mcp-server-rocketchat-threads 1.0.0

package/dist/guards/input-validator.js

@@ -0,0 +1,266 @@
+"use strict";
+/**
+ * Input Validator - Validates and sanitizes input parameters
+ * Provides defense against injection attacks and malformed input
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.escapeHtml = exports.validateOffset = exports.validateLimit = exports.validateEmoji = exports.validateMessageText = exports.validateQuery = exports.validateUsername = exports.validateUserId = exports.validateMessageId = exports.validateRoomId = exports.InputValidator = exports.MAX_LENGTHS = void 0;
+const logger_js_1 = require("../utils/logger.js");
+const logger = (0, logger_js_1.getLogger)('InputValidator');
+/**
+ * Maximum lengths for various input types
+ */
+exports.MAX_LENGTHS = {
+    roomId: 64,
+    messageId: 64,
+    threadId: 64,
+    userId: 64,
+    username: 128,
+    query: 500,
+    messageText: 10000,
+    emoji: 64,
+};
+/**
+ * Patterns for valid input formats
+ */
+const VALID_PATTERNS = {
+    // RocketChat IDs are alphanumeric with some special chars
+    id: /^[a-zA-Z0-9_-]+$/,
+    // Usernames can contain letters, numbers, dots, hyphens, underscores
+    username: /^[a-zA-Z0-9._-]+$/,
+    // Emoji names are alphanumeric with underscores, wrapped in colons
+    emoji: /^:?[a-zA-Z0-9_+-]+:?$/,
+};
+/**
+ * Dangerous patterns to detect in input
+ */
+const DANGEROUS_PATTERNS = [
+    // MongoDB injection patterns
+    /\$where/i,
+    /\$gt/i,
+    /\$lt/i,
+    /\$ne/i,
+    /\$regex/i,
+    /\$or/i,
+    /\$and/i,
+    // NoSQL injection
+    /\{\s*['"]\$[a-z]+['"]/i,
+    // Script injection
+    /<script\b/i,
+    /javascript:/i,
+    /on\w+\s*=/i,
+    // Command injection
+    /[;&|`$]/,
+];
+/**
+ * Input validator class
+ */
+class InputValidator {
+    /**
+     * Validate a room ID
+     */
+    static validateRoomId(roomId) {
+        if (typeof roomId !== 'string') {
+            return { valid: false, error: 'Room ID must be a string' };
+        }
+        if (!roomId.trim()) {
+            return { valid: false, error: 'Room ID cannot be empty' };
+        }
+        if (roomId.length > exports.MAX_LENGTHS.roomId) {
+            return { valid: false, error: `Room ID exceeds maximum length of ${exports.MAX_LENGTHS.roomId}` };
+        }
+        // Check for dangerous patterns
+        if (this.containsDangerousPattern(roomId)) {
+            logger.warn('Dangerous pattern detected in room ID', { roomId: roomId.substring(0, 20) });
+            return { valid: false, error: 'Room ID contains invalid characters' };
+        }
+        return { valid: true, sanitized: roomId.trim() };
+    }
+    /**
+     * Validate a message ID
+     */
+    static validateMessageId(messageId) {
+        if (typeof messageId !== 'string') {
+            return { valid: false, error: 'Message ID must be a string' };
+        }
+        if (!messageId.trim()) {
+            return { valid: false, error: 'Message ID cannot be empty' };
+        }
+        if (messageId.length > exports.MAX_LENGTHS.messageId) {
+            return { valid: false, error: `Message ID exceeds maximum length of ${exports.MAX_LENGTHS.messageId}` };
+        }
+        if (!VALID_PATTERNS.id.test(messageId)) {
+            return { valid: false, error: 'Message ID contains invalid characters' };
+        }
+        return { valid: true, sanitized: messageId.trim() };
+    }
+    /**
+     * Validate a user ID
+     */
+    static validateUserId(userId) {
+        if (typeof userId !== 'string') {
+            return { valid: false, error: 'User ID must be a string' };
+        }
+        if (!userId.trim()) {
+            return { valid: false, error: 'User ID cannot be empty' };
+        }
+        if (userId.length > exports.MAX_LENGTHS.userId) {
+            return { valid: false, error: `User ID exceeds maximum length of ${exports.MAX_LENGTHS.userId}` };
+        }
+        if (!VALID_PATTERNS.id.test(userId)) {
+            return { valid: false, error: 'User ID contains invalid characters' };
+        }
+        return { valid: true, sanitized: userId.trim() };
+    }
+    /**
+     * Validate a username
+     */
+    static validateUsername(username) {
+        if (typeof username !== 'string') {
+            return { valid: false, error: 'Username must be a string' };
+        }
+        // Remove @ prefix if present
+        const cleaned = username.replace(/^@/, '').trim();
+        if (!cleaned) {
+            return { valid: false, error: 'Username cannot be empty' };
+        }
+        if (cleaned.length > exports.MAX_LENGTHS.username) {
+            return { valid: false, error: `Username exceeds maximum length of ${exports.MAX_LENGTHS.username}` };
+        }
+        if (!VALID_PATTERNS.username.test(cleaned)) {
+            return { valid: false, error: 'Username contains invalid characters' };
