npm - palaryn - Versions diffs - 0.1.0 - Mend

palaryn 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (607) hide show

package/LICENSE +21 -0
package/README.md +716 -0
package/dist/sdk/typescript/src/client.d.ts +71 -0
package/dist/sdk/typescript/src/client.d.ts.map +1 -0
package/dist/sdk/typescript/src/client.js +176 -0
package/dist/sdk/typescript/src/client.js.map +1 -0
package/dist/sdk/typescript/src/errors.d.ts +50 -0
package/dist/sdk/typescript/src/errors.d.ts.map +1 -0
package/dist/sdk/typescript/src/errors.js +103 -0
package/dist/sdk/typescript/src/errors.js.map +1 -0
package/dist/sdk/typescript/src/index.d.ts +4 -0
package/dist/sdk/typescript/src/index.d.ts.map +1 -0
package/dist/sdk/typescript/src/index.js +15 -0
package/dist/sdk/typescript/src/index.js.map +1 -0
package/dist/sdk/typescript/src/types.d.ts +101 -0
package/dist/sdk/typescript/src/types.d.ts.map +1 -0
package/dist/sdk/typescript/src/types.js +6 -0
package/dist/sdk/typescript/src/types.js.map +1 -0
package/dist/src/admin/index.d.ts +2 -0
package/dist/src/admin/index.d.ts.map +1 -0
package/dist/src/admin/index.js +6 -0
package/dist/src/admin/index.js.map +1 -0
package/dist/src/admin/routes.d.ts +5 -0
package/dist/src/admin/routes.d.ts.map +1 -0
package/dist/src/admin/routes.js +471 -0
package/dist/src/admin/routes.js.map +1 -0
package/dist/src/admin/templates.d.ts +51 -0
package/dist/src/admin/templates.d.ts.map +1 -0
package/dist/src/admin/templates.js +500 -0
package/dist/src/admin/templates.js.map +1 -0
package/dist/src/anomaly/detector.d.ts +141 -0
package/dist/src/anomaly/detector.d.ts.map +1 -0
package/dist/src/anomaly/detector.js +554 -0
package/dist/src/anomaly/detector.js.map +1 -0
package/dist/src/anomaly/index.d.ts +2 -0
package/dist/src/anomaly/index.d.ts.map +1 -0
package/dist/src/anomaly/index.js +7 -0
package/dist/src/anomaly/index.js.map +1 -0
package/dist/src/approval/manager.d.ts +147 -0
package/dist/src/approval/manager.d.ts.map +1 -0
package/dist/src/approval/manager.js +511 -0
package/dist/src/approval/manager.js.map +1 -0
package/dist/src/approval/webhook.d.ts +36 -0
package/dist/src/approval/webhook.d.ts.map +1 -0
package/dist/src/approval/webhook.js +135 -0
package/dist/src/approval/webhook.js.map +1 -0
package/dist/src/audit/logger.d.ts +70 -0
package/dist/src/audit/logger.d.ts.map +1 -0
package/dist/src/audit/logger.js +440 -0
package/dist/src/audit/logger.js.map +1 -0
package/dist/src/auth/index.d.ts +6 -0
package/dist/src/auth/index.d.ts.map +1 -0
package/dist/src/auth/index.js +22 -0
package/dist/src/auth/index.js.map +1 -0
package/dist/src/auth/password.d.ts +3 -0
package/dist/src/auth/password.d.ts.map +1 -0
package/dist/src/auth/password.js +25 -0
package/dist/src/auth/password.js.map +1 -0
package/dist/src/auth/pkce.d.ts +13 -0
package/dist/src/auth/pkce.d.ts.map +1 -0
package/dist/src/auth/pkce.js +58 -0
package/dist/src/auth/pkce.js.map +1 -0
package/dist/src/auth/providers.d.ts +28 -0
package/dist/src/auth/providers.d.ts.map +1 -0
package/dist/src/auth/providers.js +198 -0
package/dist/src/auth/providers.js.map +1 -0
package/dist/src/auth/routes.d.ts +14 -0
package/dist/src/auth/routes.d.ts.map +1 -0
package/dist/src/auth/routes.js +431 -0
package/dist/src/auth/routes.js.map +1 -0
package/dist/src/auth/session.d.ts +24 -0
package/dist/src/auth/session.d.ts.map +1 -0
package/dist/src/auth/session.js +105 -0
package/dist/src/auth/session.js.map +1 -0
package/dist/src/billing/index.d.ts +7 -0
package/dist/src/billing/index.d.ts.map +1 -0
package/dist/src/billing/index.js +14 -0
package/dist/src/billing/index.js.map +1 -0
package/dist/src/billing/plan-enforcer.d.ts +44 -0
package/dist/src/billing/plan-enforcer.d.ts.map +1 -0
package/dist/src/billing/plan-enforcer.js +110 -0
package/dist/src/billing/plan-enforcer.js.map +1 -0
package/dist/src/billing/routes.d.ts +15 -0
package/dist/src/billing/routes.d.ts.map +1 -0
package/dist/src/billing/routes.js +193 -0
package/dist/src/billing/routes.js.map +1 -0
package/dist/src/billing/stripe-client.d.ts +14 -0
package/dist/src/billing/stripe-client.d.ts.map +1 -0
package/dist/src/billing/stripe-client.js +51 -0
package/dist/src/billing/stripe-client.js.map +1 -0
package/dist/src/billing/webhook-handler.d.ts +19 -0
package/dist/src/billing/webhook-handler.d.ts.map +1 -0
package/dist/src/billing/webhook-handler.js +169 -0
package/dist/src/billing/webhook-handler.js.map +1 -0
package/dist/src/billing/webhook-routes.d.ts +5 -0
package/dist/src/billing/webhook-routes.d.ts.map +1 -0
package/dist/src/billing/webhook-routes.js +30 -0
package/dist/src/billing/webhook-routes.js.map +1 -0
package/dist/src/budget/manager.d.ts +95 -0
package/dist/src/budget/manager.d.ts.map +1 -0
package/dist/src/budget/manager.js +547 -0
package/dist/src/budget/manager.js.map +1 -0
package/dist/src/budget/usage-extractor.d.ts +38 -0
package/dist/src/budget/usage-extractor.d.ts.map +1 -0
package/dist/src/budget/usage-extractor.js +165 -0
package/dist/src/budget/usage-extractor.js.map +1 -0
package/dist/src/cli.d.ts +3 -0
package/dist/src/cli.d.ts.map +1 -0
package/dist/src/cli.js +115 -0
package/dist/src/cli.js.map +1 -0
package/dist/src/config/defaults.d.ts +3 -0
package/dist/src/config/defaults.d.ts.map +1 -0
package/dist/src/config/defaults.js +243 -0
package/dist/src/config/defaults.js.map +1 -0
package/dist/src/config/validate.d.ts +15 -0
package/dist/src/config/validate.d.ts.map +1 -0
package/dist/src/config/validate.js +105 -0
package/dist/src/config/validate.js.map +1 -0
package/dist/src/dlp/composite-scanner.d.ts +47 -0
package/dist/src/dlp/composite-scanner.d.ts.map +1 -0
package/dist/src/dlp/composite-scanner.js +186 -0
package/dist/src/dlp/composite-scanner.js.map +1 -0
package/dist/src/dlp/index.d.ts +10 -0
package/dist/src/dlp/index.d.ts.map +1 -0
package/dist/src/dlp/index.js +26 -0
package/dist/src/dlp/index.js.map +1 -0
package/dist/src/dlp/interfaces.d.ts +33 -0
package/dist/src/dlp/interfaces.d.ts.map +1 -0
package/dist/src/dlp/interfaces.js +3 -0
package/dist/src/dlp/interfaces.js.map +1 -0
package/dist/src/dlp/patterns.d.ts +9 -0
package/dist/src/dlp/patterns.d.ts.map +1 -0
package/dist/src/dlp/patterns.js +25 -0
package/dist/src/dlp/patterns.js.map +1 -0
package/dist/src/dlp/prompt-injection-backend.d.ts +68 -0
package/dist/src/dlp/prompt-injection-backend.d.ts.map +1 -0
package/dist/src/dlp/prompt-injection-backend.js +148 -0
package/dist/src/dlp/prompt-injection-backend.js.map +1 -0
package/dist/src/dlp/prompt-injection-patterns.d.ts +32 -0
package/dist/src/dlp/prompt-injection-patterns.d.ts.map +1 -0
package/dist/src/dlp/prompt-injection-patterns.js +290 -0
package/dist/src/dlp/prompt-injection-patterns.js.map +1 -0
package/dist/src/dlp/regex-backend.d.ts +32 -0
package/dist/src/dlp/regex-backend.d.ts.map +1 -0
package/dist/src/dlp/regex-backend.js +153 -0
package/dist/src/dlp/regex-backend.js.map +1 -0
package/dist/src/dlp/scanner.d.ts +122 -0
package/dist/src/dlp/scanner.d.ts.map +1 -0
