@cloudflare/sandbox 0.6.3 → 0.6.5

package/Dockerfile

@@ -1,17 +1,15 @@
-# Sandbox container image with full development environment
+# Sandbox container images (default and python variants)
 # Multi-stage build optimized for Turborepo monorepo
 
 # ============================================================================
 # Stage 1: Prune monorepo to only include necessary packages
 # ============================================================================
-FROM node:20-alpine AS pruner
+FROM node:20-slim AS pruner
 
 WORKDIR /app
 
-# Install Turborepo globally
 RUN npm install -g turbo
 
-# Copy entire monorepo
 COPY . .
 
 # Prune to only @repo/sandbox-container and its dependencies (@repo/shared)
@@ -20,13 +18,15 @@ RUN turbo prune @repo/sandbox-container --docker
 
 # ============================================================================
 # Stage 2: Install dependencies and build packages
+# Using glibc-based images (not Alpine) so the standalone binary works on
+# standard Linux distributions (Debian, Ubuntu, RHEL, etc.)
 # ============================================================================
-FROM node:20-alpine AS builder
+FROM node:20-slim AS builder
 
 WORKDIR /app
 
-# Install Bun runtime (needed for sandbox-container build script)
-COPY --from=oven/bun:1-alpine /usr/local/bin/bun /usr/local/bin/bun
+# Install Bun runtime (glibc version for glibc-compatible standalone binary)
+COPY --from=oven/bun:1 /usr/local/bin/bun /usr/local/bin/bun
 
 # Copy pruned lockfile and package.json files (for Docker layer caching)
 COPY --from=pruner /app/out/json/ .
@@ -36,11 +36,10 @@ COPY --from=pruner /app/out/package-lock.json ./package-lock.json
 RUN --mount=type=cache,target=/root/.npm \
     CI=true npm ci
 
-# Copy pruned source code
 COPY --from=pruner /app/out/full/ .
 
 # Build all packages (Turborepo handles dependency order automatically)
-# This builds @repo/shared first, then @repo/sandbox-container
+# This builds @repo/shared first, then @repo/sandbox-container (including standalone binary)
 RUN npx turbo run build
 
 # ============================================================================
@@ -96,7 +95,6 @@ ARG SANDBOX_VERSION=unknown
 # Prevent interactive prompts during package installation
 ENV DEBIAN_FRONTEND=noninteractive
 
-# Set the sandbox version as an environment variable for version checking
 ENV SANDBOX_VERSION=${SANDBOX_VERSION}
 
 # Install runtime packages and S3FS-FUSE for bucket mounting
@@ -123,27 +121,24 @@ RUN ln -s /usr/local/lib/node_modules/npm/bin/npm-cli.js /usr/local/bin/npm && \
 # Install Bun runtime from official image
 COPY --from=oven/bun:1 /usr/local/bin/bun /usr/local/bin/bun
 
-# Set up runtime container server directory
-WORKDIR /container-server
+# Copy standalone binary
+COPY --from=builder /app/packages/sandbox-container/dist/sandbox /container-server/sandbox
 
-# Copy bundled container server (all dependencies inlined, no node_modules needed)
-COPY --from=builder /app/packages/sandbox-container/dist/index.js ./dist/
-COPY --from=builder /app/packages/sandbox-container/dist/index.js.map ./dist/
+# Set up container server directory for executors
+WORKDIR /container-server
 
-# Copy bundled JavaScript executor
+# Copy bundled JavaScript executor (runs on Node or Bun for code interpreter)
 COPY --from=builder /app/packages/sandbox-container/dist/runtime/executors/javascript/node_executor.js ./dist/runtime/executors/javascript/
-COPY --from=builder /app/packages/sandbox-container/dist/runtime/executors/javascript/node_executor.js.map ./dist/runtime/executors/javascript/
 
-# Create clean workspace directory for user code
+# Copy legacy JS bundle for backwards compatibility
+# Users with custom startup scripts that call `bun /container-server/dist/index.js` need this
+COPY --from=builder /app/packages/sandbox-container/dist/index.js ./dist/
+
 RUN mkdir -p /workspace
 
 # Expose the application port (3000 for control)
 EXPOSE 3000
 
-# Copy and make startup script executable
-COPY packages/sandbox/startup.sh ./
-RUN chmod +x startup.sh
-
 # ============================================================================
 # Stage 5a: Default image - lean, no Python
 # ============================================================================
@@ -154,7 +149,7 @@ ENV PYTHON_POOL_MIN_SIZE=0
 ENV JAVASCRIPT_POOL_MIN_SIZE=3
 ENV TYPESCRIPT_POOL_MIN_SIZE=3
 
-CMD ["/container-server/startup.sh"]
+ENTRYPOINT ["/container-server/sandbox"]
 
 # ============================================================================
 # Stage 5b: Python image - full, with Python + data science packages
@@ -186,4 +181,28 @@ ENV PYTHON_POOL_MIN_SIZE=3
 ENV JAVASCRIPT_POOL_MIN_SIZE=3
 ENV TYPESCRIPT_POOL_MIN_SIZE=3
 
-CMD ["/container-server/startup.sh"]
+ENTRYPOINT ["/container-server/sandbox"]
+
+# ============================================================================
+# Stage 5c: OpenCode image - with OpenCode CLI for AI coding agent
+# ============================================================================
+FROM runtime-base AS opencode
+
+# Add opencode to PATH
+ENV PATH="/root/.opencode/bin:${PATH}"
+
+# Install OpenCode CLI
+RUN curl -fsSL https://opencode.ai/install -o /tmp/install-opencode.sh \
+    && bash /tmp/install-opencode.sh \
+    && rm /tmp/install-opencode.sh \
+    && opencode --version
+
+# Disable Python pool (Python not available in this image)
+ENV PYTHON_POOL_MIN_SIZE=0
+ENV JAVASCRIPT_POOL_MIN_SIZE=3
+ENV TYPESCRIPT_POOL_MIN_SIZE=3
+
+# Expose OpenCode server port (in addition to 3000 from runtime-base)
+EXPOSE 4096
+
+ENTRYPOINT ["/container-server/sandbox"]

package/README.md

@@ -150,8 +150,12 @@ npm run check
 
 See the [examples directory](./examples) for complete working examples:
 
-- [Minimal](./examples/minimal) - Basic sandbox setup
-- [Code Interpreter](./examples/code-interpreter) - Use sandbox as an interpreter tool with gpt-oss
+- [Minimal](./examples/minimal) - Start here: exec commands, read/write files
+- [Code Interpreter](./examples/code-interpreter) - Give [gpt-oss](https://developers.cloudflare.com/workers-ai/models/gpt-oss-120b/) on Workers AI a Python REPL
+- [Claude Code](./examples/claude-code) - Run [Claude Code](https://claude.ai/code) headless on any repo
+- [OpenAI Agents](./examples/openai-agents) - `Shell` and `Editor` tools for [OpenAI Agents SDK](https://openai.github.io/openai-agents-js/)
+- [OpenCode](./examples/opencode) - [OpenCode](https://github.com/sst/opencode) web UI or [SDK](https://opencode.ai/docs/sdk/) in a sandbox
+- [TypeScript Validator](./examples/typescript-validator) - Build with npm in sandbox, execute in [isolates](https://developers.cloudflare.com/workers/runtime-apis/bindings/worker-loader/)
 
 ## Status
 

package/dist/contexts-CdrlvHWK.d.ts

@@ -0,0 +1,162 @@
+//#region ../shared/dist/errors/codes.d.ts
+/**
+ * Centralized error code registry
+ * Each code maps to a specific error type with consistent semantics
+ */
+declare const ErrorCode: {
+  readonly FILE_NOT_FOUND: "FILE_NOT_FOUND";
+  readonly PERMISSION_DENIED: "PERMISSION_DENIED";
+  readonly FILE_EXISTS: "FILE_EXISTS";
+  readonly IS_DIRECTORY: "IS_DIRECTORY";
+  readonly NOT_DIRECTORY: "NOT_DIRECTORY";
+  readonly NO_SPACE: "NO_SPACE";
+  readonly TOO_MANY_FILES: "TOO_MANY_FILES";
+  readonly RESOURCE_BUSY: "RESOURCE_BUSY";
+  readonly READ_ONLY: "READ_ONLY";
+  readonly NAME_TOO_LONG: "NAME_TOO_LONG";
+  readonly TOO_MANY_LINKS: "TOO_MANY_LINKS";
+  readonly FILESYSTEM_ERROR: "FILESYSTEM_ERROR";
+  readonly COMMAND_NOT_FOUND: "COMMAND_NOT_FOUND";
+  readonly COMMAND_PERMISSION_DENIED: "COMMAND_PERMISSION_DENIED";
+  readonly INVALID_COMMAND: "INVALID_COMMAND";
+  readonly COMMAND_EXECUTION_ERROR: "COMMAND_EXECUTION_ERROR";
+  readonly STREAM_START_ERROR: "STREAM_START_ERROR";
+  readonly PROCESS_NOT_FOUND: "PROCESS_NOT_FOUND";
+  readonly PROCESS_PERMISSION_DENIED: "PROCESS_PERMISSION_DENIED";
+  readonly PROCESS_ERROR: "PROCESS_ERROR";
+  readonly SESSION_ALREADY_EXISTS: "SESSION_ALREADY_EXISTS";
+  readonly PORT_ALREADY_EXPOSED: "PORT_ALREADY_EXPOSED";
+  readonly PORT_IN_USE: "PORT_IN_USE";
+  readonly PORT_NOT_EXPOSED: "PORT_NOT_EXPOSED";
+  readonly INVALID_PORT_NUMBER: "INVALID_PORT_NUMBER";
+  readonly INVALID_PORT: "INVALID_PORT";
+  readonly SERVICE_NOT_RESPONDING: "SERVICE_NOT_RESPONDING";
+  readonly PORT_OPERATION_ERROR: "PORT_OPERATION_ERROR";
+  readonly CUSTOM_DOMAIN_REQUIRED: "CUSTOM_DOMAIN_REQUIRED";
+  readonly GIT_REPOSITORY_NOT_FOUND: "GIT_REPOSITORY_NOT_FOUND";
+  readonly GIT_BRANCH_NOT_FOUND: "GIT_BRANCH_NOT_FOUND";
+  readonly GIT_AUTH_FAILED: "GIT_AUTH_FAILED";
+  readonly GIT_NETWORK_ERROR: "GIT_NETWORK_ERROR";
+  readonly INVALID_GIT_URL: "INVALID_GIT_URL";
+  readonly GIT_CLONE_FAILED: "GIT_CLONE_FAILED";
+  readonly GIT_CHECKOUT_FAILED: "GIT_CHECKOUT_FAILED";
+  readonly GIT_OPERATION_FAILED: "GIT_OPERATION_FAILED";
+  readonly BUCKET_MOUNT_ERROR: "BUCKET_MOUNT_ERROR";
+  readonly S3FS_MOUNT_ERROR: "S3FS_MOUNT_ERROR";
+  readonly MISSING_CREDENTIALS: "MISSING_CREDENTIALS";
+  readonly INVALID_MOUNT_CONFIG: "INVALID_MOUNT_CONFIG";
+  readonly INTERPRETER_NOT_READY: "INTERPRETER_NOT_READY";
+  readonly CONTEXT_NOT_FOUND: "CONTEXT_NOT_FOUND";
+  readonly CODE_EXECUTION_ERROR: "CODE_EXECUTION_ERROR";
+  readonly PYTHON_NOT_AVAILABLE: "PYTHON_NOT_AVAILABLE";
+  readonly JAVASCRIPT_NOT_AVAILABLE: "JAVASCRIPT_NOT_AVAILABLE";
+  readonly OPENCODE_STARTUP_FAILED: "OPENCODE_STARTUP_FAILED";
+  readonly PROCESS_READY_TIMEOUT: "PROCESS_READY_TIMEOUT";
+  readonly PROCESS_EXITED_BEFORE_READY: "PROCESS_EXITED_BEFORE_READY";
+  readonly VALIDATION_FAILED: "VALIDATION_FAILED";
+  readonly INVALID_JSON_RESPONSE: "INVALID_JSON_RESPONSE";
+  readonly UNKNOWN_ERROR: "UNKNOWN_ERROR";
+  readonly INTERNAL_ERROR: "INTERNAL_ERROR";
+};
+type ErrorCode = (typeof ErrorCode)[keyof typeof ErrorCode];
+//#endregion
+//#region ../shared/dist/errors/types.d.ts
+/**
+ * Standard operation types
+ */
+declare const Operation: {
+  readonly FILE_READ: "file.read";
+  readonly FILE_WRITE: "file.write";
+  readonly FILE_DELETE: "file.delete";
+  readonly FILE_MOVE: "file.move";
+  readonly FILE_RENAME: "file.rename";
+  readonly FILE_STAT: "file.stat";
+  readonly DIRECTORY_CREATE: "directory.create";
+  readonly DIRECTORY_LIST: "directory.list";
+  readonly COMMAND_EXECUTE: "command.execute";
+  readonly COMMAND_STREAM: "command.stream";
+  readonly PROCESS_START: "process.start";
+  readonly PROCESS_KILL: "process.kill";
+  readonly PROCESS_LIST: "process.list";
+  readonly PROCESS_GET: "process.get";
+  readonly PROCESS_LOGS: "process.logs";
+  readonly PORT_EXPOSE: "port.expose";
+  readonly PORT_UNEXPOSE: "port.unexpose";
+  readonly PORT_LIST: "port.list";
+  readonly PORT_PROXY: "port.proxy";
+  readonly GIT_CLONE: "git.clone";
+  readonly GIT_CHECKOUT: "git.checkout";
+  readonly GIT_OPERATION: "git.operation";
+  readonly CODE_EXECUTE: "code.execute";
+  readonly CODE_CONTEXT_CREATE: "code.context.create";
+  readonly CODE_CONTEXT_DELETE: "code.context.delete";
+};
+type OperationType = (typeof Operation)[keyof typeof Operation];
+/**
+ * Standard error response format with generic context type
+ * TContext allows type-safe access to error-specific context
+ */
+interface ErrorResponse<TContext = Record<string, unknown>> {
+  /**
+   * Error type code (machine-readable)
+   */
+  code: ErrorCode;
+  /**
+   * Human-readable error message
+   */
+  message: string;
+  /**
+   * Operation that was attempted (useful for debugging and logging)
+   */
+  operation?: OperationType;
+  /**
+   * Structured error context with relevant details
+   * Type varies based on error code
+   */
+  context: TContext;
+  /**
+   * HTTP status code (for client SDK)
+   */
+  httpStatus: number;
+  /**
+   * Timestamp when error occurred
+   */
+  timestamp: string;
+  /**
+   * Actionable suggestion for fixing the error
+   */
+  suggestion?: string;
+  /**
+   * Link to documentation
+   */
+  documentation?: string;
+}
+//#endregion
+//#region ../shared/dist/errors/contexts.d.ts
+
+/**
+ * Process readiness error contexts
+ */
+interface ProcessReadyTimeoutContext {
+  processId: string;
+  command: string;
+  condition: string;
+  timeout: number;
+}
+interface ProcessExitedBeforeReadyContext {
+  processId: string;
+  command: string;
+  condition: string;
+  exitCode: number;
+}
+/**
+ * OpenCode error contexts
+ */
+interface OpencodeStartupContext {
+  port: number;
+  stderr?: string;
+  command?: string;
+}
+//#endregion
+export { OperationType as a, ErrorResponse as i, ProcessExitedBeforeReadyContext as n, ErrorCode as o, ProcessReadyTimeoutContext as r, OpencodeStartupContext as t };
+//# sourceMappingURL=contexts-CdrlvHWK.d.ts.map

