@evomap/evolver 1.67.6 → 1.68.0-beta.2

package/src/gep/validator/sandboxExecutor.js

@@ -0,0 +1,262 @@
+// src/gep/validator/sandboxExecutor.js
+//
+// Runs validation commands provided by the Hub inside an isolated sandbox
+// directory with strict resource/time limits, and does NOT trust the capsule
+// or gene payload -- we only execute commands exactly as Hub sent them,
+// inside a fresh empty working directory, with network blocked by convention
+// and output truncated to a small size.
+//
+// Security posture:
+//  - Never run inside the evolver's own workspace or repo root.
+//  - Create a fresh temp directory per task; wipe after execution.
+//  - Per-command timeout defaults to 60s, hard cap 120s.
+//  - Total batch timeout defaults to 180s.
+//  - Collect stdout/stderr truncated to 4000 chars each to match
+//    ValidationReport.command.stdout/stderr schema on the Hub.
+//
+// This module is intentionally simple and has no external dependencies.
+'use strict';
+
+const fs = require('fs');
+const os = require('os');
+const path = require('path');
+const crypto = require('crypto');
+const { spawn } = require('child_process');
+
+const DEFAULT_CMD_TIMEOUT_MS = 60_000;
+const MAX_CMD_TIMEOUT_MS = 120_000;
+const DEFAULT_BATCH_TIMEOUT_MS = 180_000;
+const MAX_OUTPUT_CHARS = 4000;
+
+function safeNumber(v, fallback) {
+  const n = Number(v);
+  if (!Number.isFinite(n) || n <= 0) return fallback;
+  return n;
+}
+
+function truncate(str, limit) {
+  if (typeof str !== 'string') return '';
+  if (str.length <= limit) return str;
+  return str.slice(0, limit) + '\n...[truncated]';
+}
+
+function createSandboxDir() {
+  const base = path.join(os.tmpdir(), 'evolver-validator');
+  if (!fs.existsSync(base)) {
+    fs.mkdirSync(base, { recursive: true, mode: 0o700 });
+  }
+  const name = 'task_' + Date.now().toString(36) + '_' + crypto.randomBytes(4).toString('hex');
+  const dir = path.join(base, name);
+  fs.mkdirSync(dir, { mode: 0o700 });
+  return dir;
+}
+
+function cleanupDir(dir) {
+  if (!dir) return;
+  try {
+    fs.rmSync(dir, { recursive: true, force: true });
+  } catch (_) {
+    // non-fatal
+  }
+}
+
+function buildSandboxEnv() {
+  // Minimal env: no secrets, no proxy, TMPDIR isolated, PATH kept.
+  const base = {
+    PATH: process.env.PATH || '/usr/local/bin:/usr/bin:/bin',
+    HOME: process.env.HOME || '/tmp',
+    LANG: process.env.LANG || 'C.UTF-8',
+    LC_ALL: process.env.LC_ALL || 'C.UTF-8',
+    NODE_ENV: 'sandbox',
+    EVOLVER_SANDBOX: '1',
+  };
+  // Explicitly block common outbound-config envs.
+  return base;
+}
+
+function runSingleCommand(cmd, opts) {
+  const options = opts || {};
+  const timeoutMs = Math.min(
+    safeNumber(options.timeoutMs, DEFAULT_CMD_TIMEOUT_MS),
+    MAX_CMD_TIMEOUT_MS,
+  );
+  const cwd = options.cwd;
+  const env = buildSandboxEnv();
+
+  return new Promise((resolve) => {
+    let child;
+    try {
+      child = spawn(String(cmd), {
+        shell: true,
+        cwd,
+        env,
+        stdio: ['ignore', 'pipe', 'pipe'],
+      });
+    } catch (err) {
+      resolve({
+        cmd: String(cmd),
+        ok: false,
+        stdout: '',
+        stderr: 'spawn_failed: ' + (err && err.message ? err.message : String(err)),
+        exitCode: -1,
+        durationMs: 0,
+        timedOut: false,
+      });
+      return;
+    }
+
+    let stdout = '';
+    let stderr = '';
+    let settled = false;
+    const startedAt = Date.now();
+
+    const timer = setTimeout(() => {
+      if (!child.killed) {
+        try { child.kill('SIGKILL'); } catch (_) {}
+      }
+      if (!settled) {
+        settled = true;
+        resolve({
+          cmd: String(cmd),
+          ok: false,
+          stdout: truncate(stdout, MAX_OUTPUT_CHARS),
+          stderr: truncate(stderr + '\n[killed by sandbox timeout]', MAX_OUTPUT_CHARS),