package/dist/src/dlp/scanner.js +444 -0
package/dist/src/dlp/scanner.js.map +1 -0
package/dist/src/dlp/text-normalizer.d.ts +41 -0
package/dist/src/dlp/text-normalizer.d.ts.map +1 -0
package/dist/src/dlp/text-normalizer.js +203 -0
package/dist/src/dlp/text-normalizer.js.map +1 -0
package/dist/src/dlp/trufflehog-backend.d.ts +64 -0
package/dist/src/dlp/trufflehog-backend.d.ts.map +1 -0
package/dist/src/dlp/trufflehog-backend.js +151 -0
package/dist/src/dlp/trufflehog-backend.js.map +1 -0
package/dist/src/executor/http-executor.d.ts +25 -0
package/dist/src/executor/http-executor.d.ts.map +1 -0
package/dist/src/executor/http-executor.js +333 -0
package/dist/src/executor/http-executor.js.map +1 -0
package/dist/src/executor/index.d.ts +6 -0
package/dist/src/executor/index.d.ts.map +1 -0
package/dist/src/executor/index.js +12 -0
package/dist/src/executor/index.js.map +1 -0
package/dist/src/executor/interfaces.d.ts +11 -0
package/dist/src/executor/interfaces.d.ts.map +1 -0
package/dist/src/executor/interfaces.js +3 -0
package/dist/src/executor/interfaces.js.map +1 -0
package/dist/src/executor/noop-executor.d.ts +13 -0
package/dist/src/executor/noop-executor.d.ts.map +1 -0
package/dist/src/executor/noop-executor.js +21 -0
package/dist/src/executor/noop-executor.js.map +1 -0
package/dist/src/executor/registry.d.ts +30 -0
package/dist/src/executor/registry.d.ts.map +1 -0
package/dist/src/executor/registry.js +62 -0
package/dist/src/executor/registry.js.map +1 -0
package/dist/src/executor/slack-executor.d.ts +24 -0
package/dist/src/executor/slack-executor.d.ts.map +1 -0
package/dist/src/executor/slack-executor.js +147 -0
package/dist/src/executor/slack-executor.js.map +1 -0
package/dist/src/index.d.ts +25 -0
package/dist/src/index.d.ts.map +1 -0
package/dist/src/index.js +74 -0
package/dist/src/index.js.map +1 -0
package/dist/src/mcp/auth-verifier.d.ts +23 -0
package/dist/src/mcp/auth-verifier.d.ts.map +1 -0
package/dist/src/mcp/auth-verifier.js +162 -0
package/dist/src/mcp/auth-verifier.js.map +1 -0
package/dist/src/mcp/bridge.d.ts +132 -0
package/dist/src/mcp/bridge.d.ts.map +1 -0
package/dist/src/mcp/bridge.js +734 -0
package/dist/src/mcp/bridge.js.map +1 -0
package/dist/src/mcp/http-transport.d.ts +32 -0
package/dist/src/mcp/http-transport.d.ts.map +1 -0
package/dist/src/mcp/http-transport.js +538 -0
package/dist/src/mcp/http-transport.js.map +1 -0
package/dist/src/mcp/index.d.ts +10 -0
package/dist/src/mcp/index.d.ts.map +1 -0
package/dist/src/mcp/index.js +17 -0
package/dist/src/mcp/index.js.map +1 -0
package/dist/src/mcp/oauth-pages.d.ts +23 -0
package/dist/src/mcp/oauth-pages.d.ts.map +1 -0
package/dist/src/mcp/oauth-pages.js +121 -0
package/dist/src/mcp/oauth-pages.js.map +1 -0
package/dist/src/mcp/oauth-postgres-stores.d.ts +55 -0
package/dist/src/mcp/oauth-postgres-stores.d.ts.map +1 -0
package/dist/src/mcp/oauth-postgres-stores.js +226 -0
package/dist/src/mcp/oauth-postgres-stores.js.map +1 -0
package/dist/src/mcp/oauth-provider.d.ts +95 -0
package/dist/src/mcp/oauth-provider.d.ts.map +1 -0
package/dist/src/mcp/oauth-provider.js +360 -0
package/dist/src/mcp/oauth-provider.js.map +1 -0
package/dist/src/mcp/oauth-stores.d.ts +62 -0
package/dist/src/mcp/oauth-stores.d.ts.map +1 -0
package/dist/src/mcp/oauth-stores.js +154 -0
package/dist/src/mcp/oauth-stores.js.map +1 -0
package/dist/src/mcp/server.d.ts +18 -0
package/dist/src/mcp/server.d.ts.map +1 -0
package/dist/src/mcp/server.js +51 -0
package/dist/src/mcp/server.js.map +1 -0
package/dist/src/metrics/collector.d.ts +106 -0
package/dist/src/metrics/collector.d.ts.map +1 -0
package/dist/src/metrics/collector.js +311 -0
package/dist/src/metrics/collector.js.map +1 -0
package/dist/src/metrics/index.d.ts +2 -0
package/dist/src/metrics/index.d.ts.map +1 -0
package/dist/src/metrics/index.js +6 -0
package/dist/src/metrics/index.js.map +1 -0
package/dist/src/middleware/auth.d.ts +77 -0
package/dist/src/middleware/auth.d.ts.map +1 -0
package/dist/src/middleware/auth.js +720 -0
package/dist/src/middleware/auth.js.map +1 -0
package/dist/src/middleware/session.d.ts +18 -0
package/dist/src/middleware/session.d.ts.map +1 -0
package/dist/src/middleware/session.js +67 -0
package/dist/src/middleware/session.js.map +1 -0
package/dist/src/middleware/validate.d.ts +3 -0
package/dist/src/middleware/validate.d.ts.map +1 -0
package/dist/src/middleware/validate.js +85 -0
package/dist/src/middleware/validate.js.map +1 -0
package/dist/src/policy/engine.d.ts +107 -0
package/dist/src/policy/engine.d.ts.map +1 -0
package/dist/src/policy/engine.js +646 -0
package/dist/src/policy/engine.js.map +1 -0
package/dist/src/policy/index.d.ts +3 -0
package/dist/src/policy/index.d.ts.map +1 -0
package/dist/src/policy/index.js +8 -0
package/dist/src/policy/index.js.map +1 -0
package/dist/src/policy/opa-engine.d.ts +176 -0
package/dist/src/policy/opa-engine.d.ts.map +1 -0
package/dist/src/policy/opa-engine.js +790 -0
package/dist/src/policy/opa-engine.js.map +1 -0
package/dist/src/proxy/forward-proxy.d.ts +30 -0
package/dist/src/proxy/forward-proxy.d.ts.map +1 -0
package/dist/src/proxy/forward-proxy.js +580 -0
package/dist/src/proxy/forward-proxy.js.map +1 -0
package/dist/src/proxy/index.d.ts +2 -0
package/dist/src/proxy/index.d.ts.map +1 -0
package/dist/src/proxy/index.js +8 -0
package/dist/src/proxy/index.js.map +1 -0
package/dist/src/ratelimit/limiter.d.ts +45 -0
package/dist/src/ratelimit/limiter.d.ts.map +1 -0
package/dist/src/ratelimit/limiter.js +158 -0
package/dist/src/ratelimit/limiter.js.map +1 -0
package/dist/src/replay/engine.d.ts +40 -0
package/dist/src/replay/engine.d.ts.map +1 -0
package/dist/src/replay/engine.js +106 -0
package/dist/src/replay/engine.js.map +1 -0
package/dist/src/replay/index.d.ts +2 -0
package/dist/src/replay/index.d.ts.map +1 -0
package/dist/src/replay/index.js +6 -0
package/dist/src/replay/index.js.map +1 -0
package/dist/src/saas/index.d.ts +2 -0
package/dist/src/saas/index.d.ts.map +1 -0
package/dist/src/saas/index.js +18 -0
package/dist/src/saas/index.js.map +1 -0
package/dist/src/saas/routes.d.ts +18 -0
package/dist/src/saas/routes.d.ts.map +1 -0
package/dist/src/saas/routes.js +1566 -0
package/dist/src/saas/routes.js.map +1 -0
package/dist/src/server/app.d.ts +44 -0
package/dist/src/server/app.d.ts.map +1 -0
package/dist/src/server/app.js +854 -0
package/dist/src/server/app.js.map +1 -0
package/dist/src/server/errors.d.ts +32 -0
package/dist/src/server/errors.d.ts.map +1 -0
package/dist/src/server/errors.js +39 -0
package/dist/src/server/errors.js.map +1 -0
package/dist/src/server/gateway.d.ts +165 -0
package/dist/src/server/gateway.d.ts.map +1 -0
package/dist/src/server/gateway.js +964 -0
package/dist/src/server/gateway.js.map +1 -0
package/dist/src/server/index.d.ts +2 -0
package/dist/src/server/index.d.ts.map +1 -0
package/dist/src/server/index.js +295 -0
package/dist/src/server/index.js.map +1 -0
package/dist/src/server/logger.d.ts +33 -0
package/dist/src/server/logger.d.ts.map +1 -0
