hi-secure 1.0.0

package/dist/adapters/RLFlexibleAdapter.js

@@ -0,0 +1,115 @@
+"use strict";
+// import { RateLimiterMemory, RateLimiterRes } from "rate-limiter-flexible";
+// import { logger } from "../logging";
+// import { AdapterError } from "../core/errors/AdapterError";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RLFlexibleAdapter = void 0;
+// export class RLFlexibleAdapter {
+//     /**
+//      * Create middleware dynamically using options.
+//      */
+//     getMiddleware(options: {
+//         points?: number;
+//         duration?: number; // seconds
+//         message?: any;
+//     } = {}) {
+//         try {
+//             const limiter = new RateLimiterMemory({
+//                 points: options.points ?? 100,
+//                 duration: options.duration ?? 60,
+//             });
+//             return async (req: any, res: any, next: any) => {
+//                 const ip = req.ip ||
+//                            req.headers["x-forwarded-for"] ||
+//                            req.connection?.remoteAddress ||
+//                            "unknown";
+//                 try {
+//                     await limiter.consume(ip);
+//                     next();
+//                 } catch (err: any) {
+//                     const rlErr = err as RateLimiterRes;
+//                     logger.warn("⚠ RLFlexibleAdapter: rate limit exceeded", {
+//                         ip,
+//                         path: req.path,
+//                         method: req.method,
+//                         retryAfter: rlErr.msBeforeNext
+//                     });
+//                     return res.status(429).json({
+//                         success: false,
+//                         error: "RATE_LIMIT_EXCEEDED",
+//                         retryAfter: Math.ceil(rlErr.msBeforeNext / 1000),
+//                         message: options.message ?? "Too many requests, slow down."
+//                     });
+//                 }
+//             };
+//         } catch (err: any) {
+//             logger.error("❌ RLFlexibleAdapter: failed to initialize limiter", {
+//                 error: err?.message || err
+//             });
+//             throw new AdapterError("RateLimiterFlexible creation failed.");
+//         }
+//     }
+// }
+// src/adapters/RLFlexibleAdapter.ts - IMPROVED
+const rate_limiter_flexible_1 = require("rate-limiter-flexible");
+const index_js_1 = require("../logging/index.js");
+const AdapterError_js_1 = require("../core/errors/AdapterError.js");
+class RLFlexibleAdapter {
+    getMiddleware(options = {}) {
+        try {
+            const defaultOptions = {
+                points: 100,
+                duration: 60,
+                message: "Too many requests, slow down.",
+                blockDuration: 0
+            };
+            const finalOptions = { ...defaultOptions, ...options };
+            const limiter = new rate_limiter_flexible_1.RateLimiterMemory({
+                points: finalOptions.points,
+                duration: finalOptions.duration,
+                blockDuration: finalOptions.blockDuration
+            });
+            return async (req, res, next) => {
+                // Better IP extraction
+                const ip = this.extractIP(req);
+                try {
+                    await limiter.consume(ip);
+                    next();
+                }
+                catch (err) {
+                    const rlErr = err;
+                    index_js_1.logger.warn("⚠ RLFlexibleAdapter: rate limit exceeded", {
+                        ip,
+                        path: req.path,
+                        method: req.method,
+                        retryAfter: rlErr.msBeforeNext
+                    });
+                    res.setHeader('Retry-After', Math.ceil(rlErr.msBeforeNext / 1000));
+                    return res.status(429).json({
+                        success: false,
+                        error: "RATE_LIMIT_EXCEEDED",
+                        retryAfter: Math.ceil(rlErr.msBeforeNext / 1000),
+                        message: finalOptions.message
+                    });
+                }
+            };
+        }
+        catch (err) {
+            index_js_1.logger.error("❌ RLFlexibleAdapter: failed to initialize limiter", {
+                error: err?.message || err
+            });
+            throw new AdapterError_js_1.AdapterError("RateLimiterFlexible creation failed.");
+        }
+    }
+    extractIP(req) {
+        // Order of priority for IP extraction
+        return (req.headers['x-real-ip'] ||
+            req.headers['x-forwarded-for']?.split(',')[0]?.trim() ||
+            req.ip ||
+            req.connection?.remoteAddress ||
+            req.socket?.remoteAddress ||
+            'unknown');
+    }
+}
+exports.RLFlexibleAdapter = RLFlexibleAdapter;
+//# sourceMappingURL=RLFlexibleAdapter.js.map

