@kodelyth/tlon 2026.5.42 → 2026.6.1

package/src/urbit/base-url.ts

@@ -1,61 +0,0 @@
-import { isBlockedHostnameOrIp } from "klaw/plugin-sdk/ssrf-runtime";
-
-type UrbitBaseUrlValidation =
-  | { ok: true; baseUrl: string; hostname: string }
-  | { ok: false; error: string };
-
-function hasScheme(value: string): boolean {
-  return /^[a-zA-Z][a-zA-Z0-9+.-]*:\/\//.test(value);
-}
-
-export function normalizeUrbitHostname(hostname: string | undefined): string {
-  return (hostname ?? "").trim().toLowerCase().replace(/\.$/, "");
-}
-
-export function validateUrbitBaseUrl(raw: string): UrbitBaseUrlValidation {
-  const trimmed = raw.trim();
-  if (!trimmed) {
-    return { ok: false, error: "Required" };
-  }
-
-  const candidate = hasScheme(trimmed) ? trimmed : `https://${trimmed}`;
-
-  let parsed: URL;
-  try {
-    parsed = new URL(candidate);
-  } catch {
-    return { ok: false, error: "Invalid URL" };
-  }
-
-  if (!["http:", "https:"].includes(parsed.protocol)) {
-    return { ok: false, error: "URL must use http:// or https://" };
-  }
-
-  if (parsed.username || parsed.password) {
-    return { ok: false, error: "URL must not include credentials" };
-  }
-
-  const hostname = normalizeUrbitHostname(parsed.hostname);
-  if (!hostname) {
-    return { ok: false, error: "Invalid hostname" };
-  }
-
-  // Normalize to origin so callers can't smuggle paths/query fragments into the base URL,
-  // and strip a trailing dot from the hostname (DNS root label).
-  const isIpv6 = hostname.includes(":");
-  const host = parsed.port
-    ? `${isIpv6 ? `[${hostname}]` : hostname}:${parsed.port}`
-    : isIpv6
-      ? `[${hostname}]`
-      : hostname;
-
-  return { ok: true, baseUrl: `${parsed.protocol}//${host}`, hostname };
-}
-
-export function isBlockedUrbitHostname(hostname: string): boolean {
-  const normalized = normalizeUrbitHostname(hostname);
-  if (!normalized) {
-    return false;
-  }
-  return isBlockedHostnameOrIp(normalized);
-}

package/src/urbit/channel-ops.test.ts

@@ -1,36 +0,0 @@
-import { beforeEach, describe, expect, it, vi } from "vitest";
-import { scryUrbitPath } from "./channel-ops.js";
-import { urbitFetch } from "./fetch.js";
-
-vi.mock("./fetch.js", () => ({
-  urbitFetch: vi.fn(),
-}));
-
-describe("Urbit channel operations", () => {
-  beforeEach(() => {
-    vi.mocked(urbitFetch).mockReset();
-  });
-
-  it("wraps malformed scry response JSON", async () => {
-    const release = vi.fn().mockResolvedValue(undefined);
-    vi.mocked(urbitFetch).mockResolvedValue({
-      response: new Response("{not json", {
-        status: 200,
-        headers: { "content-type": "application/json" },
-      }),
-      finalUrl: "https://example.com/~/scry/chat/inbox.json",
-      release,
-    });
-
-    await expect(
-      scryUrbitPath(
-        {
-          baseUrl: "https://example.com",
-          cookie: "urbauth-~zod=123",
-        },
-        { path: "/chat/inbox.json", auditContext: "test" },
-      ),
-    ).rejects.toThrow("Urbit scry response was malformed JSON for path /chat/inbox.json");
-    expect(release).toHaveBeenCalledTimes(1);
-  });
-});

