@easynet/agent-tool 1.0.80 → 1.0.82

package/dist/index.js

@@ -1,93 +1,12 @@
-import './chunk-FWWN4D2F.js';
-import { createContextRunner, createDynamicImportAdapter, getGroupNamePrefixes, overrideWithConfig, resolveExtensionPackageRoot, registerExtension, generateExtensionManifest, generateManifest, createExtension } from './chunk-S4X4NJIP.js';
-import { isIpInBlockedCidrs, validateUrl } from './chunk-NKYFYALQ.js';
-import './chunk-YLWTSNTT.js';
-import './chunk-DEDDPMBU.js';
-export { createLangChainAgentTools, createMcpServer, createOpenAPIServer, langchainApi, mcpApi, openApi, runtimeApi } from './chunk-DVYM6VRD.js';
-import { loadToolYaml, loadExtensionManifest, registerToolsFromManifest } from './chunk-JZ6LKSAS.js';
-import { runMCPServer, buildMCPPackage, initProject } from './chunk-VYULM6NC.js';
-import { loadToolConfig } from './chunk-42UNSIZJ.js';
-export { createMCPServer, createMCPServerStreamableHttp, createMCPStreamableHttpHandler, createRuntimeFromConfig, createRuntimeFromConfigSync, runMCPServerOverStdio } from './chunk-42UNSIZJ.js';
+export { createMcpServer, createOpenAPIServer } from './chunk-GYN3JAMK.js';
+import './chunk-NEMGE573.js';
+import './chunk-EHFXS4WP.js';
 import './chunk-NTWOVFEY.js';
-import './chunk-Q6W32HAP.js';
-import { scan, scanForTools } from './chunk-HEVWKBBQ.js';
-import { setSandboxValidationEnabled, resolveSandboxedPath } from './chunk-QXQ4477T.js';
-import { ToolRegistry } from './chunk-WUMLZERG.js';
-export { ToolRegistry } from './chunk-WUMLZERG.js';
-import { isRetryable, withRetry, createTaggedError } from './chunk-RZTTO5MQ.js';
-export { createTaggedError, isRetryable, withRetry } from './chunk-RZTTO5MQ.js';
-import { DEFAULT_OUTPUT_SCHEMA, DEFAULT_INPUT_SCHEMA, createToolSpec } from './chunk-ODEHUAR4.js';
-import { resolve } from 'path';
-import { deepMerge } from '@easynet/agent-common';
-
-// src/config/ref.ts
-function asObject(input) {
-  return typeof input === "object" && input !== null ? input : void 0;
-}
-function normalizeAgentToolConfigRef(raw) {
-  if (typeof raw === "string" && raw.trim().length > 0) return { ref: raw.trim() };
-  const obj = asObject(raw);
-  if (!obj) return {};
-  const out = {};
-  if (typeof obj.ref === "string" && obj.ref.trim().length > 0) out.ref = obj.ref.trim();
-  if (typeof obj.development === "string" && obj.development.trim().length > 0) out.development = obj.development.trim();
-  if (typeof obj.production === "string" && obj.production.trim().length > 0) out.production = obj.production.trim();
-  return out;
-}
-
-// src/config/index.ts
-function loadToolRuntimeConfig(options = {}) {
-  const configPath = resolve(options.configPath ?? "config/tool.yaml");
-  return loadToolConfig(configPath);
-}
-function createToolConfig(options = {}) {
-  const base = loadToolRuntimeConfig(options);
-  if (!options.overrides) return base;
-  return deepMerge({}, base, options.overrides);
-}
-
-// src/index.ts
-var platformApi = {
-  build: {
-    initProject,
-    buildMCPPackage,
-    runMCPServer,
-    scanForTools,
-    scan
-  },
-  extension: {
-    createExtension,
-    generateManifest,
-    generateExtensionManifest,
-    registerExtension,
-    registerToolsFromManifest,
-    loadExtensionManifest,
-    loadToolYaml,
-    resolveExtensionPackageRoot,
-    overrideWithConfig,
-    getGroupNamePrefixes,
-    createDynamicImportAdapter,
-    createContextRunner
-  },
-  security: {
-    resolveSandboxedPath,
-    setSandboxValidationEnabled,
-    validateUrl,
-    isIpInBlockedCidrs
-  },
-  core: {
-    createToolSpec,
-    DEFAULT_INPUT_SCHEMA,
-    DEFAULT_OUTPUT_SCHEMA
-  },
-  runtime: {
-    createTaggedError,
-    withRetry,
-    isRetryable,
-    ToolRegistry
-  }
-};
-
-export { createToolConfig, loadToolRuntimeConfig, normalizeAgentToolConfigRef, platformApi };
+import './chunk-3D7XYAZO.js';
+import './chunk-HEVWKBBQ.js';
+import './chunk-QXQ4477T.js';
+import './chunk-WUMLZERG.js';
+import './chunk-RZTTO5MQ.js';
+import './chunk-ODEHUAR4.js';
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/config/ref.ts","../src/config/index.ts","../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAOA,SAAS,SAAS,KAAA,EAAqD;AACrE,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAY,KAAA,KAAU,OAAQ,KAAA,GAAoC,MAAA;AAC5F;AAGO,SAAS,4BAA4B,GAAA,EAA2C;AACrF,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,GAAA,CAAI,IAAA,EAAK,CAAE,MAAA,GAAS,CAAA,EAAG,OAAO,EAAE,GAAA,EAAK,GAAA,CAAI,MAAK,EAAE;AAC/E,EAAA,MAAM,GAAA,GAAM,SAAS,GAAG,CAAA;AACxB,EAAA,IAAI,CAAC,GAAA,EAAK,OAAO,EAAC;AAElB,EAAA,MAAM,MAAmC,EAAC;AAC1C,EAAA,IAAI,OAAO,GAAA,CAAI,GAAA,KAAQ,QAAA,IAAY,IAAI,GAAA,CAAI,IAAA,EAAK,CAAE,MAAA,GAAS,CAAA,EAAG,GAAA,CAAI,GAAA,GAAM,GAAA,CAAI,IAAI,IAAA,EAAK;AACrF,EAAA,IAAI,OAAO,GAAA,CAAI,WAAA,KAAgB,QAAA,IAAY,IAAI,WAAA,CAAY,IAAA,EAAK,CAAE,MAAA,GAAS,CAAA,EAAG,GAAA,CAAI,WAAA,GAAc,GAAA,CAAI,YAAY,IAAA,EAAK;AACrH,EAAA,IAAI,OAAO,GAAA,CAAI,UAAA,KAAe,QAAA,IAAY,IAAI,UAAA,CAAW,IAAA,EAAK,CAAE,MAAA,GAAS,CAAA,EAAG,GAAA,CAAI,UAAA,GAAa,GAAA,CAAI,WAAW,IAAA,EAAK;AACjH,EAAA,OAAO,GAAA;AACT;;;ACPO,SAAS,qBAAA,CAAsB,OAAA,GAAiC,EAAC,EAAkB;AACxF,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,OAAA,CAAQ,UAAA,IAAc,kBAAkB,CAAA;AACnE,EAAA,OAAO,eAAe,UAAU,CAAA;AAClC;AAEO,SAAS,gBAAA,CAAiB,OAAA,GAAmC,EAAC,EAAkB;AACrF,EAAA,MAAM,IAAA,GAAO,sBAAsB,OAAO,CAAA;AAC1C,EAAA,IAAI,CAAC,OAAA,CAAQ,SAAA,EAAW,OAAO,IAAA;AAC/B,EAAA,OAAO,SAAA,CAAU,EAAC,EAAoB,IAAA,EAAM,QAAQ,SAAS,CAAA;AAC/D;;;ACgEO,IAAM,WAAA,GAAc;AAAA,EACzB,KAAA,EAAO;AAAA,IACL,WAAA;AAAA,IACA,eAAA;AAAA,IACA,YAAA;AAAA,IACA,YAAA;AAAA,IACA;AAAA,GACF;AAAA,EACA,SAAA,EAAW;AAAA,IACT,eAAA;AAAA,IACA,gBAAA;AAAA,IACA,yBAAA;AAAA,IACA,iBAAA;AAAA,IACA,yBAAA;AAAA,IACA,qBAAA;AAAA,IACA,YAAA;AAAA,IACA,2BAAA;AAAA,IACA,kBAAA;AAAA,IACA,oBAAA;AAAA,IACA,0BAAA;AAAA,IACA;AAAA,GACF;AAAA,EACA,QAAA,EAAU;AAAA,IACR,oBAAA;AAAA,IACA,2BAAA;AAAA,IACA,WAAA;AAAA,IACA;AAAA,GACF;AAAA,EACA,IAAA,EAAM;AAAA,IACJ,cAAA;AAAA,IACA,oBAAA;AAAA,IACA;AAAA,GACF;AAAA,EACA,OAAA,EAAS;AAAA,IACP,iBAAA;AAAA,IACA,SAAA;AAAA,IACA,WAAA;AAAA,IACA;AAAA;AAEJ","file":"index.js","sourcesContent":["/** Agent-level reference to tool config files by environment. */\nexport interface AgentToolConfigRef {\n  ref?: string;\n  development?: string;\n  production?: string;\n}\n\nfunction asObject(input: unknown): Record<string, unknown> | undefined {\n  return typeof input === \"object\" && input !== null ? (input as Record<string, unknown>) : undefined;\n}\n\n/** Normalize unknown value to AgentToolConfigRef. */\nexport function normalizeAgentToolConfigRef(raw: unknown): Partial<AgentToolConfigRef> {\n  if (typeof raw === \"string\" && raw.trim().length > 0) return { ref: raw.trim() };\n  const obj = asObject(raw);\n  if (!obj) return {};\n\n  const out: Partial<AgentToolConfigRef> = {};\n  if (typeof obj.ref === \"string\" && obj.ref.trim().length > 0) out.ref = obj.ref.trim();\n  if (typeof obj.development === \"string\" && obj.development.trim().length > 0) out.development = obj.development.trim();\n  if (typeof obj.production === \"string\" && obj.production.trim().length > 0) out.production = obj.production.trim();\n  return out;\n}\n","import { resolve } from \"node:path\";\nimport { deepMerge } from \"@easynet/agent-common\";\nimport { loadToolConfig, type ToolYamlShape } from \"../tools/util/toolConfig.js\";\n\nexport { normalizeAgentToolConfigRef } from \"./ref.js\";\nexport type { AgentToolConfigRef } from \"./ref.js\";\n\nexport interface LoadToolConfigOptions {\n  configPath?: string;\n}\n\nexport interface CreateToolConfigOptions extends LoadToolConfigOptions {\n  overrides?: Partial<ToolYamlShape>;\n}\n\nexport function loadToolRuntimeConfig(options: LoadToolConfigOptions = {}): ToolYamlShape {\n  const configPath = resolve(options.configPath ?? \"config/tool.yaml\");\n  return loadToolConfig(configPath);\n}\n\nexport function createToolConfig(options: CreateToolConfigOptions = {}): ToolYamlShape {\n  const base = loadToolRuntimeConfig(options);\n  if (!options.overrides) return base;\n  return deepMerge({} as ToolYamlShape, base, options.overrides);\n}\n","/**\n * Minimal public API for @easynet/agent-tool.\n * Keep root exports focused on high-level runtime/server creation.\n */\n\n// High-level API (most users should import from @easynet/agent-tool/api)\nexport {\n  createLangChainAgentTools,\n  createMcpServer,\n  createOpenAPIServer,\n  createMCPServer,\n  runMCPServerOverStdio,\n  createMCPStreamableHttpHandler,\n  createMCPServerStreamableHttp,\n  createRuntimeFromConfig,\n  createRuntimeFromConfigSync,\n  langchainApi,\n  runtimeApi,\n  mcpApi,\n  openApi,\n} from \"./api/main.js\";\nexport type {\n  CreateAgentToolsOptions,\n  CreateRuntimeOptions,\n  CreateRuntimeResult,\n  MCPServerOptions,\n  MCPServerResult,\n  McpServer,\n  CreateMCPServerStreamableHttpOptions,\n  MCPServerStreamableHttpResult,\n  CreateHttpServiceOptions,\n  HttpServiceResult,\n  OpenAPIExpressApp,\n  OpenAPIHttpServerOptions,\n} from \"./api/main.js\";\nexport type { AgentToolConfigRef } from \"./config/index.js\";\nexport {\n  normalizeAgentToolConfigRef,\n  loadToolRuntimeConfig,\n  createToolConfig,\n} from \"./config/index.js\";\nexport type { LoadToolConfigOptions, CreateToolConfigOptions } from \"./config/index.js\";\n\n// Backward compatibility: older extensions import runtime helpers from package root.\nexport { createTaggedError, withRetry, isRetryable, ToolRegistry } from \"./core/runtime.js\";\n\nimport {\n  initProject,\n  buildMCPPackage,\n  runMCPServer,\n  scanForTools,\n  scan,\n} from \"./build.js\";\nimport {\n  createExtension,\n  generateManifest,\n  generateExtensionManifest,\n  registerExtension,\n  registerToolsFromManifest,\n  loadExtensionManifest,\n  loadToolYaml,\n  resolveExtensionPackageRoot,\n  overrideWithConfig,\n  getGroupNamePrefixes,\n  createDynamicImportAdapter,\n  createContextRunner,\n} from \"./extension.js\";\nimport {\n  resolveSandboxedPath,\n  setSandboxValidationEnabled,\n  validateUrl,\n  isIpInBlockedCidrs,\n} from \"./security.js\";\nimport {\n  createToolSpec,\n  DEFAULT_INPUT_SCHEMA,\n  DEFAULT_OUTPUT_SCHEMA,\n} from \"./core/index.js\";\nimport {\n  createTaggedError,\n  withRetry,\n  isRetryable,\n  ToolRegistry,\n} from \"./core/runtime.js\";\n\n/**\n * Facade: grouped utilities beyond runtime/server creation.\n */\nexport const platformApi = {\n  build: {\n    initProject,\n    buildMCPPackage,\n    runMCPServer,\n    scanForTools,\n    scan,\n  },\n  extension: {\n    createExtension,\n    generateManifest,\n    generateExtensionManifest,\n    registerExtension,\n    registerToolsFromManifest,\n    loadExtensionManifest,\n    loadToolYaml,\n    resolveExtensionPackageRoot,\n    overrideWithConfig,\n    getGroupNamePrefixes,\n    createDynamicImportAdapter,\n    createContextRunner,\n  },\n  security: {\n    resolveSandboxedPath,\n    setSandboxValidationEnabled,\n    validateUrl,\n    isIpInBlockedCidrs,\n  },\n  core: {\n    createToolSpec,\n    DEFAULT_INPUT_SCHEMA,\n    DEFAULT_OUTPUT_SCHEMA,\n  },\n  runtime: {\n    createTaggedError,\n    withRetry,\n    isRetryable,\n    ToolRegistry,\n  },\n} as const;\n"]}
+{"version":3,"sources":[],"names":[],"mappings":"","file":"index.js"}

