npm - @downcity/agent - Versions diffs - 1.1.113 → 1.1.119 - Mend

@downcity/agent 1.1.113 → 1.1.119

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (137) hide show

package/bin/agent/local/Agent.d.ts +39 -0
package/bin/agent/local/Agent.d.ts.map +1 -1
package/bin/agent/local/Agent.js +53 -0
package/bin/agent/local/Agent.js.map +1 -1
package/bin/agent/local/services/AgentAssemblyService.d.ts +4 -0
package/bin/agent/local/services/AgentAssemblyService.d.ts.map +1 -1
package/bin/agent/local/services/AgentAssemblyService.js +18 -2
package/bin/agent/local/services/AgentAssemblyService.js.map +1 -1
package/bin/agent/local/services/AgentLifecycleService.d.ts +6 -0
package/bin/agent/local/services/AgentLifecycleService.d.ts.map +1 -1
package/bin/agent/local/services/AgentLifecycleService.js +4 -0
package/bin/agent/local/services/AgentLifecycleService.js.map +1 -1
package/bin/agent/remote/RemoteAgent.d.ts +35 -1
package/bin/agent/remote/RemoteAgent.d.ts.map +1 -1
package/bin/agent/remote/RemoteAgent.js +37 -1
package/bin/agent/remote/RemoteAgent.js.map +1 -1
package/bin/agent/remote/RemoteTransport.d.ts +22 -0
package/bin/agent/remote/RemoteTransport.d.ts.map +1 -1
package/bin/agent/remote/transports/HttpRemoteAgentTransport.d.ts +17 -0
package/bin/agent/remote/transports/HttpRemoteAgentTransport.d.ts.map +1 -1
package/bin/agent/remote/transports/HttpRemoteAgentTransport.js +63 -0
package/bin/agent/remote/transports/HttpRemoteAgentTransport.js.map +1 -1
package/bin/agent/remote/transports/RpcRemoteAgentTransport.d.ts +16 -0
package/bin/agent/remote/transports/RpcRemoteAgentTransport.d.ts.map +1 -1
package/bin/agent/remote/transports/RpcRemoteAgentTransport.js +18 -0
package/bin/agent/remote/transports/RpcRemoteAgentTransport.js.map +1 -1
package/bin/executor/Executor.d.ts.map +1 -1
package/bin/executor/Executor.js +7 -1
package/bin/executor/Executor.js.map +1 -1
package/bin/index.d.ts +0 -1
package/bin/index.d.ts.map +1 -1
package/bin/index.js +0 -1
package/bin/index.js.map +1 -1
package/bin/rpc/Client.d.ts +28 -0
package/bin/rpc/Client.d.ts.map +1 -1
package/bin/rpc/Client.js +63 -0
package/bin/rpc/Client.js.map +1 -1
package/bin/rpc/server/InternalHandlers.d.ts.map +1 -1
package/bin/rpc/server/InternalHandlers.js +54 -0
package/bin/rpc/server/InternalHandlers.js.map +1 -1
package/bin/rpc/server/ServerTypes.d.ts +5 -0
package/bin/rpc/server/ServerTypes.d.ts.map +1 -1
package/bin/types/agent/AgentOptions.d.ts +9 -0
package/bin/types/agent/AgentOptions.d.ts.map +1 -1
package/bin/types/config/DowncityConfig.d.ts +2 -2
package/bin/types/config/DowncityConfig.d.ts.map +1 -1
package/bin/types/rpc/RpcProtocol.d.ts +53 -0
package/bin/types/rpc/RpcProtocol.d.ts.map +1 -1
package/package.json +4 -3
package/scripts/linux-bubblewrap-sandbox.test.mjs +1 -1
package/scripts/shell-sandbox-preflight.test.mjs +1 -1
package/src/agent/local/Agent.ts +68 -0
package/src/agent/local/services/AgentAssemblyService.ts +23 -2
package/src/agent/local/services/AgentLifecycleService.ts +11 -0
package/src/agent/remote/RemoteAgent.ts +54 -1
package/src/agent/remote/RemoteTransport.ts +23 -0
package/src/agent/remote/transports/HttpRemoteAgentTransport.ts +101 -0
package/src/agent/remote/transports/RpcRemoteAgentTransport.ts +35 -0
package/src/executor/Executor.ts +12 -2
package/src/index.ts +0 -1
package/src/rpc/Client.ts +80 -0
package/src/rpc/server/InternalHandlers.ts +55 -0
package/src/rpc/server/ServerTypes.ts +5 -0
package/src/types/agent/AgentOptions.ts +10 -0
package/src/types/config/DowncityConfig.ts +2 -2
package/src/types/rpc/RpcProtocol.ts +59 -0
package/tsconfig.tsbuildinfo +1 -1
package/bin/executor/tools/shell/ShellToolBridge.d.ts +0 -79
package/bin/executor/tools/shell/ShellToolBridge.d.ts.map +0 -1
