docs-agent 1.1.0

package/src/LLM.js

@@ -0,0 +1,463 @@
+/**
+ * A common interface to interact with AI models
+ * @example
+ * const llm = new LLM({ aiService: "anthropic", model: "claude-3-5-sonnet-20240620", maxTokens: 2048, temperature: 0 });
+ * const response = await llm.chat([{ role: "user", content: "Hello, world!" }]);
+ * console.log(response);
+ */
+import { createHash } from "node:crypto";
+import { Tiktoken } from "js-tiktoken/lite";
+import o200k_base from "js-tiktoken/ranks/o200k_base";
+
+/** AI SDKs */
+import { generateText, generateObject } from "ai";
+import { google } from "@ai-sdk/google";
+import { anthropic } from "@ai-sdk/anthropic";
+import { openai } from "@ai-sdk/openai";
+
+import { registerOTel } from '@vercel/otel';
+
+registerOTel({
+  serviceName: "docs-agent"
+});
+/** End AI SDKs */
+
+class LLM {
+    static DEFAULT_MODELS = {
+        anthropic:  "claude-3-5-sonnet-20240620",
+        openai: "gpt-4o-mini",
+        gemini: "gemini-2.0-flash",
+        ollama: "llama3.1:8b"
+    }
+
+    constructor(options) {
+        this.aiService = options?.aiService || process.env.PREFERRED_AI_SERVICE || "anthropic"; // e.g. openai, anthropic, ollama, etc.
+        this.model = options?.model || process.env.PREFERRED_AI_MODEL || "claude-3-5-sonnet-20240620";
+        this.temperature = options?.temperature || process.env.AI_TEMPERATURE || 0;
+        this.maxTokens = options?.maxTokens || process.env.MAX_TOKENS || 2048;
+        this.timeout = options?.timeout || process.env.LLM_TIMEOUT || 60000;
+        this.cacheStore = options?.cacheStore || {};
+        this.maxInputTokens = options?.maxInputTokens || process.env.MAX_INPUT_TOKENS || 100000;
+        this.topP = options?.topP || process.env.AI_TOP_P || 0.95;
+    }
+
+    getApiUrl(aiService) {
+        let apiUrl = null;
+        if (aiService === 'openai') {
+            apiUrl = "https://api.openai.com/v1/chat/completions";
+        } else if (aiService === 'anthropic') {
+            apiUrl = "https://api.anthropic.com/v1/messages";
+        } else if (aiService === 'ollama') {
+            apiUrl = process.env.OLLAMA_API_URL || "http://localhost:11434/api/generate";
+        } else if (aiService === 'gemini') {
+            apiUrl = "https://generativelanguage.googleapis.com/v1beta/openai/chat/completions";
+        } else {
+            throw new Error('Invalid AI service specified. Use "openai", "anthropic", "ollama", or "gemini".');
+        }
+        return apiUrl;
+    }
+
+    getApiKey(aiService) {
+        let apiKey = null;
+        if (aiService === 'openai') {
+            apiKey = process.env.OPENAI_API_KEY;
+        } else if (aiService === 'anthropic') {
+            apiKey = process.env.ANTHROPIC_API_KEY;
+        } else if (aiService === 'ollama') {
+            apiKey = process.env.OLLAMA_API_KEY;
+        } else if (aiService === 'gemini') {
+            apiKey = process.env.GEMINI_API_KEY;
+        } else {
+            throw new Error('Invalid AI service specified. Use "openai", "anthropic", "ollama", or "gemini".');
+        }
+        return apiKey;
+    }
+
+    /**
+     * Chat with the LLM
+     * @param {Array} conversationHistory - The conversation history
+     * @param {Object} llmOptions - The LLM options
+     * @returns {Promise<string>} - The response from the LLM
+     */
+    async chatWithoutTracing(conversationHistory, llmOptions = {}) {
+        let requestBody, headers;
+        let aiService = llmOptions?.aiService || this.aiService;
+        let model = llmOptions?.model || this.model;
+        const apiUrl = this.getApiUrl(aiService);
+        const apiKey = this.getApiKey(aiService);
+        const maxInputTokens = llmOptions?.maxInputTokens || this.maxInputTokens;
+        const estimatedTokens = this.estimateTokens(conversationHistory?.map(message => message?.content)?.join("\n"));
+        console.log("Estimated LLM input tokens:", estimatedTokens);
+        if(estimatedTokens > maxInputTokens){
+            throw new Error("Input tokens exceed the maximum limit of " + maxInputTokens);
+        }
+        requestBody = {
+            model: model
+        };
+        if(requestBody.model?.startsWith("o")){
+            // Reasoning model parameters
+            requestBody.max_completion_tokens = Number(llmOptions?.maxCompletionTokens || this.maxCompletionTokens || llmOptions?.maxTokens || this.maxTokens);
