npm - pixel-serve-server - Versions diffs - 0.0.6 → 1.0.0 - Mend

pixel-serve-server 0.0.6 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md CHANGED Viewed

@@ -1,212 +1,270 @@
-# Image Server Middleware
+# Pixel Serve Server
-A powerful and customizable middleware for processing, resizing, and serving images in Node.js applications. Built with **TypeScript** and powered by **Sharp**, this package allows you to handle local and network images with robust error handling, fallback images, and customizable options.
+**A modern, type-safe middleware** for processing, resizing, and serving images in Node.js applications. Built with **TypeScript**, powered by **Sharp**, and designed for secure production use with ESM & CJS bundles.
----
+[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
+[![TypeScript](https://img.shields.io/badge/TypeScript-5.9.3-blue.svg)](https://www.typescriptlang.org/)
+[![Node.js](https://img.shields.io/badge/Node.js-18+-blue.svg)](https://nodejs.org/)
 ## Features
-- 🖼️ **Dynamic Image Resizing and Formatting**
-  - Supports various formats: `jpeg`, `png`, `webp`, `gif`, `tiff`, `avif`, and `svg`.
-  - Adjustable dimensions with constraints for safety.
-- 🌐 **Network and Local File Handling**
-  - Fetches images from allowed network domains.
-  - Processes images stored locally with safe path validation.
-- 🔒 **Fallback Images**
-  - Provides fallback images for invalid or missing sources.
-- 🔧 **Highly Configurable**
-  - Flexible option to set base directories, private folders, and user-specific paths.
-  - Supports user-defined ID handlers and folder logic.
-- 🚀 **Efficient and Scalable**
-  - Built on **Sharp** for high-performance image processing.
-  - Handles concurrent requests with ease.
----
+- 🖼️ **Dynamic resizing & formatting**: `jpeg`, `png`, `webp`, `gif`, `tiff`, `avif`, `svg` with configurable width/height bounds and quality limits
+- 🌐 **Secure source resolution**: Strict path validation, domain allowlists, and MIME type checks for network fetches
+- 🔒 **Fallbacks & private folders**: Built-in placeholder images plus async `getUserFolder` for private assets
+- ⚡ **Caching ready**: ETag + Cache-Control headers out of the box
+- 🧪 **Type-safe & tested**: 100% TypeScript with Vitest coverage and exported Zod schemas
+- ♻️ **Dual builds**: Works in both ESM and CommonJS environments
 ## Installation
-Install the package using npm or yarn:
 ```bash
 npm install pixel-serve-server
 ```
----
-## Usage
-### Basic Setup
+## Quick Start
-Here’s how to integrate the middleware with an Express application:
+### Basic Setup (Express)
 ```typescript
 import express from "express";
 import { registerServe } from "pixel-serve-server";
-import path, { dirname } from "node:path";
-import { fileURLToPath } from "node:url";
+import path from "node:path";
 const app = express();
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = dirname(__filename);
-const BASE_IMAGE_DIR = path.join(__dirname, "../assets/images/public");
-const PRIVATE_IMAGE_DIR = path.join(__dirname, "../assets/images/private");
 const serveImage = registerServe({
-  baseDir: BASE_IMAGE_DIR, // Base directory for local images
-  idHandler: (id: string) => `user-${id}`, // Custom handler for user IDs
-  getUserFolder: async (id: string) => `/private/users/${id}`, // Logic for user-specific folder paths
-  websiteURL: "example.com", // Your website's base URL
-  apiRegex: /^\/api\/v1\//, // Regex for removing API prefixes
-  allowedNetworkList: ["trusted.com"], // List of allowed network domains
+  baseDir: path.join(__dirname, "../assets/images/public"),
 });
 app.get("/api/v1/pixel/serve", serveImage);
 app.listen(3000, () => {
-  console.log("Server is running on http://localhost:3000");
+  console.log("Server running on http://localhost:3000");
 });
 ```
----
+### Advanced Setup with All Options
+```typescript
+import express from "express";
+import { registerServe } from "pixel-serve-server";
+import path from "node:path";
+const app = express();
-### Options
+const serveImage = registerServe({
+  // Required: Base directory for public images
+  baseDir: path.join(__dirname, "../assets/images/public"),
-The `serveImage` middleware accepts the following options:
+  // Custom user ID handler
+  idHandler: (id: string) => `user-${id}`,
-| Option               | Type       | Description                                                 |
-| -------------------- | ---------- | ----------------------------------------------------------- |
-| `baseDir`            | `string`   | Base directory for local image files.                       |
-| `idHandler`          | `Function` | Function to handle and format user IDs.                     |
-| `getUserFolder`      | `Function` | Async function to resolve a user-specific folder path.      |
-| `websiteURL`         | `string`   | Your website's base URL for identifying internal resources. |
-| `apiRegex`           | `RegExp`   | Regex to strip API prefixes from internal paths.            |
-| `allowedNetworkList` | `string[]` | List of allowed domains for network images.                 |
+  // Async function to resolve private folder paths
+  getUserFolder: async (req, userId) => {
+    // Your logic to resolve user-specific folder
+    return `/private/users/${userId}`;
+  },
----
+  // Your website's base URL (for treating internal URLs as local)
+  websiteURL: "example.com",
-### Example Requests
+  // Regex to strip API prefix from internal URLs
+  apiRegex: /^\/api\/v1\//,
-#### Fetching a Local Image
+  // Allowed remote hosts for fetching network images
+  allowedNetworkList: ["cdn.example.com", "images.example.com"],
-```bash
-GET http://localhost:3000/images?src=/uploads/image1.jpg&width=300&height=300
+  // Custom Cache-Control header
+  cacheControl: "public, max-age=86400, stale-while-revalidate=604800",
+  // Enable/disable ETag generation
+  etag: true,
+  // Image dimension bounds
+  minWidth: 50,
+  maxWidth: 4000,
+  minHeight: 50,
+  maxHeight: 4000,
+  // Default JPEG/WebP/AVIF quality
+  defaultQuality: 80,
+  // Network fetch timeout (ms)
+  requestTimeoutMs: 5000,
+  // Maximum download size from remote sources (bytes)
+  maxDownloadBytes: 5_000_000,
+});
+app.get("/api/v1/pixel/serve", serveImage);
+app.listen(3000);
 ```
-#### Fetching a Network Image
+## Configuration Options
+| Option               | Type                                      | Default                    | Description                                                             |
+| -------------------- | ----------------------------------------- | -------------------------- | ----------------------------------------------------------------------- |
+| `baseDir`            | `string`                                  | **required**               | Base directory for local images                                         |
+| `idHandler`          | `(id: string) => string`                  | `id => id`                 | Transform user IDs before lookup                                        |
+| `getUserFolder`      | `(req, id?) => string \| Promise<string>` | `undefined`                | Resolve private folder path when `folder=private`                       |
+| `websiteURL`         | `string`                                  | `undefined`                | If set, internal URLs pointing to this host are treated as local assets |
+| `apiRegex`           | `RegExp`                                  | `/^\/api\/v1\//`           | Prefix stripped from internal URLs before lookup                        |
+| `allowedNetworkList` | `string[]`                                | `[]`                       | Allowed remote hosts. Others immediately fall back                      |
+| `cacheControl`       | `string`                                  | `public, max-age=86400...` | Cache-Control header value                                              |
+| `etag`               | `boolean`                                 | `true`                     | Emit ETag and honor If-None-Match                                       |
+| `minWidth`           | `number`                                  | `50`                       | Minimum accepted width                                                  |
+| `maxWidth`           | `number`                                  | `4000`                     | Maximum accepted width                                                  |
+| `minHeight`          | `number`                                  | `50`                       | Minimum accepted height                                                 |
+| `maxHeight`          | `number`                                  | `4000`                     | Maximum accepted height                                                 |
+| `defaultQuality`     | `number`                                  | `80`                       | Default JPEG/WebP/AVIF quality                                          |
+| `requestTimeoutMs`   | `number`                                  | `5000`                     | Network fetch timeout                                                   |
+| `maxDownloadBytes`   | `number`                                  | `5_000_000`                | Maximum remote download size                                            |
+## Query Parameters
+| Parameter | Type                    | Default     | Description                                                         |
+| --------- | ----------------------- | ----------- | ------------------------------------------------------------------- |
+| `src`     | `string`                | _required_  | Path or URL to the image source                                     |
+| `format`  | `ImageFormat`           | `jpeg`      | Output format (`jpeg`, `png`, `webp`, `gif`, `tiff`, `avif`, `svg`) |
+| `width`   | `number`                | `undefined` | Desired output width (px)                                           |
+| `height`  | `number`                | `undefined` | Desired output height (px)                                          |
+| `quality` | `number`                | `80`        | Image quality (1-100)                                               |
+| `folder`  | `'public' \| 'private'` | `public`    | Image folder type                                                   |
+| `userId`  | `string`                | `undefined` | User ID for private folder access                                   |
+| `type`    | `'normal' \| 'avatar'`  | `normal`    | Image type (affects fallback image)                                 |
+## Example Requests
+### Local Image with Resize
 ```bash
-GET http://localhost:3000/images?src=https://trusted.com/image2.jpg&format=webp
+GET /api/v1/pixel/serve?src=uploads/photo.jpg&width=800&height=600&format=webp
 ```
-#### Handling Private User Folders
+### Network Image
 ```bash
-GET http://localhost:3000/images?src=/avatar.jpg&folder=private&userId=12345
+GET /api/v1/pixel/serve?src=https://cdn.example.com/image.jpg&format=avif&quality=90
 ```
----
+### Private User Image
-### User Data Parameters
+```bash
+GET /api/v1/pixel/serve?src=avatar.jpg&folder=private&userId=12345&type=avatar
+```
+## Integration with Pixel Serve Client
-The middleware uses the following `UserData` query parameters:
+This package is designed to work seamlessly with [`pixel-serve-client`](https://www.npmjs.com/package/pixel-serve-client), a React component that automatically generates the correct query parameters.
-| Parameter | Type                    | Description                                          |
-| --------- | ----------------------- | ---------------------------------------------------- |
-| `src`     | `string`                | Path or URL to the image source.                     |
-| `format`  | `ImageFormat`           | Desired output format (e.g., `jpeg`, `png`, `webp`). |
-| `width`   | `number`                | Desired width of the output image.                   |
-| `height`  | `number`                | Desired height of the output image.                  |
-| `quality` | `number`                | Image quality (1-100, default: 80).                  |
-| `folder`  | `'public' \| 'private'` | Image folder type (default: `public`).               |
-| `userId`  | `string \| null`        | User ID for private folder access.                   |
-| `type`    | `'normal' \| 'avatar'`  | Image type (default: `normal`).                      |
+```tsx
+// Client-side (React)
+import Pixel from "pixel-serve-client";
----
+<Pixel
+  src="/uploads/photo.jpg"
+  width={800}
+  height={600}
+  backendUrl="/api/v1/pixel/serve"
+/>;
+```
-### Image Formats
+## Security Features
-The following image formats are supported:
+### Path Traversal Protection
-- `jpeg`
-- `jpg`
-- `png`
-- `webp`
-- `gif`
-- `tiff`
-- `avif`
-- `svg`
+All local paths are validated to prevent directory traversal attacks:
-Each format is processed with the specified quality settings.
+- Rejects paths with `..`
+- Rejects absolute paths
+- Validates resolved paths stay within `baseDir`
+- Rejects null bytes and control characters
----
+### Network Image Security
-### Advanced Configuration
+- Only fetches from explicitly allowed domains (`allowedNetworkList`)
+- Validates MIME type of responses
+- Configurable timeout and size limits
+- Rejects non-HTTP/HTTPS protocols
-#### Custom ID Handler
+### Private Folder Access
-Use the `idHandler` option to customize how user IDs are formatted.
+Use `getUserFolder` to implement your own authentication/authorization logic:
 ```typescript
-const options = {
-  idHandler: (id) => `user-${id.toUpperCase()}`, // Converts ID to uppercase with "user-" prefix
-};
+const serveImage = registerServe({
+  baseDir: "/public/images",
+  getUserFolder: async (req, userId) => {
+    const user = await verifyToken(req.headers.authorization);
+    if (!user || user.id !== userId) {
+      return null; // Will use baseDir instead
+    }
+    return `/private/users/${userId}`;
+  },
+});
 ```
-#### Resolving User Folders
+## Fallback Images
-The `getUserFolder` function dynamically resolves private folder paths for users.
+The package includes built-in fallback images for:
-```typescript
-const options = {
-  getUserFolder: async (id) => `/private/data/users/${id}`, // Returns a private directory path
-};
-```
+- **Normal images**: Displayed when an image cannot be loaded
+- **Avatars**: Displayed when an avatar image cannot be loaded
+These are automatically served when:
-#### Allowed Network Domains
+- The requested image doesn't exist
+- Path validation fails
+- Network fetch fails or returns invalid data
+- Image processing fails
-Whitelist trusted domains for fetching network images.
+## Exports
 ```typescript
-const options = {
-  allowedNetworkList: ["example.com", "cdn.example.com"], // Only allows images from these domains
-};
-```
+// Main middleware factory
+import { registerServe } from "pixel-serve-server";
----
+// Types
+import type {
+  PixelServeOptions,
+  UserData,
+  ImageFormat,
+  ImageType,
+} from "pixel-serve-server";
-### Error Handling
+// Zod schemas for validation
+import { optionsSchema, userDataSchema } from "pixel-serve-server";
-The middleware automatically falls back to pre-defined images for errors:
+// Utility function
+import { isValidPath } from "pixel-serve-server";
+```
-| Error Condition               | Fallback Behavior               |
-| ----------------------------- | ------------------------------- |
-| Invalid local path            | Returns a fallback image.       |
-| Unsupported network domain    | Returns a fallback image.       |
-| Invalid or missing parameters | Defaults to placeholder values. |
+## Module Formats
+```typescript
+// ESM
+import { registerServe } from "pixel-serve-server";
+// CommonJS
+const { registerServe } = require("pixel-serve-server");
+```
-### Dependencies
+## Requirements
-This package uses the following dependencies:
+- Node.js >= 18
+- Express 5.x (peer dependency)
-- **Express**: HTTP server framework.
-- **Sharp**: High-performance image processing.
-- **Axios**: HTTP client for fetching network images.
+## Dependencies
----
+- **Sharp**: High-performance image processing
+- **Axios**: HTTP client for fetching network images
+- **Zod**: Runtime validation for options and query params
-### License
+## License
-This package is licensed under the [MIT License](LICENSE).
+MIT
-### Feedback
+## Contributing
-If you encounter issues or have suggestions, feel free to open an [issue](https://github.com/Hiprax/pixel-serve-server/issues).
+Issues and pull requests are welcome at [GitHub](https://github.com/Hiprax/pixel-serve-server).

package/dist/index.d.mts CHANGED Viewed

@@ -1,20 +1,30 @@
 import { Request, Response, NextFunction } from 'express';
+import { z } from 'zod';
 type ImageType = "avatar" | "normal";
 type ImageFormat = "jpeg" | "jpg" | "png" | "webp" | "gif" | "tiff" | "avif" | "svg";
-type Options = {
+type PixelServeOptions = {
     baseDir: string;
     idHandler?: (id: string) => string;
-    getUserFolder?: (req: Request, id?: string | undefined) => Promise<string>;
+    getUserFolder?: (req: Request, id?: string) => Promise<string> | string;
     websiteURL?: string;
     apiRegex?: RegExp;
     allowedNetworkList?: string[];
+    cacheControl?: string;
+    etag?: boolean;
+    minWidth?: number;
+    maxWidth?: number;
+    minHeight?: number;
+    maxHeight?: number;
+    defaultQuality?: number;
+    requestTimeoutMs?: number;
+    maxDownloadBytes?: number;
 };
 type UserData = {
-    quality: number | string;
-    format: ImageFormat;
-    src?: string;
-    folder?: string;
+    src: string;
+    quality?: number | string;
+    format?: ImageFormat;
+    folder?: "public" | "private";
     type?: ImageType;
     userId?: string;
     width?: number | string;
@@ -24,10 +34,44 @@ type UserData = {
 /**
  * @function registerServe
  * @description A function to register the serveImage function as middleware for Express.
- * @param {Options} options - The options object for image processing.
+ * @param {PixelServeOptions} options - The options object for image processing.
  * @returns {function(Request, Response, NextFunction): Promise<void>} The middleware function.
  */
-declare const registerServe: (options: Options) => (req: Request, res: Response, next: NextFunction) => Promise<void>;
+declare const registerServe: (options: PixelServeOptions) => (req: Request, res: Response, next: NextFunction) => Promise<void>;
+declare const userDataSchema: z.ZodObject<{
+    src: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+    format: z.ZodOptional<z.ZodPipe<z.ZodOptional<z.ZodString>, z.ZodTransform<string | undefined, string | undefined>>>;
+    width: z.ZodPipe<z.ZodPipe<z.ZodOptional<z.ZodUnion<readonly [z.ZodNumber, z.ZodString]>>, z.ZodTransform<number | undefined, string | number | undefined>>, z.ZodOptional<z.ZodNumber>>;
+    height: z.ZodPipe<z.ZodPipe<z.ZodOptional<z.ZodUnion<readonly [z.ZodNumber, z.ZodString]>>, z.ZodTransform<number | undefined, string | number | undefined>>, z.ZodOptional<z.ZodNumber>>;
+    quality: z.ZodPipe<z.ZodPipe<z.ZodOptional<z.ZodUnion<readonly [z.ZodNumber, z.ZodString]>>, z.ZodTransform<number | undefined, string | number | undefined>>, z.ZodDefault<z.ZodNumber>>;
+    folder: z.ZodDefault<z.ZodEnum<{
+        public: "public";
+        private: "private";
+    }>>;
+    type: z.ZodDefault<z.ZodEnum<{
+        avatar: "avatar";
+        normal: "normal";
+    }>>;
+    userId: z.ZodPipe<z.ZodPipe<z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>>, z.ZodTransform<string | undefined, string | number | undefined>>, z.ZodOptional<z.ZodString>>;
+}, z.core.$strict>;
+declare const optionsSchema: z.ZodObject<{
+    baseDir: z.ZodString;
+    idHandler: z.ZodOptional<z.ZodCustom<(id: string) => string, (id: string) => string>>;
+    getUserFolder: z.ZodOptional<z.ZodCustom<(req: unknown, id?: string) => Promise<string> | string, (req: unknown, id?: string) => Promise<string> | string>>;
+    websiteURL: z.ZodOptional<z.ZodUnion<readonly [z.ZodURL, z.ZodString]>>;
+    apiRegex: z.ZodDefault<z.ZodCustom<RegExp, RegExp>>;
+    allowedNetworkList: z.ZodDefault<z.ZodArray<z.ZodString>>;
+    cacheControl: z.ZodOptional<z.ZodString>;
+    etag: z.ZodDefault<z.ZodBoolean>;
+    minWidth: z.ZodDefault<z.ZodNumber>;
+    maxWidth: z.ZodDefault<z.ZodNumber>;
+    minHeight: z.ZodDefault<z.ZodNumber>;
+    maxHeight: z.ZodDefault<z.ZodNumber>;
+    defaultQuality: z.ZodDefault<z.ZodNumber>;
+    requestTimeoutMs: z.ZodDefault<z.ZodNumber>;
+    maxDownloadBytes: z.ZodDefault<z.ZodNumber>;
+}, z.core.$strict>;
 /**
  * @typedef {("avatar" | "normal")} ImageType
@@ -38,8 +82,8 @@ declare const registerServe: (options: Options) => (req: Request, res: Response,
  *
  * @param {string} basePath - The base directory to resolve paths.
  * @param {string} specifiedPath - The path to check.
- * @returns {boolean} True if the path is valid, false otherwise.
+ * @returns {Promise<boolean>} True if the path is valid, false otherwise.
  */
 declare const isValidPath: (basePath: string, specifiedPath: string) => Promise<boolean>;
-export { type ImageFormat, type ImageType, type Options, type UserData, isValidPath, registerServe };
+export { type ImageFormat, type ImageType, type PixelServeOptions, type UserData, isValidPath, optionsSchema, registerServe, userDataSchema };

package/dist/index.d.ts CHANGED Viewed

@@ -1,20 +1,30 @@
 import { Request, Response, NextFunction } from 'express';
+import { z } from 'zod';
 type ImageType = "avatar" | "normal";
 type ImageFormat = "jpeg" | "jpg" | "png" | "webp" | "gif" | "tiff" | "avif" | "svg";
-type Options = {
+type PixelServeOptions = {
     baseDir: string;
     idHandler?: (id: string) => string;
-    getUserFolder?: (req: Request, id?: string | undefined) => Promise<string>;
+    getUserFolder?: (req: Request, id?: string) => Promise<string> | string;
     websiteURL?: string;
     apiRegex?: RegExp;
     allowedNetworkList?: string[];
+    cacheControl?: string;
+    etag?: boolean;
+    minWidth?: number;
+    maxWidth?: number;
+    minHeight?: number;
+    maxHeight?: number;
+    defaultQuality?: number;
+    requestTimeoutMs?: number;
+    maxDownloadBytes?: number;
 };
 type UserData = {
-    quality: number | string;
-    format: ImageFormat;
-    src?: string;
-    folder?: string;
+    src: string;
+    quality?: number | string;
+    format?: ImageFormat;
+    folder?: "public" | "private";
     type?: ImageType;
     userId?: string;
     width?: number | string;
@@ -24,10 +34,44 @@ type UserData = {
 /**
  * @function registerServe
  * @description A function to register the serveImage function as middleware for Express.
- * @param {Options} options - The options object for image processing.
+ * @param {PixelServeOptions} options - The options object for image processing.
  * @returns {function(Request, Response, NextFunction): Promise<void>} The middleware function.
  */
-declare const registerServe: (options: Options) => (req: Request, res: Response, next: NextFunction) => Promise<void>;
+declare const registerServe: (options: PixelServeOptions) => (req: Request, res: Response, next: NextFunction) => Promise<void>;
+declare const userDataSchema: z.ZodObject<{
+    src: z.ZodDefault<z.ZodOptional<z.ZodString>>;
+    format: z.ZodOptional<z.ZodPipe<z.ZodOptional<z.ZodString>, z.ZodTransform<string | undefined, string | undefined>>>;
+    width: z.ZodPipe<z.ZodPipe<z.ZodOptional<z.ZodUnion<readonly [z.ZodNumber, z.ZodString]>>, z.ZodTransform<number | undefined, string | number | undefined>>, z.ZodOptional<z.ZodNumber>>;
+    height: z.ZodPipe<z.ZodPipe<z.ZodOptional<z.ZodUnion<readonly [z.ZodNumber, z.ZodString]>>, z.ZodTransform<number | undefined, string | number | undefined>>, z.ZodOptional<z.ZodNumber>>;
+    quality: z.ZodPipe<z.ZodPipe<z.ZodOptional<z.ZodUnion<readonly [z.ZodNumber, z.ZodString]>>, z.ZodTransform<number | undefined, string | number | undefined>>, z.ZodDefault<z.ZodNumber>>;
+    folder: z.ZodDefault<z.ZodEnum<{
+        public: "public";
+        private: "private";
+    }>>;
+    type: z.ZodDefault<z.ZodEnum<{
+        avatar: "avatar";
+        normal: "normal";
+    }>>;
+    userId: z.ZodPipe<z.ZodPipe<z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>>, z.ZodTransform<string | undefined, string | number | undefined>>, z.ZodOptional<z.ZodString>>;
+}, z.core.$strict>;
+declare const optionsSchema: z.ZodObject<{
+    baseDir: z.ZodString;
+    idHandler: z.ZodOptional<z.ZodCustom<(id: string) => string, (id: string) => string>>;
+    getUserFolder: z.ZodOptional<z.ZodCustom<(req: unknown, id?: string) => Promise<string> | string, (req: unknown, id?: string) => Promise<string> | string>>;
+    websiteURL: z.ZodOptional<z.ZodUnion<readonly [z.ZodURL, z.ZodString]>>;
+    apiRegex: z.ZodDefault<z.ZodCustom<RegExp, RegExp>>;
+    allowedNetworkList: z.ZodDefault<z.ZodArray<z.ZodString>>;
+    cacheControl: z.ZodOptional<z.ZodString>;
+    etag: z.ZodDefault<z.ZodBoolean>;
+    minWidth: z.ZodDefault<z.ZodNumber>;
+    maxWidth: z.ZodDefault<z.ZodNumber>;
+    minHeight: z.ZodDefault<z.ZodNumber>;
+    maxHeight: z.ZodDefault<z.ZodNumber>;
+    defaultQuality: z.ZodDefault<z.ZodNumber>;
+    requestTimeoutMs: z.ZodDefault<z.ZodNumber>;
+    maxDownloadBytes: z.ZodDefault<z.ZodNumber>;
+}, z.core.$strict>;
 /**
  * @typedef {("avatar" | "normal")} ImageType
@@ -38,8 +82,8 @@ declare const registerServe: (options: Options) => (req: Request, res: Response,
  *
  * @param {string} basePath - The base directory to resolve paths.