package/dist/adapters/RLFlexibleAdapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"RLFlexibleAdapter.js","sourceRoot":"","sources":["../../src/adapters/RLFlexibleAdapter.ts"],"names":[],"mappings":";AACA,6EAA6E;AAC7E,uCAAuC;AACvC,8DAA8D;;;AAE9D,mCAAmC;AAEnC,UAAU;AACV,sDAAsD;AACtD,UAAU;AACV,+BAA+B;AAC/B,2BAA2B;AAC3B,wCAAwC;AACxC,yBAAyB;AACzB,gBAAgB;AAEhB,gBAAgB;AAChB,sDAAsD;AACtD,iDAAiD;AACjD,oDAAoD;AACpD,kBAAkB;AAElB,gEAAgE;AAChE,uCAAuC;AACvC,+DAA+D;AAC/D,8DAA8D;AAC9D,wCAAwC;AAExC,wBAAwB;AACxB,iDAAiD;AACjD,8BAA8B;AAC9B,uCAAuC;AACvC,2DAA2D;AAE3D,gFAAgF;AAChF,8BAA8B;AAC9B,0CAA0C;AAC1C,8CAA8C;AAC9C,yDAAyD;AACzD,0BAA0B;AAE1B,oDAAoD;AACpD,0CAA0C;AAC1C,wDAAwD;AACxD,4EAA4E;AAC5E,sFAAsF;AACtF,0BAA0B;AAC1B,oBAAoB;AACpB,iBAAiB;AAEjB,+BAA+B;AAC/B,kFAAkF;AAClF,6CAA6C;AAC7C,kBAAkB;AAClB,8EAA8E;AAC9E,YAAY;AACZ,QAAQ;AACR,IAAI;AAIJ,+CAA+C;AAC/C,iEAA0E;AAC1E,kDAA6C;AAC7C,oEAA8D;AAS9D,MAAa,iBAAiB;IAC1B,aAAa,CAAC,UAAqB,EAAE;QACjC,IAAI,CAAC;YACD,MAAM,cAAc,GAAG;gBACnB,MAAM,EAAE,GAAG;gBACX,QAAQ,EAAE,EAAE;gBACZ,OAAO,EAAE,+BAA+B;gBACxC,aAAa,EAAE,CAAC;aACnB,CAAC;YAEF,MAAM,YAAY,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,OAAO,EAAE,CAAC;YAEvD,MAAM,OAAO,GAAG,IAAI,yCAAiB,CAAC;gBAClC,MAAM,EAAE,YAAY,CAAC,MAAM;gBAC3B,QAAQ,EAAE,YAAY,CAAC,QAAQ;gBAC/B,aAAa,EAAE,YAAY,CAAC,aAAa;aAC5C,CAAC,CAAC;YAEH,OAAO,KAAK,EAAE,GAAQ,EAAE,GAAQ,EAAE,IAAS,EAAE,EAAE;gBAC3C,uBAAuB;gBACvB,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;gBAE/B,IAAI,CAAC;oBACD,MAAM,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;oBAC1B,IAAI,EAAE,CAAC;gBACX,CAAC;gBAAC,OAAO,GAAQ,EAAE,CAAC;oBAChB,MAAM,KAAK,GAAG,GAAqB,CAAC;oBAEpC,iBAAM,CAAC,IAAI,CAAC,0CAA0C,EAAE;wBACpD,EAAE;wBACF,IAAI,EAAE,GAAG,CAAC,IAAI;wBACd,MAAM,EAAE,GAAG,CAAC,MAAM;wBAClB,UAAU,EAAE,KAAK,CAAC,YAAY;qBACjC,CAAC,CAAC;oBAEH,GAAG,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,CAAC,CAAC;oBAEnE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACxB,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,qBAAqB;wBAC5B,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC;wBAChD,OAAO,EAAE,YAAY,CAAC,OAAO;qBAChC,CAAC,CAAC;gBACP,CAAC;YACL,CAAC,CAAC;QAEN,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,iBAAM,CAAC,KAAK,CAAC,mDAAmD,EAAE;gBAC9D,KAAK,EAAE,GAAG,EAAE,OAAO,IAAI,GAAG;aAC7B,CAAC,CAAC;YACH,MAAM,IAAI,8BAAY,CAAC,sCAAsC,CAAC,CAAC;QACnE,CAAC;IACL,CAAC;IAEO,SAAS,CAAC,GAAQ;QACtB,sCAAsC;QACtC,OAAO,CACH,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC;YACxB,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE;YACrD,GAAG,CAAC,EAAE;YACN,GAAG,CAAC,UAAU,EAAE,aAAa;YAC7B,GAAG,CAAC,MAAM,EAAE,aAAa;YACzB,SAAS,CACZ,CAAC;IACN,CAAC;CACJ;AAjED,8CAiEC","sourcesContent":["\r\n// import { RateLimiterMemory, RateLimiterRes } from \"rate-limiter-flexible\";\r\n// import { logger } from \"../logging\";\r\n// import { AdapterError } from \"../core/errors/AdapterError\";\r\n\r\n// export class RLFlexibleAdapter {\r\n\r\n//     /**\r\n//      * Create middleware dynamically using options.\r\n//      */\r\n//     getMiddleware(options: {\r\n//         points?: number;\r\n//         duration?: number; // seconds\r\n//         message?: any;\r\n//     } = {}) {\r\n\r\n//         try {\r\n//             const limiter = new RateLimiterMemory({\r\n//                 points: options.points ?? 100,\r\n//                 duration: options.duration ?? 60,\r\n//             });\r\n\r\n//             return async (req: any, res: any, next: any) => {\r\n//                 const ip = req.ip ||\r\n//                            req.headers[\"x-forwarded-for\"] ||\r\n//                            req.connection?.remoteAddress ||\r\n//                            \"unknown\";\r\n\r\n//                 try {\r\n//                     await limiter.consume(ip);\r\n//                     next();\r\n//                 } catch (err: any) {\r\n//                     const rlErr = err as RateLimiterRes;\r\n\r\n//                     logger.warn(\"⚠ RLFlexibleAdapter: rate limit exceeded\", {\r\n//                         ip,\r\n//                         path: req.path,\r\n//                         method: req.method,\r\n//                         retryAfter: rlErr.msBeforeNext\r\n//                     });\r\n\r\n//                     return res.status(429).json({\r\n//                         success: false,\r\n//                         error: \"RATE_LIMIT_EXCEEDED\",\r\n//                         retryAfter: Math.ceil(rlErr.msBeforeNext / 1000),\r\n//                         message: options.message ?? \"Too many requests, slow down.\"\r\n//                     });\r\n//                 }\r\n//             };\r\n\r\n//         } catch (err: any) {\r\n//             logger.error(\"❌ RLFlexibleAdapter: failed to initialize limiter\", {\r\n//                 error: err?.message || err\r\n//             });\r\n//             throw new AdapterError(\"RateLimiterFlexible creation failed.\");\r\n//         }\r\n//     }\r\n// }\r\n\r\n\r\n\r\n// src/adapters/RLFlexibleAdapter.ts - IMPROVED\r\nimport { RateLimiterMemory, RateLimiterRes } from \"rate-limiter-flexible\";\r\nimport { logger } from \"../logging/index.js\";\r\nimport { AdapterError } from \"../core/errors/AdapterError.js\";\r\n\r\nexport interface RLOptions {\r\n    points?: number;\r\n    duration?: number; // seconds\r\n    message?: any;\r\n    blockDuration?: number;\r\n}\r\n\r\nexport class RLFlexibleAdapter {\r\n    getMiddleware(options: RLOptions = {}) {\r\n        try {\r\n            const defaultOptions = {\r\n                points: 100,\r\n                duration: 60,\r\n                message: \"Too many requests, slow down.\",\r\n                blockDuration: 0\r\n            };\r\n\r\n            const finalOptions = { ...defaultOptions, ...options };\r\n\r\n            const limiter = new RateLimiterMemory({\r\n                points: finalOptions.points,\r\n                duration: finalOptions.duration,\r\n                blockDuration: finalOptions.blockDuration\r\n            });\r\n\r\n            return async (req: any, res: any, next: any) => {\r\n                // Better IP extraction\r\n                const ip = this.extractIP(req);\r\n\r\n                try {\r\n                    await limiter.consume(ip);\r\n                    next();\r\n                } catch (err: any) {\r\n                    const rlErr = err as RateLimiterRes;\r\n\r\n                    logger.warn(\"⚠ RLFlexibleAdapter: rate limit exceeded\", {\r\n                        ip,\r\n                        path: req.path,\r\n                        method: req.method,\r\n                        retryAfter: rlErr.msBeforeNext\r\n                    });\r\n\r\n                    res.setHeader('Retry-After', Math.ceil(rlErr.msBeforeNext / 1000));\r\n                    \r\n                    return res.status(429).json({\r\n                        success: false,\r\n                        error: \"RATE_LIMIT_EXCEEDED\",\r\n                        retryAfter: Math.ceil(rlErr.msBeforeNext / 1000),\r\n                        message: finalOptions.message\r\n                    });\r\n                }\r\n            };\r\n\r\n        } catch (err: any) {\r\n            logger.error(\"❌ RLFlexibleAdapter: failed to initialize limiter\", {\r\n                error: err?.message || err\r\n            });\r\n            throw new AdapterError(\"RateLimiterFlexible creation failed.\");\r\n        }\r\n    }\r\n\r\n    private extractIP(req: any): string {\r\n        // Order of priority for IP extraction\r\n        return (\r\n            req.headers['x-real-ip'] ||\r\n            req.headers['x-forwarded-for']?.split(',')[0]?.trim() ||\r\n            req.ip ||\r\n            req.connection?.remoteAddress ||\r\n            req.socket?.remoteAddress ||\r\n            'unknown'\r\n        );\r\n    }\r\n}"]}

package/dist/adapters/SanitizeHtmlAdapter.d.ts

@@ -0,0 +1,12 @@
+import sanitizeHtml from "sanitize-html";
+export declare class SanitizeHtmlAdapter {
+    private globalOptions;
+    constructor(options?: sanitizeHtml.IOptions);
+    sanitize(input: string, dynamicOptions?: any): string;
+    /**
+     * Deep sanitize with recursion protection
+     */
+    private deepSanitize;
+    middleware(dynamicOptions?: any): (req: any, _res: any, next: any) => void;
+}
+//# sourceMappingURL=SanitizeHtmlAdapter.d.ts.map

package/dist/adapters/SanitizeHtmlAdapter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SanitizeHtmlAdapter.d.ts","sourceRoot":"","sources":["../../src/adapters/SanitizeHtmlAdapter.ts"],"names":[],"mappings":"AAkFA,OAAO,YAAY,MAAM,eAAe,CAAC;AAIzC,qBAAa,mBAAmB;IAC5B,OAAO,CAAC,aAAa,CAAwB;gBAEjC,OAAO,GAAE,YAAY,CAAC,QAAa;IAI/C,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,GAAG,GAAG,MAAM;IAiBrD;;OAEG;IACH,OAAO,CAAC,YAAY;IA4BpB,UAAU,CAAC,cAAc,CAAC,EAAE,GAAG,IACnB,KAAK,GAAG,EAAE,MAAM,GAAG,EAAE,MAAM,GAAG;CAmB7C"}

