evlog 2.14.0 → 2.14.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (129) hide show
  1. package/README.md +45 -15
  2. package/dist/{_http-CHSsrWDJ.mjs → _http-BY1e9pwC.mjs} +9 -2
  3. package/dist/_http-BY1e9pwC.mjs.map +1 -0
  4. package/dist/adapters/axiom.d.mts +1 -1
  5. package/dist/adapters/axiom.mjs +1 -1
  6. package/dist/adapters/axiom.mjs.map +1 -1
  7. package/dist/adapters/better-stack.d.mts +1 -1
  8. package/dist/adapters/better-stack.mjs +1 -1
  9. package/dist/adapters/better-stack.mjs.map +1 -1
  10. package/dist/adapters/datadog.d.mts +1 -1
  11. package/dist/adapters/datadog.mjs +1 -1
  12. package/dist/adapters/datadog.mjs.map +1 -1
  13. package/dist/adapters/fs.d.mts +1 -1
  14. package/dist/adapters/fs.mjs.map +1 -1
  15. package/dist/adapters/hyperdx.d.mts +1 -1
  16. package/dist/adapters/hyperdx.mjs +1 -1
  17. package/dist/adapters/otlp.d.mts +1 -1
  18. package/dist/adapters/otlp.mjs +1 -1
  19. package/dist/adapters/otlp.mjs.map +1 -1
  20. package/dist/adapters/posthog.d.mts +1 -1
  21. package/dist/adapters/posthog.mjs +1 -1
  22. package/dist/adapters/posthog.mjs.map +1 -1
  23. package/dist/adapters/sentry.d.mts +1 -1
  24. package/dist/adapters/sentry.mjs +1 -1
  25. package/dist/adapters/sentry.mjs.map +1 -1
  26. package/dist/ai/index.d.mts +1 -1
  27. package/dist/{audit-mUutdf6A.d.mts → audit-CTIviX3P.d.mts} +11 -1
  28. package/dist/audit-CTIviX3P.d.mts.map +1 -0
  29. package/dist/{audit-d9esRZOK.mjs → audit-DQoBo7Dl.mjs} +56 -13
  30. package/dist/audit-DQoBo7Dl.mjs.map +1 -0
  31. package/dist/better-auth/index.d.mts +1 -1
  32. package/dist/better-auth/index.mjs.map +1 -1
  33. package/dist/browser.d.mts +1 -1
  34. package/dist/elysia/index.d.mts +2 -2
  35. package/dist/elysia/index.mjs +2 -2
  36. package/dist/enrichers.d.mts +1 -1
  37. package/dist/enrichers.mjs.map +1 -1
  38. package/dist/{error-D1FZI2Kd.d.mts → error-C7gSQVqk.d.mts} +2 -2
  39. package/dist/{error-D1FZI2Kd.d.mts.map → error-C7gSQVqk.d.mts.map} +1 -1
  40. package/dist/error.d.mts +1 -1
  41. package/dist/{errors-NIXCyk6I.d.mts → errors-4MPmTzjY.d.mts} +2 -2
  42. package/dist/{errors-NIXCyk6I.d.mts.map → errors-4MPmTzjY.d.mts.map} +1 -1
  43. package/dist/express/index.d.mts +2 -2
  44. package/dist/express/index.mjs +2 -2
  45. package/dist/fastify/index.d.mts +2 -2
  46. package/dist/fastify/index.mjs +2 -2
  47. package/dist/{fork-CTJXnpl8.mjs → fork-D1j1Fuzy.mjs} +3 -3
  48. package/dist/{fork-CTJXnpl8.mjs.map → fork-D1j1Fuzy.mjs.map} +1 -1
  49. package/dist/hono/index.d.mts +2 -2
  50. package/dist/hono/index.mjs +1 -1
  51. package/dist/http.d.mts +1 -1
  52. package/dist/http.d.mts.map +1 -1
  53. package/dist/http.mjs +3 -2
  54. package/dist/http.mjs.map +1 -1
  55. package/dist/index.d.mts +6 -6
  56. package/dist/index.mjs +1 -1
  57. package/dist/{logger-b3epPH0N.d.mts → logger-DttRJRGa.d.mts} +21 -2
  58. package/dist/logger-DttRJRGa.d.mts.map +1 -0
  59. package/dist/logger.d.mts +1 -1
  60. package/dist/logger.mjs +1 -1
  61. package/dist/{middleware-BYf26Lfu.d.mts → middleware-CTnDsST-.d.mts} +2 -2
  62. package/dist/{middleware-BYf26Lfu.d.mts.map → middleware-CTnDsST-.d.mts.map} +1 -1
  63. package/dist/{middleware-BWOJ7JI0.mjs → middleware-oAccqyPp.mjs} +2 -2
  64. package/dist/{middleware-BWOJ7JI0.mjs.map → middleware-oAccqyPp.mjs.map} +1 -1
  65. package/dist/nestjs/index.d.mts +2 -2
  66. package/dist/nestjs/index.mjs +2 -2
  67. package/dist/next/client.d.mts +1 -1
  68. package/dist/next/index.d.mts +4 -4
  69. package/dist/next/index.mjs +2 -2
  70. package/dist/next/index.mjs.map +1 -1
  71. package/dist/next/instrumentation.d.mts +1 -1
  72. package/dist/next/instrumentation.mjs +1 -1
  73. package/dist/next/instrumentation.mjs.map +1 -1
  74. package/dist/nitro/errorHandler.mjs.map +1 -1
  75. package/dist/nitro/module.d.mts +2 -2
  76. package/dist/nitro/plugin.mjs +1 -1
  77. package/dist/nitro/plugin.mjs.map +1 -1
  78. package/dist/nitro/v3/index.d.mts +2 -2
  79. package/dist/nitro/v3/middleware.mjs.map +1 -1
  80. package/dist/nitro/v3/module.d.mts +1 -1
  81. package/dist/nitro/v3/plugin.mjs +1 -1
  82. package/dist/nitro/v3/plugin.mjs.map +1 -1
  83. package/dist/nitro/v3/useLogger.d.mts +1 -1
  84. package/dist/nitro/v3/useLogger.mjs.map +1 -1
  85. package/dist/{nitro-DenB86W6.d.mts → nitro-CPPRCPbG.d.mts} +2 -2
  86. package/dist/{nitro-DenB86W6.d.mts.map → nitro-CPPRCPbG.d.mts.map} +1 -1
  87. package/dist/nuxt/module.d.mts +1 -1
  88. package/dist/nuxt/module.mjs +1 -1
  89. package/dist/{parseError-BR9pocvY.d.mts → parseError-o1GpZEOR.d.mts} +2 -2
  90. package/dist/parseError-o1GpZEOR.d.mts.map +1 -0
  91. package/dist/pipeline.mjs.map +1 -1
  92. package/dist/react-router/index.d.mts +2 -2
  93. package/dist/react-router/index.mjs +2 -2
  94. package/dist/runtime/client/log.d.mts +1 -1
  95. package/dist/runtime/client/log.mjs +2 -2
  96. package/dist/runtime/client/log.mjs.map +1 -1
  97. package/dist/runtime/client/plugin.mjs.map +1 -1
  98. package/dist/runtime/server/routes/_evlog/ingest.post.mjs +1 -1
  99. package/dist/runtime/server/routes/_evlog/ingest.post.mjs.map +1 -1
  100. package/dist/runtime/server/useLogger.d.mts +1 -1
  101. package/dist/runtime/server/useLogger.mjs.map +1 -1
  102. package/dist/runtime/utils/parseError.d.mts +2 -2
  103. package/dist/source-location-DRvDDqfq.mjs.map +1 -1
  104. package/dist/sveltekit/index.d.mts +2 -2
  105. package/dist/sveltekit/index.mjs +2 -2
  106. package/dist/sveltekit/index.mjs.map +1 -1
  107. package/dist/toolkit.d.mts +3 -3
  108. package/dist/toolkit.mjs +2 -2
  109. package/dist/types.d.mts +1 -1
  110. package/dist/{useLogger-C56tDPwf.d.mts → useLogger-CyPP1sVB.d.mts} +2 -2
  111. package/dist/{useLogger-C56tDPwf.d.mts.map → useLogger-CyPP1sVB.d.mts.map} +1 -1
  112. package/dist/{utils-DzGCLRFe.d.mts → utils-Dmin7wVL.d.mts} +4 -3
  113. package/dist/utils-Dmin7wVL.d.mts.map +1 -0
  114. package/dist/utils.d.mts +2 -2
  115. package/dist/utils.mjs +7 -1
  116. package/dist/utils.mjs.map +1 -1
  117. package/dist/vite/index.d.mts +1 -1
  118. package/dist/vite/index.mjs.map +1 -1
  119. package/dist/workers.d.mts +48 -4
  120. package/dist/workers.d.mts.map +1 -1
  121. package/dist/workers.mjs +32 -5
  122. package/dist/workers.mjs.map +1 -1
  123. package/package.json +17 -21
  124. package/dist/_http-CHSsrWDJ.mjs.map +0 -1
  125. package/dist/audit-d9esRZOK.mjs.map +0 -1
  126. package/dist/audit-mUutdf6A.d.mts.map +0 -1
  127. package/dist/logger-b3epPH0N.d.mts.map +0 -1
  128. package/dist/parseError-BR9pocvY.d.mts.map +0 -1
  129. package/dist/utils-DzGCLRFe.d.mts.map +0 -1
package/dist/{audit-mUutdf6A.d.mts → audit-CTIviX3P.d.mts} RENAMED
@@ -700,6 +700,16 @@ interface RequestLoggerOptions {
700
700
  method?: string;
701
701
  path?: string;
702
702
  requestId?: string;
703
+ /**
704
+ * Registers async drain work with the host runtime so it can finish after the
705
+ * HTTP response is returned. Required on **Cloudflare Workers** (and similar
706
+ * edge runtimes): without this, `initLogger({ drain })` + `log.emit()` may
707
+ * never complete outbound HTTP to observability backends.
708
+ *
709
+ * Pass the same function you would pass to `ExecutionContext#waitUntil`, e.g.
710
+ * `context.waitUntil.bind(context)` from a Workers `fetch` handler.
711
+ */
712
+ waitUntil?: (promise: Promise<unknown>) => void;
703
713
  }
704
714
  /**
705
715
  * H3 event context with evlog logger attached
@@ -1127,4 +1137,4 @@ declare function signed(drain: DrainFn, options: SignedOptions): DrainFn;
1127
1137
  declare const auditRedactPreset: RedactConfig;
1128
1138
  //#endregion
1129
1139
  export { SamplingRates as $, AuditFields as A, H3EventContext as B, buildAuditFields as C, withAudit as D, signed as E, DrainContext as F, LoggerConfig as G, InternalFields as H, EnrichContext as I, RequestLogEntry as J, ParsedError as K, EnvironmentContext as L, AuditTarget as M, BaseWideEvent as N, withAuditMethods as O, DeepPartial as P, SamplingConfig as Q, ErrorOptions as R, auditRedactPreset as S, mockAudit as T, Log as U, IngestPayload as V, LogLevel as W, RequestLoggerOptions as X, RequestLogger as Y, RouteConfig as Z, WithAuditOptions as _, AuditInput as a, auditEnricher as b, AuditOnlyOptions as c, DefinedAuditAction as d, ServerEvent as et, DrainFn as f, WithAuditContext as g, SignedOptions as h, AuditEnricherOptions as i, WideEvent as it, AuditLoggerMethod as j, AuditActor as k, AuditPatchOp as l, SignedChainState as m, AuditDeniedError as n, TailSamplingContext as nt, AuditMatcher as o, MockAudit as p, RedactConfig as q, AuditDiffOptions as r, TransportConfig as rt, AuditMethod as s, AUDIT_SCHEMA_VERSION as t, TailSamplingCondition as tt, AuditableLogger as u, audit as v, defineAuditAction as w, auditOnly as x, auditDiff as y, FieldContext as z };
1130
- //# sourceMappingURL=audit-mUutdf6A.d.mts.map
1140
+ //# sourceMappingURL=audit-CTIviX3P.d.mts.map
package/dist/audit-CTIviX3P.d.mts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"audit-CTIviX3P.d.mts","names":[],"sources":["../src/types.ts","../src/audit.ts"],"mappings":";;YAGY,iBAAA;IAqpBc;;;;;;;;;;;;;IAvoBtB,iBAAA,GAAoB,GAAA,EAAK,mBAAA,YAA+B,OAAA;IAAA;;;;;;;;;;;IAaxD,cAAA,GAAiB,GAAA,EAAK,aAAA,YAAyB,OAAA;IAkBK;;;;;;;;;;;;;;;;IAApD,aAAA,GAAgB,GAAA,EAAK,YAAA,YAAwB,OAAA;EAAA;AAAA;AAAA;EAAA,UAKrC,iBAAA;IACR,iBAAA,GAAoB,GAAA,EAAK,mBAAA,YAA+B,OAAA;IACxD,cAAA,GAAiB,GAAA,EAAK,aAAA,YAAyB,OAAA;IAC/C,aAAA,GAAgB,GAAA,EAAK,YAAA,YAAwB,OAAA;EAAA;AAAA;;AAOjD;;UAAiB,eAAA;EAiBiB;;;;EAZhC,OAAA;EAYgC;;AAMlC;;EAZE,QAAA;EAY4B;;;;EAN5B,WAAA,GAAc,kBAAA;AAAA;AAmBhB;;;AAAA,UAbiB,aAAA;EACf,SAAA;EACA,KAAA;EAAA,CACC,GAAA;AAAA;;;;;;;;UAUc,YAAA;EAqBJ;EAnBX,KAAA;EAmB2B;EAjB3B,QAAA,GAAW,MAAA;EAiB6B;AAM1C;;;;;;;EAdE,QAAA,WAAmB,KAAA;EAsBd;;AAOP;;;EAvBE,WAAA;EAyBA;EAvBA,QAAA,GAAW,KAAA,EAAO,MAAA,GAAS,KAAA;AAAA;;;AAkC7B;UA5BiB,aAAA;;EAEf,IAAA;EA4BA;EA1BA,IAAA;EA8BA;EA5BA,KAAA;EAgCA;EA9BA,KAAA;AAAA;;;AA0CF;;UAnCiB,qBAAA;EAqCR;EAnCP,MAAA;EA+CY;EA7CZ,QAAA;EA6CkB;EA3ClB,IAAA;AAAA;;;;;UAOe,mBAAA;EAgCL;EA9BV,MAAA;EAiCE;EA/BF,QAAA;EAgCY;EA9BZ,IAAA;EA8BkB;EA5BlB,MAAA;EAoC2B;EAlC3B,OAAA,EAAS,MAAA;EA4CO;;;;EAvChB,UAAA;AAAA;;;;;UAOe,aAAA;EAsCA;EApCf,KAAA,EAAO,SAAA;;EAEP,OAAA;IACE,MAAA;IACA,IAAA;IACA,SAAA;EAAA;EAqE0B;EAlE5B,OAAA,GAAU,MAAA;EAwEK;EAtEf,QAAA;IACE,MAAA;IACA,OAAA,GAAU,MAAA;EAAA;AAAA;;;;;UAQG,YAAA;EA0Ef;EAxEA,KAAA,EAAO,SAAA;EA4EP;EA1EA,OAAA;IACE,MAAA;IACA,IAAA;IACA,SAAA;EAAA;EAqFY;EAlFd,OAAA,GAAU,MAAA;AAAA;;;;UAMK,cAAA;EAqK8B;;;;;;;;;;;;;;;;;;EAlJ7C,KAAA,GAAQ,aAAA;EAoJR;;;AAWF;;;;;;;;;;;;;;EA5IE,IAAA,GAAO,qBAAA;AAAA;;;;UAMQ,WAAA;EA2Jd;EAzJD,OAAA;AAAA;AAgLF;;;AAAA,UA1KiB,kBAAA;EA4Kf;EA1KA,OAAA;EA2KO;EAzKP,WAAA;EA0KS;EAxKT,OAAA;EA2KA;EAzKA,UAAA;EA2KY;EAzKZ,MAAA;AAAA;;;;UAMe,YAAA;EA8Kb;;;;;EAxKF,OAAA;EAgLA;EA9KA,GAAA,GAAM,OAAA,CAAQ,kBAAA;EAkLd;EAhLA,MAAA;EAgLI;EA9KJ,QAAA,GAAW,cAAA;EAuLiB;;;;;;EAhL5B,QAAA,GAAW,QAAA;EAqLX;;;;;EA/KA,SAAA;EAkLmB;AAMrB;;;;;AAMA;EAtLE,MAAA;EAsLqB;;;;;;;;;;;;;;;;;;;;;;;;;AAUvB;;;;;;EAhKE,MAAA,aAAmB,YAAA;EAmKL;;;;;AAUhB;;;;;;;;;AAYA;;;;;;;;;;;;;;;;;EAzJE,KAAA,IAAS,GAAA,EAAK,YAAA,YAAwB,OAAA;EA0JqB;EAxJ3D,qBAAA;AAAA;;;;;;;;;UAWe,UAAA;EACf,IAAA;EACA,EAAA;EACA,WAAA;EACA,KAAA;EACA,KAAA;EACA,KAAA;EACA,MAAA;EACA,QAAA;AAAA;;;;;;;;UAUe,WAAA;EACf,IAAA;EACA,EAAA;EAAA,CACC,GAAA;AAAA;;;;;;;;;;;;;;;;;;;;;UAuBc,WAAA;EAkLG;EAhLlB,MAAA;EACA,KAAA,EAAO,UAAA;EACP,MAAA,GAAS,WAAA;EACT,OAAA;EAkMwC;EAhMxC,MAAA;EAwNA;EAtNA,OAAA;IAAY,MAAA;IAAkB,KAAA;EAAA;EA0NE;EAxNhC,WAAA;EAwNgC;EAtNhC,aAAA;EAwN8B;EAtN9B,OAAA;EAsNkC;EApNlC,cAAA;EAmNC;EAjND,OAAA;IACE,SAAA;IACA,OAAA;IACA,EAAA;IACA,SAAA;IACA,QAAA;IAAA,CACC,GAAA;EAAA;EAkNe;EA/MlB,SAAA;EA+MkB;EA7MlB,QAAA;EAwNe;EAtNf,IAAA;AAAA;;;;;;;UASe,aAAA;EACf,SAAA;EACA,KAAA;EACA,OAAA;EACA,WAAA;EACA,OAAA;EACA,UAAA;EACA,MAAA;EACA,KAAA,GAAQ,WAAA;AAAA;;;;KAME,SAAA,GAAY,aAAA,GAAgB,MAAA;;;;;KAM5B,WAAA,MAAiB,CAAA,SAAU,KAAA,YACnC,CAAA,GACA,CAAA,gCACgB,CAAA,IAAK,WAAA,CAAY,CAAA,CAAE,CAAA,OACjC,CAAA;;;;;UAMW,cAAA;EACf,MAAA;EACA,OAAA;EACA,WAAA,GAAc,eAAA;EAkOG;EAhOjB,SAAA;EAmNA;EAjNA,gBAAA;AAAA;;;;UAMe,eAAA;EACf,KAAA;EACA,OAAA;EACA,SAAA;AAAA;;;;;;;KASU,YAAA,oBAAgC,MAAA,qBAC1C,WAAA,CAAY,IAAA,CAAK,CAAA,QAAS,cAAA,KAAmB,cAAA;;;;;AAoO/C;;;;;;;;;;;;;;AAgBA;;;;;;;;;;;;;;;;;UA/MiB,aAAA,oBAAiC,MAAA;EA0N9C;;;;;;;;EAjNF,GAAA,GAAM,OAAA,EAAS,YAAA,CAAa,CAAA;EAoNT;AAMrB;;;;EAnNE,KAAA,GAAQ,KAAA,EAAO,KAAA,WAAgB,OAAA,GAAU,YAAA,CAAa,CAAA;EAqNtD;;;;;EA9MA,IAAA,GAAO,OAAA,UAAiB,OAAA,GAAU,YAAA,CAAa,CAAA;EAkN5C;;;;AC5xBL;EDilBE,IAAA,GAAO,OAAA,UAAiB,OAAA,GAAU,YAAA,CAAa,CAAA;;;;ACxkBjD;;;;EDilBE,IAAA,GAAO,SAAA,GAAY,YAAA,CAAa,CAAA;IAAO,UAAA;EAAA,MAA2B,SAAA;EC3kB7C;;;EDglBrB,UAAA,QAAkB,YAAA,CAAa,CAAA,IAAK,MAAA;ECplB7B;;;;;;;;;;;;;AAuET;;;;;;EDkiBE,IAAA,IAAQ,KAAA,UAAe,EAAA,eAAiB,OAAA;ECliBsB;;AA4ChE;;;;;;;;;;;;;;;;;;;AA+BA;ED+eE,KAAA,GAAQ,iBAAA;AAAA;;UAIO,iBAAA;EAAA,CACd,KAAA,EAD+B,UAAA;EAEhC,IAAA,GAAO,MAAA,UAAgB,KAAA,EAAO,IAAA,CADM,UAAA;AAAA;;;;KAO1B,QAAA;;;;;;;;ACxfZ;;UDmgBiB,GAAA;ECngB+B;;;;;EDygB9C,IAAA,CAAK,GAAA,UAAa,OAAA;EAClB,IAAA,CAAK,KAAA,EAAO,MAAA;EC1gBkC;;;;;EDihB9C,KAAA,CAAM,GAAA,UAAa,OAAA;EACnB,KAAA,CAAM,KAAA,EAAO,MAAA;EC3gBU;;;AAsBzB;;ED4fE,IAAA,CAAK,GAAA,UAAa,OAAA;EAClB,IAAA,CAAK,KAAA,EAAO,MAAA;EC7fe;;;;;EDogB3B,KAAA,CAAM,GAAA,UAAa,OAAA;EACnB,KAAA,CAAM,KAAA,EAAO,MAAA;AAAA;;;;UAME,YAAA;ECzeuC;ED2etD,OAAA;EC3eiE;ED6ejE,MAAA;EC5esB;ED8etB,GAAA;EC9e2C;EDgf3C,GAAA;EChfkD;EDkflD,IAAA;ECrfgC;EDufhC,KAAA,GAAQ,KAAA;ECtfkB;;;;ED2f1B,QAAA,GAAW,MAAA;AAAA;;;;UAMI,oBAAA;EACf,MAAA;EACA,IAAA;EACA,SAAA;EClgBiB;;;;;AAqCnB;;;;EDueE,SAAA,IAAa,OAAA,EAAS,OAAA;AAAA;;;;UAMP,cAAA;EACf,GAAA,GAAM,aAAA;EACN,SAAA;EACA,MAAA;ECpegC;EDsehC,eAAA;ECtesD;EDwetD,aAAA;EC1egC;ED4ehC,gBAAA;EAAA,CACC,GAAA;AAAA;;;;UAMc,WAAA;EACf,MAAA;EACA,IAAA;EACA,OAAA,EAAS,cAAA;IC5eF,yED8eL,UAAA;MACE,OAAA;QACE,SAAA,GAAY,OAAA,EAAS,OAAA;MAAA;IAAA,GC9ed;IDkfX,SAAA,IAAa,OAAA,EAAS,OAAA;EAAA;EAExB,IAAA;IAAS,GAAA;MAAQ,UAAA;IAAA;EAAA;EACjB,QAAA,GAAW,QAAA;AAAA;;;;UAMI,WAAA;EACf,OAAA;EACA,MAAA;EACA,GAAA;EACA,GAAA;EACA,IAAA;EACA,GAAA;AAAA;;;AA3IwB;;;;AAAA,cCjpBb,oBAAA;;;;;;;;UASI,UAAA;EACf,MAAA;EACA,KAAA,EAAO,UAAA;EACP,MAAA,GAAS,WAAA;EACT,OAAA,GAAU,WAAA;EACV,MAAA;EACA,OAAA,GAAU,WAAA;EACV,WAAA;EACA,aAAA;EACA,OAAA;AAAA;;;;;ADuBsD;;;;iBCyCxC,gBAAA,CAAiB,KAAA,EAAO,UAAA,GAAa,WAAA;;;;;;;;;;;;;;;;;;;iBA4CrC,gBAAA,oBAAoC,MAAA,kBAAA,CAAyB,MAAA,EAAQ,aAAA,CAAc,CAAA,IAAK,eAAA,CAAgB,CAAA;;;;KA+B5G,eAAA,oBAAmC,MAAA,qBAA2B,aAAA,CAAc,CAAA;EAAO,KAAA,EAAO,WAAA,CAAY,CAAA;AAAA;;UAGjG,WAAA,oBAA+B,MAAA;EAAA,CAC7C,KAAA,EAAO,UAAA;EDxFR;;;;AAMF;ECwFE,IAAA,GAAO,MAAA,UAAgB,KAAA,EAAO,IAAA,CAAK,UAAA;AAAA;;;;;;;AD3ErC;;;;;;;;;;;;;iBCiGgB,KAAA,CAAM,KAAA,EAAO,UAAA,GAAa,SAAA;;;;;;;;ADtE1C;;;;;;;;;;AAeA;;;;;;;iBCuFgB,SAAA,iBAAA,CACd,OAAA,EAAS,gBAAA,CAAiB,MAAA,GAC1B,EAAA,GAAK,KAAA,EAAO,MAAA,EAAQ,GAAA,EAAK,gBAAA,KAAqB,OAAA,CAAQ,OAAA,IAAW,OAAA,IAC/D,KAAA,EAAO,MAAA,EAAQ,GAAA,EAAK,gBAAA,KAAqB,OAAA,CAAQ,OAAA;;AD7ErD;;;;cCkHa,gBAAA,SAAyB,KAAA;cAExB,MAAA;AAAA;;UAQG,gBAAA;EACf,MAAA;EACA,MAAA,GAAS,WAAA,KAAgB,KAAA,EAAO,MAAA,KAAW,WAAA;AAAA;;ADxG7C;;;UC+GiB,gBAAA;EACf,KAAA,EAAO,UAAA;EACP,WAAA;EACA,aAAA;AAAA;;;;;;;;;;;;;;;AD5FF;;;;;iBCkHgB,SAAA,CACd,MAAA,WACA,KAAA,WACA,OAAA,GAAS,gBAAA;EACN,MAAA;EAAkB,KAAA;EAAiB,KAAA,EAAO,YAAA;AAAA;;UAkE9B,YAAA;EACf,EAAA;EACA,IAAA;EACA,KAAA;AAAA;;UAIe,gBAAA;ED5Jf;EC8JA,WAAA;ED3IA;EC6IA,WAAA;ED7I4B;EC+I5B,aAAA;EDzIe;EC2If,YAAA;AAAA;;;ADnIF;;;;;;;;;;;AAgBA;;;;;iBCwIgB,iBAAA,oDAAA,CACd,MAAA,UACA,OAAA;EAAY,MAAA,GAAS,WAAA;AAAA,IACpB,kBAAA,CAAmB,WAAA;;;;;KAkBV,kBAAA,4CACV,KAAA,EAAO,WAAA,kBACH,IAAA,CAAK,UAAA;EAAqC,MAAA,GAAS,IAAA,CAAK,WAAA;IAAyB,IAAA,GAAO,WAAA;EAAA;AAAA,IACxF,IAAA,CAAK,UAAA,gBACN,UAAA;;;;;;;;;;;;;;;;ADnDL;;;;;;;;iBC4EgB,SAAA,CAAA,GAAa,SAAA;;UAmBZ,SAAA;EACf,MAAA,EAAQ,WAAA;EACR,OAAA;EACA,gBAAA,GAAmB,OAAA,EAAS,YAAA;AAAA;;UAIb,YAAA;EACf,MAAA,YAAkB,MAAA;EAClB,OAAA,GAAU,WAAA;EACV,KAAA,GAAQ,OAAA,CAAQ,UAAA;EAChB,MAAA,GAAS,OAAA,CAAQ,WAAA;AAAA;;UAqDF,6BAAA;ED1Ge;EC4G9B,UAAA,GAAa,GAAA,EAAK,aAAA,KAAkB,OAAA,CAAQ,UAAA,uBAAiC,UAAA;AAAA;;UAI9D,oBAAA;EDtGf;;;;EC2GA,QAAA,IAAY,GAAA,EAAK,aAAA;EDtGf;;;;EC2GF,MAAA,GAAS,6BAAA;EDnGL;ECqGJ,SAAA;AAAA;;;;;;;;;;;;;;;AD9EF;iBCgGgB,aAAA,CAAc,OAAA,GAAS,oBAAA,IAA6B,GAAA,EAAK,aAAA,YAAyB,OAAA;;UA6CjF,gBAAA;ED7I6B;AAM9C;;;;EC6IE,KAAA;AAAA;;KAIU,OAAA,IAAW,GAAA,EAAK,YAAA,YAAwB,OAAA;;;;;;;;;;;;;;;;;;;;ADvIpD;;;;;iBCiKgB,SAAA,CAAU,KAAA,EAAO,OAAA,EAAS,OAAA,GAAS,gBAAA,GAAwB,OAAA;;UAY1D,gBAAA;EDxKf;EC0KA,IAAA,QAAY,OAAA;EDxKI;EC0KhB,IAAA,GAAO,IAAA,aAAiB,OAAA;AAAA;;KAId,aAAA;EACN,QAAA;EAAkB,MAAA;EAAgB,SAAA;AAAA;EAClC,QAAA;EAAwB,KAAA,GAAQ,gBAAA;EAAkB,SAAA;AAAA;;;;;;;;;;;;;;;;;;;ADxHxD;;;;;;;;iBCoJgB,MAAA,CAAO,KAAA,EAAO,OAAA,EAAS,OAAA,EAAS,aAAA,GAAgB,OAAA;;;;;;;;;;;;;;;;;cAwHnD,iBAAA,EAAmB,YAAA"}
package/dist/{audit-d9esRZOK.mjs → audit-DQoBo7Dl.mjs} RENAMED
@@ -1,4 +1,4 @@
1
- import { colors, cssColors, detectEnvironment, escapeFormatString, formatDuration, getConsoleMethod, getCssLevelColor, getLevelColor, isClient, isDev, isLevelEnabled, matchesPattern } from "./utils.mjs";
1
+ import { colors, cssColors, detectEnvironment, escapeFormatString, formatDuration, getConsoleMethod, getCssLevelColor, getLevelColor, isBrowser, isDev, isLevelEnabled, matchesPattern } from "./utils.mjs";
2
2
  //#region src/redact.ts
3
3
  const DEFAULT_REPLACEMENT = "[REDACTED]";
4
4
  /**
@@ -6,10 +6,12 @@ const DEFAULT_REPLACEMENT = "[REDACTED]";
6
6
  * Each builtin preserves just enough signal for debugging while scrubbing PII.
