hibp 0.0.0-dev.d74e2ad2 → 0.0.0-dev.eda2c27a

package/dist/cjs/subscription-status.cjs

@@ -27,6 +27,8 @@ var fetchFromApi = /*#__PURE__*/require('./api/haveibeenpwned/fetch-from-api.cjs
  * @param {string} [options.baseUrl] a custom base URL for the
  * haveibeenpwned.com API endpoints (default:
  * `https://haveibeenpwned.com/api/v3`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {Promise<SubscriptionStatus>} a Promise which resolves to a

package/dist/cjs/subscription-status.cjs.map

@@ -1 +1 @@
-{"version":3,"file":"subscription-status.cjs","sources":["../../src/subscription-status.ts"],"sourcesContent":["import type { SubscriptionStatus } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * An object representing the status of your HIBP subscription.\n *\n * @typedef {object} SubscriptionStatus\n * @property {string} SubscriptionName\n * @property {string} Description\n * @property {string} SubscribedUntil\n * @property {number} Rpm\n * @property {number} DomainSearchMaxBreachedAccounts\n */\n\n/**\n * Fetches the current status of your HIBP subscription (API key).\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `subscription/status` endpoint.\n * The `apiKey` option here is not explicitly required, but direct requests made\n * without it will fail (unless you specify a `baseUrl` to a proxy that inserts\n * a valid API key on your behalf).\n *\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<SubscriptionStatus>} a Promise which resolves to a\n * subscription status object, or rejects with an Error\n * @example\n * try {\n *   const data = await subscriptionStatus({ apiKey: \"my-api-key\" });\n *   // ...\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const data = await subscriptionStatus({\n *     baseUrl: \"https://my-hibp-proxy:8080\",\n *   });\n *   // ...\n * } catch (err) {\n *   // ...\n * }\n */\nexport async function subscriptionStatus(\n  options: {\n    /**\n     * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n     */\n    apiKey?: string;\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n) {\n  const endpoint = '/subscription/status';\n\n  return fetchFromApi(endpoint, options) as Promise<SubscriptionStatus>;\n}\n"],"names":["subscriptionStatus","options","endpoint","fetchFromApi"],"mappings":";;;;AAGA;;;;;;;;;AASG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmCG;AACI,eAAeA,kBAAkBA,CACtCC,UAeI,EAAE,EAAA;EAEN,MAAMC,QAAQ,GAAG,sBAAsB;EAEvC,OAAOC,YAAY,CAAAA,YAAA,CAACD,QAAQ,EAAED,OAAO,CAAgC;AACvE;"}
+{"version":3,"file":"subscription-status.cjs","sources":["../../src/subscription-status.ts"],"sourcesContent":["import type { SubscriptionStatus } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * An object representing the status of your HIBP subscription.\n *\n * @typedef {object} SubscriptionStatus\n * @property {string} SubscriptionName\n * @property {string} Description\n * @property {string} SubscribedUntil\n * @property {number} Rpm\n * @property {number} DomainSearchMaxBreachedAccounts\n */\n\n/**\n * Fetches the current status of your HIBP subscription (API key).\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `subscription/status` endpoint.\n * The `apiKey` option here is not explicitly required, but direct requests made\n * without it will fail (unless you specify a `baseUrl` to a proxy that inserts\n * a valid API key on your behalf).\n *\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<SubscriptionStatus>} a Promise which resolves to a\n * subscription status object, or rejects with an Error\n * @example\n * try {\n *   const data = await subscriptionStatus({ apiKey: \"my-api-key\" });\n *   // ...\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const data = await subscriptionStatus({\n *     baseUrl: \"https://my-hibp-proxy:8080\",\n *   });\n *   // ...\n * } catch (err) {\n *   // ...\n * }\n */\nexport async function subscriptionStatus(\n  options: {\n    /**\n     * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n     */\n    apiKey?: string;\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * timeout for the request in milliseconds (default: none)\n     */\n    timeoutMs?: number;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n) {\n  const endpoint = '/subscription/status';\n\n  return fetchFromApi(endpoint, options) as Promise<SubscriptionStatus>;\n}\n"],"names":["subscriptionStatus","options","endpoint","fetchFromApi"],"mappings":";;;;AAGA;;;;;;;;;AASG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqCG;AACI,eAAeA,kBAAkBA,CACtCC,UAmBI,EAAE,EAAA;EAEN,MAAMC,QAAQ,GAAG,sBAAsB;EAEvC,OAAOC,YAAY,CAAAA,YAAA,CAACD,QAAQ,EAAED,OAAO,CAAgC;AACvE;"}

package/dist/esm/api/fetch-polyfill.js

@@ -1,10 +1,12 @@
 /* eslint-disable global-require */
 /* eslint-disable @typescript-eslint/no-var-requires */
 /* eslint-disable @typescript-eslint/no-unsafe-assignment */
+/* eslint-disable @typescript-eslint/no-unnecessary-condition */
 // This can probably be removed in favor of Node's native fetch once we drop
 // support for v18. https://x.com/ebey_jacob/status/1709975146939973909?s=20
+/* c8 ignore start */
 function installUndiciOnNode18() {
-  if (typeof process !== 'undefined' && process.versions.node.startsWith('18.')) {
+  if (typeof process !== 'undefined' && process.versions?.node?.startsWith('18.')) {
     const {
       File: UndiciFile,
       fetch: undiciFetch,
@@ -21,5 +23,7 @@ function installUndiciOnNode18() {
     global.FormData = UndiciFormData;
   }
 }
+/* c8 ignore stop */
+
 export { installUndiciOnNode18 };
 //# sourceMappingURL=fetch-polyfill.js.map

package/dist/esm/api/fetch-polyfill.js.map

@@ -1 +1 @@
-{"version":3,"file":"fetch-polyfill.js","sources":["../../../src/api/fetch-polyfill.ts"],"sourcesContent":["/* eslint-disable global-require */\n/* eslint-disable @typescript-eslint/no-var-requires */\n/* eslint-disable @typescript-eslint/no-unsafe-assignment */\n\n// This can probably be removed in favor of Node's native fetch once we drop\n// support for v18. https://x.com/ebey_jacob/status/1709975146939973909?s=20\n\nexport function installUndiciOnNode18() {\n  if (\n    typeof process !== 'undefined' &&\n    process.versions.node.startsWith('18.')\n  ) {\n    const {\n      File: UndiciFile,\n      fetch: undiciFetch,\n      FormData: UndiciFormData,\n      Headers: UndiciHeaders,\n      Request: UndiciRequest,\n      Response: UndiciResponse,\n    } = require('undici');\n    global.File = UndiciFile as unknown as typeof File;\n    global.Headers = UndiciHeaders;\n    global.Request = UndiciRequest;\n    global.Response = UndiciResponse;\n    global.fetch = undiciFetch;\n    global.FormData = UndiciFormData;\n  }\n}\n"],"names":["installUndiciOnNode18","process","versions","node","startsWith","File","UndiciFile","fetch","undiciFetch","FormData","UndiciFormData","Headers","UndiciHeaders","Request","UndiciRequest","Response","UndiciResponse","require","global"],"mappings":"AAAA;AACA;AACA;AAEA;AACA;SAEgBA,qBAAqBA,CAAA,EAAA;EACnC,IACE,OAAOC,OAAO,KAAK,WAAW,IAC9BA,OAAO,CAACC,QAAQ,CAACC,IAAI,CAACC,UAAU,CAAC,KAAK,CAAC,EACvC;IACA,MAAM;MACJC,IAAI,EAAEC,UAAU;MAChBC,KAAK,EAAEC,WAAW;MAClBC,QAAQ,EAAEC,cAAc;MACxBC,OAAO,EAAEC,aAAa;MACtBC,OAAO,EAAEC,aAAa;MACtBC,QAAQ,EAAEC;IAAc,CACzB,GAAGC,OAAO,CAAC,QAAQ,CAAC;IACrBC,MAAM,CAACb,IAAI,GAAGC,UAAoC;IAClDY,MAAM,CAACP,OAAO,GAAGC,aAAa;IAC9BM,MAAM,CAACL,OAAO,GAAGC,aAAa;IAC9BI,MAAM,CAACH,QAAQ,GAAGC,cAAc;IAChCE,MAAM,CAACX,KAAK,GAAGC,WAAW;IAC1BU,MAAM,CAACT,QAAQ,GAAGC,cAAc;EACjC;AACH;"}
+{"version":3,"file":"fetch-polyfill.js","sources":["../../../src/api/fetch-polyfill.ts"],"sourcesContent":["/* eslint-disable global-require */\n/* eslint-disable @typescript-eslint/no-var-requires */\n/* eslint-disable @typescript-eslint/no-unsafe-assignment */\n/* eslint-disable @typescript-eslint/no-unnecessary-condition */\n\n// This can probably be removed in favor of Node's native fetch once we drop\n// support for v18. https://x.com/ebey_jacob/status/1709975146939973909?s=20\n\n/* c8 ignore start */\nexport function installUndiciOnNode18() {\n  if (\n    typeof process !== 'undefined' &&\n    process.versions?.node?.startsWith('18.')\n  ) {\n    const {\n      File: UndiciFile,\n      fetch: undiciFetch,\n      FormData: UndiciFormData,\n      Headers: UndiciHeaders,\n      Request: UndiciRequest,\n      Response: UndiciResponse,\n    } = require('undici');\n    global.File = UndiciFile as unknown as typeof File;\n    global.Headers = UndiciHeaders;\n    global.Request = UndiciRequest;\n    global.Response = UndiciResponse;\n    global.fetch = undiciFetch;\n    global.FormData = UndiciFormData;\n  }\n}\n/* c8 ignore stop */\n"],"names":["installUndiciOnNode18","process","versions","node","startsWith","File","UndiciFile","fetch","undiciFetch","FormData","UndiciFormData","Headers","UndiciHeaders","Request","UndiciRequest","Response","UndiciResponse","require","global"],"mappings":"AAAA;AACA;AACA;AACA;AAEA;AACA;AAEA;SACgBA,qBAAqBA,CAAA,EAAA;EACnC,IACE,OAAOC,OAAO,KAAK,WAAW,IAC9BA,OAAO,CAACC,QAAQ,EAAEC,IAAI,EAAEC,UAAU,CAAC,KAAK,CAAC,EACzC;IACA,MAAM;MACJC,IAAI,EAAEC,UAAU;MAChBC,KAAK,EAAEC,WAAW;MAClBC,QAAQ,EAAEC,cAAc;MACxBC,OAAO,EAAEC,aAAa;MACtBC,OAAO,EAAEC,aAAa;MACtBC,QAAQ,EAAEC;IAAc,CACzB,GAAGC,OAAO,CAAC,QAAQ,CAAC;IACrBC,MAAM,CAACb,IAAI,GAAGC,UAAoC;IAClDY,MAAM,CAACP,OAAO,GAAGC,aAAa;IAC9BM,MAAM,CAACL,OAAO,GAAGC,aAAa;IAC9BI,MAAM,CAACH,QAAQ,GAAGC,cAAc;IAChCE,MAAM,CAACX,KAAK,GAAGC,WAAW;IAC1BU,MAAM,CAACT,QAAQ,GAAGC,cAAc;EACjC;AACH;AACA;;"}

