npm - @jshookmcp/jshook - Versions diffs - 0.2.9 → 0.3.1 - Mend

@jshookmcp/jshook 0.2.9 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (316) hide show

package/README.md +25 -50
package/README.zh.md +25 -48
package/dist/AntiCheatDetector-CGVGNfy5.mjs +1 -0
package/dist/CacheAdapters-CdAxBmVW.mjs +1 -0
package/dist/CodeInjector-BlgyqTOk.mjs +1 -0
package/dist/ConsoleMonitor-Dkqc0HNi.mjs +490 -0
package/dist/DOMInspector-BYY_EJ0C.mjs +95 -0
package/dist/DarwinAPI-DC4HGGLl.mjs +1 -0
package/dist/DetailedDataManager-BniBJlVv.mjs +1 -0
package/dist/EventBus-DgciURGg.mjs +1 -0
package/dist/EvidenceGraphBridge-BIfgB7HP.mjs +1 -0
package/dist/ExtensionManager-erMpqcLk.mjs +1 -0
package/dist/FingerprintManager-N7BZqjxP.mjs +1 -0
package/dist/HardwareBreakpoint-OcJqNFVc.mjs +1 -0
package/dist/HeapAnalyzer-CqAxZzeS.mjs +1 -0
package/dist/{HookGeneratorBuilders.core.generators.storage-CtcdK78Q.mjs → HookGeneratorBuilders.core.generators.storage-Bf1fbrNK.mjs} +66 -174
package/dist/InstrumentationSession-DxXs0sCp.mjs +1 -0
package/dist/MCPServer.search.handlers.domain-DVbWL1bT.mjs +1 -0
package/dist/MemoryController-BaqstM5w.mjs +2 -0
package/dist/MemoryScanSession-CaxAjZJf.mjs +1 -0
package/dist/MemoryScanner-BLYnMJy6.mjs +1 -0
package/dist/NativeMemoryManager.impl-CI554XbY.mjs +1 -0
package/dist/NativeMemoryManager.utils-DM4NC3FE.mjs +1 -0
package/dist/PEAnalyzer-DJyaJTQJ.mjs +1 -0
package/dist/PageController-D9jVkH0i.mjs +1 -0
package/dist/PointerChainEngine-5nF9eNlu.mjs +1 -0
package/dist/PrerequisiteError-Bl3dK8XA.mjs +1 -0
package/dist/ProcessRegistry-Hf12LlR9.mjs +1 -0
package/dist/ResponseBuilder-B2lu4KEl.mjs +1 -0
package/dist/ReverseEvidenceGraph-B931HeoW.mjs +2 -0
package/dist/ScriptManager-fgqiALgj.mjs +7 -0
package/dist/Speedhack-l6s8L2Qw.mjs +1 -0
package/dist/StealthVerifier-Dhbj4B4P.mjs +1 -0
package/dist/StructureAnalyzer-A-WamfYE.mjs +2 -0
package/dist/ToolCatalog-D_IKl1Hu.mjs +1 -0
package/dist/ToolError-DWU_z7gp.mjs +1 -0
package/dist/ToolProbe-xsfALmN3.mjs +1 -0
package/dist/ToolRegistry-B0Zs-phN.mjs +1 -0
package/dist/ToolRouter.policy-CFHoN_Lw.mjs +4 -0
package/dist/TraceRecorder-Dd8jLXpi.mjs +272 -0
package/dist/VersionDetector-DMoUWyNm.mjs +9 -0
package/dist/Win32API-Bhi5xFBe.mjs +1 -0
package/dist/Win32Debug-CQteFL4F.mjs +1 -0
package/dist/WorkflowEngine-CxEp2WXH.mjs +1 -0
package/dist/analysis-BuR-NgX8.mjs +5 -0
package/dist/{antidebug-CqDTB_uk.mjs → antidebug-BOTZH6-0.mjs} +8 -259
package/dist/artifactRetention-NBdncOEW.mjs +1 -0
package/dist/artifacts-B5xQuEa_.mjs +1 -0
package/dist/authorization-schema-B40obG1A.mjs +1 -0
package/dist/betterSqlite3-CGaxz4AX.mjs +1 -0
