openredaction 1.0.9 → 1.1.0

package/dist/index.js

@@ -47,6 +47,7 @@ let path = require("path");
 path = __toESM(path);
 let worker_threads = require("worker_threads");
 let os = require("os");
+let stream = require("stream");
 
 //#region src/audit/AuditLogger.ts
 /**
@@ -1006,332 +1007,6 @@ var InMemoryMetricsCollector = class {
 	}
 };
 
-//#endregion
-//#region src/metrics/PrometheusServer.ts
-/**
-* Prometheus metrics HTTP server
-* Provides a lightweight HTTP server for exposing metrics to Prometheus
-*/
-var PrometheusServer = class {
-	constructor(metricsCollector, options) {
-		this.isRunning = false;
-		this.requestCount = 0;
-		this.metricsCollector = metricsCollector;
-		this.options = {
-			port: options?.port ?? 9090,
-			host: options?.host ?? "0.0.0.0",
-			metricsPath: options?.metricsPath ?? "/metrics",
-			prefix: options?.prefix ?? "openredaction",
-			healthPath: options?.healthPath ?? "/health",
-			enableCors: options?.enableCors ?? false,
-			username: options?.username,
-			password: options?.password
-		};
-	}
-	/**
-	* Start the Prometheus metrics server
-	*/
-	async start() {
-		if (this.isRunning) throw new Error("[PrometheusServer] Server is already running");
-		try {
-			this.server = require("http").createServer(this.handleRequest.bind(this));
-			return new Promise((resolve, reject) => {
-				this.server.listen(this.options.port, this.options.host, () => {
-					this.isRunning = true;
-					console.log(`[PrometheusServer] Metrics server started on http://${this.options.host}:${this.options.port}${this.options.metricsPath}`);
-					resolve();
-				});
-				this.server.on("error", (error) => {
-					reject(/* @__PURE__ */ new Error(`[PrometheusServer] Failed to start server: ${error.message}`));
-				});
-			});
-		} catch (error) {
-			throw new Error(`[PrometheusServer] Failed to initialize HTTP server: ${error.message}`);
-		}
-	}
-	/**
-	* Stop the server
-	*/
-	async stop() {
-		if (!this.isRunning || !this.server) return;
-		return new Promise((resolve, reject) => {
-			this.server.close((error) => {
-				if (error) reject(/* @__PURE__ */ new Error(`[PrometheusServer] Failed to stop server: ${error.message}`));
-				else {
-					this.isRunning = false;
-					console.log("[PrometheusServer] Server stopped");
-					resolve();
-				}
-			});
-		});
-	}
-	/**
-	* Handle incoming HTTP requests
-	*/
-	handleRequest(req, res) {
-		this.requestCount++;
-		if (this.options.enableCors) {
-			res.setHeader("Access-Control-Allow-Origin", "*");
-			res.setHeader("Access-Control-Allow-Methods", "GET, OPTIONS");
-			res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
-			if (req.method === "OPTIONS") {
-				res.writeHead(204);
-				res.end();
-				return;
-			}
-		}
-		if (req.method !== "GET") {
-			res.writeHead(405, { "Content-Type": "text/plain" });
-			res.end("Method Not Allowed");
-			return;
-		}
-		if (this.options.username && this.options.password) {
-			const authHeader = req.headers.authorization;
-			if (!authHeader || !this.validateAuth(authHeader)) {
-				res.writeHead(401, {
-					"Content-Type": "text/plain",
-					"WWW-Authenticate": "Basic realm=\"Prometheus Metrics\""
-				});
-				res.end("Unauthorized");
-				return;
-			}
-		}
-		const url = req.url;
-		if (url === this.options.metricsPath) this.handleMetrics(req, res);
-		else if (url === this.options.healthPath) this.handleHealth(req, res);
-		else if (url === "/") this.handleRoot(req, res);
-		else {
-			res.writeHead(404, { "Content-Type": "text/plain" });
-			res.end("Not Found");
-		}
-	}
-	/**
-	* Handle /metrics endpoint
-	*/
-	handleMetrics(_req, res) {
-		try {
-			this.lastScrapeTime = /* @__PURE__ */ new Date();
-			const exporter = this.metricsCollector.getExporter();
-			const metrics = exporter.getMetrics();
-			const prometheusFormat = exporter.exportPrometheus(metrics, this.options.prefix);
-			const serverMetrics = this.getServerMetrics();
-			const fullMetrics = prometheusFormat + "\n" + serverMetrics;
-			res.writeHead(200, { "Content-Type": "text/plain; version=0.0.4" });
-			res.end(fullMetrics);
-		} catch (error) {
-			console.error("[PrometheusServer] Error exporting metrics:", error);
-			res.writeHead(500, { "Content-Type": "text/plain" });
-			res.end("Internal Server Error");
-		}
-	}
-	/**
-	* Handle /health endpoint
-	*/
-	handleHealth(_req, res) {
-		const health = {
-			status: "healthy",
-			uptime: process.uptime(),
-			timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-			metrics: {
-				requestCount: this.requestCount,
-				lastScrapeTime: this.lastScrapeTime?.toISOString()
-			}
-		};
-		res.writeHead(200, { "Content-Type": "application/json" });
-		res.end(JSON.stringify(health, null, 2));
-	}
-	/**
-	* Handle / root endpoint
-	*/
-	handleRoot(_req, res) {
-		const html = `
-<!DOCTYPE html>
-<html>
-<head>
-  <title>OpenRedaction Prometheus Exporter</title>
-  <style>
-    body { font-family: sans-serif; max-width: 800px; margin: 50px auto; padding: 20px; }
-    h1 { color: #333; }
-    a { color: #0066cc; }
-    .endpoint { background: #f5f5f5; padding: 10px; margin: 10px 0; border-radius: 4px; }
-  </style>
-</head>
-<body>
-  <h1>OpenRedaction Prometheus Exporter</h1>
-  <p>This server exposes metrics for Prometheus monitoring.</p>
-
-  <h2>Endpoints</h2>
-  <div class="endpoint">
-    <strong>GET <a href="${this.options.metricsPath}">${this.options.metricsPath}</a></strong><br>
-    Prometheus metrics in text format
-  </div>
-  <div class="endpoint">
-    <strong>GET <a href="${this.options.healthPath}">${this.options.healthPath}</a></strong><br>
