@geminixiang/mama 0.2.0-beta.2 → 0.2.0-beta.20

package/dist/sandbox/cloudflare.d.ts

@@ -0,0 +1,15 @@
+import type { CloudflareSandboxConfig, ExecOptions, ExecResult, Executor, RuntimePathContext, SandboxAdapter } from "./types.js";
+export declare function parseCloudflareSandboxArg(value: string): CloudflareSandboxConfig | undefined;
+export declare function validateCloudflareSandbox(_config: CloudflareSandboxConfig): Promise<void>;
+export declare class CloudflareSandboxExecutor implements Executor {
+    private readonly sandboxId;
+    private readonly env?;
+    private readonly cwd;
+    constructor(sandboxId: string, env?: Record<string, string> | undefined, _ensureReady?: () => Promise<void>);
+    exec(command: string, options?: ExecOptions): Promise<ExecResult>;
+    getWorkspacePath(_hostPath: string): string;
+    getPathContext(hostWorkspaceRoot: string): RuntimePathContext;
+    getSandboxConfig(): CloudflareSandboxConfig;
+}
+export declare const cloudflareSandboxAdapter: SandboxAdapter<CloudflareSandboxConfig>;
+//# sourceMappingURL=cloudflare.d.ts.map

package/dist/sandbox/cloudflare.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cloudflare.d.ts","sourceRoot":"","sources":["../../src/sandbox/cloudflare.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,uBAAuB,EACvB,WAAW,EACX,UAAU,EACV,QAAQ,EACR,kBAAkB,EAClB,cAAc,EACf,MAAM,YAAY,CAAC;AAoBpB,wBAAgB,yBAAyB,CAAC,KAAK,EAAE,MAAM,GAAG,uBAAuB,GAAG,SAAS,CAa5F;AAED,wBAAsB,yBAAyB,CAAC,OAAO,EAAE,uBAAuB,GAAG,OAAO,CAAC,IAAI,CAAC,CAsB/F;AAED,qBAAa,yBAA0B,YAAW,QAAQ;IAItD,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC;IAJvB,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAS;IAE7B,YACmB,SAAS,EAAE,MAAM,EACjB,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,YAAA,EAC7C,YAAY,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,EAGnC;IAEK,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAiEtE;IAED,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAE1C;IAED,cAAc,CAAC,iBAAiB,EAAE,MAAM,GAAG,kBAAkB,CAK5D;IAED,gBAAgB,IAAI,uBAAuB,CAE1C;CACF;AAED,eAAO,MAAM,wBAAwB,EAAE,cAAc,CAAC,uBAAuB,CAM5E,CAAC","sourcesContent":["import type {\n  CloudflareSandboxConfig,\n  ExecOptions,\n  ExecResult,\n  Executor,\n  RuntimePathContext,\n  SandboxAdapter,\n} from \"./types.js\";\nimport { SandboxError } from \"./errors.js\";\n\nconst DEFAULT_CLOUDFLARE_CWD = \"/workspace\";\n\ninterface CloudflareExecPayload {\n  sandboxId: string;\n  command: string;\n  timeoutSeconds?: number;\n  cwd?: string;\n  env?: Record<string, string>;\n}\n\ninterface CloudflareExecResponse {\n  stdout?: string;\n  stderr?: string;\n  code?: number;\n  error?: string;\n}\n\nexport function parseCloudflareSandboxArg(value: string): CloudflareSandboxConfig | undefined {\n  if (!value.startsWith(\"cloudflare:\")) {\n    return undefined;\n  }\n\n  const sandboxId = value.slice(\"cloudflare:\".length).trim();\n  if (!sandboxId) {\n    throw new SandboxError(\n      \"Error: cloudflare sandbox requires sandbox id (e.g., cloudflare:slack-u123)\",\n    );\n  }\n\n  return { type: \"cloudflare\", sandboxId };\n}\n\nexport async function validateCloudflareSandbox(_config: CloudflareSandboxConfig): Promise<void> {\n  const url = resolveCloudflareSandboxUrl();\n  try {\n    const response = await fetch(new URL(\"/health\", url), {\n      headers: buildCloudflareHeaders(),\n    });\n    if (!response.ok) {\n      throw new SandboxError(\n        `Error: Cloudflare sandbox bridge health check failed with HTTP ${response.status}`,\n      );\n    }\n  } catch (error) {\n    if (error instanceof SandboxError) {\n      throw error;\n    }\n    const detail = error instanceof Error ? error.message : String(error);\n    throw new SandboxError(`Error: Cloudflare sandbox bridge is not reachable: ${detail}`);\n  }\n\n  console.log(\n    `  Cloudflare sandbox bridge enabled. Base URL: ${url.toString().replace(/\\/$/, \"\")}`,\n  );\n}\n\nexport class CloudflareSandboxExecutor implements Executor {\n  private readonly cwd: string;\n\n  constructor(\n    private readonly sandboxId: string,\n    private readonly env?: Record<string, string>,\n    _ensureReady?: () => Promise<void>,\n  ) {\n    this.cwd = process.env.MAMA_CLOUDFLARE_SANDBOX_CWD?.trim() || DEFAULT_CLOUDFLARE_CWD;\n  }\n\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    const controller = new AbortController();\n    const timeoutHandle =\n      options?.timeout && options.timeout > 0\n        ? setTimeout(() => controller.abort(), options.timeout * 1000)\n        : undefined;\n\n    const onAbort = () => controller.abort();\n    if (options?.signal) {\n      if (options.signal.aborted) {\n        controller.abort();\n      } else {\n        options.signal.addEventListener(\"abort\", onAbort, { once: true });\n      }\n    }\n\n    try {\n      const payload: CloudflareExecPayload = {\n        sandboxId: this.sandboxId,\n        command,\n        cwd: this.cwd,\n      };\n      if (options?.timeout) payload.timeoutSeconds = options.timeout;\n      if (this.env && Object.keys(this.env).length > 0) payload.env = this.env;\n\n      const response = await fetch(new URL(\"/exec\", resolveCloudflareSandboxUrl()), {\n        method: \"POST\",\n        headers: {\n          \"content-type\": \"application/json\",\n          ...buildCloudflareHeaders(),\n        },\n        body: JSON.stringify(payload),\n        signal: controller.signal,\n      });\n\n      const raw = (await response.text()).trim();\n      const parsed = raw ? (JSON.parse(raw) as CloudflareExecResponse) : {};\n\n      if (!response.ok) {\n        throw new Error(\n          parsed.error ||\n            parsed.stderr ||\n            `Cloudflare sandbox bridge returned HTTP ${response.status}`,\n        );\n      }\n\n      return {\n        stdout: parsed.stdout || \"\",\n        stderr: parsed.stderr || \"\",\n        code: parsed.code ?? 0,\n      };\n    } catch (error) {\n      if (controller.signal.aborted) {\n        if (options?.signal?.aborted) {\n          throw new Error(\"Command aborted\", { cause: error });\n        }\n        throw new Error(`Command timed out after ${options?.timeout} seconds`, { cause: error });\n      }\n      throw error;\n    } finally {\n      if (timeoutHandle) clearTimeout(timeoutHandle);\n      if (options?.signal) {\n        options.signal.removeEventListener(\"abort\", onAbort);\n      }\n    }\n  }\n\n  getWorkspacePath(_hostPath: string): string {\n    return this.cwd;\n  }\n\n  getPathContext(hostWorkspaceRoot: string): RuntimePathContext {\n    return {\n      hostWorkspaceRoot,\n      runtimeWorkspaceRoot: this.cwd,\n    };\n  }\n\n  getSandboxConfig(): CloudflareSandboxConfig {\n    return { type: \"cloudflare\", sandboxId: this.sandboxId };\n  }\n}\n\nexport const cloudflareSandboxAdapter: SandboxAdapter<CloudflareSandboxConfig> = {\n  type: \"cloudflare\",\n  parse: parseCloudflareSandboxArg,\n  validate: validateCloudflareSandbox,\n  createExecutor: (config, env, ensureReady) =>\n    new CloudflareSandboxExecutor(config.sandboxId, env, ensureReady),\n};\n\nfunction resolveCloudflareSandboxUrl(): URL {\n  const raw = process.env.MAMA_CLOUDFLARE_SANDBOX_URL?.trim();\n  if (!raw) {\n    throw new SandboxError(\n      \"Error: MAMA_CLOUDFLARE_SANDBOX_URL is required for cloudflare sandbox mode\",\n    );\n  }\n\n  try {\n    return new URL(raw);\n  } catch (error) {\n    const detail = error instanceof Error ? error.message : String(error);\n    throw new SandboxError(`Error: invalid MAMA_CLOUDFLARE_SANDBOX_URL: ${detail}`);\n  }\n}\n\nfunction buildCloudflareHeaders(): Record<string, string> {\n  const token = process.env.MAMA_CLOUDFLARE_SANDBOX_TOKEN?.trim();\n  return token ? { authorization: `Bearer ${token}` } : {};\n}\n"]}

package/dist/sandbox/cloudflare.js

@@ -0,0 +1,137 @@
+import { SandboxError } from "./errors.js";
+const DEFAULT_CLOUDFLARE_CWD = "/workspace";
+export function parseCloudflareSandboxArg(value) {
+    if (!value.startsWith("cloudflare:")) {
+        return undefined;
+    }
+    const sandboxId = value.slice("cloudflare:".length).trim();
+    if (!sandboxId) {
+        throw new SandboxError("Error: cloudflare sandbox requires sandbox id (e.g., cloudflare:slack-u123)");
+    }
+    return { type: "cloudflare", sandboxId };
+}
+export async function validateCloudflareSandbox(_config) {
+    const url = resolveCloudflareSandboxUrl();
+    try {
+        const response = await fetch(new URL("/health", url), {
+            headers: buildCloudflareHeaders(),
+        });
+        if (!response.ok) {
+            throw new SandboxError(`Error: Cloudflare sandbox bridge health check failed with HTTP ${response.status}`);
+        }
+    }
+    catch (error) {
+        if (error instanceof SandboxError) {
+            throw error;
+        }
+        const detail = error instanceof Error ? error.message : String(error);
+        throw new SandboxError(`Error: Cloudflare sandbox bridge is not reachable: ${detail}`);
+    }
+    console.log(`  Cloudflare sandbox bridge enabled. Base URL: ${url.toString().replace(/\/$/, "")}`);
+}
+export class CloudflareSandboxExecutor {
+    constructor(sandboxId, env, _ensureReady) {
+        this.sandboxId = sandboxId;
+        this.env = env;
+        this.cwd = process.env.MAMA_CLOUDFLARE_SANDBOX_CWD?.trim() || DEFAULT_CLOUDFLARE_CWD;
+    }
+    async exec(command, options) {
+        const controller = new AbortController();
+        const timeoutHandle = options?.timeout && options.timeout > 0
+            ? setTimeout(() => controller.abort(), options.timeout * 1000)
+            : undefined;
+        const onAbort = () => controller.abort();
+        if (options?.signal) {
+            if (options.signal.aborted) {
+                controller.abort();
+            }
+            else {
+                options.signal.addEventListener("abort", onAbort, { once: true });
+            }
+        }
+        try {
+            const payload = {
+                sandboxId: this.sandboxId,
+                command,
+                cwd: this.cwd,
+            };
+            if (options?.timeout)
+                payload.timeoutSeconds = options.timeout;
+            if (this.env && Object.keys(this.env).length > 0)
+                payload.env = this.env;
+            const response = await fetch(new URL("/exec", resolveCloudflareSandboxUrl()), {
+                method: "POST",
+                headers: {
+                    "content-type": "application/json",
+                    ...buildCloudflareHeaders(),
+                },
+                body: JSON.stringify(payload),
+                signal: controller.signal,
+            });
+            const raw = (await response.text()).trim();
+            const parsed = raw ? JSON.parse(raw) : {};
+            if (!response.ok) {
+                throw new Error(parsed.error ||
+                    parsed.stderr ||
+                    `Cloudflare sandbox bridge returned HTTP ${response.status}`);
+            }
+            return {
+                stdout: parsed.stdout || "",
+                stderr: parsed.stderr || "",
+                code: parsed.code ?? 0,
+            };
+        }
+        catch (error) {
+            if (controller.signal.aborted) {
+                if (options?.signal?.aborted) {
+                    throw new Error("Command aborted", { cause: error });
+                }
+                throw new Error(`Command timed out after ${options?.timeout} seconds`, { cause: error });
+            }
+            throw error;
+        }
+        finally {
+            if (timeoutHandle)
+                clearTimeout(timeoutHandle);
+            if (options?.signal) {
+                options.signal.removeEventListener("abort", onAbort);
+            }
+        }
+    }
+    getWorkspacePath(_hostPath) {
+        return this.cwd;
+    }
+    getPathContext(hostWorkspaceRoot) {
+        return {
+            hostWorkspaceRoot,
+            runtimeWorkspaceRoot: this.cwd,
+        };
+    }
+    getSandboxConfig() {
+        return { type: "cloudflare", sandboxId: this.sandboxId };
+    }
+}
+export const cloudflareSandboxAdapter = {
+    type: "cloudflare",
+    parse: parseCloudflareSandboxArg,
+    validate: validateCloudflareSandbox,
+    createExecutor: (config, env, ensureReady) => new CloudflareSandboxExecutor(config.sandboxId, env, ensureReady),
+};
+function resolveCloudflareSandboxUrl() {
+    const raw = process.env.MAMA_CLOUDFLARE_SANDBOX_URL?.trim();
+    if (!raw) {
+        throw new SandboxError("Error: MAMA_CLOUDFLARE_SANDBOX_URL is required for cloudflare sandbox mode");
+    }
+    try {
+        return new URL(raw);
+    }
+    catch (error) {
+        const detail = error instanceof Error ? error.message : String(error);
+        throw new SandboxError(`Error: invalid MAMA_CLOUDFLARE_SANDBOX_URL: ${detail}`);
+    }
+}
+function buildCloudflareHeaders() {
+    const token = process.env.MAMA_CLOUDFLARE_SANDBOX_TOKEN?.trim();
+    return token ? { authorization: `Bearer ${token}` } : {};
+}
+//# sourceMappingURL=cloudflare.js.map

