palaryn 0.4.16 → 0.4.18

package/dist/src/dlp/index.d.ts

@@ -7,5 +7,6 @@ export { CompositeDLPScanner } from './composite-scanner';
 export { PROMPT_INJECTION_PATTERNS, OUTPUT_INJECTION_PATTERNS } from './prompt-injection-patterns';
 export { PromptInjectionBackend, PromptInjectionConfig } from './prompt-injection-backend';
 export { ExfiltrationDetectionBackend } from './exfiltration-backend';
+export { NemoGuardrailsBackend, NemoGuardrailsConfig } from './nemo-backend';
 export { normalizeText, normalizeLeetspeak, decodeROT13, tryDecodeROT13, ZERO_WIDTH_REGEX, HOMOGLYPH_MAP, LEETSPEAK_MAP } from './text-normalizer';
 //# sourceMappingURL=index.d.ts.map

package/dist/src/dlp/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/dlp/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AACvC,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AACvE,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AACtE,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAC3E,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,yBAAyB,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AACnG,OAAO,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AAC3F,OAAO,EAAE,4BAA4B,EAAE,MAAM,wBAAwB,CAAC;AACtE,OAAO,EAAE,aAAa,EAAE,kBAAkB,EAAE,WAAW,EAAE,cAAc,EAAE,gBAAgB,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/dlp/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AACvC,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AACvE,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AACtE,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAC3E,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,yBAAyB,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AACnG,OAAO,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AAC3F,OAAO,EAAE,4BAA4B,EAAE,MAAM,wBAAwB,CAAC;AACtE,OAAO,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AAC7E,OAAO,EAAE,aAAa,EAAE,kBAAkB,EAAE,WAAW,EAAE,cAAc,EAAE,gBAAgB,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC"}

package/dist/src/dlp/index.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.LEETSPEAK_MAP = exports.HOMOGLYPH_MAP = exports.ZERO_WIDTH_REGEX = exports.tryDecodeROT13 = exports.decodeROT13 = exports.normalizeLeetspeak = exports.normalizeText = exports.ExfiltrationDetectionBackend = exports.PromptInjectionBackend = exports.OUTPUT_INJECTION_PATTERNS = exports.PROMPT_INJECTION_PATTERNS = exports.CompositeDLPScanner = exports.TruffleHogBackend = exports.RegexDLPBackend = exports.PII_PATTERNS = exports.SECRET_PATTERNS = exports.DLPScanner = void 0;
+exports.LEETSPEAK_MAP = exports.HOMOGLYPH_MAP = exports.ZERO_WIDTH_REGEX = exports.tryDecodeROT13 = exports.decodeROT13 = exports.normalizeLeetspeak = exports.normalizeText = exports.NemoGuardrailsBackend = exports.ExfiltrationDetectionBackend = exports.PromptInjectionBackend = exports.OUTPUT_INJECTION_PATTERNS = exports.PROMPT_INJECTION_PATTERNS = exports.CompositeDLPScanner = exports.TruffleHogBackend = exports.RegexDLPBackend = exports.PII_PATTERNS = exports.SECRET_PATTERNS = exports.DLPScanner = void 0;
 var scanner_1 = require("./scanner");
 Object.defineProperty(exports, "DLPScanner", { enumerable: true, get: function () { return scanner_1.DLPScanner; } });
 var patterns_1 = require("./patterns");
@@ -19,6 +19,8 @@ var prompt_injection_backend_1 = require("./prompt-injection-backend");
 Object.defineProperty(exports, "PromptInjectionBackend", { enumerable: true, get: function () { return prompt_injection_backend_1.PromptInjectionBackend; } });
 var exfiltration_backend_1 = require("./exfiltration-backend");
 Object.defineProperty(exports, "ExfiltrationDetectionBackend", { enumerable: true, get: function () { return exfiltration_backend_1.ExfiltrationDetectionBackend; } });
+var nemo_backend_1 = require("./nemo-backend");
+Object.defineProperty(exports, "NemoGuardrailsBackend", { enumerable: true, get: function () { return nemo_backend_1.NemoGuardrailsBackend; } });
 var text_normalizer_1 = require("./text-normalizer");
 Object.defineProperty(exports, "normalizeText", { enumerable: true, get: function () { return text_normalizer_1.normalizeText; } });
 Object.defineProperty(exports, "normalizeLeetspeak", { enumerable: true, get: function () { return text_normalizer_1.normalizeLeetspeak; } });

