@anthropic-ai/sandbox-runtime 0.0.7 → 0.0.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/sandbox/generate-seccomp-filter.d.ts +6 -4
- package/dist/sandbox/generate-seccomp-filter.d.ts.map +1 -1
- package/dist/sandbox/generate-seccomp-filter.js +8 -4
- package/dist/sandbox/generate-seccomp-filter.js.map +1 -1
- package/dist/sandbox/linux-sandbox-utils.d.ts.map +1 -1
- package/dist/sandbox/linux-sandbox-utils.js +23 -0
- package/dist/sandbox/linux-sandbox-utils.js.map +1 -1
- package/dist/sandbox/sandbox-manager.d.ts +6 -1
- package/dist/sandbox/sandbox-manager.d.ts.map +1 -1
- package/dist/sandbox/sandbox-manager.js +43 -28
- package/dist/sandbox/sandbox-manager.js.map +1 -1
- package/package.json +12 -3
- package/dist/sandbox/windows-sandbox-utils.d.ts +0 -82
- package/dist/sandbox/windows-sandbox-utils.d.ts.map +0 -1
- package/dist/sandbox/windows-sandbox-utils.js +0 -270
- package/dist/sandbox/windows-sandbox-utils.js.map +0 -1
package/README.md
CHANGED
|
@@ -109,7 +109,7 @@ The sandbox uses OS-level primitives to enforce restrictions that apply to the e
|
|
|
109
109
|
|
|
110
110
|
### Dual Isolation Model
|
|
111
111
|
|
|
112
|
-
Both filesystem and network isolation are required for effective sandboxing. Without
|
|
112
|
+
Both filesystem and network isolation are required for effective sandboxing. Without file isolation, a compromised process could exfiltrate SSH keys or other sensitive files. Without network isolation, a process could escape the sandbox and gain unrestricted network access.
|
|
113
113
|
|
|
114
114
|
**Filesystem Isolation** enforces read and write restrictions:
|
|
115
115
|
|
|
@@ -6,8 +6,9 @@
|
|
|
6
6
|
* - vendor/seccomp/{x64,arm64}/unix-block.bpf
|
|
7
7
|
*
|
|
8
8
|
* Tries multiple paths for resilience:
|
|
9
|
-
* 1.
|
|
10
|
-
* 2.
|
|
9
|
+
* 1. vendor/seccomp/{arch}/unix-block.bpf (bundled - when bundled into consuming packages)
|
|
10
|
+
* 2. ../../vendor/seccomp/{arch}/unix-block.bpf (package root - standard npm installs)
|
|
11
|
+
* 3. ../vendor/seccomp/{arch}/unix-block.bpf (dist/vendor - for bundlers)
|
|
11
12
|
*/
|
|
12
13
|
export declare function getPreGeneratedBpfPath(): string | null;
|
|
13
14
|
/**
|
|
@@ -18,8 +19,9 @@ export declare function getPreGeneratedBpfPath(): string | null;
|
|
|
18
19
|
* - vendor/seccomp/{x64,arm64}/apply-seccomp
|
|
19
20
|
*
|
|
20
21
|
* Tries multiple paths for resilience:
|
|
21
|
-
* 1.
|
|
22
|
-
* 2.
|
|
22
|
+
* 1. vendor/seccomp/{arch}/apply-seccomp (bundled - when bundled into consuming packages)
|
|
23
|
+
* 2. ../../vendor/seccomp/{arch}/apply-seccomp (package root - standard npm installs)
|
|
24
|
+
* 3. ../vendor/seccomp/{arch}/apply-seccomp (dist/vendor - for bundlers)
|
|
23
25
|
*/
|
|
24
26
|
export declare function getApplySeccompBinaryPath(): string | null;
|
|
25
27
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generate-seccomp-filter.d.ts","sourceRoot":"","sources":["../../src/sandbox/generate-seccomp-filter.ts"],"names":[],"mappings":"AAgDA
|
|
1
|
+
{"version":3,"file":"generate-seccomp-filter.d.ts","sourceRoot":"","sources":["../../src/sandbox/generate-seccomp-filter.ts"],"names":[],"mappings":"AAgDA;;;;;;;;;;;GAWG;AACH,wBAAgB,sBAAsB,IAAI,MAAM,GAAG,IAAI,CAqCtD;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,yBAAyB,IAAI,MAAM,GAAG,IAAI,CAuCzD;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,wBAAgB,qBAAqB,IAAI,MAAM,GAAG,IAAI,CAarD;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI,CAE9D"}
|
|
@@ -47,8 +47,9 @@ function getVendorArchitecture() {
|
|
|
47
47
|
* - vendor/seccomp/{x64,arm64}/unix-block.bpf
|
|
48
48
|
*
|
|
49
49
|
* Tries multiple paths for resilience:
|
|
50
|
-
* 1.
|
|
51
|
-
* 2.
|
|
50
|
+
* 1. vendor/seccomp/{arch}/unix-block.bpf (bundled - when bundled into consuming packages)
|
|
51
|
+
* 2. ../../vendor/seccomp/{arch}/unix-block.bpf (package root - standard npm installs)
|
|
52
|
+
* 3. ../vendor/seccomp/{arch}/unix-block.bpf (dist/vendor - for bundlers)
|
|
52
53
|
*/
|
|
53
54
|
export function getPreGeneratedBpfPath() {
|
|
54
55
|
// Determine architecture
|
|
@@ -64,6 +65,7 @@ export function getPreGeneratedBpfPath() {
|
|
|
64
65
|
const relativePath = join('vendor', 'seccomp', arch, 'unix-block.bpf');
|
|
65
66
|
// Try paths in order of preference
|
|
66
67
|
const pathsToTry = [
|
|
68
|
+
join(baseDir, relativePath), // bundled: same directory as bundle (e.g., when bundled into claude-cli)
|
|
67
69
|
join(baseDir, '..', '..', relativePath), // package root: vendor/seccomp/...
|
|
68
70
|
join(baseDir, '..', relativePath), // dist: dist/vendor/seccomp/...
|
|
69
71
|
];
|
|
@@ -84,8 +86,9 @@ export function getPreGeneratedBpfPath() {
|
|
|
84
86
|
* - vendor/seccomp/{x64,arm64}/apply-seccomp
|
|
85
87
|
*
|
|
86
88
|
* Tries multiple paths for resilience:
|
|
87
|
-
* 1.
|
|
88
|
-
* 2.
|
|
89
|
+
* 1. vendor/seccomp/{arch}/apply-seccomp (bundled - when bundled into consuming packages)
|
|
90
|
+
* 2. ../../vendor/seccomp/{arch}/apply-seccomp (package root - standard npm installs)
|
|
91
|
+
* 3. ../vendor/seccomp/{arch}/apply-seccomp (dist/vendor - for bundlers)
|
|
89
92
|
*/
|
|
90
93
|
export function getApplySeccompBinaryPath() {
|
|
91
94
|
// Determine architecture
|
|
@@ -101,6 +104,7 @@ export function getApplySeccompBinaryPath() {
|
|
|
101
104
|
const relativePath = join('vendor', 'seccomp', arch, 'apply-seccomp');
|
|
102
105
|
// Try paths in order of preference
|
|
103
106
|
const pathsToTry = [
|
|
107
|
+
join(baseDir, relativePath), // bundled: same directory as bundle (e.g., when bundled into claude-cli)
|
|
104
108
|
join(baseDir, '..', '..', relativePath), // package root: vendor/seccomp/...
|
|
105
109
|
join(baseDir, '..', relativePath), // dist: dist/vendor/seccomp/...
|
|
106
110
|
];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generate-seccomp-filter.js","sourceRoot":"","sources":["../../src/sandbox/generate-seccomp-filter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AACxC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAA;AAC7B,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAEnD;;;GAGG;AACH,SAAS,qBAAqB;IAC5B,MAAM,IAAI,GAAG,OAAO,CAAC,IAAc,CAAA;IACnC,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,KAAK,CAAC;QACX,KAAK,QAAQ;YACX,OAAO,KAAK,CAAA;QACd,KAAK,OAAO,CAAC;QACb,KAAK,SAAS;YACZ,OAAO,OAAO,CAAA;QAChB,KAAK,MAAM,CAAC;QACZ,KAAK,KAAK;YACR,0CAA0C;YAC1C,wFAAwF;YACxF,mGAAmG;YACnG,4FAA4F;YAC5F,6FAA6F;YAC7F,EAAE;YACF,8CAA8C;YAC9C,8EAA8E;YAC9E,2FAA2F;YAC3F,8CAA8C;YAC9C,kDAAkD;YAClD,mFAAmF;YACnF,EAAE;YACF,sEAAsE;YACtE,eAAe,CACb,6GAA6G;gBAC3G,0HAA0H,EAC5H,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;YACD,OAAO,IAAI,CAAA;QACb;YACE,eAAe,CACb,6CAA6C,IAAI,qCAAqC,CACvF,CAAA;YACD,OAAO,IAAI,CAAA;IACf,CAAC;AACH,CAAC;AAED
|
|
1
|
+
{"version":3,"file":"generate-seccomp-filter.js","sourceRoot":"","sources":["../../src/sandbox/generate-seccomp-filter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AACxC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAA;AAC7B,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAEnD;;;GAGG;AACH,SAAS,qBAAqB;IAC5B,MAAM,IAAI,GAAG,OAAO,CAAC,IAAc,CAAA;IACnC,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,KAAK,CAAC;QACX,KAAK,QAAQ;YACX,OAAO,KAAK,CAAA;QACd,KAAK,OAAO,CAAC;QACb,KAAK,SAAS;YACZ,OAAO,OAAO,CAAA;QAChB,KAAK,MAAM,CAAC;QACZ,KAAK,KAAK;YACR,0CAA0C;YAC1C,wFAAwF;YACxF,mGAAmG;YACnG,4FAA4F;YAC5F,6FAA6F;YAC7F,EAAE;YACF,8CAA8C;YAC9C,8EAA8E;YAC9E,2FAA2F;YAC3F,8CAA8C;YAC9C,kDAAkD;YAClD,mFAAmF;YACnF,EAAE;YACF,sEAAsE;YACtE,eAAe,CACb,6GAA6G;gBAC3G,0HAA0H,EAC5H,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;YACD,OAAO,IAAI,CAAA;QACb;YACE,eAAe,CACb,6CAA6C,IAAI,qCAAqC,CACvF,CAAA;YACD,OAAO,IAAI,CAAA;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,sBAAsB;IACpC,yBAAyB;IACzB,MAAM,IAAI,GAAG,qBAAqB,EAAE,CAAA;IACpC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,eAAe,CACb,kFAAkF,OAAO,CAAC,IAAI,EAAE,CACjG,CAAA;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,eAAe,CAAC,0CAA0C,IAAI,EAAE,CAAC,CAAA;IAEjE,iDAAiD;IACjD,iEAAiE;IACjE,MAAM,OAAO,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;IACvD,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAA;IAEtE,mCAAmC;IACnC,MAAM,UAAU,GAAG;QACjB,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,EAAE,yEAAyE;QACtG,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,YAAY,CAAC,EAAE,mCAAmC;QAC5E,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,YAAY,CAAC,EAAE,gCAAgC;KACpE,CAAA;IAED,KAAK,MAAM,OAAO,IAAI,UAAU,EAAE,CAAC;QACjC,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3B,eAAe,CACb,mDAAmD,OAAO,KAAK,IAAI,GAAG,CACvE,CAAA;YACD,OAAO,OAAO,CAAA;QAChB,CAAC;IACH,CAAC;IAED,eAAe,CACb,gFAAgF,IAAI,GAAG,CACxF,CAAA;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,yBAAyB;IACvC,yBAAyB;IACzB,MAAM,IAAI,GAAG,qBAAqB,EAAE,CAAA;IACpC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,eAAe,CACb,8EAA8E,OAAO,CAAC,IAAI,EAAE,CAC7F,CAAA;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,eAAe,CACb,sEAAsE,IAAI,EAAE,CAC7E,CAAA;IAED,+CAA+C;IAC/C,iEAAiE;IACjE,MAAM,OAAO,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;IACvD,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE,eAAe,CAAC,CAAA;IAErE,mCAAmC;IACnC,MAAM,UAAU,GAAG;QACjB,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,EAAE,yEAAyE;QACtG,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,YAAY,CAAC,EAAE,mCAAmC;QAC5E,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,YAAY,CAAC,EAAE,gCAAgC;KACpE,CAAA;IAED,KAAK,MAAM,UAAU,IAAI,UAAU,EAAE,CAAC;QACpC,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC9B,eAAe,CACb,+CAA+C,UAAU,KAAK,IAAI,GAAG,CACtE,CAAA;YACD,OAAO,UAAU,CAAA;QACnB,CAAC;IACH,CAAC;IAED,eAAe,CACb,4EAA4E,IAAI,GAAG,CACpF,CAAA;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,UAAU,qBAAqB;IACnC,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAA;IAChD,IAAI,eAAe,EAAE,CAAC;QACpB,eAAe,CAAC,gDAAgD,CAAC,CAAA;QACjE,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,eAAe,CACb,gFAAgF;QAC9E,mCAAmC,EACrC,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAAC,WAAmB;IACtD,sDAAsD;AACxD,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"linux-sandbox-utils.d.ts","sourceRoot":"","sources":["../../src/sandbox/linux-sandbox-utils.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAQtD,OAAO,KAAK,EACV,uBAAuB,EACvB,wBAAwB,EACzB,MAAM,sBAAsB,CAAA;AAQ7B,MAAM,WAAW,yBAAyB;IACxC,cAAc,EAAE,MAAM,CAAA;IACtB,eAAe,EAAE,MAAM,CAAA;IACvB,iBAAiB,EAAE,YAAY,CAAA;IAC/B,kBAAkB,EAAE,YAAY,CAAA;IAChC,aAAa,EAAE,MAAM,CAAA;IACrB,cAAc,EAAE,MAAM,CAAA;CACvB;AAED,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,CAAA;IACf,sBAAsB,EAAE,OAAO,CAAA;IAC/B,yBAAyB,EAAE,OAAO,CAAA;IAClC,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,UAAU,CAAC,EAAE,uBAAuB,CAAA;IACpC,WAAW,CAAC,EAAE,wBAAwB,CAAA;IACtC,yBAAyB,CAAC,EAAE,OAAO,CAAA;IACnC,mBAAmB,CAAC,EAAE,OAAO,CAAA;IAC7B,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,aAAa,CAAC,EAAE;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAA;CACrD;AA2BD;;;;;;GAMG;AACH,wBAAgB,+BAA+B,CAC7C,mBAAmB,UAAQ,GAC1B,OAAO,CA0CT;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAsB,4BAA4B,CAChD,aAAa,EAAE,MAAM,EACrB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,yBAAyB,CAAC,
|
|
1
|
+
{"version":3,"file":"linux-sandbox-utils.d.ts","sourceRoot":"","sources":["../../src/sandbox/linux-sandbox-utils.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAQtD,OAAO,KAAK,EACV,uBAAuB,EACvB,wBAAwB,EACzB,MAAM,sBAAsB,CAAA;AAQ7B,MAAM,WAAW,yBAAyB;IACxC,cAAc,EAAE,MAAM,CAAA;IACtB,eAAe,EAAE,MAAM,CAAA;IACvB,iBAAiB,EAAE,YAAY,CAAA;IAC/B,kBAAkB,EAAE,YAAY,CAAA;IAChC,aAAa,EAAE,MAAM,CAAA;IACrB,cAAc,EAAE,MAAM,CAAA;CACvB;AAED,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,CAAA;IACf,sBAAsB,EAAE,OAAO,CAAA;IAC/B,yBAAyB,EAAE,OAAO,CAAA;IAClC,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,UAAU,CAAC,EAAE,uBAAuB,CAAA;IACpC,WAAW,CAAC,EAAE,wBAAwB,CAAA;IACtC,yBAAyB,CAAC,EAAE,OAAO,CAAA;IACnC,mBAAmB,CAAC,EAAE,OAAO,CAAA;IAC7B,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,aAAa,CAAC,EAAE;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAA;CACrD;AA2BD;;;;;;GAMG;AACH,wBAAgB,+BAA+B,CAC7C,mBAAmB,UAAQ,GAC1B,OAAO,CA0CT;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAsB,4BAA4B,CAChD,aAAa,EAAE,MAAM,EACrB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,yBAAyB,CAAC,CA2HpC;AAqLD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6CG;AACH,wBAAsB,2BAA2B,CAC/C,MAAM,EAAE,kBAAkB,GACzB,OAAO,CAAC,MAAM,CAAC,CA+NjB"}
|
|
@@ -115,6 +115,13 @@ export async function initializeLinuxNetworkBridge(httpProxyPort, socksProxyPort
|
|
|
115
115
|
if (!httpBridgeProcess.pid) {
|
|
116
116
|
throw new Error('Failed to start HTTP bridge process');
|
|
117
117
|
}
|
|
118
|
+
// Add error and exit handlers to monitor bridge health
|
|
119
|
+
httpBridgeProcess.on('error', err => {
|
|
120
|
+
logForDebugging(`HTTP bridge process error: ${err}`, { level: 'error' });
|
|
121
|
+
});
|
|
122
|
+
httpBridgeProcess.on('exit', (code, signal) => {
|
|
123
|
+
logForDebugging(`HTTP bridge process exited with code ${code}, signal ${signal}`, { level: code === 0 ? 'info' : 'error' });
|
|
124
|
+
});
|
|
118
125
|
// Start SOCKS bridge
|
|
119
126
|
const socksSocatArgs = [
|
|
120
127
|
`UNIX-LISTEN:${socksSocketPath},fork,reuseaddr`,
|
|
@@ -136,6 +143,13 @@ export async function initializeLinuxNetworkBridge(httpProxyPort, socksProxyPort
|
|
|
136
143
|
}
|
|
137
144
|
throw new Error('Failed to start SOCKS bridge process');
|
|
138
145
|
}
|
|
146
|
+
// Add error and exit handlers to monitor bridge health
|
|
147
|
+
socksBridgeProcess.on('error', err => {
|
|
148
|
+
logForDebugging(`SOCKS bridge process error: ${err}`, { level: 'error' });
|
|
149
|
+
});
|
|
150
|
+
socksBridgeProcess.on('exit', (code, signal) => {
|
|
151
|
+
logForDebugging(`SOCKS bridge process exited with code ${code}, signal ${signal}`, { level: code === 0 ? 'info' : 'error' });
|
|
152
|
+
});
|
|
139
153
|
// Wait for both sockets to be ready
