@mondaydotcomorg/atp-server 0.17.14

package/dist/execution-state/index.d.ts

@@ -0,0 +1,95 @@
+import type { ExecutionConfig, CallbackType, CacheProvider } from '@mondaydotcomorg/atp-protocol';
+import type { ProvenanceState, ProvenanceSnapshot } from '@mondaydotcomorg/atp-provenance';
+/**
+ * Callback request sent to client when execution is paused
+ */
+export interface CallbackRequest {
+    type: CallbackType;
+    operation: string;
+    payload: Record<string, unknown>;
+}
+/**
+ * Callback execution record for replay
+ */
+export interface CallbackRecord {
+    type: CallbackType;
+    operation: string;
+    payload: Record<string, unknown>;
+    result?: unknown;
+    timestamp: number;
+    sequenceNumber: number;
+}
+/**
+ * Paused execution state
+ */
+export interface PausedExecution {
+    executionId: string;
+    code: string;
+    config: ExecutionConfig;
+    clientId: string;
+    callbackRequest: CallbackRequest;
+    pausedAt: number;
+    callbackHistory: CallbackRecord[];
+    currentCallbackIndex: number;
+    context: {
+        variables?: Record<string, unknown>;
+        codeTransformed?: boolean;
+    };
+    provenanceState?: ProvenanceState | ProvenanceSnapshot;
+}
+/**
+ * Execution state manager using CacheProvider
+ * Works with any CacheProvider (MemoryCache, RedisCache, etc.)
+ */
+export declare class ExecutionStateManager {
+    private cache;
+    private keyPrefix;
+    private ttl;
+    private maxPauseDuration;
+    private metrics;
+    constructor(cache: CacheProvider, options?: {
+        keyPrefix?: string;
+        ttl?: number;
+        maxPauseDuration?: number;
+    });
+    /**
+     * Saves paused execution state
+     */
+    pause(state: PausedExecution): Promise<void>;
+    /**
+     * Retrieves paused execution state
+     */
+    get(executionId: string): Promise<PausedExecution | null>;
+    /**
+     * Deletes execution state
+     */
+    delete(executionId: string): Promise<void>;
+    /**
+     * Gets the full cache key for an execution ID
+     */
+    private getKey;
+    /**
+     * Closes connections and cleanup
+     */
+    close(): Promise<void>;
+    /**
+     * Gets storage type from cache provider
+     */
+    getStorageType(): string;
+    /**
+     * Gets pause/resume metrics
+     */
+    getMetrics(): {
+        successRate: string;
+        expiredRate: string;
+        totalPauses: number;
+        totalResumes: number;
+        totalExpired: number;
+        totalFailed: number;
+    };
+    /**
+     * Resets metrics (useful for testing)
+     */
+    resetMetrics(): void;
+}
+//# sourceMappingURL=index.d.ts.map

package/dist/execution-state/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/execution-state/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAClG,OAAO,KAAK,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAE3F;;GAEG;AACH,MAAM,WAAW,eAAe;IAC/B,IAAI,EAAE,YAAY,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC9B,IAAI,EAAE,YAAY,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,eAAe,CAAC;IACxB,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,eAAe,CAAC;IACjC,QAAQ,EAAE,MAAM,CAAC;IAEjB,eAAe,EAAE,cAAc,EAAE,CAAC;IAClC,oBAAoB,EAAE,MAAM,CAAC;IAE7B,OAAO,EAAE;QACR,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACpC,eAAe,CAAC,EAAE,OAAO,CAAC;KAC1B,CAAC;IAEF,eAAe,CAAC,EAAE,eAAe,GAAG,kBAAkB,CAAC;CACvD;AAED;;;GAGG;AACH,qBAAa,qBAAqB;IACjC,OAAO,CAAC,KAAK,CAAgB;IAC7B,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,GAAG,CAAS;IACpB,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,OAAO,CAKb;gBAGD,KAAK,EAAE,aAAa,EACpB,OAAO,CAAC,EAAE;QACT,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,gBAAgB,CAAC,EAAE,MAAM,CAAC;KAC1B;IAoBF;;OAEG;IACG,KAAK,CAAC,KAAK,EAAE,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAiBlD;;OAEG;IACG,GAAG,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC;IA8B/D;;OAEG;IACG,MAAM,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAMhD;;OAEG;IACH,OAAO,CAAC,MAAM;IAId;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAO5B;;OAEG;IACH,cAAc,IAAI,MAAM;IAIxB;;OAEG;IACH,UAAU;;;qBAzHI,MAAM;sBACL,MAAM;sBACN,MAAM;qBACP,MAAM;;IAoIpB;;OAEG;IACH,YAAY,IAAI,IAAI;CAQpB"}

