@geminixiang/mama 0.1.10 → 0.2.0-beta.1

package/dist/sandbox.js

@@ -1,287 +1,2 @@
-import { spawn } from "child_process";
-export function parseSandboxArg(value) {
-    if (value === "host") {
-        return { type: "host" };
-    }
-    if (value.startsWith("docker:")) {
-        const container = value.slice("docker:".length);
-        if (!container) {
-            console.error("Error: docker sandbox requires container name (e.g., docker:mama-sandbox)");
-            process.exit(1);
-        }
-        return { type: "docker", container };
-    }
-    if (value.startsWith("firecracker:")) {
-        const arg = value.slice("firecracker:".length);
-        // Format: firecracker:<vm-id>:<host-path>[:<ssh-user>[:<ssh-port>]]
-        // Example: firecracker:vm1:/home/user/workspace
-        //          firecracker:vm1:/home/user/workspace:root
-        //          firecracker:vm1:/home/user/workspace:root:22
-        const parts = arg.split(":");
-        if (parts.length < 2) {
-            console.error("Error: firecracker sandbox requires vm-id and host-path\n" +
-                "Usage: firecracker:<vm-id>:<host-path>[:<ssh-user>[:<ssh-port>]]\n" +
-                "Example: firecracker:vm1:/home/user/workspace");
-            process.exit(1);
-        }
-        const vmId = parts[0];
-        const hostPath = parts[1];
-        const sshUser = parts[2] || "root";
-        const sshPort = parts[3] ? parseInt(parts[3], 10) : 22;
-        if (!vmId || !hostPath) {
-            console.error("Error: firecracker sandbox requires vm-id and host-path");
-            process.exit(1);
-        }
-        if (isNaN(sshPort) || sshPort <= 0 || sshPort > 65535) {
-            console.error("Error: invalid SSH port");
-            process.exit(1);
-        }
-        return { type: "firecracker", vmId, hostPath, sshUser, sshPort };
-    }
-    console.error(`Error: Invalid sandbox type '${value}'. Use 'host', 'docker:<container-name>', or 'firecracker:<vm-id>:<host-path>'`);
-    process.exit(1);
-}
-export async function validateSandbox(config) {
-    if (config.type === "host") {
-        return;
-    }
-    if (config.type === "docker") {
-        // Check if Docker is available
-        try {
-            await execSimple("docker", ["--version"]);
-        }
-        catch {
-            console.error("Error: Docker is not installed or not in PATH");
-            process.exit(1);
-        }
-        // Check if container exists and is running
-        try {
-            const result = await execSimple("docker", [
-                "inspect",
-                "-f",
-                "{{.State.Running}}",
-                config.container,
-            ]);
-            if (result.trim() !== "true") {
-                console.error(`Error: Container '${config.container}' is not running.`);
-                console.error(`Start it with: docker start ${config.container}`);
-                process.exit(1);
-            }
-        }
-        catch {
-            console.error(`Error: Container '${config.container}' does not exist.`);
-            console.error("Create it with: ./docker.sh create <data-dir>");
-            process.exit(1);
-        }
-        console.log(`  Docker container '${config.container}' is running.`);
-        return;
-    }
-    if (config.type === "firecracker") {
-        // Check if fc-agent or firecracker CLI is available
-        try {
-            await execSimple("fc-agent", ["--version"]);
-        }
-        catch {
-            // Try alternative: firecracker
-            try {
-                await execSimple("firecracker", ["--version"]);
-            }
-            catch {
-                console.error("Error: Firecracker tools (fc-agent or firecracker) not found in PATH");
-                console.error("Install firecracker: https://github.com/firecracker-microvm/firecracker");
-                process.exit(1);
-            }
-        }
-        // Check if VM is running using fc-agent
-        try {
-            const result = await execSimple("fc-agent", ["status", config.vmId]);
-            if (!result.includes("running") && !result.includes("Running")) {
-                console.error(`Error: Firecracker VM '${config.vmId}' is not running.`);
-                console.error(`Start it with: fc-agent start ${config.vmId}`);
-                process.exit(1);
-            }
-        }
-        catch {
-            // Try alternative: firecracker-ctl or direct check
-            try {
-                await execSimple("firecracker-ctl", ["status", config.vmId]);
-            }
-            catch {
-                console.error(`Warning: Could not verify if VM '${config.vmId}' is running.`);
-                console.error("Make sure the VM is started before running mama.");
-            }
-        }
-        // Verify host path exists
-        try {
-            await execSimple("ls", ["-d", config.hostPath]);
-        }
-        catch {
-            console.error(`Error: Host path '${config.hostPath}' does not exist.`);
-            process.exit(1);
-        }
-        console.log(`  Firecracker VM '${config.vmId}' configured with workspace '${config.hostPath}'.`);
-        return;
-    }
-}
-function execSimple(cmd, args) {
-    return new Promise((resolve, reject) => {
-        const child = spawn(cmd, args, { stdio: ["ignore", "pipe", "pipe"] });
-        let stdout = "";
-        let stderr = "";
-        child.stdout?.on("data", (d) => {
-            stdout += d;
-        });
-        child.stderr?.on("data", (d) => {
-            stderr += d;
-        });
-        child.on("close", (code) => {
-            if (code === 0)
-                resolve(stdout);
-            else
-                reject(new Error(stderr || `Exit code ${code}`));
-        });
-    });
-}
-/**
- * Create an executor that runs commands either on host, in Docker container, or in Firecracker VM
- */
-export function createExecutor(config) {
-    if (config.type === "host") {
-        return new HostExecutor();
-    }
-    if (config.type === "docker") {
-        return new DockerExecutor(config.container);
-    }
-    return new FirecrackerExecutor(config.vmId, config.hostPath, config.sshUser, config.sshPort);
-}
-class HostExecutor {
-    async exec(command, options) {
-        return new Promise((resolve, reject) => {
-            const shell = process.platform === "win32" ? "cmd" : "sh";
-            const shellArgs = process.platform === "win32" ? ["/c"] : ["-c"];
-            const child = spawn(shell, [...shellArgs, command], {
-                detached: true,
-                stdio: ["ignore", "pipe", "pipe"],
-            });
-            let stdout = "";
-            let stderr = "";
-            let timedOut = false;
-            const timeoutHandle = options?.timeout && options.timeout > 0
-                ? setTimeout(() => {
-                    timedOut = true;
-                    killProcessTree(child.pid);
-                }, options.timeout * 1000)
-                : undefined;
-            const onAbort = () => {
-                if (child.pid)
-                    killProcessTree(child.pid);
-            };
-            if (options?.signal) {
-                if (options.signal.aborted) {
-                    onAbort();
-                }
-                else {
-                    options.signal.addEventListener("abort", onAbort, { once: true });
-                }
-            }
-            child.stdout?.on("data", (data) => {
-                stdout += data.toString();
-                if (stdout.length > 10 * 1024 * 1024) {
-                    stdout = stdout.slice(0, 10 * 1024 * 1024);
-                }
-            });
-            child.stderr?.on("data", (data) => {
-                stderr += data.toString();
