@safebrowse/core 0.1.2-rc.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +15 -0
- package/README.md +22 -0
- package/dist/action.d.ts +3 -0
- package/dist/action.d.ts.map +1 -0
- package/dist/action.js +142 -0
- package/dist/action.js.map +1 -0
- package/dist/artifact.d.ts +3 -0
- package/dist/artifact.d.ts.map +1 -0
- package/dist/artifact.js +123 -0
- package/dist/artifact.js.map +1 -0
- package/dist/artifactV2.d.ts +3 -0
- package/dist/artifactV2.d.ts.map +1 -0
- package/dist/artifactV2.js +32 -0
- package/dist/artifactV2.js.map +1 -0
- package/dist/index.d.ts +13 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +13 -0
- package/dist/index.js.map +1 -0
- package/dist/memory.d.ts +3 -0
- package/dist/memory.d.ts.map +1 -0
- package/dist/memory.js +79 -0
- package/dist/memory.js.map +1 -0
- package/dist/perf-smoke.d.ts +2 -0
- package/dist/perf-smoke.d.ts.map +1 -0
- package/dist/perf-smoke.js +86 -0
- package/dist/perf-smoke.js.map +1 -0
- package/dist/policy.d.ts +3 -0
- package/dist/policy.d.ts.map +1 -0
- package/dist/policy.js +74 -0
- package/dist/policy.js.map +1 -0
- package/dist/promptInjection.d.ts +3 -0
- package/dist/promptInjection.d.ts.map +1 -0
- package/dist/promptInjection.js +58 -0
- package/dist/promptInjection.js.map +1 -0
- package/dist/replay.d.ts +3 -0
- package/dist/replay.d.ts.map +1 -0
- package/dist/replay.js +39 -0
- package/dist/replay.js.map +1 -0
- package/dist/sanitize.d.ts +3 -0
- package/dist/sanitize.d.ts.map +1 -0
- package/dist/sanitize.js +50 -0
- package/dist/sanitize.js.map +1 -0
- package/dist/toolProtocol.d.ts +3 -0
- package/dist/toolProtocol.d.ts.map +1 -0
- package/dist/toolProtocol.js +80 -0
- package/dist/toolProtocol.js.map +1 -0
- package/dist/toolProtocolV2.d.ts +6 -0
- package/dist/toolProtocolV2.d.ts.map +1 -0
- package/dist/toolProtocolV2.js +330 -0
- package/dist/toolProtocolV2.js.map +1 -0
- package/dist/trust.d.ts +4 -0
- package/dist/trust.d.ts.map +1 -0
- package/dist/trust.js +32 -0
- package/dist/trust.js.map +1 -0
- package/dist/types.d.ts +399 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +2 -0
- package/dist/types.js.map +1 -0
- package/dist/utils.d.ts +11 -0
- package/dist/utils.d.ts.map +1 -0
- package/dist/utils.js +102 -0
- package/dist/utils.js.map +1 -0
- package/package.json +47 -0
|
@@ -0,0 +1,330 @@
|
|
|
1
|
+
import { randomUUID } from "node:crypto";
|
|
2
|
+
import { normalizeTrustSignals } from "./trust.js";
|
|
3
|
+
import { clamp, isPrivateHost, normalizeOrigin, sha256Hex, stableStringify, uniq } from "./utils.js";
|
|
4
|
+
const SECURITY_SENSITIVE_TEXT = /\b(?:attach|carry|forward|include|pass|relay|send|submit|transport)\b[\s\S]{0,48}\b(?:authorization proof|bearer|callback|credential|secret|session|token)\b/i;
|
|
5
|
+
const CALLBACK_CONTINUITY_TEXT = /\b(?:callback continuity|continue|continuity|handshake|onboarding|finalize|finalise|resume)\b/i;
|
|
6
|
+
function matchToolPatterns(reasons, patterns) {
|
|
7
|
+
const hints = reasons.join(" ").toLowerCase();
|
|
8
|
+
return patterns
|
|
9
|
+
.filter((pattern) => {
|
|
10
|
+
const family = String(pattern.family_key ?? "").toLowerCase();
|
|
11
|
+
const name = String(pattern.pattern_name ?? "").toLowerCase();
|
|
12
|
+
return ((hints.includes("registry") && family.includes("registry")) ||
|
|
13
|
+
(hints.includes("redirect") && name.includes("redirect")) ||
|
|
14
|
+
(hints.includes("callback") && name.includes("callback")) ||
|
|
15
|
+
(hints.includes("schema") && family.includes("schema")) ||
|
|
16
|
+
(hints.includes("artifact") && family.includes("artifact")) ||
|
|
17
|
+
(hints.includes("token") && name.includes("token")));
|
|
18
|
+
})
|
|
19
|
+
.slice(0, 8)
|
|
20
|
+
.map((pattern) => String(pattern.pattern_id ?? "unknown-tool-pattern"));
|
|
21
|
+
}
|
|
22
|
+
export function computeToolManifestHash(request) {
|
|
23
|
+
return sha256Hex(stableStringify({
|
|
24
|
+
toolId: request.toolId,
|
|
25
|
+
description: request.description,
|
|
26
|
+
authType: request.authType ?? "none",
|
|
27
|
+
requestedScopes: request.requestedScopes ?? [],
|
|
28
|
+
callbackUri: request.callbackUri ?? request.requestedRedirectUri ?? ""
|
|
29
|
+
}));
|
|
30
|
+
}
|
|
31
|
+
export function computeToolSchemaHash(schemaDescriptions) {
|
|
32
|
+
return sha256Hex(stableStringify(schemaDescriptions ?? []));
|
|
