@adcp/sdk 6.16.0 → 6.16.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -4,5 +4,5 @@
|
|
|
4
4
|
"source_sha": "4e553ad955f83b49c7d221ab5c3ff78237ad02e3",
|
|
5
5
|
"source_tarball_sha256": "580656d6466ef9f0d1119985e6726c2efea718dc671e2ad30957fcb2fd54af0f",
|
|
6
6
|
"upstream_adcp_version": "2.5.3",
|
|
7
|
-
"synced_at": "2026-05-
|
|
7
|
+
"synced_at": "2026-05-09T18:39:09.783Z"
|
|
8
8
|
}
|
|
@@ -67,35 +67,72 @@ async function detectA2AOrMcp(url, timeoutMs) {
|
|
|
67
67
|
// the well-known path; MCP is the better default.
|
|
68
68
|
// 401/403/429 are auth/rate signals on the well-known path itself, which
|
|
69
69
|
// also indicate "host knows the path" → suspect.
|
|
70
|
+
//
|
|
71
|
+
// adcp-client#1627: route through `ssrfSafeFetch` to close the TOCTOU
|
|
72
|
+
// rebind window left open in the #1618 hostname-literal gate. The
|
|
73
|
+
// wrapper resolves DNS once, validates the full address set against
|
|
74
|
+
// `address-guards`, and pins the connect to the first validated address
|
|
75
|
+
// via undici's `Agent.connect.lookup`. A hostname like
|
|
76
|
+
// `evil.example.com` that resolves to `169.254.169.254` rejects with
|
|
77
|
+
// `SsrfRefusedError(always_blocked_address)` BEFORE the request hits
|
|
78
|
+
// the wire. Counterparty-controlled `Location` headers are not followed
|
|
79
|
+
// (`redirect: 'manual'` inside the wrapper) so a 302 to an SSRF target
|
|
80
|
+
// can't bounce us either. The literal-hostname `classifyProbeUrl`
|
|
81
|
+
// gate above remains as cheap synchronous defense in depth.
|
|
82
|
+
const allowPrivateIp = (0, probe_policy_1.isInternalProbesAllowed)();
|
|
70
83
|
let suspect = false;
|
|
71
84
|
for (const path of a2a_discovery_1.A2A_CARD_PATHS) {
|
|
85
|
+
const discoveryUrl = new URL(path, url).toString();
|
|
72
86
|
try {
|
|
73
|
-
const
|
|
74
|
-
const controller = new AbortController();
|
|
75
|
-
const timeoutId = setTimeout(() => controller.abort(), timeoutMs);
|
|
76
|
-
const response = await fetch(discoveryUrl.toString(), {
|
|
87
|
+
const result = await (0, ssrf_fetch_1.ssrfSafeFetch)(discoveryUrl, {
|
|
77
88
|
method: 'GET',
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
89
|
+
timeoutMs,
|
|
90
|
+
allowPrivateIp,
|
|
91
|
+
headers: { Accept: 'application/json, */*' },
|
|
92
|
+
// The agent card is small (kB-scale) — cap tightly so a malicious
|
|
93
|
+
// host can't pin our event loop on a slow body read.
|
|
94
|
+
maxBodyBytes: 4 * 1024,
|
|
82
95
|
});
|
|
83
|
-
|
|
84
|
-
if (response.ok) {
|
|
96
|
+
if (result.status >= 200 && result.status < 300) {
|
|
85
97
|
return 'a2a';
|
|
86
98
|
}
|
|
87
99
|
// 5xx or auth-on-the-path: treat as A2A suspicion (host has this route
|
|
88
100
|
// but couldn't return the card right now). Don't return immediately —
|
|
89
101
|
// a later path might confirm with a 200.
|
|
90
|
-
if (
|
|
102
|
+
if (result.status >= 500 || result.status === 401 || result.status === 403 || result.status === 429) {
|
|
91
103
|
suspect = true;
|
|
92
104
|
}
|
|
93
105
|
// 4xx (other than the above): negative evidence, leave suspect alone.
|
|
94
106
|
}
|
|
95
|
-
catch {
|
|
96
|
-
//
|
|
97
|
-
//
|
|
98
|
-
//
|
|
107
|
+
catch (err) {
|
|
108
|
+
// Distinguish policy refusals (must propagate — caller is reaching
|
|
109
|
+
// for SSRF targets) from runtime/network conditions (treat as
|
|
110
|
+
// suspect — host is unreachable or non-conformant in a way that's
|
|
111
|
+
// consistent with a slow / large A2A seller).
|
|
112
|
+
//
|
|
113
|
+
// Propagate: `always_blocked_address`, `private_address`,
|
|
114
|
+
// `scheme_not_allowed`, `non_https_without_opt_in`, `invalid_url`.