-                if (stderr.length > 10 * 1024 * 1024) {
-                    stderr = stderr.slice(0, 10 * 1024 * 1024);
-                }
-            });
-            child.on("close", (code) => {
-                if (timeoutHandle)
-                    clearTimeout(timeoutHandle);
-                if (options?.signal) {
-                    options.signal.removeEventListener("abort", onAbort);
-                }
-                if (options?.signal?.aborted) {
-                    reject(new Error(`${stdout}\n${stderr}\nCommand aborted`.trim()));
-                    return;
-                }
-                if (timedOut) {
-                    reject(new Error(`${stdout}\n${stderr}\nCommand timed out after ${options?.timeout} seconds`.trim()));
-                    return;
-                }
-                resolve({ stdout, stderr, code: code ?? 0 });
-            });
-        });
-    }
-    getWorkspacePath(hostPath) {
-        return hostPath;
-    }
-}
-class DockerExecutor {
-    constructor(container) {
-        this.container = container;
-    }
-    async exec(command, options) {
-        // Wrap command for docker exec
-        const dockerCmd = `docker exec ${this.container} sh -c ${shellEscape(command)}`;
-        const hostExecutor = new HostExecutor();
-        return hostExecutor.exec(dockerCmd, options);
-    }
-    getWorkspacePath(_hostPath) {
-        // Docker container sees /workspace
-        return "/workspace";
-    }
-}
-class FirecrackerExecutor {
-    constructor(vmId, hostPath, sshUser = "root", sshPort = 22) {
-        this.vmId = vmId;
-        this.hostPath = hostPath;
-        this.sshUser = sshUser;
-        this.sshPort = sshPort;
-    }
-    async exec(command, options) {
-        // Use direct SSH to execute command in the Firecracker VM
-        // The workspace inside the VM is expected to be mounted at /workspace
-        const sshCmd = this.sshPort === 22
-            ? `ssh -o StrictHostKeyChecking=no -o ConnectTimeout=10 ${this.sshUser}@${this.vmId} sh -c ${shellEscape(command)}`
-            : `ssh -o StrictHostKeyChecking=no -o ConnectTimeout=10 -p ${this.sshPort} ${this.sshUser}@${this.vmId} sh -c ${shellEscape(command)}`;
-        const hostExecutor = new HostExecutor();
-        return hostExecutor.exec(sshCmd, options);
-    }
-    getWorkspacePath(_hostPath) {
-        // Firecracker VM sees /workspace (assumes hostPath is mounted there)
-        return "/workspace";
-    }
-}
-function killProcessTree(pid) {
-    if (process.platform === "win32") {
-        try {
-            spawn("taskkill", ["/F", "/T", "/PID", String(pid)], {
-                stdio: "ignore",
-                detached: true,
-            });
-        }
-        catch {
-            // Ignore errors
-        }
-    }
-    else {
-        try {
-            process.kill(-pid, "SIGKILL");
-        }
-        catch {
-            try {
-                process.kill(pid, "SIGKILL");
-            }
-            catch {
-                // Process already dead
-            }
-        }
-    }
-}
-function shellEscape(s) {
-    // Escape for passing to sh -c
-    return `'${s.replace(/'/g, "'\\''")}'`;
-}
+export * from "./sandbox/index.js";
 //# sourceMappingURL=sandbox.js.map

package/dist/sandbox.js.map

@@ -1 +1 @@
-{"version":3,"file":"sandbox.js","sourceRoot":"","sources":["../src/sandbox.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAOtC,MAAM,UAAU,eAAe,CAAC,KAAa;IAC3C,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;QACrB,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAC1B,CAAC;IACD,IAAI,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAChC,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAChD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,2EAA2E,CAAC,CAAC;YAC3F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IACvC,CAAC;IACD,IAAI,KAAK,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;QACrC,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAC/C,oEAAoE;QACpE,gDAAgD;QAChD,qDAAqD;QACrD,wDAAwD;QACxD,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,CAAC,KAAK,CACX,2DAA2D;gBACzD,oEAAoE;gBACpE,+CAA+C,CAClD,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAC1B,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;QACnC,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAEvD,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACvB,OAAO,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC;YACzE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,OAAO,IAAI,CAAC,IAAI,OAAO,GAAG,KAAK,EAAE,CAAC;YACtD,OAAO,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACzC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;IACnE,CAAC;IACD,OAAO,CAAC,KAAK,CACX,gCAAgC,KAAK,gFAAgF,CACtH,CAAC;IACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,MAAqB;IACzD,IAAI,MAAM,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QAC3B,OAAO;IACT,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC7B,+BAA+B;QAC/B,IAAI,CAAC;YACH,MAAM,UAAU,CAAC,QAAQ,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;YAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,2CAA2C;QAC3C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE;gBACxC,SAAS;gBACT,IAAI;gBACJ,oBAAoB;gBACpB,MAAM,CAAC,SAAS;aACjB,CAAC,CAAC;YACH,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,MAAM,EAAE,CAAC;gBAC7B,OAAO,CAAC,KAAK,CAAC,qBAAqB,MAAM,CAAC,SAAS,mBAAmB,CAAC,CAAC;gBACxE,OAAO,CAAC,KAAK,CAAC,+BAA+B,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;gBACjE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,KAAK,CAAC,qBAAqB,MAAM,CAAC,SAAS,mBAAmB,CAAC,CAAC;YACxE,OAAO,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;YAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,uBAAuB,MAAM,CAAC,SAAS,eAAe,CAAC,CAAC;QACpE,OAAO;IACT,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;QAClC,oDAAoD;QACpD,IAAI,CAAC;YACH,MAAM,UAAU,CAAC,UAAU,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;QAC9C,CAAC;QAAC,MAAM,CAAC;YACP,+BAA+B;YAC/B,IAAI,CAAC;gBACH,MAAM,UAAU,CAAC,aAAa,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;YACjD,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,CAAC,KAAK,CAAC,sEAAsE,CAAC,CAAC;gBACtF,OAAO,CAAC,KAAK,CAAC,yEAAyE,CAAC,CAAC;gBACzF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,wCAAwC;QACxC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,UAAU,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;YACrE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC/D,OAAO,CAAC,KAAK,CAAC,0BAA0B,MAAM,CAAC,IAAI,mBAAmB,CAAC,CAAC;gBACxE,OAAO,CAAC,KAAK,CAAC,iCAAiC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC9D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,mDAAmD;YACnD,IAAI,CAAC;gBACH,MAAM,UAAU,CAAC,iBAAiB,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;YAC/D,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,CAAC,KAAK,CAAC,oCAAoC,MAAM,CAAC,IAAI,eAAe,CAAC,CAAC;gBAC9E,OAAO,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAED,0BAA0B;QAC1B,IAAI,CAAC;YACH,MAAM,UAAU,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;QAClD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,KAAK,CAAC,qBAAqB,MAAM,CAAC,QAAQ,mBAAmB,CAAC,CAAC;YACvE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,GAAG,CACT,qBAAqB,MAAM,CAAC,IAAI,gCAAgC,MAAM,CAAC,QAAQ,IAAI,CACpF,CAAC;QACF,OAAO;IACT,CAAC;AACH,CAAC;AAED,SAAS,UAAU,CAAC,GAAW,EAAE,IAAc;IAC7C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;QACtE,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE;YAC7B,MAAM,IAAI,CAAC,CAAC;QACd,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE;YAC7B,MAAM,IAAI,CAAC,CAAC;QACd,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;YACzB,IAAI,IAAI,KAAK,CAAC;gBAAE,OAAO,CAAC,MAAM,CAAC,CAAC;;gBAC3B,MAAM,CAAC,IAAI,KAAK,CAAC,MAAM,IAAI,aAAa,IAAI,EAAE,CAAC,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,MAAqB;IAClD,IAAI,MAAM,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