package/dist/src/dlp/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/dlp/index.ts"],"names":[],"mappings":";;;AAAA,qCAAuC;AAA9B,qGAAA,UAAU,OAAA;AAEnB,uCAAuE;AAAlD,2GAAA,eAAe,OAAA;AAAE,wGAAA,YAAY,OAAA;AAClD,iDAAsE;AAA7D,gHAAA,eAAe,OAAA;AACxB,2DAA2E;AAAlE,uHAAA,iBAAiB,OAAA;AAC1B,yDAA0D;AAAjD,wHAAA,mBAAmB,OAAA;AAC5B,yEAAmG;AAA1F,sIAAA,yBAAyB,OAAA;AAAE,sIAAA,yBAAyB,OAAA;AAC7D,uEAA2F;AAAlF,kIAAA,sBAAsB,OAAA;AAC/B,+DAAsE;AAA7D,oIAAA,4BAA4B,OAAA;AACrC,qDAAmJ;AAA1I,gHAAA,aAAa,OAAA;AAAE,qHAAA,kBAAkB,OAAA;AAAE,8GAAA,WAAW,OAAA;AAAE,iHAAA,cAAc,OAAA;AAAE,mHAAA,gBAAgB,OAAA;AAAE,gHAAA,aAAa,OAAA;AAAE,gHAAA,aAAa,OAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/dlp/index.ts"],"names":[],"mappings":";;;AAAA,qCAAuC;AAA9B,qGAAA,UAAU,OAAA;AAEnB,uCAAuE;AAAlD,2GAAA,eAAe,OAAA;AAAE,wGAAA,YAAY,OAAA;AAClD,iDAAsE;AAA7D,gHAAA,eAAe,OAAA;AACxB,2DAA2E;AAAlE,uHAAA,iBAAiB,OAAA;AAC1B,yDAA0D;AAAjD,wHAAA,mBAAmB,OAAA;AAC5B,yEAAmG;AAA1F,sIAAA,yBAAyB,OAAA;AAAE,sIAAA,yBAAyB,OAAA;AAC7D,uEAA2F;AAAlF,kIAAA,sBAAsB,OAAA;AAC/B,+DAAsE;AAA7D,oIAAA,4BAA4B,OAAA;AACrC,+CAA6E;AAApE,qHAAA,qBAAqB,OAAA;AAC9B,qDAAmJ;AAA1I,gHAAA,aAAa,OAAA;AAAE,qHAAA,kBAAkB,OAAA;AAAE,8GAAA,WAAW,OAAA;AAAE,iHAAA,cAAc,OAAA;AAAE,mHAAA,gBAAgB,OAAA;AAAE,gHAAA,aAAa,OAAA;AAAE,gHAAA,aAAa,OAAA"}

