@mlx-node/trl 0.0.0 → 0.0.1

package/dist/trainers/training-logger.js

@@ -1,542 +0,0 @@
-/**
- * Unified Training Logger
- *
- * A high-level logger abstraction that handles TUI/console mode automatically.
- * Eliminates verbose conditional checks throughout the codebase.
- *
- * @example
- * ```typescript
- * const logger = createTrainingLogger();
- *
- * logger.info('Loading model...');           // Console OR TUI log
- * logger.status('loading', 'Loading...');    // TUI header update
- * logger.step(metrics);                      // Training step
- * logger.checkpoint(path, step);             // Checkpoint saved
- * ```
- */
-import { appendFileSync, mkdirSync } from 'node:fs';
-import { join } from 'node:path';
-// ============================================================================
-// Metrics Aggregator
-// ============================================================================
-/**
- * Aggregator for computing running statistics over an epoch
- */
-class MetricsAggregator {
-    values = [];
-    add(value) {
-        this.values.push(value);
-    }
-    mean() {
-        if (this.values.length === 0)
-            return 0;
-        return this.values.reduce((a, b) => a + b, 0) / this.values.length;
-    }
-    sum() {
-        return this.values.reduce((a, b) => a + b, 0);
-    }
-    reset() {
-        this.values = [];
-    }
-}
-// ============================================================================
-// Training Logger
-// ============================================================================
-/**
- * Unified training logger that handles TUI/console mode automatically
- */
-export class TrainingLogger {
-    config;
-    jsonlPath;
-    startTime;
-    lastLogTime;
-    // Epoch-level aggregators
-    epochLoss = new MetricsAggregator();
-    epochReward = new MetricsAggregator();
-    epochAdvantage = new MetricsAggregator();
-    epochTokens = new MetricsAggregator();
-    constructor(config = {}) {
-        // TUI mode is ONLY enabled via environment variable (set by mlx-tui)
-        // This ensures users don't accidentally miss output in CLI mode
-        const tuiMode = process.env.MLX_TUI_MODE === '1';
-        this.config = {
-            tuiMode,
-            logConsole: config.logConsole ?? true,
-            logJsonl: config.logJsonl ?? false,
-            logInterval: config.logInterval ?? 1,
-            outputDir: config.outputDir,
-            runName: config.runName,
-        };
-        this.startTime = Date.now();
-        this.lastLogTime = this.startTime;
-        this.setupJsonl();
-    }
-    setupJsonl() {
-        if (!this.config.logJsonl || this.config.tuiMode)
-            return;
-        if (!this.config.outputDir)
-            return;
-        try {
-            mkdirSync(this.config.outputDir, { recursive: true });
-            const runName = this.config.runName || 'grpo-training';
-            this.jsonlPath = join(this.config.outputDir, `${runName}.jsonl`);
-            this.writeJsonl({
-                event: 'training_start',
-                timestamp: new Date().toISOString(),
-                config: this.config,
-            });
-        }
-        catch {
-            // Silently ignore - logging shouldn't crash training
-        }
-    }
-    // ==========================================================================
-    // Core Logging Methods
-    // ==========================================================================
-    /** Log info message */
-    info(message) {
-        if (this.config.tuiMode) {
-            this.writeTui({ type: 'log', level: 'info', message });
-        }
-        else if (this.config.logConsole) {
-            console.log(message);
-        }
-    }
-    /** Log warning message */
-    warn(message) {
-        if (this.config.tuiMode) {
-            this.writeTui({ type: 'log', level: 'warn', message });
-        }
-        else {
-            console.warn(message);
-        }
-    }
-    /** Log error message */
-    error(message) {
-        if (this.config.tuiMode) {
-            this.writeTui({ type: 'log', level: 'error', message });
-        }
-        else {
-            console.error(message);
-        }
-    }
-    /** Log debug message (only in verbose mode) */
-    debug(message) {
-        if (this.config.tuiMode) {
-            this.writeTui({ type: 'log', level: 'debug', message });
-        }
-        else if (this.config.logConsole && process.env.DEBUG) {