package/dist/execution-state/index.js

@@ -0,0 +1,128 @@
+import { log } from '@mondaydotcomorg/atp-runtime';
+/**
+ * Execution state manager using CacheProvider
+ * Works with any CacheProvider (MemoryCache, RedisCache, etc.)
+ */
+export class ExecutionStateManager {
+    cache;
+    keyPrefix;
+    ttl;
+    maxPauseDuration;
+    metrics;
+    constructor(cache, options) {
+        this.cache = cache;
+        this.keyPrefix = options?.keyPrefix || 'atp:execution:';
+        this.ttl = options?.ttl || 3600;
+        this.maxPauseDuration = (options?.maxPauseDuration ?? 3600) * 1000;
+        this.metrics = {
+            totalPauses: 0,
+            totalResumes: 0,
+            totalExpired: 0,
+            totalFailed: 0,
+        };
+        log.info('ExecutionStateManager initialized', {
+            cacheProvider: cache.name,
+            ttl: this.ttl,
+            maxPauseDuration: this.maxPauseDuration / 1000,
+        });
+    }
+    /**
+     * Saves paused execution state
+     */
+    async pause(state) {
+        this.metrics.totalPauses++;
+        const key = this.getKey(state.executionId);
+        const serialized = JSON.stringify(state);
+        await this.cache.set(key, serialized, this.ttl);
+        log.info('Execution paused', {
+            executionId: state.executionId,
+            clientId: state.clientId,
+            callbackType: state.callbackRequest.type,
+            cacheProvider: this.cache.name,
+            ttl: this.ttl,
+            maxPauseDuration: this.maxPauseDuration / 1000,
+        });
+    }
+    /**
+     * Retrieves paused execution state
+     */
+    async get(executionId) {
+        const key = this.getKey(executionId);
+        const serialized = await this.cache.get(key);
+        if (!serialized) {
+            log.warn('Execution not found or expired', { executionId });
+            this.metrics.totalExpired++;
+            return null;
+        }
+        const state = JSON.parse(serialized);
+        const pauseDuration = Date.now() - state.pausedAt;
+        if (pauseDuration > this.maxPauseDuration) {
+            log.warn('Execution pause duration exceeded maximum', {
+                executionId,
+                pauseDuration: pauseDuration / 1000,
+                maxDuration: this.maxPauseDuration / 1000,
+            });
+            await this.delete(executionId);
+            this.metrics.totalExpired++;
+            return null;
+        }
+        await this.cache.set(key, serialized, this.ttl);
+        this.metrics.totalResumes++;
+        return state;
+    }
+    /**
+     * Deletes execution state
+     */
+    async delete(executionId) {
+        const key = this.getKey(executionId);
+        await this.cache.delete(key);
+        log.debug('Execution state deleted', { executionId });
+    }
+    /**
+     * Gets the full cache key for an execution ID
+     */
+    getKey(executionId) {
+        return `${this.keyPrefix}${executionId}`;
+    }
+    /**
+     * Closes connections and cleanup
+     */
+    async close() {
+        if (this.cache.disconnect) {
+            await this.cache.disconnect();
+        }
+        log.debug('ExecutionStateManager closed');
+    }
+    /**
+     * Gets storage type from cache provider
+     */
+    getStorageType() {
+        return this.cache.name;
+    }
+    /**
+     * Gets pause/resume metrics
+     */
+    getMetrics() {
+        return {
+            ...this.metrics,
+            successRate: this.metrics.totalResumes > 0
+                ? ((this.metrics.totalResumes / (this.metrics.totalPauses || 1)) * 100).toFixed(2) + '%'
+                : '0%',
+            expiredRate: this.metrics.totalExpired > 0
+                ? ((this.metrics.totalExpired / (this.metrics.totalPauses || 1)) * 100).toFixed(2) + '%'
+                : '0%',
+        };
+    }
+    /**
+     * Resets metrics (useful for testing)
+     */
+    resetMetrics() {
+        this.metrics = {
+            totalPauses: 0,
+            totalResumes: 0,
+            totalExpired: 0,
+            totalFailed: 0,
+        };
+    }
+}
+//# sourceMappingURL=index.js.map

