agentdb 2.0.0-alpha.2 → 2.0.0-alpha.2.2

package/dist/security/limits.d.ts

@@ -1,150 +0,0 @@
-/**
- * AgentDB v2 Resource Limit Enforcement
- *
- * Prevents denial of service attacks by enforcing:
- * - Memory usage limits
- * - Query timeouts
- * - Rate limiting
- * - Resource caps
- */
-/**
- * Resource usage tracker
- */
-export declare class ResourceTracker {
-    private memoryUsageMB;
-    private queryCount;
-    private lastQueryTime;
-    private queryTimes;
-    private readonly startTime;
-    /**
-     * Update memory usage estimate
-     */
-    updateMemoryUsage(additionalMB: number): void;
-    /**
-     * Estimate memory for vectors
-     */
-    estimateVectorMemory(numVectors: number, dimension: number): number;
-    /**
-     * Record query execution
-     */
-    recordQuery(durationMs: number): void;
-    /**
-     * Get resource usage statistics
-     */
-    getStats(): ResourceStats;
-    /**
-     * Reset tracker
-     */
-    reset(): void;
-}
-/**
- * Resource statistics interface
- */
-export interface ResourceStats {
-    memoryUsageMB: number;
-    memoryLimitMB: number;
-    memoryUtilization: number;
-    queryCount: number;
-    avgQueryTimeMs: number;
-    uptimeSeconds: number;
-    queriesPerSecond: number;
-}
-/**
- * Query timeout wrapper
- */
-export declare function withTimeout<T>(promise: Promise<T>, timeoutMs?: number, operation?: string): Promise<T>;
-/**
- * Rate limiter using token bucket algorithm
- */
-export declare class RateLimiter {
-    private maxTokens;
-    private refillRate;
-    private tokens;
-    private lastRefill;
-    constructor(maxTokens: number, refillRate: number);
-    /**
-     * Attempt to consume tokens
-     * @returns true if allowed, false if rate limited
-     */
-    tryConsume(tokens?: number): boolean;
-    /**
-     * Consume tokens or throw error
-     */
-    consume(tokens?: number, operation?: string): void;
-    /**
-     * Refill tokens based on time elapsed
-     */
-    private refill;
-    /**
-     * Get current token count
-     */
-    getTokens(): number;
-    /**
-     * Reset limiter
-     */
-    reset(): void;
-}
-/**
- * Security error class
- */
-export declare class SecurityError extends Error {
-    readonly code: string;
-    constructor(message: string, code: string);
-    /**
-     * Get safe error message for external consumption
-     */
-    getSafeMessage(): string;
-}
-/**
- * Enforce resource limits on batch operations
- */
-export declare function enforceBatchLimits(batchSize: number, dimension: number, tracker: ResourceTracker): void;
-/**
- * Circuit breaker for fault tolerance
- */
-export declare class CircuitBreaker {
-    private maxFailures;
-    private resetTimeoutMs;
-    private failures;
-    private lastFailureTime;
-    private state;
-    constructor(maxFailures?: number, resetTimeoutMs?: number);
-    /**
-     * Execute operation with circuit breaker protection
-     */
-    execute<T>(operation: () => Promise<T>, operationName?: string): Promise<T>;
-    /**
-     * Record a failure
-     */
-    private recordFailure;
-    /**
-     * Get circuit breaker status
-     */
-    getStatus(): {
-        state: string;
-        failures: number;
-        lastFailure?: number;
-    };
-    /**
-     * Manually reset circuit breaker
-     */
-    reset(): void;
-}
-/**
- * Global resource tracker instance
- */
-export declare const globalResourceTracker: ResourceTracker;
