mcp-wordpress 1.5.2 → 2.0.0

package/dist/utils/streaming.js

@@ -0,0 +1,312 @@
+/**
+ * Streaming utilities for handling large result sets
+ * Implements streaming responses for better performance and memory usage
+ */
+/**
+ * Creates a streaming response for large datasets
+ */
+export class DataStreamer {
+    batchSize;
+    delay;
+    transformItem;
+    filterItem;
+    constructor(options = {}) {
+        this.batchSize = options.batchSize || 50;
+        this.delay = options.delay || 0;
+        this.transformItem = options.transformItem || undefined;
+        this.filterItem = options.filterItem || undefined;
+    }
+    /**
+     * Processes data in batches with streaming
+     */
+    async *streamBatches(data, processor) {
+        const total = data.length;
+        let processed = 0;
+        for (let i = 0; i < data.length; i += this.batchSize) {
+            const batch = data.slice(i, i + this.batchSize);
+            // Apply filtering if provided
+            const filteredBatch = this.filterItem ? batch.filter(this.filterItem) : batch;
+            // Process the batch
+            const processedBatch = await processor(filteredBatch);
+            // Apply transformation if provided
+            const transformedBatch = this.transformItem
+                ? processedBatch.map((item) => this.transformItem(item))
+                : processedBatch;
+            processed += batch.length;
+            const hasMore = processed < total;
+            yield {
+                data: transformedBatch,
+                hasMore,
+                cursor: hasMore ? String(i + this.batchSize) : undefined,
+                total,
+                processed,
+            };
+            // Add delay between batches if specified
+            if (this.delay > 0 && hasMore) {
+                await new Promise((resolve) => setTimeout(resolve, this.delay));
+            }
+        }
+    }
+    /**
+     * Processes large datasets with pagination
+     */
+    async *streamPages(fetcher, processor) {
+        let page = 1;
+        let totalProcessed = 0;
+        while (true) {
+            const result = await fetcher(page, this.batchSize);
+            if (result.data.length === 0) {
+                break;
+            }
+            // Apply filtering if provided
+            const filteredData = this.filterItem ? result.data.filter(this.filterItem) : result.data;
+            // Process the data
+            const processedData = await processor(filteredData);
+            // Apply transformation if provided
+            const transformedData = this.transformItem
+                ? processedData.map((item) => this.transformItem(item))
+                : processedData;
+            totalProcessed += result.data.length;
+            yield {
+                data: transformedData,
+                hasMore: result.hasMore,
+                cursor: result.hasMore ? String(page + 1) : undefined,
+                total: undefined, // Unknown for paginated results
+                processed: totalProcessed,
+            };
+            if (!result.hasMore) {
+                break;
+            }
+            page++;
+            // Add delay between pages if specified
+            if (this.delay > 0) {
+                await new Promise((resolve) => setTimeout(resolve, this.delay));
+            }
+        }
+    }
+}
+/**
+ * Streaming formatter for WordPress data
+ */
+export class WordPressDataStreamer {
+    /**
+     * Streams WordPress posts with author and taxonomy information
+     */
+    static async *streamPosts(posts, options = {}) {
+        const streamer = new DataStreamer({
+            batchSize: options.batchSize || 20,
+            transformItem: (post) => ({
+                id: post.id,
+                title: post.title?.rendered || "Untitled",
+                excerpt: post.excerpt?.rendered
+                    ? post.excerpt.rendered.replace(/<[^>]*>/g, "").substring(0, 150) + "..."
+                    : "No excerpt",
+                status: post.status,
+                date: new Date(post.date).toLocaleDateString(),
+                link: post.link,
+                author: options.includeAuthor ? post.author : undefined,
+                categories: options.includeCategories ? post.categories : undefined,
+                tags: options.includeTags ? post.tags : undefined,
+            }),
+            filterItem: (post) => post.status !== "trash", // Filter out trashed posts
+        });
+        const processor = async (batch) => {
+            // Simulate processing time for large datasets
+            await new Promise((resolve) => setTimeout(resolve, 10));
+            return batch;
+        };
+        for await (const result of streamer.streamBatches(posts, processor)) {
+            yield result;
+        }
+    }
+    /**
+     * Streams WordPress users with role information
+     */
+    static async *streamUsers(users, options = {}) {
+        const streamer = new DataStreamer({
+            batchSize: options.batchSize || 30,
+            transformItem: (user) => ({
+                id: user.id,
+                name: user.name || "No name",
+                username: user.slug || "unknown",
+                email: user.email || "No email",
+                roles: options.includeRoles ? user.roles : undefined,
+                capabilities: options.includeCapabilities ? Object.keys(user.capabilities || {}) : undefined,
+                registeredDate: user.registered_date ? new Date(user.registered_date).toLocaleDateString() : "Unknown",
+            }),
+        });
+        const processor = async (batch) => {
+            // Add user processing logic here if needed
+            return batch;
+        };
+        for await (const result of streamer.streamBatches(users, processor)) {
+            yield result;
+        }
+    }
+    /**
+     * Streams WordPress comments with moderation status
+     */
+    static async *streamComments(comments, options = {}) {
+        const streamer = new DataStreamer({
+            batchSize: options.batchSize || 40,
+            transformItem: (comment) => ({
+                id: comment.id,
+                content: comment.content?.rendered
+                    ? comment.content.rendered.replace(/<[^>]*>/g, "").substring(0, 200) + "..."
