@madarco/agentbox 0.6.0 → 0.8.0

package/share/agentbox-setup/SKILL.md

@@ -7,16 +7,22 @@ description: Generate an agentbox.yaml for the current AgentBox workspace. Invok
 
 ## Box layout (what you're configuring against)
 
-Your user i `vscode` and you can use passwordless sudo to run commands as root.
+Your user i `vscode` and you can use `sudo` to run commands as root.
 
-`/workspace` is the box's plain writable filesystem — a per-box git worktree on a fresh `agentbox/<box-name>` branch (or a tar-piped copy of the host workspace for non-git projects). Anything you install or build into `/workspace` (incl. `node_modules`, `.next`, `target`, `.venv`) lives in the **container's writable layer** and is captured wholesale by `agentbox checkpoint` (`docker commit`) — so a setup task that runs the install once becomes a warm-start asset for every future box in the project. Everything is wiped on `agentbox destroy`.
+`/workspace` is where the user code lives, a per-box git worktree on a fresh `agentbox/<box-name>` branch (or a tar-piped copy of the host workspace for non-git projects).
+Run `agentbox checkpoint --set-default` (similar to `docker commit`) to save any changes make to the system and workspace so that new boxes will start from a warm state. Everything is wiped on `agentbox destroy`.
 
-Three bind mounts wire the box back to the host:
+Some special folders:
 
-- **Host main repo's `.git/`** — bind-mounted RW at its identical absolute host path. In-box commits land on the host's branch refs (visible to `git log` on the host immediately); the box itself carries no SSH/git creds, so `git push` goes through the host relay (`agentbox-ctl git push`). The host's **working tree is never written to** — only refs/objects under `.git/`.
-- **`~/.claude`** — a Docker named volume (`agentbox-claude-config`, shared across boxes by default) seeded from the host's `~/.claude` on each create so auth, skills, and plugins persist without leaking the host's home dir.
+- **Host main repo's `.git/`** — If the box bind-mounted RW at its identical absolute host path. In-box commits land on the host's branch refs (visible to `git log` on the host immediately); the box itself carries no SSH/git creds, so `git push` goes through the host relay (`agentbox-ctl git push`). The host's **working tree is never written to** — only refs/objects under `.git/`. GitHub PR ops (`agentbox-ctl git pr create|view|list|comment|review|merge|close|reopen|checkout`) flow the same way through host `gh`; write ops require host confirmation (deny → exit 10), `merge` and `checkout` have additional opt-in guards.
+- **`~/.claude`** — and similar home folders for coding agents are seeded from the host's `~/.claude` on each create so auth, skills, and plugins persist without leaking the host's home dir.
 - **`agentbox.yaml`** — read by `agentbox-ctl` from `/workspace`. Tasks and services declared here are what the supervisor will run.
 
+Exposed ports and services:
+- **portless** - every port with `expose:` setting in agentbox.yaml, will be exposed not only as a local port but also as a special domain name `https://<name>.localhost` (so on https) using `portless` cli and proxy. This will be also mapped to the host where also `portless` proxy is running so users can access the same service on the same looking url.
+- **vnc** - the webVNC server exposed on 6080 will be proxies to the host on a random port.
+- **vscode** - the vscode server is proxied to the host on a random port.
+
 ## Goal
 
 Produce a `/workspace/agentbox.yaml` that captures this project's services, tasks, and box defaults so the in-box supervisor (`agentbox-ctl`) can boot the workspace deterministically.
@@ -64,7 +70,7 @@ The box's primary web app (the dev server / Next.js / API the user opens in a br
       as: 80        # must be 80 — the container port AgentBox publishes
 ```
 
-At most **one** service may set `expose:`. AgentBox forwards container `:80` to `127.0.0.1:<port>` and publishes it on the host, so `agentbox list`/`status` show it as the box's main URL on every engine (no OrbStack dependency). Set this on the same service whose `ready_when:` you just wrote (a DB or worker should **not** get `expose:`).
+At most **one** service may set `expose:`. AgentBox forwards container `:80` to `127.0.0.1:<port>` and publishes it on the host with `portless` proxy to a <boxname>.localhost url, so `agentbox list`/`status` show it as the box's main URL on every engine (no OrbStack dependency). Set this on the same service whose `ready_when:` you just wrote (a DB or worker should **not** get `expose:`).
 
 ## 4. Restart + backoff
 
@@ -179,11 +185,12 @@ Tell the user (verbatim):
    ```
 
    your box is ready, you can start more sessions with `agentbox claude`
+   you can access the web app at https://<boxname>.localhost
 
 ## 10. Known issues
 
 - For Nextjs/Vite/Tasnstack projects, makes sure to forward also websocket for hot reload.
 
-- The `install` task is intentionally a no-op once `node_modules/.agentbox-installed` exists. Do **not** remove the marker guard to "force a fresh install" — that reinstalls on every box start. To force a one-off rebuild, delete `node_modules` (or just the marker) then run `agentbox-ctl reload`.
+- Service like flask, nextjs, BETTER_AUTH_URL, NEXT_PUBLIC_APP_URL should use the <boxname>.localhost url for the local development so that on the host it will use the same url as the box.
 
-- Host-only CLI wrappers (portless, etc.) must be bypassed, eg some projects wrap the dev server with a host-side proxy (here: `portless projectname next dev --turbopack`). Override the service command: to call the underlying tool directly (`next dev --turbopack`)
+- The `install` task is intentionally a no-op once `node_modules/.agentbox-installed` exists. Do **not** remove the marker guard to "force a fresh install" — that reinstalls on every box start. To force a one-off rebuild, delete `node_modules` (or just the marker) then run `agentbox-ctl reload`.

package/share/host-skills/agentbox/SKILL.md

@@ -0,0 +1,29 @@
+---
+name: agentbox
+description: "Fork the current agent session into a new VM or local Docker container with all the project files, agent settings and session teleported into."
+disable-model-invocation: true
+context: fork
+agent: general-purpose
+allowed-tools: Bash
+---
+<!-- agentbox-managed:v1 -->
+
+Fork the current Claude Code session into a fresh AgentBox box.
+
+1. **Resolve the provider flag from `$ARGUMENTS`:**
+   - empty → no flag (uses the default docker provider)
+   - `docker` | `daytona` | `hetzner` → pass `--provider $ARGUMENTS`
+   - anything else → stop and tell the user the valid values are `docker`, `daytona`, `hetzner`
+
+2. **Fork.** Run, via the Bash tool, exactly one command:
+
+   ```
+   agentbox fork --session ${CLAUDE_SESSION_ID} [--provider $ARGUMENTS]
+   ```
+
+3. **Report.** In one line, give the user the new box name (parse it from the command output) and confirm their host session is unaffected. Do not summarize the conversation — the fork already carries it.
+
+## Troubleshooting
+
+- If agentbox command fails, tell the user to install AgentBox by writing `! npm -g install @madarco/agentbox` in the chat.
+- If `AGENTBOX_RELAY_URL` is set in the environment, you are running *inside* a box. This command is host-only in v1; tell the user box→box fork is not supported yet.

package/share/host-skills/agentbox-info/SKILL.md

@@ -0,0 +1,211 @@
+---
+name: agentbox-info
+description: "Spin up isolated sandboxes (\"boxes\") for coding agents, run them in parallel, queue background runs with -i, and push commits safely through the host relay. Use when the user wants to run Claude Code / Codex / OpenCode in a sandbox, start more boxes, attach to a running box, or otherwise operate the `agentbox` CLI on their laptop."
