veto-sdk 2.2.0 → 2.3.0

package/dist/proxy/server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/proxy/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,KAAK,MAAM,YAAY,CAAC;AAC/B,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAE/B,OAAO,EACL,gBAAgB,EAChB,mBAAmB,EACnB,YAAY,EACZ,iBAAiB,GAElB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,wBAAwB,EACxB,0BAA0B,EAC1B,sBAAsB,EACtB,0BAA0B,GAE3B,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AAEvC,MAAM,sBAAsB,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,QAAQ;AAEzD,SAAS,aAAa,CAAC,MAAmB;IACxC,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC;IACpC,IAAI,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,WAAW;QAAE,OAAO,GAAG,CAAC;IACxD,OAAO,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC;AACtE,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,aAAa,CAC1B,SAA+B,EAC/B,SAA8B,EAC9B,MAAmB,EACnB,IAAU;IAEV,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,MAAM,GAAG,SAAS,CAAC,GAAG,IAAI,GAAG,CAAC;IACpC,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IAErC,MAAM,iBAAiB,GACrB,MAAM,KAAK,WAAW;QACpB,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAC;QACjC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC;IAE3C,0CAA0C;IAC1C,MAAM,OAAO,GAAkD;QAC7D,GAAG,SAAS,CAAC,OAAO;QACpB,IAAI,EAAE,MAAM,CAAC,IAAI;KAClB,CAAC;IACF,wDAAwD;IACxD,OAAO,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAEjC,uCAAuC;IACvC,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,IAAI,QAAQ,GAAG,CAAC,CAAC;IACjB,IAAI,iBAAiB,GAAG,KAAK,CAAC;IAC9B,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,KAAe,CAAC;QAC5B,QAAQ,IAAI,GAAG,CAAC,MAAM,CAAC;QACvB,IAAI,QAAQ,GAAG,sBAAsB,EAAE,CAAC;YACtC,iBAAiB,GAAG,IAAI,CAAC;YACzB,SAAS,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM;QACR,CAAC;QACD,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACvB,CAAC;IACD,IAAI,iBAAiB,EAAE,CAAC;QACtB,SAAS,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,CAAC;QAC3D,SAAS,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QACxC,OAAO;IACT,CAAC;IACD,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAEvC,IAAI,UAAU,GAAmC,IAAI,CAAC;IACtD,IAAI,iBAAiB,EAAE,CAAC;QACtB,IAAI,CAAC;YACH,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAA4B,CAAC;QAC7E,CAAC;QAAC,MAAM,CAAC;YACP,sDAAsD;QACxD,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,UAAU,EAAE,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC;IAEjD,MAAM,eAAe,GAAyB;QAC5C,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAC9D,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,SAAS,CAAC,MAAM;QACxB,OAAO,EAAE;YACP,GAAG,OAAO;YACV,gBAAgB,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE;SACzC;KACF,CAAC;IAEF,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;IAEhE,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC1C,MAAM,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,eAAe,EAAE,CAAC,WAAW,EAAE,EAAE;YACvE,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACvB,SAAS,CAAC,SAAS,CAAC,WAAW,CAAC,UAAU,IAAI,GAAG,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;gBACxE,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAC5B,WAAW,CAAC,EAAE,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBAC/B,WAAW,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;gBAChC,OAAO;YACT,CAAC;YAED,IAAI,MAAM,KAAK,WAAW,EAAE,CAAC;gBAC3B,IAAI,QAAQ,EAAE,CAAC;oBACb,SAAS,CAAC,SAAS,CAAC,WAAW,CAAC,UAAU,IAAI,GAAG,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;oBACxE,2BAA2B,CAAC,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBAChG,CAAC;qBAAM,CAAC;oBACN,mCAAmC,CAAC,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBAChG,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,QAAQ,EAAE,CAAC;oBACb,SAAS,CAAC,SAAS,CAAC,WAAW,CAAC,UAAU,IAAI,GAAG,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;oBACxE,kBAAkB,CAAC,WAAW,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBACvF,CAAC;qBAAM,CAAC;oBACN,0BAA0B,CAAC,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBACvF,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,WAAW,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YAC9B,OAAO,CAAC,KAAK,CAAC,6CAA6C,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;YAC1E,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;gBAC3B,SAAS,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,CAAC;gBAC3D,SAAS,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAC/B,CAAC;YACD,MAAM,CAAC,GAAG,CAAC,CAAC;QACd,CAAC,CAAC,CAAC;QAEH,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACxB,WAAW,CAAC,GAAG,EAAE,CAAC;IACpB,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,0BAA0B,CACvC,QAA8B,EAC9B,SAA8B,EAC9B,IAAU;IAEV,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;QACnC,MAAM,CAAC,IAAI,CAAC,KAAe,CAAC,CAAC;IAC/B,CAAC;IACD,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IAE7D,IAAI,MAA+B,CAAC;IACpC,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAA4B,CAAC;IAC/D,CAAC;IAAC,MAAM,CAAC;QACP,2BAA2B;QAC3B,SAAS,CAAC,SAAS,CAAC,QAAQ,CAAC,UAAU,IAAI,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClE,SAAS,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC5B,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC1E,IAAI,OAAO,GAAG,KAAK,CAAC;IACpB,IAAI,WAAW,GAAG,kCAAkC,CAAC;IAErD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,IAAI;YAAE,SAAS;QAC5D,MAAM,CAAC,GAAG,MAAiC,CAAC;QAC5C,MAAM,OAAO,GAAG,CAAC,CAAC,SAAS,CAAwC,CAAC;QACpE,IAAI,CAAC,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;YAAE,SAAS;QAEhE,KAAK,MAAM,EAAE,IAAI,OAAO,CAAC,YAAY,CAA8B,EAAE,CAAC;YACpE,MAAM,EAAE,GAAG,EAAE,CAAC,UAAU,CAAwC,CAAC;YACjE,IAAI,CAAC,EAAE,IAAI,OAAO,EAAE,CAAC,MAAM,CAAC,KAAK,QAAQ;gBAAE,SAAS;YAEpD,IAAI,IAAI,GAA4B,EAAE,CAAC;YACvC,IAAI,OAAO,EAAE,CAAC,WAAW,CAAC,KAAK,QAAQ,EAAE,CAAC;gBACxC,IAAI,CAAC;oBACH,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,WAAW,CAAW,CAAC,CAAC;oBAChD,IAAI,CAAC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;wBAAE,IAAI,GAAG,CAA4B,CAAC;gBAC3F,CAAC;gBAAC,MAAM,CAAC;oBAEP,OAAO,CAAC,IAAI,CAAC,kDAAkD,EAAE,CAAC,MAAM,CAAC,+BAA+B,CAAC,CAAC;gBAC5G,CAAC;YACH,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAW,EAAE,IAAI,CAAC,CAAC;gBAC5D,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;oBAChC,OAAO,GAAG,IAAI,CAAC;oBACf,WAAW,GAAG,MAAM,CAAC,MAAM,IAAI,cAAc,EAAE,CAAC,MAAM,CAAC,WAAW,CAAC;oBACnE,MAAM;gBACR,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,KAAK,CAAC,0CAA0C,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC5G,OAAO,GAAG,IAAI,CAAC;gBACf,WAAW,GAAG,6BAA6B,CAAC;gBAC5C,MAAM;YACR,CAAC;QACH,CAAC;QACD,IAAI,OAAO;YAAE,MAAM;IACrB,CAAC;IAED,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,eAAe,GAAG;YACtB,GAAG,MAAM;YACT,OAAO,EAAE;gBACP;oBACE,KAAK,EAAE,CAAC;oBACR,OAAO,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,qBAAqB,WAAW,EAAE,EAAE;oBAC3E,aAAa,EAAE,MAAM;iBACtB;aACF;SACF,CAAC;QACF,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;QAC7C,MAAM,OAAO,GAAG,EAAE,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC;QACxC,OAAO,CAAC,gBAAgB,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC/D,SAAS,CAAC,SAAS,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAClC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACtB,CAAC;SAAM,CAAC;QACN,SAAS,CAAC,SAAS,CAAC,QAAQ,CAAC,UAAU,IAAI,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClE,SAAS,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC9B,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,kBAAkB,CAC/B,QAA8B,EAC9B,SAA8B,EAC9B,MAAmB,EACnB,IAAU;IAEV,MAAM,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;IAE7C,uBAAuB;IACvB,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAA2B,CAAC;IAC5D,IAAI,aAAa,GAAa,EAAE,CAAC;IACjC,IAAI,aAAa,GAAG,CAAC,CAAC;IACtB,IAAI,IAAI,GAA0C,aAAa,CAAC;IAChE,IAAI,gBAAgB,GAAG,KAAK,CAAC;IAE7B,MAAM,WAAW,GAAG,GAAG,EAAE;QACvB,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;YACjC,SAAS,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;QAC/B,CAAC;QACD,aAAa,GAAG,EAAE,CAAC;QACnB,aAAa,GAAG,CAAC,CAAC;IACpB,CAAC,CAAC;IAEF,IAAI,KAAK,EAAE,MAAM,QAAQ,IAAI,QAAQ,EAAE,CAAC;QACtC,MAAM,KAAK,GAAI,QAAmB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACrD,OAAO,IAAI,KAAK,CAAC;QAEjB,0CAA0C;QAC1C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,OAAO,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC;QAE5B,KAAK,MAAM,OAAO,IAAI,KAAK,EAAE,CAAC;YAC5B,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YACxC,MAAM,MAAM,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;YAElC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;gBAChB,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACtB,qEAAqE;oBACrE,WAAW,EAAE,CAAC;gBAChB,CAAC;gBACD,SAAS,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;gBACpC,SAAS;YACX,CAAC;YAED,IAAI,IAAI,KAAK,UAAU,EAAE,CAAC;gBACxB,uCAAuC;gBACvC,SAAS,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;gBAC7B,SAAS;YACX,CAAC;YAED,IAAI,IAAI,KAAK,aAAa,EAAE,CAAC;gBAC3B,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;oBACxB,wBAAwB;oBACxB,IAAI,GAAG,QAAQ,CAAC;gBAClB,CAAC;qBAAM,CAAC;oBACN,SAAS,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;oBAC7B,SAAS;gBACX,CAAC;YACH,CAAC;YAED,0BAA0B;YAC1B,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;gBAChB,mBAAmB,CAAC,gBAAgB,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;YACrD,CAAC;YAED,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