attaform 0.16.3 → 0.17.0

package/dist/shared/{attaform.rIRYSUI1.cjs → attaform.Dee2rU1P.cjs}

@@ -73,7 +73,7 @@ function formatAnonPersistMessage(opts) {
 }
 
 function detectSSR(options = {}) {
-  if (options.override !== void 0) return options.override;
+  if (options.ssr !== void 0) return options.ssr;
   return typeof window === "undefined" && typeof document === "undefined";
 }
 
@@ -383,91 +383,138 @@ function createPersistOptInRegistry() {
   };
 }
 
-const SENSITIVE_NAME_PATTERNS = [
-  // Passwords and PIN-like
-  /password/i,
-  /passwd/i,
-  /passwords/i,
-  /\bpwd\b/i,
-  /\bpin\b/i,
+const DEFAULT_SENSITIVE_NAMES = Object.freeze([
+  // Passwords + PIN-like
+  "password",
+  "passwd",
+  "pwd",
+  "pin",
   // Card / payment
-  /\bcvv\b/i,
-  /\bcvc\b/i,
-  /card[_\s-]?(?:number|num)/i,
-  /\bcard\b/i,
-  /\biban\b/i,
-  /routing[_\s-]?number/i,
-  /account[_\s-]?number/i,
+  "cvv",
+  "cvc",
+  "card_number",
+  "card_num",
+  "card",
+  "iban",
+  "routing_number",
+  "account_number",
   // Government / identity
-  /\bssn\b/i,
-  /social[_\s-]?security/i,
-  /\bdob\b/i,
-  /date[_\s-]?of[_\s-]?birth/i,
-  /passport/i,
-  /driver[_\s-]?license/i,
-  // Tax IDs (US + international common variants)
-  /\btin\b/i,
-  /\bein\b/i,
-  /\bitin\b/i,
-  /tax[_\s-]?id/i,
-  // Tokens, secrets, API/auth credentials
-  /\btoken\b/i,
-  /\btokens\b/i,
-  /secret/i,
-  /secrets/i,
-  /api[_\s-]?key/i,
-  /api[_\s-]?secret/i,
-  /api[_\s-]?token/i,
-  /private[_\s-]?key/i,
-  /\bbearer\b/i,
-  /\boauth\b/i,
-  /auth[_\s-]?token/i,
-  /access[_\s-]?token/i,
-  /refresh[_\s-]?token/i,
-  /session[_\s-]?(?:id|key|token)/i,
+  "ssn",
+  "social_security",
+  "dob",
+  "date_of_birth",
+  "passport",
+  "driver_license",
+  // Tax IDs
+  "tin",
+  "ein",
+  "itin",
+  "tax_id",
+  // Tokens / secrets / API auth
+  "token",
+  "tokens",
+  "secret",
+  "secrets",
+  "api_key",
+  "api_secret",
+  "api_token",
+  "private_key",
+  "bearer",
+  "oauth",
+  "auth_token",
+  "access_token",
+  "refresh_token",
+  "session_id",
+  "session_key",
+  "session_token",
   // MFA / OTP
-  /\botp\b/i,
-  /one[_\s-]?time[_\s-]?(?:password|code)/i,
-  /mfa[_\s-]?(?:secret|seed|code|token)/i,
-  /two[_\s-]?factor[_\s-]?(?:code|token)/i,
-  /\b2fa[_\s-]?(?:code|token)?\b/i,
-  /recovery[_\s-]?code/i,
-  /backup[_\s-]?code/i
-];
-function segmentMatchesSensitive(segment) {
-  if (typeof segment !== "string") return false;
-  for (const pattern of SENSITIVE_NAME_PATTERNS) {
-    if (pattern.test(segment)) return true;
+  "otp",
+  "one_time_password",
+  "one_time_code",
+  "mfa_secret",
+  "mfa_seed",
+  "mfa_code",
+  "mfa_token",
+  "two_factor_code",
+  "two_factor_token",
+  "2fa",
+  "2fa_code",
+  "2fa_token",
+  "recovery_code",
+  "backup_code"
+]);
+const WORD_BOUNDARY_THRESHOLD = 5;
+function escapeRegex(s) {
+  return s.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+}
+function nameToRegex(name) {
