npm - @zintrust/core - Versions diffs - 0.1.18 → 0.1.20 - Mend

@zintrust/core 0.1.18 → 0.1.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (558) hide show

package/README.md +16 -10
package/bin/zintrust-main.d.ts.map +1 -1
package/bin/zintrust-main.js +9 -0
package/package.json +11 -2
package/public/error-pages/404.html +145 -0
package/public/error-pages/500.html +266 -0
package/public/error-pages/error.css +628 -0
package/public/error-pages/error.js +428 -0
package/public/index.html +1 -1
package/public/zintrust.svg +30 -0
package/routes/api.d.ts +7 -0
package/routes/api.d.ts.map +1 -0
package/routes/api.js +115 -0
package/routes/broadcast.d.ts +9 -0
package/routes/broadcast.d.ts.map +1 -0
package/routes/broadcast.js +27 -0
package/routes/health.d.ts +7 -0
package/routes/health.d.ts.map +1 -0
package/routes/health.js +127 -0
package/routes/metrics.d.ts +9 -0
package/routes/metrics.d.ts.map +1 -0
package/routes/metrics.js +20 -0
package/routes/openapi.d.ts +9 -0
package/routes/openapi.d.ts.map +1 -0
package/routes/openapi.js +76 -0
package/routes/storage.d.ts +4 -0
package/routes/storage.d.ts.map +1 -0
package/routes/storage.js +35 -0
package/src/boot/Application.d.ts +2 -2
package/src/boot/Application.d.ts.map +1 -1
package/src/boot/Application.js +18 -3
package/src/boot/Server.d.ts +3 -2
package/src/boot/Server.d.ts.map +1 -1
package/src/boot/Server.js +39 -165
package/src/boot/bootstrap.js +1 -1
package/src/cache/Cache.d.ts +1 -1
package/src/cache/Cache.d.ts.map +1 -1
package/src/cache/CacheDriver.d.ts +4 -0
package/src/cache/CacheDriver.d.ts.map +1 -1
package/src/cache/drivers/KVDriver.d.ts +1 -1
package/src/cache/drivers/KVDriver.d.ts.map +1 -1
package/src/cache/drivers/MemoryDriver.d.ts +1 -1
package/src/cache/drivers/MemoryDriver.d.ts.map +1 -1
package/src/cache/drivers/MemoryDriver.js +16 -0
package/src/cache/drivers/MongoDriver.d.ts +1 -1
package/src/cache/drivers/MongoDriver.d.ts.map +1 -1
package/src/cache/drivers/RedisDriver.d.ts +1 -1
package/src/cache/drivers/RedisDriver.d.ts.map +1 -1
package/src/cli/CLI.d.ts.map +1 -1
package/src/cli/CLI.js +12 -4
package/src/cli/PromptHelper.d.ts.map +1 -1
package/src/cli/PromptHelper.js +4 -3
package/src/cli/commands/AddCommand.d.ts +2 -2
package/src/cli/commands/AddCommand.d.ts.map +1 -1
package/src/cli/commands/AddCommand.js +135 -58
package/src/cli/commands/ConfigCommand.d.ts +1 -1
package/src/cli/commands/ConfigCommand.d.ts.map +1 -1
package/src/cli/commands/CreateCommand.d.ts +15 -0
package/src/cli/commands/CreateCommand.d.ts.map +1 -0
package/src/cli/commands/CreateCommand.js +143 -0
package/src/cli/commands/D1MigrateCommand.d.ts +1 -1
package/src/cli/commands/D1MigrateCommand.d.ts.map +1 -1
package/src/cli/commands/D1MigrateCommand.js +16 -20
package/src/cli/commands/DbSeedCommand.d.ts +9 -0
package/src/cli/commands/DbSeedCommand.d.ts.map +1 -0
package/src/cli/commands/DbSeedCommand.js +171 -0
package/src/cli/commands/DebugCommand.d.ts +1 -1
package/src/cli/commands/DebugCommand.d.ts.map +1 -1
package/src/cli/commands/FixCommand.d.ts +1 -1
package/src/cli/commands/FixCommand.d.ts.map +1 -1
package/src/cli/commands/JwtDevCommand.d.ts +8 -0
package/src/cli/commands/JwtDevCommand.d.ts.map +1 -0
package/src/cli/commands/JwtDevCommand.js +114 -0
package/src/cli/commands/KeyGenerateCommand.d.ts +1 -1
package/src/cli/commands/KeyGenerateCommand.d.ts.map +1 -1
package/src/cli/commands/LogsCommand.d.ts +2 -2
package/src/cli/commands/LogsCommand.d.ts.map +1 -1
package/src/cli/commands/LogsCommand.js +36 -2
package/src/cli/commands/MakeMailTemplateCommand.d.ts +1 -1
package/src/cli/commands/MakeMailTemplateCommand.d.ts.map +1 -1
package/src/cli/commands/MakeNotificationTemplateCommand.d.ts +1 -1
package/src/cli/commands/MakeNotificationTemplateCommand.d.ts.map +1 -1
package/src/cli/commands/MigrateCommand.d.ts +1 -1
package/src/cli/commands/MigrateCommand.d.ts.map +1 -1
package/src/cli/commands/MigrateCommand.js +291 -35
package/src/cli/commands/NewCommand.d.ts +2 -2
package/src/cli/commands/NewCommand.d.ts.map +1 -1
package/src/cli/commands/NewCommand.js +38 -13
package/src/cli/commands/PluginCommand.d.ts +1 -1
package/src/cli/commands/PluginCommand.d.ts.map +1 -1
package/src/cli/commands/PrepareCommand.d.ts +1 -1
package/src/cli/commands/PrepareCommand.d.ts.map +1 -1
package/src/cli/commands/QACommand.d.ts +2 -2
package/src/cli/commands/QACommand.d.ts.map +1 -1
package/src/cli/commands/RoutesCommand.d.ts +10 -0
package/src/cli/commands/RoutesCommand.d.ts.map +1 -0
package/src/cli/commands/RoutesCommand.js +242 -0
package/src/cli/commands/SimulateCommand.d.ts +1 -1
package/src/cli/commands/SimulateCommand.d.ts.map +1 -1
package/src/cli/commands/SimulateCommand.js +1 -1
package/src/cli/commands/StartCommand.d.ts.map +1 -1
package/src/cli/commands/StartCommand.js +90 -3
package/src/cli/commands/UpgradeCommand.d.ts +16 -0
package/src/cli/commands/UpgradeCommand.d.ts.map +1 -0
package/src/cli/commands/UpgradeCommand.js +107 -0
package/src/cli/commands/index.d.ts +3 -0
package/src/cli/commands/index.d.ts.map +1 -1
package/src/cli/commands/index.js +3 -0
package/src/cli/commands/runner/index.d.ts +3 -0
package/src/cli/commands/runner/index.d.ts.map +1 -0
package/src/cli/commands/runner/index.js +139 -0
package/src/cli/config/ConfigManager.d.ts +1 -1
package/src/cli/config/ConfigManager.d.ts.map +1 -1
package/src/cli/config/ConfigValidator.d.ts +1 -1
package/src/cli/config/ConfigValidator.d.ts.map +1 -1
package/src/cli/config/ConfigValidator.js +1 -1
package/src/cli/d1/D1SqlMigrations.d.ts +20 -0
package/src/cli/d1/D1SqlMigrations.d.ts.map +1 -0
package/src/cli/d1/D1SqlMigrations.js +224 -0
package/src/cli/d1/WranglerConfig.d.ts +4 -0
package/src/cli/d1/WranglerConfig.d.ts.map +1 -0
package/src/cli/d1/WranglerConfig.js +122 -0
package/src/cli/d1/WranglerD1.d.ts +11 -0
package/src/cli/d1/WranglerD1.d.ts.map +1 -0
package/src/cli/d1/WranglerD1.js +16 -0
package/src/cli/env/EnvFileBackfill.d.ts +10 -0
package/src/cli/env/EnvFileBackfill.d.ts.map +1 -0
package/src/cli/env/EnvFileBackfill.js +64 -0
package/src/cli/scaffolding/ControllerGenerator.d.ts.map +1 -1
package/src/cli/scaffolding/ControllerGenerator.js +72 -22
package/src/cli/scaffolding/FactoryGenerator.d.ts.map +1 -1
package/src/cli/scaffolding/FactoryGenerator.js +3 -1
package/src/cli/scaffolding/GovernanceScaffolder.d.ts +23 -0
package/src/cli/scaffolding/GovernanceScaffolder.d.ts.map +1 -0
package/src/cli/scaffolding/GovernanceScaffolder.js +327 -0
package/src/cli/scaffolding/MigrationGenerator.d.ts +10 -0
package/src/cli/scaffolding/MigrationGenerator.d.ts.map +1 -1
package/src/cli/scaffolding/MigrationGenerator.js +137 -51
package/src/cli/scaffolding/ProjectScaffolder.d.ts.map +1 -1
package/src/cli/scaffolding/ProjectScaffolder.js +54 -59
package/src/cli/scaffolding/RouteGenerator.d.ts.map +1 -1
