npm - hi-secure - Versions diffs - 1.0.6 → 1.0.10 - Mend

hi-secure 1.0.6 → 1.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (101) hide show

package/dist/adapters/ArgonAdapter.js +1 -1
package/dist/adapters/ArgonAdapter.js.map +1 -1
package/dist/adapters/ExpressRLAdapter.d.ts.map +1 -1
package/dist/adapters/ExpressRLAdapter.js +1 -2
package/dist/adapters/ExpressRLAdapter.js.map +1 -1
package/dist/adapters/ExpressValidatorAdapter.d.ts.map +1 -1
package/dist/adapters/ExpressValidatorAdapter.js +1 -39
package/dist/adapters/ExpressValidatorAdapter.js.map +1 -1
package/dist/adapters/GoogleAdapter.d.ts.map +1 -1
package/dist/adapters/GoogleAdapter.js +0 -101
package/dist/adapters/GoogleAdapter.js.map +1 -1
package/dist/adapters/JWTAdapter.d.ts.map +1 -1
package/dist/adapters/JWTAdapter.js +3 -210
package/dist/adapters/JWTAdapter.js.map +1 -1
package/dist/adapters/RLFlexibleAdapter.d.ts.map +1 -1
package/dist/adapters/RLFlexibleAdapter.js +0 -52
package/dist/adapters/RLFlexibleAdapter.js.map +1 -1
package/dist/adapters/SanitizeHtmlAdapter.d.ts +0 -3
package/dist/adapters/SanitizeHtmlAdapter.d.ts.map +1 -1
package/dist/adapters/SanitizeHtmlAdapter.js +2 -71
package/dist/adapters/SanitizeHtmlAdapter.js.map +1 -1
package/dist/adapters/XSSAdapter.d.ts +0 -10
package/dist/adapters/XSSAdapter.d.ts.map +1 -1
package/dist/adapters/XSSAdapter.js +2 -19
package/dist/adapters/XSSAdapter.js.map +1 -1
package/dist/adapters/ZodAdapter.d.ts.map +1 -1
package/dist/adapters/ZodAdapter.js +2 -6
package/dist/adapters/ZodAdapter.js.map +1 -1
package/dist/core/HiSecure.d.ts +15 -2
package/dist/core/HiSecure.d.ts.map +1 -1
package/dist/core/HiSecure.js +130 -37
package/dist/core/HiSecure.js.map +1 -1
package/dist/core/useSecure.d.ts +4 -0
package/dist/core/useSecure.d.ts.map +1 -1
package/dist/core/useSecure.js +19 -114
package/dist/core/useSecure.js.map +1 -1
package/dist/index.d.ts +4 -4
package/dist/index.d.ts.map +1 -1
package/dist/index.js +6 -19
package/dist/index.js.map +1 -1
package/dist/managers/AuthManager.d.ts.map +1 -1
package/dist/managers/AuthManager.js +1 -89
package/dist/managers/AuthManager.js.map +1 -1
package/dist/managers/CorsManager.d.ts.map +1 -1
package/dist/managers/CorsManager.js +1 -19
package/dist/managers/CorsManager.js.map +1 -1
package/dist/managers/HashManager.d.ts.map +1 -1
package/dist/managers/HashManager.js +0 -243
package/dist/managers/HashManager.js.map +1 -1
package/dist/managers/JsonManager.d.ts.map +1 -1
package/dist/managers/JsonManager.js +1 -77
package/dist/managers/JsonManager.js.map +1 -1
package/dist/managers/RateLimitManager.d.ts.map +1 -1
package/dist/managers/RateLimitManager.js +3 -17
package/dist/managers/RateLimitManager.js.map +1 -1
package/dist/managers/SanitizerManager.d.ts +0 -6
package/dist/managers/SanitizerManager.d.ts.map +1 -1
package/dist/managers/SanitizerManager.js +1 -213
package/dist/managers/SanitizerManager.js.map +1 -1
package/dist/managers/ValidatorManager.d.ts.map +1 -1
package/dist/managers/ValidatorManager.js +1 -109
package/dist/managers/ValidatorManager.js.map +1 -1
package/dist/middlewares/errorHandler.d.ts.map +1 -1
package/dist/middlewares/errorHandler.js +0 -19
package/dist/middlewares/errorHandler.js.map +1 -1
package/dist/utils/deepFreeze.d.ts.map +1 -1
package/dist/utils/deepFreeze.js +0 -25
package/dist/utils/deepFreeze.js.map +1 -1
package/dist/utils/deepMerge.d.ts.map +1 -1
package/dist/utils/deepMerge.js +0 -26
package/dist/utils/deepMerge.js.map +1 -1
package/dist/utils/normalizeOptions.d.ts +1 -3
package/dist/utils/normalizeOptions.d.ts.map +1 -1
package/dist/utils/normalizeOptions.js +0 -1
package/dist/utils/normalizeOptions.js.map +1 -1
package/package.json +1 -1
package/src/adapters/ArgonAdapter.ts +1 -1
package/src/adapters/ExpressRLAdapter.ts +1 -2
package/src/adapters/ExpressValidatorAdapter.ts +1 -54
package/src/adapters/GoogleAdapter.ts +0 -129
package/src/adapters/JWTAdapter.ts +5 -259
package/src/adapters/RLFlexibleAdapter.ts +2 -65
package/src/adapters/SanitizeHtmlAdapter.ts +3 -87
package/src/adapters/XSSAdapter.ts +11 -19
package/src/adapters/ZodAdapter.ts +2 -51
package/src/core/HiSecure.ts +25 -36
package/src/core/useSecure.ts +5 -7
package/src/index.ts +4 -5
package/src/managers/AuthManager.ts +5 -109
package/src/managers/CorsManager.ts +1 -25
package/src/managers/HashManager.ts +0 -286
package/src/managers/JsonManager.ts +1 -91
package/src/managers/RateLimitManager.ts +3 -262
package/src/managers/SanitizerManager.ts +4 -263
package/src/managers/ValidatorManager.ts +53 -187
package/src/middlewares/errorHandler.ts +1 -176
package/src/utils/deepFreeze.ts +0 -32
package/src/utils/deepMerge.ts +0 -35
package/src/utils/normalizeOptions.ts +16 -133
package/src/examples/e1.ts +0 -1
package/src/test/t1.ts +0 -1