package/dist/sandbox/cloudflare.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cloudflare.js","sourceRoot":"","sources":["../../src/sandbox/cloudflare.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,MAAM,sBAAsB,GAAG,YAAY,CAAC;AAiB5C,MAAM,UAAU,yBAAyB,CAAC,KAAa;IACrD,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;QACrC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;IAC3D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,YAAY,CACpB,6EAA6E,CAC9E,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,SAAS,EAAE,CAAC;AAC3C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAAC,OAAgC;IAC9E,MAAM,GAAG,GAAG,2BAA2B,EAAE,CAAC;IAC1C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,EAAE;YACpD,OAAO,EAAE,sBAAsB,EAAE;SAClC,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,YAAY,CACpB,kEAAkE,QAAQ,CAAC,MAAM,EAAE,CACpF,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,YAAY,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,MAAM,MAAM,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACtE,MAAM,IAAI,YAAY,CAAC,sDAAsD,MAAM,EAAE,CAAC,CAAC;IACzF,CAAC;IAED,OAAO,CAAC,GAAG,CACT,kDAAkD,GAAG,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,EAAE,CACtF,CAAC;AACJ,CAAC;AAED,MAAM,OAAO,yBAAyB;IAGpC,YACmB,SAAiB,EACjB,GAA4B,EAC7C,YAAkC;yBAFjB,SAAS;mBACT,GAAG;QAGpB,IAAI,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,IAAI,EAAE,IAAI,sBAAsB,CAAC;IACvF,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,OAAe,EAAE,OAAqB;QAC/C,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,aAAa,GACjB,OAAO,EAAE,OAAO,IAAI,OAAO,CAAC,OAAO,GAAG,CAAC;YACrC,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;YAC9D,CAAC,CAAC,SAAS,CAAC;QAEhB,MAAM,OAAO,GAAG,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QACzC,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;YACpB,IAAI,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBAC3B,UAAU,CAAC,KAAK,EAAE,CAAC;YACrB,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAA0B;gBACrC,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,OAAO;gBACP,GAAG,EAAE,IAAI,CAAC,GAAG;aACd,CAAC;YACF,IAAI,OAAO,EAAE,OAAO;gBAAE,OAAO,CAAC,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC;YAC/D,IAAI,IAAI,CAAC,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC;gBAAE,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;YAEzE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,GAAG,CAAC,OAAO,EAAE,2BAA2B,EAAE,CAAC,EAAE;gBAC5E,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,GAAG,sBAAsB,EAAE;iBAC5B;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;gBAC7B,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,MAAM,GAAG,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YAC3C,MAAM,MAAM,GAAG,GAAG,CAAC,CAAC,CAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAA4B,CAAC,CAAC,CAAC,EAAE,CAAC;YAEtE,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CACb,MAAM,CAAC,KAAK;oBACV,MAAM,CAAC,MAAM;oBACb,2CAA2C,QAAQ,CAAC,MAAM,EAAE,CAC/D,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE;gBAC3B,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE;gBAC3B,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,CAAC;aACvB,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,UAAU,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBAC9B,IAAI,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;oBAC7B,MAAM,IAAI,KAAK,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;gBACvD,CAAC;gBACD,MAAM,IAAI,KAAK,CAAC,2BAA2B,OAAO,EAAE,OAAO,UAAU,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;YAC3F,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;gBAAS,CAAC;YACT,IAAI,aAAa;gBAAE,YAAY,CAAC,aAAa,CAAC,CAAC;YAC/C,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;gBACpB,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;IACH,CAAC;IAED,gBAAgB,CAAC,SAAiB;QAChC,OAAO,IAAI,CAAC,GAAG,CAAC;IAClB,CAAC;IAED,cAAc,CAAC,iBAAyB;QACtC,OAAO;YACL,iBAAiB;YACjB,oBAAoB,EAAE,IAAI,CAAC,GAAG;SAC/B,CAAC;IACJ,CAAC;IAED,gBAAgB;QACd,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC;IAC3D,CAAC;CACF;AAED,MAAM,CAAC,MAAM,wBAAwB,GAA4C;IAC/E,IAAI,EAAE,YAAY;IAClB,KAAK,EAAE,yBAAyB;IAChC,QAAQ,EAAE,yBAAyB;IACnC,cAAc,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,EAAE,CAC3C,IAAI,yBAAyB,CAAC,MAAM,CAAC,SAAS,EAAE,GAAG,EAAE,WAAW,CAAC;CACpE,CAAC;AAEF,SAAS,2BAA2B;IAClC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,IAAI,EAAE,CAAC;IAC5D,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,YAAY,CACpB,4EAA4E,CAC7E,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,OAAO,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACtB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,MAAM,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACtE,MAAM,IAAI,YAAY,CAAC,+CAA+C,MAAM,EAAE,CAAC,CAAC;IAClF,CAAC;AACH,CAAC;AAED,SAAS,sBAAsB;IAC7B,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,EAAE,IAAI,EAAE,CAAC;IAChE,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,UAAU,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;AAC3D,CAAC","sourcesContent":["import type {\n  CloudflareSandboxConfig,\n  ExecOptions,\n  ExecResult,\n  Executor,\n  RuntimePathContext,\n  SandboxAdapter,\n} from \"./types.js\";\nimport { SandboxError } from \"./errors.js\";\n\nconst DEFAULT_CLOUDFLARE_CWD = \"/workspace\";\n\ninterface CloudflareExecPayload {\n  sandboxId: string;\n  command: string;\n  timeoutSeconds?: number;\n  cwd?: string;\n  env?: Record<string, string>;\n}\n\ninterface CloudflareExecResponse {\n  stdout?: string;\n  stderr?: string;\n  code?: number;\n  error?: string;\n}\n\nexport function parseCloudflareSandboxArg(value: string): CloudflareSandboxConfig | undefined {\n  if (!value.startsWith(\"cloudflare:\")) {\n    return undefined;\n  }\n\n  const sandboxId = value.slice(\"cloudflare:\".length).trim();\n  if (!sandboxId) {\n    throw new SandboxError(\n      \"Error: cloudflare sandbox requires sandbox id (e.g., cloudflare:slack-u123)\",\n    );\n  }\n\n  return { type: \"cloudflare\", sandboxId };\n}\n\nexport async function validateCloudflareSandbox(_config: CloudflareSandboxConfig): Promise<void> {\n  const url = resolveCloudflareSandboxUrl();\n  try {\n    const response = await fetch(new URL(\"/health\", url), {\n      headers: buildCloudflareHeaders(),\n    });\n    if (!response.ok) {\n      throw new SandboxError(\n        `Error: Cloudflare sandbox bridge health check failed with HTTP ${response.status}`,\n      );\n    }\n  } catch (error) {\n    if (error instanceof SandboxError) {\n      throw error;\n    }\n    const detail = error instanceof Error ? error.message : String(error);\n    throw new SandboxError(`Error: Cloudflare sandbox bridge is not reachable: ${detail}`);\n  }\n\n  console.log(\n    `  Cloudflare sandbox bridge enabled. Base URL: ${url.toString().replace(/\\/$/, \"\")}`,\n  );\n}\n\nexport class CloudflareSandboxExecutor implements Executor {\n  private readonly cwd: string;\n\n  constructor(\n    private readonly sandboxId: string,\n    private readonly env?: Record<string, string>,\n    _ensureReady?: () => Promise<void>,\n  ) {\n    this.cwd = process.env.MAMA_CLOUDFLARE_SANDBOX_CWD?.trim() || DEFAULT_CLOUDFLARE_CWD;\n  }\n\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    const controller = new AbortController();\n    const timeoutHandle =\n      options?.timeout && options.timeout > 0\n        ? setTimeout(() => controller.abort(), options.timeout * 1000)\n        : undefined;\n\n    const onAbort = () => controller.abort();\n    if (options?.signal) {\n      if (options.signal.aborted) {\n        controller.abort();\n      } else {\n        options.signal.addEventListener(\"abort\", onAbort, { once: true });\n      }\n    }\n\n    try {\n      const payload: CloudflareExecPayload = {\n        sandboxId: this.sandboxId,\n        command,\n        cwd: this.cwd,\n      };\n      if (options?.timeout) payload.timeoutSeconds = options.timeout;\n      if (this.env && Object.keys(this.env).length > 0) payload.env = this.env;\n\n      const response = await fetch(new URL(\"/exec\", resolveCloudflareSandboxUrl()), {\n        method: \"POST\",\n        headers: {\n          \"content-type\": \"application/json\",\n          ...buildCloudflareHeaders(),\n        },\n        body: JSON.stringify(payload),\n        signal: controller.signal,\n      });\n\n      const raw = (await response.text()).trim();\n      const parsed = raw ? (JSON.parse(raw) as CloudflareExecResponse) : {};\n\n      if (!response.ok) {\n        throw new Error(\n          parsed.error ||\n            parsed.stderr ||\n            `Cloudflare sandbox bridge returned HTTP ${response.status}`,\n        );\n      }\n\n      return {\n        stdout: parsed.stdout || \"\",\n        stderr: parsed.stderr || \"\",\n        code: parsed.code ?? 0,\n      };\n    } catch (error) {\n      if (controller.signal.aborted) {\n        if (options?.signal?.aborted) {\n          throw new Error(\"Command aborted\", { cause: error });\n        }\n        throw new Error(`Command timed out after ${options?.timeout} seconds`, { cause: error });\n      }\n      throw error;\n    } finally {\n      if (timeoutHandle) clearTimeout(timeoutHandle);\n      if (options?.signal) {\n        options.signal.removeEventListener(\"abort\", onAbort);\n      }\n    }\n  }\n\n  getWorkspacePath(_hostPath: string): string {\n    return this.cwd;\n  }\n\n  getPathContext(hostWorkspaceRoot: string): RuntimePathContext {\n    return {\n      hostWorkspaceRoot,\n      runtimeWorkspaceRoot: this.cwd,\n    };\n  }\n\n  getSandboxConfig(): CloudflareSandboxConfig {\n    return { type: \"cloudflare\", sandboxId: this.sandboxId };\n  }\n}\n\nexport const cloudflareSandboxAdapter: SandboxAdapter<CloudflareSandboxConfig> = {\n  type: \"cloudflare\",\n  parse: parseCloudflareSandboxArg,\n  validate: validateCloudflareSandbox,\n  createExecutor: (config, env, ensureReady) =>\n    new CloudflareSandboxExecutor(config.sandboxId, env, ensureReady),\n};\n\nfunction resolveCloudflareSandboxUrl(): URL {\n  const raw = process.env.MAMA_CLOUDFLARE_SANDBOX_URL?.trim();\n  if (!raw) {\n    throw new SandboxError(\n      \"Error: MAMA_CLOUDFLARE_SANDBOX_URL is required for cloudflare sandbox mode\",\n    );\n  }\n\n  try {\n    return new URL(raw);\n  } catch (error) {\n    const detail = error instanceof Error ? error.message : String(error);\n    throw new SandboxError(`Error: invalid MAMA_CLOUDFLARE_SANDBOX_URL: ${detail}`);\n  }\n}\n\nfunction buildCloudflareHeaders(): Record<string, string> {\n  const token = process.env.MAMA_CLOUDFLARE_SANDBOX_TOKEN?.trim();\n  return token ? { authorization: `Bearer ${token}` } : {};\n}\n"]}

package/dist/sandbox/container.d.ts

@@ -1,4 +1,4 @@
-import type { ContainerSandboxConfig, ExecOptions, ExecResult, Executor, SandboxAdapter } from "./types.js";
+import type { ContainerSandboxConfig, ExecOptions, ExecResult, Executor, RuntimePathContext, SandboxAdapter } from "./types.js";
 export declare function parseContainerSandboxArg(value: string): ContainerSandboxConfig | undefined;
 export declare function validateContainerSandbox(config: ContainerSandboxConfig): Promise<void>;
 export declare function buildContainerExecCommand(container: string, command: string, envFilePath?: string): string;
@@ -9,6 +9,7 @@ export declare class ContainerExecutor implements Executor {
     constructor(container: string, env?: Record<string, string> | undefined, ensureReady?: (() => Promise<void>) | undefined);
     exec(command: string, options?: ExecOptions): Promise<ExecResult>;
     getWorkspacePath(_hostPath: string): string;
+    getPathContext(hostWorkspaceRoot: string): RuntimePathContext;
     getSandboxConfig(): ContainerSandboxConfig;
 }
 export declare const containerSandboxAdapter: SandboxAdapter<ContainerSandboxConfig>;

package/dist/sandbox/container.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"container.d.ts","sourceRoot":"","sources":["../../src/sandbox/container.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,sBAAsB,EACtB,WAAW,EACX,UAAU,EACV,QAAQ,EACR,cAAc,EACf,MAAM,YAAY,CAAC;AAQpB,wBAAgB,wBAAwB,CAAC,KAAK,EAAE,MAAM,GAAG,sBAAsB,GAAG,SAAS,CAY1F;AAED,wBAAsB,wBAAwB,CAAC,MAAM,EAAE,sBAAsB,GAAG,OAAO,CAAC,IAAI,CAAC,CA6B5F;AAED,wBAAgB,yBAAyB,CACvC,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,WAAW,CAAC,EAAE,MAAM,GACnB,MAAM,CAGR;AAED,qBAAa,iBAAkB,YAAW,QAAQ;IAE9C,OAAO,CAAC,SAAS;IACjB,OAAO,CAAC,GAAG,CAAC;IACZ,OAAO,CAAC,WAAW,CAAC;IAHtB,YACU,SAAS,EAAE,MAAM,EACjB,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,YAAA,EAC5B,WAAW,CAAC,GAAE,MAAM,OAAO,CAAC,IAAI,CAAC,aAAA,EACvC;IAEE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAetE;IAED,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAE1C;IAED,gBAAgB,IAAI,sBAAsB,CAEzC;CACF;AAED,eAAO,MAAM,uBAAuB,EAAE,cAAc,CAAC,sBAAsB,CAM1E,CAAC","sourcesContent":["import { chmodSync, mkdtempSync, rmSync, writeFileSync } from \"node:fs\";\nimport { tmpdir } from \"node:os\";\nimport { join } from \"node:path\";\nimport type {\n  ContainerSandboxConfig,\n  ExecOptions,\n  ExecResult,\n  Executor,\n  SandboxAdapter,\n} from \"./types.js\";\nimport { SandboxError } from \"./errors.js\";\nimport { execSimple, shellEscape } from \"./utils.js\";\nimport { HostExecutor } from \"./host.js\";\n\nconst PRIVATE_DIR_MODE = 0o700;\nconst PRIVATE_FILE_MODE = 0o600;\n\nexport function parseContainerSandboxArg(value: string): ContainerSandboxConfig | undefined {\n  if (!value.startsWith(\"container:\")) {\n    return undefined;\n  }\n\n  const container = value.slice(\"container:\".length);\n  if (!container) {\n    throw new SandboxError(\n      \"Error: container sandbox requires container name (e.g., container:mama-sandbox)\",\n    );\n  }\n  return { type: \"container\", container };\n}\n\nexport async function validateContainerSandbox(config: ContainerSandboxConfig): Promise<void> {\n  try {\n    await execSimple(\"docker\", [\"--version\"]);\n  } catch {\n    throw new SandboxError(\"Error: Docker is not installed or not in PATH\");\n  }\n\n  try {\n    const result = await execSimple(\"docker\", [\n      \"inspect\",\n      \"-f\",\n      \"{{.State.Running}}\",\n      config.container,\n    ]);\n    if (result.trim() !== \"true\") {\n      throw new SandboxError(`Error: Container '${config.container}' is not running.`, [\n        `Start it with: docker start ${config.container}`,\n      ]);\n    }\n  } catch (error) {\n    if (error instanceof SandboxError) {\n      throw error;\n    }\n    throw new SandboxError(`Error: Container '${config.container}' does not exist.`, [\n      `Create it with: docker run -d --name ${config.container} -v <workspace>:/workspace alpine:latest sleep infinity`,\n    ]);\n  }\n\n  console.log(`  Container '${config.container}' is running.`);\n}\n\nexport function buildContainerExecCommand(\n  container: string,\n  command: string,\n  envFilePath?: string,\n): string {\n  const envPart = envFilePath ? `--env-file ${shellEscape(envFilePath)} ` : \"\";\n  return `docker exec ${envPart}-w /workspace ${container} sh -c ${shellEscape(command)}`;\n}\n\nexport class ContainerExecutor implements Executor {\n  constructor(\n    private container: string,\n    private env?: Record<string, string>,\n    private ensureReady?: () => Promise<void>,\n  ) {}\n\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    if (this.ensureReady) {\n      await this.ensureReady();\n    } else {\n      await ensureContainerRunning(this.container);\n    }\n\n    const hostExecutor = new HostExecutor();\n    const temp = this.env ? createSecureEnvFile(this.env) : undefined;\n    try {\n      const dockerCmd = buildContainerExecCommand(this.container, command, temp?.envFilePath);\n      return await hostExecutor.exec(dockerCmd, options);\n    } finally {\n      temp?.cleanup();\n    }\n  }\n\n  getWorkspacePath(_hostPath: string): string {\n    return \"/workspace\";\n  }\n\n  getSandboxConfig(): ContainerSandboxConfig {\n    return { type: \"container\", container: this.container };\n  }\n}\n\nexport const containerSandboxAdapter: SandboxAdapter<ContainerSandboxConfig> = {\n  type: \"container\",\n  parse: parseContainerSandboxArg,\n  validate: validateContainerSandbox,\n  createExecutor: (config, env, ensureReady) =>\n    new ContainerExecutor(config.container, env, ensureReady),\n};\n\nasync function ensureContainerRunning(container: string): Promise<void> {\n  try {\n    const running = await execSimple(\"docker\", [\"inspect\", \"-f\", \"{{.State.Running}}\", container]);\n    if (running.trim() === \"true\") {\n      return;\n    }\n    await execSimple(\"docker\", [\"start\", container]);\n  } catch (error) {\n    const details = error instanceof Error ? error.message : String(error);\n    throw new Error(\n      `Container \"${container}\" is not available. ` +\n        `Expected a pre-existing container or image provisioning to keep it running.\\n${details}`.trim(),\n    );\n  }\n}\n\nfunction createSecureEnvFile(env: Record<string, string>): {\n  envFilePath: string;\n  cleanup: () => void;\n} {\n  const tempDir = mkdtempSync(join(tmpdir(), \"mama-docker-env-\"));\n  chmodSync(tempDir, PRIVATE_DIR_MODE);\n  const envFilePath = join(tempDir, \"env.list\");\n  const content =\n    Object.entries(env)\n      .map(([key, value]) => `${key}=${sanitizeEnvValue(value)}`)\n      .join(\"\\n\") + \"\\n\";\n  writeFileSync(envFilePath, content, { encoding: \"utf-8\", mode: PRIVATE_FILE_MODE });\n  chmodSync(envFilePath, PRIVATE_FILE_MODE);\n\n  return {\n    envFilePath,\n    cleanup: () => {\n      rmSync(tempDir, { recursive: true, force: true });\n    },\n  };\n}\n\nfunction sanitizeEnvValue(value: string): string {\n  return value.replace(/\\r?\\n/g, \"\");\n}\n"]}
+{"version":3,"file":"container.d.ts","sourceRoot":"","sources":["../../src/sandbox/container.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,sBAAsB,EACtB,WAAW,EACX,UAAU,EACV,QAAQ,EACR,kBAAkB,EAClB,cAAc,EACf,MAAM,YAAY,CAAC;AASpB,wBAAgB,wBAAwB,CAAC,KAAK,EAAE,MAAM,GAAG,sBAAsB,GAAG,SAAS,CAY1F;AAED,wBAAsB,wBAAwB,CAAC,MAAM,EAAE,sBAAsB,GAAG,OAAO,CAAC,IAAI,CAAC,CA6B5F;AAED,wBAAgB,yBAAyB,CACvC,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,WAAW,CAAC,EAAE,MAAM,GACnB,MAAM,CAGR;AAiBD,qBAAa,iBAAkB,YAAW,QAAQ;IAE9C,OAAO,CAAC,SAAS;IACjB,OAAO,CAAC,GAAG,CAAC;IACZ,OAAO,CAAC,WAAW,CAAC;IAHtB,YACU,SAAS,EAAE,MAAM,EACjB,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,YAAA,EAC5B,WAAW,CAAC,GAAE,MAAM,OAAO,CAAC,IAAI,CAAC,aAAA,EACvC;IAEE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAmBtE;IAED,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAE1C;IAED,cAAc,CAAC,iBAAiB,EAAE,MAAM,GAAG,kBAAkB,CAE5D;IAED,gBAAgB,IAAI,sBAAsB,CAEzC;CACF;AAED,eAAO,MAAM,uBAAuB,EAAE,cAAc,CAAC,sBAAsB,CAM1E,CAAC","sourcesContent":["import { chmodSync, mkdtempSync, rmSync, writeFileSync } from \"node:fs\";\nimport { tmpdir } from \"node:os\";\nimport { join } from \"node:path\";\nimport type {\n  ContainerSandboxConfig,\n  ExecOptions,\n  ExecResult,\n  Executor,\n  RuntimePathContext,\n  SandboxAdapter,\n} from \"./types.js\";\nimport { SandboxError } from \"./errors.js\";\nimport { execSimple, shellEscape } from \"./utils.js\";\nimport { HostExecutor } from \"./host.js\";\nimport { createMountedRuntimePathContext } from \"./path-context.js\";\n\nconst PRIVATE_DIR_MODE = 0o700;\nconst PRIVATE_FILE_MODE = 0o600;\n\nexport function parseContainerSandboxArg(value: string): ContainerSandboxConfig | undefined {\n  if (!value.startsWith(\"container:\")) {\n    return undefined;\n  }\n\n  const container = value.slice(\"container:\".length);\n  if (!container) {\n    throw new SandboxError(\n      \"Error: container sandbox requires container name (e.g., container:mama-sandbox)\",\n    );\n  }\n  return { type: \"container\", container };\n}\n\nexport async function validateContainerSandbox(config: ContainerSandboxConfig): Promise<void> {\n  try {\n    await execSimple(\"docker\", [\"--version\"]);\n  } catch {\n    throw new SandboxError(\"Error: Docker is not installed or not in PATH\");\n  }\n\n  try {\n    const result = await execSimple(\"docker\", [\n      \"inspect\",\n      \"-f\",\n      \"{{.State.Running}}\",\n      config.container,\n    ]);\n    if (result.trim() !== \"true\") {\n      throw new SandboxError(`Error: Container '${config.container}' is not running.`, [\n        `Start it with: docker start ${config.container}`,\n      ]);\n    }\n  } catch (error) {\n    if (error instanceof SandboxError) {\n      throw error;\n    }\n    throw new SandboxError(`Error: Container '${config.container}' does not exist.`, [\n      `Create it with: docker run -d --name ${config.container} -v <workspace>:/workspace alpine:latest sleep infinity`,\n    ]);\n  }\n\n  console.log(`  Container '${config.container}' is running.`);\n}\n\nexport function buildContainerExecCommand(\n  container: string,\n  command: string,\n  envFilePath?: string,\n): string {\n  const envPart = envFilePath ? `--env-file ${shellEscape(envFilePath)} ` : \"\";\n  return `docker exec ${envPart}-w /workspace ${container} sh -c ${shellEscape(command)}`;\n}\n\nfunction withRuntimeBootstrap(command: string, env?: Record<string, string>): string {\n  if (!hasGitHubToken(env)) {\n    return command;\n  }\n\n  return [\n    \"if command -v gh >/dev/null 2>&1 && gh auth status >/dev/null 2>&1; then gh auth setup-git >/dev/null 2>&1 || true; fi\",\n    command,\n  ].join(\"\\n\");\n}\n\nfunction hasGitHubToken(env?: Record<string, string>): boolean {\n  return Boolean(env?.GH_TOKEN || env?.GITHUB_TOKEN || env?.GITHUB_OAUTH_ACCESS_TOKEN);\n}\n\nexport class ContainerExecutor implements Executor {\n  constructor(\n    private container: string,\n    private env?: Record<string, string>,\n    private ensureReady?: () => Promise<void>,\n  ) {}\n\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    if (this.ensureReady) {\n      await this.ensureReady();\n    } else {\n      await ensureContainerRunning(this.container);\n    }\n\n    const hostExecutor = new HostExecutor();\n    const temp = this.env ? createSecureEnvFile(this.env) : undefined;\n    try {\n      const dockerCmd = buildContainerExecCommand(\n        this.container,\n        withRuntimeBootstrap(command, this.env),\n        temp?.envFilePath,\n      );\n      return await hostExecutor.exec(dockerCmd, options);\n    } finally {\n      temp?.cleanup();\n    }\n  }\n\n  getWorkspacePath(_hostPath: string): string {\n    return \"/workspace\";\n  }\n\n  getPathContext(hostWorkspaceRoot: string): RuntimePathContext {\n    return createMountedRuntimePathContext(hostWorkspaceRoot, \"/workspace\");\n  }\n\n  getSandboxConfig(): ContainerSandboxConfig {\n    return { type: \"container\", container: this.container };\n  }\n}\n\nexport const containerSandboxAdapter: SandboxAdapter<ContainerSandboxConfig> = {\n  type: \"container\",\n  parse: parseContainerSandboxArg,\n  validate: validateContainerSandbox,\n  createExecutor: (config, env, ensureReady) =>\n    new ContainerExecutor(config.container, env, ensureReady),\n};\n\nasync function ensureContainerRunning(container: string): Promise<void> {\n  try {\n    const running = await execSimple(\"docker\", [\"inspect\", \"-f\", \"{{.State.Running}}\", container]);\n    if (running.trim() === \"true\") {\n      return;\n    }\n    await execSimple(\"docker\", [\"start\", container]);\n  } catch (error) {\n    const details = error instanceof Error ? error.message : String(error);\n    throw new Error(\n      `Container \"${container}\" is not available. ` +\n        `Expected a pre-existing container or image provisioning to keep it running.\\n${details}`.trim(),\n      { cause: error },\n    );\n  }\n}\n\nfunction createSecureEnvFile(env: Record<string, string>): {\n  envFilePath: string;\n  cleanup: () => void;\n} {\n  const tempDir = mkdtempSync(join(tmpdir(), \"mama-docker-env-\"));\n  chmodSync(tempDir, PRIVATE_DIR_MODE);\n  const envFilePath = join(tempDir, \"env.list\");\n  const content =\n    Object.entries(env)\n      .map(([key, value]) => `${key}=${sanitizeEnvValue(value)}`)\n      .join(\"\\n\") + \"\\n\";\n  writeFileSync(envFilePath, content, { encoding: \"utf-8\", mode: PRIVATE_FILE_MODE });\n  chmodSync(envFilePath, PRIVATE_FILE_MODE);\n\n  return {\n    envFilePath,\n    cleanup: () => {\n      rmSync(tempDir, { recursive: true, force: true });\n    },\n  };\n}\n\nfunction sanitizeEnvValue(value: string): string {\n  return value.replace(/\\r?\\n/g, \"\");\n}\n"]}