package/src/cli/scaffolding/RouteGenerator.js +79 -43
package/src/cli/scaffolding/SeederGenerator.d.ts +5 -0
package/src/cli/scaffolding/SeederGenerator.d.ts.map +1 -1
package/src/cli/scaffolding/SeederGenerator.js +63 -15
package/src/cli/scaffolding/ServiceScaffolder.d.ts.map +1 -1
package/src/cli/scaffolding/ServiceScaffolder.js +24 -3
package/src/cli/scaffolding/index.d.ts +2 -0
package/src/cli/scaffolding/index.d.ts.map +1 -1
package/src/cli/scaffolding/index.js +1 -0
package/src/cli/utils/DistPackager.d.ts.map +1 -1
package/src/cli/utils/DistPackager.js +8 -0
package/src/common/index.d.ts +8 -0
package/src/common/index.d.ts.map +1 -1
package/src/common/index.js +28 -0
package/src/common/utility.d.ts +38 -0
package/src/common/utility.d.ts.map +1 -0
package/src/common/utility.js +101 -0
package/src/config/FileLogWriter.d.ts +2 -1
package/src/config/FileLogWriter.d.ts.map +1 -1
package/src/config/FileLogWriter.js +83 -2
package/src/config/app.d.ts.map +1 -1
package/src/config/app.js +3 -1
package/src/config/broadcast.d.ts +1 -1
package/src/config/broadcast.d.ts.map +1 -1
package/src/config/broadcast.js +1 -1
package/src/config/cache.d.ts +1 -1
package/src/config/cache.d.ts.map +1 -1
package/src/config/cloudflare.d.ts +1 -1
package/src/config/cloudflare.d.ts.map +1 -1
package/src/config/database.d.ts +7 -1
package/src/config/database.d.ts.map +1 -1
package/src/config/database.js +99 -7
package/src/config/env.d.ts +6 -0
package/src/config/env.d.ts.map +1 -1
package/src/config/env.js +7 -0
package/src/config/index.d.ts +8 -2
package/src/config/index.d.ts.map +1 -1
package/src/config/logging/KvLogger.js +1 -1
package/src/config/logging/SlackLogger.js +2 -2
package/src/config/middleware.d.ts +22 -2
package/src/config/middleware.d.ts.map +1 -1
package/src/config/middleware.js +179 -11
package/src/config/notification.js +1 -1
package/src/config/security.d.ts +1 -1
package/src/config/security.js +1 -1
package/src/config/storage.js +1 -1
package/src/config/type.d.ts +8 -2
package/src/config/type.d.ts.map +1 -1
package/src/events/EventDispatcher.d.ts.map +1 -1
package/src/events/EventDispatcher.js +6 -4
package/src/exceptions/ZintrustError.d.ts +7 -0
package/src/exceptions/ZintrustError.d.ts.map +1 -1
package/src/exceptions/ZintrustError.js +56 -0
package/src/features/Auth.d.ts +1 -1
package/src/features/Auth.d.ts.map +1 -1
package/src/features/Auth.js +3 -3
package/src/features/Queue.js +1 -1
package/src/functions/cloudflare.d.ts.map +1 -1
package/src/functions/cloudflare.js +3 -14
package/src/functions/deno.d.ts.map +1 -1
package/src/functions/deno.js +3 -14
package/src/functions/lambda.d.ts.map +1 -1
package/src/functions/lambda.js +3 -14
package/src/health/StartupHealthChecks.js +1 -1
package/src/http/Controller.d.ts +2 -2
package/src/http/Controller.d.ts.map +1 -1
package/src/http/FileUpload.d.ts +68 -0
package/src/http/FileUpload.d.ts.map +1 -0
package/src/http/FileUpload.js +120 -0
package/src/http/Kernel.d.ts +5 -5
package/src/http/Kernel.d.ts.map +1 -1
package/src/http/Kernel.js +139 -23
package/src/http/Request.d.ts +20 -1
package/src/http/Request.d.ts.map +1 -1
package/src/http/Request.js +23 -0
package/src/http/RequestContext.d.ts +6 -0
package/src/http/RequestContext.d.ts.map +1 -1
package/src/http/RequestContext.js +77 -1
package/src/http/Response.d.ts +1 -1
package/src/http/Response.d.ts.map +1 -1
package/src/http/ValidationHelper.d.ts +78 -0
package/src/http/ValidationHelper.d.ts.map +1 -0
package/src/http/ValidationHelper.js +121 -0
package/src/http/error-pages/ErrorPageRenderer.d.ts +17 -0
package/src/http/error-pages/ErrorPageRenderer.d.ts.map +1 -0
package/src/http/error-pages/ErrorPageRenderer.js +88 -0
package/src/http/middleware/BodyParsingMiddleware.d.ts +12 -0
package/src/http/middleware/BodyParsingMiddleware.d.ts.map +1 -0
package/src/http/middleware/BodyParsingMiddleware.js +251 -0
package/src/http/middleware/FileUploadMiddleware.d.ts +12 -0
package/src/http/middleware/FileUploadMiddleware.d.ts.map +1 -0
package/src/http/middleware/FileUploadMiddleware.js +74 -0
package/src/http/parsers/BodyParsers.d.ts +32 -0
package/src/http/parsers/BodyParsers.d.ts.map +1 -0
package/src/http/parsers/BodyParsers.js +159 -0
package/src/http/parsers/MultipartParser.d.ts +33 -0
package/src/http/parsers/MultipartParser.d.ts.map +1 -0
package/src/http/parsers/MultipartParser.js +129 -0
package/src/http/parsers/MultipartParserRegistry.d.ts +34 -0
package/src/http/parsers/MultipartParserRegistry.d.ts.map +1 -0
package/src/http/parsers/MultipartParserRegistry.js +20 -0
package/src/http/validated.d.ts +12 -0
package/src/http/validated.d.ts.map +1 -0
package/src/http/validated.js +41 -0
package/src/index.d.ts +65 -7
package/src/index.d.ts.map +1 -1
package/src/index.js +59 -5
package/src/microservices/RequestTracingMiddleware.d.ts +2 -2
package/src/microservices/RequestTracingMiddleware.d.ts.map +1 -1
package/src/microservices/RequestTracingMiddleware.js +3 -0
package/src/microservices/ServiceAuthMiddleware.d.ts +2 -2
package/src/microservices/ServiceAuthMiddleware.d.ts.map +1 -1
package/src/middleware/AuthMiddleware.d.ts +10 -0
package/src/middleware/AuthMiddleware.d.ts.map +1 -0
package/src/middleware/AuthMiddleware.js +16 -0
package/src/middleware/CsrfMiddleware.d.ts +11 -1
package/src/middleware/CsrfMiddleware.d.ts.map +1 -1
package/src/middleware/CsrfMiddleware.js +33 -0
package/src/middleware/JwtAuthMiddleware.d.ts +11 -0
package/src/middleware/JwtAuthMiddleware.d.ts.map +1 -0
package/src/middleware/JwtAuthMiddleware.js +73 -0
package/src/middleware/LoggingMiddleware.d.ts.map +1 -1
package/src/middleware/LoggingMiddleware.js +8 -3
package/src/middleware/MiddlewareStack.d.ts +2 -2
package/src/middleware/MiddlewareStack.d.ts.map +1 -1
package/src/middleware/RateLimiter.d.ts +2 -2
package/src/middleware/RateLimiter.d.ts.map +1 -1
package/src/middleware/RateLimiter.js +26 -1
package/src/middleware/SanitizeBodyMiddleware.d.ts +12 -0
package/src/middleware/SanitizeBodyMiddleware.d.ts.map +1 -0
package/src/middleware/SanitizeBodyMiddleware.js +31 -0
package/src/middleware/SecurityMiddleware.d.ts +1 -1
package/src/middleware/SecurityMiddleware.d.ts.map +1 -1
package/src/middleware/SessionMiddleware.d.ts +1 -1
package/src/middleware/SessionMiddleware.d.ts.map +1 -1
package/src/middleware/ValidationMiddleware.d.ts +25 -0
package/src/middleware/ValidationMiddleware.d.ts.map +1 -0
package/src/middleware/ValidationMiddleware.js +251 -0
package/src/migrations/MigrationDiscovery.d.ts +5 -0
package/src/migrations/MigrationDiscovery.d.ts.map +1 -0
package/src/migrations/MigrationDiscovery.js +16 -0
package/src/migrations/MigrationLoader.d.ts +5 -0
package/src/migrations/MigrationLoader.d.ts.map +1 -0
package/src/migrations/MigrationLoader.js +43 -0
package/src/migrations/MigrationLock.d.ts +4 -0