package/dist/adapters/SanitizeHtmlAdapter.js

@@ -0,0 +1,141 @@
+"use strict";
+// import sanitizeHtml from "sanitize-html";
+// import { AdapterError } from "../core/errors/AdapterError";
+// import { logger } from "../logging";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SanitizeHtmlAdapter = void 0;
+// export class SanitizeHtmlAdapter {
+//     private globalOptions: sanitizeHtml.IOptions;
+//     constructor(options: sanitizeHtml.IOptions = {}) {
+//         this.globalOptions = options;
+//     }
+//     /**
+//      * Sanitize a string with merged global + dynamic options
+//      */
+//     sanitize(input: string, dynamicOptions?: any): string {
+//         try {
+//             const opts = { ...this.globalOptions, ...(dynamicOptions || {}) };
+//             const clean = sanitizeHtml(input, opts);
+//             return typeof clean === "string" ? clean : String(clean);
+//         } catch (err: any) {
+//             logger.error("❌ sanitize-html failed", {
+//                 error: err?.message || err,
+//                 preview: typeof input === "string" ? input.slice(0, 100) : undefined
+//             });
+//             throw new AdapterError("sanitize-html adapter failed.");
+//         }
+//     }
+//     /**
+//      * Deep sanitize nested objects, arrays, strings
+//      */
+//     private deepSanitize(obj: any, dynamicOptions?: any): any {
+//         if (typeof obj === "string") {
+//             return this.sanitize(obj, dynamicOptions);
+//         }
+//         if (Array.isArray(obj)) {
+//             return obj.map((item) => this.deepSanitize(item, dynamicOptions));
+//         }
+//         if (obj && typeof obj === "object") {
+//             const result: any = {};
+//             for (const key of Object.keys(obj)) {
+//                 result[key] = this.deepSanitize(obj[key], dynamicOptions);
+//             }
+//             return result;
+//         }
+//         return obj;
+//     }
+//     /**
+//      * Middleware wrapper with dynamic per-route options
+//      */
+//     middleware(dynamicOptions?: any) {
+//         return (req: any, _res: any, next: any) => {
+//             try {
+//                 if (req.body) {
+//                     req.body = this.deepSanitize(req.body, dynamicOptions);
+//                     logger.debug("🧼 sanitize-html applied", {
+//                         keys: Object.keys(req.body)
+//                     });
+//                 }
+//                 next();
+//             } catch (err: any) {
+//                 logger.error("❌ sanitize-html middleware failed", {
+//                     error: err?.message || err
+//                 });
+//                 next(err);
+//             }
+//         };
+//     }
+// }
+// src/adapters/SanitizeHtmlAdapter.ts - FIXED
+const sanitize_html_1 = __importDefault(require("sanitize-html"));
+const AdapterError_js_1 = require("../core/errors/AdapterError.js");
+const index_js_1 = require("../logging/index.js");
+class SanitizeHtmlAdapter {
+    constructor(options = {}) {
+        this.globalOptions = options;
+    }
+    sanitize(input, dynamicOptions) {
+        try {
+            const opts = { ...this.globalOptions, ...(dynamicOptions || {}) };
+            const clean = (0, sanitize_html_1.default)(input, opts);
+            return typeof clean === "string" ? clean : String(clean);
+        }
+        catch (err) {
+            index_js_1.logger.error("❌ sanitize-html failed", {
+                error: err?.message || err,
+                preview: typeof input === "string" ? input.slice(0, 100) : undefined
+            });
+            throw new AdapterError_js_1.AdapterError("sanitize-html adapter failed.");
+        }
+    }
+    /**
+     * Deep sanitize with recursion protection
+     */
+    deepSanitize(obj, dynamicOptions, visited = new WeakSet()) {
+        // Handle circular references
+        if (obj && typeof obj === "object") {
+            if (visited.has(obj)) {
+                return obj; // Circular reference detected
+            }
+            visited.add(obj);
+        }
+        if (typeof obj === "string") {
+            return this.sanitize(obj, dynamicOptions);
+        }
+        if (Array.isArray(obj)) {
+            return obj.map((item) => this.deepSanitize(item, dynamicOptions, visited));
+        }
+        if (obj && typeof obj === "object") {
+            const result = {};
+            for (const key of Object.keys(obj)) {
+                result[key] = this.deepSanitize(obj[key], dynamicOptions, visited);
+            }
+            return result;
+        }
+        return obj;
+    }
+    middleware(dynamicOptions) {
+        return (req, _res, next) => {
+            try {
+                if (req.body) {
+                    req.body = this.deepSanitize(req.body, dynamicOptions);
+                    index_js_1.logger.debug("🧼 sanitize-html applied", {
+                        keys: Object.keys(req.body)
+                    });
+                }
+                next();
+            }
+            catch (err) {
+                index_js_1.logger.error("❌ sanitize-html middleware failed", {
+                    error: err?.message || err
+                });
+                next(err);
+            }
+        };
+    }
+}
+exports.SanitizeHtmlAdapter = SanitizeHtmlAdapter;
+//# sourceMappingURL=SanitizeHtmlAdapter.js.map