+user-invocable: false
+---
+<!-- agentbox-managed:v1 -->
+
+# AgentBox (host-side)
+
+You are operating on the **user's host machine** (laptop / dev workstation), not inside a box. Use the `agentbox` CLI to provision isolated sandboxes for coding agents and to attach to them.
+
+If you find yourself *inside* a box (`/workspace` exists and `AGENTBOX_RELAY_URL` is set in the env), this is the wrong skill — use the in-box `/agentbox-setup` skill instead.
+
+## What AgentBox is, in one paragraph
+
+AgentBox spins up one isolated sandbox per agent run — a local Docker container (default), a Daytona cloud sandbox (`--provider daytona`), or a Hetzner VPS (`--provider hetzner`). Each box has its own `/workspace`, but the host's `.git/` is shared, so commits made inside the box land on the host immediately. The agent inside the box has **no host credentials** — `git push`, opening URLs in the host browser, capturing checkpoints, and all other host-side operations flow through a small host process called the **relay** that runs alongside the CLI.
+
+## The two starting commands
+
+### `agentbox create`
+
+Provision a box and stop. The box exists and is ready, but nothing is launched inside it.
+
+```sh
+agentbox create                       # docker, auto-named after the workspace
+agentbox create -n review             # docker, friendly name
+agentbox create --provider hetzner    # cloud VPS (requires `agentbox prepare --provider hetzner` once)
+agentbox create --attach              # drop into a shell inside the box after create
+```
+
+Useful flags: `-n <name>` (friendly box name), `--provider docker|daytona|hetzner`, `--attach`, `-w <path>` (workspace to mount; defaults to `cwd`), `--snapshot <ref>` (start from a checkpoint).
+
+Non-docker providers require a one-time `agentbox prepare --provider <name>` to bake the base image / snapshot.
+
+### `agentbox claude`
+
+Provision (same as `create`) and launch **Claude Code** inside the box, in a detachable tmux session. This is the main entry point most users want.
+
+```sh
+agentbox claude                       # docker, attaches your terminal
+agentbox claude -n review             # second box, named
+agentbox claude --provider hetzner    # cloud
+agentbox claude -- --model sonnet     # extra args after `--` go to claude itself
+```
+
+While attached: **`Ctrl+a d`** detaches without killing claude. The box keeps running. Reattach with `agentbox claude attach <name|n>`.
+
+Variants with the same shape for other agents: **`agentbox codex`**, **`agentbox opencode`**.
+
+## `-i` / `--initial-prompt`: background queue
+
+With `-i "<prompt>"`, `agentbox claude` (and `codex` / `opencode`) does **not** attach. It writes a job manifest to `~/.agentbox/queue/<id>.json` and exits immediately, printing the job id and log path. The host relay's queue loop drains these manifests respecting `queue.maxConcurrent` (global config; override per invocation with `--max-running <n>`).
+
+Use this to fan out parallel agent runs:
+
+```sh
+agentbox claude -i "fix the failing test in src/auth and open a PR"
+agentbox claude -i "draft a CHANGELOG entry from the last 20 commits"
+agentbox claude -i "audit our dependencies for known CVEs"
+```
+
+Each call returns instantly. The queue drains them concurrently up to `queue.maxConcurrent`. Inspect / attach later:
+
+```sh
+agentbox dashboard                    # TUI with status + leader-key actions
+agentbox claude attach <name|n>       # reattach to a specific box
+```
+
+Caveats: `-i` is currently **docker-only** (cloud sessions only start on attach, so background-mode has no place to seed the prompt). The host must have valid Claude Code credentials.
+
+## Forking the current session into a box
+
+From host Claude, run the **`/agentbox`** slash command (optional arg: `docker` | `daytona` | `hetzner`) to snapshot the *current* Claude Code session into a brand-new box that resumes it. With tmux or iTerm it opens in a new terminal tab; otherwise it starts in the background. The host session is unaffected — you get two parallel timelines. The underlying CLI is `agentbox fork` (`agentbox fork --help`); `/agentbox` requires `agentbox install` to have been run once. This is distinct from `-i`, which seeds a *new* prompt rather than resuming the live conversation.
+
+## Driving one agent from another (`drive`, `agent`, `queue wait-for`)
+
+When *you* are the host-side agent and want to orchestrate other agents running inside boxes — read what they're doing, send them a prompt, wait until they're done or need input — use these three command families. Everything is stateless / one-shot, and the human-text default switches to machine-friendly JSON with `--json`.
+
+### `agentbox drive <box>` — terminal driving
+
+Targets the running tmux session inside a box (auto-picks the agent session: `claude` → `codex` → `opencode` → the only running session; override with `--session <name>`). Provider-uniform — works the same on docker / daytona / hetzner.
+
+```sh
+agentbox drive snapshot 1                          # print rendered TUI as plain text
+agentbox drive snapshot 1 --with-cursor            # JSON envelope: { session, cols, rows, cursor, screen }
+agentbox drive snapshot 1 --ansi --rows -200:-1    # include color, walk into scrollback
+agentbox drive keypress 1 "<C-c>"                  # DSL: <Enter>, <C-x>, <Tab>, <F5>, <Up>, etc.
+agentbox drive send-text 1 "hello"                 # literal text, no DSL parsing, no trailing Enter
+agentbox drive prompt 1 "summarize /workspace/README" # type + Enter (the convenience action)
+agentbox drive wait 1 --text "✓" --timeout 60000   # block until <text> appears on screen
+agentbox drive resize 1 200 60
+```
+
+`keypress` uses a small DSL: `<Enter>`, `<Tab>`, `<Esc>`, `<Space>`, `<BS>`, `<Del>`, `<Up>/<Down>/<Left>/<Right>`, `<Home>/<End>/<PageUp>/<PageDown>`, `<F1>`–`<F12>`, `<C-a>`..`<C-z>`. Use `<<` for a literal `<`. Multiple args concatenate with no spaces (`"ls" "<Enter>"` → `ls\r`).
+
+### `agentbox agent <box>` — agent state introspection (Claude / Codex / OpenCode)
+
+Sub-second latency. State source by agent:
+
+- **Claude Code**: lifecycle hooks (`UserPromptSubmit`, `PreToolUse`, `Stop`, `Notification`, `ExitPlanMode`, `AskUserQuestion`, `PreCompact`/`PostCompact`, `StopFailure`, `SubagentStart`/`SubagentStop`).
+- **Codex**: tmux-pane scraper inside the box (codex 0.134.0's own hook firing is unreliable; staged hooks remain for the day that's fixed upstream).
+- **OpenCode**: a plugin (`agentbox-state.js`) seeded into the OpenCode config volume, subscribing to OpenCode's event bus.
+
+All three feed the same status pipeline; `agent state` / `agent wait-for` work the same regardless of which agent runs inside the box. Reports come from `~/.agentbox/boxes/<id>/status.json` and the relay event stream.
+
+```sh
+agentbox agent state 1                # → working | idle | waiting | end-plan | question | prompt | compacting | error
+agentbox agent state 1 --json         # full BoxStatusClaude (state, updatedAt, sessionTitle, plan?, question?)
