npm - agentic-qe - Versions diffs - 1.2.0 → 1.3.0 - Mend

agentic-qe 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (338) hide show

package/dist/utils/SecureUrlValidator.js ADDED Viewed

@@ -0,0 +1,306 @@
+"use strict";
+/**
+ * Secure URL Validator - Native TypeScript Implementation
+ *
+ * A secure, zero-dependency URL validation utility using the WHATWG URL API
+ * to replace validator.js isURL() and avoid CVE-2025-56200.
+ *
+ * @module SecureUrlValidator
+ * @see CVE-2025-56200 - validator.js URL validation bypass vulnerability
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.UrlValidationPresets = void 0;
+exports.validateUrl = validateUrl;
+exports.isValidUrl = isValidUrl;
+exports.sanitizeUrl = sanitizeUrl;
+exports.extractHostname = extractHostname;
+exports.isHttps = isHttps;
+/**
+ * Default validation options
+ */
+const DEFAULT_OPTIONS = {
+    allowedProtocols: ['http:', 'https:'],
+    allowAuthentication: false,
+    requireTld: true,
+    allowLocalhost: false,
+    allowIpAddress: true,
+    maxLength: 2048,
+};
+/**
+ * Dangerous URL protocols that should always be blocked for security
+ */
+const DANGEROUS_PROTOCOLS = [
+    'javascript:',
+    'data:',
+    'vbscript:',
+    'file:',
+    'blob:',
+    'about:',
+];
+/**
+ * TLD validation regex (common TLDs)
+ * Note: This is not exhaustive but covers most cases
+ */
+const TLD_REGEX = /\.[a-z]{2,}$/i;
+/**
+ * IPv4 address regex
+ */
+const IPV4_REGEX = /^(\d{1,3}\.){3}\d{1,3}$/;
+/**
+ * IPv6 address regex (simplified)
+ */
+const IPV6_REGEX = /^\[?[0-9a-f:]+\]?$/i;
+/**
+ * Validates a URL string using the WHATWG URL API
+ *
+ * This is the secure replacement for validator.js isURL() function.
+ * It uses the native URL constructor which properly handles all edge cases
+ * and prevents the CVE-2025-56200 vulnerability.
+ *
+ * @param urlString - The URL string to validate
+ * @param options - Validation options
+ * @returns Validation result with details
+ *
+ * @example
+ * ```typescript
+ * // Basic validation
+ * const result = validateUrl('https://example.com');
+ * if (result.valid) {
+ *   console.log('Valid URL:', result.url?.href);
+ * }
+ *
+ * // Strict validation for user input
+ * const strictResult = validateUrl(userInput, {
+ *   allowedProtocols: ['https:'],
+ *   requireTld: true,
+ *   allowLocalhost: false,
+ *   allowAuthentication: false,
+ * });
+ *
+ * // Custom domain allowlist
+ * const allowlistResult = validateUrl(url, {
+ *   allowedDomains: ['example.com', 'trusted-site.org'],
+ * });
+ * ```
+ */
+function validateUrl(urlString, options = {}) {
+    const opts = { ...DEFAULT_OPTIONS, ...options };
+    const warnings = [];
+    // Step 1: Length validation
+    if (urlString.length > opts.maxLength) {
+        return {
+            valid: false,
+            error: `URL exceeds maximum length of ${opts.maxLength} characters`,
+        };
+    }
+    // Step 2: Check for dangerous protocols BEFORE URL parsing
+    // This prevents the CVE-2025-56200 vulnerability
+    const lowerUrl = urlString.toLowerCase();
+    for (const dangerousProto of DANGEROUS_PROTOCOLS) {
+        if (lowerUrl.startsWith(dangerousProto)) {
+            return {
+                valid: false,
+                error: `Dangerous protocol detected: ${dangerousProto}`,
+            };
