specra 0.1.13 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (276) hide show
  1. package/LICENSE.MD +25 -4
  2. package/README.md +67 -58
  3. package/config/specra.config.schema.json +16 -0
  4. package/config/svelte-config.js +63 -0
  5. package/dist/api-parser.types.d.ts +59 -0
  6. package/dist/api-parser.types.js +5 -0
  7. package/dist/api.types.d.ts +137 -0
  8. package/dist/api.types.js +5 -0
  9. package/dist/category.d.ts +21 -0
  10. package/dist/category.js +48 -0
  11. package/dist/components/ConfigProvider.svelte +13 -0
  12. package/dist/components/ConfigProvider.svelte.d.ts +31 -0
  13. package/dist/components/docs/Accordion.svelte +18 -0
  14. package/dist/components/docs/Accordion.svelte.d.ts +10 -0
  15. package/dist/components/docs/AccordionItem.svelte +41 -0
  16. package/dist/components/docs/AccordionItem.svelte.d.ts +10 -0
  17. package/dist/components/docs/Badge.svelte +28 -0
  18. package/dist/components/docs/Badge.svelte.d.ts +9 -0
  19. package/dist/components/docs/Breadcrumb.svelte +80 -0
  20. package/dist/components/docs/Breadcrumb.svelte.d.ts +8 -0
  21. package/dist/components/docs/Callout.svelte +96 -0
  22. package/dist/components/docs/Callout.svelte.d.ts +10 -0
  23. package/dist/components/docs/Card.svelte +63 -0
  24. package/dist/components/docs/Card.svelte.d.ts +12 -0
  25. package/dist/components/docs/CardGrid.svelte +24 -0
  26. package/dist/components/docs/CardGrid.svelte.d.ts +8 -0
  27. package/dist/components/docs/CategoryIndex.svelte +110 -0
  28. package/dist/components/docs/CategoryIndex.svelte.d.ts +29 -0
  29. package/dist/components/docs/CodeBlock.svelte +172 -0
  30. package/dist/components/docs/CodeBlock.svelte.d.ts +8 -0
  31. package/dist/components/docs/Column.svelte +25 -0
  32. package/dist/components/docs/Column.svelte.d.ts +8 -0
  33. package/dist/components/docs/Columns.svelte +38 -0
  34. package/dist/components/docs/Columns.svelte.d.ts +13 -0
  35. package/dist/components/docs/DevModeBadge.svelte +15 -0
  36. package/dist/components/docs/DevModeBadge.svelte.d.ts +18 -0
  37. package/dist/components/docs/DocBadge.svelte +28 -0
  38. package/dist/components/docs/DocBadge.svelte.d.ts +9 -0
  39. package/dist/components/docs/DocLayout.svelte +107 -0
  40. package/dist/components/docs/DocLayout.svelte.d.ts +32 -0
  41. package/dist/components/docs/DocLoading.svelte +53 -0
  42. package/dist/components/docs/DocLoading.svelte.d.ts +18 -0
  43. package/dist/components/docs/DocMetadata.svelte +106 -0
  44. package/dist/components/docs/DocMetadata.svelte.d.ts +18 -0
  45. package/dist/components/docs/DocNavigation.svelte +56 -0
  46. package/dist/components/docs/DocNavigation.svelte.d.ts +12 -0
  47. package/dist/components/docs/DocTags.svelte +22 -0
  48. package/dist/components/docs/DocTags.svelte.d.ts +6 -0
  49. package/dist/components/docs/DraftBadge.svelte +10 -0
  50. package/dist/components/docs/DraftBadge.svelte.d.ts +18 -0
  51. package/dist/components/docs/Footer.svelte +72 -0
  52. package/dist/components/docs/Footer.svelte.d.ts +7 -0
  53. package/dist/components/docs/Frame.svelte +27 -0
  54. package/dist/components/docs/Frame.svelte.d.ts +9 -0
  55. package/dist/components/docs/Header.svelte +123 -0
  56. package/dist/components/docs/Header.svelte.d.ts +9 -0
  57. package/dist/components/docs/HeaderWithMenu.svelte +34 -0
  58. package/dist/components/docs/HeaderWithMenu.svelte.d.ts +17 -0
  59. package/dist/components/docs/HotReloadIndicator.svelte +44 -0
  60. package/dist/components/docs/HotReloadIndicator.svelte.d.ts +3 -0
  61. package/dist/components/docs/Icon.svelte +103 -0
  62. package/dist/components/docs/Icon.svelte.d.ts +11 -0
  63. package/dist/components/docs/Image.svelte +88 -0
  64. package/dist/components/docs/Image.svelte.d.ts +11 -0
  65. package/dist/components/docs/ImageCard.svelte +91 -0
  66. package/dist/components/docs/ImageCard.svelte.d.ts +12 -0
  67. package/dist/components/docs/ImageCardGrid.svelte +25 -0
  68. package/dist/components/docs/ImageCardGrid.svelte.d.ts +8 -0
  69. package/dist/components/docs/LayoutProviders.svelte +57 -0
  70. package/dist/components/docs/LayoutProviders.svelte.d.ts +9 -0
  71. package/dist/components/docs/Logo.svelte +25 -0
  72. package/dist/components/docs/Logo.svelte.d.ts +11 -0
  73. package/dist/components/docs/Math.svelte +54 -0
  74. package/dist/components/docs/Math.svelte.d.ts +7 -0
  75. package/dist/components/docs/MdxContent.svelte +41 -0
  76. package/dist/components/docs/MdxHotReload.svelte +78 -0
  77. package/dist/components/docs/MdxHotReload.svelte.d.ts +9 -0
  78. package/dist/components/docs/MdxLayout.svelte +16 -0
  79. package/dist/components/docs/MdxLayout.svelte.d.ts +6 -0
  80. package/dist/components/docs/Mermaid.svelte +88 -0
  81. package/dist/components/docs/Mermaid.svelte.d.ts +7 -0
  82. package/dist/components/docs/MobileDocLayout.svelte +211 -0
  83. package/dist/components/docs/MobileDocLayout.svelte.d.ts +35 -0
  84. package/dist/components/docs/MobileSidebar.svelte +122 -0
  85. package/dist/components/docs/MobileSidebar.svelte.d.ts +31 -0
  86. package/dist/components/docs/MobileSidebarWrapper.svelte +122 -0
  87. package/dist/components/docs/MobileSidebarWrapper.svelte.d.ts +32 -0
  88. package/dist/components/docs/NotFoundContent.svelte +40 -0
  89. package/dist/components/docs/NotFoundContent.svelte.d.ts +6 -0
  90. package/dist/components/docs/SearchHighlight.svelte +116 -0
  91. package/dist/components/docs/SearchHighlight.svelte.d.ts +3 -0
  92. package/dist/components/docs/SearchModal.svelte +239 -0
  93. package/dist/components/docs/SearchModal.svelte.d.ts +9 -0
  94. package/dist/components/docs/Sidebar.svelte +69 -0
  95. package/dist/components/docs/Sidebar.svelte.d.ts +31 -0
  96. package/dist/components/docs/SidebarMenuItems.svelte +344 -0
  97. package/dist/components/docs/SidebarMenuItems.svelte.d.ts +33 -0
  98. package/dist/components/docs/SidebarSkeleton.svelte +50 -0
  99. package/dist/components/docs/SidebarSkeleton.svelte.d.ts +18 -0
  100. package/dist/components/docs/SiteBanner.svelte +92 -0
  101. package/dist/components/docs/SiteBanner.svelte.d.ts +7 -0
  102. package/dist/components/docs/Step.svelte +44 -0
  103. package/dist/components/docs/Step.svelte.d.ts +8 -0
  104. package/dist/components/docs/Steps.svelte +15 -0
  105. package/dist/components/docs/Steps.svelte.d.ts +7 -0
  106. package/dist/components/docs/Tab.svelte +40 -0
  107. package/dist/components/docs/Tab.svelte.d.ts +8 -0
  108. package/dist/components/docs/TabGroups.svelte +183 -0
  109. package/dist/components/docs/TabGroups.svelte.d.ts +25 -0
  110. package/dist/components/docs/TableOfContents.svelte +100 -0
  111. package/dist/components/docs/TableOfContents.svelte.d.ts +9 -0
  112. package/dist/components/docs/Tabs.svelte +69 -0
  113. package/dist/components/docs/Tabs.svelte.d.ts +8 -0
  114. package/dist/components/docs/ThemeToggle.svelte +16 -0
  115. package/dist/components/docs/ThemeToggle.svelte.d.ts +18 -0
  116. package/dist/components/docs/Tooltip.svelte +44 -0
  117. package/dist/components/docs/Tooltip.svelte.d.ts +10 -0
  118. package/dist/components/docs/VersionSwitcher.svelte +95 -0
  119. package/dist/components/docs/VersionSwitcher.svelte.d.ts +7 -0
  120. package/dist/components/docs/Video.svelte +84 -0
  121. package/dist/components/docs/Video.svelte.d.ts +12 -0
  122. package/dist/components/docs/api/ApiEndpoint.svelte +61 -0
  123. package/dist/components/docs/api/ApiEndpoint.svelte.d.ts +11 -0
  124. package/dist/components/docs/api/ApiParams.svelte +80 -0
