@dotsetlabs/dotclaw 1.1.0

package/dist/mount-security.js

@@ -0,0 +1,284 @@
+/**
+ * Mount Security Module for DotClaw
+ *
+ * Validates additional mounts against an allowlist stored OUTSIDE the project root.
+ * This prevents container agents from modifying security configuration.
+ *
+ * Allowlist location: ~/.config/dotclaw/mount-allowlist.json
+ */
+import os from 'os';
+import fs from 'fs';
+import path from 'path';
+import { MOUNT_ALLOWLIST_PATH } from './config.js';
+import { logger } from './logger.js';
+// Cache the allowlist in memory - only reloads on process restart
+let cachedAllowlist = null;
+let allowlistLoadError = null;
+/**
+ * Default blocked patterns - paths that should never be mounted
+ */
+const DEFAULT_BLOCKED_PATTERNS = [
+    '.ssh',
+    '.gnupg',
+    '.gpg',
+    '.aws',
+    '.azure',
+    '.gcloud',
+    '.kube',
+    '.docker',
+    'credentials',
+    '.env',
+    '.netrc',
+    '.npmrc',
+    '.pypirc',
+    'id_rsa',
+    'id_ed25519',
+    'private_key',
+    '.secret',
+];
+/**
+ * Load the mount allowlist from the external config location.
+ * Returns null if the file doesn't exist or is invalid.
+ * Result is cached in memory for the lifetime of the process.
+ */
+export function loadMountAllowlist() {
+    if (cachedAllowlist !== null) {
+        return cachedAllowlist;
+    }
+    if (allowlistLoadError !== null) {
+        // Already tried and failed, don't spam logs
+        return null;
+    }
+    try {
+        if (!fs.existsSync(MOUNT_ALLOWLIST_PATH)) {
+            allowlistLoadError = `Mount allowlist not found at ${MOUNT_ALLOWLIST_PATH}`;
+            logger.warn({ path: MOUNT_ALLOWLIST_PATH }, 'Mount allowlist not found - additional mounts will be BLOCKED. ' +
+                'Create the file to enable additional mounts.');
+            return null;
+        }
+        const content = fs.readFileSync(MOUNT_ALLOWLIST_PATH, 'utf-8');
+        const allowlist = JSON.parse(content);
+        // Validate structure
+        if (!Array.isArray(allowlist.allowedRoots)) {
+            throw new Error('allowedRoots must be an array');
+        }
+        if (!Array.isArray(allowlist.blockedPatterns)) {
+            throw new Error('blockedPatterns must be an array');
+        }
+        if (typeof allowlist.nonMainReadOnly !== 'boolean') {
+            throw new Error('nonMainReadOnly must be a boolean');
+        }
+        // Merge with default blocked patterns
+        const mergedBlockedPatterns = [
+            ...new Set([...DEFAULT_BLOCKED_PATTERNS, ...allowlist.blockedPatterns])
+        ];
+        allowlist.blockedPatterns = mergedBlockedPatterns;
+        cachedAllowlist = allowlist;
+        logger.info({
+            path: MOUNT_ALLOWLIST_PATH,
+            allowedRoots: allowlist.allowedRoots.length,
+            blockedPatterns: allowlist.blockedPatterns.length
+        }, 'Mount allowlist loaded successfully');
+        return cachedAllowlist;
+    }
+    catch (err) {
+        allowlistLoadError = err instanceof Error ? err.message : String(err);
+        logger.error({
+            path: MOUNT_ALLOWLIST_PATH,
+            error: allowlistLoadError
+        }, 'Failed to load mount allowlist - additional mounts will be BLOCKED');
+        return null;
+    }
+}
+/**
+ * Expand ~ to home directory and resolve to absolute path
+ */
+function expandPath(p) {
+    const homeDir = os.homedir();
+    if (p.startsWith('~/')) {
+        return path.join(homeDir, p.slice(2));
+    }
+    if (p === '~') {
+        return homeDir;
+    }
+    return path.resolve(p);
+}
+/**
+ * Get the real path, resolving symlinks.
+ * Returns null if the path doesn't exist.
