@qqbrowser/openclaw-qbot 0.10.13 → 0.10.15

package/node_modules/@smithy/credential-provider-imds/dist-cjs/index.js

@@ -1,6 +1,5 @@
 'use strict';
 
-var node_url = require('node:url');
 var config = require('@smithy/core/config');
 var node_http = require('node:http');
 var protocols = require('@smithy/core/protocols');
@@ -95,14 +94,8 @@ const requestFromEcsImds = async (timeout, options) => {
     return buffer.toString();
 };
 const CMDS_IP = "169.254.170.2";
-const GREENGRASS_HOSTS = {
-    localhost: true,
-    "127.0.0.1": true,
-};
-const GREENGRASS_PROTOCOLS = {
-    "http:": true,
-    "https:": true,
-};
+const GREENGRASS_HOSTS = new Set(["localhost", "127.0.0.1"]);
+const GREENGRASS_PROTOCOLS = new Set(["http:", "https:"]);
 const getCmdsUri = async ({ logger }) => {
     if (process.env[ENV_CMDS_RELATIVE_URI]) {
         return {
@@ -111,21 +104,29 @@ const getCmdsUri = async ({ logger }) => {
         };
     }
     if (process.env[ENV_CMDS_FULL_URI]) {
-        const parsed = node_url.parse(process.env[ENV_CMDS_FULL_URI]);
-        if (!parsed.hostname || !(parsed.hostname in GREENGRASS_HOSTS)) {
+        let parsed;
+        try {
+            parsed = new URL(process.env[ENV_CMDS_FULL_URI]);
+        }
+        catch {
+            throw new config.CredentialsProviderError(`${process.env[ENV_CMDS_FULL_URI]} is not a valid container metadata service URL`, { tryNextLink: false, logger });
+        }
+        if (!parsed.hostname || !GREENGRASS_HOSTS.has(parsed.hostname)) {
             throw new config.CredentialsProviderError(`${parsed.hostname} is not a valid container metadata service hostname`, {
                 tryNextLink: false,
                 logger,
             });
         }
-        if (!parsed.protocol || !(parsed.protocol in GREENGRASS_PROTOCOLS)) {
+        if (!parsed.protocol || !GREENGRASS_PROTOCOLS.has(parsed.protocol)) {
             throw new config.CredentialsProviderError(`${parsed.protocol} is not a valid container metadata service protocol`, {
                 tryNextLink: false,
                 logger,
             });
         }
         return {
-            ...parsed,
+            protocol: parsed.protocol,
+            hostname: parsed.hostname,
+            path: parsed.pathname + parsed.search,
             port: parsed.port ? parseInt(parsed.port, 10) : undefined,
         };
     }

package/node_modules/@smithy/credential-provider-imds/dist-es/fromContainerMetadata.js