package/dist/sandbox/container.js

@@ -4,6 +4,7 @@ import { join } from "node:path";
 import { SandboxError } from "./errors.js";
 import { execSimple, shellEscape } from "./utils.js";
 import { HostExecutor } from "./host.js";
+import { createMountedRuntimePathContext } from "./path-context.js";
 const PRIVATE_DIR_MODE = 0o700;
 const PRIVATE_FILE_MODE = 0o600;
 export function parseContainerSandboxArg(value) {
@@ -50,6 +51,18 @@ export function buildContainerExecCommand(container, command, envFilePath) {
     const envPart = envFilePath ? `--env-file ${shellEscape(envFilePath)} ` : "";
     return `docker exec ${envPart}-w /workspace ${container} sh -c ${shellEscape(command)}`;
 }
+function withRuntimeBootstrap(command, env) {
+    if (!hasGitHubToken(env)) {
+        return command;
+    }
+    return [
+        "if command -v gh >/dev/null 2>&1 && gh auth status >/dev/null 2>&1; then gh auth setup-git >/dev/null 2>&1 || true; fi",
+        command,
+    ].join("\n");
+}
+function hasGitHubToken(env) {
+    return Boolean(env?.GH_TOKEN || env?.GITHUB_TOKEN || env?.GITHUB_OAUTH_ACCESS_TOKEN);
+}
 export class ContainerExecutor {
     constructor(container, env, ensureReady) {
         this.container = container;
@@ -66,7 +79,7 @@ export class ContainerExecutor {
         const hostExecutor = new HostExecutor();
         const temp = this.env ? createSecureEnvFile(this.env) : undefined;
         try {
-            const dockerCmd = buildContainerExecCommand(this.container, command, temp?.envFilePath);
+            const dockerCmd = buildContainerExecCommand(this.container, withRuntimeBootstrap(command, this.env), temp?.envFilePath);
             return await hostExecutor.exec(dockerCmd, options);
         }
         finally {
@@ -76,6 +89,9 @@ export class ContainerExecutor {
     getWorkspacePath(_hostPath) {
         return "/workspace";
     }
+    getPathContext(hostWorkspaceRoot) {
+        return createMountedRuntimePathContext(hostWorkspaceRoot, "/workspace");
+    }
     getSandboxConfig() {
         return { type: "container", container: this.container };
     }
@@ -97,7 +113,7 @@ async function ensureContainerRunning(container) {
     catch (error) {
         const details = error instanceof Error ? error.message : String(error);
         throw new Error(`Container "${container}" is not available. ` +
-            `Expected a pre-existing container or image provisioning to keep it running.\n${details}`.trim());
+            `Expected a pre-existing container or image provisioning to keep it running.\n${details}`.trim(), { cause: error });
     }
 }
 function createSecureEnvFile(env) {

