rehydra 0.4.2 → 0.4.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/browser.js +1 -1
- package/dist/browser.js.map +1 -1
- package/dist/storage/browser.d.ts +1 -1
- package/dist/storage/browser.d.ts.map +1 -1
- package/dist/storage/browser.js +2 -2
- package/dist/storage/browser.js.map +1 -1
- package/dist/storage/session-base.d.ts +31 -0
- package/dist/storage/session-base.d.ts.map +1 -0
- package/dist/storage/session-base.js +112 -0
- package/dist/storage/session-base.js.map +1 -0
- package/dist/storage/session.d.ts +9 -23
- package/dist/storage/session.d.ts.map +1 -1
- package/dist/storage/session.js +8 -105
- package/dist/storage/session.js.map +1 -1
- package/package.json +1 -1
package/dist/browser.js
CHANGED
|
@@ -29,7 +29,7 @@ export { join as pathJoin, dirname as pathDirname, basename as pathBasename, nor
|
|
|
29
29
|
// Import core anonymizer components
|
|
30
30
|
import { Anonymizer as AnonymizerCore, anonymize as anonymizeCore, anonymizeRegexOnly as anonymizeRegexOnlyCore, anonymizeWithNER as anonymizeWithNERCore, } from "./core/index.js";
|
|
31
31
|
// Import session implementation
|
|
32
|
-
import { AnonymizerSessionImpl } from "./storage/session.js";
|
|
32
|
+
import { AnonymizerSessionImpl } from "./storage/session-base.js";
|
|
33
33
|
/**
|
|
34
34
|
* Anonymizer instance
|
|
35
35
|
* Main class for performing PII anonymization
|
package/dist/browser.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"browser.js","sourceRoot":"","sources":["../src/browser.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,kBAAkB;AAClB,cAAc,kBAAkB,CAAC;AAIjC,OAAO,EACL,eAAe,EACf,kBAAkB,EAClB,qBAAqB,EACrB,cAAc,EACd,iBAAiB,EACjB,eAAe,EACf,eAAe,EACf,cAAc,EACd,kBAAkB,EAClB,oBAAoB,EACpB,mBAAmB,EACnB,aAAa,EACb,wBAAwB,EACxB,sBAAsB,EACtB,0BAA0B,GAC3B,MAAM,wBAAwB,CAAC;AAEhC,2BAA2B;AAC3B,OAAO,EACL,QAAQ,EACR,YAAY,EACZ,cAAc,EACd,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,EACjB,UAAU,EACV,WAAW,EACX,aAAa,EACb,cAAc,EAOd,cAAc,EACd,gBAAgB,EAChB,iBAAiB,EACjB,aAAa,EACb,WAAW,EACX,eAAe,EACf,oBAAoB,GACrB,MAAM,gBAAgB,CAAC;AAExB,gCAAgC;AAChC,OAAO,EACL,YAAY,EACZ,eAAe,EACf,WAAW,EACX,cAAc,EACd,WAAW,EACX,QAAQ,EACR,SAAS,EACT,eAAe,EACf,WAAW,EACX,gBAAgB,EAChB,gBAAgB,EAChB,OAAO,EACP,WAAW;AACX,+BAA+B;AAC/B,uBAAuB,EACvB,wBAAwB,EACxB,uBAAuB,EACvB,gBAAgB,EAChB,oBAAoB,EACpB,kBAAkB,EAClB,sBAAsB,EACtB,gBAAgB,EAChB,iBAAiB,EACjB,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB;AACnB,0BAA0B;AAC1B,YAAY,EACZ,sBAAsB,EACtB,uBAAuB,EACvB,oBAAoB,EACpB,YAAY,EACZ,eAAe,EACf,WAAW,GAMZ,MAAM,qBAAqB,CAAC;AAI7B,OAAO,EACL,aAAa,EACb,aAAa,EACb,WAAW,EACX,SAAS,EACT,YAAY,EACZ,mBAAmB,EACnB,iBAAiB,EACjB,WAAW,EACX,aAAa,EACb,kBAAkB,EAClB,kBAAkB,GACnB,MAAM,mBAAmB,CAAC;AAE3B,wDAAwD;AACxD,OAAO,EACL,kBAAkB,EAClB,MAAM,EACN,SAAS,EACT,oBAAoB,EACpB,kBAAkB,GAEnB,MAAM,UAAU,CAAC;AAElB,kEAAkE;AAClE,OAAO,EAML,0BAA0B,EAC1B,2BAA2B;AAC3B,kEAAkE;AAClE,4DAA4D;EAC7D,MAAM,sBAAsB,CAAC;AAE9B,2BAA2B;AAC3B,OAAO,EACL,IAAI,IAAI,QAAQ,EAChB,OAAO,IAAI,WAAW,EACtB,QAAQ,IAAI,YAAY,EACxB,SAAS,IAAI,aAAa,EAC1B,OAAO,IAAI,WAAW,EACtB,UAAU,IAAI,cAAc,GAC7B,MAAM,iBAAiB,CAAC;AAEzB,oCAAoC;AACpC,OAAO,EACL,UAAU,IAAI,cAAc,EAC5B,SAAS,IAAI,aAAa,EAC1B,kBAAkB,IAAI,sBAAsB,EAC5C,gBAAgB,IAAI,oBAAoB,GAGzC,MAAM,iBAAiB,CAAC;AAEzB,gCAAgC;AAChC,OAAO,EAAE,qBAAqB,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"browser.js","sourceRoot":"","sources":["../src/browser.