@zhixuan92/multi-model-agent-core 4.7.19 → 4.8.0

package/dist/research/ssrf-guard.js

@@ -1,209 +0,0 @@
-import { isIP } from 'node:net';
-import { promises as dns } from 'node:dns';
-export class SsrfBlocked extends Error {
-    code;
-    constructor(code, message) {
-        super(message);
-        this.code = code;
-        this.name = 'SsrfBlocked';
-    }
-}
-function ipv4ToInt(ip) {
-    const parts = ip.split('.').map(Number);
-    if (parts.length !== 4 || parts.some(p => Number.isNaN(p) || p < 0 || p > 255))
-        return null;
-    return ((parts[0] << 24) | (parts[1] << 16) | (parts[2] << 8) | parts[3]) >>> 0;
-}
-const inRange = (n, base, mask) => {
-    const b = ipv4ToInt(base);
-    if (b === null)
-        return false;
-    const m = mask === 0 ? 0 : (~0 << (32 - mask)) >>> 0;
-    return (n & m) === (b & m);
-};
-const IPV4_SPECIAL_RANGES = [
-    ['0.0.0.0', 8, 'unspecified'],
-    ['127.0.0.0', 8, 'loopback'],
-    ['10.0.0.0', 8, 'private'],
-    ['172.16.0.0', 12, 'private'],
-    ['192.168.0.0', 16, 'private'],
-    ['100.64.0.0', 10, 'private'], // RFC 6598 CGNAT; opt-in allowable with private hosts.
-    ['169.254.0.0', 16, 'link-local-or-metadata'],
-    // IANA IPv4 special-purpose ranges that are not normal public internet destinations.
-    ['192.0.0.0', 24, 'broadcast-or-reserved'],
-    ['192.0.2.0', 24, 'broadcast-or-reserved'], // TEST-NET-1
-    ['198.18.0.0', 15, 'broadcast-or-reserved'], // benchmarking
-    ['198.51.100.0', 24, 'broadcast-or-reserved'], // TEST-NET-2
-    ['203.0.113.0', 24, 'broadcast-or-reserved'], // TEST-NET-3
-    ['224.0.0.0', 4, 'multicast'],
-    ['240.0.0.0', 4, 'broadcast-or-reserved'],
-];
-/**
- * Extract a 32-bit unsigned int from a 4-hex-group region of an expanded IPv6
- * address (used for IPv4-mapped and 6to4 embedded-IPv4 extraction).
- *
- * Returns null on malformed input. The caller stringifies back to dotted-quad
- * via classifyIP, so we don't need pretty formatting here.
- */
-function expandIPv6Groups(addr) {
-    // Split on '::' (at most once); pad missing groups with '0'.
-    const halves = addr.split('::');
-    if (halves.length > 2)
-        return null;
-    const left = halves[0] ? halves[0].split(':') : [];
-    const right = halves.length === 2 && halves[1] ? halves[1].split(':') : [];
-    const fill = 8 - (left.length + right.length);
-    if (fill < 0)
-        return null;
-    if (halves.length === 1 && left.length !== 8)
-        return null;
-    return [...left, ...Array(fill).fill('0'), ...right]
-        .map((g) => g.padStart(4, '0').toLowerCase());
-}
-function groupsToIPv4(g, startGroup) {
-    if (g.length < startGroup + 2)
-        return null;
-    const hi = parseInt(g[startGroup], 16);
-    const lo = parseInt(g[startGroup + 1], 16);
-    if (Number.isNaN(hi) || Number.isNaN(lo))
-        return null;
-    const a = (hi >> 8) & 0xff, b = hi & 0xff, c = (lo >> 8) & 0xff, d = lo & 0xff;
-    return `${a}.${b}.${c}.${d}`;
-}
-export function classifyIP(ip) {
-    const lower = ip.toLowerCase();
-    // Cloud-metadata ULAs (informal cloud-provider conventions; not IANA-registered)
-    // Checked before isIP because these patterns may use non-hex tokens like 'gcp'/'az'.
-    if (/^fd00:(ec2|gcp|az):/.test(lower))
-        return 'link-local-or-metadata';
-    const v = isIP(ip);
-    if (v === 4) {
-        const n = ipv4ToInt(ip);
-        if (n === null)
-            return 'broadcast-or-reserved';
-        if (n === 0xffffffff)
-            return 'broadcast-or-reserved';
-        for (const [base, mask, klass] of IPV4_SPECIAL_RANGES) {
-            if (inRange(n, base, mask))
-                return klass;
-        }
-        return 'public';
-    }
-    if (v === 6) {
-        if (lower === '::')
-            return 'unspecified';
-        if (lower === '::1')
-            return 'loopback';
-        // IPv4-mapped IPv6 (::ffff:a.b.c.d or ::ffff:HEXHEX:HEXHEX) — recurse on embedded IPv4
-        const v4mapped = lower.match(/^::ffff:(\d+\.\d+\.\d+\.\d+)$/);
-        if (v4mapped)
-            return classifyIP(v4mapped[1]);
-        const groups = expandIPv6Groups(lower);
-        if (groups && groups[0] === '0000' && groups[1] === '0000' && groups[2] === '0000'
-            && groups[3] === '0000' && groups[4] === '0000' && groups[5] === 'ffff') {
