secure-ui-components 0.1.0-beta.1

package/dist/core/security-config.js

@@ -0,0 +1,273 @@
+/**
+ * @fileoverview Security Configuration and Tier Definitions
+ *
+ * This module defines the four security tiers that govern all component behavior
+ * in the Secure-UI library. Each tier represents a different level of data sensitivity
+ * and applies corresponding security controls.
+ *
+ * Security Philosophy:
+ * - Defense in depth: Multiple layers of protection at each tier
+ * - Fail secure: Default to highest security when tier is ambiguous
+ * - Progressive enhancement: All tiers work without JavaScript
+ * - Zero trust: Always validate, never assume data is safe
+ *
+ * @module security-config
+ * @license MIT
+ */
+/**
+ * Security tier enumeration
+ * These constants should be used throughout the library to reference security levels
+ */
+export const SecurityTier = Object.freeze({
+    /** PUBLIC: Non-sensitive data (e.g., search queries, public comments) */
+    PUBLIC: 'public',
+    /** AUTHENTICATED: User-specific but non-sensitive data (e.g., display names, preferences) */
+    AUTHENTICATED: 'authenticated',
+    /** SENSITIVE: Personally identifiable information (e.g., email, phone, address) */
+    SENSITIVE: 'sensitive',
+    /** CRITICAL: High-risk data (e.g., passwords, SSN, payment info) */
+    CRITICAL: 'critical'
+});
+/**
+ * Default configuration for each security tier
+ *
+ * Security Note: These defaults implement defense-in-depth by progressively
+ * adding security controls at each tier. When in doubt, components should
+ * default to CRITICAL tier behavior.
+ */
+export const TIER_CONFIG = Object.freeze({
+    [SecurityTier.PUBLIC]: Object.freeze({
+        name: 'Public',
+        level: 1,
+        validation: Object.freeze({
+            required: false,
+            strict: false,
+            maxLength: 5000,
+            pattern: null,
+            sanitizeHtml: true
+        }),
+        masking: Object.freeze({
+            enabled: false,
+            character: '•',
+            partial: false
+        }),
+        storage: Object.freeze({
+            allowAutocomplete: true,
+            allowCache: true,
+            allowHistory: true
+        }),
+        audit: Object.freeze({
+            logAccess: false,
+            logChanges: false,
+            logSubmission: false,
+            includeMetadata: false
+        }),
+        ui: Object.freeze({
+            labelSuffix: '',
+            showSecurityBadge: false
+        }),
+        rateLimit: Object.freeze({
+            enabled: false,
+            maxAttempts: 0,
+            windowMs: 0
+        })
+    }),
+    [SecurityTier.AUTHENTICATED]: Object.freeze({
+        name: 'Authenticated',
+        level: 2,
+        validation: Object.freeze({
+            required: true,
+            strict: false,
+            maxLength: 1000,
+            pattern: null,
+            sanitizeHtml: true
+        }),
+        masking: Object.freeze({
+            enabled: false,
+            character: '•',
+            partial: false
+        }),
+        storage: Object.freeze({
+            allowAutocomplete: true,
+            allowCache: false,
+            allowHistory: false
+        }),
+        audit: Object.freeze({
+            logAccess: false,
+            logChanges: true,
+            logSubmission: true,
+            includeMetadata: true
+        }),
+        ui: Object.freeze({
+            labelSuffix: '',
+            showSecurityBadge: true
+        }),
+        rateLimit: Object.freeze({
+            enabled: false,
+            maxAttempts: 0,
+            windowMs: 0
+        })
+    }),
+    [SecurityTier.SENSITIVE]: Object.freeze({
+        name: 'Sensitive',
+        level: 3,
+        validation: Object.freeze({
+            required: true,
+            strict: true,
+            maxLength: 500,