package/dist/src/server/logger.js +230 -0
package/dist/src/server/logger.js.map +1 -0
package/dist/src/server/stream-proxy.d.ts +32 -0
package/dist/src/server/stream-proxy.d.ts.map +1 -0
package/dist/src/server/stream-proxy.js +184 -0
package/dist/src/server/stream-proxy.js.map +1 -0
package/dist/src/storage/file-persistence.d.ts +48 -0
package/dist/src/storage/file-persistence.d.ts.map +1 -0
package/dist/src/storage/file-persistence.js +280 -0
package/dist/src/storage/file-persistence.js.map +1 -0
package/dist/src/storage/index.d.ts +5 -0
package/dist/src/storage/index.d.ts.map +1 -0
package/dist/src/storage/index.js +21 -0
package/dist/src/storage/index.js.map +1 -0
package/dist/src/storage/interfaces.d.ts +237 -0
package/dist/src/storage/interfaces.d.ts.map +1 -0
package/dist/src/storage/interfaces.js +3 -0
package/dist/src/storage/interfaces.js.map +1 -0
package/dist/src/storage/memory.d.ts +162 -0
package/dist/src/storage/memory.d.ts.map +1 -0
package/dist/src/storage/memory.js +603 -0
package/dist/src/storage/memory.js.map +1 -0
package/dist/src/storage/postgres.d.ts +267 -0
package/dist/src/storage/postgres.d.ts.map +1 -0
package/dist/src/storage/postgres.js +1555 -0
package/dist/src/storage/postgres.js.map +1 -0
package/dist/src/storage/redis.d.ts +202 -0
package/dist/src/storage/redis.d.ts.map +1 -0
package/dist/src/storage/redis.js +629 -0
package/dist/src/storage/redis.js.map +1 -0
package/dist/src/tracing/index.d.ts +2 -0
package/dist/src/tracing/index.d.ts.map +1 -0
package/dist/src/tracing/index.js +6 -0
package/dist/src/tracing/index.js.map +1 -0
package/dist/src/tracing/provider.d.ts +43 -0
package/dist/src/tracing/provider.d.ts.map +1 -0
package/dist/src/tracing/provider.js +74 -0
package/dist/src/tracing/provider.js.map +1 -0
package/dist/src/trust/calculator.d.ts +54 -0
package/dist/src/trust/calculator.d.ts.map +1 -0
package/dist/src/trust/calculator.js +102 -0
package/dist/src/trust/calculator.js.map +1 -0
package/dist/src/trust/index.d.ts +2 -0
package/dist/src/trust/index.d.ts.map +1 -0
package/dist/src/trust/index.js +7 -0
package/dist/src/trust/index.js.map +1 -0
package/dist/src/types/budget.d.ts +30 -0
package/dist/src/types/budget.d.ts.map +1 -0
package/dist/src/types/budget.js +3 -0
package/dist/src/types/budget.js.map +1 -0
package/dist/src/types/config.d.ts +176 -0
package/dist/src/types/config.d.ts.map +1 -0
package/dist/src/types/config.js +3 -0
package/dist/src/types/config.js.map +1 -0
package/dist/src/types/events.d.ts +24 -0
package/dist/src/types/events.d.ts.map +1 -0
package/dist/src/types/events.js +3 -0
package/dist/src/types/events.js.map +1 -0
package/dist/src/types/index.d.ts +8 -0
package/dist/src/types/index.d.ts.map +1 -0
package/dist/src/types/index.js +24 -0
package/dist/src/types/index.js.map +1 -0
package/dist/src/types/policy.d.ts +60 -0
package/dist/src/types/policy.d.ts.map +1 -0
package/dist/src/types/policy.js +3 -0
package/dist/src/types/policy.js.map +1 -0
package/dist/src/types/stripe-config.d.ts +12 -0
package/dist/src/types/stripe-config.d.ts.map +1 -0
package/dist/src/types/stripe-config.js +3 -0
package/dist/src/types/stripe-config.js.map +1 -0
package/dist/src/types/subscription.d.ts +24 -0
package/dist/src/types/subscription.d.ts.map +1 -0
package/dist/src/types/subscription.js +38 -0
package/dist/src/types/subscription.js.map +1 -0
package/dist/src/types/tool-call.d.ts +42 -0
package/dist/src/types/tool-call.d.ts.map +1 -0
package/dist/src/types/tool-call.js +3 -0
package/dist/src/types/tool-call.js.map +1 -0
package/dist/src/types/tool-result.d.ts +58 -0
package/dist/src/types/tool-result.d.ts.map +1 -0
package/dist/src/types/tool-result.js +3 -0
package/dist/src/types/tool-result.js.map +1 -0
package/dist/src/types/user.d.ts +101 -0
package/dist/src/types/user.d.ts.map +1 -0
package/dist/src/types/user.js +6 -0
package/dist/src/types/user.js.map +1 -0
package/dist/tests/integration/api.test.d.ts +2 -0
package/dist/tests/integration/api.test.d.ts.map +1 -0
package/dist/tests/integration/api.test.js +1199 -0
package/dist/tests/integration/api.test.js.map +1 -0
package/dist/tests/integration/proxy.test.d.ts +2 -0
package/dist/tests/integration/proxy.test.d.ts.map +1 -0
package/dist/tests/integration/proxy.test.js +251 -0
package/dist/tests/integration/proxy.test.js.map +1 -0
package/dist/tests/integration/storage.test.d.ts +16 -0
package/dist/tests/integration/storage.test.d.ts.map +1 -0
package/dist/tests/integration/storage.test.js +826 -0
package/dist/tests/integration/storage.test.js.map +1 -0
package/dist/tests/unit/admin.test.d.ts +2 -0
package/dist/tests/unit/admin.test.d.ts.map +1 -0
package/dist/tests/unit/admin.test.js +698 -0
package/dist/tests/unit/admin.test.js.map +1 -0
package/dist/tests/unit/anomaly-detector.test.d.ts +2 -0
package/dist/tests/unit/anomaly-detector.test.d.ts.map +1 -0
package/dist/tests/unit/anomaly-detector.test.js +903 -0
package/dist/tests/unit/anomaly-detector.test.js.map +1 -0
package/dist/tests/unit/approval-manager.test.d.ts +2 -0
package/dist/tests/unit/approval-manager.test.d.ts.map +1 -0
package/dist/tests/unit/approval-manager.test.js +528 -0
package/dist/tests/unit/approval-manager.test.js.map +1 -0
package/dist/tests/unit/approval-webhook.test.d.ts +2 -0
package/dist/tests/unit/approval-webhook.test.d.ts.map +1 -0
package/dist/tests/unit/approval-webhook.test.js +355 -0
package/dist/tests/unit/approval-webhook.test.js.map +1 -0
package/dist/tests/unit/audit-logger.test.d.ts +2 -0
package/dist/tests/unit/audit-logger.test.d.ts.map +1 -0
package/dist/tests/unit/audit-logger.test.js +635 -0
package/dist/tests/unit/audit-logger.test.js.map +1 -0
package/dist/tests/unit/auth-routes.test.d.ts +2 -0
package/dist/tests/unit/auth-routes.test.d.ts.map +1 -0
package/dist/tests/unit/auth-routes.test.js +281 -0
package/dist/tests/unit/auth-routes.test.js.map +1 -0
package/dist/tests/unit/auth.test.d.ts +2 -0
package/dist/tests/unit/auth.test.d.ts.map +1 -0
package/dist/tests/unit/auth.test.js +1382 -0
package/dist/tests/unit/auth.test.js.map +1 -0
package/dist/tests/unit/billing.test.d.ts +2 -0
package/dist/tests/unit/billing.test.d.ts.map +1 -0
package/dist/tests/unit/billing.test.js +579 -0
package/dist/tests/unit/billing.test.js.map +1 -0
package/dist/tests/unit/budget-manager.test.d.ts +2 -0
package/dist/tests/unit/budget-manager.test.d.ts.map +1 -0
package/dist/tests/unit/budget-manager.test.js +778 -0
package/dist/tests/unit/budget-manager.test.js.map +1 -0
package/dist/tests/unit/budget-race.test.d.ts +2 -0
package/dist/tests/unit/budget-race.test.d.ts.map +1 -0
package/dist/tests/unit/budget-race.test.js +58 -0
package/dist/tests/unit/budget-race.test.js.map +1 -0
package/dist/tests/unit/cli.test.d.ts +2 -0
package/dist/tests/unit/cli.test.d.ts.map +1 -0
package/dist/tests/unit/cli.test.js +93 -0
package/dist/tests/unit/cli.test.js.map +1 -0
package/dist/tests/unit/concurrency.test.d.ts +2 -0