package/dist/binary-instrument-Cf9qqLlM.mjs +7 -0
package/dist/bind-helpers-BlAOQrFQ.mjs +1 -0
package/dist/boringssl-inspector-BST5vtKx.mjs +2 -0
package/dist/browser-C4Le3xqA.mjs +11 -0
package/dist/capabilities-DbYCv-HF.mjs +1 -0
package/dist/chunk-C_pMuVsO.mjs +1 -0
package/dist/collector-CKO8RPK8.mjs +1 -0
package/dist/concurrency-CcK46d0h.mjs +1 -0
package/dist/constants-Cp6hBrrx.mjs +1 -0
package/dist/coordination-BbijHEHH.mjs +1 -0
package/dist/debugger-CRJq_krh.mjs +1 -0
package/dist/definitions-BGobEDQa.mjs +1 -0
package/dist/definitions-BGwNSkVm.mjs +1 -0
package/dist/definitions-BbxOUiP-.mjs +1 -0
package/dist/definitions-CCP9gphV.mjs +1 -0
package/dist/definitions-CIO9O-Sw.mjs +1 -0
package/dist/definitions-CYFbewnd.mjs +1 -0
package/dist/definitions-CdWEuIkI.mjs +1 -0
package/dist/definitions-CoQFbggH.mjs +1 -0
package/dist/definitions-CuJRsJ6N.mjs +1 -0
package/dist/definitions-DI9YXsJk.mjs +1 -0
package/dist/definitions-DJklW2sS.mjs +1 -0
package/dist/definitions-DZ8uKusP.mjs +1 -0
package/dist/definitions-Dds_zrWx.mjs +1 -0
package/dist/definitions-Dgrg7f3D.mjs +1 -0
package/dist/definitions-DtE0XLrT.mjs +1 -0
package/dist/definitions-LaYTuwQd.mjs +26 -0
package/dist/definitions-NoVp_9Pm.mjs +1 -0
package/dist/definitions-OvGsfxdt.mjs +1 -0
package/dist/definitions-jXPaVy4P.mjs +1 -0
package/dist/encoding-DGcr6Aj_.mjs +2 -0
package/dist/ensure-browser-core-Buls24LQ.mjs +1 -0
package/dist/evidence-graph-bridge-B0yhGPcs.mjs +1 -0
package/dist/factory-Cx_1LorX.mjs +1 -0
package/dist/flat-target-session-CO5g78k3.mjs +1 -0
package/dist/formatAddress-C7j2fDlM.mjs +1 -0
package/dist/graphql-HLf3MS8H.mjs +62 -0
package/dist/handlers-BLMa4X7l.mjs +54 -0
package/dist/handlers-BP12ZsWc.mjs +4 -0
package/dist/handlers-BZoPla6E.mjs +1 -0
package/dist/handlers-BggKiVx9.mjs +2 -0
package/dist/handlers-D3iev8g1.mjs +1 -0
package/dist/handlers-D49r1-1P.mjs +1 -0
package/dist/handlers-DCE45Ww8.mjs +2 -0
package/dist/handlers-DW5AbYs5.mjs +5 -0
package/dist/handlers-De5u62Ga2.mjs +1 -0
package/dist/handlers-DmQzIc44.mjs +31 -0
package/dist/handlers-DnJRGp7t.mjs +302 -0
package/dist/handlers-Dv_runVv.mjs +2 -0
package/dist/handlers-S9Ws0IGy.mjs +2 -0
package/dist/{handlers-Bl8zkwz1.mjs → handlers-pVNpaw4A.mjs} +144 -841
package/dist/handlers.impl-CD2_kOcC.mjs +1 -0
package/dist/hooks-DDKppogd.mjs +600 -0
package/dist/index.mjs +12 -5225
package/dist/logger-sBC6IdRT.mjs +1 -0
package/dist/maintenance-CutEO84j.mjs +1 -0
package/dist/manifest-BFGxlDRh.mjs +123 -0
package/dist/manifest-BPuE6oH2.mjs +1 -0
package/dist/manifest-BXry5N09.mjs +1 -0
package/dist/manifest-BeP_zJGb2.mjs +1 -0
