hi-secure 1.0.0

package/dist/middlewares/errorHandler.js

@@ -0,0 +1,94 @@
+"use strict";
+// import { Request, Response, NextFunction } from "express";
+// import { logger } from "../logging";
+// import { AdapterError } from "../core/errors/AdapterError";
+// import { ValidationError } from "../core/errors/ValidationError";
+// import { SanitizerError } from "../core/errors/SanitizerError";
+// import { SecurityError } from "../core/errors/SecurityError";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.errorHandler = errorHandler;
+const logging_1 = require("../logging");
+const AdapterError_js_1 = require("../core/errors/AdapterError.js");
+const ValidationError_js_1 = require("../core/errors/ValidationError.js");
+const SanitizerError_js_1 = require("../core/errors/SanitizerError.js");
+const SecurityError_js_1 = require("../core/errors/SecurityError.js");
+const HttpErrror_js_1 = require("../core/errors/HttpErrror.js");
+function errorHandler(err, req, res, _next) {
+    const message = typeof err === "string"
+        ? err
+        : err?.message || "Unknown error";
+    const stack = err instanceof Error && err.stack
+        ? err.stack.split("\n").slice(0, 2).join(" | ")
+        : undefined;
+    // Unified logging
+    logging_1.logger.error("❌ HiSecure Error", {
+        type: err?.name || "UnknownError",
+        message,
+        status: err?.status,
+        code: err?.code,
+        path: req.path,
+        method: req.method,
+        stack,
+        raw: err,
+    });
+    // ---------------------------------------------------
+    // 1. HttpError (developer thrown)
+    // ---------------------------------------------------
+    if (err instanceof HttpErrror_js_1.HttpError) {
+        return res.status(err.status).json({
+            success: false,
+            error: err.code,
+            message: err.message,
+            details: err.details || undefined,
+        });
+    }
+    // ---------------------------------------------------
+    // 2. Validation Errors
+    // ---------------------------------------------------
+    if (err instanceof ValidationError_js_1.ValidationError) {
+        return res.status(400).json({
+            success: false,
+            error: "VALIDATION_ERROR",
+            message,
+        });
+    }
+    // ---------------------------------------------------
+    // 3. Sanitizer Errors
+    // ---------------------------------------------------
+    if (err instanceof SanitizerError_js_1.SanitizerError) {
+        return res.status(400).json({
+            success: false,
+            error: "SANITIZER_ERROR",
+            message,
+        });
+    }
+    // ---------------------------------------------------
+    // 4. Adapter Errors (hashing, rate-limit, sanitizer, validator ...)
+    // ---------------------------------------------------
+    if (err instanceof AdapterError_js_1.AdapterError) {
+        return res.status(500).json({
+            success: false,
+            error: "ADAPTER_ERROR",
+            message,
+        });
+    }
+    // ---------------------------------------------------
+    // 5. Security Errors (internal library security logic)
+    // ---------------------------------------------------
+    if (err instanceof SecurityError_js_1.SecurityError) {
+        return res.status(500).json({
+            success: false,
+            error: "SECURITY_ERROR",
+            message,
+        });
+    }
+    // ---------------------------------------------------
+    // 6. Fallback → Unexpected
+    // ---------------------------------------------------
+    return res.status(500).json({
+        success: false,
+        error: "INTERNAL_SERVER_ERROR",
+        message: "An unexpected error occurred in HiSecure.",
+    });
+}
+//# sourceMappingURL=errorHandler.js.map