package/src/migrations/MigrationLock.d.ts.map +1 -0
package/src/migrations/MigrationLock.js +33 -0
package/src/migrations/Migrator.d.ts +23 -0
package/src/migrations/Migrator.d.ts.map +1 -0
package/src/migrations/Migrator.js +4 -0
package/src/migrations/MigratorFactory.d.ts +25 -0
package/src/migrations/MigratorFactory.d.ts.map +1 -0
package/src/migrations/MigratorFactory.js +323 -0
package/src/migrations/schema/Blueprint.d.ts +5 -0
package/src/migrations/schema/Blueprint.d.ts.map +1 -0
package/src/migrations/schema/Blueprint.js +189 -0
package/src/migrations/schema/Schema.d.ts +8 -0
package/src/migrations/schema/Schema.d.ts.map +1 -0
package/src/migrations/schema/Schema.js +141 -0
package/src/migrations/schema/SchemaCompiler.d.ts +20 -0
package/src/migrations/schema/SchemaCompiler.d.ts.map +1 -0
package/src/migrations/schema/SchemaCompiler.js +262 -0
package/src/migrations/schema/index.d.ts +5 -0
package/src/migrations/schema/index.d.ts.map +1 -0
package/src/migrations/schema/index.js +3 -0
package/src/migrations/schema/types.d.ts +86 -0
package/src/migrations/schema/types.d.ts.map +1 -0
package/src/migrations/schema/types.js +1 -0
package/src/migrations/types.d.ts +45 -0
package/src/migrations/types.d.ts.map +1 -0
package/src/migrations/types.js +1 -0
package/src/node-singletons/crypto.d.ts +1 -1
package/src/node-singletons/crypto.d.ts.map +1 -1
package/src/node-singletons/crypto.js +1 -1
package/src/node-singletons/fs.d.ts +2 -2
package/src/node-singletons/fs.d.ts.map +1 -1
package/src/node-singletons/fs.js +1 -1
package/src/node-singletons/util.d.ts +6 -0
package/src/node-singletons/util.d.ts.map +1 -0
package/src/node-singletons/util.js +5 -0
package/src/node.d.ts +2 -0
package/src/node.d.ts.map +1 -1
package/src/node.js +7 -0
package/src/observability/OpenTelemetry.d.ts +62 -0
package/src/observability/OpenTelemetry.d.ts.map +1 -0
package/src/observability/OpenTelemetry.js +167 -0
package/src/observability/PrometheusMetrics.d.ts +25 -0
package/src/observability/PrometheusMetrics.d.ts.map +1 -0
package/src/observability/PrometheusMetrics.js +114 -0
package/src/openapi/OpenApiGenerator.d.ts +68 -0
package/src/openapi/OpenApiGenerator.d.ts.map +1 -0
package/src/openapi/OpenApiGenerator.js +287 -0
package/src/orm/Database.d.ts +4 -2
package/src/orm/Database.d.ts.map +1 -1
package/src/orm/Database.js +142 -29
package/src/orm/DatabaseAdapter.d.ts +13 -0
package/src/orm/DatabaseAdapter.d.ts.map +1 -1
package/src/orm/DatabaseAdapterRegistry.d.ts.map +1 -1
package/src/orm/DatabaseAdapterRegistry.js +3 -1
package/src/orm/DatabaseRuntimeRegistration.d.ts.map +1 -1
package/src/orm/DatabaseRuntimeRegistration.js +4 -0
package/src/orm/Model.d.ts +30 -2
package/src/orm/Model.d.ts.map +1 -1
package/src/orm/Model.js +255 -62
package/src/orm/QueryBuilder.d.ts +22 -1
package/src/orm/QueryBuilder.d.ts.map +1 -1
package/src/orm/QueryBuilder.js +405 -95
package/src/orm/Relationships.d.ts +7 -1
package/src/orm/Relationships.d.ts.map +1 -1
package/src/orm/Relationships.js +18 -0
package/src/orm/SchemaCompiler.d.ts +9 -0
package/src/orm/SchemaCompiler.d.ts.map +1 -0
package/src/orm/SchemaCompiler.js +145 -0
package/src/orm/adapters/D1Adapter.d.ts +1 -1
package/src/orm/adapters/D1Adapter.d.ts.map +1 -1
package/src/orm/adapters/MySQLAdapter.d.ts +1 -1
package/src/orm/adapters/MySQLAdapter.d.ts.map +1 -1
package/src/orm/adapters/MySQLAdapter.js +88 -69
package/src/orm/adapters/PostgreSQLAdapter.d.ts +1 -1
package/src/orm/adapters/PostgreSQLAdapter.d.ts.map +1 -1
package/src/orm/adapters/PostgreSQLAdapter.js +88 -69
package/src/orm/adapters/SQLServerAdapter.d.ts +1 -1
package/src/orm/adapters/SQLServerAdapter.d.ts.map +1 -1
package/src/orm/adapters/SQLiteAdapter.d.ts +1 -1
package/src/orm/adapters/SQLiteAdapter.d.ts.map +1 -1
package/src/orm/adapters/SQLiteAdapter.js +63 -3
package/src/orm/maintenance/SqliteMaintenance.d.ts +5 -0
package/src/orm/maintenance/SqliteMaintenance.d.ts.map +1 -0
package/src/orm/maintenance/SqliteMaintenance.js +14 -0
package/src/orm/migrations/MigrationStore.d.ts +38 -0
package/src/orm/migrations/MigrationStore.d.ts.map +1 -0
package/src/orm/migrations/MigrationStore.js +157 -0
package/src/performance/CodeGenerationBenchmark.d.ts.map +1 -1
package/src/performance/Optimizer.d.ts +1 -0
package/src/performance/Optimizer.d.ts.map +1 -1
package/src/performance/Optimizer.js +37 -3
package/src/profiling/MemoryProfiler.d.ts +1 -1
package/src/profiling/MemoryProfiler.d.ts.map +1 -1
package/src/profiling/N1Detector.d.ts +1 -1
package/src/profiling/N1Detector.d.ts.map +1 -1
package/src/profiling/QueryLogger.d.ts +1 -1
package/src/profiling/QueryLogger.d.ts.map +1 -1
package/src/profiling/RequestProfiler.d.ts +3 -3
package/src/profiling/RequestProfiler.d.ts.map +1 -1
package/src/routes/api.d.ts +2 -0
package/src/routes/api.d.ts.map +1 -0
package/src/routes/api.js +1 -0
package/src/routes/broadcast.d.ts +2 -0
package/src/routes/broadcast.d.ts.map +1 -0
package/src/routes/broadcast.js +1 -0
package/src/routes/health.d.ts +2 -0
package/src/routes/health.d.ts.map +1 -0
package/src/routes/health.js +1 -0
package/src/routes/metrics.d.ts +2 -0
package/src/routes/metrics.d.ts.map +1 -0
package/src/routes/metrics.js +1 -0
package/src/routes/storage.d.ts +2 -0
package/src/routes/storage.d.ts.map +1 -0
package/src/routes/storage.js +1 -0
package/src/routing/CoreRoutes.d.ts +12 -0
package/src/routing/CoreRoutes.d.ts.map +1 -0
package/src/routing/CoreRoutes.js +151 -0
package/src/routing/RouteRegistry.d.ts +39 -0
package/src/routing/RouteRegistry.d.ts.map +1 -0
package/src/routing/RouteRegistry.js +44 -0
package/src/routing/Router.d.ts +26 -9
package/src/routing/Router.d.ts.map +1 -1
package/src/routing/Router.js +79 -35
package/src/routing/common.d.ts +15 -0
package/src/routing/common.d.ts.map +1 -0
package/src/routing/common.js +47 -0
package/src/routing/doc.d.ts +28 -0
package/src/routing/doc.d.ts.map +1 -0
package/src/routing/doc.js +95 -0
package/src/routing/error.d.ts +21 -0
package/src/routing/error.d.ts.map +1 -0
package/src/routing/error.js +126 -0
package/src/routing/errorPages.d.ts +14 -0
package/src/routing/errorPages.d.ts.map +1 -0
package/src/routing/errorPages.js +103 -0
package/src/routing/publicRoot.d.ts +18 -0
package/src/routing/publicRoot.d.ts.map +1 -0
package/src/routing/publicRoot.js +49 -0
package/src/runtime/PluginAutoImports.d.ts +21 -0
package/src/runtime/PluginAutoImports.d.ts.map +1 -0
package/src/runtime/PluginAutoImports.js +59 -0
package/src/runtime/PluginManager.d.ts +1 -5
package/src/runtime/PluginManager.d.ts.map +1 -1
package/src/runtime/PluginManager.js +25 -18
package/src/runtime/RuntimeAdapter.d.ts.map +1 -1
package/src/runtime/RuntimeAdapter.js +20 -1
package/src/runtime/RuntimeDetector.d.ts +1 -1
package/src/runtime/RuntimeDetector.d.ts.map +1 -1
