@h-rig/isolation-plugin 0.0.6-alpha.157 → 0.0.6-alpha.158

package/dist/src/isolation/home.js

@@ -0,0 +1,929 @@
+// @bun
+// packages/isolation-plugin/src/isolation/home.ts
+import {
+  chmodSync,
+  copyFileSync as copyFileSync2,
+  cpSync,
+  existsSync as existsSync4,
+  mkdirSync as mkdirSync3,
+  readFileSync as readFileSync3,
+  statSync as statSync3,
+  writeFileSync as writeFileSync2
+} from "fs";
+import { mkdir } from "fs/promises";
+import { basename, delimiter, resolve as resolve5 } from "path";
+import { resolveBunBinaryPath, resolveBunInstallDir, resolveClaudeBinaryPath, resolveClaudeInstallDir, resolveNodeInstallDir } from "@rig/core/runtime-paths";
+import { resolveRuntimeSecrets } from "@rig/core/baked-secrets";
+
+// packages/isolation-plugin/src/runtime-native.ts
+import { dlopen, ptr, suffix, toBuffer } from "bun:ffi";
+import { copyFileSync, existsSync as existsSync2, mkdirSync as mkdirSync2, renameSync as renameSync2, rmSync, statSync as statSync2 } from "fs";
+import { tmpdir as tmpdir2 } from "os";
+import { dirname, resolve as resolve2 } from "path";
+
+// packages/isolation-plugin/src/native-extract.ts
+import { existsSync, mkdirSync, readFileSync, renameSync, statSync, writeFileSync } from "fs";
+import { tmpdir } from "os";
+import { resolve } from "path";
+
+// packages/isolation-plugin/src/embedded-native-assets.ts
+var embeddedNatives = null;
+
+// packages/isolation-plugin/src/native-extract.ts
+var sharedNativeOutputDir = resolve(tmpdir(), "rig-native");
+var extractionCache = {};
+function extractEmbeddedNative(name) {
+  if (name in extractionCache) {
+    return extractionCache[name] ?? null;
+  }
+  const entry = embeddedNatives?.[name];
+  if (!entry) {
+    extractionCache[name] = null;
+    return null;
+  }
+  try {
+    const targetPath = resolve(sharedNativeOutputDir, entry.fileName);
+    mkdirSync(sharedNativeOutputDir, { recursive: true });
+    const upToDate = existsSync(targetPath) && statSync(targetPath).size === entry.size;
+    if (!upToDate) {
+      const bytes = readFileSync(entry.filePath);
+      const tempPath = `${targetPath}.${process.pid}.${Date.now()}.tmp`;
+      writeFileSync(tempPath, bytes, { mode: 493 });
+      renameSync(tempPath, targetPath);
+    }
+    extractionCache[name] = targetPath;
+  } catch {
+    extractionCache[name] = null;
+  }
+  return extractionCache[name] ?? null;
+}
+
+// packages/isolation-plugin/src/runtime-native.ts
+var sharedNativeRuntimeOutputDir = resolve2(tmpdir2(), "rig-native");
+var sharedNativeRuntimeOutputPath = resolve2(sharedNativeRuntimeOutputDir, `runtime-native-${process.platform}-${process.arch}.${suffix}`);
+var colocatedNativeRuntimeFileName = `runtime-native.${suffix}`;
+var nativeRuntimeLibrary = await loadNativeRuntimeLibrary();
+async function ensureNativeRuntimeLibraryPath(outputPath = sharedNativeRuntimeOutputPath, options = {}) {
+  const explicitLib = process.env.RIG_NATIVE_RUNTIME_LIB?.trim();
+  if (explicitLib && existsSync2(explicitLib)) {
+    return explicitLib;
+  }
+  const embeddedPath = extractEmbeddedNative("snapshot");
+  if (embeddedPath) {
+    return embeddedPath;
+  }
+  if (await buildNativeRuntimeLibrary(outputPath, options)) {
+    return outputPath;
+  }
+  return !options.force && existsSync2(outputPath) ? outputPath : null;
+}
+async function materializeNativeRuntimeLibrary(targetDir) {
+  const sourcePath = await ensureNativeRuntimeLibraryPath();
+  if (!sourcePath) {
+    return null;
+  }
+  const targetPath = resolve2(targetDir, colocatedNativeRuntimeFileName);
+  mkdirSync2(targetDir, { recursive: true });
+  const needsCopy = !existsSync2(targetPath) || statSync2(sourcePath).mtimeMs > statSync2(targetPath).mtimeMs;
+  if (needsCopy) {
+    copyFileSync(sourcePath, targetPath);
+  }
+  return targetPath;
+}
+async function loadNativeRuntimeLibrary() {
+  if (process.env.RIG_DISABLE_ZIG_NATIVE === "1") {
+    return null;
+  }
+  const explicitLib = process.env.RIG_NATIVE_RUNTIME_LIB?.trim();
+  if (explicitLib && existsSync2(explicitLib)) {
+    const loaded = tryDlopenNativeRuntimeLibrary(explicitLib);
+    if (loaded) {
+      return loaded;
+    }
+  }
+  const embeddedPath = extractEmbeddedNative("snapshot");
+  if (embeddedPath) {
+    const loaded = tryDlopenNativeRuntimeLibrary(embeddedPath);