package/dist/sandbox/container.js.map

@@ -1 +1 @@
-{"version":3,"file":"container.js","sourceRoot":"","sources":["../../src/sandbox/container.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxE,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACjC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAQjC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAEzC,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAC/B,MAAM,iBAAiB,GAAG,KAAK,CAAC;AAEhC,MAAM,UAAU,wBAAwB,CAAC,KAAa;IACpD,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACpC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IACnD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,YAAY,CACpB,iFAAiF,CAClF,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,CAAC;AAC1C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAAC,MAA8B;IAC3E,IAAI,CAAC;QACH,MAAM,UAAU,CAAC,QAAQ,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,YAAY,CAAC,+CAA+C,CAAC,CAAC;IAC1E,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE;YACxC,SAAS;YACT,IAAI;YACJ,oBAAoB;YACpB,MAAM,CAAC,SAAS;SACjB,CAAC,CAAC;QACH,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,MAAM,EAAE,CAAC;YAC7B,MAAM,IAAI,YAAY,CAAC,qBAAqB,MAAM,CAAC,SAAS,mBAAmB,EAAE;gBAC/E,+BAA+B,MAAM,CAAC,SAAS,EAAE;aAClD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,YAAY,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,MAAM,IAAI,YAAY,CAAC,qBAAqB,MAAM,CAAC,SAAS,mBAAmB,EAAE;YAC/E,wCAAwC,MAAM,CAAC,SAAS,yDAAyD;SAClH,CAAC,CAAC;IACL,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,gBAAgB,MAAM,CAAC,SAAS,eAAe,CAAC,CAAC;AAC/D,CAAC;AAED,MAAM,UAAU,yBAAyB,CACvC,SAAiB,EACjB,OAAe,EACf,WAAoB;IAEpB,MAAM,OAAO,GAAG,WAAW,CAAC,CAAC,CAAC,cAAc,WAAW,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IAC7E,OAAO,eAAe,OAAO,iBAAiB,SAAS,UAAU,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;AAC1F,CAAC;AAED,MAAM,OAAO,iBAAiB;IAC5B,YACU,SAAiB,EACjB,GAA4B,EAC5B,WAAiC;yBAFjC,SAAS;mBACT,GAAG;2BACH,WAAW;IAClB,CAAC;IAEJ,KAAK,CAAC,IAAI,CAAC,OAAe,EAAE,OAAqB;QAC/C,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;QAC3B,CAAC;aAAM,CAAC;YACN,MAAM,sBAAsB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC/C,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;QACxC,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,mBAAmB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAClE,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,yBAAyB,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;YACxF,OAAO,MAAM,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QACrD,CAAC;gBAAS,CAAC;YACT,IAAI,EAAE,OAAO,EAAE,CAAC;QAClB,CAAC;IACH,CAAC;IAED,gBAAgB,CAAC,SAAiB;QAChC,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,gBAAgB;QACd,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC;IAC1D,CAAC;CACF;AAED,MAAM,CAAC,MAAM,uBAAuB,GAA2C;IAC7E,IAAI,EAAE,WAAW;IACjB,KAAK,EAAE,wBAAwB;IAC/B,QAAQ,EAAE,wBAAwB;IAClC,cAAc,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,EAAE,CAC3C,IAAI,iBAAiB,CAAC,MAAM,CAAC,SAAS,EAAE,GAAG,EAAE,WAAW,CAAC;CAC5D,CAAC;AAEF,KAAK,UAAU,sBAAsB,CAAC,SAAiB;IACrD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,oBAAoB,EAAE,SAAS,CAAC,CAAC,CAAC;QAC/F,IAAI,OAAO,CAAC,IAAI,EAAE,KAAK,MAAM,EAAE,CAAC;YAC9B,OAAO;QACT,CAAC;QACD,MAAM,UAAU,CAAC,QAAQ,EAAE,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC,CAAC;IACnD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACvE,MAAM,IAAI,KAAK,CACb,cAAc,SAAS,sBAAsB;YAC3C,gFAAgF,OAAO,EAAE,CAAC,IAAI,EAAE,CACnG,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,mBAAmB,CAAC,GAA2B;IAItD,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,kBAAkB,CAAC,CAAC,CAAC;IAChE,SAAS,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;IACrC,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;IAC9C,MAAM,OAAO,GACX,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC;SAChB,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,IAAI,gBAAgB,CAAC,KAAK,CAAC,EAAE,CAAC;SAC1D,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;IACvB,aAAa,CAAC,WAAW,EAAE,OAAO,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,iBAAiB,EAAE,CAAC,CAAC;IACpF,SAAS,CAAC,WAAW,EAAE,iBAAiB,CAAC,CAAC;IAE1C,OAAO;QACL,WAAW;QACX,OAAO,EAAE,GAAG,EAAE;YACZ,MAAM,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACpD,CAAC;KACF,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,KAAa;IACrC,OAAO,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;AACrC,CAAC","sourcesContent":["import { chmodSync, mkdtempSync, rmSync, writeFileSync } from \"node:fs\";\nimport { tmpdir } from \"node:os\";\nimport { join } from \"node:path\";\nimport type {\n  ContainerSandboxConfig,\n  ExecOptions,\n  ExecResult,\n  Executor,\n  SandboxAdapter,\n} from \"./types.js\";\nimport { SandboxError } from \"./errors.js\";\nimport { execSimple, shellEscape } from \"./utils.js\";\nimport { HostExecutor } from \"./host.js\";\n\nconst PRIVATE_DIR_MODE = 0o700;\nconst PRIVATE_FILE_MODE = 0o600;\n\nexport function parseContainerSandboxArg(value: string): ContainerSandboxConfig | undefined {\n  if (!value.startsWith(\"container:\")) {\n    return undefined;\n  }\n\n  const container = value.slice(\"container:\".length);\n  if (!container) {\n    throw new SandboxError(\n      \"Error: container sandbox requires container name (e.g., container:mama-sandbox)\",\n    );\n  }\n  return { type: \"container\", container };\n}\n\nexport async function validateContainerSandbox(config: ContainerSandboxConfig): Promise<void> {\n  try {\n    await execSimple(\"docker\", [\"--version\"]);\n  } catch {\n    throw new SandboxError(\"Error: Docker is not installed or not in PATH\");\n  }\n\n  try {\n    const result = await execSimple(\"docker\", [\n      \"inspect\",\n      \"-f\",\n      \"{{.State.Running}}\",\n      config.container,\n    ]);\n    if (result.trim() !== \"true\") {\n      throw new SandboxError(`Error: Container '${config.container}' is not running.`, [\n        `Start it with: docker start ${config.container}`,\n      ]);\n    }\n  } catch (error) {\n    if (error instanceof SandboxError) {\n      throw error;\n    }\n    throw new SandboxError(`Error: Container '${config.container}' does not exist.`, [\n      `Create it with: docker run -d --name ${config.container} -v <workspace>:/workspace alpine:latest sleep infinity`,\n    ]);\n  }\n\n  console.log(`  Container '${config.container}' is running.`);\n}\n\nexport function buildContainerExecCommand(\n  container: string,\n  command: string,\n  envFilePath?: string,\n): string {\n  const envPart = envFilePath ? `--env-file ${shellEscape(envFilePath)} ` : \"\";\n  return `docker exec ${envPart}-w /workspace ${container} sh -c ${shellEscape(command)}`;\n}\n\nexport class ContainerExecutor implements Executor {\n  constructor(\n    private container: string,\n    private env?: Record<string, string>,\n    private ensureReady?: () => Promise<void>,\n  ) {}\n\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    if (this.ensureReady) {\n      await this.ensureReady();\n    } else {\n      await ensureContainerRunning(this.container);\n    }\n\n    const hostExecutor = new HostExecutor();\n    const temp = this.env ? createSecureEnvFile(this.env) : undefined;\n    try {\n      const dockerCmd = buildContainerExecCommand(this.container, command, temp?.envFilePath);\n      return await hostExecutor.exec(dockerCmd, options);\n    } finally {\n      temp?.cleanup();\n    }\n  }\n\n  getWorkspacePath(_hostPath: string): string {\n    return \"/workspace\";\n  }\n\n  getSandboxConfig(): ContainerSandboxConfig {\n    return { type: \"container\", container: this.container };\n  }\n}\n\nexport const containerSandboxAdapter: SandboxAdapter<ContainerSandboxConfig> = {\n  type: \"container\",\n  parse: parseContainerSandboxArg,\n  validate: validateContainerSandbox,\n  createExecutor: (config, env, ensureReady) =>\n    new ContainerExecutor(config.container, env, ensureReady),\n};\n\nasync function ensureContainerRunning(container: string): Promise<void> {\n  try {\n    const running = await execSimple(\"docker\", [\"inspect\", \"-f\", \"{{.State.Running}}\", container]);\n    if (running.trim() === \"true\") {\n      return;\n    }\n    await execSimple(\"docker\", [\"start\", container]);\n  } catch (error) {\n    const details = error instanceof Error ? error.message : String(error);\n    throw new Error(\n      `Container \"${container}\" is not available. ` +\n        `Expected a pre-existing container or image provisioning to keep it running.\\n${details}`.trim(),\n    );\n  }\n}\n\nfunction createSecureEnvFile(env: Record<string, string>): {\n  envFilePath: string;\n  cleanup: () => void;\n} {\n  const tempDir = mkdtempSync(join(tmpdir(), \"mama-docker-env-\"));\n  chmodSync(tempDir, PRIVATE_DIR_MODE);\n  const envFilePath = join(tempDir, \"env.list\");\n  const content =\n    Object.entries(env)\n      .map(([key, value]) => `${key}=${sanitizeEnvValue(value)}`)\n      .join(\"\\n\") + \"\\n\";\n  writeFileSync(envFilePath, content, { encoding: \"utf-8\", mode: PRIVATE_FILE_MODE });\n  chmodSync(envFilePath, PRIVATE_FILE_MODE);\n\n  return {\n    envFilePath,\n    cleanup: () => {\n      rmSync(tempDir, { recursive: true, force: true });\n    },\n  };\n}\n\nfunction sanitizeEnvValue(value: string): string {\n  return value.replace(/\\r?\\n/g, \"\");\n}\n"]}
+{"version":3,"file":"container.js","sourceRoot":"","sources":["../../src/sandbox/container.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxE,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACjC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AASjC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EAAE,+BAA+B,EAAE,MAAM,mBAAmB,CAAC;AAEpE,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAC/B,MAAM,iBAAiB,GAAG,KAAK,CAAC;AAEhC,MAAM,UAAU,wBAAwB,CAAC,KAAa;IACpD,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACpC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IACnD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,YAAY,CACpB,iFAAiF,CAClF,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,CAAC;AAC1C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAAC,MAA8B;IAC3E,IAAI,CAAC;QACH,MAAM,UAAU,CAAC,QAAQ,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,YAAY,CAAC,+CAA+C,CAAC,CAAC;IAC1E,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE;YACxC,SAAS;YACT,IAAI;YACJ,oBAAoB;YACpB,MAAM,CAAC,SAAS;SACjB,CAAC,CAAC;QACH,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,MAAM,EAAE,CAAC;YAC7B,MAAM,IAAI,YAAY,CAAC,qBAAqB,MAAM,CAAC,SAAS,mBAAmB,EAAE;gBAC/E,+BAA+B,MAAM,CAAC,SAAS,EAAE;aAClD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,YAAY,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,MAAM,IAAI,YAAY,CAAC,qBAAqB,MAAM,CAAC,SAAS,mBAAmB,EAAE;YAC/E,wCAAwC,MAAM,CAAC,SAAS,yDAAyD;SAClH,CAAC,CAAC;IACL,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,gBAAgB,MAAM,CAAC,SAAS,eAAe,CAAC,CAAC;AAC/D,CAAC;AAED,MAAM,UAAU,yBAAyB,CACvC,SAAiB,EACjB,OAAe,EACf,WAAoB;IAEpB,MAAM,OAAO,GAAG,WAAW,CAAC,CAAC,CAAC,cAAc,WAAW,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IAC7E,OAAO,eAAe,OAAO,iBAAiB,SAAS,UAAU,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;AAC1F,CAAC;AAED,SAAS,oBAAoB,CAAC,OAAe,EAAE,GAA4B;IACzE,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,OAAO;QACL,wHAAwH;QACxH,OAAO;KACR,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED,SAAS,cAAc,CAAC,GAA4B;IAClD,OAAO,OAAO,CAAC,GAAG,EAAE,QAAQ,IAAI,GAAG,EAAE,YAAY,IAAI,GAAG,EAAE,yBAAyB,CAAC,CAAC;AACvF,CAAC;AAED,MAAM,OAAO,iBAAiB;IAC5B,YACU,SAAiB,EACjB,GAA4B,EAC5B,WAAiC;yBAFjC,SAAS;mBACT,GAAG;2BACH,WAAW;IAClB,CAAC;IAEJ,KAAK,CAAC,IAAI,CAAC,OAAe,EAAE,OAAqB;QAC/C,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;QAC3B,CAAC;aAAM,CAAC;YACN,MAAM,sBAAsB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC/C,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;QACxC,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,mBAAmB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAClE,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,yBAAyB,CACzC,IAAI,CAAC,SAAS,EACd,oBAAoB,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,CAAC,EACvC,IAAI,EAAE,WAAW,CAClB,CAAC;YACF,OAAO,MAAM,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QACrD,CAAC;gBAAS,CAAC;YACT,IAAI,EAAE,OAAO,EAAE,CAAC;QAClB,CAAC;IACH,CAAC;IAED,gBAAgB,CAAC,SAAiB;QAChC,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,cAAc,CAAC,iBAAyB;QACtC,OAAO,+BAA+B,CAAC,iBAAiB,EAAE,YAAY,CAAC,CAAC;IAC1E,CAAC;IAED,gBAAgB;QACd,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC;IAC1D,CAAC;CACF;AAED,MAAM,CAAC,MAAM,uBAAuB,GAA2C;IAC7E,IAAI,EAAE,WAAW;IACjB,KAAK,EAAE,wBAAwB;IAC/B,QAAQ,EAAE,wBAAwB;IAClC,cAAc,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,EAAE,CAC3C,IAAI,iBAAiB,CAAC,MAAM,CAAC,SAAS,EAAE,GAAG,EAAE,WAAW,CAAC;CAC5D,CAAC;AAEF,KAAK,UAAU,sBAAsB,CAAC,SAAiB;IACrD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,oBAAoB,EAAE,SAAS,CAAC,CAAC,CAAC;QAC/F,IAAI,OAAO,CAAC,IAAI,EAAE,KAAK,MAAM,EAAE,CAAC;YAC9B,OAAO;QACT,CAAC;QACD,MAAM,UAAU,CAAC,QAAQ,EAAE,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC,CAAC;IACnD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACvE,MAAM,IAAI,KAAK,CACb,cAAc,SAAS,sBAAsB;YAC3C,gFAAgF,OAAO,EAAE,CAAC,IAAI,EAAE,EAClG,EAAE,KAAK,EAAE,KAAK,EAAE,CACjB,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,mBAAmB,CAAC,GAA2B;IAItD,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,kBAAkB,CAAC,CAAC,CAAC;IAChE,SAAS,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;IACrC,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;IAC9C,MAAM,OAAO,GACX,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC;SAChB,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,IAAI,gBAAgB,CAAC,KAAK,CAAC,EAAE,CAAC;SAC1D,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;IACvB,aAAa,CAAC,WAAW,EAAE,OAAO,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,iBAAiB,EAAE,CAAC,CAAC;IACpF,SAAS,CAAC,WAAW,EAAE,iBAAiB,CAAC,CAAC;IAE1C,OAAO;QACL,WAAW;QACX,OAAO,EAAE,GAAG,EAAE;YACZ,MAAM,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACpD,CAAC;KACF,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,KAAa;IACrC,OAAO,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;AACrC,CAAC","sourcesContent":["import { chmodSync, mkdtempSync, rmSync, writeFileSync } from \"node:fs\";\nimport { tmpdir } from \"node:os\";\nimport { join } from \"node:path\";\nimport type {\n  ContainerSandboxConfig,\n  ExecOptions,\n  ExecResult,\n  Executor,\n  RuntimePathContext,\n  SandboxAdapter,\n} from \"./types.js\";\nimport { SandboxError } from \"./errors.js\";\nimport { execSimple, shellEscape } from \"./utils.js\";\nimport { HostExecutor } from \"./host.js\";\nimport { createMountedRuntimePathContext } from \"./path-context.js\";\n\nconst PRIVATE_DIR_MODE = 0o700;\nconst PRIVATE_FILE_MODE = 0o600;\n\nexport function parseContainerSandboxArg(value: string): ContainerSandboxConfig | undefined {\n  if (!value.startsWith(\"container:\")) {\n    return undefined;\n  }\n\n  const container = value.slice(\"container:\".length);\n  if (!container) {\n    throw new SandboxError(\n      \"Error: container sandbox requires container name (e.g., container:mama-sandbox)\",\n    );\n  }\n  return { type: \"container\", container };\n}\n\nexport async function validateContainerSandbox(config: ContainerSandboxConfig): Promise<void> {\n  try {\n    await execSimple(\"docker\", [\"--version\"]);\n  } catch {\n    throw new SandboxError(\"Error: Docker is not installed or not in PATH\");\n  }\n\n  try {\n    const result = await execSimple(\"docker\", [\n      \"inspect\",\n      \"-f\",\n      \"{{.State.Running}}\",\n      config.container,\n    ]);\n    if (result.trim() !== \"true\") {\n      throw new SandboxError(`Error: Container '${config.container}' is not running.`, [\n        `Start it with: docker start ${config.container}`,\n      ]);\n    }\n  } catch (error) {\n    if (error instanceof SandboxError) {\n      throw error;\n    }\n    throw new SandboxError(`Error: Container '${config.container}' does not exist.`, [\n      `Create it with: docker run -d --name ${config.container} -v <workspace>:/workspace alpine:latest sleep infinity`,\n    ]);\n  }\n\n  console.log(`  Container '${config.container}' is running.`);\n}\n\nexport function buildContainerExecCommand(\n  container: string,\n  command: string,\n  envFilePath?: string,\n): string {\n  const envPart = envFilePath ? `--env-file ${shellEscape(envFilePath)} ` : \"\";\n  return `docker exec ${envPart}-w /workspace ${container} sh -c ${shellEscape(command)}`;\n}\n\nfunction withRuntimeBootstrap(command: string, env?: Record<string, string>): string {\n  if (!hasGitHubToken(env)) {\n    return command;\n  }\n\n  return [\n    \"if command -v gh >/dev/null 2>&1 && gh auth status >/dev/null 2>&1; then gh auth setup-git >/dev/null 2>&1 || true; fi\",\n    command,\n  ].join(\"\\n\");\n}\n\nfunction hasGitHubToken(env?: Record<string, string>): boolean {\n  return Boolean(env?.GH_TOKEN || env?.GITHUB_TOKEN || env?.GITHUB_OAUTH_ACCESS_TOKEN);\n}\n\nexport class ContainerExecutor implements Executor {\n  constructor(\n    private container: string,\n    private env?: Record<string, string>,\n    private ensureReady?: () => Promise<void>,\n  ) {}\n\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    if (this.ensureReady) {\n      await this.ensureReady();\n    } else {\n      await ensureContainerRunning(this.container);\n    }\n\n    const hostExecutor = new HostExecutor();\n    const temp = this.env ? createSecureEnvFile(this.env) : undefined;\n    try {\n      const dockerCmd = buildContainerExecCommand(\n        this.container,\n        withRuntimeBootstrap(command, this.env),\n        temp?.envFilePath,\n      );\n      return await hostExecutor.exec(dockerCmd, options);\n    } finally {\n      temp?.cleanup();\n    }\n  }\n\n  getWorkspacePath(_hostPath: string): string {\n    return \"/workspace\";\n  }\n\n  getPathContext(hostWorkspaceRoot: string): RuntimePathContext {\n    return createMountedRuntimePathContext(hostWorkspaceRoot, \"/workspace\");\n  }\n\n  getSandboxConfig(): ContainerSandboxConfig {\n    return { type: \"container\", container: this.container };\n  }\n}\n\nexport const containerSandboxAdapter: SandboxAdapter<ContainerSandboxConfig> = {\n  type: \"container\",\n  parse: parseContainerSandboxArg,\n  validate: validateContainerSandbox,\n  createExecutor: (config, env, ensureReady) =>\n    new ContainerExecutor(config.container, env, ensureReady),\n};\n\nasync function ensureContainerRunning(container: string): Promise<void> {\n  try {\n    const running = await execSimple(\"docker\", [\"inspect\", \"-f\", \"{{.State.Running}}\", container]);\n    if (running.trim() === \"true\") {\n      return;\n    }\n    await execSimple(\"docker\", [\"start\", container]);\n  } catch (error) {\n    const details = error instanceof Error ? error.message : String(error);\n    throw new Error(\n      `Container \"${container}\" is not available. ` +\n        `Expected a pre-existing container or image provisioning to keep it running.\\n${details}`.trim(),\n      { cause: error },\n    );\n  }\n}\n\nfunction createSecureEnvFile(env: Record<string, string>): {\n  envFilePath: string;\n  cleanup: () => void;\n} {\n  const tempDir = mkdtempSync(join(tmpdir(), \"mama-docker-env-\"));\n  chmodSync(tempDir, PRIVATE_DIR_MODE);\n  const envFilePath = join(tempDir, \"env.list\");\n  const content =\n    Object.entries(env)\n      .map(([key, value]) => `${key}=${sanitizeEnvValue(value)}`)\n      .join(\"\\n\") + \"\\n\";\n  writeFileSync(envFilePath, content, { encoding: \"utf-8\", mode: PRIVATE_FILE_MODE });\n  chmodSync(envFilePath, PRIVATE_FILE_MODE);\n\n  return {\n    envFilePath,\n    cleanup: () => {\n      rmSync(tempDir, { recursive: true, force: true });\n    },\n  };\n}\n\nfunction sanitizeEnvValue(value: string): string {\n  return value.replace(/\\r?\\n/g, \"\");\n}\n"]}

package/dist/sandbox/firecracker.d.ts

@@ -1,4 +1,4 @@
-import type { ExecOptions, ExecResult, Executor, FirecrackerSandboxConfig, SandboxAdapter } from "./types.js";
+import type { ExecOptions, ExecResult, Executor, FirecrackerSandboxConfig, RuntimePathContext, SandboxAdapter } from "./types.js";
 export declare function parseFirecrackerSandboxArg(value: string): FirecrackerSandboxConfig | undefined;
 export declare function validateFirecrackerSandbox(config: FirecrackerSandboxConfig): Promise<void>;
 export declare class FirecrackerExecutor implements Executor {
@@ -10,6 +10,7 @@ export declare class FirecrackerExecutor implements Executor {
     constructor(vmId: string, hostPath: string, sshUser?: string, sshPort?: number, env?: Record<string, string> | undefined);
     exec(command: string, options?: ExecOptions): Promise<ExecResult>;
     getWorkspacePath(_hostPath: string): string;
+    getPathContext(hostWorkspaceRoot: string): RuntimePathContext;
     getSandboxConfig(): FirecrackerSandboxConfig;
 }
 export declare const firecrackerSandboxAdapter: SandboxAdapter<FirecrackerSandboxConfig>;

