@asgard-js/react 0.0.43 → 0.0.44-canary.1

package/src/utils/extractors.ts

@@ -1,20 +0,0 @@
-export function extractRefs(obj: unknown): unknown[] {
-  const refs: unknown[] = [];
-
-  function traverse(o: unknown): void {
-    if (o && typeof o === 'object') {
-      if (Array.isArray(o)) {
-        for (const item of o) traverse(item);
-      } else {
-        for (const key of Object.keys(o))
-          traverse((o as Record<string, unknown>)[key]);
-      }
-    } else {
-      refs.push(o);
-    }
-  }
-
-  traverse(obj);
-
-  return refs;
-}

package/src/utils/format-time.ts

@@ -1,8 +0,0 @@
-export function formatTime(time: Date): string {
-  return time.toLocaleTimeString('zh-TW', {
-    timeZone: 'Asia/Taipei',
-    hour: '2-digit',
-    minute: '2-digit',
-    hour12: false,
-  });
-}

package/src/utils/index.ts

@@ -1 +0,0 @@
-export * from './format-time';

package/src/utils/is.ts

@@ -1,72 +0,0 @@
-/**
- * Performs a deep equality check between two values (primitive, array, plain object).
- * - Functions are compared by reference.
- * - No circular reference support.
- * - Returns true if deeply equal, false otherwise.
- */
-export function isEqual(a: unknown, b: unknown): boolean {
-  // Check for strict equality first (handles primitives and reference equality)
-  if (a === b) {
-    return true;
-  }
-
-  // Handle null cases
-  if (a === null || b === null) {
-    return a === b;
-  }
-
-  // Compare types
-  if (typeof a !== typeof b) {
-    return false;
-  }
-
-  // Handle arrays
-  if (Array.isArray(a) && Array.isArray(b)) {
-    if (a.length !== b.length) {
-      return false;
-    }
-
-    for (let i = 0; i < a.length; i++) {
-      if (!isEqual(a[i], b[i])) {
-        return false;
-      }
-    }
-
-    return true;
-  }
-
-  // If one is array and the other is not
-  if (Array.isArray(a) || Array.isArray(b)) {
-    return false;
-  }
-
-  // Handle objects (but not functions)
-  if (typeof a === 'object' && typeof b === 'object') {
-    const aKeys = Object.keys(a as object);
-    const bKeys = Object.keys(b as object);
-    if (aKeys.length !== bKeys.length) {
-      return false;
-    }
-
-    for (const key of aKeys) {
-      // Use Object.prototype.hasOwnProperty.call to be safe
-      if (!Object.prototype.hasOwnProperty.call(b, key)) {
-        return false;
-      }
-
-      if (
-        !isEqual(
-          (a as Record<string, unknown>)[key],
-          (b as Record<string, unknown>)[key]
-        )
-      ) {
-        return false;
-      }
-    }
-
-    return true;
-  }
-
-  // Fallback for functions, symbols, etc. (compare by reference)
-  return a === b;
-}

package/src/utils/selectors.ts

@@ -1,7 +0,0 @@
-import { BotProviderMetadataResponse } from '../models/bot-provider';
-
-export const annotationSelectorFromBotProviderMetadata = (
-  value: BotProviderMetadataResponse
-): Record<string, unknown> => {
-  return JSON.parse(value.annotations['asgard-ai.com/additional-annotation']);
-};

