@machina.ai/cell-cli-core 1.36.0-rc1 → 1.38.1-rc2

package/dist/src/sandbox/macos/seatbeltArgsBuilder.js

@@ -7,48 +7,29 @@ import fs from 'node:fs';
 import os from 'node:os';
 import path from 'node:path';
 import { BASE_SEATBELT_PROFILE, NETWORK_SEATBELT_PROFILE, } from './baseProfile.js';
-import { sanitizePaths, GOVERNANCE_FILES, } from '../../services/sandboxManager.js';
+import { GOVERNANCE_FILES, SECRET_FILES, } from '../../services/sandboxManager.js';
+import { tryRealpath, resolveGitWorktreePaths } from '../utils/fsUtils.js';
 /**
- * Resolves symlinks for a given path to prevent sandbox escapes.
- * If a file does not exist (ENOENT), it recursively resolves the parent directory.
- * Other errors (e.g. EACCES) are re-thrown.
+ * Escapes a string for use within a Scheme string literal "..."
  */
-function tryRealpath(p) {
-    try {
-        return fs.realpathSync(p);
-    }
-    catch (e) {
-        if (e instanceof Error && 'code' in e && e.code === 'ENOENT') {
-            const parentDir = path.dirname(p);
-            if (parentDir === p) {
-                return p;
-            }
-            return path.join(tryRealpath(parentDir), path.basename(p));
-        }
-        throw e;
-    }
+export function escapeSchemeString(str) {
+    return str.replace(/[\\"]/g, '\\$&');
 }
 /**
- * Builds the arguments array for sandbox-exec using a strict allowlist profile.
- * It relies on parameters passed to sandbox-exec via the -D flag to avoid
- * string interpolation vulnerabilities, and normalizes paths against symlink escapes.
- *
- * Returns arguments up to the end of sandbox-exec configuration (e.g. ['-p', '<profile>', '-D', ...])
- * Does not include the final '--' separator or the command to run.
+ * Builds a complete macOS Seatbelt profile string using a strict allowlist.
+ * It embeds paths directly into the profile, properly escaped for Scheme.
  */
-export function buildSeatbeltArgs(options) {
+export function buildSeatbeltProfile(options) {
     let profile = BASE_SEATBELT_PROFILE + '\n';
-    const args = [];
     const workspacePath = tryRealpath(options.workspace);
-    args.push('-D', `WORKSPACE=${workspacePath}`);
-    args.push('-D', `WORKSPACE_RAW=${options.workspace}`);
-    profile += `(allow file-read* (subpath (param "WORKSPACE_RAW")))\n`;
-    if (options.workspaceWrite) {
-        profile += `(allow file-write* (subpath (param "WORKSPACE_RAW")))\n`;
-    }
+    profile += `(allow file-read* (subpath "${escapeSchemeString(options.workspace)}"))\n`;
+    profile += `(allow file-read* (subpath "${escapeSchemeString(workspacePath)}"))\n`;
     if (options.workspaceWrite) {
-        profile += `(allow file-write* (subpath (param "WORKSPACE")))\n`;
+        profile += `(allow file-write* (subpath "${escapeSchemeString(options.workspace)}"))\n`;
+        profile += `(allow file-write* (subpath "${escapeSchemeString(workspacePath)}"))\n`;
     }
+    const tmpPath = tryRealpath(os.tmpdir());
+    profile += `(allow file-read* file-write* (subpath "${escapeSchemeString(tmpPath)}"))\n`;
     // Add explicit deny rules for governance files in the workspace.
     // These are added after the workspace allow rule to ensure they take precedence
     // (Seatbelt evaluates rules in order, later rules win for same path).
@@ -67,51 +48,48 @@ export function buildSeatbeltArgs(options) {
             // Ignore errors, use default guess
         }
         const ruleType = isDirectory ? 'subpath' : 'literal';
-        args.push('-D', `GOVERNANCE_FILE_${i}=${governanceFile}`);
-        profile += `(deny file-write* (${ruleType} (param "GOVERNANCE_FILE_${i}")))\n`;
+        profile += `(deny file-write* (${ruleType} "${escapeSchemeString(governanceFile)}"))\n`;
         if (realGovernanceFile !== governanceFile) {
-            args.push('-D', `REAL_GOVERNANCE_FILE_${i}=${realGovernanceFile}`);
-            profile += `(deny file-write* (${ruleType} (param "REAL_GOVERNANCE_FILE_${i}")))\n`;
+            profile += `(deny file-write* (${ruleType} "${escapeSchemeString(realGovernanceFile)}"))\n`;
         }
     }
-    // Auto-detect and support git worktrees by granting read and write access to the underlying git directory
-    try {
-        const gitPath = path.join(workspacePath, '.git');
-        const gitStat = fs.lstatSync(gitPath);
-        if (gitStat.isFile()) {
-            const gitContent = fs.readFileSync(gitPath, 'utf8');
-            const match = gitContent.match(/^gitdir:\s*(.+)$/m);
-            if (match && match[1]) {
-                let worktreeGitDir = match[1].trim();
-                if (!path.isAbsolute(worktreeGitDir)) {
-                    worktreeGitDir = path.resolve(workspacePath, worktreeGitDir);
-                }
-                const resolvedWorktreeGitDir = tryRealpath(worktreeGitDir);
-                // Grant write access to the worktree's specific .git directory
-                args.push('-D', `WORKTREE_GIT_DIR=${resolvedWorktreeGitDir}`);
-                profile += `(allow file-read* file-write* (subpath (param "WORKTREE_GIT_DIR")))\n`;
-                // Grant write access to the main repository's .git directory (objects, refs, etc. are shared)
-                // resolvedWorktreeGitDir is usually like: /path/to/main-repo/.git/worktrees/worktree-name
-                const mainGitDir = tryRealpath(path.dirname(path.dirname(resolvedWorktreeGitDir)));
-                if (mainGitDir && mainGitDir.endsWith('.git')) {
-                    args.push('-D', `MAIN_GIT_DIR=${mainGitDir}`);
-                    profile += `(allow file-read* file-write* (subpath (param "MAIN_GIT_DIR")))\n`;
-                }
+    // Add explicit deny rules for secret files (.env, .env.*) in the workspace and allowed paths.
+    // We use regex rules to avoid expensive file discovery scans.
+    // Anchoring to workspace/allowed paths to avoid over-blocking.
+    const searchPaths = [options.workspace, ...options.allowedPaths];
+    for (const basePath of searchPaths) {
+        const resolvedBase = tryRealpath(basePath);
+        for (const secret of SECRET_FILES) {
+            // Map pattern to Seatbelt regex
+            let regexPattern;
+            const escapedBase = escapeRegex(resolvedBase);
+            if (secret.pattern.endsWith('*')) {
+                // .env.* -> .env\..+ (match .env followed by dot and something)
+                // We anchor the secret file name to either a directory separator or the start of the relative path.