package/dist/adapters/SanitizeHtmlAdapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"SanitizeHtmlAdapter.js","sourceRoot":"","sources":["../../src/adapters/SanitizeHtmlAdapter.ts"],"names":[],"mappings":";AAAA,4CAA4C;AAC5C,8DAA8D;AAC9D,uCAAuC;;;;;;AAEvC,qCAAqC;AACrC,oDAAoD;AAEpD,yDAAyD;AACzD,wCAAwC;AACxC,QAAQ;AAER,UAAU;AACV,gEAAgE;AAChE,UAAU;AACV,8DAA8D;AAC9D,gBAAgB;AAChB,iFAAiF;AAEjF,uDAAuD;AAEvD,wEAAwE;AAExE,+BAA+B;AAC/B,uDAAuD;AACvD,8CAA8C;AAC9C,uFAAuF;AACvF,kBAAkB;AAElB,uEAAuE;AACvE,YAAY;AACZ,QAAQ;AAER,UAAU;AACV,uDAAuD;AACvD,UAAU;AACV,kEAAkE;AAClE,yCAAyC;AACzC,yDAAyD;AACzD,YAAY;AAEZ,oCAAoC;AACpC,iFAAiF;AACjF,YAAY;AAEZ,gDAAgD;AAChD,sCAAsC;AACtC,oDAAoD;AACpD,6EAA6E;AAC7E,gBAAgB;AAChB,6BAA6B;AAC7B,YAAY;AAEZ,sBAAsB;AACtB,QAAQ;AAER,UAAU;AACV,2DAA2D;AAC3D,UAAU;AACV,yCAAyC;AACzC,uDAAuD;AACvD,oBAAoB;AACpB,kCAAkC;AAClC,8EAA8E;AAE9E,iEAAiE;AACjE,sDAAsD;AACtD,0BAA0B;AAC1B,oBAAoB;AACpB,0BAA0B;AAE1B,mCAAmC;AACnC,sEAAsE;AACtE,iDAAiD;AACjD,sBAAsB;AACtB,6BAA6B;AAC7B,gBAAgB;AAChB,aAAa;AACb,QAAQ;AACR,IAAI;AAGJ,8CAA8C;AAC9C,kEAAyC;AACzC,oEAA8D;AAC9D,kDAA6C;AAE7C,MAAa,mBAAmB;IAG5B,YAAY,UAAiC,EAAE;QAC3C,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC;IACjC,CAAC;IAED,QAAQ,CAAC,KAAa,EAAE,cAAoB;QACxC,IAAI,CAAC;YACD,MAAM,IAAI,GAAG,EAAE,GAAG,IAAI,CAAC,aAAa,EAAE,GAAG,CAAC,cAAc,IAAI,EAAE,CAAC,EAAE,CAAC;YAElE,MAAM,KAAK,GAAG,IAAA,uBAAY,EAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YACxC,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAE7D,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,iBAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE;gBACnC,KAAK,EAAE,GAAG,EAAE,OAAO,IAAI,GAAG;gBAC1B,OAAO,EAAE,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS;aACvE,CAAC,CAAC;YAEH,MAAM,IAAI,8BAAY,CAAC,+BAA+B,CAAC,CAAC;QAC5D,CAAC;IACL,CAAC;IAED;;OAEG;IACK,YAAY,CAAC,GAAQ,EAAE,cAAoB,EAAE,OAAO,GAAG,IAAI,OAAO,EAAE;QACxE,6BAA6B;QAC7B,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACjC,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBACnB,OAAO,GAAG,CAAC,CAAC,8BAA8B;YAC9C,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC;QAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC1B,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;QAC9C,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,cAAc,EAAE,OAAO,CAAC,CAAC,CAAC;QAC/E,CAAC;QAED,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACjC,MAAM,MAAM,GAAQ,EAAE,CAAC;YACvB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;gBACjC,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,cAAc,EAAE,OAAO,CAAC,CAAC;YACvE,CAAC;YACD,OAAO,MAAM,CAAC;QAClB,CAAC;QAED,OAAO,GAAG,CAAC;IACf,CAAC;IAED,UAAU,CAAC,cAAoB;QAC3B,OAAO,CAAC,GAAQ,EAAE,IAAS,EAAE,IAAS,EAAE,EAAE;YACtC,IAAI,CAAC;gBACD,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;oBACX,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;oBAEvD,iBAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE;wBACrC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;qBAC9B,CAAC,CAAC;gBACP,CAAC;gBACD,IAAI,EAAE,CAAC;YAEX,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAChB,iBAAM,CAAC,KAAK,CAAC,mCAAmC,EAAE;oBAC9C,KAAK,EAAE,GAAG,EAAE,OAAO,IAAI,GAAG;iBAC7B,CAAC,CAAC;gBACH,IAAI,CAAC,GAAG,CAAC,CAAC;YACd,CAAC;QACL,CAAC,CAAC;IACN,CAAC;CACJ;AA3ED,kDA2EC","sourcesContent":["// import sanitizeHtml from \"sanitize-html\";\r\n// import { AdapterError } from \"../core/errors/AdapterError\";\r\n// import { logger } from \"../logging\";\r\n\r\n// export class SanitizeHtmlAdapter {\r\n//     private globalOptions: sanitizeHtml.IOptions;\r\n\r\n//     constructor(options: sanitizeHtml.IOptions = {}) {\r\n//         this.globalOptions = options;\r\n//     }\r\n\r\n//     /**\r\n//      * Sanitize a string with merged global + dynamic options\r\n//      */\r\n//     sanitize(input: string, dynamicOptions?: any): string {\r\n//         try {\r\n//             const opts = { ...this.globalOptions, ...(dynamicOptions || {}) };\r\n\r\n//             const clean = sanitizeHtml(input, opts);\r\n\r\n//             return typeof clean === \"string\" ? clean : String(clean);\r\n\r\n//         } catch (err: any) {\r\n//             logger.error(\"❌ sanitize-html failed\", {\r\n//                 error: err?.message || err,\r\n//                 preview: typeof input === \"string\" ? input.slice(0, 100) : undefined\r\n//             });\r\n\r\n//             throw new AdapterError(\"sanitize-html adapter failed.\");\r\n//         }\r\n//     }\r\n\r\n//     /**\r\n//      * Deep sanitize nested objects, arrays, strings\r\n//      */\r\n//     private deepSanitize(obj: any, dynamicOptions?: any): any {\r\n//         if (typeof obj === \"string\") {\r\n//             return this.sanitize(obj, dynamicOptions);\r\n//         }\r\n\r\n//         if (Array.isArray(obj)) {\r\n//             return obj.map((item) => this.deepSanitize(item, dynamicOptions));\r\n//         }\r\n\r\n//         if (obj && typeof obj === \"object\") {\r\n//             const result: any = {};\r\n//             for (const key of Object.keys(obj)) {\r\n//                 result[key] = this.deepSanitize(obj[key], dynamicOptions);\r\n//             }\r\n//             return result;\r\n//         }\r\n\r\n//         return obj;\r\n//     }\r\n\r\n//     /**\r\n//      * Middleware wrapper with dynamic per-route options\r\n//      */\r\n//     middleware(dynamicOptions?: any) {\r\n//         return (req: any, _res: any, next: any) => {\r\n//             try {\r\n//                 if (req.body) {\r\n//                     req.body = this.deepSanitize(req.body, dynamicOptions);\r\n\r\n//                     logger.debug(\"🧼 sanitize-html applied\", {\r\n//                         keys: Object.keys(req.body)\r\n//                     });\r\n//                 }\r\n//                 next();\r\n\r\n//             } catch (err: any) {\r\n//                 logger.error(\"❌ sanitize-html middleware failed\", {\r\n//                     error: err?.message || err\r\n//                 });\r\n//                 next(err);\r\n//             }\r\n//         };\r\n//     }\r\n// }\r\n\r\n\r\n// src/adapters/SanitizeHtmlAdapter.ts - FIXED\r\nimport sanitizeHtml from \"sanitize-html\";\r\nimport { AdapterError } from \"../core/errors/AdapterError.js\";\r\nimport { logger } from \"../logging/index.js\";\r\n\r\nexport class SanitizeHtmlAdapter {\r\n    private globalOptions: sanitizeHtml.IOptions;\r\n\r\n    constructor(options: sanitizeHtml.IOptions = {}) {\r\n        this.globalOptions = options;\r\n    }\r\n\r\n    sanitize(input: string, dynamicOptions?: any): string {\r\n        try {\r\n            const opts = { ...this.globalOptions, ...(dynamicOptions || {}) };\r\n\r\n            const clean = sanitizeHtml(input, opts);\r\n            return typeof clean === \"string\" ? clean : String(clean);\r\n\r\n        } catch (err: any) {\r\n            logger.error(\"❌ sanitize-html failed\", {\r\n                error: err?.message || err,\r\n                preview: typeof input === \"string\" ? input.slice(0, 100) : undefined\r\n            });\r\n\r\n            throw new AdapterError(\"sanitize-html adapter failed.\");\r\n        }\r\n    }\r\n\r\n    /**\r\n     * Deep sanitize with recursion protection\r\n     */\r\n    private deepSanitize(obj: any, dynamicOptions?: any, visited = new WeakSet()): any {\r\n        // Handle circular references\r\n        if (obj && typeof obj === \"object\") {\r\n            if (visited.has(obj)) {\r\n                return obj; // Circular reference detected\r\n            }\r\n            visited.add(obj);\r\n        }\r\n\r\n        if (typeof obj === \"string\") {\r\n            return this.sanitize(obj, dynamicOptions);\r\n        }\r\n\r\n        if (Array.isArray(obj)) {\r\n            return obj.map((item) => this.deepSanitize(item, dynamicOptions, visited));\r\n        }\r\n\r\n        if (obj && typeof obj === \"object\") {\r\n            const result: any = {};\r\n            for (const key of Object.keys(obj)) {\r\n                result[key] = this.deepSanitize(obj[key], dynamicOptions, visited);\r\n            }\r\n            return result;\r\n        }\r\n\r\n        return obj;\r\n    }\r\n\r\n    middleware(dynamicOptions?: any) {\r\n        return (req: any, _res: any, next: any) => {\r\n            try {\r\n                if (req.body) {\r\n                    req.body = this.deepSanitize(req.body, dynamicOptions);\r\n\r\n                    logger.debug(\"🧼 sanitize-html applied\", {\r\n                        keys: Object.keys(req.body)\r\n                    });\r\n                }\r\n                next();\r\n\r\n            } catch (err: any) {\r\n                logger.error(\"❌ sanitize-html middleware failed\", {\r\n                    error: err?.message || err\r\n                });\r\n                next(err);\r\n            }\r\n        };\r\n    }\r\n}"]}

