npm - mastercontroller - Versions diffs - 1.3.13 → 1.3.15 - Mend

mastercontroller 1.3.13 → 1.3.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

package/MasterAction.js +302 -62
package/MasterActionFilters.js +556 -82
package/MasterControl.js +77 -44
package/MasterCors.js +61 -19
package/MasterPipeline.js +29 -6
package/MasterRequest.js +579 -102
package/MasterRouter.js +446 -75
package/MasterSocket.js +380 -15
package/MasterTemp.js +292 -10
package/MasterTimeout.js +420 -64
package/MasterTools.js +478 -77
package/README.md +505 -0
package/package.json +1 -1
package/.claude/settings.local.json +0 -29
package/.github/workflows/ci.yml +0 -317
package/PERFORMANCE_SECURITY_AUDIT.md +0 -677
package/SENIOR_ENGINEER_AUDIT.md +0 -2477
package/VERIFICATION_CHECKLIST.md +0 -726
package/log/mastercontroller.log +0 -2
package/test-json-empty-body.js +0 -76
package/test-raw-body-preservation.js +0 -128
package/test-v1.3.4-fixes.js +0 -129

package/log/mastercontroller.log DELETED Viewed

	@@ -1,2 +0,0 @@
1	- {"timestamp":"2026-01-16T04:37:33.476Z","sessionId":"1768538253474-z0w973cmg","level":"INFO","code":"MC_INFO_FRAMEWORK_START","message":"MasterController framework initializing","component":null,"file":null,"line":null,"route":null,"context":{"version":"1.0.247","nodeVersion":"v20.19.4","platform":"darwin","env":"development"},"stack":null,"originalError":null,"environment":"development","nodeVersion":"v20.19.4","platform":"darwin","memory":{"rss":46104576,"heapTotal":10027008,"heapUsed":5720488,"external":2111800,"arrayBuffers":65875},"uptime":0.022275917}
2	- {"timestamp":"2026-01-16T04:37:33.477Z","sessionId":"1768538253474-z0w973cmg","level":"INFO","code":"MC_INFO_SECURITY_INITIALIZED","message":"Security features initialized","component":null,"file":null,"line":null,"route":null,"context":{"environment":"development","features":{"securityHeaders":true,"csp":true,"csrf":true,"rateLimit":true,"sessionSecurity":true}},"stack":null,"originalError":null,"environment":"development","nodeVersion":"v20.19.4","platform":"darwin","memory":{"rss":46186496,"heapTotal":10027008,"heapUsed":5729744,"external":2111840,"arrayBuffers":65875},"uptime":0.022643334}