+ */
+function getRealPath(p) {
+    try {
+        return fs.realpathSync(p);
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Check if a path matches any blocked pattern
+ */
+function matchesBlockedPattern(realPath, blockedPatterns) {
+    const pathParts = realPath.split(path.sep);
+    for (const pattern of blockedPatterns) {
+        // Check if any path component matches the pattern
+        for (const part of pathParts) {
+            if (part === pattern || part.includes(pattern)) {
+                return pattern;
+            }
+        }
+        // Also check if the full path contains the pattern
+        if (realPath.includes(pattern)) {
+            return pattern;
+        }
+    }
+    return null;
+}
+/**
+ * Check if a real path is under an allowed root
+ */
+function findAllowedRoot(realPath, allowedRoots) {
+    for (const root of allowedRoots) {
+        const expandedRoot = expandPath(root.path);
+        const realRoot = getRealPath(expandedRoot);
+        if (realRoot === null) {
+            // Allowed root doesn't exist, skip it
+            continue;
+        }
+        // Check if realPath is under realRoot
+        const relative = path.relative(realRoot, realPath);
+        if (!relative.startsWith('..') && !path.isAbsolute(relative)) {
+            return root;
+        }
+    }
+    return null;
+}
+/**
+ * Validate the container path to prevent escaping /workspace/extra/
+ */
+function isValidContainerPath(containerPath) {
+    // Must not contain .. to prevent path traversal
+    if (containerPath.includes('..')) {
+        return false;
+    }
+    // Must not be absolute (it will be prefixed with /workspace/extra/)
+    if (containerPath.startsWith('/')) {
+        return false;
+    }
+    // Must not be empty
+    if (!containerPath || containerPath.trim() === '') {
+        return false;
+    }
+    return true;
+}
+/**
+ * Validate a single additional mount against the allowlist.
+ * Returns validation result with reason.
+ */
+export function validateMount(mount, isMain) {
+    const allowlist = loadMountAllowlist();
+    // If no allowlist, block all additional mounts
+    if (allowlist === null) {
+        return {
+            allowed: false,
+            reason: `No mount allowlist configured at ${MOUNT_ALLOWLIST_PATH}`
+        };
+    }
+    // Validate container path first (cheap check)
+    if (!isValidContainerPath(mount.containerPath)) {
+        return {
+            allowed: false,
+            reason: `Invalid container path: "${mount.containerPath}" - must be relative, non-empty, and not contain ".."`
+        };
+    }
+    // Expand and resolve the host path
+    const expandedPath = expandPath(mount.hostPath);
+    const realPath = getRealPath(expandedPath);
+    if (realPath === null) {
+        return {
+            allowed: false,
+            reason: `Host path does not exist: "${mount.hostPath}" (expanded: "${expandedPath}")`
+        };
+    }
+    // Check against blocked patterns
+    const blockedMatch = matchesBlockedPattern(realPath, allowlist.blockedPatterns);
+    if (blockedMatch !== null) {
+        return {
+            allowed: false,
+            reason: `Path matches blocked pattern "${blockedMatch}": "${realPath}"`
+        };
+    }
+    // Check if under an allowed root
+    const allowedRoot = findAllowedRoot(realPath, allowlist.allowedRoots);
+    if (allowedRoot === null) {
+        return {
+            allowed: false,
+            reason: `Path "${realPath}" is not under any allowed root. Allowed roots: ${allowlist.allowedRoots.map(r => expandPath(r.path)).join(', ')}`
+        };
+    }
+    // Determine effective readonly status
+    const requestedReadWrite = mount.readonly === false;
+    let effectiveReadonly = true; // Default to readonly
+    if (requestedReadWrite) {
+        if (!isMain && allowlist.nonMainReadOnly) {
+            // Non-main groups forced to read-only
+            effectiveReadonly = true;
+            logger.info({
+                mount: mount.hostPath
+            }, 'Mount forced to read-only for non-main group');
+        }
+        else if (!allowedRoot.allowReadWrite) {
+            // Root doesn't allow read-write
+            effectiveReadonly = true;
+            logger.info({
+                mount: mount.hostPath,
+                root: allowedRoot.path
+            }, 'Mount forced to read-only - root does not allow read-write');
+        }
+        else {
+            // Read-write allowed
+            effectiveReadonly = false;
+        }
+    }
+    return {
+        allowed: true,
+        reason: `Allowed under root "${allowedRoot.path}"${allowedRoot.description ? ` (${allowedRoot.description})` : ''}`,
+        realHostPath: realPath,
+        effectiveReadonly
+    };
+}
+/**
+ * Validate all additional mounts for a group.
+ * Returns array of validated mounts (only those that passed validation).
+ * Logs warnings for rejected mounts.
