hibp 14.1.0 → 14.1.2

package/CHANGELOG.md

@@ -1,5 +1,17 @@
 # Change Log
 
+## 14.1.2
+
+### Patch Changes
+
+- [#479](https://github.com/wKovacs64/hibp/pull/479) [`f212d87`](https://github.com/wKovacs64/hibp/commit/f212d87a09c31063a655d4ce440e5a4b61f6dcae) Thanks [@wKovacs64](https://github.com/wKovacs64)! - Fix error handling for 401 Unauthorized API responses. The [haveibeenpwned.com API (v3)](https://haveibeenpwned.com/API/v3#Authorisation) changed its response type from a JSON body to text.
+
+## 14.1.1
+
+### Patch Changes
+
+- [#464](https://github.com/wKovacs64/hibp/pull/464) [`1dd6547`](https://github.com/wKovacs64/hibp/commit/1dd65475a93a32a0ddcd93bf1696869b266372cf) Thanks [@wKovacs64](https://github.com/wKovacs64)! - Fix consumption from Next.js client components.
+
 ## 14.1.0
 
 ### Minor Changes

package/MIGRATION.md

@@ -2,10 +2,10 @@
 
 #### 10.0.1 → 11.0.0
 
-- `pwnedPasswordRange` now returns an object mapping the matching suffix to a
-  count representing the number of occurrences, rather than an array of objects
-  each containing a matching suffix and its count. Code dependent on parsing the
-  response text will need updated to deal with the new data format:
+- `pwnedPasswordRange` now returns an object mapping the matching suffix to a count representing the
+  number of occurrences, rather than an array of objects each containing a matching suffix and its
+  count. Code dependent on parsing the response text will need updated to deal with the new data
+  format:
   ```js
   {
     "003D68EB55068C33ACE09247EE4C639306B": 3,
@@ -16,31 +16,28 @@
 
 #### 9.0.3 → 10.0.0
 
-- The production/minified versions of the browser build targets have been
-  renamed:
+- The production/minified versions of the browser build targets have been renamed:
 
   - ESM for Browsers (`<script type="module">`)
     - `dist/browser/hibp.esm.min.js` → `dist/browser/hibp.module.js`
   - UMD
     - `dist/browser/hibp.umd.min.js` → `dist/browser/hibp.umd.js`
 
-- The development/non-minified versions of the UMD and ESM for browsers build
-  targets have been removed. If you were using them, please update your imports
-  to use the production/minified versions (see above).
+- The development/non-minified versions of the UMD and ESM for browsers build targets have been
+  removed. If you were using them, please update your imports to use the production/minified
+  versions (see above).
 
-- The internal directory structure of the source code is now being preserved in
-  the CJS and ESM for bundlers build outputs (`dist/cjs` and `dist/esm`). If you
-  were deep importing anything you probably shouldn't have been (:wink:), you
-  may need to update your imports.
+- The internal directory structure of the source code is now being preserved in the CJS and ESM for
+  bundlers build outputs (`dist/cjs` and `dist/esm`). If you were deep importing anything you
+  probably shouldn't have been (:wink:), you may need to update your imports.
 
-- Support for Node.js version 10.x has been dropped. You must upgrade your
-  Node.js environment to at least v12.16.0.
+- Support for Node.js version 10.x has been dropped. You must upgrade your Node.js environment to at
+  least v12.16.0.
 
 #### 8.0.1 → 9.0.0
 
-- Output files for all build targets have been consolidated under the `dist`
-  directory. This should be transparent if you followed the documentation, but
-  the changes are as follows:
+- Output files for all build targets have been consolidated under the `dist` directory. This should
+  be transparent if you followed the documentation, but the changes are as follows:
 
   - CommonJS
     - `lib/hibp.js` → `dist/cjs/hibp.js`
@@ -57,47 +54,41 @@
   - TypeScript Declarations
     - `types/hibp.d.ts` → `dist/hibp.d.ts`
 
-- Support for Node.js version 8.x has been dropped. You must upgrade your
-  Node.js environment to at least v10.
+- Support for Node.js version 8.x has been dropped. You must upgrade your Node.js environment to at
+  least v10.
 
 #### 7.5.2 → 8.0.0
 
-- The `breachedAccount`, `pasteAccount`, and `search` modules now have an
-  `apiKey` option, which is required by v3 of the `haveibeenpwned.com` API
-  (unless you are proxying your requests through a server that inserts an API
-  key on your behalf via the `baseUrl` option). You can purchase an API key from
-  Troy at [https://haveibeenpwned.com/API/Key][get-key]. See [Troy's blog
+- The `breachedAccount`, `pasteAccount`, and `search` modules now have an `apiKey` option, which is
+  required by v3 of the `haveibeenpwned.com` API (unless you are proxying your requests through a
+  server that inserts an API key on your behalf via the `baseUrl` option). You can purchase an API
+  key from Troy at [https://haveibeenpwned.com/API/Key][get-key]. See [Troy's blog
   post][api-key-blog-post] for rationale and a full explanation.
-- The default value of the `truncate` option in the `breachedAccount` and
-  `search` modules has been changed from `false` to `true` per Troy's
-  recommendation. If you do not specify a value of `false` explicitly, each
-  `Breach` result will only contain the breach name (no metadata).
-- The default value of the `includeUnverified` option in the `breachedAccount`
-  module has been changed from `false` to `true` per Troy's recommendation.
-  Although there are not many unverified breaches in the system, it's possible
-  you will get more breaches back than you did previously. You may explicitly
-  disable this by specifying a value of `false` for this option.
-- Support for Node.js version 6.x has been dropped. You must upgrade your
-  Node.js environment to at least v8.9.0.
+- The default value of the `truncate` option in the `breachedAccount` and `search` modules has been
+  changed from `false` to `true` per Troy's recommendation. If you do not specify a value of `false`
+  explicitly, each `Breach` result will only contain the breach name (no metadata).
+- The default value of the `includeUnverified` option in the `breachedAccount` module has been
+  changed from `false` to `true` per Troy's recommendation. Although there are not many unverified
+  breaches in the system, it's possible you will get more breaches back than you did previously. You
+  may explicitly disable this by specifying a value of `false` for this option.
+- Support for Node.js version 6.x has been dropped. You must upgrade your Node.js environment to at
+  least v8.9.0.
 
 #### 6.0.0 → 7.0.0
 
-- `pwnedPassword` now uses the more secure hash range API rather than submitting
-  plain text passwords over the wire. The [new remote
-  API][pwnedpasswordsbyrange] no longer makes a distinction between passwords
-  that are hashses vs. plain text, so `pwnedPassword` no longer takes an options
+- `pwnedPassword` now uses the more secure hash range API rather than submitting plain text
+  passwords over the wire. The [new remote API][pwnedpasswordsbyrange] no longer makes a distinction
+  between passwords that are hashses vs. plain text, so `pwnedPassword` no longer takes an options
   object as the `isAHash` option has been removed.
 
-- `pwnedPassword` now resolves with a number representing the number of times
-  the given password was exposed in a breach. Code using truthy checks should
-  continue to function as before (when it returned a boolean), but explicit
-  checks will need updated.
+- `pwnedPassword` now resolves with a number representing the number of times the given password was
+  exposed in a breach. Code using truthy checks should continue to function as before (when it
+  returned a boolean), but explicit checks will need updated.
 
-- `pwnedPasswordRange` now returns an array of objects containing the matching
-  suffix and a count representing the number of occurrences, rather than a plain
-  text blob of all the data directly from the remote API response. Code
-  dependent on parsing the response text will need updated to deal with the new
-  data format:
+- `pwnedPasswordRange` now returns an array of objects containing the matching suffix and a count
+  representing the number of occurrences, rather than a plain text blob of all the data directly
+  from the remote API response. Code dependent on parsing the response text will need updated to
+  deal with the new data format:
   ```js
   [
     { suffix: "003D68EB55068C33ACE09247EE4C639306B", count: 3 },
@@ -108,22 +99,19 @@
 
 #### 5.3.0 → 6.0.0
 
-- Support for Node.js versions less than 6.x has been dropped. If you are
-  leveraging this library in such an environment, you should restrict the
-  version in your dependencies to `^5.3.0`.
+- Support for Node.js versions less than 6.x has been dropped. If you are leveraging this library in
+  such an environment, you should restrict the version in your dependencies to `^5.3.0`.
 