package/src/utils/uri-validation.spec.ts

@@ -1,208 +0,0 @@
-import { describe, it, expect, beforeEach, afterEach, vi } from 'vitest';
-import { isValidUri, safeWindowOpen } from './uri-validation';
-
-describe('URI Validation', () => {
-  let consoleWarnSpy: ReturnType<typeof vi.spyOn>;
-  let consoleErrorSpy: ReturnType<typeof vi.spyOn>;
-  let windowOpenSpy: ReturnType<typeof vi.spyOn>;
-
-  beforeEach(() => {
-    consoleWarnSpy = vi.spyOn(console, 'warn').mockImplementation(() => undefined);
-    consoleErrorSpy = vi.spyOn(console, 'error').mockImplementation(() => undefined);
-    windowOpenSpy = vi.spyOn(window, 'open').mockImplementation(() => null);
-  });
-
-  afterEach(() => {
-    consoleWarnSpy.mockRestore();
-    consoleErrorSpy.mockRestore();
-    windowOpenSpy.mockRestore();
-  });
-
-  describe('isValidUri', () => {
-    describe('should return false for null/undefined/empty values', () => {
-      it('should reject null', () => {
-        expect(isValidUri(null)).toBe(false);
-      });
-
-      it('should reject undefined', () => {
-        expect(isValidUri(undefined)).toBe(false);
-      });
-
-      it('should reject empty string', () => {
-        expect(isValidUri('')).toBe(false);
-      });
-
-      it('should reject whitespace-only string', () => {
-        expect(isValidUri('   ')).toBe(false);
-      });
-    });
-
-    describe('should accept safe protocols', () => {
-      it('should accept http URLs', () => {
-        expect(isValidUri('http://example.com')).toBe(true);
-        expect(isValidUri('HTTP://EXAMPLE.COM')).toBe(true);
-      });
-
-      it('should accept https URLs', () => {
-        expect(isValidUri('https://example.com')).toBe(true);
-        expect(isValidUri('HTTPS://EXAMPLE.COM')).toBe(true);
-      });
-
-      it('should accept mailto URLs', () => {
-        expect(isValidUri('mailto:test@example.com')).toBe(true);
-        expect(isValidUri('MAILTO:test@example.com')).toBe(true);
-      });
-
-      it('should accept tel URLs', () => {
-        expect(isValidUri('tel:+1234567890')).toBe(true);
-        expect(isValidUri('TEL:+1234567890')).toBe(true);
-      });
-    });
-
-    describe('should reject dangerous protocols', () => {
-      it('should reject javascript URLs', () => {
-        // eslint-disable-next-line no-script-url
-        const jsUri = 'javascript:alert("xss")';
-        // eslint-disable-next-line no-script-url
-        const jsUriUpper = 'JAVASCRIPT:alert("xss")';
-        expect(isValidUri(jsUri)).toBe(false);
-        expect(isValidUri(jsUriUpper)).toBe(false);
-        expect(consoleWarnSpy).toHaveBeenCalledWith(
-          expect.stringContaining('Blocked unknown protocol: javascript:')
-        );
-      });
-
-      it('should reject data URLs', () => {
-        expect(isValidUri('data:text/html,<script>alert("xss")</script>')).toBe(false);
-        expect(isValidUri('DATA:text/html,<script>alert("xss")</script>')).toBe(false);
-        expect(consoleWarnSpy).toHaveBeenCalledWith(
-          expect.stringContaining('Blocked dangerous protocol: data:')
-        );
-      });
-
-      it('should reject file URLs', () => {
-        expect(isValidUri('file:///etc/passwd')).toBe(false);
-        expect(isValidUri('FILE:///etc/passwd')).toBe(false);
-        expect(consoleWarnSpy).toHaveBeenCalledWith(
-          expect.stringContaining('Blocked dangerous protocol: file:')
-        );
-      });
-
-      it('should reject ftp URLs', () => {
-        expect(isValidUri('ftp://example.com')).toBe(false);
-        expect(isValidUri('FTP://example.com')).toBe(false);
-        expect(consoleWarnSpy).toHaveBeenCalledWith(
-          expect.stringContaining('Blocked dangerous protocol: ftp:')
-        );
-      });
-
-      it('should reject browser extension protocols', () => {
-        expect(isValidUri('chrome-extension://example')).toBe(false);