package/dist/adapters/XSSAdapter.d.ts

@@ -0,0 +1,33 @@
+import { whiteList } from 'xss';
+export interface XSSOptions {
+    whiteList?: typeof whiteList;
+    stripIgnoreTag?: boolean;
+    stripIgnoreTagBody?: string[];
+    allowCommentTag?: boolean;
+    css?: boolean | {
+        [key: string]: boolean;
+    };
+    onTag?: (tag: string, html: string, options: any) => string;
+    onTagAttr?: (tag: string, name: string, value: string, isWhiteAttr: boolean) => string;
+    onIgnoreTag?: (tag: string, html: string, options: any) => string;
+    [key: string]: any;
+}
+export declare class XSSAdapter {
+    private globalOptions;
+    private defaultFilter;
+    constructor(options?: XSSOptions);
+    /**
+     * Sanitize a string with global + dynamic merged options
+     */
+    sanitize(input: string, dynamicOptions?: XSSOptions): string;
+    /**
+     * Middleware wrapper WITH dynamic options
+     * Doesn't mutate original request - creates sanitized copy
+     */
+    middleware(dynamicOptions?: XSSOptions): (req: any, _res: any, next: any) => void;
+    /**
+     * Deep sanitize nested objects/arrays
+     */
+    private deepSanitize;
+}
+//# sourceMappingURL=XSSAdapter.d.ts.map

package/dist/adapters/XSSAdapter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"XSSAdapter.d.ts","sourceRoot":"","sources":["../../src/adapters/XSSAdapter.ts"],"names":[],"mappings":"AACA,OAAO,EAAkC,SAAS,EAAE,MAAM,KAAK,CAAC;AAIhE,MAAM,WAAW,UAAU;IACvB,SAAS,CAAC,EAAE,OAAO,SAAS,CAAC;IAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,GAAG,CAAC,EAAE,OAAO,GAAG;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,CAAC;IAC3C,KAAK,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,MAAM,CAAC;IAC5D,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,KAAK,MAAM,CAAC;IACvF,WAAW,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,MAAM,CAAC;IAClE,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACtB;AAED,qBAAa,UAAU;IACnB,OAAO,CAAC,aAAa,CAAa;IAClC,OAAO,CAAC,aAAa,CAAY;gBAErB,OAAO,GAAE,UAAe;IAuBpC;;OAEG;IACH,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,UAAU,GAAG,MAAM;IA0B5D;;;OAGG;IACH,UAAU,CAAC,cAAc,CAAC,EAAE,UAAU,IAC1B,KAAK,GAAG,EAAE,MAAM,GAAG,EAAE,MAAM,GAAG;IA4C1C;;OAEG;IACH,OAAO,CAAC,YAAY;CA2BvB"}

package/dist/adapters/XSSAdapter.js

@@ -0,0 +1,127 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.XSSAdapter = void 0;
+// src/adapters/XSSAdapter.ts - NEW FILE
+const xss_1 = require("xss");
+const AdapterError_js_1 = require("../core/errors/AdapterError.js");
+const index_js_1 = require("../logging/index.js");
+class XSSAdapter {
+    constructor(options = {}) {
+        this.globalOptions = options;
+        // Default safe configuration
+        const defaultOptions = {
+            whiteList: (0, xss_1.getDefaultWhiteList)(),
+            stripIgnoreTag: true, // Remove non-whitelisted tags completely
+            stripIgnoreTagBody: ['script', 'style', 'iframe', 'object', 'embed'],
+            allowCommentTag: false,
+            css: false, // Disable CSS by default
+            onTag: (tag, html, options) => {
+                // Add noopener/noreferrer to links for security
+                if (tag === 'a') {
+                    return html.replace(/<a /i, '<a target="_blank" rel="noopener noreferrer" ');
+                }
+                return html;
+            }
+        };
+        const finalOptions = { ...defaultOptions, ...options };
+        this.defaultFilter = new xss_1.FilterXSS(finalOptions);
+    }
+    /**
+     * Sanitize a string with global + dynamic merged options
+     */
+    sanitize(input, dynamicOptions) {
+        try {
+            if (typeof input !== "string") {
+                return input;
+            }
+            // If no dynamic options, use default filter
+            if (!dynamicOptions || Object.keys(dynamicOptions).length === 0) {
+                return this.defaultFilter.process(input);
+            }
+            // Merge options for this specific call
+            const mergedOptions = { ...this.globalOptions, ...dynamicOptions };
+            const customFilter = new xss_1.FilterXSS(mergedOptions);
+            return customFilter.process(input);
+        }
+        catch (err) {
+            index_js_1.logger.error("❌ XSS sanitizer failed", {
+                error: err?.message,
+                preview: input?.slice?.(0, 80)
+            });
+            throw new AdapterError_js_1.AdapterError("XSS sanitizer failed.");
+        }
+    }
+    /**
+     * Middleware wrapper WITH dynamic options
+     * Doesn't mutate original request - creates sanitized copy
+     */
+    middleware(dynamicOptions) {
+        return (req, _res, next) => {
+            try {
+                if (req.body && typeof req.body === "object") {
+                    const originalBody = req.body;
+                    const sanitizedBody = Array.isArray(originalBody) ? [] : {};
+                    for (const key of Object.keys(originalBody)) {
+                        const val = originalBody[key];
+                        if (typeof val === "string") {
+                            sanitizedBody[key] = this.sanitize(val, dynamicOptions);
+                        }
+                        else if (Array.isArray(val)) {
+                            sanitizedBody[key] = val.map((v) => typeof v === "string"
+                                ? this.sanitize(v, dynamicOptions)
+                                : v);
+                        }
+                        else if (val && typeof val === "object") {
+                            // Handle nested objects (simple recursion)
+                            sanitizedBody[key] = this.deepSanitize(val, dynamicOptions);
+                        }
+                        else {
+                            sanitizedBody[key] = val;
+                        }
+                    }
+                    // Store sanitized version separately
+                    req.sanitizedBody = sanitizedBody;
+                    index_js_1.logger.debug("🛡️ XSS sanitizer applied", {
+                        originalKeys: Object.keys(originalBody),
+                        sanitizedKeys: Object.keys(sanitizedBody)
+                    });
+                }
+                next();
+            }
+            catch (err) {
+                index_js_1.logger.error("❌ XSS middleware failed", {
+                    error: err?.message || err
+                });
+                next(err);
+            }
+        };
+    }
+    /**
+     * Deep sanitize nested objects/arrays
+     */
+    deepSanitize(obj, options, visited = new WeakSet()) {
+        // Handle circular references
+        if (obj && typeof obj === "object") {
+            if (visited.has(obj)) {
+                return obj;
+            }
+            visited.add(obj);
+        }
+        if (typeof obj === "string") {
+            return this.sanitize(obj, options);
+        }
+        if (Array.isArray(obj)) {
+            return obj.map(item => this.deepSanitize(item, options, visited));
+        }
+        if (obj && typeof obj === "object") {
+            const result = {};
+            for (const key of Object.keys(obj)) {
+                result[key] = this.deepSanitize(obj[key], options, visited);
+            }
+            return result;
+        }
+        return obj;
+    }
+}
+exports.XSSAdapter = XSSAdapter;
+//# sourceMappingURL=XSSAdapter.js.map