@@ -1,4 +1,3 @@
-import { parse } from "node:url";
 import { CredentialsProviderError } from "@smithy/core/config";
 import { fromImdsCredentials, isImdsCredentials } from "./remoteProvider/ImdsCredentials";
 import { providerConfigFromInit } from "./remoteProvider/RemoteProviderInit";
@@ -34,14 +33,8 @@ const requestFromEcsImds = async (timeout, options) => {
     return buffer.toString();
 };
 const CMDS_IP = "169.254.170.2";
-const GREENGRASS_HOSTS = {
-    localhost: true,
-    "127.0.0.1": true,
-};
-const GREENGRASS_PROTOCOLS = {
-    "http:": true,
-    "https:": true,
-};
+const GREENGRASS_HOSTS = new Set(["localhost", "127.0.0.1"]);
+const GREENGRASS_PROTOCOLS = new Set(["http:", "https:"]);
 const getCmdsUri = async ({ logger }) => {
     if (process.env[ENV_CMDS_RELATIVE_URI]) {
         return {
@@ -50,21 +43,29 @@ const getCmdsUri = async ({ logger }) => {
         };
     }
     if (process.env[ENV_CMDS_FULL_URI]) {
-        const parsed = parse(process.env[ENV_CMDS_FULL_URI]);
-        if (!parsed.hostname || !(parsed.hostname in GREENGRASS_HOSTS)) {
+        let parsed;
+        try {
+            parsed = new URL(process.env[ENV_CMDS_FULL_URI]);
+        }
+        catch {
+            throw new CredentialsProviderError(`${process.env[ENV_CMDS_FULL_URI]} is not a valid container metadata service URL`, { tryNextLink: false, logger });
+        }
+        if (!parsed.hostname || !GREENGRASS_HOSTS.has(parsed.hostname)) {
             throw new CredentialsProviderError(`${parsed.hostname} is not a valid container metadata service hostname`, {
                 tryNextLink: false,
                 logger,
             });
         }
-        if (!parsed.protocol || !(parsed.protocol in GREENGRASS_PROTOCOLS)) {
+        if (!parsed.protocol || !GREENGRASS_PROTOCOLS.has(parsed.protocol)) {
             throw new CredentialsProviderError(`${parsed.protocol} is not a valid container metadata service protocol`, {
                 tryNextLink: false,
                 logger,
             });
         }
         return {
-            ...parsed,
+            protocol: parsed.protocol,
+            hostname: parsed.hostname,
+            path: parsed.pathname + parsed.search,
             port: parsed.port ? parseInt(parsed.port, 10) : undefined,
         };
     }

package/node_modules/@smithy/credential-provider-imds/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@smithy/credential-provider-imds",
-  "version": "4.3.4",
+  "version": "4.3.7",
   "description": "AWS credential provider that sources credentials from the EC2 instance metadata service and ECS container metadata service",
   "main": "./dist-cjs/index.js",
   "module": "./dist-es/index.js",
@@ -27,8 +27,8 @@
   "license": "Apache-2.0",
   "sideEffects": false,
   "dependencies": {
-    "@smithy/core": "^3.24.4",
-    "@smithy/types": "^4.14.2",
+    "@smithy/core": "^3.24.6",
+    "@smithy/types": "^4.14.3",
     "tslib": "^2.6.2"
   },
   "devDependencies": {

package/node_modules/@smithy/fetch-http-handler/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@smithy/fetch-http-handler",
-  "version": "5.4.4",
+  "version": "5.4.6",
   "description": "Provides a way to make requests",
   "scripts": {
     "build": "concurrently 'yarn:build:types' 'yarn:build:es:cjs'",
@@ -27,12 +27,12 @@
   "module": "./dist-es/index.js",
   "types": "./dist-types/index.d.ts",
   "dependencies": {
-    "@smithy/core": "^3.24.4",
-    "@smithy/types": "^4.14.2",
+    "@smithy/core": "^3.24.6",
+    "@smithy/types": "^4.14.3",
     "tslib": "^2.6.2"
   },
   "devDependencies": {
-    "@smithy/abort-controller": "^4.2.15",
+    "@smithy/abort-controller": "^4.2.16",
     "concurrently": "7.0.0",
     "downlevel-dts": "0.10.1",
     "premove": "4.0.0",

package/node_modules/@smithy/node-http-handler/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@smithy/node-http-handler",
-  "version": "4.7.4",
+  "version": "4.7.6",
   "description": "Provides a way to make requests",
   "scripts": {
     "build": "concurrently 'yarn:build:types' 'yarn:build:es:cjs'",
@@ -26,12 +26,12 @@
   "module": "./dist-es/index.js",
   "types": "./dist-types/index.d.ts",
   "dependencies": {
-    "@smithy/core": "^3.24.4",
-    "@smithy/types": "^4.14.2",
+    "@smithy/core": "^3.24.6",
+    "@smithy/types": "^4.14.3",
     "tslib": "^2.6.2"
   },
   "devDependencies": {
-    "@smithy/abort-controller": "^4.2.15",
+    "@smithy/abort-controller": "^4.2.16",
     "@types/node": "^18.11.9",
     "concurrently": "7.0.0",
     "downlevel-dts": "0.10.1",