+            pattern: null,
+            sanitizeHtml: true
+        }),
+        masking: Object.freeze({
+            enabled: false,
+            character: '•',
+            partial: true
+        }),
+        storage: Object.freeze({
+            allowAutocomplete: false,
+            allowCache: false,
+            allowHistory: false
+        }),
+        audit: Object.freeze({
+            logAccess: true,
+            logChanges: true,
+            logSubmission: true,
+            includeMetadata: true
+        }),
+        ui: Object.freeze({
+            labelSuffix: ' (Sensitive)',
+            showSecurityBadge: true
+        }),
+        rateLimit: Object.freeze({
+            enabled: true,
+            maxAttempts: 10,
+            windowMs: 60000
+        })
+    }),
+    [SecurityTier.CRITICAL]: Object.freeze({
+        name: 'Critical',
+        level: 4,
+        validation: Object.freeze({
+            required: true,
+            strict: true,
+            maxLength: 256,
+            pattern: null,
+            sanitizeHtml: true
+        }),
+        masking: Object.freeze({
+            enabled: true,
+            character: '•',
+            partial: false
+        }),
+        storage: Object.freeze({
+            allowAutocomplete: false,
+            allowCache: false,
+            allowHistory: false
+        }),
+        audit: Object.freeze({
+            logAccess: true,
+            logChanges: true,
+            logSubmission: true,
+            includeMetadata: true
+        }),
+        ui: Object.freeze({
+            labelSuffix: ' (Critical - Secure)',
+            showSecurityBadge: true
+        }),
+        rateLimit: Object.freeze({
+            enabled: true,
+            maxAttempts: 5,
+            windowMs: 60000
+        })
+    })
+});
+/**
+ * Get configuration for a specific security tier
+ *
+ * Security Note: If an invalid tier is provided, this function fails secure
+ * by returning the CRITICAL tier configuration.
+ */
+export function getTierConfig(tier) {
+    if (!tier || !TIER_CONFIG[tier]) {
+        console.warn(`Invalid security tier "${tier}", defaulting to CRITICAL`);
+        return TIER_CONFIG[SecurityTier.CRITICAL];
+    }
+    return TIER_CONFIG[tier];
+}
+/**
+ * Validate that a tier value is valid
+ */
+export function isValidTier(tier) {
+    return Object.values(SecurityTier).includes(tier);
+}
+/**
+ * Compare two security tiers
+ *
+ * @returns -1 if tier1 < tier2, 0 if equal, 1 if tier1 > tier2
+ */
+export function compareTiers(tier1, tier2) {
+    const config1 = getTierConfig(tier1);
+    const config2 = getTierConfig(tier2);
+    return Math.sign(config1.level - config2.level);
+}
+/**
+ * Get the more secure of two tiers
+ */
+export function getMoreSecureTier(tier1, tier2) {
+    return compareTiers(tier1, tier2) >= 0 ? tier1 : tier2;
+}
+/**
+ * Content Security Policy recommendations for each tier
+ */
+export const CSP_RECOMMENDATIONS = Object.freeze({
+    [SecurityTier.PUBLIC]: Object.freeze({
+        'default-src': ["'self'"],
+        'script-src': ["'self'"],
+        'style-src': ["'self'", "'unsafe-inline'"]
+    }),
+    [SecurityTier.AUTHENTICATED]: Object.freeze({
+        'default-src': ["'self'"],
+        'script-src': ["'self'"],
+        'style-src': ["'self'", "'unsafe-inline'"],
+        'form-action': ["'self'"]
+    }),
+    [SecurityTier.SENSITIVE]: Object.freeze({
+        'default-src': ["'self'"],
+        'script-src': ["'self'"],
+        'style-src': ["'self'", "'unsafe-inline'"],
+        'form-action': ["'self'"],
+        'frame-ancestors': ["'none'"],
+        'upgrade-insecure-requests': []
+    }),
+    [SecurityTier.CRITICAL]: Object.freeze({
+        'default-src': ["'self'"],
+        'script-src': ["'self'"],
+        'style-src': ["'self'", "'unsafe-inline'"],