package/dist/manifest-C0g67k6U.mjs +1 -0
package/dist/manifest-C1nZkTkO.mjs +1 -0
package/dist/manifest-C7qV1z7F.mjs +1 -0
package/dist/manifest-CDeUZGUZ.mjs +1 -0
package/dist/manifest-CDiCtaQT.mjs +1 -0
package/dist/manifest-CFn0359q2.mjs +1 -0
package/dist/manifest-CGq4NpqH2.mjs +1 -0
package/dist/manifest-CJMGt7Qy.mjs +1 -0
package/dist/manifest-CRIJq4Hs.mjs +1 -0
package/dist/manifest-C_hEIjSx.mjs +1 -0
package/dist/manifest-CeQmtQOY.mjs +1 -0
package/dist/manifest-Cq0j7GZt.mjs +1 -0
package/dist/manifest-CtPmHAdn.mjs +1 -0
package/dist/manifest-Cx2IVMUY.mjs +1 -0
package/dist/manifest-D16xPXro.mjs +1 -0
package/dist/manifest-D44TaRJU.mjs +1 -0
package/dist/manifest-D610kxZr.mjs +2 -0
package/dist/manifest-DC-SMF6b.mjs +1 -0
package/dist/manifest-DD3rtxvV.mjs +1 -0
package/dist/manifest-DKUorv5M.mjs +1 -0
package/dist/manifest-DMJlcsTR.mjs +1 -0
package/dist/manifest-DWUUWBz0.mjs +1 -0
package/dist/manifest-De-6Wf2R.mjs +1 -0
package/dist/manifest-Dgh0uDW-.mjs +1 -0
package/dist/manifest-Dm0o3i2U.mjs +1 -0
package/dist/manifest-DsVh7Y4U.mjs +1 -0
package/dist/manifest-DtEFSRaq.mjs +1 -0
package/dist/manifest-H-EpAyZQ.mjs +1 -0
package/dist/manifest-ais9Afrw.mjs +1 -0
package/dist/manifest-tmb54wmA.mjs +1 -0
package/dist/manifest-yu2xiQqe.mjs +1 -0
package/dist/manifest-zrbrpKCC.mjs +1 -0
package/dist/matchesWildcardPattern-BGqLSmEs.mjs +1 -0
package/dist/modules-p-PUNv9r.mjs +332 -0
package/dist/mojo-ipc-VGlv3Qyp.mjs +9 -0
package/dist/network-BjZ1Y-GB.mjs +7 -0
package/dist/outputPaths-BonGThuc.mjs +2 -0
package/dist/parse-args-Cuk7-xUt.mjs +1 -0
package/dist/platform-C446Lf97.mjs +93 -0
package/dist/playwright-cdp-fallback-BwVR-_T3.mjs +1 -0
package/dist/process-C9f2A5zk.mjs +962 -0
package/dist/proxy-CvRepxgV.mjs +1 -0
package/dist/registry-DUHIPE-v.mjs +1 -0
package/dist/response-C7rKQst4.mjs +1 -0
package/dist/search-defaults-D2bY-rzH.mjs +1 -0
package/dist/server/plugin-api.mjs +1 -293
package/dist/shared-state-board-Cyg-xh_k.mjs +1 -0
package/dist/sourcemap-D6Q1UuAp.mjs +1 -0
package/dist/ssrf-policy-T96MR3r6.mjs +1 -0
package/dist/streaming-CTX58tbb.mjs +1 -0
package/dist/tool-builder-CI9914Tf.mjs +1 -0
package/dist/transform-Cv9P2vVD.mjs +103 -0
package/dist/types-CuyefmGT.mjs +1 -0
package/dist/types-DtThH00r.mjs +1 -0
package/dist/wasm-DaJa8J0V.mjs +174 -0
package/dist/webcrack-CsLLJIs9.mjs +46 -0
package/dist/workflow-CYIXtrWD.mjs +101 -0
package/package.json +12 -7
package/dist/AntiCheatDetector-BNk-EoBt.mjs +0 -244
package/dist/CacheAdapters-CDe5WPSV.mjs +0 -80
package/dist/CodeInjector-Cq8q01kp.mjs +0 -150
package/dist/ConsoleMonitor-CPVQW1Y-.mjs +0 -2201
