hibp 0.0.0-dev.0e634825

package/MIGRATION.md

@@ -0,0 +1,227 @@
+## Migration Notes
+
+#### 10.0.1 → 11.0.0
+
+- `pwnedPasswordRange` now returns an object mapping the matching suffix to a
+  count representing the number of occurrences, rather than an array of objects
+  each containing a matching suffix and its count. Code dependent on parsing the
+  response text will need updated to deal with the new data format:
+  ```js
+  {
+    "003D68EB55068C33ACE09247EE4C639306B": 3,
+    "012C192B2F16F82EA0EB9EF18D9D539B0DD": 1,
+    ...
+  }
+  ```
+
+#### 9.0.3 → 10.0.0
+
+- The production/minified versions of the browser build targets have been
+  renamed:
+
+  - ESM for Browsers (`<script type="module">`)
+    - `dist/browser/hibp.esm.min.js` → `dist/browser/hibp.module.js`
+  - UMD
+    - `dist/browser/hibp.umd.min.js` → `dist/browser/hibp.umd.js`
+
+- The development/non-minified versions of the UMD and ESM for browsers build
+  targets have been removed. If you were using them, please update your imports
+  to use the production/minified versions (see above).
+
+- The internal directory structure of the source code is now being preserved in
+  the CJS and ESM for bundlers build outputs (`dist/cjs` and `dist/esm`). If you
+  were deep importing anything you probably shouldn't have been (:wink:), you
+  may need to update your imports.
+
+- Support for Node.js version 10.x has been dropped. You must upgrade your
+  Node.js environment to at least v12.16.0.
+
+#### 8.0.1 → 9.0.0
+
+- Output files for all build targets have been consolidated under the `dist`
+  directory. This should be transparent if you followed the documentation, but
+  the changes are as follows:
+
+  - CommonJS
+    - `lib/hibp.js` → `dist/cjs/hibp.js`
+  - ECMAScript Modules
+    - `es/hibp.js` → `dist/esm/hibp.js`
+  - ECMAScript Modules for Browsers (development)
+    - `dist/hibp.mjs` → `dist/browser/hibp.esm.js`
+  - ECMAScript Modules for Browsers (production)
+    - `dist/hibp.min.mjs` → `dist/browser/hibp.esm.min.js`
+  - UMD (development)
+    - `dist/hibp.js` → `dist/browser/hibp.umd.js`
+  - UMD (production)
+    - `dist/hibp.min.js` → `dist/browser/hibp.umd.min.js`
+  - TypeScript Declarations
+    - `types/hibp.d.ts` → `dist/hibp.d.ts`
+
+- Support for Node.js version 8.x has been dropped. You must upgrade your
+  Node.js environment to at least v10.
+
+#### 7.5.2 → 8.0.0
+
+- The `breachedAccount`, `pasteAccount`, and `search` modules now have an
+  `apiKey` option, which is required by v3 of the `haveibeenpwned.com` API
+  (unless you are proxying your requests through a server that inserts an API
+  key on your behalf via the `baseUrl` option). You can purchase an API key from
+  Troy at [https://haveibeenpwned.com/API/Key][get-key]. See [Troy's blog
+  post][api-key-blog-post] for rationale and a full explanation.
+- The default value of the `truncate` option in the `breachedAccount` and
+  `search` modules has been changed from `false` to `true` per Troy's
+  recommendation. If you do not specify a value of `false` explicitly, each
+  `Breach` result will only contain the breach name (no metadata).
+- The default value of the `includeUnverified` option in the `breachedAccount`
+  module has been changed from `false` to `true` per Troy's recommendation.
+  Although there are not many unverified breaches in the system, it's possible
+  you will get more breaches back than you did previously. You may explicitly
+  disable this by specifying a value of `false` for this option.
+- Support for Node.js version 6.x has been dropped. You must upgrade your
+  Node.js environment to at least v8.9.0.
+
+#### 6.0.0 → 7.0.0
+
+- `pwnedPassword` now uses the more secure hash range API rather than submitting
+  plain text passwords over the wire. The [new remote
+  API][pwnedpasswordsbyrange] no longer makes a distinction between passwords
+  that are hashses vs. plain text, so `pwnedPassword` no longer takes an options
+  object as the `isAHash` option has been removed.
+
+- `pwnedPassword` now resolves with a number representing the number of times
+  the given password was exposed in a breach. Code using truthy checks should
+  continue to function as before (when it returned a boolean), but explicit
+  checks will need updated.
+
+- `pwnedPasswordRange` now returns an array of objects containing the matching
+  suffix and a count representing the number of occurrences, rather than a plain
+  text blob of all the data directly from the remote API response. Code
+  dependent on parsing the response text will need updated to deal with the new
+  data format:
+  ```js
+  [
+    { suffix: "003D68EB55068C33ACE09247EE4C639306B", count: 3 },
+    { suffix: "012C192B2F16F82EA0EB9EF18D9D539B0DD", count: 1 },
+    ...