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,kBAAkB;AAClB,cAAc,kBAAkB,CAAC;AAIjC,OAAO,EACL,eAAe,EACf,kBAAkB,EAClB,qBAAqB,EACrB,cAAc,EACd,iBAAiB,EACjB,eAAe,EACf,eAAe,EACf,cAAc,EACd,kBAAkB,EAClB,oBAAoB,EACpB,mBAAmB,EACnB,aAAa,EACb,wBAAwB,EACxB,sBAAsB,EACtB,0BAA0B,GAC3B,MAAM,wBAAwB,CAAC;AAEhC,2BAA2B;AAC3B,OAAO,EACL,QAAQ,EACR,YAAY,EACZ,cAAc,EACd,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,EACjB,UAAU,EACV,WAAW,EACX,aAAa,EACb,cAAc,EAOd,cAAc,EACd,gBAAgB,EAChB,iBAAiB,EACjB,aAAa,EACb,WAAW,EACX,eAAe,EACf,oBAAoB,GACrB,MAAM,gBAAgB,CAAC;AAExB,gCAAgC;AAChC,OAAO,EACL,YAAY,EACZ,eAAe,EACf,WAAW,EACX,cAAc,EACd,WAAW,EACX,QAAQ,EACR,SAAS,EACT,eAAe,EACf,WAAW,EACX,gBAAgB,EAChB,gBAAgB,EAChB,OAAO,EACP,WAAW;AACX,+BAA+B;AAC/B,uBAAuB,EACvB,wBAAwB,EACxB,uBAAuB,EACvB,gBAAgB,EAChB,oBAAoB,EACpB,kBAAkB,EAClB,sBAAsB,EACtB,gBAAgB,EAChB,iBAAiB,EACjB,sBAAsB,EACtB,mBAAmB,EACnB,mBAAmB;AACnB,0BAA0B;AAC1B,YAAY,EACZ,sBAAsB,EACtB,uBAAuB,EACvB,oBAAoB,EACpB,YAAY,EACZ,eAAe,EACf,WAAW,GAMZ,MAAM,qBAAqB,CAAC;AAI7B,OAAO,EACL,aAAa,EACb,aAAa,EACb,WAAW,EACX,SAAS,EACT,YAAY,EACZ,mBAAmB,EACnB,iBAAiB,EACjB,WAAW,EACX,aAAa,EACb,kBAAkB,EAClB,kBAAkB,GACnB,MAAM,mBAAmB,CAAC;AAE3B,wDAAwD;AACxD,OAAO,EACL,kBAAkB,EAClB,MAAM,EACN,SAAS,EACT,oBAAoB,EACpB,kBAAkB,GAEnB,MAAM,UAAU,CAAC;AAElB,kEAAkE;AAClE,OAAO,EAML,0BAA0B,EAC1B,2BAA2B;AAC3B,kEAAkE;AAClE,4DAA4D;EAC7D,MAAM,sBAAsB,CAAC;AAE9B,2BAA2B;AAC3B,OAAO,EACL,IAAI,IAAI,QAAQ,EAChB,OAAO,IAAI,WAAW,EACtB,QAAQ,IAAI,YAAY,EACxB,SAAS,IAAI,aAAa,EAC1B,OAAO,IAAI,WAAW,EACtB,UAAU,IAAI,cAAc,GAC7B,MAAM,iBAAiB,CAAC;AAEzB,oCAAoC;AACpC,OAAO,EACL,UAAU,IAAI,cAAc,EAC5B,SAAS,IAAI,aAAa,EAC1B,kBAAkB,IAAI,sBAAsB,EAC5C,gBAAgB,IAAI,oBAAoB,GAGzC,MAAM,iBAAiB,CAAC;AAEzB,gCAAgC;AAChC,OAAO,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAKlE;;;GAGG;AACH,MAAM,OAAO,UAAW,SAAQ,cAAc;IAC5C,YAAY,SAA2B,EAAE;QACvC,KAAK,CAAC,MAAM,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,EAAE;YAC5D,OAAO,IAAI,qBAAqB,CAC9B,UAAU,EACV,SAAS,EACT,OAAO,EACP,WAAW,CACZ,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAyB;IACxD,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC;AAED,2CAA2C;AAC3C,MAAM,CAAC,MAAM,SAAS,GAAG,aAAa,CAAC;AACvC,MAAM,CAAC,MAAM,kBAAkB,GAAG,sBAAsB,CAAC;AACzD,MAAM,CAAC,MAAM,gBAAgB,GAAG,oBAAoB,CAAC"}
|
|
@@ -9,5 +9,5 @@ export type { PIIStorageProvider, PIIMapMetadata, StoredPIIMap, ListOptions, Ano
|
|
|
9
9
|
export type { EncryptedPIIMap } from "../types/index.js";
|
|
10
10
|
export { InMemoryPIIStorageProvider } from "./in-memory.js";
|
|
11
11
|
export { IndexedDBPIIStorageProvider } from "./indexeddb.js";
|
|
12
|
-
export { AnonymizerSessionImpl } from "./session.js";
|
|
12
|
+
export { AnonymizerSessionImpl } from "./session-base.js";
|
|
13
13
|
//# sourceMappingURL=browser.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"browser.d.ts","sourceRoot":"","sources":["../../src/storage/browser.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,YAAY,EACV,kBAAkB,EAClB,cAAc,EACd,YAAY,EACZ,WAAW,EACX,iBAAiB,GAClB,MAAM,YAAY,CAAC;AAGpB,YAAY,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAGzD,OAAO,EAAE,0BAA0B,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,2BAA2B,EAAE,MAAM,gBAAgB,CAAC;AAG7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"browser.d.ts","sourceRoot":"","sources":["../../src/storage/browser.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,YAAY,EACV,kBAAkB,EAClB,cAAc,EACd,YAAY,EACZ,WAAW,EACX,iBAAiB,GAClB,MAAM,YAAY,CAAC;AAGpB,YAAY,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAGzD,OAAO,EAAE,0BAA0B,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,2BAA2B,EAAE,MAAM,gBAAgB,CAAC;AAG7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC"}
|
package/dist/storage/browser.js
CHANGED
|
@@ -8,6 +8,6 @@
|
|
|
8
8
|
// Export browser-compatible implementations only
|
|
9
9
|
export { InMemoryPIIStorageProvider } from "./in-memory.js";
|
|
10
10
|
export { IndexedDBPIIStorageProvider } from "./indexeddb.js";
|
|
11
|
-
// Export session implementation
|
|
12
|
-
export { AnonymizerSessionImpl } from "./session.js";
|
|
11
|
+