-            console.log(`[DEBUG] ${message}`);
-        }
-    }
-    /** Update status (updates TUI header, shows in console) */
-    status(phase, message) {
-        if (this.config.tuiMode) {
-            this.writeTui({ type: 'status', phase, message });
-        }
-        else if (this.config.logConsole) {
-            console.log(message);
-        }
-    }
-    /** Print decorative banner (console only, suppressed in TUI mode) */
-    banner(...lines) {
-        if (this.config.tuiMode)
-            return;
-        if (!this.config.logConsole)
-            return;
-        for (const line of lines) {
-            console.log(line);
-        }
-    }
-    // ==========================================================================
-    // Training Event Methods
-    // ==========================================================================
-    /** Log training initialization */
-    init(model, config, numExamples) {
-        const trainingType = config.trainingType ?? 'grpo';
-        if (this.config.tuiMode) {
-            this.writeTui({ type: 'init', model, config: { ...config, trainingType } });
-        }
-        else if (this.config.logConsole) {
-            const trainingLabel = trainingType === 'sft' ? 'SFT' : 'GRPO';
-            console.log(`\n Starting ${trainingLabel} training`);
-            if (numExamples)
-                console.log(`   Examples: ${numExamples}`);
-            console.log(`   Epochs: ${config.numEpochs}`);
-            console.log(`   Batch size: ${config.batchSize}`);
-            if (trainingType !== 'sft') {
-                console.log(`   Group size: ${config.groupSize}`);
-            }
-            console.log(`   Learning rate: ${config.learningRate}`);
-        }
-        if (this.jsonlPath && numExamples !== undefined) {
-            this.writeJsonl({
-                event: 'training_config',
-                num_examples: numExamples,
-                config: { ...config, trainingType },
-                timestamp: new Date().toISOString(),
-            });
-        }
-    }
-    /** Log epoch start */
-    epochStart(epoch, totalEpochs, numBatches) {
-        if (this.config.tuiMode) {
-            this.writeTui({
-                type: 'epoch_start',
-                epoch: epoch + 1,
-                totalEpochs,
-                numBatches,
-            });
-        }
-        else if (this.config.logConsole) {
-            console.log(`\n=== Epoch ${epoch + 1}/${totalEpochs} (${numBatches} batches) ===`);
-        }
-        if (this.jsonlPath) {
-            this.writeJsonl({
-                event: 'epoch_start',
-                epoch: epoch + 1,
-                num_batches: numBatches,
-                timestamp: new Date().toISOString(),
-            });
-        }
-    }
-    /** Log training step */
-    step(metrics, batchIdx, numBatches) {
-        // Aggregate for epoch (use available metrics)
-        this.epochLoss.add(metrics.loss);
-        if (metrics.meanReward !== undefined) {
-            this.epochReward.add(metrics.meanReward);
-        }
-        if (metrics.meanAdvantage !== undefined) {
-            this.epochAdvantage.add(metrics.meanAdvantage);
-        }
-        this.epochTokens.add(metrics.totalTokens);
-        if (this.config.tuiMode) {
-            // Build step message with only available fields (no fake values!)
-            const stepMsg = {
-                type: 'step',
-                step: metrics.step,
-                loss: metrics.loss,
-                totalTokens: metrics.totalTokens,
-            };
-            // Add GRPO-specific fields if present
-            if (metrics.meanReward !== undefined) {
-                stepMsg.meanReward = metrics.meanReward;
-            }
-            if (metrics.stdReward !== undefined) {
-                stepMsg.stdReward = metrics.stdReward;
-            }
-            if (metrics.stdAdvantage !== undefined) {
-                stepMsg.stdAdvantage = metrics.stdAdvantage;
-            }
-            // Add SFT-specific fields if present
-            if (metrics.perplexity !== undefined) {
-                stepMsg.perplexity = metrics.perplexity;
-            }
-            if (metrics.tokenAccuracy !== undefined) {
-                stepMsg.tokenAccuracy = metrics.tokenAccuracy;
-            }
-            // Add timing if present
-            if (metrics.generationTimeMs !== undefined) {
-                stepMsg.generationTimeMs = metrics.generationTimeMs;
-            }