package/dist/observability/Logger.d.ts

@@ -1,3 +1,4 @@
+export { summarizeForLog } from "@easynet/agent-common";
 export type LogLevel = "silent" | "error" | "warn" | "info" | "debug" | "trace";
 export interface DebugOptions {
     enabled?: boolean;
@@ -29,5 +30,4 @@ export interface Logger {
 export declare function createLogger(options?: DebugOptions): Logger;
 export declare function resolveDebugOptions(options?: DebugOptions): ResolvedDebugOptions;
 export declare function sanitizeForLog(value: unknown, maxLen?: number): string;
-export declare function summarizeForLog(value: unknown, maxLen?: number): string;
 //# sourceMappingURL=Logger.d.ts.map

package/dist/observability/Logger.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"Logger.d.ts","sourceRoot":"","sources":["../../src/observability/Logger.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,QAAQ,GAAG,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,OAAO,CAAC;AAEhF,MAAM,WAAW,YAAY;IAC3B,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,KAAK,CAAC,EAAE,QAAQ,CAAC;IACjB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE,QAAQ,CAAC;IAChB,WAAW,EAAE,OAAO,CAAC;IACrB,cAAc,EAAE,OAAO,CAAC;IACxB,UAAU,EAAE,OAAO,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,MAAM;IACrB,OAAO,EAAE,oBAAoB,CAAC;IAC9B,SAAS,CAAC,KAAK,EAAE,QAAQ,GAAG,OAAO,CAAC;IACpC,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC7D,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC5D,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC5D,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC7D,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;CAC9D;AAWD,wBAAgB,YAAY,CAAC,OAAO,GAAE,YAAiB,GAAG,MAAM,CAoC/D;AAED,wBAAgB,mBAAmB,CAAC,OAAO,GAAE,YAAiB,GAAG,oBAAoB,CAgBpF;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,OAAO,EAAE,MAAM,SAAM,GAAG,MAAM,CAMnE;AAED,wBAAgB,eAAe,CAAC,KAAK,EAAE,OAAO,EAAE,MAAM,SAAM,GAAG,MAAM,CAkBpE"}
+{"version":3,"file":"Logger.d.ts","sourceRoot":"","sources":["../../src/observability/Logger.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAExD,MAAM,MAAM,QAAQ,GAAG,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,OAAO,CAAC;AAEhF,MAAM,WAAW,YAAY;IAC3B,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,KAAK,CAAC,EAAE,QAAQ,CAAC;IACjB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE,QAAQ,CAAC;IAChB,WAAW,EAAE,OAAO,CAAC;IACrB,cAAc,EAAE,OAAO,CAAC;IACxB,UAAU,EAAE,OAAO,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,MAAM;IACrB,OAAO,EAAE,oBAAoB,CAAC;IAC9B,SAAS,CAAC,KAAK,EAAE,QAAQ,GAAG,OAAO,CAAC;IACpC,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC7D,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC5D,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC5D,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC7D,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;CAC9D;AAWD,wBAAgB,YAAY,CAAC,OAAO,GAAE,YAAiB,GAAG,MAAM,CAoC/D;AAED,wBAAgB,mBAAmB,CAAC,OAAO,GAAE,YAAiB,GAAG,oBAAoB,CAgBpF;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,OAAO,EAAE,MAAM,SAAM,GAAG,MAAM,CAMnE"}

package/dist/security.cjs

@@ -1,19 +1,184 @@
 'use strict';
 
-var chunkR55NXJIH_cjs = require('./chunk-R55NXJIH.cjs');
 var chunkZDSZHEQU_cjs = require('./chunk-ZDSZHEQU.cjs');
-require('./chunk-XPGHS4W7.cjs');
+var chunkXPGHS4W7_cjs = require('./chunk-XPGHS4W7.cjs');
+var promises = require('dns/promises');
 