+                    : "No content",
+                status: comment.status,
+                date: new Date(comment.date).toLocaleDateString(),
+                author: options.includeAuthor
+                    ? {
+                        name: comment.author_name,
+                        email: comment.author_email,
+                        url: comment.author_url,
+                    }
+                    : undefined,
+                post: options.includePost ? comment.post : undefined,
+            }),
+            filterItem: (comment) => comment.status !== "spam", // Filter out spam comments
+        });
+        const processor = async (batch) => {
+            // Add comment processing logic here if needed
+            return batch;
+        };
+        for await (const result of streamer.streamBatches(comments, processor)) {
+            yield result;
+        }
+    }
+}
+/**
+ * Utility functions for streaming responses
+ */
+export class StreamingUtils {
+    /**
+     * Formats streaming results for display
+     */
+    static formatStreamingResponse(results, type = "posts") {
+        const allData = results.flatMap((result) => result.data);
+        const totalProcessed = results[results.length - 1]?.processed || 0;
+        const hasMore = results[results.length - 1]?.hasMore || false;
+        const typeEmojis = {
+            posts: "📄",
+            users: "👥",
+            comments: "💬",
+            media: "📎",
+        };
+        const emoji = typeEmojis[type];
+        const typeName = type.charAt(0).toUpperCase() + type.slice(1);
+        let response = `${emoji} **${typeName} Results** (Streamed)\n\n`;
+        response += `📊 **Summary**: ${allData.length} items displayed, ${totalProcessed} processed total\n`;
+        if (hasMore) {
+            response += `⏳ **Status**: More data available (streaming in progress)\n`;
+        }
+        else {
+            response += `✅ **Status**: Complete\n`;
+        }
+        response += `🕐 **Retrieved**: ${new Date().toLocaleString()}\n\n`;
+        // Format individual items
+        allData.forEach((item, index) => {
+            response += `${index + 1}. **${item.title || item.name || item.content?.substring(0, 50) || "Item"}**\n`;
+            if (item.excerpt)
+                response += `   📝 ${item.excerpt}\n`;
+            if (item.email)
+                response += `   📧 ${item.email}\n`;
+            if (item.status)
+                response += `   🏷️ Status: ${item.status}\n`;
+            if (item.date)
+                response += `   📅 Date: ${item.date}\n`;
+            response += "\n";
+        });
+        return response;
+    }
+    /**
+     * Implements progressive loading for large datasets
+     */
+    static async loadProgressively(fetcher, options = {}) {
+        const initialLoad = options.initialLoad || 50;
+        const batchSize = options.batchSize || 25;
+        const maxItems = options.maxItems || 1000;
+        const results = [];
+        let offset = 0;
+        let hasMore = true;
+        // Initial load
+        const initialBatch = await fetcher(offset, initialLoad);
+        results.push(...initialBatch);
+        offset += initialLoad;
+        if (options.onProgress) {
+            options.onProgress(results.length);
+        }
+        // Progressive loading
+        while (hasMore && results.length < maxItems) {
+            const batch = await fetcher(offset, batchSize);
+            if (batch.length === 0) {
+                hasMore = false;
+                break;
+            }
+            results.push(...batch);
+            offset += batchSize;
+            if (options.onProgress) {
+                options.onProgress(results.length, maxItems);
+            }
+            // Small delay to prevent overwhelming the server
+            await new Promise((resolve) => setTimeout(resolve, 100));
+        }
+        return results.slice(0, maxItems);
+    }
+}
+/**
+ * Memory-efficient data processor
+ */
+export class MemoryEfficientProcessor {
+    /**
+     * Processes large datasets with memory monitoring
+     */
+    static async processLargeDataset(dataProvider, processor, options = {}) {
+        const maxMemory = options.maxMemoryUsage || 100; // 100MB default
+        const batchSize = options.batchSize || 50;
+        const results = [];
+        let processed = 0;
+        for await (const batch of dataProvider()) {
+            // Check memory usage
+            const memoryUsage = process.memoryUsage();
+            const memoryUsageMB = memoryUsage.heapUsed / 1024 / 1024;