-            if (metrics.trainingTimeMs !== undefined) {
-                stepMsg.trainingTimeMs = metrics.trainingTimeMs;
-            }
-            // Add memory if present
-            if (metrics.peakMemoryMb !== undefined) {
-                stepMsg.peakMemoryMb = metrics.peakMemoryMb;
-            }
-            if (metrics.activeMemoryMb !== undefined) {
-                stepMsg.activeMemoryMb = metrics.activeMemoryMb;
-            }
-            this.writeTui(stepMsg);
-        }
-        else if (this.config.logConsole && metrics.step % this.config.logInterval === 0) {
-            const now = Date.now();
-            const stepTime = (now - this.lastLogTime) / this.config.logInterval;
-            this.lastLogTime = now;
-            const batchInfo = batchIdx !== undefined && numBatches !== undefined ? ` | Batch ${batchIdx + 1}/${numBatches}` : '';
-            // Build log message based on available metrics (SFT vs GRPO)
-            let logMsg = `Step ${metrics.step}${batchInfo} | Loss: ${metrics.loss.toFixed(4)}`;
-            if (metrics.perplexity !== undefined) {
-                // SFT format
-                logMsg += ` | Perplexity: ${metrics.perplexity.toFixed(2)}`;
-            }
-            if (metrics.tokenAccuracy !== undefined) {
-                logMsg += ` | Acc: ${(metrics.tokenAccuracy * 100).toFixed(1)}%`;
-            }
-            if (metrics.meanReward !== undefined) {
-                // GRPO format
-                logMsg += ` | Reward: ${metrics.meanReward.toFixed(4)}`;
-            }
-            if (metrics.meanAdvantage !== undefined) {
-                logMsg += ` | Adv: ${metrics.meanAdvantage.toFixed(4)}`;
-            }
-            logMsg += ` | Tokens: ${metrics.totalTokens} | Time: ${stepTime.toFixed(0)}ms/step`;
-            console.log(logMsg);
-        }
-        if (this.jsonlPath && metrics.step % this.config.logInterval === 0) {
-            this.writeJsonl({
-                event: 'step',
-                step: metrics.step,
-                loss: metrics.loss,
-                mean_reward: metrics.meanReward ?? 0,
-                std_reward: metrics.stdReward ?? 0,
-                mean_advantage: metrics.meanAdvantage ?? 0,
-                total_tokens: metrics.totalTokens,
-                timestamp: new Date().toISOString(),
-            });
-        }
-    }
-    /** Log epoch end/summary */
-    epochEnd(epoch, totalEpochs, epochTimeSecs) {
-        const avgLoss = this.epochLoss.mean();
-        const avgReward = this.epochReward.mean();
-        const avgAdvantage = this.epochAdvantage.mean();
-        const totalTokens = this.epochTokens.sum();
-        if (this.config.tuiMode) {
-            this.writeTui({
-                type: 'epoch_end',
-                epoch: epoch + 1,
-                avgLoss,
-                avgReward,
-                epochTimeSecs: epochTimeSecs ?? 0,
-            });
-        }
-        else if (this.config.logConsole) {
-            console.log(`\nEpoch ${epoch + 1}/${totalEpochs} Summary | ` +
-                `Avg Loss: ${avgLoss.toFixed(4)} | ` +
-                `Avg Reward: ${avgReward.toFixed(4)} | ` +
-                `Avg Advantage: ${avgAdvantage.toFixed(4)} | ` +
-                `Total Tokens: ${totalTokens.toFixed(0)}`);
-        }
-        if (this.jsonlPath) {
-            this.writeJsonl({
-                event: 'epoch',
-                epoch: epoch + 1,
-                avg_loss: avgLoss,
-                avg_reward: avgReward,
-                avg_advantage: avgAdvantage,
-                total_tokens: totalTokens,
-                timestamp: new Date().toISOString(),
-            });
-        }
-        // Reset aggregators
-        this.epochLoss.reset();
-        this.epochReward.reset();
-        this.epochAdvantage.reset();
-        this.epochTokens.reset();
-    }
-    /** Log checkpoint saved */
-    checkpoint(path, step) {
-        if (this.config.tuiMode) {
-            this.writeTui({ type: 'checkpoint', path, step });
-        }
-        else if (this.config.logConsole) {
-            console.log(`💾 Checkpoint saved: ${path}`);
-        }
-        if (this.jsonlPath) {
-            this.writeJsonl({
-                event: 'checkpoint',
-                step,
-                path,
-                timestamp: new Date().toISOString(),
-            });
-        }
-    }
-    /** Log training completion */
-    complete(totalSteps) {
-        const totalTime = Date.now() - this.startTime;