package/src/runtime/adapters/CloudflareAdapter.d.ts +1 -1
package/src/runtime/adapters/CloudflareAdapter.d.ts.map +1 -1
package/src/runtime/adapters/CloudflareAdapter.js +1 -1
package/src/runtime/adapters/DenoAdapter.d.ts +1 -1
package/src/runtime/adapters/DenoAdapter.d.ts.map +1 -1
package/src/runtime/adapters/DenoAdapter.js +3 -3
package/src/runtime/adapters/LambdaAdapter.d.ts +1 -1
package/src/runtime/adapters/LambdaAdapter.d.ts.map +1 -1
package/src/runtime/adapters/LambdaAdapter.js +1 -1
package/src/runtime/adapters/NodeServerAdapter.d.ts +1 -1
package/src/runtime/adapters/NodeServerAdapter.d.ts.map +1 -1
package/src/runtime/getKernel.d.ts +9 -0
package/src/runtime/getKernel.d.ts.map +1 -0
package/src/runtime/getKernel.js +27 -0
package/src/scripts/TemplateImportsCheck.js +47 -7
package/src/scripts/TemplateSync.js +92 -20
package/src/security/Encryptor.d.ts.map +1 -1
package/src/security/Encryptor.js +64 -7
package/src/security/JwtManager.d.ts +1 -0
package/src/security/JwtManager.d.ts.map +1 -1
package/src/security/JwtManager.js +33 -0
package/src/security/Sanitizer.d.ts +76 -0
package/src/security/Sanitizer.d.ts.map +1 -0
package/src/security/Sanitizer.js +412 -0
package/src/security/TokenRevocation.d.ts +7 -0
package/src/security/TokenRevocation.d.ts.map +1 -0
package/src/security/TokenRevocation.js +57 -0
package/src/seeders/SeederDiscovery.d.ts +5 -0
package/src/seeders/SeederDiscovery.d.ts.map +1 -0
package/src/seeders/SeederDiscovery.js +21 -0
package/src/seeders/SeederLoader.d.ts +5 -0
package/src/seeders/SeederLoader.d.ts.map +1 -0
package/src/seeders/SeederLoader.js +60 -0
package/src/seeders/types.d.ts +18 -0
package/src/seeders/types.d.ts.map +1 -0
package/src/seeders/types.js +1 -0
package/src/session/SessionManager.js +1 -1
package/src/start.d.ts +21 -0
package/src/start.d.ts.map +1 -0
package/src/start.js +60 -0
package/src/templates/adapters/MySQLAdapter.ts.tpl +109 -85
package/src/templates/adapters/PostgreSQLAdapter.ts.tpl +129 -88
package/src/templates/adapters/SQLServerAdapter.ts.tpl +5 -9
package/src/templates/adapters/SQLiteAdapter.ts.tpl +78 -11
package/src/templates/features/Queue.ts.tpl +2 -2
package/src/templates/project/basic/app/Controllers/AuthController.ts.tpl +217 -0
package/src/templates/project/basic/app/Controllers/UserController.ts.tpl +3 -16
package/src/templates/project/basic/app/Middleware/ProfilerMiddleware.ts.tpl +1 -3
package/src/templates/project/basic/app/Middleware/index.ts.tpl +3 -8
package/src/templates/project/basic/app/Models/Post.ts.tpl +2 -3
package/src/templates/project/basic/app/Models/User.ts.tpl +1 -1
package/src/templates/project/basic/app/Types/controller.ts.tpl +46 -0
package/src/templates/project/basic/config/FileLogWriter.ts.tpl +5 -236
package/src/templates/project/basic/config/SecretsManager.ts.tpl +13 -450
package/src/templates/project/basic/config/StartupConfigValidator.ts.tpl +9 -268
package/src/templates/project/basic/config/app.ts.tpl +13 -153
package/src/templates/project/basic/config/broadcast.ts.tpl +15 -129
package/src/templates/project/basic/config/cache.ts.tpl +15 -92
package/src/templates/project/basic/config/cloudflare.ts.tpl +4 -39
package/src/templates/project/basic/config/constants.ts.tpl +9 -65
package/src/templates/project/basic/config/database.ts.tpl +29 -116
package/src/templates/project/basic/config/env.ts.tpl +5 -169
package/src/templates/project/basic/config/features.ts.tpl +6 -54
package/src/templates/project/basic/config/index.ts.tpl +27 -24
package/src/templates/project/basic/config/logger.ts.tpl +5 -381
package/src/templates/project/basic/config/logging/HttpLogger.ts.tpl +1 -1
package/src/templates/project/basic/config/logging/KvLogger.ts.tpl +2 -2
package/src/templates/project/basic/config/logging/SlackLogger.ts.tpl +1 -1
package/src/templates/project/basic/config/mail.ts.tpl +15 -115
package/src/templates/project/basic/config/microservices.ts.tpl +11 -97
package/src/templates/project/basic/config/middleware.ts.tpl +27 -18
package/src/templates/project/basic/config/notification.ts.tpl +14 -127
package/src/templates/project/basic/config/queue.ts.tpl +16 -79
package/src/templates/project/basic/config/security.ts.tpl +11 -163
package/src/templates/project/basic/config/startup.ts.tpl +10 -21
package/src/templates/project/basic/config/storage.ts.tpl +15 -133
package/src/templates/project/basic/config/type.ts.tpl +33 -441
package/src/templates/project/basic/database/factories/UserFactory.ts.tpl +80 -0
package/src/templates/project/basic/database/migrations/create_tasks_table.ts.tpl +28 -0
package/src/templates/project/basic/database/migrations/create_users_table.ts.tpl +29 -0
package/src/templates/project/basic/database/seeders/DatabaseSeeder.ts.tpl +19 -0
package/src/templates/project/basic/database/seeders/UserSeeder.ts.tpl +18 -0
package/src/templates/project/basic/database/seeders/index.ts.tpl +2 -0
package/src/templates/project/basic/package.json.tpl +1 -1
package/src/templates/project/basic/routes/api.ts.tpl +74 -36
package/src/templates/project/basic/routes/health.ts.tpl +1 -6
package/src/templates/project/basic/routes/metrics.ts.tpl +22 -0
package/src/templates/project/basic/src/index.ts.tpl +7 -80
package/src/templates/project/basic/tsconfig.json.tpl +12 -13
package/src/testing/TestEnvironment.d.ts +40 -0
package/src/testing/TestEnvironment.d.ts.map +1 -0
package/src/testing/TestEnvironment.js +141 -0
package/src/testing/TestHttp.d.ts +29 -0
package/src/testing/TestHttp.d.ts.map +1 -0
package/src/testing/TestHttp.js +96 -0
package/src/testing/index.d.ts +5 -0
package/src/testing/index.d.ts.map +1 -0
package/src/testing/index.js +2 -0
package/src/time/DateTime.d.ts +181 -0
package/src/time/DateTime.d.ts.map +1 -0
package/src/time/DateTime.js +300 -0
package/src/time/index.d.ts +7 -0
package/src/time/index.d.ts.map +1 -0
package/src/time/index.js +5 -0
package/src/tools/http/Http.d.ts.map +1 -1
package/src/tools/http/Http.js +4 -0
package/src/tools/mail/drivers/Smtp.js +1 -1
package/src/tools/queue/drivers/InMemory.d.ts +1 -1
package/src/tools/queue/drivers/InMemory.d.ts.map +1 -1
package/src/tools/queue/drivers/InMemory.js +1 -1
package/src/tools/queue/drivers/Redis.d.ts +1 -1
package/src/tools/queue/drivers/Redis.d.ts.map +1 -1
package/src/tools/queue/drivers/Redis.js +1 -1
package/src/validation/ValidationError.d.ts.map +1 -1
package/src/validation/ValidationError.js +4 -2
package/src/validation/Validator.d.ts +49 -16
package/src/validation/Validator.d.ts.map +1 -1
package/src/validation/Validator.js +307 -5
package/src/common/uuid.d.ts +0 -3
package/src/common/uuid.d.ts.map +0 -1
package/src/common/uuid.js +0 -30
package/src/templates/project/basic/.env.example.tpl +0 -74
package/src/templates/project/basic/.env.tpl +0 -166
package/src/templates/project/basic/database/migrations/index.ts.tpl +0 -2