+                const basePattern = secret.pattern.slice(0, -1).replace(/\./g, '\\\\.');
+                regexPattern = `^${escapedBase}/(.*/)?${basePattern}[^/]+$`;
+            }
+            else {
+                // .env -> \.env$
+                const basePattern = secret.pattern.replace(/\./g, '\\\\.');
+                regexPattern = `^${escapedBase}/(.*/)?${basePattern}$`;
             }
+            profile += `(deny file-read* file-write* (regex #"${regexPattern}"))\n`;
         }
     }
-    catch (_e) {
-        // Ignore if .git doesn't exist, isn't readable, etc.
+    // Auto-detect and support git worktrees by granting read and write access to the underlying git directory
+    const { worktreeGitDir, mainGitDir } = resolveGitWorktreePaths(workspacePath);
+    if (worktreeGitDir) {
+        profile += `(allow file-read* file-write* (subpath "${escapeSchemeString(worktreeGitDir)}"))\n`;
+    }
+    if (mainGitDir) {
+        profile += `(allow file-read* file-write* (subpath "${escapeSchemeString(mainGitDir)}"))\n`;
     }
-    const tmpPath = tryRealpath(os.tmpdir());
-    args.push('-D', `TMPDIR=${tmpPath}`);
     const nodeRootPath = tryRealpath(path.dirname(path.dirname(process.execPath)));
-    args.push('-D', `NODE_ROOT=${nodeRootPath}`);
-    profile += `(allow file-read* (subpath (param "NODE_ROOT")))\n`;
+    profile += `(allow file-read* (subpath "${escapeSchemeString(nodeRootPath)}"))\n`;
     // Add PATH directories as read-only to support nvm, homebrew, etc.
     if (process.env['PATH']) {
         const paths = process.env['PATH'].split(':');
-        let pathIndex = 0;
         const addedPaths = new Set();
         for (const p of paths) {
             if (!p.trim())
@@ -126,31 +104,26 @@ export function buildSeatbeltArgs(options) {
                 }
                 if (!addedPaths.has(resolved)) {
                     addedPaths.add(resolved);
-                    args.push('-D', `SYS_PATH_${pathIndex}=${resolved}`);
-                    profile += `(allow file-read* (subpath (param "SYS_PATH_${pathIndex}")))\n`;
-                    pathIndex++;
+                    profile += `(allow file-read* (subpath "${escapeSchemeString(resolved)}"))\n`;
                 }
             }
-            catch (_e) {
+            catch {
                 // Ignore paths that do not exist or are inaccessible
             }
         }
     }
     // Handle allowedPaths
-    const allowedPaths = sanitizePaths(options.allowedPaths) || [];
+    const allowedPaths = options.allowedPaths;
     for (let i = 0; i < allowedPaths.length; i++) {
         const allowedPath = tryRealpath(allowedPaths[i]);
-        args.push('-D', `ALLOWED_PATH_${i}=${allowedPath}`);
-        profile += `(allow file-read* file-write* (subpath (param "ALLOWED_PATH_${i}")))\n`;
+        profile += `(allow file-read* file-write* (subpath "${escapeSchemeString(allowedPath)}"))\n`;
     }
     // Handle granular additional permissions
     if (options.additionalPermissions?.fileSystem) {
         const { read, write } = options.additionalPermissions.fileSystem;
         if (read) {
-            read.forEach((p, i) => {
-                const resolved = tryRealpath(p);
-                const paramName = `ADDITIONAL_READ_${i}`;
-                args.push('-D', `${paramName}=${resolved}`);
+            for (let i = 0; i < read.length; i++) {
+                const resolved = tryRealpath(read[i]);
                 let isFile = false;
                 try {
                     isFile = fs.statSync(resolved).isFile();
@@ -159,18 +132,16 @@ export function buildSeatbeltArgs(options) {
                     // Ignore error
                 }
                 if (isFile) {
-                    profile += `(allow file-read* (literal (param "${paramName}")))\n`;
+                    profile += `(allow file-read* (literal "${escapeSchemeString(resolved)}"))\n`;
                 }
                 else {
-                    profile += `(allow file-read* (subpath (param "${paramName}")))\n`;
+                    profile += `(allow file-read* (subpath "${escapeSchemeString(resolved)}"))\n`;
                 }
-            });
+            }
         }
         if (write) {
-            write.forEach((p, i) => {
-                const resolved = tryRealpath(p);
-                const paramName = `ADDITIONAL_WRITE_${i}`;
-                args.push('-D', `${paramName}=${resolved}`);
+            for (let i = 0; i < write.length; i++) {
+                const resolved = tryRealpath(write[i]);
                 let isFile = false;
                 try {
                     isFile = fs.statSync(resolved).isFile();
@@ -179,25 +150,42 @@ export function buildSeatbeltArgs(options) {
                     // Ignore error
                 }
                 if (isFile) {
-                    profile += `(allow file-read* file-write* (literal (param "${paramName}")))\n`;
+                    profile += `(allow file-read* file-write* (literal "${escapeSchemeString(resolved)}"))\n`;
                 }
                 else {
-                    profile += `(allow file-read* file-write* (subpath (param "${paramName}")))\n`;
+                    profile += `(allow file-read* file-write* (subpath "${escapeSchemeString(resolved)}"))\n`;
                 }
-            });
+            }
         }
     }
     // Handle forbiddenPaths
-    const forbiddenPaths = sanitizePaths(options.forbiddenPaths) || [];
+    const forbiddenPaths = options.forbiddenPaths;
     for (let i = 0; i < forbiddenPaths.length; i++) {
         const forbiddenPath = tryRealpath(forbiddenPaths[i]);
-        args.push('-D', `FORBIDDEN_PATH_${i}=${forbiddenPath}`);
-        profile += `(deny file-read* file-write* (subpath (param "FORBIDDEN_PATH_${i}")))\n`;
+        profile += `(deny file-read* file-write* (subpath "${escapeSchemeString(forbiddenPath)}"))\n`;
     }
     if (options.networkAccess || options.additionalPermissions?.network) {
         profile += NETWORK_SEATBELT_PROFILE;
     }
-    args.unshift('-p', profile);
-    return args;
+    return profile;
+}
+/**
+ * Escapes a string for use within a Seatbelt regex literal #"..."
+ */
+function escapeRegex(str) {
+    return str.replace(/[.*+?^${}()|[\]\\"]/g, (c) => {
+        if (c === '"') {
+            // Escape double quotes for the Scheme string literal
+            return '\\"';
+        }
+        if (c === '\\') {
+            // A literal backslash needs to be \\ in the regex.
+            // To get \\ in the regex engine, we need \\\\ in the Scheme string literal.
