@ai-sdk/provider-utils 5.0.0-beta.30 → 5.0.0-beta.49

package/dist/index.js

@@ -489,6 +489,15 @@ function isFullMediaType(mediaType) {
   return subtype.length > 0 && subtype !== "*";
 }
 
+// src/cancel-response-body.ts
+async function cancelResponseBody(response) {
+  var _a2;
+  try {
+    await ((_a2 = response.body) == null ? void 0 : _a2.cancel());
+  } catch (e) {
+  }
+}
+
 // src/download-error.ts
 import { AISDKError } from "@ai-sdk/provider";
 var name = "AI_DownloadError";
@@ -514,59 +523,9 @@ var DownloadError = class extends (_b = AISDKError, _a = symbol, _b) {
   }
 };
 
-// src/read-response-with-size-limit.ts
-var DEFAULT_MAX_DOWNLOAD_SIZE = 2 * 1024 * 1024 * 1024;
-async function readResponseWithSizeLimit({
-  response,
-  url,
-  maxBytes = DEFAULT_MAX_DOWNLOAD_SIZE
-}) {
-  const contentLength = response.headers.get("content-length");
-  if (contentLength != null) {
-    const length = parseInt(contentLength, 10);
-    if (!isNaN(length) && length > maxBytes) {
-      throw new DownloadError({
-        url,
-        message: `Download of ${url} exceeded maximum size of ${maxBytes} bytes (Content-Length: ${length}).`
-      });
-    }
-  }
-  const body = response.body;
-  if (body == null) {
-    return new Uint8Array(0);
-  }
-  const reader = body.getReader();
-  const chunks = [];
-  let totalBytes = 0;
-  try {
-    while (true) {
-      const { done, value } = await reader.read();
-      if (done) {
-        break;
-      }
-      totalBytes += value.length;
-      if (totalBytes > maxBytes) {
-        throw new DownloadError({
-          url,
-          message: `Download of ${url} exceeded maximum size of ${maxBytes} bytes.`
-        });
-      }
-      chunks.push(value);
-    }
-  } finally {
-    try {
-      await reader.cancel();
-    } finally {
-      reader.releaseLock();
-    }
-  }
-  const result = new Uint8Array(totalBytes);
-  let offset = 0;
-  for (const chunk of chunks) {
-    result.set(chunk, offset);
-    offset += chunk.length;
-  }
-  return result;
+// src/is-browser-runtime.ts
+function isBrowserRuntime(globalThisAny = globalThis) {
+  return globalThisAny.window != null;
 }
 
