Complete Email Sortierer implementation with Appwrite and Stripe integration

server/node_modules/tough-cookie/LICENSE

@@ -0,0 +1,12 @@
+Copyright (c) 2015, Salesforce.com, Inc.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
+
+3. Neither the name of Salesforce.com nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

server/node_modules/tough-cookie/README.md

@@ -0,0 +1,195 @@
+# Tough Cookie · [![RFC6265][rfc6265-badge]][rfc6265-tracker] [![RFC6265bis][rfc6265bis-badge]][rfc6265bis-tracker] [![npm version][npm-badge]][npm-repo] [![CI on Github Actions: salesforce/tough-cookie][ci-badge]][ci-url] ![PRs Welcome][prs-welcome-badge]
+
+A Node.js implementation of [RFC6265][rfc6265-tracker] for cookie parsing, storage, and retrieval.
+
+## Getting Started
+
+Install Tough Cookie using [`npm`][npm-repo]:
+
+```shell
+npm install tough-cookie
+```
+
+or [`yarn`][yarn-repo]:
+
+```shell
+yarn add tough-cookie
+```
+
+## Usage
+
+```typescript
+import { Cookie, CookieJar } from 'tough-cookie'
+
+// parse a `Cookie` request header
+const reqCookies = 'ID=298zf09hf012fh2; csrf=u32t4o3tb3gg43; _gat=1'
+  .split(';')
+  .map(Cookie.parse)
+// generate a `Cookie` request header
+const cookieHeader = reqCookies.map((cookie) => cookie.cookieString()).join(';')
+
+// parse a Set-Cookie response header
+const resCookie = Cookie.parse(
+  'foo=bar; Domain=example.com; Path=/; Expires=Tue, 21 Oct 2025 00:00:00 GMT',
+)
+// generate a Set-Cookie response header
+const setCookieHeader = cookie.toString()
+
+// store and retrieve cookies
+const cookieJar = new CookieJar() // uses the in-memory store by default
+await cookieJar.setCookie(resCookie, 'https://example.com/')
+const matchingCookies = await cookieJar.getCookies('https://example.com/')
+```
+
+> [!IMPORTANT]
+> For more detailed usage information, refer to the [API docs](./api/docs/tough-cookie.md).
+
+## RFC6265bis
+
+Support for [RFC6265bis][rfc6265bis-tracker] is being developed. As these revisions to [RFC6252][rfc6265-tracker] are
+still in `Active Internet-Draft` state, the areas of support that follow are subject to change.
+
+### SameSite Cookies
+
+This change makes it possible for servers, and supporting clients, to mitigate certain types of CSRF
+attacks by disallowing `SameSite` cookies from being sent cross-origin.
+
+#### Example
+
+```typescript
+import { CookieJar } from 'tough-cookie'
+
+const cookieJar = new CookieJar() // uses the in-memory store by default
+
+// storing cookies with various SameSite attributes
+await cookieJar.setCookie(
+  'strict=authorized; SameSite=strict',
+  'http://example.com/index.html',
+)
+await cookieJar.setCookie(
+  'lax=okay; SameSite=lax',
+  'http://example.com/index.html',
+)
+await cookieJar.setCookie('normal=whatever', 'http://example.com/index.html')
+
+// retrieving cookies using a SameSite context
+const laxCookies = await cookieJar.getCookies('http://example.com/index.html', {
+  // the first cookie (strict=authorized) will not be returned if the context is 'lax'
+  // but the other two cookies will be returned
+  sameSiteContext: 'lax',
+})
+```
+
+> [!NOTE]
+> It is highly recommended that you read [RFC6265bis - Section 8.8][samesite-implementation] for more details on SameSite cookies, security considerations, and defense in depth.
+
+### Cookie Prefixes
+
+Cookie prefixes are a way to indicate that a given cookie was set with a set of attributes simply by
+inspecting the first few characters of the cookie's name.
+
+Two prefixes are defined:
+
+- `"__Secure-"`
+
+  If a cookie's name begins with a case-sensitive match for the string `__Secure-`, then the cookie was set with a "Secure" attribute.
+
+- `"__Host-"`
+
+  If a cookie's name begins with a case-sensitive match for the string `__Host-`, then the cookie was set with a "Secure" attribute, a "Path" attribute with a value of "/", and no "Domain" attribute.
+
+If `prefixSecurity` is enabled for `CookieJar`, then cookies that match the prefixes defined above but do
+not obey the attribute restrictions are not added.
+
+You can define this functionality by passing in the `prefixSecurity` option to `CookieJar`. It can be one of 3 values:
+
+1. `silent`: (**default**) Enable cookie prefix checking but silently fail to add the cookie if conditions are not met.
