npm - @promptbook/remote-server - Versions diffs - 0.85.0-10 → 0.85.0-12 - Mend

@promptbook/remote-server 0.85.0-10 → 0.85.0-12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/esm/index.es.js +5 -53
package/esm/index.es.js.map +1 -1
package/esm/typings/src/collection/constructors/createCollectionFromDirectory.d.ts +3 -3
package/package.json +2 -2
package/umd/index.umd.js +5 -53
package/umd/index.umd.js.map +1 -1

package/esm/index.es.js CHANGED Viewed

@@ -31,7 +31,7 @@ var BOOK_LANGUAGE_VERSION = '1.0.0';
  * @generated
  * @see https://github.com/webgptorg/promptbook
  */
-var PROMPTBOOK_ENGINE_VERSION = '0.85.0-9';
+var PROMPTBOOK_ENGINE_VERSION = '0.85.0-11';
 /**
  * TODO: string_promptbook_version should be constrained to the all versions of Promptbook engine
  * Note: [💞] Ignore a discrepancy between file name and entity name
@@ -1491,57 +1491,6 @@ function isValidPromptbookVersion(version) {
     return true;
 }
-/**
- * Checks if an URL is reserved for private networks or localhost.
- *
- * Note: There are two simmilar functions:
- * - `isUrlOnPrivateNetwork` which tests full URL
- * - `isHostnameOnPrivateNetwork` *(this one)* which tests just hostname
- *
- * @public exported from `@promptbook/utils`
- */
-function isHostnameOnPrivateNetwork(hostname) {
-    if (hostname === 'example.com' ||
-        hostname === 'localhost' ||
-        hostname.endsWith('.localhost') ||
-        hostname.endsWith('.local') ||
-        hostname.endsWith('.test') ||
-        hostname === '127.0.0.1' ||
-        hostname === '::1') {
-        return true;
-    }
-    if (hostname.includes(':')) {
-        // IPv6
-        var ipParts = hostname.split(':');
-        return ipParts[0] === 'fc00' || ipParts[0] === 'fd00' || ipParts[0] === 'fe80';
-    }
-    else {
-        // IPv4
-        var ipParts = hostname.split('.').map(function (part) { return Number.parseInt(part, 10); });
-        return (ipParts[0] === 10 ||
-            (ipParts[0] === 172 && ipParts[1] >= 16 && ipParts[1] <= 31) ||
-            (ipParts[0] === 192 && ipParts[1] === 168));
-    }
-}
-/**
- * Checks if an IP address or hostname is reserved for private networks or localhost.
- *
- * Note: There are two simmilar functions:
- * - `isUrlOnPrivateNetwork` *(this one)* which tests full URL
- * - `isHostnameOnPrivateNetwork` which tests just hostname
- *
- * @param {string} ipAddress - The IP address to check.
- * @returns {boolean} Returns true if the IP address is reserved for private networks or localhost, otherwise false.
- * @public exported from `@promptbook/utils`
- */
-function isUrlOnPrivateNetwork(url) {
-    if (typeof url === 'string') {
-        url = new URL(url);
-    }
-    return isHostnameOnPrivateNetwork(url.hostname);
-}
 /**
  * Tests if given string is valid URL.
  *
@@ -1584,16 +1533,19 @@ function isValidPipelineUrl(url) {
     if (!isValidUrl(url)) {
         return false;
     }
-    if (!url.startsWith('https://')) {
+    if (!url.startsWith('https://') && !url.startsWith('http://') /* <- Note: [👣] */) {
         return false;
     }
     if (url.includes('#')) {
         // TODO: [🐠]
         return false;
     }
+    /*
+    Note: [👣][🧠] Is it secure to allow pipeline URLs on private and unsecured networks?
     if (isUrlOnPrivateNetwork(url)) {
         return false;
     }
+    */
     return true;
 }
 /**