@agentsh/secure-sandbox 0.1.5 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (28) hide show
  1. package/README.md +45 -11
  2. package/dist/adapters/blaxel.d.ts +1 -1
  3. package/dist/adapters/cloudflare.d.ts +1 -1
  4. package/dist/adapters/daytona.d.ts +1 -1
  5. package/dist/adapters/e2b.d.ts +1 -1
  6. package/dist/adapters/index.d.ts +2 -1
  7. package/dist/adapters/index.js +11 -1
  8. package/dist/adapters/vercel.d.ts +1 -1
  9. package/dist/chunk-4FJHYLAB.js +251 -0
  10. package/dist/chunk-4FJHYLAB.js.map +1 -0
  11. package/dist/chunk-5IG6ABIZ.js +268 -0
  12. package/dist/chunk-5IG6ABIZ.js.map +1 -0
  13. package/dist/{chunk-GFPHTJLU.js → chunk-LNDICGZU.js} +3 -243
  14. package/dist/chunk-LNDICGZU.js.map +1 -0
  15. package/dist/index-TyzWAIUD.d.ts +60 -0
  16. package/dist/index.d.ts +5 -11
  17. package/dist/index.js +209 -43
  18. package/dist/index.js.map +1 -1
  19. package/dist/policies/index.d.ts +1 -1
  20. package/dist/policies/index.js +5 -3
  21. package/dist/testing/index.d.ts +1 -1
  22. package/dist/{types-CUqsllMs.d.ts → types-DFMGk2GV.d.ts} +127 -2
  23. package/package.json +19 -1
  24. package/dist/chunk-GFPHTJLU.js.map +0 -1
  25. package/dist/chunk-L4KFLVNU.js +0 -33
  26. package/dist/chunk-L4KFLVNU.js.map +0 -1
  27. package/dist/index-aQ1TVPtG.d.ts +0 -16
  28. package/dist/{index-Nmlhw9oj.d.ts → index-CedRtlB6.d.ts} +22 -22
package/dist/chunk-GFPHTJLU.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/policies/index.ts","../src/policies/schema.ts","../src/core/errors.ts","../src/policies/merge.ts","../src/policies/presets.ts","../src/policies/serialize.ts"],"sourcesContent":["export { PolicyDefinitionSchema, validatePolicy } from './schema.js';\nexport type { PolicyDefinition, FileRule, NetworkRule, CommandRule, EnvRule, DnsRedirect, ConnectRedirect } from './schema.js';\nexport { agentDefault, devSafe, ciStrict, agentSandbox } from './presets.js';\nexport { merge, mergePrepend } from './merge.js';\nexport { serializePolicy, systemPolicyYaml } from './serialize.js';\n","import { z, ZodError } from 'zod';\nimport { PolicyValidationError } from '../core/errors.js';\n\n// ─── Shared helpers ─────────────────────────────────────────\n\nconst stringOrArray = z.union([z.string(), z.array(z.string())]);\n\n// ─── File rules ─────────────────────────────────────────────\n\nexport const FileOpSchema = z.enum(['read', 'write', 'create', 'delete']);\n\nconst FileAllowRule = z\n .object({ allow: stringOrArray, ops: z.array(FileOpSchema).optional() })\n .strict();\n\nconst FileDenyRule = z\n .object({ deny: stringOrArray, ops: z.array(FileOpSchema).optional() })\n .strict();\n\nconst FileRedirectRule = z\n .object({\n redirect: stringOrArray,\n to: z.string(),\n ops: z.array(FileOpSchema).optional(),\n })\n .strict();\n\nconst FileAuditRule = z\n .object({ audit: stringOrArray, ops: z.array(FileOpSchema).optional() })\n .strict();\n\nconst FileSoftDeleteRule = z.object({ softDelete: stringOrArray }).strict();\n\nexport const FileRuleSchema = z.union([\n FileAllowRule,\n FileDenyRule,\n FileRedirectRule,\n FileAuditRule,\n FileSoftDeleteRule,\n]);\n\n// ─── Network rules ──────────────────────────────────────────\n\nconst NetworkAllowRule = z\n .object({\n allow: stringOrArray,\n ports: z.array(z.number().int().min(1).max(65535)).optional(),\n })\n .strict();\n\nconst NetworkDenyRule = z.object({ deny: stringOrArray }).strict();\n\nconst NetworkRedirectRule = z\n .object({ redirect: z.string(), to: z.string() })\n .strict();\n\nexport const NetworkRuleSchema = z.union([\n NetworkAllowRule,\n NetworkDenyRule,\n NetworkRedirectRule,\n]);\n\n// ─── Command rules ──────────────────────────────────────────\n\nconst CommandRedirectTarget = z.union([\n z.string(),\n z.object({ cmd: z.string(), args: z.array(z.string()) }).strict(),\n]);\n\nconst CommandAllowRule = z.object({ allow: stringOrArray }).strict();\n\nconst CommandDenyRule = z.object({ deny: stringOrArray }).strict();\n\nconst CommandRedirectRule = z\n .object({ redirect: stringOrArray, to: CommandRedirectTarget })\n .strict();\n\nexport const CommandRuleSchema = z.union([\n CommandAllowRule,\n CommandDenyRule,\n CommandRedirectRule,\n]);\n\n// ─── Env rules ──────────────────────────────────────────────\n\nexport const EnvRuleSchema = z\n .object({\n commands: z.array(z.string()),\n allow: z.array(z.string()).optional(),\n deny: z.array(z.string()).optional(),\n })\n .strict();\n\n// ─── DNS / Connect redirects ────────────────────────────────\n\nexport const DnsRedirectSchema = z\n .object({\n match: z.string(),\n resolveTo: z.string(),\n })\n .strict();\n\nexport const ConnectRedirectSchema = z\n .object({\n match: z.string(),\n redirectTo: z.string(),\n })\n .strict();\n\n// ─── Package rules ──────────────────────────────────────────\n\nconst LicenseSpdxMatchSchema = z\n .object({\n allow: z.array(z.string()).optional(),\n deny: z.array(z.string()).optional(),\n })\n .strict();\n\nconst PackageMatchSchema = z\n .object({\n packages: z.array(z.string()).optional(),\n namePatterns: z.array(z.string()).optional(),\n findingType: z.string().optional(),\n severity: stringOrArray.optional(),\n reasons: z.array(z.string()).optional(),\n licenseSpdx: LicenseSpdxMatchSchema.optional(),\n ecosystem: z.string().optional(),\n options: z.record(z.unknown()).optional(),\n })\n .strict();\n\nexport const PackageRuleSchema = z\n .object({\n match: PackageMatchSchema,\n action: z.enum(['allow', 'warn', 'approve', 'block']),\n reason: z.string().optional(),\n })\n .strict();\n\n// ─── PolicyDefinition ───────────────────────────────────────\n\nexport const PolicyDefinitionSchema = z\n .object({\n file: z.array(FileRuleSchema).optional(),\n network: z.array(NetworkRuleSchema).optional(),\n commands: z.array(CommandRuleSchema).optional(),\n env: z.array(EnvRuleSchema).optional(),\n dns: z.array(DnsRedirectSchema).optional(),\n connect: z.array(ConnectRedirectSchema).optional(),\n packageRules: z.array(PackageRuleSchema).optional(),\n })\n .strict();\n\n// ─── Inferred types ─────────────────────────────────────────\n\nexport type PolicyDefinition = z.infer<typeof PolicyDefinitionSchema>;\nexport type FileOp = z.infer<typeof FileOpSchema>;\nexport type FileRule = z.infer<typeof FileRuleSchema>;\nexport type NetworkRule = z.infer<typeof NetworkRuleSchema>;\nexport type CommandRule = z.infer<typeof CommandRuleSchema>;\nexport type EnvRule = z.infer<typeof EnvRuleSchema>;\nexport type DnsRedirect = z.infer<typeof DnsRedirectSchema>;\nexport type ConnectRedirect = z.infer<typeof ConnectRedirectSchema>;\nexport type PackageRule = z.infer<typeof PackageRuleSchema>;\n\n// ─── Validation ─────────────────────────────────────────────\n\nexport function validatePolicy(policy: unknown): PolicyDefinition {\n try {\n return PolicyDefinitionSchema.parse(policy);\n } catch (err) {\n if (err instanceof ZodError) {\n throw new PolicyValidationError({ issues: err.issues });\n }\n throw err;\n }\n}\n","import type { ZodIssue } from 'zod';\n\nexport class AgentSHError extends Error {\n constructor(message: string) {\n super(message);\n this.name = 'AgentSHError';\n }\n}\n\nexport class PolicyValidationError extends AgentSHError {\n readonly issues: ZodIssue[];\n\n constructor({ issues }: { issues: ZodIssue[] }) {\n const summaries = issues\n .map((issue) => `${issue.path.join('.')}: ${issue.message}`)\n .join('; ');\n super(`Policy validation failed: ${summaries}`);\n this.name = 'PolicyValidationError';\n this.issues = issues;\n }\n}\n\nexport class MissingPeerDependencyError extends AgentSHError {\n readonly packageName: string;\n readonly versionRange: string;\n\n constructor({\n packageName,\n versionRange,\n }: {\n packageName: string;\n versionRange: string;\n }) {\n super(\n `${packageName} is required but not installed. Run: npm install ${packageName}@\"${versionRange}\"`,\n );\n this.name = 'MissingPeerDependencyError';\n this.packageName = packageName;\n this.versionRange = versionRange;\n }\n}\n\nexport class IncompatibleProviderVersionError extends AgentSHError {\n readonly installed: string;\n readonly required: string;\n readonly packageName: string;\n\n constructor({\n installed,\n required,\n packageName,\n }: {\n installed: string;\n required: string;\n packageName: string;\n }) {\n super(\n `${packageName} version ${installed} is not supported. @agentsh/secure-sandbox requires ${packageName} ${required}. Please upgrade: npm install ${packageName}@latest`,\n );\n this.name = 'IncompatibleProviderVersionError';\n this.installed = installed;\n this.required = required;\n this.packageName = packageName;\n }\n}\n\nexport class ProvisioningError extends AgentSHError {\n readonly phase: string;\n readonly command: string;\n readonly stderr: string;\n\n constructor({\n phase,\n command,\n stderr,\n }: {\n phase: string;\n command: string;\n stderr: string;\n }) {\n super(`Provisioning failed at phase: ${phase}`);\n this.name = 'ProvisioningError';\n this.phase = phase;\n this.command = command;\n this.stderr = stderr;\n }\n}\n\nexport class IntegrityError extends AgentSHError {\n readonly expected: string;\n readonly actual: string;\n\n constructor({\n expected,\n actual,\n message,\n }: {\n expected: string;\n actual: string;\n message?: string;\n }) {\n super(message ?? `Checksum mismatch: expected ${expected}, got ${actual}`);\n this.name = 'IntegrityError';\n this.expected = expected;\n this.actual = actual;\n }\n}\n\nexport class RuntimeError extends AgentSHError {\n readonly sessionId: string;\n readonly command: string;\n readonly stderr: string;\n\n constructor({\n sessionId,\n command,\n stderr,\n }: {\n sessionId: string;\n command: string;\n stderr: string;\n }) {\n super(`agentsh exec failed (session ${sessionId})`);\n this.name = 'RuntimeError';\n this.sessionId = sessionId;\n this.command = command;\n this.stderr = stderr;\n }\n}\n","import type { PolicyDefinition } from './schema.js';\nimport { validatePolicy } from './schema.js';\n\nconst CATEGORIES = ['file', 'network', 'commands', 'env', 'dns', 'connect', 'packageRules'] as const;\n\n/**\n * Merge policy overrides AFTER base rules for each category.\n * Since agentsh evaluates first-match-wins, appended rules only apply\n * to paths not already matched by base.\n */\nexport function merge(base: PolicyDefinition, ...overrides: Partial<PolicyDefinition>[]): PolicyDefinition {\n return validatePolicy(mergeInternal(base, overrides, 'append'));\n}\n\n/**\n * Merge policy overrides BEFORE base rules for each category,\n * making overrides take priority in first-match-wins evaluation.