package/src/scripts/TemplateImportsCheck.js CHANGED Viewed

@@ -1,8 +1,8 @@
 import * as fs from 'node:fs';
 import * as path from 'node:path';
+import ts from 'typescript';
 const TEMPLATES_ROOT = path.resolve(process.cwd(), 'src/templates');
 const bannedPrefixes = [
-    '@config/',
     '@exceptions/',
     '@orm/',
     '@routing/',
@@ -19,10 +19,10 @@ const bannedPrefixes = [
     '@mail/',
     '@storage/',
     '@node-singletons/',
-    '@app/',
-    '@routes/',
     '@common/',
     '@/',
+    './',
+    '../',
 ];
 function listFilesRecursive(root) {
     const out = [];
@@ -47,12 +47,13 @@ function checkFile(filePath) {
     const offenses = [];
     const addIfBanned = (lineNo, spec, lineText) => {
         const trimmed = spec.trim();
-        if (trimmed === '@zintrust/core' || trimmed === '@zintrust/core/node')
+        if (trimmed === '@zintrust/core' ||
+            trimmed === '@zintrust/core/node' ||
+            trimmed === '@zintrust/core/start') {
             return;
+        }
         if (trimmed.startsWith('node:'))
             return;
-        if (trimmed.startsWith('./') || trimmed.startsWith('../'))
-            return;
         for (const prefix of bannedPrefixes) {
             if (trimmed.startsWith(prefix)) {
                 offenses.push({ line: lineNo, spec: trimmed, text: lineText });
@@ -79,6 +80,29 @@ function checkFile(filePath) {
     }
     return offenses;
 }
+function looksLikeTypeScriptTemplate(text) {
+    // Only attempt TS parsing when the template appears to contain TS module syntax.
+    // Many templates are not TS (markdown/env/etc.) and should not be validated this way.
+    return /\b(import|export)\b/.test(text);
+}
+function getTypeScriptSyntaxErrors(filePath) {
+    const text = fs.readFileSync(filePath, 'utf8');
+    if (!looksLikeTypeScriptTemplate(text))
+        return [];
+    const sourceFile = ts.createSourceFile(filePath, text, ts.ScriptTarget.ESNext, true, ts.ScriptKind.TS);
+    const diagnostics = sourceFile
+        .parseDiagnostics;
+    if (!diagnostics || diagnostics.length === 0)
+        return [];
+    const out = [];
+    for (const d of diagnostics) {
+        const message = ts.flattenDiagnosticMessageText(d.messageText, '\n');
+        const pos = typeof d.start === 'number' ? d.start : 0;
+        const { line } = sourceFile.getLineAndCharacterOfPosition(pos);
+        out.push({ line: line + 1, message });
+    }
+    return out;
+}
 function main() {
     if (!fs.existsSync(TEMPLATES_ROOT)) {
         process.stderr.write(`Templates root not found: ${TEMPLATES_ROOT}\n`);
@@ -86,6 +110,7 @@ function main() {
     }
     const files = listFilesRecursive(TEMPLATES_ROOT).filter(isTemplateFile);
     const allOffenses = [];
+    const allSyntaxErrors = [];
     for (const file of files) {
         const offenses = checkFile(file);
         for (const o of offenses) {
@@ -96,6 +121,21 @@ function main() {
                 text: o.text,
             });
         }
+        const syntaxErrors = getTypeScriptSyntaxErrors(file);
+        for (const e of syntaxErrors) {
+            allSyntaxErrors.push({
+                file: path.relative(process.cwd(), file),
+                line: e.line,
+                message: e.message,
+            });
+        }
+    }
+    if (allSyntaxErrors.length > 0) {
+        process.stderr.write('Template syntax check failed. TypeScript parse errors found:\n');
+        for (const e of allSyntaxErrors) {
+            process.stderr.write(`- ${e.file}:${e.line} -> ${e.message}\n`);
+        }
+        process.exit(1);
     }
     if (allOffenses.length > 0) {
         process.stderr.write('Template import check failed. Disallowed import specifiers found:\n');
@@ -103,7 +143,7 @@ function main() {
             process.stderr.write(`- ${o.file}:${o.line} -> ${o.spec}\n`);
             process.stderr.write(`  ${o.text.trim()}\n`);
         }
-        process.stderr.write("\nAllowed: '@zintrust/core', '@zintrust/core/node', 'node:*', and relative imports (./, ../).\n");
+        process.stderr.write("\nAllowed: '@zintrust/core', '@zintrust/core/node', '@zintrust/core/start', 'node:*'\n");
         process.exit(1);
     }
     process.stdout.write(`✓ Template import check passed (${files.length} templates)\n`);

