npm - s3db.js - Versions diffs - 13.6.0 → 14.0.2 - Mend

s3db.js 13.6.0 → 14.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (193) hide show

package/README.md +139 -43
package/dist/s3db.cjs +72425 -38970
package/dist/s3db.cjs.map +1 -1
package/dist/s3db.es.js +72177 -38764
package/dist/s3db.es.js.map +1 -1
package/mcp/lib/base-handler.js +157 -0
package/mcp/lib/handlers/connection-handler.js +280 -0
package/mcp/lib/handlers/query-handler.js +533 -0
package/mcp/lib/handlers/resource-handler.js +428 -0
package/mcp/lib/tool-registry.js +336 -0
package/mcp/lib/tools/connection-tools.js +161 -0
package/mcp/lib/tools/query-tools.js +267 -0
package/mcp/lib/tools/resource-tools.js +404 -0
package/package.json +94 -49
package/src/clients/memory-client.class.js +346 -191
package/src/clients/memory-storage.class.js +300 -84
package/src/clients/s3-client.class.js +7 -6
package/src/concerns/geo-encoding.js +19 -2
package/src/concerns/ip.js +59 -9
package/src/concerns/money.js +8 -1
package/src/concerns/password-hashing.js +49 -8
package/src/concerns/plugin-storage.js +186 -18
package/src/concerns/storage-drivers/filesystem-driver.js +284 -0
package/src/database.class.js +139 -29
package/src/errors.js +332 -42
package/src/plugins/api/auth/oidc-auth.js +66 -17
package/src/plugins/api/auth/strategies/base-strategy.class.js +74 -0
package/src/plugins/api/auth/strategies/factory.class.js +63 -0
package/src/plugins/api/auth/strategies/global-strategy.class.js +44 -0
package/src/plugins/api/auth/strategies/path-based-strategy.class.js +83 -0
package/src/plugins/api/auth/strategies/path-rules-strategy.class.js +118 -0
package/src/plugins/api/concerns/failban-manager.js +106 -57
package/src/plugins/api/concerns/opengraph-helper.js +116 -0
package/src/plugins/api/concerns/route-context.js +601 -0
package/src/plugins/api/concerns/state-machine.js +288 -0
package/src/plugins/api/index.js +180 -41
package/src/plugins/api/routes/auth-routes.js +198 -30
package/src/plugins/api/routes/resource-routes.js +19 -4
package/src/plugins/api/server/health-manager.class.js +163 -0
package/src/plugins/api/server/middleware-chain.class.js +310 -0
package/src/plugins/api/server/router.class.js +472 -0
package/src/plugins/api/server.js +280 -1303
package/src/plugins/api/utils/custom-routes.js +17 -5
package/src/plugins/api/utils/guards.js +76 -17
package/src/plugins/api/utils/openapi-generator-cached.class.js +133 -0
package/src/plugins/api/utils/openapi-generator.js +7 -6
package/src/plugins/api/utils/template-engine.js +77 -3
package/src/plugins/audit.plugin.js +30 -8
package/src/plugins/backup.plugin.js +110 -14
package/src/plugins/cache/cache.class.js +22 -5
package/src/plugins/cache/filesystem-cache.class.js +116 -19
package/src/plugins/cache/memory-cache.class.js +211 -57
package/src/plugins/cache/multi-tier-cache.class.js +371 -0
package/src/plugins/cache/partition-aware-filesystem-cache.class.js +168 -47
package/src/plugins/cache/redis-cache.class.js +552 -0
package/src/plugins/cache/s3-cache.class.js +17 -8
package/src/plugins/cache.plugin.js +176 -61
package/src/plugins/cloud-inventory/drivers/alibaba-driver.js +8 -1
package/src/plugins/cloud-inventory/drivers/aws-driver.js +60 -29
package/src/plugins/cloud-inventory/drivers/azure-driver.js +8 -1
package/src/plugins/cloud-inventory/drivers/base-driver.js +16 -2
package/src/plugins/cloud-inventory/drivers/cloudflare-driver.js +8 -1
package/src/plugins/cloud-inventory/drivers/digitalocean-driver.js +8 -1
package/src/plugins/cloud-inventory/drivers/hetzner-driver.js +8 -1
package/src/plugins/cloud-inventory/drivers/linode-driver.js +8 -1
package/src/plugins/cloud-inventory/drivers/mongodb-atlas-driver.js +8 -1
package/src/plugins/cloud-inventory/drivers/vultr-driver.js +8 -1
package/src/plugins/cloud-inventory/index.js +29 -8
