npm - stringray-ai - Versions diffs - 1.0.38 → 1.0.39 - Mend

stringray-ai 1.0.38 → 1.0.39

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (113) hide show

package/dist/plugin/security/security-hardener.js ADDED Viewed

@@ -0,0 +1,181 @@
+/**
+ * StringRay Framework v1.0.0 - Security Hardening Module
+ *
+ * Implements additional security measures and hardening for the framework.
+ * Addresses vulnerabilities identified during security audit.
+ *
+ * @version 1.0.0
+ * @since 2026-01-07
+ */
+import { promises as fs } from "fs";
+export class SecurityHardener {
+    config;
+    constructor(config = {}) {
+        this.config = {
+            enableInputValidation: true,
+            enableRateLimiting: true,
+            enableAuditLogging: true,
+            enableSecureHeaders: true,
+            maxRequestSizeBytes: 1024 * 1024, // 1MB
+            rateLimitWindowMs: 60000, // 1 minute
+            rateLimitMaxRequests: 100,
+            ...config,
+        };
+    }
+    /**
+     * Apply security hardening based on audit results
+     */
+    async hardenSecurity(auditResult) {
+        const appliedFixes = [];
+        const remainingIssues = [];
+        console.log("🔒 Security Hardener: Applying security fixes...");
+        for (const issue of auditResult.issues) {
+            const fix = await this.applyFixForIssue(issue);
+            if (fix.applied) {
+                appliedFixes.push(fix.description);
+                console.log(`✅ Applied fix: ${fix.description}`);
+            }
+            else {
+                remainingIssues.push(issue);
+                console.log(`⚠️ Could not apply fix for: ${issue.description}`);
+            }
+        }
+        return { appliedFixes, remainingIssues };
+    }
+    async applyFixForIssue(issue) {
+        switch (issue.category) {
+            case "hardcoded-secrets":
+                return await this.fixHardcodedSecrets(issue);
+            case "file-permissions":
+                return await this.fixFilePermissions(issue);
+            case "dependency-management":
+                return await this.fixDependencyManagement(issue);
+            case "input-validation":
+                return await this.addInputValidation(issue);
+            default:
+                return {
+                    applied: false,
+                    description: `No automated fix available for ${issue.category}`,
+                };
+        }
+    }
+    async fixHardcodedSecrets(issue) {
+        // This would require manual intervention, but we can suggest the fix
+        console.log(`🔧 Manual fix needed for hardcoded secrets in ${issue.file}`);
+        console.log(`💡 Recommendation: Move secrets to environment variables`);
+        return {
+            applied: false,
+            description: `Manual intervention required for hardcoded secrets in ${issue.file}`,
+        };
+    }
+    async fixFilePermissions(issue) {
+        try {
+            // Remove world-writable permissions
+            await fs.chmod(issue.file, 0o644);
+            return {
+                applied: true,
+                description: `Fixed file permissions for ${issue.file}`,
+            };
+        }
+        catch (error) {
+            return {
+                applied: false,
+                description: `Failed to fix permissions for ${issue.file}: ${error}`,
+            };
+        }
+    }
+    async fixDependencyManagement(issue) {
