hackwriter 0.0.11 → 0.0.13

package/dist/utils/Logger.js

@@ -1,4 +1,5 @@
 import chalk from 'chalk';
+import { SensitiveDataRedactor } from './SensitiveDataRedactor.js';
 export class Logger {
     static level = 'silent';
     static setLevel(level) {
@@ -38,19 +39,28 @@ export class Logger {
         if (Logger.level === 'silent') {
             return;
         }
-        Logger.log(category, message, undefined, {
+        // Sanitize error message before logging
+        const sanitizedMessage = SensitiveDataRedactor.redactString(message);
+        Logger.log(category, sanitizedMessage, undefined, {
             category: chalk.red,
             message: chalk.red,
         });
         if (error !== undefined) {
             if (error instanceof Error) {
-                console.log(chalk.red(error.stack ?? error.message));
+                // Sanitize error stack and message
+                const sanitizedStack = SensitiveDataRedactor.redactString(error.stack ?? error.message);
+                console.log(chalk.red(sanitizedStack));
             }
             else if (typeof error === 'object' && error !== null) {
-                console.log(chalk.red(JSON.stringify(error, null, 2)));
+                // Redact sensitive fields from error objects
+                const redactedError = SensitiveDataRedactor.redact(error);
+                console.log(chalk.red(JSON.stringify(redactedError, null, 2)));
             }
             else if (typeof error === 'string' || typeof error === 'number' || typeof error === 'boolean') {
-                console.log(chalk.red(String(error)));
+                const sanitizedError = typeof error === 'string'
+                    ? SensitiveDataRedactor.redactString(error)
+                    : String(error);
+                console.log(chalk.red(sanitizedError));
             }
         }
     }

package/dist/utils/Logger.js.map

@@ -1 +1 @@
-{"version":3,"file":"Logger.js","sourceRoot":"","sources":["../../src/utils/Logger.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAI1B,MAAM,OAAO,MAAM;IACT,MAAM,CAAC,KAAK,GAAa,QAAQ,CAAC;IAE1C,MAAM,CAAC,QAAQ,CAAC,KAAe;QAC7B,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC;IACvB,CAAC;IAED,MAAM,CAAC,QAAQ;QACb,OAAO,MAAM,CAAC,KAAK,CAAC;IACtB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,QAAgB,EAAE,OAAe,EAAE,IAAc;QAC5D,IAAI,MAAM,CAAC,KAAK,KAAK,OAAO,EAAE,CAAC;YAC7B,OAAO;QACT,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE;YAClC,QAAQ,EAAE,KAAK,CAAC,IAAI;YACpB,OAAO,EAAE,KAAK,CAAC,KAAK;SACrB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,QAAgB,EAAE,OAAe,EAAE,IAAc;QAC3D,IAAI,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO;QACT,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE;YAClC,QAAQ,EAAE,KAAK,CAAC,IAAI;YACpB,OAAO,EAAE,KAAK,CAAC,KAAK;SACrB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,QAAgB,EAAE,OAAe,EAAE,IAAc;QAC3D,IAAI,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO;QACT,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE;YAClC,QAAQ,EAAE,KAAK,CAAC,MAAM;YACtB,OAAO,EAAE,KAAK,CAAC,MAAM;SACtB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,QAAgB,EAAE,OAAe,EAAE,KAAe;QAC7D,IAAI,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO;QACT,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE;YACvC,QAAQ,EAAE,KAAK,CAAC,GAAG;YACnB,OAAO,EAAE,KAAK,CAAC,GAAG;SACnB,CAAC,CAAC;QAEH,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;YACvD,CAAC;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBACvD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;YACzD,CAAC;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,KAAK,SAAS,EAAE,CAAC;gBAChG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACxC,CAAC;QACH,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,GAAG,CAChB,QAAgB,EAChB,OAAe,EACf,IAAa,EACb,MAGC;QAED,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtE,MAAM,iBAAiB,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,QAAQ,GAAG,CAAC,CAAC;QAC3D,MAAM,kBAAkB,GAAG,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAEjD,OAAO,CAAC,GAAG,CAAC,GAAG,kBAAkB,IAAI,iBAAiB,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAErF,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACvB,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;gBAC9C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;YACzD,CAAC;iBAAM,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,OAAO,IAAI,KAAK,SAAS,EAAE,CAAC;gBAC7F,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACxC,CAAC;QACH,CAAC;IACH,CAAC"}
+{"version":3,"file":"Logger.js","sourceRoot":"","sources":["../../src/utils/Logger.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AAInE,MAAM,OAAO,MAAM;IACT,MAAM,CAAC,KAAK,GAAa,QAAQ,CAAC;IAE1C,MAAM,CAAC,QAAQ,CAAC,KAAe;QAC7B,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC;IACvB,CAAC;IAED,MAAM,CAAC,QAAQ;QACb,OAAO,MAAM,CAAC,KAAK,CAAC;IACtB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,QAAgB,EAAE,OAAe,EAAE,IAAc;QAC5D,IAAI,MAAM,CAAC,KAAK,KAAK,OAAO,EAAE,CAAC;YAC7B,OAAO;QACT,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE;YAClC,QAAQ,EAAE,KAAK,CAAC,IAAI;YACpB,OAAO,EAAE,KAAK,CAAC,KAAK;SACrB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,QAAgB,EAAE,OAAe,EAAE,IAAc;QAC3D,IAAI,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO;QACT,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE;YAClC,QAAQ,EAAE,KAAK,CAAC,IAAI;YACpB,OAAO,EAAE,KAAK,CAAC,KAAK;SACrB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,QAAgB,EAAE,OAAe,EAAE,IAAc;QAC3D,IAAI,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO;QACT,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE;YAClC,QAAQ,EAAE,KAAK,CAAC,MAAM;YACtB,OAAO,EAAE,KAAK,CAAC,MAAM;SACtB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,QAAgB,EAAE,OAAe,EAAE,KAAe;QAC7D,IAAI,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO;QACT,CAAC;QAED,wCAAwC;QACxC,MAAM,gBAAgB,GAAG,qBAAqB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAErE,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE;YAChD,QAAQ,EAAE,KAAK,CAAC,GAAG;YACnB,OAAO,EAAE,KAAK,CAAC,GAAG;SACnB,CAAC,CAAC;QAEH,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,mCAAmC;gBACnC,MAAM,cAAc,GAAG,qBAAqB,CAAC,YAAY,CAAC,KAAK,CAAC,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;gBACxF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC;YACzC,CAAC;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBACvD,6CAA6C;gBAC7C,MAAM,aAAa,GAAG,qBAAqB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAC1D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;YACjE,CAAC;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,KAAK,SAAS,EAAE,CAAC;gBAChG,MAAM,cAAc,GAAG,OAAO,KAAK,KAAK,QAAQ;oBAC9C,CAAC,CAAC,qBAAqB,CAAC,YAAY,CAAC,KAAK,CAAC;oBAC3C,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAClB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC;YACzC,CAAC;QACH,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,GAAG,CAChB,QAAgB,EAChB,OAAe,EACf,IAAa,EACb,MAGC;QAED,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtE,MAAM,iBAAiB,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,QAAQ,GAAG,CAAC,CAAC;QAC3D,MAAM,kBAAkB,GAAG,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAEjD,OAAO,CAAC,GAAG,CAAC,GAAG,kBAAkB,IAAI,iBAAiB,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAErF,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACvB,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;gBAC9C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;YACzD,CAAC;iBAAM,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,OAAO,IAAI,KAAK,SAAS,EAAE,CAAC;gBAC7F,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACxC,CAAC;QACH,CAAC;IACH,CAAC"}

