rimelight-components 2.1.37 → 2.1.38

package/dist/module.d.mts

@@ -25,6 +25,15 @@ interface ModuleOptions {
 declare const _default: _nuxt_schema.NuxtModule<ModuleOptions, {
     enabled: boolean;
     prefix: string;
+    auth: {
+        restrictedUsernames: string[];
+        adminEmailDomain: string | null;
+        session: {
+            expiresIn: number;
+            updateAge: number;
+            freshAge: number;
+        };
+    };
     callouts: {
         info: {
             icon: string;

package/dist/module.d.ts

@@ -25,6 +25,15 @@ interface ModuleOptions {
 declare const _default: _nuxt_schema.NuxtModule<ModuleOptions, {
     enabled: boolean;
     prefix: string;
+    auth: {
+        restrictedUsernames: string[];
+        adminEmailDomain: string | null;
+        session: {
+            expiresIn: number;
+            updateAge: number;
+            freshAge: number;
+        };
+    };
     callouts: {
         info: {
             icon: string;

package/dist/module.json

@@ -1,6 +1,6 @@
 {
   "name": "rimelight-components",
-  "version": "2.1.37",
+  "version": "2.1.38",
   "docs": "https://rimelight.com/tools/rimelight-components",
   "configKey": "rimelightComponents",
   "compatibility": {

package/dist/module.mjs

@@ -4,12 +4,24 @@ import { readdirSync } from 'node:fs';
 import { basename } from 'node:path';
 
 const name = "rimelight-components";
-const version = "2.1.37";
+const version = "2.1.38";
 const homepage = "https://rimelight.com/tools/rimelight-components";
 
 const defaultOptions = {
   enabled: true,
   prefix: "RC",
+  auth: {
+    restrictedUsernames: [],
+    adminEmailDomain: null,
+    session: {
+      expiresIn: 60 * 60 * 24 * 7,
+      // 7 days
+      updateAge: 60 * 60 * 24,
+      // 1 day
+      freshAge: 60 * 15
+      // 15 minutes
+    }
+  },
   callouts: {
     info: {
       icon: "lucide:shield-alert",
@@ -190,6 +202,8 @@ const module$1 = defineNuxtModule().with({
     nuxt.options.alias["rimelight-components/composables"] = resolve("./runtime/composables");
     nuxt.options.alias["rimelight-components/types"] = resolve("./runtime/types");
     nuxt.options.alias["rimelight-components/utils"] = resolve("./runtime/utils");
+    nuxt.options.alias["rimelight-components/auth"] = resolve("./runtime/auth");
+    nuxt.options.alias["rimelight-components/db"] = resolve("./runtime/db");
     addComponentsDir({
       path: resolve("./runtime/components/"),
       pathPrefix: false,

package/dist/runtime/auth/index.d.ts

@@ -0,0 +1,3 @@
+export * from "./permissions.js";
+export * from "./restricted-usernames.js";
+export * from "./utils.js";

package/dist/runtime/auth/index.js

@@ -0,0 +1,3 @@
+export * from "./permissions.js";
+export * from "./restricted-usernames.js";
+export * from "./utils.js";

package/dist/runtime/auth/index.mjs

@@ -0,0 +1,3 @@
+export * from "./permissions.mjs";
+export * from "./restricted-usernames.mjs";
+export * from "./utils.mjs";