+        // This requires manual intervention for dependency updates
+        console.log(`🔧 Manual fix needed for dependency management in ${issue.file}`);
+        console.log(`💡 Recommendation: Update dependencies to specific versions and use lockfiles`);
+        return {
+            applied: false,
+            description: `Manual intervention required for dependency management in ${issue.file}`,
+        };
+    }
+    async addInputValidation(issue) {
+        // This would require code analysis and modification
+        console.log(`🔧 Code modification needed for input validation in ${issue.file}:${issue.line}`);
+        console.log(`💡 Recommendation: Add comprehensive input validation and sanitization`);
+        return {
+            applied: false,
+            description: `Code modification required for input validation in ${issue.file}`,
+        };
+    }
+    /**
+     * Add security headers to HTTP responses
+     */
+    addSecurityHeaders(headers) {
+        if (!this.config.enableSecureHeaders)
+            return headers;
+        return {
+            ...headers,
+            "X-Content-Type-Options": "nosniff",
+            "X-Frame-Options": "DENY",
+            "X-XSS-Protection": "1; mode=block",
+            "Strict-Transport-Security": "max-age=31536000; includeSubDomains",
+            "Content-Security-Policy": "default-src 'self'",
+            "Referrer-Policy": "strict-origin-when-cross-origin",
+        };
+    }
+    /**
+     * Validate input data
+     */
+    validateInput(input, schema) {
+        if (!this.config.enableInputValidation) {
+            return { valid: true, errors: [] };
+        }
+        const errors = [];
+        // Basic validation - in production, use a proper validation library
+        if (schema.type === "string" && typeof input !== "string") {
+            errors.push("Expected string");
+        }
+        if (schema.maxLength &&
+            typeof input === "string" &&
+            input.length > schema.maxLength) {
+            errors.push(`String too long (max ${schema.maxLength})`);
+        }
+        if (schema.pattern &&
+            typeof input === "string" &&
+            !new RegExp(schema.pattern).test(input)) {
+            errors.push("String does not match required pattern");
+        }
+        return {
+            valid: errors.length === 0,
+            errors,
+        };
+    }
+    /**
+     * Check rate limiting
+     */
+    checkRateLimit(identifier, requests) {
+        if (!this.config.enableRateLimiting)
+            return true;
+        const now = Date.now();
+        const windowStart = now - this.config.rateLimitWindowMs;
+        const userRequests = requests.get(identifier) || [];
+        const recentRequests = userRequests.filter((time) => time > windowStart);
+        if (recentRequests.length >= this.config.rateLimitMaxRequests) {
+            return false;
+        }
+        recentRequests.push(now);
+        requests.set(identifier, recentRequests);
+        return true;
+    }
+    /**
+     * Log security events
+     */
+    logSecurityEvent(event) {
+        if (!this.config.enableAuditLogging)
+            return;
+        const logEntry = {
+            timestamp: new Date().toISOString(),
+            ...event,
+        };
+        console.log(`🔒 SECURITY EVENT [${event.severity.toUpperCase()}]:`, JSON.stringify(logEntry));
+        // In production, this would write to secure audit logs
+    }
+}
+// Export singleton instance