+async function validateUrl(url, options) {
+  let parsed;
+  try {
+    parsed = new URL(url);
+  } catch {
+    throw chunkXPGHS4W7_cjs.createTaggedError(
+      "HTTP_DISALLOWED_HOST",
+      `Invalid URL: ${url}`,
+      { url }
+    );
+  }
+  if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
+    throw chunkXPGHS4W7_cjs.createTaggedError(
+      "HTTP_DISALLOWED_HOST",
+      `Protocol not allowed: ${parsed.protocol}. Only http: and https: are supported.`,
+      { url, protocol: parsed.protocol }
+    );
+  }
+  const hostname = parsed.hostname;
+  if (!isHostAllowed(hostname, options.allowedHosts)) {
+    throw chunkXPGHS4W7_cjs.createTaggedError(
+      "HTTP_DISALLOWED_HOST",
+      `Host "${hostname}" is not in the allowed hosts list`,
+      { url, hostname, allowedHosts: options.allowedHosts }
+    );
+  }
+  if (isHostBlocked(hostname, options.blockedHosts)) {
+    throw chunkXPGHS4W7_cjs.createTaggedError(
+      "HTTP_DISALLOWED_HOST",
+      `Host "${hostname}" is in the blocked hosts list`,
+      { url, hostname, blockedHosts: options.blockedHosts }
+    );
+  }
+  try {
+    const { address } = await promises.lookup(hostname);
+    if (isIpInBlockedCidrs(address, options.blockedCidrs)) {
+      throw chunkXPGHS4W7_cjs.createTaggedError(
+        "HTTP_DISALLOWED_HOST",
+        `Host "${hostname}" resolves to blocked IP: ${address}`,
+        { url, hostname, resolvedIp: address }
+      );
+    }
+  } catch (err) {
+    if (err instanceof Error && err.kind === "HTTP_DISALLOWED_HOST") {
+      throw err;
+    }
+    throw chunkXPGHS4W7_cjs.createTaggedError(
+      "HTTP_DISALLOWED_HOST",
+      `DNS resolution failed for host "${hostname}": ${err instanceof Error ? err.message : String(err)}`,
+      { url, hostname }
+    );
+  }
+  return parsed;
+}
+function isHostAllowed(hostname, allowedHosts) {
+  for (const pattern of allowedHosts) {
+    if (pattern === "*") {
+      return true;
+    }
+    if (pattern.startsWith("*.")) {
+      const suffix = pattern.slice(1);
+      if (hostname.endsWith(suffix) || hostname === pattern.slice(2)) {
+        return true;
+      }
+    } else if (hostname === pattern) {
+      return true;
+    }
+  }
+  return false;
+}
+function isHostBlocked(hostname, blockedHosts) {
+  for (const pattern of blockedHosts) {
+    if (pattern === "*") {
+      return true;
+    }
+    if (pattern.startsWith("*.")) {
+      const suffix = pattern.slice(1);
+      if (hostname.endsWith(suffix) || hostname === pattern.slice(2)) {
+        return true;
+      }
+    } else if (hostname === pattern) {
+      return true;
+    }
+  }
+  return false;
+}
+function isIpInBlockedCidrs(ip, cidrs) {
+  const normalizedIp = normalizeIp(ip);
+  if (!normalizedIp) return false;
+  for (const cidr of cidrs) {
+    if (cidr.includes(":")) {
+      if (!ip.includes(":")) continue;
+      if (isIpv6InCidr(ip, cidr)) return true;
+    } else {
+      if (isIpv4InCidr(normalizedIp, cidr)) return true;
+    }
+  }
+  return false;
+}
+function normalizeIp(ip) {
+  if (ip.startsWith("::ffff:")) {
+    return ip.slice(7);
+  }
+  if (/^\d+\.\d+\.\d+\.\d+$/.test(ip)) {
+    return ip;
+  }
+  return null;
+}
+function isIpv4InCidr(ip, cidr) {
+  const [cidrIp, prefixStr] = cidr.split("/");
+  if (!cidrIp || !prefixStr) return false;
+  const prefix = parseInt(prefixStr, 10);
+  if (isNaN(prefix) || prefix < 0 || prefix > 32) return false;
+  const ipNum = ipv4ToNum(ip);
+  const cidrNum = ipv4ToNum(cidrIp);
+  if (ipNum === null || cidrNum === null) return false;
+  const mask = prefix === 0 ? 0 : -1 << 32 - prefix >>> 0;
+  return (ipNum & mask) === (cidrNum & mask);
+}
+function ipv4ToNum(ip) {
+  const parts = ip.split(".");
+  if (parts.length !== 4) return null;
+  let num = 0;
+  for (const part of parts) {
+    const n = parseInt(part, 10);
+    if (isNaN(n) || n < 0 || n > 255) return null;
+    num = num << 8 | n;
+  }
+  return num >>> 0;
+}
+function isIpv6InCidr(ip, cidr) {
+  const [cidrIp, prefixStr] = cidr.split("/");
+  if (!cidrIp || !prefixStr) return false;
+  const prefix = parseInt(prefixStr, 10);
+  if (isNaN(prefix)) return false;
+  const ipBytes = expandIpv6(ip);
+  const cidrBytes = expandIpv6(cidrIp);
+  if (!ipBytes || !cidrBytes) return false;
+  const fullBytes = Math.floor(prefix / 8);
+  for (let i = 0; i < fullBytes && i < 16; i++) {
+    if (ipBytes[i] !== cidrBytes[i]) return false;
+  }
+  const remainingBits = prefix % 8;
+  if (remainingBits > 0 && fullBytes < 16) {
+    const mask = -1 << 8 - remainingBits & 255;
+    if ((ipBytes[fullBytes] & mask) !== (cidrBytes[fullBytes] & mask)) return false;
+  }
+  return true;
+}
+function expandIpv6(ip) {
+  const zoneIdx = ip.indexOf("%");
+  if (zoneIdx !== -1) ip = ip.slice(0, zoneIdx);
+  const parts = ip.split("::");
+  if (parts.length > 2) return null;
+  const bytes = new Array(16).fill(0);
+  const expandGroup = (group) => {
+    if (!group) return [];
+    return group.split(":").flatMap((hex) => {
+      const val = parseInt(hex || "0", 16);
+      return [val >> 8 & 255, val & 255];
+    });
+  };
+  if (parts.length === 1) {
+    const expanded = expandGroup(parts[0]);
+    if (expanded.length !== 16) return null;
+    return expanded;
+  }
+  const left = expandGroup(parts[0]);
+  const right = expandGroup(parts[1]);
+  if (left.length + right.length > 16) return null;
+  for (let i = 0; i < left.length; i++) bytes[i] = left[i];
+  for (let i = 0; i < right.length; i++) bytes[16 - right.length + i] = right[i];
+  return bytes;
+}
 
-
-Object.defineProperty(exports, "isIpInBlockedCidrs", {
-  enumerable: true,
-  get: function () { return chunkR55NXJIH_cjs.isIpInBlockedCidrs; }
-});
-Object.defineProperty(exports, "validateUrl", {
-  enumerable: true,
-  get: function () { return chunkR55NXJIH_cjs.validateUrl; }
-});
 Object.defineProperty(exports, "resolveSandboxedPath", {
   enumerable: true,
   get: function () { return chunkZDSZHEQU_cjs.resolveSandboxedPath; }
@@ -22,5 +187,7 @@ Object.defineProperty(exports, "setSandboxValidationEnabled", {
   enumerable: true,
   get: function () { return chunkZDSZHEQU_cjs.setSandboxValidationEnabled; }
 });
+exports.isIpInBlockedCidrs = isIpInBlockedCidrs;
+exports.validateUrl = validateUrl;
 //# sourceMappingURL=security.cjs.map
 //# sourceMappingURL=security.cjs.map