+    if (loaded) {
+      return loaded;
+    }
+  }
+  for (const candidate of nativeRuntimeLibraryCandidates()) {
+    if (!candidate || !existsSync2(candidate)) {
+      continue;
+    }
+    const loaded = tryDlopenNativeRuntimeLibrary(candidate);
+    if (loaded) {
+      return loaded;
+    }
+  }
+  const builtLibraryPath = await ensureNativeRuntimeLibraryPath(sharedNativeRuntimeOutputPath, { force: true });
+  if (!builtLibraryPath) {
+    return null;
+  }
+  return tryDlopenNativeRuntimeLibrary(builtLibraryPath);
+}
+function nativePackageLibraryCandidates(fromDir, names) {
+  const candidates = [];
+  let cursor = resolve2(fromDir);
+  for (let index = 0;index < 8; index += 1) {
+    for (const name of names) {
+      candidates.push(resolve2(cursor, "native", `${process.platform}-${process.arch}`, name), resolve2(cursor, "native", `${process.platform}-${process.arch}`, "lib", name), resolve2(cursor, "native", name), resolve2(cursor, "native", "lib", name));
+    }
+    const parent = dirname(cursor);
+    if (parent === cursor)
+      break;
+    cursor = parent;
+  }
+  return candidates;
+}
+function nativeRuntimeLibraryCandidates() {
+  const explicit = process.env.RIG_NATIVE_RUNTIME_LIB?.trim() || "";
+  const execDir = process.execPath?.trim() ? dirname(process.execPath.trim()) : "";
+  const platformSpecific = `runtime-native-${process.platform}-${process.arch}.${suffix}`;
+  return [...new Set([
+    explicit,
+    ...nativePackageLibraryCandidates(import.meta.dir, [colocatedNativeRuntimeFileName, platformSpecific]),
+    execDir ? resolve2(execDir, colocatedNativeRuntimeFileName) : "",
+    execDir ? resolve2(execDir, platformSpecific) : "",
+    execDir ? resolve2(execDir, "..", colocatedNativeRuntimeFileName) : "",
+    execDir ? resolve2(execDir, "..", platformSpecific) : "",
+    execDir ? resolve2(execDir, "lib", colocatedNativeRuntimeFileName) : "",
+    execDir ? resolve2(execDir, "..", "lib", colocatedNativeRuntimeFileName) : "",
+    sharedNativeRuntimeOutputPath
+  ].filter(Boolean))];
+}
+function resolveNativeRuntimeSourcePath() {
+  const explicit = process.env.RIG_NATIVE_RUNTIME_SOURCE?.trim();
+  if (explicit && existsSync2(explicit)) {
+    return explicit;
+  }
+  const bundled = resolve2(import.meta.dir, "../native/snapshot.zig");
+  return existsSync2(bundled) ? bundled : null;
+}
+async function buildNativeRuntimeLibrary(outputPath, options = {}) {
+  if (process.env.RIG_DISABLE_ZIG_NATIVE === "1") {
+    return false;
+  }
+  const zigBinary = Bun.which("zig");
+  const sourcePath = resolveNativeRuntimeSourcePath();
+  if (!zigBinary || !sourcePath) {
+    return false;
+  }
+  const tempOutputPath = `${outputPath}.${process.pid}.${Date.now()}.${Math.random().toString(36).slice(2)}.tmp`;
+  try {
+    mkdirSync2(dirname(outputPath), { recursive: true });
+    const needsBuild = options.force === true || !existsSync2(outputPath) || statSync2(sourcePath).mtimeMs > statSync2(outputPath).mtimeMs;
+    if (!needsBuild) {
+      return true;
+    }
+    const build = Bun.spawn([
+      zigBinary,
+      "build-lib",
+      sourcePath,
+      "-dynamic",
+      "-O",
+      "ReleaseFast",
+      `-femit-bin=${tempOutputPath}`
+    ], {
+      cwd: import.meta.dir,
+      stdout: "pipe",
+      stderr: "pipe"
+    });
+    const exitCode = await build.exited;
+    if (exitCode !== 0 || !existsSync2(tempOutputPath)) {
+      rmSync(tempOutputPath, { force: true });
+      return false;
+    }
+    renameSync2(tempOutputPath, outputPath);
+    return true;
+  } catch {
+    rmSync(tempOutputPath, { force: true });
+    return false;
+  }
+}
+function tryDlopenNativeRuntimeLibrary(outputPath) {
+  try {
+    return dlopen(outputPath, {
+      rig_scope_match: {
+        args: ["ptr", "ptr"],
+        returns: "u8"
+      },
+      snapshot_capture: {
+        args: ["ptr", "u64", "ptr", "u64"],
+        returns: "ptr"
+      },
+      snapshot_delta: {
+        args: ["ptr", "ptr"],
+        returns: "ptr"
+      },
+      snapshot_store_delta: {
+        args: ["ptr", "ptr", "ptr", "u64", "ptr", "u64", "ptr", "u64", "ptr", "u64"],
+        returns: "ptr"
+      },
+      snapshot_inspect_delta: {
+        args: ["ptr", "u64"],
+        returns: "ptr"
+      },
+      snapshot_apply_delta: {