// Export session implementation (browser-safe, without streaming support)
|
|
12
|
+
export { AnonymizerSessionImpl } from "./session-base.js";
|
|
13
13
|
//# sourceMappingURL=browser.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"browser.js","sourceRoot":"","sources":["../../src/storage/browser.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAcH,iDAAiD;AACjD,OAAO,EAAE,0BAA0B,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,2BAA2B,EAAE,MAAM,gBAAgB,CAAC;AAE7D,
|
|
1
|
+
{"version":3,"file":"browser.js","sourceRoot":"","sources":["../../src/storage/browser.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAcH,iDAAiD;AACjD,OAAO,EAAE,0BAA0B,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,2BAA2B,EAAE,MAAM,gBAAgB,CAAC;AAE7D,0EAA0E;AAC1E,OAAO,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Anonymizer Session Base Implementation
|
|
3
|
+
* Browser-safe session wrapper for automatic PII map storage.
|
|
4
|
+
* Does NOT include createStream() to avoid pulling in node:stream.
|
|
5
|
+
*/
|
|
6
|
+
import type { AnonymizationResult, AnonymizationPolicy } from "../types/index.js";
|
|
7
|
+
import type { KeyProvider } from "../crypto/index.js";
|
|
8
|
+
import type { RawPIIMap } from "../pipeline/tagger.js";
|
|
9
|
+
import type { AnonymizerSession, PIIStorageProvider, StoredPIIMap } from "./types.js";
|
|
10
|
+
/**
|
|
11
|
+
* Interface for the parent Anonymizer (to avoid circular dependency)
|
|
12
|
+
*/
|
|
13
|
+
export interface IAnonymizer {
|
|
14
|
+
anonymize(text: string, locale?: string, policy?: Partial<AnonymizationPolicy>, existingPiiMap?: RawPIIMap): Promise<AnonymizationResult>;
|
|
15
|
+
}
|
|
16
|
+
/**
|
|
17
|
+
* Session implementation that wraps an Anonymizer with automatic storage
|
|
18
|
+
*/
|
|
19
|
+
export declare class AnonymizerSessionImpl implements AnonymizerSession {
|
|
20
|
+
protected readonly anonymizer: IAnonymizer;
|
|
21
|
+
protected readonly storage: PIIStorageProvider;
|
|
22
|
+
protected readonly keyProvider: KeyProvider;
|
|
23
|
+
readonly sessionId: string;
|
|
24
|
+
constructor(anonymizer: IAnonymizer, sessionId: string, storage: PIIStorageProvider, keyProvider: KeyProvider);
|
|
25
|
+
anonymize(text: string, locale?: string, policy?: Partial<AnonymizationPolicy>): Promise<AnonymizationResult>;
|
|
26
|
+
rehydrate(text: string): Promise<string>;
|
|
27
|
+
load(): Promise<StoredPIIMap | null>;
|
|
28
|
+
delete(): Promise<boolean>;
|
|
29
|
+
exists(): Promise<boolean>;
|
|
30
|
+
}
|
|
31
|
+
//# sourceMappingURL=session-base.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"session-base.d.ts","sourceRoot":"","sources":["../../src/storage/session-base.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EACV,mBAAmB,EACnB,mBAAmB,EACpB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAGtD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,KAAK,EACV,iBAAiB,EACjB,kBAAkB,EAClB,YAAY,EACb,MAAM,YAAY,CAAC;AAEpB;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,SAAS,CACP,IAAI,EAAE,MAAM,EACZ,MAAM,CAAC,EAAE,MAAM,EACf,MAAM,CAAC,EAAE,OAAO,CAAC,mBAAmB,CAAC,EACrC,cAAc,CAAC,EAAE,SAAS,GACzB,OAAO,CAAC,mBAAmB,CAAC,CAAC;CACjC;AAED;;GAEG;AACH,qBAAa,qBAAsB,YAAW,iBAAiB;IAI3D,SAAS,CAAC,QAAQ,CAAC,UAAU,EAAE,WAAW;IAE1C,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,kBAAkB;IAC9C,SAAS,CAAC,QAAQ,CAAC,WAAW,EAAE,WAAW;IAN7C,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;gBAGN,UAAU,EAAE,WAAW,EAC1C,SAAS,EAAE,MAAM,EACE,OAAO,EAAE,kBAAkB,EAC3B,WAAW,EAAE,WAAW;IAKvC,SAAS,CACb,IAAI,EAAE,MAAM,EACZ,MAAM,CAAC,EAAE,MAAM,EACf,MAAM,CAAC,EAAE,OAAO,CAAC,mBAAmB,CAAC,GACpC,OAAO,CAAC,mBAAmB,CAAC;IAuFzB,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAkBxC,IAAI,IAAI,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC;IAIpC,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC;IAI1B,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC;CAGjC"}