+ */
+export function validateAdditionalMounts(mounts, groupName, isMain) {
+    const validatedMounts = [];
+    for (const mount of mounts) {
+        const result = validateMount(mount, isMain);
+        if (result.allowed) {
+            validatedMounts.push({
+                hostPath: result.realHostPath,
+                containerPath: `/workspace/extra/${mount.containerPath}`,
+                readonly: result.effectiveReadonly
+            });
+            logger.debug({
+                group: groupName,
+                hostPath: result.realHostPath,
+                containerPath: mount.containerPath,
+                readonly: result.effectiveReadonly,
+                reason: result.reason
+            }, 'Mount validated successfully');
+        }
+        else {
+            logger.warn({
+                group: groupName,
+                requestedPath: mount.hostPath,
+                containerPath: mount.containerPath,
+                reason: result.reason
+            }, 'Additional mount REJECTED');
+        }
+    }
+    return validatedMounts;
+}
+//# sourceMappingURL=mount-security.js.map

package/dist/mount-security.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mount-security.js","sourceRoot":"","sources":["../src/mount-security.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEnD,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAErC,kEAAkE;AAClE,IAAI,eAAe,GAA0B,IAAI,CAAC;AAClD,IAAI,kBAAkB,GAAkB,IAAI,CAAC;AAE7C;;GAEG;AACH,MAAM,wBAAwB,GAAG;IAC/B,MAAM;IACN,QAAQ;IACR,MAAM;IACN,MAAM;IACN,QAAQ;IACR,SAAS;IACT,OAAO;IACP,SAAS;IACT,aAAa;IACb,MAAM;IACN,QAAQ;IACR,QAAQ;IACR,SAAS;IACT,QAAQ;IACR,YAAY;IACZ,aAAa;IACb,SAAS;CACV,CAAC;AAEF;;;;GAIG;AACH,MAAM,UAAU,kBAAkB;IAChC,IAAI,eAAe,KAAK,IAAI,EAAE,CAAC;QAC7B,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,IAAI,kBAAkB,KAAK,IAAI,EAAE,CAAC;QAChC,4CAA4C;QAC5C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACzC,kBAAkB,GAAG,gCAAgC,oBAAoB,EAAE,CAAC;YAC5E,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,oBAAoB,EAAE,EACxC,iEAAiE;gBACjE,8CAA8C,CAAC,CAAC;YAClD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,oBAAoB,EAAE,OAAO,CAAC,CAAC;QAC/D,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAmB,CAAC;QAExD,qBAAqB;QACrB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC;YAC3C,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QACnD,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,eAAe,CAAC,EAAE,CAAC;YAC9C,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QACtD,CAAC;QAED,IAAI,OAAO,SAAS,CAAC,eAAe,KAAK,SAAS,EAAE,CAAC;YACnD,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QACvD,CAAC;QAED,sCAAsC;QACtC,MAAM,qBAAqB,GAAG;YAC5B,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,wBAAwB,EAAE,GAAG,SAAS,CAAC,eAAe,CAAC,CAAC;SACxE,CAAC;QACF,SAAS,CAAC,eAAe,GAAG,qBAAqB,CAAC;QAElD,eAAe,GAAG,SAAS,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,oBAAoB;YAC1B,YAAY,EAAE,SAAS,CAAC,YAAY,CAAC,MAAM;YAC3C,eAAe,EAAE,SAAS,CAAC,eAAe,CAAC,MAAM;SAClD,EAAE,qCAAqC,CAAC,CAAC;QAE1C,OAAO,eAAe,CAAC;IACzB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,kBAAkB,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACtE,MAAM,CAAC,KAAK,CAAC;YACX,IAAI,EAAE,oBAAoB;YAC1B,KAAK,EAAE,kBAAkB;SAC1B,EAAE,oEAAoE,CAAC,CAAC;QACzE,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,CAAS;IAC3B,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;IAC7B,IAAI,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACxC,CAAC;IACD,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;QACd,OAAO,OAAO,CAAC;IACjB,CAAC;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;AACzB,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW,CAAC,CAAS;IAC5B,IAAI,CAAC;QACH,OAAO,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,qBAAqB,CAAC,QAAgB,EAAE,eAAyB;IACxE,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAE3C,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;QACtC,kDAAkD;QAClD,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,IAAI,IAAI,KAAK,OAAO,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC/C,OAAO,OAAO,CAAC;YACjB,CAAC;QACH,CAAC;QAED,mDAAmD;QACnD,IAAI,