  * @param {string} specifiedPath - The path to check.
- * @returns {boolean} True if the path is valid, false otherwise.
+ * @returns {Promise<boolean>} True if the path is valid, false otherwise.
  */
 declare const isValidPath: (basePath: string, specifiedPath: string) => Promise<boolean>;
-export { type ImageFormat, type ImageType, type Options, type UserData, isValidPath, registerServe };
+export { type ImageFormat, type ImageType, type PixelServeOptions, type UserData, isValidPath, optionsSchema, registerServe, userDataSchema };

package/dist/index.js CHANGED Viewed

@@ -1,2 +1,3 @@
-"use strict";var D=Object.create;var h=Object.defineProperty;var M=Object.getOwnPropertyDescriptor;var S=Object.getOwnPropertyNames;var P=Object.getPrototypeOf,B=Object.prototype.hasOwnProperty;var _=(e,r)=>{for(var a in r)h(e,a,{get:r[a],enumerable:!0})},U=(e,r,a,s)=>{if(r&&typeof r=="object"||typeof r=="function")for(let t of S(r))!B.call(e,t)&&t!==a&&h(e,t,{get:()=>r[t],enumerable:!(s=M(r,t))||s.enumerable});return e};var y=(e,r,a)=>(a=e!=null?D(P(e)):{},U(r||!e||!e.__esModule?h(a,"default",{value:e,enumerable:!0}):a,e)),C=e=>U(h({},"__esModule",{value:!0}),e);var W={};_(W,{isValidPath:()=>R,registerServe:()=>A});module.exports=C(W);var z=()=>typeof document>"u"?new URL(`file:${__filename}`).href:document.currentScript&&document.currentScript.src||new URL("main.js",document.baseURI).href,m=z();var F=y(require("path")),v=y(require("sharp"));var x=require("fs/promises"),G=new URL("./assets/noimage.jpg",m).pathname,$=new URL("./assets/noavatar.png",m).pathname,c={normal:async()=>(0,x.readFile)(G),avatar:async()=>(0,x.readFile)($)},w=/^\/api\/v1\//,O=["jpeg","jpg","png","webp","gif","tiff","avif","svg"],I={jpeg:"image/jpeg",jpg:"image/jpeg",png:"image/png",webp:"image/webp",gif:"image/gif",tiff:"image/tiff",avif:"image/avif",svg:"image/svg+xml"};var o=y(require("path")),g=y(require("fs/promises")),L=y(require("axios"));var R=async(e,r)=>{try{if(!e||!r||r.includes("\0")||o.default.isAbsolute(r)||!/^[^\x00-\x1F]+$/.test(r))return!1;let a=o.default.resolve(e),s=o.default.resolve(a,r),[t,i]=await Promise.all([g.realpath(a),g.realpath(s)]);if(!(await g.stat(t)).isDirectory())return!1;let f=t+o.default.sep,u=(i+o.default.sep).startsWith(f)||i===t,d=o.default.relative(t,i);return!d.startsWith("..")&&!o.default.isAbsolute(d)&&u}catch{return!1}},k=async(e,r="normal")=>{try{let a=await L.default.get(e,{responseType:"arraybuffer",timeout:5e3}),s=a.headers["content-type"]?.toLowerCase();return Object.values(I).includes(s??"")?Buffer.from(a.data):await c[r]()}catch{return await c[r]()}},b=async(e,r,a="normal")=>{if(!await R(r,e))return await c[a]();try{return await g.readFile(o.default.resolve(r,e))}catch{return await c[a]()}},T=(e,r,a,s="normal",t=w,i=[])=>{let n=new URL(e);if([a,`www.${a}`].includes(n.host)){let p=n.pathname.replace(t,"");return b(p,r,s)}else return i.includes(n.host)?k(e,s):c[s]()};var j=e=>({...{baseDir:"",idHandler:a=>a,getUserFolder:async()=>"",websiteURL:"",apiRegex:w,allowedNetworkList:[]},...e}),N=e=>({...{quality:80,format:"jpeg",src:"/placeholder/noimage.jpg",folder:"public",type:"normal",width:void 0,height:void 0,userId:void 0},...e,quality:e.quality?Math.min(Math.max(Number(e.quality)||80,1),100):100,width:e.width?Math.min(Math.max(Number(e.width),50),2e3):void 0,height:e.height?Math.min(Math.max(Number(e.height),50),2e3):void 0});var H=async(e,r,a,s)=>{try{let t=N(e.query),i=j(s),n,f=i.baseDir,p;if(t.userId){let l=typeof t.userId=="object"?String(Object.values(t.userId)[0]):String(t.userId);i.idHandler?p=i.idHandler(l):p=l}if(t.folder==="private"){let l=await i?.getUserFolder?.(e,p);l&&(f=l)}let u=O.includes(t?.format?.toLowerCase())?t?.format?.toLowerCase():"jpeg";t?.src?.startsWith("http")?n=await T(t?.src??"",f,i?.websiteURL??"",t?.type,i?.apiRegex,i?.allowedNetworkList):n=await b(t?.src??"",f,t?.type);let d=(0,v.default)(n);if(t?.width||t?.height){let l={width:t?.width??void 0,height:t?.height??void 0,fit:v.default.fit.cover};d=d.resize(l)}let q=await d.toFormat(u,{quality:t?.quality?Number(t?.quality):80}).toBuffer(),E=`${F.default.basename(t?.src??"",F.default.extname(t?.src??""))}.${u}`;r.type(I[u]),r.setHeader("Content-Disposition",`inline; filename="${E}"`),r.send(q)}catch(t){a(t)}},V=e=>async(r,a,s)=>H(r,a,s,e),A=V;0&&(module.exports={isValidPath,registerServe});
+'use strict';var l=require('path'),crypto=require('crypto'),O=require('sharp'),f=require('fs/promises'),url=require('url'),q=require('axios'),zod=require('zod');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var l__default=/*#__PURE__*/_interopDefault(l);var O__default=/*#__PURE__*/_interopDefault(O);var f__namespace=/*#__PURE__*/_interopNamespace(f);var q__default=/*#__PURE__*/_interopDefault(q);var A=()=>typeof document>"u"?new URL(`file:${__filename}`).href:document.currentScript&&document.currentScript.tagName.toUpperCase()==="SCRIPT"?document.currentScript.src:new URL("main.js",document.baseURI).href,d=A();var N=l__default.default.dirname(url.fileURLToPath(d)),D=e=>l__default.default.join(N,"assets",e),M=D("noimage.jpg"),W=D("noavatar.png"),s={normal:async()=>f.readFile(M),avatar:async()=>f.readFile(W)},T=/^\/api\/v1\//,b=["jpeg","jpg","png","webp","gif","tiff","avif","svg"],h={jpeg:"image/jpeg",jpg:"image/jpeg",png:"image/png",webp:"image/webp",gif:"image/gif",tiff:"image/tiff",avif:"image/avif",svg:"image/svg+xml"};var U=async(e,r)=>{try{if(!e||!r||r.includes("\0")||l__default.default.isAbsolute(r)||!/^[^\x00-\x1F]+$/.test(r))return !1;let i=l__default.default.resolve(e),o=l__default.default.resolve(i,r),[a,n]=await Promise.all([f__namespace.realpath(i),f__namespace.realpath(o)]);if(!(await f__namespace.stat(a)).isDirectory())return !1;let u=a+l__default.default.sep,I=(n+l__default.default.sep).startsWith(u)||n===a,c=l__default.default.relative(a,n);return !c.startsWith("..")&&!l__default.default.isAbsolute(c)&&I}catch{return  false}},z=async(e,r="normal",{timeoutMs:i,maxBytes:o})=>{try{let a=await q__default.default.get(e,{responseType:"arraybuffer",timeout:i,maxContentLength:o,maxBodyLength:o,validateStatus:u=>u>=200&&u<300}),n=a.headers["content-type"]?.toLowerCase();return Object.values(h).includes(n??"")?Buffer.from(a.data):await s[r]()}catch{return await s[r]()}},w=async(e,r,i="normal")=>{if(!await U(r,e))return await s[i]();try{return await f__namespace.readFile(l__default.default.resolve(r,e))}catch{return await s[i]()}},B=(e,r,i,o="normal",a,n=[],{timeoutMs:m,maxBytes:u})=>{try{let p=new URL(e);if(i!==void 0&&[i,`www.${i}`].includes(p.host)){let g=p.pathname.replace(a,"");return w(g,r,o)}return n.includes(p.host)?["http:","https:"].includes(p.protocol)?z(e,o,{timeoutMs:m,maxBytes:u}):s[o]():s[o]()}catch{return w(e,r,o)}};var _=zod.z.enum(b),k=zod.z.enum(["avatar","normal"]),F=zod.z.object({src:zod.z.string().min(1,"src is required").optional().default("/placeholder/noimage.jpg"),format:zod.z.string().optional().transform(e=>{let r=e?.toLowerCase();return r&&_.options.includes(r)?r:void 0}).optional(),width:zod.z.union([zod.z.number(),zod.z.string()]).optional().transform(e=>e==null?void 0:Number(e)).pipe(zod.z.number().int().min(50,"width too small").max(4e3,"width too large").optional()),height:zod.z.union([zod.z.number(),zod.z.string()]).optional().transform(e=>e==null?void 0:Number(e)).pipe(zod.z.number().int().min(50,"height too small").max(4e3,"height too large").optional()),quality:zod.z.union([zod.z.number(),zod.z.string()]).optional().transform(e=>e==null?void 0:Number(e)).pipe(zod.z.number().int().min(1).max(100).default(80)),folder:zod.z.enum(["public","private"]).default("public"),type:k.default("normal"),userId:zod.z.union([zod.z.string(),zod.z.number()]).optional().transform(e=>e==null?void 0:String(e).trim()).pipe(zod.z.string().min(1,"userId cannot be empty").max(128,"userId too long").optional())}).strict(),P=zod.z.object({baseDir:zod.z.string().min(1,"baseDir is required"),idHandler:zod.z.custom(e=>typeof e=="function",{message:"idHandler must be a function"}).optional(),getUserFolder:zod.z.custom(e=>typeof e=="function",{message:"getUserFolder must be a function"}).optional(),websiteURL:zod.z.union([zod.z.url(),zod.z.string().regex(/^[\w.-]+$/)]).optional(),apiRegex:zod.z.instanceof(RegExp).default(T),allowedNetworkList:zod.z.array(zod.z.string()).default([]),cacheControl:zod.z.string().optional(),etag:zod.z.boolean().default(true),minWidth:zod.z.number().int().positive().default(50),maxWidth:zod.z.number().int().positive().default(4e3),minHeight:zod.z.number().int().positive().default(50),maxHeight:zod.z.number().int().positive().default(4e3),defaultQuality:zod.z.number().int().min(1).max(100).default(80),requestTimeoutMs:zod.z.number().int().positive().default(5e3),maxDownloadBytes:zod.z.number().int().positive().default(5e6)}).strict();var H=e=>P.parse(e),C=(e,r)=>{let i=F.parse(e),o=(a,n,m)=>{if(a!==void 0)return Math.min(Math.max(a,n),m)};return {...i,width:o(i.width,r.minWidth,r.maxWidth),height:o(i.height,r.minHeight,r.maxHeight),quality:i.quality??r.defaultQuality,format:i.format??"jpeg"}};var G=async(e,r,i,o)=>{try{let a=H(o),n=C(e.query,{minWidth:a.minWidth,maxWidth:a.maxWidth,minHeight:a.minHeight,maxHeight:a.maxHeight,defaultQuality:a.defaultQuality}),m=a.baseDir,u;if(n.userId&&(u=a.idHandler?a.idHandler(n.userId):n.userId),n.folder==="private"&&a.getUserFolder){let x=await a.getUserFolder(e,u);x&&(m=x);}let p=b.includes((n.format??"").toLowerCase())?n.format:"jpeg",c=await(async()=>n.src?n.src.startsWith("http")?B(n.src,m,a.websiteURL,n.type,a.apiRegex,a.allowedNetworkList,{timeoutMs:a.requestTimeoutMs,maxBytes:a.maxDownloadBytes}):w(n.src,m,n.type):s[n.type??"normal"]())(),g=O__default.default(c,{failOn:"truncated"});if(n.width||n.height){let x={width:n.width??void 0,height:n.height??void 0,fit:O__default.default.fit.cover,withoutEnlargement:!0};g=g.resize(x);}let v=await g.rotate().toFormat(p,{quality:n.quality}).toBuffer(),E=`${n.src?l__default.default.basename(n.src,l__default.default.extname(n.src)):"image"}.${p}`,y=a.etag?`"${crypto.createHash("sha1").update(v).digest("hex")}"`:void 0;if(y&&e.headers["if-none-match"]===y){r.status(304).end();return}r.type(h[p]),r.setHeader("Content-Disposition",`inline; filename="${E}"`),r.setHeader("Cache-Control",a.cacheControl??"public, max-age=86400, stale-while-revalidate=604800"),y&&r.setHeader("ETag",y),r.setHeader("Content-Length",v.length.toString()),r.send(v);}catch{try{let n=await s.normal();r.type(h.jpeg),r.setHeader("Content-Disposition",'inline; filename="fallback.jpeg"'),r.setHeader("Cache-Control","public, max-age=60"),r.send(n);}catch(n){i(n);}}},Q=e=>async(r,i,o)=>G(r,i,o,e),V=Q;
+exports.isValidPath=U;exports.optionsSchema=P;exports.registerServe=V;exports.userDataSchema=F;//# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/index.ts","../node_modules/tsup/assets/cjs_shims.js","../src/pixel.ts","../src/variables.ts","../src/functions.ts","../src/renders.ts"],"sourcesContent":["/*\r\n @module ImageService\r\n * @description A module to serve, process, and manage image delivery for web applications.\r\n /\r\n\r\nexport { default as registerServe } from \"./pixel\";\r\nexport from \"./types\";\r\nexport { isValidPath } from \"./functions\";\r\n","// Shim globals in cjs bundle\n// There's a weird bug that esbuild will always inject importMetaUrl\n// if we export it as `const importMetaUrl = ... __filename ...`\n// But using a function will not cause this issue\n\nconst getImportMetaUrl = () =>\n typeof document === 'undefined'\n ? new URL(`file:${__filename}`).href\n : (document.currentScript && document.currentScript.src) \|\|\n new URL('main.js', document.baseURI).href\n\nexport const importMetaUrl = /* @__PURE__ / getImportMetaUrl()\n","import path from \"node:path\";\r\nimport sharp, { FormatEnum, ResizeOptions } from \"sharp\";\r\nimport type { Request, Response, NextFunction } from \"express\";\r\nimport type { Options, UserData, ImageFormat, ImageType } from \"./types\";\r\nimport { allowedFormats, mimeTypes } from \"./variables\";\r\nimport { fetchImage, readLocalImage } from \"./functions\";\r\nimport { renderOptions, renderUserData } from \"./renders\";\r\n\r\n/\r\n @typedef {Object} Options\r\n * @property {string} baseDir - The base directory for public image files.\r\n * @property {function(string): string} idHandler - A function to handle user IDs.\r\n * @property {function(string, Request): Promise<string>} getUserFolder - Asynchronous function to retrieve user-specific folders.\r\n * @property {string} websiteURL - The base URL of the website for internal link resolution.\r\n * @property {RegExp} apiRegex - Regex to parse API endpoints from URLs.\r\n * @property {string[]} allowedNetworkList - List of allowed network domains for external image fetching.\r\n /\r\n\r\n/\r\n @function serveImage\r\n * @description Processes and serves an image based on user data and options.\r\n * @param {Request} req - The Express request object.\r\n * @param {Response} res - The Express response object.\r\n * @param {NextFunction} next - The Express next function.\r\n * @param {Options} options - The options object for image processing.\r\n * @returns {Promise<void>}\r\n /\r\nconst serveImage = async (\r\n req: Request,\r\n res: Response,\r\n next: NextFunction,\r\n options: Options\r\n) => {\r\n try {\r\n const userData = renderUserData(req.query as UserData);\r\n const parsedOptions = renderOptions(options);\r\n\r\n let imageBuffer;\r\n let baseDir = parsedOptions.baseDir;\r\n let parsedUserId;\r\n\r\n if (userData.userId) {\r\n const userIdStr =\r\n typeof userData.userId === \"object\"\r\n ? String(Object.values(userData.userId)[0])\r\n : String(userData.userId);\r\n if (parsedOptions.idHandler) {\r\n parsedUserId = parsedOptions.idHandler(userIdStr);\r\n } else {\r\n parsedUserId = userIdStr;\r\n }\r\n }\r\n\r\n if (userData.folder === \"private\") {\r\n const dir = await parsedOptions?.getUserFolder?.(req, parsedUserId);\r\n if (dir) {\r\n baseDir = dir;\r\n }\r\n }\r\n\r\n const outputFormat = allowedFormats.includes(\r\n userData?.format?.toLowerCase() as ImageFormat\r\n )\r\n ? userData?.format?.toLowerCase()\r\n : \"jpeg\";\r\n\r\n if (userData?.src?.startsWith(\"http\")) {\r\n imageBuffer = await fetchImage(\r\n userData?.src ?? \"\",\r\n baseDir,\r\n parsedOptions?.websiteURL ?? \"\",\r\n userData?.type as ImageType,\r\n parsedOptions?.apiRegex,\r\n parsedOptions?.allowedNetworkList\r\n );\r\n } else {\r\n imageBuffer = await readLocalImage(\r\n userData?.src ?? \"\",\r\n baseDir,\r\n userData?.type as ImageType\r\n );\r\n }\r\n\r\n let image = sharp(imageBuffer);\r\n\r\n if (userData?.width \|\| userData?.height) {\r\n const resizeOptions = {\r\n width: userData?.width ?? undefined,\r\n height: userData?.height ?? undefined,\r\n fit: sharp.fit.cover,\r\n };\r\n image = image.resize(resizeOptions as ResizeOptions);\r\n }\r\n\r\n const processedImage = await image\r\n .toFormat(outputFormat as keyof FormatEnum, {\r\n quality: userData?.quality ? Number(userData?.quality) : 80,\r\n })\r\n .toBuffer();\r\n\r\n const processedFileName = `${path.basename(\r\n userData?.src ?? \"\",\r\n path.extname(userData?.src ?? \"\")\r\n )}.${outputFormat}`;\r\n\r\n res.type(mimeTypes[outputFormat]);\r\n res.setHeader(\r\n \"Content-Disposition\",\r\n `inline; filename=\"${processedFileName}\"`\r\n );\r\n res.send(processedImage);\r\n } catch (error) {\r\n next(error);\r\n }\r\n};\r\n\r\n/\r\n @function registerServe\r\n * @description A function to register the serveImage function as middleware for Express.\r\n * @param {Options} options - The options object for image processing.\r\n * @returns {function(Request, Response, NextFunction): Promise<void>} The middleware function.\r\n /\r\nconst registerServe = (options: Options) => {\r\n return async (req: Request, res: Response, next: NextFunction) =>\r\n serveImage(req, res, next, options);\r\n};\r\n\r\nexport default registerServe;\r\n","import type { ImageFormat } from \"./types\";\r\nimport { readFile } from \"node:fs/promises\";\r\n\r\nconst NOT_FOUND_IMAGE = new URL(\"./assets/noimage.jpg\", import.meta.url)\r\n .pathname;\r\n\r\nconst NOT_FOUND_AVATAR = new URL(\"./assets/noavatar.png\", import.meta.url)\r\n .pathname;\r\n\r\nexport const FALLBACKIMAGES = {\r\n normal: async () => readFile(NOT_FOUND_IMAGE),\r\n avatar: async () => readFile(NOT_FOUND_AVATAR),\r\n};\r\n\r\nexport const API_REGEX: RegExp = /^\\/api\\/v1\\//;\r\n\r\nexport const allowedFormats: ImageFormat[] = [\r\n \"jpeg\",\r\n \"jpg\",\r\n \"png\",\r\n \"webp\",\r\n \"gif\",\r\n \"tiff\",\r\n \"avif\",\r\n \"svg\",\r\n];\r\n\r\nexport const mimeTypes: Readonly<Record<string, string>> = {\r\n jpeg: \"image/jpeg\",\r\n jpg: \"image/jpeg\",\r\n png: \"image/png\",\r\n webp: \"image/webp\",\r\n gif: \"image/gif\",\r\n tiff: \"image/tiff\",\r\n avif: \"image/avif\",\r\n svg: \"image/svg+xml\",\r\n};\r\n","import path from \"node:path\";\r\nimport as fs from \"node:fs/promises\";\r\nimport axios from \"axios\";\r\nimport { mimeTypes, API_REGEX, FALLBACKIMAGES } from \"./variables\";\r\nimport type { ImageType } from \"./types\";\r\n\r\n/*\r\n @typedef {(\"avatar\" \| \"normal\")} ImageType\r\n * @description Defines the type of image being processed.