package/bin/executor/tools/shell/ShellToolBridge.js +0 -320
package/bin/executor/tools/shell/ShellToolBridge.js.map +0 -1
package/bin/executor/tools/shell/ShellToolDefinition.d.ts +0 -116
package/bin/executor/tools/shell/ShellToolDefinition.d.ts.map +0 -1
package/bin/executor/tools/shell/ShellToolDefinition.js +0 -369
package/bin/executor/tools/shell/ShellToolDefinition.js.map +0 -1
package/bin/executor/tools/shell/ShellToolFormatting.d.ts +0 -17
package/bin/executor/tools/shell/ShellToolFormatting.d.ts.map +0 -1
package/bin/executor/tools/shell/ShellToolFormatting.js +0 -36
package/bin/executor/tools/shell/ShellToolFormatting.js.map +0 -1
package/bin/executor/tools/shell/ShellToolSchemas.d.ts +0 -61
package/bin/executor/tools/shell/ShellToolSchemas.d.ts.map +0 -1
package/bin/executor/tools/shell/ShellToolSchemas.js +0 -130
package/bin/executor/tools/shell/ShellToolSchemas.js.map +0 -1
package/bin/executor/tools/shell/types/Shell.d.ts +0 -115
package/bin/executor/tools/shell/types/Shell.d.ts.map +0 -1
package/bin/executor/tools/shell/types/Shell.js +0 -9
package/bin/executor/tools/shell/types/Shell.js.map +0 -1
package/bin/executor/tools/shell/types/ShellPlugin.d.ts +0 -258
package/bin/executor/tools/shell/types/ShellPlugin.d.ts.map +0 -1
package/bin/executor/tools/shell/types/ShellPlugin.js +0 -9
package/bin/executor/tools/shell/types/ShellPlugin.js.map +0 -1
package/bin/sandbox/LinuxBubblewrapSandbox.d.ts +0 -19
package/bin/sandbox/LinuxBubblewrapSandbox.d.ts.map +0 -1
package/bin/sandbox/LinuxBubblewrapSandbox.js +0 -186
package/bin/sandbox/LinuxBubblewrapSandbox.js.map +0 -1
package/bin/sandbox/MacOsSeatbeltSandbox.d.ts +0 -16
package/bin/sandbox/MacOsSeatbeltSandbox.d.ts.map +0 -1
package/bin/sandbox/MacOsSeatbeltSandbox.js +0 -154
package/bin/sandbox/MacOsSeatbeltSandbox.js.map +0 -1
package/bin/sandbox/SandboxConfigResolver.d.ts +0 -37
package/bin/sandbox/SandboxConfigResolver.d.ts.map +0 -1
package/bin/sandbox/SandboxConfigResolver.js +0 -130
package/bin/sandbox/SandboxConfigResolver.js.map +0 -1
package/bin/sandbox/SandboxPreflight.d.ts +0 -73
package/bin/sandbox/SandboxPreflight.d.ts.map +0 -1
package/bin/sandbox/SandboxPreflight.js +0 -122
package/bin/sandbox/SandboxPreflight.js.map +0 -1
package/bin/sandbox/SandboxRunner.d.ts +0 -61
package/bin/sandbox/SandboxRunner.d.ts.map +0 -1
package/bin/sandbox/SandboxRunner.js +0 -107
package/bin/sandbox/SandboxRunner.js.map +0 -1
package/bin/sandbox/UnrestrictedSandbox.d.ts +0 -16
package/bin/sandbox/UnrestrictedSandbox.d.ts.map +0 -1
package/bin/sandbox/UnrestrictedSandbox.js +0 -39
package/bin/sandbox/UnrestrictedSandbox.js.map +0 -1
package/bin/sandbox/types/Sandbox.d.ts +0 -130
package/bin/sandbox/types/Sandbox.d.ts.map +0 -1
package/bin/sandbox/types/Sandbox.js +0 -10
package/bin/sandbox/types/Sandbox.js.map +0 -1
package/bin/sandbox/types/SandboxRuntime.d.ts +0 -370
package/bin/sandbox/types/SandboxRuntime.d.ts.map +0 -1
package/bin/sandbox/types/SandboxRuntime.js +0 -10
package/bin/sandbox/types/SandboxRuntime.js.map +0 -1
package/src/executor/tools/shell/ShellToolBridge.ts +0 -412
package/src/executor/tools/shell/ShellToolDefinition.ts +0 -524
package/src/executor/tools/shell/ShellToolFormatting.ts +0 -34
package/src/executor/tools/shell/ShellToolSchemas.ts +0 -139
package/src/executor/tools/shell/types/Shell.ts +0 -123
package/src/executor/tools/shell/types/ShellPlugin.ts +0 -278
package/src/sandbox/LinuxBubblewrapSandbox.ts +0 -222
package/src/sandbox/MacOsSeatbeltSandbox.ts +0 -191
package/src/sandbox/SandboxConfigResolver.ts +0 -152
package/src/sandbox/SandboxPreflight.ts +0 -205
package/src/sandbox/SandboxRunner.ts +0 -151
package/src/sandbox/UnrestrictedSandbox.ts +0 -53
package/src/sandbox/types/Sandbox.ts +0 -144
package/src/sandbox/types/SandboxRuntime.ts +0 -440