QAC3B,OAAO,IAAI,YAAY,EAAE,CAAC;IAC5B,CAAC;IACD,IAAI,MAAM,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC7B,OAAO,IAAI,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC9C,CAAC;IACD,OAAO,IAAI,mBAAmB,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;AAC/F,CAAC;AA2BD,MAAM,YAAY;IAChB,KAAK,CAAC,IAAI,CAAC,OAAe,EAAE,OAAqB;QAC/C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,KAAK,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;YAC1D,MAAM,SAAS,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAEjE,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC,GAAG,SAAS,EAAE,OAAO,CAAC,EAAE;gBAClD,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;aAClC,CAAC,CAAC;YAEH,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,QAAQ,GAAG,KAAK,CAAC;YAErB,MAAM,aAAa,GACjB,OAAO,EAAE,OAAO,IAAI,OAAO,CAAC,OAAO,GAAG,CAAC;gBACrC,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE;oBACd,QAAQ,GAAG,IAAI,CAAC;oBAChB,eAAe,CAAC,KAAK,CAAC,GAAI,CAAC,CAAC;gBAC9B,CAAC,EAAE,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;gBAC5B,CAAC,CAAC,SAAS,CAAC;YAEhB,MAAM,OAAO,GAAG,GAAG,EAAE;gBACnB,IAAI,KAAK,CAAC,GAAG;oBAAE,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5C,CAAC,CAAC;YAEF,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;gBACpB,IAAI,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;oBAC3B,OAAO,EAAE,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;gBACpE,CAAC;YACH,CAAC;YAED,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAChC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;oBACrC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;gBAC7C,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAChC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;oBACrC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;gBAC7C,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACzB,IAAI,aAAa;oBAAE,YAAY,CAAC,aAAa,CAAC,CAAC;gBAC/C,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;oBACpB,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBACvD,CAAC;gBAED,IAAI,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;oBAC7B,MAAM,CAAC,IAAI,KAAK,CAAC,GAAG,MAAM,KAAK,MAAM,mBAAmB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;oBAClE,OAAO;gBACT,CAAC;gBAED,IAAI,QAAQ,EAAE,CAAC;oBACb,MAAM,CACJ,IAAI,KAAK,CACP,GAAG,MAAM,KAAK,MAAM,6BAA6B,OAAO,EAAE,OAAO,UAAU,CAAC,IAAI,EAAE,CACnF,CACF,CAAC;oBACF,OAAO;gBACT,CAAC;gBAED,OAAO,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,CAAC;YAC/C,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED,gBAAgB,CAAC,QAAgB;QAC/B,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF;AAED,MAAM,cAAc;IAClB,YAAoB,SAAiB;yBAAjB,SAAS;IAAW,CAAC;IAEzC,KAAK,CAAC,IAAI,CAAC,OAAe,EAAE,OAAqB;QAC/C,+BAA+B;QAC/B,MAAM,SAAS,GAAG,eAAe,IAAI,CAAC,SAAS,UAAU,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;QAChF,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;QACxC,OAAO,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC/C,CAAC;IAED,gBAAgB,CAAC,SAAiB;QAChC,mCAAmC;QACnC,OAAO,YAAY,CAAC;IACtB,CAAC;CACF;AAED,MAAM,mBAAmB;IACvB,YACU,IAAY,EACZ,QAAgB,EAChB,OAAO,GAAW,MAAM,EACxB,OAAO,GAAW,EAAE;oBAHpB,IAAI;wBACJ,QAAQ;uBACR,OAAO;uBACP,OAAO;IACd,CAAC;IAEJ,KAAK,CAAC,IAAI,CAAC,OAAe,EAAE,OAAqB;QAC/C,0DAA0D;QAC1D,sEAAsE;QACtE,MAAM,MAAM,GACV,IAAI,CAAC,OAAO,KAAK,EAAE;YACjB,CAAC,CAAC,wDAAwD,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,IAAI,UAAU,WAAW,CAAC,OAAO,CAAC,EAAE;YACnH,CAAC,CAAC,2DAA2D,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,IAAI,UAAU,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3I,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;QACxC,OAAO,YAAY,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5C,CAAC;IAED,gBAAgB,CAAC,SAAiB;QAChC,qEAAqE;QACrE,OAAO,YAAY,CAAC;IACtB,CAAC;CACF;AAED,SAAS,eAAe,CAAC,GAAW;IAClC,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QACjC,IAAI,CAAC;YACH,KAAK,CAAC,UAAU,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE;gBACnD,KAAK,EAAE,QAAQ;gBACf,QAAQ,EAAE,IAAI;aACf,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACP,gBAAgB;QAClB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,IAAI,CAAC;YACH,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAChC,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;YAC/B,CAAC;YAAC,MAAM,CAAC;gBACP,uBAAuB;YACzB,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,8BAA8B;IAC9B,OAAO,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC;AACzC,CAAC","sourcesContent":["import { spawn } from \"child_process\";\n\nexport type SandboxConfig =\n  | { type: \"host\" }\n  | { type: \"docker\"; container: string }\n  | { type: \"firecracker\"; vmId: string; hostPath: string; sshUser?: string; sshPort?: number };\n\nexport function parseSandboxArg(value: string): SandboxConfig {\n  if (value === \"host\") {\n    return { type: \"host\" };\n  }\n  if (value.startsWith(\"docker:\")) {\n    const container = value.slice(\"docker:\".length);\n    if (!container) {\n      console.error(\"Error: docker sandbox requires container name (e.g., docker:mama-sandbox)\");\n      process.exit(1);\n    }\n    return { type: \"docker\", container };\n  }\n  if (value.startsWith(\"firecracker:\")) {\n    const arg = value.slice(\"firecracker:\".length);\n    // Format: firecracker:<vm-id>:<host-path>[:<ssh-user>[:<ssh-port>]]\n    // Example: firecracker:vm1:/home/user/workspace\n    //          firecracker:vm1:/home/user/workspace:root\n    //          firecracker:vm1:/home/user/workspace:root:22\n    const parts = arg.split(\":\");\n    if (parts.length < 2) {\n      console.error(\n        \"Error: firecracker sandbox requires vm-id and host-path\\n\" +\n          \"Usage: firecracker:<vm-id>:<host-path>[:<ssh-user>[:<ssh-port>]]\\n\" +\n          \"Example: firecracker:vm1:/home/user/workspace\",\n      );\n      process.exit(1);\n    }\n    const vmId = parts[0];\n    const hostPath = parts[1];\n    const sshUser = parts[2] || \"root\";\n    const sshPort = parts[3] ? parseInt(parts[3], 10) : 22;\n\n    if (!vmId || !hostPath) {\n      console.error(\"Error: firecracker sandbox requires vm-id and host-path\");\n      process.exit(1);\n    }\n    if (isNaN(sshPort) || sshPort <= 0 || sshPort > 65535) {\n      console.error(\"Error: invalid SSH port\");\n      process.exit(1);\n    }\n    return { type: \"firecracker\", vmId, hostPath, sshUser, sshPort };\n  }\n  console.error(\n    `Error: Invalid sandbox type '${value}'. Use 'host', 'docker:<container-name>', or 'firecracker:<vm-id>:<host-path>'`,\n  );\n  process.exit(1);\n}\n\nexport async function validateSandbox(config: SandboxConfig): Promise<void> {\n  if (config.type === \"host\") {\n    return;\n  }\n\n  if (config.type === \"docker\") {\n    // Check if Docker is available\n    try {\n      await execSimple(\"docker\", [\"--version\"]);\n    } catch {\n      console.error(\"Error: Docker is not installed or not in PATH\");\n      process.exit(1);\n    }\n\n    // Check if container exists and is running\n    try {\n      const result = await execSimple(\"docker\", [\n        \"inspect\",\n        \"-f\",\n        \"{{.State.Running}}\",\n        config.container,\n      ]);\n      if (result.trim() !== \"true\") {\n        console.error(`Error: Container '${config.container}' is not running.`);\n        console.error(`Start it with: docker start ${config.container}`);\n        process.exit(1);\n      }\n    } catch {\n      console.error(`Error: Container '${config.container}' does not exist.`);\n      console.error(\"Create it with: ./docker.sh create <data-dir>\");\n      process.exit(1);\n    }\n\n    console.log(`  Docker container '${config.container}' is running.