@cloudwarriors-ai/rlm 0.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +208 -0
- package/dist/application/index.d.ts +4 -0
- package/dist/application/index.d.ts.map +1 -0
- package/dist/application/index.js +4 -0
- package/dist/application/index.js.map +1 -0
- package/dist/application/query-handler.d.ts +49 -0
- package/dist/application/query-handler.d.ts.map +1 -0
- package/dist/application/query-handler.js +311 -0
- package/dist/application/query-handler.js.map +1 -0
- package/dist/application/rlm-service.d.ts +68 -0
- package/dist/application/rlm-service.d.ts.map +1 -0
- package/dist/application/rlm-service.js +132 -0
- package/dist/application/rlm-service.js.map +1 -0
- package/dist/application/session-manager.d.ts +70 -0
- package/dist/application/session-manager.d.ts.map +1 -0
- package/dist/application/session-manager.js +237 -0
- package/dist/application/session-manager.js.map +1 -0
- package/dist/cli/commands/config.d.ts +34 -0
- package/dist/cli/commands/config.d.ts.map +1 -0
- package/dist/cli/commands/config.js +157 -0
- package/dist/cli/commands/config.js.map +1 -0
- package/dist/cli/commands/index.d.ts +4 -0
- package/dist/cli/commands/index.d.ts.map +1 -0
- package/dist/cli/commands/index.js +4 -0
- package/dist/cli/commands/index.js.map +1 -0
- package/dist/cli/commands/query.d.ts +26 -0
- package/dist/cli/commands/query.d.ts.map +1 -0
- package/dist/cli/commands/query.js +90 -0
- package/dist/cli/commands/query.js.map +1 -0
- package/dist/cli/commands/session.d.ts +40 -0
- package/dist/cli/commands/session.d.ts.map +1 -0
- package/dist/cli/commands/session.js +55 -0
- package/dist/cli/commands/session.js.map +1 -0
- package/dist/cli/config-loader.d.ts +63 -0
- package/dist/cli/config-loader.d.ts.map +1 -0
- package/dist/cli/config-loader.js +94 -0
- package/dist/cli/config-loader.js.map +1 -0
- package/dist/cli/index.d.ts +3 -0
- package/dist/cli/index.d.ts.map +1 -0
- package/dist/cli/index.js +120 -0
- package/dist/cli/index.js.map +1 -0
- package/dist/cli/output/formatter.d.ts +24 -0
- package/dist/cli/output/formatter.d.ts.map +1 -0
- package/dist/cli/output/formatter.js +196 -0
- package/dist/cli/output/formatter.js.map +1 -0
- package/dist/cli/output/index.d.ts +3 -0
- package/dist/cli/output/index.d.ts.map +1 -0
- package/dist/cli/output/index.js +3 -0
- package/dist/cli/output/index.js.map +1 -0
- package/dist/cli/output/progress.d.ts +60 -0
- package/dist/cli/output/progress.d.ts.map +1 -0
- package/dist/cli/output/progress.js +142 -0
- package/dist/cli/output/progress.js.map +1 -0
- package/dist/domain/errors/base-error.d.ts +17 -0
- package/dist/domain/errors/base-error.d.ts.map +1 -0
- package/dist/domain/errors/base-error.js +29 -0
- package/dist/domain/errors/base-error.js.map +1 -0
- package/dist/domain/errors/execution-error.d.ts +61 -0
- package/dist/domain/errors/execution-error.d.ts.map +1 -0
- package/dist/domain/errors/execution-error.js +86 -0
- package/dist/domain/errors/execution-error.js.map +1 -0
- package/dist/domain/errors/index.d.ts +14 -0
- package/dist/domain/errors/index.d.ts.map +1 -0
- package/dist/domain/errors/index.js +26 -0
- package/dist/domain/errors/index.js.map +1 -0
- package/dist/domain/errors/limit-exceeded.d.ts +38 -0
- package/dist/domain/errors/limit-exceeded.d.ts.map +1 -0
- package/dist/domain/errors/limit-exceeded.js +71 -0
- package/dist/domain/errors/limit-exceeded.js.map +1 -0
- package/dist/domain/errors/llm-error.d.ts +60 -0
- package/dist/domain/errors/llm-error.d.ts.map +1 -0
- package/dist/domain/errors/llm-error.js +92 -0
- package/dist/domain/errors/llm-error.js.map +1 -0
- package/dist/domain/errors/validation-error.d.ts +58 -0
- package/dist/domain/errors/validation-error.d.ts.map +1 -0
- package/dist/domain/errors/validation-error.js +81 -0
- package/dist/domain/errors/validation-error.js.map +1 -0
- package/dist/domain/interfaces/code-executor.d.ts +98 -0
- package/dist/domain/interfaces/code-executor.d.ts.map +1 -0
- package/dist/domain/interfaces/code-executor.js +2 -0
- package/dist/domain/interfaces/code-executor.js.map +1 -0
- package/dist/domain/interfaces/event-emitter.d.ts +137 -0
- package/dist/domain/interfaces/event-emitter.d.ts.map +1 -0
- package/dist/domain/interfaces/event-emitter.js +2 -0
- package/dist/domain/interfaces/event-emitter.js.map +1 -0
- package/dist/domain/interfaces/index.d.ts +5 -0
- package/dist/domain/interfaces/index.d.ts.map +1 -0
- package/dist/domain/interfaces/index.js +2 -0
- package/dist/domain/interfaces/index.js.map +1 -0
- package/dist/domain/interfaces/llm-provider.d.ts +64 -0
- package/dist/domain/interfaces/llm-provider.d.ts.map +1 -0
- package/dist/domain/interfaces/llm-provider.js +2 -0
- package/dist/domain/interfaces/llm-provider.js.map +1 -0
- package/dist/domain/interfaces/session-store.d.ts +65 -0
- package/dist/domain/interfaces/session-store.d.ts.map +1 -0
- package/dist/domain/interfaces/session-store.js +2 -0
- package/dist/domain/interfaces/session-store.js.map +1 -0
- package/dist/domain/services/context-chunker.d.ts +43 -0
- package/dist/domain/services/context-chunker.d.ts.map +1 -0
- package/dist/domain/services/context-chunker.js +152 -0
- package/dist/domain/services/context-chunker.js.map +1 -0
- package/dist/domain/services/cost-calculator.d.ts +63 -0
- package/dist/domain/services/cost-calculator.d.ts.map +1 -0
- package/dist/domain/services/cost-calculator.js +121 -0
- package/dist/domain/services/cost-calculator.js.map +1 -0
- package/dist/domain/services/index.d.ts +5 -0
- package/dist/domain/services/index.d.ts.map +1 -0
- package/dist/domain/services/index.js +9 -0
- package/dist/domain/services/index.js.map +1 -0
- package/dist/domain/services/limit-checker.d.ts +54 -0
- package/dist/domain/services/limit-checker.d.ts.map +1 -0
- package/dist/domain/services/limit-checker.js +146 -0
- package/dist/domain/services/limit-checker.js.map +1 -0
- package/dist/domain/services/result-aggregator.d.ts +49 -0
- package/dist/domain/services/result-aggregator.d.ts.map +1 -0
- package/dist/domain/services/result-aggregator.js +131 -0
- package/dist/domain/services/result-aggregator.js.map +1 -0