+            return '\\\\\\\\';
+        }
+        // For other regex special characters (like .), we need \c in the regex.
+        // To get \c in the regex engine, we need \\c in the Scheme string literal.
+        return '\\\\' + c;
+    });
 }
 //# sourceMappingURL=seatbeltArgsBuilder.js.map

package/dist/src/sandbox/macos/seatbeltArgsBuilder.js.map

@@ -1 +1 @@
-{"version":3,"file":"seatbeltArgsBuilder.js","sourceRoot":"","sources":["../../../../src/sandbox/macos/seatbeltArgsBuilder.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EACL,qBAAqB,EACrB,wBAAwB,GACzB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAEL,aAAa,EACb,gBAAgB,GACjB,MAAM,kCAAkC,CAAC;AAoB1C;;;;GAIG;AACH,SAAS,WAAW,CAAC,CAAS;IAC5B,IAAI,CAAC;QACH,OAAO,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAC5B,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,CAAC,YAAY,KAAK,IAAI,MAAM,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7D,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;YAClC,IAAI,SAAS,KAAK,CAAC,EAAE,CAAC;gBACpB,OAAO,CAAC,CAAC;YACX,CAAC;YACD,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QAC7D,CAAC;QACD,MAAM,CAAC,CAAC;IACV,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAA4B;IAC5D,IAAI,OAAO,GAAG,qBAAqB,GAAG,IAAI,CAAC;IAC3C,MAAM,IAAI,GAAa,EAAE,CAAC;IAE1B,MAAM,aAAa,GAAG,WAAW,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACrD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,aAAa,aAAa,EAAE,CAAC,CAAC;IAC9C,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,iBAAiB,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;IACtD,OAAO,IAAI,wDAAwD,CAAC;IACpE,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;QAC3B,OAAO,IAAI,yDAAyD,CAAC;IACvE,CAAC;IAED,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;QAC3B,OAAO,IAAI,qDAAqD,CAAC;IACnE,CAAC;IAED,iEAAiE;IACjE,gFAAgF;IAChF,sEAAsE;IACtE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,gBAAgB,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACjD,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAC1E,MAAM,kBAAkB,GAAG,WAAW,CAAC,cAAc,CAAC,CAAC;QAEvD,kFAAkF;QAClF,kEAAkE;QAClE,IAAI,WAAW,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;QAClD,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACtC,WAAW,GAAG,EAAE,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC,WAAW,EAAE,CAAC;YAC/D,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,mCAAmC;QACrC,CAAC;QAED,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;QAErD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,cAAc,EAAE,CAAC,CAAC;QAC1D,OAAO,IAAI,sBAAsB,QAAQ,4BAA4B,CAAC,QAAQ,CAAC;QAE/E,IAAI,kBAAkB,KAAK,cAAc,EAAE,CAAC;YAC1C,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,wBAAwB,CAAC,IAAI,kBAAkB,EAAE,CAAC,CAAC;YACnE,OAAO,IAAI,sBAAsB,QAAQ,iCAAiC,CAAC,QAAQ,CAAC;QACtF,CAAC;IACH,CAAC;IAED,0GAA0G;IAC1G,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QACjD,MAAM,OAAO,GAAG,EAAE,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACtC,IAAI,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;YACrB,MAAM,UAAU,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YACpD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;YACpD,IAAI,KAAK,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;gBACtB,IAAI,cAAc,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBACrC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;oBACrC,cAAc,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,cAAc,CAAC,CAAC;gBAC/D,CAAC;gBACD,MAAM,sBAAsB,GAAG,WAAW,CAAC,cAAc,CAAC,CAAC;gBAE3D,+DAA+D;gBAC/D,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,oBAAoB,sBAAsB,EAAE,CAAC,CAAC;gBAC9D,OAAO,IAAI,uEAAuE,CAAC;gBAEnF,8FAA8F;gBAC9F,0FAA0F;gBAC1F,MAAM,UAAU,GAAG,WAAW,CAC5B,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,CACnD,CAAC;gBACF,IAAI,UAAU,IAAI,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC9C,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,gBAAgB,UAAU,EAAE,CAAC,CAAC;oBAC9C,OAAO,IAAI,mEAAmE,CAAC;gBACjF,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,EAAE,EAAE,CAAC;QACZ,qDAAqD;IACvD,CAAC;IAED,MAAM,OAAO,GAAG,WAAW,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC;IACzC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,OAAO,EAAE,CAAC,CAAC;IAErC,MAAM,YAAY,GAAG,WAAW,CAC9B,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAC7C,CAAC;IACF,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,aAAa,YAAY,EAAE,CAAC,CAAC;IAC7C,OAAO,IAAI,oDAAoD,CAAC;IAEhE,mEAAmE;IACnE,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QACxB,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7C,IAAI,SAAS,GAAG,CAAC,CAAC;QAClB,MAAM,UAAU,GAAG,IAAI,GAAG,EAAE,CAAC;QAE7B,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE;gBAAE,SAAS;YACxB,IAAI,CAAC;gBACH,IAAI,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;gBAE9B,sEAAsE;gBACtE,mEAAmE;gBACnE,+CAA+C;gBAC/C,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC9B,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACpC,CAAC;gBAED,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC9B,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;oBACzB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,YAAY,SAAS,IAAI,QAAQ,EAAE,CAAC,CAAC;oBACrD,OAAO,IAAI,+CAA+C,SAAS,QAAQ,CAAC;oBAC5E,SAAS,EAAE,CAAC;gBACd,CAAC;YACH,CAAC;YAAC,OAAO,EAAE,EAAE,CAAC;gBACZ,qDAAqD;YACvD,CAAC;QACH,CAAC;IACH,CAAC;IAED,sBAAsB;IACtB,MAAM,YAAY,GAAG,aAAa,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAC/D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7C,MAAM,WAAW,GAAG,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,gBAAgB,CAAC,IAAI,WAAW,EAAE,CAAC,CAAC;QACpD,OAAO,IAAI,+DAA+D,CAAC,QAAQ,CAAC;IACtF,CAAC;IAED,yCAAyC;IACzC,IAAI,OAAO,CAAC,qBAAqB,EAAE,UAAU,EAAE,CAAC;QAC9C,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,qBAAqB,CAAC,UAAU,CAAC;QACjE,IAAI,IAAI,EAAE,CAAC;YACT,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;gBACpB,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;gBAChC,MAAM,SAAS,GAAG,mBAAmB,CAAC,EAAE,CAAC;gBACzC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,SAAS,IAAI,QAAQ,EAAE,CAAC,CAAC;gBAC5C,IAAI,MAAM,GAAG,KAAK,CAAC;gBACnB,IAAI,CAAC;oBACH,MAAM,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,CAAC;gBAC1C,CAAC;gBAAC,MAAM,CAAC;oBACP,eAAe;gBACjB,CAAC;gBACD,IAAI,MAAM,EAAE,CAAC;oBACX,OAAO,IAAI,sCAAsC,SAAS,QAAQ,CAAC;gBACrE,CAAC;qBAAM,CAAC;oBACN,OAAO,IAAI,sCAAsC,SAAS,QAAQ,CAAC;gBACrE,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QACD,IAAI,KAAK,EAAE,