+
+agentbox agent wait-for prompt 1 --timeout 600000      # block until Claude is at the input box, no pending plan/question
+agentbox agent wait-for end-plan 1                     # Claude just called ExitPlanMode; user has to approve
+agentbox agent wait-for question 1                     # AskUserQuestion picker is up
+agentbox agent wait-for idle 1                         # Stop hook fired (turn complete)
+agentbox agent wait-for compacting 1                   # Claude is summarizing context (PreCompact fired)
+agentbox agent wait-for error 1                        # Claude's turn ended with a failure (StopFailure)
+
+agentbox agent get-plan-question 1            # print the plan body OR question + options (human)
+agentbox agent get-plan-question 1 --json     # structured payload
+```
+
+The `prompt` state is derived: `idle` AND tmux session alive AND no pending plan/question — i.e. "ready for the next user message". Use it as the natural sync point after sending a new prompt.
+
+The `end-plan` and `question` matchers tolerate the race where Claude's `Notification:permission_prompt` hook flips the raw state to `waiting` immediately after the matcher hook fires — both states still match while the plan/question payload is pending, and only the matching `PostToolUse` (handled internally with `--clear-pending`) resets them.
+
+### `agentbox queue wait-for <event>` — queue + box lifecycle
+
+```sh
+agentbox queue wait-for new-box                          # any new box gets registered
+agentbox queue wait-for empty-queue --timeout 1800000    # all queued/running jobs settled
+agentbox queue wait-for box-running --box review
+agentbox queue wait-for box-paused  --box 2
+agentbox queue wait-for box-stopped --box 2
+agentbox queue wait-for job-done --job b45f1603841bd2b5  # terminal status (done/failed/cancelled)
+```
+
+All wait-for commands exit 0 on match, exit 1 on timeout, and accept `--json` for parseable output.
+
+### Recipe: queue a plan, then act per turn
+
+This is the canonical "drive a Claude Code from another Claude Code" loop. You queue an initial planning prompt, wait for the plan to land, capture it, decide, send the next message, repeat.
+
+```sh
+# 1. Kick off a box with a planning prompt.
+agentbox claude -n design -i "Plan how to add an OAuth login flow to apps/web, then enter plan mode. Don't start coding."
+
+# 2. Wait until Claude is at the ExitPlanMode approval prompt.
+agentbox agent wait-for end-plan design --timeout 600000
+
+# 3. Read the plan back as text (or JSON) and decide.
+PLAN=$(agentbox agent get-plan-question design)
+echo "$PLAN"
+
+# 4. Approve via tmux — option 1 ("Yes, and use auto mode") is already highlighted.
+agentbox drive keypress design "<Enter>"
+
+# 5. Wait for the turn to finish.
+agentbox agent wait-for prompt design --timeout 1200000
+
+# 6. Fan out follow-up work to a fresh box, in background, while reviewing this one.
+agentbox claude -i "Write the OAuth provider unit tests in apps/web/test/auth/"
+
+# 7. Block until everything settles before reporting back.
+agentbox queue wait-for empty-queue --timeout 3600000
+```
+
+The same shape covers `agent wait-for question` + `agent get-plan-question` (read the choices, send the answer index via `drive keypress 1 "<Down><Enter>"`, then `wait-for prompt`).
+
+### Quick mental model
+
+- `drive` = "send keystrokes / read screen" — provider-uniform tmux capture-pane / send-keys.
+- `agent` = "what is the Claude TUI currently doing" — hook-driven, race-free, machine-readable.
+- `queue wait-for` = "block on queue or box lifecycle transitions" — poll-based, no new endpoint.
+- All three commands are **stateless** — safe to invoke from any script, any agent, in parallel.
+- `--json` everywhere. Default human text is for the operator; an agent should pass `--json`.
+
+## Git through the host relay
+
+**The box has no SSH keys, GPG keys, or git remote credentials.** Don't ask the user to add any. When an in-box agent (or a script you run inside the box) does `git push` or `git pull`, the AgentBox-provided `agentbox-ctl git` wrapper POSTs a JSON-RPC call to the host relay (`POST /rpc`, bearer-auth, loopback-only). The relay runs the **real** `git push origin …` on the host, using the user's `SSH_AUTH_SOCK`, `~/.gitconfig`, and identity — and streams stdout/stderr back into the box's terminal. The box's exit code matches the host's.
+
+Implications for you, the host-side agent:
+
+- Inside the box you can `git commit … && git push` exactly as normal. No setup needed.
+- Pushes are gated host-side: the relay can require a confirm prompt for destructive operations (the user sees it in the dashboard footer, ~25 s TTL). If a push appears to hang, tell the user to check the dashboard.
+- The relay process is started lazily by the first `agentbox create` / `agentbox claude` and persists across runs (PID at `~/.agentbox/relay.pid`, log at `~/.agentbox/relay.log`). You normally don't need to manage it.
+
+## Other commands worth knowing
+
+| Command | What it does |
+| --- | --- |
+| `agentbox dashboard` | TUI status + switcher across all boxes. The leader is **`Ctrl+a`** (e.g. `Ctrl+a u` opens the box's web URL; `Ctrl+a s` opens the in-box browser; `Ctrl+a q` quits). |
+| `agentbox shell [n\|name]` | Interactive `bash -l` inside the box (also wrapped in tmux by default — detach with `Ctrl+a d`). |
+| `agentbox url [n\|name]` | Open the box's web app URL (`<box-name>.localhost` via Portless) in the host browser. |
+| `agentbox screen [n\|name]` | Open the box's **own** Chromium via VNC — useful for OAuth flows the agent inside the box initiates. |
+| `agentbox code [n\|name]` | Open VS Code / Cursor pointed at the box. |
+| `agentbox prepare --provider <name>` | One-time base image / snapshot build for `daytona` or `hetzner`. With no `--provider`, prints status across all providers. |
+| `agentbox prune --provider <name>` | Clean up orphan boxes / images / snapshots for a provider (docker + daytona supported; hetzner pending). |
+
+Per-project numeric index (`1`, `2`, …) and friendly name (`review`, `smoke`) both work wherever `<box>` is accepted. Index `1` is the first box created in the current workspace.
+
+## Operating principles
+
+1. **Never assume the host needs SSH keys forwarded into a box** — git is handled by the relay, by design.
+2. **Use `-i` whenever the user asks for parallel agent work** rather than spawning multiple foreground sessions. Then point them at `agentbox dashboard` to watch progress.
+3. **Pick the provider deliberately.** `docker` is the fast default. `--provider hetzner` gives a real VPS (heavier, isolated, requires `agentbox prepare --provider hetzner` once). `--provider daytona` is the managed cloud option.
+4. **Cross-check before recommending a command.** If a flag isn't listed here, run `agentbox <command> --help` (it's safe and read-only) before suggesting it to the user.
+5. **`/agentbox-setup` is a different skill.** It runs *inside* a box to generate `/workspace/agentbox.yaml`. Don't conflate it with `/agentbox` (host-side fork) or this reference skill.
+
+## Reference
+
+- Full docs live in the repo at `docs/` — start with `docs/architecture.md` and `docs/create-and-checkpoints.md` for the model, `docs/host-relay.md` for the relay, `docs/cloud-providers.md` for the cloud paths.
+- npm package: `@madarco/agentbox` — `npm -g install @madarco/agentbox` (or `npx @madarco/agentbox <command>`).

package/share/host-skills/codex/agentbox.md

@@ -0,0 +1,35 @@
+---
+description: Fork the current Codex session into a new AgentBox box and resume it there (opens in a new terminal tab).
+argument-hint: [provider]
+---
+<!-- agentbox-managed:v1 -->
+
+Fork the current Codex session into a fresh AgentBox box running Codex.
+
+Optional provider argument: `$ARGUMENTS` (docker | daytona | hetzner; default docker).