+        }
+    }
+    // Step 3: WHATWG URL parsing (the secure way)
+    let url;
+    try {
+        url = new URL(urlString);
+    }
+    catch (error) {
+        return {
+            valid: false,
+            error: `Invalid URL format: ${error instanceof Error ? error.message : 'Unknown error'}`,
+        };
+    }
+    // Step 4: Protocol validation
+    if (!opts.allowedProtocols.includes(url.protocol)) {
+        return {
+            valid: false,
+            error: `Protocol '${url.protocol}' is not allowed. Allowed protocols: ${opts.allowedProtocols.join(', ')}`,
+        };
+    }
+    // Step 5: Authentication validation
+    if (!opts.allowAuthentication && (url.username || url.password)) {
+        return {
+            valid: false,
+            error: 'URLs with authentication (username:password) are not allowed',
+        };
+    }
+    // Step 6: Hostname validation
+    if (!url.hostname) {
+        return {
+            valid: false,
+            error: 'URL must have a valid hostname',
+        };
+    }
+    // Step 7: Localhost validation
+    const isLocalhost = url.hostname === 'localhost' ||
+        url.hostname === '127.0.0.1' ||
+        url.hostname === '[::1]';
+    if (isLocalhost && !opts.allowLocalhost) {
+        return {
+            valid: false,
+            error: 'Localhost URLs are not allowed',
+        };
+    }
+    // Step 8: IP address validation
+    const isIpv4 = IPV4_REGEX.test(url.hostname);
+    const isIpv6 = IPV6_REGEX.test(url.hostname);
+    const isIpAddress = isIpv4 || isIpv6;
+    if (isIpAddress && !opts.allowIpAddress) {
+        return {
+            valid: false,
+            error: 'IP addresses are not allowed',
+        };
+    }
+    // Step 9: TLD validation (for non-IP, non-localhost hosts)
+    if (opts.requireTld && !isIpAddress && !isLocalhost) {
+        if (!TLD_REGEX.test(url.hostname)) {
+            return {
+                valid: false,
+                error: 'URL must have a valid top-level domain (TLD)',
+            };
+        }
+    }
+    // Step 10: Domain allowlist validation
+    if (options.allowedDomains && options.allowedDomains.length > 0) {
+        const isAllowed = options.allowedDomains.some(domain => {
+            return url.hostname === domain || url.hostname.endsWith('.' + domain);
+        });
+        if (!isAllowed) {
+            return {
+                valid: false,
+                error: `Domain '${url.hostname}' is not in the allowlist`,
+            };
+        }
+    }
+    // Step 11: Domain blocklist validation
+    if (options.blockedDomains && options.blockedDomains.length > 0) {
+        const isBlocked = options.blockedDomains.some(domain => {
+            return url.hostname === domain || url.hostname.endsWith('.' + domain);
+        });
+        if (isBlocked) {
+            return {
+                valid: false,
+                error: `Domain '${url.hostname}' is blocked`,
+            };
+        }
+    }
+    // Step 12: Security warnings (non-fatal)
+    if (url.protocol === 'http:' && opts.allowedProtocols.includes('https:')) {
+        warnings.push('Using HTTP instead of HTTPS (insecure)');
+    }
+    if (url.username || url.password) {
+        warnings.push('URL contains authentication credentials');
+    }
+    // Success!
