@machina.ai/cell-cli-core 1.36.0-rc1 → 1.38.1-rc2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/docs/AFTER_MERGE_PROMPT.md +3 -10
- package/dist/docs/assets/theme-tokyonight-dark.png +0 -0
- package/dist/docs/changelogs/index.md +49 -0
- package/dist/docs/changelogs/latest.md +355 -458
- package/dist/docs/changelogs/preview.md +402 -363
- package/dist/docs/cli/acp-mode.md +126 -0
- package/dist/docs/cli/cli-reference.md +1 -1
- package/dist/docs/cli/notifications.md +5 -5
- package/dist/docs/cli/plan-mode.md +26 -10
- package/dist/docs/cli/sandbox.md +53 -1
- package/dist/docs/cli/settings.md +52 -48
- package/dist/docs/cli/themes.md +5 -0
- package/dist/docs/core/index.md +2 -2
- package/dist/docs/core/remote-agents.md +14 -18
- package/dist/docs/core/subagents.md +194 -47
- package/dist/docs/get-started/authentication.md +2 -2
- package/dist/docs/get-started/gemini-3.md +1 -1
- package/dist/docs/get-started/index.md +127 -1
- package/dist/docs/get-started/installation.md +7 -0
- package/dist/docs/hooks/index.md +6 -6
- package/dist/docs/ide-integration/index.md +99 -24
- package/dist/docs/index.md +0 -2
- package/dist/docs/redirects.json +1 -0
- package/dist/docs/reference/commands.md +1 -3
- package/dist/docs/reference/configuration.md +220 -99
- package/dist/docs/reference/keyboard-shortcuts.md +21 -8
- package/dist/docs/reference/policy-engine.md +36 -31
- package/dist/docs/reference/tools.md +56 -23
- package/dist/docs/release-confidence.md +0 -6
- package/dist/docs/releases.md +4 -0
- package/dist/docs/resources/quota-and-pricing.md +23 -9
- package/dist/docs/sidebar.json +11 -4
- package/dist/docs/tools/mcp-server.md +3 -3
- package/dist/docs/tools/planning.md +6 -4
- package/dist/docs/tools/web-fetch.md +3 -0
- package/dist/package.json +2 -1
- package/dist/src/agent/agent-session.test.js +14 -6
- package/dist/src/agent/agent-session.test.js.map +1 -1
- package/dist/src/agent/event-translator.js +2 -1
- package/dist/src/agent/event-translator.js.map +1 -1
- package/dist/src/agent/event-translator.test.js +1 -0
- package/dist/src/agent/event-translator.test.js.map +1 -1
- package/dist/src/agent/legacy-agent-session.d.ts +47 -4
- package/dist/src/agent/legacy-agent-session.js +38 -15
- package/dist/src/agent/legacy-agent-session.js.map +1 -1
- package/dist/src/agent/legacy-agent-session.test.js +60 -73
- package/dist/src/agent/legacy-agent-session.test.js.map +1 -1
- package/dist/src/agent/mock.js +7 -1
- package/dist/src/agent/mock.js.map +1 -1
- package/dist/src/agent/mock.test.js +1 -1
- package/dist/src/agent/mock.test.js.map +1 -1
- package/dist/src/agent/types.d.ts +34 -1
- package/dist/src/agents/a2a-client-manager.js +3 -3
- package/dist/src/agents/a2a-client-manager.js.map +1 -1
- package/dist/src/agents/agent-scheduler.js +6 -1
- package/dist/src/agents/agent-scheduler.js.map +1 -1
- package/dist/src/agents/agent-scheduler.test.js +38 -0
- package/dist/src/agents/agent-scheduler.test.js.map +1 -1
- package/dist/src/agents/agentLoader.d.ts +12 -12
- package/dist/src/agents/agentLoader.js +1 -0
- package/dist/src/agents/agentLoader.js.map +1 -1
- package/dist/src/agents/auth-provider/api-key-provider.test.js +18 -2
- package/dist/src/agents/auth-provider/api-key-provider.test.js.map +1 -1
- package/dist/src/agents/auth-provider/value-resolver.test.js +30 -0
- package/dist/src/agents/auth-provider/value-resolver.test.js.map +1 -1
- package/dist/src/agents/browser/analyzeScreenshot.js +36 -6
- package/dist/src/agents/browser/analyzeScreenshot.js.map +1 -1
- package/dist/src/agents/browser/analyzeScreenshot.test.js +35 -3
- package/dist/src/agents/browser/analyzeScreenshot.test.js.map +1 -1
- package/dist/src/agents/browser/automationOverlay.js +2 -10
- package/dist/src/agents/browser/automationOverlay.js.map +1 -1
- package/dist/src/agents/browser/browserAgentDefinition.js +10 -3
- package/dist/src/agents/browser/browserAgentDefinition.js.map +1 -1
- package/dist/src/agents/browser/browserAgentFactory.d.ts +11 -3
- package/dist/src/agents/browser/browserAgentFactory.js +171 -129
- package/dist/src/agents/browser/browserAgentFactory.js.map +1 -1
- package/dist/src/agents/browser/browserAgentFactory.test.js +99 -13
- package/dist/src/agents/browser/browserAgentFactory.test.js.map +1 -1
- package/dist/src/agents/browser/browserAgentInvocation.d.ts +1 -0
- package/dist/src/agents/browser/browserAgentInvocation.js +87 -27
- package/dist/src/agents/browser/browserAgentInvocation.js.map +1 -1
- package/dist/src/agents/browser/browserAgentInvocation.test.js +107 -7
- package/dist/src/agents/browser/browserAgentInvocation.test.js.map +1 -1
- package/dist/src/agents/browser/browserManager.d.ts +89 -8
- package/dist/src/agents/browser/browserManager.js +357 -74
- package/dist/src/agents/browser/browserManager.js.map +1 -1
- package/dist/src/agents/browser/browserManager.test.js +540 -19
- package/dist/src/agents/browser/browserManager.test.js.map +1 -1
- package/dist/src/agents/browser/inputBlocker.d.ts +4 -4
- package/dist/src/agents/browser/inputBlocker.js +8 -18
- package/dist/src/agents/browser/inputBlocker.js.map +1 -1
- package/dist/src/agents/browser/inputBlocker.test.js +31 -3
- package/dist/src/agents/browser/inputBlocker.test.js.map +1 -1
- package/dist/src/agents/browser/mcpToolWrapper.d.ts +1 -1
- package/dist/src/agents/browser/mcpToolWrapper.js +9 -6
- package/dist/src/agents/browser/mcpToolWrapper.js.map +1 -1
- package/dist/src/agents/browser/mcpToolWrapper.test.js +2 -2
- package/dist/src/agents/browser/mcpToolWrapper.test.js.map +1 -1
- package/dist/src/agents/browser/modelAvailability.d.ts +5 -0
- package/dist/src/agents/browser/modelAvailability.js +12 -0
- package/dist/src/agents/browser/modelAvailability.js.map +1 -1
- package/dist/src/agents/browser/snapshotSuperseder.d.ts +31 -0
- package/dist/src/agents/browser/snapshotSuperseder.js +101 -0
- package/dist/src/agents/browser/snapshotSuperseder.js.map +1 -0
- package/dist/src/agents/browser/snapshotSuperseder.test.js +158 -0
- package/dist/src/agents/browser/snapshotSuperseder.test.js.map +1 -0
- package/dist/src/agents/local-executor.d.ts +9 -0
- package/dist/src/agents/local-executor.js +144 -200
- package/dist/src/agents/local-executor.js.map +1 -1
- package/dist/src/agents/local-executor.test.js +500 -115
- package/dist/src/agents/local-executor.test.js.map +1 -1
- package/dist/src/agents/local-invocation.d.ts +1 -0
- package/dist/src/agents/local-invocation.js +19 -9
- package/dist/src/agents/local-invocation.js.map +1 -1
- package/dist/src/agents/local-invocation.test.js +24 -0
- package/dist/src/agents/local-invocation.test.js.map +1 -1
- package/dist/src/agents/memory-manager-agent.js +1 -0
- package/dist/src/agents/memory-manager-agent.js.map +1 -1
- package/dist/src/agents/memory-manager-agent.test.js +6 -0
- package/dist/src/agents/memory-manager-agent.test.js.map +1 -1
- package/dist/src/agents/registry.js +19 -11
- package/dist/src/agents/registry.js.map +1 -1
- package/dist/src/agents/registry.test.js +67 -0
- package/dist/src/agents/registry.test.js.map +1 -1
- package/dist/src/agents/skill-extraction-agent.d.ts +24 -0
- package/dist/src/agents/skill-extraction-agent.js +269 -0
- package/dist/src/agents/skill-extraction-agent.js.map +1 -0
- package/dist/src/agents/types.d.ts +20 -0
- package/dist/src/agents/types.js.map +1 -1
- package/dist/src/availability/policyCatalog.d.ts +2 -1
- package/dist/src/availability/policyCatalog.js +1 -1
- package/dist/src/availability/policyCatalog.js.map +1 -1
- package/dist/src/availability/policyHelpers.js +43 -32
- package/dist/src/availability/policyHelpers.js.map +1 -1
- package/dist/src/availability/policyHelpers.test.js +12 -1
- package/dist/src/availability/policyHelpers.test.js.map +1 -1
- package/dist/src/code_assist/admin/admin_controls.js +1 -1
- package/dist/src/code_assist/admin/admin_controls.js.map +1 -1
- package/dist/src/code_assist/experiments/flagNames.d.ts +1 -0
- package/dist/src/code_assist/experiments/flagNames.js +1 -0
- package/dist/src/code_assist/experiments/flagNames.js.map +1 -1
- package/dist/src/code_assist/oauth2.js +8 -3
- package/dist/src/code_assist/oauth2.js.map +1 -1
- package/dist/src/code_assist/oauth2.test.js +57 -0
- package/dist/src/code_assist/oauth2.test.js.map +1 -1
- package/dist/src/code_assist/server.js +1 -1
- package/dist/src/code_assist/server.js.map +1 -1
- package/dist/src/code_assist/setup.js +5 -2
- package/dist/src/code_assist/setup.js.map +1 -1
- package/dist/src/code_assist/setup.test.js +27 -1
- package/dist/src/code_assist/setup.test.js.map +1 -1
- package/dist/src/code_assist/types.d.ts +80 -80
- package/dist/src/commands/memory.js +1 -1
- package/dist/src/commands/memory.js.map +1 -1
- package/dist/src/config/agent-loop-context.d.ts +2 -0