+2. `strict`: Enable cookie prefix checking and error out if conditions are not met.
+3. `unsafe-disabled`: Disable cookie prefix checking.
+
+> If `ignoreError` is passed in as `true` when setting a cookie then the error is silent regardless of the `prefixSecurity` option (assuming it's enabled).
+
+#### Example
+
+```typescript
+import { CookieJar, MemoryCookieStore } from 'tough-cookie'
+
+const cookieJar = new CookieJar(new MemoryCookieStore(), {
+  prefixSecurity: 'silent',
+})
+
+// this cookie will be silently ignored since the url is insecure (http)
+await cookieJar.setCookie(
+  '__Secure-SID=12345; Domain=example.com; Secure;',
+  'http://example.com',
+)
+
+// this cookie will be stored since the url is secure (https)
+await cookieJar.setCookie(
+  '__Secure-SID=12345; Domain=example.com; Secure;',
+  'https://example.com',
+)
+```
+
+> [!NOTE]
+> It is highly recommended that you read [RFC6265bis - Section 4.1.3][cookie-prefixes-implementation] for more details on Cookie Prefixes.
+
+### Potentially Trustworthy Origins are considered "Secure"
+
+The definition of a "Secure" connection is not explicitly defined by [RFC6265bis][rfc6265bis-tracker] but the following text is
+provided in [RFC6265bis - Section 5.8.3][secure-connection-note]:
+
+> [!NOTE]
+> Typically, user agents consider a connection secure if the connection makes use of transport-layer security, such as
+> SSL or TLS, or if the host is trusted. For example, most user agents consider "https" to be a scheme that denotes a
+> secure protocol and "localhost" to be trusted host.
+
+As well as a note to [Appendix A. Changes from RFC6265][secure-connection-appendix-a] which refers to **"potentially trustworthy
+origins"** which are defined in the [Secure Contexts - W3C Candidate Recommendation Draft][potentially-trustworthy-origin]:
+
+> [!Note]
+> Considers potentially trustworthy origins as "secure".
+
+Since most web browsers treat `localhost` as a trustworthy origin, by default, so does `tough-cookie`. To disable this
+behavior, the `CookieStore` must be configured with:
+
+```typescript
+import { CookieJar, MemoryCookieStore } from 'tough-cookie'
+
+const cookieJar = new CookieJar(new MemoryCookieStore(), {
+  // add configuration so localhost will not be considered trustworthy
+  // (fyi - this doesn't apply to https cookies on localhost as those use a secure protocol)
+  allowSecureOnLocal: false,
+})
+
+// this cookie will be persisted to storage
+await cookieJar.setCookie(
+  'SID=12345; Domain=localhost; Secure;',
+  'http://localhost',
+)
+
+// but, on retrieval, it will not be returned
+await cookieJar.getCookiesSync('http://localhost')
+```
+
+## Node.js Version Support
+
+We follow the [Node.js release schedule](https://github.com/nodejs/Release#release-schedule) and support
+all versions that are in Active LTS or Maintenance. We will always do a major release when dropping support
+for older versions of node, and we will do so in consultation with our community.
+
+[npm-badge]: https://img.shields.io/npm/v/tough-cookie.svg?style=flat
+[npm-repo]: https://www.npmjs.com/package/tough-cookie
+[ci-badge]: https://github.com/salesforce/tough-cookie/actions/workflows/ci.yaml/badge.svg
+[ci-url]: https://github.com/salesforce/tough-cookie/actions/workflows/ci.yaml
+[rfc6265-badge]: https://img.shields.io/badge/RFC-6265-flat?labelColor=000000&color=666666
+[rfc6265-tracker]: https://datatracker.ietf.org/doc/rfc6265/
+[rfc6265bis-badge]: https://img.shields.io/badge/RFC-6265bis-flat?labelColor=000000&color=666666
+[rfc6265bis-tracker]: https://datatracker.ietf.org/doc/draft-ietf-httpbis-rfc6265bis/
+[samesite-implementation]: https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis-02#section-8.8
+[cookie-prefixes-implementation]: https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis-02#section-4.1.3
+[secure-connection-note]: https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis-19#section-5.8.3-2.1.2.3.1
+[secure-connection-appendix-a]: https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis-19#appendix-A-1.7.1
+[potentially-trustworthy-origin]: https://www.w3.org/TR/secure-contexts/#is-origin-trustworthy
+[prs-welcome-badge]: https://img.shields.io/badge/PRs-welcome-brightgreen.svg
+[yarn-repo]: https://yarnpkg.com/package?name=tough-cookie

