typescript-virtual-container 1.2.1 → 1.2.3

package/.github/workflows/publish.yml

@@ -0,0 +1,25 @@
+name: Publish Package
+
+on:
+  push:
+    tags:
+      - 'v*'
+  workflow_dispatch:
+
+permissions:
+  id-token: write  # Required for OIDC
+  contents: read
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+
+      - uses: actions/setup-node@v6
+        with:
+          node-version: '24'
+          registry-url: 'https://registry.npmjs.org'
+      - run: npm install
+      - run: npm run build --if-present
+      - run: npm publish

package/README.md

@@ -1,6 +1,6 @@
 # `typescript-virtual-container`
 
-> In-memory SSH/SFTP server with a virtual filesystem and typed programmatic API for testing, automation, and interactive shell scripting in TypeScript/JavaScript.
+> Scalable SSH/SFTP server with a virtual filesystem and typed programmatic API for testing, automation, and interactive shell scripting in TypeScript/JavaScript.
 
 [![npm version](https://badge.fury.io/js/typescript-virtual-container.svg)](https://www.npmjs.com/package/typescript-virtual-container)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
@@ -37,7 +37,7 @@
 `typescript-virtual-container` is a lightweight, fully-typed SSH/SFTP runtime written in TypeScript that provides:
 
 - **SSH + SFTP Protocol Support**: Serve SSH shell/exec sessions and SFTP file operations on configurable ports.
-- **Virtual Filesystem**: In-memory-like developer workflow backed by a mirror directory under `.vfs/mirror`, with optional gzip compression and programmatic access.
+- **Virtual Filesystem**: Fast developer workflow backed by a mirror directory under `.vfs/mirror`, with optional gzip compression and programmatic access.
 - **User Management**: Create, authenticate, and manage virtual users with strict password hashing (scrypt) and sudo-like privilege elevation.
 - **Programmatic Shell API**: Execute shell commands and query filesystem state directly from TypeScript without SSH overhead.
 - **Event-Driven Architecture**: All core classes extend `EventEmitter` for lifecycle and operation tracking. Listen to auth events, filesystem operations, session lifecycle, and command execution for auditing and integration.
@@ -50,7 +50,7 @@
 ### What This Is
 
 - A virtual shell runtime written in TypeScript.
-- An in-memory environment with its own virtual filesystem, user management, and command runtime.
+- A virtual environment with its own virtual filesystem, user management, and command runtime.
 - A practical tool for deterministic testing, automation pipelines, and SSH-like workflows without running real containers.
 
 ### What This Is Not
@@ -1684,17 +1684,34 @@ const ssh = new VirtualSshServer({
 
 ## Performance & Scalability
 
-### Memory Model
+### Benchmarking
 
-- **In-Memory FS**: Full filesystem tree kept in RAM (no lazy loading)
-- **Typical footprint**: ~1-10 MB for 1000 files, increases with file content
-- **Compression**: Use `compressFile()` or `compress: true` in `writeFile()` to reduce RAM usage
+Use the built-in benchmark script to measure initialization and command throughput under concurrent shell loads:
+
+```bash
+bun ./benchmark-virtualshell.ts
+```
+
+The benchmark reports:
+
+- shell initialization time by concurrency level
+- command execution time across all active shells
+- RSS memory growth during the run
+
+Recent baseline runs show strong startup behavior up to 100 concurrent shells, and the runtime is designed to scale up to **1000 environments very easily** for testing and automation workloads.
 
 ### Concurrency
 
 - SSH server handles multiple concurrent connections (event-driven)
 - Programmatic `SshClient` is synchronous (executes sequentially per instance)
 - Create multiple client instances for parallel operations
+- Horizontal shell instantiation (`new VirtualShell(...)`) is intended for high-volume scenarios, including large test matrices and multi-tenant simulation batches
+
+### Scalability Notes
+
+- Use a dedicated `basePath` per isolated environment to parallelize safely
+- Reuse long-lived shell instances when you need low-latency command bursts
+- Keep performance logging enabled in development (`DEV_MODE=1` or `RENDER_PERF=1`) to locate hotspots quickly
 
 **Example:**
 
@@ -1740,7 +1757,7 @@ async function processResult(r: CommandResult) {
 
 ### Is this a real container runtime?
 
-No. It emulates SSH sessions, users, and filesystem behavior in memory. It is ideal for testing, simulations, and automation workflows where full OS isolation is not required.
+No. It emulates SSH sessions, users, and filesystem behavior in a virtual runtime. It is ideal for testing, simulations, and automation workflows where full OS isolation is not required.
 
