated from .env.example with sensitive values blanked).
+    Logger.info('');
+    Logger.info('🔄 Syncing starter project templates (basic)...');
+    const projectRoot = 'src/templates/project/basic';
+    const starter = syncStarterProjectTemplates({ checksums, projectRoot });
     // Save updated checksums
     saveChecksums(checksums);
     // Summary
+    const updated = registry.updated + starter.updated;
+    const skipped = registry.skipped + starter.skipped;
     Logger.info(`\n📦 Template sync complete`);
     Logger.info(`   Updated: ${updated}`);
     Logger.info(`   Skipped: ${skipped}`);
-    Logger.info(`   Total: ${mappings.length + s1.total + s2.total + s3.total + s4.total}\n`);
+    Logger.info(`   Total: ${mappings.length + starter.total}\n`);
 }
 // Run sync
 try {

package/src/security/CsrfTokenManager.js CHANGED Viewed

@@ -3,7 +3,7 @@
  * Generate, validate, and bind CSRF tokens to sessions
  */
 import { Env } from '../config/env';
-import { randomBytes } from 'node:crypto';
+import { randomBytes } from '../node-singletons/crypto';
 /**
  * Create a new CSRF token manager instance
  */

package/src/security/Encryptor.js CHANGED Viewed

@@ -4,7 +4,7 @@
  */
 import { Logger } from '../config/logger';
 import { ErrorFactory } from '../exceptions/ZintrustError';
-import { pbkdf2Sync, randomBytes } from 'node:crypto';
+import { pbkdf2Sync, randomBytes } from '../node-singletons/crypto';
 function isBcryptModule(value) {
     if (typeof value !== 'object' || value === null)
         return false;

package/src/security/Hash.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * Hash
+ * bcrypt-based password hashing utility.
+ *
+ * Runtime-aware: uses dynamic import for bcrypt.
+ */
+export declare const Hash: Readonly<{
+    isValidHash(hash: string): boolean;
+    hash(plaintext: string): Promise<string>;
+    hashWithRounds(plaintext: string, rounds: number): Promise<string>;
+    verify(plaintext: string, hashed: string): Promise<boolean>;
+}>;
+export default Hash;
+//# sourceMappingURL=Hash.d.ts.map

package/src/security/Hash.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"Hash.d.ts","sourceRoot":"","sources":["../../../src/security/Hash.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AA+CH,eAAO,MAAM,IAAI;sBACG,MAAM,GAAG,OAAO;oBAIZ,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;8BAUd,MAAM,UAAU,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;sBAgBhD,MAAM,UAAU,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;EAWjE,CAAC;AAEH,eAAe,IAAI,CAAC"}