package/dist/DarwinAPI-BNPxu0RH.mjs +0 -363
package/dist/DetailedDataManager-BQQcxh64.mjs +0 -217
package/dist/EventBus-DgPmwpeu.mjs +0 -141
package/dist/EvidenceGraphBridge-SFesNera.mjs +0 -153
package/dist/ExtensionManager-CWYgw0YW.mjs +0 -714
package/dist/FingerprintManager-gzWtkKuf.mjs +0 -96
package/dist/HardwareBreakpoint-B9gZCdFP.mjs +0 -239
package/dist/HeapAnalyzer-BLDH0dCv.mjs +0 -284
package/dist/InstrumentationSession-CvPC7Jwy.mjs +0 -244
package/dist/MemoryController-CbVdCIJF.mjs +0 -167
package/dist/MemoryScanSession-BsDZbLYm.mjs +0 -278
package/dist/MemoryScanner-Bcpml6II.mjs +0 -425
package/dist/NativeMemoryManager.impl-dZtA1ZGn.mjs +0 -482
package/dist/NativeMemoryManager.utils-B-FjA2mJ.mjs +0 -165
package/dist/PEAnalyzer-D1lzJ_VG.mjs +0 -385
package/dist/PageController-Bqm2kZ_X.mjs +0 -417
package/dist/PointerChainEngine-BOhyVsjx.mjs +0 -322
package/dist/PrerequisiteError-Dl33Svkz.mjs +0 -20
package/dist/ResponseBuilder-D3iFYx2N.mjs +0 -143
package/dist/ReverseEvidenceGraph-Dlsk94LC.mjs +0 -269
package/dist/ScriptManager-aHHq0X7U.mjs +0 -3000
package/dist/Speedhack-CqdIFlQl.mjs +0 -156
package/dist/StealthVerifier-Bo4T3bz8.mjs +0 -135
package/dist/StructureAnalyzer-DhFaPvRO.mjs +0 -426
package/dist/ToolCatalog-C0JGZoOm.mjs +0 -582
package/dist/ToolError-jh9whhMd.mjs +0 -15
package/dist/ToolProbe-oC7aPrkv.mjs +0 -45
package/dist/ToolRegistry-BjaF4oNz.mjs +0 -131
package/dist/ToolRouter.policy-BWV67ZK-.mjs +0 -304
package/dist/TraceRecorder-DgxyVbdQ.mjs +0 -519
package/dist/VersionDetector-CwVLVdDM.mjs +0 -104
package/dist/Win32API-CePkipZY.mjs +0 -340
package/dist/Win32Debug-BvKs-gxc.mjs +0 -274
package/dist/WorkflowEngine-CuvkZtWu.mjs +0 -598
package/dist/analysis-CL9uACt9.mjs +0 -463
package/dist/artifactRetention-CFEprwPw.mjs +0 -591
package/dist/artifacts-Bk2-_uPq.mjs +0 -59
package/dist/betterSqlite3-0pqusHHH.mjs +0 -74
package/dist/binary-instrument-CXfpx6fT.mjs +0 -979
package/dist/bind-helpers-xFfRF-qm.mjs +0 -22
package/dist/boringssl-inspector-BH2D3VKc.mjs +0 -180
package/dist/browser-BpOr5PEx.mjs +0 -4082
package/dist/chunk-CjcI7cDX.mjs +0 -15
package/dist/concurrency-Bt0yv1kJ.mjs +0 -41
package/dist/constants-B0OANIBL.mjs +0 -519
package/dist/coordination-qUbyF8KU.mjs +0 -259
package/dist/debugger-gnKxRSN0.mjs +0 -1271
package/dist/definitions-6M-eejaT.mjs +0 -53
package/dist/definitions-B18eyf0B.mjs +0 -18
package/dist/definitions-B3QdlrHv.mjs +0 -34
package/dist/definitions-B4rAvHNZ.mjs +0 -63
package/dist/definitions-BB_4jnmy.mjs +0 -37
package/dist/definitions-BMfYXoNC.mjs +0 -43
package/dist/definitions-Beid2EB3.mjs +0 -27
package/dist/definitions-C1UvM5Iy.mjs +0 -126