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAC/B,OAAO,OAAO,CAAC;QACjB,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,QAAgB,EAAE,YAA2B;IACpE,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;QAChC,MAAM,YAAY,GAAG,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3C,MAAM,QAAQ,GAAG,WAAW,CAAC,YAAY,CAAC,CAAC;QAE3C,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;YACtB,sCAAsC;YACtC,SAAS;QACX,CAAC;QAED,sCAAsC;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACnD,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7D,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,aAAqB;IACjD,gDAAgD;IAChD,IAAI,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACjC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,oEAAoE;IACpE,IAAI,aAAa,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAClC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,oBAAoB;IACpB,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QAClD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AASD;;;GAGG;AACH,MAAM,UAAU,aAAa,CAC3B,KAAsB,EACtB,MAAe;IAEf,MAAM,SAAS,GAAG,kBAAkB,EAAE,CAAC;IAEvC,+CAA+C;IAC/C,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,oCAAoC,oBAAoB,EAAE;SACnE,CAAC;IACJ,CAAC;IAED,8CAA8C;IAC9C,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC;QAC/C,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,4BAA4B,KAAK,CAAC,aAAa,uDAAuD;SAC/G,CAAC;IACJ,CAAC;IAED,mCAAmC;IACnC,MAAM,YAAY,GAAG,UAAU,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IAChD,MAAM,QAAQ,GAAG,WAAW,CAAC,YAAY,CAAC,CAAC;IAE3C,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;QACtB,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,8BAA8B,KAAK,CAAC,QAAQ,iBAAiB,YAAY,IAAI;SACtF,CAAC;IACJ,CAAC;IAED,iCAAiC;IACjC,MAAM,YAAY,GAAG,qBAAqB,CAAC,QAAQ,EAAE,SAAS,CAAC,eAAe,CAAC,CAAC;IAChF,IAAI,YAAY,KAAK,IAAI,EAAE,CAAC;QAC1B,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,iCAAiC,YAAY,OAAO,QAAQ,GAAG;SACxE,CAAC;IACJ,CAAC;IAED,iCAAiC;IACjC,MAAM,WAAW,GAAG,eAAe,CAAC,QAAQ,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC;IACtE,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;QACzB,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,SAAS,QAAQ,mDACvB,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAC/D,EAAE;SACH,CAAC;IACJ,CAAC;IAED,sCAAsC;IACtC,MAAM,kBAAkB,GAAG,KAAK,CAAC,QAAQ,KAAK,KAAK,CAAC;IACpD,IAAI,iBAAiB,GAAG,IAAI,CAAC,CAAC,sBAAsB;IAEpD,IAAI,kBAAkB,EAAE,CAAC;QACvB,IAAI,CAAC,MAAM,IAAI,SAAS,CAAC,eAAe,EAAE,CAAC;YACzC,sCAAsC;YACtC,iBAAiB,GAAG,IAAI,CAAC;YACzB,MAAM,CAAC,IAAI,CAAC;gBACV,KAAK,EAAE,KAAK,CAAC,QAAQ;aACtB,EAAE,8CAA8C,CAAC,CAAC;QACrD,CAAC;aAAM,IAAI,CAAC,WAAW,CAAC,cAAc,EAAE,CAAC;YACvC,gCAAgC;YAChC,iBAAiB,GAAG,IAAI,CAAC;YACzB,MAAM,CAAC,IAAI,CAAC;gBACV,KAAK,EAAE,KAAK,CAAC,QAAQ;gBACrB,IAAI,EAAE,WAAW,CAAC,IAAI;aACvB,EAAE,4DAA4D,CAAC,CAAC;QACnE,CAAC;aAAM,CAAC;YACN,qBAAqB;YACrB,iBAAiB,GAAG,KAAK,CAAC;QAC5B,CAAC;IACH,CAAC;IAED,OAAO;QACL,OAAO,EAAE,IAAI;QACb,MAAM,EAAE,uBAAuB,WAAW,CAAC,IAAI,IAAI,WAAW,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,WAAW,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACnH,YAAY,EAAE,QAAQ;QACtB,iBAAiB;KAClB,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,wBAAwB,CACtC,MAAyB,EACzB,SAAiB,EACjB,MAAe;IAMf,MAAM,eAAe,GAIhB,EAAE,CAAC;IAER,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,MAAM,GAAG,aAAa,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAE5C,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,eAAe,CAAC,IAAI,CAAC;gBACnB,QAAQ,EAAE,MAAM,CAAC,YAAa;gBAC9B,aAAa,EAAE,oBAAoB,KAAK,CAAC,aAAa,EAAE;gBACxD,QAAQ,EAAE,MAAM,CAAC,iBAAkB;aACpC,CAAC,CAAC;YAEH,MAAM,CAAC,KAAK,CAAC;gBACX,KAAK,EAAE,SAAS;gBAChB,QAAQ,EAAE,MAAM,CAAC,YAAY;gBAC7B,aAAa,EAAE,KAAK,CAAC,aAAa;gBAClC,QAAQ,EAAE,MAAM,CAAC,iBAAiB;gBAClC,MAAM,EAAE,MAAM,CAAC,MAAM;aACtB,EAAE,8BAA8B,CAAC,CAAC;QACrC,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CAAC;gBACV,KAAK,EAAE,SAAS;gBAChB,aAAa,EAAE,KAAK,CAAC,QAAQ;gBAC7B,aAAa,EAAE,KAAK,CAAC,aAAa;gBAClC,MAAM,EAAE,MAAM,CAAC,MAAM;aACtB,EAAE,2BAA2B,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAC;AACzB,CAAC"}

package/dist/paths.d.ts

@@ -0,0 +1,80 @@
+/**
+ * Centralized path definitions for DotClaw.
