Compare commits

..

No commits in common. "main" and "v1.1.0" have entirely different histories.
main ... v1.1.0

15 changed files with 1412 additions and 1545 deletions

View file

@ -1,93 +0,0 @@
# Contributing to OpenDia
Love to have your help making OpenDia better. It has two moving parts — a local
**MCP server** (`opendia-mcp/`) and a **browser extension** (`opendia-extension/`)
that talk to each other over a local WebSocket — and this guide covers building
both and landing a PR.
## Ways to contribute
- **MCP server** fixes/features (`opendia-mcp/` — Node, exposes the browser tools).
- **Extension** work (`opendia-extension/` — MV3 background/content scripts, popup;
builds for Chrome and Firefox).
- **New browser tools / site support** — bridging a new capability across the
server and extension.
- **Docs** — setup, tunnel mode, client compatibility.
## Before you start
- **Fork and branch from `main`.** Use a descriptive branch name (`feat/…`,
`fix/…`, `docs/…`).
- **One change per PR.** Keep server and extension changes coherent — if a new tool
needs both sides, that's one PR; unrelated refactors are separate.
- **Title as a [Conventional Commit](https://www.conventionalcommits.org/)**
`feat: …`, `fix: …`, `docs: …`. PRs are squash-merged, so the title becomes the
commit subject.
- **Mind the security surface.** The extension holds broad permissions and the
server can be tunneled publicly — read [`SECURITY.md`](SECURITY.md) before
touching the bridge, permissions, or tunnel code.
## Development setup
**Prerequisites:** Node.js 20+.
```bash
git clone https://github.com/aeonfun/opendia.git && cd opendia
# 1. Start the MCP server
cd opendia-mcp
npm install
npm start # ws://localhost:5555, sse http://localhost:5556
# 2. Build + load the extension (in another shell)
cd ../opendia-extension
npm install
npm run build # builds dist/chrome and dist/firefox
```
Load the built extension:
- **Chrome**`chrome://extensions/` → enable Developer mode → **Load unpacked**
`opendia-extension/dist/chrome`
- **Firefox**`about:debugging#/runtime/this-firefox` → **Load Temporary Add-on**
`opendia-extension/dist/firefox/manifest.json`
The extension auto-connects to the server on `localhost:5555`.
## Testing & CI
CI (`.github/workflows/ci.yml`) runs on every push and PR. Reproduce it locally
before pushing:
```bash
# MCP server
cd opendia-mcp && npm ci && node --check server.js
# Extension
cd opendia-extension && npm ci
npm run build # Chrome + Firefox builds
node build.js validate # validate the builds
node test-extension.js # structure tests
npx web-ext lint --source-dir=dist/firefox --self-hosted # Firefox lint
```
## Submitting a pull request
- Keep the diff focused and the title conventional; it becomes the squash commit.
- Explain **what** changed and **why**; link the issue (`Fixes #123`).
- Reproduce the CI steps above locally and confirm they pass.
- If you changed permissions, the tunnel, or the message bridge, call it out
explicitly in the description — those touch the trust boundary.
## Reporting bugs & requesting features
Open an issue with repro steps, your browser + version, OpenDia version, whether
you ran in default or `--tunnel` mode, and what you expected vs. what happened.
**Found a security problem?** Don't open an issue — follow
[`SECURITY.md`](SECURITY.md) and report it privately.
## License
By contributing, you agree that your contributions are licensed under the
repository's [LICENSE](../LICENSE) (MIT).

111
.github/SECURITY.md vendored
View file

@ -1,111 +0,0 @@
# Security Policy
OpenDia connects an AI model to your real browser. The extension holds broad
permissions — `<all_urls>` host access, plus `tabs`, `history`, `bookmarks`,
`cookies`/sessions, `scripting`, and `webNavigation` — and a local MCP server
exposes browser control over `ws://localhost:5555` (and `http://localhost:5556/sse`),
optionally tunneled to the public internet. That is a large, sensitive attack
surface, so this policy is deliberate about what's in scope and how to report a
problem privately.
## Reporting a vulnerability
**Please don't open a public issue for a security problem.** Use GitHub's
**Private Vulnerability Reporting (PVR)** instead:
➡️ **[Report a vulnerability](https://github.com/aeonfun/opendia/security/advisories/new)**
(Repo → **Security** tab → **Report a vulnerability**.) This opens a private
advisory that only the maintainers can see — never a public issue, so a fix can
ship before the details are out.
Please include what you can:
- Which component is affected — the **extension** (`opendia-extension/`:
`background.js`, `content.js`, popup) or the **MCP server** (`opendia-mcp/`).
- A minimal reproduction or proof of concept.
- The impact you can demonstrate — a web page or another extension driving the
browser through the MCP bridge, exfiltration of cookies/history/bookmarks,
cross-origin action with the user's live sessions, or exposure of the local
server beyond the intended trust boundary.
- Browser + version (Chrome/Firefox/Chromium), OpenDia version, and whether you
were running in default or `--tunnel` mode.
**Response targets** — best effort; this is a small project:
| Stage | Target |
|-------|--------|
| Acknowledge the report | within 7 days |
| Initial assessment / severity | within 14 days |
| Fix or mitigation on `main` | as fast as the severity warrants |
We follow **coordinated disclosure**: please give us a reasonable window to ship
a fix before you disclose publicly. We'll credit you in the advisory unless you'd
rather stay anonymous.
## Supported versions
Security fixes land on the `main` branch of
[`aeonfun/opendia`](https://github.com/aeonfun/opendia) and the latest
published [`opendia`](https://www.npmjs.com/package/opendia) npm release + extension
build.
| Version | Supported |
|---------|-----------|
| `main` / latest npm + extension build | ✅ Yes |
| Older releases | ❌ No — update to latest |
## Security model
The trust boundary is **your machine**. The MCP server and extension are designed
to talk only to each other, locally.
- **The local server is localhost-scoped by default.** The extension auto-connects
to `ws://localhost:5555`; SSE is on `http://localhost:5556`. Anything that lets an
arbitrary web page or a *different* extension reach that bridge and issue browser
actions is a serious finding.
- **`--tunnel` mode is opt-in and public.** `npx opendia --tunnel` publishes the
local server through an ngrok tunnel so a remote client (e.g. ChatGPT) can reach
it. **Anyone who learns that URL can drive your browser with your logged-in
sessions.** Treat the tunnel URL as a secret, only enable it when you need it, and
shut it down afterward. Weaknesses in how the tunnel is exposed or authenticated
are in scope.
- **The extension acts as you.** Because it uses your existing cookies, sessions,
and saved credentials, every action runs with your authority. Only pair OpenDia
with an AI client you trust — a malicious or prompt-injected model can ask the
browser to do anything you can.
- **Untrusted page content is data, not instructions.** Page text the model reads
can contain injection attempts; content that escalates into unintended browser
actions or data exfiltration is in scope.
- **Nothing is sent to us.** OpenDia does no cloud processing and no telemetry —
your browsing data stays local. A code path that ships browser data to a
third party is a bug, report it.
## Scope
**In scope:**
- A web page or third-party extension issuing MCP/browser actions through the
local bridge (e.g. via `externally_connectable` or an unauthenticated WS/SSE).
- Exfiltration of cookies, history, bookmarks, stored credentials, or open-tab
content beyond the intended local flow.
- The `--tunnel` path exposing the server without adequate protection.
- Prompt injection from page content that crosses into unintended actions.
- Code execution or privilege escalation in the extension or server.
**Out of scope:**
- Intended behavior of a **trusted** AI client you connected — OpenDia deliberately
gives it broad browser control (this is documented; only use trusted models).
- Running `--tunnel` and sharing the URL publicly yourself.
- The anti-detection bypasses functioning as designed on Twitter/X, LinkedIn,
Facebook (a site's own ToS/detection is between you and that site).
- Vulnerabilities in the browser, ngrok, or the AI client — report to that vendor.
---
> **Maintainers:** the Report-a-vulnerability link only works once PVR is enabled
> — **Settings → Code security and analysis → Private vulnerability reporting →
> Enable**.
Thanks for helping keep OpenDia and the people who run it safe.