package/dist/tests/unit/concurrency.test.d.ts.map +1 -0
package/dist/tests/unit/concurrency.test.js +1270 -0
package/dist/tests/unit/concurrency.test.js.map +1 -0
package/dist/tests/unit/config-validate.test.d.ts +2 -0
package/dist/tests/unit/config-validate.test.d.ts.map +1 -0
package/dist/tests/unit/config-validate.test.js +230 -0
package/dist/tests/unit/config-validate.test.js.map +1 -0
package/dist/tests/unit/defaults.test.d.ts +2 -0
package/dist/tests/unit/defaults.test.d.ts.map +1 -0
package/dist/tests/unit/defaults.test.js +364 -0
package/dist/tests/unit/defaults.test.js.map +1 -0
package/dist/tests/unit/dlp-backends.test.d.ts +2 -0
package/dist/tests/unit/dlp-backends.test.d.ts.map +1 -0
package/dist/tests/unit/dlp-backends.test.js +563 -0
package/dist/tests/unit/dlp-backends.test.js.map +1 -0
package/dist/tests/unit/dlp-scanner.test.d.ts +2 -0
package/dist/tests/unit/dlp-scanner.test.d.ts.map +1 -0
package/dist/tests/unit/dlp-scanner.test.js +739 -0
package/dist/tests/unit/dlp-scanner.test.js.map +1 -0
package/dist/tests/unit/error-responses.test.d.ts +2 -0
package/dist/tests/unit/error-responses.test.d.ts.map +1 -0
package/dist/tests/unit/error-responses.test.js +101 -0
package/dist/tests/unit/error-responses.test.js.map +1 -0
package/dist/tests/unit/executor-registry.test.d.ts +2 -0
package/dist/tests/unit/executor-registry.test.d.ts.map +1 -0
package/dist/tests/unit/executor-registry.test.js +390 -0
package/dist/tests/unit/executor-registry.test.js.map +1 -0
package/dist/tests/unit/forward-proxy.test.d.ts +2 -0
package/dist/tests/unit/forward-proxy.test.d.ts.map +1 -0
package/dist/tests/unit/forward-proxy.test.js +621 -0
package/dist/tests/unit/forward-proxy.test.js.map +1 -0
package/dist/tests/unit/gateway-features.test.d.ts +2 -0
package/dist/tests/unit/gateway-features.test.d.ts.map +1 -0
package/dist/tests/unit/gateway-features.test.js +753 -0
package/dist/tests/unit/gateway-features.test.js.map +1 -0
package/dist/tests/unit/http-executor.test.d.ts +2 -0
package/dist/tests/unit/http-executor.test.d.ts.map +1 -0
package/dist/tests/unit/http-executor.test.js +310 -0
package/dist/tests/unit/http-executor.test.js.map +1 -0
package/dist/tests/unit/mcp-bridge.test.d.ts +2 -0
package/dist/tests/unit/mcp-bridge.test.d.ts.map +1 -0
package/dist/tests/unit/mcp-bridge.test.js +1136 -0
package/dist/tests/unit/mcp-bridge.test.js.map +1 -0
package/dist/tests/unit/mcp-http-transport.test.d.ts +2 -0
package/dist/tests/unit/mcp-http-transport.test.d.ts.map +1 -0
package/dist/tests/unit/mcp-http-transport.test.js +899 -0
package/dist/tests/unit/mcp-http-transport.test.js.map +1 -0
package/dist/tests/unit/mcp-oauth.test.d.ts +2 -0
package/dist/tests/unit/mcp-oauth.test.d.ts.map +1 -0
package/dist/tests/unit/mcp-oauth.test.js +759 -0
package/dist/tests/unit/mcp-oauth.test.js.map +1 -0
package/dist/tests/unit/mcp-server.test.d.ts +15 -0
package/dist/tests/unit/mcp-server.test.d.ts.map +1 -0
package/dist/tests/unit/mcp-server.test.js +158 -0
package/dist/tests/unit/mcp-server.test.js.map +1 -0
package/dist/tests/unit/metrics.test.d.ts +2 -0
package/dist/tests/unit/metrics.test.d.ts.map +1 -0
package/dist/tests/unit/metrics.test.js +208 -0
package/dist/tests/unit/metrics.test.js.map +1 -0
package/dist/tests/unit/oauth.test.d.ts +2 -0
package/dist/tests/unit/oauth.test.d.ts.map +1 -0
package/dist/tests/unit/oauth.test.js +281 -0
package/dist/tests/unit/oauth.test.js.map +1 -0
package/dist/tests/unit/opa-circuit-breaker.test.d.ts +2 -0
package/dist/tests/unit/opa-circuit-breaker.test.d.ts.map +1 -0
package/dist/tests/unit/opa-circuit-breaker.test.js +297 -0
package/dist/tests/unit/opa-circuit-breaker.test.js.map +1 -0
package/dist/tests/unit/opa-engine.test.d.ts +2 -0
package/dist/tests/unit/opa-engine.test.d.ts.map +1 -0
package/dist/tests/unit/opa-engine.test.js +1813 -0
package/dist/tests/unit/opa-engine.test.js.map +1 -0
package/dist/tests/unit/pipeline-timing.test.d.ts +2 -0
package/dist/tests/unit/pipeline-timing.test.d.ts.map +1 -0
package/dist/tests/unit/pipeline-timing.test.js +528 -0
package/dist/tests/unit/pipeline-timing.test.js.map +1 -0
package/dist/tests/unit/policy-engine.test.d.ts +2 -0
package/dist/tests/unit/policy-engine.test.d.ts.map +1 -0
package/dist/tests/unit/policy-engine.test.js +1345 -0
package/dist/tests/unit/policy-engine.test.js.map +1 -0
package/dist/tests/unit/policy-store.test.d.ts +2 -0
package/dist/tests/unit/policy-store.test.d.ts.map +1 -0
package/dist/tests/unit/policy-store.test.js +60 -0
package/dist/tests/unit/policy-store.test.js.map +1 -0
package/dist/tests/unit/postgres-storage.test.d.ts +2 -0
package/dist/tests/unit/postgres-storage.test.d.ts.map +1 -0
package/dist/tests/unit/postgres-storage.test.js +614 -0
package/dist/tests/unit/postgres-storage.test.js.map +1 -0
package/dist/tests/unit/prompt-injection-backend.test.d.ts +2 -0
package/dist/tests/unit/prompt-injection-backend.test.d.ts.map +1 -0
package/dist/tests/unit/prompt-injection-backend.test.js +621 -0
package/dist/tests/unit/prompt-injection-backend.test.js.map +1 -0
package/dist/tests/unit/proxy-hardening.test.d.ts +2 -0
package/dist/tests/unit/proxy-hardening.test.d.ts.map +1 -0
package/dist/tests/unit/proxy-hardening.test.js +166 -0
package/dist/tests/unit/proxy-hardening.test.js.map +1 -0
package/dist/tests/unit/rate-limiter.test.d.ts +2 -0
package/dist/tests/unit/rate-limiter.test.d.ts.map +1 -0
package/dist/tests/unit/rate-limiter.test.js +443 -0
package/dist/tests/unit/rate-limiter.test.js.map +1 -0
package/dist/tests/unit/redis-storage.test.d.ts +2 -0
package/dist/tests/unit/redis-storage.test.d.ts.map +1 -0
package/dist/tests/unit/redis-storage.test.js +766 -0
package/dist/tests/unit/redis-storage.test.js.map +1 -0
package/dist/tests/unit/replay-engine.test.d.ts +2 -0
package/dist/tests/unit/replay-engine.test.d.ts.map +1 -0
package/dist/tests/unit/replay-engine.test.js +371 -0
package/dist/tests/unit/replay-engine.test.js.map +1 -0
package/dist/tests/unit/saas-routes.test.d.ts +2 -0
package/dist/tests/unit/saas-routes.test.d.ts.map +1 -0
package/dist/tests/unit/saas-routes.test.js +1399 -0
package/dist/tests/unit/saas-routes.test.js.map +1 -0
package/dist/tests/unit/session.test.d.ts +2 -0
package/dist/tests/unit/session.test.d.ts.map +1 -0
package/dist/tests/unit/session.test.js +532 -0
package/dist/tests/unit/session.test.js.map +1 -0
package/dist/tests/unit/slack-executor.test.d.ts +2 -0
package/dist/tests/unit/slack-executor.test.d.ts.map +1 -0
package/dist/tests/unit/slack-executor.test.js +209 -0
package/dist/tests/unit/slack-executor.test.js.map +1 -0
package/dist/tests/unit/storage-hardening.test.d.ts +2 -0
package/dist/tests/unit/storage-hardening.test.d.ts.map +1 -0
package/dist/tests/unit/storage-hardening.test.js +165 -0
package/dist/tests/unit/storage-hardening.test.js.map +1 -0
package/dist/tests/unit/storage.test.d.ts +2 -0
package/dist/tests/unit/storage.test.d.ts.map +1 -0
package/dist/tests/unit/storage.test.js +698 -0