 #### 4.4.0 → 5.0.0
 
-- The biggest breaking change in `5.0.0` is the removal of the `default` export.
-  `hibp` is designed as a collection of modules to be imported explicitly as
-  needed and exporting a `default`-named object containing all the modules is
-  arguably an anti-pattern. Instead, an anonymous object of all the named
-  modules is exported, providing better dead code elimination support in order
-  to produce smaller bundles when importing from `hibp`. The quickest upgrade
-  path (providing invocation syntax equivalence to prior versions) is to change
-  your import statement to import all the modules into a local `hibp` namespace,
-  but the recommended upgrade path is to import exactly which modules you need
-  and update your calls to remove the preceding `hibp` references.
+- The biggest breaking change in `5.0.0` is the removal of the `default` export. `hibp` is designed
+  as a collection of modules to be imported explicitly as needed and exporting a `default`-named
+  object containing all the modules is arguably an anti-pattern. Instead, an anonymous object of all
+  the named modules is exported, providing better dead code elimination support in order to produce
+  smaller bundles when importing from `hibp`. The quickest upgrade path (providing invocation syntax
+  equivalence to prior versions) is to change your import statement to import all the modules into a
+  local `hibp` namespace, but the recommended upgrade path is to import exactly which modules you
+  need and update your calls to remove the preceding `hibp` references.
 
   ```javascript
   // 4.x
@@ -139,69 +127,60 @@
   breachedAccount(/* ... */).then(/* ... */);
   ```
 
-- The `browser` entry point field has been removed from `package.json` as
-  webpack was using it by default when omitting the `target` option or
-  explicitly using `target: 'web'` (see issue #8 for details). No `<script>` tag
-  changes should be necessary, but if you were otherwise relying on the
-  `browser` field to resolve to the UMD build, you will need to update your
-  configuration accordingly. Also worth noting here is the fact that the non-UMD
-  builds have been updated to target browsers (see issue #9), so bundling them
-  instead of the UMD build when targeting browsers should remain fully
-  compatible while producing smaller bundles.
-
-- The `index.js` file has been removed entirely. It's sole purpose was to
-  provide a separate entry point for the CJS/ESM (non-UMD) builds to include the
-  `source-map-support` module to enable source map support in Node for debugging
-  purposes. Source maps are still generated at build time and included in the
-  package, so debugging is still possible but the responsibility of enabling
-  support for source maps is now on the consumer. If you were importing
-  `index.js` explicitly rather than relying on the entry point fields in
-  `package.json`, you will need to replace that with `hibp.js`.
+- The `browser` entry point field has been removed from `package.json` as webpack was using it by
+  default when omitting the `target` option or explicitly using `target: 'web'` (see issue #8 for
+  details). No `<script>` tag changes should be necessary, but if you were otherwise relying on the
+  `browser` field to resolve to the UMD build, you will need to update your configuration
+  accordingly. Also worth noting here is the fact that the non-UMD builds have been updated to
+  target browsers (see issue #9), so bundling them instead of the UMD build when targeting browsers
+  should remain fully compatible while producing smaller bundles.
+
+- The `index.js` file has been removed entirely. It's sole purpose was to provide a separate entry
+  point for the CJS/ESM (non-UMD) builds to include the `source-map-support` module to enable source
+  map support in Node for debugging purposes. Source maps are still generated at build time and
+  included in the package, so debugging is still possible but the responsibility of enabling support
+  for source maps is now on the consumer. If you were importing `index.js` explicitly rather than
+  relying on the entry point fields in `package.json`, you will need to replace that with `hibp.js`.
 
 #### 3.0.0 → 4.0.0
 
-- Support for Node.js versions less than 4.x has been dropped. It will probably
-  still work (at least for the foreseeable future), but I'm not going out of my
-  way to make sure. If you are leveraging this library in such an environment,
-  you should restrict the version in your dependencies to `^3.0.0`.
+- Support for Node.js versions less than 4.x has been dropped. It will probably still work (at least
+  for the foreseeable future), but I'm not going out of my way to make sure. If you are leveraging
+  this library in such an environment, you should restrict the version in your dependencies to
+  `^3.0.0`.
 
 #### 2.2.0 → 3.0.0
 
-- The browser (UMD) build output has moved from the `lib` directory to the
-  `dist` directory to separate it from the server-side output. A development
-  (non-minified) version is also now included, which was omitted in the past as
-  it would have had the same file name in the same directory as the server-side
-  output.
+- The browser (UMD) build output has moved from the `lib` directory to the `dist` directory to
+  separate it from the server-side output. A development (non-minified) version is also now
+  included, which was omitted in the past as it would have had the same file name in the same
+  directory as the server-side output.
 
 #### 1.0.8 → 2.0.0
 
-- All API methods which previously resolved to `undefined` (upon receiving a
-  `404 Not Found` response from the remote endpoint) now resolve to `null`
-  instead. This may or may not be a breaking change, depending on how strictly
-  you're handling the "no data found" return value. Loose truthy/falsey checks
-  like `if (breachData) { ... }` will be fine, but strict equality checks like
+- All API methods which previously resolved to `undefined` (upon receiving a `404 Not Found`
+  response from the remote endpoint) now resolve to `null` instead. This may or may not be a
+  breaking change, depending on how strictly you're handling the "no data found" return value. Loose
+  truthy/falsey checks like `if (breachData) { ... }` will be fine, but strict equality checks like
   `if (breachData === undefined) { ... }` will break.
 
-  **_N.B._** _This is a philosophical change based on various sources regarding
-  the difference between null and undefined in JavaScript. In the case where a
-  query responds with no data, it is an expected absence of value, as that is
-  how the remote API is documented to respond when there are no relevant objects
-  to return._
+  **_N.B._** _This is a philosophical change based on various sources regarding the difference
+  between null and undefined in JavaScript. In the case where a query responds with no data, it is
+  an expected absence of value, as that is how the remote API is documented to respond when there
+  are no relevant objects to return._
 
   [Ryan Morr](http://goo.gl/TGTS96):
 
-  > To distinguish between the two, you may want to think of undefined as
-  > representing an unexpected absence of value and null as representing an
-  > expected absence of value."
+  > To distinguish between the two, you may want to think of undefined as representing an unexpected
+  > absence of value and null as representing an expected absence of value."
 
   [MDN](https://goo.gl/n85RSe):
 
-  > In APIs, null is often retrieved in place where an object can be expected
-  > but no object is relevant.
+  > In APIs, null is often retrieved in place where an object can be expected but no object is
+  > relevant.
 
-- All API methods that previously took optional, positional parameters like
-  `domain` and `truncateResults` now take an options object instead. For
-  example:
+- All API methods that previously took optional, positional parameters like `domain` and
+  `truncateResults` now take an options object instead. For example:
 
   1.0.8 (old):
 
@@ -212,16 +191,12 @@
   2.0.0 (new):
 
   ```javascript
-  hibp
-    .breachedAccount(account, { domain: 'adobe.com', truncate: true })
-    .then(/* ... */);
+  hibp.breachedAccount(account, { domain: 'adobe.com', truncate: true }).then(/* ... */);
   ```
 
-  This change was made to make the API more expressive and reduce ambiguity. See
-  the API documentation (or JSDoc comments) for details.
+  This change was made to make the API more expressive and reduce ambiguity. See the API
+  documentation (or JSDoc comments) for details.
 