package/node_modules/@smithy/signature-v4/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@smithy/signature-v4",
-  "version": "5.4.4",
+  "version": "5.4.6",
   "description": "A standalone implementation of the AWS Signature V4 request signing algorithm",
   "main": "./dist-cjs/index.js",
   "module": "./dist-es/index.js",
@@ -25,8 +25,8 @@
   "license": "Apache-2.0",
   "sideEffects": false,
   "dependencies": {
-    "@smithy/core": "^3.24.4",
-    "@smithy/types": "^4.14.2",
+    "@smithy/core": "^3.24.6",
+    "@smithy/types": "^4.14.3",
     "tslib": "^2.6.2"
   },
   "devDependencies": {

package/node_modules/@smithy/types/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@smithy/types",
-  "version": "4.14.2",
+  "version": "4.14.3",
   "scripts": {
     "build": "concurrently 'yarn:build:types' 'yarn:build:es:cjs'",
     "build:es:cjs": "yarn g:tsc -p tsconfig.es.json && node ../../scripts/inline types",

package/node_modules/eventsource-parser/dist/index.cjs

@@ -8,29 +8,40 @@ class ParseError extends Error {
 const LF = 10, CR = 13, SPACE = 32;
 function noop(_arg) {
 }
-function createParser(callbacks) {
-  if (typeof callbacks == "function")
+function createParser(config) {
+  if (typeof config == "function")
     throw new TypeError(
-      "`callbacks` must be an object, got a function instead. Did you mean `{onEvent: fn}`?"
+      "`config` must be an object, got a function instead. Did you mean `createParser({onEvent: fn})`?"
     );
-  const { onEvent = noop, onError = noop, onRetry = noop, onComment } = callbacks, pendingFragments = [];
-  let isFirstChunk = !0, id, data = "", dataLines = 0, eventType;
+  const { onEvent = noop, onError = noop, onRetry = noop, onComment, maxBufferSize } = config, pendingFragments = [];
+  let pendingFragmentsLength = 0, isFirstChunk = !0, id, data = "", dataLines = 0, eventType, terminated = !1;
   function feed(chunk) {
+    if (terminated)
+      throw new Error(
+        "Cannot feed parser: it was terminated after exceeding the configured max buffer size. Call `reset()` to resume parsing."
+      );
     if (isFirstChunk && (isFirstChunk = !1, chunk.charCodeAt(0) === 239 && chunk.charCodeAt(1) === 187 && chunk.charCodeAt(2) === 191 && (chunk = chunk.slice(3))), pendingFragments.length === 0) {
       const trailing2 = processLines(chunk);
-      trailing2 !== "" && pendingFragments.push(trailing2);
+      trailing2 !== "" && (pendingFragments.push(trailing2), pendingFragmentsLength = trailing2.length), checkBufferSize();
       return;
     }
     if (chunk.indexOf(`
 `) === -1 && chunk.indexOf("\r") === -1) {
-      pendingFragments.push(chunk);
+      pendingFragments.push(chunk), pendingFragmentsLength += chunk.length, checkBufferSize();
       return;
     }
     pendingFragments.push(chunk);
     const input = pendingFragments.join("");
-    pendingFragments.length = 0;
+    pendingFragments.length = 0, pendingFragmentsLength = 0;
     const trailing = processLines(input);
-    trailing !== "" && pendingFragments.push(trailing);
+    trailing !== "" && (pendingFragments.push(trailing), pendingFragmentsLength = trailing.length), checkBufferSize();
+  }
+  function checkBufferSize() {
+    maxBufferSize !== void 0 && (pendingFragmentsLength + data.length <= maxBufferSize || (terminated = !0, pendingFragments.length = 0, pendingFragmentsLength = 0, id = void 0, data = "", dataLines = 0, eventType = void 0, onError(
+      new ParseError(`Buffered data exceeded max buffer size of ${maxBufferSize} characters`, {
+        type: "max-buffer-size-exceeded"
+      })
+    )));
   }
   function processLines(chunk) {
     let searchIndex = 0;
@@ -151,7 +162,7 @@ ${value}`, dataLines++;
       const incompleteLine = pendingFragments.join("");
       parseLine(incompleteLine, 0, incompleteLine.length);
     }
-    isFirstChunk = !0, id = void 0, data = "", dataLines = 0, eventType = void 0, pendingFragments.length = 0;
+    isFirstChunk = !0, id = void 0, data = "", dataLines = 0, eventType = void 0, pendingFragments.length = 0, pendingFragmentsLength = 0, terminated = !1;
   }
   return { feed, reset };
 }

