@xdsjs/dossierx-daemon 0.1.16 → 0.1.18

package/dist/index.js

@@ -2290,7 +2290,7 @@ function createTaskArchive(options) {
 
 // src/version.ts
 var DAEMON_PACKAGE_NAME = "@xdsjs/dossierx-daemon";
-var DAEMON_VERSION = "0.1.16";
+var DAEMON_VERSION = "0.1.18";
 
 // src/local-api/server.ts
 var DEFAULT_MAX_FILE_BYTES = 5 * 1024 * 1024;
@@ -2307,12 +2307,51 @@ function json(response, status, body, origin) {
   });
   response.end(JSON.stringify(body));
 }
+function vercelProjectNameFromAllowedOrigin(origin) {
+  try {
+    const url = new URL(origin);
+    if (url.protocol !== "https:" || !url.hostname.endsWith(".vercel.app")) {
+      return null;
+    }
+    const label = url.hostname.slice(0, -".vercel.app".length);
+    for (const suffix of ["-beta", "-production", "-prod", "-preview", "-staging"]) {
+      if (label.endsWith(suffix) && label.length > suffix.length) {
+        return label.slice(0, -suffix.length);
+      }
+    }
+    return label;
+  } catch {
+    return null;
+  }
+}
+function isVercelDeploymentOriginAllowed(origin, allowedOrigins) {
+  let requested;
+  try {
+    requested = new URL(origin);
+  } catch {
+    return false;
+  }
+  if (requested.protocol !== "https:" || !requested.hostname.endsWith(".vercel.app")) {
+    return false;
+  }
+  const requestedLabel = requested.hostname.slice(0, -".vercel.app".length);
+  return allowedOrigins.some((allowedOriginValue) => {
+    const projectName = vercelProjectNameFromAllowedOrigin(allowedOriginValue);
+    if (!projectName) {
+      return false;
+    }
+    const deploymentPattern = new RegExp(
+      `^${projectName.replace(/[.*+?^${}()|[\]\\]/g, "\\$&")}-[a-z0-9]+-[a-z0-9-]+$`
+    );
+    return requestedLabel === projectName || deploymentPattern.test(requestedLabel);
+  });
+}
 function allowedOrigin(request, allowedOrigins) {
   const origin = request.headers.origin;
   if (!origin) {
     return "";
   }
-  return allowedOrigins.includes(origin) ? origin : null;
+  return allowedOrigins.includes(origin) || isVercelDeploymentOriginAllowed(origin, allowedOrigins) ? origin : null;
 }
 function requestUrl(request) {
   return new URL(request.url ?? "/", "http://127.0.0.1");
@@ -2545,16 +2584,40 @@ async function startWorkspaceReadServer(options) {
   const taskArchive = options.taskArchive ?? createTaskArchive({ workspaceRoot: options.workspaceRoot });
   const server = createServer((request, response) => {
     void (async () => {
+      const url = requestUrl(request);
       const origin = allowedOrigin(request, options.allowedOrigins);
       if (origin === null) {
+        if (url.pathname === "/workspace/manifest" || url.pathname === "/runtime/daemon") {
+          console.warn(
+            JSON.stringify({
+              msg: url.pathname === "/workspace/manifest" ? "workspace manifest cors rejected" : "runtime daemon cors rejected",
+              origin: request.headers.origin ?? null,
+              requestedMethod: request.headers["access-control-request-method"] ?? null,
+              requestedPrivateNetwork: request.headers["access-control-request-private-network"] ?? null,
+              status: 403,
+              error: "Origin not allowed"
+            })
+          );
+        }
         json(response, 403, { error: "Origin not allowed" });
         return;
       }
       if (request.method === "OPTIONS") {
+        if (url.pathname === "/workspace/manifest" || url.pathname === "/runtime/daemon") {
+          console.info(
+            JSON.stringify({
+              msg: url.pathname === "/workspace/manifest" ? "workspace manifest preflight served" : "runtime daemon preflight served",
+              origin,
+              requestedMethod: request.headers["access-control-request-method"] ?? null,
+              requestedPrivateNetwork: request.headers["access-control-request-private-network"] ?? null,
+              status: 204,
+              allowPrivateNetwork: true
+            })
+          );
+        }
         json(response, 204, {}, origin);
         return;
       }
-      const url = requestUrl(request);
       if (request.method === "GET" && url.pathname === "/runtime/codex") {
         json(
           response,
@@ -2565,6 +2628,14 @@ async function startWorkspaceReadServer(options) {
         return;
       }
       if (request.method === "GET" && url.pathname === "/runtime/daemon") {
+        console.info(
+          JSON.stringify({
+            msg: "runtime daemon served",
+            origin,
+            status: 200,
+            currentVersion: daemonVersion
+          })
+        );
         json(
           response,
           200,
@@ -2614,26 +2685,65 @@ async function startWorkspaceReadServer(options) {
         const ticker = url.searchParams.get("ticker");
         const market = url.searchParams.get("market");
         if (!ticker || !market) {
+          console.warn(
+            JSON.stringify({
+              msg: "workspace manifest request rejected",
+              origin,
+              ticker,
+              market,
+              status: 400,
+              error: "Missing ticker or market"
+            })
+          );
           json(response, 400, { error: "Missing ticker or market" }, origin);
           return;
         }
         try {
-          json(
-            response,
-            200,
-            await readCompanyManifest({
-              workspaceRoot: options.workspaceRoot,
+          const body = await readCompanyManifest({
+            workspaceRoot: options.workspaceRoot,
+            ticker,
+            market
+          });
+          const paths = body.manifest.pages.map((page) => page.path);
+          console.info(
+            JSON.stringify({
+              msg: "workspace manifest served",
+              origin,
               ticker,
-              market
-            }),
-            origin
+              market,
+              status: 200,
+              pageCount: paths.length,
+              hasNotebook: paths.some(
+                (item) => item.endsWith("/financial-reports/notebooklm/notebook.json")
+              ),
+              hasFactsBundle: paths.some(
+                (item) => item.endsWith("/financial-reports/ingest/facts-bundle.json")
+              ),
+              hasFinancialWiki: paths.some(
+                (item) => item.endsWith(
+                  "/financial-reports/wiki/financial-report-analysis.md"
+                )
+              )
+            })
           );
+          json(response, 200, body, origin);
         } catch (error) {
+          const message = error instanceof Error ? error.message : "Workspace manifest failed";
+          console.warn(
+            JSON.stringify({
+              msg: "workspace manifest request failed",
+              origin,
+              ticker,
+              market,
+              status: 400,
+              error: message
+            })
+          );
           json(
             response,
             400,
             {
-              error: error instanceof Error ? error.message : "Workspace manifest failed"
+              error: message
             },
             origin
           );

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@xdsjs/dossierx-daemon",
-  "version": "0.1.16",
+  "version": "0.1.18",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",