package/dist/contexts-CdrlvHWK.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"contexts-CdrlvHWK.d.ts","names":["ErrorCode","ErrorCode","Operation","OperationType","ErrorResponse","TContext","Record","ServiceError","ServiceResult","T","OperationType","FileNotFoundContext","FileExistsContext","FileSystemContext","CommandNotFoundContext","CommandErrorContext","ProcessNotFoundContext","ProcessErrorContext","SessionAlreadyExistsContext","ProcessReadyTimeoutContext","ProcessExitedBeforeReadyContext","PortAlreadyExposedContext","PortNotExposedContext","InvalidPortContext","PortErrorContext","GitRepositoryNotFoundContext","GitAuthFailedContext","GitBranchNotFoundContext","GitErrorContext","InterpreterNotReadyContext","ContextNotFoundContext","CodeExecutionContext","ValidationFailedContext","Array","BucketMountContext","MissingCredentialsContext","InvalidMountConfigContext","OpencodeStartupContext","InternalErrorContext"],"sources":["../../shared/dist/errors/codes.d.ts","../../shared/dist/errors/types.d.ts","../../shared/dist/errors/contexts.d.ts"],"sourcesContent":["/**\n * Centralized error code registry\n * Each code maps to a specific error type with consistent semantics\n */\nexport declare const ErrorCode: {\n    readonly FILE_NOT_FOUND: \"FILE_NOT_FOUND\";\n    readonly PERMISSION_DENIED: \"PERMISSION_DENIED\";\n    readonly FILE_EXISTS: \"FILE_EXISTS\";\n    readonly IS_DIRECTORY: \"IS_DIRECTORY\";\n    readonly NOT_DIRECTORY: \"NOT_DIRECTORY\";\n    readonly NO_SPACE: \"NO_SPACE\";\n    readonly TOO_MANY_FILES: \"TOO_MANY_FILES\";\n    readonly RESOURCE_BUSY: \"RESOURCE_BUSY\";\n    readonly READ_ONLY: \"READ_ONLY\";\n    readonly NAME_TOO_LONG: \"NAME_TOO_LONG\";\n    readonly TOO_MANY_LINKS: \"TOO_MANY_LINKS\";\n    readonly FILESYSTEM_ERROR: \"FILESYSTEM_ERROR\";\n    readonly COMMAND_NOT_FOUND: \"COMMAND_NOT_FOUND\";\n    readonly COMMAND_PERMISSION_DENIED: \"COMMAND_PERMISSION_DENIED\";\n    readonly INVALID_COMMAND: \"INVALID_COMMAND\";\n    readonly COMMAND_EXECUTION_ERROR: \"COMMAND_EXECUTION_ERROR\";\n    readonly STREAM_START_ERROR: \"STREAM_START_ERROR\";\n    readonly PROCESS_NOT_FOUND: \"PROCESS_NOT_FOUND\";\n    readonly PROCESS_PERMISSION_DENIED: \"PROCESS_PERMISSION_DENIED\";\n    readonly PROCESS_ERROR: \"PROCESS_ERROR\";\n    readonly SESSION_ALREADY_EXISTS: \"SESSION_ALREADY_EXISTS\";\n    readonly PORT_ALREADY_EXPOSED: \"PORT_ALREADY_EXPOSED\";\n    readonly PORT_IN_USE: \"PORT_IN_USE\";\n    readonly PORT_NOT_EXPOSED: \"PORT_NOT_EXPOSED\";\n    readonly INVALID_PORT_NUMBER: \"INVALID_PORT_NUMBER\";\n    readonly INVALID_PORT: \"INVALID_PORT\";\n    readonly SERVICE_NOT_RESPONDING: \"SERVICE_NOT_RESPONDING\";\n    readonly PORT_OPERATION_ERROR: \"PORT_OPERATION_ERROR\";\n    readonly CUSTOM_DOMAIN_REQUIRED: \"CUSTOM_DOMAIN_REQUIRED\";\n    readonly GIT_REPOSITORY_NOT_FOUND: \"GIT_REPOSITORY_NOT_FOUND\";\n    readonly GIT_BRANCH_NOT_FOUND: \"GIT_BRANCH_NOT_FOUND\";\n    readonly GIT_AUTH_FAILED: \"GIT_AUTH_FAILED\";\n    readonly GIT_NETWORK_ERROR: \"GIT_NETWORK_ERROR\";\n    readonly INVALID_GIT_URL: \"INVALID_GIT_URL\";\n    readonly GIT_CLONE_FAILED: \"GIT_CLONE_FAILED\";\n    readonly GIT_CHECKOUT_FAILED: \"GIT_CHECKOUT_FAILED\";\n    readonly GIT_OPERATION_FAILED: \"GIT_OPERATION_FAILED\";\n    readonly BUCKET_MOUNT_ERROR: \"BUCKET_MOUNT_ERROR\";\n    readonly S3FS_MOUNT_ERROR: \"S3FS_MOUNT_ERROR\";\n    readonly MISSING_CREDENTIALS: \"MISSING_CREDENTIALS\";\n    readonly INVALID_MOUNT_CONFIG: \"INVALID_MOUNT_CONFIG\";\n    readonly INTERPRETER_NOT_READY: \"INTERPRETER_NOT_READY\";\n    readonly CONTEXT_NOT_FOUND: \"CONTEXT_NOT_FOUND\";\n    readonly CODE_EXECUTION_ERROR: \"CODE_EXECUTION_ERROR\";\n    readonly PYTHON_NOT_AVAILABLE: \"PYTHON_NOT_AVAILABLE\";\n    readonly JAVASCRIPT_NOT_AVAILABLE: \"JAVASCRIPT_NOT_AVAILABLE\";\n    readonly OPENCODE_STARTUP_FAILED: \"OPENCODE_STARTUP_FAILED\";\n    readonly PROCESS_READY_TIMEOUT: \"PROCESS_READY_TIMEOUT\";\n    readonly PROCESS_EXITED_BEFORE_READY: \"PROCESS_EXITED_BEFORE_READY\";\n    readonly VALIDATION_FAILED: \"VALIDATION_FAILED\";\n    readonly INVALID_JSON_RESPONSE: \"INVALID_JSON_RESPONSE\";\n    readonly UNKNOWN_ERROR: \"UNKNOWN_ERROR\";\n    readonly INTERNAL_ERROR: \"INTERNAL_ERROR\";\n};\nexport type ErrorCode = (typeof ErrorCode)[keyof typeof ErrorCode];\n//# sourceMappingURL=codes.d.ts.map","import type { ErrorCode } from './codes';\n/**\n * Standard operation types\n */\nexport declare const Operation: {\n    readonly FILE_READ: \"file.read\";\n    readonly FILE_WRITE: \"file.write\";\n    readonly FILE_DELETE: \"file.delete\";\n    readonly FILE_MOVE: \"file.move\";\n    readonly FILE_RENAME: \"file.rename\";\n    readonly FILE_STAT: \"file.stat\";\n    readonly DIRECTORY_CREATE: \"directory.create\";\n    readonly DIRECTORY_LIST: \"directory.list\";\n    readonly COMMAND_EXECUTE: \"command.execute\";\n    readonly COMMAND_STREAM: \"command.stream\";\n    readonly PROCESS_START: \"process.start\";\n    readonly PROCESS_KILL: \"process.kill\";\n    readonly PROCESS_LIST: \"process.list\";\n    readonly PROCESS_GET: \"process.get\";\n    readonly PROCESS_LOGS: \"process.logs\";\n    readonly PORT_EXPOSE: \"port.expose\";\n    readonly PORT_UNEXPOSE: \"port.unexpose\";\n    readonly PORT_LIST: \"port.list\";\n    readonly PORT_PROXY: \"port.proxy\";\n    readonly GIT_CLONE: \"git.clone\";\n    readonly GIT_CHECKOUT: \"git.checkout\";\n    readonly GIT_OPERATION: \"git.operation\";\n    readonly CODE_EXECUTE: \"code.execute\";\n    readonly CODE_CONTEXT_CREATE: \"code.context.create\";\n    readonly CODE_CONTEXT_DELETE: \"code.context.delete\";\n};\nexport type OperationType = (typeof Operation)[keyof typeof Operation];\n/**\n * Standard error response format with generic context type\n * TContext allows type-safe access to error-specific context\n */\nexport interface ErrorResponse<TContext = Record<string, unknown>> {\n    /**\n     * Error type code (machine-readable)\n     */\n    code: ErrorCode;\n    /**\n     * Human-readable error message\n     */\n    message: string;\n    /**\n     * Operation that was attempted (useful for debugging and logging)\n     */\n    operation?: OperationType;\n    /**\n     * Structured error context with relevant details\n     * Type varies based on error code\n     */\n    context: TContext;\n    /**\n     * HTTP status code (for client SDK)\n     */\n    httpStatus: number;\n    /**\n     * Timestamp when error occurred\n     */\n    timestamp: string;\n    /**\n     * Actionable suggestion for fixing the error\n     */\n    suggestion?: string;\n    /**\n     * Link to documentation\n     */\n    documentation?: string;\n}\n/**\n * Container ServiceError (lightweight, enriched by handlers)\n */\nexport interface ServiceError {\n    message: string;\n    code: ErrorCode;\n    details?: Record<string, unknown>;\n}\n/**\n * ServiceResult type for container services\n */\nexport type ServiceResult<T> = {\n    success: true;\n    data: T;\n} | {\n    success: false;\n    error: ServiceError;\n};\n//# sourceMappingURL=types.d.ts.map","import type { OperationType } from './types';\n/**\n * File system error contexts\n */\nexport interface FileNotFoundContext {\n    path: string;\n    operation: OperationType;\n}\nexport interface FileExistsContext {\n    path: string;\n    operation: OperationType;\n}\nexport interface FileSystemContext {\n    path: string;\n    operation: OperationType;\n    stderr?: string;\n    exitCode?: number;\n}\n/**\n * Command error contexts\n */\nexport interface CommandNotFoundContext {\n    command: string;\n}\nexport interface CommandErrorContext {\n    command: string;\n    exitCode?: number;\n    stdout?: string;\n    stderr?: string;\n}\n/**\n * Process error contexts\n */\nexport interface ProcessNotFoundContext {\n    processId: string;\n}\nexport interface ProcessErrorContext {\n    processId: string;\n    pid?: number;\n    exitCode?: number;\n    stderr?: string;\n}\nexport interface SessionAlreadyExistsContext {\n    sessionId: string;\n}\n/**\n * Process readiness error contexts\n */\nexport interface ProcessReadyTimeoutContext {\n    processId: string;\n    command: string;\n    condition: string;\n    timeout: number;\n}\nexport interface ProcessExitedBeforeReadyContext {\n    processId: string;\n    command: string;\n    condition: string;\n    exitCode: number;\n}\n/**\n * Port error contexts\n */\nexport interface PortAlreadyExposedContext {\n    port: number;\n    portName?: string;\n}\nexport interface PortNotExposedContext {\n    port: number;\n}\nexport interface InvalidPortContext {\n    port: number;\n    reason: string;\n}\nexport interface PortErrorContext {\n    port: number;\n    portName?: string;\n    stderr?: string;\n}\n/**\n * Git error contexts\n */\nexport interface GitRepositoryNotFoundContext {\n    repository: string;\n}\nexport interface GitAuthFailedContext {\n    repository: string;\n}\nexport interface GitBranchNotFoundContext {\n    branch: string;\n    repository?: string;\n}\nexport interface GitErrorContext {\n    repository?: string;\n    branch?: string;\n    targetDir?: string;\n    stderr?: string;\n    exitCode?: number;\n}\n/**\n * Code interpreter error contexts\n */\nexport interface InterpreterNotReadyContext {\n    retryAfter?: number;\n    progress?: number;\n}\nexport interface ContextNotFoundContext {\n    contextId: string;\n}\nexport interface CodeExecutionContext {\n    contextId?: string;\n    ename?: string;\n    evalue?: string;\n    traceback?: string[];\n}\n/**\n * Validation error contexts\n */\nexport interface ValidationFailedContext {\n    validationErrors: Array<{\n        field: string;\n        message: string;\n        code?: string;\n    }>;\n}\n/**\n * Bucket mounting error contexts\n */\nexport interface BucketMountContext {\n    bucket: string;\n    mountPath: string;\n    endpoint: string;\n    stderr?: string;\n    exitCode?: number;\n}\nexport interface MissingCredentialsContext {\n    bucket: string;\n    endpoint: string;\n}\nexport interface InvalidMountConfigContext {\n    bucket?: string;\n    mountPath?: string;\n    endpoint?: string;\n    reason?: string;\n}\n/**\n * OpenCode error contexts\n */\nexport interface OpencodeStartupContext {\n    port: number;\n    stderr?: string;\n    command?: string;\n}\n/**\n * Generic error contexts\n */\nexport interface InternalErrorContext {\n    originalError?: string;\n    stack?: string;\n    [key: string]: unknown;\n}\n//# sourceMappingURL=contexts.d.ts.map"],"mappings":";;AAIA;AAuDA;;cAvDqBA;;ECAAE,SAAAA,iBA0BpB,EAAA,mBAAA;EACWC,SAAAA,WAAa,EAAA,aAAWD;EAKnBE,SAAAA,YAAa,EAAAC,cAAA;EAAYC,SAAAA,aAAAA,EAAAA,eAAAA;EAIhCL,SAAAA,QAAAA,EAAAA,UAAAA;EAQME,SAAAA,cAAAA,EAAAA,gBAAAA;EAKHE,SAAAA,aAAAA,EAAAA,eAAAA;EAAQ,SAAA,SAAA,EAAA,WAAA;;;;ECLJc,SAAAA,iBAAAA,EAAAA,mBAA0B;EAM1BC,SAAAA,yBAA+B,EAAA,2BAAA;EA8F/BiB,SAAAA,eAAAA,EAAsB,iBAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KFzF3BrC,SAAAA,WAAoBA,wBAAwBA;;;AAvDxD;AAuDA;;cCvDqBE;;EAAAA,SAAAA,UA0BpB,EAAA,YAAA;EACWC,SAAAA,WAAa,EAAA,aAAWD;EAKnBE,SAAAA,SAAa,EAAA,WAAAC;EAAYC,SAAAA,WAAAA,EAAAA,aAAAA;EAIhCL,SAAAA,SAAAA,EAAAA,WAAAA;EAQME,SAAAA,gBAAAA,EAAAA,kBAAAA;EAKHE,SAAAA,cAAAA,EAAAA,gBAAAA;EAAQ,SAAA,eAAA,EAAA,iBAAA;;;;ECLJc,SAAAA,YAAAA,EAAAA,cAA0B;EAM1BC,SAAAA,WAAAA,EAAAA,aAA+B;EA8F/BiB,SAAAA,YAAAA,EAAAA,cAAsB;;;;;;;;;;;;KDrH3BlC,aAAAA,WAAwBD,wBAAwBA;;;;;UAK3CE,yBAAyBE;;;;QAIhCL;;;;;;;;cAQME;;;;;WAKHE;;;;;;;;;;;;;;;;;;;;;;;;UCLIc,0BAAAA;;;;;;UAMAC,+BAAAA;;;;;;;;;UA8FAiB,sBAAAA"}

