@workglow/tasks 0.2.2 → 0.2.4

package/dist/browser.js

@@ -6,17 +6,69 @@ var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require
   throw Error('Dynamic require of "' + x + '" is not supported');
 });
 
-// src/task/image/imageRasterCodecBrowser.ts
-function normalizeMimeType(mimeType) {
-  const m = mimeType.toLowerCase();
-  if (m.includes("jpeg") || m.includes("jpg")) {
+// src/task/image/imageCodecLimits.ts
+var MAX_DECODED_PIXELS = 1e8;
+var MAX_INPUT_BYTES_NODE = 64 * 1024 * 1024;
+var MAX_INPUT_BYTES_BROWSER = 8 * 1024 * 1024;
+var REJECTED_DECODE_MIME_TYPES = new Set([
+  "image/svg+xml",
+  "image/svg",
+  "image/gif",
+  "image/apng"
+]);
+var SUPPORTED_OUTPUT_MIME_TYPES = ["image/jpeg", "image/png", "image/webp"];
+function assertWithinPixelBudget(width, height) {
+  if (!Number.isFinite(width) || !Number.isFinite(height) || width <= 0 || height <= 0) {
+    throw new Error(`Image raster codec: invalid dimensions ${width}x${height}`);
+  }
+  const pixels = width * height;
+  if (pixels > MAX_DECODED_PIXELS) {
+    throw new Error(`Image raster codec: decoded image exceeds pixel budget ` + `(${width}x${height} = ${pixels} > ${MAX_DECODED_PIXELS})`);
+  }
+}
+function assertWithinByteBudget(byteLength, limit) {
+  if (byteLength > limit) {
+    throw new Error(`Image raster codec: input exceeds byte budget (${byteLength} > ${limit})`);
+  }
+}
+function formatDataUriErrorPreview(value) {
+  if (typeof value !== "string") {
+    return String(value);
+  }
+  if (value.startsWith("data:")) {
+    const commaIndex = value.indexOf(",");
+    if (commaIndex >= 0) {
+      return `${value.slice(0, commaIndex)},[REDACTED]`;
+    }
+    return `${value.slice(0, 80)}${value.length > 80 ? "…" : ""}`;
+  }
+  return `${value.slice(0, 80)}${value.length > 80 ? "…" : ""}`;
+}
+function assertIsDataUri(value) {
+  if (typeof value !== "string" || !value.startsWith("data:")) {
+    const preview = formatDataUriErrorPreview(value);
+    throw new Error(`Image raster codec: expected a data: URI but received "${preview}"`);
+  }
+}
+function extractDataUriMimeType(dataUri) {
+  const match = dataUri.match(/^data:([^;,]+)/);
+  return match?.[1]?.trim().toLowerCase();
+}
+function normalizeOutputMimeType(mimeType) {
+  const m = mimeType.toLowerCase().trim();
+  if (m === "image/jpeg" || m === "image/jpg") {
     return "image/jpeg";
   }
-  if (m.includes("webp")) {
+  if (m === "image/png") {
+    return "image/png";
+  }
+  if (m === "image/webp") {
     return "image/webp";
   }
-  return "image/png";
+  throw new Error(`Image raster codec: unsupported output mime type "${mimeType}". ` + `Supported: ${SUPPORTED_OUTPUT_MIME_TYPES.join(", ")}.`);
 }
+
+// src/task/image/imageRasterCodecBrowser.ts
 function arrayBufferToBase64(buffer) {
   const bytes = new Uint8Array(buffer);
   const CHUNK = 8192;
@@ -76,22 +128,32 @@ function get2dContext(width, height) {
   throw new Error("No Canvas implementation available in this environment");
 }
 async function decodeDataUri(dataUri) {
+  assertIsDataUri(dataUri);
+  const declaredMime = extractDataUriMimeType(dataUri);
+  if (declaredMime && REJECTED_DECODE_MIME_TYPES.has(declaredMime)) {
+    throw new Error(`Image raster codec: refusing to rasterize "${declaredMime}". ` + `Vector and animated formats lose information when converted to pixels. ` + `Convert to PNG, JPEG, or WebP before passing to the codec.`);