+            requestBody.reasoning_effort = llmOptions?.reasoningEffort || this.reasoningEffort || "medium";
+        } else {
+            requestBody.max_tokens = Number(llmOptions?.maxTokens || this.maxTokens);
+            requestBody.temperature = Number(llmOptions?.temperature || this.temperature);
+            requestBody.top_p = Number(llmOptions?.topP || this.topP || 0.95);
+        }
+        if (aiService === 'anthropic') {
+            if(!apiKey) throw new Error("Anthropic API key is not set");
+            const { system, messages } = this.formatMessageForAnthropic(conversationHistory);
+            if(system) requestBody.system = system;
+            requestBody.messages = messages;
+            headers = {
+                'Content-Type': 'application/json',
+                'x-api-key': `${apiKey}`,
+                'anthropic-version': '2023-06-01',
+            };
+        } else if (aiService === 'openai' || aiService === 'ollama' || aiService === 'gemini') {
+            requestBody.messages = conversationHistory;
+            headers = {
+                'Content-Type': 'application/json',
+                'Authorization': `Bearer ${apiKey}`,
+            };
+        } else {
+            throw new Error('Invalid provider specified. Use "anthropic" or "openai" or "gemini" or "ollama".');
+        }
+        if(llmOptions?.tools){
+            requestBody.tools = llmOptions.tools;
+        }
+        if(llmOptions?.response_format){
+            requestBody.response_format = llmOptions.response_format;
+        }
+        try {
+            const { data, statusCode } = await this.requestWrapper(apiUrl, requestBody, headers);
+            /**
+             * OpenAI chat completion response
+             * {
+                "id": "chatcmpl-123456",
+                "object": "chat.completion",
+                "created": 1728933352,
+                "model": "gpt-4o-2024-08-06",
+                "choices": [
+                    {
+                    "index": 0,
+                    "message": {
+                        "role": "assistant",
+                        "content": "Hi there! How can I assist you today?",
+                        "refusal": null
+                    },
+                    "logprobs": null,
+                    "finish_reason": "stop"
+                    }
+                ],
+                "usage": {
+                    "prompt_tokens": 19,
+                    "completion_tokens": 10,
+                    "total_tokens": 29,
+                    "prompt_tokens_details": {
+                    "cached_tokens": 0
+                    },
+                    "completion_tokens_details": {
+                    "reasoning_tokens": 0,
+                    "accepted_prediction_tokens": 0,
+                    "rejected_prediction_tokens": 0
+                    }
+                },
+                "system_fingerprint": "fp_6b68a8204b"
+             */
+            console.log("LLM chat status code:", statusCode, data?.error?.message);
+            if([429, 529].includes(statusCode)){
+                return await this.retryChatWithAlternateService(conversationHistory, llmOptions);
+            }
+            if(data?.error || (Array.isArray(data) && data[0]?.error)){
+                throw new Error(data?.error?.message || data[0]?.error?.message);
+            }
+            if(statusCode !== 200){
+                //TODO: Handle other status codes
+            }
+            let content = null;
+            switch(aiService){
+                case 'anthropic':
+                    content = this.parseAnthropicChatCompletion(data, llmOptions?.tools);
+                    break;
+                case 'openai':
+                    content = this.parseOpenAIChatCompletion(data, llmOptions?.tools);
+                    break;
+                case 'gemini':
+                    content = this.parseGeminiChatCompletion(data, llmOptions?.tools);
+                    break;
+                case 'ollama':
+                    content = this.parseOllamaChatCompletion(data, llmOptions?.tools);
+                    break;
+            }
+            return content;
+        } catch (error) {
+            console.error(`Error calling ${aiService} API:`, error);
+            return await this.parseError(null, error)
+        }
+    }
+