+    return {
+        valid: true,
+        url,
+        warnings: warnings.length > 0 ? warnings : undefined,
+    };
+}
+/**
+ * Simple boolean validation (for drop-in replacement of validator.isURL)
+ *
+ * @param urlString - The URL string to validate
+ * @param options - Validation options
+ * @returns true if valid, false otherwise
+ *
+ * @example
+ * ```typescript
+ * if (isValidUrl('https://example.com')) {
+ *   // URL is valid
+ * }
+ * ```
+ */
+function isValidUrl(urlString, options = {}) {
+    return validateUrl(urlString, options).valid;
+}
+/**
+ * Sanitize URL by parsing and reconstructing it
+ * This ensures the URL is properly formatted and safe
+ *
+ * @param urlString - The URL string to sanitize
+ * @param options - Validation options
+ * @returns Sanitized URL string or null if invalid
+ *
+ * @example
+ * ```typescript
+ * const clean = sanitizeUrl('HTTP://EXAMPLE.COM/path');
+ * // Returns: 'http://example.com/path'
+ * ```
+ */
+function sanitizeUrl(urlString, options = {}) {
+    const result = validateUrl(urlString, options);
+    return result.valid ? result.url.href : null;
+}
+/**
+ * Extract and validate hostname from URL
+ *
+ * @param urlString - The URL string
+ * @returns Hostname or null if invalid
+ */
+function extractHostname(urlString) {
+    const result = validateUrl(urlString);
+    return result.valid ? result.url.hostname : null;
+}
+/**
+ * Check if URL is HTTPS
+ *
+ * @param urlString - The URL string
+ * @returns true if HTTPS, false otherwise
+ */
+function isHttps(urlString) {
+    const result = validateUrl(urlString);
+    return result.valid && result.url.protocol === 'https:';
+}
+/**
+ * Preset validation configurations for common use cases
+ */
+exports.UrlValidationPresets = {
+    /**
+     * Strict validation for production user input
+     */
+    STRICT: {
+        allowedProtocols: ['https:'],
+        allowAuthentication: false,
+        requireTld: true,
+        allowLocalhost: false,
+        allowIpAddress: false,
+    },
+    /**
+     * Standard web URLs (HTTP/HTTPS)
+     */
+    WEB: {
+        allowedProtocols: ['http:', 'https:'],
+        allowAuthentication: false,
+        requireTld: true,
+        allowLocalhost: false,
+        allowIpAddress: true,
+    },
+    /**
+     * Development mode (allows localhost)
+     */
+    DEVELOPMENT: {
+        allowedProtocols: ['http:', 'https:'],
+        allowAuthentication: false,
+        requireTld: false,
+        allowLocalhost: true,
+        allowIpAddress: true,
+    },
+    /**
+     * API endpoints (allows authentication)
+     */
+    API: {
+        allowedProtocols: ['http:', 'https:'],
+        allowAuthentication: true,
+        requireTld: true,
+        allowLocalhost: false,
+        allowIpAddress: true,
+    },
+};
+//# sourceMappingURL=SecureUrlValidator.js.map

package/dist/utils/SecureUrlValidator.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SecureUrlValidator.js","sourceRoot":"","sources":["../../src/utils/SecureUrlValidator.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAiJH,kCA2IC;AAgBD,gCAKC;AAgBD,kCAMC;AAQD,0CAGC;AAQD,0BAGC;AArRD;;GAEG;AACH,MAAM,eAAe,GAA8E;IACjG,gBAAgB,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC;IACrC,mBAAmB,EAAE,KAAK;IAC1B,UAAU,EAAE,IAAI;IAChB,cAAc,EAAE,KAAK;IACrB,cAAc,EAAE,IAAI;IACpB,SAAS,EAAE,IAAI;CAChB,CAAC;AAEF;;GAEG;AACH,MAAM,mBAAmB,GAAG;IAC1B,aAAa;IACb,OAAO;IACP,WAAW;IACX,OAAO;IACP,OAAO;IACP,QAAQ;CACT,CAAC;AAEF;;;GAGG;AACH,MAAM,SAAS,GAAG,eAAe,CAAC;AAElC;;GAEG;AACH,MAAM,UAAU,GAAG,yBAAyB,CAAC;AAE7C;;GAEG;AACH,MAAM,UAAU,GAAG,qBAAqB,CAAC;AAEzC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,SAAgB,WAAW,CACzB,SAAiB,EACjB,UAAgC,EAAE;IAElC,MAAM,IAAI,GAAG,EAAE,GAAG,eAAe,EAAE