package/dist/security.cjs.map

@@ -1 +1 @@
-{"version":3,"sources":[],"names":[],"mappings":"","file":"security.cjs"}
+{"version":3,"sources":["../src/security/ssrf.ts"],"names":["createTaggedError","lookup"],"mappings":";;;;;;AAsBA,eAAsB,WAAA,CAAY,KAAa,OAAA,EAA2C;AACxF,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,IAAI,IAAI,GAAG,CAAA;AAAA,EACtB,CAAA,CAAA,MAAQ;AACN,IAAA,MAAMA,mCAAA;AAAA,MACJ,sBAAA;AAAA,MACA,gBAAgB,GAAG,CAAA,CAAA;AAAA,MACnB,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAGA,EAAA,IAAI,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,MAAA,CAAO,aAAa,QAAA,EAAU;AAC/D,IAAA,MAAMA,mCAAA;AAAA,MACJ,sBAAA;AAAA,MACA,CAAA,sBAAA,EAAyB,OAAO,QAAQ,CAAA,sCAAA,CAAA;AAAA,MACxC,EAAE,GAAA,EAAK,QAAA,EAAU,MAAA,CAAO,QAAA;AAAS,KACnC;AAAA,EACF;AAEA,EAAA,MAAM,WAAW,MAAA,CAAO,QAAA;AAExB,EAAA,IAAI,CAAC,aAAA,CAAc,QAAA,EAAU,OAAA,CAAQ,YAAY,CAAA,EAAG;AAClD,IAAA,MAAMA,mCAAA;AAAA,MACJ,sBAAA;AAAA,MACA,SAAS,QAAQ,CAAA,kCAAA,CAAA;AAAA,MACjB,EAAE,GAAA,EAAK,QAAA,EAAU,YAAA,EAAc,QAAQ,YAAA;AAAa,KACtD;AAAA,EACF;AACA,EAAA,IAAI,aAAA,CAAc,QAAA,EAAU,OAAA,CAAQ,YAAY,CAAA,EAAG;AACjD,IAAA,MAAMA,mCAAA;AAAA,MACJ,sBAAA;AAAA,MACA,SAAS,QAAQ,CAAA,8BAAA,CAAA;AAAA,MACjB,EAAE,GAAA,EAAK,QAAA,EAAU,YAAA,EAAc,QAAQ,YAAA;AAAa,KACtD;AAAA,EACF;AAGA,EAAA,IAAI;AACF,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAMC,gBAAO,QAAQ,CAAA;AACzC,IAAA,IAAI,kBAAA,CAAmB,OAAA,EAAS,OAAA,CAAQ,YAAY,CAAA,EAAG;AACrD,MAAA,MAAMD,mCAAA;AAAA,QACJ,sBAAA;AAAA,QACA,CAAA,MAAA,EAAS,QAAQ,CAAA,0BAAA,EAA6B,OAAO,CAAA,CAAA;AAAA,QACrD,EAAE,GAAA,EAAK,QAAA,EAAU,UAAA,EAAY,OAAA;AAAQ,OACvC;AAAA,IACF;AAAA,EACF,SAAS,GAAA,EAAK;AAEZ,IAAA,IAAI,GAAA,YAAe,KAAA,IAAU,GAAA,CAAY,IAAA,KAAS,sBAAA,EAAwB;AACxE,MAAA,MAAM,GAAA;AAAA,IACR;AAEA,IAAA,MAAMA,mCAAA;AAAA,MACJ,sBAAA;AAAA,MACA,CAAA,gCAAA,EAAmC,QAAQ,CAAA,GAAA,EAAM,GAAA,YAAe,QAAQ,GAAA,CAAI,OAAA,GAAU,MAAA,CAAO,GAAG,CAAC,CAAA,CAAA;AAAA,MACjG,EAAE,KAAK,QAAA;AAAS,KAClB;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAMA,SAAS,aAAA,CAAc,UAAkB,YAAA,EAAiC;AACxE,EAAA,KAAA,MAAW,WAAW,YAAA,EAAc;AAClC,IAAA,IAAI,YAAY,GAAA,EAAK;AACnB,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,IAAI,CAAA,EAAG;AAC5B,MAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAA;AAC9B,MAAA,IAAI,QAAA,CAAS,SAAS,MAAM,CAAA,IAAK,aAAa,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAA,EAAG;AAC9D,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF,CAAA,MAAA,IAAW,aAAa,OAAA,EAAS;AAC/B,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AACA,EAAA,OAAO,KAAA;AACT;AAKA,SAAS,aAAA,CAAc,UAAkB,YAAA,EAAiC;AACxE,EAAA,KAAA,MAAW,WAAW,YAAA,EAAc;AAClC,IAAA,IAAI,YAAY,GAAA,EAAK;AACnB,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,IAAI,CAAA,EAAG;AAC5B,MAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAA;AAC9B,MAAA,IAAI,QAAA,CAAS,SAAS,MAAM,CAAA,IAAK,aAAa,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAA,EAAG;AAC9D,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF,CAAA,MAAA,IAAW,aAAa,OAAA,EAAS;AAC/B,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AACA,EAAA,OAAO,KAAA;AACT;AAKO,SAAS,kBAAA,CAAmB,IAAY,KAAA,EAA0B;AAEvE,EAAA,MAAM,YAAA,GAAe,YAAY,EAAE,CAAA;AACnC,EAAA,IAAI,CAAC,cAAc,OAAO,KAAA;AAE1B,EAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACxB,IAAA,IAAI,IAAA,CAAK,QAAA,CAAS,GAAG,CAAA,EAAG;AAEtB,MAAA,IAAI,CAAC,EAAA,CAAG,QAAA,CAAS,GAAG,CAAA,EAAG;AACvB,MAAA,IAAI,YAAA,CAAa,EAAA,EAAI,IAAI,CAAA,EAAG,OAAO,IAAA;AAAA,IACrC,CAAA,MAAO;AACL,MAAA,IAAI,YAAA,CAAa,YAAA,EAAc,IAAI,CAAA,EAAG,OAAO,IAAA;AAAA,IAC/C;AAAA,EACF;AACA,EAAA,OAAO,KAAA;AACT;AAEA,SAAS,YAAY,EAAA,EAA2B;AAE9C,EAAA,IAAI,EAAA,CAAG,UAAA,CAAW,SAAS,CAAA,EAAG;AAC5B,IAAA,OAAO,EAAA,CAAG,MAAM,CAAC,CAAA;AAAA,EACnB;AAEA,EAAA,IAAI,sBAAA,CAAuB,IAAA,CAAK,EAAE,CAAA,EAAG;AACnC,IAAA,OAAO,EAAA;AAAA,EACT;AACA,EAAA,OAAO,IAAA;AACT;AAEA,SAAS,YAAA,CAAa,IAAY,IAAA,EAAuB;AACvD,EAAA,MAAM,CAAC,MAAA,EAAQ,SAAS,CAAA,GAAI,IAAA,CAAK,MAAM,GAAG,CAAA;AAC1C,EAAA,IAAI,CAAC,MAAA,IAAU,CAAC,SAAA,EAAW,OAAO,KAAA;AAElC,EAAA,MAAM,MAAA,GAAS,QAAA,CAAS,SAAA,EAAW,EAAE,CAAA;AACrC,EAAA,IAAI,MAAM,MAAM,CAAA,IAAK,SAAS,CAAA,IAAK,MAAA,GAAS,IAAI,OAAO,KAAA;AAEvD,EAAA,MAAM,KAAA,GAAQ,UAAU,EAAE,CAAA;AAC1B,EAAA,MAAM,OAAA,GAAU,UAAU,MAAM,CAAA;AAChC,EAAA,IAAI,KAAA,KAAU,IAAA,IAAQ,OAAA,KAAY,IAAA,EAAM,OAAO,KAAA;AAE/C,EAAA,MAAM,OAAO,MAAA,KAAW,CAAA,GAAI,IAAK,EAAC,IAAM,KAAK,MAAA,KAAa,CAAA;AAC1D,EAAA,OAAA,CAAQ,KAAA,GAAQ,WAAW,OAAA,GAAU,IAAA,CAAA;AACvC;AAEA,SAAS,UAAU,EAAA,EAA2B;AAC5C,EAAA,MAAM,KAAA,GAAQ,EAAA,CAAG,KAAA,CAAM,GAAG,CAAA;AAC1B,EAAA,IAAI,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG,OAAO,IAAA;AAC/B,EAAA,IAAI,GAAA,GAAM,CAAA;AACV,EAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACxB,IAAA,MAAM,CAAA,GAAI,QAAA,CAAS,IAAA,EAAM,EAAE,CAAA;AAC3B,IAAA,IAAI,MAAM,CAAC,CAAA,IAAK,IAAI,CAAA,IAAK,CAAA,GAAI,KAAK,OAAO,IAAA;AACzC,IAAA,GAAA,GAAO,OAAO,CAAA,GAAK,CAAA;AAAA,EACrB;AACA,EAAA,OAAO,GAAA,KAAQ,CAAA;AACjB;AAEA,SAAS,YAAA,CAAa,IAAY,IAAA,EAAuB;AAEvD,EAAA,MAAM,CAAC,MAAA,EAAQ,SAAS,CAAA,GAAI,IAAA,CAAK,MAAM,GAAG,CAAA;AAC1C,EAAA,IAAI,CAAC,MAAA,IAAU,CAAC,SAAA,EAAW,OAAO,KAAA;AAElC,EAAA,MAAM,MAAA,GAAS,QAAA,CAAS,SAAA,EAAW,EAAE,CAAA;AACrC,EAAA,IAAI,KAAA,CAAM,MAAM,CAAA,EAAG,OAAO,KAAA;AAE1B,EAAA,MAAM,OAAA,GAAU,WAAW,EAAE,CAAA;AAC7B,EAAA,MAAM,SAAA,GAAY,WAAW,MAAM,CAAA;AACnC,EAAA,IAAI,CAAC,OAAA,IAAW,CAAC,SAAA,EAAW,OAAO,KAAA;AAGnC,EAAA,MAAM,SAAA,GAAY,IAAA,CAAK,KAAA,CAAM,MAAA,GAAS,CAAC,CAAA;AACvC,EAAA,KAAA,IAAS,IAAI,CAAA,EAAG,CAAA,GAAI,SAAA,IAAa,CAAA,GAAI,IAAI,CAAA,EAAA,EAAK;AAC5C,IAAA,IAAI,QAAQ,CAAC,CAAA,KAAM,SAAA,CAAU,CAAC,GAAG,OAAO,KAAA;AAAA,EAC1C;AAEA,EAAA,MAAM,gBAAgB,MAAA,GAAS,CAAA;AAC/B,EAAA,IAAI,aAAA,GAAgB,CAAA,IAAK,SAAA,GAAY,EAAA,EAAI;AACvC,IAAA,MAAM,IAAA,GAAQ,EAAC,IAAM,CAAA,GAAI,aAAA,GAAkB,GAAA;AAC3C,IAAA,IAAA,CAAK,OAAA,CAAQ,SAAS,CAAA,GAAK,IAAA,OAAW,UAAU,SAAS,CAAA,GAAK,OAAO,OAAO,KAAA;AAAA,EAC9E;AAEA,EAAA,OAAO,IAAA;AACT;AAEA,SAAS,WAAW,EAAA,EAA6B;AAE/C,EAAA,MAAM,OAAA,GAAU,EAAA,CAAG,OAAA,CAAQ,GAAG,CAAA;AAC9B,EAAA,IAAI,YAAY,EAAA,EAAI,EAAA,GAAK,EAAA,CAAG,KAAA,CAAM,GAAG,OAAO,CAAA;AAE5C,EAAA,MAAM,KAAA,GAAQ,EAAA,CAAG,KAAA,CAAM,IAAI,CAAA;AAC3B,EAAA,IAAI,KAAA,CAAM,MAAA,GAAS,CAAA,EAAG,OAAO,IAAA;AAE7B,EAAA,MAAM,QAAkB,IAAI,KAAA,CAAM,EAAE,CAAA,CAAE,KAAK,CAAC,CAAA;AAE5C,EAAA,MAAM,WAAA,GAAc,CAAC,KAAA,KAA4B;AAC/C,IAAA,IAAI,CAAC,KAAA,EAAO,OAAO,EAAC;AACpB,IAAA,OAAO,MAAM,KAAA,CAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,CAAC,GAAA,KAAQ;AACvC,MAAA,MAAM,GAAA,GAAM,QAAA,CAAS,GAAA,IAAO,GAAA,EAAK,EAAE,CAAA;AACnC,MAAA,OAAO,CAAE,GAAA,IAAO,CAAA,GAAK,GAAA,EAAM,MAAM,GAAI,CAAA;AAAA,IACvC,CAAC,CAAA;AAAA,EACH,CAAA;AAEA,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,QAAA,GAAW,WAAA,CAAY,KAAA,CAAM,CAAC,CAAE,CAAA;AACtC,IAAA,IAAI,QAAA,CAAS,MAAA,KAAW,EAAA,EAAI,OAAO,IAAA;AACnC,IAAA,OAAO,QAAA;AAAA,EACT;AAEA,EAAA,MAAM,IAAA,GAAO,WAAA,CAAY,KAAA,CAAM,CAAC,CAAE,CAAA;AAClC,EAAA,MAAM,KAAA,GAAQ,WAAA,CAAY,KAAA,CAAM,CAAC,CAAE,CAAA;AAEnC,EAAA,IAAI,IAAA,CAAK,MAAA,GAAS,KAAA,CAAM,MAAA,GAAS,IAAI,OAAO,IAAA;AAE5C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,IAAA,CAAK,MAAA,EAAQ,KAAK,KAAA,CAAM,CAAC,CAAA,GAAI,IAAA,CAAK,CAAC,CAAA;AACvD,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,MAAA,EAAQ,CAAA,EAAA,EAAK,KAAA,CAAM,EAAA,GAAK,KAAA,CAAM,MAAA,GAAS,CAAC,CAAA,GAAI,MAAM,CAAC,CAAA;AAE7E,EAAA,OAAO,KAAA;AACT","file":"security.cjs","sourcesContent":["import { lookup } from \"node:dns/promises\";\nimport { createTaggedError } from \"../core/runtime/Retry.js\";\n\n/**\n * Options for validateUrl. Unified rule: allow iff host is in allowedHosts AND not in blockedHosts.\n * - \"Default allow all + blocklist\": allowedHosts: [\"*\"], blockedHosts: [\"*.internal\", ...]