package/dist/esm/api/haveibeenpwned/fetch-from-api.js

@@ -44,6 +44,8 @@ function blockedWithRayId(rayId) {
  * @param {string} [options.baseUrl] a custom base URL for the
  * haveibeenpwned.com API endpoints (default:
  * `https://haveibeenpwned.com/api/v3`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {Promise<ApiData>} a Promise which resolves to the data resulting
@@ -54,6 +56,7 @@ async function fetchFromApi(endpoint, options = {}) {
   const {
     apiKey,
     baseUrl = 'https://haveibeenpwned.com/api/v3',
+    timeoutMs,
     userAgent
   } = options;
   const headers = {};
@@ -68,7 +71,10 @@ async function fetchFromApi(endpoint, options = {}) {
     headers['User-Agent'] = `${name} ${version}`;
   }
   const config = {
-    headers
+    headers,
+    ...(timeoutMs ? {
+      signal: AbortSignal.timeout(timeoutMs)
+    } : {})
   };
   const url = `${baseUrl.replace(/\/$/g, '')}${endpoint}`;
   const response = await fetch(url, config);

package/dist/esm/api/haveibeenpwned/fetch-from-api.js.map

@@ -1 +1 @@
-{"version":3,"file":"fetch-from-api.js","sources":["../../../../src/api/haveibeenpwned/fetch-from-api.ts"],"sourcesContent":["import { name, version } from '../../../package.json';\nimport { installUndiciOnNode18 } from '../fetch-polyfill.js';\nimport {\n  BAD_REQUEST,\n  UNAUTHORIZED,\n  FORBIDDEN,\n  NOT_FOUND,\n  TOO_MANY_REQUESTS,\n} from './responses.js';\nimport type { ApiData, ErrorData } from './types.js';\n\ninstallUndiciOnNode18();\n\n/**\n * Custom error thrown when the haveibeenpwned.com API responds with 429 Too\n * Many Requests. See the `retryAfterSeconds` property for the number of seconds\n * to wait before attempting the request again.\n *\n * @see https://haveibeenpwned.com/API/v3#RateLimiting\n */\nexport class RateLimitError extends Error {\n  /**\n   * The number of seconds to wait before attempting the request again. May be\n   * `undefined` if the API does not provide a `retry-after` header, but this\n   * should never happen.\n   */\n  public retryAfterSeconds: number | undefined;\n\n  constructor(\n    retryAfter: ReturnType<Headers['get']>,\n    message: string | undefined,\n    options?: ErrorOptions,\n  ) {\n    super(message, options);\n    this.name = this.constructor.name;\n    this.retryAfterSeconds =\n      typeof retryAfter === 'string'\n        ? Number.parseInt(retryAfter, 10) /* c8 ignore start */\n        : undefined; /* c8 ignore stop */\n  }\n}\n\nfunction blockedWithRayId(rayId: string) {\n  return `Request blocked, contact haveibeenpwned.com if this continues (Ray ID: ${rayId})`;\n}\n\n/**\n * Fetches data from the supplied API endpoint.\n *\n * HTTP status code 200 returns an Object (data found).\n * HTTP status code 404 returns null (no data found).\n * HTTP status code 400 throws an Error (bad request).\n * HTTP status code 401 throws an Error (unauthorized).\n * HTTP status code 403 throws an Error (forbidden).\n * HTTP status code 429 throws an Error (too many requests).\n *\n * @internal\n * @private\n * @param {string} endpoint the API endpoint to query\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<ApiData>} a Promise which resolves to the data resulting\n * from the query (or null for 404 Not Found responses), or rejects with an\n * Error\n */\nexport async function fetchFromApi(\n  endpoint: string,\n  options: {\n    apiKey?: string;\n    baseUrl?: string;\n    userAgent?: string;\n  } = {},\n): Promise<ApiData> {\n  const {\n    apiKey,\n    baseUrl = 'https://haveibeenpwned.com/api/v3',\n    userAgent,\n  } = options;\n  const headers: Record<string, string> = {};\n\n  if (apiKey) {\n    headers['HIBP-API-Key'] = apiKey;\n  }\n\n  if (userAgent) {\n    headers['User-Agent'] = userAgent;\n  }\n\n  // Provide a default User-Agent when running outside the browser\n  if (!userAgent && typeof navigator === 'undefined') {\n    headers['User-Agent'] = `${name} ${version}`;\n  }\n\n  const config = { headers };\n  const url = `${baseUrl.replace(/\\/$/g, '')}${endpoint}`;\n  const response = await fetch(url, config);\n\n  if (response.ok) return response.json() as Promise<ApiData>;\n\n  switch (response.status) {\n    case BAD_REQUEST.status: {\n      throw new Error(BAD_REQUEST.statusText);\n    }\n    case UNAUTHORIZED.status: {\n      const body = (await response.json()) as unknown as ErrorData;\n      throw new Error(body.message);\n    }\n    case FORBIDDEN.status: {\n      const rayId = response.headers.get('cf-ray');\n      if (rayId) throw new Error(blockedWithRayId(rayId));\n      throw new Error(FORBIDDEN.statusText);\n    }\n    case NOT_FOUND.status: {\n      return null;\n    }\n    case TOO_MANY_REQUESTS.status: {\n      const body = (await response.json()) as unknown as ErrorData;\n      const retryAfter = response.headers.get('retry-after');\n      throw new RateLimitError(retryAfter, body.message);\n    }\n    default: {\n      throw new Error(response.statusText);\n    }\n  }\n}\n"],"names":["installUndiciOnNode18","RateLimitError","Error","retryAfterSeconds","constructor","retryAfter","message","options","name","Number","parseInt","undefined","blockedWithRayId","rayId","fetchFromApi","endpoint","apiKey","baseUrl","userAgent","headers","navigator","version","config","url","replace","response","fetch","ok","json","status","BAD_REQUEST","statusText","UNAUTHORIZED","body","FORBIDDEN","get","NOT_FOUND","TOO_MANY_REQUESTS"],"mappings":";;;AAWAA,qBAAqB,EAAE;AAEvB;;;;;;AAMG;AACG,MAAOC,cAAe,SAAQC,KAAK,CAAA;EACvC;;;;AAIG;EACIC,iBAAiB;EAExBC,WAAAA,CACEC,UAAsC,EACtCC,OAA2B,EAC3BC,OAAsB,EAAA;IAEtB,KAAK,CAACD,OAAO,EAAEC,OAAO,CAAC;IACvB,IAAI,CAACC,IAAI,GAAG,IAAI,CAACJ,WAAW,CAACI,IAAI;IACjC,IAAI,CAACL,iBAAiB,GACpB,OAAOE,UAAU,KAAK,QAAQ,GAC1BI,MAAM,CAACC,QAAQ,CAACL,UAAU,EAAE,EAAE,CAAC,CAAA,wBAC/BM,SAAS,CAAC,CAAA;EACjB;AACF;AAED,SAASC,gBAAgBA,CAACC,KAAa,EAAA;EACrC,OAAO,0EAA0EA,KAAK,GAAG;AAC3F;AAEA;;;;;;;;;;;;;;;;;;;;;;;;AAwBG;AACI,eAAeC,YAAYA,CAChCC,QAAgB,EAChBR,UAII,EAAE,EAAA;EAEN,MAAM;IACJS,MAAM;IACNC,OAAO,GAAG,mCAAmC;IAC7CC;EAAS,CACV,GAAGX,OAAO;EACX,MAAMY,OAAO,GAA2B,CAAA,CAAE;EAE1C,IAAIH,MAAM,EAAE;IACVG,OAAO,CAAC,cAAc,CAAC,GAAGH,MAAM;EACjC;EAED,IAAIE,SAAS,EAAE;IACbC,OAAO,CAAC,YAAY,CAAC,GAAGD,SAAS;EAClC;;EAGD,IAAI,CAACA,SAAS,IAAI,OAAOE,SAAS,KAAK,WAAW,EAAE;IAClDD,OAAO,CAAC,YAAY,CAAC,MAAMX,IAAI,IAAIa,OAAO,EAAE;EAC7C;EAED,MAAMC,MAAM,GAAG;IAAEH;GAAS;EAC1B,MAAMI,GAAG,GAAM,GAAAN,OAAO,CAACO,OAAO,CAAC,MAAM,EAAE,EAAE,CAAI,GAAAT,UAAU;EACvD,MAAMU,QAAQ,GAAG,MAAMC,KAAK,CAACH,GAAG,EAAED,MAAM,CAAC;EAEzC,IAAIG,QAAQ,CAACE,EAAE,EAAE,OAAOF,QAAQ,CAACG,IAAI,EAAsB;EAE3D,QAAQH,QAAQ,CAACI,MAAM;IACrB,KAAKC,WAAW,CAACD,MAAM;MAAE;QACvB,MAAM,IAAI3B,KAAK,CAAC4B,WAAW,CAACC,UAAU,CAAC;MACxC;IACD,KAAKC,YAAY,CAACH,MAAM;MAAE;QACxB,MAAMI,IAAI,GAAI,MAAMR,QAAQ,CAACG,IAAI,CAAE,CAAyB;QAC5D,MAAM,IAAI1B,KAAK,CAAC+B,IAAI,CAAC3B,OAAO,CAAC;MAC9B;IACD,KAAK4B,SAAS,CAACL,MAAM;MAAE;QACrB,MAAMhB,KAAK,GAAGY,QAAQ,CAACN,OAAO,CAACgB,GAAG,CAAC,QAAQ,CAAC;QAC5C,IAAItB,KAAK,EAAE,MAAM,IAAIX,KAAK,CAACU,gBAAgB,CAACC,KAAK,CAAC,CAAC;QACnD,MAAM,IAAIX,KAAK,CAACgC,SAAS,CAACH,UAAU,CAAC;MACtC;IACD,KAAKK,SAAS,CAACP,MAAM;MAAE;QACrB,OAAO,IAAI;MACZ;IACD,KAAKQ,iBAAiB,CAACR,MAAM;MAAE;QAC7B,MAAMI,IAAI,GAAI,MAAMR,QAAQ,CAACG,IAAI,CAAE,CAAyB;QAC5D,MAAMvB,UAAU,GAAGoB,QAAQ,CAACN,OAAO,CAACgB,GAAG,CAAC,aAAa,CAAC;QACtD,MAAM,IAAIlC,cAAc,CAACI,UAAU,EAAE4B,IAAI,CAAC3B,OAAO,CAAC;MACnD;IACD;MAAS;QACP,MAAM,IAAIJ,KAAK,CAACuB,QAAQ,CAACM,UAAU,CAAC;MACrC;EACF;AACH;"}