,GAAG,OAAO,EAAE,CAAC;IAChD,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,4BAA4B;IAC5B,IAAI,SAAS,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QACtC,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,iCAAiC,IAAI,CAAC,SAAS,aAAa;SACpE,CAAC;IACJ,CAAC;IAED,2DAA2D;IAC3D,iDAAiD;IACjD,MAAM,QAAQ,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;IACzC,KAAK,MAAM,cAAc,IAAI,mBAAmB,EAAE,CAAC;QACjD,IAAI,QAAQ,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;YACxC,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,gCAAgC,cAAc,EAAE;aACxD,CAAC;QACJ,CAAC;IACH,CAAC;IAED,8CAA8C;IAC9C,IAAI,GAAQ,CAAC;IACb,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,uBAAuB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;SACzF,CAAC;IACJ,CAAC;IAED,8BAA8B;IAC9B,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QAClD,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,aAAa,GAAG,CAAC,QAAQ,wCAAwC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;SAC3G,CAAC;IACJ,CAAC;IAED,oCAAoC;IACpC,IAAI,CAAC,IAAI,CAAC,mBAAmB,IAAI,CAAC,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QAChE,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,8DAA8D;SACtE,CAAC;IACJ,CAAC;IAED,8BAA8B;IAC9B,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAClB,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,gCAAgC;SACxC,CAAC;IACJ,CAAC;IAED,+BAA+B;IAC/B,MAAM,WAAW,GAAG,GAAG,CAAC,QAAQ,KAAK,WAAW;QAC7B,GAAG,CAAC,QAAQ,KAAK,WAAW;QAC5B,GAAG,CAAC,QAAQ,KAAK,OAAO,CAAC;IAE5C,IAAI,WAAW,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;QACxC,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,gCAAgC;SACxC,CAAC;IACJ,CAAC;IAED,gCAAgC;IAChC,MAAM,MAAM,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC7C,MAAM,MAAM,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC7C,MAAM,WAAW,GAAG,MAAM,IAAI,MAAM,CAAC;IAErC,IAAI,WAAW,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;QACxC,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,8BAA8B;SACtC,CAAC;IACJ,CAAC;IAED,2DAA2D;IAC3D,IAAI,IAAI,CAAC,UAAU,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,EAAE,CAAC;QACpD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YAClC,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,8CAA8C;aACtD,CAAC;QACJ,CAAC;IACH,CAAC;IAED,uCAAuC;IACvC,IAAI,OAAO,CAAC,cAAc,IAAI,OAAO,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChE,MAAM,SAAS,GAAG,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACrD,OAAO,GAAG,CAAC,QAAQ,KAAK,MAAM,IAAI,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,GAAG,MAAM,CAAC,CAAC;QACxE,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,WAAW,GAAG,CAAC,QAAQ,2BAA2B;aAC1D,CAAC;QACJ,CAAC;IACH,CAAC;IAED,uCAAuC;IACvC,IAAI,OAAO,CAAC,cAAc,IAAI,OAAO,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChE,MAAM,SAAS,GAAG,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACrD,OAAO,GAAG,CAAC,QAAQ,KAAK,MAAM,IAAI,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,GAAG,MAAM,CAAC,CAAC;QACxE,CAAC,CAAC,CAAC;QAEH,IAAI,SAAS,EAAE,CAAC;YACd,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,WAAW,GAAG,CAAC,QAAQ,cAAc;aAC7C,CAAC;QACJ,CAAC;IACH,CAAC;IAED,yCAAyC;IACzC,IAAI,GAAG,CAAC,QAAQ,KAAK,OAAO,IAAI,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzE,QAAQ,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;IAC1D,CAAC;IAED,IAAI,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;QACjC,QAAQ,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;IAC3D,CAAC;IAED,WAAW;IACX,OAAO;QACL,KAAK,EAAE,IAAI;QACX,GAAG;QACH,QAAQ,EAAE,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;KACrD,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,SAAgB,UAAU,CACxB,SAAiB,EACjB,UAAgC,EAAE;IAElC,OAAO,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC;AAC/C,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