|
|
@@ -0,0 +1,112 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Anonymizer Session Base Implementation
|
|
3
|
+
* Browser-safe session wrapper for automatic PII map storage.
|
|
4
|
+
* Does NOT include createStream() to avoid pulling in node:stream.
|
|
5
|
+
*/
|
|
6
|
+
import { decryptPIIMap, encryptPIIMap } from "../crypto/index.js";
|
|
7
|
+
import { rehydrate as rehydrateText } from "../pipeline/tagger.js";
|
|
8
|
+
/**
|
|
9
|
+
* Session implementation that wraps an Anonymizer with automatic storage
|
|
10
|
+
*/
|
|
11
|
+
export class AnonymizerSessionImpl {
|
|
12
|
+
anonymizer;
|
|
13
|
+
storage;
|
|
14
|
+
keyProvider;
|
|
15
|
+
sessionId;
|
|
16
|
+
constructor(anonymizer, sessionId, storage, keyProvider) {
|
|
17
|
+
this.anonymizer = anonymizer;
|
|
18
|
+
this.storage = storage;
|
|
19
|
+
this.keyProvider = keyProvider;
|
|
20
|
+
this.sessionId = sessionId;
|
|
21
|
+
}
|
|
22
|
+
async anonymize(text, locale, policy) {
|
|
23
|
+
// Get the encryption key
|
|
24
|
+
const key = await this.keyProvider.getKey();
|
|
25
|
+
// Load existing PII map for ID reuse (before calling anonymizer)
|
|
26
|
+
const existing = await this.storage.load(this.sessionId);
|
|
27
|
+
let existingPiiMap;
|
|
28
|
+
let createdAt;
|
|
29
|
+
let existingEntityCounts;
|
|
30
|
+
if (existing !== null) {
|
|
31
|
+
try {
|
|
32
|
+
existingPiiMap = await decryptPIIMap(existing.piiMap, key);
|
|
33
|
+
createdAt = existing.metadata.createdAt;
|
|
34
|
+
existingEntityCounts = existing.metadata.entityCounts;
|
|
35
|
+
}
|
|
36
|
+
catch (error) {
|
|
37
|
+
// Decryption failed - likely key mismatch
|
|
38
|
+
const isKeyMismatch = error instanceof Error &&
|
|
39
|
+
(error.name === "OperationError" ||
|
|
40
|
+
error.message.includes("decrypt"));
|
|
41
|
+
if (isKeyMismatch) {
|
|
42
|
+
throw new Error(`Failed to decrypt existing session data for "${this.sessionId}". ` +
|
|
43
|
+
`The encryption key may have changed since this session was created.\n\n` +
|
|
44
|
+
`To fix this, either:\n` +
|
|
45
|
+
` 1. Use the same key that was used to create the session\n` +
|
|
46
|
+
` 2. Delete the old session: await session.delete()\n` +
|
|
47
|
+
` 3. Use a persistent key provider (e.g., ConfigKeyProvider)`);
|
|
48
|
+
}
|
|
49
|
+
throw error;
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
else {
|
|
53
|
+
existingPiiMap = undefined;
|
|
54
|
+
createdAt = Date.now();
|
|
55
|
+
existingEntityCounts = {};
|
|
56
|
+
}
|
|
57
|
+
// Call the parent anonymizer with existing PII map for ID reuse
|
|
58
|
+
const result = await this.anonymizer.anonymize(text, locale, policy, existingPiiMap);
|
|
59
|
+
// Sessions require a PII map (only available in pseudonymize mode)
|
|
60
|
+
if (result.piiMap === undefined) {
|
|
61
|
+
throw new Error("Session anonymize() failed: no PII map returned.\n\n" +
|
|
62
|
+
"This can happen if the anonymizer is in 'anonymize' mode.\n" +
|
|
63
|
+
"Sessions require 'pseudonymize' mode for PII map storage.");
|
|
64
|
+
}
|
|
65
|
+
// Decrypt the new PII map
|
|
66
|
+
const newPiiMap = await decryptPIIMap(result.piiMap, key);
|
|
67
|
+
// Merge maps: start with existing (if any), add new entries
|
|
68
|
+
const mergedPiiMap = existingPiiMap
|
|
69
|
+
? new Map(existingPiiMap)
|
|
70
|
+
: new Map();
|
|
71
|
+
for (const [k, v] of newPiiMap) {
|
|
72
|
+
mergedPiiMap.set(k, v);
|
|
73
|
+
}
|
|
74
|
+
// Merge entity counts
|
|
75
|
+
const mergedEntityCounts = { ...existingEntityCounts };
|
|
76
|
+