-[pwnedpasswordsbyrange]:
-  https://haveibeenpwned.com/API/v2#SearchingPwnedPasswordsByRange
-[api-key-blog-post]:
-  https://www.troyhunt.com/authentication-and-the-have-i-been-pwned-api/
+[pwnedpasswordsbyrange]: https://haveibeenpwned.com/API/v2#SearchingPwnedPasswordsByRange
+[api-key-blog-post]: https://www.troyhunt.com/authentication-and-the-have-i-been-pwned-api/
 [get-key]: https://haveibeenpwned.com/API/Key

package/README.md

@@ -10,12 +10,11 @@
 
 # hibp
 
-_An unofficial TypeScript SDK for [Troy Hunt][troy]'s [Have I been
-pwned?][haveibeenpwned] service._
+_An unofficial TypeScript SDK for [Troy Hunt][troy]'s [Have I been pwned?][haveibeenpwned] service._
 
 [![npm Version][npm-image]][npm-url] [![Build Status][ci-image]][ci-url]
 [![Code Coverage][coverage-image]][coverage-url]
-[![All Contributors](https://img.shields.io/badge/all_contributors-7-orange.svg?style=flat-square)](#contributors-)
+[![All Contributors](https://img.shields.io/github/all-contributors/wKovacs64/hibp?style=flat-square)](#contributors-)
 