package/bin/sandbox/MacOsSeatbeltSandbox.js DELETED Viewed

@@ -1,154 +0,0 @@
-/**
- * macOS Seatbelt sandbox backend。
- *
- * 关键点（中文）
- * - 当前最小实现直接基于系统自带 `sandbox-exec`。
- * - 目标不是抽象完整 provider 体系，而是先把 shell 命令从“宿主机直跑”收敛成“带边界执行”。
- * - 边界只保留四类：路径、环境变量、网络、agent 级共享 HOME/TMPDIR/cache。
- */
-import { spawn } from "node:child_process";
-import path from "node:path";
-import fs from "fs-extra";
-const DEFAULT_PATH_VALUE = "/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin";
-function escapeSeatbeltString(value) {
-    return String(value || "").replace(/\\/g, "\\\\").replace(/"/g, '\\"');
-}
-function dedupePaths(values) {
-    const seen = new Set();
-    const result = [];
-    for (const value of values) {
-        const normalized = path.resolve(String(value || "").trim());
-        if (!normalized || seen.has(normalized))
-            continue;
-        seen.add(normalized);
-        result.push(normalized);
-    }
-    return result;
-}
-function buildReadablePaths(params) {
-    return dedupePaths([
-        "/bin",
-        "/usr",
-        "/System",
-        "/etc",
-        "/dev",
-        "/Library",
-        "/opt/homebrew",
-        "/usr/local",
-        params.rootPath,
-        params.sandboxDir,
-        params.tmpDir,
-        params.cacheDir,
-        path.dirname(params.shellPath),
-    ]);
-}
-function buildWritablePaths(params) {
-    return dedupePaths([
-        ...params.config.writablePaths,
-        params.executionDir,
-        params.config.sandboxDir,
-        params.config.tmpDir,
-        params.config.cacheDir,
-    ]);
-}
-function buildNetworkRules(networkMode) {
-    if (networkMode === "restricted" || networkMode === "full") {
-        return ["(allow network-outbound)", "(allow network-inbound)"];
-    }
-    return [];
-}
-function buildSeatbeltProfile(params) {
-    const readablePaths = buildReadablePaths({
-        rootPath: params.config.rootPath,
-        shellPath: params.shellPath,
-        sandboxDir: params.config.sandboxDir,
-        tmpDir: params.config.tmpDir,
-        cacheDir: params.config.cacheDir,
-    });
-    const writablePaths = buildWritablePaths(params);
-    const lines = [
-        "(version 1)",
-        "(deny default)",
-        '(import "system.sb")',
-        "(allow process*)",
-        "(allow sysctl-read)",
-        "(allow file-read-metadata)",
-        ...readablePaths.map((value) => `(allow file-read* (subpath "${escapeSeatbeltString(value)}"))`),
-        ...writablePaths.map((value) => `(allow file-write* (subpath "${escapeSeatbeltString(value)}"))`),
-        ...buildNetworkRules(params.config.networkMode),
-    ];
-    // 关键点（中文）
-    // - `cwd` 需要显式出现在读集合里，否则很多命令刚启动时就会因为工作目录不可见而失败。
-    // - 这里单独追加，避免未来 rootPath 与 cwd 的关系变化时被遗漏。
-    if (!readablePaths.includes(params.actualCwd)) {
-        lines.push(`(allow file-read* (subpath "${escapeSeatbeltString(params.actualCwd)}"))`);
-    }
-    return `${lines.join("\n")}\n`;
-}
-function buildSandboxEnv(params) {
-    const env = {};
-    for (const key of params.config.envAllowlist) {
-        const value = params.baseEnv[key];
-        if (typeof value !== "string" || !value.trim())
-            continue;
-        env[key] = value;
-    }
-    for (const [key, value] of Object.entries(params.baseEnv)) {
-        if (!key.startsWith("DC_"))
-            continue;
-        if (typeof value !== "string" || !value.trim())
-            continue;
-        env[key] = value;
-    }
-    env.PATH = String(env.PATH || params.baseEnv.PATH || DEFAULT_PATH_VALUE);
-    env.HOME = params.config.homeDir;
-    env.ZDOTDIR = params.config.homeDir;
-    env.TMPDIR = params.config.tmpDir;
-    env.XDG_CACHE_HOME = params.config.cacheDir;
-    env.DC_SANDBOX = "1";
-    env.DC_SANDBOX_DIR = params.config.sandboxDir;
-    env.DC_SANDBOX_HOME = params.config.homeDir;
-    env.DC_SANDBOX_CACHE = params.config.cacheDir;
-    env.SHELL = params.shellPath;
-    return env;
-}
-/**
- * 在 macOS seatbelt sandbox 中启动 shell 子进程。
- */
-export async function spawnMacOsSeatbeltSandbox(params) {
-    const profilePath = path.join(params.executionDir, "sandbox-profile.sb");
-    await fs.ensureDir(params.config.sandboxDir);
-    await fs.ensureDir(params.config.tmpDir);
-    await fs.ensureDir(params.config.cacheDir);
-    await fs.ensureDir(params.executionDir);
-    const profile = buildSeatbeltProfile({
-        ...params,
-    });
-    await fs.writeFile(profilePath, profile, "utf-8");
-    const child = spawn("sandbox-exec", [
-        "-f",
-        profilePath,
-        params.shellPath,
-        params.login ? "-lc" : "-c",
-        params.cmd,
-    ], {
-        cwd: params.actualCwd,
-        stdio: "pipe",
-        env: buildSandboxEnv(params),
-    });
-    child.stdout.setEncoding("utf8");
-    child.stderr.setEncoding("utf8");
-    return {
-        child,
-        cwd: params.actualCwd,
-        sandboxed: true,
-        sandboxMode: "safe",
-        backend: "macos-seatbelt",
-        networkMode: params.config.networkMode,
-        sandboxDir: params.config.sandboxDir,
-        homeDir: params.config.homeDir,
-        tmpDir: params.config.tmpDir,
-        cacheDir: params.config.cacheDir,
-    };
-}
-//# sourceMappingURL=MacOsSeatbeltSandbox.js.map