7
7
  */
8
8
  const builtinPatterns = {
9
+ /** Credit card numbers → ****1111 (PCI DSS: last 4 allowed) */
9
10
  creditCard: {
10
11
  pattern: /\b\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}\b/g,
11
12
  mask: (m) => `****${m.replace(/[\s-]/g, "").slice(-4)}`
12
13
  },
14
+ /** Email addresses → a***@***.com */
13
15
  email: {
14
16
  pattern: /[\w.+-]+@[\w-]+\.[\w.]+/g,
15
17
  mask: (m) => {
@@ -18,10 +20,20 @@ const builtinPatterns = {
18
20
  return `${m[0]}***@***${tld}`;
19
21
  }
20
22
  },
23
+ /** IPv4 addresses → ***.***.***.100 (last octet only) */
21
24
  ipv4: {
22
25
  pattern: /\b(?!0\.0\.0\.0\b)(?!127\.0\.0\.1\b)\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/g,
23
26
  mask: (m) => `***.***.***.${m.split(".").pop()}`
24
27
  },
28
+ /**
29
+ * International phone numbers → `+33******78` (country code + last 2 digits).
30
+ *
31
+ * Requires an explicit phone signal (`+countryCode` prefix or `(areaCode)`
32
+ * parens) to avoid false positives on digit-rich identifiers (UUIDs,
33
+ * idempotency keys, order ids, hex hashes). Bare digit runs like `12345678`
34
+ * are intentionally not matched — opt in via custom `patterns` if your app
35
+ * stores phones in unformatted form.
36
+ */
25
37
  phone: {
26
38
  pattern: /(?:\+\d{1,3}[\s.-]?\(?\d{1,4}\)?|\(\d{1,4}\))(?:[\s.-]?\d{2,4}){2,4}\b/g,
27
39
  mask: (m) => {
@@ -34,14 +46,17 @@ const builtinPatterns = {
34
46
  return "***";
35
47
  }
36
48
  },
49
+ /** JWT tokens → eyJ***.*** */
37
50
  jwt: {
38
51
  pattern: /\beyJ[\w-]*\.[\w-]*\.[\w-]*\b/g,
39
52
  mask: () => "eyJ***.***"
40
53
  },
54
+ /** Bearer tokens → Bearer *** */
41
55
  bearer: {
42
56
  pattern: /\bBearer\s+[\w\-.~+/]{8,}=*/gi,
43
57
  mask: () => "Bearer ***"
44
58
  },
59
+ /** IBAN → FR76****189 (country + check digits + last 3) */
45
60
  iban: {
46
61
  pattern: /\b[A-Z]{2}\d{2}[\s-]?[\dA-Z]{4}[\s-]?[\dA-Z]{4}[\s-]?[\dA-Z]{4}[\s-]?[\dA-Z]{0,4}[\s-]?[\dA-Z]{0,4}[\s-]?[\dA-Z]{0,4}\b/g,
47
62
  mask: (m) => {
@@ -288,7 +303,8 @@ function shouldKeep(ctx) {
288
303
  return false;
289
304
  });
290
305
  }
291
- function emitWideEvent(level, event, deferDrain = false, ownsEvent = false) {
306
+ function emitWideEvent(level, event, options = {}) {
307
+ const { deferDrain = false, ownsEvent = false, waitUntil } = options;
292
308
  if (!globalEnabled) return null;
293
309
  if (!ownsEvent) {
294
310
  if (!isLevelEnabled(level, globalMinLevel)) return null;
@@ -315,9 +331,12 @@ function emitWideEvent(level, event, deferDrain = false, ownsEvent = false) {
315
331
  if (!globalSilent) if (globalPretty) prettyPrintWideEvent(formatted);
316
332
  else if (globalStringify) console[getConsoleMethod(level)](JSON.stringify(formatted));
317
333
  else console[getConsoleMethod(level)](formatted);
318
- if (globalDrain && !deferDrain) Promise.resolve(globalDrain({ event: formatted })).catch((err) => {
319
- console.error("[evlog] drain failed:", err);
320
- });
334
+ if (globalDrain && !deferDrain) {
335
+ const drainPromise = Promise.resolve(globalDrain({ event: formatted })).catch((err) => {
336
+ console.error("[evlog] drain failed:", err);
337
+ });
338
+ if (waitUntil) waitUntil(drainPromise);
339
+ }
321
340
  return formatted;
322
341
  }
323
342
  function emitTaggedLog(level, tag, message) {
@@ -325,7 +344,7 @@ function emitTaggedLog(level, tag, message) {
325
344
  if (globalPretty && !globalSilent) {
326
345
  if (!isLevelEnabled(level, globalMinLevel)) return;
327
346
  if (!shouldSample(level)) return;
328
- if (isClient()) {
347
+ if (isBrowser()) {
329
348
  const levelColor = getCssLevelColor(level);
330
349
  const timestamp = isoNow().slice(11, 23);
331
350
  console.log(`%c${timestamp}%c %c[${escapeFormatString(tag)}]%c ${escapeFormatString(message)}`, cssColors.dim, cssColors.reset, levelColor, cssColors.reset);
@@ -491,7 +510,7 @@ function buildAIEntries(ai) {
491
510
  function prettyPrintWideEvent(event) {
492
511
  const { timestamp, level, service, environment, version, ...rest } = event;
493
512
  const ts = timestamp.slice(11, 23);
494
- const browser = isClient();
513
+ const browser = isBrowser();
495
514
  const parts = [];
496
515
  const styles = [];
497
516
  if (browser) {
@@ -606,6 +625,7 @@ const noopLogger = {
606
625
  function createLogger(initialContext = {}, internalOptions) {
607
626
  if (!globalEnabled) return noopLogger;
608
627
  const deferDrain = internalOptions?._deferDrain ?? false;
628
+ const waitUntil = internalOptions?.waitUntil;
609
629
  const startTime = Date.now();
610
630
  const context = { ...initialContext };
611
631
  let hasError = false;
@@ -721,7 +741,11 @@ function createLogger(initialContext = {}, internalOptions) {
721
741
  for (const key in obj) if (key !== "_forceKeep") context[key] = obj[key];
722
742
  }
723
743
  context.duration = formatDuration(durationMs);
724
- const wide = emitWideEvent(level, context, deferDrain, true);
744
+ const wide = emitWideEvent(level, context, {
745
+ deferDrain,
746
+ ownsEvent: true,
747
+ waitUntil
748
+ });
725
749
  emitted = true;
726
750
  return wide;
727
751
  },
@@ -741,13 +765,32 @@ function createLogger(initialContext = {}, internalOptions) {
741
765
  * log.set({ cart: { items: 3 } })
742
766
  * log.emit()
743
767
  * ```
768
+ *
769
+ * @example Cloudflare Workers — pass `waitUntil` so `initLogger({ drain })` completes after the response:
770
+ * ```ts
771
+ * export default {
772
+ * async fetch(request, env, ctx) {
773
+ * const log = createRequestLogger({
774
+ * method: request.method,
775
+ * path: new URL(request.url).pathname,
776
+ * waitUntil: ctx.waitUntil.bind(ctx),
777
+ * })
778
+ * log.emit()
779
+ * return new Response('ok')
780
+ * },
781
+ * }
782
+ * ```
744
783
  */
745
784
  function createRequestLogger(options = {}, internalOptions) {
785
+ const { method, path, requestId, waitUntil: optionsWaitUntil } = options;
746
786
  const initial = {};
747
- if (options.method !== void 0) initial.method = options.method;
748
- if (options.path !== void 0) initial.path = options.path;
749
- if (options.requestId !== void 0) initial.requestId = options.requestId;
750
- return createLogger(initial, internalOptions);
787
+ if (method !== void 0) initial.method = method;
788
+ if (path !== void 0) initial.path = path;
789
+ if (requestId !== void 0) initial.requestId = requestId;
790
+ return createLogger(initial, {
791
+ ...internalOptions,
792
+ waitUntil: internalOptions?.waitUntil ?? optionsWaitUntil
793
+ });
751
794
  }
752
795
  /**
753
796
  * Get the current environment context.
@@ -1437,4 +1480,4 @@ const auditRedactPreset = { paths: [
1437
1480
  //#endregion
1438
1481
  export { shouldKeep as C, resolveRedactConfig as E, lockLogger as S, redactEvent as T, getEnvironment as _, auditEnricher as a, isEnabled as b, buildAuditFields as c, signed as d, withAudit as f, createRequestLogger as g, createLogger as h, auditDiff as i, defineAuditAction as l, _log as m, AuditDeniedError as n, auditOnly as o, withAuditMethods as p, audit as r, auditRedactPreset as s, AUDIT_SCHEMA_VERSION as t, mockAudit as u, getGlobalDrain as v, normalizeRedactConfig as w, isLoggerLocked as x, initLogger as y };
1439
1482
 
1440
- //# sourceMappingURL=audit-d9esRZOK.mjs.map
1483
+ //# sourceMappingURL=audit-DQoBo7Dl.mjs.map
package/dist/audit-DQoBo7Dl.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"audit-DQoBo7Dl.mjs","names":[],"sources":["../src/redact.ts","../src/logger.ts","../src/audit.ts"],"sourcesContent":["import type { RedactConfig } from './types'\n\nconst DEFAULT_REPLACEMENT = '[REDACTED]'\n\nexport type Masker = [RegExp, (match: string) => string]\n\n/**\n * Built-in PII detection patterns with smart masking.\n * Each builtin preserves just enough signal for debugging while scrubbing PII.\n */\nexport const builtinPatterns = {\n /** Credit card numbers → ****1111 (PCI DSS: last 4 allowed) */\n creditCard: {\n pattern: /\\b\\d{4}[\\s-]?\\d{4}[\\s-]?\\d{4}[\\s-]?\\d{4}\\b/g,\n mask: (m: string) => `****${m.replace(/[\\s-]/g, '').slice(-4)}`,\n },\n /** Email addresses → a***@***.com */\n email: {\n pattern: /[\\w.+-]+@[\\w-]+\\.[\\w.]+/g,\n mask: (m: string) => {\n const at = m.indexOf('@')\n if (at < 1) return '***@***'\n const tld = m.slice(m.lastIndexOf('.'))\n return `${m[0]}***@***${tld}`\n },\n },\n /** IPv4 addresses → ***.***.***.100 (last octet only) */\n ipv4: {\n pattern: /\\b(?!0\\.0\\.0\\.0\\b)(?!127\\.0\\.0\\.1\\b)\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\b/g,\n mask: (m: string) => `***.***.***.${m.split('.').pop()}`,\n },\n /**\n * International phone numbers → `+33******78` (country code + last 2 digits).\n *\n * Requires an explicit phone signal (`+countryCode` prefix or `(areaCode)`\n * parens) to avoid false positives on digit-rich identifiers (UUIDs,\n * idempotency keys, order ids, hex hashes). Bare digit runs like `12345678`\n * are intentionally not matched — opt in via custom `patterns` if your app\n * stores phones in unformatted form.\n */\n phone: {\n pattern: /(?:\\+\\d{1,3}[\\s.-]?\\(?\\d{1,4}\\)?|\\(\\d{1,4}\\))(?:[\\s.-]?\\d{2,4}){2,4}\\b/g,\n mask: (m: string) => {\n const digits = m.replace(/[^\\d]/g, '')\n const hasPlus = m.startsWith('+')\n if (hasPlus && digits.length > 4) {\n const ccMatch = m.match(/^\\+\\d{1,3}/)\n const cc = ccMatch ? ccMatch[0] : '+'\n return `${cc}******${digits.slice(-2)}`\n }\n if (digits.length > 2) {\n return `${'*'.repeat(digits.length - 2)}${digits.slice(-2)}`\n }\n return '***'\n },\n },\n /** JWT tokens → eyJ***.*** */\n jwt: {\n pattern: /\\beyJ[\\w-]*\\.[\\w-]*\\.[\\w-]*\\b/g,\n mask: () => 'eyJ***.***',\n },\n /** Bearer tokens → Bearer *** */\n bearer: {\n pattern: /\\bBearer\\s+[\\w\\-.~+/]{8,}=*/gi,\n mask: () => 'Bearer ***',\n },\n /** IBAN → FR76****189 (country + check digits + last 3) */\n iban: {\n pattern: /\\b[A-Z]{2}\\d{2}[\\s-]?[\\dA-Z]{4}[\\s-]?[\\dA-Z]{4}[\\s-]?[\\dA-Z]{4}[\\s-]?[\\dA-Z]{0,4}[\\s-]?[\\dA-Z]{0,4}[\\s-]?[\\dA-Z]{0,4}\\b/g,\n mask: (m: string) => {\n const clean = m.replace(/[\\s-]/g, '')\n return `${clean.slice(0, 4)}****${clean.slice(-3)}`\n },\n },\n} as const\n\nexport type BuiltinPatternName = keyof typeof builtinPatterns\n\n/**\n * Resolve a `redact` option (boolean or object) into a concrete `RedactConfig`.\n *\n * - `true` → all built-in patterns with smart masking, no custom paths\n * - `{ ... }` → built-in maskers merged with user config (opt-out: `builtins: false`)\n * - `false` / `undefined` → `undefined` (no redaction)\n */\nexport function resolveRedactConfig(input: boolean | RedactConfig | undefined): RedactConfig | undefined {\n if (input === undefined || input === false) return undefined\n\n if (input === true) {\n return { _maskers: allBuiltinMaskers() }\n }\n\n if (input.builtins === false) {\n return input\n }\n\n const maskers = Array.isArray(input.builtins)\n ? input.builtins\n .map(name => builtinPatterns[name])\n .filter(Boolean)\n .map(b => [cloneRegex(b.pattern), b.mask] as Masker)\n : allBuiltinMaskers()\n\n return {\n ...input,\n _maskers: maskers,\n }\n}\n\nfunction allBuiltinMaskers(): Masker[] {\n return Object.values(builtinPatterns).map(b => [cloneRegex(b.pattern), b.mask] as Masker)\n}\n\nfunction cloneRegex(re: RegExp): RegExp {\n return new RegExp(re.source, re.flags)\n}\n\n/**\n * Redact sensitive data from a wide event in-place.\n *\n * Three strategies applied in order:\n * 1. **Path-based**: dot-notation paths — the leaf value is replaced with `replacement`.\n * 2. **Masker-based**: built-in patterns with smart partial masking (e.g. `****1111`).\n * 3. **Pattern-based**: custom RegExp patterns replaced with `replacement`.\n *\n * @param event - The wide event object (mutated in-place).\n * @param config - Redaction configuration.\n */\nexport function redactEvent(event: Record<string, unknown>, config: RedactConfig): void {\n const replacement = config.replacement ?? DEFAULT_REPLACEMENT\n\n if (config.paths?.length) {\n for (const path of config.paths) {\n redactPath(event, path.split('.'), replacement)\n }\n }\n\n if (config._maskers?.length) {\n applyMaskersToTree(event, config._maskers)\n }\n\n if (config.patterns?.length) {\n redactPatterns(event, config.patterns, replacement)\n }\n}\n\nfunction redactPath(obj: Record<string, unknown>, segments: string[], replacement: string): void {\n let current: unknown = obj\n for (let i = 0; i < segments.length - 1; i++) {\n if (current === null || current === undefined || typeof current !== 'object') return\n current = (current as Record<string, unknown>)[segments[i]!]\n }\n\n if (current === null || current === undefined || typeof current !== 'object') return\n\n const leaf = segments[segments.length - 1]!\n if (leaf in (current as Record<string, unknown>)) {\n (current as Record<string, unknown>)[leaf] = replacement\n }\n}\n\nfunction redactPatterns(obj: unknown, patterns: RegExp[], replacement: string): void {\n if (obj === null || obj === undefined) return\n\n if (Array.isArray(obj)) {\n for (let i = 0; i < obj.length; i++) {\n if (typeof obj[i] === 'string') {\n obj[i] = applyPatterns(obj[i] as string, patterns, replacement)\n } else if (typeof obj[i] === 'object') {\n redactPatterns(obj[i], patterns, replacement)\n }\n }\n return\n }\n\n if (typeof obj === 'object') {\n const record = obj as Record<string, unknown>\n for (const key in record) {\n const val = record[key]\n if (typeof val === 'string') {\n record[key] = applyPatterns(val, patterns, replacement)\n } else if (typeof val === 'object') {\n redactPatterns(val, patterns, replacement)\n }\n }\n }\n}\n\nfunction applyPatterns(value: string, patterns: RegExp[], replacement: string): string {\n let result = value\n for (const pattern of patterns) {\n pattern.lastIndex = 0\n result = result.replace(pattern, replacement)\n }\n return result\n}\n\nfunction applyMaskersToTree(obj: unknown, maskers: Masker[]): void {\n if (obj === null || obj === undefined) return\n\n if (Array.isArray(obj)) {\n for (let i = 0; i < obj.length; i++) {\n if (typeof obj[i] === 'string') {\n obj[i] = applyMaskers(obj[i] as string, maskers)\n } else if (typeof obj[i] === 'object') {\n applyMaskersToTree(obj[i], maskers)\n }\n }\n return\n }\n\n if (typeof obj === 'object') {\n const record = obj as Record<string, unknown>\n for (const key in record) {\n const val = record[key]\n if (typeof val === 'string') {\n record[key] = applyMaskers(val, maskers)\n } else if (typeof val === 'object') {\n applyMaskersToTree(val, maskers)\n }\n }\n }\n}\n\nfunction applyMaskers(value: string, maskers: Masker[]): string {\n let result = value\n for (const [pattern, mask] of maskers) {\n pattern.lastIndex = 0\n result = result.replace(pattern, mask)\n }\n return result\n}\n\n/**\n * Normalize a redact config that may have been deserialized from JSON\n * (e.g. via `process.env.__EVLOG_CONFIG`). Converts pattern strings\n * back to RegExp instances, then resolves built-in patterns.\n */\nexport function normalizeRedactConfig(raw: boolean | Record<string, unknown> | undefined): RedactConfig | undefined {\n if (raw === undefined || raw === false) return undefined\n if (raw === true) return resolveRedactConfig(true)\n\n const config: RedactConfig = {}\n\n if (Array.isArray(raw.paths)) {\n config.paths = raw.paths as string[]\n }\n\n if (typeof raw.replacement === 'string') {\n config.replacement = raw.replacement\n }\n\n if (raw.builtins === false) {\n config.builtins = false\n } else if (Array.isArray(raw.builtins)) {\n config.builtins = raw.builtins as BuiltinPatternName[]\n }\n\n if (Array.isArray(raw.patterns)) {\n config.patterns = (raw.patterns as unknown[]).map((p) => {\n if (p instanceof RegExp) return p\n if (typeof p === 'string') return new RegExp(p, 'g')\n if (typeof p === 'object' && p !== null) {\n const obj = p as Record<string, string>\n return new RegExp(obj.source, obj.flags ?? 'g')\n }\n return null\n }).filter((p): p is RegExp => p !== null)\n }\n\n return resolveRedactConfig(config)\n}\n","import type { AuditableLogger, AuditInput, AuditMethod } from './audit'\nimport type { DrainContext, EnvironmentContext, FieldContext, Log, LogLevel, LoggerConfig, RedactConfig, RequestLogger, RequestLoggerOptions, SamplingConfig, TailSamplingContext, WideEvent } from './types'\nimport { buildAuditFields, consumeAuditForceKeep, finalizeAudit } from './audit'\nimport { redactEvent, resolveRedactConfig } from './redact'\nimport { colors, cssColors, detectEnvironment, escapeFormatString, formatDuration, getConsoleMethod, getCssLevelColor, getLevelColor, isBrowser, isDev, isLevelEnabled, matchesPattern } from './utils'\n\nfunction isPlainObject(val: unknown): val is Record<string, unknown> {\n return val !== null && typeof val === 'object' && !Array.isArray(val)\n}\n\nconst _tsDate = new Date()\nfunction isoNow(): string {\n _tsDate.setTime(Date.now())\n return _tsDate.toISOString()\n}\n\n/** Shown after post-emit warnings so users can fix fire-and-forget / ALS continuations. */\nconst POST_EMIT_FORK_HINT =\n 'For intentional background work tied to this request, use log.fork(\\'label\\', fn) when your integration supports it (see https://evlog.dev).'\n\nfunction warnPostEmit(method: string, detail: string): void {\n console.warn(\n `[evlog] ${method} called after the wide event was emitted — ${detail} This data will not appear in observability. ${POST_EMIT_FORK_HINT}`,\n )\n}\n\nfunction mergeInto(target: Record<string, unknown>, source: Record<string, unknown>): void {\n for (const key in source) {\n const sourceVal = source[key]\n if (sourceVal === undefined || sourceVal === null) continue\n const targetVal = target[key]\n if (isPlainObject(sourceVal) && isPlainObject(targetVal)) {\n mergeInto(targetVal, sourceVal)\n } else if (Array.isArray(targetVal) && Array.isArray(sourceVal)) {\n target[key] = [...targetVal, ...sourceVal]\n } else {\n target[key] = sourceVal\n }\n }\n}\n\nlet globalEnv: EnvironmentContext = {\n service: 'app',\n environment: 'development',\n}\n\nlet globalPretty = isDev()\nlet globalSampling: SamplingConfig = {}\nlet globalStringify = true\nlet globalDrain: ((ctx: DrainContext) => void | Promise<void>) | undefined\nlet globalRedact: RedactConfig | undefined\nlet globalEnabled = true\nlet globalSilent = false\n/** Minimum level for the global `log` API only (`ownsEvent === false`). Default: all levels. */\nlet globalMinLevel: LogLevel = 'debug'\nlet _locked = false\n\n/**\n * Initialize the logger with configuration.\n * Call this once at application startup.\n */\nexport function initLogger(config: LoggerConfig = {}): void {\n globalEnabled = config.enabled ?? true\n const detected = detectEnvironment()\n\n globalEnv = {\n service: config.env?.service ?? detected.service ?? 'app',\n environment: config.env?.environment ?? detected.environment ?? 'development',\n version: config.env?.version ?? detected.version,\n commitHash: config.env?.commitHash ?? detected.commitHash,\n region: config.env?.region ?? detected.region,\n }\n\n globalPretty = config.pretty ?? isDev()\n globalSampling = config.sampling ?? {}\n globalStringify = config.stringify ?? true\n globalDrain = config.drain\n globalRedact = resolveRedactConfig(config.redact ?? !isDev())\n globalSilent = config.silent ?? false\n globalMinLevel = config.minLevel ?? 'debug'\n\n if (globalSilent && !globalDrain && !config._suppressDrainWarning) {\n console.warn('[evlog] silent mode is enabled but no drain is configured. Events will be built and sampled but not output anywhere. Set a drain via initLogger({ drain }) or a framework hook (evlog:drain).')\n }\n}\n\n/**\n * Check if logging is globally enabled.\n */\nexport function isEnabled(): boolean {\n return globalEnabled\n}\n\n/**\n * @internal Lock the logger to prevent re-initialization.\n * Called by instrumentation register() after setting up the logger with drain.\n * Prevents configureHandler() from overwriting the drain config.\n */\nexport function lockLogger(): void {\n _locked = true\n}\n\n/**\n * @internal Check if the logger has been locked by instrumentation.\n */\nexport function isLoggerLocked(): boolean {\n return _locked\n}\n\n/**\n * @internal Get the globally configured drain callback.\n * Used by framework middleware to fall back to the global drain\n * when no middleware-level drain is provided.\n */\nexport function getGlobalDrain(): ((ctx: DrainContext) => void | Promise<void>) | undefined {\n return globalDrain\n}\n\n/**\n * Determine if a log at the given level should be emitted based on sampling config.\n * Error level defaults to 100% (always logged) unless explicitly configured otherwise.\n */\nfunction shouldSample(level: LogLevel): boolean {\n const { rates } = globalSampling\n if (!rates) {\n return true // No sampling configured, log everything\n }\n\n // Error defaults to 100% unless explicitly set\n const percentage = level === 'error' && rates.error === undefined\n ? 100\n : rates[level] ?? 