+  ]
+  ```
+
+#### 5.3.0 → 6.0.0
+
+- Support for Node.js versions less than 6.x has been dropped. If you are
+  leveraging this library in such an environment, you should restrict the
+  version in your dependencies to `^5.3.0`.
+
+#### 4.4.0 → 5.0.0
+
+- The biggest breaking change in `5.0.0` is the removal of the `default` export.
+  `hibp` is designed as a collection of modules to be imported explicitly as
+  needed and exporting a `default`-named object containing all the modules is
+  arguably an anti-pattern. Instead, an anonymous object of all the named
+  modules is exported, providing better dead code elimination support in order
+  to produce smaller bundles when importing from `hibp`. The quickest upgrade
+  path (providing invocation syntax equivalence to prior versions) is to change
+  your import statement to import all the modules into a local `hibp` namespace,
+  but the recommended upgrade path is to import exactly which modules you need
+  and update your calls to remove the preceding `hibp` references.
+
+  ```javascript
+  // 4.x
+  import hibp from 'hibp';
+  hibp.breachedAccount(/* ... */).then(/* ... */);
+
+  // 5.x (upgrade option 1, one-liner quick fix)
+  import * as hibp from 'hibp';
+  hibp.breachedAccount(/* ... */).then(/* ... */);
+
+  // 5.x (upgrade option 2, more explicit but requires more code changes)
+  import { breachedAccount } from 'hibp';
+  breachedAccount(/* ... */).then(/* ... */);
+  ```
+
+- The `browser` entry point field has been removed from `package.json` as
+  webpack was using it by default when omitting the `target` option or
+  explicitly using `target: 'web'` (see issue #8 for details). No `<script>` tag
+  changes should be necessary, but if you were otherwise relying on the
+  `browser` field to resolve to the UMD build, you will need to update your
+  configuration accordingly. Also worth noting here is the fact that the non-UMD
+  builds have been updated to target browsers (see issue #9), so bundling them
+  instead of the UMD build when targeting browsers should remain fully
+  compatible while producing smaller bundles.
+
+- The `index.js` file has been removed entirely. It's sole purpose was to
+  provide a separate entry point for the CJS/ESM (non-UMD) builds to include the
+  `source-map-support` module to enable source map support in Node for debugging
+  purposes. Source maps are still generated at build time and included in the
+  package, so debugging is still possible but the responsibility of enabling
+  support for source maps is now on the consumer. If you were importing
+  `index.js` explicitly rather than relying on the entry point fields in
+  `package.json`, you will need to replace that with `hibp.js`.
+
+#### 3.0.0 → 4.0.0
+
+- Support for Node.js versions less than 4.x has been dropped. It will probably
+  still work (at least for the foreseeable future), but I'm not going out of my
+  way to make sure. If you are leveraging this library in such an environment,
+  you should restrict the version in your dependencies to `^3.0.0`.
+
+#### 2.2.0 → 3.0.0
+
+- The browser (UMD) build output has moved from the `lib` directory to the
+  `dist` directory to separate it from the server-side output. A development
+  (non-minified) version is also now included, which was omitted in the past as
+  it would have had the same file name in the same directory as the server-side
+  output.
+
+#### 1.0.8 → 2.0.0
+
+- All API methods which previously resolved to `undefined` (upon receiving a
+  `404 Not Found` response from the remote endpoint) now resolve to `null`
+  instead. This may or may not be a breaking change, depending on how strictly
+  you're handling the "no data found" return value. Loose truthy/falsey checks
+  like `if (breachData) { ... }` will be fine, but strict equality checks like
+  `if (breachData === undefined) { ... }` will break.
+
+  **_N.B._** _This is a philosophical change based on various sources regarding
+  the difference between null and undefined in JavaScript. In the case where a
+  query responds with no data, it is an expected absence of value, as that is
+  how the remote API is documented to respond when there are no relevant objects
+  to return._
+
+  [Ryan Morr](http://goo.gl/TGTS96):
+
+  > To distinguish between the two, you may want to think of undefined as
+  > representing an unexpected absence of value and null as representing an
+  > expected absence of value."
+
+  [MDN](https://goo.gl/n85RSe):
+
+  > In APIs, null is often retrieved in place where an object can be expected
+  > but no object is relevant.
+
+- All API methods that previously took optional, positional parameters like
+  `domain` and `truncateResults` now take an options object instead. For
+  example:
+
+  1.0.8 (old):
+
+  ```javascript
+  hibp.breachedAccount(account, 'adobe.com', true).then(/* ... */);
+  ```
+
+  2.0.0 (new):
+
+  ```javascript
+  hibp
+    .breachedAccount(account, { domain: 'adobe.com', truncate: true })
+    .then(/* ... */);
+  ```
+
+  This change was made to make the API more expressive and reduce ambiguity. See
+  the API documentation (or JSDoc comments) for details.