+        args: ["ptr", "u64", "ptr", "u64"],
+        returns: "ptr"
+      },
+      snapshot_release: {
+        args: ["ptr"],
+        returns: "void"
+      },
+      runtime_hash_file: {
+        args: ["ptr", "u64"],
+        returns: "ptr"
+      },
+      runtime_hash_tree: {
+        args: ["ptr", "u64"],
+        returns: "ptr"
+      },
+      runtime_prepare_paths: {
+        args: ["ptr", "u64", "ptr", "u64", "ptr", "u64", "ptr", "u64", "ptr", "u64"],
+        returns: "ptr"
+      },
+      runtime_link_dependency_layer: {
+        args: ["ptr", "u64", "ptr", "u64"],
+        returns: "ptr"
+      },
+      runtime_scan_worktrees: {
+        args: ["ptr", "u64"],
+        returns: "ptr"
+      }
+    });
+  } catch {
+    return null;
+  }
+}
+
+// packages/isolation-plugin/src/isolation/home.ts
+import { browserEnvFromContext, loadRuntimeContext, runtimeMemoryEnvFromContext, RUNTIME_CONTEXT_ENV } from "@rig/core/runtime-context";
+
+// packages/isolation-plugin/src/isolation/shared.ts
+import { existsSync as existsSync3, readFileSync as readFileSync2, rmSync as rmSync2 } from "fs";
+import { resolve as resolve3 } from "path";
+import { agentId, safeGitRefComponent, taskRuntimeId } from "@rig/core/safe-identifiers";
+import { resolveCheckoutRoot } from "@rig/core/checkout-root";
+function isRuntimeGatewayGhPath(candidate) {
+  return /\/\.rig\/bin\/gh$/.test(candidate.replace(/\\/g, "/"));
+}
+function resolveGithubCliBinary(options = {}) {
+  const candidates = new Set;
+  const explicit = process.env.RIG_GH_BIN?.trim();
+  if (explicit) {
+    candidates.add(explicit);
+  }
+  for (const candidate of ["/usr/bin/gh", "/opt/homebrew/bin/gh", "/usr/local/bin/gh"]) {
+    candidates.add(candidate);
+  }
+  if (options.scanPath) {
+    for (const entry of (process.env.PATH || "").split(":").map((value) => value.trim()).filter(Boolean)) {
+      candidates.add(resolve3(entry, "gh"));
+    }
+  }
+  const bunResolved = Bun.which("gh");
+  if (bunResolved) {
+    candidates.add(bunResolved);
+  }
+  for (const candidate of candidates) {
+    if (candidate && existsSync3(candidate) && !isRuntimeGatewayGhPath(candidate)) {
+      return candidate;
+    }
+  }
+  return "";
+}
+var generatedCredentialFiles = new Set;
+var credentialCleanupRegistered = false;
+function resolveMonorepoRoot(projectRoot) {
+  return resolveCheckoutRoot(projectRoot);
+}
+function sha256Hex(input) {
+  const hasher = new Bun.CryptoHasher("sha256");
+  hasher.update(input);
+  return hasher.digest("hex");
+}
+function registerCredentialCleanup(path) {
+  generatedCredentialFiles.add(path);
+  if (credentialCleanupRegistered) {
+    return;
+  }
+  credentialCleanupRegistered = true;
+  const cleanup = () => {
+    for (const filePath of generatedCredentialFiles) {
+      try {
+        rmSync2(filePath, { force: true });
+      } catch {}
+    }
+    generatedCredentialFiles.clear();
+  };
+  process.on("exit", cleanup);
+  process.on("beforeExit", cleanup);
+}
+function hashProjectPath(workspaceDir) {
+  return sha256Hex(workspaceDir).slice(0, 16);
+}
+async function resolveGithubCliAuthToken(ghBinary = "") {
+  const gh = ghBinary || resolveGithubCliBinary();
+  if (!gh) {
+    return "";
+  }
+  const auth = Bun.spawn([gh, "auth", "token"], {
+    stdout: "pipe",
+    stderr: "pipe"
+  });
+  const [exitCode, stdout] = await Promise.all([
+    auth.exited,
+    new Response(auth.stdout).text()
+  ]);
+  if (exitCode !== 0) {
+    return "";
+  }
+  return stdout.trim();
+}
+function resolveSystemCertBundlePath() {
+  const candidates = [
+    process.env.SSL_CERT_FILE?.trim(),
+    "/etc/ssl/cert.pem",
+    "/private/etc/ssl/cert.pem",
+    "/opt/homebrew/etc/openssl@3/cert.pem"
+  ];
+  for (const candidate of candidates) {
+    if (candidate && existsSync3(candidate)) {
+      return resolve3(candidate);
+    }
+  }
+  return "";
+}
+function readKnownHosts(path) {
+  if (!existsSync3(path)) {
+    return new Set;
+  }
+  return new Set(readFileSync2(path, "utf-8").split(/\r?\n/).map((line) => line.trim()).filter(Boolean));
+}
+
+// packages/isolation-plugin/src/isolation/git-native.ts
+import { tmpdir as tmpdir3 } from "os";
+import { dirname as dirname2, isAbsolute, resolve as resolve4 } from "path";
+var sharedGitNativeOutputDir = resolve4(tmpdir3(), "rig-native");