+export const securityHardener = new SecurityHardener();
+//# sourceMappingURL=security-hardener.js.map

package/dist/plugin/security/security-hardener.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"security-hardener.js","sourceRoot":"","sources":["../../../src/security/security-hardener.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,IAAI,CAAC;AAYpC,MAAM,OAAO,gBAAgB;IACnB,MAAM,CAA0B;IAExC,YAAY,SAA2C,EAAE;QACvD,IAAI,CAAC,MAAM,GAAG;YACZ,qBAAqB,EAAE,IAAI;YAC3B,kBAAkB,EAAE,IAAI;YACxB,kBAAkB,EAAE,IAAI;YACxB,mBAAmB,EAAE,IAAI;YACzB,mBAAmB,EAAE,IAAI,GAAG,IAAI,EAAE,MAAM;YACxC,iBAAiB,EAAE,KAAK,EAAE,WAAW;YACrC,oBAAoB,EAAE,GAAG;YACzB,GAAG,MAAM;SACV,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAAC,WAAwC;QAI3D,MAAM,YAAY,GAAa,EAAE,CAAC;QAClC,MAAM,eAAe,GAAoB,EAAE,CAAC;QAE5C,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;QAEhE,KAAK,MAAM,KAAK,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;YACvC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;YAC/C,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;gBAChB,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;gBACnC,OAAO,CAAC,GAAG,CAAC,kBAAkB,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;YACnD,CAAC;iBAAM,CAAC;gBACN,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAC5B,OAAO,CAAC,GAAG,CAAC,+BAA+B,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;QAED,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,CAAC;IAC3C,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,KAAoB;QAIjD,QAAQ,KAAK,CAAC,QAAQ,EAAE,CAAC;YACvB,KAAK,mBAAmB;gBACtB,OAAO,MAAM,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAC/C,KAAK,kBAAkB;gBACrB,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC9C,KAAK,uBAAuB;gBAC1B,OAAO,MAAM,IAAI,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAC;YACnD,KAAK,kBAAkB;gBACrB,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAC9C;gBACE,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,WAAW,EAAE,kCAAkC,KAAK,CAAC,QAAQ,EAAE;iBAChE,CAAC;QACN,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,KAAoB;QAIpD,qEAAqE;QACrE,OAAO,CAAC,GAAG,CAAC,iDAAiD,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3E,OAAO,CAAC,GAAG,CAAC,0DAA0D,CAAC,CAAC;QAExE,OAAO;YACL,OAAO,EAAE,KAAK;YACd,WAAW,EAAE,yDAAyD,KAAK,CAAC,IAAI,EAAE;SACnF,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,kBAAkB,CAAC,KAAoB;QAInD,IAAI,CAAC;YACH,oCAAoC;YACpC,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAClC,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,WAAW,EAAE,8BAA8B,KAAK,CAAC,IAAI,EAAE;aACxD,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,WAAW,EAAE,iCAAiC,KAAK,CAAC,IAAI,KAAK,KAAK,EAAE;aACrE,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,uBAAuB,CAAC,KAAoB;QAIxD,2DAA2D;QAC3D,OAAO,CAAC,GAAG,CACT,qDAAqD,KAAK,CAAC,IAAI,EAAE,CAClE,CAAC;QACF,OAAO,CAAC,GAAG,CACT,+EAA+E,CAChF,CAAC;QAEF,OAAO;YACL,OAAO,EAAE,KAAK;YACd,WAAW,EAAE,6DAA6D,KAAK,CAAC,IAAI,EAAE;SACvF,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,kBAAkB,CAAC,KAAoB;QAInD,oDAAoD;QACpD,OAAO,CAAC,GAAG,CACT,uDAAuD,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAClF,CAAC;QACF,OAAO,CAAC,GAAG,CACT,wEAAwE,CACzE,CAAC;QAEF,OAAO;YACL,OAAO,EAAE,KAAK;YACd,WAAW,EAAE,sDAAsD,KAAK,CAAC,IAAI,EAAE;SAChF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,kBAAkB,CAAC,OAA+B;QAChD,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,mBAAmB;YAAE,OAAO,OAAO,CAAC;QAErD,OAAO;YACL,GAAG,OAAO;YACV,wBAAwB,EAAE,SAAS;YACnC,iBAAiB,EAAE,MAAM;YACzB,kBAAkB,EAAE,eAAe;YACnC,2BAA2B,EAAE,qCAAqC;YAClE,yBAAyB,EAAE,oBAAoB;YAC/C,iBAAiB,EAAE,iCAAiC;SACrD,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,KAAU,EAAE,MAAW;QACnC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,qBAAqB,EAAE,CAAC;YACvC,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;QACrC,CAAC;QAED,MAAM,MAAM,GAAa,EAAE,CAAC;QAE5B,oEAAoE;QACpE,IAAI,MAAM,CAAC,IAAI,KAAK,QAAQ,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC1D,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACjC,CAAC;QAED,IACE,MAAM,CAAC,SAAS;YAChB,OAAO,KAAK,KAAK,QAAQ;YACzB,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC,SAAS,EAC/B,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,wBAAwB,MAAM,CAAC,SAAS,GAAG,CAAC,CAAC;QAC3D,CAAC;QAED,IACE,MAAM,CAAC,OAAO;YACd,OAAO,KAAK,KAAK,QAAQ;YACzB,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,EACvC,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;QACxD,CAAC;QAED,OAAO;YACL,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;YAC1B,MAAM;SACP,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,UAAkB,EAAE,QAA+B;QAChE,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB;YAAE,OAAO,IAAI,CAAC;QAEjD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,WAAW,GAAG,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;QAExD,MAAM,YAAY,GAAG,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;QACpD,MAAM,cAAc,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,GAAG,WAAW,CAAC,CAAC;QAEzE,IAAI,cAAc,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;YAC9D,OAAO,KAAK,CAAC;QACf,CAAC;QAED,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACzB,QAAQ,CAAC,GAAG,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;QAEzC,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,KAKhB;QACC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB;YAAE,OAAO;QAE5C,MAAM,QAAQ,GAAG;YACf,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,GAAG,KAAK;SACT,CAAC;QAEF,OAAO,CAAC,GAAG,CACT,sBAAsB,KAAK,CAAC,QAAQ,CAAC,WAAW,EAAE,IAAI,EACtD,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CACzB,CAAC;QAEF,uDAAuD;IACzD,CAAC;CACF;AAED,4BAA4B;AAC5B,MAAM,CAAC,MAAM,gBAAgB,GAAG,IAAI,gBAAgB,EAAE,CAAC"}

package/dist/plugin/security/security-headers.d.ts ADDED Viewed

@@ -0,0 +1,52 @@
+/**
+ * StringRay Framework v1.0.0 - Security Headers Middleware
+ *
+ * Comprehensive security headers implementation for HTTP responses.
+ * Integrates with boot orchestrator and API endpoints.
+ *
+ * @version 1.0.0
+ * @since 2026-01-07
+ */
+export interface SecurityHeadersConfig {
+    enableCSP: boolean;
+    enableHSTS: boolean;
+    enableFrameOptions: boolean;
+    enableXSSProtection: boolean;
+    enableContentTypeOptions: boolean;
+    enableReferrerPolicy: boolean;
+    enablePermissionsPolicy: boolean;
+    customCSP?: string;
+    hstsMaxAge?: number;
+    hstsIncludeSubdomains?: boolean;
+    hstsPreload?: boolean;
+}
+export declare class SecurityHeadersMiddleware {
+    private config;
+    constructor(config?: Partial<SecurityHeadersConfig>);
+    /**
+     * Apply security headers to HTTP response
+     */
+    applySecurityHeaders(response: any): void;
+    /**
+     * Express.js middleware function
+     */
+    getExpressMiddleware(): (req: any, res: any, next: any) => void;
+    /**
+     * Fastify middleware function
+     */
+    getFastifyMiddleware(): (request: any, reply: any, done: any) => void;
+    /**
+     * Generic middleware for any HTTP framework
+     */
+    getMiddleware(): (response: any) => void;
+    /**
