npm - @aria-cli/tools - Versions diffs - 1.0.19 → 1.0.31 - Mend

@aria-cli/tools 1.0.19 → 1.0.31

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (459) hide show

package/dist/.aria-build-stamp.json +1 -1
package/dist/ask-user-interaction.js +23 -0
package/dist/cache/web-cache.js +67 -0
package/dist/definitions/arion.js +105 -0
package/dist/definitions/browser/browser.js +419 -0
package/dist/definitions/browser/index.js +5 -0
package/dist/definitions/browser/pw-downloads.js +115 -0
package/dist/definitions/browser/pw-interactions.js +200 -0
package/dist/definitions/browser/pw-responses.js +77 -0
package/dist/definitions/browser/pw-session.js +311 -0
package/dist/definitions/browser/pw-shared.js +67 -0
package/dist/definitions/browser/pw-snapshot.js +302 -0
package/dist/definitions/browser/pw-state.js +63 -0
package/dist/definitions/browser/types.js +5 -0
package/dist/definitions/code-intelligence.js +471 -0
package/dist/definitions/core.js +110 -0
package/dist/definitions/delegation.js +513 -0
package/dist/definitions/deploy.js +66 -0
package/dist/definitions/filesystem.js +197 -0
package/dist/definitions/frg.js +64 -0
package/{dist-cjs/definitions/index.d.ts → dist/definitions/index.js} +2 -0
package/dist/definitions/memory.js +124 -0
package/dist/definitions/messaging.js +626 -0
package/dist/definitions/meta.js +350 -0
package/dist/definitions/network.js +160 -0
package/dist/definitions/outlook.js +278 -0
package/dist/definitions/patch/apply-patch.js +185 -0
package/dist/definitions/patch/fuzzy-match.js +167 -0
package/{dist-cjs/definitions/patch/index.d.ts → dist/definitions/patch/index.js} +1 -0
package/dist/definitions/patch/patch-parser.js +208 -0
package/dist/definitions/patch/sandbox-paths.js +106 -0
package/dist/definitions/process/index.js +5 -0
package/dist/definitions/process/process-registry.js +214 -0
package/dist/definitions/process/process.js +387 -0
package/dist/definitions/process/pty-keys.js +255 -0
package/dist/definitions/process/session-slug.js +143 -0
package/dist/definitions/quip.js +196 -0
package/dist/definitions/search.js +61 -0
package/dist/definitions/session-history.js +70 -0
package/dist/definitions/shell.js +182 -0
package/dist/definitions/slack.js +181 -0
package/dist/definitions/web.js +110 -0
package/dist/executors/apply-patch.js +902 -0
package/dist/executors/arion.js +120 -0
package/dist/executors/code-intelligence.js +883 -0
package/dist/executors/deploy.js +849 -0
package/dist/executors/filesystem.js +1119 -0
package/dist/executors/frg-freshness.js +577 -0
package/dist/executors/frg.js +299 -0
package/{dist-cjs/executors/index.d.ts → dist/executors/index.js} +22 -19
package/dist/executors/learning-meta.js +1147 -0
package/dist/executors/lsp-client.js +297 -0
package/dist/executors/memory.js +751 -0
package/dist/executors/meta.js +221 -0
package/dist/executors/process-registry.js +466 -0
package/dist/executors/pty-session-store.js +31 -0
package/dist/executors/pty.js +281 -0
package/dist/executors/restart.js +120 -0
package/dist/executors/search-freshness.js +196 -0
package/dist/executors/search-types.js +53 -0
package/dist/executors/search.js +67 -0
package/dist/executors/self-diagnose.js +399 -0
package/dist/executors/session-history.js +284 -0
package/dist/executors/shell-safety.js +474 -0
package/dist/executors/shell.js +955 -0
package/dist/executors/utils.js +34 -0
package/dist/executors/web.js +543 -0
package/dist/extraction/content-extraction.js +248 -0
package/dist/extraction/index.js +5 -0
package/dist/headless-control-contract.js +968 -0
package/dist/{index-v49pd2a0.js → index-45qvfjbf.js} +2 -2
package/dist/index.js +71 -372
package/dist/local-control-http-auth.js +3 -0
package/dist/mcp/client.js +182 -0
package/dist/mcp/connection.js +484 -0
package/dist/mcp/index.js +11 -0
package/dist/mcp/jsonrpc.js +145 -0
package/dist/mcp/types.js +8 -0
package/dist/network-control-adapter.js +73 -0
package/dist/network-runtime/address-types.js +166 -0
package/dist/network-runtime/db-owner-fencing.js +70 -0
package/dist/network-runtime/delivery-receipts.js +270 -0
package/dist/network-runtime/direct-endpoint-authority.js +26 -0
package/dist/network-runtime/index.js +13 -1
package/dist/network-runtime/local-control-contract.js +628 -0
package/dist/network-runtime/node-store-contract.js +35 -0
package/dist/network-runtime/pair-route-contract.js +78 -0
package/dist/network-runtime/peer-capabilities.js +29 -0
package/dist/network-runtime/peer-principal-ref.js +13 -0
package/dist/network-runtime/peer-state-machine.js +122 -0
package/dist/network-runtime/protocol-schemas.js +206 -0
package/dist/network-runtime/runtime-bootstrap-contract.js +61 -0
package/dist/outlook/desktop-session.js +280 -0
package/dist/policy.js +150 -0
package/dist/providers/brave.js +63 -0
package/dist/providers/duckduckgo.js +177 -0
package/dist/providers/exa.js +64 -0
package/dist/providers/firecrawl.js +56 -0
package/{dist-cjs/providers/index.d.ts → dist/providers/index.js} +1 -1
package/dist/providers/jina.js +50 -0
package/dist/providers/router.js +97 -0
package/dist/providers/search-provider.js +33 -0
package/dist/providers/tavily.js +55 -0
package/dist/pty-w5c9dv33.js +1 -0
package/dist/quip/desktop-session.js +318 -0
package/{dist-cjs/registry/index.d.ts → dist/registry/index.js} +1 -0
package/dist/registry/registry.js +757 -0
package/dist/runtime-socket-local-control-client.js +331 -0
package/dist/security/dns-normalization.js +20 -0
package/dist/security/dns-pinning.js +124 -0
package/dist/security/external-content.js +92 -0
package/dist/security/ssrf.js +182 -0
package/dist/slack/desktop-session.js +325 -0
package/dist/tool-factory.js +48 -0
package/dist/types.js +8 -0
package/dist/utils/retry.js +133 -0
package/dist/utils/safe-parse-json.js +161 -0
package/dist/utils/url.js +20 -0
package/dist-cjs/ask-user-interaction.js +28 -0