+        }
+        return { valid: true, sanitized: cleaned };
+    }
+    /**
+     * Validate a search query
+     */
+    static validateQuery(query) {
+        if (typeof query !== 'string') {
+            return { valid: false, error: 'Search query must be a string' };
+        }
+        if (!query.trim()) {
+            return { valid: false, error: 'Search query cannot be empty' };
+        }
+        if (query.length > exports.MAX_LENGTHS.query) {
+            return { valid: false, error: `Search query exceeds maximum length of ${exports.MAX_LENGTHS.query}` };
+        }
+        // Don't check for dangerous patterns in queries as they might be searching for code
+        // But do sanitize for display
+        return { valid: true, sanitized: query.trim() };
+    }
+    /**
+     * Validate message text
+     */
+    static validateMessageText(text) {
+        if (typeof text !== 'string') {
+            return { valid: false, error: 'Message text must be a string' };
+        }
+        if (!text.trim()) {
+            return { valid: false, error: 'Message text cannot be empty' };
+        }
+        if (text.length > exports.MAX_LENGTHS.messageText) {
+            return { valid: false, error: `Message text exceeds maximum length of ${exports.MAX_LENGTHS.messageText}` };
+        }
+        return { valid: true, sanitized: text };
+    }
+    /**
+     * Validate an emoji
+     */
+    static validateEmoji(emoji) {
+        if (typeof emoji !== 'string') {
+            return { valid: false, error: 'Emoji must be a string' };
+        }
+        const cleaned = emoji.trim();
+        if (!cleaned) {
+            return { valid: false, error: 'Emoji cannot be empty' };
+        }
+        if (cleaned.length > exports.MAX_LENGTHS.emoji) {
+            return { valid: false, error: `Emoji exceeds maximum length of ${exports.MAX_LENGTHS.emoji}` };
+        }
+        if (!VALID_PATTERNS.emoji.test(cleaned)) {
+            return { valid: false, error: 'Emoji contains invalid characters' };
+        }
+        return { valid: true, sanitized: cleaned };
+    }
+    /**
+     * Validate pagination limit
+     */
+    static validateLimit(limit, min = 1, max = 100, defaultValue = 50) {
+        if (limit === undefined || limit === null) {
+            return defaultValue;
+        }
+        const num = Number(limit);
+        if (isNaN(num)) {
+            return defaultValue;
+        }
+        return Math.max(min, Math.min(max, Math.floor(num)));
+    }
+    /**
+     * Validate pagination offset
+     */
+    static validateOffset(offset, defaultValue = 0) {
+        if (offset === undefined || offset === null) {
+            return defaultValue;
+        }
+        const num = Number(offset);
+        if (isNaN(num) || num < 0) {
+            return defaultValue;
+        }
+        return Math.floor(num);
+    }
+    /**
+     * Check if string contains dangerous patterns
+     */
+    static containsDangerousPattern(input) {
+        return DANGEROUS_PATTERNS.some(pattern => pattern.test(input));
+    }
+    /**
+     * Escape HTML entities for safe display
+     */
+    static escapeHtml(text) {
+        const htmlEntities = {
+            '&': '&amp;',
+            '<': '&lt;',
+            '>': '&gt;',
+            '"': '&quot;',
+            "'": '&#x27;',
+        };
+        return text.replace(/[&<>"']/g, char => htmlEntities[char] || char);
+    }
+    /**
+     * Validate and sanitize a generic string input
+     */
+    static validateString(value, fieldName, maxLength, required = true) {
+        if (value === undefined || value === null) {
+            if (required) {
+                return { valid: false, error: `${fieldName} is required` };
+            }
+            return { valid: true };
+        }
+        if (typeof value !== 'string') {
+            return { valid: false, error: `${fieldName} must be a string` };
+        }
+        const trimmed = value.trim();
+        if (required && !trimmed) {
+            return { valid: false, error: `${fieldName} cannot be empty` };
+        }
+        if (trimmed.length > maxLength) {
+            return { valid: false, error: `${fieldName} exceeds maximum length of ${maxLength}` };
+        }
+        return { valid: true, sanitized: trimmed };
+    }
+}
+exports.InputValidator = InputValidator;
+// Export singleton-like utility functions
+exports.validateRoomId = InputValidator.validateRoomId.bind(InputValidator);
+exports.validateMessageId = InputValidator.validateMessageId.bind(InputValidator);
+exports.validateUserId = InputValidator.validateUserId.bind(InputValidator);
+exports.validateUsername = InputValidator.validateUsername.bind(InputValidator);
+exports.validateQuery = InputValidator.validateQuery.bind(InputValidator);
