@geminixiang/mama 0.2.0-beta.4 → 0.2.0-beta.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (122) hide show
  1. package/README.md +100 -421
  2. package/dist/adapter.d.ts +9 -0
  3. package/dist/adapter.d.ts.map +1 -1
  4. package/dist/adapter.js.map +1 -1
  5. package/dist/adapters/discord/bot.d.ts +1 -0
  6. package/dist/adapters/discord/bot.d.ts.map +1 -1
  7. package/dist/adapters/discord/bot.js +4 -1
  8. package/dist/adapters/discord/bot.js.map +1 -1
  9. package/dist/adapters/discord/context.d.ts.map +1 -1
  10. package/dist/adapters/discord/context.js +9 -2
  11. package/dist/adapters/discord/context.js.map +1 -1
  12. package/dist/adapters/slack/bot.d.ts +1 -0
  13. package/dist/adapters/slack/bot.d.ts.map +1 -1
  14. package/dist/adapters/slack/bot.js +9 -3
  15. package/dist/adapters/slack/bot.js.map +1 -1
  16. package/dist/adapters/slack/context.d.ts.map +1 -1
  17. package/dist/adapters/slack/context.js +13 -3
  18. package/dist/adapters/slack/context.js.map +1 -1
  19. package/dist/adapters/telegram/context.d.ts.map +1 -1
  20. package/dist/adapters/telegram/context.js +9 -2
  21. package/dist/adapters/telegram/context.js.map +1 -1
  22. package/dist/agent.d.ts.map +1 -1
  23. package/dist/agent.js +13 -5
  24. package/dist/agent.js.map +1 -1
  25. package/dist/bindings.d.ts +2 -1
  26. package/dist/bindings.d.ts.map +1 -1
  27. package/dist/bindings.js.map +1 -1
  28. package/dist/commands/index.d.ts +5 -0
  29. package/dist/commands/index.d.ts.map +1 -0
  30. package/dist/commands/index.js +8 -0
  31. package/dist/commands/index.js.map +1 -0
  32. package/dist/commands/login.d.ts +5 -0
  33. package/dist/commands/login.d.ts.map +1 -0
  34. package/dist/commands/login.js +37 -0
  35. package/dist/commands/login.js.map +1 -0
  36. package/dist/commands/registry.d.ts +7 -0
  37. package/dist/commands/registry.d.ts.map +1 -0
  38. package/dist/commands/registry.js +14 -0
  39. package/dist/commands/registry.js.map +1 -0
  40. package/dist/commands/session-view.d.ts +5 -0
  41. package/dist/commands/session-view.d.ts.map +1 -0
  42. package/dist/commands/session-view.js +38 -0
  43. package/dist/commands/session-view.js.map +1 -0
  44. package/dist/commands/types.d.ts +41 -0
  45. package/dist/commands/types.d.ts.map +1 -0
  46. package/dist/commands/types.js +2 -0
  47. package/dist/commands/types.js.map +1 -0
  48. package/dist/commands/utils.d.ts +5 -0
  49. package/dist/commands/utils.d.ts.map +1 -0
  50. package/dist/commands/utils.js +9 -0
  51. package/dist/commands/utils.js.map +1 -0
  52. package/dist/config.d.ts +4 -4
  53. package/dist/config.d.ts.map +1 -1
  54. package/dist/config.js +34 -40
  55. package/dist/config.js.map +1 -1
  56. package/dist/context.d.ts.map +1 -1
  57. package/dist/context.js +74 -68
  58. package/dist/context.js.map +1 -1
  59. package/dist/execution-resolver.d.ts +6 -3
  60. package/dist/execution-resolver.d.ts.map +1 -1
  61. package/dist/execution-resolver.js +47 -14
  62. package/dist/execution-resolver.js.map +1 -1
  63. package/dist/index.d.ts +7 -0
  64. package/dist/index.d.ts.map +1 -0
  65. package/dist/index.js +4 -0
  66. package/dist/index.js.map +1 -0
  67. package/dist/instrument.d.ts.map +1 -1
  68. package/dist/instrument.js +2 -3
  69. package/dist/instrument.js.map +1 -1
  70. package/dist/login/index.d.ts.map +1 -1
  71. package/dist/login/index.js +19 -8
  72. package/dist/login/index.js.map +1 -1
  73. package/dist/login/portal.d.ts.map +1 -1
  74. package/dist/login/portal.js +7 -7
  75. package/dist/login/portal.js.map +1 -1
  76. package/dist/login/session.d.ts +3 -2
  77. package/dist/login/session.d.ts.map +1 -1
  78. package/dist/login/session.js.map +1 -1
  79. package/dist/main.d.ts.map +1 -1
  80. package/dist/main.js +62 -386
  81. package/dist/main.js.map +1 -1
  82. package/dist/provisioner.d.ts +11 -9
  83. package/dist/provisioner.d.ts.map +1 -1
  84. package/dist/provisioner.js +125 -87
  85. package/dist/provisioner.js.map +1 -1
  86. package/dist/runtime/index.d.ts +2 -0
  87. package/dist/runtime/index.d.ts.map +1 -0
  88. package/dist/runtime/index.js +2 -0
  89. package/dist/runtime/index.js.map +1 -0
  90. package/dist/runtime/session-runtime.d.ts +26 -0
  91. package/dist/runtime/session-runtime.d.ts.map +1 -0
  92. package/dist/runtime/session-runtime.js +285 -0
  93. package/dist/runtime/session-runtime.js.map +1 -0
  94. package/dist/sandbox/cloudflare.d.ts +14 -0
  95. package/dist/sandbox/cloudflare.d.ts.map +1 -0
  96. package/dist/sandbox/cloudflare.js +131 -0
  97. package/dist/sandbox/cloudflare.js.map +1 -0
  98. package/dist/sandbox/index.d.ts +6 -4
  99. package/dist/sandbox/index.d.ts.map +1 -1
  100. package/dist/sandbox/index.js +6 -3
  101. package/dist/sandbox/index.js.map +1 -1
  102. package/dist/sandbox/types.d.ts +5 -1
  103. package/dist/sandbox/types.d.ts.map +1 -1
  104. package/dist/sandbox/types.js.map +1 -1
  105. package/dist/session-view/portal.d.ts.map +1 -1
  106. package/dist/session-view/portal.js +10 -1
  107. package/dist/session-view/portal.js.map +1 -1
  108. package/dist/session-view/service.d.ts.map +1 -1
  109. package/dist/session-view/service.js +36 -26
  110. package/dist/session-view/service.js.map +1 -1
  111. package/dist/session-view/store.d.ts +3 -2
  112. package/dist/session-view/store.d.ts.map +1 -1
  113. package/dist/session-view/store.js.map +1 -1
  114. package/dist/vault-routing.d.ts +3 -5
  115. package/dist/vault-routing.d.ts.map +1 -1
  116. package/dist/vault-routing.js +8 -20
  117. package/dist/vault-routing.js.map +1 -1
  118. package/dist/vault.d.ts +7 -5
  119. package/dist/vault.d.ts.map +1 -1
  120. package/dist/vault.js +101 -50
  121. package/dist/vault.js.map +1 -1
  122. package/package.json +1 -2
package/dist/context.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"context.js","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,EAGL,eAAe,GAChB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAChC,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAc5B;;GAEG;AACH,MAAM,iBAAiB,GAAG,EAAE,CAAC;AAgC7B;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,cAA8B,EAC9B,eAAuB,EACvB,cAAuB,EACvB,SAAqB,EACrB,YAA2B;IAE3B,8DAA8D;IAC9D,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,YAAY,GAAG,GAAG,GAAG,iBAAiB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACnE,MAAM,KAAK,GAAG,SAAS,IAAI,EAAE,KAAK,EAAE,YAAY,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;IAC7D,MAAM,OAAO,GAAG,IAAI,CAAC,eAAe,EAAE,WAAW,CAAC,CAAC;IAEnD,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,CAAC,CAAC;IAEnC,wDAAwD;IACxD,gFAAgF;IAChF,+EAA+E;IAC/E,+EAA+E;IAC/E,8BAA8B;IAC9B,MAAM,gBAAgB,GAA6B,EAAE,CAAC;IACtD,MAAM,mBAAmB,GAAG,IAAI,GAAG,EAAU,CAAC;IAC9C,KAAK,MAAM,KAAK,IAAI,cAAc,CAAC,UAAU,EAAE,EAAE,CAAC;QAChD,IAAI,KAAK,CAAC,IAAI,KAAK,SAAS;YAAE,SAAS;QACvC,MAAM,QAAQ,GAAG,KAA4B,CAAC;QAC9C,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAkB,CAAC;QAC5C,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC;YAChD,CAAC,CAAC,OAAO,CAAC,OAAO;iBACZ,MAAM,CAAC,CAAC,IAAI,EAA0C,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC;iBAC9E,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;iBACxB,IAAI,CAAC,MAAM,CAAC;YACjB,CAAC,CAAC,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ;gBACnC,CAAC,CAAC,OAAO,CAAC,OAAO;gBACjB,CAAC,CAAC,EAAE,CAAC;QACT,gBAAgB,CAAC,IAAI,CAAC;YACpB,SAAS,EAAE,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;YAChF,OAAO,EAAE,WAAW;YACpB,cAAc,EAAE,2BAA2B,CAAC,WAAW,CAAC;SACzD,CAAC,CAAC;QACH,IAAI,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;YAC1C,mBAAmB,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,SAAS,IAAI,WAAW,EAAE,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IAED,uDAAuD;IACvD,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAE/D,MAAM,WAAW,GAAuD,EAAE,CAAC;IAE3E,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,IAAI,CAAC;YACH,MAAM,MAAM,GAA2B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAExD,MAAM,OAAO,GAAG,MAAM,CAAC,EAAE,CAAC;YAC1B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACzB,IAAI,CAAC,OAAO,IAAI,CAAC,IAAI;gBAAE,SAAS;YAEhC,wEAAwE;YACxE,IAAI,cAAc,IAAI,OAAO,KAAK,cAAc;gBAAE,SAAS;YAE3D,mFAAmF;YACnF,+EAA+E;YAC/E,0BAA0B;YAC1B,IAAI,CAAC,0BAA0B,CAAC,OAAO,EAAE,cAAc,CAAC;gBAAE,SAAS;YAEnE,+CAA+C;YAC/C,IAAI,MAAM,CAAC,KAAK;gBAAE,SAAS;YAE3B,0EAA0E;YAC1E,IAAI,YAAY,EAAE,CAAC;gBACjB,IAAI,YAAY,CAAC,KAAK,KAAK,WAAW,EAAE,CAAC;oBACvC,uEAAuE;oBACvE,+DAA+D;oBAC/D,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;wBACpB,SAAS;oBACX,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;wBACpB,6EAA6E;wBAC7E,IACE,MAAM,CAAC,QAAQ,KAAK,YAAY,CAAC,QAAQ;4BACzC,MAAM,CAAC,QAAQ,KAAK,YAAY,CAAC,MAAM,EACvC,CAAC;4BACD,SAAS;wBACX,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,sEAAsE;wBACtE,IAAI,OAAO,KAAK,YAAY,CAAC,MAAM,EAAE,CAAC;4BACpC,SAAS;wBACX,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,uDAAuD;YACvD,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,eAAe,MAAM,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/E,MAAM,WAAW,GAAG,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,IAAI,IAAI,SAAS,IAAI,aAAa,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;YAE7G,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;YACvD,MAAM,UAAU,GAAG,GAAG,OAAO,IAAI,WAAW,EAAE,CAAC;YAC/C,IAAI,mBAAmB,CAAC,GAAG,CAAC,UAAU,CAAC;gBAAE,SAAS;YAClD,IAAI,yBAAyB,CAAC,gBAAgB,EAAE,OAAO,EAAE,WAAW,CAAC;gBAAE,SAAS;YAEhF,uCAAuC;YACvC,IAAI,OAAO,GAAG,KAAK,CAAC,KAAK,IAAI,OAAO,GAAG,KAAK,CAAC,GAAG;gBAAE,SAAS;YAE3D,MAAM,WAAW,GAAgB;gBAC/B,IAAI,EAAE,MAAM;gBACZ,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC;gBAC9C,SAAS,EAAE,OAAO;aACnB,CAAC;YAEF,WAAW,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;YAC/D,gBAAgB,CAAC,IAAI,CAAC;gBACpB,SAAS,EAAE,OAAO;gBAClB,OAAO,EAAE,WAAW;gBACpB,cAAc,EAAE,2BAA2B,CAAC,WAAW,CAAC;aACzD,CAAC,CAAC;YACH,mBAAmB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,6CAA6C;QACpF,CAAC;QAAC,MAAM,CAAC;YACP,uBAAuB;QACzB,CAAC;IACH,CAAC;IAED,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAEvC,uCAAuC;IACvC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC;IAEtD,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,WAAW,EAAE,CAAC;QACtC,cAAc,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;IACxC,CAAC;IAED,OAAO,WAAW,CAAC,MAAM,CAAC;AAC5B,CAAC;AAED,+EAA+E;AAC/E,4BAA4B;AAC5B,+EAA+E;AAE/E,gFAAgF;AAChF,yEAAyE;AACzE,iEAAiE;AACjE,MAAM,UAAU,yBAAyB,CAAC,aAAqB;IAC7D,OAAO,eAAe,CAAC,QAAQ,EAAE,CAAC;AACpC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,eAAuB,EACvB,SAAiB;IAEjB,MAAM,OAAO,GAAG,IAAI,CAAC,eAAe,EAAE,WAAW,CAAC,CAAC;IACnD,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,IAAI,CAAC;IAEtC,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAE/D,KAAK,IAAI,CAAC,GAAG,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC9C,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAA2B,CAAC;YAChE,IAAI,KAAK,CAAC,EAAE,KAAK,SAAS,EAAE,CAAC;gBAC3B,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,uBAAuB;QACzB,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,yBAAyB,CAAC,IAAY;IAC7C,OAAO,IAAI,CAAC,OAAO,CAAC,8DAA8D,EAAE,EAAE,CAAC,CAAC;AAC1F,CAAC;AAED,SAAS,2BAA2B,CAAC,IAAY;IAC/C,MAAM,gBAAgB,GAAG,IAAI,CAAC,OAAO,CACnC,iIAAiI,EACjI,EAAE,CACH,CAAC;IACF,OAAO,yBAAyB,CAAC,gBAAgB,CAAC,CAAC,IAAI,EAAE,CAAC;AAC5D,CAAC;AAED,SAAS,yBAAyB,CAChC,gBAA0C,EAC1C,SAAiB,EACjB,IAAY;IAEZ,MAAM,cAAc,GAAG,2BAA2B,CAAC,IAAI,CAAC,CAAC;IACzD,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;QACxC,IAAI,QAAQ,CAAC,SAAS,KAAK,SAAS,IAAI,QAAQ,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;YAClE,OAAO,IAAI,CAAC;QACd,CAAC;QACD,IAAI,QAAQ,CAAC,cAAc,KAAK,cAAc,IAAI,QAAQ,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;YACnF,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,QAAQ,CAAC,SAAS,IAAI,SAAS,CAAC;IACzC,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,0BAA0B,CAAC,SAAiB,EAAE,gBAAyB;IAC9E,IAAI,CAAC,gBAAgB;QAAE,OAAO,IAAI,CAAC;IACnC,MAAM,UAAU,GAAG,iBAAiB,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;IAClE,OAAO,UAAU,KAAK,IAAI,IAAI,UAAU,IAAI,CAAC,CAAC;AAChD,CAAC;AAED,SAAS,iBAAiB,CAAC,CAAS,EAAE,CAAS;IAC7C,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QACvB,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QACxB,OAAO,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACvB,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACxB,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACpD,OAAO,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAClD,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["/**\n * Context management for mama.\n *\n * Mama uses two data sources per conversation:\n * - sessions/*.jsonl: Structured session history for agent context\n * - log.jsonl: Human-readable conversation history for grep (no tool results)\n *\n * This module provides:\n * - syncLogToSessionManager: Syncs messages from log.jsonl to SessionManager\n * - createMamaSettingsManager: Creates an in-memory SettingsManager for AgentSession\n */\n\nimport type { Message, UserMessage } from \"@mariozechner/pi-ai\";\nimport {\n type SessionManager,\n type SessionMessageEntry,\n SettingsManager,\n} from \"@mariozechner/pi-coding-agent\";\nimport { existsSync } from \"fs\";\nimport { readFile } from \"fs/promises\";\nimport { join } from \"path\";\n\n// ============================================================================\n// Sync log.jsonl to SessionManager\n// ============================================================================\n\n/**\n * Time range for filtering log messages\n */\nexport interface TimeRange {\n start: number; // Unix timestamp in ms\n end: number;\n}\n\n/**\n * Default number of days to sync when no time range is specified\n */\nconst DEFAULT_SYNC_DAYS = 10;\n\nexport interface ConversationLogMessage {\n date?: string;\n ts?: string;\n threadTs?: string;\n user?: string;\n userName?: string;\n text?: string;\n isBot?: boolean;\n}\n\ninterface ExistingSessionMessage {\n timestamp?: number;\n rawText: string;\n normalizedText: string;\n}\n\n/**\n * Thread filter for scoping log sync to a specific thread session.\n * When provided, only messages belonging to this thread are synced,\n * preventing cross-thread context contamination.\n */\nexport interface ThreadFilter {\n /** Filter mode: a specific thread, or top-level messages only for persistent channel/chat sessions */\n scope?: \"thread\" | \"top-level\";\n /** The root message timestamp (user's original message ts, derived from sessionKey) */\n rootTs: string;\n /** The thread anchor timestamp (bot's first reply ts, used as thread_ts by Slack replies) */\n threadTs?: string;\n}\n\n/**\n * Sync user messages from log.jsonl to SessionManager.\n *\n * This ensures that messages logged while mama wasn't running (conversation chatter,\n * backfilled messages, messages while busy) are added to the LLM context.\n *\n * @param sessionManager - The SessionManager to sync to\n * @param conversationDir - Path to the conversation directory containing log.jsonl\n * @param excludeSlackTs - Current platform message ID/timestamp (will be added via prompt(), not sync)\n * @param timeRange - Optional time range to filter log entries (defaults to last 10 days)\n * @param threadFilter - Optional thread filter to scope sync to a specific thread\n * @returns Number of messages synced\n */\nexport async function syncLogToSessionManager(\n sessionManager: SessionManager,\n conversationDir: string,\n excludeSlackTs?: string,\n timeRange?: TimeRange,\n threadFilter?: ThreadFilter,\n): Promise<number> {\n // Calculate default time range (last 10 days) if not provided\n const now = Date.now();\n const defaultStart = now - DEFAULT_SYNC_DAYS * 24 * 60 * 60 * 1000;\n const range = timeRange ?? { start: defaultStart, end: now };\n const logFile = join(conversationDir, \"log.jsonl\");\n\n if (!existsSync(logFile)) return 0;\n\n // Build a list of existing session messages for dedupe.