package/src/security/Hash.js ADDED Viewed

@@ -0,0 +1,81 @@
+/**
+ * Hash
+ * bcrypt-based password hashing utility.
+ *
+ * Runtime-aware: uses dynamic import for bcrypt.
+ */
+import { Logger } from '../config/logger';
+import { ErrorFactory } from '../exceptions/ZintrustError';
+function isBcryptModule(value) {
+    if (typeof value !== 'object' || value === null)
+        return false;
+    const record = value;
+    return typeof record['hash'] === 'function' && typeof record['compare'] === 'function';
+}
+let bcrypt;
+let loadingPromise;
+async function loadBcrypt() {
+    const imported = await import('bcrypt');
+    const module = imported;
+    const candidate = module.default ?? module;
+    if (!isBcryptModule(candidate)) {
+        throw ErrorFactory.createConfigError('Invalid bcrypt module shape');
+    }
+    bcrypt = candidate;
+}
+async function ensureBcrypt() {
+    if (bcrypt !== undefined)
+        return bcrypt;
+    loadingPromise ??= loadBcrypt().catch((error) => {
+        Logger.error('bcrypt unavailable', error);
+        throw ErrorFactory.createConfigError('bcrypt unavailable', error);
+    });
+    await loadingPromise;
+    if (bcrypt === undefined) {
+        throw ErrorFactory.createConfigError('bcrypt unavailable');
+    }
+    return bcrypt;
+}
+const BCRYPT_HASH_RE = /^\$2[aby]\$\d{2}\$[./A-Za-z0-9]{53}$/;
+export const Hash = Object.freeze({
+    isValidHash(hash) {
+        return BCRYPT_HASH_RE.test(hash);
+    },
+    async hash(plaintext) {
+        const bcryptModule = await ensureBcrypt();
+        try {
+            return await bcryptModule.hash(plaintext, 12);
+        }
+        catch (error) {
+            Logger.error('Password hashing failed', error);
+            throw ErrorFactory.createSecurityError('Password hashing failed', error);
+        }
+    },
+    async hashWithRounds(plaintext, rounds) {
+        const bcryptModule = await ensureBcrypt();
+        const normalizedRounds = Number.isFinite(rounds) ? Math.trunc(rounds) : 0;
+        if (normalizedRounds <= 0) {
+            throw ErrorFactory.createConfigError('Invalid bcrypt rounds', { rounds });
+        }
+        try {
+            return await bcryptModule.hash(plaintext, normalizedRounds);
+        }
+        catch (error) {
+            Logger.error('Password hashing failed', error);
+            throw ErrorFactory.createSecurityError('Password hashing failed', error);
+        }
+    },
+    async verify(plaintext, hashed) {
+        if (!Hash.isValidHash(hashed))
+            return false;
+        try {
+            const bcryptModule = await ensureBcrypt();
+            return await bcryptModule.compare(plaintext, hashed);
+        }
+        catch (error) {
+            Logger.error('Password verify failed', error);
+            return false;
+        }
+    },
+});
+export default Hash;

package/src/security/StartupSecretValidation.d.ts ADDED Viewed

@@ -0,0 +1,20 @@
+/**
+ * Startup Secret Validation
+ *
+ * Validates critical secrets early at boot time so production misconfiguration
+ * fails fast and predictably.
+ */
+export type StartupSecretValidationError = {
+    key: string;
+    message: string;
+};
+export type StartupSecretValidationResult = {
+    valid: boolean;
+    errors: StartupSecretValidationError[];
+};
+export declare const StartupSecretValidation: Readonly<{
+    validate(): StartupSecretValidationResult;
+    assertValid(): void;
+}>;
+export default StartupSecretValidation;
+//# sourceMappingURL=StartupSecretValidation.d.ts.map

package/src/security/StartupSecretValidation.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"StartupSecretValidation.d.ts","sourceRoot":"","sources":["../../../src/security/StartupSecretValidation.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAOH,MAAM,MAAM,4BAA4B,GAAG;IACzC,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,6BAA6B,GAAG;IAC1C,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,4BAA4B,EAAE,CAAC;CACxC,CAAC;AA6BF,eAAO,MAAM,uBAAuB;gBACtB,6BAA6B;mBAe1B,IAAI;EAQnB,CAAC;AAEH,eAAe,uBAAuB,CAAC"}