+var sharedGitNativeOutputPath = resolve4(sharedGitNativeOutputDir, `rig-git-${process.platform}-${process.arch}${process.platform === "win32" ? ".exe" : ""}`);
+function runtimeRigGitFileName() {
+  return `rig-git${process.platform === "win32" ? ".exe" : ""}`;
+}
+
+// packages/isolation-plugin/src/isolation/home.ts
+var GITHUB_SSH_KEY_PLACEHOLDER = "<base64 encoded>";
+var GITHUB_KNOWN_HOSTS = [
+  "github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl",
+  "github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=",
+  "github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk="
+].join(`
+`);
+function authStateToken(env = process.env) {
+  const file = env.RIG_GITHUB_AUTH_STATE_FILE?.trim();
+  if (!file || !existsSync4(file))
+    return null;
+  try {
+    const parsed = JSON.parse(readFileSync3(file, "utf8"));
+    const token = typeof parsed.token === "string" ? parsed.token.trim() : "";
+    return token.length > 0 ? token : null;
+  } catch {
+    return null;
+  }
+}
+function resolveControlPlaneSourceRoot(projectRoot) {
+  const candidates = [
+    process.env.RIG_CONTROL_PLANE_SOURCE_ROOT?.trim(),
+    process.env.RIG_HOST_PROJECT_ROOT?.trim(),
+    resolve5(import.meta.dir, "../../../../.."),
+    projectRoot
+  ].filter((value) => Boolean(value));
+  for (const candidate of candidates) {
+    const root = resolve5(candidate);
+    if (existsSync4(resolve5(root, "packages/cli/bin/rig.ts"))) {
+      return root;
+    }
+  }
+  return "";
+}
+async function runtimeEnv(projectRoot, runtime) {
+  const bunBinaryPath = resolveBunBinaryPath();
+  const bunDir = resolveBunInstallDir(bunBinaryPath);
+  const claudeBinaryPath = process.env.RIG_CLAUDE_PATH?.trim() || (() => {
+    try {
+      return resolveClaudeBinaryPath();
+    } catch {
+      return "";
+    }
+  })();
+  const claudeDir = claudeBinaryPath ? (() => {
+    try {
+      return resolveClaudeInstallDir();
+    } catch {
+      return resolve5(claudeBinaryPath, "..");
+    }
+  })() : "";
+  const nodeDir = resolveNodeInstallDir();
+  const hostGhBinary = resolveGithubCliBinary();
+  const runtimeCertBundlePath = await materializeRuntimeCertBundle(runtime);
+  const monorepoMainRoot = resolveMonorepoRoot(projectRoot);
+  const realHome = process.env.HOME?.trim();
+  const inheritedPath = (process.env.PATH ?? "").split(delimiter).map((entry) => entry.trim()).filter(Boolean).filter((entry) => !entry.endsWith("/.rig/bin") && !entry.endsWith("/rig/tools"));
+  const pathEntries = [
+    runtime.binDir,
+    `${projectRoot}/rig/tools`,
+    `${bunDir}/bin`,
+    claudeDir,
+    nodeDir ? `${nodeDir}/bin` : "",
+    realHome ? resolve5(realHome, ".local/bin") : "",
+    realHome ? resolve5(realHome, ".cargo/bin") : "",
+    ...inheritedPath,
+    "/usr/local/bin",
+    "/usr/local/sbin",
+    "/opt/homebrew/bin",
+    "/opt/homebrew/sbin",
+    "/usr/bin",
+    "/bin",
+    "/usr/sbin",
+    "/sbin"
+  ].filter(Boolean);
+  const runtimeBash = resolve5(runtime.binDir, "bash");
+  const runtimeRigGit = resolve5(runtime.binDir, runtimeRigGitFileName());
+  const preferredShell = existsSync4(runtimeBash) ? runtimeBash : "/bin/bash";
+  const nativeRuntimeLibraryPath = await materializeNativeRuntimeLibrary(runtime.binDir);
+  const controlPlaneSourceRoot = resolveControlPlaneSourceRoot(projectRoot);
+  const env = {
+    PROJECT_RIG_ROOT: projectRoot,
+    RIG_HOST_PROJECT_ROOT: projectRoot,
+    ...controlPlaneSourceRoot ? { RIG_CONTROL_PLANE_SOURCE_ROOT: controlPlaneSourceRoot } : {},
+    HOME: runtime.homeDir,
+    TMPDIR: runtime.tmpDir,
+    XDG_CACHE_HOME: runtime.cacheDir,
+    XDG_STATE_HOME: runtime.stateDir,
+    RIG_AGENT_ID: runtime.id,
+    ...process.env.RIG_RUN_ID?.trim() ? { RIG_RUN_ID: process.env.RIG_RUN_ID.trim() } : {},
+    ...process.env.RIG_SERVER_RUN_ID?.trim() ? { RIG_SERVER_RUN_ID: process.env.RIG_SERVER_RUN_ID.trim() } : {},
+    ...process.env.RIG_SERVER_URL?.trim() ? { RIG_SERVER_URL: process.env.RIG_SERVER_URL.trim() } : {},
+    ...process.env.RIG_AUTH_TOKEN?.trim() ? { RIG_AUTH_TOKEN: process.env.RIG_AUTH_TOKEN.trim() } : {},
+    RIG_TASK_ID: runtime.taskId,
+    RIG_TASK_RUNTIME_ID: runtime.id,
+    RIG_TASK_WORKSPACE: runtime.workspaceDir,
+    RIG_TASK_RUNTIME_MODE: runtime.mode,
+    RIG_RUNTIME_MODE: runtime.mode,