|
|
140
154
|
const maxAttempts = 5;
|
|
141
155
|
for (let i = 0; i < maxAttempts; i++) {
|
|
@@ -407,6 +421,15 @@ export async function wrapCommandWithSandboxLinux(params) {
|
|
|
407
421
|
if (!httpSocketPath || !socksSocketPath) {
|
|
408
422
|
throw new Error('Linux network sandboxing was requested but bridge socket paths are not available');
|
|
409
423
|
}
|
|
424
|
+
// Verify socket files still exist before trying to bind them
|
|
425
|
+
if (!fs.existsSync(httpSocketPath)) {
|
|
426
|
+
throw new Error(`Linux HTTP bridge socket does not exist: ${httpSocketPath}. ` +
|
|
427
|
+
'The bridge process may have died. Try reinitializing the sandbox.');
|
|
428
|
+
}
|
|
429
|
+
if (!fs.existsSync(socksSocketPath)) {
|
|
430
|
+
throw new Error(`Linux SOCKS bridge socket does not exist: ${socksSocketPath}. ` +
|
|
431
|
+
'The bridge process may have died. Try reinitializing the sandbox.');
|
|
432
|
+
}
|
|
410
433
|
bwrapArgs.push('--unshare-net');
|
|
411
434
|
// Bind both sockets into the sandbox
|
|
412
435
|
bwrapArgs.push('--bind', httpSocketPath, httpSocketPath);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"linux-sandbox-utils.js","sourceRoot":"","sources":["../../src/sandbox/linux-sandbox-utils.ts"],"names":[],"mappings":"AAAA,OAAO,UAAU,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AACzC,OAAO,KAAK,EAAE,MAAM,IAAI,CAAA;AACxB,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAErD,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAA;AAChC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAChC,OAAO,EACL,oBAAoB,EACpB,uBAAuB,EACvB,2BAA2B,GAC5B,MAAM,oBAAoB,CAAA;AAK3B,OAAO,EACL,qBAAqB,EACrB,oBAAoB,EACpB,sBAAsB,EACtB,yBAAyB,GAC1B,MAAM,8BAA8B,CAAA;AA2BrC,8DAA8D;AAC9D,MAAM,uBAAuB,GAAgB,IAAI,GAAG,EAAE,CAAA;AACtD,IAAI,qBAAqB,GAAG,KAAK,CAAA;AAEjC;;GAEG;AACH,SAAS,6BAA6B;IACpC,IAAI,qBAAqB,EAAE,CAAC;QAC1B,OAAM;IACR,CAAC;IAED,OAAO,CAAC,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE;QACtB,KAAK,MAAM,UAAU,IAAI,uBAAuB,EAAE,CAAC;YACjD,IAAI,CAAC;gBACH,oBAAoB,CAAC,UAAU,CAAC,CAAA;YAClC,CAAC;YAAC,MAAM,CAAC;gBACP,oCAAoC;YACtC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,qBAAqB,GAAG,IAAI,CAAA;AAC9B,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,+BAA+B,CAC7C,mBAAmB,GAAG,KAAK;IAE3B,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE;YAChD,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,IAAI;SACd,CAAC,CAAA;QACF,MAAM,WAAW,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE;YAChD,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,IAAI;SACd,CAAC,CAAA;QAEF,MAAM,YAAY,GAAG,WAAW,CAAC,MAAM,KAAK,CAAC,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,CAAA;QAEzE,0EAA0E;QAC1E,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACzB,oEAAoE;YACpE,MAAM,kBAAkB,GAAG,sBAAsB,EAAE,KAAK,IAAI,CAAA;YAE5D,kEAAkE;YAClE,MAAM,qBAAqB,GAAG,yBAAyB,EAAE,KAAK,IAAI,CAAA;YAElE,IAAI,kBAAkB,IAAI,qBAAqB,EAAE,CAAC;gBAChD,mEAAmE;gBACnE,OAAO,YAAY,CAAA;YACrB,CAAC;iBAAM,CAAC;gBACN,2EAA2E;gBAC3E,uEAAuE;gBACvE,wDAAwD;gBACxD,eAAe,CACb,gCAAgC,OAAO,CAAC,IAAI,2CAA2C;oBACrF,+EAA+E;oBAC/E,sDAAsD,EACxD,EAAE,KAAK,EAAE,MAAM,EAAE,CAClB,CAAA;gBACD,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;QAED,OAAO,YAAY,CAAA;IACrB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAChD,aAAqB,EACrB,cAAsB;IAEtB,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAC/C,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,eAAe,QAAQ,OAAO,CAAC,CAAA;IACrE,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,gBAAgB,QAAQ,OAAO,CAAC,CAAA;IAEvE,oBAAoB;IACpB,MAAM,aAAa,GAAG;QACpB,eAAe,cAAc,iBAAiB;QAC9C,iBAAiB,aAAa,8CAA8C;KAC7E,CAAA;IAED,eAAe,CAAC,+BAA+B,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;IAEzE,MAAM,iBAAiB,GAAG,KAAK,CAAC,OAAO,EAAE,aAAa,EAAE;QACtD,KAAK,EAAE,QAAQ;KAChB,CAAC,CAAA;IAEF,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;IACxD,CAAC;IAED,qBAAqB;IACrB,MAAM,cAAc,GAAG;QACrB,eAAe,eAAe,iBAAiB;QAC/C,iBAAiB,cAAc,8CAA8C;KAC9E,CAAA;IAED,eAAe,CAAC,gCAAgC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;IAE3E,MAAM,kBAAkB,GAAG,KAAK,CAAC,OAAO,EAAE,cAAc,EAAE;QACxD,KAAK,EAAE,QAAQ;KAChB,CAAC,CAAA;IAEF,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,CAAC;QAC5B,uBAAuB;QACvB,IAAI,iBAAiB,CAAC,GAAG,EAAE,CAAC;YAC1B,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;YAChD,CAAC;YAAC,MAAM,CAAC;gBACP,gBAAgB;YAClB,CAAC;QACH,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAA;IACzD,CAAC;IAED,oCAAoC;IACpC,MAAM,WAAW,GAAG,CAAC,CAAA;IACrB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,IACE,CAAC,iBAAiB,CAAC,GAAG;YACtB,iBAAiB,CAAC,MAAM;YACxB,CAAC,kBAAkB,CAAC,GAAG;YACvB,kBAAkB,CAAC,MAAM,EACzB,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAA;QAC3D,CAAC;QAED,IAAI,CAAC;YACH,sBAAsB;YACtB,IAAI,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;gBACpE,eAAe,CAAC,6BAA6B,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;gBAC9D,MAAK;YACP,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,eAAe,CAAC,mCAAmC,CAAC,GAAG,CAAC,MAAM,GAAG,EAAE,EAAE;gBACnE,KAAK,EAAE,OAAO;aACf,CAAC,CAAA;QACJ,CAAC;QAED,IAAI,CAAC,KAAK,WAAW,GAAG,CAAC,EAAE,CAAC;YAC1B,0BAA0B;YAC1B,IAAI,iBAAiB,CAAC,GAAG,EAAE,CAAC;gBAC1B,IAAI,CAAC;oBACH,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gBAChD,CAAC;gBAAC,MAAM,CAAC;oBACP,gBAAgB;gBAClB,CAAC;YACH,CAAC;YACD,IAAI,kBAAkB,CAAC,GAAG,EAAE,CAAC;gBAC3B,IAAI,CAAC;oBACH,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gBACjD,CAAC;gBAAC,MAAM,CAAC;oBACP,gBAAgB;gBAClB,CAAC;YACH,CAAC;YACD,MAAM,IAAI,KAAK,CACb,yCAAyC,WAAW,WAAW,CAChE,CAAA;QACH,CAAC;QAED,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAA;IAC5D,CAAC;IAED,OAAO;QACL,cAAc;QACd,eAAe;QACf,iBAAiB;QACjB,kBAAkB;QAClB,aAAa;QACb,cAAc;KACf,CAAA;AACH,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAC1B,cAAsB,EACtB,eAAuB,EACvB,WAAmB,EACnB,iBAAqC,EACrC,KAAc;IAEd,6CAA6C;IAC7C,MAAM,SAAS,GAAG,KAAK,IAAI,MAAM,CAAA;IACjC,MAAM,aAAa,GAAG;QACpB,qDAAqD,cAAc,oBAAoB;QACvF,qDAAqD,eAAe,oBAAoB;QACxF,0CAA0C;KAC3C,CAAA;IAED,+DAA+D;IAC/D,IAAI,iBAAiB,EAAE,CAAC;QACtB,0BAA0B;QAC1B,qEAAqE;QACrE,kEAAkE;QAClE,kEAAkE;QAClE,EAAE;QACF,4CAA4C;QAC5C,6BAA6B;QAC7B,6DAA6D;QAC7D,2BAA2B;QAC3B,EAAE;QACF,oFAAoF;QACpF,MAAM,kBAAkB,GAAG,yBAAyB,EAAE,CAAA;QACtD,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CACb,wEAAwE;gBACtE,uFAAuF,CAC1F,CAAA;QACH,CAAC;QAED,MAAM,eAAe,GAAG,UAAU,CAAC,KAAK,CAAC;YACvC,kBAAkB;YAClB,iBAAiB;YACjB,SAAS;YACT,IAAI;YACJ,WAAW;SACZ,CAAC,CAAA;QAEF,MAAM,WAAW,GAAG,CAAC,GAAG,aAAa,EAAE,eAAe,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAClE,OAAO,GAAG,SAAS,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC,WAAW,CAAC,CAAC,EAAE,CAAA;IAC7D,CAAC;SAAM,CAAC;QACN,gDAAgD;QAChD,MAAM,WAAW,GAAG;YAClB,GAAG,aAAa;YAChB,QAAQ,UAAU,CAAC,KAAK,CAAC,CAAC,WAAW,CAAC,CAAC,EAAE;SAC1C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAEZ,OAAO,GAAG,SAAS,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC,WAAW,CAAC,CAAC,EAAE,CAAA;IAC7D,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,sBAAsB,CACnC,UAA+C,EAC/C,WAAiD,EACjD,gBAAsD,EAAE,OAAO,EAAE,IAAI,EAAE;IAEvE,MAAM,IAAI,GAAa,EAAE,CAAA;IACzB,sBAAsB;IAEtB,2DAA2D;IAC3D,IAAI,WAAW,EAAE,CAAC;QAChB,qFAAqF;QACrF,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;QAEhC,4DAA4D;QAC5D,MAAM,iBAAiB,GAAa,EAAE,CAAA;QAEtC,iCAAiC;QACjC,KAAK,MAAM,WAAW,IAAI,WAAW,CAAC,SAAS,IAAI,EAAE,EAAE,CAAC;YACtD,MAAM,cAAc,GAAG,uBAAuB,CAAC,WAAW,CAAC,CAAA;YAE3D,eAAe,CACb,0CAA0C,WAAW,OAAO,cAAc,EAAE,CAC7E,CAAA;YAED,0DAA0D;YAC1D,IAAI,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvC,eAAe,CAAC,uCAAuC,cAAc,EAAE,CAAC,CAAA;gBACxE,SAAQ;YACV,CAAC;YAED,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;gBACnC,eAAe,CACb,qDAAqD,cAAc,EAAE,CACtE,CAAA;gBACD,SAAQ;YACV,CAAC;YAED,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,EAAE,cAAc,CAAC,CAAA;YACnD,iBAAiB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;QACxC,CAAC;QAED,uEAAuE;QACvE,MAAM,SAAS,GAAG;YAChB,GAAG,CAAC,WAAW,CAAC,eAAe,IAAI,EAAE,CAAC;YACtC,GAAG,CAAC,MAAM,2BAA2B,CAAC,aAAa,CAAC,CAAC;SACtD,CAAA;QAED,KAAK,MAAM,WAAW,IAAI,SAAS,EAAE,CAAC;YACpC,MAAM,cAAc,GAAG,uBAAuB,CAAC,WAAW,CAAC,CAAA;YAE3D,0DAA0D;YAC1D,IAAI,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvC,SAAQ;YACV,CAAC;YAED,0BAA0B;YAC1B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;gBACnC,eAAe,CACb,oDAAoD,cAAc,EAAE,CACrE,CAAA;gBACD,SAAQ;YACV,CAAC;YAED,qEAAqE;YACrE,kEAAkE;YAClE,MAAM,mBAAmB,GAAG,iBAAiB,CAAC,IAAI,CAChD,WAAW,CAAC,EAAE,CACZ,cAAc,CAAC,UAAU,CAAC,WAAW,GAAG,GAAG,CAAC;gBAC5C,cAAc,KAAK,WAAW,CACjC,CAAA;YAED,IAAI,mBAAmB,EAAE,CAAC;gBACxB,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,EAAE,cAAc,CAAC,CAAA;YACxD,CAAC;iBAAM,CAAC;gBACN,eAAe,CACb,gEAAgE,cAAc,EAAE,CACjF,CAAA;YACH,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,0CAA0C;QAC1C,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;IAC/B,CAAC;IAED,+DAA+D;IAC/D,MAAM,aAAa,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,IAAI,EAAE,CAAC,CAAC,CAAA;IAEvD,6EAA6E;IAC7E,+EAA+E;IAC/E,4EAA4E;IAC5E,IAAI,EAAE,CAAC,UAAU,CAAC,uBAAuB,CAAC,EAAE,CAAC;QAC3C,aAAa,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAA;IAC7C,CAAC;IAED,KAAK,MAAM,WAAW,IAAI,aAAa,EAAE,CAAC;QACxC,MAAM,cAAc,GAAG,uBAAuB,CAAC,WAAW,CAAC,CAAA;QAC3D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;YACnC,eAAe,CACb,yDAAyD,cAAc,EAAE,CAC1E,CAAA;YACD,SAAQ;QACV,CAAC;QAED,MAAM,YAAY,GAAG,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAA;QAChD,IAAI,YAAY,CAAC,WAAW,EAAE,EAAE,CAAC;YAC/B,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,CAAA;QACtC,CAAC;aAAM,CAAC;YACN,6CAA6C;YAC7C,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,EAAE,cAAc,CAAC,CAAA;QACrD,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAA;AACb,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6CG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAC/C,MAA0B;IAE1B,MAAM,EACJ,OAAO,EACP,sBAAsB,EACtB,yBAAyB,EACzB,cAAc,EACd,eAAe,EACf,aAAa,EACb,cAAc,EACd,UAAU,EACV,WAAW,EACX,yBAAyB,EACzB,mBAAmB,EACnB,QAAQ,EACR,aAAa,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,GAClC,GAAG,MAAM,CAAA;IAEV,kCAAkC;IAClC,IAAI,CAAC,sBAAsB,IAAI,CAAC,yBAAyB,EAAE,CAAC;QAC1D,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,MAAM,SAAS,GAAa,EAAE,CAAA;IAC9B,IAAI,iBAAiB,GAAuB,SAAS,CAAA;IAErD,IAAI,CAAC;QACH,8DAA8D;QAC9D,kFAAkF;QAClF,EAAE;QACF,4EAA4E;QAC5E,wCAAwC;QACxC,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACzB,iBAAiB,GAAG,qBAAqB,EAAE,IAAI,SAAS,CAAA;YACxD,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACvB,2DAA2D;gBAC3D,MAAM,IAAI,KAAK,CACb,8DAA8D;oBAC5D,4FAA4F;oBAC5F,uFAAuF,CAC1F,CAAA;YACH,CAAC;YAED,qDAAqD;YACrD,6EAA6E;YAC7E,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACpD,uBAAuB,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAA;gBAC9C,6BAA6B,EAAE,CAAA;YACjC,CAAC;YAED,eAAe,CACb,uEAAuE,CACxE,CAAA;QACH,CAAC;aAAM,IAAI,mBAAmB,EAAE,CAAC;YAC/B,eAAe,CACb,0EAA0E,CAC3E,CAAA;QACH,CAAC;QAED,6CAA6C;QAC7C,IAAI,sBAAsB,EAAE,CAAC;YAC3B,2DAA2D;YAC3D,IAAI,CAAC,cAAc,IAAI,CAAC,eAAe,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAA;YACH,CAAC;YAED,SAAS,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;YAE/B,qCAAqC;YACrC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,EAAE,cAAc,CAAC,CAAA;YACxD,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,EAAE,eAAe,CAAC,CAAA;YAE1D,kCAAkC;YAClC,yEAAyE;YACzE,4EAA4E;YAC5E,MAAM,QAAQ,GAAG,oBAAoB,CACnC,IAAI,EAAE,8BAA8B;YACpC,IAAI,CACL,CAAA;YACD,SAAS,CAAC,IAAI,CACZ,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,GAAW,EAAE,EAAE;gBAClC,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;gBAChC,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,OAAO,CAAC,CAAA;gBACjC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,CAAA;gBACpC,OAAO,CAAC,UAAU,EAAE,GAAG,EAAE,KAAK,CAAC,CAAA;YACjC,CAAC,CAAC,CACH,CAAA;YAED,uEAAuE;YACvE,iEAAiE;YACjE,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,SAAS,CAAC,IAAI,CACZ,UAAU,EACV,kCAAkC,EAClC,MAAM,CAAC,aAAa,CAAC,CACtB,CAAA;YACH,CAAC;YACD,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;gBACjC,SAAS,CAAC,IAAI,CACZ,UAAU,EACV,mCAAmC,EACnC,MAAM,CAAC,cAAc,CAAC,CACvB,CAAA;YACH,CAAC;QACH,CAAC;QAED,gDAAgD;QAChD,MAAM,MAAM,GAAG,MAAM,sBAAsB,CACzC,UAAU,EACV,WAAW,EACX,aAAa,CACd,CAAA;QACD,SAAS,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,CAAA;QAEzB,mBAAmB;QACnB,SAAS,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAE/B,gDAAgD;QAChD,6EAA6E;QAC7E,kEAAkE;QAClE,wEAAwE;QACxE,qGAAqG;QACrG,mGAAmG;QACnG,4DAA4D;QAC5D,SAAS,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;QAC/B,IAAI,CAAC,yBAAyB,EAAE,CAAC;YAC/B,+DAA+D;YAC/D,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;QACnC,CAAC;QAED,gCAAgC;QAChC,0EAA0E;QAC1E,0EAA0E;QAC1E,MAAM,SAAS,GAAG,QAAQ,IAAI,MAAM,CAAA;QACpC,MAAM,eAAe,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,SAAS,CAAC,EAAE;YACtD,QAAQ,EAAE,MAAM;SACjB,CAAC,CAAA;QACF,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,UAAU,SAAS,qBAAqB,CAAC,CAAA;QAC3D,CAAC;QACD,MAAM,KAAK,GAAG,eAAe,CAAC,MAAM,CAAC,IAAI,EAAE,CAAA;QAC3C,SAAS,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,CAAA;QAEjC,+FAA+F;QAC/F,wEAAwE;QACxE,IAAI,sBAAsB,IAAI,cAAc,IAAI,eAAe,EAAE,CAAC;YAChE,2EAA2E;YAC3E,uDAAuD;YACvD,MAAM,cAAc,GAAG,mBAAmB,CACxC,cAAc,EACd,eAAe,EACf,OAAO,EACP,iBAAiB,EACjB,KAAK,CACN,CAAA;YACD,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;QAChC,CAAC;aAAM,IAAI,iBAAiB,EAAE,CAAC;YAC7B,2EAA2E;YAC3E,4FAA4F;YAC5F,MAAM,kBAAkB,GAAG,yBAAyB,EAAE,CAAA;YACtD,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBACxB,MAAM,IAAI,KAAK,CACb,wEAAwE;oBACtE,uFAAuF,CAC1F,CAAA;YACH,CAAC;YAED,MAAM,eAAe,GAAG,UAAU,CAAC,KAAK,CAAC;gBACvC,kBAAkB;gBAClB,iBAAiB;gBACjB,KAAK;gBACL,IAAI;gBACJ,OAAO;aACR,CAAC,CAAA;YACF,SAAS,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;QACjC,CAAC;aAAM,CAAC;YACN,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACzB,CAAC;QAED,gCAAgC;QAChC,MAAM,cAAc,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,GAAG,SAAS,CAAC,CAAC,CAAA;QAEhE,MAAM,YAAY,GAAG,EAAE,CAAA;QACvB,IAAI,sBAAsB;YAAE,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;QACxD,IAAI,yBAAyB;YAAE,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QAC9D,IAAI,iBAAiB;YAAE,YAAY,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAA;QAE/D,eAAe,CACb,+CAA+C,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CACvF,CAAA;QAED,OAAO,cAAc,CAAA;IACvB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,mCAAmC;QACnC,IAAI,iBAAiB,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACzE,uBAAuB,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAA;YACjD,IAAI,CAAC;gBACH,oBAAoB,CAAC,iBAAiB,CAAC,CAAA;YACzC,CAAC;YAAC,OAAO,YAAY,EAAE,CAAC;gBACtB,eAAe,CACb,+DAA+D,YAAY,EAAE,EAC7E,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;YACH,CAAC;QACH,CAAC;QACD,8BAA8B;QAC9B,MAAM,KAAK,CAAA;IACb,CAAC;AACH,CAAC"}