+  }
   const response = await fetch(dataUri);
   const blob = await response.blob();
+  assertWithinByteBudget(blob.size, MAX_INPUT_BYTES_BROWSER);
   const bmp = await createImageBitmap(blob);
-  const { ctx } = get2dContext(bmp.width, bmp.height);
-  ctx.drawImage(bmp, 0, 0);
-  const id = ctx.getImageData(0, 0, bmp.width, bmp.height);
-  bmp.close();
-  return {
-    data: new Uint8ClampedArray(id.data),
-    width: id.width,
-    height: id.height,
-    channels: 4
-  };
+  try {
+    assertWithinPixelBudget(bmp.width, bmp.height);
+    const { ctx } = get2dContext(bmp.width, bmp.height);
+    ctx.drawImage(bmp, 0, 0);
+    const id = ctx.getImageData(0, 0, bmp.width, bmp.height);
+    return {
+      data: new Uint8ClampedArray(id.data),
+      width: id.width,
+      height: id.height,
+      channels: 4
+    };
+  } finally {
+    bmp.close();
+  }
 }
 async function encodeDataUri(image, mimeType) {
-  const fmt = normalizeMimeType(mimeType);
+  const fmt = normalizeOutputMimeType(mimeType);
   const { canvas, ctx } = get2dContext(image.width, image.height);
   ctx.putImageData(rasterToImageData(image), 0, 0);
   if (canvas instanceof OffscreenCanvas) {
@@ -659,6 +721,280 @@ Workflow10.prototype.multiply = CreateAdaptiveWorkflow(ScalarMultiplyTask, Vecto
 Workflow10.prototype.divide = CreateAdaptiveWorkflow(ScalarDivideTask, VectorDivideTask);
 Workflow10.prototype.sum = CreateAdaptiveWorkflow(ScalarSumTask, VectorSumTask);
 
+// src/util/SafeFetch.ts
+import { PermanentJobError } from "@workglow/job-queue";
+
+// src/util/UrlClassifier.ts
+import ipaddr from "ipaddr.js";
+var PRIVATE_EXACT_HOSTS = new Set([
+  "localhost",
+  "localhost.localdomain",
+  "ip6-localhost",
+  "ip6-loopback",
+  "metadata.google.internal",
+  "metadata.internal",
+  "metadata.azure.com",
+  "instance-data"
+]);
+var PRIVATE_DOMAIN_SUFFIXES = [
+  "local",
+  "localhost",
+  "internal",
+  "lan",
+  "home.arpa",
+  "corp",
+  "intranet",
+  "private",
+  "localdomain"
+];
+var PRIVATE_IPV4_RANGES = new Set([
+  "unspecified",
+  "broadcast",
+  "multicast",
+  "linkLocal",
+  "loopback",
+  "carrierGradeNat",
+  "private",
+  "reserved",
+  "benchmarking"
+]);
+var PRIVATE_IPV6_RANGES = new Set([
+  "unspecified",
+  "linkLocal",
+  "multicast",
+  "loopback",
+  "uniqueLocal",
+  "ipv4Mapped",
+  "ipv4Compat",
+  "rfc6145",
+  "rfc6052",
+  "6to4",
+  "teredo",
+  "reserved",
+  "benchmarking",
+  "amt",
+  "as112v6",
+  "deprecated",
+  "orchid2",
+  "droneRemoteIdProtocolEntityTags"
+]);
+function tryNormalizeIPv4(host) {
+  if (host.length === 0)
+    return;
+  if (/^\d{1,3}(\.\d{1,3}){3}$/.test(host)) {
+    const octets = host.split(".").map((s) => parseInt(s, 10));
+    if (octets.every((n) => n >= 0 && n <= 255)) {
+      return octets.join(".");
+    }
+    return;
+  }
+  const parts = host.split(".");
+  if (parts.length < 1 || parts.length > 4)
+    return;
+  const nums = [];
+  for (const p of parts) {
+    if (p.length === 0)
+      return;
+    let n;
+    if (/^0[xX][0-9a-fA-F]+$/.test(p)) {
+      n = parseInt(p.slice(2), 16);
+    } else if (/^0[0-7]+$/.test(p)) {
+      n = parseInt(p, 8);
+    } else if (/^\d+$/.test(p)) {
+      n = parseInt(p, 10);
+    } else {
+      return;
+    }
+    if (!Number.isFinite(n) || n < 0)
+      return;
+    nums.push(n);
+  }
+  let addr;
+  if (nums.length === 1) {
+    if (nums[0] > 4294967295)