package/dist/{dist-D0sZt0AD.js → dist-2SF6oOaz.js}

@@ -615,4 +615,4 @@ function isProcessStatus(value) {
 
 //#endregion
 export { shellEscape as a, TraceContext as c, GitLogger as d, getEnvString as f, isTerminalStatus as i, Execution as l, isProcess as n, createLogger as o, isProcessStatus as r, createNoOpLogger as s, isExecResult as t, ResultImpl as u };
-//# sourceMappingURL=dist-D0sZt0AD.js.map
+//# sourceMappingURL=dist-2SF6oOaz.js.map

package/dist/{dist-D0sZt0AD.js.map → dist-2SF6oOaz.js.map}

@@ -1 +1 @@
-{"version":3,"file":"dist-D0sZt0AD.js","names":["LogLevelEnum","LogLevelEnum"],"sources":["../../shared/dist/env.js","../../shared/dist/git.js","../../shared/dist/interpreter-types.js","../../shared/dist/logger/types.js","../../shared/dist/logger/logger.js","../../shared/dist/logger/trace-context.js","../../shared/dist/logger/index.js","../../shared/dist/shell-escape.js","../../shared/dist/types.js"],"sourcesContent":["/**\n * Safely extract a string value from an environment object\n *\n * @param env - Environment object with dynamic keys\n * @param key - The environment variable key to access\n * @returns The string value if present and is a string, undefined otherwise\n */\nexport function getEnvString(env, key) {\n    const value = env?.[key];\n    return typeof value === 'string' ? value : undefined;\n}\n","/**\n * Redact credentials from URLs for secure logging\n *\n * Replaces any credentials (username:password, tokens, etc.) embedded\n * in URLs with ****** to prevent sensitive data exposure in logs.\n * Works with URLs embedded in text (e.g., \"Error: https://token@github.com/repo.git failed\")\n *\n * @param text - String that may contain URLs with credentials\n * @returns String with credentials redacted from any URLs\n */\nexport function redactCredentials(text) {\n    // Scan for http(s):// URLs and redact any credentials found\n    let result = text;\n    let pos = 0;\n    while (pos < result.length) {\n        const httpPos = result.indexOf('http://', pos);\n        const httpsPos = result.indexOf('https://', pos);\n        let protocolPos = -1;\n        let protocolLen = 0;\n        if (httpPos === -1 && httpsPos === -1)\n            break;\n        if (httpPos !== -1 && (httpsPos === -1 || httpPos < httpsPos)) {\n            protocolPos = httpPos;\n            protocolLen = 7; // 'http://'.length\n        }\n        else {\n            protocolPos = httpsPos;\n            protocolLen = 8; // 'https://'.length\n        }\n        // Look for @ after the protocol\n        const searchStart = protocolPos + protocolLen;\n        const atPos = result.indexOf('@', searchStart);\n        // Find where the URL ends (whitespace, quotes, or structural delimiters)\n        let urlEnd = searchStart;\n        while (urlEnd < result.length) {\n            const char = result[urlEnd];\n            if (/[\\s\"'`<>,;{}[\\]]/.test(char))\n                break;\n            urlEnd++;\n        }\n        if (atPos !== -1 && atPos < urlEnd) {\n            result = `${result.substring(0, searchStart)}******${result.substring(atPos)}`;\n            pos = searchStart + 6; // Move past '******'\n        }\n        else {\n            pos = protocolPos + protocolLen;\n        }\n    }\n    return result;\n}\n/**\n * Sanitize data by redacting credentials from any strings\n * Recursively processes objects and arrays to ensure credentials are never leaked\n */\nexport function sanitizeGitData(data) {\n    // Handle primitives\n    if (typeof data === 'string') {\n        return redactCredentials(data);\n    }\n    if (data === null || data === undefined) {\n        return data;\n    }\n    // Handle arrays\n    if (Array.isArray(data)) {\n        return data.map((item) => sanitizeGitData(item));\n    }\n    // Handle objects - recursively sanitize all fields\n    if (typeof data === 'object') {\n        const result = {};\n        for (const [key, value] of Object.entries(data)) {\n            result[key] = sanitizeGitData(value);\n        }\n        return result;\n    }\n    return data;\n}\n/**\n * Logger wrapper that automatically sanitizes git credentials\n */\nexport class GitLogger {\n    baseLogger;\n    constructor(baseLogger) {\n        this.baseLogger = baseLogger;\n    }\n    sanitizeContext(context) {\n        return context\n            ? sanitizeGitData(context)\n            : context;\n    }\n    sanitizeError(error) {\n        if (!error)\n            return error;\n        // Create a new error with sanitized message and stack\n        const sanitized = new Error(redactCredentials(error.message));\n        sanitized.name = error.name;\n        if (error.stack) {\n            sanitized.stack = redactCredentials(error.stack);\n        }\n        // Preserve other enumerable properties\n        const sanitizedRecord = sanitized;\n        const errorRecord = error;\n        for (const key of Object.keys(error)) {\n            if (key !== 'message' && key !== 'stack' && key !== 'name') {\n                sanitizedRecord[key] = sanitizeGitData(errorRecord[key]);\n            }\n        }\n        return sanitized;\n    }\n    debug(message, context) {\n        this.baseLogger.debug(message, this.sanitizeContext(context));\n    }\n    info(message, context) {\n        this.baseLogger.info(message, this.sanitizeContext(context));\n    }\n    warn(message, context) {\n        this.baseLogger.warn(message, this.sanitizeContext(context));\n    }\n    error(message, error, context) {\n        this.baseLogger.error(message, this.sanitizeError(error), this.sanitizeContext(context));\n    }\n    child(context) {\n        const sanitized = sanitizeGitData(context);\n        const childLogger = this.baseLogger.child(sanitized);\n        return new GitLogger(childLogger);\n    }\n}\n","// Execution Result Container\nexport class Execution {\n    code;\n    context;\n    /**\n     * All results from the execution\n     */\n    results = [];\n    /**\n     * Accumulated stdout and stderr\n     */\n    logs = {\n        stdout: [],\n        stderr: []\n    };\n    /**\n     * Execution error if any\n     */\n    error;\n    /**\n     * Execution count (for interpreter)\n     */\n    executionCount;\n    constructor(code, context) {\n        this.code = code;\n        this.context = context;\n    }\n    /**\n     * Convert to a plain object for serialization\n     */\n    toJSON() {\n        return {\n            code: this.code,\n            logs: this.logs,\n            error: this.error,\n            executionCount: this.executionCount,\n            results: this.results.map((result) => ({\n                text: result.text,\n                html: result.html,\n                png: result.png,\n                jpeg: result.jpeg,\n                svg: result.svg,\n                latex: result.latex,\n                markdown: result.markdown,\n                javascript: result.javascript,\n                json: result.json,\n                chart: result.chart,\n                data: result.data\n            }))\n        };\n    }\n}\n// Implementation of Result\nexport class ResultImpl {\n    raw;\n    constructor(raw) {\n        this.raw = raw;\n    }\n    get text() {\n        return this.raw.text || this.raw.data?.['text/plain'];\n    }\n    get html() {\n        return this.raw.html || this.raw.data?.['text/html'];\n    }\n    get png() {\n        return this.raw.png || this.raw.data?.['image/png'];\n    }\n    get jpeg() {\n        return this.raw.jpeg || this.raw.data?.['image/jpeg'];\n    }\n    get svg() {\n        return this.raw.svg || this.raw.data?.['image/svg+xml'];\n    }\n    get latex() {\n        return this.raw.latex || this.raw.data?.['text/latex'];\n    }\n    get markdown() {\n        return this.raw.markdown || this.raw.data?.['text/markdown'];\n    }\n    get javascript() {\n        return this.raw.javascript || this.raw.data?.['application/javascript'];\n    }\n    get json() {\n        return this.raw.json || this.raw.data?.['application/json'];\n    }\n    get chart() {\n        return this.raw.chart;\n    }\n    get data() {\n        return this.raw.data;\n    }\n    formats() {\n        const formats = [];\n        if (this.text)\n            formats.push('text');\n        if (this.html)\n            formats.push('html');\n        if (this.png)\n            formats.push('png');\n        if (this.jpeg)\n            formats.push('jpeg');\n        if (this.svg)\n            formats.push('svg');\n        if (this.latex)\n            formats.push('latex');\n        if (this.markdown)\n            formats.push('markdown');\n        if (this.javascript)\n            formats.push('javascript');\n        if (this.json)\n            formats.push('json');\n        if (this.chart)\n            formats.push('chart');\n        return formats;\n    }\n}\n","/**\n * Logger types for Cloudflare Sandbox SDK\n *\n * Provides structured, trace-aware logging across Worker, Durable Object, and Container.\n */\n/**\n * Log levels (from most to least verbose)\n */\nexport var LogLevel;\n(function (LogLevel) {\n    LogLevel[LogLevel[\"DEBUG\"] = 0] = \"DEBUG\";\n    LogLevel[LogLevel[\"INFO\"] = 1] = \"INFO\";\n    LogLevel[LogLevel[\"WARN\"] = 2] = \"WARN\";\n    LogLevel[LogLevel[\"ERROR\"] = 3] = \"ERROR\";\n})(LogLevel || (LogLevel = {}));\n","/**\n * Logger implementation\n */\nimport { LogLevel as LogLevelEnum } from './types.js';\n/**\n * ANSI color codes for terminal output\n */\nconst COLORS = {\n    reset: '\\x1b[0m',\n    debug: '\\x1b[36m', // Cyan\n    info: '\\x1b[32m', // Green\n    warn: '\\x1b[33m', // Yellow\n    error: '\\x1b[31m', // Red\n    dim: '\\x1b[2m' // Dim\n};\n/**\n * CloudflareLogger implements structured logging with support for\n * both JSON output (production) and pretty printing (development).\n */\nexport class CloudflareLogger {\n    baseContext;\n    minLevel;\n    pretty;\n    /**\n     * Create a new CloudflareLogger\n     *\n     * @param baseContext Base context included in all log entries\n     * @param minLevel Minimum log level to output (default: INFO)\n     * @param pretty Enable pretty printing for human-readable output (default: false)\n     */\n    constructor(baseContext, minLevel = LogLevelEnum.INFO, pretty = false) {\n        this.baseContext = baseContext;\n        this.minLevel = minLevel;\n        this.pretty = pretty;\n    }\n    /**\n     * Log debug-level message\n     */\n    debug(message, context) {\n        if (this.shouldLog(LogLevelEnum.DEBUG)) {\n            const logData = this.buildLogData('debug', message, context);\n            this.output(console.log, logData);\n        }\n    }\n    /**\n     * Log info-level message\n     */\n    info(message, context) {\n        if (this.shouldLog(LogLevelEnum.INFO)) {\n            const logData = this.buildLogData('info', message, context);\n            this.output(console.log, logData);\n        }\n    }\n    /**\n     * Log warning-level message\n     */\n    warn(message, context) {\n        if (this.shouldLog(LogLevelEnum.WARN)) {\n            const logData = this.buildLogData('warn', message, context);\n            this.output(console.warn, logData);\n        }\n    }\n    /**\n     * Log error-level message\n     */\n    error(message, error, context) {\n        if (this.shouldLog(LogLevelEnum.ERROR)) {\n            const logData = this.buildLogData('error', message, context, error);\n            this.output(console.error, logData);\n        }\n    }\n    /**\n     * Create a child logger with additional context\n     */\n    child(context) {\n        return new CloudflareLogger({ ...this.baseContext, ...context }, this.minLevel, this.pretty);\n    }\n    /**\n     * Check if a log level should be output\n     */\n    shouldLog(level) {\n        return level >= this.minLevel;\n    }\n    /**\n     * Build log data object\n     */\n    buildLogData(level, message, context, error) {\n        const logData = {\n            level,\n            msg: message,\n            ...this.baseContext,\n            ...context,\n            timestamp: new Date().toISOString()\n        };\n        // Add error details if provided\n        if (error) {\n            logData.error = {\n                message: error.message,\n                stack: error.stack,\n                