+exports.validateMessageText = InputValidator.validateMessageText.bind(InputValidator);
+exports.validateEmoji = InputValidator.validateEmoji.bind(InputValidator);
+exports.validateLimit = InputValidator.validateLimit.bind(InputValidator);
+exports.validateOffset = InputValidator.validateOffset.bind(InputValidator);
+exports.escapeHtml = InputValidator.escapeHtml.bind(InputValidator);
+//# sourceMappingURL=input-validator.js.map

package/dist/guards/input-validator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"input-validator.js","sourceRoot":"","sources":["../../src/guards/input-validator.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,kDAA+C;AAE/C,MAAM,MAAM,GAAG,IAAA,qBAAS,EAAC,gBAAgB,CAAC,CAAC;AAW3C;;GAEG;AACU,QAAA,WAAW,GAAG;IACvB,MAAM,EAAE,EAAE;IACV,SAAS,EAAE,EAAE;IACb,QAAQ,EAAE,EAAE;IACZ,MAAM,EAAE,EAAE;IACV,QAAQ,EAAE,GAAG;IACb,KAAK,EAAE,GAAG;IACV,WAAW,EAAE,KAAK;IAClB,KAAK,EAAE,EAAE;CACH,CAAC;AAEX;;GAEG;AACH,MAAM,cAAc,GAAG;IACnB,0DAA0D;IAC1D,EAAE,EAAE,kBAAkB;IACtB,qEAAqE;IACrE,QAAQ,EAAE,mBAAmB;IAC7B,mEAAmE;IACnE,KAAK,EAAE,uBAAuB;CACxB,CAAC;AAEX;;GAEG;AACH,MAAM,kBAAkB,GAAG;IACvB,6BAA6B;IAC7B,UAAU;IACV,OAAO;IACP,OAAO;IACP,OAAO;IACP,UAAU;IACV,OAAO;IACP,QAAQ;IACR,kBAAkB;IAClB,wBAAwB;IACxB,mBAAmB;IACnB,YAAY;IACZ,cAAc;IACd,YAAY;IACZ,oBAAoB;IACpB,SAAS;CACZ,CAAC;AAEF;;GAEG;AACH,MAAa,cAAc;IACvB;;OAEG;IACH,MAAM,CAAC,cAAc,CAAC,MAAe;QACjC,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC7B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAC;QAC/D,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;YACjB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,yBAAyB,EAAE,CAAC;QAC9D,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,GAAG,mBAAW,CAAC,MAAM,EAAE,CAAC;YACrC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,qCAAqC,mBAAW,CAAC,MAAM,EAAE,EAAE,CAAC;QAC9F,CAAC;QAED,+BAA+B;QAC/B,IAAI,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,EAAE,CAAC;YACxC,MAAM,CAAC,IAAI,CAAC,uCAAuC,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;YAC1F,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,qCAAqC,EAAE,CAAC;QAC1E,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;IACrD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,iBAAiB,CAAC,SAAkB;QACvC,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;YAChC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,6BAA6B,EAAE,CAAC;QAClE,CAAC;QAED,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,EAAE,CAAC;YACpB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,4BAA4B,EAAE,CAAC;QACjE,CAAC;QAED,IAAI,SAAS,CAAC,MAAM,GAAG,mBAAW,CAAC,SAAS,EAAE,CAAC;YAC3C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,wCAAwC,mBAAW,CAAC,SAAS,EAAE,EAAE,CAAC;QACpG,CAAC;QAED,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;YACrC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,wCAAwC,EAAE,CAAC;QAC7E,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,IAAI,EAAE,EAAE,CAAC;IACxD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,cAAc,CAAC,MAAe;QACjC,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC7B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAC;QAC/D,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;YACjB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,yBAAyB,EAAE,CAAC;QAC9D,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,GAAG,mBAAW,CAAC,MAAM,EAAE,CAAC;YACrC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,qCAAqC,mBAAW,CAAC,MAAM,EAAE,EAAE,CAAC;QAC9F,CAAC;QAED,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YAClC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,qCAAqC,EAAE,CAAC;QAC1E,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;IACrD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,gBAAgB,CAAC,QAAiB;QACrC,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC/B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,2BAA2B,EAAE,CAAC;QAChE,CAAC;QAED,6BAA6B;QAC7B,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAElD,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAC;QAC/D,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,GAAG,mBAAW,CAAC,QAAQ,EAAE,CAAC;YACxC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,sCAAsC,mBAAW,CAAC,QAAQ,EAAE,EAAE,CAAC;QACjG,CAAC;QAED,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACzC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,sCAAsC,EAAE,CAAC;QAC3E,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,aAAa,CAAC,KAAc;QAC/B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC5B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,+BAA+B,EAAE,CAAC;QACpE,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;YAChB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,8BAA8B,EAAE,CAAC;QACnE,CAAC;QAED,IAAI,KAAK,CAAC,MAAM,GAAG,mBAAW,CAAC,KAAK,EAAE,CAAC;YACnC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,0CAA0C,mBAAW,CAAC,KAAK,EAAE,EAAE,CAAC;QAClG,CAAC;QAED,oFAAoF;QACpF,8BAA8B;QAC9B,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,mBAAmB,CAAC,IAAa;QACpC,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC3B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,+BAA+B,EAAE,CAAC;QACpE,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC;YACf,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,8BAA8B,EAAE,CAAC;QACnE,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,GAAG,mBAAW,CAAC,WAAW,EAAE,CAAC;YACxC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,0CAA0C,mBAAW,CAAC,WAAW,EAAE,EAAE,CAAC;QACxG,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,aAAa,CAAC,KAAc;QAC/B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC5B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,wBAAwB,EAAE,CAAC;QAC7D,CAAC;QAED,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;QAE7B,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC;QAC5D,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,GAAG,mBAAW,CAAC,KAAK,EAAE,CAAC;YACrC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,mCAAmC,mBAAW,CAAC,KAAK,EAAE,EAAE,CAAC;QAC3F,CAAC;QAED,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACtC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,mCAAmC,EAAE,CAAC;QACxE,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,aAAa,CAAC,KAAc,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,EAAE,YAAY,GAAG,EAAE;QACtE,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;YACxC,OAAO,YAAY,CAAC;QACxB,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;QAC1B,IAAI,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YACb,OAAO,YAAY,CAAC;QACxB,CAAC;QAED,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACzD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,cAAc,CAAC,MAAe,EAAE,YAAY,GAAG,CAAC;QACnD,IAAI,MAAM,KAAK,SAAS,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;YAC1C,OAAO,YAAY,CAAC;QACxB,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;QAC3B,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC;YACxB,OAAO,YAAY,CAAC;QACxB,CAAC;QAED,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,wBAAwB,CAAC,KAAa;QACjD,OAAO,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;IACnE,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,UAAU,CAAC,IAAY;QAC1B,MAAM,YAAY,GAA2B;YACzC,GAAG,EAAE,OAAO;YACZ,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,QAAQ;YACb,GAAG,EAAE,QAAQ;SAChB,CAAC;QACF,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC;IACxE,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,cAAc,CACjB,KAAc,EACd,SAAiB,EACjB,SAAiB,EACjB,QAAQ,GAAG,IAAI;QAEf,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;YACxC,IAAI,QAAQ,EAAE,CAAC;gBACX,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,SAAS,cAAc,EAAE,CAAC;YAC/D,CAAC;YACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC5B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,SAAS,mBAAmB,EAAE,CAAC;QACpE,CAAC;QAED,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;QAE7B,IAAI,QAAQ,IAAI,CAAC,OAAO,EAAE,CAAC;YACvB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,SAAS,kBAAkB,EAAE,CAAC;QACnE,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;YAC7B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,SAAS,8BAA8B,SAAS,EAAE,EAAE,CAAC;QAC1F,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC;IAC/C,CAAC;CACJ;AAxPD,wCAwPC;AAED,0CAA0C;AAC7B,QAAA,cAAc,GAAG,cAAc,CAAC,cAAc,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;AACpE,QAAA,iBAAiB,GAAG,cAAc,CAAC,iBAAiB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;AAC1E,QAAA,cAAc,GAAG,cAAc,CAAC,cAAc,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;AACpE,QAAA,gBAAgB,GAAG,cAAc,CAAC,gBAAgB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;AACxE,QAAA,aAAa,GAAG,cAAc,CAAC,aAAa,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;AAClE,QAAA,mBAAmB,GAAG,cAAc,CAAC,mBAAmB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;AAC9E,QAAA,aAAa,GAAG,cAAc,CAAC,aAAa,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;AAClE,QAAA,aAAa,GAAG,cAAc,CAAC,aAAa,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;AAClE,QAAA,cAAc,GAAG,cAAc,CAAC,cAAc,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;AACpE,QAAA,UAAU,GAAG,cAAc,CAAC,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC"}

package/dist/guards/rate-limiter.d.ts

@@ -0,0 +1,115 @@
+/**
+ * Rate Limiter - Prevents excessive API calls
+ * Uses a sliding window algorithm for rate limiting
+ */
+/**
+ * Rate limit configuration
+ */
+export interface RateLimitConfig {
+    /** Maximum number of requests allowed in the window */
+    maxRequests: number;
+    /** Window size in milliseconds */
+    windowMs: number;
+    /** Optional key prefix for namespacing */
+    keyPrefix?: string;
+}
+/**
+ * Rate limit check result
+ */
+export interface RateLimitResult {
+    allowed: boolean;
+    remaining: number;
+    resetAt: number;
+    retryAfterMs?: number;
+}
+/**
+ * Default rate limit configurations
+ */
+export declare const DEFAULT_LIMITS: {