+      return;
+    addr = nums[0];
+  } else if (nums.length === 2) {
+    if (nums[0] > 255 || nums[1] > 16777215)
+      return;
+    addr = nums[0] * 16777216 + nums[1];
+  } else if (nums.length === 3) {
+    if (nums[0] > 255 || nums[1] > 255 || nums[2] > 65535)
+      return;
+    addr = nums[0] * 16777216 + nums[1] * 65536 + nums[2];
+  } else {
+    if (nums.some((n) => n > 255))
+      return;
+    addr = nums[0] * 16777216 + nums[1] * 65536 + nums[2] * 256 + nums[3];
+  }
+  const o1 = Math.floor(addr / 16777216) & 255;
+  const o2 = Math.floor(addr / 65536) & 255;
+  const o3 = Math.floor(addr / 256) & 255;
+  const o4 = addr & 255;
+  return `${o1}.${o2}.${o3}.${o4}`;
+}
+function classifyIpLiteral(host) {
+  if (host.includes(":")) {
+    let ipv6;
+    try {
+      ipv6 = ipaddr.IPv6.parse(host);
+    } catch {
+      return;
+    }
+    if (ipv6.isIPv4MappedAddress()) {
+      const v4 = ipv6.toIPv4Address();
+      const range3 = v4.range();
+      const canonical3 = v4.toNormalizedString();
+      if (PRIVATE_IPV4_RANGES.has(range3)) {
+        return { kind: "private", reason: `IPv4-mapped IPv6 in ${range3} range`, canonical: canonical3 };
+      }
+      return { kind: "public", canonical: canonical3 };
+    }
+    const range2 = ipv6.range();
+    const canonical2 = ipv6.toNormalizedString();
+    if (PRIVATE_IPV6_RANGES.has(range2)) {
+      return { kind: "private", reason: `IPv6 in ${range2} range`, canonical: canonical2 };
+    }
+    return { kind: "public", canonical: canonical2 };
+  }
+  const canonical = tryNormalizeIPv4(host);
+  if (canonical === undefined)
+    return;
+  let ipv4;
+  try {
+    ipv4 = ipaddr.IPv4.parse(canonical);
+  } catch {
+    return;
+  }
+  const range = ipv4.range();
+  if (PRIVATE_IPV4_RANGES.has(range)) {
+    return { kind: "private", reason: `IPv4 in ${range} range`, canonical };
+  }
+  return { kind: "public", canonical };
+}
+function normalizeHost(host) {
+  let h = host;
+  if (h.startsWith("[") && h.endsWith("]")) {
+    h = h.slice(1, -1);
+  }
+  while (h.endsWith(".")) {
+    h = h.slice(0, -1);
+  }
+  return h.toLowerCase();
+}
+function matchesPrivateHostnamePattern(host) {
+  if (PRIVATE_EXACT_HOSTS.has(host)) {
+    return `host '${host}' is a reserved private name`;
+  }
+  for (const suffix of PRIVATE_DOMAIN_SUFFIXES) {
+    if (host === suffix || host.endsWith("." + suffix)) {
+      return `host matches private suffix '.${suffix}'`;
+    }
+  }
+  return;
+}
+function classifyUrl(urlStr) {
+  if (typeof urlStr !== "string" || urlStr.length === 0) {
+    return { kind: "invalid", reason: "empty or non-string URL" };
+  }
+  let parsed;
+  try {
+    parsed = new URL(urlStr);
+  } catch {
+    return { kind: "invalid", reason: "malformed URL" };
+  }
+  if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
+    return { kind: "invalid", reason: `unsupported protocol '${parsed.protocol}'` };
+  }
+  if (parsed.username.length > 0 || parsed.password.length > 0) {
+    return { kind: "invalid", reason: "URL credentials are not allowed" };
+  }
+  const host = normalizeHost(parsed.hostname);
+  if (host.length === 0) {
+    return { kind: "invalid", reason: "empty host" };
+  }
+  const ipClassification = classifyIpLiteral(host);
+  if (ipClassification !== undefined) {
+    return {
+      kind: ipClassification.kind,
+      reason: ipClassification.reason,