-            const embedded = groupsToIPv4(groups, 6);
-            if (embedded)
-                return classifyIP(embedded);
-        }
-        // 6to4 (2002::/16) — embeds IPv4 at bits 16–47 (groups 1 + 2). Recurse.
-        if (groups && groups[0] === '2002') {
-            const embedded = groupsToIPv4(groups, 1);
-            if (embedded)
-                return classifyIP(embedded);
-        }
-        // fe80::/10 link-local (covers fe80–febf when interpreted strictly).
-        if (groups && /^fe[89ab]/.test(groups[0]))
-            return 'link-local-or-metadata';
-        // Locally-assigned ULA (fc00::/8) and randomly-assigned ULA (fd00::/8) → 'private'.
-        // The opt-in policy in spec §7.1 step 8 distinguishes these two halves;
-        // classifyIP only reports membership in the conditional-reject set.
-        if (groups && (groups[0].startsWith('fc') || groups[0].startsWith('fd'))) {
-            return 'private';
-        }
-        if (lower.startsWith('ff'))
-            return 'multicast';
-        // IANA IPv6 special-purpose ranges that are not normal public internet destinations.
-        if (groups && groups[0] === '2001' && groups[1] === '0db8')
-            return 'broadcast-or-reserved';
-        if (groups && groups[0] === '2001' && /^0[0-1]/.test(groups[1] ?? ''))
-            return 'broadcast-or-reserved';
-        // Note: `fec0::/10` was a deprecated site-local block (RFC 3879). Modern
-        // unicast addresses outside fc00::/7 (e.g. `fec1::1`) are **routable**
-        // under current IANA allocations — classify as public, NOT link-local.
-        return 'public';
-    }
-    return 'broadcast-or-reserved';
-}
-const isNoRecordsError = (error) => {
-    const code = error?.code;
-    return code === 'ENODATA' || code === 'ENOTFOUND' || code === 'ESERVFAIL';
-};
-const defaultResolve = async (host) => {
-    const [v4, v6] = await Promise.allSettled([
-        dns.resolve4(host),
-        dns.resolve6(host),
-    ]);
-    const results = [];
-    if (v4.status === 'fulfilled')
-        results.push(...v4.value);
-    if (v6.status === 'fulfilled')
-        results.push(...v6.value);
-    if (results.length > 0)
-        return results;
-    const failures = [v4, v6].filter((r) => r.status === 'rejected');
-    if (failures.length > 0 && failures.some((r) => !isNoRecordsError(r.reason))) {
-        throw new Error('DNS resolution failed');
-    }
-    return results;
-};
-const BLOCKED_CLASSES_STRICT = new Set([
-    'loopback',
-    'private',
-    'link-local-or-metadata',
-    'unspecified',
-    'multicast',
-    'broadcast-or-reserved',
-]);
-const BLOCKED_CLASSES_PERMISSIVE = new Set([
-    'loopback',
-    'link-local-or-metadata',
-    'unspecified',
-    'multicast',
-    'broadcast-or-reserved',
-]);
-function isLocallyAssignedULA(ip) {
-    if (isIP(ip) !== 6)
-        return false;
-    const groups = expandIPv6Groups(ip.toLowerCase());
-    if (!groups)
-        return false;
-    return groups[0].startsWith('fc');
-}
-export async function resolveAndPin(host, options) {
-    const resolve = options.resolve ?? defaultResolve;
-    let ips;
-    try {
-        ips = await resolve(host);
-    }
-    catch {
-        throw new SsrfBlocked('web_fetch_dns_resolution_failed', `web_fetch_dns_resolution_failed: DNS resolution failed for host '${host}'`);
-    }
-    if (ips.length === 0) {
-        throw new SsrfBlocked('web_fetch_no_addresses', `web_fetch_no_addresses: no addresses resolved for host '${host}'`);
-    }
-    const blocked = options.allowPrivateForHost
-        ? BLOCKED_CLASSES_PERMISSIVE
-        : BLOCKED_CLASSES_STRICT;
-    for (const ip of ips) {
-        const klass = classifyIP(ip);
-        if (blocked.has(klass)) {
-            throw new SsrfBlocked('web_fetch_private_ip_blocked', `web_fetch_private_ip_blocked: resolved IP class '${klass}' is not allowed for host '${host}'`);
-        }
-        // fc00::/8 locally-assigned ULA is always-reject, even in permissive mode
-        if (isLocallyAssignedULA(ip)) {
-            throw new SsrfBlocked('web_fetch_private_ip_blocked', `web_fetch_private_ip_blocked: resolved IP is locally-assigned ULA (fc00::/8), which is never allowed for host '${host}'`);
-        }
-    }
-    return ips[0];
-}
-//# sourceMappingURL=ssrf-guard.js.map