`);\n    return;\n  }\n\n  if (config.type === \"firecracker\") {\n    // Check if fc-agent or firecracker CLI is available\n    try {\n      await execSimple(\"fc-agent\", [\"--version\"]);\n    } catch {\n      // Try alternative: firecracker\n      try {\n        await execSimple(\"firecracker\", [\"--version\"]);\n      } catch {\n        console.error(\"Error: Firecracker tools (fc-agent or firecracker) not found in PATH\");\n        console.error(\"Install firecracker: https://github.com/firecracker-microvm/firecracker\");\n        process.exit(1);\n      }\n    }\n\n    // Check if VM is running using fc-agent\n    try {\n      const result = await execSimple(\"fc-agent\", [\"status\", config.vmId]);\n      if (!result.includes(\"running\") && !result.includes(\"Running\")) {\n        console.error(`Error: Firecracker VM '${config.vmId}' is not running.`);\n        console.error(`Start it with: fc-agent start ${config.vmId}`);\n        process.exit(1);\n      }\n    } catch {\n      // Try alternative: firecracker-ctl or direct check\n      try {\n        await execSimple(\"firecracker-ctl\", [\"status\", config.vmId]);\n      } catch {\n        console.error(`Warning: Could not verify if VM '${config.vmId}' is running.`);\n        console.error(\"Make sure the VM is started before running mama.\");\n      }\n    }\n\n    // Verify host path exists\n    try {\n      await execSimple(\"ls\", [\"-d\", config.hostPath]);\n    } catch {\n      console.error(`Error: Host path '${config.hostPath}' does not exist.`);\n      process.exit(1);\n    }\n\n    console.log(\n      `  Firecracker VM '${config.vmId}' configured with workspace '${config.hostPath}'.`,\n    );\n    return;\n  }\n}\n\nfunction execSimple(cmd: string, args: string[]): Promise<string> {\n  return new Promise((resolve, reject) => {\n    const child = spawn(cmd, args, { stdio: [\"ignore\", \"pipe\", \"pipe\"] });\n    let stdout = \"\";\n    let stderr = \"\";\n    child.stdout?.on(\"data\", (d) => {\n      stdout += d;\n    });\n    child.stderr?.on(\"data\", (d) => {\n      stderr += d;\n    });\n    child.on(\"close\", (code) => {\n      if (code === 0) resolve(stdout);\n      else reject(new Error(stderr || `Exit code ${code}`));\n    });\n  });\n}\n\n/**\n * Create an executor that runs commands either on host, in Docker container, or in Firecracker VM\n */\nexport function createExecutor(config: SandboxConfig): Executor {\n  if (config.type === \"host\") {\n    return new HostExecutor();\n  }\n  if (config.type === \"docker\") {\n    return new DockerExecutor(config.container);\n  }\n  return new FirecrackerExecutor(config.vmId, config.hostPath, config.sshUser, config.sshPort);\n}\n\nexport interface Executor {\n  /**\n   * Execute a bash command\n   */\n  exec(command: string, options?: ExecOptions): Promise<ExecResult>;\n\n  /**\n   * Get the workspace path prefix for this executor\n   * Host: returns the actual path\n   * Docker: returns /workspace\n   */\n  getWorkspacePath(hostPath: string): string;\n}\n\nexport interface ExecOptions {\n  timeout?: number;\n  signal?: AbortSignal;\n}\n\nexport interface ExecResult {\n  stdout: string;\n  stderr: string;\n  code: number;\n}\n\nclass HostExecutor implements Executor {\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    return new Promise((resolve, reject) => {\n      const shell = process.platform === \"win32\" ? \"cmd\" : \"sh\";\n      const shellArgs = process.platform === \"win32\" ? [\"/c\"] : [\"-c\"];\n\n      const child = spawn(shell, [...shellArgs, command], {\n        detached: true,\n        stdio: [\"ignore\", \"pipe\", \"pipe\"],\n      });\n\n      let stdout = \"\";\n      let stderr = \"\";\n      let timedOut = false;\n\n      const timeoutHandle =\n        options?.timeout && options.timeout > 0\n          ? setTimeout(() => {\n              timedOut = true;\n              killProcessTree(child.pid!);\n            }, options.timeout * 1000)\n          : undefined;\n\n      const onAbort = () => {\n        if (child.pid) killProcessTree(child.pid);\n      };\n\n      if (options?.signal) {\n        if (options.signal.aborted) {\n          onAbort();\n        } else {\n          options.signal.addEventListener(\"abort\", onAbort, { once: true });\n        }\n      }\n\n      child.stdout?.on(\"data\", (data) => {\n        stdout += data.toString();\n        if (stdout.length > 10 * 1024 * 1024) {\n          stdout = stdout.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.stderr?.on(\"data\", (data) => {\n        stderr += data.toString();\n        if (stderr.length > 10 * 1024 * 1024) {\n          stderr = stderr.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.on(\"close\", (code) => {\n        if (timeoutHandle) clearTimeout(timeoutHandle);\n        if (options?.signal) {\n          options.signal.removeEventListener(\"abort\", onAbort);\n        }\n\n        if (options?.signal?.aborted) {\n          reject(new Error(`${stdout}\\n${stderr}\\nCommand aborted`.trim()));\n          return;\n        }\n\n        if (timedOut) {\n          reject(\n            new Error(\n              `${stdout}\\n${stderr}\\nCommand timed out after ${options?.timeout} seconds`.trim(),\n            ),\n          );\n          return;\n        }\n\n        resolve({ stdout, stderr, code: code ?? 0 });\n      });\n    });\n  }\n\n  getWorkspacePath(hostPath: string): string {\n    return hostPath;\n  }\n}\n\nclass DockerExecutor implements Executor {\n  constructor(private container: string) {}\n\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    // Wrap command for docker exec\n    const dockerCmd = `docker exec ${this.container} sh -c ${shellEscape(command)}`;\n    const hostExecutor = new HostExecutor();\n    return hostExecutor.exec(dockerCmd, options);\n  }\n\n  getWorkspacePath(_hostPath: string): string {\n    // Docker container sees /workspace\n    return \"/workspace\";\n  }\n}\n\nclass FirecrackerExecutor implements Executor {\n  constructor(\n    private vmId: string,\n    private hostPath: string,\n    private sshUser: string = \"root\",\n    private sshPort: number = 22,\n  ) {}\n\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    // Use direct SSH to execute command in the Firecracker VM\n    // The workspace inside the VM is expected to be mounted at /workspace\n    const sshCmd =\n      this.sshPort === 22\n        ? `ssh -o StrictHostKeyChecking=no -o ConnectTimeout=10 ${this.sshUser}@${this.vmId} sh -c ${shellEscape(command)}`\n        : `ssh -o StrictHostKeyChecking=no -o ConnectTimeout=10 -p ${this.sshPort} ${this.sshUser}@${this.vmId} sh -c ${shellEscape(command)}`;\n    const hostExecutor = new HostExecutor();\n    return hostExecutor.exec(sshCmd, options);\n  }\n\n  getWorkspacePath(_hostPath: string): string {\n    // Firecracker VM sees /workspace (assumes hostPath is mounted there)\n    return \"/workspace\";\n  }\n}\n\nfunction killProcessTree(pid: number): void {\n  if (process.platform === \"win32\") {\n    try {\n      spawn(\"taskkill\", [\"/F\", \"/T\", \"/PID\", String(pid)], {\n        stdio: \"ignore\",\n        detached: true,\n      });\n    } catch {\n      // Ignore errors\n    }\n  } else {\n    try {\n      process.kill(-pid, \"SIGKILL\");\n    } catch {\n      try {\n        process.kill(pid, \"SIGKILL\");\n      } catch {\n        // Process already dead\n      }\n    }\n  }\n}\n\nfunction shellEscape(s: string): string {\n  // Escape for passing to sh -c\n  return `'${s.replace(/'/g, \"'\\\\''\")}'`;\n}\n"]}
+{"version":3,"file":"sandbox.js","sourceRoot":"","sources":["../src/sandbox.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAC","sourcesContent":["export * from \"./sandbox/index.js\";\n"]}

package/dist/sentry.d.ts

@@ -0,0 +1,31 @@
+import type { Breadcrumb, ErrorEvent, Event, EventHint, Scope } from "@sentry/node";
+export interface SentryRunScopeContext {
+    conversationId: string;
+    sessionKey: string;
+    messageId: string;
+    platform: string;
+    userId: string;