\n */\nexport function mergePrepend(base: PolicyDefinition, ...overrides: Partial<PolicyDefinition>[]): PolicyDefinition {\n return validatePolicy(mergeInternal(base, overrides, 'prepend'));\n}\n\nfunction mergeInternal(\n base: PolicyDefinition,\n overrides: Partial<PolicyDefinition>[],\n mode: 'append' | 'prepend',\n): PolicyDefinition {\n const result: any = { ...base };\n for (const override of overrides) {\n for (const key of CATEGORIES) {\n if (override[key] != null) {\n const baseRules = result[key] ?? [];\n result[key] = mode === 'append'\n ? [...baseRules, ...override[key]!]\n : [...override[key]!, ...baseRules];\n }\n }\n }\n return result;\n}\n","import type { PolicyDefinition } from './schema.js';\nimport { merge } from './merge.js';\n\n// ─── agentDefault ──────────────────────────────────────────\n\n/**\n * Comprehensive policy for AI coding agents. This is the DEFAULT policy\n * used when no policy is specified. Based on agentsh v0.13's agent-default\n * policy.\n */\nexport function agentDefault(\n extensions?: Partial<PolicyDefinition>,\n): PolicyDefinition {\n const base: PolicyDefinition = {\n file: [\n { allow: '/workspace/**', ops: ['read', 'write', 'create'] },\n // Git/version-control credentials\n { deny: ['/workspace/.git/config', '/workspace/.netrc'] },\n // Secrets and credentials\n { deny: ['**/.env', '**/.env.*', '**/credentials*', '**/*.pem', '**/*.key'] },\n { deny: ['~/.ssh/**', '/proc/*/environ'] },\n // Cloud provider credentials\n { deny: ['~/.aws/**', '~/.gcp/**', '~/.azure/**', '~/.config/gcloud/**'] },\n // Shell config injection (persistence)\n { deny: ['~/.bashrc', '~/.zshrc', '~/.profile', '~/.bash_profile'] },\n // Credential stores\n { deny: ['~/.gitconfig', '~/.netrc', '~/.curlrc', '~/.wgetrc'] },\n // PATH hijacking\n { deny: '~/.local/bin/**' },\n // Agent config files — allow reads (project context), deny writes (prompt injection persistence)\n { deny: ['**/.cursorrules', '**/CLAUDE.md', '**/copilot-instructions.md'], ops: ['write', 'create', 'delete'] },\n ],\n network: [\n {\n allow: [\n 'registry.npmjs.org',\n 'registry.yarnpkg.com',\n 'pypi.org',\n 'files.pythonhosted.org',\n 'crates.io',\n 'static.crates.io',\n 'index.crates.io',\n 'proxy.golang.org',\n 'sum.golang.org',\n 'github.com',\n 'raw.githubusercontent.com',\n ],\n ports: [443],\n },\n { deny: '*' },\n ],\n commands: [\n // Allow safe commands (order matters — first match wins)\n {\n allow: [\n 'bash', 'sh', 'echo', 'cat', 'head', 'tail', 'grep', 'find',\n 'ls', 'wc', 'sort', 'uniq', 'diff', 'pwd', 'date', 'which',\n 'whoami', 'id', 'uname', 'printf', 'test', 'true', 'false',\n 'mkdir', 'cp', 'mv', 'rm', 'touch', 'chmod', 'tr', 'cut',\n 'sed', 'awk', 'tee', 'xargs', 'basename', 'dirname', 'realpath',\n 'base64', 'md5sum', 'sha256sum', 'tar', 'gzip', 'gunzip',\n ],\n },\n // Allow dev tools\n {\n allow: [\n 'git', 'node', 'npm', 'npx', 'yarn', 'pnpm', 'bun',\n 'python', 'python3', 'pip', 'pip3',\n 'cargo', 'rustc', 'go', 'make', 'cmake',\n ],\n },\n // Deny dangerous commands\n { deny: ['env', 'printenv', 'sudo', 'su', 'doas'] },\n { deny: ['shutdown', 'reboot', 'halt', 'poweroff'] },\n { deny: ['nc', 'ncat', 'netcat', 'socat', 'telnet'] },\n { deny: ['git push --force', 'git reset --hard'] },\n {\n redirect: ['curl', 'wget'],\n to: { cmd: 'agentsh-fetch', args: ['--audit'] },\n },\n ],\n packageRules: [\n // Critical vulnerability = block\n {\n match: { findingType: 'vulnerability', severity: 'critical' },\n action: 'block',\n reason: 'Critical vulnerability — review before installing',\n },\n // Known malware = block\n {\n match: { findingType: 'malware' },\n action: 'block',\n reason: 'Known malware detected',\n },\n // Typosquat = block\n {\n match: { findingType: 'reputation', reasons: ['typosquat'] },\n action: 'block',\n reason: 'Package flagged as potential typosquat',\n },\n // Medium vulnerability = warn\n {\n match: { findingType: 'vulnerability', severity: 'medium' },\n action: 'warn',\n reason: 'Medium vulnerability — review before using',\n },\n // Copyleft licenses = block\n {\n match: {\n findingType: 'license',\n licenseSpdx: { deny: ['AGPL-3.0-only', 'SSPL-1.0'] },\n },\n action: 'block',\n reason: 'Copyleft license incompatible with proprietary code',\n },\n // Package too new = approve (requires human confirmation)\n {\n match: {\n findingType: 'reputation',\n reasons: ['package_too_new'],\n },\n action: 'approve',\n reason: 'Package published recently — requires approval',\n },\n ],\n };\n return extensions ? merge(base, extensions) : base;\n}\n\n// ─── devSafe ───────────────────────────────────────────────\n\n/**\n * Permissive defaults for local development. Not recommended for production.\n */\nexport function devSafe(\n extensions?: Partial<PolicyDefinition>,\n): PolicyDefinition {\n const base: PolicyDefinition = {\n file: [\n { allow: '/workspace/**', ops: ['read', 'write', 'create'] },\n { deny: ['**/.env', '**/.env.*', '**/credentials*', '**/*.pem', '**/*.key'] },\n { deny: ['~/.ssh/**', '/proc/*/environ'] },\n { deny: ['~/.aws/**', '~/.gcp/**', '~/.azure/**', '~/.config/gcloud/**'] },\n { deny: ['~/.bashrc', '~/.zshrc', '~/.profile', '~/.bash_profile'] },\n { deny: ['~/.gitconfig', '~/.netrc', '~/.curlrc', '~/.wgetrc'] },\n ],\n network: [\n {\n allow: ['registry.npmjs.org', 'registry.yarnpkg.com'],\n ports: [443],\n },\n ],\n commands: [{ deny: ['env', 'printenv', 'shutdown', 'reboot'] }],\n };\n return extensions ? merge(base, extensions) : base;\n}\n\n// ─── ciStrict ──────────────────────────────────────────────\n\n/**\n * Locked down for CI/CD runners.