-        expect(isValidUri('moz-extension://example')).toBe(false);
-        expect(isValidUri('safari-extension://example')).toBe(false);
-      });
-    });
-
-    describe('should handle relative URLs', () => {
-      it('should accept absolute paths', () => {
-        expect(isValidUri('/path/to/resource')).toBe(true);
-      });
-
-      it('should accept relative paths', () => {
-        expect(isValidUri('./relative/path')).toBe(true);
-        expect(isValidUri('../parent/path')).toBe(true);
-      });
-
-      it('should accept protocol-less domains', () => {
-        expect(isValidUri('example.com')).toBe(true);
-        expect(isValidUri('subdomain.example.com')).toBe(true);
-      });
-    });
-
-    describe('should handle edge cases', () => {
-      it('should reject malformed URLs with unknown protocols', () => {
-        expect(isValidUri('unknown-protocol://example')).toBe(false);
-        expect(consoleWarnSpy).toHaveBeenCalledWith(
-          expect.stringContaining('Blocked unknown protocol: unknown-protocol:')
-        );
-      });
-
-      it('should handle URLs with special characters', () => {
-        expect(isValidUri('https://example.com/path?param=value&other=123')).toBe(true);
-        expect(isValidUri('https://example.com/path#fragment')).toBe(true);
-      });
-
-      it('should handle internationalized domain names', () => {
-        expect(isValidUri('https://例え.テスト')).toBe(true);
-      });
-
-      it('should reject completely malformed strings', () => {
-        expect(isValidUri('not-a-url-at-all')).toBe(true); // Treated as domain
-        expect(isValidUri('::invalid::')).toBe(false);
-        expect(consoleWarnSpy).toHaveBeenCalledWith(
-          expect.stringContaining('Invalid URI format'),
-          expect.any(Error)
-        );
-      });
-    });
-
-    describe('should handle protocol edge cases', () => {
-      it('should handle URLs with ports', () => {
-        expect(isValidUri('http://example.com:8080')).toBe(true);
-        expect(isValidUri('https://example.com:443')).toBe(true);
-      });
-
-      it('should handle URLs with authentication', () => {
-        expect(isValidUri('https://user:pass@example.com')).toBe(true);
-      });
-
-      it('should handle protocol-relative URLs', () => {
-        expect(isValidUri('//example.com')).toBe(true); // URL constructor treats this as valid
-      });
-    });
-  });
-
-  describe('safeWindowOpen', () => {
-    it('should open valid URLs', () => {
-      const mockWindow = {} as Window;
-      windowOpenSpy.mockReturnValue(mockWindow);
-
-      const result = safeWindowOpen('https://example.com', '_blank');
-
-      expect(windowOpenSpy).toHaveBeenCalledWith('https://example.com', '_blank', undefined);
-      expect(result).toBe(mockWindow);
-      expect(consoleErrorSpy).not.toHaveBeenCalled();
-    });
-
-    it('should block invalid URLs and return null', () => {
-      // eslint-disable-next-line no-script-url
-      const maliciousUri = 'javascript:alert("xss")';
-      const result = safeWindowOpen(maliciousUri, '_blank');
-
-      expect(windowOpenSpy).not.toHaveBeenCalled();
-      expect(result).toBe(null);
-      expect(consoleErrorSpy).toHaveBeenCalledWith(
-        `Blocked attempt to open unsafe URI: ${maliciousUri}`
-      );
-    });
-
-    it('should pass through all window.open parameters', () => {
-      const mockWindow = {} as Window;
-      windowOpenSpy.mockReturnValue(mockWindow);
-
-      safeWindowOpen('https://example.com', '_blank', 'width=800,height=600');
-
-      expect(windowOpenSpy).toHaveBeenCalledWith(
-        'https://example.com',
-        '_blank',
-        'width=800,height=600'
-      );
-    });
-
-    it('should handle null/undefined URIs', () => {
-      expect(safeWindowOpen(null)).toBe(null);
-      expect(safeWindowOpen(undefined)).toBe(null);
-      expect(windowOpenSpy).not.toHaveBeenCalled();
-    });
-  });
-});