33
|
+
}
|
|
34
|
+
function findRegistryEntry(request, context) {
|
|
35
|
+
const registry = context.verifiedRegistry;
|
|
36
|
+
if (!registry?.signatureVerified) {
|
|
37
|
+
return undefined;
|
|
38
|
+
}
|
|
39
|
+
const requestIds = uniq([
|
|
40
|
+
request.registryEntryId,
|
|
41
|
+
request.toolId
|
|
42
|
+
].filter((value) => Boolean(value?.trim())));
|
|
43
|
+
return registry.entries.find((entry) => requestIds.includes(entry.registryEntryId) || requestIds.includes(entry.adapterId));
|
|
44
|
+
}
|
|
45
|
+
function inferOriginatingSurface(request) {
|
|
46
|
+
if (request.originatingSurface) {
|
|
47
|
+
return request.originatingSurface;
|
|
48
|
+
}
|
|
49
|
+
if (request.sourceArtifactId) {
|
|
50
|
+
return "artifact";
|
|
51
|
+
}
|
|
52
|
+
if (request.schemaDescriptions?.length) {
|
|
53
|
+
return "tool_schema";
|
|
54
|
+
}
|
|
55
|
+
return "tool_description";
|
|
56
|
+
}
|
|
57
|
+
function buildWorkflowBinding(request, lineageChain, derivedTaintClass, createdAt) {
|
|
58
|
+
return {
|
|
59
|
+
bindingId: randomUUID(),
|
|
60
|
+
sourceObservationId: request.sourceObservationId,
|
|
61
|
+
sourceArtifactId: request.sourceArtifactId,
|
|
62
|
+
originatingSurface: inferOriginatingSurface(request),
|
|
63
|
+
lineageChain,
|
|
64
|
+
derivedTaintClass,
|
|
65
|
+
createdAt
|
|
66
|
+
};
|
|
67
|
+
}
|
|
68
|
+
function isEntryExpired(entry, now = new Date()) {
|
|
69
|
+
if (!entry?.expiresAt) {
|
|
70
|
+
return false;
|
|
71
|
+
}
|
|
72
|
+
return new Date(entry.expiresAt).getTime() <= now.getTime();
|
|
73
|
+
}
|
|
74
|
+
function resolveCallbackUri(request) {
|
|
75
|
+
return (request.oauthContext?.callbackUri ??
|
|
76
|
+
request.callbackUri ??
|
|
77
|
+
request.oauthContext?.redirectUri ??
|
|
78
|
+
request.requestedRedirectUri);
|
|
79
|
+
}
|
|
80
|
+
function resolveCallbackOrigin(request, callbackUri) {
|
|
81
|
+
return normalizeOrigin(request.oauthContext?.callbackOrigin ?? request.callbackOrigin ?? callbackUri);
|
|
82
|
+
}
|
|
83
|
+
function containsSensitiveCallbackText(request) {
|
|
84
|
+
const texts = [request.description, ...(request.schemaDescriptions ?? [])].filter(Boolean);
|
|
85
|
+
return texts.some((text) => SECURITY_SENSITIVE_TEXT.test(text) || CALLBACK_CONTINUITY_TEXT.test(text));
|
|
86
|
+
}
|
|
87
|
+
function derivedTaintClass(request, trustTaint) {
|
|
88
|
+
if (request.sourceArtifactId || request.originatingSurface === "artifact") {
|
|
89
|
+
return "tainted";
|
|
90
|
+
}
|
|
91
|
+
if (request.schemaDescriptions?.length || request.originatingSurface === "tool_schema") {
|
|
92
|
+
return "tainted";
|
|
93
|
+
}
|
|
94
|
+
return trustTaint === "trusted" ? "trusted" : "tainted";
|
|
95
|
+
}
|
|
96
|
+
function isPrivilegedConnectorFlow(request, callbackUri) {
|
|
97
|
+
return Boolean(request.authType === "oauth" ||
|
|
98
|
+
callbackUri ||
|
|
99
|
+
request.requestedScopes?.length ||
|
|
100
|
+
request.oauthContext?.requestedScopes?.length);
|
|
101
|
+
}
|
|
102
|
+
function isAllowedCallbackOrigin(callbackOrigin, entry, context) {
|
|
103
|
+
if (entry.allowedCallbackOrigins.length) {
|
|
104
|
+
return entry.allowedCallbackOrigins.includes(callbackOrigin);
|
|
105
|
+
}
|
|
106
|
+
if (callbackOrigin === "unknown") {
|
|
107
|
+
return false;
|
|
108
|
+
}
|
|
109
|
+
let host = callbackOrigin;
|
|
110
|
+
try {
|
|
111
|
+
host = new URL(callbackOrigin).hostname;
|
|
112
|
+
}
|
|
113
|
+
catch {
|
|
114
|
+
host = callbackOrigin;
|
|
115
|
+
}
|
|
116
|
+
if (isPrivateHost(host)) {
|
|
117
|
+
return entry.allowLoopbackCallbacks || context.policy.allowLoopbackCallbacksInDev;
|
|
118
|
+
}
|
|
119
|
+
return true;
|
|
120
|
+
}
|
|
121
|
+
export function prepareToolOnboarding(request, context) {
|
|
122
|
+
const now = (context.now?.() ?? new Date()).toISOString();
|
|
123
|
+
const trustSignals = normalizeTrustSignals({
|
|
124
|
+
artifactKind: "tool_manifest",
|
|
125
|
+
extractionMethod: "api",
|
|
126
|
+
...(request.trustSignals ?? {})
|
|
127
|
+
});
|
|
128
|
+
const lineageChain = trustSignals.lineageChain;
|
|
129
|
+
const taint = derivedTaintClass(request, trustSignals.taintClass);
|
|
130
|
+
const workflowBinding = buildWorkflowBinding(request, lineageChain, taint, now);
|
|
131
|
+
const callbackUri = resolveCallbackUri(request);
|
|
132
|
+