100\n\n // 0% = never log, 100% = always log\n if (percentage <= 0) return false\n if (percentage >= 100) return true\n\n return Math.random() * 100 < percentage\n}\n\n/**\n * Evaluate tail sampling conditions to determine if a log should be force-kept.\n * Returns true if ANY condition matches (OR logic).\n */\nexport function shouldKeep(ctx: TailSamplingContext): boolean {\n const { keep } = globalSampling\n if (!keep?.length) return false\n\n return keep.some((condition) => {\n if (condition.status !== undefined && ctx.status !== undefined && ctx.status >= condition.status) {\n return true\n }\n if (condition.duration !== undefined && ctx.duration !== undefined && ctx.duration >= condition.duration) {\n return true\n }\n if (condition.path && ctx.path && matchesPattern(ctx.path, condition.path)) {\n return true\n }\n return false\n })\n}\n\ninterface EmitWideEventOptions {\n deferDrain?: boolean\n ownsEvent?: boolean\n waitUntil?: (promise: Promise<unknown>) => void\n}\n\nfunction emitWideEvent(\n level: LogLevel,\n event: Record<string, unknown>,\n options: EmitWideEventOptions = {},\n): WideEvent | null {\n const { deferDrain = false, ownsEvent = false, waitUntil } = options\n if (!globalEnabled) return null\n\n if (!ownsEvent) {\n if (!isLevelEnabled(level, globalMinLevel)) {\n return null\n }\n if (!shouldSample(level)) {\n return null\n }\n }\n\n let formatted: WideEvent\n if (ownsEvent) {\n event.timestamp = isoNow()\n event.level = level\n if (event.service === undefined) event.service = globalEnv.service\n if (event.environment === undefined) event.environment = globalEnv.environment\n if (globalEnv.version !== undefined && event.version === undefined) event.version = globalEnv.version\n if (globalEnv.commitHash !== undefined && event.commitHash === undefined) event.commitHash = globalEnv.commitHash\n if (globalEnv.region !== undefined && event.region === undefined) event.region = globalEnv.region\n formatted = event as WideEvent\n } else {\n formatted = {\n timestamp: isoNow(),\n level,\n ...globalEnv,\n ...event,\n }\n }\n\n finalizeAudit(formatted)\n\n if (globalRedact) {\n redactEvent(formatted, globalRedact)\n }\n\n if (!globalSilent) {\n if (globalPretty) {\n prettyPrintWideEvent(formatted)\n } else if (globalStringify) {\n console[getConsoleMethod(level)](JSON.stringify(formatted))\n } else {\n console[getConsoleMethod(level)](formatted)\n }\n }\n\n if (globalDrain && !deferDrain) {\n const drainPromise = Promise.resolve(globalDrain({ event: formatted })).catch((err) => {\n console.error('[evlog] drain failed:', err)\n })\n if (waitUntil) {\n waitUntil(drainPromise)\n }\n }\n\n return formatted\n}\n\nfunction emitTaggedLog(level: LogLevel, tag: string, message: string): void {\n if (!globalEnabled) return\n\n if (globalPretty && !globalSilent) {\n if (!isLevelEnabled(level, globalMinLevel)) {\n return\n }\n if (!shouldSample(level)) {\n return\n }\n\n if (isBrowser()) {\n const levelColor = getCssLevelColor(level)\n const timestamp = isoNow().slice(11, 23)\n console.log(\n `%c${timestamp}%c %c[${escapeFormatString(tag)}]%c ${escapeFormatString(message)}`,\n cssColors.dim,\n cssColors.reset,\n levelColor,\n cssColors.reset,\n )\n } else {\n const color = getLevelColor(level)\n const timestamp = isoNow().slice(11, 23)\n console.log(`${colors.dim}${timestamp}${colors.reset} ${color}[${tag}]${colors.reset} ${message}`)\n }\n\n return\n }\n emitWideEvent(level, { tag, message })\n}\n\nfunction formatValue(value: unknown): string {\n if (value === null || value === undefined) {\n return String(value)\n }\n if (typeof value === 'object') {\n const pairs: string[] = []\n for (const [k, v] of Object.entries(value as Record<string, unknown>)) {\n if (v !== undefined && v !== null) {\n if (typeof v === 'object') {\n pairs.push(`${k}=${JSON.stringify(v)}`)\n } else {\n pairs.push(`${k}=${v}`)\n }\n }\n }\n return pairs.join(' ')\n }\n return String(value)\n}\n\nfunction formatCost(cost: number): string {\n if (cost < 0.01) return `$${cost.toFixed(6)}`\n if (cost < 1) return `$${cost.toFixed(4)}`\n return `$${cost.toFixed(2)}`\n}\n\ninterface TreeEntry {\n key: string\n value: string\n children?: string[]\n}\n\nfunction buildAIEntries(ai: Record<string, unknown>): TreeEntry[] {\n const entries: TreeEntry[] = []\n\n // Header\n const headerParts: string[] = []\n if (ai.model) {\n let m = String(ai.model)\n if (ai.provider) m += ` (${ai.provider})`\n headerParts.push(m)\n }\n if (ai.calls) headerParts.push(`${ai.calls} call${(ai.calls as number) > 1 ? 's' : ''}`)\n if (ai.steps && (ai.steps as number) > 1) headerParts.push(`${ai.steps} steps`)\n entries.push({ key: 'ai', value: headerParts.join(' · ') })\n\n // Tokens\n const inputTokens = ai.inputTokens as number | undefined\n const outputTokens = ai.outputTokens as number | undefined\n const totalTokens = ai.totalTokens as number | undefined\n if (inputTokens !== undefined && outputTokens !== undefined) {\n let tokLine = `${inputTokens} in → ${outputTokens} out`\n if (totalTokens) tokLine += ` (${totalTokens} total)`\n const extras: string[] = []\n if (ai.cacheReadTokens) extras.push(`${ai.cacheReadTokens} cache read`)\n if (ai.cacheWriteTokens) extras.push(`${ai.cacheWriteTokens} cache write`)\n if (ai.reasoningTokens) extras.push(`${ai.reasoningTokens} reasoning`)\n if (extras.length) tokLine += ` · ${extras.join(' · ')}`\n entries.push({ key: 'ai.tokens', value: tokLine })\n }\n\n // Streaming\n const msFirst = ai.msToFirstChunk as number | undefined\n const msFinish = ai.msToFinish as number | undefined\n const tps = ai.tokensPerSecond as number | undefined\n if (msFirst !== undefined || msFinish !== undefined) {\n const parts: string[] = []\n if (msFirst !== undefined) parts.push(`${formatDuration(msFirst)} to first chunk`)\n if (msFinish !== undefined) parts.push(`${formatDuration(msFinish)} total`)\n let streamLine = parts.join(' → ')\n if (tps) streamLine += ` · ${tps} tok/s`\n entries.push({ key: 'ai.streaming', value: streamLine })\n }\n\n // Cost\n if (ai.estimatedCost !== undefined) {\n entries.push({ key: 'ai.cost', value: formatCost(ai.estimatedCost as number) })\n }\n\n // Total duration\n if (ai.totalDurationMs !== undefined) {\n entries.push({ key: 'ai.totalDuration', value: formatDuration(ai.totalDurationMs as number) })\n }\n\n // Tools — merged from toolCalls (middleware) + tools (telemetry)\n const toolCalls = ai.toolCalls as unknown[] | undefined\n const tools = ai.tools as Array<{ name: string, durationMs: number, success: boolean, error?: string }> | undefined\n const hasInputs = toolCalls?.length ? typeof toolCalls[0] === 'object' : false\n\n if (tools?.length) {\n const children = tools.map((t, idx) => {\n const mark = t.success ? '✓' : '✗'\n let line = `${t.name} ${formatDuration(t.durationMs)} ${mark}`\n if (t.error) line += ` ${t.error}`\n if (hasInputs && toolCalls && idx < toolCalls.length) {\n const tc = toolCalls[idx] as { input: unknown }\n const inputStr = typeof tc.input === 'string' ? tc.input : JSON.stringify(tc.input)\n const truncated = inputStr.length > 100 ? `${inputStr.slice(0, 100)}…` : inputStr\n line += ` ${truncated}`\n }\n return line\n })\n entries.push({ key: 'ai.tools', value: '', children })\n } else if (toolCalls?.length) {\n if (hasInputs) {\n const children = (toolCalls as Array<{ name: string, input: unknown }>).map((tc) => {\n const inputStr = typeof tc.input === 'string' ? tc.input : JSON.stringify(tc.input)\n const truncated = inputStr.length > 100 ? `${inputStr.slice(0, 100)}…` : inputStr\n return `${tc.name}(${truncated})`\n })\n entries.push({ key: 'ai.tools', value: '', children })\n } else {\n entries.push({ key: 'ai.tools', value: (toolCalls as string[]).join(', ') })\n }\n }\n\n // Steps\n const stepsUsage = ai.stepsUsage as Array<Record<string, unknown>> | undefined\n if (stepsUsage?.length) {\n const allSameModel = stepsUsage.every(s => s.model === stepsUsage[0]!.model)\n const children = stepsUsage.map((s) => {\n const prefix = allSameModel ? '' : `${s.model} `\n let line = `${prefix}${s.inputTokens} in → ${s.outputTokens} out`\n const stepTools = s.toolCalls as string[] | undefined\n if (stepTools?.length) line += ` [${stepTools.join(', ')}]`\n return line\n })\n entries.push({ key: 'ai.steps', value: '', children })\n } else if (ai.steps && (ai.steps as number) > 1) {\n entries.push({ key: 'ai.steps', value: String(ai.steps) })\n }\n\n // Embedding\n const embedding = ai.embedding as Record<string, unknown> | undefined\n if (embedding) {\n const parts: string[] = []\n if (embedding.model) parts.push(String(embedding.model))\n parts.push(`${embedding.tokens} tokens`)\n if (embedding.dimensions) parts.push(`${embedding.dimensions}d`)\n if (embedding.count) parts.push(`${embedding.count} items`)\n entries.push({ key: 'ai.embedding', value: parts.join(' · ') })\n }\n\n if (ai.finishReason) entries.push({ key: 'ai.finishReason', value: String(ai.finishReason) })\n if (ai.error) entries.push({ key: 'ai.error', value: String(ai.error) })\n if (ai.responseId) entries.push({ key: 'ai.responseId', value: String(ai.responseId) })\n\n return entries\n}\n\nfunction prettyPrintWideEvent(event: Record<string, unknown>): void {\n const { timestamp, level, service, environment, version, ...rest } = event\n const ts = (timestamp as string).slice(11, 23)\n const browser = isBrowser()\n\n const parts: string[] = []\n const styles: string[] = []\n\n if (browser) {\n const lc = getCssLevelColor(level as string)\n parts.push(`%c${ts}%c %c${(level as string).toUpperCase()}%c %c[${escapeFormatString(String(service))}]%c`)\n styles.push(cssColors.dim, cssColors.reset, lc, cssColors.reset, cssColors.cyan, cssColors.reset)\n } else {\n const lc = getLevelColor(level as string)\n parts.push(`${colors.dim}${ts}${colors.reset} ${lc}${(level as string).toUpperCase()}${colors.reset} ${colors.cyan}[${service}]${colors.reset}`)\n }\n\n if (rest.method && rest.path) {\n parts.push(browser ? ` ${escapeFormatString(String(rest.method))} ${escapeFormatString(String(rest.path))}` : ` ${rest.method} ${rest.path}`)\n delete rest.method\n delete rest.path\n }\n\n if (rest.status) {\n const sc = browser\n ? ((rest.status as number) >= 400 ? cssColors.red : cssColors.green)\n : ((rest.status as number) >= 400 ? colors.red : colors.green)\n if (browser) {\n parts.push(` %c${rest.status}%c`)\n styles.push(sc, cssColors.reset)\n } else {\n parts.push(` ${sc}${rest.status}${colors.reset}`)\n }\n delete rest.status\n }\n\n if (rest.duration) {\n if (browser) {\n parts.push(` %c${escapeFormatString(`in ${rest.duration}`)}%c`)\n styles.push(cssColors.dim, cssColors.reset)\n } else {\n parts.push(` ${colors.dim}in ${rest.duration}${colors.reset}`)\n }\n delete rest.duration\n }\n\n console.log(parts.join(''), ...styles)\n\n const aiData = rest.ai as Record<string, unknown> | undefined\n if (aiData && typeof aiData === 'object') {\n delete rest.ai\n }\n\n const restEntries = Object.entries(rest).filter(([_, v]) => v !== undefined)\n const aiEntries = aiData ? buildAIEntries(aiData) : []\n const allEntries: TreeEntry[] = [\n ...restEntries.map(([key, value]) => ({ key, value: formatValue(value) })),\n ...aiEntries,\n ]\n\n for (let i = 0; i < allEntries.length; i++) {\n const entry = allEntries[i]!\n const hasChildren = entry.children && entry.children.length > 0\n const isLast = i === allEntries.length - 1 && !hasChildren\n const prefix = isLast ? '└─' : '├─'\n\n if (browser) {\n const val = entry.value ? ` ${escapeFormatString(entry.value)}` : ''\n console.log(` %c${prefix}%c %c${escapeFormatString(entry.key)}:%c${val}`, cssColors.dim, cssColors.reset, cssColors.cyan, cssColors.reset)\n } else {\n const val = entry.value ? ` ${entry.value}` : ''\n console.log(` ${colors.dim}${prefix}${colors.reset} ${colors.cyan}${entry.key}:${colors.reset}${val}`)\n }\n\n if (hasChildren) {\n const isLastEntry = i === allEntries.length - 1\n const connector = isLastEntry ? ' ' : '│'\n for (let j = 0; j < entry.children!.length; j++) {\n const child = entry.children![j]!\n const isLastChild = j === entry.children!.length - 1\n const childPrefix = isLastChild ? '└─' : '├─'\n if (browser) {\n console.log(` %c${connector} ${childPrefix}%c ${escapeFormatString(child)}`, cssColors.dim, cssColors.reset)\n } else {\n console.log(` ${colors.dim}${connector} ${childPrefix}${colors.reset} ${child}`)\n }\n }\n }\n }\n}\n\nfunction createLogMethod(level: LogLevel) {\n return function logMethod(tagOrEvent: string | Record<string, unknown>, message?: string): void {\n if (typeof tagOrEvent === 'string' && message !== undefined) {\n emitTaggedLog(level, tagOrEvent, message)\n } else if (typeof tagOrEvent === 'object') {\n emitWideEvent(level, tagOrEvent)\n } else {\n emitTaggedLog(level, 'log', String(tagOrEvent))\n }\n }\n}\n\n/**\n * Simple logging API - as easy as console.log\n *\n * @example\n * ```ts\n * log.info('auth', 'User logged in')\n * log.error({ action: 'payment', error: 'failed' })\n * ```\n */\nconst _log: Log = {\n info: createLogMethod('info'),\n error: createLogMethod('error'),\n warn: createLogMethod('warn'),\n debug: createLogMethod('debug'),\n}\n\nexport { _log as log }\n\nconst noopAudit = Object.assign(() => {}, { deny: () => {} }) as AuditMethod\nconst noopLogger: AuditableLogger = {\n set() {},\n error() {},\n info() {},\n warn() {},\n emit() {\n return null\n },\n getContext() {\n return {}\n },\n audit: noopAudit,\n}\n\n/**\n * @internal Options for createLogger that are not part of the public API.\n */\ninterface CreateLoggerInternalOptions {\n /**\n * When true, the global drain is skipped on emit.\n * Used by framework middleware that runs its own enrich+drain pipeline.\n */\n _deferDrain?: boolean\n /**\n * @see {@link RequestLoggerOptions.waitUntil}\n */\n waitUntil?: (promise: Promise<unknown>) => void\n}\n\n/**\n * Create a scoped logger for building wide events.\n * Use this for any context: workflows, jobs, scripts, queues, etc.\n *\n * After `emit()` (including when sampling returns `null`), the logger is sealed and\n * further mutations log `[evlog]` warnings. Standalone loggers do not have `fork`;\n * that method is only attached by supported framework integrations.\n *\n * @example\n * ```ts\n * const log = createLogger({ jobId: job.id, queue: 'emails' })\n * log.set({ batch: { size: 50, processed: 12 } })\n * log.emit()\n * ```\n */\nexport function createLogger<T extends object = Record<string, unknown>>(initialContext: Record<string, unknown> = {}, internalOptions?: CreateLoggerInternalOptions): AuditableLogger<T> {\n if (!globalEnabled) return noopLogger as unknown as AuditableLogger<T>\n\n const deferDrain = internalOptions?._deferDrain ?? false\n const waitUntil = internalOptions?.waitUntil\n const startTime = Date.now()\n const context: Record<string, unknown> = { ...initialContext }\n let hasError = false\n let hasWarn = false\n let emitted = false\n\n function addLog(level: 'info' | 'warn', message: string): void {\n if (!Array.isArray(context.requestLogs)) {\n context.requestLogs = []\n }\n (context.requestLogs as unknown[]).push({\n level,\n message,\n timestamp: isoNow(),\n })\n }\n\n const auditMethod = function audit(input: AuditInput): void {\n if (emitted) {\n warnPostEmit('log.audit()', `Audit dropped: action=${input.action}.`)\n return\n }\n const fields = buildAuditFields(input)\n if (!isPlainObject(context.audit)) {\n context.audit = fields as unknown as Record<string, unknown>\n } else {\n mergeInto(context.audit as Record<string, unknown>, fields as unknown as Record<string, unknown>)\n }\n context._auditForceKeep = true\n } as AuditMethod<T>\n\n auditMethod.deny = function deny(reason: string, input: Omit<AuditInput, 'outcome' | 'reason'>): void {\n auditMethod({ ...input, outcome: 'denied', reason })\n }\n\n return {\n audit: auditMethod,\n set(data: FieldContext<T>): void {\n if (emitted) {\n const keys = Object.keys(data as Record<string, unknown>)\n warnPostEmit('log.set()', `Keys dropped: ${keys.length ? keys.join(', ') : '(empty)'}.`)\n return\n }\n mergeInto(context, data as Record<string, unknown>)\n },\n\n error(error: Error | string, errorContext?: FieldContext<T>): void {\n if (emitted) {\n const keys = errorContext\n ? [...Object.keys(errorContext as Record<string, unknown>), 'error']\n : ['error']\n warnPostEmit('log.error()', `Keys dropped: ${keys.join(', ')}.`)\n return\n }\n hasError = true\n const err = typeof error === 'string' ? new Error(error) : error\n\n if (errorContext) {\n mergeInto(context, errorContext as Record<string, unknown>)\n }\n\n const errorObj: Record<string, unknown> = {\n name: err.name,\n message: err.message,\n stack: err.stack,\n }\n const errRecord = err as unknown as Record<string, unknown>\n for (const k of ['status', 'statusText', 'statusCode', 'statusMessage', 'data', 'cause', 'internal'] as const) {\n if (k in err) errorObj[k] = errRecord[k]\n }\n\n if (isPlainObject(context.error)) {\n mergeInto(context.error as Record<string, unknown>, errorObj)\n } else {\n context.error = errorObj\n }\n },\n\n info(message: string, infoContext?: FieldContext<T>): void {\n if (emitted) {\n const keys = infoContext\n ? ['message', ...Object.keys(infoContext as Record<string, unknown>).filter(k => k !== 'requestLogs')]\n : ['message']\n warnPostEmit('log.info()', `Keys dropped: ${keys.join(', ')}.`)\n return\n }\n addLog('info', message)\n if (infoContext) {\n const { requestLogs: _, ...rest } = infoContext as Record<string, unknown>\n mergeInto(context, rest)\n }\n },\n\n warn(message: string, warnContext?: FieldContext<T>): void {\n if (emitted) {\n const keys = warnContext\n ? ['message', ...Object.keys(warnContext as Record<string, unknown>).filter(k => k !== 'requestLogs')]\n : ['message']\n warnPostEmit('log.warn()', `Keys dropped: ${keys.join(', ')}.`)\n return\n }\n hasWarn = true\n addLog('warn', message)\n if (warnContext) {\n const { requestLogs: _, ...rest } = warnContext as Record<string, unknown>\n mergeInto(context, rest)\n }\n },\n\n emit(overrides?: FieldContext<T> & { _forceKeep?: boolean }): WideEvent | null {\n if (emitted) {\n warnPostEmit('log.emit()', 'Ignoring duplicate emit.')\n return null\n }\n\n const durationMs = Date.now() - startTime\n const level: LogLevel = hasError ? 'error' : hasWarn ? 'warn' : 'info'\n\n let forceKeep = false\n if (overrides?._forceKeep) {\n forceKeep = true\n } else if (consumeAuditForceKeep(context)) {\n forceKeep = true\n } else if (globalSampling.keep?.length) {\n const status = (overrides as Record<string, unknown> | undefined)?.status ?? context.status\n forceKeep = shouldKeep({\n status: status as number | undefined,\n duration: durationMs,\n path: context.path as string | undefined,\n method: context.method as string | undefined,\n context,\n })\n }\n\n if (!forceKeep && !shouldSample(level)) {\n emitted = true\n return null\n }\n\n if (overrides) {\n const obj = overrides as Record<string, unknown>\n for (const key in obj) {\n if (key !== '_forceKeep') context[key] = obj[key]\n }\n }\n context.duration = formatDuration(durationMs)\n\n const wide = emitWideEvent(level, context, { deferDrain, ownsEvent: true, waitUntil })\n emitted = true\n return wide\n },\n\n getContext(): FieldContext<T> & Record<string, unknown> {\n return { ...context } as FieldContext<T> & Record<string, unknown>\n },\n }\n}\n\n/**\n * Create a request-scoped logger for building wide events.\n * Convenience wrapper around `createLogger` that pre-populates HTTP request fields.\n *\n * @example\n * ```ts\n * const log = createRequestLogger({ method: 'POST', path: '/checkout' })\n * log.set({ user: { id: '123' } })\n * log.set({ cart: { items: 3 } })\n * log.emit()\n * ```\n *\n * @example Cloudflare Workers — pass `waitUntil` so `initLogger({ drain })` completes after the response:\n * ```ts\n * export default {\n * async fetch(request, env, ctx) {\n * const log = createRequestLogger({\n * method: request.method,\n * path: new URL(request.url).pathname,\n * waitUntil: ctx.waitUntil.bind(ctx),\n * })\n * log.emit()\n * return new Response('ok')\n * },\n * }\n * ```\n */\nexport function createRequestLogger<T extends object = Record<string, unknown>>(options: RequestLoggerOptions = {}, internalOptions?: CreateLoggerInternalOptions): AuditableLogger<T> {\n const { method, path, requestId, waitUntil: optionsWaitUntil } = options\n const initial: Record<string, unknown> = {}\n if (method !== undefined) initial.method = method\n if (path !== undefined) initial.path = path\n if (requestId !== undefined) initial.requestId = requestId\n return createLogger<T>(initial, {\n ...internalOptions,\n waitUntil: internalOptions?.waitUntil ?? optionsWaitUntil,\n })\n}\n\n/**\n * Get the current environment context.\n */\nexport function getEnvironment(): EnvironmentContext {\n return { ...globalEnv }\n}\n\n// eslint-disable-next-line @typescript-eslint/naming-convention\ndeclare const __EVLOG_CONFIG__: import('./types').LoggerConfig | undefined\n\nif (typeof __EVLOG_CONFIG__ !