package/dist/tests/unit/storage.test.js.map +1 -0
package/dist/tests/unit/text-normalizer.test.d.ts +2 -0
package/dist/tests/unit/text-normalizer.test.d.ts.map +1 -0
package/dist/tests/unit/text-normalizer.test.js +229 -0
package/dist/tests/unit/text-normalizer.test.js.map +1 -0
package/dist/tests/unit/tracing.test.d.ts +2 -0
package/dist/tests/unit/tracing.test.d.ts.map +1 -0
package/dist/tests/unit/tracing.test.js +611 -0
package/dist/tests/unit/tracing.test.js.map +1 -0
package/dist/tests/unit/trust-calculator.test.d.ts +2 -0
package/dist/tests/unit/trust-calculator.test.d.ts.map +1 -0
package/dist/tests/unit/trust-calculator.test.js +497 -0
package/dist/tests/unit/trust-calculator.test.js.map +1 -0
package/dist/tests/unit/ts-sdk.test.d.ts +2 -0
package/dist/tests/unit/ts-sdk.test.d.ts.map +1 -0
package/dist/tests/unit/ts-sdk.test.js +421 -0
package/dist/tests/unit/ts-sdk.test.js.map +1 -0
package/dist/tests/unit/usage-extractor-llm.test.d.ts +2 -0
package/dist/tests/unit/usage-extractor-llm.test.d.ts.map +1 -0
package/dist/tests/unit/usage-extractor-llm.test.js +139 -0
package/dist/tests/unit/usage-extractor-llm.test.js.map +1 -0
package/dist/tests/unit/usage-extractor.test.d.ts +2 -0
package/dist/tests/unit/usage-extractor.test.d.ts.map +1 -0
package/dist/tests/unit/usage-extractor.test.js +271 -0
package/dist/tests/unit/usage-extractor.test.js.map +1 -0
package/dist/tests/unit/user-stores.test.d.ts +2 -0
package/dist/tests/unit/user-stores.test.d.ts.map +1 -0
package/dist/tests/unit/user-stores.test.js +687 -0
package/dist/tests/unit/user-stores.test.js.map +1 -0
package/dist/tests/unit/validate.test.d.ts +2 -0
package/dist/tests/unit/validate.test.d.ts.map +1 -0
package/dist/tests/unit/validate.test.js +545 -0
package/dist/tests/unit/validate.test.js.map +1 -0
package/package.json +86 -0
package/policy-packs/README.md +42 -0
package/policy-packs/default.yaml +46 -0
package/policy-packs/dev_fast.yaml +54 -0
package/policy-packs/prod_strict.yaml +83 -0

package/dist/src/dlp/prompt-injection-backend.js ADDED Viewed

@@ -0,0 +1,148 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PromptInjectionBackend = void 0;
+const prompt_injection_patterns_1 = require("./prompt-injection-patterns");
+const text_normalizer_1 = require("./text-normalizer");
+/**
+ * DLP backend that detects common prompt injection patterns in text.
+ *
+ * Scans for 13 categories of prompt injection:
+ *   - Direct instruction overrides
+ *   - Role manipulation
+ *   - Jailbreak keywords
+ *   - System prompt extraction attempts
+ *   - Delimiter injection
+ *   - Context manipulation
+ *   - Authority impersonation
+ *   - Indirect injection
+ *   - Encoding indicators
+ *   - Synonym variants
+ *   - Prompt leakage requests
+ *   - Obfuscation markers
+ *   - Multi-turn manipulation
+ *
+ * All text is normalized before pattern matching to resist evasion via
+ * zero-width chars, HTML entities, homoglyphs, URL encoding, etc.
+ *
+ * Combination severity scoring: 3+ medium = effective high, 2+ high = effective critical.
+ */
+class PromptInjectionBackend {
+    constructor(config) {
+        this.name = 'prompt_injection';
+        this.enabled = config?.enabled ?? true;
+        this.scanOutput = config?.scan_output ?? false;
+        this.patterns = [
+            ...prompt_injection_patterns_1.PROMPT_INJECTION_PATTERNS,
+            ...(config?.custom_patterns ?? []),
+        ];
+        this.outputPatterns = prompt_injection_patterns_1.OUTPUT_INJECTION_PATTERNS;
+    }
+    /**
+     * Scan a string for prompt injection patterns.
+     *
+     * Text is normalized before matching to defeat evasion techniques.
+     * Patterns are matched against both the standard-normalized text and
+     * the leetspeak-normalized variant. Positions in detections refer to
+     * the original (un-normalized) string for accurate redaction.
+     */
+    scanString(value) {
+        if (!this.enabled) {
+            return [];
+        }
+        const detections = [];
+        // Normalize text for bypass resistance
+        const normalized = (0, text_normalizer_1.normalizeText)(value);
+        const leetNormalized = (0, text_normalizer_1.normalizeLeetspeak)(normalized);
+        // Choose pattern set: include output patterns when configured
+        const patternsToScan = this.scanOutput
+            ? [...this.patterns, ...this.outputPatterns]
+            : this.patterns;
+        // Scan standard-normalized text
+        this.matchPatterns(patternsToScan, normalized, detections);
+        // Scan leetspeak-normalized text (only if it differs from standard)
+        if (leetNormalized !== normalized) {
+            const existingNames = new Set(detections.map(d => d.pattern_name + ':' + d.match));
+            const leetDetections = [];
+            this.matchPatterns(patternsToScan, leetNormalized, leetDetections);
+            // Deduplicate — only add leet detections not already found
+            for (const ld of leetDetections) {
+                const key = ld.pattern_name + ':' + ld.match;
+                if (!existingNames.has(key)) {
+                    existingNames.add(key);
+                    detections.push(ld);
+                }
+            }
+        }
+        // Apply combination severity scoring
+        this.applyCombinationScoring(detections);
+        return detections;
+    }
+    /**
+     * Scan output text specifically for output-side injection patterns.
+     * Called during postExecute DLP scanning.
+     */
+    scanOutputText(value) {
+        if (!this.enabled) {
+            return [];
+        }
+        const normalized = (0, text_normalizer_1.normalizeText)(value);
+        const detections = [];
+        this.matchPatterns(this.outputPatterns, normalized, detections);
+        return detections;
+    }
+    /**
+     * Run all patterns against a text value and append matches to the detections array.
+     */
+    matchPatterns(patterns, text, detections) {
+        for (const pat of patterns) {
+            pat.pattern.lastIndex = 0;
+            let m;
+            while ((m = pat.pattern.exec(text)) !== null) {
+                detections.push({
+                    pattern_name: pat.name,
+                    severity: pat.severity,
+                    match: m[0],
+                    start: m.index,
+                    end: m.index + m[0].length,
+                });
+                // Prevent infinite loops on zero-length matches
+                if (m[0].length === 0) {
+                    pat.pattern.lastIndex++;
+                }
+            }
+            pat.pattern.lastIndex = 0;
+        }
+    }
+    /**
+     * Apply combination severity escalation:
+     * - 3+ medium detections -> add effective_severity 'high' metadata
+     * - 2+ high detections -> add effective_severity 'critical' metadata
+     *
+     * Mutates detections in place by upgrading severity where applicable.