- package/dist/domain/types/config.d.ts +41 -0
- package/dist/domain/types/config.d.ts.map +1 -0
- package/dist/domain/types/config.js +22 -0
- package/dist/domain/types/config.js.map +1 -0
- package/dist/domain/types/context.d.ts +64 -0
- package/dist/domain/types/context.d.ts.map +1 -0
- package/dist/domain/types/context.js +20 -0
- package/dist/domain/types/context.js.map +1 -0
- package/dist/domain/types/index.d.ts +5 -0
- package/dist/domain/types/index.d.ts.map +1 -0
- package/dist/domain/types/index.js +9 -0
- package/dist/domain/types/index.js.map +1 -0
- package/dist/domain/types/result.d.ts +137 -0
- package/dist/domain/types/result.d.ts.map +1 -0
- package/dist/domain/types/result.js +27 -0
- package/dist/domain/types/result.js.map +1 -0
- package/dist/domain/types/session.d.ts +74 -0
- package/dist/domain/types/session.d.ts.map +1 -0
- package/dist/domain/types/session.js +31 -0
- package/dist/domain/types/session.js.map +1 -0
- package/dist/factory/create-rlm.d.ts +77 -0
- package/dist/factory/create-rlm.d.ts.map +1 -0
- package/dist/factory/create-rlm.js +82 -0
- package/dist/factory/create-rlm.js.map +1 -0
- package/dist/factory/default-config.d.ts +27 -0
- package/dist/factory/default-config.d.ts.map +1 -0
- package/dist/factory/default-config.js +98 -0
- package/dist/factory/default-config.js.map +1 -0
- package/dist/factory/index.d.ts +3 -0
- package/dist/factory/index.d.ts.map +1 -0
- package/dist/factory/index.js +3 -0
- package/dist/factory/index.js.map +1 -0
- package/dist/index.d.ts +37 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +40 -0
- package/dist/index.js.map +1 -0
- package/dist/infrastructure/events/event-types.d.ts +35 -0
- package/dist/infrastructure/events/event-types.d.ts.map +1 -0
- package/dist/infrastructure/events/event-types.js +44 -0
- package/dist/infrastructure/events/event-types.js.map +1 -0
- package/dist/infrastructure/events/index.d.ts +3 -0
- package/dist/infrastructure/events/index.d.ts.map +1 -0
- package/dist/infrastructure/events/index.js +3 -0
- package/dist/infrastructure/events/index.js.map +1 -0
- package/dist/infrastructure/events/node-emitter.d.ts +72 -0
- package/dist/infrastructure/events/node-emitter.d.ts.map +1 -0
- package/dist/infrastructure/events/node-emitter.js +125 -0
- package/dist/infrastructure/events/node-emitter.js.map +1 -0
- package/dist/infrastructure/llm/index.d.ts +3 -0
- package/dist/infrastructure/llm/index.d.ts.map +1 -0
- package/dist/infrastructure/llm/index.js +3 -0
- package/dist/infrastructure/llm/index.js.map +1 -0
- package/dist/infrastructure/llm/openrouter-provider.d.ts +35 -0
- package/dist/infrastructure/llm/openrouter-provider.d.ts.map +1 -0
- package/dist/infrastructure/llm/openrouter-provider.js +158 -0
- package/dist/infrastructure/llm/openrouter-provider.js.map +1 -0
- package/dist/infrastructure/llm/prompts/code-gen-prompt.d.ts +21 -0
- package/dist/infrastructure/llm/prompts/code-gen-prompt.d.ts.map +1 -0
- package/dist/infrastructure/llm/prompts/code-gen-prompt.js +78 -0
- package/dist/infrastructure/llm/prompts/code-gen-prompt.js.map +1 -0
- package/dist/infrastructure/llm/prompts/error-recovery-prompt.d.ts +24 -0
- package/dist/infrastructure/llm/prompts/error-recovery-prompt.d.ts.map +1 -0
- package/dist/infrastructure/llm/prompts/error-recovery-prompt.js +70 -0
- package/dist/infrastructure/llm/prompts/error-recovery-prompt.js.map +1 -0
- package/dist/infrastructure/llm/prompts/index.d.ts +4 -0
- package/dist/infrastructure/llm/prompts/index.d.ts.map +1 -0
- package/dist/infrastructure/llm/prompts/index.js +4 -0
- package/dist/infrastructure/llm/prompts/index.js.map +1 -0
- package/dist/infrastructure/llm/prompts/system-prompt.d.ts +12 -0
- package/dist/infrastructure/llm/prompts/system-prompt.d.ts.map +1 -0
- package/dist/infrastructure/llm/prompts/system-prompt.js +96 -0
- package/dist/infrastructure/llm/prompts/system-prompt.js.map +1 -0
- package/dist/infrastructure/persistence/index.d.ts +3 -0
- package/dist/infrastructure/persistence/index.d.ts.map +1 -0
- package/dist/infrastructure/persistence/index.js +3 -0
- package/dist/infrastructure/persistence/index.js.map +1 -0
- package/dist/infrastructure/persistence/memory-store.d.ts +24 -0
- package/dist/infrastructure/persistence/memory-store.d.ts.map +1 -0
- package/dist/infrastructure/persistence/memory-store.js +71 -0
- package/dist/infrastructure/persistence/memory-store.js.map +1 -0
- package/dist/infrastructure/persistence/schema.d.ts +120 -0
- package/dist/infrastructure/persistence/schema.d.ts.map +1 -0
- package/dist/infrastructure/persistence/schema.js +130 -0
- package/dist/infrastructure/persistence/schema.js.map +1 -0
- package/dist/infrastructure/sandbox/ast-validator.d.ts +23 -0
- package/dist/infrastructure/sandbox/ast-validator.d.ts.map +1 -0
- package/dist/infrastructure/sandbox/ast-validator.js +249 -0
- package/dist/infrastructure/sandbox/ast-validator.js.map +1 -0
- package/dist/infrastructure/sandbox/index.d.ts +4 -0
- package/dist/infrastructure/sandbox/index.d.ts.map +1 -0
- package/dist/infrastructure/sandbox/index.js +4 -0
- package/dist/infrastructure/sandbox/index.js.map +1 -0
- package/dist/infrastructure/sandbox/prelude/rlm_prelude.py +376 -0
- package/dist/infrastructure/sandbox/process-manager.d.ts +98 -0
- package/dist/infrastructure/sandbox/process-manager.d.ts.map +1 -0
- package/dist/infrastructure/sandbox/process-manager.js +186 -0
- package/dist/infrastructure/sandbox/process-manager.js.map +1 -0
- package/dist/infrastructure/sandbox/python-executor.d.ts +29 -0
- package/dist/infrastructure/sandbox/python-executor.d.ts.map +1 -0
- package/dist/infrastructure/sandbox/python-executor.js +182 -0
- package/dist/infrastructure/sandbox/python-executor.js.map +1 -0
- package/package.json +65 -0
- package/src/infrastructure/sandbox/prelude/rlm_prelude.py +376 -0
|
@@ -0,0 +1,120 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Drizzle schema for RLM sessions
|
|
3
|
+
*
|
|
4
|
+
* This schema can be used with Drizzle ORM to persist sessions
|
|
5
|
+
* to a database (PostgreSQL, SQLite, etc.)