|
|
1
|
+
{"version":3,"file":"linux-sandbox-utils.js","sourceRoot":"","sources":["../../src/sandbox/linux-sandbox-utils.ts"],"names":[],"mappings":"AAAA,OAAO,UAAU,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AACzC,OAAO,KAAK,EAAE,MAAM,IAAI,CAAA;AACxB,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAErD,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAA;AAChC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAChC,OAAO,EACL,oBAAoB,EACpB,uBAAuB,EACvB,2BAA2B,GAC5B,MAAM,oBAAoB,CAAA;AAK3B,OAAO,EACL,qBAAqB,EACrB,oBAAoB,EACpB,sBAAsB,EACtB,yBAAyB,GAC1B,MAAM,8BAA8B,CAAA;AA2BrC,8DAA8D;AAC9D,MAAM,uBAAuB,GAAgB,IAAI,GAAG,EAAE,CAAA;AACtD,IAAI,qBAAqB,GAAG,KAAK,CAAA;AAEjC;;GAEG;AACH,SAAS,6BAA6B;IACpC,IAAI,qBAAqB,EAAE,CAAC;QAC1B,OAAM;IACR,CAAC;IAED,OAAO,CAAC,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE;QACtB,KAAK,MAAM,UAAU,IAAI,uBAAuB,EAAE,CAAC;YACjD,IAAI,CAAC;gBACH,oBAAoB,CAAC,UAAU,CAAC,CAAA;YAClC,CAAC;YAAC,MAAM,CAAC;gBACP,oCAAoC;YACtC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,qBAAqB,GAAG,IAAI,CAAA;AAC9B,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,+BAA+B,CAC7C,mBAAmB,GAAG,KAAK;IAE3B,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE;YAChD,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,IAAI;SACd,CAAC,CAAA;QACF,MAAM,WAAW,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE;YAChD,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,IAAI;SACd,CAAC,CAAA;QAEF,MAAM,YAAY,GAAG,WAAW,CAAC,MAAM,KAAK,CAAC,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,CAAA;QAEzE,0EAA0E;QAC1E,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACzB,oEAAoE;YACpE,MAAM,kBAAkB,GAAG,sBAAsB,EAAE,KAAK,IAAI,CAAA;YAE5D,kEAAkE;YAClE,MAAM,qBAAqB,GAAG,yBAAyB,EAAE,KAAK,IAAI,CAAA;YAElE,IAAI,kBAAkB,IAAI,qBAAqB,EAAE,CAAC;gBAChD,mEAAmE;gBACnE,OAAO,YAAY,CAAA;YACrB,CAAC;iBAAM,CAAC;gBACN,2EAA2E;gBAC3E,uEAAuE;gBACvE,wDAAwD;gBACxD,eAAe,CACb,gCAAgC,OAAO,CAAC,IAAI,2CAA2C;oBACrF,+EAA+E;oBAC/E,sDAAsD,EACxD,EAAE,KAAK,EAAE,MAAM,EAAE,CAClB,CAAA;gBACD,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;QAED,OAAO,YAAY,CAAA;IACrB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAChD,aAAqB,EACrB,cAAsB;IAEtB,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAC/C,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,eAAe,QAAQ,OAAO,CAAC,CAAA;IACrE,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,gBAAgB,QAAQ,OAAO,CAAC,CAAA;IAEvE,oBAAoB;IACpB,MAAM,aAAa,GAAG;QACpB,eAAe,cAAc,iBAAiB;QAC9C,iBAAiB,aAAa,8CAA8C;KAC7E,CAAA;IAED,eAAe,CAAC,+BAA+B,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;IAEzE,MAAM,iBAAiB,GAAG,KAAK,CAAC,OAAO,EAAE,aAAa,EAAE;QACtD,KAAK,EAAE,QAAQ;KAChB,CAAC,CAAA;IAEF,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;IACxD,CAAC;IAED,uDAAuD;IACvD,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE;QAClC,eAAe,CAAC,8BAA8B,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAA;IAC1E,CAAC,CAAC,CAAA;IACF,iBAAiB,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE;QAC5C,eAAe,CACb,wCAAwC,IAAI,YAAY,MAAM,EAAE,EAChE,EAAE,KAAK,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,EAAE,CACzC,CAAA;IACH,CAAC,CAAC,CAAA;IAEF,qBAAqB;IACrB,MAAM,cAAc,GAAG;QACrB,eAAe,eAAe,iBAAiB;QAC/C,iBAAiB,cAAc,8CAA8C;KAC9E,CAAA;IAED,eAAe,CAAC,gCAAgC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;IAE3E,MAAM,kBAAkB,GAAG,KAAK,CAAC,OAAO,EAAE,cAAc,EAAE;QACxD,KAAK,EAAE,QAAQ;KAChB,CAAC,CAAA;IAEF,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,CAAC;QAC5B,uBAAuB;QACvB,IAAI,iBAAiB,CAAC,GAAG,EAAE,CAAC;YAC1B,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;YAChD,CAAC;YAAC,MAAM,CAAC;gBACP,gBAAgB;YAClB,CAAC;QACH,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAA;IACzD,CAAC;IAED,uDAAuD;IACvD,kBAAkB,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE;QACnC,eAAe,CAAC,+BAA+B,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAA;IAC3E,CAAC,CAAC,CAAA;IACF,kBAAkB,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE;QAC7C,eAAe,CACb,yCAAyC,IAAI,YAAY,MAAM,EAAE,EACjE,EAAE,KAAK,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,EAAE,CACzC,CAAA;IACH,CAAC,CAAC,CAAA;IAEF,oCAAoC;IACpC,MAAM,WAAW,GAAG,CAAC,CAAA;IACrB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,IACE,CAAC,iBAAiB,CAAC,GAAG;YACtB,iBAAiB,CAAC,MAAM;YACxB,CAAC,kBAAkB,CAAC,GAAG;YACvB,kBAAkB,CAAC,MAAM,EACzB,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAA;QAC3D,CAAC;QAED,IAAI,CAAC;YACH,sBAAsB;YACtB,IAAI,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;gBACpE,eAAe,CAAC,6BAA6B,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;gBAC9D,MAAK;YACP,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,eAAe,CAAC,mCAAmC,CAAC,GAAG,CAAC,MAAM,GAAG,EAAE,EAAE;gBACnE,KAAK,EAAE,OAAO;aACf,CAAC,CAAA;QACJ,CAAC;QAED,IAAI,CAAC,KAAK,WAAW,GAAG,CAAC,EAAE,CAAC;YAC1B,0BAA0B;YAC1B,IAAI,iBAAiB,CAAC,GAAG,EAAE,CAAC;gBAC1B,IAAI,CAAC;oBACH,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gBAChD,CAAC;gBAAC,MAAM,CAAC;oBACP,gBAAgB;gBAClB,CAAC;YACH,CAAC;YACD,IAAI,kBAAkB,CAAC,GAAG,EAAE,CAAC;gBAC3B,IAAI,CAAC;oBACH,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gBACjD,CAAC;gBAAC,MAAM,CAAC;oBACP,gBAAgB;gBAClB,CAAC;YACH,CAAC;YACD,MAAM,IAAI,KAAK,CACb,yCAAyC,WAAW,WAAW,CAChE,CAAA;QACH,CAAC;QAED,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAA;IAC5D,CAAC;IAED,OAAO;QACL,cAAc;QACd,eAAe;QACf,iBAAiB;QACjB,kBAAkB;QAClB,aAAa;QACb,cAAc;KACf,CAAA;AACH,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAC1B,cAAsB,EACtB,eAAuB,EACvB,WAAmB,EACnB,iBAAqC,EACrC,KAAc;IAEd,6CAA6C;IAC7C,MAAM,SAAS,GAAG,KAAK,IAAI,MAAM,CAAA;IACjC,MAAM,aAAa,GAAG;QACpB,qDAAqD,cAAc,oBAAoB;QACvF,qDAAqD,eAAe,oBAAoB;QACxF,0CAA0C;KAC3C,CAAA;IAED,+DAA+D;IAC/D,IAAI,iBAAiB,EAAE,CAAC;QACtB,0BAA0B;QAC1B,qEAAqE;QACrE,kEAAkE;QAClE,kEAAkE;QAClE,EAAE;QACF,4CAA4C;QAC5C,6BAA6B;QAC7B,6DAA6D;QAC7D,2BAA2B;QAC3B,EAAE;QACF,oFAAoF;QACpF,MAAM,kBAAkB,GAAG,yBAAyB,EAAE,CAAA;QACtD,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CACb,wEAAwE;gBACtE,uFAAuF,CAC1F,CAAA;QACH,CAAC;QAED,MAAM,eAAe,GAAG,UAAU,CAAC,KAAK,CAAC;YACvC,kBAAkB;YAClB,iBAAiB;YACjB,SAAS;YACT,IAAI;YACJ,WAAW;SACZ,CAAC,CAAA;QAEF,MAAM,WAAW,GAAG,CAAC,GAAG,aAAa,EAAE,eAAe,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAClE,OAAO,GAAG,SAAS,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC,WAAW,CAAC,CAAC,EAAE,CAAA;IAC7D,CAAC;SAAM,CAAC;QACN,gDAAgD;QAChD,MAAM,WAAW,GAAG;YAClB,GAAG,aAAa;YAChB,QAAQ,UAAU,CAAC,KAAK,CAAC,CAAC,WAAW,CAAC,CAAC,EAAE;SAC1C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAEZ,OAAO,GAAG,SAAS,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC,WAAW,CAAC,CAAC,EAAE,CAAA;IAC7D,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,sBAAsB,CACnC,UAA+C,EAC/C,WAAiD,EACjD,gBAAsD,EAAE,OAAO,EAAE,IAAI,EAAE;IAEvE,MAAM,IAAI,GAAa,EAAE,CAAA;IACzB,sBAAsB;IAEtB,2DAA2D;IAC3D,IAAI,WAAW,EAAE,CAAC;QAChB,qFAAqF;QACrF,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;QAEhC,4DAA4D;QAC5D,MAAM,iBAAiB,GAAa,EAAE,CAAA;QAEtC,iCAAiC;QACjC,KAAK,MAAM,WAAW,IAAI,WAAW,CAAC,SAAS,IAAI,EAAE,EAAE,CAAC;YACtD,MAAM,cAAc,GAAG,uBAAuB,CAAC,WAAW,CAAC,CAAA;YAE3D,eAAe,CACb,0CAA0C,WAAW,OAAO,cAAc,EAAE,CAC7E,CAAA;YAED,0DAA0D;YAC1D,IAAI,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvC,eAAe,CAAC,uCAAuC,cAAc,EAAE,CAAC,CAAA;gBACxE,SAAQ;YACV,CAAC;YAED,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;gBACnC,eAAe,CACb,qDAAqD,cAAc,EAAE,CACtE,CAAA;gBACD,SAAQ;YACV,CAAC;YAED,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,EAAE,cAAc,CAAC,CAAA;YACnD,iBAAiB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;QACxC,CAAC;QAED,uEAAuE;QACvE,MAAM,SAAS,GAAG;YAChB,GAAG,CAAC,WAAW,CAAC,eAAe,IAAI,EAAE,CAAC;YACtC,GAAG,CAAC,MAAM,2BAA2B,CAAC,aAAa,CAAC,CAAC;SACtD,CAAA;QAED,KAAK,MAAM,WAAW,IAAI,SAAS,EAAE,CAAC;YACpC,MAAM,cAAc,GAAG,uBAAuB,CAAC,WAAW,CAAC,CAAA;YAE3D,0DAA0D;YAC1D,IAAI,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvC,SAAQ;YACV,CAAC;YAED,0BAA0B;YAC1B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;gBACnC,eAAe,CACb,oDAAoD,cAAc,EAAE,CACrE,CAAA;gBACD,SAAQ;YACV,CAAC;YAED,qEAAqE;YACrE,kEAAkE;YAClE,MAAM,mBAAmB,GAAG,iBAAiB,CAAC,IAAI,CAChD,WAAW,CAAC,EAAE,CACZ,cAAc,CAAC,UAAU,CAAC,WAAW,GAAG,GAAG,CAAC;gBAC5C,cAAc,KAAK,WAAW,CACjC,CAAA;YAED,IAAI,mBAAmB,EAAE,CAAC;gBACxB,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,EAAE,cAAc,CAAC,CAAA;YACxD,CAAC;iBAAM,CAAC;gBACN,eAAe,CACb,gEAAgE,cAAc,EAAE,CACjF,CAAA;YACH,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,0CAA0C;QAC1C,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;IAC/B,CAAC;IAED,+DAA+D;IAC/D,MAAM,aAAa,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,IAAI,EAAE,CAAC,CAAC,CAAA;IAEvD,6EAA6E;IAC7E,+EAA+E;IAC/E,4EAA4E;IAC5E,IAAI,EAAE,CAAC,UAAU,CAAC,uBAAuB,CAAC,EAAE,CAAC;QAC3C,aAAa,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAA;IAC7C,CAAC;IAED,KAAK,MAAM,WAAW,IAAI,aAAa,EAAE,CAAC;QACxC,MAAM,cAAc,GAAG,uBAAuB,CAAC,WAAW,CAAC,CAAA;QAC3D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;YACnC,eAAe,CACb,yDAAyD,cAAc,EAAE,CAC1E,CAAA;YACD,SAAQ;QACV,CAAC;QAED,MAAM,YAAY,GAAG,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAA;QAChD,IAAI,YAAY,CAAC,WAAW,EAAE,EAAE,CAAC;YAC/B,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,CAAA;QACtC,CAAC;aAAM,CAAC;YACN,6CAA6C;YAC7C,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,EAAE,cAAc,CAAC,CAAA;QACrD,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAA;AACb,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6CG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAC/C,MAA0B;IAE1B,MAAM,EACJ,OAAO,EACP,sBAAsB,EACtB,yBAAyB,EACzB,cAAc,EACd,eAAe,EACf,aAAa,EACb,cAAc,EACd,UAAU,EACV,WAAW,EACX,yBAAyB,EACzB,mBAAmB,EACnB,QAAQ,EACR,aAAa,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,GAClC,GAAG,MAAM,CAAA;IAEV,kCAAkC;IAClC,IAAI,CAAC,sBAAsB,IAAI,CAAC,yBAAyB,EAAE,CAAC;QAC1D,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,MAAM,SAAS,GAAa,EAAE,CAAA;IAC9B,IAAI,iBAAiB,GAAuB,SAAS,CAAA;IAErD,IAAI,CAAC;QACH,8DAA8D;QAC9D,kFAAkF;QAClF,EAAE;QACF,4EAA4E;QAC5E,wCAAwC;QACxC,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACzB,iBAAiB,GAAG,qBAAqB,EAAE,IAAI,SAAS,CAAA;YACxD,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACvB,2DAA2D;gBAC3D,MAAM,IAAI,KAAK,CACb,8DAA8D;oBAC5D,4FAA4F;oBAC5F,uFAAuF,CAC1F,CAAA;YACH,CAAC;YAED,qDAAqD;YACrD,6EAA6E;YAC7E,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACpD,uBAAuB,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAA;gBAC9C,6BAA6B,EAAE,CAAA;YACjC,CAAC;YAED,eAAe,CACb,uEAAuE,CACxE,CAAA;QACH,CAAC;aAAM,IAAI,mBAAmB,EAAE,CAAC;YAC/B,eAAe,CACb,0EAA0E,CAC3E,CAAA;QACH,CAAC;QAED,6CAA6C;QAC7C,IAAI,sBAAsB,EAAE,CAAC;YAC3B,2DAA2D;YAC3D,IAAI,CAAC,cAAc,IAAI,CAAC,eAAe,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAA;YACH,CAAC;YAED,6DAA6D;YAC7D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;gBACnC,MAAM,IAAI,KAAK,CACb,4CAA4C,cAAc,IAAI;oBAC5D,mEAAmE,CACtE,CAAA;YACH,CAAC;YACD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;gBACpC,MAAM,IAAI,KAAK,CACb,6CAA6C,eAAe,IAAI;oBAC9D,mEAAmE,CACtE,CAAA;YACH,CAAC;YAED,SAAS,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;YAE/B,qCAAqC;YACrC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,EAAE,cAAc,CAAC,CAAA;YACxD,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,EAAE,eAAe,CAAC,CAAA;YAE1D,kCAAkC;YAClC,yEAAyE;YACzE,4EAA4E;YAC5E,MAAM,QAAQ,GAAG,oBAAoB,CACnC,IAAI,EAAE,8BAA8B;YACpC,IAAI,CACL,CAAA;YACD,SAAS,CAAC,IAAI,CACZ,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,GAAW,EAAE,EAAE;gBAClC,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;gBAChC,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,OAAO,CAAC,CAAA;gBACjC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,CAAA;gBACpC,OAAO,CAAC,UAAU,EAAE,GAAG,EAAE,KAAK,CAAC,CAAA;YACjC,CAAC,CAAC,CACH,CAAA;YAED,uEAAuE;YACvE,iEAAiE;YACjE,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAChC,SAAS,CAAC,IAAI,CACZ,UAAU,EACV,kCAAkC,EAClC,MAAM,CAAC,aAAa,CAAC,CACtB,CAAA;YACH,CAAC;YACD,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;gBACjC,SAAS,CAAC,IAAI,CACZ,UAAU,EACV,mCAAmC,EACnC,MAAM,CAAC,cAAc,CAAC,CACvB,CAAA;YACH,CAAC;QACH,CAAC;QAED,gDAAgD;QAChD,MAAM,MAAM,GAAG,MAAM,sBAAsB,CACzC,UAAU,EACV,WAAW,EACX,aAAa,CACd,CAAA;QACD,SAAS,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,CAAA;QAEzB,mBAAmB;QACnB,SAAS,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAE/B,gDAAgD;QAChD,6EAA6E;QAC7E,kEAAkE;QAClE,wEAAwE;QACxE,qGAAqG;QACrG,mGAAmG;QACnG,4DAA4D;QAC5D,SAAS,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;QAC/B,IAAI,CAAC,yBAAyB,EAAE,CAAC;YAC/B,+DAA+D;YAC/D,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;QACnC,CAAC;QAED,gCAAgC;QAChC,0EAA0E;QAC1E,0EAA0E;QAC1E,MAAM,SAAS,GAAG,QAAQ,IAAI,MAAM,CAAA;QACpC,MAAM,eAAe,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,SAAS,CAAC,EAAE;YACtD,QAAQ,EAAE,MAAM;SACjB,CAAC,CAAA;QACF,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,UAAU,SAAS,qBAAqB,CAAC,CAAA;QAC3D,CAAC;QACD,MAAM,KAAK,GAAG,eAAe,CAAC,MAAM,CAAC,IAAI,EAAE,CAAA;QAC3C,SAAS,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,CAAA;QAEjC,+FAA+F;QAC/F,wEAAwE;QACxE,IAAI,sBAAsB,IAAI,cAAc,IAAI,eAAe,EAAE,CAAC;YAChE,2EAA2E;YAC3E,uDAAuD;YACvD,MAAM,cAAc,GAAG,mBAAmB,CACxC,cAAc,EACd,eAAe,EACf,OAAO,EACP,iBAAiB,EACjB,KAAK,CACN,CAAA;YACD,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;QAChC,CAAC;aAAM,IAAI,iBAAiB,EAAE,CAAC;YAC7B,2EAA2E;YAC3E,4FAA4F;YAC5F,MAAM,kBAAkB,GAAG,yBAAyB,EAAE,CAAA;YACtD,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBACxB,MAAM,IAAI,KAAK,CACb,wEAAwE;oBACtE,uFAAuF,CAC1F,CAAA;YACH,CAAC;YAED,MAAM,eAAe,GAAG,UAAU,CAAC,KAAK,CAAC;gBACvC,kBAAkB;gBAClB,iBAAiB;gBACjB,KAAK;gBACL,IAAI;gBACJ,OAAO;aACR,CAAC,CAAA;YACF,SAAS,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;QACjC,CAAC;aAAM,CAAC;YACN,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACzB,CAAC;QAED,gCAAgC;QAChC,MAAM,cAAc,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,GAAG,SAAS,CAAC,CAAC,CAAA;QAEhE,MAAM,YAAY,GAAG,EAAE,CAAA;QACvB,IAAI,sBAAsB;YAAE,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;QACxD,IAAI,yBAAyB;YAAE,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QAC9D,IAAI,iBAAiB;YAAE,YAAY,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAA;QAE/D,eAAe,CACb,+CAA+C,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CACvF,CAAA;QAED,OAAO,cAAc,CAAA;IACvB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,mCAAmC;QACnC,IAAI,iBAAiB,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACzE,uBAAuB,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAA;YACjD,IAAI,CAAC;gBACH,oBAAoB,CAAC,iBAAiB,CAAC,CAAA;YACzC,CAAC;YAAC,OAAO,YAAY,EAAE,CAAC;gBACtB,eAAe,CACb,+DAA+D,YAAY,EAAE,EAC7E,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;YACH,CAAC;QACH,CAAC;QACD,8BAA8B;QAC9B,MAAM,KAAK,CAAA;IACb,CAAC;AACH,CAAC"}