package/dist/utils/PathValidator.d.ts

@@ -0,0 +1,35 @@
+/**
+ * Security error for path validation failures
+ */
+export declare class SecurityError extends Error {
+    readonly path?: string | undefined;
+    readonly violation?: string | undefined;
+    constructor(message: string, path?: string | undefined, violation?: string | undefined);
+}
+/**
+ * PathValidator provides security validation for file paths
+ * to prevent path traversal attacks and ensure paths stay within allowed boundaries
+ */
+export declare class PathValidator {
+    /**
+     * Validate a file path for security
+     * @param filePath - The path to validate
+     * @param allowedDirs - Optional array of allowed base directories
+     * @returns The normalized absolute path
+     * @throws SecurityError if path is invalid or contains traversal sequences
+     */
+    static validate(filePath: string, allowedDirs?: string[]): string;
+    /**
+     * Normalize and resolve a path to absolute form
+     * @param filePath - The path to normalize
+     * @returns Absolute path with all relative references resolved
+     */
+    static normalize(filePath: string): string;
+    /**
+     * Check if path contains traversal sequences
+     * @param filePath - The path to check
+     * @returns true if path contains '..' sequences
+     */
+    static hasTraversal(filePath: string): boolean;
+}
+//# sourceMappingURL=PathValidator.d.ts.map

package/dist/utils/PathValidator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"PathValidator.d.ts","sourceRoot":"","sources":["../../src/utils/PathValidator.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,qBAAa,aAAc,SAAQ,KAAK;aAGpB,IAAI,CAAC,EAAE,MAAM;aACb,SAAS,CAAC,EAAE,MAAM;gBAFlC,OAAO,EAAE,MAAM,EACC,IAAI,CAAC,EAAE,MAAM,YAAA,EACb,SAAS,CAAC,EAAE,MAAM,YAAA;CAKrC;AAED;;;GAGG;AACH,qBAAa,aAAa;IACxB;;;;;;OAMG;IACH,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM;IA2CjE;;;;OAIG;IACH,MAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAI1C;;;;OAIG;IACH,MAAM,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;CAK/C"}