|
|
6
|
+
*
|
|
7
|
+
* Usage in consuming projects (e.g., Hermes):
|
|
8
|
+
*
|
|
9
|
+
* import { rlmSessionsSchema, rlmCallsSchema } from '@cloudwarriors-ai/rlm';
|
|
10
|
+
* import { pgTable } from 'drizzle-orm/pg-core';
|
|
11
|
+
*
|
|
12
|
+
* export const rlmSessions = pgTable('rlm_sessions', rlmSessionsSchema);
|
|
13
|
+
* export const rlmCalls = pgTable('rlm_calls', rlmCallsSchema);
|
|
14
|
+
*/
|
|
15
|
+
/**
|
|
16
|
+
* Session status enum values
|
|
17
|
+
*/
|
|
18
|
+
export declare const SESSION_STATUSES: readonly ["pending", "running", "completed", "failed", "cancelled", "timeout"];
|
|
19
|
+
/**
|
|
20
|
+
* Schema definition for rlm_sessions table
|
|
21
|
+
* To be used with Drizzle's table creation
|
|
22
|
+
*/
|
|
23
|
+
export interface RLMSessionRow {
|
|
24
|
+
id: string;
|
|
25
|
+
query: string;
|
|
26
|
+
status: (typeof SESSION_STATUSES)[number];
|
|
27
|
+
currentDepth: number;
|
|
28
|
+
configJson: string;
|
|
29
|
+
contextJson: string;
|
|
30
|
+
totalTokens: number;
|
|
31
|
+
costUsd: number;
|
|
32
|
+
llmCalls: number;
|
|
33
|
+
recursiveCalls: number;
|
|
34
|
+
maxDepthReached: number;
|
|
35
|
+
executionTimeMs: number;
|
|
36
|
+
traceJson: string;
|
|
37
|
+
createdAt: Date;
|
|
38
|
+
startedAt: Date | null;
|
|
39
|
+
completedAt: Date | null;
|
|
40
|
+
resultJson: string | null;
|
|
41
|
+
error: string | null;
|
|
42
|
+
cancellationRequested: boolean;
|
|
43
|
+
}
|
|
44
|
+
/**
|
|
45
|
+
* Schema definition for rlm_calls table (individual LLM calls)
|
|
46
|
+
*/
|
|
47
|
+
export interface RLMCallRow {
|
|
48
|
+
id: string;
|
|
49
|
+
sessionId: string;
|
|
50
|
+
parentCallId: string | null;
|
|
51
|
+
depth: number;
|
|
52
|
+
query: string;
|
|
53
|
+
contextSize: number;
|
|
54
|
+
model: string;
|
|
55
|
+
promptTokens: number;
|
|
56
|
+
completionTokens: number;
|
|
57
|
+
totalTokens: number;
|
|
58
|
+
cost: number;
|
|
59
|
+
generatedCode: string | null;
|
|
60
|
+
codeExecutionSuccess: boolean | null;
|
|
61
|
+
codeOutput: string | null;
|
|
62
|
+
codeError: string | null;
|
|
63
|
+
result: string | null;
|
|
64
|
+
error: string | null;
|
|
65
|
+
startedAt: Date;
|
|
66
|
+
completedAt: Date | null;
|
|
67
|
+
executionTimeMs: number | null;
|
|
68
|
+
}
|
|
69
|
+
/**
|
|
70
|
+
* Column definitions for use with Drizzle
|
|
71
|
+
* These can be spread into a pgTable or sqliteTable call
|
|
72
|
+
*/
|
|
73
|
+
export declare const rlmSessionColumns: {
|
|
74
|
+
readonly id: "text(\"id\").primaryKey()";
|
|
75
|
+
readonly query: "text(\"query\").notNull()";
|
|
76
|
+
readonly status: "text(\"status\").notNull().$type<SessionStatus>()";
|
|
77
|
+
readonly currentDepth: "integer(\"current_depth\").notNull().default(0)";
|
|
78
|
+
readonly configJson: "text(\"config_json\").notNull()";
|
|
79
|
+
readonly contextJson: "text(\"context_json\").notNull()";
|
|
80
|
+
readonly totalTokens: "integer(\"total_tokens\").notNull().default(0)";
|
|
81
|
+
readonly costUsd: "real(\"cost_usd\").notNull().default(0)";
|
|
82
|
+
readonly llmCalls: "integer(\"llm_calls\").notNull().default(0)";
|
|
83
|
+
readonly recursiveCalls: "integer(\"recursive_calls\").notNull().default(0)";
|
|
84
|
+
readonly maxDepthReached: "integer(\"max_depth_reached\").notNull().default(0)";
|
|
85
|
+
readonly executionTimeMs: "integer(\"execution_time_ms\").notNull().default(0)";
|
|
86
|
+
readonly traceJson: "text(\"trace_json\").notNull()";
|
|
87
|
+
readonly createdAt: "timestamp(\"created_at\").notNull().defaultNow()";
|
|
88
|
+
readonly startedAt: "timestamp(\"started_at\")";
|
|
89
|
+
readonly completedAt: "timestamp(\"completed_at\")";
|
|
90
|
+
readonly resultJson: "text(\"result_json\")";
|
|
91
|
+
readonly error: "text(\"error\")";
|
|
92
|
+
readonly cancellationRequested: "boolean(\"cancellation_requested\").notNull().default(false)";
|
|
93
|
+
};
|
|
94
|
+
export declare const rlmCallColumns: {
|
|
95
|
+
readonly id: "text(\"id\").primaryKey()";
|
|
96
|
+
readonly sessionId: "text(\"session_id\").notNull().references(() => rlmSessions.id)";
|
|
97
|
+
readonly parentCallId: "text(\"parent_call_id\")";
|
|
98
|
+
readonly depth: "integer(\"depth\").notNull()";
|
|
99
|
+
readonly query: "text(\"query\").notNull()";
|
|
100
|
+
readonly contextSize: "integer(\"context_size\").notNull()";
|
|
101
|
+
readonly model: "text(\"model\").notNull()";
|
|
102
|
+
readonly promptTokens: "integer(\"prompt_tokens\").notNull()";
|
|
103
|
+
readonly completionTokens: "integer(\"completion_tokens\").notNull()";
|
|
104
|
+
readonly totalTokens: "integer(\"total_tokens\").notNull()";
|
|
105
|
+
readonly cost: "real(\"cost\").notNull()";
|
|
106
|
+
readonly generatedCode: "text(\"generated_code\")";
|
|
107
|
+
readonly codeExecutionSuccess: "boolean(\"code_execution_success\")";
|
|
108
|
+
readonly codeOutput: "text(\"code_output\")";
|
|
109
|
+
readonly codeError: "text(\"code_error\")";
|
|
110
|
+
readonly result: "text(\"result\")";
|
|
111
|
+
readonly error: "text(\"error\")";
|
|
112
|
+
readonly startedAt: "timestamp(\"started_at\").notNull()";
|
|
113
|
+
readonly completedAt: "timestamp(\"completed_at\")";
|
|
114
|
+
readonly executionTimeMs: "integer(\"execution_time_ms\")";
|
|
115
|
+
};
|
|
116
|
+
/**
|
|
117
|
+
* SQL migration for creating RLM tables (PostgreSQL)
|
|
118
|
+
*/
|
|
119
|
+