+    RIG_RUNTIME_ADAPTER: "pi",
+    RIG_RUNTIME_HOME: runtime.rootDir,
+    RIG_RUNTIME_BIN_DIR: runtime.binDir,
+    ...existsSync4(runtimeRigGit) ? { RIG_NATIVE_GIT_BIN: runtimeRigGit } : {},
+    RIG_BUN_PATH: bunBinaryPath,
+    ...claudeBinaryPath ? { RIG_CLAUDE_PATH: claudeBinaryPath } : {},
+    RIG_AGENT_BIN: resolve5(runtime.binDir, "rig-agent"),
+    RIG_HOOKS_ACTIVE: "1",
+    RIG_AUTO_PR_ON_COMPLETE: "1",
+    RIG_POLICY_FILE: resolve5(projectRoot, "rig/policy/policy.json"),
+    RIG_STATE_DIR: runtime.stateDir,
+    RIG_LOGS_DIR: runtime.logsDir,
+    RIG_SESSION_FILE: resolve5(runtime.sessionDir, "session.json"),
+    MONOREPO_ROOT: runtime.workspaceDir,
+    MONOREPO_MAIN_ROOT: monorepoMainRoot,
+    TS_API_TESTS_DIR: resolve5(runtime.workspaceDir, "TSAPITests"),
+    BASH: preferredShell,
+    SHELL: preferredShell,
+    PATH: [...new Set(pathEntries)].join(delimiter),
+    LANG: process.env.LANG ?? "en_US.UTF-8",
+    TERM: process.env.TERM ?? "xterm-256color",
+    PYTHONDONTWRITEBYTECODE: "1",
+    PYTHONPYCACHEPREFIX: resolve5(runtime.cacheDir, "python"),
+    ...process.env.RIG_PR_BASE_PROJECT && { RIG_PR_BASE_PROJECT: process.env.RIG_PR_BASE_PROJECT },
+    ...process.env.RIG_PR_BASE_MONOREPO && { RIG_PR_BASE_MONOREPO: process.env.RIG_PR_BASE_MONOREPO },
+    CLAUDE_HOME: runtime.claudeHomeDir,
+    PI_CODING_AGENT_DIR: resolve5(runtime.homeDir, ".pi", "agent"),
+    OMP_SKIP_SETUP: "1",
+    [RUNTIME_CONTEXT_ENV]: runtime.contextFile,
+    ...nativeRuntimeLibraryPath ? { RIG_NATIVE_RUNTIME_LIB: nativeRuntimeLibraryPath } : {},
+    ...hostGhBinary ? { RIG_GH_BIN: hostGhBinary } : {},
+    ...runtimeCertBundlePath ? {
+      SSL_CERT_FILE: runtimeCertBundlePath,
+      CURL_CA_BUNDLE: runtimeCertBundlePath,
+      REQUESTS_CA_BUNDLE: runtimeCertBundlePath,
+      NODE_EXTRA_CA_CERTS: runtimeCertBundlePath
+    } : {}
+  };
+  const knownHostsPath = resolve5(runtime.homeDir, ".ssh", "known_hosts");
+  if (existsSync4(knownHostsPath)) {
+    const agentSshKey = resolve5(runtime.homeDir, ".ssh", "rig-agent-key");
+    const sshParts = [
+      "ssh",
+      `-o UserKnownHostsFile="${knownHostsPath}"`,
+      "-o StrictHostKeyChecking=yes",
+      "-F /dev/null"
+    ];
+    if (existsSync4(agentSshKey)) {
+      sshParts.splice(1, 0, `-i "${agentSshKey}"`, "-o IdentitiesOnly=yes");
+    }
+    env.GIT_SSH_COMMAND = sshParts.join(" ");
+  }
+  const persistedSecretsPath = resolve5(runtime.rootDir, "runtime-secrets.json");
+  if (existsSync4(persistedSecretsPath)) {
+    try {
+      const persisted = JSON.parse(readFileSync3(persistedSecretsPath, "utf8"));
+      if (persisted && typeof persisted === "object") {
+        for (const [key, value] of Object.entries(persisted)) {
+          if (key === "GITHUB_SSH_KEY")
+            continue;
+          if (typeof value === "string" && value && !env[key])
+            env[key] = value;
+        }
+      }
+    } catch {}
+  }
+  for (const [key, value] of Object.entries(resolveRuntimeSecrets(process.env))) {
+    if (key === "GITHUB_SSH_KEY") {
+      continue;
+    }
+    if (value) {
+      env[key] = value;
+    }
+  }
+  const authStateGithubToken = authStateToken(process.env) || "";
+  const explicitRigGithubToken = process.env.RIG_GITHUB_TOKEN?.trim() || "";
+  const rigGithubToken = explicitRigGithubToken || authStateGithubToken;
+  if (rigGithubToken) {
+    env.RIG_GITHUB_TOKEN = rigGithubToken;
+    env.GITHUB_TOKEN = rigGithubToken;
+    env.GH_TOKEN = rigGithubToken;
+  }
+  const fallbackGithubToken = !env.GITHUB_TOKEN && !env.GH_TOKEN ? await resolveGithubCliAuthToken(hostGhBinary) : "";
+  if (fallbackGithubToken) {
+    env.GITHUB_TOKEN = fallbackGithubToken;
+  }
+  if (!env.GITHUB_TOKEN && env.GH_TOKEN) {
+    env.GITHUB_TOKEN = env.GH_TOKEN;
+  }
+  if (!env.GH_TOKEN && env.GITHUB_TOKEN) {
+    env.GH_TOKEN = env.GITHUB_TOKEN;
+  }
+  const gitHubToken = env.GITHUB_TOKEN || env.GH_TOKEN || rigGithubToken;
+  if (gitHubToken) {
+    env.RIG_GITHUB_TOKEN = gitHubToken;
+    env.GITHUB_TOKEN = env.GITHUB_TOKEN || gitHubToken;
+    env.GH_TOKEN = env.GH_TOKEN || gitHubToken;
+    applyGitHubCredentialHelperEnv(env);
+  }
+  if (!env.GREPTILE_GITHUB_TOKEN && env.GITHUB_TOKEN) {
+    env.GREPTILE_GITHUB_TOKEN = env.GITHUB_TOKEN;
+  }
+  if (existsSync4(runtime.contextFile)) {