\n */\nexport function ciStrict(\n extensions?: Partial<PolicyDefinition>,\n): PolicyDefinition {\n const base: PolicyDefinition = {\n file: [\n { allow: '/workspace/**' },\n { deny: ['**/.env', '**/.env.*', '**/credentials*', '**/*.pem', '**/*.key'] },\n { deny: ['~/.aws/**', '~/.gcp/**', '~/.azure/**', '~/.config/gcloud/**'] },\n { deny: '/**' },\n ],\n network: [\n {\n allow: [\n 'registry.npmjs.org',\n 'registry.yarnpkg.com',\n 'pypi.org',\n 'files.pythonhosted.org',\n 'crates.io',\n 'static.crates.io',\n 'index.crates.io',\n 'proxy.golang.org',\n 'sum.golang.org',\n ],\n ports: [443],\n },\n { deny: '*' },\n ],\n commands: [\n { deny: ['env', 'printenv', 'shutdown', 'reboot', 'sudo'] },\n ],\n };\n return extensions ? merge(base, extensions) : base;\n}\n\n// ─── agentSandbox ──────────────────────────────────────────\n\n/**\n * Maximum restriction for untrusted code. Read-only workspace, no network.\n */\nexport function agentSandbox(\n extensions?: Partial<PolicyDefinition>,\n): PolicyDefinition {\n const base: PolicyDefinition = {\n file: [\n { allow: '/workspace/**', ops: ['read'] },\n { deny: '/**' },\n ],\n network: [{ deny: '*' }],\n commands: [\n { deny: ['env', 'printenv', 'sudo', 'su', 'shutdown', 'reboot'] },\n ],\n };\n return extensions ? merge(base, extensions) : base;\n}\n","import yaml from 'js-yaml';\nimport type {\n PolicyDefinition,\n FileRule,\n NetworkRule,\n CommandRule,\n EnvRule,\n DnsRedirect,\n ConnectRedirect,\n PackageRule,\n} from './schema.js';\n\n// ─── Helpers ────────────────────────────────────────────────\n\n/** Normalize a string-or-array value to always be an array. */\nfunction toArray(value: string | string[]): string[] {\n return Array.isArray(value) ? value : [value];\n}\n\n/** Detect the decision key from a rule object. */\ntype DecisionKey = 'allow' | 'deny' | 'redirect' | 'audit' | 'softDelete';\n\nconst FILE_DECISION_KEYS: DecisionKey[] = [\n 'allow',\n 'deny',\n 'redirect',\n 'audit',\n 'softDelete',\n];\n\nconst SIMPLE_DECISION_KEYS: DecisionKey[] = ['allow', 'deny', 'redirect'];\n\nfunction findDecision(\n rule: Record<string, unknown>,\n keys: DecisionKey[],\n): { key: DecisionKey; value: unknown } {\n for (const k of keys) {\n if (k in rule) {\n return { key: k, value: rule[k] };\n }\n }\n throw new Error(`No decision key found in rule: ${JSON.stringify(rule)}`);\n}\n\n/** Map softDelete → soft_delete for YAML output. */\nfunction yamlDecision(key: DecisionKey): string {\n return key === 'softDelete' ? 'soft_delete' : key;\n}\n\n// ─── File rules ─────────────────────────────────────────────\n\nfunction serializeFileRules(rules: FileRule[]): Record<string, unknown>[] {\n return rules.map((rule, i) => {\n const r = rule as Record<string, unknown>;\n const { key, value } = findDecision(r, FILE_DECISION_KEYS);\n const paths = toArray(value as string | string[]);\n\n const out: Record<string, unknown> = {\n name: `file-rule-${i}`,\n paths,\n };\n\n if ('ops' in r && r.ops) {\n out.operations = r.ops;\n }\n\n out.decision = yamlDecision(key);\n\n if (key === 'redirect' && 'to' in r) {\n out.redirect_to = r.to;\n }\n\n return out;\n });\n}\n\n// ─── Network rules ──────────────────────────────────────────\n\nfunction serializeNetworkRules(\n rules: NetworkRule[],\n): Record<string, unknown>[] {\n return rules.map((rule, i) => {\n const r = rule as Record<string, unknown>;\n const { key, value } = findDecision(r, SIMPLE_DECISION_KEYS);\n const domains = toArray(value as string | string[]);\n\n const out: Record<string, unknown> = {\n name: `network-rule-${i}`,\n domains,\n decision: key,\n };\n\n if ('ports' in r && r.ports) {\n out.ports = r.ports;\n }\n\n if (key === 'redirect' && 'to' in r) {\n out.redirect_to = r.to;\n }\n\n return out;\n });\n}\n\n// ─── Command rules ──────────────────────────────────────────\n\nfunction serializeCommandRules(\n rules: CommandRule[],\n): Record<string, unknown>[] {\n return rules.map((rule, i) => {\n const r = rule as Record<string, unknown>;\n const { key, value } = findDecision(r, SIMPLE_DECISION_KEYS);\n const commands = toArray(value as string | string[]);\n\n const out: Record<string, unknown> = {\n name: `command-rule-${i}`,\n commands,\n decision: key,\n };\n\n if (key === 'redirect' && 'to' in r) {\n const to = r.to;\n if (typeof to === 'string') {\n out.redirect_to = to;\n } else if (typeof to === 'object' && to !== null) {\n const target = to as { cmd: string; args: string[] };\n out.redirect_to = { command: target.cmd, args: target.args };\n }\n }\n\n return out;\n });\n}\n\n// ─── Env rules ──────────────────────────────────────────────\n\nfunction serializeEnvRules(rules: EnvRule[]): Record<string, unknown>[] {\n return rules.map((rule, i) => {\n const out: Record<string, unknown> = {\n name: `env-rule-${i}`,\n commands: rule.commands,\n };\n if (rule.allow) {\n out.allow = rule.allow;\n }\n if (rule.deny) {\n out.deny = rule.deny;\n }\n return out;\n });\n}\n\n// ─── DNS redirects ──────────────────────────────────────────\n\nfunction serializeDnsRedirects(\n redirects: DnsRedirect[],\n): Record<string, unknown>[] {\n return redirects.map((r) => ({\n match: r.match,\n resolve_to: r.resolveTo,\n }));\n}\n\n// ─── Connect redirects ──────────────────────────────────────\n\nfunction serializeConnectRedirects(\n redirects: ConnectRedirect[],\n): Record<string, unknown>[] {\n return redirects.map((r) => ({\n match: r.match,\n redirect_to: r.redirectTo,\n }));\n}\n\n// ─── Package rules ───────────────────────────────────────────\n\nfunction serializePackageRules(\n rules: PackageRule[],\n): Record<string, unknown>[] {\n return rules.map((rule) => {\n const match: Record<string, unknown> = {};\n\n if (rule.match.packages) {\n match.packages = rule.match.packages;\n }\n if (rule.match.namePatterns) {\n match.name_patterns = rule.match.namePatterns;\n }\n if (rule.match.findingType) {\n match.finding_type = rule.match.findingType;\n }\n if (rule.match.severity !