veryfront 0.0.4 → 0.0.6

package/dist/ai/production.js

@@ -0,0 +1,934 @@
+// src/core/errors/veryfront-error.ts
+function createError(error) {
+  return error;
+}
+function toError(veryfrontError) {
+  const error = new Error(veryfrontError.message);
+  error.name = `VeryfrontError[${veryfrontError.type}]`;
+  Object.defineProperty(error, "context", {
+    value: veryfrontError,
+    enumerable: false,
+    configurable: true
+  });
+  return error;
+}
+
+// src/ai/production/rate-limit/limiter.ts
+var FixedWindowLimiter = class {
+  constructor(config) {
+    this.requests = /* @__PURE__ */ new Map();
+    this.config = config;
+  }
+  check(identifier) {
+    const now = Date.now();
+    const entry = this.requests.get(identifier);
+    if (!entry || now >= entry.resetAt) {
+      const resetAt = now + this.config.windowMs;
+      this.requests.set(identifier, {
+        count: 1,
+        resetAt
+      });
+      return {
+        allowed: true,
+        remaining: this.config.maxRequests - 1,
+        resetAt
+      };
+    }
+    if (entry.count < this.config.maxRequests) {
+      entry.count++;
+      return {
+        allowed: true,
+        remaining: this.config.maxRequests - entry.count,
+        resetAt: entry.resetAt
+      };
+    }
+    return {
+      allowed: false,
+      remaining: 0,
+      resetAt: entry.resetAt,
+      retryAfter: Math.ceil((entry.resetAt - now) / 1e3)
+    };
+  }
+  reset(identifier) {
+    this.requests.delete(identifier);
+  }
+  clear() {
+    this.requests.clear();
+  }
+};
+var TokenBucketLimiter = class {
+  constructor(config) {
+    this.buckets = /* @__PURE__ */ new Map();
+    this.config = config;
+    this.refillRate = config.maxRequests / config.windowMs;
+  }
+  check(identifier) {
+    const now = Date.now();
+    let bucket = this.buckets.get(identifier);
+    if (!bucket) {
+      bucket = {
+        tokens: this.config.maxRequests - 1,
+        lastRefill: now
+      };
+      this.buckets.set(identifier, bucket);
+      return {
+        allowed: true,
+        remaining: bucket.tokens,
+        resetAt: now + this.config.windowMs
+      };
+    }
+    const timePassed = now - bucket.lastRefill;
+    const tokensToAdd = timePassed * this.refillRate;
+    bucket.tokens = Math.min(
+      this.config.maxRequests,
+      bucket.tokens + tokensToAdd
+    );
+    bucket.lastRefill = now;
+    if (bucket.tokens >= 1) {
+      bucket.tokens--;
+      return {
+        allowed: true,
+        remaining: Math.floor(bucket.tokens),
+        resetAt: now + this.config.windowMs
+      };
+    }
+    const timeUntilToken = (1 - bucket.tokens) / this.refillRate;
+    return {
+      allowed: false,
+      remaining: 0,
+      resetAt: now + this.config.windowMs,
+      retryAfter: Math.ceil(timeUntilToken / 1e3)
+    };
+  }
+  reset(identifier) {
+    this.buckets.delete(identifier);
+  }
+  clear() {
+    this.buckets.clear();
+  }
+};
+function createRateLimiter(config) {
+  let limiter;
+  switch (config.strategy) {
+    case "fixed-window":
+      limiter = new FixedWindowLimiter(config);
+      break;
+    case "token-bucket":
+      limiter = new TokenBucketLimiter(config);
+      break;
+    case "sliding-window":
+      limiter = new TokenBucketLimiter(config);
+      break;
+    default:
+      limiter = new FixedWindowLimiter(config);
+  }
+  return {
+    /**
+     * Check if request is allowed
+     */
