chore: update puppeteer 24.40.0, add SSRF DNS pinning tests (TDD)

- Updated puppeteer 24.39.1 → 24.40.0 - Added 7 TDD tests for renderUrlPdf SSRF protection branches: - HTTP request rewrite to pinned IP with Host header - HTTPS request passthrough (cert compatibility) - Blocking requests to non-target hosts - Blocking cloud metadata endpoint (169.254.169.254) - No interception when hostResolverRules absent - No interception when invalid MAP format - Request interception setup verification - Tests: 834 passing (82 files), ZERO failures
2026-03-20 08:11:34 +01:00 · 2026-03-20 08:11:34 +01:00 · 4a2103c60e
commit 4a2103c60e
parent 789d36ea04
2 changed files with 230 additions and 20 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -1613,9 +1613,9 @@
      }
    },
    "node_modules/bare-fs": {
-      "version": "4.5.5",
-      "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.5.5.tgz",
-      "integrity": "sha512-XvwYM6VZqKoqDll8BmSww5luA5eflDzY0uEFfBJtFKe4PAAtxBjU3YIxzIBzhyaEQBy1VXEQBto4cpN5RZJw+w==",
+      "version": "4.5.6",
+      "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-4.5.6.tgz",
+      "integrity": "sha512-1QovqDrR80Pmt5HPAsMsXTCFcDYr+NSUKW6nd6WO5v0JBmnItc/irNRzm2KOQ5oZ69P37y+AMujNyNtG+1Rggw==",
      "license": "Apache-2.0",
      "dependencies": {
        "bare-events": "^2.5.4",
@ -1655,12 +1655,12 @@
      }
    },
    "node_modules/bare-stream": {
-      "version": "2.8.1",
-      "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.8.1.tgz",
-      "integrity": "sha512-bSeR8RfvbRwDpD7HWZvn8M3uYNDrk7m9DQjYOFkENZlXW8Ju/MPaqUPQq5LqJ3kyjEm07siTaAQ7wBKCU59oHg==",
+      "version": "2.10.0",
+      "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.10.0.tgz",
+      "integrity": "sha512-DOPZF/DDcDruKDA43cOw6e9Quq5daua7ygcAwJE/pKJsRWhgSSemi7qVNGE5kyDIxIeN1533G/zfbvWX7Wcb9w==",
      "license": "Apache-2.0",
      "dependencies": {
-        "streamx": "^2.21.0",
+        "streamx": "^2.25.0",
        "teex": "^1.0.1"
      },
      "peerDependencies": {
@ -1677,9 +1677,9 @@
      }
    },
    "node_modules/bare-url": {
-      "version": "2.3.2",
-      "resolved": "https://registry.npmjs.org/bare-url/-/bare-url-2.3.2.tgz",
-      "integrity": "sha512-ZMq4gd9ngV5aTMa5p9+UfY0b3skwhHELaDkhEHetMdX0LRkW9kzaym4oo/Eh+Ghm0CCDuMTsRIGM/ytUc1ZYmw==",
+      "version": "2.4.0",
+      "resolved": "https://registry.npmjs.org/bare-url/-/bare-url-2.4.0.tgz",
+      "integrity": "sha512-NSTU5WN+fy/L0DDenfE8SXQna4voXuW0FHM7wH8i3/q9khUSchfPbPezO4zSFMnDGIf9YE+mt/RWhZgNRKRIXA==",
      "license": "Apache-2.0",
      "dependencies": {
        "bare-path": "^3.0.0"
@ -4140,9 +4140,9 @@
      }
    },
    "node_modules/puppeteer": {
-      "version": "24.39.1",
-      "resolved": "https://registry.npmjs.org/puppeteer/-/puppeteer-24.39.1.tgz",
-      "integrity": "sha512-68Zc9QpcVvfxp2C+3UL88TyUogEAn5tSylXidbEuEXvhiqK1+v65zeBU5ubinAgEHMGr3dcSYqvYrGtdzsPI3w==",
+      "version": "24.40.0",
+      "resolved": "https://registry.npmjs.org/puppeteer/-/puppeteer-24.40.0.tgz",
+      "integrity": "sha512-IxQbDq93XHVVLWHrAkFP7F7iHvb9o0mgfsSIMlhHb+JM+JjM1V4v4MNSQfcRWJopx9dsNOr9adYv0U5fm9BJBQ==",
      "hasInstallScript": true,
      "license": "Apache-2.0",
      "dependencies": {
@ -4150,7 +4150,7 @@
        "chromium-bidi": "14.0.0",
        "cosmiconfig": "^9.0.0",
        "devtools-protocol": "0.0.1581282",
-        "puppeteer-core": "24.39.1",
+        "puppeteer-core": "24.40.0",
        "typed-query-selector": "^2.12.1"
      },
      "bin": {
@ -4161,9 +4161,9 @@
      }
    },
    "node_modules/puppeteer-core": {
-      "version": "24.39.1",
-      "resolved": "https://registry.npmjs.org/puppeteer-core/-/puppeteer-core-24.39.1.tgz",
-      "integrity": "sha512-AMqQIKoEhPS6CilDzw0Gd1brLri3emkC+1N2J6ZCCuY1Cglo56M63S0jOeBZDQlemOiRd686MYVMl9ELJBzN3A==",
+      "version": "24.40.0",
+      "resolved": "https://registry.npmjs.org/puppeteer-core/-/puppeteer-core-24.40.0.tgz",
+      "integrity": "sha512-MWL3XbUCfVgGR0gRsidzT6oKJT2QydPLhMITU6HoVWiiv4gkb6gJi3pcdAa8q4HwjBTbqISOWVP4aJiiyUJvag==",
      "license": "Apache-2.0",
      "dependencies": {
        "@puppeteer/browsers": "2.13.0",
@ -4706,9 +4706,9 @@
      "license": "MIT"
    },
    "node_modules/streamx": {
-      "version": "2.23.0",
-      "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.23.0.tgz",
-      "integrity": "sha512-kn+e44esVfn2Fa/O0CPFcex27fjIL6MkVae0Mm6q+E6f0hWv578YCERbv+4m02cjxvDsPKLnmxral/rR6lBMAg==",
+      "version": "2.25.0",
+      "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.25.0.tgz",
+      "integrity": "sha512-0nQuG6jf1w+wddNEEXCF4nTg3LtufWINB5eFEN+5TNZW7KWJp6x87+JFL43vaAUPyCfH1wID+mNVyW6OHtFamg==",
      "license": "MIT",
      "dependencies": {
        "events-universal": "^1.0.0",