package/dist/middlewares/errorHandler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errorHandler.js","sourceRoot":"","sources":["../../src/middlewares/errorHandler.ts"],"names":[],"mappings":";AAAA,6DAA6D;AAC7D,uCAAuC;AACvC,8DAA8D;AAC9D,oEAAoE;AACpE,kEAAkE;AAClE,gEAAgE;;AAuKhE,oCA4FC;AApGD,wCAAoC;AAEpC,oEAA8D;AAC9D,0EAAoE;AACpE,wEAAkE;AAClE,sEAAgE;AAChE,gEAAyD;AAEzD,SAAgB,YAAY,CACxB,GAAQ,EACR,GAAY,EACZ,GAAa,EACb,KAAmB;IAEnB,MAAM,OAAO,GACT,OAAO,GAAG,KAAK,QAAQ;QACnB,CAAC,CAAC,GAAG;QACL,CAAC,CAAC,GAAG,EAAE,OAAO,IAAI,eAAe,CAAC;IAE1C,MAAM,KAAK,GACP,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,KAAK;QAC7B,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;QAC/C,CAAC,CAAC,SAAS,CAAC;IAEpB,kBAAkB;IAClB,gBAAM,CAAC,KAAK,CAAC,kBAAkB,EAAE;QAC7B,IAAI,EAAE,GAAG,EAAE,IAAI,IAAI,cAAc;QACjC,OAAO;QACP,MAAM,EAAE,GAAG,EAAE,MAAM;QACnB,IAAI,EAAE,GAAG,EAAE,IAAI;QACf,IAAI,EAAE,GAAG,CAAC,IAAI;QACd,MAAM,EAAE,GAAG,CAAC,MAAM;QAClB,KAAK;QACL,GAAG,EAAE,GAAG;KACX,CAAC,CAAC;IAEH,sDAAsD;IACtD,kCAAkC;IAClC,sDAAsD;IACtD,IAAI,GAAG,YAAY,yBAAS,EAAE,CAAC;QAC3B,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC;YAC/B,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,GAAG,CAAC,IAAI;YACf,OAAO,EAAE,GAAG,CAAC,OAAO;YACpB,OAAO,EAAE,GAAG,CAAC,OAAO,IAAI,SAAS;SACpC,CAAC,CAAC;IACP,CAAC;IAED,sDAAsD;IACtD,uBAAuB;IACvB,sDAAsD;IACtD,IAAI,GAAG,YAAY,oCAAe,EAAE,CAAC;QACjC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACxB,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,kBAAkB;YACzB,OAAO;SACV,CAAC,CAAC;IACP,CAAC;IAED,sDAAsD;IACtD,sBAAsB;IACtB,sDAAsD;IACtD,IAAI,GAAG,YAAY,kCAAc,EAAE,CAAC;QAChC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACxB,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,iBAAiB;YACxB,OAAO;SACV,CAAC,CAAC;IACP,CAAC;IAED,sDAAsD;IACtD,oEAAoE;IACpE,sDAAsD;IACtD,IAAI,GAAG,YAAY,8BAAY,EAAE,CAAC;QAC9B,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACxB,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,eAAe;YACtB,OAAO;SACV,CAAC,CAAC;IACP,CAAC;IAED,sDAAsD;IACtD,uDAAuD;IACvD,sDAAsD;IACtD,IAAI,GAAG,YAAY,gCAAa,EAAE,CAAC;QAC/B,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACxB,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,gBAAgB;YACvB,OAAO;SACV,CAAC,CAAC;IACP,CAAC;IAED,sDAAsD;IACtD,2BAA2B;IAC3B,sDAAsD;IACtD,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;QACxB,OAAO,EAAE,KAAK;QACd,KAAK,EAAE,uBAAuB;QAC9B,OAAO,EAAE,2CAA2C;KACvD,CAAC,CAAC;AACP,CAAC","sourcesContent":["// import { Request, Response, NextFunction } from \"express\";\r\n// import { logger } from \"../logging\";\r\n// import { AdapterError } from \"../core/errors/AdapterError\";\r\n// import { ValidationError } from \"../core/errors/ValidationError\";\r\n// import { SanitizerError } from \"../core/errors/SanitizerError\";\r\n// import { SecurityError } from \"../core/errors/SecurityError\";\r\n\r\n// export function errorHandler(\r\n//     err: any,\r\n//     req: Request,\r\n//     res: Response,\r\n//     _next: NextFunction\r\n// ) {\r\n//     // Normalize unknown errors\r\n//     const errorMessage =\r\n//         typeof err === \"string\"\r\n//             ? err\r\n//             : err?.message || \"Unknown error occurred\";\r\n\r\n//     const errorStack =\r\n//         err instanceof Error && err.stack\r\n//             ? err.stack.split(\"\\n\").slice(0, 2).join(\" | \")\r\n//             : undefined;\r\n\r\n//     // Log error centrally\r\n//     logger.error(\"❌ HiSecure Error Captured\", {\r\n//         message: errorMessage,\r\n//         path: req.path,\r\n//         method: req.method,\r\n//         stack: errorStack,\r\n//         raw: err\r\n//     });\r\n\r\n//     // ------------------------------\r\n//     // CLASSIFIED ERROR RESPONSES\r\n//     // ------------------------------\r\n\r\n//     if (err instanceof ValidationError) {\r\n//         return res.status(400).json({\r\n//             success: false,\r\n//             error: \"VALIDATION_ERROR\",\r\n//             message: errorMessage\r\n//         });\r\n//     }\r\n\r\n//     if (err instanceof SanitizerError) {\r\n//         return res.status(400).json({\r\n//             success: false,\r\n//             error: \"SANITIZER_ERROR\",\r\n//             message: errorMessage\r\n//         });\r\n//     }\r\n\r\n//     if (err instanceof AdapterError) {\r\n//         return res.status(500).json({\r\n//             success: false,\r\n//             error: \"ADAPTER_ERROR\",\r\n//             message: errorMessage\r\n//         });\r\n//     }\r\n\r\n//     if (err instanceof SecurityError) {\r\n//         return res.status(500).json({\r\n//             success: false,\r\n//             error: \"SECURITY_ERROR\",\r\n//             message: errorMessage\r\n//         });\r\n//     }\r\n\r\n//     // ------------------------------\r\n//     // UNEXPECTED ERROR\r\n//     // ------------------------------\r\n//     return res.status(500).json({\r\n//         success: false,\r\n//         error: \"INTERNAL_SERVER_ERROR\",\r\n//         message: \"An unexpected error occurred in HiSecure middleware.\"\r\n//     });\r\n// }\r\n\r\n\r\n\r\n\r\n// import { Request, Response, NextFunction } from \"express\";\r\n// import { logger } from \"../logging\";\r\n// import { AdapterError } from \"../core/errors/AdapterError\";\r\n// import { ValidationError } from \"../core/errors/ValidationError\";\r\n// import { SanitizerError } from \"../core/errors/SanitizerError\";\r\n// import { SecurityError } from \"../core/errors/SecurityError\";\r\n\r\n// export function errorHandler(\r\n//     err: any,\r\n//     req: Request,\r\n//     res: Response,\r\n//     _next: NextFunction\r\n// ) {\r\n//     // Normalize unknown errors\r\n//     const errorMessage =\r\n//         typeof err === \"string\"\r\n//             ? err\r\n//             : err?.message || \"Unknown error occurred\";\r\n\r\n//     const errorStack =\r\n//         err instanceof Error && err.stack\r\n//             ? err.stack.split(\"\\n\").slice(0, 2).join(\" | \")\r\n//             : undefined;\r\n\r\n//     // Log error centrally\r\n//     logger.error(\"❌ HiSecure Error Captured\", {\r\n//         message: errorMessage,\r\n//         path: req.path,\r\n//         method: req.method,\r\n//         stack: errorStack,\r\n//         raw: err\r\n//     });\r\n\r\n//     // ------------------------------\r\n//     // CLASSIFIED ERROR RESPONSES\r\n//     // ------------------------------\r\n\r\n//     if (err instanceof ValidationError) {\r\n//         return res.status(400).json({\r\n//             success: false,\r\n//             error: \"VALIDATION_ERROR\",\r\n//             message: errorMessage\r\n//         });\r\n//     }\r\n\r\n//     if (err instanceof SanitizerError) {\r\n//         return res.status(400).json({\r\n//             success: false,\r\n//             error: \"SANITIZER_ERROR\",\r\n//             message: errorMessage\r\n//         });\r\n//     }\r\n\r\n//     if (err instanceof AdapterError) {\r\n//         return res.status(500).json({\r\n//             success: false,\r\n//             error: \"ADAPTER_ERROR\",\r\n//             message: errorMessage\r\n//         });\r\n//     }\r\n\r\n//     if (err instanceof SecurityError) {\r\n//         return res.status(500).json({\r\n//             success: false,\r\n//             error: \"SECURITY_ERROR\",\r\n//             message: errorMessage\r\n//         });\r\n//     }\r\n\r\n//     // ------------------------------\r\n//     // UNEXPECTED ERROR\r\n//     // ------------------------------\r\n//     return res.status(500).json({\r\n//         success: false,\r\n//         error: \"INTERNAL_SERVER_ERROR\",\r\n//         message: \"An unexpected error occurred in HiSecure middleware.\"\r\n//     });\r\n// }\r\n\r\n\r\n\r\nimport { Request, Response, NextFunction } from \"express\";\r\nimport { logger } from \"../logging\";\r\n\r\nimport { AdapterError } from \"../core/errors/AdapterError.js\";\r\nimport { ValidationError } from \"../core/errors/ValidationError.js\";\r\nimport { SanitizerError } from \"../core/errors/SanitizerError.js\";\r\nimport { SecurityError } from \"../core/errors/SecurityError.js\";\r\nimport { HttpError } from \"../core/errors/HttpErrror.js\";\r\n\r\nexport function errorHandler(\r\n    err: any,\r\n    req: Request,\r\n    res: Response,\r\n    _next: NextFunction\r\n) {\r\n    const message =\r\n        typeof err === \"string\"\r\n            ? err\r\n            : err?.message || \"Unknown error\";\r\n\r\n    const stack =\r\n        err instanceof Error && err.stack\r\n            ? err.stack.split(\"\\n\").slice(0, 2).join(\" | \")\r\n            : undefined;\r\n\r\n    // Unified logging\r\n    logger.error(\"❌ HiSecure Error\", {\r\n        type: err?.name || \"UnknownError\",\r\n        message,\r\n        status: err?.status,\r\n        code: err?.code,\r\n        path: req.path,\r\n        method: req.method,\r\n        stack,\r\n        raw: err,\r\n    });\r\n\r\n    // ---------------------------------------------------\r\n    // 1. HttpError (developer thrown)\r\n    // ---------------------------------------------------\r\n    if (err instanceof HttpError) {\r\n        return res.status(err.status).json({\r\n            success: false,\r\n            error: err.code,\r\n            message: err.message,\r\n            details: err.details || undefined,\r\n        });\r\n    }\r\n\r\n    // ---------------------------------------------------\r\n    // 2. Validation Errors\r\n    // ---------------------------------------------------\r\n    if (err instanceof ValidationError) {\r\n        return res.status(400).json({\r\n            success: false,\r\n            error: \"VALIDATION_ERROR\",\r\n            message,\r\n        });\r\n    }\r\n\r\n    // ---------------------------------------------------\r\n    // 3. Sanitizer Errors\r\n    // ---------------------------------------------------\r\n    if (err instanceof SanitizerError) {\r\n        return res.status(400).json({\r\n            success: false,\r\n            error: \"SANITIZER_ERROR\",\r\n            message,\r\n        });\r\n    }\r\n\r\n    // ---------------------------------------------------\r\n    // 4. Adapter Errors (hashing, rate-limit, sanitizer, validator ...)\r\n    // ---------------------------------------------------\r\n    if (err instanceof AdapterError) {\r\n        return res.status(500).json({\r\n            success: false,\r\n            error: \"ADAPTER_ERROR\",\r\n            message,\r\n        });\r\n    }\r\n\r\n    // ---------------------------------------------------\r\n    // 5. Security Errors (internal library security logic)\r\n    // ---------------------------------------------------\r\n    if (err instanceof SecurityError) {\r\n        return res.status(500).json({\r\n            success: false,\r\n            error: \"SECURITY_ERROR\",\r\n            message,\r\n        });\r\n    }\r\n\r\n    // ---------------------------------------------------\r\n    // 6. Fallback → Unexpected\r\n    // ---------------------------------------------------\r\n    return res.status(500).json({\r\n        success: false,\r\n        error: \"INTERNAL_SERVER_ERROR\",\r\n        message: \"An unexpected error occurred in HiSecure.\",\r\n    });\r\n}\r\n"]}

