@jshookmcp/jshook 0.2.3 → 0.2.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (385) hide show
  1. package/README.md +14 -5
  2. package/README.zh.md +18 -3
  3. package/dist/packages/extension-sdk/src/bridges/shared.js +2 -2
  4. package/dist/packages/extension-sdk/src/plugin.d.ts +5 -0
  5. package/dist/packages/extension-sdk/src/plugin.js +119 -33
  6. package/dist/packages/extension-sdk/src/workflow.d.ts +156 -0
  7. package/dist/packages/extension-sdk/src/workflow.js +236 -0
  8. package/dist/src/config/search-defaults.js +161 -0
  9. package/dist/src/constants.d.ts +3 -0
  10. package/dist/src/constants.js +4 -1
  11. package/dist/src/index.d.ts +1 -1
  12. package/dist/src/index.js +13 -17
  13. package/dist/src/modules/analyzer/CodeAnalyzer.d.ts +1 -3
  14. package/dist/src/modules/analyzer/CodeAnalyzer.js +16 -28
  15. package/dist/src/modules/analyzer/CodeAnalyzerDataFlow.d.ts +1 -2
  16. package/dist/src/modules/analyzer/CodeAnalyzerDataFlow.js +1 -45
  17. package/dist/src/modules/analyzer/IntelligentAnalyzer.d.ts +1 -37
  18. package/dist/src/modules/analyzer/IntelligentAnalyzer.js +9 -142
  19. package/dist/src/modules/analyzer/PatternDetector.js +3 -3
  20. package/dist/src/modules/analyzer/PatternDetectorAuthPatterns.js +1 -1
  21. package/dist/src/modules/browser/BrowserDiscovery.js +2 -2
  22. package/dist/src/modules/browser/BrowserModeManager.js +11 -10
  23. package/dist/src/modules/browser/TabRegistry.js +2 -2
  24. package/dist/src/modules/browser/UnifiedBrowserManager.d.ts +1 -0
  25. package/dist/src/modules/browser/UnifiedBrowserManager.js +18 -3
  26. package/dist/src/modules/captcha/AICaptchaDetector.d.ts +1 -10
  27. package/dist/src/modules/captcha/AICaptchaDetector.js +7 -201
  28. package/dist/src/modules/collector/CodeCollector.js +4 -5
  29. package/dist/src/modules/collector/DOMInspector.js +48 -58
  30. package/dist/src/modules/collector/PageController.d.ts +17 -4
  31. package/dist/src/modules/collector/PageController.js +2 -5
  32. package/dist/src/modules/collector/PageScriptCollectors.js +3 -3
  33. package/dist/src/modules/crypto/CryptoDetector.d.ts +1 -4
  34. package/dist/src/modules/crypto/CryptoDetector.js +2 -42
  35. package/dist/src/modules/crypto/CryptoRules.js +1 -1
  36. package/dist/src/modules/debugger/BlackboxManager.js +1 -1
  37. package/dist/src/modules/debugger/DebuggerManager.impl.core.scope.js +1 -1
  38. package/dist/src/modules/debugger/ScriptManager.impl.extract-function-tree.js +4 -2
  39. package/dist/src/modules/debugger/WatchExpressionManager.js +1 -1
  40. package/dist/src/modules/deobfuscator/Deobfuscator.d.ts +1 -4
  41. package/dist/src/modules/deobfuscator/Deobfuscator.js +4 -39
  42. package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.d.ts +0 -3
  43. package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.js +2 -8
  44. package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.d.ts +1 -2
  45. package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.js +3 -55
  46. package/dist/src/modules/deobfuscator/JScramblerDeobfuscator.js +3 -4
  47. package/dist/src/modules/deobfuscator/VMDeobfuscator.d.ts +2 -10
  48. package/dist/src/modules/deobfuscator/VMDeobfuscator.js +3 -128
  49. package/dist/src/modules/deobfuscator/webcrack.js +15 -2
  50. package/dist/src/modules/emulator/AIEnvironmentAnalyzer.d.ts +5 -8
  51. package/dist/src/modules/emulator/AIEnvironmentAnalyzer.js +10 -102
  52. package/dist/src/modules/emulator/EnvironmentEmulator.d.ts +1 -5
  53. package/dist/src/modules/emulator/EnvironmentEmulator.js +7 -91
  54. package/dist/src/modules/emulator/EnvironmentEmulatorFetch.js +58 -61
  55. package/dist/src/modules/emulator/templates/chrome-env.d.ts +17 -7
  56. package/dist/src/modules/emulator/templates/chrome-env.js +14 -7
  57. package/dist/src/modules/external/ExternalToolRunner.js +25 -22
  58. package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.compose.js +5 -5
  59. package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.network.js +311 -311
  60. package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.runtime.js +410 -410
  61. package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.storage.js +122 -122
  62. package/dist/src/modules/monitor/ConsoleMonitor.impl.core.class.d.ts +13 -0
  63. package/dist/src/modules/monitor/ConsoleMonitor.impl.core.class.js +42 -0
  64. package/dist/src/modules/monitor/ConsoleMonitor.impl.core.dynamic.js +194 -194
  65. package/dist/src/modules/monitor/FetchInterceptor.d.ts +46 -0
  66. package/dist/src/modules/monitor/FetchInterceptor.js +191 -0
  67. package/dist/src/modules/monitor/PerformanceMonitor.js +8 -7
  68. package/dist/src/modules/monitor/PlaywrightNetworkMonitor.js +62 -62
  69. package/dist/src/modules/process/BaseMemoryManager.d.ts +1 -1
  70. package/dist/src/modules/process/LinuxProcessManager.js +2 -0
  71. package/dist/src/modules/process/MacProcessManager.js +25 -25
  72. package/dist/src/modules/process/MemoryManager.d.ts +1 -1
  73. package/dist/src/modules/process/MemoryManager.js +2 -2
  74. package/dist/src/modules/process/memory/AuditTrail.js +1 -1
  75. package/dist/src/modules/process/memory/availability.js +49 -49
  76. package/dist/src/modules/process/memory/injector.js +185 -185
  77. package/dist/src/modules/process/memory/reader.js +85 -53
  78. package/dist/src/modules/process/memory/regions.dump.js +51 -51
  79. package/dist/src/modules/process/memory/regions.enumerate.js +108 -108
  80. package/dist/src/modules/process/memory/regions.modules.js +80 -80
  81. package/dist/src/modules/process/memory/regions.protection.js +148 -115
  82. package/dist/src/modules/process/memory/scanner.d.ts +5 -1
  83. package/dist/src/modules/process/memory/scanner.darwin.js +98 -41
