@pan-sec/notebooklm-mcp 2026.2.11 → 2026.3.0

package/dist/webhooks/webhook-dispatcher.d.ts

@@ -3,14 +3,43 @@
  *
  * Delivers events to configured webhook endpoints with retry logic.
  */
+/// <reference types="node" resolution-mode="require"/>
 import type { SystemEvent } from "../events/event-types.js";
 import type { WebhookConfig, WebhookStats, AddWebhookInput, UpdateWebhookInput } from "./types.js";
+type WebhookUrlValidation = {
+    ok: true;
+    url: URL;
+} | {
+    ok: false;
+    error: string;
+};
+/**
+ * Validate a webhook URL before we ever send it an outbound request.
+ *
+ * Checks (in order):
+ *   1. Parseable URL
+ *   2. Scheme: require https:; allow http: only when NLMCP_WEBHOOK_ALLOW_HTTP=true
+ *   3. Lexical hostname in private/loopback/link-local/metadata space
+ *   4. DNS resolution — all resolved addresses must be public (closes
+ *      DNS-rebinding attacks); skipped when NLMCP_WEBHOOK_RESOLVE_DNS=false
+ *
+ * Exported for use by tool handlers that want to pre-validate before
+ * calling dispatcher.addWebhook().
+ */
+export declare function validateWebhookUrl(rawUrl: string): Promise<WebhookUrlValidation>;
 export declare class WebhookDispatcher {
     private storePath;
+    private deliveryLogPath;
     private store;
     private unsubscribe;
     private deliveryHistory;
     private maxDeliveryHistory;
+    private readonly circuitBreakerThreshold;
+    private readonly circuitBreakerResetMs;
+    private circuitBreakers;
+    private deliverySequence;
+    private webhookSecrets;
+    private saveQueue;
     constructor();
     /**
      * Load webhooks from disk
@@ -21,7 +50,9 @@ export declare class WebhookDispatcher {
      */
     private saveStore;
     /**
-     * Initialize webhooks from environment variables
+     * Initialize webhooks from environment variables. Each URL is validated
+     * via validateWebhookUrl before being stored — invalid env values log a
+     * warning and are skipped (server must still start).
      */
     private initializeFromEnv;
     /**
@@ -29,15 +60,28 @@ export declare class WebhookDispatcher {
      */
     private subscribeToEvents;
     /**
-     * Dispatch an event to all matching webhooks
+     * Dispatch an event to all matching webhooks in parallel.
+     *
+     * Using Promise.allSettled so one slow/failing webhook does not block
+     * or cancel delivery to others (I275).
      */
     dispatch(event: SystemEvent): Promise<void>;
     /**
      * Check if webhook should receive this event type
      */
     private shouldSend;
-    /**
-     * Send event with retry logic
+    private getCircuitBreakerState;
+    private shouldSkipForOpenCircuit;
+    private onDeliverySuccess;
+    private onDeliveryFailure;
+    private logAttempt;
+    /**
+     * Send event with retry logic.
+     *
+     * Retries capped at 3 attempts with max 30 s total window (I276).
+     * Payload is secrets-scanned before dispatch (I273).
+     * Outbound headers filtered to remove dangerous overrides (I282).
+     * HMAC signature includes unix timestamp to prevent replay (I271).
      */
     private sendWithRetry;
     /**
@@ -73,25 +117,48 @@ export declare class WebhookDispatcher {
      */
     private getDescription;
     /**
-     * Sign payload with HMAC-SHA256
+     * Sign payload with HMAC-SHA256, including a unix timestamp in the signed
+     * data so receivers can reject replayed requests (I271).
+     * Signed message: "<timestamp>\n<payload>"
      */
     private sign;
     /**
-     * Record delivery for history
+     * Load recent delivery history from disk on startup (I279)
+     */
+    private loadDeliveryHistory;
+    /**
+     * Record delivery for history — persists to disk for cross-restart auditability (I279)
      */
     private recordDelivery;
+    private nextDeliverySequence;
+    /**
+     * Add a new webhook. Validates the URL before persisting; throws on
+     * scheme/host/DNS-resolution failure so callers see a clear reason.
+     * Records a ChangeLog entry for SOC2 change-management audit trail.