View file

@ -1,43 +0,0 @@
version: 2
updates:
# MCP server (Node.js)
- package-ecosystem: npm
directory: /opendia-mcp
schedule:
interval: weekly
open-pull-requests-limit: 5
commit-message:
prefix: chore(mcp-deps)
groups:
mcp-minor-and-patch:
update-types:
- minor
- patch
# Browser extension (Node.js)
- package-ecosystem: npm
directory: /opendia-extension
schedule:
interval: weekly
open-pull-requests-limit: 5
commit-message:
prefix: chore(ext-deps)
groups:
ext-minor-and-patch:
update-types:
- minor
- patch
# GitHub Actions used by the CI workflow
- package-ecosystem: github-actions
directory: /
schedule:
interval: weekly
open-pull-requests-limit: 5
commit-message:
prefix: chore(ci-deps)
groups:
actions-minor-and-patch:
update-types:
- minor
- patch

View file

@ -1,47 +0,0 @@
name: CI
on:
push:
branches: [main]
pull_request:
jobs:
mcp:
name: MCP server
runs-on: ubuntu-latest
defaults:
run:
working-directory: opendia-mcp
steps:
- uses: actions/checkout@v7
- uses: actions/setup-node@v6
with:
node-version: 20
cache: npm
cache-dependency-path: opendia-mcp/package-lock.json
- run: npm ci
- name: Syntax-check server
run: node --check server.js
extension:
name: Browser extension
runs-on: ubuntu-latest
defaults:
run:
working-directory: opendia-extension
steps:
- uses: actions/checkout@v7
- uses: actions/setup-node@v6
with:
node-version: 20
cache: npm
cache-dependency-path: opendia-extension/package-lock.json
- run: npm ci
- name: Build Chrome + Firefox
run: npm run build
- name: Validate builds
run: node build.js validate
- name: Structure tests
run: node test-extension.js
- name: Lint Firefox build (web-ext)
run: npx web-ext lint --source-dir=dist/firefox --self-hosted

View file

@ -1,22 +0,0 @@
name: publish
on:
push:
tags: ["v*"]
permissions:
contents: read
id-token: write
jobs:
publish:
runs-on: ubuntu-latest
defaults:
run:
working-directory: opendia-mcp
steps:
- uses: actions/checkout@v7
- uses: actions/setup-node@v6
with:
node-version: 20
registry-url: https://registry.npmjs.org
- run: npm publish --provenance --access public
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

View file

@ -1,6 +1,6 @@
MIT License
Copyright (c) 2025 Aeon Inc
Copyright (c) 2025 OpenDia Team
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal

View file

@ -1,31 +1,15 @@
<p align="center">
<img src="../opendia-extension/icons/icon-128.png" alt="OpenDia" width="120" />
</p>
# OpenDia <img src="opendia-extension/icons/icon-128.png" alt="OpenDia" width="32" height="32">
<h1 align="center">OPENDIA</h1>
**The open alternative to Dia**
Connect your browser to AI models. No browser switching needed—works seamlessly with Chrome, Firefox, and any Chromium browser.
<p align="center">
<a href="https://github.com/aeonfun/opendia/stargazers"><img src="https://img.shields.io/github/stars/aeonfun/opendia?style=flat-square&logo=github" alt="GitHub stars"></a>
<a href="https://github.com/aeonfun/opendia/network/members"><img src="https://img.shields.io/github/forks/aeonfun/opendia?style=flat-square&logo=github" alt="GitHub forks"></a>
<a href="https://www.npmjs.com/package/opendia"><img src="https://img.shields.io/npm/v/opendia?style=flat-square&logo=npm" alt="npm version"></a>
<a href="https://x.com/aeonframework"><img src="https://img.shields.io/badge/Follow-%40aeonframework-black?style=flat-square&logo=x&labelColor=000000" alt="Follow on X"></a>
<a href="https://bankr.bot/discover/0xbf8e8f0e8866a7052f948c16508644347c57aba3"><img src="https://img.shields.io/badge/Aeon%20on-Bankr-orange?style=flat-square&labelColor=1a1a2e" alt="Aeon on Bankr"></a>
</p>
[![npm version](https://img.shields.io/npm/v/opendia)](https://www.npmjs.com/package/opendia)
[![GitHub release](https://img.shields.io/github/release/aaronjmars/opendia.svg)](https://github.com/aaronjmars/opendia/releases/latest)
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
<p align="center">
<strong>The open alternative to Dia / Perplexity Comet.</strong><br>
Connect your browser to AI models &mdash; no browser switching needed. Works seamlessly with Chrome, Firefox, and any Chromium browser. Private, local-first &amp; MCP focused.
</p>
## 📺 See it in Action
<p align="center">
<img src="../preview.gif" alt="OpenDia Demo" />
</p>
<p align="center">
<sub>New to MCPs, or not technical? We recommend <a href="https://pplx.ai/leosimon">Perplexity Comet</a>.</sub>
</p>
---
![OpenDia Demo](./preview.gif)
## 🚀 What is OpenDia?
@ -48,29 +32,15 @@ OpenDia lets AI models control your browser automatically. **The key advantage?
## 🌐 Browser Support
Works with **Chrome, Firefox, and any Chromium-based browser**:
- ✅ **Google Chrome**
- ✅ **Arc**
- ✅ **Mozilla Firefox**
- ✅ **Mozilla Firefox** (Manifest V2)
- ✅ **Google Chrome** (Manifest V3)
- ✅ **Arc**
- ✅ **Microsoft Edge**
- ✅ **Brave**
- ✅ **Opera**
- ✅ **Any Chromium based browser**
Also perfect for **Cursor users** who want to automate their local testing and development workflows!
## 🔌 Compatible AI Clients
OpenDia exposes a standard MCP server, so it works with any client that speaks the protocol.
**Tested:**
- **Claude Desktop** — paste the config below, restart.
- **Claude Code** — same MCP config, runs from any terminal.
- **Cursor** — add via Settings → MCP, or paste the same JSON.
- **ChatGPT** — works with Auto-Tunnel mode (`npx opendia --tunnel`), then add the ngrok URL as a connector.
**Should work** (any MCP-compatible client): Windsurf, Zed, Continue, Cline, Goose, Open WebUI.
Wired it up with something else? Open a PR — the list grows as MCP grows.
Perfect for **Cursor users** who want to automate their local testing and development workflows!
## 🎬 What You Can Do
@ -112,14 +82,14 @@ Wired it up with something else? Open a PR — the list grows as MCP grows.
### 1. Install the Browser Extension
**For Chrome/Chromium browsers:**
1. Download `opendia-chrome-1.1.0.zip` from [releases](https://github.com/aeonfun/opendia/releases)
1. Download `opendia-chrome-1.0.6.zip` from [releases](https://github.com/aaronjmars/opendia/releases)
2. Extract the zip file to a folder
3. Go to `chrome://extensions/` (or your browser's extension page)
4. Enable "Developer mode"
5. Click "Load unpacked" and select the extracted folder
**For Firefox:**
1. Download `opendia-firefox-1.1.0.zip` from [releases](https://github.com/aeonfun/opendia/releases)
1. Download `opendia-firefox-1.0.6.zip` from [releases](https://github.com/aaronjmars/opendia/releases)
2. Extract the zip file to a folder
3. Go to `about:debugging#/runtime/this-firefox`
4. Click "Load Temporary Add-on..."
@ -130,7 +100,7 @@ Wired it up with something else? Open a PR — the list grows as MCP grows.
### 2. Connect to Your AI
**Option 1: Double-click Installation (Recommended)**
1. Download the `opendia.dxt` file from [releases](https://github.com/aeonfun/opendia/releases)
1. Download the `opendia.dxt` file from [releases](https://github.com/aaronjmars/opendia/releases)
2. Double-click the `.dxt` file to install automatically
3. The MCP will be added to your Claude Desktop configuration
@ -306,7 +276,7 @@ Love to have your help making OpenDia better!
### Quick Development Setup
```bash
git clone https://github.com/aeonfun/opendia.git
git clone https://github.com/aaronjmars/opendia.git
cd opendia
# Start the server
@ -321,7 +291,7 @@ npm start
```
### Ways to Contribute
- 🐛 **Report bugs** via [GitHub Issues](https://github.com/aeonfun/opendia/issues)
- 🐛 **Report bugs** via [GitHub Issues](https://github.com/aaronjmars/opendia/issues)
- 💡 **Share it on social medias**
- 🔧 **Add new browser capabilities**
- 📖 **Improve documentation**
@ -329,7 +299,7 @@ npm start
## 📝 License
MIT License - see [LICENSE](../LICENSE) for details.
MIT License - see [LICENSE](LICENSE) for details.
---