+    /** General API calls */
+    readonly api: {
+        readonly maxRequests: 100;
+        readonly windowMs: 60000;
+    };
+    /** Write operations (send message, react) */
+    readonly write: {
+        readonly maxRequests: 20;
+        readonly windowMs: 60000;
+    };
+    /** Search operations */
+    readonly search: {
+        readonly maxRequests: 30;
+        readonly windowMs: 60000;
+    };
+    /** Heavy operations (list all, bulk operations) */
+    readonly heavy: {
+        readonly maxRequests: 10;
+        readonly windowMs: 60000;
+    };
+};
+/**
+ * Rate limiter class with sliding window algorithm
+ */
+export declare class RateLimiter {
+    private records;
+    private config;
+    private cleanupInterval;
+    constructor(config: RateLimitConfig);
+    /**
+     * Check if a request is allowed and record it
+     */
+    check(key: string): RateLimitResult;
+    /**
+     * Check without recording (peek)
+     */
+    peek(key: string): RateLimitResult;
+    /**
+     * Reset rate limit for a key
+     */
+    reset(key: string): void;
+    /**
+     * Reset all rate limits
+     */
+    resetAll(): void;
+    /**
+     * Get current configuration
+     */
+    getConfig(): RateLimitConfig;
+    /**
+     * Clean up old records
+     */
+    private cleanup;
+    /**
+     * Stop the cleanup interval
+     */
+    destroy(): void;
+}
+/**
+ * Rate limiter manager for multiple rate limit types
+ */
+export declare class RateLimiterManager {
+    private limiters;
+    /**
+     * Get or create a rate limiter
+     */
+    getLimiter(name: string, config?: RateLimitConfig): RateLimiter;
+    /**
+     * Check rate limit for a specific limiter type
+     */
+    check(limiterName: string, key: string): RateLimitResult;
+    /**
+     * Reset all limiters
+     */
+    resetAll(): void;
+    /**
+     * Destroy all limiters
+     */
+    destroy(): void;
+}
+export declare function getRateLimiterManager(): RateLimiterManager;
+export declare function resetRateLimiterManager(): void;
+export declare function checkRateLimit(limiterName: string, key: string): RateLimitResult;
+export declare function checkApiRateLimit(key: string): RateLimitResult;
+export declare function checkWriteRateLimit(key: string): RateLimitResult;
+export declare function checkSearchRateLimit(key: string): RateLimitResult;
+//# sourceMappingURL=rate-limiter.d.ts.map

package/dist/guards/rate-limiter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limiter.d.ts","sourceRoot":"","sources":["../../src/guards/rate-limiter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH;;GAEG;AACH,MAAM,WAAW,eAAe;IAC5B,uDAAuD;IACvD,WAAW,EAAE,MAAM,CAAC;IACpB,kCAAkC;IAClC,QAAQ,EAAE,MAAM,CAAC;IACjB,0CAA0C;IAC1C,SAAS,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;GAEG;AACH,eAAO,MAAM,cAAc;IACvB,wBAAwB;;;;;IAExB,6CAA6C;;;;;IAE7C,wBAAwB;;;;;IAExB,mDAAmD;;;;;CAE7C,CAAC;AASX;;GAEG;AACH,qBAAa,WAAW;IACpB,OAAO,CAAC,OAAO,CAAyC;IACxD,OAAO,CAAC,MAAM,CAAkB;IAChC,OAAO,CAAC,eAAe,CAA+B;gBAE1C,MAAM,EAAE,eAAe;IAOnC;;OAEG;IACH,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe;IAgDnC;;OAEG;IACH,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe;IA6BlC;;OAEG;IACH,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAKxB;;OAEG;IACH,QAAQ,IAAI,IAAI;IAIhB;;OAEG;IACH,SAAS,IAAI,eAAe;IAI5B;;OAEG;IACH,OAAO,CAAC,OAAO;IAYf;;OAEG;IACH,OAAO,IAAI,IAAI;CAOlB;AAED;;GAEG;AACH,qBAAa,kBAAkB;IAC3B,OAAO,CAAC,QAAQ,CAAuC;IAEvD;;OAEG;IACH,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,eAAe,GAAG,WAAW;IAW/D;;OAEG;IACH,KAAK,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,eAAe;IAKxD;;OAEG;IACH,QAAQ,IAAI,IAAI;IAMhB;;OAEG;IACH,OAAO,IAAI,IAAI;CAMlB;AAKD,wBAAgB,qBAAqB,IAAI,kBAAkB,CAK1D;AAED,wBAAgB,uBAAuB,IAAI,IAAI,CAK9C;AAGD,wBAAgB,cAAc,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,eAAe,CAEhF;AAED,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe,CAE9D;AAED,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe,CAEhE;AAED,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe,CAEjE"}

package/dist/guards/rate-limiter.js

@@ -0,0 +1,226 @@
+"use strict";
+/**
+ * Rate Limiter - Prevents excessive API calls
+ * Uses a sliding window algorithm for rate limiting
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RateLimiterManager = exports.RateLimiter = exports.DEFAULT_LIMITS = void 0;
+exports.getRateLimiterManager = getRateLimiterManager;
+exports.resetRateLimiterManager = resetRateLimiterManager;
+exports.checkRateLimit = checkRateLimit;
+exports.checkApiRateLimit = checkApiRateLimit;
+exports.checkWriteRateLimit = checkWriteRateLimit;
+exports.checkSearchRateLimit = checkSearchRateLimit;
+const logger_js_1 = require("../utils/logger.js");
+const logger = (0, logger_js_1.getLogger)('RateLimiter');
+/**
+ * Default rate limit configurations
+ */
+exports.DEFAULT_LIMITS = {
+    /** General API calls */