package/src/plugins/cloud-inventory/registry.js +64 -42
package/src/plugins/cloud-inventory.plugin.js +240 -138
package/src/plugins/concerns/plugin-dependencies.js +54 -0
package/src/plugins/concerns/resource-names.js +100 -0
package/src/plugins/consumers/index.js +10 -2
package/src/plugins/consumers/sqs-consumer.js +12 -2
package/src/plugins/cookie-farm-suite.plugin.js +278 -0
package/src/plugins/cookie-farm.errors.js +73 -0
package/src/plugins/cookie-farm.plugin.js +869 -0
package/src/plugins/costs.plugin.js +7 -1
package/src/plugins/eventual-consistency/analytics.js +94 -19
package/src/plugins/eventual-consistency/config.js +15 -7
package/src/plugins/eventual-consistency/consolidation.js +29 -11
package/src/plugins/eventual-consistency/garbage-collection.js +3 -1
package/src/plugins/eventual-consistency/helpers.js +39 -14
package/src/plugins/eventual-consistency/install.js +21 -2
package/src/plugins/eventual-consistency/utils.js +32 -10
package/src/plugins/fulltext.plugin.js +38 -11
package/src/plugins/geo.plugin.js +61 -9
package/src/plugins/identity/concerns/config.js +61 -0
package/src/plugins/identity/concerns/mfa-manager.js +15 -2
package/src/plugins/identity/concerns/rate-limit.js +124 -0
package/src/plugins/identity/concerns/resource-schemas.js +9 -1
package/src/plugins/identity/concerns/token-generator.js +29 -4
package/src/plugins/identity/drivers/auth-driver.interface.js +76 -0
package/src/plugins/identity/drivers/client-credentials-driver.js +127 -0
package/src/plugins/identity/drivers/index.js +18 -0
package/src/plugins/identity/drivers/password-driver.js +122 -0
package/src/plugins/identity/email-service.js +17 -2
package/src/plugins/identity/index.js +413 -69
package/src/plugins/identity/oauth2-server.js +413 -30
package/src/plugins/identity/oidc-discovery.js +16 -8
package/src/plugins/identity/rsa-keys.js +115 -35
package/src/plugins/identity/server.js +166 -45
package/src/plugins/identity/session-manager.js +53 -7
package/src/plugins/identity/ui/pages/mfa-verification.js +17 -15
package/src/plugins/identity/ui/routes.js +363 -255
package/src/plugins/importer/index.js +153 -20
package/src/plugins/index.js +9 -2
package/src/plugins/kubernetes-inventory/index.js +6 -0
package/src/plugins/kubernetes-inventory/k8s-driver.js +867 -0
package/src/plugins/kubernetes-inventory/resource-types.js +274 -0
package/src/plugins/kubernetes-inventory.plugin.js +980 -0
package/src/plugins/metrics.plugin.js +64 -16
package/src/plugins/ml/base-model.class.js +25 -15
package/src/plugins/ml/regression-model.class.js +1 -1
package/src/plugins/ml.errors.js +57 -25
package/src/plugins/ml.plugin.js +28 -4
package/src/plugins/namespace.js +210 -0
package/src/plugins/plugin.class.js +180 -8
package/src/plugins/puppeteer/console-monitor.js +729 -0
package/src/plugins/puppeteer/cookie-manager.js +492 -0
package/src/plugins/puppeteer/network-monitor.js +816 -0
package/src/plugins/puppeteer/performance-manager.js +746 -0
package/src/plugins/puppeteer/proxy-manager.js +478 -0
package/src/plugins/puppeteer/stealth-manager.js +556 -0
package/src/plugins/puppeteer.errors.js +81 -0
package/src/plugins/puppeteer.plugin.js +1327 -0
package/src/plugins/queue-consumer.plugin.js +69 -14
package/src/plugins/recon/behaviors/uptime-behavior.js +691 -0
package/src/plugins/recon/concerns/command-runner.js +148 -0
package/src/plugins/recon/concerns/diff-detector.js +372 -0
package/src/plugins/recon/concerns/fingerprint-builder.js +307 -0
package/src/plugins/recon/concerns/process-manager.js +338 -0
package/src/plugins/recon/concerns/report-generator.js +478 -0
package/src/plugins/recon/concerns/security-analyzer.js +571 -0
package/src/plugins/recon/concerns/target-normalizer.js +68 -0
package/src/plugins/recon/config/defaults.js +321 -0
package/src/plugins/recon/config/resources.js +370 -0