+          exitCode: -1,
+          durationMs: Date.now() - startedAt,
+          timedOut: true,
+        });
+      }
+    }, timeoutMs);
+
+    child.stdout.on('data', (d) => {
+      stdout += d.toString('utf8');
+      if (stdout.length > MAX_OUTPUT_CHARS * 2) {
+        stdout = stdout.slice(-MAX_OUTPUT_CHARS * 2);
+      }
+    });
+    child.stderr.on('data', (d) => {
+      stderr += d.toString('utf8');
+      if (stderr.length > MAX_OUTPUT_CHARS * 2) {
+        stderr = stderr.slice(-MAX_OUTPUT_CHARS * 2);
+      }
+    });
+
+    child.on('error', (err) => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timer);
+      resolve({
+        cmd: String(cmd),
+        ok: false,
+        stdout: truncate(stdout, MAX_OUTPUT_CHARS),
+        stderr: truncate(stderr + '\n' + (err && err.message ? err.message : String(err)), MAX_OUTPUT_CHARS),
+        exitCode: -1,
+        durationMs: Date.now() - startedAt,
+        timedOut: false,
+      });
+    });
+
+    child.on('exit', (code, signal) => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timer);
+      const exitCode = typeof code === 'number' ? code : (signal ? -1 : -1);
+      resolve({
+        cmd: String(cmd),
+        ok: exitCode === 0,
+        stdout: truncate(stdout, MAX_OUTPUT_CHARS),
+        stderr: truncate(stderr, MAX_OUTPUT_CHARS),
+        exitCode,
+        durationMs: Date.now() - startedAt,
+        timedOut: false,
+      });
+    });
+  });
+}
+
+/**
+ * Run a list of validation commands in a fresh sandbox directory.
+ * Stops at the first failure and returns partial results.
+ *
+ * @param {string[]} commands
+ * @param {{ cmdTimeoutMs?: number, batchTimeoutMs?: number, keepSandbox?: boolean }} [opts]
+ * @returns {Promise<{
+ *   results: Array<{ cmd: string, ok: boolean, stdout: string, stderr: string, exitCode: number, durationMs: number, timedOut: boolean }>,
+ *   overallOk: boolean,
+ *   sandboxDir: string,
+ *   durationMs: number,
+ *   stoppedEarly: boolean,
+ * }>}
+ */
+async function runInSandbox(commands, opts) {
+  const options = opts || {};
+  const cmds = Array.isArray(commands) ? commands.filter((c) => typeof c === 'string' && c.trim()) : [];
+  const startedAt = Date.now();
+
+  if (cmds.length === 0) {
+    return {
+      results: [],
+      overallOk: false,
+      sandboxDir: null,
+      durationMs: 0,
+      stoppedEarly: false,
+      reason: 'no_commands',
+    };
+  }
+
+  const batchTimeoutMs = Math.min(
+    safeNumber(options.batchTimeoutMs, DEFAULT_BATCH_TIMEOUT_MS),
+    DEFAULT_BATCH_TIMEOUT_MS * 3,
+  );
+
+  const sandboxDir = createSandboxDir();
+  const results = [];
+  let stoppedEarly = false;
+
+  try {
+    for (const cmd of cmds) {
+      const elapsed = Date.now() - startedAt;
+      if (elapsed >= batchTimeoutMs) {
+        stoppedEarly = true;
+        break;
+      }
+      const remaining = batchTimeoutMs - elapsed;
+      const r = await runSingleCommand(cmd, {
+        cwd: sandboxDir,
+        timeoutMs: Math.min(
+          safeNumber(options.cmdTimeoutMs, DEFAULT_CMD_TIMEOUT_MS),
+          remaining,
+        ),
+      });
+      results.push(r);
+      if (!r.ok) {
+        stoppedEarly = true;
+        break;
+      }
+    }
+  } finally {
+    if (!options.keepSandbox) cleanupDir(sandboxDir);
+  }
+
+  const overallOk = results.length > 0 && results.every((r) => r.ok) && !stoppedEarly;
+
+  return {
+    results,
+    overallOk,
+    sandboxDir: options.keepSandbox ? sandboxDir : null,
+    durationMs: Date.now() - startedAt,
+    stoppedEarly,
+  };
+}
+
+module.exports = {
+  runInSandbox,
+  runSingleCommand,
+  createSandboxDir,
+  cleanupDir,
+  buildSandboxEnv,
+  DEFAULT_CMD_TIMEOUT_MS,
+  MAX_CMD_TIMEOUT_MS,
+  DEFAULT_BATCH_TIMEOUT_MS,
+  MAX_OUTPUT_CHARS,
+};