package/dist/execution-state/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/execution-state/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,8BAA8B,CAAC;AA+CnD;;;GAGG;AACH,MAAM,OAAO,qBAAqB;IACzB,KAAK,CAAgB;IACrB,SAAS,CAAS;IAClB,GAAG,CAAS;IACZ,gBAAgB,CAAS;IACzB,OAAO,CAKb;IAEF,YACC,KAAoB,EACpB,OAIC;QAED,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,gBAAgB,CAAC;QACxD,IAAI,CAAC,GAAG,GAAG,OAAO,EAAE,GAAG,IAAI,IAAI,CAAC;QAChC,IAAI,CAAC,gBAAgB,GAAG,CAAC,OAAO,EAAE,gBAAgB,IAAI,IAAI,CAAC,GAAG,IAAI,CAAC;QACnE,IAAI,CAAC,OAAO,GAAG;YACd,WAAW,EAAE,CAAC;YACd,YAAY,EAAE,CAAC;YACf,YAAY,EAAE,CAAC;YACf,WAAW,EAAE,CAAC;SACd,CAAC;QAEF,GAAG,CAAC,IAAI,CAAC,mCAAmC,EAAE;YAC7C,aAAa,EAAE,KAAK,CAAC,IAAI;YACzB,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,gBAAgB,EAAE,IAAI,CAAC,gBAAgB,GAAG,IAAI;SAC9C,CAAC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAC,KAAsB;QACjC,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;QAE3B,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAC3C,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QACzC,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;QAEhD,GAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE;YAC5B,WAAW,EAAE,KAAK,CAAC,WAAW;YAC9B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,YAAY,EAAE,KAAK,CAAC,eAAe,CAAC,IAAI;YACxC,aAAa,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI;YAC9B,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,gBAAgB,EAAE,IAAI,CAAC,gBAAgB,GAAG,IAAI;SAC9C,CAAC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAC,WAAmB;QAC5B,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QACrC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAE7C,IAAI,CAAC,UAAU,EAAE,CAAC;YACjB,GAAG,CAAC,IAAI,CAAC,gCAAgC,EAAE,EAAE,WAAW,EAAE,CAAC,CAAC;YAC5D,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC;QACb,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,UAAoB,CAAoB,CAAC;QAElE,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,QAAQ,CAAC;QAClD,IAAI,aAAa,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3C,GAAG,CAAC,IAAI,CAAC,2CAA2C,EAAE;gBACrD,WAAW;gBACX,aAAa,EAAE,aAAa,GAAG,IAAI;gBACnC,WAAW,EAAE,IAAI,CAAC,gBAAgB,GAAG,IAAI;aACzC,CAAC,CAAC;YACH,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YAC/B,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC;QACb,CAAC;QAED,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;QAEhD,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;QAC5B,OAAO,KAAK,CAAC;IACd,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,WAAmB;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QACrC,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7B,GAAG,CAAC,KAAK,CAAC,yBAAyB,EAAE,EAAE,WAAW,EAAE,CAAC,CAAC;IACvD,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,WAAmB;QACjC,OAAO,GAAG,IAAI,CAAC,SAAS,GAAG,WAAW,EAAE,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK;QACV,IAAI,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC;YAC3B,MAAM,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC;QAC/B,CAAC;QACD,GAAG,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC3C,CAAC;IAED;;OAEG;IACH,cAAc;QACb,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,UAAU;QACT,OAAO;YACN,GAAG,IAAI,CAAC,OAAO;YACf,WAAW,EACV,IAAI,CAAC,OAAO,CAAC,YAAY,GAAG,CAAC;gBAC5B,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,IAAI,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,GAAG;gBACxF,CAAC,CAAC,IAAI;YACR,WAAW,EACV,IAAI,CAAC,OAAO,CAAC,YAAY,GAAG,CAAC;gBAC5B,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,IAAI,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,GAAG;gBACxF,CAAC,CAAC,IAAI;SACR,CAAC;IACH,CAAC;IAED;;OAEG;IACH,YAAY;QACX,IAAI,CAAC,OAAO,GAAG;YACd,WAAW,EAAE,CAAC;YACd,YAAY,EAAE,CAAC;YACf,YAAY,EAAE,CAAC;YACf,WAAW,EAAE,CAAC;SACd,CAAC;IACH,CAAC;CACD"}