== undefined) {\n match.severity = rule.match.severity;\n }\n if (rule.match.reasons) {\n match.reasons = rule.match.reasons;\n }\n if (rule.match.licenseSpdx) {\n match.license_spdx = rule.match.licenseSpdx;\n }\n if (rule.match.ecosystem) {\n match.ecosystem = rule.match.ecosystem;\n }\n if (rule.match.options) {\n match.options = rule.match.options;\n }\n\n const out: Record<string, unknown> = {\n match,\n action: rule.action,\n };\n\n if (rule.reason) {\n out.reason = rule.reason;\n }\n\n return out;\n });\n}\n\n// ─── Public API ─────────────────────────────────────────────\n\n/**\n * Converts a PolicyDefinition to agentsh YAML format.\n *\n * Omits empty categories from output.\n */\nexport function serializePolicy(policy: PolicyDefinition): string {\n const doc: Record<string, unknown> = {\n version: 1,\n name: 'secure-sandbox-policy',\n };\n\n if (policy.file && policy.file.length > 0) {\n doc.file_rules = serializeFileRules(policy.file);\n }\n\n if (policy.network && policy.network.length > 0) {\n doc.network_rules = serializeNetworkRules(policy.network);\n }\n\n if (policy.commands && policy.commands.length > 0) {\n doc.command_rules = serializeCommandRules(policy.commands);\n }\n\n if (policy.env && policy.env.length > 0) {\n doc.env_rules = serializeEnvRules(policy.env);\n }\n\n if (policy.dns && policy.dns.length > 0) {\n doc.dns_redirects = serializeDnsRedirects(policy.dns);\n }\n\n if (policy.connect && policy.connect.length > 0) {\n doc.connect_redirects = serializeConnectRedirects(policy.connect);\n }\n\n if (policy.packageRules && policy.packageRules.length > 0) {\n doc.package_rules = serializePackageRules(policy.packageRules);\n }\n\n return yaml.dump(doc, { lineWidth: -1 });\n}\n\n/**\n * Returns the fixed system policy YAML from the spec (Section 9.4).\n *\n * This static set of rules protects agentsh's own configuration, binaries,\n * and processes from tampering by the agent. These rules are written to a\n * separate system policy directory evaluated before user policy.\n */\nexport function systemPolicyYaml(): string {\n const doc = {\n version: 1,\n name: '_system-protection',\n file_rules: [\n {\n name: '_system-protect-config',\n paths: ['/etc/agentsh/**'],\n operations: ['write', 'create', 'delete'],\n decision: 'deny',\n message: 'Policy files are immutable during agent execution',\n },\n {\n name: '_system-protect-binary',\n paths: ['/usr/local/bin/agentsh*', '/usr/bin/agentsh*'],\n operations: ['write', 'create', 'delete'],\n decision: 'deny',\n message: 'agentsh binary is immutable during agent execution',\n },\n {\n name: '_system-protect-shim-files',\n paths: ['/usr/bin/agentsh-shell-shim', '/bin/bash', '/bin/sh'],\n operations: ['write', 'create', 'delete'],\n decision: 'deny',\n message: 'Shell and shim binaries are immutable during agent execution',\n },\n ],\n command_rules: [\n {\n name: '_system-protect-process',\n commands: ['kill', 'killall', 'pkill'],\n args_match: ['agentsh'],\n decision: 'deny',\n message: 'Cannot terminate agentsh processes',\n },\n ],\n };\n\n return yaml.dump(doc, { lineWidth: -1 });\n}\n"],"mappings":";;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,SAAS,GAAG,gBAAgB;;;ACErB,IAAM,eAAN,cAA2B,MAAM;AAAA,EACtC,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,wBAAN,cAAoC,aAAa;AAAA,EAC7C;AAAA,EAET,YAAY,EAAE,OAAO,GAA2B;AAC9C,UAAM,YAAY,OACf,IAAI,CAAC,UAAU,GAAG,MAAM,KAAK,KAAK,GAAG,CAAC,KAAK,MAAM,OAAO,EAAE,EAC1D,KAAK,IAAI;AACZ,UAAM,6BAA6B,SAAS,EAAE;AAC9C,SAAK,OAAO;AACZ,SAAK,SAAS;AAAA,EAChB;AACF;AAEO,IAAM,6BAAN,cAAyC,aAAa;AAAA,EAClD;AAAA,EACA;AAAA,EAET,YAAY;AAAA,IACV;AAAA,IACA;AAAA,EACF,GAGG;AACD;AAAA,MACE,GAAG,WAAW,oDAAoD,WAAW,KAAK,YAAY;AAAA,IAChG;AACA,SAAK,OAAO;AACZ,SAAK,cAAc;AACnB,SAAK,eAAe;AAAA,EACtB;AACF;AAEO,IAAM,mCAAN,cAA+C,aAAa;AAAA,EACxD;AAAA,EACA;AAAA,EACA;AAAA,EAET,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAIG;AACD;AAAA,MACE,GAAG,WAAW,YAAY,SAAS,uDAAuD,WAAW,IAAI,QAAQ,iCAAiC,WAAW;AAAA,IAC/J;AACA,SAAK,OAAO;AACZ,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,cAAc;AAAA,EACrB;AACF;AAEO,IAAM,oBAAN,cAAgC,aAAa;AAAA,EACzC;AAAA,EACA;AAAA,EACA;AAAA,EAET,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAIG;AACD,UAAM,iCAAiC,KAAK,EAAE;AAC9C,SAAK,OAAO;AACZ,SAAK,QAAQ;AACb,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAChB;AACF;AAEO,IAAM,iBAAN,cAA6B,aAAa;AAAA,EACtC;AAAA,EACA;AAAA,EAET,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAIG;AACD,UAAM,WAAW,+BAA+B,QAAQ,SAAS,MAAM,EAAE;AACzE,SAAK,OAAO;AACZ,SAAK,WAAW;AAChB,SAAK,SAAS;AAAA,EAChB;AACF;AAEO,IAAM,eAAN,cAA2B,aAAa;AAAA,EACpC;AAAA,EACA;AAAA,EACA;AAAA,EAET,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA;AAAA,EACF,GAIG;AACD,UAAM,gCAAgC,SAAS,GAAG;AAClD,SAAK,OAAO;AACZ,SAAK,YAAY;AACjB,SAAK,UAAU;AACf,SAAK,SAAS;AAAA,EAChB;AACF;;;AD3HA,IAAM,gBAAgB,EAAE,MAAM,CAAC,EAAE,OAAO,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