+ *
+ * All runtime data is stored in DOTCLAW_HOME (defaults to ~/.dotclaw).
+ * This can be overridden via the DOTCLAW_HOME environment variable.
+ *
+ * Directory structure:
+ * ~/.dotclaw/
+ * ├── config/           # User configuration files
+ * │   ├── runtime.json
+ * │   ├── model.json
+ * │   ├── behavior.json
+ * │   ├── tool-policy.json
+ * │   └── tool-budgets.json
+ * ├── data/             # Runtime data (databases, sessions, IPC)
+ * │   ├── messages.db
+ * │   ├── memory.db
+ * │   ├── registered_groups.json
+ * │   ├── sessions/
+ * │   └── ipc/
+ * ├── groups/           # Per-group workspaces
+ * │   ├── main/
+ * │   └── global/
+ * ├── logs/             # Log files
+ * ├── traces/           # Trace files for autotune
+ * └── .env              # Environment secrets
+ */
+/**
+ * Get the DotClaw home directory.
+ * Defaults to ~/.dotclaw, can be overridden via DOTCLAW_HOME env var.
+ */
+export declare function getDotclawHome(): string;
+/**
+ * Get the package root directory (where package.json lives).
+ * This is used for finding the container build script and other package assets.
+ */
+export declare function getPackageRoot(): string;
+export declare const DOTCLAW_HOME: string;
+export declare const PACKAGE_ROOT: string;
+export declare const CONFIG_DIR: string;
+export declare const DATA_DIR: string;
+export declare const STORE_DIR: string;
+export declare const GROUPS_DIR: string;
+export declare const LOGS_DIR: string;
+export declare const TRACES_DIR: string;
+export declare const PROMPTS_DIR: string;
+export declare const ENV_PATH: string;
+export declare const RUNTIME_CONFIG_PATH: string;
+export declare const MODEL_CONFIG_PATH: string;
+export declare const BEHAVIOR_CONFIG_PATH: string;
+export declare const TOOL_POLICY_PATH: string;
+export declare const TOOL_BUDGETS_PATH: string;
+export declare const REGISTERED_GROUPS_PATH: string;
+export declare const MESSAGES_DB_PATH: string;
+export declare const MEMORY_DB_PATH: string;
+export declare const IPC_DIR: string;
+export declare const SESSIONS_DIR: string;
+export declare const MOUNT_ALLOWLIST_PATH: string;
+export declare const CONTAINER_DIR: string;
+export declare const CONTAINER_BUILD_SCRIPT: string;
+export declare const SCRIPTS_DIR: string;
+export declare const CONFIG_EXAMPLES_DIR: string;
+/**
+ * Ensure the DotClaw home directory structure exists.
+ * Creates all necessary directories with appropriate permissions.
+ */
+export declare function ensureDirectoryStructure(): void;
+/**
+ * Get the path for a group's workspace directory.
+ */
+export declare function getGroupDir(groupFolder: string): string;
+/**
+ * Get the path for a group's IPC directory.
+ */
+export declare function getGroupIpcDir(groupFolder: string): string;
+/**
+ * Get the path for a group's session directory.