\r\n /\r\n\r\n/\r\n Checks if a specified path is valid within a base path.\r\n \r\n @param {string} basePath - The base directory to resolve paths.\r\n * @param {string} specifiedPath - The path to check.\r\n * @returns {boolean} True if the path is valid, false otherwise.\r\n /\r\nexport const isValidPath = async (\r\n basePath: string,\r\n specifiedPath: string\r\n): Promise<boolean> => {\r\n try {\r\n if (!basePath \|\| !specifiedPath) return false;\r\n if (specifiedPath.includes(\"\\0\")) return false;\r\n if (path.isAbsolute(specifiedPath)) return false;\r\n if (!/^[^\\x00-\\x1F]+$/.test(specifiedPath)) return false;\r\n\r\n const resolvedBase = path.resolve(basePath);\r\n const resolvedPath = path.resolve(resolvedBase, specifiedPath);\r\n\r\n const [realBase, realPath] = await Promise.all([\r\n fs.realpath(resolvedBase),\r\n fs.realpath(resolvedPath),\r\n ]);\r\n\r\n const baseStats = await fs.stat(realBase);\r\n if (!baseStats.isDirectory()) return false;\r\n\r\n const normalizedBase = realBase + path.sep;\r\n const normalizedPath = realPath + path.sep;\r\n\r\n const isInside =\r\n normalizedPath.startsWith(normalizedBase) \|\| realPath === realBase;\r\n\r\n const relative = path.relative(realBase, realPath);\r\n return !relative.startsWith(\"..\") && !path.isAbsolute(relative) && isInside;\r\n } catch {\r\n return false;\r\n }\r\n};\r\n\r\n/\r\n Fetches an image from a network source.\r\n \r\n @param {string} src - The URL of the image.\r\n * @param {ImageType} [type=\"normal\"] - Type of fallback image in case of an error.\r\n * @returns {Promise<Buffer>} A buffer containing the image data or a fallback image.\r\n /\r\nconst fetchFromNetwork = async (\r\n src: string,\r\n type: ImageType = \"normal\"\r\n): Promise<Buffer> => {\r\n try {\r\n const response = await axios.get(src, {\r\n responseType: \"arraybuffer\",\r\n timeout: 5000,\r\n });\r\n\r\n const contentType = response.headers[\"content-type\"]?.toLowerCase();\r\n const allowedMimeTypes = Object.values(mimeTypes);\r\n\r\n if (allowedMimeTypes.includes(contentType ?? \"\")) {\r\n return Buffer.from(response.data);\r\n }\r\n return await FALLBACKIMAGES[type]();\r\n } catch (error) {\r\n return await FALLBACKIMAGES[type]();\r\n }\r\n};\r\n\r\n/\r\n Reads an image from the local file system.\r\n \r\n @param {string} filePath - Path to the image file.\r\n * @param {string} baseDir - Base directory to resolve paths.\r\n * @param {ImageType} [type=\"normal\"] - Type of fallback image if the path is invalid.\r\n * @returns {Promise<Buffer>} A buffer containing the image data.\r\n /\r\nexport const readLocalImage = async (\r\n filePath: string,\r\n baseDir: string,\r\n type: ImageType = \"normal\"\r\n) => {\r\n const isValid = await isValidPath(baseDir, filePath);\r\n if (!isValid) {\r\n return await FALLBACKIMAGES[type]();\r\n }\r\n try {\r\n return await fs.readFile(path.resolve(baseDir, filePath));\r\n } catch (error) {\r\n return await FALLBACKIMAGES[type]();\r\n }\r\n};\r\n\r\n/\r\n Fetches an image from either a local file or a network source.\r\n \r\n @param {string} src - The URL or local path of the image.\r\n * @param {string} baseDir - Base directory to resolve local paths.\r\n * @param {string} websiteURL - The URL of the website.\r\n * @param {ImageType} [type=\"normal\"] - Type of fallback image if the path is invalid.\r\n * @param {RegExp} [apiRegex=API_REGEX] - Regular expression to match API routes.\r\n * @param {string[]} [allowedNetworkList=[]] - List of allowed network hosts.\r\n * @returns {Promise<Buffer>} A buffer containing the image data or a fallback image.\r\n /\r\nexport const fetchImage = (\r\n src: string,\r\n baseDir: string,\r\n websiteURL: string,\r\n type: ImageType = \"normal\",\r\n apiRegex: RegExp = API_REGEX,\r\n allowedNetworkList: string[] = []\r\n) => {\r\n const url = new URL(src);\r\n const isInternal = [websiteURL, `www.${websiteURL}`].includes(url.host);\r\n if (isInternal) {\r\n const localPath = url.pathname.replace(apiRegex, \"\");\r\n return readLocalImage(localPath, baseDir, type);\r\n } else {\r\n const allowedCondition = allowedNetworkList.includes(url.host);\r\n if (!allowedCondition) {\r\n return FALLBACKIMAGES[type]();\r\n }\r\n return fetchFromNetwork(src, type);\r\n }\r\n};\r\n","import { API_REGEX } from \"./variables\";\r\nimport type { Options, UserData } from \"./types\";\r\n\r\n/\r\n @typedef {(\"avatar\" \| \"normal\")} ImageType\r\n * @description Defines the type of image being processed.\r\n /\r\n\r\n/\r\n @typedef {(\"jpeg\" \| \"jpg\" \| \"png\" \| \"webp\" \| \"gif\" \| \"tiff\" \| \"avif\" \| \"svg\")} ImageFormat\r\n * @description Supported formats for image processing.\r\n /\r\n\r\n/\r\n @typedef {Object} Options\r\n * @property {string} baseDir - The base directory for public image files.\r\n * @property {function(string): string} idHandler - A function to handle user IDs.\r\n * @property {function(string, Request): Promise<string>} getUserFolder - Asynchronous function to retrieve user-specific folders.\r\n * @property {string} websiteURL - The base URL of the website for internal link resolution.\r\n * @property {RegExp} apiRegex - Regex to parse API endpoints from URLs.\r\n * @property {string[]} allowedNetworkList - List of allowed network domains for external image fetching.\r\n /\r\n\r\n/\r\n @typedef {Object} UserData\r\n * @property {number\|string} quality - Quality of the image (1–100).\r\n * @property {ImageFormat} format - Desired format of the image.\r\n * @property {string} [src] - Source path or URL for the image.\r\n * @property {string} [folder] - The folder type (\"public\" or \"private\").\r\n * @property {ImageType} [type] - Type of the image (\"avatar\" or \"normal\").\r\n * @property {string\|null} [userId] - Optional user identifier.\r\n * @property {number\|string} [width] - Desired image width.\r\n * @property {number\|string} [height] - Desired image height.\r\n /\r\n\r\n/\r\n Renders the options object with default values and user-provided values.\r\n \r\n @param {Partial<Options>} options - The user-provided options.\r\n * @returns {Options} The rendered options object.\r\n /\r\nexport const renderOptions = (options: Partial<Options>): Options => {\r\n const initialOptions: Options = {\r\n baseDir: \"\",\r\n idHandler: (id: string) => id,\r\n getUserFolder: async () => \"\",\r\n websiteURL: \"\",\r\n apiRegex: API_REGEX,\r\n allowedNetworkList: [],\r\n };\r\n return {\r\n ...initialOptions,\r\n ...options,\r\n };\r\n};\r\n\r\n/\r\n Renders the user data object with default values and user-provided values.\r\n \r\n @param {Partial<UserData>} userData - The user-provided data.\r\n * @returns {UserData} The rendered user data object.\r\n */\r\nexport const renderUserData = (userData: Partial<UserData>): UserData => {\r\n const initialUserData: UserData = {\r\n quality: 80,\r\n format: \"jpeg\",\r\n src: \"/placeholder/noimage.jpg\",\r\n folder: \"public\",\r\n type: \"normal\",\r\n width: undefined,\r\n height: undefined,\r\n userId: undefined,\r\n };\r\n return {\r\n ...initialUserData,\r\n ...userData,\r\n quality: userData.quality\r\n ? Math.min(Math.max(Number(userData.quality) \|\| 80, 1), 100)\r\n : 100,\r\n width: userData.width\r\n ? Math.min(Math.max(Number(userData.width), 50), 2000)\r\n : undefined,\r\n height: userData.height\r\n ? Math.min(Math.max(Number(userData.height), 50), 2000)\r\n : undefined,\r\n };\r\n};\r\n"],"mappings":"0jBAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,iBAAAE,EAAA,kBAAAC,IAAA,eAAAC,EAAAJ,GCKA,IAAMK,EAAmB,IACvB,OAAO,SAAa,IAChB,IAAI,IAAI,QAAQ,UAAU,EAAE,EAAE,KAC7B,SAAS,eAAiB,SAAS,cAAc,KAClD,IAAI,IAAI,UAAW,SAAS,OAAO,EAAE,KAE9BC,EAAgCD,EAAiB,ECX9D,IAAAE,EAAiB,mBACjBC,EAAiD,oBCAjD,IAAAC,EAAyB,uBAEnBC,EAAkB,IAAI,IAAI,uBAAwBC,CAAe,EACpE,SAEGC,EAAmB,IAAI,IAAI,wBAAyBD,CAAe,EACtE,SAEUE,EAAiB,CAC5B,OAAQ,YAAY,YAASH,CAAe,EAC5C,OAAQ,YAAY,YAASE,CAAgB,CAC/C,EAEaE,EAAoB,eAEpBC,EAAgC,CAC3C,OACA,MACA,MACA,OACA,MACA,OACA,OACA,KACF,EAEaC,EAA8C,CACzD,KAAM,aACN,IAAK,aACL,IAAK,YACL,KAAM,aACN,IAAK,YACL,KAAM,aACN,KAAM,aACN,IAAK,eACP,ECpCA,IAAAC,EAAiB,mBACjBC,EAAoB,0BACpBC,EAAkB,oBAgBX,IAAMC,EAAc,MACzBC,EACAC,IACqB,CACrB,GAAI,CAIF,GAHI,CAACD,GAAY,CAACC,GACdA,EAAc,SAAS,IAAI,GAC3B,EAAAC,QAAK,WAAWD,CAAa,GAC7B,CAAC,kBAAkB,KAAKA,CAAa,EAAG,MAAO,GAEnD,IAAME,EAAe,EAAAD,QAAK,QAAQF,CAAQ,EACpCI,EAAe,EAAAF,QAAK,QAAQC,EAAcF,CAAa,EAEvD,CAACI,EAAUC,CAAQ,EAAI,MAAM,QAAQ,IAAI,CAC1C,WAASH,CAAY,EACrB,WAASC,CAAY,CAC1B,CAAC,EAGD,GAAI,EADc,MAAS,OAAKC,CAAQ,GACzB,YAAY,EAAG,MAAO,GAErC,IAAME,EAAiBF,EAAW,EAAAH,QAAK,IAGjCM,GAFiBF,EAAW,EAAAJ,QAAK,KAGtB,WAAWK,CAAc,GAAKD,IAAaD,EAEtDI,EAAW,EAAAP,QAAK,SAASG,EAAUC,CAAQ,EACjD,MAAO,CAACG,EAAS,WAAW,IAAI,GAAK,CAAC,EAAAP,QAAK,WAAWO,CAAQ,GAAKD,CACrE,MAAQ,CACN,MAAO,EACT,CACF,EASME,EAAmB,MACvBC,EACAC,EAAkB,WACE,CACpB,GAAI,CACF,IAAMC,EAAW,MAAM,EAAAC,QAAM,IAAIH,EAAK,CACpC,aAAc,cACd,QAAS,GACX,CAAC,EAEKI,EAAcF,EAAS,QAAQ,cAAc,GAAG,YAAY,EAGlE,OAFyB,OAAO,OAAOG,CAAS,EAE3B,SAASD,GAAe,EAAE,EACtC,OAAO,KAAKF,EAAS,IAAI,EAE3B,MAAMI,EAAeL,CAAI,EAAE,CACpC,MAAgB,CACd,OAAO,MAAMK,EAAeL,CAAI,EAAE,CACpC,CACF,EAUaM,EAAiB,MAC5BC,EACAC,EACAR,EAAkB,WACf,CAEH,GAAI,CADY,MAAMb,EAAYqB,EAASD,CAAQ,EAEjD,OAAO,MAAMF,EAAeL,CAAI,EAAE,EAEpC,GAAI,CACF,OAAO,MAAS,WAAS,EAAAV,QAAK,QAAQkB,EAASD,CAAQ,CAAC,CAC1D,MAAgB,CACd,OAAO,MAAMF,EAAeL,CAAI,EAAE,CACpC,CACF,EAaaS,EAAa,CACxBV,EACAS,EACAE,EACAV,EAAkB,SAClBW,EAAmBC,EACnBC,EAA+B,CAAC,IAC7B,CACH,IAAMC,EAAM,IAAI,IAAIf,CAAG,EAEvB,GADmB,CAACW,EAAY,OAAOA,CAAU,EAAE,EAAE,SAASI,EAAI,IAAI,EACtD,CACd,IAAMC,EAAYD,EAAI,SAAS,QAAQH,EAAU,EAAE,EACnD,OAAOL,EAAeS,EAAWP,EAASR,CAAI,CAChD,KAEE,QADyBa,EAAmB,SAASC,EAAI,IAAI,EAItDhB,EAAiBC,EAAKC,CAAI,EAFxBK,EAAeL,CAAI,EAAE,CAIlC,EC/FO,IAAMgB,EAAiBC,IASrB,CACL,GAT8B,CAC9B,QAAS,GACT,UAAYC,GAAeA,EAC3B,cAAe,SAAY,GAC3B,WAAY,GACZ,SAAUC,EACV,mBAAoB,CAAC,CACvB,EAGE,GAAGF,CACL,GASWG,EAAkBC,IAWtB,CACL,GAXgC,CAChC,QAAS,GACT,OAAQ,OACR,IAAK,2BACL,OAAQ,SACR,KAAM,SACN,MAAO,OACP,OAAQ,OACR,OAAQ,MACV,EAGE,GAAGA,EACH,QAASA,EAAS,QACd,KAAK,IAAI,KAAK,IAAI,OAAOA,EAAS,OAAO,GAAK,GAAI,CAAC,EAAG,GAAG,EACzD,IACJ,MAAOA,EAAS,MACZ,KAAK,IAAI,KAAK,IAAI,OAAOA,EAAS,KAAK,EAAG,EAAE,EAAG,GAAI,EACnD,OACJ,OAAQA,EAAS,OACb,KAAK,IAAI,KAAK,IAAI,OAAOA,EAAS,MAAM,EAAG,EAAE,EAAG,GAAI,EACpD,MACN,GH1DF,IAAMC,EAAa,MACjBC,EACAC,EACAC,EACAC,IACG,CACH,GAAI,CACF,IAAMC,EAAWC,EAAeL,EAAI,KAAiB,EAC/CM,EAAgBC,EAAcJ,CAAO,EAEvCK,EACAC,EAAUH,EAAc,QACxBI,EAEJ,GAAIN,EAAS,OAAQ,CACnB,IAAMO,EACJ,OAAOP,EAAS,QAAW,SACvB,OAAO,OAAO,OAAOA,EAAS,MAAM,EAAE,CAAC,CAAC,EACxC,OAAOA,EAAS,MAAM,EACxBE,EAAc,UAChBI,EAAeJ,EAAc,UAAUK,CAAS,EAEhDD,EAAeC,CAEnB,CAEA,GAAIP,EAAS,SAAW,UAAW,CACjC,IAAMQ,EAAM,MAAMN,GAAe,gBAAgBN,EAAKU,CAAY,EAC9DE,IACFH,EAAUG,EAEd,CAEA,IAAMC,EAAeC,EAAe,SAClCV,GAAU,QAAQ,YAAY,CAChC,EACIA,GAAU,QAAQ,YAAY,EAC9B,OAEAA,GAAU,KAAK,WAAW,MAAM,EAClCI,EAAc,MAAMO,EAClBX,GAAU,KAAO,GACjBK,EACAH,GAAe,YAAc,GAC7BF,GAAU,KACVE,GAAe,SACfA,GAAe,kBACjB,EAEAE,EAAc,MAAMQ,EAClBZ,GAAU,KAAO,GACjBK,EACAL,GAAU,IACZ,EAGF,IAAIa,KAAQ,EAAAC,SAAMV,CAAW,EAE7B,GAAIJ,GAAU,OAASA,GAAU,OAAQ,CACvC,IAAMe,EAAgB,CACpB,MAAOf,GAAU,OAAS,OAC1B,OAAQA,GAAU,QAAU,OAC5B,IAAK,EAAAc,QAAM,IAAI,KACjB,EACAD,EAAQA,EAAM,OAAOE,CAA8B,CACrD,CAEA,IAAMC,EAAiB,MAAMH,EAC1B,SAASJ,EAAkC,CAC1C,QAAST,GAAU,QAAU,OAAOA,GAAU,OAAO,EAAI,EAC3D,CAAC,EACA,SAAS,EAENiB,EAAoB,GAAG,EAAAC,QAAK,SAChClB,GAAU,KAAO,GACjB,EAAAkB,QAAK,QAAQlB,GAAU,KAAO,EAAE,CAClC,CAAC,IAAIS,CAAY,GAEjBZ,EAAI,KAAKsB,EAAUV,CAAY,CAAC,EAChCZ,EAAI,UACF,sBACA,qBAAqBoB,CAAiB,GACxC,EACApB,EAAI,KAAKmB,CAAc,CACzB,OAASI,EAAO,CACdtB,EAAKsB,CAAK,CACZ,CACF,EAQMC,EAAiBtB,GACd,MAAOH,EAAcC,EAAeC,IACzCH,EAAWC,EAAKC,EAAKC,EAAMC,CAAO,EAG/BuB,EAAQD","names":["index_exports","__export","isValidPath","pixel_default","__toCommonJS","getImportMetaUrl","importMetaUrl","import_node_path","import_sharp","import_promises","NOT_FOUND_IMAGE","importMetaUrl","NOT_FOUND_AVATAR","FALLBACKIMAGES","API_REGEX","allowedFormats","mimeTypes","import_node_path","fs","import_axios","isValidPath","basePath","specifiedPath","path","resolvedBase","resolvedPath","realBase","realPath","normalizedBase","isInside","relative","fetchFromNetwork","src","type","response","axios","contentType","mimeTypes","FALLBACKIMAGES","readLocalImage","filePath","baseDir","fetchImage","websiteURL","apiRegex","API_REGEX","allowedNetworkList","url","localPath","renderOptions","options","id","API_REGEX","renderUserData","userData","serveImage","req","res","next","options","userData","renderUserData","parsedOptions","renderOptions","imageBuffer","baseDir","parsedUserId","userIdStr","dir","outputFormat","allowedFormats","fetchImage","readLocalImage","image","sharp","resizeOptions","processedImage","processedFileName","path","mimeTypes","error","registerServe","pixel_default"]}
1	+ {"version":3,"sources":["../node_modules/tsup/assets/cjs_shims.js","../src/variables.ts","../src/functions.ts","../src/schema.ts","../src/renders.ts","../src/pixel.ts"],"names":["getImportMetaUrl","importMetaUrl","moduleDir","path","fileURLToPath","getAssetPath","filename","NOT_FOUND_IMAGE","NOT_FOUND_AVATAR","FALLBACKIMAGES","readFile","API_REGEX","allowedFormats","mimeTypes","isValidPath","basePath","specifiedPath","resolvedBase","resolvedPath","realBase","realPath","f","normalizedBase","isInside","relative","fetchFromNetwork","src","type","timeoutMs","maxBytes","response","axios","status","contentType","readLocalImage","filePath","baseDir","fetchImage","websiteURL","apiRegex","allowedNetworkList","url","localPath","imageFormatEnum","z","imageTypeEnum","userDataSchema","val","lower","value","optionsSchema","renderOptions","options","renderUserData","userData","bounds","parsed","clamp","min","max","serveImage","req","res","next","parsedOptions","parsedUserId","dir","outputFormat","imageBuffer","image","sharp","resizeOptions","processedImage","processedFileName","etag","createHash","fallback","fallbackError","registerServe","pixel_default"],"mappings":"qtBAKA,IAAMA,CAAAA,CAAmB,IACvB,OAAO,QAAA,CAAa,IAChB,IAAI,GAAA,CAAI,CAAA,KAAA,EAAQ,UAAU,EAAE,CAAA,CAAE,IAAA,CAC7B,QAAA,CAAS,aAAA,EAAiB,SAAS,aAAA,CAAc,OAAA,CAAQ,WAAA,EAAY,GAAM,SAC1E,QAAA,CAAS,aAAA,CAAc,GAAA,CACvB,IAAI,IAAI,SAAA,CAAW,QAAA,CAAS,OAAO,CAAA,CAAE,KAEhCC,CAAAA,CAAgCD,CAAAA,EAAiB,CCH9D,IAAME,CAAAA,CAAYC,kBAAAA,CAAK,OAAA,CAAQC,kBAAcH,CAAe,CAAC,CAAA,CAEvDI,CAAAA,CAAgBC,GACbH,kBAAAA,CAAK,IAAA,CAAKD,CAAAA,CAAW,QAAA,CAAUI,CAAQ,CAAA,CAG1CC,CAAAA,CAAkBF,CAAAA,CAAa,aAAa,EAC5CG,CAAAA,CAAmBH,CAAAA,CAAa,cAAc,CAAA,CAEvCI,CAAAA,CAGT,CACF,MAAA,CAAQ,SAA6BC,WAASH,CAAe,CAAA,CAC7D,MAAA,CAAQ,SAA6BG,WAASF,CAAgB,CAChE,CAAA,CAEaG,CAAAA,CAAoB,eAEpBC,CAAAA,CAAgC,CAC3C,MAAA,CACA,KAAA,CACA,MACA,MAAA,CACA,KAAA,CACA,MAAA,CACA,MAAA,CACA,KACF,CAAA,CAEaC,CAAAA,CAA8C,CACzD,IAAA,CAAM,aACN,GAAA,CAAK,YAAA,CACL,GAAA,CAAK,WAAA,CACL,KAAM,YAAA,CACN,GAAA,CAAK,WAAA,CACL,IAAA,CAAM,aACN,IAAA,CAAM,YAAA,CACN,GAAA,CAAK,eACP,MC9BaC,CAAAA,CAAc,MACzBC,CAAAA,CACAC,CAAAA,GACqB,CACrB,GAAI,CAIF,GAHI,CAACD,GAAY,CAACC,CAAAA,EACdA,CAAAA,CAAc,QAAA,CAAS,IAAI,CAAA,EAC3Bb,kBAAAA,CAAK,UAAA,CAAWa,CAAa,GAC7B,CAAC,iBAAA,CAAkB,IAAA,CAAKA,CAAa,CAAA,CAAG,OAAO,CAAA,CAAA,CAEnD,IAAMC,EAAed,kBAAAA,CAAK,OAAA,CAAQY,CAAQ,CAAA,CACpCG,EAAef,kBAAAA,CAAK,OAAA,CAAQc,CAAAA,CAAcD,CAAa,EAEvD,CAACG,CAAAA,CAAUC,CAAQ,CAAA,CAAI,MAAM,OAAA,CAAQ,GAAA,CAAI,CAC1CC,YAAA,CAAA,QAAA,CAASJ,CAAY,CAAA,CACrBI,YAAA,CAAA,QAAA,CAASH,CAAY,CAC1B,CAAC,CAAA,CAGD,GAAI,CAAA,CADc,MAASG,kBAAKF,CAAQ,CAAA,EACzB,WAAA,EAAY,CAAG,OAAO,CAAA,CAAA,CAErC,IAAMG,CAAAA,CAAiBH,EAAWhB,kBAAAA,CAAK,GAAA,CAGjCoB,CAAAA,CAAAA,CAFiBH,CAAAA,CAAWjB,mBAAK,GAAA,EAGtB,UAAA,CAAWmB,CAAc,CAAA,EAAKF,IAAaD,CAAAA,CAEtDK,CAAAA,CAAWrB,kBAAAA,CAAK,QAAA,CAASgB,EAAUC,CAAQ,CAAA,CACjD,OAAO,CAACI,EAAS,UAAA,CAAW,IAAI,CAAA,EAAK,CAACrB,mBAAK,UAAA,CAAWqB,CAAQ,CAAA,EAAKD,CACrE,MAAQ,CACN,OAAO,MACT,CACF,CAAA,CASME,CAAAA,CAAmB,MACvBC,CAAAA,CACAC,EAAkB,QAAA,CAClB,CACE,SAAA,CAAAC,CAAAA,CACA,SAAAC,CACF,CAAA,GAIoB,CACpB,GAAI,CACF,IAAMC,CAAAA,CAAW,MAAMC,kBAAAA,CAAM,IAAIL,CAAAA,CAAK,CACpC,YAAA,CAAc,aAAA,CACd,QAASE,CAAAA,CACT,gBAAA,CAAkBC,CAAAA,CAClB,aAAA,CAAeA,EACf,cAAA,CAAiBG,CAAAA,EAAWA,CAAAA,EAAU,GAAA,EAAOA,EAAS,GACxD,CAAC,CAAA,CAEKC,CAAAA,CAAcH,EAAS,OAAA,CAAQ,cAAc,CAAA,EAAG,WAAA,GAGtD,OAFyB,MAAA,CAAO,MAAA,CAAOjB,CAAS,EAE3B,QAAA,CAASoB,CAAAA,EAAe,EAAE,CAAA,CACtC,OAAO,IAAA,CAAKH,CAAAA,CAAS,IAAI,CAAA,CAE3B,MAAMrB,CAAAA,CAAekB,CAAI,CAAA,EAClC,MAAgB,CACd,OAAO,MAAMlB,CAAAA,CAAekB,CAAI,CAAA,EAClC,CACF,CAAA,CAUaO,EAAiB,MAC5BC,CAAAA,CACAC,CAAAA,CACAT,CAAAA,CAAkB,QAAA,GACf,CAEH,GAAI,CADY,MAAMb,CAAAA,CAAYsB,CAAAA,CAASD,CAAQ,CAAA,CAEjD,OAAO,MAAM1B,CAAAA,CAAekB,CAAI,CAAA,GAElC,GAAI,CACF,OAAO,MAASN,sBAASlB,kBAAAA,CAAK,OAAA,CAAQiC,CAAAA,CAASD,CAAQ,CAAC,CAC1D,CAAA,KAAgB,CACd,OAAO,MAAM1B,CAAAA,CAAekB,CAAI,CAAA,EAClC,CACF,CAAA,CAYaU,CAAAA,CAAa,CACxBX,CAAAA,CACAU,CAAAA,CACAE,CAAAA,CACAX,CAAAA,CAAkB,QAAA,CAClBY,EACAC,CAAAA,CAA+B,EAAC,CAChC,CACE,UAAAZ,CAAAA,CACA,QAAA,