YACnD,aAAa,IAAI,SAAS,CAAC;YAC3B,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAEzB,IAAI,aAAa,GAAG,cAAc,EAAE,CAAC;gBACnC,kDAAkD;gBAClD,gBAAgB,GAAG,IAAI,CAAC;gBACxB,IAAI,GAAG,UAAU,CAAC;gBAClB,WAAW,EAAE,CAAC;gBAEd,OAAO,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;gBACrF,SAAS;YACX,CAAC;YAED,IAAI,MAAM,CAAC,qBAAqB,EAAE,CAAC;gBACjC,gCAAgC;gBAChC,IAAI,OAAO,GAAG,KAAK,CAAC;gBACpB,IAAI,WAAW,GAAG,kCAAkC,CAAC;gBAErD,KAAK,MAAM,CAAC,EAAE,EAAE,CAAC,IAAI,gBAAgB,EAAE,CAAC;oBACtC,MAAM,SAAS,GAAG,gBAAgB,CAAC,EAAE,CAAC,CAAC;oBACvC,IAAI,CAAC;wBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC;wBACrE,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;4BAChC,OAAO,GAAG,IAAI,CAAC;4BACf,WAAW,GAAG,MAAM,CAAC,MAAM,IAAI,cAAc,SAAS,CAAC,IAAI,WAAW,CAAC;4BACvE,MAAM;wBACR,CAAC;oBACH,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,OAAO,CAAC,KAAK,CAAC,0CAA0C,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;wBAC5G,OAAO,GAAG,IAAI,CAAC;wBACf,WAAW,GAAG,6BAA6B,CAAC;wBAC5C,MAAM;oBACR,CAAC;gBACH,CAAC;gBAED,IAAI,OAAO,EAAE,CAAC;oBACZ,qDAAqD;oBACrD,aAAa,GAAG,EAAE,CAAC;oBACnB,SAAS,CAAC,KAAK,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC,CAAC;gBAClD,CAAC;qBAAM,CAAC;oBACN,WAAW,EAAE,CAAC;gBAChB,CAAC;gBAED,IAAI,GAAG,aAAa,CAAC;gBACrB,gBAAgB,CAAC,KAAK,EAAE,CAAC;YAC3B,CAAC;QACH,CAAC;IACH,CAAC;IAED,2EAA2E;IAC3E,IAAI,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;QACnB,SAAS,CAAC,KAAK,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;IAClC,CAAC;IAED,IAAI,IAAI,KAAK,QAAQ,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC3C,oEAAoE;QACpE,WAAW,EAAE,CAAC;IAChB,CAAC;IAED,SAAS,CAAC,GAAG,EAAE,CAAC;AAClB,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,mCAAmC,CAChD,QAA8B,EAC9B,SAA8B,EAC9B,IAAU;IAEV,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;QACnC,MAAM,CAAC,IAAI,CAAC,KAAe,CAAC,CAAC;IAC/B,CAAC;IACD,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IAE7D,IAAI,MAA+B,CAAC;IACpC,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAA4B,CAAC;IAC/D,CAAC;IAAC,MAAM,CAAC;QACP,SAAS,CAAC,SAAS,CAAC,QAAQ,CAAC,UAAU,IAAI,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClE,SAAS,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC5B,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC1E,IAAI,OAAO,GAAG,KAAK,CAAC;IACpB,IAAI,WAAW,GAAG,kCAAkC,CAAC;IAErD,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI;YAAE,SAAS;QAC1D,MAAM,CAAC,GAAG,KAAgC,CAAC;QAC3C,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,UAAU;YAAE,SAAS;QAEvC,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5D,IAAI,IAAI,GAA4B,EAAE,CAAC;QACvC,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAC/E,IAAI,GAAG,CAAC,CAAC,OAAO,CAA4B,CAAC;QAC/C,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YAC5C,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;gBAChC,OAAO,GAAG,IAAI,CAAC;gBACf,WAAW,GAAG,MAAM,CAAC,MAAM,IAAI,cAAc,IAAI,WAAW,CAAC;gBAC7D,MAAM;YACR,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,0CAA0C,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;YAC5G,OAAO,GAAG,IAAI,CAAC;YACf,WAAW,GAAG,6BAA6B,CAAC;YAC5C,MAAM;QACR,CAAC;IACH,CAAC;IAED,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,eAAe,GAAG;YACtB,GAAG,MAAM;YACT,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,qBAAqB,WAAW,EAAE,EAAE,CAAC;YACrE,WAAW,EAAE,UAAU;SACxB,CAAC;QACF,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;QAC7C,MAAM,OAAO,GAAG,EAAE,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC;QACxC,OAAO,CAAC,gBAAgB,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC/D,SAAS,CAAC,SAAS,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAClC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACtB,CAAC;SAAM,CAAC;QACN,SAAS,CAAC,SAAS,CAAC,QAAQ,CAAC,UAAU,IAAI,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClE,SAAS,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC9B,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,KAAK,UAAU,2BAA2B,CACxC,QAA8B,EAC9B,SAA8B,EAC9B,MAAmB,EACnB,IAAU;IAEV,MAAM,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;IAE7C,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,MAAM,eAAe,GAAG,IAAI,GAAG,EAAmC,CAAC;IACnE,IAAI,cAAc,GAAa,EAAE,CAAC;IAClC,IAAI,aAAa,GAAG,CAAC,CAAC;IACtB,IAAI,IAAI,GAA0C,aAAa,CAAC;IAChE,IAAI,gBAAgB,GAAG,KAAK,CAAC;IAC7B,wDAAwD;IACxD,MAAM,cAAc,GAAG,IAAI,GAAG,EAAU,CAAC;IAEzC,uCAAuC;IACvC,IAAI,YAAY,GAAa,EAAE,CAAC;IAEhC,MAAM,WAAW,GAAG,GAAG,EAAE;QACvB,KAAK,MAAM,KAAK,IAAI,cAAc,EAAE,CAAC;YACnC,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;QACD,cAAc,GAAG,EAAE,CAAC;QACpB,aAAa,GAAG,CAAC,CAAC;IACpB,CAAC,CAAC;IAEF,IAAI,KAAK,EAAE,MAAM,QAAQ,IAAI,QAAQ,EAAE,CAAC;QACtC,MAAM,KAAK,GAAI,QAAmB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACrD,OAAO,IAAI,KAAK,CAAC;QAEjB,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,OAAO,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC;QAE5B,KAAK,MAAM,OAAO,IAAI,KAAK,EAAE,CAAC;YAC5B,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YAExC,0EAA0E;YAC1E,IAAI,IAAI,KAAK,EAAE,EAAE,CAAC;gBAChB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACxB,SAAS;YACX,CAAC;YAED,gCAAgC;YAChC,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC9B,IAAI,IAAI,KAAK,aAAa;oBAAE,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAClD,SAAS;YACX,CAAC;YAED,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC;YAClD,MAAM,MAAM,GAAG,sBAAsB,CAAC,YAAY,CAAC,CAAC;YACpD,YAAY,GAAG,EAAE,CAAC;YAElB,+BAA+B;YAC/B,IAAI,MAAM,CAAC,SAAS,KAAK,qBAAqB,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;gBAC9D,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,eAAe,CAAwC,CAAC;gBAClF,IAAI,KAAK,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,UAAU,EAAE,CAAC;oBAC1C,MAAM,GAAG,GAAG,OAAO,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;oBAChF,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAC1B,CAAC;YACH,CAAC;YAED,sDAAsD;YACtD,MAAM,cAAc,GAAG,MAAM,CAAC,UAAU;mBACnC,CAAC,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,IAAI,IAAI,cAAc,CAAC,GAAG,CACzD,OAAO,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CACrE,CAAC,CAAC;YAEL,IAAI,IAAI,KAAK,UAAU,EAAE,CAAC;gBACxB,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;gBAC1B,SAAS;YACX,CAAC;YAED,IAAI,IAAI,KAAK,aAAa,EAAE,CAAC;gBAC3B,IAAI,cAAc,EAAE,CAAC;oBACnB,IAAI,GAAG,QAAQ,CAAC;gBAClB,CAAC;qBAAM,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;oBAC9B,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;oBAC1B,SAAS;gBACX,CAAC;qBAAM,CAAC;oBACN,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;oBAC1B,SAAS;gBACX,CAAC;YACH,CAAC;YAED,cAAc;YACd,IAAI,MAAM,CAAC,IAAI,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;gBACpC,0BAA0B,CAAC,eAAe,EAAE,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;YAC7E,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACxD,aAAa,IAAI,UAAU,CAAC;YAC5B,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAE9B,IAAI,aAAa,GAAG,cAAc,EAAE,CAAC;gBACnC,gBAAgB,GAAG,IAAI,CAAC;gBACxB,IAAI,GAAG,UAAU,CAAC;gBAClB,WAAW,EAAE,CAAC;gBACd,OAAO,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;gBACrF,SAAS;YACX,CAAC;YAED,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;gBACvB,mCAAmC;gBACnC,IAAI,OAAO,GAAG,KAAK,CAAC;gBACpB,IAAI,WAAW,GAAG,kCAAkC,CAAC;gBAErD,KAAK,MAAM,CAAC,EAAE,EAAE,CAAC,IAAI,eAAe,EAAE,CAAC;oBACrC,MAAM,SAAS,GAAG,wBAAwB,CAAC,EAAE,CAAC,CAAC;oBAC/C,IAAI,CAAC;wBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC;wBACrE,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;4BAChC,OAAO,GAAG,IAAI,CAAC;4BACf,WAAW,GAAG,MAAM,CAAC,MAAM,IAAI,cAAc,SAAS,CAAC,IAAI,WAAW,CAAC;4BACvE,MAAM;wBACR,CAAC;oBACH,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,OAAO,CAAC,KAAK,CAAC,0CAA0C,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;wBAC5G,OAAO,GAAG,IAAI,CAAC;wBACf,WAAW,GAAG,6BAA6B,CAAC;wBAC5C,MAAM;oBACR,CAAC;gBACH,CAAC;gBAED,IAAI,OAAO,EAAE,CAAC;oBACZ,cAAc,GAAG,EAAE,CAAC;oBACpB,SAAS,CAAC,KAAK,CAAC,0BAA0B,CAAC,WAAW,CAAC,CAAC,CAAC;gBAC3D,CAAC;qBAAM,CAAC;oBACN,WAAW,EAAE,CAAC;gBAChB,CAAC;gBAED,IAAI,GAAG,aAAa,CAAC;gBACrB,eAAe,CAAC,KAAK,EAAE,CAAC;gBACxB,cAAc,CAAC,KAAK,EAAE,CAAC;YACzB,CAAC;QACH,CAAC;IACH,CAAC;IAED,sCAAsC;IACtC,IAAI,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;QACnB,SAAS,CAAC,KAAK,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;IAClC,CAAC;IAED,IAAI,IAAI,KAAK,QAAQ,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC3C,WAAW,EAAE,CAAC;IAChB,CAAC;IAED,SAAS,CAAC,GAAG,EAAE,CAAC;AAClB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,MAAmB;IACxD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;IAE9D,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;YAC5C,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;gBAClD,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;oBACrB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,CAAC;oBACrD,MAAM,MAAM,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBAChE,OAAO,CAAC,KAAK,CAAC,wCAAwC,EAAE,MAAM,CAAC,CAAC;oBAChE,GAAG,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;gBAClC,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC3B,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,WAAW,EAAE,GAAG,EAAE;YAC3C,OAAO,CAAC,KAAK,IAAI,EAAE;gBACjB,MAAM,IAAI,OAAO,CAAO,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;gBAC/E,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/proxy/types.d.ts