-/**
- * Default rate limiters
- */
-export declare const rateLimiters: {
-    insert: RateLimiter;
-    search: RateLimiter;
-    delete: RateLimiter;
-    batch: RateLimiter;
-};
-/**
- * Monitor and log resource usage
- */
-export declare function logResourceUsage(): void;
-//# sourceMappingURL=limits.d.ts.map

package/dist/security/limits.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"limits.d.ts","sourceRoot":"","sources":["../../src/security/limits.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAKH;;GAEG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,aAAa,CAAa;IAClC,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,aAAa,CAAsB;IAC3C,OAAO,CAAC,UAAU,CAAgB;IAClC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAsB;IAEhD;;OAEG;IACH,iBAAiB,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI;IAW7C;;OAEG;IACH,oBAAoB,CAAC,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM;IAQnE;;OAEG;IACH,WAAW,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;IAWrC;;OAEG;IACH,QAAQ,IAAI,aAAa;IAkBzB;;OAEG;IACH,KAAK,IAAI,IAAI;CAKd;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,wBAAsB,WAAW,CAAC,CAAC,EACjC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,EACnB,SAAS,GAAE,MAAyC,EACpD,SAAS,GAAE,MAAoB,GAC9B,OAAO,CAAC,CAAC,CAAC,CAWZ;AAED;;GAEG;AACH,qBAAa,WAAW;IAKpB,OAAO,CAAC,SAAS;IACjB,OAAO,CAAC,UAAU;IALpB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,UAAU,CAAS;gBAGjB,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,MAAM;IAM5B;;;OAGG;IACH,UAAU,CAAC,MAAM,GAAE,MAAU,GAAG,OAAO;IAWvC;;OAEG;IACH,OAAO,CAAC,MAAM,GAAE,MAAU,EAAE,SAAS,GAAE,MAAoB,GAAG,IAAI;IASlE;;OAEG;IACH,OAAO,CAAC,MAAM;IASd;;OAEG;IACH,SAAS,IAAI,MAAM;IAKnB;;OAEG;IACH,KAAK,IAAI,IAAI;CAId;AAED;;GAEG;AACH,qBAAa,aAAc,SAAQ,KAAK;aAGpB,IAAI,EAAE,MAAM;gBAD5B,OAAO,EAAE,MAAM,EACC,IAAI,EAAE,MAAM;IAM9B;;OAEG;IACH,cAAc,IAAI,MAAM;CAIzB;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAChC,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,eAAe,GACvB,IAAI,CAoBN;AAED;;GAEG;AACH,qBAAa,cAAc;IAMvB,OAAO,CAAC,WAAW;IACnB,OAAO,CAAC,cAAc;IANxB,OAAO,CAAC,QAAQ,CAAa;IAC7B,OAAO,CAAC,eAAe,CAAa;IACpC,OAAO,CAAC,KAAK,CAA6C;gBAGhD,WAAW,GAAE,MAAU,EACvB,cAAc,GAAE,MAAc;IAGxC;;OAEG;IACG,OAAO,CAAC,CAAC,EACb,SAAS,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EAC3B,aAAa,GAAE,MAAoB,GAClC,OAAO,CAAC,CAAC,CAAC;IA8Bb;;OAEG;IACH,OAAO,CAAC,aAAa;IAUrB;;OAEG;IACH,SAAS,IAAI;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,CAAA;KAAE;IAQtE;;OAEG;IACH,KAAK,IAAI,IAAI;CAKd;AAED;;GAEG;AACH,eAAO,MAAM,qBAAqB,iBAAwB,CAAC;AAE3D;;GAEG;AACH,eAAO,MAAM,YAAY;;;;;CAYxB,CAAC;AAEF;;GAEG;AACH,wBAAgB,gBAAgB,IAAI,IAAI,CAmBvC"}

package/dist/security/limits.js

@@ -1,288 +0,0 @@
-/**
- * AgentDB v2 Resource Limit Enforcement
- *
- * Prevents denial of service attacks by enforcing:
- * - Memory usage limits
- * - Query timeouts
- * - Rate limiting
- * - Resource caps
- */
-import { SECURITY_LIMITS } from './validation.js';
-/**
- * Resource usage tracker
- */
-export class ResourceTracker {
-    memoryUsageMB = 0;
-    queryCount = 0;
-    lastQueryTime = Date.now();
-    queryTimes = [];
-    startTime = Date.now();
-    /**
-     * Update memory usage estimate
-     */
-    updateMemoryUsage(additionalMB) {
-        this.memoryUsageMB += additionalMB;
-        if (this.memoryUsageMB > SECURITY_LIMITS.MAX_MEMORY_MB) {
-            throw new SecurityError(`Memory limit exceeded: ${this.memoryUsageMB.toFixed(2)}MB > ${SECURITY_LIMITS.MAX_MEMORY_MB}MB`, 'MEMORY_LIMIT_EXCEEDED');