+{"version":3,"file":"fetch-from-api.js","sources":["../../../../src/api/haveibeenpwned/fetch-from-api.ts"],"sourcesContent":["import { name, version } from '../../../package.json';\nimport { installUndiciOnNode18 } from '../fetch-polyfill.js';\nimport {\n  BAD_REQUEST,\n  UNAUTHORIZED,\n  FORBIDDEN,\n  NOT_FOUND,\n  TOO_MANY_REQUESTS,\n} from './responses.js';\nimport type { ApiData, ErrorData } from './types.js';\n\ninstallUndiciOnNode18();\n\n/**\n * Custom error thrown when the haveibeenpwned.com API responds with 429 Too\n * Many Requests. See the `retryAfterSeconds` property for the number of seconds\n * to wait before attempting the request again.\n *\n * @see https://haveibeenpwned.com/API/v3#RateLimiting\n */\nexport class RateLimitError extends Error {\n  /**\n   * The number of seconds to wait before attempting the request again. May be\n   * `undefined` if the API does not provide a `retry-after` header, but this\n   * should never happen.\n   */\n  public retryAfterSeconds: number | undefined;\n\n  constructor(\n    retryAfter: ReturnType<Headers['get']>,\n    message: string | undefined,\n    options?: ErrorOptions,\n  ) {\n    super(message, options);\n    this.name = this.constructor.name;\n    this.retryAfterSeconds =\n      typeof retryAfter === 'string'\n        ? Number.parseInt(retryAfter, 10) /* c8 ignore start */\n        : undefined; /* c8 ignore stop */\n  }\n}\n\nfunction blockedWithRayId(rayId: string) {\n  return `Request blocked, contact haveibeenpwned.com if this continues (Ray ID: ${rayId})`;\n}\n\n/**\n * Fetches data from the supplied API endpoint.\n *\n * HTTP status code 200 returns an Object (data found).\n * HTTP status code 404 returns null (no data found).\n * HTTP status code 400 throws an Error (bad request).\n * HTTP status code 401 throws an Error (unauthorized).\n * HTTP status code 403 throws an Error (forbidden).\n * HTTP status code 429 throws an Error (too many requests).\n *\n * @internal\n * @private\n * @param {string} endpoint the API endpoint to query\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<ApiData>} a Promise which resolves to the data resulting\n * from the query (or null for 404 Not Found responses), or rejects with an\n * Error\n */\nexport async function fetchFromApi(\n  endpoint: string,\n  options: {\n    apiKey?: string;\n    baseUrl?: string;\n    timeoutMs?: number;\n    userAgent?: string;\n  } = {},\n): Promise<ApiData> {\n  const {\n    apiKey,\n    baseUrl = 'https://haveibeenpwned.com/api/v3',\n    timeoutMs,\n    userAgent,\n  } = options;\n  const headers: Record<string, string> = {};\n\n  if (apiKey) {\n    headers['HIBP-API-Key'] = apiKey;\n  }\n\n  if (userAgent) {\n    headers['User-Agent'] = userAgent;\n  }\n\n  // Provide a default User-Agent when running outside the browser\n  if (!userAgent && typeof navigator === 'undefined') {\n    headers['User-Agent'] = `${name} ${version}`;\n  }\n\n  const config: RequestInit = {\n    headers,\n    ...(timeoutMs ? { signal: AbortSignal.timeout(timeoutMs) } : {}),\n  };\n  const url = `${baseUrl.replace(/\\/$/g, '')}${endpoint}`;\n  const response = await fetch(url, config);\n\n  if (response.ok) return response.json() as Promise<ApiData>;\n\n  switch (response.status) {\n    case BAD_REQUEST.status: {\n      throw new Error(BAD_REQUEST.statusText);\n    }\n    case UNAUTHORIZED.status: {\n      const body = (await response.json()) as unknown as ErrorData;\n      throw new Error(body.message);\n    }\n    case FORBIDDEN.status: {\n      const rayId = response.headers.get('cf-ray');\n      if (rayId) throw new Error(blockedWithRayId(rayId));\n      throw new Error(FORBIDDEN.statusText);\n    }\n    case NOT_FOUND.status: {\n      return null;\n    }\n    case TOO_MANY_REQUESTS.status: {\n      const body = (await response.json()) as unknown as ErrorData;\n      const retryAfter = response.headers.get('retry-after');\n      throw new RateLimitError(retryAfter, body.message);\n    }\n    default: {\n      throw new Error(response.statusText);\n    }\n  }\n}\n"],"names":["installUndiciOnNode18","RateLimitError","Error","retryAfterSeconds","constructor","retryAfter","message","options","name","Number","parseInt","undefined","blockedWithRayId","rayId","fetchFromApi","endpoint","apiKey","baseUrl","timeoutMs","userAgent","headers","navigator","version","config","signal","AbortSignal","timeout","url","replace","response","fetch","ok","json","status","BAD_REQUEST","statusText","UNAUTHORIZED","body","FORBIDDEN","get","NOT_FOUND","TOO_MANY_REQUESTS"],"mappings":";;;AAWAA,qBAAqB,EAAE;AAEvB;;;;;;AAMG;AACG,MAAOC,cAAe,SAAQC,KAAK,CAAA;EACvC;;;;AAIG;EACIC,iBAAiB;EAExBC,WAAAA,CACEC,UAAsC,EACtCC,OAA2B,EAC3BC,OAAsB,EAAA;IAEtB,KAAK,CAACD,OAAO,EAAEC,OAAO,CAAC;IACvB,IAAI,CAACC,IAAI,GAAG,IAAI,CAACJ,WAAW,CAACI,IAAI;IACjC,IAAI,CAACL,iBAAiB,GACpB,OAAOE,UAAU,KAAK,QAAQ,GAC1BI,MAAM,CAACC,QAAQ,CAACL,UAAU,EAAE,EAAE,CAAC,CAAA,wBAC/BM,SAAS,CAAC,CAAA;EACjB;AACF;AAED,SAASC,gBAAgBA,CAACC,KAAa,EAAA;EACrC,OAAO,0EAA0EA,KAAK,GAAG;AAC3F;AAEA;;;;;;;;;;;;;;;;;;;;;;;;;;AA0BG;AACI,eAAeC,YAAYA,CAChCC,QAAgB,EAChBR,UAKI,EAAE,EAAA;EAEN,MAAM;IACJS,MAAM;IACNC,OAAO,GAAG,mCAAmC;IAC7CC,SAAS;IACTC;EACD,CAAA,GAAGZ,OAAO;EACX,MAAMa,OAAO,GAA2B,CAAA,CAAE;EAE1C,IAAIJ,MAAM,EAAE;IACVI,OAAO,CAAC,cAAc,CAAC,GAAGJ,MAAM;EACjC;EAED,IAAIG,SAAS,EAAE;IACbC,OAAO,CAAC,YAAY,CAAC,GAAGD,SAAS;EAClC;;EAGD,IAAI,CAACA,SAAS,IAAI,OAAOE,SAAS,KAAK,WAAW,EAAE;IAClDD,OAAO,CAAC,YAAY,CAAC,MAAMZ,IAAI,IAAIc,OAAO,EAAE;EAC7C;EAED,MAAMC,MAAM,GAAgB;IAC1BH,OAAO;IACP,IAAIF,SAAS,GAAG;MAAEM,MAAM,EAAEC,WAAW,CAACC,OAAO,CAACR,SAAS;IAAC,CAAE,GAAG,CAAE,CAAA;GAChE;EACD,MAAMS,GAAG,GAAM,GAAAV,OAAO,CAACW,OAAO,CAAC,MAAM,EAAE,EAAE,CAAI,GAAAb,UAAU;EACvD,MAAMc,QAAQ,GAAG,MAAMC,KAAK,CAACH,GAAG,EAAEJ,MAAM,CAAC;EAEzC,IAAIM,QAAQ,CAACE,EAAE,EAAE,OAAOF,QAAQ,CAACG,IAAI,EAAsB;EAE3D,QAAQH,QAAQ,CAACI,MAAM;IACrB,KAAKC,WAAW,CAACD,MAAM;MAAE;QACvB,MAAM,IAAI/B,KAAK,CAACgC,WAAW,CAACC,UAAU,CAAC;MACxC;IACD,KAAKC,YAAY,CAACH,MAAM;MAAE;QACxB,MAAMI,IAAI,GAAI,MAAMR,QAAQ,CAACG,IAAI,CAAE,CAAyB;QAC5D,MAAM,IAAI9B,KAAK,CAACmC,IAAI,CAAC/B,OAAO,CAAC;MAC9B;IACD,KAAKgC,SAAS,CAACL,MAAM;MAAE;QACrB,MAAMpB,KAAK,GAAGgB,QAAQ,CAACT,OAAO,CAACmB,GAAG,CAAC,QAAQ,CAAC;QAC5C,IAAI1B,KAAK,EAAE,MAAM,IAAIX,KAAK,CAACU,gBAAgB,CAACC,KAAK,CAAC,CAAC;QACnD,MAAM,IAAIX,KAAK,CAACoC,SAAS,CAACH,UAAU,CAAC;MACtC;IACD,KAAKK,SAAS,CAACP,MAAM;MAAE;QACrB,OAAO,IAAI;MACZ;IACD,KAAKQ,iBAAiB,CAACR,MAAM;MAAE;QAC7B,MAAMI,IAAI,GAAI,MAAMR,QAAQ,CAACG,IAAI,CAAE,CAAyB;QAC5D,MAAM3B,UAAU,GAAGwB,QAAQ,CAACT,OAAO,CAACmB,GAAG,CAAC,aAAa,CAAC;QACtD,MAAM,IAAItC,cAAc,CAACI,UAAU,EAAEgC,IAAI,CAAC/B,OAAO,CAAC;MACnD;IACD;MAAS;QACP,MAAM,IAAIJ,KAAK,CAAC2B,QAAQ,CAACM,UAAU,CAAC;MACrC;EACF;AACH;"}

package/dist/esm/api/pwnedpasswords/fetch-from-api.js

@@ -13,6 +13,8 @@ installUndiciOnNode18();
  * @param {object} [options] a configuration object
  * @param {string} [options.baseUrl] a custom base URL for the
  * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @param {boolean} [options.addPadding] ask the remote API to add padding to
@@ -25,19 +27,24 @@ installUndiciOnNode18();
 async function fetchFromApi(endpoint, options = {}) {
   const {
     baseUrl = 'https://api.pwnedpasswords.com',
+    timeoutMs,
     userAgent,
     addPadding = false,
     mode = 'sha1'
   } = options;
-  const config = Object.assign({}, userAgent ? {
+  const config = {
     headers: {
-      'User-Agent': userAgent
-    }
-  } : {}, addPadding ? {
-    headers: {
-      'Add-Padding': 'true'
-    }
-  } : {});
+      ...(userAgent ? {
+        'User-Agent': userAgent
+      } : {}),
+      ...(addPadding ? {
+        'Add-Padding': 'true'
+      } : {})
+    },
+    ...(timeoutMs ? {
+      signal: AbortSignal.timeout(timeoutMs)
+    } : {})
+  };
   const url = `${baseUrl.replace(/\/$/g, '')}${endpoint}?mode=${mode}`;
   const response = await fetch(url, config);
   if (response.ok) return response.text();