+
+## Steps
+
+1. **Pre-flight (stop on either):**
+   - If `AGENTBOX_RELAY_URL` is set in the environment, you are running *inside* a box — box→box fork is not supported yet; stop and tell the user.
+   - If `which agentbox` fails, tell the user to install AgentBox (`npm -g install @madarco/agentbox`) and stop.
+
+2. **Find the current Codex session id.** Codex exposes no session-id variable, so resolve it from the most recently written rollout file (that is the live session). Run via your shell tool:
+
+   ```
+   ls -t "$HOME"/.codex/sessions/*/*/*/rollout-*.jsonl 2>/dev/null | head -1 \
+     | xargs -I{} basename {} .jsonl \
+     | grep -oE '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$'
+   ```
+
+   That prints the session `<uuid>`. If it prints nothing, stop and tell the user no Codex session was found for this machine.
+
+3. **Resolve the provider flag from `$ARGUMENTS`:** empty → none; `docker` | `daytona` | `hetzner` → `--provider $ARGUMENTS`; anything else → stop and report the valid values.
+
+4. **Fork.** Run, via your shell tool:
+
+   ```
+   agentbox fork --agent codex --session <uuid> [--provider <from step 3>]
+   ```
+
+5. **Report** the new box name from the command output. Your current Codex session is unaffected — you now have two parallel timelines.

package/share/host-skills/opencode/agentbox.md

@@ -0,0 +1,26 @@
+---
+description: Spawn a parallel AgentBox box running OpenCode for this project (opens in a new terminal tab). Note - the current OpenCode session is not resumed yet; this starts a fresh session.
+---
+<!-- agentbox-managed:v1 -->
+
+Spawn a new AgentBox box running OpenCode for the current project, in a new terminal tab.
+
+Optional provider argument: `$ARGUMENTS` (docker | daytona | hetzner; default docker).
+
+**Note:** resuming an OpenCode session into a box isn't supported yet (sessions live in a shared SQLite DB), so this starts a **fresh** OpenCode session in the box — it does not carry the current conversation.
+
+## Steps
+
+1. **Pre-flight (stop on either):**
+   - If `AGENTBOX_RELAY_URL` is set in the environment, you are running *inside* a box — not supported; stop and tell the user.
+   - If `which agentbox` fails, tell the user to install AgentBox (`npm -g install @madarco/agentbox`) and stop.
+
+2. **Resolve the provider flag from `$ARGUMENTS`:** empty → none; `docker` | `daytona` | `hetzner` → `--provider $ARGUMENTS`; anything else → stop and report the valid values.
+
+3. **Fork.** Run, via your shell tool:
+
+   ```
+   agentbox fork --agent opencode [--provider <from step 2>]
+   ```
+
+4. **Report** the new box name from the command output.

package/dist/chunk-BBZMA2K6.js

@@ -1,238 +0,0 @@
-#!/usr/bin/env node
-import {
-  CHECKPOINT_IMAGE_PREFIX,
-  checkpointImageTag,
-  detectEngine,
-  inspectContainer,
-  inspectContainerStatus,
-  inspectVolumeMountpoint
-} from "./chunk-HHMWQNLF.js";
-
-// ../../packages/sandbox-docker/dist/chunk-RKWE53VF.js
-import { homedir } from "os";
-import { join } from "path";
-import { execa } from "execa";
-function parseDockerSize(raw) {
-  const s = raw.trim();
-  if (!s || s === "--" || s === "N/A") return null;
-  const m = /^([\d.]+)\s*([A-Za-z]*)$/.exec(s);
-  if (!m) return null;
-  const n = Number(m[1]);
-  if (!Number.isFinite(n)) return null;
-  const unit = (m[2] ?? "").toLowerCase();
-  const mult = {
-    "": 1,
-    b: 1,
-    kb: 1e3,
-    mb: 1e6,
-    gb: 1e9,
-    tb: 1e12,
-    kib: 1024,
-    mib: 1024 ** 2,
-    gib: 1024 ** 3,
-    tib: 1024 ** 4
-  };
-  const factor = mult[unit];
-  return factor === void 0 ? null : n * factor;
-}
-function parsePercent(raw) {
-  if (!raw) return null;
-  const n = Number(raw.replace("%", "").trim());
-  return Number.isFinite(n) ? n : null;
-}
-function splitPair(raw) {
-  if (!raw) return null;
-  const parts = raw.split("/");
-  if (parts.length !== 2) return null;
-  return [parts[0].trim(), parts[1].trim()];
-}
-async function duBytes(path) {
-  const result = await execa("du", ["-sk", path], { reject: false });
-  if (result.exitCode !== 0) return null;
-  const kb = Number.parseInt((result.stdout ?? "").split(/\s+/)[0] ?? "", 10);
-  return Number.isNaN(kb) ? null : kb * 1024;
-}
-async function volumeSizeBytes(name) {
-  if (!name) return null;
-  const engine = await detectEngine();
-  if (engine === "orbstack") {
-    const live = join(homedir(), "OrbStack", "docker", "volumes", name);
-    const sz = await duBytes(live);
-    if (sz !== null) return sz;
-  }
-  const df = await execa(
-    "docker",
-    ["system", "df", "-v", "--format", "{{json .Volumes}}"],
-    { reject: false }
-  );
-  if (df.exitCode === 0) {
-    try {
-      const vols = JSON.parse(df.stdout || "[]");
-      const hit = vols.find((v) => v.Name === name);
-      const parsed = hit?.Size ? parseDockerSize(hit.Size) : null;
-      if (parsed !== null) return parsed;
-    } catch {
-    }
-  }
-  const mp = await inspectVolumeMountpoint(name);
-  if (mp && !mp.startsWith("/var/lib/docker")) {
-    return duBytes(mp);
-  }
-  return null;
-}
-async function imageBytes(tag) {
-  const r = await execa("docker", ["image", "inspect", tag, "--format", "{{.Size}}"], {
-    reject: false
-  });
-  if (r.exitCode !== 0) return null;
-  const n = Number.parseInt((r.stdout ?? "").trim(), 10);
-  return Number.isFinite(n) ? n : null;
-}
