shift-preflight 0.9.6

Multimodal preflight layer for AI model inputs — inspect, transform, and optimize images before they reach the API
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398

use anyhow::{Context, Result};
use image::codecs::jpeg::JpegEncoder;
use image::codecs::png::PngEncoder;
use image::imageops::FilterType;
use image::{DynamicImage, ImageEncoder};

use crate::policy::Action;

/// Default JPEG quality for format-preserving operations (resize, convert).
/// The Recompress action has its own policy-driven quality.
const DEFAULT_JPEG_QUALITY: u8 = 85;

/// Apply a transformation action to raw image bytes.
///
/// Returns the transformed image bytes.
pub fn transform_image(data: &[u8], action: &Action) -> Result<Vec<u8>> {
    match action {
        Action::Pass => Ok(data.to_vec()),

        Action::Resize {
            target_width,
            target_height,
        } => resize_image(data, *target_width, *target_height),

        Action::Recompress { quality } => recompress_jpeg(data, *quality),

        Action::ConvertFormat { to } => convert_format(data, to),

        Action::RasterizeSvg {
            target_width,
            target_height,
        } => {
            // SVG data should be passed as the raw SVG text bytes
            let svg_text = std::str::from_utf8(data).context("SVG data is not valid UTF-8")?;
            rasterize_svg(svg_text, *target_width, *target_height)
        }

        Action::Drop { .. } => {
            // Dropping returns empty — caller handles removal from payload
            Ok(Vec::new())
        }
    }
}

/// Load an image from memory with a pixel budget to prevent decompression bombs.
///
/// R5: Propagates dimension-read errors instead of silently falling through
/// to an unguarded decode. If we can't read dimensions from the header,
/// we reject the image rather than risk a decompression bomb.
fn load_image_safe(data: &[u8]) -> Result<DynamicImage> {
    use crate::mode::SafetyLimits;

    let limits = SafetyLimits::default();

    let reader = image::ImageReader::new(std::io::Cursor::new(data))
        .with_guessed_format()
        .context("failed to guess image format")?;

    // R5: Propagate the error — don't silently skip the budget check
    let (w, h) = reader
        .into_dimensions()
        .context("failed to read image dimensions (cannot verify pixel budget)")?;

    let pixels = w as u64 * h as u64;
    if pixels > limits.max_pixels {
        anyhow::bail!(
            "image decompression blocked: {}x{} ({:.0} megapixels) exceeds {:.0} megapixel safety limit",
            w,
            h,
            pixels as f64 / 1_000_000.0,
            limits.max_pixels as f64 / 1_000_000.0
        );
    }

    // Now do the full decode — we know it's within pixel budget
    image::load_from_memory(data).context("failed to decode image")
}

/// Resize an image to fit within target dimensions, preserving aspect ratio.
///
/// Re-encodes in the same format as the input. JPEG inputs stay JPEG (quality 85),
/// avoiding the size inflation that would occur from converting to PNG.
/// Non-JPEG inputs (PNG, GIF, WebP, etc.) are encoded as PNG for lossless safety.
fn resize_image(data: &[u8], target_width: u32, target_height: u32) -> Result<Vec<u8>> {
    let input_format = crate::inspector::detect_format(data);
    let img = load_image_safe(data)?;

    let resized = img.resize(target_width, target_height, FilterType::Lanczos3);

    match input_format {
        crate::inspector::MediaFormat::Jpeg => encode_jpeg(&resized, DEFAULT_JPEG_QUALITY),
        _ => encode_png(&resized),
    }
}

/// Recompress an image as JPEG at the given quality.
fn recompress_jpeg(data: &[u8], quality: u8) -> Result<Vec<u8>> {
    let img = load_image_safe(data)?;
    encode_jpeg(&img, quality)
}

/// Convert an image to a different format.
fn convert_format(data: &[u8], to: &str) -> Result<Vec<u8>> {
    let img = load_image_safe(data)?;

    match to {
        "png" => encode_png(&img),
        "jpeg" | "jpg" => encode_jpeg(&img, DEFAULT_JPEG_QUALITY),
        _ => anyhow::bail!("unsupported target format: {}", to),
    }
}

/// Encode a DynamicImage as PNG.
fn encode_png(img: &DynamicImage) -> Result<Vec<u8>> {
    let rgba = img.to_rgba8();
    let mut buf = Vec::new();
    let encoder = PngEncoder::new(&mut buf);
    encoder
        .write_image(
            rgba.as_raw(),
            rgba.width(),
            rgba.height(),
            image::ExtendedColorType::Rgba8,
        )
        .context("failed to encode PNG")?;
    Ok(buf)
}