+        'form-action': ["'self'"],
+        'frame-ancestors': ["'none'"],
+        'upgrade-insecure-requests': [],
+        'block-all-mixed-content': [],
+        'base-uri': ["'none'"]
+    })
+});
+/**
+ * Default security headers recommendations
+ */
+export const SECURITY_HEADERS = Object.freeze({
+    'X-Content-Type-Options': 'nosniff',
+    'X-Frame-Options': 'DENY',
+    'X-XSS-Protection': '1; mode=block',
+    'Referrer-Policy': 'strict-origin-when-cross-origin',
+    'Permissions-Policy': 'geolocation=(), microphone=(), camera=()'
+});
+export default {
+    SecurityTier,
+    TIER_CONFIG,
+    getTierConfig,
+    isValidTier,
+    compareTiers,
+    getMoreSecureTier,
+    CSP_RECOMMENDATIONS,
+    SECURITY_HEADERS
+};
+//# sourceMappingURL=security-config.js.map

package/dist/core/security-config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-config.js","sourceRoot":"","sources":["../../src/core/security-config.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AASH;;;GAGG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC;IACxC,yEAAyE;IACzE,MAAM,EAAE,QAAiB;IAEzB,6FAA6F;IAC7F,aAAa,EAAE,eAAwB;IAEvC,mFAAmF;IACnF,SAAS,EAAE,WAAoB;IAE/B,oEAAoE;IACpE,QAAQ,EAAE,UAAmB;CAC9B,CAAC,CAAC;AAEH;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,WAAW,GAAoD,MAAM,CAAC,MAAM,CAAC;IACxF,CAAC,YAAY,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;QACnC,IAAI,EAAE,QAAQ;QACd,KAAK,EAAE,CAAC;QACR,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC;YACxB,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,KAAK;YACb,SAAS,EAAE,IAAI;YACf,OAAO,EAAE,IAAI;YACb,YAAY,EAAE,IAAI;SACnB,CAAC;QACF,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC;YACrB,OAAO,EAAE,KAAK;YACd,SAAS,EAAE,GAAG;YACd,OAAO,EAAE,KAAK;SACf,CAAC;QACF,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC;YACrB,iBAAiB,EAAE,IAAI;YACvB,UAAU,EAAE,IAAI;YAChB,YAAY,EAAE,IAAI;SACnB,CAAC;QACF,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC;YACnB,SAAS,EAAE,KAAK;YAChB,UAAU,EAAE,KAAK;YACjB,aAAa,EAAE,KAAK;YACpB,eAAe,EAAE,KAAK;SACvB,CAAC;QACF,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC;YAChB,WAAW,EAAE,EAAE;YACf,iBAAiB,EAAE,KAAK;SACzB,CAAC;QACF,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC;YACvB,OAAO,EAAE,KAAK;YACd,WAAW,EAAE,CAAC;YACd,QAAQ,EAAE,CAAC;SACZ,CAAC;KACH,CAAC;IAEF,CAAC,YAAY,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;QAC1C,IAAI,EAAE,eAAe;QACrB,KAAK,EAAE,CAAC;QACR,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC;YACxB,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,KAAK;YACb,SAAS,EAAE,IAAI;YACf,OAAO,EAAE,IAAI;YACb,YAAY,EAAE,IAAI;SACnB,CAAC;QACF,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC;YACrB,OAAO,EAAE,KAAK;YACd,SAAS,EAAE,GAAG;YACd,OAAO,EAAE,KAAK;SACf,CAAC;QACF,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC;YACrB,iBAAiB,EAAE,IAAI;YACvB,UAAU,EAAE,KAAK;YACjB,YAAY,EAAE,KAAK;SACpB,CAAC;QACF,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC;YACnB,SAAS,EAAE,KAAK;YAChB,UAAU,EAAE,IAAI;YAChB,aAAa,EAAE,IAAI;YACnB,eAAe,EAAE,IAAI;SACtB,CAAC;QACF,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC;YAChB,WAAW,EAAE,EAAE;YACf,iBAAiB,EAAE,IAAI;SACxB,CAAC;QACF,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC;YACvB,OAAO,EAAE,KAAK;YACd,WAAW,EAAE,CAAC;YACd,QAAQ,EAAE,CAAC;SACZ,CAAC;KACH,CAAC;IAEF,CAAC,YAAY,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;QACtC,IAAI,EAAE,WAAW;QACjB,KAAK,EAAE,CAAC;QACR,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC;YACxB,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,IAAI;YACZ,SAAS,EAAE,GAAG;YACd,OAAO,EAAE,IAAI;YACb,YAAY,EAAE,IAAI;SACnB,CAAC;QACF,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC;YACrB,OAAO,EAAE,KAAK;YACd,SAAS,EAAE,GAAG;YACd,OAAO,EAAE,IAAI;SACd,CAAC;QACF,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC;YACrB,iBAAiB,EAAE,KAAK;YACxB,UAAU,EAAE,KAAK;YACjB,YAAY,EAAE,KAAK;SACpB,CAAC;QACF,