 ### Can I use this in production?
 

package/package.json

@@ -4,8 +4,12 @@
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "type": "module",
-  "version": "1.2.1",
+  "version": "1.2.3",
   "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/itsrealfortune/typescript-virtual-container"
+  },
   "keywords": [
     "ssh",
     "virtual-filesystem",
@@ -15,7 +19,7 @@
     "shell"
   ],
   "scripts": {
-    "postinstall": "rm -f node_modules/ssh2/lib/protocol/crypto/build/Release/sshcrypto.node && rm -rf node_modules/cpu-features",
+    "postinstall": "node scripts/postinstall.js",
     "format": "bunx --bun @biomejs/biome format --write ./src",
     "check": "bunx --bun @biomejs/biome check ./src",
     "lint": "bunx --bun @biomejs/biome lint ./src",
@@ -34,7 +38,6 @@
     "typescript": "^5"
   },
   "dependencies": {
-    "ssh2": "^1.17.0",
-    "tar-stream": "^3.1.8"
+    "ssh2": "^1.17.0"
   }
 }

package/scripts/postinstall.js

@@ -0,0 +1,42 @@
+import fs from 'node:fs';
+import path from 'node:path';
+import { fileURLToPath } from 'node:url';
+
+const __dirname = fileURLToPath(new URL('.', import.meta.url));
+
+function deleteFile(filePath) {
+  if (fs.existsSync(filePath)) {
+    fs.unlinkSync(filePath);
+    console.log(`Deleted: ${filePath}`);
+  }
+}
+
+function deleteDirectory(dirPath) {
+  if (fs.existsSync(dirPath)) {
+    fs.rmSync(dirPath, { recursive: true, force: true });
+    console.log(`Deleted: ${dirPath}`);
+  }
+}
+
+const sshCryptoPath = path.join(
+  __dirname,
+  '..',
+  'node_modules',
+  'ssh2',
+  'lib',
+  'protocol',
+  'crypto',
+  'build',
+  'Release',
+  'sshcrypto.node'
+);
+
+const cpuFeaturesPath = path.join(
+  __dirname,
+  '..',
+  'node_modules',
+  'cpu-features'
+);
+
+deleteFile(sshCryptoPath);
+deleteDirectory(cpuFeaturesPath);

package/dist/VirtualFileSystem/archive.d.ts

@@ -1,5 +0,0 @@
-import type { VfsSnapshot } from "../types/vfs";
-export declare function archiveExists(archivePath: string): Promise<boolean>;
-export declare function createTarBuffer(snapshotJson: string): Promise<Buffer>;
-export declare function readSnapshotFromTar(tarBuffer: Buffer): Promise<VfsSnapshot>;
-//# sourceMappingURL=archive.d.ts.map

package/dist/VirtualFileSystem/archive.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"archive.d.ts","sourceRoot":"","sources":["../../src/VirtualFileSystem/archive.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAEhD,wBAAsB,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAOzE;AAED,wBAAsB,eAAe,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAuB3E;AAED,wBAAsB,mBAAmB,CACxC,SAAS,EAAE,MAAM,GACf,OAAO,CAAC,WAAW,CAAC,CAiCtB"}

package/dist/VirtualFileSystem/archive.js

@@ -1,56 +0,0 @@
-import { promises as fs } from "node:fs";
-import * as tarStream from "tar-stream";
-export async function archiveExists(archivePath) {
-    try {
-        await fs.access(archivePath);
-        return true;
-    }
-    catch {
-        return false;
-    }
-}
-export async function createTarBuffer(snapshotJson) {
-    const pack = tarStream.pack();
-    const chunks = [];
-    const finished = new Promise((resolve, reject) => {
-        pack.on("data", (chunk) => chunks.push(Buffer.from(chunk)));
-        pack.on("error", reject);
-        pack.on("end", () => resolve(Buffer.concat(chunks)));
-    });
-    pack.entry({ name: "snapshot.json", mode: 0o600 }, snapshotJson, (error) => {
-        if (error) {
-            return;
-        }
-        pack.finalize();
-    });
-    return finished;
-}
-export async function readSnapshotFromTar(tarBuffer) {
-    return new Promise((resolve, reject) => {
-        const extract = tarStream.extract();
-        let snapshotText = "";
-        let found = false;
-        extract.on("entry", (header, stream, next) => {
-            if (header.name === "snapshot.json") {
-                found = true;
-                stream.on("data", (chunk) => {
-                    snapshotText += chunk.toString("utf8");
-                });
-                stream.on("end", next);
-                stream.resume();
-                return;
-            }
-            stream.resume();
-            stream.on("end", next);
-        });
-        extract.on("finish", () => {
-            if (!found) {
-                reject(new Error("snapshot.json missing from archive"));
-                return;
-            }
-            resolve(JSON.parse(snapshotText));
-        });
-        extract.on("error", reject);
-        extract.end(tarBuffer);
-    });
-}