package/dist/esm/api/pwnedpasswords/fetch-from-api.js.map

@@ -1 +1 @@
-{"version":3,"file":"fetch-from-api.js","sources":["../../../../src/api/pwnedpasswords/fetch-from-api.ts"],"sourcesContent":["import { installUndiciOnNode18 } from '../fetch-polyfill.js';\nimport { BAD_REQUEST } from './responses.js';\n\ninstallUndiciOnNode18();\n\n/**\n * Fetches data from the supplied API endpoint.\n *\n * HTTP status code 200 returns plain text (data found).\n * HTTP status code 400 throws an Error (bad request).\n *\n * @internal\n * @private\n * @param {string} endpoint the API endpoint to query\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @param {boolean} [options.addPadding] ask the remote API to add padding to\n * the response to obscure the password prefix (default: `false`)\n * @param {'sha1' | 'ntlm'} [options.mode] return SHA-1 or NTLM hashes\n * (default: `sha1`)\n * @returns {Promise<string>} a Promise which resolves to the data resulting\n * from the query, or rejects with an Error\n */\nexport async function fetchFromApi(\n  endpoint: string,\n  options: {\n    baseUrl?: string;\n    userAgent?: string;\n    addPadding?: boolean;\n    mode?: 'sha1' | 'ntlm';\n  } = {},\n): Promise<string> {\n  const {\n    baseUrl = 'https://api.pwnedpasswords.com',\n    userAgent,\n    addPadding = false,\n    mode = 'sha1',\n  } = options;\n\n  const config = Object.assign(\n    {},\n    userAgent ? { headers: { 'User-Agent': userAgent } } : {},\n    addPadding ? { headers: { 'Add-Padding': 'true' } } : {},\n  );\n  const url = `${baseUrl.replace(/\\/$/g, '')}${endpoint}?mode=${mode}`;\n  const response = await fetch(url, config);\n\n  if (response.ok) return response.text();\n\n  if (response.status === BAD_REQUEST.status) {\n    const text = await response.text();\n    throw new Error(text);\n  }\n\n  throw new Error(response.statusText);\n}\n"],"names":["installUndiciOnNode18","fetchFromApi","endpoint","options","baseUrl","userAgent","addPadding","mode","config","Object","assign","headers","url","replace","response","fetch","ok","text","status","BAD_REQUEST","Error","statusText"],"mappings":";;AAGAA,qBAAqB,EAAE;AAEvB;;;;;;;;;;;;;;;;;;;;AAoBG;AACI,eAAeC,YAAYA,CAChCC,QAAgB,EAChBC,UAKI,EAAE,EAAA;EAEN,MAAM;IACJC,OAAO,GAAG,gCAAgC;IAC1CC,SAAS;IACTC,UAAU,GAAG,KAAK;IAClBC,IAAI,GAAG;EACR,CAAA,GAAGJ,OAAO;EAEX,MAAMK,MAAM,GAAGC,MAAM,CAACC,MAAM,CAC1B,CAAA,CAAE,EACFL,SAAS,GAAG;IAAEM,OAAO,EAAE;MAAE,YAAY,EAAEN;IAAW;EAAA,CAAE,GAAG,CAAE,CAAA,EACzDC,UAAU,GAAG;IAAEK,OAAO,EAAE;MAAE,aAAa,EAAE;IAAM;GAAI,GAAG,CAAA,CAAE,CACzD;EACD,MAAMC,GAAG,GAAG,GAAGR,OAAO,CAACS,OAAO,CAAC,MAAM,EAAE,EAAE,CAAI,GAAAX,QAAiB,SAAAK,MAAM;EACpE,MAAMO,QAAQ,GAAG,MAAMC,KAAK,CAACH,GAAG,EAAEJ,MAAM,CAAC;EAEzC,IAAIM,QAAQ,CAACE,EAAE,EAAE,OAAOF,QAAQ,CAACG,IAAI,EAAE;EAEvC,IAAIH,QAAQ,CAACI,MAAM,KAAKC,WAAW,CAACD,MAAM,EAAE;IAC1C,MAAMD,IAAI,GAAG,MAAMH,QAAQ,CAACG,IAAI,EAAE;IAClC,MAAM,IAAIG,KAAK,CAACH,IAAI,CAAC;EACtB;EAED,MAAM,IAAIG,KAAK,CAACN,QAAQ,CAACO,UAAU,CAAC;AACtC;"}
+{"version":3,"file":"fetch-from-api.js","sources":["../../../../src/api/pwnedpasswords/fetch-from-api.ts"],"sourcesContent":["import { installUndiciOnNode18 } from '../fetch-polyfill.js';\nimport { BAD_REQUEST } from './responses.js';\n\ninstallUndiciOnNode18();\n\n/**\n * Fetches data from the supplied API endpoint.\n *\n * HTTP status code 200 returns plain text (data found).\n * HTTP status code 400 throws an Error (bad request).\n *\n * @internal\n * @private\n * @param {string} endpoint the API endpoint to query\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @param {boolean} [options.addPadding] ask the remote API to add padding to\n * the response to obscure the password prefix (default: `false`)\n * @param {'sha1' | 'ntlm'} [options.mode] return SHA-1 or NTLM hashes\n * (default: `sha1`)\n * @returns {Promise<string>} a Promise which resolves to the data resulting\n * from the query, or rejects with an Error\n */\nexport async function fetchFromApi(\n  endpoint: string,\n  options: {\n    baseUrl?: string;\n    timeoutMs?: number;\n    userAgent?: string;\n    addPadding?: boolean;\n    mode?: 'sha1' | 'ntlm';\n  } = {},\n): Promise<string> {\n  const {\n    baseUrl = 'https://api.pwnedpasswords.com',\n    timeoutMs,\n    userAgent,\n    addPadding = false,\n    mode = 'sha1',\n  } = options;\n\n  const config: RequestInit = {\n    headers: {\n      ...(userAgent ? { 'User-Agent': userAgent } : {}),\n      ...(addPadding ? { 'Add-Padding': 'true' } : {}),\n    },\n    ...(timeoutMs ? { signal: AbortSignal.timeout(timeoutMs) } : {}),\n  };\n  const url = `${baseUrl.replace(/\\/$/g, '')}${endpoint}?mode=${mode}`;\n  const response = await fetch(url, config);\n\n  if (response.ok) return response.text();\n\n  if (response.status === BAD_REQUEST.status) {\n    const text = await response.text();\n    throw new Error(text);\n  }\n\n  throw new Error(response.statusText);\n}\n"],"names":["installUndiciOnNode18","fetchFromApi","endpoint","options","baseUrl","timeoutMs","userAgent","addPadding","mode","config","headers","signal","AbortSignal","timeout","url","replace","response","fetch","ok","text","status","BAD_REQUEST","Error","statusText"],"mappings":";;AAGAA,qBAAqB,EAAE;AAEvB;;;;;;;;;;;;;;;;;;;;;;AAsBG;AACI,eAAeC,YAAYA,CAChCC,QAAgB,EAChBC,UAMI,EAAE,EAAA;EAEN,MAAM;IACJC,OAAO,GAAG,gCAAgC;IAC1CC,SAAS;IACTC,SAAS;IACTC,UAAU,GAAG,KAAK;IAClBC,IAAI,GAAG;EACR,CAAA,GAAGL,OAAO;EAEX,MAAMM,MAAM,GAAgB;IAC1BC,OAAO,EAAE;MACP,IAAIJ,SAAS,GAAG;QAAE,YAAY,EAAEA;MAAW,CAAA,GAAG,CAAE,CAAA,CAAA;MAChD,IAAIC,UAAU,GAAG;QAAE,aAAa,EAAE;MAAQ,CAAA,GAAG,CAAE,CAAA;IAChD,CAAA;IACD,IAAIF,SAAS,GAAG;MAAEM,MAAM,EAAEC,WAAW,CAACC,OAAO,CAACR,SAAS;IAAC,CAAE,GAAG,CAAE,CAAA;GAChE;EACD,MAAMS,GAAG,GAAG,GAAGV,OAAO,CAACW,OAAO,CAAC,MAAM,EAAE,EAAE,CAAI,GAAAb,QAAiB,SAAAM,MAAM;EACpE,MAAMQ,QAAQ,GAAG,MAAMC,KAAK,CAACH,GAAG,EAAEL,MAAM,CAAC;EAEzC,IAAIO,QAAQ,CAACE,EAAE,EAAE,OAAOF,QAAQ,CAACG,IAAI,EAAE;EAEvC,IAAIH,QAAQ,CAACI,MAAM,KAAKC,WAAW,CAACD,MAAM,EAAE;IAC1C,MAAMD,IAAI,GAAG,MAAMH,QAAQ,CAACG,IAAI,EAAE;IAClC,MAAM,IAAIG,KAAK,CAACH,IAAI,CAAC;EACtB;EAED,MAAM,IAAIG,KAAK,CAACN,QAAQ,CAACO,UAAU,CAAC;AACtC;"}

package/dist/esm/breach.js

@@ -30,6 +30,8 @@ import { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';
  * @param {string} [options.baseUrl] a custom base URL for the
  * haveibeenpwned.com API endpoints (default:
  * `https://haveibeenpwned.com/api/v3`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {(Promise<Breach>|Promise<null>)} a Promise which resolves to an