|
|
@@ -9,7 +9,10 @@ export interface ISandboxManager {
|
|
|
9
9
|
initialize(runtimeConfig: SandboxRuntimeConfig, sandboxAskCallback?: SandboxAskCallback, enableLogMonitor?: boolean): Promise<void>;
|
|
10
10
|
isSupportedPlatform(platform: Platform): boolean;
|
|
11
11
|
isSandboxingEnabled(): boolean;
|
|
12
|
-
checkDependencies(
|
|
12
|
+
checkDependencies(ripgrepConfig?: {
|
|
13
|
+
command: string;
|
|
14
|
+
args?: string[];
|
|
15
|
+
}): boolean;
|
|
13
16
|
getFsReadConfig(): FsReadRestrictionConfig;
|
|
14
17
|
getFsWriteConfig(): FsWriteRestrictionConfig;
|
|
15
18
|
getNetworkRestrictionConfig(): NetworkRestrictionConfig;
|
|
@@ -25,6 +28,8 @@ export interface ISandboxManager {
|
|
|
25
28
|
getSandboxViolationStore(): SandboxViolationStore;
|
|
26
29
|
annotateStderrWithSandboxFailures(command: string, stderr: string): string;
|
|
27
30
|
getLinuxGlobPatternWarnings(): string[];
|
|
31
|
+
getConfig(): SandboxRuntimeConfig | undefined;
|
|
32
|
+
updateConfig(newConfig: SandboxRuntimeConfig): void;
|
|
28
33
|
reset(): Promise<void>;
|
|
29
34
|
}
|
|
30
35
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sandbox-manager.d.ts","sourceRoot":"","sources":["../../src/sandbox/sandbox-manager.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"sandbox-manager.d.ts","sourceRoot":"","sources":["../../src/sandbox/sandbox-manager.ts"],"names":[],"mappings":"AAKA,OAAO,EAAe,KAAK,QAAQ,EAAE,MAAM,sBAAsB,CAAA;AAEjE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AAC/D,OAAO,KAAK,EACV,kBAAkB,EAClB,uBAAuB,EACvB,wBAAwB,EACxB,wBAAwB,EACzB,MAAM,sBAAsB,CAAA;AAiB7B,OAAO,EAAE,qBAAqB,EAAE,MAAM,8BAA8B,CAAA;AA4uBpE;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,UAAU,CACR,aAAa,EAAE,oBAAoB,EACnC,kBAAkB,CAAC,EAAE,kBAAkB,EACvC,gBAAgB,CAAC,EAAE,OAAO,GACzB,OAAO,CAAC,IAAI,CAAC,CAAA;IAChB,mBAAmB,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAA;IAChD,mBAAmB,IAAI,OAAO,CAAA;IAC9B,iBAAiB,CAAC,aAAa,CAAC,EAAE;QAChC,OAAO,EAAE,MAAM,CAAA;QACf,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;KAChB,GAAG,OAAO,CAAA;IACX,eAAe,IAAI,uBAAuB,CAAA;IAC1C,gBAAgB,IAAI,wBAAwB,CAAA;IAC5C,2BAA2B,IAAI,wBAAwB,CAAA;IACvD,mBAAmB,IAAI,MAAM,EAAE,GAAG,SAAS,CAAA;IAC3C,oBAAoB,IAAI,OAAO,GAAG,SAAS,CAAA;IAC3C,4BAA4B,IAAI,OAAO,GAAG,SAAS,CAAA;IACnD,YAAY,IAAI,MAAM,GAAG,SAAS,CAAA;IAClC,iBAAiB,IAAI,MAAM,GAAG,SAAS,CAAA;IACvC,sBAAsB,IAAI,MAAM,GAAG,SAAS,CAAA;IAC5C,uBAAuB,IAAI,MAAM,GAAG,SAAS,CAAA;IAC7C,4BAA4B,IAAI,OAAO,CAAC,OAAO,CAAC,CAAA;IAChD,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IACpE,wBAAwB,IAAI,qBAAqB,CAAA;IACjD,iCAAiC,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAAA;IAC1E,2BAA2B,IAAI,MAAM,EAAE,CAAA;IACvC,SAAS,IAAI,oBAAoB,GAAG,SAAS,CAAA;IAC7C,YAAY,CAAC,SAAS,EAAE,oBAAoB,GAAG,IAAI,CAAA;IACnD,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAA;CACvB;AAMD;;;GAGG;AACH,eAAO,MAAM,cAAc,EAAE,eAuBnB,CAAA"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { createHttpProxyServer } from './http-proxy.js';
|
|
2
2
|
import { createSocksProxyServer } from './socks-proxy.js';
|
|
3
3
|
import { logForDebugging } from '../utils/debug.js';
|
|
4
|
+
import { cloneDeep } from 'lodash-es';
|
|
4
5
|
import { getPlatform } from '../utils/platform.js';
|
|
5
6
|
import * as fs from 'fs';
|
|
6
7
|
import { wrapCommandWithSandboxLinux, initializeLinuxNetworkBridge, hasLinuxSandboxDependenciesSync, } from './linux-sandbox-utils.js';
|
|
@@ -20,7 +21,6 @@ let initializationPromise;
|
|
|
20
21
|
let cleanupRegistered = false;
|
|
21
22
|
let logMonitorShutdown;
|
|
22
23
|
const sandboxViolationStore = new SandboxViolationStore();
|
|
23
|
-
let dependenciesCheckCache;
|
|
24
24
|
// ============================================================================
|
|
25
25
|
// Private Helper Functions (not exported)
|
|
26
26
|
// ============================================================================
|
|
@@ -230,38 +230,36 @@ function isSandboxingEnabled() {
|
|
|
230
230
|
}
|
|
231
231
|
/**
|
|
232
232
|
* Check if all sandbox dependencies are available for the current platform
|
|
233
|
+
* @param ripgrepConfig - Optional ripgrep configuration to check. If not provided, uses config from initialization or defaults to 'rg'
|
|
233
234
|
* @returns true if all dependencies are available, false otherwise
|
|
234
235
|
*/
|
|
235
|
-
function checkDependencies() {
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
236
|
+
function checkDependencies(ripgrepConfig) {
|
|
237
|
+
const platform = getPlatform();
|
|
238
|
+
// Check platform support
|
|
239
|
+
if (!isSupportedPlatform(platform)) {
|
|
240
|
+
return false;
|
|
239
241
|
}
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
|
|
243
|
-
|
|
242
|
+
// Determine which ripgrep to check:
|
|
243
|
+
// 1. Parameter takes precedence
|
|
244
|
+
// 2. Then config from initialization
|
|
245
|
+
// 3. Finally default to 'rg'
|
|
246
|
+
const rgToCheck = ripgrepConfig ?? config?.ripgrep;
|
|
247
|
+
// Check ripgrep - only check 'rg' if no custom command is configured
|
|
248
|
+
// If custom command is provided, we trust it exists (will fail naturally if not)
|
|
249
|
+
const hasCustomRipgrep = rgToCheck?.command !== undefined;
|
|
250
|
+
if (!hasCustomRipgrep) {
|
|
251
|
+
// Only check for default 'rg' command
|
|
252
|
+
if (!hasRipgrepSync()) {
|
|
244
253
|
return false;
|
|
245
254
|
}
|
|
246
|
-
// Check ripgrep - only check 'rg' if no custom command is configured
|
|
247
|
-
// If custom command is provided, we trust it exists (will fail naturally if not)
|
|
248
|
-
const hasCustomRipgrep = config?.ripgrep?.command !== undefined;
|
|
249
|
-
if (!hasCustomRipgrep) {
|
|
250
|
-
// Only check for default 'rg' command
|
|
251
|
-
if (!hasRipgrepSync()) {
|
|
252
|
-
return false;
|
|
253
|
-
}
|
|
254
|
-
}
|
|
255
|
-
// Platform-specific dependency checks
|
|
256
|
-
if (platform === 'linux') {
|
|
257
|
-
const allowAllUnixSockets = config?.network?.allowAllUnixSockets ?? false;
|
|
258
|
-
return hasLinuxSandboxDependenciesSync(allowAllUnixSockets);
|
|
259
|
-
}
|
|
260
|
-
// macOS only needs ripgrep (already checked above)
|
|
261
|
-
return true;
|
|
262
255
|
}
|
|
263
|
-
|
|
264
|
-
|
|
256
|
+
// Platform-specific dependency checks
|
|
257
|
+
if (platform === 'linux') {
|
|
258
|
+
const allowAllUnixSockets = config?.network?.allowAllUnixSockets ?? false;
|
|
259
|
+
return hasLinuxSandboxDependenciesSync(allowAllUnixSockets);
|
|
260
|
+
}
|
|
261
|
+
// macOS only needs ripgrep (already checked above)
|
|
262
|
+
return true;
|
|
265
263
|
}
|
|
266
264
|
function getFsReadConfig() {
|
|
267
265
|
if (!config) {
|
|
@@ -417,6 +415,22 @@ async function wrapWithSandbox(command, binShell) {
|
|
|
417
415
|
throw new Error(`Sandbox configuration is not supported on platform: ${platform}`);
|
|
418
416
|
}
|
|
419
417
|
}
|
|
418
|
+
/**
|
|
419
|
+
* Get the current sandbox configuration
|
|
420
|
+
* @returns The current configuration, or undefined if not initialized
|
|
421
|
+
*/
|
|
422
|
+
function getConfig() {
|
|
423
|
+
return config;
|
|
424
|
+
}
|
|
425
|
+
/**
|
|
426
|
+
* Update the sandbox configuration
|
|
427
|
+
* @param newConfig - The new configuration to use
|
|
428
|
+
*/
|
|
429
|
+
function updateConfig(newConfig) {
|
|
430
|
+
// Deep clone the config to avoid mutations
|
|
431
|
+
config = cloneDeep(newConfig);
|
|
432
|
+
logForDebugging('Sandbox configuration updated');
|
|
433
|
+
}
|
|
420
434
|
async function reset() {
|
|
421
435
|
// Stop log monitor
|
|
422
436
|
if (logMonitorShutdown) {
|
|
@@ -560,7 +574,6 @@ async function reset() {
|
|
|
560
574
|
socksProxyServer = undefined;
|
|
561
575
|
managerContext = undefined;
|
|
562
576
|
initializationPromise = undefined;
|
|
563
|
-
dependenciesCheckCache = undefined;
|
|
564
577
|
}
|
|
565
578
|
function getSandboxViolationStore() {
|
|
566
579
|
return sandboxViolationStore;
|
|
@@ -639,5 +652,7 @@ export const SandboxManager = {
|
|
|
639
652
|
getSandboxViolationStore,
|
|
640
653
|
annotateStderrWithSandboxFailures,
|
|
641
654
|
getLinuxGlobPatternWarnings,
|
|
655
|
+
getConfig,
|
|
656
|
+
updateConfig,
|
|
642
657
|
};
|
|
643
658
|
//# sourceMappingURL=sandbox-manager.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sandbox-manager.js","sourceRoot":"","sources":["../../src/sandbox/sandbox-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAA;AACvD,OAAO,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAA;AAEzD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACnD,OAAO,EAAE,WAAW,EAAiB,MAAM,sBAAsB,CAAA;AACjE,OAAO,KAAK,EAAE,MAAM,IAAI,CAAA;AAQxB,OAAO,EACL,2BAA2B,EAC3B,4BAA4B,EAE5B,+BAA+B,GAChC,MAAM,0BAA0B,CAAA;AACjC,OAAO,EACL,2BAA2B,EAC3B,2BAA2B,GAC5B,MAAM,0BAA0B,CAAA;AACjC,OAAO,EACL,oBAAoB,EACpB,iBAAiB,EACjB,wBAAwB,GACzB,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,8BAA8B,CAAA;AACpE,OAAO,EAAE,GAAG,EAAE,MAAM,SAAS,CAAA;AAQ7B,+EAA+E;AAC/E,uBAAuB;AACvB,+EAA+E;AAE/E,IAAI,MAAwC,CAAA;AAC5C,IAAI,eAAqE,CAAA;AACzE,IAAI,gBAA+C,CAAA;AACnD,IAAI,cAAqD,CAAA;AACzD,IAAI,qBAAqE,CAAA;AACzE,IAAI,iBAAiB,GAAG,KAAK,CAAA;AAC7B,IAAI,kBAA4C,CAAA;AAChD,MAAM,qBAAqB,GAAG,IAAI,qBAAqB,EAAE,CAAA;AACzD,IAAI,sBAA2C,CAAA;AAE/C,+EAA+E;AAC/E,0CAA0C;AAC1C,+EAA+E;AAE/E,SAAS,eAAe;IACtB,IAAI,iBAAiB,EAAE,CAAC;QACtB,OAAM;IACR,CAAC;IACD,MAAM,cAAc,GAAG,GAAG,EAAE,CAC1B,KAAK,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE;QAChB,eAAe,CAAC,qCAAqC,CAAC,EAAE,EAAE;YACxD,KAAK,EAAE,OAAO;SACf,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IACJ,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,cAAc,CAAC,CAAA;IACpC,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAA;IACtC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,CAAA;IACvC,iBAAiB,GAAG,IAAI,CAAA;AAC1B,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAgB,EAAE,OAAe;IAC7D,+CAA+C;IAC/C,4DAA4D;IAC5D,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,MAAM,UAAU,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA,CAAC,cAAc;QACtD,OAAO,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,GAAG,UAAU,CAAC,WAAW,EAAE,CAAC,CAAA;IACxE,CAAC;IAED,wCAAwC;IACxC,OAAO,QAAQ,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC,WAAW,EAAE,CAAA;AACzD,CAAC;AAED,KAAK,UAAU,oBAAoB,CACjC,IAAY,EACZ,IAAY,EACZ,kBAAuC;IAEvC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,eAAe,CAAC,8CAA8C,CAAC,CAAA;QAC/D,OAAO,KAAK,CAAA;IACd,CAAC;IAED,6BAA6B;IAC7B,KAAK,MAAM,YAAY,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;QACxD,IAAI,oBAAoB,CAAC,IAAI,EAAE,YAAY,CAAC,EAAE,CAAC;YAC7C,eAAe,CAAC,0BAA0B,IAAI,IAAI,IAAI,EAAE,CAAC,CAAA;YACzD,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,KAAK,MAAM,aAAa,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;QAC1D,IAAI,oBAAoB,CAAC,IAAI,EAAE,aAAa,CAAC,EAAE,CAAC;YAC9C,eAAe,CAAC,2BAA2B,IAAI,IAAI,IAAI,EAAE,CAAC,CAAA;YAC1D,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,uCAAuC;IACvC,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,eAAe,CAAC,qCAAqC,IAAI,IAAI,IAAI,EAAE,CAAC,CAAA;QACpE,OAAO,KAAK,CAAA;IACd,CAAC;IAED,eAAe,CAAC,yCAAyC,IAAI,IAAI,IAAI,EAAE,CAAC,CAAA;IACxE,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,MAAM,kBAAkB,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAA;QAC5D,IAAI,WAAW,EAAE,CAAC;YAChB,eAAe,CAAC,iBAAiB,IAAI,IAAI,IAAI,EAAE,CAAC,CAAA;YAChD,OAAO,IAAI,CAAA;QACb,CAAC;aAAM,CAAC;YACN,eAAe,CAAC,gBAAgB,IAAI,IAAI,IAAI,EAAE,CAAC,CAAA;YAC/C,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,eAAe,CAAC,iCAAiC,KAAK,EAAE,EAAE;YACxD,KAAK,EAAE,OAAO;SACf,CAAC,CAAA;QACF,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,oBAAoB,CACjC,kBAAuC;IAEvC,eAAe,GAAG,qBAAqB,CAAC;QACtC,MAAM,EAAE,CAAC,IAAY,EAAE,IAAY,EAAE,EAAE,CACrC,oBAAoB,CAAC,IAAI,EAAE,IAAI,EAAE,kBAAkB,CAAC;KACvD,CAAC,CAAA;IAEF,OAAO,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC7C,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,MAAM,CAAC,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC,CAAA;YAC9D,OAAM;QACR,CAAC;QAED,MAAM,MAAM,GAAG,eAAe,CAAA;QAE9B,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC5B,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,EAAE;YAC5B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,EAAE,CAAA;YAChC,IAAI,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;gBAC3C,MAAM,CAAC,KAAK,EAAE,CAAA;gBACd,eAAe,CAAC,qCAAqC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAA;gBACpE,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;YACvB,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC,CAAA;YACzD,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,CAAC,CAAA;IAC/B,CAAC,CAAC,CAAA;AACJ,CAAC;AAED,KAAK,UAAU,qBAAqB,CAClC,kBAAuC;IAEvC,gBAAgB,GAAG,sBAAsB,CAAC;QACxC,MAAM,EAAE,CAAC,IAAY,EAAE,IAAY,EAAE,EAAE,CACrC,oBAAoB,CAAC,IAAI,EAAE,IAAI,EAAE,kBAAkB,CAAC;KACvD,CAAC,CAAA;IAEF,OAAO,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC7C,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