+    check(context) {
+      const identifier = config.identify ? config.identify(context) : "default";
+      return limiter.check(identifier);
+    },
+    /**
+     * Reset rate limit for identifier
+     */
+    reset(context) {
+      const identifier = config.identify ? config.identify(context) : "default";
+      limiter.reset(identifier);
+    },
+    /**
+     * Clear all rate limits
+     */
+    clear() {
+      limiter.clear();
+    }
+  };
+}
+function rateLimitMiddleware(config) {
+  const limiter = createRateLimiter(config);
+  return (context, next) => {
+    const result = limiter.check(context);
+    if (!result.allowed) {
+      throw toError(createError({
+        type: "agent",
+        message: config.errorMessage || `Rate limit exceeded. Try again in ${result.retryAfter} seconds.`
+      }));
+    }
+    return next();
+  };
+}
+
+// src/ai/production/cache/cache.ts
+var MemoryCache = class {
+  constructor() {
+    this.cache = /* @__PURE__ */ new Map();
+  }
+  set(key, response) {
+    this.cache.set(key, {
+      response,
+      cachedAt: Date.now(),
+      accessCount: 0,
+      lastAccessedAt: Date.now()
+    });
+  }
+  get(key) {
+    const entry = this.cache.get(key);
+    if (!entry)
+      return null;
+    entry.accessCount++;
+    entry.lastAccessedAt = Date.now();
+    return entry.response;
+  }
+  has(key) {
+    return this.cache.has(key);
+  }
+  delete(key) {
+    this.cache.delete(key);
+  }
+  clear() {
+    this.cache.clear();
+  }
+  size() {
+    return this.cache.size;
+  }
+};
+var LRUCache = class {
+  constructor(maxSize = 100) {
+    this.cache = /* @__PURE__ */ new Map();
+    this.maxSize = maxSize;
+  }
+  set(key, response) {
+    if (this.cache.has(key)) {
+      this.cache.delete(key);
+    }
+    if (this.cache.size >= this.maxSize) {
+      const firstKey = this.cache.keys().next().value;
+      if (firstKey !== void 0) {
+        this.cache.delete(firstKey);
+      }
+    }
+    this.cache.set(key, {
+      response,
+      cachedAt: Date.now(),
+      accessCount: 0,
+      lastAccessedAt: Date.now()
+    });
+  }
+  get(key) {
+    const entry = this.cache.get(key);
+    if (!entry)
+      return null;
+    this.cache.delete(key);
+    entry.accessCount++;
+    entry.lastAccessedAt = Date.now();
+    this.cache.set(key, entry);
+    return entry.response;
+  }
+  has(key) {
+    return this.cache.has(key);
+  }
+  delete(key) {
+    this.cache.delete(key);
+  }
+  clear() {
+    this.cache.clear();
+  }
+  size() {
+    return this.cache.size;
+  }
+};
+var TTLCache = class {
+  constructor(ttl = 3e5) {
+    this.cache = /* @__PURE__ */ new Map();
+    this.cleanupInterval = null;
+    this.ttl = ttl;
+    this.startCleanup();
+  }
+  set(key, response) {
+    const now = Date.now();
+    this.cache.set(key, {
+      response,
+      cachedAt: now,
+      expiresAt: now + this.ttl,
+      accessCount: 0,
+      lastAccessedAt: now
+    });
+  }
+  get(key) {
+    const entry = this.cache.get(key);
+    if (!entry)
+      return null;
+    if (entry.expiresAt && Date.now() >= entry.expiresAt) {
+      this.cache.delete(key);
+      return null;
+    }
+    entry.accessCount++;
+    entry.lastAccessedAt = Date.now();
+    return entry.response;
+  }
+  has(key) {
+    const entry = this.cache.get(key);
+    if (!entry)
+      return false;
+    if (entry.expiresAt && Date.now() >= entry.expiresAt) {
