sunpeak 0.13.4 → 0.13.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/commands/deploy.mjs +2 -1
- package/bin/commands/pull.mjs +12 -8
- package/bin/commands/push.mjs +26 -10
- package/dist/chatgpt/iframe-resource.d.ts +6 -1
- package/dist/chatgpt/index.cjs +2 -2
- package/dist/chatgpt/index.js +2 -2
- package/dist/chatgpt/simulator-url.d.ts +1 -7
- package/dist/{discovery-C7SIp_GP.js → discovery-COZUnY6a.js} +3 -6
- package/dist/{discovery-C7SIp_GP.js.map → discovery-COZUnY6a.js.map} +1 -1
- package/dist/{discovery-B9YsEQjv.cjs → discovery-CRR3SlyI.cjs} +3 -6
- package/dist/{discovery-B9YsEQjv.cjs.map → discovery-CRR3SlyI.cjs.map} +1 -1
- package/dist/{index-CCt2XfkG.cjs → index-B_In_BWg.cjs} +40 -12
- package/dist/{index-CCt2XfkG.cjs.map → index-B_In_BWg.cjs.map} +1 -1
- package/dist/{index-BlyJVyBA.js → index-CkEAx7FS.js} +39 -11
- package/dist/{index-BlyJVyBA.js.map → index-CkEAx7FS.js.map} +1 -1
- package/dist/index.cjs +2 -2
- package/dist/index.js +3 -3
- package/dist/lib/discovery-cli.cjs +1 -1
- package/dist/lib/discovery-cli.js +1 -1
- package/dist/types/runtime.d.ts +2 -4
- package/package.json +2 -2
- package/template/dist/albums/albums.json +1 -1
- package/template/dist/carousel/carousel.json +1 -1
- package/template/dist/map/map.json +1 -1
- package/template/dist/review/review.json +1 -1
- package/template/node_modules/.vite/deps/@openai_apps-sdk-ui_components_SegmentedControl.js +3 -3
- package/template/node_modules/.vite/deps/@openai_apps-sdk-ui_components_Select.js +9 -9
- package/template/node_modules/.vite/deps/_metadata.json +37 -37
- package/template/node_modules/.vite/vitest/da39a3ee5e6b4b0d3255bfef95601890afd80709/results.json +1 -1
- package/template/playwright.config.ts +6 -1
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@modelcontextprotocol_ext-apps.js +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@modelcontextprotocol_ext-apps.js.map +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@modelcontextprotocol_ext-apps_app-bridge.js +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@modelcontextprotocol_ext-apps_app-bridge.js.map +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@modelcontextprotocol_ext-apps_react.js +3 -3
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@modelcontextprotocol_ext-apps_react.js.map +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_Avatar.js +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_Avatar.js.map +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_Button.js +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_Button.js.map +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_Checkbox.js +1 -1
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_Checkbox.js.map +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_Icon.js +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_Icon.js.map +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_Input.js +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_Input.js.map +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_SegmentedControl.js +1 -1
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_SegmentedControl.js.map +0 -0
- package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_Select.js +4 -4
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_Select.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_Textarea.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_components_Textarea.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_theme.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/@openai_apps-sdk-ui_theme.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-3FUH6LFP.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-3FUH6LFP.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-4EQ7FTMQ.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-4EQ7FTMQ.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-4WVD247F.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-4WVD247F.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-ABGJ7IDC.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-ABGJ7IDC.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-DP4XHQAG.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-DP4XHQAG.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-EGRHWZRV.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-EGRHWZRV.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-EHI2XMPP.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-EHI2XMPP.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-JWMBYPFX.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-JWMBYPFX.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-PZDCUP6P.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-PZDCUP6P.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-Q2RBUOJ3.