\n * - \"Default disallow all + allowlist\": allowedHosts: [\"api.github.com\", ...], blockedHosts: []\n */\nexport interface ValidateUrlOptions {\n  /** Allow only these hosts. Use [\"*\"] for allow-all. Supports \"*.example.com\", exact host. */\n  allowedHosts: string[];\n  /** Block these hosts even if allowed. Supports \"*.internal\", exact host. Merged with allowlist. */\n  blockedHosts: string[];\n  /** CIDR ranges to block (resolved IP). */\n  blockedCidrs: string[];\n}\n\n/**\n * Validate a URL: allow iff (host in allowedHosts) AND (host not in blockedHosts). Then check blockedCidrs on resolved IP.\n *\n * @throws HTTP_DISALLOWED_HOST if the URL is blocked\n */\nexport async function validateUrl(url: string, options: ValidateUrlOptions): Promise<URL> {\n  let parsed: URL;\n  try {\n    parsed = new URL(url);\n  } catch {\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `Invalid URL: ${url}`,\n      { url },\n    );\n  }\n\n  // Only allow http/https\n  if (parsed.protocol !== \"http:\" && parsed.protocol !== \"https:\") {\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `Protocol not allowed: ${parsed.protocol}. Only http: and https: are supported.`,\n      { url, protocol: parsed.protocol },\n    );\n  }\n\n  const hostname = parsed.hostname;\n\n  if (!isHostAllowed(hostname, options.allowedHosts)) {\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `Host \"${hostname}\" is not in the allowed hosts list`,\n      { url, hostname, allowedHosts: options.allowedHosts },\n    );\n  }\n  if (isHostBlocked(hostname, options.blockedHosts)) {\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `Host \"${hostname}\" is in the blocked hosts list`,\n      { url, hostname, blockedHosts: options.blockedHosts },\n    );\n  }\n\n  // DNS resolve and check against blocked CIDRs\n  try {\n    const { address } = await lookup(hostname);\n    if (isIpInBlockedCidrs(address, options.blockedCidrs)) {\n      throw createTaggedError(\n        \"HTTP_DISALLOWED_HOST\",\n        `Host \"${hostname}\" resolves to blocked IP: ${address}`,\n        { url, hostname, resolvedIp: address },\n      );\n    }\n  } catch (err) {\n    // Re-throw our tagged errors\n    if (err instanceof Error && (err as any).kind === \"HTTP_DISALLOWED_HOST\") {\n      throw err;\n    }\n    // DNS resolution failure — block by default\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `DNS resolution failed for host \"${hostname}\": ${err instanceof Error ? err.message : String(err)}`,\n      { url, hostname },\n    );\n  }\n\n  return parsed;\n}\n\n/**\n * Check if a hostname matches any entry in the allowed hosts list.\n * Supports: exact \"*\" (allow any host), wildcard prefix (e.g. \"*.github.com\"), or exact host.\n */\nfunction isHostAllowed(hostname: string, allowedHosts: string[]): boolean {\n  for (const pattern of allowedHosts) {\n    if (pattern === \"*\") {\n      return true;\n    }\n    if (pattern.startsWith(\"*.\")) {\n      const suffix = pattern.slice(1); // \".github.com\"\n      if (hostname.endsWith(suffix) || hostname === pattern.slice(2)) {\n        return true;\n      }\n    } else if (hostname === pattern) {\n      return true;\n    }\n  }\n  return false;\n}\n\n/**\n * Check if a hostname matches any entry in the blocked hosts list (same pattern rules as allowlist).\n */\nfunction isHostBlocked(hostname: string, blockedHosts: string[]): boolean {\n  for (const pattern of blockedHosts) {\n    if (pattern === \"*\") {\n      return true;\n    }\n    if (pattern.startsWith(\"*.\")) {\n      const suffix = pattern.slice(1);\n      if (hostname.endsWith(suffix) || hostname === pattern.slice(2)) {\n        return true;\n      }\n    } else if (hostname === pattern) {\n      return true;\n    }\n  }\n  return false;\n}\n\n/**\n * Check if an IPv4 address falls within any blocked CIDR range.\n */\nexport function isIpInBlockedCidrs(ip: string, cidrs: string[]): boolean {\n  // Handle IPv4-mapped IPv6\n  const normalizedIp = normalizeIp(ip);\n  if (!normalizedIp) return false;\n\n  for (const cidr of cidrs) {\n    if (cidr.includes(\":\")) {\n      // IPv6 CIDR — skip for IPv4 addresses\n      if (!ip.includes(\":\")) continue;\n      if (isIpv6InCidr(ip, cidr)) return true;\n    } else {\n      if (isIpv4InCidr(normalizedIp, cidr)) return true;\n    }\n  }\n  return false;\n}\n\nfunction normalizeIp(ip: string): string | null {\n  // Handle IPv4-mapped IPv6 (e.g. \"::ffff:127.0.0.1\")\n  if (ip.startsWith(\"::ffff:\")) {\n    return ip.slice(7);\n  }\n  // Pure IPv4\n  if (/^\\d+\\.\\d+\\.\\d+\\.\\d+$/.test(ip)) {\n    return ip;\n  }\n  return null;\n}\n\nfunction isIpv4InCidr(ip: string, cidr: string): boolean {\n  const [cidrIp, prefixStr] = cidr.split(\"/\");\n  if (!cidrIp || !prefixStr) return false;\n\n  const prefix = parseInt(prefixStr, 10);\n  if (isNaN(prefix) || prefix < 0 || prefix > 32) return false;\n\n  const ipNum = ipv4ToNum(ip);\n  const cidrNum = ipv4ToNum(cidrIp);\n  if (ipNum === null || cidrNum === null) return false;\n\n  const mask = prefix === 0 ? 0 : (~0 << (32 - prefix)) >>> 0;\n  return (ipNum & mask) === (cidrNum & mask);\n}\n\nfunction ipv4ToNum(ip: string): number | null {\n  const parts = ip.split(\".\");\n  if (parts.length !== 4) return null;\n  let num = 0;\n  for (const part of parts) {\n    const n = parseInt(part, 10);\n    if (isNaN(n) || n < 0 || n > 255) return null;\n    num = (num << 8) | n;\n  }\n  return num >>> 0;\n}\n\nfunction isIpv6InCidr(ip: string, cidr: string): boolean {\n  // Simplified IPv6 CIDR matching for common cases (::1, fc00::, fe80::)\n  const [cidrIp, prefixStr] = cidr.split(\"/\");\n  if (!cidrIp || !prefixStr) return false;\n\n  const prefix = parseInt(prefixStr, 10);\n  if (isNaN(prefix)) return false;\n\n  const ipBytes = expandIpv6(ip);\n  const cidrBytes = expandIpv6(cidrIp);\n  if (!ipBytes || !cidrBytes) return false;\n\n  // Compare prefix bits\n  const fullBytes = Math.floor(prefix / 8);\n  for (let i = 0; i < fullBytes && i < 16; i++) {\n    if (ipBytes[i] !== cidrBytes[i]) return false;\n  }\n\n  const remainingBits = prefix % 8;\n  if (remainingBits > 0 && fullBytes < 16) {\n    const mask = (~0 << (8 - remainingBits)) & 0xff;\n    if ((ipBytes[fullBytes]! & mask) !== (cidrBytes[fullBytes]! & mask)) return false;\n  }\n\n  return true;\n}\n\nfunction expandIpv6(ip: string): number[] | null {\n  // Remove zone ID\n  const zoneIdx = ip.indexOf(\"%\");\n  if (zoneIdx !== -1) ip = ip.slice(0, zoneIdx);\n\n  const parts = ip.split(\"::\");\n  if (parts.length > 2) return null;\n\n  const bytes: number[] = new Array(16).fill(0);\n\n  const expandGroup = (group: string): number[] => {\n    if (!group) return [];\n    return group.split(\":\").flatMap((hex) => {\n      const val = parseInt(hex || \"0\", 16);\n      return [(val >> 8) & 0xff, val & 0xff];\n    });\n  };\n\n  if (parts.length === 1) {\n    const expanded = expandGroup(parts[0]!);\n    if (expanded.length !== 16) return null;\n    return expanded;\n  }\n\n  const left = expandGroup(parts[0]!);\n  const right = expandGroup(parts[1]!);\n\n  if (left.length + right.length > 16) return null;\n\n  for (let i = 0; i < left.length; i++) bytes[i] = left[i]!;\n  for (let i = 0; i < right.length; i++) bytes[16 - right.length + i] = right[i]!;\n\n  return bytes;\n}\n"]}