package/src/middlewares/errorHandler.ts CHANGED Viewed

@@ -1,166 +1,3 @@
-// import { Request, Response, NextFunction } from "express";
-// import { logger } from "../logging";
-// import { AdapterError } from "../core/errors/AdapterError";
-// import { ValidationError } from "../core/errors/ValidationError";
-// import { SanitizerError } from "../core/errors/SanitizerError";
-// import { SecurityError } from "../core/errors/SecurityError";
-// export function errorHandler(
-//     err: any,
-//     req: Request,
-//     res: Response,
-//     _next: NextFunction
-// ) {
-//     // Normalize unknown errors
-//     const errorMessage =
-//         typeof err === "string"
-//             ? err
-//             : err?.message || "Unknown error occurred";
-//     const errorStack =
-//         err instanceof Error && err.stack
-//             ? err.stack.split("\n").slice(0, 2).join(" | ")
-//             : undefined;
-//     // Log error centrally
-//     logger.error("❌ HiSecure Error Captured", {
-//         message: errorMessage,
-//         path: req.path,
-//         method: req.method,
-//         stack: errorStack,
-//         raw: err
-//     });
-//     // ------------------------------
-//     // CLASSIFIED ERROR RESPONSES
-//     // ------------------------------
-//     if (err instanceof ValidationError) {
-//         return res.status(400).json({
-//             success: false,
-//             error: "VALIDATION_ERROR",
-//             message: errorMessage
-//         });
-//     }
-//     if (err instanceof SanitizerError) {
-//         return res.status(400).json({
-//             success: false,
-//             error: "SANITIZER_ERROR",
-//             message: errorMessage
-//         });
-//     }
-//     if (err instanceof AdapterError) {
-//         return res.status(500).json({
-//             success: false,
-//             error: "ADAPTER_ERROR",
-//             message: errorMessage
-//         });
-//     }
-//     if (err instanceof SecurityError) {
-//         return res.status(500).json({
-//             success: false,
-//             error: "SECURITY_ERROR",
-//             message: errorMessage
-//         });
-//     }
-//     // ------------------------------
-//     // UNEXPECTED ERROR
-//     // ------------------------------
-//     return res.status(500).json({
-//         success: false,
-//         error: "INTERNAL_SERVER_ERROR",
-//         message: "An unexpected error occurred in HiSecure middleware."
-//     });
-// }
-// import { Request, Response, NextFunction } from "express";
-// import { logger } from "../logging";
-// import { AdapterError } from "../core/errors/AdapterError";
-// import { ValidationError } from "../core/errors/ValidationError";
-// import { SanitizerError } from "../core/errors/SanitizerError";
-// import { SecurityError } from "../core/errors/SecurityError";
-// export function errorHandler(
-//     err: any,
-//     req: Request,
-//     res: Response,
-//     _next: NextFunction
-// ) {
-//     // Normalize unknown errors
-//     const errorMessage =
-//         typeof err === "string"
-//             ? err
-//             : err?.message || "Unknown error occurred";
-//     const errorStack =
-//         err instanceof Error && err.stack
-//             ? err.stack.split("\n").slice(0, 2).join(" | ")
-//             : undefined;
-//     // Log error centrally
-//     logger.error("❌ HiSecure Error Captured", {
-//         message: errorMessage,
-//         path: req.path,
-//         method: req.method,
-//         stack: errorStack,
-//         raw: err
-//     });
-//     // ------------------------------
-//     // CLASSIFIED ERROR RESPONSES