+ */
+export declare function getGroupSessionDir(groupFolder: string): string;
+//# sourceMappingURL=paths.d.ts.map

package/dist/paths.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"paths.d.ts","sourceRoot":"","sources":["../src/paths.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AAUH;;;GAGG;AACH,wBAAgB,cAAc,IAAI,MAAM,CAKvC;AAED;;;GAGG;AACH,wBAAgB,cAAc,IAAI,MAAM,CAIvC;AAGD,eAAO,MAAM,YAAY,QAAmB,CAAC;AAC7C,eAAO,MAAM,YAAY,QAAmB,CAAC;AAG7C,eAAO,MAAM,UAAU,QAAoC,CAAC;AAG5D,eAAO,MAAM,QAAQ,QAAkC,CAAC;AAGxD,eAAO,MAAM,SAAS,QAA+B,CAAC;AAGtD,eAAO,MAAM,UAAU,QAAoC,CAAC;AAG5D,eAAO,MAAM,QAAQ,QAAkC,CAAC;AAGxD,eAAO,MAAM,UAAU,QAAoC,CAAC;AAG5D,eAAO,MAAM,WAAW,QAAqC,CAAC;AAG9D,eAAO,MAAM,QAAQ,QAAkC,CAAC;AAGxD,eAAO,MAAM,mBAAmB,QAAwC,CAAC;AACzE,eAAO,MAAM,iBAAiB,QAAsC,CAAC;AACrE,eAAO,MAAM,oBAAoB,QAAyC,CAAC;AAC3E,eAAO,MAAM,gBAAgB,QAA4C,CAAC;AAC1E,eAAO,MAAM,iBAAiB,QAA6C,CAAC;AAG5E,eAAO,MAAM,sBAAsB,QAAgD,CAAC;AACpF,eAAO,MAAM,gBAAgB,QAAsC,CAAC;AACpE,eAAO,MAAM,cAAc,QAAoC,CAAC;AAGhE,eAAO,MAAM,OAAO,QAA6B,CAAC;AAGlD,eAAO,MAAM,YAAY,QAAkC,CAAC;AAG5D,eAAO,MAAM,oBAAoB,QAAwE,CAAC;AAG1G,eAAO,MAAM,aAAa,QAAuC,CAAC;AAClE,eAAO,MAAM,sBAAsB,QAAuC,CAAC;AAG3E,eAAO,MAAM,WAAW,QAAqC,CAAC;AAG9D,eAAO,MAAM,mBAAmB,QAA6C,CAAC;AAE9E;;;GAGG;AACH,wBAAgB,wBAAwB,IAAI,IAAI,CAgC/C;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,CAEvD;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,CAE1D;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,CAE9D"}

package/dist/paths.js

@@ -0,0 +1,149 @@
+/**
+ * Centralized path definitions for DotClaw.
+ *
+ * All runtime data is stored in DOTCLAW_HOME (defaults to ~/.dotclaw).
+ * This can be overridden via the DOTCLAW_HOME environment variable.
+ *
+ * Directory structure:
+ * ~/.dotclaw/
+ * ├── config/           # User configuration files
+ * │   ├── runtime.json
+ * │   ├── model.json
+ * │   ├── behavior.json
+ * │   ├── tool-policy.json
+ * │   └── tool-budgets.json
+ * ├── data/             # Runtime data (databases, sessions, IPC)
+ * │   ├── messages.db
+ * │   ├── memory.db
+ * │   ├── registered_groups.json
+ * │   ├── sessions/
+ * │   └── ipc/
+ * ├── groups/           # Per-group workspaces
+ * │   ├── main/
+ * │   └── global/
+ * ├── logs/             # Log files
+ * ├── traces/           # Trace files for autotune
+ * └── .env              # Environment secrets
+ */
+import fs from 'fs';
+import os from 'os';
+import path from 'path';
+import { fileURLToPath } from 'url';
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+/**
+ * Get the DotClaw home directory.
+ * Defaults to ~/.dotclaw, can be overridden via DOTCLAW_HOME env var.
+ */
+export function getDotclawHome() {
+    if (process.env.DOTCLAW_HOME) {
+        return path.resolve(process.env.DOTCLAW_HOME);
+    }
+    return path.join(os.homedir(), '.dotclaw');
+}
+/**
+ * Get the package root directory (where package.json lives).
+ * This is used for finding the container build script and other package assets.