package/dist-cjs/cache/web-cache.js +71 -0
package/dist-cjs/definitions/arion.js +108 -0
package/dist-cjs/definitions/browser/browser.js +422 -0
package/dist-cjs/definitions/browser/index.js +9 -0
package/dist-cjs/definitions/browser/pw-downloads.js +118 -0
package/dist-cjs/definitions/browser/pw-interactions.js +214 -0
package/dist-cjs/definitions/browser/pw-responses.js +85 -0
package/dist-cjs/definitions/browser/pw-session.js +327 -0
package/dist-cjs/definitions/browser/pw-shared.js +73 -0
package/dist-cjs/definitions/browser/pw-snapshot.js +308 -0
package/dist-cjs/definitions/browser/pw-state.js +71 -0
package/dist-cjs/definitions/browser/types.js +6 -0
package/dist-cjs/definitions/code-intelligence.js +474 -0
package/dist-cjs/definitions/core.js +134 -0
package/dist-cjs/definitions/delegation.js +516 -0
package/dist-cjs/definitions/deploy.js +69 -0
package/dist-cjs/definitions/filesystem.js +200 -0
package/dist-cjs/definitions/frg.js +67 -0
package/dist-cjs/definitions/index.js +44 -0
package/dist-cjs/definitions/memory.js +127 -0
package/dist-cjs/definitions/messaging.js +632 -0
package/dist-cjs/definitions/meta.js +353 -0
package/dist-cjs/definitions/network.js +163 -0
package/dist-cjs/definitions/outlook.js +281 -0
package/dist-cjs/definitions/patch/apply-patch.js +192 -0
package/dist-cjs/definitions/patch/fuzzy-match.js +173 -0
package/dist-cjs/definitions/patch/index.js +6 -0
package/dist-cjs/definitions/patch/patch-parser.js +216 -0
package/dist-cjs/definitions/patch/sandbox-paths.js +114 -0
package/dist-cjs/definitions/process/index.js +9 -0
package/dist-cjs/definitions/process/process-registry.js +232 -0
package/dist-cjs/definitions/process/process.js +390 -0
package/dist-cjs/definitions/process/pty-keys.js +260 -0
package/dist-cjs/definitions/process/session-slug.js +146 -0
package/dist-cjs/definitions/quip.js +199 -0
package/dist-cjs/definitions/search.js +64 -0
package/dist-cjs/definitions/session-history.js +73 -0
package/dist-cjs/definitions/shell.js +185 -0
package/dist-cjs/definitions/slack.js +184 -0
package/dist-cjs/definitions/web.js +113 -0
package/dist-cjs/executors/apply-patch.js +939 -0
package/dist-cjs/executors/arion.js +126 -0
package/dist-cjs/executors/code-intelligence.js +926 -0
package/dist-cjs/executors/deploy.js +870 -0
package/dist-cjs/executors/filesystem.js +1164 -0
package/dist-cjs/executors/frg-freshness.js +628 -0
package/dist-cjs/executors/frg.js +335 -0
package/dist-cjs/executors/index.js +144 -0
package/dist-cjs/executors/learning-meta.js +1166 -0
package/dist-cjs/executors/memory.js +797 -0
package/dist-cjs/executors/meta.js +227 -0
package/dist-cjs/executors/process-registry.js +470 -0
package/dist-cjs/executors/pty-session-store.js +35 -0
package/dist-cjs/executors/pty.js +289 -0
package/dist-cjs/executors/restart.js +156 -0
package/dist-cjs/executors/search-freshness.js +235 -0
package/dist-cjs/executors/search-types.js +57 -0
package/dist-cjs/executors/search.js +103 -0
package/dist-cjs/executors/self-diagnose.js +435 -0
package/dist-cjs/executors/session-history.js +321 -0
package/dist-cjs/executors/shell-safety.js +479 -0
package/dist-cjs/executors/shell.js +1002 -0
package/dist-cjs/executors/utils.js +74 -0
package/dist-cjs/executors/web.js +548 -0
package/dist-cjs/extraction/content-extraction.js +289 -0
package/dist-cjs/extraction/index.js +9 -0
package/dist-cjs/headless-control-contract.js +973 -0
package/dist-cjs/index.js +436 -385
package/dist-cjs/local-control-http-auth.js +6 -0
package/dist-cjs/mcp/client.js +186 -0
package/dist-cjs/mcp/connection.js +488 -0
package/dist-cjs/mcp/index.js +31 -0
package/dist-cjs/mcp/jsonrpc.js +149 -0
package/dist-cjs/mcp/types.js +9 -0
package/dist-cjs/network-control-adapter.js +78 -0
package/dist-cjs/network-runtime/address-types.js +169 -0
package/dist-cjs/network-runtime/db-owner-fencing.js +77 -0
package/dist-cjs/network-runtime/delivery-receipts.js +279 -0
package/dist-cjs/network-runtime/direct-endpoint-authority.js +30 -0
package/dist-cjs/network-runtime/index.js +173 -8
package/dist-cjs/network-runtime/local-control-contract.js +634 -0
package/dist-cjs/network-runtime/node-store-contract.js +39 -0
package/dist-cjs/network-runtime/pair-route-contract.js +81 -0
package/dist-cjs/network-runtime/peer-capabilities.js +38 -0
package/dist-cjs/network-runtime/peer-principal-ref.js +16 -0
package/dist-cjs/network-runtime/peer-state-machine.js +130 -0
package/dist-cjs/network-runtime/protocol-schemas.js +213 -0
package/dist-cjs/network-runtime/runtime-bootstrap-contract.js +64 -0
package/dist-cjs/outlook/desktop-session.js +319 -0
package/dist-cjs/policy.js +156 -0
package/dist-cjs/providers/brave.js +67 -0
package/dist-cjs/providers/duckduckgo.js +181 -0
package/dist-cjs/providers/exa.js +68 -0
package/dist-cjs/providers/firecrawl.js +60 -0
package/dist-cjs/providers/index.js +18 -0
package/dist-cjs/providers/jina.js +54 -0
package/dist-cjs/providers/router.js +101 -0
package/dist-cjs/providers/search-provider.js +37 -0
package/dist-cjs/providers/tavily.js +59 -0
package/dist-cjs/quip/desktop-session.js +354 -0
package/dist-cjs/registry/index.js +7 -0
package/dist-cjs/registry/registry.js +762 -0
package/dist-cjs/runtime-socket-local-control-client.js +368 -0
package/dist-cjs/security/dns-normalization.js +23 -0
package/dist-cjs/security/dns-pinning.js +161 -0
package/dist-cjs/security/external-content.js +96 -0
package/dist-cjs/security/ssrf.js +222 -0
package/dist-cjs/slack/desktop-session.js +367 -0
package/dist-cjs/tool-factory.js +51 -0
package/dist-cjs/types.js +9 -0
package/dist-cjs/utils/retry.js +170 -0
package/dist-cjs/utils/safe-parse-json.js +165 -0
package/dist-cjs/utils/url.js +24 -0
package/package.json +11 -10
package/dist/ask-user-interaction.d.ts +0 -10
package/dist/cache/web-cache.d.ts +0 -52
package/dist/definitions/arion.d.ts +0 -8