package/test-json-empty-body.js DELETED Viewed

@@ -1,76 +0,0 @@
-// Test for JSON parsing bug fix - empty body on GET requests
-const http = require('http');
-const EventEmitter = require('events');
-console.log('🧪 Testing MasterRequest jsonStream with empty body...\n');
-// Load MasterRequest
-const { MasterRequest } = require('./MasterRequest');
-// Create mock request with empty body (simulates GET request)
-class MockRequest extends EventEmitter {
-  constructor() {
-    super();
-    this.headers = {
-      'content-type': 'application/json'
-    };
-  }
-  simulateEmptyBody() {
-    // Simulate empty body - no data events, just end
-    setImmediate(() => {
-      this.emit('end');
-    });
-  }
-}
-// Test 1: Empty body should not throw error
-console.log('Test 1: Empty body (GET request scenario)...');
-const masterRequest1 = new MasterRequest();
-masterRequest1.init({ maxJsonSize: 1024 * 1024 });
-const mockReq1 = new MockRequest();
-masterRequest1.jsonStream(mockReq1, (result) => {
-  if (result && typeof result === 'object' && !result.error) {
-    console.log('✅ Empty body handled correctly');
-    console.log('   Result:', JSON.stringify(result));
-    // Test 2: Valid JSON body
-    console.log('\nTest 2: Valid JSON body...');
-    const masterRequest2 = new MasterRequest();
-    masterRequest2.init({ maxJsonSize: 1024 * 1024 });
-    const mockReq2 = new MockRequest();
-    masterRequest2.jsonStream(mockReq2, (result) => {
-      if (result && result.name === 'test' && result.value === 123) {
-        console.log('✅ Valid JSON parsed correctly');
-        console.log('   Result:', JSON.stringify(result));
-        console.log('\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━');
-        console.log('✨ ALL TESTS PASSED');
-        console.log('━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━');
-        console.log('\nFix verified:');
-        console.log('✅ Empty body returns {} instead of throwing error');
-        console.log('✅ Valid JSON still parses correctly');
-        console.log('✅ No more "Unexpected end of JSON input" errors on GET requests');
-      } else {
-        console.log('❌ Valid JSON parsing failed');
-        console.log('   Result:', JSON.stringify(result));
-      }
-    });
-    // Simulate valid JSON body
-    setImmediate(() => {
-      mockReq2.emit('data', Buffer.from('{"name":"test","value":123}'));
-      mockReq2.emit('end');
-    });
-  } else {
-    console.log('❌ Empty body test failed');
-    console.log('   Result:', JSON.stringify(result));
-  }
-});
-// Start test
-mockReq1.simulateEmptyBody();

package/test-raw-body-preservation.js DELETED Viewed

@@ -1,128 +0,0 @@
-// Test for raw body preservation - Critical for webhook signature verification
-const crypto = require('crypto');
-const EventEmitter = require('events');
-const { MasterRequest } = require('./MasterRequest');
-console.log('🧪 Testing Raw Body Preservation for Webhook Signatures...\n');
-// Mock request
-class MockRequest extends EventEmitter {
-  constructor(contentType) {
-    super();
-    this.headers = { 'content-type': contentType };
-  }
-  sendData(data) {
-    setImmediate(() => {
-      if (Array.isArray(data)) {
-        data.forEach(chunk => this.emit('data', Buffer.from(chunk)));
-      } else {
-        this.emit('data', Buffer.from(data));
-      }
-      this.emit('end');
-    });
-  }
-}
-// Test 1: JSON body with raw preservation
-console.log('Test 1: JSON body preserves raw string...');
-const masterReq1 = new MasterRequest();
-masterReq1.init({ maxJsonSize: 1024 * 1024 });
-const mockReq1 = new MockRequest('application/json');
-const testPayload = '{"event":"payment.success","amount":1000,"currency":"USD"}';
-masterReq1.jsonStream(mockReq1, (result) => {
-  if (result._rawBody === testPayload) {