CAAC;YACV,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;gBACrB,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;gBAChC,MAAM,SAAS,GAAG,oBAAoB,CAAC,EAAE,CAAC;gBAC1C,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,SAAS,IAAI,QAAQ,EAAE,CAAC,CAAC;gBAC5C,IAAI,MAAM,GAAG,KAAK,CAAC;gBACnB,IAAI,CAAC;oBACH,MAAM,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,CAAC;gBAC1C,CAAC;gBAAC,MAAM,CAAC;oBACP,eAAe;gBACjB,CAAC;gBACD,IAAI,MAAM,EAAE,CAAC;oBACX,OAAO,IAAI,kDAAkD,SAAS,QAAQ,CAAC;gBACjF,CAAC;qBAAM,CAAC;oBACN,OAAO,IAAI,kDAAkD,SAAS,QAAQ,CAAC;gBACjF,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,MAAM,cAAc,GAAG,aAAa,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;IACnE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC/C,MAAM,aAAa,GAAG,WAAW,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC;QACrD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,IAAI,aAAa,EAAE,CAAC,CAAC;QACxD,OAAO,IAAI,gEAAgE,CAAC,QAAQ,CAAC;IACvF,CAAC;IAED,IAAI,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,qBAAqB,EAAE,OAAO,EAAE,CAAC;QACpE,OAAO,IAAI,wBAAwB,CAAC;IACtC,CAAC;IAED,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IAE5B,OAAO,IAAI,CAAC;AACd,CAAC"}
+{"version":3,"file":"seatbeltArgsBuilder.js","sourceRoot":"","sources":["../../../../src/sandbox/macos/seatbeltArgsBuilder.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EACL,qBAAqB,EACrB,wBAAwB,GACzB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAEL,gBAAgB,EAChB,YAAY,GACb,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EAAE,WAAW,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AAoB3E;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,GAAW;IAC5C,OAAO,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;AACvC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAA4B;IAC/D,IAAI,OAAO,GAAG,qBAAqB,GAAG,IAAI,CAAC;IAE3C,MAAM,aAAa,GAAG,WAAW,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACrD,OAAO,IAAI,+BAA+B,kBAAkB,CAAC,OAAO,CAAC,SAAS,CAAC,OAAO,CAAC;IACvF,OAAO,IAAI,+BAA+B,kBAAkB,CAAC,aAAa,CAAC,OAAO,CAAC;IACnF,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;QAC3B,OAAO,IAAI,gCAAgC,kBAAkB,CAAC,OAAO,CAAC,SAAS,CAAC,OAAO,CAAC;QACxF,OAAO,IAAI,gCAAgC,kBAAkB,CAAC,aAAa,CAAC,OAAO,CAAC;IACtF,CAAC;IAED,MAAM,OAAO,GAAG,WAAW,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC;IACzC,OAAO,IAAI,2CAA2C,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC;IAEzF,iEAAiE;IACjE,gFAAgF;IAChF,sEAAsE;IACtE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,gBAAgB,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACjD,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAC1E,MAAM,kBAAkB,GAAG,WAAW,CAAC,cAAc,CAAC,CAAC;QAEvD,kFAAkF;QAClF,kEAAkE;QAClE,IAAI,WAAW,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;QAClD,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACtC,WAAW,GAAG,EAAE,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC,WAAW,EAAE,CAAC;YAC/D,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,mCAAmC;QACrC,CAAC;QAED,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;QAErD,OAAO,IAAI,sBAAsB,QAAQ,KAAK,kBAAkB,CAAC,cAAc,CAAC,OAAO,CAAC;QAExF,IAAI,kBAAkB,KAAK,cAAc,EAAE,CAAC;YAC1C,OAAO,IAAI,sBAAsB,QAAQ,KAAK,kBAAkB,CAAC,kBAAkB,CAAC,OAAO,CAAC;QAC9F,CAAC;IACH,CAAC;IAED,8FAA8F;IAC9F,8DAA8D;IAC9D,+DAA+D;IAC/D,MAAM,WAAW,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IAEjE,KAAK,MAAM,QAAQ,IAAI,WAAW,EAAE,CAAC;QACnC,MAAM,YAAY,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;QAC3C,KAAK,MAAM,MAAM,IAAI,YAAY,EAAE,CAAC;YAClC,gCAAgC;YAChC,IAAI,YAAoB,CAAC;YACzB,MAAM,WAAW,GAAG,WAAW,CAAC,YAAY,CAAC,CAAC;YAC9C,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACjC,gEAAgE;gBAChE,oGAAoG;gBACpG,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBACxE,YAAY,GAAG,IAAI,WAAW,UAAU,WAAW,QAAQ,CAAC;YAC9D,CAAC;iBAAM,CAAC;gBACN,iBAAiB;gBACjB,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBAC3D,YAAY,GAAG,IAAI,WAAW,UAAU,WAAW,GAAG,CAAC;YACzD,CAAC;YACD,OAAO,IAAI,yCAAyC,YAAY,OAAO,CAAC;QAC1E,CAAC;IACH,CAAC;IAED,0GAA0G;IAC1G,MAAM,EAAE,cAAc,EAAE,UAAU,EAAE,GAAG,uBAAuB,CAAC,aAAa,CAAC,CAAC;IAC9E,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,IAAI,2CAA2C,kBAAkB,CAAC,cAAc,CAAC,OAAO,CAAC;IAClG,CAAC;IACD,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,IAAI,2CAA2C,kBAAkB,CAAC,UAAU,CAAC,OAAO,CAAC;IAC9F,CAAC;IAED,MAAM,YAAY,GAAG,WAAW,CAC9B,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAC7C,CAAC;IACF,OAAO,IAAI,+BAA+B,kBAAkB,CAAC,YAAY,CAAC,OAAO,CAAC;IAElF,mEAAmE;IACnE,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QACxB,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7C,MAAM,UAAU,GAAG,IAAI,GAAG,EAAE,CAAC;QAE7B,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE;gBAAE,SAAS;YACxB,IAAI,CAAC;gBACH,IAAI,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;gBAE9B,sEAAsE;gBACtE,mEAAmE;gBACnE,+CAA+C;gBAC/C,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC9B,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACpC,CAAC;gBAED,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC9B,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;oBACzB,OAAO,IAAI,+BAA+B,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAChF,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,qDAAqD;YACvD,CAAC;QACH,CAAC;IACH,CAAC;IAED,sBAAsB;IACtB,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;IAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7C,MAAM,WAAW,GAAG,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;QACjD,OAAO,IAAI,2CAA2C,kBAAkB,CAAC,WAAW,CAAC,OAAO,CAAC;IAC/F,CAAC;IAED,yCAAyC;IACzC,IAAI,OAAO,CAAC,qBAAqB,EAAE,UAAU,EAAE,CAAC;QAC9C,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,qBAAqB,CAAC,UAAU,CAAC;QACjE,IAAI,IAAI,EAAE,CAAC;YACT,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACrC,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;gBACtC,IAAI,MAAM,GAAG,KAAK,CAAC;gBACnB,IAAI,CAAC;oBACH,MAAM,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,CAAC;gBAC1C,CAAC;gBAAC,MAAM,CAAC;oBACP,eAAe;gBACjB,CAAC;gBACD,IAAI,MAAM,EAAE,CAAC;oBACX,OAAO,IAAI,+BAA+B,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAChF,CAAC;qBAAM,CAAC;oBACN,OAAO,IAAI,+BAA+B,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAChF,CAAC;YACH,CAAC;QACH,CAAC;QACD,IAAI,KAAK,EAAE,CAAC;YACV,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACtC,MAAM,QAAQ,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBACvC,IAAI,MAAM,GAAG,KAAK,CAAC;gBACnB,IAAI,CAAC;oBACH,MAAM,