+ */
+export function getPackageRoot() {
+    // When running from dist/, go up one level
+    // When running from src/, also go up one level
+    return path.resolve(__dirname, '..');
+}
+// Base directories
+export const DOTCLAW_HOME = getDotclawHome();
+export const PACKAGE_ROOT = getPackageRoot();
+// Config directory - user configuration files
+export const CONFIG_DIR = path.join(DOTCLAW_HOME, 'config');
+// Data directory - runtime data (databases, sessions, IPC)
+export const DATA_DIR = path.join(DOTCLAW_HOME, 'data');
+// Store directory - databases
+export const STORE_DIR = path.join(DATA_DIR, 'store');
+// Groups directory - per-group workspaces
+export const GROUPS_DIR = path.join(DOTCLAW_HOME, 'groups');
+// Logs directory
+export const LOGS_DIR = path.join(DOTCLAW_HOME, 'logs');
+// Traces directory (for autotune)
+export const TRACES_DIR = path.join(DOTCLAW_HOME, 'traces');
+// Prompts directory (for prompt packs)
+export const PROMPTS_DIR = path.join(DOTCLAW_HOME, 'prompts');
+// Environment file
+export const ENV_PATH = path.join(DOTCLAW_HOME, '.env');
+// Config files
+export const RUNTIME_CONFIG_PATH = path.join(CONFIG_DIR, 'runtime.json');
+export const MODEL_CONFIG_PATH = path.join(CONFIG_DIR, 'model.json');
+export const BEHAVIOR_CONFIG_PATH = path.join(CONFIG_DIR, 'behavior.json');
+export const TOOL_POLICY_PATH = path.join(CONFIG_DIR, 'tool-policy.json');
+export const TOOL_BUDGETS_PATH = path.join(CONFIG_DIR, 'tool-budgets.json');
+// Data files
+export const REGISTERED_GROUPS_PATH = path.join(DATA_DIR, 'registered_groups.json');
+export const MESSAGES_DB_PATH = path.join(STORE_DIR, 'messages.db');
+export const MEMORY_DB_PATH = path.join(STORE_DIR, 'memory.db');
+// IPC directory
+export const IPC_DIR = path.join(DATA_DIR, 'ipc');
+// Sessions directory
+export const SESSIONS_DIR = path.join(DATA_DIR, 'sessions');
+// Mount security: allowlist stored in a separate location for extra security
+export const MOUNT_ALLOWLIST_PATH = path.join(os.homedir(), '.config', 'dotclaw', 'mount-allowlist.json');
+// Container assets (from package)
+export const CONTAINER_DIR = path.join(PACKAGE_ROOT, 'container');
+export const CONTAINER_BUILD_SCRIPT = path.join(CONTAINER_DIR, 'build.sh');
+// Scripts directory (from package)
+export const SCRIPTS_DIR = path.join(PACKAGE_ROOT, 'scripts');
+// Config examples (from package)
+export const CONFIG_EXAMPLES_DIR = path.join(PACKAGE_ROOT, 'config-examples');
+/**
+ * Ensure the DotClaw home directory structure exists.
+ * Creates all necessary directories with appropriate permissions.
+ */
+export function ensureDirectoryStructure() {
+    const dirs = [
+        DOTCLAW_HOME,
+        CONFIG_DIR,
+        DATA_DIR,
+        STORE_DIR,
+        GROUPS_DIR,
+        path.join(GROUPS_DIR, 'main'),
+        path.join(GROUPS_DIR, 'global'),
+        LOGS_DIR,
+        TRACES_DIR,
+        PROMPTS_DIR,
+        IPC_DIR,
+        SESSIONS_DIR,
+        // Mount allowlist parent directory (~/.config/dotclaw)
+        path.dirname(MOUNT_ALLOWLIST_PATH),
+    ];
+    for (const dir of dirs) {
+        fs.mkdirSync(dir, { recursive: true });
+    }
+    // Set restrictive permissions on sensitive directories
+    try {
+        fs.chmodSync(DOTCLAW_HOME, 0o700);
+        fs.chmodSync(CONFIG_DIR, 0o700);
+        fs.chmodSync(DATA_DIR, 0o700);
+        // Also restrict the config directory for mount allowlist
+        fs.chmodSync(path.dirname(MOUNT_ALLOWLIST_PATH), 0o700);
+    }
+    catch {
+        // Best-effort; permissions may be controlled by the OS or user policy
+    }
+}
+/**
+ * Get the path for a group's workspace directory.
+ */
+export function getGroupDir(groupFolder) {
+    return path.join(GROUPS_DIR, groupFolder);
+}
+/**
+ * Get the path for a group's IPC directory.
+ */
+export function getGroupIpcDir(groupFolder) {
+    return path.join(IPC_DIR, groupFolder);
+}
+/**
+ * Get the path for a group's session directory.