package/dist/VirtualFileSystem/snapshot.d.ts

@@ -1,5 +0,0 @@
-import type { VfsSnapshot } from "../types/vfs";
-import type { InternalDirectoryNode } from "./internalTypes";
-export declare function createSnapshot(root: InternalDirectoryNode): VfsSnapshot;
-export declare function applySnapshot(rootTarget: InternalDirectoryNode, snapshot: VfsSnapshot): void;
-//# sourceMappingURL=snapshot.d.ts.map

package/dist/VirtualFileSystem/snapshot.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"snapshot.d.ts","sourceRoot":"","sources":["../../src/VirtualFileSystem/snapshot.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACX,WAAW,EAGX,MAAM,cAAc,CAAC;AACtB,OAAO,KAAK,EAAE,qBAAqB,EAAgB,MAAM,iBAAiB,CAAC;AAgE3E,wBAAgB,cAAc,CAAC,IAAI,EAAE,qBAAqB,GAAG,WAAW,CAEvE;AAED,wBAAgB,aAAa,CAC5B,UAAU,EAAE,qBAAqB,EACjC,QAAQ,EAAE,WAAW,GACnB,IAAI,CAON"}

package/dist/VirtualFileSystem/snapshot.js

@@ -1,59 +0,0 @@
-function serializeNode(node) {
-    if (node.type === "file") {
-        return {
-            type: "file",
-            name: node.name,
-            mode: node.mode,
-            createdAt: node.createdAt.toISOString(),
-            updatedAt: node.updatedAt.toISOString(),
-            compressed: node.compressed,
-            contentBase64: node.content.toString("base64"),
-        };
-    }
-    return serializeDirectory(node);
-}
-function serializeDirectory(node) {
-    return {
-        type: "directory",
-        name: node.name,
-        mode: node.mode,
-        createdAt: node.createdAt.toISOString(),
-        updatedAt: node.updatedAt.toISOString(),
-        children: Array.from(node.children.values()).map((child) => serializeNode(child)),
-    };
-}
-function deserializeNode(node) {
-    if (node.type === "file") {
-        return {
-            type: "file",
-            name: node.name,
-            mode: node.mode,
-            createdAt: new Date(node.createdAt),
-            updatedAt: new Date(node.updatedAt),
-            content: Buffer.from(node.contentBase64, "base64"),
-            compressed: node.compressed,
-        };
-    }
-    return deserializeDirectory(node);
-}
-function deserializeDirectory(node) {
-    return {
-        type: "directory",
-        name: node.name,
-        mode: node.mode,
-        createdAt: new Date(node.createdAt),
-        updatedAt: new Date(node.updatedAt),
-        children: new Map(node.children.map((child) => [child.name, deserializeNode(child)])),
-    };
-}
-export function createSnapshot(root) {
-    return { root: serializeDirectory(root) };
-}
-export function applySnapshot(rootTarget, snapshot) {
-    const root = deserializeDirectory(snapshot.root);
-    rootTarget.name = root.name;
-    rootTarget.mode = root.mode;
-    rootTarget.createdAt = root.createdAt;
-    rootTarget.updatedAt = root.updatedAt;
-    rootTarget.children = root.children;
-}

package/dist/VirtualFileSystem/tree.d.ts

@@ -1,3 +0,0 @@
-import type { InternalDirectoryNode } from "./internalTypes";
-export declare function renderTree(node: InternalDirectoryNode, rootLabel: string): string;
-//# sourceMappingURL=tree.d.ts.map

package/dist/VirtualFileSystem/tree.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"tree.d.ts","sourceRoot":"","sources":["../../src/VirtualFileSystem/tree.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AA0B7D,wBAAgB,UAAU,CACzB,IAAI,EAAE,qBAAqB,EAC3B,SAAS,EAAE,MAAM,GACf,MAAM,CAIR"}