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC;YACnB,SAAS,EAAE,IAAI;YACf,UAAU,EAAE,IAAI;YAChB,aAAa,EAAE,IAAI;YACnB,eAAe,EAAE,IAAI;SACtB,CAAC;QACF,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC;YAChB,WAAW,EAAE,cAAc;YAC3B,iBAAiB,EAAE,IAAI;SACxB,CAAC;QACF,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC;YACvB,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,EAAE;YACf,QAAQ,EAAE,KAAK;SAChB,CAAC;KACH,CAAC;IAEF,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;QACrC,IAAI,EAAE,UAAU;QAChB,KAAK,EAAE,CAAC;QACR,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC;YACxB,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,IAAI;YACZ,SAAS,EAAE,GAAG;YACd,OAAO,EAAE,IAAI;YACb,YAAY,EAAE,IAAI;SACnB,CAAC;QACF,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC;YACrB,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,GAAG;YACd,OAAO,EAAE,KAAK;SACf,CAAC;QACF,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC;YACrB,iBAAiB,EAAE,KAAK;YACxB,UAAU,EAAE,KAAK;YACjB,YAAY,EAAE,KAAK;SACpB,CAAC;QACF,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC;YACnB,SAAS,EAAE,IAAI;YACf,UAAU,EAAE,IAAI;YAChB,aAAa,EAAE,IAAI;YACnB,eAAe,EAAE,IAAI;SACtB,CAAC;QACF,EAAE,EAAE,MAAM,CAAC,MAAM,CAAC;YAChB,WAAW,EAAE,sBAAsB;YACnC,iBAAiB,EAAE,IAAI;SACxB,CAAC;QACF,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC;YACvB,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,CAAC;YACd,QAAQ,EAAE,KAAK;SAChB,CAAC;KACH,CAAC;CACH,CAAC,CAAC;AAEH;;;;;GAKG;AACH,MAAM,UAAU,aAAa,CAAC,IAAY;IACxC,IAAI,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC,IAAyB,CAAC,EAAE,CAAC;QACrD,OAAO,CAAC,IAAI,CAAC,0BAA0B,IAAI,2BAA2B,CAAC,CAAC;QACxE,OAAO,WAAW,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;IAC5C,CAAC;IAED,OAAO,WAAW,CAAC,IAAyB,CAAC,CAAC;AAChD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,IAAY;IACtC,OAAQ,MAAM,CAAC,MAAM,CAAC,YAAY,CAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;AAClE,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,YAAY,CAAC,KAAa,EAAE,KAAa;IACvD,MAAM,OAAO,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IACrC,MAAM,OAAO,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAErC,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,KAAa,EAAE,KAAa;IAC5D,OAAO,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;AACzD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAiE,MAAM,CAAC,MAAM,CAAC;IAC7G,CAAC,YAAY,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;QACnC,aAAa,EAAE,CAAC,QAAQ,CAAC;QACzB,YAAY,EAAE,CAAC,QAAQ,CAAC;QACxB,WAAW,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;KAC3C,CAAC;IAEF,CAAC,YAAY,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;QAC1C,aAAa,EAAE,CAAC,QAAQ,CAAC;QACzB,YAAY,EAAE,CAAC,QAAQ,CAAC;QACxB,WAAW,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;QAC1C,aAAa,EAAE,CAAC,QAAQ,CAAC;KAC1B,CAAC;IAEF,CAAC,YAAY,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;QACtC,aAAa,EAAE,CAAC,QAAQ,CAAC;QACzB,YAAY,EAAE,CAAC,QAAQ,CAAC;QACxB,WAAW,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;QAC1C,aAAa,EAAE,CAAC,QAAQ,CAAC;QACzB,iBAAiB,EAAE,CAAC,QAAQ,CAAC;QAC7B,2BAA2B,EAAE,EAAE;KAChC,CAAC;IAEF,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;QACrC,aAAa,EAAE,CAAC,QAAQ,CAAC;QACzB,YAAY,EAAE,CAAC,QAAQ,CAAC;QACxB,WAAW,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;QAC1C,aAAa,EAAE,CAAC,QAAQ,CAAC;QACzB,iBAAiB,EAAE,CAAC,QAAQ,CAAC;QAC7B,2BAA2B,EAAE,EAAE;QAC/B,yBAAyB,EAAE,EAAE;QAC7B,UAAU,EAAE,CAAC,QAAQ,CAAC;KACvB,CAAC;CACH,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAA8B,MAAM,CAAC,MAAM,CAAC;IACvE,wBAAwB,EAAE,SAAS;IACnC,iBAAiB,EAAE,MAAM;IACzB,kBAAkB,EAAE,eAAe;IACnC,iBAAiB,EAAE,iCAAiC;IACpD,oBAAoB,EAAE,0CAA0C;CACjE,CAAC,CAAC;AAEH,eAAe;IACb,YAAY;IACZ,WAAW;IACX,aAAa;IACb,WAAW;IACX,YAAY;IACZ,iBAAiB;IACjB,mBAAmB;IACnB,gBAAgB;CACjB,CAAC"}

package/dist/core/types.d.ts

@@ -0,0 +1,212 @@
+/**
+ * @fileoverview Shared type definitions for the Secure-UI component library.