|
|
115
|
+
// These mean the caller's URL was rejected on policy grounds;
|
|
116
|
+
// silently converting them to `'a2a'` would reintroduce the
|
|
117
|
+
// catch-swallow class flagged in #1618 review.
|
|
118
|
+
// Treat as suspect: `dns_lookup_failed`, `dns_empty`,
|
|
119
|
+
// `body_exceeds_limit`. DNS conditions mean the network is
|
|
120
|
+
// misbehaving, not that the URL is dangerous — and the pre-#1627
|
|
121
|
+
// native-fetch behavior also swallowed these into suspect.
|
|
122
|
+
// `body_exceeds_limit` fires when the agent card exceeds the
|
|
123
|
+
// defensive 4 KiB cap; A2A 0.3.0 §5 doesn't cap card size, so a
|
|
124
|
+
// large legitimate card shouldn't be misclassified as a policy
|
|
125
|
+
// attack — the host clearly knows the well-known path
|
|
126
|
+
// (the response started, just got too big), which is exactly
|
|
127
|
+
// the suspect-A2A signal.
|
|
128
|
+
if (err instanceof ssrf_fetch_1.SsrfRefusedError) {
|
|
129
|
+
if (err.code === 'dns_lookup_failed' || err.code === 'dns_empty' || err.code === 'body_exceeds_limit') {
|
|
130
|
+
suspect = true;
|
|
131
|
+
continue;
|
|
132
|
+
}
|
|
133
|
+
throw err;
|
|
134
|
+
}
|
|
135
|
+
// Other errors (timeout, remote reset, etc.) → suspect.
|
|
99
136
|
suspect = true;
|
|
100
137
|
}
|
|
101
138
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protocol-detection.js","sourceRoot":"","sources":["../../../src/lib/utils/protocol-detection.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAiBH,wCAEC;AASD,8DAEC;AA5BD,mDAAiD;AACjD,
|
|
1
|
+
{"version":3,"file":"protocol-detection.js","sourceRoot":"","sources":["../../../src/lib/utils/protocol-detection.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAiBH,wCAEC;AASD,8DAEC;AA5BD,mDAAiD;AACjD,iDAA2E;AAC3E,kDAAoE;AAEpE;;;;;;;;;;GAUG;AACI,KAAK,UAAU,cAAc,CAAC,GAAW;IAC9C,OAAO,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;AACnC,CAAC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,yBAAyB,CAAC,GAAW,EAAE,YAAoB,IAAI;IACnF,OAAO,cAAc,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;AACxC,CAAC;AAED,KAAK,UAAU,cAAc,CAAC,GAAW,EAAE,SAAiB;IAC1D,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,yEAAyE;IACzE,4EAA4E;IAC5E,2EAA2E;IAC3E,iEAAiE;IACjE,oEAAoE;IACpE,iEAAiE;IACjE,oBAAoB;IACpB,MAAM,MAAM,GAAG,IAAA,+BAAgB,EAAC,GAAG,CAAC,CAAC;IACrC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,sEAAsE;QACtE,yEAAyE;QACzE,yEAAyE;QACzE,sEAAsE;QACtE,mDAAmD;QACnD,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAC/D,MAAM,IAAI,6BAAgB,CACxB,MAAM,CAAC,IAAI,KAAK,gBAAgB,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,iBAAiB,EAC/E,MAAM,CAAC,MAAM,EACb,EAAE,GAAG,EAAE,QAAQ,EAAE,CAClB,CAAC;IACJ,CAAC;IAED,0EAA0E;IAC1E,uEAAuE;IACvE,qBAAqB;IACrB,2CAA2C;IAC3C,0EAA0E;IAC1E,6EAA6E;IAC7E,wEAAwE;IACxE,sEAAsE;IACtE,yEAAyE;IACzE,mEAAmE;IACnE,yEAAyE;IACzE,iDAAiD;IACjD,EAAE;IACF,sEAAsE;IACtE,kEAAkE;IAClE,oEAAoE;IACpE,wEAAwE;IACxE,uDAAuD;IACvD,qEAAqE;IACrE,qEAAqE;IACrE,wEAAwE;IACxE,uEAAuE;IACvE,kEAAkE;IAClE,4DAA4D;IAC5D,MAAM,cAAc,GAAG,IAAA,sCAAuB,GAAE,CAAC;IAEjD,IAAI,OAAO,GAAG,KAAK,CAAC;IACpB,KAAK,MAAM,IAAI,IAAI,8BAAc,EAAE,CAAC;QAClC,