-    Health check endpoint (JSON)
-  </div>
-
-  <h2>Configuration</h2>
-  <ul>
-    <li>Host: ${this.options.host}</li>
-    <li>Port: ${this.options.port}</li>
-    <li>Metrics Prefix: ${this.options.prefix}</li>
-    <li>CORS Enabled: ${this.options.enableCors}</li>
-    <li>Authentication: ${this.options.username ? "Enabled" : "Disabled"}</li>
-  </ul>
-
-  <h2>Prometheus Configuration</h2>
-  <p>Add this to your <code>prometheus.yml</code>:</p>
-  <pre>
-scrape_configs:
-  - job_name: 'openredaction'
-    static_configs:
-      - targets: ['${this.options.host}:${this.options.port}']
-    metrics_path: '${this.options.metricsPath}'
-${this.options.username ? `    basic_auth:
-      username: '${this.options.username}'
-      password: '${this.options.password}'` : ""}
-  </pre>
-</body>
-</html>
-    `.trim();
-		res.writeHead(200, { "Content-Type": "text/html" });
-		res.end(html);
-	}
-	/**
-	* Validate basic authentication
-	*/
-	validateAuth(authHeader) {
-		try {
-			const base64Credentials = authHeader.split(" ")[1];
-			const [username, password] = Buffer.from(base64Credentials, "base64").toString("utf-8").split(":");
-			return username === this.options.username && password === this.options.password;
-		} catch {
-			return false;
-		}
-	}
-	/**
-	* Get server-specific metrics in Prometheus format
-	*/
-	getServerMetrics() {
-		const prefix = this.options.prefix;
-		const timestamp = Date.now();
-		const lines = [];
-		lines.push(`# HELP ${prefix}_server_uptime_seconds Server uptime in seconds`);
-		lines.push(`# TYPE ${prefix}_server_uptime_seconds counter`);
-		lines.push(`${prefix}_server_uptime_seconds ${process.uptime().toFixed(2)} ${timestamp}`);
-		lines.push("");
-		lines.push(`# HELP ${prefix}_server_requests_total Total number of requests to metrics server`);
-		lines.push(`# TYPE ${prefix}_server_requests_total counter`);
-		lines.push(`${prefix}_server_requests_total ${this.requestCount} ${timestamp}`);
-		lines.push("");
-		if (this.lastScrapeTime) {
-			const lastScrapeSeconds = Math.floor((Date.now() - this.lastScrapeTime.getTime()) / 1e3);
-			lines.push(`# HELP ${prefix}_server_last_scrape_seconds Seconds since last metrics scrape`);
-			lines.push(`# TYPE ${prefix}_server_last_scrape_seconds gauge`);
-			lines.push(`${prefix}_server_last_scrape_seconds ${lastScrapeSeconds} ${timestamp}`);
-			lines.push("");
-		}
-		const mem = process.memoryUsage();
-		lines.push(`# HELP ${prefix}_server_memory_bytes Server memory usage in bytes`);
-		lines.push(`# TYPE ${prefix}_server_memory_bytes gauge`);
-		lines.push(`${prefix}_server_memory_bytes{type="rss"} ${mem.rss} ${timestamp}`);
-		lines.push(`${prefix}_server_memory_bytes{type="heapTotal"} ${mem.heapTotal} ${timestamp}`);
-		lines.push(`${prefix}_server_memory_bytes{type="heapUsed"} ${mem.heapUsed} ${timestamp}`);
-		lines.push(`${prefix}_server_memory_bytes{type="external"} ${mem.external} ${timestamp}`);
-		lines.push("");
-		return lines.join("\n");
-	}
-	/**
-	* Get server statistics
-	*/
-	getStats() {
-		return {
-			isRunning: this.isRunning,
-			requestCount: this.requestCount,
-			lastScrapeTime: this.lastScrapeTime,
-			uptime: process.uptime(),
-			host: this.options.host,
-			port: this.options.port,
-			metricsPath: this.options.metricsPath
-		};
-	}
-};
-/**
-* Create a Prometheus server instance
-*/
-function createPrometheusServer(metricsCollector, options) {
-	return new PrometheusServer(metricsCollector, options);
-}
-/**
-* Example Grafana dashboard JSON for OpenRedaction metrics
-* Can be imported directly into Grafana
-*/
-const GRAFANA_DASHBOARD_TEMPLATE = { dashboard: {
-	title: "OpenRedaction Metrics",
-	tags: [
-		"pii",
-		"redaction",
-		"security"
-	],
-	timezone: "browser",
-	panels: [
-		{
-			id: 1,
-			title: "Total Redactions",
-			type: "graph",
-			targets: [{
-				expr: "rate(openredaction_total_redactions[5m])",
-				legendFormat: "Redactions per second"
-			}]
-		},
-		{
-			id: 2,
-			title: "PII Detected by Type",
-			type: "graph",
-			targets: [{
-				expr: "rate(openredaction_pii_by_type[5m])",
-				legendFormat: "{{type}}"
-			}]
-		},
-		{
-			id: 3,
-			title: "Average Processing Time",
-			type: "graph",
-			targets: [{
-				expr: "openredaction_avg_processing_time_ms",
-				legendFormat: "Processing time (ms)"
-			}]
-		},
-		{
-			id: 4,
-			title: "Error Rate",
-			type: "graph",
-			targets: [{
-				expr: "rate(openredaction_total_errors[5m])",
-				legendFormat: "Errors per second"
-			}]
-		},
-		{
-			id: 5,
-			title: "Operations by Redaction Mode",
-			type: "piechart",
-			targets: [{
-				expr: "openredaction_by_redaction_mode",
-				legendFormat: "{{mode}}"
-			}]
-		},
-		{
-			id: 6,
-			title: "Server Memory Usage",
-			type: "graph",
-			targets: [{
-				expr: "openredaction_server_memory_bytes",
-				legendFormat: "{{type}}"
-			}]
-		}
-	]
-} };
-
 //#endregion
 //#region src/rbac/roles.ts
 /**
@@ -1683,6 +1358,70 @@ function validateRoutingNumber(routingNumber, _context) {
 	return (3 * (digits[0] + digits[3] + digits[6]) + 7 * (digits[1] + digits[4] + digits[7]) + (digits[2] + digits[5] + digits[8])) % 10 === 0;
 }
 /**
+* Luhn check for arbitrary digit string (e.g. Canadian SIN)
+*/
+function validateLuhnDigits(digits) {
+	let sum = 0;
+	let isEven = false;
+	for (let i = digits.length - 1; i >= 0; i--) {
+		let d = parseInt(digits[i], 10);
+		if (Number.isNaN(d)) return false;
+		if (isEven) {
+			d *= 2;
+			if (d > 9) d -= 9;
+		}
+		sum += d;
+		isEven = !isEven;
+	}
+	return sum % 10 === 0;
+}
+/**