+            if (memoryUsageMB > maxMemory) {
+                // If memory usage is too high, process in smaller batches
+                const smallerBatches = this.chunkArray(batch, Math.floor(batchSize / 2));
+                for (const smallBatch of smallerBatches) {
+                    const processed_batch = await processor(smallBatch);
+                    results.push(...processed_batch);
+                    processed += smallBatch.length;
+                    if (options.onProgress) {
+                        options.onProgress(processed);
+                    }
+                    // Force garbage collection if available
+                    if (global.gc) {
+                        global.gc();
+                    }
+                }
+            }
+            else {
+                // Normal processing
+                const processed_batch = await processor(batch);
+                results.push(...processed_batch);
+                processed += batch.length;
+                if (options.onProgress) {
+                    options.onProgress(processed);
+                }
+            }
+        }
+        return results;
+    }
+    /**
+     * Helper method to split arrays into chunks
+     */
+    static chunkArray(array, chunkSize) {
+        const chunks = [];
+        for (let i = 0; i < array.length; i += chunkSize) {
+            chunks.push(array.slice(i, i + chunkSize));
+        }
+        return chunks;
+    }
+}
+//# sourceMappingURL=streaming.js.map

package/dist/utils/streaming.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"streaming.js","sourceRoot":"","sources":["../../src/utils/streaming.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAmBH;;GAEG;AACH,MAAM,OAAO,YAAY;IACf,SAAS,CAAS;IAClB,KAAK,CAAS;IACd,aAAa,CAAiC;IAC9C,UAAU,CAAqC;IAEvD,YAAY,UAA4B,EAAE;QACxC,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC;QACzC,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,CAAC,CAAC;QAChC,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,SAAS,CAAC;QACxD,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,SAAS,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,CAAC,aAAa,CAClB,IAAS,EACT,SAAuC;QAEvC,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC;QAC1B,IAAI,SAAS,GAAG,CAAC,CAAC;QAElB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACrD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;YAEhD,8BAA8B;YAC9B,MAAM,aAAa,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;YAE9E,oBAAoB;YACpB,MAAM,cAAc,GAAG,MAAM,SAAS,CAAC,aAAa,CAAC,CAAC;YAEtD,mCAAmC;YACnC,MAAM,gBAAgB,GAAG,IAAI,CAAC,aAAa;gBACzC,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,IAAS,EAAE,EAAE,CAAC,IAAI,CAAC,aAAc,CAAC,IAAI,CAAC,CAAC;gBAC9D,CAAC,CAAC,cAAc,CAAC;YAEnB,SAAS,IAAI,KAAK,CAAC,MAAM,CAAC;YAC1B,MAAM,OAAO,GAAG,SAAS,GAAG,KAAK,CAAC;YAElC,MAAM;gBACJ,IAAI,EAAE,gBAAgB;gBACtB,OAAO;gBACP,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS;gBACxD,KAAK;gBACL,SAAS;aACV,CAAC;YAEF,yCAAyC;YACzC,IAAI,IAAI,CAAC,KAAK,GAAG,CAAC,IAAI,OAAO,EAAE,CAAC;gBAC9B,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,CAAC,WAAW,CAChB,OAAoF,EACpF,SAAuC;QAEvC,IAAI,IAAI,GAAG,CAAC,CAAC;QACb,IAAI,cAAc,GAAG,CAAC,CAAC;QAEvB,OAAO,IAAI,EAAE,CAAC;YACZ,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;YAEnD,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC7B,MAAM;YACR,CAAC;YAED,8BAA8B;YAC9B,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC;YAEzF,mBAAmB;YACnB,MAAM,aAAa,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,CAAC;YAEpD,mCAAmC;YACnC,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa;gBACxC,CAAC,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,IAAS,EAAE,EAAE,CAAC,IAAI,CAAC,aAAc,CAAC,IAAI,CAAC,CAAC;gBAC7D,CAAC,CAAC,aAAa,CAAC;YAElB,cAAc,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC;YAErC,MAAM;gBACJ,IAAI,EAAE,eAAe;gBACrB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;gBACrD,KAAK,EAAE,SAAS,EAAE,gCAAgC;gBAClD,SAAS,EAAE,cAAc;aAC1B,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM;YACR,CAAC;YAED,IAAI,EAAE,CAAC;YAEP,uCAAuC;YACvC,IAAI,IAAI,CAAC,KAAK,GAAG,CAAC,EAAE,CAAC;gBACnB,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,qBAAqB;IAChC;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,CAAC,WAAW,CACvB,KAAY,EACZ,UAKI,EAAE;QAEN,MAAM,QAAQ,GAAG,IAAI,YAAY,CAAM;YACrC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,EAAE;YAClC,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;gBACxB,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,QAAQ,IAAI,UAAU;gBACzC,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,QAAQ;oBAC7B,