const callbackOrigin = resolveCallbackOrigin(request, callbackUri);
|
|
133
|
+
const entry = findRegistryEntry(request, context);
|
|
134
|
+
const reasonCodes = [];
|
|
135
|
+
let decision = "ALLOW";
|
|
136
|
+
let riskScore = 0.35;
|
|
137
|
+
if (context.policy.requireVerifiedRegistry && !context.verifiedRegistry?.signatureVerified) {
|
|
138
|
+
decision = "BLOCK";
|
|
139
|
+
reasonCodes.push("REGISTRY_BUNDLE_UNAVAILABLE");
|
|
140
|
+
riskScore = 0.98;
|
|
141
|
+
}
|
|
142
|
+
if (!entry) {
|
|
143
|
+
decision = "BLOCK";
|
|
144
|
+
reasonCodes.push("REGISTRY_ENTRY_NOT_FOUND");
|
|
145
|
+
riskScore = Math.max(riskScore, 0.98);
|
|
146
|
+
}
|
|
147
|
+
if (entry && isEntryExpired(entry, new Date(now))) {
|
|
148
|
+
decision = "BLOCK";
|
|
149
|
+
reasonCodes.push("REGISTRY_ENTRY_EXPIRED");
|
|
150
|
+
riskScore = Math.max(riskScore, 0.98);
|
|
151
|
+
}
|
|
152
|
+
if (entry &&
|
|
153
|
+
context.policy.allowedRegistrySigners.size &&
|
|
154
|
+
!context.policy.allowedRegistrySigners.has(entry.signer.toLowerCase())) {
|
|
155
|
+
decision = "BLOCK";
|
|
156
|
+
reasonCodes.push("REGISTRY_SIGNER_NOT_ALLOWLISTED");
|
|
157
|
+
riskScore = Math.max(riskScore, 0.95);
|
|
158
|
+
}
|
|
159
|
+
if (entry && request.authType && request.authType !== entry.authType) {
|
|
160
|
+
decision = "BLOCK";
|
|
161
|
+
reasonCodes.push("AUTH_TYPE_MISMATCH");
|
|
162
|
+
riskScore = Math.max(riskScore, 0.92);
|
|
163
|
+
}
|
|
164
|
+
if (request.tokenPassthroughRequested || containsSensitiveCallbackText(request)) {
|
|
165
|
+
decision = "BLOCK";
|
|
166
|
+
reasonCodes.push("SECURITY_SENSITIVE_CALLBACK_TEXT");
|
|
167
|
+
riskScore = Math.max(riskScore, 0.99);
|
|
168
|
+
}
|
|
169
|
+
if (entry?.manifestHash) {
|
|
170
|
+
if (!request.manifestHash) {
|
|
171
|
+
decision = "BLOCK";
|
|
172
|
+
reasonCodes.push("MANIFEST_HASH_REQUIRED");
|
|
173
|
+
riskScore = Math.max(riskScore, 0.97);
|
|
174
|
+
}
|
|
175
|
+
else if (request.manifestHash !== entry.manifestHash) {
|
|
176
|
+
decision = "BLOCK";
|
|
177
|
+
reasonCodes.push("MANIFEST_HASH_MISMATCH");
|
|
178
|
+
riskScore = Math.max(riskScore, 0.99);
|
|
179
|
+
}
|
|
180
|
+
}
|
|
181
|
+
if (entry?.schemaHash) {
|
|
182
|
+
if (!request.schemaHash) {
|
|
183
|
+
decision = "BLOCK";
|
|
184
|
+
reasonCodes.push("SCHEMA_HASH_REQUIRED");
|
|
185
|
+
riskScore = Math.max(riskScore, 0.97);
|
|
186
|
+
}
|
|
187
|
+
else if (request.schemaHash !== entry.schemaHash) {
|
|
188
|
+
decision = "BLOCK";
|
|
189
|
+
reasonCodes.push("SCHEMA_HASH_MISMATCH");
|
|
190
|
+
riskScore = Math.max(riskScore, 0.99);
|
|
191
|
+
}
|
|
192
|
+
}
|
|
193
|
+
if (request.egressHosts?.some((host) => isPrivateHost(host)) && !entry?.allowPrivateEgress) {
|
|
194
|
+
decision = "BLOCK";
|
|
195
|
+
reasonCodes.push("PRIVATE_EGRESS_DENIED");
|
|
196
|
+
riskScore = Math.max(riskScore, 0.96);
|
|
197
|
+
}
|
|
198
|
+
if (request.authType === "oauth") {
|
|
199
|
+
if (!callbackUri) {
|
|
200
|
+
decision = "BLOCK";
|
|
201
|
+
reasonCodes.push("CALLBACK_URI_REQUIRED");
|
|
202
|
+
riskScore = Math.max(riskScore, 0.96);
|
|
203
|
+
}
|
|
204
|
+
if (entry &&
|
|
205
|
+
context.policy.enforceExactRedirectUri &&
|
|
206
|
+
callbackUri &&
|
|
207
|
+
!entry.allowedRedirectUris.includes(callbackUri)) {
|
|
208
|
+
decision = "BLOCK";
|
|
209
|
+
reasonCodes.push("CALLBACK_URI_NOT_VERIFIED");
|
|
210
|
+
riskScore = Math.max(riskScore, 0.99);
|
|
211
|
+
}
|
|
212
|
+
if (entry && callbackUri && !isAllowedCallbackOrigin(callbackOrigin, entry, context)) {
|
|
213
|
+
decision = "BLOCK";
|
|
214
|
+
reasonCodes.push("CALLBACK_ORIGIN_NOT_VERIFIED");
|
|
215
|
+
riskScore = Math.max(riskScore, 0.99);
|
|
216
|
+
}
|
|
217
|
+
}
|
|
218
|
+
if (request.requestedScopes?.length && entry?.allowedScopes.length) {
|
|
219
|
+
const unknownScopes = request.requestedScopes.filter((scope) => !entry.allowedScopes.includes(scope));
|
|
220
|
+
if (unknownScopes.length) {
|
|
221
|
+
decision = "BLOCK";
|
|
222
|
+
reasonCodes.push("REQUESTED_SCOPE_NOT_VERIFIED");
|
|
223
|
+
riskScore = Math.max(riskScore, 0.97);
|
|
224
|
+
}
|
|
225
|
+
}
|
|
226
|
+
const privilegedConnectorFlow = isPrivilegedConnectorFlow(request, callbackUri);
|
|
227
|
+
const untrustedDerivation = taint !== "trusted";
|
|
228
|
+
if (privilegedConnectorFlow && context.policy.requireApprovalBinding && !request.approvalBindingId) {