+
+[pwnedpasswordsbyrange]:
+  https://haveibeenpwned.com/API/v2#SearchingPwnedPasswordsByRange
+[api-key-blog-post]:
+  https://www.troyhunt.com/authentication-and-the-have-i-been-pwned-api/
+[get-key]: https://haveibeenpwned.com/API/Key

package/README.md

@@ -0,0 +1,255 @@
+<a href="https://wkovacs64.github.io/hibp">
+  <img
+    alt="logo"
+    title="logo"
+    src="https://wkovacs64.github.io/hibp/logo.png"
+    align="right"
+    width="85"
+  />
+</a>
+
+# hibp
+
+_A Promise-based client for [Troy Hunt][troy]'s [Have I been
+pwned?][haveibeenpwned] service._
+
+[![npm Version][npm-image]][npm-url] [![Build Status][ci-image]][ci-url]
+[![Code Coverage][coverage-image]][coverage-url]
+[![All Contributors](https://img.shields.io/badge/all_contributors-7-orange.svg?style=flat-square)](#contributors-)
+
+## Installation
+
+In Node.js:
+
+```shell
+npm install hibp
+```
+
+In [Deno][deno] (via [Skypack][skypack]):
+
+```ts
+// Replace x.y.z with the desired hibp version      ↓ ↓ ↓
+import * as hibp from 'https://cdn.skypack.dev/hibp@x.y.z?dts';
+```
+
+See the [browser](#using-in-the-browser) section below for information on how to
+use it in the browser.
+
+## Features (🔑 = [requires][api-key-blog-post] an [API key][get-api-key])
+
+- Get a single breach event
+- Get all breaches for an account 🔑
+- Get all breach events in the system
+- Get all data classes
+- Get all pastes for an account 🔑
+- [Securely][search-by-range] check a password to see if it has been exposed in
+  a data breach
+- Check a SHA-1 prefix to see if it has been exposed in a data breach
+- Search for an account in both breaches and pastes at the same time 🔑
+- All queries return a Promise
+- Available server-side (Node.js) and client-side (browser)
+- Written in TypeScript, so all modules come fully typed
+
+## Usage
+
+##### ECMAScript module syntax:
+
+```javascript
+// import individual modules as needed
+import { dataClasses, search } from 'hibp';
+// or, import all modules into a local namespace
+import * as hibp from 'hibp';
+```
+
+##### CommonJS module syntax:
+
+```javascript
+// require individual modules as needed
+const { dataClasses, search } = require('hibp');
+// or, require all modules into a local namespace
+const hibp = require('hibp');
+```
+
+The following modules are available:
+
+- [breach](API.md#breach)
+- [breachedAccount](API.md#breachedaccount)
+- [breaches](API.md#breaches)
+- [dataClasses](API.md#dataclasses)
+- [pasteAccount](API.md#pasteaccount)
+- [pwnedPassword](API.md#pwnedpassword)
+- [pwnedPasswordRange](API.md#pwnedpasswordrange)
+- [search](API.md#search)
+
+Please see the [API reference](API.md) for more detailed usage information and
+examples.
+
+#### Quick-Start Example
+
+```javascript
+import { search } from 'hibp';
+
+search('someAccountOrEmail', { apiKey: 'my-api-key' })
+  .then((data) => {
+    if (data.breaches || data.pastes) {
+      // Bummer...
+      console.log(data);
+    } else {
+      // Phew! We're clear.
+      console.log('Good news — no pwnage found!');
+    }
+  })
+  .catch((err) => {
+    // Something went wrong.
+    console.log(err.message);
+  });
+```
+
+#### Rate Limiting
+
+The haveibeenpwned.com API [rate limits][haveibeenpwned-rate-limiting] requests
+to prevent abuse. In the event you get rate limited, the module will throw a
+custom `RateLimitError` which will include a `retryAfterSeconds` property so you
+know when you can try the call again (as a `number`, unless the remote API did
+not provide one, in which case it will be `undefined` - but that _should_ never
+happen).
+
+#### Using in the browser
+
+**Prerequisite:** This module requires a Promise implementation to exist in the
+global namespace prior to being loaded. Therefore, to facilitate usage in
+[browsers without native Promise support][caniuse-promise], you are responsible
+for providing a polyfill. I recommend [es6-promise][es6-promise].
+
+You have several options for using this library in a browser environment:
+
+1. Bundled
+
+   The most efficient and recommended method is to bundle it with client-side
+   code using a module bundler like [webpack][webpack]. If your build process
+   honors the `module` field in `package.json`, you can import the ECMAScript
+   module as described [above](#usage). Otherwise, the `main` field resolves to
+   the CommonJS module version.
+
+1. UMD
+
+   There is also a Universal Module Definition (UMD) build provided for usage in
+   the browser. When using this build, an `hibp` object will be added to the
+   browser's `window` object.