for (const [type, count] of Object.entries(result.stats.countsByType)) {
|
|
77
|
+
mergedEntityCounts[type] = (mergedEntityCounts[type] ?? 0) + count;
|
|
78
|
+
}
|
|
79
|
+
// Re-encrypt the merged PII map
|
|
80
|
+
const encryptedMergedMap = await encryptPIIMap(mergedPiiMap, key);
|
|
81
|
+
// Save the merged PII map to storage
|
|
82
|
+
await this.storage.save(this.sessionId, encryptedMergedMap, {
|
|
83
|
+
createdAt,
|
|
84
|
+
entityCounts: mergedEntityCounts,
|
|
85
|
+
modelVersion: result.stats.modelVersion,
|
|
86
|
+
});
|
|
87
|
+
return result;
|
|
88
|
+
}
|
|
89
|
+
async rehydrate(text) {
|
|
90
|
+
// Load from storage
|
|
91
|
+
const stored = await this.storage.load(this.sessionId);
|
|
92
|
+
if (stored === null) {
|
|
93
|
+
throw new Error(`No PII map found for session: ${this.sessionId}. ` +
|
|
94
|
+
`Make sure to call anonymize() before rehydrate().`);
|
|
95
|
+
}
|
|
96
|
+
// Decrypt the PII map
|
|
97
|
+
const key = await this.keyProvider.getKey();
|
|
98
|
+
const piiMap = await decryptPIIMap(stored.piiMap, key);
|
|
99
|
+
// Rehydrate the text
|
|
100
|
+
return rehydrateText(text, piiMap);
|
|
101
|
+
}
|
|
102
|
+
async load() {
|
|
103
|
+
return this.storage.load(this.sessionId);
|
|
104
|
+
}
|
|
105
|
+
async delete() {
|
|
106
|
+
return this.storage.delete(this.sessionId);
|
|
107
|
+
}
|
|
108
|
+
async exists() {
|
|
109
|
+
return this.storage.exists(this.sessionId);
|
|
110
|
+
}
|
|
111
|
+
}
|
|
112
|
+
//# sourceMappingURL=session-base.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"session-base.js","sourceRoot":"","sources":["../../src/storage/session-base.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAOH,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAClE,OAAO,EAAE,SAAS,IAAI,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAoBnE;;GAEG;AACH,MAAM,OAAO,qBAAqB;IAIX;IAEA;IACA;IANZ,SAAS,CAAS;IAE3B,YACqB,UAAuB,EAC1C,SAAiB,EACE,OAA2B,EAC3B,WAAwB;QAHxB,eAAU,GAAV,UAAU,CAAa;QAEvB,YAAO,GAAP,OAAO,CAAoB;QAC3B,gBAAW,GAAX,WAAW,CAAa;QAE3C,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,SAAS,CACb,IAAY,EACZ,MAAe,EACf,MAAqC;QAErC,yBAAyB;QACzB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;QAE5C,iEAAiE;QACjE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACzD,IAAI,cAAqC,CAAC;QAC1C,IAAI,SAAiB,CAAC;QACtB,IAAI,oBAA4C,CAAC;QAEjD,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;YACtB,IAAI,CAAC;gBACH,cAAc,GAAG,MAAM,aAAa,CAAC,QAAQ,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;gBAC3D,SAAS,GAAG,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;gBACxC,oBAAoB,GAAG,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC;YACxD,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,0CAA0C;gBAC1C,MAAM,aAAa,GACjB,KAAK,YAAY,KAAK;oBACtB,CAAC,KAAK,CAAC,IAAI,KAAK,gBAAgB;wBAC9B,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;gBAEvC,IAAI,aAAa,EAAE,CAAC;oBAClB,MAAM,IAAI,KAAK,CACb,gDAAgD,IAAI,CAAC,SAAS,KAAK;wBACjE,yEAAyE;wBACzE,wBAAwB;wBACxB,6DAA6D;wBAC7D,uDAAuD;wBACvD,8DAA8D,CACjE,CAAC;gBACJ,CAAC;gBACD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC;aAAM,CAAC;YACN,cAAc,GAAG,SAAS,CAAC;YAC3B,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,oBAAoB,GAAG,EAAE,CAAC;QAC5B,CAAC;QAED,gEAAgE;QAChE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAC5C,IAAI,EACJ,MAAM,EACN,MAAM,EACN,cAAc,CACf,CAAC;QAEF,mEAAmE;QACnE,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CACb,sDAAsD;gBACpD,6DAA6D;gBAC7D,2DAA2D,CAC9D,CAAC;QACJ,CAAC;QAED,0BAA0B;QAC1B,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAE1D,4DAA4D;QAC5D,MAAM,YAAY,GAAc,cAAc;YAC5C,CAAC,CAAC,IAAI,GAAG,CAAiB,cAAc,CAAC;YACzC,CAAC,CAAC,IAAI,GAAG,EAAkB,CAAC;QAC9B,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