+      this.cache.delete(key);
+      return false;
+    }
+    return true;
+  }
+  delete(key) {
+    this.cache.delete(key);
+  }
+  clear() {
+    this.cache.clear();
+  }
+  size() {
+    return this.cache.size;
+  }
+  destroy() {
+    if (this.cleanupInterval) {
+      clearInterval(this.cleanupInterval);
+      this.cleanupInterval = null;
+    }
+    this.cache.clear();
+  }
+  startCleanup() {
+    this.cleanupInterval = setInterval(() => {
+      const now = Date.now();
+      for (const [key, entry] of this.cache.entries()) {
+        if (entry.expiresAt && now >= entry.expiresAt) {
+          this.cache.delete(key);
+        }
+      }
+    }, 6e4);
+  }
+};
+function createCache(config) {
+  let cache;
+  switch (config.strategy) {
+    case "memory":
+      cache = new MemoryCache();
+      break;
+    case "lru":
+      cache = new LRUCache(config.maxSize || 100);
+      break;
+    case "ttl":
+      cache = new TTLCache(config.ttl || 3e5);
+      break;
+    default:
+      cache = new MemoryCache();
+  }
+  const keyGenerator = config.keyGenerator || ((input) => `cache_${hashString(input)}`);
+  return {
+    /**
+     * Get cached response
+     */
+    get(input, context) {
+      const key = keyGenerator(input, context);
+      return cache.get(key);
+    },
+    /**
+     * Set cached response
+     */
+    set(input, response, context) {
+      const key = keyGenerator(input, context);
+      cache.set(key, response);
+    },
+    /**
+     * Check if cached
+     */
+    has(input, context) {
+      const key = keyGenerator(input, context);
+      return cache.has(key);
+    },
+    /**
+     * Delete cached entry
+     */
+    delete(input, context) {
+      const key = keyGenerator(input, context);
+      cache.delete(key);
+    },
+    /**
+     * Clear all cache
+     */
+    clear() {
+      cache.clear();
+    },
+    /**
+     * Get cache size
+     */
+    size() {
+      return cache.size();
+    }
+  };
+}
+function hashString(str) {
+  let hash = 0;
+  for (let i = 0; i < str.length; i++) {
+    const char = str.charCodeAt(i);
+    hash = (hash << 5) - hash + char;
+    hash = hash & hash;
+  }
+  return Math.abs(hash).toString(36);
+}
+function cacheMiddleware(config) {
+  const cache = createCache(config);
+  return async (context, next) => {
+    const inputString = typeof context.input === "string" ? context.input : JSON.stringify(context.input);
+    const cached = cache.get(inputString, context);
+    if (cached) {
+      return {
+        ...cached,
+        metadata: {
+          ...cached.metadata,
+          fromCache: true,
+          cachedAt: Date.now()
+        }
+      };
+    }
+    const result = await next();
+    cache.set(inputString, result, context);
+    return result;
+  };
+}
+
+// src/core/utils/runtime-guards.ts
+function hasDenoRuntime(global) {
+  return typeof global === "object" && global !== null && "Deno" in global && typeof global.Deno?.env?.get === "function";
+}
+function hasNodeProcess(global) {
+  return typeof global === "object" && global !== null && "process" in global && typeof global.process?.env === "object";
+}
+
+// src/core/utils/logger/env.ts
+function getEnvironmentVariable(name) {
+  try {
+    if (typeof Deno !== "undefined" && hasDenoRuntime(globalThis)) {
+      const value = globalThis.Deno?.env.get(name);
+      return value === "" ? void 0 : value;
+    }
+    if (hasNodeProcess(globalThis)) {