|
|
229
|
+
decision = untrustedDerivation ? "BLOCK" : decision === "ALLOW" ? "USER_CONFIRM" : decision;
|
|
230
|
+
reasonCodes.push(untrustedDerivation
|
|
231
|
+
? "APPROVAL_BINDING_REQUIRED_FOR_UNTRUSTED_FLOW"
|
|
232
|
+
: "APPROVAL_BINDING_REQUIRED");
|
|
233
|
+
riskScore = Math.max(riskScore, 0.82);
|
|
234
|
+
}
|
|
235
|
+
if (privilegedConnectorFlow && untrustedDerivation && request.approvalBindingId && decision === "ALLOW") {
|
|
236
|
+
decision = "USER_CONFIRM";
|
|
237
|
+
reasonCodes.push("UNTRUSTED_CONNECTOR_FLOW_REQUIRES_CONFIRMATION");
|
|
238
|
+
riskScore = Math.max(riskScore, 0.88);
|
|
239
|
+
}
|
|
240
|
+
const matchedPatternIds = matchToolPatterns(reasonCodes, context.knowledgeBase?.toolProtocolPatterns ?? []);
|
|
241
|
+
return {
|
|
242
|
+
verdict: {
|
|
243
|
+
decision,
|
|
244
|
+
reasonCodes: uniq(reasonCodes),
|
|
245
|
+
riskScore: clamp(riskScore),
|
|
246
|
+
safeConstraints: {
|
|
247
|
+
verified_registry_required: context.policy.requireVerifiedRegistry,
|
|
248
|
+
approval_binding_required: context.policy.requireApprovalBinding,
|
|
249
|
+
oauth_mode: request.authType === "oauth" ? "pkce_s256" : "none",
|
|
250
|
+
allowed_callback_fields: ["code", "state", "iss"],
|
|
251
|
+
callback_origin: callbackOrigin,
|
|
252
|
+
derived_from_untrusted_artifact: request.originatingSurface === "artifact",
|
|
253
|
+
derived_from_schema_text: inferOriginatingSurface(request) === "tool_schema"
|
|
254
|
+
},
|
|
255
|
+
matchedPatternIds,
|
|
256
|
+
incidentPlaybookId: decision === "BLOCK" ? "IR-04" : decision === "USER_CONFIRM" ? "IR-02" : undefined,
|
|
257
|
+
telemetryTags: uniq([
|
|
258
|
+
request.toolId,
|
|
259
|
+
inferOriginatingSurface(request),
|
|
260
|
+
decision.toLowerCase()
|
|
261
|
+
])
|
|
262
|
+
},
|
|
263
|
+
verifiedRegistryEntry: entry,
|
|
264
|
+
workflowBinding
|
|
265
|
+
};
|
|
266
|
+
}
|
|
267
|
+
export function verifyToolCallback(request, session, context) {
|
|
268
|
+
const verifiedAt = (context.now?.() ?? new Date()).toISOString();
|
|
269
|
+
const reasonCodes = [];
|
|
270
|
+
let decision = "ALLOW";
|
|
271
|
+
let riskScore = 0.2;
|
|
272
|
+
if (!session) {
|
|
273
|
+
decision = "BLOCK";
|
|
274
|
+
reasonCodes.push("UNKNOWN_ONBOARDING_SESSION");
|
|
275
|
+
riskScore = 0.99;
|
|
276
|
+
}
|
|
277
|
+
else {
|
|
278
|
+
if (session.status !== "prepared") {
|
|
279
|
+
decision = "BLOCK";
|
|
280
|
+
reasonCodes.push("ONBOARDING_SESSION_NOT_ACTIVE");
|
|
281
|
+
riskScore = Math.max(riskScore, 0.99);
|
|
282
|
+
}
|
|
283
|
+
if (new Date(session.expiresAt).getTime() <= new Date(verifiedAt).getTime()) {
|
|
284
|
+
decision = "BLOCK";
|
|
285
|
+
reasonCodes.push("ONBOARDING_SESSION_EXPIRED");
|
|
286
|
+
riskScore = Math.max(riskScore, 0.99);
|
|
287
|
+
}
|
|
288
|
+
if (request.state !== session.state) {
|
|
289
|
+
decision = "BLOCK";
|
|
290
|
+
reasonCodes.push("CALLBACK_STATE_MISMATCH");
|
|
291
|
+
riskScore = Math.max(riskScore, 0.99);
|
|
292
|
+
}
|
|
293
|
+
if (request.callbackUri !== session.callbackUri) {
|
|
294
|
+
decision = "BLOCK";
|
|
295
|
+
reasonCodes.push("CALLBACK_URI_MISMATCH");
|
|
296
|
+
riskScore = Math.max(riskScore, 0.99);
|
|
297
|
+
}
|
|
298
|
+
if (normalizeOrigin(request.callbackOrigin) !== normalizeOrigin(session.callbackOrigin)) {
|
|
299
|
+
decision = "BLOCK";
|
|
300
|
+
reasonCodes.push("CALLBACK_ORIGIN_MISMATCH");
|
|
301
|
+
riskScore = Math.max(riskScore, 0.99);
|
|
302
|
+
}
|
|
303
|
+
}
|
|
304
|
+
const payloadKeys = Object.keys(request.payload ?? {});
|
|
305
|
+
if (payloadKeys.some((key) => /(authorization|bearer|secret|session|token)/i.test(key))) {
|
|
306
|
+
decision = "BLOCK";
|
|
307
|
+
reasonCodes.push("DISALLOWED_CALLBACK_FIELDS");
|
|
308
|
+
riskScore = Math.max(riskScore, 0.99);
|
|
309
|
+
}
|
|
310
|
+
const matchedPatternIds = matchToolPatterns(reasonCodes, context.knowledgeBase?.toolProtocolPatterns ?? []);
|
|
311
|
+
return {
|
|
312
|
+
verdict: {
|
|
313
|
+
decision,
|
|
314
|
+
reasonCodes: uniq(reasonCodes),
|
|
315
|
+
riskScore: clamp(riskScore),
|
|
316
|
+
safeConstraints: {
|
|
317
|
+
verified_registry_required: context.policy.requireVerifiedRegistry,
|
|
318
|
+
approval_binding_required: context.policy.requireApprovalBinding,
|
|
319
|
+
oauth_mode: "pkce_s256",
|
|
320
|
+