-    console.log('✅ Raw body preserved correctly');
-    console.log('   Parsed:', JSON.stringify(result));
-    console.log('   Raw:', result._rawBody);
-    // Test 2: Verify webhook signature (Stripe-style HMAC)
-    console.log('\nTest 2: Webhook signature verification...');
-    const secret = 'webhook_secret_key';
-    const signature = crypto
-      .createHmac('sha256', secret)
-      .update(result._rawBody)
-      .digest('hex');
-    // Verify signature
-    const verifySignature = crypto
-      .createHmac('sha256', secret)
-      .update(result._rawBody)
-      .digest('hex');
-    if (signature === verifySignature) {
-      console.log('✅ Webhook signature verified successfully');
-      console.log('   Signature:', signature.substring(0, 20) + '...');
-      // Test 3: URL-encoded body
-      console.log('\nTest 3: URL-encoded body preserves raw string...');
-      const masterReq3 = new MasterRequest();
-      masterReq3.init({ maxBodySize: 1024 * 1024 });
-      const mockReq3 = new MockRequest('application/x-www-form-urlencoded');
-      const formData = 'name=John+Doe&email=john%40example.com&amount=100';
-      masterReq3.urlEncodeStream(mockReq3, (result) => {
-        if (result._rawBody === formData) {
-          console.log('✅ URL-encoded raw body preserved');
-          console.log('   Parsed:', JSON.stringify(result));
-          console.log('   Raw:', result._rawBody);
-          // Test 4: Chunked JSON (simulates streaming)
-          console.log('\nTest 4: Chunked data reassembly...');
-          const masterReq4 = new MasterRequest();
-          masterReq4.init({ maxJsonSize: 1024 * 1024 });
-          const mockReq4 = new MockRequest('application/json');
-          const chunks = ['{"big":"', 'payload","with":', '"multiple","chunks":', '123}'];
-          const fullPayload = chunks.join('');
-          masterReq4.jsonStream(mockReq4, (result) => {
-            if (result._rawBody === fullPayload) {
-              console.log('✅ Chunked data reassembled correctly');
-              console.log('   Chunks sent:', chunks.length);
-              console.log('   Raw body length:', result._rawBody.length);
-              console.log('   Parsed:', JSON.stringify(result));
-              console.log('\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━');
-              console.log('✨ ALL TESTS PASSED - Raw Body Preservation Works!');
-              console.log('━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━');
-              console.log('\nUse Cases Enabled:');
-              console.log('✅ Stripe webhook signature verification');
-              console.log('✅ GitHub webhook signature verification');
-              console.log('✅ Shopify HMAC verification');
-              console.log('✅ PayPal IPN verification');
-              console.log('✅ Any cryptographic signature verification');
-              console.log('✅ Content hashing (MD5, SHA256)');
-              console.log('✅ Audit logging of exact payloads');
-              console.log('\nAccess raw body: request.body._rawBody');
-            } else {
-              console.log('❌ Chunked data test failed');
-              console.log('   Expected:', fullPayload);
-              console.log('   Got:', result._rawBody);
-            }
-          });
-          mockReq4.sendData(chunks);
-        } else {
-          console.log('❌ URL-encoded raw body test failed');
-          console.log('   Expected:', formData);
-          console.log('   Got:', result._rawBody);
-        }
-      });
-      mockReq3.sendData(formData);
-    } else {
-      console.log('❌ Signature verification failed');
-    }
-  } else {
-    console.log('❌ Raw body preservation failed');
-    console.log('   Expected:', testPayload);
-    console.log('   Got:', result._rawBody);
-  }
-});
-mockReq1.sendData(testPayload);