package/node_modules/eventsource-parser/dist/index.d.cts

@@ -1,24 +1,22 @@
 /**
  * Creates a new EventSource parser.
  *
- * @param callbacks - Callbacks to invoke on different parsing events:
- *   - `onEvent` when a new event is parsed
- *   - `onError` when an error occurs
- *   - `onRetry` when a new reconnection interval has been sent from the server
- *   - `onComment` when a comment is encountered in the stream
+ * @param config - Parser configuration. Accepts callbacks (see {@link ParserCallbacks})
+ *   and options like `maxBufferSize` (see {@link ParserConfig}).
  *
- * @returns A new EventSource parser, with `parse` and `reset` methods.
+ * @returns A new EventSource parser, with `feed` and `reset` methods.
  * @public
  */
-export declare function createParser(
-  callbacks: ParserCallbacks,
-): EventSourceParser;
+export declare function createParser(config: ParserConfig): EventSourceParser;
 
 /**
  * The type of error that occurred.
  * @public
  */
-export declare type ErrorType = "invalid-retry" | "unknown-field";
+export declare type ErrorType =
+  | "invalid-retry"
+  | "unknown-field"
+  | "max-buffer-size-exceeded";
 
 /**
  * A parsed EventSource message event
@@ -143,4 +141,29 @@ export declare interface ParserCallbacks {
   onError?: ((error: ParseError) => void) | undefined;
 }
 
+/**
+ * Configuration accepted by {@link createParser}. Extends {@link ParserCallbacks} with
+ * additional options that control parser behavior.
+ *
+ * @public
+ */
+export declare interface ParserConfig extends ParserCallbacks {
+  /**
+   * Maximum number of characters the parser is allowed to buffer across calls to `feed()`.
+   *
+   * Two unbounded surfaces exist in a streaming SSE parser:
+   * - A partial line that has not yet been terminated by `\n`, `\r`, or `\r\n`.
+   * - A multi-line event whose terminating blank line has not yet arrived (each `data:`
+   *   field gets appended to the buffered event).
+   *
+   * When the combined size of these buffers exceeds `maxBufferSize`, the parser emits a
+   * `ParseError` with `type: 'max-buffer-size-exceeded'` to `onError` and becomes
+   * terminated — subsequent calls to `feed()` will throw until `reset()` is called.
+   * This protects against unbounded memory growth from malformed or malicious streams.
+   *
+   * @defaultValue `undefined` (unbounded)
+   */
+  maxBufferSize?: number | undefined;
+}
+
 export {};