+* SWIFT/BIC format validation (ISO 9362: 8 or 11 characters)
+*/
+function validateSWIFTBIC(bic, _context) {
+	const cleaned = bic.replace(/\s/g, "").toUpperCase();
+	return /^[A-Z]{4}[A-Z]{2}[A-Z0-9]{2}([A-Z0-9]{3})?$/.test(cleaned);
+}
+/**
+* Canadian Social Insurance Number — Luhn checksum on 9 digits
+*/
+function validateCanadianSIN(sin, _context) {
+	const cleaned = sin.replace(/[\s-]/g, "");
+	if (!/^\d{9}$/.test(cleaned)) return false;
+	if (cleaned === "000000000") return false;
+	return validateLuhnDigits(cleaned);
+}
+/**
+* Australian Tax File Number — weighted checksum (8 or 9 digits)
+*/
+function validateAustralianTFN(tfn, _context) {
+	const cleaned = tfn.replace(/\s/g, "");
+	if (!/^\d{8}$/.test(cleaned) && !/^\d{9}$/.test(cleaned)) return false;
+	const weights = cleaned.length === 8 ? [
+		1,
+		4,
+		3,
+		7,
+		5,
+		8,
+		6,
+		9
+	] : [
+		1,
+		4,
+		3,
+		7,
+		5,
+		8,
+		6,
+		9,
+		10
+	];
+	let sum = 0;
+	for (let i = 0; i < cleaned.length; i++) sum += parseInt(cleaned[i], 10) * weights[i];
+	return sum % 11 === 0;
+}
+/**
 * Context-aware name validator to reduce false positives
 */
 function validateName(name, context) {
@@ -12105,6 +11844,38 @@ const transportLogisticsPreset = {
 	]
 };
 /**
+* PCI-DSS oriented preset — cardholder data and common payment identifiers
+*/
+const pciDssPreset = {
+	includeNames: true,
+	includeEmails: true,
+	includePhones: true,
+	includeAddresses: true,
+	categories: [
+		"personal",
+		"contact",
+		"financial",
+		"network"
+	]
+};
+/**
+* SOC 2 oriented preset — broad PII and credentials for trust services contexts
+*/
+const soc2Preset = {
+	includeNames: true,
+	includeEmails: true,
+	includePhones: true,
+	includeAddresses: true,
+	categories: [
+		"personal",
+		"contact",
+		"financial",
+		"government",
+		"network",
+		"digital-identity"
+	]
+};
+/**
 * Get preset configuration by name
 */
 function getPreset(name) {
@@ -12121,6 +11892,10 @@ function getPreset(name) {
 		case "transport-logistics":
 		case "transportation":
 		case "logistics": return transportLogisticsPreset;
+		case "pci-dss":
+		case "pci_dss": return pciDssPreset;
+		case "soc2":
+		case "soc-2": return soc2Preset;
 		default: return {};
 	}
 }
@@ -12639,7 +12414,7 @@ var ConfigLoader = class {
 	static createDefaultConfig(outputPath = ".openredaction.config.js") {
 		fs.writeFileSync(outputPath, `/**
  * OpenRedaction Configuration
- * @see https://github.com/openredact/openredact
+ * @see https://github.com/sam247/openredaction
  */
 export default {
   // Extend built-in presets
@@ -15299,26 +15074,6 @@ function createValidationError(value, patternType) {
 		patternType
 	});
 }
-function createHighMemoryError(textSize) {
-	const sizeMB = (textSize / 1024 / 1024).toFixed(2);
-	return new OpenRedactionError(`Text size is ${sizeMB}MB. Consider using streaming API for large documents.`, "HIGH_MEMORY_USAGE", {
-		message: "Use StreamingDetector for memory-efficient processing of large documents",
-		code: `import { createStreamingDetector } from 'openredaction';
-
-const streaming = createStreamingDetector(redactor, {
-  chunkSize: 2048,
-  overlap: 100
-});
-
-for await (const chunk of streaming.processStream(largeText)) {
-  console.log(chunk.detections);
-}`,
-		docs: "https://github.com/sam247/openredaction#streaming-api"
-	}, {
-		textSize,
-		sizeMB
-	});
-}
 function createConfigLoadError(path, reason) {
 	return new OpenRedactionError(`Failed to load config from '${path}': ${reason}`, "CONFIG_LOAD_ERROR", {
 		message: "Check that your config file exists and is valid JSON",
@@ -15476,133 +15231,6 @@ function compileSafeRegex(pattern, flags) {
 	return new RegExp(patternStr, finalFlags);
 }
 
-//#endregion
-//#region src/utils/ai-assist.ts
-/**
-* Get the AI endpoint URL from options or environment
-*/
-function getAIEndpoint(aiOptions) {
-	if (!aiOptions?.enabled) return null;
-	if (aiOptions.endpoint) return aiOptions.endpoint;
-	if (typeof process !== "undefined" && process.env) {
-		const envEndpoint = process.env.OPENREDACTION_AI_ENDPOINT;
-		if (envEndpoint) return envEndpoint;
-	}
-	return null;
-}
-/**
-* Check if fetch is available in the current environment
-*/
-function isFetchAvailable() {
-	return typeof fetch !== "undefined";
-}
-/**
-* Call the AI endpoint to get additional PII entities
-* Returns null if AI is disabled, endpoint unavailable, or on error
-*/
-async function callAIDetect(text, endpoint, debug) {
-	if (!isFetchAvailable()) {
-		if (debug) console.warn("[OpenRedaction] AI assist requires fetch API. Not available in this environment.");
-		return null;
-	}
-	try {
-		const url = endpoint.endsWith("/ai-detect") ? endpoint : `${endpoint}/ai-detect`;
-		if (debug) console.log(`[OpenRedaction] Calling AI endpoint: ${url}`);
-		const response = await fetch(url, {
-			method: "POST",
-			headers: { "Content-Type": "application/json" },
-			body: JSON.stringify({ text })
-		});
-		if (!response.ok) {
-			if (debug) {
-				const statusText = response.status === 429 ? "Rate limit exceeded (429)" : `${response.status}: ${response.statusText}`;
-				console.warn(`[OpenRedaction] AI endpoint returned ${statusText}`);
-			}
-			return null;
-		}
-		const data = await response.json();
-		if (!data.entities || !Array.isArray(data.entities)) {
-			if (debug) console.warn("[OpenRedaction] Invalid AI response format: missing entities array");
-			return null;
-		}
-		return data.entities;
-	} catch (error) {
-		if (debug) console.warn(`[OpenRedaction] AI endpoint error: ${error instanceof Error ? error.message : "Unknown error"}`);