+    userName?: string;
+    threadTs?: string;
+    provider?: string;
+    model?: string;
+    isEvent?: boolean;
+}
+export declare function createSentryInitOptions(dsn?: string): {
+    dsn: string | undefined;
+    environment: string;
+    enabled: boolean;
+    sendDefaultPii: boolean;
+    tracesSampleRate: number;
+    includeLocalVariables: boolean;
+    enableLogs: boolean;
+    beforeSend(event: ErrorEvent, hint: EventHint): ErrorEvent | null;
+    beforeBreadcrumb(breadcrumb: Breadcrumb): Breadcrumb | null;
+};
+export declare function applyRunScope(scope: Scope, context: SentryRunScopeContext): void;
+export declare function metricAttributes(attributes: Record<string, string | number | boolean | undefined>): Record<string, string | number | boolean>;
+export declare function addLifecycleBreadcrumb(message: string, data?: Record<string, string | number | boolean | undefined>): void;
+export declare function sanitizeEvent<T extends Event>(event: T, _hint?: EventHint): T | null;
+export declare function sanitizeBreadcrumb(breadcrumb: Breadcrumb): Breadcrumb | null;
+export declare function sanitizeValue(value: unknown, key?: string, depth?: number): unknown;
+//# sourceMappingURL=sentry.d.ts.map

package/dist/sentry.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sentry.d.ts","sourceRoot":"","sources":["../src/sentry.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,UAAU,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,cAAc,CAAC;AA6CpF,MAAM,WAAW,qBAAqB;IACpC,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,wBAAgB,uBAAuB,CAAC,GAAG,CAAC,EAAE,MAAM;;;;;;;;sBAS9B,UAAU,QAAQ,SAAS,GAAG,UAAU,GAAG,IAAI;iCAGpC,UAAU,GAAG,UAAU,GAAG,IAAI;EAI9D;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,qBAAqB,GAAG,IAAI,CAuBhF;AAED,wBAAgB,gBAAgB,CAC9B,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,SAAS,CAAC,GAChE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,CAO3C;AAED,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,MAAM,EACf,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,SAAS,CAAC,GAC3D,IAAI,CAON;AAED,wBAAgB,aAAa,CAAC,CAAC,SAAS,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,SAAS,GAAG,CAAC,GAAG,IAAI,CA2CpF;AAED,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,UAAU,GAAG,UAAU,GAAG,IAAI,CAU5E;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,OAAO,EAAE,GAAG,CAAC,EAAE,MAAM,EAAE,KAAK,SAAI,GAAG,OAAO,CAwB9E","sourcesContent":["import type { Breadcrumb, ErrorEvent, Event, EventHint, Scope } from \"@sentry/node\";\nimport * as Sentry from \"@sentry/node\";\n\nconst REDACTED = \"[REDACTED]\";\nconst REDACTED_PATH = \"[REDACTED_PATH]\";\nconst MAX_STRING_LENGTH = 256;\nconst MAX_DEPTH = 4;\n\nconst SENSITIVE_KEYS = new Set([\n  \"args\",\n  \"attachment\",\n  \"attachments\",\n  \"authorization\",\n  \"body\",\n  \"content\",\n  \"contents\",\n  \"cookie\",\n  \"cookies\",\n  \"filePath\",\n  \"headers\",\n  \"image\",\n  \"imageAttachments\",\n  \"images\",\n  \"localPath\",\n  \"messages\",\n  \"newUserMessage\",\n  \"path\",\n  \"paths\",\n  \"prompt\",\n  \"response\",\n  \"result\",\n  \"systemPrompt\",\n  \"text\",\n  \"thinking\",\n]);\n\nconst ABSOLUTE_PATH_PATTERN =\n  /(?:\\/Users\\/[^\\s\"'`]+|\\/workspace\\/[^\\s\"'`]+|\\/tmp\\/[^\\s\"'`]+|\\/var\\/folders\\/[^\\s\"'`]+|[A-Za-z]:\\\\[^\\s\"'`]+)/;\nconst TOKEN_PATTERNS = [\n  /\\bsk-[A-Za-z0-9_-]{12,}\\b/,\n  /\\bxox[a-z]-[A-Za-z0-9-]{10,}\\b/,\n  /\\bAIza[0-9A-Za-z_-]{20,}\\b/,\n  /\\bgh[pousr]_[A-Za-z0-9]{20,}\\b/,\n];\n\nexport interface SentryRunScopeContext {\n  conversationId: string;\n  sessionKey: string;\n  messageId: string;\n  platform: string;\n  userId: string;\n  userName?: string;\n  threadTs?: string;\n  provider?: string;\n  model?: string;\n  isEvent?: boolean;\n}\n\nexport function createSentryInitOptions(dsn?: string) {\n  return {\n    dsn,\n    environment: process.env.SENTRY_ENVIRONMENT ?? \"production\",\n    enabled: Boolean(dsn) && process.env.SENTRY_ENABLED !== \"false\",\n    sendDefaultPii: false,\n    tracesSampleRate: process.env.NODE_ENV === \"development\" ? 1.0 : 1.0,\n    includeLocalVariables: false,\n    enableLogs: true,\n    beforeSend(event: ErrorEvent, hint: EventHint): ErrorEvent | null {\n      return sanitizeEvent(event, hint);\n    },\n    beforeBreadcrumb(breadcrumb: Breadcrumb): Breadcrumb | null {\n      return sanitizeBreadcrumb(breadcrumb);\n    },\n  };\n}\n\nexport function applyRunScope(scope: Scope, context: SentryRunScopeContext): void {\n  scope.setTag(\"channel_id\", context.conversationId);\n  scope.setTag(\"session_key\", context.sessionKey);\n  scope.setTag(\"platform\", context.platform);\n  scope.setTag(\"is_event\", String(Boolean(context.isEvent)));\n  if (context.threadTs) scope.setTag(\"thread_ts\", context.threadTs);\n  if (context.provider) scope.setTag(\"provider\", context.provider);\n  if (context.model) scope.setTag(\"model\", context.model);\n\n  scope.setUser({\n    id: context.userId,\n    username: context.userName,\n  });\n  scope.setContext(\"agent_run\", {\n    conversationId: context.conversationId,\n    sessionKey: context.sessionKey,\n    messageId: context.messageId,\n    threadTs: context.threadTs,\n    platform: context.platform,\n    provider: context.provider,\n    model: context.model,\n    isEvent: Boolean(context.isEvent),\n  });\n}\n\nexport function metricAttributes(\n  attributes: Record<string, string | number | boolean | undefined>,\n): Record<string, string | number | boolean> {\n  return Object.fromEntries(\n    Object.entries(attributes).filter((entry): entry is [string, string | number | boolean] => {\n      const [, value] = entry;\n      return value !== undefined;\n    }),\n  );\n}\n\nexport function addLifecycleBreadcrumb(\n  message: string,\n  data?: Record<string, string | number | boolean | undefined>,\n): void {\n  Sentry.addBreadcrumb({\n    category: \"agent.lifecycle\",\n    message,\n    level: \"info\",\n    data: data ? metricAttributes(data) : undefined,\n  });\n}\n\nexport function sanitizeEvent<T extends Event>(event: T, _hint?: EventHint): T | null {\n  const sanitized: T = {\n    ...event,\n    breadcrumbs: event.breadcrumbs\n      ?.map((breadcrumb) => sanitizeBreadcrumb(breadcrumb))\n      .filter((breadcrumb): breadcrumb is Breadcrumb => breadcrumb !== null),\n    extra: sanitizeValue(event.extra) as T[\"extra\"],\n    contexts: sanitizeValue(event.contexts) as T[\"contexts\"],\n    request: sanitizeRequest(event.request),\n    user: undefined,\n    server_name: undefined,\n  };\n\n  if (sanitized.message) {\n    sanitized.message = sanitizeString(sanitized.message);\n  }\n\n  if (sanitized.logentry) {\n    sanitized.logentry = {\n      ...sanitized.logentry,\n      message: sanitized.logentry.message ? sanitizeString(sanitized.logentry.message) : undefined,\n    };\n  }\n\n  if (sanitized.exception?.values) {\n    sanitized.exception.values = sanitized.exception.values.map((value) => ({\n      ...value,\n      value: value.value ? sanitizeString(value.value) : value.value,\n      stacktrace: value.stacktrace\n        ? {\n            ...value.stacktrace,\n            frames: value.stacktrace.frames?.map((frame) => ({\n              ...frame,\n              filename: frame.filename ? sanitizeString(frame.filename) : frame.filename,\n              abs_path: frame.abs_path ? sanitizeString(frame.abs_path) : frame.abs_path,\n              vars: undefined,\n            })),\n          }\n        : value.stacktrace,\n    }));\n  }\n\n  return sanitized;\n}\n\nexport function sanitizeBreadcrumb(breadcrumb: Breadcrumb): Breadcrumb | null {\n  if (breadcrumb.category === \"console\") {\n    return null;\n  }\n\n  return {\n    ...breadcrumb,\n    message: breadcrumb.message ? sanitizeString(breadcrumb.message) : breadcrumb.message,\n    data: sanitizeValue(breadcrumb.data) as