package/dist/VirtualFileSystem/tree.js

@@ -1,19 +0,0 @@
-function walkTree(node, indent, lines) {
-    const entries = Array.from(node.children.entries()).sort(([a], [b]) => a.localeCompare(b));
-    entries.forEach(([name, child], index) => {
-        const isLast = index === entries.length - 1;
-        const branch = isLast ? "`-- " : "|-- ";
-        const nextIndent = indent + (isLast ? "    " : "|   ");
-        if (child.type === "file") {
-            lines.push(`${indent}${branch}${name}${child.compressed ? " [gz]" : ""}`);
-            return;
-        }
-        lines.push(`${indent}${branch}${name}/`);
-        walkTree(child, nextIndent, lines);
-    });
-}
-export function renderTree(node, rootLabel) {
-    const lines = [rootLabel];
-    walkTree(node, "", lines);
-    return lines.join("\n");
-}

package/dist/honeypot.d.ts

@@ -1,132 +0,0 @@
-/**
- * Honeypot tracking and auditing module for virtual shell events.
- *
- * Attaches listeners to VirtualShell, VirtualFileSystem, VirtualUserManager,
- * SshMimic, and SftpMimic instances to log all activity for security auditing,
- * anomaly detection, and forensic analysis.
- *
- * @module honeypot
- */
-import type { VirtualShell } from "./VirtualShell";
-import type VirtualFileSystem from "./VirtualFileSystem";
-import type { VirtualUserManager } from "./VirtualUserManager";
-import type { SshMimic } from "./SSHMimic";
-import type { SftpMimic } from "./SSHMimic/sftp";
-/**
- * Audit log entry recorded for each event.
- */
-export interface AuditLogEntry {
-    timestamp: string;
-    type: string;
-    source: string;
-    details: Record<string, unknown>;
-}
-/**
- * Statistics tracker for honeypot activity.
- */
-export interface HoneyPotStats {
-    authAttempts: number;
-    authSuccesses: number;
-    authFailures: number;
-    commands: number;
-    fileWrites: number;
-    fileReads: number;
-    sessionStarts: number;
-    sessionEnds: number;
-    userCreated: number;
-    userDeleted: number;
-    clientConnects: number;
-    clientDisconnects: number;
-}
-/**
- * HoneyPot audit and event tracking utility.
- *
- * Singleton-like helper that attaches listeners to virtual shell components
- * and maintains an audit log of all activity.
- */
-export declare class HoneyPot {
-    private auditLog;
-    private stats;
-    private maxLogSize;
-    /**
-     * Creates a new HoneyPot instance.
-     *
-     * @param maxLogSize Maximum audit log entries to retain (default: 10000).
-     */
-    constructor(maxLogSize?: number);
-    /**
-     * Attaches honeypot listeners to all provided event emitters.
-     *
-     * @param shell VirtualShell instance.
-     * @param vfs VirtualFileSystem instance.
-     * @param users VirtualUserManager instance.
-     * @param ssh SshMimic instance (optional).
-     * @param sftp SftpMimic instance (optional).
-     */
-    attach(shell: VirtualShell, vfs: VirtualFileSystem, users: VirtualUserManager, ssh?: SshMimic, sftp?: SftpMimic): void;
-    /**
-     * Attaches to VirtualShell events.
-     */
-    private attachVirtualShell;
-    /**
-     * Attaches to VirtualFileSystem events.
-     */
-    private attachVirtualFileSystem;
-    /**
-     * Attaches to VirtualUserManager events.
-     */
-    private attachVirtualUserManager;
-    /**
-     * Attaches to SshMimic events.
-     */
-    private attachSshMimic;
-    /**
-     * Attaches to SftpMimic events.
-     */
-    private attachSftpMimic;
-    /**
-     * Records an audit log entry.
-     *
-     * @param source Event source (e.g., "SshMimic", "VirtualFileSystem").
-     * @param type Event type.
-     * @param details Event-specific data.
-     */
-    private log;
-    /**
-     * Returns audit log entries matching optional filters.
-     *
-     * @param type Optional event type filter.
-     * @param source Optional source filter.
-     * @returns Filtered audit log entries.
-     */
-    getAuditLog(type?: string, source?: string): AuditLogEntry[];
-    /**
-     * Returns current activity statistics.
-     *
-     * @returns Snapshot of honeypot stats.
-     */
-    getStats(): Readonly<HoneyPotStats>;
-    /**
-     * Clears audit log and resets statistics.
-     */
-    reset(): void;
-    /**
-     * Returns recent log entries in reverse chronological order.
-     *
-     * @param limit Number of recent entries to return (default: 100).
-     * @returns Recent audit log entries.
-     */
-    getRecent(limit?: number): AuditLogEntry[];
-    /**
-     * Detects potential security issues based on activity patterns.
-     *
-     * @returns Array of anomalies detected.
-     */
-    detectAnomalies(): Array<{
-        type: string;
-        severity: "low" | "medium" | "high";
-        message: string;
-    }>;
-}
-export default HoneyPot;
-//# sourceMappingURL=honeypot.d.ts.map