package/dist/research/ssrf-guard.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"ssrf-guard.js","sourceRoot":"","sources":["../../src/research/ssrf-guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,UAAU,CAAC;AAChC,OAAO,EAAE,QAAQ,IAAI,GAAG,EAAE,MAAM,UAAU,CAAC;AAW3C,MAAM,OAAO,WAAY,SAAQ,KAAK;IACR;IAA5B,YAA4B,IAAY,EAAE,OAAe;QACvD,KAAK,CAAC,OAAO,CAAC,CAAC;QADW,SAAI,GAAJ,IAAI,CAAQ;QAEtC,IAAI,CAAC,IAAI,GAAG,aAAa,CAAC;IAC5B,CAAC;CACF;AAED,SAAS,SAAS,CAAC,EAAU;IAC3B,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACxC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAC5F,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;AAClF,CAAC;AAED,MAAM,OAAO,GAAG,CAAC,CAAS,EAAE,IAAY,EAAE,IAAY,EAAW,EAAE;IACjE,MAAM,CAAC,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAC1B,IAAI,CAAC,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IAC7B,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC;IACrD,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;AAC7B,CAAC,CAAC;AAEF,MAAM,mBAAmB,GAAwD;IAC/E,CAAC,SAAS,EAAE,CAAC,EAAE,aAAa,CAAC;IAC7B,CAAC,WAAW,EAAE,CAAC,EAAE,UAAU,CAAC;IAC5B,CAAC,UAAU,EAAE,CAAC,EAAE,SAAS,CAAC;IAC1B,CAAC,YAAY,EAAE,EAAE,EAAE,SAAS,CAAC;IAC7B,CAAC,aAAa,EAAE,EAAE,EAAE,SAAS,CAAC;IAC9B,CAAC,YAAY,EAAE,EAAE,EAAE,SAAS,CAAC,EAAE,uDAAuD;IACtF,CAAC,aAAa,EAAE,EAAE,EAAE,wBAAwB,CAAC;IAC7C,qFAAqF;IACrF,CAAC,WAAW,EAAE,EAAE,EAAE,uBAAuB,CAAC;IAC1C,CAAC,WAAW,EAAE,EAAE,EAAE,uBAAuB,CAAC,EAAE,aAAa;IACzD,CAAC,YAAY,EAAE,EAAE,EAAE,uBAAuB,CAAC,EAAE,eAAe;IAC5D,CAAC,cAAc,EAAE,EAAE,EAAE,uBAAuB,CAAC,EAAE,aAAa;IAC5D,CAAC,aAAa,EAAE,EAAE,EAAE,uBAAuB,CAAC,EAAE,aAAa;IAC3D,CAAC,WAAW,EAAE,CAAC,EAAE,WAAW,CAAC;IAC7B,CAAC,WAAW,EAAE,CAAC,EAAE,uBAAuB,CAAC;CAC1C,CAAC;AAEF;;;;;;GAMG;AACH,SAAS,gBAAgB,CAAC,IAAY;IACpC,6DAA6D;IAC7D,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAChC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACnC,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACnD,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC3E,MAAM,IAAI,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;IAC9C,IAAI,IAAI,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAC1B,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAC1D,OAAO,CAAC,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,KAAK,CAAC;SACjD,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;AAClD,CAAC;AAED,SAAS,YAAY,CAAC,CAAW,EAAE,UAAkB;IACnD,IAAI,CAAC,CAAC,MAAM,GAAG,UAAU,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAC3C,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAE,EAAE,EAAE,CAAC,CAAC;IACxC,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,UAAU,GAAG,CAAC,CAAE,EAAE,EAAE,CAAC,CAAC;IAC5C,IAAI,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;QAAE,OAAO,IAAI,CAAC;IACtD,MAAM,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,GAAG,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,GAAG,IAAI,EAAE,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;IAC/E,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;AAC/B,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,EAAU;IACnC,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,EAAE,CAAC;IAE/B,iFAAiF;IACjF,qFAAqF;IACrF,IAAI,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC;QAAQ,OAAO,wBAAwB,CAAC;IAE7E,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC;IACnB,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QACZ,MAAM,CAAC,GAAG,SAAS,CAAC,EAAE,CAAC,CAAC;QACxB,IAAI,CAAC,KAAK,IAAI;YAAE,OAAO,uBAAuB,CAAC;QAC/C,IAAI,CAAC,KAAK,UAAU;YAAE,OAAO,uBAAuB,CAAC;QACrD,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,mBAAmB,EAAE,CAAC;YACtD,IAAI,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC;gBAAE,OAAO,KAAK,CAAC;QAC3C,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QACZ,IAAI,KAAK,KAAK,IAAI;YAA2B,OAAO,aAAa,CAAC;QAClE,IAAI,KAAK,KAAK,KAAK;YAA0B,OAAO,UAAU,CAAC;QAE/D,uFAAuF;QACvF,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAC9D,IAAI,QAAQ;YAAE,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAE,CAAC,CAAC;QAC9C,MAAM,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;QACvC,IAAI,MAAM,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,MAAM,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,MAAM,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,MAAM;eAC3E,MAAM,CAAC,CAAC,CAAC,KAAK,MAAM,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,MAAM,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,MAAM,EAAE,CAAC;YAC5E,MAAM,QAAQ,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YACzC,IAAI,QAAQ;gBAAE,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC5C,CAAC;QAED,wEAAwE;QACxE,IAAI,MAAM,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,MAAM,EAAE,CAAC;YACnC,MAAM,QAAQ,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YACzC,IAAI,QAAQ;gBAAE,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC5C,CAAC;QAED,qEAAqE;QACrE,IAAI,MAAM,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC;YAAG,OAAO,wBAAwB,CAAC;QAE7E,oFAAoF;QACpF,wEAAwE;QACxE,oEAAoE;QACpE,IAAI,MAAM,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,CAAC,CAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YAC3E,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC;YAAmB,OAAO,WAAW,CAAC;QAChE,qFAAqF;QACrF,IAAI,MAAM,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,MAAM,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,MAAM;YAAE,OAAO,uBAAuB,CAAC;QAC3F,IAAI,MAAM,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,MAAM,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAAE,OAAO,uBAAuB,CAAC;QACtG,yEAAyE;QACzE,uEAAuE;QACvE,uEAAuE;QACvE,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,OAAO,uBAAuB,CAAC;AACjC,CAAC;AAOD,MAAM,gBAAgB,GAAG,CAAC,KAAc,EAAW,EAAE;IACnD,MAAM,IAAI,GAAI,KAA4B,EAAE,IAAI,CAAC;IACjD,OAAO,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,WAAW,IAAI,IAAI,KAAK,WAAW,CAAC;AAC5E,CAAC,CAAC;AAEF,MAAM,cAAc,GAAG,KAAK,EAAE,IAAY,EAAqB,EAAE;IAC/D,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC;QACxC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC;QAClB,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC;KACnB,CAAC,CAAC;IACH,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW;QAAE,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC;IACzD,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW;QAAE,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC;IACzD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,OAAO,CAAC;IACvC,MAAM,QAAQ,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAA8B,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC;IAC7F,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;QAC7E,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAC3C,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAU;IAC9C,UAAU;IACV,SAAS;IACT,wBAAwB;IACxB,aAAa;IACb,WAAW;IACX,uBAAuB;CACxB,CAAC,CAAC;AAEH,MAAM,0BAA0B,GAAG,IAAI,GAAG,CAAU;IAClD,UAAU;IACV,wBAAwB;IACxB,aAAa;IACb,WAAW;IACX,uBAAuB;CACxB,CAAC,CAAC;AAEH,SAAS,oBAAoB,CAAC,EAAU;IACtC,IAAI,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACjC,MAAM,MAAM,GAAG,gBAAgB,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;IAClD,IAAI,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAC1B,OAAO,MAAM,CAAC,CAAC,CAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;AACrC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,IAAY,EACZ,OAAuB;IAEvB,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,cAAc,CAAC;IAClD,IAAI,GAAa,CAAC;IAClB,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,WAAW,CACnB,iCAAiC,EACjC,oEAAoE,IAAI,GAAG,CAC5E,CAAC;IACJ,CAAC;IAED,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrB,MAAM,IAAI,WAAW,CACnB,wBAAwB,EACxB,2DAA2D,IAAI,GAAG,CACnE,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,OAAO,CAAC,mBAAmB;QACzC,CAAC,CAAC,0BAA0B;QAC5B,CAAC,CAAC,sBAAsB,CAAC;IAE3B,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC;QACrB,MAAM,KAAK,GAAG,UAAU,CAAC,EAAE,CAAC,CAAC;QAC7B,IAAI,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YACvB,MAAM,IAAI,WAAW,CACnB,8BAA8B,EAC9B,oDAAoD,KAAK,8BAA8B,IAAI,GAAG,CAC/F,CAAC;QACJ,CAAC;QACD,0EAA0E;QAC1E,IAAI,oBAAoB,CAAC,EAAE,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,WAAW,CACnB,8BAA8B,EAC9B,kHAAkH,IAAI,GAAG,CAC1H,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,GAAG,CAAC,CAAC,CAAE,CAAC;AACjB,CAAC"}

