@mcploom/codexec-isolated-vm 0.1.6 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (24) hide show
  1. package/README.md +10 -2
  2. package/dist/index.cjs +18 -296
  3. package/dist/index.cjs.map +1 -1
  4. package/dist/index.d.cts +5 -24
  5. package/dist/index.d.cts.map +1 -1
  6. package/dist/index.d.ts +5 -24
  7. package/dist/index.d.ts.map +1 -1
  8. package/dist/index.js +19 -297
  9. package/dist/index.js.map +1 -1
  10. package/dist/runner/index.cjs +3 -0
  11. package/dist/runner/index.d.cts +100 -0
  12. package/dist/runner/index.d.cts.map +1 -0
  13. package/dist/runner/index.d.ts +100 -0
  14. package/dist/runner/index.d.ts.map +1 -0
  15. package/dist/runner/index.js +3 -0
  16. package/dist/runner-Dbq2FDWK.js +5542 -0
  17. package/dist/runner-Dbq2FDWK.js.map +1 -0
  18. package/dist/runner-cprbphYc.cjs +5547 -0
  19. package/dist/runner-cprbphYc.cjs.map +1 -0
  20. package/dist/types-BmvPk-t5.d.cts +14 -0
  21. package/dist/types-BmvPk-t5.d.cts.map +1 -0
  22. package/dist/types-CkMlkJam.d.ts +14 -0
  23. package/dist/types-CkMlkJam.d.ts.map +1 -0
  24. package/package.json +8 -3
package/README.md CHANGED
@@ -9,7 +9,7 @@
9
9
 
10
10
  - you explicitly want the `isolated-vm` runtime instead of QuickJS
11
11
  - your environment can support the native addon install
12
- - you are prepared to run Node 20+ with `--no-node-snapshot`
12
+ - you are prepared to run Node 22+ with `--no-node-snapshot`
13
13
 
14
14
  If you want the simpler default backend, use [`@mcploom/codexec-quickjs`](https://www.npmjs.com/package/@mcploom/codexec-quickjs) instead.
15
15
 
@@ -17,6 +17,7 @@ If you want the simpler default backend, use [`@mcploom/codexec-quickjs`](https:
17
17
 
18
18
  - [Basic provider execution on `isolated-vm`](https://github.com/aallam/mcploom/blob/main/examples/codexec-isolated-vm-basic.ts)
19
19
  - [QuickJS-based codexec examples for the shared API surface](https://github.com/aallam/mcploom/blob/main/examples/codexec-basic.ts)
20
+ - [Worker-backed QuickJS example for the alternate transport-backed path](https://github.com/aallam/mcploom/blob/main/examples/codexec-worker.ts)
20
21
  - [Full examples index](https://github.com/aallam/mcploom/tree/main/examples)
21
22
 
22
23
  ## Install
@@ -27,9 +28,10 @@ npm install @mcploom/codexec @mcploom/codexec-isolated-vm
27
28
 
28
29
  ## Requirements
29
30
 
30
- - Node 20+ must run with `--no-node-snapshot`
31
+ - Node 22+ must run with `--no-node-snapshot`
31
32
  - the optional `isolated-vm` native dependency must install successfully in the host environment
32
33
  - native-addon failures are surfaced when `IsolatedVmExecutor` is constructed or used
34
+ - advanced consumers can import the reusable runner from `@mcploom/codexec-isolated-vm/runner`
33
35
 
34
36
  ## Security Notes
35
37
 
@@ -38,6 +40,12 @@ npm install @mcploom/codexec @mcploom/codexec-isolated-vm
38
40
  - This package is still in-process execution. It should not be marketed or relied on as a hard security boundary for hostile code.
39
41
  - Providers remain the real capability boundary. If a tool is dangerous, guest code can invoke it.
40
42
 
43
+ ## Architecture Docs
44
+
45
+ - [Codexec architecture overview](https://github.com/aallam/mcploom/blob/main/docs/architecture/codexec-overview.md)
46
+ - [Codexec executors](https://github.com/aallam/mcploom/blob/main/docs/architecture/codexec-executors.md)
47
+ - [Codexec MCP adapters and protocol](https://github.com/aallam/mcploom/blob/main/docs/architecture/codexec-mcp-and-protocol.md)
48
+
41
49
  ## Usage
42
50
 
43
51
  ```ts
package/dist/index.cjs CHANGED
@@ -1,320 +1,42 @@
1
- let node_crypto = require("node:crypto");
1
+ const require_runner = require('./runner-cprbphYc.cjs');
2
2
  let __mcploom_codexec = require("@mcploom/codexec");
3
3
 
4
4
  //#region src/isolatedVmExecutor.ts
5
- const DEFAULT_MEMORY_LIMIT_BYTES = 64 * 1024 * 1024;
6
- const DEFAULT_TIMEOUT_MS = 5e3;
7
- const DEFAULT_MAX_LOG_LINES = 100;
8
- const DEFAULT_MAX_LOG_CHARS = 64e3;
9
- let cachedModulePromise;
10
- function hasRequiredNodeFlag() {
11
- const execArgv = process.execArgv.join(" ");
12
- const nodeOptions = process.env.NODE_OPTIONS ?? "";
13
- return execArgv.includes("--no-node-snapshot") || nodeOptions.includes("--no-node-snapshot");
14
- }
15
- function toJsonValue(value, message) {
16
- if (value === void 0) return;
17
- const jsonValue = JSON.stringify(value);
18
- if (jsonValue === void 0) throw new __mcploom_codexec.ExecuteFailure("serialization_error", message);
19
- try {
20
- return JSON.parse(jsonValue);
21
- } catch {
22
- throw new __mcploom_codexec.ExecuteFailure("serialization_error", message);
23
- }
24
- }
25
- function toTransferableValue(ivm, value) {
26
- const normalizedValue = toJsonValue(value, "Host value is not JSON-serializable");
27
- if (normalizedValue === null || normalizedValue === void 0 || typeof normalizedValue === "string" || typeof normalizedValue === "number" || typeof normalizedValue === "boolean") return normalizedValue;
28
- return new ivm.ExternalCopy(normalizedValue).copyInto({ release: true });
29
- }
30
- function toExecuteError(error, deadline) {
31
- if (typeof error === "object" && error !== null && "code" in error && "message" in error && (0, __mcploom_codexec.isKnownExecuteErrorCode)(error.code) && typeof error.message === "string") return {
32
- code: error.code,
33
- message: error.message
34
- };
35
- if ((0, __mcploom_codexec.isExecuteFailure)(error)) return {
36
- code: error.code,
37
- message: error.message
38
- };
39
- const message = (0, __mcploom_codexec.normalizeThrownMessage)(error);
40
- const normalizedMessage = message.toLowerCase();
41
- if (Date.now() > deadline || normalizedMessage.includes("timed out") || normalizedMessage.includes("time limit")) return {
42
- code: "timeout",
43
- message: (0, __mcploom_codexec.getExecutionTimeoutMessage)()
44
- };
45
- if (normalizedMessage.includes("memory limit") || normalizedMessage.includes("out of memory")) return {
46
- code: "memory_limit",
47
- message
48
- };
49
- if (normalizedMessage.includes("could not be cloned") || normalizedMessage.includes("non-transferable") || normalizedMessage.includes("not json-serializable")) return {
50
- code: "serialization_error",
51
- message
52
- };
53
- return {
54
- code: "runtime_error",
55
- message
56
- };
57
- }
58
- function toMemoryLimitMb(memoryLimitBytes) {
59
- return Math.max(8, Math.ceil(memoryLimitBytes / (1024 * 1024)));
60
- }
61
- function remainingTime(deadline) {
62
- return Math.max(0, deadline - Date.now());
63
- }
64
- async function runWithDeadline(operation, deadline, signal) {
65
- if (signal.aborted || Date.now() > deadline) throw new __mcploom_codexec.ExecuteFailure("timeout", (0, __mcploom_codexec.getExecutionTimeoutMessage)());
66
- const timeoutMs = remainingTime(deadline);
67
- if (timeoutMs <= 0) throw new __mcploom_codexec.ExecuteFailure("timeout", (0, __mcploom_codexec.getExecutionTimeoutMessage)());