Breadcrumb[\"data\"],\n  };\n}\n\nexport function sanitizeValue(value: unknown, key?: string, depth = 0): unknown {\n  if (value == null) return value;\n  if (depth > MAX_DEPTH) return \"[Truncated]\";\n\n  if (isSensitiveKey(key)) {\n    return summarizeValue(value, key);\n  }\n\n  if (typeof value === \"string\") {\n    return sanitizeString(value);\n  }\n\n  if (Array.isArray(value)) {\n    return value.slice(0, 20).map((entry) => sanitizeValue(entry, key, depth + 1));\n  }\n\n  if (typeof value === \"object\") {\n    const entries = Object.entries(value as Record<string, unknown>).map(\n      ([entryKey, entryValue]) => [entryKey, sanitizeValue(entryValue, entryKey, depth + 1)],\n    );\n    return Object.fromEntries(entries);\n  }\n\n  return value;\n}\n\nfunction sanitizeRequest(request: Event[\"request\"]): Event[\"request\"] {\n  if (!request) return request;\n\n  return {\n    ...request,\n    data: request.data ? summarizeValue(request.data, \"body\") : undefined,\n    headers: undefined,\n    cookies: undefined,\n  };\n}\n\nfunction isSensitiveKey(key?: string): boolean {\n  if (!key) return false;\n  return SENSITIVE_KEYS.has(key);\n}\n\nfunction summarizeValue(value: unknown, key?: string): string {\n  const label = key ?? \"field\";\n  if (typeof value === \"string\") {\n    return `[Redacted ${label}; length=${value.length}]`;\n  }\n  if (Array.isArray(value)) {\n    return `[Redacted ${label}; items=${value.length}]`;\n  }\n  if (value && typeof value === \"object\") {\n    return `[Redacted ${label}; keys=${Object.keys(value as Record<string, unknown>).length}]`;\n  }\n  return `[Redacted ${label}]`;\n}\n\nfunction sanitizeString(value: string): string {\n  let sanitized = value.replace(new RegExp(ABSOLUTE_PATH_PATTERN, \"g\"), REDACTED_PATH);\n  for (const pattern of TOKEN_PATTERNS) {\n    sanitized = sanitized.replace(new RegExp(pattern, \"g\"), REDACTED);\n  }\n  if (sanitized.length > MAX_STRING_LENGTH) {\n    return `${sanitized.slice(0, MAX_STRING_LENGTH)}… [truncated ${sanitized.length - MAX_STRING_LENGTH} chars]`;\n  }\n  return sanitized;\n}\n"]}

package/dist/sentry.js

@@ -0,0 +1,205 @@
+import * as Sentry from "@sentry/node";
+const REDACTED = "[REDACTED]";
+const REDACTED_PATH = "[REDACTED_PATH]";
+const MAX_STRING_LENGTH = 256;
+const MAX_DEPTH = 4;
+const SENSITIVE_KEYS = new Set([
+    "args",
+    "attachment",
+    "attachments",
+    "authorization",
+    "body",
+    "content",
+    "contents",
+    "cookie",
+    "cookies",
+    "filePath",
+    "headers",
+    "image",
+    "imageAttachments",
+    "images",
+    "localPath",
+    "messages",
+    "newUserMessage",
+    "path",
+    "paths",
+    "prompt",
+    "response",
+    "result",
+    "systemPrompt",
+    "text",
+    "thinking",
+]);
+const ABSOLUTE_PATH_PATTERN = /(?:\/Users\/[^\s"'`]+|\/workspace\/[^\s"'`]+|\/tmp\/[^\s"'`]+|\/var\/folders\/[^\s"'`]+|[A-Za-z]:\\[^\s"'`]+)/;
+const TOKEN_PATTERNS = [
+    /\bsk-[A-Za-z0-9_-]{12,}\b/,
+    /\bxox[a-z]-[A-Za-z0-9-]{10,}\b/,
+    /\bAIza[0-9A-Za-z_-]{20,}\b/,
+    /\bgh[pousr]_[A-Za-z0-9]{20,}\b/,
+];
+export function createSentryInitOptions(dsn) {
+    return {
+        dsn,
+        environment: process.env.SENTRY_ENVIRONMENT ?? "production",
+        enabled: Boolean(dsn) && process.env.SENTRY_ENABLED !== "false",
+        sendDefaultPii: false,
+        tracesSampleRate: process.env.NODE_ENV === "development" ? 1.0 : 1.0,
+        includeLocalVariables: false,
+        enableLogs: true,
+        beforeSend(event, hint) {
+            return sanitizeEvent(event, hint);
+        },
+        beforeBreadcrumb(breadcrumb) {
+            return sanitizeBreadcrumb(breadcrumb);
+        },
+    };
+}
+export function applyRunScope(scope, context) {
+    scope.setTag("channel_id", context.conversationId);
+    scope.setTag("session_key", context.sessionKey);
+    scope.setTag("platform", context.platform);
+    scope.setTag("is_event", String(Boolean(context.isEvent)));
+    if (context.threadTs)
+        scope.setTag("thread_ts", context.threadTs);
+    if (context.provider)
+        scope.setTag("provider", context.provider);
+    if (context.model)
+        scope.setTag("model", context.model);
+    scope.setUser({
+        id: context.userId,
+        username: context.userName,
+    });
+    scope.setContext("agent_run", {
+        conversationId: context.conversationId,
+        sessionKey: context.sessionKey,
+        messageId: context.messageId,
+        threadTs: context.threadTs,
+        platform: context.platform,
+        provider: context.provider,
+        model: context.model,
+        isEvent: Boolean(context.isEvent),
+    });
+}
+export function metricAttributes(attributes) {
+    return Object.fromEntries(Object.entries(attributes).filter((entry) => {
+        const [, value] = entry;
+        return value !== undefined;
+    }));
+}
+export function addLifecycleBreadcrumb(message, data) {
+    Sentry.addBreadcrumb({
+        category: "agent.lifecycle",
+        message,
+        level: "info",
+        data: data ? metricAttributes(data) : undefined,
+    });
+}
+export function sanitizeEvent(event, _hint) {
+    const sanitized = {
+        ...event,
+        breadcrumbs: event.breadcrumbs
+            ?.map((breadcrumb) => sanitizeBreadcrumb(breadcrumb))
+            .filter((breadcrumb) => breadcrumb !== null),
+        extra: sanitizeValue(event.extra),
+        contexts: sanitizeValue(event.contexts),
+        request: sanitizeRequest(event.request),
+        user: undefined,
+        server_name: undefined,
+    };
+    if (sanitized.message) {
+        sanitized.message = sanitizeString(sanitized.message);
+    }
+    if (sanitized.logentry) {
+        sanitized.logentry = {
+            ...sanitized.logentry,
+            message: sanitized.logentry.message ? sanitizeString(sanitized.logentry.message) : undefined,
+        };
+    }
+    if (sanitized.exception?.values) {
+        sanitized.exception.values = sanitized.exception.values.map((value) => ({
+            ...value,
+            value: value.value ? sanitizeString(value.value) : value.value,
+            stacktrace: value.stacktrace
+                ? {
+                    ...value.stacktrace,
+                    frames: value.stacktrace.frames?.map((frame) => ({
+                        ...frame,
+                        filename: frame.filename ? sanitizeString(frame.filename) : frame.filename,
+                        abs_path: frame.abs_path ? sanitizeString(frame.abs_path) : frame.abs_path,
+                        vars: undefined,
+                    })),
+                }
+                : value.stacktrace,
+        }));
+    }
+    return sanitized;
+}
+export function sanitizeBreadcrumb(breadcrumb) {
+    if (breadcrumb.category === "console") {
+        return null;
+    }
+    return {
+        ...breadcrumb,
+        message: breadcrumb.message ? sanitizeString(breadcrumb.message) : breadcrumb.message,
+        data: sanitizeValue(breadcrumb.data),
+    };
+}
+export function sanitizeValue(value, key, depth = 0) {
+    if (value == null)
+        return value;
+    if (depth > MAX_DEPTH)
+        return "[Truncated]";
+    if (isSensitiveKey(key)) {
+        return summarizeValue(value, key);
+    }
+    if (typeof value === "string") {
+        return sanitizeString(value);
+    }
+    if (Array.isArray(value)) {
+        return value.slice(0, 20).map((entry) => sanitizeValue(entry, key, depth + 1));
+    }
+    if (typeof value === "object") {
+        const entries = Object.entries(value).map(([entryKey, entryValue]) => [entryKey, sanitizeValue(entryValue, entryKey, depth + 1)]);
+        return Object.fromEntries(entries);
+    }
+    return value;
+}
+function sanitizeRequest(request) {
+    if (!request)