package/dist/research/untrusted-content.d.ts

@@ -1,13 +0,0 @@
-export interface FetchedContent {
-    url: string;
-    host: string;
-    content: string;
-}
-export declare function wrapFetchedContent(c: FetchedContent): string;
-export interface SearchHit {
-    title: string;
-    url: string;
-    snippet: string;
-}
-export declare function wrapSearchResults(hits: readonly SearchHit[]): string;
-//# sourceMappingURL=untrusted-content.d.ts.map

package/dist/research/untrusted-content.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"untrusted-content.d.ts","sourceRoot":"","sources":["../../src/research/untrusted-content.ts"],"names":[],"mappings":"AAMA,MAAM,WAAW,cAAc;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,wBAAgB,kBAAkB,CAAC,CAAC,EAAE,cAAc,GAAG,MAAM,CAE5D;AAED,MAAM,WAAW,SAAS;IACxB,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,SAAS,SAAS,EAAE,GAAG,MAAM,CAEpE"}

package/dist/research/untrusted-content.js

@@ -1,9 +0,0 @@
-const escapeAttr = (s) => s.replace(/&/g, '&amp;').replace(/"/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
-const escapeBody = (s) => s.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
-export function wrapFetchedContent(c) {
-    return `<external-content url="${escapeAttr(c.url)}" host="${escapeAttr(c.host)}" trustLevel="untrusted">${escapeBody(c.content)}</external-content>`;
-}
-export function wrapSearchResults(hits) {
-    return `<external-search-results trustLevel="untrusted">${escapeBody(JSON.stringify(hits))}</external-search-results>`;
-}
-//# sourceMappingURL=untrusted-content.js.map

package/dist/research/untrusted-content.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"untrusted-content.js","sourceRoot":"","sources":["../../src/research/untrusted-content.ts"],"names":[],"mappings":"AAAA,MAAM,UAAU,GAAG,CAAC,CAAS,EAAE,EAAE,CAC/B,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;AAE/F,MAAM,UAAU,GAAG,CAAC,CAAS,EAAE,EAAE,CAC/B,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;AAQvE,MAAM,UAAU,kBAAkB,CAAC,CAAiB;IAClD,OAAO,0BAA0B,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,WAAW,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,4BAA4B,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,qBAAqB,CAAC;AACxJ,CAAC;AAQD,MAAM,UAAU,iBAAiB,CAAC,IAA0B;IAC1D,OAAO,mDAAmD,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,4BAA4B,CAAC;AACzH,CAAC"}

package/dist/research/web-fetch-helpers.d.ts

@@ -1,44 +0,0 @@
-import type { WebFetchInput, WebFetchErr } from './web-fetch.js';
-/** Max bytes to drain from a redirect response body before giving up. */
-export declare const REDIRECT_DRAIN_CAP: number;
-export declare const REDIRECT_ERR_CODE_MAP: Record<string, string>;
-export interface ValidatedURL {
-    ok: true;
-    url: URL;
-    host: string;
-    pinnedIP: string;
-}
-export interface ValidationFailed {
-    ok: false;
-    reasonCode: string;
-    host?: string;
-}
-/**
- * Races a promise against an AbortSignal. If the signal fires first, throws
- * a DOMException with name 'AbortError' so callers can map it to timeout.
- */
-export declare function withDeadline<T>(promise: Promise<T>, signal: AbortSignal): Promise<T>;
-export declare function validateAndPinURL(raw: string, hostAllowlist: ReadonlySet<string>, privateNetworkHosts: ReadonlySet<string>, resolveIP: WebFetchInput['resolveIP'], signal: AbortSignal): Promise<ValidatedURL | ValidationFailed>;
-export declare function extractContentType(headers: Record<string, string | string[] | undefined>): string;
-export declare function isRedirect(status: number): boolean;
-export declare function extractLocation(headers: Record<string, string | string[] | undefined>): string | null;
-export declare function extractBodyFromHTML(html: string): string;
-export declare function stripCredentialsFromURL(url: URL): boolean;
-/**
- * Read a response body with a byte cap and abort-signal awareness.
- * Stream errors (non-abort) are re-thrown so the caller can map them to
- * web_fetch_body_read_failed rather than silently returning partial content.
- */
-export declare function readBody(body: AsyncIterable<Uint8Array | string> | null, maxBytes: number, signal: AbortSignal): Promise<{
-    text: string;
-    bytesReturned: number;
-    truncated: boolean;
-}>;
-/**
- * Drain a response body with a size cap and abort-signal awareness.
- * Used for redirect responses and rejected content types.
- */
-export declare function drainBody(body: AsyncIterable<unknown> | null, signal: AbortSignal): Promise<void>;
-export declare function isUndiciTimeout(err: unknown): boolean;
-export declare function mapRequestError(err: unknown, signal: AbortSignal, host: string): WebFetchErr;
-//# sourceMappingURL=web-fetch-helpers.d.ts.map