package/src/urbit/channel-ops.ts

@@ -1,149 +0,0 @@
-import type { LookupFn, SsrFPolicy } from "klaw/plugin-sdk/ssrf-runtime";
-import { UrbitHttpError } from "./errors.js";
-import { urbitFetch } from "./fetch.js";
-
-type UrbitChannelDeps = {
-  baseUrl: string;
-  cookie: string;
-  ship: string;
-  channelId: string;
-  ssrfPolicy?: SsrFPolicy;
-  lookupFn?: LookupFn;
-  fetchImpl?: (input: RequestInfo | URL, init?: RequestInit) => Promise<Response>;
-};
-
-async function putUrbitChannel(
-  deps: UrbitChannelDeps,
-  params: { body: unknown; auditContext: string },
-) {
-  return await urbitFetch({
-    baseUrl: deps.baseUrl,
-    path: `/~/channel/${deps.channelId}`,
-    init: {
-      method: "PUT",
-      headers: {
-        "Content-Type": "application/json",
-        Cookie: deps.cookie,
-      },
-      body: JSON.stringify(params.body),
-    },
-    ssrfPolicy: deps.ssrfPolicy,
-    lookupFn: deps.lookupFn,
-    fetchImpl: deps.fetchImpl,
-    timeoutMs: 30_000,
-    auditContext: params.auditContext,
-  });
-}
-
-export async function pokeUrbitChannel(
-  deps: UrbitChannelDeps,
-  params: { app: string; mark: string; json: unknown; auditContext: string },
-): Promise<number> {
-  const pokeId = Date.now();
-  const pokeData = {
-    id: pokeId,
-    action: "poke",
-    ship: deps.ship,
-    app: params.app,
-    mark: params.mark,
-    json: params.json,
-  };
-
-  const { response, release } = await putUrbitChannel(deps, {
-    body: [pokeData],
-    auditContext: params.auditContext,
-  });
-
-  try {
-    if (!response.ok && response.status !== 204) {
-      const errorText = await response.text().catch(() => "");
-      throw new Error(`Poke failed: ${response.status}${errorText ? ` - ${errorText}` : ""}`);
-    }
-    return pokeId;
-  } finally {
-    await release();
-  }
-}
-
-export async function scryUrbitPath(
-  deps: Pick<UrbitChannelDeps, "baseUrl" | "cookie" | "ssrfPolicy" | "lookupFn" | "fetchImpl">,
-  params: { path: string; auditContext: string },
-): Promise<unknown> {
-  const scryPath = `/~/scry${params.path}`;
-  const { response, release } = await urbitFetch({
-    baseUrl: deps.baseUrl,
-    path: scryPath,
-    init: {
-      method: "GET",
-      headers: { Cookie: deps.cookie },
-    },
-    ssrfPolicy: deps.ssrfPolicy,
-    lookupFn: deps.lookupFn,
-    fetchImpl: deps.fetchImpl,
-    timeoutMs: 30_000,
-    auditContext: params.auditContext,
-  });
-
-  try {
-    if (!response.ok) {
-      throw new Error(`Scry failed: ${response.status} for path ${params.path}`);
-    }
-    try {
-      return await response.json();
-    } catch (cause) {
-      throw new Error(`Urbit scry response was malformed JSON for path ${params.path}`, { cause });
-    }
-  } finally {
-    await release();
-  }
-}
-
-async function createUrbitChannel(
-  deps: UrbitChannelDeps,
-  params: { body: unknown; auditContext: string },
-): Promise<void> {
-  const { response, release } = await putUrbitChannel(deps, params);
-
-  try {
-    if (!response.ok && response.status !== 204) {
-      throw new UrbitHttpError({ operation: "Channel creation", status: response.status });
-    }
-  } finally {
-    await release();
-  }
-}
-
-async function wakeUrbitChannel(deps: UrbitChannelDeps): Promise<void> {
-  const { response, release } = await putUrbitChannel(deps, {
-    body: [
-      {
-        id: Date.now(),
-        action: "poke",
-        ship: deps.ship,
-        app: "hood",
-        mark: "helm-hi",
-        json: "Opening API channel",
-      },
-    ],
-    auditContext: "tlon-urbit-channel-wake",
-  });
-
-  try {
-    if (!response.ok && response.status !== 204) {
-      throw new UrbitHttpError({ operation: "Channel activation", status: response.status });
-    }
-  } finally {
-    await release();
-  }
-}
-
-export async function ensureUrbitChannelOpen(
-  deps: UrbitChannelDeps,
-  params: { createBody: unknown; createAuditContext: string },
-): Promise<void> {
-  await createUrbitChannel(deps, {
-    body: params.createBody,
-    auditContext: params.createAuditContext,
-  });
-  await wakeUrbitChannel(deps);
-}