  125. package/dist/components/docs/api/ApiParams.svelte.d.ts +14 -0
  126. package/dist/components/docs/api/ApiPlayground.svelte +259 -0
  127. package/dist/components/docs/api/ApiPlayground.svelte.d.ts +16 -0
  128. package/dist/components/docs/api/ApiReference.svelte +278 -0
  129. package/dist/components/docs/api/ApiReference.svelte.d.ts +23 -0
  130. package/dist/components/docs/api/ApiResponse.svelte +66 -0
  131. package/dist/components/docs/api/ApiResponse.svelte.d.ts +9 -0
  132. package/dist/components/docs/api/index.d.ts +5 -0
  133. package/dist/components/docs/api/index.js +5 -0
  134. package/dist/components/docs/componentTextProps.d.ts +3 -0
  135. package/dist/components/docs/componentTextProps.js +61 -0
  136. package/dist/components/docs/index.d.ts +54 -0
  137. package/dist/components/docs/index.js +56 -0
  138. package/dist/components/global/VersionNotFound.svelte +48 -0
  139. package/dist/components/global/VersionNotFound.svelte.d.ts +7 -0
  140. package/dist/components/global/index.d.ts +1 -0
  141. package/dist/components/global/index.js +1 -0
  142. package/dist/components/index.d.ts +6 -822
  143. package/dist/components/index.js +11 -3854
  144. package/dist/components/ui/Badge.svelte +48 -0
  145. package/dist/components/ui/Badge.svelte.d.ts +15 -0
  146. package/dist/components/ui/Button.svelte +58 -0
  147. package/dist/components/ui/Button.svelte.d.ts +17 -0
  148. package/dist/components/ui/Dialog.svelte +16 -0
  149. package/dist/components/ui/Dialog.svelte.d.ts +9 -0
  150. package/dist/components/ui/DialogClose.svelte +16 -0
  151. package/dist/components/ui/DialogClose.svelte.d.ts +9 -0
  152. package/dist/components/ui/DialogContent.svelte +43 -0
  153. package/dist/components/ui/DialogContent.svelte.d.ts +10 -0
  154. package/dist/components/ui/DialogDescription.svelte +21 -0
  155. package/dist/components/ui/DialogDescription.svelte.d.ts +9 -0
  156. package/dist/components/ui/DialogFooter.svelte +20 -0
  157. package/dist/components/ui/DialogFooter.svelte.d.ts +9 -0
  158. package/dist/components/ui/DialogHeader.svelte +20 -0
  159. package/dist/components/ui/DialogHeader.svelte.d.ts +9 -0
  160. package/dist/components/ui/DialogTitle.svelte +21 -0
  161. package/dist/components/ui/DialogTitle.svelte.d.ts +9 -0
  162. package/dist/components/ui/Input.svelte +23 -0
  163. package/dist/components/ui/Input.svelte.d.ts +8 -0
  164. package/dist/components/ui/Textarea.svelte +19 -0
  165. package/dist/components/ui/Textarea.svelte.d.ts +7 -0
  166. package/dist/components/ui/index.d.ts +11 -0
  167. package/dist/components/ui/index.js +11 -0
  168. package/dist/config.d.ts +8 -0
  169. package/dist/config.js +9 -0
  170. package/dist/config.schema.json +471 -0
  171. package/dist/config.server.d.ts +46 -0
  172. package/dist/config.server.js +149 -0
  173. package/dist/{mdx-ColN3Cyg.d.mts → config.types.d.ts} +22 -75
  174. package/dist/config.types.js +39 -0
  175. package/dist/dev-utils.d.ts +29 -0
  176. package/dist/dev-utils.js +63 -0
  177. package/dist/index.d.ts +19 -4
  178. package/dist/index.js +25 -4861
  179. package/dist/mdx-cache.d.ts +41 -0
  180. package/dist/mdx-cache.js +160 -0
  181. package/dist/mdx-components.js +50 -1931
  182. package/dist/mdx-security.d.ts +76 -0
  183. package/dist/mdx-security.js +217 -0
  184. package/dist/mdx.d.ts +73 -0
  185. package/dist/mdx.js +1099 -0
  186. package/dist/middleware/index.d.ts +1 -0
  187. package/dist/middleware/index.js +2 -0
  188. package/dist/middleware/security.d.ts +22 -47
  189. package/dist/middleware/security.js +111 -137
  190. package/dist/parsers/base-parser.d.ts +14 -0
  191. package/dist/parsers/base-parser.js +1 -0
  192. package/dist/parsers/index.d.ts +16 -0
  193. package/dist/parsers/index.js +51 -0
  194. package/dist/parsers/openapi-parser.d.ts +18 -0
  195. package/dist/parsers/openapi-parser.js +209 -0
  196. package/dist/parsers/postman-parser.d.ts +20 -0
  197. package/dist/parsers/postman-parser.js +260 -0
  198. package/dist/parsers/specra-parser.d.ts +10 -0
  199. package/dist/parsers/specra-parser.js +18 -0
  200. package/dist/redirects.d.ts +12 -0
  201. package/dist/redirects.js +30 -0
  202. package/dist/remark-code-meta.d.ts +6 -0
  203. package/dist/remark-code-meta.js +21 -0
  204. package/dist/sidebar-utils.d.ts +59 -0
  205. package/dist/sidebar-utils.js +144 -0
  206. package/dist/stores/config.d.ts +20 -0
  207. package/dist/stores/config.js +45 -0
  208. package/dist/stores/index.d.ts +4 -0
  209. package/dist/stores/index.js +4 -0
  210. package/dist/stores/sidebar.d.ts +7 -0
  211. package/dist/stores/sidebar.js +12 -0
  212. package/dist/stores/tabs.d.ts +6 -0
  213. package/dist/stores/tabs.js +41 -0
  214. package/dist/stores/theme.d.ts +7 -0
  215. package/dist/stores/theme.js +75 -0
  216. package/dist/{styles.css → styles/globals.css} +136 -6
  217. package/dist/toc.d.ts +9 -0
  218. package/dist/toc.js +15 -0
  219. package/dist/utils.d.ts +13 -0
  220. package/dist/utils.js +30 -0
  221. package/package.json +47 -90
  222. package/dist/app/api/mdx-watch/route.d.mts +0 -10
  223. package/dist/app/api/mdx-watch/route.d.ts +0 -10
  224. package/dist/app/api/mdx-watch/route.js +0 -118
  225. package/dist/app/api/mdx-watch/route.js.map +0 -1
  226. package/dist/app/api/mdx-watch/route.mjs +0 -91
  227. package/dist/app/api/mdx-watch/route.mjs.map +0 -1
  228. package/dist/chunk-6S3EJVEO.mjs +0 -259
  229. package/dist/chunk-6S3EJVEO.mjs.map +0 -1
  230. package/dist/chunk-BE7EROIW.mjs +0 -212
  231. package/dist/chunk-BE7EROIW.mjs.map +0 -1
  232. package/dist/chunk-CWHRZHZO.mjs +0 -168
  233. package/dist/chunk-CWHRZHZO.mjs.map +0 -1
  234. package/dist/chunk-D5VDVYFY.mjs +0 -1325
  235. package/dist/chunk-D5VDVYFY.mjs.map +0 -1
  236. package/dist/chunk-WMCO2UX5.mjs +0 -585
  237. package/dist/chunk-WMCO2UX5.mjs.map +0 -1
  238. package/dist/chunk-XEMGCPZZ.mjs +0 -475
  239. package/dist/chunk-XEMGCPZZ.mjs.map +0 -1
  240. package/dist/components/index.d.mts +0 -822
  241. package/dist/components/index.js.map +0 -1
  242. package/dist/components/index.mjs +0 -3741
  243. package/dist/components/index.mjs.map +0 -1
  244. package/dist/index.d.mts +0 -4
  245. package/dist/index.js.map +0 -1
  246. package/dist/index.mjs +0 -1897
  247. package/dist/index.mjs.map +0 -1
  248. package/dist/layouts/index.d.mts +0 -34
  249. package/dist/layouts/index.d.ts +0 -34
  250. package/dist/layouts/index.js +0 -453
  251. package/dist/layouts/index.js.map +0 -1
  252. package/dist/layouts/index.mjs +0 -173
  253. package/dist/layouts/index.mjs.map +0 -1
  254. package/dist/lib/index.d.mts +0 -583
  255. package/dist/lib/index.d.ts +0 -583
  256. package/dist/lib/index.js +0 -1595
  257. package/dist/lib/index.js.map +0 -1
  258. package/dist/lib/index.mjs +0 -111
  259. package/dist/lib/index.mjs.map +0 -1
  260. package/dist/mdx-ColN3Cyg.d.ts +0 -352
  261. package/dist/mdx-components.d.mts +0 -86
  262. package/dist/mdx-components.d.ts +0 -86
  263. package/dist/mdx-components.js.map +0 -1
  264. package/dist/mdx-components.mjs +0 -206
  265. package/dist/mdx-components.mjs.map +0 -1
  266. package/dist/middleware/security.d.mts +0 -82
  267. package/dist/middleware/security.js.map +0 -1
  268. package/dist/middleware/security.mjs +0 -84
  269. package/dist/middleware/security.mjs.map +0 -1
  270. package/dist/styles.css.map +0 -1
  271. package/dist/styles.d.mts +0 -2
  272. package/dist/styles.d.ts +0 -2
  273. package/dist/styles.js +0 -2
  274. package/dist/styles.js.map +0 -1
  275. package/dist/styles.mjs +0 -1