  84. package/dist/src/modules/process/memory/scanner.js +88 -4
  85. package/dist/src/modules/process/memory/scanner.windows.js +124 -124
  86. package/dist/src/modules/process/memory/writer.js +98 -58
  87. package/dist/src/modules/security/ExecutionSandbox.js +51 -52
  88. package/dist/src/modules/stealth/FingerprintManager.js +1 -1
  89. package/dist/src/modules/stealth/StealthScripts.d.ts +1 -0
  90. package/dist/src/modules/stealth/StealthScripts.js +18 -13
  91. package/dist/src/modules/stealth/StealthVerifier.js +1 -3
  92. package/dist/src/modules/symbolic/JSVMPSymbolicExecutor.d.ts +14 -0
  93. package/dist/src/modules/symbolic/JSVMPSymbolicExecutor.js +181 -2
  94. package/dist/src/modules/trace/TraceDB.js +75 -69
  95. package/dist/src/modules/trace/TraceRecorder.js +1 -5
  96. package/dist/src/native/AntiCheatDetector.js +67 -16
  97. package/dist/src/native/CodeInjector.js +3 -3
  98. package/dist/src/native/HardwareBreakpoint.js +24 -15
  99. package/dist/src/native/HeapAnalyzer.js +2 -2
  100. package/dist/src/native/MemoryController.js +1 -1
  101. package/dist/src/native/MemoryScanSession.js +2 -2
  102. package/dist/src/native/MemoryScanner.js +4 -8
  103. package/dist/src/native/NativeMemoryManager.impl.js +2 -2
  104. package/dist/src/native/PEAnalyzer.js +14 -15
  105. package/dist/src/native/PointerChainEngine.js +2 -4
  106. package/dist/src/native/ScriptLoader.js +4 -9
  107. package/dist/src/native/Speedhack.js +1 -1
  108. package/dist/src/native/StructureAnalyzer.js +52 -33
  109. package/dist/src/native/Win32API.d.ts +1 -0
  110. package/dist/src/native/Win32API.js +13 -0
  111. package/dist/src/native/Win32Debug.js +19 -19
  112. package/dist/src/native/platform/darwin/DarwinAPI.d.ts +2 -0
  113. package/dist/src/native/platform/darwin/DarwinAPI.js +8 -0
  114. package/dist/src/native/platform/darwin/DarwinMemoryProvider.js +6 -1
  115. package/dist/src/server/MCPServer.context.d.ts +2 -1
  116. package/dist/src/server/MCPServer.d.ts +2 -1
  117. package/dist/src/server/MCPServer.domain.d.ts +1 -1
  118. package/dist/src/server/MCPServer.domain.js +81 -16
  119. package/dist/src/server/MCPServer.js +41 -14
  120. package/dist/src/server/MCPServer.resources.d.ts +2 -0
  121. package/dist/src/server/MCPServer.resources.js +91 -0
  122. package/dist/src/server/MCPServer.search.handlers.call.js +2 -1
  123. package/dist/src/server/MCPServer.search.helpers.js +1 -1
  124. package/dist/src/server/MCPServer.transport.js +12 -0
  125. package/dist/src/server/ToolCallContextGuard.js +8 -0
  126. package/dist/src/server/ToolRouter.d.ts +25 -9
  127. package/dist/src/server/ToolRouter.intent.d.ts +26 -0
  128. package/dist/src/server/ToolRouter.intent.js +77 -0
  129. package/dist/src/server/ToolRouter.js +103 -284
  130. package/dist/src/server/ToolRouter.policy.d.ts +22 -0
  131. package/dist/src/server/ToolRouter.policy.js +163 -0
  132. package/dist/src/server/ToolRouter.probe.d.ts +17 -0
  133. package/dist/src/server/ToolRouter.probe.js +103 -0
  134. package/dist/src/server/ToolRouter.renderer.d.ts +9 -0
  135. package/dist/src/server/ToolRouter.renderer.js +52 -0
  136. package/dist/src/server/activation/ActivationController.js +15 -12
  137. package/dist/src/server/activation/CompoundConditionEngine.js +1 -1
  138. package/dist/src/server/activation/PredictiveBooster.js +1 -3
  139. package/dist/src/server/domains/analysis/definitions.js +155 -655
  140. package/dist/src/server/domains/analysis/handlers.impl.js +26 -20
  141. package/dist/src/server/domains/analysis/handlers.web-tools.js +2 -1
  142. package/dist/src/server/domains/analysis/manifest.js +6 -4
  143. package/dist/src/server/domains/antidebug/definitions.js +25 -111
  144. package/dist/src/server/domains/browser/definitions.tools.advanced.js +59 -88
  145. package/dist/src/server/domains/browser/definitions.tools.behavior.js +120 -227
  146. package/dist/src/server/domains/browser/definitions.tools.page-core.js +210 -439
  147. package/dist/src/server/domains/browser/definitions.tools.page-system.js +108 -250
  148. package/dist/src/server/domains/browser/definitions.tools.runtime.js +98 -211
  149. package/dist/src/server/domains/browser/definitions.tools.security.js +194 -339
  150. package/dist/src/server/domains/browser/handlers/camoufox-browser.js +3 -2
  151. package/dist/src/server/domains/browser/handlers/captcha-solver.js +3 -3
  152. package/dist/src/server/domains/browser/handlers/dom-query.js +2 -1
  153. package/dist/src/server/domains/browser/handlers/framework-state.js +27 -9
  154. package/dist/src/server/domains/browser/handlers/indexeddb-dump.js +21 -20
  155. package/dist/src/server/domains/browser/handlers/script-management.js +1 -1
  156. package/dist/src/server/domains/browser/handlers.impl.d.ts +1 -2
  157. package/dist/src/server/domains/browser/handlers.impl.js +2 -3
  158. package/dist/src/server/domains/browser/manifest.js +37 -13
  159. package/dist/src/server/domains/coordination/definitions.js +50 -216
  160. package/dist/src/server/domains/coordination/index.d.ts +2 -1
  161. package/dist/src/server/domains/coordination/index.js +1 -0
  162. package/dist/src/server/domains/debugger/definitions.tools.advanced.js +72 -189
  163. package/dist/src/server/domains/debugger/definitions.tools.core.js +114 -288
  164. package/dist/src/server/domains/debugger/manifest.js +9 -2
  165. package/dist/src/server/domains/encoding/definitions.js +43 -153
  166. package/dist/src/server/domains/encoding/handlers.base.js +2 -2
  167. package/dist/src/server/domains/evidence/definitions.d.ts +2 -0
  168. package/dist/src/server/domains/evidence/definitions.js +42 -0
  169. package/dist/src/server/domains/evidence/handlers.d.ts +582 -0