+        return request;
+    return {
+        ...request,
+        data: request.data ? summarizeValue(request.data, "body") : undefined,
+        headers: undefined,
+        cookies: undefined,
+    };
+}
+function isSensitiveKey(key) {
+    if (!key)
+        return false;
+    return SENSITIVE_KEYS.has(key);
+}
+function summarizeValue(value, key) {
+    const label = key ?? "field";
+    if (typeof value === "string") {
+        return `[Redacted ${label}; length=${value.length}]`;
+    }
+    if (Array.isArray(value)) {
+        return `[Redacted ${label}; items=${value.length}]`;
+    }
+    if (value && typeof value === "object") {
+        return `[Redacted ${label}; keys=${Object.keys(value).length}]`;
+    }
+    return `[Redacted ${label}]`;
+}
+function sanitizeString(value) {
+    let sanitized = value.replace(new RegExp(ABSOLUTE_PATH_PATTERN, "g"), REDACTED_PATH);
+    for (const pattern of TOKEN_PATTERNS) {
+        sanitized = sanitized.replace(new RegExp(pattern, "g"), REDACTED);
+    }
+    if (sanitized.length > MAX_STRING_LENGTH) {
+        return `${sanitized.slice(0, MAX_STRING_LENGTH)}… [truncated ${sanitized.length - MAX_STRING_LENGTH} chars]`;
+    }
+    return sanitized;
+}
+//# sourceMappingURL=sentry.js.map

package/dist/sentry.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sentry.js","sourceRoot":"","sources":["../src/sentry.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,MAAM,MAAM,cAAc,CAAC;AAEvC,MAAM,QAAQ,GAAG,YAAY,CAAC;AAC9B,MAAM,aAAa,GAAG,iBAAiB,CAAC;AACxC,MAAM,iBAAiB,GAAG,GAAG,CAAC;AAC9B,MAAM,SAAS,GAAG,CAAC,CAAC;AAEpB,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC;IAC7B,MAAM;IACN,YAAY;IACZ,aAAa;IACb,eAAe;IACf,MAAM;IACN,SAAS;IACT,UAAU;IACV,QAAQ;IACR,SAAS;IACT,UAAU;IACV,SAAS;IACT,OAAO;IACP,kBAAkB;IAClB,QAAQ;IACR,WAAW;IACX,UAAU;IACV,gBAAgB;IAChB,MAAM;IACN,OAAO;IACP,QAAQ;IACR,UAAU;IACV,QAAQ;IACR,cAAc;IACd,MAAM;IACN,UAAU;CACX,CAAC,CAAC;AAEH,MAAM,qBAAqB,GACzB,+GAA+G,CAAC;AAClH,MAAM,cAAc,GAAG;IACrB,2BAA2B;IAC3B,gCAAgC;IAChC,4BAA4B;IAC5B,gCAAgC;CACjC,CAAC;AAeF,MAAM,UAAU,uBAAuB,CAAC,GAAY;IAClD,OAAO;QACL,GAAG;QACH,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,YAAY;QAC3D,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,OAAO;QAC/D,cAAc,EAAE,KAAK;QACrB,gBAAgB,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;QACpE,qBAAqB,EAAE,KAAK;QAC5B,UAAU,EAAE,IAAI;QAChB,UAAU,CAAC,KAAiB,EAAE,IAAe;YAC3C,OAAO,aAAa,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QACpC,CAAC;QACD,gBAAgB,CAAC,UAAsB;YACrC,OAAO,kBAAkB,CAAC,UAAU,CAAC,CAAC;QACxC,CAAC;KACF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,KAAY,EAAE,OAA8B;IACxE,KAAK,CAAC,MAAM,CAAC,YAAY,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;IACnD,KAAK,CAAC,MAAM,CAAC,aAAa,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;IAChD,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC3C,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAC3D,IAAI,OAAO,CAAC,QAAQ;QAAE,KAAK,CAAC,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;IAClE,IAAI,OAAO,CAAC,QAAQ;QAAE,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;IACjE,IAAI,OAAO,CAAC,KAAK;QAAE,KAAK,CAAC,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;IAExD,KAAK,CAAC,OAAO,CAAC;QACZ,EAAE,EAAE,OAAO,CAAC,MAAM;QAClB,QAAQ,EAAE,OAAO,CAAC,QAAQ;KAC3B,CAAC,CAAC;IACH,KAAK,CAAC,UAAU,CAAC,WAAW,EAAE;QAC5B,cAAc,EAAE,OAAO,CAAC,cAAc;QACtC,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC;KAClC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,gBAAgB,CAC9B,UAAiE;IAEjE,OAAO,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,KAAK,EAAgD,EAAE;QACxF,MAAM,CAAC,EAAE,KAAK,CAAC,GAAG,KAAK,CAAC;QACxB,OAAO,KAAK,KAAK,SAAS,CAAC;IAC7B,CAAC,CAAC,CACH,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,sBAAsB,CACpC,OAAe,EACf,IAA4D;IAE5D,MAAM,CAAC,aAAa,CAAC;QACnB,QAAQ,EAAE,iBAAiB;QAC3B,OAAO;QACP,KAAK,EAAE,MAAM;QACb,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;KAChD,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,aAAa,CAAkB,KAAQ,EAAE,KAAiB;IACxE,MAAM,SAAS,GAAM;QACnB,GAAG,KAAK;QACR,WAAW,EAAE,KAAK,CAAC,WAAW;YAC5B,EAAE,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;aACpD,MAAM,CAAC,CAAC,UAAU,EAA4B,EAAE,CAAC,UAAU,KAAK,IAAI,CAAC;QACxE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,KAAK,CAAe;QAC/C,QAAQ,EAAE,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAkB;QACxD,OAAO,EAAE,eAAe,CAAC,KAAK,CAAC,OAAO,CAAC;QACvC,IAAI,EAAE,SAAS;QACf,WAAW,EAAE,SAAS;KACvB,CAAC;IAEF,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;QACtB,SAAS,CAAC,OAAO,GAAG,cAAc,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IACxD,CAAC;IAED,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;QACvB,SAAS,CAAC,QAAQ,GAAG;YACnB,GAAG,SAAS,CAAC,QAAQ;YACrB,OAAO,EAAE,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,cAAc,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS;SAC7F,CAAC;IACJ,CAAC;IAED,IAAI,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,CAAC;QAChC,SAAS,CAAC,SAAS,CAAC,MAAM,GAAG,SAAS,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YACtE,GAAG,KAAK;YACR,KAAK,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,cAAc,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK;YAC9D,UAAU,EAAE,KAAK,CAAC,UAAU;gBAC1B,CAAC,CAAC;oBACE,GAAG,KAAK,CAAC,UAAU;oBACnB,MAAM,EAAE,KAAK,CAAC,UAAU,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;wBAC/C,GAAG,KAAK;wBACR,QAAQ,EAAE,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ;wBAC1E,QAAQ,EAAE,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ;wBAC1E,IAAI,EAAE,SAAS;qBAChB,CAAC,CAAC;iBACJ;gBACH,CAAC,CAAC,KAAK,CAAC,UAAU;SACrB,CAAC,CAAC,CAAC;IACN,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,UAAsB;IACvD,IAAI,UAAU,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QACtC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO;QACL,GAAG,UAAU;QACb,OAAO,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO;QACrF,IAAI,EAAE,aAAa,CAAC,UAAU,CAAC,IAAI,CAAuB;KAC3D,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,KAAc,EAAE,GAAY,EAAE,KAAK,GAAG,CAAC;IACnE,IAAI,KAAK,IAAI,IAAI;QAAE,OAAO,KAAK,CAAC;IAChC,IAAI,KAAK,GAAG,SAAS;QAAE,OAAO,aAAa,CAAC;IAE5C,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;QACxB,OAAO,cAAc,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IACpC,CAAC;IAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,cAAc,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,aAAa,CAAC,KAAK,EAAE,GAAG,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC;IACjF,CAAC;IAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,KAAgC,CAAC,CAAC,GAAG,CAClE,CAAC,CAAC,QAAQ,EAAE,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC,QAAQ,EAAE,aAAa,CAAC,UAAU,EAAE,QAAQ,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CACvF,CAAC;QACF,OAAO,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;IACrC,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,eAAe,CAAC,OAAyB;IAChD,IAAI,CAAC,OAAO;QAAE,OAAO,OAAO,CAAC;IAE7B,OAAO;QACL,GAAG,OAAO;QACV,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;QACrE,OAAO,EAAE,SAAS;QAClB,OAAO,EAAE,SAAS;KACnB,CAAC;AACJ,CAAC;AAED,SAAS,cAAc,CAAC,GAAY;IAClC,IAAI,CAAC,GAAG;QAAE,OAAO,KAAK,CAAC;IACvB,OAAO,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;AACjC,CAAC;AAED,SAAS,cAAc,CAAC,KAAc,EAAE,GAAY;IAClD,MAAM,KAAK,GAAG,GAAG,IAAI,OAAO,CAAC;IAC7B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,aAAa,KAAK,YAAY,KAAK,CAAC,MAAM,GAAG,CAAC;IACvD,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,aAAa,KAAK,WAAW,KAAK,CAAC,MAAM,GAAG,CAAC;IACtD,CAAC;IACD,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACvC,OAAO,aAAa,KAAK,UAAU,MAAM,CAAC,IAAI,CAAC,KAAgC,CAAC,CAAC,MAAM,GAAG,CAAC;IAC7F,CAAC;IACD,OAAO,aAAa,KAAK,GAAG,CAAC;AAC/B,CAAC;AAED,SAAS,cAAc,CAAC,KAAa;IACnC,IAAI,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,qBAAqB,EAAE,GAAG,CAAC,EAAE,aAAa,CAAC,CAAC;IACrF,KAAK,MAAM,OAAO,IAAI,cAAc,EAAE,CAAC;QACrC,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,QAAQ,CAAC,CAAC;IACpE,CAAC;IACD,IAAI,SAAS,CAAC,MAAM,GAAG,iBAAiB,EAAE,CAAC;QACzC,OAAO,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,iBAAiB,CAAC,gBAAgB,SAAS,CAAC,MAAM,GAAG,iBAAiB,SAAS,CAAC;IAC/G,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC","sourcesContent":["import