+     */
+    addWebhook(input: AddWebhookInput): Promise<WebhookConfig>;
+    /**
+     * Update a webhook. Re-validates the URL if it is being changed.
+     * Records a ChangeLog entry for SOC2 change-management audit trail.
+     */
+    updateWebhook(input: UpdateWebhookInput): Promise<WebhookConfig | null>;
     /**
-     * Add a new webhook
+     * Remove a webhook.
+     * Records a ChangeLog entry for SOC2 change-management audit trail.
      */
-    addWebhook(input: AddWebhookInput): WebhookConfig;
+    removeWebhook(id: string): Promise<boolean>;
     /**
-     * Update a webhook
+     * Helper: extract just the host from a URL for audit records. Never
+     * log the full URL (may contain secret tokens as path components, as
+     * Slack/Discord do).
      */
-    updateWebhook(input: UpdateWebhookInput): WebhookConfig | null;
+    private safeHost;
     /**
-     * Remove a webhook
+     * Helper: write a ChangeLog entry for webhook CRUD. Errors are
+     * swallowed with a warning — the webhook change itself has already
+     * succeeded and compliance logging must not break the caller.
      */
-    removeWebhook(id: string): boolean;
+    private recordWebhookChange;
     /**
      * List all webhooks
      */
@@ -117,4 +184,5 @@ export declare class WebhookDispatcher {
     destroy(): void;
 }
 export declare function getWebhookDispatcher(): WebhookDispatcher;
+export {};
 //# sourceMappingURL=webhook-dispatcher.d.ts.map

package/dist/webhooks/webhook-dispatcher.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"webhook-dispatcher.d.ts","sourceRoot":"","sources":["../../src/webhooks/webhook-dispatcher.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AASH,OAAO,KAAK,EAAE,WAAW,EAAa,MAAM,0BAA0B,CAAC;AACvE,OAAO,KAAK,EACV,aAAa,EAEb,YAAY,EACZ,eAAe,EACf,kBAAkB,EACnB,MAAM,YAAY,CAAC;AAQpB,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,KAAK,CAAgB;IAC7B,OAAO,CAAC,WAAW,CAA6B;IAChD,OAAO,CAAC,eAAe,CAAyB;IAChD,OAAO,CAAC,kBAAkB,CAAO;;IAYjC;;OAEG;IACH,OAAO,CAAC,SAAS;IAiBjB;;OAEG;IACH,OAAO,CAAC,SAAS;IASjB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IA0CzB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAMzB;;OAEG;IACG,QAAQ,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAUjD;;OAEG;IACH,OAAO,CAAC,UAAU;IAKlB;;OAEG;YACW,aAAa;IA0F3B;;OAEG;IACH,OAAO,CAAC,aAAa;IAgBrB;;OAEG;IACH,OAAO,CAAC,WAAW;IAyBnB;;OAEG;IACH,OAAO,CAAC,aAAa;IAiBrB;;OAEG;IACH,OAAO,CAAC,WAAW;IAoBnB;;OAEG;IACH,OAAO,CAAC,QAAQ;IAmBhB;;OAEG;IACH,OAAO,CAAC,QAAQ;IAmBhB;;OAEG;IACH,OAAO,CAAC,QAAQ;IAmBhB;;OAEG;IACH,OAAO,CAAC,cAAc;IAyBtB;;OAEG;IACH,OAAO,CAAC,IAAI;IAMZ;;OAEG;IACH,OAAO,CAAC,cAAc;IAStB;;OAEG;IACH,UAAU,CAAC,KAAK,EAAE,eAAe,GAAG,aAAa;IAwBjD;;OAEG;IACH,aAAa,CAAC,KAAK,EAAE,kBAAkB,GAAG,aAAa,GAAG,IAAI;IAwB9D;;OAEG;IACH,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO;IAYlC;;OAEG;IACH,YAAY,IAAI,aAAa,EAAE;IAI/B;;OAEG;IACH,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,aAAa,GAAG,IAAI;IAI5C;;OAEG;IACG,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAuB5E;;OAEG;IACH,QAAQ,IAAI,YAAY;IAexB;;OAEG;IACH,OAAO,IAAI,IAAI;CAMhB;AAKD,wBAAgB,oBAAoB,IAAI,iBAAiB,CAKxD"}