package/dist/adapters/XSSAdapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"XSSAdapter.js","sourceRoot":"","sources":["../../src/adapters/XSSAdapter.ts"],"names":[],"mappings":";;;AAAA,wCAAwC;AACxC,6BAAgE;AAChE,oEAA8D;AAC9D,kDAA6C;AAc7C,MAAa,UAAU;IAInB,YAAY,UAAsB,EAAE;QAChC,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC;QAE7B,6BAA6B;QAC7B,MAAM,cAAc,GAAe;YAC/B,SAAS,EAAE,IAAA,yBAAmB,GAAE;YAChC,cAAc,EAAE,IAAI,EAAE,yCAAyC;YAC/D,kBAAkB,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC;YACpE,eAAe,EAAE,KAAK;YACtB,GAAG,EAAE,KAAK,EAAE,yBAAyB;YACrC,KAAK,EAAE,CAAC,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE;gBAC1B,gDAAgD;gBAChD,IAAI,GAAG,KAAK,GAAG,EAAE,CAAC;oBACd,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,+CAA+C,CAAC,CAAC;gBACjF,CAAC;gBACD,OAAO,IAAI,CAAC;YAChB,CAAC;SACJ,CAAC;QAEF,MAAM,YAAY,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,OAAO,EAAE,CAAC;QACvD,IAAI,CAAC,aAAa,GAAG,IAAI,eAAS,CAAC,YAAY,CAAC,CAAC;IACrD,CAAC;IAED;;OAEG;IACH,QAAQ,CAAC,KAAa,EAAE,cAA2B;QAC/C,IAAI,CAAC;YACD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC5B,OAAO,KAAY,CAAC;YACxB,CAAC;YAED,4CAA4C;YAC5C,IAAI,CAAC,cAAc,IAAI,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC9D,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YAC7C,CAAC;YAED,uCAAuC;YACvC,MAAM,aAAa,GAAG,EAAE,GAAG,IAAI,CAAC,aAAa,EAAE,GAAG,cAAc,EAAE,CAAC;YACnE,MAAM,YAAY,GAAG,IAAI,eAAS,CAAC,aAAa,CAAC,CAAC;YAElD,OAAO,YAAY,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QAEvC,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,iBAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE;gBACnC,KAAK,EAAE,GAAG,EAAE,OAAO;gBACnB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC;aACjC,CAAC,CAAC;YACH,MAAM,IAAI,8BAAY,CAAC,uBAAuB,CAAC,CAAC;QACpD,CAAC;IACL,CAAC;IAED;;;OAGG;IACH,UAAU,CAAC,cAA2B;QAClC,OAAO,CAAC,GAAQ,EAAE,IAAS,EAAE,IAAS,EAAE,EAAE;YACtC,IAAI,CAAC;gBACD,IAAI,GAAG,CAAC,IAAI,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC3C,MAAM,YAAY,GAAG,GAAG,CAAC,IAAI,CAAC;oBAC9B,MAAM,aAAa,GAAQ,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBAEjE,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;wBAC1C,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;wBAE9B,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;4BAC1B,aAAa,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;wBAC5D,CAAC;6BAAM,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;4BAC5B,aAAa,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAC/B,OAAO,CAAC,KAAK,QAAQ;gCACjB,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,cAAc,CAAC;gCAClC,CAAC,CAAC,CAAC,CACV,CAAC;wBACN,CAAC;6BAAM,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;4BACxC,2CAA2C;4BAC3C,aAAa,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;wBAChE,CAAC;6BAAM,CAAC;4BACJ,aAAa,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;wBAC7B,CAAC;oBACL,CAAC;oBAED,qCAAqC;oBACrC,GAAG,CAAC,aAAa,GAAG,aAAa,CAAC;oBAElC,iBAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE;wBACtC,YAAY,EAAE,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC;wBACvC,aAAa,EAAE,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC;qBAC5C,CAAC,CAAC;gBACP,CAAC;gBAED,IAAI,EAAE,CAAC;YACX,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAChB,iBAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE;oBACpC,KAAK,EAAE,GAAG,EAAE,OAAO,IAAI,GAAG;iBAC7B,CAAC,CAAC;gBACH,IAAI,CAAC,GAAG,CAAC,CAAC;YACd,CAAC;QACL,CAAC,CAAC;IACN,CAAC;IAED;;OAEG;IACK,YAAY,CAAC,GAAQ,EAAE,OAAoB,EAAE,OAAO,GAAG,IAAI,OAAO,EAAE;QACxE,6BAA6B;QAC7B,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACjC,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBACnB,OAAO,GAAG,CAAC;YACf,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC;QAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC1B,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QACvC,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;QACtE,CAAC;QAED,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACjC,MAAM,MAAM,GAAQ,EAAE,CAAC;YACvB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;gBACjC,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;YAChE,CAAC;YACD,OAAO,MAAM,CAAC;QAClB,CAAC;QAED,OAAO,GAAG,CAAC;IACf,CAAC;CACJ;AAvID,gCAuIC","sourcesContent":["// src/adapters/XSSAdapter.ts - NEW FILE\r\nimport { FilterXSS, getDefaultWhiteList, whiteList } from 'xss';\r\nimport { AdapterError } from \"../core/errors/AdapterError.js\";\r\nimport { logger } from \"../logging/index.js\";\r\n\r\nexport interface XSSOptions {\r\n    whiteList?: typeof whiteList;\r\n    stripIgnoreTag?: boolean;\r\n    stripIgnoreTagBody?: string[];\r\n    allowCommentTag?: boolean;\r\n    css?: boolean | { [key: string]: boolean };\r\n    onTag?: (tag: string, html: string, options: any) => string;\r\n    onTagAttr?: (tag: string, name: string, value: string, isWhiteAttr: boolean) => string;\r\n    onIgnoreTag?: (tag: string, html: string, options: any) => string;\r\n    [key: string]: any;\r\n}\r\n\r\nexport class XSSAdapter {\r\n    private globalOptions: XSSOptions;\r\n    private defaultFilter: FilterXSS;\r\n\r\n    constructor(options: XSSOptions = {}) {\r\n        this.globalOptions = options;\r\n        \r\n        // Default safe configuration\r\n        const defaultOptions: XSSOptions = {\r\n            whiteList: getDefaultWhiteList(),\r\n            stripIgnoreTag: true, // Remove non-whitelisted tags completely\r\n            stripIgnoreTagBody: ['script', 'style', 'iframe', 'object', 'embed'],\r\n            allowCommentTag: false,\r\n            css: false, // Disable CSS by default\r\n            onTag: (tag, html, options) => {\r\n                // Add noopener/noreferrer to links for security\r\n                if (tag === 'a') {\r\n                    return html.replace(/<a /i, '<a target=\"_blank\" rel=\"noopener noreferrer\" ');\r\n                }\r\n                return html;\r\n            }\r\n        };\r\n\r\n        const finalOptions = { ...defaultOptions, ...options };\r\n        this.defaultFilter = new FilterXSS(finalOptions);\r\n    }\r\n\r\n    /**\r\n     * Sanitize a string with global + dynamic merged options\r\n     */\r\n    sanitize(input: string, dynamicOptions?: XSSOptions): string {\r\n        try {\r\n            if (typeof input !== \"string\") {\r\n                return input as any;\r\n            }\r\n\r\n            // If no dynamic options, use default filter\r\n            if (!dynamicOptions || Object.keys(dynamicOptions).length === 0) {\r\n                return this.defaultFilter.process(input);\r\n            }\r\n\r\n            // Merge options for this specific call\r\n            const mergedOptions = { ...this.globalOptions, ...dynamicOptions };\r\n            const customFilter = new FilterXSS(mergedOptions);\r\n            \r\n            return customFilter.process(input);\r\n\r\n        } catch (err: any) {\r\n            logger.error(\"❌ XSS sanitizer failed\", {\r\n                error: err?.message,\r\n                preview: input?.slice?.(0, 80)\r\n            });\r\n            throw new AdapterError(\"XSS sanitizer failed.\");\r\n        }\r\n    }\r\n\r\n    /**\r\n     * Middleware wrapper WITH dynamic options\r\n     * Doesn't mutate original request - creates sanitized copy\r\n     */\r\n    middleware(dynamicOptions?: XSSOptions) {\r\n        return (req: any, _res: any, next: any) => {\r\n            try {\r\n                if (req.body && typeof req.body === \"object\") {\r\n                    const originalBody = req.body;\r\n                    const sanitizedBody: any = Array.isArray(originalBody) ? [] : {};\r\n                    \r\n                    for (const key of Object.keys(originalBody)) {\r\n                        const val = originalBody[key];\r\n\r\n                        if (typeof val === \"string\") {\r\n                            sanitizedBody[key] = this.sanitize(val, dynamicOptions);\r\n                        } else if (Array.isArray(val)) {\r\n                            sanitizedBody[key] = val.map((v) =>\r\n                                typeof v === \"string\"\r\n                                    ? this.sanitize(v, dynamicOptions)\r\n                                    : v\r\n                            );\r\n                        } else if (val && typeof val === \"object\") {\r\n                            // Handle nested objects (simple recursion)\r\n                            sanitizedBody[key] = this.deepSanitize(val, dynamicOptions);\r\n                        } else {\r\n                            sanitizedBody[key] = val;\r\n                        }\r\n                    }\r\n                    \r\n                    // Store sanitized version separately\r\n                    req.sanitizedBody = sanitizedBody;\r\n                    \r\n                    logger.debug(\"🛡️ XSS sanitizer applied\", {\r\n                        originalKeys: Object.keys(originalBody),\r\n                        sanitizedKeys: Object.keys(sanitizedBody)\r\n                    });\r\n                }\r\n\r\n                next();\r\n            } catch (err: any) {\r\n                logger.error(\"❌ XSS middleware failed\", {\r\n                    error: err?.message || err\r\n                });\r\n                next(err);\r\n            }\r\n        };\r\n    }\r\n\r\n    /**\r\n     * Deep sanitize nested objects/arrays\r\n     */\r\n    private deepSanitize(obj: any, options?: XSSOptions, visited = new WeakSet()): any {\r\n        // Handle circular references\r\n        if (obj && typeof obj === \"object\") {\r\n            if (visited.has(obj)) {\r\n                return obj;\r\n            }\r\n            visited.add(obj);\r\n        }\r\n\r\n        if (typeof obj === \"string\") {\r\n            return this.sanitize(obj, options);\r\n        }\r\n\r\n        if (Array.isArray(obj)) {\r\n            return obj.map(item => this.deepSanitize(item, options, visited));\r\n        }\r\n\r\n        if (obj && typeof obj === \"object\") {\r\n            const result: any = {};\r\n            for (const key of Object.keys(obj)) {\r\n                result[key] = this.deepSanitize(obj[key], options, visited);\r\n            }\r\n            return result;\r\n        }\r\n\r\n        return obj;\r\n    }\r\n}"]}

