pi-cursor-sdk 0.1.50 → 0.1.51

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (276) hide show
  1. package/CHANGELOG.md +19 -0
  2. package/README.md +1 -1
  3. package/docs/cursor-live-smoke-checklist.md +4 -4
  4. package/docs/cursor-model-ux-spec.md +5 -5
  5. package/docs/cursor-native-tool-replay.md +2 -2
  6. package/docs/cursor-native-tool-visual-audit.md +1 -1
  7. package/docs/cursor-testing-lessons.md +1 -1
  8. package/package.json +3 -12
  9. package/src/cursor-fallback-models.generated.ts +536 -302
  10. package/src/cursor-provider-errors.ts +29 -0
  11. package/src/cursor-tool-manifest.ts +1 -1
  12. package/node_modules/@connectrpc/connect-node/README.md +0 -141
  13. package/node_modules/@connectrpc/connect-node/dist/cjs/compression.d.ts +0 -15
  14. package/node_modules/@connectrpc/connect-node/dist/cjs/compression.js +0 -89
  15. package/node_modules/@connectrpc/connect-node/dist/cjs/connect-node-adapter.d.ts +0 -42
  16. package/node_modules/@connectrpc/connect-node/dist/cjs/connect-node-adapter.js +0 -61
  17. package/node_modules/@connectrpc/connect-node/dist/cjs/connect-transport.d.ts +0 -100
  18. package/node_modules/@connectrpc/connect-node/dist/cjs/connect-transport.js +0 -25
  19. package/node_modules/@connectrpc/connect-node/dist/cjs/grpc-transport.d.ts +0 -96
  20. package/node_modules/@connectrpc/connect-node/dist/cjs/grpc-transport.js +0 -25
  21. package/node_modules/@connectrpc/connect-node/dist/cjs/grpc-web-transport.d.ts +0 -96
  22. package/node_modules/@connectrpc/connect-node/dist/cjs/grpc-web-transport.js +0 -25
  23. package/node_modules/@connectrpc/connect-node/dist/cjs/http2-session-manager.d.ts +0 -146
  24. package/node_modules/@connectrpc/connect-node/dist/cjs/http2-session-manager.js +0 -536
  25. package/node_modules/@connectrpc/connect-node/dist/cjs/index.d.ts +0 -15
  26. package/node_modules/@connectrpc/connect-node/dist/cjs/index.js +0 -36
  27. package/node_modules/@connectrpc/connect-node/dist/cjs/node-error.d.ts +0 -45
  28. package/node_modules/@connectrpc/connect-node/dist/cjs/node-error.js +0 -154
  29. package/node_modules/@connectrpc/connect-node/dist/cjs/node-headers-polyfill.d.ts +0 -1
  30. package/node_modules/@connectrpc/connect-node/dist/cjs/node-headers-polyfill.js +0 -29
  31. package/node_modules/@connectrpc/connect-node/dist/cjs/node-transport-options.d.ts +0 -89
  32. package/node_modules/@connectrpc/connect-node/dist/cjs/node-transport-options.js +0 -58
  33. package/node_modules/@connectrpc/connect-node/dist/cjs/node-universal-client.d.ts +0 -54
  34. package/node_modules/@connectrpc/connect-node/dist/cjs/node-universal-client.js +0 -326
  35. package/node_modules/@connectrpc/connect-node/dist/cjs/node-universal-handler.d.ts +0 -41
  36. package/node_modules/@connectrpc/connect-node/dist/cjs/node-universal-handler.js +0 -234
  37. package/node_modules/@connectrpc/connect-node/dist/cjs/node-universal-header.d.ts +0 -19
  38. package/node_modules/@connectrpc/connect-node/dist/cjs/node-universal-header.js +0 -97
  39. package/node_modules/@connectrpc/connect-node/dist/cjs/package.json +0 -1
  40. package/node_modules/@connectrpc/connect-node/dist/esm/compression.d.ts +0 -15
  41. package/node_modules/@connectrpc/connect-node/dist/esm/compression.js +0 -86
  42. package/node_modules/@connectrpc/connect-node/dist/esm/connect-node-adapter.d.ts +0 -42
  43. package/node_modules/@connectrpc/connect-node/dist/esm/connect-node-adapter.js +0 -58
  44. package/node_modules/@connectrpc/connect-node/dist/esm/connect-transport.d.ts +0 -100
  45. package/node_modules/@connectrpc/connect-node/dist/esm/connect-transport.js +0 -22
  46. package/node_modules/@connectrpc/connect-node/dist/esm/grpc-transport.d.ts +0 -96
  47. package/node_modules/@connectrpc/connect-node/dist/esm/grpc-transport.js +0 -22
  48. package/node_modules/@connectrpc/connect-node/dist/esm/grpc-web-transport.d.ts +0 -96
  49. package/node_modules/@connectrpc/connect-node/dist/esm/grpc-web-transport.js +0 -22
  50. package/node_modules/@connectrpc/connect-node/dist/esm/http2-session-manager.d.ts +0 -146
  51. package/node_modules/@connectrpc/connect-node/dist/esm/http2-session-manager.js +0 -532
  52. package/node_modules/@connectrpc/connect-node/dist/esm/index.d.ts +0 -15
  53. package/node_modules/@connectrpc/connect-node/dist/esm/index.js +0 -23
  54. package/node_modules/@connectrpc/connect-node/dist/esm/node-error.d.ts +0 -45
  55. package/node_modules/@connectrpc/connect-node/dist/esm/node-error.js +0 -147
  56. package/node_modules/@connectrpc/connect-node/dist/esm/node-headers-polyfill.d.ts +0 -1
  57. package/node_modules/@connectrpc/connect-node/dist/esm/node-headers-polyfill.js +0 -27
  58. package/node_modules/@connectrpc/connect-node/dist/esm/node-transport-options.d.ts +0 -89