+    /**
+     * Chat with the LLM, with telemetry support by default
+     * @param {Array<Object>} conversationHistory - The conversation history
+     * @param {Object} llmOptions - The LLM options
+     * @param {Object} telemetryOptions - The telemetry options, if not provided, the default telemetry options will be used
+     * @param {Object} telemetryOptions.isEnabled - Whether to enable telemetry
+     * @param {string} telemetryOptions.functionId - The function ID to be used for telemetry
+     * @param {Object} telemetryOptions.metadata - Additional metadata for telemetry
+     * @returns {Promise<string>} - The response from the LLM
+     */
+    async chat(conversationHistory, llmOptions = {}, telemetryOptions){
+        let aiService = llmOptions?.aiService || this.aiService;
+        let model = llmOptions?.model || this.model;
+        let modelProvider = this.getAIModelProvider(aiService, model);
+        let advancedModelConfig = {};
+        if(!modelProvider?.modelId?.startsWith("o")){
+            advancedModelConfig = {
+                maxTokens: Number(llmOptions?.maxTokens || this.maxTokens),
+                temperature: Number(llmOptions?.temperature || this.temperature),
+                topP: Number(llmOptions?.topP || this.topP || 0.95)
+            }
+        }
+        const aiOptions = {
+            model: modelProvider,
+            messages: conversationHistory,
+            experimental_telemetry: telemetryOptions || {
+                isEnabled: true,
+                functionId: "docs-agent"
+            },
+            ...advancedModelConfig
+        }
+        if(llmOptions?.responseFormat && llmOptions?.responseFormat === "json"){
+            aiOptions.output = "object";
+            aiOptions.schema = llmOptions?.schema;
+            const { object } = await generateObject(aiOptions);
+            return object;
+        }
+        const { text, usage } = await generateText(aiOptions);
+        if (typeof text !== 'string') {
+            console.error('generateText did not return a string:', text);
+        }
+        console.log('Usage:', usage);
+        if(text && llmOptions?.responseFormat && llmOptions?.responseFormat === "json"){
+            return JSON.parse(text);
+        }
+        return text;
+    }
+
+    getAIModelProvider(aiService, model){
+        let modelProvider;
+        if(aiService === "anthropic"){
+            modelProvider = anthropic(model);
+        } else if(aiService === "openai"){
+            modelProvider = openai(model);
+        } else if(aiService === "gemini"){
+            modelProvider = google(model);
+        } else {
+            throw new Error("Invalid AI service specified. Use 'anthropic', 'openai', or 'gemini'.");
+        }
+        return modelProvider;
+    }
+    
+    async retryChatWithAlternateService(conversationHistory, llmOptions = {}){
+        console.log("LLM out of service:", llmOptions.aiService || this.aiService);
+        this.llmOutOfService = this.llmOutOfService || [];
+        this.llmOutOfService.push(llmOptions.aiService || this.aiService);
+        for(let aiService in LLM.DEFAULT_MODELS){
+            if(!this.llmOutOfService.includes(aiService)){
+                console.log("Switching LLM service to:", aiService, LLM.DEFAULT_MODELS[aiService]);
+                let newLLMOptions = Object.assign(llmOptions, {
+                    aiService: aiService,
+                    model: LLM.DEFAULT_MODELS[aiService]
+                });
+                return this.chatWithoutTracing(conversationHistory, newLLMOptions);
+            }
+        }
+        throw new Error("No alternative model found");
+    }
+
+    /**
+     * A wrapper around fetch to cache and rate limit requests, with timeout support
+     * @param {string} apiUrl
+     * @param {Object} requestBody
+     * @param {Object} headers
+     * @param {number} retryCount - Number of retries attempted (internal use)
+     * @param {number} maxRetries - Maximum number of retries allowed
+     * @returns {Promise<Response>}
+     */
+    async requestWrapper(apiUrl, requestBody, headers, retryCount = 0, maxRetries = 3) {
+        const startTime = Date.now();
+        const controller = new AbortController();
+        const timeoutMs = Number(this.timeout || 30000);
+        const timeoutController = setTimeout(() => controller.abort(), timeoutMs);