-		return null;
-	}
-}
-/**
-* Validate an AI entity
-*/
-function validateAIEntity(entity, textLength) {
-	if (!entity.type || !entity.value || typeof entity.start !== "number" || typeof entity.end !== "number") return false;
-	if (entity.start < 0 || entity.end < 0 || entity.start >= entity.end) return false;
-	if (entity.start >= textLength || entity.end > textLength) return false;
-	if (entity.value.length !== entity.end - entity.start) return false;
-	return true;
-}
-/**
-* Check if two detections overlap significantly
-* Returns true if they overlap by more than 50% of the shorter detection
-*/
-function detectionsOverlap(det1, det2) {
-	const [start1, end1] = det1.position;
-	const [start2, end2] = det2.position;
-	const overlapStart = Math.max(start1, start2);
-	const overlapEnd = Math.min(end1, end2);
-	if (overlapStart >= overlapEnd) return false;
-	const overlapLength = overlapEnd - overlapStart;
-	const length1 = end1 - start1;
-	const length2 = end2 - start2;
-	return overlapLength > Math.min(length1, length2) * .5;
-}
-/**
-* Convert AI entity to PIIDetection format
-*/
-function convertAIEntityToDetection(entity, text) {
-	if (!validateAIEntity(entity, text.length)) return null;
-	const actualValue = text.substring(entity.start, entity.end);
-	let type = entity.type.toUpperCase();
-	if (type.includes("EMAIL") || type === "EMAIL_ADDRESS") type = "EMAIL";
-	else if (type.includes("PHONE") || type === "PHONE_NUMBER") type = "PHONE_US";
-	else if (type.includes("NAME") || type === "PERSON") type = "NAME";
-	else if (type.includes("SSN") || type === "SOCIAL_SECURITY_NUMBER") type = "SSN";
-	else if (type.includes("ADDRESS")) type = "ADDRESS_STREET";
-	let severity = "medium";
-	if (type === "SSN" || type === "CREDIT_CARD") severity = "critical";
-	else if (type === "EMAIL" || type === "PHONE_US" || type === "NAME") severity = "high";
-	return {
-		type,
-		value: actualValue,
-		placeholder: `[${type}_${Math.random().toString(36).substring(2, 9)}]`,
-		position: [entity.start, entity.end],
-		severity,
-		confidence: entity.confidence ?? .7
-	};
-}
-/**
-* Merge AI entities with regex detections
-* Prefers regex detections on conflicts
-*/
-function mergeAIEntities(regexDetections, aiEntities, text) {
-	const merged = [...regexDetections];
-	const processedRanges = regexDetections.map((d) => d.position);
-	for (const aiEntity of aiEntities) {
-		const detection = convertAIEntityToDetection(aiEntity, text);
-		if (!detection) continue;
-		let hasOverlap = false;
-		for (const regexDet of regexDetections) if (detectionsOverlap(regexDet, detection)) {
-			hasOverlap = true;
-			break;
-		}
-		if (!hasOverlap) {
-			merged.push(detection);
-			processedRanges.push(detection.position);
-		}
-	}
-	return merged;
-}
-
 //#endregion
 //#region src/config/ConfigExporter.ts
 var ConfigExporter_exports = /* @__PURE__ */ __exportAll({
@@ -17747,7 +17375,7 @@ var OpenRedaction = class OpenRedaction {
 			redactionMode: "placeholder",
 			enableContextAnalysis: true,
 			confidenceThreshold: .5,
-			enableFalsePositiveFilter: false,
+			enableFalsePositiveFilter: true,
 			falsePositiveThreshold: .7,
 			enableMultiPass: false,
 			multiPassCount: 3,
@@ -17976,8 +17604,9 @@ var OpenRedaction = class OpenRedaction {
 				throw error;
 			}
 		}
-		if (this.nerDetector && detections.length > 0) {
-			const piiMatches = detections.map((det) => ({
+		if (this.nerDetector && this.nerDetector.isAvailable()) {
+			const nerMatches = this.nerDetector.detect(text);
+			let piiMatches = detections.map((det) => ({
 				type: det.type,
 				value: det.value,
 				start: det.position[0],
@@ -17988,11 +17617,43 @@ var OpenRedaction = class OpenRedaction {
 					after: text.substring(det.position[1], Math.min(text.length, det.position[1] + 50))
 				}
 			}));
-			const hybridMatches = this.nerDetector.hybridDetection(piiMatches, text);
-			detections = detections.map((det, index) => ({
-				...det,
-				confidence: hybridMatches[index].confidence
-			}));
+			if (detections.length > 0) {
+				const hybridMatches = this.nerDetector.hybridDetection(piiMatches, text);
+				detections = detections.map((det, index) => ({
+					...det,
+					confidence: hybridMatches[index].confidence
+				}));
+				piiMatches = detections.map((det) => ({
+					type: det.type,
+					value: det.value,
+					start: det.position[0],
+					end: det.position[1],
+					confidence: det.confidence || 1,
+					context: {
+						before: text.substring(Math.max(0, det.position[0] - 50), det.position[0]),
+						after: text.substring(det.position[1], Math.min(text.length, det.position[1] + 50))
+					}
+				}));
+			}
+			const nerOnly = this.nerDetector.extractNEROnly(nerMatches, piiMatches);
+			for (const ner of nerOnly) {
+				const syntheticPattern = {
+					type: `NER_${ner.type}`,
+					regex: /.^/,
+					priority: 1,
+					placeholder: `[NER_${ner.type}_{n}]`,
+					severity: "medium"
+				};
+				const placeholder = this.generatePlaceholder(ner.text, syntheticPattern);
+				detections.push({
+					type: syntheticPattern.type,
+					value: ner.text,
+					placeholder,
+					position: [ner.start, ner.end],
+					severity: "medium",
+					confidence: ner.confidence
+				});
+			}
 		}
 		if (this.contextRulesEngine && detections.length > 0) {
 			const piiMatches = detections.map((det) => ({
@@ -18016,7 +17677,7 @@ var OpenRedaction = class OpenRedaction {
 	}
 	/**
 	* Detect PII in text
-	* Now async to support optional AI assist
+	* Async API for detection pipeline (NER, multi-pass, etc.)