CAAAC,CACF,CAAA,GAIoB,CACpB,GAAI,CACF,IAAMY,CAAAA,CAAM,IAAI,GAAA,CAAIf,CAAG,CAAA,CAKvB,GAHEY,IAAe,KAAA,CAAA,EACf,CAACA,CAAAA,CAAY,CAAA,IAAA,EAAOA,CAAU,CAAA,CAAE,CAAA,CAAE,QAAA,CAASG,CAAAA,CAAI,IAAI,CAAA,CAErC,CACd,IAAMC,CAAAA,CAAYD,CAAAA,CAAI,QAAA,CAAS,OAAA,CAAQF,CAAAA,CAAU,EAAE,CAAA,CACnD,OAAOL,CAAAA,CAAeQ,CAAAA,CAAWN,EAAST,CAAI,CAChD,CAGA,OADyBa,EAAmB,QAAA,CAASC,CAAAA,CAAI,IAAI,CAAA,CAIxD,CAAC,OAAA,CAAS,QAAQ,CAAA,CAAE,QAAA,CAASA,EAAI,QAAQ,CAAA,CAGvChB,CAAAA,CAAiBC,CAAAA,CAAKC,EAAM,CAAE,SAAA,CAAAC,CAAAA,CAAW,QAAA,CAAAC,CAAS,CAAC,CAAA,CAFjDpB,CAAAA,CAAekB,CAAI,GAAE,CAHrBlB,CAAAA,CAAekB,CAAI,CAAA,EAM9B,CAAA,KAAQ,CACN,OAAOO,CAAAA,CAAeR,EAAKU,CAAAA,CAAST,CAAI,CAC1C,CACF,MC/JMgB,CAAAA,CAAkBC,KAAAA,CAAE,IAAA,CAAKhC,CAAuC,EAChEiC,CAAAA,CAAgBD,KAAAA,CAAE,IAAA,CAAK,CAAC,SAAU,QAAQ,CAAC,CAAA,CAEpCE,CAAAA,CAAiBF,MAC3B,MAAA,CAAO,CACN,GAAA,CAAKA,KAAAA,CACF,MAAA,EAAO,CACP,GAAA,CAAI,CAAA,CAAG,iBAAiB,CAAA,CACxB,QAAA,EAAS,CACT,OAAA,CAAQ,0BAA0B,CAAA,CACrC,MAAA,CAAQA,KAAAA,CACL,MAAA,GACA,QAAA,EAAS,CACT,SAAA,CAAWG,CAAAA,EAAQ,CAClB,IAAMC,CAAAA,CAAQD,CAAAA,EAAK,WAAA,GACnB,OAAOC,CAAAA,EAASL,CAAAA,CAAgB,OAAA,CAAQ,SAASK,CAAe,CAAA,CAC3DA,CAAAA,CACD,MACN,CAAC,CAAA,CACA,QAAA,EAAS,CACZ,KAAA,CAAOJ,MACJ,KAAA,CAAM,CAACA,KAAAA,CAAE,MAAA,GAAUA,KAAAA,CAAE,MAAA,EAAQ,CAAC,EAC9B,QAAA,EAAS,CACT,SAAA,CAAWK,CAAAA,EACaA,GAAU,IAAA,CAAO,MAAA,CAAY,MAAA,CAAOA,CAAK,CAClE,CAAA,CACC,IAAA,CACCL,KAAAA,CACG,MAAA,GACA,GAAA,EAAI,CACJ,GAAA,CAAI,EAAA,CAAI,iBAAiB,CAAA,CACzB,GAAA,CAAI,GAAA,CAAM,iBAAiB,EAC3B,QAAA,EACL,CAAA,CACF,MAAA,CAAQA,KAAAA,CACL,KAAA,CAAM,CAACA,KAAAA,CAAE,QAAO,CAAGA,KAAAA,CAAE,MAAA,EAAQ,CAAC,CAAA,CAC9B,QAAA,EAAS,CACT,SAAA,CAAWK,GACaA,CAAAA,EAAU,IAAA,CAAO,MAAA,CAAY,MAAA,CAAOA,CAAK,CAClE,CAAA,CACC,IAAA,CACCL,KAAAA,CACG,QAAO,CACP,GAAA,EAAI,CACJ,GAAA,CAAI,GAAI,kBAAkB,CAAA,CAC1B,GAAA,CAAI,GAAA,CAAM,kBAAkB,CAAA,CAC5B,QAAA,EACL,CAAA,CACF,QAASA,KAAAA,CACN,KAAA,CAAM,CAACA,KAAAA,CAAE,QAAO,CAAGA,KAAAA,CAAE,MAAA,EAAQ,CAAC,CAAA,CAC9B,QAAA,EAAS,CACT,SAAA,CAAWK,GACaA,CAAAA,EAAU,IAAA,CAAO,MAAA,CAAY,MAAA,CAAOA,CAAK,CAClE,CAAA,CACC,IAAA,CAAKL,KAAAA,CAAE,QAAO,CAAE,GAAA,EAAI,CAAE,GAAA,CAAI,CAAC,CAAA,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAQ,EAAE,CAAC,CAAA,CACpD,MAAA,CAAQA,KAAAA,CAAE,IAAA,CAAK,CAAC,QAAA,CAAU,SAAS,CAAC,CAAA,CAAE,OAAA,CAAQ,QAAQ,EACtD,IAAA,CAAMC,CAAAA,CAAc,OAAA,CAAQ,QAAQ,EACpC,MAAA,CAAQD,KAAAA,CACL,KAAA,CAAM,CAACA,MAAE,MAAA,EAAO,CAAGA,KAAAA,CAAE,MAAA,EAAQ,CAAC,CAAA,CAC9B,QAAA,EAAS,CACT,UAAWK,CAAAA,EACaA,CAAAA,EAAU,IAAA,CAAO,MAAA,CAAY,OAAOA,CAAK,CAAA,CAAE,IAAA,EACpE,CAAA,CACC,IAAA,CACCL,KAAAA,CACG,MAAA,GACA,GAAA,CAAI,CAAA,CAAG,wBAAwB,CAAA,CAC/B,IAAI,GAAA,CAAK,iBAAiB,CAAA,CAC1B,QAAA,EACL,CACJ,CAAC,CAAA,CACA,MAAA,GAEUM,CAAAA,CAAgBN,KAAAA,CAC1B,MAAA,CAAO,CACN,QAASA,KAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,EAAG,qBAAqB,CAAA,CAChD,SAAA,CAAWA,KAAAA,CACR,OAEEG,CAAAA,EAAQ,OAAOA,CAAAA,EAAQ,UAAA,CAAY,CAAE,OAAA,CAAS,8BAA+B,CAAC,EAChF,QAAA,EAAS,CACZ,aAAA,CAAeH,KAAAA,CACZ,OAEEG,CAAAA,EAAQ,OAAOA,CAAAA,EAAQ,UAAA,CAAY,CAAE,OAAA,CAAS,kCAAmC,CAAC,CAAA,CACpF,UAAS,CACZ,UAAA,CAAYH,KAAAA,CAAE,KAAA,CAAM,CAACA,KAAAA,CAAE,GAAA,EAAI,CAAGA,KAAAA,CAAE,QAAO,CAAE,KAAA,CAAM,WAAW,CAAC,CAAC,CAAA,CAAE,QAAA,EAAS,CACvE,QAAA,CAAUA,MAAE,UAAA,CAAW,MAAM,CAAA,CAAE,OAAA,CAAQjC,CAAS,CAAA,CAChD,kBAAA,CAAoBiC,KAAAA,CAAE,KAAA,CAAMA,MAAE,MAAA,EAAQ,CAAA,CAAE,OAAA,CAAQ,EAAE,CAAA,CAClD,YAAA,CAAcA,KAAAA,CAAE,QAAO,CAAE,QAAA,EAAS,CAClC,IAAA,CAAMA,MAAE,OAAA,EAAQ,CAAE,OAAA,CAAQ,IAAI,EAC9B,QAAA,CAAUA,KAAAA,CAAE,MAAA,EAAO,CAAE,KAAI,CAAE,QAAA,EAAS,CAAE,OAAA,CAAQ,EAAE,CAAA,CAChD,QAAA,CAAUA,KAAAA,CAAE,QAAO,CAAE,GAAA,EAAI,CAAE,QAAA,GAAW,OAAA,CAAQ,GAAI,CAAA,CAClD,SAAA,CAAWA,MAAE,MAAA,EAAO,CAAE,GAAA,EAAI,CAAE,UAAS,CAAE,OAAA,CAAQ,EAAE,CAAA,CACjD,UAAWA,KAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS,CAAE,OAAA,CAAQ,GAAI,EACnD,cAAA,CAAgBA,KAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI,CAAE,GAAA,CAAI,CAAC,EAAE,GAAA,CAAI,GAAG,CAAA,CAAE,OAAA,CAAQ,EAAE,CAAA,CAC3D,gBAAA,CAAkBA,KAAAA,CAAE,MAAA,GAAS,GAAA,EAAI,CAAE,QAAA,EAAS,CAAE,QAAQ,GAAI,CAAA,CAC1D,gBAAA,CAAkBA,KAAAA,CAAE,QAAO,CAAE,GAAA,EAAI,CAAE,QAAA,GAAW,OAAA,CAAQ,GAAS,CACjE,CAAC,EACA,MAAA,GC5DI,IAAMO,CAAAA,CAAiBC,CAAAA,EAC5BF,CAAAA,CAAc,KAAA,CAAME,CAAO,EAQhBC,CAAAA,CAAiB,CAC5BC,CAAAA,CACAC,CAAAA,GAOmB,CACnB,IAAMC,CAAAA,CAASV,CAAAA,CAAe,KAAA,CAAMQ,CAAQ,CAAA,CAEtCG,CAAAA,CAAQ,CAACR,CAAAA,CAA2BS,EAAaC,CAAAA,GAAgB,CACrE,GAAIV,CAAAA,GAAU,OACd,OAAO,IAAA,CAAK,GAAA,CAAI,IAAA,CAAK,IAAIA,CAAAA,CAAOS,CAAG,CAAA,CAAGC,CAAG,CAC3C,CAAA,CAEA,OAAO,CACL,GAAGH,EACH,KAAA,CAAOC,CAAAA,CAAMD,CAAAA,CAAO,KAAA,CAAOD,EAAO,QAAA,CAAUA,CAAAA,CAAO,QAAQ,CAAA,CAC3D,OAAQE,CAAAA,CAAMD,CAAAA,CAAO,MAAA,CAAQD,CAAAA,CAAO,UAAWA,CAAAA,CAAO,SAAS,CAAA,CAC/D,OAAA,CAASC,EAAO,OAAA,EAAWD,CAAAA,CAAO,cAAA,CAClC,MAAA,CAAQC,EAAO,MAAA,EAAU,MAC3B,CACF,CAAA,KC1CMI,CAAAA,CAAa,MACjBC,CAAAA,CACAC,CAAAA,CACAC,EACAX,CAAAA,GACG,CACH,GAAI,CACF,IAAMY,CAAAA,CAAgBb,CAAAA,CAAcC,CAAO,EACrCE,CAAAA,CAAWD,CAAAA,CAAeQ,CAAAA,CAAI,KAAA,CAA4B,CAC9D,QAAA,CAAUG,CAAAA,CAAc,QAAA,CACxB,QAAA,CAAUA,EAAc,QAAA,CACxB,SAAA,CAAWA,CAAAA,CAAc,SAAA,CACzB,UAAWA,CAAAA,CAAc,SAAA,CACzB,cAAA,CAAgBA,CAAAA,CAAc,cAChC,CAAC,CAAA,CAEG5B,CAAAA,CAAU4B,CAAAA,CAAc,QACxBC,CAAAA,CAQJ,GANIX,CAAAA,CAAS,MAAA,GACXW,EAAeD,CAAAA,CAAc,SAAA,CACzBA,CAAAA,CAAc,SAAA,CAAUV,CAAAA,CAAS,MAAM,CAAA,CACvCA,CAAAA,CAAS,QAGXA,CAAAA,CAAS,MAAA,GAAW,SAAA,EAAaU,CAAAA,CAAc,cAAe,CAChE,IAAME,CAAAA,CAAM,MAAMF,EAAc,aAAA,CAAcH,CAAAA,CAAKI,CAAY,CAAA,CAC3DC,IACF9B,CAAAA,CAAU8B,CAAAA,EAEd,CAEA,IAAMC,EAAevD,CAAAA,CAAe,QAAA,CAAA,CACjC0C,CAAAA,CAAS,MAAA,EAAU,IAAI,WAAA,EAC1B,CAAA,CACKA,CAAAA,CAAS,OACV,MAAA,CAuBEc,CAAAA,CAAc,KAAA,CArBE,SACfd,CAAAA,CAAS,GAAA,CAGVA,CAAAA,CAAS,GAAA,CAAI,WAAW,MAAM,CAAA,CACzBjB,CAAAA,CACLiB,CAAAA,CAAS,IACTlB,CAAAA,CACA4B,CAAAA,CAAc,UAAA,CACdV,CAAAA,CAAS,KACTU,CAAAA,CAAc,QAAA,CACdA,CAAAA,CAAc,kBAAA,CACd,CACE,SAAA,CAAWA,CAAAA,CAAc,gBAAA,CACzB,QAAA,CAAUA,EAAc,gBAC1B,CACF,CAAA,CAEK9B,CAAAA,CAAeoB,EAAS,GAAA,CAAKlB,CAAAA,CAASkB,CAAAA,CAAS,IAAiB,EAhB9D7C,CAAAA,CAAe6C,CAAAA,CAAS,IAAA,EAAQ,QAAQ,GAAE,GAmBb,CACpCe,CAAAA,CAAQC,kBAAAA,CAAMF,EAAa,CAAE,MAAA,CAAQ,WAAY,CAAC,EAEtD,GAAId,CAAAA,CAAS,KAAA,EAASA,CAAAA,CAAS,OAAQ,CACrC,IAAMiB,CAAAA,CAA+B,CACnC,MAAOjB,CAAAA,CAAS,KAAA,EAAS,KAAA,CAAA,CACzB,MAAA,CAAQA,EAAS,MAAA,EAAU,KAAA,CAAA,CAC3B,GAAA,CAAKgB,kBAAAA,CAAM,IAAI,KAAA,CACf,kBAAA,CAAoB,CAAA,CACtB,CAAA,CACAD,EAAQA,CAAAA,CAAM,MAAA,CAAOE,CAAa,EACpC,CAEA,IAAMC,CAAAA,CAAiB,MAAMH,EAC1B,MAAA,EAAO,CACP,QAAA,CAASF,CAAAA,CAAkC,CAC1C,OAAA,CAASb,CAAAA,CAAS,OACpB,CAAC,EACA,QAAA,EAAS,CAKNmB,CAAAA,CAAoB,CAAA,EAHPnB,EAAS,GAAA,CACxBnD,kBAAAA,CAAK,QAAA,CAASmD,CAAAA,CAAS,IAAKnD,kBAAAA,CAAK,OAAA,CAAQmD,CAAAA,CAAS,GAAG,CAAC,CAAA,CACtD,OACmC,CAAA,CAAA,EAAIa,CAAY,GAEjDO,CAAAA,CAAOV,CAAAA,CAAc,IAAA,CACvB,CAAA,CAAA,EAAIW,kBAAW,MAAM,CAAA,CAAE,MAAA,CAAOH,CAAc,EAAE,MAAA,CAAO,KAAK,CAAC,CAAA,CAAA,CAAA,CAC3D,OAEJ,GAAIE,CAAAA,EAAQb,CAAAA,CAAI,OAAA,CAAQ,eAAe,CAAA,GAAMa,CAAAA,CAAM,CACjDZ,CAAAA,CAAI,OAAO,GAAG,CAAA,CAAE,GAAA,EAAI,CACpB,MACF,CAEAA,CAAAA,CAAI,IAAA,CAAKjD,CAAAA,CAAUsD,CAAY,CAAC,CAAA,CAChCL,CAAAA,CAAI,SAAA,CACF,sBACA,CAAA,kBAAA,EAAqBW,CAAiB,CAAA,CAAA,CACxC,CAAA,CACAX,CAAAA,CAAI,SAAA,CACF,eAAA,CACAE,CAAAA,CAAc,cACZ,sDACJ,CAAA,CACIU,CAAAA,EACFZ,CAAAA,CAAI,UAAU,MAAA,CAAQY,CAAI,CAAA,CAE5BZ,CAAAA,CAAI,UAAU,gBAAA,CAAkBU,CAAAA,CAAe,MAAA,CAAO,QAAA,EAAU,CAAA,CAChEV,CAAAA,CAAI,IAAA,CAAKU,CAAc,EAEzB,CAAA,KAAgB,CACd,GAAI,CACF,IAAMI,CAAAA,CAAW,MAAMnE,CAAAA,CAAe,MAAA,GACtCqD,CAAAA,CAAI,IAAA,CAAKjD,CAAAA,CAAU,IAAI,EACvBiD,CAAAA,CAAI,SAAA,CAAU,qBAAA,CAAuB,kCAAkC,EACvEA,CAAAA,CAAI,SAAA,CAAU,eAAA,CAAiB,oBAAoB,EACnDA,CAAAA,CAAI,IAAA,CAAKc,CAAQ,EACnB,OAASC,CAAAA,CAAe,CACtBd,CAAAA,CAAKc,CAAa,EACpB,CACF,CACF,CAAA,CAQMC,CAAAA,CAAiB1B,GACd,MAAOS,CAAAA,CAAcC,CAAAA,CAAeC,CAAAA,GACzCH,EAAWC,CAAAA,CAAKC,CAAAA,CAAKC,CAAAA,CAAMX,CAAO,EAG/B2B,CAAAA,CAAQD","file":"index.js","sourcesContent":["// Shim globals in cjs bundle\n// There's a weird bug that esbuild will always inject importMetaUrl\n// if we export it as `const importMetaUrl = ... __filename ...`\n// But using a function will not cause this issue\n\nconst getImportMetaUrl = () => \n typeof document === \"undefined\" \n ? new URL(`file:${__filename}`).href \n : (document.currentScript && document.currentScript.tagName.toUpperCase() === 'SCRIPT') \n ? document.currentScript.src \n : new URL(\"main.js\", document.baseURI).href;\n\nexport const importMetaUrl = /* @__PURE__ / getImportMetaUrl()\n","import type { ImageFormat } from \"./types\";\r\nimport { readFile } from \"node:fs/promises\";\r\nimport path from \"node:path\";\r\nimport { fileURLToPath } from \"node:url\";\r\n\r\n/\r\n Get the directory path for the current module.\r\n * Uses import.meta.url for ESM (tsup provides shims for CJS compatibility).\r\n /\r\nconst moduleDir = path.dirname(fileURLToPath(import.meta.url));\r\n\r\nconst getAssetPath = (filename: string): string => {\r\n return path.join(moduleDir, \"assets\", filename);\r\n};\r\n\r\nconst NOT_FOUND_IMAGE = getAssetPath(\"noimage.jpg\");\r\nconst NOT_FOUND_AVATAR = getAssetPath(\"noavatar.png\");\r\n\r\nexport const FALLBACKIMAGES: Record<\r\n \"normal\" \| \"avatar\",\r\n () => Promise<Buffer>\r\n> = {\r\n normal: async (): Promise<Buffer> => readFile(NOT_FOUND_IMAGE),\r\n avatar: async (): Promise<Buffer> => readFile(NOT_FOUND_AVATAR),\r\n};\r\n\r\nexport const API_REGEX: RegExp = /^\\/api\\/v1\\//;\r\n\r\nexport const allowedFormats: ImageFormat[] = [\r\n \"jpeg\",\r\n \"jpg\",\r\n \"png\",\r\n \"webp\",\r\n \"gif\",\r\n \"tiff\",\r\n \"avif\",\r\n \"svg\",\r\n];\r\n\r\nexport const mimeTypes: Readonly<Record<string, string>> = {\r\n jpeg: \"image/jpeg\",\r\n jpg: \"image/jpeg\",\r\n png: \"image/png\",\r\n webp: \"image/webp\",\r\n gif: \"image/gif\",\r\n tiff: \"image/tiff\",\r\n avif: \"image/avif\",\r\n svg: \"image/svg+xml\",\r\n};\r\n","import path from \"node:path\";\r\nimport as fs from \"node:fs/promises\";\r\nimport axios from \"axios\";\r\nimport { FALLBACKIMAGES, mimeTypes } from \"./variables\";\r\nimport type { ImageType } from \"./types\";\r\n\r\n/*\r\n @typedef {(\"avatar\" \| \"normal\")} ImageType\r\n * @description Defines the type of image being processed.\r\n /\r\n\r\n/\r\n Checks if a specified path is valid within a base path.\r\n \r\n @param {string} basePath - The base directory to resolve paths.\r\n * @param {string} specifiedPath - The path to check.\r\n * @returns {Promise<boolean>} True if the path is valid, false otherwise.\r\n /\r\nexport const isValidPath = async (\r\n basePath: string,\r\n specifiedPath: string\r\n): Promise<boolean> => {\r\n try {\r\n if (!basePath \|\| !specifiedPath) return false;\r\n if (specifiedPath.includes(\"\\0\")) return false;\r\n if (path.isAbsolute(specifiedPath)) return false;\r\n if (!/^[^\\x00-\\x1F]+$/.test(specifiedPath)) return false;\r\n\r\n const resolvedBase = path.resolve(basePath);\r\n const resolvedPath = path.resolve(resolvedBase, specifiedPath);\r\n\r\n const [realBase, realPath] = await Promise.all([\r\n fs.realpath(resolvedBase),\r\n fs.realpath(resolvedPath),\r\n ]);\r\n\r\n const baseStats = await fs.stat(realBase);\r\n if (!baseStats.isDirectory()) return false;\r\n\r\n const normalizedBase = realBase + path.sep;\r\n const normalizedPath = realPath + path.sep;\r\n\r\n const isInside =\r\n normalizedPath.startsWith(normalizedBase) \|\| realPath === realBase;\r\n\r\n const relative = path.relative(realBase, realPath);\r\n return !relative.startsWith(\"..\") && !path.isAbsolute(relative) && isInside;\r\n } catch {\r\n return false;\r\n }\r\n};\r\n\r\n/\r\n Fetches an image from a network source.\r\n \r\n @param {string} src - The URL of the image.\r\n * @param {ImageType} [type=\"normal\"] - Type of fallback image in case of an error.\r\n * @returns {Promise<Buffer>} A buffer containing the image data or a fallback image.\r\n /\r\nconst fetchFromNetwork = async (\r\n src: string,\r\n type: ImageType = \"normal\",\r\n {\r\n timeoutMs,\r\n maxBytes,\r\n }: {\r\n timeoutMs: number;\r\n maxBytes: number;\r\n }\r\n): Promise<Buffer> => {\r\n try {\r\n const response = await axios.get(src, {\r\n responseType: \"arraybuffer\",\r\n timeout: timeoutMs,\r\n maxContentLength: maxBytes,\r\n maxBodyLength: maxBytes,\r\n validateStatus: (status) => status >= 200 && status < 300,\r\n });\r\n\r\n const contentType = response.headers[\"content-type\"]?.toLowerCase();\r\n const allowedMimeTypes = Object.values(mimeTypes);\r\n\r\n if (allowedMimeTypes.includes(contentType ?? \"\")) {\r\n return Buffer.from(response.data);\r\n }\r\n return await FALLBACKIMAGES[type]();\r\n } catch (error) {\r\n return await FALLBACKIMAGES[type]();\r\n }\r\n};\r\n\r\n/\r\n Reads an image from the local file system.\r\n \r\n @param {string} filePath - Path to the image file.\r\n * @param {string} baseDir - Base directory to resolve paths.\r\n * @param {ImageType} [type=\"normal\"] - Type of fallback image if the path is invalid.\r\n * @returns {Promise<Buffer>} A buffer containing the image data.\r\n /\r\nexport const readLocalImage = async (\r\n filePath: string,\r\n baseDir: string,\r\n type: ImageType = \"normal\"\r\n) => {\r\n const isValid = await isValidPath(baseDir, filePath);\r\n if (!isValid) {\r\n return await FALLBACKIMAGES[type]();\r\n }\r\n try {\r\n return await fs.readFile(path.resolve(baseDir, filePath));\r\n } catch (error) {\r\n return await FALLBACKIMAGES[type]();\r\n }\r\n};\r\n\r\n/\r\n Fetches an image from either a local file or a network source.\r\n \r\n @param {string} src - The URL or local path of the image.\r\n * @param {string} baseDir - Base directory to resolve local paths.\r\n * @param {string} websiteURL - The URL of the website.\r\n * @param {ImageType} [type=\"normal\"] - Type of fallback image if the path is invalid.\r\n * @param {string[]} [allowedNetworkList=[]] - List of allowed network hosts.\r\n * @returns {Promise<Buffer>} A buffer containing the image data or a fallback image.\r\n /\r\nexport const fetchImage = (\r\n src: string,\r\n baseDir: string,\r\n websiteURL: string \| undefined,\r\n type: ImageType = \"normal\",\r\n apiRegex: RegExp,\r\n allowedNetworkList: string[] = [],\r\n {\r\n timeoutMs,\r\n maxBytes,\r\n }: {\r\n timeoutMs: number;\r\n maxBytes: number;\r\n }\r\n): Promise<Buffer> => {\r\n try {\r\n const url = new URL(src);\r\n const isInternal =\r\n websiteURL !== undefined &&\r\n [websiteURL, `www.${websiteURL}`].includes(url.host);\r\n\r\n if (isInternal) {\r\n const localPath = url.pathname.replace(apiRegex, \"\");\r\n return readLocalImage(localPath, baseDir, type);\r\n }\r\n\r\n const allowedCondition = allowedNetworkList.includes(url.host);\r\n if (!allowedCondition) {\r\n return FALLBACKIMAGES[type]();\r\n }\r\n if (![\"http:\", \"https:\"].includes(url.protocol)) {\r\n return FALLBACKIMAGES[type]();\r\n }\r\n return fetchFromNetwork(src, type, { timeoutMs, maxBytes });\r\n } catch {\r\n return readLocalImage(src, baseDir, type);\r\n }\r\n};\r\n","import { z } from \"zod\";\r\nimport { API_REGEX, allowedFormats } from \"./variables\";\r\n\r\nconst imageFormatEnum = z.enum(allowedFormats as [string, ...string[]]);\r\nconst imageTypeEnum = z.enum([\"avatar\", \"normal\"]);\r\n\r\nexport const userDataSchema = z\r\n .object({\r\n src: z\r\n .string()\r\n .min(1, \"src is required\")\r\n .optional()\r\n .default(\"/placeholder/noimage.jpg\"),\r\n format: z\r\n .string()\r\n .optional()\r\n .transform((val) => {\r\n const lower = val?.toLowerCase();\r\n return lower && imageFormatEnum.options.includes(lower as string)\r\n ? (lower as (typeof imageFormatEnum)[\"options\"][number])\r\n : undefined;\r\n })\r\n .optional(),\r\n width: z\r\n .union([z.number(), z.string()])\r\n .optional()\r\n .transform((value) =>\r\n value === undefined \|\| value === null ? undefined : Number(value)\r\n )\r\n .pipe(\r\n z\r\n .number()\r\n .int()\r\n .min(50, \"width too small\")\r\n .max(4000, \"width too large\")\r\n .optional()\r\n ),\r\n height: z\r\n .union([z.number(), z.string()])\r\n .optional()\r\n .transform((value) =>\r\n value === undefined \|\| value === null ? undefined : Number(value)\r\n )\r\n .pipe(\r\n z\r\n .number()\r\n .int()\r\n .min(50, \"height too small\")\r\n .max(4000, \"height too large\")\r\n .optional()\r\n ),\r\n quality: z\r\n .union([z.number(), z.string()])\r\n .optional()\r\n .transform((value) =>\r\n value === undefined \|\| value === null ? undefined : Number(value)\r\n )\r\n .pipe(z.number().int().min(1).max(100).default(80)),\r\n folder: z.enum([\"public\", \"private\"]).default(\"public\"),\r\n type: imageTypeEnum.default(\"normal\"),\r\n userId: z\r\n .union([z.string(), z.number()])\r\n .optional()\r\n .transform((value) =>\r\n value === undefined \|\| value === null ? undefined : String(value).trim()\r\n )\r\n .pipe(\r\n z\r\n .string()\r\n .min(1, \"userId cannot be empty\")\r\n .max(128, \"userId too long\")\r\n .optional()\r\n ),\r\n })\r\n .strict();\r\n\r\nexport const optionsSchema = z\r\n .object({\r\n baseDir: z.string().min(1, \"baseDir is required\"),\r\n idHandler: z\r\n .custom<\r\n (id: string) => string\r\n >((val) => typeof val === \"function\", { message: \"idHandler must be a function\" })\r\n .optional(),\r\n getUserFolder: z\r\n .custom<\r\n (req: unknown, id?: string) => Promise<string> \| string\r\n >((val) => typeof val === \"function\", { message: \"getUserFolder must be a function\" })\r\n .optional(),\r\n websiteURL: z.union([z.url(), z.string().regex(/^[\\w.