\n // Live user prompts carry a formatted timestamp in the text and use Date.now(),\n // while log.jsonl uses the platform event timestamp. We therefore need a small\n // fuzzy match window in addition to the exact timestamp/content match used for\n // already-synced log entries.\n const existingMessages: ExistingSessionMessage[] = [];\n const existingMessageKeys = new Set<string>();\n for (const entry of sessionManager.getEntries()) {\n if (entry.type !== \"message\") continue;\n const msgEntry = entry as SessionMessageEntry;\n const message = msgEntry.message as Message;\n const contentText = Array.isArray(message.content)\n ? message.content\n .filter((part): part is { type: \"text\"; text: string } => part.type === \"text\")\n .map((part) => part.text)\n .join(\"\\n\\n\")\n : typeof message.content === \"string\"\n ? message.content\n : \"\";\n existingMessages.push({\n timestamp: typeof message.timestamp === \"number\" ? message.timestamp : undefined,\n rawText: contentText,\n normalizedText: normalizeComparableUserText(contentText),\n });\n if (typeof message.timestamp === \"number\") {\n existingMessageKeys.add(`${message.timestamp}:${contentText}`);\n }\n }\n\n // Read log.jsonl and find user messages not in context\n const logContent = await readFile(logFile, \"utf-8\");\n const logLines = logContent.trim().split(\"\\n\").filter(Boolean);\n\n const newMessages: Array<{ timestamp: number; message: UserMessage }> = [];\n\n for (const line of logLines) {\n try {\n const logMsg: ConversationLogMessage = JSON.parse(line);\n\n const slackTs = logMsg.ts;\n const date = logMsg.date;\n if (!slackTs || !date) continue;\n\n // Skip the current message being processed (will be added via prompt())\n if (excludeSlackTs && slackTs === excludeSlackTs) continue;\n\n // While queued messages are being processed, newer messages may already be present\n // in log.jsonl. Do not look ahead into those future messages when building the\n // current turn's context.\n if (!isMessageAtOrBeforeCurrent(slackTs, excludeSlackTs)) continue;\n\n // Skip bot messages - added through agent flow\n if (logMsg.isBot) continue;\n\n // Thread filtering: only sync messages belonging to this session's thread\n if (threadFilter) {\n if (threadFilter.scope === \"top-level\") {\n // Persistent top-level sessions should only ingest top-level messages.\n // This avoids pulling in unrelated replies from other threads.\n if (logMsg.threadTs) {\n continue;\n }\n } else {\n if (logMsg.threadTs) {\n // Thread reply: only include if threadTs matches our thread anchor or rootTs\n if (\n logMsg.threadTs !== threadFilter.threadTs &&\n logMsg.threadTs !== threadFilter.rootTs\n ) {\n continue;\n }\n } else {\n // Top-level message: only include if it's this session's root message\n if (slackTs !== threadFilter.rootTs) {\n continue;\n }\n }\n }\n }\n\n // Build the message text as it would appear in context\n const threadContext = logMsg.threadTs ? ` [in-thread:${logMsg.threadTs}]` : \"\";\n const messageText = `[${logMsg.userName || logMsg.user || \"unknown\"}]${threadContext}: ${logMsg.text || \"\"}`;\n\n const msgTime = new Date(date).getTime() || Date.now();\n const messageKey = `${msgTime}:${messageText}`;\n if (existingMessageKeys.has(messageKey)) continue;\n if (hasExistingSessionMessage(existingMessages, msgTime, messageText)) continue;\n\n // Skip messages outside the time range\n if (msgTime < range.start || msgTime > range.end) continue;\n\n const userMessage: UserMessage = {\n role: \"user\",\n content: [{ type: \"text\", text: messageText }],\n timestamp: msgTime,\n };\n\n newMessages.push({ timestamp: msgTime, message: userMessage });\n existingMessages.push({\n timestamp: msgTime,\n rawText: messageText,\n normalizedText: normalizeComparableUserText(messageText),\n });\n existingMessageKeys.add(messageKey); // Track to avoid duplicates within this sync\n } catch {\n // Skip malformed lines\n }\n }\n\n if (newMessages.length === 0) return 0;\n\n // Sort by timestamp and add to session\n newMessages.sort((a, b) => a.timestamp - b.timestamp);\n\n for (const { message } of newMessages) {\n sessionManager.appendMessage(message);\n }\n\n return newMessages.length;\n}\n\n// ============================================================================\n// Settings manager for mama\n// ============================================================================\n\n// Mama manages model/provider config through its own config.ts / settings.json.\n// We use an in-memory SettingsManager so AgentSession has valid defaults\n// without interfering with coding-agent's global settings files.\nexport function createMamaSettingsManager(_workspaceDir: string): SettingsManager {\n return SettingsManager.inMemory();\n}\n\nexport async function findLogMessageById(\n conversationDir: string,\n messageId: string,\n): Promise<ConversationLogMessage | null> {\n const logFile = join(conversationDir, \"log.jsonl\");\n if (!existsSync(logFile)) return null;\n\n const logContent = await readFile(logFile, \"utf-8\");\n const logLines = logContent.trim().split(\"\\n\").filter(Boolean);\n\n for (let i = logLines.length - 1; i >= 0; i--) {\n try {\n const entry = JSON.parse(logLines[i]) as ConversationLogMessage;\n if (entry.ts === messageId) {\n return entry;\n }\n } catch {\n // Skip malformed lines\n }\n }\n\n return null;\n}\n\nfunction stripSlackAttachmentBlock(text: string): string {\n return text.replace(/\\n*<slack_attachments>\\n[\\s\\S]*?\\n<\\/slack_attachments>\\s*$/g, \"\");\n}\n\nfunction normalizeComparableUserText(text: string): string {\n const withoutTimestamp = text.replace(\n /^\\[[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}[+-][0-9]{2}:[0-9]{2}\\]\\s+(?=\\[[^\\]]+\\](?:\\s+\\[in-thread:[^\\]]+\\])?:\\s)/,\n \"\",\n );\n return stripSlackAttachmentBlock(withoutTimestamp).trim();\n}\n\nfunction hasExistingSessionMessage(\n existingMessages: ExistingSessionMessage[],\n timestamp: number,\n text: string,\n): boolean {\n const normalizedText = normalizeComparableUserText(text);\n return existingMessages.some((existing) => {\n if (existing.timestamp === timestamp && existing.rawText === text) {\n return true;\n }\n if (existing.normalizedText !== normalizedText || existing.timestamp === undefined) {\n return false;\n }\n return existing.timestamp >= timestamp;\n });\n}\n\nfunction isMessageAtOrBeforeCurrent(messageId: string, currentMessageId?: string): boolean {\n if (!currentMessageId) return true;\n const comparison = compareMessageIds(messageId, currentMessageId);\n return comparison === null || comparison <= 0;\n}\n\nfunction compareMessageIds(a: string, b: string): number | null {\n if (/^\\d+$/.test(a) && /^\\d+$/.test(b)) {\n const left = BigInt(a);\n const right = BigInt(b);\n return left < right ? -1 : left > right ? 1 : 0;\n }\n\n const left = Number(a);\n const right = Number(b);\n if (Number.isFinite(left) && Number.isFinite(right)) {\n return left < right ? -1 : left > right ? 1 : 0;\n }\n\n return null;\n}\n"]}
1
+ {"version":3,"file":"context.js","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,EAGL,eAAe,GAChB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAChC,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,KAAK,GAAG,MAAM,UAAU,CAAC;AAchC;;GAEG;AACH,MAAM,iBAAiB,GAAG,EAAE,CAAC;AAgC7B;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,cAA8B,EAC9B,eAAuB,EACvB,cAAuB,EACvB,SAAqB,EACrB,YAA2B;IAE3B,8DAA8D;IAC9D,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,YAAY,GAAG,GAAG,GAAG,iBAAiB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACnE,MAAM,KAAK,GAAG,SAAS,IAAI,EAAE,KAAK,EAAE,YAAY,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;IAC7D,MAAM,OAAO,GAAG,IAAI,CAAC,eAAe,EAAE,WAAW,CAAC,CAAC;IAEnD,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,CAAC,CAAC;IAEnC,wDAAwD;IACxD,gFAAgF;IAChF,+EAA+E;IAC/E,+EAA+E;IAC/E,8BAA8B;IAC9B,MAAM,gBAAgB,GAA6B,EAAE,CAAC;IACtD,MAAM,mBAAmB,GAAG,IAAI,GAAG,EAAU,CAAC;IAC9C,KAAK,MAAM,KAAK,IAAI,cAAc,CAAC,UAAU,EAAE,EAAE,CAAC;QAChD,IAAI,KAAK,CAAC,IAAI,KAAK,SAAS;YAAE,SAAS;QACvC,MAAM,QAAQ,GAAG,KAA4B,CAAC;QAC9C,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAkB,CAAC;QAC5C,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC;YAChD,CAAC,CAAC,OAAO,CAAC,OAAO;iBACZ,MAAM,CAAC,CAAC,IAAI,EAA0C,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC;iBAC9E,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;iBACxB,IAAI,CAAC,MAAM,CAAC;YACjB,CAAC,CAAC,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ;gBACnC,CAAC,CAAC,OAAO,CAAC,OAAO;gBACjB,CAAC,CAAC,EAAE,CAAC;QACT,gBAAgB,CAAC,IAAI,CAAC;YACpB,SAAS,EAAE,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;YAChF,OAAO,EAAE,WAAW;YACpB,cAAc,EAAE,2BAA2B,CAAC,WAAW,CAAC;SACzD,CAAC,CAAC;QACH,IAAI,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;YAC1C,mBAAmB,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,SAAS,IAAI,WAAW,EAAE,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IAED,uDAAuD;IACvD,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAE/D,MAAM,WAAW,GAAuD,EAAE,CAAC;IAE3E,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,QAAQ,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;QAC3D,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC/B,IAAI,MAA8B,CAAC;QACnC,IAAI,CAAC;YACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAA2B,CAAC;QACtD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,GAAG,CAAC,UAAU,CACZ,mCAAmC,OAAO,IAAI,OAAO,GAAG,CAAC,EAAE,EAC3D,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CACjD,CAAC;YACF,SAAS;QACX,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;QACzB,IAAI,CAAC,OAAO,IAAI,CAAC,IAAI;YAAE,SAAS;QAEhC,wEAAwE;QACxE,IAAI,cAAc,IAAI,OAAO,KAAK,cAAc;YAAE,SAAS;QAE3D,mFAAmF;QACnF,+EAA+E;QAC/E,0BAA0B;QAC1B,IAAI,CAAC,0BAA0B,CAAC,OAAO,EAAE,cAAc,CAAC;YAAE,SAAS;QAEnE,+CAA+C;QAC/C,IAAI,MAAM,CAAC,KAAK;YAAE,SAAS;QAE3B,0EAA0E;QAC1E,IAAI,YAAY,EAAE,CAAC;YACjB,IAAI,YAAY,CAAC,KAAK,KAAK,WAAW,EAAE,CAAC;gBACvC,uEAAuE;gBACvE,+DAA+D;gBAC/D,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;oBACpB,SAAS;gBACX,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;oBACpB,6EAA6E;oBAC7E,IACE,MAAM,CAAC,QAAQ,KAAK,YAAY,CAAC,QAAQ;wBACzC,MAAM,CAAC,QAAQ,KAAK,YAAY,CAAC,MAAM,EACvC,CAAC;wBACD,SAAS;oBACX,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,sEAAsE;oBACtE,IAAI,OAAO,KAAK,YAAY,CAAC,MAAM,EAAE,CAAC;wBACpC,SAAS;oBACX,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,uDAAuD;QACvD,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,eAAe,MAAM,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/E,MAAM,WAAW,GAAG,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,IAAI,IAAI,SAAS,IAAI,aAAa,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;QAE7G,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;QACvD,MAAM,UAAU,GAAG,GAAG,OAAO,IAAI,WAAW,EAAE,CAAC;QAC/C,IAAI,mBAAmB,CAAC,GAAG,CAAC,UAAU,CAAC;YAAE,SAAS;QAClD,IAAI,yBAAyB,CAAC,gBAAgB,EAAE,OAAO,EAAE,WAAW,CAAC;YAAE,SAAS;QAEhF,uCAAuC;QACvC,IAAI,OAAO,GAAG,KAAK,CAAC,KAAK,IAAI,OAAO,GAAG,KAAK,CAAC,GAAG;YAAE,SAAS;QAE3D,MAAM,WAAW,GAAgB;YAC/B,IAAI,EAAE,MAAM;YACZ,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC;YAC9C,SAAS,EAAE,OAAO;SACnB,CAAC;QAEF,WAAW,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;QAC/D,gBAAgB,CAAC,IAAI,CAAC;YACpB,SAAS,EAAE,OAAO;YAClB,OAAO,EAAE,WAAW;YACpB,cAAc,EAAE,2BAA2B,CAAC,WAAW,CAAC;SACzD,CAAC,CAAC;QACH,mBAAmB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,6CAA6C;IACpF,CAAC;IAED,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAEvC,uCAAuC;IACvC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC;IAEtD,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,WAAW,EAAE,CAAC;QACtC,cAAc,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;IACxC,CAAC;IAED,OAAO,WAAW,CAAC,MAAM,CAAC;AAC5B,CAAC;AAED,+EAA+E;AAC/E,4BAA4B;AAC5B,+EAA+E;AAE/E,gFAAgF;AAChF,yEAAyE;AACzE,iEAAiE;AACjE,MAAM,UAAU,yBAAyB,CAAC,aAAqB;IAC7D,OAAO,eAAe,CAAC,QAAQ,EAAE,CAAC;AACpC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,eAAuB,EACvB,SAAiB;IAEjB,MAAM,OAAO,GAAG,IAAI,CAAC,eAAe,EAAE,WAAW,CAAC,CAAC;IACnD,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,IAAI,CAAC;IAEtC,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAE/D,KAAK,IAAI,CAAC,GAAG,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC9C,IAAI,KAA6B,CAAC;QAClC,IAAI,CAAC;YACH,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAA2B,CAAC;QAC5D,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,GAAG,CAAC,UAAU,CACZ,mCAAmC,OAAO,IAAI,CAAC,GAAG,CAAC,EAAE,EACrD,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CACjD,CAAC;YACF,SAAS;QACX,CAAC;QACD,IAAI,KAAK,CAAC,EAAE,KAAK,SAAS,EAAE,CAAC;YAC3B,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,yBAAyB,CAAC,IAAY;IAC7C,OAAO,IAAI,CAAC,OAAO,CAAC,8DAA8D,EAAE,EAAE,CAAC,CAAC;AAC1F,CAAC;AAED,SAAS,2BAA2B,CAAC,IAAY;IAC/C,MAAM,gBAAgB,GAAG,IAAI,CAAC,OAAO,CACnC,iIAAiI,EACjI,EAAE,CACH,CAAC;IACF,OAAO,yBAAyB,CAAC,gBAAgB,CAAC,CAAC,IAAI,EAAE,CAAC;AAC5D,CAAC;AAED,SAAS,yBAAyB,CAChC,gBAA0C,EAC1C,SAAiB,EACjB,IAAY;IAEZ,MAAM,cAAc,GAAG,2BAA2B,CAAC,IAAI,CAAC,CAAC;IACzD,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;QACxC,IAAI,QAAQ,CAAC,SAAS,KAAK,SAAS,IAAI,QAAQ,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;YAClE,OAAO,IAAI,CAAC;QACd,CAAC;QACD,IAAI,QAAQ,CAAC,cAAc,KAAK,cAAc,IAAI,QAAQ,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;YACnF,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,QAAQ,CAAC,SAAS,IAAI,SAAS,CAAC;IACzC,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,0BAA0B,CAAC,SAAiB,EAAE,gBAAyB;IAC9E,IAAI,CAAC,gBAAgB;QAAE,OAAO,IAAI,CAAC;IACnC,MAAM,UAAU,GAAG,iBAAiB,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;IAClE,OAAO,UAAU,KAAK,IAAI,IAAI,UAAU,IAAI,CAAC,CAAC;AAChD,CAAC;AAED,SAAS,iBAAiB,CAAC,CAAS,EAAE,CAAS;IAC7C,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QACvB,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QACxB,OAAO,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACvB,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACxB,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACpD,OAAO,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAClD,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["/**\n * Context management for mama.