package/src/plugins/recon/index.js +778 -0
package/src/plugins/recon/managers/dependency-manager.js +174 -0
package/src/plugins/recon/managers/scheduler-manager.js +179 -0
package/src/plugins/recon/managers/storage-manager.js +745 -0
package/src/plugins/recon/managers/target-manager.js +274 -0
package/src/plugins/recon/stages/asn-stage.js +314 -0
package/src/plugins/recon/stages/certificate-stage.js +84 -0
package/src/plugins/recon/stages/dns-stage.js +107 -0
package/src/plugins/recon/stages/dnsdumpster-stage.js +362 -0
package/src/plugins/recon/stages/fingerprint-stage.js +71 -0
package/src/plugins/recon/stages/google-dorks-stage.js +440 -0
package/src/plugins/recon/stages/http-stage.js +89 -0
package/src/plugins/recon/stages/latency-stage.js +148 -0
package/src/plugins/recon/stages/massdns-stage.js +302 -0
package/src/plugins/recon/stages/osint-stage.js +1373 -0
package/src/plugins/recon/stages/ports-stage.js +169 -0
package/src/plugins/recon/stages/screenshot-stage.js +94 -0
package/src/plugins/recon/stages/secrets-stage.js +514 -0
package/src/plugins/recon/stages/subdomains-stage.js +295 -0
package/src/plugins/recon/stages/tls-audit-stage.js +78 -0
package/src/plugins/recon/stages/vulnerability-stage.js +78 -0
package/src/plugins/recon/stages/web-discovery-stage.js +113 -0
package/src/plugins/recon/stages/whois-stage.js +349 -0
package/src/plugins/recon.plugin.js +75 -0
package/src/plugins/recon.plugin.js.backup +2635 -0
package/src/plugins/relation.errors.js +87 -14
package/src/plugins/replicator.plugin.js +514 -137
package/src/plugins/replicators/base-replicator.class.js +89 -1
package/src/plugins/replicators/bigquery-replicator.class.js +66 -22
package/src/plugins/replicators/dynamodb-replicator.class.js +22 -15
package/src/plugins/replicators/mongodb-replicator.class.js +22 -15
package/src/plugins/replicators/mysql-replicator.class.js +52 -17
package/src/plugins/replicators/planetscale-replicator.class.js +30 -4
package/src/plugins/replicators/postgres-replicator.class.js +62 -27
package/src/plugins/replicators/s3db-replicator.class.js +25 -18
package/src/plugins/replicators/schema-sync.helper.js +3 -3
package/src/plugins/replicators/sqs-replicator.class.js +8 -2
package/src/plugins/replicators/turso-replicator.class.js +23 -3
package/src/plugins/replicators/webhook-replicator.class.js +42 -4
package/src/plugins/s3-queue.plugin.js +464 -65
package/src/plugins/scheduler.plugin.js +20 -6
package/src/plugins/state-machine.plugin.js +40 -9
package/src/plugins/tfstate/README.md +126 -126
package/src/plugins/tfstate/base-driver.js +28 -4
package/src/plugins/tfstate/errors.js +65 -10
package/src/plugins/tfstate/filesystem-driver.js +52 -8
package/src/plugins/tfstate/index.js +163 -90
package/src/plugins/tfstate/s3-driver.js +64 -6
package/src/plugins/ttl.plugin.js +72 -17
package/src/plugins/vector/distances.js +18 -12
package/src/plugins/vector/kmeans.js +26 -4
package/src/resource.class.js +115 -19
package/src/testing/factory.class.js +20 -3
package/src/testing/seeder.class.js +7 -1
package/src/clients/memory-client.md +0 -917
package/src/plugins/cloud-inventory/drivers/mock-drivers.js +0 -449

package/src/plugins/api/server/middleware-chain.class.js ADDED Viewed

@@ -0,0 +1,310 @@
+/**
+ * MiddlewareChain - Manages middleware application order
+ *
+ * Applies middlewares in correct order for security and performance:
+ * 1. Request tracking (for graceful shutdown)
+ * 2. Failban (block banned IPs early)
+ * 3. Request ID (before all logging)
+ * 4. CORS (before auth checks)
+ * 5. Security headers
+ * 6. Session tracking
+ * 7. Custom middlewares
+ * 8. Templates
+ * 9. Body size limits
+ */
+import { idGenerator } from '../../../concerns/id.js';
+import { createRequestIdMiddleware } from '../middlewares/request-id.js';
+import { createSecurityHeadersMiddleware } from '../middlewares/security-headers.js';