-]+$/)]).optional(),\r\n apiRegex: z.instanceof(RegExp).default(API_REGEX),\r\n allowedNetworkList: z.array(z.string()).default([]),\r\n cacheControl: z.string().optional(),\r\n etag: z.boolean().default(true),\r\n minWidth: z.number().int().positive().default(50),\r\n maxWidth: z.number().int().positive().default(4000),\r\n minHeight: z.number().int().positive().default(50),\r\n maxHeight: z.number().int().positive().default(4000),\r\n defaultQuality: z.number().int().min(1).max(100).default(80),\r\n requestTimeoutMs: z.number().int().positive().default(5000),\r\n maxDownloadBytes: z.number().int().positive().default(5_000_000),\r\n })\r\n .strict();\r\n\r\nexport type ParsedUserData = z.infer<typeof userDataSchema>;\r\nexport type ParsedOptions = z.infer<typeof optionsSchema>;\r\n","import { optionsSchema, userDataSchema } from \"./schema\";\r\nimport type { ParsedOptions, ParsedUserData } from \"./schema\";\r\nimport type { PixelServeOptions, UserData } from \"./types\";\r\n\r\n/\r\n @typedef {(\"avatar\" \| \"normal\")} ImageType\r\n * @description Defines the type of image being processed.\r\n /\r\n\r\n/\r\n @typedef {(\"jpeg\" \| \"jpg\" \| \"png\" \| \"webp\" \| \"gif\" \| \"tiff\" \| \"avif\" \| \"svg\")} ImageFormat\r\n * @description Supported formats for image processing.\r\n /\r\n\r\n/\r\n @typedef {Object} Options\r\n * @property {string} baseDir - The base directory for public image files.\r\n * @property {function(string): string} idHandler - A function to handle user IDs.\r\n * @property {function(string, Request): Promise<string>} getUserFolder - Asynchronous function to retrieve user-specific folders.\r\n * @property {string} websiteURL - The base URL of the website for internal link resolution.\r\n * @property {RegExp} apiRegex - Regex to parse API endpoints from URLs.\r\n * @property {string[]} allowedNetworkList - List of allowed network domains for external image fetching.\r\n /\r\n\r\n/\r\n @typedef {Object} UserData\r\n * @property {number\|string} quality - Quality of the image (1–100).\r\n * @property {ImageFormat} format - Desired format of the image.\r\n * @property {string} [src] - Source path or URL for the image.\r\n * @property {string} [folder] - The folder type (\"public\" or \"private\").\r\n * @property {ImageType} [type] - Type of the image (\"avatar\" or \"normal\").\r\n * @property {string\|null} [userId] - Optional user identifier.\r\n * @property {number\|string} [width] - Desired image width.\r\n * @property {number\|string} [height] - Desired image height.\r\n /\r\n\r\n/\r\n Renders the options object with default values and user-provided values.\r\n \r\n @param {Partial<Options>} options - The user-provided options.\r\n * @returns {Options} The rendered options object.\r\n /\r\nexport const renderOptions = (options: PixelServeOptions): ParsedOptions =>\r\n optionsSchema.parse(options);\r\n\r\n/\r\n Renders the user data object with default values and user-provided values.\r\n \r\n @param {Partial<UserData>} userData - The user-provided data.\r\n * @returns {UserData} The rendered user data object.\r\n /\r\nexport const renderUserData = (\r\n userData: Partial<UserData>,\r\n bounds: {\r\n minWidth: number;\r\n maxWidth: number;\r\n minHeight: number;\r\n maxHeight: number;\r\n defaultQuality: number;\r\n }\r\n): ParsedUserData => {\r\n const parsed = userDataSchema.parse(userData);\r\n\r\n const clamp = (value: number \| undefined, min: number, max: number) => {\r\n if (value === undefined) return undefined;\r\n return Math.min(Math.max(value, min), max);\r\n };\r\n\r\n return {\r\n ...parsed,\r\n width: clamp(parsed.width, bounds.minWidth, bounds.maxWidth),\r\n height: clamp(parsed.height, bounds.minHeight, bounds.maxHeight),\r\n quality: parsed.quality ?? bounds.defaultQuality,\r\n format: parsed.format ?? \"jpeg\",\r\n };\r\n};\r\n","import path from \"node:path\";\r\nimport { createHash } from \"node:crypto\";\r\nimport sharp, { FormatEnum, ResizeOptions } from \"sharp\";\r\nimport type { Request, Response, NextFunction } from \"express\";\r\nimport type {\r\n PixelServeOptions,\r\n UserData,\r\n ImageFormat,\r\n ImageType,\r\n} from \"./types\";\r\nimport { allowedFormats, FALLBACKIMAGES, mimeTypes } from \"./variables\";\r\nimport { fetchImage, readLocalImage } from \"./functions\";\r\nimport { renderOptions, renderUserData } from \"./renders\";\r\n\r\n/\r\n @typedef {Object} Options\r\n * @property {string} baseDir - The base directory for public image files.\r\n * @property {function(string): string} idHandler - A function to handle user IDs.\r\n * @property {function(string, Request): Promise<string>} getUserFolder - Asynchronous function to retrieve user-specific folders.\r\n * @property {string} websiteURL - The base URL of the website for internal link resolution.\r\n * @property {RegExp} apiRegex - Regex to parse API endpoints from URLs.\r\n * @property {string[]} allowedNetworkList - List of allowed network domains for external image fetching.\r\n /\r\n\r\n/\r\n @function serveImage\r\n * @description Processes and serves an image based on user data and options.\r\n * @param {Request} req - The Express request object.\r\n * @param {Response} res - The Express response object.\r\n * @param {NextFunction} next - The Express next function.\r\n * @param {PixelServeOptions} options - The options object for image processing.\r\n * @returns {Promise<void>}\r\n /\r\nconst serveImage = async (\r\n req: Request,\r\n res: Response,\r\n next: NextFunction,\r\n options: PixelServeOptions\r\n) => {\r\n try {\r\n const parsedOptions = renderOptions(options);\r\n const userData = renderUserData(req.query as Partial<UserData>, {\r\n minWidth: parsedOptions.minWidth,\r\n maxWidth: parsedOptions.maxWidth,\r\n minHeight: parsedOptions.minHeight,\r\n maxHeight: parsedOptions.maxHeight,\r\n defaultQuality: parsedOptions.defaultQuality,\r\n });\r\n\r\n let baseDir = parsedOptions.baseDir;\r\n let parsedUserId: string \| undefined;\r\n\r\n if (userData.userId) {\r\n parsedUserId = parsedOptions.idHandler\r\n ? parsedOptions.idHandler(userData.userId)\r\n : userData.userId;\r\n }\r\n\r\n if (userData.folder === \"private\" && parsedOptions.getUserFolder) {\r\n const dir = await parsedOptions.getUserFolder(req, parsedUserId);\r\n if (dir) {\r\n baseDir = dir;\r\n }\r\n }\r\n\r\n const outputFormat = allowedFormats.includes(\r\n (userData.format ?? \"\").toLowerCase() as ImageFormat\r\n )\r\n ? (userData.format as ImageFormat)\r\n : \"jpeg\";\r\n\r\n const resolveBuffer = async (): Promise<Buffer> => {\r\n if (!userData.src) {\r\n return FALLBACKIMAGES[userData.type ?? \"normal\"]();\r\n }\r\n if (userData.src.startsWith(\"http\")) {\r\n return fetchImage(\r\n userData.src,\r\n baseDir,\r\n parsedOptions.websiteURL,\r\n userData.type as ImageType,\r\n parsedOptions.apiRegex,\r\n parsedOptions.allowedNetworkList,\r\n {\r\n timeoutMs: parsedOptions.requestTimeoutMs,\r\n maxBytes: parsedOptions.maxDownloadBytes,\r\n }\r\n );\r\n }\r\n return readLocalImage(userData.src, baseDir, userData.type as ImageType);\r\n };\r\n\r\n const imageBuffer = await resolveBuffer();\r\n let image = sharp(imageBuffer, { failOn: \"truncated\" });\r\n\r\n if (userData.width \|\| userData.height) {\r\n const resizeOptions: ResizeOptions = {\r\n width: userData.width ?? undefined,\r\n height: userData.height ?? undefined,\r\n fit: sharp.fit.cover,\r\n withoutEnlargement: true,\r\n };\r\n image = image.resize(resizeOptions);\r\n }\r\n\r\n const processedImage = await image\r\n .rotate()\r\n .toFormat(outputFormat as keyof FormatEnum, {\r\n quality: userData.quality,\r\n })\r\n .toBuffer();\r\n\r\n const sourceName = userData.src\r\n ? path.basename(userData.src, path.extname(userData.src))\r\n : \"image\";\r\n const processedFileName = `${sourceName}.${outputFormat}`;\r\n\r\n const etag = parsedOptions.etag\r\n ? `\"${createHash(\"sha1\").update(processedImage).digest(\"hex\")}\"`\r\n : undefined;\r\n\r\n if (etag && req.headers[\"if-none-match\"] === etag) {\r\n res.status(304).end();\r\n return;\r\n }\r\n\r\n res.type(mimeTypes[outputFormat]);\r\n res.setHeader(\r\n \"Content-Disposition\",\r\n `inline; filename=\"${processedFileName}\"`\r\n );\r\n res.setHeader(\r\n \"Cache-Control\",\r\n parsedOptions.cacheControl ??\r\n \"public, max-age=86400, stale-while-revalidate=604800\"\r\n );\r\n if (etag) {\r\n res.setHeader(\"ETag\", etag);\r\n }\r\n res.setHeader(\"Content-Length\", processedImage.length.toString());\r\n res.send(processedImage);\r\n / c8 ignore next /\r\n } catch (error) {\r\n try {\r\n const fallback = await FALLBACKIMAGES.normal();\r\n res.type(mimeTypes.jpeg);\r\n res.setHeader(\"Content-Disposition\", `inline; filename=\"fallback.jpeg\"`);\r\n res.setHeader(\"Cache-Control\", \"public, max-age=60\");\r\n res.send(fallback);\r\n } catch (fallbackError) {\r\n next(fallbackError);\r\n }\r\n }\r\n};\r\n\r\n/\r\n @function registerServe\r\n * @description A function to register the serveImage function as middleware for Express.\r\n * @param {PixelServeOptions} options - The options object for image processing.\r\n * @returns {function(Request, Response, NextFunction): Promise<void>} The middleware function.\r\n */\r\nconst registerServe = (options: PixelServeOptions) => {\r\n return async (req: Request, res: Response, next: NextFunction) =>\r\n serveImage(req, res, next, options);\r\n};\r\n\r\nexport default registerServe;\r\n"]}

package/dist/index.mjs CHANGED Viewed

@@ -1,2 +1,3 @@
-import U from"node:path";import T from"sharp";import{readFile as x}from"node:fs/promises";var j=new URL("./assets/noimage.jpg",import.meta.url).pathname,A=new URL("./assets/noavatar.png",import.meta.url).pathname,d={normal:async()=>x(j),avatar:async()=>x(A)},h=/^\/api\/v1\//,F=["jpeg","jpg","png","webp","gif","tiff","avif","svg"],w={jpeg:"image/jpeg",jpg:"image/jpeg",png:"image/png",webp:"image/webp",gif:"image/gif",tiff:"image/tiff",avif:"image/avif",svg:"image/svg+xml"};import n from"node:path";import*as l from"node:fs/promises";import q from"axios";var R=async(t,r)=>{try{if(!t||!r||r.includes("\0")||n.isAbsolute(r)||!/^[^\x00-\x1F]+$/.test(r))return!1;let a=n.resolve(t),i=n.resolve(a,r),[e,s]=await Promise.all([l.realpath(a),l.realpath(i)]);if(!(await l.stat(e)).isDirectory())return!1;let g=e+n.sep,c=(s+n.sep).startsWith(g)||s===e,f=n.relative(e,s);return!f.startsWith("..")&&!n.isAbsolute(f)&&c}catch{return!1}},E=async(t,r="normal")=>{try{let a=await q.get(t,{responseType:"arraybuffer",timeout:5e3}),i=a.headers["content-type"]?.toLowerCase();return Object.values(w).includes(i??"")?Buffer.from(a.data):await d[r]()}catch{return await d[r]()}},I=async(t,r,a="normal")=>{if(!await R(r,t))return await d[a]();try{return await l.readFile(n.resolve(r,t))}catch{return await d[a]()}},b=(t,r,a,i="normal",e=h,s=[])=>{let o=new URL(t);if([a,`www.${a}`].includes(o.host)){let m=o.pathname.replace(e,"");return I(m,r,i)}else return s.includes(o.host)?E(t,i):d[i]()};var v=t=>({...{baseDir:"",idHandler:a=>a,getUserFolder:async()=>"",websiteURL:"",apiRegex:h,allowedNetworkList:[]},...t}),O=t=>({...{quality:80,format:"jpeg",src:"/placeholder/noimage.jpg",folder:"public",type:"normal",width:void 0,height:void 0,userId:void 0},...t,quality:t.quality?Math.min(Math.max(Number(t.quality)||80,1),100):100,width:t.width?Math.min(Math.max(Number(t.width),50),2e3):void 0,height:t.height?Math.min(Math.max(Number(t.height),50),2e3):void 0});var D=async(t,r,a,i)=>{try{let e=O(t.query),s=v(i),o,g=s.baseDir,m;if(e.userId){let p=typeof e.userId=="object"?String(Object.values(e.userId)[0]):String(e.userId);s.idHandler?m=s.idHandler(p):m=p}if(e.folder==="private"){let p=await s?.getUserFolder?.(t,m);p&&(g=p)}let c=F.includes(e?.format?.toLowerCase())?e?.format?.toLowerCase():"jpeg";e?.src?.startsWith("http")?o=await b(e?.src??"",g,s?.websiteURL??"",e?.type,s?.apiRegex,s?.allowedNetworkList):o=await I(e?.src??"",g,e?.type);let f=T(o);if(e?.width||e?.height){let p={width:e?.width??void 0,height:e?.height??void 0,fit:T.fit.cover};f=f.resize(p)}let L=await f.toFormat(c,{quality:e?.quality?Number(e?.quality):80}).toBuffer(),N=`${U.basename(e?.src??"",U.extname(e?.src??""))}.${c}`;r.type(w[c]),r.setHeader("Content-Disposition",`inline; filename="${N}"`),r.send(L)}catch(e){a(e)}},M=t=>async(r,a,i)=>D(r,a,i,t),P=M;export{R as isValidPath,P as registerServe};
+import p from'path';import {createHash}from'crypto';import L from'sharp';import*as d from'fs/promises';import {readFile}from'fs/promises';import {fileURLToPath}from'url';import q from'axios';import {z as z$1}from'zod';var N=p.dirname(fileURLToPath(import.meta.url)),T=e=>p.join(N,"assets",e),M=T("noimage.jpg"),W=T("noavatar.png"),s={normal:async()=>readFile(M),avatar:async()=>readFile(W)},H=/^\/api\/v1\//,w=["jpeg","jpg","png","webp","gif","tiff","avif","svg"],y={jpeg:"image/jpeg",jpg:"image/jpeg",png:"image/png",webp:"image/webp",gif:"image/gif",tiff:"image/tiff",avif:"image/avif",svg:"image/svg+xml"};var R=async(e,r)=>{try{if(!e||!r||r.includes("\0")||p.isAbsolute(r)||!/^[^\x00-\x1F]+$/.test(r))return !1;let i=p.resolve(e),o=p.resolve(i,r),[n,a]=await Promise.all([d.realpath(i),d.realpath(o)]);if(!(await d.stat(n)).isDirectory())return !1;let u=n+p.sep,v=(a+p.sep).startsWith(u)||a===n,f=p.relative(n,a);return !f.startsWith("..")&&!p.isAbsolute(f)&&v}catch{return  false}},z=async(e,r="normal",{timeoutMs:i,maxBytes:o})=>{try{let n=await q.get(e,{responseType:"arraybuffer",timeout:i,maxContentLength:o,maxBodyLength:o,validateStatus:u=>u>=200&&u<300}),a=n.headers["content-type"]?.toLowerCase();return Object.values(y).includes(a??"")?Buffer.from(n.data):await s[r]()}catch{return await s[r]()}},I=async(e,r,i="normal")=>{if(!await R(r,e))return await s[i]();try{return await d.readFile(p.resolve(r,e))}catch{return await s[i]()}},O=(e,r,i,o="normal",n,a=[],{timeoutMs:m,maxBytes:u})=>{try{let l=new URL(e);if(i!==void 0&&[i,`www.${i}`].includes(l.host)){let c=l.pathname.replace(n,"");return I(c,r,o)}return a.includes(l.host)?["http:","https:"].includes(l.protocol)?z(e,o,{timeoutMs:m,maxBytes:u}):s[o]():s[o]()}catch{return I(e,r,o)}};var k=z$1.enum(w),_=z$1.enum(["avatar","normal"]),P=z$1.object({src:z$1.string().min(1,"src is required").optional().default("/placeholder/noimage.jpg"),format:z$1.string().optional().transform(e=>{let r=e?.toLowerCase();return r&&k.options.includes(r)?r:void 0}).optional(),width:z$1.union([z$1.number(),z$1.string()]).optional().transform(e=>e==null?void 0:Number(e)).pipe(z$1.number().int().min(50,"width too small").max(4e3,"width too large").optional()),height:z$1.union([z$1.number(),z$1.string()]).optional().transform(e=>e==null?void 0:Number(e)).pipe(z$1.number().int().min(50,"height too small").max(4e3,"height too large").optional()),quality:z$1.union([z$1.number(),z$1.string()]).optional().transform(e=>e==null?void 0:Number(e)).pipe(z$1.number().int().min(1).max(100).default(80)),folder:z$1.enum(["public","private"]).default("public"),type:_.default("normal"),userId:z$1.union([z$1.string(),z$1.number()]).optional().transform(e=>e==null?void 0:String(e).trim()).pipe(z$1.string().min(1,"userId cannot be empty").max(128,"userId too long").optional())}).strict(),D=z$1.object({baseDir:z$1.string().min(1,"baseDir is required"),idHandler:z$1.custom(e=>typeof e=="function",{message:"idHandler must be a function"}).optional(),getUserFolder:z$1.custom(e=>typeof e=="function",{message:"getUserFolder must be a function"}).optional(),websiteURL:z$1.union([z$1.url(),z$1.string().regex(/^[\w.-]+$/)]).optional(),apiRegex:z$1.instanceof(RegExp).default(H),allowedNetworkList:z$1.array(z$1.string()).default([]),cacheControl:z$1.string().optional(),etag:z$1.boolean().default(true),minWidth:z$1.number().int().positive().default(50),maxWidth:z$1.number().int().positive().default(4e3),minHeight:z$1.number().int().positive().default(50),maxHeight:z$1.number().int().positive().default(4e3),defaultQuality:z$1.number().int().min(1).max(100).default(80),requestTimeoutMs:z$1.number().int().positive().default(5e3),maxDownloadBytes:z$1.number().int().positive().default(5e6)}).strict();var E=e=>D.parse(e),A=(e,r)=>{let i=P.parse(e),o=(n,a,m)=>{if(n!==void 0)return Math.min(Math.max(n,a),m)};return {...i,width:o(i.width,r.minWidth,r.maxWidth),height:o(i.height,r.minHeight,r.maxHeight),quality:i.quality??r.defaultQuality,format:i.format??"jpeg"}};var G=async(e,r,i,o)=>{try{let n=E(o),a=A(e.query,{minWidth:n.minWidth,maxWidth:n.maxWidth,minHeight:n.minHeight,maxHeight:n.maxHeight,defaultQuality:n.defaultQuality}),m=n.baseDir,u;if(a.userId&&(u=n.idHandler?n.idHandler(a.userId):a.userId),a.folder==="private"&&n.getUserFolder){let b=await n.getUserFolder(e,u);b&&(m=b);}let l=w.includes((a.format??"").toLowerCase())?a.format:"jpeg",f=await(async()=>a.src?a.src.startsWith("http")?O(a.src,m,n.websiteURL,a.type,n.apiRegex,n.allowedNetworkList,{timeoutMs:n.requestTimeoutMs,maxBytes:n.maxDownloadBytes}):I(a.src,m,a.type):s[a.type??"normal"]())(),c=L(f,{failOn:"truncated"});if(a.width||a.height){let b={width:a.width??void 0,height:a.height??void 0,fit:L.fit.cover,withoutEnlargement:!0};c=c.resize(b);}let F=await c.rotate().toFormat(l,{quality:a.quality}).toBuffer(),U=`${a.src?p.basename(a.src,p.extname(a.src)):"image"}.${l}`,x=n.etag?`"${createHash("sha1").update(F).digest("hex")}"`:void 0;if(x&&e.headers["if-none-match"]===x){r.status(304).end();return}r.type(y[l]),r.setHeader("Content-Disposition",`inline; filename="${U}"`),r.setHeader("Cache-Control",n.cacheControl??"public, max-age=86400, stale-while-revalidate=604800"),x&&r.setHeader("ETag",x),r.setHeader("Content-Length",F.length.toString()),r.send(F);}catch{try{let a=await s.normal();r.type(y.jpeg),r.setHeader("Content-Disposition",'inline; filename="fallback.jpeg"'),r.setHeader("Cache-Control","public, max-age=60"),r.send(a);}catch(a){i(a);}}},Q=e=>async(r,i,o)=>G(r,i,o,e),V=Q;