+
+   The recommended way to include the UMD build (when using a `<script>` tag) is
+   to use the [unpkg][unpkg] CDN, specifying the exact version you want. If you
+   don't specify a version, the `latest` tag will be used, which could be
+   dangerous if/when there are breaking changes made to the API. See
+   [unpkg][unpkg] for details and advanced version specification, but generally
+   you will want to do the following (replacing `x.y.z` with the version you
+   want):
+
+   ```html
+   <script src="https://unpkg.com/hibp@x.y.z"></script>
+   ```
+
+1. ESM for Browsers
+
+   Modern browsers now [support][caniuse-esm] importing ECMAScript modules via
+   `<script type="module">` tags. Like the UMD option above, this build is also
+   available the [unpkg][unpkg] CDN (and the same versioning rules apply), but
+   you must specify the full path (including the file extension). For example:
+
+   ```html
+   <script type="module">
+     // Replace x.y.z with the desired hibp version      ↓ ↓ ↓
+     import { dataClasses } from 'https://unpkg.com/hibp@x.y.z/dist/browser/hibp.module.js';
+
+     const logDataClasses = async () => {
+       console.table(await dataClasses());
+     };
+
+     logDataClasses();
+   </script>
+   ```
+
+   For more information on ESM in the browser, check out [Using JS modules in
+   the browser][js-modules].
+
+## Try It Out
+
+[Test hibp in your browser with RunKit.][runkit]
+
+## Projects Using hibp
+
+- [pwned][pwned] - a command-line tool for querying the '[Have I been
+  pwned?][haveibeenpwned]' service
+- [Password Lense][pwl] - a static web application to reveal character types in
+  a password
+- [Hasura Backend Plus](https://nhost.github.io/hasura-backend-plus/) -
+  Authentication & Storage for Hasura
+- [Staart API](https://staart.js.org/api/) - a Node.js backend starter for SaaS
+  startups
+- [BanManager-WebUI](https://github.com/BanManagement/BanManager-WebUI) - Web
+  interface for BanManager
+
+Send me a [PR][pulls] or an email and I'll add yours to the list!
+
+## License
+
+This module is distributed under the [MIT License][license].
+
+[npm-image]: https://img.shields.io/npm/v/hibp.svg?style=flat-square
+[npm-url]: https://www.npmjs.com/package/hibp
+[ci-image]:
+  https://img.shields.io/github/actions/workflow/status/wKovacs64/hibp/ci.yml?logo=github&style=flat-square
+[ci-url]: https://github.com/wKovacs64/hibp/actions?query=workflow%3Aci
+[coverage-image]:
+  https://img.shields.io/codecov/c/github/wKovacs64/hibp/main.svg?style=flat-square
+[coverage-url]: https://codecov.io/gh/wKovacs64/hibp/branch/main
+[deno]: https://deno.land/
+[skypack]: https://www.skypack.dev/
+[troy]: https://www.troyhunt.com
+[haveibeenpwned]: https://haveibeenpwned.com
+[haveibeenpwned-rate-limiting]: https://haveibeenpwned.com/API/v3#RateLimiting
+[search-by-range]:
+  https://haveibeenpwned.com/API/v2#SearchingPwnedPasswordsByRange
+[api-key-blog-post]:
+  https://www.troyhunt.com/authentication-and-the-have-i-been-pwned-api/
+[get-api-key]: https://haveibeenpwned.com/API/Key
+[unpkg]: https://unpkg.com
+[caniuse-esm]: https://caniuse.com/#feat=es6-module
+[js-modules]: https://v8.dev/features/modules#browser
+[webpack]: https://webpack.js.org
+[caniuse-promise]: https://caniuse.com/#search=promise
+[es6-promise]: https://github.com/stefanpenner/es6-promise
+[runkit]: https://runkit.com/npm/hibp
+[pwned]: https://github.com/wKovacs64/pwned
+[pulls]: https://github.com/wKovacs64/hibp/pulls
+[pwl]: https://pwl.netlify.com/
+[license]: https://github.com/wKovacs64/hibp/tree/main/LICENSE.txt
+
+## Contributors ✨
+
+Thanks goes to these wonderful people