+      const value = globalThis.process?.env[name];
+      return value === "" ? void 0 : value;
+    }
+  } catch {
+    return void 0;
+  }
+  return void 0;
+}
+
+// src/core/utils/logger/logger.ts
+var cachedLogLevel;
+function resolveLogLevel(force = false) {
+  if (force || cachedLogLevel === void 0) {
+    cachedLogLevel = getDefaultLevel();
+  }
+  return cachedLogLevel;
+}
+var ConsoleLogger = class {
+  constructor(prefix, level = resolveLogLevel()) {
+    this.prefix = prefix;
+    this.level = level;
+  }
+  setLevel(level) {
+    this.level = level;
+  }
+  getLevel() {
+    return this.level;
+  }
+  debug(message, ...args) {
+    if (this.level <= 0 /* DEBUG */) {
+      console.debug(`[${this.prefix}] DEBUG: ${message}`, ...args);
+    }
+  }
+  info(message, ...args) {
+    if (this.level <= 1 /* INFO */) {
+      console.log(`[${this.prefix}] ${message}`, ...args);
+    }
+  }
+  warn(message, ...args) {
+    if (this.level <= 2 /* WARN */) {
+      console.warn(`[${this.prefix}] WARN: ${message}`, ...args);
+    }
+  }
+  error(message, ...args) {
+    if (this.level <= 3 /* ERROR */) {
+      console.error(`[${this.prefix}] ERROR: ${message}`, ...args);
+    }
+  }
+  async time(label, fn) {
+    const start = performance.now();
+    try {
+      const result = await fn();
+      const end = performance.now();
+      this.debug(`${label} completed in ${(end - start).toFixed(2)}ms`);
+      return result;
+    } catch (error) {
+      const end = performance.now();
+      this.error(`${label} failed after ${(end - start).toFixed(2)}ms`, error);
+      throw error;
+    }
+  }
+};
+function parseLogLevel(levelString) {
+  if (!levelString)
+    return void 0;
+  const upper = levelString.toUpperCase();
+  switch (upper) {
+    case "DEBUG":
+      return 0 /* DEBUG */;
+    case "WARN":
+      return 2 /* WARN */;
+    case "ERROR":
+      return 3 /* ERROR */;
+    case "INFO":
+      return 1 /* INFO */;
+    default:
+      return void 0;
+  }
+}
+var getDefaultLevel = () => {
+  const envLevel = getEnvironmentVariable("LOG_LEVEL");
+  const parsedLevel = parseLogLevel(envLevel);
+  if (parsedLevel !== void 0)
+    return parsedLevel;
+  const debugFlag = getEnvironmentVariable("VERYFRONT_DEBUG");
+  if (debugFlag === "1" || debugFlag === "true")
+    return 0 /* DEBUG */;
+  return 1 /* INFO */;
+};
+var trackedLoggers = /* @__PURE__ */ new Set();
+function createLogger(prefix) {
+  const logger2 = new ConsoleLogger(prefix);
+  trackedLoggers.add(logger2);
+  return logger2;
+}
+var cliLogger = createLogger("CLI");
+var serverLogger = createLogger("SERVER");
+var rendererLogger = createLogger("RENDERER");
+var bundlerLogger = createLogger("BUNDLER");
+var agentLogger = createLogger("AGENT");
+var logger = createLogger("VERYFRONT");
+
+// src/ai/production/cost-tracking/tracker.ts
+var CostTracker = class {
+  constructor(config) {
+    this.records = [];
+    this.dailyTotal = 0;
+    this.monthlyTotal = 0;
+    this.lastDayReset = Date.now();
+    this.lastMonthReset = Date.now();
+    this.resetInterval = null;
+    this.config = config;
+    this.startPeriodicReset();
+  }
+  /**
+   * Track an agent response
+   */
+  track(agentId, model, response, userId) {
+    if (!response.usage) {
+      agentLogger.warn("No usage data in response, cannot track costs");
+      return this.createEmptyRecord(agentId, model);
+    }