  59. package/node_modules/@connectrpc/connect-node/dist/esm/node-transport-options.js +0 -58
  60. package/node_modules/@connectrpc/connect-node/dist/esm/node-universal-client.d.ts +0 -54
  61. package/node_modules/@connectrpc/connect-node/dist/esm/node-universal-client.js +0 -324
  62. package/node_modules/@connectrpc/connect-node/dist/esm/node-universal-handler.d.ts +0 -41
  63. package/node_modules/@connectrpc/connect-node/dist/esm/node-universal-handler.js +0 -230
  64. package/node_modules/@connectrpc/connect-node/dist/esm/node-universal-header.d.ts +0 -19
  65. package/node_modules/@connectrpc/connect-node/dist/esm/node-universal-header.js +0 -93
  66. package/node_modules/@connectrpc/connect-node/package.json +0 -46
  67. package/node_modules/undici/LICENSE +0 -21
  68. package/node_modules/undici/README.md +0 -741
  69. package/node_modules/undici/docs/docs/api/Agent.md +0 -84
  70. package/node_modules/undici/docs/docs/api/BalancedPool.md +0 -99
  71. package/node_modules/undici/docs/docs/api/CacheStorage.md +0 -30
  72. package/node_modules/undici/docs/docs/api/CacheStore.md +0 -164
  73. package/node_modules/undici/docs/docs/api/Client.md +0 -288
  74. package/node_modules/undici/docs/docs/api/ClientStats.md +0 -27
  75. package/node_modules/undici/docs/docs/api/Connector.md +0 -115
  76. package/node_modules/undici/docs/docs/api/ContentType.md +0 -57
  77. package/node_modules/undici/docs/docs/api/Cookies.md +0 -128
  78. package/node_modules/undici/docs/docs/api/Debug.md +0 -62
  79. package/node_modules/undici/docs/docs/api/DiagnosticsChannel.md +0 -315
  80. package/node_modules/undici/docs/docs/api/Dispatcher.md +0 -1392
  81. package/node_modules/undici/docs/docs/api/EnvHttpProxyAgent.md +0 -159
  82. package/node_modules/undici/docs/docs/api/Errors.md +0 -49
  83. package/node_modules/undici/docs/docs/api/EventSource.md +0 -45
  84. package/node_modules/undici/docs/docs/api/Fetch.md +0 -60
  85. package/node_modules/undici/docs/docs/api/GlobalInstallation.md +0 -139
  86. package/node_modules/undici/docs/docs/api/H2CClient.md +0 -263
  87. package/node_modules/undici/docs/docs/api/MockAgent.md +0 -603
  88. package/node_modules/undici/docs/docs/api/MockCallHistory.md +0 -197
  89. package/node_modules/undici/docs/docs/api/MockCallHistoryLog.md +0 -43
  90. package/node_modules/undici/docs/docs/api/MockClient.md +0 -81
  91. package/node_modules/undici/docs/docs/api/MockErrors.md +0 -12
  92. package/node_modules/undici/docs/docs/api/MockPool.md +0 -555
  93. package/node_modules/undici/docs/docs/api/Pool.md +0 -84
  94. package/node_modules/undici/docs/docs/api/PoolStats.md +0 -35
  95. package/node_modules/undici/docs/docs/api/ProxyAgent.md +0 -229
  96. package/node_modules/undici/docs/docs/api/RedirectHandler.md +0 -93
  97. package/node_modules/undici/docs/docs/api/RetryAgent.md +0 -50
  98. package/node_modules/undici/docs/docs/api/RetryHandler.md +0 -118
  99. package/node_modules/undici/docs/docs/api/RoundRobinPool.md +0 -145
  100. package/node_modules/undici/docs/docs/api/SnapshotAgent.md +0 -616
  101. package/node_modules/undici/docs/docs/api/Socks5ProxyAgent.md +0 -275
  102. package/node_modules/undici/docs/docs/api/Util.md +0 -25
  103. package/node_modules/undici/docs/docs/api/WebSocket.md +0 -141
  104. package/node_modules/undici/docs/docs/api/api-lifecycle.md +0 -91
  105. package/node_modules/undici/docs/docs/best-practices/client-certificate.md +0 -64
  106. package/node_modules/undici/docs/docs/best-practices/crawling.md +0 -58
  107. package/node_modules/undici/docs/docs/best-practices/mocking-request.md +0 -190
  108. package/node_modules/undici/docs/docs/best-practices/proxy.md +0 -127
  109. package/node_modules/undici/docs/docs/best-practices/undici-vs-builtin-fetch.md +0 -224
  110. package/node_modules/undici/docs/docs/best-practices/writing-tests.md +0 -63
  111. package/node_modules/undici/index-fetch.js +0 -65
  112. package/node_modules/undici/index.d.ts +0 -3
  113. package/node_modules/undici/index.js +0 -234
  114. package/node_modules/undici/lib/api/abort-signal.js +0 -59
  115. package/node_modules/undici/lib/api/api-connect.js +0 -110
  116. package/node_modules/undici/lib/api/api-pipeline.js +0 -252
  117. package/node_modules/undici/lib/api/api-request.js +0 -214
  118. package/node_modules/undici/lib/api/api-stream.js +0 -209
  119. package/node_modules/undici/lib/api/api-upgrade.js +0 -111
  120. package/node_modules/undici/lib/api/index.js +0 -7
  121. package/node_modules/undici/lib/api/readable.js +0 -580
  122. package/node_modules/undici/lib/cache/memory-cache-store.js +0 -234
  123. package/node_modules/undici/lib/cache/sqlite-cache-store.js +0 -461
  124. package/node_modules/undici/lib/core/connect.js +0 -153