 ## Installation
 
@@ -32,8 +31,8 @@ In [Deno][deno]:
 import * as hibp from 'npm:hibp@x.y.z';
 ```
 
-See the [browser](#using-in-the-browser) section below for information on how to
-use it in the browser.
+See the [browser](#using-in-the-browser) section below for information on how to use it in the
+browser.
 
 ## Features (🔑 = [requires][api-key-blog-post] an [API key][get-api-key])
 
@@ -42,8 +41,7 @@ use it in the browser.
 - Get all breach events in the system
 - Get all data classes
 - Get all pastes for an account 🔑
-- [Securely][search-by-range] check a password to see if it has been exposed in
-  a data breach
+- [Securely][search-by-range] check a password to see if it has been exposed in a data breach
 - Check a SHA-1 or NTLM prefix to see if it has been exposed in a data breach
 - Search for an account in both breaches and pastes at the same time 🔑
 - Get your subscription status 🔑
@@ -83,8 +81,7 @@ The following modules are available:
 - [search](API.md#search)
 - [subscriptionStatus](API.md#subscriptionstatus)
 
-Please see the [API reference](API.md) for more detailed usage information and
-examples.
+Please see the [API reference](API.md) for more detailed usage information and examples.
 
 #### Quick-Start Example
 
@@ -112,11 +109,10 @@ main();
 
 #### Rate Limiting
 
-The haveibeenpwned.com API [rate limits][haveibeenpwned-rate-limiting] requests
-to prevent abuse. In the event you get rate limited, the module will throw a
-custom `RateLimitError` which will include a `retryAfterSeconds` property so you
-know when you can try the call again (as a `number`, unless the remote API did
-not provide one, in which case it will be `undefined` - but that _should_ never
+The haveibeenpwned.com API [rate limits][haveibeenpwned-rate-limiting] requests to prevent abuse. In
+the event you get rate limited, the module will throw a custom `RateLimitError` which will include a
+`retryAfterSeconds` property so you know when you can try the call again (as a `number`, unless the
+remote API did not provide one, in which case it will be `undefined` - but that _should_ never
 happen).
 
 #### Using in the browser
@@ -125,23 +121,20 @@ You have several options for using this library in a browser environment:
 
 1. Bundled
 
-   The most efficient and recommended method is to bundle it with client-side
-   code using a module bundler like [webpack][webpack] or, more likely, whatever
-   your framework of choice uses under the hood.
+   The most efficient and recommended method is to bundle it with client-side code using a module
+   bundler like [webpack][webpack] or, more likely, whatever your framework of choice uses under the
+   hood.
 
 1. UMD
 
-   There is also a Universal Module Definition (UMD) build provided for usage in
-   the browser. When using this build, an `hibp` object will be added to the
-   browser's `window` object.
+   There is also a Universal Module Definition (UMD) build provided for usage in the browser. When
+   using this build, an `hibp` object will be added to the browser's `window` object.
 
-   The recommended way to include the UMD build (when using a `<script>` tag) is
-   to use the [unpkg][unpkg] CDN, specifying the exact version you want. If you
-   don't specify a version, the `latest` tag will be used, which could be
-   dangerous if/when there are breaking changes made to the API. See
-   [unpkg][unpkg] for details and advanced version specification, but generally
-   you will want to do the following (replacing `x.y.z` with the version you
-   want):
+   The recommended way to include the UMD build (when using a `<script>` tag) is to use the
+   [unpkg][unpkg] CDN, specifying the exact version you want. If you don't specify a version, the
+   `latest` tag will be used, which could be dangerous if/when there are breaking changes made to
+   the API. See [unpkg][unpkg] for details and advanced version specification, but generally you
+   will want to do the following (replacing `x.y.z` with the version you want):
 
    ```html
    <script src="https://unpkg.com/hibp@x.y.z"></script>
@@ -150,9 +143,9 @@ You have several options for using this library in a browser environment:
 1. ESM for Browsers
 
    Modern browsers now [support][caniuse-esm] importing ECMAScript modules via
-   `<script type="module">` tags. Like the UMD option above, this build is also
-   available the [unpkg][unpkg] CDN (and the same versioning rules apply), but
-   you must specify the full path (including the file extension). For example:
+   `<script type="module">` tags. Like the UMD option above, this build is also available the
+   [unpkg][unpkg] CDN (and the same versioning rules apply), but you must specify the full path
+   (including the file extension). For example:
 
    ```html
    <script type="module">
@@ -167,8 +160,8 @@ You have several options for using this library in a browser environment:
    </script>
    ```
 
-   For more information on ESM in the browser, check out [Using JS modules in
-   the browser][js-modules].
+   For more information on ESM in the browser, check out [Using JS modules in the
+   browser][js-modules].
 
 ## Try It Out
 
@@ -176,19 +169,16 @@ You have several options for using this library in a browser environment:
 
 ## Projects Using hibp
 
-- [pwned][pwned] - a command-line tool for querying the '[Have I been
-  pwned?][haveibeenpwned]' service
-- [Password Lense][pwl] - a static web application to reveal character types in
-  a password
-- [Plasmic](https://www.plasmic.app/) - the open-source visual builder for your
-  tech stack
+- [pwned][pwned] - a command-line tool for querying the '[Have I been pwned?][haveibeenpwned]'
+  service
+- [Password Lense][pwl] - a static web application to reveal character types in a password
+- [Plasmic](https://www.plasmic.app/) - the open-source visual builder for your tech stack
 - [Medplum](https://www.medplum.com/) - fast and easy healthcare dev
-- [Hasura Backend Plus](https://nhost.github.io/hasura-backend-plus/) -
-  Authentication & Storage for Hasura
-- [Staart API](https://staart.js.org/api/) - a Node.js backend starter for SaaS
-  startups
-- [BanManager-WebUI](https://github.com/BanManagement/BanManager-WebUI) - Web
-  interface for BanManager
+- [Hasura Backend Plus](https://nhost.github.io/hasura-backend-plus/) - Authentication & Storage for
+  Hasura
+- [Staart API](https://staart.js.org/api/) - a Node.js backend starter for SaaS startups
+- [BanManager-WebUI](https://github.com/BanManagement/BanManager-WebUI) - Web interface for
+  BanManager
 
 Send me a [PR][pulls] or an email and I'll add yours to the list!
 
@@ -201,17 +191,14 @@ This module is distributed under the [MIT License][license].
 [ci-image]:
   https://img.shields.io/github/actions/workflow/status/wKovacs64/hibp/ci.yml?logo=github&style=flat-square