+      host,
+      literalIp: ipClassification.canonical
+    };
+  }
+  const hostnameReason = matchesPrivateHostnamePattern(host);
+  if (hostnameReason !== undefined) {
+    return { kind: "private", reason: hostnameReason, host };
+  }
+  return { kind: "public", host };
+}
+function urlResourcePattern(urlStr) {
+  let parsed;
+  try {
+    parsed = new URL(urlStr);
+  } catch {
+    return urlStr;
+  }
+  const origin = parsed.port.length > 0 ? `${parsed.protocol}//${parsed.host}` : `${parsed.protocol}//${parsed.hostname}`;
+  return `${origin}/*`;
+}
+
+// src/util/SafeFetch.ts
+var MAX_REDIRECT_HOPS = 20;
+function assertAllowedUrl(url, allowPrivate) {
+  const classification = classifyUrl(url);
+  if (classification.kind === "invalid") {
+    throw new PermanentJobError(`Refusing to fetch invalid URL: ${classification.reason}`);
+  }
+  if (classification.kind === "private" && !allowPrivate) {
+    throw new PermanentJobError(`Refusing to fetch private/internal URL ${url}: ${classification.reason}. ` + `Grant the 'network:private' entitlement to allow this request.`);
+  }
+}
+function isRedirectStatus(status) {
+  return status === 301 || status === 302 || status === 303 || status === 307 || status === 308;
+}
+async function defaultSafeFetch(url, options) {
+  const requestedRedirectMode = options.redirect ?? "follow";
+  const { allowPrivate, redirect: _redirect, ...fetchOptions } = options;
+  let currentUrl = url;
+  for (let hops = 0;hops <= MAX_REDIRECT_HOPS; hops += 1) {
+    assertAllowedUrl(currentUrl, allowPrivate);
+    const response = await globalThis.fetch(currentUrl, {
+      ...fetchOptions,
+      redirect: "manual"
+    });
+    if (!isRedirectStatus(response.status)) {
+      return response;
+    }
+    if (requestedRedirectMode === "manual") {
+      return response;
+    }
+    if (requestedRedirectMode === "error") {
+      throw new TypeError(`Fetch for ${currentUrl} failed because redirect mode was set to 'error'.`);
+    }
+    const location = response.headers.get("location");
+    if (!location) {
+      throw new PermanentJobError(`Refusing to follow redirect from ${currentUrl}: missing Location header.`);
+    }
+    currentUrl = new URL(location, currentUrl).toString();
+  }
+  throw new PermanentJobError(`Refusing to fetch ${url}: too many redirects.`);
+}
+var currentImpl = defaultSafeFetch;
+function registerSafeFetch(fn) {
+  const previousImpl = currentImpl;
+  currentImpl = fn;
+  return previousImpl;
+}
+function getSafeFetchImpl() {
+  return currentImpl;
+}
+function resetSafeFetch() {
+  currentImpl = defaultSafeFetch;
+}
+function safeFetch(url, options = {}) {
+  return currentImpl(url, options);
+}
 // src/mcp-server/getMcpServerConfig.ts
 function getMcpServerConfig(configOrInput) {
   const server = configOrInput.server;
@@ -1846,7 +2182,7 @@ Workflow13.prototype.delay = CreateWorkflow12(DelayTask);
 import {
   AbortSignalJobError,
   Job,
-  PermanentJobError,
+  PermanentJobError as PermanentJobError2,
   RetryableJobError
 } from "@workglow/job-queue";
 import {
@@ -1855,52 +2191,13 @@ import {
   getJobQueueFactory,
   getTaskQueueRegistry,
   JobTaskFailedError,
+  mergeEntitlements,
   Task as Task13,
   TaskConfigSchema as TaskConfigSchema3,
   TaskConfigurationError,
   TaskInvalidInputError as TaskInvalidInputError2,
   Workflow as Workflow14
 } from "@workglow/task-graph";