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,CAAC;gBAC1C,CAAC;gBAAC,MAAM,CAAC;oBACP,eAAe;gBACjB,CAAC;gBACD,IAAI,MAAM,EAAE,CAAC;oBACX,OAAO,IAAI,2CAA2C,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAC5F,CAAC;qBAAM,CAAC;oBACN,OAAO,IAAI,2CAA2C,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAC5F,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,MAAM,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC;IAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,cAAc,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC/C,MAAM,aAAa,GAAG,WAAW,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC;QACrD,OAAO,IAAI,0CAA0C,kBAAkB,CAAC,aAAa,CAAC,OAAO,CAAC;IAChG,CAAC;IAED,IAAI,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,qBAAqB,EAAE,OAAO,EAAE,CAAC;QACpE,OAAO,IAAI,wBAAwB,CAAC;IACtC,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,GAAW;IAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,sBAAsB,EAAE,CAAC,CAAC,EAAE,EAAE;QAC/C,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;YACd,qDAAqD;YACrD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;YACf,mDAAmD;YACnD,4EAA4E;YAC5E,OAAO,UAAU,CAAC;QACpB,CAAC;QACD,wEAAwE;QACxE,2EAA2E;QAC3E,OAAO,MAAM,GAAG,CAAC,CAAC;IACpB,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/src/sandbox/macos/seatbeltArgsBuilder.test.js

@@ -3,116 +3,153 @@
  * Copyright 2026 Google LLC
  * SPDX-License-Identifier: Apache-2.0
  */
-import { describe, it, expect, vi } from 'vitest';
-import { buildSeatbeltArgs } from './seatbeltArgsBuilder.js';
+import { describe, it, expect, vi, afterEach } from 'vitest';
+import { buildSeatbeltProfile, escapeSchemeString, } from './seatbeltArgsBuilder.js';
+import * as fsUtils from '../utils/fsUtils.js';
 import fs from 'node:fs';
 import os from 'node:os';
-describe('seatbeltArgsBuilder', () => {
-    it('should build a strict allowlist profile allowing the workspace via param', () => {
-        // Mock realpathSync to just return the path for testing
-        vi.spyOn(fs, 'realpathSync').mockImplementation((p) => p);
-        const args = buildSeatbeltArgs({ workspace: '/Users/test/workspace' });
-        expect(args[0]).toBe('-p');
-        const profile = args[1];
-        expect(profile).toContain('(version 1)');
-        expect(profile).toContain('(deny default)');
-        expect(profile).toContain('(allow process-exec)');
-        expect(profile).toContain('(subpath (param "WORKSPACE"))');
-        expect(profile).not.toContain('(allow network*)');
-        expect(args).toContain('-D');
-        expect(args).toContain('WORKSPACE=/Users/test/workspace');
-        expect(args).toContain(`TMPDIR=${os.tmpdir()}`);
+vi.mock('../utils/fsUtils.js', async () => {
+    const actual = await vi.importActual('../utils/fsUtils.js');
+    return {
+        ...actual,
+        tryRealpath: vi.fn((p) => p),
+        resolveGitWorktreePaths: vi.fn(() => ({})),
+    };
+});
+describe.skipIf(os.platform() === 'win32')('seatbeltArgsBuilder', () => {
+    afterEach(() => {
         vi.restoreAllMocks();
     });
-    it('should allow network when networkAccess is true', () => {
-        const args = buildSeatbeltArgs({ workspace: '/test', networkAccess: true });
-        const profile = args[1];
-        expect(profile).toContain('(allow network-outbound)');
-    });
-    it('should parameterize allowed paths and normalize them', () => {
-        vi.spyOn(fs, 'realpathSync').mockImplementation((p) => {
-            if (p === '/test/symlink')
-                return '/test/real_path';
-            return p;
+    describe('escapeSchemeString', () => {
+        it('escapes quotes and backslashes', () => {
+            expect(escapeSchemeString('path/to/"file"')).toBe('path/to/\\"file\\"');
+            expect(escapeSchemeString('path\\to\\file')).toBe('path\\\\to\\\\file');
         });
-        const args = buildSeatbeltArgs({
-            workspace: '/test',
-            allowedPaths: ['/custom/path1', '/test/symlink'],
-        });
-        const profile = args[1];
-        expect(profile).toContain('(subpath (param "ALLOWED_PATH_0"))');
-        expect(profile).toContain('(subpath (param "ALLOWED_PATH_1"))');
-        expect(args).toContain('-D');
-        expect(args).toContain('ALLOWED_PATH_0=/custom/path1');
-        expect(args).toContain('ALLOWED_PATH_1=/test/real_path');
-        vi.restoreAllMocks();
     });
-    it('should resolve parent directories if a file does not exist', () => {
-        vi.spyOn(fs, 'realpathSync').mockImplementation((p) => {
-            if (p === '/test/symlink/nonexistent.txt') {
-                const error = new Error('ENOENT');
-                Object.assign(error, { code: 'ENOENT' });
-                throw error;
-            }
-            if (p === '/test/symlink') {
-                return '/test/real_path';
-            }
-            return p;
+    describe('buildSeatbeltProfile', () => {
+        it('should build a strict allowlist profile allowing the workspace', () => {
+            vi.mocked(fsUtils.tryRealpath).mockImplementation((p) => p);
+            const profile = buildSeatbeltProfile({
+                workspace: '/Users/test/workspace',
+                allowedPaths: [],
+                forbiddenPaths: [],
+            });
+            expect(profile).toContain('(version 1)');
+            expect(profile).toContain('(deny default)');
+            expect(profile).toContain('(allow process-exec)');
+            expect(profile).toContain(`(subpath "/Users/test/workspace")`);
+            expect(profile).not.toContain('(allow network*)');
         });
-        const args = buildSeatbeltArgs({
-            workspace: '/test/symlink/nonexistent.txt',
+        it('should allow network when networkAccess is true', () => {
+            vi.mocked(fsUtils.tryRealpath).mockImplementation((p) => p);
+            const profile = buildSeatbeltProfile({
+                workspace: '/test',
+                allowedPaths: [],
+                forbiddenPaths: [],
+                networkAccess: true,
+            });
+            expect(profile).toContain('(allow network-outbound)');
         });
-        expect(args).toContain('WORKSPACE=/test/real_path/nonexistent.txt');
-        vi.restoreAllMocks();
-    });
-    it('should throw if realpathSync throws a non-ENOENT error', () => {
-        vi.spyOn(fs, 'realpathSync').mockImplementation(() => {