package/src/security/StartupSecretValidation.js ADDED Viewed

@@ -0,0 +1,61 @@
+/**
+ * Startup Secret Validation
+ *
+ * Validates critical secrets early at boot time so production misconfiguration
+ * fails fast and predictably.
+ */
+import { appConfig } from '../config/app';
+import { securityConfig } from '../config/security';
+import { startupConfig } from '../config/startup';
+import { ErrorFactory } from '../exceptions/ZintrustError';
+const validateApiKeySecret = () => {
+    if (!securityConfig.apiKey.enabled)
+        return null;
+    const secret = (securityConfig.apiKey.secret ?? '').trim();
+    if (secret.length > 0)
+        return null;
+    return {
+        key: 'API_KEY_SECRET',
+        message: 'API_KEY_SECRET must be set when API key auth is enabled',
+    };
+};
+const validateJwtSecret = () => {
+    if (!securityConfig.jwt.enabled)
+        return null;
+    try {
+        const secret = securityConfig.jwt.secret.trim();
+        if (secret.length === 0) {
+            return { key: 'JWT_SECRET', message: 'JWT_SECRET must be set when JWT is enabled' };
+        }
+        return null;
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : 'Unknown error';
+        return { key: 'JWT_SECRET', message };
+    }
+};
+export const StartupSecretValidation = Object.freeze({
+    validate() {
+        if (!startupConfig.validateSecrets)
+            return { valid: true, errors: [] };
+        if (!appConfig.isProduction())
+            return { valid: true, errors: [] };
+        const errors = [];
+        const jwtError = validateJwtSecret();
+        if (jwtError !== null)
+            errors.push(jwtError);
+        const apiKeyError = validateApiKeySecret();
+        if (apiKeyError !== null)
+            errors.push(apiKeyError);
+        return { valid: errors.length === 0, errors };
+    },
+    assertValid() {
+        const result = StartupSecretValidation.validate();
+        if (result.valid)
+            return;
+        throw ErrorFactory.createConfigError('Invalid startup secret configuration', {
+            errors: result.errors,
+        });
+    },
+});
+export default StartupSecretValidation;

package/src/security/UrlValidator.d.ts CHANGED Viewed

@@ -3,7 +3,6 @@
  * Mitigates SSRF (SonarQube S5144)
  */
 export interface IUrlValidator {
-    validate(url: string, allowedDomains?: string[]): void;
     validateUrl(url: string, allowedDomains?: string[]): void;
 }
 /**

package/src/security/UrlValidator.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"UrlValidator.d.ts","sourceRoot":"","sources":["../../../src/security/UrlValidator.ts"],"names":[],"mappings":"AAAA;;;GAGG;~~AAKH~~,MAAM,WAAW,aAAa;IAC5B,~~QAAQ,CAAC,GAAG,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IACvD,~~WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;CAC3D;AAED;;;GAGG;AACH,QAAA,MAAM,QAAQ,GAAI,KAAK,MAAM,EAAE,iBAAgB,MAAM,EAA+B,KAAG,IAyBtF,CAAC;AAEF,QAAA,MAAM,WAAW,GAAI,KAAK,MAAM,EAAE,iBAAiB,MAAM,EAAE,KAAG,IAE7D,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,YAAY,EAAE,aAGzB,CAAC;AAGH,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC"}
1	+ {"version":3,"file":"UrlValidator.d.ts","sourceRoot":"","sources":["../../../src/security/UrlValidator.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,MAAM,WAAW,aAAa;IAC5B,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;CAC3D;AAED;;;GAGG;AACH,QAAA,MAAM,QAAQ,GAAI,KAAK,MAAM,EAAE,iBAAgB,MAAM,EAA+B,KAAG,IAyBtF,CAAC;AAEF,QAAA,MAAM,WAAW,GAAI,KAAK,MAAM,EAAE,iBAAiB,MAAM,EAAE,KAAG,IAE7D,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,YAAY,EAAE,aAGzB,CAAC;AAGH,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC"}

package/src/security/UrlValidator.js CHANGED Viewed

@@ -2,7 +2,6 @@
  * Security Utilities
  * Mitigates SSRF (SonarQube S5144)
  */
-import { Env } from '../config/env';
 import { ErrorFactory } from '../exceptions/ZintrustError';
 /**
  * Validate URL for SSRF protection
@@ -15,7 +14,7 @@ const validate = (url, allowedDomains = ['localhost', '127.0.0.1']) => {
         // In a real microservices environment, we would check against a service registry
         // For now, we allow localhost and any domain in the allowed list
         const isAllowed = allowedDomains.some((domain) => hostname === domain || hostname.endsWith(`.${domain}`));
-        if (!isAllowed && Env.NODE_ENV === 'production') {
+        if (!isAllowed) {
             throw ErrorFactory.createValidationError(`URL hostname '${hostname}' is not allowed (SSRF Protection)`, { hostname });
         }
     }