  276. package/dist/styles.mjs.map +0 -1
package/dist/middleware/security.d.mts DELETED
@@ -1,82 +0,0 @@
1
- import { NextResponse, NextRequest } from 'next/server';
2
-
3
- /**
4
- * Security Middleware for Next.js
5
- *
6
- * Implements:
7
- * - Content Security Policy (CSP)
8
- * - Additional security headers
9
- * - Path traversal protection
10
- */
11
-
12
- /**
13
- * Security headers configuration
14
- */
15
- declare const SECURITY_HEADERS: {
16
- "X-Frame-Options": string;
17
- "X-Content-Type-Options": string;
18
- "X-XSS-Protection": string;
19
- "Referrer-Policy": string;
20
- "Permissions-Policy": string;
21
- };
22
- /**
23
- * Apply security headers to response
24
- */
25
- declare function applySecurityHeaders(response: NextResponse, options?: {
26
- customCSP?: string;
27
- production?: boolean;
28
- }): NextResponse;
29
- /**
30
- * Validate request path for security issues
31
- */
32
- declare function validateRequestPath(pathname: string): {
33
- valid: boolean;
34
- reason?: string;
35
- };
36
- /**
37
- * Security proxy function (Next.js 16+)
38
- * Add this to your Next.js proxy.ts file
39
- */
40
- declare function createSecurityProxy(options?: {
41
- customCSP?: string;
42
- production?: boolean;
43
- strictPathValidation?: boolean;
44
- }): (request: NextRequest) => NextResponse;
45
- /**
46
- * @deprecated Use createSecurityProxy instead. Middleware is renamed to Proxy in Next.js 16+
47
- */
48
- declare const createSecurityMiddleware: typeof createSecurityProxy;
49
- /**
50
- * Example proxy configuration for your project
51
- *
52
- * Create this file: proxy.ts (at root of your Next.js app)
53
- *
54
- * ```typescript
55
- * import { createSecurityProxy } from 'specra/middleware/security'
56
- *
57
- * export const proxy = createSecurityProxy({
58
- * production: process.env.NODE_ENV === 'production',
59
- * strictPathValidation: true,
60
- * })
61
- *
62
- * export const config = {
63
- * matcher: [
64
- * // Match all paths except static files
65
- * '/((?!_next/static|_next/image|favicon.ico).*)',
66
- * ],
67
- * }
68
- * ```
69
- */
70
- /**
71
- * Validate subdomain/organization isolation
72
- * Use this if you're building a multi-tenant system
73
- */
74
- declare function validateSubdomainIsolation(request: NextRequest, options: {
75
- allowedSubdomains?: string[];
76
- currentOrg?: string;
77
- }): {
78
- valid: boolean;
79
- reason?: string;
80
- };
81
-
82
- export { SECURITY_HEADERS, applySecurityHeaders, createSecurityMiddleware, createSecurityProxy, validateRequestPath, validateSubdomainIsolation };
package/dist/middleware/security.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../src/middleware/security.ts","../../src/lib/mdx-security.ts"],"sourcesContent":["/**\n * Security Middleware for Next.js\n *\n * Implements:\n * - Content Security Policy (CSP)\n * - Additional security headers\n * - Path traversal protection\n */\n\nimport { NextResponse, type NextRequest } from \"next/server\"\nimport { generateCSPHeader } from \"../lib/mdx-security\"\n\n/**\n * Security headers configuration\n */\nexport const SECURITY_HEADERS = {\n // Prevent clickjacking\n \"X-Frame-Options\": \"SAMEORIGIN\",\n\n // Prevent MIME type sniffing\n \"X-Content-Type-Options\": \"nosniff\",\n\n // Enable XSS protection (legacy browsers)\n \"X-XSS-Protection\": \"1; mode=block\",\n\n // Control referrer information\n \"Referrer-Policy\": \"strict-origin-when-cross-origin\",\n\n // Permissions Policy (formerly Feature Policy)\n \"Permissions-Policy\": \"camera=(), microphone=(), geolocation=()\",\n}\n\n/**\n * Apply security headers to response\n */\nexport function applySecurityHeaders(\n response: NextResponse,\n options?: {\n customCSP?: string\n production?: boolean\n }\n): NextResponse {\n const { customCSP, production = process.env.NODE_ENV === \"production\" } = options || {}\n\n // Apply standard security headers\n Object.entries(SECURITY_HEADERS).forEach(([key, value]) => {\n response.headers.set(key, value)\n })\n\n // Apply CSP\n const csp = customCSP || generateCSPHeader(undefined, production)\n response.headers.set(\"Content-Security-Policy\", csp)\n\n return response\n}\n\n/**\n * Validate request path for security issues\n */\nexport function validateRequestPath(pathname: string): {\n valid: boolean\n reason?: string\n} {\n // Decode the pathname to catch encoded attacks\n const decoded = decodeURIComponent(pathname)\n\n // Check for path traversal\n if (decoded.includes(\"../\") || decoded.includes(\"..\\\\\")) {\n return { valid: false, reason: \"Path traversal detected\" }\n }\n\n // Check for encoded path traversal\n if (\n decoded.includes(\"%2e%2e\") ||\n decoded.includes(\"%252e%252e\") ||\n pathname.includes(\"%2e%2e\") ||\n pathname.includes(\"%252e%252e\")\n ) {\n return { valid: false, reason: \"Encoded path traversal detected\" }\n }\n\n // Check for null bytes\n if (decoded.includes(\"\\0\") || pathname.includes(\"%00\")) {\n return { valid: false, reason: \"Null byte injection detected\" }\n }\n\n return { valid: true }\n}\n\n/**\n * Security proxy function (Next.js 16+)\n * Add this to your Next.js proxy.ts file\n */\nexport function createSecurityProxy(options?: {\n customCSP?: string\n production?: boolean\n strictPathValidation?: boolean\n}) {\n return function securityProxy(request: NextRequest): NextResponse {\n const { strictPathValidation = true } = options || {}\n\n // Validate request path\n if (strictPathValidation) {\n const pathValidation = validateRequestPath(request.nextUrl.pathname)\n if (!pathValidation.valid) {\n const ip = request.headers.get(\"x-forwarded-for\") ||\n request.headers.get(\"x-real-ip\") ||\n \"unknown\"\n console.warn(`[Security] Blocked request: ${pathValidation.reason}`, {\n path: request.nextUrl.pathname,\n ip,\n })\n return new NextResponse(\"Bad Request\", { status: 400 })\n }\n }\n\n // Continue with the request and apply security headers\n const response = NextResponse.next()\n return applySecurityHeaders(response, options)\n }\n}\n\n/**\n * @deprecated Use createSecurityProxy instead. Middleware is renamed to Proxy in Next.js 16+\n */\nexport const createSecurityMiddleware = createSecurityProxy\n\n/**\n * Example proxy configuration for your project\n *\n * Create this file: proxy.ts (at root of your Next.js app)\n *\n * ```typescript\n * import { createSecurityProxy } from 'specra/middleware/security'\n *\n * export const proxy = createSecurityProxy({\n * production: process.env.NODE_ENV === 'production',\n * strictPathValidation: true,\n * })\n *\n * export const config = {\n * matcher: [\n * // Match all paths except static files\n * '/((?!_next/static|_next/image|favicon.ico).*)',\n * ],\n * }\n * ```\n */\n\n/**\n * Validate subdomain/organization isolation\n * Use this if you're building a multi-tenant system\n */\nexport function validateSubdomainIsolation(\n request: NextRequest,\n options: {\n allowedSubdomains?: string[]\n currentOrg?: string\n }\n): { valid: boolean; reason?: string } {\n const { allowedSubdomains, currentOrg } = options\n\n const hostname = request.headers.get(\"host\") || \"\"\n const subdomain = hostname.split(\".\")[0]\n\n // If allowlist is provided, validate against it\n if (allowedSubdomains && !allowedSubdomains.includes(subdomain)) {\n return { valid: false, reason: \"Subdomain not in allowlist\" }\n }\n\n // Check for subdomain mismatch in paths\n // Example: docs.company-a.com should not access /_mintlify/static/company-b/\n const pathMatch = request.nextUrl.pathname.match(/\\/(static|assets|_.*?)