package/src/scripts/TemplateSync.js CHANGED Viewed

@@ -126,11 +126,31 @@ const rewriteStarterTemplateImports = (relPath, content) => {
     // Starter templates should import framework APIs from the public package surface,
     // not from internal path-alias modules that only exist in the framework repo.
     return (content
+        // Some templates are extracted from internal sources that use repo-relative imports.
+        // Normalize those to the public package surface.
+        .replaceAll("'../../../features'", "'@zintrust/core'")
+        .replaceAll('"../../../features"', '"@zintrust/core"')
+        .replaceAll("'../../../logger'", "'@zintrust/core'")
+        .replaceAll('"../../../logger"', '"@zintrust/core"')
+        .replaceAll("'../../logger'", "'@zintrust/core'")
+        .replaceAll('"../../logger"', '"@zintrust/core"')
+        .replaceAll("'../logger'", "'@zintrust/core'")
+        .replaceAll('"../logger"', '"@zintrust/core"')
+        .replaceAll("'@common/uuid'", "'@zintrust/core'")
+        .replaceAll('"@common/uuid"', '"@zintrust/core"')
+        // Starter templates should not rely on local config/env wrappers.
+        // Normalize Env imports to come from the public package surface.
+        .replaceAll("from '../env';", "from '@zintrust/core';")
+        .replaceAll('from "../env";', 'from "@zintrust/core";')
+        .replaceAll("from './env';", "from '@zintrust/core';")
+        .replaceAll('from "./env";', 'from "@zintrust/core";')
         // Node-singletons are internal to this repo; starter templates should use Node built-ins.
         .replaceAll("'@node-singletons/fs'", "'node:fs'")
         .replaceAll('"@node-singletons/fs"', '"node:fs"')
         .replaceAll("'@node-singletons/path'", "'node:path'")
         .replaceAll('"@node-singletons/path"', '"node:path"')
+        .replaceAll("'@node-singletons/perf-hooks'", "'node:perf_hooks'")
+        .replaceAll('"@node-singletons/perf-hooks"', '"node:perf_hooks"')
         // Starter project config/* should reference sibling config modules via relative imports.
         .replaceAll(/(['"])@config\/([^'"]+)\1/g, (_m, quote, suffix) => {
         const rewritten = rewriteConfigAlias(suffix);
@@ -156,9 +176,51 @@ const rewriteStarterTemplateImports = (relPath, content) => {
         .replaceAll('"@common/index"', '"@zintrust/core"')
         .replaceAll('"@httpClient/Http"', '"@zintrust/core"'));
 };
+const rewriteRegistryTemplateImports = (relPath, content) => {
+    if (!relPath.endsWith('.ts') && !relPath.endsWith('.tsx') && !relPath.endsWith('.mts')) {
+        return content;
+    }
+    // Registry templates (adapters/features) must only import from the public package surface.
+    // Unlike starter project templates, they should NEVER rewrite `@config/*` into relative imports.
+    return (content
+        // Normalize internal aliases to public API
+        .replaceAll("'@config/logger'", "'@zintrust/core'")
+        .replaceAll('"@config/logger"', '"@zintrust/core"')
+        .replaceAll("'@config/features'", "'@zintrust/core'")
+        .replaceAll('"@config/features"', '"@zintrust/core"')
+        .replaceAll("'@exceptions/ZintrustError'", "'@zintrust/core'")
+        .replaceAll('"@exceptions/ZintrustError"', '"@zintrust/core"')
+        .replaceAll("'@orm/DatabaseAdapter'", "'@zintrust/core'")
+        .replaceAll('"@orm/DatabaseAdapter"', '"@zintrust/core"')
+        .replaceAll("'@orm/QueryBuilder'", "'@zintrust/core'")
+        .replaceAll('"@orm/QueryBuilder"', '"@zintrust/core"')
+        .replaceAll("'@orm/Database'", "'@zintrust/core'")
+        .replaceAll('"@orm/Database"', '"@zintrust/core"')
+        .replaceAll("'@common/uuid'", "'@zintrust/core'")
+        .replaceAll('"@common/uuid"', '"@zintrust/core"')
+        .replaceAll("'@common/index'", "'@zintrust/core'")
+        .replaceAll('"@common/index"', '"@zintrust/core"')
+        // Node-singletons are internal to this repo; templates should use Node built-ins.
+        .replaceAll("'@node-singletons/fs'", "'node:fs'")
+        .replaceAll('"@node-singletons/fs"', '"node:fs"')
+        .replaceAll("'@node-singletons/path'", "'node:path'")
+        .replaceAll('"@node-singletons/path"', '"node:path"')
+        .replaceAll("'@node-singletons/perf-hooks'", "'node:perf_hooks'")
+        .replaceAll('"@node-singletons/perf-hooks"', '"node:perf_hooks"')
+        // Defensive: if old templates already contain repo-relative imports, normalize them.
+        .replaceAll("'../../../features'", "'@zintrust/core'")
+        .replaceAll('"../../../features"', '"@zintrust/core"')
+        .replaceAll("'../../../logger'", "'@zintrust/core'")
+        .replaceAll('"../../../logger"', '"@zintrust/core"')
+        .replaceAll("'../../logger'", "'@zintrust/core'")
+        .replaceAll('"../../logger"', '"@zintrust/core"')
+        .replaceAll("'../logger'", "'@zintrust/core'")
+        .replaceAll('"../logger"', '"@zintrust/core"'));
+};
 const syncRegistryMappings = (params) => {
     let updated = 0;
     let skipped = 0;
+    const checksumSalt = 'registry-imports-v3';
     for (const mapping of params.mappings) {
         const basePath = path.join(ROOT_DIR, mapping.basePath);
         const templatePath = path.join(ROOT_DIR, mapping.templatePath);
@@ -167,17 +229,19 @@ const syncRegistryMappings = (params) => {
             continue;
         }
         const currentHash = hashFile(basePath);
-        const storedHash = params.checksums[mapping.basePath];
+        const checksumKey = `${mapping.basePath}|${checksumSalt}`;
+        const storedHash = params.checksums[checksumKey];
         if (currentHash === storedHash && fs.existsSync(templatePath)) {
             Logger.info(`✓ ${mapping.description} (in sync)`);
             skipped++;
             continue;
         }
         try {
-            const templateContent = extractTemplateContent(basePath);
+            const rawTemplateContent = extractTemplateContent(basePath);
+            const templateContent = rewriteRegistryTemplateImports(mapping.basePath, rawTemplateContent);
             ensureDir(path.dirname(templatePath));
             fs.writeFileSync(templatePath, templateContent, 'utf8');
-            params.checksums[mapping.basePath] = currentHash;
+            params.checksums[checksumKey] = currentHash;
             Logger.info(`✓ Updated: ${mapping.description}`);
             updated++;
         }
@@ -233,14 +297,10 @@ const syncStarterProjectTemplates = (params) => {
         templateDirRel: `${params.projectRoot}/app`,
         description: 'Starter project app/*',
     });
-    const s2 = syncProjectTemplateDir({
-        checksums: params.checksums,
-        baseDirRel: 'src/config',
-        templateDirRel: `${params.projectRoot}/config`,
-        description: 'Starter project config/* (from src/config/*)',
-        transformContent: rewriteStarterTemplateImports,
-        checksumSalt: 'starter-imports-v4',
-    });
+    // NOTE:
+    // `src/templates/project/basic/config/*` is intentionally hand-authored.
+    // It must stay declarative (core owns runtime/env logic), and should never be
+    // auto-generated from `src/config/*` (which would overwrite project-level overrides).
     const s3 = syncProjectTemplateDir({
         checksums: params.checksums,
         baseDirRel: 'src/database',
@@ -262,9 +322,9 @@ const syncStarterProjectTemplates = (params) => {
         projectRoot: params.projectRoot,
     });
     return {
-        updated: s1.updated + s2.updated + s3.updated + s4.updated + s5.updated,
-        skipped: s1.skipped + s2.skipped + s3.skipped + s4.skipped + s5.skipped,
-        total: s1.total + s2.total + s3.total + s4.total + s5.total,
+        updated: s1.updated + s3.updated + s4.updated + s5.updated,
+        skipped: s1.skipped + s3.skipped + s4.skipped + s5.skipped,
+        total: s1.total + s3.total + s4.total + s5.total,
     };
 };
 /**
@@ -297,16 +357,28 @@ function saveChecksums(checksums) {
 // eslint-disable-next-line @typescript-eslint/require-await
 async function syncTemplates() {
     Logger.info('🔄 Syncing templates...\n');
+    const args = new Set(process.argv.slice(2));
+    const shouldSyncStarterTemplates = args.has('--dangerously-sync-starter-templates');
     const checksums = loadChecksums();
     const mappings = TemplateRegistry.getMappings();
     const registry = syncRegistryMappings({ checksums, mappings });
+    let starter = {
+        updated: 0,
+        skipped: 0,
+        total: 0,
+    };
     // Sync starter project templates (basic) from base framework folders.
-    // Spec: app/* -> app/*, src/config/* -> config/*, src/database/* -> database/*, routes/* -> routes/*
-    // plus .env (generated from .env.example with sensitive values blanked).
-    Logger.info('');
-    Logger.info('🔄 Syncing starter project templates (basic)...');
-    const projectRoot = 'src/templates/project/basic';
-    const starter = syncStarterProjectTemplates({ checksums, projectRoot });
+    // This is intentionally opt-in to avoid overwriting hand-authored starter templates.
+    if (shouldSyncStarterTemplates) {
+        Logger.info('');
+        Logger.info('🔄 Syncing starter project templates (basic)...');
+        const projectRoot = 'src/templates/project/basic';
+        starter = syncStarterProjectTemplates({ checksums, projectRoot });
+    }
+    else {
+        Logger.info('');
+        Logger.info('⏭️  Skipping starter project template sync (pass --dangerously-sync-starter-templates to enable)');
+    }
     // Save updated checksums
     saveChecksums(checksums);
     // Summary