-            const error = new Error('Permission denied');
-            Object.assign(error, { code: 'EACCES' });
-            throw error;
+        describe('governance files', () => {
+            it('should inject explicit deny rules for governance files', () => {
+                vi.mocked(fsUtils.tryRealpath).mockImplementation((p) => p.toString());
+                vi.spyOn(fs, 'existsSync').mockReturnValue(true);
+                vi.spyOn(fs, 'lstatSync').mockImplementation((p) => ({
+                    isDirectory: () => p.toString().endsWith('.git'),
+                    isFile: () => !p.toString().endsWith('.git'),
+                }));
+                const profile = buildSeatbeltProfile({
+                    workspace: '/test/workspace',
+                    allowedPaths: [],
+                    forbiddenPaths: [],
+                });
+                expect(profile).toContain(`(deny file-write* (literal "/test/workspace/.gitignore"))`);
+                expect(profile).toContain(`(deny file-write* (subpath "/test/workspace/.git"))`);
+            });
+            it('should protect both the symlink and the real path if they differ', () => {
+                vi.mocked(fsUtils.tryRealpath).mockImplementation((p) => {
+                    if (p === '/test/workspace/.gitignore')
+                        return '/test/real/.gitignore';
+                    return p.toString();
+                });
+                vi.spyOn(fs, 'existsSync').mockReturnValue(true);
+                vi.spyOn(fs, 'lstatSync').mockImplementation(() => ({
+                    isDirectory: () => false,
+                    isFile: () => true,
+                }));
+                const profile = buildSeatbeltProfile({
+                    workspace: '/test/workspace',
+                    allowedPaths: [],
+                    forbiddenPaths: [],
+                });
+                expect(profile).toContain(`(deny file-write* (literal "/test/workspace/.gitignore"))`);
+                expect(profile).toContain(`(deny file-write* (literal "/test/real/.gitignore"))`);
+            });
         });
-        expect(() => buildSeatbeltArgs({
-            workspace: '/test/workspace',
-        })).toThrow('Permission denied');
-        vi.restoreAllMocks();
-    });
-    describe('governance files', () => {
-        it('should inject explicit deny rules for governance files', () => {
-            vi.spyOn(fs, 'realpathSync').mockImplementation((p) => p.toString());
-            vi.spyOn(fs, 'existsSync').mockReturnValue(true);
-            vi.spyOn(fs, 'lstatSync').mockImplementation((p) => ({
-                isDirectory: () => p.toString().endsWith('.git'),
-                isFile: () => !p.toString().endsWith('.git'),
-            }));
-            const args = buildSeatbeltArgs({ workspace: '/Users/test/workspace' });
-            const profile = args[1];
-            // .gitignore should be a literal deny
-            expect(args).toContain('-D');
-            expect(args).toContain('GOVERNANCE_FILE_0=/Users/test/workspace/.gitignore');
-            expect(profile).toContain('(deny file-write* (literal (param "GOVERNANCE_FILE_0")))');
-            // .git should be a subpath deny
-            expect(args).toContain('GOVERNANCE_FILE_2=/Users/test/workspace/.git');
-            expect(profile).toContain('(deny file-write* (subpath (param "GOVERNANCE_FILE_2")))');
-            vi.restoreAllMocks();
+        describe('allowedPaths', () => {
+            it('should embed allowed paths and normalize them', () => {
+                vi.mocked(fsUtils.tryRealpath).mockImplementation((p) => {
+                    if (p === '/test/symlink')
+                        return '/test/real_path';
+                    return p;
+                });
+                const profile = buildSeatbeltProfile({
+                    workspace: '/test',
+                    allowedPaths: ['/custom/path1', '/test/symlink'],
+                    forbiddenPaths: [],
+                });
+                expect(profile).toContain(`(subpath "/custom/path1")`);
+                expect(profile).toContain(`(subpath "/test/real_path")`);
+            });
         });
-        it('should protect both the symlink and the real path if they differ', () => {
-            vi.spyOn(fs, 'realpathSync').mockImplementation((p) => {
-                if (p === '/test/workspace/.gitignore')
-                    return '/test/real/.gitignore';
-                return p.toString();
+        describe('forbiddenPaths', () => {
+            it('should explicitly deny forbidden paths', () => {
+                vi.mocked(fsUtils.tryRealpath).mockImplementation((p) => p);
+                const profile = buildSeatbeltProfile({
+                    workspace: '/test',
+                    allowedPaths: [],
+                    forbiddenPaths: ['/secret/path'],
+                });
+                expect(profile).toContain(`(deny file-read* file-write* (subpath "/secret/path"))`);
+            });
+            it('resolves forbidden symlink paths to their real paths', () => {
+                vi.mocked(fsUtils.tryRealpath).mockImplementation((p) => {
+                    if (p === '/test/symlink' || p === '/test/missing-dir') {
+                        return '/test/real_path';
+                    }
+                    return p;
+                });
+                const profile = buildSeatbeltProfile({
+                    workspace: '/test',
+                    allowedPaths: [],
+                    forbiddenPaths: ['/test/symlink'],
+                });
+                expect(profile).toContain(`(deny file-read* file-write* (subpath "/test/real_path"))`);
+            });
+            it('explicitly denies non-existent forbidden paths to prevent creation', () => {
+                vi.mocked(fsUtils.tryRealpath).mockImplementation((p) => p);
+                const profile = buildSeatbeltProfile({
+                    workspace: '/test',
+                    allowedPaths: [],
+                    forbiddenPaths: ['/test/missing-dir/missing-file.txt'],
+                });
+                expect(profile).toContain(`(deny file-read* file-write* (subpath "/test/missing-dir/missing-file.txt"))`);
+            });
+            it('should override allowed paths if a path is also in forbidden paths', () => {