+     * Update configuration
+     */
+    updateConfig(newConfig: Partial<SecurityHeadersConfig>): void;
+    /**
+     * Get current configuration
+     */
+    getConfig(): SecurityHeadersConfig;
+}
+export declare const securityHeadersMiddleware: SecurityHeadersMiddleware;
+//# sourceMappingURL=security-headers.d.ts.map

package/dist/plugin/security/security-headers.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"security-headers.d.ts","sourceRoot":"","sources":["../../../src/security/security-headers.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,MAAM,WAAW,qBAAqB;IACpC,SAAS,EAAE,OAAO,CAAC;IACnB,UAAU,EAAE,OAAO,CAAC;IACpB,kBAAkB,EAAE,OAAO,CAAC;IAC5B,mBAAmB,EAAE,OAAO,CAAC;IAC7B,wBAAwB,EAAE,OAAO,CAAC;IAClC,oBAAoB,EAAE,OAAO,CAAC;IAC9B,uBAAuB,EAAE,OAAO,CAAC;IACjC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,qBAAa,yBAAyB;IACpC,OAAO,CAAC,MAAM,CAAwB;gBAE1B,MAAM,GAAE,OAAO,CAAC,qBAAqB,CAAM;IAgBvD;;OAEG;IACH,oBAAoB,CAAC,QAAQ,EAAE,GAAG,GAAG,IAAI;IA2DzC;;OAEG;IACH,oBAAoB,KACV,KAAK,GAAG,EAAE,KAAK,GAAG,EAAE,MAAM,GAAG;IAMvC;;OAEG;IACH,oBAAoB,KACV,SAAS,GAAG,EAAE,OAAO,GAAG,EAAE,MAAM,GAAG;IAM7C;;OAEG;IACH,aAAa,eAlFkB,GAAG,KAAG,IAAI;IAsFzC;;OAEG;IACH,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,qBAAqB,CAAC,GAAG,IAAI;IAI7D;;OAEG;IACH,SAAS,IAAI,qBAAqB;CAGnC;AAGD,eAAO,MAAM,yBAAyB,2BAAkC,CAAC"}

package/dist/plugin/security/security-headers.js ADDED Viewed

@@ -0,0 +1,118 @@
+/**
+ * StringRay Framework v1.0.0 - Security Headers Middleware
+ *
+ * Comprehensive security headers implementation for HTTP responses.
+ * Integrates with boot orchestrator and API endpoints.
+ *
+ * @version 1.0.0
+ * @since 2026-01-07
+ */
+export class SecurityHeadersMiddleware {
+    config;
+    constructor(config = {}) {
+        this.config = {
+            enableCSP: true,
+            enableHSTS: true,
+            enableFrameOptions: true,
+            enableXSSProtection: true,
+            enableContentTypeOptions: true,
+            enableReferrerPolicy: true,
+            enablePermissionsPolicy: true,
+            hstsMaxAge: 31536000, // 1 year
+            hstsIncludeSubdomains: true,
+            hstsPreload: false,
+            ...config,
+        };
+    }
+    /**
+     * Apply security headers to HTTP response
+     */
+    applySecurityHeaders(response) {
+        if (!response || typeof response.setHeader !== "function") {
+            console.warn("SecurityHeadersMiddleware: Invalid response object");
+            return;
+        }
+        const headers = {};
+        // Content Security Policy
+        if (this.config.enableCSP) {
+            headers["Content-Security-Policy"] =
+                this.config.customCSP ||
+                    "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self'";
+        }
+        // HTTP Strict Transport Security
+        if (this.config.enableHSTS) {
+            let hstsValue = `max-age=${this.config.hstsMaxAge}`;
+            if (this.config.hstsIncludeSubdomains) {
+                hstsValue += "; includeSubDomains";
+            }
+            if (this.config.hstsPreload) {
+                hstsValue += "; preload";
+            }
+            headers["Strict-Transport-Security"] = hstsValue;
+        }
+        // X-Frame-Options
+        if (this.config.enableFrameOptions) {
+            headers["X-Frame-Options"] = "DENY";
+        }
+        // X-XSS-Protection
+        if (this.config.enableXSSProtection) {
+            headers["X-XSS-Protection"] = "1; mode=block";