View file

@ -55,7 +55,7 @@ cat > dist/opendia-dxt/package.json << 'EOF'
"anti-detection",
"dxt"
],
"author": "Aeon Inc",
"author": "Aaron Elijah Mars <aaronjmars@proton.me>",
"license": "MIT",
"dependencies": {
"cors": "^2.8.5",
@ -119,13 +119,17 @@ cat > dist/opendia-dxt/manifest.json << 'EOF'
"version": "1.1.0",
"description": "🎯 OpenDia - The open alternative to Dia. Connect your browser to AI models with anti-detection bypass for Twitter/X, LinkedIn, Facebook + universal automation",
"author": {
"name": "Aeon Inc",
"url": "https://github.com/aeonfun/opendia"
"name": "Aaron Elijah Mars",
"email": "aaronjmars@proton.me",
"url": "https://github.com/aaronjmars/opendia"
},
"homepage": "https://github.com/aeonfun/opendia",
"homepage": "https://github.com/aaronjmars/opendia",
"license": "MIT",
"keywords": ["browser", "automation", "mcp", "ai", "claude", "chrome", "firefox", "extension", "twitter", "linkedin", "facebook", "anti-detection"],
"icon": "icon.png",
"icons": {
"128": "icon.png"
},
"server": {
"type": "node",
@ -149,16 +153,16 @@ cat > dist/opendia-dxt/manifest.json << 'EOF'
"title": "WebSocket Port",
"description": "Port for Chrome/Firefox extension connection",
"default": 5555,
"min": 1024,
"max": 65535
"minimum": 1024,
"maximum": 65535
},
"http_port": {
"type": "number",
"title": "HTTP Port",
"description": "Port for HTTP/SSE server",
"default": 5556,
"min": 1024,
"max": 65535
"minimum": 1024,
"maximum": 65535
},
"enable_tunnel": {
"type": "boolean",
@ -247,7 +251,30 @@ cat > dist/opendia-dxt/manifest.json << 'EOF'
"name": "page_style",
"description": "🎨 Transform page appearance with themes and effects"
}
]
],
"capabilities": {
"browser_automation": true,
"anti_detection": true,
"background_tabs": true,
"multi_tab_workflows": true,
"content_extraction": true,
"form_filling": true,
"social_media_posting": true,
"page_styling": true,
"bookmark_management": true,
"history_search": true,
"tab_management": true
},
"requirements": {
"browser_extension": {
"name": "OpenDia Browser Extension",
"description": "Required Chrome/Firefox extension for browser automation by Aaron Elijah Mars",
"version": "1.1.0",
"auto_install": false
}
}
}
EOF
@ -268,7 +295,7 @@ cp LICENSE dist/opendia-dxt/ 2>/dev/null || echo "⚠️ LICENSE not found, ski
cat > dist/opendia-dxt/EXTENSION_INSTALL.md << 'EOF'
# OpenDia Browser Extension Installation
**🔗 Official Repository:** https://github.com/aeonfun/opendia
**🔗 Official Repository:** https://github.com/aaronjmars/opendia
## Complete Installation Guide
@ -278,7 +305,7 @@ cat > dist/opendia-dxt/EXTENSION_INSTALL.md << 'EOF'
### Step 2: Install Browser Extension
**📦 Get Latest Extension:**
Download the latest extension from: https://github.com/aeonfun/opendia/releases
Download the latest extension from: https://github.com/aaronjmars/opendia/releases
**Or use the included extension in this DXT package:**
@ -329,9 +356,9 @@ Download the latest extension from: https://github.com/aeonfun/opendia/releases
## Getting Help
- **📖 Full Documentation:** https://github.com/aeonfun/opendia
- **🐛 Report Issues:** https://github.com/aeonfun/opendia/issues
- **💬 Discussions:** https://github.com/aeonfun/opendia/discussions
- **📖 Full Documentation:** https://github.com/aaronjmars/opendia
- **🐛 Report Issues:** https://github.com/aaronjmars/opendia/issues
- **💬 Discussions:** https://github.com/aaronjmars/opendia/discussions
## What's Next?

View file

@ -32,7 +32,7 @@
"src/polyfill/browser-polyfill.min.js",
"src/background/background.js"
],
"persistent": true
"persistent": false
},
"browser_action": {
"default_popup": "src/popup/popup.html",

File diff suppressed because it is too large Load diff

View file

@ -16,13 +16,13 @@
"mcp",
"browser-automation"
],
"author": "Aeon Inc",
"author": "Aaron J Mars",
"license": "MIT",
"dependencies": {
"webextension-polyfill": "^0.12.0"
},
"devDependencies": {
"fs-extra": "^11.3.6",
"web-ext": "^10.5.0"
"fs-extra": "^11.3.0",
"web-ext": "^8.8.0"
}
}