package/dist/runtime/auth/permissions.d.ts

@@ -0,0 +1,201 @@
+export declare const statement: {
+    readonly admin: readonly ["access"];
+    readonly organization: readonly ["create", "update", "delete"];
+    readonly team: readonly ["create", "update", "delete"];
+    readonly project: readonly ["create", "share", "update", "delete"];
+    readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+    readonly member: readonly ["create", "update", "delete"];
+    readonly invitation: readonly ["create", "cancel"];
+    readonly ac: readonly ["create", "read", "update", "delete"];
+};
+export declare const ac: {
+    newRole<K extends "admin" | "organization" | "team" | "project" | "blogPost" | "member" | "invitation" | "ac">(statements: import("better-auth/plugins").Subset<K, {
+        readonly admin: readonly ["access"];
+        readonly organization: readonly ["create", "update", "delete"];
+        readonly team: readonly ["create", "update", "delete"];
+        readonly project: readonly ["create", "share", "update", "delete"];
+        readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+        readonly member: readonly ["create", "update", "delete"];
+        readonly invitation: readonly ["create", "cancel"];
+        readonly ac: readonly ["create", "read", "update", "delete"];
+    }>): {
+        authorize<K_1 extends K>(request: K_1 extends infer T extends K_2 ? { [key in T]?: import("better-auth/plugins").Subset<K, {
+            readonly admin: readonly ["access"];
+            readonly organization: readonly ["create", "update", "delete"];
+            readonly team: readonly ["create", "update", "delete"];
+            readonly project: readonly ["create", "share", "update", "delete"];
+            readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+            readonly member: readonly ["create", "update", "delete"];
+            readonly invitation: readonly ["create", "cancel"];
+            readonly ac: readonly ["create", "read", "update", "delete"];
+        }>[key] | {
+            actions: import("better-auth/plugins").Subset<K, {
+                readonly admin: readonly ["access"];
+                readonly organization: readonly ["create", "update", "delete"];
+                readonly team: readonly ["create", "update", "delete"];
+                readonly project: readonly ["create", "share", "update", "delete"];
+                readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+                readonly member: readonly ["create", "update", "delete"];
+                readonly invitation: readonly ["create", "cancel"];
+                readonly ac: readonly ["create", "read", "update", "delete"];
+            }>[key];
+            connector: "OR" | "AND";
+        } | undefined; } : never, connector?: "OR" | "AND"): import("better-auth/plugins").AuthorizeResponse;
+        statements: import("better-auth/plugins").Subset<K, {
+            readonly admin: readonly ["access"];
+            readonly organization: readonly ["create", "update", "delete"];
+            readonly team: readonly ["create", "update", "delete"];
+            readonly project: readonly ["create", "share", "update", "delete"];
+            readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+            readonly member: readonly ["create", "update", "delete"];
+            readonly invitation: readonly ["create", "cancel"];
+            readonly ac: readonly ["create", "read", "update", "delete"];
+        }>;
+    };
+    statements: {
+        readonly admin: readonly ["access"];
+        readonly organization: readonly ["create", "update", "delete"];
+        readonly team: readonly ["create", "update", "delete"];
+        readonly project: readonly ["create", "share", "update", "delete"];
+        readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+        readonly member: readonly ["create", "update", "delete"];
+        readonly invitation: readonly ["create", "cancel"];
+        readonly ac: readonly ["create", "read", "update", "delete"];
+    };
+};
+export declare const owner: {
+    authorize<K_1 extends "organization" | "team" | "project" | "blogPost" | "member" | "invitation" | "ac">(request: K_1 extends infer T extends K ? { [key in T]?: import("better-auth/plugins").Subset<"organization" | "team" | "project" | "blogPost" | "member" | "invitation" | "ac", {
+        readonly admin: readonly ["access"];
+        readonly organization: readonly ["create", "update", "delete"];
+        readonly team: readonly ["create", "update", "delete"];
+        readonly project: readonly ["create", "share", "update", "delete"];
+        readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+        readonly member: readonly ["create", "update", "delete"];
+        readonly invitation: readonly ["create", "cancel"];
+        readonly ac: readonly ["create", "read", "update", "delete"];
+    }>[key] | {
+        actions: import("better-auth/plugins").Subset<"organization" | "team" | "project" | "blogPost" | "member" | "invitation" | "ac", {
+            readonly admin: readonly ["access"];
+            readonly organization: readonly ["create", "update", "delete"];
+            readonly team: readonly ["create", "update", "delete"];
+            readonly project: readonly ["create", "share", "update", "delete"];
+            readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+            readonly member: readonly ["create", "update", "delete"];
+            readonly invitation: readonly ["create", "cancel"];
+            readonly ac: readonly ["create", "read", "update", "delete"];
+        }>[key];
+        connector: "OR" | "AND";
+    } | undefined; } : never, connector?: "OR" | "AND"): import("better-auth/plugins").AuthorizeResponse;
+    statements: import("better-auth/plugins").Subset<"organization" | "team" | "project" | "blogPost" | "member" | "invitation" | "ac", {
+        readonly admin: readonly ["access"];
+        readonly organization: readonly ["create", "update", "delete"];
+        readonly team: readonly ["create", "update", "delete"];
+        readonly project: readonly ["create", "share", "update", "delete"];
+        readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+        readonly member: readonly ["create", "update", "delete"];
+        readonly invitation: readonly ["create", "cancel"];
+        readonly ac: readonly ["create", "read", "update", "delete"];
+    }>;
+};
+export declare const admin: {