package/dist/definitions/browser/browser.d.ts +0 -2
package/dist/definitions/browser/index.d.ts +0 -1
package/dist/definitions/browser/pw-downloads.d.ts +0 -13
package/dist/definitions/browser/pw-interactions.d.ts +0 -78
package/dist/definitions/browser/pw-responses.d.ts +0 -28
package/dist/definitions/browser/pw-session.d.ts +0 -65
package/dist/definitions/browser/pw-shared.d.ts +0 -22
package/dist/definitions/browser/pw-snapshot.d.ts +0 -34
package/dist/definitions/browser/pw-state.d.ts +0 -22
package/dist/definitions/browser/types.d.ts +0 -277
package/dist/definitions/code-intelligence.d.ts +0 -8
package/dist/definitions/core.d.ts +0 -47
package/dist/definitions/delegation.d.ts +0 -11
package/dist/definitions/deploy.d.ts +0 -15
package/dist/definitions/filesystem.d.ts +0 -9
package/dist/definitions/frg.d.ts +0 -3
package/dist/definitions/index.d.ts +0 -19
package/dist/definitions/memory.d.ts +0 -8
package/dist/definitions/messaging.d.ts +0 -11
package/dist/definitions/meta.d.ts +0 -11
package/dist/definitions/network.d.ts +0 -11
package/dist/definitions/outlook.d.ts +0 -2
package/dist/definitions/patch/apply-patch.d.ts +0 -11
package/dist/definitions/patch/fuzzy-match.d.ts +0 -10
package/dist/definitions/patch/index.d.ts +0 -1
package/dist/definitions/patch/patch-parser.d.ts +0 -50
package/dist/definitions/patch/sandbox-paths.d.ts +0 -18
package/dist/definitions/process/index.d.ts +0 -1
package/dist/definitions/process/process-registry.d.ts +0 -67
package/dist/definitions/process/process.d.ts +0 -9
package/dist/definitions/process/pty-keys.d.ts +0 -13
package/dist/definitions/process/session-slug.d.ts +0 -1
package/dist/definitions/quip.d.ts +0 -2
package/dist/definitions/search.d.ts +0 -9
package/dist/definitions/session-history.d.ts +0 -11
package/dist/definitions/shell.d.ts +0 -8
package/dist/definitions/slack.d.ts +0 -2
package/dist/definitions/web.d.ts +0 -8
package/dist/executors/apply-patch.d.ts +0 -51
package/dist/executors/arion.d.ts +0 -50
package/dist/executors/code-intelligence.d.ts +0 -138
package/dist/executors/deploy.d.ts +0 -169
package/dist/executors/filesystem.d.ts +0 -150
package/dist/executors/frg-freshness.d.ts +0 -93
package/dist/executors/frg.d.ts +0 -27
package/dist/executors/index.d.ts +0 -44
package/dist/executors/learning-meta.d.ts +0 -87
package/dist/executors/lsp-client.d.ts +0 -38
package/dist/executors/memory.d.ts +0 -203
package/dist/executors/meta.d.ts +0 -73
package/dist/executors/process-registry.d.ts +0 -98
package/dist/executors/pty-session-store.d.ts +0 -14
package/dist/executors/pty.d.ts +0 -133
package/dist/executors/restart.d.ts +0 -13
package/dist/executors/search-freshness.d.ts +0 -50
package/dist/executors/search-types.d.ts +0 -52
package/dist/executors/search.d.ts +0 -11
package/dist/executors/self-diagnose.d.ts +0 -89
package/dist/executors/session-history.d.ts +0 -75
package/dist/executors/shell-safety.d.ts +0 -27
package/dist/executors/shell.d.ts +0 -168
package/dist/executors/utils.d.ts +0 -20
package/dist/executors/web.d.ts +0 -89
package/dist/extraction/content-extraction.d.ts +0 -48
package/dist/extraction/index.d.ts +0 -4
package/dist/headless-control-contract.d.ts +0 -3182
package/dist/index.d.ts +0 -62
package/dist/local-control-http-auth.d.ts +0 -2
package/dist/mcp/client.d.ts +0 -68
package/dist/mcp/connection.d.ts +0 -54
package/dist/mcp/index.d.ts +0 -10
package/dist/mcp/jsonrpc.d.ts +0 -36
package/dist/mcp/types.d.ts +0 -178
package/dist/network-control-adapter.d.ts +0 -4
package/dist/network-runtime/address-types.d.ts +0 -201
package/dist/network-runtime/db-owner-fencing.d.ts +0 -43
package/dist/network-runtime/delivery-receipts.d.ts +0 -117
package/dist/network-runtime/direct-endpoint-authority.d.ts +0 -8
package/dist/network-runtime/index.d.ts +0 -24
package/dist/network-runtime/local-control-contract.d.ts +0 -758
package/dist/network-runtime/node-store-contract.d.ts +0 -49
package/dist/network-runtime/pair-route-contract.d.ts +0 -100
package/dist/network-runtime/peer-capabilities.d.ts +0 -10
package/dist/network-runtime/peer-principal-ref.d.ts +0 -9
package/dist/network-runtime/peer-state-machine.d.ts +0 -70
package/dist/network-runtime/protocol-schemas.d.ts +0 -328
package/dist/network-runtime/runtime-bootstrap-contract.d.ts +0 -81
package/dist/outlook/desktop-session.d.ts +0 -68
package/dist/policy.d.ts +0 -43
package/dist/providers/brave.d.ts +0 -10
package/dist/providers/duckduckgo.d.ts +0 -18
package/dist/providers/exa.d.ts +0 -10
package/dist/providers/firecrawl.d.ts +0 -10
package/dist/providers/index.d.ts +0 -8
package/dist/providers/jina.d.ts +0 -10
package/dist/providers/router.d.ts +0 -21
package/dist/providers/search-provider.d.ts +0 -35
package/dist/providers/tavily.d.ts +0 -10
package/dist/pty-cf6pmvx6.js +0 -1
package/dist/quip/desktop-session.d.ts +0 -69
package/dist/registry/index.d.ts +0 -1
package/dist/registry/registry.d.ts +0 -156
package/dist/runtime-socket-local-control-client.d.ts +0 -10
package/dist/security/dns-normalization.d.ts +0 -6
package/dist/security/dns-pinning.d.ts +0 -27
package/dist/security/external-content.d.ts +0 -40
package/dist/security/ssrf.d.ts +0 -40
package/dist/slack/desktop-session.d.ts +0 -69
package/dist/tool-factory.d.ts +0 -46
package/dist/types.d.ts +0 -1192
package/dist/utils/retry.d.ts +0 -11
package/dist/utils/safe-parse-json.d.ts +0 -26
package/dist/utils/url.d.ts +0 -10
package/dist-cjs/ask-user-interaction.d.ts +0 -10
package/dist-cjs/cache/web-cache.d.ts +0 -52
package/dist-cjs/definitions/arion.d.ts +0 -8
package/dist-cjs/definitions/browser/browser.d.ts +0 -2
package/dist-cjs/definitions/browser/index.d.ts +0 -1
package/dist-cjs/definitions/browser/pw-downloads.d.ts +0 -13
package/dist-cjs/definitions/browser/pw-interactions.d.ts +0 -78
package/dist-cjs/definitions/browser/pw-responses.d.ts +0 -28
package/dist-cjs/definitions/browser/pw-session.d.ts +0 -65