+([emoji key](https://allcontributors.org/docs/en/emoji-key)):
+
+<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
+<!-- prettier-ignore-start -->
+<!-- markdownlint-disable -->
+<table>
+  <tr>
+    <td align="center"><a href="https://github.com/wKovacs64"><img src="https://avatars.githubusercontent.com/u/1288694?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Justin Hall</b></sub></a><br /><a href="https://github.com/wKovacs64/hibp/commits?author=wKovacs64" title="Code">💻</a> <a href="https://github.com/wKovacs64/hibp/commits?author=wKovacs64" title="Documentation">📖</a> <a href="#infra-wKovacs64" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#maintenance-wKovacs64" title="Maintenance">🚧</a> <a href="https://github.com/wKovacs64/hibp/pulls?q=is%3Apr+reviewed-by%3AwKovacs64" title="Reviewed Pull Requests">👀</a> <a href="https://github.com/wKovacs64/hibp/commits?author=wKovacs64" title="Tests">⚠️</a></td>
+    <td align="center"><a href="https://www.troyhunt.com"><img src="https://avatars.githubusercontent.com/u/273244?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Troy Hunt</b></sub></a><br /><a href="#data-troyhunt" title="Data">🔣</a></td>
+    <td align="center"><a href="https://jellekralt.com"><img src="https://avatars.githubusercontent.com/u/214558?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Jelle Kralt</b></sub></a><br /><a href="https://github.com/wKovacs64/hibp/commits?author=jellekralt" title="Code">💻</a></td>
+    <td align="center"><a href="https://github.com/timaschew"><img src="https://avatars.githubusercontent.com/u/110870?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Anton W</b></sub></a><br /><a href="https://github.com/wKovacs64/hibp/issues?q=author%3Atimaschew" title="Bug reports">🐛</a></td>
+    <td align="center"><a href="https://github.com/danieladams456"><img src="https://avatars.githubusercontent.com/u/3953840?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Daniel Adams</b></sub></a><br /><a href="https://github.com/wKovacs64/hibp/commits?author=danieladams456" title="Code">💻</a></td>
+    <td align="center"><a href="https://twitter.com/d0gb3r7"><img src="https://avatars.githubusercontent.com/u/454308?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Markus Dolic</b></sub></a><br /><a href="https://github.com/wKovacs64/hibp/issues?q=author%3Ayelworc" title="Bug reports">🐛</a></td>
+    <td align="center"><a href="https://github.com/textbook/about"><img src="https://avatars.githubusercontent.com/u/785939?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Jonathan Sharpe</b></sub></a><br /><a href="https://github.com/wKovacs64/hibp/commits?author=textbook" title="Code">💻</a></td>
+  </tr>
+</table>
+
+<!-- markdownlint-restore -->
+<!-- prettier-ignore-end -->
+
+<!-- ALL-CONTRIBUTORS-LIST:END -->
+
+This project follows the
+[all-contributors](https://github.com/all-contributors/all-contributors)
+specification. Contributions of any kind welcome!

package/dist/browser/hibp.module.js

@@ -0,0 +1,2 @@
+var t="undefined"!=typeof window?window.fetch:async function(t,e){const{default:n}=await Promise.resolve().then((function(){return X}));return n(t,e)};new Map;const e=400,n="Bad request — the account does not comply with an acceptable format.",r=401,s=403,o="Forbidden - access denied.",i=404,u=(new Map([["retry-after","2"]]),429);class h extends Error{retryAfterSeconds;constructor(t,e,n){super(e,n),this.name=this.constructor.name,this.retryAfterSeconds="string"==typeof t?Number.parseInt(t,10):void 0}}function a(a,{apiKey:c,baseUrl:f="https://haveibeenpwned.com/api/v3",userAgent:l}={}){const p={};c&&(p["HIBP-API-Key"]=c),l&&(p["User-Agent"]=l),l||"undefined"!