+ */
+export function getGroupSessionDir(groupFolder) {
+    return path.join(SESSIONS_DIR, groupFolder);
+}
+//# sourceMappingURL=paths.js.map

package/dist/paths.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"paths.js","sourceRoot":"","sources":["../src/paths.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AAEH,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AAEpC,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;AAE3C;;;GAGG;AACH,MAAM,UAAU,cAAc;IAC5B,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAChD,CAAC;IACD,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,UAAU,CAAC,CAAC;AAC7C,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,cAAc;IAC5B,2CAA2C;IAC3C,+CAA+C;IAC/C,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;AACvC,CAAC;AAED,mBAAmB;AACnB,MAAM,CAAC,MAAM,YAAY,GAAG,cAAc,EAAE,CAAC;AAC7C,MAAM,CAAC,MAAM,YAAY,GAAG,cAAc,EAAE,CAAC;AAE7C,8CAA8C;AAC9C,MAAM,CAAC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;AAE5D,2DAA2D;AAC3D,MAAM,CAAC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;AAExD,8BAA8B;AAC9B,MAAM,CAAC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;AAEtD,0CAA0C;AAC1C,MAAM,CAAC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;AAE5D,iBAAiB;AACjB,MAAM,CAAC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;AAExD,kCAAkC;AAClC,MAAM,CAAC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;AAE5D,uCAAuC;AACvC,MAAM,CAAC,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;AAE9D,mBAAmB;AACnB,MAAM,CAAC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;AAExD,eAAe;AACf,MAAM,CAAC,MAAM,mBAAmB,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;AACzE,MAAM,CAAC,MAAM,iBAAiB,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;AACrE,MAAM,CAAC,MAAM,oBAAoB,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,eAAe,CAAC,CAAC;AAC3E,MAAM,CAAC,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,kBAAkB,CAAC,CAAC;AAC1E,MAAM,CAAC,MAAM,iBAAiB,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAC;AAE5E,aAAa;AACb,MAAM,CAAC,MAAM,sBAAsB,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,wBAAwB,CAAC,CAAC;AACpF,MAAM,CAAC,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;AACpE,MAAM,CAAC,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;AAEhE,gBAAgB;AAChB,MAAM,CAAC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;AAElD,qBAAqB;AACrB,MAAM,CAAC,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;AAE5D,6EAA6E;AAC7E,MAAM,CAAC,MAAM,oBAAoB,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,sBAAsB,CAAC,CAAC;AAE1G,kCAAkC;AAClC,MAAM,CAAC,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;AAClE,MAAM,CAAC,MAAM,sBAAsB,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;AAE3E,mCAAmC;AACnC,MAAM,CAAC,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;AAE9D,iCAAiC;AACjC,MAAM,CAAC,MAAM,mBAAmB,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,iBAAiB,CAAC,CAAC;AAE9E;;;GAGG;AACH,MAAM,UAAU,wBAAwB;IACtC,MAAM,IAAI,GAAG;QACX,YAAY;QACZ,UAAU;QACV,QAAQ;QACR,SAAS;QACT,UAAU;QACV,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,MAAM,CAAC;QAC7B,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC;QAC/B,QAAQ;QACR,UAAU;QACV,WAAW;QACX,OAAO;QACP,YAAY;QACZ,uDAAuD;QACvD,IAAI,CAAC,OAAO,CAAC,oBAAoB,CAAC;KACnC,CAAC;IAEF,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACzC,CAAC;IAED,uDAAuD;IACvD,IAAI,CAAC;QACH,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;QAClC,EAAE,CAAC,SAAS,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QAChC,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAC9B,yDAAyD;QACzD,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE,KAAK,CAAC,CAAC;IAC1D,CAAC;IAAC,MAAM,CAAC;QACP,sEAAsE;IACxE,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,WAAmB;IAC7C,OAAO,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;AAC5C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,WAAmB;IAChD,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;AACzC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,WAAmB;IACpD,OAAO,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;AAC9C,CAAC"}

package/dist/personalization.d.ts

@@ -0,0 +1,6 @@
+import { BehaviorConfig } from './behavior-config.js';
+export declare function loadPersonalizedBehaviorConfig(params: {
+    groupFolder: string;
+    userId?: string | null;
+}): BehaviorConfig;
+//# sourceMappingURL=personalization.d.ts.map

package/dist/personalization.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"personalization.d.ts","sourceRoot":"","sources":["../src/personalization.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAqC,MAAM,sBAAsB,CAAC;AAyJzF,wBAAgB,8BAA8B,CAAC,MAAM,EAAE;IAAE,WAAW,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CAAE,GAAG,cAAc,CA+BtH"}