type { Breadcrumb, ErrorEvent, Event, EventHint, Scope } from \"@sentry/node\";\nimport * as Sentry from \"@sentry/node\";\n\nconst REDACTED = \"[REDACTED]\";\nconst REDACTED_PATH = \"[REDACTED_PATH]\";\nconst MAX_STRING_LENGTH = 256;\nconst MAX_DEPTH = 4;\n\nconst SENSITIVE_KEYS = new Set([\n  \"args\",\n  \"attachment\",\n  \"attachments\",\n  \"authorization\",\n  \"body\",\n  \"content\",\n  \"contents\",\n  \"cookie\",\n  \"cookies\",\n  \"filePath\",\n  \"headers\",\n  \"image\",\n  \"imageAttachments\",\n  \"images\",\n  \"localPath\",\n  \"messages\",\n  \"newUserMessage\",\n  \"path\",\n  \"paths\",\n  \"prompt\",\n  \"response\",\n  \"result\",\n  \"systemPrompt\",\n  \"text\",\n  \"thinking\",\n]);\n\nconst ABSOLUTE_PATH_PATTERN =\n  /(?:\\/Users\\/[^\\s\"'`]+|\\/workspace\\/[^\\s\"'`]+|\\/tmp\\/[^\\s\"'`]+|\\/var\\/folders\\/[^\\s\"'`]+|[A-Za-z]:\\\\[^\\s\"'`]+)/;\nconst TOKEN_PATTERNS = [\n  /\\bsk-[A-Za-z0-9_-]{12,}\\b/,\n  /\\bxox[a-z]-[A-Za-z0-9-]{10,}\\b/,\n  /\\bAIza[0-9A-Za-z_-]{20,}\\b/,\n  /\\bgh[pousr]_[A-Za-z0-9]{20,}\\b/,\n];\n\nexport interface SentryRunScopeContext {\n  conversationId: string;\n  sessionKey: string;\n  messageId: string;\n  platform: string;\n  userId: string;\n  userName?: string;\n  threadTs?: string;\n  provider?: string;\n  model?: string;\n  isEvent?: boolean;\n}\n\nexport function createSentryInitOptions(dsn?: string) {\n  return {\n    dsn,\n    environment: process.env.SENTRY_ENVIRONMENT ?? \"production\",\n    enabled: Boolean(dsn) && process.env.SENTRY_ENABLED !== \"false\",\n    sendDefaultPii: false,\n    tracesSampleRate: process.env.NODE_ENV === \"development\" ? 1.0 : 1.0,\n    includeLocalVariables: false,\n    enableLogs: true,\n    beforeSend(event: ErrorEvent, hint: EventHint): ErrorEvent | null {\n      return sanitizeEvent(event, hint);\n    },\n    beforeBreadcrumb(breadcrumb: Breadcrumb): Breadcrumb | null {\n      return sanitizeBreadcrumb(breadcrumb);\n    },\n  };\n}\n\nexport function applyRunScope(scope: Scope, context: SentryRunScopeContext): void {\n  scope.setTag(\"channel_id\", context.conversationId);\n  scope.setTag(\"session_key\", context.sessionKey);\n  scope.setTag(\"platform\", context.platform);\n  scope.setTag(\"is_event\", String(Boolean(context.isEvent)));\n  if (context.threadTs) scope.setTag(\"thread_ts\", context.threadTs);\n  if (context.provider) scope.setTag(\"provider\", context.provider);\n  if (context.model) scope.setTag(\"model\", context.model);\n\n  scope.setUser({\n    id: context.userId,\n    username: context.userName,\n  });\n  scope.setContext(\"agent_run\", {\n    conversationId: context.conversationId,\n    sessionKey: context.sessionKey,\n    messageId: context.messageId,\n    threadTs: context.threadTs,\n    platform: context.platform,\n    provider: context.provider,\n    model: context.model,\n    isEvent: Boolean(context.isEvent),\n  });\n}\n\nexport function metricAttributes(\n  attributes: Record<string, string | number | boolean | undefined>,\n): Record<string, string | number | boolean> {\n  return Object.fromEntries(\n    Object.entries(attributes).filter((entry): entry is [string, string | number | boolean] => {\n      const [, value] = entry;\n      return value !== undefined;\n    }),\n  );\n}\n\nexport function addLifecycleBreadcrumb(\n  message: string,\n  data?: Record<string, string | number | boolean | undefined>,\n): void {\n  Sentry.addBreadcrumb({\n    category: \"agent.lifecycle\",\n    message,\n    level: \"info\",\n    data: data ? metricAttributes(data) : undefined,\n  });\n}\n\nexport function sanitizeEvent<T extends Event>(event: T, _hint?: EventHint): T | null {\n  const sanitized: T = {\n    ...event,\n    breadcrumbs: event.breadcrumbs\n      ?.map((breadcrumb) => sanitizeBreadcrumb(breadcrumb))\n      .filter((breadcrumb): breadcrumb is Breadcrumb => breadcrumb !== null),\n    extra: sanitizeValue(event.extra) as T[\"extra\"],\n    contexts: sanitizeValue(event.contexts) as T[\"contexts\"],\n    request: sanitizeRequest(event.request),\n    user: undefined,\n    server_name: undefined,\n  };\n\n  if (sanitized.message) {\n    sanitized.message = sanitizeString(sanitized.message);\n  }\n\n  if (sanitized.logentry) {\n    sanitized.logentry = {\n      ...sanitized.logentry,\n      message: sanitized.logentry.message ? sanitizeString(sanitized.logentry.message) : undefined,\n    };\n  }\n\n  if (sanitized.exception?.values) {\n    sanitized.exception.values = sanitized.exception.values.map((value) => ({\n      ...value,\n      value: value.value ? sanitizeString(value.value) : value.value,\n      stacktrace: value.stacktrace\n        ? {\n            ...value.stacktrace,\n            frames: value.stacktrace.frames?.map((frame) => ({\n              ...frame,\n              filename: frame.filename ? sanitizeString(frame.filename) : frame.filename,\n              abs_path: frame.abs_path ? sanitizeString(frame.abs_path) : frame.abs_path,\n              vars: undefined,\n            })),\n          }\n        : value.stacktrace,\n    }));\n  }\n\n  return sanitized;\n}\n\nexport function sanitizeBreadcrumb(breadcrumb: Breadcrumb): Breadcrumb | null {\n  if (breadcrumb.category === \"console\") {\n    return null;\n  }\n\n  return {\n    ...breadcrumb,\n    message: breadcrumb.message ? sanitizeString(breadcrumb.message) : breadcrumb.message,\n    data: sanitizeValue(breadcrumb.data) as Breadcrumb[\"data\"],\n  };\n}\n\nexport function sanitizeValue(value: unknown, key?: string, depth = 0): unknown {\n  if (value == null) return value;\n  if (depth > MAX_DEPTH) return \"[Truncated]\";\n\n  if (isSensitiveKey(key)) {\n    return summarizeValue(value, key);\n  }\n\n  if (typeof value === \"string\") {\n    return sanitizeString(value);\n  }\n\n  if (Array.isArray(value)) {\n    return value.slice(0, 20).map((entry) => sanitizeValue(entry, key, depth + 1));\n  }\n\n  if (typeof value === \"object\") {\n    const entries = Object.entries(value as Record<string, unknown>).map(\n      ([entryKey, entryValue]) => [entryKey, sanitizeValue(entryValue, entryKey, depth + 1)],\n    );\n    return Object.fromEntries(entries);\n  }\n\n  return value;\n}\n\nfunction sanitizeRequest(request: Event[\"request\"]): Event[\"request\"] {\n  if (!request) return request;\n\n  return {\n    ...request,\n    data: request.data ? summarizeValue(request.data, \"body\") : undefined,\n    headers: undefined,\n    cookies: undefined,\n  };\n}\n\nfunction isSensitiveKey(key?: string): boolean {\n  if (!key) return false;\n  return SENSITIVE_KEYS.has(key);\n}\n\nfunction summarizeValue(value: unknown, key?: string): string {\n  const label = key ?? \"field\";\n  if (typeof value === \"string\") {\n    return `[Redacted ${label}; length=${value.length}]`;\n  }\n  if (Array.isArray(value)) {\n    return `[Redacted ${label}; items=${value.length}]`;\n  }\n  if (value && typeof value === \"object\") {\n    return `[Redacted ${label}; keys=${Object.keys(value as Record<string, unknown>).length}]`;\n  }\n  return `[Redacted ${label}]`;\n}\n\nfunction sanitizeString(value: string): string {\n  let sanitized = value.replace(new RegExp(ABSOLUTE_PATH_PATTERN, \"g\"), REDACTED_PATH);\n  for (const pattern of TOKEN_PATTERNS) {\n    sanitized = sanitized.replace(new RegExp(pattern, \"g\"), REDACTED);\n  }\n  if (sanitized.length > MAX_STRING_LENGTH) {\n    return `${sanitized.slice(0, MAX_STRING_LENGTH)}… [truncated ${sanitized.length - MAX_STRING_LENGTH} chars]`;\n  }\n  return sanitized;\n}\n"]}