-var PRIVATE_IP_RANGES = [
-  /^127\./,
-  /^10\./,
-  /^172\.(1[6-9]|2\d|3[01])\./,
-  /^192\.168\./,
-  /^169\.254\./,
-  /^0\./,
-  /^fc00:/i,
-  /^fe80:/i,
-  /^::1$/,
-  /^::$/
-];
-var PRIVATE_HOSTNAMES = new Set(["localhost", "metadata.google.internal", "metadata.internal"]);
-function isAllowPrivateUrlsEnvSet() {
-  if (globalThis?.process?.env?.WORKGLOW_ALLOW_PRIVATE_URLS === "true") {
-    return true;
-  }
-  const viteEnv = import.meta.env;
-  return viteEnv?.VITE_WORKGLOW_ALLOW_PRIVATE_URLS === "true";
-}
-function isPrivateUrl(urlStr) {
-  if (isAllowPrivateUrlsEnvSet()) {
-    return false;
-  }
-  try {
-    const parsed = new URL(urlStr);
-    const hostname = parsed.hostname.toLowerCase().replace(/^\[|\]$/g, "");
-    if (PRIVATE_HOSTNAMES.has(hostname) || hostname.endsWith(".local")) {
-      return true;
-    }
-    for (const range of PRIVATE_IP_RANGES) {
-      if (range.test(hostname)) {
-        return true;
-      }
-    }
-    return false;
-  } catch {
-    return false;
-  }
-}
 var inputSchema13 = {
   type: "object",
   properties: {
@@ -1988,7 +2285,7 @@ async function fetchWithProgress(url, options = {}, onProgress) {
   if (!options.signal) {
     throw new TaskConfigurationError("An AbortSignal must be provided.");
   }
-  const response = await globalThis.fetch(url, options);
+  const response = await safeFetch(url, options);
   if (!response.body) {
     throw new Error("ReadableStream not supported in this environment.");
   }
@@ -2037,14 +2334,16 @@ async function fetchWithProgress(url, options = {}, onProgress) {
 class FetchUrlJob extends Job {
   static type = "FetchUrlJob";
   async execute(input, context) {
-    if (isPrivateUrl(input.url)) {
-      throw new PermanentJobError(`Requests to private/internal networks are not allowed: ${input.url}. ` + `Set WORKGLOW_ALLOW_PRIVATE_URLS=true to override.`);
+    const classification = classifyUrl(input.url);
+    if (classification.kind === "invalid") {
+      throw new PermanentJobError2(`Refusing to fetch invalid URL ${input.url}: ${classification.reason ?? "malformed"}`);
     }
     const response = await fetchWithProgress(input.url, {
       method: input.method,
       headers: input.headers,
       body: input.body,
-      signal: context.signal
+      signal: context.signal,
+      allowPrivate: classification.kind === "private"
     }, async (progress) => await context.updateProgress(progress));
     if (response.ok) {
       const contentType = response.headers.get("content-type") ?? "";
@@ -2097,7 +2396,7 @@ class FetchUrlJob extends Job {
         }
         throw new RetryableJobError(`Failed to fetch ${input.url}: ${response.status} ${response.statusText}`, retryDate);
       } else {
-        throw new PermanentJobError(`Failed to fetch ${input.url}: ${response.status} ${response.statusText}`);
+        throw new PermanentJobError2(`Failed to fetch ${input.url}: ${response.status} ${response.statusText}`);
       }
     }
   }
@@ -2121,6 +2420,7 @@ class FetchUrlTask extends Task13 {
   static title = "Fetch";
   static description = "Fetches data from a URL with progress tracking and automatic retry handling";
   static hasDynamicSchemas = true;
+  static hasDynamicEntitlements = true;
   static entitlements() {
     return {
       entitlements: [
@@ -2133,6 +2433,33 @@ class FetchUrlTask extends Task13 {
       ]
     };
   }