@@ -0,0 +1,18 @@
+/**
+ * Type definitions for veto intercept proxy.
+ *
+ * @module proxy/types
+ */
+export interface ProxyConfig {
+    /** Port for the local proxy to listen on. Default: 8080 */
+    port: number;
+    /** Upstream target URL. Default: https://api.openai.com */
+    target: string;
+    /** Max bytes to buffer before giving up and flushing. Default: 1MB */
+    maxBufferBytes: number;
+    /** Path to veto config directory. Default: ./veto */
+    configDir: string;
+    /** SSE format to intercept. 'auto' detects from target URL. Default: 'auto' */
+    format?: 'openai' | 'anthropic' | 'auto';
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/proxy/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/proxy/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,WAAW,WAAW;IAC1B,2DAA2D;IAC3D,IAAI,EAAE,MAAM,CAAC;IACb,2DAA2D;IAC3D,MAAM,EAAE,MAAM,CAAC;IACf,sEAAsE;IACtE,cAAc,EAAE,MAAM,CAAC;IACvB,qDAAqD;IACrD,SAAS,EAAE,MAAM,CAAC;IAClB,+EAA+E;IAC/E,MAAM,CAAC,EAAE,QAAQ,GAAG,WAAW,GAAG,MAAM,CAAC;CAC1C"}