;AAIxD,IAAM,eAAe,EAAE,KAAK,CAAC,QAAQ,SAAS,UAAU,QAAQ,CAAC;AAExE,IAAM,gBAAgB,EACnB,OAAO,EAAE,OAAO,eAAe,KAAK,EAAE,MAAM,YAAY,EAAE,SAAS,EAAE,CAAC,EACtE,OAAO;AAEV,IAAM,eAAe,EAClB,OAAO,EAAE,MAAM,eAAe,KAAK,EAAE,MAAM,YAAY,EAAE,SAAS,EAAE,CAAC,EACrE,OAAO;AAEV,IAAM,mBAAmB,EACtB,OAAO;AAAA,EACN,UAAU;AAAA,EACV,IAAI,EAAE,OAAO;AAAA,EACb,KAAK,EAAE,MAAM,YAAY,EAAE,SAAS;AACtC,CAAC,EACA,OAAO;AAEV,IAAM,gBAAgB,EACnB,OAAO,EAAE,OAAO,eAAe,KAAK,EAAE,MAAM,YAAY,EAAE,SAAS,EAAE,CAAC,EACtE,OAAO;AAEV,IAAM,qBAAqB,EAAE,OAAO,EAAE,YAAY,cAAc,CAAC,EAAE,OAAO;AAEnE,IAAM,iBAAiB,EAAE,MAAM;AAAA,EACpC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAID,IAAM,mBAAmB,EACtB,OAAO;AAAA,EACN,OAAO;AAAA,EACP,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,IAAI,KAAK,CAAC,EAAE,SAAS;AAC9D,CAAC,EACA,OAAO;AAEV,IAAM,kBAAkB,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC,EAAE,OAAO;AAEjE,IAAM,sBAAsB,EACzB,OAAO,EAAE,UAAU,EAAE,OAAO,GAAG,IAAI,EAAE,OAAO,EAAE,CAAC,EAC/C,OAAO;AAEH,IAAM,oBAAoB,EAAE,MAAM;AAAA,EACvC;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAID,IAAM,wBAAwB,EAAE,MAAM;AAAA,EACpC,EAAE,OAAO;AAAA,EACT,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,GAAG,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC,EAAE,OAAO;AAClE,CAAC;AAED,IAAM,mBAAmB,EAAE,OAAO,EAAE,OAAO,cAAc,CAAC,EAAE,OAAO;AAEnE,IAAM,kBAAkB,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC,EAAE,OAAO;AAEjE,IAAM,sBAAsB,EACzB,OAAO,EAAE,UAAU,eAAe,IAAI,sBAAsB,CAAC,EAC7D,OAAO;AAEH,IAAM,oBAAoB,EAAE,MAAM;AAAA,EACvC;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAIM,IAAM,gBAAgB,EAC1B,OAAO;AAAA,EACN,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC;AAAA,EAC5B,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AAAA,EACpC,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AACrC,CAAC,EACA,OAAO;AAIH,IAAM,oBAAoB,EAC9B,OAAO;AAAA,EACN,OAAO,EAAE,OAAO;AAAA,EAChB,WAAW,EAAE,OAAO;AACtB,CAAC,EACA,OAAO;AAEH,IAAM,wBAAwB,EAClC,OAAO;AAAA,EACN,OAAO,EAAE,OAAO;AAAA,EAChB,YAAY,EAAE,OAAO;AACvB,CAAC,EACA,OAAO;AAIV,IAAM,yBAAyB,EAC5B,OAAO;AAAA,EACN,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AAAA,EACpC,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AACrC,CAAC,EACA,OAAO;AAEV,IAAM,qBAAqB,EACxB,OAAO;AAAA,EACN,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AAAA,EACvC,cAAc,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AAAA,EAC3C,aAAa,EAAE,OAAO,EAAE,SAAS;AAAA,EACjC,UAAU,cAAc,SAAS;AAAA,EACjC,SAAS,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AAAA,EACtC,aAAa,uBAAuB,SAAS;AAAA,EAC7C,WAAW,EAAE,OAAO,EAAE,SAAS;AAAA,EAC/B,SAAS,EAAE,OAAO,EAAE,QAAQ,CAAC,EAAE,SAAS;AAC1C,CAAC,EACA,OAAO;AAEH,IAAM,oBAAoB,EAC9B,OAAO;AAAA,EACN,OAAO;AAAA,EACP,QAAQ,EAAE,KAAK,CAAC,SAAS,QAAQ,WAAW,OAAO,CAAC;AAAA,EACpD,QAAQ,EAAE,OAAO,EAAE,SAAS;AAC9B,CAAC,EACA,OAAO;AAIH,IAAM,yBAAyB,EACnC,OAAO;AAAA,EACN,MAAM,EAAE,MAAM,cAAc,EAAE,SAAS;AAAA,EACvC,SAAS,EAAE,MAAM,iBAAiB,EAAE,SAAS;AAAA,EAC7C,UAAU,EAAE,MAAM,iBAAiB,EAAE,SAAS;AAAA,EAC9C,KAAK,EAAE,MAAM,aAAa,EAAE,SAAS;AAAA,EACrC,KAAK,EAAE,MAAM,iBAAiB,EAAE,SAAS;AAAA,EACzC,SAAS,EAAE,MAAM,qBAAqB,EAAE,SAAS;AAAA,EACjD,cAAc,EAAE,MAAM,iBAAiB,EAAE,SAAS;AACpD,CAAC,EACA,OAAO;AAgBH,SAAS,eAAe,QAAmC;AAChE,MAAI;AACF,WAAO,uBAAuB,MAAM,MAAM;AAAA,EAC5C,SAAS,KAAK;AACZ,QAAI,eAAe,UAAU;AAC3B,YAAM,IAAI,sBAAsB,EAAE,QAAQ,IAAI,OAAO,CAAC;AAAA,IACxD;AACA,UAAM;AAAA,EACR;AACF;;;AE7KA,IAAM,aAAa,CAAC,QAAQ,WAAW,YAAY,OAAO,OAAO,WAAW,cAAc;AAOnF,SAAS,MAAM,SAA2B,WAA0D;AACzG,SAAO,eAAe,cAAc,MAAM,WAAW,QAAQ,CAAC;AAChE;AAMO,SAAS,aAAa,SAA2B,WAA0D;AAChH,SAAO,eAAe,cAAc,MAAM,WAAW,SAAS,CAAC;AACjE;AAEA,SAAS,cACP,MACA,WACA,MACkB;AAClB,QAAM,SAAc,EAAE,GAAG,KAAK;AAC9B,aAAW,YAAY,WAAW;AAChC,eAAW,OAAO,YAAY;AAC5B,UAAI,SAAS,GAAG,KAAK,MAAM;AACzB,cAAM,YAAY,OAAO,GAAG,KAAK,CAAC;AAClC,eAAO,GAAG,IAAI,SAAS,WACnB,CAAC,GAAG,WAAW,GAAG,SAAS,GAAG,CAAE,IAChC,CAAC,GAAG,SAAS,GAAG,GAAI,GAAG,SAAS;AAAA,MACtC;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;;;AC7BO,SAAS,aACd,YACkB;AAClB,QAAM,OAAyB;AAAA,IAC7B,MAAM;AAAA,MACJ,EAAE,OAAO,iBAAiB,KAAK,CAAC,QAAQ,SAAS,QAAQ,EAAE;AAAA;AAAA,MAE3D,EAAE,MAAM,CAAC,0BAA0B,mBAAmB,EAAE;AAAA;AAAA,MAExD,EAAE,MAAM,CAAC,WAAW,aAAa,mBAAmB,YAAY,UAAU,EAAE;AAAA,MAC5E,EAAE,MAAM,CAAC,aAAa,iBAAiB,EAAE;AAAA;AAAA,MAEzC,EAAE,MAAM,CAAC,aAAa,aAAa,eAAe,qBAAqB,EAAE;AAAA;AAAA,MAEzE,EAAE,MAAM,CAAC,aAAa,YAAY,cAAc,iBAAiB,EAAE;AAAA;AAAA,MAEnE,EAAE,MAAM,CAAC,gBAAgB,YAAY,aAAa,WAAW,EAAE;AAAA;AAAA,MAE/D,EAAE,MAAM,kBAAkB;AAAA;AAAA,MAE1B,EAAE,MAAM,CAAC,mBAAmB,gBAAgB,4BAA4B,GAAG,KAAK,CAAC,SAAS,UAAU,QAAQ,EAAE;AAAA,IAChH;AAAA,IACA,SAAS;AAAA,MACP;AAAA,QACE,OAAO;AAAA,UACL;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,QACF;AAAA,QACA,OAAO,CAAC,GAAG;AAAA,MACb;AAAA,MACA,EAAE,MAAM,IAAI;AAAA,IACd;AAAA,IACA,UAAU;AAAA;AAAA,MAER;AAAA,QACE,OAAO;AAAA,UACL;AAAA,UAAQ;AAAA,UAAM;AAAA,UAAQ;AAAA,UAAO;AAAA,UAAQ;AAAA,UAAQ;AAAA,UAAQ;AAAA,UACrD;AAAA,UAAM;AAAA,UAAM;AAAA,UAAQ;AAAA,UAAQ;AAAA,UAAQ;AAAA,UAAO;AAAA,UAAQ;AAAA,UACnD;AAAA,UAAU;AAAA,UAAM;AAAA,UAAS;AAAA,UAAU;AAAA,UAAQ;AAAA,UAAQ;AAAA,UACnD;AAAA,UAAS;AAAA,UAAM;AAAA,UAAM;AAAA,UAAM;AAAA,UAAS;AAAA,UAAS;AAAA,UAAM;AAAA,UACnD;AAAA,UAAO;AAAA,UAAO;AAAA,UAAO;AAAA,UAAS;AAAA,UAAY;AAAA,UAAW;AAAA,UACrD;AAAA,UAAU;AAAA,UAAU;AAAA,UAAa;AAAA,UAAO;AAAA,UAAQ;AAAA,QAClD;AAAA,MACF;AAAA;AAAA,MAEA;AAAA,QACE,OAAO;AAAA,UACL;AAAA,UAAO;AAAA,UAAQ;AAAA,UAAO;AAAA,UAAO;AAAA,UAAQ;AAAA,UAAQ;AAAA,UAC7C;AAAA,UAAU;AAAA,UAAW;AAAA,UAAO;AAAA,UAC5B;AAAA,UAAS;AAAA,UAAS;AAAA,UAAM;AAAA,UAAQ;AAAA,QAClC;AAAA,MACF;AAAA;AAAA,MAEA,EAAE,MAAM,CAAC,OAAO,YAAY,QAAQ,MAAM,MAAM,EAAE;AAAA,MAClD,EAAE,MAAM,CAAC,YAAY,UAAU,QAAQ,