+    authorize<K_1 extends "admin" | "organization" | "team" | "project" | "member" | "invitation" | "ac">(request: K_1 extends infer T extends K ? { [key in T]?: import("better-auth/plugins").Subset<"admin" | "organization" | "team" | "project" | "member" | "invitation" | "ac", {
+        readonly admin: readonly ["access"];
+        readonly organization: readonly ["create", "update", "delete"];
+        readonly team: readonly ["create", "update", "delete"];
+        readonly project: readonly ["create", "share", "update", "delete"];
+        readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+        readonly member: readonly ["create", "update", "delete"];
+        readonly invitation: readonly ["create", "cancel"];
+        readonly ac: readonly ["create", "read", "update", "delete"];
+    }>[key] | {
+        actions: import("better-auth/plugins").Subset<"admin" | "organization" | "team" | "project" | "member" | "invitation" | "ac", {
+            readonly admin: readonly ["access"];
+            readonly organization: readonly ["create", "update", "delete"];
+            readonly team: readonly ["create", "update", "delete"];
+            readonly project: readonly ["create", "share", "update", "delete"];
+            readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+            readonly member: readonly ["create", "update", "delete"];
+            readonly invitation: readonly ["create", "cancel"];
+            readonly ac: readonly ["create", "read", "update", "delete"];
+        }>[key];
+        connector: "OR" | "AND";
+    } | undefined; } : never, connector?: "OR" | "AND"): import("better-auth/plugins").AuthorizeResponse;
+    statements: import("better-auth/plugins").Subset<"admin" | "organization" | "team" | "project" | "member" | "invitation" | "ac", {
+        readonly admin: readonly ["access"];
+        readonly organization: readonly ["create", "update", "delete"];
+        readonly team: readonly ["create", "update", "delete"];
+        readonly project: readonly ["create", "share", "update", "delete"];
+        readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+        readonly member: readonly ["create", "update", "delete"];
+        readonly invitation: readonly ["create", "cancel"];
+        readonly ac: readonly ["create", "read", "update", "delete"];
+    }>;
+};
+export declare const member: {
+    authorize<K_1 extends "project">(request: K_1 extends infer T extends K ? { [key in T]?: import("better-auth/plugins").Subset<"project", {
+        readonly admin: readonly ["access"];
+        readonly organization: readonly ["create", "update", "delete"];
+        readonly team: readonly ["create", "update", "delete"];
+        readonly project: readonly ["create", "share", "update", "delete"];
+        readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+        readonly member: readonly ["create", "update", "delete"];
+        readonly invitation: readonly ["create", "cancel"];
+        readonly ac: readonly ["create", "read", "update", "delete"];
+    }>[key] | {
+        actions: import("better-auth/plugins").Subset<"project", {
+            readonly admin: readonly ["access"];
+            readonly organization: readonly ["create", "update", "delete"];
+            readonly team: readonly ["create", "update", "delete"];
+            readonly project: readonly ["create", "share", "update", "delete"];
+            readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+            readonly member: readonly ["create", "update", "delete"];
+            readonly invitation: readonly ["create", "cancel"];
+            readonly ac: readonly ["create", "read", "update", "delete"];
+        }>[key];
+        connector: "OR" | "AND";
+    } | undefined; } : never, connector?: "OR" | "AND"): import("better-auth/plugins").AuthorizeResponse;
+    statements: import("better-auth/plugins").Subset<"project", {
+        readonly admin: readonly ["access"];
+        readonly organization: readonly ["create", "update", "delete"];
+        readonly team: readonly ["create", "update", "delete"];
+        readonly project: readonly ["create", "share", "update", "delete"];
+        readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+        readonly member: readonly ["create", "update", "delete"];
+        readonly invitation: readonly ["create", "cancel"];
+        readonly ac: readonly ["create", "read", "update", "delete"];
+    }>;
+};
+export declare const user: {
+    authorize<K_1 extends "project">(request: K_1 extends infer T extends K ? { [key in T]?: import("better-auth/plugins").Subset<"project", {
+        readonly admin: readonly ["access"];
+        readonly organization: readonly ["create", "update", "delete"];
+        readonly team: readonly ["create", "update", "delete"];
+        readonly project: readonly ["create", "share", "update", "delete"];
+        readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+        readonly member: readonly ["create", "update", "delete"];
+        readonly invitation: readonly ["create", "cancel"];
+        readonly ac: readonly ["create", "read", "update", "delete"];
+    }>[key] | {
+        actions: import("better-auth/plugins").Subset<"project", {
+            readonly admin: readonly ["access"];
+            readonly organization: readonly ["create", "update", "delete"];
+            readonly team: readonly ["create", "update", "delete"];
+            readonly project: readonly ["create", "share", "update", "delete"];
+            readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+            readonly member: readonly ["create", "update", "delete"];
+            readonly invitation: readonly ["create", "cancel"];
+            readonly ac: readonly ["create", "read", "update", "delete"];
+        }>[key];
+        connector: "OR" | "AND";
+    } | undefined; } : never, connector?: "OR" | "AND"): import("better-auth/plugins").AuthorizeResponse;
+    statements: import("better-auth/plugins").Subset<"project", {
+        readonly admin: readonly ["access"];
+        readonly organization: readonly ["create", "update", "delete"];
+        readonly team: readonly ["create", "update", "delete"];
+        readonly project: readonly ["create", "share", "update", "delete"];
+        readonly blogPost: readonly ["create", "edit", "publish", "delete"];
+        readonly member: readonly ["create", "update", "delete"];
+        readonly invitation: readonly ["create", "cancel"];
+        readonly ac: readonly ["create", "read", "update", "delete"];
+    }>;
+};