-        }
-    }
-    /**
-     * Estimate memory for vectors
-     */
-    estimateVectorMemory(numVectors, dimension) {
-        // Float32Array: 4 bytes per value
-        // Plus overhead for object structure and metadata (~25%)
-        const bytesPerVector = dimension * 4 * 1.25;
-        const totalBytes = numVectors * bytesPerVector;
-        return totalBytes / (1024 * 1024); // Convert to MB
-    }
-    /**
-     * Record query execution
-     */
-    recordQuery(durationMs) {
-        this.queryCount++;
-        this.lastQueryTime = Date.now();
-        this.queryTimes.push(durationMs);
-        // Keep only last 100 query times for stats
-        if (this.queryTimes.length > 100) {
-            this.queryTimes.shift();
-        }
-    }
-    /**
-     * Get resource usage statistics
-     */
-    getStats() {
-        const avgQueryTime = this.queryTimes.length > 0
-            ? this.queryTimes.reduce((a, b) => a + b, 0) / this.queryTimes.length
-            : 0;
-        const uptimeSeconds = (Date.now() - this.startTime) / 1000;
-        return {
-            memoryUsageMB: this.memoryUsageMB,
-            memoryLimitMB: SECURITY_LIMITS.MAX_MEMORY_MB,
-            memoryUtilization: (this.memoryUsageMB / SECURITY_LIMITS.MAX_MEMORY_MB) * 100,
-            queryCount: this.queryCount,
-            avgQueryTimeMs: avgQueryTime,
-            uptimeSeconds,
-            queriesPerSecond: this.queryCount / uptimeSeconds,
-        };
-    }
-    /**
-     * Reset tracker
-     */
-    reset() {
-        this.memoryUsageMB = 0;
-        this.queryCount = 0;
-        this.queryTimes = [];
-    }
-}
-/**
- * Query timeout wrapper
- */
-export async function withTimeout(promise, timeoutMs = SECURITY_LIMITS.QUERY_TIMEOUT_MS, operation = 'operation') {
-    const timeout = new Promise((_, reject) => {
-        setTimeout(() => {
-            reject(new SecurityError(`${operation} timeout after ${timeoutMs}ms`, 'QUERY_TIMEOUT'));
-        }, timeoutMs);
-    });
-    return Promise.race([promise, timeout]);
-}
-/**
- * Rate limiter using token bucket algorithm
- */
-export class RateLimiter {
-    maxTokens;
-    refillRate;
-    tokens;
-    lastRefill;
-    constructor(maxTokens, refillRate) {
-        this.maxTokens = maxTokens;
-        this.refillRate = refillRate;
-        this.tokens = maxTokens;
-        this.lastRefill = Date.now();
-    }
-    /**
-     * Attempt to consume tokens
-     * @returns true if allowed, false if rate limited
-     */
-    tryConsume(tokens = 1) {
-        this.refill();
-        if (this.tokens >= tokens) {
-            this.tokens -= tokens;
-            return true;
-        }
-        return false;
-    }
-    /**
-     * Consume tokens or throw error
-     */
-    consume(tokens = 1, operation = 'operation') {
-        if (!this.tryConsume(tokens)) {
-            throw new SecurityError(`Rate limit exceeded for ${operation}. Try again later.`, 'RATE_LIMIT_EXCEEDED');
-        }
-    }
-    /**
-     * Refill tokens based on time elapsed
-     */
-    refill() {
-        const now = Date.now();
-        const elapsed = (now - this.lastRefill) / 1000; // seconds
-        const tokensToAdd = elapsed * this.refillRate;
-        this.tokens = Math.min(this.maxTokens, this.tokens + tokensToAdd);
-        this.lastRefill = now;
-    }
-    /**
-     * Get current token count
-     */
-    getTokens() {
-        this.refill();