+import { createSessionTrackingMiddleware } from '../middlewares/session-tracking.js';
+import { createFailbanMiddleware, setupFailbanViolationListener } from '../middlewares/failban.js';
+import { setupTemplateEngine } from '../utils/template-engine.js';
+import * as formatter from '../../shared/response-formatter.js';
+export class MiddlewareChain {
+  constructor({
+    requestId,
+    cors,
+    security,
+    sessionTracking,
+    middlewares,
+    templates,
+    maxBodySize,
+    failban,
+    events,
+    verbose,
+    database,
+    inFlightRequests,
+    acceptingRequests,
+    corsMiddleware
+  }) {
+    this.requestId = requestId;
+    this.cors = cors;
+    this.security = security;
+    this.sessionTracking = sessionTracking;
+    this.middlewares = middlewares || [];
+    this.templates = templates;
+    this.maxBodySize = maxBodySize;
+    this.failban = failban;
+    this.events = events;
+    this.verbose = verbose;
+    this.database = database;
+    this.inFlightRequests = inFlightRequests;
+    this.acceptingRequests = acceptingRequests;
+    this.corsMiddleware = corsMiddleware;
+  }
+  /**
+   * Apply all middlewares to Hono app in correct order
+   * @param {Hono} app - Hono application instance
+   */
+  apply(app) {
+    // 1. Request tracking (must be first!)
+    this.applyRequestTracking(app);
+    // 2. Failban (check banned IPs early)
+    this.applyFailban(app);
+    // 3. Request ID
+    this.applyRequestId(app);
+    // 4. CORS
+    this.applyCors(app);
+    // 5. Security headers
+    this.applySecurity(app);
+    // 6. Session tracking
+    this.applySessionTracking(app);
+    // 7. Custom middlewares
+    this.applyCustomMiddlewares(app);
+    // 8. Template engine
+    this.applyTemplates(app);
+    // 9. Body size limits
+    this.applyBodySizeLimits(app);
+  }
+  /**
+   * Apply request tracking middleware (for graceful shutdown)
+   * @private
+   */
+  applyRequestTracking(app) {
+    app.use('*', async (c, next) => {
+      // Check if we're still accepting requests
+      if (!this.acceptingRequests()) {
+        return c.json({ error: 'Server is shutting down' }, 503);
+      }
+      // Track this request
+      const requestId = Symbol('request');
+      this.inFlightRequests.add(requestId);
+      const startTime = Date.now();
+      const requestInfo = {
+        requestId: c.get('requestId') || requestId.toString(),
+        method: c.req.method,
+        path: c.req.path,
+        userAgent: c.req.header('user-agent'),
+        ip: c.req.header('x-forwarded-for') || c.req.header('x-real-ip')
+      };
+      // Emit request:start
+      this.events.emitRequestEvent('start', requestInfo);
+      try {
+        await next();
+        // Emit request:end
+        this.events.emitRequestEvent('end', {
+          ...requestInfo,
+          duration: Date.now() - startTime,
+          status: c.res.status
+        });
+      } catch (err) {
+        // Emit request:error
+        this.events.emitRequestEvent('error', {
+          ...requestInfo,
+          duration: Date.now() - startTime,
+          error: err.message,
+          stack: err.stack
+        });
+        throw err;
+      } finally {
+        // Remove from tracking
+        this.inFlightRequests.delete(requestId);
+      }
+    });
+  }
+  /**
+   * Apply failban middleware
+   * @private
+   */
+  applyFailban(app) {
+    if (!this.failban) {
+      return;
+    }
+    const failbanMiddleware = createFailbanMiddleware({
+      plugin: this.failban,
+      events: this.events
+    });
+    app.use('*', failbanMiddleware);
+    // Setup violation listeners
+    setupFailbanViolationListener({
+      plugin: this.failban,
+      events: this.events
+    });
+    if (this.verbose) {
+      console.log('[MiddlewareChain] Failban protection enabled');