View file

@ -77,7 +77,7 @@ npx opendia
```
### 2. Install the Browser Extension
1. Download from [releases](https://github.com/aeonfun/opendia/releases)
1. Download from [releases](https://github.com/aaronjmars/opendia/releases)
2. Go to `chrome://extensions/` (or your browser's extension page)
3. Enable "Developer mode"
4. Click "Load unpacked" and select the extension folder
@ -180,7 +180,7 @@ Love to have your help making OpenDia better!
### Quick Development Setup
```bash
git clone https://github.com/aeonfun/opendia.git
git clone https://github.com/aaronjmars/opendia.git
cd opendia
# Start the server
@ -193,7 +193,7 @@ npm start
```
### Ways to Contribute
- 🐛 **Report bugs** via [GitHub Issues](https://github.com/aeonfun/opendia/issues)
- 🐛 **Report bugs** via [GitHub Issues](https://github.com/aaronjmars/opendia/issues)
- 💡 **Share it on social medias**
- 🔧 **Add new browser capabilities**
- 📖 **Improve documentation**
@ -201,7 +201,7 @@ npm start
## 📝 License
MIT License - see [LICENSE](../LICENSE) for details.
MIT License - see [LICENSE](LICENSE) for details.
---

View file

@ -1,16 +1,16 @@
{
"name": "opendia",
"version": "1.1.0",
"version": "1.0.6",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "opendia",
"version": "1.1.0",
"version": "1.0.6",
"license": "MIT",
"dependencies": {
"cors": "^2.8.5",
"express": "^5.2.1",
"express": "^4.21.2",
"ws": "^8.18.0"
},
"bin": {
@ -21,53 +21,46 @@
}
},
"node_modules/accepts": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/accepts/-/accepts-2.0.0.tgz",
"integrity": "sha512-5cvg6CtKwfgdmVqY1WIiXKc3Q1bkRqGLi+2W/6ao+6Y7gu/RCwRuAhGEzh5B4KlszSuTLgZYuqFqo5bImjNKng==",
"version": "1.3.8",
"resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.8.tgz",
"integrity": "sha512-PYAthTa2m2VKxuvSD3DPC/Gy+U+sOA1LAuT8mkmRuvw+NACSaeXEQ+NHcVF7rONl6qcaxV3Uuemwawk+7+SJLw==",
"license": "MIT",
"dependencies": {
"mime-types": "^3.0.0",
"negotiator": "^1.0.0"
"mime-types": "~2.1.34",
"negotiator": "0.6.3"
},
"engines": {
"node": ">= 0.6"
}
},
"node_modules/array-flatten": {
"version": "1.1.1",
"resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz",
"integrity": "sha512-PCVAQswWemu6UdxsDFFX/+gVeYqKAod3D3UVm91jHwynguOwAvYPhx8nNlM++NqRcK6CxxpUafjmhIdKiHibqg==",
"license": "MIT"
},
"node_modules/body-parser": {
"version": "2.3.0",
"resolved": "https://registry.npmjs.org/body-parser/-/body-parser-2.3.0.tgz",
"integrity": "sha512-2cGmJupaNgg+QUwVLAucDuWuoMZ6EX9iHDRswZ5lsNYEmwPaRknMPCLZz07yTzVq/83p4o/wzbDZbBrTvGGTIw==",
"version": "1.20.3",
"resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz",
"integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==",
"license": "MIT",
"dependencies": {
"bytes": "^3.1.2",
"content-type": "^2.0.0",
"debug": "^4.4.3",
"http-errors": "^2.0.1",
"iconv-lite": "^0.7.2",
"on-finished": "^2.4.1",
"qs": "^6.15.2",
"raw-body": "^3.0.2",
"type-is": "^2.1.0"
"bytes": "3.1.2",
"content-type": "~1.0.5",
"debug": "2.6.9",
"depd": "2.0.0",
"destroy": "1.2.0",
"http-errors": "2.0.0",
"iconv-lite": "0.4.24",
"on-finished": "2.4.1",
"qs": "6.13.0",
"raw-body": "2.5.2",
"type-is": "~1.6.18",
"unpipe": "1.0.0"
},
"engines": {
"node": ">=18"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
}
},
"node_modules/body-parser/node_modules/content-type": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/content-type/-/content-type-2.0.0.tgz",
"integrity": "sha512-j/O/d7GcZCyNl7/hwZAb606rzqkyvaDctLmckbxLzHvFBzTJHuGEdodATcP3yIRoDrLHkIATJuvzbFlp/ki2cQ==",
"license": "MIT",
"engines": {
"node": ">=18"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
"node": ">= 0.8",
"npm": "1.2.8000 || >= 1.4.16"
}
},
"node_modules/bytes": {
@ -93,7 +86,7 @@
}
},
"node_modules/call-bound": {
"version": "1.0.4",
"version": "1.0.5",
"resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.4.tgz",
"integrity": "sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg==",
"license": "MIT",
@ -109,16 +102,15 @@
}
},
"node_modules/content-disposition": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-1.1.0.tgz",
"integrity": "sha512-5jRCH9Z/+DRP7rkvY83B+yGIGX96OYdJmzngqnw2SBSxqCFPd0w2km3s5iawpGX8krnwSGmF0FW5Nhr0Hfai3g==",
"version": "0.5.4",
"resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.4.tgz",
"integrity": "sha512-FveZTNuGw04cxlAiWbzi6zTAL/lhehaWbTtgluJh4/E95DqMwTmha3KZN1aAWA8cFIhHzMZUvLevkw5Rqk+tSQ==",
"license": "MIT",
"engines": {
"node": ">=18"
"dependencies": {
"safe-buffer": "5.2.1"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
"engines": {
"node": ">= 0.6"
}
},
"node_modules/content-type": {
@ -140,18 +132,15 @@
}
},
"node_modules/cookie-signature": {
"version": "1.2.2",
"resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.2.2.tgz",
"integrity": "sha512-D76uU73ulSXrD1UXF4KE2TMxVVwhsnCgfAyTg9k8P6KGZjlXKrOLe4dJQKI3Bxi5wjesZoFXJWElNWBjPZMbhg==",
"license": "MIT",
"engines": {
"node": ">=6.6.0"
}
"version": "1.0.6",
"resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz",
"integrity": "sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==",
"license": "MIT"
},
"node_modules/cors": {
"version": "2.8.6",
"resolved": "https://registry.npmjs.org/cors/-/cors-2.8.6.tgz",
"integrity": "sha512-tJtZBBHA6vjIAaF6EnIaq6laBBP9aq/Y3ouVJjEfoHbRBcHBAHYcMh/w8LDrk2PvIMMq8gmopa5D4V8RmbrxGw==",
"version": "2.8.5",
"resolved": "https://registry.npmjs.org/cors/-/cors-2.8.5.tgz",
"integrity": "sha512-KIHbLJqu73RGr/hnbrO9uBeixNGuvSQjul/jdFvS/KFSIH1hWVd1ng7zOHx+YrEfInLG7q4n6GHQ9cDtxv/P6g==",
"license": "MIT",
"dependencies": {
"object-assign": "^4",
@ -159,27 +148,15 @@
},
"engines": {
"node": ">= 0.10"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
}
},
"node_modules/debug": {
"version": "4.4.3",
"resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
"integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
"version": "2.6.9",
"resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
"integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==",
"license": "MIT",
"dependencies": {
"ms": "^2.1.3"
},
"engines": {
"node": ">=6.0"
},
"peerDependenciesMeta": {
"supports-color": {
"optional": true
}
"ms": "2.0.0"
}
},
"node_modules/depd": {