-        return this.tokens;
-    }
-    /**
-     * Reset limiter
-     */
-    reset() {
-        this.tokens = this.maxTokens;
-        this.lastRefill = Date.now();
-    }
-}
-/**
- * Security error class
- */
-export class SecurityError extends Error {
-    code;
-    constructor(message, code) {
-        super(message);
-        this.code = code;
-        this.name = 'SecurityError';
-    }
-    /**
-     * Get safe error message for external consumption
-     */
-    getSafeMessage() {
-        // Don't expose internal details in production
-        return 'A security constraint was violated. Please check your request.';
-    }
-}
-/**
- * Enforce resource limits on batch operations
- */
-export function enforceBatchLimits(batchSize, dimension, tracker) {
-    // Check batch size
-    if (batchSize > SECURITY_LIMITS.MAX_BATCH_SIZE) {
-        throw new SecurityError(`Batch size ${batchSize} exceeds limit ${SECURITY_LIMITS.MAX_BATCH_SIZE}`, 'BATCH_TOO_LARGE');
-    }
-    // Estimate and check memory
-    const estimatedMemoryMB = tracker.estimateVectorMemory(batchSize, dimension);
-    if (estimatedMemoryMB > SECURITY_LIMITS.MAX_MEMORY_MB * 0.5) {
-        throw new SecurityError(`Batch operation would use ${estimatedMemoryMB.toFixed(2)}MB (>50% of limit)`, 'BATCH_MEMORY_EXCESSIVE');
-    }
-    tracker.updateMemoryUsage(estimatedMemoryMB);
-}
-/**
- * Circuit breaker for fault tolerance
- */
-export class CircuitBreaker {
-    maxFailures;
-    resetTimeoutMs;
-    failures = 0;
-    lastFailureTime = 0;
-    state = 'closed';
-    constructor(maxFailures = 5, resetTimeoutMs = 60000) {
-        this.maxFailures = maxFailures;
-        this.resetTimeoutMs = resetTimeoutMs;
-    }
-    /**
-     * Execute operation with circuit breaker protection
-     */
-    async execute(operation, operationName = 'operation') {
-        if (this.state === 'open') {
-            const timeSinceFailure = Date.now() - this.lastFailureTime;
-            if (timeSinceFailure > this.resetTimeoutMs) {
-                this.state = 'half-open';
-            }
-            else {
-                throw new SecurityError(`Circuit breaker open for ${operationName}. Service temporarily unavailable.`, 'CIRCUIT_BREAKER_OPEN');
-            }
-        }
-        try {
-            const result = await operation();
-            // Success - reset on half-open or keep closed
-            if (this.state === 'half-open') {
-                this.state = 'closed';
-                this.failures = 0;
-            }
-            return result;
-        }
-        catch (error) {
-            this.recordFailure();
-            throw error;
-        }
-    }
-    /**
-     * Record a failure
-     */
-    recordFailure() {
-        this.failures++;
-        this.lastFailureTime = Date.now();
-        if (this.failures >= this.maxFailures) {
-            this.state = 'open';
-            console.error(`[CircuitBreaker] Opened after ${this.failures} failures`);
-        }
-    }
-    /**
-     * Get circuit breaker status
-     */
-    getStatus() {
-        return {
-            state: this.state,
-            failures: this.failures,
-            lastFailure: this.lastFailureTime || undefined,
-        };
-    }
-    /**
-     * Manually reset circuit breaker
-     */
-    reset() {
-        this.state = 'closed';
-        this.failures = 0;
-        this.lastFailureTime = 0;
-    }
-}
-/**
- * Global resource tracker instance
- */