- package/dist/src/config/config.d.ts +91 -23
- package/dist/src/config/config.js +238 -79
- package/dist/src/config/config.js.map +1 -1
- package/dist/src/config/config.test.js +189 -15
- package/dist/src/config/config.test.js.map +1 -1
- package/dist/src/config/defaultModelConfigs.js +9 -0
- package/dist/src/config/defaultModelConfigs.js.map +1 -1
- package/dist/src/config/extensions/integrity.js +1 -1
- package/dist/src/config/extensions/integrity.js.map +1 -1
- package/dist/src/config/memory.d.ts +1 -0
- package/dist/src/config/memory.js +6 -0
- package/dist/src/config/memory.js.map +1 -1
- package/dist/src/config/projectRegistry.js +5 -3
- package/dist/src/config/projectRegistry.js.map +1 -1
- package/dist/src/config/scoped-config.d.ts +30 -0
- package/dist/src/config/scoped-config.js +69 -0
- package/dist/src/config/scoped-config.js.map +1 -0
- package/dist/src/config/scoped-config.test.d.ts +6 -0
- package/dist/src/config/scoped-config.test.js +161 -0
- package/dist/src/config/scoped-config.test.js.map +1 -0
- package/dist/src/config/storage.d.ts +3 -0
- package/dist/src/config/storage.js +9 -0
- package/dist/src/config/storage.js.map +1 -1
- package/dist/src/config/storage.test.js +10 -5
- package/dist/src/config/storage.test.js.map +1 -1
- package/dist/src/config/topicState.d.ts +21 -0
- package/dist/src/config/topicState.js +41 -0
- package/dist/src/config/topicState.js.map +1 -0
- package/dist/src/confirmation-bus/types.d.ts +13 -4
- package/dist/src/confirmation-bus/types.js +2 -0
- package/dist/src/confirmation-bus/types.js.map +1 -1
- package/dist/src/context/agentHistoryProvider.d.ts +45 -0
- package/dist/src/context/agentHistoryProvider.js +294 -0
- package/dist/src/context/agentHistoryProvider.js.map +1 -0
- package/dist/src/context/agentHistoryProvider.test.d.ts +6 -0
- package/dist/src/context/agentHistoryProvider.test.js +357 -0
- package/dist/src/context/agentHistoryProvider.test.js.map +1 -0
- package/dist/src/context/chatCompressionService.js.map +1 -0
- package/dist/src/context/chatCompressionService.test.js.map +1 -0
- package/dist/src/context/contextCompressionService.d.ts +30 -0
- package/dist/src/context/contextCompressionService.js +405 -0
- package/dist/src/context/contextCompressionService.js.map +1 -0
- package/dist/src/context/contextCompressionService.test.js +253 -0
- package/dist/src/context/contextCompressionService.test.js.map +1 -0
- package/dist/src/{services/contextManager.d.ts → context/memoryContextManager.d.ts} +3 -1
- package/dist/src/{services/contextManager.js → context/memoryContextManager.js} +20 -11
- package/dist/src/context/memoryContextManager.js.map +1 -0
- package/dist/src/{services/contextManager.test.js → context/memoryContextManager.test.js} +42 -33
- package/dist/src/context/memoryContextManager.test.js.map +1 -0
- package/dist/src/context/profiles.d.ts +7 -0
- package/dist/src/context/profiles.js +21 -0
- package/dist/src/context/profiles.js.map +1 -0
- package/dist/src/context/toolDistillationService.d.ts +38 -0
- package/dist/src/context/toolDistillationService.js +170 -0
- package/dist/src/context/toolDistillationService.js.map +1 -0
- package/dist/src/context/toolDistillationService.test.d.ts +6 -0
- package/dist/src/context/toolDistillationService.test.js +86 -0
- package/dist/src/context/toolDistillationService.test.js.map +1 -0
- package/dist/src/{services → context}/toolOutputMaskingService.d.ts +2 -2
- package/dist/src/{services → context}/toolOutputMaskingService.js +7 -7
- package/dist/src/context/toolOutputMaskingService.js.map +1 -0
- package/dist/src/context/toolOutputMaskingService.test.d.ts +6 -0
- package/dist/src/{services → context}/toolOutputMaskingService.test.js +4 -5
- package/dist/src/context/toolOutputMaskingService.test.js.map +1 -0
- package/dist/src/context/truncation.d.ts +26 -0
- package/dist/src/context/truncation.js +102 -0
- package/dist/src/context/truncation.js.map +1 -0
- package/dist/src/context/types.d.ts +36 -0
- package/dist/src/context/types.js +7 -0
- package/dist/src/context/types.js.map +1 -0
- package/dist/src/core/AuthenticatedContentGenerator.js +9 -1
- package/dist/src/core/AuthenticatedContentGenerator.js.map +1 -1
- package/dist/src/core/baseLlmClient.js +1 -1
- package/dist/src/core/baseLlmClient.js.map +1 -1
- package/dist/src/core/baseLlmClient.test.js +1 -0
- package/dist/src/core/baseLlmClient.test.js.map +1 -1
- package/dist/src/core/client.d.ts +3 -1
- package/dist/src/core/client.js +24 -14
- package/dist/src/core/client.js.map +1 -1
- package/dist/src/core/client.test.js +36 -40
- package/dist/src/core/client.test.js.map +1 -1
- package/dist/src/core/contentGenerator.d.ts +0 -1
- package/dist/src/core/contentGenerator.js +2 -28
- package/dist/src/core/contentGenerator.js.map +1 -1
- package/dist/src/core/contentGenerator.test.js +1 -101
- package/dist/src/core/contentGenerator.test.js.map +1 -1
- package/dist/src/core/geminiChat.js +12 -5
- package/dist/src/core/geminiChat.js.map +1 -1
- package/dist/src/core/geminiChat.test.js +72 -18
- package/dist/src/core/geminiChat.test.js.map +1 -1
- package/dist/src/core/geminiChat_network_retry.test.js +1 -0
- package/dist/src/core/geminiChat_network_retry.test.js.map +1 -1
- package/dist/src/core/logger.js +4 -4
- package/dist/src/core/logger.js.map +1 -1
- package/dist/src/core/logger.test.js +1 -1
- package/dist/src/core/logger.test.js.map +1 -1
- package/dist/src/core/loggingContentGenerator.js +1 -1
- package/dist/src/core/loggingContentGenerator.js.map +1 -1
- package/dist/src/core/prompts-substitution.test.js +5 -0
- package/dist/src/core/prompts-substitution.test.js.map +1 -1
- package/dist/src/core/prompts.test.js +3 -0
- package/dist/src/core/prompts.test.js.map +1 -1
- package/dist/src/generated/git-commit.d.ts +2 -2
- package/dist/src/generated/git-commit.js +2 -2
- package/dist/src/hooks/hookEventHandler.js +8 -0
- package/dist/src/hooks/hookEventHandler.js.map +1 -1
- package/dist/src/hooks/hookRunner.js +9 -5
- package/dist/src/hooks/hookRunner.js.map +1 -1
- package/dist/src/hooks/hookRunner.test.js +20 -3
- package/dist/src/hooks/hookRunner.test.js.map +1 -1
- package/dist/src/hooks/hookSystem.d.ts +2 -0
- package/dist/src/hooks/hookSystem.js +1 -0
- package/dist/src/hooks/hookSystem.js.map +1 -1
- package/dist/src/hooks/hookTranslator.js +20 -13
- package/dist/src/hooks/hookTranslator.js.map +1 -1
- package/dist/src/hooks/hookTranslator.test.js +36 -0
- package/dist/src/hooks/hookTranslator.test.js.map +1 -1
- package/dist/src/hooks/types.d.ts +2 -0
- package/dist/src/ide/ide-client.js +3 -3
- package/dist/src/ide/ide-client.js.map +1 -1
- package/dist/src/ide/ide-connection-utils.js +1 -1
- package/dist/src/ide/ide-connection-utils.js.map +1 -1
- package/dist/src/ide/ide-installer.js +5 -4
- package/dist/src/ide/ide-installer.js.map +1 -1
- package/dist/src/ide/process-utils.js +3 -3
- package/dist/src/ide/process-utils.js.map +1 -1
- package/dist/src/index.d.ts +10 -3
- package/dist/src/index.js +13 -5
- package/dist/src/index.js.map +1 -1
- package/dist/src/mcp/mcpLauncher.js +1 -1
- package/dist/src/output/json-formatter.js +2 -1
- package/dist/src/output/json-formatter.js.map +1 -1
- package/dist/src/policy/config.d.ts +1 -1
- package/dist/src/policy/config.js +61 -24
- package/dist/src/policy/config.js.map +1 -1
- package/dist/src/policy/config.test.js +21 -20
- package/dist/src/policy/config.test.js.map +1 -1
- package/dist/src/policy/persistence.test.js +42 -0
- package/dist/src/policy/persistence.test.js.map +1 -1
- package/dist/src/policy/policies/discovered.toml +7 -0
- package/dist/src/policy/policies/memory-manager.toml +11 -1
- package/dist/src/policy/policies/non-interactive.toml +7 -0
- package/dist/src/policy/policies/plan.toml +36 -2
- package/dist/src/policy/policies/read-only.toml +12 -0
- package/dist/src/policy/policies/sandbox-default.toml +4 -4
- package/dist/src/policy/policies/write.toml +21 -0
- package/dist/src/policy/policies/yolo.toml +1 -1
- package/dist/src/policy/policy-engine.d.ts +2 -4
- package/dist/src/policy/policy-engine.js +47 -37
- package/dist/src/policy/policy-engine.js.map +1 -1
- package/dist/src/policy/policy-engine.test.js +236 -30
- package/dist/src/policy/policy-engine.test.js.map +1 -1
- package/dist/src/policy/sandboxPolicyManager.d.ts +26 -1
- package/dist/src/policy/sandboxPolicyManager.js +41 -12
- package/dist/src/policy/sandboxPolicyManager.js.map +1 -1
- package/dist/src/policy/sandboxPolicyManager.test.d.ts +6 -0
- package/dist/src/policy/sandboxPolicyManager.test.js +61 -0
- package/dist/src/policy/sandboxPolicyManager.test.js.map +1 -0
- package/dist/src/policy/topic-policy.test.d.ts +6 -0
- package/dist/src/policy/topic-policy.test.js +48 -0