package/dist/definitions-CXEI7QC72.mjs +0 -216
package/dist/definitions-C_4r7Fo-2.mjs +0 -14
package/dist/definitions-CkFDALoa.mjs +0 -26
package/dist/definitions-Cke7zEb8.mjs +0 -94
package/dist/definitions-ClJLzsJQ.mjs +0 -25
package/dist/definitions-Cq-zroAU.mjs +0 -28
package/dist/definitions-Cy3Sl6gV.mjs +0 -34
package/dist/definitions-D3VsGcvz.mjs +0 -47
package/dist/definitions-DVGfrn7y.mjs +0 -96
package/dist/definitions-LKpC3-nL.mjs +0 -9
package/dist/definitions-bAhHQJq9.mjs +0 -359
package/dist/encoding-Bvz5jLRv.mjs +0 -1065
package/dist/evidence-graph-bridge-C_fv9PuC.mjs +0 -135
package/dist/factory-DxlGh9Xf.mjs +0 -575
package/dist/formatAddress-DVkj9kpI.mjs +0 -17
package/dist/graphql-DYWzJ29s.mjs +0 -1026
package/dist/handlers-9sAbfIg-.mjs +0 -2552
package/dist/handlers-C67ktuRN.mjs +0 -710
package/dist/handlers-C87g8oCe.mjs +0 -276
package/dist/handlers-CTsDAO6p.mjs +0 -681
package/dist/handlers-Cgyg6c0U.mjs +0 -645
package/dist/handlers-D6j6yka7.mjs +0 -2124
package/dist/handlers-DdFzXLvF.mjs +0 -446
package/dist/handlers-DeLOCd5m.mjs +0 -799
package/dist/handlers-DlCJN4Td.mjs +0 -757
package/dist/handlers-DxGIq15_2.mjs +0 -917
package/dist/handlers-U6L4xhuF.mjs +0 -585
package/dist/handlers-tB9Mp9ZK.mjs +0 -84
package/dist/handlers-tiy7EIBp.mjs +0 -572
package/dist/handlers.impl-DS0d9fUw.mjs +0 -761
package/dist/hooks-CzCWByww.mjs +0 -898
package/dist/logger-Dh_xb7_2.mjs +0 -93
package/dist/maintenance-P7ePRXQC.mjs +0 -830
package/dist/manifest-2ToTpjv8.mjs +0 -106
package/dist/manifest-3g71z6Bg.mjs +0 -79
package/dist/manifest-82baTv4U.mjs +0 -45
package/dist/manifest-B3QVVeBS.mjs +0 -82
package/dist/manifest-BB2J8IMJ.mjs +0 -149
package/dist/manifest-BKbgbSiY.mjs +0 -60
package/dist/manifest-Bcf-TJzH.mjs +0 -848
package/dist/manifest-BmtZzQiQ2.mjs +0 -45
package/dist/manifest-Bnd7kqEY.mjs +0 -55
package/dist/manifest-BqQX6OQC2.mjs +0 -65
package/dist/manifest-BqrQ4Tpj.mjs +0 -81
package/dist/manifest-Br4RPFt5.mjs +0 -370
package/dist/manifest-C5qDjysN.mjs +0 -107
package/dist/manifest-C9RT5nk32.mjs +0 -34
package/dist/manifest-CAhOuvSl.mjs +0 -204
package/dist/manifest-CBYWCUBJ.mjs +0 -51
package/dist/manifest-CFADCRa1.mjs +0 -37
package/dist/manifest-CQVhavRF.mjs +0 -114
package/dist/manifest-CT7zZBV1.mjs +0 -48
package/dist/manifest-CV12bcrF.mjs +0 -121
package/dist/manifest-CXsRWjjI.mjs +0 -224
package/dist/manifest-CZLUCfG02.mjs +0 -95
package/dist/manifest-D6phHKFd.mjs +0 -131
package/dist/manifest-DCyjf4n2.mjs +0 -294
package/dist/manifest-DHsnKgP6.mjs +0 -60
package/dist/manifest-Df_dliIe.mjs +0 -55
package/dist/manifest-Dh8WBmEW.mjs +0 -129