package/dist/src/dlp/nemo-backend.d.ts

@@ -0,0 +1,28 @@
+import { DLPBackend, DLPDetection } from './interfaces';
+export interface NemoGuardrailsConfig {
+    /** NeMo Guardrails API URL (e.g. 'http://nemo:8000'). */
+    api_url: string;
+    /** Request timeout in milliseconds. Defaults to 5000. */
+    timeout_ms?: number;
+}
+/**
+ * DLP backend that delegates content safety classification to NeMo Guardrails.
+ *
+ * NeMo Guardrails (NVIDIA) provides LLM-based detection of prompt injection,
+ * jailbreaks, and harmful content — catching semantic attacks that regex misses.
+ *
+ * Uses synchronous curl via execFileSync (same pattern as TruffleHogBackend)
+ * to comply with the synchronous DLPBackend interface.
+ *
+ * Graceful degradation: returns [] on timeout, connection error, or parse failure.
+ */
+export declare class NemoGuardrailsBackend implements DLPBackend {
+    readonly name = "nemo_guardrails";
+    private readonly apiUrl;
+    private readonly timeoutMs;
+    constructor(config: NemoGuardrailsConfig);
+    scanString(value: string): DLPDetection[];
+    private parseResponse;
+    private mapSeverity;
+}
+//# sourceMappingURL=nemo-backend.d.ts.map

package/dist/src/dlp/nemo-backend.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"nemo-backend.d.ts","sourceRoot":"","sources":["../../../src/dlp/nemo-backend.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAGxD,MAAM,WAAW,oBAAoB;IACnC,yDAAyD;IACzD,OAAO,EAAE,MAAM,CAAC;IAChB,yDAAyD;IACzD,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;;;;;;;;;GAUG;AACH,qBAAa,qBAAsB,YAAW,UAAU;IACtD,QAAQ,CAAC,IAAI,qBAAqB;IAElC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;gBAEvB,MAAM,EAAE,oBAAoB;IAKxC,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,YAAY,EAAE;IA8BzC,OAAO,CAAC,aAAa;IA0CrB,OAAO,CAAC,WAAW;CAWpB"}

package/dist/src/dlp/nemo-backend.js

@@ -0,0 +1,103 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NemoGuardrailsBackend = void 0;
+const child_process_1 = require("child_process");
+/**
+ * DLP backend that delegates content safety classification to NeMo Guardrails.
+ *
+ * NeMo Guardrails (NVIDIA) provides LLM-based detection of prompt injection,
+ * jailbreaks, and harmful content — catching semantic attacks that regex misses.
+ *
+ * Uses synchronous curl via execFileSync (same pattern as TruffleHogBackend)
+ * to comply with the synchronous DLPBackend interface.
+ *
+ * Graceful degradation: returns [] on timeout, connection error, or parse failure.
+ */
+class NemoGuardrailsBackend {
+    constructor(config) {
+        this.name = 'nemo_guardrails';
+        this.apiUrl = config.api_url.replace(/\/+$/, '');
+        this.timeoutMs = config.timeout_ms ?? 5000;
+    }
+    scanString(value) {
+        if (!value || value.length < 5)
+            return [];
+        try {
+            const payload = JSON.stringify({
+                messages: [{ role: 'user', content: value }],
+            });
+            const stdout = (0, child_process_1.execFileSync)('curl', [
+                '-s',
+                '-X', 'POST',
+                `${this.apiUrl}/v1/guardrails/check`,
+                '-H', 'Content-Type: application/json',
+                '-d', payload,
+                '--max-time', String(Math.ceil(this.timeoutMs / 1000)),
+                '--connect-timeout', '2',
+            ], {
+                timeout: this.timeoutMs + 1000,
+                encoding: 'utf-8',
+                stdio: ['pipe', 'pipe', 'pipe'],
+            });
+            return this.parseResponse(stdout, value);
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : String(err);
+            console.warn(`[NemoGuardrailsBackend] scan failed: ${message}`);
+            return [];
+        }
+    }
+    parseResponse(raw, originalValue) {
+        const detections = [];
+        try {
+            const data = JSON.parse(raw);
+            // NeMo Guardrails returns rails/violations in response
+            const rails = data.rails ?? data.violations ?? data.results ?? [];
+            const blocked = data.blocked ?? false;
+            if (Array.isArray(rails)) {
+                for (const rail of rails) {
+                    const railName = rail.name ?? rail.type ?? rail.rail ?? 'unknown';
+                    const severity = this.mapSeverity(rail.severity ?? rail.score ?? (blocked ? 'high' : 'medium'));
+                    detections.push({
+                        pattern_name: `nemo:${railName}`,
+                        severity,
+                        match: originalValue.slice(0, 200),
+                        start: 0,
+                        end: originalValue.length,
+                    });
+                }
+            }
+            // If response indicates blocked but no specific rails listed
+            if (blocked && detections.length === 0) {
+                detections.push({
+                    pattern_name: 'nemo:content_blocked',
+                    severity: 'high',
+                    match: originalValue.slice(0, 200),
+                    start: 0,
+                    end: originalValue.length,
+                });
+            }
+        }
+        catch {
+            console.warn('[NemoGuardrailsBackend] failed to parse response');
+        }
+        return detections;
+    }
+    mapSeverity(level) {
+        if (typeof level === 'number') {
+            if (level >= 0.8)
+                return 'high';
+            if (level >= 0.5)
+                return 'medium';
+            return 'low';
+        }
+        const lower = String(level).toLowerCase();
+        if (lower === 'high' || lower === 'critical')
+            return 'high';
+        if (lower === 'medium' || lower === 'moderate')
+            return 'medium';
+        return 'low';
+    }
+}
+exports.NemoGuardrailsBackend = NemoGuardrailsBackend;
+//# sourceMappingURL=nemo-backend.js.map