package/src/utils/uri-validation.ts

@@ -1,103 +0,0 @@
-/**
- * URI validation utilities for preventing XSS attacks via malicious URIs
- */
-
-/**
- * Safe protocols that are allowed for external links
- */
-const SAFE_PROTOCOLS = ['http:', 'https:', 'mailto:', 'tel:'] as const;
-
-/**
- * Dangerous protocols that should be blocked to prevent XSS attacks
- */
-const DANGEROUS_PROTOCOLS = [
-  'data:',
-  'file:',
-  'ftp:',
-  'about:',
-  'chrome:',
-  'chrome-extension:',
-  'moz-extension:',
-  'safari-extension:',
-  'ms-browser-extension:',
-  'vbscript:',
-] as const;
-
-/**
- * Validates if a URI is safe to open with window.open()
- * 
- * @param uri - The URI to validate
- * @returns true if the URI is safe to open, false otherwise
- */
-export function isValidUri(uri: string | null | undefined): boolean {
-  // Handle null, undefined, or empty strings
-  if (!uri || typeof uri !== 'string' || uri.trim() === '') {
-    return false;
-  }
-
-  const trimmedUri = uri.trim();
-
-  try {
-    // Try to parse as URL to validate structure
-    const url = new URL(trimmedUri);
-    
-    // Check if protocol is in the safe list
-    const protocol = url.protocol.toLowerCase();
-    
-    if (SAFE_PROTOCOLS.includes(protocol as (typeof SAFE_PROTOCOLS)[number])) {
-      return true;
-    }
-    
-    // Log blocked dangerous protocols for debugging
-    if (DANGEROUS_PROTOCOLS.includes(protocol as (typeof DANGEROUS_PROTOCOLS)[number])) {
-      // eslint-disable-next-line no-console
-      console.warn(`Blocked dangerous protocol: ${protocol} in URI: ${trimmedUri}`);
-    } else {
-      // eslint-disable-next-line no-console
-      console.warn(`Blocked unknown protocol: ${protocol} in URI: ${trimmedUri}`);
-    }
-
-    return false;
-  } catch (error) {
-    // If URL parsing fails, try to handle relative URLs or special cases
-    if (trimmedUri.startsWith('/') || trimmedUri.startsWith('./') || trimmedUri.startsWith('../')) {
-      // Relative URLs are generally safe
-      return true;
-    }
-    
-    // Check for protocol-less URLs (e.g., "example.com")
-    if (!trimmedUri.includes(':') && !trimmedUri.startsWith('//')) {
-      // Looks like a domain without protocol, relatively safe
-      return true;
-    }
-    
-    // Log invalid URIs for debugging
-    // eslint-disable-next-line no-console
-    console.warn(`Invalid URI format: ${trimmedUri}`, error);
-
-    return false;
-  }
-}
-
-/**
- * Safely opens a URI after validation
- * 
- * @param uri - The URI to open
- * @param target - The window target (same as window.open target parameter)
- * @param features - Window features (same as window.open features parameter)
- * @returns The opened window reference or null if URI was blocked
- */
-export function safeWindowOpen(
-  uri: string | null | undefined,
-  target?: string,
-  features?: string
-): Window | null {
-  if (!isValidUri(uri)) {
-    // eslint-disable-next-line no-console
-    console.error(`Blocked attempt to open unsafe URI: ${uri}`);
-
-    return null;
-  }
-
-  return window.open(uri as string, target, features);
-}

package/tsconfig.json

@@ -1,16 +0,0 @@
-{
-  "files": [],
-  "include": [],
-  "references": [
-    {
-      "path": "../core"
-    },
-    {
-      "path": "./tsconfig.lib.json"
-    },
-    {
-      "path": "./tsconfig.spec.json"
-    }
-  ],
-  "extends": "../../tsconfig.base.json"
-}

package/tsconfig.lib.json

@@ -1,63 +0,0 @@
-{
-  "extends": "../../tsconfig.base.json",
-  "compilerOptions": {
-    "baseUrl": ".",
-    "paths": {
-      "src/*": ["src/*"],
-      "@asgard-js/core": ["../core/src/index.ts"]
-    },
-    "outDir": "out-tsc/react",
-    "types": [
-      "node",
-      "@nx/react/typings/cssmodule.d.ts",
-      "@nx/react/typings/image.d.ts",
-      "@types/dom-speech-recognition",
-      "vite-plugin-svgr/client",
-      "vite/client"
-    ],
-    "jsx": "react-jsx",
-    "module": "esnext",
-    "moduleResolution": "bundler",
-    "tsBuildInfoFile": "out-tsc/react/tsconfig.lib.tsbuildinfo"
-  },
-  "exclude": [
-    "out-tsc",
-    "dist",
-    "**/*.spec.ts",
-    "**/*.test.ts",
-    "**/*.spec.tsx",
-    "**/*.test.tsx",
-    "**/*.spec.js",
-    "**/*.test.js",
-    "**/*.spec.jsx",
-    "**/*.test.jsx",
-    "vite.config.ts",
-    "vite.config.mts",
-    "vitest.config.ts",
-    "vitest.config.mts",
-    "src/**/*.test.ts",
-    "src/**/*.spec.ts",
-    "src/**/*.test.tsx",
-    "src/**/*.spec.tsx",
-    "src/**/*.test.js",
-    "src/**/*.spec.js",
-    "src/**/*.test.jsx",
-    "src/**/*.spec.jsx",
-    "eslint.config.js",
-    "eslint.config.cjs",
-    "eslint.config.mjs",
-    "../../packages/core/dist"
-  ],
-  "include": [
-    "src/**/*.js",
-    "src/**/*.jsx",
-    "src/**/*.ts",
-    "src/**/*.tsx",
-    "../../packages/core/**/*.ts"
-  ],
-  "references": [
-    {
-      "path": "../core/tsconfig.lib.json"
-    }
-  ]
-}