package/dist/proxy/types.js

@@ -0,0 +1,7 @@
+/**
+ * Type definitions for veto intercept proxy.
+ *
+ * @module proxy/types
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/proxy/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/proxy/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG"}

package/dist/rate-limiting/evaluator.d.ts

@@ -0,0 +1,17 @@
+import type { RateLimitEntry } from './types.js';
+import type { ValidationContext } from '../types/config.js';
+import type { Logger } from '../utils/logger.js';
+export interface RateLimitStore {
+    checkAndRecord(key: string, maxCalls: number, windowMs: number): boolean | Promise<boolean>;
+    clear(): void | Promise<void>;
+}
+export declare function buildScopeKey(entry: RateLimitEntry, ctx: Pick<ValidationContext, 'agentId' | 'userId' | 'sessionId'>, toolName: string, logger: Logger, ruleId?: string): string;
+/**
+ * Evaluate rate limits for a tool call.
+ * Returns null if all limits pass, or a denial reason string if any limit is exceeded.
+ *
+ * When no store is provided, falls back to the built-in in-memory sliding window store.
+ * Accepts async stores (e.g. Redis) — callers must await the result.
+ */
+export declare function evaluateRateLimits(rateLimits: RateLimitEntry[], ctx: Pick<ValidationContext, 'agentId' | 'userId' | 'sessionId'>, toolName: string, logger: Logger, ruleId?: string, store?: RateLimitStore): Promise<string | null>;
+//# sourceMappingURL=evaluator.d.ts.map

package/dist/rate-limiting/evaluator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"evaluator.d.ts","sourceRoot":"","sources":["../../src/rate-limiting/evaluator.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AACjD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAE5D,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAEjD,MAAM,WAAW,cAAc;IAC7B,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC5F,KAAK,IAAI,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC/B;AAED,wBAAgB,aAAa,CAC3B,KAAK,EAAE,cAAc,EACrB,GAAG,EAAE,IAAI,CAAC,iBAAiB,EAAE,SAAS,GAAG,QAAQ,GAAG,WAAW,CAAC,EAChE,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EACd,MAAM,CAAC,EAAE,MAAM,GACd,MAAM,CAgBR;AAED;;;;;;GAMG;AACH,wBAAsB,kBAAkB,CACtC,UAAU,EAAE,cAAc,EAAE,EAC5B,GAAG,EAAE,IAAI,CAAC,iBAAiB,EAAE,SAAS,GAAG,QAAQ,GAAG,WAAW,CAAC,EAChE,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EACd,MAAM,CAAC,EAAE,MAAM,EACf,KAAK,CAAC,EAAE,cAAc,GACrB,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAgBxB"}

package/dist/rate-limiting/evaluator.js

@@ -0,0 +1,48 @@
+import { checkAndRecord as memoryCheckAndRecord } from './store.js';
+export function buildScopeKey(entry, ctx, toolName, logger, ruleId) {
+    let scopeId;
+    switch (entry.scope) {
+        case 'agent':
+            scopeId = ctx.agentId ?? null;
+            break;
+        case 'user':
+            scopeId = ctx.userId ?? null;
+            break;
+        case 'session':
+            scopeId = ctx.sessionId ?? null;
+            break;
+        default: scopeId = 'global';
+    }
+    if (scopeId === null) {
+        logger.warn(`[veto] rate_limit scope '${entry.scope}' requires ${entry.scope}Id in context. Falling back to global.`);
+        scopeId = 'global';
+    }
+    const prefix = ruleId ? `${ruleId}:` : '';
+    return `${prefix}${entry.scope}:${scopeId}:${toolName}`;
+}
+/**
+ * Evaluate rate limits for a tool call.
+ * Returns null if all limits pass, or a denial reason string if any limit is exceeded.
+ *
+ * When no store is provided, falls back to the built-in in-memory sliding window store.
+ * Accepts async stores (e.g. Redis) — callers must await the result.
+ */
+export async function evaluateRateLimits(rateLimits, ctx, toolName, logger, ruleId, store) {
+    const check = store ? store.checkAndRecord.bind(store) : memoryCheckAndRecord;
+    for (const entry of rateLimits) {
+        const key = buildScopeKey(entry, ctx, toolName, logger, ruleId);
+        const windowMs = entry.window_seconds * 1000;
+        try {
+            const allowed = await check(key, entry.max_calls, windowMs);
+            if (!allowed) {
+                return `Rate limit exceeded: max ${entry.max_calls} calls per ${entry.window_seconds}s (scope: ${entry.scope})`;
+            }
+        }
+        catch (err) {
+            logger.error('[veto] rate limit store error, failing closed', { err: String(err) });
+            return 'Rate limit check failed (fail-closed)';
+        }
+    }
+    return null;
+}
+//# sourceMappingURL=evaluator.js.map