package/dist/executor/ast-provenance-bridge.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Bridge between AST tracker in isolated-vm and host policy engine
+ */
+import * as ivm from 'isolated-vm';
+export declare function registerIsolateContext(executionId: string, context: ivm.Context): void;
+export declare function unregisterIsolateContext(executionId: string): void;
+/**
+ * Create a getProvenance function that can check AST tracker inside the isolate
+ * Falls back to host-side getProvenance for hint-based tracking
+ */
+export declare function createASTProvenanceChecker(executionId: string): (value: unknown) => any;
+//# sourceMappingURL=ast-provenance-bridge.d.ts.map

package/dist/executor/ast-provenance-bridge.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ast-provenance-bridge.d.ts","sourceRoot":"","sources":["../../src/executor/ast-provenance-bridge.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,KAAK,GAAG,MAAM,aAAa,CAAC;AASnC,wBAAgB,sBAAsB,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,GAAG,IAAI,CAEtF;AAED,wBAAgB,wBAAwB,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI,CAElE;AAED;;;GAGG;AACH,wBAAgB,0BAA0B,CAAC,WAAW,EAAE,MAAM,GAAG,CAAC,KAAK,EAAE,OAAO,KAAK,GAAG,CAuDvF"}

package/dist/executor/ast-provenance-bridge.js

@@ -0,0 +1,66 @@
+import { getProvenance, getProvenanceForPrimitive } from '@mondaydotcomorg/atp-provenance';
+// Store active isolate contexts for AST mode provenance checking
+const activeIsolates = new Map();
+// Cache the getProvenance function to avoid repeated requires
+let cachedGetProvenance = null;
+export function registerIsolateContext(executionId, context) {
+    activeIsolates.set(executionId, context);
+}
+export function unregisterIsolateContext(executionId) {
+    activeIsolates.delete(executionId);
+}
+/**
+ * Create a getProvenance function that can check AST tracker inside the isolate
+ * Falls back to host-side getProvenance for hint-based tracking
+ */
+export function createASTProvenanceChecker(executionId) {
+    return (value) => {
+        const context = activeIsolates.get(executionId);
+        // First, try checking in the isolate's AST tracker
+        if (context) {
+            try {
+                // Serialize the value to pass into isolate for checking
+                const valueStr = typeof value === 'string' || typeof value === 'number'
+                    ? JSON.stringify(String(value))
+                    : JSON.stringify(value);
+                // Call __check_provenance inside the isolate
+                const checkCode = `
+					(function() {
+						try {
+							if (typeof globalThis.__check_provenance !== 'function') {
+								return null;
+							}
+							const value = ${valueStr};
+							const result = globalThis.__check_provenance(value);
+							return result;
+						} catch (e) {
+							return null;
+						}
+					})()
+				`;