 	*/
 	async detect(text) {
 		if (this.rbacManager && !this.rbacManager.hasPermission("detection:detect")) throw new Error("[OpenRedaction] Permission denied: detection:detect required");
@@ -18056,21 +17717,6 @@ var OpenRedaction = class OpenRedaction {
 			}
 			detections = mergePassDetections(passDetections, this.multiPassConfig);
 		} else detections = this.processPatterns(text, this.patterns, processedRanges);
-		if (this.options.ai?.enabled) {
-			const aiEndpoint = getAIEndpoint(this.options.ai);
-			if (aiEndpoint) try {
-				if (this.options.debug) console.log("[OpenRedaction] AI assist enabled, calling AI endpoint...");
-				const aiEntities = await callAIDetect(text, aiEndpoint, this.options.debug);
-				if (aiEntities && aiEntities.length > 0) {
-					if (this.options.debug) console.log(`[OpenRedaction] AI returned ${aiEntities.length} additional entities`);
-					detections = mergeAIEntities(detections, aiEntities, text);
-					if (this.options.debug) console.log(`[OpenRedaction] After AI merge: ${detections.length} total detections`);
-				} else if (this.options.debug) console.log("[OpenRedaction] AI endpoint returned no additional entities");
-			} catch (error) {
-				if (this.options.debug) console.warn(`[OpenRedaction] AI assist failed, using regex-only: ${error instanceof Error ? error.message : "Unknown error"}`);
-			}
-			else if (this.options.debug) console.warn("[OpenRedaction] AI assist enabled but no endpoint configured. Set ai.endpoint or OPENREDACTION_AI_ENDPOINT env var.");
-		}
 		detections.sort((a, b) => b.position[0] - a.position[0]);
 		let redacted = text;
 		const redactionMap = {};
@@ -18464,6 +18110,10 @@ var OpenRedaction = class OpenRedaction {
 //#region src/streaming/StreamingDetector.ts
 init_document();
 /**
+* Streaming API for processing large documents
+* Allows efficient processing of documents in chunks
+*/
+/**
 * Streaming detector for large documents
 */
 var StreamingDetector = class {
@@ -18574,8 +18224,13 @@ var StreamingDetector = class {
 			if (buffer.length > 0) for await (const result of this.processStream(buffer)) yield result;
 		} else {
 			const nodeStream = readableStream;
-			for await (const chunk of nodeStream) {
-				buffer += decoder.decode(chunk, { stream: true });
+			const iterable = typeof nodeStream[Symbol.asyncIterator] === "function" ? nodeStream : stream.Readable.from(nodeStream);
+			for await (const chunk of iterable) {
+				if (typeof chunk === "string") buffer += chunk;
+				else {
+					const buf = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk);
+					buffer += decoder.decode(buf, { stream: true });
+				}
 				while (buffer.length >= this.options.chunkSize) {
 					const textChunk = buffer.substring(0, this.options.chunkSize);
 					buffer = buffer.substring(this.options.chunkSize);
@@ -19617,642 +19272,6 @@ function verifyWebhookSignature(payload, signature, secret, algorithm = "sha256"
 	}
 }
 
-//#endregion
-//#region src/api/APIServer.ts
-/**
-* REST API Server
-* Lightweight HTTP server for OpenRedaction with Express-like interface
-*/
-var APIServer = class {
-	constructor(config) {
-		this.isRunning = false;
-		this.rateLimitTracking = /* @__PURE__ */ new Map();
-		this.config = {
-			port: config?.port ?? 3e3,
-			host: config?.host ?? "0.0.0.0",
-			enableCors: config?.enableCors ?? true,
-			corsOrigin: config?.corsOrigin ?? "*",
-			apiKey: config?.apiKey,
-			enableRateLimit: config?.enableRateLimit ?? true,
-			rateLimit: config?.rateLimit ?? 60,
-			bodyLimit: config?.bodyLimit ?? "10mb",
-			enableLogging: config?.enableLogging ?? true,
-			tenantManager: config?.tenantManager,
-			webhookManager: config?.webhookManager,
-			auditLogger: config?.auditLogger,
-			prometheusServer: config?.prometheusServer,
-			defaultOptions: config?.defaultOptions
-		};
-		if (!this.config.tenantManager) this.detector = new OpenRedaction(this.config.defaultOptions);
-	}
-	/**
-	* Start the API server
-	*/
-	async start() {
-		if (this.isRunning) throw new Error("[APIServer] Server is already running");
-		try {
-			this.server = require("http").createServer(this.handleRequest.bind(this));
-			return new Promise((resolve, reject) => {
-				this.server.listen(this.config.port, this.config.host, () => {
-					this.isRunning = true;
-					console.log(`[APIServer] Server started on http://${this.config.host}:${this.config.port}`);
-					console.log(`[APIServer] API Documentation: http://${this.config.host}:${this.config.port}/api/docs`);
-					resolve();
-				});
-				this.server.on("error", (error) => {
-					reject(/* @__PURE__ */ new Error(`[APIServer] Failed to start server: ${error.message}`));
-				});
-			});
-		} catch (error) {
-			throw new Error(`[APIServer] Failed to initialize HTTP server: ${error.message}`);
-		}
-	}
-	/**
-	* Stop the server
-	*/
-	async stop() {
-		if (!this.isRunning || !this.server) return;
-		return new Promise((resolve, reject) => {
-			this.server.close((error) => {
-				if (error) reject(/* @__PURE__ */ new Error(`[APIServer] Failed to stop server: ${error.message}`));
-				else {
-					this.isRunning = false;
-					console.log("[APIServer] Server stopped");
-					resolve();
-				}
-			});
-		});
-	}
-	/**
-	* Handle incoming HTTP requests
-	*/
-	async handleRequest(req, res) {
-		const startTime = Date.now();
-		try {
-			const apiReq = await this.parseRequest(req);
-			if (this.config.enableCors) {
-				res.setHeader("Access-Control-Allow-Origin", Array.isArray(this.config.corsOrigin) ? this.config.corsOrigin.join(", ") : this.config.corsOrigin);
-				res.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
-				res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization, X-API-Key, X-Tenant-ID");
-				if (req.method === "OPTIONS") {
-					res.writeHead(204);
-					res.end();
-					return;
-				}
-			}
-			if (this.config.apiKey) {
-				if ((apiReq.headers["x-api-key"] || apiReq.headers["authorization"]?.toString().replace("Bearer ", "")) !== this.config.apiKey) {
-					this.sendResponse(res, {
-						status: 401,
-						body: {
-							error: "Unauthorized",
-							message: "Invalid API key"
-						}
-					});
-					return;
-				}
-			}
-			if (this.config.tenantManager) {
-				const tenantApiKey = apiReq.headers["x-api-key"];
-				if (tenantApiKey) {
-					const tenant = this.config.tenantManager.authenticateByApiKey(tenantApiKey);