-        const totalMinutes = totalTime / 60000;
-        const totalTimeSecs = totalTime / 1000;
-        if (this.config.tuiMode) {
-            this.writeTui({ type: 'complete', totalSteps, totalTimeSecs });
-        }
-        else if (this.config.logConsole) {
-            console.log(`\n✓ Training complete! Final step: ${totalSteps} | Total time: ${totalMinutes.toFixed(2)} minutes`);
-        }
-        if (this.jsonlPath) {
-            this.writeJsonl({
-                event: 'training_complete',
-                final_step: totalSteps,
-                total_time_ms: totalTime,
-                timestamp: new Date().toISOString(),
-            });
-        }
-    }
-    /** Log generation sample (TUI only) */
-    generation(sample) {
-        if (!this.config.tuiMode)
-            return;
-        this.writeTui({
-            type: 'generation',
-            index: sample.index,
-            prompt: sample.prompt,
-            completion: sample.completion,
-            reward: sample.reward,
-            tokens: sample.tokens,
-            rewardDetails: sample.rewardDetails,
-        });
-    }
-    /** Log training paused (TUI only) */
-    paused(step) {
-        if (!this.config.tuiMode)
-            return;
-        this.writeTui({ type: 'paused', step });
-    }
-    /** Log training resumed (TUI only) */
-    resumed(step) {
-        if (!this.config.tuiMode)
-            return;
-        this.writeTui({ type: 'resumed', step });
-    }
-    /** Log database path for TUI DB tab */
-    databasePath(path, runId, runName) {
-        if (!this.config.tuiMode)
-            return;
-        this.writeTui({ type: 'database_path', path, runId, runName });
-    }
-    /**
-     * Send resume state to TUI for sparkline and aggregate restoration.
-     * Called when resuming from checkpoint to restore TUI history.
-     */
-    resumeState(state) {
-        if (!this.config.tuiMode)
-            return;
-        this.writeTui({
-            type: 'resume_state',
-            step: state.step,
-            epoch: state.epoch,
-            totalEpochs: state.totalEpochs,
-            stepInEpoch: state.stepInEpoch,
-            totalStepsInEpoch: state.totalStepsInEpoch,
-            metricsHistory: state.metricsHistory,
-            aggregates: state.aggregates,
-        });
-    }
-    /**
-     * Send an interactive prompt to the TUI and wait for response.
-     * Only works in TUI mode - returns null in non-TUI mode.
-     *
-     * @param id - Unique ID for this prompt
-     * @param message - Message to display
-     * @param choices - Available choices
-     * @param options - Prompt options
-     * @returns The selected value(s), or null if not in TUI mode.
-     *          For multi-select, returns comma-separated values (use promptMulti for array).
-     */
-    async prompt(id, message, choices, options) {
-        if (!this.config.tuiMode) {
-            return null; // Caller should handle non-TUI mode
-        }
-        const defaultIndices = options?.default !== undefined
-            ? Array.isArray(options.default)
-                ? options.default
-                : [options.default]
-            : undefined;
-        // Send prompt to TUI
-        this.writeTui({
-            type: 'prompt',
-            id,
-            message,
-            choices,
-            default: defaultIndices,
-            multiSelect: options?.multiSelect ?? false,
-        });
-        // Wait for response via stdin
-        return new Promise((resolve) => {
-            const onData = (data) => {
-                const line = data.toString().trim();
-                // Expected format: PROMPT:<id>:<value>
-                // For multi-select, value is comma-separated
-                if (line.startsWith('PROMPT:')) {
-                    const parts = line.split(':');
-                    if (parts.length >= 3 && parts[1] === id) {
-                        const value = parts.slice(2).join(':'); // Handle values with colons
-                        process.stdin.removeListener('data', onData);
-                        process.stdin.pause();
-                        resolve(value);
-                    }
-                }
-            };
-            process.stdin.resume();
-            process.stdin.on('data', onData);
-        });
-    }
-    /**
-     * Send a multi-select prompt to the TUI and wait for response.
-     * Convenience wrapper that returns an array of selected values.