+                const result = context.evalSync(checkCode, { timeout: 100, copy: true });
+                if (result) {
+                    return result;
+                }
+            }
+            catch (error) {
+                // Fall through to host check
+            }
+        }
+        // Fall back to host-side provenance check (for hints and registered metadata)
+        // This is critical for checking primitives that were registered via hints
+        if (!cachedGetProvenance) {
+            cachedGetProvenance = getProvenance;
+        }
+        const hostResult = cachedGetProvenance?.(value);
+        // Also check getProvenanceForPrimitive for tainted primitives
+        if (!hostResult && (typeof value === 'string' || typeof value === 'number')) {
+            const primitiveResult = getProvenanceForPrimitive?.(value);
+            if (primitiveResult) {
+                return primitiveResult;
+            }
+        }
+        return hostResult;
+    };
+}
+//# sourceMappingURL=ast-provenance-bridge.js.map

package/dist/executor/ast-provenance-bridge.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ast-provenance-bridge.js","sourceRoot":"","sources":["../../src/executor/ast-provenance-bridge.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,aAAa,EAAE,yBAAyB,EAAE,MAAM,iCAAiC,CAAC;AAE3F,iEAAiE;AACjE,MAAM,cAAc,GAAG,IAAI,GAAG,EAAuB,CAAC;AAEtD,8DAA8D;AAC9D,IAAI,mBAAmB,GAAqC,IAAI,CAAC;AAEjE,MAAM,UAAU,sBAAsB,CAAC,WAAmB,EAAE,OAAoB;IAC/E,cAAc,CAAC,GAAG,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;AAC1C,CAAC;AAED,MAAM,UAAU,wBAAwB,CAAC,WAAmB;IAC3D,cAAc,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;AACpC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,0BAA0B,CAAC,WAAmB;IAC7D,OAAO,CAAC,KAAc,EAAE,EAAE;QACzB,MAAM,OAAO,GAAG,cAAc,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAEhD,mDAAmD;QACnD,IAAI,OAAO,EAAE,CAAC;YACb,IAAI,CAAC;gBACJ,wDAAwD;gBACxD,MAAM,QAAQ,GACb,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,KAAK,QAAQ;oBACrD,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;oBAC/B,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBAE1B,6CAA6C;gBAC7C,MAAM,SAAS,GAAG;;;;;;uBAMC,QAAQ;;;;;;;KAO1B,CAAC;gBAEF,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,SAAS,EAAE,EAAE,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;gBACzE,IAAI,MAAM,EAAE,CAAC;oBACZ,OAAO,MAAM,CAAC;gBACf,CAAC;YACF,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBAChB,6BAA6B;YAC9B,CAAC;QACF,CAAC;QAED,8EAA8E;QAC9E,0EAA0E;QAC1E,IAAI,CAAC,mBAAmB,EAAE,CAAC;YAC1B,mBAAmB,GAAG,aAAa,CAAC;QACrC,CAAC;QACD,MAAM,UAAU,GAAG,mBAAmB,EAAE,CAAC,KAAK,CAAC,CAAC;QAEhD,8DAA8D;QAC9D,IAAI,CAAC,UAAU,IAAI,CAAC,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,KAAK,QAAQ,CAAC,EAAE,CAAC;YAC7E,MAAM,eAAe,GAAG,yBAAyB,EAAE,CAAC,KAAK,CAAC,CAAC;YAC3D,IAAI,eAAe,EAAE,CAAC;gBACrB,OAAO,eAAe,CAAC;YACxB,CAAC;QACF,CAAC;QAED,OAAO,UAAU,CAAC;IACnB,CAAC,CAAC;AACH,CAAC"}

