mirror of
https://github.com/NVIDIA/NemoClaw.git
synced 2026-07-03 03:37:16 +00:00
Some checks are pending
Security / Code Scanning / CodeQL (javascript-typescript) (push) Waiting to run
Security / Code Scanning / CodeQL (python) (push) Waiting to run
Security / Code Scanning / ShellCheck SARIF (push) Waiting to run
Docs / Publish Staging / publish (push) Waiting to run
Docs / Publish Staging / delete-preview (push) Blocked by required conditions
Security / Installer Hash Check / check-hash (push) Waiting to run
E2E / macOS / macos-e2e (push) Waiting to run
CI / Main / installer-integration (push) Waiting to run
CI / Main / build-typecheck (push) Waiting to run
CI / Main / static-checks (push) Waiting to run
CI / Main / cli-test-shards (1) (push) Waiting to run
CI / Main / cli-test-shards (2) (push) Waiting to run
CI / Main / cli-test-shards (3) (push) Waiting to run
CI / Main / cli-test-shards (4) (push) Waiting to run
CI / Main / cli-test-shards (5) (push) Waiting to run
CI / Main / cli-tests (push) Blocked by required conditions
CI / Main / plugin-tests (push) Waiting to run
CI / Main / test-e2e-ollama-proxy (push) Waiting to run
CI / Main / checks (push) Blocked by required conditions
CI / Main / sandbox-images-and-e2e (push) Blocked by required conditions
CI / Platform Vitest Main Watch / macos-vitest (push) Waiting to run
CI / Platform Vitest Main Watch / wsl-vitest (push) Waiting to run
Automation / Request NVSkills CI / request (push) Waiting to run
E2E / WSL / wsl-e2e (push) Waiting to run
## Summary This PR fixes #4684 by taking the conservative path requested in the PR #4685 security review: DNS-backed HTTPS endpoints now fail closed before NemoClaw hands them to a downstream OpenShell/provider runtime. Credit to @1PoPTRoN for the original #4685 work that identified and covered the HTTPS DNS-rebinding gap. This PR intentionally preserves the narrow safety outcome while avoiding the contested host-loopback pin-proxy transport until a runtime-aware design is ready. ## What changed - Adds structured endpoint validation metadata in `nemoclaw/src/blueprint/ssrf.ts`. - Introduces `safeEndpointUrlForDownstream()`: - HTTP DNS-backed endpoints still use the DNS-pinned IP URL. - HTTPS IP-literal endpoints remain allowed. - DNS-backed HTTPS endpoints fail closed with an actionable error. - Applies the same fail-closed policy to generic persisted sandbox config URL rewrites. - Adds unit coverage for blueprint plan/apply and config-set behavior. - Adds a PR-safe live E2E slice in `inference-routing.test.ts` proving DNS-backed HTTPS blueprint apply fails before any OpenShell handoff. ## Why this shape PR #4685's host-local HTTPS pin proxy still had unresolved security/design concerns: - provider traffic may originate outside the NemoClaw host loopback namespace; - broadening a plaintext unauthenticated proxy would create credential-boundary risk; - redirects and credential-bearing URL state need a separate policy/design; - the long-lived helper environment and commit provenance needed cleanup. This PR therefore fixes the bug by failing closed instead of introducing a partial transport. A follow-up can add the runtime-aware HTTPS pinning transport with real OpenShell/Docker E2E coverage. ## Test plan - `npm --prefix nemoclaw test -- --run src/blueprint/ssrf.test.ts src/blueprint/runner.test.ts` - `npx vitest run --project integration test/config-set.test.ts --silent=false --reporter=default` - `NEMOCLAW_RUN_LIVE_E2E=1 