  170. package/dist/src/server/domains/evidence/handlers.js +60 -0
  171. package/dist/src/server/domains/evidence/index.d.ts +2 -0
  172. package/dist/src/server/domains/evidence/index.js +2 -0
  173. package/dist/src/server/domains/evidence/manifest.d.ts +63 -0
  174. package/dist/src/server/domains/evidence/manifest.js +78 -0
  175. package/dist/src/server/domains/graphql/definitions.js +53 -141
  176. package/dist/src/server/domains/graphql/handlers.impl.core.runtime.replay.js +92 -114
  177. package/dist/src/server/domains/graphql/handlers.impl.core.runtime.shared.js +77 -77
  178. package/dist/src/server/domains/hooks/ai-handlers.d.ts +0 -7
  179. package/dist/src/server/domains/hooks/ai-handlers.js +1 -67
  180. package/dist/src/server/domains/hooks/definitions.js +69 -335
  181. package/dist/src/server/domains/hooks/manifest.d.ts +1 -1
  182. package/dist/src/server/domains/hooks/manifest.js +1 -2
  183. package/dist/src/server/domains/instrumentation/definitions.d.ts +2 -0
  184. package/dist/src/server/domains/instrumentation/definitions.js +99 -0
  185. package/dist/src/server/domains/instrumentation/handlers.d.ts +78 -0
  186. package/dist/src/server/domains/instrumentation/handlers.js +206 -0
  187. package/dist/src/server/domains/instrumentation/index.d.ts +2 -0
  188. package/dist/src/server/domains/instrumentation/index.js +2 -0
  189. package/dist/src/server/domains/instrumentation/manifest.d.ts +63 -0
  190. package/dist/src/server/domains/instrumentation/manifest.js +114 -0
  191. package/dist/src/server/domains/macro/definitions.js +16 -43
  192. package/dist/src/server/domains/maintenance/definitions.js +60 -219
  193. package/dist/src/server/domains/maintenance/handlers.extensions.js +78 -20
  194. package/dist/src/server/domains/memory/definitions.js +387 -559
  195. package/dist/src/server/domains/memory/handlers/hooks.d.ts +55 -0
  196. package/dist/src/server/domains/memory/handlers/hooks.js +115 -0
  197. package/dist/src/server/domains/memory/handlers/integrity.d.ts +77 -0
  198. package/dist/src/server/domains/memory/handlers/integrity.js +180 -0
  199. package/dist/src/server/domains/memory/handlers/pointer-chain.d.ts +29 -0
  200. package/dist/src/server/domains/memory/handlers/pointer-chain.js +82 -0
  201. package/dist/src/server/domains/memory/handlers/readwrite.d.ts +41 -0
  202. package/dist/src/server/domains/memory/handlers/readwrite.js +78 -0
  203. package/dist/src/server/domains/memory/handlers/scan.d.ts +35 -0
  204. package/dist/src/server/domains/memory/handlers/scan.js +97 -0
  205. package/dist/src/server/domains/memory/handlers/session.d.ts +23 -0
  206. package/dist/src/server/domains/memory/handlers/session.js +49 -0
  207. package/dist/src/server/domains/memory/handlers/structure.d.ts +29 -0
  208. package/dist/src/server/domains/memory/handlers/structure.js +74 -0
  209. package/dist/src/server/domains/memory/handlers.impl.d.ts +49 -54
  210. package/dist/src/server/domains/memory/handlers.impl.js +63 -494
  211. package/dist/src/server/domains/memory/manifest.js +236 -64
  212. package/dist/src/server/domains/native-bridge/definitions.js +54 -192
  213. package/dist/src/server/domains/native-bridge/index.d.ts +1 -0
  214. package/dist/src/server/domains/native-bridge/index.js +2 -1
  215. package/dist/src/server/domains/network/auth-extractor.js +1 -1
  216. package/dist/src/server/domains/network/definitions.js +175 -578
  217. package/dist/src/server/domains/network/handlers.base.core.d.ts +64 -0
  218. package/dist/src/server/domains/network/handlers.base.core.js +623 -0
  219. package/dist/src/server/domains/network/handlers.base.d.ts +2 -124
  220. package/dist/src/server/domains/network/handlers.base.js +3 -878
  221. package/dist/src/server/domains/network/handlers.base.performance.d.ts +63 -0
  222. package/dist/src/server/domains/network/handlers.base.performance.js +193 -0
  223. package/dist/src/server/domains/network/handlers.base.types.d.ts +42 -0
  224. package/dist/src/server/domains/network/handlers.base.types.js +89 -0
  225. package/dist/src/server/domains/network/handlers.impl.core.runtime.d.ts +1 -1
  226. package/dist/src/server/domains/network/handlers.impl.core.runtime.intercept.d.ts +21 -0
  227. package/dist/src/server/domains/network/handlers.impl.core.runtime.intercept.js +186 -0
  228. package/dist/src/server/domains/network/handlers.impl.core.runtime.js +1 -1
  229. package/dist/src/server/domains/network/manifest.js +15 -0
  230. package/dist/src/server/domains/network/replay.js +1 -4
  231. package/dist/src/server/domains/platform/definitions.js +121 -112
  232. package/dist/src/server/domains/platform/handlers/bridge-handlers.d.ts +4 -0
  233. package/dist/src/server/domains/platform/handlers/bridge-handlers.js +193 -4
  234. package/dist/src/server/domains/platform/handlers/electron-asar-helpers.js +26 -6
  235. package/dist/src/server/domains/platform/handlers/electron-dual-cdp.d.ts +3 -0
  236. package/dist/src/server/domains/platform/handlers/electron-dual-cdp.js +170 -0
  237. package/dist/src/server/domains/platform/handlers/electron-fuse-handler.d.ts +3 -0
  238. package/dist/src/server/domains/platform/handlers/electron-fuse-handler.js +193 -0
  239. package/dist/src/server/domains/platform/handlers/electron-handlers.d.ts +6 -0
  240. package/dist/src/server/domains/platform/handlers/electron-handlers.js +95 -2
  241. package/dist/src/server/domains/platform/handlers/electron-ipc-sniffer.d.ts +2 -0
  242. package/dist/src/server/domains/platform/handlers/electron-ipc-sniffer.js +370 -0
  243. package/dist/src/server/domains/platform/handlers/electron-userdata-handler.d.ts +2 -0
  244. package/dist/src/server/domains/platform/handlers/electron-userdata-handler.js +78 -0