@ -191,6 +168,16 @@
"node": ">= 0.8"
}
},
"node_modules/destroy": {
"version": "1.2.0",
"resolved": "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz",
"integrity": "sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg==",
"license": "MIT",
"engines": {
"node": ">= 0.8",
"npm": "1.2.8000 || >= 1.4.16"
}
},
"node_modules/dunder-proto": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz",
@ -239,9 +226,9 @@
}
},
"node_modules/es-object-atoms": {
"version": "1.1.2",
"resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.2.tgz",
"integrity": "sha512-HWcBoN6NileqtSydK2FqHbS/LoDd2pqrnQHLyJzBj4kOp/ky2MWMN694xOfkK8/SnUsW2DH7EfyVlydKCsm1Zw==",
"version": "1.1.1",
"resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz",
"integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==",
"license": "MIT",
"dependencies": {
"es-errors": "^1.3.0"
@ -266,42 +253,45 @@
}
},
"node_modules/express": {
"version": "5.2.1",
"resolved": "https://registry.npmjs.org/express/-/express-5.2.1.tgz",
"integrity": "sha512-hIS4idWWai69NezIdRt2xFVofaF4j+6INOpJlVOLDO8zXGpUVEVzIYk12UUi2JzjEzWL3IOAxcTubgz9Po0yXw==",
"version": "4.21.2",
"resolved": "https://registry.npmjs.org/express/-/express-4.21.2.tgz",
"integrity": "sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA==",
"license": "MIT",
"dependencies": {
"accepts": "^2.0.0",
"body-parser": "^2.2.1",
"content-disposition": "^1.0.0",
"content-type": "^1.0.5",
"cookie": "^0.7.1",
"cookie-signature": "^1.2.1",
"debug": "^4.4.0",
"depd": "^2.0.0",
"encodeurl": "^2.0.0",
"escape-html": "^1.0.3",
"etag": "^1.8.1",
"finalhandler": "^2.1.0",
"fresh": "^2.0.0",
"http-errors": "^2.0.0",
"merge-descriptors": "^2.0.0",
"mime-types": "^3.0.0",
"on-finished": "^2.4.1",
"once": "^1.4.0",
"parseurl": "^1.3.3",
"proxy-addr": "^2.0.7",
"qs": "^6.14.0",
"range-parser": "^1.2.1",
"router": "^2.2.0",
"send": "^1.1.0",
"serve-static": "^2.2.0",
"statuses": "^2.0.1",
"type-is": "^2.0.1",
"vary": "^1.1.2"
"accepts": "~1.3.8",
"array-flatten": "1.1.1",
"body-parser": "1.20.3",
"content-disposition": "0.5.4",
"content-type": "~1.0.4",
"cookie": "0.7.1",
"cookie-signature": "1.0.6",
"debug": "2.6.9",
"depd": "2.0.0",
"encodeurl": "~2.0.0",
"escape-html": "~1.0.3",
"etag": "~1.8.1",
"finalhandler": "1.3.1",
"fresh": "0.5.2",
"http-errors": "2.0.0",
"merge-descriptors": "1.0.3",
"methods": "~1.1.2",
"on-finished": "2.4.1",
"parseurl": "~1.3.3",
"path-to-regexp": "0.1.12",
"proxy-addr": "~2.0.7",
"qs": "6.13.0",
"range-parser": "~1.2.1",
"safe-buffer": "5.2.1",
"send": "0.19.0",
"serve-static": "1.16.2",
"setprototypeof": "1.2.0",
"statuses": "2.0.1",
"type-is": "~1.6.18",
"utils-merge": "1.0.1",
"vary": "~1.1.2"
},
"engines": {
"node": ">= 18"
"node": ">= 0.10.0"
},
"funding": {
"type": "opencollective",
@ -309,24 +299,21 @@
}
},
"node_modules/finalhandler": {
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-2.1.1.tgz",
"integrity": "sha512-S8KoZgRZN+a5rNwqTxlZZePjT/4cnm0ROV70LedRHZ0p8u9fRID0hJUZQpkKLzro8LfmC8sx23bY6tVNxv8pQA==",
"version": "1.3.1",
"resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.3.1.tgz",
"integrity": "sha512-6BN9trH7bp3qvnrRyzsBz+g3lZxTNZTbVO2EV1CS0WIcDbawYVdYvGflME/9QP0h0pYlCDBCTjYa9nZzMDpyxQ==",
"license": "MIT",
"dependencies": {
"debug": "^4.4.0",
"encodeurl": "^2.0.0",
"escape-html": "^1.0.3",
"on-finished": "^2.4.1",
"parseurl": "^1.3.3",
"statuses": "^2.0.1"
"debug": "2.6.9",
"encodeurl": "~2.0.0",
"escape-html": "~1.0.3",
"on-finished": "2.4.1",
"parseurl": "~1.3.3",
"statuses": "2.0.1",
"unpipe": "~1.0.0"
},
"engines": {
"node": ">= 18.0.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
"node": ">= 0.8"
}
},
"node_modules/forwarded": {
@ -339,12 +326,12 @@
}
},
"node_modules/fresh": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/fresh/-/fresh-2.0.0.tgz",
"integrity": "sha512-Rx/WycZ60HOaqLKAi6cHRKKI7zxWbJ31MhntmtwMoaTeF7XFH9hhBp8vITaMidfljRQ6eYWCKkaTK+ykVJHP2A==",
"version": "0.5.2",
"resolved": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz",
"integrity": "sha512-zJ2mQYM18rEFOudeV4GShTGIQ7RbzA7ozbU9I/XBpm7kqgMywgmylMwXHxZJmkVoYkna9d2pVXVXPdYTP9ej8Q==",
"license": "MIT",
"engines": {
"node": ">= 0.8"
"node": ">= 0.6"
}
},
"node_modules/function-bind": {
@ -418,9 +405,9 @@
}
},
"node_modules/hasown": {
"version": "2.0.4",
"resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.4.tgz",
"integrity": "sha512-T2UbfbBEF32wiepXIsMlTW9+dDYC6wMh/t/vYA4tuOMKqWz/n3vr1NFSxQiyP+zk2mXsoMA/i/7qV6LKut1t1A==",
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz",
"integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==",
"license": "MIT",
"dependencies": {
"function-bind": "^1.1.2"
@ -430,39 +417,31 @@
}
},
"node_modules/http-errors": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz",
"integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==",
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz",
"integrity": "sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ==",
"license": "MIT",
"dependencies": {
"depd": "~2.0.0",
"inherits": "~2.0.4",
"setprototypeof": "~1.2.0",
"statuses": "~2.0.2",
"toidentifier": "~1.0.1"
"depd": "2.0.0",
"inherits": "2.0.4",
"setprototypeof": "1.2.0",
"statuses": "2.0.1",
"toidentifier": "1.0.1"
},
"engines": {
"node": ">= 0.8"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
}
},
"node_modules/iconv-lite": {
"version": "0.7.2",
"resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.7.2.tgz",
"integrity": "sha512-im9DjEDQ55s9fL4EYzOAv0yMqmMBSZp6G0VvFyTMPKWxiSBHUj9NW/qqLmXUwXrrM7AvqSlTCfvqRb0cM8yYqw==",
"version": "0.4.24",
"resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz",
"integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==",
"license": "MIT",
"dependencies": {
"safer-buffer": ">= 2.1.2 < 3.0.0"
"safer-buffer": ">= 2.1.2 < 3"
},
"engines": {
"node": ">=0.10.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
}
},
"node_modules/inherits": {
@ -480,12 +459,6 @@
"node": ">= 0.10"
}
},
"node_modules/is-promise": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/is-promise/-/is-promise-4.0.0.tgz",
"integrity": "sha512-hvpoI6korhJMnej285dSg6nu1+e6uxs7zG3BYAm5byqDsgJNWwxzM6z6iZiAgQR4TJ30JmBTOwqZUw3WlyH3AQ==",