package/dist/security.js

@@ -1,5 +1,182 @@
-export { isIpInBlockedCidrs, validateUrl } from './chunk-NKYFYALQ.js';
 export { resolveSandboxedPath, setSandboxValidationEnabled } from './chunk-QXQ4477T.js';
-import './chunk-RZTTO5MQ.js';
+import { createTaggedError } from './chunk-RZTTO5MQ.js';
+import { lookup } from 'dns/promises';
+
+async function validateUrl(url, options) {
+  let parsed;
+  try {
+    parsed = new URL(url);
+  } catch {
+    throw createTaggedError(
+      "HTTP_DISALLOWED_HOST",
+      `Invalid URL: ${url}`,
+      { url }
+    );
+  }
+  if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
+    throw createTaggedError(
+      "HTTP_DISALLOWED_HOST",
+      `Protocol not allowed: ${parsed.protocol}. Only http: and https: are supported.`,
+      { url, protocol: parsed.protocol }
+    );
+  }
+  const hostname = parsed.hostname;
+  if (!isHostAllowed(hostname, options.allowedHosts)) {
+    throw createTaggedError(
+      "HTTP_DISALLOWED_HOST",
+      `Host "${hostname}" is not in the allowed hosts list`,
+      { url, hostname, allowedHosts: options.allowedHosts }
+    );
+  }
+  if (isHostBlocked(hostname, options.blockedHosts)) {
+    throw createTaggedError(
+      "HTTP_DISALLOWED_HOST",
+      `Host "${hostname}" is in the blocked hosts list`,
+      { url, hostname, blockedHosts: options.blockedHosts }
+    );
+  }
+  try {
+    const { address } = await lookup(hostname);
+    if (isIpInBlockedCidrs(address, options.blockedCidrs)) {
+      throw createTaggedError(
+        "HTTP_DISALLOWED_HOST",
+        `Host "${hostname}" resolves to blocked IP: ${address}`,
+        { url, hostname, resolvedIp: address }
+      );
+    }
+  } catch (err) {
+    if (err instanceof Error && err.kind === "HTTP_DISALLOWED_HOST") {
+      throw err;
+    }
+    throw createTaggedError(
+      "HTTP_DISALLOWED_HOST",
+      `DNS resolution failed for host "${hostname}": ${err instanceof Error ? err.message : String(err)}`,
+      { url, hostname }
+    );
+  }
+  return parsed;
+}
+function isHostAllowed(hostname, allowedHosts) {
+  for (const pattern of allowedHosts) {
+    if (pattern === "*") {
+      return true;
+    }
+    if (pattern.startsWith("*.")) {
+      const suffix = pattern.slice(1);
+      if (hostname.endsWith(suffix) || hostname === pattern.slice(2)) {
+        return true;
+      }
+    } else if (hostname === pattern) {
+      return true;
+    }
+  }
+  return false;
+}
+function isHostBlocked(hostname, blockedHosts) {
+  for (const pattern of blockedHosts) {
+    if (pattern === "*") {
+      return true;
+    }
+    if (pattern.startsWith("*.")) {
+      const suffix = pattern.slice(1);
+      if (hostname.endsWith(suffix) || hostname === pattern.slice(2)) {
+        return true;
+      }
+    } else if (hostname === pattern) {
+      return true;
+    }
+  }
+  return false;
+}
+function isIpInBlockedCidrs(ip, cidrs) {
+  const normalizedIp = normalizeIp(ip);
+  if (!normalizedIp) return false;
+  for (const cidr of cidrs) {
+    if (cidr.includes(":")) {
+      if (!ip.includes(":")) continue;
+      if (isIpv6InCidr(ip, cidr)) return true;
+    } else {
+      if (isIpv4InCidr(normalizedIp, cidr)) return true;
+    }
+  }
+  return false;
+}
+function normalizeIp(ip) {
+  if (ip.startsWith("::ffff:")) {
+    return ip.slice(7);
+  }
+  if (/^\d+\.\d+\.\d+\.\d+$/.test(ip)) {
+    return ip;
+  }
+  return null;
+}
+function isIpv4InCidr(ip, cidr) {
+  const [cidrIp, prefixStr] = cidr.split("/");
+  if (!cidrIp || !prefixStr) return false;
+  const prefix = parseInt(prefixStr, 10);
+  if (isNaN(prefix) || prefix < 0 || prefix > 32) return false;
+  const ipNum = ipv4ToNum(ip);
+  const cidrNum = ipv4ToNum(cidrIp);
+  if (ipNum === null || cidrNum === null) return false;
+  const mask = prefix === 0 ? 0 : -1 << 32 - prefix >>> 0;
+  return (ipNum & mask) === (cidrNum & mask);
+}
+function ipv4ToNum(ip) {
+  const parts = ip.split(".");
+  if (parts.length !== 4) return null;
+  let num = 0;
+  for (const part of parts) {
+    const n = parseInt(part, 10);
+    if (isNaN(n) || n < 0 || n > 255) return null;
+    num = num << 8 | n;
+  }
+  return num >>> 0;
+}
+function isIpv6InCidr(ip, cidr) {
+  const [cidrIp, prefixStr] = cidr.split("/");
+  if (!cidrIp || !prefixStr) return false;
+  const prefix = parseInt(prefixStr, 10);
+  if (isNaN(prefix)) return false;
+  const ipBytes = expandIpv6(ip);
+  const cidrBytes = expandIpv6(cidrIp);
+  if (!ipBytes || !cidrBytes) return false;
+  const fullBytes = Math.floor(prefix / 8);
+  for (let i = 0; i < fullBytes && i < 16; i++) {
+    if (ipBytes[i] !== cidrBytes[i]) return false;
+  }
+  const remainingBits = prefix % 8;
+  if (remainingBits > 0 && fullBytes < 16) {
+    const mask = -1 << 8 - remainingBits & 255;
+    if ((ipBytes[fullBytes] & mask) !== (cidrBytes[fullBytes] & mask)) return false;
+  }
+  return true;
+}
+function expandIpv6(ip) {
+  const zoneIdx = ip.indexOf("%");
+  if (zoneIdx !== -1) ip = ip.slice(0, zoneIdx);
+  const parts = ip.split("::");
+  if (parts.length > 2) return null;
+  const bytes = new Array(16).fill(0);
+  const expandGroup = (group) => {
+    if (!group) return [];
+    return group.split(":").flatMap((hex) => {
+      const val = parseInt(hex || "0", 16);
+      return [val >> 8 & 255, val & 255];
+    });
+  };
+  if (parts.length === 1) {
+    const expanded = expandGroup(parts[0]);
+    if (expanded.length !== 16) return null;
+    return expanded;
+  }
+  const left = expandGroup(parts[0]);
+  const right = expandGroup(parts[1]);
+  if (left.length + right.length > 16) return null;
+  for (let i = 0; i < left.length; i++) bytes[i] = left[i];
+  for (let i = 0; i < right.length; i++) bytes[16 - right.length + i] = right[i];
+  return bytes;
+}
+
+export { isIpInBlockedCidrs, validateUrl };
 //# sourceMappingURL=security.js.map
 //# sourceMappingURL=security.js.map