name: error.name\n            };\n        }\n        return logData;\n    }\n    /**\n     * Output log data to console (pretty or JSON)\n     */\n    output(consoleFn, data) {\n        if (this.pretty) {\n            this.outputPretty(consoleFn, data);\n        }\n        else {\n            this.outputJson(consoleFn, data);\n        }\n    }\n    /**\n     * Output as JSON (production)\n     */\n    outputJson(consoleFn, data) {\n        consoleFn(JSON.stringify(data));\n    }\n    /**\n     * Output as pretty-printed, colored text (development)\n     *\n     * Format: LEVEL [component] message (trace: tr_...) {context}\n     * Example: INFO [sandbox-do] Command started (trace: tr_7f3a9b2c) {commandId: \"cmd-123\"}\n     */\n    outputPretty(consoleFn, data) {\n        const { level, msg, timestamp, traceId, component, sandboxId, sessionId, processId, commandId, operation, duration, error, ...rest } = data;\n        // Build the main log line\n        const levelStr = String(level || 'INFO').toUpperCase();\n        const levelColor = this.getLevelColor(levelStr);\n        const componentBadge = component ? `[${component}]` : '';\n        const traceIdShort = traceId ? String(traceId).substring(0, 12) : '';\n        // Start with level and component\n        let logLine = `${levelColor}${levelStr.padEnd(5)}${COLORS.reset} ${componentBadge} ${msg}`;\n        // Add trace ID if present\n        if (traceIdShort) {\n            logLine += ` ${COLORS.dim}(trace: ${traceIdShort})${COLORS.reset}`;\n        }\n        // Collect important context fields\n        const contextFields = [];\n        if (operation)\n            contextFields.push(`operation: ${operation}`);\n        if (commandId)\n            contextFields.push(`commandId: ${String(commandId).substring(0, 12)}`);\n        if (sandboxId)\n            contextFields.push(`sandboxId: ${sandboxId}`);\n        if (sessionId)\n            contextFields.push(`sessionId: ${String(sessionId).substring(0, 12)}`);\n        if (processId)\n            contextFields.push(`processId: ${processId}`);\n        if (duration !== undefined)\n            contextFields.push(`duration: ${duration}ms`);\n        // Add important context inline\n        if (contextFields.length > 0) {\n            logLine += ` ${COLORS.dim}{${contextFields.join(', ')}}${COLORS.reset}`;\n        }\n        // Output main log line\n        consoleFn(logLine);\n        // Output error details on separate lines if present\n        if (error && typeof error === 'object') {\n            const errorObj = error;\n            if (errorObj.message) {\n                consoleFn(`  ${COLORS.error}Error: ${errorObj.message}${COLORS.reset}`);\n            }\n            if (errorObj.stack) {\n                consoleFn(`  ${COLORS.dim}${errorObj.stack}${COLORS.reset}`);\n            }\n        }\n        // Output additional context if present\n        if (Object.keys(rest).length > 0) {\n            consoleFn(`  ${COLORS.dim}${JSON.stringify(rest, null, 2)}${COLORS.reset}`);\n        }\n    }\n    /**\n     * Get ANSI color code for log level\n     */\n    getLevelColor(level) {\n        const levelLower = level.toLowerCase();\n        switch (levelLower) {\n            case 'debug':\n                return COLORS.debug;\n            case 'info':\n                return COLORS.info;\n            case 'warn':\n                return COLORS.warn;\n            case 'error':\n                return COLORS.error;\n            default:\n                return COLORS.reset;\n        }\n    }\n}\n","/**\n * Trace context utilities for request correlation\n *\n * Trace IDs enable correlating logs across distributed components:\n * Worker → Durable Object → Container → back\n *\n * The trace ID is propagated via the X-Trace-Id HTTP header.\n */\n/**\n * Utility for managing trace context across distributed components\n */\n// biome-ignore lint/complexity/noStaticOnlyClass: Keep as class for namespace grouping and discoverability\nexport class TraceContext {\n    /**\n     * HTTP header name for trace ID propagation\n     */\n    static TRACE_HEADER = 'X-Trace-Id';\n    /**\n     * Generate a new trace ID\n     *\n     * Format: \"tr_\" + 16 random hex characters\n     * Example: \"tr_7f3a9b2c4e5d6f1a\"\n     *\n     * @returns Newly generated trace ID\n     */\n    static generate() {\n        // Use crypto.randomUUID() for randomness, extract 16 hex chars\n        const randomHex = crypto.randomUUID().replace(/-/g, '').substring(0, 16);\n        return `tr_${randomHex}`;\n    }\n    /**\n     * Extract trace ID from HTTP request headers\n     *\n     * @param headers Request headers\n     * @returns Trace ID if present, null otherwise\n     */\n    static fromHeaders(headers) {\n        return headers.get(TraceContext.TRACE_HEADER);\n    }\n    /**\n     * Create headers object with trace ID for outgoing requests\n     *\n     * @param traceId Trace ID to include\n     * @returns Headers object with X-Trace-Id set\n     */\n    static toHeaders(traceId) {\n        return { [TraceContext.TRACE_HEADER]: traceId };\n    }\n    /**\n     * Get the header name used for trace ID propagation\n     *\n     * @returns Header name (\"X-Trace-Id\")\n     */\n    static getHeaderName() {\n        return TraceContext.TRACE_HEADER;\n    }\n}\n","/**\n * Logger module\n *\n * Provides structured, trace-aware logging with:\n * - Explicit logger passing via constructor injection\n * - Pretty printing for local development\n * - JSON output for production\n * - Environment auto-detection\n * - Log level configuration\n *\n * Usage:\n *\n * ```typescript\n * // Create a logger at entry point\n * const logger = createLogger({ component: 'sandbox-do', traceId: 'tr_abc123' });\n *\n * // Pass to classes via constructor\n * const service = new MyService(logger);\n *\n * // Create child loggers for additional context\n * const execLogger = logger.child({ operation: 'exec', commandId: 'cmd-456' });\n * execLogger.info('Operation started');\n * ```\n */\nimport { CloudflareLogger } from './logger.js';\nimport { TraceContext } from './trace-context.js';\nimport { LogLevel as LogLevelEnum } from './types.js';\nexport { CloudflareLogger } from './logger.js';\nexport { TraceContext } from './trace-context.js';\nexport { LogLevel as LogLevelEnum } from './types.js';\n/**\n * Create a no-op logger for testing\n *\n * Returns a logger that implements the Logger interface but does nothing.\n * Useful for tests that don't need actual logging output.\n *\n * @returns No-op logger instance\n *\n * @example\n * ```typescript\n * // In tests\n * const client = new HttpClient({\n *   baseUrl: 'http://test.com',\n *   logger: createNoOpLogger() // Optional - tests can enable real logging if needed\n * });\n * ```\n */\nexport function createNoOpLogger() {\n    return {\n        debug: () => { },\n        info: () => { },\n        warn: () => { },\n        error: () => { },\n        child: () => createNoOpLogger()\n    };\n}\n/**\n * Create a new logger instance\n *\n * @param context Base context for the logger. Must include 'component'.\n *                TraceId will be auto-generated if not provided.\n * @returns New logger instance\n *\n * @example\n * ```typescript\n * // In Durable Object\n * const logger = createLogger({\n *   component: 'sandbox-do',\n *   traceId: TraceContext.fromHeaders(request.headers) || TraceContext.generate(),\n *   sandboxId: this.id\n * });\n *\n * // In Container\n * const logger = createLogger({\n *   component: 'container',\n *   traceId: TraceContext.fromHeaders(request.headers)!,\n *   sessionId: this.id\n * });\n * ```\n */\nexport function createLogger(context) {\n    const minLevel = getLogLevelFromEnv();\n    const pretty = isPrettyPrintEnabled();\n    const baseContext = {\n        ...context,\n        traceId: context.traceId || TraceContext.generate(),\n        component: context.component\n    };\n    return new CloudflareLogger(baseContext, minLevel, pretty);\n}\n/**\n * Get log level from environment variable\n *\n * Checks SANDBOX_LOG_LEVEL env var, falls back to default based on environment.\n * Default: 'debug' for development, 'info' for production\n */\nfunction getLogLevelFromEnv() {\n    const envLevel = getEnvVar('SANDBOX_LOG_LEVEL') || 'info';\n    switch (envLevel.toLowerCase()) {\n        case 'debug':\n            return LogLevelEnum.DEBUG;\n        case 'info':\n            return LogLevelEnum.INFO;\n        case 'warn':\n            return LogLevelEnum.WARN;\n        case 'error':\n            return LogLevelEnum.ERROR;\n        default:\n            // Invalid level, fall back to info\n            return LogLevelEnum.INFO;\n    }\n}\n/**\n * Check if pretty printing should be enabled\n *\n * Checks SANDBOX_LOG_FORMAT env var, falls back to auto-detection:\n * - Local development: pretty (colored, human-readable)\n * - Production: json (structured)\n */\nfunction isPrettyPrintEnabled() {\n    // Check explicit SANDBOX_LOG_FORMAT env var\n    const format = getEnvVar('SANDBOX_LOG_FORMAT');\n    if (format) {\n        return format.toLowerCase() === 'pretty';\n    }\n    return false;\n}\n/**\n * Get environment variable value\n *\n * Supports both Node.js (process.env) and Bun (Bun.env)\n */\nfunction getEnvVar(name) {\n    // Try process.env first (Node.js / Bun)\n    if (typeof process !== 'undefined' && process.env) {\n        return process.env[name];\n    }\n    // Try Bun.env (Bun runtime)\n    if (typeof Bun !== 'undefined') {\n        const bunEnv = Bun.env;\n        if (bunEnv) {\n            return bunEnv[name];\n        }\n    }\n    return undefined;\n}\n","/**\n * Escapes a string for safe use in shell commands using POSIX single-quote escaping.\n * Prevents command injection by wrapping the string in single quotes and escaping\n * any single quotes within the string.\n */\nexport function shellEscape(str) {\n    return `'${str.replace(/'/g, \"'\\\\''\")}'`;\n}\n","/**\n * Check if a process status indicates the process has terminated\n */\nexport function isTerminalStatus(status) {\n    return (status === 'completed' ||\n        status === 'failed' ||\n        status === 'killed' ||\n        status === 'error');\n}\n// Type guards for runtime validation\nexport function isExecResult(value) {\n    return (value &&\n        typeof value.success === 'boolean' &&\n        typeof value.exitCode === 'number' &&\n        typeof value.stdout === 'string' &&\n        typeof value.stderr === 'string');\n}\nexport function isProcess(value) {\n    return (value &&\n        typeof value.id === 'string' &&\n        typeof value.command === 'string' &&\n        typeof value.status === 'string');\n}\nexport function isProcessStatus(value) {\n    return [\n        'starting',\n        'running',\n        'completed',\n        'failed',\n        'killed',\n        'error'\n    ].includes(value);\n}\n// Re-export interpreter types for convenience\nexport { Execution, ResultImpl } from './interpreter-types';\n"],"mappings":";;;;;;;;AAOA,SAAgB,aAAa,KAAK,KAAK;CACnC,MAAM,QAAQ,MAAM;AACpB,QAAO,OAAO,UAAU,WAAW,QAAQ;;;;;;;;;;;;;;;ACC/C,SAAgB,kBAAkB,MAAM;CAEpC,IAAI,SAAS;CACb,IAAI,MAAM;AACV,QAAO,MAAM,OAAO,QAAQ;EACxB,MAAM,UAAU,OAAO,QAAQ,WAAW,IAAI;EAC9C,MAAM,WAAW,OAAO,QAAQ,YAAY,IAAI;EAChD,IAAI,cAAc;EAClB,IAAI,cAAc;AAClB,MAAI,YAAY,MAAM,aAAa,GAC/B;AACJ,MAAI,YAAY,OAAO,aAAa,MAAM,UAAU,WAAW;AAC3D,iBAAc;AACd,iBAAc;SAEb;AACD,iBAAc;AACd,iBAAc;;EAGlB,MAAM,cAAc,cAAc;EAClC,MAAM,QAAQ,OAAO,QAAQ,KAAK,YAAY;EAE9C,IAAI,SAAS;AACb,SAAO,SAAS,OAAO,QAAQ;GAC3B,MAAM,OAAO,OAAO;AACpB,OAAI,mBAAmB,KAAK,KAAK,CAC7B;AACJ;;AAEJ,MAAI,UAAU,MAAM,QAAQ,QAAQ;AAChC,YAAS,GAAG,OAAO,UAAU,GAAG,YAAY,CAAC,QAAQ,OAAO,UAAU,MAAM;AAC5E,SAAM,cAAc;QAGpB,OAAM,cAAc;;AAG5B,QAAO;;;;;;AAMX,SAAgB,gBAAgB,MAAM;AAElC,KAAI,OAAO,SAAS,SAChB,QAAO,kBAAkB,KAAK;AAElC,KAAI,SAAS,QAAQ,SAAS,OAC1B,QAAO;AAGX,KAAI,MAAM,QAAQ,KAAK,CACnB,QAAO,KAAK,KAAK,SAAS,gBAAgB,KAAK,CAAC;AAGpD,KAAI,OAAO,SAAS,UAAU;EAC1B,MAAM,SAAS,EAAE;AACjB,OAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,KAAK,CAC3C,QAAO,OAAO,gBAAgB,MAAM;AAExC,SAAO;;AAEX,QAAO;;;;;AAKX,IAAa,YAAb,MAAa,UAAU;CACnB;CACA,YAAY,YAAY;AACpB,OAAK,aAAa;;CAEtB,gBAAgB,SAAS;AACrB,SAAO,UACD,gBAAgB,QAAQ,GACxB;;CAEV,cAAc,OAAO;AACjB,MAAI,CAAC,MACD,QAAO;EAEX,MAAM,YAAY,IAAI,MAAM,kBAAkB,MAAM,QAAQ,CAAC;AAC7D,YAAU,OAAO,MAAM;AACvB,MAAI,MAAM,MACN,WAAU,QAAQ,kBAAkB,MAAM,MAAM;EAGpD,MAAM,kBAAkB;EACxB,MAAM,cAAc;AACpB,OAAK,MAAM,OAAO,OAAO,KAAK,MAAM,CAChC,KAAI,QAAQ,aAAa,QAAQ,WAAW,QAAQ,OAChD,iBAAgB,OAAO,gBAAgB,YAAY,KAAK;AAGhE,SAAO;;CAEX,MAAM,SAAS,SAAS;AACpB,OAAK,WAAW,MAAM,SAAS,KAAK,gBAAgB,QAAQ,CAAC;;CAEjE,KAAK,SAAS,SAAS;AACnB,OAAK,WAAW,KAAK,SAAS,KAAK,gBAAgB,QAAQ,CAAC;;CAEhE,KAAK,SAAS,SAAS;AACnB,OAAK,WAAW,KAAK,SAAS,KAAK,gBAAgB,QAAQ,CAAC;;CAEhE,MAAM,SAAS,OAAO,SAAS;AAC3B,OAAK,WAAW,MAAM,SAAS,KAAK,cAAc,MAAM,EAAE,KAAK,gBAAgB,QAAQ,CAAC;;CAE5F,MAAM,SAAS;EACX,MAAM,YAAY,gBAAgB,QAAQ;AAE1C,SAAO,IAAI,UADS,KAAK,WAAW,MAAM,UAAU,CACnB;;;;;;AC1HzC,IAAa,YAAb,MAAuB;CACnB;CACA;;;;CAIA,UAAU,EAAE;;;;CAIZ,OAAO;EACH,QAAQ,EAAE;EACV,QAAQ,EAAE;EACb;;;;CAID;;;;CAIA;CACA,YAAY,MAAM,SAAS;AACvB,OAAK,OAAO;AACZ,OAAK,UAAU;;;;;CAKnB,SAAS;AACL,SAAO;GACH,MAAM,KAAK;GACX,MAAM,KAAK;GACX,OAAO,KAAK;GACZ,gBAAgB,KAAK;GACrB,SAAS,KAAK,QAAQ,KAAK,YAAY;IACnC,MAAM,OAAO;IACb,MAAM,OAAO;IACb,KAAK,OAAO;IACZ,MAAM,OAAO;IACb,KAAK,OAAO;IACZ,OAAO,OAAO;IACd,UAAU,OAAO;IACjB,YAAY,OAAO;IACnB,MAAM,OAAO;IACb,OAAO,OAAO;IACd,MAAM,OAAO;IAChB,EAAE;GACN;;;AAIT,IAAa,aAAb,MAAwB;CACpB;CACA,YAAY,KAAK;AACb,OAAK,MAAM;;CAEf,IAAI,OAAO;AACP,SAAO,KAAK,IAAI,QAAQ,KAAK,IAAI,OAAO;;CAE5C,IAAI,OAAO;AACP,SAAO,KAAK,IAAI,QAAQ,KAAK,IAAI,OAAO;;CAE5C,IAAI,MAAM;AACN,SAAO,KAAK,IAAI,OAAO,KAAK,IAAI,OAAO;;CAE3C,IAAI,OAAO;AACP,SAAO,KAAK,IAAI,QAAQ,KAAK,IAAI,OAAO;;CAE5C,IAAI,MAAM;AACN,SAAO,KAAK,IAAI,OAAO,KAAK,IAAI,OAAO;;CAE3C,IAAI,QAAQ;AACR,SAAO,KAAK,IAAI,SAAS,KAAK,IAAI,OAAO;;CAE7C,IAAI,WAAW;AACX,SAAO,KAAK,IAAI,YAAY,KAAK,IAAI,OAAO;;CAEhD,IAAI,aAAa;AACb,SAAO,KAAK,IAAI,cAAc,KAAK,IAAI,OAAO;;CAElD,IAAI,OAAO;AACP,SAAO,KAAK,IAAI,QAAQ,KAAK,IAAI,OAAO;;CAE5C,IAAI,QAAQ;AACR,SAAO,KAAK,IAAI;;CAEpB,IAAI,OAAO;AACP,SAAO,KAAK,IAAI;;CAEpB,UAAU;EACN,MAAM,UAAU,EAAE;AAClB,MAAI,KAAK,KACL,SAAQ,KAAK,OAAO;AACxB,MAAI,KAAK,KACL,SAAQ,KAAK,OAAO;AACxB,MAAI,KAAK,IACL,SAAQ,KAAK,MAAM;AACvB,MAAI,KAAK,KACL,SAAQ,KAAK,OAAO;AACxB,MAAI,KAAK,IACL,SAAQ,KAAK,MAAM;AACvB,MAAI,KAAK,MACL,SAAQ,KAAK,QAAQ;AACzB,MAAI,KAAK,SACL,SAAQ,KAAK,WAAW;AAC5B,MAAI,KAAK,WACL,SAAQ,KAAK,aAAa;AAC9B,MAAI,KAAK,KACL,SAAQ,KAAK,OAAO;AACxB,MAAI,KAAK,MACL,SAAQ,KAAK,QAAQ;AACzB,SAAO;;;;;;;;;;;;;;ACzGf,IAAW;CACV,SAAU,YAAU;AACjB,YAAS,WAAS,WAAW,KAAK;AAClC,YAAS,WAAS,UAAU,KAAK;AACjC,YAAS,WAAS,UAAU,KAAK;AACjC,YAAS,WAAS,WAAW,KAAK;GACnC,aAAa,WAAW,EAAE,EAAE;;;;;;;;;;ACP/B,MAAM,SAAS;CACX,OAAO;CACP,OAAO;CACP,MAAM;CACN,MAAM;CACN,OAAO;CACP,KAAK;CACR;;;;;AAKD,IAAa,mBAAb,MAAa,iBAAiB;CAC1B;CACA;CACA;;;;;;;;CAQA,YAAY,aAAa,WAAWA,SAAa,MAAM,SAAS,OAAO;AACnE,OAAK,cAAc;AACnB,OAAK,WAAW;AAChB,OAAK,SAAS;;;;;CAKlB,MAAM,SAAS,SAAS;AACpB,MAAI,KAAK,UAAUA,SAAa,MAAM,EAAE;GACpC,MAAM,UAAU,KAAK,aAAa,SAAS,SAAS,QAAQ;AAC5D,QAAK,OAAO,QAAQ,KAAK,QAAQ;;;;;;CAMzC,KAAK,SAAS,SAAS;AACnB,MAAI,KAAK,UAAUA,SAAa,KAAK,EAAE;GACnC,MAAM,UAAU,KAAK,aAAa,QAAQ,SAAS,QAAQ;AAC3D,QAAK,OAAO,QAAQ,KAAK,QAAQ;;;;;;CAMzC,KAAK,SAAS,SAAS;AACnB,MAAI,KAAK,UAAUA,SAAa,KAAK,EAAE;GACnC,MAAM,UAAU,KAAK,aAAa,QAAQ,SAAS,QAAQ;AAC3D,QAAK,OAAO,QAAQ,MAAM,QAAQ;;;;;;CAM1C,MAAM,SAAS,OAAO,SAAS;AAC3B,MAAI,KAAK,UAAUA,SAAa,MAAM,EAAE;GACpC,MAAM,UAAU,KAAK,aAAa,SAAS,SAAS,SAAS,MAAM;AACnE,QAAK,OAAO,QAAQ,OAAO,QAAQ;;;;;;CAM3C,MAAM,SAAS;AACX,SAAO,IAAI,iBAAiB;GAAE,GAAG,KAAK;GAAa,GAAG;GAAS,EAAE,KAAK,UAAU,KAAK,OAAO;;;;;CAKhG,UAAU,OAAO;AACb,SAAO,SAAS,KAAK;;;;;CAKzB,aAAa,OAAO,SAAS,SAAS,OAAO;EACzC,MAAM,UAAU;GACZ;GACA,KAAK;GACL,GAAG,KAAK;GACR,GAAG;GACH,4BAAW,IAAI,MAAM,EAAC,aAAa;GACtC;AAED,MAAI,MACA,SAAQ,QAAQ;GACZ,SAAS,MAAM;GACf,OAAO,MAAM;GACb,MAAM,MAAM;GACf;AAEL,SAAO;;;;;CAKX,OAAO,WAAW,MAAM;AACpB,MAAI,KAAK,OACL,MAAK,aAAa,WAAW,KAAK;MAGlC,MAAK,WAAW,WAAW,KAAK;;;;;CAMxC,WAAW,WAAW,MAAM;AACxB,YAAU,KAAK,UAAU,KAAK,CAAC;;;;;;;;CAQnC,aAAa,WAAW,MAAM;EAC1B,MAAM,EAAE,OAAO,KAAK,WAAW,SAAS,WAAW,WAAW,WAAW,WAAW,WAAW,WAAW,UAAU,OAAO,GAAG,SAAS;EAEvI,MAAM,WAAW,OAAO,SAAS,OAAO,CAAC,aAAa;EACtD,MAAM,aAAa,KAAK,cAAc,SAAS;EAC/C,MAAM,iBAAiB,YAAY,IAAI,UAAU,KAAK;EACtD,MAAM,eAAe,UAAU,OAAO,QAAQ,CAAC,UAAU,GAAG,GAAG,GAAG;EAElE,IAAI,UAAU,GAAG,aAAa,SAAS,OAAO,EAAE,GAAG,OAAO,MAAM,GAAG,eAAe,GAAG;AAErF,MAAI,aACA,YAAW,IAAI,OAAO,IAAI,UAAU,aAAa,GAAG,OAAO;EAG/D,MAAM,gBAAgB,EAAE;AACxB,MAAI,UACA,eAAc,KAAK,cAAc,YAAY;AACjD,MAAI,UACA,eAAc,KAAK,cAAc,OAAO,UAAU,CAAC,UAAU,GAAG,GAAG,GAAG;AAC1E,MAAI,UACA,eAAc,KAAK,cAAc,YAAY;AACjD,MAAI,UACA,eAAc,KAAK,cAAc,OAAO,UAAU,CAAC,UAAU,GAAG,GAAG,GAAG;AAC1E,MAAI,UACA,eAAc,KAAK,cAAc,YAAY;AACjD,MAAI,aAAa,OACb,eAAc,KAAK,aAAa,SAAS,IAAI;AAEjD,MAAI,cAAc,SAAS,EACvB,YAAW,IAAI,OAAO,IAAI,GAAG,cAAc,KAAK,KAAK,CAAC,GAAG,OAAO;AAGpE,YAAU,QAAQ;AAElB,MAAI,SAAS,OAAO,UAAU,UAAU;GACpC,MAAM,WAAW;AACjB,OAAI,SAAS,QACT,WAAU,KAAK,OAAO,MAAM,SAAS,SAAS,UAAU,OAAO,QAAQ;AAE3E,OAAI,SAAS,MACT,WAAU,KAAK,OAAO,MAAM,SAAS,QAAQ,OAAO,QAAQ;;AAIpE,MAAI,OAAO,KAAK,KAAK,CAAC,SAAS,EAC3B,WAAU,KAAK,OAAO,MAAM,KAAK,UAAU,MAAM,MAAM,EAAE,GAAG,OAAO,QAAQ;;;;;CAMnF,cAAc,OAAO;AAEjB,UADmB,MAAM,aAAa,EACtC;GACI,KAAK,QACD,QAAO,OAAO;GAClB,KAAK,OACD,QAAO,OAAO;GAClB,KAAK,OACD,QAAO,OAAO;GAClB,KAAK,QACD,QAAO,OAAO;GAClB,QACI,QAAO,OAAO;;;;;;;;;;;;;;;;;;AClL9B,IAAa,eAAb,MAAa,aAAa;;;;CAItB,OAAO,eAAe;;;;;;;;;CAStB,OAAO,WAAW;AAGd,SAAO,MADW,OAAO,YAAY,CAAC,QAAQ,MAAM,GAAG,CAAC,UAAU,GAAG,GAAG;;;;;;;;CAS5E,OAAO,YAAY,SAAS;AACxB,SAAO,QAAQ,IAAI,aAAa,aAAa;;;;;;;;CAQjD,OAAO,UAAU,SAAS;AACtB,SAAO,GAAG,aAAa,eAAe,SAAS;;;;;;;CAOnD,OAAO,gBAAgB;AACnB,SAAO,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACP5B,SAAgB,mBAAmB;AAC/B,QAAO;EACH,aAAa;EACb,YAAY;EACZ,YAAY;EACZ,aAAa;EACb,aAAa,kBAAkB;EAClC;;;;;;;;;;;;;;;;;;;;;;;;;;AA0BL,SAAgB,aAAa,SAAS;CAClC,MAAM,WAAW,oBAAoB;CACrC,MAAM,SAAS,sBAAsB;AAMrC,QAAO,IAAI,iBALS;EAChB,GAAG;EACH,SAAS,QAAQ,WAAW,aAAa,UAAU;EACnD,WAAW,QAAQ;EACtB,EACwC,UAAU,OAAO;;;;;;;;AAQ9D,SAAS,qBAAqB;AAE1B,UADiB,UAAU,oBAAoB,IAAI,QAClC,aAAa,EAA9B;EACI,KAAK,QACD,QAAOC,SAAa;EACxB,KAAK,OACD,QAAOA,SAAa;EACxB,KAAK,OACD,QAAOA,SAAa;EACxB,KAAK,QACD,QAAOA,SAAa;EACxB,QAEI,QAAOA,SAAa;;;;;;;;;;AAUhC,SAAS,uBAAuB;CAE5B,MAAM,SAAS,UAAU,qBAAqB;AAC9C,KAAI,OACA,QAAO,OAAO,aAAa,KAAK;AAEpC,QAAO;;;;;;;AAOX,SAAS,UAAU,MAAM;AAErB,KAAI,OAAO,YAAY,eAAe,QAAQ,IAC1C,QAAO,QAAQ,IAAI;AAGvB,KAAI,OAAO,QAAQ,aAAa;EAC5B,MAAM,SAAS,IAAI;AACnB,MAAI,OACA,QAAO,OAAO;;;;;;;;;;;ACxI1B,SAAgB,YAAY,KAAK;AAC7B,QAAO,IAAI,IAAI,QAAQ,MAAM,QAAQ,CAAC;;;;;;;;ACH1C,SAAgB,iBAAiB,QAAQ;AACrC,QAAQ,WAAW,eACf,WAAW,YACX,WAAW,YACX,WAAW;;AAGnB,SAAgB,aAAa,OAAO;AAChC,QAAQ,SACJ,OAAO,MAAM,YAAY,aACzB,OAAO,MAAM,aAAa,YAC1B,OAAO,MAAM,WAAW,YACxB,OAAO,MAAM,WAAW;;AAEhC,SAAgB,UAAU,OAAO;AAC7B,QAAQ,SACJ,OAAO,MAAM,OAAO,YACpB,OAAO,MAAM,YAAY,YACzB,OAAO,MAAM,WAAW;;AAEhC,SAAgB,gBAAgB,OAAO;AACnC,QAAO;EACH;EACA;EACA;EACA;EACA;EACA;EACH,CAAC,SAAS,MAAM"}
+{"version":3,"file":"dist-2SF6oOaz.js","names":["LogLevelEnum","LogLevelEnum"],"sources":["../../shared/dist/env.js","../../shared/dist/git.js","../../shared/dist/interpreter-types.js","../../shared/dist/logger/types.js","../../shared/dist/logger/logger.js","../../shared/dist/logger/trace-context.js","../../shared/dist/logger/index.js","../../shared/dist/shell-escape.js","../../shared/dist/types.js"],"sourcesContent":["/**\n * Safely extract a string value from an environment object\n *\n * @param env - Environment object with dynamic keys\n * @param key - The environment variable key to access\n * @returns The string value if present and is a string, undefined otherwise\n */\nexport function getEnvString(env, key) {\n    const value = env?.[key];\n    return typeof value === 'string' ? value : undefined;\n}\n","/**\n * Redact credentials from URLs for secure logging\n *\n * Replaces any credentials (username:password, tokens, etc.) embedded\n * in URLs with ****** to prevent sensitive data exposure in logs.\n * Works with URLs embedded in text (e.g., \"Error: https://token@github.com/repo.git failed\")\n *\n * @param text - String that may contain URLs with credentials\n * @returns String with credentials redacted from any URLs\n */\nexport function redactCredentials(text) {\n    // Scan for http(s):// URLs and redact any credentials found\n    let result = text;\n    let pos = 0;\n    while (pos < result.length) {\n        const httpPos = result.indexOf('http://', pos);\n        const httpsPos = result.indexOf('https://', pos);\n        let protocolPos = -1;\n        let protocolLen = 0;\n        if (httpPos === -1 && httpsPos === -1)\n            break;\n        if (httpPos !== -1 && (httpsPos === -1 || httpPos < httpsPos)) {\n            protocolPos = httpPos;\n            protocolLen = 7; // 'http://'.length\n        }\n        else {\n            protocolPos = httpsPos;\n            protocolLen = 8; // 'https://'.length\n        }\n        // Look for @ after the protocol\n        const searchStart = protocolPos + protocolLen;\n        const atPos = result.indexOf('@', searchStart);\n        // Find where the URL ends (whitespace, quotes, or structural delimiters)\n        let urlEnd = searchStart;\n        while (urlEnd < result.length) {\n            const char = result[urlEnd];\n            if (/[\\s\"'`<>,;{}[\\]]/.test(char))\n                break;\n            urlEnd++;\n        }\n        if (atPos !== -1 && atPos < urlEnd) {\n            result = `${result.substring(0, searchStart)}******${result.substring(atPos)}`;\n            pos = searchStart + 6; // Move past '******'\n        }\n        else {\n            pos = protocolPos + protocolLen;\n        }\n    }\n    return result;\n}\n/**\n * Sanitize data by redacting credentials from any strings\n * Recursively processes objects and arrays to ensure credentials are never leaked\n */\nexport function sanitizeGitData(data) {\n    // Handle primitives\n    if (typeof data === 'string') {\n        return redactCredentials(data);\n    }\n    if (data === null || data === undefined) {\n        return data;\n    }\n    // Handle arrays\n    if (Array.isArray(data)) {\n        return data.map((item) => sanitizeGitData(item));\n    }\n    // Handle objects - recursively sanitize all fields\n    if (typeof data === 'object') {\n        const result = {};\n        for (const [key, value] of Object.entries(data)) {\n            result[key] = sanitizeGitData(value);\n        }\n        return result;\n    }\n    return data;\n}\n/**\n * Logger wrapper that automatically sanitizes git credentials\n */\nexport class GitLogger {\n    baseLogger;\n    constructor(baseLogger) {\n        this.baseLogger = baseLogger;\n    }\n    sanitizeContext(context) {\n        return context\n            ? sanitizeGitData(context)\n            : context;\n    }\n    sanitizeError(error) {\n        if (!error)\n            return error;\n        // Create a new error with sanitized message and stack\n        const sanitized = new Error(redactCredentials(error.message));\n        sanitized.name = error.name;\n        if (error.stack) {\n            sanitized.stack = redactCredentials(error.stack);\n        }\n        // Preserve other enumerable properties\n        const sanitizedRecord = sanitized;\n        const errorRecord = error;\n        for (const key of Object.keys(error)) {\n            if (key !== 'message' && key !== 'stack' && key !== 'name') {\n                sanitizedRecord[key] = sanitizeGitData(errorRecord[key]);\n            }\n        }\n        return sanitized;\n    }\n    debug(message, context) {\n        this.baseLogger.debug(message, this.sanitizeContext(context));\n    }\n    info(message, context) {\n        this.baseLogger.info(message, this.sanitizeContext(context));\n    }\n    warn(message, context) {\n        this.baseLogger.warn(message, this.sanitizeContext(context));\n    }\n    error(message, error, context) {\n        this.baseLogger.error(message, this.sanitizeError(error), this.sanitizeContext(context));\n    }\n    child(context) {\n        const sanitized = sanitizeGitData(context);\n        const childLogger = this.baseLogger.child(sanitized);\n        return new GitLogger(childLogger);\n    }\n}\n","// Execution Result Container\nexport class Execution {\n    code;\n    context;\n    /**\n     * All results from the execution\n     */\n    results = [];\n    /**\n     * Accumulated stdout and stderr\n     */\n    logs = {\n        stdout: [],\n        stderr: []\n    };\n    /**\n     * Execution error if any\n     */\n    error;\n    /**\n     * Execution count (for interpreter)\n     */\n    executionCount;\n    constructor(code, context) {\n        this.code = code;\n        this.context = context;\n    }\n    /**\n     * Convert to a plain object for serialization\n     */\n    toJSON() {\n        return {\n            code: this.code,\n            logs: this.logs,\n            error: this.error,\n            executionCount: this.executionCount,\n            results: this.results.map((result) => ({\n                text: result.text,\n                html: result.html,\n                png: result.png,\n                jpeg: result.jpeg,\n                svg: result.svg,\n                latex: result.latex,\n                markdown: result.markdown,\n                javascript: result.javascript,\n                json: result.json,\n                chart: result.chart,\n                data: result.data\n            }))\n        };\n    }\n}\n// Implementation of Result\nexport class ResultImpl {\n    raw;\n    constructor(raw) {\n        this.raw = raw;\n    }\n    get text() {\n        return this.raw.text || this.raw.data?.