package/dist/esm/breach.js.map

@@ -1 +1 @@
-{"version":3,"file":"breach.js","sources":["../../src/breach.ts"],"sourcesContent":["import type { Breach } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * An object representing a breach.\n *\n * @typedef {object} Breach\n * @property {string} Name\n * @property {string} Title\n * @property {string} Domain\n * @property {string} BreachDate\n * @property {string} AddedDate\n * @property {string} ModifiedDate\n * @property {number} PwnCount\n * @property {string} Description\n * @property {string[]} DataClasses\n * @property {boolean} IsVerified\n * @property {boolean} IsFabricated\n * @property {boolean} IsSensitive\n * @property {boolean} IsRetired\n * @property {boolean} IsSpamList\n * @property {boolean} IsMalware\n * @property {boolean} IsSubscriptionFree\n * @property {string} LogoPath\n */\n\n/**\n * Fetches data for a specific breach event.\n *\n * @param {string} breachName the name of a breach in the system\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Breach>|Promise<null>)} a Promise which resolves to an\n * object representing a breach (or null if no breach was found), or rejects\n * with an Error\n * @example\n * try {\n *   const data = await breach(\"Adobe\");\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n */\nexport function breach(\n  breachName: string,\n  options: {\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<Breach | null> {\n  return fetchFromApi(\n    `/breach/${encodeURIComponent(breachName)}`,\n    options,\n  ) as Promise<Breach | null>;\n}\n"],"names":["breach","breachName","options","fetchFromApi","encodeURIComponent"],"mappings":";;AAGA;;;;;;;;;;;;;;;;;;;;;AAqBG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;AAwBG;SACaA,MAAMA,CACpBC,UAAkB,EAClBC,UAWI,EAAE,EAAA;EAEN,OAAOC,YAAY,CACjB,WAAWC,kBAAkB,CAACH,UAAU,CAAG,EAAA,EAC3CC,OAAO,CACkB;AAC7B;"}
+{"version":3,"file":"breach.js","sources":["../../src/breach.ts"],"sourcesContent":["import type { Breach } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * An object representing a breach.\n *\n * @typedef {object} Breach\n * @property {string} Name\n * @property {string} Title\n * @property {string} Domain\n * @property {string} BreachDate\n * @property {string} AddedDate\n * @property {string} ModifiedDate\n * @property {number} PwnCount\n * @property {string} Description\n * @property {string[]} DataClasses\n * @property {boolean} IsVerified\n * @property {boolean} IsFabricated\n * @property {boolean} IsSensitive\n * @property {boolean} IsRetired\n * @property {boolean} IsSpamList\n * @property {boolean} IsMalware\n * @property {boolean} IsSubscriptionFree\n * @property {string} LogoPath\n */\n\n/**\n * Fetches data for a specific breach event.\n *\n * @param {string} breachName the name of a breach in the system\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Breach>|Promise<null>)} a Promise which resolves to an\n * object representing a breach (or null if no breach was found), or rejects\n * with an Error\n * @example\n * try {\n *   const data = await breach(\"Adobe\");\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n */\nexport function breach(\n  breachName: string,\n  options: {\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * timeout for the request in milliseconds (default: none)\n     */\n    timeoutMs?: number;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<Breach | null> {\n  return fetchFromApi(\n    `/breach/${encodeURIComponent(breachName)}`,\n    options,\n  ) as Promise<Breach | null>;\n}\n"],"names":["breach","breachName","options","fetchFromApi","encodeURIComponent"],"mappings":";;AAGA;;;;;;;;;;;;;;;;;;;;;AAqBG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;AA0BG;SACaA,MAAMA,CACpBC,UAAkB,EAClBC,UAeI,EAAE,EAAA;EAEN,OAAOC,YAAY,CACjB,WAAWC,kBAAkB,CAACH,UAAU,CAAG,EAAA,EAC3CC,OAAO,CACkB;AAC7B;"}

package/dist/esm/breached-account.js

@@ -17,6 +17,8 @@ import { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';
  * (default: all domains)
  * @param {boolean} [options.includeUnverified] include "unverified" breaches in
  * the results (default: true)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {boolean} [options.truncate] truncate the results to only include
  * the name of each breach (default: true)
  * @param {string} [options.baseUrl] a custom base URL for the
@@ -74,6 +76,7 @@ function breachedAccount(account, options = {}) {
     apiKey,
     domain,
     includeUnverified = true,
+    timeoutMs,
     truncate = true,
     baseUrl,
     userAgent
@@ -92,6 +95,7 @@ function breachedAccount(account, options = {}) {
   return fetchFromApi(`${endpoint}${params.join('&')}`, {
     apiKey,
     baseUrl,
+    timeoutMs,
     userAgent
   });
 }

package/dist/esm/breached-account.js.map

@@ -1 +1 @@
-{"version":3,"file":"breached-account.js","sources":["../../src/breached-account.ts"],"sourcesContent":["import type { Breach } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * Fetches breach data for a specific account.\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `breachedaccount` endpoint. The\n * `apiKey` option here is not explicitly required, but direct requests made\n * without it will fail (unless you specify a `baseUrl` to a proxy that inserts\n * a valid API key on your behalf).\n *\n * @param {string} account a username or email address\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.domain] a domain by which to filter the results\n * (default: all domains)\n * @param {boolean} [options.includeUnverified] include \"unverified\" breaches in\n * the results (default: true)\n * @param {boolean} [options.truncate] truncate the results to only include\n * the name of each breach (default: true)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Breach[]> | Promise<null>)} a Promise which resolves to an\n * array of breach objects (or null if no breaches were found), or rejects with\n * an Error\n * @example\n * try {\n *   const data = await breachedAccount(\"foo\", { apiKey: \"my-api-key\" });\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const data = await breachedAccount(\"bar\", {\n *     includeUnverified: false,\n *     baseUrl: \"https://my-hibp-proxy:8080\",\n *   });\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const data = await breachedAccount(\"baz\", {\n *     apiKey: \"my-api-key\",\n *     domain: \"adobe.com\",\n *     truncate: false,\n *     userAgent: \"my-app 1.0\",\n *   });\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n */\nexport function breachedAccount(\n  account: string,\n  options: {\n    /**\n     * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n     */\n    apiKey?: string;\n    /**\n     * a domain by which to filter the results (default: all domains)\n     */\n    domain?: string;\n    /**\n     * include \"unverified\" breaches in the results (default: true)\n     */\n    includeUnverified?: boolean;\n    /**\n     * truncate the results to only include the name of each breach (default:\n     * true)\n     */\n    truncate?: boolean;\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<Breach[] | null> {\n  const {\n    apiKey,\n    domain,\n    includeUnverified = true,\n    truncate = true,\n    baseUrl,\n    userAgent,\n  } = options;\n  const endpoint = `/breachedaccount/${encodeURIComponent(account)}?`;\n  const params: string[] = [];\n\n  if (domain) {\n    params.push(`domain=${encodeURIComponent(domain)}`);\n  }\n\n  if (!includeUnverified) {\n    params.push('includeUnverified=false');\n  }\n\n  if (!truncate) {\n    params.push('truncateResponse=false');\n  }\n\n  return fetchFromApi(`${endpoint}${params.join('&')}`, {\n    apiKey,\n    baseUrl,\n    userAgent,\n  }) as Promise<Breach[] | null>;\n}\n"],"names":["breachedAccount","account","options","apiKey","domain","includeUnverified","truncate","baseUrl","userAgent","endpoint","encodeURIComponent","params","push","fetchFromApi","join"],"mappings":";;AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoEG;SACaA,eAAeA,CAC7BC,OAAe,EACfC,UA4BI,EAAE,EAAA;EAEN,MAAM;IACJC,MAAM;IACNC,MAAM;IACNC,iBAAiB,GAAG,IAAI;IACxBC,QAAQ,GAAG,IAAI;IACfC,OAAO;IACPC;EACD,CAAA,GAAGN,OAAO;EACX,MAAMO,QAAQ,GAAuB,oBAAAC,kBAAkB,CAACT,OAAO,IAAI;EACnE,MAAMU,MAAM,GAAa,EAAE;EAE3B,IAAIP,MAAM,EAAE;IACVO,MAAM,CAACC,IAAI,CAAW,UAAAF,kBAAkB,CAACN,MAAM,CAAG,EAAA,CAAC;EACpD;EAED,IAAI,CAACC,iBAAiB,EAAE;IACtBM,MAAM,CAACC,IAAI,CAAC,yBAAyB,CAAC;EACvC;EAED,IAAI,CAACN,QAAQ,EAAE;IACbK,MAAM,CAACC,IAAI,CAAC,wBAAwB,CAAC;EACtC;EAED,OAAOC,YAAY,CAAI,GAAAJ,QAAW,GAAAE,MAAM,CAACG,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;IACpDX,MAAM;IACNI,OAAO;IACPC;EACD,CAAA,CAA6B;AAChC;"}
+{"version":3,"file":"breached-account.js","sources":["../../src/breached-account.ts"],"sourcesContent":["import type { Breach } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * Fetches breach data for a specific account.\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `breachedaccount` endpoint. The\n * `apiKey` option here is not explicitly required, but direct requests made\n * without it will fail (unless you specify a `baseUrl` to a proxy that inserts\n * a valid API key on your behalf).\n *\n * @param {string} account a username or email address\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.domain] a domain by which to filter the results\n * (default: all domains)\n * @param {boolean} [options.includeUnverified] include \"unverified\" breaches in\n * the results (default: true)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {boolean} [options.truncate] truncate the results to only include\n * the name of each breach (default: true)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Breach[]> | Promise<null>)} a Promise which resolves to an\n * array of breach objects (or null if no breaches were found), or rejects with\n * an Error\n * @example\n * try {\n *   const data = await breachedAccount(\"foo\", { apiKey: \"my-api-key\" });\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const data = await breachedAccount(\"bar\", {\n *     includeUnverified: false,\n *     baseUrl: \"https://my-hibp-proxy:8080\",\n *   });\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const data = await breachedAccount(\"baz\", {\n *     apiKey: \"my-api-key\",\n *     domain: \"adobe.com\",\n *     truncate: false,\n *     userAgent: \"my-app 1.0\",\n *   });\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n */\nexport function breachedAccount(\n  account: string,\n  options: {\n    /**\n     * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n     */\n    apiKey?: string;\n    /**\n     * a domain by which to filter the results (default: all domains)\n     */\n    domain?: string;\n    /**\n     * include \"unverified\" breaches in the results (default: true)\n     */\n    includeUnverified?: boolean;\n    /**\n     * timeout for the request in milliseconds (default: none)\n     */\n    timeoutMs?: number;\n    /**\n     * truncate the results to only include the name of each breach (default:\n     * true)\n     */\n    truncate?: boolean;\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<Breach[] | null> {\n  const {\n    apiKey,\n    domain,\n    includeUnverified = true,\n    timeoutMs,\n    truncate = true,\n    baseUrl,\n    userAgent,\n  } = options;\n  const endpoint = `/breachedaccount/${encodeURIComponent(account)}?`;\n  const params: string[] = [];\n\n  if (domain) {\n    params.push(`domain=${encodeURIComponent(domain)}`);\n  }\n\n  if (!includeUnverified) {\n    params.push('includeUnverified=false');\n  }\n\n  if (!truncate) {\n    params.push('truncateResponse=false');\n  }\n\n  return fetchFromApi(`${endpoint}${params.join('&')}`, {\n    apiKey,\n    baseUrl,\n    timeoutMs,\n    userAgent,\n  }) as Promise<Breach[] | null>;\n}\n"],"names":["breachedAccount","account","options","apiKey","domain","includeUnverified","timeoutMs","truncate","baseUrl","userAgent","endpoint","encodeURIComponent","params","push","fetchFromApi","join"],"mappings":";;AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsEG;SACaA,eAAeA,CAC7BC,OAAe,EACfC,UAgCI,EAAE,EAAA;EAEN,MAAM;IACJC,MAAM;IACNC,MAAM;IACNC,iBAAiB,GAAG,IAAI;IACxBC,SAAS;IACTC,QAAQ,GAAG,IAAI;IACfC,OAAO;IACPC;EAAS,CACV,GAAGP,OAAO;EACX,MAAMQ,QAAQ,GAAuB,oBAAAC,kBAAkB,CAACV,OAAO,IAAI;EACnE,MAAMW,MAAM,GAAa,EAAE;EAE3B,IAAIR,MAAM,EAAE;IACVQ,MAAM,CAACC,IAAI,CAAW,UAAAF,kBAAkB,CAACP,MAAM,CAAG,EAAA,CAAC;EACpD;EAED,IAAI,CAACC,iBAAiB,EAAE;IACtBO,MAAM,CAACC,IAAI,CAAC,yBAAyB,CAAC;EACvC;EAED,IAAI,CAACN,QAAQ,EAAE;IACbK,MAAM,CAACC,IAAI,CAAC,wBAAwB,CAAC;EACtC;EAED,OAAOC,YAAY,CAAI,GAAAJ,QAAW,GAAAE,MAAM,CAACG,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;IACpDZ,MAAM;IACNK,OAAO;IACPF,SAAS;IACTG;EACD,CAAA,CAA6B;AAChC;"}