package/dist/middlewares/index.d.ts

@@ -0,0 +1,3 @@
+export * from "./requestLogger.js";
+export * from "./errorHandler.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/middlewares/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/middlewares/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAC;AACnC,cAAc,mBAAmB,CAAC"}

package/dist/middlewares/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./requestLogger.js"), exports);
+__exportStar(require("./errorHandler.js"), exports);
+//# sourceMappingURL=index.js.map

package/dist/middlewares/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/middlewares/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,qDAAmC;AACnC,oDAAkC","sourcesContent":["export * from \"./requestLogger.js\";\r\nexport * from \"./errorHandler.js\";\r\n"]}

package/dist/middlewares/requestLogger.d.ts

@@ -0,0 +1,2 @@
+export declare function httpLogger(): (req: import("http").IncomingMessage, res: import("http").ServerResponse<import("http").IncomingMessage>, callback: (err?: Error) => void) => void;
+//# sourceMappingURL=requestLogger.d.ts.map

package/dist/middlewares/requestLogger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"requestLogger.d.ts","sourceRoot":"","sources":["../../src/middlewares/requestLogger.ts"],"names":[],"mappings":"AAEA,wBAAgB,UAAU,4HAG6E,CAAC,0BADvG"}

package/dist/middlewares/requestLogger.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.httpLogger = httpLogger;
+const logging_1 = require("../logging");
+function httpLogger() {
+    return logging_1.requestLogger;
+}
+//# sourceMappingURL=requestLogger.js.map

package/dist/middlewares/requestLogger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"requestLogger.js","sourceRoot":"","sources":["../../src/middlewares/requestLogger.ts"],"names":[],"mappings":";;AAEA,gCAEC;AAJD,wCAA2C;AAE3C,SAAgB,UAAU;IACtB,OAAO,uBAAa,CAAC;AACzB,CAAC","sourcesContent":["import { requestLogger } from \"../logging\";\r\n\r\nexport function httpLogger() {\r\n    return requestLogger;\r\n}\r\n"]}

package/dist/test/t1.d.ts

@@ -0,0 +1 @@
+//# sourceMappingURL=t1.d.ts.map

package/dist/test/t1.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"t1.d.ts","sourceRoot":"","sources":["../../src/test/t1.ts"],"names":[],"mappings":""}

package/dist/test/t1.js

@@ -0,0 +1,3 @@
+"use strict";
+// dekhete hai baad mein
+//# sourceMappingURL=t1.js.map

package/dist/test/t1.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"t1.js","sourceRoot":"","sources":["../../src/test/t1.ts"],"names":[],"mappings":";AAAA,wBAAwB","sourcesContent":["// dekhete hai baad mein"]}

package/dist/utils/deepFreeze.d.ts

@@ -0,0 +1,2 @@
+export declare function deepFreeze<T>(obj: T, visited?: WeakSet<object>): T;
+//# sourceMappingURL=deepFreeze.d.ts.map

package/dist/utils/deepFreeze.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"deepFreeze.d.ts","sourceRoot":"","sources":["../../src/utils/deepFreeze.ts"],"names":[],"mappings":"AAwBA,wBAAgB,UAAU,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,OAAO,kBAAgB,GAAG,CAAC,CAmDhE"}

package/dist/utils/deepFreeze.js

@@ -0,0 +1,69 @@
+"use strict";
+// export function deepFreeze<T>(obj: T): T {
+//     // Freeze the top level object
+//     Object.freeze(obj);
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.deepFreeze = deepFreeze;
+//     // Now recursively freeze nested objects
+//     Object.getOwnPropertyNames(obj).forEach((prop) => {
+//         // @ts-ignore
+//         const value = obj[prop];
+//         if (
+//             value &&
+//             (typeof value === "object" || typeof value === "function") &&
+//             !Object.isFrozen(value)
+//         ) {
+//             deepFreeze(value); // recursive freeze
+//         }
+//     });
+//     return obj;
+// }
+function deepFreeze(obj, visited = new WeakSet()) {
+    // Handle primitives and null/undefined
+    if (obj === null || obj === undefined)
+        return obj;
+    if (typeof obj !== 'object' && typeof obj !== 'function')
+        return obj;
+    // Handle circular references
+    if (visited.has(obj))
+        return obj;
+    visited.add(obj);
+    // Don't freeze built-in objects that shouldn't be frozen
+    const constructor = obj.constructor;
+    const builtIns = [Date, RegExp, Map, Set, WeakMap, WeakSet, Promise];
+    if (builtIns.some(builtIn => obj instanceof builtIn)) {
+        return obj;
+    }
+    // Don't freeze functions
+    if (typeof obj === 'function')
+        return obj;
+    // Freeze the object itself
+    Object.freeze(obj);
+    // Freeze array elements
+    if (Array.isArray(obj)) {
+        for (const item of obj) {
+            if (item && typeof item === 'object') {
+                deepFreeze(item, visited);
+            }
+        }
+        return obj;
+    }
+    // Freeze object properties
+    const props = Object.getOwnPropertyNames(obj);
+    for (const prop of props) {
+        const value = obj[prop];
+        if (value && typeof value === 'object') {
+            deepFreeze(value, visited);
+        }
+    }
+    // Freeze symbol properties
+    const symbols = Object.getOwnPropertySymbols(obj);
+    for (const sym of symbols) {
+        const value = obj[sym];
+        if (value && typeof value === 'object') {
+            deepFreeze(value, visited);
+        }
+    }
+    return obj;
+}
+//# sourceMappingURL=deepFreeze.js.map