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAA,0BAAa,EAAC,YAAY,EAAE;gBAC/C,MAAM,EAAE,KAAK;gBACb,SAAS;gBACT,cAAc;gBACd,OAAO,EAAE,EAAE,MAAM,EAAE,uBAAuB,EAAE;gBAC5C,kEAAkE;gBAClE,qDAAqD;gBACrD,YAAY,EAAE,CAAC,GAAG,IAAI;aACvB,CAAC,CAAC;YAEH,IAAI,MAAM,CAAC,MAAM,IAAI,GAAG,IAAI,MAAM,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;gBAChD,OAAO,KAAK,CAAC;YACf,CAAC;YACD,uEAAuE;YACvE,sEAAsE;YACtE,yCAAyC;YACzC,IAAI,MAAM,CAAC,MAAM,IAAI,GAAG,IAAI,MAAM,CAAC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBACpG,OAAO,GAAG,IAAI,CAAC;YACjB,CAAC;YACD,sEAAsE;QACxE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,mEAAmE;YACnE,8DAA8D;YAC9D,kEAAkE;YAClE,8CAA8C;YAC9C,EAAE;YACF,0DAA0D;YAC1D,qEAAqE;YACrE,gEAAgE;YAChE,8DAA8D;YAC9D,iDAAiD;YACjD,sDAAsD;YACtD,6DAA6D;YAC7D,mEAAmE;YACnE,6DAA6D;YAC7D,+DAA+D;YAC/D,kEAAkE;YAClE,iEAAiE;YACjE,wDAAwD;YACxD,+DAA+D;YAC/D,4BAA4B;YAC5B,IAAI,GAAG,YAAY,6BAAgB,EAAE,CAAC;gBACpC,IAAI,GAAG,CAAC,IAAI,KAAK,mBAAmB,IAAI,GAAG,CAAC,IAAI,KAAK,WAAW,IAAI,GAAG,CAAC,IAAI,KAAK,oBAAoB,EAAE,CAAC;oBACtG,OAAO,GAAG,IAAI,CAAC;oBACf,SAAS;gBACX,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;YACD,wDAAwD;YACxD,OAAO,GAAG,IAAI,CAAC;QACjB,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;AACjC,CAAC"}
|
package/dist/lib/version.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* AdCP SDK library version
|
|
3
3
|
*/
|
|
4
|
-
export declare const LIBRARY_VERSION = "6.16.
|
|
4
|
+
export declare const LIBRARY_VERSION = "6.16.1";
|
|
5
5
|
/**
|
|
6
6
|
* AdCP specification version this library is built for
|
|
7
7
|
*/
|
|
@@ -29,10 +29,10 @@ export type AdcpVersion = (typeof COMPATIBLE_ADCP_VERSIONS)[number];
|
|
|
29
29
|
* Full version information
|
|
30
30
|
*/
|
|
31
31
|
export declare const VERSION_INFO: {
|
|
32
|
-
readonly library: "6.16.
|
|
32
|
+
readonly library: "6.16.1";
|
|
33
33
|
readonly adcp: "3.0.8";
|
|
34
34
|
readonly compatibleVersions: readonly ["v2.5", "v2.6", "v3", "3.0.0-beta.1", "3.0.0-beta.3", "3.0.0", "3.0.1", "3.0.2", "3.0.3", "3.0.4", "3.0.5", "3.0.6", "3.0.7", "3.0.8"];
|
|
35
|
-
readonly generatedAt: "2026-05-
|
|
35
|
+
readonly generatedAt: "2026-05-09T18:38:45.261Z";
|
|
36
36
|
};
|
|
37
37
|
/**
|
|
38
38
|
* Get the AdCP specification version this library is built for
|
package/dist/lib/version.js
CHANGED
|
@@ -11,7 +11,7 @@ exports.parseAdcpMajorVersion = parseAdcpMajorVersion;
|
|
|
11
11
|
/**
|
|
12
12
|
* AdCP SDK library version
|
|
13
13
|
*/
|
|
14
|
-
exports.LIBRARY_VERSION = '6.16.
|
|
14
|
+
exports.LIBRARY_VERSION = '6.16.1';
|
|
15
15
|
/**
|
|
16
16
|
* AdCP specification version this library is built for
|
|
17
17
|
*/
|
|
@@ -45,10 +45,10 @@ exports.COMPATIBLE_ADCP_VERSIONS = [
|
|
|
45
45
|
* Full version information
|
|
46
46
|
*/
|
|
47
47
|
exports.VERSION_INFO = {
|
|
48
|
-
library: '6.16.
|
|
48
|
+
library: '6.16.1',
|
|
49
49
|
adcp: '3.0.8',
|
|
50
50
|
compatibleVersions: exports.COMPATIBLE_ADCP_VERSIONS,
|
|
51
|
-
generatedAt: '2026-05-
|
|
51
|
+
generatedAt: '2026-05-09T18:38:45.261Z',
|
|
52
52
|
};
|
|
53
53
|
/**
|
|
54
54
|
* Get the AdCP specification version this library is built for
|