68
- let timeoutId;
69
- return await new Promise((resolve, reject) => {
70
- const onAbort = () => {
71
- reject(new __mcploom_codexec.ExecuteFailure("timeout", (0, __mcploom_codexec.getExecutionTimeoutMessage)()));
72
- };
73
- signal.addEventListener("abort", onAbort, { once: true });
74
- timeoutId = setTimeout(() => {
75
- signal.removeEventListener("abort", onAbort);
76
- reject(new __mcploom_codexec.ExecuteFailure("timeout", (0, __mcploom_codexec.getExecutionTimeoutMessage)()));
77
- }, timeoutMs);
78
- operation.then((value) => {
79
- signal.removeEventListener("abort", onAbort);
80
- if (timeoutId) clearTimeout(timeoutId);
81
- resolve(value);
82
- }, (error) => {
83
- signal.removeEventListener("abort", onAbort);
84
- if (timeoutId) clearTimeout(timeoutId);
85
- reject(error);
86
- });
87
- });
88
- }
89
- async function loadDefaultModule() {
90
- cachedModulePromise ??= import("isolated-vm").then((loaded) => {
91
- return "default" in loaded ? loaded.default : loaded;
92
- });
93
- return cachedModulePromise;
94
- }
95
- function createBootstrapSource(providers, hostErrorPrefix, timeoutMs) {
96
- const lines = [
97
- `const __MCP_HOST_ERROR_PREFIX = ${JSON.stringify(hostErrorPrefix)};`,
98
- `const __MCP_HOST_ERROR_KEY = ${JSON.stringify(`${hostErrorPrefix}key`)};`,
99
- "const __mcpCreateTrustedError = (code, message) => ({",
100
- " [__MCP_HOST_ERROR_KEY]: true,",
101
- " code,",
102
- " message,",
103
- "});",
104
- "const __mcpNormalizeTrustedError = (error) => {",
105
- " if (error && typeof error === 'object' && error[__MCP_HOST_ERROR_KEY] === true && typeof error.code === 'string' && typeof error.message === 'string') {",
106
- " return __mcpCreateTrustedError(error.code, error.message);",
107
- " }",
108
- " if (error && typeof error.message === 'string' && error.message.startsWith(__MCP_HOST_ERROR_PREFIX)) {",
109
- " try {",
110
- " const payload = JSON.parse(error.message.slice(__MCP_HOST_ERROR_PREFIX.length));",
111
- " if (payload && typeof payload.code === 'string' && typeof payload.message === 'string') {",
112
- " return __mcpCreateTrustedError(payload.code, payload.message);",
113
- " }",
114
- " } catch {}",
115
- " }",
116
- " return null;",
117
- "};",
118
- "const __mcpNormalizeGuestError = (error) => {",
119
- " const trusted = __mcpNormalizeTrustedError(error);",
120
- " if (trusted) {",
121
- " return trusted;",
122
- " }",
123
- " if (error && typeof error.message === 'string') {",
124
- " return {",
125
- " code: 'runtime_error',",
126
- " message: error.message,",
127
- " ...(typeof error.name === 'string' ? { name: error.name } : {}),",
128
- " };",
129
- " }",
130
- " return { code: 'runtime_error', message: String(error) };",
131
- "};",
132
- "const __mcpNormalizeHostError = (error) => {",
133
- " const trusted = __mcpNormalizeTrustedError(error);",
134
- " if (trusted) {",
135
- " return trusted;",
136
- " }",
137
- " if (error && typeof error === 'object' && typeof error.code === 'string' && typeof error.message === 'string') {",
138
- " return __mcpCreateTrustedError(error.code, error.message);",
139
- " }",
140
- " return __mcpNormalizeGuestError(error);",
141
- "};",
142
- "const __mcpRaiseNormalizedError = (error) => {",
143
- " throw __mcpNormalizeHostError(error);",
144
- "};",
145
- "const __mcpToJsonValue = (value) => {",
146
- " if (typeof value === 'undefined') {",
147
- " return undefined;",
148
- " }",
149
- " const json = JSON.stringify(value);",
150
- " if (typeof json === 'undefined') {",
151
- " throw __mcpCreateTrustedError(",
152
- " 'serialization_error',",
153
- " 'Guest code returned a non-serializable value'",
154
- " );",
155
- " }",
156
- " return JSON.parse(json);",
157
- "};",
158
- "globalThis.console = {",
159
- " log: (...args) => __mcp_console_log(...args),",
160
- " info: (...args) => __mcp_console_info(...args),",
161
- " warn: (...args) => __mcp_console_warn(...args),",
162
- " error: (...args) => __mcp_console_error(...args),",
163
- "};"
164
- ];
165
- for (const provider of providers) {
166
- lines.push(`globalThis.${provider.name} = {};`);
167
- for (const safeToolName of Object.keys(provider.tools)) {
168
- const hostReferenceName = `__mcp_tool_${provider.name}_${safeToolName}`;
169
- lines.push(`globalThis.${provider.name}.${safeToolName} = async (input) => {`, " try {", ` return await ${hostReferenceName}.applySyncPromise(undefined, [input], { arguments: { copy: true }, timeout: ${timeoutMs} });`, " } catch (error) {", " __mcpRaiseNormalizedError(error);", " }", "};");
170
- }
171
- }
172
- return lines.join("\n");
173
- }
174
- function createExecutionSource(code) {
175
- return [
176
- `const __mcpUserFunction = (${(0, __mcploom_codexec.normalizeCode)(code)});`,
177
- "return (async () => {",
178
- " try {",
179
- " const value = await __mcpUserFunction();",
180
- " return { ok: true, value: __mcpToJsonValue(value) };",
181
- " } catch (error) {",
182
- " return { ok: false, error: __mcpNormalizeGuestError(error) };",
183
- " }",
184
- "})();"
185
- ].join("\n");
186
- }
187
- function setConsoleBindings(context, logs) {
188
- const jail = context.global;
189
- jail.setSync("__mcp_console_log", (...args) => {
190
- logs.push((0, __mcploom_codexec.formatConsoleLine)(args));
191
- });
192
- jail.setSync("__mcp_console_info", (...args) => {
193
- logs.push((0, __mcploom_codexec.formatConsoleLine)(args));
194
- });
195
- jail.setSync("__mcp_console_warn", (...args) => {
196
- logs.push((0, __mcploom_codexec.formatConsoleLine)(args));
197
- });
198
- jail.setSync("__mcp_console_error", (...args) => {
199
- logs.push((0, __mcploom_codexec.formatConsoleLine)(args));
200
- });
201
- }
202
- function setProviderBindings(ivm, context, providers, signal, deadline, hostErrorPrefix) {
203
- const jail = context.global;
204
- for (const provider of providers) for (const [safeToolName, descriptor] of Object.entries(provider.tools)) {
205
- const hostReferenceName = `__mcp_tool_${provider.name}_${safeToolName}`;
206
- jail.setSync(hostReferenceName, async (input) => {
207
- const executionContext = (0, __mcploom_codexec.createExecutionContext)(signal, provider.name, safeToolName, descriptor.originalName);
208
- try {
209
- const normalizedInput = input === void 0 ? void 0 : toJsonValue(input, "Guest code passed a non-serializable tool input");
210
- const pendingExecution = Promise.resolve(descriptor.execute(normalizedInput, executionContext));
211
- pendingExecution.catch(() => {});
212
- return toTransferableValue(ivm, await runWithDeadline(pendingExecution, deadline, signal));
213
- } catch (error) {
214
- const executeError = toExecuteError(error, deadline);
215
- throw new Error(`${hostErrorPrefix}${JSON.stringify(executeError)}`, { cause: error });
216
- }
217
- }, { reference: true });
218
- }
219
- }
220
5
  /**
221
6
  * isolated-vm-backed executor for one-shot sandboxed JavaScript runs.