\n *\n * Mama uses two data sources per conversation:\n * - sessions/*.jsonl: Structured session history for agent context\n * - log.jsonl: Human-readable conversation history for grep (no tool results)\n *\n * This module provides:\n * - syncLogToSessionManager: Syncs messages from log.jsonl to SessionManager\n * - createMamaSettingsManager: Creates an in-memory SettingsManager for AgentSession\n */\n\nimport type { Message, UserMessage } from \"@mariozechner/pi-ai\";\nimport {\n type SessionManager,\n type SessionMessageEntry,\n SettingsManager,\n} from \"@mariozechner/pi-coding-agent\";\nimport { existsSync } from \"fs\";\nimport { readFile } from \"fs/promises\";\nimport { join } from \"path\";\nimport * as log from \"./log.js\";\n\n// ============================================================================\n// Sync log.jsonl to SessionManager\n// ============================================================================\n\n/**\n * Time range for filtering log messages\n */\nexport interface TimeRange {\n start: number; // Unix timestamp in ms\n end: number;\n}\n\n/**\n * Default number of days to sync when no time range is specified\n */\nconst DEFAULT_SYNC_DAYS = 10;\n\nexport interface ConversationLogMessage {\n date?: string;\n ts?: string;\n threadTs?: string;\n user?: string;\n userName?: string;\n text?: string;\n isBot?: boolean;\n}\n\ninterface ExistingSessionMessage {\n timestamp?: number;\n rawText: string;\n normalizedText: string;\n}\n\n/**\n * Thread filter for scoping log sync to a specific thread session.\n * When provided, only messages belonging to this thread are synced,\n * preventing cross-thread context contamination.\n */\nexport interface ThreadFilter {\n /** Filter mode: a specific thread, or top-level messages only for persistent channel/chat sessions */\n scope?: \"thread\" | \"top-level\";\n /** The root message timestamp (user's original message ts, derived from sessionKey) */\n rootTs: string;\n /** The thread anchor timestamp (bot's first reply ts, used as thread_ts by Slack replies) */\n threadTs?: string;\n}\n\n/**\n * Sync user messages from log.jsonl to SessionManager.\n *\n * This ensures that messages logged while mama wasn't running (conversation chatter,\n * backfilled messages, messages while busy) are added to the LLM context.\n *\n * @param sessionManager - The SessionManager to sync to\n * @param conversationDir - Path to the conversation directory containing log.jsonl\n * @param excludeSlackTs - Current platform message ID/timestamp (will be added via prompt(), not sync)\n * @param timeRange - Optional time range to filter log entries (defaults to last 10 days)\n * @param threadFilter - Optional thread filter to scope sync to a specific thread\n * @returns Number of messages synced\n */\nexport async function syncLogToSessionManager(\n sessionManager: SessionManager,\n conversationDir: string,\n excludeSlackTs?: string,\n timeRange?: TimeRange,\n threadFilter?: ThreadFilter,\n): Promise<number> {\n // Calculate default time range (last 10 days) if not provided\n const now = Date.now();\n const defaultStart = now - DEFAULT_SYNC_DAYS * 24 * 60 * 60 * 1000;\n const range = timeRange ?? { start: defaultStart, end: now };\n const logFile = join(conversationDir, \"log.jsonl\");\n\n if (!existsSync(logFile)) return 0;\n\n // Build a list of existing session messages for dedupe.\n // Live user prompts carry a formatted timestamp in the text and use Date.now(),\n // while log.jsonl uses the platform event timestamp. We therefore need a small\n // fuzzy match window in addition to the exact timestamp/content match used for\n // already-synced log entries.\n const existingMessages: ExistingSessionMessage[] = [];\n const existingMessageKeys = new Set<string>();\n for (const entry of sessionManager.getEntries()) {\n if (entry.type !== \"message\") continue;\n const msgEntry = entry as SessionMessageEntry;\n const message = msgEntry.message as Message;\n const contentText = Array.isArray(message.content)\n ? message.content\n .filter((part): part is { type: \"text\"; text: string } => part.type === \"text\")\n .map((part) => part.text)\n .join(\"\\n\\n\")\n : typeof message.content === \"string\"\n ? message.content\n : \"\";\n existingMessages.push({\n timestamp: typeof message.timestamp === \"number\" ? message.timestamp : undefined,\n rawText: contentText,\n normalizedText: normalizeComparableUserText(contentText),\n });\n if (typeof message.timestamp === \"number\") {\n existingMessageKeys.add(`${message.timestamp}:${contentText}`);\n }\n }\n\n // Read log.jsonl and find user messages not in context\n const logContent = await readFile(logFile, \"utf-8\");\n const logLines = logContent.trim().split(\"\\n\").filter(Boolean);\n\n const newMessages: Array<{ timestamp: number; message: UserMessage }> = [];\n\n for (let lineIdx = 0; lineIdx < logLines.length; lineIdx++) {\n const line = logLines[lineIdx];\n let logMsg: ConversationLogMessage;\n try {\n logMsg = JSON.parse(line) as ConversationLogMessage;\n } catch (err) {\n log.logWarning(\n `Skipping malformed log entry at ${logFile}:${lineIdx + 1}`,\n err instanceof Error ? err.message : String(err),\n );\n continue;\n }\n\n const slackTs = logMsg.ts;\n const date = logMsg.date;\n if (!slackTs || !date) continue;\n\n // Skip the current message being processed (will be added via prompt())\n if (excludeSlackTs && slackTs === excludeSlackTs) continue;\n\n // While queued messages are being processed, newer messages may already be present\n // in log.jsonl. Do not look ahead into those future messages when building the\n // current turn's context.\n if (!isMessageAtOrBeforeCurrent(slackTs, excludeSlackTs)) continue;\n\n // Skip bot messages - added through agent flow\n if (logMsg.isBot) continue;\n\n // Thread filtering: only sync messages belonging to this session's thread\n if (threadFilter) {\n if (threadFilter.scope === \"top-level\") {\n // Persistent top-level sessions should only ingest top-level messages.\n // This avoids pulling in unrelated replies from other threads.\n if (logMsg.threadTs) {\n continue;\n }\n } else {\n if (logMsg.threadTs) {\n // Thread reply: only include if threadTs matches our thread anchor or rootTs\n if (\n logMsg.threadTs !== threadFilter.threadTs &&\n logMsg.threadTs !== threadFilter.rootTs\n ) {\n continue;\n }\n } else {\n // Top-level message: only include if it's this session's root message\n if (slackTs !== threadFilter.rootTs) {\n continue;\n }\n }\n }\n }\n\n // Build the message text as it would appear in context\n const threadContext = logMsg.threadTs ? ` [in-thread:${logMsg.threadTs}]` : \"\";\n const messageText = `[${logMsg.userName || logMsg.user || \"unknown\"}]${threadContext}: ${logMsg.text || \"\"}`;\n\n const msgTime = new Date(date).getTime() || Date.now();\n const messageKey = `${msgTime}:${messageText}`;\n if (existingMessageKeys.has(messageKey)) continue;\n if (hasExistingSessionMessage(existingMessages, msgTime, messageText)) continue;\n\n // Skip messages outside the time range\n if (msgTime < range.start || msgTime > range.end) continue;\n\n const userMessage: UserMessage = {\n role: \"user\",\n content: [{ type: \"text\", text: messageText }],\n timestamp: msgTime,\n };\n\n newMessages.push({ timestamp: msgTime, message: userMessage });\n existingMessages.push({\n timestamp: msgTime,\n rawText: messageText,\n normalizedText: normalizeComparableUserText(messageText),\n });\n existingMessageKeys.add(messageKey); // Track to avoid duplicates within this sync\n }\n\n if (newMessages.length === 0) return 0;\n\n // Sort by timestamp and add to session\n newMessages.sort((a, b) => a.timestamp - b.timestamp);\n\n for (const { message } of newMessages) {\n sessionManager.appendMessage(message);\n }\n\n return newMessages.length;\n}\n\n// ============================================================================\n// Settings manager for mama\n// ============================================================================\n\n// Mama manages model/provider config through its own config.ts / settings.json.\n// We use an in-memory SettingsManager so AgentSession has valid defaults\n// without interfering with coding-agent's global settings files.\nexport function createMamaSettingsManager(_workspaceDir: string): SettingsManager {\n return SettingsManager.inMemory();\n}\n\nexport async function findLogMessageById(\n conversationDir: string,\n messageId: string,\n): Promise<ConversationLogMessage | null> {\n const logFile = join(conversationDir, \"log.jsonl\");\n if (!existsSync(logFile)) return null;\n\n const logContent = await readFile(logFile, \"utf-8\");\n const logLines = logContent.trim().split(\"\\n\").filter(Boolean);\n\n for (let i = logLines.length - 1; i >= 0; i--) {\n let entry: ConversationLogMessage;\n try {\n entry = JSON.parse(logLines[i]) as ConversationLogMessage;\n } catch (err) {\n log.logWarning(\n `Skipping malformed log entry at ${logFile}:${i + 1}`,\n err instanceof Error ? err.message : String(err),\n );\n continue;\n }\n if (entry.ts === messageId) {\n return entry;\n }\n }\n\n return null;\n}\n\nfunction stripSlackAttachmentBlock(text: string): string {\n return text.replace(/\\n*<slack_attachments>\\n[\\s\\S]*?\\n<\\/slack_attachments>\\s*$/g, \"\");\n}\n\nfunction normalizeComparableUserText(text: string): string {\n const withoutTimestamp = text.replace(\n /^\\[[0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}[+-][0-9]{2}:[0-9]{2}\\]\\s+(?=\\[[^\\]]+\\](?:\\s+\\[in-thread:[^\\]]+\\])?:\\s)/,\n \"\",\n );\n return stripSlackAttachmentBlock(withoutTimestamp).trim();\n}\n\nfunction hasExistingSessionMessage(\n existingMessages: ExistingSessionMessage[],\n timestamp: number,\n text: string,\n): boolean {\n const normalizedText = normalizeComparableUserText(text);\n return existingMessages.some((existing) => {\n if (existing.timestamp === timestamp && existing.rawText === text) {\n return true;\n }\n if (existing.normalizedText !== normalizedText || existing.timestamp === undefined) {\n return false;\n }\n return existing.timestamp >= timestamp;\n });\n}\n\nfunction isMessageAtOrBeforeCurrent(messageId: string, currentMessageId?: string): boolean {\n if (!currentMessageId) return true;\n const comparison = compareMessageIds(messageId, currentMessageId);\n return comparison === null || comparison <= 0;\n}\n\nfunction compareMessageIds(a: string, b: string): number | null {\n if (/^\\d+$/.test(a) && /^\\d+$/.test(b)) {\n const left = BigInt(a);\n const right = BigInt(b);\n return left < right ? -1 : left > right ? 1 : 0;\n }\n\n const left = Number(a);\n const right = Number(b);\n if (Number.isFinite(left) && Number.isFinite(right)) {\n return left < right ? -1 : left > right ? 1 : 0;\n }\n\n return null;\n}\n"]}
package/dist/execution-resolver.d.ts CHANGED
@@ -1,20 +1,23 @@
1
- import type { UserBindingStore } from "./bindings.js";
2
1
  import { DockerContainerManager } from "./provisioner.js";
3
2
  import { type Executor, type SandboxConfig } from "./sandbox.js";
4
3
  import type { VaultManager } from "./vault.js";
5
4
  export interface ActorContext {
6
5
  platform: string;
7
6
  userId: string;
7
+ conversationId: string;
8
8
  }
9
9
  export declare class ActorExecutionResolver {
10
10
  private baseConfig;
11
11
  private vaultManager;
12
- private bindingStore?;
13
12
  private provisioner?;
14
- constructor(baseConfig: SandboxConfig, vaultManager: VaultManager, bindingStore?: UserBindingStore | undefined, provisioner?: DockerContainerManager | undefined);
13
+ private workspaceDir?;
14
+ private readonly ensuredConversationDirs;
15
+ constructor(baseConfig: SandboxConfig, vaultManager: VaultManager, provisioner?: DockerContainerManager | undefined, workspaceDir?: string | undefined);
15
16
  refresh(): void;
16
17
  resolve(context: ActorContext): Promise<Executor>;
18
+ private resolveSandboxConfig;
17
19
  private getEnsureReady;
18
20
  private resolveMounts;
21
+ private buildImageSandboxMounts;
19
22
  }
20
23
  //# sourceMappingURL=execution-resolver.d.ts.map
package/dist/execution-resolver.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"execution-resolver.d.ts","sourceRoot":"","sources":["../src/execution-resolver.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACtD,OAAO,EAAE,sBAAsB,EAAuB,MAAM,kBAAkB,CAAC;AAC/E,OAAO,EAAkB,KAAK,QAAQ,EAAE,KAAK,aAAa,EAAE,MAAM,cAAc,CAAC;AACjF,OAAO,KAAK,EAAiB,YAAY,EAAE,MAAM,YAAY,CAAC;AAG9D,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,qBAAa,sBAAsB;IAE/B,OAAO,CAAC,UAAU;IAClB,OAAO,CAAC,YAAY;IACpB,OAAO,CAAC,YAAY,CAAC;IACrB,OAAO,CAAC,WAAW,CAAC;IAJtB,YACU,UAAU,EAAE,aAAa,EACzB,YAAY,EAAE,YAAY,EAC1B,YAAY,CAAC,EAAE,gBAAgB,YAAA,EAC/B,WAAW,CAAC,EAAE,sBAAsB,YAAA,EAC1C;IAEJ,OAAO,IAAI,IAAI,CAGd;IAEK,OAAO,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC,CAqBtD;IAED,OAAO,CAAC,cAAc;IAuBtB,OAAO,CAAC,aAAa;CAQtB","sourcesContent":["import { existsSync } from \"fs\";\nimport type { UserBindingStore } from \"./bindings.js\";\nimport { DockerContainerManager, type ContainerMount } from \"./provisioner.js\";\nimport { createExecutor, type Executor, type SandboxConfig } from \"./sandbox.js\";\nimport type { ResolvedVault, VaultManager } from \"./vault.js\";\nimport { ensureSandboxVaultEntry, resolveActorVaultKey } from \"./vault-routing.js\";\n\nexport interface ActorContext {\n platform: string;\n userId: string;\n}\n\nexport class ActorExecutionResolver {\n constructor(\n private baseConfig: SandboxConfig,\n private vaultManager: VaultManager,\n private bindingStore?: UserBindingStore,\n private provisioner?: DockerContainerManager,\n ) {}\n\n refresh(): void {\n this.vaultManager.reload();\n this.bindingStore?.reload();\n }\n\n async resolve(context: ActorContext): Promise<Executor> {\n const vaultKey = resolveActorVaultKey(\n this.baseConfig,\n this.vaultManager,\n this.bindingStore,\n context.platform,\n context.userId,\n );\n ensureSandboxVaultEntry(\n this.baseConfig,\n this.vaultManager,\n context.platform,\n context.userId,\n vaultKey,\n );\n\n const vault = this.vaultManager.resolve(vaultKey);\n const config = this.vaultManager.getSandboxConfig(vaultKey, this.baseConfig);\n const env =\n config.type !== \"host\" && vault && Object.keys(vault.env).length > 0 ? vault.env : undefined;\n return createExecutor(config, env, this.getEnsureReady(vaultKey, config, vault));\n }\n\n private getEnsureReady(\n vaultKey: string,\n config: SandboxConfig,\n vault?: ResolvedVault,\n ): (() => Promise<void>) | undefined {\n if (this.baseConfig.type !== \"image\" || config.type !== \"container\") {\n return undefined;\n }\n\n return async () => {\n const expected = config.container || DockerContainerManager.containerName(vaultKey);\n const actual = await this.provisioner?.provision(vaultKey, {\n containerName: expected,\n mounts: vault ? this.resolveMounts(vault) : [],\n });\n if (actual && actual !== expected) {\n throw new Error(\n `Provisioner returned container \"${actual}\" for vault \"${vaultKey}\", expected \"${expected}\"`,\n );\n }\n };\n }\n\n private resolveMounts(vault: ResolvedVault): ContainerMount[] {\n const mountsByTarget = new Map<string, ContainerMount>();\n for (const mount of vault.mounts) {\n if (!existsSync(mount.source)) continue;\n mountsByTarget.set(mount.target, { source: mount.source, target: mount.target });\n }\n return [...mountsByTarget.values()];\n }\n}\n"]}
1