package/dist/honeypot.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"honeypot.d.ts","sourceRoot":"","sources":["../src/honeypot.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AACnD,OAAO,KAAK,iBAAiB,MAAM,qBAAqB,CAAC;AACzD,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC/D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAC3C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAEjD;;GAEG;AACH,MAAM,WAAW,aAAa;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC7B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,EAAE,MAAM,CAAC;CAC1B;AAED;;;;;GAKG;AACH,qBAAa,QAAQ;IACpB,OAAO,CAAC,QAAQ,CAAuB;IACvC,OAAO,CAAC,KAAK,CAaX;IAEF,OAAO,CAAC,UAAU,CAAS;IAE3B;;;;OAIG;gBACS,UAAU,GAAE,MAAc;IAItC;;;;;;;;OAQG;IACI,MAAM,CACZ,KAAK,EAAE,YAAY,EACnB,GAAG,EAAE,iBAAiB,EACtB,KAAK,EAAE,kBAAkB,EACzB,GAAG,CAAC,EAAE,QAAQ,EACd,IAAI,CAAC,EAAE,SAAS,GACd,IAAI;IAYP;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAmB1B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAoB/B;;OAEG;IACH,OAAO,CAAC,wBAAwB;IAkChC;;OAEG;IACH,OAAO,CAAC,cAAc;IAyCtB;;OAEG;IACH,OAAO,CAAC,eAAe;IAyCvB;;;;;;OAMG;IACH,OAAO,CAAC,GAAG;IAuBX;;;;;;OAMG;IACI,WAAW,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,aAAa,EAAE;IAOnE;;;;OAIG;IACI,QAAQ,IAAI,QAAQ,CAAC,aAAa,CAAC;IAI1C;;OAEG;IACI,KAAK,IAAI,IAAI;IAkBpB;;;;;OAKG;IACI,SAAS,CAAC,KAAK,GAAE,MAAY,GAAG,aAAa,EAAE;IAItD;;;;OAIG;IACI,eAAe,IAAI,KAAK,CAAC;QAC/B,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;QACpC,OAAO,EAAE,MAAM,CAAC;KAChB,CAAC;CAkDF;AAED,eAAe,QAAQ,CAAC"}