export declare const CREATE_TABLES_SQL = "\n-- RLM Sessions table\nCREATE TABLE IF NOT EXISTS rlm_sessions (\n id TEXT PRIMARY KEY,\n query TEXT NOT NULL,\n status TEXT NOT NULL CHECK (status IN ('pending', 'running', 'completed', 'failed', 'cancelled', 'timeout')),\n current_depth INTEGER NOT NULL DEFAULT 0,\n config_json TEXT NOT NULL,\n context_json TEXT NOT NULL,\n total_tokens INTEGER NOT NULL DEFAULT 0,\n cost_usd REAL NOT NULL DEFAULT 0,\n llm_calls INTEGER NOT NULL DEFAULT 0,\n recursive_calls INTEGER NOT NULL DEFAULT 0,\n max_depth_reached INTEGER NOT NULL DEFAULT 0,\n execution_time_ms INTEGER NOT NULL DEFAULT 0,\n trace_json TEXT NOT NULL,\n created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,\n started_at TIMESTAMP,\n completed_at TIMESTAMP,\n result_json TEXT,\n error TEXT,\n cancellation_requested BOOLEAN NOT NULL DEFAULT FALSE\n);\n\n-- RLM Calls table\nCREATE TABLE IF NOT EXISTS rlm_calls (\n id TEXT PRIMARY KEY,\n session_id TEXT NOT NULL REFERENCES rlm_sessions(id) ON DELETE CASCADE,\n parent_call_id TEXT REFERENCES rlm_calls(id),\n depth INTEGER NOT NULL,\n query TEXT NOT NULL,\n context_size INTEGER NOT NULL,\n model TEXT NOT NULL,\n prompt_tokens INTEGER NOT NULL,\n completion_tokens INTEGER NOT NULL,\n total_tokens INTEGER NOT NULL,\n cost REAL NOT NULL,\n generated_code TEXT,\n code_execution_success BOOLEAN,\n code_output TEXT,\n code_error TEXT,\n result TEXT,\n error TEXT,\n started_at TIMESTAMP NOT NULL,\n completed_at TIMESTAMP,\n execution_time_ms INTEGER\n);\n\n-- Indexes\nCREATE INDEX IF NOT EXISTS idx_rlm_sessions_status ON rlm_sessions(status);\nCREATE INDEX IF NOT EXISTS idx_rlm_sessions_created_at ON rlm_sessions(created_at DESC);\nCREATE INDEX IF NOT EXISTS idx_rlm_calls_session_id ON rlm_calls(session_id);\nCREATE INDEX IF NOT EXISTS idx_rlm_calls_parent_id ON rlm_calls(parent_call_id);\n";
|
|
120
|
+
//# sourceMappingURL=schema.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../../src/infrastructure/persistence/schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH;;GAEG;AACH,eAAO,MAAM,gBAAgB,gFAOnB,CAAC;AAEX;;;GAGG;AACH,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,CAAC,OAAO,gBAAgB,CAAC,CAAC,MAAM,CAAC,CAAC;IAC1C,YAAY,EAAE,MAAM,CAAC;IAGrB,UAAU,EAAE,MAAM,CAAC;IAGnB,WAAW,EAAE,MAAM,CAAC;IAGpB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,eAAe,EAAE,MAAM,CAAC;IAGxB,SAAS,EAAE,MAAM,CAAC;IAGlB,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,IAAI,GAAG,IAAI,CAAC;IACvB,WAAW,EAAE,IAAI,GAAG,IAAI,CAAC;IAGzB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAGrB,qBAAqB,EAAE,OAAO,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,KAAK,EAAE,MAAM,CAAC;IAGd,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IAGd,YAAY,EAAE,MAAM,CAAC;IACrB,gBAAgB,EAAE,MAAM,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,MAAM,CAAC;IAGb,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,oBAAoB,EAAE,OAAO,GAAG,IAAI,CAAC;IACrC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IAGzB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAGrB,SAAS,EAAE,IAAI,CAAC;IAChB,WAAW,EAAE,IAAI,GAAG,IAAI,CAAC;IACzB,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;CAChC;AAED;;;GAGG;AACH,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;CAoBpB,CAAC;AAEX,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;CAqBjB,CAAC;AAEX;;GAEG;AACH,eAAO,MAAM,iBAAiB,s0DAqD7B,CAAC"}
|
|
@@ -0,0 +1,130 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Drizzle schema for RLM sessions
|
|
3
|
+
*
|
|
4
|
+
* This schema can be used with Drizzle ORM to persist sessions
|
|
5
|
+
* to a database (PostgreSQL, SQLite, etc.)
|
|
6
|
+
*
|
|
7
|
+
* Usage in consuming projects (e.g., Hermes):
|
|
8
|
+
*
|
|
9
|
+
* import { rlmSessionsSchema, rlmCallsSchema } from '@cloudwarriors-ai/rlm';
|
|
10
|
+
* import { pgTable } from 'drizzle-orm/pg-core';
|
|
11
|
+
*
|
|
12
|
+
* export const rlmSessions = pgTable('rlm_sessions', rlmSessionsSchema);
|
|
13
|
+
* export const rlmCalls = pgTable('rlm_calls', rlmCallsSchema);
|
|
14
|
+
*/
|
|
15
|
+
/**
|
|
16
|
+
* Session status enum values
|
|
17
|
+
*/
|
|
18
|
+
export const SESSION_STATUSES = [
|
|
19
|
+
'pending',
|
|
20
|
+
'running',
|
|
21
|
+
'completed',
|
|
22
|
+
'failed',
|
|
23
|
+
'cancelled',
|
|
24
|
+
'timeout',
|
|
25
|
+
];
|
|
26
|
+
/**
|
|
27
|
+
* Column definitions for use with Drizzle
|
|
28
|
+
* These can be spread into a pgTable or sqliteTable call
|
|
29
|
+
*/
|
|
30
|
+
export const rlmSessionColumns = {
|
|
31
|
+
id: 'text("id").primaryKey()',
|
|
32
|
+
query: 'text("query").notNull()',
|
|
33
|
+
status: 'text("status").notNull().$type<SessionStatus>()',
|
|
34
|
+
currentDepth: 'integer("current_depth").notNull().default(0)',
|
|
35
|
+
configJson: 'text("config_json").notNull()',
|
|
36
|
+
contextJson: 'text("context_json").notNull()',
|
|
37
|
+
totalTokens: 'integer("total_tokens").notNull().default(0)',
|
|
38
|
+
costUsd: 'real("cost_usd").notNull().default(0)',
|
|
39
|
+
llmCalls: 'integer("llm_calls").notNull().default(0)',
|
|
40
|
+
recursiveCalls: 'integer("recursive_calls").notNull().default(0)',
|
|
41
|
+
maxDepthReached: 'integer("max_depth_reached").notNull().default(0)',
|
|
42
|
+
executionTimeMs: 'integer("execution_time_ms").notNull().default(0)',
|
|
43
|
+
traceJson: 'text("trace_json").notNull()',
|
|
44
|
+
createdAt: 'timestamp("created_at").notNull().defaultNow()',
|
|
45
|
+
startedAt: 'timestamp("started_at")',
|
|
46
|
+
completedAt: 'timestamp("completed_at")',
|
|
47
|
+
resultJson: 'text("result_json")',
|
|
48
|
+
error: 'text("error")',