 // src/validate-download-url.ts
@@ -589,7 +548,7 @@ function validateDownloadUrl(url) {
       message: `URL scheme must be http, https, or data, got ${parsed.protocol}`
     });
   }
-  const hostname = parsed.hostname;
+  const hostname = parsed.hostname.toLowerCase().replace(/\.+$/, "");
   if (!hostname) {
     throw new DownloadError({
       url,
@@ -632,54 +591,190 @@ function isIPv4(hostname) {
 }
 function isPrivateIPv4(ip) {
   const parts = ip.split(".").map(Number);
-  const [a, b] = parts;
+  const [a, b, c] = parts;
   if (a === 0) return true;
   if (a === 10) return true;
+  if (a === 100 && b >= 64 && b <= 127) return true;
   if (a === 127) return true;
   if (a === 169 && b === 254) return true;
   if (a === 172 && b >= 16 && b <= 31) return true;
+  if (a === 192 && b === 0 && c === 0) return true;
   if (a === 192 && b === 168) return true;
+  if (a === 198 && (b === 18 || b === 19)) return true;
+  if (a >= 240) return true;
   return false;
 }
-function isPrivateIPv6(ip) {
-  const normalized = ip.toLowerCase();
-  if (normalized === "::1") return true;
-  if (normalized === "::") return true;
-  if (normalized.startsWith("::ffff:")) {
-    const mappedPart = normalized.slice(7);
-    if (isIPv4(mappedPart)) {
-      return isPrivateIPv4(mappedPart);
-    }
-    const hexParts = mappedPart.split(":");
-    if (hexParts.length === 2) {
-      const high = parseInt(hexParts[0], 16);
-      const low = parseInt(hexParts[1], 16);
-      if (!isNaN(high) && !isNaN(low)) {
-        const a = high >> 8 & 255;
-        const b = high & 255;
-        const c = low >> 8 & 255;
-        const d = low & 255;
-        return isPrivateIPv4(`${a}.${b}.${c}.${d}`);
+function parseIPv6(ip) {
+  let address = ip.toLowerCase();
+  const zoneIndex = address.indexOf("%");
+  if (zoneIndex !== -1) {
+    address = address.slice(0, zoneIndex);
+  }
+  const halves = address.split("::");
+  if (halves.length > 2) return null;
+  const toGroups = (segment) => {
+    if (segment === "") return [];
+    const groups = [];
+    const parts = segment.split(":");
+    for (let i = 0; i < parts.length; i++) {
+      const part = parts[i];
+      if (part.includes(".")) {
+        if (i !== parts.length - 1 || !isIPv4(part)) return null;
+        const [a, b, c, d] = part.split(".").map(Number);
+        groups.push(a << 8 | b, c << 8 | d);
+        continue;
       }
+      if (!/^[0-9a-f]{1,4}$/.test(part)) return null;
+      groups.push(parseInt(part, 16));
     }
+    return groups;
+  };
+  const head = toGroups(halves[0]);
+  if (head === null) return null;
+  if (halves.length === 2) {
+    const tail = toGroups(halves[1]);
+    if (tail === null) return null;
+    const fill = 8 - head.length - tail.length;
+    if (fill < 0) return null;
+    return [...head, ...new Array(fill).fill(0), ...tail];
+  }
+  return head.length === 8 ? head : null;
+}
+function isPrivateIPv6(ip) {
+  const groups = parseIPv6(ip);
+  if (groups === null) return true;
+  const topZero = (count) => groups.slice(0, count).every((group) => group === 0);
+  if (topZero(7) && (groups[7] === 0 || groups[7] === 1)) return true;
+  if ((groups[0] & 65024) === 64512) return true;
+  if ((groups[0] & 65472) === 65152) return true;
+  if ((groups[0] & 65472) === 65216) return true;
+  if ((groups[0] & 65280) === 65280) return true;
+  const embedsIPv4 = (
+    // ::/96 — IPv4-compatible (deprecated)
+    topZero(6) || // ::ffff:0:0/96 — IPv4-mapped (ffff in group 5)
+    topZero(5) && groups[5] === 65535 || // ::ffff:0:0/96 — IPv4-translated form (ffff in group 4, group 5 zero)
+    topZero(4) && groups[4] === 65535 && groups[5] === 0 || // 64:ff9b::/96 — NAT64 well-known prefix
+    groups[0] === 100 && groups[1] === 65435 && groups[2] === 0 && groups[3] === 0 && groups[4] === 0 && groups[5] === 0 || // 64:ff9b:1::/48 — NAT64 local-use prefix
+    groups[0] === 100 && groups[1] === 65435 && groups[2] === 1
+  );
+  if (embedsIPv4) {
+    const a = groups[6] >> 8 & 255;
+    const b = groups[6] & 255;
+    const c = groups[7] >> 8 & 255;
+    const d = groups[7] & 255;
+    return isPrivateIPv4(`${a}.${b}.${c}.${d}`);
   }
-  if (normalized.startsWith("fc") || normalized.startsWith("fd")) return true;
-  if (normalized.startsWith("fe80")) return true;
   return false;
 }
 