  125. package/node_modules/undici/lib/core/constants.js +0 -143
  126. package/node_modules/undici/lib/core/diagnostics.js +0 -227
  127. package/node_modules/undici/lib/core/errors.js +0 -477
  128. package/node_modules/undici/lib/core/request.js +0 -453
  129. package/node_modules/undici/lib/core/socks5-client.js +0 -422
  130. package/node_modules/undici/lib/core/socks5-utils.js +0 -212
  131. package/node_modules/undici/lib/core/symbols.js +0 -75
  132. package/node_modules/undici/lib/core/tree.js +0 -160
  133. package/node_modules/undici/lib/core/util.js +0 -992
  134. package/node_modules/undici/lib/dispatcher/agent.js +0 -158
  135. package/node_modules/undici/lib/dispatcher/balanced-pool.js +0 -219
  136. package/node_modules/undici/lib/dispatcher/client-h1.js +0 -1722
  137. package/node_modules/undici/lib/dispatcher/client-h2.js +0 -995
  138. package/node_modules/undici/lib/dispatcher/client.js +0 -664
  139. package/node_modules/undici/lib/dispatcher/dispatcher-base.js +0 -184
  140. package/node_modules/undici/lib/dispatcher/dispatcher.js +0 -48
  141. package/node_modules/undici/lib/dispatcher/env-http-proxy-agent.js +0 -146
  142. package/node_modules/undici/lib/dispatcher/fixed-queue.js +0 -135
  143. package/node_modules/undici/lib/dispatcher/h2c-client.js +0 -51
  144. package/node_modules/undici/lib/dispatcher/pool-base.js +0 -214
  145. package/node_modules/undici/lib/dispatcher/pool.js +0 -118
  146. package/node_modules/undici/lib/dispatcher/proxy-agent.js +0 -319
  147. package/node_modules/undici/lib/dispatcher/retry-agent.js +0 -35
  148. package/node_modules/undici/lib/dispatcher/round-robin-pool.js +0 -137
  149. package/node_modules/undici/lib/dispatcher/socks5-proxy-agent.js +0 -260
  150. package/node_modules/undici/lib/encoding/index.js +0 -33
  151. package/node_modules/undici/lib/global.js +0 -59
  152. package/node_modules/undici/lib/handler/cache-handler.js +0 -578
  153. package/node_modules/undici/lib/handler/cache-revalidation-handler.js +0 -124
  154. package/node_modules/undici/lib/handler/decorator-handler.js +0 -67
  155. package/node_modules/undici/lib/handler/deduplication-handler.js +0 -460
  156. package/node_modules/undici/lib/handler/redirect-handler.js +0 -238
  157. package/node_modules/undici/lib/handler/retry-handler.js +0 -394
  158. package/node_modules/undici/lib/handler/unwrap-handler.js +0 -106
  159. package/node_modules/undici/lib/handler/wrap-handler.js +0 -105
  160. package/node_modules/undici/lib/interceptor/cache.js +0 -495
  161. package/node_modules/undici/lib/interceptor/decompress.js +0 -259
  162. package/node_modules/undici/lib/interceptor/deduplicate.js +0 -117
  163. package/node_modules/undici/lib/interceptor/dns.js +0 -571
  164. package/node_modules/undici/lib/interceptor/dump.js +0 -112
  165. package/node_modules/undici/lib/interceptor/redirect.js +0 -21
  166. package/node_modules/undici/lib/interceptor/response-error.js +0 -95
  167. package/node_modules/undici/lib/interceptor/retry.js +0 -19
  168. package/node_modules/undici/lib/llhttp/.gitkeep +0 -0
  169. package/node_modules/undici/lib/llhttp/constants.d.ts +0 -195
  170. package/node_modules/undici/lib/llhttp/constants.js +0 -531
  171. package/node_modules/undici/lib/llhttp/llhttp-wasm.js +0 -15
  172. package/node_modules/undici/lib/llhttp/llhttp_simd-wasm.js +0 -15
  173. package/node_modules/undici/lib/llhttp/utils.d.ts +0 -2
  174. package/node_modules/undici/lib/llhttp/utils.js +0 -12
  175. package/node_modules/undici/lib/mock/mock-agent.js +0 -232
  176. package/node_modules/undici/lib/mock/mock-call-history.js +0 -248
  177. package/node_modules/undici/lib/mock/mock-client.js +0 -68
  178. package/node_modules/undici/lib/mock/mock-errors.js +0 -29
  179. package/node_modules/undici/lib/mock/mock-interceptor.js +0 -209
  180. package/node_modules/undici/lib/mock/mock-pool.js +0 -68
  181. package/node_modules/undici/lib/mock/mock-symbols.js +0 -32
  182. package/node_modules/undici/lib/mock/mock-utils.js +0 -486
  183. package/node_modules/undici/lib/mock/pending-interceptors-formatter.js +0 -43
  184. package/node_modules/undici/lib/mock/snapshot-agent.js +0 -353
  185. package/node_modules/undici/lib/mock/snapshot-recorder.js +0 -588
  186. package/node_modules/undici/lib/mock/snapshot-utils.js +0 -158
  187. package/node_modules/undici/lib/util/cache.js +0 -414
  188. package/node_modules/undici/lib/util/date.js +0 -653
  189. package/node_modules/undici/lib/util/promise.js +0 -28
  190. package/node_modules/undici/lib/util/runtime-features.js +0 -124
  191. package/node_modules/undici/lib/util/stats.js +0 -32
  192. package/node_modules/undici/lib/util/timers.js +0 -425
  193. package/node_modules/undici/lib/web/cache/cache.js +0 -864