package/dist-cjs/definitions/browser/pw-shared.d.ts +0 -22
package/dist-cjs/definitions/browser/pw-snapshot.d.ts +0 -34
package/dist-cjs/definitions/browser/pw-state.d.ts +0 -22
package/dist-cjs/definitions/browser/types.d.ts +0 -277
package/dist-cjs/definitions/code-intelligence.d.ts +0 -8
package/dist-cjs/definitions/core.d.ts +0 -47
package/dist-cjs/definitions/delegation.d.ts +0 -11
package/dist-cjs/definitions/deploy.d.ts +0 -15
package/dist-cjs/definitions/filesystem.d.ts +0 -9
package/dist-cjs/definitions/frg.d.ts +0 -3
package/dist-cjs/definitions/memory.d.ts +0 -8
package/dist-cjs/definitions/messaging.d.ts +0 -11
package/dist-cjs/definitions/meta.d.ts +0 -11
package/dist-cjs/definitions/network.d.ts +0 -11
package/dist-cjs/definitions/outlook.d.ts +0 -2
package/dist-cjs/definitions/patch/apply-patch.d.ts +0 -11
package/dist-cjs/definitions/patch/fuzzy-match.d.ts +0 -10
package/dist-cjs/definitions/patch/patch-parser.d.ts +0 -50
package/dist-cjs/definitions/patch/sandbox-paths.d.ts +0 -18
package/dist-cjs/definitions/process/index.d.ts +0 -1
package/dist-cjs/definitions/process/process-registry.d.ts +0 -67
package/dist-cjs/definitions/process/process.d.ts +0 -9
package/dist-cjs/definitions/process/pty-keys.d.ts +0 -13
package/dist-cjs/definitions/process/session-slug.d.ts +0 -1
package/dist-cjs/definitions/quip.d.ts +0 -2
package/dist-cjs/definitions/search.d.ts +0 -9
package/dist-cjs/definitions/session-history.d.ts +0 -11
package/dist-cjs/definitions/shell.d.ts +0 -8
package/dist-cjs/definitions/slack.d.ts +0 -2
package/dist-cjs/definitions/web.d.ts +0 -8
package/dist-cjs/executors/apply-patch.d.ts +0 -51
package/dist-cjs/executors/arion.d.ts +0 -50
package/dist-cjs/executors/code-intelligence.d.ts +0 -138
package/dist-cjs/executors/deploy.d.ts +0 -169
package/dist-cjs/executors/filesystem.d.ts +0 -150
package/dist-cjs/executors/frg-freshness.d.ts +0 -93
package/dist-cjs/executors/frg.d.ts +0 -27
package/dist-cjs/executors/learning-meta.d.ts +0 -87
package/dist-cjs/executors/lsp-client.d.ts +0 -38
package/dist-cjs/executors/memory.d.ts +0 -203
package/dist-cjs/executors/meta.d.ts +0 -73
package/dist-cjs/executors/process-registry.d.ts +0 -98
package/dist-cjs/executors/pty-session-store.d.ts +0 -14
package/dist-cjs/executors/pty.d.ts +0 -133
package/dist-cjs/executors/restart.d.ts +0 -13
package/dist-cjs/executors/search-freshness.d.ts +0 -50
package/dist-cjs/executors/search-types.d.ts +0 -52
package/dist-cjs/executors/search.d.ts +0 -11
package/dist-cjs/executors/self-diagnose.d.ts +0 -89
package/dist-cjs/executors/session-history.d.ts +0 -75
package/dist-cjs/executors/shell-safety.d.ts +0 -27
package/dist-cjs/executors/shell.d.ts +0 -168
package/dist-cjs/executors/utils.d.ts +0 -20
package/dist-cjs/executors/web.d.ts +0 -89
package/dist-cjs/extraction/content-extraction.d.ts +0 -48
package/dist-cjs/extraction/index.d.ts +0 -4
package/dist-cjs/headless-control-contract.d.ts +0 -3182
package/dist-cjs/index.d.ts +0 -62
package/dist-cjs/local-control-http-auth.d.ts +0 -2
package/dist-cjs/mcp/client.d.ts +0 -68
package/dist-cjs/mcp/connection.d.ts +0 -54
package/dist-cjs/mcp/index.d.ts +0 -10
package/dist-cjs/mcp/jsonrpc.d.ts +0 -36
package/dist-cjs/mcp/types.d.ts +0 -178
package/dist-cjs/network-control-adapter.d.ts +0 -4
package/dist-cjs/network-runtime/address-types.d.ts +0 -201
package/dist-cjs/network-runtime/db-owner-fencing.d.ts +0 -43
package/dist-cjs/network-runtime/delivery-receipts.d.ts +0 -117
package/dist-cjs/network-runtime/direct-endpoint-authority.d.ts +0 -8
package/dist-cjs/network-runtime/index.d.ts +0 -24
package/dist-cjs/network-runtime/local-control-contract.d.ts +0 -758
package/dist-cjs/network-runtime/node-store-contract.d.ts +0 -49
package/dist-cjs/network-runtime/pair-route-contract.d.ts +0 -100
package/dist-cjs/network-runtime/peer-capabilities.d.ts +0 -10
package/dist-cjs/network-runtime/peer-principal-ref.d.ts +0 -9
package/dist-cjs/network-runtime/peer-state-machine.d.ts +0 -70
package/dist-cjs/network-runtime/protocol-schemas.d.ts +0 -328
package/dist-cjs/network-runtime/runtime-bootstrap-contract.d.ts +0 -81
package/dist-cjs/outlook/desktop-session.d.ts +0 -68
package/dist-cjs/policy.d.ts +0 -43
package/dist-cjs/providers/brave.d.ts +0 -10
package/dist-cjs/providers/duckduckgo.d.ts +0 -18
package/dist-cjs/providers/exa.d.ts +0 -10
package/dist-cjs/providers/firecrawl.d.ts +0 -10
package/dist-cjs/providers/jina.d.ts +0 -10
package/dist-cjs/providers/router.d.ts +0 -21
package/dist-cjs/providers/search-provider.d.ts +0 -35
package/dist-cjs/providers/tavily.d.ts +0 -10
package/dist-cjs/quip/desktop-session.d.ts +0 -69
package/dist-cjs/registry/registry.d.ts +0 -156
package/dist-cjs/runtime-socket-local-control-client.d.ts +0 -10
package/dist-cjs/security/dns-normalization.d.ts +0 -6
package/dist-cjs/security/dns-pinning.d.ts +0 -27
package/dist-cjs/security/external-content.d.ts +0 -40
package/dist-cjs/security/ssrf.d.ts +0 -40
package/dist-cjs/slack/desktop-session.d.ts +0 -69
package/dist-cjs/tool-factory.d.ts +0 -46
package/dist-cjs/types.d.ts +0 -1192
package/dist-cjs/utils/retry.d.ts +0 -11
package/dist-cjs/utils/safe-parse-json.d.ts +0 -26
package/dist-cjs/utils/url.d.ts +0 -10

package/dist-cjs/executors/utils.js ADDED Viewed

@@ -0,0 +1,74 @@
+"use strict";
+/**
+ * @aria/tools - Shared executor utilities
+ *
+ * Common helper functions used across all executor modules.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getErrorMessage = void 0;
+exports.success = success;
+exports.fail = fail;
+exports.isPathWithinBase = isPathWithinBase;
+const nodePath = __importStar(require("node:path"));
+var types_1 = require("@aria-cli/types");
+Object.defineProperty(exports, "getErrorMessage", { enumerable: true, get: function () { return types_1.getErrorMessage; } });
+/**
+ * Creates a successful result.
