/** * Check if string contains only whitespace characters. */ declare function isBlank(str: string): boolean; /** * Check if value is a non-empty string. */ declare function isNonEmptyString(value: unknown): value is string; /** * Check if value is a valid semantic version string. */ declare function isSemverString(value: unknown): value is string; /** * Perform locale-aware string comparison. */ declare function localeCompare(x: string, y: string): number; /** * Convert package name to lowercase. */ declare function lowerName(purl: { name: string; }): void; /** * Convert package namespace to lowercase. */ declare function lowerNamespace(purl: { namespace?: string | undefined; }): void; /** * Convert package version to lowercase. */ declare function lowerVersion(purl: { version?: string | undefined; }): void; /** * Replace all dashes with underscores in string. */ declare function replaceDashesWithUnderscores(str: string): string; /** * Replace all underscores with dashes in string. */ declare function replaceUnderscoresWithDashes(str: string): string; /** * Find the first command injection character in a string. * Like findInjectionCharCode but uses the narrower command injection set. * Returns the character code found, or -1. */ declare function findCommandInjectionCharCode(str: string): number; /** * Find the first injection character in a string. * Returns the character code of the first dangerous character found, or -1. * * Uses charCode scanning for performance in hot paths. The check is a * single pass with no allocation, no regex, and no prototype method calls * beyond the captured StringPrototypeCharCodeAt primordial. * * Null bytes (0x00) are also caught by validateStrings() in validate.ts, * but we include them here for defense-in-depth so callers who skip the * base validators still get protection. */ declare function findInjectionCharCode(str: string): number; /** * Check if string contains characters commonly used in injection attacks. * Returns true if any dangerous character is found. * * For detailed information about which character was found, use * {@link findInjectionCharCode} instead. */ declare function containsInjectionCharacters(str: string): boolean; /** * Format an injection character code as a human-readable label for error messages. * Returns a string like `"|" (0x7c)` for printable chars or `0x1b` for control chars. */ declare function formatInjectionChar(code: number): string; /** * Remove leading slashes from string. */ declare function trimLeadingSlashes(str: string): string; export { containsInjectionCharacters, findCommandInjectionCharCode, findInjectionCharCode, formatInjectionChar, isBlank, isNonEmptyString, isSemverString, localeCompare, lowerName, lowerNamespace, lowerVersion, replaceDashesWithUnderscores, replaceUnderscoresWithDashes, trimLeadingSlashes, };