+        }
+        // X-Content-Type-Options
+        if (this.config.enableContentTypeOptions) {
+            headers["X-Content-Type-Options"] = "nosniff";
+        }
+        // Referrer-Policy
+        if (this.config.enableReferrerPolicy) {
+            headers["Referrer-Policy"] = "strict-origin-when-cross-origin";
+        }
+        // Permissions-Policy
+        if (this.config.enablePermissionsPolicy) {
+            headers["Permissions-Policy"] =
+                "geolocation=(), microphone=(), camera=()";
+        }
+        // Set headers on response
+        Object.entries(headers).forEach(([key, value]) => {
+            response.setHeader(key, value);
+        });
+    }
+    /**
+     * Express.js middleware function
+     */
+    getExpressMiddleware() {
+        return (req, res, next) => {
+            this.applySecurityHeaders(res);
+            next();
+        };
+    }
+    /**
+     * Fastify middleware function
+     */
+    getFastifyMiddleware() {
+        return (request, reply, done) => {
+            this.applySecurityHeaders(reply);
+            done();
+        };
+    }
+    /**
+     * Generic middleware for any HTTP framework
+     */
+    getMiddleware() {
+        return this.applySecurityHeaders.bind(this);
+    }
+    /**
+     * Update configuration
+     */
+    updateConfig(newConfig) {
+        this.config = { ...this.config, ...newConfig };
+    }
+    /**
+     * Get current configuration
+     */
+    getConfig() {
+        return { ...this.config };
+    }
+}
+// Export singleton instance
+export const securityHeadersMiddleware = new SecurityHeadersMiddleware();
+//# sourceMappingURL=security-headers.js.map

package/dist/plugin/security/security-headers.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"security-headers.js","sourceRoot":"","sources":["../../../src/security/security-headers.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAgBH,MAAM,OAAO,yBAAyB;IAC5B,MAAM,CAAwB;IAEtC,YAAY,SAAyC,EAAE;QACrD,IAAI,CAAC,MAAM,GAAG;YACZ,SAAS,EAAE,IAAI;YACf,UAAU,EAAE,IAAI;YAChB,kBAAkB,EAAE,IAAI;YACxB,mBAAmB,EAAE,IAAI;YACzB,wBAAwB,EAAE,IAAI;YAC9B,oBAAoB,EAAE,IAAI;YAC1B,uBAAuB,EAAE,IAAI;YAC7B,UAAU,EAAE,QAAQ,EAAE,SAAS;YAC/B,qBAAqB,EAAE,IAAI;YAC3B,WAAW,EAAE,KAAK;YAClB,GAAG,MAAM;SACV,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,oBAAoB,CAAC,QAAa;QAChC,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;YAC1D,OAAO,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC;YACnE,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAA2B,EAAE,CAAC;QAE3C,0BAA0B;QAC1B,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YAC1B,OAAO,CAAC,yBAAyB,CAAC;gBAChC,IAAI,CAAC,MAAM,CAAC,SAAS;oBACrB,iKAAiK,CAAC;QACtK,CAAC;QAED,iCAAiC;QACjC,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;YAC3B,IAAI,SAAS,GAAG,WAAW,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;YACpD,IAAI,IAAI,CAAC,MAAM,CAAC,qBAAqB,EAAE,CAAC;gBACtC,SAAS,IAAI,qBAAqB,CAAC;YACrC,CAAC;YACD,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;gBAC5B,SAAS,IAAI,WAAW,CAAC;YAC3B,CAAC;YACD,OAAO,CAAC,2BAA2B,CAAC,GAAG,SAAS,CAAC;QACnD,CAAC;QAED,kBAAkB;QAClB,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;YACnC,OAAO,CAAC,iBAAiB,CAAC,GAAG,MAAM,CAAC;QACtC,CAAC;QAED,mBAAmB;QACnB,IAAI,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC;YACpC,OAAO,CAAC,kBAAkB,CAAC,GAAG,eAAe,CAAC;QAChD,CAAC;QAED,yBAAyB;QACzB,IAAI,IAAI,CAAC,MAAM,CAAC,wBAAwB,EAAE,CAAC;YACzC,OAAO,CAAC,wBAAwB,CAAC,GAAG,SAAS,CAAC;QAChD,CAAC;QAED,kBAAkB;QAClB,IAAI,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;YACrC,OAAO,CAAC,iBAAiB,CAAC,GAAG,iCAAiC,CAAC;QACjE,CAAC;QAED,qBAAqB;QACrB,IAAI,IAAI,CAAC,MAAM,CAAC,uBAAuB,EAAE,CAAC;YACxC,OAAO,CAAC,oBAAoB,CAAC;gBAC3B,0CAA0C,CAAC;QAC/C,CAAC;QAED,0BAA0B;QAC1B,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;YAC/C,QAAQ,CAAC,SAAS,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACjC,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,oBAAoB;QAClB,OAAO,CAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS,EAAE,EAAE;YACvC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC;YAC/B,IAAI,EAAE,CAAC;QACT,CAAC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,oBAAoB;QAClB,OAAO,CAAC,OAAY,EAAE,KAAU,EAAE,IAAS,EAAE,EAAE;YAC7C,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC;YACjC,IAAI,EAAE,CAAC;QACT,CAAC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,aAAa;QACX,OAAO,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC9C,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,SAAyC;QACpD,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,SAAS,EAAE,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,SAAS;QACP,OAAO,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;IAC5B,CAAC;CACF;AAED,4BAA4B;AAC5B,MAAM,CAAC,MAAM,yBAAyB,GAAG,IAAI,yBAAyB,EAAE,CAAC"}

package/dist/plugin/session/session-cleanup-manager.d.ts ADDED Viewed

@@ -0,0 +1,118 @@
+/**
+ * StringRay Framework v1.0.0 - Session Cleanup Manager
+ *
+ * Manages automatic cleanup of sessions with TTL-based expiration,
+ * idle session detection, and manual cleanup utilities.
+ *
+ * @version 1.0.0
+ * @since 2026-01-07
+ */
+import { StringRayStateManager } from "../state/state-manager";
+import { SessionMonitor } from "./session-monitor";
+export interface SessionMetadata {
+    sessionId: string;
+    createdAt: number;
+    lastActivity: number;
+    ttlMs: number;
+    isActive: boolean;
+    agentCount: number;
+    memoryUsage: number;
+    cleanupReason?: string;
+}
+export interface CleanupConfig {
+    ttlMs: number;
+    idleTimeoutMs: number;
+    maxSessions: number;
+    cleanupIntervalMs: number;
+    enableAutoCleanup: boolean;
+}
+export interface CleanupResult {
+    sessionsCleaned: number;
+    sessionsExpired: number;
+    sessionsIdle: number;
+    errors: string[];
+}
+export declare class SessionCleanupManager {
+    private stateManager;
+    private config;
+    private cleanupInterval?;
+    private _sessionMetadata?;
+    private _metadataLoaded;
+    private sessionMonitor;
+    constructor(stateManager: StringRayStateManager, config?: Partial<CleanupConfig>, sessionMonitor?: SessionMonitor);
+    /**
+     * Lazy-loaded session metadata - loads from state manager on first access
+     */
+    private get sessionMetadata();
+    private set sessionMetadata(value);
+    /**
+     * Initialize cleanup manager and start auto-cleanup if enabled
+     */
+    private initialize;
+    /**
+     * Register a new session for cleanup tracking
+     */
+    registerSession(sessionId: string, ttlMs?: number): void;
+    updateActivity(sessionId: string): void;
+    updateMetadata(sessionId: string, updates: Partial<SessionMetadata>): void;
+    /**
+     * Check if session should be cleaned up
+     */
+    shouldCleanup(sessionId: string): boolean;
+    /**
+     * Perform cleanup of expired/idle sessions
+     */
+    performCleanup(): Promise<CleanupResult>;
+    /**
+     * Manually cleanup a specific session
+     */