"license": "MIT"
},
"node_modules/math-intrinsics": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz",
@ -496,61 +469,75 @@
}
},
"node_modules/media-typer": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/media-typer/-/media-typer-1.1.0.tgz",
"integrity": "sha512-aisnrDP4GNe06UcKFnV5bfMNPBUw4jsLGaWwWfnH3v02GnBuXX2MCVn5RbrWo0j3pczUilYblq7fQ7Nw2t5XKw==",
"version": "0.3.0",
"resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz",
"integrity": "sha512-dq+qelQ9akHpcOl/gUVRTxVIOkAJ1wR3QAvb4RsVjS8oVoFjDGTc679wJYmUmknUF5HwMLOgb5O+a3KxfWapPQ==",
"license": "MIT",
"engines": {
"node": ">= 0.8"
"node": ">= 0.6"
}
},
"node_modules/merge-descriptors": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-2.0.0.tgz",
"integrity": "sha512-Snk314V5ayFLhp3fkUREub6WtjBfPdCPY1Ln8/8munuLuiYhsABgBVWsozAG+MWMbVEvcdcpbi9R7ww22l9Q3g==",
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.3.tgz",
"integrity": "sha512-gaNvAS7TZ897/rVaZ0nMtAyxNyi/pdbjbAwUpFQpN70GqnVfOiXpeUUMKRBmzXaSQ8DdTX4/0ms62r2K+hE6mQ==",
"license": "MIT",
"engines": {
"node": ">=18"
},
"funding": {
"url": "https://github.com/sponsors/sindresorhus"
}
},
"node_modules/methods": {
"version": "1.1.2",
"resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz",
"integrity": "sha512-iclAHeNqNm68zFtnZ0e+1L2yUIdvzNoauKU4WBA3VvH/vPFieF7qfRlwUZU+DA9P9bPXIS90ulxoUoCH23sV2w==",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/mime": {
"version": "1.6.0",
"resolved": "https://registry.npmjs.org/mime/-/mime-1.6.0.tgz",
"integrity": "sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg==",
"license": "MIT",
"bin": {
"mime": "cli.js"
},
"engines": {
"node": ">=4"
}
},
"node_modules/mime-db": {
"version": "1.54.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.54.0.tgz",
"integrity": "sha512-aU5EJuIN2WDemCcAp2vFBfp/m4EAhWJnUNSSw0ixs7/kXbd6Pg64EmwJkNdFhB8aWt1sH2CTXrLxo/iAGV3oPQ==",
"version": "1.52.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz",
"integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/mime-types": {
"version": "3.0.2",
"resolved": "https://registry.npmjs.org/mime-types/-/mime-types-3.0.2.tgz",
"integrity": "sha512-Lbgzdk0h4juoQ9fCKXW4by0UJqj+nOOrI9MJ1sSj4nI8aI2eo1qmvQEie4VD1glsS250n15LsWsYtCugiStS5A==",
"version": "2.1.35",
"resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz",
"integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==",
"license": "MIT",
"dependencies": {
"mime-db": "^1.54.0"
"mime-db": "1.52.0"
},
"engines": {
"node": ">=18"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
"node": ">= 0.6"
}
},
"node_modules/ms": {
"version": "2.1.3",
"resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz",
"integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==",
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
"integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==",
"license": "MIT"
},
"node_modules/negotiator": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/negotiator/-/negotiator-1.0.0.tgz",
"integrity": "sha512-8Ofs/AUQh8MaEcrlq5xOX0CQ9ypTF5dl78mjlMNfOK08fzpgTHQRQPBxcPlEtIw0yRpws+Zo/3r+5WRby7u3Gg==",
"version": "0.6.3",
"resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz",
"integrity": "sha512-+EUsqGPLsM+j/zdChZjsnX51g4XrHFOIXwfnCVPGlQk/k5giakcKsuxCObBRu6DSm9opw/O6slWbJdghQM4bBg==",
"license": "MIT",
"engines": {
"node": ">= 0.6"
@ -589,15 +576,6 @@
"node": ">= 0.8"
}
},
"node_modules/once": {
"version": "1.4.0",
"resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
"integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==",
"license": "ISC",
"dependencies": {
"wrappy": "1"
}
},
"node_modules/parseurl": {
"version": "1.3.3",
"resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz",
@ -608,14 +586,10 @@
}
},
"node_modules/path-to-regexp": {
"version": "8.4.2",
"resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-8.4.2.tgz",
"integrity": "sha512-qRcuIdP69NPm4qbACK+aDogI5CBDMi1jKe0ry5rSQJz8JVLsC7jV8XpiJjGRLLol3N+R5ihGYcrPLTno6pAdBA==",
"license": "MIT",
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
}
"version": "0.1.12",
"resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.12.tgz",
"integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==",
"license": "MIT"
},
"node_modules/proxy-addr": {
"version": "2.0.7",
@ -631,12 +605,12 @@
}
},
"node_modules/qs": {
"version": "6.15.2",
"resolved": "https://registry.npmjs.org/qs/-/qs-6.15.2.tgz",
"integrity": "sha512-Rzq0KEyX/w/tEybncDgdkZrJgVUsUMk3xjh3t5bv3S1HTAtg+uOYt72+ZfwiQwKdysThkTBdL/rTi6HDmX9Ddw==",
"version": "6.13.0",
"resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz",
"integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==",
"license": "BSD-3-Clause",
"dependencies": {
"side-channel": "^1.1.0"
"side-channel": "^1.0.6"
},
"engines": {
"node": ">=0.6"
@ -655,35 +629,39 @@
}
},
"node_modules/raw-body": {
"version": "3.0.2",
"resolved": "https://registry.npmjs.org/raw-body/-/raw-body-3.0.2.tgz",
"integrity": "sha512-K5zQjDllxWkf7Z5xJdV0/B0WTNqx6vxG70zJE4N0kBs4LovmEYWJzQGxC9bS9RAKu3bgM40lrd5zoLJ12MQ5BA==",
"version": "2.5.2",
"resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz",
"integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==",
"license": "MIT",
"dependencies": {
"bytes": "~3.1.2",
"http-errors": "~2.0.1",
"iconv-lite": "~0.7.0",
"unpipe": "~1.0.0"
"bytes": "3.1.2",
"http-errors": "2.0.0",
"iconv-lite": "0.4.24",
"unpipe": "1.0.0"
},
"engines": {
"node": ">= 0.10"
"node": ">= 0.8"
}
},
"node_modules/router": {
"version": "2.2.0",
"resolved": "https://registry.npmjs.org/router/-/router-2.2.0.tgz",
"integrity": "sha512-nLTrUKm2UyiL7rlhapu/Zl45FwNgkZGaCpZbIHajDYgwlJCOzLSk+cIPAnsEqV955GjILJnKbdQC1nVPz+gAYQ==",
"license": "MIT",
"dependencies": {
"debug": "^4.4.0",
"depd": "^2.0.0",
"is-promise": "^4.0.0",
"parseurl": "^1.3.3",
"path-to-regexp": "^8.0.0"
},
"engines": {
"node": ">= 18"
}
"node_modules/safe-buffer": {
"version": "5.2.1",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
"integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/feross"
},
{
"type": "patreon",
"url": "https://www.patreon.com/feross"