== 'undefined') initLogger(__EVLOG_CONFIG__)\n","import type { AuditActor, AuditFields, AuditTarget, DrainContext, EnrichContext, FieldContext, RedactConfig, RequestLogger, WideEvent } from './types'\nimport { createLogger } from './logger'\n\n/**\n * Current version of the audit envelope. Bumped when `AuditFields` evolves\n * in a backward-incompatible way so downstream pipelines can branch on it.\n */\nexport const AUDIT_SCHEMA_VERSION = 1\n\n/**\n * Input accepted by `log.audit()`, `audit()`, and `withAudit()`.\n *\n * `outcome` defaults to `'success'`. Internal fields populated by the audit\n * pipeline (`idempotencyKey`, `context`, `signature`, `prevHash`, `hash`) are\n * stripped — pass them through `log.set({ audit })` if you really need to.\n */\nexport interface AuditInput {\n action: string\n actor: AuditActor\n target?: AuditTarget\n outcome?: AuditFields['outcome']\n reason?: string\n changes?: AuditFields['changes']\n causationId?: string\n correlationId?: string\n version?: number\n}\n\n/**\n * @internal Stable JSON stringification with deterministic key order.\n * Used by `idempotencyKey` and `hash-chain` so the same logical event always\n * produces the same digest, regardless of how object keys were added.\n */\nfunction stableStringify(value: unknown): string {\n if (value === null || typeof value !== 'object') return JSON.stringify(value)\n if (Array.isArray(value)) return `[${value.map(stableStringify).join(',')}]`\n const keys = Object.keys(value as Record<string, unknown>).sort()\n return `{${keys.map(k => `${JSON.stringify(k)}:${stableStringify((value as Record<string, unknown>)[k])}`).join(',')}}`\n}\n\n/**\n * @internal Sync, isomorphic 32-bit FNV-1a. Used to derive the idempotency\n * key without pulling `node:crypto` into the static import graph (which would\n * break browser / Cloudflare Workers bundles that import `evlog` for types\n * or shared utilities). Idempotency keys are dedup tokens, not security\n * primitives — collision resistance at 128 bits is more than sufficient.\n */\nfunction fnv1a32(input: string, seed: number): number {\n let h = seed >>> 0\n for (let i = 0; i < input.length; i++) {\n h ^= input.charCodeAt(i) & 0xff\n h = Math.imul(h, 0x01000193) >>> 0\n }\n return h >>> 0\n}\n\n/**\n * @internal Compute the deterministic idempotency key for an audit event.\n * Includes `action`, `actor.{type,id}`, `target.{type,id}`, `outcome`, and\n * `timestamp` rounded to the second so retries within the same second collapse.\n *\n * Uses four interleaved FNV-1a 32-bit hashes (128-bit output, 32 hex chars)\n * so the implementation stays sync and isomorphic across Node, browsers,\n * Bun, Deno, and Cloudflare Workers.\n */\nfunction computeIdempotencyKey(audit: AuditFields, timestamp: string): string {\n const seconds = timestamp.slice(0, 19)\n const payload = stableStringify({\n action: audit.action,\n actor: { type: audit.actor.type, id: audit.actor.id },\n target: audit.target ? { type: audit.target.type, id: audit.target.id } : undefined,\n outcome: audit.outcome,\n timestamp: seconds,\n })\n const a = fnv1a32(payload, 0x811c9dc5).toString(16).padStart(8, '0')\n const b = fnv1a32(payload, 0xdeadbeef).toString(16).padStart(8, '0')\n const c = fnv1a32(payload, 0x1f83d9ab).toString(16).padStart(8, '0')\n const d = fnv1a32(payload, 0x5be0cd19).toString(16).padStart(8, '0')\n return a + b + c + d\n}\n\n/**\n * Build a normalised {@link AuditFields} from caller input. Defaults:\n * - `outcome` → `'success'`\n * - `version` → {@link AUDIT_SCHEMA_VERSION}\n *\n * `idempotencyKey` is filled at emit time with the event timestamp so retries\n * stay deterministic.\n */\nexport function buildAuditFields(input: AuditInput): AuditFields {\n return {\n action: input.action,\n actor: input.actor,\n target: input.target,\n outcome: input.outcome ?? 'success',\n reason: input.reason,\n changes: input.changes,\n causationId: input.causationId,\n correlationId: input.correlationId,\n version: input.version ?? AUDIT_SCHEMA_VERSION,\n }\n}\n\n/**\n * @internal Test-collector hook installed by {@link mockAudit}. When set, every\n * audit event flowing through `log.audit()` / `audit()` is also pushed to it.\n */\nlet _testCollector: ((event: AuditFields, wide: WideEvent | null) => void) | null = null\n\n/** @internal Emit-time decoration: assign timestamp-based idempotency key. */\nfunction decorateAudit(audit: AuditFields, timestamp: string): AuditFields {\n if (audit.idempotencyKey) return audit\n return { ...audit, idempotencyKey: computeIdempotencyKey(audit, timestamp) }\n}\n\n/**\n * Add audit semantics to an existing {@link RequestLogger}.\n *\n * Mutates the logger in place by adding an `audit` method (with a `.deny()`\n * sub-method). Strictly equivalent to calling `log.set({ audit: ... })` plus\n * `_forceKeep` on emit. Idempotent: calling twice on the same logger only\n * attaches the methods once.\n *\n * @example\n * ```ts\n * const log = withAuditMethods(createLogger())\n * log.audit({\n * action: 'invoice.refund',\n * actor: { type: 'user', id: user.id },\n * target: { type: 'invoice', id: 'inv_889' },\n * })\n * ```\n */\nexport function withAuditMethods<T extends object = Record<string, unknown>>(logger: RequestLogger<T>): AuditableLogger<T> {\n const target = logger as AuditableLogger<T>\n if (target.audit) return target\n\n const audit = function audit(input: AuditInput): void {\n const fields = buildAuditFields(input)\n target.set({ audit: fields } as unknown as FieldContext<T>)\n markForceKeep(target)\n } as AuditMethod<T>\n\n audit.deny = function deny(reason: string, input: Omit<AuditInput, 'outcome' | 'reason'>): void {\n audit({ ...input, outcome: 'denied', reason })\n }\n\n target.audit = audit\n return target\n}\n\n/**\n * @internal Mark a logger so its next `emit()` is force-kept past tail sampling.\n * Implemented by stamping a hidden flag on the accumulated context which\n * `emit()` reads via `_forceKeep`.\n */\nfunction markForceKeep<T extends object>(logger: RequestLogger<T>): void {\n const ctx = logger.getContext() as Record<string, unknown>\n ctx._auditForceKeep = true\n}\n\n/**\n * Logger augmented with `.audit()` / `.audit.deny()` helpers.\n */\nexport type AuditableLogger<T extends object = Record<string, unknown>> = RequestLogger<T> & { audit: AuditMethod<T> }\n\n/** Method shape attached to {@link AuditableLogger}. */\nexport interface AuditMethod<T extends object = Record<string, unknown>> {\n (input: AuditInput): void\n /**\n * Record an AuthZ-denied action. Forces `outcome: 'denied'` and requires\n * a human-readable `reason`. Most teams forget to log denials — they are\n * exactly what auditors and security teams ask for.\n */\n deny: (reason: string, input: Omit<AuditInput, 'outcome' | 'reason'>) => void\n}\n\n/**\n * Standalone audit emitter for non-request contexts (jobs, scripts, CLIs).\n *\n * Creates a one-shot logger, sets the audit fields, and emits immediately.\n * The event is force-kept past tail sampling. Returns the emitted wide event,\n * or `null` if logging is globally disabled.\n *\n * @example\n * ```ts\n * import { audit } from 'evlog'\n *\n * audit({\n * action: 'cron.cleanup',\n * actor: { type: 'system', id: 'cron' },\n * target: { type: 'job', id: 'cleanup-stale-sessions' },\n * outcome: 'success',\n * })\n * ```\n */\nexport function audit(input: AuditInput): WideEvent | null {\n const fields = buildAuditFields(input)\n const logger = createLogger({ audit: fields })\n const wide = logger.emit({ _forceKeep: true } as FieldContext<Record<string, unknown>> & { _forceKeep?: boolean })\n _testCollector?.(fields, wide)\n return wide\n}\n\n/**\n * Wrap a function so its outcome (success / failure / denied) is automatically\n * audited.\n *\n * Behaviour:\n * - If `fn` resolves, an audit event with `outcome: 'success'` is emitted.\n * - If `fn` throws an `EvlogError` (or any error) with `status === 403`, the\n * audit event is recorded as `'denied'` with the error message as `reason`.\n * - Any other thrown error produces `outcome: 'failure'` and re-throws.\n *\n * Use {@link AuditDeniedError} to signal denial without an HTTP status.\n *\n * @example\n * ```ts\n * const refundInvoice = withAudit(\n * { action: 'invoice.refund', target: (input) => ({ type: 'invoice', id: input.id }) },\n * async (input: { id: string }, ctx: { actor: AuditActor }) => {\n * await db.invoices.refund(input.id)\n * }\n * )\n *\n * await refundInvoice({ id: 'inv_889' }, { actor: { type: 'user', id: user.id } })\n * ```\n */\nexport function withAudit<TInput, TOutput>(\n options: WithAuditOptions<TInput>,\n fn: (input: TInput, ctx: WithAuditContext) => Promise<TOutput> | TOutput,\n): (input: TInput, ctx: WithAuditContext) => Promise<TOutput> {\n return async (input, ctx) => {\n const target = typeof options.target === 'function' ? options.target(input) : options.target\n try {\n const result = await fn(input, ctx)\n audit({\n action: options.action,\n actor: ctx.actor,\n target,\n outcome: 'success',\n causationId: ctx.causationId,\n correlationId: ctx.correlationId,\n })\n return result\n } catch (err) {\n const error = err as Error & { status?: number; statusCode?: number }\n const status = error.status ?? error.statusCode\n const denied = err instanceof AuditDeniedError || status === 403\n audit({\n action: options.action,\n actor: ctx.actor,\n target,\n outcome: denied ? 'denied' : 'failure',\n reason: error.message,\n causationId: ctx.causationId,\n correlationId: ctx.correlationId,\n })\n throw err\n }\n }\n}\n\n/**\n * Throw inside a {@link withAudit} body to mark the action as `outcome: 'denied'`\n * regardless of the underlying HTTP status. The constructor message becomes the\n * audit `reason`.\n */\nexport class AuditDeniedError extends Error {\n\n constructor(reason: string) {\n super(reason)\n this.name = 'AuditDeniedError'\n }\n\n}\n\n/** Options for {@link withAudit}. `target` may be derived from the input. */\nexport interface WithAuditOptions<TInput> {\n action: string\n target?: AuditTarget | ((input: TInput) => AuditTarget | undefined)\n}\n\n/**\n * Runtime context required by a {@link withAudit}-wrapped function.\n * The actor is always required; correlation IDs are optional.\n */\nexport interface WithAuditContext {\n actor: AuditActor\n causationId?: string\n correlationId?: string\n}\n\n/**\n * Compute a compact, redact-aware diff between two objects for the\n * `changes` field. Output is a JSON Patch-style array (RFC 6902 subset:\n * `add`, `remove`, `replace`) — small enough to ship over the wire.\n *\n * Object keys whose name matches one of the `redactPaths` (dot-notation, e.g.\n * `'user.password'`, `'card.cvv'`) are replaced with `'[REDACTED]'` so PII\n * never leaks through the diff.\n *\n * @example\n * ```ts\n * log.audit({\n * action: 'user.update',\n * actor: { type: 'user', id: user.id },\n * target: { type: 'user', id: 'usr_42' },\n * changes: auditDiff(before, after, { redactPaths: ['password'] }),\n * })\n * ```\n */\nexport function auditDiff(\n before: unknown,\n after: unknown,\n options: AuditDiffOptions = {},\n): { before?: unknown, after?: unknown, patch: AuditPatchOp[] } {\n const replacement = options.replacement ?? '[REDACTED]'\n const redactSet = new Set((options.redactPaths ?? []).map(p => p))\n const patch: AuditPatchOp[] = []\n\n function isRedacted(path: string): boolean {\n if (redactSet.size === 0) return false\n if (redactSet.has(path)) return true\n for (const p of redactSet) {\n if (path.endsWith(`.${p}`)) return true\n }\n return false\n }\n\n function diff(a: unknown, b: unknown, path: string): void {\n if (a === b) return\n\n if (a === undefined && b !== undefined) {\n patch.push({ op: 'add', path: path || '/', value: redactValue(b, path) })\n return\n }\n if (a !== undefined && b === undefined) {\n patch.push({ op: 'remove', path: path || '/' })\n return\n }\n\n if (\n a !== null && b !== null\n && typeof a === 'object' && typeof b === 'object'\n && !Array.isArray(a) && !Array.isArray(b)\n ) {\n const keys = new Set([...Object.keys(a as object), ...Object.keys(b as object)])\n for (const key of keys) {\n diff((a as Record<string, unknown>)[key], (b as Record<string, unknown>)[key], `${path}/${key}`)\n }\n return\n }\n\n patch.push({ op: 'replace', path: path || '/', value: redactValue(b, path) })\n }\n\n function redactValue(value: unknown, path: string): unknown {\n if (value === null || typeof value !== 'object') {\n const segs = path.split('/').filter(Boolean)\n const last = segs[segs.length - 1]\n if (last && isRedacted(last)) return replacement\n return value\n }\n if (Array.isArray(value)) {\n return value.map((v, i) => redactValue(v, `${path}/${i}`))\n }\n const out: Record<string, unknown> = {}\n for (const [k, v] of Object.entries(value as Record<string, unknown>)) {\n out[k] = isRedacted(k) ? replacement : redactValue(v, `${path}/${k}`)\n }\n return out\n }\n\n diff(before, after, '')\n const result: { before?: unknown, after?: unknown, patch: AuditPatchOp[] } = { patch }\n if (options.includeBefore) result.before = redactValue(before, '')\n if (options.includeAfter) result.after = redactValue(after, '')\n return result\n}\n\n/** Single JSON Patch operation produced by {@link auditDiff}. */\nexport interface AuditPatchOp {\n op: 'add' | 'remove' | 'replace'\n path: string\n value?: unknown\n}\n\n/** Options for {@link auditDiff}. */\nexport interface AuditDiffOptions {\n /** Object keys (dot-notation) whose values should be replaced with `[REDACTED]`. */\n redactPaths?: string[]\n /** Custom replacement string. @default '[REDACTED]' */\n replacement?: string\n /** Include the full redacted `before` snapshot alongside the patch. */\n includeBefore?: boolean\n /** Include the full redacted `after` snapshot alongside the patch. */\n includeAfter?: boolean\n}\n\n/**\n * Define a typed audit action with an optional fixed target type.\n *\n * Returns a curried helper that fills in the action name (and target shape\n * if provided) so call sites stay terse and the action set is discoverable\n * in one place.\n *\n * @example\n * ```ts\n * const refund = defineAuditAction('invoice.refund', { target: 'invoice' })\n *\n * log.audit(refund({\n * actor: { type: 'user', id: user.id },\n * target: { id: 'inv_889' }, // type inferred as 'invoice'\n * outcome: 'success',\n * }))\n * ```\n */\nexport function defineAuditAction<TTargetType extends string | undefined = undefined>(\n action: string,\n options?: { target?: TTargetType },\n): DefinedAuditAction<TTargetType> {\n const targetType = options?.target\n return (input) => {\n const merged: AuditInput = {\n ...input,\n action,\n }\n if (targetType && input.target && !input.target.type) {\n merged.target = { ...input.target, type: targetType }\n }\n return merged\n }\n}\n\n/**\n * Return type of {@link defineAuditAction}. Accepts a partial input (no\n * `action`, target type pre-filled when provided).\n */\nexport type DefinedAuditAction<TTargetType extends string | undefined> = (\n input: TTargetType extends string\n ? Omit<AuditInput, 'action' | 'target'> & { target?: Omit<AuditTarget, 'type'> & { type?: TTargetType } }\n : Omit<AuditInput, 'action'>,\n) => AuditInput\n\n/**\n * Test helper that captures every audit event emitted while it is active.\n *\n * Returns `{ events, restore, expect }`:\n * - `events` — live array of captured `AuditFields`, populated as audits fire.\n * - `restore()` — uninstall the collector. Call from `afterEach()`.\n * - `expect.toIncludeAuditOf(matcher)` — assertion helper used inside `expect`\n * blocks, returns `true` if at least one captured event matches.\n *\n * Only captures audits going through `log.audit()` and the standalone\n * `audit()` function. Events emitted via raw `log.set({ audit })` skip the\n * collector by design — wrap them with `log.audit()` to make them visible to\n * tests.\n *\n * @example\n * ```ts\n * const captured = mockAudit()\n * await refundInvoice('inv_889')\n * expect(captured.events).toHaveLength(1)\n * expect(captured.toIncludeAuditOf({ action: 'invoice.refund' })).toBe(true)\n * captured.restore()\n * ```\n */\nexport function mockAudit(): MockAudit {\n const events: AuditFields[] = []\n const previous = _testCollector\n _testCollector = (event) => {\n events.push(event)\n }\n\n return {\n events,\n restore() {\n _testCollector = previous\n },\n toIncludeAuditOf(matcher) {\n return events.some(event => matchesAudit(event, matcher))\n },\n }\n}\n\n/** Result of {@link mockAudit}. */\nexport interface MockAudit {\n events: AuditFields[]\n restore: () => void\n toIncludeAuditOf: (matcher: AuditMatcher) => boolean\n}\n\n/** Partial structural matcher for {@link MockAudit.toIncludeAuditOf}. */\nexport interface AuditMatcher {\n action?: string | RegExp\n outcome?: AuditFields['outcome']\n actor?: Partial<AuditActor>\n target?: Partial<AuditTarget>\n}\n\nfunction matchesAudit(event: AuditFields, matcher: AuditMatcher): boolean {\n if (matcher.action !== undefined) {\n if (matcher.action instanceof RegExp) {\n if (!matcher.action.test(event.action)) return false\n } else if (event.action !== matcher.action) {\n return false\n }\n }\n if (matcher.outcome !== undefined && event.outcome !== matcher.outcome) return false\n if (matcher.actor) {\n for (const [k, v] of Object.entries(matcher.actor)) {\n if ((event.actor as Record<string, unknown>)[k] !== v) return false\n }\n }\n if (matcher.target) {\n if (!event.target) return false\n for (const [k, v] of Object.entries(matcher.target)) {\n if ((event.target as Record<string, unknown>)[k] !== v) return false\n }\n }\n return true\n}\n\n/**\n * @internal Hook used by `RequestLogger.emit()` to detect audit-driven\n * force-keep flags on the accumulated context. Returns whether the event was\n * marked by `log.audit()` and clears the flag.\n */\nexport function consumeAuditForceKeep(context: Record<string, unknown>): boolean {\n if (context._auditForceKeep) {\n delete context._auditForceKeep\n return true\n }\n if (context.audit) return true\n return false\n}\n\n/**\n * @internal Decorate the audit field on an event right before drain — fills\n * in the deterministic idempotency key. Called by the logger pipeline so\n * it works for both `log.audit()` and direct `log.set({ audit })` paths.\n */\nexport function finalizeAudit(event: WideEvent): void {\n const a = event.audit as AuditFields | undefined\n if (!a) return\n const decorated = decorateAudit(a, String(event.timestamp))\n event.audit = decorated\n}\n\n/** Shape of the optional better-auth bridge for the audit enricher. */\nexport interface AuditEnricherBetterAuthBridge {\n /** Read the current authenticated session for this request, if any. */\n getSession: (ctx: EnrichContext) => Promise<AuditActor | null | undefined> | AuditActor | null | undefined\n}\n\n/** Options for {@link auditEnricher}. */\nexport interface AuditEnricherOptions {\n /**\n * Resolve the tenant id for the current request. The result is stored at\n * `event.audit.context.tenantId`. Multi-tenant SaaS gets isolation by default.\n */\n tenantId?: (ctx: EnrichContext) => string | undefined\n /**\n * Bridge to populate `event.audit.actor` from the authenticated session.\n * Only used when the application has not already filled `actor`.\n */\n bridge?: AuditEnricherBetterAuthBridge\n /** When true, overwrite existing context fields. @default false */\n overwrite?: boolean\n}\n\n/**\n * Enrich audit-bearing wide events with request, runtime, and tenant context.\n *\n * Runs only when `event.audit` is present — every other event passes through\n * untouched. Populates:\n * - `event.audit.context.requestId` from `ctx.request.requestId`\n * - `event.audit.context.traceId` from `event.traceId`\n * - `event.audit.context.ip` from `x-forwarded-for` / `x-real-ip`\n * - `event.audit.context.userAgent` from `user-agent`\n * - `event.audit.context.tenantId` from `options.tenantId(ctx)`\n *\n * Optionally fills `event.audit.actor` from the better-auth bridge when the\n * caller did not provide one. Anything else (custom actor strategies,\n * extra context) belongs in a custom enricher — replace this one entirely.\n */\nexport function auditEnricher(options: AuditEnricherOptions = {}): (ctx: EnrichContext) => void | Promise<void> {\n return async (ctx) => {\n const event = ctx.event as WideEvent & { audit?: AuditFields }\n const a = event.audit\n if (!a) return\n\n const context = { ...(a.context ?? {}) }\n\n function setIfMissing(key: string, value: string | undefined): void {\n if (value === undefined) return\n if (options.overwrite || context[key] === undefined) context[key] = value\n }\n\n setIfMissing('requestId', ctx.request?.requestId)\n setIfMissing('traceId', typeof event.traceId === 'string' ? event.traceId : undefined)\n setIfMissing('ip', getHeader(ctx.headers, 'x-forwarded-for')?.split(',')[0]?.trim() ?? getHeader(ctx.headers, 'x-real-ip'))\n setIfMissing('userAgent', getHeader(ctx.headers, 'user-agent'))\n\n if (options.tenantId) {\n const tid = options.tenantId(ctx)\n if (tid !