- package/dist/src/policy/topic-policy.test.js.map +1 -0
- package/dist/src/policy/types.d.ts +9 -6
- package/dist/src/policy/types.js +11 -0
- package/dist/src/policy/types.js.map +1 -1
- package/dist/src/policy/workspace-policy.test.js +18 -15
- package/dist/src/policy/workspace-policy.test.js.map +1 -1
- package/dist/src/prompts/promptProvider.js +20 -4
- package/dist/src/prompts/promptProvider.js.map +1 -1
- package/dist/src/prompts/promptProvider.test.js +84 -1
- package/dist/src/prompts/promptProvider.test.js.map +1 -1
- package/dist/src/prompts/snippets-memory-manager.test.js +1 -1
- package/dist/src/prompts/snippets-memory-manager.test.js.map +1 -1
- package/dist/src/prompts/snippets.d.ts +3 -4
- package/dist/src/prompts/snippets.js +37 -52
- package/dist/src/prompts/snippets.js.map +1 -1
- package/dist/src/prompts/snippets.legacy.d.ts +6 -4
- package/dist/src/prompts/snippets.legacy.js +36 -7
- package/dist/src/prompts/snippets.legacy.js.map +1 -1
- package/dist/src/prompts/utils.test.js +7 -5
- package/dist/src/prompts/utils.test.js.map +1 -1
- package/dist/src/safety/built-in.js +1 -1
- package/dist/src/safety/built-in.js.map +1 -1
- package/dist/src/sandbox/linux/LinuxSandboxManager.d.ts +11 -1
- package/dist/src/sandbox/linux/LinuxSandboxManager.js +131 -41
- package/dist/src/sandbox/linux/LinuxSandboxManager.js.map +1 -1
- package/dist/src/sandbox/linux/LinuxSandboxManager.test.js +82 -139
- package/dist/src/sandbox/linux/LinuxSandboxManager.test.js.map +1 -1
- package/dist/src/sandbox/linux/bwrapArgsBuilder.d.ts +24 -0
- package/dist/src/sandbox/linux/bwrapArgsBuilder.js +200 -0
- package/dist/src/sandbox/linux/bwrapArgsBuilder.js.map +1 -0
- package/dist/src/sandbox/linux/bwrapArgsBuilder.test.d.ts +6 -0
- package/dist/src/sandbox/linux/bwrapArgsBuilder.test.js +247 -0
- package/dist/src/sandbox/linux/bwrapArgsBuilder.test.js.map +1 -0
- package/dist/src/sandbox/macos/MacOsSandboxManager.d.ts +10 -22
- package/dist/src/sandbox/macos/MacOsSandboxManager.js +67 -59
- package/dist/src/sandbox/macos/MacOsSandboxManager.js.map +1 -1
- package/dist/src/sandbox/macos/MacOsSandboxManager.test.js +168 -103
- package/dist/src/sandbox/macos/MacOsSandboxManager.test.js.map +1 -1
- package/dist/src/sandbox/macos/baseProfile.d.ts +1 -1
- package/dist/src/sandbox/macos/baseProfile.js +26 -8
- package/dist/src/sandbox/macos/baseProfile.js.map +1 -1
- package/dist/src/sandbox/macos/seatbeltArgsBuilder.d.ts +10 -10
- package/dist/src/sandbox/macos/seatbeltArgsBuilder.js +81 -93
- package/dist/src/sandbox/macos/seatbeltArgsBuilder.js.map +1 -1
- package/dist/src/sandbox/macos/seatbeltArgsBuilder.test.js +136 -99
- package/dist/src/sandbox/macos/seatbeltArgsBuilder.test.js.map +1 -1
- package/dist/src/sandbox/{macos → utils}/commandSafety.d.ts +11 -0
- package/dist/src/sandbox/{macos → utils}/commandSafety.js +47 -14
- package/dist/src/sandbox/utils/commandSafety.js.map +1 -0
- package/dist/src/sandbox/utils/commandUtils.d.ts +9 -0
- package/dist/src/sandbox/utils/commandUtils.js +57 -0
- package/dist/src/sandbox/utils/commandUtils.js.map +1 -0
- package/dist/src/sandbox/utils/fsUtils.d.ts +11 -0
- package/dist/src/sandbox/utils/fsUtils.js +84 -0
- package/dist/src/sandbox/utils/fsUtils.js.map +1 -0
- package/dist/src/sandbox/utils/fsUtils.test.d.ts +6 -0
- package/dist/src/sandbox/utils/fsUtils.test.js +43 -0
- package/dist/src/sandbox/utils/fsUtils.test.js.map +1 -0
- package/dist/src/sandbox/utils/proactivePermissions.d.ts +19 -0
- package/dist/src/sandbox/utils/proactivePermissions.js +163 -0
- package/dist/src/sandbox/utils/proactivePermissions.js.map +1 -0
- package/dist/src/sandbox/utils/proactivePermissions.test.d.ts +6 -0
- package/dist/src/sandbox/utils/proactivePermissions.test.js +145 -0
- package/dist/src/sandbox/utils/proactivePermissions.test.js.map +1 -0
- package/dist/src/sandbox/utils/sandboxDenialUtils.d.ts +27 -0
- package/dist/src/sandbox/utils/sandboxDenialUtils.js +142 -0
- package/dist/src/sandbox/utils/sandboxDenialUtils.js.map +1 -0
- package/dist/src/sandbox/utils/sandboxDenialUtils.test.d.ts +6 -0
- package/dist/src/sandbox/utils/sandboxDenialUtils.test.js +188 -0
- package/dist/src/sandbox/utils/sandboxDenialUtils.test.js.map +1 -0
- package/dist/src/sandbox/utils/sandboxReadWriteUtils.d.ts +5 -0
- package/dist/src/sandbox/utils/sandboxReadWriteUtils.js +64 -0
- package/dist/src/sandbox/utils/sandboxReadWriteUtils.js.map +1 -0
- package/dist/src/sandbox/windows/GeminiSandbox.cs +312 -223
- package/dist/src/sandbox/windows/WindowsSandboxManager.d.ts +16 -2
- package/dist/src/sandbox/windows/WindowsSandboxManager.js +261 -44
- package/dist/src/sandbox/windows/WindowsSandboxManager.js.map +1 -1
- package/dist/src/sandbox/windows/WindowsSandboxManager.test.js +379 -17
- package/dist/src/sandbox/windows/WindowsSandboxManager.test.js.map +1 -1
- package/dist/src/sandbox/windows/commandSafety.d.ts +19 -0
- package/dist/src/sandbox/windows/commandSafety.js +128 -0
- package/dist/src/sandbox/windows/commandSafety.js.map +1 -0
- package/dist/src/sandbox/windows/commandSafety.test.d.ts +6 -0
- package/dist/src/sandbox/windows/commandSafety.test.js +42 -0
- package/dist/src/sandbox/windows/commandSafety.test.js.map +1 -0
- package/dist/src/sandbox/windows/windowsSandboxDenialUtils.d.ts +13 -0
- package/dist/src/sandbox/windows/windowsSandboxDenialUtils.js +69 -0
- package/dist/src/sandbox/windows/windowsSandboxDenialUtils.js.map +1 -0
- package/dist/src/sandbox/windows/windowsSandboxDenialUtils.test.d.ts +6 -0
- package/dist/src/sandbox/windows/windowsSandboxDenialUtils.test.js +68 -0
- package/dist/src/sandbox/windows/windowsSandboxDenialUtils.test.js.map +1 -0
- package/dist/src/scheduler/policy.js +20 -5
- package/dist/src/scheduler/policy.js.map +1 -1
- package/dist/src/scheduler/policy.test.js +80 -0
- package/dist/src/scheduler/policy.test.js.map +1 -1
- package/dist/src/scheduler/scheduler.js +13 -3
- package/dist/src/scheduler/scheduler.js.map +1 -1
- package/dist/src/scheduler/scheduler.test.js +52 -0
- package/dist/src/scheduler/scheduler.test.js.map +1 -1
- package/dist/src/scheduler/scheduler_hooks.test.js +1 -0
- package/dist/src/scheduler/scheduler_hooks.test.js.map +1 -1
- package/dist/src/scheduler/state-manager.js +1 -1
- package/dist/src/scheduler/state-manager.js.map +1 -1
- package/dist/src/scheduler/state-manager.test.js +10 -0
- package/dist/src/scheduler/state-manager.test.js.map +1 -1
- package/dist/src/scheduler/tool-executor.js +7 -2
- package/dist/src/scheduler/tool-executor.js.map +1 -1
- package/dist/src/scheduler/tool-executor.test.js +38 -0
- package/dist/src/scheduler/tool-executor.test.js.map +1 -1
- package/dist/src/scheduler/types.d.ts +4 -2
- package/dist/src/services/chatRecordingService.d.ts +1 -13
- package/dist/src/services/chatRecordingService.js +45 -46
- package/dist/src/services/chatRecordingService.js.map +1 -1
- package/dist/src/services/chatRecordingService.test.js +79 -10
- package/dist/src/services/chatRecordingService.test.js.map +1 -1
- package/dist/src/services/executionLifecycleService.d.ts +44 -6
- package/dist/src/services/executionLifecycleService.js +52 -12
- package/dist/src/services/executionLifecycleService.js.map +1 -1
- package/dist/src/services/executionLifecycleService.test.js +157 -3
- package/dist/src/services/executionLifecycleService.test.js.map +1 -1
- package/dist/src/services/fileDiscoveryService.d.ts +17 -2
- package/dist/src/services/fileDiscoveryService.js +84 -20
- package/dist/src/services/fileDiscoveryService.js.map +1 -1
- package/dist/src/services/fileDiscoveryService.test.js +67 -1
- package/dist/src/services/fileDiscoveryService.test.js.map +1 -1
- package/dist/src/services/gitService.js +1 -1
- package/dist/src/services/gitService.js.map +1 -1
- package/dist/src/services/memoryService.d.ts +65 -0
- package/dist/src/services/memoryService.js +511 -0
- package/dist/src/services/memoryService.js.map +1 -0
- package/dist/src/services/memoryService.test.d.ts +6 -0
- package/dist/src/services/memoryService.test.js +563 -0
- package/dist/src/services/memoryService.test.js.map +1 -0
- package/dist/src/services/modelConfigService.d.ts +11 -0
- package/dist/src/services/modelConfigService.js +67 -0
- package/dist/src/services/modelConfigService.js.map +1 -1
- package/dist/src/services/modelConfigService.test.js +30 -0
- package/dist/src/services/modelConfigService.test.js.map +1 -1
- package/dist/src/services/sandboxManager.d.ts +107 -8
- package/dist/src/services/sandboxManager.integration.test.d.ts +1 -0
- package/dist/src/services/sandboxManager.integration.test.js +445 -0
- package/dist/src/services/sandboxManager.integration.test.js.map +1 -0
- package/dist/src/services/sandboxManager.js +176 -13
- package/dist/src/services/sandboxManager.js.map +1 -1
