dphelper - npm Package Compare versions
| /// <reference path="./types/dphelper.d.ts" /> |
| interface SandboxOptions { | ||
| timeout?: number | ||
| memoryLimit?: number | ||
| allowGlobals?: boolean | ||
| allowConsole?: boolean | ||
| } | ||
| interface AgentSandboxOptions { | ||
| maxTokens?: number | ||
| maxOperations?: number | ||
| allowRead?: boolean | ||
| allowWrite?: boolean | ||
| allowNetwork?: boolean | ||
| blockedAPIs?: string[] | ||
| } | ||
| interface AgentContext { | ||
| id: string | ||
| created: number | ||
| operations: number | ||
| tokens: number | ||
| blocked: boolean | ||
| data: Record<string, any> | ||
| } | ||
| interface IsolatedSandbox { | ||
| run: (code: string) => any | ||
| eval: (expr: string) => any | ||
| setGlobal: (key: string, value: any) => void | ||
| getGlobal: (key: string) => any | ||
| } | ||
| interface SandboxTool { | ||
| run: (code: string, options?: SandboxOptions) => Promise<any> | ||
| eval: (expr: string) => any | ||
| createAgent: (options?: AgentSandboxOptions) => string | ||
| agentRun: (agentId: string, code: string) => Promise<any> | ||
| blockFS: () => void | ||
| blockNetwork: () => void | ||
| isolate: (globals?: Record<string, any>) => IsolatedSandbox | ||
| reset: () => void | ||
| listAgents: () => AgentContext[] | ||
| killAgent: (agentId: string) => boolean | ||
| } |
| export {}; |
+2
-3
| { | ||
| "name": "dphelper", | ||
| "version": "3.0.7", | ||
| "version": "3.1.0", | ||
| "type": "module", | ||
@@ -79,3 +79,2 @@ "main": "index.js", | ||
| "npm:publish": "npm run build && npm publish ./dist --access public", | ||
| "postinstall": "node postinstall.mjs", | ||
| "test": "cd tests && npm run test", | ||
@@ -88,3 +87,3 @@ "lint": "cd tests && npm run lint", | ||
| "@types/crypto-js": "4.2.2", | ||
| "@types/node": "^25.3.0", | ||
| "@types/node": "^25.3.1", | ||
| "crypto-js": "4.2.0", | ||
@@ -91,0 +90,0 @@ "esbuild": "0.27.3", |
@@ -0,0 +0,0 @@ interface AiTool { |
| interface TriggersTool { | ||
| click(elem: string): void | ||
| change(elem: string): void | ||
| input(elem: string): void | ||
| /** | ||
| * Add a trigger for custom events. | ||
| * @param event - The event name | ||
| * @param callback - The callback to execute when the event is triggered | ||
| */ | ||
| add: (event: string, callback: (...args: any[]) => void) => void | ||
| /** | ||
| * Listen for a trigger event (alias for add). | ||
| */ | ||
| on: (event: string, callback: (...args: any[]) => void) => void | ||
| /** | ||
| * Emit a trigger event and call all registered callbacks. | ||
| * @param event - The event name | ||
| * @param args - Arguments to pass to the callbacks | ||
| */ | ||
| emit: (event: string, ...args: any[]) => void | ||
| /** | ||
| * Remove a trigger event and all its callbacks. | ||
| * @param event - The event name | ||
| */ | ||
| remove: (event: string) => void | ||
| /** | ||
| * Remove a specific callback from an event. | ||
| * @param event - The event name | ||
| * @param callback - The callback to remove | ||
| */ | ||
| off: (event: string, callback: (...args: any[]) => void) => void | ||
| /** | ||
| * Clear all triggers. | ||
| */ | ||
| clear: () => void | ||
| /** | ||
| * List all registered trigger events. | ||
| * @returns Array of event names | ||
| */ | ||
| list: () => string[] | ||
| } |
+89
-3
@@ -341,2 +341,48 @@ /*! | ||
| // --- sandbox --- | ||
| interface SandboxOptions { | ||
| timeout?: number | ||
| memoryLimit?: number | ||
| allowGlobals?: boolean | ||
| allowConsole?: boolean | ||
| } | ||
| interface AgentSandboxOptions { | ||
| maxTokens?: number | ||
| maxOperations?: number | ||
| allowRead?: boolean | ||
| allowWrite?: boolean | ||
| allowNetwork?: boolean | ||
| blockedAPIs?: string[] | ||
| } | ||
| interface AgentContext { | ||
| id: string | ||
| created: number | ||
| operations: number | ||
| tokens: number | ||
| blocked: boolean | ||
| data: Record<string, any> | ||
| } | ||