+                vi.mocked(fsUtils.tryRealpath).mockImplementation((p) => p);
+                const profile = buildSeatbeltProfile({
+                    workspace: '/test',
+                    allowedPaths: ['/custom/path1'],
+                    forbiddenPaths: ['/custom/path1'],
+                });
+                const allowString = `(allow file-read* file-write* (subpath "/custom/path1"))`;
+                const denyString = `(deny file-read* file-write* (subpath "/custom/path1"))`;
+                expect(profile).toContain(allowString);
+                expect(profile).toContain(denyString);
+                const allowIndex = profile.indexOf(allowString);
+                const denyIndex = profile.indexOf(denyString);
+                expect(denyIndex).toBeGreaterThan(allowIndex);
             });
-            vi.spyOn(fs, 'existsSync').mockReturnValue(true);
-            vi.spyOn(fs, 'lstatSync').mockImplementation(() => ({
-                isDirectory: () => false,
-                isFile: () => true,
-            }));
-            const args = buildSeatbeltArgs({ workspace: '/test/workspace' });
-            const profile = args[1];
-            expect(args).toContain('GOVERNANCE_FILE_0=/test/workspace/.gitignore');
-            expect(args).toContain('REAL_GOVERNANCE_FILE_0=/test/real/.gitignore');
-            expect(profile).toContain('(deny file-write* (literal (param "GOVERNANCE_FILE_0")))');
-            expect(profile).toContain('(deny file-write* (literal (param "REAL_GOVERNANCE_FILE_0")))');
-            vi.restoreAllMocks();
         });
     });
 });

package/dist/src/sandbox/macos/seatbeltArgsBuilder.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"seatbeltArgsBuilder.test.js","sourceRoot":"","sources":["../../../../src/sandbox/macos/seatbeltArgsBuilder.test.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,EAAE,CAAC,0EAA0E,EAAE,GAAG,EAAE;QAClF,wDAAwD;QACxD,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAW,CAAC,CAAC;QAEpE,MAAM,IAAI,GAAG,iBAAiB,CAAC,EAAE,SAAS,EAAE,uBAAuB,EAAE,CAAC,CAAC;QAEvE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACxB,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QACzC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;QAC5C,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,sBAAsB,CAAC,CAAC;QAClD,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,+BAA+B,CAAC,CAAC;QAC3D,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;QAElD,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,iCAAiC,CAAC,CAAC;QAC1D,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAEhD,EAAE,CAAC,eAAe,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;QACzD,MAAM,IAAI,GAAG,iBAAiB,CAAC,EAAE,SAAS,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5E,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACxB,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;QAC9D,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,EAAE;YACpD,IAAI,CAAC,KAAK,eAAe;gBAAE,OAAO,iBAAiB,CAAC;YACpD,OAAO,CAAW,CAAC;QACrB,CAAC,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,iBAAiB,CAAC;YAC7B,SAAS,EAAE,OAAO;YAClB,YAAY,EAAE,CAAC,eAAe,EAAE,eAAe,CAAC;SACjD,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACxB,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,oCAAoC,CAAC,CAAC;QAChE,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,oCAAoC,CAAC,CAAC;QAEhE,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,8BAA8B,CAAC,CAAC;QACvD,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,gCAAgC,CAAC,CAAC;QAEzD,EAAE,CAAC,eAAe,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4DAA4D,EAAE,GAAG,EAAE;QACpE,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,EAAE;YACpD,IAAI,CAAC,KAAK,+BAA+B,EAAE,CAAC;gBAC1C,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,QAAQ,CAAC,CAAC;gBAClC,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;gBACzC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,IAAI,CAAC,KAAK,eAAe,EAAE,CAAC;gBAC1B,OAAO,iBAAiB,CAAC;YAC3B,CAAC;YACD,OAAO,CAAW,CAAC;QACrB,CAAC,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,iBAAiB,CAAC;YAC7B,SAAS,EAAE,+BAA+B;SAC3C,CAAC,CAAC;QAEH,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,2CAA2C,CAAC,CAAC;QACpE,EAAE,CAAC,eAAe,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;QAChE,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE;YACnD,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC7C,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;YACzC,MAAM,KAAK,CAAC;QACd,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,GAAG,EAAE,CACV,iBAAiB,CAAC;YAChB,SAAS,EAAE,iBAAiB;SAC7B,CAAC,CACH,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;QAE/B,EAAE,CAAC,eAAe,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;QAChC,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;YAChE,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;YACrE,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YACjD,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC,kBAAkB,CAC1C,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC;gBACC,WAAW,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC;gBAChD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC;aAC7C,CAAwB,CAC5B,CAAC;YAEF,MAAM,IAAI,GAAG,iBAAiB,CAAC,EAAE,SAAS,EAAE,uBAAuB,EAAE,CAAC,CAAC;YACvE,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YAExB,sCAAsC;YACtC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CACpB,oDAAoD,CACrD,CAAC;YACF,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CACvB,0DAA0D,CAC3D,CAAC;YAEF,gCAAgC;YAChC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,8CAA8C,CAAC,CAAC;YACvE,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CACvB,0DAA0D,CAC3D,CAAC;YAEF,EAAE,CAAC,eAAe,EAAE,CAAC;QACvB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kEAAkE,EAAE,GAAG,EAAE;YAC1E,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,EAAE;gBACpD,IAAI,CAAC,KAAK,4BAA4B;oBAAE,OAAO,uBAAuB,CAAC;gBACvE,OAAO,CAAC,CAAC,QAAQ,EAAE,CAAC;YACtB,CAAC,CAAC,CAAC;YACH,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YACjD,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC,kBAAkB,CAC1C,GAAG,EAAE,CACH,CAAC;gBACC,WAAW,EAAE,GAAG,EAAE,CAAC,KAAK;gBACxB,MAAM,EAAE,GAAG,EAAE,CAAC,IAAI;aACnB,CAAwB,CAC5B,CAAC;YAEF,MAAM,IAAI,GAAG,iBAAiB,CAAC,EAAE,SAAS,EAAE,iBAAiB,EAAE,CAAC,CAAC;YACjE,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YAExB,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,8CAA8C,CAAC,CAAC;YACvE,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,8CAA8C,CAAC,CAAC;YACvE,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CACvB,0DAA0D,CAC3D,CAAC;YACF,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CACvB,+DAA+D,CAChE,CAAC;YAEF,EAAE,CAAC,eAAe,EAAE,CAAC;QACvB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"seatbeltArgsBuilder.test.js","sourceRoot":"","sources":["../../../../src/sandbox/macos/seatbeltArgsBuilder.test.