package/dist/esm/breaches.js

@@ -9,6 +9,8 @@ import { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';
  * @param {string} [options.baseUrl] a custom base URL for the
  * haveibeenpwned.com API endpoints (default:
  * `https://haveibeenpwned.com/api/v3`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {Promise<Breach[]>} a Promise which resolves to an array of breach
@@ -40,6 +42,7 @@ function breaches(options = {}) {
   const {
     domain,
     baseUrl,
+    timeoutMs,
     userAgent
   } = options;
   const endpoint = '/breaches?';
@@ -49,6 +52,7 @@ function breaches(options = {}) {
   }
   return fetchFromApi(`${endpoint}${params.join('&')}`, {
     baseUrl,
+    timeoutMs,
     userAgent
   });
 }

package/dist/esm/breaches.js.map

@@ -1 +1 @@
-{"version":3,"file":"breaches.js","sources":["../../src/breaches.ts"],"sourcesContent":["import type { Breach } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * Fetches all breach events in the system.\n *\n * @param {object} [options] a configuration object\n * @param {string} [options.domain] a domain by which to filter the results\n * (default: all domains)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<Breach[]>} a Promise which resolves to an array of breach\n * objects (an empty array if no breaches were found), or rejects with an Error\n * @example\n * try {\n *   const data = await breaches();\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const data = await breaches({ domain: \"adobe.com\" });\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n */\nexport function breaches(\n  options: {\n    /**\n     * a domain by which to filter the results (default: all domains)\n     */\n    domain?: string;\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<Breach[]> {\n  const { domain, baseUrl, userAgent } = options;\n  const endpoint = '/breaches?';\n  const params: string[] = [];\n\n  if (domain) {\n    params.push(`domain=${encodeURIComponent(domain)}`);\n  }\n\n  return fetchFromApi(`${endpoint}${params.join('&')}`, {\n    baseUrl,\n    userAgent,\n  }) as Promise<Breach[]>;\n}\n"],"names":["breaches","options","domain","baseUrl","userAgent","endpoint","params","push","encodeURIComponent","fetchFromApi","join"],"mappings":";;AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmCG;AACa,SAAAA,QAAQA,CACtBC,OAAA,GAeI,EAAE,EAAA;EAEN,MAAM;IAAEC,MAAM;IAAEC,OAAO;IAAEC;EAAS,CAAE,GAAGH,OAAO;EAC9C,MAAMI,QAAQ,GAAG,YAAY;EAC7B,MAAMC,MAAM,GAAa,EAAE;EAE3B,IAAIJ,MAAM,EAAE;IACVI,MAAM,CAACC,IAAI,CAAW,UAAAC,kBAAkB,CAACN,MAAM,CAAG,EAAA,CAAC;EACpD;EAED,OAAOO,YAAY,CAAI,GAAAJ,QAAW,GAAAC,MAAM,CAACI,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;IACpDP,OAAO;IACPC;EACD,CAAA,CAAsB;AACzB;"}
+{"version":3,"file":"breaches.js","sources":["../../src/breaches.ts"],"sourcesContent":["import type { Breach } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * Fetches all breach events in the system.\n *\n * @param {object} [options] a configuration object\n * @param {string} [options.domain] a domain by which to filter the results\n * (default: all domains)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<Breach[]>} a Promise which resolves to an array of breach\n * objects (an empty array if no breaches were found), or rejects with an Error\n * @example\n * try {\n *   const data = await breaches();\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const data = await breaches({ domain: \"adobe.com\" });\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n */\nexport function breaches(\n  options: {\n    /**\n     * a domain by which to filter the results (default: all domains)\n     */\n    domain?: string;\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * timeout for the request in milliseconds (default: none)\n     */\n    timeoutMs?: number;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<Breach[]> {\n  const { domain, baseUrl, timeoutMs, userAgent } = options;\n  const endpoint = '/breaches?';\n  const params: string[] = [];\n\n  if (domain) {\n    params.push(`domain=${encodeURIComponent(domain)}`);\n  }\n\n  return fetchFromApi(`${endpoint}${params.join('&')}`, {\n    baseUrl,\n    timeoutMs,\n    userAgent,\n  }) as Promise<Breach[]>;\n}\n"],"names":["breaches","options","domain","baseUrl","timeoutMs","userAgent","endpoint","params","push","encodeURIComponent","fetchFromApi","join"],"mappings":";;AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqCG;AACa,SAAAA,QAAQA,CACtBC,OAAA,GAmBI,EAAE,EAAA;EAEN,MAAM;IAAEC,MAAM;IAAEC,OAAO;IAAEC,SAAS;IAAEC;EAAS,CAAE,GAAGJ,OAAO;EACzD,MAAMK,QAAQ,GAAG,YAAY;EAC7B,MAAMC,MAAM,GAAa,EAAE;EAE3B,IAAIL,MAAM,EAAE;IACVK,MAAM,CAACC,IAAI,CAAW,UAAAC,kBAAkB,CAACP,MAAM,CAAG,EAAA,CAAC;EACpD;EAED,OAAOQ,YAAY,CAAI,GAAAJ,QAAW,GAAAC,MAAM,CAACI,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;IACpDR,OAAO;IACPC,SAAS;IACTC;EACD,CAAA,CAAsB;AACzB;"}

package/dist/esm/data-classes.js

@@ -7,6 +7,8 @@ import { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';
  * @param {string} [options.baseUrl] a custom base URL for the
  * haveibeenpwned.com API endpoints (default:
  * `https://haveibeenpwned.com/api/v3`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {(Promise<string[]> | Promise<null>)} a Promise which resolves to an

package/dist/esm/data-classes.js.map

@@ -1 +1 @@
-{"version":3,"file":"data-classes.js","sources":["../../src/data-classes.ts"],"sourcesContent":["import { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * Fetches all data classes in the system.\n *\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<string[]> | Promise<null>)} a Promise which resolves to an\n * array of strings (or null if no data classes were found), or rejects with an\n * Error\n * @example\n * try {\n *   const data = await dataClasses();\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n */\nexport function dataClasses(\n  options: {\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<string[] | null> {\n  return fetchFromApi('/dataclasses', options) as Promise<string[] | null>;\n}\n"],"names":["dataClasses","options","fetchFromApi"],"mappings":";;AAEA;;;;;;;;;;;;;;;;;;;;;;;AAuBG;AACa,SAAAA,WAAWA,CACzBC,OAAA,GAWI,EAAE,EAAA;EAEN,OAAOC,YAAY,CAAC,cAAc,EAAED,OAAO,CAA6B;AAC1E;"}
+{"version":3,"file":"data-classes.js","sources":["../../src/data-classes.ts"],"sourcesContent":["import { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * Fetches all data classes in the system.\n *\n * @param {object} [options] a configuration object\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<string[]> | Promise<null>)} a Promise which resolves to an\n * array of strings (or null if no data classes were found), or rejects with an\n * Error\n * @example\n * try {\n *   const data = await dataClasses();\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n */\nexport function dataClasses(\n  options: {\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * timeout for the request in milliseconds (default: none)\n     */\n    timeoutMs?: number;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<string[] | null> {\n  return fetchFromApi('/dataclasses', options) as Promise<string[] | null>;\n}\n"],"names":["dataClasses","options","fetchFromApi"],"mappings":";;AAEA;;;;;;;;;;;;;;;;;;;;;;;;;AAyBG;AACa,SAAAA,WAAWA,CACzBC,OAAA,GAeI,EAAE,EAAA;EAEN,OAAOC,YAAY,CAAC,cAAc,EAAED,OAAO,CAA6B;AAC1E;"}