package/dist/research/web-fetch-helpers.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"web-fetch-helpers.d.ts","sourceRoot":"","sources":["../../src/research/web-fetch-helpers.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAEjE,yEAAyE;AACzE,eAAO,MAAM,kBAAkB,QAAY,CAAC;AAE5C,eAAO,MAAM,qBAAqB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAOxD,CAAC;AAEF,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,IAAI,CAAC;IACT,GAAG,EAAE,GAAG,CAAC;IACT,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,KAAK,CAAC;IACV,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED;;;GAGG;AACH,wBAAsB,YAAY,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,CAAC,CAAC,CAgB1F;AAED,wBAAsB,iBAAiB,CACrC,GAAG,EAAE,MAAM,EACX,aAAa,EAAE,WAAW,CAAC,MAAM,CAAC,EAClC,mBAAmB,EAAE,WAAW,CAAC,MAAM,CAAC,EACxC,SAAS,EAAE,aAAa,CAAC,WAAW,CAAC,EACrC,MAAM,EAAE,WAAW,GAClB,OAAO,CAAC,YAAY,GAAG,gBAAgB,CAAC,CAsC1C;AAED,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,GAAG,MAAM,CASjG;AAED,wBAAgB,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAElD;AAED,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,GAAG,MAAM,GAAG,IAAI,CAKrG;AAED,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAiBxD;AAED,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAKzD;AAED;;;;GAIG;AACH,wBAAsB,QAAQ,CAC5B,IAAI,EAAE,aAAa,CAAC,UAAU,GAAG,MAAM,CAAC,GAAG,IAAI,EAC/C,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,WAAW,GAClB,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,aAAa,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,OAAO,CAAA;CAAE,CAAC,CAkCtE;AAED;;;GAGG;AACH,wBAAsB,SAAS,CAC7B,IAAI,EAAE,aAAa,CAAC,OAAO,CAAC,GAAG,IAAI,EACnC,MAAM,EAAE,WAAW,GAClB,OAAO,CAAC,IAAI,CAAC,CAoBf;AAED,wBAAgB,eAAe,CAAC,GAAG,EAAE,OAAO,GAAG,OAAO,CAMrD;AAED,wBAAgB,eAAe,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,GAAG,WAAW,CAW5F"}