  194. package/node_modules/undici/lib/web/cache/cachestorage.js +0 -152
  195. package/node_modules/undici/lib/web/cache/util.js +0 -45
  196. package/node_modules/undici/lib/web/cookies/constants.js +0 -12
  197. package/node_modules/undici/lib/web/cookies/index.js +0 -199
  198. package/node_modules/undici/lib/web/cookies/parse.js +0 -314
  199. package/node_modules/undici/lib/web/cookies/util.js +0 -282
  200. package/node_modules/undici/lib/web/eventsource/eventsource-stream.js +0 -399
  201. package/node_modules/undici/lib/web/eventsource/eventsource.js +0 -501
  202. package/node_modules/undici/lib/web/eventsource/util.js +0 -29
  203. package/node_modules/undici/lib/web/fetch/LICENSE +0 -21
  204. package/node_modules/undici/lib/web/fetch/body.js +0 -509
  205. package/node_modules/undici/lib/web/fetch/constants.js +0 -131
  206. package/node_modules/undici/lib/web/fetch/data-url.js +0 -596
  207. package/node_modules/undici/lib/web/fetch/formdata-parser.js +0 -586
  208. package/node_modules/undici/lib/web/fetch/formdata.js +0 -259
  209. package/node_modules/undici/lib/web/fetch/global.js +0 -40
  210. package/node_modules/undici/lib/web/fetch/headers.js +0 -719
  211. package/node_modules/undici/lib/web/fetch/index.js +0 -2413
  212. package/node_modules/undici/lib/web/fetch/request.js +0 -1115
  213. package/node_modules/undici/lib/web/fetch/response.js +0 -641
  214. package/node_modules/undici/lib/web/fetch/util.js +0 -1522
  215. package/node_modules/undici/lib/web/infra/index.js +0 -229
  216. package/node_modules/undici/lib/web/subresource-integrity/Readme.md +0 -9
  217. package/node_modules/undici/lib/web/subresource-integrity/subresource-integrity.js +0 -307
  218. package/node_modules/undici/lib/web/webidl/index.js +0 -1006
  219. package/node_modules/undici/lib/web/websocket/connection.js +0 -329
  220. package/node_modules/undici/lib/web/websocket/constants.js +0 -126
  221. package/node_modules/undici/lib/web/websocket/events.js +0 -331
  222. package/node_modules/undici/lib/web/websocket/frame.js +0 -133
  223. package/node_modules/undici/lib/web/websocket/permessage-deflate.js +0 -100
  224. package/node_modules/undici/lib/web/websocket/receiver.js +0 -507
  225. package/node_modules/undici/lib/web/websocket/sender.js +0 -109
  226. package/node_modules/undici/lib/web/websocket/stream/websocketerror.js +0 -104
  227. package/node_modules/undici/lib/web/websocket/stream/websocketstream.js +0 -498
  228. package/node_modules/undici/lib/web/websocket/util.js +0 -347
  229. package/node_modules/undici/lib/web/websocket/websocket.js +0 -758
  230. package/node_modules/undici/package.json +0 -152
  231. package/node_modules/undici/scripts/strip-comments.js +0 -10
  232. package/node_modules/undici/types/README.md +0 -6
  233. package/node_modules/undici/types/agent.d.ts +0 -32
  234. package/node_modules/undici/types/api.d.ts +0 -43
  235. package/node_modules/undici/types/balanced-pool.d.ts +0 -30
  236. package/node_modules/undici/types/cache-interceptor.d.ts +0 -179
  237. package/node_modules/undici/types/cache.d.ts +0 -36
  238. package/node_modules/undici/types/client-stats.d.ts +0 -15
  239. package/node_modules/undici/types/client.d.ts +0 -139
  240. package/node_modules/undici/types/connector.d.ts +0 -36
  241. package/node_modules/undici/types/content-type.d.ts +0 -21
  242. package/node_modules/undici/types/cookies.d.ts +0 -30
  243. package/node_modules/undici/types/diagnostics-channel.d.ts +0 -74
  244. package/node_modules/undici/types/dispatcher.d.ts +0 -275
  245. package/node_modules/undici/types/env-http-proxy-agent.d.ts +0 -22
  246. package/node_modules/undici/types/errors.d.ts +0 -177
  247. package/node_modules/undici/types/eventsource.d.ts +0 -66
  248. package/node_modules/undici/types/fetch.d.ts +0 -231
  249. package/node_modules/undici/types/formdata.d.ts +0 -114
  250. package/node_modules/undici/types/global-dispatcher.d.ts +0 -9
  251. package/node_modules/undici/types/global-origin.d.ts +0 -7
  252. package/node_modules/undici/types/h2c-client.d.ts +0 -73
  253. package/node_modules/undici/types/handlers.d.ts +0 -14
  254. package/node_modules/undici/types/header.d.ts +0 -160
  255. package/node_modules/undici/types/index.d.ts +0 -91
  256. package/node_modules/undici/types/interceptors.d.ts +0 -80
  257. package/node_modules/undici/types/mock-agent.d.ts +0 -68
  258. package/node_modules/undici/types/mock-call-history.d.ts +0 -111
  259. package/node_modules/undici/types/mock-client.d.ts +0 -27
  260. package/node_modules/undici/types/mock-errors.d.ts +0 -12
  261. package/node_modules/undici/types/mock-interceptor.d.ts +0 -94
  262. package/node_modules/undici/types/mock-pool.d.ts +0 -27
  263. package/node_modules/undici/types/patch.d.ts +0 -29