package/dist/rate-limiting/evaluator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"evaluator.js","sourceRoot":"","sources":["../../src/rate-limiting/evaluator.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,cAAc,IAAI,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAQpE,MAAM,UAAU,aAAa,CAC3B,KAAqB,EACrB,GAAgE,EAChE,QAAgB,EAChB,MAAc,EACd,MAAe;IAEf,IAAI,OAAsB,CAAC;IAC3B,QAAQ,KAAK,CAAC,KAAK,EAAE,CAAC;QACpB,KAAK,OAAO;YAAE,OAAO,GAAG,GAAG,CAAC,OAAO,IAAI,IAAI,CAAC;YAAC,MAAM;QACnD,KAAK,MAAM;YAAE,OAAO,GAAG,GAAG,CAAC,MAAM,IAAI,IAAI,CAAC;YAAC,MAAM;QACjD,KAAK,SAAS;YAAE,OAAO,GAAG,GAAG,CAAC,SAAS,IAAI,IAAI,CAAC;YAAC,MAAM;QACvD,OAAO,CAAC,CAAC,OAAO,GAAG,QAAQ,CAAC;IAC9B,CAAC;IACD,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CACT,4BAA4B,KAAK,CAAC,KAAK,cAAc,KAAK,CAAC,KAAK,wCAAwC,CACzG,CAAC;QACF,OAAO,GAAG,QAAQ,CAAC;IACrB,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IAC1C,OAAO,GAAG,MAAM,GAAG,KAAK,CAAC,KAAK,IAAI,OAAO,IAAI,QAAQ,EAAE,CAAC;AAC1D,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,UAA4B,EAC5B,GAAgE,EAChE,QAAgB,EAChB,MAAc,EACd,MAAe,EACf,KAAsB;IAEtB,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,oBAAoB,CAAC;IAC9E,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,aAAa,CAAC,KAAK,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;QAChE,MAAM,QAAQ,GAAG,KAAK,CAAC,cAAc,GAAG,IAAI,CAAC;QAC7C,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,KAAK,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;YAC5D,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,4BAA4B,KAAK,CAAC,SAAS,cAAc,KAAK,CAAC,cAAc,aAAa,KAAK,CAAC,KAAK,GAAG,CAAC;YAClH,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,KAAK,CAAC,+CAA+C,EAAE,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACpF,OAAO,uCAAuC,CAAC;QACjD,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/rate-limiting/redis-store.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Redis/Valkey-backed sliding window rate limit store.
+ *
+ * Uses a sorted set per key with timestamps as scores. A Lua script
+ * atomically prunes expired entries, checks the count, and records
+ * the new call — no TOCTOU race across cluster nodes.
+ *
+ * Requires the `redis` npm package (^4.0.0) as an optional peer dependency.
+ */
+type RedisClient = {
+    scriptLoad(script: string): Promise<string>;
+    evalSha(sha: string, options: {
+        keys: string[];
+        arguments: string[];
+    }): Promise<unknown>;
+    scan(cursor: number, options: {
+        MATCH: string;
+        COUNT: number;
+    }): Promise<{
+        cursor: number;
+        keys: string[];
+    }>;
+    del(keys: string | string[]): Promise<number>;
+};
+import type { RateLimitStore } from './evaluator.js';
+export declare class RedisRateLimitStore implements RateLimitStore {
+    private client;
+    private scriptSha;
+    private keyPrefix;
+    constructor(client: RedisClient, keyPrefix?: string);
+    checkAndRecord(key: string, maxCalls: number, windowMs: number): Promise<boolean>;
+    private _checkAndRecord;
+    clear(): Promise<void>;
+}
+export {};
+//# sourceMappingURL=redis-store.d.ts.map

package/dist/rate-limiting/redis-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"redis-store.d.ts","sourceRoot":"","sources":["../../src/rate-limiting/redis-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,KAAK,WAAW,GAAG;IACjB,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC5C,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE;QAAE,IAAI,EAAE,MAAM,EAAE,CAAC;QAAC,SAAS,EAAE,MAAM,EAAE,CAAA;KAAE,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACzF,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC,CAAC;IAC7G,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CAC/C,CAAC;AAkBF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAErD,qBAAa,mBAAoB,YAAW,cAAc;IACxD,OAAO,CAAC,MAAM,CAAc;IAC5B,OAAO,CAAC,SAAS,CAAuB;IACxC,OAAO,CAAC,SAAS,CAAS;gBAEd,MAAM,EAAE,WAAW,EAAE,SAAS,SAAa;IAKjD,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;YAIzE,eAAe;IA0BvB,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAU7B"}

package/dist/rate-limiting/redis-store.js

@@ -0,0 +1,68 @@
+/**
+ * Redis/Valkey-backed sliding window rate limit store.
+ *
+ * Uses a sorted set per key with timestamps as scores. A Lua script
+ * atomically prunes expired entries, checks the count, and records
+ * the new call — no TOCTOU race across cluster nodes.
+ *
+ * Requires the `redis` npm package (^4.0.0) as an optional peer dependency.
+ */
+const SLIDING_WINDOW_SCRIPT = `
+local key = KEYS[1]
+local windowMs = tonumber(ARGV[1])
+local maxCalls = tonumber(ARGV[2])
+local now = tonumber(ARGV[3])
+local cutoff = now - windowMs
+redis.call('ZREMRANGEBYSCORE', key, '-inf', cutoff)
+local count = redis.call('ZCARD', key)
+if count >= maxCalls then
+  return 0
+end
+redis.call('ZADD', key, now, now .. '-' .. math.random(1000000))
+redis.call('PEXPIRE', key, windowMs)
+return 1
+`;
+export class RedisRateLimitStore {
+    client;
+    scriptSha = null;
+    keyPrefix;
+    constructor(client, keyPrefix = 'veto:rl:') {
+        this.client = client;
+        this.keyPrefix = keyPrefix;
+    }
+    async checkAndRecord(key, maxCalls, windowMs) {
+        return this._checkAndRecord(key, maxCalls, windowMs, false);
+    }
+    async _checkAndRecord(key, maxCalls, windowMs, retried) {
+        const fullKey = this.keyPrefix + key;
+        const now = Date.now();
+        try {
+            if (!this.scriptSha) {
+                this.scriptSha = await this.client.scriptLoad(SLIDING_WINDOW_SCRIPT);
+            }
+            const result = await this.client.evalSha(this.scriptSha, {
+                keys: [fullKey],
+                arguments: [windowMs.toString(), maxCalls.toString(), now.toString()],
+            });
+            return result === 1;
+        }
+        catch (err) {
+            if (!retried && err instanceof Error && err.message.includes('NOSCRIPT')) {
+                this.scriptSha = null;
+                return this._checkAndRecord(key, maxCalls, windowMs, true);
+            }
+            throw err;
+        }
+    }
+    async clear() {
+        let cursor = 0;
+        do {
+            const result = await this.client.scan(cursor, { MATCH: this.keyPrefix + '*', COUNT: 100 });
+            cursor = result.cursor;
+            if (result.keys.length > 0) {
+                await this.client.del(result.keys);
+            }
+        } while (cursor !== 0);
+    }
+}
+//# sourceMappingURL=redis-store.js.map