+  entitlements() {
+    const base = FetchUrlTask.entitlements();
+    const url = this.runInputData?.url;
+    if (typeof url !== "string" || url.length === 0) {
+      return mergeEntitlements(base, {
+        entitlements: [
+          {
+            id: Entitlements.NETWORK_PRIVATE,
+            reason: "Runtime URL is not yet available during entitlement evaluation; private/internal destinations must be explicitly allowed"
+          }
+        ]
+      });
+    }
+    const classification = classifyUrl(url);
+    if (classification.kind !== "private") {
+      return base;
+    }
+    return mergeEntitlements(base, {
+      entitlements: [
+        {
+          id: Entitlements.NETWORK_PRIVATE,
+          reason: `URL targets private/internal host: ${classification.reason ?? classification.host ?? "unknown"}`,
+          resources: [urlResourcePattern(url)]
+        }
+      ]
+    });
+  }
   static configSchema() {
     return fetchUrlTaskConfigSchema;
   }
@@ -8832,7 +9159,7 @@ Workflow38.prototype.lambda = CreateWorkflow37(LambdaTask);
 import {
   CreateWorkflow as CreateWorkflow38,
   Entitlements as Entitlements3,
-  mergeEntitlements,
+  mergeEntitlements as mergeEntitlements2,
   Task as Task37,
   Workflow as Workflow39
 } from "@workglow/task-graph";
@@ -9027,13 +9354,13 @@ class McpListTask extends Task37 {
     const base = McpListTask.entitlements();
     const transport = getMcpServerTransport(this);
     if (transport === "stdio") {
-      return mergeEntitlements(base, {
+      return mergeEntitlements2(base, {
         entitlements: [
           { id: Entitlements3.MCP_STDIO, reason: "Uses stdio transport to spawn local process" }
         ]
       });
     }
-    return mergeEntitlements(base, {
+    return mergeEntitlements2(base, {
       entitlements: [{ id: Entitlements3.NETWORK_HTTP, reason: "Connects to MCP server over HTTP" }]
     });
   }
@@ -9120,7 +9447,7 @@ Workflow39.prototype.mcpList = CreateWorkflow38(McpListTask);
 import {
   CreateWorkflow as CreateWorkflow39,
   Entitlements as Entitlements4,
-  mergeEntitlements as mergeEntitlements2,
+  mergeEntitlements as mergeEntitlements3,
   Task as Task38,
   TaskConfigSchema as TaskConfigSchema8,
   Workflow as Workflow40
@@ -9276,13 +9603,13 @@ class McpPromptGetTask extends Task38 {
     const base = McpPromptGetTask.entitlements();
     const transport = getMcpServerTransport(this);
     if (transport === "stdio") {
-      return mergeEntitlements2(base, {
+      return mergeEntitlements3(base, {
         entitlements: [
           { id: Entitlements4.MCP_STDIO, reason: "Uses stdio transport to spawn local process" }
         ]
       });
     }
-    return mergeEntitlements2(base, {
+    return mergeEntitlements3(base, {
       entitlements: [
         { id: Entitlements4.NETWORK_HTTP, reason: "Connects to MCP server over HTTP" },
         { id: Entitlements4.CREDENTIAL, reason: "May require authentication", optional: true }
@@ -9386,7 +9713,7 @@ Workflow40.prototype.mcpPromptGet = CreateWorkflow39(McpPromptGetTask);
 import {
   CreateWorkflow as CreateWorkflow40,
   Entitlements as Entitlements5,
-  mergeEntitlements as mergeEntitlements3,
+  mergeEntitlements as mergeEntitlements4,
   Task as Task39,
   TaskConfigSchema as TaskConfigSchema9,
   Workflow as Workflow41
@@ -9455,13 +9782,13 @@ class McpResourceReadTask extends Task39 {