package/tsconfig.spec.json

@@ -1,36 +0,0 @@
-{
-  "extends": "../../tsconfig.base.json",
-  "compilerOptions": {
-    "outDir": "./out-tsc/vitest",
-    "types": [
-      "vitest/globals",
-      "vitest/importMeta",
-      "vite/client",
-      "node",
-      "vitest"
-    ],
-    "jsx": "react-jsx",
-    "module": "esnext",
-    "moduleResolution": "bundler"
-  },
-  "include": [
-    "vite.config.ts",
-    "vite.config.mts",
-    "vitest.config.ts",
-    "vitest.config.mts",
-    "src/**/*.test.ts",
-    "src/**/*.spec.ts",
-    "src/**/*.test.tsx",
-    "src/**/*.spec.tsx",
-    "src/**/*.test.js",
-    "src/**/*.spec.js",
-    "src/**/*.test.jsx",
-    "src/**/*.spec.jsx",
-    "src/**/*.d.ts"
-  ],
-  "references": [
-    {
-      "path": "./tsconfig.lib.json"
-    }
-  ]
-}

package/tsconfig.tsbuildinfo

@@ -1 +0,0 @@
-{"fileNames":[],"fileInfos":[],"root":[],"options":{"allowJs":false,"allowSyntheticDefaultImports":true,"composite":true,"declaration":true,"declarationMap":true,"emitDeclarationOnly":true,"emitDecoratorMetadata":false,"esModuleInterop":true,"experimentalDecorators":false,"importHelpers":true,"module":99,"noEmitOnError":true,"noFallthroughCasesInSwitch":true,"noImplicitOverride":true,"noImplicitReturns":true,"noUnusedLocals":true,"removeComments":false,"rootDir":"../..","skipDefaultLibCheck":false,"skipLibCheck":true,"sourceMap":false,"strict":true,"target":99,"verbatimModuleSyntax":false},"version":"5.6.3"}

package/vite.config.ts

@@ -1,63 +0,0 @@
-/// <reference types='vitest' />
-import { defineConfig } from 'vite';
-import react from '@vitejs/plugin-react';
-import dts from 'vite-plugin-dts';
-import svgr from 'vite-plugin-svgr';
-import * as path from 'path';
-
-export default defineConfig({
-  root: __dirname,
-  cacheDir: '../../node_modules/.vite/packages/react',
-  resolve: {
-    alias: {
-      src: path.resolve(__dirname, 'src'),
-    },
-  },
-  plugins: [
-    react(),
-    svgr(),
-    dts({
-      entryRoot: 'src',
-      tsconfigPath: path.join(__dirname, 'tsconfig.lib.json'),
-    }),
-  ],
-  // Uncomment this if you are using workers.
-  // worker: {
-  //  plugins: [ nxViteTsPaths() ],
-  // },
-  // Configuration for building your library.
-  // See: https://vitejs.dev/guide/build.html#library-mode
-  build: {
-    outDir: './dist',
-    emptyOutDir: true,
-    reportCompressedSize: true,
-    commonjsOptions: {
-      transformMixedEsModules: true,
-    },
-    lib: {
-      // Could also be a dictionary or array of multiple entry points.
-      entry: 'src/index.ts',
-      name: '@asgard-js/react',
-      fileName: 'index',
-      // Change this to the formats you want to support.
-      // Don't forget to update your package.json as well.
-      formats: ['es'],
-    },
-    rollupOptions: {
-      // External packages that should not be bundled into your library.
-      external: ['react', 'react-dom', 'react/jsx-runtime', '@asgard-js/core'],
-    },
-  },
-  test: {
-    watch: false,
-    globals: true,
-    environment: 'jsdom',
-    setupFiles: ['src/test-setup.ts'],
-    include: ['src/**/*.{test,spec}.{js,mjs,cjs,ts,mts,cts,jsx,tsx}'],
-    reporters: ['default'],
-    coverage: {
-      reportsDirectory: './test-output/vitest/coverage',
-      provider: 'v8',
-    },
-  },
-});