,SAAgB,WAAW,CACzB,SAAiB,EACjB,UAAgC,EAAE;IAElC,MAAM,MAAM,GAAG,WAAW,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC/C,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,GAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;AAChD,CAAC;AAED;;;;;GAKG;AACH,SAAgB,eAAe,CAAC,SAAiB;IAC/C,MAAM,MAAM,GAAG,WAAW,CAAC,SAAS,CAAC,CAAC;IACtC,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,GAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;AACpD,CAAC;AAED;;;;;GAKG;AACH,SAAgB,OAAO,CAAC,SAAiB;IACvC,MAAM,MAAM,GAAG,WAAW,CAAC,SAAS,CAAC,CAAC;IACtC,OAAO,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,GAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC;AAC3D,CAAC;AAED;;GAEG;AACU,QAAA,oBAAoB,GAAG;IAClC;;OAEG;IACH,MAAM,EAAE;QACN,gBAAgB,EAAE,CAAC,QAAQ,CAAC;QAC5B,mBAAmB,EAAE,KAAK;QAC1B,UAAU,EAAE,IAAI;QAChB,cAAc,EAAE,KAAK;QACrB,cAAc,EAAE,KAAK;KACE;IAEzB;;OAEG;IACH,GAAG,EAAE;QACH,gBAAgB,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC;QACrC,mBAAmB,EAAE,KAAK;QAC1B,UAAU,EAAE,IAAI;QAChB,cAAc,EAAE,KAAK;QACrB,cAAc,EAAE,IAAI;KACG;IAEzB;;OAEG;IACH,WAAW,EAAE;QACX,gBAAgB,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC;QACrC,mBAAmB,EAAE,KAAK;QAC1B,UAAU,EAAE,KAAK;QACjB,cAAc,EAAE,IAAI;QACpB,cAAc,EAAE,IAAI;KACG;IAEzB;;OAEG;IACH,GAAG,EAAE;QACH,gBAAgB,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC;QACrC,mBAAmB,EAAE,IAAI;QACzB,UAAU,EAAE,IAAI;QAChB,cAAc,EAAE,KAAK;QACrB,cAAc,EAAE,IAAI;KACG;CAC1B,CAAC"}

package/dist/utils/SecureValidation.d.ts ADDED Viewed

@@ -0,0 +1,131 @@
+/**
+ * Secure Validation Utility
+ *
+ * Provides safe parameter validation without eval() or code execution.
+ * Replaces string-based validators with type-safe validation functions.
+ *
+ * Security: NO eval(), NO Function(), NO code strings
+ *
+ * @module utils/SecureValidation
+ */
+/**
+ * Validation configuration types
+ */
+export interface ValidationConfig {
+    /** Required parameter names */
+    requiredParams?: string[];
+    /** Type checks: param name -> expected type */
+    typeChecks?: Record<string, ValidationType>;
+    /** Range checks for numbers */
+    rangeChecks?: Record<string, {
+        min?: number;
+        max?: number;
+    }>;
+    /** Pattern checks using RegExp */
+    patternChecks?: Record<string, RegExp>;
+    /** Length checks for strings/arrays */
+    lengthChecks?: Record<string, {
+        min?: number;
+        max?: number;
+    }>;
+    /** Enum checks: param name -> allowed values */
+    enumChecks?: Record<string, any[]>;
+    /** Custom validator ID (references predefined validators) */
+    customValidatorId?: string;
+}
+/**
+ * Supported validation types
+ */
+export type ValidationType = 'string' | 'number' | 'boolean' | 'object' | 'array' | 'function' | 'undefined' | 'null';
+/**
+ * Validation result
+ */
+export interface ValidationResult {
+    valid: boolean;
+    errors: string[];
+}
+/**
+ * Secure validation utility class
+ *
+ * @example
+ * ```typescript
+ * const config: ValidationConfig = {
+ *   requiredParams: ['name', 'age'],
+ *   typeChecks: { name: 'string', age: 'number' },
+ *   rangeChecks: { age: { min: 0, max: 150 } }
+ * };
+ *
+ * const result = SecureValidation.validate(config, { name: 'John', age: 30 });
+ * // result.valid = true
+ *
+ * const result2 = SecureValidation.validate(config, { name: 'John', age: 200 });
+ * // result2.valid = false
+ * // result2.errors = ['Parameter age (200) exceeds maximum (150)']
+ * ```
+ */
+export declare class SecureValidation {
+    /**
+     * Validate parameters against configuration
+     *
+     * @param config Validation configuration
+     * @param params Parameters to validate
+     * @returns Validation result with errors
+     */
