@ai-sdk/google 3.0.80 → 3.0.82

package/CHANGELOG.md

@@ -1,5 +1,27 @@
 # @ai-sdk/google
 
+## 3.0.82
+
+### Patch Changes
+
+- 3258f22: fix(google): prevent prototype pollution when streaming tool args
+- bfa5864: fix: only send provider credentials to same-origin response-supplied URLs
+
+  Several provider clients followed a URL taken from the provider's API response (a polling/status URL or a final media URL such as `polling_url`, `urls.get`, `result_url`, `result.sample`, or `video.uri`) and reused the authenticated headers — or appended `?key=<API_KEY>` — on that request. Because the host of the response-supplied URL was never validated, the long-lived API key was sent to whatever host the response named (a CDN in the benign case, or an attacker-chosen host if the provider response was tampered with), allowing credential exfiltration.
+
+  A new `isSameOrigin` helper is added to `@ai-sdk/provider-utils`, and the affected fetches in `@ai-sdk/black-forest-labs`, `@ai-sdk/fireworks`, `@ai-sdk/replicate`, `@ai-sdk/gladia`, `@ai-sdk/fal`, and `@ai-sdk/google` now attach credentials only when the followed URL is same-origin with the provider's configured API origin. Requests to a foreign origin are made without the credential.
+
+- Updated dependencies [bfa5864]
+- Updated dependencies [f42aa79]
+  - @ai-sdk/provider-utils@4.0.29
+
+## 3.0.81
+
+### Patch Changes
+
+- Updated dependencies [942f2f8]
+  - @ai-sdk/provider-utils@4.0.28
+
 ## 3.0.80
 
 ### Patch Changes

package/dist/index.js

@@ -30,7 +30,7 @@ module.exports = __toCommonJS(index_exports);
 var import_provider_utils23 = require("@ai-sdk/provider-utils");
 
 // src/version.ts
-var VERSION = true ? "3.0.80" : "0.0.0-test";
+var VERSION = true ? "3.0.82" : "0.0.0-test";
 
 // src/google-generative-ai-embedding-model.ts
 var import_provider = require("@ai-sdk/provider");
@@ -1365,11 +1365,25 @@ function parsePath(rawPath) {
   }
   return segments;
 }
+var hasOwn = Object.prototype.hasOwnProperty;
+function hasOwnProperty(obj, key) {
+  return hasOwn.call(obj, key);
+}
+function defineOwnProperty(obj, key, value) {
+  Object.defineProperty(obj, key, {
+    value,
+    enumerable: true,
+    configurable: true,
+    writable: true
+  });
+}
 function getNestedValue(obj, segments) {
   let current = obj;
   for (const seg of segments) {
     if (current == null || typeof current !== "object") return void 0;
-    current = current[seg];
+    const currentRecord = current;
+    if (!hasOwnProperty(currentRecord, seg)) return void 0;
+    current = currentRecord[seg];
   }
   return current;
 }
@@ -1378,12 +1392,12 @@ function setNestedValue(obj, segments, value) {
   for (let i = 0; i < segments.length - 1; i++) {
     const seg = segments[i];
     const nextSeg = segments[i + 1];
-    if (current[seg] == null) {
-      current[seg] = typeof nextSeg === "number" ? [] : {};
+    if (!hasOwnProperty(current, seg) || current[seg] == null) {
+      defineOwnProperty(current, seg, typeof nextSeg === "number" ? [] : {});
     }
     current = current[seg];
   }
-  current[segments[segments.length - 1]] = value;
+  defineOwnProperty(current, segments[segments.length - 1], value);
 }
 function resolvePartialArgValue(arg) {
   var _a, _b;
@@ -3086,7 +3100,7 @@ var GoogleGenerativeAIVideoModel = class {
     const apiKey = resolvedHeaders == null ? void 0 : resolvedHeaders["x-goog-api-key"];
     for (const generatedSample of response.generateVideoResponse.generatedSamples) {
       if ((_h = generatedSample.video) == null ? void 0 : _h.uri) {
-        const urlWithAuth = apiKey ? `${generatedSample.video.uri}${generatedSample.video.uri.includes("?") ? "&" : "?"}key=${apiKey}` : generatedSample.video.uri;
+        const urlWithAuth = apiKey && (0, import_provider_utils15.isSameOrigin)(generatedSample.video.uri, this.config.baseURL) ? `${generatedSample.video.uri}${generatedSample.video.uri.includes("?") ? "&" : "?"}key=${apiKey}` : generatedSample.video.uri;
         videos.push({
           type: "url",
           url: urlWithAuth,