package/dist/sandbox/firecracker.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"firecracker.d.ts","sourceRoot":"","sources":["../../src/sandbox/firecracker.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,WAAW,EACX,UAAU,EACV,QAAQ,EACR,wBAAwB,EACxB,cAAc,EACf,MAAM,YAAY,CAAC;AAKpB,wBAAgB,0BAA0B,CAAC,KAAK,EAAE,MAAM,GAAG,wBAAwB,GAAG,SAAS,CA8B9F;AAED,wBAAsB,0BAA0B,CAAC,MAAM,EAAE,wBAAwB,GAAG,OAAO,CAAC,IAAI,CAAC,CA6ChG;AAED,qBAAa,mBAAoB,YAAW,QAAQ;IAEhD,OAAO,CAAC,IAAI;IACZ,OAAO,CAAC,QAAQ;IAChB,OAAO,CAAC,OAAO;IACf,OAAO,CAAC,OAAO;IACf,OAAO,CAAC,GAAG,CAAC;IALd,YACU,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,MAAe,EACxB,OAAO,GAAE,MAAW,EACpB,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,YAAA,EAClC;IAEE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAqGtE;IAED,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAE1C;IAED,gBAAgB,IAAI,wBAAwB,CAQ3C;CACF;AAgBD,eAAO,MAAM,yBAAyB,EAAE,cAAc,CAAC,wBAAwB,CAM9E,CAAC","sourcesContent":["import { spawn } from \"child_process\";\nimport type {\n  ExecOptions,\n  ExecResult,\n  Executor,\n  FirecrackerSandboxConfig,\n  SandboxAdapter,\n} from \"./types.js\";\nimport { SandboxError } from \"./errors.js\";\nimport { HostExecutor } from \"./host.js\";\nimport { execSimple, killProcessTree, shellEscape } from \"./utils.js\";\n\nexport function parseFirecrackerSandboxArg(value: string): FirecrackerSandboxConfig | undefined {\n  if (!value.startsWith(\"firecracker:\")) {\n    return undefined;\n  }\n\n  const arg = value.slice(\"firecracker:\".length);\n  // Format: firecracker:<vm-id>:<host-path>[:<ssh-user>[:<ssh-port>]]\n  // Example: firecracker:vm1:/home/user/workspace\n  //          firecracker:vm1:/home/user/workspace:root\n  //          firecracker:vm1:/home/user/workspace:root:22\n  const parts = arg.split(\":\");\n  if (parts.length < 2) {\n    throw new SandboxError(\n      \"Error: firecracker sandbox requires vm-id and host-path\\n\" +\n        \"Usage: firecracker:<vm-id>:<host-path>[:<ssh-user>[:<ssh-port>]]\\n\" +\n        \"Example: firecracker:vm1:/home/user/workspace\",\n    );\n  }\n  const vmId = parts[0];\n  const hostPath = parts[1];\n  const sshUser = parts[2] || \"root\";\n  const sshPort = parts[3] ? parseInt(parts[3], 10) : 22;\n\n  if (!vmId || !hostPath) {\n    throw new SandboxError(\"Error: firecracker sandbox requires vm-id and host-path\");\n  }\n  if (isNaN(sshPort) || sshPort <= 0 || sshPort > 65535) {\n    throw new SandboxError(\"Error: invalid SSH port\");\n  }\n  return { type: \"firecracker\", vmId, hostPath, sshUser, sshPort };\n}\n\nexport async function validateFirecrackerSandbox(config: FirecrackerSandboxConfig): Promise<void> {\n  // Check if fc-agent or firecracker CLI is available\n  try {\n    await execSimple(\"fc-agent\", [\"--version\"]);\n  } catch {\n    // Try alternative: firecracker\n    try {\n      await execSimple(\"firecracker\", [\"--version\"]);\n    } catch {\n      throw new SandboxError(\n        \"Error: Firecracker tools (fc-agent or firecracker) not found in PATH\",\n        [\"Install firecracker: https://github.com/firecracker-microvm/firecracker\"],\n      );\n    }\n  }\n\n  // Check if VM is running using fc-agent\n  try {\n    const result = await execSimple(\"fc-agent\", [\"status\", config.vmId]);\n    if (!result.includes(\"running\") && !result.includes(\"Running\")) {\n      throw new SandboxError(`Error: Firecracker VM '${config.vmId}' is not running.`, [\n        `Start it with: fc-agent start ${config.vmId}`,\n      ]);\n    }\n  } catch (error) {\n    if (error instanceof SandboxError) {\n      throw error;\n    }\n    // Try alternative: firecracker-ctl or direct check\n    try {\n      await execSimple(\"firecracker-ctl\", [\"status\", config.vmId]);\n    } catch {\n      console.error(`Warning: Could not verify if VM '${config.vmId}' is running.`);\n      console.error(\"Make sure the VM is started before running mama.\");\n    }\n  }\n\n  // Verify host path exists\n  try {\n    await execSimple(\"ls\", [\"-d\", config.hostPath]);\n  } catch {\n    throw new SandboxError(`Error: Host path '${config.hostPath}' does not exist.`);\n  }\n\n  console.log(`  Firecracker VM '${config.vmId}' configured with workspace '${config.hostPath}'.`);\n}\n\nexport class FirecrackerExecutor implements Executor {\n  constructor(\n    private vmId: string,\n    private hostPath: string,\n    private sshUser: string = \"root\",\n    private sshPort: number = 22,\n    private env?: Record<string, string>,\n  ) {}\n\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    if (!this.env || Object.keys(this.env).length === 0) {\n      const sshCmd =\n        this.sshPort === 22\n          ? `ssh -o StrictHostKeyChecking=no -o ConnectTimeout=10 ${this.sshUser}@${this.vmId} sh -c ${shellEscape(command)}`\n          : `ssh -o StrictHostKeyChecking=no -o ConnectTimeout=10 -p ${this.sshPort} ${this.sshUser}@${this.vmId} sh -c ${shellEscape(command)}`;\n      const hostExecutor = new HostExecutor();\n      return hostExecutor.exec(sshCmd, options);\n    }\n\n    return new Promise((resolve, reject) => {\n      const sshArgs = [\"-o\", \"StrictHostKeyChecking=no\", \"-o\", \"ConnectTimeout=10\"];\n      if (this.sshPort !== 22) {\n        sshArgs.push(\"-p\", String(this.sshPort));\n      }\n      sshArgs.push(`${this.sshUser}@${this.vmId}`, \"sh\", \"-se\");\n\n      const child = spawn(\"ssh\", sshArgs, {\n        detached: true,\n        stdio: [\"pipe\", \"pipe\", \"pipe\"],\n      });\n\n      let stdout = \"\";\n      let stderr = \"\";\n      let timedOut = false;\n      let settled = false;\n\n      const timeoutHandle =\n        options?.timeout && options.timeout > 0\n          ? setTimeout(() => {\n              timedOut = true;\n              if (child.pid) killProcessTree(child.pid);\n            }, options.timeout * 1000)\n          : undefined;\n\n      const onAbort = () => {\n        if (child.pid) killProcessTree(child.pid);\n      };\n\n      if (options?.signal) {\n        if (options.signal.aborted) {\n          onAbort();\n        } else {\n          options.signal.addEventListener(\"abort\", onAbort, { once: true });\n        }\n      }\n\n      child.on(\"error\", (error) => {\n        if (settled) return;\n        settled = true;\n        if (timeoutHandle) clearTimeout(timeoutHandle);\n        if (options?.signal) {\n          options.signal.removeEventListener(\"abort\", onAbort);\n        }\n        reject(error);\n      });\n\n      child.stdout?.on(\"data\", (data) => {\n        stdout += data.toString();\n        if (stdout.length > 10 * 1024 * 1024) {\n          stdout = stdout.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.stderr?.on(\"data\", (data) => {\n        stderr += data.toString();\n        if (stderr.length > 10 * 1024 * 1024) {\n          stderr = stderr.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.stdin?.on(\"error\", (error) => {\n        stderr += `${error.message}\\n`;\n      });\n      child.stdin?.end(buildRemoteScript(command, this.env));\n\n      child.on(\"close\", (code) => {\n        if (settled) return;\n        settled = true;\n        if (timeoutHandle) clearTimeout(timeoutHandle);\n        if (options?.signal) {\n          options.signal.removeEventListener(\"abort\", onAbort);\n        }\n\n        if (options?.signal?.aborted) {\n          reject(new Error(`${stdout}\\n${stderr}\\nCommand aborted`.trim()));\n          return;\n        }\n\n        if (timedOut) {\n          reject(\n            new Error(\n              `${stdout}\\n${stderr}\\nCommand timed out after ${options?.timeout} seconds`.trim(),\n            ),\n          );\n          return;\n        }\n\n        resolve({ stdout, stderr, code: code ?? 0 });\n      });\n    });\n  }\n\n  getWorkspacePath(_hostPath: string): string {\n    return \"/workspace\";\n  }\n\n  getSandboxConfig(): FirecrackerSandboxConfig {\n    return {\n      type: \"firecracker\",\n      vmId: this.vmId,\n      hostPath: this.hostPath,\n      sshUser: this.sshUser,\n      sshPort: this.sshPort,\n    };\n  }\n}\n\nfunction buildRemoteScript(command: string, env?: Record<string, string>): string {\n  const exports = env\n    ? Object.entries(env)\n        .map(([key, value]) => {\n          if (!/^[A-Za-z_][A-Za-z0-9_]*$/.test(key)) {\n            throw new SandboxError(`Invalid environment variable name for firecracker: ${key}`);\n          }\n          return `export ${key}=${shellEscape(value)}`;\n        })\n        .join(\"\\n\") + \"\\n\"\n    : \"\";\n  return `${exports}${command}\\n`;\n}\n\nexport const firecrackerSandboxAdapter: SandboxAdapter<FirecrackerSandboxConfig> = {\n  type: \"firecracker\",\n  parse: parseFirecrackerSandboxArg,\n  validate: validateFirecrackerSandbox,\n  createExecutor: (config, env) =>\n    new FirecrackerExecutor(config.vmId, config.hostPath, config.sshUser, config.sshPort, env),\n};\n"]}
+{"version":3,"file":"firecracker.d.ts","sourceRoot":"","sources":["../../src/sandbox/firecracker.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,WAAW,EACX,UAAU,EACV,QAAQ,EACR,wBAAwB,EACxB,kBAAkB,EAClB,cAAc,EACf,MAAM,YAAY,CAAC;AAKpB,wBAAgB,0BAA0B,CAAC,KAAK,EAAE,MAAM,GAAG,wBAAwB,GAAG,SAAS,CA8B9F;AAED,wBAAsB,0BAA0B,CAAC,MAAM,EAAE,wBAAwB,GAAG,OAAO,CAAC,IAAI,CAAC,CA6ChG;AAED,qBAAa,mBAAoB,YAAW,QAAQ;IAEhD,OAAO,CAAC,IAAI;IACZ,OAAO,CAAC,QAAQ;IAChB,OAAO,CAAC,OAAO;IACf,OAAO,CAAC,OAAO;IACf,OAAO,CAAC,GAAG,CAAC;IALd,YACU,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,MAAe,EACxB,OAAO,GAAE,MAAW,EACpB,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,YAAA,EAClC;IAEE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAqGtE;IAED,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAE1C;IAED,cAAc,CAAC,iBAAiB,EAAE,MAAM,GAAG,kBAAkB,CAK5D;IAED,gBAAgB,IAAI,wBAAwB,CAQ3C;CACF;AAgBD,eAAO,MAAM,yBAAyB,EAAE,cAAc,CAAC,wBAAwB,CAM9E,CAAC","sourcesContent":["import { spawn } from \"child_process\";\nimport type {\n  ExecOptions,\n  ExecResult,\n  Executor,\n  FirecrackerSandboxConfig,\n  RuntimePathContext,\n  SandboxAdapter,\n} from \"./types.js\";\nimport { SandboxError } from \"./errors.js\";\nimport { HostExecutor } from \"./host.js\";\nimport { execSimple, killProcessTree, shellEscape } from \"./utils.js\";\n\nexport function parseFirecrackerSandboxArg(value: string): FirecrackerSandboxConfig | undefined {\n  if (!value.startsWith(\"firecracker:\")) {\n    return undefined;\n  }\n\n  const arg = value.slice(\"firecracker:\".length);\n  // Format: firecracker:<vm-id>:<host-path>[:<ssh-user>[:<ssh-port>]]\n  // Example: firecracker:vm1:/home/user/workspace\n  //          firecracker:vm1:/home/user/workspace:root\n  //          firecracker:vm1:/home/user/workspace:root:22\n  const parts = arg.split(\":\");\n  if (parts.length < 2) {\n    throw new SandboxError(\n      \"Error: firecracker sandbox requires vm-id and host-path\\n\" +\n        \"Usage: firecracker:<vm-id>:<host-path>[:<ssh-user>[:<ssh-port>]]\\n\" +\n        \"Example: firecracker:vm1:/home/user/workspace\",\n    );\n  }\n  const vmId = parts[0];\n  const hostPath = parts[1];\n  const sshUser = parts[2] || \"root\";\n  const sshPort = parts[3] ? parseInt(parts[3], 10) : 22;\n\n  if (!vmId || !hostPath) {\n    throw new SandboxError(\"Error: firecracker sandbox requires vm-id and host-path\");\n  }\n  if (isNaN(sshPort) || sshPort <= 0 || sshPort > 65535) {\n    throw new SandboxError(\"Error: invalid SSH port\");\n  }\n  return { type: \"firecracker\", vmId, hostPath, sshUser, sshPort };\n}\n\nexport async function validateFirecrackerSandbox(config: FirecrackerSandboxConfig): Promise<void> {\n  // Check if fc-agent or firecracker CLI is available\n  try {\n    await execSimple(\"fc-agent\", [\"--version\"]);\n  } catch {\n    // Try alternative: firecracker\n    try {\n      await execSimple(\"firecracker\", [\"--version\"]);\n    } catch {\n      throw new SandboxError(\n        \"Error: Firecracker tools (fc-agent or firecracker) not found in PATH\",\n        [\"Install firecracker: https://github.com/firecracker-microvm/firecracker\"],\n      );\n    }\n  }\n\n  // Check if VM is running using fc-agent\n  try {\n    const result = await execSimple(\"fc-agent\", [\"status\", config.vmId]);\n    if (!result.includes(\"running\") && !result.includes(\"Running\")) {\n      throw new SandboxError(`Error: Firecracker VM '${config.vmId}' is not running.`, [\n        `Start it with: fc-agent start ${config.vmId}`,\n      ]);\n    }\n  } catch (error) {\n    if (error instanceof SandboxError) {\n      throw error;\n    }\n    // Try alternative: firecracker-ctl or direct check\n    try {\n      await execSimple(\"firecracker-ctl\", [\"status\", config.vmId]);\n    } catch {\n      console.error(`Warning: Could not verify if VM '${config.vmId}' is running.`);\n      console.error(\"Make sure the VM is started before running mama.\");\n    }\n  }\n\n  // Verify host path exists\n  try {\n    await execSimple(\"ls\", [\"-d\", config.hostPath]);\n  } catch {\n    throw new SandboxError(`Error: Host path '${config.hostPath}' does not exist.`);\n  }\n\n  console.log(`  Firecracker VM '${config.vmId}' configured with workspace '${config.hostPath}'.`);\n}\n\nexport class FirecrackerExecutor implements Executor {\n  constructor(\n    private vmId: string,\n    private hostPath: string,\n    private sshUser: string = \"root\",\n    private sshPort: number = 22,\n    private env?: Record<string, string>,\n  ) {}\n\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    if (!this.env || Object.keys(this.env).length === 0) {\n      const sshCmd =\n        this.sshPort === 22\n          ? `ssh -o StrictHostKeyChecking=no -o ConnectTimeout=10 ${this.sshUser}@${this.vmId} sh -c ${shellEscape(command)}`\n          : `ssh -o StrictHostKeyChecking=no -o ConnectTimeout=10 -p ${this.sshPort} ${this.sshUser}@${this.vmId} sh -c ${shellEscape(command)}`;\n      const hostExecutor = new HostExecutor();\n      return hostExecutor.exec(sshCmd, options);\n    }\n\n    return new Promise((resolve, reject) => {\n      const sshArgs = [\"-o\", \"StrictHostKeyChecking=no\", \"-o\", \"ConnectTimeout=10\"];\n      if (this.sshPort !== 22) {\n        sshArgs.push(\"-p\", String(this.sshPort));\n      }\n      sshArgs.push(`${this.sshUser}@${this.vmId}`, \"sh\", \"-se\");\n\n      const child = spawn(\"ssh\", sshArgs, {\n        detached: true,\n        stdio: [\"pipe\", \"pipe\", \"pipe\"],\n      });\n\n      let stdout = \"\";\n      let stderr = \"\";\n      let timedOut = false;\n      let settled = false;\n\n      const timeoutHandle =\n        options?.timeout && options.timeout > 0\n          ? setTimeout(() => {\n              timedOut = true;\n              if (child.pid) killProcessTree(child.pid);\n            }, options.timeout * 1000)\n          : undefined;\n\n      const onAbort = () => {\n        if (child.pid) killProcessTree(child.pid);\n      };\n\n      if (options?.signal) {\n        if (options.signal.aborted) {\n          onAbort();\n        } else {\n          options.signal.addEventListener(\"abort\", onAbort, { once: true });\n        }\n      }\n\n      child.on(\"error\", (error) => {\n        if (settled) return;\n        settled = true;\n        if (timeoutHandle) clearTimeout(timeoutHandle);\n        if (options?.signal) {\n          options.signal.removeEventListener(\"abort\", onAbort);\n        }\n        reject(error);\n      });\n\n      child.stdout?.on(\"data\", (data) => {\n        stdout += data.toString();\n        if (stdout.length > 10 * 1024 * 1024) {\n          stdout = stdout.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.stderr?.on(\"data\", (data) => {\n        stderr += data.toString();\n        if (stderr.length > 10 * 1024 * 1024) {\n          stderr = stderr.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.stdin?.on(\"error\", (error) => {\n        stderr += `${error.message}\\n`;\n      });\n      child.stdin?.end(buildRemoteScript(command, this.env));\n\n      child.on(\"close\", (code) => {\n        if (settled) return;\n        settled = true;\n        if (timeoutHandle) clearTimeout(timeoutHandle);\n        if (options?.signal) {\n          options.signal.removeEventListener(\"abort\", onAbort);\n        }\n\n        if (options?.signal?.aborted) {\n          reject(new Error(`${stdout}\\n${stderr}\\nCommand aborted`.trim()));\n          return;\n        }\n\n        if (timedOut) {\n          reject(\n            new Error(\n              `${stdout}\\n${stderr}\\nCommand timed out after ${options?.timeout} seconds`.trim(),\n            ),\n          );\n          return;\n        }\n\n        resolve({ stdout, stderr, code: code ?? 0 });\n      });\n    });\n  }\n\n  getWorkspacePath(_hostPath: string): string {\n    return \"/workspace\";\n  }\n\n  getPathContext(hostWorkspaceRoot: string): RuntimePathContext {\n    return {\n      hostWorkspaceRoot,\n      runtimeWorkspaceRoot: \"/workspace\",\n    };\n  }\n\n  getSandboxConfig(): FirecrackerSandboxConfig {\n    return {\n      type: \"firecracker\",\n      vmId: this.vmId,\n      hostPath: this.hostPath,\n      sshUser: this.sshUser,\n      sshPort: this.sshPort,\n    };\n  }\n}\n\nfunction buildRemoteScript(command: string, env?: Record<string, string>): string {\n  const exports = env\n    ? Object.entries(env)\n        .map(([key, value]) => {\n          if (!/^[A-Za-z_][A-Za-z0-9_]*$/.test(key)) {\n            throw new SandboxError(`Invalid environment variable name for firecracker: ${key}`);\n          }\n          return `export ${key}=${shellEscape(value)}`;\n        })\n        .join(\"\\n\") + \"\\n\"\n    : \"\";\n  return `${exports}${command}\\n`;\n}\n\nexport const firecrackerSandboxAdapter: SandboxAdapter<FirecrackerSandboxConfig> = {\n  type: \"firecracker\",\n  parse: parseFirecrackerSandboxArg,\n  validate: validateFirecrackerSandbox,\n  createExecutor: (config, env) =>\n    new FirecrackerExecutor(config.vmId, config.hostPath, config.sshUser, config.sshPort, env),\n};\n"]}

package/dist/sandbox/firecracker.js

@@ -174,6 +174,12 @@ export class FirecrackerExecutor {
     getWorkspacePath(_hostPath) {
         return "/workspace";
     }
+    getPathContext(hostWorkspaceRoot) {
+        return {
+            hostWorkspaceRoot,
+            runtimeWorkspaceRoot: "/workspace",
+        };
+    }
     getSandboxConfig() {
         return {
             type: "firecracker",