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,KAAK;oBACzE,CAAC,CAAC,YAAY;gBAChB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,IAAI,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,kBAAkB,EAAE;gBAC9C,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,MAAM,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;gBACvD,UAAU,EAAE,OAAO,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;gBACnE,IAAI,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;aAClD,CAAC;YACF,UAAU,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,KAAK,OAAO,EAAE,2BAA2B;SAC3E,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,KAAK,EAAE,KAAY,EAAE,EAAE;YACvC,8CAA8C;YAC9C,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;YACxD,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF,IAAI,KAAK,EAAE,MAAM,MAAM,IAAI,QAAQ,CAAC,aAAa,CAAC,KAAK,EAAE,SAAS,CAAC,EAAE,CAAC;YACpE,MAAM,MAAM,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,CAAC,WAAW,CACvB,KAAY,EACZ,UAII,EAAE;QAEN,MAAM,QAAQ,GAAG,IAAI,YAAY,CAAM;YACrC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,EAAE;YAClC,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;gBACxB,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,SAAS;gBAC5B,QAAQ,EAAE,IAAI,CAAC,IAAI,IAAI,SAAS;gBAChC,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,UAAU;gBAC/B,KAAK,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;gBACpD,YAAY,EAAE,OAAO,CAAC,mBAAmB,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;gBAC5F,cAAc,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,kBAAkB,EAAE,CAAC,CAAC,CAAC,SAAS;aACvG,CAAC;SACH,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,KAAK,EAAE,KAAY,EAAE,EAAE;YACvC,2CAA2C;YAC3C,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF,IAAI,KAAK,EAAE,MAAM,MAAM,IAAI,QAAQ,CAAC,aAAa,CAAC,KAAK,EAAE,SAAS,CAAC,EAAE,CAAC;YACpE,MAAM,MAAM,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,CAAC,cAAc,CAC1B,QAAe,EACf,UAII,EAAE;QAEN,MAAM,QAAQ,GAAG,IAAI,YAAY,CAAM;YACrC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,EAAE;YAClC,aAAa,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;gBAC3B,EAAE,EAAE,OAAO,CAAC,EAAE;gBACd,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,QAAQ;oBAChC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,KAAK;oBAC5E,CAAC,CAAC,YAAY;gBAChB,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,IAAI,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,kBAAkB,EAAE;gBACjD,MAAM,EAAE,OAAO,CAAC,aAAa;oBAC3B,CAAC,CAAC;wBACE,IAAI,EAAE,OAAO,CAAC,WAAW;wBACzB,KAAK,EAAE,OAAO,CAAC,YAAY;wBAC3B,GAAG,EAAE,OAAO,CAAC,UAAU;qBACxB;oBACH,CAAC,CAAC,SAAS;gBACb,IAAI,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;aACrD,CAAC;YACF,UAAU,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE,2BAA2B;SAChF,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,KAAK,EAAE,KAAY,EAAE,EAAE;YACvC,8CAA8C;YAC9C,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF,IAAI,KAAK,EAAE,MAAM,MAAM,IAAI,QAAQ,CAAC,aAAa,CAAC,QAAQ,EAAE,SAAS,CAAC,EAAE,CAAC;YACvE,MAAM,MAAM,CAAC;QACf,CAAC;IACH,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,cAAc;IACzB;;OAEG;IACH,MAAM,CAAC,uBAAuB,CAC5B,OAA+B,EAC/B,OAAiD,OAAO;QAExD,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACzD,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,SAAS,IAAI,CAAC,CAAC;QACnE,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,OAAO,IAAI,KAAK,CAAC;QAE9D,MAAM,UAAU,GAAG;YACjB,KAAK,EAAE,IAAI;YACX,KAAK,EAAE,IAAI;YACX,QAAQ,EAAE,IAAI;YACd,KAAK,EAAE,IAAI;SACZ,CAAC;QAEF,MAAM,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC;QAC/B,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAE9D,IAAI,QAAQ,GAAG,GAAG,KAAK,MAAM,QAAQ,2BAA2B,CAAC;QACjE,QAAQ,IAAI,mBAAmB,OAAO,CAAC,MAAM,qBAAqB,cAAc,oBAAoB,CAAC;QAErG,IAAI,OAAO,EAAE,CAAC;YACZ,QAAQ,IAAI,6DAA6D,CAAC;QAC5E,CAAC;aAAM,CAAC;YACN,QAAQ,IAAI,0BAA0B,CAAC;QACzC,CAAC;QAED,QAAQ,IAAI,qBAAqB,IAAI,IAAI,EAAE,CAAC,cAAc,EAAE,MAAM,CAAC;QAEnE,0BAA0B;QAC1B,OAAO,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC9B,QAAQ,IAAI,GAAG,KAAK,GAAG,CAAC,OAAO,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,MAAM,CAAC;YAEzG,IAAI,IAAI,CAAC,OAAO;gBAAE,QAAQ,IAAI,SAAS,IAAI,CAAC,OAAO,IAAI,CAAC;YACxD,IAAI,IAAI,CAAC,KAAK;gBAAE,QAAQ,IAAI,SAAS,IAAI,CAAC,KAAK,IAAI,CAAC;YACpD,IAAI,IAAI,CAAC,MAAM;gBAAE,QAAQ,IAAI,kBAAkB,IAAI,CAAC,MAAM,IAAI,CAAC;YAC/D,IAAI,IAAI,CAAC,IAAI;gBAAE,QAAQ,IAAI,eAAe,IAAI,CAAC,IAAI,IAAI,CAAC;YAExD,QAAQ,IAAI,IAAI,CAAC;QACnB,CAAC,CAAC,CAAC;QAEH,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAC5B,OAAwD,EACxD,UAKI,EAAE;QAEN,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,EAAE,CAAC;QAC9C,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC;QAC1C,