 [ci-url]: https://github.com/wKovacs64/hibp/actions?query=workflow%3Aci
-[coverage-image]:
-  https://img.shields.io/codecov/c/github/wKovacs64/hibp/main.svg?style=flat-square
+[coverage-image]: https://img.shields.io/codecov/c/github/wKovacs64/hibp/main.svg?style=flat-square
 [coverage-url]: https://codecov.io/gh/wKovacs64/hibp/branch/main
 [deno]: https://deno.land/
 [troy]: https://www.troyhunt.com
 [haveibeenpwned]: https://haveibeenpwned.com
 [haveibeenpwned-rate-limiting]: https://haveibeenpwned.com/API/v3#RateLimiting
-[search-by-range]:
-  https://haveibeenpwned.com/API/v2#SearchingPwnedPasswordsByRange
-[api-key-blog-post]:
-  https://www.troyhunt.com/authentication-and-the-have-i-been-pwned-api/
+[search-by-range]: https://haveibeenpwned.com/API/v2#SearchingPwnedPasswordsByRange
+[api-key-blog-post]: https://www.troyhunt.com/authentication-and-the-have-i-been-pwned-api/
 [get-api-key]: https://haveibeenpwned.com/API/Key
 [unpkg]: https://unpkg.com
 [caniuse-esm]: https://caniuse.com/#feat=es6-module
@@ -225,8 +212,7 @@ This module is distributed under the [MIT License][license].
 
 ## Contributors ✨
 
-Thanks goes to these wonderful people
-([emoji key](https://allcontributors.org/docs/en/emoji-key)):
+Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/docs/en/emoji-key)):
 
 <!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
 <!-- prettier-ignore-start -->
@@ -244,6 +230,7 @@ Thanks goes to these wonderful people
     </tr>
     <tr>
       <td align="center" valign="top" width="14.28%"><a href="https://github.com/ArcadeRenegade"><img src="https://avatars.githubusercontent.com/u/13874898?v=4?s=100" width="100px;" alt="Ryan"/><br /><sub><b>Ryan</b></sub></a><br /><a href="https://github.com/wKovacs64/hibp/issues?q=author%3AArcadeRenegade" title="Bug reports">🐛</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/PodStuart"><img src="https://avatars.githubusercontent.com/u/107403965?v=4?s=100" width="100px;" alt="Stuart McGregor"/><br /><sub><b>Stuart McGregor</b></sub></a><br /><a href="https://github.com/wKovacs64/hibp/issues?q=author%3APodStuart" title="Bug reports">🐛</a></td>
     </tr>
   </tbody>
 </table>
@@ -253,6 +240,5 @@ Thanks goes to these wonderful people
 
 <!-- ALL-CONTRIBUTORS-LIST:END -->
 
-This project follows the
-[all-contributors](https://github.com/all-contributors/all-contributors)
+This project follows the [all-contributors](https://github.com/all-contributors/all-contributors)
 specification. Contributions of any kind welcome!

package/dist/browser/hibp.module.js

@@ -1,2 +1,2 @@
-const t="hibp",e="14.1.0";function n(){if("undefined"!=typeof process&&process.versions.node.startsWith("18.")){const{File:t,fetch:e,FormData:n,Headers:r,Request:s,Response:o}=require("undici");global.File=t,global.Headers=r,global.Request=s,global.Response=o,global.fetch=e,global.FormData=n}}const r=new Map,s={headers:r,status:400,statusText:"Bad request — the account does not comply with an acceptable format."},o={headers:r,status:401,body:{statusCode:401,message:"Access denied due to missing hibp-api-key."}},i={headers:r,status:403,statusText:"Forbidden - access denied."},u={headers:r,status:404},a={headers:new Map([["retry-after","2"]]),status:429,body:{statusCode:429,message:"Rate limit is exceeded. Try again in 2 seconds."}};n();class h extends Error{retryAfterSeconds;constructor(t,e,n){super(e,n),this.name=this.constructor.name,this.retryAfterSeconds="string"==typeof t?Number.parseInt(t,10):void 0}}async function c(n,r={}){const{apiKey:c,baseUrl:f="https://haveibeenpwned.com/api/v3",timeoutMs:l,userAgent:d}=r,p={};c&&(p["HIBP-API-Key"]=c),d&&(p["User-Agent"]=d),d||"undefined"!=typeof navigator||(p["User-Agent"]=`${t} ${e}`);const g={headers:p,...l?{signal:AbortSignal.timeout(l)}:{}},m=`${f.replace(/\/$/g,"")}${n}`,A=await fetch(m,g);if(A.ok)return A.json();switch(A.status){case s.status:throw Error(s.statusText);case o.status:{const t=await A.json();throw Error(t.message)}case i.status:{const t=A.headers.get("cf-ray");if(t)throw Error(function(t){return`Request blocked, contact haveibeenpwned.com if this continues (Ray ID: ${t})`}(t));throw Error(i.statusText)}case u.status:return null;case a.status:{const t=await A.json(),e=A.headers.get("retry-after");throw new h(e,t.message)}default:throw Error(A.statusText)}}function f(t,e={}){return c("/breach/"+encodeURIComponent(t),e)}function l(t,e={}){const{apiKey:n,domain:r,includeUnverified:s=!0,timeoutMs:o,truncate:i=!0,baseUrl:u,userAgent:a}=e,h=`/breachedaccount/${encodeURIComponent(t)}?`,f=[];return r&&f.push("domain="+encodeURIComponent(r)),s||f.push("includeUnverified=false"),i||f.push("truncateResponse=false"),c(`${h}${f.join("&")}`,{apiKey:n,baseUrl:u,timeoutMs:o,userAgent:a})}function d(t={}){const{domain:e,baseUrl:n,timeoutMs:r,userAgent:s}=t,o=[];return e&&o.push("domain="+encodeURIComponent(e)),c("/breaches?"+o.join("&"),{baseUrl:n,timeoutMs:r,userAgent:s})}function p(t={}){return c("/dataclasses",t)}function g(t,e={}){return c("/pasteaccount/"+encodeURIComponent(t),e)}const m="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",A="ARRAYBUFFER not supported by this environment",b="UINT8ARRAY not supported by this environment";function w(t,e,n,r){let s,o,i;const u=e||[0],a=(n=n||0)>>>3,h=-1===r?3:0;for(s=0;t.length>s;s+=1)i=s+a,o=i>>>2,o>=u.length&&u.push(0),u[o]|=t[s]<<8*(h+r*(i%4));return{value:u,binLen:8*t.length+n}}function U(t,e,n){switch(e){case"UTF8":case"UTF16BE":case"UTF16LE":break;default:throw Error("encoding must be UTF8, UTF16BE, or UTF16LE")}switch(t){case"HEX":return function(t,e,r){return function(t,e,n,r){let s,o,i,u;if(0!=t.length%2)throw Error("String of HEX type must be in byte increments");const a=e||[0],h=(n=n||0)>>>3,c=-1===r?3:0;for(s=0;t.length>s;s+=2){if(o=parseInt(t.substr(s,2),16),isNaN(o))throw Error("String of HEX type contains invalid characters");for(u=(s>>>1)+h,i=u>>>2;i>=a.length;)a.push(0);a[i]|=o<<8*(c+r*(u%4))}return{value:a,binLen:4*t.length+n}}(t,e,r,n)};case"TEXT":return function(t,r,s){return function(t,e,n,r,s){let o,i,u,a,h,c,f,l,d=0;const p=n||[0],g=(r=r||0)>>>3;if("UTF8"===e)for(f=-1===s?3:0,u=0;t.length>u;u+=1)for(o=t.charCodeAt(u),i=[],128>o?i.push(o):2048>o?(i.push(192|o>>>6),i.push(128|63&o)):55296>o||o>=57344?i.push(224|o>>>12,128|o>>>6&63,128|63&o):(u+=1,o=65536+((1023&o)<<10|1023&t.charCodeAt(u)),i.push(240|o>>>18,128|o>>>12&63,128|o>>>6&63,128|63&o)),a=0;i.length>a;a+=1){for(c=d+g,h=c>>>2;h>=p.length;)p.push(0);p[h]|=i[a]<<8*(f+s*(c%4)),d+=1}else for(f=-1===s?2:0,l="UTF16LE"===e&&1!==s||"UTF16LE"!