222
7
  */
223
8
  var IsolatedVmExecutor = class {
224
- loadModule;
225
- maxLogChars;
226
- maxLogLines;
227
- memoryLimitBytes;
228
- timeoutMs;
9
+ options;
229
10
  /**
230
11
  * Creates an isolated-vm executor with one-shot runtime limits and host bridging configuration.
231
12
  */
232
13
  constructor(options = {}) {
233
- this.loadModule = async () => {
234
- return options.loadModule ? await options.loadModule() : await loadDefaultModule();
235
- };
236
- this.maxLogChars = options.maxLogChars ?? DEFAULT_MAX_LOG_CHARS;
237
- this.maxLogLines = options.maxLogLines ?? DEFAULT_MAX_LOG_LINES;
238
- this.memoryLimitBytes = options.memoryLimitBytes ?? DEFAULT_MEMORY_LIMIT_BYTES;
239
- this.timeoutMs = options.timeoutMs ?? DEFAULT_TIMEOUT_MS;
14
+ this.options = options;
240
15
  }
241
16
  /**
242
17
  * Executes JavaScript against the provided tool namespaces in a fresh isolated-vm context.
243
18
  */
244
- async execute(code, providers) {
245
- const startedAt = Date.now();
246
- const deadline = startedAt + this.timeoutMs;
247
- const logs = [];
19
+ async execute(code, providers, options = {}) {
20
+ if (options.signal?.aborted) return (0, __mcploom_codexec.createTimeoutExecuteResult)();
248
21
  const abortController = new AbortController();
249
- const hostErrorPrefix = `__MCP_CODE_EXEC_HOST_ERROR__${(0, node_crypto.randomUUID)()}:`;
250
- if (Number.parseInt(process.versions.node.split(".")[0] ?? "0", 10) >= 20 && !hasRequiredNodeFlag()) return {
251
- durationMs: Date.now() - startedAt,
252
- error: {
253
- code: "internal_error",
254
- message: "isolated-vm requires Node to run with --no-node-snapshot on Node 20+"
255
- },
256
- logs,
257
- ok: false
22
+ const onToolCall = (0, __mcploom_codexec.createToolCallDispatcher)(providers, abortController.signal);
23
+ const onAbort = () => {
24
+ abortController.abort();
258
25
  };
259
- let catastrophicErrorMessage;
260
- let isolate;
261
- let context;
26
+ options.signal?.addEventListener("abort", onAbort, { once: true });
262
27
  try {
263
- const ivm = await this.loadModule();
264
- isolate = new ivm.Isolate({
265
- memoryLimit: toMemoryLimitMb(this.memoryLimitBytes),
266
- onCatastrophicError: (message) => {
267
- catastrophicErrorMessage = message;
268
- abortController.abort();
269
- }
270
- });
271
- context = await isolate.createContext();
272
- setConsoleBindings(context, logs);
273
- setProviderBindings(ivm, context, providers, abortController.signal, deadline, hostErrorPrefix);
274
- await context.eval(createBootstrapSource(providers, hostErrorPrefix, this.timeoutMs), { timeout: this.timeoutMs });
275
- const execution = await context.evalClosure(createExecutionSource(code), [], {
276
- timeout: this.timeoutMs,
277
- result: {
278
- copy: true,
279
- promise: true
280
- }
28
+ return await require_runner.runIsolatedVmSession({
29
+ abortController,
30
+ code,
31
+ onToolCall,
32
+ providers: (0, __mcploom_codexec.extractProviderManifests)(providers)
33
+ }, {
34
+ ...this.options,
35
+ ...options
281
36
  });
282
- if (catastrophicErrorMessage) return {
283
- durationMs: Date.now() - startedAt,
284
- error: {
285
- code: "internal_error",
286
- message: `isolated-vm catastrophic error: ${catastrophicErrorMessage}`
287
- },
288
- logs: (0, __mcploom_codexec.truncateLogs)(logs, this.maxLogLines, this.maxLogChars),
289
- ok: false
290
- };
291
- if (!execution.ok) return {
292
- durationMs: Date.now() - startedAt,
293
- error: toExecuteError(execution.error, deadline),
294
- logs: (0, __mcploom_codexec.truncateLogs)(logs, this.maxLogLines, this.maxLogChars),
295
- ok: false
296
- };
297
- return {
298
- durationMs: Date.now() - startedAt,
299
- logs: (0, __mcploom_codexec.truncateLogs)(logs, this.maxLogLines, this.maxLogChars),
300
- ok: true,
301
- result: execution.value
302
- };
303
- } catch (error) {
304
- const executeError = catastrophicErrorMessage !== void 0 ? {
305
- code: "internal_error",
306
- message: `isolated-vm catastrophic error: ${catastrophicErrorMessage}`
307
- } : toExecuteError(error, deadline);
308
- return {
309
- durationMs: Date.now() - startedAt,
310
- error: executeError,
311
- logs: (0, __mcploom_codexec.truncateLogs)(logs, this.maxLogLines, this.maxLogChars),
312
- ok: false
313
- };
314
37
  } finally {
38
+ options.signal?.removeEventListener("abort", onAbort);
315
39
  abortController.abort();
316
- context?.release?.();
317
- isolate?.dispose();
318
40
  }
319
41
  }
320
42
  };
package/dist/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.cjs","names":["cachedModulePromise: Promise<IsolatedVmModule> | undefined","ExecuteFailure","timeoutId: ReturnType<typeof setTimeout> | undefined","logs: string[]","catastrophicErrorMessage: string | undefined","isolate: IsolatedVmIsolate | undefined","context: IsolatedVmContext | undefined"],"sources":["../src/isolatedVmExecutor.ts"],"sourcesContent":["import { randomUUID } from \"node:crypto\";\n\nimport {\n ExecuteFailure,\n createExecutionContext,\n formatConsoleLine,\n getExecutionTimeoutMessage,\n isExecuteFailure,\n isKnownExecuteErrorCode,\n normalizeCode,\n normalizeThrownMessage,\n truncateLogs,\n} from \"@mcploom/codexec\";\nimport type {\n ExecuteError,\n ExecuteResult,\n Executor,\n ResolvedToolProvider,\n} from \"@mcploom/codexec\";\n\nimport type { IsolatedVmExecutorOptions } from \"./types\";\n\ntype IsolatedVmExternalCopyInstance = {\n copyInto: (options?: { release?: boolean; transferIn?: boolean }) => unknown;\n release?: () => void;\n};\n\ntype IsolatedVmReferenceInstance = {\n setSync: (\n property: string,\n value: unknown,\n options?: Record<string, unknown>,\n ) => void;\n};\n\ntype IsolatedVmContext = {\n eval: (code: string, options?: Record<string, unknown>) => Promise<unknown>;\n evalClosure: (\n code: string,\n args?: unknown[],\n options?: Record<string, unknown>,\n ) => Promise<unknown>;\n global: IsolatedVmReferenceInstance;\n release?: () => void;\n};\n\ntype IsolatedVmIsolate = {\n createContext: () => Promise<IsolatedVmContext>;\n dispose: () => void;\n};\n\ntype IsolatedVmModule = {\n ExternalCopy: new (\n value: unknown,\n options?: Record<string, unknown>,\n ) => IsolatedVmExternalCopyInstance;\n Isolate: new (options?: {\n inspector?: boolean;\n memoryLimit?: number;\n onCatastrophicError?: (message: string) => void;\n }) => IsolatedVmIsolate;\n};\n\ntype GuestExecutionEnvelope =\n | {\n ok: true;\n value: unknown;\n }\n | {\n error: {\n code?: string;\n message?: string;\n name?: string;\n };\n ok: false;\n };\n\nconst DEFAULT_MEMORY_LIMIT_BYTES = 64 * 1024 * 1024;\nconst DEFAULT_TIMEOUT_MS = 5000;\nconst DEFAULT_MAX_LOG_LINES = 100;\nconst DEFAULT_MAX_LOG_CHARS = 64_000;\nlet cachedModulePromise: Promise<IsolatedVmModule> | undefined;\n\nfunction hasRequiredNodeFlag(): boolean {\n const execArgv = process.execArgv.join(\" \");\n const nodeOptions = process.env.NODE_OPTIONS ?? \"\";\n return (\n execArgv.includes(\"--no-node-snapshot\") ||\n nodeOptions.includes(\"--no-node-snapshot\")\n );\n}\n\n\nfunction toJsonValue(value: unknown, message: string): unknown {\n if (value === undefined) {\n return undefined;\n }\n\n const jsonValue = JSON.stringify(value);\n\n if (jsonValue === undefined) {\n throw new ExecuteFailure(\"serialization_error\", message);\n }\n\n try {\n return JSON.parse(jsonValue) as unknown;\n } catch {\n throw new ExecuteFailure(\"serialization_error\", message);\n }\n}\n\nfunction toTransferableValue(ivm: IsolatedVmModule, value: unknown): unknown {\n const normalizedValue = toJsonValue(\n value,\n \"Host value is not JSON-serializable\",\n );\n\n if (\n normalizedValue === null ||\n normalizedValue === undefined ||\n typeof normalizedValue === \"string\" ||\n typeof normalizedValue === \"number\" ||\n typeof normalizedValue === \"boolean\"\n ) {\n return normalizedValue;\n }\n\n const copy = new ivm.ExternalCopy(normalizedValue);\n return copy.copyInto({ release: true });\n}\n\nfunction toExecuteError(error: unknown, deadline: number): ExecuteError {\n if (\n typeof error === \"object\" &&\n error !== null &&\n \"code\" in error &&\n \"message\" in error &&\n isKnownExecuteErrorCode((error as { code?: unknown }).code) &&\n typeof (error as { message?: unknown }).message === \"string\"\n ) {\n return {\n code: (error as { code: ExecuteError[\"code\"] }).code,\n message: (error as { message: string }).message,\n };\n }\n\n if (isExecuteFailure(error)) {\n return {\n code: error.code,\n message: error.message,\n };\n }\n\n const message = normalizeThrownMessage(error);\n const normalizedMessage = message.toLowerCase();\n\n if (\n Date.now() > deadline ||\n normalizedMessage.includes(\"timed out\") ||\n normalizedMessage.includes(\"time limit\")\n ) {\n return {\n code: \"timeout\",\n message: getExecutionTimeoutMessage(),\n };\n }\n\n if (\n normalizedMessage.includes(\"memory limit\") ||\n normalizedMessage.includes(\"out of memory\")\n ) {\n return {\n code: \"memory_limit\",\n message,\n };\n }\n\n if (\n normalizedMessage.includes(\"could not be cloned\") ||\n normalizedMessage.includes(\"non-transferable\") ||\n normalizedMessage.includes(\"not json-serializable\")\n ) {\n return {\n code: \"serialization_error\",\n message,\n };\n }\n\n return {\n code: \"runtime_error\",\n message,\n };\n}\n\nfunction toMemoryLimitMb(memoryLimitBytes: number): number {\n return Math.max(8, Math.ceil(memoryLimitBytes / (1024 * 1024)));\n}\n\nfunction remainingTime(deadline: number): number {\n return Math.max(0, deadline - Date.now());\n}\n\nasync function runWithDeadline<T>(\n operation: Promise<T>,\n deadline: number,\n signal: AbortSignal,\n): Promise<T> {\n if (signal.aborted || Date.now() > deadline) {\n throw new ExecuteFailure(\"timeout\", getExecutionTimeoutMessage());\n }\n\n const timeoutMs = remainingTime(deadline);\n if (timeoutMs <= 0) {\n throw new ExecuteFailure(\"timeout\", getExecutionTimeoutMessage());\n }\n\n let timeoutId: ReturnType<typeof setTimeout> | undefined;\n\n return await new Promise<T>((resolve, reject) => {\n const onAbort = () => {\n reject(new ExecuteFailure(\"timeout\", getExecutionTimeoutMessage()));\n };\n\n signal.addEventListener(\"abort\", onAbort, { once: true });\n timeoutId = setTimeout(() => {\n signal.removeEventListener(\"abort\", onAbort);\n reject(new ExecuteFailure(\"timeout\", getExecutionTimeoutMessage()));\n }, timeoutMs);\n\n void operation.then(\n (value) => {\n signal.removeEventListener(\"abort\", onAbort);\n if (timeoutId) {\n clearTimeout(timeoutId);\n }\n resolve(value);\n },\n (error) => {\n signal.removeEventListener(\"abort\", onAbort);\n if (timeoutId) {\n clearTimeout(timeoutId);\n }\n reject(error);\n },\n );\n });\n}\n\nasync function loadDefaultModule(): Promise<IsolatedVmModule> {\n cachedModulePromise ??