package/dist/security.js.map

@@ -1 +1 @@
-{"version":3,"sources":[],"names":[],"mappings":"","file":"security.js"}
+{"version":3,"sources":["../src/security/ssrf.ts"],"names":[],"mappings":";;;;AAsBA,eAAsB,WAAA,CAAY,KAAa,OAAA,EAA2C;AACxF,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,IAAI,IAAI,GAAG,CAAA;AAAA,EACtB,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,iBAAA;AAAA,MACJ,sBAAA;AAAA,MACA,gBAAgB,GAAG,CAAA,CAAA;AAAA,MACnB,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAGA,EAAA,IAAI,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,MAAA,CAAO,aAAa,QAAA,EAAU;AAC/D,IAAA,MAAM,iBAAA;AAAA,MACJ,sBAAA;AAAA,MACA,CAAA,sBAAA,EAAyB,OAAO,QAAQ,CAAA,sCAAA,CAAA;AAAA,MACxC,EAAE,GAAA,EAAK,QAAA,EAAU,MAAA,CAAO,QAAA;AAAS,KACnC;AAAA,EACF;AAEA,EAAA,MAAM,WAAW,MAAA,CAAO,QAAA;AAExB,EAAA,IAAI,CAAC,aAAA,CAAc,QAAA,EAAU,OAAA,CAAQ,YAAY,CAAA,EAAG;AAClD,IAAA,MAAM,iBAAA;AAAA,MACJ,sBAAA;AAAA,MACA,SAAS,QAAQ,CAAA,kCAAA,CAAA;AAAA,MACjB,EAAE,GAAA,EAAK,QAAA,EAAU,YAAA,EAAc,QAAQ,YAAA;AAAa,KACtD;AAAA,EACF;AACA,EAAA,IAAI,aAAA,CAAc,QAAA,EAAU,OAAA,CAAQ,YAAY,CAAA,EAAG;AACjD,IAAA,MAAM,iBAAA;AAAA,MACJ,sBAAA;AAAA,MACA,SAAS,QAAQ,CAAA,8BAAA,CAAA;AAAA,MACjB,EAAE,GAAA,EAAK,QAAA,EAAU,YAAA,EAAc,QAAQ,YAAA;AAAa,KACtD;AAAA,EACF;AAGA,EAAA,IAAI;AACF,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,OAAO,QAAQ,CAAA;AACzC,IAAA,IAAI,kBAAA,CAAmB,OAAA,EAAS,OAAA,CAAQ,YAAY,CAAA,EAAG;AACrD,MAAA,MAAM,iBAAA;AAAA,QACJ,sBAAA;AAAA,QACA,CAAA,MAAA,EAAS,QAAQ,CAAA,0BAAA,EAA6B,OAAO,CAAA,CAAA;AAAA,QACrD,EAAE,GAAA,EAAK,QAAA,EAAU,UAAA,EAAY,OAAA;AAAQ,OACvC;AAAA,IACF;AAAA,EACF,SAAS,GAAA,EAAK;AAEZ,IAAA,IAAI,GAAA,YAAe,KAAA,IAAU,GAAA,CAAY,IAAA,KAAS,sBAAA,EAAwB;AACxE,MAAA,MAAM,GAAA;AAAA,IACR;AAEA,IAAA,MAAM,iBAAA;AAAA,MACJ,sBAAA;AAAA,MACA,CAAA,gCAAA,EAAmC,QAAQ,CAAA,GAAA,EAAM,GAAA,YAAe,QAAQ,GAAA,CAAI,OAAA,GAAU,MAAA,CAAO,GAAG,CAAC,CAAA,CAAA;AAAA,MACjG,EAAE,KAAK,QAAA;AAAS,KAClB;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAMA,SAAS,aAAA,CAAc,UAAkB,YAAA,EAAiC;AACxE,EAAA,KAAA,MAAW,WAAW,YAAA,EAAc;AAClC,IAAA,IAAI,YAAY,GAAA,EAAK;AACnB,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,IAAI,CAAA,EAAG;AAC5B,MAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAA;AAC9B,MAAA,IAAI,QAAA,CAAS,SAAS,MAAM,CAAA,IAAK,aAAa,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAA,EAAG;AAC9D,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF,CAAA,MAAA,IAAW,aAAa,OAAA,EAAS;AAC/B,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AACA,EAAA,OAAO,KAAA;AACT;AAKA,SAAS,aAAA,CAAc,UAAkB,YAAA,EAAiC;AACxE,EAAA,KAAA,MAAW,WAAW,YAAA,EAAc;AAClC,IAAA,IAAI,YAAY,GAAA,EAAK;AACnB,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,IAAI,CAAA,EAAG;AAC5B,MAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAA;AAC9B,MAAA,IAAI,QAAA,CAAS,SAAS,MAAM,CAAA,IAAK,aAAa,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAA,EAAG;AAC9D,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF,CAAA,MAAA,IAAW,aAAa,OAAA,EAAS;AAC/B,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AACA,EAAA,OAAO,KAAA;AACT;AAKO,SAAS,kBAAA,CAAmB,IAAY,KAAA,EAA0B;AAEvE,EAAA,MAAM,YAAA,GAAe,YAAY,EAAE,CAAA;AACnC,EAAA,IAAI,CAAC,cAAc,OAAO,KAAA;AAE1B,EAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACxB,IAAA,IAAI,IAAA,CAAK,QAAA,CAAS,GAAG,CAAA,EAAG;AAEtB,MAAA,IAAI,CAAC,EAAA,CAAG,QAAA,CAAS,GAAG,CAAA,EAAG;AACvB,MAAA,IAAI,YAAA,CAAa,EAAA,EAAI,IAAI,CAAA,EAAG,OAAO,IAAA;AAAA,IACrC,CAAA,MAAO;AACL,MAAA,IAAI,YAAA,CAAa,YAAA,EAAc,IAAI,CAAA,EAAG,OAAO,IAAA;AAAA,IAC/C;AAAA,EACF;AACA,EAAA,OAAO,KAAA;AACT;AAEA,SAAS,YAAY,EAAA,EAA2B;AAE9C,EAAA,IAAI,EAAA,CAAG,UAAA,CAAW,SAAS,CAAA,EAAG;AAC5B,IAAA,OAAO,EAAA,CAAG,MAAM,CAAC,CAAA;AAAA,EACnB;AAEA,EAAA,IAAI,sBAAA,CAAuB,IAAA,CAAK,EAAE,CAAA,EAAG;AACnC,IAAA,OAAO,EAAA;AAAA,EACT;AACA,EAAA,OAAO,IAAA;AACT;AAEA,SAAS,YAAA,CAAa,IAAY,IAAA,EAAuB;AACvD,EAAA,MAAM,CAAC,MAAA,EAAQ,SAAS,CAAA,GAAI,IAAA,CAAK,MAAM,GAAG,CAAA;AAC1C,EAAA,IAAI,CAAC,MAAA,IAAU,CAAC,SAAA,EAAW,OAAO,KAAA;AAElC,EAAA,MAAM,MAAA,GAAS,QAAA,CAAS,SAAA,EAAW,EAAE,CAAA;AACrC,EAAA,IAAI,MAAM,MAAM,CAAA,IAAK,SAAS,CAAA,IAAK,MAAA,GAAS,IAAI,OAAO,KAAA;AAEvD,EAAA,MAAM,KAAA,GAAQ,UAAU,EAAE,CAAA;AAC1B,EAAA,MAAM,OAAA,GAAU,UAAU,MAAM,CAAA;AAChC,EAAA,IAAI,KAAA,KAAU,IAAA,IAAQ,OAAA,KAAY,IAAA,EAAM,OAAO,KAAA;AAE/C,EAAA,MAAM,OAAO,MAAA,KAAW,CAAA,GAAI,IAAK,EAAC,IAAM,KAAK,MAAA,KAAa,CAAA;AAC1D,EAAA,OAAA,CAAQ,KAAA,GAAQ,WAAW,OAAA,GAAU,IAAA,CAAA;AACvC;AAEA,SAAS,UAAU,EAAA,EAA2B;AAC5C,EAAA,MAAM,KAAA,GAAQ,EAAA,CAAG,KAAA,CAAM,GAAG,CAAA;AAC1B,EAAA,IAAI,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG,OAAO,IAAA;AAC/B,EAAA,IAAI,GAAA,GAAM,CAAA;AACV,EAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACxB,IAAA,MAAM,CAAA,GAAI,QAAA,CAAS,IAAA,EAAM,EAAE,CAAA;AAC3B,IAAA,IAAI,MAAM,CAAC,CAAA,IAAK,IAAI,CAAA,IAAK,CAAA,GAAI,KAAK,OAAO,IAAA;AACzC,IAAA,GAAA,GAAO,OAAO,CAAA,GAAK,CAAA;AAAA,EACrB;AACA,EAAA,OAAO,GAAA,KAAQ,CAAA;AACjB;AAEA,SAAS,YAAA,CAAa,IAAY,IAAA,EAAuB;AAEvD,EAAA,MAAM,CAAC,MAAA,EAAQ,SAAS,CAAA,GAAI,IAAA,CAAK,MAAM,GAAG,CAAA;AAC1C,EAAA,IAAI,CAAC,MAAA,IAAU,CAAC,SAAA,EAAW,OAAO,KAAA;AAElC,EAAA,MAAM,MAAA,GAAS,QAAA,CAAS,SAAA,EAAW,EAAE,CAAA;AACrC,EAAA,IAAI,KAAA,CAAM,MAAM,CAAA,EAAG,OAAO,KAAA;AAE1B,EAAA,MAAM,OAAA,GAAU,WAAW,EAAE,CAAA;AAC7B,EAAA,MAAM,SAAA,GAAY,WAAW,MAAM,CAAA;AACnC,EAAA,IAAI,CAAC,OAAA,IAAW,CAAC,SAAA,EAAW,OAAO,KAAA;AAGnC,EAAA,MAAM,SAAA,GAAY,IAAA,CAAK,KAAA,CAAM,MAAA,GAAS,CAAC,CAAA;AACvC,EAAA,KAAA,IAAS,IAAI,CAAA,EAAG,CAAA,GAAI,SAAA,IAAa,CAAA,GAAI,IAAI,CAAA,EAAA,EAAK;AAC5C,IAAA,IAAI,QAAQ,CAAC,CAAA,KAAM,SAAA,CAAU,CAAC,GAAG,OAAO,KAAA;AAAA,EAC1C;AAEA,EAAA,MAAM,gBAAgB,MAAA,GAAS,CAAA;AAC/B,EAAA,IAAI,aAAA,GAAgB,CAAA,IAAK,SAAA,GAAY,EAAA,EAAI;AACvC,IAAA,MAAM,IAAA,GAAQ,EAAC,IAAM,CAAA,GAAI,aAAA,GAAkB,GAAA;AAC3C,IAAA,IAAA,CAAK,OAAA,CAAQ,SAAS,CAAA,GAAK,IAAA,OAAW,UAAU,SAAS,CAAA,GAAK,OAAO,OAAO,KAAA;AAAA,EAC9E;AAEA,EAAA,OAAO,IAAA;AACT;AAEA,SAAS,WAAW,EAAA,EAA6B;AAE/C,EAAA,MAAM,OAAA,GAAU,EAAA,CAAG,OAAA,CAAQ,GAAG,CAAA;AAC9B,EAAA,IAAI,YAAY,EAAA,EAAI,EAAA,GAAK,EAAA,CAAG,KAAA,CAAM,GAAG,OAAO,CAAA;AAE5C,EAAA,MAAM,KAAA,GAAQ,EAAA,CAAG,KAAA,CAAM,IAAI,CAAA;AAC3B,EAAA,IAAI,KAAA,CAAM,MAAA,GAAS,CAAA,EAAG,OAAO,IAAA;AAE7B,EAAA,MAAM,QAAkB,IAAI,KAAA,CAAM,EAAE,CAAA,CAAE,KAAK,CAAC,CAAA;AAE5C,EAAA,MAAM,WAAA,GAAc,CAAC,KAAA,KAA4B;AAC/C,IAAA,IAAI,CAAC,KAAA,EAAO,OAAO,EAAC;AACpB,IAAA,OAAO,MAAM,KAAA,CAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,CAAC,GAAA,KAAQ;AACvC,MAAA,MAAM,GAAA,GAAM,QAAA,CAAS,GAAA,IAAO,GAAA,EAAK,EAAE,CAAA;AACnC,MAAA,OAAO,CAAE,GAAA,IAAO,CAAA,GAAK,GAAA,EAAM,MAAM,GAAI,CAAA;AAAA,IACvC,CAAC,CAAA;AAAA,EACH,CAAA;AAEA,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,QAAA,GAAW,WAAA,CAAY,KAAA,CAAM,CAAC,CAAE,CAAA;AACtC,IAAA,IAAI,QAAA,CAAS,MAAA,KAAW,EAAA,EAAI,OAAO,IAAA;AACnC,IAAA,OAAO,QAAA;AAAA,EACT;AAEA,EAAA,MAAM,IAAA,GAAO,WAAA,CAAY,KAAA,CAAM,CAAC,CAAE,CAAA;AAClC,EAAA,MAAM,KAAA,GAAQ,WAAA,CAAY,KAAA,CAAM,CAAC,CAAE,CAAA;AAEnC,EAAA,IAAI,IAAA,CAAK,MAAA,GAAS,KAAA,CAAM,MAAA,GAAS,IAAI,OAAO,IAAA;AAE5C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,IAAA,CAAK,MAAA,EAAQ,KAAK,KAAA,CAAM,CAAC,CAAA,GAAI,IAAA,CAAK,CAAC,CAAA;AACvD,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,MAAA,EAAQ,CAAA,EAAA,EAAK,KAAA,CAAM,EAAA,GAAK,KAAA,CAAM,MAAA,GAAS,CAAC,CAAA,GAAI,MAAM,CAAC,CAAA;AAE7E,EAAA,OAAO,KAAA;AACT","file":"security.js","sourcesContent":["import { lookup } from \"node:dns/promises\";\nimport { createTaggedError } from \"../core/runtime/Retry.js\";\n\n/**\n * Options for validateUrl. Unified rule: allow iff host is in allowedHosts AND not in blockedHosts.\n * - \"Default allow all + blocklist\": allowedHosts: [\"*\"], blockedHosts: [\"*.internal\", ...]\n * - \"Default disallow all + allowlist\": allowedHosts: [\"api.github.com\", ...], blockedHosts: []\n */\nexport interface ValidateUrlOptions {\n  /** Allow only these hosts. Use [\"*\"] for allow-all. Supports \"*.example.com\", exact host. */\n  allowedHosts: string[];\n  /** Block these hosts even if allowed. Supports \"*.internal\", exact host. Merged with allowlist. */\n  blockedHosts: string[];\n  /** CIDR ranges to block (resolved IP). */\n  blockedCidrs: string[];\n}\n\n/**\n * Validate a URL: allow iff (host in allowedHosts) AND (host not in blockedHosts). Then check blockedCidrs on resolved IP.