=typeof navigator||(p["User-Agent"]="hibp 0.0.0-dev.0e634825");const d={headers:p},g=`${f.replace(/\/$/g,"")}${a}`;return t(g,d).then((t=>{if(t.ok)return t.json();switch(t.status){case e:throw Error(n);case r:return t.json().then((t=>{throw Error(t.message)}));case s:{const e=t.headers.get("cf-ray");if(e)throw Error(function(t){return`Request blocked, contact haveibeenpwned.com if this continues (Ray ID: ${t})`}(e));throw Error(o)}case i:return null;case u:return t.json().then((e=>{const n=t.headers.get("retry-after");throw new h(n,e.message)}));default:throw Error(t.statusText)}}))}function c(t,e={}){return a("/breach/"+encodeURIComponent(t),e)}function f(t,e={includeUnverified:!0,truncate:!0}){const n=`/breachedaccount/${encodeURIComponent(t)}?`,r=[];return e.domain&&r.push("domain="+encodeURIComponent(e.domain)),!1===e.includeUnverified&&r.push("includeUnverified=false"),!1===e.truncate&&r.push("truncateResponse=false"),a(`${n}${r.join("&")}`,{apiKey:e.apiKey,baseUrl:e.baseUrl,userAgent:e.userAgent})}function l(t={}){const e=[];return t.domain&&e.push("domain="+encodeURIComponent(t.domain)),a("/breaches?"+e.join("&"),{baseUrl:t.baseUrl,userAgent:t.userAgent})}function p(t={}){return a("/dataclasses",t)}function d(t,e={}){return a("/pasteaccount/"+encodeURIComponent(t),{apiKey:e.apiKey,baseUrl:e.baseUrl,userAgent:e.userAgent})}const g="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";function A(t,e,n,r){let s,o,i;const u=e||[0],h=(n=n||0)>>>3,a=-1===r?3:0;for(s=0;t.length>s;s+=1)i=s+h,o=i>>>2,o>=u.length&&u.push(0),u[o]|=t[s]<<8*(a+r*(i%4));return{value:u,binLen:8*t.length+n}}function m(t,e,n){switch(e){case"UTF8":case"UTF16BE":case"UTF16LE":break;default:throw Error("encoding must be UTF8, UTF16BE, or UTF16LE")}switch(t){case"HEX":return function(t,e,r){return function(t,e,n,r){let s,o,i,u;if(0!=t.length%2)throw Error("String of HEX type must be in byte increments");const h=e||[0],a=(n=n||0)>>>3,c=-1===r?3:0;for(s=0;t.length>s;s+=2){if(o=parseInt(t.substr(s,2),16),isNaN(o))throw Error("String of HEX type contains invalid characters");for(u=(s>>>1)+a,i=u>>>2;i>=h.length;)h.push(0);h[i]|=o<<8*(c+r*(u%4))}return{value:h,binLen:4*t.length+n}}(t,e,r,n)};case"TEXT":return function(t,r,s){return function(t,e,n,r,s){let o,i,u,h,a,c,f,l,p=0;const d=n||[0],g=(r=r||0)>>>3;if("UTF8"===e)for(f=-1===s?3:0,u=0;t.length>u;u+=1)for(o=t.charCodeAt(u),i=[],128>o?i.push(o):2048>o?(i.push(192|o>>>6),i.push(128|63&o)):55296>o||o>=57344?i.push(224|o>>>12,128|o>>>6&63,128|63&o):(u+=1,o=65536+((1023&o)<<10|1023&t.charCodeAt(u)),i.push(240|o>>>18,128|o>>>12&63,128|o>>>6&63,128|63&o)),h=0;i.length>h;h+=1){for(c=p+g,a=c>>>2;a>=d.length;)d.push(0);d[a]|=i[h]<<8*(f+s*(c%4)),p+=1}else for(f=-1===s?2:0,l="UTF16LE"===e&&1!==s||"UTF16LE"!==e&&1===s,u=0;t.length>u;u+=1){for(o=t.charCodeAt(u),!0===l&&(h=255&o,o=h<<8|o>>>8),c=p+g,a=c>>>2;a>=d.length;)d.push(0);d[a]|=o<<8*(f+s*(c%4)),p+=2}return{value:d,binLen:8*p+r}}(t,e,r,s,n)};case"B64":return function(t,e,r){return function(t,e,n,r){let s,o,i,u,h,a,c,f=0;const l=e||[0],p=(n=n||0)>>>3,d=-1===r?3:0,A=t.indexOf("=");if(-1===t.search(/^[a-zA-Z0-9=+/]+$/))throw Error("Invalid character in base-64 string");if(t=t.replace(/=/g,""),-1!