+ */
+function success(message, data) {
+    return { success: true, message, data };
+}
+/**
+ * Creates a failure result.
+ */
+function fail(message, data) {
+    return { success: false, message, data };
+}
+/**
+ * Checks if a resolved path is within the allowed base directory.
+ * Prevents path traversal attacks.
+ */
+function isPathWithinBase(resolvedPath, baseDir) {
+    const normalizedPath = nodePath.normalize(resolvedPath);
+    const normalizedBase = nodePath.normalize(baseDir);
+    // normalize() strips trailing separators except for root "/".
+    // Guard against root-as-base which would allow every absolute path.
+    const baseWithSep = normalizedBase.endsWith(nodePath.sep)
+        ? normalizedBase
+        : normalizedBase + nodePath.sep;
+    return normalizedPath === normalizedBase || normalizedPath.startsWith(baseWithSep);
+}
+//# sourceMappingURL=utils.js.map

package/dist-cjs/executors/web.js ADDED Viewed

@@ -0,0 +1,548 @@
+"use strict";
+/**
+ * @aria/tools - Web tool executors
+ *
+ * Implementation of web operations for ARIA tool system.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.executeWebSearch = executeWebSearch;
+exports.executeWebFetch = executeWebFetch;
+exports.executeBrowse = executeBrowse;
+const node_crypto_1 = require("node:crypto");
+const types_1 = require("@aria-cli/types");
+const zod_1 = require("zod");
+const utils_js_1 = require("./utils.js");
+const safe_parse_json_js_1 = require("../utils/safe-parse-json.js");
+const ssrf_js_1 = require("../security/ssrf.js");
+const router_js_1 = require("../providers/router.js");
+const index_js_1 = require("../providers/index.js");
+const search_provider_js_1 = require("../providers/search-provider.js");
+const web_cache_js_1 = require("../cache/web-cache.js");
+const retry_js_1 = require("../utils/retry.js");
+const external_content_js_1 = require("../security/external-content.js");
+const content_extraction_js_1 = require("../extraction/content-extraction.js");
+const url_js_1 = require("../utils/url.js");
+function buildSearchEnv(ctx) {
+    const env = ctx.env ?? {};
+    return {
+        ARIA_SEARCH_PROVIDER: env.ARIA_SEARCH_PROVIDER ?? process.env.ARIA_SEARCH_PROVIDER,
+        BRAVE_API_KEY: env.BRAVE_API_KEY ?? process.env.BRAVE_API_KEY,
+        FIRECRAWL_API_KEY: env.FIRECRAWL_API_KEY ?? process.env.FIRECRAWL_API_KEY,
+        EXA_API_KEY: env.EXA_API_KEY ?? process.env.EXA_API_KEY,
+        TAVILY_API_KEY: env.TAVILY_API_KEY ?? process.env.TAVILY_API_KEY,
+        JINA_API_KEY: env.JINA_API_KEY ?? process.env.JINA_API_KEY,
+    };
+}
+function createSearchRouter(env) {
+    return new router_js_1.SearchProviderRouter([
+        new index_js_1.BraveSearchProvider(env),
+        new index_js_1.TavilySearchProvider(env),
+        new index_js_1.JinaSearchProvider(env),
+        new index_js_1.ExaSearchProvider(env),
+        new index_js_1.FirecrawlSearchProvider(env),
+        new index_js_1.DuckDuckGoSearchProvider(),
+    ], env);
+}
+/** Default timeout for fetch requests in milliseconds */
+const DEFAULT_TIMEOUT_MS = 30_000;
+/** Default maximum response size in bytes for fetch (1MB) */
+const FETCH_MAX_SIZE_BYTES = 1 * 1024 * 1024;
+/** Default maximum response size in bytes for browse (2MB) */
+const BROWSE_MAX_SIZE_BYTES = 2 * 1024 * 1024;
+const JsonFetchContentSchema = zod_1.z.union([
+    zod_1.z.record(zod_1.z.string(), zod_1.z.unknown()),
+    zod_1.z.array(zod_1.z.unknown()),
+    zod_1.z.string(),
+    zod_1.z.number(),
+    zod_1.z.boolean(),
+    zod_1.z.null(),
+]);
+/**
+ * Creates an AbortController with a timeout.
+ */
+function createTimeoutController(timeoutMs) {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => {
+        if (!controller.signal.aborted) {
+            controller.abort();
+        }
+    }, timeoutMs);
+    return { controller, timeoutId };
+}
+/**
+ * Links a parent AbortSignal to a child AbortController, forwarding abort.
+ * Returns a cleanup function that MUST be called when the operation completes
+ * to prevent the listener from firing after the try/catch scope has exited.
+ */
+function linkAbortSignal(parentSignal, childController) {
+    if (!parentSignal)
+        return () => { };
+    const onAbort = () => {
+        if (!childController.signal.aborted) {
+            childController.abort();
+        }
+    };
+    parentSignal.addEventListener("abort", onAbort, { once: true });
+    return () => {
+        parentSignal.removeEventListener("abort", onAbort);
+    };
+}
+/**
+ * Reads a response body with a streaming byte limit.
+ * Unlike checking Content-Length alone, this protects against chunked/streaming
+ * responses that lack a Content-Length header.
+ *
+ * When `truncate` is false (default), throws if the limit is exceeded.
+ * When `truncate` is true, returns whatever was read up to the limit.