package/src/security/Encryptor.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"Encryptor.d.ts","sourceRoot":"","sources":["../../../src/security/Encryptor.ts"],"names":[],"mappings":"AAAA;;;GAGG;~~AAMH~~;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,QAAQ,GAAG,QAAQ,CAAC;~~AA2HhD~~,MAAM,WAAW,UAAU;IACzB,IAAI,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACxC,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACzD,YAAY,IAAI,aAAa,CAAC;CAC/B;AAuCD,eAAO,MAAM,SAAS,EAAE,UAItB,CAAC"}
1	+ {"version":3,"file":"Encryptor.d.ts","sourceRoot":"","sources":["../../../src/security/Encryptor.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAOH;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAsMhD,MAAM,WAAW,UAAU;IACzB,IAAI,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACxC,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACzD,YAAY,IAAI,aAAa,CAAC;CAC/B;AAuCD,eAAO,MAAM,SAAS,EAAE,UAItB,CAAC"}

package/src/security/Encryptor.js CHANGED Viewed

@@ -4,7 +4,8 @@
  */
 import { Logger } from '../config/logger.js';
 import { ErrorFactory } from '../exceptions/ZintrustError.js';
-import { pbkdf2Sync, randomBytes } from '../node-singletons/crypto.js';
+import * as crypto from '../node-singletons/crypto.js';
+import { promisify } from '../node-singletons/util.js';
 function isBcryptModule(value) {
     if (typeof value !== 'object' || value === null)
         return false;
@@ -56,19 +57,47 @@ function timingSafeEquals(a, b) {
 /**
  * Hash with PBKDF2 (default)
  */
-function hashPbkdf2(password) {
+async function hashPbkdf2(password) {
     const iterations = 600000; // OWASP recommended for SHA-256
-    const salt = randomBytes(32).toString('hex');
+    const salt = crypto.randomBytes(32).toString('hex');
     const keyLength = 64;
     const digest = 'sha256';
-    const hash = pbkdf2Sync(password, salt, iterations, keyLength, digest).toString('hex');
+    const pbkdf2Fn = (() => {
+        try {
+            const maybe = crypto.pbkdf2;
+            return typeof maybe === 'function' ? maybe : undefined;
+        }
+        catch {
+            return undefined;
+        }
+    })();
+    const pbkdf2SyncFn = (() => {
+        try {
+            const maybe = crypto.pbkdf2Sync;
+            return typeof maybe === 'function' ? maybe : undefined;
+        }
+        catch {
+            return undefined;
+        }
+    })();
+    let hashHex = '';
+    if (pbkdf2Fn) {
+        const pbkdf2Async = promisify(pbkdf2Fn);
+        hashHex = (await pbkdf2Async(password, salt, iterations, keyLength, digest)).toString('hex');
+    }
+    else if (pbkdf2SyncFn) {
+        hashHex = pbkdf2SyncFn(password, salt, iterations, keyLength, digest).toString('hex');
+    }
+    else {
+        throw ErrorFactory.createSecurityError('PBKDF2 is not available in this runtime');
+    }
     // Format: algorithm$iterations$salt$hash
-    return `pbkdf2$${iterations}$${salt}$${hash}`;
+    return `pbkdf2$${iterations}$${salt}$${hashHex}`;
 }
 /**
  * Verify PBKDF2 hash
  */
-function verifyPbkdf2(password, passwordHash) {
+async function verifyPbkdf2(password, passwordHash) {
     const parts = passwordHash.split('$');
     const iterationsStr = parts[1];
     const salt = parts[2];
@@ -80,7 +109,35 @@ function verifyPbkdf2(password, passwordHash) {
         const iterations = Number.parseInt(iterationsStr, 10);
         const keyLength = 64;
         const digest = 'sha256';
-        const computed = pbkdf2Sync(password, salt, iterations, keyLength, digest).toString('hex');
+        const pbkdf2Fn = (() => {
+            try {
+                const maybe = crypto.pbkdf2;
+                return typeof maybe === 'function' ? maybe : undefined;
+            }
+            catch {
+                return undefined;
+            }
+        })();
+        const pbkdf2SyncFn = (() => {
+            try {
+                const maybe = crypto.pbkdf2Sync;
+                return typeof maybe === 'function' ? maybe : undefined;
+            }
+            catch {
+                return undefined;
+            }
+        })();
+        let computed = '';
+        if (pbkdf2Fn) {
+            const pbkdf2Async = promisify(pbkdf2Fn);
+            computed = (await pbkdf2Async(password, salt, iterations, keyLength, digest)).toString('hex');
+        }
+        else if (pbkdf2SyncFn) {
+            computed = pbkdf2SyncFn(password, salt, iterations, keyLength, digest).toString('hex');
+        }
+        else {
+            throw ErrorFactory.createSecurityError('PBKDF2 is not available in this runtime');
+        }
         return timingSafeEquals(computed, storedHash);
     }
     catch (error) {

package/src/security/JwtManager.d.ts CHANGED Viewed

@@ -33,6 +33,7 @@ export interface IJwtManager {
 }
 export interface JwtManagerType {
     create(): IJwtManager;
+    signAccessToken: (payload: JwtPayload, expiresIn?: number) => string;
 }
 /**
  * JwtManager namespace - sealed for immutability

package/src/security/JwtManager.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"JwtManager.d.ts","sourceRoot":"","sources":["../../../src/security/JwtManager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;~~AAKH~~,MAAM,MAAM,YAAY,GAAG,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;AAEvD,MAAM,WAAW,UAAU;IACzB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,UAAU;IACzB,SAAS,CAAC,EAAE,YAAY,CAAC;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,WAAW;IAC1B,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACpC,UAAU,CAAC,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACxD,IAAI,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,UAAU,GAAG,MAAM,CAAC;IACxD,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,YAAY,GAAG,UAAU,CAAC;IAC5D,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,UAAU,CAAC;IAClC,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAAC;IACjC,aAAa,IAAI,MAAM,CAAC;CACzB;AAQD,MAAM,WAAW,cAAc;IAC7B,MAAM,IAAI,WAAW,CAAC;~~CACvB~~;~~AAsCD~~;;GAEG;AACH,eAAO,MAAM,UAAU,EAAE,~~cAEvB~~,CAAC"}
1	+ {"version":3,"file":"JwtManager.d.ts","sourceRoot":"","sources":["../../../src/security/JwtManager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAMH,MAAM,MAAM,YAAY,GAAG,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;AAEvD,MAAM,WAAW,UAAU;IACzB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,UAAU;IACzB,SAAS,CAAC,EAAE,YAAY,CAAC;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,WAAW;IAC1B,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACpC,UAAU,CAAC,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACxD,IAAI,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,UAAU,GAAG,MAAM,CAAC;IACxD,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,YAAY,GAAG,UAAU,CAAC;IAC5D,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,UAAU,CAAC;IAClC,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAAC;IACjC,aAAa,IAAI,MAAM,CAAC;CACzB;AAQD,MAAM,WAAW,cAAc;IAC7B,MAAM,IAAI,WAAW,CAAC;IACtB,eAAe,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,SAAS,CAAC,EAAE,MAAM,KAAK,MAAM,CAAC;CACtE;AA6ED;;GAEG;AACH,eAAO,MAAM,UAAU,EAAE,cAGvB,CAAC"}