+    api: { maxRequests: 100, windowMs: 60000 },
+    /** Write operations (send message, react) */
+    write: { maxRequests: 20, windowMs: 60000 },
+    /** Search operations */
+    search: { maxRequests: 30, windowMs: 60000 },
+    /** Heavy operations (list all, bulk operations) */
+    heavy: { maxRequests: 10, windowMs: 60000 },
+};
+/**
+ * Rate limiter class with sliding window algorithm
+ */
+class RateLimiter {
+    records = new Map();
+    config;
+    cleanupInterval = null;
+    constructor(config) {
+        this.config = config;
+        // Cleanup old records every minute
+        this.cleanupInterval = setInterval(() => this.cleanup(), 60000);
+    }
+    /**
+     * Check if a request is allowed and record it
+     */
+    check(key) {
+        const fullKey = this.config.keyPrefix ? `${this.config.keyPrefix}:${key}` : key;
+        const now = Date.now();
+        const windowStart = now - this.config.windowMs;
+        // Get or create record
+        let record = this.records.get(fullKey);
+        if (!record) {
+            record = { timestamps: [] };
+            this.records.set(fullKey, record);
+        }
+        // Remove timestamps outside the window
+        record.timestamps = record.timestamps.filter(ts => ts > windowStart);
+        const currentCount = record.timestamps.length;
+        const remaining = Math.max(0, this.config.maxRequests - currentCount);
+        const resetAt = record.timestamps.length > 0
+            ? record.timestamps[0] + this.config.windowMs
+            : now + this.config.windowMs;
+        if (currentCount >= this.config.maxRequests) {
+            const retryAfterMs = resetAt - now;
+            logger.debug('Rate limit exceeded', {
+                key: fullKey,
+                currentCount,
+                maxRequests: this.config.maxRequests,
+                retryAfterMs
+            });
+            return {
+                allowed: false,
+                remaining: 0,
+                resetAt,
+                retryAfterMs
+            };
+        }
+        // Record this request
+        record.timestamps.push(now);
+        return {
+            allowed: true,
+            remaining: remaining - 1,
+            resetAt
+        };
+    }
+    /**
+     * Check without recording (peek)
+     */
+    peek(key) {
+        const fullKey = this.config.keyPrefix ? `${this.config.keyPrefix}:${key}` : key;
+        const now = Date.now();
+        const windowStart = now - this.config.windowMs;
+        const record = this.records.get(fullKey);
+        if (!record) {
+            return {
+                allowed: true,
+                remaining: this.config.maxRequests,
+                resetAt: now + this.config.windowMs
+            };
+        }
+        const validTimestamps = record.timestamps.filter(ts => ts > windowStart);
+        const currentCount = validTimestamps.length;
+        const remaining = Math.max(0, this.config.maxRequests - currentCount);
+        const resetAt = validTimestamps.length > 0
+            ? validTimestamps[0] + this.config.windowMs
+            : now + this.config.windowMs;
+        return {
+            allowed: currentCount < this.config.maxRequests,
+            remaining,
+            resetAt,
+            retryAfterMs: currentCount >= this.config.maxRequests ? resetAt - now : undefined
+        };
+    }
+    /**
+     * Reset rate limit for a key
+     */
+    reset(key) {
+        const fullKey = this.config.keyPrefix ? `${this.config.keyPrefix}:${key}` : key;
+        this.records.delete(fullKey);
+    }
+    /**
+     * Reset all rate limits
+     */
+    resetAll() {
+        this.records.clear();
+    }
+    /**
+     * Get current configuration
+     */
+    getConfig() {
+        return { ...this.config };
+    }
+    /**
+     * Clean up old records
+     */
+    cleanup() {
+        const now = Date.now();
+        const windowStart = now - this.config.windowMs;
+        for (const [key, record] of this.records.entries()) {
+            record.timestamps = record.timestamps.filter(ts => ts > windowStart);
+            if (record.timestamps.length === 0) {
+                this.records.delete(key);
+            }
+        }
+    }
+    /**
+     * Stop the cleanup interval
+     */
+    destroy() {
+        if (this.cleanupInterval) {
+            clearInterval(this.cleanupInterval);
+            this.cleanupInterval = null;
+        }
+        this.records.clear();
+    }
+}
+exports.RateLimiter = RateLimiter;
+/**
+ * Rate limiter manager for multiple rate limit types
+ */
+class RateLimiterManager {
+    limiters = new Map();
+    /**
+     * Get or create a rate limiter
+     */
+    getLimiter(name, config) {
+        if (this.limiters.has(name)) {
+            return this.limiters.get(name);
+        }
+        const limiterConfig = config || exports.DEFAULT_LIMITS[name] || exports.DEFAULT_LIMITS.api;