+    manualCleanup(sessionId: string, reason?: string): Promise<boolean>;
+    /**
+     * Cleanup all sessions (emergency cleanup)
+     */
+    emergencyCleanup(): Promise<CleanupResult>;
+    /**
+     * Get cleanup statistics
+     */
+    getCleanupStats(): {
+        totalSessions: number;
+        activeSessions: number;
+        expiredSessions: number;
+        idleSessions: number;
+        nextCleanup: number;
+    };
+    /**
+     * Get session metadata
+     */
+    getSessionMetadata(sessionId: string): SessionMetadata | undefined;
+    /**
+     * List all sessions with metadata
+     */
+    listSessions(): SessionMetadata[];
+    /**
+     * Start automatic cleanup interval
+     */
+    private startAutoCleanup;
+    /**
+     * Stop automatic cleanup
+     */
+    stopAutoCleanup(): void;
+    /**
+     * Load session metadata from state manager (lazy loading)
+     */
+    private loadSessionMetadata;
+    /**
+     * Persist session metadata to state manager
+     */
+    private persistSessionMetadata;
+    /**
+     * Cleanup a specific session
+     */
+    private cleanupSession;
+    /**
+     * Shutdown cleanup manager
+     */
+    shutdown(): void;
+}
+export declare const createSessionCleanupManager: (stateManager: StringRayStateManager, config?: Partial<CleanupConfig>, sessionMonitor?: SessionMonitor) => SessionCleanupManager;
+//# sourceMappingURL=session-cleanup-manager.d.ts.map

package/dist/plugin/session/session-cleanup-manager.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"session-cleanup-manager.d.ts","sourceRoot":"","sources":["../../../src/session/session-cleanup-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAE/D,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAEnD,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,OAAO,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,OAAO,CAAC;CAC5B;AAED,MAAM,WAAW,aAAa;IAC5B,eAAe,EAAE,MAAM,CAAC;IACxB,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED,qBAAa,qBAAqB;IAChC,OAAO,CAAC,YAAY,CAAwB;IAC5C,OAAO,CAAC,MAAM,CAAgB;IAC9B,OAAO,CAAC,eAAe,CAAC,CAA6B;IACrD,OAAO,CAAC,gBAAgB,CAAC,CAA+B;IACxD,OAAO,CAAC,eAAe,CAAS;IAChC,OAAO,CAAC,cAAc,CAA6B;gBAGjD,YAAY,EAAE,qBAAqB,EACnC,MAAM,GAAE,OAAO,CAAC,aAAa,CAAM,EACnC,cAAc,CAAC,EAAE,cAAc;IAgBjC;;OAEG;IACH,OAAO,KAAK,eAAe,GAM1B;IAED,OAAO,KAAK,eAAe,QAG1B;IAED;;OAEG;IACH,OAAO,CAAC,UAAU;IAYlB;;OAEG;IACH,eAAe,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI;IAmBxD,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAQvC,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,eAAe,CAAC,GAAG,IAAI;IAQ1E;;OAEG;IACH,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO;IAiBzC;;OAEG;IACG,cAAc,IAAI,OAAO,CAAC,aAAa,CAAC;IAwD9C;;OAEG;IACG,aAAa,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAsBzE;;OAEG;IACG,gBAAgB,IAAI,OAAO,CAAC,aAAa,CAAC;IAuBhD;;OAEG;IACH,eAAe,IAAI;QACjB,aAAa,EAAE,MAAM,CAAC;QACtB,cAAc,EAAE,MAAM,CAAC;QACvB,eAAe,EAAE,MAAM,CAAC;QACxB,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;KACrB;IA4BD;;OAEG;IACH,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS;IAIlE;;OAEG;IACH,YAAY,IAAI,eAAe,EAAE;IAIjC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAiBxB;;OAEG;IACH,eAAe,IAAI,IAAI;IAQvB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAiC3B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAQ9B;;OAEG;YACW,cAAc;IA4B5B;;OAEG;IACH,QAAQ,IAAI,IAAI;CAIjB;AAED,eAAO,MAAM,2BAA2B,GACtC,cAAc,qBAAqB,EACnC,SAAS,OAAO,CAAC,aAAa,CAAC,EAC/B,iBAAiB,cAAc,KAC9B,qBAEF,CAAC"}