-export const globalResourceTracker = new ResourceTracker();
-/**
- * Default rate limiters
- */
-export const rateLimiters = {
-    // 100 inserts per second
-    insert: new RateLimiter(100, 100),
-    // 1000 searches per second
-    search: new RateLimiter(1000, 1000),
-    // 50 deletes per second
-    delete: new RateLimiter(50, 50),
-    // 10 batch operations per second
-    batch: new RateLimiter(10, 10),
-};
-/**
- * Monitor and log resource usage
- */
-export function logResourceUsage() {
-    const stats = globalResourceTracker.getStats();
-    console.log('[ResourceMonitor]', {
-        memory: `${stats.memoryUsageMB.toFixed(2)}MB / ${stats.memoryLimitMB}MB (${stats.memoryUtilization.toFixed(1)}%)`,
-        queries: stats.queryCount,
-        avgQueryTime: `${stats.avgQueryTimeMs.toFixed(2)}ms`,
-        qps: stats.queriesPerSecond.toFixed(2),
-        uptime: `${stats.uptimeSeconds.toFixed(0)}s`,
-    });
-    // Warn if approaching limits
-    if (stats.memoryUtilization > 80) {
-        console.warn('[ResourceMonitor] WARNING: Memory usage above 80%');
-    }
-    if (stats.avgQueryTimeMs > SECURITY_LIMITS.QUERY_TIMEOUT_MS * 0.5) {
-        console.warn('[ResourceMonitor] WARNING: Average query time approaching timeout');
-    }
-}
-//# sourceMappingURL=limits.js.map

package/dist/security/limits.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"limits.js","sourceRoot":"","sources":["../../src/security/limits.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElD;;GAEG;AACH,MAAM,OAAO,eAAe;IAClB,aAAa,GAAW,CAAC,CAAC;IAC1B,UAAU,GAAW,CAAC,CAAC;IACvB,aAAa,GAAW,IAAI,CAAC,GAAG,EAAE,CAAC;IACnC,UAAU,GAAa,EAAE,CAAC;IACjB,SAAS,GAAW,IAAI,CAAC,GAAG,EAAE,CAAC;IAEhD;;OAEG;IACH,iBAAiB,CAAC,YAAoB;QACpC,IAAI,CAAC,aAAa,IAAI,YAAY,CAAC;QAEnC,IAAI,IAAI,CAAC,aAAa,GAAG,eAAe,CAAC,aAAa,EAAE,CAAC;YACvD,MAAM,IAAI,aAAa,CACrB,0BAA0B,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,eAAe,CAAC,aAAa,IAAI,EAChG,uBAAuB,CACxB,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,oBAAoB,CAAC,UAAkB,EAAE,SAAiB;QACxD,kCAAkC;QAClC,yDAAyD;QACzD,MAAM,cAAc,GAAG,SAAS,GAAG,CAAC,GAAG,IAAI,CAAC;QAC5C,MAAM,UAAU,GAAG,UAAU,GAAG,cAAc,CAAC;QAC/C,OAAO,UAAU,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC,gBAAgB;IACrD,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,UAAkB;QAC5B,IAAI,CAAC,UAAU,EAAE,CAAC;QAClB,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAChC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAEjC,2CAA2C;QAC3C,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YACjC,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QAC1B,CAAC;IACH,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC;YAC7C,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM;YACrE,CAAC,CAAC,CAAC,CAAC;QAEN,MAAM,aAAa,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC;QAE3D,OAAO;YACL,aAAa,EAAE,IAAI,CAAC,aAAa;YACjC,aAAa,EAAE,eAAe,CAAC,aAAa;YAC5C,iBAAiB,EAAE,CAAC,IAAI,CAAC,aAAa,GAAG,eAAe,CAAC,aAAa,CAAC,GAAG,GAAG;YAC7E,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,cAAc,EAAE,YAAY;YAC5B,aAAa;YACb,gBAAgB,EAAE,IAAI,CAAC,UAAU,GAAG,aAAa;SAClD,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,CAAC,aAAa,GAAG,CAAC,CAAC;QACvB,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;QACpB,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;IACvB,CAAC;CACF;AAeD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,OAAmB,EACnB,YAAoB,eAAe,CAAC,gBAAgB,EACpD,YAAoB,WAAW;IAE/B,MAAM,OAAO,GAAG,IAAI,OAAO,CAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE;QAC/C,UAAU,CAAC,GAAG,EAAE;YACd,MAAM,CAAC,IAAI,aAAa,CACtB,GAAG,SAAS,kBAAkB,SAAS,IAAI,EAC3C,eAAe,CAChB,CAAC,CAAC;QACL,CAAC,EAAE,SAAS,CAAC,CAAC;IAChB,CAAC,CAAC,CAAC;IAEH,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;AAC1C,CAAC;AAED;;GAEG;AACH,MAAM,OAAO,WAAW;IAKZ;IACA;IALF,MAAM,CAAS;IACf,UAAU,CAAS;IAE3B,YACU,SAAiB,EACjB,UAAkB;QADlB,cAAS,GAAT,SAAS,CAAQ;QACjB,eAAU,GAAV,UAAU,CAAQ;QAE1B,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC;QACxB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC/B,CAAC;IAED;;;OAGG;IACH,UAAU,CAAC,SAAiB,CAAC;QAC3B,IAAI,CAAC,MAAM,EAAE,CAAC;QAEd,IAAI,IAAI,CAAC,MAAM,IAAI,MAAM,EAAE,CAAC;YAC1B,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC;YACtB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,SAAiB,CAAC,EAAE,YAAoB,WAAW;QACzD,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,aAAa,CACrB,2BAA2B,SAAS,oBAAoB,EACxD,qBAAqB,CACtB,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM;QACZ,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,CAAC,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,UAAU;QAC1D,MAAM,WAAW,GAAG,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC;QAE9C,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,GAAG,WAAW,CAAC,CAAC;QAClE,IAAI,CAAC,UAAU,GAAG,GAAG,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,SAAS;QACP,IAAI,CAAC,MAAM,EAAE,CAAC;QACd,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC/B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,aAAc,SAAQ,KAAK;IAGpB;IAFlB,YACE,OAAe,EACC,IAAY;QAE5B,KAAK,CAAC,OAAO,CAAC,CAAC;QAFC,SAAI,GAAJ,IAAI,CAAQ;QAG5B,IAAI,CAAC,IAAI,GAAG,eAAe,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,8CAA8C;QAC9C,OAAO,gEAAgE,CAAC;IAC1E,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAChC,SAAiB,EACjB,SAAiB,EACjB,OAAwB;IAExB,mBAAmB;IACnB,IAAI,SAAS,GAAG,eAAe,CAAC,cAAc,EAAE,CAAC;QAC/C,MAAM,IAAI,aAAa,CACrB,cAAc,SAAS,kBAAkB,eAAe,CAAC,cAAc,EAAE,EACzE,iBAAiB,CAClB,CAAC;IACJ,CAAC;IAED,4BAA4B;IAC5B,MAAM,iBAAiB,GAAG,OAAO,CAAC,oBAAoB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;IAE7E,IAAI,iBAAiB,GAAG,eAAe,CAAC,aAAa,GAAG,GAAG,EAAE,CAAC;QAC5D,MAAM,IAAI,aAAa,CACrB,6BAA6B,iBAAiB,CAAC,OAAO,CAAC,CAAC,CAAC,oBAAoB,EAC7E,wBAAwB,CACzB,CAAC;IACJ,CAAC;IAED,OAAO,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,MAAM,OAAO,cAAc;IAMf;IACA;IANF,QAAQ,GAAW,CAAC,CAAC;IACrB,eAAe,GAAW,CAAC,CAAC;IAC5B,KAAK,GAAoC,QAAQ,CAAC;IAE1D,YACU,cAAsB,CAAC,EACvB,iBAAyB,KAAK;QAD9B,gBAAW,GAAX,WAAW,CAAY;QACvB,mBAAc,GAAd,cAAc,CAAgB;IACrC,CAAC;IAEJ;;OAEG;IACH,KAAK,CAAC,OAAO,CACX,SAA2B,EAC3B,gBAAwB,WAAW;QAEnC,IAAI,IAAI,CAAC,KAAK,KAAK,MAAM,EAAE,CAAC;YAC1B,MAAM,gBAAgB,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,eAAe,CAAC;YAE3D,IAAI,gBAAgB,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;gBAC3C,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC;YAC3B,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,aAAa,CACrB,4BAA4B,aAAa,oCAAoC,EAC7E,sBAAsB,CACvB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,SAAS,EAAE,CAAC;YAEjC,8CAA8C;YAC9C,IAAI,IAAI,CAAC,KAAK,KAAK,WAAW,EAAE,CAAC;gBAC/B,IAAI,CAAC,KAAK,GAAG,QAAQ,CAAC;gBACtB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;YACpB,CAAC;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,aAAa,EAAE,CAAC;YACrB,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACK,aAAa;QACnB,IAAI,CAAC,QAAQ,EAAE,CAAC;QAChB,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAElC,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACtC,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,iCAAiC,IAAI,CAAC,QAAQ,WAAW,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED;;OAEG;IACH,SAAS;QACP,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,WAAW,EAAE,IAAI,CAAC,eAAe,IAAI,SAAS;SAC/C,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,CAAC,KAAK,GAAG,QAAQ,CAAC;QACtB,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;QAClB,IAAI,CAAC,eAAe,GAAG,CAAC,CAAC;IAC3B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,IAAI,eAAe,EAAE,CAAC;AAE3D;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,yBAAyB;IACzB,MAAM,EAAE,IAAI,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC;IAEjC,2BAA2B;IAC3B,MAAM,EAAE,IAAI,WAAW,CAAC,IAAI,EAAE,IAAI,CAAC;IAEnC,wBAAwB;IACxB,MAAM,EAAE,IAAI,WAAW,CAAC,EAAE,EAAE,EAAE,CAAC;IAE/B,iCAAiC;IACjC,KAAK,EAAE,IAAI,WAAW,CAAC,EAAE,EAAE,EAAE,CAAC;CAC/B,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,gBAAgB;IAC9B,MAAM,KAAK,GAAG,qBAAqB,CAAC,QAAQ,EAAE,CAAC;IAE/C,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE;QAC/B,MAAM,EAAE,GAAG,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,aAAa,OAAO,KAAK,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;QACjH,OAAO,EAAE,KAAK,CAAC,UAAU;QACzB,YAAY,EAAE,GAAG,KAAK,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;QACpD,GAAG,EAAE,KAAK,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;QACtC,MAAM,EAAE,GAAG,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG;KAC7C,CAAC,CAAC;IAEH,6BAA6B;IAC7B,IAAI,KAAK,CAAC,iBAAiB,GAAG,EAAE,EAAE,CAAC;QACjC,OAAO,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;IACpE,CAAC;IAED,IAAI,KAAK,CAAC,cAAc,GAAG,eAAe,CAAC,gBAAgB,GAAG,GAAG,EAAE,CAAC;QAClE,OAAO,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;IACpF,CAAC;AACH,CAAC"}

package/dist/security/path-security.d.ts

@@ -1,100 +0,0 @@
-/**
- * AgentDB v2 Path Security Utilities
- *
- * Prevents path traversal attacks and ensures safe file operations:
- * - Path validation and canonicalization
- * - Symlink detection and handling
- * - Safe file read/write operations
- * - Temporary file cleanup
- */
-import * as fs from 'fs';
-/**
- * Validate and sanitize file path
- * Prevents path traversal attacks
- */
-export declare function validatePath(filePath: string, baseDir: string): string;
-/**
- * Check if path is a symbolic link
- */
-export declare function isSymbolicLink(filePath: string): Promise<boolean>;
-/**
- * Secure file write operation
- * Prevents writing to symbolic links and validates paths
- */
-export declare function secureWrite(filePath: string, data: Buffer | string, baseDir: string, options?: {
-    overwrite?: boolean;
-    encoding?: BufferEncoding;
-}): Promise<void>;
-/**
- * Secure file read operation
- * Validates paths and prevents symlink attacks
- */
-export declare function secureRead(filePath: string, baseDir: string, options?: {
-    encoding?: BufferEncoding;
-    followSymlinks?: boolean;
-}): Promise<Buffer | string>;
-/**
- * Secure directory listing
- * Prevents path traversal and filters out sensitive files
- */
-export declare function secureListDir(dirPath: string, baseDir: string, options?: {
-    recursive?: boolean;
-    includeDotFiles?: boolean;
-}): Promise<string[]>;
-/**
- * Secure file deletion
- * Validates paths and prevents symlink attacks
- */
-export declare function secureDelete(filePath: string, baseDir: string, options?: {
-    force?: boolean;
-}): Promise<void>;
-/**
- * Temporary file manager with automatic cleanup