package/dist/utils/deepFreeze.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"deepFreeze.js","sourceRoot":"","sources":["../../src/utils/deepFreeze.ts"],"names":[],"mappings":";AAAA,6CAA6C;AAC7C,qCAAqC;AACrC,0BAA0B;;AAsB1B,gCAmDC;AAvED,+CAA+C;AAC/C,0DAA0D;AAC1D,wBAAwB;AACxB,mCAAmC;AAEnC,eAAe;AACf,uBAAuB;AACvB,4EAA4E;AAC5E,sCAAsC;AACtC,cAAc;AACd,qDAAqD;AACrD,YAAY;AACZ,UAAU;AAEV,kBAAkB;AAClB,IAAI;AAKJ,SAAgB,UAAU,CAAI,GAAM,EAAE,OAAO,GAAG,IAAI,OAAO,EAAE;IACzD,uCAAuC;IACvC,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS;QAAE,OAAO,GAAG,CAAC;IAClD,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,OAAO,GAAG,KAAK,UAAU;QAAE,OAAO,GAAG,CAAC;IAErE,6BAA6B;IAC7B,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,OAAO,GAAG,CAAC;IACjC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAEjB,yDAAyD;IACzD,MAAM,WAAW,GAAG,GAAG,CAAC,WAAW,CAAC;IACpC,MAAM,QAAQ,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IACrE,IAAI,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,GAAG,YAAY,OAAO,CAAC,EAAE,CAAC;QACnD,OAAO,GAAG,CAAC;IACf,CAAC;IAED,yBAAyB;IACzB,IAAI,OAAO,GAAG,KAAK,UAAU;QAAE,OAAO,GAAG,CAAC;IAE1C,2BAA2B;IAC3B,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAEnB,wBAAwB;IACxB,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACrB,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;YACrB,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACnC,UAAU,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAC9B,CAAC;QACL,CAAC;QACD,OAAO,GAAG,CAAC;IACf,CAAC;IAED,2BAA2B;IAC3B,MAAM,KAAK,GAAG,MAAM,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC;IAC9C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACvB,MAAM,KAAK,GAAI,GAAW,CAAC,IAAI,CAAC,CAAC;QACjC,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YACrC,UAAU,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC/B,CAAC;IACL,CAAC;IAED,2BAA2B;IAC3B,MAAM,OAAO,GAAG,MAAM,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC;IAClD,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;QACxB,MAAM,KAAK,GAAI,GAAW,CAAC,GAAG,CAAC,CAAC;QAChC,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YACrC,UAAU,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC/B,CAAC;IACL,CAAC;IAED,OAAO,GAAG,CAAC;AACf,CAAC","sourcesContent":["// export function deepFreeze<T>(obj: T): T {\r\n//     // Freeze the top level object\r\n//     Object.freeze(obj);\r\n\r\n//     // Now recursively freeze nested objects\r\n//     Object.getOwnPropertyNames(obj).forEach((prop) => {\r\n//         // @ts-ignore\r\n//         const value = obj[prop];\r\n\r\n//         if (\r\n//             value &&\r\n//             (typeof value === \"object\" || typeof value === \"function\") &&\r\n//             !Object.isFrozen(value)\r\n//         ) {\r\n//             deepFreeze(value); // recursive freeze\r\n//         }\r\n//     });\r\n\r\n//     return obj;\r\n// }\r\n\r\n\r\n\r\n\r\nexport function deepFreeze<T>(obj: T, visited = new WeakSet()): T {\r\n    // Handle primitives and null/undefined\r\n    if (obj === null || obj === undefined) return obj;\r\n    if (typeof obj !== 'object' && typeof obj !== 'function') return obj;\r\n    \r\n    // Handle circular references\r\n    if (visited.has(obj)) return obj;\r\n    visited.add(obj);\r\n    \r\n    // Don't freeze built-in objects that shouldn't be frozen\r\n    const constructor = obj.constructor;\r\n    const builtIns = [Date, RegExp, Map, Set, WeakMap, WeakSet, Promise];\r\n    if (builtIns.some(builtIn => obj instanceof builtIn)) {\r\n        return obj;\r\n    }\r\n    \r\n    // Don't freeze functions\r\n    if (typeof obj === 'function') return obj;\r\n    \r\n    // Freeze the object itself\r\n    Object.freeze(obj);\r\n    \r\n    // Freeze array elements\r\n    if (Array.isArray(obj)) {\r\n        for (const item of obj) {\r\n            if (item && typeof item === 'object') {\r\n                deepFreeze(item, visited);\r\n            }\r\n        }\r\n        return obj;\r\n    }\r\n    \r\n    // Freeze object properties\r\n    const props = Object.getOwnPropertyNames(obj);\r\n    for (const prop of props) {\r\n        const value = (obj as any)[prop];\r\n        if (value && typeof value === 'object') {\r\n            deepFreeze(value, visited);\r\n        }\r\n    }\r\n    \r\n    // Freeze symbol properties\r\n    const symbols = Object.getOwnPropertySymbols(obj);\r\n    for (const sym of symbols) {\r\n        const value = (obj as any)[sym];\r\n        if (value && typeof value === 'object') {\r\n            deepFreeze(value, visited);\r\n        }\r\n    }\r\n    \r\n    return obj;\r\n}"]}

package/dist/utils/deepMerge.d.ts

@@ -0,0 +1,5 @@
+export declare function deepMerge<T extends object, U extends Partial<T>>(target: T, source: U, options?: {
+    mergeArrays?: boolean;
+    skipUndefined?: boolean;
+}): T & U;
+//# sourceMappingURL=deepMerge.d.ts.map

package/dist/utils/deepMerge.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"deepMerge.d.ts","sourceRoot":"","sources":["../../src/utils/deepMerge.ts"],"names":[],"mappings":"AA6BA,wBAAgB,SAAS,CAAC,CAAC,SAAS,MAAM,EAAE,CAAC,SAAS,OAAO,CAAC,CAAC,CAAC,EAC5D,MAAM,EAAE,CAAC,EACT,MAAM,EAAE,CAAC,EACT,OAAO,GAAE;IAAE,WAAW,CAAC,EAAE,OAAO,CAAC;IAAC,aAAa,CAAC,EAAE,OAAO,CAAA;CAAO,GACjE,CAAC,GAAG,CAAC,CAqDP"}

package/dist/utils/deepMerge.js

@@ -0,0 +1,68 @@
+"use strict";
+// export function deepMerge<T>(target: T, source: Partial<T>): T {
+//   if (!source) return target;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.deepMerge = deepMerge;
+//   const output: any = Array.isArray(target) ? [...(target as any)] : { ...(target as any) };
+//   for (const key of Object.keys(source) as Array<keyof typeof source>) {
+//     const sourceValue = (source as any)[key];
+//     const targetValue = (target as any)[key];
+//     const shouldRecurse =
+//       sourceValue &&
+//       typeof sourceValue === "object" &&
+//       !Array.isArray(sourceValue) &&
+//       targetValue &&
+//       typeof targetValue === "object";
+//     if (shouldRecurse) {
+//       output[key] = deepMerge(targetValue, sourceValue);
+//     } else {
+//       output[key] = sourceValue;
+//     }
+//   }
+//   return output;
+// }
+function deepMerge(target, source, options = {}) {
+    const { mergeArrays = false, skipUndefined = true } = options;
+    if (!source || typeof source !== 'object') {
+        return target;
+    }
+    const output = Array.isArray(target)
+        ? [...target]
+        : { ...target };
+    for (const key in source) {
+        if (!source.hasOwnProperty(key))
+            continue;
+        const sourceValue = source[key];
+        const targetValue = target[key];
+        // Skip undefined values if configured
+        if (skipUndefined && sourceValue === undefined)
+            continue;
+        // Handle null explicitly
+        if (sourceValue === null) {
+            output[key] = null;
+            continue;
+        }
+        // Merge arrays if option enabled
+        if (mergeArrays && Array.isArray(targetValue) && Array.isArray(sourceValue)) {
+            output[key] = [...targetValue, ...sourceValue];
+            continue;
+        }
+        // Recursive merge for plain objects
+        if (sourceValue && typeof sourceValue === 'object' &&
+            targetValue && typeof targetValue === 'object' &&
+            !Array.isArray(sourceValue) && !Array.isArray(targetValue) &&
+            sourceValue.constructor === Object && targetValue.constructor === Object) {
+            output[key] = deepMerge(targetValue, sourceValue, options);
+            continue;
+        }
+        // Overwrite for everything else
+        output[key] = sourceValue;
+    }
+    // Handle symbol properties
+    const symbols = Object.getOwnPropertySymbols(source);
+    for (const sym of symbols) {
+        output[sym] = source[sym];
+    }
+    return output;
+}
+//# sourceMappingURL=deepMerge.js.map