package/dist/adapters/ZodAdapter.d.ts

@@ -0,0 +1,7 @@
+import { ZodSchema } from "zod";
+export declare class ZodAdapter {
+    private globalSchema?;
+    constructor(globalSchema?: ZodSchema);
+    validate(dynamicSchema?: ZodSchema): (req: any, res: any, next: any) => any;
+}
+//# sourceMappingURL=ZodAdapter.d.ts.map

package/dist/adapters/ZodAdapter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ZodAdapter.d.ts","sourceRoot":"","sources":["../../src/adapters/ZodAdapter.ts"],"names":[],"mappings":"AAiDA,OAAO,EAAE,SAAS,EAAY,MAAM,KAAK,CAAC;AAI1C,qBAAa,UAAU;IACnB,OAAO,CAAC,YAAY,CAAC,CAAY;gBAErB,YAAY,CAAC,EAAE,SAAS;IAIpC,QAAQ,CAAC,aAAa,CAAC,EAAE,SAAS,IACtB,KAAK,GAAG,EAAE,KAAK,GAAG,EAAE,MAAM,GAAG;CA6B5C"}

package/dist/adapters/ZodAdapter.js

@@ -0,0 +1,39 @@
+"use strict";
+// import { ZodSchema, ZodError } from "zod";
+// import { ValidationError } from "../core/errors/ValidationError";
+// import { logger } from "../logging";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ZodAdapter = void 0;
+const ValidationError_js_1 = require("../core/errors/ValidationError.js"); // ✅ Add .js
+const index_js_1 = require("../logging/index.js");
+class ZodAdapter {
+    constructor(globalSchema) {
+        this.globalSchema = globalSchema;
+    }
+    validate(dynamicSchema) {
+        return (req, res, next) => {
+            const schema = dynamicSchema || this.globalSchema;
+            if (!schema)
+                return next();
+            const result = schema.safeParse(req.body);
+            if (result.success)
+                return next();
+            const zodErr = result.error;
+            const issues = zodErr.issues.map(issue => ({
+                message: issue.message,
+                path: issue.path.join("."),
+                code: issue.code
+            }));
+            index_js_1.logger.warn("⚠ Zod validation failed", {
+                path: req.path,
+                method: req.method,
+                issues,
+                preview: JSON.stringify(req.body).slice(0, 200)
+            });
+            return next(new ValidationError_js_1.ValidationError("Validation failed.", issues) // ✅ Pass issues
+            );
+        };
+    }
+}
+exports.ZodAdapter = ZodAdapter;
+//# sourceMappingURL=ZodAdapter.js.map

package/dist/adapters/ZodAdapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ZodAdapter.js","sourceRoot":"","sources":["../../src/adapters/ZodAdapter.ts"],"names":[],"mappings":";AAAA,6CAA6C;AAC7C,oEAAoE;AACpE,uCAAuC;;;AAgDvC,0EAAoE,CAAC,YAAY;AACjF,kDAA6C;AAE7C,MAAa,UAAU;IAGnB,YAAY,YAAwB;QAChC,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;IACrC,CAAC;IAED,QAAQ,CAAC,aAAyB;QAC9B,OAAO,CAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS,EAAE,EAAE;YACrC,MAAM,MAAM,GAAG,aAAa,IAAI,IAAI,CAAC,YAAY,CAAC;YAElD,IAAI,CAAC,MAAM;gBAAE,OAAO,IAAI,EAAE,CAAC;YAE3B,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAE1C,IAAI,MAAM,CAAC,OAAO;gBAAE,OAAO,IAAI,EAAE,CAAC;YAElC,MAAM,MAAM,GAAa,MAAM,CAAC,KAAK,CAAC;YAEtC,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;gBACvC,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;gBAC1B,IAAI,EAAE,KAAK,CAAC,IAAI;aACnB,CAAC,CAAC,CAAC;YAEJ,iBAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE;gBACnC,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,MAAM;gBACN,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;aAClD,CAAC,CAAC;YAEH,OAAO,IAAI,CACP,IAAI,oCAAe,CAAC,oBAAoB,EAAE,MAAa,CAAC,CAAC,gBAAgB;aAC5E,CAAC;QACN,CAAC,CAAC;IACN,CAAC;CACJ;AArCD,gCAqCC","sourcesContent":["// import { ZodSchema, ZodError } from \"zod\";\r\n// import { ValidationError } from \"../core/errors/ValidationError\";\r\n// import { logger } from \"../logging\";\r\n\r\n// export class ZodAdapter {\r\n//     private globalSchema?: ZodSchema;\r\n\r\n//     constructor(globalSchema?: ZodSchema) {\r\n//         this.globalSchema = globalSchema as any;\r\n//     }\r\n\r\n//     /**\r\n//      * Validate with global + dynamic schema (dynamic overrides global)\r\n//      */\r\n//     validate(dynamicSchema?: ZodSchema) {\r\n//         return (req: any, res: any, next: any) => {\r\n//             const schema = dynamicSchema || this.globalSchema;\r\n\r\n//             if (!schema) return next(); // no validation for this route\r\n\r\n//             const result = schema.safeParse(req.body);\r\n\r\n//             if (result.success) return next();\r\n\r\n//             const zodErr: ZodError = result.error;\r\n\r\n//             const issues = zodErr.issues.map(issue => ({\r\n//                 message: issue.message,\r\n//                 path: issue.path.join(\".\"),\r\n//                 code: issue.code\r\n//             }));\r\n\r\n//             logger.warn(\"⚠ Zod validation failed\", {\r\n//                 path: req.path,\r\n//                 method: req.method,\r\n//                 issues,\r\n//                 preview: JSON.stringify(req.body).slice(0, 200)\r\n//             });\r\n\r\n//             return next(\r\n//                 new ValidationError(issues[0]?.message || \"Validation failed.\")\r\n//             );\r\n//         };\r\n//     }\r\n// }\r\n\r\n\r\n\r\n// src/adapters/ZodAdapter.ts - FIXED\r\nimport { ZodSchema, ZodError } from \"zod\";\r\nimport { ValidationError } from \"../core/errors/ValidationError.js\"; // ✅ Add .js\r\nimport { logger } from \"../logging/index.js\";\r\n\r\nexport class ZodAdapter {\r\n    private globalSchema?: ZodSchema;\r\n\r\n    constructor(globalSchema?: ZodSchema) {\r\n        this.globalSchema = globalSchema;\r\n    }\r\n\r\n    validate(dynamicSchema?: ZodSchema) {\r\n        return (req: any, res: any, next: any) => {\r\n            const schema = dynamicSchema || this.globalSchema;\r\n\r\n            if (!schema) return next();\r\n\r\n            const result = schema.safeParse(req.body);\r\n\r\n            if (result.success) return next();\r\n\r\n            const zodErr: ZodError = result.error;\r\n\r\n            const issues = zodErr.issues.map(issue => ({\r\n                message: issue.message,\r\n                path: issue.path.join(\".\"),\r\n                code: issue.code\r\n            }));\r\n\r\n            logger.warn(\"⚠ Zod validation failed\", {\r\n                path: req.path,\r\n                method: req.method,\r\n                issues,\r\n                preview: JSON.stringify(req.body).slice(0, 200)\r\n            });\r\n\r\n            return next(\r\n                new ValidationError(\"Validation failed.\", issues as any) // ✅ Pass issues\r\n            );\r\n        };\r\n    }\r\n}"]}