package/dist/manifest-DhKRAT8_.mjs +0 -92
package/dist/manifest-DlpTj4ic2.mjs +0 -193
package/dist/manifest-DrbmZcFl2.mjs +0 -253
package/dist/manifest-DuwHjUa5.mjs +0 -70
package/dist/manifest-DzwvxPJX.mjs +0 -38
package/dist/manifest-NXctwWQq.mjs +0 -68
package/dist/manifest-Sc_0JQ13.mjs +0 -418
package/dist/manifest-gZ4s_UtG.mjs +0 -96
package/dist/manifest-qSleDqdO.mjs +0 -1023
package/dist/modules-C184v-S9.mjs +0 -11365
package/dist/mojo-ipc-B_H61Afw.mjs +0 -525
package/dist/network-671Cw6hV.mjs +0 -3346
package/dist/outputPaths-B1uGmrWZ.mjs +0 -1145
package/dist/parse-args-BlRjqlkL.mjs +0 -39
package/dist/platform-WmNn8Sxb.mjs +0 -2070
package/dist/process-QcbIy5Zq.mjs +0 -1401
package/dist/proxy-DqNs0bAd.mjs +0 -170
package/dist/registry-D-6e18lB.mjs +0 -34
package/dist/response-BQVP-xUn.mjs +0 -28
package/dist/shared-state-board-DV-dpHFJ.mjs +0 -586
package/dist/sourcemap-Dq8ez8vS.mjs +0 -650
package/dist/ssrf-policy-ZaUfvhq7.mjs +0 -166
package/dist/streaming-BUQ0VJsg.mjs +0 -725
package/dist/tool-builder-DCbIC5Eo.mjs +0 -186
package/dist/transform-CiYJfNX0.mjs +0 -1007
package/dist/types-Bx92KJfT.mjs +0 -4
package/dist/types-CPhOReNX.mjs +0 -37
package/dist/wasm-DQTnHDs4.mjs +0 -531
package/dist/workflow-f3xJOcjx.mjs +0 -725

package/dist/ssrf-policy-ZaUfvhq7.mjs DELETED Viewed

@@ -1,166 +0,0 @@
-import { BlockList, isIP } from "node:net";
-import { lookup } from "node:dns/promises";
-//#region src/server/domains/network/ssrf-policy.ts
-const RESTRICTED_IPV4_BLOCKLIST = new BlockList();
-const RESTRICTED_IPV6_BLOCKLIST = new BlockList();
-const RESTRICTED_IPV4_SUBNETS = [
-	["0.0.0.0", 8],
-	["10.0.0.0", 8],
-	["100.64.0.0", 10],
-	["127.0.0.0", 8],
-	["169.254.0.0", 16],
-	["172.16.0.0", 12],
-	["192.168.0.0", 16]
-];
-const RESTRICTED_IPV6_SUBNETS = [
-	["::", 128],
-	["::1", 128],
-	["::ffff:0:0", 96],
-	["::ffff:0:0:0", 96],
-	["64:ff9b::", 96],
-	["100::", 64],
-	["fc00::", 7],
-	["fe80::", 10]
-];
-for (const [address, prefix] of RESTRICTED_IPV4_SUBNETS) RESTRICTED_IPV4_BLOCKLIST.addSubnet(address, prefix, "ipv4");
-for (const [address, prefix] of RESTRICTED_IPV6_SUBNETS) RESTRICTED_IPV6_BLOCKLIST.addSubnet(address, prefix, "ipv6");
-function normalizeHost(host) {
-	return host.trim().replace(/^\[|\]$/g, "").toLowerCase();
-}
-function getHostAddressFamily(host) {
-	const family = isIP(host);
-	if (family === 4) return "ipv4";
-	if (family === 6) return "ipv6";
-	return null;
-}
-function parsePolicyExpiry(expiresAt) {
-	if (typeof expiresAt !== "string") return {
-		expiresAt: null,
-		expiresAtMs: null
-	};
-	const trimmed = expiresAt.trim();
-	if (trimmed.length === 0) return {