= import(\"isolated-vm\").then((loaded) => {\n const candidate = (\n \"default\" in loaded ? loaded.default : loaded\n ) as unknown;\n return candidate as IsolatedVmModule;\n });\n\n return cachedModulePromise;\n}\n\nfunction createBootstrapSource(\n providers: ResolvedToolProvider[],\n hostErrorPrefix: string,\n timeoutMs: number,\n): string {\n const lines = [\n `const __MCP_HOST_ERROR_PREFIX = ${JSON.stringify(hostErrorPrefix)};`,\n `const __MCP_HOST_ERROR_KEY = ${JSON.stringify(`${hostErrorPrefix}key`)};`,\n \"const __mcpCreateTrustedError = (code, message) => ({\",\n \" [__MCP_HOST_ERROR_KEY]: true,\",\n \" code,\",\n \" message,\",\n \"});\",\n \"const __mcpNormalizeTrustedError = (error) => {\",\n \" if (error && typeof error === 'object' && error[__MCP_HOST_ERROR_KEY] === true && typeof error.code === 'string' && typeof error.message === 'string') {\",\n \" return __mcpCreateTrustedError(error.code, error.message);\",\n \" }\",\n \" if (error && typeof error.message === 'string' && error.message.startsWith(__MCP_HOST_ERROR_PREFIX)) {\",\n \" try {\",\n \" const payload = JSON.parse(error.message.slice(__MCP_HOST_ERROR_PREFIX.length));\",\n \" if (payload && typeof payload.code === 'string' && typeof payload.message === 'string') {\",\n \" return __mcpCreateTrustedError(payload.code, payload.message);\",\n \" }\",\n \" } catch {}\",\n \" }\",\n \" return null;\",\n \"};\",\n \"const __mcpNormalizeGuestError = (error) => {\",\n \" const trusted = __mcpNormalizeTrustedError(error);\",\n \" if (trusted) {\",\n \" return trusted;\",\n \" }\",\n \" if (error && typeof error.message === 'string') {\",\n \" return {\",\n \" code: 'runtime_error',\",\n \" message: error.message,\",\n \" ...(typeof error.name === 'string' ? { name: error.name } : {}),\",\n \" };\",\n \" }\",\n \" return { code: 'runtime_error', message: String(error) };\",\n \"};\",\n \"const __mcpNormalizeHostError = (error) => {\",\n \" const trusted = __mcpNormalizeTrustedError(error);\",\n \" if (trusted) {\",\n \" return trusted;\",\n \" }\",\n \" if (error && typeof error === 'object' && typeof error.code === 'string' && typeof error.message === 'string') {\",\n \" return __mcpCreateTrustedError(error.code, error.message);\",\n \" }\",\n \" return __mcpNormalizeGuestError(error);\",\n \"};\",\n \"const __mcpRaiseNormalizedError = (error) => {\",\n \" throw __mcpNormalizeHostError(error);\",\n \"};\",\n \"const __mcpToJsonValue = (value) => {\",\n \" if (typeof value === 'undefined') {\",\n \" return undefined;\",\n \" }\",\n \" const json = JSON.stringify(value);\",\n \" if (typeof json === 'undefined') {\",\n \" throw __mcpCreateTrustedError(\",\n \" 'serialization_error',\",\n \" 'Guest code returned a non-serializable value'\",\n \" );\",\n \" }\",\n \" return JSON.parse(json);\",\n \"};\",\n \"globalThis.console = {\",\n \" log: (...args) => __mcp_console_log(...args),\",\n \" info: (...args) => __mcp_console_info(...args),\",\n \" warn: (...args) => __mcp_console_warn(...args),\",\n \" error: (...args) => __mcp_console_error(...args),\",\n \"};\",\n ];\n\n for (const provider of providers) {\n lines.push(`globalThis.${provider.name} = {};`);\n\n for (const safeToolName of Object.keys(provider.tools)) {\n const hostReferenceName = `__mcp_tool_${provider.name}_${safeToolName}`;\n lines.push(\n `globalThis.${provider.name}.${safeToolName} = async (input) => {`,\n \" try {\",\n ` return await ${hostReferenceName}.applySyncPromise(undefined, [input], { arguments: { copy: true }, timeout: ${timeoutMs} });`,\n \" } catch (error) {\",\n \" __mcpRaiseNormalizedError(error);\",\n \" }\",\n \"};\",\n );\n }\n }\n\n return lines.join(\"\\n\");\n}\n\nfunction createExecutionSource(code: string): string {\n const executableSource = normalizeCode(code);\n\n return [\n `const __mcpUserFunction = (${executableSource});`,\n \"return (async () => {\",\n \" try {\",\n \" const value = await __mcpUserFunction();\",\n \" return { ok: true, value: __mcpToJsonValue(value) };\",\n \" } catch (error) {\",\n \" return { ok: false, error: __mcpNormalizeGuestError(error) };\",\n \" }\",\n \"})();\",\n ].join(\"\\n\");\n}\n\nfunction setConsoleBindings(context: IsolatedVmContext, logs: string[]): void {\n const jail = context.global;\n jail.setSync(\"__mcp_console_log\", (...args: unknown[]) => {\n logs.push(formatConsoleLine(args));\n });\n jail.setSync(\"__mcp_console_info\", (...args: unknown[]) => {\n logs.push(formatConsoleLine(args));\n });\n jail.setSync(\"__mcp_console_warn\", (...args: unknown[]) => {\n logs.push(formatConsoleLine(args));\n });\n jail.setSync(\"__mcp_console_error\", (...args: unknown[]) => {\n logs.push(formatConsoleLine(args));\n });\n}\n\nfunction setProviderBindings(\n ivm: IsolatedVmModule,\n context: IsolatedVmContext,\n providers: ResolvedToolProvider[],\n signal: AbortSignal,\n deadline: number,\n hostErrorPrefix: string,\n): void {\n const jail = context.global;\n\n for (const provider of providers) {\n for (const [safeToolName, descriptor] of Object.entries(provider.tools)) {\n const hostReferenceName = `__mcp_tool_${provider.name}_${safeToolName}`;\n\n jail.setSync(\n hostReferenceName,\n async (input: unknown) => {\n const executionContext = createExecutionContext(\n signal,\n provider.name,\n safeToolName,\n descriptor.originalName,\n );\n\n try {\n const normalizedInput =\n input === undefined\n ? undefined\n : toJsonValue(\n input,\n \"Guest code passed a non-serializable tool input\",\n );\n const pendingExecution = Promise.resolve(\n descriptor.execute(normalizedInput, executionContext),\n );\n\n pendingExecution.catch(() => {\n // The deadline path may settle first; keep late provider rejections from\n // surfacing as unhandled promise rejections after timeout/abort.\n });\n const result = await runWithDeadline(\n pendingExecution,\n deadline,\n signal,\n );\n\n return toTransferableValue(ivm, result);\n } catch (error) {\n const executeError = toExecuteError(error, deadline);\n throw new Error(\n `${hostErrorPrefix}${JSON.stringify(executeError)}`,\n {\n cause: error,\n },\n );\n }\n },\n { reference: true },\n );\n }\n }\n}\n\n/**\n * isolated-vm-backed executor for one-shot sandboxed JavaScript runs.\n */\nexport class IsolatedVmExecutor implements Executor {\n private readonly loadModule: () => Promise<IsolatedVmModule>;\n private readonly maxLogChars: number;\n private readonly maxLogLines: number;\n private readonly memoryLimitBytes: number;\n private readonly timeoutMs: number;\n\n /**\n * Creates an isolated-vm executor with one-shot runtime limits and host bridging configuration.