package/dist/utils/deepMerge.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"deepMerge.js","sourceRoot":"","sources":["../../src/utils/deepMerge.ts"],"names":[],"mappings":";AAAA,mEAAmE;AACnE,gCAAgC;;AA4BhC,8BAyDC;AAnFD,+FAA+F;AAE/F,2EAA2E;AAC3E,gDAAgD;AAChD,gDAAgD;AAEhD,4BAA4B;AAC5B,uBAAuB;AACvB,2CAA2C;AAC3C,uCAAuC;AACvC,uBAAuB;AACvB,yCAAyC;AAEzC,2BAA2B;AAC3B,2DAA2D;AAC3D,eAAe;AACf,mCAAmC;AACnC,QAAQ;AACR,MAAM;AAEN,mBAAmB;AACnB,IAAI;AAKJ,SAAgB,SAAS,CACrB,MAAS,EACT,MAAS,EACT,UAA8D,EAAE;IAEhE,MAAM,EAAE,WAAW,GAAG,KAAK,EAAE,aAAa,GAAG,IAAI,EAAE,GAAG,OAAO,CAAC;IAE9D,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QACxC,OAAO,MAAe,CAAC;IAC3B,CAAC;IAED,MAAM,MAAM,GAAQ,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;QACrC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;QACb,CAAC,CAAC,EAAE,GAAG,MAAM,EAAE,CAAC;IAEpB,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;QACvB,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC;YAAE,SAAS;QAE1C,MAAM,WAAW,GAAI,MAAc,CAAC,GAAG,CAAC,CAAC;QACzC,MAAM,WAAW,GAAI,MAAc,CAAC,GAAG,CAAC,CAAC;QAEzC,sCAAsC;QACtC,IAAI,aAAa,IAAI,WAAW,KAAK,SAAS;YAAE,SAAS;QAEzD,yBAAyB;QACzB,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;YACvB,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;YACnB,SAAS;QACb,CAAC;QAED,iCAAiC;QACjC,IAAI,WAAW,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;YAC1E,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,WAAW,EAAE,GAAG,WAAW,CAAC,CAAC;YAC/C,SAAS;QACb,CAAC;QAED,oCAAoC;QACpC,IAAI,WAAW,IAAI,OAAO,WAAW,KAAK,QAAQ;YAC9C,WAAW,IAAI,OAAO,WAAW,KAAK,QAAQ;YAC9C,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC;YAC1D,WAAW,CAAC,WAAW,KAAK,MAAM,IAAI,WAAW,CAAC,WAAW,KAAK,MAAM,EAAE,CAAC;YAE3E,MAAM,CAAC,GAAG,CAAC,GAAG,SAAS,CAAC,WAAW,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;YAC3D,SAAS;QACb,CAAC;QAED,gCAAgC;QAChC,MAAM,CAAC,GAAG,CAAC,GAAG,WAAW,CAAC;IAC9B,CAAC;IAED,2BAA2B;IAC3B,MAAM,OAAO,GAAG,MAAM,CAAC,qBAAqB,CAAC,MAAM,CAAC,CAAC;IACrD,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;QACxB,MAAM,CAAC,GAAG,CAAC,GAAI,MAAc,CAAC,GAAG,CAAC,CAAC;IACvC,CAAC;IAED,OAAO,MAAe,CAAC;AAC3B,CAAC","sourcesContent":["// export function deepMerge<T>(target: T, source: Partial<T>): T {\r\n//   if (!source) return target;\r\n\r\n//   const output: any = Array.isArray(target) ? [...(target as any)] : { ...(target as any) };\r\n\r\n//   for (const key of Object.keys(source) as Array<keyof typeof source>) {\r\n//     const sourceValue = (source as any)[key];\r\n//     const targetValue = (target as any)[key];\r\n\r\n//     const shouldRecurse =\r\n//       sourceValue &&\r\n//       typeof sourceValue === \"object\" &&\r\n//       !Array.isArray(sourceValue) &&\r\n//       targetValue &&\r\n//       typeof targetValue === \"object\";\r\n\r\n//     if (shouldRecurse) {\r\n//       output[key] = deepMerge(targetValue, sourceValue);\r\n//     } else {\r\n//       output[key] = sourceValue;\r\n//     }\r\n//   }\r\n\r\n//   return output;\r\n// }\r\n\r\n\r\n\r\n\r\nexport function deepMerge<T extends object, U extends Partial<T>>(\r\n    target: T,\r\n    source: U,\r\n    options: { mergeArrays?: boolean; skipUndefined?: boolean } = {}\r\n): T & U {\r\n    const { mergeArrays = false, skipUndefined = true } = options;\r\n    \r\n    if (!source || typeof source !== 'object') {\r\n        return target as T & U;\r\n    }\r\n    \r\n    const output: any = Array.isArray(target) \r\n        ? [...target] \r\n        : { ...target };\r\n    \r\n    for (const key in source) {\r\n        if (!source.hasOwnProperty(key)) continue;\r\n        \r\n        const sourceValue = (source as any)[key];\r\n        const targetValue = (target as any)[key];\r\n        \r\n        // Skip undefined values if configured\r\n        if (skipUndefined && sourceValue === undefined) continue;\r\n        \r\n        // Handle null explicitly\r\n        if (sourceValue === null) {\r\n            output[key] = null;\r\n            continue;\r\n        }\r\n        \r\n        // Merge arrays if option enabled\r\n        if (mergeArrays && Array.isArray(targetValue) && Array.isArray(sourceValue)) {\r\n            output[key] = [...targetValue, ...sourceValue];\r\n            continue;\r\n        }\r\n        \r\n        // Recursive merge for plain objects\r\n        if (sourceValue && typeof sourceValue === 'object' &&\r\n            targetValue && typeof targetValue === 'object' &&\r\n            !Array.isArray(sourceValue) && !Array.isArray(targetValue) &&\r\n            sourceValue.constructor === Object && targetValue.constructor === Object) {\r\n            \r\n            output[key] = deepMerge(targetValue, sourceValue, options);\r\n            continue;\r\n        }\r\n        \r\n        // Overwrite for everything else\r\n        output[key] = sourceValue;\r\n    }\r\n    \r\n    // Handle symbol properties\r\n    const symbols = Object.getOwnPropertySymbols(source);\r\n    for (const sym of symbols) {\r\n        output[sym] = (source as any)[sym];\r\n    }\r\n    \r\n    return output as T & U;\r\n}"]}