  245. package/dist/src/server/domains/platform/handlers/miniapp-handlers.js +3 -3
  246. package/dist/src/server/domains/platform/handlers/v8-bytecode-handler.d.ts +2 -0
  247. package/dist/src/server/domains/platform/handlers/v8-bytecode-handler.js +207 -0
  248. package/dist/src/server/domains/platform/handlers.d.ts +48 -0
  249. package/dist/src/server/domains/platform/handlers.js +29 -0
  250. package/dist/src/server/domains/platform/manifest.js +38 -0
  251. package/dist/src/server/domains/process/definitions.js +163 -647
  252. package/dist/src/server/domains/process/handlers.base.d.ts +3 -95
  253. package/dist/src/server/domains/process/handlers.base.js +7 -462
  254. package/dist/src/server/domains/process/handlers.base.process.d.ts +61 -0
  255. package/dist/src/server/domains/process/handlers.base.process.js +417 -0
  256. package/dist/src/server/domains/process/handlers.base.types.d.ts +57 -0
  257. package/dist/src/server/domains/process/handlers.base.types.js +50 -0
  258. package/dist/src/server/domains/process/handlers.impl.core.runtime.inject.js +18 -16
  259. package/dist/src/server/domains/process/manifest.js +6 -1
  260. package/dist/src/server/domains/sandbox/definitions.js +11 -33
  261. package/dist/src/server/domains/sandbox/handlers.js +8 -3
  262. package/dist/src/server/domains/shared/ResponseBuilder.d.ts +209 -0
  263. package/dist/src/server/domains/shared/ResponseBuilder.js +48 -0
  264. package/dist/src/server/domains/shared/modules.d.ts +0 -2
  265. package/dist/src/server/domains/shared/modules.js +0 -1
  266. package/dist/src/server/domains/sourcemap/definitions.js +27 -111
  267. package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-common.js +7 -2
  268. package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-main.js +1 -1
  269. package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-parse-base.js +1 -1
  270. package/dist/src/server/domains/sourcemap/manifest.d.ts +1 -1
  271. package/dist/src/server/domains/sourcemap/manifest.js +1 -1
  272. package/dist/src/server/domains/streaming/definitions.js +36 -148
  273. package/dist/src/server/domains/streaming/handlers.impl.streaming-sse.js +163 -164
  274. package/dist/src/server/domains/streaming/handlers.impl.streaming-ws.js +1 -1
  275. package/dist/src/server/domains/trace/TraceSummarizer.js +8 -5
  276. package/dist/src/server/domains/trace/definitions.tools.js +51 -206
  277. package/dist/src/server/domains/trace/handlers.js +10 -12
  278. package/dist/src/server/domains/trace/index.d.ts +2 -1
  279. package/dist/src/server/domains/trace/index.js +2 -1
  280. package/dist/src/server/domains/trace/manifest.js +15 -3
  281. package/dist/src/server/domains/transform/definitions.js +50 -210
  282. package/dist/src/server/domains/transform/handlers.impl.transform-base.js +108 -108
  283. package/dist/src/server/domains/transform/handlers.impl.transform-crypto.js +18 -19
  284. package/dist/src/server/domains/transform/manifest.d.ts +1 -1
  285. package/dist/src/server/domains/transform/manifest.js +1 -1
  286. package/dist/src/server/domains/wasm/definitions.js +55 -232
  287. package/dist/src/server/domains/wasm/handlers.js +1 -1
  288. package/dist/src/server/domains/workflow/definitions.js +144 -414
  289. package/dist/src/server/domains/workflow/handlers.impl.workflow-account-bundle.js +1 -1
  290. package/dist/src/server/domains/workflow/handlers.impl.workflow-api.js +51 -51
  291. package/dist/src/server/domains/workflow/handlers.impl.workflow-base.d.ts +2 -0
  292. package/dist/src/server/domains/workflow/handlers.impl.workflow-base.js +126 -87
  293. package/dist/src/server/domains/workflow/handlers.impl.workflow-batch.js +5 -5
  294. package/dist/src/server/evidence/ReverseEvidenceGraph.d.ts +20 -0
  295. package/dist/src/server/evidence/ReverseEvidenceGraph.js +208 -0
  296. package/dist/src/server/evidence/index.d.ts +2 -0
  297. package/dist/src/server/evidence/index.js +1 -0
  298. package/dist/src/server/evidence/types.d.ts +22 -0
  299. package/dist/src/server/evidence/types.js +1 -0
  300. package/dist/src/server/extensions/ExtensionManager.d.ts +1 -0
  301. package/dist/src/server/extensions/ExtensionManager.discovery.js +72 -9
  302. package/dist/src/server/extensions/ExtensionManager.integrity.js +1 -1
  303. package/dist/src/server/extensions/ExtensionManager.js +193 -40
  304. package/dist/src/server/extensions/ExtensionManager.roots.d.ts +1 -1
  305. package/dist/src/server/extensions/ExtensionManager.roots.js +4 -4
  306. package/dist/src/server/extensions/plugin-config.js +1 -1
  307. package/dist/src/server/extensions/plugin-env.d.ts +1 -1
  308. package/dist/src/server/extensions/plugin-env.js +10 -4
  309. package/dist/src/server/extensions/types.d.ts +17 -0
  310. package/dist/src/server/extensions/types.js +1 -1
  311. package/dist/src/server/instrumentation/EvidenceGraphBridge.d.ts +13 -0
  312. package/dist/src/server/instrumentation/EvidenceGraphBridge.js +150 -0
  313. package/dist/src/server/instrumentation/InstrumentationSession.d.ts +60 -0
  314. package/dist/src/server/instrumentation/InstrumentationSession.js +269 -0
  315. package/dist/src/server/instrumentation/index.d.ts +2 -0
  316. package/dist/src/server/instrumentation/index.js +2 -0
  317. package/dist/src/server/instrumentation/types.d.ts +62 -0
  318. package/dist/src/server/instrumentation/types.js +7 -0
  319. package/dist/src/server/macros/MacroConfigLoader.d.ts +6 -5
  320. package/dist/src/server/macros/MacroConfigLoader.js +61 -59
  321. package/dist/src/server/macros/MacroRunner.js +6 -2
  322. package/dist/src/server/macros/builtins/index.d.ts +2 -3
  323. package/dist/src/server/macros/builtins/index.js +51 -7