,0CAA0C;YAC1C,MAAM,CAAC,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC,CAAA;YAC/D,OAAM;QACR,CAAC;QAED,gBAAgB;aACb,MAAM,CAAC,CAAC,EAAE,WAAW,CAAC;aACtB,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE;YACrB,gBAAgB,EAAE,KAAK,EAAE,CAAA;YACzB,OAAO,CAAC,IAAI,CAAC,CAAA;QACf,CAAC,CAAC;aACD,KAAK,CAAC,MAAM,CAAC,CAAA;IAClB,CAAC,CAAC,CAAA;AACJ,CAAC;AAED,+EAA+E;AAC/E,2DAA2D;AAC3D,+EAA+E;AAE/E,KAAK,UAAU,UAAU,CACvB,aAAmC,EACnC,kBAAuC,EACvC,gBAAgB,GAAG,KAAK;IAExB,iCAAiC;IACjC,IAAI,qBAAqB,EAAE,CAAC;QAC1B,MAAM,qBAAqB,CAAA;QAC3B,OAAM;IACR,CAAC;IAED,0CAA0C;IAC1C,MAAM,GAAG,aAAa,CAAA;IAEtB,+DAA+D;IAC/D,IAAI,CAAC,iBAAiB,EAAE,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAA;QAC9B,IAAI,YAAY,GAAG,wDAAwD,CAAA;QAE3E,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;YACzB,YAAY,IAAI,yDAAyD,CAAA;QAC3E,CAAC;aAAM,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;YAChC,YAAY,IAAI,0BAA0B,CAAA;QAC5C,CAAC;aAAM,CAAC;YACN,YAAY,IAAI,cAAc,QAAQ,qBAAqB,CAAA;QAC7D,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAA;IAC/B,CAAC;IAED,yCAAyC;IACzC,IAAI,gBAAgB,IAAI,WAAW,EAAE,KAAK,OAAO,EAAE,CAAC;QAClD,kBAAkB,GAAG,2BAA2B,CAC9C,qBAAqB,CAAC,YAAY,CAAC,IAAI,CAAC,qBAAqB,CAAC,EAC9D,MAAM,CAAC,gBAAgB,CACxB,CAAA;QACD,eAAe,CAAC,mCAAmC,CAAC,CAAA;IACtD,CAAC;IAED,uCAAuC;IACvC,eAAe,EAAE,CAAA;IAEjB,oCAAoC;IACpC,qBAAqB,GAAG,CAAC,KAAK,IAAI,EAAE;QAClC,IAAI,CAAC;YACH,oDAAoD;YACpD,IAAI,aAAqB,CAAA;YACzB,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;gBAC/C,iDAAiD;gBACjD,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,CAAA;gBAC5C,eAAe,CAAC,qCAAqC,aAAa,EAAE,CAAC,CAAA;YACvE,CAAC;iBAAM,CAAC;gBACN,yBAAyB;gBACzB,aAAa,GAAG,MAAM,oBAAoB,CAAC,kBAAkB,CAAC,CAAA;YAChE,CAAC;YAED,IAAI,cAAsB,CAAA;YAC1B,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;gBAChD,kDAAkD;gBAClD,cAAc,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,CAAA;gBAC9C,eAAe,CAAC,sCAAsC,cAAc,EAAE,CAAC,CAAA;YACzE,CAAC;iBAAM,CAAC;gBACN,0BAA0B;gBAC1B,cAAc,GAAG,MAAM,qBAAqB,CAAC,kBAAkB,CAAC,CAAA;YAClE,CAAC;YAED,8CAA8C;YAC9C,IAAI,WAAkD,CAAA;YACtD,IAAI,WAAW,EAAE,KAAK,OAAO,EAAE,CAAC;gBAC9B,WAAW,GAAG,MAAM,4BAA4B,CAC9C,aAAa,EACb,cAAc,CACf,CAAA;YACH,CAAC;YAED,MAAM,OAAO,GAA8B;gBACzC,aAAa;gBACb,cAAc;gBACd,WAAW;aACZ,CAAA;YACD,cAAc,GAAG,OAAO,CAAA;YACxB,eAAe,CAAC,oCAAoC,CAAC,CAAA;YACrD,OAAO,OAAO,CAAA;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,wDAAwD;YACxD,qBAAqB,GAAG,SAAS,CAAA;YACjC,cAAc,GAAG,SAAS,CAAA;YAC1B,KAAK,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE;gBAChB,eAAe,CAAC,2CAA2C,CAAC,EAAE,EAAE;oBAC9D,KAAK,EAAE,OAAO;iBACf,CAAC,CAAA;YACJ,CAAC,CAAC,CAAA;YACF,MAAM,KAAK,CAAA;QACb,CAAC;IACH,CAAC,CAAC,EAAE,CAAA;IAEJ,MAAM,qBAAqB,CAAA;AAC7B,CAAC;AAED,SAAS,mBAAmB,CAAC,QAAkB;IAC7C,MAAM,kBAAkB,GAAe,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;IACzD,OAAO,kBAAkB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;AAC9C,CAAC;AAED,SAAS,mBAAmB;IAC1B,kEAAkE;IAClE,OAAO,MAAM,KAAK,SAAS,CAAA;AAC7B,CAAC;AAED;;;GAGG;AACH,SAAS,iBAAiB;IACxB,oCAAoC;IACpC,IAAI,sBAAsB,KAAK,SAAS,EAAE,CAAC;QACzC,OAAO,sBAAsB,CAAA;IAC/B,CAAC;IAED,SAAS,mBAAmB;QAC1B,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAA;QAE9B,yBAAyB;QACzB,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,EAAE,CAAC;YACnC,OAAO,KAAK,CAAA;QACd,CAAC;QAED,qEAAqE;QACrE,iFAAiF;QACjF,MAAM,gBAAgB,GAAG,MAAM,EAAE,OAAO,EAAE,OAAO,KAAK,SAAS,CAAA;QAC/D,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,sCAAsC;YACtC,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC;gBACtB,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;QAED,sCAAsC;QACtC,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;YACzB,MAAM,mBAAmB,GAAG,MAAM,EAAE,OAAO,EAAE,mBAAmB,IAAI,KAAK,CAAA;YACzE,OAAO,+BAA+B,CAAC,mBAAmB,CAAC,CAAA;QAC7D,CAAC;QAED,mDAAmD;QACnD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,sBAAsB,GAAG,mBAAmB,EAAE,CAAA;IAC9C,OAAO,sBAAsB,CAAA;AAC/B,CAAC;AAED,SAAS,eAAe;IACtB,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAA;IACzB,CAAC;IAED,oCAAoC;IACpC,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ;SACzC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC;SAC3C,MAAM,CAAC,IAAI,CAAC,EAAE;QACb,IAAI,WAAW,EAAE,KAAK,OAAO,IAAI,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC;YACzD,eAAe,CAAC,mCAAmC,IAAI,EAAE,CAAC,CAAA;YAC1D,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC,CAAC,CAAA;IAEJ,OAAO;QACL,QAAQ,EAAE,SAAS;KACpB,CAAA;AACH,CAAC;AAED,SAAS,gBAAgB;IACvB,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,SAAS,EAAE,oBAAoB,EAAE,EAAE,eAAe,EAAE,EAAE,EAAE,CAAA;IACnE,CAAC;IAED,mDAAmD;IACnD,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC,UAAU;SAC5C,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC;SAC3C,MAAM,CAAC,IAAI,CAAC,EAAE;QACb,IAAI,WAAW,EAAE,KAAK,OAAO,IAAI,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC;YACzD,eAAe,CAAC,mCAAmC,IAAI,EAAE,CAAC,CAAA;YAC1D,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC,CAAC,CAAA;IAEJ,kDAAkD;IAClD,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,SAAS;SAC1C,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC;SAC3C,MAAM,CAAC,IAAI,CAAC,EAAE;QACb,IAAI,WAAW,EAAE,KAAK,OAAO,IAAI,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC;YACzD,eAAe,CAAC,mCAAmC,IAAI,EAAE,CAAC,CAAA;YAC1D,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC,CAAC,CAAA;IAEJ,+DAA+D;IAC/D,MAAM,SAAS,GAAG,CAAC,GAAG,oBAAoB,EAAE,EAAE,GAAG,UAAU,CAAC,CAAA;IAE5D,OAAO;QACL,SAAS;QACT,eAAe,EAAE,SAAS;KAC3B,CAAA;AACH,CAAC;AAED,SAAS,2BAA2B;IAClC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,CAAA;IACX,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,CAAA;IAClD,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,CAAA;IAEhD,OAAO;QACL,GAAG,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,YAAY,EAAE,CAAC;QAChD,GAAG,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,CAAC;KAC/C,CAAA;AACH,CAAC;AAED,SAAS,mBAAmB;IAC1B,OAAO,MAAM,EAAE,OAAO,EAAE,gBAAgB,CAAA;AAC1C,CAAC;AAED,SAAS,sBAAsB;IAC7B,OAAO,MAAM,EAAE,OAAO,EAAE,mBAAmB,CAAA;AAC7C,CAAC;AAED,SAAS,oBAAoB;IAC3B,OAAO,MAAM,EAAE,OAAO,EAAE,iBAAiB,CAAA;AAC3C,CAAC;AAED,SAAS,mBAAmB;IAC1B,OAAO,MAAM,EAAE,gBAAgB,CAAA;AACjC,CAAC;AAED,SAAS,4BAA4B;IACnC,OAAO,MAAM,EAAE,yBAAyB,CAAA;AAC1C,CAAC;AAED,SAAS,gBAAgB;IACvB,OAAO,MAAM,EAAE,OAAO,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;AAC7C,CAAC;AAED,SAAS,YAAY;IACnB,OAAO,cAAc,EAAE,aAAa,CAAA;AACtC,CAAC;AAED,SAAS,iBAAiB;IACxB,OAAO,cAAc,EAAE,cAAc,CAAA;AACvC,CAAC;AAED,SAAS,sBAAsB;IAC7B,OAAO,cAAc,EAAE,WAAW,EAAE,cAAc,CAAA;AACpD,CAAC;AAED,SAAS,uBAAuB;IAC9B,OAAO,cAAc,EAAE,WAAW,EAAE,eAAe,CAAA;AACrD,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,4BAA4B;IACzC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,KAAK,CAAA;IACd,CAAC;IACD,IAAI,qBAAqB,EAAE,CAAC;QAC1B,IAAI,CAAC;YACH,MAAM,qBAAqB,CAAA;YAC3B,OAAO,IAAI,CAAA;QACb,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IACD,OAAO,cAAc,KAAK,SAAS,CAAA;AACrC,CAAC;AAED,KAAK,UAAU,eAAe,CAC5B,OAAe,EACf,QAAiB;IAEjB,qCAAqC;IACrC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAA;IAE9B,kCAAkC;IAClC,MAAM,4BAA4B,EAAE,CAAA;IAEpC,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,OAAO;YACV,OAAO,MAAM,2BAA2B,CAAC;gBACvC,OAAO;gBACP,aAAa,EAAE,YAAY,EAAE;gBAC7B,cAAc,EAAE,iBAAiB,EAAE;gBACnC,UAAU,EAAE,eAAe,EAAE;gBAC7B,WAAW,EAAE,gBAAgB,EAAE;gBAC/B,uBAAuB,EAAE,IAAI;gBAC7B,gBAAgB,EAAE,mBAAmB,EAAE;gBACvC,mBAAmB,EAAE,sBAAsB,EAAE;gBAC7C,iBAAiB,EAAE,oBAAoB,EAAE;gBACzC,gBAAgB,EAAE,mBAAmB,EAAE;gBACvC,QAAQ;gBACR,aAAa,EAAE,gBAAgB,EAAE;aAClC,CAAC,CAAA;QAEJ,KAAK,OAAO;YACV,OAAO,2BAA2B,CAAC;gBACjC,OAAO;gBACP,sBAAsB,EAAE,IAAI;gBAC5B,yBAAyB,EAAE,IAAI;gBAC/B,cAAc,EAAE,sBAAsB,EAAE;gBACxC,eAAe,EAAE,uBAAuB,EAAE;gBAC1C,aAAa,EAAE,cAAc,EAAE,aAAa;gBAC5C,cAAc,EAAE,cAAc,EAAE,cAAc;gBAC9C,UAAU,EAAE,eAAe,EAAE;gBAC7B,WAAW,EAAE,gBAAgB,EAAE;gBAC/B,yBAAyB,EAAE,4BAA4B,EAAE;gBACzD,mBAAmB,EAAE,sBAAsB,EAAE;gBAC7C,QAAQ;gBACR,aAAa,EAAE,gBAAgB,EAAE;aAClC,CAAC,CAAA;QAEJ;YACE,oGAAoG;YACpG,MAAM,IAAI,KAAK,CACb,uDAAuD,QAAQ,EAAE,CAClE,CAAA;IACL,CAAC;AACH,CAAC;AAED,KAAK,UAAU,KAAK;IAClB,mBAAmB;IACnB,IAAI,kBAAkB,EAAE,CAAC;QACvB,kBAAkB,EAAE,CAAA;QACpB,kBAAkB,GAAG,SAAS,CAAA;IAChC,CAAC;IAED,IAAI,cAAc,EAAE,WAAW,EAAE,CAAC;QAChC,MAAM,EACJ,cAAc,EACd,eAAe,EACf,iBAAiB,EACjB,kBAAkB,GACnB,GAAG,cAAc,CAAC,WAAW,CAAA;QAE9B,yCAAyC;QACzC,MAAM,YAAY,GAAoB,EAAE,CAAA;QAExC,2CAA2C;QAC3C,IAAI,iBAAiB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;YACvD,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gBAC9C,eAAe,CAAC,qCAAqC,CAAC,CAAA;gBAEtD,2BAA2B;gBAC3B,YAAY,CAAC,IAAI,CACf,IAAI,OAAO,CAAO,OAAO,CAAC,EAAE;oBAC1B,iBAAiB,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE;wBAClC,eAAe,CAAC,4BAA4B,CAAC,CAAA;wBAC7C,OAAO,EAAE,CAAA;oBACX,CAAC,CAAC,CAAA;oBACF,0BAA0B;oBAC1B,UAAU,CAAC,GAAG,EAAE;wBACd,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;4BAC9B,eAAe,CAAC,2CAA2C,EAAE;gCAC3D,KAAK,EAAE,MAAM;6BACd,CAAC,CAAA;4BACF,IAAI,CAAC;gCACH,IAAI,iBAAiB,CAAC,GAAG,EAAE,CAAC;oCAC1B,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gCAChD,CAAC;4BACH,CAAC;4BAAC,MAAM,CAAC;gCACP,kCAAkC;4BACpC,CAAC;wBACH,CAAC;wBACD,OAAO,EAAE,CAAA;oBACX,CAAC,EAAE,IAAI,CAAC,CAAA;gBACV,CAAC,CAAC,CACH,CAAA;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAK,GAA6B,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;oBACpD,eAAe,CAAC,8BAA8B,GAAG,EAAE,EAAE;wBACnD,KAAK,EAAE,OAAO;qBACf,CAAC,CAAA;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,4CAA4C;QAC5C,IAAI,kBAAkB,CAAC,GAAG,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,CAAC;YACzD,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gBAC/C,eAAe,CAAC,sCAAsC,CAAC,CAAA;gBAEvD,2BAA2B;gBAC3B,YAAY,CAAC,IAAI,CACf,IAAI,OAAO,CAAO,OAAO,CAAC,EAAE;oBAC1B,kBAAkB,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE;wBACnC,eAAe,CAAC,6BAA6B,CAAC,CAAA;wBAC9C,OAAO,EAAE,CAAA;oBACX,CAAC,CAAC,CAAA;oBACF,0BAA0B;oBAC1B,UAAU,CAAC,GAAG,EAAE;wBACd,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,CAAC;4BAC/B,eAAe,CAAC,4CAA4C,EAAE;gCAC5D,KAAK,EAAE,MAAM;6BACd,CAAC,CAAA;4BACF,IAAI,CAAC;gCACH,IAAI,kBAAkB,CAAC,GAAG,EAAE,CAAC;oCAC3B,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gCACjD,CAAC;4BACH,CAAC;4BAAC,MAAM,CAAC;gCACP,kCAAkC;4BACpC,CAAC;wBACH,CAAC;wBACD,OAAO,EAAE,CAAA;oBACX,CAAC,EAAE,IAAI,CAAC,CAAA;gBACV,CAAC,CAAC,CACH,CAAA;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAK,GAA6B,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;oBACpD,eAAe,CAAC,+BAA+B,GAAG,EAAE,EAAE;wBACpD,KAAK,EAAE,OAAO;qBACf,CAAC,CAAA;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,kCAAkC;QAClC,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;QAE/B,mBAAmB;QACnB,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,CAAC;gBACH,EAAE,CAAC,MAAM,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAA;gBAC1C,eAAe,CAAC,wBAAwB,CAAC,CAAA;YAC3C,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,eAAe,CAAC,8BAA8B,GAAG,EAAE,EAAE;oBACnD,KAAK,EAAE,OAAO;iBACf,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,IAAI,eAAe,EAAE,CAAC;YACpB,IAAI,CAAC;gBACH,EAAE,CAAC,MAAM,CAAC,eAAe,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAA;gBAC3C,eAAe,CAAC,yBAAyB,CAAC,CAAA;YAC5C,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,eAAe,CAAC,+BAA+B,GAAG,EAAE,EAAE;oBACpD,KAAK,EAAE,OAAO;iBACf,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,2EAA2E;IAC3E,MAAM,aAAa,GAAoB,EAAE,CAAA;IAEzC,IAAI,eAAe,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,eAAe,CAAA,CAAC,8CAA8C;QAC7E,MAAM,SAAS,GAAG,IAAI,OAAO,CAAO,OAAO,CAAC,EAAE;YAC5C,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE;gBACnB,IAAI,KAAK,IAAI,KAAK,CAAC,OAAO,KAAK,wBAAwB,EAAE,CAAC;oBACxD,eAAe,CAAC,oCAAoC,KAAK,CAAC,OAAO,EAAE,EAAE;wBACnE,KAAK,EAAE,OAAO;qBACf,CAAC,CAAA;gBACJ,CAAC;gBACD,OAAO,EAAE,CAAA;YACX,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QACF,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IAC/B,CAAC;IAED,IAAI,gBAAgB,EAAE,CAAC;QACrB,MAAM,UAAU,GAAG,gBAAgB,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,CAAC,KAAY,EAAE,EAAE;YACjE,eAAe,CAAC,qCAAqC,KAAK,CAAC,OAAO,EAAE,EAAE;gBACpE,KAAK,EAAE,OAAO;aACf,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QACF,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IAChC,CAAC;IAED,gCAAgC;IAChC,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;IAEhC,mBAAmB;IACnB,eAAe,GAAG,SAAS,CAAA;IAC3B,gBAAgB,GAAG,SAAS,CAAA;IAC5B,cAAc,GAAG,SAAS,CAAA;IAC1B,qBAAqB,GAAG,SAAS,CAAA;IACjC,sBAAsB,GAAG,SAAS,CAAA;AACpC,CAAC;AAED,SAAS,wBAAwB;IAC/B,OAAO,qBAAqB,CAAA;AAC9B,CAAC;AAED,SAAS,iCAAiC,CACxC,OAAe,EACf,MAAc;IAEd,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,MAAM,CAAA;IACf,CAAC;IAED,MAAM,UAAU,GAAG,qBAAqB,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAA;IACzE,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,MAAM,CAAA;IACf,CAAC;IAED,IAAI,SAAS,GAAG,MAAM,CAAA;IACtB,SAAS,IAAI,GAAG,GAAG,sBAAsB,GAAG,GAAG,CAAA;IAC/C,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,SAAS,IAAI,SAAS,CAAC,IAAI,GAAG,GAAG,CAAA;IACnC,CAAC;IACD,SAAS,IAAI,uBAAuB,CAAA;IAEpC,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;GAMG;AACH,SAAS,2BAA2B;IAClC,qBAAqB;IACrB,oDAAoD;IACpD,IAAI,WAAW,EAAE,KAAK,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;QACzC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,MAAM,YAAY,GAAa,EAAE,CAAA;IAEjC,2CAA2C;IAC3C,MAAM,QAAQ,GAAG;QACf,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ;QAC7B,GAAG,MAAM,CAAC,UAAU,CAAC,UAAU;QAC/B,GAAG,MAAM,CAAC,UAAU,CAAC,SAAS;KAC/B,CAAA;IAED,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,qFAAqF;QACrF,MAAM,uBAAuB,GAAG,wBAAwB,CAAC,IAAI,CAAC,CAAA;QAE9D,2EAA2E;QAC3E,IAAI,iBAAiB,CAAC,uBAAuB,CAAC,EAAE,CAAC;YAC/C,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAA;AACrB,CAAC;AAoCD,+EAA+E;AAC/E,qCAAqC;AACrC,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,CAAC,MAAM,cAAc,GAAoB;IAC7C,UAAU;IACV,mBAAmB;IACnB,mBAAmB;IACnB,iBAAiB;IACjB,eAAe;IACf,gBAAgB;IAChB,2BAA2B;IAC3B,mBAAmB;IACnB,oBAAoB;IACpB,4BAA4B;IAC5B,YAAY;IACZ,iBAAiB;IACjB,sBAAsB;IACtB,uBAAuB;IACvB,4BAA4B;IAC5B,eAAe;IACf,KAAK;IACL,wBAAwB;IACxB,iCAAiC;IACjC,2BAA2B;CACnB,CAAA"}
|
|
1
|
+
{"version":3,"file":"sandbox-manager.js","sourceRoot":"","sources":["../../src/sandbox/sandbox-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAA;AACvD,OAAO,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAA;AAEzD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAA;AACrC,OAAO,EAAE,WAAW,EAAiB,MAAM,sBAAsB,CAAA;AACjE,OAAO,KAAK,EAAE,MAAM,IAAI,CAAA;AAQxB,OAAO,EACL,2BAA2B,EAC3B,4BAA4B,EAE5B,+BAA+B,GAChC,MAAM,0BAA0B,CAAA;AACjC,OAAO,EACL,2BAA2B,EAC3B,2BAA2B,GAC5B,MAAM,0BAA0B,CAAA;AACjC,OAAO,EACL,oBAAoB,EACpB,iBAAiB,EACjB,wBAAwB,GACzB,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,8BAA8B,CAAA;AACpE,OAAO,EAAE,GAAG,EAAE,MAAM,SAAS,CAAA;AAQ7B,+EAA+E;AAC/E,uBAAuB;AACvB,+EAA+E;AAE/E,IAAI,MAAwC,CAAA;AAC5C,IAAI,eAAqE,CAAA;AACzE,IAAI,gBAA+C,CAAA;AACnD,IAAI,cAAqD,CAAA;AACzD,IAAI,qBAAqE,CAAA;AACzE,IAAI,iBAAiB,GAAG,KAAK,CAAA;AAC7B,IAAI,kBAA4C,CAAA;AAChD,MAAM,qBAAqB,GAAG,IAAI,qBAAqB,EAAE,CAAA;AACzD,+EAA+E;AAC/E,0CAA0C;AAC1C,+EAA+E;AAE/E,SAAS,eAAe;IACtB,IAAI,iBAAiB,EAAE,CAAC;QACtB,OAAM;IACR,CAAC;IACD,MAAM,cAAc,GAAG,GAAG,EAAE,CAC1B,KAAK,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE;QAChB,eAAe,CAAC,qCAAqC,CAAC,EAAE,EAAE;YACxD,KAAK,EAAE,OAAO;SACf,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IACJ,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,cAAc,CAAC,CAAA;IACpC,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAA;IACtC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,CAAA;IACvC,iBAAiB,GAAG,IAAI,CAAA;AAC1B,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAgB,EAAE,OAAe;IAC7D,+CAA+C;IAC/C,4DAA4D;IAC5D,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,MAAM,UAAU,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA,CAAC,cAAc;QACtD,OAAO,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,GAAG,UAAU,CAAC,WAAW,EAAE,CAAC,CAAA;IACxE,CAAC;IAED,wCAAwC;IACxC,OAAO,QAAQ,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC,WAAW,EAAE,CAAA;AACzD,CAAC;AAED,KAAK,UAAU,oBAAoB,CACjC,IAAY,EACZ,IAAY,EACZ,kBAAuC;IAEvC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,eAAe,CAAC,8CAA8C,CAAC,CAAA;QAC/D,OAAO,KAAK,CAAA;IACd,CAAC;IAED,6BAA6B;IAC7B,KAAK,MAAM,YAAY,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;QACxD,IAAI,oBAAoB,CAAC,IAAI,EAAE,YAAY,CAAC,EAAE,CAAC;YAC7C,eAAe,CAAC,0BAA0B,IAAI,IAAI,IAAI,EAAE,CAAC,CAAA;YACzD,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,KAAK,MAAM,aAAa,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;QAC1D,IAAI,oBAAoB,CAAC,IAAI,EAAE,aAAa,CAAC,EAAE,CAAC;YAC9C,eAAe,CAAC,2BAA2B,IAAI,IAAI,IAAI,EAAE,CAAC,CAAA;YAC1D,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,uCAAuC;IACvC,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,eAAe,CAAC,qCAAqC,IAAI,IAAI,IAAI,EAAE,CAAC,CAAA;QACpE,OAAO,KAAK,CAAA;IACd,CAAC;IAED,eAAe,CAAC,yCAAyC,IAAI,IAAI,IAAI,EAAE,CAAC,CAAA;IACxE,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,MAAM,kBAAkB,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAA;QAC5D,IAAI,WAAW,EAAE,CAAC;YAChB,eAAe,CAAC,iBAAiB,IAAI,IAAI,IAAI,EAAE,CAAC,CAAA;YAChD,OAAO,IAAI,CAAA;QACb,CAAC;aAAM,CAAC;YACN,eAAe,CAAC,gBAAgB,IAAI,IAAI,IAAI,EAAE,CAAC,CAAA;YAC/C,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,eAAe,CAAC,iCAAiC,KAAK,EAAE,EAAE;YACxD,KAAK,EAAE,OAAO;SACf,CAAC,CAAA;QACF,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,oBAAoB,CACjC,kBAAuC;IAEvC,eAAe,GAAG,qBAAqB,CAAC;QACtC,MAAM,EAAE,CAAC,IAAY,EAAE,IAAY,EAAE,EAAE,CACrC,oBAAoB,CAAC,IAAI,EAAE,IAAI,EAAE,kBAAkB,CAAC;KACvD,CAAC,CAAA;IAEF,OAAO,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC7C,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,MAAM,CAAC,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC,CAAA;YAC9D,OAAM;QACR,CAAC;QAED,MAAM,MAAM,GAAG,eAAe,CAAA;QAE9B,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC5B,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,EAAE;YAC5B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,EAAE,CAAA;YAChC,IAAI,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;gBAC3C,MAAM,CAAC,KAAK,EAAE,CAAA;gBACd,eAAe,CAAC,qCAAqC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAA;gBACpE,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;YACvB,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC,CAAA;YACzD,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,CAAC,CAAA;IAC/B,CAAC,CAAC,CAAA;AACJ,CAAC;AAED,KAAK,UAAU,qBAAqB,CAClC,kBAAuC;IAEvC,gBAAgB,GAAG,sBAAsB,CAAC;QACxC,MAAM,EAAE,CAAC,IAAY,EAAE,IAAY,EAAE,EAAE,CACrC,oBAAoB,CAAC,IAAI,EAAE,IAAI,EAAE,kBAAkB,CAAC;KACvD,CAAC,CAAA;IAEF,OAAO,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC7C,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,0CAA0C;YAC1C,MAAM,CAAC,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC,CAAA;YAC/D,OAAM;QACR,CAAC;QAED,gBAAgB;aACb,MAAM,CAAC,CAAC,EAAE,WAAW,CAAC;aACtB,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE;YACrB,gBAAgB,EAAE,KAAK,EAAE,CAAA;YACzB,OAAO,CAAC,IAAI,CAAC,CAAA;QACf,CAAC,CAAC;aACD,KAAK,CAAC,MAAM,CAAC,CAAA;IAClB,CAAC,CAAC,CAAA;AACJ,CAAC;AAED,+EAA+E;AAC/E,2DAA2D;AAC3D,+EAA+E;AAE/E,KAAK,UAAU,UAAU,CACvB,aAAmC,EACnC,kBAAuC,EACvC,gBAAgB,GAAG,KAAK;IAExB,iCAAiC;IACjC,IAAI,qBAAqB,EAAE,CAAC;QAC1B,MAAM,qBAAqB,CAAA;QAC3B,OAAM;IACR,CAAC;IAED,0CAA0C;IAC1C,MAAM,GAAG,aAAa,CAAA;IAEtB,+DAA+D;IAC/D,IAAI,CAAC,iBAAiB,EAAE,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAA;QAC9B,IAAI,YAAY,GAAG,wDAAwD,CAAA;QAE3E,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;YACzB,YAAY,IAAI,yDAAyD,CAAA;QAC3E,CAAC;aAAM,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;YAChC,YAAY,IAAI,0BAA0B,CAAA;QAC5C,CAAC;aAAM,CAAC;YACN,YAAY,IAAI,cAAc,QAAQ,qBAAqB,CAAA;QAC7D,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAA;IAC/B,CAAC;IAED,yCAAyC;IACzC,IAAI,gBAAgB,IAAI,WAAW,EAAE,KAAK,OAAO,EAAE,CAAC;QAClD,kBAAkB,GAAG,2BAA2B,CAC9C,qBAAqB,CAAC,YAAY,CAAC,IAAI,CAAC,qBAAqB,CAAC,EAC9D,MAAM,CAAC,gBAAgB,CACxB,CAAA;QACD,eAAe,CAAC,mCAAmC,CAAC,CAAA;IACtD,CAAC;IAED,uCAAuC;IACvC,eAAe,EAAE,CAAA;IAEjB,oCAAoC;IACpC,qBAAqB,GAAG,CAAC,KAAK,IAAI,EAAE;QAClC,IAAI,CAAC;YACH,oDAAoD;YACpD,IAAI,aAAqB,CAAA;YACzB,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;gBAC/C,iDAAiD;gBACjD,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,CAAA;gBAC5C,eAAe,CAAC,qCAAqC,aAAa,EAAE,CAAC,CAAA;YACvE,CAAC;iBAAM,CAAC;gBACN,yBAAyB;gBACzB,aAAa,GAAG,MAAM,oBAAoB,CAAC,kBAAkB,CAAC,CAAA;YAChE,CAAC;YAED,IAAI,cAAsB,CAAA;YAC1B,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;gBAChD,kDAAkD;gBAClD,cAAc,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,CAAA;gBAC9C,eAAe,CAAC,sCAAsC,cAAc,EAAE,CAAC,CAAA;YACzE,CAAC;iBAAM,CAAC;gBACN,0BAA0B;gBAC1B,cAAc,GAAG,MAAM,qBAAqB,CAAC,kBAAkB,CAAC,CAAA;YAClE,CAAC;YAED,8CAA8C;YAC9C,IAAI,WAAkD,CAAA;YACtD,IAAI,WAAW,EAAE,KAAK,OAAO,EAAE,CAAC;gBAC9B,WAAW,GAAG,MAAM,4BAA4B,CAC9C,aAAa,EACb,cAAc,CACf,CAAA;YACH,CAAC;YAED,MAAM,OAAO,GAA8B;gBACzC,aAAa;gBACb,cAAc;gBACd,WAAW;aACZ,CAAA;YACD,cAAc,GAAG,OAAO,CAAA;YACxB,eAAe,CAAC,oCAAoC,CAAC,CAAA;YACrD,OAAO,OAAO,CAAA;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,wDAAwD;YACxD,qBAAqB,GAAG,SAAS,CAAA;YACjC,cAAc,GAAG,SAAS,CAAA;YAC1B,KAAK,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE;gBAChB,eAAe,CAAC,2CAA2C,CAAC,EAAE,EAAE;oBAC9D,KAAK,EAAE,OAAO;iBACf,CAAC,CAAA;YACJ,CAAC,CAAC,CAAA;YACF,MAAM,KAAK,CAAA;QACb,CAAC;IACH,CAAC,CAAC,EAAE,CAAA;IAEJ,MAAM,qBAAqB,CAAA;AAC7B,CAAC;AAED,SAAS,mBAAmB,CAAC,QAAkB;IAC7C,MAAM,kBAAkB,GAAe,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;IACzD,OAAO,kBAAkB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;AAC9C,CAAC;AAED,SAAS,mBAAmB;IAC1B,kEAAkE;IAClE,OAAO,MAAM,KAAK,SAAS,CAAA;AAC7B,CAAC;AAED;;;;GAIG;AACH,SAAS,iBAAiB,CAAC,aAG1B;IACC,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAA;IAE9B,yBAAyB;IACzB,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnC,OAAO,KAAK,CAAA;IACd,CAAC;IAED,oCAAoC;IACpC,gCAAgC;IAChC,qCAAqC;IACrC,6BAA6B;IAC7B,MAAM,SAAS,GAAG,aAAa,IAAI,MAAM,EAAE,OAAO,CAAA;IAElD,qEAAqE;IACrE,iFAAiF;IACjF,MAAM,gBAAgB,GAAG,SAAS,EAAE,OAAO,KAAK,SAAS,CAAA;IACzD,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,sCAAsC;QACtC,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC;YACtB,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IAED,sCAAsC;IACtC,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;QACzB,MAAM,mBAAmB,GAAG,MAAM,EAAE,OAAO,EAAE,mBAAmB,IAAI,KAAK,CAAA;QACzE,OAAO,+BAA+B,CAAC,mBAAmB,CAAC,CAAA;IAC7D,CAAC;IAED,mDAAmD;IACnD,OAAO,IAAI,CAAA;AACb,CAAC;AAED,SAAS,eAAe;IACtB,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAA;IACzB,CAAC;IAED,oCAAoC;IACpC,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ;SACzC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC;SAC3C,MAAM,CAAC,IAAI,CAAC,EAAE;QACb,IAAI,WAAW,EAAE,KAAK,OAAO,IAAI,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC;YACzD,eAAe,CAAC,mCAAmC,IAAI,EAAE,CAAC,CAAA;YAC1D,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC,CAAC,CAAA;IAEJ,OAAO;QACL,QAAQ,EAAE,SAAS;KACpB,CAAA;AACH,CAAC;AAED,SAAS,gBAAgB;IACvB,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,SAAS,EAAE,oBAAoB,EAAE,EAAE,eAAe,EAAE,EAAE,EAAE,CAAA;IACnE,CAAC;IAED,mDAAmD;IACnD,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC,UAAU;SAC5C,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC;SAC3C,MAAM,CAAC,IAAI,CAAC,EAAE;QACb,IAAI,WAAW,EAAE,KAAK,OAAO,IAAI,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC;YACzD,eAAe,CAAC,mCAAmC,IAAI,EAAE,CAAC,CAAA;YAC1D,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC,CAAC,CAAA;IAEJ,kDAAkD;IAClD,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,SAAS;SAC1C,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC;SAC3C,MAAM,CAAC,IAAI,CAAC,EAAE;QACb,IAAI,WAAW,EAAE,KAAK,OAAO,IAAI,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC;YACzD,eAAe,CAAC,mCAAmC,IAAI,EAAE,CAAC,CAAA;YAC1D,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC,CAAC,CAAA;IAEJ,+DAA+D;IAC/D,MAAM,SAAS,GAAG,CAAC,GAAG,oBAAoB,EAAE,EAAE,GAAG,UAAU,CAAC,CAAA;IAE5D,OAAO;QACL,SAAS;QACT,eAAe,EAAE,SAAS;KAC3B,CAAA;AACH,CAAC;AAED,SAAS,2BAA2B;IAClC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,CAAA;IACX,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,CAAA;IAClD,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,CAAA;IAEhD,OAAO;QACL,GAAG,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,YAAY,EAAE,CAAC;QAChD,GAAG,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,WAAW,EAAE,CAAC;KAC/C,CAAA;AACH,CAAC;AAED,SAAS,mBAAmB;IAC1B,OAAO,MAAM,EAAE,OAAO,EAAE,gBAAgB,CAAA;AAC1C,CAAC;AAED,SAAS,sBAAsB;IAC7B,OAAO,MAAM,EAAE,OAAO,EAAE,mBAAmB,CAAA;AAC7C,CAAC;AAED,SAAS,oBAAoB;IAC3B,OAAO,MAAM,EAAE,OAAO,EAAE,iBAAiB,CAAA;AAC3C,CAAC;AAED,SAAS,mBAAmB;IAC1B,OAAO,MAAM,EAAE,gBAAgB,CAAA;AACjC,CAAC;AAED,SAAS,4BAA4B;IACnC,OAAO,MAAM,EAAE,yBAAyB,CAAA;AAC1C,CAAC;AAED,SAAS,gBAAgB;IACvB,OAAO,MAAM,EAAE,OAAO,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;AAC7C,CAAC;AAED,SAAS,YAAY;IACnB,OAAO,cAAc,EAAE,aAAa,CAAA;AACtC,CAAC;AAED,SAAS,iBAAiB;IACxB,OAAO,cAAc,EAAE,cAAc,CAAA;AACvC,CAAC;AAED,SAAS,sBAAsB;IAC7B,OAAO,cAAc,EAAE,WAAW,EAAE,cAAc,CAAA;AACpD,CAAC;AAED,SAAS,uBAAuB;IAC9B,OAAO,cAAc,EAAE,WAAW,EAAE,eAAe,CAAA;AACrD,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,4BAA4B;IACzC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,KAAK,CAAA;IACd,CAAC;IACD,IAAI,qBAAqB,EAAE,CAAC;QAC1B,IAAI,CAAC;YACH,MAAM,qBAAqB,CAAA;YAC3B,OAAO,IAAI,CAAA;QACb,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IACD,OAAO,cAAc,KAAK,SAAS,CAAA;AACrC,CAAC;AAED,KAAK,UAAU,eAAe,CAC5B,OAAe,EACf,QAAiB;IAEjB,qCAAqC;IACrC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAA;IAE9B,kCAAkC;IAClC,MAAM,4BAA4B,EAAE,CAAA;IAEpC,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,OAAO;YACV,OAAO,MAAM,2BAA2B,CAAC;gBACvC,OAAO;gBACP,aAAa,EAAE,YAAY,EAAE;gBAC7B,cAAc,EAAE,iBAAiB,EAAE;gBACnC,UAAU,EAAE,eAAe,EAAE;gBAC7B,WAAW,EAAE,gBAAgB,EAAE;gBAC/B,uBAAuB,EAAE,IAAI;gBAC7B,gBAAgB,EAAE,mBAAmB,EAAE;gBACvC,mBAAmB,EAAE,sBAAsB,EAAE;gBAC7C,iBAAiB,EAAE,oBAAoB,EAAE;gBACzC,gBAAgB,EAAE,mBAAmB,EAAE;gBACvC,QAAQ;gBACR,aAAa,EAAE,gBAAgB,EAAE;aAClC,CAAC,CAAA;QAEJ,KAAK,OAAO;YACV,OAAO,2BAA2B,CAAC;gBACjC,OAAO;gBACP,sBAAsB,EAAE,IAAI;gBAC5B,yBAAyB,EAAE,IAAI;gBAC/B,cAAc,EAAE,sBAAsB,EAAE;gBACxC,eAAe,EAAE,uBAAuB,EAAE;gBAC1C,aAAa,EAAE,cAAc,EAAE,aAAa;gBAC5C,cAAc,EAAE,cAAc,EAAE,cAAc;gBAC9C,UAAU,EAAE,eAAe,EAAE;gBAC7B,WAAW,EAAE,gBAAgB,EAAE;gBAC/B,yBAAyB,EAAE,4BAA4B,EAAE;gBACzD,mBAAmB,EAAE,sBAAsB,EAAE;gBAC7C,QAAQ;gBACR,aAAa,EAAE,gBAAgB,EAAE;aAClC,CAAC,CAAA;QAEJ;YACE,oGAAoG;YACpG,MAAM,IAAI,KAAK,CACb,uDAAuD,QAAQ,EAAE,CAClE,CAAA;IACL,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAS,SAAS;IAChB,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;;GAGG;AACH,SAAS,YAAY,CAAC,SAA+B;IACnD,2CAA2C;IAC3C,MAAM,GAAG,SAAS,CAAC,SAAS,CAAC,CAAA;IAC7B,eAAe,CAAC,+BAA+B,CAAC,CAAA;AAClD,CAAC;AAED,KAAK,UAAU,KAAK;IAClB,mBAAmB;IACnB,IAAI,kBAAkB,EAAE,CAAC;QACvB,kBAAkB,EAAE,CAAA;QACpB,kBAAkB,GAAG,SAAS,CAAA;IAChC,CAAC;IAED,IAAI,cAAc,EAAE,WAAW,EAAE,CAAC;QAChC,MAAM,EACJ,cAAc,EACd,eAAe,EACf,iBAAiB,EACjB,kBAAkB,GACnB,GAAG,cAAc,CAAC,WAAW,CAAA;QAE9B,yCAAyC;QACzC,MAAM,YAAY,GAAoB,EAAE,CAAA;QAExC,2CAA2C;QAC3C,IAAI,iBAAiB,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;YACvD,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gBAC9C,eAAe,CAAC,qCAAqC,CAAC,CAAA;gBAEtD,2BAA2B;gBAC3B,YAAY,CAAC,IAAI,CACf,IAAI,OAAO,CAAO,OAAO,CAAC,EAAE;oBAC1B,iBAAiB,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE;wBAClC,eAAe,CAAC,4BAA4B,CAAC,CAAA;wBAC7C,OAAO,EAAE,CAAA;oBACX,CAAC,CAAC,CAAA;oBACF,0BAA0B;oBAC1B,UAAU,CAAC,GAAG,EAAE;wBACd,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;4BAC9B,eAAe,CAAC,2CAA2C,EAAE;gCAC3D,KAAK,EAAE,MAAM;6BACd,CAAC,CAAA;4BACF,IAAI,CAAC;gCACH,IAAI,iBAAiB,CAAC,GAAG,EAAE,CAAC;oCAC1B,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gCAChD,CAAC;4BACH,CAAC;4BAAC,MAAM,CAAC;gCACP,kCAAkC;4BACpC,CAAC;wBACH,CAAC;wBACD,OAAO,EAAE,CAAA;oBACX,CAAC,EAAE,IAAI,CAAC,CAAA;gBACV,CAAC,CAAC,CACH,CAAA;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAK,GAA6B,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;oBACpD,eAAe,CAAC,8BAA8B,GAAG,EAAE,EAAE;wBACnD,KAAK,EAAE,OAAO;qBACf,CAAC,CAAA;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,4CAA4C;QAC5C,IAAI,kBAAkB,CAAC,GAAG,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,CAAC;YACzD,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gBAC/C,eAAe,CAAC,sCAAsC,CAAC,CAAA;gBAEvD,2BAA2B;gBAC3B,YAAY,CAAC,