},
{
"type": "consulting",
"url": "https://feross.org/support"
}
],
"license": "MIT"
},
"node_modules/safer-buffer": {
"version": "2.1.2",
@ -692,48 +670,57 @@
"license": "MIT"
},
"node_modules/send": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/send/-/send-1.2.1.tgz",
"integrity": "sha512-1gnZf7DFcoIcajTjTwjwuDjzuz4PPcY2StKPlsGAQ1+YH20IRVrBaXSWmdjowTJ6u8Rc01PoYOGHXfP1mYcZNQ==",
"version": "0.19.0",
"resolved": "https://registry.npmjs.org/send/-/send-0.19.0.tgz",
"integrity": "sha512-dW41u5VfLXu8SJh5bwRmyYUbAoSB3c9uQh6L8h/KtsFREPWpbX1lrljJo186Jc4nmci/sGUZ9a0a0J2zgfq2hw==",
"license": "MIT",
"dependencies": {
"debug": "^4.4.3",
"encodeurl": "^2.0.0",
"escape-html": "^1.0.3",
"etag": "^1.8.1",
"fresh": "^2.0.0",
"http-errors": "^2.0.1",
"mime-types": "^3.0.2",
"ms": "^2.1.3",
"on-finished": "^2.4.1",
"range-parser": "^1.2.1",
"statuses": "^2.0.2"
"debug": "2.6.9",
"depd": "2.0.0",
"destroy": "1.2.0",
"encodeurl": "~1.0.2",
"escape-html": "~1.0.3",
"etag": "~1.8.1",
"fresh": "0.5.2",
"http-errors": "2.0.0",
"mime": "1.6.0",
"ms": "2.1.3",
"on-finished": "2.4.1",
"range-parser": "~1.2.1",
"statuses": "2.0.1"
},
"engines": {
"node": ">= 18"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
"node": ">= 0.8.0"
}
},
"node_modules/send/node_modules/encodeurl": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz",
"integrity": "sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w==",
"license": "MIT",
"engines": {
"node": ">= 0.8"
}
},
"node_modules/send/node_modules/ms": {
"version": "2.1.3",
"resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz",
"integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==",
"license": "MIT"
},
"node_modules/serve-static": {
"version": "2.2.1",
"resolved": "https://registry.npmjs.org/serve-static/-/serve-static-2.2.1.tgz",
"integrity": "sha512-xRXBn0pPqQTVQiC8wyQrKs2MOlX24zQ0POGaj0kultvoOCstBQM5yvOhAVSUwOMjQtTvsPWoNCHfPGwaaQJhTw==",
"version": "1.16.2",
"resolved": "https://registry.npmjs.org/serve-static/-/serve-static-1.16.2.tgz",
"integrity": "sha512-VqpjJZKadQB/PEbEwvFdO43Ax5dFBZ2UECszz8bQ7pi7wt//PWe1P6MN7eCnjsatYtBT6EuiClbjSWP2WrIoTw==",
"license": "MIT",
"dependencies": {
"encodeurl": "^2.0.0",
"escape-html": "^1.0.3",
"parseurl": "^1.3.3",
"send": "^1.2.0"
"encodeurl": "~2.0.0",
"escape-html": "~1.0.3",
"parseurl": "~1.3.3",
"send": "0.19.0"
},
"engines": {
"node": ">= 18"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
"node": ">= 0.8.0"
}
},
"node_modules/setprototypeof": {
@ -743,14 +730,14 @@
"license": "ISC"
},
"node_modules/side-channel": {
"version": "1.1.1",
"resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.1.1.tgz",
"integrity": "sha512-6x6dK6zJdpTzF4sQeNYxwtvBzf6Eg4GtlesS94HOvTudUeyK2WXAaIfmDgsyslYrRBeFIlsi54AYsFGUuhmvrQ==",
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.1.0.tgz",
"integrity": "sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw==",
"license": "MIT",
"dependencies": {
"es-errors": "^1.3.0",
"object-inspect": "^1.13.4",
"side-channel-list": "^1.0.1",
"object-inspect": "^1.13.3",
"side-channel-list": "^1.0.0",
"side-channel-map": "^1.0.1",
"side-channel-weakmap": "^1.0.2"
},
@ -762,13 +749,13 @@
}
},
"node_modules/side-channel-list": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/side-channel-list/-/side-channel-list-1.0.1.tgz",
"integrity": "sha512-mjn/0bi/oUURjc5Xl7IaWi/OJJJumuoJFQJfDDyO46+hBWsfaVM65TBHq2eoZBhzl9EchxOijpkbRC8SVBQU0w==",
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/side-channel-list/-/side-channel-list-1.0.0.tgz",
"integrity": "sha512-FCLHtRD/gnpCiCHEiJLOwdmFP+wzCmDEkc9y7NsYxeF4u7Btsn1ZuwgwJGxImImHicJArLP4R0yX4c2KCrMrTA==",
"license": "MIT",
"dependencies": {
"es-errors": "^1.3.0",
"object-inspect": "^1.13.4"
"object-inspect": "^1.13.3"
},
"engines": {
"node": ">= 0.4"
@ -815,9 +802,9 @@
}
},
"node_modules/statuses": {
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz",
"integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==",
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz",
"integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==",
"license": "MIT",
"engines": {
"node": ">= 0.8"
@ -833,34 +820,16 @@
}
},
"node_modules/type-is": {
"version": "2.1.0",
"resolved": "https://registry.npmjs.org/type-is/-/type-is-2.1.0.tgz",
"integrity": "sha512-faYHw0anBbc/kWF3zFTEnxSFOAGUX9GFbOBthvDdLsIlEoWOFOtS0zgCiQYwIskL9iGXZL3kAXD8OoZ4GmMATA==",
"version": "1.6.18",
"resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz",
"integrity": "sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==",
"license": "MIT",
"dependencies": {
"content-type": "^2.0.0",
"media-typer": "^1.1.0",
"mime-types": "^3.0.0"
"media-typer": "0.3.0",
"mime-types": "~2.1.24"
},
"engines": {
"node": ">= 18"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
}
},
"node_modules/type-is/node_modules/content-type": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/content-type/-/content-type-2.0.0.tgz",
"integrity": "sha512-j/O/d7GcZCyNl7/hwZAb606rzqkyvaDctLmckbxLzHvFBzTJHuGEdodATcP3yIRoDrLHkIATJuvzbFlp/ki2cQ==",
"license": "MIT",
"engines": {
"node": ">=18"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/express"
"node": ">= 0.6"
}
},
"node_modules/unpipe": {
@ -872,6 +841,15 @@
"node": ">= 0.8"
}
},
"node_modules/utils-merge": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz",
"integrity": "sha512-pMZTvIkT1d+TFGvDOqodOclx0QWkkgi6Tdoa8gC8ffGAAqz9pzPTZWAybbsHHoED/ztMtkv/VoYTYyShUn81hA==",
"license": "MIT",
"engines": {
"node": ">= 0.4.0"
}
},
"node_modules/vary": {
"version": "1.1.2",
"resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
@ -881,16 +859,10 @@
"node": ">= 0.8"
}
},
"node_modules/wrappy": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
"integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==",
"license": "ISC"
},
"node_modules/ws": {
"version": "8.21.0",
"resolved": "https://registry.npmjs.org/ws/-/ws-8.21.0.tgz",
"integrity": "sha512-Vsp28b7DRcimFQvrqu2Wek3z1iYxDCWqHYB8Qsnk/S4RfaCQzPGPyBNuVjJV3cd6UiKtUtp6sNM77gWvzcCH+g==",
"version": "8.18.2",
"resolved": "https://registry.npmjs.org/ws/-/ws-8.18.2.tgz",