+     */
+    applyCombinationScoring(detections) {
+        if (detections.length < 2)
+            return;
+        const mediumCount = detections.filter(d => d.severity === 'medium').length;
+        const highCount = detections.filter(d => d.severity === 'high').length;
+        // 3+ medium -> escalate all mediums to high
+        if (mediumCount >= 3) {
+            for (const d of detections) {
+                if (d.severity === 'medium') {
+                    d.effective_severity = 'high';
+                    d.severity = 'high';
+                }
+            }
+        }
+        // 2+ high -> mark effective severity as critical on all highs
+        if (highCount >= 2) {
+            for (const d of detections) {
+                if (d.severity === 'high') {
+                    d.effective_severity = 'critical';
+                }
+            }
+        }
+    }
+}
+exports.PromptInjectionBackend = PromptInjectionBackend;
+//# sourceMappingURL=prompt-injection-backend.js.map

package/dist/src/dlp/prompt-injection-backend.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"prompt-injection-backend.js","sourceRoot":"","sources":["../../../src/dlp/prompt-injection-backend.ts"],"names":[],"mappings":";;;AAGA,2EAAmG;AACnG,uDAAsE;AAWtE;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAa,sBAAsB;IAQjC,YAAY,MAA8B;QAPjC,SAAI,GAAG,kBAAkB,CAAC;QAQjC,IAAI,CAAC,OAAO,GAAG,MAAM,EAAE,OAAO,IAAI,IAAI,CAAC;QACvC,IAAI,CAAC,UAAU,GAAG,MAAM,EAAE,WAAW,IAAI,KAAK,CAAC;QAC/C,IAAI,CAAC,QAAQ,GAAG;YACd,GAAG,qDAAyB;YAC5B,GAAG,CAAC,MAAM,EAAE,eAAe,IAAI,EAAE,CAAC;SACnC,CAAC;QACF,IAAI,CAAC,cAAc,GAAG,qDAAyB,CAAC;IAClD,CAAC;IAED;;;;;;;OAOG;IACH,UAAU,CAAC,KAAa;QACtB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAClB,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,MAAM,UAAU,GAAmB,EAAE,CAAC;QAEtC,uCAAuC;QACvC,MAAM,UAAU,GAAG,IAAA,+BAAa,EAAC,KAAK,CAAC,CAAC;QACxC,MAAM,cAAc,GAAG,IAAA,oCAAkB,EAAC,UAAU,CAAC,CAAC;QAEtD,8DAA8D;QAC9D,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU;YACpC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,IAAI,CAAC,cAAc,CAAC;YAC5C,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC;QAElB,gCAAgC;QAChC,IAAI,CAAC,aAAa,CAAC,cAAc,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC;QAE3D,oEAAoE;QACpE,IAAI,cAAc,KAAK,UAAU,EAAE,CAAC;YAClC,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,GAAG,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;YACnF,MAAM,cAAc,GAAmB,EAAE,CAAC;YAC1C,IAAI,CAAC,aAAa,CAAC,cAAc,EAAE,cAAc,EAAE,cAAc,CAAC,CAAC;YAEnE,2DAA2D;YAC3D,KAAK,MAAM,EAAE,IAAI,cAAc,EAAE,CAAC;gBAChC,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,GAAG,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC;gBAC7C,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC5B,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;oBACvB,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACtB,CAAC;YACH,CAAC;QACH,CAAC;QAED,qCAAqC;QACrC,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;QAEzC,OAAO,UAAU,CAAC;IACpB,CAAC;IAED;;;OAGG;IACH,cAAc,CAAC,KAAa;QAC1B,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAClB,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,MAAM,UAAU,GAAG,IAAA,+BAAa,EAAC,KAAK,CAAC,CAAC;QACxC,MAAM,UAAU,GAAmB,EAAE,CAAC;QACtC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,cAAc,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC;QAChE,OAAO,UAAU,CAAC;IACpB,CAAC;IAED;;OAEG;IACK,aAAa,CACnB,QAAsB,EACtB,IAAY,EACZ,UAA0B;QAE1B,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;YAC3B,GAAG,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YAC1B,IAAI,CAAyB,CAAC;YAC9B,OAAO,CAAC,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC7C,UAAU,CAAC,IAAI,CAAC;oBACd,YAAY,EAAE,GAAG,CAAC,IAAI;oBACtB,QAAQ,EAAE,GAAG,CAAC,QAAQ;oBACtB,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;oBACX,KAAK,EAAE,CAAC,CAAC,KAAK;oBACd,GAAG,EAAE,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM;iBAC3B,CAAC,CAAC;gBACH,gDAAgD;gBAChD,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBACtB,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;gBAC1B,CAAC;YACH,CAAC;YACD,GAAG,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACK,uBAAuB,CAAC,UAA0B;QACxD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO;QAElC,MAAM,WAAW,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;QAC3E,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;QAEvE,4CAA4C;QAC5C,IAAI,WAAW,IAAI,CAAC,EAAE,CAAC;YACrB,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;gBAC3B,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBAC3B,CAAS,CAAC,kBAAkB,GAAG,MAAM,CAAC;oBACvC,CAAC,CAAC,QAAQ,GAAG,MAAqB,CAAC;gBACrC,CAAC;YACH,CAAC;QACH,CAAC;QAED,8DAA8D;QAC9D,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;YACnB,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;gBAC3B,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;oBACzB,CAAS,CAAC,kBAAkB,GAAG,UAAU,CAAC;gBAC7C,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;CACF;AA9ID,wDA8IC"}

package/dist/src/dlp/prompt-injection-patterns.d.ts ADDED Viewed

@@ -0,0 +1,32 @@
+import { DLPPattern } from './patterns';
+/**
+ * Prompt injection detection patterns.
+ *
+ * Organized into categories:
+ *   1. Direct instruction override (high)
+ *   2. Role manipulation (medium)
+ *   3. Jailbreak keywords (high)
+ *   4. System prompt extraction (high)
+ *   5. Delimiter injection (high)
+ *   6. Context manipulation (medium)
+ *   7. Authority impersonation (high)
+ *   8. Indirect injection (high)
+ *   9. Encoding indicators (medium)
+ *  10. Synonym variants (high)
+ *  11. Prompt leakage requests (high)
+ *  12. Obfuscation markers (medium)
+ *  13. Multi-turn manipulation (medium)
+ *
+ * All patterns use the /gi flags for global, case-insensitive matching.
+ * Pattern names are prefixed with `prompt_injection_` for namespacing.
+ */
+export declare const PROMPT_INJECTION_PATTERNS: DLPPattern[];
+/**
+ * Patterns for detecting prompt injection artifacts in model output.
+ * These indicate the model may have been manipulated and is leaking
+ * system prompt content or following injected instructions.
+ *
+ * Scanned during postExecute DLP on response bodies.
+ */
+export declare const OUTPUT_INJECTION_PATTERNS: DLPPattern[];
+//# sourceMappingURL=prompt-injection-patterns.d.ts.map

package/dist/src/dlp/prompt-injection-patterns.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"prompt-injection-patterns.d.ts","sourceRoot":"","sources":["../../../src/dlp/prompt-injection-patterns.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAExC;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,eAAO,MAAM,yBAAyB,EAAE,UAAU,EAyPjD,CAAC;AAMF;;;;;;GAMG;AACH,eAAO,MAAM,yBAAyB,EAAE,UAAU,EAgBjD,CAAC"}

package/dist/src/dlp/prompt-injection-patterns.js ADDED Viewed

@@ -0,0 +1,290 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OUTPUT_INJECTION_PATTERNS = exports.PROMPT_INJECTION_PATTERNS = void 0;
+/**
+ * Prompt injection detection patterns.
+ *
+ * Organized into categories:
+ *   1. Direct instruction override (high)
+ *   2. Role manipulation (medium)
+ *   3. Jailbreak keywords (high)
+ *   4. System prompt extraction (high)
+ *   5. Delimiter injection (high)
+ *   6. Context manipulation (medium)
+ *   7. Authority impersonation (high)
+ *   8. Indirect injection (high)
+ *   9. Encoding indicators (medium)
+ *  10. Synonym variants (high)
+ *  11. Prompt leakage requests (high)
+ *  12. Obfuscation markers (medium)
+ *  13. Multi-turn manipulation (medium)
+ *
+ * All patterns use the /gi flags for global, case-insensitive matching.
+ * Pattern names are prefixed with `prompt_injection_` for namespacing.
+ */
+exports.PROMPT_INJECTION_PATTERNS = [
+    // -----------------------------------------------------------------------
+    // Category 1: Direct instruction override (high)
+    // -----------------------------------------------------------------------
+    {
+        name: 'prompt_injection_ignore_previous',
+        pattern: /ignore\s+(?:all\s+)?previous\s+instructions/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_disregard_rules',
+        pattern: /disregard\s+(?:all\s+)?(?:above|previous|prior)\s+(?:rules|instructions|guidelines|directives)/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_forget_instructions',
+        pattern: /forget\s+(?:all\s+)?(?:your|the|previous|prior)\s+instructions/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_override_instructions',
+        pattern: /override\s+(?:all\s+)?(?:your|the|previous|prior)\s+(?:instructions|rules|guidelines)/gi,
+        severity: 'high',
+    },
+    // -----------------------------------------------------------------------
+    // Category 2: Role manipulation (medium)
+    // -----------------------------------------------------------------------
+    {
+        name: 'prompt_injection_you_are_now',
+        pattern: /you\s+are\s+now\s+(?:a|an|the)\s+/gi,
+        severity: 'medium',
+    },
+    {
+        name: 'prompt_injection_act_as',
+        pattern: /(?:act|behave|function)\s+as\s+(?:a|an|if\s+you\s+(?:are|were))\s+/gi,
+        severity: 'medium',
+    },
+    {
+        name: 'prompt_injection_pretend_to_be',
+        pattern: /pretend\s+(?:to\s+be|you\s+are)\s+/gi,
+        severity: 'medium',
+    },
+    {
+        name: 'prompt_injection_roleplay_as',
+        pattern: /roleplay\s+as\s+/gi,
+        severity: 'medium',
+    },
+    // -----------------------------------------------------------------------
+    // Category 3: Jailbreak keywords (high)
+    // -----------------------------------------------------------------------
+    {
+        // FIX: ReDoS-safe version. Original had unbounded `.*?` causing
+        // catastrophic backtracking. Now uses bounded `.{0,40}` with no nested quantifiers.