\n *\n * @throws HTTP_DISALLOWED_HOST if the URL is blocked\n */\nexport async function validateUrl(url: string, options: ValidateUrlOptions): Promise<URL> {\n  let parsed: URL;\n  try {\n    parsed = new URL(url);\n  } catch {\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `Invalid URL: ${url}`,\n      { url },\n    );\n  }\n\n  // Only allow http/https\n  if (parsed.protocol !== \"http:\" && parsed.protocol !== \"https:\") {\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `Protocol not allowed: ${parsed.protocol}. Only http: and https: are supported.`,\n      { url, protocol: parsed.protocol },\n    );\n  }\n\n  const hostname = parsed.hostname;\n\n  if (!isHostAllowed(hostname, options.allowedHosts)) {\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `Host \"${hostname}\" is not in the allowed hosts list`,\n      { url, hostname, allowedHosts: options.allowedHosts },\n    );\n  }\n  if (isHostBlocked(hostname, options.blockedHosts)) {\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `Host \"${hostname}\" is in the blocked hosts list`,\n      { url, hostname, blockedHosts: options.blockedHosts },\n    );\n  }\n\n  // DNS resolve and check against blocked CIDRs\n  try {\n    const { address } = await lookup(hostname);\n    if (isIpInBlockedCidrs(address, options.blockedCidrs)) {\n      throw createTaggedError(\n        \"HTTP_DISALLOWED_HOST\",\n        `Host \"${hostname}\" resolves to blocked IP: ${address}`,\n        { url, hostname, resolvedIp: address },\n      );\n    }\n  } catch (err) {\n    // Re-throw our tagged errors\n    if (err instanceof Error && (err as any).kind === \"HTTP_DISALLOWED_HOST\") {\n      throw err;\n    }\n    // DNS resolution failure — block by default\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `DNS resolution failed for host \"${hostname}\": ${err instanceof Error ? err.message : String(err)}`,\n      { url, hostname },\n    );\n  }\n\n  return parsed;\n}\n\n/**\n * Check if a hostname matches any entry in the allowed hosts list.\n * Supports: exact \"*\" (allow any host), wildcard prefix (e.g. \"*.github.com\"), or exact host.\n */\nfunction isHostAllowed(hostname: string, allowedHosts: string[]): boolean {\n  for (const pattern of allowedHosts) {\n    if (pattern === \"*\") {\n      return true;\n    }\n    if (pattern.startsWith(\"*.\")) {\n      const suffix = pattern.slice(1); // \".github.com\"\n      if (hostname.endsWith(suffix) || hostname === pattern.slice(2)) {\n        return true;\n      }\n    } else if (hostname === pattern) {\n      return true;\n    }\n  }\n  return false;\n}\n\n/**\n * Check if a hostname matches any entry in the blocked hosts list (same pattern rules as allowlist).\n */\nfunction isHostBlocked(hostname: string, blockedHosts: string[]): boolean {\n  for (const pattern of blockedHosts) {\n    if (pattern === \"*\") {\n      return true;\n    }\n    if (pattern.startsWith(\"*.\")) {\n      const suffix = pattern.slice(1);\n      if (hostname.endsWith(suffix) || hostname === pattern.slice(2)) {\n        return true;\n      }\n    } else if (hostname === pattern) {\n      return true;\n    }\n  }\n  return false;\n}\n\n/**\n * Check if an IPv4 address falls within any blocked CIDR range.\n */\nexport function isIpInBlockedCidrs(ip: string, cidrs: string[]): boolean {\n  // Handle IPv4-mapped IPv6\n  const normalizedIp = normalizeIp(ip);\n  if (!normalizedIp) return false;\n\n  for (const cidr of cidrs) {\n    if (cidr.includes(\":\")) {\n      // IPv6 CIDR — skip for IPv4 addresses\n      if (!ip.includes(\":\")) continue;\n      if (isIpv6InCidr(ip, cidr)) return true;\n    } else {\n      if (isIpv4InCidr(normalizedIp, cidr)) return true;\n    }\n  }\n  return false;\n}\n\nfunction normalizeIp(ip: string): string | null {\n  // Handle IPv4-mapped IPv6 (e.g. \"::ffff:127.0.0.1\")\n  if (ip.startsWith(\"::ffff:\")) {\n    return ip.slice(7);\n  }\n  // Pure IPv4\n  if (/^\\d+\\.\\d+\\.\\d+\\.\\d+$/.test(ip)) {\n    return ip;\n  }\n  return null;\n}\n\nfunction isIpv4InCidr(ip: string, cidr: string): boolean {\n  const [cidrIp, prefixStr] = cidr.split(\"/\");\n  if (!cidrIp || !prefixStr) return false;\n\n  const prefix = parseInt(prefixStr, 10);\n  if (isNaN(prefix) || prefix < 0 || prefix > 32) return false;\n\n  const ipNum = ipv4ToNum(ip);\n  const cidrNum = ipv4ToNum(cidrIp);\n  if (ipNum === null || cidrNum === null) return false;\n\n  const mask = prefix === 0 ? 0 : (~0 << (32 - prefix)) >>> 0;\n  return (ipNum & mask) === (cidrNum & mask);\n}\n\nfunction ipv4ToNum(ip: string): number | null {\n  const parts = ip.split(\".\");\n  if (parts.length !== 4) return null;\n  let num = 0;\n  for (const part of parts) {\n    const n = parseInt(part, 10);\n    if (isNaN(n) || n < 0 || n > 255) return null;\n    num = (num << 8) | n;\n  }\n  return num >>> 0;\n}\n\nfunction isIpv6InCidr(ip: string, cidr: string): boolean {\n  // Simplified IPv6 CIDR matching for common cases (::1, fc00::, fe80::)\n  const [cidrIp, prefixStr] = cidr.split(\"/\");\n  if (!cidrIp || !prefixStr) return false;\n\n  const prefix = parseInt(prefixStr, 10);\n  if (isNaN(prefix)) return false;\n\n  const ipBytes = expandIpv6(ip);\n  const cidrBytes = expandIpv6(cidrIp);\n  if (!ipBytes || !cidrBytes) return false;\n\n  // Compare prefix bits\n  const fullBytes = Math.floor(prefix / 8);\n  for (let i = 0; i < fullBytes && i < 16; i++) {\n    if (ipBytes[i] !== cidrBytes[i]) return false;\n  }\n\n  const remainingBits = prefix % 8;\n  if (remainingBits > 0 && fullBytes < 16) {\n    const mask = (~0 << (8 - remainingBits)) & 0xff;\n    if ((ipBytes[fullBytes]! & mask) !== (cidrBytes[fullBytes]! & mask)) return false;\n  }\n\n  return true;\n}\n\nfunction expandIpv6(ip: string): number[] | null {\n  // Remove zone ID\n  const zoneIdx = ip.indexOf(\"%\");\n  if (zoneIdx !== -1) ip = ip.slice(0, zoneIdx);\n\n  const parts = ip.split(\"::\");\n  if (parts.length > 2) return null;\n\n  const bytes: number[] = new Array(16).fill(0);\n\n  const expandGroup = (group: string): number[] => {\n    if (!group) return [];\n    return group.split(\":\").flatMap((hex) => {\n      const val = parseInt(hex || \"0\", 16);\n      return [(val >> 8) & 0xff, val & 0xff];\n    });\n  };\n\n  if (parts.length === 1) {\n    const expanded = expandGroup(parts[0]!);\n    if (expanded.length !== 16) return null;\n    return expanded;\n  }\n\n  const left = expandGroup(parts[0]!);\n  const right = expandGroup(parts[1]!);\n\n  if (left.length + right.length > 16) return null;\n\n  for (let i = 0; i < left.length; i++) bytes[i] = left[i]!;\n  for (let i = 0; i < right.length; i++) bytes[16 - right.length + i] = right[i]!;\n\n  return bytes;\n}\n"]}

package/dist/tools/skill/SkillMdParser.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SkillMdParser.d.ts","sourceRoot":"","sources":["../../../src/tools/skill/SkillMdParser.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,eAAe,EACf,gBAAgB,EAChB,aAAa,EACd,MAAM,oBAAoB,CAAC;AAgB5B;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,YAAY,CAC1B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf;IAAE,WAAW,EAAE,gBAAgB,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,CAsEzD;AA8CD;;;GAGG;AACH,wBAAsB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC,CAIlF;AAgDD;;;GAGG;AACH,wBAAsB,mBAAmB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC,CAwBnF"}
+{"version":3,"file":"SkillMdParser.d.ts","sourceRoot":"","sources":["../../../src/tools/skill/SkillMdParser.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,eAAe,EACf,gBAAgB,EAChB,aAAa,EACd,MAAM,oBAAoB,CAAC;AAgB5B;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,YAAY,CAC1B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf;IAAE,WAAW,EAAE,gBAAgB,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,CA0CzD;AA8CD;;;GAGG;AACH,wBAAsB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC,CAIlF;AAgDD;;;GAGG;AACH,wBAAsB,mBAAmB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC,CAwBnF"}