- package/dist/src/services/sandboxManager.test.js +401 -117
- package/dist/src/services/sandboxManager.test.js.map +1 -1
- package/dist/src/services/sandboxManagerFactory.d.ts +2 -3
- package/dist/src/services/sandboxManagerFactory.js +12 -22
- package/dist/src/services/sandboxManagerFactory.js.map +1 -1
- package/dist/src/services/sandboxedFileSystemService.d.ts +1 -0
- package/dist/src/services/sandboxedFileSystemService.js +43 -3
- package/dist/src/services/sandboxedFileSystemService.js.map +1 -1
- package/dist/src/services/sandboxedFileSystemService.test.js +97 -11
- package/dist/src/services/sandboxedFileSystemService.test.js.map +1 -1
- package/dist/src/services/shellExecutionService.d.ts +18 -1
- package/dist/src/services/shellExecutionService.js +115 -26
- package/dist/src/services/shellExecutionService.js.map +1 -1
- package/dist/src/services/shellExecutionService.test.js +70 -8
- package/dist/src/services/shellExecutionService.test.js.map +1 -1
- package/dist/src/services/test-data/resolved-aliases-retry.golden.json +4 -0
- package/dist/src/services/test-data/resolved-aliases.golden.json +4 -0
- package/dist/src/services/worktreeService.test.js +7 -7
- package/dist/src/services/worktreeService.test.js.map +1 -1
- package/dist/src/skills/skillLoader.d.ts +8 -0
- package/dist/src/skills/skillLoader.js +1 -1
- package/dist/src/skills/skillLoader.js.map +1 -1
- package/dist/src/telemetry/clearcut-logger/clearcut-logger.d.ts +29 -1
- package/dist/src/telemetry/clearcut-logger/clearcut-logger.js +107 -0
- package/dist/src/telemetry/clearcut-logger/clearcut-logger.js.map +1 -1
- package/dist/src/telemetry/clearcut-logger/clearcut-logger.test.js +172 -1
- package/dist/src/telemetry/clearcut-logger/clearcut-logger.test.js.map +1 -1
- package/dist/src/telemetry/clearcut-logger/event-metadata-key.d.ts +10 -1
- package/dist/src/telemetry/clearcut-logger/event-metadata-key.js +22 -1
- package/dist/src/telemetry/clearcut-logger/event-metadata-key.js.map +1 -1
- package/dist/src/telemetry/loggers.d.ts +22 -0
- package/dist/src/telemetry/loggers.js +41 -2
- package/dist/src/telemetry/loggers.js.map +1 -1
- package/dist/src/telemetry/loggers.test.js +8 -3
- package/dist/src/telemetry/loggers.test.js.map +1 -1
- package/dist/src/telemetry/metrics.d.ts +118 -1
- package/dist/src/telemetry/metrics.js +196 -4
- package/dist/src/telemetry/metrics.js.map +1 -1
- package/dist/src/telemetry/metrics.test.js +298 -0
- package/dist/src/telemetry/metrics.test.js.map +1 -1
- package/dist/src/telemetry/types.d.ts +3 -3
- package/dist/src/telemetry/types.js +9 -4
- package/dist/src/telemetry/types.js.map +1 -1
- package/dist/src/test-utils/mock-message-bus.d.ts +1 -1
- package/dist/src/test-utils/mock-message-bus.js +1 -1
- package/dist/src/test-utils/mock-message-bus.js.map +1 -1
- package/dist/src/tools/complete-task.d.ts +29 -0
- package/dist/src/tools/complete-task.js +123 -0
- package/dist/src/tools/complete-task.js.map +1 -0
- package/dist/src/tools/complete-task.test.d.ts +6 -0
- package/dist/src/tools/complete-task.test.js +114 -0
- package/dist/src/tools/complete-task.test.js.map +1 -0
- package/dist/src/tools/definitions/base-declarations.d.ts +8 -0
- package/dist/src/tools/definitions/base-declarations.js +10 -0
- package/dist/src/tools/definitions/base-declarations.js.map +1 -1
- package/dist/src/tools/definitions/coreTools.d.ts +2 -1
- package/dist/src/tools/definitions/coreTools.js +9 -3
- package/dist/src/tools/definitions/coreTools.js.map +1 -1
- package/dist/src/tools/definitions/dynamic-declaration-helpers.d.ts +4 -0
- package/dist/src/tools/definitions/dynamic-declaration-helpers.js +33 -2
- package/dist/src/tools/definitions/dynamic-declaration-helpers.js.map +1 -1
- package/dist/src/tools/definitions/model-family-sets/default-legacy.js +14 -9
- package/dist/src/tools/definitions/model-family-sets/default-legacy.js.map +1 -1
- package/dist/src/tools/definitions/model-family-sets/gemini-3.js +13 -7
- package/dist/src/tools/definitions/model-family-sets/gemini-3.js.map +1 -1
- package/dist/src/tools/definitions/trackerTools.js +3 -3
- package/dist/src/tools/definitions/trackerTools.js.map +1 -1
- package/dist/src/tools/definitions/types.d.ts +1 -0
- package/dist/src/tools/enter-plan-mode.js +15 -0
- package/dist/src/tools/enter-plan-mode.js.map +1 -1
- package/dist/src/tools/enter-plan-mode.test.js +25 -0
- package/dist/src/tools/enter-plan-mode.test.js.map +1 -1
- package/dist/src/tools/grep-utils.d.ts +2 -1
- package/dist/src/tools/grep-utils.js +22 -3
- package/dist/src/tools/grep-utils.js.map +1 -1
- package/dist/src/tools/grep.js +16 -3
- package/dist/src/tools/grep.js.map +1 -1
- package/dist/src/tools/grep.test.js +36 -8
- package/dist/src/tools/grep.test.js.map +1 -1
- package/dist/src/tools/jit-context.js +3 -3
- package/dist/src/tools/jit-context.js.map +1 -1
- package/dist/src/tools/jit-context.test.js +15 -13
- package/dist/src/tools/jit-context.test.js.map +1 -1
- package/dist/src/tools/ls.js +6 -4
- package/dist/src/tools/ls.js.map +1 -1
- package/dist/src/tools/ls.test.js +22 -7
- package/dist/src/tools/ls.test.js.map +1 -1
- package/dist/src/tools/mcp-client-manager.js +6 -3
- package/dist/src/tools/mcp-client-manager.js.map +1 -1
- package/dist/src/tools/mcp-client-manager.test.js +35 -0
- package/dist/src/tools/mcp-client-manager.test.js.map +1 -1
- package/dist/src/tools/mcp-client.js +1 -1
- package/dist/src/tools/mcp-client.js.map +1 -1
- package/dist/src/tools/mcp-tool.test.js +1 -1
- package/dist/src/tools/mcp-tool.test.js.map +1 -1
- package/dist/src/tools/memoryTool.d.ts +9 -2
- package/dist/src/tools/memoryTool.js +39 -15
- package/dist/src/tools/memoryTool.js.map +1 -1
- package/dist/src/tools/memoryTool.test.js +61 -2
- package/dist/src/tools/memoryTool.test.js.map +1 -1
- package/dist/src/tools/read-many-files.js +12 -4
- package/dist/src/tools/read-many-files.js.map +1 -1
- package/dist/src/tools/read-many-files.test.js +17 -17
- package/dist/src/tools/read-many-files.test.js.map +1 -1
- package/dist/src/tools/ripGrep.js +14 -1
- package/dist/src/tools/ripGrep.js.map +1 -1
- package/dist/src/tools/ripGrep.test.js +10 -10
- package/dist/src/tools/ripGrep.test.js.map +1 -1
- package/dist/src/tools/shell.d.ts +17 -4
- package/dist/src/tools/shell.js +342 -151
- package/dist/src/tools/shell.js.map +1 -1
- package/dist/src/tools/shell.test.js +204 -11
- package/dist/src/tools/shell.test.js.map +1 -1
- package/dist/src/tools/shellBackgroundTools.d.ts +38 -0
- package/dist/src/tools/shellBackgroundTools.integration.test.d.ts +6 -0
- package/dist/src/tools/shellBackgroundTools.integration.test.js +86 -0
- package/dist/src/tools/shellBackgroundTools.integration.test.js.map +1 -0
- package/dist/src/tools/shellBackgroundTools.js +186 -0
- package/dist/src/tools/shellBackgroundTools.js.map +1 -0
- package/dist/src/tools/shellBackgroundTools.test.d.ts +6 -0
- package/dist/src/tools/shellBackgroundTools.test.js +230 -0
- package/dist/src/tools/shellBackgroundTools.test.js.map +1 -0
- package/dist/src/tools/shell_proactive.test.d.ts +6 -0
- package/dist/src/tools/shell_proactive.test.js +122 -0
- package/dist/src/tools/shell_proactive.test.js.map +1 -0
- package/dist/src/tools/tool-names.d.ts +4 -4
- package/dist/src/tools/tool-names.js +6 -3
- package/dist/src/tools/tool-names.js.map +1 -1
- package/dist/src/tools/tool-registry.js +11 -1
- package/dist/src/tools/tool-registry.js.map +1 -1
- package/dist/src/tools/tool-registry.test.js +43 -1
- package/dist/src/tools/tool-registry.test.js.map +1 -1
- package/dist/src/tools/tools.d.ts +12 -1
- package/dist/src/tools/tools.js +16 -1
- package/dist/src/tools/tools.js.map +1 -1
- package/dist/src/tools/tools.test.js +42 -1
- package/dist/src/tools/tools.test.js.map +1 -1
- package/dist/src/tools/topicTool.d.ts +29 -0
- package/dist/src/tools/topicTool.js +72 -0
- package/dist/src/tools/topicTool.js.map +1 -0
- package/dist/src/tools/topicTool.test.d.ts +6 -0
- package/dist/src/tools/topicTool.test.js +105 -0
- package/dist/src/tools/topicTool.test.js.map +1 -0
- package/dist/src/tools/web-fetch.js +40 -22
- package/dist/src/tools/web-fetch.js.map +1 -1
- package/dist/src/tools/web-fetch.test.js +28 -0
- package/dist/src/tools/web-fetch.test.js.map +1 -1
- package/dist/src/tools/xcode-mcp-fix-transport.js +1 -1
- package/dist/src/tools/xcode-mcp-fix-transport.js.map +1 -1
- package/dist/src/utils/bfsFileSearch.js +3 -6
- package/dist/src/utils/bfsFileSearch.js.map +1 -1
- package/dist/src/utils/checkpointUtils.d.ts +4 -4
- package/dist/src/utils/checkpointUtils.js +11 -8
- package/dist/src/utils/checkpointUtils.js.map +1 -1
- package/dist/src/utils/compatibility.js +0 -7
- package/dist/src/utils/compatibility.js.map +1 -1