-					if (tenant) apiReq.tenantId = tenant.tenantId;
-					else {
-						this.sendResponse(res, {
-							status: 401,
-							body: {
-								error: "Unauthorized",
-								message: "Invalid tenant API key"
-							}
-						});
-						return;
-					}
-				} else {
-					const tenantId = apiReq.headers["x-tenant-id"];
-					if (!tenantId) {
-						this.sendResponse(res, {
-							status: 400,
-							body: {
-								error: "Bad Request",
-								message: "X-Tenant-ID header required for multi-tenant mode"
-							}
-						});
-						return;
-					}
-					apiReq.tenantId = tenantId;
-				}
-			}
-			if (this.config.enableRateLimit) {
-				const clientKey = apiReq.tenantId || apiReq.ip || "unknown";
-				if (!this.checkRateLimit(clientKey)) {
-					this.sendResponse(res, {
-						status: 429,
-						body: {
-							error: "Too Many Requests",
-							message: `Rate limit exceeded: ${this.config.rateLimit} requests per minute`
-						}
-					});
-					return;
-				}
-			}
-			const response = await this.routeRequest(apiReq);
-			if (this.config.enableLogging) {
-				const durationMs = Date.now() - startTime;
-				console.log(`[APIServer] ${req.method} ${req.url} ${response.status} ${durationMs}ms`);
-			}
-			this.sendResponse(res, response);
-		} catch (error) {
-			console.error("[APIServer] Request handler error:", error);
-			this.sendResponse(res, {
-				status: 500,
-				body: {
-					error: "Internal Server Error",
-					message: error.message
-				}
-			});
-		}
-	}
-	/**
-	* Parse HTTP request
-	*/
-	async parseRequest(req) {
-		const url = new URL(req.url, `http://${req.headers.host || "localhost"}`);
-		let body = {};
-		if (req.method !== "GET" && req.method !== "HEAD") body = await this.parseBody(req);
-		return {
-			body,
-			headers: req.headers,
-			query: Object.fromEntries(url.searchParams),
-			params: {},
-			ip: req.socket.remoteAddress
-		};
-	}
-	/**
-	* Parse request body
-	*/
-	async parseBody(req) {
-		return new Promise((resolve, reject) => {
-			let body = "";
-			req.on("data", (chunk) => {
-				body += chunk.toString();
-			});
-			req.on("end", () => {
-				try {
-					resolve(JSON.parse(body || "{}"));
-				} catch {
-					resolve({});
-				}
-			});
-			req.on("error", reject);
-		});
-	}
-	/**
-	* Route request to appropriate handler
-	*/
-	async routeRequest(req) {
-		const path = new URL(req.headers.host ? `http://${req.headers.host}` : "http://localhost").pathname;
-		const method = req.headers[":method"] || "GET";
-		if (path === "/api/detect" && method === "POST") return this.handleDetect(req);
-		if (path === "/api/redact" && method === "POST") return this.handleRedact(req);
-		if (path === "/api/restore" && method === "POST") return this.handleRestore(req);
-		if (path === "/api/audit/logs" && method === "GET") return this.handleAuditLogs(req);
-		if (path === "/api/audit/stats" && method === "GET") return this.handleAuditStats(req);
-		if (path === "/api/metrics" && method === "GET") return this.handleMetrics(req);
-		if (path === "/api/patterns" && method === "GET") return this.handleGetPatterns(req);
-		if (path === "/api/health" && method === "GET") return this.handleHealth(req);
-		if (path === "/api/docs" && method === "GET") return this.handleDocs(req);
-		if (path === "/" && method === "GET") return this.handleRoot(req);
-		return {
-			status: 404,
-			body: {
-				error: "Not Found",
-				message: `Route not found: ${method} ${path}`
-			}
-		};
-	}
-	/**
-	* Handle POST /api/detect
-	*/
-	async handleDetect(req) {
-		const { text } = req.body;
-		if (!text || typeof text !== "string") return {
-			status: 400,
-			body: {
-				error: "Bad Request",
-				message: "Missing or invalid \"text\" field"
-			}
-		};
-		try {
-			let result;
-			if (req.tenantId && this.config.tenantManager) result = await this.config.tenantManager.detect(req.tenantId, text);
-			else if (this.detector) result = await this.detector.detect(text);
-			else throw new Error("No detector available");
-			if (this.config.webhookManager) {
-				await this.config.webhookManager.emitHighRiskPII(result, req.tenantId);
-				await this.config.webhookManager.emitBulkPII(result, 10, req.tenantId);
-			}
-			return {
-				status: 200,
-				body: {
-					success: true,
-					result: {
-						detections: result.detections,
-						stats: result.stats
-					}
-				}
-			};
-		} catch (error) {
-			return {
-				status: 500,
-				body: {
-					error: "Detection Failed",
-					message: error.message
-				}
-			};
-		}
-	}
-	/**
-	* Handle POST /api/redact
-	*/
-	async handleRedact(req) {
-		const { text } = req.body;
-		if (!text || typeof text !== "string") return {
-			status: 400,
-			body: {
-				error: "Bad Request",
-				message: "Missing or invalid \"text\" field"
-			}
-		};
-		try {
-			let result;
-			if (req.tenantId && this.config.tenantManager) result = await this.config.tenantManager.detect(req.tenantId, text);
-			else if (this.detector) result = await this.detector.detect(text);
-			else throw new Error("No detector available");
-			return {
-				status: 200,
-				body: {
-					success: true,
-					result: {
-						original: result.original,
-						redacted: result.redacted,
-						detections: result.detections,
-						stats: result.stats
-					}
-				}
-			};
-		} catch (error) {
-			return {
-				status: 500,
-				body: {
-					error: "Redaction Failed",
-					message: error.message
-				}
-			};
-		}
-	}
-	/**
-	* Handle POST /api/restore
-	*/
-	async handleRestore(req) {
-		const { redacted, redactionMap } = req.body;
-		if (!redacted || !redactionMap) return {
-			status: 400,
-			body: {
-				error: "Bad Request",
-				message: "Missing \"redacted\" or \"redactionMap\" fields"
-			}
-		};
-		try {
-			let detector;
-			if (req.tenantId && this.config.tenantManager) detector = this.config.tenantManager.getDetector(req.tenantId);
-			else if (this.detector) detector = this.detector;
-			else throw new Error("No detector available");
-			return {
-				status: 200,
-				body: {
-					success: true,
-					result: { restored: detector.restore(redacted, redactionMap) }
-				}
-			};
-		} catch (error) {
-			return {
-				status: 500,
-				body: {
-					error: "Restore Failed",
-					message: error.message
-				}
-			};
-		}
-	}
-	/**
-	* Handle GET /api/audit/logs
-	*/
-	async handleAuditLogs(req) {
-		if (!this.config.auditLogger) return {
-			status: 501,
-			body: {