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,IAAI,CAAC;QAE1C,MAAM,OAAO,GAAQ,EAAE,CAAC;QACxB,IAAI,MAAM,GAAG,CAAC,CAAC;QACf,IAAI,OAAO,GAAG,IAAI,CAAC;QAEnB,eAAe;QACf,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;QACxD,OAAO,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;QAC9B,MAAM,IAAI,WAAW,CAAC;QAEtB,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YACvB,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrC,CAAC;QAED,sBAAsB;QACtB,OAAO,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,QAAQ,EAAE,CAAC;YAC5C,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;YAE/C,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,OAAO,GAAG,KAAK,CAAC;gBAChB,MAAM;YACR,CAAC;YAED,OAAO,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC;YACvB,MAAM,IAAI,SAAS,CAAC;YAEpB,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;gBACvB,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAC/C,CAAC;YAED,iDAAiD;YACjD,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;QAC3D,CAAC;QAED,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;IACpC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,wBAAwB;IACnC;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,mBAAmB,CAC9B,YAAsD,EACtD,SAAuC,EACvC,UAII,EAAE;QAEN,MAAM,SAAS,GAAG,OAAO,CAAC,cAAc,IAAI,GAAG,CAAC,CAAC,gBAAgB;QACjE,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAQ,EAAE,CAAC;QACxB,IAAI,SAAS,GAAG,CAAC,CAAC;QAElB,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,YAAY,EAAE,EAAE,CAAC;YACzC,qBAAqB;YACrB,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;YAC1C,MAAM,aAAa,GAAG,WAAW,CAAC,QAAQ,GAAG,IAAI,GAAG,IAAI,CAAC;YAEzD,IAAI,aAAa,GAAG,SAAS,EAAE,CAAC;gBAC9B,0DAA0D;gBAC1D,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC;gBAEzE,KAAK,MAAM,UAAU,IAAI,cAAc,EAAE,CAAC;oBACxC,MAAM,eAAe,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC,CAAC;oBACpD,OAAO,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,CAAC;oBACjC,SAAS,IAAI,UAAU,CAAC,MAAM,CAAC;oBAE/B,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;wBACvB,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;oBAChC,CAAC;oBAED,wCAAwC;oBACxC,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC;wBACd,MAAM,CAAC,EAAE,EAAE,CAAC;oBACd,CAAC;gBACH,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,oBAAoB;gBACpB,MAAM,eAAe,GAAG,MAAM,SAAS,CAAC,KAAK,CAAC,CAAC;gBAC/C,OAAO,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,CAAC;gBACjC,SAAS,IAAI,KAAK,CAAC,MAAM,CAAC;gBAE1B,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;oBACvB,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;gBAChC,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,UAAU,CAAI,KAAU,EAAE,SAAiB;QACxD,MAAM,MAAM,GAAU,EAAE,CAAC;QACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,SAAS,EAAE,CAAC;YACjD,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC;QAC7C,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;CACF"}

package/dist/utils/validation.d.ts

@@ -2,7 +2,7 @@
  * Security-focused validation utilities for MCP WordPress
  */
 /**
- * Validates and sanitizes numeric IDs
+ * Validates and sanitizes numeric IDs with comprehensive edge case handling
  */
 export declare function validateId(id: any, fieldName?: string): number;
 /**
@@ -18,7 +18,7 @@ export declare function validateFilePath(userPath: string, allowedBasePath: stri
  */
 export declare function validatePostStatus(status: string): string;
 /**
- * Validates and sanitizes URLs
+ * Validates and sanitizes URLs with enhanced edge case handling
  */
 export declare function validateUrl(url: string, fieldName?: string): string;
 /**
@@ -44,7 +44,7 @@ export declare function validateArray<T>(value: any, fieldName: string, minItems
  */
 export declare function validateEmail(email: string): string;
 /**
- * Validates username format
+ * Validates username format with enhanced security checks
  */
 export declare function validateUsername(username: string): string;
 /**
@@ -64,5 +64,21 @@ export declare const authRateLimiter: RateLimiter;
  * Validates and sanitizes search queries
  */
 export declare function validateSearchQuery(query: string): string;
+/**
+ * Validates pagination parameters as a set
+ */
+export declare function validatePaginationParams(params: {
+    page?: any;
+    per_page?: any;
+    offset?: any;
+}): {
+    page?: number;
+    per_page?: number;
+    offset?: number;
+};
+/**
+ * Validates complex post creation parameters
+ */
+export declare function validatePostParams(params: any): any;
 export {};
 //# sourceMappingURL=validation.d.ts.map