package/dist/utils/normalizeOptions.d.ts

@@ -0,0 +1,38 @@
+import { SecureOptions, // ✅ ADD THIS
+RateLimitOptions, // ✅ ADD THIS  
+SanitizeOptions } from "../core/types/SecureOptions.js";
+export interface NormalizedOptions {
+    cors: {
+        enabled: boolean;
+        options?: object;
+    };
+    rateLimit: {
+        enabled: boolean;
+        mode?: "strict" | "relaxed";
+        options?: RateLimitOptions;
+    };
+    sanitize: {
+        enabled: boolean;
+        options?: SanitizeOptions;
+    };
+    validate: {
+        enabled: boolean;
+        schema?: any;
+    };
+    json: {
+        enabled: boolean;
+        options?: object;
+    };
+    auth: {
+        enabled: boolean;
+        required: boolean;
+        roles?: string[];
+    };
+    compression: {
+        enabled: boolean;
+        options?: object;
+    };
+}
+export declare function normalizeOptions(input?: SecureOptions | false): NormalizedOptions;
+export declare function getPresetOptions(preset: 'api' | 'strict' | 'public'): NormalizedOptions;
+//# sourceMappingURL=normalizeOptions.d.ts.map

package/dist/utils/normalizeOptions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"normalizeOptions.d.ts","sourceRoot":"","sources":["../../src/utils/normalizeOptions.ts"],"names":[],"mappings":"AAqHA,OAAO,EACH,aAAa,EACO,aAAa;AACjC,gBAAgB,EAAI,eAAe;AACnC,eAAe,EAClB,MAAM,gCAAgC,CAAC;AAExC,MAAM,WAAW,iBAAiB;IAC9B,IAAI,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAC7C,SAAS,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,IAAI,CAAC,EAAE,QAAQ,GAAG,SAAS,CAAC;QAAC,OAAO,CAAC,EAAE,gBAAgB,CAAA;KAAE,CAAC;IACzF,QAAQ,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,OAAO,CAAC,EAAE,eAAe,CAAA;KAAE,CAAC;IAC1D,QAAQ,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,GAAG,CAAA;KAAE,CAAC;IAC7C,IAAI,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAC7C,IAAI,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,QAAQ,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;IAChE,WAAW,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CACvD;AAED,wBAAgB,gBAAgB,CAAC,KAAK,CAAC,EAAE,aAAa,GAAG,KAAK,GAAG,iBAAiB,CA6CjF;AAqDD,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,KAAK,GAAG,QAAQ,GAAG,QAAQ,GAAG,iBAAiB,CAgCvF"}

package/dist/utils/normalizeOptions.js

@@ -0,0 +1,119 @@
+"use strict";
+// import { SecureOptions } from "../core/types/SecureOptions.js";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.normalizeOptions = normalizeOptions;
+exports.getPresetOptions = getPresetOptions;
+function normalizeOptions(input) {
+    if (input === false) {
+        return {
+            cors: { enabled: false },
+            rateLimit: { enabled: false },
+            sanitize: { enabled: false },
+            validate: { enabled: false },
+            json: { enabled: false },
+            auth: { enabled: false, required: false },
+            compression: { enabled: false }
+        };
+    }
+    const opts = input || {};
+    return {
+        cors: {
+            enabled: opts.cors === undefined ? true : opts.cors !== false,
+            options: typeof opts.cors === "object" ? opts.cors : undefined
+        },
+        rateLimit: normalizeRateLimit(opts.rateLimit),
+        sanitize: {
+            enabled: opts.sanitize === undefined ? true : opts.sanitize !== false,
+            options: typeof opts.sanitize === "object" ? opts.sanitize : undefined
+        },
+        validate: {
+            enabled: !!opts.validate,
+            schema: opts.validate || undefined
+        },
+        json: {
+            enabled: opts.json === undefined ? true : opts.json !== false,
+            options: typeof opts.json === "object" ? opts.json : undefined
+        },
+        auth: normalizeAuth(opts.auth),
+        compression: {
+            enabled: opts.compression === undefined ? true : opts.compression !== false,
+            options: typeof opts.compression === "object" ? opts.compression : undefined
+        }
+    };
+}
+function normalizeRateLimit(value) {
+    if (value === false)
+        return { enabled: false };
+    if (value === "strict") {
+        return {
+            enabled: true,
+            mode: "strict",
+            options: { max: 5, windowMs: 10000 }
+        };
+    }
+    if (value === "relaxed") {
+        return {
+            enabled: true,
+            mode: "relaxed",
+            options: { max: 100, windowMs: 60000 }
+        };
+    }
+    if (typeof value === "object") {
+        const val = value;
+        const { mode, ...options } = val;
+        return {
+            enabled: true,
+            mode: (mode === "strict" || mode === "relaxed") ? mode : undefined,
+            options
+        };
+    }
+    return { enabled: true };
+}
+function normalizeAuth(value) {
+    if (value === false) {
+        return { enabled: false, required: false };
+    }
+    if (value === true || value === undefined) {
+        return { enabled: true, required: true };
+    }
+    const authOptions = value;
+    const enabled = authOptions.required !== false;
+    return {
+        enabled,
+        required: enabled,
+        roles: authOptions.roles
+    };
+}
+function getPresetOptions(preset) {
+    const presets = {
+        api: {
+            cors: { enabled: true, options: { origin: '*' } },
+            rateLimit: { enabled: true, mode: 'relaxed' },
+            sanitize: { enabled: true },
+            validate: { enabled: false },
+            json: { enabled: true },
+            auth: { enabled: false, required: false },
+            compression: { enabled: true }
+        },
+        strict: {
+            cors: { enabled: true, options: { origin: process.env.ALLOWED_ORIGIN || '*' } },
+            rateLimit: { enabled: true, mode: 'strict' },
+            sanitize: { enabled: true },
+            validate: { enabled: true },
+            json: { enabled: true },
+            auth: { enabled: true, required: true },
+            compression: { enabled: true }
+        },
+        public: {
+            cors: { enabled: true, options: { origin: '*' } },
+            rateLimit: { enabled: true },
+            sanitize: { enabled: false },
+            validate: { enabled: false },
+            json: { enabled: true },
+            auth: { enabled: false, required: false },
+            compression: { enabled: true }
+        }
+    };
+    return presets[preset] || presets.api;
+}
+//# sourceMappingURL=normalizeOptions.js.map