|
|
49
|
+
cancellationRequested: 'boolean("cancellation_requested").notNull().default(false)',
|
|
50
|
+
};
|
|
51
|
+
export const rlmCallColumns = {
|
|
52
|
+
id: 'text("id").primaryKey()',
|
|
53
|
+
sessionId: 'text("session_id").notNull().references(() => rlmSessions.id)',
|
|
54
|
+
parentCallId: 'text("parent_call_id")',
|
|
55
|
+
depth: 'integer("depth").notNull()',
|
|
56
|
+
query: 'text("query").notNull()',
|
|
57
|
+
contextSize: 'integer("context_size").notNull()',
|
|
58
|
+
model: 'text("model").notNull()',
|
|
59
|
+
promptTokens: 'integer("prompt_tokens").notNull()',
|
|
60
|
+
completionTokens: 'integer("completion_tokens").notNull()',
|
|
61
|
+
totalTokens: 'integer("total_tokens").notNull()',
|
|
62
|
+
cost: 'real("cost").notNull()',
|
|
63
|
+
generatedCode: 'text("generated_code")',
|
|
64
|
+
codeExecutionSuccess: 'boolean("code_execution_success")',
|
|
65
|
+
codeOutput: 'text("code_output")',
|
|
66
|
+
codeError: 'text("code_error")',
|
|
67
|
+
result: 'text("result")',
|
|
68
|
+
error: 'text("error")',
|
|
69
|
+
startedAt: 'timestamp("started_at").notNull()',
|
|
70
|
+
completedAt: 'timestamp("completed_at")',
|
|
71
|
+
executionTimeMs: 'integer("execution_time_ms")',
|
|
72
|
+
};
|
|
73
|
+
/**
|
|
74
|
+
* SQL migration for creating RLM tables (PostgreSQL)
|
|
75
|
+
*/
|
|
76
|
+
export const CREATE_TABLES_SQL = `
|
|
77
|
+
-- RLM Sessions table
|
|
78
|
+
CREATE TABLE IF NOT EXISTS rlm_sessions (
|
|
79
|
+
id TEXT PRIMARY KEY,
|
|
80
|
+
query TEXT NOT NULL,
|
|
81
|
+
status TEXT NOT NULL CHECK (status IN ('pending', 'running', 'completed', 'failed', 'cancelled', 'timeout')),
|
|
82
|
+
current_depth INTEGER NOT NULL DEFAULT 0,
|
|
83
|
+
config_json TEXT NOT NULL,
|
|
84
|
+
context_json TEXT NOT NULL,
|
|
85
|
+
total_tokens INTEGER NOT NULL DEFAULT 0,
|
|
86
|
+
cost_usd REAL NOT NULL DEFAULT 0,
|
|
87
|
+
llm_calls INTEGER NOT NULL DEFAULT 0,
|
|
88
|
+
recursive_calls INTEGER NOT NULL DEFAULT 0,
|
|
89
|
+
max_depth_reached INTEGER NOT NULL DEFAULT 0,
|
|
90
|
+
execution_time_ms INTEGER NOT NULL DEFAULT 0,
|
|
91
|
+
trace_json TEXT NOT NULL,
|
|
92
|
+
created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
|
93
|
+
started_at TIMESTAMP,
|
|
94
|
+
completed_at TIMESTAMP,
|
|
95
|
+
result_json TEXT,
|
|
96
|
+
error TEXT,
|
|
97
|
+
cancellation_requested BOOLEAN NOT NULL DEFAULT FALSE
|
|
98
|
+
);
|
|
99
|
+
|
|
100
|
+
-- RLM Calls table
|
|
101
|
+
CREATE TABLE IF NOT EXISTS rlm_calls (
|
|
102
|
+
id TEXT PRIMARY KEY,
|
|
103
|
+
session_id TEXT NOT NULL REFERENCES rlm_sessions(id) ON DELETE CASCADE,
|
|
104
|
+
parent_call_id TEXT REFERENCES rlm_calls(id),
|
|
105
|
+
depth INTEGER NOT NULL,
|
|
106
|
+
query TEXT NOT NULL,
|
|
107
|
+
context_size INTEGER NOT NULL,
|
|
108
|
+
model TEXT NOT NULL,
|
|
109
|
+
prompt_tokens INTEGER NOT NULL,
|
|
110
|
+
completion_tokens INTEGER NOT NULL,
|
|
111
|
+
total_tokens INTEGER NOT NULL,
|
|
112
|
+
cost REAL NOT NULL,
|
|
113
|
+
generated_code TEXT,
|
|
114
|
+
code_execution_success BOOLEAN,
|
|
115
|
+
code_output TEXT,
|
|
116
|
+
code_error TEXT,
|
|
117
|
+
result TEXT,
|
|
118
|
+
error TEXT,
|
|
119
|
+
started_at TIMESTAMP NOT NULL,
|
|
120
|
+
completed_at TIMESTAMP,
|
|
121
|
+
execution_time_ms INTEGER
|
|
122
|
+
);
|
|
123
|
+
|
|
124
|
+
-- Indexes
|
|
125
|
+
CREATE INDEX IF NOT EXISTS idx_rlm_sessions_status ON rlm_sessions(status);
|
|
126
|
+
CREATE INDEX IF NOT EXISTS idx_rlm_sessions_created_at ON rlm_sessions(created_at DESC);
|
|
127
|
+
CREATE INDEX IF NOT EXISTS idx_rlm_calls_session_id ON rlm_calls(session_id);
|
|
128
|
+
CREATE INDEX IF NOT EXISTS idx_rlm_calls_parent_id ON rlm_calls(parent_call_id);
|
|
129
|
+
`;
|
|
130
|
+
//# sourceMappingURL=schema.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"schema.js","sourceRoot":"","sources":["../../../src/infrastructure/persistence/schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,SAAS;IACT,SAAS;IACT,WAAW;IACX,QAAQ;IACR,WAAW;IACX,SAAS;CACD,CAAC;AA8EX;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,EAAE,EAAE,yBAAyB;IAC7B,KAAK,EAAE,yBAAyB;IAChC,MAAM,EAAE,iDAAiD;IACzD,YAAY,EAAE,+CAA+C;IAC7D,UAAU,EAAE,+BAA+B;IAC3C,WAAW,EAAE,gCAAgC;IAC7C,WAAW,EAAE,8CAA8C;IAC3D,OAAO,EAAE,uCAAuC;IAChD,QAAQ,EAAE,2CAA2C;IACrD,cAAc,EAAE,iDAAiD;IACjE,eAAe,EAAE,mDAAmD;IACpE,eAAe,EAAE,mDAAmD;IACpE,SAAS,EAAE,8BAA8B;IACzC,SAAS,EAAE,gDAAgD;IAC3D,SAAS,EAAE,yBAAyB;IACpC,WAAW,EAAE,2BAA2B;IACxC,UAAU,EAAE,qBAAqB;IACjC,KAAK,EAAE,eAAe;IACtB,qBAAqB,EAAE,4DAA4D;CAC3E,CAAC;AAEX,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,EAAE,EAAE,yBAAyB;IAC7B,SAAS,EAAE,+DAA+D;IAC1E,YAAY,EAAE,wBAAwB;IACtC,KAAK,EAAE,4BAA4B;IACnC,KAAK,EAAE,yBAAyB;IAChC,WAAW,EAAE,mCAAmC;IAChD,KAAK,EAAE,yBAAyB;IAChC,YAAY,EAAE,oCAAoC;IAClD,gBAAgB,EAAE,wCAAwC;IAC1D,WAAW,EAAE,mCAAmC;IAChD,IAAI,EAAE,wBAAwB;IAC9B,aAAa,EAAE,wBAAwB;IACvC,oBAAoB,EAAE,mCAAmC;IACzD,UAAU,EAAE,qBAAqB;IACjC,SAAS,EAAE,oBAAoB;IAC/B,MAAM,EAAE,gBAAgB;IACxB,KAAK,EAAE,eAAe;IACtB,SAAS,EAAE,mCAAmC;IAC9C,WAAW,EAAE,2BAA2B;IACxC,eAAe,EAAE,8BAA8B;CACvC,CAAC;AAEX;;GAEG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAqDhC,CAAC"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import type { ValidationResult } from '../../domain/interfaces/code-executor.js';
|
|
2
|
+
/**
|
|
3
|
+
* AST-based code validator for Python
|
|
4
|
+
* Note: This is a heuristic validator using regex patterns.
|
|
5
|
+
* For production use, consider using a real Python AST parser.