+export{R as isValidPath,D as optionsSchema,V as registerServe,P as userDataSchema};//# sourceMappingURL=index.mjs.map
 //# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/pixel.ts","../src/variables.ts","../src/functions.ts","../src/renders.ts"],"sourcesContent":["import path from \"node:path\";\r\nimport sharp, { FormatEnum, ResizeOptions } from \"sharp\";\r\nimport type { Request, Response, NextFunction } from \"express\";\r\nimport type { Options, UserData, ImageFormat, ImageType } from \"./types\";\r\nimport { allowedFormats, mimeTypes } from \"./variables\";\r\nimport { fetchImage, readLocalImage } from \"./functions\";\r\nimport { renderOptions, renderUserData } from \"./renders\";\r\n\r\n/*\r\n @typedef {Object} Options\r\n * @property {string} baseDir - The base directory for public image files.\r\n * @property {function(string): string} idHandler - A function to handle user IDs.\r\n * @property {function(string, Request): Promise<string>} getUserFolder - Asynchronous function to retrieve user-specific folders.\r\n * @property {string} websiteURL - The base URL of the website for internal link resolution.\r\n * @property {RegExp} apiRegex - Regex to parse API endpoints from URLs.\r\n * @property {string[]} allowedNetworkList - List of allowed network domains for external image fetching.\r\n /\r\n\r\n/\r\n @function serveImage\r\n * @description Processes and serves an image based on user data and options.\r\n * @param {Request} req - The Express request object.\r\n * @param {Response} res - The Express response object.\r\n * @param {NextFunction} next - The Express next function.\r\n * @param {Options} options - The options object for image processing.\r\n * @returns {Promise<void>}\r\n /\r\nconst serveImage = async (\r\n req: Request,\r\n res: Response,\r\n next: NextFunction,\r\n options: Options\r\n) => {\r\n try {\r\n const userData = renderUserData(req.query as UserData);\r\n const parsedOptions = renderOptions(options);\r\n\r\n let imageBuffer;\r\n let baseDir = parsedOptions.baseDir;\r\n let parsedUserId;\r\n\r\n if (userData.userId) {\r\n const userIdStr =\r\n typeof userData.userId === \"object\"\r\n ? String(Object.values(userData.userId)[0])\r\n : String(userData.userId);\r\n if (parsedOptions.idHandler) {\r\n parsedUserId = parsedOptions.idHandler(userIdStr);\r\n } else {\r\n parsedUserId = userIdStr;\r\n }\r\n }\r\n\r\n if (userData.folder === \"private\") {\r\n const dir = await parsedOptions?.getUserFolder?.(req, parsedUserId);\r\n if (dir) {\r\n baseDir = dir;\r\n }\r\n }\r\n\r\n const outputFormat = allowedFormats.includes(\r\n userData?.format?.toLowerCase() as ImageFormat\r\n )\r\n ? userData?.format?.toLowerCase()\r\n : \"jpeg\";\r\n\r\n if (userData?.src?.startsWith(\"http\")) {\r\n imageBuffer = await fetchImage(\r\n userData?.src ?? \"\",\r\n baseDir,\r\n parsedOptions?.websiteURL ?? \"\",\r\n userData?.type as ImageType,\r\n parsedOptions?.apiRegex,\r\n parsedOptions?.allowedNetworkList\r\n );\r\n } else {\r\n imageBuffer = await readLocalImage(\r\n userData?.src ?? \"\",\r\n baseDir,\r\n userData?.type as ImageType\r\n );\r\n }\r\n\r\n let image = sharp(imageBuffer);\r\n\r\n if (userData?.width \|\| userData?.height) {\r\n const resizeOptions = {\r\n width: userData?.width ?? undefined,\r\n height: userData?.height ?? undefined,\r\n fit: sharp.fit.cover,\r\n };\r\n image = image.resize(resizeOptions as ResizeOptions);\r\n }\r\n\r\n const processedImage = await image\r\n .toFormat(outputFormat as keyof FormatEnum, {\r\n quality: userData?.quality ? Number(userData?.quality) : 80,\r\n })\r\n .toBuffer();\r\n\r\n const processedFileName = `${path.basename(\r\n userData?.src ?? \"\",\r\n path.extname(userData?.src ?? \"\")\r\n )}.${outputFormat}`;\r\n\r\n res.type(mimeTypes[outputFormat]);\r\n res.setHeader(\r\n \"Content-Disposition\",\r\n `inline; filename=\"${processedFileName}\"`\r\n );\r\n res.send(processedImage);\r\n } catch (error) {\r\n next(error);\r\n }\r\n};\r\n\r\n/\r\n @function registerServe\r\n * @description A function to register the serveImage function as middleware for Express.\r\n * @param {Options} options - The options object for image processing.\r\n * @returns {function(Request, Response, NextFunction): Promise<void>} The middleware function.\r\n /\r\nconst registerServe = (options: Options) => {\r\n return async (req: Request, res: Response, next: NextFunction) =>\r\n serveImage(req, res, next, options);\r\n};\r\n\r\nexport default registerServe;\r\n","import type { ImageFormat } from \"./types\";\r\nimport { readFile } from \"node:fs/promises\";\r\n\r\nconst NOT_FOUND_IMAGE = new URL(\"./assets/noimage.jpg\", import.meta.url)\r\n .pathname;\r\n\r\nconst NOT_FOUND_AVATAR = new URL(\"./assets/noavatar.png\", import.meta.url)\r\n .pathname;\r\n\r\nexport const FALLBACKIMAGES = {\r\n normal: async () => readFile(NOT_FOUND_IMAGE),\r\n avatar: async () => readFile(NOT_FOUND_AVATAR),\r\n};\r\n\r\nexport const API_REGEX: RegExp = /^\\/api\\/v1\\//;\r\n\r\nexport const allowedFormats: ImageFormat[] = [\r\n \"jpeg\",\r\n \"jpg\",\r\n \"png\",\r\n \"webp\",\r\n \"gif\",\r\n \"tiff\",\r\n \"avif\",\r\n \"svg\",\r\n];\r\n\r\nexport const mimeTypes: Readonly<Record<string, string>> = {\r\n jpeg: \"image/jpeg\",\r\n jpg: \"image/jpeg\",\r\n png: \"image/png\",\r\n webp: \"image/webp\",\r\n gif: \"image/gif\",\r\n tiff: \"image/tiff\",\r\n avif: \"image/avif\",\r\n svg: \"image/svg+xml\",\r\n};\r\n","import path from \"node:path\";\r\nimport as fs from \"node:fs/promises\";\r\nimport axios from \"axios\";\r\nimport { mimeTypes, API_REGEX, FALLBACKIMAGES } from \"./variables\";\r\nimport type { ImageType } from \"./types\";\r\n\r\n/*\r\n @typedef {(\"avatar\" \| \"normal\")} ImageType\r\n * @description Defines the type of image being processed.\r\n /\r\n\r\n/\r\n Checks if a specified path is valid within a base path.\r\n \r\n @param {string} basePath - The base directory to resolve paths.\r\n * @param {string} specifiedPath - The path to check.\r\n * @returns {boolean} True if the path is valid, false otherwise.\r\n /\r\nexport const isValidPath = async (\r\n basePath: string,\r\n specifiedPath: string\r\n): Promise<boolean> => {\r\n try {\r\n if (!basePath \|\| !specifiedPath) return false;\r\n if (specifiedPath.includes(\"\\0\")) return false;\r\n if (path.isAbsolute(specifiedPath)) return false;\r\n if (!/^[^\\x00-\\x1F]+$/.test(specifiedPath)) return false;\r\n\r\n const resolvedBase = path.resolve(basePath);\r\n const resolvedPath = path.resolve(resolvedBase, specifiedPath);\r\n\r\n const [realBase, realPath] = await Promise.all([\r\n fs.realpath(resolvedBase),\r\n fs.realpath(resolvedPath),\r\n ]);\r\n\r\n const baseStats = await fs.stat(realBase);\r\n if (!baseStats.isDirectory()) return false;\r\n\r\n const normalizedBase = realBase + path.sep;\r\n const normalizedPath = realPath + path.sep;\r\n\r\n const isInside =\r\n normalizedPath.startsWith(normalizedBase) \|\| realPath === realBase;\r\n\r\n const relative = path.relative(realBase, realPath);\r\n return !relative.startsWith(\"..\") && !path.isAbsolute(relative) && isInside;\r\n } catch {\r\n return false;\r\n }\r\n};\r\n\r\n/\r\n Fetches an image from a network source.\r\n \r\n @param {string} src - The URL of the image.\r\n * @param {ImageType} [type=\"normal\"] - Type of fallback image in case of an error.\r\n * @returns {Promise<Buffer>} A buffer containing the image data or a fallback image.\r\n /\r\nconst fetchFromNetwork = async (\r\n src: string,\r\n type: ImageType = \"normal\"\r\n): Promise<Buffer> => {\r\n try {\r\n const response = await axios.get(src, {\r\n responseType: \"arraybuffer\",\r\n timeout: 5000,\r\n });\r\n\r\n const contentType = response.headers[\"content-type\"]?.toLowerCase();\r\n const allowedMimeTypes = Object.values(mimeTypes);\r\n\r\n if (allowedMimeTypes.includes(contentType ?? \"\")) {\r\n return Buffer.from(response.data);\r\n }\r\n return await FALLBACKIMAGES[type]();\r\n } catch (error) {\r\n return await FALLBACKIMAGES[type]();\r\n }\r\n};\r\n\r\n/\r\n Reads an image from the local file system.\r\n \r\n @param {string} filePath - Path to the image file.\r\n * @param {string} baseDir - Base directory to resolve paths.\r\n * @param {ImageType} [type=\"normal\"] - Type of fallback image if the path is invalid.\r\n * @returns {Promise<Buffer>} A buffer containing the image data.\r\n /\r\nexport const readLocalImage = async (\r\n filePath: string,\r\n baseDir: string,\r\n type: ImageType = \"normal\"\r\n) => {\r\n const isValid = await isValidPath(baseDir, filePath);\r\n if (!isValid) {\r\n return await FALLBACKIMAGES[type]();\r\n }\r\n try {\r\n return await fs.readFile(path.resolve(baseDir, filePath));\r\n } catch (error) {\r\n return await FALLBACKIMAGES[type]();\r\n }\r\n};\r\n\r\n/\r\n Fetches an image from either a local file or a network source.\r\n \r\n @param {string} src - The URL or local path of the image.\r\n * @param {string} baseDir - Base directory to resolve local paths.\r\n * @param {string} websiteURL - The URL of the website.\r\n * @param {ImageType} [type=\"normal\"] - Type of fallback image if the path is invalid.\r\n * @param {RegExp} [apiRegex=API_REGEX] - Regular expression to match API routes.\r\n * @param {string[]} [allowedNetworkList=[]] - List of allowed network hosts.\r\n * @returns {Promise<Buffer>} A buffer containing the image data or a fallback image.\r\n /\r\nexport const fetchImage = (\r\n src: string,\r\n baseDir: string,\r\n websiteURL: string,\r\n type: ImageType = \"normal\",\r\n apiRegex: RegExp = API_REGEX,\r\n allowedNetworkList: string[] = []\r\n) => {\r\n const url = new URL(src);\r\n const isInternal = [websiteURL, `www.${websiteURL}`].includes(url.host);\r\n if (isInternal) {\r\n const localPath = url.pathname.replace(apiRegex, \"\");\r\n return readLocalImage(localPath, baseDir, type);\r\n } else {\r\n const allowedCondition = allowedNetworkList.includes(url.host);\r\n if (!allowedCondition) {\r\n return FALLBACKIMAGES[type]();\r\n }\r\n return fetchFromNetwork(src, type);\r\n }\r\n};\r\n","import { API_REGEX } from \"./variables\";\r\nimport type { Options, UserData } from \"./types\";\r\n\r\n/\r\n @typedef {(\"avatar\" \| \"normal\")} ImageType\r\n * @description Defines the type of image being processed.\r\n /\r\n\r\n/\r\n @typedef {(\"jpeg\" \| \"jpg\" \| \"png\" \| \"webp\" \| \"gif\" \| \"tiff\" \| \"avif\" \| \"svg\")} ImageFormat\r\n * @description Supported formats for image processing.\r\n /\r\n\r\n/\r\n @typedef {Object} Options\r\n * @property {string} baseDir - The base directory for public image files.\r\n * @property {function(string): string} idHandler - A function to handle user IDs.\r\n * @property {function(string, Request): Promise<string>} getUserFolder - Asynchronous function to retrieve user-specific folders.\r\n * @property {string} websiteURL - The base URL of the website for internal link resolution.\r\n * @property {RegExp} apiRegex - Regex to parse API endpoints from URLs.\r\n * @property {string[]} allowedNetworkList - List of allowed network domains for external image fetching.\r\n /\r\n\r\n/\r\n @typedef {Object} UserData\r\n * @property {number\|string} quality - Quality of the image (1–100).\r\n * @property {ImageFormat} format - Desired format of the image.\r\n * @property {string} [src] - Source path or URL for the image.\r\n * @property {string} [folder] - The folder type (\"public\" or \"private\").\r\n * @property {ImageType} [type] - Type of the image (\"avatar\" or \"normal\").\r\n * @property {string\|null} [userId] - Optional user identifier.\r\n * @property {number\|string} [width] - Desired image width.\r\n * @property {number\|string} [height] - Desired image height.\r\n /\r\n\r\n/\r\n Renders the options object with default values and user-provided values.\r\n \r\n @param {Partial<Options>} options - The user-provided options.\r\n * @returns {Options} The rendered options object.\r\n /\r\nexport const renderOptions = (options: Partial<Options>): Options => {\r\n const initialOptions: Options = {\r\n baseDir: \"\",\r\n idHandler: (id: string) => id,\r\n getUserFolder: async () => \"\",\r\n websiteURL: \"\",\r\n apiRegex: API_REGEX,\r\n allowedNetworkList: [],\r\n };\r\n return {\r\n ...initialOptions,\r\n ...options,\r\n };\r\n};\r\n\r\n/\r\n Renders the user data object with default values and user-provided values.\r\n \r\n @param {Partial<UserData>} userData - The user-provided data.\r\n * @returns {UserData} The rendered user data object.\r\n */\r\nexport const renderUserData = (userData: Partial<UserData>): UserData => {\r\n const initialUserData: UserData = {\r\n quality: 80,\r\n format: \"jpeg\",\r\n src: \"/placeholder/noimage.jpg\",\r\n folder: \"public\",\r\n type: \"normal\",\r\n width: undefined,\r\n height: undefined,\r\n userId: undefined,\r\n };\r\n return {\r\n ...initialUserData,\r\n ...userData,\r\n quality: userData.quality\r\n ? Math.min(Math.max(Number(userData.quality) \|\| 80, 1), 100)\r\n : 100,\r\n width: userData.width\r\n ? Math.min(Math.max(Number(userData.width), 50), 2000)\r\n : undefined,\r\n height: userData.height\r\n ? Math.min(Math.max(Number(userData.height), 50), 2000)\r\n : undefined,\r\n };\r\n};\r\n"],"mappings":"AAAA,OAAOA,MAAU,YACjB,OAAOC,MAA0C,QCAjD,OAAS,YAAAC,MAAgB,mBAEzB,IAAMC,EAAkB,IAAI,IAAI,uBAAwB,YAAY,GAAG,EACpE,SAEGC,EAAmB,IAAI,IAAI,wBAAyB,YAAY,GAAG,EACtE,SAEUC,EAAiB,CAC5B,OAAQ,SAAYH,EAASC,CAAe,EAC5C,OAAQ,SAAYD,EAASE,CAAgB,CAC/C,EAEaE,EAAoB,eAEpBC,EAAgC,CAC3C,OACA,MACA,MACA,OACA,MACA,OACA,OACA,KACF,EAEaC,EAA8C,CACzD,KAAM,aACN,IAAK,aACL,IAAK,YACL,KAAM,aACN,IAAK,YACL,KAAM,aACN,KAAM,aACN,IAAK,eACP,ECpCA,OAAOC,MAAU,YACjB,UAAYC,MAAQ,mBACpB,OAAOC,MAAW,QAgBX,IAAMC,EAAc,MACzBC,EACAC,IACqB,CACrB,GAAI,CAIF,GAHI,CAACD,GAAY,CAACC,GACdA,EAAc,SAAS,IAAI,GAC3BC,EAAK,WAAWD,CAAa,GAC7B,CAAC,kBAAkB,KAAKA,CAAa,EAAG,MAAO,GAEnD,IAAME,EAAeD,EAAK,QAAQF,CAAQ,EACpCI,EAAeF,EAAK,QAAQC,EAAcF,CAAa,EAEvD,CAACI,EAAUC,CAAQ,EAAI,MAAM,QAAQ,IAAI,CAC1C,WAASH,CAAY,EACrB,WAASC,CAAY,CAC1B,CAAC,EAGD,GAAI,EADc,MAAS,OAAKC,CAAQ,GACzB,YAAY,EAAG,MAAO,GAErC,IAAME,EAAiBF,EAAWH,EAAK,IAGjCM,GAFiBF,EAAWJ,EAAK,KAGtB,WAAWK,CAAc,GAAKD,IAAaD,EAEtDI,EAAWP,EAAK,SAASG,EAAUC,CAAQ,EACjD,MAAO,CAACG,EAAS,WAAW,IAAI,GAAK,CAACP,EAAK,WAAWO,CAAQ,GAAKD,CACrE,MAAQ,CACN,MAAO,EACT,CACF,EASME,EAAmB,MACvBC,EACAC,EAAkB,WACE,CACpB,GAAI,CACF,IAAMC,EAAW,MAAMC,EAAM,IAAIH,EAAK,CACpC,aAAc,cACd,QAAS,GACX,CAAC,EAEKI,EAAcF,EAAS,QAAQ,cAAc,GAAG,YAAY,EAGlE,OAFyB,OAAO,OAAOG,CAAS,EAE3B,SAASD,GAAe,EAAE,EACtC,OAAO,KAAKF,EAAS,IAAI,EAE3B,MAAMI,EAAeL,CAAI,EAAE,CACpC,MAAgB,CACd,OAAO,MAAMK,EAAeL,CAAI,EAAE,CACpC,CACF,EAUaM,EAAiB,MAC5BC,EACAC,EACAR,EAAkB,WACf,CAEH,GAAI,CADY,MAAMb,EAAYqB,EAASD,CAAQ,EAEjD,OAAO,MAAMF,EAAeL,CAAI,EAAE,EAEpC,GAAI,CACF,OAAO,MAAS,WAASV,EAAK,QAAQkB,EAASD,CAAQ,CAAC,CAC1D,MAAgB,CACd,OAAO,MAAMF,EAAeL,CAAI,EAAE,CACpC,CACF,EAaaS,EAAa,CACxBV,EACAS,EACAE,EACAV,EAAkB,SAClBW,EAAmBC,EACnBC,EAA+B,CAAC,IAC7B,CACH,IAAMC,EAAM,IAAI,IAAIf,CAAG,EAEvB,GADmB,CAACW,EAAY,OAAOA,CAAU,EAAE,EAAE,SAASI,EAAI,IAAI,EACtD,CACd,IAAMC,EAAYD,EAAI,SAAS,QAAQH,EAAU,EAAE,EACnD,OAAOL,EAAeS,EAAWP,EAASR,CAAI,CAChD,KAEE,QADyBa,EAAmB,SAASC,EAAI,IAAI,EAItDhB,EAAiBC,EAAKC,CAAI,EAFxBK,EAAeL,CAAI,EAAE,CAIlC,EC/FO,IAAMgB,EAAiBC,IASrB,CACL,GAT8B,CAC9B,QAAS,GACT,UAAYC,GAAeA,EAC3B,cAAe,SAAY,GAC3B,WAAY,GACZ,SAAUC,EACV,mBAAoB,CAAC,CACvB,EAGE,GAAGF,CACL,GASWG,EAAkBC,IAWtB,CACL,GAXgC,CAChC,QAAS,GACT,OAAQ,OACR,IAAK,2BACL,OAAQ,SACR,KAAM,SACN,MAAO,OACP,OAAQ,OACR,OAAQ,MACV,EAGE,GAAGA,EACH,QAASA,EAAS,QACd,KAAK,IAAI,KAAK,IAAI,OAAOA,EAAS,OAAO,GAAK,GAAI,CAAC,EAAG,GAAG,EACzD,IACJ,MAAOA,EAAS,MACZ,KAAK,IAAI,KAAK,IAAI,OAAOA,EAAS,KAAK,EAAG,EAAE,EAAG,GAAI,EACnD,OACJ,OAAQA,EAAS,OACb,KAAK,IAAI,KAAK,IAAI,OAAOA,EAAS,MAAM,EAAG,EAAE,EAAG,GAAI,EACpD,MACN,GH1DF,IAAMC,EAAa,MACjBC,EACAC,EACAC,EACAC,IACG,CACH,GAAI,CACF,IAAMC,EAAWC,EAAeL,EAAI,KAAiB,EAC/CM,EAAgBC,EAAcJ,CAAO,EAEvCK,EACAC,EAAUH,EAAc,QACxBI,EAEJ,GAAIN,EAAS,OAAQ,CACnB,IAAMO,EACJ,OAAOP,EAAS,QAAW,SACvB,OAAO,OAAO,OAAOA,EAAS,MAAM,EAAE,CAAC,CAAC,EACxC,OAAOA,EAAS,MAAM,EACxBE,EAAc,UAChBI,EAAeJ,EAAc,UAAUK,CAAS,EAEhDD,EAAeC,CAEnB,CAEA,GAAIP,EAAS,SAAW,UAAW,CACjC,IAAMQ,EAAM,MAAMN,GAAe,gBAAgBN,EAAKU,CAAY,EAC9DE,IACFH,EAAUG,EAEd,CAEA,IAAMC,EAAeC,EAAe,SAClCV,GAAU,QAAQ,YAAY,CAChC,EACIA,GAAU,QAAQ,YAAY,EAC9B,OAEAA,GAAU,KAAK,WAAW,MAAM,EAClCI,EAAc,MAAMO,EAClBX,GAAU,KAAO,GACjBK,EACAH,GAAe,YAAc,GAC7BF,GAAU,KACVE,GAAe,SACfA,GAAe,kBACjB,EAEAE,EAAc,MAAMQ,EAClBZ,GAAU,KAAO,GACjBK,EACAL,GAAU,IACZ,EAGF,IAAIa,EAAQC,EAAMV,CAAW,EAE7B,GAAIJ,GAAU,OAASA,GAAU,OAAQ,CACvC,IAAMe,EAAgB,CACpB,MAAOf,GAAU,OAAS,OAC1B,OAAQA,GAAU,QAAU,OAC5B,IAAKc,EAAM,IAAI,KACjB,EACAD,EAAQA,EAAM,OAAOE,CAA8B,CACrD,CAEA,IAAMC,EAAiB,MAAMH,EAC1B,SAASJ,EAAkC,CAC1C,QAAST,GAAU,QAAU,OAAOA,GAAU,OAAO,EAAI,EAC3D,CAAC,EACA,SAAS,EAENiB,EAAoB,GAAGC,EAAK,SAChClB,GAAU,KAAO,GACjBkB,EAAK,QAAQlB,GAAU,KAAO,EAAE,CAClC,CAAC,IAAIS,CAAY,GAEjBZ,EAAI,KAAKsB,EAAUV,CAAY,CAAC,EAChCZ,EAAI,UACF,sBACA,qBAAqBoB,CAAiB,GACxC,EACApB,EAAI,KAAKmB,CAAc,CACzB,OAASI,EAAO,CACdtB,EAAKsB,CAAK,CACZ,CACF,EAQMC,EAAiBtB,GACd,MAAOH,EAAcC,EAAeC,IACzCH,EAAWC,EAAKC,EAAKC,EAAMC,CAAO,EAG/BuB,EAAQD","names":["path","sharp","readFile","NOT_FOUND_IMAGE","NOT_FOUND_AVATAR","FALLBACKIMAGES","API_REGEX","allowedFormats","mimeTypes","path","fs","axios","isValidPath","basePath","specifiedPath","path","resolvedBase","resolvedPath","realBase","realPath","normalizedBase","isInside","relative","fetchFromNetwork","src","type","response","axios","contentType","mimeTypes","FALLBACKIMAGES","readLocalImage","filePath","baseDir","fetchImage","websiteURL","apiRegex","API_REGEX","allowedNetworkList","url","localPath","renderOptions","options","id","API_REGEX","renderUserData","userData","serveImage","req","res","next","options","userData","renderUserData","parsedOptions","renderOptions","imageBuffer","baseDir","parsedUserId","userIdStr","dir","outputFormat","allowedFormats","fetchImage","readLocalImage","image","sharp","resizeOptions","processedImage","processedFileName","path","mimeTypes","error","registerServe","pixel_default"]}