allowed_callback_fields: ["code", "state", "iss"]
|
|
321
|
+
},
|
|
322
|
+
matchedPatternIds,
|
|
323
|
+
incidentPlaybookId: decision === "BLOCK" ? "IR-04" : undefined,
|
|
324
|
+
telemetryTags: uniq([request.sessionId, decision.toLowerCase()])
|
|
325
|
+
},
|
|
326
|
+
sessionId: request.sessionId,
|
|
327
|
+
verifiedAt
|
|
328
|
+
};
|
|
329
|
+
}
|
|
330
|
+
//# sourceMappingURL=toolProtocolV2.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"toolProtocolV2.js","sourceRoot":"","sources":["../src/toolProtocolV2.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAczC,OAAO,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AACnD,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,eAAe,EAAE,SAAS,EAAE,eAAe,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAErG,MAAM,uBAAuB,GAC3B,+JAA+J,CAAC;AAElK,MAAM,wBAAwB,GAC5B,gGAAgG,CAAC;AAEnG,SAAS,iBAAiB,CACxB,OAAiB,EACjB,QAAwC;IAExC,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;IAC9C,OAAO,QAAQ;SACZ,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE;QAClB,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;QAC9D,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;QAC9D,OAAO,CACL,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;YAC3D,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;YACzD,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;YACzD,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACvD,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;YAC3D,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CACpD,CAAC;IACJ,CAAC,CAAC;SACD,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;SACX,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,IAAI,sBAAsB,CAAC,CAAC,CAAC;AAC5E,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,OAGvC;IACC,OAAO,SAAS,CACd,eAAe,CAAC;QACd,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,MAAM;QACpC,eAAe,EAAE,OAAO,CAAC,eAAe,IAAI,EAAE;QAC9C,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,oBAAoB,IAAI,EAAE;KACvE,CAAC,CACH,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,kBAA6B;IACjE,OAAO,SAAS,CAAC,eAAe,CAAC,kBAAkB,IAAI,EAAE,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED,SAAS,iBAAiB,CACxB,OAAoB,EACpB,OAAuB;IAEvB,MAAM,QAAQ,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAC1C,IAAI,CAAC,QAAQ,EAAE,iBAAiB,EAAE,CAAC;QACjC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,CAAC;QACtB,OAAO,CAAC,eAAe;QACvB,OAAO,CAAC,MAAM;KACf,CAAC,MAAM,CAAC,CAAC,KAAK,EAAmB,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAE9D,OAAO,QAAQ,CAAC,OAAO,CAAC,IAAI,CAC1B,CAAC,KAAK,EAAE,EAAE,CACR,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,SAAS,CAAC,CACrF,CAAC;AACJ,CAAC;AAED,SAAS,uBAAuB,CAAC,OAAoB;IACnD,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;QAC/B,OAAO,OAAO,CAAC,kBAAkB,CAAC;IACpC,CAAC;IACD,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;QAC7B,OAAO,UAAU,CAAC;IACpB,CAAC;IACD,IAAI,OAAO,CAAC,kBAAkB,EAAE,MAAM,EAAE,CAAC;QACvC,OAAO,aAAa,CAAC;IACvB,CAAC;IACD,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAED,SAAS,oBAAoB,CAC3B,OAAoB,EACpB,YAAsB,EACtB,iBAAuD,EACvD,SAAiB;IAEjB,OAAO;QACL,SAAS,EAAE,UAAU,EAAE;QACvB,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;QAChD,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;QAC1C,kBAAkB,EAAE,uBAAuB,CAAC,OAAO,CAAC;QACpD,YAAY;QACZ,iBAAiB;QACjB,SAAS;KACV,CAAC;AACJ,CAAC;AAED,SAAS,cAAc,CAAC,KAA6B,EAAE,GAAG,GAAG,IAAI,IAAI,EAAE;IACrE,IAAI,CAAC,KAAK,EAAE,SAAS,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;AAC9D,CAAC;AAED,SAAS,kBAAkB,CAAC,OAAoB;IAC9C,OAAO,CACL,OAAO,CAAC,YAAY,EAAE,WAAW;QACjC,OAAO,CAAC,WAAW;QACnB,OAAO,CAAC,YAAY,EAAE,WAAW;QACjC,OAAO,CAAC,oBAAoB,CAC7B,CAAC;AACJ,CAAC;AAED,SAAS,qBAAqB,CAAC,OAAoB,EAAE,WAAoB;IACvE,OAAO,eAAe,CACpB,OAAO,CAAC,YAAY,EAAE,cAAc,IAAI,OAAO,CAAC,cAAc,IAAI,WAAW,CAC9E,CAAC;AACJ,CAAC;AAED,SAAS,6BAA6B,CAAC,OAAoB;IACzD,MAAM,KAAK,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,GAAG,CAAC,OAAO,CAAC,kBAAkB,IAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3F,OAAO,KAAK,CAAC,IAAI,CACf,CAAC,IAAI,EAAE,EAAE,CAAC,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC,CACpF,CAAC;AACJ,CAAC;AAED,SAAS,iBAAiB,CAAC,OAAoB,EAAE,UAAkB;IACjE,IAAI,OAAO,CAAC,gBAAgB,IAAI,OAAO,CAAC,kBAAkB,KAAK,UAAU,EAAE,CAAC;QAC1E,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,IAAI,OAAO,CAAC,kBAAkB,EAAE,MAAM,IAAI,OAAO,CAAC,kBAAkB,KAAK,aAAa,EAAE,CAAC;QACvF,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