+// src/fetch-with-validated-redirects.ts
+var MAX_DOWNLOAD_REDIRECTS = 10;
+async function fetchWithValidatedRedirects({
+  url,
+  headers,
+  abortSignal,
+  maxRedirects = MAX_DOWNLOAD_REDIRECTS
+}) {
+  const baseInit = { signal: abortSignal };
+  if (headers !== void 0) {
+    baseInit.headers = headers;
+  }
+  let currentUrl = url;
+  for (let redirectCount = 0; redirectCount <= maxRedirects; redirectCount++) {
+    validateDownloadUrl(currentUrl);
+    const response = await fetch(currentUrl, {
+      ...baseInit,
+      redirect: "manual"
+    });
+    if (response.type === "opaqueredirect") {
+      if (!isBrowserRuntime()) {
+        throw new DownloadError({
+          url,
+          message: `Redirect from ${currentUrl} could not be validated and was blocked`
+        });
+      }
+      return await fetch(currentUrl, { ...baseInit, redirect: "follow" });
+    }
+    const location = response.headers.get("location");
+    if (response.status >= 300 && response.status < 400 && location) {
+      await cancelResponseBody(response);
+      currentUrl = new URL(location, currentUrl).toString();
+      continue;
+    }
+    return response;
+  }
+  throw new DownloadError({
+    url,
+    message: `Too many redirects (max ${maxRedirects})`
+  });
+}
+
+// src/read-response-with-size-limit.ts
+var DEFAULT_MAX_DOWNLOAD_SIZE = 2 * 1024 * 1024 * 1024;
+async function readResponseWithSizeLimit({
+  response,
+  url,
+  maxBytes = DEFAULT_MAX_DOWNLOAD_SIZE
+}) {
+  const contentLength = response.headers.get("content-length");
+  if (contentLength != null) {
+    const length = parseInt(contentLength, 10);
+    if (!isNaN(length) && length > maxBytes) {
+      await cancelResponseBody(response);
+      throw new DownloadError({
+        url,
+        message: `Download of ${url} exceeded maximum size of ${maxBytes} bytes (Content-Length: ${length}).`
+      });
+    }
+  }
+  const body = response.body;
+  if (body == null) {
+    return new Uint8Array(0);
+  }
+  const reader = body.getReader();
+  const chunks = [];
+  let totalBytes = 0;
+  try {
+    while (true) {
+      const { done, value } = await reader.read();
+      if (done) {
+        break;
+      }
+      totalBytes += value.length;
+      if (totalBytes > maxBytes) {
+        throw new DownloadError({
+          url,
+          message: `Download of ${url} exceeded maximum size of ${maxBytes} bytes.`
+        });
+      }
+      chunks.push(value);
+    }
+  } finally {
+    try {
+      await reader.cancel();
+    } finally {
+      reader.releaseLock();
+    }
+  }
+  const result = new Uint8Array(totalBytes);
+  let offset = 0;
+  for (const chunk of chunks) {
+    result.set(chunk, offset);
+    offset += chunk.length;
+  }
+  return result;
+}
+
 // src/download-blob.ts
 async function downloadBlob(url, options) {
   var _a2, _b2;
-  validateDownloadUrl(url);
   try {
-    const response = await fetch(url, {
-      signal: options == null ? void 0 : options.abortSignal
+    const response = await fetchWithValidatedRedirects({
+      url,
+      abortSignal: options == null ? void 0 : options.abortSignal
     });
-    if (response.redirected) {
-      validateDownloadUrl(response.url);
-    }
     if (!response.ok) {
+      await cancelResponseBody(response);
       throw new DownloadError({
         url,
         statusCode: response.status,
@@ -701,6 +796,20 @@ async function downloadBlob(url, options) {
   }
 }
 
+// src/extract-lines.ts
+function extractLines({
+  text,
+  startLine,
+  endLine
+}) {
+  if (startLine == null && endLine == null) return text;
+  const lineEnding = text.includes("\r\n") ? "\r\n" : text.includes("\n") ? "\n" : text.includes("\r") ? "\r" : "\n";
+  const lines = text.split(lineEnding);
+  const start = Math.max(1, startLine != null ? startLine : 1) - 1;
+  const end = Math.min(lines.length, endLine != null ? endLine : lines.length);
+  return lines.slice(start, end).join(lineEnding);
+}
+
 // src/extract-response-headers.ts
 function extractResponseHeaders(response) {
   return Object.fromEntries([...response.headers]);
@@ -862,7 +971,7 @@ function withUserAgentSuffix(headers, ...userAgentSuffixParts) {
 }
 
 // src/version.ts
-var VERSION = true ? "5.0.0-beta.30" : "0.0.0-test";
+var VERSION = true ? "5.0.0-beta.49" : "0.0.0-test";
 