1	+ {"version":3,"sources":["../src/variables.ts","../src/functions.ts","../src/schema.ts","../src/renders.ts","../src/pixel.ts"],"names":["moduleDir","path","fileURLToPath","getAssetPath","filename","NOT_FOUND_IMAGE","NOT_FOUND_AVATAR","FALLBACKIMAGES","readFile","API_REGEX","allowedFormats","mimeTypes","isValidPath","basePath","specifiedPath","resolvedBase","resolvedPath","realBase","realPath","normalizedBase","isInside","relative","fetchFromNetwork","src","type","timeoutMs","maxBytes","response","axios","status","contentType","readLocalImage","filePath","baseDir","fetchImage","websiteURL","apiRegex","allowedNetworkList","url","localPath","imageFormatEnum","z","imageTypeEnum","userDataSchema","val","lower","value","optionsSchema","renderOptions","options","renderUserData","userData","bounds","parsed","clamp","min","max","serveImage","req","res","next","parsedOptions","parsedUserId","dir","outputFormat","imageBuffer","image","sharp","resizeOptions","processedImage","processedFileName","etag","createHash","fallback","fallbackError","registerServe","pixel_default"],"mappings":"0NASA,IAAMA,CAAAA,CAAYC,CAAAA,CAAK,QAAQC,aAAAA,CAAc,MAAA,CAAA,IAAA,CAAY,GAAG,CAAC,EAEvDC,CAAAA,CAAgBC,CAAAA,EACbH,CAAAA,CAAK,IAAA,CAAKD,EAAW,QAAA,CAAUI,CAAQ,CAAA,CAG1CC,CAAAA,CAAkBF,CAAAA,CAAa,aAAa,CAAA,CAC5CG,CAAAA,CAAmBH,EAAa,cAAc,CAAA,CAEvCI,CAAAA,CAGT,CACF,OAAQ,SAA6BC,QAAAA,CAASH,CAAe,CAAA,CAC7D,OAAQ,SAA6BG,QAAAA,CAASF,CAAgB,CAChE,CAAA,CAEaG,CAAAA,CAAoB,cAAA,CAEpBC,CAAAA,CAAgC,CAC3C,MAAA,CACA,KAAA,CACA,KAAA,CACA,MAAA,CACA,MACA,MAAA,CACA,MAAA,CACA,KACF,CAAA,CAEaC,EAA8C,CACzD,IAAA,CAAM,YAAA,CACN,GAAA,CAAK,YAAA,CACL,GAAA,CAAK,WAAA,CACL,IAAA,CAAM,aACN,GAAA,CAAK,WAAA,CACL,IAAA,CAAM,YAAA,CACN,KAAM,YAAA,CACN,GAAA,CAAK,eACP,CAAA,KC9BaC,CAAAA,CAAc,MACzBC,CAAAA,CACAC,CAAAA,GACqB,CACrB,GAAI,CAIF,GAHI,CAACD,GAAY,CAACC,CAAAA,EACdA,CAAAA,CAAc,QAAA,CAAS,IAAI,CAAA,EAC3Bb,CAAAA,CAAK,UAAA,CAAWa,CAAa,CAAA,EAC7B,CAAC,iBAAA,CAAkB,IAAA,CAAKA,CAAa,CAAA,CAAG,OAAO,CAAA,CAAA,CAEnD,IAAMC,EAAed,CAAAA,CAAK,OAAA,CAAQY,CAAQ,CAAA,CACpCG,EAAef,CAAAA,CAAK,OAAA,CAAQc,CAAAA,CAAcD,CAAa,EAEvD,CAACG,CAAAA,CAAUC,CAAQ,CAAA,CAAI,MAAM,OAAA,CAAQ,GAAA,CAAI,CAC1C,CAAA,CAAA,QAAA,CAASH,CAAY,CAAA,CACrB,CAAA,CAAA,QAAA,CAASC,CAAY,CAC1B,CAAC,CAAA,CAGD,GAAI,CAAA,CADc,MAAS,CAAA,CAAA,IAAA,CAAKC,CAAQ,CAAA,EACzB,WAAA,GAAe,OAAO,CAAA,CAAA,CAErC,IAAME,CAAAA,CAAiBF,EAAWhB,CAAAA,CAAK,GAAA,CAGjCmB,CAAAA,CAAAA,CAFiBF,CAAAA,CAAWjB,CAAAA,CAAK,GAAA,EAGtB,UAAA,CAAWkB,CAAc,GAAKD,CAAAA,GAAaD,CAAAA,CAEtDI,CAAAA,CAAWpB,CAAAA,CAAK,SAASgB,CAAAA,CAAUC,CAAQ,CAAA,CACjD,OAAO,CAACG,CAAAA,CAAS,UAAA,CAAW,IAAI,CAAA,EAAK,CAACpB,CAAAA,CAAK,UAAA,CAAWoB,CAAQ,GAAKD,CACrE,CAAA,KAAQ,CACN,OAAO,MACT,CACF,CAAA,CASME,CAAAA,CAAmB,MACvBC,EACAC,CAAAA,CAAkB,QAAA,CAClB,CACE,SAAA,CAAAC,CAAAA,CACA,QAAA,CAAAC,CACF,CAAA,GAIoB,CACpB,GAAI,CACF,IAAMC,CAAAA,CAAW,MAAMC,CAAAA,CAAM,GAAA,CAAIL,CAAAA,CAAK,CACpC,aAAc,aAAA,CACd,OAAA,CAASE,CAAAA,CACT,gBAAA,CAAkBC,CAAAA,CAClB,aAAA,CAAeA,CAAAA,CACf,cAAA,CAAiBG,GAAWA,CAAAA,EAAU,GAAA,EAAOA,CAAAA,CAAS,GACxD,CAAC,CAAA,CAEKC,CAAAA,CAAcH,CAAAA,CAAS,OAAA,CAAQ,cAAc,CAAA,EAAG,WAAA,EAAY,CAGlE,OAFyB,MAAA,CAAO,MAAA,CAAOhB,CAAS,CAAA,CAE3B,SAASmB,CAAAA,EAAe,EAAE,CAAA,CACtC,MAAA,CAAO,KAAKH,CAAAA,CAAS,IAAI,CAAA,CAE3B,MAAMpB,EAAeiB,CAAI,CAAA,EAClC,CAAA,KAAgB,CACd,OAAO,MAAMjB,CAAAA,CAAeiB,CAAI,CAAA,EAClC,CACF,CAAA,CAUaO,EAAiB,MAC5BC,CAAAA,CACAC,CAAAA,CACAT,CAAAA,CAAkB,WACf,CAEH,GAAI,CADY,MAAMZ,EAAYqB,CAAAA,CAASD,CAAQ,CAAA,CAEjD,OAAO,MAAMzB,CAAAA,CAAeiB,CAAI,CAAA,EAAE,CAEpC,GAAI,CACF,OAAO,MAAS,CAAA,CAAA,QAAA,CAASvB,EAAK,OAAA,CAAQgC,CAAAA,CAASD,CAAQ,CAAC,CAC1D,CAAA,KAAgB,CACd,OAAO,MAAMzB,CAAAA,CAAeiB,CAAI,CAAA,EAClC,CACF,CAAA,CAYaU,CAAAA,CAAa,CACxBX,CAAAA,CACAU,EACAE,CAAAA,CACAX,CAAAA,CAAkB,QAAA,CAClBY,CAAAA,CACAC,CAAAA,CAA+B,EAAC,CAChC,CACE,UAAAZ,CAAAA,CACA,QAAA,CAAAC,CACF,CAAA,GAIoB,CACpB,GAAI,CACF,IAAMY,CAAAA,CAAM,IAAI,GAAA,CAAIf,CAAG,CAAA,CAKvB,GAHEY,CAAAA,GAAe,KAAA,CAAA,EACf,CAACA,CAAAA,CAAY,OAAOA,CAAU,CAAA,CAAE,CAAA,CAAE,QAAA,CAASG,EAAI,IAAI,CAAA,CAErC,CACd,IAAMC,EAAYD,CAAAA,CAAI,QAAA,CAAS,OAAA,CAAQF,CAAAA,CAAU,EAAE,CAAA,CACnD,OAAOL,CAAAA,CAAeQ,EAAWN,CAAAA,CAAST,CAAI,CAChD,CAGA,OADyBa,CAAAA,CAAmB,QAAA,CAASC,CAAAA,CAAI,IAAI,EAIxD,CAAC,OAAA,CAAS,QAAQ,CAAA,CAAE,QAAA,CAASA,CAAAA,CAAI,QAAQ,CAAA,CAGvChB,EAAiBC,CAAAA,CAAKC,CAAAA,CAAM,CAAE,SAAA,CAAAC,EAAW,QAAA,CAAAC,CAAS,CAAC,CAAA,CAFjDnB,EAAeiB,CAAI,CAAA,EAAE,CAHrBjB,CAAAA,CAAeiB,CAAI,CAAA,EAM9B,CAAA,KAAQ,CACN,OAAOO,CAAAA,CAAeR,CAAAA,CAAKU,CAAAA,CAAST,CAAI,CAC1C,CACF,EC/JA,IAAMgB,CAAAA,CAAkBC,GAAAA,CAAE,IAAA,CAAK/B,CAAuC,CAAA,CAChEgC,EAAgBD,GAAAA,CAAE,IAAA,CAAK,CAAC,QAAA,CAAU,QAAQ,CAAC,CAAA,CAEpCE,CAAAA,CAAiBF,GAAAA,CAC3B,OAAO,CACN,GAAA,CAAKA,GAAAA,CACF,MAAA,GACA,GAAA,CAAI,CAAA,CAAG,iBAAiB,CAAA,CACxB,UAAS,CACT,OAAA,CAAQ,0BAA0B,CAAA,CACrC,OAAQA,GAAAA,CACL,MAAA,EAAO,CACP,QAAA,GACA,SAAA,CAAWG,CAAAA,EAAQ,CAClB,IAAMC,CAAAA,CAAQD,CAAAA,EAAK,WAAA,EAAY,CAC/B,OAAOC,CAAAA,EAASL,CAAAA,CAAgB,OAAA,CAAQ,QAAA,CAASK,CAAe,CAAA,CAC3DA,CAAAA,CACD,MACN,CAAC,EACA,QAAA,EAAS,CACZ,KAAA,CAAOJ,GAAAA,CACJ,KAAA,CAAM,CAACA,GAAAA,CAAE,MAAA,GAAUA,GAAAA,CAAE,MAAA,EAAQ,CAAC,EAC9B,QAAA,EAAS,CACT,SAAA,CAAWK,CAAAA,EACaA,GAAU,IAAA,CAAO,MAAA,CAAY,MAAA,CAAOA,CAAK,CAClE,CAAA,CACC,IAAA,CACCL,GAAAA,CACG,QAAO,CACP,GAAA,EAAI,CACJ,GAAA,CAAI,GAAI,iBAAiB,CAAA,CACzB,GAAA,CAAI,GAAA,CAAM,iBAAiB,CAAA,CAC3B,QAAA,EACL,CAAA,CACF,MAAA,CAAQA,GAAAA,CACL,KAAA,CAAM,CAACA,IAAE,MAAA,EAAO,CAAGA,GAAAA,CAAE,MAAA,EAAQ,CAAC,CAAA,CAC9B,QAAA,EAAS,CACT,UAAWK,CAAAA,EACaA,CAAAA,EAAU,IAAA,CAAO,MAAA,CAAY,MAAA,CAAOA,CAAK,CAClE,CAAA,CACC,KACCL,GAAAA,CACG,MAAA,EAAO,CACP,GAAA,GACA,GAAA,CAAI,EAAA,CAAI,kBAAkB,CAAA,CAC1B,IAAI,GAAA,CAAM,kBAAkB,CAAA,CAC5B,QAAA,EACL,CAAA,CACF,OAAA,CAASA,GAAAA,CACN,MAAM,CAACA,GAAAA,CAAE,MAAA,EAAO,CAAGA,IAAE,MAAA,EAAQ,CAAC,CAAA,CAC9B,UAAS,CACT,SAAA,CAAWK,CAAAA,EACaA,CAAAA,EAAU,IAAA,CAAO,MAAA,CAAY,MAAA,CAAOA,CAAK,CAClE,CAAA,CACC,IAAA,CAAKL,GAAAA,CAAE,MAAA,GAAS,GAAA,EAAI,CAAE,GAAA,CAAI,CAAC,EAAE,GAAA,CAAI,GAAG,CAAA,CAAE,OAAA,CAAQ,EAAE,CAAC,CAAA,CACpD,MAAA,CAAQA,GAAAA,CAAE,KAAK,CAAC,QAAA,CAAU,SAAS,CAAC,EAAE,OAAA,CAAQ,QAAQ,CAAA,CACtD,IAAA,CAAMC,EAAc,OAAA,CAAQ,QAAQ,CAAA,CACpC,MAAA,CAAQD,GAAAA,CACL,KAAA,CAAM,CAACA,GAAAA,CAAE,QAAO,CAAGA,GAAAA,CAAE,MAAA,EAAQ,CAAC,CAAA,CAC9B,QAAA,EAAS,CACT,SAAA,CAAWK,GACaA,CAAAA,EAAU,IAAA,CAAO,MAAA,CAAY,MAAA,CAAOA,CAAK,CAAA,CAAE,IAAA,EACpE,EACC,IAAA,CACCL,GAAAA,CACG,MAAA,EAAO,CACP,IAAI,CAAA,CAAG,wBAAwB,CAAA,CAC/B,GAAA,CAAI,IAAK,iBAAiB,CAAA,CAC1B,QAAA,EACL,CACJ,CAAC,CAAA,CACA,MAAA,GAEUM,CAAAA,CAAgBN,GAAAA,CAC1B,MAAA,CAAO,CACN,QAASA,GAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,EAAG,qBAAqB,CAAA,CAChD,SAAA,CAAWA,GAAAA,CACR,MAAA,CAEEG,CAAAA,EAAQ,OAAOA,CAAAA,EAAQ,WAAY,CAAE,OAAA,CAAS,8BAA+B,CAAC,EAChF,QAAA,EAAS,CACZ,aAAA,CAAeH,GAAAA,CACZ,OAEEG,CAAAA,EAAQ,OAAOA,CAAAA,EAAQ,UAAA,CAAY,CAAE,OAAA,CAAS,kCAAmC,CAAC,EACpF,QAAA,EAAS,CACZ,UAAA,CAAYH,GAAAA,CAAE,MAAM,CAACA,GAAAA,CAAE,GAAA,EAAI,CAAGA,IAAE,MAAA,EAAO,CAAE,KAAA,CAAM,WAAW,CAAC,CAAC,CAAA,CAAE,QAAA,GAC9D,QAAA,CAAUA,GAAAA,CAAE,UAAA,CAAW,MAAM,EAAE,OAAA,CAAQhC,CAAS,CAAA,CAChD,kBAAA,CAAoBgC,IAAE,KAAA,CAAMA,GAAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,OAAA,CAAQ,EAAE,EAClD,YAAA,CAAcA,GAAAA,CAAE,MAAA,EAAO,CAAE,UAAS,CAClC,IAAA,CAAMA,GAAAA,CAAE,OAAA,GAAU,OAAA,CAAQ,IAAI,CAAA,CAC9B,QAAA,CAAUA,IAAE,MAAA,EAAO,CAAE,GAAA,EAAI,CAAE,UAAS,CAAE,OAAA,CAAQ,EAAE,CAAA,CAChD,SAAUA,GAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS,CAAE,OAAA,CAAQ,GAAI,CAAA,CAClD,SAAA,CAAWA,GAAAA,CAAE,MAAA,GAAS,GAAA,EAAI,CAAE,QAAA,EAAS,CAAE,QAAQ,EAAE,CAAA,CACjD,SAAA,CAAWA,GAAAA,CAAE,QAAO,CAAE,GAAA,EAAI,CAAE,QAAA,EAAS,CAAE,OAAA,CAAQ,GAAI,CAAA,CACnD,eAAgBA,GAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,GAAA,CAAI,CAAC,CAAA,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,OAAA,CAAQ,EAAE,CAAA,CAC3D,gBAAA,CAAkBA,GAAAA,CAAE,MAAA,EAAO,CAAE,KAAI,CAAE,QAAA,EAAS,CAAE,OAAA,CAAQ,GAAI,CAAA,CAC1D,gBAAA,CAAkBA,GAAAA,CAAE,MAAA,GAAS,GAAA,EAAI,CAAE,QAAA,EAAS,CAAE,OAAA,CAAQ,GAAS,CACjE,CAAC,EACA,MAAA,GC5DI,IAAMO,CAAAA,CAAiBC,GAC5BF,CAAAA,CAAc,KAAA,CAAME,CAAO,CAAA,CAQhBC,EAAiB,CAC5BC,CAAAA,CACAC,CAAAA,GAOmB,CACnB,IAAMC,CAAAA,CAASV,CAAAA,CAAe,KAAA,CAAMQ,CAAQ,CAAA,CAEtCG,CAAAA,CAAQ,CAACR,CAAAA,CAA2BS,EAAaC,CAAAA,GAAgB,CACrE,GAAIV,CAAAA,GAAU,OACd,OAAO,IAAA,CAAK,GAAA,CAAI,IAAA,CAAK,GAAA,CAAIA,CAAAA,CAAOS,CAAG,CAAA,CAAGC,CAAG,CAC3C,CAAA,CAEA,OAAO,CACL,GAAGH,CAAAA,CACH,KAAA,CAAOC,CAAAA,CAAMD,CAAAA,CAAO,MAAOD,CAAAA,CAAO,QAAA,CAAUA,CAAAA,CAAO,QAAQ,CAAA,CAC3D,MAAA,CAAQE,CAAAA,CAAMD,CAAAA,CAAO,OAAQD,CAAAA,CAAO,SAAA,CAAWA,CAAAA,CAAO,SAAS,EAC/D,OAAA,CAASC,CAAAA,CAAO,OAAA,EAAWD,CAAAA,CAAO,eAClC,MAAA,CAAQC,CAAAA,CAAO,MAAA,EAAU,MAC3B,CACF,CAAA,CC1CA,IAAMI,CAAAA,CAAa,MACjBC,EACAC,CAAAA,CACAC,CAAAA,CACAX,CAAAA,GACG,CACH,GAAI,CACF,IAAMY,CAAAA,CAAgBb,CAAAA,CAAcC,CAAO,CAAA,CACrCE,CAAAA,CAAWD,CAAAA,CAAeQ,CAAAA,CAAI,KAAA,CAA4B,CAC9D,QAAA,CAAUG,CAAAA,CAAc,SACxB,QAAA,CAAUA,CAAAA,CAAc,QAAA,CACxB,SAAA,CAAWA,EAAc,SAAA,CACzB,SAAA,CAAWA,CAAAA,CAAc,SAAA,CACzB,eAAgBA,CAAAA,CAAc,cAChC,CAAC,CAAA,CAEG5B,CAAAA,CAAU4B,CAAAA,CAAc,OAAA,CACxBC,CAAAA,CAQJ,GANIX,CAAAA,CAAS,MAAA,GACXW,CAAAA,CAAeD,CAAAA,CAAc,UACzBA,CAAAA,CAAc,SAAA,CAAUV,CAAAA,CAAS,MAAM,EACvCA,CAAAA,CAAS,MAAA,CAAA,CAGXA,CAAAA,CAAS,MAAA,GAAW,SAAA,EAAaU,CAAAA,CAAc,aAAA,CAAe,CAChE,IAAME,CAAAA,CAAM,MAAMF,CAAAA,CAAc,aAAA,CAAcH,EAAKI,CAAY,CAAA,CAC3DC,CAAAA,GACF9B,CAAAA,CAAU8B,GAEd,CAEA,IAAMC,CAAAA,CAAetD,CAAAA,CAAe,QAAA,CAAA,CACjCyC,CAAAA,CAAS,MAAA,EAAU,EAAA,EAAI,aAC1B,CAAA,CACKA,CAAAA,CAAS,MAAA,CACV,OAuBEc,CAAAA,CAAc,KAAA,CArBE,SACfd,CAAAA,CAAS,IAGVA,CAAAA,CAAS,GAAA,CAAI,UAAA,CAAW,MAAM,CAAA,CACzBjB,CAAAA,CACLiB,CAAAA,CAAS,GAAA,CACTlB,EACA4B,CAAAA,CAAc,UAAA,CACdV,CAAAA,CAAS,IAAA,CACTU,EAAc,QAAA,CACdA,CAAAA,CAAc,kBAAA,CACd,CACE,UAAWA,CAAAA,CAAc,gBAAA,CACzB,QAAA,CAAUA,CAAAA,CAAc,gBAC1B,CACF,CAAA,CAEK9B,CAAAA,CAAeoB,EAAS,GAAA,CAAKlB,CAAAA,CAASkB,CAAAA,CAAS,IAAiB,EAhB9D5C,CAAAA,CAAe4C,CAAAA,CAAS,IAAA,EAAQ,QAAQ,GAAE,GAmBb,CACpCe,CAAAA,CAAQC,CAAAA,CAAMF,CAAAA,CAAa,CAAE,MAAA,CAAQ,WAAY,CAAC,CAAA,CAEtD,GAAId,CAAAA,CAAS,KAAA,EAASA,EAAS,MAAA,CAAQ,CACrC,IAAMiB,CAAAA,CAA+B,CACnC,KAAA,CAAOjB,CAAAA,CAAS,KAAA,EAAS,KAAA,CAAA,CACzB,OAAQA,CAAAA,CAAS,MAAA,EAAU,KAAA,CAAA,CAC3B,GAAA,CAAKgB,EAAM,GAAA,CAAI,KAAA,CACf,kBAAA,CAAoB,CAAA,CACtB,EACAD,CAAAA,CAAQA,CAAAA,CAAM,MAAA,CAAOE,CAAa,EACpC,CAEA,IAAMC,CAAAA,CAAiB,MAAMH,CAAAA,CAC1B,MAAA,EAAO,CACP,QAAA,CAASF,EAAkC,CAC1C,OAAA,CAASb,CAAAA,CAAS,OACpB,CAAC,CAAA,CACA,QAAA,EAAS,CAKNmB,CAAAA,CAAoB,GAHPnB,CAAAA,CAAS,GAAA,CACxBlD,CAAAA,CAAK,QAAA,CAASkD,CAAAA,CAAS,GAAA,CAAKlD,CAAAA,CAAK,OAAA,CAAQkD,EAAS,GAAG,CAAC,CAAA,CACtD,OACmC,IAAIa,CAAY,CAAA,CAAA,CAEjDO,CAAAA,CAAOV,CAAAA,CAAc,KACvB,CAAA,CAAA,EAAIW,UAAAA,CAAW,MAAM,CAAA,CAAE,MAAA,CAAOH,CAAc,CAAA,CAAE,MAAA,CAAO,KAAK,CAAC,CAAA,CAAA,CAAA,CAC3D,KAAA,CAAA,CAEJ,GAAIE,GAAQb,CAAAA,CAAI,OAAA,CAAQ,eAAe,CAAA,GAAMa,EAAM,CACjDZ,CAAAA,CAAI,MAAA,CAAO,GAAG,EAAE,GAAA,EAAI,CACpB,MACF,CAEAA,EAAI,IAAA,CAAKhD,CAAAA,CAAUqD,CAAY,CAAC,EAChCL,CAAAA,CAAI,SAAA,CACF,qBAAA,CACA,CAAA,kBAAA,EAAqBW,CAAiB,CAAA,CAAA,CACxC,CAAA,CACAX,CAAAA,CAAI,SAAA,CACF,eAAA,CACAE,CAAAA,CAAc,YAAA,EACZ,sDACJ,EACIU,CAAAA,EACFZ,CAAAA,CAAI,SAAA,CAAU,MAAA,CAAQY,CAAI,CAAA,CAE5BZ,CAAAA,CAAI,SAAA,CAAU,gBAAA,CAAkBU,EAAe,MAAA,CAAO,QAAA,EAAU,CAAA,CAChEV,CAAAA,CAAI,IAAA,CAAKU,CAAc,EAEzB,MAAgB,CACd,GAAI,CACF,IAAMI,EAAW,MAAMlE,CAAAA,CAAe,MAAA,EAAO,CAC7CoD,EAAI,IAAA,CAAKhD,CAAAA,CAAU,IAAI,CAAA,CACvBgD,CAAAA,CAAI,SAAA,CAAU,qBAAA,CAAuB,kCAAkC,EACvEA,CAAAA,CAAI,SAAA,CAAU,eAAA,CAAiB,oBAAoB,EACnDA,CAAAA,CAAI,IAAA,CAAKc,CAAQ,EACnB,OAASC,CAAAA,CAAe,CACtBd,CAAAA,CAAKc,CAAa,EACpB,CACF,CACF,CAAA,CAQMC,CAAAA,CAAiB1B,GACd,MAAOS,CAAAA,CAAcC,CAAAA,CAAeC,CAAAA,GACzCH,EAAWC,CAAAA,CAAKC,CAAAA,CAAKC,CAAAA,CAAMX,CAAO,EAG/B2B,CAAAA,CAAQD","file":"index.mjs","sourcesContent":["import type { ImageFormat } from \"./types\";\r\nimport { readFile } from \"node:fs/promises\";\r\nimport path from \"node:path\";\r\nimport { fileURLToPath } from \"node:url\";\r\n\r\n/*\r\n Get the directory path for the current module.\r\n * Uses import.meta.url for ESM (tsup provides shims for CJS compatibility).\r\n /\r\nconst moduleDir = path.dirname(fileURLToPath(import.meta.url));\r\n\r\nconst getAssetPath = (filename: string): string => {\r\n return path.join(moduleDir, \"assets\", filename);\r\n};\r\n\r\nconst NOT_FOUND_IMAGE = getAssetPath(\"noimage.jpg\");\r\nconst NOT_FOUND_AVATAR = getAssetPath(\"noavatar.png\");\r\n\r\nexport const FALLBACKIMAGES: Record<\r\n \"normal\" \| \"avatar\",\r\n () => Promise<Buffer>\r\n> = {\r\n normal: async (): Promise<Buffer> => readFile(NOT_FOUND_IMAGE),\r\n avatar: async (): Promise<Buffer> => readFile(NOT_FOUND_AVATAR),\r\n};\r\n\r\nexport const API_REGEX: RegExp = /^\\/api\\/v1\\//;\r\n\r\nexport const allowedFormats: ImageFormat[] = [\r\n \"jpeg\",\r\n \"jpg\",\r\n \"png\",\r\n \"webp\",\r\n \"gif\",\r\n \"tiff\",\r\n \"avif\",\r\n \"svg\",\r\n];\r\n\r\nexport const mimeTypes: Readonly<Record<string, string>> = {\r\n jpeg: \"image/jpeg\",\r\n jpg: \"image/jpeg\",\r\n png: \"image/png\",\r\n webp: \"image/webp\",\r\n gif: \"image/gif\",\r\n tiff: \"image/tiff\",\r\n avif: \"image/avif\",\r\n svg: \"image/svg+xml\",\r\n};\r\n","import path from \"node:path\";\r\nimport as fs from \"node:fs/promises\";\r\nimport axios from \"axios\";\r\nimport { FALLBACKIMAGES, mimeTypes } from \"./variables\";\r\nimport type { ImageType } from \"./types\";\r\n\r\n/*\r\n @typedef {(\"avatar\" \| \"normal\")} ImageType\r\n * @description Defines the type of image being processed.\r\n /\r\n\r\n/\r\n Checks if a specified path is valid within a base path.\r\n \r\n @param {string} basePath - The base directory to resolve paths.\r\n * @param {string} specifiedPath - The path to check.\r\n * @returns {Promise<boolean>} True if the path is valid, false otherwise.\r\n /\r\nexport const isValidPath = async (\r\n basePath: string,\r\n specifiedPath: string\r\n): Promise<boolean> => {\r\n try {\r\n if (!basePath \|\| !specifiedPath) return false;\r\n if (specifiedPath.includes(\"\\0\")) return false;\r\n if (path.isAbsolute(specifiedPath)) return false;\r\n if (!/^[^\\x00-\\x1F]+$/.test(specifiedPath)) return false;\r\n\r\n const resolvedBase = path.resolve(basePath);\r\n const resolvedPath = path.resolve(resolvedBase, specifiedPath);\r\n\r\n const [realBase, realPath] = await Promise.all([\r\n fs.realpath(resolvedBase),\r\n fs.realpath(resolvedPath),\r\n ]);\r\n\r\n const baseStats = await fs.stat(realBase);\r\n if (!baseStats.isDirectory()) return false;\r\n\r\n const normalizedBase = realBase + path.sep;\r\n const normalizedPath = realPath + path.sep;\r\n\r\n const isInside =\r\n normalizedPath.startsWith(normalizedBase) \|\| realPath === realBase;\r\n\r\n const relative = path.relative(realBase, realPath);\r\n return !relative.startsWith(\"..\") && !path.isAbsolute(relative) && isInside;\r\n } catch {\r\n return false;\r\n }\r\n};\r\n\r\n/\r\n Fetches an image from a network source.\r\n \r\n @param {string} src - The URL of the image.\r\n * @param {ImageType} [type=\"normal\"] - Type of fallback image in case of an error.