package/dist/research/web-fetch-helpers.js

@@ -1,209 +0,0 @@
-import { isIP } from 'node:net';
-import { Readability } from '@mozilla/readability';
-import { JSDOM } from 'jsdom';
-import { resolveAndPin, SsrfBlocked } from './ssrf-guard.js';
-/** Max bytes to drain from a redirect response body before giving up. */
-export const REDIRECT_DRAIN_CAP = 64 * 1024;
-export const REDIRECT_ERR_CODE_MAP = {
-    web_fetch_off_allowlist: 'web_fetch_redirect_off_allowlist',
-    web_fetch_invalid_url: 'web_fetch_redirect_invalid_url',
-    web_fetch_invalid_scheme: 'web_fetch_redirect_scheme_downgrade',
-    web_fetch_ip_literal_blocked: 'web_fetch_redirect_ip_literal_blocked',
-    web_fetch_private_ip_blocked: 'web_fetch_redirect_private_ip_blocked',
-    web_fetch_reserved_ip_blocked: 'web_fetch_redirect_reserved_ip_blocked',
-};
-/**
- * Races a promise against an AbortSignal. If the signal fires first, throws
- * a DOMException with name 'AbortError' so callers can map it to timeout.
- */
-export async function withDeadline(promise, signal) {
-    if (signal.aborted)
-        throw new DOMException('Aborted', 'AbortError');
-    return new Promise((resolve, reject) => {
-        const onAbort = () => reject(new DOMException('Aborted', 'AbortError'));
-        signal.addEventListener('abort', onAbort, { once: true });
-        promise.then((result) => {
-            signal.removeEventListener('abort', onAbort);
-            resolve(result);
-        }, (err) => {
-            signal.removeEventListener('abort', onAbort);
-            reject(err);
-        });
-    });
-}
-export async function validateAndPinURL(raw, hostAllowlist, privateNetworkHosts, resolveIP, signal) {
-    let url;
-    try {
-        url = new URL(raw);
-    }
-    catch {
-        return { ok: false, reasonCode: 'web_fetch_invalid_url' };
-    }
-    if (url.protocol !== 'https:') {
-        return { ok: false, reasonCode: 'web_fetch_invalid_scheme' };
-    }
-    const stripped = url.hostname.replace(/^\[|\]$/g, '');
-    if (isIP(stripped) !== 0) {
-        return { ok: false, reasonCode: 'web_fetch_ip_literal_blocked' };
-    }
-    const host = url.hostname.toLowerCase();
-    if (!hostAllowlist.has(host)) {
-        return { ok: false, reasonCode: 'web_fetch_off_allowlist', host };
-    }
-    const allowPrivate = privateNetworkHosts.has(host);
-    let pinnedIP;
-    try {
-        pinnedIP = await withDeadline(resolveAndPin(host, {
-            resolve: resolveIP ? async (h) => [await resolveIP(h)] : undefined,
-            allowPrivateForHost: allowPrivate,
-        }), signal);
-    }
-    catch (e) {
-        if (e instanceof DOMException && e.name === 'AbortError') {
-            throw e;
-        }
-        if (e instanceof SsrfBlocked) {
-            return { ok: false, reasonCode: e.code, host };
-        }
-        return { ok: false, reasonCode: 'web_fetch_dns_resolution_failed', host };
-    }
-    return { ok: true, url, host, pinnedIP };
-}
-export function extractContentType(headers) {
-    const raw = headers['content-type'];
-    if (typeof raw === 'string') {
-        return raw.split(';')[0].trim().toLowerCase();
-    }
-    if (Array.isArray(raw) && raw.length > 0) {
-        return String(raw[0]).split(';')[0].trim().toLowerCase();
-    }
-    return '';
-}
-export function isRedirect(status) {
-    return status === 301 || status === 302 || status === 303 || status === 307 || status === 308;
-}
-export function extractLocation(headers) {
-    const loc = headers['location'];
-    if (typeof loc === 'string')
-        return loc;
-    if (Array.isArray(loc) && loc.length > 0)
-        return String(loc[0]);
-    return null;
-}
-export function extractBodyFromHTML(html) {
-    let dom;
-    try {
-        dom = new JSDOM(html, { url: 'https://localhost/' });
-        const reader = new Readability(dom.window.document);
-        const article = reader.parse();
-        if (article?.textContent) {
-            return article.textContent;
-        }
-        return dom.window.document.body?.textContent?.trim() ?? html;
-    }
-    catch {
-        try {
-            return dom?.window.document.body?.textContent?.trim() || html;
-        }
-        catch {
-            return html;
-        }
-    }
-}
-export function stripCredentialsFromURL(url) {
-    if (!url.username && !url.password)
-        return false;
-    url.username = '';
-    url.password = '';
-    return true;
-}
-/**
- * Read a response body with a byte cap and abort-signal awareness.
- * Stream errors (non-abort) are re-thrown so the caller can map them to
- * web_fetch_body_read_failed rather than silently returning partial content.
- */
-export async function readBody(body, maxBytes, signal) {
-    if (!body)
-        return { text: '', bytesReturned: 0, truncated: false };
-    const chunks = [];
-    let total = 0;
-    let truncated = false;
-    for await (const chunk of body) {
-        if (signal.aborted) {
-            throw new DOMException('Aborted', 'AbortError');
-        }
-        const remaining = maxBytes - total;
-        if (remaining <= 0) {
-            truncated = true;
-            break;
-        }
-        const value = typeof chunk === 'string' ? Buffer.from(chunk) : chunk;
-        if (value.length > remaining) {
-            chunks.push(value.subarray(0, remaining));
-            total += remaining;
-            truncated = true;
-            break;
-        }
-        chunks.push(value);
-        total += value.length;
-    }
-    const decoder = new TextDecoder();
-    let text = '';
-    for (const chunk of chunks) {
-        text += decoder.decode(chunk, { stream: true });
-    }
-    text += decoder.decode();
-    return { text, bytesReturned: total, truncated };
-}
-/**
- * Drain a response body with a size cap and abort-signal awareness.
- * Used for redirect responses and rejected content types.
- */
-export async function drainBody(body, signal) {
-    if (!body)
-        return;
-    let drained = 0;
-    try {
-        for await (const chunk of body) {
-            if (signal.aborted)
-                break;
-            let len = 0;
-            if (typeof chunk === 'string') {
-                len = Buffer.byteLength(chunk);
-            }
-            else if (chunk instanceof Uint8Array) {
-                len = chunk.length;
-            }
-            else if (Buffer.isBuffer(chunk)) {
-                len = chunk.length;
-            }
-            drained += len;
-            if (drained > REDIRECT_DRAIN_CAP)
-                break;
-        }
-    }
-    catch {
-        // drain errors are ignorable
-    }
-}
-export function isUndiciTimeout(err) {
-    if (!(err instanceof Error))
-        return false;
-    const code = err.code;
-    return code === 'UND_ERR_CONNECT_TIMEOUT'
-        || code === 'UND_ERR_HEADERS_TIMEOUT'
-        || code === 'UND_ERR_BODY_TIMEOUT';
-}
-export function mapRequestError(err, signal, host) {
-    if (signal.aborted) {
-        return { status: 'error', reasonCode: 'web_fetch_timeout', host, credentialsStripped: false };
-    }
-    if (err instanceof DOMException && err.name === 'AbortError') {
-        return { status: 'error', reasonCode: 'web_fetch_timeout', host, credentialsStripped: false };
-    }
-    if (isUndiciTimeout(err)) {
-        return { status: 'error', reasonCode: 'web_fetch_timeout', host, credentialsStripped: false };
-    }
-    return { status: 'error', reasonCode: 'web_fetch_request_failed', host, credentialsStripped: false };
-}
-//# sourceMappingURL=web-fetch-helpers.js.map