package/dist/honeypot.js

@@ -1,289 +0,0 @@
-/**
- * Honeypot tracking and auditing module for virtual shell events.
- *
- * Attaches listeners to VirtualShell, VirtualFileSystem, VirtualUserManager,
- * SshMimic, and SftpMimic instances to log all activity for security auditing,
- * anomaly detection, and forensic analysis.
- *
- * @module honeypot
- */
-/**
- * HoneyPot audit and event tracking utility.
- *
- * Singleton-like helper that attaches listeners to virtual shell components
- * and maintains an audit log of all activity.
- */
-export class HoneyPot {
-    auditLog = [];
-    stats = {
-        authAttempts: 0,
-        authSuccesses: 0,
-        authFailures: 0,
-        commands: 0,
-        fileWrites: 0,
-        fileReads: 0,
-        sessionStarts: 0,
-        sessionEnds: 0,
-        userCreated: 0,
-        userDeleted: 0,
-        clientConnects: 0,
-        clientDisconnects: 0,
-    };
-    maxLogSize;
-    /**
-     * Creates a new HoneyPot instance.
-     *
-     * @param maxLogSize Maximum audit log entries to retain (default: 10000).
-     */
-    constructor(maxLogSize = 10000) {
-        this.maxLogSize = maxLogSize;
-    }
-    /**
-     * Attaches honeypot listeners to all provided event emitters.
-     *
-     * @param shell VirtualShell instance.
-     * @param vfs VirtualFileSystem instance.
-     * @param users VirtualUserManager instance.
-     * @param ssh SshMimic instance (optional).
-     * @param sftp SftpMimic instance (optional).
-     */
-    attach(shell, vfs, users, ssh, sftp) {
-        this.attachVirtualShell(shell);
-        this.attachVirtualFileSystem(vfs);
-        this.attachVirtualUserManager(users);
-        if (ssh) {
-            this.attachSshMimic(ssh);
-        }
-        if (sftp) {
-            this.attachSftpMimic(sftp);
-        }
-    }
-    /**
-     * Attaches to VirtualShell events.
-     */
-    attachVirtualShell(shell) {
-        shell.on("initialized", () => {
-            this.log("VirtualShell", "initialized", {});
-        });
-        shell.on("command", (data) => {
-            this.stats.commands++;
-            this.log("VirtualShell", "command", data);
-        });
-        shell.on("session:start", (data) => {
-            this.stats.sessionStarts++;
-            this.log("VirtualShell", "session:start", data);
-        });
-    }
-    /**
-     * Attaches to VirtualFileSystem events.
-     */
-    attachVirtualFileSystem(vfs) {
-        vfs.on("file:read", (data) => {
-            this.stats.fileReads++;
-            this.log("VirtualFileSystem", "file:read", data);
-        });
-        vfs.on("file:write", (data) => {
-            this.stats.fileWrites++;
-            this.log("VirtualFileSystem", "file:write", data);
-        });
-        vfs.on("dir:create", (data) => {
-            this.log("VirtualFileSystem", "dir:create", data);
-        });
-        vfs.on("mirror:flush", () => {
-            this.log("VirtualFileSystem", "mirror:flush", {});
-        });
-    }
-    /**
-     * Attaches to VirtualUserManager events.
-     */
-    attachVirtualUserManager(users) {
-        users.on("initialized", () => {
-            this.log("VirtualUserManager", "initialized", {});
-        });
-        users.on("user:add", (data) => {
-            this.stats.userCreated++;
-            this.log("VirtualUserManager", "user:add", data);
-        });
-        users.on("user:delete", (data) => {
-            this.stats.userDeleted++;
-            this.log("VirtualUserManager", "user:delete", data);
-        });
-        users.on("session:register", (data) => {
-            this.log("VirtualUserManager", "session:register", data);
-        });
-        users.on("session:unregister", (data) => {
-            this.stats.sessionEnds++;
-            this.log("VirtualUserManager", "session:unregister", data);
-        });
-    }
-    /**
-     * Attaches to SshMimic events.
-     */
-    attachSshMimic(ssh) {
-        ssh.on("start", (data) => {
-            this.log("SshMimic", "start", data);
-        });
-        ssh.on("stop", () => {
-            this.log("SshMimic", "stop", {});
-        });
-        ssh.on("auth:success", (data) => {
-            this.stats.authAttempts++;
-            this.stats.authSuccesses++;
-            this.log("SshMimic", "auth:success", data);
-        });
-        ssh.on("auth:failure", (data) => {
-            this.stats.authAttempts++;
-            this.stats.authFailures++;
-            this.log("SshMimic", "auth:failure", data);
-        });
-        ssh.on("client:connect", () => {
-            this.stats.clientConnects++;
-            this.log("SshMimic", "client:connect", {});
-        });
-        ssh.on("client:disconnect", (data) => {
-            this.stats.clientDisconnects++;
-            this.log("SshMimic", "client:disconnect", data);
-        });
-    }
-    /**
-     * Attaches to SftpMimic events.
-     */
-    attachSftpMimic(sftp) {
-        sftp.on("start", (data) => {
-            this.log("SftpMimic", "start", data);
-        });
-        sftp.on("stop", () => {
-            this.log("SftpMimic", "stop", {});
-        });
-        sftp.on("auth:success", (data) => {
-            this.stats.authAttempts++;
-            this.stats.authSuccesses++;
-            this.log("SftpMimic", "auth:success", data);
-        });
-        sftp.on("auth:failure", (data) => {
-            this.stats.authAttempts++;
-            this.stats.authFailures++;
-            this.log("SftpMimic", "auth:failure", data);
-        });
-        sftp.on("client:connect", () => {
-            this.stats.clientConnects++;
-            this.log("SftpMimic", "client:connect", {});
-        });
-        sftp.on("client:disconnect", (data) => {
-            this.stats.clientDisconnects++;
-            this.log("SftpMimic", "client:disconnect", data);
-        });
-    }
-    /**
-     * Records an audit log entry.
-     *
-     * @param source Event source (e.g., "SshMimic", "VirtualFileSystem").
-     * @param type Event type.
-     * @param details Event-specific data.
-     */
-    log(source, type, details) {
-        const entry = {
-            timestamp: new Date().toISOString(),
-            type,
-            source,
-            details,
-        };
-        this.auditLog.push(entry);
-        // Trim log if exceeds max size
-        if (this.auditLog.length > this.maxLogSize) {
-            this.auditLog = this.auditLog.slice(-this.maxLogSize);
-        }
-        // Console output for real-time monitoring
-        console.log(`[AUDIT] ${entry.timestamp} | ${source} | ${type}`, details);
-    }
-    /**
-     * Returns audit log entries matching optional filters.
-     *
-     * @param type Optional event type filter.
-     * @param source Optional source filter.
-     * @returns Filtered audit log entries.
-     */
-    getAuditLog(type, source) {
-        return this.auditLog.filter((entry) => (!type || entry.type === type) && (!source || entry.source === source));
-    }
-    /**
-     * Returns current activity statistics.
-     *
-     * @returns Snapshot of honeypot stats.
-     */
-    getStats() {
-        return Object.freeze({ ...this.stats });
-    }
-    /**
-     * Clears audit log and resets statistics.
-     */
-    reset() {
-        this.auditLog = [];
-        this.stats = {
-            authAttempts: 0,
-            authSuccesses: 0,
-            authFailures: 0,
-            commands: 0,
-            fileWrites: 0,
-            fileReads: 0,
-            sessionStarts: 0,
-            sessionEnds: 0,
-            userCreated: 0,
-            userDeleted: 0,
-            clientConnects: 0,
-            clientDisconnects: 0,
-        };
-    }
-    /**
-     * Returns recent log entries in reverse chronological order.
-     *
-     * @param limit Number of recent entries to return (default: 100).
-     * @returns Recent audit log entries.
-     */
-    getRecent(limit = 100) {
-        return this.auditLog.slice(Math.max(0, this.auditLog.length - limit));
-    }
-    /**
-     * Detects potential security issues based on activity patterns.
-     *
-     * @returns Array of anomalies detected.
-     */
-    detectAnomalies() {
-        const anomalies = [];
-        // High auth failure rate
-        if (this.stats.authAttempts > 0 &&
-            this.stats.authFailures / this.stats.authAttempts > 0.5) {
-            anomalies.push({
-                type: "high_auth_failure_rate",
-                severity: "medium",
-                message: `Auth failure rate: ${((this.stats.authFailures / this.stats.authAttempts) * 100).toFixed(1)}%`,
-            });
-        }
-        // Excessive auth failures in short time
-        if (this.stats.authFailures > 10) {
-            anomalies.push({
-                type: "excessive_auth_failures",
-                severity: "high",
-                message: `${this.stats.authFailures} authentication failures detected`,
-            });
-        }
-        // Unusual command execution volume
-        if (this.stats.commands > 1000) {
-            anomalies.push({
-                type: "high_command_volume",
-                severity: "low",
-                message: `${this.stats.commands} commands executed`,
-            });
-        }
-        // Unusual file write volume
-        if (this.stats.fileWrites > 500) {
-            anomalies.push({
-                type: "high_write_volume",
-                severity: "medium",
-                message: `${this.stats.fileWrites} file write operations`,
-            });
-        }
-        return anomalies;
-    }
-}
-export default HoneyPot;