npx vitest run --project e2e-live test/e2e/live/inference-routing.test.ts -t "TC-INF-10" --silent=false --reporter=default` - `npm run build:cli` - `npm --prefix nemoclaw run build` - `npm run typecheck:cli` Fixes #4684 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Implemented fail-closed validation for DNS-backed HTTPS endpoints: they’re now rejected during endpoint validation, including when rewriting config URLs, preventing downstream runtime handoff. * Made endpoint URL handling consistent across overrides and blueprint resolution by applying the same downstream-safe normalization. * Enhanced endpoint validation feedback to include protocol/hostname and DNS-resolution details for consistent behavior across flows. * **Tests** * Strengthened unit and E2E coverage to assert DNS-backed HTTPS rejection and verify that no handoff command is executed on failure. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Signed-off-by: Julie Yaunches <jyaunches@nvidia.com>
112 lines
5.7 KiB
JSON
112 lines
5.7 KiB
JSON
{
|
|
"$comment": "SPDX-FileCopyrightText: Copyright (c) 2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved.\nSPDX-License-Identifier: Apache-2.0",
|
|
"name": "nemoclaw",
|
|
"version": "0.1.0",
|
|
"description": "NemoClaw — run OpenClaw inside OpenShell with NVIDIA inference",
|
|
"license": "Apache-2.0",
|
|
"bin": {
|
|
"nemoclaw": "./bin/nemoclaw.js",
|
|
"nemohermes": "./bin/nemohermes.js",
|
|
"nemo-deepagents": "./bin/nemoclaw.js"
|
|
},
|
|
"oclif": {
|
|
"bin": "nemoclaw",
|
|
"commands": {
|
|
"strategy": "pattern",
|
|
"target": "./dist/commands"
|
|
},
|
|
"flexibleTaxonomy": true,
|
|
"topicSeparator": " "
|
|
},
|
|
"scripts": {
|
|
"preinstall": "node scripts/check-node-version.js",
|
|
"dev:doctor": "bash scripts/dev-setup.sh --doctor",
|
|
"test": "npm run clean:cli && npm --prefix nemoclaw run clean && npm run build:cli && npm --prefix nemoclaw run build && vitest run --project cli --project integration --project installer-integration --project package-contract --project plugin --project e2e-support",
|
|
"test:spec": "npm test -- --reporter=tree",
|
|
"test:fast": "npm run clean:cli && vitest run --project cli --project plugin --project e2e-support",
|
|
"test:integration": "npm run clean:cli && npm run build:cli && vitest run --project integration --project installer-integration",
|
|
"test:package": "npm run clean:cli && npm --prefix nemoclaw run clean && npm run build:cli && npm --prefix nemoclaw run build && vitest run --project package-contract",
|
|
"test:live-e2e": "NEMOCLAW_RUN_LIVE_E2E=1 vitest run --project e2e-live",
|
|
"test:imports:check": "tsx scripts/checks/no-test-dist-imports.ts",
|
|
"test:projects:check": "tsx scripts/checks/vitest-project-overlap.ts",
|
|
"test:titles:check": "tsx scripts/checks/test-title-style.ts",
|
|
"check": "npx prek run --all-files",
|
|
"checks": "tsx scripts/checks/run.ts",
|
|
"lint": "npx @biomejs/biome lint . && npm run checks",
|
|
"lint:fix": "npx @biomejs/biome lint --write . && npm run checks",
|
|
"lint:ts": "cd nemoclaw && npm run check",
|
|
"format": "npx @biomejs/biome format --write .",
|
|
"format:check": "npx @biomejs/biome format .",
|
|
"format:ts": "cd nemoclaw && npm run lint:fix && npm run format",
|
|
"check:installer-hash": "bash scripts/check-installer-hash.sh",
|
|
"typecheck": "tsc -p jsconfig.json",
|
|