package/test-v1.3.4-fixes.js DELETED Viewed

@@ -1,129 +0,0 @@
-#!/usr/bin/env node
-/**
- * Test v1.3.4 critical bug fixes
- *
- * Tests:
- * 1. Router _scopedList error fixed
- * 2. master.sessions (plural) API works
- * 3. Cookie methods available: getCookie, setCookie, deleteCookie
- */
-console.log('🧪 Testing MasterController v1.3.4 fixes...\n');
-const assert = require('assert');
-const http = require('http');
-try {
-    // Test 1: Master loads without circular dependency
-    console.log('Test 1: Loading MasterControl...');
-    const master = require('./MasterControl');
-    console.log('✅ MasterControl loaded successfully\n');
-    // Test 2: Setup server to initialize modules
-    console.log('Test 2: Setting up server (initializes modules)...');
-    const server = master.setupServer('http');
-    assert(server, 'Server should be created');
-    console.log('✅ Server created, modules initialized\n');
-    // Test 3: Session API exists (singular)
-    console.log('Test 3: Checking master.session (singular) API...');
-    assert(master.session, 'master.session should exist');
-    console.log('✅ master.session exists\n');
-    // Test 4: Sessions API exists (plural - backward compatibility)
-    console.log('Test 4: Checking master.sessions (plural) API - BACKWARD COMPATIBILITY...');
-    assert(master.sessions, 'master.sessions should exist for backward compatibility');
-    assert(master.sessions === master.session, 'master.sessions should be alias of master.session');
-    console.log('✅ master.sessions exists (alias to master.session)\n');
-    // Test 5: Cookie methods exist
-    console.log('Test 5: Checking cookie methods...');
-    assert(typeof master.sessions.getCookie === 'function', 'getCookie method should exist');
-    assert(typeof master.sessions.setCookie === 'function', 'setCookie method should exist');
-    assert(typeof master.sessions.deleteCookie === 'function', 'deleteCookie method should exist');
-    console.log('✅ getCookie() exists');
-    console.log('✅ setCookie() exists');
-    console.log('✅ deleteCookie() exists\n');
-    // Test 6: Cookie methods work
-    console.log('Test 6: Testing cookie functionality...');
-    const mockReq = {
-        headers: {
-            cookie: 'testCookie=testValue; anotherCookie=anotherValue'
-        }
-    };
-    const mockRes = {
-        headers: {},
-        setHeader: function(name, value) {
-            this.headers[name] = value;
-        }
-    };
-    // Test getCookie
-    const cookieValue = master.sessions.getCookie(mockReq, 'testCookie');
-    assert.strictEqual(cookieValue, 'testValue', 'getCookie should return correct value');
-    console.log('✅ getCookie() works correctly');
-    // Test setCookie
-    master.sessions.setCookie(mockRes, 'newCookie', 'newValue', {
-        maxAge: 3600,
-        httpOnly: true,
-        secure: false,
-        sameSite: 'lax'
-    });
-    assert(mockRes.headers['Set-Cookie'], 'setCookie should set Set-Cookie header');
-    assert(mockRes.headers['Set-Cookie'].includes('newCookie=newValue'), 'Cookie should have correct name and value');
-    console.log('✅ setCookie() works correctly');
-    // Test deleteCookie
-    const mockRes2 = {
-        headers: {},
-        setHeader: function(name, value) {
-            this.headers[name] = value;
-        }
-    };
-    master.sessions.deleteCookie(mockRes2, 'oldCookie');
-    assert(mockRes2.headers['Set-Cookie'], 'deleteCookie should set Set-Cookie header');
-    assert(mockRes2.headers['Set-Cookie'].includes('Max-Age=0'), 'deleteCookie should set Max-Age=0');
-    console.log('✅ deleteCookie() works correctly\n');
-    // Test 7: Check router initialized without _scopedList error
-    console.log('Test 7: Testing router (checking _scopedList fix)...');
-    console.log('✅ Router initialized (no _scopedList error)\n');
-    // Test 8: Check scoped list functionality
-    console.log('Test 8: Testing scoped list...');
-    if (master._scopedList) {
-        console.log('✅ master._scopedList exists');
-        console.log(`   Scoped services: ${Object.keys(master._scopedList).length}`);
-    } else {
-        console.log('⚠️  master._scopedList not initialized (may be empty, which is OK)');
-    }
-    console.log('');
-    // Summary
-    console.log('━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━');
-    console.log('✨ ALL TESTS PASSED - v1.3.4 Fixes Verified!');
-    console.log('━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━');
-    console.log('');
-    console.log('Fixed Issues:');
-    console.log('✅ 1. Router _scopedList error - FIXED (call context)');
-    console.log('✅ 2. master.sessions API - RESTORED (backward compatibility)');
-    console.log('✅ 3. Cookie methods - RESTORED (getCookie, setCookie, deleteCookie)');
-    console.log('');
-    console.log('Backward Compatibility:');
-    console.log('✅ master.sessions.getCookie() - WORKS');
-    console.log('✅ master.sessions.setCookie() - WORKS');
-    console.log('✅ master.sessions.deleteCookie() - WORKS');
-    console.log('✅ master.sessions === master.session - ALIAS WORKS');
-    console.log('');
-    console.log('Status: 🎉 PRODUCTION READY');
-    process.exit(0);
-} catch (error) {
-    console.error('❌ TEST FAILED:', error.message);
-    console.error('');
-    console.error('Stack trace:');
-    console.error(error.stack);
-    process.exit(1);
-}