+    }
+  }
+  /**
+   * Apply request ID middleware
+   * @private
+   */
+  applyRequestId(app) {
+    if (!this.requestId?.enabled) {
+      // Always set requestId and verbose, even if not officially enabled
+      app.use('*', async (c, next) => {
+        c.set('requestId', idGenerator());
+        c.set('verbose', this.verbose);
+        await next();
+      });
+      return;
+    }
+    const requestIdMiddleware = createRequestIdMiddleware(this.requestId);
+    app.use('*', requestIdMiddleware);
+    if (this.verbose) {
+      console.log(`[MiddlewareChain] Request ID tracking enabled (header: ${this.requestId.headerName || 'X-Request-ID'})`);
+    }
+  }
+  /**
+   * Apply CORS middleware
+   * @private
+   */
+  applyCors(app) {
+    if (!this.cors?.enabled || !this.corsMiddleware) {
+      return;
+    }
+    const corsConfig = this.cors;
+    app.use('*', this.corsMiddleware({
+      origin: corsConfig.origin || '*',
+      allowMethods: corsConfig.allowMethods || ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
+      allowHeaders: corsConfig.allowHeaders || ['Content-Type', 'Authorization', 'X-Request-ID'],
+      exposeHeaders: corsConfig.exposeHeaders || ['X-Request-ID'],
+      credentials: corsConfig.credentials || false,
+      maxAge: corsConfig.maxAge || 86400
+    }));
+    if (this.verbose) {
+      console.log(`[MiddlewareChain] CORS enabled (maxAge: ${corsConfig.maxAge || 86400}s, origin: ${corsConfig.origin || '*'})`);
+    }
+  }
+  /**
+   * Apply security headers middleware
+   * @private
+   */
+  applySecurity(app) {
+    if (!this.security?.enabled) {
+      return;
+    }
+    const securityMiddleware = createSecurityHeadersMiddleware(this.security);
+    app.use('*', securityMiddleware);
+    if (this.verbose) {
+      console.log('[MiddlewareChain] Security headers enabled');
+    }
+  }
+  /**
+   * Apply session tracking middleware
+   * @private
+   */
+  applySessionTracking(app) {
+    if (!this.sessionTracking?.enabled) {
+      return;
+    }
+    const sessionMiddleware = createSessionTrackingMiddleware(
+      this.sessionTracking,
+      this.database
+    );
+    app.use('*', sessionMiddleware);
+    if (this.verbose) {
+      const resource = this.sessionTracking.resource ? ` (resource: ${this.sessionTracking.resource})` : ' (in-memory)';
+      console.log(`[MiddlewareChain] Session tracking enabled${resource}`);
+    }
+  }
+  /**
+   * Apply custom middlewares
+   * @private
+   */
+  applyCustomMiddlewares(app) {
+    this.middlewares.forEach(middleware => {
+      app.use('*', middleware);
+    });
+    if (this.verbose && this.middlewares.length > 0) {
+      console.log(`[MiddlewareChain] Applied ${this.middlewares.length} custom middleware(s)`);
+    }
+  }
+  /**
+   * Apply template engine middleware
+   * @private
+   */
+  applyTemplates(app) {
+    if (!this.templates?.enabled) {
+      return;
+    }
+    const templateMiddleware = setupTemplateEngine(this.templates);
+    app.use('*', templateMiddleware);
+    if (this.verbose) {
+      console.log(`[MiddlewareChain] Template engine enabled: ${this.templates.engine}`);
+    }
+  }
+  /**
+   * Apply body size limits
+   * @private
+   */
+  applyBodySizeLimits(app) {
+    app.use('*', async (c, next) => {
+      const method = c.req.method;
+      if (['POST', 'PUT', 'PATCH'].includes(method)) {
+        const contentLength = c.req.header('content-length');
+        if (contentLength) {
+          const size = parseInt(contentLength);
+          if (size > this.maxBodySize) {
+            const response = formatter.payloadTooLarge(size, this.maxBodySize);
+            c.header('Connection', 'close');
+            return c.json(response, response._status);
+          }
+        }
+      }
+      await next();
+    });
+  }
+}