  264. package/node_modules/undici/types/pool-stats.d.ts +0 -19
  265. package/node_modules/undici/types/pool.d.ts +0 -41
  266. package/node_modules/undici/types/proxy-agent.d.ts +0 -29
  267. package/node_modules/undici/types/readable.d.ts +0 -68
  268. package/node_modules/undici/types/retry-agent.d.ts +0 -8
  269. package/node_modules/undici/types/retry-handler.d.ts +0 -125
  270. package/node_modules/undici/types/round-robin-pool.d.ts +0 -41
  271. package/node_modules/undici/types/snapshot-agent.d.ts +0 -109
  272. package/node_modules/undici/types/socks5-proxy-agent.d.ts +0 -25
  273. package/node_modules/undici/types/util.d.ts +0 -18
  274. package/node_modules/undici/types/utility.d.ts +0 -7
  275. package/node_modules/undici/types/webidl.d.ts +0 -347
  276. package/node_modules/undici/types/websocket.d.ts +0 -188
@@ -1,229 +0,0 @@
1
- 'use strict'
2
-
3
- const assert = require('node:assert')
4
- const { utf8DecodeBytes } = require('../../encoding')
5
-
6
- /**
7
- * @param {(char: string) => boolean} condition
8
- * @param {string} input
9
- * @param {{ position: number }} position
10
- * @returns {string}
11
- *
12
- * @see https://infra.spec.whatwg.org/#collect-a-sequence-of-code-points
13
- */
14
- function collectASequenceOfCodePoints (condition, input, position) {
15
- // 1. Let result be the empty string.
16
- let result = ''
17
-
18
- // 2. While position doesn’t point past the end of input and the
19
- // code point at position within input meets the condition condition:
20
- while (position.position < input.length && condition(input[position.position])) {
21
- // 1. Append that code point to the end of result.
22
- result += input[position.position]
23
-
24
- // 2. Advance position by 1.
25
- position.position++
26
- }
27
-
28
- // 3. Return result.
29
- return result
30
- }
31
-
32
- /**
33
- * A faster collectASequenceOfCodePoints that only works when comparing a single character.
34
- * @param {string} char
35
- * @param {string} input
36
- * @param {{ position: number }} position
37
- * @returns {string}
38
- *
39
- * @see https://infra.spec.whatwg.org/#collect-a-sequence-of-code-points
40
- */
41
- function collectASequenceOfCodePointsFast (char, input, position) {
42
- const idx = input.indexOf(char, position.position)
43
- const start = position.position
44
-
45
- if (idx === -1) {
46
- position.position = input.length
47
- return input.slice(start)
48
- }
49
-
50
- position.position = idx
51
- return input.slice(start, position.position)
52
- }
53
-
54
- const ASCII_WHITESPACE_REPLACE_REGEX = /[\u0009\u000A\u000C\u000D\u0020]/g // eslint-disable-line no-control-regex
55
-
56
- /**
57
- * @param {string} data
58
- * @returns {Uint8Array | 'failure'}
59
- *
60
- * @see https://infra.spec.whatwg.org/#forgiving-base64-decode
61
- */
62
- function forgivingBase64 (data) {
63
- // 1. Remove all ASCII whitespace from data.
64
- data = data.replace(ASCII_WHITESPACE_REPLACE_REGEX, '')
65
-
66
- let dataLength = data.length
67
- // 2. If data’s code point length divides by 4 leaving
68
- // no remainder, then:
69
- if (dataLength % 4 === 0) {
70
- // 1. If data ends with one or two U+003D (=) code points,
71
- // then remove them from data.
72
- if (data.charCodeAt(dataLength - 1) === 0x003D) {
73
- --dataLength
74
- if (data.charCodeAt(dataLength - 1) === 0x003D) {
75
- --dataLength
76
- }
77
- }
78
- }
79
-
80
- // 3. If data’s code point length divides by 4 leaving
81
- // a remainder of 1, then return failure.
82
- if (dataLength % 4 === 1) {
83
- return 'failure'
84
- }
85
-
86
- // 4. If data contains a code point that is not one of
87
- // U+002B (+)
88
- // U+002F (/)
89
- // ASCII alphanumeric
90
- // then return failure.
91
- if (/[^+/0-9A-Za-z]/.test(data.length === dataLength ? data : data.substring(0, dataLength))) {
92
- return 'failure'
93
- }
94
-
95
- const buffer = Buffer.from(data, 'base64')
96
- return new Uint8Array(buffer.buffer, buffer.byteOffset, buffer.byteLength)
97
- }
98
-
99
- /**
100
- * @param {number} char
101
- * @returns {boolean}
102
- *
103
- * @see https://infra.spec.whatwg.org/#ascii-whitespace
104
- */
105
- function isASCIIWhitespace (char) {
106
- return (
107
- char === 0x09 || // \t
108
- char === 0x0a || // \n
109
- char === 0x0c || // \f
110
- char === 0x0d || // \r
111
- char === 0x20 // space
112
- )
113
- }
114
-
115
- /**
116
- * @param {Uint8Array} input
117
- * @returns {string}
118
- *
119
- * @see https://infra.spec.whatwg.org/#isomorphic-decode
120
- */
121
- function isomorphicDecode (input) {
122
- // 1. To isomorphic decode a byte sequence input, return a string whose code point
123
- // length is equal to input’s length and whose code points have the same values
124
- // as the values of input’s bytes, in the same order.