package/dist/sandbox/firecracker.js.map

@@ -1 +1 @@
-{"version":3,"file":"firecracker.js","sourceRoot":"","sources":["../../src/sandbox/firecracker.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAQtC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAEtE,MAAM,UAAU,0BAA0B,CAAC,KAAa;IACtD,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;QACtC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;IAC/C,oEAAoE;IACpE,gDAAgD;IAChD,qDAAqD;IACrD,wDAAwD;IACxD,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,MAAM,IAAI,YAAY,CACpB,2DAA2D;YACzD,oEAAoE;YACpE,+CAA+C,CAClD,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IACtB,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IAC1B,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;IACnC,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEvD,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QACvB,MAAM,IAAI,YAAY,CAAC,yDAAyD,CAAC,CAAC;IACpF,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,OAAO,IAAI,CAAC,IAAI,OAAO,GAAG,KAAK,EAAE,CAAC;QACtD,MAAM,IAAI,YAAY,CAAC,yBAAyB,CAAC,CAAC;IACpD,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AACnE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAAC,MAAgC;IAC/E,oDAAoD;IACpD,IAAI,CAAC;QACH,MAAM,UAAU,CAAC,UAAU,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;IAC9C,CAAC;IAAC,MAAM,CAAC;QACP,+BAA+B;QAC/B,IAAI,CAAC;YACH,MAAM,UAAU,CAAC,aAAa,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;QACjD,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,YAAY,CACpB,sEAAsE,EACtE,CAAC,yEAAyE,CAAC,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAED,wCAAwC;IACxC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,UAAU,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QACrE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAC/D,MAAM,IAAI,YAAY,CAAC,0BAA0B,MAAM,CAAC,IAAI,mBAAmB,EAAE;gBAC/E,iCAAiC,MAAM,CAAC,IAAI,EAAE;aAC/C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,YAAY,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,mDAAmD;QACnD,IAAI,CAAC;YACH,MAAM,UAAU,CAAC,iBAAiB,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAC/D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,KAAK,CAAC,oCAAoC,MAAM,CAAC,IAAI,eAAe,CAAC,CAAC;YAC9E,OAAO,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;IAED,0BAA0B;IAC1B,IAAI,CAAC;QACH,MAAM,UAAU,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;IAClD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,YAAY,CAAC,qBAAqB,MAAM,CAAC,QAAQ,mBAAmB,CAAC,CAAC;IAClF,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,qBAAqB,MAAM,CAAC,IAAI,gCAAgC,MAAM,CAAC,QAAQ,IAAI,CAAC,CAAC;AACnG,CAAC;AAED,MAAM,OAAO,mBAAmB;IAC9B,YACU,IAAY,EACZ,QAAgB,EAChB,OAAO,GAAW,MAAM,EACxB,OAAO,GAAW,EAAE,EACpB,GAA4B;oBAJ5B,IAAI;wBACJ,QAAQ;uBACR,OAAO;uBACP,OAAO;mBACP,GAAG;IACV,CAAC;IAEJ,KAAK,CAAC,IAAI,CAAC,OAAe,EAAE,OAAqB;QAC/C,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACpD,MAAM,MAAM,GACV,IAAI,CAAC,OAAO,KAAK,EAAE;gBACjB,CAAC,CAAC,wDAAwD,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,IAAI,UAAU,WAAW,CAAC,OAAO,CAAC,EAAE;gBACnH,CAAC,CAAC,2DAA2D,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,IAAI,UAAU,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3I,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;YACxC,OAAO,YAAY,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC5C,CAAC;QAED,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,OAAO,GAAG,CAAC,IAAI,EAAE,0BAA0B,EAAE,IAAI,EAAE,mBAAmB,CAAC,CAAC;YAC9E,IAAI,IAAI,CAAC,OAAO,KAAK,EAAE,EAAE,CAAC;gBACxB,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;YAC3C,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;YAE1D,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,OAAO,EAAE;gBAClC,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;aAChC,CAAC,CAAC;YAEH,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,QAAQ,GAAG,KAAK,CAAC;YACrB,IAAI,OAAO,GAAG,KAAK,CAAC;YAEpB,MAAM,aAAa,GACjB,OAAO,EAAE,OAAO,IAAI,OAAO,CAAC,OAAO,GAAG,CAAC;gBACrC,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE;oBACd,QAAQ,GAAG,IAAI,CAAC;oBAChB,IAAI,KAAK,CAAC,GAAG;wBAAE,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC5C,CAAC,EAAE,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;gBAC5B,CAAC,CAAC,SAAS,CAAC;YAEhB,MAAM,OAAO,GAAG,GAAG,EAAE;gBACnB,IAAI,KAAK,CAAC,GAAG;oBAAE,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5C,CAAC,CAAC;YAEF,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;gBACpB,IAAI,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;oBAC3B,OAAO,EAAE,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;gBACpE,CAAC;YACH,CAAC;YAED,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;gBAC1B,IAAI,OAAO;oBAAE,OAAO;gBACpB,OAAO,GAAG,IAAI,CAAC;gBACf,IAAI,aAAa;oBAAE,YAAY,CAAC,aAAa,CAAC,CAAC;gBAC/C,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;oBACpB,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBACvD,CAAC;gBACD,MAAM,CAAC,KAAK,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAChC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;oBACrC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;gBAC7C,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAChC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;oBACrC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;gBAC7C,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;gBACjC,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,IAAI,CAAC;YACjC,CAAC,CAAC,CAAC;YACH,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,iBAAiB,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAEvD,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACzB,IAAI,OAAO;oBAAE,OAAO;gBACpB,OAAO,GAAG,IAAI,CAAC;gBACf,IAAI,aAAa;oBAAE,YAAY,CAAC,aAAa,CAAC,CAAC;gBAC/C,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;oBACpB,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBACvD,CAAC;gBAED,IAAI,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;oBAC7B,MAAM,CAAC,IAAI,KAAK,CAAC,GAAG,MAAM,KAAK,MAAM,mBAAmB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;oBAClE,OAAO;gBACT,CAAC;gBAED,IAAI,QAAQ,EAAE,CAAC;oBACb,MAAM,CACJ,IAAI,KAAK,CACP,GAAG,MAAM,KAAK,MAAM,6BAA6B,OAAO,EAAE,OAAO,UAAU,CAAC,IAAI,EAAE,CACnF,CACF,CAAC;oBACF,OAAO;gBACT,CAAC;gBAED,OAAO,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,CAAC;YAC/C,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED,gBAAgB,CAAC,SAAiB;QAChC,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,gBAAgB;QACd,OAAO;YACL,IAAI,EAAE,aAAa;YACnB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,OAAO,EAAE,IAAI,CAAC,OAAO;SACtB,CAAC;IACJ,CAAC;CACF;AAED,SAAS,iBAAiB,CAAC,OAAe,EAAE,GAA4B;IACtE,MAAM,OAAO,GAAG,GAAG;QACjB,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC;aAChB,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;YACpB,IAAI,CAAC,0BAA0B,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC1C,MAAM,IAAI,YAAY,CAAC,sDAAsD,GAAG,EAAE,CAAC,CAAC;YACtF,CAAC;YACD,OAAO,UAAU,GAAG,IAAI,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;QAC/C,CAAC,CAAC;aACD,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI;QACtB,CAAC,CAAC,EAAE,CAAC;IACP,OAAO,GAAG,OAAO,GAAG,OAAO,IAAI,CAAC;AAClC,CAAC;AAED,MAAM,CAAC,MAAM,yBAAyB,GAA6C;IACjF,IAAI,EAAE,aAAa;IACnB,KAAK,EAAE,0BAA0B;IACjC,QAAQ,EAAE,0BAA0B;IACpC,cAAc,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE,EAAE,CAC9B,IAAI,mBAAmB,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC;CAC7F,CAAC","sourcesContent":["import { spawn } from \"child_process\";\nimport type {\n  ExecOptions,\n  ExecResult,\n  Executor,\n  FirecrackerSandboxConfig,\n  SandboxAdapter,\n} from \"./types.js\";\nimport { SandboxError } from \"./errors.js\";\nimport { HostExecutor } from \"./host.js\";\nimport { execSimple, killProcessTree, shellEscape } from \"./utils.js\";\n\nexport function parseFirecrackerSandboxArg(value: string): FirecrackerSandboxConfig | undefined {\n  if (!value.startsWith(\"firecracker:\")) {\n    return undefined;\n  }\n\n  const arg = value.slice(\"firecracker:\".length);\n  // Format: firecracker:<vm-id>:<host-path>[:<ssh-user>[:<ssh-port>]]\n  // Example: firecracker:vm1:/home/user/workspace\n  //          firecracker:vm1:/home/user/workspace:root\n  //          firecracker:vm1:/home/user/workspace:root:22\n  const parts = arg.split(\":\");\n  if (parts.length < 2) {\n    throw new SandboxError(\n      \"Error: firecracker sandbox requires vm-id and host-path\\n\" +\n        \"Usage: firecracker:<vm-id>:<host-path>[:<ssh-user>[:<ssh-port>]]\\n\" +\n        \"Example: firecracker:vm1:/home/user/workspace\",\n    );\n  }\n  const vmId = parts[0];\n  const hostPath = parts[1];\n  const sshUser = parts[2] || \"root\";\n  const sshPort = parts[3] ? parseInt(parts[3], 10) : 22;\n\n  if (!vmId || !hostPath) {\n    throw new SandboxError(\"Error: firecracker sandbox requires vm-id and host-path\");\n  }\n  if (isNaN(sshPort) || sshPort <= 0 || sshPort > 65535) {\n    throw new SandboxError(\"Error: invalid SSH port\");\n  }\n  return { type: \"firecracker\", vmId, hostPath, sshUser, sshPort };\n}\n\nexport async function validateFirecrackerSandbox(config: FirecrackerSandboxConfig): Promise<void> {\n  // Check if fc-agent or firecracker CLI is available\n  try {\n    await execSimple(\"fc-agent\", [\"--version\"]);\n  } catch {\n    // Try alternative: firecracker\n    try {\n      await execSimple(\"firecracker\", [\"--version\"]);\n    } catch {\n      throw new SandboxError(\n        \"Error: Firecracker tools (fc-agent or firecracker) not found in PATH\",\n        [\"Install firecracker: https://github.com/firecracker-microvm/firecracker\"],\n      );\n    }\n  }\n\n  // Check if VM is running using fc-agent\n  try {\n    const result = await execSimple(\"fc-agent\", [\"status\", config.vmId]);\n    if (!result.includes(\"running\") && !result.includes(\"Running\")) {\n      throw new SandboxError(`Error: Firecracker VM '${config.vmId}' is not running.`, [\n        `Start it with: fc-agent start ${config.vmId}`,\n      ]);\n    }\n  } catch (error) {\n    if (error instanceof SandboxError) {\n      throw error;\n    }\n    // Try alternative: firecracker-ctl or direct check\n    try {\n      await execSimple(\"firecracker-ctl\", [\"status\", config.vmId]);\n    } catch {\n      console.error(`Warning: Could not verify if VM '${config.vmId}' is running.`);\n      console.error(\"Make sure the VM is started before running mama.\");\n    }\n  }\n\n  // Verify host path exists\n  try {\n    await execSimple(\"ls\", [\"-d\", config.hostPath]);\n  } catch {\n    throw new SandboxError(`Error: Host path '${config.hostPath}' does not exist.`);\n  }\n\n  console.log(`  Firecracker VM '${config.vmId}' configured with workspace '${config.hostPath}'.`);\n}\n\nexport class FirecrackerExecutor implements Executor {\n  constructor(\n    private vmId: string,\n    private hostPath: string,\n    private sshUser: string = \"root\",\n    private sshPort: number = 22,\n    private env?: Record<string, string>,\n  ) {}\n\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    if (!this.env || Object.keys(this.env).length === 0) {\n      const sshCmd =\n        this.sshPort === 22\n          ? `ssh -o StrictHostKeyChecking=no -o ConnectTimeout=10 ${this.sshUser}@${this.vmId} sh -c ${shellEscape(command)}`\n          : `ssh -o StrictHostKeyChecking=no -o ConnectTimeout=10 -p ${this.sshPort} ${this.sshUser}@${this.vmId} sh -c ${shellEscape(command)}`;\n      const hostExecutor = new HostExecutor();\n      return hostExecutor.exec(sshCmd, options);\n    }\n\n    return new Promise((resolve, reject) => {\n      const sshArgs = [\"-o\", \"StrictHostKeyChecking=no\", \"-o\", \"ConnectTimeout=10\"];\n      if (this.sshPort !== 22) {\n        sshArgs.push(\"-p\", String(this.sshPort));\n      }\n      sshArgs.push(`${this.sshUser}@${this.vmId}`, \"sh\", \"-se\");\n\n      const child = spawn(\"ssh\", sshArgs, {\n        detached: true,\n        stdio: [\"pipe\", \"pipe\", \"pipe\"],\n      });\n\n      let stdout = \"\";\n      let stderr = \"\";\n      let timedOut = false;\n      let settled = false;\n\n      const timeoutHandle =\n        options?.timeout && options.timeout > 0\n          ? setTimeout(() => {\n              timedOut = true;\n              if (child.pid) killProcessTree(child.pid);\n            }, options.timeout * 1000)\n          : undefined;\n\n      const onAbort = () => {\n        if (child.pid) killProcessTree(child.pid);\n      };\n\n      if (options?.signal) {\n        if (options.signal.aborted) {\n          onAbort();\n        } else {\n          options.signal.addEventListener(\"abort\", onAbort, { once: true });\n        }\n      }\n\n      child.on(\"error\", (error) => {\n        if (settled) return;\n        settled = true;\n        if (timeoutHandle) clearTimeout(timeoutHandle);\n        if (options?.signal) {\n          options.signal.removeEventListener(\"abort\", onAbort);\n        }\n        reject(error);\n      });\n\n      child.stdout?.on(\"data\", (data) => {\n        stdout += data.toString();\n        if (stdout.length > 10 * 1024 * 1024) {\n          stdout = stdout.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.stderr?.on(\"data\", (data) => {\n        stderr += data.toString();\n        if (stderr.length > 10 * 1024 * 1024) {\n          stderr = stderr.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.stdin?.on(\"error\", (error) => {\n        stderr += `${error.message}\\n`;\n      });\n      child.stdin?.end(buildRemoteScript(command, this.env));\n\n      child.on(\"close\", (code) => {\n        if (settled) return;\n        settled = true;\n        if (timeoutHandle) clearTimeout(timeoutHandle);\n        if (options?.signal) {\n          options.signal.removeEventListener(\"abort\", onAbort);\n        }\n\n        if (options?.signal?.aborted) {\n          reject(new Error(`${stdout}\\n${stderr}\\nCommand aborted`.trim()));\n          return;\n        }\n\n        if (timedOut) {\n          reject(\n            new Error(\n              `${stdout}\\n${stderr}\\nCommand timed out after ${options?.timeout} seconds`.trim(),\n            ),\n          );\n          return;\n        }\n\n        resolve({ stdout, stderr, code: code ?? 0 });\n      });\n    });\n  }\n\n  getWorkspacePath(_hostPath: string): string {\n    return \"/workspace\";\n  }\n\n  getSandboxConfig(): FirecrackerSandboxConfig {\n    return {\n      type: \"firecracker\",\n      vmId: this.vmId,\n      hostPath: this.hostPath,\n      sshUser: this.sshUser,\n      sshPort: this.sshPort,\n    };\n  }\n}\n\nfunction buildRemoteScript(command: string, env?: Record<string, string>): string {\n  const exports = env\n    ? Object.entries(env)\n        .map(([key, value]) => {\n          if (!/^[A-Za-z_][A-Za-z0-9_]*$/.test(key)) {\n            throw new SandboxError(`Invalid environment variable name for firecracker: ${key}`);\n          }\n          return `export ${key}=${shellEscape(value)}`;\n        })\n        .join(\"\\n\") + \"\\n\"\n    : \"\";\n  return `${exports}${command}\\n`;\n}\n\nexport const firecrackerSandboxAdapter: SandboxAdapter<FirecrackerSandboxConfig> = {\n  type: \"firecracker\",\n  parse: parseFirecrackerSandboxArg,\n  validate: validateFirecrackerSandbox,\n  createExecutor: (config, env) =>\n    new FirecrackerExecutor(config.vmId, config.hostPath, config.sshUser, config.sshPort, env),\n};\n"]}