+ */
+async function readResponseWithLimit(response, maxBytes, options) {
+    const body = response.body;
+    if (!body) {
+        return { text: "", truncated: false, contentBytes: 0 };
+    }
+    const truncateMode = options?.truncate ?? false;
+    const reader = body.getReader();
+    const decoder = new TextDecoder();
+    const chunks = [];
+    let totalBytes = 0;
+    try {
+        for (;;) {
+            const { done, value } = await reader.read();
+            if (done)
+                break;
+            const chunkBytes = value.byteLength;
+            if (totalBytes + chunkBytes > maxBytes) {
+                if (truncateMode) {
+                    // Keep what we have so far (exclude the chunk that exceeded the limit)
+                    reader.cancel();
+                    chunks.push(decoder.decode());
+                    return {
+                        text: chunks.join(""),
+                        truncated: true,
+                        contentBytes: totalBytes,
+                    };
+                }
+                reader.cancel();
+                throw new Error(`Response body exceeds maximum size of ${maxBytes} bytes`);
+            }
+            totalBytes += chunkBytes;
+            chunks.push(decoder.decode(value, { stream: true }));
+        }
+        // Flush the decoder
+        chunks.push(decoder.decode());
+        return { text: chunks.join(""), truncated: false, contentBytes: totalBytes };
+    }
+    catch (err) {
+        reader.cancel();
+        throw err;
+    }
+}
+function ensureWrappedExternalContent(content, source) {
+    return (0, external_content_js_1.wrapExternalContent)(content, source).content;
+}
+function wrapWebSearchOutput(output) {
+    return {
+        query: output.query,
+        results: output.results.map((result) => ({
+            ...result,
+            content: ensureWrappedExternalContent(result.content, "web_search"),
+        })),
+    };
+}
+function hasAdvancedSearchOptions(input) {
+    return (input.limit !== undefined ||
+        input.topic !== undefined ||
+        (input.domains?.length ?? 0) > 0 ||
+        (input.excludeDomains?.length ?? 0) > 0 ||
+        input.timeRange !== undefined);
+}
+function buildSearchCachePayload(query, options) {
+    return JSON.stringify({ query, ...options });
+}
+function buildRouterSearchCacheKey(env, query, options) {
+    const resolved = (0, search_provider_js_1.resolveSearchProviderEnv)(env);
+    const providerOverride = resolved.ARIA_SEARCH_PROVIDER ?? "auto";
+    const providerAvailability = [
+        resolved.BRAVE_API_KEY ? "brave=1" : "brave=0",
+        resolved.TAVILY_API_KEY ? "tavily=1" : "tavily=0",
+        resolved.JINA_API_KEY ? "jina=1" : "jina=0",
+        resolved.EXA_API_KEY ? "exa=1" : "exa=0",
+        resolved.FIRECRAWL_API_KEY ? "firecrawl=1" : "firecrawl=0",
+    ].join(",");
+    return `search:router:${providerOverride}:${providerAvailability}:${buildSearchCachePayload(query, options)}`;
+}
+function buildNativeSearchCacheKey(providerName, query, options) {
+    return `search:native:${providerName}:${buildSearchCachePayload(query, options)}`;
+}
+/**
+ * Searches the web using the SearchProviderRouter with automatic fallback.
+ * Providers are selected based on available API keys (Brave, Tavily, Jina, Exa,
+ * Firecrawl, DuckDuckGo). DuckDuckGo is always available as a last resort.
+ *
+ * Results are cached via LRU+TTL cache for 15 minutes.
+ */
+async function executeWebSearch(input, ctx) {
+    const limit = input.limit ?? 10;
+    const searchOptions = {
+        limit,
+        ...(input.topic ? { topic: input.topic } : {}),
+        ...(input.domains ? { domains: input.domains } : {}),
+        ...(input.excludeDomains ? { excludeDomains: input.excludeDomains } : {}),
+        ...(input.timeRange ? { timeRange: input.timeRange } : {}),
+    };
+    const searchEnv = buildSearchEnv(ctx);
+    const advancedOptionsProvided = hasAdvancedSearchOptions(input);
+    const nativeSearchAvailable = Boolean(ctx.nativeSearchAdapter && ctx.providerContext?.capabilities?.nativeSearch);
+    const nativeProviderName = ctx.providerContext?.name ?? "unknown";
+    const routerCacheKey = buildRouterSearchCacheKey(searchEnv, input.query, searchOptions);
+    const nativeCacheKey = nativeSearchAvailable && !advancedOptionsProvided
+        ? buildNativeSearchCacheKey(nativeProviderName, input.query, searchOptions)
+        : undefined;
+    if (nativeCacheKey) {
+        const cachedNative = web_cache_js_1.searchCache.get(nativeCacheKey);
+        if (cachedNative) {
+            return (0, utils_js_1.success)(`Found ${cachedNative.results.length} cached results for "${input.query}"`, wrapWebSearchOutput(cachedNative));
+        }
+    }
+    else {
+        const cachedRouter = web_cache_js_1.searchCache.get(routerCacheKey);
+        if (cachedRouter) {
+            return (0, utils_js_1.success)(`Found ${cachedRouter.results.length} cached results for "${input.query}"`, wrapWebSearchOutput(cachedRouter));
+        }
+    }
+    if (advancedOptionsProvided && nativeSearchAvailable) {
+        types_1.log.debug("[web_search] advanced options provided; bypassing native adapter");
+    }
+    // Native search routing: If provider supports native search and adapter is wired, use it
+    // Phase 1: Gemini isolated adapter (router-based callback pattern)
+    if (nativeSearchAvailable && ctx.nativeSearchAdapter && !advancedOptionsProvided) {
+        try {
+            const rawResults = await ctx.nativeSearchAdapter(input.query);
+            if (rawResults.length === 0) {
+                throw new Error("Native search returned no results");
+            }
+            const results = rawResults.map((r) => ({
