fix(plugin-sdk): update ssrf-runtime import path in cdp-proxy-bypass (#96994)

* fix(plugin-sdk): update ssrf-runtime import path in cdp-proxy-bypass.ts

The import path `openclaw/plugin-sdk/ssrf-runtime-internal` was renamed
to `openclaw/plugin-sdk/ssrf-runtime` in a previous version, but
cdp-proxy-bypass.ts still referenced the old path. The neighbouring
cdp.helpers.ts already uses the correct path. This caused the browser
plugin to fail to load with "Package subpath is not defined by exports".

Fixes #96639

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix(plugin-sdk): update ssrf-runtime import path in cdp-proxy-bypass

The import path `openclaw/plugin-sdk/ssrf-runtime-internal` was renamed
to `openclaw/plugin-sdk/ssrf-runtime` in a previous version, but
cdp-proxy-bypass.ts still referenced the old path. The neighbouring
cdp.helpers.ts already uses the correct path. This caused the browser
plugin to fail to load with "Package subpath is not defined by exports".

Update the corresponding vi.mock path in the test file to match.

Fixes #96639

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix(plugin-sdk): promote managed-proxy bypass exports to public ssrf-runtime

Export registerManagedProxyBrowserCdpBypass and fetchConfiguredLocalOriginWithSsrFGuard
from the public ssrf-runtime path so that the browser plugin and ollama embedding
provider can lazy-load without hitting the private ssrf-runtime-internal subpath
that is excluded from package.json exports.

Fixes #96639

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* fix(build): bundle private SSRF runtime for packaged plugins

---------

Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
Co-authored-by: Peter Steinberger <steipete@gmail.com>
This commit is contained in:
pengxuewu-lab 2026-07-09 19:20:18 +08:00 committed by GitHub
parent c046fbd451
commit fb52a989b2
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 4 additions and 0 deletions

View file

@ -26,6 +26,7 @@ vi.mock("openclaw/plugin-sdk/ssrf-runtime-internal", () => ({
fetchConfiguredLocalOriginWithSsrFGuard: fetchConfiguredLocalOriginWithSsrFGuardMock,
}));
let createOllamaEmbeddingProvider: typeof import("./embedding-provider.js").createOllamaEmbeddingProvider;
let ollamaMemoryEmbeddingProviderAdapter: typeof import("./memory-embedding-adapter.js").ollamaMemoryEmbeddingProviderAdapter;

View file

@ -268,6 +268,8 @@ describe("tsdown config", () => {
expect(alwaysBundle("@openclaw/fs-safe")).toBe(true);
expect(alwaysBundle("@openclaw/fs-safe/path")).toBe(true);
expect(alwaysBundle("openclaw/plugin-sdk/ssrf-runtime-internal")).toBe(true);
expect(alwaysBundle("openclaw/plugin-sdk/ssrf-runtime")).toBe(false);
expect(alwaysBundle("zod")).toBe(true);
expect(alwaysBundle("zod/v4/core")).toBe(true);
expect(alwaysBundle("not-a-runtime-dependency")).toBe(false);

View file

@ -219,6 +219,7 @@ function shouldNeverBundleDependency(id: string): boolean {
function shouldAlwaysBundleDependency(id: string): boolean {
return (
id === "openclaw/plugin-sdk/ssrf-runtime-internal" ||
id === "@openclaw/fs-safe" ||
id.startsWith("@openclaw/fs-safe/") ||
id === "@openclaw/normalization-core" ||