==A&&t.length>A)throw Error("Invalid '=' found in base-64 string");for(o=0;t.length>o;o+=4){for(h=t.substr(o,4),u=0,i=0;h.length>i;i+=1)s=g.indexOf(h.charAt(i)),u|=s<<18-6*i;for(i=0;h.length-1>i;i+=1){for(c=f+p,a=c>>>2;a>=l.length;)l.push(0);l[a]|=(u>>>16-8*i&255)<<8*(d+r*(c%4)),f+=1}}return{value:l,binLen:8*f+n}}(t,e,r,n)};case"BYTES":return function(t,e,r){return function(t,e,n,r){let s,o,i,u;const h=e||[0],a=(n=n||0)>>>3,c=-1===r?3:0;for(o=0;t.length>o;o+=1)s=t.charCodeAt(o),u=o+a,i=u>>>2,i>=h.length&&h.push(0),h[i]|=s<<8*(c+r*(u%4));return{value:h,binLen:8*t.length+n}}(t,e,r,n)};case"ARRAYBUFFER":try{new ArrayBuffer(0)}catch(t){throw Error("ARRAYBUFFER not supported by this environment")}return function(t,e,r){return function(t,e,n,r){return A(new Uint8Array(t),e,n,r)}(t,e,r,n)};case"UINT8ARRAY":try{new Uint8Array(0)}catch(t){throw Error("UINT8ARRAY not supported by this environment")}return function(t,e,r){return A(t,e,r,n)};default:throw Error("format must be HEX, TEXT, B64, BYTES, ARRAYBUFFER, or UINT8ARRAY")}}function b(t,e,n,r){switch(t){case"HEX":return function(t){return function(t,e,n,r){const s="0123456789abcdef";let o,i,u="";const h=e/8,a=-1===n?3:0;for(o=0;h>o;o+=1)i=t[o>>>2]>>>8*(a+n*(o%4)),u+=s.charAt(i>>>4&15)+s.charAt(15&i);return r.outputUpper?u.toUpperCase():u}(t,e,n,r)};case"B64":return function(t){return function(t,e,n,r){let s,o,i,u,h,a="";const c=e/8,f=-1===n?3:0;for(s=0;c>s;s+=3)for(u=c>s+1?t[s+1>>>2]:0,h=c>s+2?t[s+2>>>2]:0,i=(t[s>>>2]>>>8*(f+n*(s%4))&255)<<16|(u>>>8*(f+n*((s+1)%4))&255)<<8|h>>>8*(f+n*((s+2)%4))&255,o=0;4>o;o+=1)a+=8*s+6*o>e?r.b64Pad:g.charAt(i>>>6*(3-o)&63);return a}(t,e,n,r)};case"BYTES":return function(t){return function(t,e,n){let r,s,o="";const i=e/8,u=-1===n?3:0;for(r=0;i>r;r+=1)s=t[r>>>2]>>>8*(u+n*(r%4))&255,o+=String.fromCharCode(s);return o}(t,e,n)};case"ARRAYBUFFER":try{new ArrayBuffer(0)}catch(t){throw Error("ARRAYBUFFER not supported by this environment")}return function(t){return function(t,e,n){let r;const s=e/8,o=new ArrayBuffer(s),i=new Uint8Array(o),u=-1===n?3:0;for(r=0;s>r;r+=1)i[r]=t[r>>>2]>>>8*(u+n*(r%4))&255;return o}(t,e,n)};case"UINT8ARRAY":try{new Uint8Array(0)}catch(t){throw Error("UINT8ARRAY not supported by this environment")}return function(t){return function(t,e,n){let r;const s=e/8,o=-1===n?3:0,i=new Uint8Array(s);for(r=0;s>r;r+=1)i[r]=t[r>>>2]>>>8*(o+n*(r%4))&255;return i}(t,e,n)};default:throw Error("format must be HEX, B64, BYTES, ARRAYBUFFER, or UINT8ARRAY")}}function U(t){const e={outputUpper:!1,b64Pad:"=",outputLen:-1},n=t||{},r="Output length must be a multiple of 8";if(e.outputUpper=n.outputUpper||!1,n.b64Pad&&(e.b64Pad=n.b64Pad),n.outputLen){if(n.outputLen%8!=0)throw Error(r);e.outputLen=n.outputLen}else if(n.shakeLen){if(n.shakeLen%8!=0)throw Error(r);e.outputLen=n.shakeLen}if("boolean"!=typeof e.outputUpper)throw Error("Invalid outputUpper formatting option");if("string"!=typeof e.b64Pad)throw Error("Invalid b64Pad formatting option");return e}function w(t,e){return t<<e|t>>>32-e}function E(t,e,n){return t^e^n}function R(t,e,n){return t&e^t&n^e&n}function y(t,e){const n=(65535&t)+(65535&e);return(65535&(t>>>16)+(e>>>16)+(n>>>16))<<16|65535&n}function v(t,e,n,r,s){const o=(65535&t)+(65535&e)+(65535&n)+(65535&r)+(65535&s);return(65535&(t>>>16)+(e>>>16)+(n>>>16)+(r>>>16)+(s>>>16)+(o>>>16))<<16|65535&o}function T(t){return[1732584193,4023233417,2562383102,271733878,3285377520]}function B(t,e){let n,r,s,o,i,u,h;const a=[];for(n=e[0],r=e[1],s=e[2],o=e[3],i=e[4],h=0;80>h;h+=1)a[h]=16>h?t[h]:w(a[h-3]^a[h-8]^a[h-14]^a[h-16],1),u=20>h?v(w(n,5),(c=r)&s^~c&o,i,1518500249,a[h]):40>h?v(w(n,5),E(r,s,o),i,1859775393,a[h]):60>h?v(w(n,5),R(r,s,o),i,2400959708,a[h]):v(w(n,5),E(r,s,o),i,3395469782,a[h]),i=o,o=s,s=w(r,30),r=n,n=u;var c;return e[0]=y(n,e[0]),e[1]=y(r,e[1]),e[2]=y(s,e[2]),e[3]=y(o,e[3]),e[4]=y(i,e[4]),e}function C(t,e,n,r){let s;const o=15+(e+65>>>9<<4),i=e+n;for(;o>=t.length;)t.push(0);for(t[e>>>5]|=128<<24-e%32,t[o]=4294967295&i,t[o-1]=i/4294967296|0,s=0;t.length>s;s+=16)r=B(t.slice(s,s+16),r);return r}class F extends class{constructor(t,e,n){const r=n||{};if(this.t=e,this.i=r.encoding||"UTF8",this.numRounds=r.numRounds||1,isNaN(this.numRounds)||this.numRounds!