package/dist/utils/normalizeOptions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"normalizeOptions.js","sourceRoot":"","sources":["../../src/utils/normalizeOptions.ts"],"names":[],"mappings":";AACA,kEAAkE;;AAqIlE,4CA6CC;AAqDD,4CAgCC;AAlID,SAAgB,gBAAgB,CAAC,KAA6B;IAC1D,IAAI,KAAK,KAAK,KAAK,EAAE,CAAC;QAClB,OAAO;YACH,IAAI,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;YACxB,SAAS,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;YAC7B,QAAQ,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;YAC5B,QAAQ,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;YAC5B,IAAI,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;YACxB,IAAI,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE;YACzC,WAAW,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;SAClC,CAAC;IACN,CAAC;IAED,MAAM,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;IAEzB,OAAO;QACH,IAAI,EAAE;YACF,OAAO,EAAE,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK;YAC7D,OAAO,EAAE,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;SACjE;QAED,SAAS,EAAE,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC;QAE7C,QAAQ,EAAE;YACN,OAAO,EAAE,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,KAAK;YACrE,OAAO,EAAE,OAAO,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;SACzE;QAED,QAAQ,EAAE;YACN,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ;YACxB,MAAM,EAAE,IAAI,CAAC,QAAQ,IAAI,SAAS;SACrC;QAED,IAAI,EAAE;YACF,OAAO,EAAE,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK;YAC7D,OAAO,EAAE,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;SACjE;QAED,IAAI,EAAE,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC;QAE9B,WAAW,EAAE;YACT,OAAO,EAAE,IAAI,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,KAAK,KAAK;YAC3E,OAAO,EAAE,OAAO,IAAI,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;SAC/E;KACJ,CAAC;AACN,CAAC;AAED,SAAS,kBAAkB,CAAC,KAAiC;IACzD,IAAI,KAAK,KAAK,KAAK;QAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAE/C,IAAI,KAAK,KAAK,QAAQ,EAAE,CAAC;QACrB,OAAO;YACH,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,QAAQ;YACd,OAAO,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE;SACvC,CAAC;IACN,CAAC;IAED,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACtB,OAAO;YACH,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,SAAS;YACf,OAAO,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE;SACzC,CAAC;IACN,CAAC;IAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC5B,MAAM,GAAG,GAAG,KAAyB,CAAC;QACtC,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,EAAE,GAAG,GAAG,CAAC;QACjC,OAAO;YACH,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,CAAC,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;YAClE,OAAO;SACV,CAAC;IACN,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AAC7B,CAAC;AAED,SAAS,aAAa,CAAC,KAA4B;IAC/C,IAAI,KAAK,KAAK,KAAK,EAAE,CAAC;QAClB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC/C,CAAC;IAED,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACxC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC7C,CAAC;IAED,MAAM,WAAW,GAAG,KAAoB,CAAC;IACzC,MAAM,OAAO,GAAG,WAAW,CAAC,QAAQ,KAAK,KAAK,CAAC;IAE/C,OAAO;QACH,OAAO;QACP,QAAQ,EAAE,OAAO;QACjB,KAAK,EAAE,WAAW,CAAC,KAAK;KAC3B,CAAC;AACN,CAAC;AAED,SAAgB,gBAAgB,CAAC,MAAmC;IAChE,MAAM,OAAO,GAAG;QACZ,GAAG,EAAE;YACD,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE;YACjD,SAAS,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,SAAkB,EAAE;YACtD,QAAQ,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;YAC3B,QAAQ,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;YAC5B,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;YACvB,IAAI,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE;YACzC,WAAW,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;SACjC;QACD,MAAM,EAAE;YACJ,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,GAAG,EAAE,EAAE;YAC/E,SAAS,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,QAAiB,EAAE;YACrD,QAAQ,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;YAC3B,QAAQ,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;YAC3B,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;YACvB,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE;YACvC,WAAW,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;SACjC;QACD,MAAM,EAAE;YACJ,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE;YACjD,SAAS,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;YAC5B,QAAQ,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;YAC5B,QAAQ,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE;YAC5B,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;YACvB,IAAI,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE;YACzC,WAAW,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE;SACjC;KACJ,CAAC;IAEF,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC;AAC1C,CAAC","sourcesContent":["\r\n// import { SecureOptions } from \"../core/types/SecureOptions.js\";\r\n\r\n// export interface NormalizedOptions {\r\n//     cors: { enabled: boolean; options?: any };\r\n//     rateLimit: { enabled: boolean; mode?: \"strict\" | \"relaxed\" | undefined; options?: any };\r\n//     sanitize: { enabled: boolean };\r\n//     validate: { enabled: boolean; schema?: any };\r\n//     json: { enabled: boolean; options?: any };\r\n\r\n//     /** NEW */\r\n//     auth: { enabled: boolean; required: boolean };\r\n// }\r\n\r\n// export function normalizeOptions(input?: SecureOptions | false): NormalizedOptions {\r\n//     if (input === false) {\r\n//         return {\r\n//             cors: { enabled: false },\r\n//             rateLimit: { enabled: false, mode: undefined, options: undefined },\r\n//             sanitize: { enabled: false },\r\n//             validate: { enabled: false },\r\n//             json: { enabled: false },\r\n//             auth: { enabled: false, required: true }\r\n//         };\r\n//     }\r\n\r\n//     const opts = input || {};\r\n\r\n//     return {\r\n//         cors: {\r\n//             enabled: opts.cors === undefined ? true : opts.cors !== false,\r\n//             options: typeof opts.cors === \"object\" ? opts.cors : undefined\r\n//         },\r\n\r\n//         rateLimit: normalizeRateLimit(opts.rateLimit),\r\n\r\n//         sanitize: {\r\n//             enabled: opts.sanitize === undefined ? true : opts.sanitize !== false\r\n//         },\r\n\r\n//         validate: {\r\n//             enabled: !!opts.validate,\r\n//             schema: opts.validate || undefined\r\n//         },\r\n\r\n//         json: {\r\n//             enabled: opts.json === undefined ? true : opts.json !== false,\r\n//             options: typeof opts.json === \"object\" ? opts.json : undefined\r\n//         },\r\n\r\n//         auth: normalizeAuth(opts.auth)\r\n//     };\r\n// }\r\n\r\n// // ---------------------------------------------------------------\r\n// // RATE LIMIT — EXACT TYPES, NO TS ERROR\r\n// // ---------------------------------------------------------------\r\n// function normalizeRateLimit(value: SecureOptions[\"rateLimit\"]): {\r\n//     enabled: boolean;\r\n//     mode?: \"strict\" | \"relaxed\" | undefined;\r\n//     options?: any;\r\n// } {\r\n//     if (value === false) {\r\n//         return { enabled: false, mode: undefined, options: undefined };\r\n//     }\r\n\r\n//     if (value === \"strict\") {\r\n//         return {\r\n//             enabled: true,\r\n//             mode: \"strict\",\r\n//             options: { max: 5, windowMs: 10000 }\r\n//         };\r\n//     }\r\n\r\n//     if (value === \"relaxed\") {\r\n//         return {\r\n//             enabled: true,\r\n//             mode: \"relaxed\",\r\n//             options: { max: 100, windowMs: 60000 }\r\n//         };\r\n//     }\r\n\r\n//     if (typeof value === \"object\") {\r\n//         return {\r\n//             enabled: true,\r\n//             mode: undefined,   // VERY IMPORTANT!\r\n//             options: value\r\n//         };\r\n//     }\r\n\r\n//     // Default → enabled and optional fields omitted\r\n//     return {\r\n//         enabled: true,\r\n//         mode: undefined,\r\n//         options: undefined\r\n//     };\r\n// }\r\n\r\n// // ---------------------------------------------------------------\r\n// // AUTH NORMALIZER — EXACT FOR useSecure\r\n// // ---------------------------------------------------------------\r\n// function normalizeAuth(value: SecureOptions[\"auth\"]) {\r\n//     if (value === false) return { enabled: false, required: true };\r\n\r\n//     if (value === true || value === undefined)\r\n//         return { enabled: true, required: true };\r\n\r\n//     return {\r\n//         enabled: true,\r\n//         required: value.required !== false\r\n//     };\r\n// }\r\n\r\n\r\n\r\n\r\n// src/utils/normalizeOptions.ts\r\nimport { \r\n    SecureOptions,\r\n    AuthOptions,        // ✅ ADD THIS\r\n    RateLimitOptions,   // ✅ ADD THIS  \r\n    SanitizeOptions     // ✅ ADD THIS\r\n} from \"../core/types/SecureOptions.js\";\r\n\r\nexport interface NormalizedOptions {\r\n    cors: { enabled: boolean; options?: object };\r\n    rateLimit: { enabled: boolean; mode?: \"strict\" | \"relaxed\"; options?: RateLimitOptions };\r\n    sanitize: { enabled: boolean; options?: SanitizeOptions };\r\n    validate: { enabled: boolean; schema?: any };\r\n    json: { enabled: boolean; options?: object };\r\n    auth: { enabled: boolean; required: boolean; roles?: string[] };\r\n    compression: { enabled: boolean; options?: object };\r\n}\r\n\r\nexport function normalizeOptions(input?: SecureOptions | false): NormalizedOptions {\r\n    if (input === false) {\r\n        return {\r\n            cors: { enabled: false },\r\n            rateLimit: { enabled: false },\r\n            sanitize: { enabled: false },\r\n            validate: { enabled: false },\r\n            json: { enabled: false },\r\n            auth: { enabled: false, required: false },\r\n            compression: { enabled: false }\r\n        };\r\n    }\r\n\r\n    const opts = input || {};\r\n\r\n    return {\r\n        cors: {\r\n            enabled: opts.cors === undefined ? true : opts.cors !== false,\r\n            options: typeof opts.cors === \"object\" ? opts.cors : undefined\r\n        },\r\n\r\n        rateLimit: normalizeRateLimit(opts.rateLimit),\r\n\r\n        sanitize: {\r\n            enabled: opts.sanitize === undefined ? true : opts.sanitize !== false,\r\n            options: typeof opts.sanitize === \"object\" ? opts.sanitize : undefined\r\n        },\r\n\r\n        validate: {\r\n            enabled: !!opts.validate,\r\n            schema: opts.validate || undefined\r\n        },\r\n\r\n        json: {\r\n            enabled: opts.json === undefined ? true : opts.json !== false,\r\n            options: typeof opts.json === \"object\" ? opts.json : undefined\r\n        },\r\n\r\n        auth: normalizeAuth(opts.auth),\r\n\r\n        compression: {\r\n            enabled: opts.compression === undefined ? true : opts.compression !== false,\r\n            options: typeof opts.compression === \"object\" ? opts.compression : undefined\r\n        }\r\n    };\r\n}\r\n\r\nfunction normalizeRateLimit(value: SecureOptions[\"rateLimit\"]): NormalizedOptions[\"rateLimit\"] {\r\n    if (value === false) return { enabled: false };\r\n    \r\n    if (value === \"strict\") {\r\n        return {\r\n            enabled: true,\r\n            mode: \"strict\",\r\n            options: { max: 5, windowMs: 10000 }\r\n        };\r\n    }\r\n    \r\n    if (value === \"relaxed\") {\r\n        return {\r\n            enabled: true,\r\n            mode: \"relaxed\",\r\n            options: { max: 100, windowMs: 60000 }\r\n        };\r\n    }\r\n    \r\n    if (typeof value === \"object\") {\r\n        const val = value as RateLimitOptions;\r\n        const { mode, ...options } = val;\r\n        return {\r\n            enabled: true,\r\n            mode: (mode === \"strict\" || mode === \"relaxed\") ? mode : undefined,\r\n            options\r\n        };\r\n    }\r\n    \r\n    return { enabled: true };\r\n}\r\n\r\nfunction normalizeAuth(value: SecureOptions[\"auth\"]): NormalizedOptions[\"auth\"] {\r\n    if (value === false) {\r\n        return { enabled: false, required: false };\r\n    }\r\n    \r\n    if (value === true || value === undefined) {\r\n        return { enabled: true, required: true };\r\n    }\r\n    \r\n    const authOptions = value as AuthOptions;\r\n    const enabled = authOptions.required !== false;\r\n    \r\n    return {\r\n        enabled,\r\n        required: enabled,\r\n        roles: authOptions.roles\r\n    };\r\n}\r\n\r\nexport function getPresetOptions(preset: 'api' | 'strict' | 'public'): NormalizedOptions {\r\n    const presets = {\r\n        api: {\r\n            cors: { enabled: true, options: { origin: '*' } },\r\n            rateLimit: { enabled: true, mode: 'relaxed' as const },\r\n            sanitize: { enabled: true },\r\n            validate: { enabled: false },\r\n            json: { enabled: true },\r\n            auth: { enabled: false, required: false },\r\n            compression: { enabled: true }\r\n        },\r\n        strict: {\r\n            cors: { enabled: true, options: { origin: process.env.ALLOWED_ORIGIN || '*' } },\r\n            rateLimit: { enabled: true, mode: 'strict' as const },\r\n            sanitize: { enabled: true },\r\n            validate: { enabled: true },\r\n            json: { enabled: true },\r\n            auth: { enabled: true, required: true },\r\n            compression: { enabled: true }\r\n        },\r\n        public: {\r\n            cors: { enabled: true, options: { origin: '*' } },\r\n            rateLimit: { enabled: true },\r\n            sanitize: { enabled: false },\r\n            validate: { enabled: false },\r\n            json: { enabled: true },\r\n            auth: { enabled: false, required: false },\r\n            compression: { enabled: true }\r\n        }\r\n    };\r\n    \r\n    return presets[preset] || presets.api;\r\n}"]}