package/src/security/JwtManager.js CHANGED Viewed

@@ -3,8 +3,40 @@
  * JSON Web Token generation, verification, and claims management
  * Uses native Node.js crypto module (zero external dependencies)
  */
+import { securityConfig } from '../config/index.js';
 import { ErrorFactory } from '../exceptions/ZintrustError.js';
 import { createHmac, createSign, createVerify, randomBytes } from '../node-singletons/crypto.js';
+const createJwt = () => {
+    const algorithm = securityConfig.jwt.algorithm;
+    const secret = securityConfig.jwt.secret;
+    const jwt = JwtManager.create();
+    if (algorithm === 'HS256' || algorithm === 'HS512') {
+        jwt.setHmacSecret(secret);
+    }
+    return jwt;
+};
+const signAccessToken = (payload, expiresIn) => {
+    const algorithm = securityConfig.jwt.algorithm;
+    const jwt = createJwt();
+    // JwtManager currently supports HMAC secrets directly for HS algorithms.
+    // For other algorithms, verify will still reject mismatched tokens.
+    if (algorithm !== 'HS256' && algorithm !== 'HS512') {
+        return jwt.sign(payload, {
+            algorithm,
+            issuer: securityConfig.jwt.issuer,
+            audience: securityConfig.jwt.audience,
+            jwtId: jwt.generateJwtId(),
+        });
+    }
+    return jwt.sign(payload, {
+        algorithm,
+        expiresIn: expiresIn ?? securityConfig.jwt.expiresIn,
+        issuer: securityConfig.jwt.issuer,
+        audience: securityConfig.jwt.audience,
+        subject: typeof payload.sub === 'string' ? payload.sub : undefined,
+        jwtId: jwt.generateJwtId(),
+    });
+};
 /**
  * Create a new JWT manager instance
  */
@@ -44,6 +76,7 @@ const create = () => {
  */
 export const JwtManager = Object.freeze({
     create,
+    signAccessToken,
 });
 /**
  * Sign JWT token

package/src/security/Sanitizer.d.ts ADDED Viewed

@@ -0,0 +1,76 @@
+/**
+ * Input Sanitizer (Character Whitelisting)
+ *
+ * Provides small utilities to remove unwanted characters from user input.
+ *
+ * Important:
+ * - This is NOT a complete SQL injection defense.
+ * - Always use parameterized queries / the ORM / QueryBuilder.
+ *
+ * Use this for:
+ * - Normalizing identifiers (username, slug-ish strings)
+ * - Cleaning phone numbers / numeric strings
+ * - Reducing unexpected characters before storage/logging
+ *
+ * Bulletproof Mode:
+ * - Enabled by default (`bulletproof=true`) for security-critical methods
+ * - Throws SanitizerError instead of returning empty/invalid values
+ * - Validates numeric ranges, leading zeros, type coercion attacks
+ * - ~5-15% performance overhead; disable for performance-critical paths
+ */
+export type SanitizerType = Readonly<{
+    parseAmount: (value: unknown, bulletproof?: boolean) => number;
+    alphanumeric: (value: unknown) => string;
+    alphanumericDotDash: (value: unknown) => string;
+    /** Returns `null` when value isn't numeric; returns `0` for empty / negative numbers. */
+    nonNegativeNumericStringOrNull: (value: unknown, bulletproof?: boolean) => number | null | string;
+    addressText: (value: unknown) => string;
+    emailLike: (value: unknown) => string;
+    email: (value: unknown, bulletproof?: boolean) => string;
+    messageText: (value: unknown) => string;
+    numericDotOnly: (value: unknown) => string;
+    ipAddressText: (value: unknown) => string;
+    nameText: (value: unknown, bulletproof?: boolean) => string;
+    alphaNumericColonDash: (value: unknown) => string;
+    digitsOnly: (value: unknown, bulletproof?: boolean) => string;
+    decimalString: (value: unknown, bulletproof?: boolean) => string;
+    dateSlash: (value: unknown) => string;
+    safePasswordChars: (value: unknown, bulletproof?: boolean) => string;
+    wordCharsAndSpaces: (value: unknown) => string;
+    lowercaseAlphanumeric: (value: unknown) => string;
+    uppercaseAlphanumeric: (value: unknown) => string;
+    alphanumericNoSpaces: (value: unknown) => string;
+    dateSlashNoSpaces: (value: unknown) => string;
+    uuidTokenSafe: (value: unknown) => string;
+    tokenSafe: (value: unknown) => string;
+    keyLike: (value: unknown) => string;
+}>;
+export declare const createSanitizer: () => SanitizerType;
+export declare const Sanitizer: Readonly<{
+    parseAmount: (value: unknown, bulletproof?: boolean) => number;
+    alphanumeric: (value: unknown) => string;
+    alphanumericDotDash: (value: unknown) => string;
+    /** Returns `null` when value isn't numeric; returns `0` for empty / negative numbers. */
+    nonNegativeNumericStringOrNull: (value: unknown, bulletproof?: boolean) => number | null | string;
+    addressText: (value: unknown) => string;
+    emailLike: (value: unknown) => string;
+    email: (value: unknown, bulletproof?: boolean) => string;
+    messageText: (value: unknown) => string;
+    numericDotOnly: (value: unknown) => string;
+    ipAddressText: (value: unknown) => string;
+    nameText: (value: unknown, bulletproof?: boolean) => string;
+    alphaNumericColonDash: (value: unknown) => string;
+    digitsOnly: (value: unknown, bulletproof?: boolean) => string;
+    decimalString: (value: unknown, bulletproof?: boolean) => string;
+    dateSlash: (value: unknown) => string;
+    safePasswordChars: (value: unknown, bulletproof?: boolean) => string;
+    wordCharsAndSpaces: (value: unknown) => string;
+    lowercaseAlphanumeric: (value: unknown) => string;
+    uppercaseAlphanumeric: (value: unknown) => string;
+    alphanumericNoSpaces: (value: unknown) => string;
+    dateSlashNoSpaces: (value: unknown) => string;
+    uuidTokenSafe: (value: unknown) => string;
+    tokenSafe: (value: unknown) => string;
+    keyLike: (value: unknown) => string;
+}>;
+//# sourceMappingURL=Sanitizer.d.ts.map

package/src/security/Sanitizer.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"Sanitizer.d.ts","sourceRoot":"","sources":["../../../src/security/Sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AA8CH,MAAM,MAAM,aAAa,GAAG,QAAQ,CAAC;IACnC,WAAW,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IAC/D,YAAY,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IACzC,mBAAmB,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAEhD,yFAAyF;IACzF,8BAA8B,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,GAAG,IAAI,GAAG,MAAM,CAAC;IAElG,WAAW,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IACxC,SAAS,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IACtC,KAAK,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACzD,WAAW,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAExC,cAAc,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAC3C,aAAa,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAE1C,QAAQ,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IAC5D,qBAAqB,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAElD,UAAU,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IAC9D,aAAa,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IAEjE,SAAS,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAEtC,iBAAiB,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC;IACrE,kBAAkB,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAE/C,qBAAqB,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAClD,qBAAqB,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAElD,oBAAoB,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IACjD,iBAAiB,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAE9C,aAAa,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAC1C,SAAS,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;IAEtC,OAAO,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM,CAAC;CACrC,CAAC,CAAC;AAufH,eAAO,MAAM,eAAe,QAAO,aAMlC,CAAC;AAEF,eAAO,MAAM,SAAS;iBAniBP,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM;kBAChD,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;yBACnB,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;IAE/C,yFAAyF;oCACzD,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM,GAAG,IAAI,GAAG,MAAM;iBAEpF,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;eAC5B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;WAC9B,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM;iBAC3C,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;oBAEvB,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;mBAC3B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;cAE/B,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM;2BACpC,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;gBAErC,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM;mBAC9C,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM;eAErD,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;uBAElB,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,KAAK,MAAM;wBAChD,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;2BAEvB,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;2BAC1B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;0BAE3B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;uBAC7B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;mBAE9B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;eAC9B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;aAE5B,CAAC,KAAK,EAAE,OAAO,KAAK,MAAM;EAggBK,CAAC"}