package/dist/runtime/auth/permissions.js

@@ -0,0 +1,32 @@
+import { createAccessControl } from "better-auth/plugins/access";
+import { adminAc, defaultStatements, ownerAc } from "better-auth/plugins/organization/access";
+const customStatements = {
+  admin: ["access"],
+  organization: ["create", "update", "delete"],
+  team: ["create", "update", "delete"],
+  project: ["create", "share", "update", "delete"],
+  blogPost: ["create", "edit", "publish", "delete"]
+};
+export const statement = {
+  ...defaultStatements,
+  ...customStatements
+};
+export const ac = createAccessControl(statement);
+export const owner = ac.newRole({
+  ...ownerAc.statements,
+  team: ["create", "update", "delete"],
+  project: ["create", "update", "delete"],
+  blogPost: ["create", "edit", "publish", "delete"]
+});
+export const admin = ac.newRole({
+  ...adminAc.statements,
+  admin: ["access"],
+  team: ["create", "update", "delete"],
+  project: ["create", "update"]
+});
+export const member = ac.newRole({
+  project: ["create"]
+});
+export const user = ac.newRole({
+  project: ["create"]
+});

package/dist/runtime/auth/permissions.mjs

@@ -0,0 +1,32 @@
+import { createAccessControl } from "better-auth/plugins/access";
+import { adminAc, defaultStatements, ownerAc } from "better-auth/plugins/organization/access";
+const customStatements = {
+  admin: ["access"],
+  organization: ["create", "update", "delete"],
+  team: ["create", "update", "delete"],
+  project: ["create", "share", "update", "delete"],
+  blogPost: ["create", "edit", "publish", "delete"]
+};
+export const statement = {
+  ...defaultStatements,
+  ...customStatements
+};
+export const ac = createAccessControl(statement);
+export const owner = ac.newRole({
+  ...ownerAc.statements,
+  team: ["create", "update", "delete"],
+  project: ["create", "update", "delete"],
+  blogPost: ["create", "edit", "publish", "delete"]
+});
+export const admin = ac.newRole({
+  ...adminAc.statements,
+  admin: ["access"],
+  team: ["create", "update", "delete"],
+  project: ["create", "update"]
+});
+export const member = ac.newRole({
+  project: ["create"]
+});
+export const user = ac.newRole({
+  project: ["create"]
+});