+ {"version":3,"file":"execution-resolver.d.ts","sourceRoot":"","sources":["../src/execution-resolver.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,sBAAsB,EAAuB,MAAM,kBAAkB,CAAC;AAC/E,OAAO,EAAkB,KAAK,QAAQ,EAAE,KAAK,aAAa,EAAE,MAAM,cAAc,CAAC;AACjF,OAAO,KAAK,EAAiB,YAAY,EAAE,MAAM,YAAY,CAAC;AAG9D,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,qBAAa,sBAAsB;IAI/B,OAAO,CAAC,UAAU;IAClB,OAAO,CAAC,YAAY;IACpB,OAAO,CAAC,WAAW,CAAC;IACpB,OAAO,CAAC,YAAY,CAAC;IANvB,OAAO,CAAC,QAAQ,CAAC,uBAAuB,CAAqB;IAE7D,YACU,UAAU,EAAE,aAAa,EACzB,YAAY,EAAE,YAAY,EAC1B,WAAW,CAAC,EAAE,sBAAsB,YAAA,EACpC,YAAY,CAAC,EAAE,MAAM,YAAA,EAC3B;IAEJ,OAAO,IAAI,IAAI,CAEd;IAEK,OAAO,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC,CAYtD;IAED,OAAO,CAAC,oBAAoB;IAgB5B,OAAO,CAAC,cAAc;IAyBtB,OAAO,CAAC,aAAa;IAYrB,OAAO,CAAC,uBAAuB;CAkBhC","sourcesContent":["import { existsSync, mkdirSync } from \"fs\";\nimport { join } from \"path\";\nimport { DockerContainerManager, type ContainerMount } from \"./provisioner.js\";\nimport { createExecutor, type Executor, type SandboxConfig } from \"./sandbox.js\";\nimport type { ResolvedVault, VaultManager } from \"./vault.js\";\nimport { resolveActorVaultKey } from \"./vault-routing.js\";\n\nexport interface ActorContext {\n platform: string;\n userId: string;\n conversationId: string;\n}\n\nexport class ActorExecutionResolver {\n private readonly ensuredConversationDirs = new Set<string>();\n\n constructor(\n private baseConfig: SandboxConfig,\n private vaultManager: VaultManager,\n private provisioner?: DockerContainerManager,\n private workspaceDir?: string,\n ) {}\n\n refresh(): void {\n this.vaultManager.reload();\n }\n\n async resolve(context: ActorContext): Promise<Executor> {\n const vaultKey = resolveActorVaultKey(this.baseConfig, context.userId, context.conversationId);\n\n const vault = this.vaultManager.resolve(vaultKey);\n const config = this.resolveSandboxConfig(vaultKey);\n const env =\n config.type !== \"host\" && vault && Object.keys(vault.env).length > 0 ? vault.env : undefined;\n return createExecutor(\n config,\n env,\n this.getEnsureReady(vaultKey, context.conversationId, config, vault),\n );\n }\n\n private resolveSandboxConfig(vaultKey: string): SandboxConfig {\n const config = this.vaultManager.getSandboxConfig(vaultKey, this.baseConfig);\n if (this.baseConfig.type !== \"image\") {\n return config;\n }\n\n if (config.type === \"container\") {\n return config;\n }\n\n return {\n type: \"container\",\n container: DockerContainerManager.containerName(vaultKey),\n };\n }\n\n private getEnsureReady(\n vaultKey: string,\n conversationId: string,\n config: SandboxConfig,\n vault?: ResolvedVault,\n ): (() => Promise<void>) | undefined {\n if (this.baseConfig.type !== \"image\" || config.type !== \"container\") {\n return undefined;\n }\n\n return async () => {\n const expected = config.container || DockerContainerManager.containerName(vaultKey);\n const actual = await this.provisioner?.provision(vaultKey, {\n containerName: expected,\n mounts: this.resolveMounts(conversationId, vault),\n conversationId,\n });\n if (actual && actual !== expected) {\n throw new Error(\n `Provisioner returned container \"${actual}\" for container key \"${vaultKey}\", expected \"${expected}\"`,\n );\n }\n };\n }\n\n private resolveMounts(conversationId: string, vault?: ResolvedVault): ContainerMount[] {\n const mountsByTarget = new Map<string, ContainerMount>();\n for (const mount of this.buildImageSandboxMounts(conversationId)) {\n mountsByTarget.set(mount.target, mount);\n }\n for (const mount of vault?.mounts ?? []) {\n if (!existsSync(mount.source)) continue;\n mountsByTarget.set(mount.target, { source: mount.source, target: mount.target });\n }\n return [...mountsByTarget.values()];\n }\n\n private buildImageSandboxMounts(conversationId: string): ContainerMount[] {\n if (!this.workspaceDir) {\n return [];\n }\n\n const conversationDir = join(this.workspaceDir, conversationId);\n if (!this.ensuredConversationDirs.has(conversationId)) {\n mkdirSync(conversationDir, { recursive: true });\n this.ensuredConversationDirs.add(conversationId);\n }\n\n return [\n { source: join(this.workspaceDir, \"MEMORY.md\"), target: \"/workspace/MEMORY.md\" },\n { source: join(this.workspaceDir, \"skills\"), target: \"/workspace/skills\" },\n { source: join(this.workspaceDir, \"events\"), target: \"/workspace/events\" },\n { source: conversationDir, target: `/workspace/${conversationId}` },\n ];\n }\n}\n"]}
package/dist/execution-resolver.js CHANGED
@@ -1,27 +1,40 @@
1
- import { existsSync } from "fs";
1
+ import { existsSync, mkdirSync } from "fs";
2
+ import { join } from "path";
2
3
  import { DockerContainerManager } from "./provisioner.js";
3
4
  import { createExecutor } from "./sandbox.js";
4
- import { ensureSandboxVaultEntry, resolveActorVaultKey } from "./vault-routing.js";
5
+ import { resolveActorVaultKey } from "./vault-routing.js";
5
6
  export class ActorExecutionResolver {
6
- constructor(baseConfig, vaultManager, bindingStore, provisioner) {
7
+ constructor(baseConfig, vaultManager, provisioner, workspaceDir) {
7
8
  this.baseConfig = baseConfig;
8
9
  this.vaultManager = vaultManager;
9
- this.bindingStore = bindingStore;
10
10
  this.provisioner = provisioner;
11
+ this.workspaceDir = workspaceDir;
12
+ this.ensuredConversationDirs = new Set();
11
13
  }
12
14
  refresh() {
13
15
  this.vaultManager.reload();
14
- this.bindingStore?.reload();
15
16
  }
16
17
  async resolve(context) {
17
- const vaultKey = resolveActorVaultKey(this.baseConfig, this.vaultManager, this.bindingStore, context.platform, context.userId);
18
- ensureSandboxVaultEntry(this.baseConfig, this.vaultManager, context.platform, context.userId, vaultKey);
18
+ const vaultKey = resolveActorVaultKey(this.baseConfig, context.userId, context.conversationId);
19
19
  const vault = this.vaultManager.resolve(vaultKey);
20
- const config = this.vaultManager.getSandboxConfig(vaultKey, this.baseConfig);
20
+ const config = this.resolveSandboxConfig(vaultKey);
21
21
  const env = config.type !== "host" && vault && Object.keys(vault.env).length > 0 ? vault.env : undefined;
22
- return createExecutor(config, env, this.getEnsureReady(vaultKey, config, vault));
22
+ return createExecutor(config, env, this.getEnsureReady(vaultKey, context.conversationId, config, vault));
23
+ }
24
+ resolveSandboxConfig(vaultKey) {
25
+ const config = this.vaultManager.getSandboxConfig(vaultKey, this.baseConfig);
26
+ if (this.baseConfig.type !== "image") {
27
+ return config;
28
+ }
29
+ if (config.type === "container") {
30
+ return config;
31
+ }
32
+ return {
33
+ type: "container",
34
+ container: DockerContainerManager.containerName(vaultKey),
35
+ };
23
36
  }
24
- getEnsureReady(vaultKey, config, vault) {
37
+ getEnsureReady(vaultKey, conversationId, config, vault) {
25
38
  if (this.baseConfig.type !== "image" || config.type !== "container") {
26
39
  return undefined;
27
40
  }
@@ -29,21 +42,41 @@ export class ActorExecutionResolver {
29
42
  const expected = config.container || DockerContainerManager.containerName(vaultKey);
30
43
  const actual = await this.provisioner?.provision(vaultKey, {
31
44
  containerName: expected,
32
- mounts: vault ? this.resolveMounts(vault) : [],
45
+ mounts: this.resolveMounts(conversationId, vault),
46
+ conversationId,
33
47
  });
34
48
  if (actual && actual !== expected) {
35
- throw new Error(`Provisioner returned container "${actual}" for vault "${vaultKey}", expected "${expected}"`);
49
+ throw new Error(`Provisioner returned container "${actual}" for container key "${vaultKey}", expected "${expected}"`);
36
50
  }
37
51
  };
38
52
  }
39
- resolveMounts(vault) {
53
+ resolveMounts(conversationId, vault) {
40
54
  const mountsByTarget = new Map();
41
- for (const mount of vault.mounts) {
55
+ for (const mount of this.buildImageSandboxMounts(conversationId)) {
56
+ mountsByTarget.set(mount.target, mount);
57
+ }
58
+ for (const mount of vault?.mounts ?? []) {
42
59
  if (!existsSync(mount.source))
43
60
  continue;
44
61
  mountsByTarget.set(mount.target, { source: mount.source, target: mount.target });
45
62
  }
46
63
  return [...mountsByTarget.values()];
47
64
  }
65
+ buildImageSandboxMounts(conversationId) {
66
+ if (!this.workspaceDir) {
67
+ return [];
68
+ }
69
+ const conversationDir = join(this.workspaceDir, conversationId);
70
+ if (!this.ensuredConversationDirs.has(conversationId)) {
71
+ mkdirSync(conversationDir, { recursive: true });
72
+ this.ensuredConversationDirs.add(conversationId);
73
+ }
74
+ return [
75
+ { source: join(this.workspaceDir, "MEMORY.md"), target: "/workspace/MEMORY.md" },
76
+ { source: join(this.workspaceDir, "skills"), target: "/workspace/skills" },
77
+ { source: join(this.workspaceDir, "events"), target: "/workspace/events" },
78
+ { source: conversationDir, target: `/workspace/${conversationId}` },
79
+ ];
80
+ }
48
81
  }
49
82
  //# sourceMappingURL=execution-resolver.js.map
package/dist/execution-resolver.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"execution-resolver.js","sourceRoot":"","sources":["../src/execution-resolver.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAEhC,OAAO,EAAE,sBAAsB,EAAuB,MAAM,kBAAkB,CAAC;AAC/E,OAAO,EAAE,cAAc,EAAqC,MAAM,cAAc,CAAC;AAEjF,OAAO,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAOnF,MAAM,OAAO,sBAAsB;IACjC,YACU,UAAyB,EACzB,YAA0B,EAC1B,YAA+B,EAC/B,WAAoC;0BAHpC,UAAU;4BACV,YAAY;4BACZ,YAAY;2BACZ,WAAW;IAClB,CAAC;IAEJ,OAAO;QACL,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;QAC3B,IAAI,CAAC,YAAY,EAAE,MAAM,EAAE,CAAC;IAC9B,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,OAAqB;QACjC,MAAM,QAAQ,GAAG,oBAAoB,CACnC,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,YAAY,EACjB,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,MAAM,CACf,CAAC;QACF,uBAAuB,CACrB,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,YAAY,EACjB,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,MAAM,EACd,QAAQ,CACT,CAAC;QAEF,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAClD,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,QAAQ,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAC7E,MAAM,GAAG,GACP,MAAM,CAAC,IAAI,KAAK,MAAM,IAAI,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;QAC/F,OAAO,cAAc,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC;IACnF,CAAC;IAEO,cAAc,CACpB,QAAgB,EAChB,MAAqB,EACrB,KAAqB;QAErB,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,KAAK,OAAO,IAAI,MAAM,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;YACpE,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,OAAO,KAAK,IAAI,EAAE;YAChB,MAAM,QAAQ,GAAG,MAAM,CAAC,SAAS,IAAI,sBAAsB,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;YACpF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,SAAS,CAAC,QAAQ,EAAE;gBACzD,aAAa,EAAE,QAAQ;gBACvB,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE;aAC/C,CAAC,CAAC;YACH,IAAI,MAAM,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;gBAClC,MAAM,IAAI,KAAK,CACb,mCAAmC,MAAM,gBAAgB,QAAQ,gBAAgB,QAAQ,GAAG,CAC7F,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;IACJ,CAAC;IAEO,aAAa,CAAC,KAAoB;QACxC,MAAM,cAAc,GAAG,IAAI,GAAG,EAA0B,CAAC;QACzD,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;YACjC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,CAAC;gBAAE,SAAS;YACxC,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QACnF,CAAC;QACD,OAAO,CAAC,GAAG,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC;IACtC,CAAC;CACF","sourcesContent":["import { existsSync } from \"fs\";\nimport type { UserBindingStore } from \"./bindings.js\";\nimport { DockerContainerManager, type ContainerMount } from \"./provisioner.js\";\nimport { createExecutor, type Executor, type SandboxConfig } from \"./sandbox.js\";\nimport type { ResolvedVault, VaultManager } from \"./vault.js\";\nimport { ensureSandboxVaultEntry, resolveActorVaultKey } from \"./vault-routing.js\";\n\nexport interface ActorContext {\n platform: string;\n userId: string;\n}\n\nexport class ActorExecutionResolver {\n constructor(\n private baseConfig: SandboxConfig,\n private vaultManager: VaultManager,\n private bindingStore?: UserBindingStore,\n private provisioner?: DockerContainerManager,\n ) {}\n\n refresh(): void {\n this.vaultManager.reload();\n this.bindingStore?.reload();\n }\n\n async resolve(context: ActorContext): Promise<Executor> {\n const vaultKey = resolveActorVaultKey(\n this.baseConfig,\n this.vaultManager,\n this.bindingStore,\n context.platform,\n context.userId,\n );\n ensureSandboxVaultEntry(\n this.baseConfig,\n this.vaultManager,\n context.platform,\n context.userId,\n vaultKey,\n );\n\n const vault = this.vaultManager.resolve(vaultKey);\n const config = this.vaultManager.getSandboxConfig(vaultKey, this.baseConfig);\n const env =\n config.type !== \"host\" && vault && Object.keys(vault.env).length > 0 ? vault.env : undefined;\n return createExecutor(config, env, this.getEnsureReady(vaultKey, config, vault));\n }\n\n private getEnsureReady(\n vaultKey: string,\n config: SandboxConfig,\n vault?: ResolvedVault,\n ): (() => Promise<void>) | undefined {\n if (this.baseConfig.type !== \"image\" || config.type !== \"container\") {\n return undefined;\n }\n\n return async () => {\n const expected = config.container || DockerContainerManager.containerName(vaultKey);\n const actual = await this.provisioner?.provision(vaultKey, {\n containerName: expected,\n mounts: vault ? this.resolveMounts(vault) : [],\n });\n if (actual && actual !== expected) {\n throw new Error(\n `Provisioner returned container \"${actual}\" for vault \"${vaultKey}\", expected \"${expected}\"`,\n );\n }\n };\n }\n\n private resolveMounts(vault: ResolvedVault): ContainerMount[] {\n const mountsByTarget = new Map<string, ContainerMount>();\n for (const mount of vault.mounts) {\n if (!existsSync(mount.source)) continue;\n mountsByTarget.set(mount.target, { source: mount.source, target: mount.target });\n }\n return [...mountsByTarget.values()];\n }\n}\n"]}
1