package/dist/utils/PathValidator.js

@@ -0,0 +1,70 @@
+import { resolve, dirname, relative, isAbsolute } from 'path';
+/**
+ * Security error for path validation failures
+ */
+export class SecurityError extends Error {
+    path;
+    violation;
+    constructor(message, path, violation) {
+        super(message);
+        this.path = path;
+        this.violation = violation;
+        this.name = 'SecurityError';
+    }
+}
+/**
+ * PathValidator provides security validation for file paths
+ * to prevent path traversal attacks and ensure paths stay within allowed boundaries
+ */
+export class PathValidator {
+    /**
+     * Validate a file path for security
+     * @param filePath - The path to validate
+     * @param allowedDirs - Optional array of allowed base directories
+     * @returns The normalized absolute path
+     * @throws SecurityError if path is invalid or contains traversal sequences
+     */
+    static validate(filePath, allowedDirs) {
+        if (!filePath || filePath.trim() === '') {
+            throw new SecurityError('File path cannot be empty', filePath, 'empty_path');
+        }
+        // Normalize the path to resolve any relative references
+        const normalized = this.normalize(filePath);
+        // Check for path traversal after normalization
+        if (this.hasTraversal(filePath)) {
+            throw new SecurityError('Path traversal is not allowed for security reasons', filePath, 'path_traversal');
+        }
+        // If allowed directories are specified, verify the path is within them
+        if (allowedDirs && allowedDirs.length > 0) {
+            const isWithinAllowed = allowedDirs.some(allowedDir => {
+                const resolvedAllowed = resolve(allowedDir);
+                const relativePath = relative(resolvedAllowed, normalized);
+                // Path is within allowed dir if relative path doesn't start with '..'
+                return relativePath && !relativePath.startsWith('..') && !isAbsolute(relativePath);
+            });
+            if (!isWithinAllowed) {
+                throw new SecurityError(`Path is outside allowed directories`, filePath, 'outside_allowed_dirs');
+            }
+        }
+        return normalized;
+    }
+    /**
+     * Normalize and resolve a path to absolute form
+     * @param filePath - The path to normalize
+     * @returns Absolute path with all relative references resolved
+     */
+    static normalize(filePath) {
+        return resolve(filePath);
+    }
+    /**
+     * Check if path contains traversal sequences
+     * @param filePath - The path to check
+     * @returns true if path contains '..' sequences
+     */
+    static hasTraversal(filePath) {
+        // Check for '..' in the path
+        const normalized = dirname(filePath);
+        return normalized.includes('..');
+    }
+}
+//# sourceMappingURL=PathValidator.js.map

package/dist/utils/PathValidator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"PathValidator.js","sourceRoot":"","sources":["../../src/utils/PathValidator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAE9D;;GAEG;AACH,MAAM,OAAO,aAAc,SAAQ,KAAK;IAGpB;IACA;IAHlB,YACE,OAAe,EACC,IAAa,EACb,SAAkB;QAElC,KAAK,CAAC,OAAO,CAAC,CAAC;QAHC,SAAI,GAAJ,IAAI,CAAS;QACb,cAAS,GAAT,SAAS,CAAS;QAGlC,IAAI,CAAC,IAAI,GAAG,eAAe,CAAC;IAC9B,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,OAAO,aAAa;IACxB;;;;;;OAMG;IACH,MAAM,CAAC,QAAQ,CAAC,QAAgB,EAAE,WAAsB;QACtD,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACxC,MAAM,IAAI,aAAa,CACrB,2BAA2B,EAC3B,QAAQ,EACR,YAAY,CACb,CAAC;QACJ,CAAC;QAED,wDAAwD;QACxD,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAE5C,+CAA+C;QAC/C,IAAI,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChC,MAAM,IAAI,aAAa,CACrB,oDAAoD,EACpD,QAAQ,EACR,gBAAgB,CACjB,CAAC;QACJ,CAAC;QAED,uEAAuE;QACvE,IAAI,WAAW,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1C,MAAM,eAAe,GAAG,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE;gBACpD,MAAM,eAAe,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;gBAC5C,MAAM,YAAY,GAAG,QAAQ,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;gBAE3D,sEAAsE;gBACtE,OAAO,YAAY,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;YACrF,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,MAAM,IAAI,aAAa,CACrB,qCAAqC,EACrC,QAAQ,EACR,sBAAsB,CACvB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,UAAU,CAAC;IACpB,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,SAAS,CAAC,QAAgB;QAC/B,OAAO,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,YAAY,CAAC,QAAgB;QAClC,6BAA6B;QAC7B,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;QACrC,OAAO,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACnC,CAAC;CACF"}

package/dist/utils/RateLimiter.d.ts

@@ -1,11 +1,13 @@
 /**
  * Rate limiter using sliding window algorithm
  * Prevents excessive API calls within a time window
+ *
+ * @deprecated Use SlidingWindowRateLimiter directly for better performance
  */
 export declare class RateLimiter {
     private maxRequests;
     private windowMs;
-    private requests;
+    private limiter;
     /**
      * @param maxRequests - Maximum number of requests allowed
      * @param windowMs - Time window in milliseconds