+        try {
+            const cacheKey = this.cache().createUniqueHashKey(apiUrl, requestBody, headers);
+            const cachedResponse = this.cache().get(cacheKey);
+            if (cachedResponse) {
+                return cachedResponse;
+            }
+
+            const response = await fetch(apiUrl, {
+                method: 'POST',
+                headers: headers,
+                body: JSON.stringify(requestBody),
+                signal: controller.signal
+            });
+
+            const data = await response.json();
+
+            // If we get a 429 or 529 error and haven't exceeded max retries, attempt retry with exponential backoff
+            if ([429, 529].includes(response.status) && retryCount < maxRetries) {
+                // Calculate base delay with exponential backoff (starting at 2s)
+                const baseDelay = Math.min(2000 * Math.pow(2, retryCount+2), 60000); // Cap at 60 seconds
+                
+                // Add random jitter between 0.5x and 1.5x
+                const jitter = 0.5 + Math.random();
+                const backoffDelay = Math.round(baseDelay * jitter);
+                
+                console.log(`API ${response.status === 429 ? 'rate limited' : 'overloaded'}. Retrying in ${backoffDelay/1000} seconds... (Attempt ${retryCount + 1}/${maxRetries})`);
+                
+                await new Promise(resolve => setTimeout(resolve, backoffDelay));
+                return this.requestWrapper(apiUrl, requestBody, headers, retryCount + 1, maxRetries);
+            }
+
+            this.cache().set(cacheKey, response);
+            const totalTime = Date.now() - startTime; // Calculate total time taken
+            console.log(`Request to ${apiUrl} completed in ${totalTime} ms`); // Log the total time
+            return { data, statusCode: response.status };
+        } catch (error) {
+            const totalTime = Date.now() - startTime; // Calculate total time taken
+            console.log(`Request to ${apiUrl} failed in ${totalTime} ms`);
+            console.log("Timeout was set to", this.timeout + "ms");
+            if (error.name === 'AbortError') {
+                console.error(`Request to ${apiUrl} timed out`);
+            }
+            console.error(`Error in request to ${apiUrl}:`, error);
+            throw error;
+        } finally {
+            clearTimeout(timeoutController);
+        }
+    }
+
+    /**
+     * Parse errors from various LLM APIs to create uniform error communication
+     * @param {*} error 
+     * @reference https://platform.openai.com/docs/guides/error-codes/api-error-codes
+     * @reference https://docs.anthropic.com/en/api/errors
+     */
+    parseError(statusCode, error){
+        switch(statusCode){
+            case 400:
+                console.error("Bad request");
+                throw new Error(error?.message || "Bad request");
+            case 401:
+                console.error("Invalid API Key");
+                throw new Error(error?.message || "Invalid API Key");
+            case 403:
+                throw new Error(error?.message || "You are not authorized to access this resource");
+            case 400:
+                throw new Error(error?.message || "Bad request");
+            case 429:
+                throw new Error(error?.message || "Rate limit exceeded");
+            case 404:
+                throw new Error(error?.message || "Not found");
+            case 500:
+                throw new Error(error?.message || "Internal server error");
+            case 503:
+                throw new Error(error?.message || "Service unavailable");
+            case 529:
+                throw new Error(error?.message || "API temporarily overloaded");
+            default:
+                throw new Error(error?.message || "Unknown error");
+        }
+    }
+
+    /**
+     * Converts the messages array to the format required by Anthropic
+     * @param {Array} messages
+     * @returns {Object}
+     * @example 
+     * const { system, messages } = AI.formatMessageForAnthropic(originalMessages);
+     * // originalMessages: [{ role: "system", content: "You are a helpful assistant." }, { role: "user", content: "Hello, world!" }]
+     * // system: { role: "system", content: "You are a helpful assistant." }
+     * // messages: [{ role: "user", content: "Hello, world!" }]