-		expiresAt: null,
-		expiresAtMs: null
-	};
-	const parsed = Date.parse(trimmed);
-	if (!Number.isFinite(parsed)) throw new Error(`Invalid authorization expiry "${expiresAt}"`);
-	return {
-		expiresAt: trimmed,
-		expiresAtMs: parsed
-	};
-}
-function addAuthorizedCidrs(allowedCidrs, ipv4AllowBlockList, ipv6AllowBlockList) {
-	const normalizedCidrs = [];
-	for (const rawCidr of allowedCidrs) {
-		const trimmed = rawCidr.trim();
-		if (trimmed.length === 0) continue;
-		const slashIndex = trimmed.lastIndexOf("/");
-		if (slashIndex <= 0 || slashIndex === trimmed.length - 1) throw new Error(`Invalid authorization CIDR "${rawCidr}"`);
-		const address = trimmed.slice(0, slashIndex).trim();
-		const prefixText = trimmed.slice(slashIndex + 1).trim();
-		const prefix = Number(prefixText);
-		const family = getHostAddressFamily(address);
-		if (!Number.isInteger(prefix) || !family) throw new Error(`Invalid authorization CIDR "${rawCidr}"`);
-		if (family === "ipv4" && (prefix < 0 || prefix > 32)) throw new Error(`Invalid authorization CIDR "${rawCidr}"`);
-		if (family === "ipv6" && (prefix < 0 || prefix > 128)) throw new Error(`Invalid authorization CIDR "${rawCidr}"`);
-		if (family === "ipv4") ipv4AllowBlockList.addSubnet(address, prefix, family);
-		else ipv6AllowBlockList.addSubnet(address, prefix, family);
-		normalizedCidrs.push(`${normalizeHost(address)}/${prefix}`);
-	}
-	return normalizedCidrs;
-}
-function isAddressAuthorized(policy, address) {
-	if (!policy || !address) return false;
-	const normalized = normalizeHost(address);
-	if (policy.allowedHosts.has(normalized)) return true;
-	const family = getHostAddressFamily(normalized);
-	if (!family) return false;
-	return family === "ipv4" ? policy.ipv4AllowBlockList.check(normalized, family) : policy.ipv6AllowBlockList.check(normalized, family);
-}
-function isLocalSsrfBypassEnabled() {
-	return process.env.ALLOW_LOCAL_SSRF === "true";
-}
-function isLoopbackHost(host) {
-	const normalized = normalizeHost(host);
-	return normalized === "localhost" || normalized === "127.0.0.1" || normalized === "::1";
-}
-function isPrivateHost(host) {
-	const normalized = normalizeHost(host);
-	if (normalized === "localhost") return true;
-	const family = getHostAddressFamily(normalized);
-	if (!family) return false;
-	return family === "ipv4" ? RESTRICTED_IPV4_BLOCKLIST.check(normalized, family) : RESTRICTED_IPV6_BLOCKLIST.check(normalized, family);
-}
-function createNetworkAuthorizationPolicy(input) {
-	if (!input) return;
-	const allowedHosts = new Set((input.allowedHosts ?? []).map((host) => normalizeHost(host)).filter((host) => host.length > 0));