package/bin/sandbox/MacOsSeatbeltSandbox.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"MacOsSeatbeltSandbox.js","sourceRoot":"","sources":["../../src/sandbox/MacOsSeatbeltSandbox.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC3C,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,UAAU,CAAC;AAM1B,MAAM,kBAAkB,GACtB,gEAAgE,CAAC;AAEnE,SAAS,oBAAoB,CAAC,KAAa;IACzC,OAAO,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,WAAW,CAAC,MAAgB;IACnC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC5D,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC;YAAE,SAAS;QAClD,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACrB,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,kBAAkB,CAAC,MAM3B;IACC,OAAO,WAAW,CAAC;QACjB,MAAM;QACN,MAAM;QACN,SAAS;QACT,MAAM;QACN,MAAM;QACN,UAAU;QACV,eAAe;QACf,YAAY;QACZ,MAAM,CAAC,QAAQ;QACf,MAAM,CAAC,UAAU;QACjB,MAAM,CAAC,MAAM;QACb,MAAM,CAAC,QAAQ;QACf,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC;KAC/B,CAAC,CAAC;AACL,CAAC;AAED,SAAS,kBAAkB,CAAC,MAA0B;IACpD,OAAO,WAAW,CAAC;QACjB,GAAG,MAAM,CAAC,MAAM,CAAC,aAAa;QAC9B,MAAM,CAAC,YAAY;QACnB,MAAM,CAAC,MAAM,CAAC,UAAU;QACxB,MAAM,CAAC,MAAM,CAAC,MAAM;QACpB,MAAM,CAAC,MAAM,CAAC,QAAQ;KACvB,CAAC,CAAC;AACL,CAAC;AAED,SAAS,iBAAiB,CAAC,WAAwD;IACjF,IAAI,WAAW,KAAK,YAAY,IAAI,WAAW,KAAK,MAAM,EAAE,CAAC;QAC3D,OAAO,CAAC,0BAA0B,EAAE,yBAAyB,CAAC,CAAC;IACjE,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,oBAAoB,CAAC,MAE7B;IACC,MAAM,aAAa,GAAG,kBAAkB,CAAC;QACvC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ;QAChC,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,UAAU;QACpC,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM;QAC5B,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ;KACjC,CAAC,CAAC;IACH,MAAM,aAAa,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG;QACZ,aAAa;QACb,gBAAgB;QAChB,sBAAsB;QACtB,kBAAkB;QAClB,qBAAqB;QACrB,4BAA4B;QAC5B,GAAG,aAAa,CAAC,GAAG,CAClB,CAAC,KAAK,EAAE,EAAE,CAAC,+BAA+B,oBAAoB,CAAC,KAAK,CAAC,KAAK,CAC3E;QACD,GAAG,aAAa,CAAC,GAAG,CAClB,CAAC,KAAK,EAAE,EAAE,CAAC,gCAAgC,oBAAoB,CAAC,KAAK,CAAC,KAAK,CAC5E;QACD,GAAG,iBAAiB,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC;KAChD,CAAC;IAEF,UAAU;IACV,gDAAgD;IAChD,0CAA0C;IAC1C,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;QAC9C,KAAK,CAAC,IAAI,CAAC,+BAA+B,oBAAoB,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IACzF,CAAC;IACD,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;AACjC,CAAC;AAED,SAAS,eAAe,CAAC,MAA0B;IACjD,MAAM,GAAG,GAAsB,EAAE,CAAC;IAClC,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;QAC7C,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAClC,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE;YAAE,SAAS;QACzD,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;IACnB,CAAC;IAED,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;QAC1D,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,CAAC;YAAE,SAAS;QACrC,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE;YAAE,SAAS;QACzD,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;IACnB,CAAC;IAED,GAAG,CAAC,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC,IAAI,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,kBAAkB,CAAC,CAAC;IACzE,GAAG,CAAC,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC;IACjC,GAAG,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC;IACpC,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC;IAClC,GAAG,CAAC,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC;IAC5C,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;IACrB,GAAG,CAAC,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC;IAC9C,GAAG,CAAC,eAAe,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC;IAC5C,GAAG,CAAC,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC;IAC9C,GAAG,CAAC,KAAK,GAAG,MAAM,CAAC,SAAS,CAAC;IAE7B,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,MAAkD;IAElD,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,oBAAoB,CAAC,CAAC;IAEzE,MAAM,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAC7C,MAAM,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACzC,MAAM,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC3C,MAAM,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAExC,MAAM,OAAO,GAAG,oBAAoB,CAAC;QACnC,GAAG,MAAM;KACV,CAAC,CAAC;IACH,MAAM,EAAE,CAAC,SAAS,CAAC,WAAW,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAElD,MAAM,KAAK,GAAG,KAAK,CACjB,cAAc,EACd;QACE,IAAI;QACJ,WAAW;QACX,MAAM,CAAC,SAAS;QAChB,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI;QAC3B,MAAM,CAAC,GAAG;KACX,EACD;QACE,GAAG,EAAE,MAAM,CAAC,SAAS;QACrB,KAAK,EAAE,MAAM;QACb,GAAG,EAAE,eAAe,CAAC,MAAM,CAAC;KAC7B,CACF,CAAC;IAEF,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IACjC,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAEjC,OAAO;QACL,KAAK;QACL,GAAG,EAAE,MAAM,CAAC,SAAS;QACrB,SAAS,EAAE,IAAI;QACf,WAAW,EAAE,MAAM;QACnB,OAAO,EAAE,gBAAgB;QACzB,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,WAAW;QACtC,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,UAAU;QACpC,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO;QAC9B,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM;QAC5B,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ;KACjC,CAAC;AACJ,CAAC"}

package/bin/sandbox/SandboxConfigResolver.d.ts DELETED Viewed

@@ -1,37 +0,0 @@
-/**
- * Sandbox 配置解析器。
- *
- * 关键点（中文）
- * - 这里负责把 `downcity.json` 中面向用户的最小配置，收敛成运行时可直接执行的绝对路径配置。
- * - sandbox 是 agent 项目级能力，持久目录固定为 `<project>/.downcity/sandbox`。
- * - 当前版本只服务 shell / CLI 这条命令执行链，不引入审批、profile 绑定或用户权限系统。
- * - 解析结果只回答一个问题：这次命令执行的 sandbox 边界是什么。
- */
-import type { AgentContext } from "../types/runtime/agent/AgentContext.js";
-import type { SandboxBackend } from "../sandbox/types/SandboxRuntime.js";
-import type { ResolvedSandboxConfig } from "../sandbox/types/SandboxRuntime.js";
-/**
- * 判断目标路径是否位于根目录内，或与根目录本身相同。
- */
-export declare function isPathInsideRoot(rootPath: string, targetPath: string): boolean;
-/**
- * 根据宿主平台解析当前 sandbox backend。
- */
-export declare function resolveSandboxBackend(): SandboxBackend;
-/**
- * 解析当前请求最终使用的 sandbox 配置。
- */
-export declare function resolveSandboxConfig(context: AgentContext): ResolvedSandboxConfig;
-/**
- * 归一化 sandbox 内实际使用的工作目录。
- *
- * 说明（中文）
- * - sandbox 启用时，工作目录必须收敛在 `rootPath` 范围内。
- * - 超出项目根目录的 `cwd` 会被强制拉回 `rootPath`，避免宿主目录通过 `cwd` 泄漏回去。
- */
-export declare function resolveSandboxCwd(params: {
-    rootPath: string;
-    requestedCwd: string;
-    context: AgentContext;
-}): string;
-//# sourceMappingURL=SandboxConfigResolver.d.ts.map