+    static validate(config: ValidationConfig, params: Record<string, any>): ValidationResult;
+    /**
+     * Validate type of a value
+     *
+     * @param value Value to check
+     * @param expectedType Expected type
+     * @returns True if type matches
+     */
+    private static validateType;
+    /**
+     * Run predefined custom validator
+     *
+     * Security: Only predefined validators allowed, no dynamic code execution
+     *
+     * @param validatorId Validator identifier
+     * @param params Parameters to validate
+     * @returns Array of error messages
+     */
+    private static runCustomValidator;
+    /**
+     * Create validation config for required parameters
+     *
+     * @param paramNames Required parameter names
+     * @returns Validation configuration
+     */
+    static createRequiredParamsConfig(paramNames: string[]): ValidationConfig;
+    /**
+     * Create validation config for type checking
+     *
+     * @param typeMap Parameter name -> type mapping
+     * @returns Validation configuration
+     */
+    static createTypeCheckConfig(typeMap: Record<string, ValidationType>): ValidationConfig;
+    /**
+     * Validate without throwing exceptions
+     *
+     * @param config Validation configuration
+     * @param params Parameters to validate
+     * @returns True if valid, false otherwise
+     */
+    static isValid(config: ValidationConfig, params: Record<string, any>): boolean;
+    /**
+     * Validate and throw on error
+     *
+     * @param config Validation configuration
+     * @param params Parameters to validate
+     * @throws ValidationError if validation fails
+     */
+    static validateOrThrow(config: ValidationConfig, params: Record<string, any>): void;
+}
+/**
+ * Validation error class
+ */
+export declare class ValidationError extends Error {
+    errors: string[];
+    constructor(message: string, errors: string[]);
+}
+//# sourceMappingURL=SecureValidation.d.ts.map

package/dist/utils/SecureValidation.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SecureValidation.d.ts","sourceRoot":"","sources":["../../src/utils/SecureValidation.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAMH;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,+BAA+B;IAC/B,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,+CAA+C;IAC/C,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;IAC5C,+BAA+B;IAC/B,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE;QAAE,GAAG,CAAC,EAAE,MAAM,CAAC;QAAC,GAAG,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC7D,kCAAkC;IAClC,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACvC,uCAAuC;IACvC,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE;QAAE,GAAG,CAAC,EAAE,MAAM,CAAC;QAAC,GAAG,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC9D,gDAAgD;IAChD,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;IACnC,6DAA6D;IAC7D,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,MAAM,cAAc,GACtB,QAAQ,GACR,QAAQ,GACR,SAAS,GACT,QAAQ,GACR,OAAO,GACP,UAAU,GACV,WAAW,GACX,MAAM,CAAC;AAEX;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,qBAAa,gBAAgB;IAC3B;;;;;;OAMG;IACH,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,gBAAgB;IAsGxF;;;;;;OAMG;IACH,OAAO,CAAC,MAAM,CAAC,YAAY;IAU3B;;;;;;;;OAQG;IACH,OAAO,CAAC,MAAM,CAAC,kBAAkB;IAwDjC;;;;;OAKG;IACH,MAAM,CAAC,0BAA0B,CAAC,UAAU,EAAE,MAAM,EAAE,GAAG,gBAAgB;IAMzE;;;;;OAKG;IACH,MAAM,CAAC,qBAAqB,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,GAAG,gBAAgB;IAMvF;;;;;;OAMG;IACH,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO;IAK9E;;;;;;OAMG;IACH,MAAM,CAAC,eAAe,CAAC,MAAM,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,IAAI;CAMpF;AAED;;GAEG;AACH,qBAAa,eAAgB,SAAQ,KAAK;IACJ,MAAM,EAAE,MAAM,EAAE;gBAAxC,OAAO,EAAE,MAAM,EAAS,MAAM,EAAE,MAAM,EAAE;CAIrD"}