- package/dist/src/utils/compatibility.test.js +0 -9
- package/dist/src/utils/compatibility.test.js.map +1 -1
- package/dist/src/utils/editor.js +3 -0
- package/dist/src/utils/editor.js.map +1 -1
- package/dist/src/utils/errorParsing.js +2 -2
- package/dist/src/utils/errorParsing.js.map +1 -1
- package/dist/src/utils/errors.d.ts +3 -0
- package/dist/src/utils/errors.js +28 -6
- package/dist/src/utils/errors.js.map +1 -1
- package/dist/src/utils/errors.test.js +23 -0
- package/dist/src/utils/errors.test.js.map +1 -1
- package/dist/src/utils/events.d.ts +12 -0
- package/dist/src/utils/events.js +7 -0
- package/dist/src/utils/events.js.map +1 -1
- package/dist/src/utils/fetch.d.ts +1 -0
- package/dist/src/utils/fetch.js +22 -6
- package/dist/src/utils/fetch.js.map +1 -1
- package/dist/src/utils/fetch.test.js +26 -1
- package/dist/src/utils/fetch.test.js.map +1 -1
- package/dist/src/utils/fileUtils.js +1 -1
- package/dist/src/utils/fileUtils.js.map +1 -1
- package/dist/src/utils/filesearch/crawler.js +1 -1
- package/dist/src/utils/filesearch/crawler.js.map +1 -1
- package/dist/src/utils/filesearch/fileSearch.test.js +7 -2
- package/dist/src/utils/filesearch/fileSearch.test.js.map +1 -1
- package/dist/src/utils/getFolderStructure.js +1 -1
- package/dist/src/utils/getFolderStructure.js.map +1 -1
- package/dist/src/utils/getPty.js +2 -2
- package/dist/src/utils/getPty.js.map +1 -1
- package/dist/src/utils/gitIgnoreParser.d.ts +2 -2
- package/dist/src/utils/gitIgnoreParser.js +30 -52
- package/dist/src/utils/gitIgnoreParser.js.map +1 -1
- package/dist/src/utils/gitIgnoreParser.test.js +51 -185
- package/dist/src/utils/gitIgnoreParser.test.js.map +1 -1
- package/dist/src/utils/gitUtils.js +2 -2
- package/dist/src/utils/gitUtils.js.map +1 -1
- package/dist/src/utils/googleErrors.js +5 -5
- package/dist/src/utils/googleErrors.js.map +1 -1
- package/dist/src/utils/ignoreFileParser.d.ts +2 -2
- package/dist/src/utils/ignoreFileParser.js +7 -18
- package/dist/src/utils/ignoreFileParser.js.map +1 -1
- package/dist/src/utils/ignoreFileParser.test.js +40 -132
- package/dist/src/utils/ignoreFileParser.test.js.map +1 -1
- package/dist/src/utils/ignorePathUtils.d.ts +11 -0
- package/dist/src/utils/ignorePathUtils.js +39 -0
- package/dist/src/utils/ignorePathUtils.js.map +1 -0
- package/dist/src/utils/ignorePathUtils.test.d.ts +6 -0
- package/dist/src/utils/ignorePathUtils.test.js +70 -0
- package/dist/src/utils/ignorePathUtils.test.js.map +1 -0
- package/dist/src/utils/memoryDiscovery.d.ts +6 -4
- package/dist/src/utils/memoryDiscovery.js +69 -48
- package/dist/src/utils/memoryDiscovery.js.map +1 -1
- package/dist/src/utils/memoryDiscovery.test.js +40 -0
- package/dist/src/utils/memoryDiscovery.test.js.map +1 -1
- package/dist/src/utils/memoryImportProcessor.d.ts +1 -1
- package/dist/src/utils/memoryImportProcessor.js +24 -15
- package/dist/src/utils/memoryImportProcessor.js.map +1 -1
- package/dist/src/utils/paths.d.ts +8 -0
- package/dist/src/utils/paths.js +37 -6
- package/dist/src/utils/paths.js.map +1 -1
- package/dist/src/utils/paths.test.js +61 -3
- package/dist/src/utils/paths.test.js.map +1 -1
- package/dist/src/utils/process-utils.js +2 -2
- package/dist/src/utils/process-utils.js.map +1 -1
- package/dist/src/utils/retry.js +7 -0
- package/dist/src/utils/retry.js.map +1 -1
- package/dist/src/utils/retry.test.js +41 -0
- package/dist/src/utils/retry.test.js.map +1 -1
- package/dist/src/utils/secure-browser-launcher.js +1 -1
- package/dist/src/utils/secure-browser-launcher.js.map +1 -1
- package/dist/src/utils/sessionOperations.d.ts +19 -0
- package/dist/src/utils/sessionOperations.js +101 -0
- package/dist/src/utils/sessionOperations.js.map +1 -0
- package/dist/src/utils/sessionOperations.test.d.ts +6 -0
- package/dist/src/utils/sessionOperations.test.js +92 -0
- package/dist/src/utils/sessionOperations.test.js.map +1 -0
- package/dist/src/utils/shell-utils.d.ts +24 -0
- package/dist/src/utils/shell-utils.integration.test.js +1 -1
- package/dist/src/utils/shell-utils.integration.test.js.map +1 -1
- package/dist/src/utils/shell-utils.js +86 -6
- package/dist/src/utils/shell-utils.js.map +1 -1
- package/dist/src/utils/shell-utils.test.js +13 -1
- package/dist/src/utils/shell-utils.test.js.map +1 -1
- package/dist/src/utils/systemEncoding.js +1 -1
- package/dist/src/utils/systemEncoding.js.map +1 -1
- package/dist/src/utils/terminalSerializer.d.ts +1 -0
- package/dist/src/utils/terminalSerializer.js +31 -8
- package/dist/src/utils/terminalSerializer.js.map +1 -1
- package/dist/src/utils/terminalSerializer.test.js +3 -2
- package/dist/src/utils/terminalSerializer.test.js.map +1 -1
- package/dist/src/utils/textUtils.d.ts +8 -0
- package/dist/src/utils/textUtils.js +16 -0
- package/dist/src/utils/textUtils.js.map +1 -1
- package/dist/src/utils/tokenCalculation.d.ts +2 -0
- package/dist/src/utils/tokenCalculation.js +2 -2
- package/dist/src/utils/tokenCalculation.js.map +1 -1
- package/dist/src/utils/workspaceContext.js +2 -2
- package/dist/src/utils/workspaceContext.js.map +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/package.json +2 -1
- package/dist/docs/CONTRIBUTING.md +0 -566
- package/dist/docs/get-started/examples.md +0 -141
- package/dist/src/sandbox/macos/MacOsSandboxManager.integration.test.js +0 -164
- package/dist/src/sandbox/macos/MacOsSandboxManager.integration.test.js.map +0 -1
- package/dist/src/sandbox/macos/commandSafety.js.map +0 -1
- package/dist/src/services/chatCompressionService.js.map +0 -1
- package/dist/src/services/chatCompressionService.test.js.map +0 -1
- package/dist/src/services/contextManager.js.map +0 -1
- package/dist/src/services/contextManager.test.js.map +0 -1
- package/dist/src/services/toolOutputMaskingService.js.map +0 -1
- package/dist/src/services/toolOutputMaskingService.test.js.map +0 -1
- /package/dist/src/{services/toolOutputMaskingService.test.d.ts → agents/browser/snapshotSuperseder.test.d.ts} +0 -0
- /package/dist/src/{services → context}/chatCompressionService.d.ts +0 -0
- /package/dist/src/{services → context}/chatCompressionService.js +0 -0
- /package/dist/src/{services → context}/chatCompressionService.test.d.ts +0 -0
- /package/dist/src/{services → context}/chatCompressionService.test.js +0 -0
- /package/dist/src/{sandbox/macos/MacOsSandboxManager.integration.test.d.ts → context/contextCompressionService.test.d.ts} +0 -0
- /package/dist/src/{services/contextManager.test.d.ts → context/memoryContextManager.test.d.ts} +0 -0
|
@@ -5,45 +5,30 @@
|
|
|
5
5
|
*/
|
|
6
6
|
|
|
7
7
|
using System;
|
|
8
|
-
using System.Runtime.InteropServices;
|
|
9
8
|
using System.Collections.Generic;
|
|
10
9
|
using System.Diagnostics;
|
|
11
|
-
using System.Security.Principal;
|
|
12
10
|
using System.IO;
|
|
11
|
+
using System.Runtime.InteropServices;
|
|
12
|
+
using System.Security;
|
|
13
|
+
using System.Security.AccessControl;
|
|
14
|
+
using System.Security.Principal;
|
|
15
|
+
using System.Text;
|
|
13
16
|
|
|
17
|
+
/**
|
|
18
|
+
* A native C# helper for the Cell CLI sandbox on Windows.
|
|
19
|
+
* This helper uses Restricted Tokens and Job Objects to isolate processes.
|
|
20
|
+
* It also supports internal commands for safe file I/O within the sandbox.
|
|
21
|
+
*/
|
|
14
22
|
public class GeminiSandbox {
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
public uint dwX;
|
|
22
|
-
public uint dwY;
|
|
23
|
-
public uint dwXSize;
|
|
24
|
-
public uint dwYSize;
|
|
25
|
-
public uint dwXCountChars;
|
|
26
|
-
public uint dwYCountChars;
|
|
27
|
-
public uint dwFillAttribute;
|
|
28
|
-
public uint dwFlags;
|
|
29
|
-
public ushort wShowWindow;
|
|
30
|
-
public ushort cbReserved2;
|
|
31
|
-
public IntPtr lpReserved2;
|
|
32
|
-
public IntPtr hStdInput;
|
|
33
|
-
public IntPtr hStdOutput;
|
|
34
|
-
public IntPtr hStdError;
|
|
35
|
-
}
|
|
23
|
+
// P/Invoke constants and structures
|
|
24
|
+
private const int JobObjectExtendedLimitInformation = 9;
|
|
25
|
+
private const int JobObjectNetRateControlInformation = 32;
|
|
26
|
+
private const uint JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE = 0x00002000;
|
|
27
|
+
private const uint JOB_OBJECT_LIMIT_DIE_ON_UNHANDLED_EXCEPTION = 0x00000400;
|
|
28
|
+
private const uint JOB_OBJECT_LIMIT_ACTIVE_PROCESS = 0x00000008;
|
|
36
29
|
|
|
37
30
|
[StructLayout(LayoutKind.Sequential)]
|
|
38
|
-
|
|
39
|
-
public IntPtr hProcess;
|
|
40
|
-
public IntPtr hThread;
|
|
41
|
-
public uint dwProcessId;
|
|
42
|
-
public uint dwThreadId;
|
|
43
|
-
}
|
|
44
|
-
|
|
45
|
-
[StructLayout(LayoutKind.Sequential)]
|
|
46
|
-
public struct JOBOBJECT_BASIC_LIMIT_INFORMATION {
|
|
31
|
+
struct JOBOBJECT_BASIC_LIMIT_INFORMATION {
|
|
47
32
|
public Int64 PerProcessUserTimeLimit;
|
|
48
33
|
public Int64 PerJobUserTimeLimit;