package/dist/utils/validation.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"validation.d.ts","sourceRoot":"","sources":["../../src/utils/validation.ts"],"names":[],"mappings":"AAGA;;GAEG;AAEH;;GAEG;AACH,wBAAgB,UAAU,CAAC,EAAE,EAAE,GAAG,EAAE,SAAS,GAAE,MAAa,GAAG,MAAM,CAUpE;AAED;;GAEG;AACH,wBAAgB,cAAc,CAC5B,KAAK,EAAE,GAAG,EACV,SAAS,EAAE,MAAM,EACjB,SAAS,GAAE,MAAU,EACrB,SAAS,GAAE,MAAa,GACvB,MAAM,CAmBR;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,MAAM,EAChB,eAAe,EAAE,MAAM,GACtB,MAAM,CAeR;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAkBzD;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,GAAE,MAAc,GAAG,MAAM,CAe1E;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,WAAW,EAAE,MAAM,EACnB,WAAW,GAAE,MAAW,GACvB,IAAI,CASN;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EAAE,GACrB,IAAI,CAQN;AAED;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAiBjD;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,CAAC,EAC7B,KAAK,EAAE,GAAG,EACV,SAAS,EAAE,MAAM,EACjB,QAAQ,GAAE,MAAU,EACpB,QAAQ,GAAE,MAAY,GACrB,CAAC,EAAE,CAkBL;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAUnD;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAoBzD;AAED;;;GAGG;AACH,cAAM,WAAW;IAKb,OAAO,CAAC,WAAW;IACnB,OAAO,CAAC,QAAQ;IALlB,OAAO,CAAC,QAAQ,CACJ;gBAGF,WAAW,GAAE,MAAU,EACvB,QAAQ,GAAE,MAAc;IAGlC,KAAK,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;IAwB/B,KAAK,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;CAGhC;AAGD,eAAO,MAAM,eAAe,aAA6B,CAAC;AAE1D;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAmBzD"}
+{"version":3,"file":"validation.d.ts","sourceRoot":"","sources":["../../src/utils/validation.ts"],"names":[],"mappings":"AAGA;;GAEG;AAEH;;GAEG;AACH,wBAAgB,UAAU,CAAC,EAAE,EAAE,GAAG,EAAE,SAAS,GAAE,MAAa,GAAG,MAAM,CA6CpE;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,GAAE,MAAU,EAAE,SAAS,GAAE,MAAa,GAAG,MAAM,CAerH;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,GAAG,MAAM,CAWlF;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAMzD;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,GAAE,MAAc,GAAG,MAAM,CAgE1E;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,WAAW,EAAE,MAAM,EAAE,WAAW,GAAE,MAAW,GAAG,IAAI,CAKpF;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,GAAG,IAAI,CAQ/E;AAED;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAcjD;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,GAAE,MAAU,EAAE,QAAQ,GAAE,MAAY,GAAG,CAAC,EAAE,CAcjH;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAMnD;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAsCzD;AAED;;;GAGG;AACH,cAAM,WAAW;IAIb,OAAO,CAAC,WAAW;IACnB,OAAO,CAAC,QAAQ;IAJlB,OAAO,CAAC,QAAQ,CAAgE;gBAGtE,WAAW,GAAE,MAAU,EACvB,QAAQ,GAAE,MAAc;IAGlC,KAAK,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;IAwB/B,KAAK,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;CAGhC;AAGD,eAAO,MAAM,eAAe,aAA6B,CAAC;AAE1D;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAgBzD;AAED;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,MAAM,EAAE;IAAE,IAAI,CAAC,EAAE,GAAG,CAAC;IAAC,QAAQ,CAAC,EAAE,GAAG,CAAC;IAAC,MAAM,CAAC,EAAE,GAAG,CAAA;CAAE,GAAG;IAC9F,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,CAiDA;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,CAsDnD"}

package/dist/utils/validation.js

@@ -4,12 +4,35 @@ import { WordPressAPIError } from "../types/client.js";
  * Security-focused validation utilities for MCP WordPress
  */
 /**
- * Validates and sanitizes numeric IDs
+ * Validates and sanitizes numeric IDs with comprehensive edge case handling
  */
 export function validateId(id, fieldName = "id") {
-    const numId = parseInt(String(id), 10);
-    if (isNaN(numId) || numId <= 0) {
-        throw new WordPressAPIError(`Invalid ${fieldName}: must be a positive number`, 400, "INVALID_PARAMETER");
+    // Handle null/undefined
+    if (id === null || id === undefined) {
+        throw new WordPressAPIError(`${fieldName} is required`, 400, "MISSING_PARAMETER");
+    }
+    // Convert to string first to handle various input types
+    const strId = String(id).trim();
+    // Check for empty string after trim
+    if (strId === "") {
+        throw new WordPressAPIError(`${fieldName} cannot be empty`, 400, "INVALID_PARAMETER");
+    }
+    // Handle decimal inputs
+    if (strId.includes(".")) {
+        throw new WordPressAPIError(`${fieldName} must be a whole number, not a decimal`, 400, "INVALID_PARAMETER");
+    }
+    const numId = parseInt(strId, 10);
+    // Check for NaN
+    if (isNaN(numId)) {
+        throw new WordPressAPIError(`Invalid ${fieldName}: "${id}" is not a valid number`, 400, "INVALID_PARAMETER");
+    }
+    // Check for negative or zero
+    if (numId <= 0) {