;AAC1D,CAAC;AAED,SAAS,yBAAyB,CAAC,OAAoB,EAAE,WAAoB;IAC3E,OAAO,OAAO,CACZ,OAAO,CAAC,QAAQ,KAAK,OAAO;QAC1B,WAAW;QACX,OAAO,CAAC,eAAe,EAAE,MAAM;QAC/B,OAAO,CAAC,YAAY,EAAE,eAAe,EAAE,MAAM,CAChD,CAAC;AACJ,CAAC;AAED,SAAS,uBAAuB,CAC9B,cAAsB,EACtB,KAA4B,EAC5B,OAAuB;IAEvB,IAAI,KAAK,CAAC,sBAAsB,CAAC,MAAM,EAAE,CAAC;QACxC,OAAO,KAAK,CAAC,sBAAsB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IAC/D,CAAC;IAED,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;QACjC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,IAAI,GAAG,cAAc,CAAC;IAC1B,IAAI,CAAC;QACH,IAAI,GAAG,IAAI,GAAG,CAAC,cAAc,CAAC,CAAC,QAAQ,CAAC;IAC1C,CAAC;IAAC,MAAM,CAAC;QACP,IAAI,GAAG,cAAc,CAAC;IACxB,CAAC;IAED,IAAI,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,OAAO,KAAK,CAAC,sBAAsB,IAAI,OAAO,CAAC,MAAM,CAAC,2BAA2B,CAAC;IACpF,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,qBAAqB,CACnC,OAAoB,EACpB,OAAuB;IAEvB,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IAC1D,MAAM,YAAY,GAAG,qBAAqB,CAAC;QACzC,YAAY,EAAE,eAAe;QAC7B,gBAAgB,EAAE,KAAK;QACvB,GAAG,CAAC,OAAO,CAAC,YAAY,IAAI,EAAE,CAAC;KAChC,CAAC,CAAC;IACH,MAAM,YAAY,GAAG,YAAY,CAAC,YAAY,CAAC;IAC/C,MAAM,KAAK,GAAG,iBAAiB,CAAC,OAAO,EAAE,YAAY,CAAC,UAAU,CAAC,CAAC;IAClE,MAAM,eAAe,GAAG,oBAAoB,CAAC,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;IAChF,MAAM,WAAW,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAChD,MAAM,cAAc,GAAG,qBAAqB,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IACnE,MAAM,KAAK,GAAG,iBAAiB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAElD,MAAM,WAAW,GAAa,EAAE,CAAC;IACjC,IAAI,QAAQ,GAA4B,OAAO,CAAC;IAChD,IAAI,SAAS,GAAG,IAAI,CAAC;IAErB,IAAI,OAAO,CAAC,MAAM,CAAC,uBAAuB,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,iBAAiB,EAAE,CAAC;QAC3F,QAAQ,GAAG,OAAO,CAAC;QACnB,WAAW,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAChD,SAAS,GAAG,IAAI,CAAC;IACnB,CAAC;IAED,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,QAAQ,GAAG,OAAO,CAAC;QACnB,WAAW,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;QAC7C,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACxC,CAAC;IAED,IAAI,KAAK,IAAI,cAAc,CAAC,KAAK,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;QAClD,QAAQ,GAAG,OAAO,CAAC;QACnB,WAAW,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QAC3C,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACxC,CAAC;IAED,IACE,KAAK;QACL,OAAO,CAAC,MAAM,CAAC,sBAAsB,CAAC,IAAI;QAC1C,CAAC,OAAO,CAAC,MAAM,CAAC,sBAAsB,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EACtE,CAAC;QACD,QAAQ,GAAG,OAAO,CAAC;QACnB,WAAW,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;QACpD,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACxC,CAAC;IAED,IAAI,KAAK,IAAI,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,KAAK,KAAK,CAAC,QAAQ,EAAE,CAAC;QACrE,QAAQ,GAAG,OAAO,CAAC;QACnB,WAAW,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QACvC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACxC,CAAC;IAED,IAAI,OAAO,CAAC,yBAAyB,IAAI,6BAA6B,CAAC,OAAO,CAAC,EAAE,CAAC;QAChF,QAAQ,GAAG,OAAO,CAAC;QACnB,WAAW,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;QACrD,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACxC,CAAC;IAED,IAAI,KAAK,EAAE,YAAY,EAAE,CAAC;QACxB,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;YAC1B,QAAQ,GAAG,OAAO,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YAC3C,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,CAAC;aAAM,IAAI,OAAO,CAAC,YAAY,KAAK,KAAK,CAAC,YAAY,EAAE,CAAC;YACvD,QAAQ,GAAG,OAAO,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YAC3C,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,IAAI,KAAK,EAAE,UAAU,EAAE,CAAC;QACtB,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;YACxB,QAAQ,GAAG,OAAO,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;YACzC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,CAAC;aAAM,IAAI,OAAO,CAAC,UAAU,KAAK,KAAK,CAAC,UAAU,EAAE,CAAC;YACnD,QAAQ,GAAG,OAAO,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;YACzC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,IAAI,OAAO,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,kBAAkB,EAAE,CAAC;QAC3F,QAAQ,GAAG,OAAO,CAAC;QACnB,WAAW,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QAC1C,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACxC,CAAC;IAED,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QACjC,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,QAAQ,GAAG,OAAO,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