125
- const length = input.length
126
- if ((2 << 15) - 1 > length) {
127
- return String.fromCharCode.apply(null, input)
128
- }
129
- let result = ''
130
- let i = 0
131
- let addition = (2 << 15) - 1
132
- while (i < length) {
133
- if (i + addition > length) {
134
- addition = length - i
135
- }
136
- result += String.fromCharCode.apply(null, input.subarray(i, i += addition))
137
- }
138
- return result
139
- }
140
-
141
- const invalidIsomorphicEncodeValueRegex = /[^\x00-\xFF]/ // eslint-disable-line no-control-regex
142
-
143
- /**
144
- * @param {string} input
145
- * @returns {string}
146
- *
147
- * @see https://infra.spec.whatwg.org/#isomorphic-encode
148
- */
149
- function isomorphicEncode (input) {
150
- // 1. Assert: input contains no code points greater than U+00FF.
151
- assert(!invalidIsomorphicEncodeValueRegex.test(input))
152
-
153
- // 2. Return a byte sequence whose length is equal to input’s code
154
- // point length and whose bytes have the same values as the
155
- // values of input’s code points, in the same order
156
- return input
157
- }
158
-
159
- /**
160
- * @see https://infra.spec.whatwg.org/#parse-json-bytes-to-a-javascript-value
161
- * @param {Uint8Array} bytes
162
- */
163
- function parseJSONFromBytes (bytes) {
164
- return JSON.parse(utf8DecodeBytes(bytes))
165
- }
166
-
167
- /**
168
- * @param {string} str
169
- * @param {boolean} [leading=true]
170
- * @param {boolean} [trailing=true]
171
- * @returns {string}
172
- *
173
- * @see https://infra.spec.whatwg.org/#strip-leading-and-trailing-ascii-whitespace
174
- */
175
- function removeASCIIWhitespace (str, leading = true, trailing = true) {
176
- return removeChars(str, leading, trailing, isASCIIWhitespace)
177
- }
178
-
179
- /**
180
- * @param {string} str
181
- * @param {boolean} leading
182
- * @param {boolean} trailing
183
- * @param {(charCode: number) => boolean} predicate
184
- * @returns {string}
185
- */
186
- function removeChars (str, leading, trailing, predicate) {
187
- let lead = 0
188
- let trail = str.length - 1
189
-
190
- if (leading) {
191
- while (lead < str.length && predicate(str.charCodeAt(lead))) lead++
192
- }
193
-
194
- if (trailing) {
195
- while (trail > 0 && predicate(str.charCodeAt(trail))) trail--
196
- }
197
-
198
- return lead === 0 && trail === str.length - 1 ? str : str.slice(lead, trail + 1)
199
- }
200
-
201
- // https://infra.spec.whatwg.org/#serialize-a-javascript-value-to-a-json-string
202
- function serializeJavascriptValueToJSONString (value) {
203
- // 1. Let result be ? Call(%JSON.stringify%, undefined, « value »).
204
- const result = JSON.stringify(value)
205
-
206
- // 2. If result is undefined, then throw a TypeError.
207
- if (result === undefined) {
208
- throw new TypeError('Value is not JSON serializable')
209
- }
210
-
211
- // 3. Assert: result is a string.
212
- assert(typeof result === 'string')
213
-
214
- // 4. Return result.
215
- return result
216
- }
217
-
218
- module.exports = {
219
- collectASequenceOfCodePoints,
220
- collectASequenceOfCodePointsFast,
221
- forgivingBase64,
222
- isASCIIWhitespace,
223
- isomorphicDecode,
224
- isomorphicEncode,
225
- parseJSONFromBytes,
226
- removeASCIIWhitespace,
227
- removeChars,
228
- serializeJavascriptValueToJSONString
229
- }
@@ -1,9 +0,0 @@
1
- # Subresource Integrity
2
-
3
- based on Editor’s Draft, 12 June 2025
4
-
5
- This module provides support for Subresource Integrity (SRI) in the context of web fetch operations. SRI is a security feature that allows clients to verify that fetched resources are delivered without unexpected manipulation.
6
-
7
- ## Links
8
-
9
- - [Subresource Integrity](https://w3c.github.io/webappsec-subresource-integrity/)
@@ -1,307 +0,0 @@
1
- 'use strict'
2
-
3
- const assert = require('node:assert')
4
- const { runtimeFeatures } = require('../../util/runtime-features.js')
5
-
6
- /**
7
- * @typedef {object} Metadata
8
- * @property {SRIHashAlgorithm} alg - The algorithm used for the hash.
9
- * @property {string} val - The base64-encoded hash value.
10
- */
11
-
12
- /**
13
- * @typedef {Metadata[]} MetadataList
14
- */
15
-
16
- /**
17
- * @typedef {('sha256' | 'sha384' | 'sha512')} SRIHashAlgorithm
18
- */
19
-
20
- /**
21
- * @type {Map<SRIHashAlgorithm, number>}
22
- *
23
- * The valid SRI hash algorithm token set is the ordered set « "sha256",
24
- * "sha384", "sha512" » (corresponding to SHA-256, SHA-384, and SHA-512
25
- * respectively). The ordering of this set is meaningful, with stronger
26
- * algorithms appearing later in the set.