-//     // ------------------------------
-//     if (err instanceof ValidationError) {
-//         return res.status(400).json({
-//             success: false,
-//             error: "VALIDATION_ERROR",
-//             message: errorMessage
-//         });
-//     }
-//     if (err instanceof SanitizerError) {
-//         return res.status(400).json({
-//             success: false,
-//             error: "SANITIZER_ERROR",
-//             message: errorMessage
-//         });
-//     }
-//     if (err instanceof AdapterError) {
-//         return res.status(500).json({
-//             success: false,
-//             error: "ADAPTER_ERROR",
-//             message: errorMessage
-//         });
-//     }
-//     if (err instanceof SecurityError) {
-//         return res.status(500).json({
-//             success: false,
-//             error: "SECURITY_ERROR",
-//             message: errorMessage
-//         });
-//     }
-//     // ------------------------------
-//     // UNEXPECTED ERROR
-//     // ------------------------------
-//     return res.status(500).json({
-//         success: false,
-//         error: "INTERNAL_SERVER_ERROR",
-//         message: "An unexpected error occurred in HiSecure middleware."
-//     });
-// }
 import { Request, Response, NextFunction } from "express";
 import { logger } from "../logging";
@@ -186,7 +23,7 @@ export function errorHandler(
             ? err.stack.split("\n").slice(0, 2).join(" | ")
             : undefined;
-    // Unified logging
     logger.error("❌ HiSecure Error", {
         type: err?.name || "UnknownError",
         message,
@@ -198,9 +35,7 @@ export function errorHandler(
         raw: err,
     });
-    // ---------------------------------------------------
     // 1. HttpError (developer thrown)
-    // ---------------------------------------------------
     if (err instanceof HttpError) {
         return res.status(err.status).json({
             success: false,
@@ -210,9 +45,7 @@ export function errorHandler(
         });
     }
-    // ---------------------------------------------------
     // 2. Validation Errors
-    // ---------------------------------------------------
     if (err instanceof ValidationError) {
         return res.status(400).json({
             success: false,
@@ -221,9 +54,7 @@ export function errorHandler(
         });
     }
-    // ---------------------------------------------------
     // 3. Sanitizer Errors
-    // ---------------------------------------------------
     if (err instanceof SanitizerError) {
         return res.status(400).json({
             success: false,
@@ -232,9 +63,7 @@ export function errorHandler(
         });
     }
-    // ---------------------------------------------------
     // 4. Adapter Errors (hashing, rate-limit, sanitizer, validator ...)
-    // ---------------------------------------------------
     if (err instanceof AdapterError) {
         return res.status(500).json({
             success: false,
@@ -243,9 +72,7 @@ export function errorHandler(
         });
     }
-    // ---------------------------------------------------
     // 5. Security Errors (internal library security logic)
-    // ---------------------------------------------------
     if (err instanceof SecurityError) {
         return res.status(500).json({
             success: false,
@@ -254,9 +81,7 @@ export function errorHandler(
         });
     }
-    // ---------------------------------------------------
     // 6. Fallback → Unexpected
-    // ---------------------------------------------------
     return res.status(500).json({
         success: false,
         error: "INTERNAL_SERVER_ERROR",