/// Encode a DynamicImage as JPEG at the given quality.
fn encode_jpeg(img: &DynamicImage, quality: u8) -> Result<Vec<u8>> {
    let rgb = img.to_rgb8();
    let mut buf = Vec::new();
    let encoder = JpegEncoder::new_with_quality(&mut buf, quality);
    encoder
        .write_image(
            rgb.as_raw(),
            rgb.width(),
            rgb.height(),
            image::ExtendedColorType::Rgb8,
        )
        .context("failed to encode JPEG")?;
    Ok(buf)
}

/// Rasterize SVG text to PNG at the given dimensions.
pub fn rasterize_svg(svg_text: &str, target_width: u32, target_height: u32) -> Result<Vec<u8>> {
    use resvg::tiny_skia;
    use resvg::usvg;

    let options = usvg::Options::default();
    let tree = usvg::Tree::from_str(svg_text, &options).context("failed to parse SVG")?;

    let size = tree.size();
    let (svg_w, svg_h) = (size.width(), size.height());

    // Calculate scale to fit within target dimensions
    let scale_x = target_width as f32 / svg_w;
    let scale_y = target_height as f32 / svg_h;
    let scale = scale_x.min(scale_y);

    let pixel_w = (svg_w * scale).ceil() as u32;
    let pixel_h = (svg_h * scale).ceil() as u32;

    // R9: Pixel budget for SVG rasterization (shared via SafetyLimits)
    let limits = crate::mode::SafetyLimits::default();
    let pixel_count = pixel_w as u64 * pixel_h as u64;
    if pixel_count > limits.max_pixels {
        anyhow::bail!(
            "SVG rasterization blocked: {}x{} exceeds {:.0} megapixel safety limit",
            pixel_w,
            pixel_h,
            limits.max_pixels as f64 / 1_000_000.0
        );
    }

    let mut pixmap = tiny_skia::Pixmap::new(pixel_w.max(1), pixel_h.max(1))
        .context("failed to create pixmap")?;

    let transform = tiny_skia::Transform::from_scale(scale, scale);
    resvg::render(&tree, transform, &mut pixmap.as_mut());

    // Convert pixmap to PNG
    let png_data = pixmap
        .encode_png()
        .context("failed to encode rasterized SVG as PNG")?;
    Ok(png_data)
}

#[cfg(test)]
mod tests {
    use super::*;
    use crate::inspector::{detect_format, MediaFormat};

    fn make_test_png(width: u32, height: u32) -> Vec<u8> {
        let img = image::RgbaImage::new(width, height);
        let mut buf = Vec::new();
        let encoder = PngEncoder::new(&mut buf);
        encoder
            .write_image(img.as_raw(), width, height, image::ExtendedColorType::Rgba8)
            .unwrap();
        buf
    }

    fn make_test_jpeg(width: u32, height: u32) -> Vec<u8> {
        let img = image::RgbImage::new(width, height);
        let mut buf = Vec::new();
        let mut encoder = JpegEncoder::new_with_quality(&mut buf, 90);
        encoder
            .encode(img.as_raw(), width, height, image::ExtendedColorType::Rgb8)
            .unwrap();
        buf
    }

    #[test]
    fn test_resize_png() {
        let data = make_test_png(4000, 3000);
        let action = Action::Resize {
            target_width: 2048,
            target_height: 2048,
        };
        let result = transform_image(&data, &action).unwrap();

        // Must still be PNG after resize
        assert_eq!(
            detect_format(&result),
            MediaFormat::Png,
            "resized PNG should remain PNG"
        );

        // Verify it's still a valid image with correct dimensions
        let img = image::load_from_memory(&result).unwrap();
        assert!(img.width() <= 2048);
        assert!(img.height() <= 2048);
        // Verify aspect ratio preserved
        let ratio_orig = 4000.0 / 3000.0;
        let ratio_new = img.width() as f64 / img.height() as f64;
        assert!((ratio_orig - ratio_new).abs() < 0.02);
    }

    #[test]
    fn test_resize_preserves_jpeg_format() {
        let data = make_test_jpeg(4000, 3000);
        let action = Action::Resize {
            target_width: 2048,
            target_height: 2048,
        };
        let result = transform_image(&data, &action).unwrap();

        // Must still be JPEG after resize — not converted to PNG
        assert_eq!(
            detect_format(&result),
            MediaFormat::Jpeg,
            "resized JPEG should remain JPEG, not be converted to PNG"
        );

        // Resized JPEG should be smaller than the original
        assert!(
            result.len() <= data.len(),
            "resized JPEG ({} bytes) should not be larger than original ({} bytes)",
            result.len(),
            data.len()
        );

        // Verify dimensions are within the target
        let img = image::load_from_memory(&result).unwrap();
        assert!(img.width() <= 2048);
        assert!(img.height() <= 2048);

