Add managed bypass policy

[jesse-merhi]

Summary

• add a managed-mode bypassPolicy callback for intentional direct routes
• apply that policy to node/http, websocket, and undici/fetch proxy decisions
• cover direct bypass behavior in unit and proxy-lab e2e tests
• stop committing generated dist/; prepack still builds it for the npm tarball

Verification

• npx -y node@24 /opt/homebrew/bin/pnpm check
• npx -y node@24 /opt/homebrew/bin/pnpm package:dry-run
• git diff --check

Notes

OpenClaw needs this before it can depend on @openclaw/proxyline@0.1.1 for the Gateway loopback bypass without mutating NO_PROXY.

dist/ is now intentionally ignored and untracked. The package dry-run still lists the generated dist/*.js, dist/*.d.ts, and dist/*.d.ts.map files in openclaw-proxyline-0.1.1.tgz via the existing prepack build.

[Copilot]

Pull request overview

Adds a managed-mode bypassPolicy callback that can intentionally route specific destinations directly (instead of through the configured managed proxy), and wires it into proxy decision-making across the runtime. This is intended to support cases like Gateway loopback bypass without mutating NO_PROXY.

Changes:

• Introduces bypassPolicy types (ProxylineBypassPolicy, ProxylineBypassRequest) and exposes them in the public API.
• Applies bypass decisions in managed resolver logic and updates the managed undici dispatcher implementation accordingly.
• Adds unit + proxy-lab e2e coverage for direct bypass behavior.

Reviewed changes

Copilot reviewed 5 out of 11 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
test/index.test.ts	Adds a unit test asserting explain() returns a direct decision when bypass policy matches.
test/e2e.test.ts	Adds an e2e test asserting node + undici traffic goes direct (no lab proxy events) when bypass policy matches.
src/types.ts	Adds bypass policy option + request/policy types.
src/runtime.ts	Implements bypass checks in the managed resolver; introduces a managed undici dispatcher to support bypass in undici.
src/index.ts	Re-exports bypass policy types from the public entrypoint.
dist/types.d.ts	Updates generated type declarations for new bypass policy types.
dist/types.d.ts.map	Updates generated sourcemap for types.
dist/runtime.js	Updates built runtime JS with bypass policy + managed undici dispatcher changes.
dist/runtime.d.ts.map	Updates generated runtime d.ts sourcemap.
dist/index.d.ts	Updates generated index d.ts exports.
dist/index.d.ts.map	Updates generated index d.ts sourcemap.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.