\\/([^/]+)/)\n if (pathMatch && currentOrg) {\n const pathOrg = pathMatch[2]\n if (pathOrg !== currentOrg) {\n return { valid: false, reason: \"Cross-organization access detected\" }\n }\n }\n\n return { valid: true }\n}\n","/**\n * MDX Security Layer\n *\n * Protects against:\n * - XSS via malicious MDX expressions\n * - Path traversal attacks\n * - Dangerous component usage\n * - Cross-domain vulnerabilities\n */\n\nimport path from \"path\"\n\n/**\n * Sanitize file paths to prevent path traversal attacks\n * Blocks: ../, ..\\, absolute paths, encoded traversal attempts\n */\nexport function sanitizePath(userPath: string): string {\n // Decode URI components to catch encoded traversal attempts\n const decoded = decodeURIComponent(userPath)\n\n // Block path traversal patterns\n if (\n decoded.includes(\"../\") ||\n decoded.includes(\"..\\\\\") ||\n decoded.includes(\"%2e%2e\") ||\n decoded.includes(\"%252e%252e\") ||\n path.isAbsolute(decoded)\n ) {\n throw new Error(\"Path traversal detected\")\n }\n\n // Normalize and validate the path\n const normalized = path.normalize(decoded).replace(/\\\\/g, \"/\")\n\n // Ensure path doesn't escape after normalization\n if (normalized.startsWith(\"..\") || normalized.includes(\"/../\")) {\n throw new Error(\"Invalid path detected\")\n }\n\n return normalized\n}\n\n/**\n * Validate that a file path is within allowed directory\n */\nexport function validatePathWithinDirectory(filePath: string, allowedDir: string): boolean {\n const resolvedPath = path.resolve(allowedDir, filePath)\n const resolvedDir = path.resolve(allowedDir)\n\n return resolvedPath.startsWith(resolvedDir + path.sep) || resolvedPath === resolvedDir\n}\n\n/**\n * Dangerous MDX patterns that should be blocked\n * These patterns can execute arbitrary code during SSR\n */\nconst DANGEROUS_PATTERNS = [\n // JavaScript execution\n /eval\\s*\\(/gi,\n /Function\\s*\\(/gi,\n /import\\s*\\(/gi,\n /require\\s*\\(/gi,\n\n // File system access\n /fs\\.[a-z]+/gi,\n /readFile/gi,\n /writeFile/gi,\n /process\\.env/gi,\n\n // Network requests during SSR (legitimate client-side usage should use components)\n /fetch\\s*\\(/gi,\n\n // Dangerous Node.js modules\n /child_process/gi,\n /exec\\s*\\(/gi,\n /spawn\\s*\\(/gi,\n\n // Script tag injection\n /<script[>\\s]/gi,\n /javascript:/gi,\n /\\bon(abort|blur|cancel|canplay|canplaythrough|change|click|close|contextmenu|cuechange|dblclick|drag|dragend|dragenter|dragleave|dragover|dragstart|drop|durationchange|emptied|ended|error|focus|input|invalid|keydown|keypress|keyup|load|loadeddata|loadedmetadata|loadstart|mousedown|mouseenter|mouseleave|mousemove|mouseout|mouseover|mouseup|mousewheel|pause|play|playing|progress|ratechange|reset|resize|scroll|seeked|seeking|select|show|stalled|submit|suspend|timeupdate|toggle|volumechange|waiting|wheel)\\s*=/gi, // onclick, onerror, onload, etc.\n]\n\n/**\n * Remove code blocks from content to avoid scanning code examples\n * This prevents false positives from documentation code examples\n */\nfunction removeCodeBlocks(content: string): string {\n // Remove fenced code blocks (```...```)\n let withoutCodeBlocks = content.replace(/```[\\s\\S]*?```/g, '')\n\n // Remove inline code (`...`)\n withoutCodeBlocks = withoutCodeBlocks.replace(/`[^`]*`/g, '')\n\n return withoutCodeBlocks\n}\n\n/**\n * Scan MDX content for dangerous patterns\n * Returns array of detected issues\n * Note: Skips content inside code blocks to avoid false positives\n */\nexport function scanMDXForDangerousPatterns(content: string): string[] {\n const issues: string[] = []\n\n // Remove code blocks before scanning to avoid false positives\n const contentWithoutCode = removeCodeBlocks(content)\n\n for (const pattern of DANGEROUS_PATTERNS) {\n const matches = contentWithoutCode.match(pattern)\n if (matches) {\n issues.push(`Dangerous pattern detected: ${pattern.source}`)\n }\n }\n\n return issues\n}\n\n/**\n * Sanitize MDX content by removing/escaping dangerous patterns\n * This is a defensive measure - ideally content should be rejected if dangerous\n */\nexport function sanitizeMDXContent(content: string, strict: boolean = false): string {\n if (strict) {\n const issues = scanMDXForDangerousPatterns(content)\n if (issues.length > 0) {\n throw new Error(`MDX content contains dangerous patterns: ${issues.join(\", \")}`)\n }\n }\n\n // Remove inline script tags\n let sanitized = content.replace(/<script[^>]*>[\\s\\S]*?<\\/script>/gi, \"\")\n\n // Remove event handlers from HTML tags\n sanitized = sanitized.replace(/\\s+on\\w+\\s*=\\s*[\"'][^\"']*[\"']/gi, \"\")\n\n // Remove javascript: protocol\n sanitized = sanitized.replace(/javascript:/gi, \"\")\n\n return sanitized\n}\n\n/**\n * Content Security Policy configuration\n * Use this in your Next.js middleware or headers config\n */\nexport const CSP_DIRECTIVES = {\n \"default-src\": [\"'self'\"],\n \"script-src\": [\n \"'self'\",\n \"'unsafe-inline'\", // Required for Next.js\n \"'unsafe-eval'\", // Required for dev mode - remove in production\n ],\n \"style-src\": [\"'self'\", \"'unsafe-inline'\"], // Required for styled-components/emotion\n \"img-src\": [\"'self'\", \"data:\", \"https:\"],\n \"font-src\": [\"'self'\", \"data:\"],\n \"connect-src\": [\"'self'\"],\n \"frame-src\": [\"'self'\"],\n \"object-src\": [\"'none'\"],\n \"base-uri\": [\"'self'\"],\n \"form-action\": [\"'self'\"],\n \"frame-ancestors\": [\"'self'\"],\n \"upgrade-insecure-requests\": [],\n} as const\n\n/**\n * Generate CSP header value from directives\n */\nexport function generateCSPHeader(\n customDirectives?: Partial<typeof CSP_DIRECTIVES>,\n production: boolean = true\n): string {\n const directives: Record<string, readonly string[]> = { ...CSP_DIRECTIVES, ...customDirectives }\n\n // Remove unsafe-eval in production\n if (production && directives[\"script-src\"]) {\n directives[\"script-src\"] = directives[\"script-src\"].filter(\n (src) => src !== \"'unsafe-eval'\"\n )\n }\n\n return Object.entries(directives)\n .map(([key, values]) => `${key} ${values.join(\" \")}`)\n .join(\"; \")\n}\n\n/**\n * Allowlist of safe MDX components\n * Only these components can be used in MDX files\n */\nexport const SAFE_MDX_COMPONENTS = new Set([\n // Standard HTML elements (automatically allowed by MDX)\n \"h1\", \"h2\", \"h3\", \"h4\", \"h5\", \"h6\",\n \"p\", \"a\", \"ul\", \"ol\", \"li\", \"code\", \"pre\",\n \"blockquote\", \"table\", \"thead\", \"tbody\", \"tr\", \"th\", \"td\",\n \"img\", \"video\", \"audio\", \"br\", \"hr\", \"strong\", \"em\",\n\n // Custom safe components\n \"Callout\", \"CodeBlock\", \"Accordion\", \"AccordionItem\",\n \"Tabs\", \"Tab\", \"Image\", \"Video\", \"Card\", \"CardGrid\",\n \"ImageCard\", \"ImageCardGrid\", \"Steps\", \"Step\",\n \"Icon\", \"Mermaid\", \"Math\", \"Columns\", \"Column\",\n \"Badge\", \"Tooltip\", \"Frame\",\n \"ApiEndpoint\", \"ApiParams\", \"ApiResponse\", \"ApiPlayground\", \"ApiReference\",\n])\n\n/**\n * Validate component usage in MDX\n */\nexport function validateMDXComponents(content: string): { valid: boolean; issues: string[] } {\n const issues: string[] = []\n\n // Find all JSX-like component usage\n const componentRegex = /<([A-Z][a-zA-Z0-9]*)/g\n let match\n\n while ((match = componentRegex.exec(content)) !