|
|
6
|
+
*/
|
|
7
|
+
export declare class ASTValidator {
|
|
8
|
+
private readonly strictMode;
|
|
9
|
+
constructor(strictMode?: boolean);
|
|
10
|
+
/**
|
|
11
|
+
* Validate Python code for safety
|
|
12
|
+
*/
|
|
13
|
+
validate(code: string): ValidationResult;
|
|
14
|
+
private checkImports;
|
|
15
|
+
private checkBuiltins;
|
|
16
|
+
private checkAttributes;
|
|
17
|
+
private checkFileSystemAccess;
|
|
18
|
+
private checkNetworkAccess;
|
|
19
|
+
private checkShellExecution;
|
|
20
|
+
private checkInfiniteLoopRisk;
|
|
21
|
+
private createError;
|
|
22
|
+
}
|
|
23
|
+
//# sourceMappingURL=ast-validator.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ast-validator.d.ts","sourceRoot":"","sources":["../../../src/infrastructure/sandbox/ast-validator.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAwC,MAAM,0CAA0C,CAAC;AAkHvH;;;;GAIG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAU;gBAEzB,UAAU,UAAO;IAI7B;;OAEG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,gBAAgB;IAyCxC,OAAO,CAAC,YAAY;IAwBpB,OAAO,CAAC,aAAa;IASrB,OAAO,CAAC,eAAe;IAQvB,OAAO,CAAC,qBAAqB;IAsB7B,OAAO,CAAC,kBAAkB;IAkB1B,OAAO,CAAC,mBAAmB;IAkB3B,OAAO,CAAC,qBAAqB;IAI7B,OAAO,CAAC,WAAW;CAQpB"}
|
|
@@ -0,0 +1,249 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Forbidden module imports
|
|
3
|
+
*/
|
|
4
|
+
const FORBIDDEN_IMPORTS = new Set([
|
|
5
|
+
'os',
|
|
6
|
+
'sys',
|
|
7
|
+
'subprocess',
|
|
8
|
+
'socket',
|
|
9
|
+
'requests',
|
|
10
|
+
'urllib',
|
|
11
|
+
'http',
|
|
12
|
+
'ftplib',
|
|
13
|
+
'smtplib',
|
|
14
|
+
'telnetlib',
|
|
15
|
+
'shutil',
|
|
16
|
+
'pathlib',
|
|
17
|
+
'glob',
|
|
18
|
+
'tempfile',
|
|
19
|
+
'pickle',
|
|
20
|
+
'marshal',
|
|
21
|
+
'shelve',
|
|
22
|
+
'dbm',
|
|
23
|
+
'sqlite3',
|
|
24
|
+
'ctypes',
|
|
25
|
+
'multiprocessing',
|
|
26
|
+
'threading',
|
|
27
|
+
'asyncio',
|
|
28
|
+
'signal',
|
|
29
|
+
'resource',
|
|
30
|
+
'pty',
|
|
31
|
+
'tty',
|
|
32
|
+
'termios',
|
|
33
|
+
'fcntl',
|
|
34
|
+
'pipes',
|
|
35
|
+
'posix',
|
|
36
|
+
'pwd',
|
|
37
|
+
'grp',
|
|
38
|
+
'crypt',
|
|
39
|
+
'spwd',
|
|
40
|
+
'syslog',
|
|
41
|
+
]);
|
|
42
|
+
/**
|
|
43
|
+
* Allowed module imports
|
|
44
|
+
*/
|
|
45
|
+
const ALLOWED_IMPORTS = new Set([
|
|
46
|
+
'json',
|
|
47
|
+
're',
|
|
48
|
+
'collections',
|
|
49
|
+
'itertools',
|
|
50
|
+
'functools',
|
|
51
|
+
'math',
|
|
52
|
+
'random',
|
|
53
|
+
'string',
|
|
54
|
+
'textwrap',
|
|
55
|
+
'difflib',
|
|
56
|
+
'heapq',
|
|
57
|
+
'bisect',
|
|
58
|
+
'copy',
|
|
59
|
+
'pprint',
|
|
60
|
+
'typing',
|
|
61
|
+
'dataclasses',
|
|
62
|
+
'enum',
|
|
63
|
+
]);
|
|
64
|
+
/**
|
|
65
|
+
* Forbidden built-in functions
|
|
66
|
+
*/
|
|
67
|
+
const FORBIDDEN_BUILTINS = new Set([
|
|
68
|
+
'exec',
|
|
69
|
+
'eval',
|
|
70
|
+
'compile',
|
|
71
|
+
'__import__',
|
|
72
|
+
'open',
|
|
73
|
+
'input',
|
|
74
|
+
'breakpoint',
|
|
75
|
+
'memoryview',
|
|
76
|
+
'globals',
|
|
77
|
+
'locals',
|
|
78
|
+
'vars',
|
|
79
|
+
'dir',
|
|
80
|
+
'getattr',
|
|
81
|
+
'setattr',
|
|
82
|
+
'delattr',
|
|
83
|
+
'hasattr',
|
|
84
|
+
]);
|
|
85
|
+
/**
|
|
86
|
+
* Forbidden attribute access patterns
|
|
87
|
+
*/
|
|
88
|
+
const FORBIDDEN_ATTRIBUTES = [
|
|
89
|
+
'__class__',
|
|
90
|
+
'__bases__',
|
|
91
|
+
'__subclasses__',
|
|
92
|
+
'__mro__',
|
|
93
|
+
'__globals__',
|
|
94
|
+
'__code__',
|
|
95
|
+
'__builtins__',
|
|
96
|
+
'__import__',
|
|
97
|
+
'__loader__',
|
|
98
|
+
'__spec__',
|
|
99
|
+
];
|
|
100
|
+
/**
|
|
101
|
+
* Patterns that might indicate infinite loops
|
|
102
|
+
*/
|
|
103
|
+
const INFINITE_LOOP_PATTERNS = [
|
|
104
|
+
/while\s+True\s*:/,
|
|
105
|
+
/while\s+1\s*:/,
|
|
106
|
+
/for\s+\w+\s+in\s+iter\s*\(/,
|
|
107
|
+
];
|
|
108
|
+
/**
|
|
109
|
+
* AST-based code validator for Python
|
|
110
|
+
* Note: This is a heuristic validator using regex patterns.
|
|
111
|
+
* For production use, consider using a real Python AST parser.