==e&&1===s,u=0;t.length>u;u+=1){for(o=t.charCodeAt(u),!0===l&&(a=255&o,o=a<<8|o>>>8),c=d+g,h=c>>>2;h>=p.length;)p.push(0);p[h]|=o<<8*(f+s*(c%4)),d+=2}return{value:p,binLen:8*d+r}}(t,e,r,s,n)};case"B64":return function(t,e,r){return function(t,e,n,r){let s,o,i,u,a,h,c,f=0;const l=e||[0],d=(n=n||0)>>>3,p=-1===r?3:0,g=t.indexOf("=");if(-1===t.search(/^[a-zA-Z0-9=+/]+$/))throw Error("Invalid character in base-64 string");if(t=t.replace(/=/g,""),-1!==g&&t.length>g)throw Error("Invalid '=' found in base-64 string");for(o=0;t.length>o;o+=4){for(a=t.substr(o,4),u=0,i=0;a.length>i;i+=1)s=m.indexOf(a.charAt(i)),u|=s<<18-6*i;for(i=0;a.length-1>i;i+=1){for(c=f+d,h=c>>>2;h>=l.length;)l.push(0);l[h]|=(u>>>16-8*i&255)<<8*(p+r*(c%4)),f+=1}}return{value:l,binLen:8*f+n}}(t,e,r,n)};case"BYTES":return function(t,e,r){return function(t,e,n,r){let s,o,i,u;const a=e||[0],h=(n=n||0)>>>3,c=-1===r?3:0;for(o=0;t.length>o;o+=1)s=t.charCodeAt(o),u=o+h,i=u>>>2,i>=a.length&&a.push(0),a[i]|=s<<8*(c+r*(u%4));return{value:a,binLen:8*t.length+n}}(t,e,r,n)};case"ARRAYBUFFER":try{new ArrayBuffer(0)}catch(t){throw Error(A)}return function(t,e,r){return function(t,e,n,r){return w(new Uint8Array(t),e,n,r)}(t,e,r,n)};case"UINT8ARRAY":try{new Uint8Array(0)}catch(t){throw Error(b)}return function(t,e,r){return w(t,e,r,n)};default:throw Error("format must be HEX, TEXT, B64, BYTES, ARRAYBUFFER, or UINT8ARRAY")}}function E(t,e,n,r){switch(t){case"HEX":return function(t){return function(t,e,n,r){const s="0123456789abcdef";let o,i,u="";const a=e/8,h=-1===n?3:0;for(o=0;a>o;o+=1)i=t[o>>>2]>>>8*(h+n*(o%4)),u+=s.charAt(i>>>4&15)+s.charAt(15&i);return r.outputUpper?u.toUpperCase():u}(t,e,n,r)};case"B64":return function(t){return function(t,e,n,r){let s,o,i,u,a,h="";const c=e/8,f=-1===n?3:0;for(s=0;c>s;s+=3)for(u=c>s+1?t[s+1>>>2]:0,a=c>s+2?t[s+2>>>2]:0,i=(t[s>>>2]>>>8*(f+n*(s%4))&255)<<16|(u>>>8*(f+n*((s+1)%4))&255)<<8|a>>>8*(f+n*((s+2)%4))&255,o=0;4>o;o+=1)h+=8*s+6*o>e?r.b64Pad:m.charAt(i>>>6*(3-o)&63);return h}(t,e,n,r)};case"BYTES":return function(t){return function(t,e,n){let r,s,o="";const i=e/8,u=-1===n?3:0;for(r=0;i>r;r+=1)s=t[r>>>2]>>>8*(u+n*(r%4))&255,o+=String.fromCharCode(s);return o}(t,e,n)};case"ARRAYBUFFER":try{new ArrayBuffer(0)}catch(t){throw Error(A)}return function(t){return function(t,e,n){let r;const s=e/8,o=new ArrayBuffer(s),i=new Uint8Array(o),u=-1===n?3:0;for(r=0;s>r;r+=1)i[r]=t[r>>>2]>>>8*(u+n*(r%4))&255;return o}(t,e,n)};case"UINT8ARRAY":try{new Uint8Array(0)}catch(t){throw Error(b)}return function(t){return function(t,e,n){let r;const s=e/8,o=-1===n?3:0,i=new Uint8Array(s);for(r=0;s>r;r+=1)i[r]=t[r>>>2]>>>8*(o+n*(r%4))&255;return i}(t,e,n)};default:throw Error("format must be HEX, B64, BYTES, ARRAYBUFFER, or UINT8ARRAY")}}function y(t){const e={outputUpper:!1,b64Pad:"=",outputLen:-1},n=t||{},r="Output length must be a multiple of 8";if(e.outputUpper=n.outputUpper||!1,n.b64Pad&&(e.b64Pad=n.b64Pad),n.outputLen){if(n.outputLen%8!=0)throw Error(r);e.outputLen=n.outputLen}else if(n.shakeLen){if(n.shakeLen%8!=0)throw Error(r);e.outputLen=n.shakeLen}if("boolean"!=typeof e.outputUpper)throw Error("Invalid outputUpper formatting option");if("string"!=typeof e.b64Pad)throw Error("Invalid b64Pad formatting option");return e}class R{constructor(t,e,n){const r=n||{};if(this.t=e,this.i=r.encoding||"UTF8",this.numRounds=r.numRounds||1,isNaN(this.numRounds)||this.numRounds!==parseInt(this.numRounds,10)||1>this.numRounds)throw Error("numRounds must a integer >= 1");this.o=t,this.h=[],this.u=0,this.l=!1,this.A=0,this.p=!1,this.U=[],this.R=[]}update(t){let e,n=0;const r=this.T>>>5,s=this.F(t,this.h,this.u),o=s.binLen,i=s.value,u=o>>>5;for(e=0;u>e;e+=r)o>=n+this.T&&(this.m=this.g(i.slice(e,e+r),this.m),n+=this.T);return this.A+=n,this.h=i.slice(n>>>5),this.u=o%this.T,this.l=!0,this}getHash(t,e){let n,r,s=this.B;const o=y(e);if(this.v){if(-1===o.outputLen)throw Error("Output length must be specified in options");s=o.outputLen}const i=E(t,s,this.H,o);if(this.p&&this.C)return i(this.C(o));for(r=this.Y(this.h.slice(),this.u,this.A,this.I(this.m),s),n=1;this.numRounds>n;n+=1)this.v&&s%32!=0&&(r[r.length-1]&=16777215>>>24-s%32),r=this.Y(r,s,0,this.L(this.o),s);return i(r)}setHMACKey(t,e,n){if(!this.M)throw Error("Variant does not support HMAC");if(this.l)throw Error("Cannot set MAC key after calling update");const r=U(e,(n||{}).encoding||"UTF8",this.H);this.N(r(t))}N(t){const e=this.T>>>3,n=e/4-1;let r;if(1!==this.numRounds)throw Error("Cannot set numRounds with MAC");if(this.p)throw Error("MAC key already set");for(t.binLen/8>e&&(t.value=this.Y(t.value,t.binLen,0,this.L(this.o),this.B));n>=t.value.length;)t.value.push(0);for(r=0;n>=r;r+=1)this.U[r]=909522486^t.value[r],this.R[r]=1549556828^t.value[r];this.m=this.g(this.U,this.m),this.A=this.T,this.p=!0}getHMAC(t,e){const n=y(e);return E(t,this.B,this.H,n)(this.S())}S(){let t;if(!this.p)throw Error("Cannot call getHMAC without first setting MAC key");const e=this.Y(this.h.slice(),this.u,this.A,this.I(this.m),this.B);return t=this.g(this.R,this.L(this.o)),t=this.Y(e,this.B,this.T,t,this.B),t}}function T(t,e){return t<<e|t>>>32-e}function v(t,e,n){return t^e^n}function C(t,e,n){return t&e^t&n^e&n}function F(t,e){const n=(65535&t)+(65535&e);return(65535&(t>>>16)+(e>>>16)+(n>>>16))<<16|65535&n}function B(t,e,n,r,s){const o=(65535&t)+(65535&e)+(65535&n)+(65535&r)+(65535&s);return(65535&(t>>>16)+(e>>>16)+(n>>>16)+(r>>>16)+(s>>>16)+(o>>>16))<<16|65535&o}function L(t){return[1732584193,4023233417,2562383102,271733878,3285377520]}function H(t,e){let n,r,s,o,i,u,a;const h=[];for(n=e[0],r=e[1],s=e[2],o=e[3],i=e[4],a=0;80>a;a+=1)h[a]=16>a?t[a]:T(h[a-3]^h[a-8]^h[a-14]^h[a-16],1),u=20>a?B(T(n,5),(c=r)&s^~c&o,i,1518500249,h[a]):40>a?B(T(n,5),v(r,s,o),i,1859775393,h[a]):60>a?B(T(n,5),C(r,s,o),i,2400959708,h[a]):B(T(n,5),v(r,s,o),i,3395469782,h[a]),i=o,o=s,s=T(r,30),r=n,n=u;var c;return e[0]=F(n,e[0]),e[1]=F(r,e[1]),e[2]=F(s,e[2]),e[3]=F(o,e[3]),e[4]=F(i,e[4]),e}function I(t,e,n,r){let s;const o=15+(e+65>>>9<<4),i=e+n;for(;o>=t.length;)t.push(0);for(t[e>>>5]|=128<<24-e%32,t[o]=4294967295&i,t[o-1]=i/4294967296|0,s=0;t.length>s;s+=16)r=H(t.slice(s,s+16),r);return r}class M extends R{constructor(t,e,n){if("SHA-1"!==t)throw Error("Chosen SHA variant is not supported");super(t,e,n);const r=n||{};this.M=!0,this.C=this.S,this.H=-1,this.F=U(this.t,this.i,this.H),this.g=H,this.I=function(t){return t.slice()},this.L=L,this.Y=I,this.m=[1732584193,4023233417,2562383102,271733878,3285377520],this.T=512,this.B=160,this.v=!1,r.hmacKey&&this.N(function(t,e,n,r){const s="hmacKey must include a value and format";if(!e)throw Error(s);if(void 0===e.value||!e.format)throw Error(s);return U(e.format,e.encoding||"UTF8",n)(e.value)}(0,r.hmacKey,this.H))}}const Y={status:400,body:"The hash prefix was not in a valid format"};async function S(t,e={}){const{baseUrl:n,timeoutMs:r,userAgent:s,addPadding:o=!1,mode:i="sha1"}=e,u=await async function(t,e={}){const{baseUrl:n="https://api.pwnedpasswords.com",timeoutMs:r,userAgent:s,addPadding:o=!1,mode:i="sha1"}=e,u={headers:{...s?