package/dist/rate-limiting/redis-store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"redis-store.js","sourceRoot":"","sources":["../../src/rate-limiting/redis-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AASH,MAAM,qBAAqB,GAAG;;;;;;;;;;;;;;CAc7B,CAAC;AAIF,MAAM,OAAO,mBAAmB;IACtB,MAAM,CAAc;IACpB,SAAS,GAAkB,IAAI,CAAC;IAChC,SAAS,CAAS;IAE1B,YAAY,MAAmB,EAAE,SAAS,GAAG,UAAU;QACrD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,GAAW,EAAE,QAAgB,EAAE,QAAgB;QAClE,OAAO,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;IAC9D,CAAC;IAEO,KAAK,CAAC,eAAe,CAC3B,GAAW,EAAE,QAAgB,EAAE,QAAgB,EAAE,OAAgB;QAEjE,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,IAAI,CAAC;YACH,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;gBACpB,IAAI,CAAC,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,qBAAqB,CAAC,CAAC;YACvE,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE;gBACvD,IAAI,EAAE,CAAC,OAAO,CAAC;gBACf,SAAS,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,EAAE,QAAQ,CAAC,QAAQ,EAAE,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC;aACtE,CAAC,CAAC;YAEH,OAAO,MAAM,KAAK,CAAC,CAAC;QACtB,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,IAAI,CAAC,OAAO,IAAI,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBACzE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;gBACtB,OAAO,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;YAC7D,CAAC;YACD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,MAAM,GAAG,CAAC,CAAC;QACf,GAAG,CAAC;YACF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,GAAG,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3F,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;YACvB,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC3B,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACrC,CAAC;QACH,CAAC,QAAQ,MAAM,KAAK,CAAC,EAAE;IACzB,CAAC;CACF"}

package/dist/rate-limiting/store.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Check if a call is allowed, and record it if so.
+ * Returns true if allowed, false if rate limited.
+ */
+export declare function checkAndRecord(key: string, maxCalls: number, windowMs: number): boolean;
+/** Clear all rate limit state (used in tests) */
+export declare function clearStore(): void;
+//# sourceMappingURL=store.d.ts.map

package/dist/rate-limiting/store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"store.d.ts","sourceRoot":"","sources":["../../src/rate-limiting/store.ts"],"names":[],"mappings":"AAcA;;;GAGG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAYvF;AAsBD,iDAAiD;AACjD,wBAAgB,UAAU,IAAI,IAAI,CAOjC"}

package/dist/rate-limiting/store.js

@@ -0,0 +1,60 @@
+/**
+ * In-process sliding window rate limit store.
+ *
+ * Stores call timestamps per key. Checks are synchronous — safe in Node.js
+ * single-threaded event loop (no race conditions on Map reads/writes).
+ *
+ * Limitations: process-local only. Resets on restart. For multi-process
+ * deployments, use cloud mode with stateful counters.
+ */
+const store = new Map();
+let sweepInterval = null;
+let maxWindowMs = 0;
+/**
+ * Check if a call is allowed, and record it if so.
+ * Returns true if allowed, false if rate limited.
+ */
+export function checkAndRecord(key, maxCalls, windowMs) {
+    const now = Date.now();
+    const prev = store.get(key) ?? [];
+    const valid = prev.filter(t => now - t < windowMs);
+    if (valid.length >= maxCalls)
+        return false;
+    valid.push(now);
+    store.set(key, valid);
+    // Track the largest window for sweep purposes
+    if (windowMs > maxWindowMs)
+        maxWindowMs = windowMs;
+    ensureSweep();
+    return true;
+}
+/** Remove keys whose newest timestamp is older than the largest configured window. */
+function sweep() {
+    if (store.size === 0)
+        return;
+    const now = Date.now();
+    const cutoff = maxWindowMs || 60_000;
+    for (const [key, timestamps] of store) {
+        if (timestamps.length === 0 || now - timestamps[timestamps.length - 1] >= cutoff) {
+            store.delete(key);
+        }
+    }
+}
+function ensureSweep() {
+    if (sweepInterval !== null)
+        return;
+    sweepInterval = setInterval(sweep, 60_000);
+    if (typeof sweepInterval === 'object' && sweepInterval !== null && 'unref' in sweepInterval) {
+        sweepInterval.unref();
+    }
+}
+/** Clear all rate limit state (used in tests) */
+export function clearStore() {
+    store.clear();
+    if (sweepInterval !== null) {
+        clearInterval(sweepInterval);
+        sweepInterval = null;
+    }
+    maxWindowMs = 0;
+}
+//# sourceMappingURL=store.js.map

package/dist/rate-limiting/store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"store.js","sourceRoot":"","sources":["../../src/rate-limiting/store.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,MAAM,KAAK,GAAG,IAAI,GAAG,EAAoB,CAAC;AAE1C,IAAI,aAAa,GAA0C,IAAI,CAAC;AAChE,IAAI,WAAW,GAAG,CAAC,CAAC;AAEpB;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,GAAW,EAAE,QAAgB,EAAE,QAAgB;IAC5E,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;IAClC,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,QAAQ,CAAC,CAAC;IACnD,IAAI,KAAK,CAAC,MAAM,IAAI,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC3C,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAChB,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAEtB,8CAA8C;IAC9C,IAAI,QAAQ,GAAG,WAAW;QAAE,WAAW,GAAG,QAAQ,CAAC;IACnD,WAAW,EAAE,CAAC;IACd,OAAO,IAAI,CAAC;AACd,CAAC;AAED,sFAAsF;AACtF,SAAS,KAAK;IACZ,IAAI,KAAK,CAAC,IAAI,KAAK,CAAC;QAAE,OAAO;IAC7B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,MAAM,GAAG,WAAW,IAAI,MAAM,CAAC;IACrC,KAAK,MAAM,CAAC,GAAG,EAAE,UAAU,CAAC,IAAI,KAAK,EAAE,CAAC;QACtC,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,IAAI,GAAG,GAAG,UAAU,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,MAAM,EAAE,CAAC;YACjF,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACpB,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,WAAW;IAClB,IAAI,aAAa,KAAK,IAAI;QAAE,OAAO;IACnC,aAAa,GAAG,WAAW,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IAC3C,IAAI,OAAO,aAAa,KAAK,QAAQ,IAAI,aAAa,KAAK,IAAI,IAAI,OAAO,IAAI,aAAa,EAAE,CAAC;QAC3F,aAAgC,CAAC,KAAK,EAAE,CAAC;IAC5C,CAAC;AACH,CAAC;AAED,iDAAiD;AACjD,MAAM,UAAU,UAAU;IACxB,KAAK,CAAC,KAAK,EAAE,CAAC;IACd,IAAI,aAAa,KAAK,IAAI,EAAE,CAAC;QAC3B,aAAa,CAAC,aAAa,CAAC,CAAC;QAC7B,aAAa,GAAG,IAAI,CAAC;IACvB,CAAC;IACD,WAAW,GAAG,CAAC,CAAC;AAClB,CAAC"}