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-Q2RBUOJ3.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-SPDZ46BB.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-SPDZ46BB.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-WEIC4XKX.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-WEIC4XKX.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-WSHFT23M.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-WSHFT23M.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-XQARMNNG.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/chunk-XQARMNNG.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/clsx.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/clsx.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/embla-carousel-react.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/embla-carousel-react.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/embla-carousel-wheel-gestures.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/embla-carousel-wheel-gestures.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/mapbox-gl.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/mapbox-gl.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/package.json +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/react-dom.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/react-dom.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/react-dom_client.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/react-dom_client.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/react.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/react.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/react_jsx-dev-runtime.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/react_jsx-dev-runtime.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/react_jsx-runtime.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/react_jsx-runtime.js.map +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/tailwind-merge.js +0 -0
- /package/template/node_modules/.vite-mcp/{deps_temp_59db64d1 → deps_temp_170f8fb8}/tailwind-merge.js.map +0 -0
|
@@ -5,7 +5,7 @@ import { c as commonjsGlobal } from "./_commonjsHelpers-DWwsNxpa.js";
|
|
|
5
5
|
import * as ReactDOM from "react-dom";
|
|
6
6
|
import ReactDOM__default from "react-dom";
|
|
7
7
|
import { P as Protocol, b as PingRequestSchema, L as LoggingMessageNotificationSchema, c as CallToolRequestSchema, d as ListResourcesRequestSchema, e as ListResourceTemplatesRequestSchema, f as ReadResourceRequestSchema, g as ListPromptsRequestSchema, a as CallToolResultSchema, h as ToolListChangedNotificationSchema, i as ListResourcesResultSchema, j as ListResourceTemplatesResultSchema, k as ReadResourceResultSchema, l as ResourceListChangedNotificationSchema, m as ListPromptsResultSchema, n as PromptListChangedNotificationSchema, J as JSONRPCMessageSchema, I as ImplementationSchema, C as ContentBlockSchema, T as ToolSchema, R as RequestIdSchema } from "./protocol-BQCnIrc9.js";
|
|
8
|
-
import { a as buildDevSimulations, b as buildResourceMap, d as buildSimulations, c as createResourceExports, e as extractResourceKey, f as extractSimulationKey, g as extractSimulationName, h as findResourceDirs, i as findResourceKey, j as findSimulationFiles, k as getComponentName, l as isSimulationFile, t as toPascalCase } from "./discovery-
|
|
8
|
+
import { a as buildDevSimulations, b as buildResourceMap, d as buildSimulations, c as createResourceExports, e as extractResourceKey, f as extractSimulationKey, g as extractSimulationName, h as findResourceDirs, i as findResourceKey, j as findSimulationFiles, k as getComponentName, l as isSimulationFile, t as toPascalCase } from "./discovery-COZUnY6a.js";
|
|
9
9
|
function r(e) {
|
|
10
10
|
var t, f2, n = "";
|
|
11
11
|
if ("string" == typeof e || "number" == typeof e) n += e;
|
|
@@ -14076,6 +14076,16 @@ class McpAppHost {
|
|
|
14076
14076
|
if (this.options.onOpenLink) {
|
|
14077
14077
|
this.options.onOpenLink(url);
|
|
14078
14078
|
} else {
|
|
14079
|
+
try {
|
|
14080
|
+
const parsed = new URL(url);
|
|
14081
|
+
if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
|
|
14082
|
+
console.warn("[MCP App] openLink blocked non-http(s) URL:", url);
|
|
14083
|
+
return {};
|
|
14084
|
+
}
|
|
14085
|
+
} catch {
|
|
14086
|
+
console.warn("[MCP App] openLink blocked invalid URL:", url);
|
|
14087
|
+
return {};
|
|
14088
|
+
}
|
|
14079
14089
|
window.open(url, "_blank");
|
|
14080
14090
|
}
|
|
14081
14091
|
return {};
|
|
@@ -14157,6 +14167,7 @@ class McpAppHost {
|
|
|
14157
14167
|
const id = ++this._fenceId;
|
|
14158
14168
|
return new Promise((resolve) => {
|
|
14159
14169
|
const handler = (event) => {
|
|
14170
|
+