== null) {\n const componentName = match[1]\n if (!SAFE_MDX_COMPONENTS.has(componentName)) {\n issues.push(`Unsafe component detected: ${componentName}`)\n }\n }\n\n return {\n valid: issues.length === 0,\n issues,\n }\n}\n\n/**\n * Comprehensive MDX security check\n * Use this before processing MDX content\n */\nexport function validateMDXSecurity(\n content: string,\n options: {\n strictMode?: boolean\n allowCustomComponents?: boolean\n blockDangerousPatterns?: boolean\n } = {}\n): { valid: boolean; issues: string[]; sanitized?: string } {\n const {\n strictMode = false,\n allowCustomComponents = true,\n blockDangerousPatterns = true,\n } = options\n\n const issues: string[] = []\n\n // Check for dangerous patterns\n if (blockDangerousPatterns) {\n const patternIssues = scanMDXForDangerousPatterns(content)\n issues.push(...patternIssues)\n }\n\n // Validate components\n if (!allowCustomComponents) {\n const componentValidation = validateMDXComponents(content)\n if (!componentValidation.valid) {\n issues.push(...componentValidation.issues)\n }\n }\n\n // In strict mode, reject any issues\n if (strictMode && issues.length > 0) {\n return { valid: false, issues }\n }\n\n // Otherwise, sanitize and warn\n const sanitized = sanitizeMDXContent(content, false)\n\n return {\n valid: true,\n issues,\n sanitized,\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AASA,oBAA+C;;;ACyIxC,IAAM,iBAAiB;AAAA,EAC5B,eAAe,CAAC,QAAQ;AAAA,EACxB,cAAc;AAAA,IACZ;AAAA,IACA;AAAA;AAAA,IACA;AAAA;AAAA,EACF;AAAA,EACA,aAAa,CAAC,UAAU,iBAAiB;AAAA;AAAA,EACzC,WAAW,CAAC,UAAU,SAAS,QAAQ;AAAA,EACvC,YAAY,CAAC,UAAU,OAAO;AAAA,EAC9B,eAAe,CAAC,QAAQ;AAAA,EACxB,aAAa,CAAC,QAAQ;AAAA,EACtB,cAAc,CAAC,QAAQ;AAAA,EACvB,YAAY,CAAC,QAAQ;AAAA,EACrB,eAAe,CAAC,QAAQ;AAAA,EACxB,mBAAmB,CAAC,QAAQ;AAAA,EAC5B,6BAA6B,CAAC;AAChC;AAKO,SAAS,kBACd,kBACA,aAAsB,MACd;AACR,QAAM,aAAgD,EAAE,GAAG,gBAAgB,GAAG,iBAAiB;AAG/F,MAAI,cAAc,WAAW,YAAY,GAAG;AAC1C,eAAW,YAAY,IAAI,WAAW,YAAY,EAAE;AAAA,MAClD,CAAC,QAAQ,QAAQ;AAAA,IACnB;AAAA,EACF;AAEA,SAAO,OAAO,QAAQ,UAAU,EAC7B,IAAI,CAAC,CAAC,KAAK,MAAM,MAAM,GAAG,GAAG,IAAI,OAAO,KAAK,GAAG,CAAC,EAAE,EACnD,KAAK,IAAI;AACd;;;ADzKO,IAAM,mBAAmB;AAAA;AAAA,EAE9B,mBAAmB;AAAA;AAAA,EAGnB,0BAA0B;AAAA;AAAA,EAG1B,oBAAoB;AAAA;AAAA,EAGpB,mBAAmB;AAAA;AAAA,EAGnB,sBAAsB;AACxB;AAKO,SAAS,qBACd,UACA,SAIc;AACd,QAAM,EAAE,WAAW,aAAa,QAAQ,IAAI,aAAa,aAAa,IAAI,WAAW,CAAC;AAGtF,SAAO,QAAQ,gBAAgB,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AACzD,aAAS,QAAQ,IAAI,KAAK,KAAK;AAAA,EACjC,CAAC;AAGD,QAAM,MAAM,aAAa,kBAAkB,QAAW,UAAU;AAChE,WAAS,QAAQ,IAAI,2BAA2B,GAAG;AAEnD,SAAO;AACT;AAKO,SAAS,oBAAoB,UAGlC;AAEA,QAAM,UAAU,mBAAmB,QAAQ;AAG3C,MAAI,QAAQ,SAAS,KAAK,KAAK,QAAQ,SAAS,MAAM,GAAG;AACvD,WAAO,EAAE,OAAO,OAAO,QAAQ,0BAA0B;AAAA,EAC3D;AAGA,MACE,QAAQ,SAAS,QAAQ,KACzB,QAAQ,SAAS,YAAY,KAC7B,SAAS,SAAS,QAAQ,KAC1B,SAAS,SAAS,YAAY,GAC9B;AACA,WAAO,EAAE,OAAO,OAAO,QAAQ,kCAAkC;AAAA,EACnE;AAGA,MAAI,QAAQ,SAAS,IAAI,KAAK,SAAS,SAAS,KAAK,GAAG;AACtD,WAAO,EAAE,OAAO,OAAO,QAAQ,+BAA+B;AAAA,EAChE;AAEA,SAAO,EAAE,OAAO,KAAK;AACvB;AAMO,SAAS,oBAAoB,SAIjC;AACD,SAAO,SAAS,cAAc,SAAoC;AAChE,UAAM,EAAE,uBAAuB,KAAK,IAAI,WAAW,CAAC;AAGpD,QAAI,sBAAsB;AACxB,YAAM,iBAAiB,oBAAoB,QAAQ,QAAQ,QAAQ;AACnE,UAAI,CAAC,eAAe,OAAO;AACzB,cAAM,KAAK,QAAQ,QAAQ,IAAI,iBAAiB,KACrC,QAAQ,QAAQ,IAAI,WAAW,KAC/B;AACX,gBAAQ,KAAK,+BAA+B,eAAe,MAAM,IAAI;AAAA,UACnE,MAAM,QAAQ,QAAQ;AAAA,UACtB;AAAA,QACF,CAAC;AACD,eAAO,IAAI,2BAAa,eAAe,EAAE,QAAQ,IAAI,CAAC;AAAA,MACxD;AAAA,IACF;AAGA,UAAM,WAAW,2BAAa,KAAK;AACnC,WAAO,qBAAqB,UAAU,OAAO;AAAA,EAC/C;AACF;AAKO,IAAM,2BAA2B;AA4BjC,SAAS,2BACd,SACA,SAIqC;AACrC,QAAM,EAAE,mBAAmB,WAAW,IAAI;AAE1C,QAAM,WAAW,QAAQ,QAAQ,IAAI,MAAM,KAAK;AAChD,QAAM,YAAY,SAAS,MAAM,GAAG,EAAE,CAAC;AAGvC,MAAI,qBAAqB,CAAC,kBAAkB,SAAS,SAAS,GAAG;AAC/D,WAAO,EAAE,OAAO,OAAO,QAAQ,6BAA6B;AAAA,EAC9D;AAIA,QAAM,YAAY,QAAQ,QAAQ,SAAS,MAAM,iCAAiC;AAClF,MAAI,aAAa,YAAY;AAC3B,UAAM,UAAU,UAAU,CAAC;AAC3B,QAAI,YAAY,YAAY;AAC1B,aAAO,EAAE,OAAO,OAAO,QAAQ,qCAAqC;AAAA,IACtE;AAAA,EACF;AAEA,SAAO,EAAE,OAAO,KAAK;AACvB;","names":[]}
package/dist/middleware/security.mjs DELETED
@@ -1,84 +0,0 @@
1
- import {
2
- generateCSPHeader
3
- } from "../chunk-BE7EROIW.mjs";
4
-
5
- // src/middleware/security.ts
6
- import { NextResponse } from "next/server";
7
- var SECURITY_HEADERS = {
8
- // Prevent clickjacking
9
- "X-Frame-Options": "SAMEORIGIN",
10
- // Prevent MIME type sniffing
11
- "X-Content-Type-Options": "nosniff",
12
- // Enable XSS protection (legacy browsers)
13
- "X-XSS-Protection": "1; mode=block",
14
- // Control referrer information
15
- "Referrer-Policy": "strict-origin-when-cross-origin",
16
- // Permissions Policy (formerly Feature Policy)
17
- "Permissions-Policy": "camera=(), microphone=(), geolocation=()"
18
- };
19
- function applySecurityHeaders(response, options) {
20
- const { customCSP, production = process.env.NODE_ENV === "production" } = options || {};
21
- Object.entries(SECURITY_HEADERS).forEach(([key, value]) => {
22
- response.headers.set(key, value);
23
- });
24
- const csp = customCSP || generateCSPHeader(void 0, production);
25
- response.headers.set("Content-Security-Policy", csp);
26
- return response;
27
- }
28
- function validateRequestPath(pathname) {
29
- const decoded = decodeURIComponent(pathname);
30
- if (decoded.includes("../") || decoded.includes("..\\")) {
31
- return { valid: false, reason: "Path traversal detected" };
32
- }
33
- if (decoded.includes("%2e%2e") || decoded.includes("%252e%252e") || pathname.includes("%2e%2e") || pathname.includes("%252e%252e")) {
34
- return { valid: false, reason: "Encoded path traversal detected" };
35
- }
36
- if (decoded.includes("\0") || pathname.includes("%00")) {
37
- return { valid: false, reason: "Null byte injection detected" };
38
- }
39
- return { valid: true };
40
- }
41
- function createSecurityProxy(options) {
42
- return function securityProxy(request) {
43
- const { strictPathValidation = true } = options || {};
44
- if (strictPathValidation) {
45
- const pathValidation = validateRequestPath(request.nextUrl.pathname);
46
- if (!pathValidation.valid) {
47
- const ip = request.headers.get("x-forwarded-for") || request.headers.get("x-real-ip") || "unknown";
48
- console.warn(`[Security] Blocked request: ${pathValidation.reason}`, {
49
- path: request.nextUrl.pathname,
50
- ip
51
- });
52
- return new NextResponse("Bad Request", { status: 400 });
53
- }
54
- }
55
- const response = NextResponse.next();
56
- return applySecurityHeaders(response, options);
57
- };
58
- }
59
- var createSecurityMiddleware = createSecurityProxy;
60
- function validateSubdomainIsolation(request, options) {
61
- const { allowedSubdomains, currentOrg } = options;
62
- const hostname = request.headers.get("host") || "";
63
- const subdomain = hostname.split(".")[0];
64
- if (allowedSubdomains && !allowedSubdomains.includes(subdomain)) {
65
- return { valid: false, reason: "Subdomain not in allowlist" };
66
- }
67
- const pathMatch = request.nextUrl.pathname.match(/\/(static|assets|_.*?)\/([^/]+)/);
68
- if (pathMatch && currentOrg) {
69
- const pathOrg = pathMatch[2];
70
- if (pathOrg !== currentOrg) {
71
- return { valid: false, reason: "Cross-organization access detected" };
72
- }
73
- }
74
- return { valid: true };
75
- }
76
- export {
77
- SECURITY_HEADERS,
78
- applySecurityHeaders,
79
- createSecurityMiddleware,
80
- createSecurityProxy,
81
- validateRequestPath,
82
- validateSubdomainIsolation
83
- };
84
- //# sourceMappingURL=security.mjs.map