+ {"version":3,"file":"execution-resolver.js","sourceRoot":"","sources":["../src/execution-resolver.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,IAAI,CAAC;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,sBAAsB,EAAuB,MAAM,kBAAkB,CAAC;AAC/E,OAAO,EAAE,cAAc,EAAqC,MAAM,cAAc,CAAC;AAEjF,OAAO,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAQ1D,MAAM,OAAO,sBAAsB;IAGjC,YACU,UAAyB,EACzB,YAA0B,EAC1B,WAAoC,EACpC,YAAqB;QAHrB,eAAU,GAAV,UAAU,CAAe;QACzB,iBAAY,GAAZ,YAAY,CAAc;QAC1B,gBAAW,GAAX,WAAW,CAAyB;QACpC,iBAAY,GAAZ,YAAY,CAAS;QANd,4BAAuB,GAAG,IAAI,GAAG,EAAU,CAAC;IAO1D,CAAC;IAEJ,OAAO;QACL,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,OAAqB;QACjC,MAAM,QAAQ,GAAG,oBAAoB,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;QAE/F,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAClD,MAAM,MAAM,GAAG,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC;QACnD,MAAM,GAAG,GACP,MAAM,CAAC,IAAI,KAAK,MAAM,IAAI,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;QAC/F,OAAO,cAAc,CACnB,MAAM,EACN,GAAG,EACH,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,OAAO,CAAC,cAAc,EAAE,MAAM,EAAE,KAAK,CAAC,CACrE,CAAC;IACJ,CAAC;IAEO,oBAAoB,CAAC,QAAgB;QAC3C,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,QAAQ,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAC7E,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YACrC,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;YAChC,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,OAAO;YACL,IAAI,EAAE,WAAW;YACjB,SAAS,EAAE,sBAAsB,CAAC,aAAa,CAAC,QAAQ,CAAC;SAC1D,CAAC;IACJ,CAAC;IAEO,cAAc,CACpB,QAAgB,EAChB,cAAsB,EACtB,MAAqB,EACrB,KAAqB;QAErB,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,KAAK,OAAO,IAAI,MAAM,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;YACpE,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,OAAO,KAAK,IAAI,EAAE;YAChB,MAAM,QAAQ,GAAG,MAAM,CAAC,SAAS,IAAI,sBAAsB,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;YACpF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,SAAS,CAAC,QAAQ,EAAE;gBACzD,aAAa,EAAE,QAAQ;gBACvB,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,cAAc,EAAE,KAAK,CAAC;gBACjD,cAAc;aACf,CAAC,CAAC;YACH,IAAI,MAAM,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;gBAClC,MAAM,IAAI,KAAK,CACb,mCAAmC,MAAM,wBAAwB,QAAQ,gBAAgB,QAAQ,GAAG,CACrG,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;IACJ,CAAC;IAEO,aAAa,CAAC,cAAsB,EAAE,KAAqB;QACjE,MAAM,cAAc,GAAG,IAAI,GAAG,EAA0B,CAAC;QACzD,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,uBAAuB,CAAC,cAAc,CAAC,EAAE,CAAC;YACjE,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAC1C,CAAC;QACD,KAAK,MAAM,KAAK,IAAI,KAAK,EAAE,MAAM,IAAI,EAAE,EAAE,CAAC;YACxC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,CAAC;gBAAE,SAAS;YACxC,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QACnF,CAAC;QACD,OAAO,CAAC,GAAG,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC;IACtC,CAAC;IAEO,uBAAuB,CAAC,cAAsB;QACpD,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;QAChE,IAAI,CAAC,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,CAAC;YACtD,SAAS,CAAC,eAAe,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAChD,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACnD,CAAC;QAED,OAAO;YACL,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC,EAAE,MAAM,EAAE,sBAAsB,EAAE;YAChF,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,mBAAmB,EAAE;YAC1E,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,mBAAmB,EAAE;YAC1E,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,EAAE,cAAc,cAAc,EAAE,EAAE;SACpE,CAAC;IACJ,CAAC;CACF","sourcesContent":["import { existsSync, mkdirSync } from \"fs\";\nimport { join } from \"path\";\nimport { DockerContainerManager, type ContainerMount } from \"./provisioner.js\";\nimport { createExecutor, type Executor, type SandboxConfig } from \"./sandbox.js\";\nimport type { ResolvedVault, VaultManager } from \"./vault.js\";\nimport { resolveActorVaultKey } from \"./vault-routing.js\";\n\nexport interface ActorContext {\n platform: string;\n userId: string;\n conversationId: string;\n}\n\nexport class ActorExecutionResolver {\n private readonly ensuredConversationDirs = new Set<string>();\n\n constructor(\n private baseConfig: SandboxConfig,\n private vaultManager: VaultManager,\n private provisioner?: DockerContainerManager,\n private workspaceDir?: string,\n ) {}\n\n refresh(): void {\n this.vaultManager.reload();\n }\n\n async resolve(context: ActorContext): Promise<Executor> {\n const vaultKey = resolveActorVaultKey(this.baseConfig, context.userId, context.conversationId);\n\n const vault = this.vaultManager.resolve(vaultKey);\n const config = this.resolveSandboxConfig(vaultKey);\n const env =\n config.type !== \"host\" && vault && Object.keys(vault.env).length > 0 ? vault.env : undefined;\n return createExecutor(\n config,\n env,\n this.getEnsureReady(vaultKey, context.conversationId, config, vault),\n );\n }\n\n private resolveSandboxConfig(vaultKey: string): SandboxConfig {\n const config = this.vaultManager.getSandboxConfig(vaultKey, this.baseConfig);\n if (this.baseConfig.type !== \"image\") {\n return config;\n }\n\n if (config.type === \"container\") {\n return config;\n }\n\n return {\n type: \"container\",\n container: DockerContainerManager.containerName(vaultKey),\n };\n }\n\n private getEnsureReady(\n vaultKey: string,\n conversationId: string,\n config: SandboxConfig,\n vault?: ResolvedVault,\n ): (() => Promise<void>) | undefined {\n if (this.baseConfig.type !== \"image\" || config.type !== \"container\") {\n return undefined;\n }\n\n return async () => {\n const expected = config.container || DockerContainerManager.containerName(vaultKey);\n const actual = await this.provisioner?.provision(vaultKey, {\n containerName: expected,\n mounts: this.resolveMounts(conversationId, vault),\n conversationId,\n });\n if (actual && actual !== expected) {\n throw new Error(\n `Provisioner returned container \"${actual}\" for container key \"${vaultKey}\", expected \"${expected}\"`,\n );\n }\n };\n }\n\n private resolveMounts(conversationId: string, vault?: ResolvedVault): ContainerMount[] {\n const mountsByTarget = new Map<string, ContainerMount>();\n for (const mount of this.buildImageSandboxMounts(conversationId)) {\n mountsByTarget.set(mount.target, mount);\n }\n for (const mount of vault?.mounts ?? []) {\n if (!existsSync(mount.source)) continue;\n mountsByTarget.set(mount.target, { source: mount.source, target: mount.target });\n }\n return [...mountsByTarget.values()];\n }\n\n private buildImageSandboxMounts(conversationId: string): ContainerMount[] {\n if (!this.workspaceDir) {\n return [];\n }\n\n const conversationDir = join(this.workspaceDir, conversationId);\n if (!this.ensuredConversationDirs.has(conversationId)) {\n mkdirSync(conversationDir, { recursive: true });\n this.ensuredConversationDirs.add(conversationId);\n }\n\n return [\n { source: join(this.workspaceDir, \"MEMORY.md\"), target: \"/workspace/MEMORY.md\" },\n { source: join(this.workspaceDir, \"skills\"), target: \"/workspace/skills\" },\n { source: join(this.workspaceDir, \"events\"), target: \"/workspace/events\" },\n { source: conversationDir, target: `/workspace/${conversationId}` },\n ];\n }\n}\n"]}
package/dist/index.d.ts ADDED
@@ -0,0 +1,7 @@
1
+ export { createDefaultCommandRegistry, CommandRegistry } from "./commands/index.js";
2
+ export type { CommandContext, CommandHandler, CommandServices } from "./commands/index.js";
3
+ export { createSessionRuntime, type CreateSessionSandboxOptions, type RunSessionOptions, type SessionRuntime, type SessionRuntimeOptions, } from "./runtime/index.js";
4
+ export type { Bot, BotAdapters, BotEvent, BotHandler, ChatAdapter, ChatMessage, ChatResponseContext, ChatToolResult, ConversationKind, PlatformInfo, RunningSession, } from "./adapter.js";
5
+ export { SandboxError, createExecutor, getSandboxAdapters, parseSandboxArg, validateSandbox, } from "./sandbox/index.js";
6
+ export type { CloudflareSandboxConfig, ExecOptions, ExecResult, Executor, SandboxAdapter, SandboxConfig, } from "./sandbox/index.js";
7
+ //# sourceMappingURL=index.d.ts.map
package/dist/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,4BAA4B,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACpF,YAAY,EAAE,cAAc,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAC3F,OAAO,EACL,oBAAoB,EACpB,KAAK,2BAA2B,EAChC,KAAK,iBAAiB,EACtB,KAAK,cAAc,EACnB,KAAK,qBAAqB,GAC3B,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,GAAG,EACH,WAAW,EACX,QAAQ,EACR,UAAU,EACV,WAAW,EACX,WAAW,EACX,mBAAmB,EACnB,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,cAAc,GACf,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,YAAY,EACZ,cAAc,EACd,kBAAkB,EAClB,eAAe,EACf,eAAe,GAChB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,uBAAuB,EACvB,WAAW,EACX,UAAU,EACV,QAAQ,EACR,cAAc,EACd,aAAa,GACd,MAAM,oBAAoB,CAAC","sourcesContent":["export { createDefaultCommandRegistry, CommandRegistry } from \"./commands/index.js\";\nexport type { CommandContext, CommandHandler, CommandServices } from \"./commands/index.js\";\nexport {\n createSessionRuntime,\n type CreateSessionSandboxOptions,\n type RunSessionOptions,\n type SessionRuntime,\n type SessionRuntimeOptions,\n} from \"./runtime/index.js\";\nexport type {\n Bot,\n BotAdapters,\n BotEvent,\n BotHandler,\n ChatAdapter,\n ChatMessage,\n ChatResponseContext,\n ChatToolResult,\n ConversationKind,\n PlatformInfo,\n RunningSession,\n} from \"./adapter.js\";\nexport {\n SandboxError,\n createExecutor,\n getSandboxAdapters,\n parseSandboxArg,\n validateSandbox,\n} from \"./sandbox/index.js\";\nexport type {\n CloudflareSandboxConfig,\n ExecOptions,\n ExecResult,\n Executor,\n SandboxAdapter,\n SandboxConfig,\n} from \"./sandbox/index.js\";\n"]}
package/dist/index.js ADDED
@@ -0,0 +1,4 @@
1
+ export { createDefaultCommandRegistry, CommandRegistry } from "./commands/index.js";
2
+ export { createSessionRuntime, } from "./runtime/index.js";
3
+ export { SandboxError, createExecutor, getSandboxAdapters, parseSandboxArg, validateSandbox, } from "./sandbox/index.js";
4
+ //# sourceMappingURL=index.js.map
package/dist/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,4BAA4B,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAEpF,OAAO,EACL,oBAAoB,GAKrB,MAAM,oBAAoB,CAAC;AAc5B,OAAO,EACL,YAAY,EACZ,cAAc,EACd,kBAAkB,EAClB,eAAe,EACf,eAAe,GAChB,MAAM,oBAAoB,CAAC","sourcesContent":["export { createDefaultCommandRegistry, CommandRegistry } from \"./commands/index.js\";\nexport type { CommandContext, CommandHandler, CommandServices } from \"./commands/index.js\";\nexport {\n createSessionRuntime,\n type CreateSessionSandboxOptions,\n type RunSessionOptions,\n type SessionRuntime,\n type SessionRuntimeOptions,\n} from \"./runtime/index.js\";\nexport type {\n Bot,\n BotAdapters,\n BotEvent,\n BotHandler,\n ChatAdapter,\n ChatMessage,\n ChatResponseContext,\n ChatToolResult,\n ConversationKind,\n PlatformInfo,\n RunningSession,\n} from \"./adapter.js\";\nexport {\n SandboxError,\n createExecutor,\n getSandboxAdapters,\n parseSandboxArg,\n validateSandbox,\n} from \"./sandbox/index.js\";\nexport type {\n CloudflareSandboxConfig,\n ExecOptions,\n ExecResult,\n Executor,\n SandboxAdapter,\n SandboxConfig,\n} from \"./sandbox/index.js\";\n"]}
package/dist/instrument.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"instrument.d.ts","sourceRoot":"","sources":["../src/instrument.ts"],"names":[],"mappings":"","sourcesContent":["import * as Sentry from \"@sentry/node\";\nimport {\n resolveSentryDsn,\n resolveStateDirFromArgv,\n resolveWorkspaceDirFromArgv,\n} from \"./config.js\";\nimport { createSentryInitOptions } from \"./sentry.js\";\n\nprocess.env.MAMA_STATE_DIR ??= resolveStateDirFromArgv();\nconst workingDir = resolveWorkspaceDirFromArgv();\nconst sentryDsn = resolveSentryDsn(workingDir);\n\nSentry.init(createSentryInitOptions(sentryDsn));\n"]}
1
+ {"version":3,"file":"instrument.d.ts","sourceRoot":"","sources":["../src/instrument.ts"],"names":[],"mappings":"","sourcesContent":["import * as Sentry from \"@sentry/node\";\nimport { resolveSentryDsn, resolveStateDirFromArgv } from \"./config.js\";\nimport { createSentryInitOptions } from \"./sentry.js\";\n\nprocess.env.MAMA_STATE_DIR ??= resolveStateDirFromArgv();\nconst sentryDsn = resolveSentryDsn();\n\nSentry.init(createSentryInitOptions(sentryDsn));\n"]}
package/dist/instrument.js CHANGED
@@ -1,8 +1,7 @@
1
1
  import * as Sentry from "@sentry/node";
2
- import { resolveSentryDsn, resolveStateDirFromArgv, resolveWorkspaceDirFromArgv, } from "./config.js";
2
+ import { resolveSentryDsn, resolveStateDirFromArgv } from "./config.js";
3
3
  import { createSentryInitOptions } from "./sentry.js";
4
4
  process.env.MAMA_STATE_DIR ??= resolveStateDirFromArgv();
5
- const workingDir = resolveWorkspaceDirFromArgv();
6
- const sentryDsn = resolveSentryDsn(workingDir);
5
+ const sentryDsn = resolveSentryDsn();
7
6
  Sentry.init(createSentryInitOptions(sentryDsn));
8
7
  //# sourceMappingURL=instrument.js.map
package/dist/instrument.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"instrument.js","sourceRoot":"","sources":["../src/instrument.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,cAAc,CAAC;AACvC,OAAO,EACL,gBAAgB,EAChB,uBAAuB,EACvB,2BAA2B,GAC5B,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,uBAAuB,EAAE,MAAM,aAAa,CAAC;AAEtD,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,uBAAuB,EAAE,CAAC;AACzD,MAAM,UAAU,GAAG,2BAA2B,EAAE,CAAC;AACjD,MAAM,SAAS,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;AAE/C,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC,CAAC","sourcesContent":["import * as Sentry from \"@sentry/node\";\nimport {\n resolveSentryDsn,\n resolveStateDirFromArgv,\n resolveWorkspaceDirFromArgv,\n} from \"./config.js\";\nimport { createSentryInitOptions } from \"./sentry.js\";\n\nprocess.env.MAMA_STATE_DIR ??= resolveStateDirFromArgv();\nconst workingDir = resolveWorkspaceDirFromArgv();\nconst sentryDsn = resolveSentryDsn(workingDir);\n\nSentry.init(createSentryInitOptions(sentryDsn));\n"]}
1
+ {"version":3,"file":"instrument.js","sourceRoot":"","sources":["../src/instrument.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,gBAAgB,EAAE,uBAAuB,EAAE,MAAM,aAAa,CAAC;AACxE,OAAO,EAAE,uBAAuB,EAAE,MAAM,aAAa,CAAC;AAEtD,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,uBAAuB,EAAE,CAAC;AACzD,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;AAErC,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC,CAAC","sourcesContent":["import * as Sentry from \"@sentry/node\";\nimport { resolveSentryDsn, resolveStateDirFromArgv } from \"./config.js\";\nimport { createSentryInitOptions } from \"./sentry.js\";\n\nprocess.env.MAMA_STATE_DIR ??= resolveStateDirFromArgv();\nconst sentryDsn = resolveSentryDsn();\n\nSentry.init(createSentryInitOptions(sentryDsn));\n"]}
package/dist/login/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/login/index.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,mBAAmB,GAAG,SAAS,GAAG,OAAO,CAAC;AAEtD,MAAM,WAAW,6BAA6B;IAC5C,IAAI,EAAE,iBAAiB,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,gBAAgB,EAAE,MAAM,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,4BAA4B,CAAC,EAAE,MAAM,EAAE,CAAC;IACxC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,mBAAmB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7C,UAAU,CAAC,EAAE,6BAA6B,CAAC;CAC5C;AAED,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,GAAG,QAAQ,GAAG,WAAW,CAAC;CAC3C;AA+ED,wBAAgB,gBAAgB,IAAI,YAAY,EAAE,CA6FjD;AAED,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,YAAY,GAAG,SAAS,CAM3E;AAED,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,kBAAkB,GAAG,IAAI,CAUzE","sourcesContent":["export type LoginCredentialKind = \"api_key\" | \"oauth\";\n\nexport interface OAuthAuthorizedUserFileOutput {\n type: \"authorized_user\";\n relativePath: string;\n targetPath?: string;\n envKey?: string;\n}\n\nexport interface OAuthService {\n id: string;\n label: string;\n aliases: string[];\n authorizationUrl: string;\n tokenUrl: string;\n scopes: string[];\n clientIdEnvKey: string;\n clientSecretEnvKey: string;\n accessTokenEnvKey?: string;\n additionalAccessTokenEnvKeys?: string[];\n refreshTokenEnvKey?: string;\n authorizationParams?: Record<string, string>;\n fileOutput?: OAuthAuthorizedUserFileOutput;\n}\n\nexport interface ParsedLoginCommand {\n command: \"login\" | \"/login\" | \"/pi-login\";\n}\n\nconst DEFAULT_GOOGLE_WORKSPACE_CLI_SCOPES = [\n \"https://www.googleapis.com/auth/drive\",\n \"https://mail.google.com/\",\n \"https://www.googleapis.com/auth/calendar\",\n \"https://www.googleapis.com/auth/spreadsheets\",\n \"https://www.googleapis.com/auth/documents\",\n \"https://www.googleapis.com/auth/chat.messages.create\",\n];\n\n// Conservative default: enough for `gh` CLI repo/user/org operations, but\n// without `workflow` (can dispatch CI), `write:packages` (can publish\n// packages), or `project`. Operators who need those can opt in via\n// MOM_GITHUB_OAUTH_SCOPES to keep the blast radius of a compromised agent\n// host explicit and configurable.