package/dist/core/HiSecure.d.ts

@@ -0,0 +1,62 @@
+import { HiSecureConfig } from "./types/HiSecureConfig.js";
+import { HashManager } from "../managers/HashManager.js";
+import { RateLimitManager } from "../managers/RateLimitManager.js";
+import { ValidatorManager } from "../managers/ValidatorManager.js";
+import { SanitizerManager } from "../managers/SanitizerManager.js";
+import { JsonManager } from "../managers/JsonManager.js";
+import { CorsManager } from "../managers/CorsManager.js";
+import { AuthManager } from "../managers/AuthManager.js";
+import { SecureOptions, ValidationSchema } from "./types/SecureOptions.js";
+export declare class HiSecure {
+    private static instance;
+    private config;
+    private initialized;
+    hashManager: HashManager;
+    rateLimitManager: RateLimitManager;
+    validatorManager: ValidatorManager;
+    sanitizerManager: SanitizerManager;
+    jsonManager: JsonManager;
+    corsManager: CorsManager;
+    authManager?: AuthManager;
+    private hashingPrimary;
+    private hashingFallback;
+    private rateLimiterPrimary;
+    private rateLimiterFallback;
+    private validatorPrimary;
+    private validatorFallback;
+    private sanitizerPrimary;
+    private sanitizerFallback;
+    private constructor();
+    static getInstance(config?: Partial<HiSecureConfig>): HiSecure;
+    static resetInstance(): void;
+    init(): void;
+    isInitialized(): boolean;
+    static auth(options?: {
+        required?: boolean;
+        roles?: string[];
+    }): (req: import("express").Request, res: import("express").Response, next: import("express").NextFunction) => void;
+    static validate(schema: ValidationSchema): (req: any, res: any, next: any) => void;
+    static sanitize(options?: any): (req: any, _res: any, next: any) => void;
+    static rateLimit(preset: "strict" | "relaxed" | "api" | object): any;
+    static cors(options?: any): (req: import("cors").CorsRequest, res: {
+        statusCode?: number | undefined;
+        setHeader(key: string, value: string): any;
+        end(): any;
+    }, next: (err?: any) => any) => void;
+    static json(options?: any): import("connect").NextHandleFunction[];
+    static hash(password: string): Promise<string>;
+    static verify(password: string, hash: string): Promise<boolean>;
+    static jwt: {
+        sign: (payload: object, options?: any) => string;
+        verify: (token: string) => string | import("jsonwebtoken").Jwt | import("jsonwebtoken").JwtPayload;
+        google: {
+            verifyIdToken: (idToken: string) => Promise<import("../adapters/GoogleAdapter.js").GoogleTokenPayload>;
+        };
+    };
+    static middleware(options?: SecureOptions | "api" | "strict" | "public"): any[];
+    private setupAdapters;
+    private setupManagers;
+    private setupDynamicManagers;
+    private createMiddlewareChain;
+}
+//# sourceMappingURL=HiSecure.d.ts.map

package/dist/core/HiSecure.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"HiSecure.d.ts","sourceRoot":"","sources":["../../src/core/HiSecure.ts"],"names":[],"mappings":"AAslBA,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAkB3D,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AASzD,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAoB,MAAM,0BAA0B,CAAC;AAE7F,qBAAa,QAAQ;IACjB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAyB;IAChD,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,WAAW,CAAS;IAGrB,WAAW,EAAG,WAAW,CAAC;IAC1B,gBAAgB,EAAG,gBAAgB,CAAC;IACpC,gBAAgB,EAAG,gBAAgB,CAAC;IACpC,gBAAgB,EAAG,gBAAgB,CAAC;IACpC,WAAW,EAAG,WAAW,CAAC;IAC1B,WAAW,EAAG,WAAW,CAAC;IAC1B,WAAW,CAAC,EAAE,WAAW,CAAC;IAGjC,OAAO,CAAC,cAAc,CAAM;IAC5B,OAAO,CAAC,eAAe,CAAM;IAC7B,OAAO,CAAC,kBAAkB,CAAM;IAChC,OAAO,CAAC,mBAAmB,CAAM;IACjC,OAAO,CAAC,gBAAgB,CAAM;IAC9B,OAAO,CAAC,iBAAiB,CAAM;IAC/B,OAAO,CAAC,gBAAgB,CAAM;IAC9B,OAAO,CAAC,iBAAiB,CAAM;IAG/B,OAAO;IAQP,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,GAAG,QAAQ;IAQ9D,MAAM,CAAC,aAAa,IAAI,IAAI;IAI5B,IAAI,IAAI,IAAI;IA0BZ,aAAa,IAAI,OAAO;IAQxB,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE;IAQ9D,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,gBAAgB;IAIxC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,GAAG;IAI7B,MAAM,CAAC,SAAS,CAAC,MAAM,EAAE,QAAQ,GAAG,SAAS,GAAG,KAAK,GAAG,MAAM;IAe9D,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG;kBA7sBsB,CAAC;;;iBAGjB,CAAC;IA8sBhC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG;WAYZ,IAAI,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;WAMvC,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAIrE,MAAM,CAAC,GAAG;wBACU,MAAM,YAAY,GAAG;wBAQrB,MAAM;;qCASO,MAAM;;MAQrC;IAMF,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,aAAa,GAAG,KAAK,GAAG,QAAQ,GAAG,QAAQ;IAwBvE,OAAO,CAAC,aAAa;IAiCrB,OAAO,CAAC,aAAa;IAyBrB,OAAO,CAAC,oBAAoB;IAoB5B,OAAO,CAAC,qBAAqB;CAmDhC"}