== undefined) setIfMissing('tenantId', tid)\n }\n\n let { actor } = a\n if (!actor && options.bridge) {\n const fromBridge = await options.bridge.getSession(ctx)\n if (fromBridge) actor = fromBridge\n }\n\n event.audit = { ...a, context, actor: actor ?? a.actor }\n }\n}\n\nfunction getHeader(headers: Record<string, string> | undefined, name: string): string | undefined {\n if (!headers) return undefined\n if (headers[name] !== undefined) return headers[name]\n const lower = name.toLowerCase()\n if (headers[lower] !== undefined) return headers[lower]\n for (const [k, v] of Object.entries(headers)) {\n if (k.toLowerCase() === lower) return v\n }\n return undefined\n}\n\n/** Options accepted by {@link auditOnly}. */\nexport interface AuditOnlyOptions {\n /**\n * When true, the wrapper awaits the wrapped drain so the event is flushed\n * before the request resolves. Use for crash-safe audit storage.\n * @default false\n */\n await?: boolean\n}\n\n/** Drain function signature accepted by all wrappers. Matches `LoggerConfig['drain']`. */\nexport type DrainFn = (ctx: DrainContext) => void | Promise<void>\n\n/**\n * Wrap any drain so it only receives events that carry an `audit` field.\n *\n * Use to route audit events to dedicated storage (separate Axiom dataset,\n * append-only Postgres table, FS journal) without affecting your main drain.\n *\n * Per-sink failure isolation comes from `initLogger({ drain: [...] })`: each\n * drain in the array is invoked independently, so a crashed Axiom call never\n * blocks the FS audit drain.\n *\n * @example\n * ```ts\n * import { initLogger, auditOnly } from 'evlog'\n * import { createAxiomDrain } from 'evlog/axiom'\n * import { createFsDrain } from 'evlog/fs'\n *\n * initLogger({\n * drain: [\n * createAxiomDrain({ dataset: 'logs' }),\n * auditOnly(createFsDrain({ dir: '.audit' }), { await: true }),\n * ],\n * })\n * ```\n */\nexport function auditOnly(drain: DrainFn, options: AuditOnlyOptions = {}): DrainFn {\n return async (ctx) => {\n if (!ctx.event.audit) return\n if (options.await) {\n await drain(ctx)\n return\n }\n drain(ctx)\n }\n}\n\n/** Pluggable persistence for the hash-chain state. */\nexport interface SignedChainState {\n /** Load the previous hash from durable storage, or `null` on first run. */\n load: () => Promise<string | null> | string | null\n /** Persist the latest hash so the chain survives process restarts. */\n save: (hash: string) => Promise<void> | void\n}\n\n/** Options for {@link signed}. Pick a strategy at construction time. */\nexport type SignedOptions =\n | { strategy: 'hmac', secret: string, algorithm?: 'sha256' | 'sha512' }\n | { strategy: 'hash-chain', state?: SignedChainState, algorithm?: 'sha256' | 'sha512' }\n\n/**\n * Wrap a drain so every event passing through gains tamper-evident integrity.\n *\n * - `'hmac'` — adds `event.audit.signature` (HMAC of the canonical event).\n * - `'hash-chain'` — adds `event.audit.prevHash` and `event.audit.hash` so the\n * sequence of events forms a verifiable chain. State persists in memory\n * by default; pass a `state: { load, save }` for cross-process / durable\n * chains (Redis, file, Postgres).\n *\n * The signature is computed before the event is forwarded to the wrapped\n * drain — combine with {@link auditOnly} when you only want integrity for\n * audit events.\n *\n * @example\n * ```ts\n * import { initLogger, auditOnly, signed } from 'evlog'\n * import { createFsDrain } from 'evlog/fs'\n *\n * initLogger({\n * drain: auditOnly(\n * signed(createFsDrain({ dir: '.audit' }), { strategy: 'hash-chain' }),\n * { await: true },\n * ),\n * })\n * ```\n */\nexport function signed(drain: DrainFn, options: SignedOptions): DrainFn {\n if (options.strategy === 'hmac') {\n const algorithm = options.algorithm ?? 'sha256'\n const { secret } = options\n return async (ctx) => {\n const a = ctx.event.audit as AuditFields | undefined\n if (a) {\n const payload = stableStringify(stripIntegrity(ctx.event))\n const signature = await hmacHex(algorithm, secret, payload)\n ctx.event.audit = { ...a, signature }\n }\n await drain(ctx)\n }\n }\n\n const algorithm = options.algorithm ?? 'sha256'\n const { state } = options\n let inMemoryPrev: string | null = null\n let initialised = !state\n let queue: Promise<void> = Promise.resolve()\n\n return (ctx) => {\n queue = queue.then(async () => {\n const a = ctx.event.audit as AuditFields | undefined\n if (a) {\n if (!initialised && state) {\n inMemoryPrev = (await state.load()) ?? null\n initialised = true\n }\n const prevHash = inMemoryPrev ?? undefined\n const payload = stableStringify({ ...stripIntegrity(ctx.event), audit: { ...stripIntegrity(ctx.event).audit, prevHash } })\n const hash = await digestHex(algorithm, payload)\n ctx.event.audit = { ...a, prevHash, hash }\n inMemoryPrev = hash\n await state?.save(hash)\n }\n await drain(ctx)\n }).catch((err) => {\n console.error('[evlog/audit] signed drain failed:', err)\n })\n return queue\n }\n}\n\n/**\n * @internal Resolve the Web Crypto SubtleCrypto interface. Available natively\n * in browsers, Node 19+, Bun, Deno, and Cloudflare Workers. Falls back to\n * Node's `webcrypto` for Node 18 (where `globalThis.crypto` is gated behind\n * a flag). The dynamic import keeps `node:crypto` out of browser bundles.\n */\nasync function getSubtle(): Promise<SubtleCrypto> {\n const c = (globalThis as { crypto?: { subtle?: SubtleCrypto } }).crypto\n if (c?.subtle) return c.subtle\n const mod = await import(/* @vite-ignore */ 'node:crypto') as { webcrypto: { subtle: SubtleCrypto } }\n return mod.webcrypto.subtle\n}\n\nfunction normalizeAlgo(algorithm: string): string {\n switch (algorithm.toLowerCase()) {\n case 'sha1':\n case 'sha-1':\n return 'SHA-1'\n case 'sha256':\n case 'sha-256':\n return 'SHA-256'\n case 'sha384':\n case 'sha-384':\n return 'SHA-384'\n case 'sha512':\n case 'sha-512':\n return 'SHA-512'\n default:\n return 'SHA-256'\n }\n}\n\nfunction bufToHex(buf: ArrayBuffer): string {\n let out = ''\n for (const byte of new Uint8Array(buf)) out += byte.toString(16).padStart(2, '0')\n return out\n}\n\nasync function digestHex(algorithm: string, data: string): Promise<string> {\n const subtle = await getSubtle()\n const buf = await subtle.digest(normalizeAlgo(algorithm), new TextEncoder().encode(data))\n return bufToHex(buf)\n}\n\nasync function hmacHex(algorithm: string, secret: string, data: string): Promise<string> {\n const subtle = await getSubtle()\n const hash = normalizeAlgo(algorithm)\n const key = await subtle.importKey('raw', new TextEncoder().encode(secret), { name: 'HMAC', hash }, false, ['sign'])\n const sig = await subtle.sign('HMAC', key, new TextEncoder().encode(data))\n return bufToHex(sig)\n}\n\n/** @internal Strip integrity fields before hashing so signatures stay stable. */\nfunction stripIntegrity(event: WideEvent): WideEvent {\n const a = event.audit as AuditFields | undefined\n if (!a) return event\n const { signature, prevHash, hash, ...rest } = a\n return { ...event, audit: rest as AuditFields }\n}\n\n/**\n * Strict redact preset for audit events.\n *\n * Combine with the user's existing redact configuration via spread:\n * `initLogger({ redact: { paths: [...auditRedactPreset.paths!, ...mine] } })`.\n *\n * Hardens PII handling:\n * - Drops `Authorization` and `Cookie` headers anywhere they appear.\n * - Drops common credential field names (`password`, `passwordHash`, `token`,\n * `apiKey`, `secret`, `accessToken`, `refreshToken`, `cardNumber`, `cvv`,\n * `ssn`).\n *\n * Built-in pattern maskers (email, credit card, …) keep their default\n * behaviour — partial masking, not full redaction — so audit trails retain\n * enough signal to be useful.\n */\nexport const auditRedactPreset: RedactConfig = {\n paths: [\n 'audit.changes.before.password',\n 'audit.changes.before.passwordHash',\n 'audit.changes.before.token',\n 'audit.changes.before.apiKey',\n 'audit.changes.before.secret',\n 'audit.changes.before.accessToken',\n 'audit.changes.before.refreshToken',\n 'audit.changes.before.cardNumber',\n 'audit.changes.before.cvv',\n 'audit.changes.before.ssn',\n 'audit.changes.after.password',\n 'audit.changes.after.passwordHash',\n 'audit.changes.after.token',\n 'audit.changes.after.apiKey',\n 'audit.changes.after.secret',\n 'audit.changes.after.accessToken',\n 'audit.changes.after.refreshToken',\n 'audit.changes.after.cardNumber',\n 'audit.changes.after.cvv',\n 'audit.changes.after.ssn',\n 'headers.authorization',\n 'headers.cookie',\n 'headers.set-cookie',\n 'audit.context.headers.authorization',\n 'audit.context.headers.cookie',\n ],\n}\n"],"mappings":";;AAEA,MAAM,sBAAsB;;;;;AAQ5B,MAAa,kBAAkB;;CAE7B,YAAY;EACV,SAAS;EACT,OAAO,MAAc,OAAO,EAAE,QAAQ,UAAU,GAAG,CAAC,MAAM,GAAG;EAC9D;;CAED,OAAO;EACL,SAAS;EACT,OAAO,MAAc;AAEnB,OADW,EAAE,QAAQ,IACf,GAAG,EAAG,QAAO;GACnB,MAAM,MAAM,EAAE,MAAM,EAAE,YAAY,IAAI,CAAC;AACvC,UAAO,GAAG,EAAE,GAAG,SAAS;;EAE3B;;CAED,MAAM;EACJ,SAAS;EACT,OAAO,MAAc,eAAe,EAAE,MAAM,IAAI,CAAC,KAAK;EACvD;;;;;;;;;;CAUD,OAAO;EACL,SAAS;EACT,OAAO,MAAc;GACnB,MAAM,SAAS,EAAE,QAAQ,UAAU,GAAG;AAEtC,OADgB,EAAE,WAAW,IAClB,IAAI,OAAO,SAAS,GAAG;IAChC,MAAM,UAAU,EAAE,MAAM,aAAa;AAErC,WAAO,GADI,UAAU,QAAQ,KAAK,IACrB,QAAQ,OAAO,MAAM,GAAG;;AAEvC,OAAI,OAAO,SAAS,EAClB,QAAO,GAAG,IAAI,OAAO,OAAO,SAAS,EAAE,GAAG,OAAO,MAAM,GAAG;AAE5D,UAAO;;EAEV;;CAED,KAAK;EACH,SAAS;EACT,YAAY;EACb;;CAED,QAAQ;EACN,SAAS;EACT,YAAY;EACb;;CAED,MAAM;EACJ,SAAS;EACT,OAAO,MAAc;GACnB,MAAM,QAAQ,EAAE,QAAQ,UAAU,GAAG;AACrC,UAAO,GAAG,MAAM,MAAM,GAAG,EAAE,CAAC,MAAM,MAAM,MAAM,GAAG;;EAEpD;CACF;;;;;;;;AAWD,SAAgB,oBAAoB,OAAqE;AACvG,KAAI,UAAU,KAAA,KAAa,UAAU,MAAO,QAAO,KAAA;AAEnD,KAAI,UAAU,KACZ,QAAO,EAAE,UAAU,mBAAmB,EAAE;AAG1C,KAAI,MAAM,aAAa,MACrB,QAAO;CAGT,MAAM,UAAU,MAAM,QAAQ,MAAM,SAAS,GACzC,MAAM,SACL,KAAI,SAAQ,gBAAgB,MAAM,CAClC,OAAO,QAAQ,CACf,KAAI,MAAK,CAAC,WAAW,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAW,GACpD,mBAAmB;AAEvB,QAAO;EACL,GAAG;EACH,UAAU;EACX;;AAGH,SAAS,oBAA8B;AACrC,QAAO,OAAO,OAAO,gBAAgB,CAAC,KAAI,MAAK,CAAC,WAAW,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAW;;AAG3F,SAAS,WAAW,IAAoB;AACtC,QAAO,IAAI,OAAO,GAAG,QAAQ,GAAG,MAAM;;;;;;;;;;;;;AAcxC,SAAgB,YAAY,OAAgC,QAA4B;CACtF,MAAM,cAAc,OAAO,eAAe;AAE1C,KAAI,OAAO,OAAO,OAChB,MAAK,MAAM,QAAQ,OAAO,MACxB,YAAW,OAAO,KAAK,MAAM,IAAI,EAAE,YAAY;AAInD,KAAI,OAAO,UAAU,OACnB,oBAAmB,OAAO,OAAO,SAAS;AAG5C,KAAI,OAAO,UAAU,OACnB,gBAAe,OAAO,OAAO,UAAU,YAAY;;AAIvD,SAAS,WAAW,KAA8B,UAAoB,aAA2B;CAC/F,IAAI,UAAmB;AACvB,MAAK,IAAI,IAAI,GAAG,IAAI,SAAS,SAAS,GAAG,KAAK;AAC5C,MAAI,YAAY,QAAQ,YAAY,KAAA,KAAa,OAAO,YAAY,SAAU;AAC9E,YAAW,QAAoC,SAAS;;AAG1D,KAAI,YAAY,QAAQ,YAAY,KAAA,KAAa,OAAO,YAAY,SAAU;CAE9E,MAAM,OAAO,SAAS,SAAS,SAAS;AACxC,KAAI,QAAS,QACV,SAAoC,QAAQ;;AAIjD,SAAS,eAAe,KAAc,UAAoB,aAA2B;AACnF,KAAI,QAAQ,QAAQ,QAAQ,KAAA,EAAW;AAEvC,KAAI,MAAM,QAAQ,IAAI,EAAE;AACtB,OAAK,IAAI,IAAI,GAAG,IAAI,IAAI,QAAQ,IAC9B,KAAI,OAAO,IAAI,OAAO,SACpB,KAAI,KAAK,cAAc,IAAI,IAAc,UAAU,YAAY;WACtD,OAAO,IAAI,OAAO,SAC3B,gBAAe,IAAI,IAAI,UAAU,YAAY;AAGjD;;AAGF,KAAI,OAAO,QAAQ,UAAU;EAC3B,MAAM,SAAS;AACf,OAAK,MAAM,OAAO,QAAQ;GACxB,MAAM,MAAM,OAAO;AACnB,OAAI,OAAO,QAAQ,SACjB,QAAO,OAAO,cAAc,KAAK,UAAU,YAAY;YAC9C,OAAO,QAAQ,SACxB,gBAAe,KAAK,UAAU,YAAY;;;;AAMlD,SAAS,cAAc,OAAe,UAAoB,aAA6B;CACrF,IAAI,SAAS;AACb,MAAK,MAAM,WAAW,UAAU;AAC9B,UAAQ,YAAY;AACpB,WAAS,OAAO,QAAQ,SAAS,YAAY;;AAE/C,QAAO;;AAGT,SAAS,mBAAmB,KAAc,SAAyB;AACjE,KAAI,QAAQ,QAAQ,QAAQ,KAAA,EAAW;AAEvC,KAAI,MAAM,QAAQ,IAAI,EAAE;AACtB,OAAK,IAAI,IAAI,GAAG,IAAI,IAAI,QAAQ,IAC9B,KAAI,OAAO,IAAI,OAAO,SACpB,KAAI,KAAK,aAAa,IAAI,IAAc,QAAQ;WACvC,OAAO,IAAI,OAAO,SAC3B,oBAAmB,IAAI,IAAI,QAAQ;AAGvC;;AAGF,KAAI,OAAO,QAAQ,UAAU;EAC3B,MAAM,SAAS;AACf,OAAK,MAAM,OAAO,QAAQ;GACxB,MAAM,MAAM,OAAO;AACnB,OAAI,OAAO,QAAQ,SACjB,QAAO,OAAO,aAAa,KAAK,QAAQ;YAC/B,OAAO,QAAQ,SACxB,oBAAmB,KAAK,QAAQ;;;;AAMxC,SAAS,aAAa,OAAe,SAA2B;CAC9D,IAAI,SAAS;AACb,MAAK,MAAM,CAAC,SAAS,SAAS,SAAS;AACrC,UAAQ,YAAY;AACpB,WAAS,OAAO,QAAQ,SAAS,KAAK;;AAExC,QAAO;;;;;;;AAQT,SAAgB,sBAAsB,KAA8E;AAClH,KAAI,QAAQ,KAAA,KAAa,QAAQ,MAAO,QAAO,KAAA;AAC/C,KAAI,QAAQ,KAAM,QAAO,oBAAoB,KAAK;CAElD,MAAM,SAAuB,EAAE;AAE/B,KAAI,MAAM,QAAQ,IAAI,MAAM,CAC1B,QAAO,QAAQ,IAAI;AAGrB,KAAI,OAAO,IAAI,gBAAgB,SAC7B,QAAO,cAAc,IAAI;AAG3B,KAAI,IAAI,aAAa,MACnB,QAAO,WAAW;UACT,MAAM,QAAQ,IAAI,SAAS,CACpC,QAAO,WAAW,IAAI;AAGxB,KAAI,MAAM,QAAQ,IAAI,SAAS,CAC7B,QAAO,WAAY,IAAI,SAAuB,KAAK,MAAM;AACvD,MAAI,aAAa,OAAQ,QAAO;AAChC,MAAI,OAAO,MAAM,SAAU,QAAO,IAAI,OAAO,GAAG,IAAI;AACpD,MAAI,OAAO,MAAM,YAAY,MAAM,MAAM;GACvC,MAAM,MAAM;AACZ,UAAO,IAAI,OAAO,IAAI,QAAQ,IAAI,SAAS,IAAI;;AAEjD,SAAO;GACP,CAAC,QAAQ,MAAmB,MAAM,KAAK;AAG3C,QAAO,oBAAoB,OAAO;;;;ACxQpC,SAAS,cAAc,KAA8C;AACnE,QAAO,QAAQ,QAAQ,OAAO,QAAQ,YAAY,CAAC,MAAM,QAAQ,IAAI;;AAGvE,MAAM,0BAAU,IAAI,MAAM;AAC1B,SAAS,SAAiB;AACxB,SAAQ,QAAQ,KAAK,KAAK,CAAC;AAC3B,QAAO,QAAQ,aAAa;;;AAI9B,MAAM,sBACJ;AAEF,SAAS,aAAa,QAAgB,QAAsB;AAC1D,SAAQ,KACN,WAAW,OAAO,6CAA6C,OAAO,+CAA+C,sBACtH;;AAGH,SAAS,UAAU,QAAiC,QAAuC;AACzF,MAAK,MAAM,OAAO,QAAQ;EACxB,MAAM,YAAY,OAAO;AACzB,MAAI,cAAc,KAAA,KAAa,cAAc,KAAM;EACnD,MAAM,YAAY,OAAO;AACzB,MAAI,cAAc,UAAU,IAAI,cAAc,UAAU,CACtD,WAAU,WAAW,UAAU;WACtB,MAAM,QAAQ,UAAU,IAAI,MAAM,QAAQ,UAAU,CAC7D,QAAO,OAAO,CAAC,GAAG,WAAW,GAAG,UAAU;MAE1C,QAAO,OAAO;;;AAKpB,IAAI,YAAgC;CAClC,SAAS;CACT,aAAa;CACd;AAED,IAAI,eAAe,OAAO;AAC1B,IAAI,iBAAiC,EAAE;AACvC,IAAI,kBAAkB;AACtB,IAAI;AACJ,IAAI;AACJ,IAAI,gBAAgB;AACpB,IAAI,eAAe;;AAEnB,IAAI,iBAA2B;AAC/B,IAAI,UAAU;;;;;AAMd,SAAgB,WAAW,SAAuB,EAAE,EAAQ;AAC1D,iBAAgB,OAAO,WAAW;CAClC,MAAM,WAAW,mBAAmB;AAEpC,aAAY;EACV,SAAS,OAAO,KAAK,WAAW,SAAS,WAAW;EACpD,aAAa,OAAO,KAAK,eAAe,SAAS,eAAe;EAChE,SAAS,OAAO,KAAK,WAAW,SAAS;EACzC,YAAY,OAAO,KAAK,cAAc,SAAS;EAC/C,QAAQ,OAAO,KAAK,UAAU,SAAS;EACxC;AAED,gBAAe,OAAO,UAAU,OAAO;AACvC,kBAAiB,OAAO,YAAY,EAAE;AACtC,mBAAkB,OAAO,aAAa;AACtC,eAAc,OAAO;AACrB,gBAAe,oBAAoB,OAAO,UAAU,CAAC,OAAO,CAAC;AAC7D,gBAAe,OAAO,UAAU;AAChC,kBAAiB,OAAO,YAAY;AAEpC,KAAI,gBAAgB,CAAC,eAAe,CAAC,OAAO,sBAC1C,SAAQ,KAAK,gMAAgM;;;;;AAOjN,SAAgB,YAAqB;AACnC,QAAO;;;;;;;AAQT,SAAgB,aAAmB;AACjC,WAAU;;;;;AAMZ,SAAgB,iBAA0B;AACxC,QAAO;;;;;;;AAQT,SAAgB,iBAA4E;AAC1F,QAAO;;;;;;AAOT,SAAS,aAAa,OAA0B;CAC9C,MAAM,EAAE,UAAU;AAClB,KAAI,CAAC,MACH,QAAO;CAIT,MAAM,aAAa,UAAU,WAAW,MAAM,UAAU,KAAA,IACpD,MACA,MAAM,UAAU;AAGpB,KAAI,cAAc,EAAG,QAAO;AAC5B,KAAI,cAAc,IAAK,QAAO;AAE9B,QAAO,KAAK,QAAQ,GAAG,MAAM;;;;;;AAO/B,SAAgB,WAAW,KAAmC;CAC5D,MAAM,EAAE,SAAS;AACjB,KAAI,CAAC,MAAM,OAAQ,QAAO;AAE1B,QAAO,KAAK,MAAM,cAAc;AAC9B,MAAI,UAAU,WAAW,KAAA,KAAa,IAAI,WAAW,KAAA,KAAa,IAAI,UAAU,UAAU,OACxF,QAAO;AAET,MAAI,UAAU,aAAa,KAAA,KAAa,IAAI,aAAa,KAAA,KAAa,IAAI,YAAY,UAAU,SAC9F,QAAO;AAET,MAAI,UAAU,QAAQ,IAAI,QAAQ,eAAe,IAAI,MAAM,UAAU,KAAK,CACxE,QAAO;AAET,SAAO;GACP;;AASJ,SAAS,cACP,OACA,OACA,UAAgC,EAAE,EAChB;CAClB,MAAM,EAAE,aAAa,OAAO,YAAY,OAAO,cAAc;AAC7D,KAAI,CAAC,cAAe,QAAO;AAE3B,KAAI,CAAC,WAAW;AACd,MAAI,CAAC,eAAe,OAAO,eAAe,CACxC,QAAO;AAET,MAAI,CAAC,aAAa,MAAM,CACtB,QAAO;;CAIX,IAAI;AACJ,KAAI,WAAW;AACb,QAAM,YAAY,QAAQ;AAC1B,QAAM,QAAQ;AACd,MAAI,MAAM,YAAY,KAAA,EAAW,OAAM,UAAU,UAAU;AAC3D,MAAI,MAAM,gBAAgB,KAAA,EAAW,OAAM,cAAc,UAAU;AACnE,MAAI,UAAU,YAAY,KAAA,KAAa,MAAM,YAAY,KAAA,EAAW,OAAM,UAAU,UAAU;AAC9F,MAAI,UAAU,eAAe,KAAA,KAAa,MAAM,eAAe,KAAA,EAAW,OAAM,aAAa,UAAU;AACvG,MAAI,UAAU,WAAW,KAAA,KAAa,MAAM,WAAW,KAAA,EAAW,OAAM,SAAS,UAAU;AAC3F,cAAY;OAEZ,aAAY;EACV,WAAW,QAAQ;EACnB;EACA,GAAG;EACH,GAAG;EACJ;AAGH,eAAc,UAAU;AAExB,KAAI,aACF,aAAY,WAAW,aAAa;AAGtC,KAAI,CAAC,aACH,KAAI,aACF,sBAAqB,UAAU;UACtB,gBACT,SAAQ,iBAAiB,MAAM,EAAE,KAAK,UAAU,UAAU,CAAC;KAE3D,SAAQ,iBAAiB,MAAM,EAAE,UAAU;AAI/C,KAAI,eAAe,CAAC,YAAY;EAC9B,MAAM,eAAe,QAAQ,QAAQ,YAAY,EAAE,OAAO,WAAW,CAAC,CAAC,CAAC,OAAO,QAAQ;AACrF,WAAQ,MAAM,yBAAyB,IAAI;IAC3C;AACF,MAAI,UACF,WAAU,aAAa;;AAI3B,QAAO;;AAGT,SAAS,cAAc,OAAiB,KAAa,SAAuB;AAC1E,KAAI,CAAC,cAAe;AAEpB,KAAI,gBAAgB,CAAC,cAAc;AACjC,MAAI,CAAC,eAAe,OAAO,eAAe,CACxC;AAEF,MAAI,CAAC,aAAa,MAAM,CACtB;AAGF,MAAI,WAAW,EAAE;GACf,MAAM,aAAa,iBAAiB,MAAM;GAC1C,MAAM,YAAY,QAAQ,CAAC,MAAM,IAAI,GAAG;AACxC,WAAQ,IACN,KAAK,UAAU,QAAQ,mBAAmB,IAAI,CAAC,MAAM,mBAAmB,QAAQ,IAChF,UAAU,KACV,UAAU,OACV,YACA,UAAU,MACX;SACI;GACL,MAAM,QAAQ,cAAc,MAAM;GAClC,MAAM,YAAY,QAAQ,CAAC,MAAM,IAAI,GAAG;AACxC,WAAQ,IAAI,GAAG,OAAO,MAAM,YAAY,OAAO,MAAM,GAAG,MAAM,GAAG,IAAI,GAAG,OAAO,MAAM,GAAG,UAAU;;AAGpG;;AAEF,eAAc,OAAO;EAAE;EAAK;EAAS,CAAC;;AAGxC,SAAS,YAAY,OAAwB;AAC3C,KAAI,UAAU,QAAQ,UAAU,KAAA,EAC9B,QAAO,OAAO,MAAM;AAEtB,KAAI,OAAO,UAAU,UAAU;EAC7B,MAAM,QAAkB,EAAE;AAC1B,OAAK,MAAM,CAAC,GAAG,MAAM,OAAO,QAAQ,MAAiC,CACnE,KAAI,MAAM,KAAA,KAAa,MAAM,KAC3B,KAAI,OAAO,MAAM,SACf,OAAM,KAAK,GAAG,EAAE,GAAG,KAAK,UAAU,EAAE,GAAG;MAEvC,OAAM,KAAK,GAAG,EAAE,GAAG,IAAI;AAI7B,SAAO,MAAM,KAAK,IAAI;;AAExB,QAAO,OAAO,MAAM;;AAGtB,SAAS,WAAW,MAAsB;AACxC,KAAI,OAAO,IAAM,QAAO,IAAI,KAAK,QAAQ,EAAE;AAC3C,KAAI,OAAO,EAAG,QAAO,IAAI,KAAK,QAAQ,EAAE;AACxC,QAAO,IAAI,KAAK,QAAQ,EAAE;;AAS5B,SAAS,eAAe,IAA0C;CAChE,MAAM,UAAuB,EAAE;CAG/B,MAAM,cAAwB,EAAE;AAChC,KAAI,GAAG,OAAO;EACZ,IAAI,IAAI,OAAO,GAAG,MAAM;AACxB,MAAI,GAAG,SAAU,MAAK,KAAK,GAAG,SAAS;AACvC,cAAY,KAAK,EAAE;;AAErB,KAAI,GAAG,MAAO,aAAY,KAAK,GAAG,GAAG,MAAM,OAAQ,GAAG,QAAmB,IAAI,MAAM,KAAK;AACxF,KAAI,GAAG,SAAU,GAAG,QAAmB,EAAG,aAAY,KAAK,GAAG,GAAG,MAAM,QAAQ;AAC/E,SAAQ,KAAK;EAAE,KAAK;EAAM,OAAO,YAAY,KAAK,MAAM;EAAE,CAAC;CAG3D,MAAM,cAAc,GAAG;CACvB,MAAM,eAAe,GAAG;CACxB,MAAM,cAAc,GAAG;AACvB,KAAI,gBAAgB,KAAA,KAAa,iBAAiB,KAAA,GAAW;EAC3D,IAAI,UAAU,GAAG,YAAY,QAAQ,aAAa;AAClD,MAAI,YAAa,YAAW,KAAK,YAAY;EAC7C,MAAM,SAAmB,EAAE;AAC3B,MAAI,GAAG,gBAAiB,QAAO,KAAK,GAAG,GAAG,gBAAgB,aAAa;AACvE,MAAI,GAAG,iBAAkB,QAAO,KAAK,GAAG,GAAG,iBAAiB,cAAc;AAC1E,MAAI,GAAG,gBAAiB,QAAO,KAAK,GAAG,GAAG,gBAAgB,YAAY;AACtE,MAAI,OAAO,OAAQ,YAAW,MAAM,OAAO,KAAK,MAAM;AACtD,UAAQ,KAAK;GAAE,KAAK;GAAa,OAAO;GAAS,CAAC;;CAIpD,MAAM,UAAU,GAAG;CACnB,MAAM,WAAW,GAAG;CACpB,MAAM,MAAM,GAAG;AACf,KAAI,YAAY,KAAA,KAAa,aAAa,KAAA,GAAW;EACnD,MAAM,QAAkB,EAAE;AAC1B,MAAI,YAAY,KAAA,EAAW,OAAM,KAAK,GAAG,eAAe,QAAQ,CAAC,iBAAiB;AAClF,MAAI,aAAa,KAAA,EAAW,OAAM,KAAK,GAAG,eAAe,SAAS,CAAC,QAAQ;EAC3E,IAAI,aAAa,MAAM,KAAK,MAAM;AAClC,MAAI,IAAK,eAAc,MAAM,IAAI;AACjC,UAAQ,KAAK;GAAE,KAAK;GAAgB,OAAO;GAAY,CAAC;;AAI1D,KAAI,GAAG,kBAAkB,KAAA,EACvB,SAAQ,KAAK;EAAE,KAAK;EAAW,OAAO,WAAW,GAAG,cAAwB;EAAE,CAAC;AAIjF,KAAI,GAAG,oBAAoB,KAAA,EACzB,SAAQ,KAAK;EAAE,KAAK;EAAoB,OAAO,eAAe,GAAG,gBAA0B;EAAE,CAAC;CAIhG,MAAM,YAAY,GAAG;CACrB,MAAM,QAAQ,GAAG;CACjB,MAAM,YAAY,WAAW,SAAS,OAAO,UAAU,OAAO,WAAW;AAEzE,KAAI,OAAO,QAAQ;EACjB,MAAM,WAAW,MAAM,KAAK,GAAG,QAAQ;GACrC,MAAM,OAAO,EAAE,UAAU,MAAM;GAC/B,IAAI,OAAO,GAAG,EAAE,KAAK,GAAG,eAAe,EAAE,WAAW,CAAC,GAAG;AACxD,OAAI,EAAE,MAAO,SAAQ,IAAI,EAAE;AAC3B,OAAI,aAAa,aAAa,MAAM,UAAU,QAAQ;IACpD,MAAM,KAAK,UAAU;IACrB,MAAM,WAAW,OAAO,GAAG,UAAU,WAAW,GAAG,QAAQ,KAAK,UAAU,GAAG,MAAM;IACnF,MAAM,YAAY,SAAS,SAAS,MAAM,GAAG,SAAS,MAAM,GAAG,IAAI,CAAC,KAAK;AACzE,YAAQ,IAAI;;AAEd,UAAO;IACP;AACF,UAAQ,KAAK;GAAE,KAAK;GAAY,OAAO;GAAI;GAAU,CAAC;YAC7C,WAAW,OACpB,KAAI,WAAW;EACb,MAAM,WAAY,UAAsD,KAAK,OAAO;GAClF,MAAM,WAAW,OAAO,GAAG,UAAU,WAAW,GAAG,QAAQ,KAAK,UAAU,GAAG,MAAM;GACnF,MAAM,YAAY,SAAS,SAAS,MAAM,GAAG,SAAS,MAAM,GAAG,IAAI,CAAC,KAAK;AACzE,UAAO,GAAG,GAAG,KAAK,GAAG,UAAU;IAC/B;AACF,UAAQ,KAAK;GAAE,KAAK;GAAY,OAAO;GAAI;GAAU,CAAC;OAEtD,SAAQ,KAAK;EAAE,KAAK;EAAY,OAAQ,UAAuB,KAAK,KAAK;EAAE,CAAC;CAKhF,MAAM,aAAa,GAAG;AACtB,KAAI,YAAY,QAAQ;EACtB,MAAM,eAAe,WAAW,OAAM,MAAK,EAAE,UAAU,WAAW,GAAI,MAAM;EAC5E,MAAM,WAAW,WAAW,KAAK,MAAM;GAErC,IAAI,OAAO,GADI,eAAe,KAAK,GAAG,EAAE,MAAM,KACvB,EAAE,YAAY,QAAQ,EAAE,aAAa;GAC5D,MAAM,YAAY,EAAE;AACpB,OAAI,WAAW,OAAQ,SAAQ,KAAK,UAAU,KAAK,KAAK,CAAC;AACzD,UAAO;IACP;AACF,UAAQ,KAAK;GAAE,KAAK;GAAY,OAAO;GAAI;GAAU,CAAC;YAC7C,GAAG,SAAU,GAAG,QAAmB,EAC5C,SAAQ,KAAK;EAAE,KAAK;EAAY,OAAO,OAAO,GAAG,MAAM;EAAE,CAAC;CAI5D,MAAM,YAAY,GAAG;AACrB,KAAI,WAAW;EACb,MAAM,QAAkB,EAAE;AAC1B,MAAI,UAAU,MAAO,OAAM,KAAK,OAAO,UAAU,MAAM,CAAC;AACxD,QAAM,KAAK,GAAG,UAAU,OAAO,SAAS;AACxC,MAAI,UAAU,WAAY,OAAM,KAAK,GAAG,UAAU,WAAW,GAAG;AAChE,MAAI,UAAU,MAAO,OAAM,KAAK,GAAG,UAAU,MAAM,QAAQ;AAC3D,UAAQ,KAAK;GAAE,KAAK;GAAgB,OAAO,MAAM,KAAK,MAAM;GAAE,CAAC;;AAGjE,KAAI,GAAG,aAAc,SAAQ,KAAK;EAAE,KAAK;EAAmB,OAAO,OAAO,GAAG,aAAa;EAAE,CAAC;AAC7F,KAAI,GAAG,MAAO,SAAQ,KAAK;EAAE,KAAK;EAAY,OAAO,OAAO,GAAG,MAAM;EAAE,CAAC;AACxE,KAAI,GAAG,WAAY,SAAQ,KAAK;EAAE,KAAK;EAAiB,OAAO,OAAO,GAAG,WAAW;EAAE,CAAC;AAEvF,QAAO;;AAGT,SAAS,qBAAqB,OAAsC;CAClE,MAAM,EAAE,WAAW,OAAO,SAAS,aAAa,SAAS,GAAG,SAAS;CACrE,MAAM,KAAM,UAAqB,MAAM,IAAI,GAAG;CAC9C,MAAM,UAAU,WAAW;CAE3B,MAAM,QAAkB,EAAE;CAC1B,MAAM,SAAmB,EAAE;AAE3B,KAAI,SAAS;EACX,MAAM,KAAK,iBAAiB,MAAgB;AAC5C,QAAM,KAAK,KAAK,GAAG,OAAQ,MAAiB,aAAa,CAAC,QAAQ,mBAAmB,OAAO,QAAQ,CAAC,CAAC,KAAK;AAC3G,SAAO,KAAK,UAAU,KAAK,UAAU,OAAO,IAAI,UAAU,OAAO,UAAU,MAAM,UAAU,MAAM;QAC5F;EACL,MAAM,KAAK,cAAc,MAAgB;AACzC,QAAM,KAAK,GAAG,OAAO,MAAM,KAAK,OAAO,MAAM,GAAG,KAAM,MAAiB,aAAa,GAAG,OAAO,MAAM,GAAG,OAAO,KAAK,GAAG,QAAQ,GAAG,OAAO,QAAQ;;AAGlJ,KAAI,KAAK,UAAU,KAAK,MAAM;AAC5B,QAAM,KAAK,UAAU,IAAI,mBAAmB,OAAO,KAAK,OAAO,CAAC,CAAC,GAAG,mBAAmB,OAAO,KAAK,KAAK,CAAC,KAAK,IAAI,KAAK,OAAO,GAAG,KAAK,OAAO;AAC7I,SAAO,KAAK;AACZ,SAAO,KAAK;;AAGd,KAAI,KAAK,QAAQ;EACf,MAAM,KAAK,UACL,KAAK,UAAqB,MAAM,UAAU,MAAM,UAAU,QAC1D,KAAK,UAAqB,MAAM,OAAO,MAAM,OAAO;AAC1D,MAAI,SAAS;AACX,SAAM,KAAK,MAAM,KAAK,OAAO,IAAI;AACjC,UAAO,KAAK,IAAI,UAAU,MAAM;QAEhC,OAAM,KAAK,IAAI,KAAK,KAAK,SAAS,OAAO,QAAQ;AAEnD,SAAO,KAAK;;AAGd,KAAI,KAAK,UAAU;AACjB,MAAI,SAAS;AACX,SAAM,KAAK,MAAM,mBAAmB,MAAM,KAAK,WAAW,CAAC,IAAI;AAC/D,UAAO,KAAK,UAAU,KAAK,UAAU,MAAM;QAE3C,OAAM,KAAK,IAAI,OAAO,IAAI,KAAK,KAAK,WAAW,OAAO,QAAQ;AAEhE,SAAO,KAAK;;AAGd,SAAQ,IAAI,MAAM,KAAK,GAAG,EAAE,GAAG,OAAO;CAEtC,MAAM,SAAS,KAAK;AACpB,KAAI,UAAU,OAAO,WAAW,SAC9B,QAAO,KAAK;CAGd,MAAM,cAAc,OAAO,QAAQ,KAAK,CAAC,QAAQ,CAAC,GAAG,OAAO,MAAM,KAAA,EAAU;CAC5E,MAAM,YAAY,SAAS,eAAe,OAAO,GAAG,EAAE;CACtD,MAAM,aAA0B,CAC9B,GAAG,YAAY,KAAK,CAAC,KAAK,YAAY;EAAE;EAAK,OAAO,YAAY,MAAM;EAAE,EAAE,EAC1E,GAAG,UACJ;AAED,MAAK,IAAI,IAAI,GAAG,IAAI,WAAW,QAAQ,KAAK;EAC1C,MAAM,QAAQ,WAAW;EACzB,MAAM,cAAc,MAAM,YAAY,MAAM,SAAS,SAAS;EAE9D,MAAM,SADS,MAAM,WAAW,SAAS,KAAK,CAAC,cACvB,OAAO;AAE/B,MAAI,SAAS;GACX,MAAM,MAAM,MAAM,QAAQ,IAAI,mBAAmB,MAAM,MAAM,KAAK;AAClE,WAAQ,IAAI,OAAO,OAAO,OAAO,mBAAmB,MAAM,IAAI,CAAC,KAAK,OAAO,UAAU,KAAK,UAAU,OAAO,UAAU,MAAM,UAAU,MAAM;SACtI;GACL,MAAM,MAAM,MAAM,QAAQ,IAAI,MAAM,UAAU;AAC9C,WAAQ,IAAI,KAAK,OAAO,MAAM,SAAS,OAAO,MAAM,GAAG,OAAO,OAAO,MAAM,IAAI,GAAG,OAAO,QAAQ,MAAM;;AAGzG,MAAI,aAAa;GAEf,MAAM,YADc,MAAM,WAAW,SAAS,IACd,MAAM;AACtC,QAAK,IAAI,IAAI,GAAG,IAAI,MAAM,SAAU,QAAQ,KAAK;IAC/C,MAAM,QAAQ,MAAM,SAAU;IAE9B,MAAM,cADc,MAAM,MAAM,SAAU,SAAS,IACjB,OAAO;AACzC,QAAI,QACF,SAAQ,IAAI,OAAO,UAAU,IAAI,YAAY,KAAK,mBAAmB,MAAM,IAAI,UAAU,KAAK,UAAU,MAAM;QAE9G,SAAQ,IAAI,KAAK,OAAO,MAAM,UAAU,IAAI,cAAc,OAAO,MAAM,GAAG,QAAQ;;;;;AAO5F,SAAS,gBAAgB,OAAiB;AACxC,QAAO,SAAS,UAAU,YAA8C,SAAwB;AAC9F,MAAI,OAAO,eAAe,YAAY,YAAY,KAAA,EAChD,eAAc,OAAO,YAAY,QAAQ;WAChC,OAAO,eAAe,SAC/B,eAAc,OAAO,WAAW;MAEhC,eAAc,OAAO,OAAO,OAAO,WAAW,CAAC;;;;;;;;;;;;AAcrD,MAAM,OAAY;CAChB,MAAM,gBAAgB,OAAO;CAC7B,OAAO,gBAAgB,QAAQ;CAC/B,MAAM,gBAAgB,OAAO;CAC7B,OAAO,gBAAgB,QAAQ;CAChC;AAKD,MAAM,aAA8B;CAClC,MAAM;CACN,QAAQ;CACR,OAAO;CACP,OAAO;CACP,OAAO;AACL,SAAO;;CAET,aAAa;AACX,SAAO,EAAE;;CAEX,OAZgB,OAAO,aAAa,IAAI,EAAE,YAAY,IAAI,CAY1C;CACjB;;;;;;;;;;;;;;;;AAgCD,SAAgB,aAAyD,iBAA0C,EAAE,EAAE,iBAAmE;AACxL,KAAI,CAAC,cAAe,QAAO;CAE3B,MAAM,aAAa,iBAAiB,eAAe;CACnD,MAAM,YAAY,iBAAiB;CACnC,MAAM,YAAY,KAAK,KAAK;CAC5B,MAAM,UAAmC,EAAE,GAAG,gBAAgB;CAC9D,IAAI,WAAW;CACf,IAAI,UAAU;CACd,IAAI,UAAU;CAEd,SAAS,OAAO,OAAwB,SAAuB;AAC7D,MAAI,CAAC,MAAM,QAAQ,QAAQ,YAAY,CACrC,SAAQ,cAAc,EAAE;AAEzB,UAAQ,YAA0B,KAAK;GACtC;GACA;GACA,WAAW,QAAQ;GACpB,CAAC;;CAGJ,MAAM,cAAc,SAAS,MAAM,OAAyB;AAC1D,MAAI,SAAS;AACX,gBAAa,eAAe,yBAAyB,MAAM,OAAO,GAAG;AACrE;;EAEF,MAAM,SAAS,iBAAiB,MAAM;AACtC,MAAI,CAAC,cAAc,QAAQ,MAAM,CAC/B,SAAQ,QAAQ;MAEhB,WAAU,QAAQ,OAAkC,OAA6C;AAEnG,UAAQ,kBAAkB;;AAG5B,aAAY,OAAO,SAAS,KAAK,QAAgB,OAAqD;AACpG,cAAY;GAAE,GAAG;GAAO,SAAS;GAAU;GAAQ,CAAC;;AAGtD,QAAO;EACL,OAAO;EACP,IAAI,MAA6B;AAC/B,OAAI,SAAS;IACX,MAAM,OAAO,OAAO,KAAK,KAAgC;AACzD,iBAAa,aAAa,iBAAiB,KAAK,SAAS,KAAK,KAAK,KAAK,GAAG,UAAU,GAAG;AACxF;;AAEF,aAAU,SAAS,KAAgC;;EAGrD,MAAM,OAAuB,cAAsC;AACjE,OAAI,SAAS;AAIX,iBAAa,eAAe,kBAHf,eACT,CAAC,GAAG,OAAO,KAAK,aAAwC,EAAE,QAAQ,GAClE,CAAC,QAAQ,EACqC,KAAK,KAAK,CAAC,GAAG;AAChE;;AAEF,cAAW;GACX,MAAM,MAAM,OAAO,UAAU,WAAW,IAAI,MAAM,MAAM,GAAG;AAE3D,OAAI,aACF,WAAU,SAAS,aAAwC;GAG7D,MAAM,WAAoC;IACxC,MAAM,IAAI;IACV,SAAS,IAAI;IACb,OAAO,IAAI;IACZ;GACD,MAAM,YAAY;AAClB,QAAK,MAAM,KAAK;IAAC;IAAU;IAAc;IAAc;IAAiB;IAAQ;IAAS;IAAW,CAClG,KAAI,KAAK,IAAK,UAAS,KAAK,UAAU;AAGxC,OAAI,cAAc,QAAQ,MAAM,CAC9B,WAAU,QAAQ,OAAkC,SAAS;OAE7D,SAAQ,QAAQ;;EAIpB,KAAK,SAAiB,aAAqC;AACzD,OAAI,SAAS;AAIX,iBAAa,cAAc,kBAHd,cACT,CAAC,WAAW,GAAG,OAAO,KAAK,YAAuC,CAAC,QAAO,MAAK,MAAM,cAAc,CAAC,GACpG,CAAC,UAAU,EACkC,KAAK,KAAK,CAAC,GAAG;AAC/D;;AAEF,UAAO,QAAQ,QAAQ;AACvB,OAAI,aAAa;IACf,MAAM,EAAE,aAAa,GAAG,GAAG,SAAS;AACpC,cAAU,SAAS,KAAK;;;EAI5B,KAAK,SAAiB,aAAqC;AACzD,OAAI,SAAS;AAIX,iBAAa,cAAc,kBAHd,cACT,CAAC,WAAW,GAAG,OAAO,KAAK,YAAuC,CAAC,QAAO,MAAK,MAAM,cAAc,CAAC,GACpG,CAAC,UAAU,EACkC,KAAK,KAAK,CAAC,GAAG;AAC/D;;AAEF,aAAU;AACV,UAAO,QAAQ,QAAQ;AACvB,OAAI,aAAa;IACf,MAAM,EAAE,aAAa,GAAG,GAAG,SAAS;AACpC,cAAU,SAAS,KAAK;;;EAI5B,KAAK,WAA0E;AAC7E,OAAI,SAAS;AACX,iBAAa,cAAc,2BAA2B;AACtD,WAAO;;GAGT,MAAM,aAAa,KAAK,KAAK,GAAG;GAChC,MAAM,QAAkB,WAAW,UAAU,UAAU,SAAS;GAEhE,IAAI,YAAY;AAChB,OAAI,WAAW,WACb,aAAY;YACH,sBAAsB,QAAQ,CACvC,aAAY;YACH,eAAe,MAAM,OAE9B,aAAY,WAAW;IACrB,QAFc,WAAmD,UAAU,QAAQ;IAGnF,UAAU;IACV,MAAM,QAAQ;IACd,QAAQ,QAAQ;IAChB;IACD,CAAC;AAGJ,OAAI,CAAC,aAAa,CAAC,aAAa,MAAM,EAAE;AACtC,cAAU;AACV,WAAO;;AAGT,OAAI,WAAW;IACb,MAAM,MAAM;AACZ,SAAK,MAAM,OAAO,IAChB,KAAI,QAAQ,aAAc,SAAQ,OAAO,IAAI;;AAGjD,WAAQ,WAAW,eAAe,WAAW;GAE7C,MAAM,OAAO,cAAc,OAAO,SAAS;IAAE;IAAY,WAAW;IAAM;IAAW,CAAC;AACtF,aAAU;AACV,UAAO;;EAGT,aAAwD;AACtD,UAAO,EAAE,GAAG,SAAS;;EAExB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA8BH,SAAgB,oBAAgE,UAAgC,EAAE,EAAE,iBAAmE;CACrL,MAAM,EAAE,QAAQ,MAAM,WAAW,WAAW,qBAAqB;CACjE,MAAM,UAAmC,EAAE;AAC3C,KAAI,WAAW,KAAA,EAAW,SAAQ,SAAS;AAC3C,KAAI,SAAS,KAAA,EAAW,SAAQ,OAAO;AACvC,KAAI,cAAc,KAAA,EAAW,SAAQ,YAAY;AACjD,QAAO,aAAgB,SAAS;EAC9B,GAAG;EACH,WAAW,iBAAiB,aAAa;EAC1C,CAAC;;;;;AAMJ,SAAgB,iBAAqC;AACnD,QAAO,EAAE,GAAG,WAAW;;AAMzB,IAAI,OAAO,qBAAqB,YAAa,YAAW,iBAAiB;;;;;;;ACjxBzE,MAAa,uBAAuB;;;;;;AA0BpC,SAAS,gBAAgB,OAAwB;AAC/C,KAAI,UAAU,QAAQ,OAAO,UAAU,SAAU,QAAO,KAAK,UAAU,MAAM;AAC7E,KAAI,MAAM,QAAQ,MAAM,CAAE,QAAO,IAAI,MAAM,IAAI,gBAAgB,CAAC,KAAK,IAAI,CAAC;AAE1E,QAAO,IADM,OAAO,KAAK,MAAiC,CAAC,MAC5C,CAAC,KAAI,MAAK,GAAG,KAAK,UAAU,EAAE,CAAC,GAAG,gBAAiB,MAAkC,GAAG,GAAG,CAAC,KAAK,IAAI,CAAC;;;;;;;;;AAUvH,SAAS,QAAQ,OAAe,MAAsB;CACpD,IAAI,IAAI,SAAS;AACjB,MAAK,IAAI,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;AACrC,OAAK,MAAM,WAAW,EAAE,GAAG;AAC3B,MAAI,KAAK,KAAK,GAAG,SAAW,KAAK;;AAEnC,QAAO,MAAM;;;;;;;;;;;AAYf,SAAS,sBAAsB,OAAoB,WAA2B;CAC5E,MAAM,UAAU,UAAU,MAAM,GAAG,GAAG;CACtC,MAAM,UAAU,gBAAgB;EAC9B,QAAQ,MAAM;EACd,OAAO;GAAE,MAAM,MAAM,MAAM;GAAM,IAAI,MAAM,MAAM;GAAI;EACrD,QAAQ,MAAM,SAAS;GAAE,MAAM,MAAM,OAAO;GAAM,IAAI,MAAM,OAAO;GAAI,GAAG,KAAA;EAC1E,SAAS,MAAM;EACf,WAAW;EACZ,CAAC;CACF,MAAM,IAAI,QAAQ,SAAS,WAAW,CAAC,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI;CACpE,MAAM,IAAI,QAAQ,SAAS,WAAW,CAAC,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI;CACpE,MAAM,IAAI,QAAQ,SAAS,UAAW,CAAC,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI;CACpE,MAAM,IAAI,QAAQ,SAAS,WAAW,CAAC,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI;AACpE,QAAO,IAAI,IAAI,IAAI;;;;;;;;;;AAWrB,SAAgB,iBAAiB,OAAgC;AAC/D,QAAO;EACL,QAAQ,MAAM;EACd,OAAO,MAAM;EACb,QAAQ,MAAM;EACd,SAAS,MAAM,WAAW;EAC1B,QAAQ,MAAM;EACd,SAAS,MAAM;EACf,aAAa,MAAM;EACnB,eAAe,MAAM;EACrB,SAAS,MAAM,WAAA;EAChB;;;;;;AAOH,IAAI,iBAAgF;;AAGpF,SAAS,cAAc,OAAoB,WAAgC;AACzE,KAAI,MAAM,eAAgB,QAAO;AACjC,QAAO;EAAE,GAAG;EAAO,gBAAgB,sBAAsB,OAAO,UAAU;EAAE;;;;;;;;;;;;;;;;;;;;AAqB9E,SAAgB,iBAA6D,QAA8C;CACzH,MAAM,SAAS;AACf,KAAI,OAAO,MAAO,QAAO;CAEzB,MAAM,QAAQ,SAAS,MAAM,OAAyB;EACpD,MAAM,SAAS,iBAAiB,MAAM;AACtC,SAAO,IAAI,EAAE,OAAO,QAAQ,CAA+B;AAC3D,gBAAc,OAAO;;AAGvB,OAAM,OAAO,SAAS,KAAK,QAAgB,OAAqD;AAC9F,QAAM;GAAE,GAAG;GAAO,SAAS;GAAU;GAAQ,CAAC;;AAGhD,QAAO,QAAQ;AACf,QAAO;;;;;;;AAQT,SAAS,cAAgC,QAAgC;CACvE,MAAM,MAAM,OAAO,YAAY;AAC/B,KAAI,kBAAkB;;;;;;;;;;;;;;;;;;;;;AAsCxB,SAAgB,MAAM,OAAqC;CACzD,MAAM,SAAS,iBAAiB,MAAM;CAEtC,MAAM,OADS,aAAa,EAAE,OAAO,QAAQ,CAC1B,CAAC,KAAK,EAAE,YAAY,MAAM,CAAqE;AAClH,kBAAiB,QAAQ,KAAK;AAC9B,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;AA2BT,SAAgB,UACd,SACA,IAC4D;AAC5D,QAAO,OAAO,OAAO,QAAQ;EAC3B,MAAM,SAAS,OAAO,QAAQ,WAAW,aAAa,QAAQ,OAAO,MAAM,GAAG,QAAQ;AACtF,MAAI;GACF,MAAM,SAAS,MAAM,GAAG,OAAO,IAAI;AACnC,SAAM;IACJ,QAAQ,QAAQ;IAChB,OAAO,IAAI;IACX;IACA,SAAS;IACT,aAAa,IAAI;IACjB,eAAe,IAAI;IACpB,CAAC;AACF,UAAO;WACA,KAAK;GACZ,MAAM,QAAQ;GACd,MAAM,SAAS,MAAM,UAAU,MAAM;GACrC,MAAM,SAAS,eAAe,oBAAoB,WAAW;AAC7D,SAAM;IACJ,QAAQ,QAAQ;IAChB,OAAO,IAAI;IACX;IACA,SAAS,SAAS,WAAW;IAC7B,QAAQ,MAAM;IACd,aAAa,IAAI;IACjB,eAAe,IAAI;IACpB,CAAC;AACF,SAAM;;;;;;;;;AAUZ,IAAa,mBAAb,cAAsC,MAAM;CAE1C,YAAY,QAAgB;AAC1B,QAAM,OAAO;AACb,OAAK,OAAO;;;;;;;;;;;;;;;;;;;;;;AAwChB,SAAgB,UACd,QACA,OACA,UAA4B,EAAE,EACgC;CAC9D,MAAM,cAAc,QAAQ,eAAe;CAC3C,MAAM,YAAY,IAAI,KAAK,QAAQ,eAAe,EAAE,EAAE,KAAI,MAAK,EAAE,CAAC;CAClE,MAAM,QAAwB,EAAE;CAEhC,SAAS,WAAW,MAAuB;AACzC,MAAI,UAAU,SAAS,EAAG,QAAO;AACjC,MAAI,UAAU,IAAI,KAAK,CAAE,QAAO;AAChC,OAAK,MAAM,KAAK,UACd,KAAI,KAAK,SAAS,IAAI,IAAI,CAAE,QAAO;AAErC,SAAO;;CAGT,SAAS,KAAK,GAAY,GAAY,MAAoB;AACxD,MAAI,MAAM,EAAG;AAEb,MAAI,MAAM,KAAA,KAAa,MAAM,KAAA,GAAW;AACtC,SAAM,KAAK;IAAE,IAAI;IAAO,MAAM,QAAQ;IAAK,OAAO,YAAY,GAAG,KAAK;IAAE,CAAC;AACzE;;AAEF,MAAI,MAAM,KAAA,KAAa,MAAM,KAAA,GAAW;AACtC,SAAM,KAAK;IAAE,IAAI;IAAU,MAAM,QAAQ;IAAK,CAAC;AAC/C;;AAGF,MACE,MAAM,QAAQ,MAAM,QACjB,OAAO,MAAM,YAAY,OAAO,MAAM,YACtC,CAAC,MAAM,QAAQ,EAAE,IAAI,CAAC,MAAM,QAAQ,EAAE,EACzC;GACA,MAAM,OAAO,IAAI,IAAI,CAAC,GAAG,OAAO,KAAK,EAAY,EAAE,GAAG,OAAO,KAAK,EAAY,CAAC,CAAC;AAChF,QAAK,MAAM,OAAO,KAChB,MAAM,EAA8B,MAAO,EAA8B,MAAM,GAAG,KAAK,GAAG,MAAM;AAElG;;AAGF,QAAM,KAAK;GAAE,IAAI;GAAW,MAAM,QAAQ;GAAK,OAAO,YAAY,GAAG,KAAK;GAAE,CAAC;;CAG/E,SAAS,YAAY,OAAgB,MAAuB;AAC1D,MAAI,UAAU,QAAQ,OAAO,UAAU,UAAU;GAC/C,MAAM,OAAO,KAAK,MAAM,IAAI,CAAC,OAAO,QAAQ;GAC5C,MAAM,OAAO,KAAK,KAAK,SAAS;AAChC,OAAI,QAAQ,WAAW,KAAK,CAAE,QAAO;AACrC,UAAO;;AAET,MAAI,MAAM,QAAQ,MAAM,CACtB,QAAO,MAAM,KAAK,GAAG,MAAM,YAAY,GAAG,GAAG,KAAK,GAAG,IAAI,CAAC;EAE5D,MAAM,MAA+B,EAAE;AACvC,OAAK,MAAM,CAAC,GAAG,MAAM,OAAO,QAAQ,MAAiC,CACnE,KAAI,KAAK,WAAW,EAAE,GAAG,cAAc,YAAY,GAAG,GAAG,KAAK,GAAG,IAAI;AAEvE,SAAO;;AAGT,MAAK,QAAQ,OAAO,GAAG;CACvB,MAAM,SAAuE,EAAE,OAAO;AACtF,KAAI,QAAQ,cAAe,QAAO,SAAS,YAAY,QAAQ,GAAG;AAClE,KAAI,QAAQ,aAAc,QAAO,QAAQ,YAAY,OAAO,GAAG;AAC/D,QAAO;;;;;;;;;;;;;;;;;;;;AAwCT,SAAgB,kBACd,QACA,SACiC;CACjC,MAAM,aAAa,SAAS;AAC5B,SAAQ,UAAU;EAChB,MAAM,SAAqB;GACzB,GAAG;GACH;GACD;AACD,MAAI,cAAc,MAAM,UAAU,CAAC,MAAM,OAAO,KAC9C,QAAO,SAAS;GAAE,GAAG,MAAM;GAAQ,MAAM;GAAY;AAEvD,SAAO;;;;;;;;;;;;;;;;;;;;;;;;;;AAqCX,SAAgB,YAAuB;CACrC,MAAM,SAAwB,EAAE;CAChC,MAAM,WAAW;AACjB,mBAAkB,UAAU;AAC1B,SAAO,KAAK,MAAM;;AAGpB,QAAO;EACL;EACA,UAAU;AACR,oBAAiB;;EAEnB,iBAAiB,SAAS;AACxB,UAAO,OAAO,MAAK,UAAS,aAAa,OAAO,QAAQ,CAAC;;EAE5D;;AAkBH,SAAS,aAAa,OAAoB,SAAgC;AACxE,KAAI,QAAQ,WAAW,KAAA;MACjB,QAAQ,kBAAkB;OACxB,CAAC,QAAQ,OAAO,KAAK,MAAM,OAAO,CAAE,QAAO;aACtC,MAAM,WAAW,QAAQ,OAClC,QAAO;;AAGX,KAAI,QAAQ,YAAY,KAAA,KAAa,MAAM,YAAY,QAAQ,QAAS,QAAO;AAC/E,KAAI,QAAQ;OACL,MAAM,CAAC,GAAG,MAAM,OAAO,QAAQ,QAAQ,MAAM,CAChD,KAAK,MAAM,MAAkC,OAAO,EAAG,QAAO;;AAGlE,KAAI,QAAQ,QAAQ;AAClB,MAAI,CAAC,MAAM,OAAQ,QAAO;AAC1B,OAAK,MAAM,CAAC,GAAG,MAAM,OAAO,QAAQ,QAAQ,OAAO,CACjD,KAAK,MAAM,OAAmC,OAAO,EAAG,QAAO;;AAGnE,QAAO;;;;;;;AAQT,SAAgB,sBAAsB,SAA2C;AAC/E,KAAI,QAAQ,iBAAiB;AAC3B,SAAO,QAAQ;AACf,SAAO;;AAET,KAAI,QAAQ,MAAO,QAAO;AAC1B,QAAO;;;;;;;AAQT,SAAgB,cAAc,OAAwB;CACpD,MAAM,IAAI,MAAM;AAChB,KAAI,CAAC,EAAG;AAER,OAAM,QADY,cAAc,GAAG,OAAO,MAAM,UAAU,CACnC;;;;;;;;;;;;;;;;;AAwCzB,SAAgB,cAAc,UAAgC,EAAE,EAAgD;AAC9G,QAAO,OAAO,QAAQ;EACpB,MAAM,QAAQ,IAAI;EAClB,MAAM,IAAI,MAAM;AAChB,MAAI,CAAC,EAAG;EAER,MAAM,UAAU,EAAE,GAAI,EAAE,WAAW,EAAE,EAAG;EAExC,SAAS,aAAa,KAAa,OAAiC;AAClE,OAAI,UAAU,KAAA,EAAW;AACzB,OAAI,QAAQ,aAAa,QAAQ,SAAS,KAAA,EAAW,SAAQ,OAAO;;AAGtE,eAAa,aAAa,IAAI,SAAS,UAAU;AACjD,eAAa,WAAW,OAAO,MAAM,YAAY,WAAW,MAAM,UAAU,KAAA,EAAU;AACtF,eAAa,MAAM,UAAU,IAAI,SAAS,kBAAkB,EAAE,MAAM,IAAI,CAAC,IAAI,MAAM,IAAI,UAAU,IAAI,SAAS,YAAY,CAAC;AAC3H,eAAa,aAAa,UAAU,IAAI,SAAS,aAAa,CAAC;AAE/D,MAAI,QAAQ,UAAU;GACpB,MAAM,MAAM,QAAQ,SAAS,IAAI;AACjC,OAAI,QAAQ,KAAA,EAAW,cAAa,YAAY,IAAI;;EAGtD,IAAI,EAAE,UAAU;AAChB,MAAI,CAAC,SAAS,QAAQ,QAAQ;GAC5B,MAAM,aAAa,MAAM,QAAQ,OAAO,WAAW,IAAI;AACvD,OAAI,WAAY,SAAQ;;AAG1B,QAAM,QAAQ;GAAE,GAAG;GAAG;GAAS,OAAO,SAAS,EAAE;GAAO;;;AAI5D,SAAS,UAAU,SAA6C,MAAkC;AAChG,KAAI,CAAC,QAAS,QAAO,KAAA;AACrB,KAAI,QAAQ,UAAU,KAAA,EAAW,QAAO,QAAQ;CAChD,MAAM,QAAQ,KAAK,aAAa;AAChC,KAAI,QAAQ,WAAW,KAAA,EAAW,QAAO,QAAQ;AACjD,MAAK,MAAM,CAAC,GAAG,MAAM,OAAO,QAAQ,QAAQ,CAC1C,KAAI,EAAE,aAAa,KAAK,MAAO,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;AA0C1C,SAAgB,UAAU,OAAgB,UAA4B,EAAE,EAAW;AACjF,QAAO,OAAO,QAAQ;AACpB,MAAI,CAAC,IAAI,MAAM,MAAO;AACtB,MAAI,QAAQ,OAAO;AACjB,SAAM,MAAM,IAAI;AAChB;;AAEF,QAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA2Cd,SAAgB,OAAO,OAAgB,SAAiC;AACtE,KAAI,QAAQ,aAAa,QAAQ;EAC/B,MAAM,YAAY,QAAQ,aAAa;EACvC,MAAM,EAAE,WAAW;AACnB,SAAO,OAAO,QAAQ;GACpB,MAAM,IAAI,IAAI,MAAM;AACpB,OAAI,GAAG;IAEL,MAAM,YAAY,MAAM,QAAQ,WAAW,QAD3B,gBAAgB,eAAe,IAAI,MAAM,CACC,CAAC;AAC3D,QAAI,MAAM,QAAQ;KAAE,GAAG;KAAG;KAAW;;AAEvC,SAAM,MAAM,IAAI;;;CAIpB,MAAM,YAAY,QAAQ,aAAa;CACvC,MAAM,EAAE,UAAU;CAClB,IAAI,eAA8B;CAClC,IAAI,cAAc,CAAC;CACnB,IAAI,QAAuB,QAAQ,SAAS;AAE5C,SAAQ,QAAQ;AACd,UAAQ,MAAM,KAAK,YAAY;GAC7B,MAAM,IAAI,IAAI,MAAM;AACpB,OAAI,GAAG;AACL,QAAI,CAAC,eAAe,OAAO;AACzB,oBAAgB,MAAM,MAAM,MAAM,IAAK;AACvC,mBAAc;;IAEhB,MAAM,WAAW,gBAAgB,KAAA;IAEjC,MAAM,OAAO,MAAM,UAAU,WADb,gBAAgB;KAAE,GAAG,eAAe,IAAI,MAAM;KAAE,OAAO;MAAE,GAAG,eAAe,IAAI,MAAM,CAAC;MAAO;MAAU;KAAE,CAC1E,CAAC;AAChD,QAAI,MAAM,QAAQ;KAAE,GAAG;KAAG;KAAU;KAAM;AAC1C,mBAAe;AACf,UAAM,OAAO,KAAK,KAAK;;AAEzB,SAAM,MAAM,IAAI;IAChB,CAAC,OAAO,QAAQ;AAChB,WAAQ,MAAM,sCAAsC,IAAI;IACxD;AACF,SAAO;;;;;;;;;AAUX,eAAe,YAAmC;CAChD,MAAM,IAAK,WAAsD;AACjE,KAAI,GAAG,OAAQ,QAAO,EAAE;AAExB,SAAO,MADW;;EAA0B;GACjC,UAAU;;AAGvB,SAAS,cAAc,WAA2B;AAChD,SAAQ,UAAU,aAAa,EAA/B;EACE,KAAK;EACL,KAAK,QACH,QAAO;EACT,KAAK;EACL,KAAK,UACH,QAAO;EACT,KAAK;EACL,KAAK,UACH,QAAO;EACT,KAAK;EACL,KAAK,UACH,QAAO;EACT,QACE,QAAO;;;AAIb,SAAS,SAAS,KAA0B;CAC1C,IAAI,MAAM;AACV,MAAK,MAAM,QAAQ,IAAI,WAAW,IAAI,CAAE,QAAO,KAAK,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI;AACjF,QAAO;;AAGT,eAAe,UAAU,WAAmB,MAA+B;AAGzE,QAAO,SAAS,OADE,MADG,WAAW,EACP,OAAO,cAAc,UAAU,EAAE,IAAI,aAAa,CAAC,OAAO,KAAK,CAAC,CACrE;;AAGtB,eAAe,QAAQ,WAAmB,QAAgB,MAA+B;CACvF,MAAM,SAAS,MAAM,WAAW;CAChC,MAAM,OAAO,cAAc,UAAU;CACrC,MAAM,MAAM,MAAM,OAAO,UAAU,OAAO,IAAI,aAAa,CAAC,OAAO,OAAO,EAAE;EAAE,MAAM;EAAQ;EAAM,EAAE,OAAO,CAAC,OAAO,CAAC;AAEpH,QAAO,SAAS,MADE,OAAO,KAAK,QAAQ,KAAK,IAAI,aAAa,CAAC,OAAO,KAAK,CAAC,CACtD;;;AAItB,SAAS,eAAe,OAA6B;CACnD,MAAM,IAAI,MAAM;AAChB,KAAI,CAAC,EAAG,QAAO;CACf,MAAM,EAAE,WAAW,UAAU,MAAM,GAAG,SAAS;AAC/C,QAAO;EAAE,GAAG;EAAO,OAAO;EAAqB;;;;;;;;;;;;;;;;;;AAmBjD,MAAa,oBAAkC,EAC7C,OAAO;CACL;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACD,EACF"}
package/dist/better-auth/index.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- import { Y as RequestLogger } from "../audit-mUutdf6A.mjs";
1
+ import { Y as RequestLogger } from "../audit-CTIviX3P.mjs";
2
2
 
3
3
  //#region src/better-auth/index.d.ts
4
4
  /**
package/dist/better-auth/index.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.mjs","names":[],"sources":["../../src/better-auth/index.ts"],"sourcesContent":["import type { RequestLogger } from '../types'\nimport { matchesPattern } from '../utils'\n\n/**\n * Minimal type for the Better Auth instance.\n * Only requires `api.getSession` — compatible with any Better Auth configuration.\n */\nexport interface BetterAuthInstance {\n api: {\n getSession: (opts: {\n headers: Headers | Record<string, string | string[] | undefined>\n }) => Promise<{\n user: Record<string, unknown>\n session: Record<string, unknown>\n } | null>\n }\n}\n\n/**\n * User fields extracted from a Better Auth session.\n */\nexport interface AuthUserData {\n id: string\n name?: string\n email?: string\n image?: string\n emailVerified?: boolean\n createdAt?: string\n}\n\n/**\n * Session fields extracted from a Better Auth session.\n */\nexport interface AuthSessionData {\n id: string\n expiresAt?: string\n ipAddress?: string\n userAgent?: string\n createdAt?: string\n}\n\n/**\n * Options for `identifyUser`.\n */\nexport interface IdentifyOptions {\n /**\n * Whether to mask the user email (e.g. `h***@domain.com`).\n * @default false\n */\n maskEmail?: boolean\n /**\n * Whether to include session metadata on the wide event.\n * @default true\n */\n session?: boolean\n /**\n * Whitelist of user fields to include.\n * @default ['id', 'name', 'email', 'image', 'emailVerified', 'createdAt']\n */\n fields?: string[]\n /**\n * Extend the wide event with additional fields derived from the session.\n * Useful for Better Auth plugins (organizations, roles, etc.).\n *\n * @example\n * ```ts\n * identifyUser(log, session, {\n * extend: (session) => ({\n * organization: session.user.activeOrganization,\n * role: session.user.role,\n * }),\n * })\n * ```\n */\n extend?: (session: { user: Record<string, unknown>, session: Record<string, unknown> }) => Record<string, unknown> | undefined\n}\n\n/**\n * Options for `createAuthMiddleware`.\n */\nexport interface AuthMiddlewareOptions extends IdentifyOptions {\n /**\n * Route patterns to skip session resolution (glob).\n * @default ['/api/auth/**']\n */\n exclude?: string[]\n /**\n * Route patterns to apply session resolution (glob).\n * If set, only matching routes are resolved.\n */\n include?: string[]\n /**\n * Called after a user is successfully identified.\n * Use to add conditional logic based on user data (e.g. force-keep logs for premium users).\n */\n onIdentify?: (log: RequestLogger, session: { user: Record<string, unknown>, session: Record<string, unknown> }) => void | Promise<void>\n /**\n * Called when no session is found (anonymous request).\n */\n onAnonymous?: (log: RequestLogger) => void | Promise<void>\n}\n\n/**\n * Options for `createAuthIdentifier`.\n */\nexport type AuthIdentifierOptions = AuthMiddlewareOptions\n\nconst DEFAULT_USER_FIELDS = ['id', 'name', 'email', 'image', 'emailVerified', 'createdAt']\n\nconst isDev = typeof process !== 'undefined' && process.env?.NODE_ENV !== 'production'\n\n/**\n * Mask an email address for safe logging: `hugo@example.com` -> `h***@example.com`.\n */\nexport function maskEmail(email: string): string {\n const atIndex = email.indexOf('@')\n if (atIndex <= 0) return '***'\n return `${email[0]}***${email.slice(atIndex)}`\n}\n\nfunction extractUserData(\n user: Record<string, unknown>,\n options?: IdentifyOptions,\n): AuthUserData {\n const fields = options?.fields ?? DEFAULT_USER_FIELDS\n const data: Record<string, unknown> = {}\n\n if (user.id !== undefined && user.id !== null) {\n data.id = user.id\n }\n\n for (const field of fields) {\n if (field === 'id') continue\n const value = user[field]\n if (value === undefined || value === null) continue\n\n if (field === 'email' && options?.maskEmail && typeof value === 'string') {\n data[field] = maskEmail(value)\n } else if (field === 'createdAt' && value instanceof Date) {\n data[field] = value.toISOString()\n } else {\n data[field] = value\n }\n }\n\n return data as unknown as AuthUserData\n}\n\nfunction extractSessionData(\n session: Record<string, unknown>,\n): AuthSessionData {\n const data: AuthSessionData = { id: String(session.id) }\n\n if (session.expiresAt) {\n data.expiresAt = session.expiresAt instanceof Date\n ? session.expiresAt.toISOString()\n : String(session.expiresAt)\n }\n if (typeof session.ipAddress === 'string') data.ipAddress = session.ipAddress\n if (typeof session.userAgent === 'string') data.userAgent = session.userAgent\n if (session.createdAt) {\n data.createdAt = session.createdAt instanceof Date\n ? session.createdAt.toISOString()\n : String(session.createdAt)\n }\n\n return data\n}\n\n/**\n * Identify a user on a wide event from a Better Auth session result.\n *\n * Sets `userId`, `user`, and optionally `session` fields on the logger.\n * Safe by default — only extracts whitelisted fields and never logs passwords or tokens.\n *\n * Returns `true` if the user was identified, `false` if session data was missing.\n *\n * @example\n * ```ts\n * import { identifyUser } from 'evlog/better-auth'\n *\n * const session = await auth.api.getSession({ headers: event.headers })\n * if (session) {\n * identifyUser(log, session)\n * }\n * ```\n *\n * @example With email masking\n * ```ts\n * identifyUser(log, session, { maskEmail: true })\n * // user.email → \"h***@example.com\"\n * ```\n *\n * @example With extend for Better Auth plugins\n * ```ts\n * identifyUser(log, session, {\n * extend: (s) => ({\n * organization: s.user.activeOrganization,\n * role: s.user.role,\n * }),\n * })\n * ```\n */\nexport function identifyUser(\n log: RequestLogger,\n session: { user: Record<string, unknown>, session: Record<string, unknown> },\n options?: IdentifyOptions,\n): boolean {\n const user = extractUserData(session.user, options)\n if (!user.id) return false\n\n const includeSession = options?.session !== false\n\n const data: Record<string, unknown> = {\n userId: user.id,\n user,\n }\n\n if (includeSession) {\n data.session = extractSessionData(session.session)\n }\n\n if (options?.extend) {\n const extra = options.extend(session)\n if (extra) Object.assign(data, extra)\n }\n\n log.set(data)\n return true\n}\n\nfunction shouldResolve(path: string, options?: { exclude?: string[], include?: string[] }): boolean {\n const exclude = options?.exclude ?? ['/api/auth/**']\n for (const pattern of exclude) {\n if (matchesPattern(path, pattern)) return false\n }\n\n if (options?.include) {\n for (const pattern of options.include) {\n if (matchesPattern(path, pattern)) return true\n }\n return false\n }\n\n return true\n}\n\n/**\n * Create an async function that resolves a Better Auth session from headers\n * and identifies the user on the logger.\n *\n * Works with any framework — just pass the auth instance and call the returned\n * function with a logger and headers. Supports `include`/`exclude` route patterns\n * and lifecycle hooks (`onIdentify`, `onAnonymous`).