+    const provider = model.split("/")[0] || "unknown";
+    const cost = this.calculateCost(
+      provider,
+      response.usage.promptTokens,
+      response.usage.completionTokens
+    );
+    const record = {
+      timestamp: Date.now(),
+      agentId,
+      model,
+      provider,
+      tokens: {
+        prompt: response.usage.promptTokens,
+        completion: response.usage.completionTokens,
+        total: response.usage.totalTokens
+      },
+      cost,
+      userId
+    };
+    this.records.push(record);
+    this.dailyTotal += cost;
+    this.monthlyTotal += cost;
+    this.checkLimits();
+    return record;
+  }
+  /**
+   * Calculate cost based on token usage
+   */
+  calculateCost(provider, inputTokens, outputTokens) {
+    const pricing = this.config.pricing[provider];
+    if (!pricing) {
+      agentLogger.warn(`No pricing configured for provider: ${provider}`);
+      return 0;
+    }
+    const inputCost = inputTokens / 1e6 * pricing.input;
+    const outputCost = outputTokens / 1e6 * pricing.output;
+    return inputCost + outputCost;
+  }
+  /**
+   * Get usage summary for a period
+   */
+  getSummary(startTime, endTime) {
+    const start = startTime || 0;
+    const end = endTime || Date.now();
+    const relevantRecords = this.records.filter(
+      (r) => r.timestamp >= start && r.timestamp <= end
+    );
+    const summary = {
+      requests: relevantRecords.length,
+      tokens: {
+        prompt: 0,
+        completion: 0,
+        total: 0
+      },
+      cost: 0,
+      byProvider: {},
+      period: { start, end }
+    };
+    for (const record of relevantRecords) {
+      summary.tokens.prompt += record.tokens.prompt;
+      summary.tokens.completion += record.tokens.completion;
+      summary.tokens.total += record.tokens.total;
+      summary.cost += record.cost;
+      if (!summary.byProvider[record.provider]) {
+        summary.byProvider[record.provider] = {
+          requests: 0,
+          tokens: 0,
+          cost: 0
+        };
+      }
+      const providerStats = summary.byProvider[record.provider];
+      providerStats.requests++;
+      providerStats.tokens += record.tokens.total;
+      providerStats.cost += record.cost;
+    }
+    return summary;
+  }
+  /**
+   * Get daily summary
+   */
+  getDailySummary() {
+    const now = Date.now();
+    const dayStart = now - 24 * 60 * 60 * 1e3;
+    return this.getSummary(dayStart, now);
+  }
+  /**
+   * Get monthly summary
+   */
+  getMonthlySummary() {
+    const now = Date.now();
+    const monthStart = now - 30 * 24 * 60 * 60 * 1e3;
+    return this.getSummary(monthStart, now);
+  }
+  /**
+   * Check if limits are exceeded
+   */
+  checkLimits() {
+    if (this.config.limits?.daily && this.dailyTotal > this.config.limits.daily) {
+      if (this.config.onLimitExceeded) {
+        this.config.onLimitExceeded(this.getDailySummary());
+      }
+    }
+    if (this.config.limits?.monthly && this.monthlyTotal > this.config.limits.monthly) {
+      if (this.config.onLimitExceeded) {
+        this.config.onLimitExceeded(this.getMonthlySummary());
+      }
+    }
+  }
+  startPeriodicReset() {
+    this.resetInterval = setInterval(() => {
+      const now = Date.now();
+      if (now - this.lastDayReset >= 24 * 60 * 60 * 1e3) {
+        this.dailyTotal = 0;
+        this.lastDayReset = now;
+      }
+      if (now - this.lastMonthReset >= 30 * 24 * 60 * 60 * 1e3) {