IAAI,CACf,IAAI,OAAO,CAAO,OAAO,CAAC,EAAE;oBAC1B,kBAAkB,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE;wBACnC,eAAe,CAAC,6BAA6B,CAAC,CAAA;wBAC9C,OAAO,EAAE,CAAA;oBACX,CAAC,CAAC,CAAA;oBACF,0BAA0B;oBAC1B,UAAU,CAAC,GAAG,EAAE;wBACd,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,CAAC;4BAC/B,eAAe,CAAC,4CAA4C,EAAE;gCAC5D,KAAK,EAAE,MAAM;6BACd,CAAC,CAAA;4BACF,IAAI,CAAC;gCACH,IAAI,kBAAkB,CAAC,GAAG,EAAE,CAAC;oCAC3B,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gCACjD,CAAC;4BACH,CAAC;4BAAC,MAAM,CAAC;gCACP,kCAAkC;4BACpC,CAAC;wBACH,CAAC;wBACD,OAAO,EAAE,CAAA;oBACX,CAAC,EAAE,IAAI,CAAC,CAAA;gBACV,CAAC,CAAC,CACH,CAAA;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAK,GAA6B,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;oBACpD,eAAe,CAAC,+BAA+B,GAAG,EAAE,EAAE;wBACpD,KAAK,EAAE,OAAO;qBACf,CAAC,CAAA;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,kCAAkC;QAClC,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;QAE/B,mBAAmB;QACnB,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,CAAC;gBACH,EAAE,CAAC,MAAM,CAAC,cAAc,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAA;gBAC1C,eAAe,CAAC,wBAAwB,CAAC,CAAA;YAC3C,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,eAAe,CAAC,8BAA8B,GAAG,EAAE,EAAE;oBACnD,KAAK,EAAE,OAAO;iBACf,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,IAAI,eAAe,EAAE,CAAC;YACpB,IAAI,CAAC;gBACH,EAAE,CAAC,MAAM,CAAC,eAAe,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAA;gBAC3C,eAAe,CAAC,yBAAyB,CAAC,CAAA;YAC5C,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,eAAe,CAAC,+BAA+B,GAAG,EAAE,EAAE;oBACpD,KAAK,EAAE,OAAO;iBACf,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,2EAA2E;IAC3E,MAAM,aAAa,GAAoB,EAAE,CAAA;IAEzC,IAAI,eAAe,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,eAAe,CAAA,CAAC,8CAA8C;QAC7E,MAAM,SAAS,GAAG,IAAI,OAAO,CAAO,OAAO,CAAC,EAAE;YAC5C,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE;gBACnB,IAAI,KAAK,IAAI,KAAK,CAAC,OAAO,KAAK,wBAAwB,EAAE,CAAC;oBACxD,eAAe,CAAC,oCAAoC,KAAK,CAAC,OAAO,EAAE,EAAE;wBACnE,KAAK,EAAE,OAAO;qBACf,CAAC,CAAA;gBACJ,CAAC;gBACD,OAAO,EAAE,CAAA;YACX,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QACF,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;IAC/B,CAAC;IAED,IAAI,gBAAgB,EAAE,CAAC;QACrB,MAAM,UAAU,GAAG,gBAAgB,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,CAAC,KAAY,EAAE,EAAE;YACjE,eAAe,CAAC,qCAAqC,KAAK,CAAC,OAAO,EAAE,EAAE;gBACpE,KAAK,EAAE,OAAO;aACf,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QACF,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IAChC,CAAC;IAED,gCAAgC;IAChC,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;IAEhC,mBAAmB;IACnB,eAAe,GAAG,SAAS,CAAA;IAC3B,gBAAgB,GAAG,SAAS,CAAA;IAC5B,cAAc,GAAG,SAAS,CAAA;IAC1B,qBAAqB,GAAG,SAAS,CAAA;AACnC,CAAC;AAED,SAAS,wBAAwB;IAC/B,OAAO,qBAAqB,CAAA;AAC9B,CAAC;AAED,SAAS,iCAAiC,CACxC,OAAe,EACf,MAAc;IAEd,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,MAAM,CAAA;IACf,CAAC;IAED,MAAM,UAAU,GAAG,qBAAqB,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAA;IACzE,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,MAAM,CAAA;IACf,CAAC;IAED,IAAI,SAAS,GAAG,MAAM,CAAA;IACtB,SAAS,IAAI,GAAG,GAAG,sBAAsB,GAAG,GAAG,CAAA;IAC/C,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,SAAS,IAAI,SAAS,CAAC,IAAI,GAAG,GAAG,CAAA;IACnC,CAAC;IACD,SAAS,IAAI,uBAAuB,CAAA;IAEpC,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;GAMG;AACH,SAAS,2BAA2B;IAClC,qBAAqB;IACrB,oDAAoD;IACpD,IAAI,WAAW,EAAE,KAAK,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;QACzC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,MAAM,YAAY,GAAa,EAAE,CAAA;IAEjC,2CAA2C;IAC3C,MAAM,QAAQ,GAAG;QACf,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ;QAC7B,GAAG,MAAM,CAAC,UAAU,CAAC,UAAU;QAC/B,GAAG,MAAM,CAAC,UAAU,CAAC,SAAS;KAC/B,CAAA;IAED,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,qFAAqF;QACrF,MAAM,uBAAuB,GAAG,wBAAwB,CAAC,IAAI,CAAC,CAAA;QAE9D,2EAA2E;QAC3E,IAAI,iBAAiB,CAAC,uBAAuB,CAAC,EAAE,CAAC;YAC/C,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAA;AACrB,CAAC;AAyCD,+EAA+E;AAC/E,qCAAqC;AACrC,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,CAAC,MAAM,cAAc,GAAoB;IAC7C,UAAU;IACV,mBAAmB;IACnB,mBAAmB;IACnB,iBAAiB;IACjB,eAAe;IACf,gBAAgB;IAChB,2BAA2B;IAC3B,mBAAmB;IACnB,oBAAoB;IACpB,4BAA4B;IAC5B,YAAY;IACZ,iBAAiB;IACjB,sBAAsB;IACtB,uBAAuB;IACvB,4BAA4B;IAC5B,eAAe;IACf,KAAK;IACL,wBAAwB;IACxB,iCAAiC;IACjC,2BAA2B;IAC3B,SAAS;IACT,YAAY;CACJ,CAAA"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@anthropic-ai/sandbox-runtime",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.10",
|
|
4
4
|
"description": "Anthropic Sandbox Runtime (ASRT) - A general-purpose tool for wrapping security boundaries around arbitrary processes",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -23,7 +23,8 @@
|
|
|
23
23
|
"lint": "eslint 'src/**/*.ts' --fix --cache --cache-location=node_modules/.cache/.eslintcache",
|
|
24
24
|
"lint:check": "eslint 'src/**/*.ts' --cache --cache-location=node_modules/.cache/.eslintcache",
|
|
25
25
|
"format": "prettier --write 'src/**/*.ts' --cache --log-level warn",
|
|
26
|
-
"prepublishOnly": "npm run clean && npm run build"
|
|
26
|
+
"prepublishOnly": "npm run clean && npm run build",
|
|
27
|
+
"prepare": "husky"
|
|
27
28
|
},
|
|
28
29
|
"dependencies": {
|
|
29
30
|
"@pondwader/socks5-server": "^1.0.10",
|
|
@@ -44,6 +45,8 @@
|
|
|
44
45
|
"eslint-plugin-n": "^17.16.2",
|
|
45
46
|
"eslint-plugin-prettier": "^5.1.3",
|
|
46
47
|
"globals": "^15.12.0",
|
|
48
|
+
"husky": "^9.1.7",
|
|
49
|
+
"lint-staged": "^16.2.6",
|
|
47
50
|
"prettier": "3.3.3",
|
|
48
51
|
"typescript": "^5.6.3",
|
|
49
52
|
"typescript-eslint": "^8.13.0"
|
|
@@ -74,5 +77,11 @@
|
|
|
74
77
|
"bugs": {
|
|
75
78
|
"url": "https://github.com/anthropic-experimental/sandbox-runtime/issues"
|
|
76
79
|
},
|
|
77
|
-
"homepage": "https://github.com/anthropic-experimental/sandbox-runtime#readme"
|
|
80
|
+
"homepage": "https://github.com/anthropic-experimental/sandbox-runtime#readme",
|
|
81
|
+
"lint-staged": {
|
|
82
|
+
"*.ts": [
|
|
83
|
+
"eslint --fix --cache --cache-location=node_modules/.cache/.eslintcache",
|
|
84
|
+
"prettier --write"
|
|
85
|
+
]
|
|
86
|
+
}
|
|
78
87
|
}
|
|
@@ -1,82 +0,0 @@
|
|
|
1
|
-
import type { FsReadRestrictionConfig, FsWriteRestrictionConfig } from './sandbox-schemas.js';
|
|
2
|
-
export interface WindowsSandboxParams {
|
|
3
|
-
command: string;
|
|
4
|
-
hasNetworkRestrictions: boolean;
|
|
5
|
-
hasFilesystemRestrictions: boolean;
|
|
6
|
-
httpProxyPort?: number;
|
|
7
|
-
socksProxyPort?: number;
|
|
8
|
-
readConfig?: FsReadRestrictionConfig;
|
|
9
|
-
writeConfig?: FsWriteRestrictionConfig;
|
|
10
|
-
binShell?: string;
|
|
11
|
-
ripgrepConfig?: {
|
|
12
|
-
command: string;
|
|
13
|
-
args?: string[];
|
|
14
|
-
};
|
|
15
|
-
}
|
|
16
|
-
/**
|
|
17
|
-
* Check if Windows sandbox dependencies are available (synchronous)
|
|
18
|
-
* Returns true if PowerShell is available and we can execute AppContainer commands.
|
|
19
|
-
*
|
|
20
|
-
* NOTE: Full AppContainer support requires:
|
|
21
|
-
* - Windows 8 or later
|
|
22
|
-
* - Administrator privileges (for creating AppContainer profiles)
|
|
23
|
-
* - PowerShell 5.0 or later
|
|
24
|
-
*
|
|
25
|
-
* This check verifies PowerShell is available. Additional runtime checks
|
|
26
|
-
* may be needed for AppContainer profile creation permissions.
|
|
27
|
-
*/
|
|
28
|
-
export declare function hasWindowsSandboxDependenciesSync(): boolean;
|
|
29
|
-
/**
|
|
30
|
-
* Wrap a command with Windows AppContainer sandboxing
|
|
31
|
-
*
|
|
32
|
-
* ARCHITECTURE:
|
|
33
|
-
* Windows sandboxing uses AppContainer, which provides:
|
|
34
|
-
* - Process isolation with restricted token
|
|
35
|
-
* - Capability-based access control
|
|
36
|
-
* - Network isolation via Windows Filtering Platform (WFP)
|
|
37
|
-
*
|
|
38
|
-
* IMPLEMENTATION NOTES:
|
|
39
|
-
* This is a foundational implementation that demonstrates the approach.
|
|
40
|
-
* Production-ready Windows sandboxing requires:
|
|
41
|
-
*
|
|
42
|
-
* 1. Native addon (C++/C#) for proper Win32 API access:
|
|
43
|
-
* - CreateAppContainerProfile()
|
|
44
|
-
* - DeriveAppContainerSidFromAppContainerName()
|
|
45
|
-
* - CreateProcessAsUser() with PROC_THREAD_ATTRIBUTE_SECURITY_CAPABILITIES
|
|
46
|
-
*
|
|
47
|
-
* 2. Fine-grained filesystem control:
|
|
48
|
-
* - Set ACLs on specific files/directories
|
|
49
|
-
* - Use Windows Integrity Levels
|
|
50
|
-
* - Combine with AppContainer capabilities
|
|
51
|
-
*
|
|
52
|
-
* 3. Network filtering:
|
|
53
|
-
* - Windows Filtering Platform (WFP) for packet-level control
|
|
54
|
-
* - Proper firewall rule scoping to AppContainer SID
|
|
55
|
-
*
|
|
56
|
-
* 4. Path translation:
|
|
57
|
-
* - Handle Windows path formats (C:\, UNC paths)
|
|
58
|
-
* - Translate Cygwin/MSYS2 paths if using Git Bash
|
|
59
|
-
*
|
|
60
|
-
* CURRENT LIMITATIONS:
|
|
61
|
-
* - Requires Administrator privileges
|
|
62
|
-
* - Filesystem restrictions are coarse-grained
|
|
63
|
-
* - Network restrictions rely on proxy environment variables (can be bypassed)
|
|
64
|
-
* - No violation monitoring like macOS sandbox log
|
|
65
|
-
*
|
|
66
|
-
* See:
|
|
67
|
-
* - https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation
|
|
68
|
-
* - https://learn.microsoft.com/en-us/windows/win32/api/userenv/nf-userenv-createappcontainerprofile
|
|
69
|
-
*/
|
|
70
|
-
export declare function wrapCommandWithSandboxWindows(params: WindowsSandboxParams): string;
|
|
71
|
-
/**
|
|
72
|
-
* Cleanup function for Windows sandbox resources
|
|
73
|
-
*
|
|
74
|
-
* Should be called on process exit to:
|
|
75
|
-
* - Delete AppContainer profiles
|
|
76
|
-
* - Remove firewall rules
|
|
77
|
-
* - Clean up any temporary files
|
|
78
|
-
*
|
|
79
|
-
* TODO: Implement when native AppContainer support is added
|
|
80
|
-
*/
|
|
81
|
-
export declare function cleanupWindowsSandbox(profileName: string): void;
|
|
82
|
-
//# sourceMappingURL=windows-sandbox-utils.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"windows-sandbox-utils.d.ts","sourceRoot":"","sources":["../../src/sandbox/windows-sandbox-utils.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EACV,uBAAuB,EACvB,wBAAwB,EACzB,MAAM,sBAAsB,CAAA;AAE7B,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,MAAM,CAAA;IACf,sBAAsB,EAAE,OAAO,CAAA;IAC/B,yBAAyB,EAAE,OAAO,CAAA;IAClC,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,UAAU,CAAC,EAAE,uBAAuB,CAAA;IACpC,WAAW,CAAC,EAAE,wBAAwB,CAAA;IACtC,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,aAAa,CAAC,EAAE;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAA;CACrD;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,iCAAiC,IAAI,OAAO,CAyB3D;AAoHD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AACH,wBAAgB,6BAA6B,CAC3C,MAAM,EAAE,oBAAoB,GAC3B,MAAM,CA+FR;AAED;;;;;;;;;GASG;AACH,wBAAgB,qBAAqB,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI,CAM/D"}
|
|
@@ -1,270 +0,0 @@
|
|
|
1
|
-
import shellquote from 'shell-quote';
|
|
2
|
-
import { logForDebugging } from '../utils/debug.js';
|
|
3
|
-
import { spawnSync } from 'node:child_process';
|
|
4
|
-
import { randomBytes } from 'node:crypto';
|
|
5
|
-
import { generateProxyEnvVars } from './sandbox-utils.js';
|
|
6
|
-
/**
|
|
7
|
-
* Check if Windows sandbox dependencies are available (synchronous)
|
|
8
|
-
* Returns true if PowerShell is available and we can execute AppContainer commands.
|
|
9
|
-
*
|
|
10
|
-
* NOTE: Full AppContainer support requires:
|
|
11
|
-
* - Windows 8 or later
|
|
12
|
-
* - Administrator privileges (for creating AppContainer profiles)
|
|
13
|
-
* - PowerShell 5.0 or later
|
|
14
|
-
*
|
|
15
|
-
* This check verifies PowerShell is available. Additional runtime checks
|
|
16
|
-
* may be needed for AppContainer profile creation permissions.
|
|
17
|
-
*/
|
|
18
|
-
export function hasWindowsSandboxDependenciesSync() {
|
|
19
|
-
try {
|
|
20
|
-
// Check if PowerShell is available
|
|
21
|
-
const pwshResult = spawnSync('where.exe', ['powershell.exe'], {
|
|
22
|
-
stdio: 'ignore',
|
|
23
|
-
timeout: 1000,
|
|
24
|
-
});
|
|
25
|
-
if (pwshResult.status !== 0) {
|
|
26
|
-
logForDebugging('[Sandbox Windows] PowerShell not found - sandboxing disabled', { level: 'warn' });
|
|
27
|
-
return false;
|
|
28
|
-
}
|
|
29
|
-
// TODO: Add additional checks:
|
|
30
|
-
// - Windows version >= 8
|
|
31
|
-
// - Check if running with sufficient privileges
|
|
32
|
-
// - Test AppContainer profile creation/deletion
|
|
33
|
-
return true;
|
|
34
|
-
}
|
|
35
|
-
catch {
|
|
36
|
-
return false;
|
|
37
|
-
}
|
|
38
|
-
}
|
|
39
|
-
/**
|
|
40
|
-
* TODO: Generate Windows AppContainer capability list based on filesystem restrictions
|
|
41
|
-
*
|
|
42
|
-
* AppContainer capabilities determine what resources the sandboxed process can access.
|
|
43
|
-
* See: https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-capabilities
|
|
44
|
-
*
|
|
45
|
-
* Common capabilities:
|
|
46
|
-
* - internetClient: Access to internet
|
|
47
|
-
* - internetClientServer: Act as network server
|
|
48
|
-
* - privateNetworkClientServer: Access to private networks
|
|
49
|
-
* - documentsLibrary, picturesLibrary, videosLibrary, musicLibrary: Access to user libraries
|
|
50
|
-
*
|
|
51
|
-
* LIMITATION: Windows AppContainer capabilities are coarse-grained compared to
|
|
52
|
-
* Unix file permissions. Fine-grained path restrictions require ACL manipulation
|
|
53
|
-
* in addition to AppContainer capabilities.
|
|
54
|
-
*
|
|
55
|
-
* This function will be implemented when full AppContainer support is added.
|
|
56
|
-
*/
|
|
57
|
-
/**
|
|
58
|
-
* Generate PowerShell script to create/get AppContainer profile
|
|
59
|
-
*
|
|
60
|
-
* AppContainer profiles are persistent and identified by name.
|
|
61
|
-
* We create one profile per sandbox session (using random ID) and clean it up after use.
|
|
62
|
-
*
|
|
63
|
-
* NOTE: This approach requires Administrator privileges on Windows.