package/bin/sandbox/SandboxConfigResolver.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"SandboxConfigResolver.d.ts","sourceRoot":"","sources":["../../src/sandbox/SandboxConfigResolver.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,uCAAuC,CAAC;AAC1E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mCAAmC,CAAC;AACxE,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,mCAAmC,CAAC;AA4B/E;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAM9E;AAyCD;;GAEG;AACH,wBAAgB,qBAAqB,IAAI,cAAc,CAMtD;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,YAAY,GAAG,qBAAqB,CAuBjF;AAED;;;;;;GAMG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE;IACxC,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,YAAY,CAAC;CACvB,GAAG,MAAM,CAUT"}

package/bin/sandbox/SandboxConfigResolver.js DELETED Viewed

@@ -1,130 +0,0 @@
-/**
- * Sandbox 配置解析器。
- *
- * 关键点（中文）
- * - 这里负责把 `downcity.json` 中面向用户的最小配置，收敛成运行时可直接执行的绝对路径配置。
- * - sandbox 是 agent 项目级能力，持久目录固定为 `<project>/.downcity/sandbox`。
- * - 当前版本只服务 shell / CLI 这条命令执行链，不引入审批、profile 绑定或用户权限系统。
- * - 解析结果只回答一个问题：这次命令执行的 sandbox 边界是什么。
- */
-import path from "node:path";
-const DEFAULT_ENV_ALLOWLIST = [
-    "PATH",
-    "LANG",
-    "TERM",
-    "COLORTERM",
-    "LC_ALL",
-    "LC_CTYPE",
-    "SHELL",
-    "USER",
-    "LOGNAME",
-];
-const SANDBOX_RELATIVE_DIR = path.join(".downcity", "sandbox");
-function normalizeEnvAllowlist(values) {
-    const seen = new Set();
-    const result = [];
-    for (const value of values || DEFAULT_ENV_ALLOWLIST) {
-        const normalized = String(value || "").trim();
-        if (!normalized || seen.has(normalized))
-            continue;
-        seen.add(normalized);
-        result.push(normalized);
-    }
-    return result;
-}
-/**
- * 判断目标路径是否位于根目录内，或与根目录本身相同。
- */
-export function isPathInsideRoot(rootPath, targetPath) {
-    const normalizedRoot = path.resolve(rootPath);
-    const normalizedTarget = path.resolve(targetPath);
-    if (normalizedRoot === normalizedTarget)
-        return true;
-    const relative = path.relative(normalizedRoot, normalizedTarget);
-    return Boolean(relative) && !relative.startsWith("..") && !path.isAbsolute(relative);
-}
-function normalizeWritablePaths(params) {
-    const { rootPath, sandboxDir, writablePaths, context } = params;
-    const rawValues = Array.isArray(writablePaths) && writablePaths.length > 0
-        ? [rootPath, sandboxDir, ...writablePaths]
-        : [rootPath, sandboxDir];
-    const seen = new Set();
-    const result = [];
-    for (const rawValue of rawValues) {
-        const normalizedValue = String(rawValue || "").trim();
-        if (!normalizedValue)
-            continue;
-        const resolvedPath = path.resolve(path.isAbsolute(normalizedValue) ? normalizedValue : path.join(rootPath, normalizedValue));
-        if (!isPathInsideRoot(rootPath, resolvedPath)) {
-            context.logger.warn("[sandbox] writable path ignored because it escapes project root", {
-                rootPath,
-                ignoredPath: normalizedValue,
-                resolvedPath,
-            });
-            continue;
-        }
-        if (seen.has(resolvedPath))
-            continue;
-        seen.add(resolvedPath);
-        result.push(resolvedPath);
-    }
-    if (result.length === 0) {
-        result.push(path.resolve(rootPath));
-    }
-    return result;
-}
-/**
- * 根据宿主平台解析当前 sandbox backend。
- */
-export function resolveSandboxBackend() {
-    if (process.platform === "darwin")
-        return "macos-seatbelt";
-    if (process.platform === "linux")
-        return "linux-bubblewrap";
-    throw new Error(`sandbox backend is required for shell execution, but current platform is unsupported: ${process.platform}`);
-}
-/**
- * 解析当前请求最终使用的 sandbox 配置。
- */
-export function resolveSandboxConfig(context) {
-    const rootPath = path.resolve(context.rootPath);
-    const projectConfig = context.config?.sandbox;
-    const sandboxDir = path.join(rootPath, SANDBOX_RELATIVE_DIR);
-    const tmpDir = path.join(sandboxDir, "tmp");
-    const cacheDir = path.join(sandboxDir, ".cache");
-    return {
-        backend: resolveSandboxBackend(),
-        rootPath,
-        sandboxDir,
-        homeDir: sandboxDir,
-        tmpDir,
-        cacheDir,
-        envAllowlist: normalizeEnvAllowlist(projectConfig?.envAllowlist),
-        writablePaths: normalizeWritablePaths({
-            rootPath,
-            sandboxDir,
-            writablePaths: projectConfig?.writablePaths,
-            context,
-        }),
-        networkMode: projectConfig?.networkMode || "full",
-    };
-}
-/**
- * 归一化 sandbox 内实际使用的工作目录。
- *
- * 说明（中文）
- * - sandbox 启用时，工作目录必须收敛在 `rootPath` 范围内。
- * - 超出项目根目录的 `cwd` 会被强制拉回 `rootPath`，避免宿主目录通过 `cwd` 泄漏回去。
- */
-export function resolveSandboxCwd(params) {
-    const normalizedCwd = path.resolve(params.requestedCwd);
-    if (isPathInsideRoot(params.rootPath, normalizedCwd)) {
-        return normalizedCwd;
-    }
-    params.context.logger.warn("[sandbox] cwd escapes project root and was reset to rootPath", {
-        rootPath: params.rootPath,
-        requestedCwd: normalizedCwd,
-    });
-    return params.rootPath;
-}
-//# sourceMappingURL=SandboxConfigResolver.js.map