package/node_modules/eventsource-parser/dist/index.js

@@ -6,29 +6,40 @@ class ParseError extends Error {
 const LF = 10, CR = 13, SPACE = 32;
 function noop(_arg) {
 }
-function createParser(callbacks) {
-  if (typeof callbacks == "function")
+function createParser(config) {
+  if (typeof config == "function")
     throw new TypeError(
-      "`callbacks` must be an object, got a function instead. Did you mean `{onEvent: fn}`?"
+      "`config` must be an object, got a function instead. Did you mean `createParser({onEvent: fn})`?"
     );
-  const { onEvent = noop, onError = noop, onRetry = noop, onComment } = callbacks, pendingFragments = [];
-  let isFirstChunk = !0, id, data = "", dataLines = 0, eventType;
+  const { onEvent = noop, onError = noop, onRetry = noop, onComment, maxBufferSize } = config, pendingFragments = [];
+  let pendingFragmentsLength = 0, isFirstChunk = !0, id, data = "", dataLines = 0, eventType, terminated = !1;
   function feed(chunk) {
+    if (terminated)
+      throw new Error(
+        "Cannot feed parser: it was terminated after exceeding the configured max buffer size. Call `reset()` to resume parsing."
+      );
     if (isFirstChunk && (isFirstChunk = !1, chunk.charCodeAt(0) === 239 && chunk.charCodeAt(1) === 187 && chunk.charCodeAt(2) === 191 && (chunk = chunk.slice(3))), pendingFragments.length === 0) {
       const trailing2 = processLines(chunk);
-      trailing2 !== "" && pendingFragments.push(trailing2);
+      trailing2 !== "" && (pendingFragments.push(trailing2), pendingFragmentsLength = trailing2.length), checkBufferSize();
       return;
     }
     if (chunk.indexOf(`
 `) === -1 && chunk.indexOf("\r") === -1) {
-      pendingFragments.push(chunk);
+      pendingFragments.push(chunk), pendingFragmentsLength += chunk.length, checkBufferSize();
       return;
     }
     pendingFragments.push(chunk);
     const input = pendingFragments.join("");
-    pendingFragments.length = 0;
+    pendingFragments.length = 0, pendingFragmentsLength = 0;
     const trailing = processLines(input);
-    trailing !== "" && pendingFragments.push(trailing);
+    trailing !== "" && (pendingFragments.push(trailing), pendingFragmentsLength = trailing.length), checkBufferSize();
+  }
+  function checkBufferSize() {
+    maxBufferSize !== void 0 && (pendingFragmentsLength + data.length <= maxBufferSize || (terminated = !0, pendingFragments.length = 0, pendingFragmentsLength = 0, id = void 0, data = "", dataLines = 0, eventType = void 0, onError(
+      new ParseError(`Buffered data exceeded max buffer size of ${maxBufferSize} characters`, {
+        type: "max-buffer-size-exceeded"
+      })
+    )));
   }
   function processLines(chunk) {
     let searchIndex = 0;
@@ -149,7 +160,7 @@ ${value}`, dataLines++;
       const incompleteLine = pendingFragments.join("");
       parseLine(incompleteLine, 0, incompleteLine.length);
     }
-    isFirstChunk = !0, id = void 0, data = "", dataLines = 0, eventType = void 0, pendingFragments.length = 0;
+    isFirstChunk = !0, id = void 0, data = "", dataLines = 0, eventType = void 0, pendingFragments.length = 0, pendingFragmentsLength = 0, terminated = !1;
   }
   return { feed, reset };
 }

package/node_modules/eventsource-parser/dist/stream.cjs

@@ -2,7 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: !0 });
 var index = require("./index.cjs");
 class EventSourceParserStream extends TransformStream {
-  constructor({ onError, onRetry, onComment } = {}) {
+  constructor({ onError, onRetry, onComment, maxBufferSize } = {}) {
     let parser;
     super({
       start(controller) {
@@ -11,10 +11,11 @@ class EventSourceParserStream extends TransformStream {
             controller.enqueue(event);
           },
           onError(error) {
-            onError === "terminate" ? controller.error(error) : typeof onError == "function" && onError(error);
+            typeof onError == "function" && onError(error), (onError === "terminate" || error.type === "max-buffer-size-exceeded") && controller.error(error);
           },
           onRetry,
-          onComment
+          onComment,
+          maxBufferSize
         });
       },
       transform(chunk) {

package/node_modules/eventsource-parser/dist/stream.d.cts

@@ -2,7 +2,10 @@
  * The type of error that occurred.
  * @public
  */
-export declare type ErrorType = "invalid-retry" | "unknown-field";
+export declare type ErrorType =
+  | "invalid-retry"
+  | "unknown-field"
+  | "max-buffer-size-exceeded";
 