-				error: "Not Implemented",
-				message: "Audit logging not configured"
-			}
-		};
-		try {
-			const limit = parseInt(req.query.limit || "100");
-			return {
-				status: 200,
-				body: {
-					success: true,
-					logs: await this.config.auditLogger.queryLogs({ limit })
-				}
-			};
-		} catch (error) {
-			return {
-				status: 500,
-				body: {
-					error: "Query Failed",
-					message: error.message
-				}
-			};
-		}
-	}
-	/**
-	* Handle GET /api/audit/stats
-	*/
-	async handleAuditStats(_req) {
-		if (!this.config.auditLogger) return {
-			status: 501,
-			body: {
-				error: "Not Implemented",
-				message: "Audit logging not configured"
-			}
-		};
-		try {
-			return {
-				status: 200,
-				body: {
-					success: true,
-					stats: await this.config.auditLogger.getStatsAsync()
-				}
-			};
-		} catch (error) {
-			return {
-				status: 500,
-				body: {
-					error: "Query Failed",
-					message: error.message
-				}
-			};
-		}
-	}
-	/**
-	* Handle GET /api/metrics
-	*/
-	async handleMetrics(req) {
-		if (this.detector) return {
-			status: 200,
-			body: {
-				success: true,
-				metrics: {}
-			}
-		};
-		if (this.config.tenantManager && req.tenantId) return {
-			status: 200,
-			body: {
-				success: true,
-				metrics: this.config.tenantManager.getTenantUsage(req.tenantId)
-			}
-		};
-		return {
-			status: 501,
-			body: {
-				error: "Not Implemented",
-				message: "Metrics not configured"
-			}
-		};
-	}
-	/**
-	* Handle GET /api/patterns
-	*/
-	async handleGetPatterns(req) {
-		try {
-			let detector;
-			if (req.tenantId && this.config.tenantManager) detector = this.config.tenantManager.getDetector(req.tenantId);
-			else if (this.detector) detector = this.detector;
-			else throw new Error("No detector available");
-			return {
-				status: 200,
-				body: {
-					success: true,
-					patterns: detector.getPatterns().map((p) => ({
-						type: p.type,
-						priority: p.priority,
-						description: p.description,
-						severity: p.severity
-					}))
-				}
-			};
-		} catch (error) {
-			return {
-				status: 500,
-				body: {
-					error: "Query Failed",
-					message: error.message
-				}
-			};
-		}
-	}
-	/**
-	* Handle GET /api/health
-	*/
-	async handleHealth(_req) {
-		return {
-			status: 200,
-			body: {
-				status: "healthy",
-				uptime: process.uptime(),
-				timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-				multiTenant: !!this.config.tenantManager,
-				features: {
-					audit: !!this.config.auditLogger,
-					webhooks: !!this.config.webhookManager,
-					prometheus: !!this.config.prometheusServer
-				}
-			}
-		};
-	}
-	/**
-	* Handle GET /api/docs
-	*/
-	async handleDocs(_req) {
-		return {
-			status: 200,
-			body: `
-<!DOCTYPE html>
-<html>
-<head>
-  <title>OpenRedaction API Documentation</title>
-  <style>
-    body { font-family: sans-serif; max-width: 1200px; margin: 50px auto; padding: 20px; }
-    h1 { color: #333; }
-    h2 { color: #666; margin-top: 30px; border-bottom: 2px solid #eee; padding-bottom: 10px; }
-    .endpoint { background: #f5f5f5; padding: 15px; margin: 15px 0; border-radius: 4px; border-left: 4px solid #0066cc; }
-    .method { display: inline-block; padding: 4px 8px; border-radius: 3px; font-weight: bold; font-size: 12px; margin-right: 10px; }
-    .method.post { background: #49cc90; color: white; }
-    .method.get { background: #61affe; color: white; }
-    code { background: #f0f0f0; padding: 2px 6px; border-radius: 3px; font-family: monospace; }
-    pre { background: #f5f5f5; padding: 15px; border-radius: 4px; overflow-x: auto; }
-  </style>
-</head>
-<body>
-  <h1>OpenRedaction REST API</h1>
-  <p>Production-ready PII detection and redaction API</p>
-
-  <h2>Authentication</h2>
-  <p>Include your API key in the <code>X-API-Key</code> header or <code>Authorization: Bearer YOUR_KEY</code> header.</p>
-  ${this.config.tenantManager ? "<p>For multi-tenant mode, also include <code>X-Tenant-ID</code> header.</p>" : ""}
-
-  <h2>Endpoints</h2>
-
-  <div class="endpoint">
-    <span class="method post">POST</span>
-    <strong>/api/detect</strong>
-    <p>Detect PII in text without redaction</p>
-    <pre>{
-  "text": "My email is john@example.com and SSN is 123-45-6789",
-  "options": {
-    "includeNames": true,
-    "includeEmails": true
-  }
-}</pre>
-  </div>
-
-  <div class="endpoint">
-    <span class="method post">POST</span>
-    <strong>/api/redact</strong>
-    <p>Detect and redact PII in text</p>
-    <pre>{
-  "text": "My email is john@example.com",
-  "options": {
-    "redactionMode": "placeholder"
-  }
-}</pre>
-  </div>
-
-  <div class="endpoint">
-    <span class="method post">POST</span>
-    <strong>/api/restore</strong>
-    <p>Restore original text from redacted text</p>
-    <pre>{
-  "redacted": "My email is [EMAIL_1]",
-  "redactionMap": {
-    "[EMAIL_1]": "john@example.com"
-  }
-}</pre>
-  </div>
-
-  <div class="endpoint">
-    <span class="method get">GET</span>
-    <strong>/api/patterns</strong>
-    <p>Get available PII patterns</p>
-  </div>
-
-  <div class="endpoint">
-    <span class="method get">GET</span>
-    <strong>/api/audit/logs</strong>
-    <p>Get audit logs (requires audit logger)</p>
-    <p>Query params: <code>limit</code> (default: 100)</p>
-  </div>
-
-  <div class="endpoint">
-    <span class="method get">GET</span>
-    <strong>/api/audit/stats</strong>
-    <p>Get audit statistics (requires audit logger)</p>
-  </div>
-
-  <div class="endpoint">
-    <span class="method get">GET</span>
-    <strong>/api/metrics</strong>
-    <p>Get usage metrics</p>
-  </div>
-
-  <div class="endpoint">
-    <span class="method get">GET</span>
-    <strong>/api/health</strong>
-    <p>Health check endpoint</p>
-  </div>
-
-  <h2>Configuration</h2>
-  <ul>
-    <li>Port: ${this.config.port}</li>
-    <li>Host: ${this.config.host}</li>
-    <li>CORS: ${this.config.enableCors ? "Enabled" : "Disabled"}</li>
-    <li>Rate Limiting: ${this.config.enableRateLimit ? `${this.config.rateLimit} req/min` : "Disabled"}</li>
-    <li>Multi-Tenant: ${this.config.tenantManager ? "Enabled" : "Disabled"}</li>
-    <li>Audit Logging: ${this.config.auditLogger ? "Enabled" : "Disabled"}</li>
-    <li>Webhooks: ${this.config.webhookManager ? "Enabled" : "Disabled"}</li>
-  </ul>
-</body>
-</html>
-    `.trim(),
-			headers: { "Content-Type": "text/html" }
-		};
-	}
-	/**
