/**
 * Allowlist/Denylist functionality for PII detection
 * Provides environment-aware filtering of false positives
 */
import type { PiiType } from './types.js';
export type Environment = 'production' | 'test' | 'development';
/**
 * Default allowlisted patterns that should not be treated as PII
 */
export declare const DEFAULT_ALLOWLIST: {
    email: Set<string>;
    ipv4: Set<string>;
    ipv6: Set<string>;
    phone: Set<string>;
    credit_card: Set<string>;
};
/**
 * Configuration for allowlist/denylist behavior
 */
export interface AllowDenyConfig {
    environment?: Environment;
    customAllowlist?: Map<PiiType, Set<string>>;
    customDenylist?: Map<PiiType, Set<string>>;
    allowPrivateIPs?: boolean;
    allowTestPatterns?: boolean;
}
/**
 * Manages allowlist and denylist for PII detection
 */
export declare class AllowDenyManager {
    private environment;
    private allowlist;
    private denylist;
    private allowPrivateIPs;
    private allowTestPatterns;
    constructor(config?: AllowDenyConfig);
    private initializeAllowlist;
    /**
     * Check if a value should be allowed (not treated as PII)
     */
    isAllowed(value: string, type: PiiType, context?: string): boolean;
    private matchesPattern;
    private matchesCIDR;
    private isPrivateIPv4;
    private isPrivateIPv6;
    /**
     * Check if PII-like value appears in a comment or documentation context
     */
    private isInCommentOrDocumentation;
    private isTestPattern;
    /**
     * Add patterns to allowlist at runtime
     */
    addToAllowlist(type: PiiType, patterns: string[]): void;
    /**
     * Add patterns to denylist at runtime
     */
    addToDenylist(type: PiiType, patterns: string[]): void;
    /**
     * Get current configuration for debugging
     */
    getConfig(): {
        environment: Environment;
        allowPrivateIPs: boolean;
        allowTestPatterns: boolean;
        allowlist: Record<string, string[]>;
        denylist: Record<string, string[]>;
    };
}
//# sourceMappingURL=allowlist.d.ts.map