['text/plain'];\n    }\n    get html() {\n        return this.raw.html || this.raw.data?.['text/html'];\n    }\n    get png() {\n        return this.raw.png || this.raw.data?.['image/png'];\n    }\n    get jpeg() {\n        return this.raw.jpeg || this.raw.data?.['image/jpeg'];\n    }\n    get svg() {\n        return this.raw.svg || this.raw.data?.['image/svg+xml'];\n    }\n    get latex() {\n        return this.raw.latex || this.raw.data?.['text/latex'];\n    }\n    get markdown() {\n        return this.raw.markdown || this.raw.data?.['text/markdown'];\n    }\n    get javascript() {\n        return this.raw.javascript || this.raw.data?.['application/javascript'];\n    }\n    get json() {\n        return this.raw.json || this.raw.data?.['application/json'];\n    }\n    get chart() {\n        return this.raw.chart;\n    }\n    get data() {\n        return this.raw.data;\n    }\n    formats() {\n        const formats = [];\n        if (this.text)\n            formats.push('text');\n        if (this.html)\n            formats.push('html');\n        if (this.png)\n            formats.push('png');\n        if (this.jpeg)\n            formats.push('jpeg');\n        if (this.svg)\n            formats.push('svg');\n        if (this.latex)\n            formats.push('latex');\n        if (this.markdown)\n            formats.push('markdown');\n        if (this.javascript)\n            formats.push('javascript');\n        if (this.json)\n            formats.push('json');\n        if (this.chart)\n            formats.push('chart');\n        return formats;\n    }\n}\n","/**\n * Logger types for Cloudflare Sandbox SDK\n *\n * Provides structured, trace-aware logging across Worker, Durable Object, and Container.\n */\n/**\n * Log levels (from most to least verbose)\n */\nexport var LogLevel;\n(function (LogLevel) {\n    LogLevel[LogLevel[\"DEBUG\"] = 0] = \"DEBUG\";\n    LogLevel[LogLevel[\"INFO\"] = 1] = \"INFO\";\n    LogLevel[LogLevel[\"WARN\"] = 2] = \"WARN\";\n    LogLevel[LogLevel[\"ERROR\"] = 3] = \"ERROR\";\n})(LogLevel || (LogLevel = {}));\n","/**\n * Logger implementation\n */\nimport { LogLevel as LogLevelEnum } from './types.js';\n/**\n * ANSI color codes for terminal output\n */\nconst COLORS = {\n    reset: '\\x1b[0m',\n    debug: '\\x1b[36m', // Cyan\n    info: '\\x1b[32m', // Green\n    warn: '\\x1b[33m', // Yellow\n    error: '\\x1b[31m', // Red\n    dim: '\\x1b[2m' // Dim\n};\n/**\n * CloudflareLogger implements structured logging with support for\n * both JSON output (production) and pretty printing (development).\n */\nexport class CloudflareLogger {\n    baseContext;\n    minLevel;\n    pretty;\n    /**\n     * Create a new CloudflareLogger\n     *\n     * @param baseContext Base context included in all log entries\n     * @param minLevel Minimum log level to output (default: INFO)\n     * @param pretty Enable pretty printing for human-readable output (default: false)\n     */\n    constructor(baseContext, minLevel = LogLevelEnum.INFO, pretty = false) {\n        this.baseContext = baseContext;\n        this.minLevel = minLevel;\n        this.pretty = pretty;\n    }\n    /**\n     * Log debug-level message\n     */\n    debug(message, context) {\n        if (this.shouldLog(LogLevelEnum.DEBUG)) {\n            const logData = this.buildLogData('debug', message, context);\n            this.output(console.log, logData);\n        }\n    }\n    /**\n     * Log info-level message\n     */\n    info(message, context) {\n        if (this.shouldLog(LogLevelEnum.INFO)) {\n            const logData = this.buildLogData('info', message, context);\n            this.output(console.log, logData);\n        }\n    }\n    /**\n     * Log warning-level message\n     */\n    warn(message, context) {\n        if (this.shouldLog(LogLevelEnum.WARN)) {\n            const logData = this.buildLogData('warn', message, context);\n            this.output(console.warn, logData);\n        }\n    }\n    /**\n     * Log error-level message\n     */\n    error(message, error, context) {\n        if (this.shouldLog(LogLevelEnum.ERROR)) {\n            const logData = this.buildLogData('error', message, context, error);\n            this.output(console.error, logData);\n        }\n    }\n    /**\n     * Create a child logger with additional context\n     */\n    child(context) {\n        return new CloudflareLogger({ ...this.baseContext, ...context }, this.minLevel, this.pretty);\n    }\n    /**\n     * Check if a log level should be output\n     */\n    shouldLog(level) {\n        return level >= this.minLevel;\n    }\n    /**\n     * Build log data object\n     */\n    buildLogData(level, message, context, error) {\n        const logData = {\n            level,\n            msg: message,\n            ...this.baseContext,\n            ...context,\n            timestamp: new Date().toISOString()\n        };\n        // Add error details if provided\n        if (error) {\n            logData.error = {\n                message: error.message,\n                stack: error.stack,\n                name: error.name\n            };\n        }\n        return logData;\n    }\n    /**\n     * Output log data to console (pretty or JSON)\n     */\n    output(consoleFn, data) {\n        if (this.pretty) {\n            this.outputPretty(consoleFn, data);\n        }\n        else {\n            this.outputJson(consoleFn, data);\n        }\n    }\n    /**\n     * Output as JSON (production)\n     */\n    outputJson(consoleFn, data) {\n        consoleFn(JSON.stringify(data));\n    }\n    /**\n     * Output as pretty-printed, colored text (development)\n     *\n     * Format: LEVEL [component] message (trace: tr_...) {context}\n     * Example: INFO [sandbox-do] Command started (trace: tr_7f3a9b2c) {commandId: \"cmd-123\"}\n     */\n    outputPretty(consoleFn, data) {\n        const { level, msg, timestamp, traceId, component, sandboxId, sessionId, processId, commandId, operation, duration, error, ...rest } = data;\n        // Build the main log line\n        const levelStr = String(level || 'INFO').toUpperCase();\n        const levelColor = this.getLevelColor(levelStr);\n        const componentBadge = component ? `[${component}]` : '';\n        const traceIdShort = traceId ? String(traceId).substring(0, 12) : '';\n        // Start with level and component\n        let logLine = `${levelColor}${levelStr.padEnd(5)}${COLORS.reset} ${componentBadge} ${msg}`;\n        // Add trace ID if present\n        if (traceIdShort) {\n            logLine += ` ${COLORS.dim}(trace: ${traceIdShort})${COLORS.reset}`;\n        }\n        // Collect important context fields\n        const contextFields = [];\n        if (operation)\n            contextFields.push(`operation: ${operation}`);\n        if (commandId)\n            contextFields.push(`commandId: ${String(commandId).substring(0, 12)}`);\n        if (sandboxId)\n            contextFields.push(`sandboxId: ${sandboxId}`);\n        if (sessionId)\n            contextFields.push(`sessionId: ${String(sessionId).substring(0, 12)}`);\n        if (processId)\n            contextFields.push(`processId: ${processId}`);\n        if (duration !== undefined)\n            contextFields.push(`duration: ${duration}ms`);\n        // Add important context inline\n        if (contextFields.length > 0) {\n            logLine += ` ${COLORS.dim}{${contextFields.join(', ')}}${COLORS.reset}`;\n        }\n        // Output main log line\n        consoleFn(logLine);\n        // Output error details on separate lines if present\n        if (error && typeof error === 'object') {\n            const errorObj = error;\n            if (errorObj.message) {\n                consoleFn(`  ${COLORS.error}Error: ${errorObj.message}${COLORS.reset}`);\n            }\n            if (errorObj.stack) {\n                consoleFn(`  ${COLORS.dim}${errorObj.stack}${COLORS.reset}`);\n            }\n        }\n        // Output additional context if present\n        if (Object.keys(rest).length > 0) {\n            consoleFn(`  ${COLORS.dim}${JSON.stringify(rest, null, 2)}${COLORS.reset}`);\n        }\n    }\n    /**\n     * Get ANSI color code for log level\n     */\n    getLevelColor(level) {\n        const levelLower = level.toLowerCase();\n        switch (levelLower) {\n            case 'debug':\n                return COLORS.debug;\n            case 'info':\n                return COLORS.info;\n            case 'warn':\n                return COLORS.warn;\n            case 'error':\n                return COLORS.error;\n            default:\n                return COLORS.reset;\n        }\n    }\n}\n","/**\n * Trace context utilities for request correlation\n *\n * Trace IDs enable correlating logs across distributed components:\n * Worker → Durable Object → Container → back\n *\n * The trace ID is propagated via the X-Trace-Id HTTP header.\n */\n/**\n * Utility for managing trace context across distributed components\n */\n// biome-ignore lint/complexity/noStaticOnlyClass: Keep as class for namespace grouping and discoverability\nexport class TraceContext {\n    /**\n     * HTTP header name for trace ID propagation\n     */\n    static TRACE_HEADER = 'X-Trace-Id';\n    /**\n     * Generate a new trace ID\n     *\n     * Format: \"tr_\" + 16 random hex characters\n     * Example: \"tr_7f3a9b2c4e5d6f1a\"\n     *\n     * @returns Newly generated trace ID\n     */\n    static generate() {\n        // Use crypto.randomUUID() for randomness, extract 16 hex chars\n        const randomHex = crypto.randomUUID().replace(/-/g, '').substring(0, 16);\n        return `tr_${randomHex}`;\n    }\n    /**\n     * Extract trace ID from HTTP request headers\n     *\n     * @param headers Request headers\n     * @returns Trace ID if present, null otherwise\n     */\n    static fromHeaders(headers) {\n        return headers.get(TraceContext.TRACE_HEADER);\n    }\n    /**\n     * Create headers object with trace ID for outgoing requests\n     *\n     * @param traceId Trace ID to include\n     * @returns Headers object with X-Trace-Id set\n     */\n    static toHeaders(traceId) {\n        return { [TraceContext.TRACE_HEADER]: traceId };\n    }\n    /**\n     * Get the header name used for trace ID propagation\n     *\n     * @returns Header name (\"X-Trace-Id\")\n     */\n    static getHeaderName() {\n        return TraceContext.TRACE_HEADER;\n    }\n}\n","/**\n * Logger module\n *\n * Provides structured, trace-aware logging with:\n * - Explicit logger passing via constructor injection\n * - Pretty printing for local development\n * - JSON output for production\n * - Environment auto-detection\n * - Log level configuration\n *\n * Usage:\n *\n * ```typescript\n * // Create a logger at entry point\n * const logger = createLogger({ component: 'sandbox-do', traceId: 'tr_abc123' });\n *\n * // Pass to classes via constructor\n * const service = new MyService(logger);\n *\n * // Create child loggers for additional context\n * const execLogger = logger.child({ operation: 'exec', commandId: 'cmd-456' });\n * execLogger.info('Operation started');\n * ```\n */\nimport { CloudflareLogger } from './logger.js';\nimport { TraceContext } from './trace-context.js';\nimport { LogLevel as LogLevelEnum } from './types.js';\nexport { CloudflareLogger } from './logger.js';\nexport { TraceContext } from './trace-context.js';\nexport { LogLevel as LogLevelEnum } from './types.js';\n/**\n * Create a no-op logger for testing\n *\n * Returns a logger that implements the Logger interface but does nothing.