+  const parts = name.split(/[_\s-]/).filter((p) => p.length > 0);
+  if (parts.length === 0) {
+    return /(?!)/;
   }
-  return false;
-}
-function isSensitivePath(path) {
-  if (typeof path !== "string") {
-    for (const segment of path) {
-      if (segmentMatchesSensitive(segment)) return true;
+  const escaped = parts.map(escapeRegex).join("[_\\s-]?");
+  const compactLength = parts.reduce((sum, p) => sum + p.length, 0);
+  const useBoundary = compactLength <= WORD_BOUNDARY_THRESHOLD;
+  const source = useBoundary ? `\\b${escaped}\\b` : escaped;
+  return new RegExp(source, "i");
+}
+function namesToPatterns(names) {
+  const patterns = [];
+  for (const name of names) {
+    if (typeof name !== "string" || name.length === 0) continue;
+    patterns.push(nameToRegex(name));
+  }
+  return patterns;
+}
+const DEFAULT_PATTERNS = namesToPatterns(DEFAULT_SENSITIVE_NAMES);
+function createSegmentMatchesSensitive(names = DEFAULT_SENSITIVE_NAMES) {
+  const patterns = names === DEFAULT_SENSITIVE_NAMES ? DEFAULT_PATTERNS : namesToPatterns(names);
+  return (segment) => {
+    if (typeof segment !== "string") return false;
+    for (const p of patterns) {
+      if (p.test(segment)) return true;
     }
     return false;
-  }
-  if (path.startsWith("[")) {
-    try {
-      const parsed = JSON.parse(path);
-      if (Array.isArray(parsed)) {
-        for (const segment of parsed) {
-          if (segmentMatchesSensitive(segment)) return true;
+  };
+}
+function createIsSensitivePath(names = DEFAULT_SENSITIVE_NAMES) {
+  const segmentMatches = createSegmentMatchesSensitive(names);
+  return (path) => {
+    if (typeof path !== "string") {
+      for (const segment of path) {
+        if (segmentMatches(segment)) return true;
+      }
+      return false;
+    }
+    if (path.startsWith("[")) {
+      try {
+        const parsed = JSON.parse(path);
+        if (Array.isArray(parsed)) {
+          for (const segment of parsed) {
+            if (segmentMatches(segment)) return true;
+          }
+          return false;
         }
-        return false;
+      } catch {
       }
-    } catch {
     }
-  }
-  for (const segment of path.split(".")) {
-    if (segmentMatchesSensitive(segment)) return true;
-  }
-  return false;
+    for (const segment of path.split(".")) {
+      if (segmentMatches(segment)) return true;
+    }
+    return false;
+  };
 }
-function enforceSensitiveCheck(path, acknowledged) {
+const defaultSegmentMatches = createSegmentMatchesSensitive();
+const defaultIsSensitivePath = createIsSensitivePath();
+function segmentMatchesSensitive(segment) {
+  return defaultSegmentMatches(segment);
+}
+function isSensitivePath(path) {
+  return defaultIsSensitivePath(path);
+}
+function enforceSensitiveCheck(path, acknowledged, isSensitive = defaultIsSensitivePath) {
   if (acknowledged) return;
-  if (!isSensitivePath(path)) return;
+  if (!isSensitive(path)) return;
   throw new SensitivePersistFieldError(path);
 }
 