-async function projectCheckpointImageBytes(projectRoot, name) {
-  return imageBytes(checkpointImageTag(projectRoot, name));
-}
-async function allCheckpointImagesBytes() {
-  const r = await execa(
-    "docker",
-    [
-      "image",
-      "ls",
-      "--format",
-      "{{.Repository}}:{{.Tag}}	{{.Size}}",
-      `${CHECKPOINT_IMAGE_PREFIX}*`
-    ],
-    { reject: false }
-  );
-  if (r.exitCode !== 0) return null;
-  const lines = (r.stdout ?? "").split("\n").map((s) => s.trim()).filter((s) => s.length > 0);
-  if (lines.length === 0) return null;
-  let total = 0;
-  let any = false;
-  for (const line of lines) {
-    const [, size] = line.split("	");
-    const n = size ? parseDockerSize(size) : null;
-    if (n !== null) {
-      total += n;
-      any = true;
-    }
-  }
-  return any ? total : null;
-}
-async function agentboxHomeBytes() {
-  return duBytes(join(homedir(), ".agentbox"));
-}
-function limitsFromRecord(record) {
-  const r = record.resourceLimits;
-  return {
-    memoryBytes: r?.memoryBytes && r.memoryBytes > 0 ? r.memoryBytes : null,
-    cpus: r?.cpus && r.cpus > 0 ? r.cpus : null,
-    pidsLimit: r?.pidsLimit && r.pidsLimit > 0 ? r.pidsLimit : null,
-    disk: r?.disk || null
-  };
-}
-function reconcileLimits(persisted, dockerJson) {
-  const hc = dockerJson?.HostConfig;
-  if (!hc) return persisted;
-  const mem = typeof hc.Memory === "number" && hc.Memory > 0 ? hc.Memory : null;
-  const nano = typeof hc.NanoCpus === "number" && hc.NanoCpus > 0 ? hc.NanoCpus : null;
-  const pids = typeof hc.PidsLimit === "number" && hc.PidsLimit > 0 ? hc.PidsLimit : null;
-  return {
-    memoryBytes: mem ?? persisted.memoryBytes,
-    cpus: nano ? nano / 1e9 : persisted.cpus,
-    pidsLimit: pids ?? persisted.pidsLimit,
-    disk: persisted.disk
-  };
-}
-async function containerWritableBytes(container) {
-  const r = await execa(
-    "docker",
-    ["ps", "-a", "--filter", `name=^${container}$`, "--format", "{{.Size}}", "--size"],
-    { reject: false }
-  );
-  if (r.exitCode !== 0) return null;
-  const first = (r.stdout ?? "").split("\n")[0]?.trim();
-  if (!first) return null;
-  const m = /^([^()]+?)(?:\s*\(.*\))?$/.exec(first);
-  const sz = m ? m[1].trim() : first;
-  return parseDockerSize(sz);
-}
-async function boxResourceStats(record) {
-  const warnings = [];
-  const dockerJson = await inspectContainer(record.container);
-  const limits = reconcileLimits(limitsFromRecord(record), dockerJson);
-  const [diskContainer, diskDocker, snapshotDiskBytes, checkpointImageBytesValue] = await Promise.all([
-    containerWritableBytes(record.container),
-    record.dockerVolume ? volumeSizeBytes(record.dockerVolume) : Promise.resolve(null),
-    record.snapshotDir ? duBytes(record.snapshotDir) : Promise.resolve(null),
-    record.checkpointImage ? imageBytes(record.checkpointImage) : Promise.resolve(null)
-  ]);
-  const diskUsedBytes = diskContainer === null && diskDocker === null ? null : (diskContainer ?? 0) + (diskDocker ?? 0);
-  if (diskUsedBytes === null) {
-    warnings.push("disk usage unavailable on this engine");
-  }
-  const base = {
-    source: "docker",
-    live: false,
-    cpuPercent: null,
-    memUsedBytes: null,
-    memLimitBytes: limits.memoryBytes,
-    memPercent: null,
-    pids: null,
-    diskUsedBytes,
-    snapshotDiskBytes,
-    checkpointVolumeBytes: checkpointImageBytesValue,
-    netRxBytes: null,
-    netTxBytes: null,
-    blockReadBytes: null,
-    blockWriteBytes: null,
-    limits,
-    warnings
-  };
-  if (await inspectContainerStatus(record.container) !== "running") {
-    return base;
-  }
-  const proc = await execa(
-    "docker",
-    ["stats", "--no-stream", "--format", "{{json .}}", record.container],
-    { reject: false }
-  );
-  if (proc.exitCode !== 0 || !proc.stdout.trim()) {
-    return base;
-  }
-  let line;
-  try {
-    line = JSON.parse(proc.stdout.trim().split("\n")[0]);
-  } catch {
-    return base;
-  }
-  const memPair = splitPair(line.MemUsage);
-  const memUsedBytes = memPair ? parseDockerSize(memPair[0]) : null;
-  const memEngineTotal = memPair ? parseDockerSize(memPair[1]) : null;
-  const netPair = splitPair(line.NetIO);
-  const blkPair = splitPair(line.BlockIO);
-  return {
-    ...base,
-    live: true,
-    cpuPercent: parsePercent(line.CPUPerc),
-    memUsedBytes,
-    // The applied limit when set; otherwise docker stats' own denominator
-    // (the engine/host total).
-    memLimitBytes: limits.memoryBytes ?? memEngineTotal,
-    memPercent: parsePercent(line.MemPerc),
-    pids: line.PIDs ? Number.parseInt(line.PIDs, 10) || null : null,
-    netRxBytes: netPair ? parseDockerSize(netPair[0]) : null,
-    netTxBytes: netPair ? parseDockerSize(netPair[1]) : null,
-    blockReadBytes: blkPair ? parseDockerSize(blkPair[0]) : null,
-    blockWriteBytes: blkPair ? parseDockerSize(blkPair[1]) : null
-  };
-}
-
-export {
-  parseDockerSize,
-  volumeSizeBytes,
-  projectCheckpointImageBytes,
-  allCheckpointImagesBytes,
-  agentboxHomeBytes,
-  boxResourceStats
-};
-//# sourceMappingURL=chunk-BBZMA2K6.js.map