+ * @module types
+ * @license MIT
+ */
+/**
+ * Security tier string literal values
+ */
+export type SecurityTierValue = 'public' | 'authenticated' | 'sensitive' | 'critical';
+/**
+ * Validation configuration for a security tier
+ */
+export interface ValidationConfig {
+    readonly required: boolean;
+    readonly strict: boolean;
+    readonly maxLength: number;
+    readonly pattern: RegExp | null;
+    readonly sanitizeHtml: boolean;
+}
+/**
+ * Masking configuration for a security tier
+ */
+export interface MaskingConfig {
+    readonly enabled: boolean;
+    readonly character: string;
+    readonly partial: boolean;
+}
+/**
+ * Browser storage permissions for a security tier
+ */
+export interface StorageConfig {
+    readonly allowAutocomplete: boolean;
+    readonly allowCache: boolean;
+    readonly allowHistory: boolean;
+}
+/**
+ * Audit logging configuration for a security tier
+ */
+export interface AuditConfig {
+    readonly logAccess: boolean;
+    readonly logChanges: boolean;
+    readonly logSubmission: boolean;
+    readonly includeMetadata: boolean;
+}
+/**
+ * UI configuration for a security tier
+ */
+export interface UIConfig {
+    readonly labelSuffix: string;
+    readonly showSecurityBadge: boolean;
+}
+/**
+ * Rate limiting configuration for a security tier
+ */
+export interface RateLimitConfig {
+    readonly enabled: boolean;
+    readonly maxAttempts: number;
+    readonly windowMs: number;
+}
+/**
+ * Complete tier configuration object
+ */
+export interface TierConfig {
+    readonly name: string;
+    readonly level: number;
+    readonly validation: ValidationConfig;
+    readonly masking: MaskingConfig;
+    readonly storage: StorageConfig;
+    readonly audit: AuditConfig;
+    readonly ui: UIConfig;
+    readonly rateLimit: RateLimitConfig;
+}
+/**
+ * Validation result returned by validateInput()
+ */
+export interface ValidationResult {
+    valid: boolean;
+    errors: string[];
+}
+/**
+ * Validation options passed to validateInput()
+ */
+export interface ValidationOptions {
+    pattern?: RegExp | null;
+    minLength?: number;
+    maxLength?: number;
+}
+/**
+ * Rate limit check result
+ */
+export interface RateLimitResult {
+    allowed: boolean;
+    retryAfter: number;
+}
+/**
+ * Rate limit state tracking
+ */
+export interface RateLimitState {
+    attempts: number;
+    windowStart: number;
+}
+/**
+ * Audit log entry
+ */
+export interface AuditLogEntry {
+    event: string;
+    tier: SecurityTierValue;
+    timestamp: string;
+    userAgent?: string;
+    language?: string;
+    [key: string]: unknown;
+}
+/**
+ * CSP directive mapping
+ */
+export type CSPDirectives = Record<string, string[]>;
+/**
+ * Security headers mapping
+ */
+export type SecurityHeaders = Record<string, string>;
+/**
+ * Custom event detail for secure-input events
+ */
+export interface SecureInputEventDetail {
+    name: string;
+    value: string;
+    masked: boolean;
+    tier: SecurityTierValue;
+}
+/**
+ * Custom event detail for secure-textarea events
+ */
+export interface SecureTextareaEventDetail {
+    name: string;
+    value: string;
+    tier: SecurityTierValue;
+}
+/**
+ * Custom event detail for secure-select events
+ */
+export interface SecureSelectEventDetail {
+    name: string;
+    value: string;
+    tier: SecurityTierValue;
+}
+/**
+ * Custom event detail for secure-file-upload events
+ */
+export interface SecureFileUploadEventDetail {
+    name: string;
+    files: File[];
+    tier: SecurityTierValue;
+}
+/**
+ * Custom event detail for secure-datetime events
+ */
+export interface SecureDatetimeEventDetail {
+    name: string;
+    value: string;
+    type: string;
+    tier: SecurityTierValue;
+}
+/**
+ * Custom event detail for secure-form-submit events
+ */
+export interface SecureFormSubmitEventDetail {
+    formData: Record<string, string>;