\n * Useful for tests that don't need actual logging output.\n *\n * @returns No-op logger instance\n *\n * @example\n * ```typescript\n * // In tests\n * const client = new HttpClient({\n *   baseUrl: 'http://test.com',\n *   logger: createNoOpLogger() // Optional - tests can enable real logging if needed\n * });\n * ```\n */\nexport function createNoOpLogger() {\n    return {\n        debug: () => { },\n        info: () => { },\n        warn: () => { },\n        error: () => { },\n        child: () => createNoOpLogger()\n    };\n}\n/**\n * Create a new logger instance\n *\n * @param context Base context for the logger. Must include 'component'.\n *                TraceId will be auto-generated if not provided.\n * @returns New logger instance\n *\n * @example\n * ```typescript\n * // In Durable Object\n * const logger = createLogger({\n *   component: 'sandbox-do',\n *   traceId: TraceContext.fromHeaders(request.headers) || TraceContext.generate(),\n *   sandboxId: this.id\n * });\n *\n * // In Container\n * const logger = createLogger({\n *   component: 'container',\n *   traceId: TraceContext.fromHeaders(request.headers)!,\n *   sessionId: this.id\n * });\n * ```\n */\nexport function createLogger(context) {\n    const minLevel = getLogLevelFromEnv();\n    const pretty = isPrettyPrintEnabled();\n    const baseContext = {\n        ...context,\n        traceId: context.traceId || TraceContext.generate(),\n        component: context.component\n    };\n    return new CloudflareLogger(baseContext, minLevel, pretty);\n}\n/**\n * Get log level from environment variable\n *\n * Checks SANDBOX_LOG_LEVEL env var, falls back to default based on environment.\n * Default: 'debug' for development, 'info' for production\n */\nfunction getLogLevelFromEnv() {\n    const envLevel = getEnvVar('SANDBOX_LOG_LEVEL') || 'info';\n    switch (envLevel.toLowerCase()) {\n        case 'debug':\n            return LogLevelEnum.DEBUG;\n        case 'info':\n            return LogLevelEnum.INFO;\n        case 'warn':\n            return LogLevelEnum.WARN;\n        case 'error':\n            return LogLevelEnum.ERROR;\n        default:\n            // Invalid level, fall back to info\n            return LogLevelEnum.INFO;\n    }\n}\n/**\n * Check if pretty printing should be enabled\n *\n * Checks SANDBOX_LOG_FORMAT env var, falls back to auto-detection:\n * - Local development: pretty (colored, human-readable)\n * - Production: json (structured)\n */\nfunction isPrettyPrintEnabled() {\n    // Check explicit SANDBOX_LOG_FORMAT env var\n    const format = getEnvVar('SANDBOX_LOG_FORMAT');\n    if (format) {\n        return format.toLowerCase() === 'pretty';\n    }\n    return false;\n}\n/**\n * Get environment variable value\n *\n * Supports both Node.js (process.env) and Bun (Bun.env)\n */\nfunction getEnvVar(name) {\n    // Try process.env first (Node.js / Bun)\n    if (typeof process !== 'undefined' && process.env) {\n        return process.env[name];\n    }\n    // Try Bun.env (Bun runtime)\n    if (typeof Bun !== 'undefined') {\n        const bunEnv = Bun.env;\n        if (bunEnv) {\n            return bunEnv[name];\n        }\n    }\n    return undefined;\n}\n","/**\n * Escapes a string for safe use in shell commands using POSIX single-quote escaping.\n * Prevents command injection by wrapping the string in single quotes and escaping\n * any single quotes within the string.\n */\nexport function shellEscape(str) {\n    return `'${str.replace(/'/g, \"'\\\\''\")}'`;\n}\n","/**\n * Check if a process status indicates the process has terminated\n */\nexport function isTerminalStatus(status) {\n    return (status === 'completed' ||\n        status === 'failed' ||\n        status === 'killed' ||\n        status === 'error');\n}\n// Type guards for runtime validation\nexport function isExecResult(value) {\n    return (value &&\n        typeof value.success === 'boolean' &&\n        typeof value.exitCode === 'number' &&\n        typeof value.stdout === 'string' &&\n        typeof value.stderr === 'string');\n}\nexport function isProcess(value) {\n    return (value &&\n        typeof value.id === 'string' &&\n        typeof value.command === 'string' &&\n        typeof value.status === 'string');\n}\nexport function isProcessStatus(value) {\n    return [\n        'starting',\n        'running',\n        'completed',\n        'failed',\n        'killed',\n        'error'\n    ].includes(value);\n}\n// Re-export interpreter types for convenience\nexport { Execution, ResultImpl } from './interpreter-types';\n"],"mappings":";;;;;;;;AAOA,SAAgB,aAAa,KAAK,KAAK;CACnC,MAAM,QAAQ,MAAM;AACpB,QAAO,OAAO,UAAU,WAAW,QAAQ;;;;;;;;;;;;;;;ACC/C,SAAgB,kBAAkB,MAAM;CAEpC,IAAI,SAAS;CACb,IAAI,MAAM;AACV,QAAO,MAAM,OAAO,QAAQ;EACxB,MAAM,UAAU,OAAO,QAAQ,WAAW,IAAI;EAC9C,MAAM,WAAW,OAAO,QAAQ,YAAY,IAAI;EAChD,IAAI,cAAc;EAClB,IAAI,cAAc;AAClB,MAAI,YAAY,MAAM,aAAa,GAC/B;AACJ,MAAI,YAAY,OAAO,aAAa,MAAM,UAAU,WAAW;AAC3D,iBAAc;AACd,iBAAc;SAEb;AACD,iBAAc;AACd,iBAAc;;EAGlB,MAAM,cAAc,cAAc;EAClC,MAAM,QAAQ,OAAO,QAAQ,KAAK,YAAY;EAE9C,IAAI,SAAS;AACb,SAAO,SAAS,OAAO,QAAQ;GAC3B,MAAM,OAAO,OAAO;AACpB,OAAI,mBAAmB,KAAK,KAAK,CAC7B;AACJ;;AAEJ,MAAI,UAAU,MAAM,QAAQ,QAAQ;AAChC,YAAS,GAAG,OAAO,UAAU,GAAG,YAAY,CAAC,QAAQ,OAAO,UAAU,MAAM;AAC5E,SAAM,cAAc;QAGpB,OAAM,cAAc;;AAG5B,QAAO;;;;;;AAMX,SAAgB,gBAAgB,MAAM;AAElC,KAAI,OAAO,SAAS,SAChB,QAAO,kBAAkB,KAAK;AAElC,KAAI,SAAS,QAAQ,SAAS,OAC1B,QAAO;AAGX,KAAI,MAAM,QAAQ,KAAK,CACnB,QAAO,KAAK,KAAK,SAAS,gBAAgB,KAAK,CAAC;AAGpD,KAAI,OAAO,SAAS,UAAU;EAC1B,MAAM,SAAS,EAAE;AACjB,OAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,KAAK,CAC3C,QAAO,OAAO,gBAAgB,MAAM;AAExC,SAAO;;AAEX,QAAO;;;;;AAKX,IAAa,YAAb,MAAa,UAAU;CACnB;CACA,YAAY,YAAY;AACpB,OAAK,aAAa;;CAEtB,gBAAgB,SAAS;AACrB,SAAO,UACD,gBAAgB,QAAQ,GACxB;;CAEV,cAAc,OAAO;AACjB,MAAI,CAAC,MACD,QAAO;EAEX,MAAM,YAAY,IAAI,MAAM,kBAAkB,MAAM,QAAQ,CAAC;AAC7D,YAAU,OAAO,MAAM;AACvB,MAAI,MAAM,MACN,WAAU,QAAQ,kBAAkB,MAAM,MAAM;EAGpD,MAAM,kBAAkB;EACxB,MAAM,cAAc;AACpB,OAAK,MAAM,OAAO,OAAO,KAAK,MAAM,CAChC,KAAI,QAAQ,aAAa,QAAQ,WAAW,QAAQ,OAChD,iBAAgB,OAAO,gBAAgB,YAAY,KAAK;AAGhE,SAAO;;CAEX,MAAM,SAAS,SAAS;AACpB,OAAK,WAAW,MAAM,SAAS,KAAK,gBAAgB,QAAQ,CAAC;;CAEjE,KAAK,SAAS,SAAS;AACnB,OAAK,WAAW,KAAK,SAAS,KAAK,gBAAgB,QAAQ,CAAC;;CAEhE,KAAK,SAAS,SAAS;AACnB,OAAK,WAAW,KAAK,SAAS,KAAK,gBAAgB,QAAQ,CAAC;;CAEhE,MAAM,SAAS,OAAO,SAAS;AAC3B,OAAK,WAAW,MAAM,SAAS,KAAK,cAAc,MAAM,EAAE,KAAK,gBAAgB,QAAQ,CAAC;;CAE5F,MAAM,SAAS;EACX,MAAM,YAAY,gBAAgB,QAAQ;AAE1C,SAAO,IAAI,UADS,KAAK,WAAW,MAAM,UAAU,CACnB;;;;;;AC1HzC,IAAa,YAAb,MAAuB;CACnB;CACA;;;;CAIA,UAAU,EAAE;;;;CAIZ,OAAO;EACH,QAAQ,EAAE;EACV,QAAQ,EAAE;EACb;;;;CAID;;;;CAIA;CACA,YAAY,MAAM,SAAS;AACvB,OAAK,OAAO;AACZ,OAAK,UAAU;;;;;CAKnB,SAAS;AACL,SAAO;GACH,MAAM,KAAK;GACX,MAAM,KAAK;GACX,OAAO,KAAK;GACZ,gBAAgB,KAAK;GACrB,SAAS,KAAK,QAAQ,KAAK,YAAY;IACnC,MAAM,OAAO;IACb,MAAM,OAAO;IACb,KAAK,OAAO;IACZ,MAAM,OAAO;IACb,KAAK,OAAO;IACZ,OAAO,OAAO;IACd,UAAU,OAAO;IACjB,YAAY,OAAO;IACnB,MAAM,OAAO;IACb,OAAO,OAAO;IACd,MAAM,OAAO;IAChB,EAAE;GACN;;;AAIT,IAAa,aAAb,MAAwB;CACpB;CACA,YAAY,KAAK;AACb,OAAK,MAAM;;CAEf,IAAI,OAAO;AACP,SAAO,KAAK,IAAI,QAAQ,KAAK,IAAI,OAAO;;CAE5C,IAAI,OAAO;AACP,SAAO,KAAK,IAAI,QAAQ,KAAK,IAAI,OAAO;;CAE5C,IAAI,MAAM;AACN,SAAO,KAAK,IAAI,OAAO,KAAK,IAAI,OAAO;;CAE3C,IAAI,OAAO;AACP,SAAO,KAAK,IAAI,QAAQ,KAAK,IAAI,OAAO;;CAE5C,IAAI,MAAM;AACN,SAAO,KAAK,IAAI,OAAO,KAAK,IAAI,OAAO;;CAE3C,IAAI,QAAQ;AACR,SAAO,KAAK,IAAI,SAAS,KAAK,IAAI,OAAO;;CAE7C,IAAI,WAAW;AACX,SAAO,KAAK,IAAI,YAAY,KAAK,IAAI,OAAO;;CAEhD,IAAI,aAAa;AACb,SAAO,KAAK,IAAI,cAAc,KAAK,IAAI,OAAO;;CAElD,IAAI,OAAO;AACP,SAAO,KAAK,IAAI,QAAQ,KAAK,IAAI,OAAO;;CAE5C,IAAI,QAAQ;AACR,SAAO,KAAK,IAAI;;CAEpB,IAAI,OAAO;AACP,SAAO,KAAK,IAAI;;CAEpB,UAAU;EACN,MAAM,UAAU,EAAE;AAClB,MAAI,KAAK,KACL,SAAQ,KAAK,OAAO;AACxB,MAAI,KAAK,KACL,SAAQ,KAAK,OAAO;AACxB,MAAI,KAAK,IACL,SAAQ,KAAK,MAAM;AACvB,MAAI,KAAK,KACL,SAAQ,KAAK,OAAO;AACxB,MAAI,KAAK,IACL,SAAQ,KAAK,MAAM;AACvB,MAAI,KAAK,MACL,SAAQ,KAAK,QAAQ;AACzB,MAAI,KAAK,SACL,SAAQ,KAAK,WAAW;AAC5B,MAAI,KAAK,WACL,SAAQ,KAAK,aAAa;AAC9B,MAAI,KAAK,KACL,SAAQ,KAAK,OAAO;AACxB,MAAI,KAAK,MACL,SAAQ,KAAK,QAAQ;AACzB,SAAO;;;;;;;;;;;;;;ACzGf,IAAW;CACV,SAAU,YAAU;AACjB,YAAS,WAAS,WAAW,KAAK;AAClC,YAAS,WAAS,UAAU,KAAK;AACjC,YAAS,WAAS,UAAU,KAAK;AACjC,YAAS,WAAS,WAAW,KAAK;GACnC,aAAa,WAAW,EAAE,EAAE;;;;;;;;;;ACP/B,MAAM,SAAS;CACX,OAAO;CACP,OAAO;CACP,MAAM;CACN,MAAM;CACN,OAAO;CACP,KAAK;CACR;;;;;AAKD,IAAa,mBAAb,MAAa,iBAAiB;CAC1B;CACA;CACA;;;;;;;;CAQA,YAAY,aAAa,WAAWA,SAAa,MAAM,SAAS,OAAO;AACnE,OAAK,cAAc;AACnB,OAAK,WAAW;AAChB,OAAK,SAAS;;;;;CAKlB,MAAM,SAAS,SAAS;AACpB,MAAI,KAAK,UAAUA,SAAa,MAAM,EAAE;GACpC,MAAM,UAAU,KAAK,aAAa,SAAS,SAAS,QAAQ;AAC5D,QAAK,OAAO,QAAQ,KAAK,QAAQ;;;;;;CAMzC,KAAK,SAAS,SAAS;AACnB,MAAI,KAAK,UAAUA,SAAa,KAAK,EAAE;GACnC,MAAM,UAAU,KAAK,aAAa,QAAQ,SAAS,QAAQ;AAC3D,QAAK,OAAO,QAAQ,KAAK,QAAQ;;;;;;CAMzC,KAAK,SAAS,SAAS;AACnB,MAAI,KAAK,UAAUA,SAAa,KAAK,EAAE;GACnC,MAAM,UAAU,KAAK,aAAa,QAAQ,SAAS,QAAQ;AAC3D,QAAK,OAAO,QAAQ,MAAM,QAAQ;;;;;;CAM1C,MAAM,SAAS,OAAO,SAAS;AAC3B,MAAI,KAAK,UAAUA,SAAa,MAAM,EAAE;GACpC,MAAM,UAAU,KAAK,aAAa,SAAS,SAAS,SAAS,MAAM;AACnE,QAAK,OAAO,QAAQ,OAAO,QAAQ;;;;;;CAM3C,MAAM,SAAS;AACX,SAAO,IAAI,iBAAiB;GAAE,GAAG,KAAK;GAAa,GAAG;GAAS,EAAE,KAAK,UAAU,KAAK,OAAO;;;;;CAKhG,UAAU,OAAO;AACb,SAAO,SAAS,KAAK;;;;;CAKzB,aAAa,OAAO,SAAS,SAAS,OAAO;EACzC,MAAM,UAAU;GACZ;GACA,KAAK;GACL,GAAG,KAAK;GACR,GAAG;GACH,4BAAW,IAAI,MAAM,EAAC,aAAa;GACtC;AAED,MAAI,MACA,SAAQ,QAAQ;GACZ,SAAS,MAAM;GACf,OAAO,MAAM;GACb,MAAM,MAAM;GACf;AAEL,SAAO;;;;;CAKX,OAAO,WAAW,MAAM;AACpB,MAAI,KAAK,OACL,MAAK,aAAa,WAAW,KAAK;MAGlC,MAAK,WAAW,WAAW,KAAK;;;;;CAMxC,WAAW,WAAW,MAAM;AACxB,YAAU,KAAK,UAAU,KAAK,CAAC;;;;;;;;CAQnC,aAAa,WAAW,MAAM;EAC1B,MAAM,EAAE,OAAO,KAAK,WAAW,SAAS,WAAW,WAAW,WAAW,WAAW,WAAW,WAAW,UAAU,OAAO,GAAG,SAAS;EAEvI,MAAM,WAAW,OAAO,SAAS,OAAO,CAAC,aAAa;EACtD,MAAM,aAAa,KAAK,cAAc,SAAS;EAC/C,MAAM,iBAAiB,YAAY,IAAI,UAAU,KAAK;EACtD,MAAM,eAAe,UAAU,OAAO,QAAQ,CAAC,UAAU,GAAG,GAAG,GAAG;EAElE,IAAI,UAAU,GAAG,aAAa,SAAS,OAAO,EAAE,GAAG,OAAO,MAAM,GAAG,eAAe,GAAG;AAErF,MAAI,aACA,YAAW,IAAI,OAAO,IAAI,UAAU,aAAa,GAAG,OAAO;EAG/D,MAAM,gBAAgB,EAAE;AACxB,MAAI,UACA,eAAc,KAAK,cAAc,YAAY;AACjD,MAAI,UACA,eAAc,KAAK,cAAc,OAAO,UAAU,CAAC,UAAU,GAAG,GAAG,GAAG;AAC1E,MAAI,UACA,eAAc,KAAK,cAAc,YAAY;AACjD,MAAI,UACA,eAAc,KAAK,cAAc,OAAO,UAAU,CAAC,UAAU,GAAG,GAAG,GAAG;AAC1E,MAAI,UACA,eAAc,KAAK,cAAc,YAAY;AACjD,MAAI,aAAa,OACb,eAAc,KAAK,aAAa,SAAS,IAAI;AAEjD,MAAI,cAAc,SAAS,EACvB,YAAW,IAAI,OAAO,IAAI,GAAG,cAAc,KAAK,KAAK,CAAC,GAAG,OAAO;AAGpE,YAAU,QAAQ;AAElB,MAAI,SAAS,OAAO,UAAU,UAAU;GACpC,MAAM,WAAW;AACjB,OAAI,SAAS,QACT,WAAU,KAAK,OAAO,MAAM,SAAS,SAAS,UAAU,OAAO,QAAQ;AAE3E,OAAI,SAAS,MACT,WAAU,KAAK,OAAO,MAAM,SAAS,QAAQ,OAAO,QAAQ;;AAIpE,MAAI,OAAO,KAAK,KAAK,CAAC,SAAS,EAC3B,WAAU,KAAK,OAAO,MAAM,KAAK,UAAU,MAAM,MAAM,EAAE,GAAG,OAAO,QAAQ;;;;;CAMnF,cAAc,OAAO;AAEjB,UADmB,MAAM,aAAa,EACtC;GACI,KAAK,QACD,QAAO,OAAO;GAClB,KAAK,OACD,QAAO,OAAO;GAClB,KAAK,OACD,QAAO,OAAO;GAClB,KAAK,QACD,QAAO,OAAO;GAClB,QACI,QAAO,OAAO;;;;;;;;;;;;;;;;;;AClL9B,IAAa,eAAb,MAAa,aAAa;;;;CAItB,OAAO,eAAe;;;;;;;;;CAStB,OAAO,WAAW;AAGd,SAAO,MADW,OAAO,YAAY,CAAC,QAAQ,MAAM,GAAG,CAAC,UAAU,GAAG,GAAG;;;;;;;;CAS5E,OAAO,YAAY,SAAS;AACxB,SAAO,QAAQ,IAAI,aAAa,aAAa;;;;;;;;CAQjD,OAAO,UAAU,SAAS;AACtB,SAAO,GAAG,aAAa,eAAe,SAAS;;;;;;;CAOnD,OAAO,gBAAgB;AACnB,SAAO,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACP5B,SAAgB,mBAAmB;AAC/B,QAAO;EACH,aAAa;EACb,YAAY;EACZ,YAAY;EACZ,aAAa;EACb,aAAa,kBAAkB;EAClC;;;;;;;;;;;;;;;;;;;;;;;;;;AA0BL,SAAgB,aAAa,SAAS;CAClC,MAAM,WAAW,oBAAoB;CACrC,MAAM,SAAS,sBAAsB;AAMrC,QAAO,IAAI,iBALS;EAChB,GAAG;EACH,SAAS,QAAQ,WAAW,aAAa,UAAU;EACnD,WAAW,QAAQ;EACtB,EACwC,UAAU,OAAO;;;;;;;;AAQ9D,SAAS,qBAAqB;AAE1B,UADiB,UAAU,oBAAoB,IAAI,QAClC,aAAa,EAA9B;EACI,KAAK,QACD,QAAOC,SAAa;EACxB,KAAK,OACD,QAAOA,SAAa;EACxB,KAAK,OACD,QAAOA,SAAa;EACxB,KAAK,QACD,QAAOA,SAAa;EACxB,QAEI,QAAOA,SAAa;;;;;;;;;;AAUhC,SAAS,uBAAuB;CAE5B,MAAM,SAAS,UAAU,qBAAqB;AAC9C,KAAI,OACA,QAAO,OAAO,aAAa,KAAK;AAEpC,QAAO;;;;;;;AAOX,SAAS,UAAU,MAAM;AAErB,KAAI,OAAO,YAAY,eAAe,QAAQ,IAC1C,QAAO,QAAQ,IAAI;AAGvB,KAAI,OAAO,QAAQ,aAAa;EAC5B,MAAM,SAAS,IAAI;AACnB,MAAI,OACA,QAAO,OAAO;;;;;;;;;;;ACxI1B,SAAgB,YAAY,KAAK;AAC7B,QAAO,IAAI,IAAI,QAAQ,MAAM,QAAQ,CAAC;;;;;;;;ACH1C,SAAgB,iBAAiB,QAAQ;AACrC,QAAQ,WAAW,eACf,WAAW,YACX,WAAW,YACX,WAAW;;AAGnB,SAAgB,aAAa,OAAO;AAChC,QAAQ,SACJ,OAAO,MAAM,YAAY,aACzB,OAAO,MAAM,aAAa,YAC1B,OAAO,MAAM,WAAW,YACxB,OAAO,MAAM,WAAW;;AAEhC,SAAgB,UAAU,OAAO;AAC7B,QAAQ,SACJ,OAAO,MAAM,OAAO,YACpB,OAAO,MAAM,YAAY,YACzB,OAAO,MAAM,WAAW;;AAEhC,SAAgB,gBAAgB,OAAO;AACnC,QAAO;EACH;EACA;EACA;EACA;EACA;EACA;EACH,CAAC,SAAS,MAAM"}