27
- *
28
- * @see https://w3c.github.io/webappsec-subresource-integrity/#valid-sri-hash-algorithm-token-set
29
- */
30
- const validSRIHashAlgorithmTokenSet = new Map([['sha256', 0], ['sha384', 1], ['sha512', 2]])
31
-
32
- // https://nodejs.org/api/crypto.html#determining-if-crypto-support-is-unavailable
33
- /** @type {import('node:crypto')} */
34
- let crypto
35
-
36
- if (runtimeFeatures.has('crypto')) {
37
- crypto = require('node:crypto')
38
- const cryptoHashes = crypto.getHashes()
39
-
40
- // If no hashes are available, we cannot support SRI.
41
- if (cryptoHashes.length === 0) {
42
- validSRIHashAlgorithmTokenSet.clear()
43
- }
44
-
45
- for (const algorithm of validSRIHashAlgorithmTokenSet.keys()) {
46
- // If the algorithm is not supported, remove it from the list.
47
- if (cryptoHashes.includes(algorithm) === false) {
48
- validSRIHashAlgorithmTokenSet.delete(algorithm)
49
- }
50
- }
51
- } else {
52
- // If crypto is not available, we cannot support SRI.
53
- validSRIHashAlgorithmTokenSet.clear()
54
- }
55
-
56
- /**
57
- * @typedef GetSRIHashAlgorithmIndex
58
- * @type {(algorithm: SRIHashAlgorithm) => number}
59
- * @param {SRIHashAlgorithm} algorithm
60
- * @returns {number} The index of the algorithm in the valid SRI hash algorithm
61
- * token set.
62
- */
63
-
64
- const getSRIHashAlgorithmIndex = /** @type {GetSRIHashAlgorithmIndex} */ (Map.prototype.get.bind(
65
- validSRIHashAlgorithmTokenSet))
66
-
67
- /**
68
- * @typedef IsValidSRIHashAlgorithm
69
- * @type {(algorithm: string) => algorithm is SRIHashAlgorithm}
70
- * @param {*} algorithm
71
- * @returns {algorithm is SRIHashAlgorithm}
72
- */
73
-
74
- const isValidSRIHashAlgorithm = /** @type {IsValidSRIHashAlgorithm} */ (
75
- Map.prototype.has.bind(validSRIHashAlgorithmTokenSet)
76
- )
77
-
78
- /**
79
- * @param {Uint8Array} bytes
80
- * @param {string} metadataList
81
- * @returns {boolean}
82
- *
83
- * @see https://w3c.github.io/webappsec-subresource-integrity/#does-response-match-metadatalist
84
- */
85
- const bytesMatch = runtimeFeatures.has('crypto') === false || validSRIHashAlgorithmTokenSet.size === 0
86
- // If node is not built with OpenSSL support, we cannot check
87
- // a request's integrity, so allow it by default (the spec will
88
- // allow requests if an invalid hash is given, as precedence).
89
- ? () => true
90
- : (bytes, metadataList) => {
91
- // 1. Let parsedMetadata be the result of parsing metadataList.
92
- const parsedMetadata = parseMetadata(metadataList)
93
-
94
- // 2. If parsedMetadata is empty set, return true.
95
- if (parsedMetadata.length === 0) {
96
- return true
97
- }
98
-
99
- // 3. Let metadata be the result of getting the strongest
100
- // metadata from parsedMetadata.
101
- const metadata = getStrongestMetadata(parsedMetadata)
102
-
103
- // 4. For each item in metadata:
104
- for (const item of metadata) {
105
- // 1. Let algorithm be the item["alg"].
106
- const algorithm = item.alg
107
-
108
- // 2. Let expectedValue be the item["val"].
109
- const expectedValue = item.val
110
-
111
- // See https://github.com/web-platform-tests/wpt/commit/e4c5cc7a5e48093220528dfdd1c4012dc3837a0e
112
- // "be liberal with padding". This is annoying, and it's not even in the spec.
113
-
114
- // 3. Let actualValue be the result of applying algorithm to bytes .
115
- const actualValue = applyAlgorithmToBytes(algorithm, bytes)
116
-
117
- // 4. If actualValue is a case-sensitive match for expectedValue,
118
- // return true.
119
- if (caseSensitiveMatch(actualValue, expectedValue)) {
120
- return true
121
- }
122
- }
123
-
124
- // 5. Return false.
125
- return false
126
- }
127
-
128
- /**
129
- * @param {MetadataList} metadataList
130
- * @returns {MetadataList} The strongest hash algorithm from the metadata list.
131
- */
132
- function getStrongestMetadata (metadataList) {
133
- // 1. Let result be the empty set and strongest be the empty string.
134
- const result = []
135
- /** @type {Metadata|null} */
136
- let strongest = null
137
-
138
- // 2. For each item in set:
139
- for (const item of metadataList) {
140
- // 1. Assert: item["alg"] is a valid SRI hash algorithm token.
141
- assert(isValidSRIHashAlgorithm(item.alg), 'Invalid SRI hash algorithm token')
142
-
143
- // 2. If result is the empty set, then:
144
- if (result.length === 0) {
145
- // 1. Append item to result.
146
- result.push(item)
147
-
148
- // 2. Set strongest to item.
149
- strongest = item
150
-
151
- // 3. Continue.
152
- continue
153
- }
154
-
155
- // 3. Let currentAlgorithm be strongest["alg"], and currentAlgorithmIndex be
156
- // the index of currentAlgorithm in the valid SRI hash algorithm token set.
157
- const currentAlgorithm = /** @type {Metadata} */ (strongest).alg
158
- const currentAlgorithmIndex = getSRIHashAlgorithmIndex(currentAlgorithm)
159
-
160
- // 4. Let newAlgorithm be the item["alg"], and newAlgorithmIndex be the
161
- // index of newAlgorithm in the valid SRI hash algorithm token set.