-	const ipv4AllowBlockList = new BlockList();
-	const ipv6AllowBlockList = new BlockList();
-	const normalizedCidrs = addAuthorizedCidrs(input.allowedCidrs ?? [], ipv4AllowBlockList, ipv6AllowBlockList);
-	const { expiresAt, expiresAtMs } = parsePolicyExpiry(input.expiresAt);
-	const reason = typeof input.reason === "string" ? input.reason.trim() : "";
-	return {
-		allowedHosts,
-		allowedCidrs: normalizedCidrs,
-		allowPrivateNetwork: input.allowPrivateNetwork === true,
-		allowInsecureHttp: input.allowInsecureHttp === true,
-		expiresAt,
-		expiresAtMs,
-		reason: reason.length > 0 ? reason : null,
-		ipv4AllowBlockList,
-		ipv6AllowBlockList
-	};
-}
-function hasAuthorizedTargets(policy) {
-	if (!policy) return false;
-	return policy.allowedHosts.size > 0 || policy.allowedCidrs.length > 0;
-}
-function isNetworkAuthorizationExpired(policy, now = Date.now()) {
-	if (!policy || policy.expiresAtMs === null) return false;
-	return now > policy.expiresAtMs;
-}
-async function resolveNetworkTarget(url) {
-	const parsedUrl = new URL(url);
-	const hostname = normalizeHost(parsedUrl.hostname);
-	const isIpLiteral = getHostAddressFamily(hostname) !== null;
-	if (isIpLiteral) return {
-		parsedUrl,
-		hostname,
-		resolvedAddress: hostname,
-		isIpLiteral
-	};
-	if (hostname === "localhost") return {
-		parsedUrl,
-		hostname,
-		resolvedAddress: "127.0.0.1",
-		isIpLiteral
-	};
-	const { address } = await lookup(hostname);
-	return {
-		parsedUrl,
-		hostname,
-		resolvedAddress: normalizeHost(address),
-		isIpLiteral
-	};
-}
-function isAuthorizedNetworkTarget(policy, target) {
-	if (!policy) return false;
-	return isAddressAuthorized(policy, target.hostname) || isAddressAuthorized(policy, target.resolvedAddress);
-}
-async function isSsrfTarget(url, authorization) {
-	try {
-		const policy = createNetworkAuthorizationPolicy(authorization);
-		if (isNetworkAuthorizationExpired(policy)) return true;
-		const parsed = new URL(url);
-		if (!policy && isLocalSsrfBypassEnabled()) return false;
-		const target = await resolveNetworkTarget(parsed.toString());
-		if (!(isPrivateHost(target.hostname) || isPrivateHost(target.resolvedAddress ?? ""))) return false;
-		if (!policy?.allowPrivateNetwork) return true;
-		return !isAuthorizedNetworkTarget(policy, target);
-	} catch {
-		return true;
-	}
-}
-//#endregion
-export { isLoopbackHost as a, isSsrfTarget as c, isLocalSsrfBypassEnabled as i, resolveNetworkTarget as l, hasAuthorizedTargets as n, isNetworkAuthorizationExpired as o, isAuthorizedNetworkTarget as r, isPrivateHost as s, createNetworkAuthorizationPolicy as t };