package/dist/esm/hibp.d.ts

@@ -79,6 +79,8 @@ export interface SubscriptionStatus {
  * @param {string} [options.baseUrl] a custom base URL for the
  * haveibeenpwned.com API endpoints (default:
  * `https://haveibeenpwned.com/api/v3`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {(Promise<Breach>|Promise<null>)} a Promise which resolves to an
@@ -102,6 +104,10 @@ export declare function breach(breachName: string, options?: {
 	 * `https://haveibeenpwned.com/api/v3`)
 	 */
 	baseUrl?: string;
+	/**
+	 * timeout for the request in milliseconds (default: none)
+	 */
+	timeoutMs?: number;
 	/**
 	 * a custom string to send as the User-Agent field in the request headers
 	 * (default: `hibp <version>`)
@@ -125,6 +131,8 @@ export declare function breach(breachName: string, options?: {
  * (default: all domains)
  * @param {boolean} [options.includeUnverified] include "unverified" breaches in
  * the results (default: true)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {boolean} [options.truncate] truncate the results to only include
  * the name of each breach (default: true)
  * @param {string} [options.baseUrl] a custom base URL for the
@@ -190,6 +198,10 @@ export declare function breachedAccount(account: string, options?: {
 	 * include "unverified" breaches in the results (default: true)
 	 */
 	includeUnverified?: boolean;
+	/**
+	 * timeout for the request in milliseconds (default: none)
+	 */
+	timeoutMs?: number;
 	/**
 	 * truncate the results to only include the name of each breach (default:
 	 * true)
@@ -215,6 +227,8 @@ export declare function breachedAccount(account: string, options?: {
  * @param {string} [options.baseUrl] a custom base URL for the
  * haveibeenpwned.com API endpoints (default:
  * `https://haveibeenpwned.com/api/v3`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {Promise<Breach[]>} a Promise which resolves to an array of breach
@@ -252,6 +266,10 @@ export declare function breaches(options?: {
 	 * `https://haveibeenpwned.com/api/v3`)
 	 */
 	baseUrl?: string;
+	/**
+	 * timeout for the request in milliseconds (default: none)
+	 */
+	timeoutMs?: number;
 	/**
 	 * a custom string to send as the User-Agent field in the request headers
 	 * (default: `hibp <version>`)
@@ -265,6 +283,8 @@ export declare function breaches(options?: {
  * @param {string} [options.baseUrl] a custom base URL for the
  * haveibeenpwned.com API endpoints (default:
  * `https://haveibeenpwned.com/api/v3`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {(Promise<string[]> | Promise<null>)} a Promise which resolves to an
@@ -288,6 +308,10 @@ export declare function dataClasses(options?: {
 	 * `https://haveibeenpwned.com/api/v3`)
 	 */
 	baseUrl?: string;
+	/**
+	 * timeout for the request in milliseconds (default: none)
+	 */
+	timeoutMs?: number;
 	/**
 	 * a custom string to send as the User-Agent field in the request headers
 	 * (default: `hibp <version>`)
@@ -320,6 +344,8 @@ export declare function dataClasses(options?: {
  * @param {string} [options.baseUrl] a custom base URL for the
  * haveibeenpwned.com API endpoints (default:
  * `https://haveibeenpwned.com/api/v3`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {(Promise<Paste[]> | Promise<null>)} a Promise which resolves to an
@@ -360,6 +386,10 @@ export declare function pasteAccount(email: string, options?: {
 	 * `https://haveibeenpwned.com/api/v3`)
 	 */
 	baseUrl?: string;
+	/**
+	 * timeout for the request in milliseconds (default: none)
+	 */
+	timeoutMs?: number;
 	/**
 	 * a custom string to send as the User-Agent field in the request headers
 	 * (default: `hibp <version>`)
@@ -377,6 +407,8 @@ export declare function pasteAccount(email: string, options?: {
  * the response to obscure the password prefix (default: `false`)
  * @param {string} [options.baseUrl] a custom base URL for the
  * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {Promise<number>} a Promise which resolves to the number of times
@@ -406,6 +438,10 @@ export declare function pwnedPassword(password: string, options?: {
 	 * `https://haveibeenpwned.com/api/v3`)
 	 */
 	baseUrl?: string;
+	/**
+	 * timeout for the request in milliseconds (default: none)
+	 */
+	timeoutMs?: number;
 	/**
 	 * a custom string to send as the User-Agent field in the request headers
 	 * (default: `hibp <version>`)
@@ -438,6 +474,8 @@ export type PwnedPasswordSuffixes = Record<string, number>;
  * (default: `sha1`)
  * @param {string} [options.baseUrl] a custom base URL for the
  * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {Promise<PwnedPasswordSuffixes>} a Promise which resolves to an
@@ -482,6 +520,10 @@ export declare function pwnedPasswordRange(prefix: string, options?: {
 	 * `https://haveibeenpwned.com/api/v3`)
 	 */
 	baseUrl?: string;
+	/**
+	 * timeout for the request in milliseconds (default: none)
+	 */
+	timeoutMs?: number;
 	/**
 	 * a custom string to send as the User-Agent field in the request headers
 	 * (default: `hibp <version>`)
@@ -525,6 +567,8 @@ export interface SearchResults {
  * @param {string} [options.baseUrl] a custom base URL for the
  * haveibeenpwned.com API endpoints (default:
  * `https://haveibeenpwned.com/api/v3`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the
  * User-Agent field in the request headers (default: `hibp <version>`)
  * @returns {Promise<SearchResults>} a Promise which resolves to an object
@@ -577,6 +621,10 @@ export declare function search(account: string, options?: {
 	 * `https://haveibeenpwned.com/api/v3`)
 	 */
 	baseUrl?: string;
+	/**
+	 * timeout for the request in milliseconds (default: none)
+	 */
+	timeoutMs?: number;
 	/**
 	 * a custom string to send as the User-Agent field in the request headers
 	 * (default: `hibp <version>`)
@@ -608,6 +656,8 @@ export declare function search(account: string, options?: {
  * @param {string} [options.baseUrl] a custom base URL for the
  * haveibeenpwned.com API endpoints (default:
  * `https://haveibeenpwned.com/api/v3`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {Promise<SubscriptionStatus>} a Promise which resolves to a
@@ -639,6 +689,10 @@ export declare function subscriptionStatus(options?: {
 	 * `https://haveibeenpwned.com/api/v3`)
 	 */
 	baseUrl?: string;
+	/**
+	 * timeout for the request in milliseconds (default: none)
+	 */
+	timeoutMs?: number;
 	/**
 	 * a custom string to send as the User-Agent field in the request headers
 	 * (default: `hibp <version>`)

package/dist/esm/package.json.js

@@ -1,4 +1,4 @@
 const name = "hibp";
-const version = "0.0.0-dev.d74e2ad2";
+const version = "0.0.0-dev.eda2c27a";
 export { name, version };
 //# sourceMappingURL=package.json.js.map

package/dist/esm/paste-account.js

@@ -26,6 +26,8 @@ import { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';
  * @param {string} [options.baseUrl] a custom base URL for the
  * haveibeenpwned.com API endpoints (default:
  * `https://haveibeenpwned.com/api/v3`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {(Promise<Paste[]> | Promise<null>)} a Promise which resolves to an

package/dist/esm/paste-account.js.map

@@ -1 +1 @@
-{"version":3,"file":"paste-account.js","sources":["../../src/paste-account.ts"],"sourcesContent":["import type { Paste } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * An object representing a paste.\n *\n * @typedef {object} Paste\n * @property {string} Id\n * @property {string} Source\n * @property {string} Title\n * @property {string} Date\n * @property {number} EmailCount\n */\n\n/**\n * Fetches paste data for a specific account (email address).\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `pasteaccount` endpoint. The\n * `apiKey` option here is not explicitly required, but direct requests made\n * without it will fail (unless you specify a `baseUrl` to a proxy that inserts\n * a valid API key on your behalf).\n *\n * @param {string} email the email address to query\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Paste[]> | Promise<null>)} a Promise which resolves to an\n * array of paste objects (or null if no pastes were found), or rejects with an\n * Error\n * @example\n * try {\n *   const data = await pasteAccount(\"foo@bar.com\", { apiKey: \"my-api-key\" });\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const data = await pasteAccount(\"foo@bar.com\", {\n *     baseUrl: \"https://my-hibp-proxy:8080\",\n *   });\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n */\nexport function pasteAccount(\n  email: string,\n  options: {\n    /**\n     * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n     */\n    apiKey?: string;\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<Paste[] | null> {\n  return fetchFromApi(\n    `/pasteaccount/${encodeURIComponent(email)}`,\n    options,\n  ) as Promise<Paste[] | null>;\n}\n"],"names":["pasteAccount","email","options","fetchFromApi","encodeURIComponent"],"mappings":";;AAGA;;;;;;;;;AASG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA6CG;SACaA,YAAYA,CAC1BC,KAAa,EACbC,UAeI,EAAE,EAAA;EAEN,OAAOC,YAAY,CACjB,iBAAiBC,kBAAkB,CAACH,KAAK,CAAG,EAAA,EAC5CC,OAAO,CACmB;AAC9B;"}
+{"version":3,"file":"paste-account.js","sources":["../../src/paste-account.ts"],"sourcesContent":["import type { Paste } from './api/haveibeenpwned/types.js';\nimport { fetchFromApi } from './api/haveibeenpwned/fetch-from-api.js';\n\n/**\n * An object representing a paste.\n *\n * @typedef {object} Paste\n * @property {string} Id\n * @property {string} Source\n * @property {string} Title\n * @property {string} Date\n * @property {number} EmailCount\n */\n\n/**\n * Fetches paste data for a specific account (email address).\n *\n * 🔑 `haveibeenpwned.com` requires an API key from\n * https://haveibeenpwned.com/API/Key for the `pasteaccount` endpoint. The\n * `apiKey` option here is not explicitly required, but direct requests made\n * without it will fail (unless you specify a `baseUrl` to a proxy that inserts\n * a valid API key on your behalf).\n *\n * @param {string} email the email address to query\n * @param {object} [options] a configuration object\n * @param {string} [options.apiKey] an API key from\n * https://haveibeenpwned.com/API/Key (default: undefined)\n * @param {string} [options.baseUrl] a custom base URL for the\n * haveibeenpwned.com API endpoints (default:\n * `https://haveibeenpwned.com/api/v3`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {(Promise<Paste[]> | Promise<null>)} a Promise which resolves to an\n * array of paste objects (or null if no pastes were found), or rejects with an\n * Error\n * @example\n * try {\n *   const data = await pasteAccount(\"foo@bar.com\", { apiKey: \"my-api-key\" });\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const data = await pasteAccount(\"foo@bar.com\", {\n *     baseUrl: \"https://my-hibp-proxy:8080\",\n *   });\n *   if (data) {\n *     // ...\n *   } else {\n *     // ...\n *   }\n * } catch (err) {\n *   // ...\n * }\n */\nexport function pasteAccount(\n  email: string,\n  options: {\n    /**\n     * an API key from https://haveibeenpwned.com/API/Key (default: undefined)\n     */\n    apiKey?: string;\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * timeout for the request in milliseconds (default: none)\n     */\n    timeoutMs?: number;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<Paste[] | null> {\n  return fetchFromApi(\n    `/pasteaccount/${encodeURIComponent(email)}`,\n    options,\n  ) as Promise<Paste[] | null>;\n}\n"],"names":["pasteAccount","email","options","fetchFromApi","encodeURIComponent"],"mappings":";;AAGA;;;;;;;;;AASG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+CG;SACaA,YAAYA,CAC1BC,KAAa,EACbC,UAmBI,EAAE,EAAA;EAEN,OAAOC,YAAY,CACjB,iBAAiBC,kBAAkB,CAACH,KAAK,CAAG,EAAA,EAC5CC,OAAO,CACmB;AAC9B;"}

package/dist/esm/pwned-password-range.js

@@ -25,6 +25,8 @@ import { fetchFromApi } from './api/pwnedpasswords/fetch-from-api.js';
  * (default: `sha1`)
  * @param {string} [options.baseUrl] a custom base URL for the
  * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {Promise<PwnedPasswordSuffixes>} a Promise which resolves to an
@@ -57,12 +59,14 @@ import { fetchFromApi } from './api/pwnedpasswords/fetch-from-api.js';
 async function pwnedPasswordRange(prefix, options = {}) {
   const {
     baseUrl,
+    timeoutMs,
     userAgent,
     addPadding = false,
     mode = 'sha1'
   } = options;
   const data = await fetchFromApi(`/range/${encodeURIComponent(prefix)}`, {
     baseUrl,
+    timeoutMs,
     userAgent,
     addPadding,
     mode