package/dist/src/dlp/nemo-backend.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"nemo-backend.js","sourceRoot":"","sources":["../../../src/dlp/nemo-backend.ts"],"names":[],"mappings":";;;AAAA,iDAA6C;AAW7C;;;;;;;;;;GAUG;AACH,MAAa,qBAAqB;IAMhC,YAAY,MAA4B;QAL/B,SAAI,GAAG,iBAAiB,CAAC;QAMhC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QACjD,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,UAAU,IAAI,IAAI,CAAC;IAC7C,CAAC;IAED,UAAU,CAAC,KAAa;QACtB,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,EAAE,CAAC;QAE1C,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC;gBAC7B,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;aAC7C,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,IAAA,4BAAY,EAAC,MAAM,EAAE;gBAClC,IAAI;gBACJ,IAAI,EAAE,MAAM;gBACZ,GAAG,IAAI,CAAC,MAAM,sBAAsB;gBACpC,IAAI,EAAE,gCAAgC;gBACtC,IAAI,EAAE,OAAO;gBACb,YAAY,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;gBACtD,mBAAmB,EAAE,GAAG;aACzB,EAAE;gBACD,OAAO,EAAE,IAAI,CAAC,SAAS,GAAG,IAAI;gBAC9B,QAAQ,EAAE,OAAO;gBACjB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;aAChC,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjE,OAAO,CAAC,IAAI,CAAC,wCAAwC,OAAO,EAAE,CAAC,CAAC;YAChE,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAEO,aAAa,CAAC,GAAW,EAAE,aAAqB;QACtD,MAAM,UAAU,GAAmB,EAAE,CAAC;QAEtC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAE7B,uDAAuD;YACvD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC;YAClE,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,IAAI,KAAK,CAAC;YAEtC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBACzB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;oBACzB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI,SAAS,CAAC;oBAClE,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;oBAEhG,UAAU,CAAC,IAAI,CAAC;wBACd,YAAY,EAAE,QAAQ,QAAQ,EAAE;wBAChC,QAAQ;wBACR,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBAClC,KAAK,EAAE,CAAC;wBACR,GAAG,EAAE,aAAa,CAAC,MAAM;qBAC1B,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,6DAA6D;YAC7D,IAAI,OAAO,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvC,UAAU,CAAC,IAAI,CAAC;oBACd,YAAY,EAAE,sBAAsB;oBACpC,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;oBAClC,KAAK,EAAE,CAAC;oBACR,GAAG,EAAE,aAAa,CAAC,MAAM;iBAC1B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,IAAI,CAAC,kDAAkD,CAAC,CAAC;QACnE,CAAC;QAED,OAAO,UAAU,CAAC;IACpB,CAAC;IAEO,WAAW,CAAC,KAAsB;QACxC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,IAAI,KAAK,IAAI,GAAG;gBAAE,OAAO,MAAM,CAAC;YAChC,IAAI,KAAK,IAAI,GAAG;gBAAE,OAAO,QAAQ,CAAC;YAClC,OAAO,KAAK,CAAC;QACf,CAAC;QACD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;QAC1C,IAAI,KAAK,KAAK,MAAM,IAAI,KAAK,KAAK,UAAU;YAAE,OAAO,MAAM,CAAC;QAC5D,IAAI,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,UAAU;YAAE,OAAO,QAAQ,CAAC;QAChE,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AA9FD,sDA8FC"}