package/src/security/Xss.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * XSS Sanitizer
+ * Recursive, zero-dependency input sanitization utility.
+ *
+ * This is intentionally conservative:
+ * - Strings: strip tags, then escape HTML entities.
+ * - Arrays/Objects: sanitize recursively.
+ */
+export interface IXss {
+    sanitize(input: unknown): unknown;
+}
+export declare const Xss: IXss;
+export default Xss;
+//# sourceMappingURL=Xss.d.ts.map

package/src/security/Xss.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"Xss.d.ts","sourceRoot":"","sources":["../../../src/security/Xss.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAwDH,MAAM,WAAW,IAAI;IACnB,QAAQ,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAAC;CACnC;AAED,eAAO,MAAM,GAAG,EAAE,IAIhB,CAAC;AAEH,eAAe,GAAG,CAAC"}

package/src/security/Xss.js ADDED Viewed

@@ -0,0 +1,57 @@
+/**
+ * XSS Sanitizer
+ * Recursive, zero-dependency input sanitization utility.
+ *
+ * This is intentionally conservative:
+ * - Strings: strip tags, then escape HTML entities.
+ * - Arrays/Objects: sanitize recursively.
+ */
+import { XssProtection } from './XssProtection';
+const stripTags = (value) => {
+    // Remove all HTML tags in linear time (no regex backtracking / ReDoS risk).
+    let out = '';
+    let inTag = false;
+    for (const element of value) {
+        const ch = element;
+        if (ch === '<') {
+            inTag = true;
+            continue;
+        }
+        if (inTag) {
+            if (ch === '>')
+                inTag = false;
+            continue;
+        }
+        out += ch;
+    }
+    return out;
+};
+const sanitizeRecursive = (input, seen) => {
+    if (typeof input === 'string') {
+        return XssProtection.escape(stripTags(input));
+    }
+    if (Array.isArray(input)) {
+        if (seen.has(input))
+            return input;
+        seen.add(input);
+        return input.map((item) => sanitizeRecursive(item, seen));
+    }
+    if (typeof input === 'object' && input !== null) {
+        const obj = input;
+        if (seen.has(obj))
+            return input;
+        seen.add(obj);
+        const out = {};
+        for (const [key, value] of Object.entries(obj)) {
+            out[key] = sanitizeRecursive(value, seen);
+        }
+        return out;
+    }
+    return input;
+};
+export const Xss = Object.freeze({
+    sanitize(input) {
+        return sanitizeRecursive(input, new WeakSet());
+    },
+});
+export default Xss;

package/src/security/XssProtection.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"XssProtection.d.ts","sourceRoot":"","sources":["../../../src/security/XssProtection.ts"],"names":[],"mappings":"AAAA;;;;GAIG;~~AAyIH~~;;GAEG;AACH,eAAO,MAAM,UAAU,GAAI,KAAK,OAAO,KAAG,MAGzC,CAAC;AAEF,MAAM,WAAW,cAAc;IAC7B,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAAC;IAC/B,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC;IAC/B,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAAC;IACjC,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;IAChC,UAAU,CAAC,GAAG,EAAE,OAAO,GAAG,MAAM,CAAC;CAClC;AAED;;;;GAIG;AACH,eAAO,MAAM,aAAa,EAAE,cAO1B,CAAC"}
1	+ {"version":3,"file":"XssProtection.d.ts","sourceRoot":"","sources":["../../../src/security/XssProtection.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAoSH;;GAEG;AACH,eAAO,MAAM,UAAU,GAAI,KAAK,OAAO,KAAG,MAGzC,CAAC;AAEF,MAAM,WAAW,cAAc;IAC7B,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAAC;IAC/B,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC;IAC/B,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAAC;IACjC,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;IAChC,UAAU,CAAC,GAAG,EAAE,OAAO,GAAG,MAAM,CAAC;CAClC;AAED;;;;GAIG;AACH,eAAO,MAAM,aAAa,EAAE,cAO1B,CAAC"}