  324. package/dist/src/server/plugins/PluginContract.d.ts +1 -1
  325. package/dist/src/server/registry/contracts.d.ts +1 -1
  326. package/dist/src/server/registry/discovery.js +5 -4
  327. package/dist/src/server/registry/ensure-browser-core.js +0 -3
  328. package/dist/src/server/registry/index.js +4 -4
  329. package/dist/src/server/registry/tool-builder.d.ts +46 -0
  330. package/dist/src/server/registry/tool-builder.js +105 -0
  331. package/dist/src/server/sandbox/QuickJSSandbox.js +16 -5
  332. package/dist/src/server/sandbox/SandboxHelpers.js +250 -250
  333. package/dist/src/server/search/EmbeddingWorker.js +5 -3
  334. package/dist/src/server/search/FeedbackTracker.d.ts +9 -0
  335. package/dist/src/server/search/FeedbackTracker.js +26 -0
  336. package/dist/src/server/search/QueryNormalizer.d.ts +6 -0
  337. package/dist/src/server/search/QueryNormalizer.js +94 -0
  338. package/dist/src/server/search/ToolSearchEngineImpl.d.ts +2 -3
  339. package/dist/src/server/search/ToolSearchEngineImpl.js +38 -88
  340. package/dist/src/server/workflows/WorkflowContract.d.ts +24 -0
  341. package/dist/src/server/workflows/WorkflowContract.js +12 -0
  342. package/dist/src/server/workflows/WorkflowEngine.d.ts +1 -0
  343. package/dist/src/server/workflows/WorkflowEngine.js +136 -3
  344. package/dist/src/types/config.d.ts +0 -14
  345. package/dist/src/types/deobfuscator.d.ts +0 -1
  346. package/dist/src/types/index.d.ts +1 -1
  347. package/dist/src/utils/DetailedDataManager.js +2 -0
  348. package/dist/src/utils/RingBuffer.js +5 -5
  349. package/dist/src/utils/TokenBudgetManager.js +1 -1
  350. package/dist/src/utils/UnifiedCacheManager.js +1 -1
  351. package/dist/src/utils/artifactRetention.js +2 -2
  352. package/dist/src/utils/betterSqlite3.d.ts +11 -0
  353. package/dist/src/utils/betterSqlite3.js +88 -0
  354. package/dist/src/utils/browserExecutable.js +2 -2
  355. package/dist/src/utils/cliFastPath.js +5 -8
  356. package/dist/src/utils/config.js +4 -26
  357. package/dist/src/utils/environmentDoctor.js +138 -11
  358. package/dist/src/utils/outputPaths.js +16 -9
  359. package/dist/src/utils/parallel.js +1 -3
  360. package/package.json +74 -72
  361. package/workflows/.gitkeep +0 -0
  362. package/dist/src/modules/analyzer/AISummarizer.d.ts +0 -39
  363. package/dist/src/modules/analyzer/AISummarizer.js +0 -122
  364. package/dist/src/modules/hook/AIHookGenerator.d.ts +0 -52
  365. package/dist/src/modules/hook/AIHookGenerator.js +0 -360
  366. package/dist/src/modules/hook/AIHookGeneratorTemplates.d.ts +0 -9
  367. package/dist/src/modules/hook/AIHookGeneratorTemplates.js +0 -157
  368. package/dist/src/server/macros/builtins/deobfuscate-ast-flow.d.ts +0 -2
  369. package/dist/src/server/macros/builtins/deobfuscate-ast-flow.js +0 -25
  370. package/dist/src/server/macros/builtins/unpacker-flow.d.ts +0 -2
  371. package/dist/src/server/macros/builtins/unpacker-flow.js +0 -25
  372. package/dist/src/services/LLMService.d.ts +0 -37
  373. package/dist/src/services/LLMService.js +0 -233
  374. package/dist/src/services/prompts/analysis.d.ts +0 -9
  375. package/dist/src/services/prompts/analysis.js +0 -158
  376. package/dist/src/services/prompts/crypto.d.ts +0 -2
  377. package/dist/src/services/prompts/crypto.js +0 -108
  378. package/dist/src/services/prompts/deobfuscation.d.ts +0 -6
  379. package/dist/src/services/prompts/deobfuscation.js +0 -300
  380. package/dist/src/services/prompts/environment.d.ts +0 -16
  381. package/dist/src/services/prompts/environment.js +0 -372
  382. package/dist/src/services/prompts/intelligence.d.ts +0 -4
  383. package/dist/src/services/prompts/intelligence.js +0 -250
  384. package/dist/src/services/prompts/taint.d.ts +0 -2
  385. package/dist/src/services/prompts/taint.js +0 -54
package/dist/src/server/domains/evidence/index.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ export * from './definitions.js';
2
+ export { EvidenceHandlers } from './handlers.js';
package/dist/src/server/domains/evidence/index.js ADDED
@@ -0,0 +1,2 @@
1
+ export * from './definitions.js';
2
+ export { EvidenceHandlers } from './handlers.js';
package/dist/src/server/domains/evidence/manifest.d.ts ADDED
@@ -0,0 +1,63 @@
1
+ import type { MCPServerContext } from '../../domains/shared/registry.js';
2
+ import { EvidenceHandlers } from '../../domains/evidence/handlers.js';
3
+ type H = EvidenceHandlers;
4
+ declare function ensure(ctx: MCPServerContext): H;
5
+ declare const manifest: {
6
+ kind: "domain-manifest";
7
+ version: 1;
8
+ domain: "evidence";
9
+ depKey: "evidenceHandlers";
10
+ profiles: ("workflow" | "full")[];
11
+ ensure: typeof ensure;
12
+ workflowRule: {
13
+ patterns: RegExp[];
14
+ priority: number;
15
+ tools: string[];
16
+ hint: string;
17
+ };
18
+ registrations: {
19
+ tool: {
20
+ inputSchema: {
21
+ [x: string]: unknown;
22
+ type: "object";
23
+ properties?: {
24
+ [x: string]: object;
25
+ } | undefined;
26
+ required?: string[] | undefined;
27
+ };
28
+ name: string;
29
+ description?: string | undefined;
30
+ outputSchema?: {
31
+ [x: string]: unknown;
32
+ type: "object";
33
+ properties?: {
34
+ [x: string]: object;
35
+ } | undefined;
36
+ required?: string[] | undefined;
37
+ } | undefined;
38
+ annotations?: {
39
+ title?: string | undefined;
40
+ readOnlyHint?: boolean | undefined;
41
+ destructiveHint?: boolean | undefined;
42
+ idempotentHint?: boolean | undefined;
43
+ openWorldHint?: boolean | undefined;
44
+ } | undefined;
45
+ execution?: {
46
+ taskSupport?: "optional" | "required" | "forbidden" | undefined;
47
+ } | undefined;
48
+ _meta?: {
49
+ [x: string]: unknown;
50
+ } | undefined;
51
+ icons?: {
52
+ src: string;
53
+ mimeType?: string | undefined;
54
+ sizes?: string[] | undefined;
55