+        throw new WordPressAPIError(`Invalid ${fieldName}: must be a positive number (got ${numId})`, 400, "INVALID_PARAMETER");
+    }
+    // Check for max int32 limit (WordPress database limit)
+    if (numId > 2147483647) {
+        throw new WordPressAPIError(`Invalid ${fieldName}: exceeds maximum allowed value (2147483647)`, 400, "INVALID_PARAMETER");
     }
     return numId;
 }
@@ -43,34 +66,55 @@ export function validateFilePath(userPath, allowedBasePath) {
  * Validates WordPress post status values
  */
 export function validatePostStatus(status) {
-    const validStatuses = [
-        "publish",
-        "draft",
-        "pending",
-        "private",
-        "future",
-        "auto-draft",
-        "trash",
-    ];
+    const validStatuses = ["publish", "draft", "pending", "private", "future", "auto-draft", "trash"];
     if (!validStatuses.includes(status)) {
         throw new WordPressAPIError(`Invalid status: must be one of ${validStatuses.join(", ")}`, 400, "INVALID_PARAMETER");
     }
     return status;
 }
 /**
- * Validates and sanitizes URLs
+ * Validates and sanitizes URLs with enhanced edge case handling
  */
 export function validateUrl(url, fieldName = "url") {
+    // Check for empty or whitespace-only URLs
+    const trimmedUrl = url.trim();
+    if (!trimmedUrl) {
+        throw new WordPressAPIError(`${fieldName} cannot be empty`, 400, "INVALID_PARAMETER");
+    }
+    // Remove trailing slashes for consistency
+    const cleanUrl = trimmedUrl.replace(/\/+$/, "");
+    // Check for common URL mistakes
+    if (!cleanUrl.match(/^https?:\/\//i)) {
+        throw new WordPressAPIError(`Invalid ${fieldName}: must start with http:// or https:// (got "${cleanUrl}")`, 400, "INVALID_PARAMETER");
+    }
     try {
-        const urlObj = new URL(url);
+        const urlObj = new URL(cleanUrl);
         // Only allow http and https protocols
         if (!["http:", "https:"].includes(urlObj.protocol)) {
-            throw new Error("Invalid protocol");
+            throw new WordPressAPIError(`Invalid ${fieldName}: only HTTP and HTTPS protocols are allowed`, 400, "INVALID_PARAMETER");
+        }
+        // Validate hostname
+        if (!urlObj.hostname || urlObj.hostname.length < 3) {
+            throw new WordPressAPIError(`Invalid ${fieldName}: hostname is missing or too short`, 400, "INVALID_PARAMETER");
+        }
+        // Check for localhost in production
+        if (process.env.NODE_ENV === "production" && (urlObj.hostname === "localhost" || urlObj.hostname === "127.0.0.1")) {
+            throw new WordPressAPIError(`Invalid ${fieldName}: localhost URLs are not allowed in production`, 400, "INVALID_PARAMETER");
+        }
+        // Validate port if present
+        if (urlObj.port) {
+            const port = parseInt(urlObj.port);
+            if (port < 1 || port > 65535) {
+                throw new WordPressAPIError(`Invalid ${fieldName}: port number must be between 1 and 65535`, 400, "INVALID_PARAMETER");
+            }
         }
-        return urlObj.toString();
+        return cleanUrl;
     }
-    catch {
-        throw new WordPressAPIError(`Invalid ${fieldName}: must be a valid URL`, 400, "INVALID_PARAMETER");
+    catch (error) {
+        if (error instanceof WordPressAPIError) {
+            throw error;
+        }
+        throw new WordPressAPIError(`Invalid ${fieldName}: malformed URL "${cleanUrl}"`, 400, "INVALID_PARAMETER");
     }
 }
 /**
@@ -129,18 +173,33 @@ export function validateEmail(email) {
     return email.toLowerCase();
 }
 /**
- * Validates username format
+ * Validates username format with enhanced security checks
  */
 export function validateUsername(username) {
+    // Trim and check for empty
+    const trimmed = username.trim();
+    if (!trimmed) {
+        throw new WordPressAPIError("Username cannot be empty", 400, "INVALID_PARAMETER");
+    }
     // WordPress username rules: alphanumeric, space, underscore, hyphen, period, @ symbol
     const usernameRegex = /^[a-zA-Z0-9 _.\-@]+$/;
-    if (!usernameRegex.test(username)) {
+    if (!usernameRegex.test(trimmed)) {
         throw new WordPressAPIError("Invalid username: can only contain letters, numbers, spaces, and _.-@ symbols", 400, "INVALID_PARAMETER");
     }
-    if (username.length < 3 || username.length > 60) {
-        throw new WordPressAPIError("Invalid username: must be between 3 and 60 characters", 400, "INVALID_PARAMETER");
+    // Length validation
+    if (trimmed.length < 3 || trimmed.length > 60) {
+        throw new WordPressAPIError(`Invalid username: must be between 3 and 60 characters (got ${trimmed.length})`, 400, "INVALID_PARAMETER");