package/dist/rate-limiting/types.d.ts

@@ -0,0 +1,9 @@
+export interface RateLimitEntry {
+    /** Scope of the rate limit */
+    scope: 'agent' | 'user' | 'session' | 'global';
+    /** Maximum calls allowed in the window */
+    max_calls: number;
+    /** Window size in seconds */
+    window_seconds: number;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/rate-limiting/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/rate-limiting/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,cAAc;IAC7B,8BAA8B;IAC9B,KAAK,EAAE,OAAO,GAAG,MAAM,GAAG,SAAS,GAAG,QAAQ,CAAC;IAC/C,0CAA0C;IAC1C,SAAS,EAAE,MAAM,CAAC;IAClB,6BAA6B;IAC7B,cAAc,EAAE,MAAM,CAAC;CACxB"}

package/dist/rate-limiting/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/rate-limiting/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/rate-limiting/types.ts"],"names":[],"mappings":""}

package/dist/rules/condition-evaluator.d.ts

@@ -4,6 +4,10 @@ export interface ConditionEvaluationOptions {
     allowNestedObjectStringSearch?: boolean;
     now?: Date;
 }
+interface TimeWindowEvaluation {
+    inScope: boolean;
+    withinWindow: boolean;
+}
 /**
  * Resolve a dot-notation field path from an evaluation context.
  */
@@ -12,6 +16,7 @@ export declare function resolveFieldPath(field: string, context: Record<string,
  * Compile a regex pattern only if it passes safety checks.
  */
 export declare function createSafeRegex(pattern: string, flags?: string): RegExp | null;
+export declare function evaluateTimeWindow(fieldValue: unknown, expected: unknown): TimeWindowEvaluation | null;
 /**
  * Evaluate a single legacy field/operator/value condition.
  */
@@ -26,4 +31,5 @@ export declare function evaluateCondition(condition: RuleCondition, context: Rec
  * - `conditionGroups`: OR semantics, each group is AND
  */
 export declare function evaluateConditionCollections(conditions: RuleCondition[] | undefined, conditionGroups: RuleCondition[][] | undefined, context: Record<string, unknown>, options?: ConditionEvaluationOptions): boolean;
+export {};
 //# sourceMappingURL=condition-evaluator.d.ts.map

package/dist/rules/condition-evaluator.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"condition-evaluator.d.ts","sourceRoot":"","sources":["../../src/rules/condition-evaluator.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,iBAAiB,EACjB,aAAa,EAEd,MAAM,YAAY,CAAC;AAEpB,MAAM,WAAW,0BAA0B;IACzC,kBAAkB,CAAC,EAAE,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC;IACvF,6BAA6B,CAAC,EAAE,OAAO,CAAC;IACxC,GAAG,CAAC,EAAE,IAAI,CAAC;CACZ;AAwDD;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,cAAc,GAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAoC,GACzE,OAAO,CAWT;AAED;;GAEG;AACH,wBAAgB,eAAe,CAC7B,OAAO,EAAE,MAAM,EACf,KAAK,CAAC,EAAE,MAAM,GACb,MAAM,GAAG,IAAI,CAef;AAuTD;;GAEG;AACH,wBAAgB,uBAAuB,CACrC,UAAU,EAAE,OAAO,EACnB,QAAQ,EAAE,iBAAiB,EAC3B,QAAQ,EAAE,OAAO,EACjB,OAAO,GAAE,IAAI,CAAC,0BAA0B,EAAE,+BAA+B,CAAM,GAC9E,OAAO,CA0FT;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,SAAS,EAAE,aAAa,EACxB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,OAAO,GAAE,0BAA+B,GACvC,OAAO,CAuCT;AAED;;;;GAIG;AACH,wBAAgB,4BAA4B,CAC1C,UAAU,EAAE,aAAa,EAAE,GAAG,SAAS,EACvC,eAAe,EAAE,aAAa,EAAE,EAAE,GAAG,SAAS,EAC9C,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,OAAO,GAAE,0BAA+B,GACvC,OAAO,CAiBT"}
+{"version":3,"file":"condition-evaluator.d.ts","sourceRoot":"","sources":["../../src/rules/condition-evaluator.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,iBAAiB,EACjB,aAAa,EAEd,MAAM,YAAY,CAAC;AAEpB,MAAM,WAAW,0BAA0B;IACzC,kBAAkB,CAAC,EAAE,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC;IACvF,6BAA6B,CAAC,EAAE,OAAO,CAAC;IACxC,GAAG,CAAC,EAAE,IAAI,CAAC;CACZ;AASD,UAAU,oBAAoB;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,OAAO,CAAC;CACvB;AA6CD;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,cAAc,GAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAoC,GACzE,OAAO,CAWT;AAED;;GAEG;AACH,wBAAgB,eAAe,CAC7B,OAAO,EAAE,MAAM,EACf,KAAK,CAAC,EAAE,MAAM,GACb,MAAM,GAAG,IAAI,CAef;AAqMD,wBAAgB,kBAAkB,CAChC,UAAU,EAAE,OAAO,EACnB,QAAQ,EAAE,OAAO,GAChB,oBAAoB,GAAG,IAAI,CAmD7B;AAgED;;GAEG;AACH,wBAAgB,uBAAuB,CACrC,UAAU,EAAE,OAAO,EACnB,QAAQ,EAAE,iBAAiB,EAC3B,QAAQ,EAAE,OAAO,EACjB,OAAO,GAAE,IAAI,CAAC,0BAA0B,EAAE,+BAA+B,CAAM,GAC9E,OAAO,CAwHT;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,SAAS,EAAE,aAAa,EACxB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,OAAO,GAAE,0BAA+B,GACvC,OAAO,CAwCT;AAED;;;;GAIG;AACH,wBAAgB,4BAA4B,CAC1C,UAAU,EAAE,aAAa,EAAE,GAAG,SAAS,EACvC,eAAe,EAAE,aAAa,EAAE,EAAE,GAAG,SAAS,EAC9C,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAChC,OAAO,GAAE,0BAA+B,GACvC,OAAO,CAiBT"}