package/bin/sandbox/SandboxConfigResolver.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"SandboxConfigResolver.js","sourceRoot":"","sources":["../../src/sandbox/SandboxConfigResolver.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,IAAI,MAAM,WAAW,CAAC;AAK7B,MAAM,qBAAqB,GAAG;IAC5B,MAAM;IACN,MAAM;IACN,MAAM;IACN,WAAW;IACX,QAAQ;IACR,UAAU;IACV,OAAO;IACP,MAAM;IACN,SAAS;CACV,CAAC;AAEF,MAAM,oBAAoB,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;AAE/D,SAAS,qBAAqB,CAAC,MAAiB;IAC9C,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,KAAK,IAAI,MAAM,IAAI,qBAAqB,EAAE,CAAC;QACpD,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAC9C,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC;YAAE,SAAS;QAClD,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACrB,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,QAAgB,EAAE,UAAkB;IACnE,MAAM,cAAc,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC9C,MAAM,gBAAgB,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAClD,IAAI,cAAc,KAAK,gBAAgB;QAAE,OAAO,IAAI,CAAC;IACrD,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,cAAc,EAAE,gBAAgB,CAAC,CAAC;IACjE,OAAO,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;AACvF,CAAC;AAED,SAAS,sBAAsB,CAAC,MAK/B;IACC,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,aAAa,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC;IAChE,MAAM,SAAS,GACb,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;QACtD,CAAC,CAAC,CAAC,QAAQ,EAAE,UAAU,EAAE,GAAG,aAAa,CAAC;QAC1C,CAAC,CAAC,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAC7B,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,MAAM,eAAe,GAAG,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACtD,IAAI,CAAC,eAAe;YAAE,SAAS;QAC/B,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAC/B,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAC1F,CAAC;QACF,IAAI,CAAC,gBAAgB,CAAC,QAAQ,EAAE,YAAY,CAAC,EAAE,CAAC;YAC9C,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,iEAAiE,EAAE;gBACrF,QAAQ;gBACR,WAAW,EAAE,eAAe;gBAC5B,YAAY;aACb,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QACD,IAAI,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC;YAAE,SAAS;QACrC,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QACvB,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAC5B,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;IACtC,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB;IACnC,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ;QAAE,OAAO,gBAAgB,CAAC;IAC3D,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO;QAAE,OAAO,kBAAkB,CAAC;IAC5D,MAAM,IAAI,KAAK,CACb,yFAAyF,OAAO,CAAC,QAAQ,EAAE,CAC5G,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAAqB;IACxD,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAChD,MAAM,aAAa,GAAG,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC;IAC9C,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC;IAC7D,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;IAC5C,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IAEjD,OAAO;QACL,OAAO,EAAE,qBAAqB,EAAE;QAChC,QAAQ;QACR,UAAU;QACV,OAAO,EAAE,UAAU;QACnB,MAAM;QACN,QAAQ;QACR,YAAY,EAAE,qBAAqB,CAAC,aAAa,EAAE,YAAY,CAAC;QAChE,aAAa,EAAE,sBAAsB,CAAC;YACpC,QAAQ;YACR,UAAU;YACV,aAAa,EAAE,aAAa,EAAE,aAAa;YAC3C,OAAO;SACR,CAAC;QACF,WAAW,EAAE,aAAa,EAAE,WAAW,IAAI,MAAM;KAClD,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,iBAAiB,CAAC,MAIjC;IACC,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACxD,IAAI,gBAAgB,CAAC,MAAM,CAAC,QAAQ,EAAE,aAAa,CAAC,EAAE,CAAC;QACrD,OAAO,aAAa,CAAC;IACvB,CAAC;IACD,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,8DAA8D,EAAE;QACzF,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,YAAY,EAAE,aAAa;KAC5B,CAAC,CAAC;IACH,OAAO,MAAM,CAAC,QAAQ,CAAC;AACzB,CAAC"}

package/bin/sandbox/SandboxPreflight.d.ts DELETED Viewed

@@ -1,73 +0,0 @@
-/**
- * SandboxPreflight：本机 shell sandbox 依赖预检。
- *
- * 关键点（中文）
- * - shell 命令必须进入 sandbox；这里提前检查 backend 依赖，避免启动后首次 shell 执行才失败。
- * - Linux backend 基于 bubblewrap，本质使用 Linux namespaces / bind mount 等内核能力。
- * - 本模块只诊断并给出修复建议，不自动安装软件，也不修改宿主机 sysctl。
- */
-import type { SandboxBackend } from "../sandbox/types/SandboxRuntime.js";
-/**
- * sandbox 预检失败原因。
- */
-export type SandboxPreflightIssueCode = "unsupported-platform" | "missing-command" | "userns-disabled";
-/**
- * 单条 sandbox 预检失败。
- */
-export interface SandboxPreflightIssue {
-    /**
-     * 机器可读的失败原因。
-     */
-    code: SandboxPreflightIssueCode;
-    /**
-     * 人类可读的失败说明。
-     */
-    message: string;
-    /**
-     * 可复制的修复建议列表。
-     */
-    fixes: string[];
-}
-/**
- * sandbox 预检结果。
- */
-export interface SandboxPreflightResult {
-    /**
-     * 当前平台是否满足 shell sandbox 启动要求。
-     */
-    ok: boolean;
-    /**
-     * 当前宿主平台。
-     */
-    platform: NodeJS.Platform;
-    /**
-     * 当前平台对应的 sandbox backend。
-     */
-    backend?: SandboxBackend;
-    /**
-     * 失败原因集合。
-     */
-    issues: SandboxPreflightIssue[];
-}
-/**
- * sandbox 预检宿主探测依赖。
- */
-export interface ShellSandboxPreflightProbe {
-    /**
-     * 判断命令是否存在于 PATH 中。
-     */
-    commandExists(command: string): Promise<boolean>;
-    /**
-     * 读取 `/proc` 下整数配置。
-     */
-    readProcInt(filePath: string): Promise<number | null>;
-}
-/**
- * 检查当前宿主是否满足 shell sandbox 运行要求。
- */
-export declare function checkShellSandboxPreflight(): Promise<SandboxPreflightResult>;
-/**
- * 使用注入探针检查当前宿主是否满足 shell sandbox 运行要求。
- */
-export declare function checkShellSandboxPreflightWithProbe(probe: ShellSandboxPreflightProbe): Promise<SandboxPreflightResult>;
-//# sourceMappingURL=SandboxPreflight.d.ts.map