|
|
64
|
-
* Production implementation should consider:
|
|
65
|
-
* - Reusing a single long-lived profile
|
|
66
|
-
* - Handling profile creation failures gracefully
|
|
67
|
-
* - Cleanup on process exit
|
|
68
|
-
*/
|
|
69
|
-
function generateAppContainerProfileScript(profileName) {
|
|
70
|
-
// PowerShell script to create an AppContainer profile
|
|
71
|
-
// This uses the Windows.Security.Isolation.IsolatedWindowsEnvironment APIs
|
|
72
|
-
//
|
|
73
|
-
// IMPORTANT: This is a simplified example. Production implementation needs:
|
|
74
|
-
// 1. Error handling for profile creation
|
|
75
|
-
// 2. Proper SID management
|
|
76
|
-
// 3. Cleanup on exit
|
|
77
|
-
// 4. Handle existing profiles
|
|
78
|
-
return `
|
|
79
|
-
$profileName = "${profileName}"
|
|
80
|
-
|
|
81
|
-
# Try to create new AppContainer profile
|
|
82
|
-
# This requires Administrator privileges
|
|
83
|
-
try {
|
|
84
|
-
Add-Type -AssemblyName System.Security
|
|
85
|
-
|
|
86
|
-
# Check if profile already exists by trying to derive its SID
|
|
87
|
-
try {
|
|
88
|
-
$sid = [System.Security.Principal.AppContainerSid]::new($profileName)
|
|
89
|
-
Write-Host "AppContainer profile already exists: $profileName"
|
|
90
|
-
} catch {
|
|
91
|
-
Write-Host "Creating new AppContainer profile: $profileName"
|
|
92
|
-
# Note: Actual profile creation requires calling Win32 APIs
|
|
93
|
-
# This is a placeholder - real implementation would use:
|
|
94
|
-
# - CreateAppContainerProfile() Win32 API
|
|
95
|
-
# - Or New-IsolatedWindowsEnvironment cmdlet (Windows 10+)
|
|
96
|
-
throw "AppContainer profile creation not yet fully implemented. This requires native Win32 API calls."
|
|
97
|
-
}
|
|
98
|
-
} catch {
|
|
99
|
-
Write-Error "Failed to create AppContainer profile: $_"
|
|
100
|
-
exit 1
|
|
101
|
-
}
|
|
102
|
-
`.trim();
|
|
103
|
-
}
|
|
104
|
-
/**
|
|
105
|
-
* Generate PowerShell script to configure Windows Firewall rules for the sandbox
|
|
106
|
-
*
|
|
107
|
-
* This restricts network access to only:
|
|
108
|
-
* 1. Localhost connections (for proxy communication)
|
|
109
|
-
* 2. Specific ports (HTTP proxy, SOCKS proxy)
|
|
110
|
-
*
|
|
111
|
-
* ARCHITECTURE:
|
|
112
|
-
* - Create temporary firewall rule scoped to the AppContainer SID
|
|
113
|
-
* - Allow outbound to localhost:httpProxyPort and localhost:socksProxyPort
|
|
114
|
-
* - Block all other outbound connections
|
|
115
|
-
* - Remove rule on cleanup
|
|
116
|
-
*/
|
|
117
|
-
function generateFirewallRulesScript(profileName, httpProxyPort, socksProxyPort) {
|
|
118
|
-
const ruleName = `SandboxRuntime_${profileName}`;
|
|
119
|
-
return `
|
|
120
|
-
$ruleName = "${ruleName}"
|
|
121
|
-
|
|
122
|
-
# Create firewall rule to allow only localhost proxy connections
|
|
123
|
-
# This limits the AppContainer to communicating only with our proxy servers
|
|
124
|
-
|
|
125
|
-
try {
|
|
126
|
-
# Remove existing rule if present
|
|
127
|
-
Remove-NetFirewallRule -DisplayName $ruleName -ErrorAction SilentlyContinue
|
|
128
|
-
|
|
129
|
-
# Allow outbound to localhost on proxy ports
|
|
130
|
-
${httpProxyPort ? `New-NetFirewallRule -DisplayName "$ruleName-HTTP" -Direction Outbound -Action Allow -RemoteAddress 127.0.0.1 -RemotePort ${httpProxyPort} -Protocol TCP` : ''}
|
|
131
|
-
${socksProxyPort ? `New-NetFirewallRule -DisplayName "$ruleName-SOCKS" -Direction Outbound -Action Allow -RemoteAddress 127.0.0.1 -RemotePort ${socksProxyPort} -Protocol TCP` : ''}
|
|
132
|
-
|
|
133
|
-
# Block all other outbound connections for this AppContainer
|
|
134
|
-
# TODO: This requires AppContainer SID to properly scope the rule
|
|
135
|
-
# For now, we rely on proxy environment variables
|
|
136
|
-
|
|
137
|
-
Write-Host "Firewall rules configured for $ruleName"
|
|
138
|
-
} catch {
|
|
139
|
-
Write-Error "Failed to configure firewall rules: $_"
|
|
140
|
-
exit 1
|
|
141
|
-
}
|
|
142
|
-
`.trim();
|
|
143
|
-
}
|
|
144
|
-
/**
|
|
145
|
-
* Wrap a command with Windows AppContainer sandboxing
|
|
146
|
-
*
|
|
147
|
-
* ARCHITECTURE:
|
|
148
|
-
* Windows sandboxing uses AppContainer, which provides:
|
|
149
|
-
* - Process isolation with restricted token
|
|
150
|
-
* - Capability-based access control
|
|
151
|
-
* - Network isolation via Windows Filtering Platform (WFP)
|
|
152
|
-
*
|
|
153
|
-
* IMPLEMENTATION NOTES:
|
|
154
|
-
* This is a foundational implementation that demonstrates the approach.
|
|
155
|
-
* Production-ready Windows sandboxing requires:
|
|
156
|
-
*
|
|
157
|
-
* 1. Native addon (C++/C#) for proper Win32 API access:
|
|
158
|
-
* - CreateAppContainerProfile()
|
|
159
|
-
* - DeriveAppContainerSidFromAppContainerName()
|
|
160
|
-
* - CreateProcessAsUser() with PROC_THREAD_ATTRIBUTE_SECURITY_CAPABILITIES
|
|
161
|
-
*
|
|
162
|
-
* 2. Fine-grained filesystem control:
|
|
163
|
-
* - Set ACLs on specific files/directories
|
|
164
|
-
* - Use Windows Integrity Levels
|
|
165
|
-
* - Combine with AppContainer capabilities
|
|
166
|
-
*
|
|
167
|
-
* 3. Network filtering:
|
|
168
|
-
* - Windows Filtering Platform (WFP) for packet-level control
|
|
169
|
-
* - Proper firewall rule scoping to AppContainer SID
|
|
170
|
-
*
|
|
171
|
-
* 4. Path translation:
|
|
172
|
-
* - Handle Windows path formats (C:\, UNC paths)
|
|
173
|
-
* - Translate Cygwin/MSYS2 paths if using Git Bash
|
|
174
|
-
*
|
|
175
|
-
* CURRENT LIMITATIONS:
|
|
176
|
-
* - Requires Administrator privileges
|
|
177
|
-
* - Filesystem restrictions are coarse-grained
|
|
178
|
-
* - Network restrictions rely on proxy environment variables (can be bypassed)
|
|
179
|
-
* - No violation monitoring like macOS sandbox log
|
|
180
|
-
*
|
|
181
|
-
* See:
|
|
182
|
-
* - https://learn.microsoft.com/en-us/windows/win32/secauthz/appcontainer-isolation
|
|
183
|
-
* - https://learn.microsoft.com/en-us/windows/win32/api/userenv/nf-userenv-createappcontainerprofile
|
|
184
|
-
*/
|
|
185
|
-
export function wrapCommandWithSandboxWindows(params) {
|
|
186
|
-
const { command, hasNetworkRestrictions, hasFilesystemRestrictions, httpProxyPort, socksProxyPort, readConfig: _readConfig, writeConfig: _writeConfig, binShell, } = params;
|
|
187
|
-
// If no restrictions, return command as-is
|
|
188
|
-
if (!hasNetworkRestrictions && !hasFilesystemRestrictions) {
|
|
189
|
-
return command;
|
|
190
|
-
}
|
|
191
|
-
// Generate unique profile name for this sandbox session
|
|
192
|
-
const profileId = randomBytes(8).toString('hex');
|
|
193
|
-
const profileName = `SandboxRuntime_${profileId}`;
|
|
194
|
-
// Default to bash (from Git for Windows)
|
|
195
|
-
// On Windows, this is typically: C:\Program Files\Git\bin\bash.exe
|
|
196
|
-
const shellPath = binShell || 'bash';
|
|
197
|
-
logForDebugging(`[Sandbox Windows] Creating AppContainer profile: ${profileName}`);
|
|
198
|
-
logForDebugging(`[Sandbox Windows] Using shell: ${shellPath}`);
|
|
199
|
-
// Generate proxy environment variables
|
|
200
|
-
let envVars = '';
|
|
201
|
-
if (hasNetworkRestrictions && httpProxyPort && socksProxyPort) {
|
|
202
|
-
const proxyEnv = generateProxyEnvVars(httpProxyPort, socksProxyPort);
|
|
203
|
-
// Convert to PowerShell environment variable format
|
|
204
|
-
envVars = proxyEnv
|
|
205
|
-
.map(env => {
|
|
206
|
-
const [key, value] = env.split('=');
|
|
207
|
-
return `$env:${key}="${value}"`;
|
|
208
|
-
})
|
|
209
|
-
.join('; ');
|
|
210
|
-
}
|
|
211
|
-
// IMPORTANT: This is a placeholder implementation
|
|
212
|
-
// Real AppContainer execution requires Win32 API calls that cannot be easily
|
|
213
|
-
// done from PowerShell. Options:
|
|
214
|
-
//
|
|
215
|
-
// 1. Create a native Node.js addon using N-API
|
|
216
|
-
// 2. Create a standalone .exe helper tool (like apply-seccomp on Linux)
|
|
217
|
-
// 3. Use PowerShell with Add-Type to compile C# code that calls Win32 APIs
|
|
218
|
-
//
|
|
219
|
-
// For now, we return a command that:
|
|
220
|
-
// - Sets up proxy environment variables
|
|
221
|
-
// - Executes the shell
|
|
222
|
-
// - Logs a warning that full sandboxing is not yet implemented
|
|
223
|
-
logForDebugging('[Sandbox Windows] WARNING: Full AppContainer sandboxing is not yet implemented. ' +
|
|
224
|
-
'This requires native Win32 API integration. Currently only applying proxy environment variables.', { level: 'warn' });
|
|
225
|
-
// Generate the profile creation script (for future implementation)
|
|
226
|
-
const profileScript = generateAppContainerProfileScript(profileName);
|
|
227
|
-
const firewallScript = hasNetworkRestrictions
|
|
228
|
-
? generateFirewallRulesScript(profileName, httpProxyPort, socksProxyPort)
|
|
229
|
-
: '';
|
|
230
|
-
// Log the scripts that would be used in full implementation
|
|
231
|
-
logForDebugging('[Sandbox Windows] Profile creation script:');
|
|
232
|
-
logForDebugging(profileScript);
|
|
233
|
-
if (firewallScript) {
|
|
234
|
-
logForDebugging('[Sandbox Windows] Firewall rules script:');
|
|
235
|
-
logForDebugging(firewallScript);
|
|
236
|
-
}
|
|
237
|
-
// For now, just wrap with environment variables
|
|
238
|
-
// The shell (bash.exe from Git for Windows) will respect these
|
|
239
|
-
const wrappedCommand = envVars
|
|
240
|
-
? `${shellPath} -c ${shellquote.quote([`${envVars}; ${command}`])}`
|
|
241
|
-
: command;
|
|
242
|
-
logForDebugging(`[Sandbox Windows] Wrapped command: ${wrappedCommand}`);
|
|
243
|
-
// TODO: Return actual AppContainer-wrapped command when native implementation is ready
|
|
244
|
-
// Format would be something like:
|
|
245
|
-
// return `sandboxed-exec.exe --profile ${profileName} --shell "${shellPath}" --command ${shellquote.quote([command])}`
|
|
246
|
-
//
|
|
247
|
-
// Where sandboxed-exec.exe is a native helper that:
|
|
248
|
-
// 1. Creates/loads AppContainer profile
|
|
249
|
-
// 2. Sets up firewall rules
|
|
250
|
-
// 3. Calls CreateProcessAsUser() with AppContainer token
|
|
251
|
-
// 4. Cleans up on exit
|
|
252
|
-
return wrappedCommand;
|
|
253
|
-
}
|
|
254
|
-
/**
|
|
255
|
-
* Cleanup function for Windows sandbox resources
|
|
256
|
-
*
|
|
257
|
-
* Should be called on process exit to:
|
|
258
|
-
* - Delete AppContainer profiles
|
|
259
|
-
* - Remove firewall rules
|
|
260
|
-
* - Clean up any temporary files
|
|
261
|
-
*
|
|
262
|
-
* TODO: Implement when native AppContainer support is added
|
|
263
|
-
*/
|
|
264
|
-
export function cleanupWindowsSandbox(profileName) {
|
|
265
|
-
logForDebugging(`[Sandbox Windows] Cleanup for profile: ${profileName}`);
|
|
266
|
-
// TODO: Implement cleanup
|
|
267
|
-
// - DeleteAppContainerProfile()
|
|
268
|
-
// - Remove-NetFirewallRule
|
|
269
|
-
}
|
|
270
|
-
//# sourceMappingURL=windows-sandbox-utils.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"windows-sandbox-utils.js","sourceRoot":"","sources":["../../src/sandbox/windows-sandbox-utils.ts"],"names":[],"mappings":"AAAA,OAAO,UAAU,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AACzC,OAAO,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAA;AAkBzD;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,iCAAiC;IAC/C,IAAI,CAAC;QACH,mCAAmC;QACnC,MAAM,UAAU,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC,gBAAgB,CAAC,EAAE;YAC5D,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,IAAI;SACd,CAAC,CAAA;QAEF,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5B,eAAe,CACb,8DAA8D,EAC9D,EAAE,KAAK,EAAE,MAAM,EAAE,CAClB,CAAA;YACD,OAAO,KAAK,CAAA;QACd,CAAC;QAED,+BAA+B;QAC/B,yBAAyB;QACzB,gDAAgD;QAChD,gDAAgD;QAEhD,OAAO,IAAI,CAAA;IACb,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AAEH;;;;;;;;;;;GAWG;AACH,SAAS,iCAAiC,CAAC,WAAmB;IAC5D,sDAAsD;IACtD,2EAA2E;IAC3E,EAAE;IACF,4EAA4E;IAC5E,yCAAyC;IACzC,2BAA2B;IAC3B,qBAAqB;IACrB,8BAA8B;IAE9B,OAAO;kBACS,WAAW;;;;;;;;;;;;;;;;;;;;;;;CAuB5B,CAAC,IAAI,EAAE,CAAA;AACR,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,SAAS,2BAA2B,CAClC,WAAmB,EACnB,aAAsB,EACtB,cAAuB;IAEvB,MAAM,QAAQ,GAAG,kBAAkB,WAAW,EAAE,CAAA;IAEhD,OAAO;eACM,QAAQ;;;;;;;;;;IAUnB,aAAa,CAAC,CAAC,CAAC,4HAA4H,aAAa,gBAAgB,CAAC,CAAC,CAAC,EAAE;IAC9K,cAAc,CAAC,CAAC,CAAC,6HAA6H,cAAc,gBAAgB,CAAC,CAAC,CAAC,EAAE;;;;;;;;;;;CAWpL,CAAC,IAAI,EAAE,CAAA;AACR,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AACH,MAAM,UAAU,6BAA6B,CAC3C,MAA4B;IAE5B,MAAM,EACJ,OAAO,EACP,sBAAsB,EACtB,yBAAyB,EACzB,aAAa,EACb,cAAc,EACd,UAAU,EAAE,WAAW,EACvB,WAAW,EAAE,YAAY,EACzB,QAAQ,GACT,GAAG,MAAM,CAAA;IAEV,2CAA2C;IAC3C,IAAI,CAAC,sBAAsB,IAAI,CAAC,yBAAyB,EAAE,CAAC;QAC1D,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,wDAAwD;IACxD,MAAM,SAAS,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAChD,MAAM,WAAW,GAAG,kBAAkB,SAAS,EAAE,CAAA;IAEjD,yCAAyC;IACzC,mEAAmE;IACnE,MAAM,SAAS,GAAG,QAAQ,IAAI,MAAM,CAAA;IAEpC,eAAe,CACb,oDAAoD,WAAW,EAAE,CAClE,CAAA;IACD,eAAe,CAAC,kCAAkC,SAAS,EAAE,CAAC,CAAA;IAE9D,uCAAuC;IACvC,IAAI,OAAO,GAAG,EAAE,CAAA;IAChB,IAAI,sBAAsB,IAAI,aAAa,IAAI,cAAc,EAAE,CAAC;QAC9D,MAAM,QAAQ,GAAG,oBAAoB,CAAC,aAAa,EAAE,cAAc,CAAC,CAAA;QACpE,oDAAoD;QACpD,OAAO,GAAG,QAAQ;aACf,GAAG,CAAC,GAAG,CAAC,EAAE;YACT,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YACnC,OAAO,QAAQ,GAAG,KAAK,KAAK,GAAG,CAAA;QACjC,CAAC,CAAC;aACD,IAAI,CAAC,IAAI,CAAC,CAAA;IACf,CAAC;IAED,kDAAkD;IAClD,6EAA6E;IAC7E,iCAAiC;IACjC,EAAE;IACF,+CAA+C;IAC/C,wEAAwE;IACxE,2EAA2E;IAC3E,EAAE;IACF,qCAAqC;IACrC,wCAAwC;IACxC,uBAAuB;IACvB,+DAA+D;IAE/D,eAAe,CACb,kFAAkF;QAChF,kGAAkG,EACpG,EAAE,KAAK,EAAE,MAAM,EAAE,CAClB,CAAA;IAED,mEAAmE;IACnE,MAAM,aAAa,GAAG,iCAAiC,CAAC,WAAW,CAAC,CAAA;IACpE,MAAM,cAAc,GAAG,sBAAsB;QAC3C,CAAC,CAAC,2BAA2B,CAAC,WAAW,EAAE,aAAa,EAAE,cAAc,CAAC;QACzE,CAAC,CAAC,EAAE,CAAA;IAEN,4DAA4D;IAC5D,eAAe,CAAC,4CAA4C,CAAC,CAAA;IAC7D,eAAe,CAAC,aAAa,CAAC,CAAA;IAC9B,IAAI,cAAc,EAAE,CAAC;QACnB,eAAe,CAAC,0CAA0C,CAAC,CAAA;QAC3D,eAAe,CAAC,cAAc,CAAC,CAAA;IACjC,CAAC;IAED,gDAAgD;IAChD,+DAA+D;IAC/D,MAAM,cAAc,GAAG,OAAO;QAC5B,CAAC,CAAC,GAAG,SAAS,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC,GAAG,OAAO,KAAK,OAAO,EAAE,CAAC,CAAC,EAAE;QACnE,CAAC,CAAC,OAAO,CAAA;IAEX,eAAe,CAAC,sCAAsC,cAAc,EAAE,CAAC,CAAA;IAEvE,uFAAuF;IACvF,kCAAkC;IAClC,uHAAuH;IACvH,EAAE;IACF,oDAAoD;IACpD,wCAAwC;IACxC,4BAA4B;IAC5B,yDAAyD;IACzD,uBAAuB;IAEvB,OAAO,cAAc,CAAA;AACvB,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,qBAAqB,CAAC,WAAmB;IACvD,eAAe,CAAC,0CAA0C,WAAW,EAAE,CAAC,CAAA;IAExE,0BAA0B;IAC1B,gCAAgC;IAChC,2BAA2B;AAC7B,CAAC"}
|