+{"version":3,"file":"firecracker.js","sourceRoot":"","sources":["../../src/sandbox/firecracker.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAStC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAEtE,MAAM,UAAU,0BAA0B,CAAC,KAAa;IACtD,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;QACtC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;IAC/C,oEAAoE;IACpE,gDAAgD;IAChD,qDAAqD;IACrD,wDAAwD;IACxD,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,MAAM,IAAI,YAAY,CACpB,2DAA2D;YACzD,oEAAoE;YACpE,+CAA+C,CAClD,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IACtB,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IAC1B,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC;IACnC,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEvD,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QACvB,MAAM,IAAI,YAAY,CAAC,yDAAyD,CAAC,CAAC;IACpF,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,OAAO,IAAI,CAAC,IAAI,OAAO,GAAG,KAAK,EAAE,CAAC;QACtD,MAAM,IAAI,YAAY,CAAC,yBAAyB,CAAC,CAAC;IACpD,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AACnE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAAC,MAAgC;IAC/E,oDAAoD;IACpD,IAAI,CAAC;QACH,MAAM,UAAU,CAAC,UAAU,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;IAC9C,CAAC;IAAC,MAAM,CAAC;QACP,+BAA+B;QAC/B,IAAI,CAAC;YACH,MAAM,UAAU,CAAC,aAAa,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;QACjD,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,YAAY,CACpB,sEAAsE,EACtE,CAAC,yEAAyE,CAAC,CAC5E,CAAC;QACJ,CAAC;IACH,CAAC;IAED,wCAAwC;IACxC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,UAAU,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QACrE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAC/D,MAAM,IAAI,YAAY,CAAC,0BAA0B,MAAM,CAAC,IAAI,mBAAmB,EAAE;gBAC/E,iCAAiC,MAAM,CAAC,IAAI,EAAE;aAC/C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,YAAY,EAAE,CAAC;YAClC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,mDAAmD;QACnD,IAAI,CAAC;YACH,MAAM,UAAU,CAAC,iBAAiB,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAC/D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,KAAK,CAAC,oCAAoC,MAAM,CAAC,IAAI,eAAe,CAAC,CAAC;YAC9E,OAAO,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;IAED,0BAA0B;IAC1B,IAAI,CAAC;QACH,MAAM,UAAU,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;IAClD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,YAAY,CAAC,qBAAqB,MAAM,CAAC,QAAQ,mBAAmB,CAAC,CAAC;IAClF,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,qBAAqB,MAAM,CAAC,IAAI,gCAAgC,MAAM,CAAC,QAAQ,IAAI,CAAC,CAAC;AACnG,CAAC;AAED,MAAM,OAAO,mBAAmB;IAC9B,YACU,IAAY,EACZ,QAAgB,EAChB,OAAO,GAAW,MAAM,EACxB,OAAO,GAAW,EAAE,EACpB,GAA4B;oBAJ5B,IAAI;wBACJ,QAAQ;uBACR,OAAO;uBACP,OAAO;mBACP,GAAG;IACV,CAAC;IAEJ,KAAK,CAAC,IAAI,CAAC,OAAe,EAAE,OAAqB;QAC/C,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACpD,MAAM,MAAM,GACV,IAAI,CAAC,OAAO,KAAK,EAAE;gBACjB,CAAC,CAAC,wDAAwD,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,IAAI,UAAU,WAAW,CAAC,OAAO,CAAC,EAAE;gBACnH,CAAC,CAAC,2DAA2D,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,IAAI,UAAU,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3I,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;YACxC,OAAO,YAAY,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC5C,CAAC;QAED,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,OAAO,GAAG,CAAC,IAAI,EAAE,0BAA0B,EAAE,IAAI,EAAE,mBAAmB,CAAC,CAAC;YAC9E,IAAI,IAAI,CAAC,OAAO,KAAK,EAAE,EAAE,CAAC;gBACxB,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;YAC3C,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;YAE1D,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,OAAO,EAAE;gBAClC,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;aAChC,CAAC,CAAC;YAEH,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,QAAQ,GAAG,KAAK,CAAC;YACrB,IAAI,OAAO,GAAG,KAAK,CAAC;YAEpB,MAAM,aAAa,GACjB,OAAO,EAAE,OAAO,IAAI,OAAO,CAAC,OAAO,GAAG,CAAC;gBACrC,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE;oBACd,QAAQ,GAAG,IAAI,CAAC;oBAChB,IAAI,KAAK,CAAC,GAAG;wBAAE,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC5C,CAAC,EAAE,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;gBAC5B,CAAC,CAAC,SAAS,CAAC;YAEhB,MAAM,OAAO,GAAG,GAAG,EAAE;gBACnB,IAAI,KAAK,CAAC,GAAG;oBAAE,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5C,CAAC,CAAC;YAEF,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;gBACpB,IAAI,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;oBAC3B,OAAO,EAAE,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;gBACpE,CAAC;YACH,CAAC;YAED,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;gBAC1B,IAAI,OAAO;oBAAE,OAAO;gBACpB,OAAO,GAAG,IAAI,CAAC;gBACf,IAAI,aAAa;oBAAE,YAAY,CAAC,aAAa,CAAC,CAAC;gBAC/C,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;oBACpB,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBACvD,CAAC;gBACD,MAAM,CAAC,KAAK,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAChC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;oBACrC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;gBAC7C,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAChC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;oBACrC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;gBAC7C,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;gBACjC,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,IAAI,CAAC;YACjC,CAAC,CAAC,CAAC;YACH,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,iBAAiB,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAEvD,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACzB,IAAI,OAAO;oBAAE,OAAO;gBACpB,OAAO,GAAG,IAAI,CAAC;gBACf,IAAI,aAAa;oBAAE,YAAY,CAAC,aAAa,CAAC,CAAC;gBAC/C,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;oBACpB,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBACvD,CAAC;gBAED,IAAI,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;oBAC7B,MAAM,CAAC,IAAI,KAAK,CAAC,GAAG,MAAM,KAAK,MAAM,mBAAmB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;oBAClE,OAAO;gBACT,CAAC;gBAED,IAAI,QAAQ,EAAE,CAAC;oBACb,MAAM,CACJ,IAAI,KAAK,CACP,GAAG,MAAM,KAAK,MAAM,6BAA6B,OAAO,EAAE,OAAO,UAAU,CAAC,IAAI,EAAE,CACnF,CACF,CAAC;oBACF,OAAO;gBACT,CAAC;gBAED,OAAO,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,CAAC;YAC/C,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED,gBAAgB,CAAC,SAAiB;QAChC,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,cAAc,CAAC,iBAAyB;QACtC,OAAO;YACL,iBAAiB;YACjB,oBAAoB,EAAE,YAAY;SACnC,CAAC;IACJ,CAAC;IAED,gBAAgB;QACd,OAAO;YACL,IAAI,EAAE,aAAa;YACnB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,OAAO,EAAE,IAAI,CAAC,OAAO;SACtB,CAAC;IACJ,CAAC;CACF;AAED,SAAS,iBAAiB,CAAC,OAAe,EAAE,GAA4B;IACtE,MAAM,OAAO,GAAG,GAAG;QACjB,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC;aAChB,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;YACpB,IAAI,CAAC,0BAA0B,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC1C,MAAM,IAAI,YAAY,CAAC,sDAAsD,GAAG,EAAE,CAAC,CAAC;YACtF,CAAC;YACD,OAAO,UAAU,GAAG,IAAI,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;QAC/C,CAAC,CAAC;aACD,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI;QACtB,CAAC,CAAC,EAAE,CAAC;IACP,OAAO,GAAG,OAAO,GAAG,OAAO,IAAI,CAAC;AAClC,CAAC;AAED,MAAM,CAAC,MAAM,yBAAyB,GAA6C;IACjF,IAAI,EAAE,aAAa;IACnB,KAAK,EAAE,0BAA0B;IACjC,QAAQ,EAAE,0BAA0B;IACpC,cAAc,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE,EAAE,CAC9B,IAAI,mBAAmB,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC;CAC7F,CAAC","sourcesContent":["import { spawn } from \"child_process\";\nimport type {\n  ExecOptions,\n  ExecResult,\n  Executor,\n  FirecrackerSandboxConfig,\n  RuntimePathContext,\n  SandboxAdapter,\n} from \"./types.js\";\nimport { SandboxError } from \"./errors.js\";\nimport { HostExecutor } from \"./host.js\";\nimport { execSimple, killProcessTree, shellEscape } from \"./utils.js\";\n\nexport function parseFirecrackerSandboxArg(value: string): FirecrackerSandboxConfig | undefined {\n  if (!value.startsWith(\"firecracker:\")) {\n    return undefined;\n  }\n\n  const arg = value.slice(\"firecracker:\".length);\n  // Format: firecracker:<vm-id>:<host-path>[:<ssh-user>[:<ssh-port>]]\n  // Example: firecracker:vm1:/home/user/workspace\n  //          firecracker:vm1:/home/user/workspace:root\n  //          firecracker:vm1:/home/user/workspace:root:22\n  const parts = arg.split(\":\");\n  if (parts.length < 2) {\n    throw new SandboxError(\n      \"Error: firecracker sandbox requires vm-id and host-path\\n\" +\n        \"Usage: firecracker:<vm-id>:<host-path>[:<ssh-user>[:<ssh-port>]]\\n\" +\n        \"Example: firecracker:vm1:/home/user/workspace\",\n    );\n  }\n  const vmId = parts[0];\n  const hostPath = parts[1];\n  const sshUser = parts[2] || \"root\";\n  const sshPort = parts[3] ? parseInt(parts[3], 10) : 22;\n\n  if (!vmId || !hostPath) {\n    throw new SandboxError(\"Error: firecracker sandbox requires vm-id and host-path\");\n  }\n  if (isNaN(sshPort) || sshPort <= 0 || sshPort > 65535) {\n    throw new SandboxError(\"Error: invalid SSH port\");\n  }\n  return { type: \"firecracker\", vmId, hostPath, sshUser, sshPort };\n}\n\nexport async function validateFirecrackerSandbox(config: FirecrackerSandboxConfig): Promise<void> {\n  // Check if fc-agent or firecracker CLI is available\n  try {\n    await execSimple(\"fc-agent\", [\"--version\"]);\n  } catch {\n    // Try alternative: firecracker\n    try {\n      await execSimple(\"firecracker\", [\"--version\"]);\n    } catch {\n      throw new SandboxError(\n        \"Error: Firecracker tools (fc-agent or firecracker) not found in PATH\",\n        [\"Install firecracker: https://github.com/firecracker-microvm/firecracker\"],\n      );\n    }\n  }\n\n  // Check if VM is running using fc-agent\n  try {\n    const result = await execSimple(\"fc-agent\", [\"status\", config.vmId]);\n    if (!result.includes(\"running\") && !result.includes(\"Running\")) {\n      throw new SandboxError(`Error: Firecracker VM '${config.vmId}' is not running.`, [\n        `Start it with: fc-agent start ${config.vmId}`,\n      ]);\n    }\n  } catch (error) {\n    if (error instanceof SandboxError) {\n      throw error;\n    }\n    // Try alternative: firecracker-ctl or direct check\n    try {\n      await execSimple(\"firecracker-ctl\", [\"status\", config.vmId]);\n    } catch {\n      console.error(`Warning: Could not verify if VM '${config.vmId}' is running.`);\n      console.error(\"Make sure the VM is started before running mama.\");\n    }\n  }\n\n  // Verify host path exists\n  try {\n    await execSimple(\"ls\", [\"-d\", config.hostPath]);\n  } catch {\n    throw new SandboxError(`Error: Host path '${config.hostPath}' does not exist.`);\n  }\n\n  console.log(`  Firecracker VM '${config.vmId}' configured with workspace '${config.hostPath}'.`);\n}\n\nexport class FirecrackerExecutor implements Executor {\n  constructor(\n    private vmId: string,\n    private hostPath: string,\n    private sshUser: string = \"root\",\n    private sshPort: number = 22,\n    private env?: Record<string, string>,\n  ) {}\n\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    if (!this.env || Object.keys(this.env).length === 0) {\n      const sshCmd =\n        this.sshPort === 22\n          ? `ssh -o StrictHostKeyChecking=no -o ConnectTimeout=10 ${this.sshUser}@${this.vmId} sh -c ${shellEscape(command)}`\n          : `ssh -o StrictHostKeyChecking=no -o ConnectTimeout=10 -p ${this.sshPort} ${this.sshUser}@${this.vmId} sh -c ${shellEscape(command)}`;\n      const hostExecutor = new HostExecutor();\n      return hostExecutor.exec(sshCmd, options);\n    }\n\n    return new Promise((resolve, reject) => {\n      const sshArgs = [\"-o\", \"StrictHostKeyChecking=no\", \"-o\", \"ConnectTimeout=10\"];\n      if (this.sshPort !== 22) {\n        sshArgs.push(\"-p\", String(this.sshPort));\n      }\n      sshArgs.push(`${this.sshUser}@${this.vmId}`, \"sh\", \"-se\");\n\n      const child = spawn(\"ssh\", sshArgs, {\n        detached: true,\n        stdio: [\"pipe\", \"pipe\", \"pipe\"],\n      });\n\n      let stdout = \"\";\n      let stderr = \"\";\n      let timedOut = false;\n      let settled = false;\n\n      const timeoutHandle =\n        options?.timeout && options.timeout > 0\n          ? setTimeout(() => {\n              timedOut = true;\n              if (child.pid) killProcessTree(child.pid);\n            }, options.timeout * 1000)\n          : undefined;\n\n      const onAbort = () => {\n        if (child.pid) killProcessTree(child.pid);\n      };\n\n      if (options?.signal) {\n        if (options.signal.aborted) {\n          onAbort();\n        } else {\n          options.signal.addEventListener(\"abort\", onAbort, { once: true });\n        }\n      }\n\n      child.on(\"error\", (error) => {\n        if (settled) return;\n        settled = true;\n        if (timeoutHandle) clearTimeout(timeoutHandle);\n        if (options?.signal) {\n          options.signal.removeEventListener(\"abort\", onAbort);\n        }\n        reject(error);\n      });\n\n      child.stdout?.on(\"data\", (data) => {\n        stdout += data.toString();\n        if (stdout.length > 10 * 1024 * 1024) {\n          stdout = stdout.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.stderr?.on(\"data\", (data) => {\n        stderr += data.toString();\n        if (stderr.length > 10 * 1024 * 1024) {\n          stderr = stderr.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.stdin?.on(\"error\", (error) => {\n        stderr += `${error.message}\\n`;\n      });\n      child.stdin?.end(buildRemoteScript(command, this.env));\n\n      child.on(\"close\", (code) => {\n        if (settled) return;\n        settled = true;\n        if (timeoutHandle) clearTimeout(timeoutHandle);\n        if (options?.signal) {\n          options.signal.removeEventListener(\"abort\", onAbort);\n        }\n\n        if (options?.signal?.aborted) {\n          reject(new Error(`${stdout}\\n${stderr}\\nCommand aborted`.trim()));\n          return;\n        }\n\n        if (timedOut) {\n          reject(\n            new Error(\n              `${stdout}\\n${stderr}\\nCommand timed out after ${options?.timeout} seconds`.trim(),\n            ),\n          );\n          return;\n        }\n\n        resolve({ stdout, stderr, code: code ?? 0 });\n      });\n    });\n  }\n\n  getWorkspacePath(_hostPath: string): string {\n    return \"/workspace\";\n  }\n\n  getPathContext(hostWorkspaceRoot: string): RuntimePathContext {\n    return {\n      hostWorkspaceRoot,\n      runtimeWorkspaceRoot: \"/workspace\",\n    };\n  }\n\n  getSandboxConfig(): FirecrackerSandboxConfig {\n    return {\n      type: \"firecracker\",\n      vmId: this.vmId,\n      hostPath: this.hostPath,\n      sshUser: this.sshUser,\n      sshPort: this.sshPort,\n    };\n  }\n}\n\nfunction buildRemoteScript(command: string, env?: Record<string, string>): string {\n  const exports = env\n    ? Object.entries(env)\n        .map(([key, value]) => {\n          if (!/^[A-Za-z_][A-Za-z0-9_]*$/.test(key)) {\n            throw new SandboxError(`Invalid environment variable name for firecracker: ${key}`);\n          }\n          return `export ${key}=${shellEscape(value)}`;\n        })\n        .join(\"\\n\") + \"\\n\"\n    : \"\";\n  return `${exports}${command}\\n`;\n}\n\nexport const firecrackerSandboxAdapter: SandboxAdapter<FirecrackerSandboxConfig> = {\n  type: \"firecracker\",\n  parse: parseFirecrackerSandboxArg,\n  validate: validateFirecrackerSandbox,\n  createExecutor: (config, env) =>\n    new FirecrackerExecutor(config.vmId, config.hostPath, config.sshUser, config.sshPort, env),\n};\n"]}