+ theme?: "light" | "dark" | undefined;
56
+ }[] | undefined;
57
+ title?: string | undefined;
58
+ };
59
+ domain: "evidence";
60
+ bind: (deps: import("../../domains/shared/registry.js").ToolHandlerDeps) => (args: import("../../types.js").ToolArgs) => Promise<unknown>;
61
+ }[];
62
+ };
63
+ export default manifest;
package/dist/src/server/domains/evidence/manifest.js ADDED
@@ -0,0 +1,78 @@
1
+ import { bindByDepKey, toolLookup } from '../../domains/shared/registry.js';
2
+ import { evidenceTools } from '../../domains/evidence/definitions.js';
3
+ import { EvidenceHandlers } from '../../domains/evidence/handlers.js';
4
+ import { ReverseEvidenceGraph } from '../../evidence/ReverseEvidenceGraph.js';
5
+ import { InstrumentationSessionManager } from '../../instrumentation/InstrumentationSession.js';
6
+ import { EvidenceGraphBridge } from '../../instrumentation/EvidenceGraphBridge.js';
7
+ const DOMAIN = 'evidence';
8
+ const DEP_KEY = 'evidenceHandlers';
9
+ const t = toolLookup(evidenceTools);
10
+ const b = (invoke) => bindByDepKey(DEP_KEY, invoke);
11
+ function ensure(ctx) {
12
+ let graph = ctx.getDomainInstance('evidenceGraph');
13
+ if (!graph) {
14
+ graph = new ReverseEvidenceGraph();
15
+ ctx.setDomainInstance('evidenceGraph', graph);
16
+ }
17
+ let bridge = ctx.getDomainInstance('evidenceGraphBridge');
18
+ if (!bridge) {
19
+ bridge = new EvidenceGraphBridge(graph);
20
+ ctx.setDomainInstance('evidenceGraphBridge', bridge);
21
+ }
22
+ const sessionManager = ctx.getDomainInstance('instrumentationSessionManager');
23
+ sessionManager?.setEvidenceBridge(bridge);
24
+ if (!ctx.evidenceHandlers) {
25
+ ctx.evidenceHandlers = new EvidenceHandlers(graph);
26
+ }
27
+ return ctx.evidenceHandlers;
28
+ }
29
+ const manifest = {
30
+ kind: 'domain-manifest',
31
+ version: 1,
32
+ domain: DOMAIN,
33
+ depKey: DEP_KEY,
34
+ profiles: ['workflow', 'full'],
35
+ ensure,
36
+ workflowRule: {
37
+ patterns: [
38
+ /(evidence|provenance|chain).*(graph|query|export|report)/i,
39
+ /(证据|溯源|链).*(图|查询|导出|报告)/i,
40
+ ],
41
+ priority: 90,
42
+ tools: ['evidence_query_url', 'evidence_export_markdown'],
43
+ hint: 'Evidence graph: query by URL/function/scriptId → get provenance chain → export as JSON or Markdown report',
44
+ },
45
+ registrations: [
46
+ {
47
+ tool: t('evidence_query_url'),
48
+ domain: DOMAIN,
49
+ bind: b(async (h, a) => h.handleQueryUrl(a)),
50
+ },
51
+ {
52
+ tool: t('evidence_query_function'),
53
+ domain: DOMAIN,
54
+ bind: b(async (h, a) => h.handleQueryFunction(a)),
55
+ },
56
+ {
57
+ tool: t('evidence_query_script'),
58
+ domain: DOMAIN,
59
+ bind: b(async (h, a) => h.handleQueryScript(a)),
60
+ },
61
+ {
62
+ tool: t('evidence_export_json'),
63
+ domain: DOMAIN,
64
+ bind: b(async (h) => h.handleExportJson()),
65
+ },
66
+ {
67
+ tool: t('evidence_export_markdown'),
68
+ domain: DOMAIN,
69
+ bind: b(async (h) => h.handleExportMarkdown()),
70
+ },
71
+ {
72
+ tool: t('evidence_chain'),
73
+ domain: DOMAIN,
74
+ bind: b(async (h, a) => h.handleChain(a)),
75
+ },
76
+ ],
77
+ };
78
+ export default manifest;
package/dist/src/server/domains/graphql/definitions.js CHANGED
@@ -1,143 +1,55 @@
1
+ import { tool } from '../../registry/tool-builder.js';
1
2
  export const graphqlTools = [
2
- {
3
- name: 'call_graph_analyze',
4
- description: 'Analyze runtime function call graph from in-page traces (__aiHooks / tracer records). Returns nodes, edges, and stats.',
5
- inputSchema: {
6
- type: 'object',
7
- properties: {
8
- maxDepth: {
9
- type: 'number',
10
- description: 'Maximum stack-derived edge depth to include (default: 5, min: 1, max: 20).',
11
- default: 5,
12
- },
13
- filterPattern: {
14
- type: 'string',
15
- description: 'Optional regex string to filter function names (source or target).',
16
- },
17
- },
18
- },
19
- annotations: {
20
- readOnlyHint: true,
21
- destructiveHint: false,
22
- idempotentHint: true,
23
- openWorldHint: false,
24
- },
25
- },
26
- {
27
- name: 'script_replace_persist',
28
- description: 'Persistently replace matching script responses via request interception, and register metadata with evaluateOnNewDocument.',
29
- inputSchema: {
30
- type: 'object',
31
- properties: {
32
- url: {
33
- type: 'string',
34
- description: 'Script URL match pattern.',
35
- },
36
- replacement: {
37
- type: 'string',
38
- description: 'Replacement JavaScript source (full script content).',
39
- },
40
- matchType: {
41
- type: 'string',
42
- enum: ['exact', 'contains', 'regex'],
43
- description: "URL matching strategy. Defaults to 'contains'.",
44
- default: 'contains',
45
- },
46
- },
47
- required: ['url', 'replacement'],
48
- },
49
- annotations: {
50
- readOnlyHint: false,
51
- destructiveHint: false,
52
- idempotentHint: false,
53
- openWorldHint: true,
54
- },
55
- },
56
- {
57
- name: 'graphql_introspect',
58
- description: 'Run GraphQL introspection query against a target endpoint and return schema payload.',
59
- inputSchema: {
60
- type: 'object',
61
- properties: {
62
- endpoint: {
63
- type: 'string',
64
- description: 'GraphQL endpoint URL.',
65
- },
66
- headers: {
67
- type: 'object',
68
- description: 'Optional custom request headers.',
69
- additionalProperties: {
70
- type: 'string',
71
- },
72
- },
73
- },
74
- required: ['endpoint'],
75
- },
76
- annotations: {
77
- readOnlyHint: false,
78
- destructiveHint: false,
79
- idempotentHint: false,
80
- openWorldHint: true,
81
- },
82
- },
83
- {
84
- name: 'graphql_extract_queries',
85
- description: 'Extract GraphQL queries/mutations from captured in-page network traces (fetch/xhr/aiHook records).',
86
- inputSchema: {
87
- type: 'object',
88
- properties: {
89
- limit: {
90
- type: 'number',
91
- description: 'Maximum number of extracted operations to return (default: 50, max: 200).',