|
|
49
34
|
public uint LimitFlags;
|
|
@@ -56,17 +41,7 @@ public class GeminiSandbox {
|
|
|
56
41
|
}
|
|
57
42
|
|
|
58
43
|
[StructLayout(LayoutKind.Sequential)]
|
|
59
|
-
|
|
60
|
-
public ulong ReadOperationCount;
|
|
61
|
-
public ulong WriteOperationCount;
|
|
62
|
-
public ulong OtherOperationCount;
|
|
63
|
-
public ulong ReadTransferCount;
|
|
64
|
-
public ulong WriteTransferCount;
|
|
65
|
-
public ulong OtherTransferCount;
|
|
66
|
-
}
|
|
67
|
-
|
|
68
|
-
[StructLayout(LayoutKind.Sequential)]
|
|
69
|
-
public struct JOBOBJECT_EXTENDED_LIMIT_INFORMATION {
|
|
44
|
+
struct JOBOBJECT_EXTENDED_LIMIT_INFORMATION {
|
|
70
45
|
public JOBOBJECT_BASIC_LIMIT_INFORMATION BasicLimitInformation;
|
|
71
46
|
public IO_COUNTERS IoInfo;
|
|
72
47
|
public UIntPtr ProcessMemoryLimit;
|
|
@@ -76,139 +51,170 @@ public class GeminiSandbox {
|
|
|
76
51
|
}
|
|
77
52
|
|
|
78
53
|
[StructLayout(LayoutKind.Sequential)]
|
|
79
|
-
|
|
80
|
-
public
|
|
81
|
-
public
|
|
54
|
+
struct IO_COUNTERS {
|
|
55
|
+
public ulong ReadOperationCount;
|
|
56
|
+
public ulong WriteOperationCount;
|
|
57
|
+
public ulong OtherOperationCount;
|
|
58
|
+
public ulong ReadTransferCount;
|
|
59
|
+
public ulong WriteTransferCount;
|
|
60
|
+
public ulong OtherTransferCount;
|
|
82
61
|
}
|
|
83
62
|
|
|
84
63
|
[StructLayout(LayoutKind.Sequential)]
|
|
85
|
-
|
|
86
|
-
public
|
|
64
|
+
struct JOBOBJECT_NET_RATE_CONTROL_INFORMATION {
|
|
65
|
+
public ulong MaxBandwidth;
|
|
66
|
+
public uint ControlFlags;
|
|
67
|
+
public byte DscpTag;
|
|
87
68
|
}
|
|
88
69
|
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
70
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
71
|
+
static extern IntPtr CreateJobObject(IntPtr lpJobAttributes, string lpName);
|
|
72
|
+
|
|
73
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
74
|
+
static extern bool SetInformationJobObject(IntPtr hJob, int JobObjectInfoClass, IntPtr lpJobObjectInfo, uint cbJobObjectInfoLength);
|
|
92
75
|
|
|
93
76
|
[DllImport("kernel32.dll", SetLastError = true)]
|
|
94
|
-
|
|
77
|
+
static extern bool AssignProcessToJobObject(IntPtr hJob, IntPtr hProcess);
|
|
78
|
+
|
|
79
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
80
|
+
static extern uint ResumeThread(IntPtr hThread);
|
|
95
81
|
|
|
96
82
|
[DllImport("advapi32.dll", SetLastError = true)]
|
|
97
|
-
|
|
83
|
+
static extern bool OpenProcessToken(IntPtr ProcessHandle, uint DesiredAccess, out IntPtr TokenHandle);
|
|
98
84
|
|
|
99
85
|
[DllImport("advapi32.dll", SetLastError = true)]
|
|
100
|
-
|
|
86
|
+
static extern bool DuplicateTokenEx(IntPtr hExistingToken, uint dwDesiredAccess, IntPtr lpTokenAttributes, uint ImpersonationLevel, uint TokenType, out IntPtr phNewToken);
|
|
101
87
|
|
|
102
|
-
[DllImport("advapi32.dll", SetLastError = true
|
|
103
|
-
|
|
88
|
+
[DllImport("advapi32.dll", SetLastError = true)]
|
|
89
|
+
static extern bool CreateRestrictedToken(IntPtr ExistingTokenHandle, uint Flags, uint DisableSidCount, IntPtr SidsToDisable, uint DeletePrivilegeCount, IntPtr PrivilegesToDelete, uint RestrictedSidCount, IntPtr SidsToRestrict, out IntPtr NewTokenHandle);
|
|
104
90
|
|
|
105
|
-
[DllImport("
|
|
106
|
-
|
|
91
|
+
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
|
|
92
|
+
static extern bool CreateProcessAsUser(IntPtr hToken, string lpApplicationName, string lpCommandLine, IntPtr lpProcessAttributes, IntPtr lpThreadAttributes, bool bInheritHandles, uint dwCreationFlags, IntPtr lpEnvironment, string lpCurrentDirectory, ref STARTUPINFO lpStartupInfo, out PROCESS_INFORMATION lpProcessInformation);
|
|
107
93
|
|
|
108
94
|
[DllImport("kernel32.dll", SetLastError = true)]
|
|
109
|
-
|
|
95
|
+
static extern IntPtr GetCurrentProcess();
|
|
110
96
|
|
|
111
97
|
[DllImport("kernel32.dll", SetLastError = true)]
|
|
112
|
-
|
|
98
|
+
static extern bool CloseHandle(IntPtr hObject);
|
|
113
99
|
|
|
114
100
|
[DllImport("kernel32.dll", SetLastError = true)]
|
|
115
|
-
|
|
101
|
+
static extern IntPtr GetStdHandle(int nStdHandle);
|
|
116
102
|
|
|
117
|
-
[
|
|
118
|
-
|
|
103
|
+
[StructLayout(LayoutKind.Sequential)]
|
|
104
|
+
struct STARTUPINFO {
|
|
105
|
+
public uint cb;
|
|
106
|
+
public string lpReserved;
|
|
107
|
+
public string lpDesktop;
|
|
108
|
+
public string lpTitle;
|
|
109
|
+
public uint dwX;
|
|
110
|
+
public uint dwY;
|
|
111
|
+
public uint dwXSize;
|
|
112
|
+
public uint dwYSize;
|
|
113
|
+
public uint dwXCountChars;
|
|
114
|
+
public uint dwYCountChars;
|
|
115
|
+
public uint dwFillAttribute;
|
|
116
|
+
public uint dwFlags;
|
|
117
|
+
public short wShowWindow;
|
|
118
|
+
public short cbReserved2;
|
|
119
|
+
public IntPtr lpReserved2;
|
|
120
|
+
public IntPtr hStdInput;
|
|
121
|
+
public IntPtr hStdOutput;
|
|
122
|
+
public IntPtr hStdError;
|
|
123
|
+
}
|
|
119
124
|
|
|
120
|
-
[
|
|
121
|
-
|
|
125
|
+
[StructLayout(LayoutKind.Sequential)]
|
|
126
|
+
struct PROCESS_INFORMATION {
|
|
127
|
+
public IntPtr hProcess;
|
|
128
|
+
public IntPtr hThread;
|
|
129
|
+
public uint dwProcessId;
|
|
130
|
+
public uint dwThreadId;
|
|
131
|
+
}
|
|
122
132
|
|
|
123
|
-
[DllImport("
|
|
124
|
-
|
|
133
|
+
[DllImport("advapi32.dll", SetLastError = true)]
|
|
134
|
+
static extern bool ImpersonateLoggedOnUser(IntPtr hToken);
|
|
125
135
|
|
|
126
|
-
[DllImport("
|
|
127
|
-
|
|
136
|
+
[DllImport("advapi32.dll", SetLastError = true)]
|
|
137
|
+
static extern bool RevertToSelf();
|
|
128
138
|
|
|
129
|
-
[DllImport("
|
|
130
|
-
|
|
139
|
+
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
|
|
140
|
+
static extern uint GetLongPathName(string lpszShortPath, [Out] StringBuilder lpszLongPath, uint cchBuffer);
|
|
141
|
+
|
|
142
|
+
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Auto)]
|
|
143
|
+
static extern bool ConvertStringSidToSid(string StringSid, out IntPtr ptrSid);
|
|
131
144
|
|
|
132
145
|
[DllImport("advapi32.dll", SetLastError = true)]
|
|
133
|
-
|
|
146
|
+
static extern bool SetTokenInformation(IntPtr TokenHandle, int TokenInformationClass, IntPtr TokenInformation, uint TokenInformationLength);
|
|
134
147
|
|
|
135
|
-
[
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
148
|
+
[StructLayout(LayoutKind.Sequential)]
|
|
149
|
+
struct SID_AND_ATTRIBUTES {
|
|
150
|
+
public IntPtr Sid;
|
|
151
|
+
public uint Attributes;
|
|
152
|
+
}
|
|
153
|
+
|
|
154
|
+
[StructLayout(LayoutKind.Sequential)]
|
|
155
|
+
struct TOKEN_MANDATORY_LABEL {
|
|
156
|
+
public SID_AND_ATTRIBUTES Label;
|
|
157
|
+
}
|
|
158
|
+
|
|
159
|
+
private const int TokenIntegrityLevel = 25;
|
|
160
|
+
private const uint SE_GROUP_INTEGRITY = 0x00000020;
|
|
161
|
+
private const uint TOKEN_ALL_ACCESS = 0xF01FF;
|
|
162
|
+
private const uint DISABLE_MAX_PRIVILEGE = 0x1;
|
|
150
163
|
|
|
151
164
|
static int Main(string[] args) {
|
|
152
165
|
if (args.Length < 3) {
|
|
153
|
-
Console.WriteLine("Usage: GeminiSandbox.exe <network:0|1> <cwd> <command> [args...]");
|
|
154
|
-
Console.WriteLine("Internal commands: __read <path>, __write <path>");
|
|
166
|
+
Console.Error.WriteLine("Usage: GeminiSandbox.exe <network:0|1> <cwd> [--forbidden-manifest <path>] <command> [args...]");
|
|
167
|
+
Console.Error.WriteLine("Internal commands: __read <path>, __write <path>");
|
|
155
168
|
return 1;
|
|
156
169
|
}
|
|
157
170
|
|
|
158
171
|
bool networkAccess = args[0] == "1";
|
|
159
172
|
string cwd = args[1];
|
|
160
|
-
string
|
|
173
|
+
HashSet<string> forbiddenPaths = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
|
|
174
|
+
int argIndex = 2;
|
|
175
|
+
|
|
176
|
+
if (argIndex < args.Length && args[argIndex] == "--forbidden-manifest") {
|
|
177
|
+
if (argIndex + 1 < args.Length) {
|
|
178
|
+
string manifestPath = args[argIndex + 1];
|
|
179
|
+
if (File.Exists(manifestPath)) {
|
|
180
|
+
foreach (string line in File.ReadAllLines(manifestPath)) {
|
|
181
|
+
if (!string.IsNullOrWhiteSpace(line)) {
|
|
182
|
+
forbiddenPaths.Add(GetNormalizedPath(line.Trim()));
|
|
183
|
+
}
|
|
184
|
+
}
|
|
185
|
+
}
|
|
186
|
+
argIndex += 2;
|
|
187
|
+
}
|
|
188
|
+
}
|
|
189
|
+
|
|
190
|
+
if (argIndex >= args.Length) {
|
|
191
|
+
Console.Error.WriteLine("Error: Missing command");
|
|
192
|
+
return 1;
|
|
193
|
+
}
|
|
194
|
+
|
|
195
|
+
string command = args[argIndex];
|
|
161
196
|
|
|
162
197
|
IntPtr hToken = IntPtr.Zero;
|
|
163
198
|
IntPtr hRestrictedToken = IntPtr.Zero;
|
|
164
199
|
IntPtr hJob = IntPtr.Zero;
|
|
165
|
-
|
|
166
|
-
IntPtr pSidsToRestrict = IntPtr.Zero;
|
|
167
|
-
IntPtr networkSid = IntPtr.Zero;
|
|
168
|
-
IntPtr restrictedSid = IntPtr.Zero;
|
|
169
|
-
IntPtr lowIntegritySid = IntPtr.Zero;
|
|
200
|
+
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
|
|
170
201
|
|
|
171
202
|
try {
|
|
172
|
-
// 1.