package/src/gep/validator/stakeBootstrap.js

@@ -0,0 +1,81 @@
+// src/gep/validator/stakeBootstrap.js
+//
+// Ensures this node has an active validator stake on the Hub before it
+// starts consuming validation tasks. Idempotent: repeated calls will not
+// create duplicate stakes; the Hub returns the existing active stake.
+'use strict';
+
+const crypto = require('crypto');
+const { buildHubHeaders, getHubUrl, getNodeId } = require('../a2aProtocol');
+
+const DEFAULT_STAKE_AMOUNT = Number(process.env.EVOLVER_VALIDATOR_STAKE_AMOUNT) || 100;
+const STAKE_TIMEOUT_MS = Number(process.env.EVOLVER_VALIDATOR_STAKE_TIMEOUT_MS) || 10_000;
+const HUB_URL_FALLBACK = process.env.A2A_HUB_URL || process.env.EVOMAP_HUB_URL || 'https://evomap.ai';
+
+function resolveHubUrl() {
+  try {
+    const u = getHubUrl && getHubUrl();
+    if (u && typeof u === 'string') return u;
+  } catch (_) {}
+  return HUB_URL_FALLBACK;
+}
+
+let _lastAttemptAt = 0;
+
+/**
+ * Attempt to stake credits so this node becomes eligible for validation tasks.
+ * Safe to call repeatedly; debounced to at most once per 5 minutes.
+ *
+ * @param {{ amount?: number, force?: boolean }} [opts]
+ */
+async function ensureValidatorStake(opts) {
+  const options = opts || {};
+  const now = Date.now();
+  if (!options.force && now - _lastAttemptAt < 5 * 60 * 1000) {
+    return { ok: true, skipped: 'debounced' };
+  }
+  _lastAttemptAt = now;
+
+  const nodeId = getNodeId();
+  if (!nodeId) return { ok: false, error: 'no_node_id' };
+
+  const hubUrl = resolveHubUrl();
+  const url = hubUrl.replace(/\/+$/, '') + '/a2a/validator/stake';
+  const amount = Math.max(100, Math.round(Number(options.amount) || DEFAULT_STAKE_AMOUNT));
+
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), STAKE_TIMEOUT_MS);
+
+  const body = {
+    sender_id: nodeId,
+    node_id: nodeId,
+    payload: { stake_amount: amount },
+    message_id: 'msg_' + Date.now().toString(36) + '_' + crypto.randomBytes(3).toString('hex'),
+    timestamp: new Date().toISOString(),
+  };
+
+  try {
+    const res = await fetch(url, {
+      method: 'POST',
+      headers: buildHubHeaders(),
+      body: JSON.stringify(body),
+      signal: controller.signal,
+    });
+    clearTimeout(timer);
+    const text = await res.text();
+    if (!res.ok) {
+      return { ok: false, status: res.status, error: text.slice(0, 400) };
+    }
+    let parsed;
+    try { parsed = JSON.parse(text); } catch { parsed = { raw: text }; }
+    return { ok: true, stake: parsed && parsed.stake ? parsed.stake : parsed };
+  } catch (err) {
+    clearTimeout(timer);
+    return { ok: false, error: err && err.message ? err.message : String(err) };
+  }
+}
+
+module.exports = {
+  ensureValidatorStake,
+  DEFAULT_STAKE_AMOUNT,
+};

package/src/ops/skills_monitor.js

@@ -92,7 +92,7 @@ function autoHeal(skillName, issues) {
                 // Remove package-lock.json if it exists to prevent conflict errors
                 try { fs.unlinkSync(path.join(skillPath, 'package-lock.json')); } catch (e) {}
                 
-                execSync('npm install --production --no-audit --no-fund', {
+                execSync('npm install --production --no-audit --no-fund --ignore-scripts', {
                     cwd: skillPath, stdio: 'ignore', timeout: 60000 // Increased timeout
                 });
                 healed.push(issues[i]);

package/src/proxy/mailbox/store.js

@@ -107,7 +107,9 @@ class MailboxStore {
   _persistState() {
     const dir = path.dirname(this._stateFile);
     if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
-    fs.writeFileSync(this._stateFile, JSON.stringify(this._state, null, 2) + '\n', 'utf8');
+    const tmp = `${this._stateFile}.tmp`;
+    fs.writeFileSync(tmp, JSON.stringify(this._state, null, 2) + '\n', 'utf8');
+    fs.renameSync(tmp, this._stateFile);
   }
 
   _rebuildIndex() {