+    const runtimeContext = loadRuntimeContext(runtime.contextFile);
+    Object.assign(env, runtimeMemoryEnvFromContext(runtimeContext));
+    Object.assign(env, browserEnvFromContext(runtimeContext.browser));
+  }
+  persistRuntimeSecrets(runtime.rootDir, env);
+  return env;
+}
+function runtimeCommandEnv(baseEnv, command) {
+  const env = { ...baseEnv };
+  delete env.ENV;
+  delete env.BASH_ENV;
+  const executable = command[0]?.trim() ?? "";
+  const shellName = basename(executable);
+  const isPosixSh = executable === "/bin/sh" || shellName === "sh" || shellName === "dash";
+  if (isPosixSh) {
+    delete env.BASH;
+    if (executable) {
+      env.SHELL = executable;
+    }
+  }
+  return env;
+}
+async function provisionRuntimeHome(runtime, options = {}) {
+  await mkdir(runtime.homeDir, { recursive: true });
+  await mkdir(runtime.tmpDir, { recursive: true });
+  await mkdir(runtime.cacheDir, { recursive: true });
+  await provisionAgentSshKey(runtime.homeDir);
+  if (options.provider === "pi") {
+    const hasPiAuth = await injectPiAgentConfig(resolve5(runtime.homeDir, ".pi", "agent"));
+    if (!hasPiAuth) {
+      console.warn("[rig] No Pi auth.json found for isolated runtime. " + "Run `pi /login` in your host shell, then retry the agent run.");
+    }
+  }
+}
+async function provisionClaudeHome(config) {
+  mkdirSync3(config.claudeHomeDir, { recursive: true });
+  const workspaceSettings = resolve5(config.workspaceDir, ".claude/settings.json");
+  const hostSettings = resolve5(config.hostProjectRoot, ".claude/settings.json");
+  const projectSettings = existsSync4(workspaceSettings) ? workspaceSettings : hostSettings;
+  const runtimeSettings = await loadRuntimeClaudeSettings(projectSettings);
+  if (existsSync4(projectSettings)) {
+    writeFileSync2(resolve5(config.claudeHomeDir, "settings.local.json"), `${JSON.stringify(runtimeSettings, null, 2)}
+`, "utf-8");
+  }
+  writeClaudeProjectSettings(config.claudeHomeDir, config.workspaceDir, runtimeSettings);
+  writeFileSync2(resolve5(config.claudeHomeDir, "settings.json"), JSON.stringify({
+    permissions: { defaultMode: "bypassPermissions" },
+    autoMemoryEnabled: false
+  }, null, 2));
+  const hasCredentials = await injectClaudeCredentials(config.claudeHomeDir);
+  if (!hasCredentials) {
+    console.warn("[rig] No Claude credentials found for isolated runtime. " + "Run `claude /login` in your host shell, then retry the agent run.");
+  }
+  const realClaudeHome = resolve5(process.env.HOME ?? "", ".claude");
+  if (process.env.HOME && existsSync4(resolve5(realClaudeHome, "CLAUDE.md"))) {
+    cpSync(resolve5(realClaudeHome, "CLAUDE.md"), resolve5(config.claudeHomeDir, "CLAUDE.md"));
+  }
+  if (process.env.HOME && existsSync4(resolve5(realClaudeHome, "agents"))) {
+    cpSync(resolve5(realClaudeHome, "agents"), resolve5(config.claudeHomeDir, "agents"), { recursive: true });
+  }
+  if (process.platform === "darwin" && process.env.HOME) {
+    writeClaudeProjectSettings(realClaudeHome, config.workspaceDir, runtimeSettings);
+  }
+}
+async function materializeRuntimeCertBundle(runtime) {
+  const sourcePath = resolveSystemCertBundlePath();
+  if (!sourcePath) {
+    return "";
+  }
+  const certsDir = resolve5(runtime.rootDir, "certs");
+  const targetPath = resolve5(certsDir, "ca-certificates.pem");
+  await mkdir(certsDir, { recursive: true });
+  let shouldCopy = !existsSync4(targetPath);
+  if (!shouldCopy) {
+    try {
+      shouldCopy = statSync3(sourcePath).mtimeMs > statSync3(targetPath).mtimeMs;
+    } catch {
+      shouldCopy = true;
+    }
+  }
+  if (shouldCopy) {
+    copyFileSync2(sourcePath, targetPath);
+  }
+  return targetPath;
+}
+function applyGitHubCredentialHelperEnv(env) {
+  env.GIT_TERMINAL_PROMPT = "0";
+  env.GIT_CONFIG_COUNT = "2";
+  env.GIT_CONFIG_KEY_0 = "credential.helper";
+  env.GIT_CONFIG_VALUE_0 = "";
+  env.GIT_CONFIG_KEY_1 = "credential.helper";
+  env.GIT_CONFIG_VALUE_1 = '!f() { test "$1" = get || exit 0; token="${GITHUB_TOKEN:-${GH_TOKEN:-${RIG_GITHUB_TOKEN:-}}}"; test -n "$token" || exit 0; echo username=x-access-token; echo password="$token"; }; f';
+}
+var PERSISTED_RUNTIME_SECRET_KEYS = [
+  "ANTHROPIC_API_KEY",
+  "OPENAI_API_KEY",
+  "OPENROUTER_API_KEY",
+  "AI_REVIEW_MODE",
+  "AI_REVIEW_PROVIDER",
+  "GREPTILE_API_BASE",