+    formElement: HTMLFormElement;
+    preventDefault: () => void;
+}
+/**
+ * Custom event detail for secure-form-success events
+ */
+export interface SecureFormSuccessEventDetail {
+    formData: Record<string, string>;
+    response: Response;
+}
+/**
+ * Custom event detail for secure-audit events
+ */
+export type SecureAuditEventDetail = AuditLogEntry;
+/**
+ * Table column definition
+ */
+export interface TableColumnDefinition {
+    key: string;
+    label: string;
+    sortable?: boolean;
+    filterable?: boolean;
+    tier?: SecurityTierValue;
+    width?: string;
+    render?: (value: unknown, row: Record<string, unknown>, columnKey: string) => string;
+}
+/**
+ * Table sort configuration
+ */
+export interface TableSortConfig {
+    column: string | null;
+    direction: 'asc' | 'desc';
+}
+/**
+ * Table pagination state
+ */
+export interface TablePaginationState {
+    currentPage: number;
+    pageSize: number;
+}
+/**
+ * Valid datetime input types
+ */
+export type DateTimeInputType = 'date' | 'time' | 'datetime-local' | 'month' | 'week';
+//# sourceMappingURL=types.d.ts.map

package/dist/core/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/core/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG,QAAQ,GAAG,eAAe,GAAG,WAAW,GAAG,UAAU,CAAC;AAEtF;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC;IAC3B,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC;IACzB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,iBAAiB,EAAE,OAAO,CAAC;IACpC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC;IAC7B,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC;IAC5B,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC;IAC7B,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;IAChC,QAAQ,CAAC,eAAe,EAAE,OAAO,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,iBAAiB,EAAE,OAAO,CAAC;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,UAAU,EAAE,gBAAgB,CAAC;IACtC,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC;IAChC,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC;IAChC,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC;IACtB,QAAQ,CAAC,SAAS,EAAE,eAAe,CAAC;CACrC;AAID;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAID;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB;AAID;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,iBAAiB,CAAC;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAID;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;AAErD;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAIrD;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,OAAO,CAAC;IAChB,IAAI,EAAE,iBAAiB,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,iBAAiB,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,iBAAiB,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,2BAA2B;IAC1C,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,IAAI,EAAE,CAAC;IACd,IAAI,EAAE,iBAAiB,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,iBAAiB,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,2BAA2B;IAC1C,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,WAAW,EAAE,eAAe,CAAC;IAC7B,cAAc,EAAE,MAAM,IAAI,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC3C,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,QAAQ,EAAE,QAAQ,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,MAAM,sBAAsB,GAAG,aAAa,CAAC;AAInD;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,IAAI,CAAC,EAAE,iBAAiB,CAAC;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS,EAAE,MAAM,KAAK,MAAM,CAAC;CACtF;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,SAAS,EAAE,KAAK,GAAG,MAAM,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAID;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG,MAAM,GAAG,MAAM,GAAG,gBAAgB,GAAG,OAAO,GAAG,MAAM,CAAC"}

package/dist/core/types.js

@@ -0,0 +1,7 @@
+/**
+ * @fileoverview Shared type definitions for the Secure-UI component library.