-     *
-     * @param id - Unique ID for this prompt
-     * @param message - Message to display
-     * @param choices - Available choices
-     * @param defaultIndices - Optional default selection indices
-     * @returns Array of selected values, or null if not in TUI mode
-     */
-    async promptMulti(id, message, choices, defaultIndices) {
-        const result = await this.prompt(id, message, choices, {
-            multiSelect: true,
-            default: defaultIndices,
-        });
-        if (result === null)
-            return null;
-        if (result === '')
-            return []; // No selections
-        return result.split(',');
-    }
-    // ==========================================================================
-    // Accessors
-    // ==========================================================================
-    /** Check if TUI mode is enabled */
-    get isTuiMode() {
-        return this.config.tuiMode;
-    }
-    /** Get the log interval */
-    get logInterval() {
-        return this.config.logInterval;
-    }
-    // ==========================================================================
-    // Internal Methods
-    // ==========================================================================
-    writeTui(msg) {
-        if (!this.config.tuiMode)
-            return;
-        process.stdout.write(JSON.stringify(msg) + '\n');
-    }
-    writeJsonl(data) {
-        if (!this.jsonlPath)
-            return;
-        try {
-            const line = JSON.stringify(data) + '\n';
-            appendFileSync(this.jsonlPath, line, 'utf8');
-        }
-        catch {
-            // Silently ignore - logging shouldn't crash training
-        }
-    }
-}
-// ============================================================================
-// Factory Function
-// ============================================================================
-/**
- * Create a training logger instance
- *
- * @example
- * ```typescript
- * // Auto-detect TUI mode from environment
- * const logger = createTrainingLogger();
- *
- * // Explicit configuration
- * const logger = createTrainingLogger({
- *   tuiMode: false,
- *   logConsole: true,
- *   logJsonl: true,
- *   outputDir: './outputs',
- *   logInterval: 10,
- * });
- * ```
- */
-export function createTrainingLogger(config) {
-    return new TrainingLogger(config);
-}

package/dist/types.d.ts

@@ -1,54 +0,0 @@
-export type { CompletionInfo, RewardOutput } from '@mlx-node/core';
-import type { RewardOutput } from '@mlx-node/core';
-export type ChatRole = 'system' | 'user' | 'assistant' | 'tool';
-export interface ChatMessage {
-    role: ChatRole;
-    content: string;
-}
-export interface CompletionMessage extends ChatMessage {
-}
-export type Completion = CompletionMessage[];
-export type DatasetSplit = 'train' | 'test' | (string & {});
-export interface DatasetExample {
-    prompt: ChatMessage[];
-    metadata?: Record<string, unknown>;
-}
-export interface XmlParseResult {
-    reasoning: string | null;
-    answer: string | null;
-    isStrictMatch: boolean;
-    isSoftMatch: boolean;
-    errors: string[];
-}
-export interface RewardComputationInput {
-    prompts: ChatMessage[][];
-    completions: Completion[];
-    answers: (string | null)[];
-}
-/**
- * Unified reward function type for GRPO training.
- *
- * Takes an array of RewardOutput objects containing structured completion data.
- * Returns rewards for each completion (one per output).
- */
-export type RewardFunction<T = unknown> = (outputs: RewardOutput[], context: T) => number[] | Float32Array | Promise<number[] | Float32Array>;
-export interface PromptFormatterOptions {
-    includeOneShot?: boolean;
-    oneShotExample?: {
-        question: string;
-        reasoning: string;
-        answer: string;
-    };
-}
-export type PromptTemplate = (question: string, options?: PromptFormatterOptions) => ChatMessage[];
-/**
- * Converts a ChatMessage array to a string for reward function input
- *
- * This allows customization of how prompts are formatted as strings
- * for different model architectures (Qwen3, Llama, etc.)
