NemoClaw/package.json
J. Yaunches 9fe45362a5
Some checks are pending
Security / Code Scanning / CodeQL (javascript-typescript) (push) Waiting to run
Security / Code Scanning / CodeQL (python) (push) Waiting to run
Security / Code Scanning / ShellCheck SARIF (push) Waiting to run
Docs / Publish Staging / publish (push) Waiting to run
Docs / Publish Staging / delete-preview (push) Blocked by required conditions
Security / Installer Hash Check / check-hash (push) Waiting to run
E2E / macOS / macos-e2e (push) Waiting to run
CI / Main / installer-integration (push) Waiting to run
CI / Main / build-typecheck (push) Waiting to run
CI / Main / static-checks (push) Waiting to run
CI / Main / cli-test-shards (1) (push) Waiting to run
CI / Main / cli-test-shards (2) (push) Waiting to run
CI / Main / cli-test-shards (3) (push) Waiting to run
CI / Main / cli-test-shards (4) (push) Waiting to run
CI / Main / cli-test-shards (5) (push) Waiting to run
CI / Main / cli-tests (push) Blocked by required conditions
CI / Main / plugin-tests (push) Waiting to run
CI / Main / test-e2e-ollama-proxy (push) Waiting to run
CI / Main / checks (push) Blocked by required conditions
CI / Main / sandbox-images-and-e2e (push) Blocked by required conditions
CI / Platform Vitest Main Watch / macos-vitest (push) Waiting to run
CI / Platform Vitest Main Watch / wsl-vitest (push) Waiting to run
Automation / Request NVSkills CI / request (push) Waiting to run
E2E / WSL / wsl-e2e (push) Waiting to run
fix(security): fail closed for DNS-backed HTTPS endpoints (#6139)
## Summary

This PR fixes #4684 by taking the conservative path requested in the PR
#4685 security review: DNS-backed HTTPS endpoints now fail closed before
NemoClaw hands them to a downstream OpenShell/provider runtime.

Credit to @1PoPTRoN for the original #4685 work that identified and
covered the HTTPS DNS-rebinding gap. This PR intentionally preserves the
narrow safety outcome while avoiding the contested host-loopback
pin-proxy transport until a runtime-aware design is ready.

## What changed

- Adds structured endpoint validation metadata in
`nemoclaw/src/blueprint/ssrf.ts`.
- Introduces `safeEndpointUrlForDownstream()`:
  - HTTP DNS-backed endpoints still use the DNS-pinned IP URL.
  - HTTPS IP-literal endpoints remain allowed.
  - DNS-backed HTTPS endpoints fail closed with an actionable error.
- Applies the same fail-closed policy to generic persisted sandbox
config URL rewrites.
- Adds unit coverage for blueprint plan/apply and config-set behavior.
- Adds a PR-safe live E2E slice in `inference-routing.test.ts` proving
DNS-backed HTTPS blueprint apply fails before any OpenShell handoff.

## Why this shape

PR #4685's host-local HTTPS pin proxy still had unresolved
security/design concerns:

- provider traffic may originate outside the NemoClaw host loopback
namespace;
- broadening a plaintext unauthenticated proxy would create
credential-boundary risk;
- redirects and credential-bearing URL state need a separate
policy/design;
- the long-lived helper environment and commit provenance needed
cleanup.

This PR therefore fixes the bug by failing closed instead of introducing
a partial transport. A follow-up can add the runtime-aware HTTPS pinning
transport with real OpenShell/Docker E2E coverage.

## Test plan

- `npm --prefix nemoclaw test -- --run src/blueprint/ssrf.test.ts
src/blueprint/runner.test.ts`
- `npx vitest run --project integration test/config-set.test.ts
--silent=false --reporter=default`
- `NEMOCLAW_RUN_LIVE_E2E=1 npx vitest run --project e2e-live
test/e2e/live/inference-routing.test.ts -t "TC-INF-10" --silent=false
--reporter=default`
- `npm run build:cli`
- `npm --prefix nemoclaw run build`
- `npm run typecheck:cli`

Fixes #4684


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Bug Fixes**
* Implemented fail-closed validation for DNS-backed HTTPS endpoints:
they’re now rejected during endpoint validation, including when
rewriting config URLs, preventing downstream runtime handoff.
* Made endpoint URL handling consistent across overrides and blueprint
resolution by applying the same downstream-safe normalization.
* Enhanced endpoint validation feedback to include protocol/hostname and
DNS-resolution details for consistent behavior across flows.
* **Tests**
* Strengthened unit and E2E coverage to assert DNS-backed HTTPS
rejection and verify that no handoff command is executed on failure.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Signed-off-by: Julie Yaunches <jyaunches@nvidia.com>
2026-07-02 02:28:01 -04:00