+                title: r.title,
+                url: r.url,
+                content: r.content,
+                score: r.score,
+            }));
+            const output = { query: input.query, results };
+            web_cache_js_1.searchCache.set(nativeCacheKey, output);
+            return (0, utils_js_1.success)(`Found ${results.length} results for "${input.query}" (native search)`, wrapWebSearchOutput(output));
+        }
+        catch (err) {
+            // Fall through to SearchProviderRouter on native search failure
+            types_1.log.debug(`[web_search] native adapter failed, falling back: ${(0, utils_js_1.getErrorMessage)(err)}`);
+            const cachedRouterFallback = web_cache_js_1.searchCache.get(routerCacheKey);
+            if (cachedRouterFallback) {
+                return (0, utils_js_1.success)(`Found ${cachedRouterFallback.results.length} cached results for "${input.query}"`, wrapWebSearchOutput(cachedRouterFallback));
+            }
+        }
+    }
+    const searchRouter = createSearchRouter(searchEnv);
+    try {
+        // Race search against context abort signal for cancellation support
+        let results;
+        if (ctx.abortSignal) {
+            const abortPromise = new Promise((_resolve, reject) => {
+                if (ctx.abortSignal.aborted) {
+                    reject(new DOMException("The operation was aborted", "AbortError"));
+                    return;
+                }
+                ctx.abortSignal.addEventListener("abort", () => reject(new DOMException("The operation was aborted", "AbortError")), { once: true });
+            });
+            results = await Promise.race([searchRouter.search(input.query, searchOptions), abortPromise]);
+        }
+        else {
+            results = await searchRouter.search(input.query, searchOptions);
+        }
+        // Normalize results to WebSearchResult shape (cache raw; wrap at return-time)
+        const webResults = results.map((r) => ({
+            title: r.title,
+            url: r.url,
+            content: r.content,
+            score: r.score,
+        }));
+        const output = { query: input.query, results: webResults };
+        web_cache_js_1.searchCache.set(routerCacheKey, output);
+        return (0, utils_js_1.success)(`Found ${webResults.length} results for "${input.query}"`, wrapWebSearchOutput(output));
+    }
+    catch (err) {
+        if (ctx.abortSignal?.aborted) {
+            return (0, utils_js_1.fail)("Web search cancelled");
+        }
+        return (0, utils_js_1.fail)(`Web search failed: ${(0, utils_js_1.getErrorMessage)(err)}`);
+    }
+}
+function wrapWebFetchOutput(output) {
+    if (typeof output.content !== "string") {
+        return output;
+    }
+    return {
+        ...output,
+        content: ensureWrappedExternalContent(output.content, "web_fetch"),
+    };
+}
+function markFetchOutputFromCache(cached) {
+    return {
+        ...cached,
+        fromCache: true,
+    };
+}
+function normalizeRequestHeaders(headers) {
+    if (!headers) {
+        return [];
+    }
+    return Object.entries(headers)
+        .map(([name, value]) => [name.trim().toLowerCase(), value.trim()])
+        .sort(([left], [right]) => left.localeCompare(right));
+}
+function hashRequestHeaders(headers) {
+    const normalizedHeaders = normalizeRequestHeaders(headers);
+    if (normalizedHeaders.length === 0) {
+        return "none";
+    }
+    return (0, node_crypto_1.createHash)("sha256").update(JSON.stringify(normalizedHeaders)).digest("hex");
+}
+function createFetchCacheKey({ url, format, headers, timeoutMs, maxSizeBytes, }) {
+    return `fetch:${url}:${format}:headers=${hashRequestHeaders(headers)}:maxSizeBytes=${maxSizeBytes}:timeoutMs=${timeoutMs}`;
+}
+/**
+ * Fetches content from a URL with retry resilience, caching, and security wrapping.
+ * Uses fetchWithRetry for automatic retry on transient failures (429, 5xx, ECONNRESET).
+ * Results are cached via LRU+TTL cache for 15 minutes.
+ */
+async function executeWebFetch(input, ctx) {
+    // Normalize GitHub blob URLs to raw content URLs before fetching
+    const url = (0, url_js_1.normalizeGitHubUrl)(input.url);
+    // Validate URL structure. DNS/SSRF safety is enforced by fetchWithSsrf
+    // so validation and fetch share one trust boundary.
+    const urlError = (0, ssrf_js_1.validateUrlStructure)(url);
+    if (urlError) {
+        return (0, utils_js_1.fail)(urlError);
+    }
+    const format = input.format ?? "text";
+    const timeoutMs = input.timeoutMs ?? DEFAULT_TIMEOUT_MS;
+    const maxSizeBytes = input.maxSizeBytes ?? FETCH_MAX_SIZE_BYTES;
+    // Check cache first (use normalized URL + request variants to avoid collisions)
+    const cacheKey = createFetchCacheKey({
+        url,
+        format,
+        headers: input.headers,
+        timeoutMs,
+        maxSizeBytes,
+    });
+    const cached = web_cache_js_1.fetchCache.get(cacheKey);
+    if (cached) {
+        return (0, utils_js_1.success)(`Fetched ${input.url} (cached)`, wrapWebFetchOutput(markFetchOutputFromCache(cached)));
+    }
+    const { controller, timeoutId } = createTimeoutController(timeoutMs);
+    // Forward context abort signal to our controller
+    const unlinkAbort = linkAbortSignal(ctx.abortSignal, controller);
+    try {
+        const fetchOptions = {
+            headers: input.headers ?? {},
+            signal: controller.signal,
+            redirect: "manual",
+        };
+        // Use DNS-pinned SSRF fetch wrapper with transient retry support.
+        const initialResponse = await (0, retry_js_1.fetchWithSsrf)(url, fetchOptions, {
+            maxAttempts: 2,
+        });
+        // Follow redirects manually and keep each hop on the same DNS-pinned path.