 /**
  * A parsed EventSource message event
@@ -43,7 +46,7 @@ export declare interface EventSourceMessage {
  * const eventStream =
  *  response.body
  *   .pipeThrough(new TextDecoderStream())
- *   .pipeThrough(new EventSourceParserStream({terminateOnError: true}))
+ *   .pipeThrough(new EventSourceParserStream({onError: 'terminate'}))
  * ```
  *
  * @public
@@ -52,7 +55,7 @@ export declare class EventSourceParserStream extends TransformStream<
   string,
   EventSourceMessage
 > {
-  constructor({ onError, onRetry, onComment }?: StreamOptions);
+  constructor({ onError, onRetry, onComment, maxBufferSize }?: StreamOptions);
 }
 
 /**
@@ -116,6 +119,16 @@ export declare interface StreamOptions {
    * @param comment - The comment encountered in the stream.
    */
   onComment?: ((comment: string) => void) | undefined;
+  /**
+   * Maximum number of characters the parser is allowed to buffer across calls to `feed()`.
+   * See {@link ParserConfig.maxBufferSize} for details.
+   *
+   * When the limit is exceeded, the stream is always errored (regardless of the `onError`
+   * setting) since the underlying parser is unrecoverable without a `reset()`.
+   *
+   * @defaultValue `undefined` (unbounded)
+   */
+  maxBufferSize?: number | undefined;
 }
 
 export {};

package/node_modules/eventsource-parser/dist/stream.js

@@ -1,7 +1,7 @@
 import { createParser } from "./index.js";
 import { ParseError } from "./index.js";
 class EventSourceParserStream extends TransformStream {
-  constructor({ onError, onRetry, onComment } = {}) {
+  constructor({ onError, onRetry, onComment, maxBufferSize } = {}) {
     let parser;
     super({
       start(controller) {
@@ -10,10 +10,11 @@ class EventSourceParserStream extends TransformStream {
             controller.enqueue(event);
           },
           onError(error) {
-            onError === "terminate" ? controller.error(error) : typeof onError == "function" && onError(error);
+            typeof onError == "function" && onError(error), (onError === "terminate" || error.type === "max-buffer-size-exceeded") && controller.error(error);
           },
           onRetry,
-          onComment
+          onComment,
+          maxBufferSize
         });
       },
       transform(chunk) {

package/node_modules/eventsource-parser/package.json

@@ -1,6 +1,6 @@
 {
   "name": "eventsource-parser",
-  "version": "3.0.8",
+  "version": "3.1.0",
   "description": "Streaming, source-agnostic EventSource/Server-Sent Events parser",
   "keywords": [
     "eventsource",
@@ -63,21 +63,21 @@
     "test:node": "vitest --reporter=verbose"
   },
   "devDependencies": {
-    "@sanity/pkg-utils": "^10.4.15",
+    "@sanity/pkg-utils": "^10.4.18",
     "@sanity/semantic-release-preset": "^6.0.0",
     "@sanity/tsconfig": "^2.1.0",
     "@types/node": "^20.19.0",
-    "eventsource-encoder": "^1.0.1",
-    "knip": "^6.4.1",
+    "eventsource-encoder": "^1.0.2",
+    "knip": "^6.7.0",
     "mitata": "^1.0.34",
-    "oxfmt": "^0.45.0",
-    "oxlint": "^1.60.0",
+    "oxfmt": "^0.47.0",
+    "oxlint": "^1.62.0",
     "rimraf": "^6.1.3",
     "rollup-plugin-visualizer": "^6.0.3",