{"User-Agent":s}:{},...o?{"Add-Padding":"true"}:{}},...r?{signal:AbortSignal.timeout(r)}:{}},a=`${n.replace(/\/$/g,"")}${t}?mode=${i}`,h=await fetch(a,u);if(h.ok)return h.text();if(h.status===Y.status){const t=await h.text();throw Error(t)}throw Error(h.statusText)}("/range/"+encodeURIComponent(t),{baseUrl:n,timeoutMs:r,userAgent:s,addPadding:o,mode:i});return u.split("\n").filter(Boolean).reduce(((t,e)=>{const[n,r]=e.split(":");return t[n]=Number.parseInt(r,10),t}),{})}async function x(t,e={}){const n=new M("SHA-1","TEXT");n.update(t);const r=n.getHash("HEX",{outputUpper:!0}),s=r.slice(0,5),o=r.slice(5);return(await S(s,e))[o]||0}async function N(t,e={}){const{apiKey:n,domain:r,truncate:s=!0,baseUrl:o,timeoutMs:i,userAgent:u}=e,[a,h]=await Promise.all([l(t,{apiKey:n,domain:r,truncate:s,baseUrl:o,timeoutMs:i,userAgent:u}),/^.+@.+$/.test(t)?g(t,{apiKey:n,baseUrl:o,timeoutMs:i,userAgent:u}):null]);return{breaches:a,pastes:h}}async function P(t={}){return c("/subscription/status",t)}n();export{h as RateLimitError,f as breach,l as breachedAccount,d as breaches,p as dataClasses,g as pasteAccount,x as pwnedPassword,S as pwnedPasswordRange,N as search,P as subscriptionStatus};
+const t="hibp",e="14.1.2";function n(){if("undefined"!=typeof process&&process.versions?.node?.startsWith("18.")){const{File:t,fetch:e,FormData:n,Headers:r,Request:s,Response:o}=require("undici");global.File=t,global.Headers=r,global.Request=s,global.Response=o,global.fetch=e,global.FormData=n}}const r={status:400,statusText:"Bad request — the account does not comply with an acceptable format."},s={status:401,body:'Your request to the API couldn\'t be authorised. Check you have the right value in the "hibp-api-key" header, refer to the documentation for more: https://haveibeenpwned.com/API/v3#Authorisation'},o={status:403,statusText:"Forbidden - access denied."},i={status:404},u={headers:new Map([["retry-after","2"]]),status:429,body:{statusCode:429,message:"Rate limit is exceeded. Try again in 2 seconds."}};n();class a extends Error{retryAfterSeconds;constructor(t,e,n){super(e,n),this.name=this.constructor.name,this.retryAfterSeconds="string"==typeof t?Number.parseInt(t,10):void 0}}async function h(n,h={}){const{apiKey:c,baseUrl:f="https://haveibeenpwned.com/api/v3",timeoutMs:l,userAgent:d}=h,p={};c&&(p["HIBP-API-Key"]=c),d&&(p["User-Agent"]=d),d||"undefined"!=typeof navigator||(p["User-Agent"]=`${t} ${e}`);const g={headers:p,...l?{signal:AbortSignal.timeout(l)}:{}},m=`${f.replace(/\/$/g,"")}${n}`,A=await fetch(m,g);if(A.ok)return A.json();switch(A.status){case r.status:throw Error(r.statusText);case s.status:{const t=await A.text();throw Error(t)}case o.status:{const t=A.headers.get("cf-ray");if(t)throw Error(function(t){return`Request blocked, contact haveibeenpwned.com if this continues (Ray ID: ${t})`}(t));throw Error(o.statusText)}case i.status:return null;case u.status:{const t=await A.json(),e=A.headers.get("retry-after");throw new a(e,t.message)}default:throw Error(A.statusText)}}function c(t,e={}){return h("/breach/"+encodeURIComponent(t),e)}function f(t,e={}){const{apiKey:n,domain:r,includeUnverified:s=!0,timeoutMs:o,truncate:i=!0,baseUrl:u,userAgent:a}=e,c=`/breachedaccount/${encodeURIComponent(t)}?`,f=[];return r&&f.push("domain="+encodeURIComponent(r)),s||f.push("includeUnverified=false"),i||f.push("truncateResponse=false"),h(`${c}${f.join("&")}`,{apiKey:n,baseUrl:u,timeoutMs:o,userAgent:a})}function l(t={}){const{domain:e,baseUrl:n,timeoutMs:r,userAgent:s}=t,o=[];return e&&o.push("domain="+encodeURIComponent(e)),h("/breaches?"+o.join("&"),{baseUrl:n,timeoutMs:r,userAgent:s})}function d(t={}){return h("/dataclasses",t)}function p(t,e={}){return h("/pasteaccount/"+encodeURIComponent(t),e)}const g="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",m="ARRAYBUFFER not supported by this environment",A="UINT8ARRAY not supported by this environment";function b(t,e,n,r){let s,o,i;const u=e||[0],a=(n=n||0)>>>3,h=-1===r?3:0;for(s=0;t.length>s;s+=1)i=s+a,o=i>>>2,o>=u.length&&u.push(0),u[o]|=t[s]<<8*(h+r*(i%4));return{value:u,binLen:8*t.length+n}}function w(t,e,n){switch(e){case"UTF8":case"UTF16BE":case"UTF16LE":break;default:throw Error("encoding must be UTF8, UTF16BE, or UTF16LE")}switch(t){case"HEX":return function(t,e,r){return function(t,e,n,r){let s,o,i,u;if(0!=t.length%2)throw Error("String of HEX type must be in byte increments");const a=e||[0],h=(n=n||0)>>>3,c=-1===r?3:0;for(s=0;t.length>s;s+=2){if(o=parseInt(t.substr(s,2),16),isNaN(o))throw Error("String of HEX type contains invalid characters");for(u=(s>>>1)+h,i=u>>>2;i>=a.length;)a.push(0);a[i]|=o<<8*(c+r*(u%4))}return{value:a,binLen:4*t.length+n}}(t,e,r,n)};case"TEXT":return function(t,r,s){return function(t,e,n,r,s){let o,i,u,a,h,c,f,l,d=0;const p=n||[0],g=(r=r||0)>>>3;if("UTF8"===e)for(f=-1===s?3:0,u=0;t.length>u;u+=1)for(o=t.charCodeAt(u),i=[],128>o?i.push(o):2048>o?(i.push(192|o>>>6),i.push(128|63&o)):55296>o||o>=57344?i.push(224|o>>>12,128|o>>>6&63,128|63&o):(u+=1,o=65536+((1023&o)<<10|1023&t.charCodeAt(u)),i.push(240|o>>>18,128|o>>>12&63,128|o>>>6&63,128|63&o)),a=0;i.length>a;a+=1){for(c=d+g,h=c>>>2;h>=p.length;)p.push(0);p[h]|=i[a]<<8*(f+s*(c%4)),d+=1}else for(f=-1===s?2:0,l="UTF16LE"===e&&1!==s||"UTF16LE"!==e&&1===s,u=0;t.length>u;u+=1){for(o=t.charCodeAt(u),!0===l&&(a=255&o,o=a<<8|o>>>8),c=d+g,h=c>>>2;h>=p.length;)p.push(0);p[h]|=o<<8*(f+s*(c%4)),d+=2}return{value:p,binLen:8*d+r}}(t,e,r,s,n)};case"B64":return function(t,e,r){return function(t,e,n,r){let s,o,i,u,a,h,c,f=0;const l=e||[0],d=(n=n||0)>>>3,p=-1===r?3:0,m=t.indexOf("=");if(-1===t.search(/^[a-zA-Z0-9=+/]+$/))throw Error("Invalid character in base-64 string");if(t=t.replace(/=/g,""),-1!==m&&t.length>m)throw Error("Invalid '=' found in base-64 string");for(o=0;t.length>o;o+=4){for(a=t.substr(o,4),u=0,i=0;a.length>i;i+=1)s=g.indexOf(a.charAt(i)),u|=s<<18-6*i;for(i=0;a.length-1>i;i+=1){for(c=f+d,h=c>>>2;h>=l.length;)l.push(0);l[h]|=(u>>>16-8*i&255)<<8*(p+r*(c%4)),f+=1}}return{value:l,binLen:8*f+n}}(t,e,r,n)};case"BYTES":return function(t,e,r){return function(t,e,n,r){let s,o,i,u;const a=e||[0],h=(n=n||0)>>>3,c=-1===r?3:0;for(o=0;t.length>o;o+=1)s=t.charCodeAt(o),u=o+h,i=u>>>2,i>=a.length&&a.push(0),a[i]|=s<<8*(c+r*(u%4));return{value:a,binLen:8*t.length+n}}(t,e,r,n)};case"ARRAYBUFFER":try{new ArrayBuffer(0)}catch(t){throw Error(m)}return function(t,e,r){return function(t,e,n,r){return b(new Uint8Array(t),e,n,r)}(t,e,r,n)};case"UINT8ARRAY":try{new Uint8Array(0)}catch(t){throw Error(A)}return function(t,e,r){return b(t,e,r,n)};default:throw Error("format must be HEX, TEXT, B64, BYTES, ARRAYBUFFER, or UINT8ARRAY")}}function U(t,e,n,r){switch(t){case"HEX":return function(t){return function(t,e,n,r){const