@clawos-dev/clawd 0.2.150 → 0.2.151-beta.319.24d7cf9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.cjs +39 -39
- package/package.json +1 -1
package/dist/cli.cjs
CHANGED
|
@@ -35695,35 +35695,7 @@ var DEFAULT_PERSONAS = [
|
|
|
35695
35695
|
model: "opus",
|
|
35696
35696
|
iconKey: "doc",
|
|
35697
35697
|
public: false,
|
|
35698
|
-
|
|
35699
|
-
// 工具 + node/pnpm 工具链精确路径 + 出站 TLD 通配白名单。html-slides 需要联网(git clone frontend-slides
|
|
35700
|
-
// skill、调阿里云 CLI/SDK)。
|
|
35701
|
-
// 阿里云凭证:**复用共享 deploy-kit 单源**($HOME/.clawd/deploy-kit/.secrets/aliyun.env,全 FC persona 共用、
|
|
35702
|
-
// seedDeployKit 每次安装都铺),不在 persona 目录另存一份。app-builder 的 FC 部署走 daemon 侧脚本(沙箱外)
|
|
35703
|
-
// 故其 profile 无需 carve 这个路径;html-slides 没有 daemon 侧流程、要在 cc 沙箱内直接 `set -a; . $HOME/.clawd/
|
|
35704
|
-
// deploy-kit/.secrets/aliyun.env; set +a` 后调 aliyun CLI(env 凭证绕过沙箱外的 ~/.aliyun/),所以这里**额外**把
|
|
35705
|
-
// 这个凭证文件加进 allowRead(denyRead '~/' 之上的精确凿洞,单文件、最小暴露,同 ~/.npmrc 先例)。
|
|
35706
|
-
sandboxProfile: {
|
|
35707
|
-
permissions: {
|
|
35708
|
-
defaultMode: "bypassPermissions",
|
|
35709
|
-
allow: ["Read", "Edit", "Write", "Glob", "Grep", "WebFetch", "WebSearch"]
|
|
35710
|
-
},
|
|
35711
|
-
sandbox: {
|
|
35712
|
-
filesystem: {
|
|
35713
|
-
allowRead: ["~/.npmrc", "~/Library/Preferences/pnpm", "~/.nvm", "~/Library/pnpm", "~/.local/share/pnpm", "~/.local/state/pnpm", "~/.npm", "~/.pnpm-store", "~/.clawd/deploy-kit/.secrets/aliyun.env"],
|
|
35714
|
-
allowWrite: ["~/Library/pnpm", "~/.local/share/pnpm", "~/.local/state/pnpm", "~/.npm", "~/.pnpm-store"]
|
|
35715
|
-
},
|
|
35716
|
-
network: {
|
|
35717
|
-
allowedDomains: ["*.com", "*.org", "*.io", "*.net", "*.dev", "*.app", "*.cn", "*.co", "*.chat", "*.ai"],
|
|
35718
|
-
allowLocalBinding: true
|
|
35719
|
-
}
|
|
35720
|
-
}
|
|
35721
|
-
},
|
|
35722
|
-
codexSandbox: {
|
|
35723
|
-
writableRoots: ["~/Library/pnpm", "~/.local/share/pnpm", "~/.local/state/pnpm", "~/.npm", "~/.pnpm-store"],
|
|
35724
|
-
denyRead: [".secrets/**"],
|
|
35725
|
-
network: true
|
|
35726
|
-
}
|
|
35698
|
+
sandboxProfile: DEFAULT_BYPASS_PROFILE
|
|
35727
35699
|
}
|
|
35728
35700
|
];
|
|
35729
35701
|
function bundleSiblingFromArgv(argv1, sibling) {
|
|
@@ -37189,40 +37161,68 @@ function observeReady(surface, opts) {
|
|
|
37189
37161
|
}
|
|
37190
37162
|
};
|
|
37191
37163
|
}
|
|
37164
|
+
var BYPASS_SETTLE_MS = 300;
|
|
37192
37165
|
function createBootGate(pty, logger) {
|
|
37193
37166
|
const stripAnsi = (s) => s.replace(/\x1b\[[0-9;?]*C/g, " ").replace(/\x1b\[[0-9;?]*[a-zA-Z]/g, "").replace(/\x1b\][^\x07]*\x07/g, "").replace(/\x1b[NOPM=>78]/g, "").replace(/[\x00-\x1f\x7f]/g, " ");