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AAC7D,OAAO,EACL,oBAAoB,EACpB,kBAAkB,GACnB,MAAM,0BAA0B,CAAC;AAClC,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,EAAE,CAAC,IAAI,CAAC,qBAAqB,EAAE,KAAK,IAAI,EAAE;IACxC,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,qBAAqB,CAAC,CAAC;IAC5D,OAAO;QACL,GAAG,MAAM;QACT,WAAW,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QAC5B,uBAAuB,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;KAC3C,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,OAAO,CAAC,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACrE,SAAS,CAAC,GAAG,EAAE;QACb,EAAE,CAAC,eAAe,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAClC,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,CAAC,kBAAkB,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YACxE,MAAM,CAAC,kBAAkB,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QAC1E,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;QACpC,EAAE,CAAC,gEAAgE,EAAE,GAAG,EAAE;YACxE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;YAE5D,MAAM,OAAO,GAAG,oBAAoB,CAAC;gBACnC,SAAS,EAAE,uBAAuB;gBAClC,YAAY,EAAE,EAAE;gBAChB,cAAc,EAAE,EAAE;aACnB,CAAC,CAAC;YAEH,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;YACzC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;YAC5C,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,sBAAsB,CAAC,CAAC;YAClD,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,mCAAmC,CAAC,CAAC;YAC/D,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;YACzD,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;YAC5D,MAAM,OAAO,GAAG,oBAAoB,CAAC;gBACnC,SAAS,EAAE,OAAO;gBAClB,YAAY,EAAE,EAAE;gBAChB,cAAc,EAAE,EAAE;gBAClB,aAAa,EAAE,IAAI;aACpB,CAAC,CAAC;YACH,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;QAEH,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;YAChC,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;gBAChE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;gBACvE,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;gBACjD,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC,kBAAkB,CAC1C,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC;oBACC,WAAW,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC;oBAChD,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC;iBAC7C,CAAwB,CAC5B,CAAC;gBAEF,MAAM,OAAO,GAAG,oBAAoB,CAAC;oBACnC,SAAS,EAAE,iBAAiB;oBAC5B,YAAY,EAAE,EAAE;oBAChB,cAAc,EAAE,EAAE;iBACnB,CAAC,CAAC;gBAEH,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CACvB,2DAA2D,CAC5D,CAAC;gBAEF,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CACvB,qDAAqD,CACtD,CAAC;YACJ,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,kEAAkE,EAAE,GAAG,EAAE;gBAC1E,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,EAAE;oBACtD,IAAI,CAAC,KAAK,4BAA4B;wBACpC,OAAO,uBAAuB,CAAC;oBACjC,OAAO,CAAC,CAAC,QAAQ,EAAE,CAAC;gBACtB,CAAC,CAAC,CAAC;gBACH,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;gBACjD,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC,kBAAkB,CAC1C,GAAG,EAAE,CACH,CAAC;oBACC,WAAW,EAAE,GAAG,EAAE,CAAC,KAAK;oBACxB,MAAM,EAAE,GAAG,EAAE,CAAC,IAAI;iBACnB,CAAwB,CAC5B,CAAC;gBAEF,MAAM,OAAO,GAAG,oBAAoB,CAAC;oBACnC,SAAS,EAAE,iBAAiB;oBAC5B,YAAY,EAAE,EAAE;oBAChB,cAAc,EAAE,EAAE;iBACnB,CAAC,CAAC;gBAEH,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CACvB,2DAA2D,CAC5D,CAAC;gBACF,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CACvB,sDAAsD,CACvD,CAAC;YACJ,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;YAC5B,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;gBACvD,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,EAAE;oBACtD,IAAI,CAAC,KAAK,eAAe;wBAAE,OAAO,iBAAiB,CAAC;oBACpD,OAAO,CAAC,CAAC;gBACX,CAAC,CAAC,CAAC;gBAEH,MAAM,OAAO,GAAG,oBAAoB,CAAC;oBACnC,SAAS,EAAE,OAAO;oBAClB,YAAY,EAAE,CAAC,eAAe,EAAE,eAAe,CAAC;oBAChD,cAAc,EAAE,EAAE;iBACnB,CAAC,CAAC;gBAEH,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,2BAA2B,CAAC,CAAC;gBACvD,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,6BAA6B,CAAC,CAAC;YAC3D,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;YAC9B,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;gBAChD,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;gBAE5D,MAAM,OAAO,GAAG,oBAAoB,CAAC;oBACnC,SAAS,EAAE,OAAO;oBAClB,YAAY,EAAE,EAAE;oBAChB,cAAc,EAAE,CAAC,cAAc,CAAC;iBACjC,CAAC,CAAC;gBAEH,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CACvB,wDAAwD,CACzD,CAAC;YACJ,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;gBAC9D,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,EAAE;oBACtD,IAAI,CAAC,KAAK,eAAe,IAAI,CAAC,KAAK,mBAAmB,EAAE,CAAC;wBACvD,OAAO,iBAAiB,CAAC;oBAC3B,CAAC;oBACD,OAAO,CAAC,CAAC;gBACX,CAAC,CAAC,CAAC;gBAEH,MAAM,OAAO,GAAG,oBAAoB,CAAC;oBACnC,SAAS,EAAE,OAAO;oBAClB,YAAY,EAAE,EAAE;oBAChB,cAAc,EAAE,CAAC,eAAe,CAAC;iBAClC,CAAC,CAAC;gBAEH,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CACvB,2DAA2D,CAC5D,CAAC;YACJ,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,oEAAoE,EAAE,GAAG,EAAE;gBAC5E,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;gBAE5D,MAAM,OAAO,GAAG,oBAAoB,CAAC;oBACnC,SAAS,EAAE,OAAO;oBAClB,YAAY,EAAE,EAAE;oBAChB,cAAc,EAAE,CAAC,oCAAoC,CAAC;iBACvD,CAAC,CAAC;gBAEH,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CACvB,8EAA8E,CAC/E,CAAC;YACJ,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,oEAAoE,EAAE,GAAG,EAAE;gBAC5E,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;gBAE5D,MAAM,OAAO,GAAG,oBAAoB,CAAC;oBACnC,SAAS,EAAE,OAAO;oBAClB,YAAY,EAAE,CAAC,eAAe,CAAC;oBAC/B,cAAc,EAAE,CAAC,eAAe,CAAC;iBAClC,CAAC,CAAC;gBAEH,MAAM,WAAW,GAAG,0DAA0D,CAAC;gBAC/E,MAAM,UAAU,GAAG,yDAAyD,CAAC;gBAE7E,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;gBACvC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;gBAEtC,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;gBAChD,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;gBAC9C,MAAM,CAAC,SAAS,CAAC,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC;YAChD,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}