\n */\n constructor(options: IsolatedVmExecutorOptions = {}) {\n this.loadModule = async () => {\n const loaded = options.loadModule\n ? await options.loadModule()\n : await loadDefaultModule();\n return loaded as IsolatedVmModule;\n };\n this.maxLogChars = options.maxLogChars ?? DEFAULT_MAX_LOG_CHARS;\n this.maxLogLines = options.maxLogLines ?? DEFAULT_MAX_LOG_LINES;\n this.memoryLimitBytes =\n options.memoryLimitBytes ?? DEFAULT_MEMORY_LIMIT_BYTES;\n this.timeoutMs = options.timeoutMs ?? DEFAULT_TIMEOUT_MS;\n }\n\n /**\n * Executes JavaScript against the provided tool namespaces in a fresh isolated-vm context.\n */\n async execute(\n code: string,\n providers: ResolvedToolProvider[],\n ): Promise<ExecuteResult> {\n const startedAt = Date.now();\n const deadline = startedAt + this.timeoutMs;\n const logs: string[] = [];\n const abortController = new AbortController();\n const hostErrorPrefix = `__MCP_CODE_EXEC_HOST_ERROR__${randomUUID()}:`;\n const nodeMajorVersion = Number.parseInt(\n process.versions.node.split(\".\")[0] ?? \"0\",\n 10,\n );\n\n if (nodeMajorVersion >= 20 && !hasRequiredNodeFlag()) {\n return {\n durationMs: Date.now() - startedAt,\n error: {\n code: \"internal_error\",\n message:\n \"isolated-vm requires Node to run with --no-node-snapshot on Node 20+\",\n },\n logs,\n ok: false,\n };\n }\n\n let catastrophicErrorMessage: string | undefined;\n let isolate: IsolatedVmIsolate | undefined;\n let context: IsolatedVmContext | undefined;\n\n try {\n const ivm = await this.loadModule();\n isolate = new ivm.Isolate({\n memoryLimit: toMemoryLimitMb(this.memoryLimitBytes),\n onCatastrophicError: (message) => {\n catastrophicErrorMessage = message;\n abortController.abort();\n },\n });\n context = await isolate.createContext();\n\n setConsoleBindings(context, logs);\n setProviderBindings(\n ivm,\n context,\n providers,\n abortController.signal,\n deadline,\n hostErrorPrefix,\n );\n await context.eval(\n createBootstrapSource(providers, hostErrorPrefix, this.timeoutMs),\n {\n timeout: this.timeoutMs,\n },\n );\n\n const execution = (await context.evalClosure(\n createExecutionSource(code),\n [],\n {\n timeout: this.timeoutMs,\n result: { copy: true, promise: true },\n },\n )) as GuestExecutionEnvelope;\n\n if (catastrophicErrorMessage) {\n return {\n durationMs: Date.now() - startedAt,\n error: {\n code: \"internal_error\",\n message: `isolated-vm catastrophic error: ${catastrophicErrorMessage}`,\n },\n logs: truncateLogs(logs, this.maxLogLines, this.maxLogChars),\n ok: false,\n };\n }\n\n if (!execution.ok) {\n return {\n durationMs: Date.now() - startedAt,\n error: toExecuteError(execution.error, deadline),\n logs: truncateLogs(logs, this.maxLogLines, this.maxLogChars),\n ok: false,\n };\n }\n\n return {\n durationMs: Date.now() - startedAt,\n logs: truncateLogs(logs, this.maxLogLines, this.maxLogChars),\n ok: true,\n result: execution.value,\n };\n } catch (error) {\n const executeError =\n catastrophicErrorMessage !== undefined\n ? {\n code: \"internal_error\" as const,\n message: `isolated-vm catastrophic error: ${catastrophicErrorMessage}`,\n }\n : toExecuteError(error, deadline);\n\n return {\n durationMs: Date.now() - startedAt,\n error: executeError,\n logs: truncateLogs(logs, this.maxLogLines, this.maxLogChars),\n ok: false,\n };\n } finally {\n abortController.abort();\n context?.release?.();\n isolate?.dispose();\n }\n }\n}\n"],"mappings":";;;;AA6EA,MAAM,6BAA6B,KAAK,OAAO;AAC/C,MAAM,qBAAqB;AAC3B,MAAM,wBAAwB;AAC9B,MAAM,wBAAwB;AAC9B,IAAIA;AAEJ,SAAS,sBAA+B;CACtC,MAAM,WAAW,QAAQ,SAAS,KAAK,IAAI;CAC3C,MAAM,cAAc,QAAQ,IAAI,gBAAgB;AAChD,QACE,SAAS,SAAS,qBAAqB,IACvC,YAAY,SAAS,qBAAqB;;AAK9C,SAAS,YAAY,OAAgB,SAA0B;AAC7D,KAAI,UAAU,OACZ;CAGF,MAAM,YAAY,KAAK,UAAU,MAAM;AAEvC,KAAI,cAAc,OAChB,OAAM,IAAIC,iCAAe,uBAAuB,QAAQ;AAG1D,KAAI;AACF,SAAO,KAAK,MAAM,UAAU;SACtB;AACN,QAAM,IAAIA,iCAAe,uBAAuB,QAAQ;;;AAI5D,SAAS,oBAAoB,KAAuB,OAAyB;CAC3E,MAAM,kBAAkB,YACtB,OACA,sCACD;AAED,KACE,oBAAoB,QACpB,oBAAoB,UACpB,OAAO,oBAAoB,YAC3B,OAAO,oBAAoB,YAC3B,OAAO,oBAAoB,UAE3B,QAAO;AAIT,QADa,IAAI,IAAI,aAAa,gBAAgB,CACtC,SAAS,EAAE,SAAS,MAAM,CAAC;;AAGzC,SAAS,eAAe,OAAgB,UAAgC;AACtE,KACE,OAAO,UAAU,YACjB,UAAU,QACV,UAAU,SACV,aAAa,wDACY,MAA6B,KAAK,IAC3D,OAAQ,MAAgC,YAAY,SAEpD,QAAO;EACL,MAAO,MAAyC;EAChD,SAAU,MAA8B;EACzC;AAGH,6CAAqB,MAAM,CACzB,QAAO;EACL,MAAM,MAAM;EACZ,SAAS,MAAM;EAChB;CAGH,MAAM,wDAAiC,MAAM;CAC7C,MAAM,oBAAoB,QAAQ,aAAa;AAE/C,KACE,KAAK,KAAK,GAAG,YACb,kBAAkB,SAAS,YAAY,IACvC,kBAAkB,SAAS,aAAa,CAExC,QAAO;EACL,MAAM;EACN,4DAAqC;EACtC;AAGH,KACE,kBAAkB,SAAS,eAAe,IAC1C,kBAAkB,SAAS,gBAAgB,CAE3C,QAAO;EACL,MAAM;EACN;EACD;AAGH,KACE,kBAAkB,SAAS,sBAAsB,IACjD,kBAAkB,SAAS,mBAAmB,IAC9C,kBAAkB,SAAS,wBAAwB,CAEnD,QAAO;EACL,MAAM;EACN;EACD;AAGH,QAAO;EACL,MAAM;EACN;EACD;;AAGH,SAAS,gBAAgB,kBAAkC;AACzD,QAAO,KAAK,IAAI,GAAG,KAAK,KAAK,oBAAoB,OAAO,MAAM,CAAC;;AAGjE,SAAS,cAAc,UAA0B;AAC/C,QAAO,KAAK,IAAI,GAAG,WAAW,KAAK,KAAK,CAAC;;AAG3C,eAAe,gBACb,WACA,UACA,QACY;AACZ,KAAI,OAAO,WAAW,KAAK,KAAK,GAAG,SACjC,OAAM,IAAIA,iCAAe,8DAAuC,CAAC;CAGnE,MAAM,YAAY,cAAc,SAAS;AACzC,KAAI,aAAa,EACf,OAAM,IAAIA,iCAAe,8DAAuC,CAAC;CAGnE,IAAIC;AAEJ,QAAO,MAAM,IAAI,SAAY,SAAS,WAAW;EAC/C,MAAM,gBAAgB;AACpB,UAAO,IAAID,iCAAe,8DAAuC,CAAC,CAAC;;AAGrE,SAAO,iBAAiB,SAAS,SAAS,EAAE,MAAM,MAAM,CAAC;AACzD,cAAY,iBAAiB;AAC3B,UAAO,oBAAoB,SAAS,QAAQ;AAC5C,UAAO,IAAIA,iCAAe,8DAAuC,CAAC,CAAC;KAClE,UAAU;AAEb,EAAK,UAAU,MACZ,UAAU;AACT,UAAO,oBAAoB,SAAS,QAAQ;AAC5C,OAAI,UACF,cAAa,UAAU;AAEzB,WAAQ,MAAM;MAEf,UAAU;AACT,UAAO,oBAAoB,SAAS,QAAQ;AAC5C,OAAI,UACF,cAAa,UAAU;AAEzB,UAAO,MAAM;IAEhB;GACD;;AAGJ,eAAe,oBAA+C;AAC5D,yBAAwB,OAAO,eAAe,MAAM,WAAW;AAI7D,SAFE,aAAa,SAAS,OAAO,UAAU;GAGzC;AAEF,QAAO;;AAGT,SAAS,sBACP,WACA,iBACA,WACQ;CACR,MAAM,QAAQ;EACZ,mCAAmC,KAAK,UAAU,gBAAgB,CAAC;EACnE,gCAAgC,KAAK,UAAU,GAAG,gBAAgB,KAAK,CAAC;EACxE;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACD;AAED