\n *\n * @example Nuxt server middleware\n * ```ts\n * import { createAuthMiddleware } from 'evlog/better-auth'\n *\n * const identify = createAuthMiddleware(auth, {\n * exclude: ['/api/auth/**', '/api/public/**'],\n * })\n *\n * export default defineEventHandler(async (event) => {\n * if (!event.context.log) return\n * await identify(event.context.log, event.headers, event.path)\n * })\n * ```\n *\n * @example Express\n * ```ts\n * const identify = createAuthMiddleware(auth, { maskEmail: true })\n *\n * app.use(async (req, res, next) => {\n * await identify(req.log, req.headers, req.path)\n * next()\n * })\n * ```\n */\nexport function createAuthMiddleware(\n auth: BetterAuthInstance,\n options?: AuthMiddlewareOptions,\n): (log: RequestLogger, headers: Headers | Record<string, string | string[] | undefined>, path?: string) => Promise<boolean> {\n return async (log, headers, path?) => {\n if (path && !shouldResolve(path, options)) return false\n\n const start = Date.now()\n try {\n const session = await auth.api.getSession({ headers })\n const resolvedIn = Date.now() - start\n\n if (session) {\n const identified = identifyUser(log, session, options)\n if (identified) {\n log.set({ auth: { resolvedIn, identified: true } } as Record<string, unknown>)\n if (options?.onIdentify) await options.onIdentify(log, session)\n return true\n }\n }\n\n log.set({ auth: { resolvedIn, identified: false } } as Record<string, unknown>)\n if (options?.onAnonymous) await options.onAnonymous(log)\n return false\n } catch (err) {\n const resolvedIn = Date.now() - start\n log.set({ auth: { resolvedIn, identified: false, error: true } } as Record<string, unknown>)\n if (isDev) console.warn('[evlog/better-auth] Session resolution failed:', err)\n if (options?.onAnonymous) await options.onAnonymous(log)\n return false\n }\n }\n}\n\n/**\n * Create a Nitro `request` hook that auto-identifies users from Better Auth sessions.\n *\n * Resolves the session from request cookies on every request and sets user/session\n * context on the evlog logger. Skips `/api/auth/**` by default to avoid resolving\n * sessions during auth flows.\n *\n * @example\n * ```ts\n * // server/plugins/evlog-auth.ts\n * import { createAuthIdentifier } from 'evlog/better-auth'\n * import { auth } from '~/lib/auth'\n *\n * export default defineNitroPlugin((nitroApp) => {\n * nitroApp.hooks.hook('request', createAuthIdentifier(auth))\n * })\n * ```\n *\n * @example With options\n * ```ts\n * nitroApp.hooks.hook('request', createAuthIdentifier(auth, {\n * maskEmail: true,\n * exclude: ['/api/auth/**', '/api/public/**'],\n * }))\n * ```\n */\nexport function createAuthIdentifier(\n auth: BetterAuthInstance,\n options?: AuthIdentifierOptions,\n): (event: { path: string, headers: Headers | { get(name: string): string | null }, context: { log?: RequestLogger } }) => Promise<void> {\n const middleware = createAuthMiddleware(auth, options)\n\n return async (event) => {\n if (!event.context.log) return\n await middleware(event.context.log, event.headers as Headers, event.path)\n }\n}\n"],"mappings":";;AA2GA,MAAM,sBAAsB;CAAC;CAAM;CAAQ;CAAS;CAAS;CAAiB;CAAY;AAE1F,MAAM,QAAQ,OAAO,YAAY,eAAe,QAAQ,KAAK,aAAa;;;;AAK1E,SAAgB,UAAU,OAAuB;CAC/C,MAAM,UAAU,MAAM,QAAQ,IAAI;AAClC,KAAI,WAAW,EAAG,QAAO;AACzB,QAAO,GAAG,MAAM,GAAG,KAAK,MAAM,MAAM,QAAQ;;AAG9C,SAAS,gBACP,MACA,SACc;CACd,MAAM,SAAS,SAAS,UAAU;CAClC,MAAM,OAAgC,EAAE;AAExC,KAAI,KAAK,OAAO,KAAA,KAAa,KAAK,OAAO,KACvC,MAAK,KAAK,KAAK;AAGjB,MAAK,MAAM,SAAS,QAAQ;AAC1B,MAAI,UAAU,KAAM;EACpB,MAAM,QAAQ,KAAK;AACnB,MAAI,UAAU,KAAA,KAAa,UAAU,KAAM;AAE3C,MAAI,UAAU,WAAW,SAAS,aAAa,OAAO,UAAU,SAC9D,MAAK,SAAS,UAAU,MAAM;WACrB,UAAU,eAAe,iBAAiB,KACnD,MAAK,SAAS,MAAM,aAAa;MAEjC,MAAK,SAAS;;AAIlB,QAAO;;AAGT,SAAS,mBACP,SACiB;CACjB,MAAM,OAAwB,EAAE,IAAI,OAAO,QAAQ,GAAG,EAAE;AAExD,KAAI,QAAQ,UACV,MAAK,YAAY,QAAQ,qBAAqB,OAC1C,QAAQ,UAAU,aAAa,GAC/B,OAAO,QAAQ,UAAU;AAE/B,KAAI,OAAO,QAAQ,cAAc,SAAU,MAAK,YAAY,QAAQ;AACpE,KAAI,OAAO,QAAQ,cAAc,SAAU,MAAK,YAAY,QAAQ;AACpE,KAAI,QAAQ,UACV,MAAK,YAAY,QAAQ,qBAAqB,OAC1C,QAAQ,UAAU,aAAa,GAC/B,OAAO,QAAQ,UAAU;AAG/B,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqCT,SAAgB,aACd,KACA,SACA,SACS;CACT,MAAM,OAAO,gBAAgB,QAAQ,MAAM,QAAQ;AACnD,KAAI,CAAC,KAAK,GAAI,QAAO;CAErB,MAAM,iBAAiB,SAAS,YAAY;CAE5C,MAAM,OAAgC;EACpC,QAAQ,KAAK;EACb;EACD;AAED,KAAI,eACF,MAAK,UAAU,mBAAmB,QAAQ,QAAQ;AAGpD,KAAI,SAAS,QAAQ;EACnB,MAAM,QAAQ,QAAQ,OAAO,QAAQ;AACrC,MAAI,MAAO,QAAO,OAAO,MAAM,MAAM;;AAGvC,KAAI,IAAI,KAAK;AACb,QAAO;;AAGT,SAAS,cAAc,MAAc,SAA+D;CAClG,MAAM,UAAU,SAAS,WAAW,CAAC,eAAe;AACpD,MAAK,MAAM,WAAW,QACpB,KAAI,eAAe,MAAM,QAAQ,CAAE,QAAO;AAG5C,KAAI,SAAS,SAAS;AACpB,OAAK,MAAM,WAAW,QAAQ,QAC5B,KAAI,eAAe,MAAM,QAAQ,CAAE,QAAO;AAE5C,SAAO;;AAGT,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmCT,SAAgB,qBACd,MACA,SAC2H;AAC3H,QAAO,OAAO,KAAK,SAAS,SAAU;AACpC,MAAI,QAAQ,CAAC,cAAc,MAAM,QAAQ,CAAE,QAAO;EAElD,MAAM,QAAQ,KAAK,KAAK;AACxB,MAAI;GACF,MAAM,UAAU,MAAM,KAAK,IAAI,WAAW,EAAE,SAAS,CAAC;GACtD,MAAM,aAAa,KAAK,KAAK,GAAG;AAEhC,OAAI;QACiB,aAAa,KAAK,SAAS,QAAQ,EACtC;AACd,SAAI,IAAI,EAAE,MAAM;MAAE;MAAY,YAAY;MAAM,EAAE,CAA4B;AAC9E,SAAI,SAAS,WAAY,OAAM,QAAQ,WAAW,KAAK,QAAQ;AAC/D,YAAO;;;AAIX,OAAI,IAAI,EAAE,MAAM;IAAE;IAAY,YAAY;IAAO,EAAE,CAA4B;AAC/E,OAAI,SAAS,YAAa,OAAM,QAAQ,YAAY,IAAI;AACxD,UAAO;WACA,KAAK;GACZ,MAAM,aAAa,KAAK,KAAK,GAAG;AAChC,OAAI,IAAI,EAAE,MAAM;IAAE;IAAY,YAAY;IAAO,OAAO;IAAM,EAAE,CAA4B;AAC5F,OAAI,MAAO,SAAQ,KAAK,kDAAkD,IAAI;AAC9E,OAAI,SAAS,YAAa,OAAM,QAAQ,YAAY,IAAI;AACxD,UAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+Bb,SAAgB,qBACd,MACA,SACuI;CACvI,MAAM,aAAa,qBAAqB,MAAM,QAAQ;AAEtD,QAAO,OAAO,UAAU;AACtB,MAAI,CAAC,MAAM,QAAQ,IAAK;AACxB,QAAM,WAAW,MAAM,QAAQ,KAAK,MAAM,SAAoB,MAAM,KAAK"}
1
+ {"version":3,"file":"index.mjs","names":[],"sources":["../../src/better-auth/index.ts"],"sourcesContent":["import type { RequestLogger } from '../types'\nimport { matchesPattern } from '../utils'\n\n/**\n * Minimal type for the Better Auth instance.\n * Only requires `api.getSession` — compatible with any Better Auth configuration.\n */\nexport interface BetterAuthInstance {\n api: {\n getSession: (opts: {\n headers: Headers | Record<string, string | string[] | undefined>\n }) => Promise<{\n user: Record<string, unknown>\n session: Record<string, unknown>\n } | null>\n }\n}\n\n/**\n * User fields extracted from a Better Auth session.\n */\nexport interface AuthUserData {\n id: string\n name?: string\n email?: string\n image?: string\n emailVerified?: boolean\n createdAt?: string\n}\n\n/**\n * Session fields extracted from a Better Auth session.\n */\nexport interface AuthSessionData {\n id: string\n expiresAt?: string\n ipAddress?: string\n userAgent?: string\n createdAt?: string\n}\n\n/**\n * Options for `identifyUser`.\n */\nexport interface IdentifyOptions {\n /**\n * Whether to mask the user email (e.g. `h***@domain.com`).\n * @default false\n */\n maskEmail?: boolean\n /**\n * Whether to include session metadata on the wide event.\n * @default true\n */\n session?: boolean\n /**\n * Whitelist of user fields to include.\n * @default ['id', 'name', 'email', 'image', 'emailVerified', 'createdAt']\n */\n fields?: string[]\n /**\n * Extend the wide event with additional fields derived from the session.\n * Useful for Better Auth plugins (organizations, roles, etc.).\n *\n * @example\n * ```ts\n * identifyUser(log, session, {\n * extend: (session) => ({\n * organization: session.user.activeOrganization,\n * role: session.user.role,\n * }),\n * })\n * ```\n */\n extend?: (session: { user: Record<string, unknown>, session: Record<string, unknown> }) => Record<string, unknown> | undefined\n}\n\n/**\n * Options for `createAuthMiddleware`.\n */\nexport interface AuthMiddlewareOptions extends IdentifyOptions {\n /**\n * Route patterns to skip session resolution (glob).\n * @default ['/api/auth/**']\n */\n exclude?: string[]\n /**\n * Route patterns to apply session resolution (glob).\n * If set, only matching routes are resolved.\n */\n include?: string[]\n /**\n * Called after a user is successfully identified.\n * Use to add conditional logic based on user data (e.g. force-keep logs for premium users).\n */\n onIdentify?: (log: RequestLogger, session: { user: Record<string, unknown>, session: Record<string, unknown> }) => void | Promise<void>\n /**\n * Called when no session is found (anonymous request).\n */\n onAnonymous?: (log: RequestLogger) => void | Promise<void>\n}\n\n/**\n * Options for `createAuthIdentifier`.\n */\nexport type AuthIdentifierOptions = AuthMiddlewareOptions\n\nconst DEFAULT_USER_FIELDS = ['id', 'name', 'email', 'image', 'emailVerified', 'createdAt']\n\nconst isDev = typeof process !== 'undefined' && process.env?.NODE_ENV !== 'production'\n\n/**\n * Mask an email address for safe logging: `hugo@example.com` -> `h***@example.com`.\n */\nexport function maskEmail(email: string): string {\n const atIndex = email.indexOf('@')\n if (atIndex <= 0) return '***'\n return `${email[0]}***${email.slice(atIndex)}`\n}\n\nfunction extractUserData(\n user: Record<string, unknown>,\n options?: IdentifyOptions,\n): AuthUserData {\n const fields = options?.fields ?? DEFAULT_USER_FIELDS\n const data: Record<string, unknown> = {}\n\n if (user.id !== undefined && user.id !== null) {\n data.id = user.id\n }\n\n for (const field of fields) {\n if (field === 'id') continue\n const value = user[field]\n if (value === undefined || value === null) continue\n\n if (field === 'email' && options?.maskEmail && typeof value === 'string') {\n data[field] = maskEmail(value)\n } else if (field === 'createdAt' && value instanceof Date) {\n data[field] = value.toISOString()\n } else {\n data[field] = value\n }\n }\n\n return data as unknown as AuthUserData\n}\n\nfunction extractSessionData(\n session: Record<string, unknown>,\n): AuthSessionData {\n const data: AuthSessionData = { id: String(session.id) }\n\n if (session.expiresAt) {\n data.expiresAt = session.expiresAt instanceof Date\n ? session.expiresAt.toISOString()\n : String(session.expiresAt)\n }\n if (typeof session.ipAddress === 'string') data.ipAddress = session.ipAddress\n if (typeof session.userAgent === 'string') data.userAgent = session.userAgent\n if (session.createdAt) {\n data.createdAt = session.createdAt instanceof Date\n ? session.createdAt.toISOString()\n : String(session.createdAt)\n }\n\n return data\n}\n\n/**\n * Identify a user on a wide event from a Better Auth session result.\n *\n * Sets `userId`, `user`, and optionally `session` fields on the logger.\n * Safe by default — only extracts whitelisted fields and never logs passwords or tokens.\n *\n * Returns `true` if the user was identified, `false` if session data was missing.\n *\n * @example\n * ```ts\n * import { identifyUser } from 'evlog/better-auth'\n *\n * const session = await auth.api.getSession({ headers: event.headers })\n * if (session) {\n * identifyUser(log, session)\n * }\n * ```\n *\n * @example With email masking\n * ```ts\n * identifyUser(log, session, { maskEmail: true })\n * // user.email → \"h***@example.com\"\n * ```\n *\n * @example With extend for Better Auth plugins\n * ```ts\n * identifyUser(log, session, {\n * extend: (s) => ({\n * organization: s.user.activeOrganization,\n * role: s.user.role,\n * }),\n * })\n * ```\n */\nexport function identifyUser(\n log: RequestLogger,\n session: { user: Record<string, unknown>, session: Record<string, unknown> },\n options?: IdentifyOptions,\n): boolean {\n const user = extractUserData(session.user, options)\n if (!user.id) return false\n\n const includeSession = options?.session !== false\n\n const data: Record<string, unknown> = {\n userId: user.id,\n user,\n }\n\n if (includeSession) {\n data.session = extractSessionData(session.session)\n }\n\n if (options?.extend) {\n const extra = options.extend(session)\n if (extra) Object.assign(data, extra)\n }\n\n log.set(data)\n return true\n}\n\nfunction shouldResolve(path: string, options?: { exclude?: string[], include?: string[] }): boolean {\n const exclude = options?.exclude ?? ['/api/auth/**']\n for (const pattern of exclude) {\n if (matchesPattern(path, pattern)) return false\n }\n\n if (options?.include) {\n for (const pattern of options.include) {\n if (matchesPattern(path, pattern)) return true\n }\n return false\n }\n\n return true\n}\n\n/**\n * Create an async function that resolves a Better Auth session from headers\n * and identifies the user on the logger.\n *\n * Works with any framework — just pass the auth instance and call the returned\n * function with a logger and headers. Supports `include`/`exclude` route patterns\n * and lifecycle hooks (`onIdentify`, `onAnonymous`).\n *\n * @example Nuxt server middleware\n * ```ts\n * import { createAuthMiddleware } from 'evlog/better-auth'\n *\n * const identify = createAuthMiddleware(auth, {\n * exclude: ['/api/auth/**', '/api/public/**'],\n * })\n *\n * export default defineEventHandler(async (event) => {\n * if (!event.context.log) return\n * await identify(event.context.log, event.headers, event.path)\n * })\n * ```\n *\n * @example Express\n * ```ts\n * const identify = createAuthMiddleware(auth, { maskEmail: true })\n *\n * app.use(async (req, res, next) => {\n * await identify(req.log, req.headers, req.path)\n * next()\n * })\n * ```\n */\nexport function createAuthMiddleware(\n auth: BetterAuthInstance,\n options?: AuthMiddlewareOptions,\n): (log: RequestLogger, headers: Headers | Record<string, string | string[] | undefined>, path?: string) => Promise<boolean> {\n return async (log, headers, path?) => {\n if (path && !shouldResolve(path, options)) return false\n\n const start = Date.now()\n try {\n const session = await auth.api.getSession({ headers })\n const resolvedIn = Date.now() - start\n\n if (session) {\n const identified = identifyUser(log, session, options)\n if (identified) {\n log.set({ auth: { resolvedIn, identified: true } } as Record<string, unknown>)\n if (options?.onIdentify) await options.onIdentify(log, session)\n return true\n }\n }\n\n log.set({ auth: { resolvedIn, identified: false } } as Record<string, unknown>)\n if (options?.onAnonymous) await options.onAnonymous(log)\n return false\n } catch (err) {\n const resolvedIn = Date.now() - start\n log.set({ auth: { resolvedIn, identified: false, error: true } } as Record<string, unknown>)\n if (isDev) console.warn('[evlog/better-auth] Session resolution failed:', err)\n if (options?.onAnonymous) await options.onAnonymous(log)\n return false\n }\n }\n}\n\n/**\n * Create a Nitro `request` hook that auto-identifies users from Better Auth sessions.\n *\n * Resolves the session from request cookies on every request and sets user/session\n * context on the evlog logger. Skips `/api/auth/**` by default to avoid resolving\n * sessions during auth flows.\n *\n * @example\n * ```ts\n * // server/plugins/evlog-auth.ts\n * import { createAuthIdentifier } from 'evlog/better-auth'\n * import { auth } from '~/lib/auth'\n *\n * export default defineNitroPlugin((nitroApp) => {\n * nitroApp.hooks.hook('request', createAuthIdentifier(auth))\n * })\n * ```\n *\n * @example With options\n * ```ts\n * nitroApp.hooks.hook('request', createAuthIdentifier(auth, {\n * maskEmail: true,\n * exclude: ['/api/auth/**', '/api/public/**'],\n * }))\n * ```\n */\nexport function createAuthIdentifier(\n auth: BetterAuthInstance,\n options?: AuthIdentifierOptions,\n): (event: { path: string, headers: Headers | { get(name: string): string | null }, context: { log?: RequestLogger } }) => Promise<void> {\n const middleware = createAuthMiddleware(auth, options)\n\n return async (event) => {\n if (!event.context.log) return\n await middleware(event.context.log, event.headers as Headers, event.path)\n }\n}\n"],"mappings":";;AA2GA,MAAM,sBAAsB;CAAC;CAAM;CAAQ;CAAS;CAAS;CAAiB;CAAY;AAE1F,MAAM,QAAQ,OAAO,YAAY,eAAe,QAAQ,KAAK,aAAa;;;;AAK1E,SAAgB,UAAU,OAAuB;CAC/C,MAAM,UAAU,MAAM,QAAQ,IAAI;AAClC,KAAI,WAAW,EAAG,QAAO;AACzB,QAAO,GAAG,MAAM,GAAG,KAAK,MAAM,MAAM,QAAQ;;AAG9C,SAAS,gBACP,MACA,SACc;CACd,MAAM,SAAS,SAAS,UAAU;CAClC,MAAM,OAAgC,EAAE;AAExC,KAAI,KAAK,OAAO,KAAA,KAAa,KAAK,OAAO,KACvC,MAAK,KAAK,KAAK;AAGjB,MAAK,MAAM,SAAS,QAAQ;AAC1B,MAAI,UAAU,KAAM;EACpB,MAAM,QAAQ,KAAK;AACnB,MAAI,UAAU,KAAA,KAAa,UAAU,KAAM;AAE3C,MAAI,UAAU,WAAW,SAAS,aAAa,OAAO,UAAU,SAC9D,MAAK,SAAS,UAAU,MAAM;WACrB,UAAU,eAAe,iBAAiB,KACnD,MAAK,SAAS,MAAM,aAAa;MAEjC,MAAK,SAAS;;AAIlB,QAAO;;AAGT,SAAS,mBACP,SACiB;CACjB,MAAM,OAAwB,EAAE,IAAI,OAAO,QAAQ,GAAG,EAAE;AAExD,KAAI,QAAQ,UACV,MAAK,YAAY,QAAQ,qBAAqB,OAC1C,QAAQ,UAAU,aAAa,GAC/B,OAAO,QAAQ,UAAU;AAE/B,KAAI,OAAO,QAAQ,cAAc,SAAU,MAAK,YAAY,QAAQ;AACpE,KAAI,OAAO,QAAQ,cAAc,SAAU,MAAK,YAAY,QAAQ;AACpE,KAAI,QAAQ,UACV,MAAK,YAAY,QAAQ,qBAAqB,OAC1C,QAAQ,UAAU,aAAa,GAC/B,OAAO,QAAQ,UAAU;AAG/B,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqCT,SAAgB,aACd,KACA,SACA,SACS;CACT,MAAM,OAAO,gBAAgB,QAAQ,MAAM,QAAQ;AACnD,KAAI,CAAC,KAAK,GAAI,QAAO;CAErB,MAAM,iBAAiB,SAAS,YAAY;CAE5C,MAAM,OAAgC;EACpC,QAAQ,KAAK;EACb;EACD;AAED,KAAI,eACF,MAAK,UAAU,mBAAmB,QAAQ,QAAQ;AAGpD,KAAI,SAAS,QAAQ;EACnB,MAAM,QAAQ,QAAQ,OAAO,QAAQ;AACrC,MAAI,MAAO,QAAO,OAAO,MAAM,MAAM;;AAGvC,KAAI,IAAI,KAAK;AACb,QAAO;;AAGT,SAAS,cAAc,MAAc,SAA+D;CAClG,MAAM,UAAU,SAAS,WAAW,CAAC,eAAe;AACpD,MAAK,MAAM,WAAW,QACpB,KAAI,eAAe,MAAM,QAAQ,CAAE,QAAO;AAG5C,KAAI,SAAS,SAAS;AACpB,OAAK,MAAM,WAAW,QAAQ,QAC5B,KAAI,eAAe,MAAM,QAAQ,CAAE,QAAO;AAE5C,SAAO;;AAGT,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmCT,SAAgB,qBACd,MACA,SAC2H;AAC3H,QAAO,OAAO,KAAK,SAAS,SAAU;AACpC,MAAI,QAAQ,CAAC,cAAc,MAAM,QAAQ,CAAE,QAAO;EAElD,MAAM,QAAQ,KAAK,KAAK;AACxB,MAAI;GACF,MAAM,UAAU,MAAM,KAAK,IAAI,WAAW,EAAE,SAAS,CAAC;GACtD,MAAM,aAAa,KAAK,KAAK,GAAG;AAEhC,OAAI;QACiB,aAAa,KAAK,SAAS,QAChC,EAAE;AACd,SAAI,IAAI,EAAE,MAAM;MAAE;MAAY,YAAY;MAAM,EAAE,CAA4B;AAC9E,SAAI,SAAS,WAAY,OAAM,QAAQ,WAAW,KAAK,QAAQ;AAC/D,YAAO;;;AAIX,OAAI,IAAI,EAAE,MAAM;IAAE;IAAY,YAAY;IAAO,EAAE,CAA4B;AAC/E,OAAI,SAAS,YAAa,OAAM,QAAQ,YAAY,IAAI;AACxD,UAAO;WACA,KAAK;GACZ,MAAM,aAAa,KAAK,KAAK,GAAG;AAChC,OAAI,IAAI,EAAE,MAAM;IAAE;IAAY,YAAY;IAAO,OAAO;IAAM,EAAE,CAA4B;AAC5F,OAAI,MAAO,SAAQ,KAAK,kDAAkD,IAAI;AAC9E,OAAI,SAAS,YAAa,OAAM,QAAQ,YAAY,IAAI;AACxD,UAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+Bb,SAAgB,qBACd,MACA,SACuI;CACvI,MAAM,aAAa,qBAAqB,MAAM,QAAQ;AAEtD,QAAO,OAAO,UAAU;AACtB,MAAI,CAAC,MAAM,QAAQ,IAAK;AACxB,QAAM,WAAW,MAAM,QAAQ,KAAK,MAAM,SAAoB,MAAM,KAAK"}
package/dist/browser.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- import { F as DrainContext } from "./audit-mUutdf6A.mjs";
1
+ import { F as DrainContext } from "./audit-CTIviX3P.mjs";
2
2
  import { PipelineDrainFn } from "./pipeline.mjs";
3
3
  import { HttpDrainConfig, HttpLogDrainOptions } from "./http.mjs";
4
4
 
package/dist/elysia/index.d.mts CHANGED
@@ -1,5 +1,5 @@
1
- import { Y as RequestLogger } from "../audit-mUutdf6A.mjs";
2
- import { t as BaseEvlogOptions } from "../middleware-BYf26Lfu.mjs";
1
+ import { Y as RequestLogger } from "../audit-CTIviX3P.mjs";
2
+ import { t as BaseEvlogOptions } from "../middleware-CTnDsST-.mjs";
3
3
  import { Elysia } from "elysia";
4
4
 
5
5
  //#region src/elysia/index.d.ts
package/dist/elysia/index.mjs CHANGED
@@ -1,6 +1,6 @@
1
1
  import { filterSafeHeaders } from "../utils.mjs";
2
- import { t as createMiddlewareLogger } from "../middleware-BWOJ7JI0.mjs";
3
- import { t as attachForkToLogger } from "../fork-CTJXnpl8.mjs";
2
+ import { t as createMiddlewareLogger } from "../middleware-oAccqyPp.mjs";
3
+ import { t as attachForkToLogger } from "../fork-D1j1Fuzy.mjs";
4
4
  import { AsyncLocalStorage } from "node:async_hooks";
5
5
  import { Elysia } from "elysia";
6
6
  //#region src/elysia/index.ts
package/dist/enrichers.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- import { I as EnrichContext } from "./audit-mUutdf6A.mjs";
1
+ import { I as EnrichContext } from "./audit-CTIviX3P.mjs";
2
2
 
3
3
  //#region src/enrichers/index.d.ts
4
4
  interface EnricherOptions {