+        this.monthlyTotal = 0;
+        this.lastMonthReset = now;
+      }
+    }, 6e4);
+  }
+  destroy() {
+    if (this.resetInterval) {
+      clearInterval(this.resetInterval);
+      this.resetInterval = null;
+    }
+    this.records = [];
+  }
+  /**
+   * Create empty record
+   */
+  createEmptyRecord(agentId, model) {
+    return {
+      timestamp: Date.now(),
+      agentId,
+      model,
+      provider: model.split("/")[0] || "unknown",
+      tokens: { prompt: 0, completion: 0, total: 0 },
+      cost: 0
+    };
+  }
+  /**
+   * Get all records
+   */
+  getAllRecords() {
+    return [...this.records];
+  }
+  /**
+   * Clear all records
+   */
+  clear() {
+    this.records = [];
+    this.dailyTotal = 0;
+    this.monthlyTotal = 0;
+  }
+};
+function createCostTracker(config) {
+  const tracker = new CostTracker(config);
+  return {
+    /**
+     * Track agent response
+     */
+    track(agentId, model, response, userId) {
+      return tracker.track(agentId, model, response, userId);
+    },
+    /**
+     * Get usage summary
+     */
+    getSummary(startTime, endTime) {
+      return tracker.getSummary(startTime, endTime);
+    },
+    /**
+     * Get daily summary
+     */
+    getDailySummary() {
+      return tracker.getDailySummary();
+    },
+    /**
+     * Get monthly summary
+     */
+    getMonthlySummary() {
+      return tracker.getMonthlySummary();
+    },
+    /**
+     * Get all records
+     */
+    getAllRecords() {
+      return tracker.getAllRecords();
+    },
+    /**
+     * Clear all data
+     */
+    clear() {
+      tracker.clear();
+    }
+  };
+}
+function costTrackingMiddleware(config) {
+  const tracker = createCostTracker(config);
+  return async (context, next) => {
+    const result = await next();
+    tracker.track(
+      context.agentId,
+      context.model || "unknown",
+      result,
+      context.data?.userId
+    );
+    return result;
+  };
+}
+
+// src/ai/production/security/validator.ts
+var COMMON_BLOCKED_PATTERNS = {
+  /** Prompt injection attempts */
+  promptInjection: [
+    /ignore\s+previous\s+instructions/i,
+    /ignore\s+all\s+previous\s+prompts/i,
+    /you\s+are\s+now\s+a/i,
+    /pretend\s+you\s+are/i,
+    /system:\s*/i,
+    /<\|im_start\|>/i,
+    /<\|im_end\|>/i
+  ],
+  /** Potential data exfiltration */
+  dataExfiltration: [
+    /password/i,
+    /api[_\s-]?key/i,
+    /secret/i,
+    /token/i,
+    /credit\s+card/i
+  ],
+  /** SQL injection patterns */
+  sqlInjection: [
+    /(\bUNION\b|\bSELECT\b).*\bFROM\b/i,
+    /;\s*(DROP|DELETE|UPDATE|INSERT)/i
+  ],
+  /** XSS patterns */
+  xss: [
+    /<script[^>]*>.*?<\/script>/gi,
+    /javascript:/i,
+    /on\w+\s*=/i
+    // Event handlers
+  ]
+};
+var PII_PATTERNS = {
+  email: /\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}\b/gi,
+  phone: /\b(\+\d{1,3}[-.\s]?)?\(?\d{3}\)?[-.\s]?\d{3}[-.\s]?\d{4}\b/g,
+  ssn: /\b\d{3}-\d{2}-\d{4}\b/g,
+  creditCard: /\b\d{4}[-\s]?\d{4}[-\s]?\d{4}[-\s]?\d{4}\b/g
+};
+var InputValidator = class {
+  constructor(config) {
+    this.config = config || {};
+  }
+  /**
+   * Validate input
+   */
+  async validate(input) {
+    const violations = [];
+    if (this.config?.maxLength && input.length > this.config.maxLength) {
+      violations.push({
+        type: "input",
+        reason: `Input exceeds maximum length of ${this.config.maxLength}`,
+        content: input.substring(0, 100) + "..."