package/dist/research/web-fetch-helpers.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"web-fetch-helpers.js","sourceRoot":"","sources":["../../src/research/web-fetch-helpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,UAAU,CAAC;AAChC,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,KAAK,EAAE,MAAM,OAAO,CAAC;AAE9B,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAG7D,yEAAyE;AACzE,MAAM,CAAC,MAAM,kBAAkB,GAAG,EAAE,GAAG,IAAI,CAAC;AAE5C,MAAM,CAAC,MAAM,qBAAqB,GAA2B;IAC3D,uBAAuB,EAAE,kCAAkC;IAC3D,qBAAqB,EAAE,gCAAgC;IACvD,wBAAwB,EAAE,qCAAqC;IAC/D,4BAA4B,EAAE,uCAAuC;IACrE,4BAA4B,EAAE,uCAAuC;IACrE,6BAA6B,EAAE,wCAAwC;CACxE,CAAC;AAeF;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAI,OAAmB,EAAE,MAAmB;IAC5E,IAAI,MAAM,CAAC,OAAO;QAAE,MAAM,IAAI,YAAY,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;IACpE,OAAO,IAAI,OAAO,CAAI,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACxC,MAAM,OAAO,GAAG,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,YAAY,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC,CAAC;QACxE,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QAC1D,OAAO,CAAC,IAAI,CACV,CAAC,MAAM,EAAE,EAAE;YACT,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAC7C,OAAO,CAAC,MAAM,CAAC,CAAC;QAClB,CAAC,EACD,CAAC,GAAG,EAAE,EAAE;YACN,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAC7C,MAAM,CAAC,GAAG,CAAC,CAAC;QACd,CAAC,CACF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,GAAW,EACX,aAAkC,EAClC,mBAAwC,EACxC,SAAqC,EACrC,MAAmB;IAEnB,IAAI,GAAQ,CAAC;IACb,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,uBAAuB,EAAE,CAAC;IAC5D,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,0BAA0B,EAAE,CAAC;IAC/D,CAAC;IACD,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;IACtD,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,8BAA8B,EAAE,CAAC;IACnE,CAAC;IACD,MAAM,IAAI,GAAG,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;IACxC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,yBAAyB,EAAE,IAAI,EAAE,CAAC;IACpE,CAAC;IACD,MAAM,YAAY,GAAG,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACnD,IAAI,QAAgB,CAAC;IACrB,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,YAAY,CAC3B,aAAa,CAAC,IAAI,EAAE;YAClB,OAAO,EAAE,SAAS,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,MAAM,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;YAClE,mBAAmB,EAAE,YAAY;SAClC,CAAC,EACF,MAAM,CACP,CAAC;IACJ,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,CAAC,YAAY,YAAY,IAAI,CAAC,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YACzD,MAAM,CAAC,CAAC;QACV,CAAC;QACD,IAAI,CAAC,YAAY,WAAW,EAAE,CAAC;YAC7B,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC;QACjD,CAAC;QACD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC;IAC5E,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AAC3C,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,OAAsD;IACvF,MAAM,GAAG,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IACpC,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,OAAO,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAE,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACjD,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzC,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAE,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC5D,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,MAAc;IACvC,OAAO,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,GAAG,CAAC;AAChG,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,OAAsD;IACpF,MAAM,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAChC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,GAAG,CAAC;IACxC,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAChE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAC9C,IAAI,GAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,KAAK,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,oBAAoB,EAAE,CAAC,CAAC;QACrD,MAAM,MAAM,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACpD,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;QAC/B,IAAI,OAAO,EAAE,WAAW,EAAE,CAAC;YACzB,OAAO,OAAO,CAAC,WAAW,CAAC;QAC7B,CAAC;QACD,OAAO,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC;IAC/D,CAAC;IAAC,MAAM,CAAC;QACP,IAAI,CAAC;YACH,OAAO,GAAG,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC;QAChE,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;AACH,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,GAAQ;IAC9C,IAAI,CAAC,GAAG,CAAC,QAAQ,IAAI,CAAC,GAAG,CAAC,QAAQ;QAAE,OAAO,KAAK,CAAC;IACjD,GAAG,CAAC,QAAQ,GAAG,EAAE,CAAC;IAClB,GAAG,CAAC,QAAQ,GAAG,EAAE,CAAC;IAClB,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAC5B,IAA+C,EAC/C,QAAgB,EAChB,MAAmB;IAEnB,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,aAAa,EAAE,CAAC,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;IAEnE,MAAM,MAAM,GAAiB,EAAE,CAAC;IAChC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,SAAS,GAAG,KAAK,CAAC;IAEtB,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,IAAI,EAAE,CAAC;QAC/B,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,MAAM,IAAI,YAAY,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;QAClD,CAAC;QACD,MAAM,SAAS,GAAG,QAAQ,GAAG,KAAK,CAAC;QACnC,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;YACnB,SAAS,GAAG,IAAI,CAAC;YACjB,MAAM;QACR,CAAC;QACD,MAAM,KAAK,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;QACrE,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;YAC1C,KAAK,IAAI,SAAS,CAAC;YACnB,SAAS,GAAG,IAAI,CAAC;YACjB,MAAM;QACR,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACnB,KAAK,IAAI,KAAK,CAAC,MAAM,CAAC;IACxB,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,IAAI,IAAI,GAAG,EAAE,CAAC;IACd,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,IAAI,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IAClD,CAAC;IACD,IAAI,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IACzB,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC;AACnD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,IAAmC,EACnC,MAAmB;IAEnB,IAAI,CAAC,IAAI;QAAE,OAAO;IAClB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,IAAI,CAAC;QACH,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,IAAI,EAAE,CAAC;YAC/B,IAAI,MAAM,CAAC,OAAO;gBAAE,MAAM;YAC1B,IAAI,GAAG,GAAG,CAAC,CAAC;YACZ,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;YACjC,CAAC;iBAAM,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBACvC,GAAG,GAAG,KAAK,CAAC,MAAM,CAAC;YACrB,CAAC;iBAAM,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAClC,GAAG,GAAG,KAAK,CAAC,MAAM,CAAC;YACrB,CAAC;YACD,OAAO,IAAI,GAAG,CAAC;YACf,IAAI,OAAO,GAAG,kBAAkB;gBAAE,MAAM;QAC1C,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,6BAA6B;IAC/B,CAAC;AACH,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,GAAY;IAC1C,IAAI,CAAC,CAAC,GAAG,YAAY,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAC1C,MAAM,IAAI,GAAI,GAAyB,CAAC,IAAI,CAAC;IAC7C,OAAO,IAAI,KAAK,yBAAyB;WAClC,IAAI,KAAK,yBAAyB;WAClC,IAAI,KAAK,sBAAsB,CAAC;AACzC,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,GAAY,EAAE,MAAmB,EAAE,IAAY;IAC7E,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,mBAAmB,EAAE,IAAI,EAAE,mBAAmB,EAAE,KAAK,EAAE,CAAC;IAChG,CAAC;IACD,IAAI,GAAG,YAAY,YAAY,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;QAC7D,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,mBAAmB,EAAE,IAAI,EAAE,mBAAmB,EAAE,KAAK,EAAE,CAAC;IAChG,CAAC;IACD,IAAI,eAAe,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,mBAAmB,EAAE,IAAI,EAAE,mBAAmB,EAAE,KAAK,EAAE,CAAC;IAChG,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,0BAA0B,EAAE,IAAI,EAAE,mBAAmB,EAAE,KAAK,EAAE,CAAC;AACvG,CAAC"}