package/src/VirtualFileSystem/archive.ts

@@ -1,74 +0,0 @@
-import { promises as fs } from "node:fs";
-import * as tarStream from "tar-stream";
-import type { VfsSnapshot } from "../types/vfs";
-
-export async function archiveExists(archivePath: string): Promise<boolean> {
-	try {
-		await fs.access(archivePath);
-		return true;
-	} catch {
-		return false;
-	}
-}
-
-export async function createTarBuffer(snapshotJson: string): Promise<Buffer> {
-	const pack = tarStream.pack();
-	const chunks: Buffer[] = [];
-
-	const finished = new Promise<Buffer>((resolve, reject) => {
-		pack.on("data", (chunk: Buffer) => chunks.push(Buffer.from(chunk)));
-		pack.on("error", reject);
-		pack.on("end", () => resolve(Buffer.concat(chunks)));
-	});
-
-	pack.entry(
-		{ name: "snapshot.json", mode: 0o600 },
-		snapshotJson,
-		(error?: Error | null) => {
-			if (error) {
-				return;
-			}
-
-			pack.finalize();
-		},
-	);
-
-	return finished;
-}
-
-export async function readSnapshotFromTar(
-	tarBuffer: Buffer,
-): Promise<VfsSnapshot> {
-	return new Promise<VfsSnapshot>((resolve, reject) => {
-		const extract = tarStream.extract();
-		let snapshotText = "";
-		let found = false;
-
-		extract.on("entry", (header, stream, next) => {
-			if (header.name === "snapshot.json") {
-				found = true;
-				stream.on("data", (chunk: Buffer) => {
-					snapshotText += chunk.toString("utf8");
-				});
-				stream.on("end", next);
-				stream.resume();
-				return;
-			}
-
-			stream.resume();
-			stream.on("end", next);
-		});
-
-		extract.on("finish", () => {
-			if (!found) {
-				reject(new Error("snapshot.json missing from archive"));
-				return;
-			}
-
-			resolve(JSON.parse(snapshotText) as VfsSnapshot);
-		});
-
-		extract.on("error", reject);
-		extract.end(tarBuffer);
-	});
-}