package/dist/runtime/auth/restricted-usernames.d.ts

@@ -0,0 +1,25 @@
+/**
+ * Generates a "Skeleton" of the username.
+ * If two usernames have the same skeleton, they are visually too similar.
+ */
+export declare const generateUsernameSkeleton: (input: string) => string;
+/**
+ * Normalizes a string by:
+ * 1. Converting to lowercase.
+ * 2. Mapping homoglyphs/leetspeak to base characters.
+ * 3. Removing all non-alphanumeric characters.
+ */
+export declare const normalizeUsername: (input: string) => string;
+export declare const STANDARD_RESTRICTED_GROUPS: {
+    readonly STAFF_ROLES: readonly ["admin", "administrator", "moderator", "mod", "staff", "support", "help", "official", "verified", "system", "root", "bot", "security", "community", "manager", "dev", "developer", "designer", "gamemaster", "gm", "assistant", "coordinator", "representative", "agent", "supervisor", "executive", "ambassador", "expert", "specialist", "advocate", "internal", "employee", "associate", "webmaster", "sysop", "operator", "host", "referee", "council", "ceo", "founder", "owner"];
+    readonly LEGAL_FINANCIAL: readonly ["checkout", "subscribe", "subscription", "premium", "vip", "store", "shop", "marketplace", "wallet", "refund", "invoice", "payout", "rewards", "prize", "giveaway", "claims", "verification", "billing", "payment", "sales", "marketing", "legal", "compliance", "privacy", "tos", "terms", "copyright", "trademark", "dmca", "abuse", "report"];
+    readonly TECHNICAL: readonly ["null", "undefined", "nan", "none", "everyone", "all", "guest", "user", "test", "tester", "account", "api", "webhook", "index", "config", "settings", "profile", "auth", "login", "signup", "signin", "logout", "signout", "localhost", "ftp", "smtp", "pop3", "imap", "dns", "proxy", "cdn", "static", "assets", "media", "upload", "download", "docs", "manual", "guide", "tutorial", "error", "404", "500", "maintenance", "update", "patch", "changelog", "status", "db", "database", "sql", "query", "health", "ping", "metrics", "logs", "no-reply", "noreply", "donotreply", "security-alert", "mail", "email", "postmaster"];
+    readonly LEETSPEAK: readonly ["4dmin", "@dmin", "st4ff", "m0d", "m0derator", "4dm1n", "4dmin1strator", "m0d3rator", "st4f", "5upport", "0fficial", "v3rified", "5ystem", "r00t", "b0t", "s3curity", "d3v", "d3veloper", "@dministrator", "adm1n", "adm1nistrator"];
+};
+export declare const STANDARD_RESTRICTED_USERNAMES: string[];
+/**
+ * Creates a restricted username set with optional app-specific additions.
+ * Use this in your app to extend the standard set.
+ */
+export declare const createRestrictedSet: (appSpecificUsernames?: string[]) => Set<string>;
+export declare const RESTRICTED_SET: Set<string>;