+{"version":3,"file":"webhook-dispatcher.d.ts","sourceRoot":"","sources":["../../src/webhooks/webhook-dispatcher.ts"],"names":[],"mappings":"AAAA;;;;GAIG;;AAWH,OAAO,KAAK,EAAE,WAAW,EAAa,MAAM,0BAA0B,CAAC;AAIvE,OAAO,KAAK,EACV,aAAa,EAEb,YAAY,EACZ,eAAe,EACf,kBAAkB,EACnB,MAAM,YAAY,CAAC;AAyBpB,KAAK,oBAAoB,GACrB;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,GAAG,EAAE,GAAG,CAAA;CAAE,GACtB;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AA0DjC;;;;;;;;;;;;GAYG;AACH,wBAAsB,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAyDtF;AAID,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,eAAe,CAAS;IAChC,OAAO,CAAC,KAAK,CAAgB;IAC7B,OAAO,CAAC,WAAW,CAA6B;IAChD,OAAO,CAAC,eAAe,CAAyB;IAChD,OAAO,CAAC,kBAAkB,CAAO;IACjC,OAAO,CAAC,QAAQ,CAAC,uBAAuB,CAAK;IAC7C,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAU;IAChD,OAAO,CAAC,eAAe,CAA0C;IACjE,OAAO,CAAC,gBAAgB,CAAK;IAE7B,OAAO,CAAC,cAAc,CAAuC;IAE7D,OAAO,CAAC,SAAS,CAAoC;;IAqBrD;;OAEG;IACH,OAAO,CAAC,SAAS;IAiBjB;;OAEG;IACH,OAAO,CAAC,SAAS;IAYjB;;;;OAIG;YACW,iBAAiB;IA+C/B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAMzB;;;;;OAKG;IACG,QAAQ,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IASjD;;OAEG;IACH,OAAO,CAAC,UAAU;IAKlB,OAAO,CAAC,sBAAsB;IAY9B,OAAO,CAAC,wBAAwB;IAuChC,OAAO,CAAC,iBAAiB;IAOzB,OAAO,CAAC,iBAAiB;IAmBzB,OAAO,CAAC,UAAU;IAsBlB;;;;;;;OAOG;YACW,aAAa;IAmI3B;;OAEG;IACH,OAAO,CAAC,aAAa;IAgBrB;;OAEG;IACH,OAAO,CAAC,WAAW;IAyBnB;;OAEG;IACH,OAAO,CAAC,aAAa;IAiBrB;;OAEG;IACH,OAAO,CAAC,WAAW;IAoBnB;;OAEG;IACH,OAAO,CAAC,QAAQ;IAmBhB;;OAEG;IACH,OAAO,CAAC,QAAQ;IAmBhB;;OAEG;IACH,OAAO,CAAC,QAAQ;IAmBhB;;OAEG;IACH,OAAO,CAAC,cAAc;IAyBtB;;;;OAIG;IACH,OAAO,CAAC,IAAI;IAMZ;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAwB3B;;OAEG;IACH,OAAO,CAAC,cAAc;IAiBtB,OAAO,CAAC,oBAAoB;IAO5B;;;;OAIG;IACG,UAAU,CAAC,KAAK,EAAE,eAAe,GAAG,OAAO,CAAC,aAAa,CAAC;IAmChE;;;OAGG;IACG,aAAa,CAAC,KAAK,EAAE,kBAAkB,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAiC7E;;;OAGG;IACG,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAejD;;;;OAIG;IACH,OAAO,CAAC,QAAQ;IAShB;;;;OAIG;YACW,mBAAmB;IAqBjC;;OAEG;IACH,YAAY,IAAI,aAAa,EAAE;IAI/B;;OAEG;IACH,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,aAAa,GAAG,IAAI;IAI5C;;OAEG;IACG,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAuB5E;;OAEG;IACH,QAAQ,IAAI,YAAY;IAexB;;OAEG;IACH,OAAO,IAAI,IAAI;CAMhB;AAKD,wBAAgB,oBAAoB,IAAI,iBAAiB,CAKxD"}