package/src/VirtualFileSystem/snapshot.ts

@@ -1,84 +0,0 @@
-import type {
-	VfsSnapshot,
-	VfsSnapshotDirectoryNode,
-	VfsSnapshotNode,
-} from "../types/vfs";
-import type { InternalDirectoryNode, InternalNode } from "./internalTypes";
-
-function serializeNode(node: InternalNode): VfsSnapshotNode {
-	if (node.type === "file") {
-		return {
-			type: "file",
-			name: node.name,
-			mode: node.mode,
-			createdAt: node.createdAt.toISOString(),
-			updatedAt: node.updatedAt.toISOString(),
-			compressed: node.compressed,
-			contentBase64: node.content.toString("base64"),
-		};
-	}
-
-	return serializeDirectory(node);
-}
-
-function serializeDirectory(
-	node: InternalDirectoryNode,
-): VfsSnapshotDirectoryNode {
-	return {
-		type: "directory",
-		name: node.name,
-		mode: node.mode,
-		createdAt: node.createdAt.toISOString(),
-		updatedAt: node.updatedAt.toISOString(),
-		children: Array.from(node.children.values()).map((child) =>
-			serializeNode(child),
-		),
-	};
-}
-
-function deserializeNode(node: VfsSnapshotNode): InternalNode {
-	if (node.type === "file") {
-		return {
-			type: "file",
-			name: node.name,
-			mode: node.mode,
-			createdAt: new Date(node.createdAt),
-			updatedAt: new Date(node.updatedAt),
-			content: Buffer.from(node.contentBase64, "base64"),
-			compressed: node.compressed,
-		};
-	}
-
-	return deserializeDirectory(node);
-}
-
-function deserializeDirectory(
-	node: VfsSnapshotDirectoryNode,
-): InternalDirectoryNode {
-	return {
-		type: "directory",
-		name: node.name,
-		mode: node.mode,
-		createdAt: new Date(node.createdAt),
-		updatedAt: new Date(node.updatedAt),
-		children: new Map<string, InternalNode>(
-			node.children.map((child) => [child.name, deserializeNode(child)]),
-		),
-	};
-}
-
-export function createSnapshot(root: InternalDirectoryNode): VfsSnapshot {
-	return { root: serializeDirectory(root) };
-}
-
-export function applySnapshot(
-	rootTarget: InternalDirectoryNode,
-	snapshot: VfsSnapshot,
-): void {
-	const root = deserializeDirectory(snapshot.root);
-	rootTarget.name = root.name;
-	rootTarget.mode = root.mode;
-	rootTarget.createdAt = root.createdAt;
-	rootTarget.updatedAt = root.updatedAt;
-	rootTarget.children = root.children;
-}

package/src/VirtualFileSystem/tree.ts

@@ -1,34 +0,0 @@
-import type { InternalDirectoryNode } from "./internalTypes";
-
-function walkTree(
-	node: InternalDirectoryNode,
-	indent: string,
-	lines: string[],
-): void {
-	const entries = Array.from(node.children.entries()).sort(([a], [b]) =>
-		a.localeCompare(b),
-	);
-
-	entries.forEach(([name, child], index) => {
-		const isLast = index === entries.length - 1;
-		const branch = isLast ? "`-- " : "|-- ";
-		const nextIndent = indent + (isLast ? "    " : "|   ");
-
-		if (child.type === "file") {
-			lines.push(`${indent}${branch}${name}${child.compressed ? " [gz]" : ""}`);
-			return;
-		}
-
-		lines.push(`${indent}${branch}${name}/`);
-		walkTree(child, nextIndent, lines);
-	});
-}
-
-export function renderTree(
-	node: InternalDirectoryNode,
-	rootLabel: string,
-): string {
-	const lines: string[] = [rootLabel];
-	walkTree(node, "", lines);
-	return lines.join("\n");
-}