+        name: 'prompt_injection_dan_jailbreak',
+        pattern: /\bD\s*A\s*N\b.{0,40}do\s+anything\s+now/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_do_anything_now',
+        pattern: /do\s+anything\s+now/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_developer_mode',
+        pattern: /(?:enter|enable|activate|switch\s+to)\s+developer\s+mode/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_no_restrictions',
+        pattern: /(?:without|no|remove\s+all|disable\s+all)\s+(?:any\s+)?restrictions/gi,
+        severity: 'high',
+    },
+    // -----------------------------------------------------------------------
+    // Category 4: System prompt extraction (high)
+    // -----------------------------------------------------------------------
+    {
+        name: 'prompt_injection_show_system_prompt',
+        pattern: /(?:show|display|reveal|print|output)\s+(?:me\s+)?(?:your|the)\s+system\s+prompt/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_repeat_above',
+        pattern: /repeat\s+(?:everything|all\s+the\s+text|the\s+text|all)\s+above/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_what_are_instructions',
+        pattern: /what\s+are\s+your\s+(?:instructions|rules|guidelines|directives)/gi,
+        severity: 'high',
+    },
+    // -----------------------------------------------------------------------
+    // Category 5: Delimiter injection (high)
+    // -----------------------------------------------------------------------
+    {
+        name: 'prompt_injection_im_start_delimiter',
+        pattern: /<\|im_start\|>/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_system_delimiter',
+        pattern: /###\s*System\s*:/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_inst_delimiter',
+        pattern: /\[INST\]/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_system_tag',
+        pattern: /<system>/gi,
+        severity: 'high',
+    },
+    // -----------------------------------------------------------------------
+    // Category 6: Context manipulation (medium)
+    // -----------------------------------------------------------------------
+    {
+        name: 'prompt_injection_hypothetical_scenario',
+        pattern: /in\s+this\s+hypothetical\s+scenario/gi,
+        severity: 'medium',
+    },
+    {
+        name: 'prompt_injection_educational_purposes',
+        pattern: /for\s+educational\s+purposes\s+only/gi,
+        severity: 'medium',
+    },
+    // -----------------------------------------------------------------------
+    // Category 7: Authority impersonation (high)
+    // -----------------------------------------------------------------------
+    {
+        name: 'prompt_injection_authority_developer',
+        pattern: /(?:as\s+your|i\s+am\s+(?:your|the))\s+(?:developer|creator|programmer|admin|administrator|owner)/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_admin_override',
+        pattern: /(?:admin|administrator|root)\s+(?:override|access|mode|command)/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_maintenance_mode',
+        pattern: /(?:enter|enable|activate|switch\s+to)\s+(?:maintenance|debug|test|unsafe)\s+mode/gi,
+        severity: 'high',
+    },
+    // -----------------------------------------------------------------------
+    // Category 8: Indirect injection (high)
+    // -----------------------------------------------------------------------
+    {
+        name: 'prompt_injection_indirect_when_user',
+        pattern: /when\s+(?:the\s+)?user\s+asks?\s+[\w\s]{1,40},?\s*(?:do|say|respond|reply|tell|output)\b/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_indirect_if_anyone',
+        pattern: /if\s+(?:anyone|somebody|someone|the\s+user)\s+asks?,?\s*(?:say|tell|respond|reply)\b/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_indirect_new_instructions',
+        pattern: /(?:new|updated|revised|replacement)\s+(?:system\s+)?instructions?\s*:/gi,
+        severity: 'high',
+    },
+    // -----------------------------------------------------------------------
+    // Category 9: Encoding indicators (medium)
+    // -----------------------------------------------------------------------
+    {
+        name: 'prompt_injection_decode_base64',
+        pattern: /(?:decode|interpret|execute|run|eval)\s+(?:the\s+following\s+)?(?:base64|rot13|hex|binary)/gi,
+        severity: 'medium',
+    },
+    {
+        name: 'prompt_injection_encode_request',
+        pattern: /(?:base64|rot13|hex)\s+(?:encode|decode|convert)\s+(?:this|the\s+following)/gi,
+        severity: 'medium',
+    },
+    // -----------------------------------------------------------------------
+    // Category 10: Synonym variants (high)
+    // -----------------------------------------------------------------------
+    {
+        name: 'prompt_injection_bypass_instructions',
+        pattern: /bypass\s+(?:all\s+)?(?:your|the|previous|prior|above|earlier)\s+(?:instructions|rules|guidelines|constraints|restrictions)/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_skip_instructions',
+        pattern: /(?:skip|drop|abandon|dismiss)\s+(?:all\s+)?(?:your|the|previous|prior|above|earlier)\s+(?:instructions|rules|guidelines|constraints)/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_new_rules',
+        pattern: /(?:your|the)\s+new\s+(?:instructions|rules|guidelines|directives)\s+are/gi,
+        severity: 'high',
+    },
+    // -----------------------------------------------------------------------
+    // Category 11: Prompt leakage requests (high)
+    // -----------------------------------------------------------------------
+    {
+        name: 'prompt_injection_show_rules',
+        pattern: /(?:show|tell|give|list|display)\s+(?:me\s+)?(?:your|the)\s+(?:rules|instructions|guidelines|directives|constraints)/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_print_config',
+        pattern: /(?:print|output|dump|display)\s+(?:your|the)\s+(?:config|configuration|settings|prompt|system\s+message)/gi,
+        severity: 'high',
+    },
+    // -----------------------------------------------------------------------
+    // Category 12: Obfuscation markers (medium)
+    // -----------------------------------------------------------------------
+    {
+        name: 'prompt_injection_read_vertically',
+        pattern: /(?:read|interpret)\s+(?:this\s+)?(?:vertically|diagonally|backwards|in\s+reverse)/gi,
+        severity: 'medium',
+    },
+    {
+        name: 'prompt_injection_first_letter',
+        pattern: /(?:first|last|initial)\s+(?:letter|character|char)\s+of\s+each\s+(?:word|line|sentence)/gi,
+        severity: 'medium',
+    },
+    {
+        name: 'prompt_injection_split_across',
+        pattern: /(?:split|spread|distributed?)\s+across\s+(?:messages?|lines?|parts?|chunks?)/gi,
+        severity: 'medium',
+    },
+    // -----------------------------------------------------------------------
+    // Category 13: Multi-turn manipulation (medium)
+    // -----------------------------------------------------------------------
+    {
+        name: 'prompt_injection_remember_later',
+        pattern: /remember\s+this\s+(?:for\s+later|instruction|rule|command)/gi,
+        severity: 'medium',
+    },
+    {
+        name: 'prompt_injection_next_conversation',
+        pattern: /in\s+(?:our|the)\s+next\s+(?:conversation|session|chat|interaction)/gi,
+        severity: 'medium',
+    },
+];
+// ---------------------------------------------------------------------------
+// Output-side prompt injection patterns
+// ---------------------------------------------------------------------------
+/**
+ * Patterns for detecting prompt injection artifacts in model output.
+ * These indicate the model may have been manipulated and is leaking
+ * system prompt content or following injected instructions.
+ *
+ * Scanned during postExecute DLP on response bodies.