package/src/urbit/context.ts

@@ -1,50 +0,0 @@
-export { ssrfPolicyFromDangerouslyAllowPrivateNetwork } from "klaw/plugin-sdk/ssrf-runtime";
-import { normalizeUrbitHostname, validateUrbitBaseUrl } from "./base-url.js";
-import { UrbitUrlError } from "./errors.js";
-
-type UrbitContext = {
-  baseUrl: string;
-  hostname: string;
-  ship: string;
-};
-
-function resolveShipFromHostname(hostname: string): string {
-  const trimmed = normalizeUrbitHostname(hostname);
-  if (!trimmed) {
-    return "";
-  }
-  if (trimmed.includes(".")) {
-    return trimmed.split(".")[0] ?? trimmed;
-  }
-  return trimmed;
-}
-
-function normalizeUrbitShip(ship: string | undefined, hostname: string): string {
-  const raw = ship?.replace(/^~/, "") ?? resolveShipFromHostname(hostname);
-  return raw.trim();
-}
-
-export function normalizeUrbitCookie(cookie: string): string {
-  return cookie.split(";")[0] ?? cookie;
-}
-
-export function getUrbitContext(url: string, ship?: string): UrbitContext {
-  const validated = validateUrbitBaseUrl(url);
-  if (!validated.ok) {
-    throw new UrbitUrlError(validated.error);
-  }
-  return {
-    baseUrl: validated.baseUrl,
-    hostname: validated.hostname,
-    ship: normalizeUrbitShip(ship, validated.hostname),
-  };
-}
-
-/**
- * Get the default SSRF policy for image uploads.
- * Uses a restrictive policy that blocks private networks by default.
- */
-export function getDefaultSsrFPolicy(): undefined {
-  // Default: block private networks for image uploads (safer default)
-  return undefined;
-}

package/src/urbit/errors.ts

@@ -1,51 +0,0 @@
-type UrbitErrorCode =
-  | "invalid_url"
-  | "http_error"
-  | "auth_failed"
-  | "missing_cookie"
-  | "channel_not_open";
-
-class UrbitError extends Error {
-  readonly code: UrbitErrorCode;
-
-  constructor(code: UrbitErrorCode, message: string, options?: { cause?: unknown }) {
-    super(message, options);
-    this.name = "UrbitError";
-    this.code = code;
-  }
-}
-
-export class UrbitUrlError extends UrbitError {
-  constructor(message: string, options?: { cause?: unknown }) {
-    super("invalid_url", message, options);
-    this.name = "UrbitUrlError";
-  }
-}
-
-export class UrbitHttpError extends UrbitError {
-  readonly status: number;
-  readonly operation: string;
-  readonly bodyText?: string;
-
-  constructor(params: { operation: string; status: number; bodyText?: string; cause?: unknown }) {
-    const suffix = params.bodyText ? ` - ${params.bodyText}` : "";
-    super("http_error", `${params.operation} failed: ${params.status}${suffix}`, {
-      cause: params.cause,
-    });
-    this.name = "UrbitHttpError";
-    this.status = params.status;
-    this.operation = params.operation;
-    this.bodyText = params.bodyText;
-  }
-}
-
-export class UrbitAuthError extends UrbitError {
-  constructor(
-    code: "auth_failed" | "missing_cookie",
-    message: string,
-    options?: { cause?: unknown },
-  ) {
-    super(code, message, options);
-    this.name = "UrbitAuthError";
-  }
-}

package/src/urbit/fetch.ts

@@ -1,38 +0,0 @@
-import { fetchWithSsrFGuard, type LookupFn, type SsrFPolicy } from "klaw/plugin-sdk/ssrf-runtime";
-import { validateUrbitBaseUrl } from "./base-url.js";
-import { UrbitUrlError } from "./errors.js";
-
-type UrbitFetchOptions = {
-  baseUrl: string;
-  path: string;
-  init?: RequestInit;
-  ssrfPolicy?: SsrFPolicy;
-  lookupFn?: LookupFn;
-  fetchImpl?: (input: RequestInfo | URL, init?: RequestInit) => Promise<Response>;
-  timeoutMs?: number;
-  maxRedirects?: number;
-  signal?: AbortSignal;
-  auditContext?: string;
-  pinDns?: boolean;
-};
-
-export async function urbitFetch(params: UrbitFetchOptions) {
-  const validated = validateUrbitBaseUrl(params.baseUrl);
-  if (!validated.ok) {
-    throw new UrbitUrlError(validated.error);
-  }
-
-  const url = new URL(params.path, validated.baseUrl).toString();
-  return await fetchWithSsrFGuard({
-    url,
-    fetchImpl: params.fetchImpl,
-    init: params.init,
-    timeoutMs: params.timeoutMs,
-    maxRedirects: params.maxRedirects,
-    signal: params.signal,
-    policy: params.ssrfPolicy,
-    lookupFn: params.lookupFn,
-    auditContext: params.auditContext,
-    pinDns: params.pinDns,
-  });
-}