package/dist/esm/pwned-password-range.js.map

@@ -1 +1 @@
-{"version":3,"file":"pwned-password-range.js","sources":["../../src/pwned-password-range.ts"],"sourcesContent":["import { fetchFromApi } from './api/pwnedpasswords/fetch-from-api.js';\n\nexport type PwnedPasswordSuffixes = Record<string, number>;\n\n/**\n * An object mapping an exposed password hash suffix (corresponding to a given\n * hash prefix) to how many times it occurred in the Pwned Passwords repository.\n *\n * @typedef {Object.<string, number>} PwnedPasswordSuffixes\n */\n\n/**\n * Fetches the SHA-1 or NTLM hash suffixes for the given 5-character hash\n * prefix.\n *\n * When a password hash with the same first 5 characters is found in the Pwned\n * Passwords repository, the API will respond with an HTTP 200 and include the\n * suffix of every hash beginning with the specified prefix, followed by a count\n * of how many times it appears in the data set. This function parses the\n * response and returns a more structured format.\n *\n * @param {string} prefix the first 5 characters of a password hash (case\n * insensitive)\n * @param {object} [options] a configuration object\n * @param {boolean} [options.addPadding] ask the remote API to add padding to\n * the response to obscure the password prefix (default: `false`)\n * @param {'sha1' | 'ntlm'} [options.mode] return SHA-1 or NTLM hashes\n * (default: `sha1`)\n * @param {string} [options.baseUrl] a custom base URL for the\n * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<PwnedPasswordSuffixes>} a Promise which resolves to an\n * object mapping the `suffix` that when matched with the prefix composes the\n * complete hash, to the `count` of how many times it appears in the breached\n * password data set, or rejects with an Error\n *\n * @example\n * try {\n *   const results = await pwnedPasswordRange(\"5BAA6\");\n *   // results will have the following shape:\n *   // {\n *   //   \"003D68EB55068C33ACE09247EE4C639306B\": 3,\n *   //   \"012C192B2F16F82EA0EB9EF18D9D539B0DD\": 1,\n *   //   ...\n *   // }\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const suffix = \"1E4C9B93F3F0682250B6CF8331B7EE68FD8\";\n *   const results = await pwnedPasswordRange(\"5BAA6\");\n *   const numPwns = results[suffix] || 0;\n * } catch (err) {\n *   // ...\n * }\n * @see https://haveibeenpwned.com/api/v3#SearchingPwnedPasswordsByRange\n */\nexport async function pwnedPasswordRange(\n  prefix: string,\n  options: {\n    /**\n     * ask the remote API to add padding to the response to obscure the password\n     * prefix (default: `false`)\n     */\n    addPadding?: boolean;\n    /**\n     * return SHA-1 or NTLM hashes (default: `sha1`)\n     */\n    mode?: 'sha1' | 'ntlm';\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<PwnedPasswordSuffixes> {\n  const { baseUrl, userAgent, addPadding = false, mode = 'sha1' } = options;\n\n  const data = await fetchFromApi(`/range/${encodeURIComponent(prefix)}`, {\n    baseUrl,\n    userAgent,\n    addPadding,\n    mode,\n  });\n\n  // create array from lines of text in response body\n  const results = data.split('\\n').filter(Boolean);\n\n  // convert into an object mapping suffix to count for each line\n  return results.reduce<PwnedPasswordSuffixes>((acc, row) => {\n    const [suffix, countString] = row.split(':');\n    acc[suffix] = Number.parseInt(countString, 10);\n    return acc;\n  }, {});\n}\n"],"names":["pwnedPasswordRange","prefix","options","baseUrl","userAgent","addPadding","mode","data","fetchFromApi","encodeURIComponent","results","split","filter","Boolean","reduce","acc","row","suffix","countString","Number","parseInt"],"mappings":";;AAIA;;;;;AAKG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+CG;AACI,eAAeA,kBAAkBA,CACtCC,MAAc,EACdC,UAoBI,EAAE,EAAA;EAEN,MAAM;IAAEC,OAAO;IAAEC,SAAS;IAAEC,UAAU,GAAG,KAAK;IAAEC,IAAI,GAAG;EAAQ,CAAA,GAAGJ,OAAO;EAEzE,MAAMK,IAAI,GAAG,MAAMC,YAAY,CAAW,UAAAC,kBAAkB,CAACR,MAAM,CAAC,EAAE,EAAE;IACtEE,OAAO;IACPC,SAAS;IACTC,UAAU;IACVC;EACD,CAAA,CAAC;;EAGF,MAAMI,OAAO,GAAGH,IAAI,CAACI,KAAK,CAAC,IAAI,CAAC,CAACC,MAAM,CAACC,OAAO,CAAC;;EAGhD,OAAOH,OAAO,CAACI,MAAM,CAAwB,CAACC,GAAG,EAAEC,GAAG,KAAI;IACxD,MAAM,CAACC,MAAM,EAAEC,WAAW,CAAC,GAAGF,GAAG,CAACL,KAAK,CAAC,GAAG,CAAC;IAC5CI,GAAG,CAACE,MAAM,CAAC,GAAGE,MAAM,CAACC,QAAQ,CAACF,WAAW,EAAE,EAAE,CAAC;IAC9C,OAAOH,GAAG;EACX,CAAA,EAAE,CAAE,CAAA,CAAC;AACR;"}
+{"version":3,"file":"pwned-password-range.js","sources":["../../src/pwned-password-range.ts"],"sourcesContent":["import { fetchFromApi } from './api/pwnedpasswords/fetch-from-api.js';\n\nexport type PwnedPasswordSuffixes = Record<string, number>;\n\n/**\n * An object mapping an exposed password hash suffix (corresponding to a given\n * hash prefix) to how many times it occurred in the Pwned Passwords repository.\n *\n * @typedef {Object.<string, number>} PwnedPasswordSuffixes\n */\n\n/**\n * Fetches the SHA-1 or NTLM hash suffixes for the given 5-character hash\n * prefix.\n *\n * When a password hash with the same first 5 characters is found in the Pwned\n * Passwords repository, the API will respond with an HTTP 200 and include the\n * suffix of every hash beginning with the specified prefix, followed by a count\n * of how many times it appears in the data set. This function parses the\n * response and returns a more structured format.\n *\n * @param {string} prefix the first 5 characters of a password hash (case\n * insensitive)\n * @param {object} [options] a configuration object\n * @param {boolean} [options.addPadding] ask the remote API to add padding to\n * the response to obscure the password prefix (default: `false`)\n * @param {'sha1' | 'ntlm'} [options.mode] return SHA-1 or NTLM hashes\n * (default: `sha1`)\n * @param {string} [options.baseUrl] a custom base URL for the\n * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)\n * @param {number} [options.timeoutMs] timeout for the request in milliseconds\n * (default: none)\n * @param {string} [options.userAgent] a custom string to send as the User-Agent\n * field in the request headers (default: `hibp <version>`)\n * @returns {Promise<PwnedPasswordSuffixes>} a Promise which resolves to an\n * object mapping the `suffix` that when matched with the prefix composes the\n * complete hash, to the `count` of how many times it appears in the breached\n * password data set, or rejects with an Error\n *\n * @example\n * try {\n *   const results = await pwnedPasswordRange(\"5BAA6\");\n *   // results will have the following shape:\n *   // {\n *   //   \"003D68EB55068C33ACE09247EE4C639306B\": 3,\n *   //   \"012C192B2F16F82EA0EB9EF18D9D539B0DD\": 1,\n *   //   ...\n *   // }\n * } catch (err) {\n *   // ...\n * }\n * @example\n * try {\n *   const suffix = \"1E4C9B93F3F0682250B6CF8331B7EE68FD8\";\n *   const results = await pwnedPasswordRange(\"5BAA6\");\n *   const numPwns = results[suffix] || 0;\n * } catch (err) {\n *   // ...\n * }\n * @see https://haveibeenpwned.com/api/v3#SearchingPwnedPasswordsByRange\n */\nexport async function pwnedPasswordRange(\n  prefix: string,\n  options: {\n    /**\n     * ask the remote API to add padding to the response to obscure the password\n     * prefix (default: `false`)\n     */\n    addPadding?: boolean;\n    /**\n     * return SHA-1 or NTLM hashes (default: `sha1`)\n     */\n    mode?: 'sha1' | 'ntlm';\n    /**\n     * a custom base URL for the haveibeenpwned.com API endpoints (default:\n     * `https://haveibeenpwned.com/api/v3`)\n     */\n    baseUrl?: string;\n    /**\n     * timeout for the request in milliseconds (default: none)\n     */\n    timeoutMs?: number;\n    /**\n     * a custom string to send as the User-Agent field in the request headers\n     * (default: `hibp <version>`)\n     */\n    userAgent?: string;\n  } = {},\n): Promise<PwnedPasswordSuffixes> {\n  const {\n    baseUrl,\n    timeoutMs,\n    userAgent,\n    addPadding = false,\n    mode = 'sha1',\n  } = options;\n\n  const data = await fetchFromApi(`/range/${encodeURIComponent(prefix)}`, {\n    baseUrl,\n    timeoutMs,\n    userAgent,\n    addPadding,\n    mode,\n  });\n\n  // create array from lines of text in response body\n  const results = data.split('\\n').filter(Boolean);\n\n  // convert into an object mapping suffix to count for each line\n  return results.reduce<PwnedPasswordSuffixes>((acc, row) => {\n    const [suffix, countString] = row.split(':');\n    acc[suffix] = Number.parseInt(countString, 10);\n    return acc;\n  }, {});\n}\n"],"names":["pwnedPasswordRange","prefix","options","baseUrl","timeoutMs","userAgent","addPadding","mode","data","fetchFromApi","encodeURIComponent","results","split","filter","Boolean","reduce","acc","row","suffix","countString","Number","parseInt"],"mappings":";;AAIA;;;;;AAKG;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiDG;AACI,eAAeA,kBAAkBA,CACtCC,MAAc,EACdC,UAwBI,EAAE,EAAA;EAEN,MAAM;IACJC,OAAO;IACPC,SAAS;IACTC,SAAS;IACTC,UAAU,GAAG,KAAK;IAClBC,IAAI,GAAG;EACR,CAAA,GAAGL,OAAO;EAEX,MAAMM,IAAI,GAAG,MAAMC,YAAY,CAAW,UAAAC,kBAAkB,CAACT,MAAM,CAAC,EAAE,EAAE;IACtEE,OAAO;IACPC,SAAS;IACTC,SAAS;IACTC,UAAU;IACVC;EACD,CAAA,CAAC;;EAGF,MAAMI,OAAO,GAAGH,IAAI,CAACI,KAAK,CAAC,IAAI,CAAC,CAACC,MAAM,CAACC,OAAO,CAAC;;EAGhD,OAAOH,OAAO,CAACI,MAAM,CAAwB,CAACC,GAAG,EAAEC,GAAG,KAAI;IACxD,MAAM,CAACC,MAAM,EAAEC,WAAW,CAAC,GAAGF,GAAG,CAACL,KAAK,CAAC,GAAG,CAAC;IAC5CI,GAAG,CAACE,MAAM,CAAC,GAAGE,MAAM,CAACC,QAAQ,CAACF,WAAW,EAAE,EAAE,CAAC;IAC9C,OAAOH,GAAG;EACX,CAAA,EAAE,CAAE,CAAA,CAAC;AACR;"}

package/dist/esm/pwned-password.js

@@ -12,6 +12,8 @@ import { pwnedPasswordRange } from './pwned-password-range.js';
  * the response to obscure the password prefix (default: `false`)
  * @param {string} [options.baseUrl] a custom base URL for the
  * pwnedpasswords.com API endpoints (default: `https://api.pwnedpasswords.com`)
+ * @param {number} [options.timeoutMs] timeout for the request in milliseconds
+ * (default: none)
  * @param {string} [options.userAgent] a custom string to send as the User-Agent
  * field in the request headers (default: `hibp <version>`)
  * @returns {Promise<number>} a Promise which resolves to the number of times