"integrity": "sha512-DMricUmwGZUVr++AEAe2uiVM7UoO9MAVZMDu05UQOaUII0lp+zOzLLU4Xqh/JvTqklB1T4uELaaPBKyjE1r4fQ==",
"license": "MIT",
"engines": {
"node": ">=10.0.0"

View file

@ -1,6 +1,6 @@
{
"name": "opendia",
"version": "1.1.1",
"version": "1.1.0",
"description": "🎯 OpenDia - The open alternative to Dia. Connect your browser to AI models with anti-detection bypass for Twitter/X, LinkedIn, Facebook",
"main": "server.js",
"bin": {
@ -26,19 +26,19 @@
"facebook",
"anti-detection"
],
"author": "Aeon Inc",
"author": "OpenDia Team",
"license": "MIT",
"repository": {
"type": "git",
"url": "https://github.com/aeonfun/opendia.git"
"url": "https://github.com/aaronjmars/opendia.git"
},
"homepage": "https://github.com/aeonfun/opendia",
"homepage": "https://github.com/aaronjmars/opendia",
"bugs": {
"url": "https://github.com/aeonfun/opendia/issues"
"url": "https://github.com/aaronjmars/opendia/issues"
},
"dependencies": {
"cors": "^2.8.5",
"express": "^5.2.1",
"express": "^4.21.2",
"ws": "^8.18.0"
},
"engines": {
@ -48,4 +48,4 @@
"server.js",
"README.md"
]
}
}

View file

@ -153,8 +153,6 @@ let availableTools = [];
// Tool call tracking
const pendingCalls = new Map();
// Monotonic counter so concurrent tool calls can never share a call id.
let callIdCounter = 0;
// Simple MCP protocol implementation over stdio
async function handleMCPRequest(request) {
@ -1528,24 +1526,10 @@ async function callBrowserTool(toolName, args) {
);
}
// Date.now() alone collides when two calls fire in the same millisecond
// (concurrent SSE POSTs, hybrid stdio+SSE, or parallel tool calls). A
// collision overwrites the pending resolver, cross-wiring one call's
// response onto another and leaving the loser to hit the 30s timeout.
const callId = `${Date.now()}-${++callIdCounter}`;
const callId = Date.now().toString();
return new Promise((resolve, reject) => {
// Track the timeout on the pending entry so it can be cleared when a
// response arrives or the extension disconnects — otherwise every call
// leaks a 30s timer until it fires.
const timeout = setTimeout(() => {
if (pendingCalls.has(callId)) {
pendingCalls.delete(callId);
reject(new Error("Tool call timeout"));
}
}, 30000);
pendingCalls.set(callId, { resolve, reject, timeout });
pendingCalls.set(callId, { resolve, reject });
chromeExtensionSocket.send(
JSON.stringify({
@ -1554,6 +1538,14 @@ async function callBrowserTool(toolName, args) {
params: args,
})
);
// Timeout after 30 seconds
setTimeout(() => {
if (pendingCalls.has(callId)) {
pendingCalls.delete(callId);
reject(new Error("Tool call timeout"));
}
}, 30000);
});
}
@ -1561,7 +1553,6 @@ async function callBrowserTool(toolName, args) {
function handleToolResponse(message) {
const pending = pendingCalls.get(message.id);
if (pending) {
clearTimeout(pending.timeout);
pendingCalls.delete(message.id);
if (message.error) {
pending.reject(new Error(message.error.message));
@ -1574,17 +1565,6 @@ function handleToolResponse(message) {
// Setup WebSocket connection handlers
function setupWebSocketHandlers() {
wss.on("connection", (ws) => {
// If an old extension socket is still tracked, close it before replacing
// so the previous connection's close handler can't later null out the new one.
if (chromeExtensionSocket && chromeExtensionSocket !== ws) {
console.error("Replacing existing Browser Extension connection");
try {
chromeExtensionSocket.close();
} catch (e) {
// ignore — socket may already be half-closed
}
}
console.error("Browser Extension connected");
chromeExtensionSocket = ws;
@ -1622,33 +1602,10 @@ function setupWebSocketHandlers() {
});
ws.on("close", () => {
console.error("Browser Extension disconnected");
chromeExtensionSocket = null;
availableTools = []; // Clear tools when extension disconnects
clearInterval(pingInterval);
// Only clear tracked state if THIS socket is still the active one.
// Without this guard, a stale close event from a previous connection
// can null out a freshly reconnected extension and make the server
// falsely report "extension not connected" until the user restarts.
if (chromeExtensionSocket === ws) {
console.error("Browser Extension disconnected");
chromeExtensionSocket = null;
availableTools = []; // Clear tools when extension disconnects
// Reject any in-flight tool calls immediately so the MCP client
// sees a real error instead of hanging for up to 30s waiting on
// a socket that's gone.
if (pendingCalls.size > 0) {
console.error(
`Rejecting ${pendingCalls.size} in-flight tool call(s) due to extension disconnect`
);
for (const pending of pendingCalls.values()) {
clearTimeout(pending.timeout);
pending.reject(
new Error("Browser Extension disconnected mid-call")
);
}
pendingCalls.clear();
}
} else {
console.error("Stale Browser Extension socket closed (already replaced)");
}
});
ws.on("error", (error) => {
@ -1699,28 +1656,25 @@ app.route('/sse')
.post(async (req, res) => {
// MCP requests from online AI
console.error('MCP request received via SSE:', req.body);
try {
// handleMCPRequest already returns a complete JSON-RPC response
// (or null for notifications) — forward as-is, matching the stdio path.
const response = await handleMCPRequest(req.body);
if (response === null) {
// JSON-RPC notification: no response body per spec
res.status(204).end();
} else {
res.json(response);
}
const result = await handleMCPRequest(req.body);
res.json({
jsonrpc: "2.0",
id: req.body.id,
result: result
});
} catch (error) {
res.status(500).json({
jsonrpc: "2.0",
id: req.body?.id ?? null,
id: req.body.id,
error: { code: -32603, message: error.message }
});
}
});
// ADD: CORS preflight handler
app.options('/*splat', (req, res) => {
app.options('*', (req, res) => {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
res.header('Access-Control-Allow-Headers', 'Content-Type, Cache-Control');
@ -1886,7 +1840,7 @@ async function startServer() {
console.error('💡 Claude Web: Add as external MCP server (if supported)');
console.error('');
console.error('🏠 Local access still available:');
console.error(`🔗 http://localhost:${HTTP_PORT}/sse`);
console.error('🔗 http://localhost:3001/sse');
console.error('');
// Store ngrok process for cleanup