==parseInt(this.numRounds,10)||1>this.numRounds)throw Error("numRounds must a integer >= 1");this.o=t,this.h=[],this.u=0,this.l=!1,this.A=0,this.p=!1,this.R=[],this.U=[]}update(t){let e,n=0;const r=this.T>>>5,s=this.F(t,this.h,this.u),o=s.binLen,i=s.value,u=o>>>5;for(e=0;u>e;e+=r)o>=n+this.T&&(this.m=this.g(i.slice(e,e+r),this.m),n+=this.T);return this.A+=n,this.h=i.slice(n>>>5),this.u=o%this.T,this.l=!0,this}getHash(t,e){let n,r,s=this.B;const o=U(e);if(this.v){if(-1===o.outputLen)throw Error("Output length must be specified in options");s=o.outputLen}const i=b(t,s,this.Y,o);if(this.p&&this.H)return i(this.H(o));for(r=this.C(this.h.slice(),this.u,this.A,this.I(this.m),s),n=1;this.numRounds>n;n+=1)this.v&&s%32!=0&&(r[r.length-1]&=16777215>>>24-s%32),r=this.C(r,s,0,this.L(this.o),s);return i(r)}setHMACKey(t,e,n){if(!this.M)throw Error("Variant does not support HMAC");if(this.l)throw Error("Cannot set MAC key after calling update");const r=m(e,(n||{}).encoding||"UTF8",this.Y);this.N(r(t))}N(t){const e=this.T>>>3,n=e/4-1;let r;if(1!==this.numRounds)throw Error("Cannot set numRounds with MAC");if(this.p)throw Error("MAC key already set");for(t.binLen/8>e&&(t.value=this.C(t.value,t.binLen,0,this.L(this.o),this.B));n>=t.value.length;)t.value.push(0);for(r=0;n>=r;r+=1)this.R[r]=909522486^t.value[r],this.U[r]=1549556828^t.value[r];this.m=this.g(this.R,this.m),this.A=this.T,this.p=!0}getHMAC(t,e){const n=U(e);return b(t,this.B,this.Y,n)(this.S())}S(){let t;if(!this.p)throw Error("Cannot call getHMAC without first setting MAC key");const e=this.C(this.h.slice(),this.u,this.A,this.I(this.m),this.B);return t=this.g(this.U,this.L(this.o)),t=this.C(e,this.B,this.T,t,this.B),t}}{constructor(t,e,n){if("SHA-1"!==t)throw Error("Chosen SHA variant is not supported");super(t,e,n);const r=n||{};this.M=!0,this.H=this.S,this.Y=-1,this.F=m(this.t,this.i,this.Y),this.g=B,this.I=function(t){return t.slice()},this.L=T,this.C=C,this.m=[1732584193,4023233417,2562383102,271733878,3285377520],this.T=512,this.B=160,this.v=!1,r.hmacKey&&this.N(function(t,e,n,r){const s="hmacKey must include a value and format";if(!e)throw Error(s);if(void 0===e.value||!e.format)throw Error(s);return m(e.format,e.encoding||"UTF8",n)(e.value)}(0,r.hmacKey,this.Y))}}const L=400;function I(e,n={}){return function(e,{baseUrl:n="https://api.pwnedpasswords.com",userAgent:r}={}){const s=Object.assign({},r?{headers:{"User-Agent":r}}:{}),o=`${n.replace(/\/$/g,"")}${e}`;return t(o,s).then((t=>{if(t.ok)return t.text();if(t.status===L)return t.text().then((t=>{throw Error(t)}));throw Error(t.statusText)}))}("/range/"+encodeURIComponent(e),n).then((t=>t.split("\n").filter(Boolean))).then((t=>t.reduce(((t,e)=>{const[n,r]=e.split(":");return t[n]=parseInt(r,10),t}),{})))}function H(t,e={}){const n=new F("SHA-1","TEXT");n.update(t);const r=n.getHash("HEX",{outputUpper:!0}),s=r.slice(0,5),o=r.slice(5);return I(s,e).then((t=>t[o]||0))}function Y(t,e={truncate:!0}){const{apiKey:n,baseUrl:r,userAgent:s}=e;return Promise.all([f(t,e),/^.+@.+$/.test(t)?d(t,{apiKey:n,baseUrl:r,userAgent:s}):null]).then((t=>({breaches:t[0],pastes:t[1]})))}const{ReadableStream:S}=globalThis,{FormData:N,Blob:K}=globalThis,{Headers:M,Request:P,Response:$}=globalThis;var k=globalThis.fetch,X=Object.freeze({__proto__:null,Blob:K,FormData:N,Headers:M,ReadableStream:S,Request:P,Response:$,default:k});export{h as RateLimitError,c as breach,f as breachedAccount,l as breaches,p as dataClasses,d as pasteAccount,H as pwnedPassword,I as pwnedPasswordRange,Y as search};
+//# sourceMappingURL=hibp.module.js.map