        // Verify aspect ratio is preserved
        let ratio_orig = 4000.0 / 3000.0;
        let ratio_new = img.width() as f64 / img.height() as f64;
        assert!(
            (ratio_orig - ratio_new).abs() < 0.02,
            "aspect ratio should be preserved"
        );
    }

    #[test]
    fn test_recompress_jpeg() {
        let data = make_test_jpeg(1000, 800);
        let original_size = data.len();
        let action = Action::Recompress { quality: 50 };
        let result = transform_image(&data, &action).unwrap();

        // Lower quality should produce a smaller file
        assert!(result.len() <= original_size);
        // Should still be valid JPEG
        assert_eq!(detect_format(&result), MediaFormat::Jpeg);
    }

    #[test]
    fn test_convert_bmp_to_png() {
        // Create a test image and save as BMP bytes
        let img = image::RgbImage::from_pixel(100, 100, image::Rgb([255, 0, 0]));
        let mut bmp_data = Vec::new();
        let mut cursor = std::io::Cursor::new(&mut bmp_data);
        img.write_to(&mut cursor, image::ImageFormat::Bmp).unwrap();

        let action = Action::ConvertFormat {
            to: "png".to_string(),
        };
        let result = transform_image(&bmp_data, &action).unwrap();
        assert_eq!(detect_format(&result), MediaFormat::Png);
    }

    #[test]
    fn test_pass_action() {
        let data = make_test_png(100, 100);
        let action = Action::Pass;
        let result = transform_image(&data, &action).unwrap();
        assert_eq!(result, data);
    }

    #[test]
    fn test_drop_action() {
        let data = make_test_png(100, 100);
        let action = Action::Drop {
            reason: "test".into(),
        };
        let result = transform_image(&data, &action).unwrap();
        assert!(result.is_empty());
    }

    #[test]
    fn test_rasterize_svg_simple() {
        let svg = r#"<svg xmlns="http://www.w3.org/2000/svg" width="200" height="100">
            <rect width="200" height="100" fill="red"/>
        </svg>"#;

        let result = rasterize_svg(svg, 200, 100).unwrap();
        assert!(!result.is_empty());
        assert_eq!(detect_format(&result), MediaFormat::Png);

        // Verify dimensions
        let img = image::load_from_memory(&result).unwrap();
        assert_eq!(img.width(), 200);
        assert_eq!(img.height(), 100);
    }

    #[test]
    fn test_rasterize_svg_scaled_down() {
        let svg = r#"<svg xmlns="http://www.w3.org/2000/svg" width="2000" height="1000">
            <circle cx="1000" cy="500" r="400" fill="blue"/>
        </svg>"#;

        let result = rasterize_svg(svg, 500, 500).unwrap();
        let img = image::load_from_memory(&result).unwrap();
        assert!(img.width() <= 500);
        assert!(img.height() <= 500);
    }

    #[test]
    fn test_rasterize_svg_with_viewbox() {
        let svg = r#"<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 100 100">
            <rect x="10" y="10" width="80" height="80" fill="green"/>
        </svg>"#;

        let result = rasterize_svg(svg, 256, 256).unwrap();
        assert!(!result.is_empty());
        assert_eq!(detect_format(&result), MediaFormat::Png);
    }

    #[test]
    fn test_rasterize_svg_complex() {
        let svg = r#"<?xml version="1.0" encoding="UTF-8"?>
<svg xmlns="http://www.w3.org/2000/svg" width="400" height="300" viewBox="0 0 400 300">
  <defs>
    <linearGradient id="grad" x1="0%" y1="0%" x2="100%" y2="100%">
      <stop offset="0%" style="stop-color:rgb(255,0,0);stop-opacity:1" />
      <stop offset="100%" style="stop-color:rgb(0,0,255);stop-opacity:1" />
    </linearGradient>
  </defs>
  <rect width="400" height="300" fill="url(#grad)"/>
  <circle cx="200" cy="150" r="80" fill="white" opacity="0.5"/>
  <text x="200" y="160" text-anchor="middle" font-size="24" fill="white">SHIFT</text>
</svg>"#;

        let result = rasterize_svg(svg, 800, 600).unwrap();
        assert!(!result.is_empty());
        let img = image::load_from_memory(&result).unwrap();
        assert!(img.width() > 0);
        assert!(img.height() > 0);
    }

    #[test]
    fn test_transform_svg_via_action() {
        let svg = r#"<svg xmlns="http://www.w3.org/2000/svg" width="100" height="100">
            <rect width="100" height="100" fill="red"/>
        </svg>"#;

        let action = Action::RasterizeSvg {
            target_width: 256,
            target_height: 256,
        };
        let result = transform_image(svg.as_bytes(), &action).unwrap();
        assert_eq!(detect_format(&result), MediaFormat::Png);
    }
}