|
|
37194
37167
|
const popups = {
|
|
37195
|
-
trust: {
|
|
37168
|
+
trust: {
|
|
37169
|
+
handled: false,
|
|
37170
|
+
fired: false,
|
|
37171
|
+
timer: void 0,
|
|
37172
|
+
regex: /trust\s*this\s*folder/i,
|
|
37173
|
+
accept: "\r",
|
|
37174
|
+
settleMs: 0,
|
|
37175
|
+
label: "trust-folder"
|
|
37176
|
+
},
|
|
37196
37177
|
bypass: {
|
|
37197
37178
|
handled: false,
|
|
37198
|
-
|
|
37179
|
+
fired: false,
|
|
37180
|
+
timer: void 0,
|
|
37181
|
+
regex: /Bypass\s*Permissions\s*mode|By\s*proceeding/i,
|
|
37199
37182
|
accept: "2\r",
|
|
37183
|
+
settleMs: BYPASS_SETTLE_MS,
|
|
37200
37184
|
label: "bypass-warning"
|
|
37201
37185
|
}
|
|
37202
37186
|
};
|
|
37203
37187
|
let scanBuf = "";
|
|
37188
|
+
const press = (popup) => {
|
|
37189
|
+
popup.fired = true;
|
|
37190
|
+
logger?.debug(`${popup.label} popup auto-yes`);
|
|
37191
|
+
try {
|
|
37192
|
+
pty.write(popup.accept);
|
|
37193
|
+
} catch (err) {
|
|
37194
|
+
logger?.warn(`${popup.label} auto-yes write failed`, {
|
|
37195
|
+
error: err.message
|
|
37196
|
+
});
|
|
37197
|
+
}
|
|
37198
|
+
};
|
|
37199
|
+
let disposed = false;
|
|
37204
37200
|
return {
|
|
37205
37201
|
feedBytes(data) {
|
|
37202
|
+
if (disposed) return;
|
|
37206
37203
|
scanBuf += data.toString("utf8");
|
|
37207
37204
|
const cleanBuf = stripAnsi(scanBuf).replace(/\s+/g, " ");
|
|
37208
37205
|
for (const popup of Object.values(popups)) {
|
|
37209
37206
|
if (popup.handled) continue;
|
|
37210
37207
|
if (popup.regex.test(cleanBuf)) {
|
|
37211
37208
|
popup.handled = true;
|
|
37212
|
-
logger?.debug(`${popup.label} popup auto-yes`);
|
|
37213
|
-
try {
|
|
37214
|
-
pty.write(popup.accept);
|
|
37215
|
-
} catch (err) {
|
|
37216
|
-
logger?.warn(`${popup.label} auto-yes write failed`, {
|
|
37217
|
-
error: err.message
|
|
37218
|
-
});
|
|
37219
|
-
}
|
|
37220
37209
|
scanBuf = "";
|
|
37210
|
+
if (popup.settleMs === 0) press(popup);
|
|
37211
|
+
}
|
|
37212
|
+
}
|
|
37213
|
+
for (const popup of Object.values(popups)) {
|
|
37214
|
+
if (popup.handled && popup.settleMs > 0 && !popup.fired) {
|
|
37215
|
+
if (popup.timer) clearTimeout(popup.timer);
|
|
37216
|
+
popup.timer = setTimeout(() => press(popup), popup.settleMs);
|
|
37221
37217
|
}
|
|
37222
37218
|
}
|
|
37223
37219
|
if (scanBuf.length > 8192) scanBuf = scanBuf.slice(-4096);
|
|
37224
37220
|
},
|
|
37225
37221
|
dispose() {
|
|
37222
|
+
disposed = true;
|
|
37223
|
+
for (const popup of Object.values(popups)) {
|
|
37224
|
+
if (popup.timer) clearTimeout(popup.timer);
|
|
37225
|
+
}
|
|
37226
37226
|
}
|
|
37227
37227
|
};
|
|
37228
37228
|
}
|
package/package.json
CHANGED