     "semantic-release": "^25.0.3",
-    "terser": "^5.46.1",
+    "terser": "^5.46.2",
     "typescript": "^5.9.3",
-    "vitest": "^4.1.4"
+    "vitest": "^4.1.5"
   },
   "browserslist": [
     "node >= 18",

package/node_modules/hasown/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "hasown",
-	"version": "2.0.3",
+	"version": "2.0.4",
 	"description": "A robust, ES3 compatible, \"has own property\" predicate.",
 	"main": "index.js",
 	"exports": {
@@ -52,13 +52,12 @@
 	},
 	"devDependencies": {
 		"@arethetypeswrong/cli": "^0.18.2",
-		"@ljharb/eslint-config": "^22.2.2",
+		"@ljharb/eslint-config": "^22.2.3",
 		"@ljharb/tsconfig": "^0.3.2",
 		"@types/function-bind": "^1.1.10",
 		"@types/tape": "^5.8.1",
-		"auto-changelog": "^2.5.0",
-		"encoding": "^0.1.13",
-		"eslint": "^10.2.0",
+		"auto-changelog": "^2.5.1",
+		"eslint": "^10.4.0",
 		"evalmd": "^0.0.19",
 		"in-publish": "^2.0.1",
 		"jiti": "^0.0.0",

package/node_modules/lru-cache/package.json

@@ -1,7 +1,7 @@
 {
   "name": "lru-cache",
   "description": "A cache object that deletes the least-recently-used items.",
-  "version": "11.5.0",
+  "version": "11.5.1",
   "author": "Isaac Z. Schlueter <i@izs.me>",
   "keywords": [
     "mru",

package/node_modules/protobufjs/dist/light/protobuf.js

@@ -1,6 +1,6 @@
 /*!
- * protobuf.js v7.6.1 (c) 2016, daniel wirtz
- * compiled fri, 22 may 2026 02:52:08 utc
+ * protobuf.js v7.6.2 (c) 2016, daniel wirtz
+ * compiled sat, 30 may 2026 21:57:57 utc
  * licensed under the bsd-3-clause license
  * see: https://github.com/dcodeio/protobuf.js for details
  */
@@ -1207,7 +1207,7 @@ function genValuePartial_fromObject(gen, field, fieldIndex, prop) {
             } gen
             ("}");
         } else gen
-            ("if(typeof d%s!==\"object\")", prop)
+            ("if(!util.isObject(d%s))", prop)
                 ("throw TypeError(%j)", field.fullName + ": object expected")
             ("m%s=types[%i].fromObject(d%s,n+1)", prop, fieldIndex, prop);
     } else {
@@ -1274,6 +1274,8 @@ converter.fromObject = function fromObject(mtype) {
     var gen = util.codegen(["d", "n"], mtype.name + "$fromObject")
     ("if(d instanceof this.ctor)")
         ("return d")
+    ("if(!util.isObject(d))")
+        ("throw TypeError(%j)", mtype.fullName + ": object expected")
     ("if(n===undefined)n=0")
     ("if(n>util.recursionLimit)")
         ("throw Error(\"maximum nesting depth exceeded\")");
@@ -1288,7 +1290,7 @@ converter.fromObject = function fromObject(mtype) {
         // Map fields
         if (field.map) { gen
     ("if(d%s){", prop)
-        ("if(typeof d%s!==\"object\")", prop)
+        ("if(!util.isObject(d%s))", prop)
             ("throw TypeError(%j)", field.fullName + ": object expected")
         ("m%s={}", prop)
         ("for(var ks=Object.keys(d%s),i=0;i<ks.length;++i){", prop);
@@ -5049,7 +5051,7 @@ Root._configure = function(Type_, parse_, common_) {
 
 },{"16":16,"17":17,"23":23,"25":25,"35":35}],29:[function(require,module,exports){
 "use strict";
-module.exports = {};
+module.exports = Object.create(null);
 
 /**
  * Named roots.