package/dist/errors-BCXUmJUn.js

@@ -0,0 +1,126 @@
+//#region ../shared/dist/errors/codes.js
+/**
+* Centralized error code registry
+* Each code maps to a specific error type with consistent semantics
+*/
+const ErrorCode = {
+	FILE_NOT_FOUND: "FILE_NOT_FOUND",
+	PERMISSION_DENIED: "PERMISSION_DENIED",
+	FILE_EXISTS: "FILE_EXISTS",
+	IS_DIRECTORY: "IS_DIRECTORY",
+	NOT_DIRECTORY: "NOT_DIRECTORY",
+	NO_SPACE: "NO_SPACE",
+	TOO_MANY_FILES: "TOO_MANY_FILES",
+	RESOURCE_BUSY: "RESOURCE_BUSY",
+	READ_ONLY: "READ_ONLY",
+	NAME_TOO_LONG: "NAME_TOO_LONG",
+	TOO_MANY_LINKS: "TOO_MANY_LINKS",
+	FILESYSTEM_ERROR: "FILESYSTEM_ERROR",
+	COMMAND_NOT_FOUND: "COMMAND_NOT_FOUND",
+	COMMAND_PERMISSION_DENIED: "COMMAND_PERMISSION_DENIED",
+	INVALID_COMMAND: "INVALID_COMMAND",
+	COMMAND_EXECUTION_ERROR: "COMMAND_EXECUTION_ERROR",
+	STREAM_START_ERROR: "STREAM_START_ERROR",
+	PROCESS_NOT_FOUND: "PROCESS_NOT_FOUND",
+	PROCESS_PERMISSION_DENIED: "PROCESS_PERMISSION_DENIED",
+	PROCESS_ERROR: "PROCESS_ERROR",
+	SESSION_ALREADY_EXISTS: "SESSION_ALREADY_EXISTS",
+	PORT_ALREADY_EXPOSED: "PORT_ALREADY_EXPOSED",
+	PORT_IN_USE: "PORT_IN_USE",
+	PORT_NOT_EXPOSED: "PORT_NOT_EXPOSED",
+	INVALID_PORT_NUMBER: "INVALID_PORT_NUMBER",
+	INVALID_PORT: "INVALID_PORT",
+	SERVICE_NOT_RESPONDING: "SERVICE_NOT_RESPONDING",
+	PORT_OPERATION_ERROR: "PORT_OPERATION_ERROR",
+	CUSTOM_DOMAIN_REQUIRED: "CUSTOM_DOMAIN_REQUIRED",
+	GIT_REPOSITORY_NOT_FOUND: "GIT_REPOSITORY_NOT_FOUND",
+	GIT_BRANCH_NOT_FOUND: "GIT_BRANCH_NOT_FOUND",
+	GIT_AUTH_FAILED: "GIT_AUTH_FAILED",
+	GIT_NETWORK_ERROR: "GIT_NETWORK_ERROR",
+	INVALID_GIT_URL: "INVALID_GIT_URL",
+	GIT_CLONE_FAILED: "GIT_CLONE_FAILED",
+	GIT_CHECKOUT_FAILED: "GIT_CHECKOUT_FAILED",
+	GIT_OPERATION_FAILED: "GIT_OPERATION_FAILED",
+	BUCKET_MOUNT_ERROR: "BUCKET_MOUNT_ERROR",
+	S3FS_MOUNT_ERROR: "S3FS_MOUNT_ERROR",
+	MISSING_CREDENTIALS: "MISSING_CREDENTIALS",
+	INVALID_MOUNT_CONFIG: "INVALID_MOUNT_CONFIG",
+	INTERPRETER_NOT_READY: "INTERPRETER_NOT_READY",
+	CONTEXT_NOT_FOUND: "CONTEXT_NOT_FOUND",
+	CODE_EXECUTION_ERROR: "CODE_EXECUTION_ERROR",
+	PYTHON_NOT_AVAILABLE: "PYTHON_NOT_AVAILABLE",
+	JAVASCRIPT_NOT_AVAILABLE: "JAVASCRIPT_NOT_AVAILABLE",
+	OPENCODE_STARTUP_FAILED: "OPENCODE_STARTUP_FAILED",
+	PROCESS_READY_TIMEOUT: "PROCESS_READY_TIMEOUT",
+	PROCESS_EXITED_BEFORE_READY: "PROCESS_EXITED_BEFORE_READY",
+	VALIDATION_FAILED: "VALIDATION_FAILED",
+	INVALID_JSON_RESPONSE: "INVALID_JSON_RESPONSE",
+	UNKNOWN_ERROR: "UNKNOWN_ERROR",
+	INTERNAL_ERROR: "INTERNAL_ERROR"
+};
+
+//#endregion
+//#region ../shared/dist/errors/status-map.js
+/**
+* Maps error codes to HTTP status codes
+* Centralized mapping ensures consistency across SDK
+*/
+const ERROR_STATUS_MAP = {
+	[ErrorCode.FILE_NOT_FOUND]: 404,
+	[ErrorCode.COMMAND_NOT_FOUND]: 404,
+	[ErrorCode.PROCESS_NOT_FOUND]: 404,
+	[ErrorCode.PORT_NOT_EXPOSED]: 404,
+	[ErrorCode.GIT_REPOSITORY_NOT_FOUND]: 404,
+	[ErrorCode.GIT_BRANCH_NOT_FOUND]: 404,
+	[ErrorCode.CONTEXT_NOT_FOUND]: 404,
+	[ErrorCode.IS_DIRECTORY]: 400,
+	[ErrorCode.NOT_DIRECTORY]: 400,
+	[ErrorCode.INVALID_COMMAND]: 400,
+	[ErrorCode.INVALID_PORT_NUMBER]: 400,
+	[ErrorCode.INVALID_PORT]: 400,
+	[ErrorCode.INVALID_GIT_URL]: 400,
+	[ErrorCode.CUSTOM_DOMAIN_REQUIRED]: 400,
+	[ErrorCode.INVALID_JSON_RESPONSE]: 400,
+	[ErrorCode.NAME_TOO_LONG]: 400,
+	[ErrorCode.VALIDATION_FAILED]: 400,
+	[ErrorCode.MISSING_CREDENTIALS]: 400,
+	[ErrorCode.INVALID_MOUNT_CONFIG]: 400,
+	[ErrorCode.GIT_AUTH_FAILED]: 401,
+	[ErrorCode.PERMISSION_DENIED]: 403,
+	[ErrorCode.COMMAND_PERMISSION_DENIED]: 403,
+	[ErrorCode.PROCESS_PERMISSION_DENIED]: 403,
+	[ErrorCode.READ_ONLY]: 403,
+	[ErrorCode.FILE_EXISTS]: 409,
+	[ErrorCode.PORT_ALREADY_EXPOSED]: 409,
+	[ErrorCode.PORT_IN_USE]: 409,
+	[ErrorCode.RESOURCE_BUSY]: 409,
+	[ErrorCode.SESSION_ALREADY_EXISTS]: 409,
+	[ErrorCode.SERVICE_NOT_RESPONDING]: 502,
+	[ErrorCode.GIT_NETWORK_ERROR]: 502,
+	[ErrorCode.PYTHON_NOT_AVAILABLE]: 501,
+	[ErrorCode.JAVASCRIPT_NOT_AVAILABLE]: 501,
+	[ErrorCode.INTERPRETER_NOT_READY]: 503,
+	[ErrorCode.OPENCODE_STARTUP_FAILED]: 503,
+	[ErrorCode.PROCESS_READY_TIMEOUT]: 408,
+	[ErrorCode.PROCESS_EXITED_BEFORE_READY]: 500,
+	[ErrorCode.NO_SPACE]: 500,
+	[ErrorCode.TOO_MANY_FILES]: 500,
+	[ErrorCode.TOO_MANY_LINKS]: 500,
+	[ErrorCode.FILESYSTEM_ERROR]: 500,
+	[ErrorCode.COMMAND_EXECUTION_ERROR]: 500,
+	[ErrorCode.STREAM_START_ERROR]: 500,
+	[ErrorCode.PROCESS_ERROR]: 500,
+	[ErrorCode.PORT_OPERATION_ERROR]: 500,
+	[ErrorCode.GIT_CLONE_FAILED]: 500,
+	[ErrorCode.GIT_CHECKOUT_FAILED]: 500,
+	[ErrorCode.GIT_OPERATION_FAILED]: 500,
+	[ErrorCode.CODE_EXECUTION_ERROR]: 500,
+	[ErrorCode.BUCKET_MOUNT_ERROR]: 500,
+	[ErrorCode.S3FS_MOUNT_ERROR]: 500,
+	[ErrorCode.UNKNOWN_ERROR]: 500,
+	[ErrorCode.INTERNAL_ERROR]: 500
+};
+
+//#endregion
+export { ErrorCode as t };
+//# sourceMappingURL=errors-BCXUmJUn.js.map