+        const limiter = new RateLimiter({ ...limiterConfig, keyPrefix: name });
+        this.limiters.set(name, limiter);
+        return limiter;
+    }
+    /**
+     * Check rate limit for a specific limiter type
+     */
+    check(limiterName, key) {
+        const limiter = this.getLimiter(limiterName);
+        return limiter.check(key);
+    }
+    /**
+     * Reset all limiters
+     */
+    resetAll() {
+        for (const limiter of this.limiters.values()) {
+            limiter.resetAll();
+        }
+    }
+    /**
+     * Destroy all limiters
+     */
+    destroy() {
+        for (const limiter of this.limiters.values()) {
+            limiter.destroy();
+        }
+        this.limiters.clear();
+    }
+}
+exports.RateLimiterManager = RateLimiterManager;
+// Singleton instance
+let managerInstance = null;
+function getRateLimiterManager() {
+    if (!managerInstance) {
+        managerInstance = new RateLimiterManager();
+    }
+    return managerInstance;
+}
+function resetRateLimiterManager() {
+    if (managerInstance) {
+        managerInstance.destroy();
+        managerInstance = null;
+    }
+}
+// Convenience functions
+function checkRateLimit(limiterName, key) {
+    return getRateLimiterManager().check(limiterName, key);
+}
+function checkApiRateLimit(key) {
+    return getRateLimiterManager().check('api', key);
+}
+function checkWriteRateLimit(key) {
+    return getRateLimiterManager().check('write', key);
+}
+function checkSearchRateLimit(key) {
+    return getRateLimiterManager().check('search', key);
+}
+//# sourceMappingURL=rate-limiter.js.map

package/dist/guards/rate-limiter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limiter.js","sourceRoot":"","sources":["../../src/guards/rate-limiter.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAuPH,sDAKC;AAED,0DAKC;AAGD,wCAEC;AAED,8CAEC;AAED,kDAEC;AAED,oDAEC;AAlRD,kDAA+C;AAE/C,MAAM,MAAM,GAAG,IAAA,qBAAS,EAAC,aAAa,CAAC,CAAC;AAwBxC;;GAEG;AACU,QAAA,cAAc,GAAG;IAC1B,wBAAwB;IACxB,GAAG,EAAE,EAAE,WAAW,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE;IAC1C,6CAA6C;IAC7C,KAAK,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;IAC3C,wBAAwB;IACxB,MAAM,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;IAC5C,mDAAmD;IACnD,KAAK,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;CACrC,CAAC;AASX;;GAEG;AACH,MAAa,WAAW;IACZ,OAAO,GAA+B,IAAI,GAAG,EAAE,CAAC;IAChD,MAAM,CAAkB;IACxB,eAAe,GAA0B,IAAI,CAAC;IAEtD,YAAY,MAAuB;QAC/B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAErB,mCAAmC;QACnC,IAAI,CAAC,eAAe,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,KAAK,CAAC,CAAC;IACpE,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAW;QACb,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;QAChF,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,WAAW,GAAG,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QAE/C,uBAAuB;QACvB,IAAI,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvC,IAAI,CAAC,MAAM,EAAE,CAAC;YACV,MAAM,GAAG,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;YAC5B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QACtC,CAAC;QAED,uCAAuC;QACvC,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,WAAW,CAAC,CAAC;QAErE,MAAM,YAAY,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC;QAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,YAAY,CAAC,CAAC;QACtE,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC;YACxC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC7C,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QAEjC,IAAI,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC1C,MAAM,YAAY,GAAG,OAAO,GAAG,GAAG,CAAC;YACnC,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE;gBAChC,GAAG,EAAE,OAAO;gBACZ,YAAY;gBACZ,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,YAAY;aACf,CAAC,CAAC;YAEH,OAAO;gBACH,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,CAAC;gBACZ,OAAO;gBACP,YAAY;aACf,CAAC;QACN,CAAC;QAED,sBAAsB;QACtB,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAE5B,OAAO;YACH,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,SAAS,GAAG,CAAC;YACxB,OAAO;SACV,CAAC;IACN,CAAC;IAED;;OAEG;IACH,IAAI,CAAC,GAAW;QACZ,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;QAChF,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,WAAW,GAAG,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QAE/C,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACzC,IAAI,CAAC,MAAM,EAAE,CAAC;YACV,OAAO;gBACH,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBAClC,OAAO,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ;aACtC,CAAC;QACN,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,WAAW,CAAC,CAAC;QACzE,MAAM,YAAY,GAAG,eAAe,CAAC,MAAM,CAAC;QAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,YAAY,CAAC,CAAC;QACtE,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,GAAG,CAAC;YACtC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC3C,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QAEjC,OAAO;YACH,OAAO,EAAE,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW;YAC/C,SAAS;YACT,OAAO;YACP,YAAY,EAAE,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,SAAS;SACpF,CAAC;IACN,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAW;QACb,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;QAChF,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED;;OAEG;IACH,QAAQ;QACJ,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,SAAS;QACL,OAAO,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;IAC9B,CAAC;IAED;;OAEG;IACK,OAAO;QACX,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,WAAW,GAAG,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QAE/C,KAAK,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;YACjD,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,WAAW,CAAC,CAAC;YACrE,IAAI,MAAM,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACjC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7B,CAAC;QACL,CAAC;IACL,CAAC;IAED;;OAEG;IACH,OAAO;QACH,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACvB,aAAa,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YACpC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC;QAChC,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;CACJ;AA9ID,kCA8IC;AAED;;GAEG;AACH,MAAa,kBAAkB;IACnB,QAAQ,GAA6B,IAAI,GAAG,EAAE,CAAC;IAEvD;;OAEG;IACH,UAAU,CAAC,IAAY,EAAE,MAAwB;QAC7C,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1B,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAE,CAAC;QACpC,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,IAAI,sBAAc,CAAC,IAAmC,CAAC,IAAI,sBAAc,CAAC,GAAG,CAAC;QAC1G,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,EAAE,GAAG,aAAa,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACvE,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACjC,OAAO,OAAO,CAAC;IACnB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAmB,EAAE,GAAW;QAClC,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QAC7C,OAAO,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,QAAQ;QACJ,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC;YAC3C,OAAO,CAAC,QAAQ,EAAE,CAAC;QACvB,CAAC;IACL,CAAC;IAED;;OAEG;IACH,OAAO;QACH,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC;YAC3C,OAAO,CAAC,OAAO,EAAE,CAAC;QACtB,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;IAC1B,CAAC;CACJ;AA3CD,gDA2CC;AAED,qBAAqB;AACrB,IAAI,eAAe,GAA8B,IAAI,CAAC;AAEtD,SAAgB,qBAAqB;IACjC,IAAI,CAAC,eAAe,EAAE,CAAC;QACnB,eAAe,GAAG,IAAI,kBAAkB,EAAE,CAAC;IAC/C,CAAC;IACD,OAAO,eAAe,CAAC;AAC3B,CAAC;AAED,SAAgB,uBAAuB;IACnC,IAAI,eAAe,EAAE,CAAC;QAClB,eAAe,CAAC,OAAO,EAAE,CAAC;QAC1B,eAAe,GAAG,IAAI,CAAC;IAC3B,CAAC;AACL,CAAC;AAED,wBAAwB;AACxB,SAAgB,cAAc,CAAC,WAAmB,EAAE,GAAW;IAC3D,OAAO,qBAAqB,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;AAC3D,CAAC;AAED,SAAgB,iBAAiB,CAAC,GAAW;IACzC,OAAO,qBAAqB,EAAE,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AACrD,CAAC;AAED,SAAgB,mBAAmB,CAAC,GAAW;IAC3C,OAAO,qBAAqB,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;AACvD,CAAC;AAED,SAAgB,oBAAoB,CAAC,GAAW;IAC5C,OAAO,qBAAqB,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;AACxD,CAAC"}

package/dist/guards/sanitizer.d.ts

@@ -0,0 +1,35 @@
+/**
+ * Message Sanitizer - Neutralizes dangerous mentions and patterns
+ * Prevents accidental mass notifications (@all, @here, @channel)
+ */
+export interface SanitizeResult {
+    text: string;
+    modified: boolean;
+    neutralized: string[];
+}
+export declare class MessageSanitizer {
+    private blockMentions;
+    private blockedMentions;
+    constructor();
+    /**
+     * Sanitize message text
+     */
+    sanitize(text: string): SanitizeResult;
+    /**
+     * Check if text contains dangerous patterns without modifying
+     */
+    check(text: string): {
+        hasDangerousPatterns: boolean;
+        patterns: string[];
+    };
+    /**
+     * Get current configuration
+     */
+    getConfig(): {
+        blockMentions: boolean;
+        blockedMentions: string[];
+    };
+}
+export declare function getSanitizer(): MessageSanitizer;
+export declare function resetSanitizer(): void;
+//# sourceMappingURL=sanitizer.d.ts.map

package/dist/guards/sanitizer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitizer.d.ts","sourceRoot":"","sources":["../../src/guards/sanitizer.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,MAAM,WAAW,cAAc;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,MAAM,EAAE,CAAC;CACzB;AAkBD,qBAAa,gBAAgB;IACzB,OAAO,CAAC,aAAa,CAAU;IAC/B,OAAO,CAAC,eAAe,CAAW;;IAQlC;;OAEG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,cAAc;IAmCtC;;OAEG;IACH,KAAK,CAAC,IAAI,EAAE,MAAM,GAAG;QAAE,oBAAoB,EAAE,OAAO,CAAC;QAAC,QAAQ,EAAE,MAAM,EAAE,CAAA;KAAE;IAuB1E;;OAEG;IACH,SAAS,IAAI;QAAE,aAAa,EAAE,OAAO,CAAC;QAAC,eAAe,EAAE,MAAM,EAAE,CAAA;KAAE;CAMrE;AAKD,wBAAgB,YAAY,IAAI,gBAAgB,CAK/C;AAED,wBAAgB,cAAc,IAAI,IAAI,CAErC"}