server/node_modules/tough-cookie/package.json

@@ -0,0 +1,149 @@
+{
+  "author": {
+    "name": "Jeremy Stashewsky",
+    "email": "jstash@gmail.com",
+    "website": "https://github.com/stash"
+  },
+  "contributors": [
+    {
+      "name": "Ivan Nikulin",
+      "website": "https://github.com/inikulin"
+    },
+    {
+      "name": "Shivan Kaul Sahib",
+      "website": "https://github.com/ShivanKaul"
+    },
+    {
+      "name": "Clint Ruoho",
+      "website": "https://github.com/ruoho"
+    },
+    {
+      "name": "Ian Livingstone",
+      "website": "https://github.com/ianlivingstone"
+    },
+    {
+      "name": "Andrew Waterman",
+      "website": "https://github.com/awaterma"
+    },
+    {
+      "name": "Michael de Libero ",
+      "website": "https://github.com/medelibero-sfdc"
+    },
+    {
+      "name": "Jonathan Stewmon",
+      "website": "https://github.com/jstewmon"
+    },
+    {
+      "name": "Miguel Roncancio",
+      "website": "https://github.com/miggs125"
+    },
+    {
+      "name": "Sebastian Mayr",
+      "website": "https://github.com/Sebmaster"
+    },
+    {
+      "name": "Alexander Savin",
+      "website": "https://github.com/apsavin"
+    },
+    {
+      "name": "Lalit Kapoor",
+      "website": "https://github.com/lalitkapoor"
+    },
+    {
+      "name": "Sam Thompson",
+      "website": "https://github.com/sambthompson"
+    },
+    {
+      "name": "Colin Casey",
+      "website": "https://github.com/colincasey"
+    },
+    {
+      "name": "Will Harney",
+      "website": "https://github.com/wjhsf"
+    }
+  ],
+  "license": "BSD-3-Clause",
+  "name": "tough-cookie",
+  "description": "RFC6265 Cookies and Cookie Jar for node.js",
+  "keywords": [
+    "HTTP",
+    "cookie",
+    "cookies",
+    "set-cookie",
+    "cookiejar",
+    "jar",
+    "RFC6265",
+    "RFC2965"
+  ],
+  "version": "6.0.0",
+  "homepage": "https://github.com/salesforce/tough-cookie",
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/salesforce/tough-cookie.git"
+  },
+  "bugs": {
+    "url": "https://github.com/salesforce/tough-cookie/issues"
+  },
+  "type": "module",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    "import": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    },
+    "require": {
+      "types": "./dist/index.d.cts",
+      "require": "./dist/index.cjs"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsup lib/cookie/index.ts --format cjs,esm --dts --clean --sourcemap",
+    "lint": "npm run _lint:check",
+    "prepack": "npm run build",
+    "prepare-pr": "npm run build && npm test -- run && npm run _api:update && npm run _docs:generate && npm run _format:fix && npm run _lint:fix && npm run _lint:types",
+    "test": "vitest",
+    "version": "npm run _version:generate && npm run prepare-pr && git add --renormalize .",
+    "_api:check": "api-extractor run --verbose",
+    "_api:update": "api-extractor run --verbose --local",
+    "_docs:generate": "api-documenter markdown --input-folder ./tmp --output-folder ./api/docs",
+    "_docs:fix": "prettier ./api/docs --write",
+    "_format:check": "prettier . --check",
+    "_format:fix": "prettier . --write",
+    "_lint:check": "eslint .",
+    "_lint:fix": "eslint . --fix",
+    "_lint:types": "attw --pack .",
+    "_version:generate": "genversion --template version-template.ejs --force lib/version.ts"
+  },
+  "//": "We only support node LTS versions, but v16 still works. We won't block v16 until it becomes a burden.",
+  "engines": {
+    "node": ">=16"
+  },
+  "devDependencies": {
+    "@arethetypeswrong/cli": "^0.18.2",
+    "@eslint/js": "^9.24.0",
+    "@microsoft/api-documenter": "^7.26.20",
+    "@microsoft/api-extractor": "^7.52.3",
+    "@types/node": "^20.19.6",
+    "@vitest/eslint-plugin": "^1.1.40",
+    "eslint": "^9.24.0",
+    "eslint-config-prettier": "^10.1.2",
+    "eslint-import-resolver-typescript": "^4.3.2",
+    "eslint-plugin-import": "^2.31.0",
+    "eslint-plugin-prettier": "^5.2.6",
+    "genversion": "^3.2.0",
+    "globals": "^16.0.0",
+    "prettier": "^3.5.3",
+    "tsup": "^8.5.0",
+    "typescript": "5.5.3",
+    "typescript-eslint": "^8.29.1",
+    "vitest": "^3.1.1"
+  },
+  "dependencies": {
+    "tldts": "^7.0.5"
+  }
+}