+ */
+exports.OUTPUT_INJECTION_PATTERNS = [
+    {
+        name: 'prompt_injection_output_system_leak',
+        pattern: /(?:my\s+(?:system\s+)?instructions\s+(?:are|say|tell)|i\s+was\s+(?:told|instructed|programmed)\s+to)/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_output_prompt_reflection',
+        pattern: /(?:here\s+(?:are|is)\s+my\s+(?:rules|instructions|system\s+prompt|prompt)|as\s+(?:instructed|directed|told)(?:\s+by\s+my\s+(?:system|developer))?\s*:)/gi,
+        severity: 'high',
+    },
+    {
+        name: 'prompt_injection_output_role_break',
+        pattern: /(?:i\s+(?:am\s+)?now\s+(?:operating|running|acting)\s+(?:in|as)\s+(?:\w+\s+)?mode|(?:developer|unrestricted|DAN)\s+mode\s+(?:enabled|activated|on))/gi,
+        severity: 'high',
+    },
+];
+//# sourceMappingURL=prompt-injection-patterns.js.map

package/dist/src/dlp/prompt-injection-patterns.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"prompt-injection-patterns.js","sourceRoot":"","sources":["../../../src/dlp/prompt-injection-patterns.ts"],"names":[],"mappings":";;;AAEA;;;;;;;;;;;;;;;;;;;;GAoBG;AACU,QAAA,yBAAyB,GAAiB;IACrD,0EAA0E;IAC1E,iDAAiD;IACjD,0EAA0E;IAC1E;QACE,IAAI,EAAE,kCAAkC;QACxC,OAAO,EAAE,+CAA+C;QACxD,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,kCAAkC;QACxC,OAAO,EAAE,kGAAkG;QAC3G,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,sCAAsC;QAC5C,OAAO,EAAE,kEAAkE;QAC3E,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,wCAAwC;QAC9C,OAAO,EAAE,yFAAyF;QAClG,QAAQ,EAAE,MAAM;KACjB;IAED,0EAA0E;IAC1E,yCAAyC;IACzC,0EAA0E;IAC1E;QACE,IAAI,EAAE,8BAA8B;QACpC,OAAO,EAAE,qCAAqC;QAC9C,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,sEAAsE;QAC/E,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,IAAI,EAAE,gCAAgC;QACtC,OAAO,EAAE,sCAAsC;QAC/C,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,IAAI,EAAE,8BAA8B;QACpC,OAAO,EAAE,oBAAoB;QAC7B,QAAQ,EAAE,QAAQ;KACnB;IAED,0EAA0E;IAC1E,wCAAwC;IACxC,0EAA0E;IAC1E;QACE,gEAAgE;QAChE,oFAAoF;QACpF,IAAI,EAAE,gCAAgC;QACtC,OAAO,EAAE,2CAA2C;QACpD,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,kCAAkC;QACxC,OAAO,EAAE,uBAAuB;QAChC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,iCAAiC;QACvC,OAAO,EAAE,4DAA4D;QACrE,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,kCAAkC;QACxC,OAAO,EAAE,uEAAuE;QAChF,QAAQ,EAAE,MAAM;KACjB;IAED,0EAA0E;IAC1E,8CAA8C;IAC9C,0EAA0E;IAC1E;QACE,IAAI,EAAE,qCAAqC;QAC3C,OAAO,EAAE,mFAAmF;QAC5F,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,+BAA+B;QACrC,OAAO,EAAE,mEAAmE;QAC5E,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,wCAAwC;QAC9C,OAAO,EAAE,oEAAoE;QAC7E,QAAQ,EAAE,MAAM;KACjB;IAED,0EAA0E;IAC1E,yCAAyC;IACzC,0EAA0E;IAC1E;QACE,IAAI,EAAE,qCAAqC;QAC3C,OAAO,EAAE,kBAAkB;QAC3B,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,mCAAmC;QACzC,OAAO,EAAE,oBAAoB;QAC7B,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,iCAAiC;QACvC,OAAO,EAAE,YAAY;QACrB,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,6BAA6B;QACnC,OAAO,EAAE,YAAY;QACrB,QAAQ,EAAE,MAAM;KACjB;IAED,0EAA0E;IAC1E,4CAA4C;IAC5C,0EAA0E;IAC1E;QACE,IAAI,EAAE,wCAAwC;QAC9C,OAAO,EAAE,uCAAuC;QAChD,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,IAAI,EAAE,uCAAuC;QAC7C,OAAO,EAAE,uCAAuC;QAChD,QAAQ,EAAE,QAAQ;KACnB;IAED,0EAA0E;IAC1E,6CAA6C;IAC7C,0EAA0E;IAC1E;QACE,IAAI,EAAE,sCAAsC;QAC5C,OAAO,EAAE,oGAAoG;QAC7G,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,iCAAiC;QACvC,OAAO,EAAE,mEAAmE;QAC5E,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,mCAAmC;QACzC,OAAO,EAAE,oFAAoF;QAC7F,QAAQ,EAAE,MAAM;KACjB;IAED,0EAA0E;IAC1E,wCAAwC;IACxC,0EAA0E;IAC1E;QACE,IAAI,EAAE,qCAAqC;QAC3C,OAAO,EAAE,4FAA4F;QACrG,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,qCAAqC;QAC3C,OAAO,EAAE,wFAAwF;QACjG,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,4CAA4C;QAClD,OAAO,EAAE,yEAAyE;QAClF,QAAQ,EAAE,MAAM;KACjB;IAED,0EAA0E;IAC1E,2CAA2C;IAC3C,0EAA0E;IAC1E;QACE,IAAI,EAAE,gCAAgC;QACtC,OAAO,EAAE,8FAA8F;QACvG,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,IAAI,EAAE,iCAAiC;QACvC,OAAO,EAAE,+EAA+E;QACxF,QAAQ,EAAE,QAAQ;KACnB;IAED,0EAA0E;IAC1E,uCAAuC;IACvC,0EAA0E;IAC1E;QACE,IAAI,EAAE,sCAAsC;QAC5C,OAAO,EAAE,8HAA8H;QACvI,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,oCAAoC;QAC1C,OAAO,EAAE,wIAAwI;QACjJ,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,4BAA4B;QAClC,OAAO,EAAE,2EAA2E;QACpF,QAAQ,EAAE,MAAM;KACjB;IAED,0EAA0E;IAC1E,8CAA8C;IAC9C,0EAA0E;IAC1E;QACE,IAAI,EAAE,6BAA6B;QACnC,OAAO,EAAE,uHAAuH;QAChI,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,+BAA+B;QACrC,OAAO,EAAE,4GAA4G;QACrH,QAAQ,EAAE,MAAM;KACjB;IAED,0EAA0E;IAC1E,4CAA4C;IAC5C,0EAA0E;IAC1E;QACE,IAAI,EAAE,kCAAkC;QACxC,OAAO,EAAE,qFAAqF;QAC9F,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,IAAI,EAAE,+BAA+B;QACrC,OAAO,EAAE,2FAA2F;QACpG,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,IAAI,EAAE,+BAA+B;QACrC,OAAO,EAAE,gFAAgF;QACzF,QAAQ,EAAE,QAAQ;KACnB;IAED,0EAA0E;IAC1E,gDAAgD;IAChD,0EAA0E;IAC1E;QACE,IAAI,EAAE,iCAAiC;QACvC,OAAO,EAAE,8DAA8D;QACvE,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,IAAI,EAAE,oCAAoC;QAC1C,OAAO,EAAE,uEAAuE;QAChF,QAAQ,EAAE,QAAQ;KACnB;CACF,CAAC;AAEF,8EAA8E;AAC9E,wCAAwC;AACxC,8EAA8E;AAE9E;;;;;;GAMG;AACU,QAAA,yBAAyB,GAAiB;IACrD;QACE,IAAI,EAAE,qCAAqC;QAC3C,OAAO,EAAE,wGAAwG;QACjH,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,2CAA2C;QACjD,OAAO,EAAE,0JAA0J;QACnK,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,oCAAoC;QAC1C,OAAO,EAAE,uJAAuJ;QAChK,QAAQ,EAAE,MAAM;KACjB;CACF,CAAC"}

package/dist/src/dlp/regex-backend.d.ts ADDED Viewed

@@ -0,0 +1,32 @@
+import { DLPBackend, DLPDetection } from './interfaces';
+export interface RegexBackendConfig {
+    /** Enable secret pattern detection. Default true. */
+    secrets_detection?: boolean;
+    /** Enable PII pattern detection. Default true. */
+    pii_detection?: boolean;
+}
+/**
+ * Regex-based DLP backend that uses the same patterns as the built-in DLPScanner.
+ *
+ * This backend is extracted as a standalone DLPBackend implementation so it can
+ * be composed with other backends (e.g. TruffleHog) via the CompositeDLPScanner.
+ * The original DLPScanner remains unchanged and fully functional on its own.
+ */
+export declare class RegexDLPBackend implements DLPBackend {
+    readonly name = "regex";
+    private readonly secretsEnabled;
+    private readonly piiEnabled;
+    constructor(config?: RegexBackendConfig);
+    /**
+     * Scan a string for secrets and PII using regex patterns.
+     *
+     * Input is normalized before scanning to defeat evasion techniques
+     * (zero-width chars, Unicode homoglyphs, NFC normalization).
+     *
+     * Every regex with the /g flag has its lastIndex reset before and after
+     * testing to avoid state leaking between calls.
+     */
+    scanString(value: string): DLPDetection[];
+    private scanPatterns;
+}
+//# sourceMappingURL=regex-backend.d.ts.map

package/dist/src/dlp/regex-backend.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"regex-backend.d.ts","sourceRoot":"","sources":["../../../src/dlp/regex-backend.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAGxD,MAAM,WAAW,kBAAkB;IACjC,qDAAqD;IACrD,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,kDAAkD;IAClD,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAiFD;;;;;;GAMG;AACH,qBAAa,eAAgB,YAAW,UAAU;IAChD,QAAQ,CAAC,IAAI,WAAW;IAExB,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAU;IACzC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAU;gBAEzB,MAAM,CAAC,EAAE,kBAAkB;IAKvC;;;;;;;;OAQG;IACH,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,YAAY,EAAE;IAwCzC,OAAO,CAAC,YAAY;CAwBrB"}