|
|
112
|
+
*/
|
|
113
|
+
export class ASTValidator {
|
|
114
|
+
strictMode;
|
|
115
|
+
constructor(strictMode = true) {
|
|
116
|
+
this.strictMode = strictMode;
|
|
117
|
+
}
|
|
118
|
+
/**
|
|
119
|
+
* Validate Python code for safety
|
|
120
|
+
*/
|
|
121
|
+
validate(code) {
|
|
122
|
+
const errors = [];
|
|
123
|
+
const warnings = [];
|
|
124
|
+
const lines = code.split('\n');
|
|
125
|
+
for (let lineNum = 0; lineNum < lines.length; lineNum++) {
|
|
126
|
+
const line = lines[lineNum];
|
|
127
|
+
const lineNumber = lineNum + 1;
|
|
128
|
+
// Check imports
|
|
129
|
+
this.checkImports(line, lineNumber, errors);
|
|
130
|
+
// Check forbidden builtins
|
|
131
|
+
this.checkBuiltins(line, lineNumber, errors);
|
|
132
|
+
// Check forbidden attributes
|
|
133
|
+
this.checkAttributes(line, lineNumber, errors);
|
|
134
|
+
// Check for file system access
|
|
135
|
+
this.checkFileSystemAccess(line, lineNumber, errors);
|
|
136
|
+
// Check for network access
|
|
137
|
+
this.checkNetworkAccess(line, lineNumber, errors);
|
|
138
|
+
// Check for shell execution
|
|
139
|
+
this.checkShellExecution(line, lineNumber, errors);
|
|
140
|
+
// Check for infinite loops (warning only)
|
|
141
|
+
if (this.checkInfiniteLoopRisk(line)) {
|
|
142
|
+
warnings.push(`Line ${lineNumber}: Potential infinite loop pattern detected`);
|
|
143
|
+
}
|
|
144
|
+
}
|
|
145
|
+
return {
|
|
146
|
+
valid: errors.length === 0,
|
|
147
|
+
errors,
|
|
148
|
+
warnings,
|
|
149
|
+
};
|
|
150
|
+
}
|
|
151
|
+
checkImports(line, lineNumber, errors) {
|
|
152
|
+
// Check 'import X' pattern
|
|
153
|
+
const importMatch = line.match(/^\s*import\s+(\w+)/);
|
|
154
|
+
if (importMatch) {
|
|
155
|
+
const moduleName = importMatch[1];
|
|
156
|
+
if (FORBIDDEN_IMPORTS.has(moduleName)) {
|
|
157
|
+
errors.push(this.createError(lineNumber, 0, `Forbidden import: ${moduleName}`, 'FORBIDDEN_IMPORT'));
|
|
158
|
+
}
|
|
159
|
+
else if (this.strictMode && !ALLOWED_IMPORTS.has(moduleName)) {
|
|
160
|
+
errors.push(this.createError(lineNumber, 0, `Import not in allowlist: ${moduleName}`, 'FORBIDDEN_IMPORT'));
|
|
161
|
+
}
|
|
162
|
+
}
|
|
163
|
+
// Check 'from X import Y' pattern
|
|
164
|
+
const fromImportMatch = line.match(/^\s*from\s+(\w+)/);
|
|
165
|
+
if (fromImportMatch) {
|
|
166
|
+
const moduleName = fromImportMatch[1];
|
|
167
|
+
if (FORBIDDEN_IMPORTS.has(moduleName)) {
|
|
168
|
+
errors.push(this.createError(lineNumber, 0, `Forbidden import: ${moduleName}`, 'FORBIDDEN_IMPORT'));
|
|
169
|
+
}
|
|
170
|
+
else if (this.strictMode && !ALLOWED_IMPORTS.has(moduleName)) {
|
|
171
|
+
errors.push(this.createError(lineNumber, 0, `Import not in allowlist: ${moduleName}`, 'FORBIDDEN_IMPORT'));
|
|
172
|
+
}
|
|
173
|
+
}
|
|
174
|
+
}
|
|
175
|
+
checkBuiltins(line, lineNumber, errors) {
|
|
176
|
+
for (const builtin of FORBIDDEN_BUILTINS) {
|
|
177
|
+
const pattern = new RegExp(`\\b${builtin}\\s*\\(`);
|
|
178
|
+
if (pattern.test(line)) {
|
|
179
|
+
errors.push(this.createError(lineNumber, 0, `Forbidden builtin: ${builtin}()`, 'FORBIDDEN_BUILTIN'));
|
|
180
|
+
}
|
|
181
|
+
}
|
|
182
|
+
}
|
|
183
|
+
checkAttributes(line, lineNumber, errors) {
|
|
184
|
+
for (const attr of FORBIDDEN_ATTRIBUTES) {
|
|
185
|
+
if (line.includes(attr)) {
|
|
186
|
+
errors.push(this.createError(lineNumber, 0, `Forbidden attribute access: ${attr}`, 'FORBIDDEN_ATTRIBUTE'));
|
|
187
|
+
}
|
|
188
|
+
}
|
|
189
|
+
}
|
|
190
|
+
checkFileSystemAccess(line, lineNumber, errors) {
|
|
191
|
+
const fsPatterns = [
|
|
192
|
+
/\bopen\s*\(/,
|
|
193
|
+
/\.read\s*\(/,
|
|
194
|
+
/\.write\s*\(/,
|
|
195
|
+
/\.readlines\s*\(/,
|
|
196
|
+
/Path\s*\(/,
|
|
197
|
+
/pathlib\./,
|
|
198
|
+
];
|
|
199
|
+
for (const pattern of fsPatterns) {
|
|
200
|
+
if (pattern.test(line)) {
|
|
201
|
+
// Skip if it's a method on a known safe object
|
|
202
|
+
if (line.includes('json.') || line.includes('StringIO')) {
|
|
203
|
+
continue;
|
|
204
|
+
}
|
|
205
|
+
errors.push(this.createError(lineNumber, 0, 'File system access is not allowed', 'FILE_SYSTEM_ACCESS'));
|
|
206
|
+
break;
|
|
207
|
+
}
|
|
208
|
+
}
|
|
209
|
+
}
|
|
210
|
+
checkNetworkAccess(line, lineNumber, errors) {
|
|
211
|
+
const networkPatterns = [
|
|
212
|
+
/requests\./,
|
|
213
|
+
/urllib\./,
|
|
214
|
+
/socket\./,
|
|
215
|
+
/http\./,
|
|
216
|
+
/\.get\s*\(\s*['"]https?:/,
|
|
217
|
+
/\.post\s*\(\s*['"]https?:/,
|
|
218
|
+
];
|
|
219
|
+
for (const pattern of networkPatterns) {
|
|
220
|
+
if (pattern.test(line)) {
|
|
221
|
+
errors.push(this.createError(lineNumber, 0, 'Network access is not allowed', 'NETWORK_ACCESS'));
|
|
222
|
+
break;
|
|
223
|
+
}
|
|
224
|
+
}
|
|
225
|
+
}
|
|
226
|
+
checkShellExecution(line, lineNumber, errors) {
|
|
227
|
+
const shellPatterns = [
|
|
228
|
+
/subprocess\./,
|
|
229
|
+
/os\.system\s*\(/,
|
|
230
|
+
/os\.popen\s*\(/,
|
|
231
|
+
/os\.exec/,
|
|
232
|
+
/os\.spawn/,
|
|
233
|
+
/Popen\s*\(/,
|
|
234
|
+
];
|
|
235
|
+
for (const pattern of shellPatterns) {
|
|
236
|
+
if (pattern.test(line)) {
|
|
237
|
+
errors.push(this.createError(lineNumber, 0, 'Shell execution is not allowed', 'SHELL_EXECUTION'));
|
|
238
|
+
break;
|
|
239
|
+
}
|
|
240
|
+
}
|
|
241
|
+
}
|
|
242
|
+
checkInfiniteLoopRisk(line) {
|
|
243
|
+
return INFINITE_LOOP_PATTERNS.some((pattern) => pattern.test(line));
|
|
244
|
+
}
|
|
245
|
+
createError(line, column, message, code) {
|
|
246
|
+
return { line, column, message, code };
|
|
247
|
+
}
|
|
248
|
+
}
|
|
249
|
+