package/src/urbit/foreigns.ts

@@ -1,49 +0,0 @@
-/**
- * Types for Urbit groups foreigns (group invites)
- * Based on packages/shared/src/urbit/groups.ts from homestead
- */
-
-interface GroupPreviewV7 {
-  meta: {
-    title: string;
-    description: string;
-    image: string;
-    cover: string;
-  };
-  "channel-count": number;
-  "member-count": number;
-  admissions: {
-    privacy: "public" | "private" | "secret";
-  };
-}
-
-interface ForeignInvite {
-  flag: string; // group flag e.g. "~host/group-name"
-  time: number; // timestamp
-  from: string; // ship that sent invite
-  token: string | null;
-  note: string | null;
-  preview: GroupPreviewV7;
-  valid: boolean; // tracks if invite has been revoked
-}
-
-type Lookup = "preview" | "done" | "error";
-type Progress = "ask" | "join" | "watch" | "done" | "error";
-
-interface Foreign {
-  invites: ForeignInvite[];
-  lookup: Lookup | null;
-  preview: GroupPreviewV7 | null;
-  progress: Progress | null;
-  token: string | null;
-}
-
-export interface Foreigns {
-  [flag: string]: Foreign;
-}
-
-// DM invite structure from chat /v3 firehose
-export interface DmInvite {
-  ship: string;
-  // Additional fields may be present
-}

package/src/urbit/send.test.ts

@@ -1,83 +0,0 @@
-import { afterEach, describe, expect, it, vi } from "vitest";
-
-vi.mock("@urbit/aura", () => ({
-  scot: vi.fn(() => "mocked-ud"),
-  da: {
-    fromUnix: vi.fn(() => 123n),
-  },
-}));
-
-describe("sendDm", () => {
-  afterEach(() => {
-    vi.restoreAllMocks();
-  });
-
-  it("uses aura v3 helpers for the DM id", async () => {
-    const { sendDm } = await import("./send.js");
-    const aura = await import("@urbit/aura");
-    const scot = vi.mocked(aura.scot);
-    const fromUnix = vi.mocked(aura.da.fromUnix);
-
-    const sentAt = 1_700_000_000_000;
-    vi.spyOn(Date, "now").mockReturnValue(sentAt);
-
-    const poke = vi.fn(async () => ({}));
-
-    const result = await sendDm({
-      api: { poke },
-      fromShip: "~zod",
-      toShip: "~nec",
-      text: "hi",
-    });
-
-    expect(fromUnix).toHaveBeenCalledWith(sentAt);
-    expect(scot).toHaveBeenCalledWith("ud", 123n);
-    expect(poke).toHaveBeenCalledTimes(1);
-    expect(result.messageId).toBe("~zod/mocked-ud");
-    expect(result.receipt.primaryPlatformMessageId).toBe("~zod/mocked-ud");
-  });
-
-  it("passes numeric group reply ids through aura formatting", async () => {
-    const { sendGroupMessage } = await import("./send.js");
-    const aura = await import("@urbit/aura");
-    const scot = vi.mocked(aura.scot);
-    scot.mockReturnValueOnce("~2024.1.1");
-    vi.spyOn(Date, "now").mockReturnValue(1_700_000_000_000);
-    const poke = vi.fn(async () => ({}));
-
-    const result = await sendGroupMessage({
-      api: { poke },
-      fromShip: "~zod",
-      hostShip: "~nec",
-      channelName: "general",
-      text: "threaded",
-      replyToId: "1700000000000",
-    });
-
-    expect(scot).toHaveBeenCalledWith("ud", 1_700_000_000_000n);
-    expect(poke).toHaveBeenCalledWith({
-      app: "channels",
-      mark: "channel-action-1",
-      json: {
-        channel: {
-          nest: "chat/~nec/general",
-          action: {
-            post: {
-              reply: {
-                id: "~2024.1.1",
-                action: {
-                  add: {
-                    content: [{ inline: ["threaded"] }],
-                    author: "~zod",
-                    sent: 1_700_000_000_000,
-                  },
-                },
-              },
-            },
-          },
-        },
-      },
-    });
-    expect(result.receipt.threadId).toBe("~nec/general");
-  });
-});