package/dist/chunk-BBZMA2K6.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../packages/sandbox-docker/src/stats.ts"],"sourcesContent":["import { homedir } from 'node:os';\nimport { join } from 'node:path';\nimport { execa } from 'execa';\nimport type { BoxResourceLimits, BoxResourceStats } from '@agentbox/core';\nimport { CHECKPOINT_IMAGE_PREFIX, checkpointImageTag } from './checkpoint.js';\nimport {\n  inspectContainer,\n  inspectContainerStatus,\n  inspectVolumeMountpoint,\n} from './docker.js';\nimport { detectEngine } from './host-export.js';\nimport type { BoxRecord } from './state.js';\n\n/**\n * Parse one of Docker's human-formatted size tokens (`512MiB`, `1.2kB`,\n * `3.4GB`, `0B`, `--`). Returns null when unparseable. Docker mixes binary\n * (`KiB/MiB/GiB`) and decimal (`kB/MB/GB`) suffixes depending on the column, so\n * we handle both.\n */\nexport function parseDockerSize(raw: string): number | null {\n  const s = raw.trim();\n  if (!s || s === '--' || s === 'N/A') return null;\n  const m = /^([\\d.]+)\\s*([A-Za-z]*)$/.exec(s);\n  if (!m) return null;\n  const n = Number(m[1]);\n  if (!Number.isFinite(n)) return null;\n  const unit = (m[2] ?? '').toLowerCase();\n  const mult: Record<string, number> = {\n    '': 1,\n    b: 1,\n    kb: 1e3,\n    mb: 1e6,\n    gb: 1e9,\n    tb: 1e12,\n    kib: 1024,\n    mib: 1024 ** 2,\n    gib: 1024 ** 3,\n    tib: 1024 ** 4,\n  };\n  const factor = mult[unit];\n  return factor === undefined ? null : n * factor;\n}\n\nfunction parsePercent(raw: string | undefined): number | null {\n  if (!raw) return null;\n  const n = Number(raw.replace('%', '').trim());\n  return Number.isFinite(n) ? n : null;\n}\n\n/** Split Docker's \"<a> / <b>\" pair columns (MemUsage, NetIO, BlockIO). */\nfunction splitPair(raw: string | undefined): [string, string] | null {\n  if (!raw) return null;\n  const parts = raw.split('/');\n  if (parts.length !== 2) return null;\n  return [parts[0]!.trim(), parts[1]!.trim()];\n}\n\nasync function duBytes(path: string): Promise<number | null> {\n  const result = await execa('du', ['-sk', path], { reject: false });\n  if (result.exitCode !== 0) return null;\n  const kb = Number.parseInt((result.stdout ?? '').split(/\\s+/)[0] ?? '', 10);\n  return Number.isNaN(kb) ? null : kb * 1024;\n}\n\n/**\n * Best-effort on-host byte size of a Docker named volume. Fastest path first:\n *   1. OrbStack exposes volumes live at ~/OrbStack/docker/volumes/<name>/.\n *   2. `docker system df -v` (cheap-walked once; may report \"N/A\").\n *   3. The reported mountpoint, only when host-readable (Linux native Docker).\n * Returns null when no path is reachable from the host (the macOS VM case\n * where `system df` also has no number).\n */\nexport async function volumeSizeBytes(name: string): Promise<number | null> {\n  if (!name) return null;\n  const engine = await detectEngine();\n  if (engine === 'orbstack') {\n    const live = join(homedir(), 'OrbStack', 'docker', 'volumes', name);\n    const sz = await duBytes(live);\n    if (sz !== null) return sz;\n  }\n  const df = await execa(\n    'docker',\n    ['system', 'df', '-v', '--format', '{{json .Volumes}}'],\n    { reject: false },\n  );\n  if (df.exitCode === 0) {\n    try {\n      const vols = JSON.parse(df.stdout || '[]') as Array<{ Name?: string; Size?: string }>;\n      const hit = vols.find((v) => v.Name === name);\n      const parsed = hit?.Size ? parseDockerSize(hit.Size) : null;\n      if (parsed !== null) return parsed;\n    } catch {\n      // fall through to mountpoint\n    }\n  }\n  const mp = await inspectVolumeMountpoint(name);\n  if (mp && !mp.startsWith('/var/lib/docker')) {\n    return duBytes(mp);\n  }\n  return null;\n}\n\n/**\n * On-host byte size of a Docker image (sum of its own layer sizes — what\n * `docker images` reports). Null on docker errors.\n */\nasync function imageBytes(tag: string): Promise<number | null> {\n  const r = await execa('docker', ['image', 'inspect', tag, '--format', '{{.Size}}'], {\n    reject: false,\n  });\n  if (r.exitCode !== 0) return null;\n  const n = Number.parseInt((r.stdout ?? '').trim(), 10);\n  return Number.isFinite(n) ? n : null;\n}\n\n/**\n * Size of a project's most-recent checkpoint image (the head of the lineage,\n * resolved via the `checkpointImageTag` helper from a checkpoint *name*). The\n * caller passes the name because we don't enumerate manifests from this\n * module — that lives in checkpoint.ts. Null when the image isn't present.\n */\nexport async function projectCheckpointImageBytes(\n  projectRoot: string,\n  name: string,\n): Promise<number | null> {\n  return imageBytes(checkpointImageTag(projectRoot, name));\n}\n\n/**\n * Total on-host bytes of every checkpoint image (the durable, cross-box\n * warm-state assets). Walks every image tag under `CHECKPOINT_IMAGE_PREFIX`.\n * Null when none exist.\n */\nexport async function allCheckpointImagesBytes(): Promise<number | null> {\n  const r = await execa(\n    'docker',\n    [\n      'image',\n      'ls',\n      '--format',\n      '{{.Repository}}:{{.Tag}}\\t{{.Size}}',\n      `${CHECKPOINT_IMAGE_PREFIX}*`,\n    ],\n    { reject: false },\n  );\n  if (r.exitCode !== 0) return null;\n  const lines = (r.stdout ?? '')\n    .split('\\n')\n    .map((s) => s.trim())\n    .filter((s) => s.length > 0);\n  if (lines.length === 0) return null;\n  let total = 0;\n  let any = false;\n  for (const line of lines) {\n    const [, size] = line.split('\\t');\n    const n = size ? parseDockerSize(size) : null;\n    if (n !