- */
-export declare class TempFileManager {
-    private tempFiles;
-    private tempDir;
-    private cleanupScheduled;
-    constructor(baseDir: string);
-    /**
-     * Initialize temp directory
-     */
-    init(): Promise<void>;
-    /**
-     * Create a temporary file
-     */
-    createTempFile(prefix?: string): Promise<string>;
-    /**
-     * Write to temporary file
-     */
-    writeTempFile(data: Buffer | string, prefix?: string): Promise<string>;
-    /**
-     * Delete a specific temp file
-     */
-    deleteTempFile(tempPath: string): Promise<void>;
-    /**
-     * Clean up all temporary files
-     */
-    cleanup(): Promise<void>;
-    /**
-     * Synchronous cleanup for process exit
-     */
-    private cleanupSync;
-    /**
-     * Get list of managed temp files
-     */
-    getTempFiles(): string[];
-}
-/**
- * Ensure directory exists with safe permissions
- */
-export declare function ensureDir(dirPath: string, baseDir: string): Promise<string>;
-/**
- * Get safe file stats without following symlinks
- */
-export declare function safeStats(filePath: string, baseDir: string): Promise<fs.Stats>;
-/**
- * Check if path exists within base directory
- */
-export declare function pathExists(filePath: string, baseDir: string): Promise<boolean>;
-//# sourceMappingURL=path-security.d.ts.map

package/dist/security/path-security.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"path-security.d.ts","sourceRoot":"","sources":["../../src/security/path-security.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AAGzB;;;GAGG;AACH,wBAAgB,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,CAuCtE;AAED;;GAEG;AACH,wBAAsB,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAWvE;AAED;;;GAGG;AACH,wBAAsB,WAAW,CAC/B,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,GAAG,MAAM,EACrB,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE;IAAE,SAAS,CAAC,EAAE,OAAO,CAAC;IAAC,QAAQ,CAAC,EAAE,cAAc,CAAA;CAAE,GAC3D,OAAO,CAAC,IAAI,CAAC,CAoDf;AAED;;;GAGG;AACH,wBAAsB,UAAU,CAC9B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE;IAAE,QAAQ,CAAC,EAAE,cAAc,CAAC;IAAC,cAAc,CAAC,EAAE,OAAO,CAAA;CAAE,GAChE,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC,CA2B1B;AAED;;;GAGG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE;IAAE,SAAS,CAAC,EAAE,OAAO,CAAC;IAAC,eAAe,CAAC,EAAE,OAAO,CAAA;CAAE,GAC3D,OAAO,CAAC,MAAM,EAAE,CAAC,CA0CnB;AAED;;;GAGG;AACH,wBAAsB,YAAY,CAChC,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE;IAAE,KAAK,CAAC,EAAE,OAAO,CAAA;CAAE,GAC5B,OAAO,CAAC,IAAI,CAAC,CA0Bf;AAED;;GAEG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,SAAS,CAA0B;IAC3C,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,gBAAgB,CAAkB;gBAE9B,OAAO,EAAE,MAAM;IAI3B;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAkB3B;;OAEG;IACG,cAAc,CAAC,MAAM,GAAE,MAAkB,GAAG,OAAO,CAAC,MAAM,CAAC;IAUjE;;OAEG;IACG,aAAa,CACjB,IAAI,EAAE,MAAM,GAAG,MAAM,EACrB,MAAM,GAAE,MAAkB,GACzB,OAAO,CAAC,MAAM,CAAC;IAMlB;;OAEG;IACG,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkBrD;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAqB9B;;OAEG;IACH,OAAO,CAAC,WAAW;IAgBnB;;OAEG;IACH,YAAY,IAAI,MAAM,EAAE;CAGzB;AAED;;GAEG;AACH,wBAAsB,SAAS,CAC7B,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,CAAC,CASjB;AAED;;GAEG;AACH,wBAAsB,SAAS,CAC7B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,EAAE,CAAC,KAAK,CAAC,CAGnB;AAED;;GAEG;AACH,wBAAsB,UAAU,CAC9B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,OAAO,CAAC,CAQlB"}