s="0123456789abcdef";let o,i,u="";const a=e/8,h=-1===n?3:0;for(o=0;a>o;o+=1)i=t[o>>>2]>>>8*(h+n*(o%4)),u+=s.charAt(i>>>4&15)+s.charAt(15&i);return r.outputUpper?u.toUpperCase():u}(t,e,n,r)};case"B64":return function(t){return function(t,e,n,r){let s,o,i,u,a,h="";const c=e/8,f=-1===n?3:0;for(s=0;c>s;s+=3)for(u=c>s+1?t[s+1>>>2]:0,a=c>s+2?t[s+2>>>2]:0,i=(t[s>>>2]>>>8*(f+n*(s%4))&255)<<16|(u>>>8*(f+n*((s+1)%4))&255)<<8|a>>>8*(f+n*((s+2)%4))&255,o=0;4>o;o+=1)h+=8*s+6*o>e?r.b64Pad:g.charAt(i>>>6*(3-o)&63);return h}(t,e,n,r)};case"BYTES":return function(t){return function(t,e,n){let r,s,o="";const i=e/8,u=-1===n?3:0;for(r=0;i>r;r+=1)s=t[r>>>2]>>>8*(u+n*(r%4))&255,o+=String.fromCharCode(s);return o}(t,e,n)};case"ARRAYBUFFER":try{new ArrayBuffer(0)}catch(t){throw Error(m)}return function(t){return function(t,e,n){let r;const s=e/8,o=new ArrayBuffer(s),i=new Uint8Array(o),u=-1===n?3:0;for(r=0;s>r;r+=1)i[r]=t[r>>>2]>>>8*(u+n*(r%4))&255;return o}(t,e,n)};case"UINT8ARRAY":try{new Uint8Array(0)}catch(t){throw Error(A)}return function(t){return function(t,e,n){let r;const s=e/8,o=-1===n?3:0,i=new Uint8Array(s);for(r=0;s>r;r+=1)i[r]=t[r>>>2]>>>8*(o+n*(r%4))&255;return i}(t,e,n)};default:throw Error("format must be HEX, B64, BYTES, ARRAYBUFFER, or UINT8ARRAY")}}function E(t){const e={outputUpper:!1,b64Pad:"=",outputLen:-1},n=t||{},r="Output length must be a multiple of 8";if(e.outputUpper=n.outputUpper||!1,n.b64Pad&&(e.b64Pad=n.b64Pad),n.outputLen){if(n.outputLen%8!=0)throw Error(r);e.outputLen=n.outputLen}else if(n.shakeLen){if(n.shakeLen%8!=0)throw Error(r);e.outputLen=n.shakeLen}if("boolean"!=typeof e.outputUpper)throw Error("Invalid outputUpper formatting option");if("string"!=typeof e.b64Pad)throw Error("Invalid b64Pad formatting option");return e}class y{constructor(t,e,n){const r=n||{};if(this.t=e,this.i=r.encoding||"UTF8",this.numRounds=r.numRounds||1,isNaN(this.numRounds)||this.numRounds!==parseInt(this.numRounds,10)||1>this.numRounds)throw Error("numRounds must a integer >= 1");this.o=t,this.h=[],this.u=0,this.l=!1,this.A=0,this.p=!1,this.U=[],this.R=[]}update(t){let e,n=0;const r=this.T>>>5,s=this.F(t,this.h,this.u),o=s.binLen,i=s.value,u=o>>>5;for(e=0;u>e;e+=r)o>=n+this.T&&(this.m=this.g(i.slice(e,e+r),this.m),n+=this.T);return this.A+=n,this.h=i.slice(n>>>5),this.u=o%this.T,this.l=!0,this}getHash(t,e){let n,r,s=this.B;const o=E(e);if(this.v){if(-1===o.outputLen)throw Error("Output length must be specified in options");s=o.outputLen}const i=U(t,s,this.H,o);if(this.p&&this.C)return i(this.C(o));for(r=this.Y(this.h.slice(),this.u,this.A,this.I(this.m),s),n=1;this.numRounds>n;n+=1)this.v&&s%32!=0&&(r[r.length-1]&=16777215>>>24-s%32),r=this.Y(r,s,0,this.L(this.o),s);return i(r)}setHMACKey(t,e,n){if(!this.M)throw Error("Variant does not support HMAC");if(this.l)throw Error("Cannot set MAC key after calling update");const r=w(e,(n||{}).encoding||"UTF8",this.H);this.N(r(t))}N(t){const e=this.T>>>3,n=e/4-1;let r;if(1!==this.numRounds)throw Error("Cannot set numRounds with MAC");if(this.p)throw Error("MAC key already set");for(t.binLen/8>e&&(t.value=this.Y(t.value,t.binLen,0,this.L(this.o),this.B));n>=t.value.length;)t.value.push(0);for(r=0;n>=r;r+=1)this.U[r]=909522486^t.value[r],this.R[r]=1549556828^t.value[r];this.m=this.g(this.U,this.m),this.A=this.T,this.p=!0}getHMAC(t,e){const n=E(e);return U(t,this.B,this.H,n)(this.S())}S(){let t;if(!this.p)throw Error("Cannot call getHMAC without first setting MAC key");const e=this.Y(this.h.slice(),this.u,this.A,this.I(this.m),this.B);return t=this.g(this.R,this.L(this.o)),t=this.Y(e,this.B,this.T,t,this.B),t}}function R(t,e){return t<<e|t>>>32-e}function T(t,e,n){return t^e^n}function v(t,e,n){return t&e^t&n^e&n}function C(t,e){const n=(65535&t)+(65535&e);return(65535&(t>>>16)+(e>>>16)+(n>>>16))<<16|65535&n}function F(t,e,n,r,s){const o=(65535&t)+(65535&e)+(65535&n)+(65535&r)+(65535&s);return(65535&(t>>>16)+(e>>>16)+(n>>>16)+(r>>>16)+(s>>>16)+(o>>>16))<<16|65535&o}function B(t){return[1732584193,4023233417,2562383102,271733878,3285377520]}function I(t,e){let n,r,s,o,i,u,a;const h=[];for(n=e[0],r=e[1],s=e[2],o=e[3],i=e[4],a=0;80>a;a+=1)h[a]=16>a?t[a]:R(h[a-3]^h[a-8]^h[a-14]^h[a-16],1),u=20>a?F(R(n,5),(c=r)&s^~c&o,i,1518500249,h[a]):40>a?F(R(n,5),T(r,s,o),i,1859775393,h[a]):60>a?F(R(n,5),v(r,s,o),i,2400959708,h[a]):F(R(n,5),T(r,s,o),i,3395469782,h[a]),i=o,o=s,s=R(r,30),r=n,n=u;var c;return e[0]=C(n,e[0]),e[1]=C(r,e[1]),e[2]=C(s,e[2]),e[3]=C(o,e[3]),e[4]=C(i,e[4]),e}function L(t,e,n,r){let s;const o=15+(e+65>>>9<<4),i=e+n;for(;o>=t.length;)t.push(0);for(t[e>>>5]|=128<<24-e%32,t[o]=4294967295&i,t[o-1]=i/4294967296|0,s=0;t.length>s;s+=16)r=I(t.slice(s,s+16),r);return r}class H extends y{constructor(t,e,n){if("SHA-1"!==t)throw Error("Chosen SHA variant is not supported");super(t,e,n);const r=n||{};this.M=!0,this.C=this.S,this.H=-1,this.F=w(this.t,this.i,this.H),this.g=I,this.I=function(t){return t.slice()},this.L=B,this.Y=L,this.m=[1732584193,4023233417,2562383102,271733878,3285377520],this.T=512,this.B=160,this.v=!1,r.hmacKey&&this.N(function(t,e,n,r){const s="hmacKey must include a value and format";if(!e)throw Error(s);if(void 0===e.value||!e.format)throw Error(s);return w(e.format,e.encoding||"UTF8",n)(e.value)}(0,r.hmacKey,this.H))}}const M={status:400,body:"The hash prefix was not in a valid format"};async function Y(t,e={}){const{baseUrl:n,timeoutMs:r,userAgent:s,addPadding:o=!1,mode:i="sha1"}=e,u=await async function(t,e={}){const{baseUrl:n="https://api.pwnedpasswords.com",timeoutMs:r,userAgent:s,addPadding:o=!1,mode:i="sha1"}=e,u={headers:{...s?{"User-Agent":s}:{},...o?{"Add-Padding":"true"}:{}},...r?{signal:AbortSignal.timeout(r)}:{}},a=`${n.replace(/\/$/g,"")}${t}?mode=${i}`,h=await fetch(a,u);if(h.ok)return h.text();if(h.status===M.status){const t=await h.text();throw Error(t)}throw Error(h.statusText)}("/range/"+encodeURIComponent(t),{baseUrl:n,timeoutMs:r,userAgent:s,addPadding:o,mode:i});return u.split("\n").filter(Boolean).reduce(((t,e)=>{const[n,r]=e.split(":");return t[n]=Number.parseInt(r,10),t}),{})}async function S(t,e={}){const n=new H("SHA-1","TEXT");n.update(t);const r=n.getHash("HEX",{outputUpper:!0}),s=r.slice(0,5),o=r.slice(5);return(await Y(s,e))[o]||0}async function x(t,e={}){const{apiKey:n,domain:r,truncate:s=!0,baseUrl:o,timeoutMs:i,userAgent:u}=e,[a,h]=await Promise.all([f(t,{apiKey:n,domain:r,truncate:s,baseUrl:o,timeoutMs:i,userAgent:u}),/^.+@.+$/.test(t)?p(t,{apiKey:n,baseUrl:o,timeoutMs:i,userAgent:u}):null]);return{breaches:a,pastes:h}}async function P(t={}){return h("/subscription/status",t)}n();export{a as RateLimitError,c as breach,f as breachedAccount,l as breaches,d as dataClasses,p as pasteAccount,S as pwnedPassword,Y as pwnedPasswordRange,x as search,P as subscriptionStatus};
 //# sourceMappingURL=hibp.module.js.map