+  "GREPTILE_REMOTE",
+  "GREPTILE_REPOSITORY",
+  "GREPTILE_CONTEXT_BRANCH",
+  "GREPTILE_DEFAULT_BRANCH",
+  "GREPTILE_API_KEY",
+  "GREPTILE_GITHUB_TOKEN",
+  "GREPTILE_POLL_ATTEMPTS",
+  "GREPTILE_POLL_INTERVAL_MS",
+  "GH_TOKEN",
+  "GITHUB_TOKEN",
+  "AWS_ACCESS_KEY_ID",
+  "AWS_SECRET_ACCESS_KEY",
+  "AWS_REGION",
+  "LINEAR_API_KEY",
+  "LINEAR_WEBHOOK_SECRET",
+  "RIG_GITHUB_TOKEN"
+];
+function persistRuntimeSecrets(runtimeRoot, env) {
+  const secretsPath = resolve5(runtimeRoot, "runtime-secrets.json");
+  const resolvedSecrets = resolveRuntimeSecrets(env);
+  const persisted = {};
+  const secretSource = {
+    ...resolvedSecrets,
+    RIG_GITHUB_TOKEN: env.RIG_GITHUB_TOKEN
+  };
+  for (const key of PERSISTED_RUNTIME_SECRET_KEYS) {
+    const value = secretSource[key]?.trim();
+    if (value) {
+      persisted[key] = value;
+    }
+  }
+  if (Object.keys(persisted).length === 0) {
+    return;
+  }
+  writeFileSync2(secretsPath, `${JSON.stringify(persisted, null, 2)}
+`, { encoding: "utf-8", mode: 384 });
+  chmodSync(secretsPath, 384);
+}
+async function provisionAgentSshKey(homeDir) {
+  const sshDir = resolve5(homeDir, ".ssh");
+  if (!existsSync4(sshDir)) {
+    await mkdir(sshDir, { recursive: true });
+  }
+  seedKnownHosts(sshDir);
+  const secrets = resolveRuntimeSecrets(process.env);
+  const privateKey = decodeProvisionedSshKey(secrets.GITHUB_SSH_KEY);
+  if (!privateKey) {
+    const hostKeyPath = resolveHostSshKeyPath(process.env.HOME ?? "");
+    if (!process.env.HOME || !existsSync4(hostKeyPath)) {
+      return;
+    }
+    const agentKeyPath2 = resolve5(sshDir, "rig-agent-key");
+    if (!existsSync4(agentKeyPath2)) {
+      copyFileSync2(hostKeyPath, agentKeyPath2);
+      chmodSync(agentKeyPath2, 384);
+    }
+    const hostPubPath = `${hostKeyPath}.pub`;
+    if (existsSync4(hostPubPath)) {
+      const agentPubPath = `${agentKeyPath2}.pub`;
+      if (!existsSync4(agentPubPath)) {
+        copyFileSync2(hostPubPath, agentPubPath);
+      }
+    }
+    writeSshConfig(sshDir, agentKeyPath2);
+    return;
+  }
+  const agentKeyPath = resolve5(sshDir, "rig-agent-key");
+  if (!existsSync4(agentKeyPath)) {
+    writeFileSync2(agentKeyPath, privateKey, { mode: 384 });
+  }
+  writeSshConfig(sshDir, agentKeyPath);
+}
+function decodeProvisionedSshKey(encodedKey) {
+  const trimmed = encodedKey?.trim();
+  if (!trimmed || trimmed === GITHUB_SSH_KEY_PLACEHOLDER) {
+    return null;
+  }
+  const decoded = Buffer.from(trimmed, "base64").toString("utf-8").trim();
+  if (!decoded.includes("PRIVATE KEY")) {
+    return null;
+  }
+  return `${decoded}
+`;
+}
+function resolveHostSshKeyPath(homeDir) {
+  const sshDir = resolve5(homeDir, ".ssh");
+  const candidates = [
+    "rig-agent-key",
+    "id_ed25519",
+    "id_ecdsa",
+    "id_rsa"
+  ].map((name) => resolve5(sshDir, name));
+  return candidates.find((candidate) => existsSync4(candidate)) ?? resolve5(sshDir, "rig-agent-key");
+}
+function writeSshConfig(sshDir, keyPath) {
+  const configPath = resolve5(sshDir, "config");
+  if (existsSync4(configPath)) {
+    return;
+  }
+  const knownHostsPath = resolve5(sshDir, "known_hosts");
+  const config = [
+    "Host github.com",
+    `  IdentityFile ${keyPath}`,
+    "  IdentitiesOnly yes",
+    `  UserKnownHostsFile ${knownHostsPath}`,
+    "  StrictHostKeyChecking yes",
+    ""
+  ].join(`
+`);
+  writeFileSync2(configPath, config, { mode: 420 });
+}
+function seedKnownHosts(sshDir) {
+  const knownHostsPath = resolve5(sshDir, "known_hosts");
+  const existingLines = readKnownHosts(knownHostsPath);
+  const requiredLines = GITHUB_KNOWN_HOSTS.split(/\r?\n/).map((line) => line.trim()).filter(Boolean);
+  const missing = requiredLines.filter((line) => !existingLines.has(line));
+  if (missing.length === 0) {
+    return;
+  }
+  try {
+    for (const line of missing) {
+      existingLines.add(line);
+    }
+    writeFileSync2(knownHostsPath, `${Array.from(existingLines).join(`
+`)}
+`, { mode: 420 });
+  } catch (err) {
+    const hint = existsSync4(knownHostsPath) ? "" : " \u2014 known_hosts is missing; git SSH operations may fail";
+    console.warn(`[rig] Could not update ${knownHostsPath}: ${err instanceof Error ? err.message : String(err)}${hint}`);
+  }
+}
+function writeClaudeProjectSettings(claudeHomeDir, workspaceDir, runtimeSettings) {