+     */
+    formatMessageForAnthropic(messages){
+        let system;
+        let messagesWithoutSystemMessage = [];
+        for(let i = 0; i < messages.length; i++){
+            if(messages[i].role === "system" && messages[i].content){
+                system = messages[i].content;
+            }else{
+                messagesWithoutSystemMessage.push(messages[i]);
+            }
+        }
+        return { system, messages: messagesWithoutSystemMessage };
+    }
+
+    /**
+     * 
+     * @param {*} data 
+     * @returns 
+     */
+    parseOpenAIChatCompletion(data, tools){
+        if(tools){
+            return { content: data?.choices?.[0]?.message?.content, toolCalls: data?.choices?.[0]?.message?.tool_calls };
+        }
+        return data?.choices?.[0]?.message?.content;
+    }
+
+    /**
+     * 
+     * @param {*} data 
+     * @returns 
+     */
+    parseAnthropicChatCompletion(data, tools){
+        return data?.content[0]?.text;
+    }
+
+    /**
+     * 
+     * @param {*} data 
+     * @returns 
+     */
+    parseOllamaChatCompletion(data, tools){
+        return data.response;
+    }
+
+    parseGeminiChatCompletion(data, tools){
+        // Assuming we're calling OpenAI compatible endpoint https://ai.google.dev/gemini-api/docs/openai
+        return data.choices[0].message.content;
+    }
+
+    cache(){
+        return {
+            get: (key) => {
+                return this.cacheStore[key] || null;    
+            },
+            set: (key, value) => {
+                this.cacheStore[key] = value;
+            },
+            clear: () => {
+                this.cacheStore = {};
+            },
+            createUniqueHashKey(apiUrl, requestBody, headers){
+                const hash = createHash('sha256');
+                hash.update(apiUrl);
+                if(requestBody) hash.update(JSON.stringify(requestBody));
+                if(headers) hash.update(JSON.stringify(headers));
+                return hash.digest('hex');
+            }
+        }
+    }
+
+    /**
+     * Estimate the number of tokens in a text
+     * @param {string} text
+     * @returns {number}
+     */
+    estimateTokens(text){
+        const enc = new Tiktoken(o200k_base);
+        return enc.encode(text).length;
+    }
+}
+export default LLM;

package/src/UrlValidator.js

@@ -0,0 +1,190 @@
+/**
+ * URL validation utility for SSRF protection using allowlist approach
+ * Only allows URLs that are explicitly whitelisted via environment variable
+ */
+
+/**
+ * Validates a webhook URL against the allowlist
+ * @param {string} url - The URL to validate
+ * @returns {string} - The validated URL
+ * @throws {Error} - If the URL is not in the allowlist
+ */
+export function validateWebhookUrl(url) {
+  if (!url || typeof url !== 'string') {
+    throw new Error('Invalid URL: URL must be a non-empty string');
+  }
+
+  let parsedUrl;
+  try {
+    parsedUrl = new URL(url);
+  } catch (error) {
+    throw new Error(`Invalid URL format: ${error.message}`);
+  }
+
+  // Only allow HTTP and HTTPS protocols
+  if (!['http:', 'https:'].includes(parsedUrl.protocol)) {
+    throw new Error(`Blocked protocol: Only HTTP and HTTPS are allowed, got ${parsedUrl.protocol}`);
+  }
+
+  // Disallow embedded credentials in the URL
+  if (parsedUrl.username || parsedUrl.password) {
+    throw new Error('Blocked URL: Credentials in URL are not allowed');
+  }
+
+  // Basic path traversal guard (normalize and compare)
+  // Note: URL API already normalizes, but we defensively reject ".." segments
+  if (parsedUrl.pathname.split('/').some(seg => seg === '..')) {
+    throw new Error('Blocked URL: Path traversal (..) is not allowed');
+  }
+
+  // Get allowlist from environment variable
+  const allowlist = getAllowlist();
+  
+  if (allowlist.length === 0) {
+    throw new Error('No webhook URLs are allowed. Set ALLOWED_WEBHOOK_URLS environment variable to enable webhooks.');
+  }
+
+  // Exact match only: URL must exactly match one of the allowlisted URLs
+  const isAllowed = allowlist.some(allowedUrl => {
+    try {
+      const allowedParsedUrl = new URL(allowedUrl);
+      
+      // Exact match of full URL (scheme, host, path, query)
+      return parsedUrl.href === allowedParsedUrl.href;
+    } catch (error) {
+      // If allowedUrl is not a valid URL, skip it
+      return false;
+    }
+  });
+