package/dist/research/web-fetch.d.ts

@@ -1,55 +0,0 @@
-import type { LookupFunction } from 'node:net';
-import type { ResearchConfig } from '../config/schema.js';
-export interface WebFetchInput {
-    url: string;
-    cfg: ResearchConfig['fetch'];
-    hostAllowlist: ReadonlySet<string>;
-    privateNetworkHosts?: ReadonlySet<string>;
-    resolveIP?: (host: string) => Promise<string>;
-    /** Test seam — when present, treated as the IP that the connect callback
-     *  "resolved" at request time. Production must not pass this. */
-    _testConnectResolvedIp?: string;
-    /** Test-only injection seam. When set, webFetch uses the returned dispatcher
-     *  (or, if it returns undefined, no dispatcher — so undici's global MockAgent
-     *  can intercept). Production never sets this: it always uses the connect-guard
-     *  agent built in webFetch(). */
-    createDispatcher?: (host: string, pinnedIP: string, cfg: ResearchConfig['fetch']) => import('undici').Dispatcher | undefined;
-}
-export type WebFetchOk = {
-    status: 'ok';
-    body: string;
-    rawText: string;
-    host: string;
-    bytesReturned: number;
-    truncated: boolean;
-    textTruncated: boolean;
-    credentialsStripped: boolean;
-};
-export type WebFetchErr = {
-    status: 'error';
-    reasonCode: string;
-    host?: string;
-    credentialsStripped: boolean;
-};
-export type WebFetchResult = WebFetchOk | WebFetchErr;
-/**
- * Build the SSRF-revalidating `connect.lookup` for the guard agent.
- *
- * undici invokes `connect.lookup` with `{ all: true }` and expects the callback
- * to receive an ARRAY of `{ address, family }` entries — NOT the single-result
- * `dns.lookup(host, (err, address, family) => ...)` form. Returning a bare
- * address string makes undici read `addresses[0].address === undefined`, throw
- * `ERR_INVALID_IP_ADDRESS`, and surface as `web_fetch_request_failed`. Every
- * callback path here therefore returns the array form.
- *
- * Typed as `net.LookupFunction` — the exact type undici's `connect.lookup`
- * field accepts. On error paths we pass an empty address array (undici reads
- * `err` first and never consumes the addresses), which keeps the runtime
- * contract while satisfying the callback's required address argument.
- *
- * Exported for unit testing — it locks the undici lookup contract without
- * requiring real network (see tests/research/web-fetch.test.ts).
- */
-export declare function makeConnectGuardLookup(allowPrivateNetwork: boolean, testResolvedIp: string | undefined): LookupFunction;
-export declare function webFetch(input: WebFetchInput): Promise<WebFetchResult>;
-//# sourceMappingURL=web-fetch.d.ts.map

package/dist/research/web-fetch.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"web-fetch.d.ts","sourceRoot":"","sources":["../../src/research/web-fetch.ts"],"names":[],"mappings":"AAUA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAE/C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAW1D,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAkB,MAAM,CAAC;IAC5B,GAAG,EAAkB,cAAc,CAAC,OAAO,CAAC,CAAC;IAC7C,aAAa,EAAQ,WAAW,CAAC,MAAM,CAAC,CAAC;IACzC,mBAAmB,CAAC,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;IAC1C,SAAS,CAAC,EAAW,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACvD;qEACiE;IACjE,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC;;;qCAGiC;IACjC,gBAAgB,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,cAAc,CAAC,OAAO,CAAC,KAAK,OAAO,QAAQ,EAAE,UAAU,GAAG,SAAS,CAAC;CAC9H;AAED,MAAM,MAAM,UAAU,GAAG;IACvB,MAAM,EAAE,IAAI,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAC1D,aAAa,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,OAAO,CAAC;IAAC,aAAa,EAAE,OAAO,CAAC;IAClE,mBAAmB,EAAE,OAAO,CAAC;CAC9B,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB,MAAM,EAAE,OAAO,CAAC;IAAC,UAAU,EAAE,MAAM,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IAAC,mBAAmB,EAAE,OAAO,CAAC;CAClF,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG,UAAU,GAAG,WAAW,CAAC;AAStD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,sBAAsB,CACpC,mBAAmB,EAAE,OAAO,EAC5B,cAAc,EAAE,MAAM,GAAG,SAAS,GACjC,cAAc,CAkChB;AAeD,wBAAsB,QAAQ,CAAC,KAAK,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC,CAoJ5E"}