+  const projectHash = hashProjectPath(workspaceDir);
+  const projectDir = resolve5(claudeHomeDir, "projects", projectHash);
+  mkdirSync3(projectDir, { recursive: true });
+  writeFileSync2(resolve5(projectDir, "settings.json"), `${JSON.stringify(runtimeSettings, null, 2)}
+`, "utf-8");
+}
+async function loadRuntimeClaudeSettings(projectSettingsPath) {
+  if (!existsSync4(projectSettingsPath)) {
+    return {};
+  }
+  let parsed;
+  try {
+    parsed = await Bun.file(projectSettingsPath).json();
+  } catch {
+    return {};
+  }
+  const clone = JSON.parse(JSON.stringify(parsed));
+  const hooks = clone.hooks;
+  if (!hooks || typeof hooks !== "object") {
+    return clone;
+  }
+  for (const key of ["PreToolUse", "PostToolUse", "SessionStart", "Stop"]) {
+    const groups = hooks[key];
+    if (!Array.isArray(groups)) {
+      continue;
+    }
+    for (const group of groups) {
+      if (!group || typeof group !== "object" || Array.isArray(group)) {
+        continue;
+      }
+      const hookGroup = group;
+      if (!Array.isArray(hookGroup.hooks)) {
+        continue;
+      }
+      for (const hook of hookGroup.hooks) {
+        if (!hook || hook.type !== "command" || typeof hook.command !== "string") {
+          continue;
+        }
+        const shMatch = hook.command.match(/rig\/hooks\/([a-z0-9-]+)\.sh$/i);
+        if (shMatch) {
+          hook.command = `.rig/bin/hooks/${shMatch[1]}`;
+          continue;
+        }
+        const splinterMatch = hook.command.match(/\.splinter\/bin\/hooks\/([a-z0-9-]+)$/i);
+        if (splinterMatch) {
+          hook.command = `.rig/bin/hooks/${splinterMatch[1]}`;
+        }
+      }
+    }
+  }
+  return clone;
+}
+async function injectClaudeCredentials(claudeHomeDir, options = {}) {
+  const credentialsPath = resolve5(claudeHomeDir, ".credentials.json");
+  const platform = options.platform ?? process.platform;
+  if (platform === "darwin") {
+    const raw = options.loadKeychainCredentials ? await options.loadKeychainCredentials() : await (async () => {
+      const result = await Bun.$`security find-generic-password -s "Claude Code-credentials" -w`.quiet().nothrow();
+      return result.exitCode === 0 ? result.stdout.toString().trim() : "";
+    })();
+    if (raw) {
+      try {
+        JSON.parse(raw);
+        writeFileSync2(credentialsPath, raw, { mode: 384 });
+        registerCredentialCleanup(credentialsPath);
+        return true;
+      } catch {}
+    }
+  }
+  const hostClaudeHome = options.hostClaudeHome ? resolve5(options.hostClaudeHome) : process.env.CLAUDE_HOME?.trim() ? resolve5(process.env.CLAUDE_HOME) : process.env.HOME ? resolve5(process.env.HOME, ".claude") : "";
+  if (hostClaudeHome) {
+    const realCredentials = resolve5(hostClaudeHome, ".credentials.json");
+    if (existsSync4(realCredentials)) {
+      cpSync(realCredentials, credentialsPath);
+      return true;
+    }
+  }
+  return false;
+}
+async function injectPiAgentConfig(piAgentDir) {
+  mkdirSync3(piAgentDir, { recursive: true });
+  const runtimeConfigPath = resolve5(piAgentDir, "config.yml");
+  if (!existsSync4(runtimeConfigPath)) {
+    writeFileSync2(runtimeConfigPath, `setupVersion: 1000
+startup:
+  setupWizard: false
+  checkUpdate: false
+`, { mode: 384 });
+  }
+  const hostPiAgentDir = process.env.PI_CODING_AGENT_DIR?.trim() ? resolve5(process.env.PI_CODING_AGENT_DIR) : process.env.HOME ? resolve5(process.env.HOME, ".pi", "agent") : "";
+  if (!hostPiAgentDir) {
+    return false;
+  }
+  const hostAuthPath = resolve5(hostPiAgentDir, "auth.json");
+  if (!existsSync4(hostAuthPath)) {
+    return false;
+  }
+  const runtimeAuthPath = resolve5(piAgentDir, "auth.json");
+  copyFileSync2(hostAuthPath, runtimeAuthPath);
+  chmodSync(runtimeAuthPath, 384);
+  const hostSettingsPath = resolve5(hostPiAgentDir, "settings.json");
+  if (existsSync4(hostSettingsPath)) {
+    const runtimeSettingsPath = resolve5(piAgentDir, "settings.json");
+    copyFileSync2(hostSettingsPath, runtimeSettingsPath);
+    chmodSync(runtimeSettingsPath, 384);
+  }
+  return true;
+}
+var __testOnly = {
+  injectClaudeCredentials,
+  injectPiAgentConfig
+};
+export {
+  runtimeEnv,
+  runtimeCommandEnv,
+  provisionRuntimeHome,
+  provisionClaudeHome,
+  persistRuntimeSecrets,
+  __testOnly
+};