@@ -609,10 +656,25 @@ function syncPersistOptIn(el, value, oldValue) {
   }
   if (wantsOptIn) {
     const v = value;
-    enforceSensitiveCheck(v.path, v.acknowledgeSensitive);
+    enforceSensitiveCheck(v.path, v.acknowledgeSensitive, v.isSensitivePath);
     v.persistOptIns.add(elementId, v.path);
   }
 }
+function syncMultiTabOptOut(value, oldValue) {
+  const wasOptedOut = isRegisterValue(oldValue) && oldValue.unmarkNoSync !== void 0;
+  const wantsOptOut = isRegisterValue(value) && value.markNoSync !== void 0;
+  if (!wasOptedOut && !wantsOptOut) return;
+  if (wasOptedOut) {
+    const old = oldValue;
+    const samePath = wantsOptOut && value.path === old.path;
+    if (!samePath) old.unmarkNoSync?.();
+  }
+  if (wantsOptOut) {
+    const v = value;
+    const samePathOld = wasOptedOut && oldValue.path === v.path;
+    if (!samePathOld) v.markNoSync?.();
+  }
+}
 function syncElementRegistration(el, value, oldValue) {
   const wasRegistered = isRegisterValue(oldValue);
   const isRegistered = isRegisterValue(value);
@@ -1061,6 +1123,7 @@ const warnedUnsupportedElements = __DEV__ ? /* @__PURE__ */ new WeakSet() : null
 const vRegisterDynamic = {
   created(el, binding, vnode) {
     syncPersistOptIn(el, binding.value, void 0);
+    syncMultiTabOptOut(binding.value, void 0);
     callModelHook(el, binding, vnode, null, "created");
     if (__DEV__ && warnedUnsupportedElements !== null && !SUPPORTED_TAGS.has(el.tagName) && !warnedUnsupportedElements.has(el)) {
       void vue.nextTick(() => {
@@ -1082,6 +1145,7 @@ const vRegisterDynamic = {
   },
   beforeUpdate(el, binding, vnode, prevVNode) {
     syncPersistOptIn(el, binding.value, binding.oldValue);
+    syncMultiTabOptOut(binding.value, binding.oldValue);
     syncElementRegistration(el, binding.value, binding.oldValue);
     callModelHook(el, binding, vnode, prevVNode, "beforeUpdate");
   },
@@ -1092,6 +1156,7 @@ const vRegisterDynamic = {
     removeTrackedListeners(el);
     if (isRegisterValue(value)) {
       value.persistOptIns.removeAllFor(getOrAssignElementId(el));
+      value.unmarkNoSync?.();
     }
     if (!isRegisterValue(value)) return;
     value.deregisterElement(el);
@@ -1169,6 +1234,7 @@ function createAttaform(options = {}) {
 
 exports.AnonPersistError = AnonPersistError;
 exports.AttaformError = AttaformError;
+exports.DEFAULT_SENSITIVE_NAMES = DEFAULT_SENSITIVE_NAMES;
 exports.InvalidPathError = InvalidPathError;
 exports.InvalidUseFormConfigError = InvalidUseFormConfigError;
 exports.OutsideSetupError = OutsideSetupError;
@@ -1180,8 +1246,10 @@ exports.__DEV__ = __DEV__;
 exports.assignKey = assignKey;
 exports.captureUserCallSite = captureUserCallSite;
 exports.createAttaform = createAttaform;
+exports.createIsSensitivePath = createIsSensitivePath;
 exports.createPersistOptInRegistry = createPersistOptInRegistry;
 exports.createRegistry = createRegistry;
+exports.createSegmentMatchesSensitive = createSegmentMatchesSensitive;
 exports.enforceSensitiveCheck = enforceSensitiveCheck;
 exports.ensureAttaformInstalled = ensureAttaformInstalled;
 exports.getRegistryFromApp = getRegistryFromApp;
@@ -1194,4 +1262,4 @@ exports.segmentMatchesSensitive = segmentMatchesSensitive;
 exports.useRegister = useRegister;
 exports.useRegistry = useRegistry;
 exports.vRegister = vRegister;
-//# sourceMappingURL=attaform.rIRYSUI1.cjs.map
+//# sourceMappingURL=attaform.Dee2rU1P.cjs.map