-	* Handle GET /
-	*/
-	async handleRoot(_req) {
-		return {
-			status: 200,
-			body: {
-				name: "OpenRedaction API",
-				version: "1.0.0",
-				documentation: `/api/docs`,
-				health: `/api/health`,
-				endpoints: [
-					"POST /api/detect",
-					"POST /api/redact",
-					"POST /api/restore",
-					"GET /api/patterns",
-					"GET /api/audit/logs",
-					"GET /api/audit/stats",
-					"GET /api/metrics",
-					"GET /api/health"
-				]
-			}
-		};
-	}
-	/**
-	* Send HTTP response
-	*/
-	sendResponse(res, response) {
-		const headers = {
-			"Content-Type": "application/json",
-			...response.headers
-		};
-		res.writeHead(response.status, headers);
-		if (typeof response.body === "string") res.end(response.body);
-		else res.end(JSON.stringify(response.body));
-	}
-	/**
-	* Check rate limit
-	*/
-	checkRateLimit(clientKey) {
-		const now = Date.now();
-		const timestamps = this.rateLimitTracking.get(clientKey) || [];
-		const oneMinuteAgo = now - 60 * 1e3;
-		const recentTimestamps = timestamps.filter((ts) => ts > oneMinuteAgo);
-		if (recentTimestamps.length >= this.config.rateLimit) return false;
-		recentTimestamps.push(now);
-		this.rateLimitTracking.set(clientKey, recentTimestamps);
-		return true;
-	}
-};
-/**
-* Create an API server instance
-*/
-function createAPIServer(config) {
-	return new APIServer(config);
-}
-
 //#endregion
 //#region src/index.ts
 init_ConfigExporter();
@@ -20262,7 +19281,6 @@ init_HealthCheck();
 exports.ADMIN_ROLE = ADMIN_ROLE;
 exports.ALL_PERMISSIONS = ALL_PERMISSIONS;
 exports.ANALYST_ROLE = ANALYST_ROLE;
-exports.APIServer = APIServer;
 exports.BatchProcessor = BatchProcessor;
 exports.ConfigExporter = ConfigExporter;
 exports.ConfigLoader = ConfigLoader;
@@ -20275,7 +19293,6 @@ exports.DEFAULT_SEVERITY_MAP = DEFAULT_SEVERITY_MAP;
 exports.DEFAULT_TIER_QUOTAS = DEFAULT_TIER_QUOTAS;
 exports.DocumentProcessor = DocumentProcessor;
 exports.ExplainAPI = ExplainAPI;
-exports.GRAFANA_DASHBOARD_TEMPLATE = GRAFANA_DASHBOARD_TEMPLATE;
 exports.HealthChecker = HealthChecker;
 exports.InMemoryAuditLogger = InMemoryAuditLogger;
 exports.InMemoryMetricsCollector = InMemoryMetricsCollector;
@@ -20288,7 +19305,6 @@ exports.OpenRedaction = OpenRedaction;
 exports.OpenRedactionError = OpenRedactionError;
 exports.PersistentAuditLogger = PersistentAuditLogger;
 exports.PriorityOptimizer = PriorityOptimizer;
-exports.PrometheusServer = PrometheusServer;
 exports.RBACManager = RBACManager;
 exports.RegexMaxMatchesError = RegexMaxMatchesError;
 exports.RegexTimeoutError = RegexTimeoutError;
@@ -20309,13 +19325,10 @@ exports.analyzeContextFeatures = analyzeContextFeatures;
 exports.analyzeFullContext = analyzeFullContext;
 exports.calculateContextConfidence = calculateContextConfidence;
 exports.calculateRisk = calculateRisk;
-exports.callAIDetect = callAIDetect;
 exports.ccpaPreset = ccpaPreset;
 exports.commonFalsePositives = commonFalsePositives;
 exports.compileSafeRegex = compileSafeRegex;
 exports.contactPatterns = contactPatterns;
-exports.convertAIEntityToDetection = convertAIEntityToDetection;
-exports.createAPIServer = createAPIServer;
 exports.createBatchProcessor = createBatchProcessor;
 exports.createCacheDisabledError = createCacheDisabledError;
 exports.createConfigLoadError = createConfigLoadError;
@@ -20326,7 +19339,6 @@ exports.createCustomRole = createCustomRole;
 exports.createDocumentProcessor = createDocumentProcessor;
 exports.createExplainAPI = createExplainAPI;
 exports.createHealthChecker = createHealthChecker;
-exports.createHighMemoryError = createHighMemoryError;
 exports.createInvalidPatternError = createInvalidPatternError;
 exports.createJsonProcessor = createJsonProcessor;
 exports.createLearningDisabledError = createLearningDisabledError;
@@ -20336,7 +19348,6 @@ exports.createOCRProcessor = createOCRProcessor;
 exports.createOptimizationDisabledError = createOptimizationDisabledError;
 exports.createPersistentAuditLogger = createPersistentAuditLogger;
 exports.createPriorityOptimizer = createPriorityOptimizer;
-exports.createPrometheusServer = createPrometheusServer;
 exports.createRBACManager = createRBACManager;
 exports.createReportGenerator = createReportGenerator;
 exports.createSeverityClassifier = createSeverityClassifier;
@@ -20349,7 +19360,6 @@ exports.createWorkerPool = createWorkerPool;
 exports.createXlsxProcessor = createXlsxProcessor;
 exports.defaultPasses = defaultPasses;
 exports.detectPII = detectPII;
-exports.detectionsOverlap = detectionsOverlap;
 exports.educationPreset = educationPreset;
 exports.exportForVersionControl = exportForVersionControl;
 exports.extractContext = extractContext;
@@ -20358,7 +19368,6 @@ exports.financePreset = financePreset;
 exports.financialPatterns = financialPatterns;
 exports.gdprPreset = gdprPreset;
 exports.generateReport = generateReport;
-exports.getAIEndpoint = getAIEndpoint;
 exports.getPatternsByCategory = getPatternsByCategory;
 exports.getPredefinedRole = getPredefinedRole;
 exports.getPreset = getPreset;
@@ -20372,15 +19381,17 @@ exports.hipaaPreset = hipaaPreset;
 exports.inferDocumentType = inferDocumentType;
 exports.isFalsePositive = isFalsePositive;
 exports.isUnsafePattern = isUnsafePattern;
-exports.mergeAIEntities = mergeAIEntities;
 exports.mergePassDetections = mergePassDetections;
 exports.networkPatterns = networkPatterns;
 exports.openredactionMiddleware = openredactionMiddleware;
+exports.pciDssPreset = pciDssPreset;
 exports.personalPatterns = personalPatterns;
 exports.safeExec = safeExec;
 exports.safeExecAll = safeExecAll;
+exports.soc2Preset = soc2Preset;
 exports.transportLogisticsPreset = transportLogisticsPreset;
-exports.validateAIEntity = validateAIEntity;
+exports.validateAustralianTFN = validateAustralianTFN;
+exports.validateCanadianSIN = validateCanadianSIN;
 exports.validateEmail = validateEmail;
 exports.validateIBAN = validateIBAN;
 exports.validateLuhn = validateLuhn;
@@ -20388,7 +19399,9 @@ exports.validateNHS = validateNHS;
 exports.validateNINO = validateNINO;
 exports.validateName = validateName;
 exports.validatePattern = validatePattern;
+exports.validateRoutingNumber = validateRoutingNumber;
 exports.validateSSN = validateSSN;
+exports.validateSWIFTBIC = validateSWIFTBIC;
 exports.validateSortCode = validateSortCode;
 exports.validateUKPassport = validateUKPassport;
 exports.verifyWebhookSignature = verifyWebhookSignature;