,MAAK,MAAM,YAAY,WAAW;AAChC,QAAM,KAAK,cAAc,SAAS,KAAK,QAAQ;AAE/C,OAAK,MAAM,gBAAgB,OAAO,KAAK,SAAS,MAAM,EAAE;GACtD,MAAM,oBAAoB,cAAc,SAAS,KAAK,GAAG;AACzD,SAAM,KACJ,cAAc,SAAS,KAAK,GAAG,aAAa,wBAC5C,WACA,oBAAoB,kBAAkB,8EAA8E,UAAU,OAC9H,uBACA,yCACA,OACA,KACD;;;AAIL,QAAO,MAAM,KAAK,KAAK;;AAGzB,SAAS,sBAAsB,MAAsB;AAGnD,QAAO;EACL,mEAHqC,KAAK,CAGK;EAC/C;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACD,CAAC,KAAK,KAAK;;AAGd,SAAS,mBAAmB,SAA4B,MAAsB;CAC5E,MAAM,OAAO,QAAQ;AACrB,MAAK,QAAQ,sBAAsB,GAAG,SAAoB;AACxD,OAAK,8CAAuB,KAAK,CAAC;GAClC;AACF,MAAK,QAAQ,uBAAuB,GAAG,SAAoB;AACzD,OAAK,8CAAuB,KAAK,CAAC;GAClC;AACF,MAAK,QAAQ,uBAAuB,GAAG,SAAoB;AACzD,OAAK,8CAAuB,KAAK,CAAC;GAClC;AACF,MAAK,QAAQ,wBAAwB,GAAG,SAAoB;AAC1D,OAAK,8CAAuB,KAAK,CAAC;GAClC;;AAGJ,SAAS,oBACP,KACA,SACA,WACA,QACA,UACA,iBACM;CACN,MAAM,OAAO,QAAQ;AAErB,MAAK,MAAM,YAAY,UACrB,MAAK,MAAM,CAAC,cAAc,eAAe,OAAO,QAAQ,SAAS,MAAM,EAAE;EACvE,MAAM,oBAAoB,cAAc,SAAS,KAAK,GAAG;AAEzD,OAAK,QACH,mBACA,OAAO,UAAmB;GACxB,MAAM,iEACJ,QACA,SAAS,MACT,cACA,WAAW,aACZ;AAED,OAAI;IACF,MAAM,kBACJ,UAAU,SACN,SACA,YACE,OACA,kDACD;IACP,MAAM,mBAAmB,QAAQ,QAC/B,WAAW,QAAQ,iBAAiB,iBAAiB,CACtD;AAED,qBAAiB,YAAY,GAG3B;AAOF,WAAO,oBAAoB,KANZ,MAAM,gBACnB,kBACA,UACA,OACD,CAEsC;YAChC,OAAO;IACd,MAAM,eAAe,eAAe,OAAO,SAAS;AACpD,UAAM,IAAI,MACR,GAAG,kBAAkB,KAAK,UAAU,aAAa,IACjD,EACE,OAAO,OACR,CACF;;KAGL,EAAE,WAAW,MAAM,CACpB;;;;;;AAQP,IAAa,qBAAb,MAAoD;CAClD,AAAiB;CACjB,AAAiB;CACjB,AAAiB;CACjB,AAAiB;CACjB,AAAiB;;;;CAKjB,YAAY,UAAqC,EAAE,EAAE;AACnD,OAAK,aAAa,YAAY;AAI5B,UAHe,QAAQ,aACnB,MAAM,QAAQ,YAAY,GAC1B,MAAM,mBAAmB;;AAG/B,OAAK,cAAc,QAAQ,eAAe;AAC1C,OAAK,cAAc,QAAQ,eAAe;AAC1C,OAAK,mBACH,QAAQ,oBAAoB;AAC9B,OAAK,YAAY,QAAQ,aAAa;;;;;CAMxC,MAAM,QACJ,MACA,WACwB;EACxB,MAAM,YAAY,KAAK,KAAK;EAC5B,MAAM,WAAW,YAAY,KAAK;EAClC,MAAME,OAAiB,EAAE;EACzB,MAAM,kBAAkB,IAAI,iBAAiB;EAC7C,MAAM,kBAAkB,4DAA2C,CAAC;AAMpE,MALyB,OAAO,SAC9B,QAAQ,SAAS,KAAK,MAAM,IAAI,CAAC,MAAM,KACvC,GACD,IAEuB,MAAM,CAAC,qBAAqB,CAClD,QAAO;GACL,YAAY,KAAK,KAAK,GAAG;GACzB,OAAO;IACL,MAAM;IACN,SACE;IACH;GACD;GACA,IAAI;GACL;EAGH,IAAIC;EACJ,IAAIC;EACJ,IAAIC;AAEJ,MAAI;GACF,MAAM,MAAM,MAAM,KAAK,YAAY;AACnC,aAAU,IAAI,IAAI,QAAQ;IACxB,aAAa,gBAAgB,KAAK,iBAAiB;IACnD,sBAAsB,YAAY;AAChC,gCAA2B;AAC3B,qBAAgB,OAAO;;IAE1B,CAAC;AACF,aAAU,MAAM,QAAQ,eAAe;AAEvC,sBAAmB,SAAS,KAAK;AACjC,uBACE,KACA,SACA,WACA,gBAAgB,QAChB,UACA,gBACD;AACD,SAAM,QAAQ,KACZ,sBAAsB,WAAW,iBAAiB,KAAK,UAAU,EACjE,EACE,SAAS,KAAK,WACf,CACF;GAED,MAAM,YAAa,MAAM,QAAQ,YAC/B,sBAAsB,KAAK,EAC3B,EAAE,EACF;IACE,SAAS,KAAK;IACd,QAAQ;KAAE,MAAM;KAAM,SAAS;KAAM;IACtC,CACF;AAED,OAAI,yBACF,QAAO;IACL,YAAY,KAAK,KAAK,GAAG;IACzB,OAAO;KACL,MAAM;KACN,SAAS,mCAAmC;KAC7C;IACD,0CAAmB,MAAM,KAAK,aAAa,KAAK,YAAY;IAC5D,IAAI;IACL;AAGH,OAAI,CAAC,UAAU,GACb,QAAO;IACL,YAAY,KAAK,KAAK,GAAG;IACzB,OAAO,eAAe,UAAU,OAAO,SAAS;IAChD,0CAAmB,MAAM,KAAK,aAAa,KAAK,YAAY;IAC5D,IAAI;IACL;AAGH,UAAO;IACL,YAAY,KAAK,KAAK,GAAG;IACzB,0CAAmB,MAAM,KAAK,aAAa,KAAK,YAAY;IAC5D,IAAI;IACJ,QAAQ,UAAU;IACnB;WACM,OAAO;GACd,MAAM,eACJ,6BAA6B,SACzB;IACE,MAAM;IACN,SAAS,mCAAmC;IAC7C,GACD,eAAe,OAAO,SAAS;AAErC,UAAO;IACL,YAAY,KAAK,KAAK,GAAG;IACzB,OAAO;IACP,0CAAmB,MAAM,KAAK,aAAa,KAAK,YAAY;IAC5D,IAAI;IACL;YACO;AACR,mBAAgB,OAAO;AACvB,YAAS,WAAW;AACpB,YAAS,SAAS"}
1
+ {"version":3,"file":"index.cjs","names":["runIsolatedVmSession"],"sources":["../src/isolatedVmExecutor.ts"],"sourcesContent":["import {\n createTimeoutExecuteResult,\n createToolCallDispatcher,\n extractProviderManifests,\n type ExecutionOptions,\n type ExecuteResult,\n type Executor,\n type ResolvedToolProvider,\n} from \"@mcploom/codexec\";\n\nimport { runIsolatedVmSession } from \"./runner/index\";\nimport type { IsolatedVmExecutorOptions } from \"./types\";\n\n/**\n * isolated-vm-backed executor for one-shot sandboxed JavaScript runs.\n */\nexport class IsolatedVmExecutor implements Executor {\n private readonly options: IsolatedVmExecutorOptions;\n\n /**\n * Creates an isolated-vm executor with one-shot runtime limits and host bridging configuration.\n */\n constructor(options: IsolatedVmExecutorOptions = {}) {\n this.options = options;\n }\n\n /**\n * Executes JavaScript against the provided tool namespaces in a fresh isolated-vm context.\n */\n async execute(\n code: string,\n providers: ResolvedToolProvider[],\n options: ExecutionOptions = {},\n ): Promise<ExecuteResult> {\n if (options.signal?.aborted) {\n return createTimeoutExecuteResult();\n }\n\n const abortController = new AbortController();\n const onToolCall = createToolCallDispatcher(providers, abortController.signal);\n const onAbort = () => {\n abortController.abort();\n };\n\n options.signal?.addEventListener(\"abort\", onAbort, { once: true });\n\n try {\n return await runIsolatedVmSession(\n {\n abortController,\n code,\n onToolCall,\n providers: extractProviderManifests(providers),\n },\n {\n ...this.options,\n ...options,\n },\n );\n } finally {\n options.signal?.removeEventListener(\"abort\", onAbort);\n abortController.abort();\n }\n }\n}\n"],"mappings":";;;;;;;AAgBA,IAAa,qBAAb,MAAoD;CAClD,AAAiB;;;;CAKjB,YAAY,UAAqC,EAAE,EAAE;AACnD,OAAK,UAAU;;;;;CAMjB,MAAM,QACJ,MACA,WACA,UAA4B,EAAE,EACN;AACxB,MAAI,QAAQ,QAAQ,QAClB,2DAAmC;EAGrC,MAAM,kBAAkB,IAAI,iBAAiB;EAC7C,MAAM,6DAAsC,WAAW,gBAAgB,OAAO;EAC9E,MAAM,gBAAgB;AACpB,mBAAgB,OAAO;;AAGzB,UAAQ,QAAQ,iBAAiB,SAAS,SAAS,EAAE,MAAM,MAAM,CAAC;AAElE,MAAI;AACF,UAAO,MAAMA,oCACX;IACE;IACA;IACA;IACA,2DAAoC,UAAU;IAC/C,EACD;IACE,GAAG,KAAK;IACR,GAAG;IACJ,CACF;YACO;AACR,WAAQ,QAAQ,oBAAoB,SAAS,QAAQ;AACrD,mBAAgB,OAAO"}
package/dist/index.d.cts CHANGED
@@ -1,32 +1,13 @@
1
- import { ExecuteResult, Executor, ResolvedToolProvider } from "@mcploom/codexec";
1
+ import { t as IsolatedVmExecutorOptions } from "./types-BmvPk-t5.cjs";
2
+ import { ExecuteResult, ExecutionOptions, Executor, ResolvedToolProvider } from "@mcploom/codexec";
2
3
 
3
- //#region src/types.d.ts
4
- /**
5
- * Options for constructing an {@link IsolatedVmExecutor}.