+      });
+    }
+    if (this.config?.blockedPatterns) {
+      for (const pattern of this.config.blockedPatterns) {
+        if (pattern.test(input)) {
+          violations.push({
+            type: "input",
+            reason: "Input matches blocked pattern",
+            content: input,
+            pattern
+          });
+        }
+      }
+    }
+    if (this.config?.validate) {
+      const customValid = await this.config.validate(input);
+      if (!customValid) {
+        violations.push({
+          type: "input",
+          reason: "Custom validation failed",
+          content: input
+        });
+      }
+    }
+    let sanitized = input;
+    if (this.config?.sanitize) {
+      sanitized = this.sanitizeInput(input);
+    }
+    return {
+      valid: violations.length === 0,
+      sanitized: this.config?.sanitize ? sanitized : void 0,
+      violations
+    };
+  }
+  /**
+   * Sanitize input (remove potentially harmful content)
+   */
+  sanitizeInput(input) {
+    let sanitized = input;
+    sanitized = sanitized.replace(/<script[^>]*>.*?<\/script>/gi, "");
+    sanitized = sanitized.replace(/on\w+\s*=\s*["'][^"']*["']/gi, "");
+    sanitized = sanitized.replace(/javascript:/gi, "");
+    return sanitized;
+  }
+};
+var OutputFilter = class {
+  constructor(config) {
+    this.config = config || {};
+  }
+  /**
+   * Filter output
+   */
+  async filter(output) {
+    const violations = [];
+    let filtered = output;
+    if (this.config?.blockedPatterns) {
+      for (const pattern of this.config.blockedPatterns) {
+        if (pattern.test(filtered)) {
+          violations.push({
+            type: "output",
+            reason: "Output contains blocked pattern",
+            content: filtered,
+            pattern
+          });
+          filtered = filtered.replace(pattern, "[REDACTED]");
+        }
+      }
+    }
+    if (this.config?.filterPII) {
+      filtered = this.filterPII(filtered);
+    }
+    if (this.config?.filter) {
+      filtered = await this.config.filter(filtered);
+    }
+    return { filtered, violations };
+  }
+  /**
+   * Filter PII from output
+   */
+  filterPII(output) {
+    let filtered = output;
+    filtered = filtered.replace(PII_PATTERNS.email, "[EMAIL]");
+    filtered = filtered.replace(PII_PATTERNS.phone, "[PHONE]");
+    filtered = filtered.replace(PII_PATTERNS.ssn, "[SSN]");
+    filtered = filtered.replace(PII_PATTERNS.creditCard, "[CREDIT_CARD]");
+    return filtered;
+  }
+};
+function securityMiddleware(config) {
+  const inputValidator = new InputValidator(config.input);
+  const outputFilter = new OutputFilter(config.output);
+  return async (context, next) => {
+    const inputString = typeof context.input === "string" ? context.input : JSON.stringify(context.input);
+    const inputValidation = await inputValidator.validate(inputString);
+    if (!inputValidation.valid) {
+      inputValidation.violations.forEach((v) => {
+        if (config.onViolation) {
+          config.onViolation(v);
+        }
+      });
+      const firstViolation = inputValidation.violations[0];
+      throw toError(createError({
+        type: "agent",
+        message: `Input validation failed: ${firstViolation?.reason || "Unknown reason"}`
+      }));
+    }
+    if (inputValidation.sanitized) {
+      context.input = inputValidation.sanitized;
+    }
+    const result = await next();
+    const outputFiltering = await outputFilter.filter(result.text);
+    if (outputFiltering.violations.length > 0) {
+      outputFiltering.violations.forEach((v) => {
+        if (config.onViolation) {
+          config.onViolation(v);
+        }
+      });
+    }
+    return {
+      ...result,
+      text: outputFiltering.filtered
+    };
+  };
+}
+export {
+  COMMON_BLOCKED_PATTERNS,
+  InputValidator,
+  OutputFilter,
+  cacheMiddleware,
+  costTrackingMiddleware,
+  createCache,
+  createCostTracker,
+  createRateLimiter,
+  rateLimitMiddleware,
+  securityMiddleware
+};
+//# sourceMappingURL=production.js.map