package/dist/rules/condition-evaluator.js

@@ -31,6 +31,8 @@ function resolveDotPath(path, source) {
         if (typeof current !== 'object') {
             return undefined;
         }
+        if (!Object.prototype.hasOwnProperty.call(current, part))
+            return undefined;
         current = current[part];
     }
     return current;
@@ -178,6 +180,11 @@ function getTimeZoneFormatter(timezone) {
             minute: '2-digit',
             hour12: false,
         });
+        if (TIMEZONE_FORMATTER_CACHE.size >= 1000) {
+            const firstKey = TIMEZONE_FORMATTER_CACHE.keys().next().value;
+            if (firstKey !== undefined)
+                TIMEZONE_FORMATTER_CACHE.delete(firstKey);
+        }
         TIMEZONE_FORMATTER_CACHE.set(timezone, formatter);
         return formatter;
     }
@@ -224,7 +231,7 @@ function previousDay(day) {
 function isDayAllowed(day, allowedDays) {
     return allowedDays === null || allowedDays.has(day);
 }
-function evaluateTimeWindow(fieldValue, expected) {
+export function evaluateTimeWindow(fieldValue, expected) {
     const parsedWindow = normalizeTimeWindowValue(expected);
     if (!parsedWindow) {
         return null;
@@ -321,60 +328,82 @@ export function evaluateLegacyCondition(fieldValue, operator, expected, options
     const allowNestedObjectStringSearch = options.allowNestedObjectStringSearch === true;
     switch (operator) {
         case 'equals':
+            if (typeof fieldValue === 'string' && typeof expected === 'string') {
+                return fieldValue.toLowerCase() === expected.toLowerCase();
+            }
             return fieldValue === expected;
         case 'not_equals':
+            if (typeof fieldValue === 'string' && typeof expected === 'string') {
+                return fieldValue.toLowerCase() !== expected.toLowerCase();
+            }
             return fieldValue !== expected;
         case 'contains':
             if (typeof fieldValue === 'string' && typeof expected === 'string') {
-                return fieldValue.includes(expected);
+                return fieldValue.toLowerCase().includes(expected.toLowerCase());
             }
             if (Array.isArray(fieldValue)) {
+                if (typeof expected === 'string') {
+                    const lower = expected.toLowerCase();
+                    return fieldValue.some((e) => typeof e === 'string' ? e.toLowerCase() === lower : e === expected);
+                }
                 return fieldValue.includes(expected);
             }
             if (allowNestedObjectStringSearch && typeof expected === 'string') {
+                const lower = expected.toLowerCase();
                 return collectNestedStrings(fieldValue)
-                    .some((value) => value.includes(expected));
+                    .some((value) => value.toLowerCase().includes(lower));
             }
             return false;
         case 'not_contains':
             if (typeof fieldValue === 'string' && typeof expected === 'string') {
-                return !fieldValue.includes(expected);
+                return !fieldValue.toLowerCase().includes(expected.toLowerCase());
             }
             if (Array.isArray(fieldValue)) {
+                if (typeof expected === 'string') {
+                    const lower = expected.toLowerCase();
+                    return !fieldValue.some((e) => typeof e === 'string' ? e.toLowerCase() === lower : e === expected);
+                }
                 return !fieldValue.includes(expected);
             }
             if (allowNestedObjectStringSearch && typeof expected === 'string') {
+                const lower = expected.toLowerCase();
                 return collectNestedStrings(fieldValue)
-                    .every((value) => !value.includes(expected));
+                    .every((value) => !value.toLowerCase().includes(lower));
             }
-            return true;
+            return false;
         case 'starts_with':
             return typeof fieldValue === 'string' && typeof expected === 'string'
-                && fieldValue.startsWith(expected);
+                && fieldValue.toLowerCase().startsWith(expected.toLowerCase());
         case 'ends_with':
             return typeof fieldValue === 'string' && typeof expected === 'string'
-                && fieldValue.endsWith(expected);
+                && fieldValue.toLowerCase().endsWith(expected.toLowerCase());
         case 'matches': {
             if (typeof expected !== 'string') {
                 return false;
             }
             if (typeof fieldValue === 'string') {
-                return createSafeRegex(expected)?.test(fieldValue) ?? false;
+                return createSafeRegex(expected, 'i')?.test(fieldValue) ?? false;
             }
             if (!allowNestedObjectStringSearch) {
                 return false;
             }
-            const regex = createSafeRegex(expected);
+            const regex = createSafeRegex(expected, 'i');
             if (!regex) {
                 return false;
             }
             return collectNestedStrings(fieldValue)
                 .some((value) => regex.test(value));
         }
-        case 'greater_than':
-            return Number(fieldValue) > Number(expected);
-        case 'less_than':
-            return Number(fieldValue) < Number(expected);
+        case 'greater_than': {
+            if (typeof fieldValue !== 'number' || typeof expected !== 'number')
+                return false;
+            return Number.isFinite(fieldValue) && Number.isFinite(expected) && fieldValue > expected;
+        }
+        case 'less_than': {
+            if (typeof fieldValue !== 'number' || typeof expected !== 'number')
+                return false;
+            return Number.isFinite(fieldValue) && Number.isFinite(expected) && fieldValue < expected;
+        }
         case 'length_greater_than': {
             const fieldLength = getLengthComparableValue(fieldValue);
             if (fieldLength === null) {
@@ -387,9 +416,21 @@ export function evaluateLegacyCondition(fieldValue, operator, expected, options
             return fieldLength > expectedLength;
         }
         case 'in':
-            return Array.isArray(expected) && expected.includes(fieldValue);
+            if (!Array.isArray(expected))
+                return false;
+            if (typeof fieldValue === 'string') {
+                const lower = fieldValue.toLowerCase();
+                return expected.some((e) => typeof e === 'string' ? e.toLowerCase() === lower : e === fieldValue);
+            }
+            return expected.includes(fieldValue);
         case 'not_in':
-            return Array.isArray(expected) && !expected.includes(fieldValue);
+            if (!Array.isArray(expected))
+                return false;
+            if (typeof fieldValue === 'string') {
+                const lower = fieldValue.toLowerCase();
+                return !expected.some((e) => typeof e === 'string' ? e.toLowerCase() === lower : e === fieldValue);
+            }
+            return !expected.includes(fieldValue);
         case 'within_hours': {
             const result = evaluateTimeWindow(fieldValue, expected);
             return result !== null && result.inScope && result.withinWindow;
@@ -425,7 +466,8 @@ export function evaluateCondition(condition, context, options = {}) {
             const resolvedReferenceValue = Number(referenceValue);
             if (Number.isNaN(resolvedFieldValue)
                 || Number.isNaN(resolvedExpectedValue)
-                || Number.isNaN(resolvedReferenceValue)) {
+                || Number.isNaN(resolvedReferenceValue)
+                || resolvedReferenceValue === 0) {
                 return false;
             }
             return resolvedFieldValue > (resolvedReferenceValue * resolvedExpectedValue / 100);
@@ -434,7 +476,7 @@ export function evaluateCondition(condition, context, options = {}) {
             allowNestedObjectStringSearch: options.allowNestedObjectStringSearch,
         });
     }
-    return true;
+    return false;
 }
 /**
  * Evaluate a rule-like condition collection: