@dgxo/mashadevcli 1.1.0

package/bundle/node_modules/@dgxo/mashadevcli-devtools/dist/src/_client-assets.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"_client-assets.js","sourceRoot":"","sources":["../../src/_client-assets.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,oDAAoD;AACpD,MAAM,CAAC,MAAM,UAAU,GAAG,ynBAAynB,CAAC;AACppB,MAAM,CAAC,MAAM,SAAS,GAAG,i45NAAi45N,CAAC"}

package/bundle/node_modules/@dgxo/mashadevcli-devtools/dist/src/index.d.ts

@@ -0,0 +1,48 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { EventEmitter } from 'node:events';
+import { type WebSocket } from 'ws';
+import type { NetworkLog, ConsoleLogPayload } from './types.js';
+export type { NetworkLog, ConsoleLogPayload, InspectorConsoleLog, } from './types.js';
+interface IncomingNetworkPayload extends Partial<NetworkLog> {
+    chunk?: {
+        index: number;
+        data: string;
+        timestamp: number;
+    };
+}
+export interface SessionInfo {
+    sessionId: string;
+    ws: WebSocket;
+    lastPing: number;
+}
+/**
+ * DevTools Viewer
+ *
+ * Receives logs via WebSocket from CLI sessions.
+ */
+export declare class DevTools extends EventEmitter {
+    private static instance;
+    private logs;
+    private consoleLogs;
+    private server;
+    private wss;
+    private sessions;
+    private heartbeatTimer;
+    private port;
+    private static readonly DEFAULT_PORT;
+    private static readonly MAX_PORT_RETRIES;
+    private constructor();
+    static getInstance(): DevTools;
+    addInternalConsoleLog(payload: ConsoleLogPayload, sessionId?: string, timestamp?: number): void;
+    addInternalNetworkLog(payload: IncomingNetworkPayload, sessionId?: string, timestamp?: number): void;
+    getUrl(): string;
+    getPort(): number;
+    stop(): Promise<void>;
+    start(): Promise<string>;
+    private setupWebSocketServer;
+    private handleWebSocketMessage;
+}

package/bundle/node_modules/@dgxo/mashadevcli-devtools/dist/src/index.js

@@ -0,0 +1,299 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import http from 'node:http';
+import { randomUUID } from 'node:crypto';
+import { EventEmitter } from 'node:events';
+import { WebSocketServer } from 'ws';
+import { INDEX_HTML, CLIENT_JS } from './_client-assets.js';
+/**
+ * DevTools Viewer
+ *
+ * Receives logs via WebSocket from CLI sessions.
+ */
+export class DevTools extends EventEmitter {
+    static instance;
+    logs = [];
+    consoleLogs = [];
+    server = null;
+    wss = null;
+    sessions = new Map();
+    heartbeatTimer = null;
+    port = 25417;
+    static DEFAULT_PORT = 25417;
+    static MAX_PORT_RETRIES = 10;
+    constructor() {
+        super();
+        // Each SSE client adds 3 listeners; raise the limit to avoid warnings
+        this.setMaxListeners(50);
+    }
+    static getInstance() {
+        if (!DevTools.instance) {
+            DevTools.instance = new DevTools();
+        }
+        return DevTools.instance;
+    }
+    addInternalConsoleLog(payload, sessionId, timestamp) {
+        const entry = {
+            ...payload,
+            id: randomUUID(),
+            sessionId,
+            timestamp: timestamp || Date.now(),
+        };
+        this.consoleLogs.push(entry);
+        if (this.consoleLogs.length > 5000)
+            this.consoleLogs.shift();
+        this.emit('console-update', entry);
+    }
+    addInternalNetworkLog(payload, sessionId, timestamp) {
+        if (!payload.id)
+            return;
+        const existingIndex = this.logs.findIndex((l) => l.id === payload.id);
+        if (existingIndex > -1) {
+            const existing = this.logs[existingIndex];
+            // Handle chunk accumulation
+            if (payload.chunk) {
+                const chunks = existing.chunks || [];
+                chunks.push(payload.chunk);
+                this.logs[existingIndex] = {
+                    ...existing,
+                    chunks,
+                    sessionId: sessionId || existing.sessionId,
+                };
+            }
+            else {
+                this.logs[existingIndex] = {
+                    ...existing,
+                    ...payload,
+                    sessionId: sessionId || existing.sessionId,
+                    // Drop chunks once we have the full response body — the data
+                    // is redundant and keeping both can blow past V8's string limit
+                    // when serializing the snapshot.
+                    chunks: payload.response?.body ? undefined : existing.chunks,
+                    response: payload.response
+                        ? { ...existing.response, ...payload.response }
+                        : existing.response,
+                };
+            }
+            this.emit('update', this.logs[existingIndex]);
+        }
+        else if (payload.url) {
+            // eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
+            const entry = {
+                ...payload,
+                sessionId,
+                timestamp: timestamp || Date.now(),
+                chunks: payload.chunk ? [payload.chunk] : undefined,
+            };
+            this.logs.push(entry);
+            if (this.logs.length > 2000)
+                this.logs.shift();
+            this.emit('update', entry);
+        }
+    }
+    getUrl() {
+        return `http://127.0.0.1:${this.port}`;
+    }
+    getPort() {
+        return this.port;
+    }
+    stop() {
+        return new Promise((resolve) => {
+            if (this.heartbeatTimer) {
+                clearInterval(this.heartbeatTimer);
+                this.heartbeatTimer = null;
+            }
+            if (this.wss) {
+                this.wss.close();
+                this.wss = null;
+            }
+            if (this.server) {
+                this.server.close(() => resolve());
+                this.server = null;
+            }
+            else {
+                resolve();
+            }
+            // Reset singleton so a fresh start() is possible
+            DevTools.instance = undefined;
+        });
+    }
+    start() {
+        return new Promise((resolve, reject) => {
+            if (this.server) {
+                resolve(this.getUrl());
+                return;
+            }
+            this.server = http.createServer((req, res) => {
+                // Only allow same-origin requests — the client is served from this
+                // server so cross-origin access is unnecessary and would let arbitrary
+                // websites exfiltrate logs (which may contain API keys/headers).
+                const origin = req.headers.origin;
+                if (origin) {
+                    const allowed = `http://127.0.0.1:${this.port}`;
+                    if (origin === allowed) {
+                        res.setHeader('Access-Control-Allow-Origin', allowed);
+                    }
+                }
+                // API routes
+                if (req.url === '/events') {
+                    res.writeHead(200, {
+                        'Content-Type': 'text/event-stream',
+                        'Cache-Control': 'no-cache',
+                        Connection: 'keep-alive',
+                    });
+                    // Send full snapshot on connect
+                    const snapshot = JSON.stringify({
+                        networkLogs: this.logs,
+                        consoleLogs: this.consoleLogs,
+                        sessions: Array.from(this.sessions.keys()),
+                    });
+                    res.write(`event: snapshot\ndata: ${snapshot}\n\n`);
+                    // Incremental updates
+                    const onNetwork = (log) => {
+                        res.write(`event: network\ndata: ${JSON.stringify(log)}\n\n`);
+                    };
+                    const onConsole = (log) => {
+                        res.write(`event: console\ndata: ${JSON.stringify(log)}\n\n`);
+                    };
+                    const onSession = () => {
+                        const sessions = Array.from(this.sessions.keys());
+                        res.write(`event: session\ndata: ${JSON.stringify(sessions)}\n\n`);
+                    };
+                    this.on('update', onNetwork);
+                    this.on('console-update', onConsole);
+                    this.on('session-update', onSession);
+                    req.on('close', () => {
+                        this.off('update', onNetwork);
+                        this.off('console-update', onConsole);
+                        this.off('session-update', onSession);
+                    });
+                }
+                else if (req.url === '/' || req.url === '/index.html') {
+                    res.writeHead(200, { 'Content-Type': 'text/html' });
+                    res.end(INDEX_HTML);
+                }
+                else if (req.url === '/assets/main.js') {
+                    res.writeHead(200, { 'Content-Type': 'application/javascript' });
+                    res.end(CLIENT_JS);
+                }
+                else {
+                    res.writeHead(404);
+                    res.end('Not Found');
+                }
+            });
+            this.server.on('error', (e) => {
+                if (typeof e === 'object' &&
+                    e !== null &&
+                    'code' in e &&
+                    e.code === 'EADDRINUSE') {
+                    if (this.port - DevTools.DEFAULT_PORT >= DevTools.MAX_PORT_RETRIES) {
+                        reject(new Error(`DevTools: all ports ${DevTools.DEFAULT_PORT}–${this.port} in use`));
+                        return;
+                    }
+                    this.port++;
+                    this.server?.listen(this.port, '127.0.0.1');
+                }
+                else {
+                    reject(e instanceof Error ? e : new Error(String(e)));
+                }
+            });
+            this.server.listen(this.port, '127.0.0.1', () => {
+                this.setupWebSocketServer();
+                resolve(this.getUrl());
+            });
+        });
+    }
+    setupWebSocketServer() {
+        if (!this.server)
+            return;
+        this.wss = new WebSocketServer({ server: this.server, path: '/ws' });
+        this.wss.on('connection', (ws) => {
+            let sessionId = null;
+            ws.on('message', (data) => {
+                try {
+                    // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
+                    const message = JSON.parse(data.toString());
+                    // Handle registration first
+                    if (message.type === 'register') {
+                        sessionId = String(message.sessionId);
+                        if (!sessionId)
+                            return;
+                        this.sessions.set(sessionId, {
+                            sessionId,
+                            ws,
+                            lastPing: Date.now(),
+                        });
+                        // Notify session update
+                        this.emit('session-update');
+                        // Send registration acknowledgement
+                        ws.send(JSON.stringify({
+                            type: 'registered',
+                            sessionId,
+                            timestamp: Date.now(),
+                        }));
+                    }
+                    else if (sessionId) {
+                        this.handleWebSocketMessage(sessionId, message);
+                    }
+                }
+                catch {
+                    // Invalid WebSocket message
+                }
+            });
+            ws.on('close', () => {
+                if (sessionId) {
+                    this.sessions.delete(sessionId);
+                    this.emit('session-update');
+                }
+            });
+            ws.on('error', () => {
+                // WebSocket error — no action needed
+            });
+        });
+        // Heartbeat mechanism
+        this.heartbeatTimer = setInterval(() => {
+            const now = Date.now();
+            this.sessions.forEach((session, sessionId) => {
+                if (now - session.lastPing > 30000) {
+                    session.ws.close();
+                    this.sessions.delete(sessionId);
+                }
+                else {
+                    // Send ping
+                    session.ws.send(JSON.stringify({ type: 'ping', timestamp: now }));
+                }
+            });
+        }, 10000);
+        this.heartbeatTimer.unref();
+    }
+    handleWebSocketMessage(sessionId, message) {
+        const session = this.sessions.get(sessionId);
+        if (!session)
+            return;
+        switch (message['type']) {
+            case 'pong':
+                session.lastPing = Date.now();
+                break;
+            case 'console':
+                this.addInternalConsoleLog(
+                // eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
+                message['payload'], sessionId, 
+                // eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
+                message['timestamp']);
+                break;
+            case 'network':
+                this.addInternalNetworkLog(
+                // eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
+                message['payload'], sessionId, 
+                // eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
+                message['timestamp']);
+                break;
+            default:
+                break;
+        }
+    }
+}
+//# sourceMappingURL=index.js.map

package/bundle/node_modules/@dgxo/mashadevcli-devtools/dist/src/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,eAAe,EAAkB,MAAM,IAAI,CAAC;AAMrD,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAsB5D;;;;GAIG;AACH,MAAM,OAAO,QAAS,SAAQ,YAAY;IAChC,MAAM,CAAC,QAAQ,CAAuB;IACtC,IAAI,GAAiB,EAAE,CAAC;IACxB,WAAW,GAA0B,EAAE,CAAC;IACxC,MAAM,GAAuB,IAAI,CAAC;IAClC,GAAG,GAA2B,IAAI,CAAC;IACnC,QAAQ,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC1C,cAAc,GAA0B,IAAI,CAAC;IAC7C,IAAI,GAAG,KAAK,CAAC;IACb,MAAM,CAAU,YAAY,GAAG,KAAK,CAAC;IACrC,MAAM,CAAU,gBAAgB,GAAG,EAAE,CAAC;IAE9C;QACE,KAAK,EAAE,CAAC;QACR,sEAAsE;QACtE,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;IAC3B,CAAC;IAED,MAAM,CAAC,WAAW;QAChB,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;YACvB,QAAQ,CAAC,QAAQ,GAAG,IAAI,QAAQ,EAAE,CAAC;QACrC,CAAC;QACD,OAAO,QAAQ,CAAC,QAAQ,CAAC;IAC3B,CAAC;IAED,qBAAqB,CACnB,OAA0B,EAC1B,SAAkB,EAClB,SAAkB;QAElB,MAAM,KAAK,GAAwB;YACjC,GAAG,OAAO;YACV,EAAE,EAAE,UAAU,EAAE;YAChB,SAAS;YACT,SAAS,EAAE,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE;SACnC,CAAC;QACF,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC7B,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,IAAI;YAAE,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;QAC7D,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;IACrC,CAAC;IAED,qBAAqB,CACnB,OAA+B,EAC/B,SAAkB,EAClB,SAAkB;QAElB,IAAI,CAAC,OAAO,CAAC,EAAE;YAAE,OAAO;QACxB,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,OAAO,CAAC,EAAE,CAAC,CAAC;QACtE,IAAI,aAAa,GAAG,CAAC,CAAC,EAAE,CAAC;YACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAE1C,4BAA4B;YAC5B,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;gBAClB,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,IAAI,EAAE,CAAC;gBACrC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;gBAC3B,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG;oBACzB,GAAG,QAAQ;oBACX,MAAM;oBACN,SAAS,EAAE,SAAS,IAAI,QAAQ,CAAC,SAAS;iBAC3C,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG;oBACzB,GAAG,QAAQ;oBACX,GAAG,OAAO;oBACV,SAAS,EAAE,SAAS,IAAI,QAAQ,CAAC,SAAS;oBAC1C,6DAA6D;oBAC7D,gEAAgE;oBAChE,iCAAiC;oBACjC,MAAM,EAAE,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM;oBAC5D,QAAQ,EAAE,OAAO,CAAC,QAAQ;wBACxB,CAAC,CAAC,EAAE,GAAG,QAAQ,CAAC,QAAQ,EAAE,GAAG,OAAO,CAAC,QAAQ,EAAE;wBAC/C,CAAC,CAAC,QAAQ,CAAC,QAAQ;iBACR,CAAC;YAClB,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;QAChD,CAAC;aAAM,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YACvB,uEAAuE;YACvE,MAAM,KAAK,GAAG;gBACZ,GAAG,OAAO;gBACV,SAAS;gBACT,SAAS,EAAE,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE;gBAClC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS;aACtC,CAAC;YAChB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACtB,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI;gBAAE,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YAC/C,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,MAAM;QACJ,OAAO,oBAAoB,IAAI,CAAC,IAAI,EAAE,CAAC;IACzC,CAAC;IAED,OAAO;QACL,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,IAAI;QACF,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxB,aAAa,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;gBACnC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;YAC7B,CAAC;YACD,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;gBACb,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;gBACjB,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC;YAClB,CAAC;YACD,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;gBACnC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;YACrB,CAAC;iBAAM,CAAC;gBACN,OAAO,EAAE,CAAC;YACZ,CAAC;YACD,iDAAiD;YACjD,QAAQ,CAAC,QAAQ,GAAG,SAAS,CAAC;QAChC,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK;QACH,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChB,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;gBACvB,OAAO;YACT,CAAC;YACD,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;gBAC3C,mEAAmE;gBACnE,uEAAuE;gBACvE,iEAAiE;gBACjE,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC;gBAClC,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,OAAO,GAAG,oBAAoB,IAAI,CAAC,IAAI,EAAE,CAAC;oBAChD,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;wBACvB,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,OAAO,CAAC,CAAC;oBACxD,CAAC;gBACH,CAAC;gBAED,aAAa;gBACb,IAAI,GAAG,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;oBAC1B,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE;wBACjB,cAAc,EAAE,mBAAmB;wBACnC,eAAe,EAAE,UAAU;wBAC3B,UAAU,EAAE,YAAY;qBACzB,CAAC,CAAC;oBAEH,gCAAgC;oBAChC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC;wBAC9B,WAAW,EAAE,IAAI,CAAC,IAAI;wBACtB,WAAW,EAAE,IAAI,CAAC,WAAW;wBAC7B,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;qBAC3C,CAAC,CAAC;oBACH,GAAG,CAAC,KAAK,CAAC,0BAA0B,QAAQ,MAAM,CAAC,CAAC;oBAEpD,sBAAsB;oBACtB,MAAM,SAAS,GAAG,CAAC,GAAe,EAAE,EAAE;wBACpC,GAAG,CAAC,KAAK,CAAC,yBAAyB,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;oBAChE,CAAC,CAAC;oBACF,MAAM,SAAS,GAAG,CAAC,GAAwB,EAAE,EAAE;wBAC7C,GAAG,CAAC,KAAK,CAAC,yBAAyB,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;oBAChE,CAAC,CAAC;oBACF,MAAM,SAAS,GAAG,GAAG,EAAE;wBACrB,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;wBAClD,GAAG,CAAC,KAAK,CAAC,yBAAyB,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;oBACrE,CAAC,CAAC;oBACF,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;oBAC7B,IAAI,CAAC,EAAE,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;oBACrC,IAAI,CAAC,EAAE,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;oBACrC,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;wBACnB,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;wBAC9B,IAAI,CAAC,GAAG,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;wBACtC,IAAI,CAAC,GAAG,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;oBACxC,CAAC,CAAC,CAAC;gBACL,CAAC;qBAAM,IAAI,GAAG,CAAC,GAAG,KAAK,GAAG,IAAI,GAAG,CAAC,GAAG,KAAK,aAAa,EAAE,CAAC;oBACxD,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;oBACpD,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;gBACtB,CAAC;qBAAM,IAAI,GAAG,CAAC,GAAG,KAAK,iBAAiB,EAAE,CAAC;oBACzC,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,wBAAwB,EAAE,CAAC,CAAC;oBACjE,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;gBACrB,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;oBACnB,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,CAAU,EAAE,EAAE;gBACrC,IACE,OAAO,CAAC,KAAK,QAAQ;oBACrB,CAAC,KAAK,IAAI;oBACV,MAAM,IAAI,CAAC;oBACX,CAAC,CAAC,IAAI,KAAK,YAAY,EACvB,CAAC;oBACD,IAAI,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAC,YAAY,IAAI,QAAQ,CAAC,gBAAgB,EAAE,CAAC;wBACnE,MAAM,CACJ,IAAI,KAAK,CACP,uBAAuB,QAAQ,CAAC,YAAY,IAAI,IAAI,CAAC,IAAI,SAAS,CACnE,CACF,CAAC;wBACF,OAAO;oBACT,CAAC;oBACD,IAAI,CAAC,IAAI,EAAE,CAAC;oBACZ,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;gBAC9C,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBACxD,CAAC;YACH,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,WAAW,EAAE,GAAG,EAAE;gBAC9C,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC5B,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YACzB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,oBAAoB;QAC1B,IAAI,CAAC,IAAI,CAAC,MAAM;YAAE,OAAO;QAEzB,IAAI,CAAC,GAAG,GAAG,IAAI,eAAe,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAErE,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,YAAY,EAAE,CAAC,EAAa,EAAE,EAAE;YAC1C,IAAI,SAAS,GAAkB,IAAI,CAAC;YAEpC,EAAE,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,IAAY,EAAE,EAAE;gBAChC,IAAI,CAAC;oBACH,mEAAmE;oBACnE,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;oBAE5C,4BAA4B;oBAC5B,IAAI,OAAO,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;wBAChC,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;wBACtC,IAAI,CAAC,SAAS;4BAAE,OAAO;wBAEvB,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,EAAE;4BAC3B,SAAS;4BACT,EAAE;4BACF,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE;yBACrB,CAAC,CAAC;wBAEH,wBAAwB;wBACxB,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;wBAE5B,oCAAoC;wBACpC,EAAE,CAAC,IAAI,CACL,IAAI,CAAC,SAAS,CAAC;4BACb,IAAI,EAAE,YAAY;4BAClB,SAAS;4BACT,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;yBACtB,CAAC,CACH,CAAC;oBACJ,CAAC;yBAAM,IAAI,SAAS,EAAE,CAAC;wBACrB,IAAI,CAAC,sBAAsB,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;oBAClD,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,4BAA4B;gBAC9B,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;gBAClB,IAAI,SAAS,EAAE,CAAC;oBACd,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;oBAChC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBAC9B,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;gBAClB,qCAAqC;YACvC,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,sBAAsB;QACtB,IAAI,CAAC,cAAc,GAAG,WAAW,CAAC,GAAG,EAAE;YACrC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,SAAS,EAAE,EAAE;gBAC3C,IAAI,GAAG,GAAG,OAAO,CAAC,QAAQ,GAAG,KAAK,EAAE,CAAC;oBACnC,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;oBACnB,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;gBAClC,CAAC;qBAAM,CAAC;oBACN,YAAY;oBACZ,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;gBACpE,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC,EAAE,KAAK,CAAC,CAAC;QACV,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,CAAC;IAC9B,CAAC;IAEO,sBAAsB,CAC5B,SAAiB,EACjB,OAAgC;QAEhC,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC7C,IAAI,CAAC,OAAO;YAAE,OAAO;QAErB,QAAQ,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YACxB,KAAK,MAAM;gBACT,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBAC9B,MAAM;YAER,KAAK,SAAS;gBACZ,IAAI,CAAC,qBAAqB;gBACxB,uEAAuE;gBACvE,OAAO,CAAC,SAAS,CAAsB,EACvC,SAAS;gBACT,uEAAuE;gBACvE,OAAO,CAAC,WAAW,CAAW,CAC/B,CAAC;gBACF,MAAM;YAER,KAAK,SAAS;gBACZ,IAAI,CAAC,qBAAqB;gBACxB,uEAAuE;gBACvE,OAAO,CAAC,SAAS,CAA2B,EAC5C,SAAS;gBACT,uEAAuE;gBACvE,OAAO,CAAC,WAAW,CAAW,CAC/B,CAAC;gBACF,MAAM;YAER;gBACE,MAAM;QACV,CAAC;IACH,CAAC"}

package/bundle/node_modules/@dgxo/mashadevcli-devtools/dist/src/types.d.ts

@@ -0,0 +1,36 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+export interface NetworkLog {
+    id: string;
+    sessionId?: string;
+    timestamp: number;
+    method: string;
+    url: string;
+    headers: Record<string, string | string[] | undefined>;
+    body?: string;
+    pending?: boolean;
+    chunks?: Array<{
+        index: number;
+        data: string;
+        timestamp: number;
+    }>;
+    response?: {
+        status: number;
+        headers: Record<string, string | string[] | undefined>;
+        body?: string;
+        durationMs: number;
+    };
+    error?: string;
+}
+export interface ConsoleLogPayload {
+    type: 'log' | 'warn' | 'error' | 'debug' | 'info';
+    content: string;
+}
+export interface InspectorConsoleLog extends ConsoleLogPayload {
+    id: string;
+    sessionId?: string;
+    timestamp: number;
+}

package/bundle/node_modules/@dgxo/mashadevcli-devtools/dist/src/types.js

@@ -0,0 +1,7 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/bundle/node_modules/@dgxo/mashadevcli-devtools/dist/src/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG"}

package/bundle/node_modules/@dgxo/mashadevcli-devtools/package.json

@@ -0,0 +1,32 @@
+{
+  "name": "@dgxo/mashadevcli-devtools",
+  "version": "1.0.0",
+  "license": "Apache-2.0",
+  "type": "module",
+  "main": "dist/src/index.js",
+  "types": "dist/src/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/src/index.d.ts",
+      "default": "./dist/src/index.js"
+    }
+  },
+  "scripts": {
+    "build": "npm run build:client && tsc -p tsconfig.build.json",
+    "build:client": "node esbuild.client.js"
+  },
+  "files": [
+    "dist",
+    "client/index.html"
+  ],
+  "engines": {
+    "node": ">=20"
+  },
+  "devDependencies": {
+    "react": "^19.2.0",
+    "react-dom": "^19.2.0"
+  },
+  "dependencies": {
+    "ws": "^8.16.0"
+  }
+}

package/bundle/policies/conseca.toml

@@ -0,0 +1,6 @@
+[[safety_checker]]
+toolName = "*"
+priority = 100
+[safety_checker.checker]
+type = "in-process"
+name = "conseca"

package/bundle/policies/discovered.toml

@@ -0,0 +1,8 @@
+# Default policy for tools discovered via toolDiscoveryCommand.
+# These tools are potentially dangerous as they are arbitrary scripts.
+# We default them to ASK_USER for safety.
+
+[[rule]]
+toolName = "discovered_tool_*"
+decision = "ask_user"
+priority = 10

package/bundle/policies/plan.toml

@@ -0,0 +1,109 @@
+# Priority system for policy rules:
+# - Higher priority numbers win over lower priority numbers
+# - When multiple rules match, the highest priority rule is applied
+# - Rules are evaluated in order of priority (highest first)
+#
+# Priority bands (tiers):
+# - Default policies (TOML): 1 + priority/1000 (e.g., priority 100 → 1.100)
+# - Extension policies (TOML): 2 + priority/1000 (e.g., priority 100 → 2.100)
+# - Workspace policies (TOML): 3 + priority/1000 (e.g., priority 100 → 3.100)
+# - User policies (TOML): 4 + priority/1000 (e.g., priority 100 → 4.100)
+# - Admin policies (TOML): 5 + priority/1000 (e.g., priority 100 → 5.100)
+#
+# This ensures Admin > User > Workspace > Extension > Default hierarchy is always preserved,
+# while allowing user-specified priorities to work within each tier.
+#
+# Settings-based and dynamic rules (all in user tier 4.x):
+#   4.95: Tools that the user has selected as "Always Allow" in the interactive UI
+#   4.9:  MCP servers excluded list (security: persistent server blocks)
+#   4.4:  Command line flag --exclude-tools (explicit temporary blocks)
+#   4.3:  Command line flag --allowed-tools (explicit temporary allows)
+#   4.2:  MCP servers with trust=true (persistent trusted servers)
+#   4.1:  MCP servers allowed list (persistent general server allows)
+#
+# TOML policy priorities (before transformation):
+#   10: Write tools default to ASK_USER (becomes 1.010 in default tier)
+#   60: Plan mode catch-all DENY override (becomes 1.060 in default tier)
+#   70: Plan mode explicit ALLOW override (becomes 1.070 in default tier)
+#   999: YOLO mode allow-all (becomes 1.999 in default tier)
+
+# Mode Transitions (into/out of Plan Mode)
+
+[[rule]]
+toolName = "enter_plan_mode"
+decision = "ask_user"
+priority = 50
+
+[[rule]]
+toolName = "enter_plan_mode"
+decision = "deny"
+priority = 70
+modes = ["plan"]
+deny_message = "You are already in Plan Mode."
+
+[[rule]]
+toolName = "exit_plan_mode"
+decision = "ask_user"
+priority = 70
+modes = ["plan"]
+
+[[rule]]
+toolName = "exit_plan_mode"
+decision = "deny"
+priority = 50
+deny_message = "You are not currently in Plan Mode. Use enter_plan_mode first to design a plan."
+
+
+# Catch-All: Deny everything by default in Plan mode.
+
+[[rule]]
+decision = "deny"
+priority = 60
+modes = ["plan"]
+deny_message = "You are in Plan Mode with access to read-only tools. Execution of scripts (including those from skills) is blocked."
+
+# Explicitly Allow Read-Only Tools in Plan mode.
+
+[[rule]]
+mcpName = "*"
+toolAnnotations = { readOnlyHint = true }
+decision = "ask_user"
+priority = 70
+modes = ["plan"]
+
+[[rule]]
+toolName = [
+  "glob",
+  "grep_search",
+  "list_directory",
+  "read_file",
+  "google_web_search",
+  "activate_skill",
+  "codebase_investigator",
+  "cli_help"
+]
+decision = "allow"
+priority = 70
+modes = ["plan"]
+
+[[rule]]
+toolName = ["ask_user", "save_memory"]
+decision = "ask_user"
+priority = 70
+modes = ["plan"]
+
+# Allow write_file and replace for .md files in the plans directory (cross-platform)
+[[rule]]
+toolName = ["write_file", "replace"]
+decision = "allow"
+priority = 70
+modes = ["plan"]
+argsPattern = "\"file_path\":\"[^\"]+[\\\\/]+\\.gemini[\\\\/]+tmp[\\\\/]+[\\w-]+[\\\\/]+[\\w-]+[\\\\/]+plans[\\\\/]+[\\w-]+\\.md\""
+
+# Explicitly Deny other write operations in Plan mode with a clear message.
+[[rule]]
+toolName = ["write_file", "replace"]
+decision = "deny"
+priority = 65
+modes = ["plan"]
+deny_message = "You are in Plan Mode and cannot modify source code. You may ONLY use write_file or replace to save plans to the designated plans directory as .md files."

package/bundle/policies/read-only.toml

@@ -0,0 +1,53 @@
+# Priority system for policy rules:
+# - Higher priority numbers win over lower priority numbers
+# - When multiple rules match, the highest priority rule is applied
+# - Rules are evaluated in order of priority (highest first)
+#
+# Priority bands (tiers):
+# - Default policies (TOML): 1 + priority/1000 (e.g., priority 100 → 1.100)
+# - Extension policies (TOML): 2 + priority/1000 (e.g., priority 100 → 2.100)
+# - Workspace policies (TOML): 3 + priority/1000 (e.g., priority 100 → 3.100)
+# - User policies (TOML): 4 + priority/1000 (e.g., priority 100 → 4.100)
+# - Admin policies (TOML): 5 + priority/1000 (e.g., priority 100 → 5.100)
+#
+# This ensures Admin > User > Workspace > Extension > Default hierarchy is always preserved,
+# while allowing user-specified priorities to work within each tier.
+#
+# Settings-based and dynamic rules (all in user tier 4.x):
+#   4.95: Tools that the user has selected as "Always Allow" in the interactive UI
+#   4.9:  MCP servers excluded list (security: persistent server blocks)
+#   4.4:  Command line flag --exclude-tools (explicit temporary blocks)
+#   4.3:  Command line flag --allowed-tools (explicit temporary allows)
+#   4.2:  MCP servers with trust=true (persistent trusted servers)
+#   4.1:  MCP servers allowed list (persistent general server allows)
+#
+# TOML policy priorities (before transformation):
+#   10: Write tools default to ASK_USER (becomes 1.010 in default tier)
+#   15: Auto-edit tool override (becomes 1.015 in default tier)
+#   50: Read-only tools (becomes 1.050 in default tier)
+#   999: YOLO mode allow-all (becomes 1.999 in default tier)
+
+[[rule]]
+toolName = "glob"
+decision = "allow"
+priority = 50
+
+[[rule]]
+toolName = "grep_search"
+decision = "allow"
+priority = 50
+
+[[rule]]
+toolName = "list_directory"
+decision = "allow"
+priority = 50
+
+[[rule]]
+toolName = "read_file"
+decision = "allow"
+priority = 50
+
+[[rule]]
+toolName = "google_web_search"
+decision = "allow"
+priority = 50