package/src/utils/deepFreeze.ts CHANGED Viewed

@@ -1,50 +1,20 @@
-// export function deepFreeze<T>(obj: T): T {
-//     // Freeze the top level object
-//     Object.freeze(obj);
-//     // Now recursively freeze nested objects
-//     Object.getOwnPropertyNames(obj).forEach((prop) => {
-//         // @ts-ignore
-//         const value = obj[prop];
-//         if (
-//             value &&
-//             (typeof value === "object" || typeof value === "function") &&
-//             !Object.isFrozen(value)
-//         ) {
-//             deepFreeze(value); // recursive freeze
-//         }
-//     });
-//     return obj;
-// }
 export function deepFreeze<T>(obj: T, visited = new WeakSet()): T {
-    // Handle primitives and null/undefined
     if (obj === null || obj === undefined) return obj;
     if (typeof obj !== 'object' && typeof obj !== 'function') return obj;
-    // Handle circular references
     if (visited.has(obj)) return obj;
     visited.add(obj);
-    // Don't freeze built-in objects that shouldn't be frozen
     const constructor = obj.constructor;
     const builtIns = [Date, RegExp, Map, Set, WeakMap, WeakSet, Promise];
     if (builtIns.some(builtIn => obj instanceof builtIn)) {
         return obj;
     }
-    // Don't freeze functions
     if (typeof obj === 'function') return obj;
-    // Freeze the object itself
     Object.freeze(obj);
-    // Freeze array elements
     if (Array.isArray(obj)) {
         for (const item of obj) {
             if (item && typeof item === 'object') {
@@ -54,7 +24,6 @@ export function deepFreeze<T>(obj: T, visited = new WeakSet()): T {
         return obj;
     }
-    // Freeze object properties
     const props = Object.getOwnPropertyNames(obj);
     for (const prop of props) {
         const value = (obj as any)[prop];
@@ -63,7 +32,6 @@ export function deepFreeze<T>(obj: T, visited = new WeakSet()): T {
         }
     }
-    // Freeze symbol properties
     const symbols = Object.getOwnPropertySymbols(obj);
     for (const sym of symbols) {
         const value = (obj as any)[sym];

package/src/utils/deepMerge.ts CHANGED Viewed

@@ -1,32 +1,3 @@
-// export function deepMerge<T>(target: T, source: Partial<T>): T {
-//   if (!source) return target;
-//   const output: any = Array.isArray(target) ? [...(target as any)] : { ...(target as any) };
-//   for (const key of Object.keys(source) as Array<keyof typeof source>) {
-//     const sourceValue = (source as any)[key];
-//     const targetValue = (target as any)[key];
-//     const shouldRecurse =
-//       sourceValue &&
-//       typeof sourceValue === "object" &&
-//       !Array.isArray(sourceValue) &&
-//       targetValue &&
-//       typeof targetValue === "object";
-//     if (shouldRecurse) {
-//       output[key] = deepMerge(targetValue, sourceValue);
-//     } else {
-//       output[key] = sourceValue;
-//     }
-//   }
-//   return output;
-// }
 export function deepMerge<T extends object, U extends Partial<T>>(
     target: T,
     source: U,
@@ -48,22 +19,18 @@ export function deepMerge<T extends object, U extends Partial<T>>(
         const sourceValue = (source as any)[key];
         const targetValue = (target as any)[key];
-        // Skip undefined values if configured
         if (skipUndefined && sourceValue === undefined) continue;
-        // Handle null explicitly
         if (sourceValue === null) {
             output[key] = null;
             continue;
         }
-        // Merge arrays if option enabled
         if (mergeArrays && Array.isArray(targetValue) && Array.isArray(sourceValue)) {
             output[key] = [...targetValue, ...sourceValue];
             continue;
         }
-        // Recursive merge for plain objects
         if (sourceValue && typeof sourceValue === 'object' &&
             targetValue && typeof targetValue === 'object' &&
             !Array.isArray(sourceValue) && !Array.isArray(targetValue) &&
@@ -73,11 +40,9 @@ export function deepMerge<T extends object, U extends Partial<T>>(
             continue;
         }
-        // Overwrite for everything else
         output[key] = sourceValue;
     }
-    // Handle symbol properties
     const symbols = Object.getOwnPropertySymbols(source);
     for (const sym of symbols) {
         output[sym] = (source as any)[sym];