     const base = McpResourceReadTask.entitlements();
     const transport = getMcpServerTransport(this);
     if (transport === "stdio") {
-      return mergeEntitlements3(base, {
+      return mergeEntitlements4(base, {
         entitlements: [
           { id: Entitlements5.MCP_STDIO, reason: "Uses stdio transport to spawn local process" }
         ]
       });
     }
-    return mergeEntitlements3(base, {
+    return mergeEntitlements4(base, {
       entitlements: [
         { id: Entitlements5.NETWORK_HTTP, reason: "Connects to MCP server over HTTP" },
         { id: Entitlements5.CREDENTIAL, reason: "May require authentication", optional: true }
@@ -9687,7 +10014,7 @@ Workflow42.prototype.mcpSearch = CreateWorkflow41(McpSearchTask);
 import {
   CreateWorkflow as CreateWorkflow42,
   Entitlements as Entitlements7,
-  mergeEntitlements as mergeEntitlements4,
+  mergeEntitlements as mergeEntitlements5,
   Task as Task41,
   TaskConfigSchema as TaskConfigSchema10,
   Workflow as Workflow43
@@ -9835,13 +10162,13 @@ class McpToolCallTask extends Task41 {
     const base = McpToolCallTask.entitlements();
     const transport = getMcpServerTransport(this);
     if (transport === "stdio") {
-      return mergeEntitlements4(base, {
+      return mergeEntitlements5(base, {
         entitlements: [
           { id: Entitlements7.MCP_STDIO, reason: "Uses stdio transport to spawn local process" }
         ]
       });
     }
-    return mergeEntitlements4(base, {
+    return mergeEntitlements5(base, {
       entitlements: [
         { id: Entitlements7.NETWORK_HTTP, reason: "Connects to MCP server over HTTP" },
         { id: Entitlements7.CREDENTIAL, reason: "May require authentication", optional: true }
@@ -11934,18 +12261,24 @@ var registerCommonTasks2 = () => {
   return [...tasks, FileLoaderTask];
 };
 export {
+  urlResourcePattern,
+  tryNormalizeIPv4,
   split,
   setGlobalMcpServerRepository,
   searchMcpRegistryPage,
   searchMcpRegistry,
+  safeFetch,
   resolveImageInput,
   resolveHumanConnector,
   resolveAuthSecrets,
+  resetSafeFetch,
+  registerSafeFetch,
   registerMcpTaskDeps,
   registerMcpServer,
   registerImageRasterCodec,
   registerCommonTasks2 as registerCommonTasks,
   produceImageOutput,
+  normalizeOutputMimeType,
   merge,
   mcpTransportTypes,
   mcpToolCall,
@@ -11963,6 +12296,7 @@ export {
   json,
   javaScript,
   isDataUriImage,
+  getSafeFetchImpl,
   getMcpTaskDeps,
   getMcpServerConfig,
   getMcpServer,
@@ -11972,11 +12306,17 @@ export {
   formatImageOutput,
   fileLoader,
   fetchUrl,
+  extractDataUriMimeType,
   delay,
   debugLog,
   createMcpClient,
   createAuthProvider,
+  classifyUrl,
+  classifyIpLiteral,
   buildAuthConfig,
+  assertWithinPixelBudget,
+  assertWithinByteBudget,
+  assertIsDataUri,
   VectorSumTask,
   VectorSubtractTask,
   VectorScaleTask,
@@ -12011,7 +12351,9 @@ export {
   ScalarCeilTask,
   ScalarAddTask,
   ScalarAbsTask,
+  SUPPORTED_OUTPUT_MIME_TYPES,
   RegexTask,
+  REJECTED_DECODE_MIME_TYPES,
   OutputTask,
   MergeTask,
   McpToolCallTask,
@@ -12026,6 +12368,9 @@ export {
   MCP_TASK_DEPS,
   MCP_SERVER_REPOSITORY,
   MCP_SERVERS,
+  MAX_INPUT_BYTES_NODE,
+  MAX_INPUT_BYTES_BROWSER,
+  MAX_DECODED_PIXELS,
   LambdaTask,
   JsonTask,
   JsonPathTask,
@@ -12066,4 +12411,4 @@ export {
   ArrayTask
 };
 
-//# debugId=D5A41017EFB846FA64756E2164756E21
+//# debugId=D1A8BE957A811A1A64756E2164756E21