 // src/get-from-api.ts
 var getOriginalFetch = () => globalThis.fetch;
@@ -979,6 +1088,15 @@ function isBuffer(value) {
   return (_b2 = (_a2 = globalThis.Buffer) == null ? void 0 : _a2.isBuffer(value)) != null ? _b2 : false;
 }
 
+// src/is-same-origin.ts
+function isSameOrigin(url, baseUrl) {
+  try {
+    return new URL(url).origin === new URL(baseUrl).origin;
+  } catch (e) {
+    return false;
+  }
+}
+
 // src/is-non-nullable.ts
 function isNonNullable(value) {
   return value != null;
@@ -2134,16 +2252,18 @@ var parsePipelineDef = (def, refs) => {
   } else if (refs.pipeStrategy === "output") {
     return parseDef(def.out._def, refs);
   }
-  const a = parseDef(def.in._def, {
+  const inputSchema = parseDef(def.in._def, {
     ...refs,
     currentPath: [...refs.currentPath, "allOf", "0"]
   });
-  const b = parseDef(def.out._def, {
+  const outputSchema = parseDef(def.out._def, {
     ...refs,
-    currentPath: [...refs.currentPath, "allOf", a ? "1" : "0"]
+    currentPath: [...refs.currentPath, "allOf", inputSchema ? "1" : "0"]
   });
   return {
-    allOf: [a, b].filter((x) => x !== void 0)
+    allOf: [inputSchema, outputSchema].filter(
+      (schema) => schema !== void 0
+    )
   };
 };
 
@@ -2481,7 +2601,11 @@ function isSchema(value) {
   return typeof value === "object" && value !== null && schemaSymbol in value && value[schemaSymbol] === true && "jsonSchema" in value && "validate" in value;
 }
 function asSchema(schema) {
-  return schema == null ? jsonSchema({ properties: {}, additionalProperties: false }) : isSchema(schema) ? schema : "~standard" in schema ? schema["~standard"].vendor === "zod" ? zodSchema(schema) : standardSchema(schema) : schema();
+  return schema == null ? jsonSchema({
+    type: "object",
+    properties: {},
+    additionalProperties: false
+  }) : isSchema(schema) ? schema : "~standard" in schema ? schema["~standard"].vendor === "zod" ? zodSchema(schema) : standardSchema(schema) : schema();
 }
 function standardSchema(standardSchema2) {
   return jsonSchema(
@@ -3277,6 +3401,11 @@ function withoutTrailingSlash(url) {
   return url == null ? void 0 : url.replace(/\/$/, "");
 }
 
+// src/types/executable-tool.ts
+function isExecutableTool(tool2) {
+  return tool2 != null && typeof tool2.execute === "function";
+}
+
 // src/is-async-iterable.ts
 function isAsyncIterable(obj) {
   return obj != null && typeof obj[Symbol.asyncIterator] === "function";
@@ -3301,11 +3430,6 @@ async function* executeTool({
   }
 }
 
-// src/types/executable-tool.ts
-function isExecutableTool(tool2) {
-  return tool2 != null && typeof tool2.execute === "function";
-}
-
 // src/index.ts
 import { WORKFLOW_DESERIALIZE, WORKFLOW_SERIALIZE } from "@workflow/serde";
 import {
@@ -3322,6 +3446,7 @@ export {
   WORKFLOW_SERIALIZE,
   asArray,
   asSchema,
+  cancelResponseBody,
   combineHeaders,
   convertAsyncIteratorToReadableStream,
   convertBase64ToUint8Array,
@@ -3345,7 +3470,9 @@ export {
   downloadBlob,
   dynamicTool,
   executeTool,
+  extractLines,
   extractResponseHeaders,
+  fetchWithValidatedRedirects,
   filterNullable,
   generateId,
   getErrorMessage,
@@ -3354,6 +3481,7 @@ export {
   getTopLevelMediaType,
   injectJsonInstructionIntoMessages,
   isAbortError,
+  isBrowserRuntime,
   isBuffer,
   isCustomReasoning,
   isExecutableTool,
@@ -3361,6 +3489,7 @@ export {
   isNonNullable,
   isParsableJson,
   isProviderReference,
+  isSameOrigin,
   isUrlSupported,
   jsonSchema,
   lazySchema,