package/dist/runtime/auth/restricted-usernames.js

@@ -0,0 +1,236 @@
+const HOMOGLYPH_MAP = {
+  "0": "o",
+  "1": "i",
+  "3": "e",
+  "4": "a",
+  "5": "s",
+  "7": "t",
+  "8": "b",
+  "9": "g",
+  "@": "a",
+  "!": "i",
+  $: "s",
+  "|": "i"
+};
+const SKELETON_MAP = {
+  // Leetspeak & Numbers
+  "0": "o",
+  "1": "i",
+  "3": "e",
+  "4": "a",
+  "5": "s",
+  "6": "g",
+  "7": "t",
+  "8": "b",
+  "9": "g",
+  // Special Characters
+  "@": "a",
+  $: "s",
+  "!": "i",
+  "|": "i",
+  "+": "t",
+  "(": "c",
+  "[": "c",
+  "{": "c",
+  // Cyrillic Homoglyphs
+  \u0430: "a",
+  \u0435: "e",
+  \u0456: "i",
+  \u0458: "j",
+  \u043E: "o",
+  \u0440: "p",
+  \u0441: "c",
+  \u0443: "y",
+  \u0445: "x",
+  // Greek Homoglyphs
+  \u03B1: "a",
+  \u03B5: "e",
+  \u03B9: "i",
+  \u03BF: "o",
+  \u03C1: "p",
+  \u03C5: "y",
+  \u03C7: "x"
+};
+export const generateUsernameSkeleton = (input) => {
+  const normalized = input.normalize("NFKD");
+  return normalized.toLowerCase().split("").map((char) => {
+    if (char.match(/[\u0300-\u036f]/)) return "";
+    return SKELETON_MAP[char] || char;
+  }).join("").replace(/[^a-z0-9]/g, "");
+};
+export const normalizeUsername = (input) => {
+  return input.toLowerCase().split("").map((char) => HOMOGLYPH_MAP[char] || char).join("").replace(/[^a-z0-9]/g, "");
+};
+export const STANDARD_RESTRICTED_GROUPS = {
+  STAFF_ROLES: [
+    "admin",
+    "administrator",
+    "moderator",
+    "mod",
+    "staff",
+    "support",
+    "help",
+    "official",
+    "verified",
+    "system",
+    "root",
+    "bot",
+    "security",
+    "community",
+    "manager",
+    "dev",
+    "developer",
+    "designer",
+    "gamemaster",
+    "gm",
+    "assistant",
+    "coordinator",
+    "representative",
+    "agent",
+    "supervisor",
+    "executive",
+    "ambassador",
+    "expert",
+    "specialist",
+    "advocate",
+    "internal",
+    "employee",
+    "associate",
+    "webmaster",
+    "sysop",
+    "operator",
+    "host",
+    "referee",
+    "council",
+    "ceo",
+    "founder",
+    "owner"
+  ],
+  LEGAL_FINANCIAL: [
+    "checkout",
+    "subscribe",
+    "subscription",
+    "premium",
+    "vip",
+    "store",
+    "shop",
+    "marketplace",
+    "wallet",
+    "refund",
+    "invoice",
+    "payout",
+    "rewards",
+    "prize",
+    "giveaway",
+    "claims",
+    "verification",
+    "billing",
+    "payment",
+    "sales",
+    "marketing",
+    "legal",
+    "compliance",
+    "privacy",
+    "tos",
+    "terms",
+    "copyright",
+    "trademark",
+    "dmca",
+    "abuse",
+    "report"
+  ],
+  TECHNICAL: [
+    "null",
+    "undefined",
+    "nan",
+    "none",
+    "everyone",
+    "all",
+    "guest",
+    "user",
+    "test",
+    "tester",
+    "account",
+    "api",
+    "webhook",
+    "index",
+    "config",
+    "settings",
+    "profile",
+    "auth",
+    "login",
+    "signup",
+    "signin",
+    "logout",
+    "signout",
+    "localhost",
+    "ftp",
+    "smtp",
+    "pop3",
+    "imap",
+    "dns",
+    "proxy",
+    "cdn",
+    "static",
+    "assets",
+    "media",
+    "upload",
+    "download",
+    "docs",
+    "manual",
+    "guide",
+    "tutorial",
+    "error",
+    "404",
+    "500",
+    "maintenance",
+    "update",
+    "patch",
+    "changelog",
+    "status",
+    "db",
+    "database",
+    "sql",
+    "query",
+    "health",
+    "ping",
+    "metrics",
+    "logs",
+    "no-reply",
+    "noreply",
+    "donotreply",
+    "security-alert",
+    "mail",
+    "email",
+    "postmaster"
+  ],
+  LEETSPEAK: [
+    "4dmin",
+    "@dmin",
+    "st4ff",
+    "m0d",
+    "m0derator",
+    "4dm1n",
+    "4dmin1strator",
+    "m0d3rator",
+    "st4f",
+    "5upport",
+    "0fficial",
+    "v3rified",
+    "5ystem",
+    "r00t",
+    "b0t",
+    "s3curity",
+    "d3v",
+    "d3veloper",
+    "@dministrator",
+    "adm1n",
+    "adm1nistrator"
+  ]
+};
+export const STANDARD_RESTRICTED_USERNAMES = Object.values(STANDARD_RESTRICTED_GROUPS).flat().map((name) => normalizeUsername(name));
+export const createRestrictedSet = (appSpecificUsernames = []) => {
+  const normalizedAppSpecific = appSpecificUsernames.map((name) => normalizeUsername(name));
+  return /* @__PURE__ */ new Set([...STANDARD_RESTRICTED_USERNAMES, ...normalizedAppSpecific]);
+};
+export const RESTRICTED_SET = new Set(STANDARD_RESTRICTED_USERNAMES);