+ * @module types
+ * @license MIT
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/core/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/core/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG"}

package/dist/index.d.ts

@@ -0,0 +1,18 @@
+/**
+ * Secure-UI Component Library
+ *
+ * @module @anthropic/secure-ui-components
+ * @license MIT
+ */
+export { SecureBaseComponent } from './core/base-component.js';
+export { SecurityTier, TIER_CONFIG, getTierConfig, isValidTier, compareTiers, getMoreSecureTier, CSP_RECOMMENDATIONS, SECURITY_HEADERS } from './core/security-config.js';
+export { SecureInput } from './components/secure-input/secure-input.js';
+export { SecureTextarea } from './components/secure-textarea/secure-textarea.js';
+export { SecureSelect } from './components/secure-select/secure-select.js';
+export { SecureForm } from './components/secure-form/secure-form.js';
+export { SecureFileUpload } from './components/secure-file-upload/secure-file-upload.js';
+export { SecureDateTime } from './components/secure-datetime/secure-datetime.js';
+export { SecureTable } from './components/secure-table/secure-table.js';
+export { SecureSubmitButton } from './components/secure-submit-button/secure-submit-button.js';
+export type { SecurityTierValue, TierConfig, ValidationConfig, MaskingConfig, StorageConfig, AuditConfig, UIConfig, RateLimitConfig, ValidationResult, ValidationOptions, RateLimitResult, RateLimitState, AuditLogEntry, CSPDirectives, SecurityHeaders, SecureInputEventDetail, SecureTextareaEventDetail, SecureSelectEventDetail, SecureFileUploadEventDetail, SecureDatetimeEventDetail, SecureFormSubmitEventDetail, SecureFormSuccessEventDetail, SecureAuditEventDetail, TableColumnDefinition, TableSortConfig, TablePaginationState, DateTimeInputType } from './core/types.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,aAAa,EAAE,WAAW,EAAE,YAAY,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAG1K,OAAO,EAAE,WAAW,EAAE,MAAM,2CAA2C,CAAC;AACxE,OAAO,EAAE,cAAc,EAAE,MAAM,iDAAiD,CAAC;AACjF,OAAO,EAAE,YAAY,EAAE,MAAM,6CAA6C,CAAC;AAC3E,OAAO,EAAE,UAAU,EAAE,MAAM,yCAAyC,CAAC;AACrE,OAAO,EAAE,gBAAgB,EAAE,MAAM,uDAAuD,CAAC;AACzF,OAAO,EAAE,cAAc,EAAE,MAAM,iDAAiD,CAAC;AACjF,OAAO,EAAE,WAAW,EAAE,MAAM,2CAA2C,CAAC;AACxE,OAAO,EAAE,kBAAkB,EAAE,MAAM,2DAA2D,CAAC;AAG/F,YAAY,EACV,iBAAiB,EACjB,UAAU,EACV,gBAAgB,EAChB,aAAa,EACb,aAAa,EACb,WAAW,EACX,QAAQ,EACR,eAAe,EACf,gBAAgB,EAChB,iBAAiB,EACjB,eAAe,EACf,cAAc,EACd,aAAa,EACb,aAAa,EACb,eAAe,EACf,sBAAsB,EACtB,yBAAyB,EACzB,uBAAuB,EACvB,2BAA2B,EAC3B,yBAAyB,EACzB,2BAA2B,EAC3B,4BAA4B,EAC5B,sBAAsB,EACtB,qBAAqB,EACrB,eAAe,EACf,oBAAoB,EACpB,iBAAiB,EAClB,MAAM,iBAAiB,CAAC"}

package/dist/index.js

@@ -0,0 +1,19 @@
+/**
+ * Secure-UI Component Library
+ *
+ * @module @anthropic/secure-ui-components
+ * @license MIT
+ */
+// Core
+export { SecureBaseComponent } from './core/base-component.js';
+export { SecurityTier, TIER_CONFIG, getTierConfig, isValidTier, compareTiers, getMoreSecureTier, CSP_RECOMMENDATIONS, SECURITY_HEADERS } from './core/security-config.js';
+// Components
+export { SecureInput } from './components/secure-input/secure-input.js';
+export { SecureTextarea } from './components/secure-textarea/secure-textarea.js';
+export { SecureSelect } from './components/secure-select/secure-select.js';
+export { SecureForm } from './components/secure-form/secure-form.js';
+export { SecureFileUpload } from './components/secure-file-upload/secure-file-upload.js';
+export { SecureDateTime } from './components/secure-datetime/secure-datetime.js';
+export { SecureTable } from './components/secure-table/secure-table.js';