if (event.source !== win) return;
|
|
14160
14171
|
if (event.data?.method === "sunpeak/fence-ack" && event.data.params?.fenceId === id) {
|
|
14161
14172
|
cleanup();
|
|
14162
14173
|
resolve();
|
|
@@ -14299,6 +14310,15 @@ function isAllowedUrl(src) {
|
|
|
14299
14310
|
}
|
|
14300
14311
|
}
|
|
14301
14312
|
const SDK_RESOURCE_DOMAINS = ["https://cdn.openai.com"];
|
|
14313
|
+
function isValidCspSource(source) {
|
|
14314
|
+
if (!source || /[\s;,']/.test(source) || source === "*") return false;
|
|
14315
|
+
try {
|
|
14316
|
+
const url = new URL(source);
|
|
14317
|
+
return url.protocol === "http:" || url.protocol === "https:" || url.protocol === "ws:" || url.protocol === "wss:";
|
|
14318
|
+
} catch {
|
|
14319
|
+
return false;
|
|
14320
|
+
}
|
|
14321
|
+
}
|
|
14302
14322
|
function generateCSP(csp, scriptSrc) {
|
|
14303
14323
|
let scriptOrigin = "";
|
|
14304
14324
|
try {
|
|
@@ -14316,14 +14336,26 @@ function generateCSP(csp, scriptSrc) {
|
|
|
14316
14336
|
const connectSources = /* @__PURE__ */ new Set(["'self'"]);
|
|
14317
14337
|
if (scriptOrigin) connectSources.add(scriptOrigin);
|
|
14318
14338
|
if (csp?.connectDomains) {
|
|
14319
|
-
for (const domain of csp.connectDomains)
|
|
14339
|
+
for (const domain of csp.connectDomains) {
|
|
14340
|
+
if (isValidCspSource(domain)) {
|
|
14341
|
+
connectSources.add(domain);
|
|
14342
|
+
} else {
|
|
14343
|
+
console.warn("[IframeResource] Ignoring invalid CSP connect domain:", domain);
|
|
14344
|
+
}
|
|
14345
|
+
}
|
|
14320
14346
|
}
|
|
14321
14347
|
directives.push(`connect-src ${Array.from(connectSources).join(" ")}`);
|
|
14322
14348
|
const resourceSources = /* @__PURE__ */ new Set(["'self'", "data:", "blob:"]);
|
|
14323
14349
|
if (scriptOrigin) resourceSources.add(scriptOrigin);
|
|
14324
14350
|
for (const domain of SDK_RESOURCE_DOMAINS) resourceSources.add(domain);
|
|
14325
14351
|
if (csp?.resourceDomains) {
|
|
14326
|
-
for (const domain of csp.resourceDomains)
|
|
14352
|
+
for (const domain of csp.resourceDomains) {
|
|
14353
|
+
if (isValidCspSource(domain)) {
|
|
14354
|
+
resourceSources.add(domain);
|
|
14355
|
+
} else {
|
|
14356
|
+
console.warn("[IframeResource] Ignoring invalid CSP resource domain:", domain);
|
|
14357
|
+
}
|
|
14358
|
+
}
|
|
14327
14359
|
}
|
|
14328
14360
|
const resourceList = Array.from(resourceSources).join(" ");
|
|
14329
14361
|
directives.push(`img-src ${resourceList}`);
|
|
@@ -14334,8 +14366,9 @@ function generateCSP(csp, scriptSrc) {
|
|
|
14334
14366
|
function generateScriptHtml(scriptSrc, theme, cspPolicy) {
|
|
14335
14367
|
const safeScriptSrc = escapeHtml(scriptSrc);
|
|
14336
14368
|
const safeCsp = escapeHtml(cspPolicy);
|
|
14369
|
+
const safeTheme = escapeHtml(theme);
|
|
14337
14370
|
return `<!DOCTYPE html>
|
|
14338
|
-
<html lang="en" data-theme="${
|
|
14371
|
+
<html lang="en" data-theme="${safeTheme}">
|
|
14339
14372
|
<head>
|
|
14340
14373
|
<meta charset="UTF-8" />
|
|
14341
14374
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
@@ -14577,8 +14610,6 @@ function parseUrlParams() {
|
|
|
14577
14610
|
platform2 = "mobile";
|
|
14578
14611
|
} else if (deviceType === "desktop") {
|
|
14579
14612
|
platform2 = "desktop";
|
|
14580
|
-
} else if (deviceType) {
|
|
14581
|
-
platform2 = "web";
|
|
14582
14613
|
}
|
|
14583
14614
|
const hoverParam = params.get("hover");
|
|
14584
14615
|
const touchParam = params.get("touch");
|
|
@@ -14743,7 +14774,7 @@ function ChatGPTSimulator({
|
|
|
14743
14774
|
const resourceScript = selectedSim?.resourceScript;
|
|
14744
14775
|
const resourceMeta = selectedSim?.resource._meta;
|
|
14745
14776
|
const resourceUi = resourceMeta?.ui;
|
|
14746
|
-
const csp = resourceUi?.csp
|
|
14777
|
+
const csp = resourceUi?.csp;
|
|
14747
14778
|
const hasIframeContent = !!(resourceUrl || resourceScript);
|
|
14748
14779
|
const isTransitioning = hasIframeContent && displayMode !== readyDisplayMode;
|
|
14749
14780
|
let content;
|
|
@@ -15049,9 +15080,6 @@ function createSimulatorUrl(params, basePath = "/") {
|
|
|
15049
15080
|
if (params.safeAreaRight !== void 0) {
|
|
15050
15081
|
searchParams.set("safeAreaRight", String(params.safeAreaRight));
|
|
15051
15082
|
}
|
|
15052
|
-
if (params.viewMode !== void 0) {
|
|
15053
|
-
searchParams.set("viewMode", params.viewMode);
|
|
15054
|
-
}
|
|
15055
15083
|
const queryString = searchParams.toString();
|
|
15056
15084
|
return queryString ? `${basePath}?${queryString}` : basePath;
|
|
15057
15085
|
}
|
|
@@ -15089,4 +15117,4 @@ export {
|
|
|
15089
15117
|
index as i,
|
|
15090
15118
|
useThemeContext as u
|
|
15091
15119
|
};
|
|
15092
|
-
//# sourceMappingURL=index-
|
|
15120
|
+
//# sourceMappingURL=index-CkEAx7FS.js.map
|