\nconst DEFAULT_GITHUB_OAUTH_SCOPES = [\"repo\", \"read:user\", \"user:email\", \"read:org\", \"gist\"];\n\nfunction resolveScopesFromEnv(envKey: string, fallback: string[]): string[] {\n const raw = process.env[envKey]?.trim();\n if (!raw) return fallback;\n\n const scopes = raw\n .split(/[\\s,]+/)\n .map((scope) => scope.trim())\n .filter(Boolean);\n\n return scopes.length > 0 ? scopes : fallback;\n}\n\nfunction resolveGoogleWorkspaceCliScopes(): string[] {\n return resolveScopesFromEnv(\n \"MOM_GOOGLE_WORKSPACE_CLI_OAUTH_SCOPES\",\n DEFAULT_GOOGLE_WORKSPACE_CLI_SCOPES,\n );\n}\n\nfunction resolveGitHubOAuthScopes(): string[] {\n return resolveScopesFromEnv(\"MOM_GITHUB_OAUTH_SCOPES\", DEFAULT_GITHUB_OAUTH_SCOPES);\n}\n\nfunction getBuiltinOAuthServices(): OAuthService[] {\n return [\n {\n id: \"github\",\n label: \"GitHub\",\n aliases: [\"github\", \"github_oauth\", \"gh_oauth\"],\n authorizationUrl: \"https://github.com/login/oauth/authorize\",\n tokenUrl: \"https://github.com/login/oauth/access_token\",\n scopes: resolveGitHubOAuthScopes(),\n clientIdEnvKey: \"GITHUB_OAUTH_CLIENT_ID\",\n clientSecretEnvKey: \"GITHUB_OAUTH_CLIENT_SECRET\",\n accessTokenEnvKey: \"GITHUB_OAUTH_ACCESS_TOKEN\",\n additionalAccessTokenEnvKeys: [\"GH_TOKEN\"],\n refreshTokenEnvKey: \"GITHUB_OAUTH_REFRESH_TOKEN\",\n },\n {\n id: \"google_workspace_cli\",\n label: \"Google Workspace CLI\",\n aliases: [\"google_workspace_cli\", \"gws\", \"googleworkspace\", \"google-workspace-cli\"],\n authorizationUrl: \"https://accounts.google.com/o/oauth2/v2/auth\",\n tokenUrl: \"https://oauth2.googleapis.com/token\",\n scopes: resolveGoogleWorkspaceCliScopes(),\n clientIdEnvKey: \"GOOGLE_WORKSPACE_CLI_CLIENT_ID\",\n clientSecretEnvKey: \"GOOGLE_WORKSPACE_CLI_CLIENT_SECRET\",\n authorizationParams: {\n access_type: \"offline\",\n include_granted_scopes: \"true\",\n prompt: \"consent\",\n },\n fileOutput: {\n type: \"authorized_user\",\n relativePath: \"gws.json\",\n targetPath: \"/root/.config/gws/credentials.json\",\n },\n },\n ];\n}\n\nexport function getOAuthServices(): OAuthService[] {\n const raw = process.env.MOM_OAUTH_SERVICES_JSON?.trim();\n const builtins = getBuiltinOAuthServices();\n if (!raw) return builtins;\n\n try {\n const parsed = JSON.parse(raw) as unknown;\n if (!Array.isArray(parsed)) return builtins;\n\n const custom = parsed\n .map((entry): OAuthService | null => {\n if (!entry || typeof entry !== \"object\") return null;\n const obj = entry as Record<string, unknown>;\n const id = typeof obj.id === \"string\" ? obj.id.trim() : \"\";\n const label = typeof obj.label === \"string\" ? obj.label.trim() : \"\";\n const authorizationUrl =\n typeof obj.authorizationUrl === \"string\" ? obj.authorizationUrl.trim() : \"\";\n const tokenUrl = typeof obj.tokenUrl === \"string\" ? obj.tokenUrl.trim() : \"\";\n const clientIdEnvKey =\n typeof obj.clientIdEnvKey === \"string\" ? obj.clientIdEnvKey.trim() : \"\";\n const clientSecretEnvKey =\n typeof obj.clientSecretEnvKey === \"string\" ? obj.clientSecretEnvKey.trim() : \"\";\n const accessTokenEnvKey =\n typeof obj.accessTokenEnvKey === \"string\" ? obj.accessTokenEnvKey.trim() : undefined;\n if (\n !id ||\n !label ||\n !authorizationUrl ||\n !tokenUrl ||\n !clientIdEnvKey ||\n !clientSecretEnvKey\n ) {\n return null;\n }\n\n let fileOutput: OAuthService[\"fileOutput\"];\n if (obj.fileOutput && typeof obj.fileOutput === \"object\") {\n const fileOutputObj = obj.fileOutput as Record<string, unknown>;\n const type = typeof fileOutputObj.type === \"string\" ? fileOutputObj.type.trim() : \"\";\n const relativePath =\n typeof fileOutputObj.relativePath === \"string\" ? fileOutputObj.relativePath.trim() : \"\";\n const targetPath =\n typeof fileOutputObj.targetPath === \"string\"\n ? fileOutputObj.targetPath.trim()\n : undefined;\n const envKey =\n typeof fileOutputObj.envKey === \"string\" ? fileOutputObj.envKey.trim() : undefined;\n if (type === \"authorized_user\" && relativePath) {\n fileOutput = { type: \"authorized_user\", relativePath, targetPath, envKey };\n }\n }\n\n return {\n id: id.toLowerCase(),\n label,\n aliases: Array.isArray(obj.aliases)\n ? obj.aliases\n .filter((v): v is string => typeof v === \"string\")\n .map((v) => v.toLowerCase())\n : [id.toLowerCase()],\n authorizationUrl,\n tokenUrl,\n scopes: Array.isArray(obj.scopes)\n ? obj.scopes.filter((v): v is string => typeof v === \"string\")\n : [],\n clientIdEnvKey,\n clientSecretEnvKey,\n accessTokenEnvKey,\n additionalAccessTokenEnvKeys: Array.isArray(obj.additionalAccessTokenEnvKeys)\n ? obj.additionalAccessTokenEnvKeys.filter((v): v is string => typeof v === \"string\")\n : undefined,\n refreshTokenEnvKey:\n typeof obj.refreshTokenEnvKey === \"string\" ? obj.refreshTokenEnvKey.trim() : undefined,\n authorizationParams:\n obj.authorizationParams && typeof obj.authorizationParams === \"object\"\n ? Object.fromEntries(\n Object.entries(obj.authorizationParams as Record<string, unknown>).filter(\n (entry): entry is [string, string] => typeof entry[1] === \"string\",\n ),\n )\n : undefined,\n fileOutput,\n };\n })\n .filter((service): service is OAuthService => service !== null);\n\n const byId = new Map<string, OAuthService>();\n for (const service of builtins) byId.set(service.id, service);\n for (const service of custom) byId.set(service.id, service);\n return [...byId.values()];\n } catch {\n return builtins;\n }\n}\n\nexport function resolveOAuthService(input: string): OAuthService | undefined {\n const normalized = input.trim().toLowerCase();\n if (!normalized) return undefined;\n return getOAuthServices().find(\n (service) => service.id === normalized || service.aliases.includes(normalized),\n );\n}\n\nexport function parseLoginCommand(text: string): ParsedLoginCommand | null {\n const tokens = text.trim().split(/\\s+/).filter(Boolean);\n if (tokens.length === 0) return null;\n\n const command = tokens[0].toLowerCase();\n if (command !== \"login\" && command !== \"/login\" && command !== \"/pi-login\") {\n return null;\n }\n\n return { command: command as \"login\" | \"/login\" | \"/pi-login\" };\n}\n"]}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/login/index.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,mBAAmB,GAAG,SAAS,GAAG,OAAO,CAAC;AAEtD,MAAM,WAAW,6BAA6B;IAC5C,IAAI,EAAE,iBAAiB,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,gBAAgB,EAAE,MAAM,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,4BAA4B,CAAC,EAAE,MAAM,EAAE,CAAC;IACxC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,mBAAmB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7C,UAAU,CAAC,EAAE,6BAA6B,CAAC;CAC5C;AAED,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,GAAG,QAAQ,GAAG,WAAW,CAAC;CAC3C;AA+ED,wBAAgB,gBAAgB,IAAI,YAAY,EAAE,CA8GjD;AAED,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,YAAY,GAAG,SAAS,CAM3E;AAED,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,kBAAkB,GAAG,IAAI,CAUzE","sourcesContent":["import * as log from \"../log.js\";\n\nexport type LoginCredentialKind = \"api_key\" | \"oauth\";\n\nexport interface OAuthAuthorizedUserFileOutput {\n type: \"authorized_user\";\n relativePath: string;\n targetPath?: string;\n envKey?: string;\n}\n\nexport interface OAuthService {\n id: string;\n label: string;\n aliases: string[];\n authorizationUrl: string;\n tokenUrl: string;\n scopes: string[];\n clientIdEnvKey: string;\n clientSecretEnvKey: string;\n accessTokenEnvKey?: string;\n additionalAccessTokenEnvKeys?: string[];\n refreshTokenEnvKey?: string;\n authorizationParams?: Record<string, string>;\n fileOutput?: OAuthAuthorizedUserFileOutput;\n}\n\nexport interface ParsedLoginCommand {\n command: \"login\" | \"/login\" | \"/pi-login\";\n}\n\nconst DEFAULT_GOOGLE_WORKSPACE_CLI_SCOPES = [\n \"https://www.googleapis.com/auth/drive\",\n \"https://mail.google.com/\",\n \"https://www.googleapis.com/auth/calendar\",\n \"https://www.googleapis.com/auth/spreadsheets\",\n \"https://www.googleapis.com/auth/documents\",\n \"https://www.googleapis.com/auth/chat.messages.create\",\n];\n\n// Conservative default: enough for `gh` CLI repo/user/org operations, but\n// without `workflow` (can dispatch CI), `write:packages` (can publish\n// packages), or `project`. Operators who need those can opt in via\n// MAMA_GITHUB_OAUTH_SCOPES to keep the blast radius of a compromised agent\n// host explicit and configurable.\nconst DEFAULT_GITHUB_OAUTH_SCOPES = [\"repo\", \"read:user\", \"user:email\", \"read:org\", \"gist\"];\n\nfunction resolveScopesFromEnv(envKey: string, fallback: string[]): string[] {\n const raw = process.env[envKey]?.trim();\n if (!raw) return fallback;\n\n const scopes = raw\n .split(/[\\s,]+/)\n .map((scope) => scope.trim())\n .filter(Boolean);\n\n return scopes.length > 0 ? scopes : fallback;\n}\n\nfunction resolveGoogleWorkspaceCliScopes(): string[] {\n return resolveScopesFromEnv(\n \"MAMA_GOOGLE_WORKSPACE_CLI_OAUTH_SCOPES\",\n DEFAULT_GOOGLE_WORKSPACE_CLI_SCOPES,\n );\n}\n\nfunction resolveGitHubOAuthScopes(): string[] {\n return resolveScopesFromEnv(\"MAMA_GITHUB_OAUTH_SCOPES\", DEFAULT_GITHUB_OAUTH_SCOPES);\n}\n\nfunction getBuiltinOAuthServices(): OAuthService[] {\n return [\n {\n id: \"github\",\n label: \"GitHub\",\n aliases: [\"github\", \"github_oauth\", \"gh_oauth\"],\n authorizationUrl: \"https://github.com/login/oauth/authorize\",\n tokenUrl: \"https://github.com/login/oauth/access_token\",\n scopes: resolveGitHubOAuthScopes(),\n clientIdEnvKey: \"GITHUB_OAUTH_CLIENT_ID\",\n clientSecretEnvKey: \"GITHUB_OAUTH_CLIENT_SECRET\",\n accessTokenEnvKey: \"GITHUB_OAUTH_ACCESS_TOKEN\",\n additionalAccessTokenEnvKeys: [\"GH_TOKEN\"],\n refreshTokenEnvKey: \"GITHUB_OAUTH_REFRESH_TOKEN\",\n },\n {\n id: \"google_workspace_cli\",\n label: \"Google Workspace CLI\",\n aliases: [\"google_workspace_cli\", \"gws\", \"googleworkspace\", \"google-workspace-cli\"],\n authorizationUrl: \"https://accounts.google.com/o/oauth2/v2/auth\",\n tokenUrl: \"https://oauth2.googleapis.com/token\",\n scopes: resolveGoogleWorkspaceCliScopes(),\n clientIdEnvKey: \"GOOGLE_WORKSPACE_CLI_CLIENT_ID\",\n clientSecretEnvKey: \"GOOGLE_WORKSPACE_CLI_CLIENT_SECRET\",\n authorizationParams: {\n access_type: \"offline\",\n include_granted_scopes: \"true\",\n prompt: \"consent\",\n },\n fileOutput: {\n type: \"authorized_user\",\n relativePath: \"gws.json\",\n targetPath: \"/root/.config/gws/credentials.json\",\n },\n },\n ];\n}\n\nexport function getOAuthServices(): OAuthService[] {\n const raw = process.env.MAMA_OAUTH_SERVICES_JSON?.trim();\n const builtins = getBuiltinOAuthServices();\n if (!raw) return builtins;\n\n let parsed: unknown;\n try {\n parsed = JSON.parse(raw);\n } catch (err) {\n log.logWarning(\n \"Ignoring MAMA_OAUTH_SERVICES_JSON: invalid JSON\",\n err instanceof Error ? err.message : String(err),\n );\n return builtins;\n }\n if (!Array.isArray(parsed)) {\n log.logWarning(\n \"Ignoring MAMA_OAUTH_SERVICES_JSON: expected a JSON array of OAuth service definitions\",\n );\n return builtins;\n }\n try {\n const custom = parsed\n .map((entry): OAuthService | null => {\n if (!entry || typeof entry !== \"object\") return null;\n const obj = entry as Record<string, unknown>;\n const id = typeof obj.id === \"string\" ? obj.id.trim() : \"\";\n const label = typeof obj.label === \"string\" ? obj.label.trim() : \"\";\n const authorizationUrl =\n typeof obj.authorizationUrl === \"string\" ? obj.authorizationUrl.trim() : \"\";\n const tokenUrl = typeof obj.tokenUrl === \"string\" ? obj.tokenUrl.trim() : \"\";\n const clientIdEnvKey =\n typeof obj.clientIdEnvKey === \"string\" ? obj.clientIdEnvKey.trim() : \"\";\n const clientSecretEnvKey =\n typeof obj.clientSecretEnvKey === \"string\" ? obj.clientSecretEnvKey.trim() : \"\";\n const accessTokenEnvKey =\n typeof obj.accessTokenEnvKey === \"string\" ? obj.accessTokenEnvKey.trim() : undefined;\n if (\n !id ||\n !label ||\n !authorizationUrl ||\n !tokenUrl ||\n !clientIdEnvKey ||\n !clientSecretEnvKey\n ) {\n return null;\n }\n\n let fileOutput: OAuthService[\"fileOutput\"];\n if (obj.fileOutput && typeof obj.fileOutput === \"object\") {\n const fileOutputObj = obj.fileOutput as Record<string, unknown>;\n const type = typeof fileOutputObj.type === \"string\" ? fileOutputObj.type.trim() : \"\";\n const relativePath =\n typeof fileOutputObj.relativePath === \"string\" ? fileOutputObj.relativePath.trim() : \"\";\n const targetPath =\n typeof fileOutputObj.targetPath === \"string\"\n ? fileOutputObj.targetPath.trim()\n : undefined;\n const envKey =\n typeof fileOutputObj.envKey === \"string\" ? fileOutputObj.envKey.trim() : undefined;\n if (type === \"authorized_user\" && relativePath) {\n fileOutput = { type: \"authorized_user\", relativePath, targetPath, envKey };\n }\n }\n\n return {\n id: id.toLowerCase(),\n label,\n aliases: Array.isArray(obj.aliases)\n ? obj.aliases\n .filter((v): v is string => typeof v === \"string\")\n .map((v) => v.toLowerCase())\n : [id.toLowerCase()],\n authorizationUrl,\n tokenUrl,\n scopes: Array.isArray(obj.scopes)\n ? obj.scopes.filter((v): v is string => typeof v === \"string\")\n : [],\n clientIdEnvKey,\n clientSecretEnvKey,\n accessTokenEnvKey,\n additionalAccessTokenEnvKeys: Array.isArray(obj.additionalAccessTokenEnvKeys)\n ? obj.additionalAccessTokenEnvKeys.filter((v): v is string => typeof v === \"string\")\n : undefined,\n refreshTokenEnvKey:\n typeof obj.refreshTokenEnvKey === \"string\" ? obj.refreshTokenEnvKey.trim() : undefined,\n authorizationParams:\n obj.authorizationParams && typeof obj.authorizationParams === \"object\"\n ? Object.fromEntries(\n Object.entries(obj.authorizationParams as Record<string, unknown>).filter(\n (entry): entry is [string, string] => typeof entry[1] === \"string\",\n ),\n )\n : undefined,\n fileOutput,\n };\n })\n .filter((service): service is OAuthService => service !== null);\n\n const byId = new Map<string, OAuthService>();\n for (const service of builtins) byId.set(service.id, service);\n for (const service of custom) byId.set(service.id, service);\n return [...byId.values()];\n } catch (err) {\n log.logWarning(\n \"Failed to apply MAMA_OAUTH_SERVICES_JSON overrides; using builtin OAuth services\",\n err instanceof Error ? err.message : String(err),\n );\n return builtins;\n }\n}\n\nexport function resolveOAuthService(input: string): OAuthService | undefined {\n const normalized = input.trim().toLowerCase();\n if (!normalized) return undefined;\n return getOAuthServices().find(\n (service) => service.id === normalized || service.aliases.includes(normalized),\n );\n}\n\nexport function parseLoginCommand(text: string): ParsedLoginCommand | null {\n const tokens = text.trim().split(/\\s+/).filter(Boolean);\n if (tokens.length === 0) return null;\n\n const command = tokens[0].toLowerCase();\n if (command !== \"login\" && command !== \"/login\" && command !== \"/pi-login\") {\n return null;\n }\n\n return { command: command as \"login\" | \"/login\" | \"/pi-login\" };\n}\n"]}
package/dist/login/index.js CHANGED
@@ -1,3 +1,4 @@
1
+ import * as log from "../log.js";
1
2
  const DEFAULT_GOOGLE_WORKSPACE_CLI_SCOPES = [
2
3
  "https://www.googleapis.com/auth/drive",
3
4
  "https://mail.google.com/",
@@ -9,7 +10,7 @@ const DEFAULT_GOOGLE_WORKSPACE_CLI_SCOPES = [
9
10
  // Conservative default: enough for `gh` CLI repo/user/org operations, but
10
11
  // without `workflow` (can dispatch CI), `write:packages` (can publish
11
12
  // packages), or `project`. Operators who need those can opt in via
12
- // MOM_GITHUB_OAUTH_SCOPES to keep the blast radius of a compromised agent
13
+ // MAMA_GITHUB_OAUTH_SCOPES to keep the blast radius of a compromised agent
13
14
  // host explicit and configurable.