package/dist/enrichers.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"enrichers.mjs","names":[],"sources":["../src/enrichers/index.ts"],"sourcesContent":["import type { EnrichContext } from '../types'\n\nexport interface EnricherOptions {\n /**\n * When true, overwrite any existing fields in the event.\n * Defaults to false to preserve user-provided data.\n */\n overwrite?: boolean\n}\n\nexport interface UserAgentInfo {\n raw: string\n browser?: { name: string; version?: string }\n os?: { name: string; version?: string }\n device?: { type: 'mobile' | 'tablet' | 'desktop' | 'bot' | 'unknown' }\n}\n\nexport interface GeoInfo {\n country?: string\n region?: string\n regionCode?: string\n city?: string\n latitude?: number\n longitude?: number\n}\n\nexport interface RequestSizeInfo {\n requestBytes?: number\n responseBytes?: number\n}\n\nexport interface TraceContextInfo {\n traceparent?: string\n tracestate?: string\n traceId?: string\n spanId?: string\n}\n\nfunction getHeader(headers: Record<string, string> | undefined, name: string): string | undefined {\n if (!headers) return undefined\n if (headers[name] !== undefined) return headers[name]\n const lowerName = name.toLowerCase()\n if (headers[lowerName] !== undefined) return headers[lowerName]\n for (const [key, value] of Object.entries(headers)) {\n if (key.toLowerCase() === lowerName) return value\n }\n return undefined\n}\n\nfunction parseUserAgent(ua: string): UserAgentInfo {\n const lower = ua.toLowerCase()\n\n let deviceType: UserAgentInfo['device'] = { type: 'unknown' }\n if (/bot|crawl|spider|slurp|bingpreview/.test(lower)) {\n deviceType = { type: 'bot' }\n } else if (/ipad|tablet/.test(lower)) {\n deviceType = { type: 'tablet' }\n } else if (/mobi|iphone|android/.test(lower)) {\n deviceType = { type: 'mobile' }\n } else if (ua.length > 0) {\n deviceType = { type: 'desktop' }\n }\n\n const browserMatchers: Array<{ name: string, regex: RegExp }> = [\n { name: 'Edge', regex: /edg\\/([\\d.]+)/i },\n { name: 'Chrome', regex: /chrome\\/([\\d.]+)/i },\n { name: 'Firefox', regex: /firefox\\/([\\d.]+)/i },\n { name: 'Safari', regex: /version\\/([\\d.]+).*safari/i },\n ]\n\n let browser: UserAgentInfo['browser']\n for (const matcher of browserMatchers) {\n const match = ua.match(matcher.regex)\n if (match) {\n browser = { name: matcher.name, version: match[1] }\n break\n }\n }\n\n let os: UserAgentInfo['os']\n if (/windows nt/i.test(ua)) {\n const match = ua.match(/windows nt ([\\d.]+)/i)\n os = { name: 'Windows', version: match?.[1] }\n } else if (/mac os x/i.test(ua) && !/iphone|ipad|ipod/i.test(ua)) {\n const match = ua.match(/mac os x ([\\d_]+)/i)\n os = { name: 'macOS', version: match?.[1]?.replace(/_/g, '.') }\n } else if (/iphone|ipad|ipod/i.test(ua)) {\n const match = ua.match(/os ([\\d_]+)/i)\n os = { name: 'iOS', version: match?.[1]?.replace(/_/g, '.') }\n } else if (/android/i.test(ua)) {\n const match = ua.match(/android ([\\d.]+)/i)\n os = { name: 'Android', version: match?.[1] }\n } else if (/linux/i.test(ua)) {\n os = { name: 'Linux' }\n }\n\n return {\n raw: ua,\n browser,\n os,\n device: deviceType,\n }\n}\n\nfunction parseTraceparent(traceparent: string): Pick<TraceContextInfo, 'traceId' | 'spanId'> | undefined {\n const match = traceparent.match(/^[\\da-f]{2}-([\\da-f]{32})-([\\da-f]{16})-[\\da-f]{2}$/i)\n if (!match) return undefined\n return { traceId: match[1], spanId: match[2] }\n}\n\nfunction mergeEventField<T extends object>(\n existing: unknown,\n computed: T,\n overwrite?: boolean,\n): T {\n if (overwrite || existing === undefined || existing === null || typeof existing !== 'object') {\n return computed\n }\n return { ...computed, ...(existing as T) }\n}\n\nfunction normalizeNumber(value: string | undefined): number | undefined {\n if (!value) return undefined\n const parsed = Number(value)\n return Number.isFinite(parsed) ? parsed : undefined\n}\n\n/**\n * Enrich events with parsed user agent data.\n * Sets `event.userAgent` with `UserAgentInfo` shape: `{ raw, browser?, os?, device? }`.\n */\nexport function createUserAgentEnricher(options: EnricherOptions = {}): (ctx: EnrichContext) => void {\n return (ctx) => {\n const ua = getHeader(ctx.headers, 'user-agent')\n if (!ua) return\n const info = parseUserAgent(ua)\n ctx.event.userAgent = mergeEventField<UserAgentInfo>(ctx.event.userAgent, info, options.overwrite)\n }\n}\n\n/**\n * Enrich events with geo data from platform headers.\n * Sets `event.geo` with `GeoInfo` shape: `{ country?, region?, regionCode?, city?, latitude?, longitude? }`.\n *\n * Supports Vercel (`x-vercel-ip-*`) headers out of the box.\n *\n * **Cloudflare note:** Only `cf-ipcountry` is an actual HTTP header added by Cloudflare.\n * The `cf-region`, `cf-city`, `cf-latitude`, `cf-longitude` headers are NOT standard\n * Cloudflare headers — they are properties of `request.cf` which is not exposed as HTTP\n * headers. For full geo data on Cloudflare, write a custom enricher that reads `request.cf`\n * or use a Workers middleware to copy `cf` properties into custom headers.\n */\nexport function createGeoEnricher(options: EnricherOptions = {}): (ctx: EnrichContext) => void {\n return (ctx) => {\n const { headers } = ctx\n if (!headers) return\n\n const geo: GeoInfo = {\n country: getHeader(headers, 'x-vercel-ip-country') ?? getHeader(headers, 'cf-ipcountry'),\n region: getHeader(headers, 'x-vercel-ip-country-region') ?? getHeader(headers, 'cf-region'),\n regionCode: getHeader(headers, 'x-vercel-ip-country-region-code') ?? getHeader(headers, 'cf-region-code'),\n city: getHeader(headers, 'x-vercel-ip-city') ?? getHeader(headers, 'cf-city'),\n latitude: normalizeNumber(getHeader(headers, 'x-vercel-ip-latitude') ?? getHeader(headers, 'cf-latitude')),\n longitude: normalizeNumber(getHeader(headers, 'x-vercel-ip-longitude') ?? getHeader(headers, 'cf-longitude')),\n }\n\n if (Object.values(geo).every(value => value === undefined)) return\n ctx.event.geo = mergeEventField<GeoInfo>(ctx.event.geo, geo, options.overwrite)\n }\n}\n\n/**\n * Enrich events with request/response payload sizes.\n * Sets `event.requestSize` with `RequestSizeInfo` shape: `{ requestBytes?, responseBytes? }`.\n */\nexport function createRequestSizeEnricher(options: EnricherOptions = {}): (ctx: EnrichContext) => void {\n return (ctx) => {\n const requestBytes = normalizeNumber(getHeader(ctx.headers, 'content-length'))\n const responseBytes = normalizeNumber(getHeader(ctx.response?.headers, 'content-length'))\n\n const sizes: RequestSizeInfo = {\n requestBytes,\n responseBytes,\n }\n\n if (requestBytes === undefined && responseBytes === undefined) return\n ctx.event.requestSize = mergeEventField<RequestSizeInfo>(ctx.event.requestSize, sizes, options.overwrite)\n }\n}\n\n/**\n * Enrich events with W3C trace context data.\n * Sets `event.traceContext` with `TraceContextInfo` shape: `{ traceparent?, tracestate?, traceId?, spanId? }`.\n * Also sets `event.traceId` and `event.spanId` at the top level.\n */\nexport function createTraceContextEnricher(options: EnricherOptions = {}): (ctx: EnrichContext) => void {\n return (ctx) => {\n const traceparent = getHeader(ctx.headers, 'traceparent')\n const tracestate = getHeader(ctx.headers, 'tracestate')\n if (!traceparent && !tracestate) return\n\n const parsed = traceparent ? parseTraceparent(traceparent) : undefined\n const incomingTraceContext: TraceContextInfo = {\n traceparent,\n tracestate,\n traceId: parsed?.traceId ?? (ctx.event.traceId as string | undefined),\n spanId: parsed?.spanId ?? (ctx.event.spanId as string | undefined),\n }\n\n const mergedTraceContext = mergeEventField<TraceContextInfo>(\n ctx.event.traceContext,\n incomingTraceContext,\n options.overwrite,\n )\n ctx.event.traceContext = mergedTraceContext\n\n if (mergedTraceContext.traceId && (options.overwrite || ctx.event.traceId === undefined)) {\n ctx.event.traceId = mergedTraceContext.traceId\n }\n if (mergedTraceContext.spanId && (options.overwrite || ctx.event.spanId === undefined)) {\n ctx.event.spanId = mergedTraceContext.spanId\n }\n }\n}\n"],"mappings":";AAsCA,SAAS,UAAU,SAA6C,MAAkC;AAChG,KAAI,CAAC,QAAS,QAAO,KAAA;AACrB,KAAI,QAAQ,UAAU,KAAA,EAAW,QAAO,QAAQ;CAChD,MAAM,YAAY,KAAK,aAAa;AACpC,KAAI,QAAQ,eAAe,KAAA,EAAW,QAAO,QAAQ;AACrD,MAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,QAAQ,CAChD,KAAI,IAAI,aAAa,KAAK,UAAW,QAAO;;AAKhD,SAAS,eAAe,IAA2B;CACjD,MAAM,QAAQ,GAAG,aAAa;CAE9B,IAAI,aAAsC,EAAE,MAAM,WAAW;AAC7D,KAAI,qCAAqC,KAAK,MAAM,CAClD,cAAa,EAAE,MAAM,OAAO;UACnB,cAAc,KAAK,MAAM,CAClC,cAAa,EAAE,MAAM,UAAU;UACtB,sBAAsB,KAAK,MAAM,CAC1C,cAAa,EAAE,MAAM,UAAU;UACtB,GAAG,SAAS,EACrB,cAAa,EAAE,MAAM,WAAW;CAGlC,MAAM,kBAA0D;EAC9D;GAAE,MAAM;GAAQ,OAAO;GAAkB;EACzC;GAAE,MAAM;GAAU,OAAO;GAAqB;EAC9C;GAAE,MAAM;GAAW,OAAO;GAAsB;EAChD;GAAE,MAAM;GAAU,OAAO;GAA8B;EACxD;CAED,IAAI;AACJ,MAAK,MAAM,WAAW,iBAAiB;EACrC,MAAM,QAAQ,GAAG,MAAM,QAAQ,MAAM;AACrC,MAAI,OAAO;AACT,aAAU;IAAE,MAAM,QAAQ;IAAM,SAAS,MAAM;IAAI;AACnD;;;CAIJ,IAAI;AACJ,KAAI,cAAc,KAAK,GAAG,CAExB,MAAK;EAAE,MAAM;EAAW,SADV,GAAG,MAAM,uBAAuB,GACL;EAAI;UACpC,YAAY,KAAK,GAAG,IAAI,CAAC,oBAAoB,KAAK,GAAG,CAE9D,MAAK;EAAE,MAAM;EAAS,SADR,GAAG,MAAM,qBAAqB,GACL,IAAI,QAAQ,MAAM,IAAI;EAAE;UACtD,oBAAoB,KAAK,GAAG,CAErC,MAAK;EAAE,MAAM;EAAO,SADN,GAAG,MAAM,eAAe,GACD,IAAI,QAAQ,MAAM,IAAI;EAAE;UACpD,WAAW,KAAK,GAAG,CAE5B,MAAK;EAAE,MAAM;EAAW,SADV,GAAG,MAAM,oBAAoB,GACF;EAAI;UACpC,SAAS,KAAK,GAAG,CAC1B,MAAK,EAAE,MAAM,SAAS;AAGxB,QAAO;EACL,KAAK;EACL;EACA;EACA,QAAQ;EACT;;AAGH,SAAS,iBAAiB,aAA+E;CACvG,MAAM,QAAQ,YAAY,MAAM,uDAAuD;AACvF,KAAI,CAAC,MAAO,QAAO,KAAA;AACnB,QAAO;EAAE,SAAS,MAAM;EAAI,QAAQ,MAAM;EAAI;;AAGhD,SAAS,gBACP,UACA,UACA,WACG;AACH,KAAI,aAAa,aAAa,KAAA,KAAa,aAAa,QAAQ,OAAO,aAAa,SAClF,QAAO;AAET,QAAO;EAAE,GAAG;EAAU,GAAI;EAAgB;;AAG5C,SAAS,gBAAgB,OAA+C;AACtE,KAAI,CAAC,MAAO,QAAO,KAAA;CACnB,MAAM,SAAS,OAAO,MAAM;AAC5B,QAAO,OAAO,SAAS,OAAO,GAAG,SAAS,KAAA;;;;;;AAO5C,SAAgB,wBAAwB,UAA2B,EAAE,EAAgC;AACnG,SAAQ,QAAQ;EACd,MAAM,KAAK,UAAU,IAAI,SAAS,aAAa;AAC/C,MAAI,CAAC,GAAI;EACT,MAAM,OAAO,eAAe,GAAG;AAC/B,MAAI,MAAM,YAAY,gBAA+B,IAAI,MAAM,WAAW,MAAM,QAAQ,UAAU;;;;;;;;;;;;;;;AAgBtG,SAAgB,kBAAkB,UAA2B,EAAE,EAAgC;AAC7F,SAAQ,QAAQ;EACd,MAAM,EAAE,YAAY;AACpB,MAAI,CAAC,QAAS;EAEd,MAAM,MAAe;GACnB,SAAS,UAAU,SAAS,sBAAsB,IAAI,UAAU,SAAS,eAAe;GACxF,QAAQ,UAAU,SAAS,6BAA6B,IAAI,UAAU,SAAS,YAAY;GAC3F,YAAY,UAAU,SAAS,kCAAkC,IAAI,UAAU,SAAS,iBAAiB;GACzG,MAAM,UAAU,SAAS,mBAAmB,IAAI,UAAU,SAAS,UAAU;GAC7E,UAAU,gBAAgB,UAAU,SAAS,uBAAuB,IAAI,UAAU,SAAS,cAAc,CAAC;GAC1G,WAAW,gBAAgB,UAAU,SAAS,wBAAwB,IAAI,UAAU,SAAS,eAAe,CAAC;GAC9G;AAED,MAAI,OAAO,OAAO,IAAI,CAAC,OAAM,UAAS,UAAU,KAAA,EAAU,CAAE;AAC5D,MAAI,MAAM,MAAM,gBAAyB,IAAI,MAAM,KAAK,KAAK,QAAQ,UAAU;;;;;;;AAQnF,SAAgB,0BAA0B,UAA2B,EAAE,EAAgC;AACrG,SAAQ,QAAQ;EACd,MAAM,eAAe,gBAAgB,UAAU,IAAI,SAAS,iBAAiB,CAAC;EAC9E,MAAM,gBAAgB,gBAAgB,UAAU,IAAI,UAAU,SAAS,iBAAiB,CAAC;EAEzF,MAAM,QAAyB;GAC7B;GACA;GACD;AAED,MAAI,iBAAiB,KAAA,KAAa,kBAAkB,KAAA,EAAW;AAC/D,MAAI,MAAM,cAAc,gBAAiC,IAAI,MAAM,aAAa,OAAO,QAAQ,UAAU;;;;;;;;AAS7G,SAAgB,2BAA2B,UAA2B,EAAE,EAAgC;AACtG,SAAQ,QAAQ;EACd,MAAM,cAAc,UAAU,IAAI,SAAS,cAAc;EACzD,MAAM,aAAa,UAAU,IAAI,SAAS,aAAa;AACvD,MAAI,CAAC,eAAe,CAAC,WAAY;EAEjC,MAAM,SAAS,cAAc,iBAAiB,YAAY,GAAG,KAAA;EAC7D,MAAM,uBAAyC;GAC7C;GACA;GACA,SAAS,QAAQ,WAAY,IAAI,MAAM;GACvC,QAAQ,QAAQ,UAAW,IAAI,MAAM;GACtC;EAED,MAAM,qBAAqB,gBACzB,IAAI,MAAM,cACV,sBACA,QAAQ,UACT;AACD,MAAI,MAAM,eAAe;AAEzB,MAAI,mBAAmB,YAAY,QAAQ,aAAa,IAAI,MAAM,YAAY,KAAA,GAC5E,KAAI,MAAM,UAAU,mBAAmB;AAEzC,MAAI,mBAAmB,WAAW,QAAQ,aAAa,IAAI,MAAM,WAAW,KAAA,GAC1E,KAAI,MAAM,SAAS,mBAAmB"}
1
+ {"version":3,"file":"enrichers.mjs","names":[],"sources":["../src/enrichers/index.ts"],"sourcesContent":["import type { EnrichContext } from '../types'\n\nexport interface EnricherOptions {\n /**\n * When true, overwrite any existing fields in the event.\n * Defaults to false to preserve user-provided data.\n */\n overwrite?: boolean\n}\n\nexport interface UserAgentInfo {\n raw: string\n browser?: { name: string; version?: string }\n os?: { name: string; version?: string }\n device?: { type: 'mobile' | 'tablet' | 'desktop' | 'bot' | 'unknown' }\n}\n\nexport interface GeoInfo {\n country?: string\n region?: string\n regionCode?: string\n city?: string\n latitude?: number\n longitude?: number\n}\n\nexport interface RequestSizeInfo {\n requestBytes?: number\n responseBytes?: number\n}\n\nexport interface TraceContextInfo {\n traceparent?: string\n tracestate?: string\n traceId?: string\n spanId?: string\n}\n\nfunction getHeader(headers: Record<string, string> | undefined, name: string): string | undefined {\n if (!headers) return undefined\n if (headers[name] !== undefined) return headers[name]\n const lowerName = name.toLowerCase()\n if (headers[lowerName] !== undefined) return headers[lowerName]\n for (const [key, value] of Object.entries(headers)) {\n if (key.toLowerCase() === lowerName) return value\n }\n return undefined\n}\n\nfunction parseUserAgent(ua: string): UserAgentInfo {\n const lower = ua.toLowerCase()\n\n let deviceType: UserAgentInfo['device'] = { type: 'unknown' }\n if (/bot|crawl|spider|slurp|bingpreview/.test(lower)) {\n deviceType = { type: 'bot' }\n } else if (/ipad|tablet/.test(lower)) {\n deviceType = { type: 'tablet' }\n } else if (/mobi|iphone|android/.test(lower)) {\n deviceType = { type: 'mobile' }\n } else if (ua.length > 0) {\n deviceType = { type: 'desktop' }\n }\n\n const browserMatchers: Array<{ name: string, regex: RegExp }> = [\n { name: 'Edge', regex: /edg\\/([\\d.]+)/i },\n { name: 'Chrome', regex: /chrome\\/([\\d.]+)/i },\n { name: 'Firefox', regex: /firefox\\/([\\d.]+)/i },\n { name: 'Safari', regex: /version\\/([\\d.]+).*safari/i },\n ]\n\n let browser: UserAgentInfo['browser']\n for (const matcher of browserMatchers) {\n const match = ua.match(matcher.regex)\n if (match) {\n browser = { name: matcher.name, version: match[1] }\n break\n }\n }\n\n let os: UserAgentInfo['os']\n if (/windows nt/i.test(ua)) {\n const match = ua.match(/windows nt ([\\d.]+)/i)\n os = { name: 'Windows', version: match?.[1] }\n } else if (/mac os x/i.test(ua) && !/iphone|ipad|ipod/i.test(ua)) {\n const match = ua.match(/mac os x ([\\d_]+)/i)\n os = { name: 'macOS', version: match?.[1]?.replace(/_/g, '.') }\n } else if (/iphone|ipad|ipod/i.test(ua)) {\n const match = ua.match(/os ([\\d_]+)/i)\n os = { name: 'iOS', version: match?.[1]?.replace(/_/g, '.') }\n } else if (/android/i.test(ua)) {\n const match = ua.match(/android ([\\d.]+)/i)\n os = { name: 'Android', version: match?.[1] }\n } else if (/linux/i.test(ua)) {\n os = { name: 'Linux' }\n }\n\n return {\n raw: ua,\n browser,\n os,\n device: deviceType,\n }\n}\n\nfunction parseTraceparent(traceparent: string): Pick<TraceContextInfo, 'traceId' | 'spanId'> | undefined {\n const match = traceparent.match(/^[\\da-f]{2}-([\\da-f]{32})-([\\da-f]{16})-[\\da-f]{2}$/i)\n if (!match) return undefined\n return { traceId: match[1], spanId: match[2] }\n}\n\nfunction mergeEventField<T extends object>(\n existing: unknown,\n computed: T,\n overwrite?: boolean,\n): T {\n if (overwrite || existing === undefined || existing === null || typeof existing !== 'object') {\n return computed\n }\n return { ...computed, ...(existing as T) }\n}\n\nfunction normalizeNumber(value: string | undefined): number | undefined {\n if (!value) return undefined\n const parsed = Number(value)\n return Number.isFinite(parsed) ? parsed : undefined\n}\n\n/**\n * Enrich events with parsed user agent data.\n * Sets `event.userAgent` with `UserAgentInfo` shape: `{ raw, browser?, os?, device? }`.\n */\nexport function createUserAgentEnricher(options: EnricherOptions = {}): (ctx: EnrichContext) => void {\n return (ctx) => {\n const ua = getHeader(ctx.headers, 'user-agent')\n if (!ua) return\n const info = parseUserAgent(ua)\n ctx.event.userAgent = mergeEventField<UserAgentInfo>(ctx.event.userAgent, info, options.overwrite)\n }\n}\n\n/**\n * Enrich events with geo data from platform headers.\n * Sets `event.geo` with `GeoInfo` shape: `{ country?, region?, regionCode?, city?, latitude?, longitude? }`.\n *\n * Supports Vercel (`x-vercel-ip-*`) headers out of the box.\n *\n * **Cloudflare note:** Only `cf-ipcountry` is an actual HTTP header added by Cloudflare.\n * The `cf-region`, `cf-city`, `cf-latitude`, `cf-longitude` headers are NOT standard\n * Cloudflare headers — they are properties of `request.cf` which is not exposed as HTTP\n * headers. For full geo data on Cloudflare, write a custom enricher that reads `request.cf`\n * or use a Workers middleware to copy `cf` properties into custom headers.\n */\nexport function createGeoEnricher(options: EnricherOptions = {}): (ctx: EnrichContext) => void {\n return (ctx) => {\n const { headers } = ctx\n if (!headers) return\n\n const geo: GeoInfo = {\n country: getHeader(headers, 'x-vercel-ip-country') ?? getHeader(headers, 'cf-ipcountry'),\n region: getHeader(headers, 'x-vercel-ip-country-region') ?? getHeader(headers, 'cf-region'),\n regionCode: getHeader(headers, 'x-vercel-ip-country-region-code') ?? getHeader(headers, 'cf-region-code'),\n city: getHeader(headers, 'x-vercel-ip-city') ?? getHeader(headers, 'cf-city'),\n latitude: normalizeNumber(getHeader(headers, 'x-vercel-ip-latitude') ?? getHeader(headers, 'cf-latitude')),\n longitude: normalizeNumber(getHeader(headers, 'x-vercel-ip-longitude') ?? getHeader(headers, 'cf-longitude')),\n }\n\n if (Object.values(geo).every(value => value === undefined)) return\n ctx.event.geo = mergeEventField<GeoInfo>(ctx.event.geo, geo, options.overwrite)\n }\n}\n\n/**\n * Enrich events with request/response payload sizes.\n * Sets `event.requestSize` with `RequestSizeInfo` shape: `{ requestBytes?, responseBytes? }`.\n */\nexport function createRequestSizeEnricher(options: EnricherOptions = {}): (ctx: EnrichContext) => void {\n return (ctx) => {\n const requestBytes = normalizeNumber(getHeader(ctx.headers, 'content-length'))\n const responseBytes = normalizeNumber(getHeader(ctx.response?.headers, 'content-length'))\n\n const sizes: RequestSizeInfo = {\n requestBytes,\n responseBytes,\n }\n\n if (requestBytes === undefined && responseBytes === undefined) return\n ctx.event.requestSize = mergeEventField<RequestSizeInfo>(ctx.event.requestSize, sizes, options.overwrite)\n }\n}\n\n/**\n * Enrich events with W3C trace context data.\n * Sets `event.traceContext` with `TraceContextInfo` shape: `{ traceparent?, tracestate?, traceId?, spanId? }`.\n * Also sets `event.traceId` and `event.spanId` at the top level.\n */\nexport function createTraceContextEnricher(options: EnricherOptions = {}): (ctx: EnrichContext) => void {\n return (ctx) => {\n const traceparent = getHeader(ctx.headers, 'traceparent')\n const tracestate = getHeader(ctx.headers, 'tracestate')\n if (!traceparent && !tracestate) return\n\n const parsed = traceparent ? parseTraceparent(traceparent) : undefined\n const incomingTraceContext: TraceContextInfo = {\n traceparent,\n tracestate,\n traceId: parsed?.traceId ?? (ctx.event.traceId as string | undefined),\n spanId: parsed?.spanId ?? (ctx.event.spanId as string | undefined),\n }\n\n const mergedTraceContext = mergeEventField<TraceContextInfo>(\n ctx.event.traceContext,\n incomingTraceContext,\n options.overwrite,\n )\n ctx.event.traceContext = mergedTraceContext\n\n if (mergedTraceContext.traceId && (options.overwrite || ctx.event.traceId === undefined)) {\n ctx.event.traceId = mergedTraceContext.traceId\n }\n if (mergedTraceContext.spanId && (options.overwrite || ctx.event.spanId === undefined)) {\n ctx.event.spanId = mergedTraceContext.spanId\n }\n }\n}\n"],"mappings":";AAsCA,SAAS,UAAU,SAA6C,MAAkC;AAChG,KAAI,CAAC,QAAS,QAAO,KAAA;AACrB,KAAI,QAAQ,UAAU,KAAA,EAAW,QAAO,QAAQ;CAChD,MAAM,YAAY,KAAK,aAAa;AACpC,KAAI,QAAQ,eAAe,KAAA,EAAW,QAAO,QAAQ;AACrD,MAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,QAAQ,CAChD,KAAI,IAAI,aAAa,KAAK,UAAW,QAAO;;AAKhD,SAAS,eAAe,IAA2B;CACjD,MAAM,QAAQ,GAAG,aAAa;CAE9B,IAAI,aAAsC,EAAE,MAAM,WAAW;AAC7D,KAAI,qCAAqC,KAAK,MAAM,CAClD,cAAa,EAAE,MAAM,OAAO;UACnB,cAAc,KAAK,MAAM,CAClC,cAAa,EAAE,MAAM,UAAU;UACtB,sBAAsB,KAAK,MAAM,CAC1C,cAAa,EAAE,MAAM,UAAU;UACtB,GAAG,SAAS,EACrB,cAAa,EAAE,MAAM,WAAW;CAGlC,MAAM,kBAA0D;EAC9D;GAAE,MAAM;GAAQ,OAAO;GAAkB;EACzC;GAAE,MAAM;GAAU,OAAO;GAAqB;EAC9C;GAAE,MAAM;GAAW,OAAO;GAAsB;EAChD;GAAE,MAAM;GAAU,OAAO;GAA8B;EACxD;CAED,IAAI;AACJ,MAAK,MAAM,WAAW,iBAAiB;EACrC,MAAM,QAAQ,GAAG,MAAM,QAAQ,MAAM;AACrC,MAAI,OAAO;AACT,aAAU;IAAE,MAAM,QAAQ;IAAM,SAAS,MAAM;IAAI;AACnD;;;CAIJ,IAAI;AACJ,KAAI,cAAc,KAAK,GAAG,CAExB,MAAK;EAAE,MAAM;EAAW,SADV,GAAG,MAAM,uBACe,GAAG;EAAI;UACpC,YAAY,KAAK,GAAG,IAAI,CAAC,oBAAoB,KAAK,GAAG,CAE9D,MAAK;EAAE,MAAM;EAAS,SADR,GAAG,MAAM,qBACa,GAAG,IAAI,QAAQ,MAAM,IAAI;EAAE;UACtD,oBAAoB,KAAK,GAAG,CAErC,MAAK;EAAE,MAAM;EAAO,SADN,GAAG,MAAM,eACW,GAAG,IAAI,QAAQ,MAAM,IAAI;EAAE;UACpD,WAAW,KAAK,GAAG,CAE5B,MAAK;EAAE,MAAM;EAAW,SADV,GAAG,MAAM,oBACe,GAAG;EAAI;UACpC,SAAS,KAAK,GAAG,CAC1B,MAAK,EAAE,MAAM,SAAS;AAGxB,QAAO;EACL,KAAK;EACL;EACA;EACA,QAAQ;EACT;;AAGH,SAAS,iBAAiB,aAA+E;CACvG,MAAM,QAAQ,YAAY,MAAM,uDAAuD;AACvF,KAAI,CAAC,MAAO,QAAO,KAAA;AACnB,QAAO;EAAE,SAAS,MAAM;EAAI,QAAQ,MAAM;EAAI;;AAGhD,SAAS,gBACP,UACA,UACA,WACG;AACH,KAAI,aAAa,aAAa,KAAA,KAAa,aAAa,QAAQ,OAAO,aAAa,SAClF,QAAO;AAET,QAAO;EAAE,GAAG;EAAU,GAAI;EAAgB;;AAG5C,SAAS,gBAAgB,OAA+C;AACtE,KAAI,CAAC,MAAO,QAAO,KAAA;CACnB,MAAM,SAAS,OAAO,MAAM;AAC5B,QAAO,OAAO,SAAS,OAAO,GAAG,SAAS,KAAA;;;;;;AAO5C,SAAgB,wBAAwB,UAA2B,EAAE,EAAgC;AACnG,SAAQ,QAAQ;EACd,MAAM,KAAK,UAAU,IAAI,SAAS,aAAa;AAC/C,MAAI,CAAC,GAAI;EACT,MAAM,OAAO,eAAe,GAAG;AAC/B,MAAI,MAAM,YAAY,gBAA+B,IAAI,MAAM,WAAW,MAAM,QAAQ,UAAU;;;;;;;;;;;;;;;AAgBtG,SAAgB,kBAAkB,UAA2B,EAAE,EAAgC;AAC7F,SAAQ,QAAQ;EACd,MAAM,EAAE,YAAY;AACpB,MAAI,CAAC,QAAS;EAEd,MAAM,MAAe;GACnB,SAAS,UAAU,SAAS,sBAAsB,IAAI,UAAU,SAAS,eAAe;GACxF,QAAQ,UAAU,SAAS,6BAA6B,IAAI,UAAU,SAAS,YAAY;GAC3F,YAAY,UAAU,SAAS,kCAAkC,IAAI,UAAU,SAAS,iBAAiB;GACzG,MAAM,UAAU,SAAS,mBAAmB,IAAI,UAAU,SAAS,UAAU;GAC7E,UAAU,gBAAgB,UAAU,SAAS,uBAAuB,IAAI,UAAU,SAAS,cAAc,CAAC;GAC1G,WAAW,gBAAgB,UAAU,SAAS,wBAAwB,IAAI,UAAU,SAAS,eAAe,CAAC;GAC9G;AAED,MAAI,OAAO,OAAO,IAAI,CAAC,OAAM,UAAS,UAAU,KAAA,EAAU,CAAE;AAC5D,MAAI,MAAM,MAAM,gBAAyB,IAAI,MAAM,KAAK,KAAK,QAAQ,UAAU;;;;;;;AAQnF,SAAgB,0BAA0B,UAA2B,EAAE,EAAgC;AACrG,SAAQ,QAAQ;EACd,MAAM,eAAe,gBAAgB,UAAU,IAAI,SAAS,iBAAiB,CAAC;EAC9E,MAAM,gBAAgB,gBAAgB,UAAU,IAAI,UAAU,SAAS,iBAAiB,CAAC;EAEzF,MAAM,QAAyB;GAC7B;GACA;GACD;AAED,MAAI,iBAAiB,KAAA,KAAa,kBAAkB,KAAA,EAAW;AAC/D,MAAI,MAAM,cAAc,gBAAiC,IAAI,MAAM,aAAa,OAAO,QAAQ,UAAU;;;;;;;;AAS7G,SAAgB,2BAA2B,UAA2B,EAAE,EAAgC;AACtG,SAAQ,QAAQ;EACd,MAAM,cAAc,UAAU,IAAI,SAAS,cAAc;EACzD,MAAM,aAAa,UAAU,IAAI,SAAS,aAAa;AACvD,MAAI,CAAC,eAAe,CAAC,WAAY;EAEjC,MAAM,SAAS,cAAc,iBAAiB,YAAY,GAAG,KAAA;EAC7D,MAAM,uBAAyC;GAC7C;GACA;GACA,SAAS,QAAQ,WAAY,IAAI,MAAM;GACvC,QAAQ,QAAQ,UAAW,IAAI,MAAM;GACtC;EAED,MAAM,qBAAqB,gBACzB,IAAI,MAAM,cACV,sBACA,QAAQ,UACT;AACD,MAAI,MAAM,eAAe;AAEzB,MAAI,mBAAmB,YAAY,QAAQ,aAAa,IAAI,MAAM,YAAY,KAAA,GAC5E,KAAI,MAAM,UAAU,mBAAmB;AAEzC,MAAI,mBAAmB,WAAW,QAAQ,aAAa,IAAI,MAAM,WAAW,KAAA,GAC1E,KAAI,MAAM,SAAS,mBAAmB"}