112 lines
5.7 KiB
JSON

{
"$comment": "SPDX-FileCopyrightText: Copyright (c) 2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved.\nSPDX-License-Identifier: Apache-2.0",
"name": "nemoclaw",
"version": "0.1.0",
"description": "NemoClaw — run OpenClaw inside OpenShell with NVIDIA inference",
"license": "Apache-2.0",
"bin": {
"nemoclaw": "./bin/nemoclaw.js",
"nemohermes": "./bin/nemohermes.js",
"nemo-deepagents": "./bin/nemoclaw.js"
},
"oclif": {
"bin": "nemoclaw",
"commands": {
"strategy": "pattern",
"target": "./dist/commands"
},
"flexibleTaxonomy": true,
"topicSeparator": " "
},
"scripts": {
"preinstall": "node scripts/check-node-version.js",
"dev:doctor": "bash scripts/dev-setup.sh --doctor",
"test": "npm run clean:cli && npm --prefix nemoclaw run clean && npm run build:cli && npm --prefix nemoclaw run build && vitest run --project cli --project integration --project installer-integration --project package-contract --project plugin --project e2e-support",
"test:spec": "npm test -- --reporter=tree",
"test:fast": "npm run clean:cli && vitest run --project cli --project plugin --project e2e-support",
"test:integration": "npm run clean:cli && npm run build:cli && vitest run --project integration --project installer-integration",
"test:package": "npm run clean:cli && npm --prefix nemoclaw run clean && npm run build:cli && npm --prefix nemoclaw run build && vitest run --project package-contract",
"test:live-e2e": "NEMOCLAW_RUN_LIVE_E2E=1 vitest run --project e2e-live",
"test:imports:check": "tsx scripts/checks/no-test-dist-imports.ts",
"test:projects:check": "tsx scripts/checks/vitest-project-overlap.ts",
"test:titles:check": "tsx scripts/checks/test-title-style.ts",
"check": "npx prek run --all-files",
"checks": "tsx scripts/checks/run.ts",
"lint": "npx @biomejs/biome lint . && npm run checks",
"lint:fix": "npx @biomejs/biome lint --write . && npm run checks",
"lint:ts": "cd nemoclaw && npm run check",
"format": "npx @biomejs/biome format --write .",
"format:check": "npx @biomejs/biome format .",
"format:ts": "cd nemoclaw && npm run lint:fix && npm run format",
"check:installer-hash": "bash scripts/check-installer-hash.sh",
"typecheck": "tsc -p jsconfig.json",
"build:cli": "tsc -p tsconfig.src.json && node dist/lib/cli/generate-oclif-metadata-manifest.js && if find nemoclaw-blueprint/scripts -name '*.ts' -print -quit | grep -q .; then tsc -p nemoclaw-blueprint/tsconfig.json; fi",
"clean:cli": "node -e \"require('node:fs').rmSync('dist', { recursive: true, force: true })\"",
"typecheck:cli": "tsc -p tsconfig.cli.json",
"validate:configs": "tsx scripts/validate-configs.ts",
"type-safety:hotspots": "tsx scripts/type-safety-hotspots.ts",
"source-shape:scan": "tsx scripts/find-source-shape-tests.ts --metrics",
"source-shape:check": "tsx scripts/find-source-shape-tests.ts --check",
"test-size:check": "tsx scripts/check-test-file-size-budget.ts",
"test-conditionals:scan": "tsx scripts/find-test-conditionals.ts",
"bump:version": "tsx scripts/bump-version.ts",
"release:plan": "tsx scripts/release-plan.ts",
"release:cut": "bash scripts/release-cut-tag.sh",
"release:wait-latest": "bash scripts/release-wait-latest.sh",
"release:notes-data": "tsx scripts/release-notes-data.ts",
"docs": "npm run docs:strict",
"docs:deps": "node -p \"require('./fern/fern.config.json').version\" | xargs -I {} npx --yes fern-api@{} --version",
"docs:sync-agent-variants": "tsx scripts/sync-agent-variant-docs.ts",
"docs:check-agent-variants": "tsx scripts/sync-agent-variant-docs.ts --check",
"docs:strict": "npm run docs:check-agent-variants && FERN_VERSION=$(node -p \"require('./fern/fern.config.json').version\") && cd fern && npx --yes \"fern-api@${FERN_VERSION}\" check",
"docs:live": "FERN_VERSION=$(node -p \"require('./fern/fern.config.json').version\") && cd fern && npx --yes \"fern-api@${FERN_VERSION}\" docs dev",
"docs:preview:watch": "tsx scripts/watch-fern-preview.ts",
"docs:clean": "rm -rf .fern-cache fern/.fern-cache docs/_build",
"prepare": "if command -v tsc >/dev/null 2>&1 || [ -x node_modules/.bin/tsc ]; then npm run build:cli; fi && (npm install --omit=dev --ignore-scripts 2>/dev/null || true) && if [ -d .git ]; then bash scripts/npm-link-or-shim.sh; if command -v prek >/dev/null 2>&1; then prek install; else echo \"Skipping git hook setup (prek not installed)\"; fi; fi",
"prepublishOnly": "git describe --tags --match 'v*' | sed 's/^v//' > .version && test -s .version && cd nemoclaw && env -u npm_config_global -u npm_config_prefix -u npm_config_omit npm install --ignore-scripts && ./node_modules/.bin/tsc"
},
"dependencies": {
"@aws-sdk/client-bedrock-runtime": "3.1046.0",
"@oclif/core": "^4.10.5",
"execa": "^9.6.1",
"js-yaml": "^4.1.1",
"p-retry": "^4.6.2",
"qrcode-terminal": "^0.12.0",
"yaml": "^2.8.3"
},
"bundleDependencies": [
"p-retry"
],
"files": [
".version",
"bin/",
"dist/",
"nemoclaw/dist/",
"nemoclaw/openclaw.plugin.json",
"nemoclaw/package.json",
"nemoclaw-blueprint/",
"scripts/",
"Dockerfile",
".dockerignore"
],
"engines": {
"node": ">=22.16.0"
},
"repository": {
"type": "git",
"url": "https://github.com/NVIDIA/NemoClaw.git"
},
"devDependencies": {
"@biomejs/biome": "^2.4.14",
"@commitlint/cli": "^20.5.0",
"@commitlint/config-conventional": "^20.5.0",
"@earendil-works/pi-coding-agent": "0.74.0",
"@j178/prek": "^0.3.6",
"@types/node": "^25.5.2",
"@vitest/coverage-v8": "^4.1.0",
"ajv": "^8.17.0",
"tsx": "^4.21.0",
"typescript": "^6.0.2",
"vitest": "^4.1.9"
}
}