"build:cli": "tsc -p tsconfig.src.json && node dist/lib/cli/generate-oclif-metadata-manifest.js && if find nemoclaw-blueprint/scripts -name '*.ts' -print -quit | grep -q .; then tsc -p nemoclaw-blueprint/tsconfig.json; fi",
|
|
"clean:cli": "node -e \"require('node:fs').rmSync('dist', { recursive: true, force: true })\"",
|
|
"typecheck:cli": "tsc -p tsconfig.cli.json",
|
|
"validate:configs": "tsx scripts/validate-configs.ts",
|
|
"type-safety:hotspots": "tsx scripts/type-safety-hotspots.ts",
|
|
"source-shape:scan": "tsx scripts/find-source-shape-tests.ts --metrics",
|
|
"source-shape:check": "tsx scripts/find-source-shape-tests.ts --check",
|
|
"test-size:check": "tsx scripts/check-test-file-size-budget.ts",
|
|
"test-conditionals:scan": "tsx scripts/find-test-conditionals.ts",
|
|
"bump:version": "tsx scripts/bump-version.ts",
|
|
"release:plan": "tsx scripts/release-plan.ts",
|
|
"release:cut": "bash scripts/release-cut-tag.sh",
|
|
"release:wait-latest": "bash scripts/release-wait-latest.sh",
|
|
"release:notes-data": "tsx scripts/release-notes-data.ts",
|
|
"docs": "npm run docs:strict",
|
|
"docs:deps": "node -p \"require('./fern/fern.config.json').version\" | xargs -I {} npx --yes fern-api@{} --version",
|
|
"docs:sync-agent-variants": "tsx scripts/sync-agent-variant-docs.ts",
|
|
"docs:check-agent-variants": "tsx scripts/sync-agent-variant-docs.ts --check",
|
|
"docs:strict": "npm run docs:check-agent-variants && FERN_VERSION=$(node -p \"require('./fern/fern.config.json').version\") && cd fern && npx --yes \"fern-api@${FERN_VERSION}\" check",
|
|
"docs:live": "FERN_VERSION=$(node -p \"require('./fern/fern.config.json').version\") && cd fern && npx --yes \"fern-api@${FERN_VERSION}\" docs dev",
|
|
"docs:preview:watch": "tsx scripts/watch-fern-preview.ts",
|
|
"docs:clean": "rm -rf .fern-cache fern/.fern-cache docs/_build",
|
|
"prepare": "if command -v tsc >/dev/null 2>&1 || [ -x node_modules/.bin/tsc ]; then npm run build:cli; fi && (npm install --omit=dev --ignore-scripts 2>/dev/null || true) && if [ -d .git ]; then bash scripts/npm-link-or-shim.sh; if command -v prek >/dev/null 2>&1; then prek install; else echo \"Skipping git hook setup (prek not installed)\"; fi; fi",
|
|
"prepublishOnly": "git describe --tags --match 'v*' | sed 's/^v//' > .version && test -s .version && cd nemoclaw && env -u npm_config_global -u npm_config_prefix -u npm_config_omit npm install --ignore-scripts && ./node_modules/.bin/tsc"
|
|
},
|
|
"dependencies": {
|
|
"@aws-sdk/client-bedrock-runtime": "3.1046.0",
|
|
"@oclif/core": "^4.10.5",
|
|
"execa": "^9.6.1",
|
|
"js-yaml": "^4.1.1",
|
|
"p-retry": "^4.6.2",
|
|
"qrcode-terminal": "^0.12.0",
|
|
"yaml": "^2.8.3"
|
|
},
|
|
"bundleDependencies": [
|
|
"p-retry"
|
|
],
|
|
"files": [
|
|
".version",
|
|
"bin/",
|
|
"dist/",
|
|
"nemoclaw/dist/",
|
|
"nemoclaw/openclaw.plugin.json",
|
|
"nemoclaw/package.json",
|
|
"nemoclaw-blueprint/",
|
|
"scripts/",
|
|
"Dockerfile",
|
|
".dockerignore"
|
|
],
|
|
"engines": {
|
|
"node": ">=22.16.0"
|
|
},
|
|
"repository": {
|
|
"type": "git",
|
|
"url": "https://github.com/NVIDIA/NemoClaw.git"
|
|
},
|
|
"devDependencies": {
|
|
"@biomejs/biome": "^2.4.14",
|
|
"@commitlint/cli": "^20.5.0",
|
|
"@commitlint/config-conventional": "^20.5.0",
|
|
"@earendil-works/pi-coding-agent": "0.74.0",
|
|
"@j178/prek": "^0.3.6",
|
|
"@types/node": "^25.5.2",
|
|
"@vitest/coverage-v8": "^4.1.0",
|
|
"ajv": "^8.17.0",
|
|
"tsx": "^4.21.0",
|
|
"typescript": "^6.0.2",
|
|
"vitest": "^4.1.9"
|
|
}
|
|
}
|