UNPKG

@visulima/cerebro

Version:

A delightful toolkit for building cross-runtime CLIs for Node.js, Deno, and Bun.

visulima.com/packages/cerebro

visulima/visulima

59 lines (58 loc) 2.31 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
/** * Security utilities for preventing injection attacks and malicious inputs */ /** * Sanitizes a command argument to prevent injection attacks. * @param argument The argument string to sanitize. * @returns The sanitized argument with whitespace trimmed. * @throws {TypeError} If the argument is not a string. * @throws {Error} If the argument exceeds maximum length or contains dangerous characters. */ export declare const sanitizeArgument: (argument: string) => string; /** * Sanitizes an array of arguments. * @param args The array of arguments to sanitize. * @returns Array of sanitized arguments. * @throws {TypeError} If args is not an array or if any argument is not a string. * @throws {Error} If there are too many arguments or if any argument is invalid. */ export declare const sanitizeArguments: (args: ReadonlyArray<string>) => string[]; /** * Validates that a file path is safe (prevents directory traversal). * @param path The file path to validate. * @returns The validated path with whitespace trimmed. * @throws {TypeError} If the path is not a string. * @throws {Error} If the path contains traversal sequences, is absolute, or exceeds maximum length. */ export declare const validateSafePath: (path: string) => string; /** * Rate limiting helper to prevent brute force attacks * Automatically cleans up expired entries to prevent memory leaks */ export declare class RateLimiter { private attempts; private readonly maxAttempts; private readonly windowMs; /** * Creates a new RateLimiter instance. * @param maxAttempts Maximum number of attempts allowed within the time window (default: 5). * @param windowMs Time window in milliseconds (default: 60000). */ constructor(maxAttempts?: number, windowMs?: number); /** * Checks if the key has exceeded the rate limit. * @param key Unique identifier for the rate limit check. * @returns true if the request is allowed, false if rate limit exceeded. */ checkLimit(key: string): boolean; /** * Resets the rate limit for a specific key. * @param key The key to reset. */ reset(key: string): void; /** * Removes expired entries from the attempts map. * @param now Current timestamp. */ private cleanup; }