package/dist/utils/RateLimiter.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"RateLimiter.d.ts","sourceRoot":"","sources":["../../src/utils/RateLimiter.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,qBAAa,WAAW;IAQpB,OAAO,CAAC,WAAW;IACnB,OAAO,CAAC,QAAQ;IARlB,OAAO,CAAC,QAAQ,CAAgB;IAEhC;;;OAGG;gBAEO,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,MAAM;IAG1B;;;OAGG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAuB9B;;OAEG;IACH,UAAU,IAAI,OAAO;IAMrB;;OAEG;IACH,QAAQ,IAAI;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE;IAW9D;;OAEG;IACH,KAAK,IAAI,IAAI;CAGd"}
+{"version":3,"file":"RateLimiter.d.ts","sourceRoot":"","sources":["../../src/utils/RateLimiter.ts"],"names":[],"mappings":"AAEA;;;;;GAKG;AACH,qBAAa,WAAW;IAQpB,OAAO,CAAC,WAAW;IACnB,OAAO,CAAC,QAAQ;IARlB,OAAO,CAAC,OAAO,CAA2B;IAE1C;;;OAGG;gBAEO,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,MAAM;IAK1B;;;OAGG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAI9B;;OAEG;IACH,UAAU,IAAI,OAAO;IAIrB;;OAEG;IACH,QAAQ,IAAI;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE;IAI9D;;OAEG;IACH,KAAK,IAAI,IAAI;CAGd"}

package/dist/utils/RateLimiter.js

@@ -1,12 +1,14 @@
-import { Logger } from './Logger.js';
+import { SlidingWindowRateLimiter } from './SlidingWindowRateLimiter.js';
 /**
  * Rate limiter using sliding window algorithm
  * Prevents excessive API calls within a time window
+ *
+ * @deprecated Use SlidingWindowRateLimiter directly for better performance
  */
 export class RateLimiter {
     maxRequests;
     windowMs;
-    requests = [];
+    limiter;
     /**
      * @param maxRequests - Maximum number of requests allowed
      * @param windowMs - Time window in milliseconds
@@ -14,49 +16,32 @@ export class RateLimiter {
     constructor(maxRequests, windowMs) {
         this.maxRequests = maxRequests;
         this.windowMs = windowMs;
+        this.limiter = new SlidingWindowRateLimiter(maxRequests, windowMs);
     }
     /**
      * Acquire permission to make a request
      * Will wait if rate limit is exceeded
      */
     async acquire() {
-        const now = Date.now();
-        // Remove requests outside the current window
-        this.requests = this.requests.filter(t => now - t < this.windowMs);
-        if (this.requests.length >= this.maxRequests) {
-            const oldestRequest = this.requests[0];
-            const waitTime = this.windowMs - (now - oldestRequest);
-            Logger.debug('RateLimiter', `Rate limit reached, waiting ${waitTime}ms`, { maxRequests: this.maxRequests, windowMs: this.windowMs });
-            await new Promise(resolve => setTimeout(resolve, waitTime));
-            return this.acquire(); // Retry after waiting
-        }
-        this.requests.push(now);
+        return this.limiter.acquire();
     }
     /**
      * Check if a request can be made without waiting
      */
     canAcquire() {
-        const now = Date.now();
-        this.requests = this.requests.filter(t => now - t < this.windowMs);
-        return this.requests.length < this.maxRequests;
+        return this.limiter.canAcquire();
     }
     /**
      * Get current usage statistics
      */
     getStats() {
-        const now = Date.now();
-        this.requests = this.requests.filter(t => now - t < this.windowMs);
-        return {
-            current: this.requests.length,
-            max: this.maxRequests,
-            windowMs: this.windowMs,
-        };
+        return this.limiter.getStats();
     }
     /**
      * Reset the rate limiter
      */
     reset() {
-        this.requests = [];
+        this.limiter.reset();
     }
 }
 //# sourceMappingURL=RateLimiter.js.map

package/dist/utils/RateLimiter.js.map

@@ -1 +1 @@
-{"version":3,"file":"RateLimiter.js","sourceRoot":"","sources":["../../src/utils/RateLimiter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC;;;GAGG;AACH,MAAM,OAAO,WAAW;IAQZ;IACA;IARF,QAAQ,GAAa,EAAE,CAAC;IAEhC;;;OAGG;IACH,YACU,WAAmB,EACnB,QAAgB;QADhB,gBAAW,GAAX,WAAW,CAAQ;QACnB,aAAQ,GAAR,QAAQ,CAAQ;IACvB,CAAC;IAEJ;;;OAGG;IACH,KAAK,CAAC,OAAO;QACX,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,6CAA6C;QAC7C,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC;QAEnE,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YAC7C,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YACvC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,GAAG,CAAC,GAAG,GAAG,aAAa,CAAC,CAAC;YAEvD,MAAM,CAAC,KAAK,CACV,aAAa,EACb,+BAA+B,QAAQ,IAAI,EAC3C,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAC3D,CAAC;YAEF,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;YAC5D,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,sBAAsB;QAC/C,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC1B,CAAC;IAED;;OAEG;IACH,UAAU;QACR,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnE,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC;QAEnE,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM;YAC7B,GAAG,EAAE,IAAI,CAAC,WAAW;YACrB,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;IACrB,CAAC;CACF"}
+{"version":3,"file":"RateLimiter.js","sourceRoot":"","sources":["../../src/utils/RateLimiter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,wBAAwB,EAAE,MAAM,+BAA+B,CAAC;AAEzE;;;;;GAKG;AACH,MAAM,OAAO,WAAW;IAQZ;IACA;IARF,OAAO,CAA2B;IAE1C;;;OAGG;IACH,YACU,WAAmB,EACnB,QAAgB;QADhB,gBAAW,GAAX,WAAW,CAAQ;QACnB,aAAQ,GAAR,QAAQ,CAAQ;QAExB,IAAI,CAAC,OAAO,GAAG,IAAI,wBAAwB,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IACrE,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,OAAO;QACX,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IAChC,CAAC;IAED;;OAEG;IACH,UAAU;QACR,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;IACnC,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;IACjC,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;IACvB,CAAC;CACF"}

package/dist/utils/ResourceManager.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Interface for resources that need cleanup
+ */
+export interface Disposable {
+    dispose(): Promise<void> | void;
+}
+//# sourceMappingURL=ResourceManager.d.ts.map

package/dist/utils/ResourceManager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ResourceManager.d.ts","sourceRoot":"","sources":["../../src/utils/ResourceManager.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;CACjC"}

package/dist/utils/ResourceManager.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=ResourceManager.js.map

package/dist/utils/ResourceManager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ResourceManager.js","sourceRoot":"","sources":["../../src/utils/ResourceManager.ts"],"names":[],"mappings":""}

package/dist/utils/RetryPolicy.d.ts

@@ -0,0 +1,29 @@
+export interface RetryOptions {
+    maxRetries: number;
+    initialDelayMs: number;
+    maxDelayMs: number;
+    backoffMultiplier: number;
+}
+/**
+ * RetryPolicy provides configurable retry logic with exponential backoff.
+ * Useful for handling transient failures in network operations.
+ */
+export declare class RetryPolicy {
+    private readonly options;
+    constructor(options?: Partial<RetryOptions>);
+    /**
+     * Execute function with retry logic
+     * @param fn - Function to execute
+     * @returns Result of the function
+     * @throws Last error if all retries fail
+     */
+    execute<T>(fn: () => Promise<T>): Promise<T>;
+    /**
+     * Calculate delay for retry attempt with exponential backoff and jitter
+     * @param attempt - Current attempt number (1-indexed)
+     * @returns Delay in milliseconds
+     */
+    getDelay(attempt: number): number;
+    private sleep;
+}
+//# sourceMappingURL=RetryPolicy.d.ts.map

package/dist/utils/RetryPolicy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"RetryPolicy.d.ts","sourceRoot":"","sources":["../../src/utils/RetryPolicy.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,YAAY;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED;;;GAGG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAe;gBAE3B,OAAO,GAAE,OAAO,CAAC,YAAY,CAAM;IAS/C;;;;;OAKG;IACG,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAoClD;;;;OAIG;IACH,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM;IAgBjC,OAAO,CAAC,KAAK;CAGd"}

package/dist/utils/RetryPolicy.js

@@ -0,0 +1,73 @@
+import { Logger } from "./Logger.js";
+/**
+ * RetryPolicy provides configurable retry logic with exponential backoff.
+ * Useful for handling transient failures in network operations.
+ */
+export class RetryPolicy {
+    options;
+    constructor(options = {}) {
+        this.options = {
+            maxRetries: options.maxRetries ?? 3,
+            initialDelayMs: options.initialDelayMs ?? 1000,
+            maxDelayMs: options.maxDelayMs ?? 10000,
+            backoffMultiplier: options.backoffMultiplier ?? 2,
+        };
+    }
+    /**
+     * Execute function with retry logic
+     * @param fn - Function to execute
+     * @returns Result of the function
+     * @throws Last error if all retries fail
+     */
+    async execute(fn) {
+        let lastError;
+        let attempt = 0;
+        while (attempt <= this.options.maxRetries) {
+            try {
+                if (attempt > 0) {
+                    Logger.debug("RetryPolicy", `Retry attempt ${attempt}/${this.options.maxRetries}`);
+                }
+                return await fn();
+            }
+            catch (error) {
+                lastError = error instanceof Error ? error : new Error(String(error));
+                attempt++;
+                if (attempt > this.options.maxRetries) {
+                    Logger.error("RetryPolicy", `All ${this.options.maxRetries} retries failed`, {
+                        error: lastError.message,
+                    });
+                    throw lastError;
+                }
+                const delay = this.getDelay(attempt);
+                Logger.debug("RetryPolicy", `Waiting ${delay}ms before retry`, {
+                    attempt,
+                    maxRetries: this.options.maxRetries,
+                    error: lastError.message,
+                });
+                await this.sleep(delay);
+            }
+        }
+        // This should never be reached, but TypeScript needs it
+        throw lastError ?? new Error("Retry failed with unknown error");
+    }
+    /**
+     * Calculate delay for retry attempt with exponential backoff and jitter
+     * @param attempt - Current attempt number (1-indexed)
+     * @returns Delay in milliseconds
+     */
+    getDelay(attempt) {
+        // Exponential backoff: initialDelay * (multiplier ^ (attempt - 1))
+        const exponentialDelay = this.options.initialDelayMs * Math.pow(this.options.backoffMultiplier, attempt - 1);
+        // Cap at maxDelay
+        const cappedDelay = Math.min(exponentialDelay, this.options.maxDelayMs);
+        // Add jitter (±20%) to prevent thundering herd
+        const jitter = cappedDelay * 0.2 * (Math.random() * 2 - 1);
+        const delayWithJitter = Math.max(0, cappedDelay + jitter);
+        // Ensure minimum delay of 1 second
+        return Math.max(1000, delayWithJitter);
+    }
+    sleep(ms) {
+        return new Promise((resolve) => setTimeout(resolve, ms));
+    }
+}
+//# sourceMappingURL=RetryPolicy.js.map

package/dist/utils/RetryPolicy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"RetryPolicy.js","sourceRoot":"","sources":["../../src/utils/RetryPolicy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AASrC;;;GAGG;AACH,MAAM,OAAO,WAAW;IACL,OAAO,CAAe;IAEvC,YAAY,UAAiC,EAAE;QAC7C,IAAI,CAAC,OAAO,GAAG;YACb,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,CAAC;YACnC,cAAc,EAAE,OAAO,CAAC,cAAc,IAAI,IAAI;YAC9C,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,KAAK;YACvC,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,CAAC;SAClD,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,OAAO,CAAI,EAAoB;QACnC,IAAI,SAA4B,CAAC;QACjC,IAAI,OAAO,GAAG,CAAC,CAAC;QAEhB,OAAO,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;YAC1C,IAAI,CAAC;gBACH,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;oBAChB,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,iBAAiB,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;gBACrF,CAAC;gBACD,OAAO,MAAM,EAAE,EAAE,CAAC;YACpB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,SAAS,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;gBACtE,OAAO,EAAE,CAAC;gBAEV,IAAI,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;oBACtC,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,iBAAiB,EAAE;wBAC3E,KAAK,EAAE,SAAS,CAAC,OAAO;qBACzB,CAAC,CAAC;oBACH,MAAM,SAAS,CAAC;gBAClB,CAAC;gBAED,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;gBACrC,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,WAAW,KAAK,iBAAiB,EAAE;oBAC7D,OAAO;oBACP,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU;oBACnC,KAAK,EAAE,SAAS,CAAC,OAAO;iBACzB,CAAC,CAAC;gBAEH,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC;QAED,wDAAwD;QACxD,MAAM,SAAS,IAAI,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IAClE,CAAC;IAED;;;;OAIG;IACH,QAAQ,CAAC,OAAe;QACtB,mEAAmE;QACnE,MAAM,gBAAgB,GACpB,IAAI,CAAC,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,OAAO,GAAG,CAAC,CAAC,CAAC;QAEtF,kBAAkB;QAClB,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,gBAAgB,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAExE,+CAA+C;QAC/C,MAAM,MAAM,GAAG,WAAW,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3D,MAAM,eAAe,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,GAAG,MAAM,CAAC,CAAC;QAE1D,mCAAmC;QACnC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IACzC,CAAC;IAEO,KAAK,CAAC,EAAU;QACtB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;IAC3D,CAAC;CACF"}

package/dist/utils/SensitiveDataRedactor.d.ts

@@ -0,0 +1,40 @@
+/**
+ * SensitiveDataRedactor provides utilities to redact sensitive information
+ * from logs, error messages, and other outputs to prevent credential leaks
+ */
+export declare class SensitiveDataRedactor {
+    /**
+     * Default list of sensitive key patterns
+     */
+    private static readonly DEFAULT_SENSITIVE_KEYS;
+    /**
+     * Regex patterns to detect sensitive data in strings
+     */
+    private static readonly SENSITIVE_PATTERNS;
+    /**
+     * Redact sensitive fields from an object
+     * @param obj - The object to redact
+     * @param sensitiveKeys - Optional custom list of sensitive keys
+     * @returns A new object with sensitive values redacted
+     */
+    static redact(obj: unknown, sensitiveKeys?: string[]): unknown;
+    /**
+     * Redact API keys and tokens from strings
+     * @param text - The text to redact
+     * @returns Text with sensitive patterns replaced
+     */
+    static redactString(text: string): string;
+    /**
+     * Clear sensitive data from memory
+     * Overwrites sensitive values with empty strings and deletes properties
+     * @param obj - The object to clear
+     */
+    static clearMemory(obj: Record<string, unknown>): void;
+    /**
+     * Check if a key name appears to be sensitive
+     * @param key - The key name to check
+     * @returns true if the key appears sensitive
+     */
+    static isSensitiveKey(key: string): boolean;
+}
+//# sourceMappingURL=SensitiveDataRedactor.d.ts.map

package/dist/utils/SensitiveDataRedactor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SensitiveDataRedactor.d.ts","sourceRoot":"","sources":["../../src/utils/SensitiveDataRedactor.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,qBAAa,qBAAqB;IAChC;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAkB5C;IAEF;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAIxC;IAEF;;;;;OAKG;IACH,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,EAAE,aAAa,CAAC,EAAE,MAAM,EAAE,GAAG,OAAO;IAqC9D;;;;OAIG;IACH,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;IAezC;;;;OAIG;IACH,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI;IA0BtD;;;;OAIG;IACH,MAAM,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;CAK5C"}

package/dist/utils/SensitiveDataRedactor.js

@@ -0,0 +1,122 @@
+/**
+ * SensitiveDataRedactor provides utilities to redact sensitive information
+ * from logs, error messages, and other outputs to prevent credential leaks
+ */
+export class SensitiveDataRedactor {
+    /**
+     * Default list of sensitive key patterns
+     */
+    static DEFAULT_SENSITIVE_KEYS = [
+        'apiKey',
+        'api_key',
+        'API_KEY',
+        'token',
+        'accessToken',
+        'access_token',
+        'apiToken',
+        'api_token',
+        'password',
+        'PASSWORD',
+        'secret',
+        'SECRET',
+        'credential',
+        'CREDENTIAL',
+        'auth',
+        'authorization',
+        'bearer',
+    ];
+    /**
+     * Regex patterns to detect sensitive data in strings
+     */
+    static SENSITIVE_PATTERNS = [
+        /sk-[a-zA-Z0-9]{20,}/g, // API keys like sk-ant-xxx
+        /Bearer\s+[a-zA-Z0-9_\-.]+/gi, // Bearer tokens
+        /[a-zA-Z0-9]{32,}/g, // Long alphanumeric strings (potential tokens)
+    ];
+    /**
+     * Redact sensitive fields from an object
+     * @param obj - The object to redact
+     * @param sensitiveKeys - Optional custom list of sensitive keys
+     * @returns A new object with sensitive values redacted
+     */
+    static redact(obj, sensitiveKeys) {
+        const keys = sensitiveKeys ?? this.DEFAULT_SENSITIVE_KEYS;
+        if (obj === null || obj === undefined) {
+            return obj;
+        }
+        if (typeof obj !== 'object') {
+            return obj;
+        }
+        if (Array.isArray(obj)) {
+            return obj.map(item => this.redact(item, sensitiveKeys));
+        }
+        const redacted = {};
+        const record = obj;
+        for (const [key, value] of Object.entries(record)) {
+            // Check if key matches sensitive patterns
+            const isSensitive = keys.some(sensitiveKey => key.toLowerCase().includes(sensitiveKey.toLowerCase()));
+            if (isSensitive) {
+                redacted[key] = '[REDACTED]';
+            }
+            else if (typeof value === 'object' && value !== null) {
+                // Recursively redact nested objects
+                redacted[key] = this.redact(value, sensitiveKeys);
+            }
+            else {
+                redacted[key] = value;
+            }
+        }
+        return redacted;
+    }
+    /**
+     * Redact API keys and tokens from strings
+     * @param text - The text to redact
+     * @returns Text with sensitive patterns replaced
+     */
+    static redactString(text) {
+        if (!text) {
+            return text;
+        }
+        let redacted = text;
+        // Apply each pattern
+        for (const pattern of this.SENSITIVE_PATTERNS) {
+            redacted = redacted.replace(pattern, '[REDACTED]');
+        }
+        return redacted;
+    }
+    /**
+     * Clear sensitive data from memory
+     * Overwrites sensitive values with empty strings and deletes properties
+     * @param obj - The object to clear
+     */
+    static clearMemory(obj) {
+        if (!obj || typeof obj !== 'object') {
+            return;
+        }
+        const keys = this.DEFAULT_SENSITIVE_KEYS;
+        for (const key of Object.keys(obj)) {
+            const isSensitive = keys.some(sensitiveKey => key.toLowerCase().includes(sensitiveKey.toLowerCase()));
+            if (isSensitive) {
+                // Overwrite with empty string first
+                if (typeof obj[key] === 'string') {
+                    obj[key] = '';
+                }
+                // Then delete the property
+                delete obj[key];
+            }
+            else if (typeof obj[key] === 'object' && obj[key] !== null) {
+                // Recursively clear nested objects
+                this.clearMemory(obj[key]);
+            }
+        }
+    }
+    /**
+     * Check if a key name appears to be sensitive
+     * @param key - The key name to check
+     * @returns true if the key appears sensitive
+     */
+    static isSensitiveKey(key) {
+        return this.DEFAULT_SENSITIVE_KEYS.some(sensitiveKey => key.toLowerCase().includes(sensitiveKey.toLowerCase()));
+    }
+}
+//# sourceMappingURL=SensitiveDataRedactor.js.map

package/dist/utils/SensitiveDataRedactor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"SensitiveDataRedactor.js","sourceRoot":"","sources":["../../src/utils/SensitiveDataRedactor.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,MAAM,OAAO,qBAAqB;IAChC;;OAEG;IACK,MAAM,CAAU,sBAAsB,GAAG;QAC/C,QAAQ;QACR,SAAS;QACT,SAAS;QACT,OAAO;QACP,aAAa;QACb,cAAc;QACd,UAAU;QACV,WAAW;QACX,UAAU;QACV,UAAU;QACV,QAAQ;QACR,QAAQ;QACR,YAAY;QACZ,YAAY;QACZ,MAAM;QACN,eAAe;QACf,QAAQ;KACT,CAAC;IAEF;;OAEG;IACK,MAAM,CAAU,kBAAkB,GAAG;QAC3C,sBAAsB,EAAY,2BAA2B;QAC7D,6BAA6B,EAAI,gBAAgB;QACjD,mBAAmB,EAAe,+CAA+C;KAClF,CAAC;IAEF;;;;;OAKG;IACH,MAAM,CAAC,MAAM,CAAC,GAAY,EAAE,aAAwB;QAClD,MAAM,IAAI,GAAG,aAAa,IAAI,IAAI,CAAC,sBAAsB,CAAC;QAE1D,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtC,OAAO,GAAG,CAAC;QACb,CAAC;QAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,OAAO,GAAG,CAAC;QACb,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YACvB,OAAO,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC;QAC3D,CAAC;QAED,MAAM,QAAQ,GAA4B,EAAE,CAAC;QAC7C,MAAM,MAAM,GAAG,GAA8B,CAAC;QAE9C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAClD,0CAA0C;YAC1C,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAC3C,GAAG,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC,WAAW,EAAE,CAAC,CACvD,CAAC;YAEF,IAAI,WAAW,EAAE,CAAC;gBAChB,QAAQ,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;YAC/B,CAAC;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBACvD,oCAAoC;gBACpC,QAAQ,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;YACpD,CAAC;iBAAM,CAAC;gBACN,QAAQ,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YACxB,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,YAAY,CAAC,IAAY;QAC9B,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,QAAQ,GAAG,IAAI,CAAC;QAEpB,qBAAqB;QACrB,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC9C,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACrD,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,WAAW,CAAC,GAA4B;QAC7C,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACpC,OAAO;QACT,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,sBAAsB,CAAC;QAEzC,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACnC,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAC3C,GAAG,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC,WAAW,EAAE,CAAC,CACvD,CAAC;YAEF,IAAI,WAAW,EAAE,CAAC;gBAChB,oCAAoC;gBACpC,IAAI,OAAO,GAAG,CAAC,GAAG,CAAC,KAAK,QAAQ,EAAE,CAAC;oBACjC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;gBAChB,CAAC;gBACD,2BAA2B;gBAC3B,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;YAClB,CAAC;iBAAM,IAAI,OAAO,GAAG,CAAC,GAAG,CAAC,KAAK,QAAQ,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC7D,mCAAmC;gBACnC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAA4B,CAAC,CAAC;YACxD,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,cAAc,CAAC,GAAW;QAC/B,OAAO,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CACrD,GAAG,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC,WAAW,EAAE,CAAC,CACvD,CAAC;IACJ,CAAC"}

package/dist/utils/SlidingWindowRateLimiter.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Optimized rate limiter using sliding window algorithm
+ * More efficient than filtering entire array on every request
+ */
+export declare class SlidingWindowRateLimiter {
+    private maxRequests;
+    private windowMs;
+    private requests;
+    /**
+     * @param maxRequests - Maximum number of requests allowed
+     * @param windowMs - Time window in milliseconds
+     */
+    constructor(maxRequests: number, windowMs: number);
+    /**
+     * Acquire permission to make a request
+     * Will wait if rate limit is exceeded
+     */
+    acquire(): Promise<void>;
+    /**
+     * Check if a request can be made without waiting
+     */
+    canAcquire(): boolean;
+    /**
+     * Get current usage statistics
+     */
+    getStats(): {
+        current: number;
+        max: number;
+        windowMs: number;
+    };
+    /**
+     * Reset the rate limiter
+     */
+    reset(): void;
+}
+//# sourceMappingURL=SlidingWindowRateLimiter.d.ts.map

package/dist/utils/SlidingWindowRateLimiter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SlidingWindowRateLimiter.d.ts","sourceRoot":"","sources":["../../src/utils/SlidingWindowRateLimiter.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,qBAAa,wBAAwB;IAQjC,OAAO,CAAC,WAAW;IACnB,OAAO,CAAC,QAAQ;IARlB,OAAO,CAAC,QAAQ,CAAgB;IAEhC;;;OAGG;gBAEO,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,MAAM;IAG1B;;;OAGG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IA2B9B;;OAEG;IACH,UAAU,IAAI,OAAO;IAYrB;;OAEG;IACH,QAAQ,IAAI;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE;IAgB9D;;OAEG;IACH,KAAK,IAAI,IAAI;CAGd"}