package/package.json

@@ -0,0 +1,50 @@
+{
+    "name": "hi-secure",
+    "version": "1.0.0",
+    "main": "dist/index.js",
+    "types": "dist/index.d.ts",
+    "scripts": {
+        "build": "tsc",
+        "dev": "tsx watch src/index.ts",
+        "start": "node dist/index.js"
+    },
+    "peerDependencies": {
+        "express": "^4.17.0 || ^5.0.0"
+    },
+    "dependencies": {
+        "argon2": "^0.44.0",
+        "bcryptjs": "^3.0.3",
+        "compression": "^1.8.1",
+        "cors": "^2.8.5",
+        "express-rate-limit": "^8.2.1",
+        "express-validator": "^7.3.1",
+        "google-auth-library": "^10.5.0",
+        "helmet": "^8.1.0",
+        "hpp": "^0.2.3",
+        "jsonwebtoken": "^9.0.3",
+        "morgan": "^1.10.1",
+        "nanoid": "^5.1.6",
+        "qs": "^6.14.0",
+        "rate-limiter-flexible": "^9.0.0",
+        "sanitize-html": "^2.17.0",
+        "uuid": "^13.0.0",
+        "winston": "^3.18.3",
+        "xss": "^1.0.15",
+        "zod": "^4.1.13"
+    },
+    "devDependencies": {
+        "@types/compression": "^1.8.1",
+        "@types/cors": "^2.8.19",
+        "@types/express": "^5.0.6",
+        "@types/hpp": "^0.2.7",
+        "@types/jsonwebtoken": "^9.0.10",
+        "@types/morgan": "^1.9.10",
+        "@types/node": "^24.10.1",
+        "@types/sanitize-html": "^2.16.0",
+        "@types/uuid": "^10.0.0",
+        "@types/winston": "^3.18.0",
+        "express": "^5.2.1",
+        "tsx": "^4.19.3",
+        "typescript": "^5.9.3"
+    }
+}