package/bin/sandbox/SandboxPreflight.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"SandboxPreflight.d.ts","sourceRoot":"","sources":["../../src/sandbox/SandboxPreflight.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mCAAmC,CAAC;AAExE;;GAEG;AACH,MAAM,MAAM,yBAAyB,GACjC,sBAAsB,GACtB,iBAAiB,GACjB,iBAAiB,CAAC;AAEtB;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC;;OAEG;IACH,IAAI,EAAE,yBAAyB,CAAC;IAEhC;;OAEG;IACH,OAAO,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC;;OAEG;IACH,EAAE,EAAE,OAAO,CAAC;IAEZ;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC;IAE1B;;OAEG;IACH,OAAO,CAAC,EAAE,cAAc,CAAC;IAEzB;;OAEG;IACH,MAAM,EAAE,qBAAqB,EAAE,CAAC;CACjC;AAED;;GAEG;AACH,MAAM,WAAW,0BAA0B;IACzC;;OAEG;IACH,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAEjD;;OAEG;IACH,WAAW,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;CACvD;AAyCD;;GAEG;AACH,wBAAsB,0BAA0B,IAAI,OAAO,CAAC,sBAAsB,CAAC,CAKlF;AAED;;GAEG;AACH,wBAAsB,mCAAmC,CACvD,KAAK,EAAE,0BAA0B,GAChC,OAAO,CAAC,sBAAsB,CAAC,CAoEjC"}

package/bin/sandbox/SandboxPreflight.js DELETED Viewed

@@ -1,122 +0,0 @@
-/**
- * SandboxPreflight：本机 shell sandbox 依赖预检。
- *
- * 关键点（中文）
- * - shell 命令必须进入 sandbox；这里提前检查 backend 依赖，避免启动后首次 shell 执行才失败。
- * - Linux backend 基于 bubblewrap，本质使用 Linux namespaces / bind mount 等内核能力。
- * - 本模块只诊断并给出修复建议，不自动安装软件，也不修改宿主机 sysctl。
- */
-import { access, readFile } from "node:fs/promises";
-import path from "node:path";
-import { delimiter } from "node:path";
-async function commandExists(command) {
-    const pathValue = String(process.env.PATH || "").trim();
-    const dirs = pathValue ? pathValue.split(delimiter) : [];
-    for (const dir of dirs) {
-        const candidate = path.join(dir, command);
-        try {
-            await access(candidate);
-            return true;
-        }
-        catch {
-            // continue
-        }
-    }
-    return false;
-}
-async function readProcInt(filePath) {
-    try {
-        const raw = await readFile(filePath, "utf-8");
-        const value = Number.parseInt(raw.trim(), 10);
-        return Number.isFinite(value) && !Number.isNaN(value) ? value : null;
-    }
-    catch {
-        return null;
-    }
-}
-async function isLinuxUserNamespaceEnabled(probe) {
-    const unprivilegedUsernsClone = await probe.readProcInt("/proc/sys/kernel/unprivileged_userns_clone");
-    if (unprivilegedUsernsClone === 0)
-        return false;
-    const maxUserNamespaces = await probe.readProcInt("/proc/sys/user/max_user_namespaces");
-    if (maxUserNamespaces === 0)
-        return false;
-    return true;
-}
-/**
- * 检查当前宿主是否满足 shell sandbox 运行要求。
- */
-export async function checkShellSandboxPreflight() {
-    return await checkShellSandboxPreflightWithProbe({
-        commandExists,
-        readProcInt,
-    });
-}
-/**
- * 使用注入探针检查当前宿主是否满足 shell sandbox 运行要求。
- */
-export async function checkShellSandboxPreflightWithProbe(probe) {
-    const platform = process.platform;
-    const issues = [];
-    if (platform === "darwin") {
-        if (!(await probe.commandExists("sandbox-exec"))) {
-            issues.push({
-                code: "missing-command",
-                message: "macOS shell sandbox requires sandbox-exec, but it was not found.",
-                fixes: [
-                    "Use a macOS system that includes /usr/bin/sandbox-exec.",
-                ],
-            });
-        }
-        return {
-            ok: issues.length === 0,
-            platform,
-            backend: "macos-seatbelt",
-            issues,
-        };
-    }
-    if (platform === "linux") {
-        if (!(await probe.commandExists("bwrap"))) {
-            issues.push({
-                code: "missing-command",
-                message: "Linux shell sandbox requires bubblewrap (bwrap), but it was not found.",
-                fixes: [
-                    "Debian / Ubuntu: sudo apt install bubblewrap",
-                    "Fedora: sudo dnf install bubblewrap",
-                    "Arch: sudo pacman -S bubblewrap",
-                ],
-            });
-        }
-        if (!(await isLinuxUserNamespaceEnabled(probe))) {
-            issues.push({
-                code: "userns-disabled",
-                message: "Linux user namespaces are disabled, so bubblewrap cannot create the sandbox.",
-                fixes: [
-                    "Check: cat /proc/sys/kernel/unprivileged_userns_clone",
-                    "Check: cat /proc/sys/user/max_user_namespaces",
-                    "Debian / Ubuntu: sudo sysctl kernel.unprivileged_userns_clone=1",
-                ],
-            });
-        }
-        return {
-            ok: issues.length === 0,
-            platform,
-            backend: "linux-bubblewrap",
-            issues,
-        };
-    }
-    return {
-        ok: false,
-        platform,
-        issues: [
-            {
-                code: "unsupported-platform",
-                message: `Shell sandbox is not supported on this platform: ${platform}.`,
-                fixes: [
-                    "Use macOS or Linux for local shell execution.",
-                ],
-            },
-        ],
-    };
-}
-//# sourceMappingURL=SandboxPreflight.js.map

