ssrf-agent-guard 0.1.9 → 0.1.11

package/.github/workflows/ci.yml

@@ -0,0 +1,80 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Run ESLint
+        run: npm run lint
+
+  test:
+    name: Test (Node ${{ matrix.node-version }})
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: ['18', '20', '22']
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Run tests
+        run: npm test
+
+      - name: Upload coverage reports
+        if: matrix.node-version == '20'
+        uses: codecov/codecov-action@v5
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          file: ./coverage/lcov.info
+          fail_ci_if_error: false
+
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    needs: [lint, test]
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Build
+        run: npm run build
+
+      - name: Upload build artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/

package/.github/workflows/publish.yml

@@ -0,0 +1,36 @@
+name: Publish to npm
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  publish:
+    name: Publish
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+          registry-url: 'https://registry.npmjs.org'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Run tests
+        run: npm test
+
+      - name: Build
+        run: npm run build
+
+      - name: Publish to npm
+        run: npm publish --provenance --access public
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

package/README.md

@@ -1,5 +1,9 @@
 # ssrf-agent-guard
 
+[![npm version](https://img.shields.io/npm/v/ssrf-agent-guard.svg)](https://www.npmjs.com/package/ssrf-agent-guard)                                                        
+[![npm downloads](https://img.shields.io/npm/dm/ssrf-agent-guard.svg)](https://www.npmjs.com/package/ssrf-agent-guard)                                                     
+[![codecov](https://codecov.io/gh/swapniluneva/ssrf-agent-guard/branch/main/graph/badge.svg)](https://codecov.io/gh/swapniluneva/ssrf-agent-guard)
+
 #### `ssrf-agent-guard` is a Node.js module for protecting your HTTP/HTTPS requests against SSRF (Server-Side Request Forgery) attacks. It wraps http.Agent and https.Agent to enforce pre and post DNS host/IP checks, block access to cloud metadata endpoints, private IPs, and unsafe domains.
 ---
 

package/dist/index.cjs.js

@@ -85,7 +85,7 @@ function matchesDomain(hostname, pattern) {
  * Checks if a hostname matches any domain in a list.
  */
 function matchesAnyDomain(hostname, domains) {
-    return domains.some(domain => matchesDomain(hostname, domain));
+    return domains.some((domain) => matchesDomain(hostname, domain));
 }
 /**
  * Validates a host against policy options.
@@ -114,7 +114,7 @@ function validatePolicy(hostname, policy) {
     // Check denyTLD
     if (policy.denyTLD && policy.denyTLD.length > 0) {
         const tld = getTLD(hostname);
-        if (policy.denyTLD.map(t => t.toLowerCase()).includes(tld)) {
+        if (policy.denyTLD.map((t) => t.toLowerCase()).includes(tld)) {
             return { safe: false, reason: 'denied_tld' };
         }
     }

package/dist/index.esm.js

@@ -81,7 +81,7 @@ function matchesDomain(hostname, pattern) {
  * Checks if a hostname matches any domain in a list.
  */
 function matchesAnyDomain(hostname, domains) {
-    return domains.some(domain => matchesDomain(hostname, domain));
+    return domains.some((domain) => matchesDomain(hostname, domain));
 }
 /**
  * Validates a host against policy options.
@@ -110,7 +110,7 @@ function validatePolicy(hostname, policy) {
     // Check denyTLD
     if (policy.denyTLD && policy.denyTLD.length > 0) {
         const tld = getTLD(hostname);
-        if (policy.denyTLD.map(t => t.toLowerCase()).includes(tld)) {
+        if (policy.denyTLD.map((t) => t.toLowerCase()).includes(tld)) {
             return { safe: false, reason: 'denied_tld' };
         }
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ssrf-agent-guard",
-  "version": "0.1.9",
+  "version": "0.1.11",
   "description": "A TypeScript SSRF protection library for Node.js (express/axios) with advanced policies, DNS rebinding detection and cloud metadata protection.",
   "main": "dist/index.cjs.js",
   "module": "dist/index.esm.js",
@@ -42,7 +42,10 @@
     "@typescript-eslint/eslint-plugin": "^6.3.0",
     "@typescript-eslint/parser": "^6.3.0",
     "eslint": "^8.50.0",
+    "eslint-config-prettier": "^9.1.0",
+    "eslint-plugin-prettier": "^5.2.1",
     "jest": "^29.6.1",
+    "prettier": "^3.4.2",
     "rollup": "^4.53.3",
     "rollup-plugin-typescript2": "^0.36.0",
     "ts-jest": "^29.1.1",