+    }
+    // Check for consecutive spaces
+    if (/\s{2,}/.test(trimmed)) {
+        throw new WordPressAPIError("Invalid username: cannot contain consecutive spaces", 400, "INVALID_PARAMETER");
     }
-    return username;
+    // Security: Prevent common problematic usernames
+    const blacklist = ["admin", "root", "wordpress", "wp-admin", "administrator"];
+    if (blacklist.includes(trimmed.toLowerCase())) {
+        throw new WordPressAPIError(`Username "${trimmed}" is reserved and cannot be used`, 400, "RESERVED_USERNAME");
+    }
+    return trimmed;
 }
 /**
  * Rate limiting tracker (simple in-memory implementation)
@@ -192,4 +251,95 @@ export function validateSearchQuery(query) {
     sanitized = sanitized.replace(/[<>'"`;\\]/g, "");
     return sanitized;
 }
+/**
+ * Validates pagination parameters as a set
+ */
+export function validatePaginationParams(params) {
+    const validated = {};
+    // Validate page
+    if (params.page !== undefined) {
+        const page = parseInt(String(params.page), 10);
+        if (isNaN(page) || page < 1) {
+            throw new WordPressAPIError("Page must be a positive integer", 400, "INVALID_PARAMETER");
+        }
+        if (page > 10000) {
+            throw new WordPressAPIError("Page number too high (max 10000)", 400, "INVALID_PARAMETER");
+        }
+        validated.page = page;
+    }
+    // Validate per_page
+    if (params.per_page !== undefined) {
+        const perPage = parseInt(String(params.per_page), 10);
+        if (isNaN(perPage) || perPage < 1) {
+            throw new WordPressAPIError("Per page must be a positive integer", 400, "INVALID_PARAMETER");
+        }
+        if (perPage > 100) {
+            throw new WordPressAPIError(`Per page exceeds maximum allowed (100), got ${perPage}`, 400, "INVALID_PARAMETER");
+        }
+        validated.per_page = perPage;
+    }
+    // Validate offset
+    if (params.offset !== undefined) {
+        const offset = parseInt(String(params.offset), 10);
+        if (isNaN(offset) || offset < 0) {
+            throw new WordPressAPIError("Offset must be a non-negative integer", 400, "INVALID_PARAMETER");
+        }
+        if (offset > 1000000) {
+            throw new WordPressAPIError("Offset too large (max 1000000)", 400, "INVALID_PARAMETER");
+        }
+        validated.offset = offset;
+    }
+    // Check for conflicting parameters
+    if (validated.page && validated.offset) {
+        throw new WordPressAPIError("Cannot use both 'page' and 'offset' parameters together", 400, "CONFLICTING_PARAMETERS");
+    }
+    return validated;
+}
+/**
+ * Validates complex post creation parameters
+ */
+export function validatePostParams(params) {
+    const validated = {};
+    // Title validation
+    if (!params.title || typeof params.title !== "string") {
+        throw new WordPressAPIError("Post title is required and must be a string", 400, "INVALID_PARAMETER");
+    }
+    validated.title = validateString(params.title, "title", 1, 200);
+    // Content validation
+    if (params.content !== undefined) {
+        validated.content = sanitizeHtml(String(params.content));
+    }
+    // Status validation with context
+    if (params.status) {
+        validated.status = validatePostStatus(params.status);
+        // Future posts need a date
+        if (validated.status === "future" && !params.date) {
+            throw new WordPressAPIError("Future posts require a 'date' parameter", 400, "MISSING_PARAMETER");
+        }
+    }
+    // Categories and tags validation
+    if (params.categories) {
+        validated.categories = validateArray(params.categories, "categories", 0, 50);
+        validated.categories = validated.categories.map((id) => validateId(id, "category ID"));
+    }
+    if (params.tags) {
+        validated.tags = validateArray(params.tags, "tags", 0, 100);
+        validated.tags = validated.tags.map((id) => validateId(id, "tag ID"));
+    }
+    // Date validation for scheduled posts
+    if (params.date) {
+        try {
+            const date = new Date(params.date);
+            if (isNaN(date.getTime())) {
+                throw new Error("Invalid date");
+            }
+            // WordPress expects ISO 8601 format
+            validated.date = date.toISOString();
+        }
+        catch {
+            throw new WordPressAPIError("Invalid date format. Use ISO 8601 format (YYYY-MM-DDTHH:mm:ss)", 400, "INVALID_PARAMETER");
+        }
+    }
+    return validated;
+}
 //# sourceMappingURL=validation.js.map