== null) {\n      total += n;\n      any = true;\n    }\n  }\n  return any ? total : null;\n}\n\n/** On-host byte size of the whole ~/.agentbox state/runtime directory. */\nexport async function agentboxHomeBytes(): Promise<number | null> {\n  return duBytes(join(homedir(), '.agentbox'));\n}\n\nfunction limitsFromRecord(record: BoxRecord): BoxResourceLimits {\n  const r = record.resourceLimits;\n  return {\n    memoryBytes: r?.memoryBytes && r.memoryBytes > 0 ? r.memoryBytes : null,\n    cpus: r?.cpus && r.cpus > 0 ? r.cpus : null,\n    pidsLimit: r?.pidsLimit && r.pidsLimit > 0 ? r.pidsLimit : null,\n    disk: r?.disk || null,\n  };\n}\n\n/**\n * Cross-check persisted limits against the live container's HostConfig so an\n * externally `docker update`d box still reports the truth. The persisted\n * record stays the fallback when the container is gone.\n */\nfunction reconcileLimits(persisted: BoxResourceLimits, dockerJson: unknown): BoxResourceLimits {\n  const hc = (dockerJson as { HostConfig?: Record<string, unknown> } | null)?.HostConfig;\n  if (!hc) return persisted;\n  const mem = typeof hc.Memory === 'number' && hc.Memory > 0 ? hc.Memory : null;\n  const nano = typeof hc.NanoCpus === 'number' && hc.NanoCpus > 0 ? hc.NanoCpus : null;\n  const pids = typeof hc.PidsLimit === 'number' && hc.PidsLimit > 0 ? hc.PidsLimit : null;\n  return {\n    memoryBytes: mem ?? persisted.memoryBytes,\n    cpus: nano ? nano / 1e9 : persisted.cpus,\n    pidsLimit: pids ?? persisted.pidsLimit,\n    disk: persisted.disk,\n  };\n}\n\ninterface DockerStatsLine {\n  CPUPerc?: string;\n  MemUsage?: string;\n  MemPerc?: string;\n  PIDs?: string;\n  NetIO?: string;\n  BlockIO?: string;\n}\n\n/**\n * Container writable-layer size from `docker ps --size`. With the overlay\n * gone, `/workspace` lives here (not in a named volume), so this is the\n * box's primary writable-surface number.\n */\nasync function containerWritableBytes(container: string): Promise<number | null> {\n  const r = await execa(\n    'docker',\n    ['ps', '-a', '--filter', `name=^${container}$`, '--format', '{{.Size}}', '--size'],\n    { reject: false },\n  );\n  if (r.exitCode !== 0) return null;\n  // `--size` produces `<rw> (virtual <total>)`; we want the first number.\n  const first = (r.stdout ?? '').split('\\n')[0]?.trim();\n  if (!first) return null;\n  const m = /^([^()]+?)(?:\\s*\\(.*\\))?$/.exec(first);\n  const sz = m ? m[1]!.trim() : first;\n  return parseDockerSize(sz);\n}\n\n/**\n * Provider-agnostic resource snapshot for a box. CPU/mem/pids/IO come from\n * `docker stats --no-stream` (point-in-time sample; only when the container is\n * running). Disk is the container's writable layer (where `/workspace` lives\n * now that the overlay is gone) plus the in-box dockerd's data-root volume;\n * the per-box host snapshot dir and the checkpoint image lineage are\n * reported on their own fields.\n */\nexport async function boxResourceStats(record: BoxRecord): Promise<BoxResourceStats> {\n  const warnings: string[] = [];\n  const dockerJson = await inspectContainer(record.container);\n  const limits = reconcileLimits(limitsFromRecord(record), dockerJson);\n\n  const [diskContainer, diskDocker, snapshotDiskBytes, checkpointImageBytesValue] =\n    await Promise.all([\n      containerWritableBytes(record.container),\n      record.dockerVolume ? volumeSizeBytes(record.dockerVolume) : Promise.resolve(null),\n      record.snapshotDir ? duBytes(record.snapshotDir) : Promise.resolve(null),\n      record.checkpointImage ? imageBytes(record.checkpointImage) : Promise.resolve(null),\n    ]);\n  const diskUsedBytes =\n    diskContainer === null && diskDocker === null\n      ? null\n      : (diskContainer ?? 0) + (diskDocker ?? 0);\n  if (diskUsedBytes === null) {\n    warnings.push('disk usage unavailable on this engine');\n  }\n\n  const base: BoxResourceStats = {\n    source: 'docker',\n    live: false,\n    cpuPercent: null,\n    memUsedBytes: null,\n    memLimitBytes: limits.memoryBytes,\n    memPercent: null,\n    pids: null,\n    diskUsedBytes,\n    snapshotDiskBytes,\n    checkpointVolumeBytes: checkpointImageBytesValue,\n    netRxBytes: null,\n    netTxBytes: null,\n    blockReadBytes: null,\n    blockWriteBytes: null,\n    limits,\n    warnings,\n  };\n\n  if ((await inspectContainerStatus(record.container)) !== 'running') {\n    return base;\n  }\n\n  const proc = await execa(\n    'docker',\n    ['stats', '--no-stream', '--format', '{{json .}}', record.container],\n    { reject: false },\n  );\n  if (proc.exitCode !== 0 || !proc.stdout.trim()) {\n    return base;\n  }\n  let line: DockerStatsLine;\n  try {\n    line = JSON.parse(proc.stdout.trim().split('\\n')[0]!) as DockerStatsLine;\n  } catch {\n    return base;\n  }\n\n  const memPair = splitPair(line.MemUsage);\n  const memUsedBytes = memPair ? parseDockerSize(memPair[0]) : null;\n  const memEngineTotal = memPair ? parseDockerSize(memPair[1]) : null;\n  const netPair = splitPair(line.NetIO);\n  const blkPair = splitPair(line.BlockIO);\n\n  return {\n    ...base,\n    live: true,\n    cpuPercent: parsePercent(line.CPUPerc),\n    memUsedBytes,\n    // The applied limit when set; otherwise docker stats' own denominator\n    // (the engine/host total).