\r\n * @returns {Promise<Buffer>} A buffer containing the image data or a fallback image.\r\n /\r\nconst fetchFromNetwork = async (\r\n src: string,\r\n type: ImageType = \"normal\",\r\n {\r\n timeoutMs,\r\n maxBytes,\r\n }: {\r\n timeoutMs: number;\r\n maxBytes: number;\r\n }\r\n): Promise<Buffer> => {\r\n try {\r\n const response = await axios.get(src, {\r\n responseType: \"arraybuffer\",\r\n timeout: timeoutMs,\r\n maxContentLength: maxBytes,\r\n maxBodyLength: maxBytes,\r\n validateStatus: (status) => status >= 200 && status < 300,\r\n });\r\n\r\n const contentType = response.headers[\"content-type\"]?.toLowerCase();\r\n const allowedMimeTypes = Object.values(mimeTypes);\r\n\r\n if (allowedMimeTypes.includes(contentType ?? \"\")) {\r\n return Buffer.from(response.data);\r\n }\r\n return await FALLBACKIMAGES[type]();\r\n } catch (error) {\r\n return await FALLBACKIMAGES[type]();\r\n }\r\n};\r\n\r\n/\r\n Reads an image from the local file system.\r\n \r\n @param {string} filePath - Path to the image file.\r\n * @param {string} baseDir - Base directory to resolve paths.\r\n * @param {ImageType} [type=\"normal\"] - Type of fallback image if the path is invalid.\r\n * @returns {Promise<Buffer>} A buffer containing the image data.\r\n /\r\nexport const readLocalImage = async (\r\n filePath: string,\r\n baseDir: string,\r\n type: ImageType = \"normal\"\r\n) => {\r\n const isValid = await isValidPath(baseDir, filePath);\r\n if (!isValid) {\r\n return await FALLBACKIMAGES[type]();\r\n }\r\n try {\r\n return await fs.readFile(path.resolve(baseDir, filePath));\r\n } catch (error) {\r\n return await FALLBACKIMAGES[type]();\r\n }\r\n};\r\n\r\n/\r\n Fetches an image from either a local file or a network source.\r\n \r\n @param {string} src - The URL or local path of the image.\r\n * @param {string} baseDir - Base directory to resolve local paths.\r\n * @param {string} websiteURL - The URL of the website.\r\n * @param {ImageType} [type=\"normal\"] - Type of fallback image if the path is invalid.\r\n * @param {string[]} [allowedNetworkList=[]] - List of allowed network hosts.\r\n * @returns {Promise<Buffer>} A buffer containing the image data or a fallback image.\r\n /\r\nexport const fetchImage = (\r\n src: string,\r\n baseDir: string,\r\n websiteURL: string \| undefined,\r\n type: ImageType = \"normal\",\r\n apiRegex: RegExp,\r\n allowedNetworkList: string[] = [],\r\n {\r\n timeoutMs,\r\n maxBytes,\r\n }: {\r\n timeoutMs: number;\r\n maxBytes: number;\r\n }\r\n): Promise<Buffer> => {\r\n try {\r\n const url = new URL(src);\r\n const isInternal =\r\n websiteURL !== undefined &&\r\n [websiteURL, `www.${websiteURL}`].includes(url.host);\r\n\r\n if (isInternal) {\r\n const localPath = url.pathname.replace(apiRegex, \"\");\r\n return readLocalImage(localPath, baseDir, type);\r\n }\r\n\r\n const allowedCondition = allowedNetworkList.includes(url.host);\r\n if (!allowedCondition) {\r\n return FALLBACKIMAGES[type]();\r\n }\r\n if (![\"http:\", \"https:\"].includes(url.protocol)) {\r\n return FALLBACKIMAGES[type]();\r\n }\r\n return fetchFromNetwork(src, type, { timeoutMs, maxBytes });\r\n } catch {\r\n return readLocalImage(src, baseDir, type);\r\n }\r\n};\r\n","import { z } from \"zod\";\r\nimport { API_REGEX, allowedFormats } from \"./variables\";\r\n\r\nconst imageFormatEnum = z.enum(allowedFormats as [string, ...string[]]);\r\nconst imageTypeEnum = z.enum([\"avatar\", \"normal\"]);\r\n\r\nexport const userDataSchema = z\r\n .object({\r\n src: z\r\n .string()\r\n .min(1, \"src is required\")\r\n .optional()\r\n .default(\"/placeholder/noimage.jpg\"),\r\n format: z\r\n .string()\r\n .optional()\r\n .transform((val) => {\r\n const lower = val?.toLowerCase();\r\n return lower && imageFormatEnum.options.includes(lower as string)\r\n ? (lower as (typeof imageFormatEnum)[\"options\"][number])\r\n : undefined;\r\n })\r\n .optional(),\r\n width: z\r\n .union([z.number(), z.string()])\r\n .optional()\r\n .transform((value) =>\r\n value === undefined \|\| value === null ? undefined : Number(value)\r\n )\r\n .pipe(\r\n z\r\n .number()\r\n .int()\r\n .min(50, \"width too small\")\r\n .max(4000, \"width too large\")\r\n .optional()\r\n ),\r\n height: z\r\n .union([z.number(), z.string()])\r\n .optional()\r\n .transform((value) =>\r\n value === undefined \|\| value === null ? undefined : Number(value)\r\n )\r\n .pipe(\r\n z\r\n .number()\r\n .int()\r\n .min(50, \"height too small\")\r\n .max(4000, \"height too large\")\r\n .optional()\r\n ),\r\n quality: z\r\n .union([z.number(), z.string()])\r\n .optional()\r\n .transform((value) =>\r\n value === undefined \|\| value === null ? undefined : Number(value)\r\n )\r\n .pipe(z.number().int().min(1).max(100).default(80)),\r\n folder: z.enum([\"public\", \"private\"]).default(\"public\"),\r\n type: imageTypeEnum.default(\"normal\"),\r\n userId: z\r\n .union([z.string(), z.number()])\r\n .optional()\r\n .transform((value) =>\r\n value === undefined \|\| value === null ? undefined : String(value).trim()\r\n )\r\n .pipe(\r\n z\r\n .string()\r\n .min(1, \"userId cannot be empty\")\r\n .max(128, \"userId too long\")\r\n .optional()\r\n ),\r\n })\r\n .strict();\r\n\r\nexport const optionsSchema = z\r\n .object({\r\n baseDir: z.string().min(1, \"baseDir is required\"),\r\n idHandler: z\r\n .custom<\r\n (id: string) => string\r\n >((val) => typeof val === \"function\", { message: \"idHandler must be a function\" })\r\n .optional(),\r\n getUserFolder: z\r\n .custom<\r\n (req: unknown, id?: string) => Promise<string> \| string\r\n >((val) => typeof val === \"function\", { message: \"getUserFolder must be a function\" })\r\n .optional(),\r\n websiteURL: z.union([z.url(), z.string().regex(/^[\\w.-]+$/)]).optional(),\r\n apiRegex: z.instanceof(RegExp).default(API_REGEX),\r\n allowedNetworkList: z.array(z.string()).default([]),\r\n cacheControl: z.string().optional(),\r\n etag: z.boolean().default(true),\r\n minWidth: z.number().int().positive().default(50),\r\n maxWidth: z.number().int().positive().default(4000),\r\n minHeight: z.number().int().positive().default(50),\r\n maxHeight: z.number().int().positive().default(4000),\r\n defaultQuality: z.number().int().min(1).max(100).default(80),\r\n requestTimeoutMs: z.number().int().positive().default(5000),\r\n maxDownloadBytes: z.number().int().positive().default(5_000_000),\r\n })\r\n .strict();\r\n\r\nexport type ParsedUserData = z.infer<typeof userDataSchema>;\r\nexport type ParsedOptions = z.infer<typeof optionsSchema>;\r\n","import { optionsSchema, userDataSchema } from \"./schema\";\r\nimport type { ParsedOptions, ParsedUserData } from \"./schema\";\r\nimport type { PixelServeOptions, UserData } from \"./types\";\r\n\r\n/\r\n @typedef {(\"avatar\" \| \"normal\")} ImageType\r\n * @description Defines the type of image being processed.\r\n /\r\n\r\n/\r\n @typedef {(\"jpeg\" \| \"jpg\" \| \"png\" \| \"webp\" \| \"gif\" \| \"tiff\" \| \"avif\" \| \"svg\")} ImageFormat\r\n * @description Supported formats for image processing.\r\n /\r\n\r\n/\r\n @typedef {Object} Options\r\n * @property {string} baseDir - The base directory for public image files.\r\n * @property {function(string): string} idHandler - A function to handle user IDs.\r\n * @property {function(string, Request): Promise<string>} getUserFolder - Asynchronous function to retrieve user-specific folders.\r\n * @property {string} websiteURL - The base URL of the website for internal link resolution.\r\n * @property {RegExp} apiRegex - Regex to parse API endpoints from URLs.\r\n * @property {string[]} allowedNetworkList - List of allowed network domains for external image fetching.\r\n /\r\n\r\n/\r\n @typedef {Object} UserData\r\n * @property {number\|string} quality - Quality of the image (1–100).\r\n * @property {ImageFormat} format - Desired format of the image.\r\n * @property {string} [src] - Source path or URL for the image.\r\n * @property {string} [folder] - The folder type (\"public\" or \"private\").\r\n * @property {ImageType} [type] - Type of the image (\"avatar\" or \"normal\").\r\n * @property {string\|null} [userId] - Optional user identifier.\r\n * @property {number\|string} [width] - Desired image width.\r\n * @property {number\|string} [height] - Desired image height.\r\n /\r\n\r\n/\r\n Renders the options object with default values and user-provided values.\r\n \r\n @param {Partial<Options>} options - The user-provided options.\r\n * @returns {Options} The rendered options object.\r\n /\r\nexport const renderOptions = (options: PixelServeOptions): ParsedOptions =>\r\n optionsSchema.parse(options);\r\n\r\n/\r\n Renders the user data object with default values and user-provided values.\r\n \r\n @param {Partial<UserData>} userData - The user-provided data.\r\n * @returns {UserData} The rendered user data object.\r\n /\r\nexport const renderUserData = (\r\n userData: Partial<UserData>,\r\n bounds: {\r\n minWidth: number;\r\n maxWidth: number;\r\n minHeight: number;\r\n maxHeight: number;\r\n defaultQuality: number;\r\n }\r\n): ParsedUserData => {\r\n const parsed = userDataSchema.parse(userData);\r\n\r\n const clamp = (value: number \| undefined, min: number, max: number) => {\r\n if (value === undefined) return undefined;\r\n return Math.min(Math.max(value, min), max);\r\n };\r\n\r\n return {\r\n ...parsed,\r\n width: clamp(parsed.width, bounds.minWidth, bounds.maxWidth),\r\n height: clamp(parsed.height, bounds.minHeight, bounds.maxHeight),\r\n quality: parsed.quality ?? bounds.defaultQuality,\r\n format: parsed.format ?? \"jpeg\",\r\n };\r\n};\r\n","import path from \"node:path\";\r\nimport { createHash } from \"node:crypto\";\r\nimport sharp, { FormatEnum, ResizeOptions } from \"sharp\";\r\nimport type { Request, Response, NextFunction } from \"express\";\r\nimport type {\r\n PixelServeOptions,\r\n UserData,\r\n ImageFormat,\r\n ImageType,\r\n} from \"./types\";\r\nimport { allowedFormats, FALLBACKIMAGES, mimeTypes } from \"./variables\";\r\nimport { fetchImage, readLocalImage } from \"./functions\";\r\nimport { renderOptions, renderUserData } from \"./renders\";\r\n\r\n/\r\n @typedef {Object} Options\r\n * @property {string} baseDir - The base directory for public image files.\r\n * @property {function(string): string} idHandler - A function to handle user IDs.\r\n * @property {function(string, Request): Promise<string>} getUserFolder - Asynchronous function to retrieve user-specific folders.\r\n * @property {string} websiteURL - The base URL of the website for internal link resolution.\r\n * @property {RegExp} apiRegex - Regex to parse API endpoints from URLs.\r\n * @property {string[]} allowedNetworkList - List of allowed network domains for external image fetching.\r\n /\r\n\r\n/\r\n @function serveImage\r\n * @description Processes and serves an image based on user data and options.\r\n * @param {Request} req - The Express request object.\r\n * @param {Response} res - The Express response object.\r\n * @param {NextFunction} next - The Express next function.\r\n * @param {PixelServeOptions} options - The options object for image processing.\r\n * @returns {Promise<void>}\r\n /\r\nconst serveImage = async (\r\n req: Request,\r\n res: Response,\r\n next: NextFunction,\r\n options: PixelServeOptions\r\n) => {\r\n try {\r\n const parsedOptions = renderOptions(options);\r\n const userData = renderUserData(req.query as Partial<UserData>, {\r\n minWidth: parsedOptions.minWidth,\r\n maxWidth: parsedOptions.maxWidth,\r\n minHeight: parsedOptions.minHeight,\r\n maxHeight: parsedOptions.maxHeight,\r\n defaultQuality: parsedOptions.defaultQuality,\r\n });\r\n\r\n let baseDir = parsedOptions.baseDir;\r\n let parsedUserId: string \| undefined;\r\n\r\n if (userData.userId) {\r\n parsedUserId = parsedOptions.idHandler\r\n ? parsedOptions.idHandler(userData.userId)\r\n : userData.userId;\r\n }\r\n\r\n if (userData.folder === \"private\" && parsedOptions.getUserFolder) {\r\n const dir = await parsedOptions.getUserFolder(req, parsedUserId);\r\n if (dir) {\r\n baseDir = dir;\r\n }\r\n }\r\n\r\n const outputFormat = allowedFormats.includes(\r\n (userData.format ?? \"\").toLowerCase() as ImageFormat\r\n )\r\n ? (userData.format as ImageFormat)\r\n : \"jpeg\";\r\n\r\n const resolveBuffer = async (): Promise<Buffer> => {\r\n if (!userData.src) {\r\n return FALLBACKIMAGES[userData.type ?? \"normal\"]();\r\n }\r\n if (userData.src.startsWith(\"http\")) {\r\n return fetchImage(\r\n userData.src,\r\n baseDir,\r\n parsedOptions.websiteURL,\r\n userData.type as ImageType,\r\n parsedOptions.apiRegex,\r\n parsedOptions.allowedNetworkList,\r\n {\r\n timeoutMs: parsedOptions.requestTimeoutMs,\r\n maxBytes: parsedOptions.maxDownloadBytes,\r\n }\r\n );\r\n }\r\n return readLocalImage(userData.src, baseDir, userData.type as ImageType);\r\n };\r\n\r\n const imageBuffer = await resolveBuffer();\r\n let image = sharp(imageBuffer, { failOn: \"truncated\" });\r\n\r\n if (userData.width \|\| userData.height) {\r\n const resizeOptions: ResizeOptions = {\r\n width: userData.width ?? undefined,\r\n height: userData.height ?? undefined,\r\n fit: sharp.fit.cover,\r\n withoutEnlargement: true,\r\n };\r\n image = image.resize(resizeOptions);\r\n }\r\n\r\n const processedImage = await image\r\n .rotate()\r\n .toFormat(outputFormat as keyof FormatEnum, {\r\n quality: userData.quality,\r\n })\r\n .toBuffer();\r\n\r\n const sourceName = userData.src\r\n ? path.basename(userData.src, path.extname(userData.src))\r\n : \"image\";\r\n const processedFileName = `${sourceName}.${outputFormat}`;\r\n\r\n const etag = parsedOptions.etag\r\n ? `\"${createHash(\"sha1\").update(processedImage).digest(\"hex\")}\"`\r\n : undefined;\r\n\r\n if (etag && req.headers[\"if-none-match\"] === etag) {\r\n res.status(304).end();\r\n return;\r\n }\r\n\r\n res.type(mimeTypes[outputFormat]);\r\n res.setHeader(\r\n \"Content-Disposition\",\r\n `inline; filename=\"${processedFileName}\"`\r\n );\r\n res.setHeader(\r\n \"Cache-Control\",\r\n parsedOptions.cacheControl ??\r\n \"public, max-age=86400, stale-while-revalidate=604800\"\r\n );\r\n if (etag) {\r\n res.setHeader(\"ETag\", etag);\r\n }\r\n res.setHeader(\"Content-Length\", processedImage.length.toString());\r\n res.send(processedImage);\r\n / c8 ignore next /\r\n } catch (error) {\r\n try {\r\n const fallback = await FALLBACKIMAGES.normal();\r\n res.type(mimeTypes.jpeg);\r\n res.setHeader(\"Content-Disposition\", `inline; filename=\"fallback.jpeg\"`);\r\n res.setHeader(\"Cache-Control\", \"public, max-age=60\");\r\n res.send(fallback);\r\n } catch (fallbackError) {\r\n next(fallbackError);\r\n }\r\n }\r\n};\r\n\r\n/\r\n @function registerServe\r\n * @description A function to register the serveImage function as middleware for Express.\r\n * @param {PixelServeOptions} options - The options object for image processing.\r\n * @returns {function(Request, Response, NextFunction): Promise<void>} The middleware function.\r\n */\r\nconst registerServe = (options: PixelServeOptions) => {\r\n return async (req: Request, res: Response, next: NextFunction) =>\r\n serveImage(req, res, next, options);\r\n};\r\n\r\nexport default registerServe;\r\n"]}

package/package.json CHANGED Viewed

@@ -1,12 +1,26 @@
 {
   "name": "pixel-serve-server",
-  "version": "0.0.6",
+  "version": "1.0.0",
   "description": "A robust Node.js utility for handling and processing images. This package provides features like resizing, format conversion and etc.",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",
   "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js"
+    },
+    "./assets/*": "./dist/assets/*",
+    "./package.json": "./package.json"
+  },
+  "sideEffects": false,
   "scripts": {
-    "build": "tsup"
+    "build": "tsup",
+    "lint": "eslint \"src/**/*.{ts,tsx}\"",
+    "format": "prettier --check \"src/**/*.{ts,tsx}\"",
+    "test": "vitest run --coverage",
+    "test:watch": "vitest watch"
   },
   "files": [
     "dist",
@@ -31,18 +45,28 @@
     "url": "https://github.com/Hiprax/pixel-serve-server/issues"
   },
   "homepage": "https://github.com/Hiprax/pixel-serve-server#readme",
+  "dependencies": {
+    "axios": "^1.13.2",
+    "express": "^5.2.1",
+    "sharp": "^0.34.5",
+    "zod": "^4.1.13"
+  },
   "devDependencies": {
-    "@types/express": "^5.0.0",
-    "@types/node": "^22.10.5",
-    "tsup": "^8.3.5",
-    "typescript": "^5.7.3"
+    "@types/express": "^5.0.6",
+    "@types/node": "^24.10.1",
+    "@types/supertest": "^6.0.3",
+    "@typescript-eslint/eslint-plugin": "^8.48.1",
+    "@typescript-eslint/parser": "^8.48.1",
+    "@vitest/coverage-v8": "^4.0.15",
+    "eslint": "^9.39.1",
+    "eslint-config-prettier": "^10.1.8",
+    "prettier": "^3.7.4",
+    "supertest": "^7.1.4",
+    "tsup": "^8.5.1",
+    "typescript": "^5.9.3",
+    "vitest": "^4.0.15"
   },
   "engines": {
-    "node": ">=8.x"
-  },
-  "dependencies": {
-    "axios": "^1.7.9",
-    "express": "^4.21.2",
-    "sharp": "^0.33.5"
+    "node": ">=18"
   }
 }