14
15
  const DEFAULT_GITHUB_OAUTH_SCOPES = ["repo", "read:user", "user:email", "read:org", "gist"];
15
16
  function resolveScopesFromEnv(envKey, fallback) {
@@ -23,10 +24,10 @@ function resolveScopesFromEnv(envKey, fallback) {
23
24
  return scopes.length > 0 ? scopes : fallback;
24
25
  }
25
26
  function resolveGoogleWorkspaceCliScopes() {
26
- return resolveScopesFromEnv("MOM_GOOGLE_WORKSPACE_CLI_OAUTH_SCOPES", DEFAULT_GOOGLE_WORKSPACE_CLI_SCOPES);
27
+ return resolveScopesFromEnv("MAMA_GOOGLE_WORKSPACE_CLI_OAUTH_SCOPES", DEFAULT_GOOGLE_WORKSPACE_CLI_SCOPES);
27
28
  }
28
29
  function resolveGitHubOAuthScopes() {
29
- return resolveScopesFromEnv("MOM_GITHUB_OAUTH_SCOPES", DEFAULT_GITHUB_OAUTH_SCOPES);
30
+ return resolveScopesFromEnv("MAMA_GITHUB_OAUTH_SCOPES", DEFAULT_GITHUB_OAUTH_SCOPES);
30
31
  }
31
32
  function getBuiltinOAuthServices() {
32
33
  return [
@@ -66,14 +67,23 @@ function getBuiltinOAuthServices() {
66
67
  ];
67
68
  }
68
69
  export function getOAuthServices() {
69
- const raw = process.env.MOM_OAUTH_SERVICES_JSON?.trim();
70
+ const raw = process.env.MAMA_OAUTH_SERVICES_JSON?.trim();
70
71
  const builtins = getBuiltinOAuthServices();
71
72
  if (!raw)
72
73
  return builtins;
74
+ let parsed;
75
+ try {
76
+ parsed = JSON.parse(raw);
77
+ }
78
+ catch (err) {
79
+ log.logWarning("Ignoring MAMA_OAUTH_SERVICES_JSON: invalid JSON", err instanceof Error ? err.message : String(err));
80
+ return builtins;
81
+ }
82
+ if (!Array.isArray(parsed)) {
83
+ log.logWarning("Ignoring MAMA_OAUTH_SERVICES_JSON: expected a JSON array of OAuth service definitions");
84
+ return builtins;
85
+ }
73
86
  try {
74
- const parsed = JSON.parse(raw);
75
- if (!Array.isArray(parsed))
76
- return builtins;
77
87
  const custom = parsed
78
88
  .map((entry) => {
79
89
  if (!entry || typeof entry !== "object")
@@ -141,7 +151,8 @@ export function getOAuthServices() {
141
151
  byId.set(service.id, service);
142
152
  return [...byId.values()];
143
153
  }
144
- catch {
154
+ catch (err) {
155
+ log.logWarning("Failed to apply MAMA_OAUTH_SERVICES_JSON overrides; using builtin OAuth services", err instanceof Error ? err.message : String(err));
145
156
  return builtins;
146
157
  }
147
158
  }
package/dist/login/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/login/index.ts"],"names":[],"mappings":"AA6BA,MAAM,mCAAmC,GAAG;IAC1C,uCAAuC;IACvC,0BAA0B;IAC1B,0CAA0C;IAC1C,8CAA8C;IAC9C,2CAA2C;IAC3C,sDAAsD;CACvD,CAAC;AAEF,0EAA0E;AAC1E,sEAAsE;AACtE,mEAAmE;AACnE,0EAA0E;AAC1E,kCAAkC;AAClC,MAAM,2BAA2B,GAAG,CAAC,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;AAE5F,SAAS,oBAAoB,CAAC,MAAc,EAAE,QAAkB;IAC9D,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC;IACxC,IAAI,CAAC,GAAG;QAAE,OAAO,QAAQ,CAAC;IAE1B,MAAM,MAAM,GAAG,GAAG;SACf,KAAK,CAAC,QAAQ,CAAC;SACf,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;SAC5B,MAAM,CAAC,OAAO,CAAC,CAAC;IAEnB,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC;AAC/C,CAAC;AAED,SAAS,+BAA+B;IACtC,OAAO,oBAAoB,CACzB,uCAAuC,EACvC,mCAAmC,CACpC,CAAC;AACJ,CAAC;AAED,SAAS,wBAAwB;IAC/B,OAAO,oBAAoB,CAAC,yBAAyB,EAAE,2BAA2B,CAAC,CAAC;AACtF,CAAC;AAED,SAAS,uBAAuB;IAC9B,OAAO;QACL;YACE,EAAE,EAAE,QAAQ;YACZ,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,CAAC,QAAQ,EAAE,cAAc,EAAE,UAAU,CAAC;YAC/C,gBAAgB,EAAE,0CAA0C;YAC5D,QAAQ,EAAE,6CAA6C;YACvD,MAAM,EAAE,wBAAwB,EAAE;YAClC,cAAc,EAAE,wBAAwB;YACxC,kBAAkB,EAAE,4BAA4B;YAChD,iBAAiB,EAAE,2BAA2B;YAC9C,4BAA4B,EAAE,CAAC,UAAU,CAAC;YAC1C,kBAAkB,EAAE,4BAA4B;SACjD;QACD;YACE,EAAE,EAAE,sBAAsB;YAC1B,KAAK,EAAE,sBAAsB;YAC7B,OAAO,EAAE,CAAC,sBAAsB,EAAE,KAAK,EAAE,iBAAiB,EAAE,sBAAsB,CAAC;YACnF,gBAAgB,EAAE,8CAA8C;YAChE,QAAQ,EAAE,qCAAqC;YAC/C,MAAM,EAAE,+BAA+B,EAAE;YACzC,cAAc,EAAE,gCAAgC;YAChD,kBAAkB,EAAE,oCAAoC;YACxD,mBAAmB,EAAE;gBACnB,WAAW,EAAE,SAAS;gBACtB,sBAAsB,EAAE,MAAM;gBAC9B,MAAM,EAAE,SAAS;aAClB;YACD,UAAU,EAAE;gBACV,IAAI,EAAE,iBAAiB;gBACvB,YAAY,EAAE,UAAU;gBACxB,UAAU,EAAE,oCAAoC;aACjD;SACF;KACF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB;IAC9B,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB,EAAE,IAAI,EAAE,CAAC;IACxD,MAAM,QAAQ,GAAG,uBAAuB,EAAE,CAAC;IAC3C,IAAI,CAAC,GAAG;QAAE,OAAO,QAAQ,CAAC;IAE1B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAY,CAAC;QAC1C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;YAAE,OAAO,QAAQ,CAAC;QAE5C,MAAM,MAAM,GAAG,MAAM;aAClB,GAAG,CAAC,CAAC,KAAK,EAAuB,EAAE;YAClC,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ;gBAAE,OAAO,IAAI,CAAC;YACrD,MAAM,GAAG,GAAG,KAAgC,CAAC;YAC7C,MAAM,EAAE,GAAG,OAAO,GAAG,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3D,MAAM,KAAK,GAAG,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACpE,MAAM,gBAAgB,GACpB,OAAO,GAAG,CAAC,gBAAgB,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9E,MAAM,QAAQ,GAAG,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7E,MAAM,cAAc,GAClB,OAAO,GAAG,CAAC,cAAc,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1E,MAAM,kBAAkB,GACtB,OAAO,GAAG,CAAC,kBAAkB,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAClF,MAAM,iBAAiB,GACrB,OAAO,GAAG,CAAC,iBAAiB,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;YACvF,IACE,CAAC,EAAE;gBACH,CAAC,KAAK;gBACN,CAAC,gBAAgB;gBACjB,CAAC,QAAQ;gBACT,CAAC,cAAc;gBACf,CAAC,kBAAkB,EACnB,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,IAAI,UAAsC,CAAC;YAC3C,IAAI,GAAG,CAAC,UAAU,IAAI,OAAO,GAAG,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;gBACzD,MAAM,aAAa,GAAG,GAAG,CAAC,UAAqC,CAAC;gBAChE,MAAM,IAAI,GAAG,OAAO,aAAa,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrF,MAAM,YAAY,GAChB,OAAO,aAAa,CAAC,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC1F,MAAM,UAAU,GACd,OAAO,aAAa,CAAC,UAAU,KAAK,QAAQ;oBAC1C,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,EAAE;oBACjC,CAAC,CAAC,SAAS,CAAC;gBAChB,MAAM,MAAM,GACV,OAAO,aAAa,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;gBACrF,IAAI,IAAI,KAAK,iBAAiB,IAAI,YAAY,EAAE,CAAC;oBAC/C,UAAU,GAAG,EAAE,IAAI,EAAE,iBAAiB,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC;gBAC7E,CAAC;YACH,CAAC;YAED,OAAO;gBACL,EAAE,EAAE,EAAE,CAAC,WAAW,EAAE;gBACpB,KAAK;gBACL,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC;oBACjC,CAAC,CAAC,GAAG,CAAC,OAAO;yBACR,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;yBACjD,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;oBAChC,CAAC,CAAC,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC;gBACtB,gBAAgB;gBAChB,QAAQ;gBACR,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC;oBAC/B,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;oBAC9D,CAAC,CAAC,EAAE;gBACN,cAAc;gBACd,kBAAkB;gBAClB,iBAAiB;gBACjB,4BAA4B,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC;oBAC3E,CAAC,CAAC,GAAG,CAAC,4BAA4B,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;oBACpF,CAAC,CAAC,SAAS;gBACb,kBAAkB,EAChB,OAAO,GAAG,CAAC,kBAAkB,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS;gBACxF,mBAAmB,EACjB,GAAG,CAAC,mBAAmB,IAAI,OAAO,GAAG,CAAC,mBAAmB,KAAK,QAAQ;oBACpE,CAAC,CAAC,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,mBAA8C,CAAC,CAAC,MAAM,CACvE,CAAC,KAAK,EAA6B,EAAE,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,QAAQ,CACnE,CACF;oBACH,CAAC,CAAC,SAAS;gBACf,UAAU;aACX,CAAC;QACJ,CAAC,CAAC;aACD,MAAM,CAAC,CAAC,OAAO,EAA2B,EAAE,CAAC,OAAO,KAAK,IAAI,CAAC,CAAC;QAElE,MAAM,IAAI,GAAG,IAAI,GAAG,EAAwB,CAAC;QAC7C,KAAK,MAAM,OAAO,IAAI,QAAQ;YAAE,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QAC9D,KAAK,MAAM,OAAO,IAAI,MAAM;YAAE,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QAC5D,OAAO,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,QAAQ,CAAC;IAClB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,KAAa;IAC/C,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC9C,IAAI,CAAC,UAAU;QAAE,OAAO,SAAS,CAAC;IAClC,OAAO,gBAAgB,EAAE,CAAC,IAAI,CAC5B,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,KAAK,UAAU,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,CAC/E,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,IAAY;IAC5C,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACxD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAErC,MAAM,OAAO,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;IACxC,IAAI,OAAO,KAAK,OAAO,IAAI,OAAO,KAAK,QAAQ,IAAI,OAAO,KAAK,WAAW,EAAE,CAAC;QAC3E,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,OAA2C,EAAE,CAAC;AAClE,CAAC","sourcesContent":["export type LoginCredentialKind = \"api_key\" | \"oauth\";\n\nexport interface OAuthAuthorizedUserFileOutput {\n type: \"authorized_user\";\n relativePath: string;\n targetPath?: string;\n envKey?: string;\n}\n\nexport interface OAuthService {\n id: string;\n label: string;\n aliases: string[];\n authorizationUrl: string;\n tokenUrl: string;\n scopes: string[];\n clientIdEnvKey: string;\n clientSecretEnvKey: string;\n accessTokenEnvKey?: string;\n additionalAccessTokenEnvKeys?: string[];\n refreshTokenEnvKey?: string;\n authorizationParams?: Record<string, string>;\n fileOutput?: OAuthAuthorizedUserFileOutput;\n}\n\nexport interface ParsedLoginCommand {\n command: \"login\" | \"/login\" | \"/pi-login\";\n}\n\nconst DEFAULT_GOOGLE_WORKSPACE_CLI_SCOPES = [\n \"https://www.googleapis.com/auth/drive\",\n \"https://mail.google.com/\",\n \"https://www.googleapis.com/auth/calendar\",\n \"https://www.googleapis.com/auth/spreadsheets\",\n \"https://www.googleapis.com/auth/documents\",\n \"https://www.googleapis.com/auth/chat.messages.create\",\n];\n\n// Conservative default: enough for `gh` CLI repo/user/org operations, but\n// without `workflow` (can dispatch CI), `write:packages` (can publish\n// packages), or `project`. Operators who need those can opt in via\n// MOM_GITHUB_OAUTH_SCOPES to keep the blast radius of a compromised agent\n// host explicit and configurable.\nconst DEFAULT_GITHUB_OAUTH_SCOPES = [\"repo\", \"read:user\", \"user:email\", \"read:org\", \"gist\"];\n\nfunction resolveScopesFromEnv(envKey: string, fallback: string[]): string[] {\n const raw = process.env[envKey]?.trim();\n if (!raw) return fallback;\n\n const scopes = raw\n .split(/[\\s,]+/)\n .map((scope) => scope.trim())\n .filter(Boolean);\n\n return scopes.length > 0 ? scopes : fallback;\n}\n\nfunction resolveGoogleWorkspaceCliScopes(): string[] {\n return resolveScopesFromEnv(\n \"MOM_GOOGLE_WORKSPACE_CLI_OAUTH_SCOPES\",\n DEFAULT_GOOGLE_WORKSPACE_CLI_SCOPES,\n );\n}\n\nfunction resolveGitHubOAuthScopes(): string[] {\n return resolveScopesFromEnv(\"MOM_GITHUB_OAUTH_SCOPES\", DEFAULT_GITHUB_OAUTH_SCOPES);\n}\n\nfunction getBuiltinOAuthServices(): OAuthService[] {\n return [\n {\n id: \"github\",\n label: \"GitHub\",\n aliases: [\"github\", \"github_oauth\", \"gh_oauth\"],\n authorizationUrl: \"https://github.com/login/oauth/authorize\",\n tokenUrl: \"https://github.com/login/oauth/access_token\",\n scopes: resolveGitHubOAuthScopes(),\n clientIdEnvKey: \"GITHUB_OAUTH_CLIENT_ID\",\n clientSecretEnvKey: \"GITHUB_OAUTH_CLIENT_SECRET\",\n accessTokenEnvKey: \"GITHUB_OAUTH_ACCESS_TOKEN\",\n additionalAccessTokenEnvKeys: [\"GH_TOKEN\"],\n refreshTokenEnvKey: \"GITHUB_OAUTH_REFRESH_TOKEN\",\n },\n {\n id: \"google_workspace_cli\",\n label: \"Google Workspace CLI\",\n aliases: [\"google_workspace_cli\", \"gws\", \"googleworkspace\", \"google-workspace-cli\"],\n authorizationUrl: \"https://accounts.google.com/o/oauth2/v2/auth\",\n tokenUrl: \"https://oauth2.googleapis.com/token\",\n scopes: resolveGoogleWorkspaceCliScopes(),\n clientIdEnvKey: \"GOOGLE_WORKSPACE_CLI_CLIENT_ID\",\n clientSecretEnvKey: \"GOOGLE_WORKSPACE_CLI_CLIENT_SECRET\",\n authorizationParams: {\n access_type: \"offline\",\n include_granted_scopes: \"true\",\n prompt: \"consent\",\n },\n fileOutput: {\n type: \"authorized_user\",\n relativePath: \"gws.json\",\n targetPath: \"/root/.config/gws/credentials.json\",\n },\n },\n ];\n}\n\nexport function getOAuthServices(): OAuthService[] {\n const raw = process.env.MOM_OAUTH_SERVICES_JSON?.trim();\n const builtins = getBuiltinOAuthServices();\n if (!raw) return builtins;\n\n try {\n const parsed = JSON.parse(raw) as unknown;\n if (!Array.isArray(parsed)) return builtins;\n\n const custom = parsed\n .map((entry): OAuthService | null => {\n if (!entry || typeof entry !== \"object\") return null;\n const obj = entry as Record<string, unknown>;\n const id = typeof obj.id === \"string\" ? obj.id.trim() : \"\";\n const label = typeof obj.label === \"string\" ? obj.label.trim() : \"\";\n const authorizationUrl =\n typeof obj.authorizationUrl === \"string\" ? obj.authorizationUrl.trim() : \"\";\n const tokenUrl = typeof obj.tokenUrl === \"string\" ? obj.tokenUrl.trim() : \"\";\n const clientIdEnvKey =\n typeof obj.clientIdEnvKey === \"string\" ? obj.clientIdEnvKey.trim() : \"\";\n const clientSecretEnvKey =\n typeof obj.clientSecretEnvKey === \"string\" ? obj.clientSecretEnvKey.trim() : \"\";\n const accessTokenEnvKey =\n typeof obj.accessTokenEnvKey === \"string\" ? obj.accessTokenEnvKey.trim() : undefined;\n if (\n !id ||\n !label ||\n !authorizationUrl ||\n !tokenUrl ||\n !clientIdEnvKey ||\n !clientSecretEnvKey\n ) {\n return null;\n }\n\n let fileOutput: OAuthService[\"fileOutput\"];\n if (obj.fileOutput && typeof obj.fileOutput === \"object\") {\n const fileOutputObj = obj.fileOutput as Record<string, unknown>;\n const type = typeof fileOutputObj.type === \"string\" ? fileOutputObj.type.trim() : \"\";\n const relativePath =\n typeof fileOutputObj.relativePath === \"string\" ? fileOutputObj.relativePath.trim() : \"\";\n const targetPath =\n typeof fileOutputObj.targetPath === \"string\"\n ? fileOutputObj.targetPath.trim()\n : undefined;\n const envKey =\n typeof fileOutputObj.envKey === \"string\" ? fileOutputObj.envKey.trim() : undefined;\n if (type === \"authorized_user\" && relativePath) {\n fileOutput = { type: \"authorized_user\", relativePath, targetPath, envKey };\n }\n }\n\n return {\n id: id.toLowerCase(),\n label,\n aliases: Array.isArray(obj.aliases)\n ? obj.aliases\n .filter((v): v is string => typeof v === \"string\")\n .map((v) => v.toLowerCase())\n : [id.toLowerCase()],\n authorizationUrl,\n tokenUrl,\n scopes: Array.isArray(obj.scopes)\n ? obj.scopes.filter((v): v is string => typeof v === \"string\")\n : [],\n clientIdEnvKey,\n clientSecretEnvKey,\n accessTokenEnvKey,\n additionalAccessTokenEnvKeys: Array.isArray(obj.additionalAccessTokenEnvKeys)\n ? obj.additionalAccessTokenEnvKeys.filter((v): v is string => typeof v === \"string\")\n : undefined,\n refreshTokenEnvKey:\n typeof obj.refreshTokenEnvKey === \"string\" ? obj.refreshTokenEnvKey.trim() : undefined,\n authorizationParams:\n obj.authorizationParams && typeof obj.authorizationParams === \"object\"\n ? Object.fromEntries(\n Object.entries(obj.authorizationParams as Record<string, unknown>).filter(\n (entry): entry is [string, string] => typeof entry[1] === \"string\",\n ),\n )\n : undefined,\n fileOutput,\n };\n })\n .filter((service): service is OAuthService => service !