\n    memLimitBytes: limits.memoryBytes ?? memEngineTotal,\n    memPercent: parsePercent(line.MemPerc),\n    pids: line.PIDs ? Number.parseInt(line.PIDs, 10) || null : null,\n    netRxBytes: netPair ? parseDockerSize(netPair[0]) : null,\n    netTxBytes: netPair ? parseDockerSize(netPair[1]) : null,\n    blockReadBytes: blkPair ? parseDockerSize(blkPair[0]) : null,\n    blockWriteBytes: blkPair ? parseDockerSize(blkPair[1]) : null,\n  };\n}\n"],"mappings":";;;;;;;;;;;AAAA,SAAS,eAAe;AACxB,SAAS,YAAY;AACrB,SAAS,aAAa;AAiBf,SAAS,gBAAgB,KAA4B;AAC1D,QAAM,IAAI,IAAI,KAAK;AACnB,MAAI,CAAC,KAAK,MAAM,QAAQ,MAAM,MAAO,QAAO;AAC5C,QAAM,IAAI,2BAA2B,KAAK,CAAC;AAC3C,MAAI,CAAC,EAAG,QAAO;AACf,QAAM,IAAI,OAAO,EAAE,CAAC,CAAC;AACrB,MAAI,CAAC,OAAO,SAAS,CAAC,EAAG,QAAO;AAChC,QAAM,QAAQ,EAAE,CAAC,KAAK,IAAI,YAAY;AACtC,QAAM,OAA+B;IACnC,IAAI;IACJ,GAAG;IACH,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,KAAK;IACL,KAAK,QAAQ;IACb,KAAK,QAAQ;IACb,KAAK,QAAQ;EACf;AACA,QAAM,SAAS,KAAK,IAAI;AACxB,SAAO,WAAW,SAAY,OAAO,IAAI;AAC3C;AAEA,SAAS,aAAa,KAAwC;AAC5D,MAAI,CAAC,IAAK,QAAO;AACjB,QAAM,IAAI,OAAO,IAAI,QAAQ,KAAK,EAAE,EAAE,KAAK,CAAC;AAC5C,SAAO,OAAO,SAAS,CAAC,IAAI,IAAI;AAClC;AAGA,SAAS,UAAU,KAAkD;AACnE,MAAI,CAAC,IAAK,QAAO;AACjB,QAAM,QAAQ,IAAI,MAAM,GAAG;AAC3B,MAAI,MAAM,WAAW,EAAG,QAAO;AAC/B,SAAO,CAAC,MAAM,CAAC,EAAG,KAAK,GAAG,MAAM,CAAC,EAAG,KAAK,CAAC;AAC5C;AAEA,eAAe,QAAQ,MAAsC;AAC3D,QAAM,SAAS,MAAM,MAAM,MAAM,CAAC,OAAO,IAAI,GAAG,EAAE,QAAQ,MAAM,CAAC;AACjE,MAAI,OAAO,aAAa,EAAG,QAAO;AAClC,QAAM,KAAK,OAAO,UAAU,OAAO,UAAU,IAAI,MAAM,KAAK,EAAE,CAAC,KAAK,IAAI,EAAE;AAC1E,SAAO,OAAO,MAAM,EAAE,IAAI,OAAO,KAAK;AACxC;AAUA,eAAsB,gBAAgB,MAAsC;AAC1E,MAAI,CAAC,KAAM,QAAO;AAClB,QAAM,SAAS,MAAM,aAAa;AAClC,MAAI,WAAW,YAAY;AACzB,UAAM,OAAO,KAAK,QAAQ,GAAG,YAAY,UAAU,WAAW,IAAI;AAClE,UAAM,KAAK,MAAM,QAAQ,IAAI;AAC7B,QAAI,OAAO,KAAM,QAAO;EAC1B;AACA,QAAM,KAAK,MAAM;IACf;IACA,CAAC,UAAU,MAAM,MAAM,YAAY,mBAAmB;IACtD,EAAE,QAAQ,MAAM;EAClB;AACA,MAAI,GAAG,aAAa,GAAG;AACrB,QAAI;AACF,YAAM,OAAO,KAAK,MAAM,GAAG,UAAU,IAAI;AACzC,YAAM,MAAM,KAAK,KAAK,CAAC,MAAM,EAAE,SAAS,IAAI;AAC5C,YAAM,SAAS,KAAK,OAAO,gBAAgB,IAAI,IAAI,IAAI;AACvD,UAAI,WAAW,KAAM,QAAO;IAC9B,QAAQ;IAER;EACF;AACA,QAAM,KAAK,MAAM,wBAAwB,IAAI;AAC7C,MAAI,MAAM,CAAC,GAAG,WAAW,iBAAiB,GAAG;AAC3C,WAAO,QAAQ,EAAE;EACnB;AACA,SAAO;AACT;AAMA,eAAe,WAAW,KAAqC;AAC7D,QAAM,IAAI,MAAM,MAAM,UAAU,CAAC,SAAS,WAAW,KAAK,YAAY,WAAW,GAAG;IAClF,QAAQ;EACV,CAAC;AACD,MAAI,EAAE,aAAa,EAAG,QAAO;AAC7B,QAAM,IAAI,OAAO,UAAU,EAAE,UAAU,IAAI,KAAK,GAAG,EAAE;AACrD,SAAO,OAAO,SAAS,CAAC,IAAI,IAAI;AAClC;AAQA,eAAsB,4BACpB,aACA,MACwB;AACxB,SAAO,WAAW,mBAAmB,aAAa,IAAI,CAAC;AACzD;AAOA,eAAsB,2BAAmD;AACvE,QAAM,IAAI,MAAM;IACd;IACA;MACE;MACA;MACA;MACA;MACA,GAAG,uBAAuB;IAC5B;IACA,EAAE,QAAQ,MAAM;EAClB;AACA,MAAI,EAAE,aAAa,EAAG,QAAO;AAC7B,QAAM,SAAS,EAAE,UAAU,IACxB,MAAM,IAAI,EACV,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,EACnB,OAAO,CAAC,MAAM,EAAE,SAAS,CAAC;AAC7B,MAAI,MAAM,WAAW,EAAG,QAAO;AAC/B,MAAI,QAAQ;AACZ,MAAI,MAAM;AACV,aAAW,QAAQ,OAAO;AACxB,UAAM,CAAC,EAAE,IAAI,IAAI,KAAK,MAAM,GAAI;AAChC,UAAM,IAAI,OAAO,gBAAgB,IAAI,IAAI;AACzC,QAAI,MAAM,MAAM;AACd,eAAS;AACT,YAAM;IACR;EACF;AACA,SAAO,MAAM,QAAQ;AACvB;AAGA,eAAsB,oBAA4C;AAChE,SAAO,QAAQ,KAAK,QAAQ,GAAG,WAAW,CAAC;AAC7C;AAEA,SAAS,iBAAiB,QAAsC;AAC9D,QAAM,IAAI,OAAO;AACjB,SAAO;IACL,aAAa,GAAG,eAAe,EAAE,cAAc,IAAI,EAAE,cAAc;IACnE,MAAM,GAAG,QAAQ,EAAE,OAAO,IAAI,EAAE,OAAO;IACvC,WAAW,GAAG,aAAa,EAAE,YAAY,IAAI,EAAE,YAAY;IAC3D,MAAM,GAAG,QAAQ;EACnB;AACF;AAOA,SAAS,gBAAgB,WAA8B,YAAwC;AAC7F,QAAM,KAAM,YAAgE;AAC5E,MAAI,CAAC,GAAI,QAAO;AAChB,QAAM,MAAM,OAAO,GAAG,WAAW,YAAY,GAAG,SAAS,IAAI,GAAG,SAAS;AACzE,QAAM,OAAO,OAAO,GAAG,aAAa,YAAY,GAAG,WAAW,IAAI,GAAG,WAAW;AAChF,QAAM,OAAO,OAAO,GAAG,cAAc,YAAY,GAAG,YAAY,IAAI,GAAG,YAAY;AACnF,SAAO;IACL,aAAa,OAAO,UAAU;IAC9B,MAAM,OAAO,OAAO,MAAM,UAAU;IACpC,WAAW,QAAQ,UAAU;IAC7B,MAAM,UAAU;EAClB;AACF;AAgBA,eAAe,uBAAuB,WAA2C;AAC/E,QAAM,IAAI,MAAM;IACd;IACA,CAAC,MAAM,MAAM,YAAY,SAAS,SAAS,KAAK,YAAY,aAAa,QAAQ;IACjF,EAAE,QAAQ,MAAM;EAClB;AACA,MAAI,EAAE,aAAa,EAAG,QAAO;AAE7B,QAAM,SAAS,EAAE,UAAU,IAAI,MAAM,IAAI,EAAE,CAAC,GAAG,KAAK;AACpD,MAAI,CAAC,MAAO,QAAO;AACnB,QAAM,IAAI,4BAA4B,KAAK,KAAK;AAChD,QAAM,KAAK,IAAI,EAAE,CAAC,EAAG,KAAK,IAAI;AAC9B,SAAO,gBAAgB,EAAE;AAC3B;AAUA,eAAsB,iBAAiB,QAA8C;AACnF,QAAM,WAAqB,CAAC;AAC5B,QAAM,aAAa,MAAM,iBAAiB,OAAO,SAAS;AAC1D,QAAM,SAAS,gBAAgB,iBAAiB,MAAM,GAAG,UAAU;AAEnE,QAAM,CAAC,eAAe,YAAY,mBAAmB,yBAAyB,IAC5E,MAAM,QAAQ,IAAI;IAChB,uBAAuB,OAAO,SAAS;IACvC,OAAO,eAAe,gBAAgB,OAAO,YAAY,IAAI,QAAQ,QAAQ,IAAI;IACjF,OAAO,cAAc,QAAQ,OAAO,WAAW,IAAI,QAAQ,QAAQ,IAAI;IACvE,OAAO,kBAAkB,WAAW,OAAO,eAAe,IAAI,QAAQ,QAAQ,IAAI;EACpF,CAAC;AACH,QAAM,gBACJ,kBAAkB,QAAQ,eAAe,OACrC,QACC,iBAAiB,MAAM,cAAc;AAC5C,MAAI,kBAAkB,MAAM;AAC1B,aAAS,KAAK,uCAAuC;EACvD;AAEA,QAAM,OAAyB;IAC7B,QAAQ;IACR,MAAM;IACN,YAAY;IACZ,cAAc;IACd,eAAe,OAAO;IACtB,YAAY;IACZ,MAAM;IACN;IACA;IACA,uBAAuB;IACvB,YAAY;IACZ,YAAY;IACZ,gBAAgB;IAChB,iBAAiB;IACjB;IACA;EACF;AAEA,MAAK,MAAM,uBAAuB,OAAO,SAAS,MAAO,WAAW;AAClE,WAAO;EACT;AAEA,QAAM,OAAO,MAAM;IACjB;IACA,CAAC,SAAS,eAAe,YAAY,cAAc,OAAO,SAAS;IACnE,EAAE,QAAQ,MAAM;EAClB;AACA,MAAI,KAAK,aAAa,KAAK,CAAC,KAAK,OAAO,KAAK,GAAG;AAC9C,WAAO;EACT;AACA,MAAI;AACJ,MAAI;AACF,WAAO,KAAK,MAAM,KAAK,OAAO,KAAK,EAAE,MAAM,IAAI,EAAE,CAAC,CAAE;EACtD,QAAQ;AACN,WAAO;EACT;AAEA,QAAM,UAAU,UAAU,KAAK,QAAQ;AACvC,QAAM,eAAe,UAAU,gBAAgB,QAAQ,CAAC,CAAC,IAAI;AAC7D,QAAM,iBAAiB,UAAU,gBAAgB,QAAQ,CAAC,CAAC,IAAI;AAC/D,QAAM,UAAU,UAAU,KAAK,KAAK;AACpC,QAAM,UAAU,UAAU,KAAK,OAAO;AAEtC,SAAO;IACL,GAAG;IACH,MAAM;IACN,YAAY,aAAa,KAAK,OAAO;IACrC;;;IAGA,eAAe,OAAO,eAAe;IACrC,YAAY,aAAa,KAAK,OAAO;IACrC,MAAM,KAAK,OAAO,OAAO,SAAS,KAAK,MAAM,EAAE,KAAK,OAAO;IAC3D,YAAY,UAAU,gBAAgB,QAAQ,CAAC,CAAC,IAAI;IACpD,YAAY,UAAU,gBAAgB,QAAQ,CAAC,CAAC,IAAI;IACpD,gBAAgB,UAAU,gBAAgB,QAAQ,CAAC,CAAC,IAAI;IACxD,iBAAiB,UAAU,gBAAgB,QAAQ,CAAC,CAAC,IAAI;EAC3D;AACF;","names":[]}