package/bin/sandbox/SandboxPreflight.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"SandboxPreflight.js","sourceRoot":"","sources":["../../src/sandbox/SandboxPreflight.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAuEtC,KAAK,UAAU,aAAa,CAAC,OAAe;IAC1C,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACxD,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACzD,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAC1C,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;YACxB,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,WAAW;QACb,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,QAAgB;IACzC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,MAAM,KAAK,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;QAC9C,OAAO,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;IACvE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,2BAA2B,CACxC,KAAiC;IAEjC,MAAM,uBAAuB,GAAG,MAAM,KAAK,CAAC,WAAW,CACrD,4CAA4C,CAC7C,CAAC;IACF,IAAI,uBAAuB,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAEhD,MAAM,iBAAiB,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,oCAAoC,CAAC,CAAC;IACxF,IAAI,iBAAiB,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAE1C,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B;IAC9C,OAAO,MAAM,mCAAmC,CAAC;QAC/C,aAAa;QACb,WAAW;KACZ,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mCAAmC,CACvD,KAAiC;IAEjC,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IAClC,MAAM,MAAM,GAA4B,EAAE,CAAC;IAE3C,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC1B,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC;YACjD,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,kEAAkE;gBAC3E,KAAK,EAAE;oBACL,yDAAyD;iBAC1D;aACF,CAAC,CAAC;QACL,CAAC;QACD,OAAO;YACL,EAAE,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;YACvB,QAAQ;YACR,OAAO,EAAE,gBAAgB;YACzB,MAAM;SACP,CAAC;IACJ,CAAC;IAED,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,wEAAwE;gBACjF,KAAK,EAAE;oBACL,8CAA8C;oBAC9C,qCAAqC;oBACrC,iCAAiC;iBAClC;aACF,CAAC,CAAC;QACL,CAAC;QAED,IAAI,CAAC,CAAC,MAAM,2BAA2B,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;YAChD,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,8EAA8E;gBACvF,KAAK,EAAE;oBACL,uDAAuD;oBACvD,+CAA+C;oBAC/C,iEAAiE;iBAClE;aACF,CAAC,CAAC;QACL,CAAC;QAED,OAAO;YACL,EAAE,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;YACvB,QAAQ;YACR,OAAO,EAAE,kBAAkB;YAC3B,MAAM;SACP,CAAC;IACJ,CAAC;IAED,OAAO;QACL,EAAE,EAAE,KAAK;QACT,QAAQ;QACR,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,sBAAsB;gBAC5B,OAAO,EAAE,oDAAoD,QAAQ,GAAG;gBACxE,KAAK,EAAE;oBACL,+CAA+C;iBAChD;aACF;SACF;KACF,CAAC;AACJ,CAAC"}

package/bin/sandbox/SandboxRunner.d.ts DELETED Viewed

@@ -1,61 +0,0 @@
-/**
- * SandboxRunner 入口。
- *
- * 关键点（中文）
- * - 这里不实现完整的 session/read/write 协议，只负责本地子进程创建时统一进入 agent sandbox backend。
- * - 当前版本接入 macOS seatbelt 与 Linux bubblewrap backend。
- * - 本地命令不再允许回退到宿主机普通子进程执行。
- */
-import type { AgentContext } from "../types/runtime/agent/AgentContext.js";
-import type { SandboxSpawnResult } from "../sandbox/types/SandboxRuntime.js";
-/**
- * 启动 shell 子进程。
- */
-export declare function spawnShellProcess(params: {
-    context: AgentContext;
-    shellId: string;
-    shellDir: string;
-    cmd: string;
-    cwd: string;
-    shellPath: string;
-    login: boolean;
-    baseEnv: NodeJS.ProcessEnv;
-    sandboxMode?: "safe" | "unrestricted";
-}): Promise<SandboxSpawnResult>;
-/**
- * 在当前 agent sandbox 中启动本地子进程。
- */
-export declare function spawnInSandbox(params: {
-    context: AgentContext;
-    executionId: string;
-    executionDir: string;
-    cmd: string;
-    cwd: string;
-    shellPath: string;
-    login: boolean;
-    baseEnv: NodeJS.ProcessEnv;
-    sandboxMode?: "safe" | "unrestricted";
-}): Promise<SandboxSpawnResult>;
-/**
- * 执行一次 one-shot sandbox 命令并等待结束。
- *
- * 关键点（中文）
- * - 供 task script 这类“直接执行命令但不需要 shell session 管理”的路径复用。
- * - 非零退出码会直接抛错，行为与原先 `execa(..., { reject: true })` 保持一致。
- */
-export declare function runSandboxCommand(params: {
-    context: AgentContext;
-    executionId: string;
-    executionDir: string;
-    cmd: string;
-    cwd: string;
-    shellPath: string;
-    login: boolean;
-    baseEnv: NodeJS.ProcessEnv;
-}): Promise<{
-    stdout: string;
-    stderr: string;
-    exitCode: number;
-    spawn: SandboxSpawnResult;
-}>;
-//# sourceMappingURL=SandboxRunner.d.ts.map

package/bin/sandbox/SandboxRunner.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"SandboxRunner.d.ts","sourceRoot":"","sources":["../../src/sandbox/SandboxRunner.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,uCAAuC,CAAC;AAC1E,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,mCAAmC,CAAC;AAM5E;;GAEG;AACH,wBAAsB,iBAAiB,CAAC,MAAM,EAAE;IAC9C,OAAO,EAAE,YAAY,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,OAAO,CAAC;IACf,OAAO,EAAE,MAAM,CAAC,UAAU,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,GAAG,cAAc,CAAC;CACvC,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAY9B;AAED;;GAEG;AACH,wBAAsB,cAAc,CAAC,MAAM,EAAE;IAC3C,OAAO,EAAE,YAAY,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,OAAO,CAAC;IACf,OAAO,EAAE,MAAM,CAAC,UAAU,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,GAAG,cAAc,CAAC;CACvC,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAsC9B;AAED;;;;;;GAMG;AACH,wBAAsB,iBAAiB,CAAC,MAAM,EAAE;IAC9C,OAAO,EAAE,YAAY,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,OAAO,CAAC;IACf,OAAO,EAAE,MAAM,CAAC,UAAU,CAAC;CAC5B,GAAG,OAAO,CAAC;IACV,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,kBAAkB,CAAC;CAC3B,CAAC,CAiCD"}