,SAAS,EAAE,CAAC;YAC/B,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACzB,CAAC;QAED,sBAAsB;QACtB,MAAM,kBAAkB,GAAG,EAAE,GAAG,oBAAoB,EAAE,CAAC;QACvD,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,EAAE,CAAC;YACtE,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,KAAK,CAAC;QACrE,CAAC;QAED,gCAAgC;QAChC,MAAM,kBAAkB,GAAG,MAAM,aAAa,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;QAElE,qCAAqC;QACrC,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,kBAAkB,EAAE;YAC1D,SAAS;YACT,YAAY,EAAE,kBAAkB;YAChC,YAAY,EAAE,MAAM,CAAC,KAAK,CAAC,YAAY;SACxC,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,IAAY;QAC1B,oBAAoB;QACpB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACvD,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CACb,iCAAiC,IAAI,CAAC,SAAS,IAAI;gBACjD,mDAAmD,CACtD,CAAC;QACJ,CAAC;QAED,sBAAsB;QACtB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;QAC5C,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAEvD,qBAAqB;QACrB,OAAO,aAAa,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,IAAI;QACR,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC3C,CAAC;IAED,KAAK,CAAC,MAAM;QACV,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC7C,CAAC;IAED,KAAK,CAAC,MAAM;QACV,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC7C,CAAC;CACF"}
|
|
@@ -1,33 +1,19 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* Anonymizer Session Implementation
|
|
3
|
-
*
|
|
2
|
+
* Anonymizer Session Implementation (Node.js)
|
|
3
|
+
* Extends the base session with streaming support (requires node:stream).
|
|
4
4
|
*/
|
|
5
|
-
|
|
5
|
+
export { type IAnonymizer } from "./session-base.js";
|
|
6
|
+
import { AnonymizerSessionImpl as BaseSessionImpl } from "./session-base.js";
|
|
6
7
|
import type { KeyProvider } from "../crypto/index.js";
|
|
7
|
-
import type {
|
|
8
|
-
import
|
|
9
|
-
import type { AnonymizerStream } from "../streaming/anonymizer-stream.js";
|
|
8
|
+
import type { PIIStorageProvider } from "./types.js";
|
|
9
|
+
import { AnonymizerStream } from "../streaming/anonymizer-stream.js";
|
|
10
10
|
import type { StreamConfig } from "../streaming/types.js";
|
|
11
|
+
import type { IAnonymizer } from "./session-base.js";
|
|
11
12
|
/**
|
|
12
|
-
*
|
|
13
|
+
* Node.js session implementation with streaming support
|
|
13
14
|
*/
|
|
14
|
-
export
|
|
15
|
-
anonymize(text: string, locale?: string, policy?: Partial<AnonymizationPolicy>, existingPiiMap?: RawPIIMap): Promise<AnonymizationResult>;
|
|
16
|
-
}
|
|
17
|
-
/**
|
|
18
|
-
* Session implementation that wraps an Anonymizer with automatic storage
|
|
19
|
-
*/
|
|
20
|
-
export declare class AnonymizerSessionImpl implements AnonymizerSession {
|
|
21
|
-
private readonly anonymizer;
|
|
22
|
-
private readonly storage;
|
|
23
|
-
private readonly keyProvider;
|
|
24
|
-
readonly sessionId: string;
|
|
15
|
+
export declare class AnonymizerSessionImpl extends BaseSessionImpl {
|
|
25
16
|
constructor(anonymizer: IAnonymizer, sessionId: string, storage: PIIStorageProvider, keyProvider: KeyProvider);
|
|
26
|
-
anonymize(text: string, locale?: string, policy?: Partial<AnonymizationPolicy>): Promise<AnonymizationResult>;
|
|
27
|
-
rehydrate(text: string): Promise<string>;
|
|
28
|
-
load(): Promise<StoredPIIMap | null>;
|
|
29
|
-
delete(): Promise<boolean>;
|
|
30
|
-
exists(): Promise<boolean>;
|
|
31
17
|
createStream(config?: Partial<StreamConfig>): Promise<AnonymizerStream>;
|
|
32
18
|
}
|
|
33
19
|
//# sourceMappingURL=session.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../src/storage/session.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,
|
|
1
|
+