package/dist/sandbox/host.d.ts

@@ -1,9 +1,10 @@
-import type { ExecOptions, ExecResult, Executor, HostSandboxConfig, SandboxAdapter } from "./types.js";
+import type { ExecOptions, ExecResult, Executor, HostSandboxConfig, RuntimePathContext, SandboxAdapter } from "./types.js";
 export declare function parseHostSandboxArg(value: string): HostSandboxConfig | undefined;
 export declare function validateHostSandbox(_config: HostSandboxConfig): Promise<void>;
 export declare class HostExecutor implements Executor {
     exec(command: string, options?: ExecOptions): Promise<ExecResult>;
     getWorkspacePath(hostPath: string): string;
+    getPathContext(hostWorkspaceRoot: string): RuntimePathContext;
     getSandboxConfig(): HostSandboxConfig;
 }
 export declare const hostSandboxAdapter: SandboxAdapter<HostSandboxConfig>;

package/dist/sandbox/host.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"host.d.ts","sourceRoot":"","sources":["../../src/sandbox/host.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,WAAW,EACX,UAAU,EACV,QAAQ,EACR,iBAAiB,EACjB,cAAc,EACf,MAAM,YAAY,CAAC;AAGpB,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,iBAAiB,GAAG,SAAS,CAKhF;AAED,wBAAsB,mBAAmB,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,CAEnF;AAED,qBAAa,YAAa,YAAW,QAAQ;IACrC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAuEtE;IAED,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAEzC;IAED,gBAAgB,IAAI,iBAAiB,CAEpC;CACF;AAED,eAAO,MAAM,kBAAkB,EAAE,cAAc,CAAC,iBAAiB,CAKhE,CAAC","sourcesContent":["import { spawn } from \"child_process\";\nimport type {\n  ExecOptions,\n  ExecResult,\n  Executor,\n  HostSandboxConfig,\n  SandboxAdapter,\n} from \"./types.js\";\nimport { killProcessTree } from \"./utils.js\";\n\nexport function parseHostSandboxArg(value: string): HostSandboxConfig | undefined {\n  if (value === \"host\") {\n    return { type: \"host\" };\n  }\n  return undefined;\n}\n\nexport async function validateHostSandbox(_config: HostSandboxConfig): Promise<void> {\n  return;\n}\n\nexport class HostExecutor implements Executor {\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    return new Promise((resolve, reject) => {\n      const shell = process.platform === \"win32\" ? \"cmd\" : \"sh\";\n      const shellArgs = process.platform === \"win32\" ? [\"/c\"] : [\"-c\"];\n\n      const child = spawn(shell, [...shellArgs, command], {\n        detached: true,\n        stdio: [\"ignore\", \"pipe\", \"pipe\"],\n      });\n\n      let stdout = \"\";\n      let stderr = \"\";\n      let timedOut = false;\n\n      const timeoutHandle =\n        options?.timeout && options.timeout > 0\n          ? setTimeout(() => {\n              timedOut = true;\n              killProcessTree(child.pid!);\n            }, options.timeout * 1000)\n          : undefined;\n\n      const onAbort = () => {\n        if (child.pid) killProcessTree(child.pid);\n      };\n\n      if (options?.signal) {\n        if (options.signal.aborted) {\n          onAbort();\n        } else {\n          options.signal.addEventListener(\"abort\", onAbort, { once: true });\n        }\n      }\n\n      child.stdout?.on(\"data\", (data) => {\n        stdout += data.toString();\n        if (stdout.length > 10 * 1024 * 1024) {\n          stdout = stdout.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.stderr?.on(\"data\", (data) => {\n        stderr += data.toString();\n        if (stderr.length > 10 * 1024 * 1024) {\n          stderr = stderr.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.on(\"close\", (code) => {\n        if (timeoutHandle) clearTimeout(timeoutHandle);\n        if (options?.signal) {\n          options.signal.removeEventListener(\"abort\", onAbort);\n        }\n\n        if (options?.signal?.aborted) {\n          reject(new Error(`${stdout}\\n${stderr}\\nCommand aborted`.trim()));\n          return;\n        }\n\n        if (timedOut) {\n          reject(\n            new Error(\n              `${stdout}\\n${stderr}\\nCommand timed out after ${options?.timeout} seconds`.trim(),\n            ),\n          );\n          return;\n        }\n\n        resolve({ stdout, stderr, code: code ?? 0 });\n      });\n    });\n  }\n\n  getWorkspacePath(hostPath: string): string {\n    return hostPath;\n  }\n\n  getSandboxConfig(): HostSandboxConfig {\n    return { type: \"host\" };\n  }\n}\n\nexport const hostSandboxAdapter: SandboxAdapter<HostSandboxConfig> = {\n  type: \"host\",\n  parse: parseHostSandboxArg,\n  validate: validateHostSandbox,\n  createExecutor: () => new HostExecutor(),\n};\n"]}
+{"version":3,"file":"host.d.ts","sourceRoot":"","sources":["../../src/sandbox/host.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,WAAW,EACX,UAAU,EACV,QAAQ,EACR,iBAAiB,EACjB,kBAAkB,EAClB,cAAc,EACf,MAAM,YAAY,CAAC;AAIpB,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,iBAAiB,GAAG,SAAS,CAKhF;AAED,wBAAsB,mBAAmB,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,CAEnF;AAED,qBAAa,YAAa,YAAW,QAAQ;IACrC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAuEtE;IAED,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAEzC;IAED,cAAc,CAAC,iBAAiB,EAAE,MAAM,GAAG,kBAAkB,CAE5D;IAED,gBAAgB,IAAI,iBAAiB,CAEpC;CACF;AAED,eAAO,MAAM,kBAAkB,EAAE,cAAc,CAAC,iBAAiB,CAKhE,CAAC","sourcesContent":["import { spawn } from \"child_process\";\nimport type {\n  ExecOptions,\n  ExecResult,\n  Executor,\n  HostSandboxConfig,\n  RuntimePathContext,\n  SandboxAdapter,\n} from \"./types.js\";\nimport { killProcessTree } from \"./utils.js\";\nimport { createMountedRuntimePathContext } from \"./path-context.js\";\n\nexport function parseHostSandboxArg(value: string): HostSandboxConfig | undefined {\n  if (value === \"host\") {\n    return { type: \"host\" };\n  }\n  return undefined;\n}\n\nexport async function validateHostSandbox(_config: HostSandboxConfig): Promise<void> {\n  return;\n}\n\nexport class HostExecutor implements Executor {\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    return new Promise((resolve, reject) => {\n      const shell = process.platform === \"win32\" ? \"cmd\" : \"sh\";\n      const shellArgs = process.platform === \"win32\" ? [\"/c\"] : [\"-c\"];\n\n      const child = spawn(shell, [...shellArgs, command], {\n        detached: true,\n        stdio: [\"ignore\", \"pipe\", \"pipe\"],\n      });\n\n      let stdout = \"\";\n      let stderr = \"\";\n      let timedOut = false;\n\n      const timeoutHandle =\n        options?.timeout && options.timeout > 0\n          ? setTimeout(() => {\n              timedOut = true;\n              killProcessTree(child.pid!);\n            }, options.timeout * 1000)\n          : undefined;\n\n      const onAbort = () => {\n        if (child.pid) killProcessTree(child.pid);\n      };\n\n      if (options?.signal) {\n        if (options.signal.aborted) {\n          onAbort();\n        } else {\n          options.signal.addEventListener(\"abort\", onAbort, { once: true });\n        }\n      }\n\n      child.stdout?.on(\"data\", (data) => {\n        stdout += data.toString();\n        if (stdout.length > 10 * 1024 * 1024) {\n          stdout = stdout.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.stderr?.on(\"data\", (data) => {\n        stderr += data.toString();\n        if (stderr.length > 10 * 1024 * 1024) {\n          stderr = stderr.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.on(\"close\", (code) => {\n        if (timeoutHandle) clearTimeout(timeoutHandle);\n        if (options?.signal) {\n          options.signal.removeEventListener(\"abort\", onAbort);\n        }\n\n        if (options?.signal?.aborted) {\n          reject(new Error(`${stdout}\\n${stderr}\\nCommand aborted`.trim()));\n          return;\n        }\n\n        if (timedOut) {\n          reject(\n            new Error(\n              `${stdout}\\n${stderr}\\nCommand timed out after ${options?.timeout} seconds`.trim(),\n            ),\n          );\n          return;\n        }\n\n        resolve({ stdout, stderr, code: code ?? 0 });\n      });\n    });\n  }\n\n  getWorkspacePath(hostPath: string): string {\n    return hostPath;\n  }\n\n  getPathContext(hostWorkspaceRoot: string): RuntimePathContext {\n    return createMountedRuntimePathContext(hostWorkspaceRoot, hostWorkspaceRoot);\n  }\n\n  getSandboxConfig(): HostSandboxConfig {\n    return { type: \"host\" };\n  }\n}\n\nexport const hostSandboxAdapter: SandboxAdapter<HostSandboxConfig> = {\n  type: \"host\",\n  parse: parseHostSandboxArg,\n  validate: validateHostSandbox,\n  createExecutor: () => new HostExecutor(),\n};\n"]}

package/dist/sandbox/host.js

@@ -1,5 +1,6 @@
 import { spawn } from "child_process";
 import { killProcessTree } from "./utils.js";
+import { createMountedRuntimePathContext } from "./path-context.js";
 export function parseHostSandboxArg(value) {
     if (value === "host") {
         return { type: "host" };
@@ -72,6 +73,9 @@ export class HostExecutor {
     getWorkspacePath(hostPath) {
         return hostPath;
     }
+    getPathContext(hostWorkspaceRoot) {
+        return createMountedRuntimePathContext(hostWorkspaceRoot, hostWorkspaceRoot);
+    }
     getSandboxConfig() {
         return { type: "host" };
     }

package/dist/sandbox/host.js.map

@@ -1 +1 @@
-{"version":3,"file":"host.js","sourceRoot":"","sources":["../../src/sandbox/host.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAQtC,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAE7C,MAAM,UAAU,mBAAmB,CAAC,KAAa;IAC/C,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;QACrB,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAC1B,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,OAA0B;IAClE,OAAO;AACT,CAAC;AAED,MAAM,OAAO,YAAY;IACvB,KAAK,CAAC,IAAI,CAAC,OAAe,EAAE,OAAqB;QAC/C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,KAAK,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;YAC1D,MAAM,SAAS,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAEjE,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC,GAAG,SAAS,EAAE,OAAO,CAAC,EAAE;gBAClD,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;aAClC,CAAC,CAAC;YAEH,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,QAAQ,GAAG,KAAK,CAAC;YAErB,MAAM,aAAa,GACjB,OAAO,EAAE,OAAO,IAAI,OAAO,CAAC,OAAO,GAAG,CAAC;gBACrC,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE;oBACd,QAAQ,GAAG,IAAI,CAAC;oBAChB,eAAe,CAAC,KAAK,CAAC,GAAI,CAAC,CAAC;gBAC9B,CAAC,EAAE,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;gBAC5B,CAAC,CAAC,SAAS,CAAC;YAEhB,MAAM,OAAO,GAAG,GAAG,EAAE;gBACnB,IAAI,KAAK,CAAC,GAAG;oBAAE,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5C,CAAC,CAAC;YAEF,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;gBACpB,IAAI,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;oBAC3B,OAAO,EAAE,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;gBACpE,CAAC;YACH,CAAC;YAED,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAChC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;oBACrC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;gBAC7C,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAChC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;oBACrC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;gBAC7C,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACzB,IAAI,aAAa;oBAAE,YAAY,CAAC,aAAa,CAAC,CAAC;gBAC/C,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;oBACpB,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBACvD,CAAC;gBAED,IAAI,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;oBAC7B,MAAM,CAAC,IAAI,KAAK,CAAC,GAAG,MAAM,KAAK,MAAM,mBAAmB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;oBAClE,OAAO;gBACT,CAAC;gBAED,IAAI,QAAQ,EAAE,CAAC;oBACb,MAAM,CACJ,IAAI,KAAK,CACP,GAAG,MAAM,KAAK,MAAM,6BAA6B,OAAO,EAAE,OAAO,UAAU,CAAC,IAAI,EAAE,CACnF,CACF,CAAC;oBACF,OAAO;gBACT,CAAC;gBAED,OAAO,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,CAAC;YAC/C,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED,gBAAgB,CAAC,QAAgB;QAC/B,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,gBAAgB;QACd,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAC1B,CAAC;CACF;AAED,MAAM,CAAC,MAAM,kBAAkB,GAAsC;IACnE,IAAI,EAAE,MAAM;IACZ,KAAK,EAAE,mBAAmB;IAC1B,QAAQ,EAAE,mBAAmB;IAC7B,cAAc,EAAE,GAAG,EAAE,CAAC,IAAI,YAAY,EAAE;CACzC,CAAC","sourcesContent":["import { spawn } from \"child_process\";\nimport type {\n  ExecOptions,\n  ExecResult,\n  Executor,\n  HostSandboxConfig,\n  SandboxAdapter,\n} from \"./types.js\";\nimport { killProcessTree } from \"./utils.js\";\n\nexport function parseHostSandboxArg(value: string): HostSandboxConfig | undefined {\n  if (value === \"host\") {\n    return { type: \"host\" };\n  }\n  return undefined;\n}\n\nexport async function validateHostSandbox(_config: HostSandboxConfig): Promise<void> {\n  return;\n}\n\nexport class HostExecutor implements Executor {\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    return new Promise((resolve, reject) => {\n      const shell = process.platform === \"win32\" ? \"cmd\" : \"sh\";\n      const shellArgs = process.platform === \"win32\" ? [\"/c\"] : [\"-c\"];\n\n      const child = spawn(shell, [...shellArgs, command], {\n        detached: true,\n        stdio: [\"ignore\", \"pipe\", \"pipe\"],\n      });\n\n      let stdout = \"\";\n      let stderr = \"\";\n      let timedOut = false;\n\n      const timeoutHandle =\n        options?.timeout && options.timeout > 0\n          ? setTimeout(() => {\n              timedOut = true;\n              killProcessTree(child.pid!);\n            }, options.timeout * 1000)\n          : undefined;\n\n      const onAbort = () => {\n        if (child.pid) killProcessTree(child.pid);\n      };\n\n      if (options?.signal) {\n        if (options.signal.aborted) {\n          onAbort();\n        } else {\n          options.signal.addEventListener(\"abort\", onAbort, { once: true });\n        }\n      }\n\n      child.stdout?.on(\"data\", (data) => {\n        stdout += data.toString();\n        if (stdout.length > 10 * 1024 * 1024) {\n          stdout = stdout.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.stderr?.on(\"data\", (data) => {\n        stderr += data.toString();\n        if (stderr.length > 10 * 1024 * 1024) {\n          stderr = stderr.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.on(\"close\", (code) => {\n        if (timeoutHandle) clearTimeout(timeoutHandle);\n        if (options?.signal) {\n          options.signal.removeEventListener(\"abort\", onAbort);\n        }\n\n        if (options?.signal?.aborted) {\n          reject(new Error(`${stdout}\\n${stderr}\\nCommand aborted`.trim()));\n          return;\n        }\n\n        if (timedOut) {\n          reject(\n            new Error(\n              `${stdout}\\n${stderr}\\nCommand timed out after ${options?.timeout} seconds`.trim(),\n            ),\n          );\n          return;\n        }\n\n        resolve({ stdout, stderr, code: code ?? 0 });\n      });\n    });\n  }\n\n  getWorkspacePath(hostPath: string): string {\n    return hostPath;\n  }\n\n  getSandboxConfig(): HostSandboxConfig {\n    return { type: \"host\" };\n  }\n}\n\nexport const hostSandboxAdapter: SandboxAdapter<HostSandboxConfig> = {\n  type: \"host\",\n  parse: parseHostSandboxArg,\n  validate: validateHostSandbox,\n  createExecutor: () => new HostExecutor(),\n};\n"]}
+{"version":3,"file":"host.js","sourceRoot":"","sources":["../../src/sandbox/host.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAStC,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,EAAE,+BAA+B,EAAE,MAAM,mBAAmB,CAAC;AAEpE,MAAM,UAAU,mBAAmB,CAAC,KAAa;IAC/C,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;QACrB,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAC1B,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,OAA0B;IAClE,OAAO;AACT,CAAC;AAED,MAAM,OAAO,YAAY;IACvB,KAAK,CAAC,IAAI,CAAC,OAAe,EAAE,OAAqB;QAC/C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,KAAK,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;YAC1D,MAAM,SAAS,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAEjE,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC,GAAG,SAAS,EAAE,OAAO,CAAC,EAAE;gBAClD,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;aAClC,CAAC,CAAC;YAEH,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,QAAQ,GAAG,KAAK,CAAC;YAErB,MAAM,aAAa,GACjB,OAAO,EAAE,OAAO,IAAI,OAAO,CAAC,OAAO,GAAG,CAAC;gBACrC,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE;oBACd,QAAQ,GAAG,IAAI,CAAC;oBAChB,eAAe,CAAC,KAAK,CAAC,GAAI,CAAC,CAAC;gBAC9B,CAAC,EAAE,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;gBAC5B,CAAC,CAAC,SAAS,CAAC;YAEhB,MAAM,OAAO,GAAG,GAAG,EAAE;gBACnB,IAAI,KAAK,CAAC,GAAG;oBAAE,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5C,CAAC,CAAC;YAEF,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;gBACpB,IAAI,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;oBAC3B,OAAO,EAAE,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;gBACpE,CAAC;YACH,CAAC;YAED,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAChC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;oBACrC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;gBAC7C,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAChC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;oBACrC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;gBAC7C,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACzB,IAAI,aAAa;oBAAE,YAAY,CAAC,aAAa,CAAC,CAAC;gBAC/C,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;oBACpB,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBACvD,CAAC;gBAED,IAAI,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;oBAC7B,MAAM,CAAC,IAAI,KAAK,CAAC,GAAG,MAAM,KAAK,MAAM,mBAAmB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;oBAClE,OAAO;gBACT,CAAC;gBAED,IAAI,QAAQ,EAAE,CAAC;oBACb,MAAM,CACJ,IAAI,KAAK,CACP,GAAG,MAAM,KAAK,MAAM,6BAA6B,OAAO,EAAE,OAAO,UAAU,CAAC,IAAI,EAAE,CACnF,CACF,CAAC;oBACF,OAAO;gBACT,CAAC;gBAED,OAAO,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,CAAC;YAC/C,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED,gBAAgB,CAAC,QAAgB;QAC/B,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,cAAc,CAAC,iBAAyB;QACtC,OAAO,+BAA+B,CAAC,iBAAiB,EAAE,iBAAiB,CAAC,CAAC;IAC/E,CAAC;IAED,gBAAgB;QACd,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAC1B,CAAC;CACF;AAED,MAAM,CAAC,MAAM,kBAAkB,GAAsC;IACnE,IAAI,EAAE,MAAM;IACZ,KAAK,EAAE,mBAAmB;IAC1B,QAAQ,EAAE,mBAAmB;IAC7B,cAAc,EAAE,GAAG,EAAE,CAAC,IAAI,YAAY,EAAE;CACzC,CAAC","sourcesContent":["import { spawn } from \"child_process\";\nimport type {\n  ExecOptions,\n  ExecResult,\n  Executor,\n  HostSandboxConfig,\n  RuntimePathContext,\n  SandboxAdapter,\n} from \"./types.js\";\nimport { killProcessTree } from \"./utils.js\";\nimport { createMountedRuntimePathContext } from \"./path-context.js\";\n\nexport function parseHostSandboxArg(value: string): HostSandboxConfig | undefined {\n  if (value === \"host\") {\n    return { type: \"host\" };\n  }\n  return undefined;\n}\n\nexport async function validateHostSandbox(_config: HostSandboxConfig): Promise<void> {\n  return;\n}\n\nexport class HostExecutor implements Executor {\n  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {\n    return new Promise((resolve, reject) => {\n      const shell = process.platform === \"win32\" ? \"cmd\" : \"sh\";\n      const shellArgs = process.platform === \"win32\" ? [\"/c\"] : [\"-c\"];\n\n      const child = spawn(shell, [...shellArgs, command], {\n        detached: true,\n        stdio: [\"ignore\", \"pipe\", \"pipe\"],\n      });\n\n      let stdout = \"\";\n      let stderr = \"\";\n      let timedOut = false;\n\n      const timeoutHandle =\n        options?.timeout && options.timeout > 0\n          ? setTimeout(() => {\n              timedOut = true;\n              killProcessTree(child.pid!);\n            }, options.timeout * 1000)\n          : undefined;\n\n      const onAbort = () => {\n        if (child.pid) killProcessTree(child.pid);\n      };\n\n      if (options?.signal) {\n        if (options.signal.aborted) {\n          onAbort();\n        } else {\n          options.signal.addEventListener(\"abort\", onAbort, { once: true });\n        }\n      }\n\n      child.stdout?.on(\"data\", (data) => {\n        stdout += data.toString();\n        if (stdout.length > 10 * 1024 * 1024) {\n          stdout = stdout.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.stderr?.on(\"data\", (data) => {\n        stderr += data.toString();\n        if (stderr.length > 10 * 1024 * 1024) {\n          stderr = stderr.slice(0, 10 * 1024 * 1024);\n        }\n      });\n\n      child.on(\"close\", (code) => {\n        if (timeoutHandle) clearTimeout(timeoutHandle);\n        if (options?.signal) {\n          options.signal.removeEventListener(\"abort\", onAbort);\n        }\n\n        if (options?.signal?.aborted) {\n          reject(new Error(`${stdout}\\n${stderr}\\nCommand aborted`.trim()));\n          return;\n        }\n\n        if (timedOut) {\n          reject(\n            new Error(\n              `${stdout}\\n${stderr}\\nCommand timed out after ${options?.timeout} seconds`.trim(),\n            ),\n          );\n          return;\n        }\n\n        resolve({ stdout, stderr, code: code ?? 0 });\n      });\n    });\n  }\n\n  getWorkspacePath(hostPath: string): string {\n    return hostPath;\n  }\n\n  getPathContext(hostWorkspaceRoot: string): RuntimePathContext {\n    return createMountedRuntimePathContext(hostWorkspaceRoot, hostWorkspaceRoot);\n  }\n\n  getSandboxConfig(): HostSandboxConfig {\n    return { type: \"host\" };\n  }\n}\n\nexport const hostSandboxAdapter: SandboxAdapter<HostSandboxConfig> = {\n  type: \"host\",\n  parse: parseHostSandboxArg,\n  validate: validateHostSandbox,\n  createExecutor: () => new HostExecutor(),\n};\n"]}