92
- default: 50,
93
- },
94
- },
95
- },
96
- annotations: {
97
- readOnlyHint: true,
98
- destructiveHint: false,
99
- idempotentHint: true,
100
- openWorldHint: false,
101
- },
102
- },
103
- {
104
- name: 'graphql_replay',
105
- description: 'Replay a GraphQL operation with optional variables and headers via in-page fetch.',
106
- inputSchema: {
107
- type: 'object',
108
- properties: {
109
- endpoint: {
110
- type: 'string',
111
- description: 'GraphQL endpoint URL.',
112
- },
113
- query: {
114
- type: 'string',
115
- description: 'GraphQL query/mutation string.',
116
- },
117
- variables: {
118
- type: 'object',
119
- description: 'GraphQL variables object.',
120
- additionalProperties: true,
121
- },
122
- operationName: {
123
- type: 'string',
124
- description: 'Optional GraphQL operationName.',
125
- },
126
- headers: {
127
- type: 'object',
128
- description: 'Optional custom request headers.',
129
- additionalProperties: {
130
- type: 'string',
131
- },
132
- },
133
- },
134
- required: ['endpoint', 'query'],
135
- },
136
- annotations: {
137
- readOnlyHint: false,
138
- destructiveHint: false,
139
- idempotentHint: false,
140
- openWorldHint: true,
141
- },
142
- },
3
+ tool('call_graph_analyze')
4
+ .desc('Analyze runtime function call graph from in-page traces')
5
+ .number('maxDepth', 'Maximum stack-derived edge depth', { default: 5 })
6
+ .string('filterPattern', 'Regex filter for function names')
7
+ .readOnly()
8
+ .idempotent()
9
+ .build(),
10
+ tool('script_replace_persist')
11
+ .desc('Persistently replace matching script responses via request interception')
12
+ .string('url', 'Script URL match pattern')
13
+ .string('replacement', 'Replacement JavaScript source')
14
+ .enum('matchType', ['exact', 'contains', 'regex'], 'URL matching strategy', {
15
+ default: 'contains',
16
+ })
17
+ .required('url', 'replacement')
18
+ .openWorld()
19
+ .build(),
20
+ tool('graphql_introspect')
21
+ .desc('Run GraphQL introspection query against a target endpoint')
22
+ .string('endpoint', 'GraphQL endpoint URL')
23
+ .prop('headers', {
24
+ type: 'object',
25
+ description: 'Custom request headers',
26
+ additionalProperties: { type: 'string' },
27
+ })
28
+ .required('endpoint')
29
+ .openWorld()
30
+ .build(),
31
+ tool('graphql_extract_queries')
32
+ .desc('Extract GraphQL queries/mutations from captured network traces')
33
+ .number('limit', 'Maximum extracted operations', { default: 50 })
34
+ .readOnly()
35
+ .idempotent()
36
+ .build(),
37
+ tool('graphql_replay')
38
+ .desc('Replay a GraphQL operation with optional variables via in-page fetch')
39
+ .string('endpoint', 'GraphQL endpoint URL')
40
+ .string('query', 'GraphQL query/mutation string')
41
+ .prop('variables', {
42
+ type: 'object',
43
+ description: 'GraphQL variables',
44
+ additionalProperties: true,
45
+ })
46
+ .string('operationName', 'GraphQL operationName')
47
+ .prop('headers', {
48
+ type: 'object',
49
+ description: 'Custom request headers',
50
+ additionalProperties: { type: 'string' },
51
+ })
52
+ .required('endpoint', 'query')
53
+ .openWorld()
54
+ .build(),
143
55
  ];
package/dist/src/server/domains/graphql/handlers.impl.core.runtime.replay.js CHANGED
@@ -8,7 +8,7 @@ export class GraphQLToolHandlersRuntime extends GraphQLHandlersBase {
8
8
  const filterPattern = this.getStringArg(args, 'filterPattern')?.trim() || '';
9
9
  if (filterPattern) {
10
10
  try {
11
- new RegExp(filterPattern);
11
+ RegExp(filterPattern);
12
12
  }
13
13
  catch (error) {
14
14
  return this.toError('Invalid filterPattern regex', {
@@ -25,13 +25,6 @@ export class GraphQLToolHandlersRuntime extends GraphQLHandlersBase {
25
25
  let scannedRecords = 0;
26
26
  let acceptedRecords = 0;
27
27
  const filterRegex = filter ? new RegExp(filter) : null;
28
- const normalizeName = (value, fallback = 'anonymous') => {
29
- if (typeof value === 'string') {
30
- const normalized = value.trim();
31
- return normalized.length > 0 ? normalized : fallback;
32
- }
33
- return fallback;
34
- };
35
28
  const matchesFilter = (name) => {
36
29
  if (!filterRegex) {
37
30
  return true;
@@ -54,8 +47,8 @@ export class GraphQLToolHandlersRuntime extends GraphQLHandlersBase {
54
47
  nodeMap.set(name, { id: name, name, callCount: by });
55
48
  };
56
49
  const addEdge = (sourceRaw, targetRaw) => {
57
- const source = normalizeName(sourceRaw, '');
58
- const target = normalizeName(targetRaw, '');
50
+ const source = typeof sourceRaw === 'string' ? sourceRaw.trim() || '' : '';
51
+ const target = typeof targetRaw === 'string' ? targetRaw.trim() || '' : '';
59
52
  if (!source || !target || source === target) {
60
53
  return;
61
54
  }
@@ -73,43 +66,42 @@ export class GraphQLToolHandlersRuntime extends GraphQLHandlersBase {
73
66
  incrementNode(source, 1);
74
67
  incrementNode(target, 1);
75
68
  };
76
- const parseStackFrames = (stackValue) => {
77
- if (typeof stackValue !== 'string' || stackValue.trim().length === 0) {
78
- return [];
79
- }
80
- return stackValue
81
- .split('\n')
82
- .map((line) => line.trim())
83
- .filter((line) => line.length > 0)
84
- .map((line) => {
85
- const atMatch = line.match(/at\s+([^(<\s]+)/);
86
- if (atMatch?.[1]) {
87
- return atMatch[1];
88
- }
89
- const atFileMatch = line.match(/^([^(<\s]+)@/);
90
- if (atFileMatch?.[1]) {
91
- return atFileMatch[1];
92
- }
93
- return '';
94
- })
95
- .filter((name) => name.length > 0);
96
- };
97
69
  const processRecord = (record, fallbackName) => {
98
70
  scannedRecords += 1;
99
- const callee = normalizeName(record.callee ??
71
+ const calleeRaw = record.callee ??
100
72
  record.functionName ??
101
73
  record.fn ??
102
74
  record.name ??
103
75
  record.method ??
104
76
  record.target ??