package/dist/middleware/security.mjs.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../../src/middleware/security.ts"],"sourcesContent":["/**\n * Security Middleware for Next.js\n *\n * Implements:\n * - Content Security Policy (CSP)\n * - Additional security headers\n * - Path traversal protection\n */\n\nimport { NextResponse, type NextRequest } from \"next/server\"\nimport { generateCSPHeader } from \"../lib/mdx-security\"\n\n/**\n * Security headers configuration\n */\nexport const SECURITY_HEADERS = {\n // Prevent clickjacking\n \"X-Frame-Options\": \"SAMEORIGIN\",\n\n // Prevent MIME type sniffing\n \"X-Content-Type-Options\": \"nosniff\",\n\n // Enable XSS protection (legacy browsers)\n \"X-XSS-Protection\": \"1; mode=block\",\n\n // Control referrer information\n \"Referrer-Policy\": \"strict-origin-when-cross-origin\",\n\n // Permissions Policy (formerly Feature Policy)\n \"Permissions-Policy\": \"camera=(), microphone=(), geolocation=()\",\n}\n\n/**\n * Apply security headers to response\n */\nexport function applySecurityHeaders(\n response: NextResponse,\n options?: {\n customCSP?: string\n production?: boolean\n }\n): NextResponse {\n const { customCSP, production = process.env.NODE_ENV === \"production\" } = options || {}\n\n // Apply standard security headers\n Object.entries(SECURITY_HEADERS).forEach(([key, value]) => {\n response.headers.set(key, value)\n })\n\n // Apply CSP\n const csp = customCSP || generateCSPHeader(undefined, production)\n response.headers.set(\"Content-Security-Policy\", csp)\n\n return response\n}\n\n/**\n * Validate request path for security issues\n */\nexport function validateRequestPath(pathname: string): {\n valid: boolean\n reason?: string\n} {\n // Decode the pathname to catch encoded attacks\n const decoded = decodeURIComponent(pathname)\n\n // Check for path traversal\n if (decoded.includes(\"../\") || decoded.includes(\"..\\\\\")) {\n return { valid: false, reason: \"Path traversal detected\" }\n }\n\n // Check for encoded path traversal\n if (\n decoded.includes(\"%2e%2e\") ||\n decoded.includes(\"%252e%252e\") ||\n pathname.includes(\"%2e%2e\") ||\n pathname.includes(\"%252e%252e\")\n ) {\n return { valid: false, reason: \"Encoded path traversal detected\" }\n }\n\n // Check for null bytes\n if (decoded.includes(\"\\0\") || pathname.includes(\"%00\")) {\n return { valid: false, reason: \"Null byte injection detected\" }\n }\n\n return { valid: true }\n}\n\n/**\n * Security proxy function (Next.js 16+)\n * Add this to your Next.js proxy.ts file\n */\nexport function createSecurityProxy(options?: {\n customCSP?: string\n production?: boolean\n strictPathValidation?: boolean\n}) {\n return function securityProxy(request: NextRequest): NextResponse {\n const { strictPathValidation = true } = options || {}\n\n // Validate request path\n if (strictPathValidation) {\n const pathValidation = validateRequestPath(request.nextUrl.pathname)\n if (!pathValidation.valid) {\n const ip = request.headers.get(\"x-forwarded-for\") ||\n request.headers.get(\"x-real-ip\") ||\n \"unknown\"\n console.warn(`[Security] Blocked request: ${pathValidation.reason}`, {\n path: request.nextUrl.pathname,\n ip,\n })\n return new NextResponse(\"Bad Request\", { status: 400 })\n }\n }\n\n // Continue with the request and apply security headers\n const response = NextResponse.next()\n return applySecurityHeaders(response, options)\n }\n}\n\n/**\n * @deprecated Use createSecurityProxy instead. Middleware is renamed to Proxy in Next.js 16+\n */\nexport const createSecurityMiddleware = createSecurityProxy\n\n/**\n * Example proxy configuration for your project\n *\n * Create this file: proxy.ts (at root of your Next.js app)\n *\n * ```typescript\n * import { createSecurityProxy } from 'specra/middleware/security'\n *\n * export const proxy = createSecurityProxy({\n * production: process.env.NODE_ENV === 'production',\n * strictPathValidation: true,\n * })\n *\n * export const config = {\n * matcher: [\n * // Match all paths except static files\n * '/((?!_next/static|_next/image|favicon.ico).*)',\n * ],\n * }\n * ```\n */\n\n/**\n * Validate subdomain/organization isolation\n * Use this if you're building a multi-tenant system\n */\nexport function validateSubdomainIsolation(\n request: NextRequest,\n options: {\n allowedSubdomains?: string[]\n currentOrg?: string\n }\n): { valid: boolean; reason?: string } {\n const { allowedSubdomains, currentOrg } = options\n\n const hostname = request.headers.get(\"host\") || \"\"\n const subdomain = hostname.split(\".\")[0]\n\n // If allowlist is provided, validate against it\n if (allowedSubdomains && !allowedSubdomains.includes(subdomain)) {\n return { valid: false, reason: \"Subdomain not in allowlist\" }\n }\n\n // Check for subdomain mismatch in paths\n // Example: docs.company-a.com should not access /_mintlify/static/company-b/\n const pathMatch = request.nextUrl.pathname.match(/\\/(static|assets|_.*?)\\/([^/]+)/)\n if (pathMatch && currentOrg) {\n const pathOrg = pathMatch[2]\n if (pathOrg !== currentOrg) {\n return { valid: false, reason: \"Cross-organization access detected\" }\n }\n }\n\n return { valid: true }\n}\n"],"mappings":";;;;;AASA,SAAS,oBAAsC;AAMxC,IAAM,mBAAmB;AAAA;AAAA,EAE9B,mBAAmB;AAAA;AAAA,EAGnB,0BAA0B;AAAA;AAAA,EAG1B,oBAAoB;AAAA;AAAA,EAGpB,mBAAmB;AAAA;AAAA,EAGnB,sBAAsB;AACxB;AAKO,SAAS,qBACd,UACA,SAIc;AACd,QAAM,EAAE,WAAW,aAAa,QAAQ,IAAI,aAAa,aAAa,IAAI,WAAW,CAAC;AAGtF,SAAO,QAAQ,gBAAgB,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AACzD,aAAS,QAAQ,IAAI,KAAK,KAAK;AAAA,EACjC,CAAC;AAGD,QAAM,MAAM,aAAa,kBAAkB,QAAW,UAAU;AAChE,WAAS,QAAQ,IAAI,2BAA2B,GAAG;AAEnD,SAAO;AACT;AAKO,SAAS,oBAAoB,UAGlC;AAEA,QAAM,UAAU,mBAAmB,QAAQ;AAG3C,MAAI,QAAQ,SAAS,KAAK,KAAK,QAAQ,SAAS,MAAM,GAAG;AACvD,WAAO,EAAE,OAAO,OAAO,QAAQ,0BAA0B;AAAA,EAC3D;AAGA,MACE,QAAQ,SAAS,QAAQ,KACzB,QAAQ,SAAS,YAAY,KAC7B,SAAS,SAAS,QAAQ,KAC1B,SAAS,SAAS,YAAY,GAC9B;AACA,WAAO,EAAE,OAAO,OAAO,QAAQ,kCAAkC;AAAA,EACnE;AAGA,MAAI,QAAQ,SAAS,IAAI,KAAK,SAAS,SAAS,KAAK,GAAG;AACtD,WAAO,EAAE,OAAO,OAAO,QAAQ,+BAA+B;AAAA,EAChE;AAEA,SAAO,EAAE,OAAO,KAAK;AACvB;AAMO,SAAS,oBAAoB,SAIjC;AACD,SAAO,SAAS,cAAc,SAAoC;AAChE,UAAM,EAAE,uBAAuB,KAAK,IAAI,WAAW,CAAC;AAGpD,QAAI,sBAAsB;AACxB,YAAM,iBAAiB,oBAAoB,QAAQ,QAAQ,QAAQ;AACnE,UAAI,CAAC,eAAe,OAAO;AACzB,cAAM,KAAK,QAAQ,QAAQ,IAAI,iBAAiB,KACrC,QAAQ,QAAQ,IAAI,WAAW,KAC/B;AACX,gBAAQ,KAAK,+BAA+B,eAAe,MAAM,IAAI;AAAA,UACnE,MAAM,QAAQ,QAAQ;AAAA,UACtB;AAAA,QACF,CAAC;AACD,eAAO,IAAI,aAAa,eAAe,EAAE,QAAQ,IAAI,CAAC;AAAA,MACxD;AAAA,IACF;AAGA,UAAM,WAAW,aAAa,KAAK;AACnC,WAAO,qBAAqB,UAAU,OAAO;AAAA,EAC/C;AACF;AAKO,IAAM,2BAA2B;AA4BjC,SAAS,2BACd,SACA,SAIqC;AACrC,QAAM,EAAE,mBAAmB,WAAW,IAAI;AAE1C,QAAM,WAAW,QAAQ,QAAQ,IAAI,MAAM,KAAK;AAChD,QAAM,YAAY,SAAS,MAAM,GAAG,EAAE,CAAC;AAGvC,MAAI,qBAAqB,CAAC,kBAAkB,SAAS,SAAS,GAAG;AAC/D,WAAO,EAAE,OAAO,OAAO,QAAQ,6BAA6B;AAAA,EAC9D;AAIA,QAAM,YAAY,QAAQ,QAAQ,SAAS,MAAM,iCAAiC;AAClF,MAAI,aAAa,YAAY;AAC3B,UAAM,UAAU,UAAU,CAAC;AAC3B,QAAI,YAAY,YAAY;AAC1B,aAAO,EAAE,OAAO,OAAO,QAAQ,qCAAqC;AAAA,IACtE;AAAA,EACF;AAEA,SAAO,EAAE,OAAO,KAAK;AACvB;","names":[]}
package/dist/styles.css.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/styles/globals.css"],"sourcesContent":["@import \"tailwindcss\";\n@import \"tw-animate-css\";\n@plugin \"@tailwindcss/typography\";\n@import \"katex/dist/katex.min.css\";\n\n/* Scan SDK source files for Tailwind utilities */\n@source \"../**/*.