+export { SecureSubmitButton } from './components/secure-submit-button/secure-submit-button.js';
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO;AACP,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,aAAa,EAAE,WAAW,EAAE,YAAY,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAE1K,aAAa;AACb,OAAO,EAAE,WAAW,EAAE,MAAM,2CAA2C,CAAC;AACxE,OAAO,EAAE,cAAc,EAAE,MAAM,iDAAiD,CAAC;AACjF,OAAO,EAAE,YAAY,EAAE,MAAM,6CAA6C,CAAC;AAC3E,OAAO,EAAE,UAAU,EAAE,MAAM,yCAAyC,CAAC;AACrE,OAAO,EAAE,gBAAgB,EAAE,MAAM,uDAAuD,CAAC;AACzF,OAAO,EAAE,cAAc,EAAE,MAAM,iDAAiD,CAAC;AACjF,OAAO,EAAE,WAAW,EAAE,MAAM,2CAA2C,CAAC;AACxE,OAAO,EAAE,kBAAkB,EAAE,MAAM,2DAA2D,CAAC"}

package/dist/package.json

@@ -0,0 +1,89 @@
+{
+  "name": "secure-ui-components",
+  "version": "0.1.0-beta.1",
+  "description": "Security-first web component library with zero dependencies",
+  "type": "module",
+  "main": "./index.js",
+  "module": "./index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": "./index.js",
+    "./secure-input": "./components/secure-input/secure-input.js",
+    "./secure-textarea": "./components/secure-textarea/secure-textarea.js",
+    "./secure-select": "./components/secure-select/secure-select.js",
+    "./secure-form": "./components/secure-form/secure-form.js",
+    "./secure-file-upload": "./components/secure-file-upload/secure-file-upload.js",
+    "./secure-datetime": "./components/secure-datetime/secure-datetime.js",
+    "./secure-table": "./components/secure-table/secure-table.js",
+    "./secure-submit-button": "./components/secure-submit-button/secure-submit-button.js",
+    "./base-component": "./core/base-component.js",
+    "./security-config": "./core/security-config.js",
+    "./tokens": "./styles/tokens.css"
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "scripts": {
+    "clean": "node -e \"const fs=require('fs');fs.rmSync('dist',{recursive:true,force:true})\"",
+    "typecheck": "tsc --noEmit",
+    "build:ts": "tsc",
+    "build:css": "node build/css-inliner.js",
+    "build": "npm run clean && npm run build:ts && npm run build:css",
+    "build:dev": "npm run build:ts && node build/dev-build.js",
+    "serve": "node server.js",
+    "serve:dev": "node --watch server.js",
+    "start": "npm run build && npm run serve",
+    "dev": "npm run build && npm run serve:dev",
+    "lint": "eslint src tests",
+    "lint:fix": "eslint src tests --fix",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "test:coverage": "vitest run --coverage",
+    "size": "size-limit",
+    "audit:check": "npm audit --audit-level=high",
+    "prepublishOnly": "npm run lint && npm run typecheck && npm run test && npm run build"
+  },
+  "keywords": [
+    "web-components",
+    "security",
+    "ui",
+    "form-components",
+    "typescript",
+    "progressive-enhancement",
+    "zero-dependencies",
+    "xss-prevention",
+    "audit-logging",
+    "input-validation",
+    "shadow-dom",
+    "custom-elements"
+  ],
+  "author": "Barry Prendergast <barryprendergast@gmail.com>",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/Barryprender/Secure-UI.git"
+  },
+  "bugs": {
+    "url": "https://github.com/Barryprender/Secure-UI/issues"
+  },
+  "homepage": "https://github.com/Barryprender/Secure-UI#readme",
+  "devDependencies": {
+    "@size-limit/preset-small-lib": "^12.0.1",
+    "@vitest/coverage-v8": "^4.0.18",
+    "axe-core": "^4.11.1",
+    "cors": "^2.8.5",
+    "eslint-plugin-security": "^4.0.0",
+    "express": "^4.18.2",
+    "happy-dom": "^20.4.0",
+    "jsdom": "^27.4.0",
+    "size-limit": "^12.0.1",
+    "typescript": "^5.5.0",
+    "typescript-eslint": "^8.57.0",
+    "vitest": "^4.0.18"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}