162
- const newAlgorithm = item.alg
163
- const newAlgorithmIndex = getSRIHashAlgorithmIndex(newAlgorithm)
164
-
165
- // 5. If newAlgorithmIndex is less than currentAlgorithmIndex, then continue.
166
- if (newAlgorithmIndex < currentAlgorithmIndex) {
167
- continue
168
-
169
- // 6. Otherwise, if newAlgorithmIndex is greater than
170
- // currentAlgorithmIndex:
171
- } else if (newAlgorithmIndex > currentAlgorithmIndex) {
172
- // 1. Set strongest to item.
173
- strongest = item
174
-
175
- // 2. Set result to « item ».
176
- result[0] = item
177
- result.length = 1
178
-
179
- // 7. Otherwise, newAlgorithmIndex and currentAlgorithmIndex are the same
180
- // value. Append item to result.
181
- } else {
182
- result.push(item)
183
- }
184
- }
185
-
186
- // 3. Return result.
187
- return result
188
- }
189
-
190
- /**
191
- * @param {string} metadata
192
- * @returns {MetadataList}
193
- *
194
- * @see https://w3c.github.io/webappsec-subresource-integrity/#parse-metadata
195
- */
196
- function parseMetadata (metadata) {
197
- // 1. Let result be the empty set.
198
- /** @type {MetadataList} */
199
- const result = []
200
-
201
- // 2. For each item returned by splitting metadata on spaces:
202
- for (const item of metadata.split(' ')) {
203
- // 1. Let expression-and-options be the result of splitting item on U+003F (?).
204
- const expressionAndOptions = item.split('?', 1)
205
-
206
- // 2. Let algorithm-expression be expression-and-options[0].
207
- const algorithmExpression = expressionAndOptions[0]
208
-
209
- // 3. Let base64-value be the empty string.
210
- let base64Value = ''
211
-
212
- // 4. Let algorithm-and-value be the result of splitting algorithm-expression on U+002D (-).
213
- const algorithmAndValue = [algorithmExpression.slice(0, 6), algorithmExpression.slice(7)]
214
-
215
- // 5. Let algorithm be algorithm-and-value[0].
216
- const algorithm = algorithmAndValue[0]
217
-
218
- // 6. If algorithm is not a valid SRI hash algorithm token, then continue.
219
- if (!isValidSRIHashAlgorithm(algorithm)) {
220
- continue
221
- }
222
-
223
- // 7. If algorithm-and-value[1] exists, set base64-value to
224
- // algorithm-and-value[1].
225
- if (algorithmAndValue[1]) {
226
- base64Value = algorithmAndValue[1]
227
- }
228
-
229
- // 8. Let metadata be the ordered map
230
- // «["alg" → algorithm, "val" → base64-value]».
231
- const metadata = {
232
- alg: algorithm,
233
- val: base64Value
234
- }
235
-
236
- // 9. Append metadata to result.
237
- result.push(metadata)
238
- }
239
-
240
- // 3. Return result.
241
- return result
242
- }
243
-
244
- /**
245
- * Applies the specified hash algorithm to the given bytes
246
- *
247
- * @typedef {(algorithm: SRIHashAlgorithm, bytes: Uint8Array) => string} ApplyAlgorithmToBytes
248
- * @param {SRIHashAlgorithm} algorithm
249
- * @param {Uint8Array} bytes
250
- * @returns {string}
251
- */
252
- const applyAlgorithmToBytes = (algorithm, bytes) => {
253
- return crypto.hash(algorithm, bytes, 'base64')
254
- }
255
-
256
- /**
257
- * Compares two base64 strings, allowing for base64url
258
- * in the second string.
259
- *
260
- * @param {string} actualValue base64 encoded string
261
- * @param {string} expectedValue base64 or base64url encoded string
262
- * @returns {boolean}
263
- */
264
- function caseSensitiveMatch (actualValue, expectedValue) {
265
- // Ignore padding characters from the end of the strings by
266
- // decreasing the length by 1 or 2 if the last characters are `=`.
267
- let actualValueLength = actualValue.length
268
- if (actualValueLength !== 0 && actualValue[actualValueLength - 1] === '=') {
269
- actualValueLength -= 1
270
- }
271
- if (actualValueLength !== 0 && actualValue[actualValueLength - 1] === '=') {
272
- actualValueLength -= 1
273
- }
274
- let expectedValueLength = expectedValue.length
275
- if (expectedValueLength !== 0 && expectedValue[expectedValueLength - 1] === '=') {
276
- expectedValueLength -= 1
277
- }
278
- if (expectedValueLength !== 0 && expectedValue[expectedValueLength - 1] === '=') {
279
- expectedValueLength -= 1
280
- }
281
-
282
- if (actualValueLength !== expectedValueLength) {
283
- return false
284
- }
285
-
286
- for (let i = 0; i < actualValueLength; ++i) {
287
- if (
288
- actualValue[i] === expectedValue[i] ||
289
- (actualValue[i] === '+' && expectedValue[i] === '-') ||
290
- (actualValue[i] === '/' && expectedValue[i] === '_')
291
- ) {
292
- continue
293
- }
294
- return false
295
- }
296
-
297
- return true
298
- }
299
-
300
- module.exports = {
301
- applyAlgorithmToBytes,
302
- bytesMatch,
303
- caseSensitiveMatch,
304
- isValidSRIHashAlgorithm,
305
- getStrongestMetadata,
306
- parseMetadata
307
- }