;YAC1C,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,CAAC;QAED,IACE,KAAK;YACL,OAAO,CAAC,MAAM,CAAC,uBAAuB;YACtC,WAAW;YACX,CAAC,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC,WAAW,CAAC,EAChD,CAAC;YACD,QAAQ,GAAG,OAAO,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;YAC9C,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,CAAC;QAED,IAAI,KAAK,IAAI,WAAW,IAAI,CAAC,uBAAuB,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,CAAC,EAAE,CAAC;YACrF,QAAQ,GAAG,OAAO,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;YACjD,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,IAAI,OAAO,CAAC,eAAe,EAAE,MAAM,IAAI,KAAK,EAAE,aAAa,CAAC,MAAM,EAAE,CAAC;QACnE,MAAM,aAAa,GAAG,OAAO,CAAC,eAAe,CAAC,MAAM,CAClD,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,CAChD,CAAC;QACF,IAAI,aAAa,CAAC,MAAM,EAAE,CAAC;YACzB,QAAQ,GAAG,OAAO,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;YACjD,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,MAAM,uBAAuB,GAAG,yBAAyB,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IAChF,MAAM,mBAAmB,GAAG,KAAK,KAAK,SAAS,CAAC;IAChD,IAAI,uBAAuB,IAAI,OAAO,CAAC,MAAM,CAAC,sBAAsB,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,CAAC;QACnG,QAAQ,GAAG,mBAAmB,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC;QAC5F,WAAW,CAAC,IAAI,CACd,mBAAmB;YACjB,CAAC,CAAC,8CAA8C;YAChD,CAAC,CAAC,2BAA2B,CAChC,CAAC;QACF,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACxC,CAAC;IAED,IAAI,uBAAuB,IAAI,mBAAmB,IAAI,OAAO,CAAC,iBAAiB,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;QACxG,QAAQ,GAAG,cAAc,CAAC;QAC1B,WAAW,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;QACnE,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACxC,CAAC;IAED,MAAM,iBAAiB,GAAG,iBAAiB,CACzC,WAAW,EACX,OAAO,CAAC,aAAa,EAAE,oBAAoB,IAAI,EAAE,CAClD,CAAC;IAEF,OAAO;QACL,OAAO,EAAE;YACP,QAAQ;YACR,WAAW,EAAE,IAAI,CAAC,WAAW,CAAC;YAC9B,SAAS,EAAE,KAAK,CAAC,SAAS,CAAC;YAC3B,eAAe,EAAE;gBACf,0BAA0B,EAAE,OAAO,CAAC,MAAM,CAAC,uBAAuB;gBAClE,yBAAyB,EAAE,OAAO,CAAC,MAAM,CAAC,sBAAsB;gBAChE,UAAU,EAAE,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM;gBAC/D,uBAAuB,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC;gBACjD,eAAe,EAAE,cAAc;gBAC/B,+BAA+B,EAAE,OAAO,CAAC,kBAAkB,KAAK,UAAU;gBAC1E,wBAAwB,EAAE,uBAAuB,CAAC,OAAO,CAAC,KAAK,aAAa;aAC7E;YACD,iBAAiB;YACjB,kBAAkB,EAChB,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,KAAK,cAAc,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;YACpF,aAAa,EAAE,IAAI,CAAC;gBAClB,OAAO,CAAC,MAAM;gBACd,uBAAuB,CAAC,OAAO,CAAC;gBAChC,QAAQ,CAAC,WAAW,EAAE;aACvB,CAAC;SACH;QACD,qBAAqB,EAAE,KAAK;QAC5B,eAAe;KAChB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,kBAAkB,CAChC,OAAwC,EACxC,OAA0C,EAC1C,OAAuB;IAEvB,MAAM,UAAU,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IACjE,MAAM,WAAW,GAAa,EAAE,CAAC;IACjC,IAAI,QAAQ,GAA4B,OAAO,CAAC;IAChD,IAAI,SAAS,GAAG,GAAG,CAAC;IAEpB,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,QAAQ,GAAG,OAAO,CAAC;QACnB,WAAW,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAC/C,SAAS,GAAG,IAAI,CAAC;IACnB,CAAC;SAAM,CAAC;QACN,IAAI,OAAO,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YAClC,QAAQ,GAAG,OAAO,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;YAClD,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,CAAC;QACD,IAAI,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,IAAI,IAAI,IAAI,CAAC,UAAU,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC;YAC5E,QAAQ,GAAG,OAAO,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;YAC/C,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,CAAC;QACD,IAAI,OAAO,CAAC,KAAK,KAAK,OAAO,CAAC,KAAK,EAAE,CAAC;YACpC,QAAQ,GAAG,OAAO,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;YAC5C,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,CAAC;QACD,IAAI,OAAO,CAAC,WAAW,KAAK,OAAO,CAAC,WAAW,EAAE,CAAC;YAChD,QAAQ,GAAG,OAAO,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;YAC1C,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,CAAC;QACD,IAAI,eAAe,CAAC,OAAO,CAAC,cAAc,CAAC,KAAK,eAAe,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;YACxF,QAAQ,GAAG,OAAO,CAAC;YACnB,WAAW,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;YAC7C,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;IACvD,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,8CAA8C,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;QACxF,QAAQ,GAAG,OAAO,CAAC;QACnB,WAAW,