6
- */
7
- interface IsolatedVmExecutorOptions {
8
- /** Optional isolated-vm module loader override for tests or custom builds. */
9
- loadModule?: () => Promise<unknown> | unknown;
10
- /** Maximum total characters preserved across captured log lines. */
11
- maxLogChars?: number;
12
- /** Maximum number of captured log lines returned in the result. */
13
- maxLogLines?: number;
14
- /** Guest memory limit in bytes. */
15
- memoryLimitBytes?: number;
16
- /** Wall-clock execution timeout in milliseconds. */
17
- timeoutMs?: number;
18
- }
19
- //#endregion
20
4
  //#region src/isolatedVmExecutor.d.ts
5
+
21
6
  /**
22
7
  * isolated-vm-backed executor for one-shot sandboxed JavaScript runs.
23
8
  */
24
9
  declare class IsolatedVmExecutor implements Executor {
25
- private readonly loadModule;
26
- private readonly maxLogChars;
27
- private readonly maxLogLines;
28
- private readonly memoryLimitBytes;
29
- private readonly timeoutMs;
10
+ private readonly options;
30
11
  /**
31
12
  * Creates an isolated-vm executor with one-shot runtime limits and host bridging configuration.
32
13
  */
@@ -34,7 +15,7 @@ declare class IsolatedVmExecutor implements Executor {
34
15
  /**
35
16
  * Executes JavaScript against the provided tool namespaces in a fresh isolated-vm context.
36
17
  */
37
- execute(code: string, providers: ResolvedToolProvider[]): Promise<ExecuteResult>;
18
+ execute(code: string, providers: ResolvedToolProvider[], options?: ExecutionOptions): Promise<ExecuteResult>;
38
19
  }
39
20
  //#endregion
40
21
  export { IsolatedVmExecutor, type IsolatedVmExecutorOptions };
package/dist/index.d.cts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.cts","names":[],"sources":["../src/types.ts","../src/isolatedVmExecutor.ts"],"sourcesContent":[],"mappings":";;;;;;AAGiB,UAAA,yBAAA,CAEI;;qBAAA;;EC+bR,WAAA,CAAA,EAAA,MAAA;EAUU;EAmBR,WAAA,CAAA,EAAA,MAAA;EACF;EAAR,gBAAA,CAAA,EAAA,MAAA;EA9BsC;EAAQ,SAAA,CAAA,EAAA,MAAA;;;;;ADjcnD;;cCica,kBAAA,YAA8B;;EAA9B,iBAAA,WAAmB;EAUT,iBAAA,WAAA;EAmBR,iBAAA,gBAAA;EACF,iBAAA,SAAA;EAAR;;;wBApBkB;;;;mCAmBR,yBACV,QAAQ"}
1
+ {"version":3,"file":"index.d.cts","names":[],"sources":["../src/isolatedVmExecutor.ts"],"sourcesContent":[],"mappings":";;;;;;;AAgBA;AAMuB,cANV,kBAAA,YAA8B,QAMpB,CAAA;EASR,iBAAA,OAAA;EACF;;;EAhB8B,WAAA,CAAA,OAAA,CAAA,EAMpB,yBANoB;EAAQ;;;mCAepC,kCACF,mBACR,QAAQ"}
package/dist/index.d.ts CHANGED
@@ -1,32 +1,13 @@
1
- import { ExecuteResult, Executor, ResolvedToolProvider } from "@mcploom/codexec";
1
+ import { t as IsolatedVmExecutorOptions } from "./types-CkMlkJam.js";
2
+ import { ExecuteResult, ExecutionOptions, Executor, ResolvedToolProvider } from "@mcploom/codexec";
2
3
 
3
- //#region src/types.d.ts
4
- /**
5
- * Options for constructing an {@link IsolatedVmExecutor}.
6
- */
7
- interface IsolatedVmExecutorOptions {
8
- /** Optional isolated-vm module loader override for tests or custom builds. */
9
- loadModule?: () => Promise<unknown> | unknown;
10
- /** Maximum total characters preserved across captured log lines. */
11
- maxLogChars?: number;
12
- /** Maximum number of captured log lines returned in the result. */
13
- maxLogLines?: number;
14
- /** Guest memory limit in bytes. */
15
- memoryLimitBytes?: number;
16
- /** Wall-clock execution timeout in milliseconds. */
17
- timeoutMs?: number;
18
- }
19
- //#endregion
20
4
  //#region src/isolatedVmExecutor.d.ts
5
+
21
6
  /**
22
7
  * isolated-vm-backed executor for one-shot sandboxed JavaScript runs.
23
8
  */
24
9
  declare class IsolatedVmExecutor implements Executor {
25
- private readonly loadModule;
26
- private readonly maxLogChars;
27
- private readonly maxLogLines;
28
- private readonly memoryLimitBytes;
29
- private readonly timeoutMs;
10
+ private readonly options;
30
11
  /**
31
12
  * Creates an isolated-vm executor with one-shot runtime limits and host bridging configuration.
32
13
  */
@@ -34,7 +15,7 @@ declare class IsolatedVmExecutor implements Executor {
34
15
  /**
35
16
  * Executes JavaScript against the provided tool namespaces in a fresh isolated-vm context.
36
17
  */
37
- execute(code: string, providers: ResolvedToolProvider[]): Promise<ExecuteResult>;
18
+ execute(code: string, providers: ResolvedToolProvider[], options?: ExecutionOptions): Promise<ExecuteResult>;
38
19
  }
39
20
  //#endregion
40
21
  export { IsolatedVmExecutor, type IsolatedVmExecutorOptions };
package/dist/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","names":[],"sources":["../src/types.ts","../src/isolatedVmExecutor.ts"],"sourcesContent":[],"mappings":";;;;;;AAGiB,UAAA,yBAAA,CAEI;;qBAAA;;EC+bR,WAAA,CAAA,EAAA,MAAA;EAUU;EAmBR,WAAA,CAAA,EAAA,MAAA;EACF;EAAR,gBAAA,CAAA,EAAA,MAAA;EA9BsC;EAAQ,SAAA,CAAA,EAAA,MAAA;;;;;ADjcnD;;cCica,kBAAA,YAA8B;;EAA9B,iBAAA,WAAmB;EAUT,iBAAA,WAAA;EAmBR,iBAAA,gBAAA;EACF,iBAAA,SAAA;EAAR;;;wBApBkB;;;;mCAmBR,yBACV,QAAQ"}
1
+ {"version":3,"file":"index.d.ts","names":[],"sources":["../src/isolatedVmExecutor.ts"],"sourcesContent":[],"mappings":";;;;;;;AAgBA;AAMuB,cANV,kBAAA,YAA8B,QAMpB,CAAA;EASR,iBAAA,OAAA;EACF;;;EAhB8B,WAAA,CAAA,OAAA,CAAA,EAMpB,yBANoB;EAAQ;;;mCAepC,kCACF,mBACR,QAAQ"}