+  if (!isAllowed) {
+    throw new Error(`URL not in allowlist: ${url}. Allowed URLs: ${allowlist.join(', ')}`);
+  }
+
+  // Return the canonical, validated user URL (fragments removed)
+  parsedUrl.hash = "";
+  return parsedUrl.toString();
+}
+
+/**
+ * Validates that a remote file URL is hosted on GitHub or GitLab
+ * @param {string} url - The URL to validate
+ * @returns {string} - The canonical validated URL (string)
+ * @throws {Error} - If the URL is not GitHub/GitLab or invalid
+ */
+export function validateGithubOrGitlabUrl(url){
+  if (!url || typeof url !== 'string') {
+    throw new Error('Invalid URL: URL must be a non-empty string');
+  }
+
+  let parsedUrl;
+  try {
+    parsedUrl = new URL(url);
+  } catch (error) {
+    throw new Error(`Invalid URL format: ${error.message}`);
+  }
+
+  if (!['http:', 'https:'].includes(parsedUrl.protocol)) {
+    throw new Error(`Blocked protocol: Only HTTP and HTTPS are allowed, got ${parsedUrl.protocol}`);
+  }
+
+  if (parsedUrl.username || parsedUrl.password) {
+    throw new Error('Blocked URL: Credentials in URL are not allowed');
+  }
+
+  const hostname = parsedUrl.hostname.toLowerCase();
+  // Built-in allowed hosts
+  const builtinAllowedHosts = new Set([
+    'github.com',
+    'raw.githubusercontent.com',
+    'gist.github.com',
+    'gitlab.com',
+  ]);
+
+  // Only allow custom remote hosts if REMOTE_FILE_ALLOW_CUSTOM_HOSTS is "true"
+  const allowCustomHosts = process.env.REMOTE_FILE_ALLOW_CUSTOM_HOSTS === "true";
+  // Env-driven custom domains support: REMOTE_FILE_ALLOWED_HOSTS (comma-separated)
+  // Supports exact hosts and wildcard entries like *.example.com
+  const { exactHosts, wildcardHosts } = allowCustomHosts ? getCustomRemoteHostsFromEnv() : { exactHosts: new Set(), wildcardHosts: [] };
+  if (!allowCustomHosts && (process.env.REMOTE_FILE_ALLOWED_HOSTS && process.env.REMOTE_FILE_ALLOWED_HOSTS.trim() !== "")) {
+    console.warn("Custom remote hosts in REMOTE_FILE_ALLOWED_HOSTS are disabled because REMOTE_FILE_ALLOW_CUSTOM_HOSTS is not set to 'true'. Only builtin hosts are used for remote file reads.");
+  }
+
+  // Check exact host allow
+  const isExactAllowed = builtinAllowedHosts.has(hostname) || exactHosts.has(hostname);
+
+  // Check wildcard hosts
+  const isWildcardAllowed = !isExactAllowed && wildcardHosts.some((pattern) => {
+    // pattern without leading '*.'
+    const base = pattern;
+    return hostname === base || hostname.endsWith('.' + base);
+  });
+
+  if (!isExactAllowed && !isWildcardAllowed) {
+    const allAllowed = Array.from(builtinAllowedHosts);
+    if (allowCustomHosts) {
+      allAllowed.push(...Array.from(exactHosts));
+      allAllowed.push(...wildcardHosts.map(w => `*.${w}`));
+    }
+    throw new Error(`URL host not allowed: ${hostname}. Allowed: ${allAllowed.join(', ')}`);
+  }
+
+  parsedUrl.hash = '';
+  return parsedUrl.toString();
+}
+
+/**
+ * Reads custom allowed remote hosts from env var REMOTE_FILE_ALLOWED_HOSTS
+ * Returns exact hosts and wildcard base domains (without the leading '*.')
+ */
+function getCustomRemoteHostsFromEnv(){
+  const envVal = process.env.REMOTE_FILE_ALLOWED_HOSTS || '';
+  const parts = envVal
+    .split(',')
+    .map(v => v.trim())
+    .filter(Boolean);
+
+  const exactHosts = new Set();
+  const wildcardHosts = [];
+
+  for (const entry of parts) {
+    // Normalize entry by parsing as URL if it looks like one, otherwise treat as hostname
+    let hostCandidate = entry;
+    try {
+      if (entry.startsWith('http://') || entry.startsWith('https://')) {
+        hostCandidate = new URL(entry).hostname;
+      }
+    } catch (_) {
+      // ignore parse errors, treat as raw host
+    }
+    const lower = hostCandidate.toLowerCase();
+    if (lower.startsWith('*.')) {
+      const base = lower.slice(2);
+      if (base) {
+        wildcardHosts.push(base);
+      }
+    } else if (lower) {
+      exactHosts.add(lower);
+    }
+  }
+
+  return { exactHosts, wildcardHosts };
+}
+
+/**
+ * Gets the allowlist from environment variable
+ * @returns {string[]} - Array of allowed URLs
+ */
+function getAllowlist() {
+  const allowlistEnv = process.env.ALLOWED_WEBHOOK_URLS;
+  
+  if (!allowlistEnv) {
+    return [];
+  }
+  
+  // Split by comma and trim whitespace
+  return allowlistEnv
+    .split(',')
+    .map(url => url.trim())
+    .filter(url => url.length > 0);
+}