- */
-export type PromptFormatter = (messages: ChatMessage[]) => string;
-export interface DatasetLoader {
-    load(split: DatasetSplit, limit?: number): Promise<DatasetExample[]>;
-}
-//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AACA,YAAY,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AACnE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAEnD,MAAM,MAAM,QAAQ,GAAG,QAAQ,GAAG,MAAM,GAAG,WAAW,GAAG,MAAM,CAAC;AAEhE,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,QAAQ,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,iBAAkB,SAAQ,WAAW;CAAG;AAEzD,MAAM,MAAM,UAAU,GAAG,iBAAiB,EAAE,CAAC;AAE7C,MAAM,MAAM,YAAY,GAAG,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;AAE5D,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,WAAW,EAAE,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,aAAa,EAAE,OAAO,CAAC;IACvB,WAAW,EAAE,OAAO,CAAC;IACrB,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,WAAW,EAAE,EAAE,CAAC;IACzB,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,OAAO,EAAE,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC;CAC5B;AAED;;;;;GAKG;AACH,MAAM,MAAM,cAAc,CAAC,CAAC,GAAG,OAAO,IAAI,CACxC,OAAO,EAAE,YAAY,EAAE,EACvB,OAAO,EAAE,CAAC,KACP,MAAM,EAAE,GAAG,YAAY,GAAG,OAAO,CAAC,MAAM,EAAE,GAAG,YAAY,CAAC,CAAC;AAEhE,MAAM,WAAW,sBAAsB;IACrC,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,cAAc,CAAC,EAAE;QACf,QAAQ,EAAE,MAAM,CAAC;QACjB,SAAS,EAAE,MAAM,CAAC;QAClB,MAAM,EAAE,MAAM,CAAC;KAChB,CAAC;CACH;AAED,MAAM,MAAM,cAAc,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,sBAAsB,KAAK,WAAW,EAAE,CAAC;AAEnG;;;;;GAKG;AACH,MAAM,MAAM,eAAe,GAAG,CAAC,QAAQ,EAAE,WAAW,EAAE,KAAK,MAAM,CAAC;AAElE,MAAM,WAAW,aAAa;IAC5B,IAAI,CAAC,KAAK,EAAE,YAAY,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC;CACtE"}

package/dist/types.js

@@ -1 +0,0 @@
-export {};

package/dist/utils/path-security.d.ts

@@ -1,51 +0,0 @@
-/**
- * Path security utilities to prevent directory traversal attacks.
- *
- * These utilities ensure that user-provided paths stay within allowed directories,
- * preventing malicious paths like `../../../etc/` from accessing arbitrary files.
- */
-/**
- * Error thrown when a path traversal attempt is detected.
- */
-export declare class PathTraversalError extends Error {
-    readonly resolvedPath: string;
-    readonly allowedRoot: string;
-    constructor(resolvedPath: string, allowedRoot: string);
-}
-/**
- * Validates that a resolved path is contained within an allowed root directory.
- * Prevents path traversal attacks via '../' sequences.
- *
- * @param resolvedPath - The fully resolved absolute path to validate
- * @param allowedRoot - The root directory that paths must be contained within
- * @throws PathTraversalError if path escapes the allowed root
- */
-export declare function validatePathContainment(resolvedPath: string, allowedRoot: string): void;
-/**
- * Resolves a user-provided path and validates it stays within an allowed root.
- *
- * @param userPath - The user-provided path (may be relative or absolute)
- * @param allowedRoot - The root directory that the path must be contained within
- * @returns The resolved absolute path
- * @throws PathTraversalError if the resolved path escapes the allowed root
- */
-export declare function resolveAndValidatePath(userPath: string, allowedRoot: string): string;
-/**
- * Options for configuring path validation behavior.
- */
-export interface PathValidationOptions {
-    /**
-     * The root directory that all paths must be contained within.
-     * Defaults to process.cwd() if not specified.
-     */
-    allowedRoot?: string;
-}
-/**
- * Get the allowed root directory from options or environment.
- * Checks MLX_NODE_DATA_ROOT environment variable first, then falls back to cwd.
- *
- * @param options - Optional validation options
- * @returns The allowed root directory path
- */
-export declare function getAllowedRoot(options?: PathValidationOptions): string;
-//# sourceMappingURL=path-security.d.ts.map

package/dist/utils/path-security.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"path-security.d.ts","sourceRoot":"","sources":["../../src/utils/path-security.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH;;GAEG;AACH,qBAAa,kBAAmB,SAAQ,KAAK;aAEzB,YAAY,EAAE,MAAM;aACpB,WAAW,EAAE,MAAM;gBADnB,YAAY,EAAE,MAAM,EACpB,WAAW,EAAE,MAAM;CAKtC;AAED;;;;;;;GAOG;AACH,wBAAgB,uBAAuB,CAAC,YAAY,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,IAAI,CAWvF;AAED;;;;;;;GAOG;AACH,wBAAgB,sBAAsB,CAAC,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,MAAM,CAIpF;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;;;;;GAMG;AACH,wBAAgB,cAAc,CAAC,OAAO,CAAC,EAAE,qBAAqB,GAAG,MAAM,CAYtE"}