+        const response = await (0, ssrf_js_1.followRedirects)(initialResponse, fetchOptions, {
+            baseUrl: url,
+            fetchFn: (redirectUrl, redirectInit) => (0, retry_js_1.fetchWithSsrf)(redirectUrl, redirectInit, { maxAttempts: 2 }),
+            validateRedirectUrl: ssrf_js_1.validateUrlStructure,
+        });
+        clearTimeout(timeoutId);
+        if (!response.ok) {
+            await (0, ssrf_js_1.discardResponseBody)(response);
+            unlinkAbort();
+            return (0, utils_js_1.fail)(`HTTP error: ${response.status} ${response.statusText}`, {
+                status: response.status,
+                statusText: response.statusText,
+            });
+        }
+        // Check Content-Length header for size limit
+        const contentLength = response.headers.get("Content-Length");
+        if (contentLength) {
+            const size = parseInt(contentLength, 10);
+            if (!isNaN(size) && size > maxSizeBytes) {
+                await (0, ssrf_js_1.discardResponseBody)(response);
+                unlinkAbort();
+                return (0, utils_js_1.fail)(`Response too large: ${size} bytes exceeds maximum of ${maxSizeBytes} bytes`);
+            }
+        }
+        const contentType = response.headers.get("Content-Type") ?? undefined;
+        let content;
+        // Use streaming reader to enforce size limit even for chunked responses
+        let text;
+        let contentBytes = 0;
+        try {
+            const result = await readResponseWithLimit(response, maxSizeBytes);
+            text = result.text;
+            contentBytes = result.contentBytes;
+            if (result.truncated) {
+                unlinkAbort();
+                return (0, utils_js_1.fail)(`Response body exceeds maximum size of ${maxSizeBytes} bytes`);
+            }
+        }
+        catch (sizeErr) {
+            unlinkAbort();
+            return (0, utils_js_1.fail)((0, utils_js_1.getErrorMessage)(sizeErr));
+        }
+        if (format === "json") {
+            const parsed = (0, safe_parse_json_js_1.safeParseJson)(text, JsonFetchContentSchema);
+            if (!parsed.ok) {
+                unlinkAbort();
+                return (0, utils_js_1.fail)(`Failed to parse JSON response (${parsed.reason})`);
+            }
+            content = parsed.data;
+        }
+        else {
+            content = text;
+        }
+        const output = {
+            content,
+            status: response.status,
+            contentType,
+            fromCache: false,
+            fetchedAt: new Date().toISOString(),
+            finalUrl: response.url || url,
+            contentBytes,
+            truncated: false,
+        };
+        web_cache_js_1.fetchCache.set(cacheKey, output);
+        unlinkAbort();
+        return (0, utils_js_1.success)(`Fetched ${input.url} (${response.status})`, wrapWebFetchOutput(output));
+    }
+    catch (err) {
+        clearTimeout(timeoutId);
+        unlinkAbort();
+        if (err instanceof Error &&
+            (err.name === "AbortError" || (err instanceof DOMException && err.name === "AbortError"))) {
+            if (ctx.abortSignal?.aborted) {
+                return (0, utils_js_1.fail)("Request cancelled");
+            }
+            return (0, utils_js_1.fail)(`Request timed out after ${timeoutMs}ms`);
+        }
+        return (0, utils_js_1.fail)((0, utils_js_1.getErrorMessage)(err));
+    }
+}
+// ============================================================================
+// Browse
+// ============================================================================
+/** Default timeout for browsing in milliseconds */
+const BROWSE_TIMEOUT_MS = 30_000;
+/** Maximum content length returned by browse (characters) — increased from 10K to 50K */
+const BROWSE_MAX_CONTENT_LENGTH = 50_000;
+function wrapBrowseOutput(output) {
+    return {
+        ...output,
+        content: ensureWrappedExternalContent(output.content, "browse"),
+    };
+}
+function markBrowseOutputFromCache(cached) {
+    return {
+        ...cached,
+        fromCache: true,
+    };
+}
+/**
+ * Browses a URL by fetching its HTML content and extracting Markdown.
+ * Uses Readability.js + Turndown for article extraction with three-tier fallback.
+ * Supports GitHub URL normalization, retry on transient failures, LRU+TTL caching,
+ * and nonce-based external content wrapping.
+ */
+async function executeBrowse(input, ctx) {
+    // Validate URL
+    if (!input.url) {
+        return (0, utils_js_1.fail)("URL is required for browse");
+    }
+    // Normalize GitHub blob URLs to raw content URLs
+    const url = (0, url_js_1.normalizeGitHubUrl)(input.url);
+    // Check cache (using normalized URL as key)
+    const cached = web_cache_js_1.browseCache.get(url);
+    if (cached) {
+        return (0, utils_js_1.success)(`Browsed ${input.url} (cached)`, wrapBrowseOutput(markBrowseOutputFromCache(cached)));
+    }
+    const urlError = (0, ssrf_js_1.validateUrlStructure)(url);
+    if (urlError) {
+        return (0, utils_js_1.fail)(urlError);
+    }
+    const timeoutMs = input.timeoutMs ?? BROWSE_TIMEOUT_MS;
+    const { controller, timeoutId } = createTimeoutController(timeoutMs);
+    // Forward context abort signal to our controller
+    const unlinkAbort = linkAbortSignal(ctx.abortSignal, controller);
+    try {
+        const fetchOptions = {
+            headers: {
+                "User-Agent": (0, url_js_1.getUserAgent)(),
+                Accept: "text/html, application/xhtml+xml, */*",
+            },
+            signal: controller.signal,
+            redirect: "manual",
+        };
+        // Use DNS-pinned SSRF fetch wrapper with transient retry support.
+        const initialResponse = await (0, retry_js_1.fetchWithSsrf)(url, fetchOptions, {
+            maxAttempts: 2,
+        });
+        // Follow redirects manually and keep each hop on the same DNS-pinned path.
+        const response = await (0, ssrf_js_1.followRedirects)(initialResponse, fetchOptions, {
+            baseUrl: url,
+            fetchFn: (redirectUrl, redirectInit) => (0, retry_js_1.fetchWithSsrf)(redirectUrl, redirectInit, { maxAttempts: 2 }),
+            validateRedirectUrl: ssrf_js_1.validateUrlStructure,
+        });
+        clearTimeout(timeoutId);
+        if (!response.ok) {
+            await (0, ssrf_js_1.discardResponseBody)(response);
+            unlinkAbort();
+            return (0, utils_js_1.fail)(`HTTP error fetching ${input.url}: ${response.status} ${response.statusText}`);
+        }
+        // Truncate large pages gracefully — content gets reduced to 50K chars by
+        // Readability+Turndown anyway, so the first 2MB of HTML is plenty.
+        const { text: html, truncated: responseTruncated, contentBytes, } = await readResponseWithLimit(response, BROWSE_MAX_SIZE_BYTES, {
+            truncate: true,
+        });
+        // Extract content using Content-Type-aware extraction pipeline.
+        const { title, content: extractedContent } = await (0, content_extraction_js_1.extractFromResponse)(html, url, response.headers.get("Content-Type"));
+        // Truncate to 50K character limit
+        // extractContent() internally truncates to MAX_CONTENT_LENGTH (50K),
+        // so content that was originally longer arrives here at exactly 50K.
+        // Use >= to detect content that hit the internal limit.
+        const contentLimitReached = extractedContent.length >= BROWSE_MAX_CONTENT_LENGTH;
+        const truncated = contentLimitReached || responseTruncated;
+        const truncatedContent = contentLimitReached
+            ? extractedContent.slice(0, BROWSE_MAX_CONTENT_LENGTH) + "\n\n[Content truncated]"
+            : responseTruncated
+                ? extractedContent + "\n\n[Content truncated]"
+                : extractedContent;
+        const output = {
+            url: input.url,
+            title,
+            content: truncatedContent,
+            fromCache: false,
+            fetchedAt: new Date().toISOString(),
+            finalUrl: response.url || url,
+            contentBytes,
+            truncated,
+        };
+        web_cache_js_1.browseCache.set(url, output);
+        unlinkAbort();
+        return (0, utils_js_1.success)(`Browsed ${input.url}`, wrapBrowseOutput(output));
+    }
+    catch (err) {
+        clearTimeout(timeoutId);
+        unlinkAbort();
+        if (err instanceof Error && err.name === "AbortError") {
+            if (ctx.abortSignal?.aborted) {
+                return (0, utils_js_1.fail)("Browse cancelled");
+            }
+            return (0, utils_js_1.fail)(`Browse timed out after ${timeoutMs}ms: ${input.url}`);
+        }
+        return (0, utils_js_1.fail)(`Browse failed: ${(0, utils_js_1.getErrorMessage)(err)}`);
+    }
+}
+//# sourceMappingURL=web.js.map