105
- fallbackName, fallbackName);
106
- const caller = normalizeName(record.caller ?? record.parent ?? record.from ?? '', '');
77
+ fallbackName;
78
+ const callee = typeof calleeRaw === 'string' ? calleeRaw.trim() || fallbackName : fallbackName;
79
+ const callerRaw = record.caller ?? record.parent ?? record.from ?? '';
80
+ const caller = typeof callerRaw === 'string' ? callerRaw.trim() || '' : '';
107
81
  let used = false;
108
82
  if (caller && callee) {
109
83
  addEdge(caller, callee);
110
84
  used = true;
111
85
  }
112
- const frames = parseStackFrames(record.stack ?? record.stackTrace ?? record.trace);
86
+ const stackValue = record.stack ?? record.stackTrace ?? record.trace;
87
+ const frames = typeof stackValue === 'string' && stackValue.trim().length > 0
88
+ ? stackValue
89
+ .split('\n')
90
+ .map((line) => line.trim())
91
+ .filter((line) => line.length > 0)
92
+ .map((line) => {
93
+ const atMatch = line.match(/at\s+([^(<\s]+)/);
94
+ if (atMatch?.[1]) {
95
+ return atMatch[1];
96
+ }
97
+ const atFileMatch = line.match(/^([^(<\s]+)@/);
98
+ if (atFileMatch?.[1]) {
99
+ return atFileMatch[1];
100
+ }
101
+ return '';
102
+ })
103
+ .filter((name) => name.length > 0)
104
+ : [];
113
105
  if (frames.length > 1) {
114
106
  const depthLimit = Math.min(depth, frames.length - 1);
115
107
  for (let index = 0; index < depthLimit; index += 1) {
@@ -167,8 +159,8 @@ export class GraphQLToolHandlersRuntime extends GraphQLHandlersBase {
167
159
  }
168
160
  }
169
161
  }
170
- const nodes = Array.from(nodeMap.values()).sort((left, right) => right.callCount - left.callCount);
171
- const edges = Array.from(edgeMap.values()).sort((left, right) => right.count - left.count);
162
+ const nodes = Array.from(nodeMap.values()).toSorted((left, right) => right.callCount - left.callCount);
163
+ const edges = Array.from(edgeMap.values()).toSorted((left, right) => right.count - left.count);
172
164
  return {
173
165
  nodes,
174
166
  edges,
@@ -218,7 +210,7 @@ export class GraphQLToolHandlersRuntime extends GraphQLHandlersBase {
218
210
  }
219
211
  if (matchType === 'regex') {
220
212
  try {
221
- new RegExp(url);
213
+ RegExp(url);
222
214
  }
223
215
  catch (error) {
224
216
  return this.toError('Invalid regex in url for matchType=regex', {
@@ -397,79 +389,6 @@ export class GraphQLToolHandlersRuntime extends GraphQLHandlersBase {
397
389
  const globalScope = window;
398
390
  const extracted = [];
399
391
  let scannedRecords = 0;
400
- const getHeader = (headers, name) => {
401
- if (!headers || typeof headers !== 'object') {
402
- return '';
403
- }
404
- const headerEntries = Object.entries(headers);
405
- for (const [key, value] of headerEntries) {
406
- if (key.toLowerCase() === name.toLowerCase()) {
407
- return typeof value === 'string' ? value : String(value);
408
- }
409
- }
410
- return '';
411
- };
412
- const parseBodyToObject = (body) => {
413
- if (!body) {
414
- return null;
415
- }
416
- if (typeof body === 'object' && !Array.isArray(body)) {
417
- return body;
418
- }
419
- if (typeof body !== 'string') {
420
- return null;
421
- }
422
- const trimmed = body.trim();
423
- if (!trimmed) {
424
- return null;
425
- }
426
- try {
427
- const parsed = JSON.parse(trimmed);
428
- if (parsed && typeof parsed === 'object' && !Array.isArray(parsed)) {
429
- return parsed;
430
- }
431
- }
432
- catch {
433
- }
434
- if (trimmed.includes('query=')) {
435
- try {
436
- const params = new URLSearchParams(trimmed);
437
- const query = params.get('query');
438
- if (!query) {
439
- return null;
440
- }
441
- const operationName = params.get('operationName');
442
- const variablesRaw = params.get('variables');
443
- let variables = null;
444
- if (variablesRaw) {
445
- try {
446
- variables = JSON.parse(variablesRaw);
447
- }
448
- catch {
449
- variables = variablesRaw;
450
- }
451
- }
452
- return {
453
- query,
454
- operationName,
455
- variables,
456
- };
457
- }
458
- catch {
459
- return null;
460
- }
461
- }
462
- if (trimmed.startsWith('query ') ||
463
- trimmed.startsWith('mutation ') ||
464
- trimmed.startsWith('subscription ')) {
465
- return { query: trimmed };
466
- }
467
- return null;
468
- };
469
- const inferOperationName = (query) => {
470
- const match = query.match(/^\s*(query|mutation|subscription)\s+([A-Za-z0-9_]+)/);
471
- return match?.[2] ?? null;
472
- };
473
392
  const pushIfGraphQL = (payload, metadata) => {
474
393
  if (!payload) {
475
394
  return;
@@ -481,7 +400,8 @@ export class GraphQLToolHandlersRuntime extends GraphQLHandlersBase {
481
400
  const operationNameRaw = payload.operationName;
482
401
  const operationName = typeof operationNameRaw === 'string' && operationNameRaw.trim().length > 0
483
402
  ? operationNameRaw
484
- : inferOperationName(queryRaw);
403
+ : (queryRaw.match(/^\s*(query|mutation|subscription)\s+([A-Za-z0-9_]+)/)?.[2] ??
404
+ null);
485
405
  extracted.push({
486
406
  source: metadata.source,
487
407
  url: metadata.url,
@@ -509,7 +429,14 @@ export class GraphQLToolHandlersRuntime extends GraphQLHandlersBase {
509
429
  ? record.requestHeaders
510
430
  : null) ??
511
431
  {};
512
- const contentType = getHeader(headers, 'content-type').toLowerCase();
432
+ let contentType = '';
433
+ for (const [key, value] of Object.entries(headers)) {
434
+ if (key.toLowerCase() === 'content-type') {
435
+ contentType = typeof value === 'string' ? value : String(value);
436
+ break;
437
+ }
438
+ }
439
+ contentType = contentType.toLowerCase();
513
440
  const bodyCandidates = [record.body, record.postData];
514
441
  if (record.options &&
515
442
  typeof record.options === 'object' &&
@@ -518,7 +445,58 @@ export class GraphQLToolHandlersRuntime extends GraphQLHandlersBase {
518
445
  bodyCandidates.push(optionsRecord.body);
519
446
  }
520
447
  for (const bodyCandidate of bodyCandidates) {
521
- const payload = parseBodyToObject(bodyCandidate);
448
+ let payload = null;
449
+ if (bodyCandidate &&
450
+ typeof bodyCandidate === 'object' &&
451
+ !Array.isArray(bodyCandidate)) {
452
+ payload = bodyCandidate;
453
+ }
454
+ else if (typeof bodyCandidate === 'string') {
455
+ const trimmed = bodyCandidate.trim();
456
+ if (trimmed) {
457
+ try {
458
+ const parsed = JSON.parse(trimmed);
459
+ if (parsed && typeof parsed === 'object' && !Array.isArray(parsed)) {
460
+ payload = parsed;
461
+ }
462
+ }
463
+ catch {
464
+ }
465
+ if (!payload && trimmed.includes('query=')) {
466
+ try {
467
+ const params = new URLSearchParams(trimmed);
468
+ const query = params.get('query');
469
+ if (query) {
470
+ const operationName = params.get('operationName');
471
+ const variablesRaw = params.get('variables');
472
+ let variables = null;
473
+ if (variablesRaw) {
474
+ try {
475
+ variables = JSON.parse(variablesRaw);
476
+ }
477
+ catch {
478
+ variables = variablesRaw;
479
+ }
480
+ }
481
+ payload = {
482
+ query,
483
+ operationName,
484
+ variables,
485
+ };
486
+ }
487
+ }
488
+ catch {
489
+ payload = null;
490
+ }
491
+ }
492
+ if (!payload &&
493
+ (trimmed.startsWith('query ') ||
494
+ trimmed.startsWith('mutation ') ||
495
+ trimmed.startsWith('subscription '))) {
496
+ payload = { query: trimmed };
497
+ }
498
+ }
499
+ }
522
500
  pushIfGraphQL(payload, {
523
501
  source,
524
502
  url,