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAC/C,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACxC,CAAC;IAED,MAAM,iBAAiB,GAAG,iBAAiB,CACzC,WAAW,EACX,OAAO,CAAC,aAAa,EAAE,oBAAoB,IAAI,EAAE,CAClD,CAAC;IAEF,OAAO;QACL,OAAO,EAAE;YACP,QAAQ;YACR,WAAW,EAAE,IAAI,CAAC,WAAW,CAAC;YAC9B,SAAS,EAAE,KAAK,CAAC,SAAS,CAAC;YAC3B,eAAe,EAAE;gBACf,0BAA0B,EAAE,OAAO,CAAC,MAAM,CAAC,uBAAuB;gBAClE,yBAAyB,EAAE,OAAO,CAAC,MAAM,CAAC,sBAAsB;gBAChE,UAAU,EAAE,WAAW;gBACvB,uBAAuB,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC;aAClD;YACD,iBAAiB;YACjB,kBAAkB,EAAE,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;YAC9D,aAAa,EAAE,IAAI,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;SACjE;QACD,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,UAAU;KACX,CAAC;AACJ,CAAC"}
|
package/dist/trust.d.ts
ADDED
|
@@ -0,0 +1,4 @@
|
|
|
1
|
+
import type { TrustSignalSet } from "./types.js";
|
|
2
|
+
export declare function normalizeTrustSignals(input?: Partial<TrustSignalSet>): TrustSignalSet;
|
|
3
|
+
export declare function appendLineage(trustSignals: TrustSignalSet, lineageId: string): TrustSignalSet;
|
|
4
|
+
//# sourceMappingURL=trust.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"trust.d.ts","sourceRoot":"","sources":["../src/trust.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAkC,cAAc,EAAmB,MAAM,YAAY,CAAC;AAGlG,wBAAgB,qBAAqB,CAAC,KAAK,GAAE,OAAO,CAAC,cAAc,CAAM,GAAG,cAAc,CAyBzF;AAED,wBAAgB,aAAa,CAAC,YAAY,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,GAAG,cAAc,CAK7F"}
|
package/dist/trust.js
ADDED
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
import { randomUUID } from "node:crypto";
|
|
2
|
+
import { normalizeOrigin, sameOriginRelation } from "./utils.js";
|
|
3
|
+
export function normalizeTrustSignals(input = {}) {
|
|
4
|
+
const sourceOrigin = normalizeOrigin(input.sourceOrigin);
|
|
5
|
+
const frameOrigin = normalizeOrigin(input.frameOrigin ?? input.sourceOrigin);
|
|
6
|
+
const relation = input.sameOriginRelation ?? sameOriginRelation(sourceOrigin, frameOrigin);
|
|
7
|
+
return {
|
|
8
|
+
sourceOrigin,
|
|
9
|
+
frameOrigin,
|
|
10
|
+
sameOriginRelation: relation,
|
|
11
|
+
visibilityClass: (input.visibilityClass ?? "visible"),
|
|
12
|
+
extractionMethod: (input.extractionMethod ?? "dom"),
|
|
13
|
+
artifactKind: (input.artifactKind ?? "page"),
|
|
14
|
+
taintClass: input.taintClass ??
|
|
15
|
+
(input.userSharedFlag
|
|
16
|
+
? "user-provided"
|
|
17
|
+
: input.sessionDiscoveredFlag
|
|
18
|
+
? "session-discovered"
|
|
19
|
+
: "untrusted"),
|
|
20
|
+
approvalBindingId: input.approvalBindingId,
|
|
21
|
+
lineageChain: input.lineageChain?.length ? input.lineageChain : [randomUUID()],
|
|
22
|
+
userSharedFlag: input.userSharedFlag ?? false,
|
|
23
|
+
sessionDiscoveredFlag: input.sessionDiscoveredFlag ?? true
|
|
24
|
+
};
|
|
25
|
+
}
|
|
26
|
+
export function appendLineage(trustSignals, lineageId) {
|
|
27
|
+
return {
|
|
28
|
+
...trustSignals,
|
|
29
|
+
lineageChain: [...trustSignals.lineageChain, lineageId]
|
|
30
|
+
};
|
|
31
|
+
}
|
|
32
|
+
//# sourceMappingURL=trust.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"trust.js","sourceRoot":"","sources":["../src/trust.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAGzC,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAEjE,MAAM,UAAU,qBAAqB,CAAC,QAAiC,EAAE;IACvE,MAAM,YAAY,GAAG,eAAe,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;IACzD,MAAM,WAAW,GAAG,eAAe,CAAC,KAAK,CAAC,WAAW,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;IAC7E,MAAM,QAAQ,GACZ,KAAK,CAAC,kBAAkB,IAAI,kBAAkB,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;IAE5E,OAAO;QACL,YAAY;QACZ,WAAW;QACX,kBAAkB,EAAE,QAAQ;QAC5B,eAAe,EAAE,CAAC,KAAK,CAAC,eAAe,IAAI,SAAS,CAAoB;QACxE,gBAAgB,EAAE,CAAC,KAAK,CAAC,gBAAgB,IAAI,KAAK,CAAqB;QACvE,YAAY,EAAE,CAAC,KAAK,CAAC,YAAY,IAAI,MAAM,CAAiB;QAC5D,UAAU,EACR,KAAK,CAAC,UAAU;YAChB,CAAC,KAAK,CAAC,cAAc;gBACnB,CAAC,CAAC,eAAe;gBACjB,CAAC,CAAC,KAAK,CAAC,qBAAqB;oBAC3B,CAAC,CAAC,oBAAoB;oBACtB,CAAC,CAAC,WAAW,CAAC;QACpB,iBAAiB,EAAE,KAAK,CAAC,iBAAiB;QAC1C,YAAY,EAAE,KAAK,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC;QAC9E,cAAc,EAAE,KAAK,CAAC,cAAc,IAAI,KAAK;QAC7C,qBAAqB,EAAE,KAAK,CAAC,qBAAqB,IAAI,IAAI;KAC3D,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,YAA4B,EAAE,SAAiB;IAC3E,OAAO;QACL,GAAG,YAAY;QACf,YAAY,EAAE,CAAC,GAAG,YAAY,CAAC,YAAY,EAAE,SAAS,CAAC;KACxD,CAAC;AACJ,CAAC"}
|