package/src/utils/normalizeOptions.ts CHANGED Viewed

@@ -1,125 +1,8 @@
-// import { SecureOptions } from "../core/types/SecureOptions.js";
-// export interface NormalizedOptions {
-//     cors: { enabled: boolean; options?: any };
-//     rateLimit: { enabled: boolean; mode?: "strict" | "relaxed" | undefined; options?: any };
-//     sanitize: { enabled: boolean };
-//     validate: { enabled: boolean; schema?: any };
-//     json: { enabled: boolean; options?: any };
-//     /** NEW */
-//     auth: { enabled: boolean; required: boolean };
-// }
-// export function normalizeOptions(input?: SecureOptions | false): NormalizedOptions {
-//     if (input === false) {
-//         return {
-//             cors: { enabled: false },
-//             rateLimit: { enabled: false, mode: undefined, options: undefined },
-//             sanitize: { enabled: false },
-//             validate: { enabled: false },
-//             json: { enabled: false },
-//             auth: { enabled: false, required: true }
-//         };
-//     }
-//     const opts = input || {};
-//     return {
-//         cors: {
-//             enabled: opts.cors === undefined ? true : opts.cors !== false,
-//             options: typeof opts.cors === "object" ? opts.cors : undefined
-//         },
-//         rateLimit: normalizeRateLimit(opts.rateLimit),
-//         sanitize: {
-//             enabled: opts.sanitize === undefined ? true : opts.sanitize !== false
-//         },
-//         validate: {
-//             enabled: !!opts.validate,
-//             schema: opts.validate || undefined
-//         },
-//         json: {
-//             enabled: opts.json === undefined ? true : opts.json !== false,
-//             options: typeof opts.json === "object" ? opts.json : undefined
-//         },
-//         auth: normalizeAuth(opts.auth)
-//     };
-// }
-// // ---------------------------------------------------------------
-// // RATE LIMIT — EXACT TYPES, NO TS ERROR
-// // ---------------------------------------------------------------
-// function normalizeRateLimit(value: SecureOptions["rateLimit"]): {
-//     enabled: boolean;
-//     mode?: "strict" | "relaxed" | undefined;
-//     options?: any;
-// } {
-//     if (value === false) {
-//         return { enabled: false, mode: undefined, options: undefined };
-//     }
-//     if (value === "strict") {
-//         return {
-//             enabled: true,
-//             mode: "strict",
-//             options: { max: 5, windowMs: 10000 }
-//         };
-//     }
-//     if (value === "relaxed") {
-//         return {
-//             enabled: true,
-//             mode: "relaxed",
-//             options: { max: 100, windowMs: 60000 }
-//         };
-//     }
-//     if (typeof value === "object") {
-//         return {
-//             enabled: true,
-//             mode: undefined,   // VERY IMPORTANT!
-//             options: value
-//         };
-//     }
-//     // Default → enabled and optional fields omitted
-//     return {
-//         enabled: true,
-//         mode: undefined,
-//         options: undefined
-//     };
-// }
-// // ---------------------------------------------------------------
-// // AUTH NORMALIZER — EXACT FOR useSecure
-// // ---------------------------------------------------------------
-// function normalizeAuth(value: SecureOptions["auth"]) {
-//     if (value === false) return { enabled: false, required: true };
-//     if (value === true || value === undefined)
-//         return { enabled: true, required: true };
-//     return {
-//         enabled: true,
-//         required: value.required !== false
-//     };
-// }
-// src/utils/normalizeOptions.ts
 import {
     SecureOptions,
-    AuthOptions,        // ✅ ADD THIS
-    RateLimitOptions,   // ✅ ADD THIS
-    SanitizeOptions     // ✅ ADD THIS
+    AuthOptions,
+    RateLimitOptions,
+    SanitizeOptions
 } from "../core/types/SecureOptions.js";
 export interface NormalizedOptions {
@@ -218,22 +101,22 @@ function normalizeRateLimit(value: SecureOptions["rateLimit"]): NormalizedOption
 }
 function normalizeAuth(value: SecureOptions["auth"]): NormalizedOptions["auth"] {
+    // if (value === false) {
+    //     return { enabled: false, required: false };
+    // }
-    if (value === false) {
-        return { enabled: false, required: false };
-    }
-    if (value === true || value === undefined) {
-        return { enabled: true, required: true };
-    }
+    // if (value === true || value === undefined) {
+    //     return { enabled: true, required: true };
+    // }
-//     if (value === undefined) {
-//     return { enabled: false, required: false };
-// }
-// if (value === true) {
-//     return { enabled: true, required: true };
-// }
+    if (value === undefined) {
+    return { enabled: false, required: false };
+}
+if (value === true) {
+    return { enabled: true, required: true };
+}
     const authOptions = value as AuthOptions;

package/src/examples/e1.ts DELETED Viewed

	@@ -1 +0,0 @@
1	- // baad mein krte hai ise

package/src/test/t1.ts DELETED Viewed

	@@ -1 +0,0 @@
1	- // dekhete hai baad mein