{js,ts,jsx,tsx}\";\n\n@custom-variant dark (&:is(.dark *));\n\n:root {\n --background: oklch(0.99 0 0);\n --foreground: oklch(0.12 0 0);\n --card: oklch(1 0 0);\n --card-foreground: oklch(0.12 0 0);\n --popover: oklch(1 0 0);\n --popover-foreground: oklch(0.12 0 0);\n /* --primary: oklch(0.50 0.24 264.376); */\n --primary: oklch(27.025% 0.14091 290.376);\n --primary-foreground: oklch(0.99 0 0);\n --secondary: oklch(0.96 0 0);\n --secondary-foreground: oklch(0.15 0 0);\n --muted: oklch(0.96 0 0);\n --muted-foreground: oklch(0.45 0 0);\n --accent: oklch(0.96 0 0);\n --accent-foreground: oklch(0.15 0 0);\n --destructive: oklch(0.55 0.25 27.325);\n --destructive-foreground: oklch(0.99 0 0);\n --border: oklch(0.90 0 0);\n --input: oklch(0.90 0 0);\n --ring: oklch(0.50 0.24 264.376);\n --chart-1: oklch(0.646 0.222 41.116);\n --chart-2: oklch(0.6 0.118 184.704);\n --chart-3: oklch(0.398 0.07 227.392);\n --chart-4: oklch(0.828 0.189 84.429);\n --chart-5: oklch(0.769 0.188 70.08);\n --radius: 0.625rem;\n --sidebar: oklch(0.99 0 0);\n --sidebar-foreground: oklch(0.12 0 0);\n --sidebar-primary: oklch(0.15 0 0);\n --sidebar-primary-foreground: oklch(0.99 0 0);\n --sidebar-accent: oklch(0.96 0 0);\n --sidebar-accent-foreground: oklch(0.15 0 0);\n --sidebar-border: oklch(0.90 0 0);\n --sidebar-ring: oklch(0.50 0.24 264.376);\n}\n\n.dark {\n /* Updated dark theme to match Vercel/Mintlify documentation aesthetic */\n --background: oklch(0.09 0 0);\n --foreground: oklch(0.98 0 0);\n --card: oklch(0.12 0 0);\n --card-foreground: oklch(0.98 0 0);\n --popover: oklch(0.12 0 0);\n --popover-foreground: oklch(0.98 0 0);\n --primary: oklch(0.65 0.25 264.376);\n --primary-foreground: oklch(0.98 0 0);\n --secondary: oklch(0.18 0 0);\n --secondary-foreground: oklch(0.98 0 0);\n --muted: oklch(0.18 0 0);\n --muted-foreground: oklch(0.65 0 0);\n --accent: oklch(0.18 0 0);\n --accent-foreground: oklch(0.98 0 0);\n --destructive: oklch(0.55 0.22 27.325);\n --destructive-foreground: oklch(0.98 0 0);\n --border: oklch(0.22 0 0);\n --input: oklch(0.22 0 0);\n --ring: oklch(0.65 0.25 264.376);\n --chart-1: oklch(0.488 0.243 264.376);\n --chart-2: oklch(0.696 0.17 162.48);\n --chart-3: oklch(0.769 0.188 70.08);\n --chart-4: oklch(0.627 0.265 303.9);\n --chart-5: oklch(0.645 0.246 16.439);\n --sidebar: oklch(0.09 0 0);\n --sidebar-foreground: oklch(0.98 0 0);\n --sidebar-primary: oklch(0.65 0.25 264.376);\n --sidebar-primary-foreground: oklch(0.98 0 0);\n --sidebar-accent: oklch(0.18 0 0);\n --sidebar-accent-foreground: oklch(0.98 0 0);\n --sidebar-border: oklch(0.22 0 0);\n --sidebar-ring: oklch(0.65 0.25 264.376);\n\n /* Added custom tokens for code blocks */\n --code: oklch(0.75 0.15 264.376);\n --code-bg: oklch(0.12 0 0);\n --code-fg: oklch(0.92 0 0);\n}\n\n@theme inline {\n\n --color-background: var(--background);\n --color-foreground: var(--foreground);\n --color-card: var(--card);\n --color-card-foreground: var(--card-foreground);\n --color-popover: var(--popover);\n --color-popover-foreground: var(--popover-foreground);\n --color-primary: var(--primary);\n --color-primary-foreground: var(--primary-foreground);\n --color-secondary: var(--secondary);\n --color-secondary-foreground: var(--secondary-foreground);\n --color-muted: var(--muted);\n --color-muted-foreground: var(--muted-foreground);\n --color-accent: var(--accent);\n --color-accent-foreground: var(--accent-foreground);\n --color-destructive: var(--destructive);\n --color-destructive-foreground: var(--destructive-foreground);\n --color-border: var(--border);\n --color-input: var(--input);\n --color-ring: var(--ring);\n --color-chart-1: var(--chart-1);\n --color-chart-2: var(--chart-2);\n --color-chart-3: var(--chart-3);\n --color-chart-4: var(--chart-4);\n --color-chart-5: var(--chart-5);\n --radius-sm: calc(var(--radius) - 4px);\n --radius-md: calc(var(--radius) - 2px);\n --radius-lg: var(--radius);\n --radius-xl: calc(var(--radius) + 4px);\n --color-sidebar: var(--sidebar);\n --color-sidebar-foreground: var(--sidebar-foreground);\n --color-sidebar-primary: var(--sidebar-primary);\n --color-sidebar-primary-foreground: var(--sidebar-primary-foreground);\n --color-sidebar-accent: var(--sidebar-accent);\n --color-sidebar-accent-foreground: var(--sidebar-accent-foreground);\n --color-sidebar-border: var(--sidebar-border);\n --color-sidebar-ring: var(--sidebar-ring);\n\n /* Added code color tokens */\n --color-code: var(--code);\n --color-code-bg: var(--code-bg);\n --color-code-fg: var(--code-fg);\n}\n\n@layer base {\n * {\n @apply border-border outline-ring/50;\n }\n\n html {\n scroll-behavior: smooth;\n /* Always reserve space for scrollbar to prevent layout shift */\n scrollbar-gutter: stable;\n }\n\n body {\n @apply bg-background text-foreground;\n }\n\n a {\n text-decoration: none;\n }\n\n /* Link styling - primary color, no underline until hover */\n main .prose a {\n color: var(--color-primary);\n text-decoration: none;\n transition: color 0.2s ease, text-decoration 0.2s ease;\n }\n\n main .prose a:hover {\n text-decoration: none !important;\n color: var(--color-primary);\n }\n\n /* Prose links in documentation */\n .prose a {\n color: var(--color-primary);\n text-decoration: none !important;\n font-weight: 500;\n }\n\n .prose a:hover {\n text-decoration: none !important;\n color: var(--color-primary);\n }\n\n /* Sidebar links - no underline on hover */\n aside a {\n text-decoration: none;\n }\n\n aside a:hover {\n text-decoration: none;\n }\n\n /* Card and ImageCard links - never underline */\n .image-card-link,\n .card-link {\n text-decoration: none !important;\n }\n\n .image-card-link:hover,\n .card-link:hover {\n text-decoration: none !important;\n }\n\n .image-card-link *,\n .card-link * {\n text-decoration: none !important;\n }\n\n /* Custom scrollbar styling for body only */\n body::-webkit-scrollbar {\n width: 6px;\n }\n\n body::-webkit-scrollbar-track {\n background: oklch(0.95 0 0);\n }\n\n body::-webkit-scrollbar-thumb {\n background: oklch(0.75 0 0);\n border-radius: 6px;\n border: 2px solid oklch(0.95 0 0);\n }\n\n body::-webkit-scrollbar-thumb:hover {\n background: oklch(0.65 0 0);\n }\n\n /* Dark mode body scrollbar */\n .dark body::-webkit-scrollbar-track {\n background: oklch(0.12 0 0);\n }\n\n .dark body::-webkit-scrollbar-thumb {\n background: oklch(0.25 0 0);\n border: 2px solid oklch(0.12 0 0);\n }\n\n .dark body::-webkit-scrollbar-thumb:hover {\n background: oklch(0.35 0 0);\n }\n\n /* Firefox scrollbar for body only */\n body {\n scrollbar-width: thin;\n scrollbar-color: oklch(0.75 0 0) oklch(0.95 0 0);\n }\n\n .dark body {\n scrollbar-color: oklch(0.25 0 0) oklch(0.12 0 0);\n }\n\n /* Sidebar scrollbar styling - thin and subtle */\n aside::-webkit-scrollbar,\n aside *::-webkit-scrollbar {\n width: 4px;\n }\n\n aside::-webkit-scrollbar-track,\n aside *::-webkit-scrollbar-track {\n background: transparent;\n }\n\n aside::-webkit-scrollbar-thumb,\n aside *::-webkit-scrollbar-thumb {\n background: oklch(0.7 0 0 / 0.3);\n border-radius: 4px;\n }\n\n aside::-webkit-scrollbar-thumb:hover,\n aside *::-webkit-scrollbar-thumb:hover {\n background: oklch(0.6 0 0 / 0.5);\n }\n\n /* Dark mode sidebar scrollbar */\n .dark aside::-webkit-scrollbar-thumb,\n .dark aside *::-webkit-scrollbar-thumb {\n background: oklch(0.5 0 0 / 0.3);\n }\n\n .dark aside::-webkit-scrollbar-thumb:hover,\n .dark aside *::-webkit-scrollbar-thumb:hover {\n background: oklch(0.6 0 0 / 0.5);\n }\n\n /* Firefox sidebar scrollbar */\n aside,\n aside * {\n scrollbar-width: thin;\n scrollbar-color: oklch(0.7 0 0 / 0.3) transparent;\n }\n\n .dark aside,\n .dark aside * {\n scrollbar-color: oklch(0.5 0 0 / 0.3) transparent;\n }\n\n /* Light mode syntax highlighting - VS Code Light+ theme */\n .token-comment {\n color: #008000;\n font-style: italic;\n }\n\n .token-string {\n color: #a31515;\n }\n\n .token-keyword {\n color: #0000ff;\n font-weight: 600;\n }\n\n .token-number {\n color: #098658;\n }\n\n .token-function {\n color: #795e26;\n }\n\n .token-operator {\n color: #000000;\n }\n\n .token-property {\n color: #001080;\n }\n\n .token-punctuation {\n color: #000000;\n }\n\n .token-text {\n color: #000000;\n }\n\n /* Dark mode syntax highlighting - VS Code Dark+ theme */\n .dark .token-comment {\n color: #6a9955;\n }\n\n .dark .token-string {\n color: #ce9178;\n }\n\n .dark .token-keyword {\n color: #569cd6;\n }\n\n .dark .token-number {\n color: #b5cea8;\n }\n\n .dark .token-function {\n color: #dcdcaa;\n }\n\n .dark .token-operator {\n color: #d4d4d4;\n }\n\n .dark .token-property {\n color: #9cdcfe;\n }\n\n .dark .token-punctuation {\n color: #d4d4d4;\n }\n\n .dark .token-text {\n color: #d4d4d4;\n }\n}\n\n\npre code {\n background: none;\n border: none;\n}\n\n/* Heading styles - lighter weight and reduced margins */\n.prose h1 {\n font-weight: 700;\n margin-top: 1.5rem;\n margin-bottom: 0.75rem;\n}\n\n.prose h2 {\n font-weight: 600;\n margin-top: 2rem;\n margin-bottom: 0.75rem;\n}\n\n.prose h3 {\n font-weight: 600;\n margin-top: 1.5rem;\n margin-bottom: 0.5rem;\n}\n\n.prose h4 {\n font-weight: 600;\n margin-top: 1.25rem;\n margin-bottom: 0.5rem;\n}\n\n.prose h5 {\n font-weight: 500;\n margin-top: 1rem;\n margin-bottom: 0.5rem;\n}\n\n.prose h6 {\n font-weight: 500;\n margin-top: 1rem;\n margin-bottom: 0.5rem;\n}\n\n/* Paragraph styles - reduced margins */\n.prose p {\n margin-top: 0.5rem;\n margin-bottom: 0.75rem;\n}\n\n/* Prevent layout shift when dialog opens */\n/* html {\n scrollbar-gutter: stable;\n} */\n\n\nhtml body[data-scroll-locked] {\n overflow: visible !important;\n margin-right: 0 !important;\n padding-right: 0 !important;\n}"],"mappings":";;;;AAEA,QAAQ;AACR,QAAQ;AAGR,QAAQ;AAER,gBAAgB,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK;AAEjC;AACE,gBAAc,MAAM,KAAK,EAAE;AAC3B,gBAAc,MAAM,KAAK,EAAE;AAC3B,UAAQ,MAAM,EAAE,EAAE;AAClB,qBAAmB,MAAM,KAAK,EAAE;AAChC,aAAW,MAAM,EAAE,EAAE;AACrB,wBAAsB,MAAM,KAAK,EAAE;AAEnC,aAAW,MAAM,QAAQ,QAAQ;AACjC,wBAAsB,MAAM,KAAK,EAAE;AACnC,eAAa,MAAM,KAAK,EAAE;AAC1B,0BAAwB,MAAM,KAAK,EAAE;AACrC,WAAS,MAAM,KAAK,EAAE;AACtB,sBAAoB,MAAM,KAAK,EAAE;AACjC,YAAU,MAAM,KAAK,EAAE;AACvB,uBAAqB,MAAM,KAAK,EAAE;AAClC,iBAAe,MAAM,KAAK,KAAK;AAC/B,4BAA0B,MAAM,KAAK,EAAE;AACvC,YAAU,MAAM,KAAK,EAAE;AACvB,WAAS,MAAM,KAAK,EAAE;AACtB,UAAQ,MAAM,KAAK,KAAK;AACxB,aAAW,MAAM,MAAM,MAAM;AAC7B,aAAW,MAAM,IAAI,MAAM;AAC3B,aAAW,MAAM,MAAM,KAAK;AAC5B,aAAW,MAAM,MAAM,MAAM;AAC7B,aAAW,MAAM,MAAM,MAAM;AAC7B,YAAU;AACV,aAAW,MAAM,KAAK,EAAE;AACxB,wBAAsB,MAAM,KAAK,EAAE;AACnC,qBAAmB,MAAM,KAAK,EAAE;AAChC,gCAA8B,MAAM,KAAK,EAAE;AAC3C,oBAAkB,MAAM,KAAK,EAAE;AAC/B,+BAA6B,MAAM,KAAK,EAAE;AAC1C,oBAAkB,MAAM,KAAK,EAAE;AAC/B,kBAAgB,MAAM,KAAK,KAAK;AAClC;AAEA,CAAC;AAEC,gBAAc,MAAM,KAAK,EAAE;AAC3B,gBAAc,MAAM,KAAK,EAAE;AAC3B,UAAQ,MAAM,KAAK,EAAE;AACrB,qBAAmB,MAAM,KAAK,EAAE;AAChC,aAAW,MAAM,KAAK,EAAE;AACxB,wBAAsB,MAAM,KAAK,EAAE;AACnC,aAAW,MAAM,KAAK,KAAK;AAC3B,wBAAsB,MAAM,KAAK,EAAE;AACnC,eAAa,MAAM,KAAK,EAAE;AAC1B,0BAAwB,MAAM,KAAK,EAAE;AACrC,WAAS,MAAM,KAAK,EAAE;AACtB,sBAAoB,MAAM,KAAK,EAAE;AACjC,YAAU,MAAM,KAAK,EAAE;AACvB,uBAAqB,MAAM,KAAK,EAAE;AAClC,iBAAe,MAAM,KAAK,KAAK;AAC/B,4BAA0B,MAAM,KAAK,EAAE;AACvC,YAAU,MAAM,KAAK,EAAE;AACvB,WAAS,MAAM,KAAK,EAAE;AACtB,UAAQ,MAAM,KAAK,KAAK;AACxB,aAAW,MAAM,MAAM,MAAM;AAC7B,aAAW,MAAM,MAAM,KAAK;AAC5B,aAAW,MAAM,MAAM,MAAM;AAC7B,aAAW,MAAM,MAAM,MAAM;AAC7B,aAAW,MAAM,MAAM,MAAM;AAC7B,aAAW,MAAM,KAAK,EAAE;AACxB,wBAAsB,MAAM,KAAK,EAAE;AACnC,qBAAmB,MAAM,KAAK,KAAK;AACnC,gCAA8B,MAAM,KAAK,EAAE;AAC3C,oBAAkB,MAAM,KAAK,EAAE;AAC/B,+BAA6B,MAAM,KAAK,EAAE;AAC1C,oBAAkB,MAAM,KAAK,EAAE;AAC/B,kBAAgB,MAAM,KAAK,KAAK;AAGhC,UAAQ,MAAM,KAAK,KAAK;AACxB,aAAW,MAAM,KAAK,EAAE;AACxB,aAAW,MAAM,KAAK,EAAE;AAC1B;AAEA,OAAO,OAAO,EAEZ,kBAAkB,EAAE,IAAI,aAAa,EACrC,kBAAkB,EAAE,IAAI,aAAa,EACrC,YAAY,EAAE,IAAI,OAAO,EACzB,uBAAuB,EAAE,IAAI,kBAAkB,EAC/C,eAAe,EAAE,IAAI,UAAU,EAC/B,0BAA0B,EAAE,IAAI,qBAAqB,EACrD,eAAe,EAAE,IAAI,UAAU,EAC/B,0BAA0B,EAAE,IAAI,qBAAqB,EACrD,iBAAiB,EAAE,IAAI,YAAY,EACnC,4BAA4B,EAAE,IAAI,uBAAuB,EACzD,aAAa,EAAE,IAAI,QAAQ,EAC3B,wBAAwB,EAAE,IAAI,mBAAmB,EACjD,cAAc,EAAE,IAAI,SAAS,EAC7B,yBAAyB,EAAE,IAAI,oBAAoB,EACnD,mBAAmB,EAAE,IAAI,cAAc,EACvC,8BAA8B,EAAE,IAAI,yBAAyB,EAC7D,cAAc,EAAE,IAAI,SAAS,EAC7B,aAAa,EAAE,IAAI,QAAQ,EAC3B,YAAY,EAAE,IAAI,OAAO,EACzB,eAAe,EAAE,IAAI,UAAU,EAC/B,eAAe,EAAE,IAAI,UAAU,EAC/B,eAAe,EAAE,IAAI,UAAU,EAC/B,eAAe,EAAE,IAAI,UAAU,EAC/B,eAAe,EAAE,IAAI,UAAU,EAC/B,WAAW,EAAE,KAAK,IAAI,UAAU,EAAE,IAAI,EACtC,WAAW,EAAE,KAAK,IAAI,UAAU,EAAE,IAAI,EACtC,WAAW,EAAE,IAAI,SAAS,EAC1B,WAAW,EAAE,KAAK,IAAI,UAAU,EAAE,IAAI,EACtC,eAAe,EAAE,IAAI,UAAU,EAC/B,0BAA0B,EAAE,IAAI,qBAAqB,EACrD,uBAAuB,EAAE,IAAI,kBAAkB,EAC/C,kCAAkC,EAAE,IAAI,6BAA6B,EACrE,sBAAsB,EAAE,IAAI,iBAAiB,EAC7C,iCAAiC,EAAE,IAAI,4BAA4B,EACnE,sBAAsB,EAAE,IAAI,iBAAiB,EAC7C,oBAAoB,EAAE,IAAI,eAAe,EAGzC,YAAY,EAAE,IAAI,OAAO,EACzB,eAAe,EAAE,IAAI,UAAU,EAC/B,eAAe,EAAE,IAAI,UAAU;AAGjC;AACE;AACE,WAAO,cAAc,YAAY,CAAC;AACpC;AAEA;AACE,qBAAiB;AAEjB,sBAAkB;AACpB;AAEA;AACE,WAAO,cAAc;AACvB;AAEA;AACE,qBAAiB;AACnB;AAGA,OAAK,CAAC,MAAM;AACV,WAAO,IAAI;AACX,qBAAiB;AACjB,gBAAY,MAAM,KAAK,IAAI,EAAE,gBAAgB,KAAK;AACpD;AAEA,OAAK,CANC,MAMM,CAAC;AACX,qBAAiB;AACjB,WAAO,IAAI;AACb;AAGA,GAZM,MAYC;AACL,WAAO,IAAI;AACX,qBAAiB;AACjB,iBAAa;AACf;AAEA,GAlBM,MAkBC,CAAC;AACN,qBAAiB;AACjB,WAAO,IAAI;AACb;AAGA,QAAM;AACJ,qBAAiB;AACnB;AAEA,QAAM,CAAC;AACL,qBAAiB;AACnB;AAGA,GAAC;AAAA,EACD,CAAC;AACC,qBAAiB;AACnB;AAEA,GALC,eAKe;AAAA,EAChB,CALC,SAKS;AACR,qBAAiB;AACnB;AAEA,GAVC,gBAUgB;AAAA,EACjB,CAVC,UAUU;AACT,qBAAiB;AACnB;AAGA,MAAI;AACF,WAAO;AACT;AAEA,MAAI;AACF,gBAAY,MAAM,KAAK,EAAE;AAC3B;AAEA,MAAI;AACF,gBAAY,MAAM,KAAK,EAAE;AACzB,mBAAe;AACf,YAAQ,IAAI,MAAM,MAAM,KAAK,EAAE;AACjC;AAEA,MAAI,yBAAyB;AAC3B,gBAAY,MAAM,KAAK,EAAE;AAC3B;AAGA,GA9KD,KA8KO,IAAI;AACR,gBAAY,MAAM,KAAK,EAAE;AAC3B;AAEA,GAlLD,KAkLO,IAAI;AACR,gBAAY,MAAM,KAAK,EAAE;AACzB,YAAQ,IAAI,MAAM,MAAM,KAAK,EAAE;AACjC;AAEA,GAvLD,KAuLO,IAAI,yBAAyB;AACjC,gBAAY,MAAM,KAAK,EAAE;AAC3B;AAGA;AACE,qBAAiB;AACjB,qBAAiB,MAAM,KAAK,EAAE,GAAG,MAAM,KAAK,EAAE;AAChD;AAEA,GAjMD,KAiMO;AACJ,qBAAiB,MAAM,KAAK,EAAE,GAAG,MAAM,KAAK,EAAE;AAChD;AAGA,OAAK;AAAA,EACL,MAAM,CAAC;AACL,WAAO;AACT;AAEA,OAAK;AAAA,EACL,MAAM,CAAC;AACL,gBAAY;AACd;AAEA,OAAK;AAAA,EACL,MAAM,CAAC;AACL,gBAAY,MAAM,IAAI,EAAE,EAAE,EAAE;AAC5B,mBAAe;AACjB;AAEA,OAAK,yBAAyB;AAAA,EAC9B,MAAM,CAAC,yBAAyB;AAC9B,gBAAY,MAAM,IAAI,EAAE,EAAE,EAAE;AAC9B;AAGA,GA5ND,KA4NO,KAAK;AAAA,EACX,CA7ND,KA6NO,MAAM,CAAC;AACX,gBAAY,MAAM,IAAI,EAAE,EAAE,EAAE;AAC9B;AAEA,GAjOD,KAiOO,KAAK,yBAAyB;AAAA,EACpC,CAlOD,KAkOO,MAAM,CAAC,yBAAyB;AACpC,gBAAY,MAAM,IAAI,EAAE,EAAE,EAAE;AAC9B;AAGA;AAAA,EACA,MAAM;AACJ,qBAAiB;AACjB,qBAAiB,MAAM,IAAI,EAAE,EAAE,EAAE,KAAK;AACxC;AAEA,GA7OD,KA6OO;AAAA,EACN,CA9OD,KA8OO,MAAM;AACV,qBAAiB,MAAM,IAAI,EAAE,EAAE,EAAE,KAAK;AACxC;AAGA,GAAC;AACC,WAAO;AACP,gBAAY;AACd;AAEA,GAAC;AACC,WAAO;AACT;AAEA,GAAC;AACC,WAAO;AACP,iBAAa;AACf;AAEA,GAAC;AACC,WAAO;AACT;AAEA,GAAC;AACC,WAAO;AACT;AAEA,GAAC;AACC,WAAO;AACT;AAEA,GAAC;AACC,WAAO;AACT;AAEA,GAAC;AACC,WAAO;AACT;AAEA,GAAC;AACC,WAAO;AACT;AAGA,GA1RD,KA0RO,CAvCL;AAwCC,WAAO;AACT;AAEA,GA9RD,KA8RO,CAtCL;AAuCC,WAAO;AACT;AAEA,GAlSD,KAkSO,CAtCL;AAuCC,WAAO;AACT;AAEA,GAtSD,KAsSO,CArCL;AAsCC,WAAO;AACT;AAEA,GA1SD,KA0SO,CArCL;AAsCC,WAAO;AACT;AAEA,GA9SD,KA8SO,CArCL;AAsCC,WAAO;AACT;AAEA,GAlTD,KAkTO,CArCL;AAsCC,WAAO;AACT;AAEA,GAtTD,KAsTO,CArCL;AAsCC,WAAO;AACT;AAEA,GA1TD,KA0TO,CArCL;AAsCC,WAAO;AACT;AACF;AAGA,IAAI;AACF,cAAY;AACZ,UAAQ;AACV;AAGA,CA5NQ,MA4ND;AACL,eAAa;AACb,cAAY;AACZ,iBAAe;AACjB;AAEA,CAlOQ,MAkOD;AACL,eAAa;AACb,cAAY;AACZ,iBAAe;AACjB;AAEA,CAxOQ,MAwOD;AACL,eAAa;AACb,cAAY;AACZ,iBAAe;AACjB;AAEA,CA9OQ,MA8OD;AACL,eAAa;AACb,cAAY;AACZ,iBAAe;AACjB;AAEA,CApPQ,MAoPD;AACL,eAAa;AACb,cAAY;AACZ,iBAAe;AACjB;AAEA,CA1PQ,MA0PD;AACL,eAAa;AACb,cAAY;AACZ,iBAAe;AACjB;AAGA,CAjQQ,MAiQD;AACL,cAAY;AACZ,iBAAe;AACjB;AAQA,KAAK,IAAI,CAAC;AACR,YAAU;AACV,gBAAc;AACd,iBAAe;AACjB;","names":[]}
package/dist/styles.d.mts DELETED
@@ -1,2 +0,0 @@
1
-
2
- export { }
package/dist/styles.d.ts DELETED
@@ -1,2 +0,0 @@
1
-
2
- export { }
package/dist/styles.js DELETED
@@ -1,2 +0,0 @@
1
- "use strict";
2
- //# sourceMappingURL=styles.js.map
package/dist/styles.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
package/dist/styles.mjs DELETED
@@ -1 +0,0 @@
1
- //# sourceMappingURL=styles.mjs.map
package/dist/styles.mjs.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}