{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../src/storage/session.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,qBAAqB,IAAI,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAC7E,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAGtD,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AACrE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAErD;;GAEG;AACH,qBAAa,qBAAsB,SAAQ,eAAe;gBAEtD,UAAU,EAAE,WAAW,EACvB,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,kBAAkB,EAC3B,WAAW,EAAE,WAAW;IAKpB,YAAY,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,GAAG,OAAO,CAAC,gBAAgB,CAAC;CAoB9E"}
|
package/dist/storage/session.js
CHANGED
|
@@ -1,115 +1,18 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* Anonymizer Session Implementation
|
|
3
|
-
*
|
|
2
|
+
* Anonymizer Session Implementation (Node.js)
|
|
3
|
+
* Extends the base session with streaming support (requires node:stream).
|
|
4
4
|
*/
|
|
5
|
-
import {
|
|
6
|
-
import {
|
|
5
|
+
import { AnonymizerSessionImpl as BaseSessionImpl } from "./session-base.js";
|
|
6
|
+
import { decryptPIIMap } from "../crypto/index.js";
|
|
7
|
+
import { AnonymizerStream } from "../streaming/anonymizer-stream.js";
|
|
7
8
|
/**
|
|
8
|
-
*
|
|
9
|
+
* Node.js session implementation with streaming support
|
|
9
10
|
*/
|
|
10
|
-
export class AnonymizerSessionImpl {
|
|
11
|
-
anonymizer;
|
|
12
|
-
storage;
|
|
13
|
-
keyProvider;
|
|
14
|
-
sessionId;
|
|
11
|
+
export class AnonymizerSessionImpl extends BaseSessionImpl {
|
|
15
12
|
constructor(anonymizer, sessionId, storage, keyProvider) {
|
|
16
|
-
|
|
17
|
-
this.storage = storage;
|
|
18
|
-
this.keyProvider = keyProvider;
|
|
19
|
-
this.sessionId = sessionId;
|
|
20
|
-
}
|
|
21
|
-
async anonymize(text, locale, policy) {
|
|
22
|
-
// Get the encryption key
|
|
23
|
-
const key = await this.keyProvider.getKey();
|
|
24
|
-
// Load existing PII map for ID reuse (before calling anonymizer)
|
|
25
|
-
const existing = await this.storage.load(this.sessionId);
|
|
26
|
-
let existingPiiMap;
|
|
27
|
-
let createdAt;
|
|
28
|
-
let existingEntityCounts;
|
|
29
|
-
if (existing !== null) {
|
|
30
|
-
try {
|
|
31
|
-
existingPiiMap = await decryptPIIMap(existing.piiMap, key);
|
|
32
|
-
createdAt = existing.metadata.createdAt;
|
|
33
|
-
existingEntityCounts = existing.metadata.entityCounts;
|
|
34
|
-
}
|
|
35
|
-
catch (error) {
|
|
36
|
-
// Decryption failed - likely key mismatch
|
|
37
|
-
const isKeyMismatch = error instanceof Error &&
|
|
38
|
-
(error.name === "OperationError" ||
|
|
39
|
-
error.message.includes("decrypt"));
|
|
40
|
-
if (isKeyMismatch) {
|
|
41
|
-
throw new Error(`Failed to decrypt existing session data for "${this.sessionId}". ` +
|
|
42
|
-
`The encryption key may have changed since this session was created.\n\n` +
|
|
43
|
-
`To fix this, either:\n` +
|
|
44
|
-
` 1. Use the same key that was used to create the session\n` +
|
|
45
|
-
` 2. Delete the old session: await session.delete()\n` +
|
|
46
|
-
` 3. Use a persistent key provider (e.g., ConfigKeyProvider)`);
|
|
47
|
-
}
|
|
48
|
-
throw error;
|
|
49
|
-
}
|
|
50
|
-
}
|
|
51
|
-
else {
|
|
52
|
-
existingPiiMap = undefined;
|
|
53
|
-
createdAt = Date.now();
|
|
54
|
-
existingEntityCounts = {};
|
|
55
|
-
}
|
|
56
|
-
// Call the parent anonymizer with existing PII map for ID reuse
|
|
57
|
-
const result = await this.anonymizer.anonymize(text, locale, policy, existingPiiMap);
|
|
58
|
-
// Sessions require a PII map (only available in pseudonymize mode)
|
|
59
|
-
if (result.piiMap === undefined) {
|
|
60
|
-
throw new Error("Session anonymize() failed: no PII map returned.\n\n" +
|
|
61
|
-
"This can happen if the anonymizer is in 'anonymize' mode.\n" +
|
|
62
|
-