package/dist/src/saas/routes.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"routes.d.ts","sourceRoot":"","sources":["../../../src/saas/routes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAqB,MAAM,SAAS,CAAC;AAGpD,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EACL,SAAS,EAAE,cAAc,EAAE,oBAAoB,EAC/C,eAAe,EAAE,YAAY,EAAE,WAAW,EAC1C,oBAAoB,EAAE,iBAAiB,EAExC,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAwB5C,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,aAAa,CAAC;IACtB,SAAS,EAAE,SAAS,CAAC;IACrB,cAAc,EAAE,cAAc,CAAC;IAC/B,oBAAoB,EAAE,oBAAoB,CAAC;IAC3C,eAAe,EAAE,eAAe,CAAC;IACjC,YAAY,EAAE,YAAY,CAAC;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,oBAAoB,CAAC,EAAE,oBAAoB,CAAC;IAC5C,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACvC;AAmBD,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,aAAa,GAAG,MAAM,CA06E5D"}
+{"version":3,"file":"routes.d.ts","sourceRoot":"","sources":["../../../src/saas/routes.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAqB,MAAM,SAAS,CAAC;AAGpD,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EACL,SAAS,EAAE,cAAc,EAAE,oBAAoB,EAC/C,eAAe,EAAE,YAAY,EAAE,WAAW,EAC1C,oBAAoB,EAAE,iBAAiB,EAExC,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAwB5C,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,aAAa,CAAC;IACtB,SAAS,EAAE,SAAS,CAAC;IACrB,cAAc,EAAE,cAAc,CAAC;IAC/B,oBAAoB,EAAE,oBAAoB,CAAC;IAC3C,eAAe,EAAE,eAAe,CAAC;IACjC,YAAY,EAAE,YAAY,CAAC;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,oBAAoB,CAAC,EAAE,oBAAoB,CAAC;IAC5C,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACvC;AAmBD,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,aAAa,GAAG,MAAM,CAq8E5D"}

package/dist/src/saas/routes.js

@@ -206,6 +206,29 @@ function createSaaSRouter(deps) {
         const workspace = workspaceStore.getById(workspaceId);
         res.status(201).json(workspace);
     });
+    router.delete('/workspaces/:id', (req, res) => {
+        if (!requireSession(req, res))
+            return;
+        const user = req.sessionUser;
+        const workspaceId = param(req, 'id');
+        const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+        if (!membership || membership.role !== 'owner') {
+            res.status(403).json({ error: 'Only workspace owner can delete a workspace' });
+            return;
+        }
+        const workspace = workspaceStore.getById(workspaceId);
+        if (!workspace) {
+            res.status(404).json({ error: 'Workspace not found' });
+            return;
+        }
+        // Remove members, then workspace
+        const members = workspaceMemberStore.getByWorkspace(workspaceId);
+        for (const m of members) {
+            workspaceMemberStore.delete(m.id);
+        }
+        workspaceStore.delete(workspaceId);
+        res.json({ deleted: true, id: workspaceId });
+    });
     router.get('/workspaces/:id', (req, res) => {
         if (!requireSession(req, res))
             return;