| interface IsolatedSandbox { | ||
| run: (code: string) => any | ||
| eval: (expr: string) => any | ||
| setGlobal: (key: string, value: any) => void | ||
| getGlobal: (key: string) => any | ||
| } | ||
| interface SandboxTool { | ||
| run: (code: string, options?: SandboxOptions) => Promise<any> | ||
| eval: (expr: string) => any | ||
| createAgent: (options?: AgentSandboxOptions) => string | ||
| agentRun: (agentId: string, code: string) => Promise<any> | ||
| blockFS: () => void | ||
| blockNetwork: () => void | ||
| isolate: (globals?: Record<string, any>) => IsolatedSandbox | ||
| reset: () => void | ||
| listAgents: () => AgentContext[] | ||
| killAgent: (agentId: string) => boolean | ||
| } | ||
| // --- sanitize --- | ||
@@ -490,5 +536,44 @@ interface SanitizeTool { | ||
| interface TriggersTool { | ||
| click(elem: string): void | ||
| change(elem: string): void | ||
| input(elem: string): void | ||
| /** | ||
| * Add a trigger for custom events. | ||
| * @param event - The event name | ||
| * @param callback - The callback to execute when the event is triggered | ||
| */ | ||
| add: (event: string, callback: (...args: any[]) => void) => void | ||
| /** | ||
| * Listen for a trigger event (alias for add). | ||
| */ | ||
| on: (event: string, callback: (...args: any[]) => void) => void | ||
| /** | ||
| * Emit a trigger event and call all registered callbacks. | ||
| * @param event - The event name | ||
| * @param args - Arguments to pass to the callbacks | ||
| */ | ||
| emit: (event: string, ...args: any[]) => void | ||
| /** | ||
| * Remove a trigger event and all its callbacks. | ||
| * @param event - The event name | ||
| */ | ||
| remove: (event: string) => void | ||
| /** | ||
| * Remove a specific callback from an event. | ||
| * @param event - The event name | ||
| * @param callback - The callback to remove | ||
| */ | ||
| off: (event: string, callback: (...args: any[]) => void) => void | ||
| /** | ||
| * Clear all triggers. | ||
| */ | ||
| clear: () => void | ||
| /** | ||
| * List all registered trigger events. | ||
| * @returns Array of event names | ||
| */ | ||
| list: () => string[] | ||
| } | ||
@@ -554,2 +639,3 @@ | ||
| promise: PromiseTool | ||
| sandbox: SandboxTool | ||
| sanitize: SanitizeTool | ||
@@ -556,0 +642,0 @@ screen: ScreenTool |
| // dphelper postinstall | ||
| // Creates node_modules/@types/dphelper/index.d.ts automatically so TypeScript | ||
| // discovers dphelper's global types without any configuration in the consumer project. | ||
| import fs from 'node:fs' | ||
| import path from 'node:path' | ||
| import { fileURLToPath } from 'node:url' | ||
| const | ||
| __dirname = path.dirname(fileURLToPath(import.meta.url)), | ||
| // When postinstall runs, cwd is the consuming project root. | ||
| // __dirname is node_modules/dphelper/ | ||
| atTypesDir = path.join(__dirname, '..', '@types', 'dphelper'), | ||
| atTypesFile = path.join(atTypesDir, 'index.d.ts'), | ||
| reference = '/// <reference path="../../dphelper/types/dphelper.d.ts" />\n' | ||
| try { | ||
| fs.mkdirSync(atTypesDir, { recursive: true }) | ||
| fs.writeFileSync(atTypesFile, reference, 'utf8') | ||
| console.debug('[dphelper] Global types registered at node_modules/@types/dphelper/index.d.ts') | ||
| } catch (e) { | ||
| // Non-fatal: types can still be referenced manually | ||
| console.debug('[dphelper] Could not auto-register types:', e) | ||
| } |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Install scripts
Supply chain riskInstall scripts are run when the package is installed or built. Malicious packages often use scripts that run automatically to execute payloads or fetch additional code.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
426123
4.02%- Number of package files
111
1.83%- Lines of code
2865
6.62%- Number of high supply chain risk alerts
0
-100%Worsened metrics
- Number of low supply chain risk alerts
50
4.17%- Number of medium supply chain risk alerts
30
66.67%