"Sessions require 'pseudonymize' mode for PII map storage.");
|
|
63
|
-
}
|
|
64
|
-
// Decrypt the new PII map
|
|
65
|
-
const newPiiMap = await decryptPIIMap(result.piiMap, key);
|
|
66
|
-
// Merge maps: start with existing (if any), add new entries
|
|
67
|
-
const mergedPiiMap = existingPiiMap
|
|
68
|
-
? new Map(existingPiiMap)
|
|
69
|
-
: new Map();
|
|
70
|
-
for (const [k, v] of newPiiMap) {
|
|
71
|
-
mergedPiiMap.set(k, v);
|
|
72
|
-
}
|
|
73
|
-
// Merge entity counts
|
|
74
|
-
const mergedEntityCounts = { ...existingEntityCounts };
|
|
75
|
-
for (const [type, count] of Object.entries(result.stats.countsByType)) {
|
|
76
|
-
mergedEntityCounts[type] = (mergedEntityCounts[type] ?? 0) + count;
|
|
77
|
-
}
|
|
78
|
-
// Re-encrypt the merged PII map
|
|
79
|
-
const encryptedMergedMap = await encryptPIIMap(mergedPiiMap, key);
|
|
80
|
-
// Save the merged PII map to storage
|
|
81
|
-
await this.storage.save(this.sessionId, encryptedMergedMap, {
|
|
82
|
-
createdAt,
|
|
83
|
-
entityCounts: mergedEntityCounts,
|
|
84
|
-
modelVersion: result.stats.modelVersion,
|
|
85
|
-
});
|
|
86
|
-
return result;
|
|
87
|
-
}
|
|
88
|
-
async rehydrate(text) {
|
|
89
|
-
// Load from storage
|
|
90
|
-
const stored = await this.storage.load(this.sessionId);
|
|
91
|
-
if (stored === null) {
|
|
92
|
-
throw new Error(`No PII map found for session: ${this.sessionId}. ` +
|
|
93
|
-
`Make sure to call anonymize() before rehydrate().`);
|
|
94
|
-
}
|
|
95
|
-
// Decrypt the PII map
|
|
96
|
-
const key = await this.keyProvider.getKey();
|
|
97
|
-
const piiMap = await decryptPIIMap(stored.piiMap, key);
|
|
98
|
-
// Rehydrate the text
|
|
99
|
-
return rehydrateText(text, piiMap);
|
|
100
|
-
}
|
|
101
|
-
async load() {
|
|
102
|
-
return this.storage.load(this.sessionId);
|
|
103
|
-
}
|
|
104
|
-
async delete() {
|
|
105
|
-
return this.storage.delete(this.sessionId);
|
|
106
|
-
}
|
|
107
|
-
async exists() {
|
|
108
|
-
return this.storage.exists(this.sessionId);
|
|
13
|
+
super(anonymizer, sessionId, storage, keyProvider);
|
|
109
14
|
}
|
|
110
15
|
async createStream(config) {
|
|
111
|
-
// Dynamic import to avoid pulling node:stream into browser bundles
|
|
112
|
-
const { AnonymizerStream } = await import("../streaming/anonymizer-stream.js");
|
|
113
16
|
// Load existing PII map to seed the stream for ID continuity
|
|
114
17
|
let initialPiiMap;
|
|
115
18
|
const existing = await this.storage.load(this.sessionId);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/storage/session.ts"],"names":[],"mappings":"AAAA;;;GAGG;
|
|
1
|
+
{"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/storage/session.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,qBAAqB,IAAI,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAE7E,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAGnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AAIrE;;GAEG;AACH,MAAM,OAAO,qBAAsB,SAAQ,eAAe;IACxD,YACE,UAAuB,EACvB,SAAiB,EACjB,OAA2B,EAC3B,WAAwB;QAExB,KAAK,CAAC,UAAU,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;IACrD,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,MAA8B;QAC/C,6DAA6D;QAC7D,IAAI,aAAoC,CAAC;QACzC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACzD,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;YACtB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;YAC5C,aAAa,GAAG,MAAM,aAAa,CAAC,QAAQ,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC5D,CAAC;QAED,OAAO,IAAI,gBAAgB,CACzB,IAAI,CAAC,UAAU,EACf;YACE,GAAG,MAAM;YACT,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,kBAAkB,EAAE,IAAI,CAAC,OAAO;YAChC,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B,EACD,aAAa,CACd,CAAC;IACJ,CAAC;CACF"}
|