UAAU,EAAE;AAAA,MACnD,EAAE,MAAM,CAAC,MAAM,QAAQ,UAAU,SAAS,QAAQ,EAAE;AAAA,MACpD,EAAE,MAAM,CAAC,oBAAoB,kBAAkB,EAAE;AAAA,MACjD;AAAA,QACE,UAAU,CAAC,QAAQ,MAAM;AAAA,QACzB,IAAI,EAAE,KAAK,iBAAiB,MAAM,CAAC,SAAS,EAAE;AAAA,MAChD;AAAA,IACF;AAAA,IACA,cAAc;AAAA;AAAA,MAEZ;AAAA,QACE,OAAO,EAAE,aAAa,iBAAiB,UAAU,WAAW;AAAA,QAC5D,QAAQ;AAAA,QACR,QAAQ;AAAA,MACV;AAAA;AAAA,MAEA;AAAA,QACE,OAAO,EAAE,aAAa,UAAU;AAAA,QAChC,QAAQ;AAAA,QACR,QAAQ;AAAA,MACV;AAAA;AAAA,MAEA;AAAA,QACE,OAAO,EAAE,aAAa,cAAc,SAAS,CAAC,WAAW,EAAE;AAAA,QAC3D,QAAQ;AAAA,QACR,QAAQ;AAAA,MACV;AAAA;AAAA,MAEA;AAAA,QACE,OAAO,EAAE,aAAa,iBAAiB,UAAU,SAAS;AAAA,QAC1D,QAAQ;AAAA,QACR,QAAQ;AAAA,MACV;AAAA;AAAA,MAEA;AAAA,QACE,OAAO;AAAA,UACL,aAAa;AAAA,UACb,aAAa,EAAE,MAAM,CAAC,iBAAiB,UAAU,EAAE;AAAA,QACrD;AAAA,QACA,QAAQ;AAAA,QACR,QAAQ;AAAA,MACV;AAAA;AAAA,MAEA;AAAA,QACE,OAAO;AAAA,UACL,aAAa;AAAA,UACb,SAAS,CAAC,iBAAiB;AAAA,QAC7B;AAAA,QACA,QAAQ;AAAA,QACR,QAAQ;AAAA,MACV;AAAA,IACF;AAAA,EACF;AACA,SAAO,aAAa,MAAM,MAAM,UAAU,IAAI;AAChD;AAOO,SAAS,QACd,YACkB;AAClB,QAAM,OAAyB;AAAA,IAC7B,MAAM;AAAA,MACJ,EAAE,OAAO,iBAAiB,KAAK,CAAC,QAAQ,SAAS,QAAQ,EAAE;AAAA,MAC3D,EAAE,MAAM,CAAC,WAAW,aAAa,mBAAmB,YAAY,UAAU,EAAE;AAAA,MAC5E,EAAE,MAAM,CAAC,aAAa,iBAAiB,EAAE;AAAA,MACzC,EAAE,MAAM,CAAC,aAAa,aAAa,eAAe,qBAAqB,EAAE;AAAA,MACzE,EAAE,MAAM,CAAC,aAAa,YAAY,cAAc,iBAAiB,EAAE;AAAA,MACnE,EAAE,MAAM,CAAC,gBAAgB,YAAY,aAAa,WAAW,EAAE;AAAA,IACjE;AAAA,IACA,SAAS;AAAA,MACP;AAAA,QACE,OAAO,CAAC,sBAAsB,sBAAsB;AAAA,QACpD,OAAO,CAAC,GAAG;AAAA,MACb;AAAA,IACF;AAAA,IACA,UAAU,CAAC,EAAE,MAAM,CAAC,OAAO,YAAY,YAAY,QAAQ,EAAE,CAAC;AAAA,EAChE;AACA,SAAO,aAAa,MAAM,MAAM,UAAU,IAAI;AAChD;AAOO,SAAS,SACd,YACkB;AAClB,QAAM,OAAyB;AAAA,IAC7B,MAAM;AAAA,MACJ,EAAE,OAAO,gBAAgB;AAAA,MACzB,EAAE,MAAM,CAAC,WAAW,aAAa,mBAAmB,YAAY,UAAU,EAAE;AAAA,MAC5E,EAAE,MAAM,CAAC,aAAa,aAAa,eAAe,qBAAqB,EAAE;AAAA,MACzE,EAAE,MAAM,MAAM;AAAA,IAChB;AAAA,IACA,SAAS;AAAA,MACP;AAAA,QACE,OAAO;AAAA,UACL;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,QACF;AAAA,QACA,OAAO,CAAC,GAAG;AAAA,MACb;AAAA,MACA,EAAE,MAAM,IAAI;AAAA,IACd;AAAA,IACA,UAAU;AAAA,MACR,EAAE,MAAM,CAAC,OAAO,YAAY,YAAY,UAAU,MAAM,EAAE;AAAA,IAC5D;AAAA,EACF;AACA,SAAO,aAAa,MAAM,MAAM,UAAU,IAAI;AAChD;AAOO,SAAS,aACd,YACkB;AAClB,QAAM,OAAyB;AAAA,IAC7B,MAAM;AAAA,MACJ,EAAE,OAAO,iBAAiB,KAAK,CAAC,MAAM,EAAE;AAAA,MACxC,EAAE,MAAM,MAAM;AAAA,IAChB;AAAA,IACA,SAAS,CAAC,EAAE,MAAM,IAAI,CAAC;AAAA,IACvB,UAAU;AAAA,MACR,EAAE,MAAM,CAAC,OAAO,YAAY,QAAQ,MAAM,YAAY,QAAQ,EAAE;AAAA,IAClE;AAAA,EACF;AACA,SAAO,aAAa,MAAM,MAAM,UAAU,IAAI;AAChD;;;ACvNA,OAAO,UAAU;AAejB,SAAS,QAAQ,OAAoC;AACnD,SAAO,MAAM,QAAQ,KAAK,IAAI,QAAQ,CAAC,KAAK;AAC9C;AAKA,IAAM,qBAAoC;AAAA,EACxC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEA,IAAM,uBAAsC,CAAC,SAAS,QAAQ,UAAU;AAExE,SAAS,aACP,MACA,MACsC;AACtC,aAAW,KAAK,MAAM;AACpB,QAAI,KAAK,MAAM;AACb,aAAO,EAAE,KAAK,GAAG,OAAO,KAAK,CAAC,EAAE;AAAA,IAClC;AAAA,EACF;AACA,QAAM,IAAI,MAAM,kCAAkC,KAAK,UAAU,IAAI,CAAC,EAAE;AAC1E;AAGA,SAAS,aAAa,KAA0B;AAC9C,SAAO,QAAQ,eAAe,gBAAgB;AAChD;AAIA,SAAS,mBAAmB,OAA8C;AACxE,SAAO,MAAM,IAAI,CAAC,MAAM,MAAM;AAC5B,UAAM,IAAI;AACV,UAAM,EAAE,KAAK,MAAM,IAAI,aAAa,GAAG,kBAAkB;AACzD,UAAM,QAAQ,QAAQ,KAA0B;AAEhD,UAAM,MAA+B;AAAA,MACnC,MAAM,aAAa,CAAC;AAAA,MACpB;AAAA,IACF;AAEA,QAAI,SAAS,KAAK,EAAE,KAAK;AACvB,UAAI,aAAa,EAAE;AAAA,IACrB;AAEA,QAAI,WAAW,aAAa,GAAG;AAE/B,QAAI,QAAQ,cAAc,QAAQ,GAAG;AACnC,UAAI,cAAc,EAAE;AAAA,IACtB;AAEA,WAAO;AAAA,EACT,CAAC;AACH;AAIA,SAAS,sBACP,OAC2B;AAC3B,SAAO,MAAM,IAAI,CAAC,MAAM,MAAM;AAC5B,UAAM,IAAI;AACV,UAAM,EAAE,KAAK,MAAM,IAAI,aAAa,GAAG,oBAAoB;AAC3D,UAAM,UAAU,QAAQ,KAA0B;AAElD,UAAM,MAA+B;AAAA,MACnC,MAAM,gBAAgB,CAAC;AAAA,MACvB;AAAA,MACA,UAAU;AAAA,IACZ;AAEA,QAAI,WAAW,KAAK,EAAE,OAAO;AAC3B,UAAI,QAAQ,EAAE;AAAA,IAChB;AAEA,QAAI,QAAQ,cAAc,QAAQ,GAAG;AACnC,UAAI,cAAc,EAAE;AAAA,IACtB;AAEA,WAAO;AAAA,EACT,CAAC;AACH;AAIA,SAAS,sBACP,OAC2B;AAC3B,SAAO,MAAM,IAAI,CAAC,MAAM,MAAM;AAC5B,UAAM,IAAI;AACV,UAAM,EAAE,KAAK,MAAM,IAAI,aAAa,GAAG,oBAAoB;AAC3D,UAAM,WAAW,QAAQ,KAA0B;AAEnD,UAAM,MAA+B;AAAA,MACnC,MAAM,gBAAgB,CAAC;AAAA,MACvB;AAAA,MACA,UAAU;AAAA,IACZ;AAEA,QAAI,QAAQ,cAAc,QAAQ,GAAG;AACnC,YAAM,KAAK,EAAE;AACb,UAAI,OAAO,OAAO,UAAU;AAC1B,YAAI,cAAc;AAAA,MACpB,WAAW,OAAO,OAAO,YAAY,OAAO,MAAM;AAChD,cAAM,SAAS;AACf,YAAI,cAAc,EAAE,SAAS,OAAO,KAAK,MAAM,OAAO,KAAK;AAAA,MAC7D;AAAA,IACF;AAEA,WAAO;AAAA,EACT,CAAC;AACH;AAIA,SAAS,kBAAkB,OAA6C;AACtE,SAAO,MAAM,IAAI,CAAC,MAAM,MAAM;AAC5B,UAAM,MAA+B;AAAA,MACnC,MAAM,YAAY,CAAC;AAAA,MACnB,UAAU,KAAK;AAAA,IACjB;AACA,QAAI,KAAK,OAAO;AACd,UAAI,QAAQ,KAAK;AAAA,IACnB;AACA,QAAI,KAAK,MAAM;AACb,UAAI,OAAO,KAAK;AAAA,IAClB;AACA,WAAO;AAAA,EACT,CAAC;AACH;AAIA,SAAS,sBACP,WAC2B;AAC3B,SAAO,UAAU,IAAI,CAAC,OAAO;AAAA,IAC3B,OAAO,EAAE;AAAA,IACT,YAAY,EAAE;AAAA,EAChB,EAAE;AACJ;AAIA,SAAS,0BACP,WAC2B;AAC3B,SAAO,UAAU,IAAI,CAAC,OAAO;AAAA,IAC3B,OAAO,EAAE;AAAA,IACT,aAAa,EAAE;AAAA,EACjB,EAAE;AACJ;AAIA,SAAS,sBACP,OAC2B;AAC3B,SAAO,MAAM,IAAI,CAAC,SAAS;AACzB,UAAM,QAAiC,CAAC;AAExC,QAAI,KAAK,MAAM,UAAU;AACvB,YAAM,WAAW,KAAK,MAAM;AAAA,IAC9B;AACA,QAAI,KAAK,MAAM,cAAc;AAC3B,YAAM,gBAAgB,KAAK,MAAM;AAAA,IACnC;AACA,QAAI,KAAK,MAAM,aAAa;AAC1B,YAAM,eAAe,KAAK,MAAM;AAAA,IAClC;AACA,QAAI,KAAK,MAAM,aAAa,QAAW;AACrC,YAAM,WAAW,KAAK,MAAM;AAAA,IAC9B;AACA,QAAI,KAAK,MAAM,SAAS;AACtB,YAAM,UAAU,KAAK,MAAM;AAAA,IAC7B;AACA,QAAI,KAAK,MAAM,aAAa;AAC1B,YAAM,eAAe,KAAK,MAAM;AAAA,IAClC;AACA,QAAI,KAAK,MAAM,WAAW;AACxB,YAAM,YAAY,KAAK,MAAM;AAAA,IAC/B;AACA,QAAI,KAAK,MAAM,SAAS;AACtB,YAAM,UAAU,KAAK,MAAM;AAAA,IAC7B;AAEA,UAAM,MAA+B;AAAA,MACnC;AAAA,MACA,QAAQ,KAAK;AAAA,IACf;AAEA,QAAI,KAAK,QAAQ;AACf,UAAI,SAAS,KAAK;AAAA,IACpB;AAEA,WAAO;AAAA,EACT,CAAC;AACH;AASO,SAAS,gBAAgB,QAAkC;AAChE,QAAM,MAA+B;AAAA,IACnC,SAAS;AAAA,IACT,MAAM;AAAA,EACR;AAEA,MAAI,OAAO,QAAQ,OAAO,KAAK,SAAS,GAAG;AACzC,QAAI,aAAa,mBAAmB,OAAO,IAAI;AAAA,EACjD;AAEA,MAAI,OAAO,WAAW,OAAO,QAAQ,SAAS,GAAG;AAC/C,QAAI,gBAAgB,sBAAsB,OAAO,OAAO;AAAA,EAC1D;AAEA,MAAI,OAAO,YAAY,OAAO,SAAS,SAAS,GAAG;AACjD,QAAI,gBAAgB,sBAAsB,OAAO,QAAQ;AAAA,EAC3D;AAEA,MAAI,OAAO,OAAO,OAAO,IAAI,SAAS,GAAG;AACvC,QAAI,YAAY,kBAAkB,OAAO,GAAG;AAAA,EAC9C;AAEA,MAAI,OAAO,OAAO,OAAO,IAAI,SAAS,GAAG;AACvC,QAAI,gBAAgB,sBAAsB,OAAO,GAAG;AAAA,EACtD;AAEA,MAAI,OAAO,WAAW,OAAO,QAAQ,SAAS,GAAG;AAC/C,QAAI,oBAAoB,0BAA0B,OAAO,OAAO;AAAA,EAClE;AAEA,MAAI,OAAO,gBAAgB,OAAO,aAAa,SAAS,GAAG;AACzD,QAAI,gBAAgB,sBAAsB,OAAO,YAAY;AAAA,EAC/D;AAEA,SAAO,KAAK,KAAK,KAAK,EAAE,WAAW,GAAG,CAAC;AACzC;AASO,SAAS,mBAA2B;AACzC,QAAM,MAAM;AAAA,IACV,SAAS;AAAA,IACT,MAAM;AAAA,IACN,YAAY;AAAA,MACV;AAAA,QACE,MAAM;AAAA,QACN,OAAO,CAAC,iBAAiB;AAAA,QACzB,YAAY,CAAC,SAAS,UAAU,QAAQ;AAAA,QACxC,UAAU;AAAA,QACV,SAAS;AAAA,MACX;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,OAAO,CAAC,2BAA2B,mBAAmB;AAAA,QACtD,YAAY,CAAC,SAAS,UAAU,QAAQ;AAAA,QACxC,UAAU;AAAA,QACV,SAAS;AAAA,MACX;AAAA,MACA;AAAA,QACE,MAAM;AAAA,QACN,OAAO,CAAC,+BAA+B,aAAa,SAAS;AAAA,QAC7D,YAAY,CAAC,SAAS,UAAU,QAAQ;AAAA,QACxC,UAAU;AAAA,QACV,SAAS;AAAA,MACX;AAAA,IACF;AAAA,IACA,eAAe;AAAA,MACb;AAAA,QACE,MAAM;AAAA,QACN,UAAU,CAAC,QAAQ,WAAW,OAAO;AAAA,QACrC,YAAY,CAAC,SAAS;AAAA,QACtB,UAAU;AAAA,QACV,SAAS;AAAA,MACX;AAAA,IACF;AAAA,EACF;AAEA,SAAO,KAAK,KAAK,KAAK,EAAE,WAAW,GAAG,CAAC;AACzC;","names":[]}
package/dist/chunk-L4KFLVNU.js DELETED
@@ -1,33 +0,0 @@
1
- import {
2
- blaxel
3
- } from "./chunk-UYEAO27E.js";
4
- import {
5
- cloudflare
6
- } from "./chunk-LMN3KM53.js";
7
- import {
8
- daytona
9
- } from "./chunk-45FKFVMC.js";
10
- import {
11
- e2b
12
- } from "./chunk-2P37YGN7.js";
13
- import {
14
- vercel
15
- } from "./chunk-JY5ERJTX.js";
16
- import {
17
- __export
18
- } from "./chunk-PZ5AY32C.js";
19
-
20
- // src/adapters/index.ts
21
- var adapters_exports = {};
22
- __export(adapters_exports, {
23
- blaxel: () => blaxel,
24
- cloudflare: () => cloudflare,
25
- daytona: () => daytona,
26
- e2b: () => e2b,
27
- vercel: () => vercel
28
- });
29
-
30
- export {
31
- adapters_exports
32
- };
33
- //# sourceMappingURL=chunk-L4KFLVNU.js.map
package/dist/chunk-L4KFLVNU.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/adapters/index.ts"],"sourcesContent":["export { vercel } from './vercel.js';\nexport { e2b } from './e2b.js';\nexport { daytona } from './daytona.js';\nexport { cloudflare } from './cloudflare.js';\nexport { blaxel } from './blaxel.js';\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;","names":[]}
package/dist/index-aQ1TVPtG.d.ts DELETED
@@ -1,16 +0,0 @@
1
- import { vercel } from './adapters/vercel.js';
2
- import { e2b } from './adapters/e2b.js';
3
- import { daytona } from './adapters/daytona.js';
4
- import { cloudflare } from './adapters/cloudflare.js';
5
- import { blaxel } from './adapters/blaxel.js';
6
-
7
- declare const index_blaxel: typeof blaxel;
8
- declare const index_cloudflare: typeof cloudflare;
9
- declare const index_daytona: typeof daytona;
10
- declare const index_e2b: typeof e2b;
11
- declare const index_vercel: typeof vercel;
12
- declare namespace index {
13
- export { index_blaxel as blaxel, index_cloudflare as cloudflare, index_daytona as daytona, index_e2b as e2b, index_vercel as vercel };
14
- }
15
-
16
- export { index as i };
package/dist/{index-Nmlhw9oj.d.ts → index-CedRtlB6.d.ts} RENAMED
@@ -363,17 +363,6 @@ declare const PolicyDefinitionSchema: z.ZodObject<{
363
363
  reason?: string | undefined;
364
364
  }>, "many">>;
365
365
  }, "strict", z.ZodTypeAny, {
366
- commands?: ({
367
- allow: string | string[];
368
- } | {
369
- deny: string | string[];
370
- } | {
371
- redirect: string | string[];
372
- to: string | {
373
- cmd: string;
374
- args: string[];
375
- };
376
- })[] | undefined;
377
366
  file?: ({
378
367
  allow: string | string[];
379
368
  ops?: ("read" | "write" | "create" | "delete")[] | undefined;
@@ -399,6 +388,17 @@ declare const PolicyDefinitionSchema: z.ZodObject<{
399
388
  redirect: string;
400
389
  to: string;
401
390
  })[] | undefined;
391
+ commands?: ({
392
+ allow: string | string[];
393
+ } | {
394
+ deny: string | string[];
395
+ } | {
396
+ redirect: string | string[];
397
+ to: string | {
398
+ cmd: string;
399
+ args: string[];
400
+ };
401
+ })[] | undefined;
402
402
  env?: {
403
403
  commands: string[];
404
404
  deny?: string[] | undefined;
@@ -430,17 +430,6 @@ declare const PolicyDefinitionSchema: z.ZodObject<{
430
430
  reason?: string | undefined;
431
431
  }[] | undefined;
432
432
  }, {
433
- commands?: ({
434
- allow: string | string[];
435
- } | {
436
- deny: string | string[];
437
- } | {
438
- redirect: string | string[];
439
- to: string | {
440
- cmd: string;
441
- args: string[];
442
- };
443
- })[] | undefined;
444
433
  file?: ({
445
434
  allow: string | string[];
446
435
  ops?: ("read" | "write" | "create" | "delete")[] | undefined;
@@ -466,6 +455,17 @@ declare const PolicyDefinitionSchema: z.ZodObject<{
466
455
  redirect: string;
467
456
  to: string;
468
457
  })[] | undefined;
458
+ commands?: ({
459
+ allow: string | string[];
460
+ } | {
461
+ deny: string | string[];
462
+ } | {
463
+ redirect: string | string[];
464
+ to: string | {
465
+ cmd: string;
466
+ args: string[];
467
+ };
468
+ })[] | undefined;
469
469
  env?: {
470
470
  commands: string[];
471
471
  deny?: string[] | undefined;