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
Console.Error.WriteLine("Failed to open process token");
|
|
203
|
+
// 1. Duplicate Primary Token
|
|
204
|
+
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, out hToken)) {
|
|
205
|
+
Console.Error.WriteLine("Error: OpenProcessToken failed (" + Marshal.GetLastWin32Error() + ")");
|
|
176
206
|
return 1;
|
|
177
207
|
}
|
|
178
208
|
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
// "networkAccess == false" implies Strict Sandbox Level 1.
|
|
183
|
-
if (!networkAccess) {
|
|
184
|
-
if (ConvertStringSidToSid("S-1-5-2", out networkSid)) {
|
|
185
|
-
sidCount = 1;
|
|
186
|
-
int saaSize = Marshal.SizeOf(typeof(SID_AND_ATTRIBUTES));
|
|
187
|
-
pSidsToDisable = Marshal.AllocHGlobal(saaSize);
|
|
188
|
-
SID_AND_ATTRIBUTES saa = new SID_AND_ATTRIBUTES();
|
|
189
|
-
saa.Sid = networkSid;
|
|
190
|
-
saa.Attributes = 0;
|
|
191
|
-
Marshal.StructureToPtr(saa, pSidsToDisable, false);
|
|
192
|
-
}
|
|
193
|
-
|
|
194
|
-
// S-1-5-12 is Restricted Code SID
|
|
195
|
-
if (ConvertStringSidToSid("S-1-5-12", out restrictedSid)) {
|
|
196
|
-
restrictCount = 1;
|
|
197
|
-
int saaSize = Marshal.SizeOf(typeof(SID_AND_ATTRIBUTES));
|
|
198
|
-
pSidsToRestrict = Marshal.AllocHGlobal(saaSize);
|
|
199
|
-
SID_AND_ATTRIBUTES saa = new SID_AND_ATTRIBUTES();
|
|
200
|
-
saa.Sid = restrictedSid;
|
|
201
|
-
saa.Attributes = 0;
|
|
202
|
-
Marshal.StructureToPtr(saa, pSidsToRestrict, false);
|
|
203
|
-
}
|
|
204
|
-
}
|
|
205
|
-
|
|
206
|
-
if (!CreateRestrictedToken(hToken, DISABLE_MAX_PRIVILEGE, sidCount, pSidsToDisable, 0, IntPtr.Zero, restrictCount, pSidsToRestrict, out hRestrictedToken)) {
|
|
207
|
-
Console.Error.WriteLine("Failed to create restricted token");
|
|
209
|
+
// Create a restricted token to strip administrative privileges
|
|
210
|
+
if (!CreateRestrictedToken(hToken, DISABLE_MAX_PRIVILEGE, 0, IntPtr.Zero, 0, IntPtr.Zero, 0, IntPtr.Zero, out hRestrictedToken)) {
|
|
211
|
+
Console.Error.WriteLine("Error: CreateRestrictedToken failed (" + Marshal.GetLastWin32Error() + ")");
|
|
208
212
|
return 1;
|
|
209
213
|
}
|
|
210
214
|
|
|
211
|
-
// 2.
|
|
215
|
+
// 2. Lower Integrity Level to Low
|
|
216
|
+
// S-1-16-4096 is the SID for "Low Mandatory Level"
|
|
217
|
+
IntPtr lowIntegritySid = IntPtr.Zero;
|
|
212
218
|
if (ConvertStringSidToSid("S-1-16-4096", out lowIntegritySid)) {
|
|
213
219
|
TOKEN_MANDATORY_LABEL tml = new TOKEN_MANDATORY_LABEL();
|
|
214
220
|
tml.Label.Sid = lowIntegritySid;
|
|
@@ -217,154 +223,237 @@ public class GeminiSandbox {
|
|
|
217
223
|
IntPtr pTml = Marshal.AllocHGlobal(tmlSize);
|
|
218
224
|
try {
|
|
219
225
|
Marshal.StructureToPtr(tml, pTml, false);
|
|
220
|
-
SetTokenInformation(hRestrictedToken, TokenIntegrityLevel, pTml, (uint)tmlSize)
|
|
226
|
+
if (!SetTokenInformation(hRestrictedToken, TokenIntegrityLevel, pTml, (uint)tmlSize)) {
|
|
227
|
+
Console.Error.WriteLine("Error: SetTokenInformation failed (" + Marshal.GetLastWin32Error() + ")");
|
|
228
|
+
return 1;
|
|
229
|
+
}
|
|
221
230
|
} finally {
|
|
222
231
|
Marshal.FreeHGlobal(pTml);
|
|
223
232
|
}
|
|
224
233
|
}
|
|
225
234
|
|
|
226
|
-
// 3.
|
|
235
|
+
// 3. Setup Job Object for cleanup
|
|
236
|
+
hJob = CreateJobObject(IntPtr.Zero, null);
|
|
237
|
+
if (hJob == IntPtr.Zero) {
|
|
238
|
+
Console.Error.WriteLine("Error: CreateJobObject failed (" + Marshal.GetLastWin32Error() + ")");
|
|
239
|
+
return 1;
|
|
240
|
+
}
|
|
241
|
+
|
|
242
|
+
JOBOBJECT_EXTENDED_LIMIT_INFORMATION jobLimits = new JOBOBJECT_EXTENDED_LIMIT_INFORMATION();
|
|
243
|
+
jobLimits.BasicLimitInformation.LimitFlags = JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE | JOB_OBJECT_LIMIT_DIE_ON_UNHANDLED_EXCEPTION;
|
|
244
|
+
|
|
245
|
+
IntPtr lpJobLimits = Marshal.AllocHGlobal(Marshal.SizeOf(jobLimits));
|
|
246
|
+
try {
|
|
247
|
+
Marshal.StructureToPtr(jobLimits, lpJobLimits, false);
|
|
248
|
+
if (!SetInformationJobObject(hJob, JobObjectExtendedLimitInformation, lpJobLimits, (uint)Marshal.SizeOf(jobLimits))) {
|
|
249
|
+
Console.Error.WriteLine("Error: SetInformationJobObject(Limits) failed (" + Marshal.GetLastWin32Error() + ")");
|
|
250
|
+
return 1;
|
|
251
|
+
}
|
|
252
|
+
} finally {
|
|
253
|
+
Marshal.FreeHGlobal(lpJobLimits);
|
|
254
|
+
}
|
|
255
|
+
|
|
256
|
+
if (!networkAccess) {
|
|
257
|
+
JOBOBJECT_NET_RATE_CONTROL_INFORMATION netLimits = new JOBOBJECT_NET_RATE_CONTROL_INFORMATION();
|
|
258
|
+
netLimits.MaxBandwidth = 1;
|
|
259
|
+
netLimits.ControlFlags = 0x1 | 0x2; // ENABLE | MAX_BANDWIDTH
|
|
260
|
+
netLimits.DscpTag = 0;
|
|
261
|
+
|
|
262
|
+
IntPtr lpNetLimits = Marshal.AllocHGlobal(Marshal.SizeOf(netLimits));
|
|
263
|
+
try {
|
|
264
|
+
Marshal.StructureToPtr(netLimits, lpNetLimits, false);
|
|
265
|
+
if (!SetInformationJobObject(hJob, JobObjectNetRateControlInformation, lpNetLimits, (uint)Marshal.SizeOf(netLimits))) {
|
|
266
|
+
// Some versions of Windows might not support network rate control, but we should know if it fails.
|
|
267
|
+
Console.Error.WriteLine("Warning: SetInformationJobObject(NetRate) failed (" + Marshal.GetLastWin32Error() + "). Network might not be throttled.");
|
|
268
|
+
}
|
|
269
|
+
} finally {
|
|
270
|
+
Marshal.FreeHGlobal(lpNetLimits);
|
|
271
|
+
}
|
|
272
|
+
}
|
|
273
|
+
|
|
274
|
+
// 4. Handle Internal Commands or External Process
|
|
227
275
|
if (command == "__read") {
|
|
228
|
-
|
|
276
|
+
if (argIndex + 1 >= args.Length) {
|
|
277
|
+
Console.Error.WriteLine("Error: Missing path for __read");
|
|
278
|
+
return 1;
|
|
279
|
+
}
|
|
280
|
+
string path = args[argIndex + 1];
|
|
281
|
+
CheckForbidden(path, forbiddenPaths);
|
|
229
282
|
return RunInImpersonation(hRestrictedToken, () => {
|
|
230
283
|
try {
|
|
231
284
|
using (FileStream fs = new FileStream(path, FileMode.Open, FileAccess.Read, FileShare.Read))
|
|
232
|
-
using (
|
|
233
|
-
|
|
234
|
-
int bytesRead;
|
|
235
|
-
while ((bytesRead = sr.Read(buffer, 0, buffer.Length)) > 0) {
|
|
236
|
-
Console.Write(buffer, 0, bytesRead);
|
|
237
|
-
}
|
|
285
|
+
using (Stream stdout = Console.OpenStandardOutput()) {
|
|
286
|
+
fs.CopyTo(stdout);
|
|
238
287
|
}
|
|
239
288
|
return 0;
|
|
240
289
|
} catch (Exception e) {
|
|
241
|
-
Console.Error.WriteLine(e.Message);
|
|
290
|
+
Console.Error.WriteLine("Error reading file: " + e.Message);
|
|
242
291
|
return 1;
|
|
243
292
|
}
|
|
244
293
|
});
|
|
245
294
|
} else if (command == "__write") {
|
|
246
|
-
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
250
|
-
|
|
251
|
-
|
|
252
|
-
char[] buffer = new char[4096];
|
|
253
|
-
int bytesRead;
|
|
254
|
-
while ((bytesRead = reader.Read(buffer, 0, buffer.Length)) > 0) {
|
|
255
|
-
writer.Write(buffer, 0, bytesRead);
|
|
256
|
-
}
|
|
257
|
-
}
|
|
258
|
-
return 0;
|
|
259
|
-
} catch (Exception e) {
|
|
260
|
-
Console.Error.WriteLine(e.Message);
|
|
261
|
-
return 1;
|
|
262
|
-
}
|
|
263
|
-
});
|
|
264
|
-
}
|
|
295
|
+
if (argIndex + 1 >= args.Length) {
|
|
296
|
+
Console.Error.WriteLine("Error: Missing path for __write");
|
|
297
|
+
return 1;
|
|
298
|
+
}
|
|
299
|
+
string path = args[argIndex + 1];
|
|
300
|
+
CheckForbidden(path, forbiddenPaths);
|
|
265
301
|
|
|
266
|
-
// 4. Setup Job Object for external process
|
|
267
|
-
hJob = CreateJobObject(IntPtr.Zero, null);
|
|
268
|
-
if (hJob != IntPtr.Zero) {
|
|
269
|
-
JOBOBJECT_EXTENDED_LIMIT_INFORMATION limitInfo = new JOBOBJECT_EXTENDED_LIMIT_INFORMATION();
|
|
270
|
-
limitInfo.BasicLimitInformation.LimitFlags = JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE;
|
|
271
|
-
int limitSize = Marshal.SizeOf(limitInfo);
|
|
272
|
-
IntPtr pLimit = Marshal.AllocHGlobal(limitSize);
|
|
273
302
|
try {
|
|
274
|
-
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
303
|
+
using (MemoryStream ms = new MemoryStream()) {
|
|
304
|
+
// Buffer stdin before impersonation (as restricted token can't read the inherited pipe).