//# sourceMappingURL=ast-validator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ast-validator.js","sourceRoot":"","sources":["../../../src/infrastructure/sandbox/ast-validator.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;IAChC,IAAI;IACJ,KAAK;IACL,YAAY;IACZ,QAAQ;IACR,UAAU;IACV,QAAQ;IACR,MAAM;IACN,QAAQ;IACR,SAAS;IACT,WAAW;IACX,QAAQ;IACR,SAAS;IACT,MAAM;IACN,UAAU;IACV,QAAQ;IACR,SAAS;IACT,QAAQ;IACR,KAAK;IACL,SAAS;IACT,QAAQ;IACR,iBAAiB;IACjB,WAAW;IACX,SAAS;IACT,QAAQ;IACR,UAAU;IACV,KAAK;IACL,KAAK;IACL,SAAS;IACT,OAAO;IACP,OAAO;IACP,OAAO;IACP,KAAK;IACL,KAAK;IACL,OAAO;IACP,MAAM;IACN,QAAQ;CACT,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC;IAC9B,MAAM;IACN,IAAI;IACJ,aAAa;IACb,WAAW;IACX,WAAW;IACX,MAAM;IACN,QAAQ;IACR,QAAQ;IACR,UAAU;IACV,SAAS;IACT,OAAO;IACP,QAAQ;IACR,MAAM;IACN,QAAQ;IACR,QAAQ;IACR,aAAa;IACb,MAAM;CACP,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC;IACjC,MAAM;IACN,MAAM;IACN,SAAS;IACT,YAAY;IACZ,MAAM;IACN,OAAO;IACP,YAAY;IACZ,YAAY;IACZ,SAAS;IACT,QAAQ;IACR,MAAM;IACN,KAAK;IACL,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;CACV,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,oBAAoB,GAAG;IAC3B,WAAW;IACX,WAAW;IACX,gBAAgB;IAChB,SAAS;IACT,aAAa;IACb,UAAU;IACV,cAAc;IACd,YAAY;IACZ,YAAY;IACZ,UAAU;CACX,CAAC;AAEF;;GAEG;AACH,MAAM,sBAAsB,GAAG;IAC7B,kBAAkB;IAClB,eAAe;IACf,4BAA4B;CAC7B,CAAC;AAEF;;;;GAIG;AACH,MAAM,OAAO,YAAY;IACN,UAAU,CAAU;IAErC,YAAY,UAAU,GAAG,IAAI;QAC3B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,QAAQ,CAAC,IAAY;QACnB,MAAM,MAAM,GAAsB,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAa,EAAE,CAAC;QAE9B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAE/B,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;YACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAE,CAAC;YAC7B,MAAM,UAAU,GAAG,OAAO,GAAG,CAAC,CAAC;YAE/B,gBAAgB;YAChB,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;YAE5C,2BAA2B;YAC3B,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;YAE7C,6BAA6B;YAC7B,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;YAE/C,+BAA+B;YAC/B,IAAI,CAAC,qBAAqB,CAAC,IAAI,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;YAErD,2BAA2B;YAC3B,IAAI,CAAC,kBAAkB,CAAC,IAAI,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;YAElD,4BAA4B;YAC5B,IAAI,CAAC,mBAAmB,CAAC,IAAI,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;YAEnD,0CAA0C;YAC1C,IAAI,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrC,QAAQ,CAAC,IAAI,CAAC,QAAQ,UAAU,4CAA4C,CAAC,CAAC;YAChF,CAAC;QACH,CAAC;QAED,OAAO;YACL,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;YAC1B,MAAM;YACN,QAAQ;SACT,CAAC;IACJ,CAAC;IAEO,YAAY,CAAC,IAAY,EAAE,UAAkB,EAAE,MAAyB;QAC9E,2BAA2B;QAC3B,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;QACrD,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,UAAU,GAAG,WAAW,CAAC,CAAC,CAAE,CAAC;YACnC,IAAI,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;gBACtC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,EAAE,qBAAqB,UAAU,EAAE,EAAE,kBAAkB,CAAC,CAAC,CAAC;YACtG,CAAC;iBAAM,IAAI,IAAI,CAAC,UAAU,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC/D,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,EAAE,4BAA4B,UAAU,EAAE,EAAE,kBAAkB,CAAC,CAAC,CAAC;YAC7G,CAAC;QACH,CAAC;QAED,kCAAkC;QAClC,MAAM,eAAe,GAAG,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACvD,IAAI,eAAe,EAAE,CAAC;YACpB,MAAM,UAAU,GAAG,eAAe,CAAC,CAAC,CAAE,CAAC;YACvC,IAAI,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;gBACtC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,EAAE,qBAAqB,UAAU,EAAE,EAAE,kBAAkB,CAAC,CAAC,CAAC;YACtG,CAAC;iBAAM,IAAI,IAAI,CAAC,UAAU,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC/D,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,EAAE,4BAA4B,UAAU,EAAE,EAAE,kBAAkB,CAAC,CAAC,CAAC;YAC7G,CAAC;QACH,CAAC;IACH,CAAC;IAEO,aAAa,CAAC,IAAY,EAAE,UAAkB,EAAE,MAAyB;QAC/E,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;YACzC,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,MAAM,OAAO,SAAS,CAAC,CAAC;YACnD,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,EAAE,sBAAsB,OAAO,IAAI,EAAE,mBAAmB,CAAC,CAAC,CAAC;YACvG,CAAC;QACH,CAAC;IACH,CAAC;IAEO,eAAe,CAAC,IAAY,EAAE,UAAkB,EAAE,MAAyB;QACjF,KAAK,MAAM,IAAI,IAAI,oBAAoB,EAAE,CAAC;YACxC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,EAAE,+BAA+B,IAAI,EAAE,EAAE,qBAAqB,CAAC,CAAC,CAAC;YAC7G,CAAC;QACH,CAAC;IACH,CAAC;IAEO,qBAAqB,CAAC,IAAY,EAAE,UAAkB,EAAE,MAAyB;QACvF,MAAM,UAAU,GAAG;YACjB,aAAa;YACb,aAAa;YACb,cAAc;YACd,kBAAkB;YAClB,WAAW;YACX,WAAW;SACZ,CAAC;QAEF,KAAK,MAAM,OAAO,IAAI,UAAU,EAAE,CAAC;YACjC,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,+CAA+C;gBAC/C,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;oBACxD,SAAS;gBACX,CAAC;gBACD,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,EAAE,mCAAmC,EAAE,oBAAoB,CAAC,CAAC,CAAC;gBACxG,MAAM;YACR,CAAC;QACH,CAAC;IACH,CAAC;IAEO,kBAAkB,CAAC,IAAY,EAAE,UAAkB,EAAE,MAAyB;QACpF,MAAM,eAAe,GAAG;YACtB,YAAY;YACZ,UAAU;YACV,UAAU;YACV,QAAQ;YACR,0BAA0B;YAC1B,2BAA2B;SAC5B,CAAC;QAEF,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;YACtC,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,EAAE,+BAA+B,EAAE,gBAAgB,CAAC,CAAC,CAAC;gBAChG,MAAM;YACR,CAAC;QACH,CAAC;IACH,CAAC;IAEO,mBAAmB,CAAC,IAAY,EAAE,UAAkB,EAAE,MAAyB;QACrF,MAAM,aAAa,GAAG;YACpB,cAAc;YACd,iBAAiB;YACjB,gBAAgB;YAChB,UAAU;YACV,WAAW;YACX,YAAY;SACb,CAAC;QAEF,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;YACpC,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,EAAE,gCAAgC,EAAE,iBAAiB,CAAC,CAAC,CAAC;gBAClG,MAAM;YACR,CAAC;QACH,CAAC;IACH,CAAC;IAEO,qBAAqB,CAAC,IAAY;QACxC,OAAO,sBAAsB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IACtE,CAAC;IAEO,WAAW,CACjB,IAAY,EACZ,MAAc,EACd,OAAe,EACf,IAAyB;QAEzB,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IACzC,CAAC;CACF"}
|
|
@@ -0,0 +1,4 @@
|
|
|
1
|
+
export { ASTValidator } from './ast-validator.js';
|
|
2
|
+
export { ProcessManager, PythonProcess, type SpawnOptions, type PythonProcessCommand, } from './process-manager.js';
|
|
3
|
+
export { PythonExecutor, type PythonExecutorConfig } from './python-executor.js';
|
|
4
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/infrastructure/sandbox/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EACL,cAAc,EACd,aAAa,EACb,KAAK,YAAY,EACjB,KAAK,oBAAoB,GAC1B,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,cAAc,EAAE,KAAK,oBAAoB,EAAE,MAAM,sBAAsB,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/infrastructure/sandbox/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EACL,cAAc,EACd,aAAa,GAGd,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,cAAc,EAA6B,MAAM,sBAAsB,CAAC"}
|