== null);\n\n const byId = new Map<string, OAuthService>();\n for (const service of builtins) byId.set(service.id, service);\n for (const service of custom) byId.set(service.id, service);\n return [...byId.values()];\n } catch {\n return builtins;\n }\n}\n\nexport function resolveOAuthService(input: string): OAuthService | undefined {\n const normalized = input.trim().toLowerCase();\n if (!normalized) return undefined;\n return getOAuthServices().find(\n (service) => service.id === normalized || service.aliases.includes(normalized),\n );\n}\n\nexport function parseLoginCommand(text: string): ParsedLoginCommand | null {\n const tokens = text.trim().split(/\\s+/).filter(Boolean);\n if (tokens.length === 0) return null;\n\n const command = tokens[0].toLowerCase();\n if (command !== \"login\" && command !== \"/login\" && command !== \"/pi-login\") {\n return null;\n }\n\n return { command: command as \"login\" | \"/login\" | \"/pi-login\" };\n}\n"]}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/login/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,GAAG,MAAM,WAAW,CAAC;AA+BjC,MAAM,mCAAmC,GAAG;IAC1C,uCAAuC;IACvC,0BAA0B;IAC1B,0CAA0C;IAC1C,8CAA8C;IAC9C,2CAA2C;IAC3C,sDAAsD;CACvD,CAAC;AAEF,0EAA0E;AAC1E,sEAAsE;AACtE,mEAAmE;AACnE,2EAA2E;AAC3E,kCAAkC;AAClC,MAAM,2BAA2B,GAAG,CAAC,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;AAE5F,SAAS,oBAAoB,CAAC,MAAc,EAAE,QAAkB;IAC9D,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC;IACxC,IAAI,CAAC,GAAG;QAAE,OAAO,QAAQ,CAAC;IAE1B,MAAM,MAAM,GAAG,GAAG;SACf,KAAK,CAAC,QAAQ,CAAC;SACf,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;SAC5B,MAAM,CAAC,OAAO,CAAC,CAAC;IAEnB,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC;AAC/C,CAAC;AAED,SAAS,+BAA+B;IACtC,OAAO,oBAAoB,CACzB,wCAAwC,EACxC,mCAAmC,CACpC,CAAC;AACJ,CAAC;AAED,SAAS,wBAAwB;IAC/B,OAAO,oBAAoB,CAAC,0BAA0B,EAAE,2BAA2B,CAAC,CAAC;AACvF,CAAC;AAED,SAAS,uBAAuB;IAC9B,OAAO;QACL;YACE,EAAE,EAAE,QAAQ;YACZ,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,CAAC,QAAQ,EAAE,cAAc,EAAE,UAAU,CAAC;YAC/C,gBAAgB,EAAE,0CAA0C;YAC5D,QAAQ,EAAE,6CAA6C;YACvD,MAAM,EAAE,wBAAwB,EAAE;YAClC,cAAc,EAAE,wBAAwB;YACxC,kBAAkB,EAAE,4BAA4B;YAChD,iBAAiB,EAAE,2BAA2B;YAC9C,4BAA4B,EAAE,CAAC,UAAU,CAAC;YAC1C,kBAAkB,EAAE,4BAA4B;SACjD;QACD;YACE,EAAE,EAAE,sBAAsB;YAC1B,KAAK,EAAE,sBAAsB;YAC7B,OAAO,EAAE,CAAC,sBAAsB,EAAE,KAAK,EAAE,iBAAiB,EAAE,sBAAsB,CAAC;YACnF,gBAAgB,EAAE,8CAA8C;YAChE,QAAQ,EAAE,qCAAqC;YAC/C,MAAM,EAAE,+BAA+B,EAAE;YACzC,cAAc,EAAE,gCAAgC;YAChD,kBAAkB,EAAE,oCAAoC;YACxD,mBAAmB,EAAE;gBACnB,WAAW,EAAE,SAAS;gBACtB,sBAAsB,EAAE,MAAM;gBAC9B,MAAM,EAAE,SAAS;aAClB;YACD,UAAU,EAAE;gBACV,IAAI,EAAE,iBAAiB;gBACvB,YAAY,EAAE,UAAU;gBACxB,UAAU,EAAE,oCAAoC;aACjD;SACF;KACF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB;IAC9B,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,wBAAwB,EAAE,IAAI,EAAE,CAAC;IACzD,MAAM,QAAQ,GAAG,uBAAuB,EAAE,CAAC;IAC3C,IAAI,CAAC,GAAG;QAAE,OAAO,QAAQ,CAAC;IAE1B,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,UAAU,CACZ,iDAAiD,EACjD,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CACjD,CAAC;QACF,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3B,GAAG,CAAC,UAAU,CACZ,uFAAuF,CACxF,CAAC;QACF,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM;aAClB,GAAG,CAAC,CAAC,KAAK,EAAuB,EAAE;YAClC,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ;gBAAE,OAAO,IAAI,CAAC;YACrD,MAAM,GAAG,GAAG,KAAgC,CAAC;YAC7C,MAAM,EAAE,GAAG,OAAO,GAAG,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3D,MAAM,KAAK,GAAG,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACpE,MAAM,gBAAgB,GACpB,OAAO,GAAG,CAAC,gBAAgB,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9E,MAAM,QAAQ,GAAG,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7E,MAAM,cAAc,GAClB,OAAO,GAAG,CAAC,cAAc,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1E,MAAM,kBAAkB,GACtB,OAAO,GAAG,CAAC,kBAAkB,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAClF,MAAM,iBAAiB,GACrB,OAAO,GAAG,CAAC,iBAAiB,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;YACvF,IACE,CAAC,EAAE;gBACH,CAAC,KAAK;gBACN,CAAC,gBAAgB;gBACjB,CAAC,QAAQ;gBACT,CAAC,cAAc;gBACf,CAAC,kBAAkB,EACnB,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,IAAI,UAAsC,CAAC;YAC3C,IAAI,GAAG,CAAC,UAAU,IAAI,OAAO,GAAG,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;gBACzD,MAAM,aAAa,GAAG,GAAG,CAAC,UAAqC,CAAC;gBAChE,MAAM,IAAI,GAAG,OAAO,aAAa,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrF,MAAM,YAAY,GAChB,OAAO,aAAa,CAAC,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC1F,MAAM,UAAU,GACd,OAAO,aAAa,CAAC,UAAU,KAAK,QAAQ;oBAC1C,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,EAAE;oBACjC,CAAC,CAAC,SAAS,CAAC;gBAChB,MAAM,MAAM,GACV,OAAO,aAAa,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;gBACrF,IAAI,IAAI,KAAK,iBAAiB,IAAI,YAAY,EAAE,CAAC;oBAC/C,UAAU,GAAG,EAAE,IAAI,EAAE,iBAAiB,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC;gBAC7E,CAAC;YACH,CAAC;YAED,OAAO;gBACL,EAAE,EAAE,EAAE,CAAC,WAAW,EAAE;gBACpB,KAAK;gBACL,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC;oBACjC,CAAC,CAAC,GAAG,CAAC,OAAO;yBACR,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;yBACjD,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;oBAChC,CAAC,CAAC,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC;gBACtB,gBAAgB;gBAChB,QAAQ;gBACR,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC;oBAC/B,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;oBAC9D,CAAC,CAAC,EAAE;gBACN,cAAc;gBACd,kBAAkB;gBAClB,iBAAiB;gBACjB,4BAA4B,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC;oBAC3E,CAAC,CAAC,GAAG,CAAC,4BAA4B,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;oBACpF,CAAC,CAAC,SAAS;gBACb,kBAAkB,EAChB,OAAO,GAAG,CAAC,kBAAkB,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS;gBACxF,mBAAmB,EACjB,GAAG,CAAC,mBAAmB,IAAI,OAAO,GAAG,CAAC,mBAAmB,KAAK,QAAQ;oBACpE,CAAC,CAAC,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,mBAA8C,CAAC,CAAC,MAAM,CACvE,CAAC,KAAK,EAA6B,EAAE,CAAC,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,QAAQ,CACnE,CACF;oBACH,CAAC,CAAC,SAAS;gBACf,UAAU;aACX,CAAC;QACJ,CAAC,CAAC;aACD,MAAM,CAAC,CAAC,OAAO,EAA2B,EAAE,CAAC,OAAO,KAAK,IAAI,CAAC,CAAC;QAElE,MAAM,IAAI,GAAG,IAAI,GAAG,EAAwB,CAAC;QAC7C,KAAK,MAAM,OAAO,IAAI,QAAQ;YAAE,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QAC9D,KAAK,MAAM,OAAO,IAAI,MAAM;YAAE,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QAC5D,OAAO,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IAC5B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,UAAU,CACZ,kFAAkF,EAClF,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CACjD,CAAC;QACF,OAAO,QAAQ,CAAC;IAClB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,KAAa;IAC/C,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC9C,IAAI,CAAC,UAAU;QAAE,OAAO,SAAS,CAAC;IAClC,OAAO,gBAAgB,EAAE,CAAC,IAAI,CAC5B,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,KAAK,UAAU,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,CAC/E,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,IAAY;IAC5C,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACxD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAErC,MAAM,OAAO,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;IACxC,IAAI,OAAO,KAAK,OAAO,IAAI,OAAO,KAAK,QAAQ,IAAI,OAAO,KAAK,WAAW,EAAE,CAAC;QAC3E,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,OAA2C,EAAE,CAAC;AAClE,CAAC","sourcesContent":["import * as log from \"../log.js\";\n\nexport type LoginCredentialKind = \"api_key\" | \"oauth\";\n\nexport interface OAuthAuthorizedUserFileOutput {\n type: \"authorized_user\";\n relativePath: string;\n targetPath?: string;\n envKey?: string;\n}\n\nexport interface OAuthService {\n id: string;\n label: string;\n aliases: string[];\n authorizationUrl: string;\n tokenUrl: string;\n scopes: string[];\n clientIdEnvKey: string;\n clientSecretEnvKey: string;\n accessTokenEnvKey?: string;\n additionalAccessTokenEnvKeys?: string[];\n refreshTokenEnvKey?: string;\n authorizationParams?: Record<string, string>;\n fileOutput?: OAuthAuthorizedUserFileOutput;\n}\n\nexport interface ParsedLoginCommand {\n command: \"login\" | \"/login\" | \"/pi-login\";\n}\n\nconst DEFAULT_GOOGLE_WORKSPACE_CLI_SCOPES = [\n \"https://www.googleapis.com/auth/drive\",\n \"https://mail.google.com/\",\n \"https://www.googleapis.com/auth/calendar\",\n \"https://www.googleapis.com/auth/spreadsheets\",\n \"https://www.googleapis.com/auth/documents\",\n \"https://www.googleapis.com/auth/chat.messages.create\",\n];\n\n// Conservative default: enough for `gh` CLI repo/user/org operations, but\n// without `workflow` (can dispatch CI), `write:packages` (can publish\n// packages), or `project`. Operators who need those can opt in via\n// MAMA_GITHUB_OAUTH_SCOPES to keep the blast radius of a compromised agent\n// host explicit and configurable.\nconst DEFAULT_GITHUB_OAUTH_SCOPES = [\"repo\", \"read:user\", \"user:email\", \"read:org\", \"gist\"];\n\nfunction resolveScopesFromEnv(envKey: string, fallback: string[]): string[] {\n const raw = process.env[envKey]?.trim();\n if (!raw) return fallback;\n\n const scopes = raw\n .split(/[\\s,]+/)\n .map((scope) => scope.trim())\n .filter(Boolean);\n\n return scopes.length > 0 ? scopes : fallback;\n}\n\nfunction resolveGoogleWorkspaceCliScopes(): string[] {\n return resolveScopesFromEnv(\n \"MAMA_GOOGLE_WORKSPACE_CLI_OAUTH_SCOPES\",\n DEFAULT_GOOGLE_WORKSPACE_CLI_SCOPES,\n );\n}\n\nfunction resolveGitHubOAuthScopes(): string[] {\n return resolveScopesFromEnv(\"MAMA_GITHUB_OAUTH_SCOPES\", DEFAULT_GITHUB_OAUTH_SCOPES);\n}\n\nfunction getBuiltinOAuthServices(): OAuthService[] {\n return [\n {\n id: \"github\",\n label: \"GitHub\",\n aliases: [\"github\", \"github_oauth\", \"gh_oauth\"],\n authorizationUrl: \"https://github.com/login/oauth/authorize\",\n tokenUrl: \"https://github.com/login/oauth/access_token\",\n scopes: resolveGitHubOAuthScopes(),\n clientIdEnvKey: \"GITHUB_OAUTH_CLIENT_ID\",\n clientSecretEnvKey: \"GITHUB_OAUTH_CLIENT_SECRET\",\n accessTokenEnvKey: \"GITHUB_OAUTH_ACCESS_TOKEN\",\n additionalAccessTokenEnvKeys: [\"GH_TOKEN\"],\n refreshTokenEnvKey: \"GITHUB_OAUTH_REFRESH_TOKEN\",\n },\n {\n id: \"google_workspace_cli\",\n label: \"Google Workspace CLI\",\n aliases: [\"google_workspace_cli\", \"gws\", \"googleworkspace\", \"google-workspace-cli\"],\n authorizationUrl: \"https://accounts.google.com/o/oauth2/v2/auth\",\n tokenUrl: \"https://oauth2.googleapis.com/token\",\n scopes: resolveGoogleWorkspaceCliScopes(),\n clientIdEnvKey: \"GOOGLE_WORKSPACE_CLI_CLIENT_ID\",\n clientSecretEnvKey: \"GOOGLE_WORKSPACE_CLI_CLIENT_SECRET\",\n authorizationParams: {\n access_type: \"offline\",\n include_granted_scopes: \"true\",\n prompt: \"consent\",\n },\n fileOutput: {\n type: \"authorized_user\",\n relativePath: \"gws.json\",\n targetPath: \"/root/.config/gws/credentials.json\",\n },\n },\n ];\n}\n\nexport function getOAuthServices(): OAuthService[] {\n const raw = process.env.MAMA_OAUTH_SERVICES_JSON?.trim();\n const builtins = getBuiltinOAuthServices();\n if (!raw) return builtins;\n\n let parsed: unknown;\n try {\n parsed = JSON.parse(raw);\n } catch (err) {\n log.logWarning(\n \"Ignoring MAMA_OAUTH_SERVICES_JSON: invalid JSON\",\n err instanceof Error ? err.message : String(err),\n );\n return builtins;\n }\n if (!Array.isArray(parsed)) {\n log.logWarning(\n \"Ignoring MAMA_OAUTH_SERVICES_JSON: expected a JSON array of OAuth service definitions\",\n );\n return builtins;\n }\n try {\n const custom = parsed\n .map((entry): OAuthService | null => {\n if (!entry || typeof entry !== \"object\") return null;\n const obj = entry as Record<string, unknown>;\n const id = typeof obj.id === \"string\" ? obj.id.trim() : \"\";\n const label = typeof obj.label === \"string\" ? obj.label.trim() : \"\";\n const authorizationUrl =\n typeof obj.authorizationUrl === \"string\" ? obj.authorizationUrl.trim() : \"\";\n const tokenUrl = typeof obj.tokenUrl === \"string\" ? obj.tokenUrl.trim() : \"\";\n const clientIdEnvKey =\n typeof obj.clientIdEnvKey === \"string\" ? obj.clientIdEnvKey.trim() : \"\";\n const clientSecretEnvKey =\n typeof obj.clientSecretEnvKey === \"string\" ? obj.clientSecretEnvKey.trim() : \"\";\n const accessTokenEnvKey =\n typeof obj.accessTokenEnvKey === \"string\" ? obj.accessTokenEnvKey.trim() : undefined;\n if (\n !id ||\n !label ||\n !authorizationUrl ||\n !tokenUrl ||\n !clientIdEnvKey ||\n !clientSecretEnvKey\n ) {\n return null;\n }\n\n let fileOutput: OAuthService[\"fileOutput\"];\n if (obj.fileOutput && typeof obj.fileOutput === \"object\") {\n const fileOutputObj = obj.fileOutput as Record<string, unknown>;\n const type = typeof fileOutputObj.type === \"string\" ? fileOutputObj.type.trim() : \"\";\n const relativePath =\n typeof fileOutputObj.relativePath === \"string\" ? fileOutputObj.relativePath.trim() : \"\";\n const targetPath =\n typeof fileOutputObj.targetPath === \"string\"\n ? fileOutputObj.targetPath.trim()\n : undefined;\n const envKey =\n typeof fileOutputObj.envKey === \"string\" ? fileOutputObj.envKey.trim() : undefined;\n if (type === \"authorized_user\" && relativePath) {\n fileOutput = { type: \"authorized_user\", relativePath, targetPath, envKey };\n }\n }\n\n return {\n id: id.toLowerCase(),\n label,\n aliases: Array.isArray(obj.aliases)\n ? obj.aliases\n .filter((v): v is string => typeof v === \"string\")\n .map((v) => v.toLowerCase())\n : [id.toLowerCase()],\n authorizationUrl,\n tokenUrl,\n scopes: Array.isArray(obj.scopes)\n ? obj.scopes.filter((v): v is string => typeof v === \"string\")\n : [],\n clientIdEnvKey,\n clientSecretEnvKey,\n accessTokenEnvKey,\n additionalAccessTokenEnvKeys: Array.isArray(obj.additionalAccessTokenEnvKeys)\n ? obj.additionalAccessTokenEnvKeys.filter((v): v is string => typeof v === \"string\")\n : undefined,\n refreshTokenEnvKey:\n typeof obj.refreshTokenEnvKey === \"string\" ? obj.refreshTokenEnvKey.trim() : undefined,\n authorizationParams:\n obj.authorizationParams && typeof obj.authorizationParams === \"object\"\n ? Object.fromEntries(\n Object.entries(obj.authorizationParams as Record<string, unknown>).filter(\n (entry): entry is [string, string] => typeof entry[1] === \"string\",\n ),\n )\n : undefined,\n fileOutput,\n };\n })\n .filter((service): service is OAuthService => service !== null);\n\n const byId = new Map<string, OAuthService>();\n for (const service of builtins) byId.set(service.id, service);\n for (const service of custom) byId.set(service.id, service);\n return [...byId.values()];\n } catch (err) {\n log.logWarning(\n \"Failed to apply MAMA_OAUTH_SERVICES_JSON overrides; using builtin OAuth services\",\n err instanceof Error ? err.message : String(err),\n );\n return builtins;\n }\n}\n\nexport function resolveOAuthService(input: string): OAuthService | undefined {\n const normalized = input.trim().toLowerCase();\n if (!normalized) return undefined;\n return getOAuthServices().find(\n (service) => service.id === normalized || service.aliases.includes(normalized),\n );\n}\n\nexport function parseLoginCommand(text: string): ParsedLoginCommand | null {\n const tokens = text.trim().split(/\\s+/).filter(Boolean);\n if (tokens.length === 0) return null;\n\n const command = tokens[0].toLowerCase();\n if (command !== \"login\" && command !== \"/login\" && command !== \"/pi-login\") {\n return null;\n }\n\n return { command: command as \"login\" | \"/login\" | \"/pi-login\" };\n}\n"]}