|
|
305
|
+
using (Stream stdin = Console.OpenStandardInput()) {
|
|
306
|
+
stdin.CopyTo(ms);
|
|
307
|
+
}
|
|
308
|
+
|
|
309
|
+
return RunInImpersonation(hRestrictedToken, () => {
|
|
310
|
+
using (FileStream fs = new FileStream(path, FileMode.Create, FileAccess.Write, FileShare.None)) {
|
|
311
|
+
ms.Position = 0;
|
|
312
|
+
ms.CopyTo(fs);
|
|
313
|
+
}
|
|
314
|
+
return 0;
|
|
315
|
+
});
|
|
316
|
+
}
|
|
317
|
+
} catch (Exception e) {
|
|
318
|
+
Console.Error.WriteLine("Error during __write: " + e.Message);
|
|
319
|
+
return 1;
|
|
278
320
|
}
|
|
279
321
|
}
|
|
280
322
|
|
|
281
|
-
//
|
|
323
|
+
// External Process
|
|
282
324
|
STARTUPINFO si = new STARTUPINFO();
|
|
283
325
|
si.cb = (uint)Marshal.SizeOf(si);
|
|
284
|
-
si.dwFlags = STARTF_USESTDHANDLES
|
|
326
|
+
si.dwFlags = 0x00000100; // STARTF_USESTDHANDLES
|
|
285
327
|
si.hStdInput = GetStdHandle(-10);
|
|
286
328
|
si.hStdOutput = GetStdHandle(-11);
|
|
287
329
|
si.hStdError = GetStdHandle(-12);
|
|
288
330
|
|
|
289
331
|
string commandLine = "";
|
|
290
|
-
for (int i =
|
|
291
|
-
if (i >
|
|
332
|
+
for (int i = argIndex; i < args.Length; i++) {
|
|
333
|
+
if (i > argIndex) commandLine += " ";
|
|
292
334
|
commandLine += QuoteArgument(args[i]);
|
|
293
335
|
}
|
|
294
336
|
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
|
|
337
|
+
// Creation Flags: 0x01000000 (CREATE_BREAKAWAY_FROM_JOB) to allow job assignment if parent is in job
|
|
338
|
+
// 0x00000004 (CREATE_SUSPENDED) to prevent the process from executing before being placed in the job
|
|
339
|
+
uint creationFlags = 0x01000000 | 0x00000004;
|
|
340
|
+
if (!CreateProcessAsUser(hRestrictedToken, null, commandLine, IntPtr.Zero, IntPtr.Zero, true, creationFlags, IntPtr.Zero, cwd, ref si, out pi)) {
|
|
341
|
+
int err = Marshal.GetLastWin32Error();
|
|
342
|
+
Console.Error.WriteLine("Error: CreateProcessAsUser failed (" + err + ") Command: " + commandLine);
|
|
298
343
|
return 1;
|
|
299
344
|
}
|
|
300
345
|
|
|
301
|
-
|
|
302
|
-
|
|
303
|
-
|
|
304
|
-
|
|
346
|
+
if (!AssignProcessToJobObject(hJob, pi.hProcess)) {
|
|
347
|
+
int err = Marshal.GetLastWin32Error();
|
|
348
|
+
Console.Error.WriteLine("Error: AssignProcessToJobObject failed (" + err + ") Command: " + commandLine);
|
|
349
|
+
TerminateProcess(pi.hProcess, 1);
|
|
350
|
+
return 1;
|
|
351
|
+
}
|
|
305
352
|
|
|
306
|
-
|
|
307
|
-
WaitForSingleObject(pi.hProcess, INFINITE);
|
|
353
|
+
ResumeThread(pi.hThread);
|
|
308
354
|
|
|
309
|
-
|
|
310
|
-
|
|
311
|
-
|
|
312
|
-
} finally {
|
|
313
|
-
CloseHandle(pi.hProcess);
|
|
314
|
-
CloseHandle(pi.hThread);
|
|
355
|
+
if (WaitForSingleObject(pi.hProcess, 0xFFFFFFFF) == 0xFFFFFFFF) {
|
|
356
|
+
int err = Marshal.GetLastWin32Error();
|
|
357
|
+
Console.Error.WriteLine("Error: WaitForSingleObject failed (" + err + ")");
|
|
315
358
|
}
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
|
|
359
|
+
|
|
360
|
+
uint exitCode = 0;
|
|
361
|
+
if (!GetExitCodeProcess(pi.hProcess, out exitCode)) {
|
|
362
|
+
int err = Marshal.GetLastWin32Error();
|
|
363
|
+
Console.Error.WriteLine("Error: GetExitCodeProcess failed (" + err + ")");
|
|
364
|
+
return 1;
|
|
365
|
+
}
|
|
366
|
+
|
|
367
|
+
return (int)exitCode;
|
|
319
368
|
} finally {
|
|
320
|
-
if (hRestrictedToken != IntPtr.Zero) CloseHandle(hRestrictedToken);
|
|
321
369
|
if (hToken != IntPtr.Zero) CloseHandle(hToken);
|
|
370
|
+
if (hRestrictedToken != IntPtr.Zero) CloseHandle(hRestrictedToken);
|
|
322
371
|
if (hJob != IntPtr.Zero) CloseHandle(hJob);
|
|
323
|
-
if (
|
|
324
|
-
if (
|
|
325
|
-
|
|
326
|
-
|
|
327
|
-
|
|
372
|
+
if (pi.hProcess != IntPtr.Zero) CloseHandle(pi.hProcess);
|
|
373
|
+
if (pi.hThread != IntPtr.Zero) CloseHandle(pi.hThread);
|
|
374
|
+
}
|
|
375
|
+
}
|
|
376
|
+
|
|
377
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
378
|
+
static extern bool TerminateProcess(IntPtr hProcess, uint uExitCode);
|
|
379
|
+
|
|
380
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
381
|
+
static extern uint WaitForSingleObject(IntPtr hHandle, uint dwMilliseconds);
|
|
382
|
+
|
|
383
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
384
|
+
static extern bool GetExitCodeProcess(IntPtr hProcess, out uint lpExitCode);
|
|
385
|
+
|
|
386
|
+
private static int RunInImpersonation(IntPtr hToken, Func<int> action) {
|
|
387
|
+
if (!ImpersonateLoggedOnUser(hToken)) {
|
|
388
|
+
Console.Error.WriteLine("Error: ImpersonateLoggedOnUser failed (" + Marshal.GetLastWin32Error() + ")");
|
|
389
|
+
return 1;
|
|
390
|
+
}
|
|
391
|
+
try {
|
|
392
|
+
return action();
|
|
393
|
+
} finally {
|
|
394
|
+
RevertToSelf();
|
|
395
|
+
}
|
|
396
|
+
}
|
|
397
|
+
|
|
398
|
+
private static string GetNormalizedPath(string path) {
|
|
399
|
+
string fullPath = Path.GetFullPath(path);
|
|
400
|
+
StringBuilder longPath = new StringBuilder(1024);
|
|
401
|
+
uint result = GetLongPathName(fullPath, longPath, (uint)longPath.Capacity);
|
|
402
|
+
if (result > 0 && result < longPath.Capacity) {
|
|
403
|
+
return longPath.ToString();
|
|
404
|
+
}
|
|
405
|
+
return fullPath;
|
|
406
|
+
}
|
|
407
|
+
|
|
408
|
+
private static void CheckForbidden(string path, HashSet<string> forbiddenPaths) {
|
|
409
|
+
string fullPath = GetNormalizedPath(path);
|
|
410
|
+
foreach (string forbidden in forbiddenPaths) {
|
|
411
|
+
if (fullPath.Equals(forbidden, StringComparison.OrdinalIgnoreCase) || fullPath.StartsWith(forbidden + Path.DirectorySeparatorChar, StringComparison.OrdinalIgnoreCase)) {
|
|
412
|
+
throw new UnauthorizedAccessException("Access to forbidden path is denied: " + path);
|
|
413
|
+
}
|
|
328
414
|
}
|
|
329
415
|
}
|
|
330
416
|
|
|
331
417
|
private static string QuoteArgument(string arg) {
|
|
332
418
|
if (string.IsNullOrEmpty(arg)) return "\"\"";
|
|
333
419
|
|
|
334
|
-
bool
|
|
335
|
-
|
|
420
|
+
bool needsQuotes = false;
|
|
421
|
+
foreach (char c in arg) {
|
|
422
|
+
if (char.IsWhiteSpace(c) || c == '\"') {
|
|
423
|
+
needsQuotes = true;
|
|
424
|
+
break;
|
|
425
|
+
}
|
|
426
|
+
}
|
|
427
|
+
|
|
428
|
+
if (!needsQuotes) return arg;
|
|
336
429
|
|
|
337
|
-
|
|
338
|
-
// Rule: Backslashes only need escaping if they precede a double quote or the end of the string.
|
|
339
|
-
System.Text.StringBuilder sb = new System.Text.StringBuilder();
|
|
430
|
+
StringBuilder sb = new StringBuilder();
|
|
340
431
|
sb.Append('\"');
|
|
341
432
|
for (int i = 0; i < arg.Length; i++) {
|
|
342
|
-
|
|
343
|
-
|
|
344
|
-
|
|
345
|
-
|
|
346
|
-
|
|
433
|
+
char c = arg[i];
|
|
434
|
+
if (c == '\"') {
|
|
435
|
+
sb.Append("\\\"");
|
|
436
|
+
} else if (c == '\\') {
|
|
437
|
+
int backslashCount = 0;
|
|
438
|
+
while (i < arg.Length && arg[i] == '\\') {
|
|
439
|
+
backslashCount++;
|
|
440
|
+
i++;
|
|
441
|
+
}
|
|
347
442
|
|
|
348
|
-
|
|
349
|
-
|
|
350
|
-
|
|
351
|
-
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
|
|
443
|
+
if (i == arg.Length) {
|
|
444
|
+
sb.Append('\\', backslashCount * 2);
|
|
445
|
+
} else if (arg[i] == '\"') {
|
|
446
|
+
sb.Append('\\', backslashCount * 2 + 1);
|
|
447
|
+
sb.Append('\"');
|
|
448
|
+
} else {
|
|
449
|
+
sb.Append('\\', backslashCount);
|
|
450
|
+
sb.Append(arg[i]);
|
|
451
|
+
}
|
|
355
452
|
} else {
|
|
356
|
-
|
|
357
|
-
sb.Append('\\', backslashCount);
|
|
358
|
-
sb.Append(arg[i]);
|
|
453
|
+
sb.Append(c);
|
|
359
454
|
}
|
|
360
455
|
}
|
|
361
456
|
sb.Append('\"');
|
|
362
457
|
return sb.ToString();
|
|
363
458
|
}
|
|
364
|
-
|
|
365
|
-
private static int RunInImpersonation(IntPtr hToken, Func<int> action) {
|
|
366
|
-
using (WindowsIdentity.Impersonate(hToken)) {
|
|
367
|
-
return action();
|
|
368
|
-
}
|
|
369
|
-
}
|
|
370
459
|
}
|