package/dist/executor/ast-tracking-runtime.d.ts

@@ -0,0 +1,7 @@
+/**
+ * AST Provenance Tracking Runtime for isolated-vm
+ * This code is injected into the isolate and runs INSIDE the sandbox
+ * It must be plain JavaScript with no imports
+ */
+export declare const AST_TRACKING_RUNTIME = "\n// Pure JavaScript SHA-256 implementation for digest computation\nfunction sha256(str) {\n\tfunction rightRotate(value, amount) {\n\t\treturn (value >>> amount) | (value << (32 - amount));\n\t}\n\t\n\tconst mathPow = Math.pow;\n\tconst maxWord = mathPow(2, 32);\n\tconst lengthProperty = 'length';\n\tlet i, j;\n\tlet result = '';\n\t\n\tconst words = [];\n\tconst asciiBitLength = str[lengthProperty] * 8;\n\t\n\tlet hash = sha256.h = sha256.h || [];\n\tconst k = sha256.k = sha256.k || [];\n\tlet primeCounter = k[lengthProperty];\n\t\n\tconst isComposite = {};\n\tfor (let candidate = 2; primeCounter < 64; candidate++) {\n\t\tif (!isComposite[candidate]) {\n\t\t\tfor (i = 0; i < 313; i += candidate) {\n\t\t\t\tisComposite[i] = candidate;\n\t\t\t}\n\t\t\thash[primeCounter] = (mathPow(candidate, .5) * maxWord) | 0;\n\t\t\tk[primeCounter++] = (mathPow(candidate, 1 / 3) * maxWord) | 0;\n\t\t}\n\t}\n\t\n\tstr += '\\x80';\n\twhile (str[lengthProperty] % 64 - 56) str += '\\x00';\n\tfor (i = 0; i < str[lengthProperty]; i++) {\n\t\tj = str.charCodeAt(i);\n\t\tif (j >> 8) return;\n\t\twords[i >> 2] |= j << ((3 - i) % 4) * 8;\n\t}\n\twords[words[lengthProperty]] = ((asciiBitLength / maxWord) | 0);\n\twords[words[lengthProperty]] = (asciiBitLength);\n\t\n\tfor (j = 0; j < words[lengthProperty];) {\n\t\tconst w = words.slice(j, j += 16);\n\t\tconst oldHash = hash;\n\t\thash = hash.slice(0, 8);\n\t\t\n\t\tfor (i = 0; i < 64; i++) {\n\t\t\tconst w15 = w[i - 15], w2 = w[i - 2];\n\t\t\t\n\t\t\tconst a = hash[0], e = hash[4];\n\t\t\tconst temp1 = hash[7]\n\t\t\t\t+ (rightRotate(e, 6) ^ rightRotate(e, 11) ^ rightRotate(e, 25))\n\t\t\t\t+ ((e & hash[5]) ^ ((~e) & hash[6]))\n\t\t\t\t+ k[i]\n\t\t\t\t+ (w[i] = (i < 16) ? w[i] : (\n\t\t\t\t\t\tw[i - 16]\n\t\t\t\t\t\t+ (rightRotate(w15, 7) ^ rightRotate(w15, 18) ^ (w15 >>> 3))\n\t\t\t\t\t\t+ w[i - 7]\n\t\t\t\t\t\t+ (rightRotate(w2, 17) ^ rightRotate(w2, 19) ^ (w2 >>> 10))\n\t\t\t\t\t) | 0\n\t\t\t\t);\n\t\t\tconst temp2 = (rightRotate(a, 2) ^ rightRotate(a, 13) ^ rightRotate(a, 22))\n\t\t\t\t+ ((a & hash[1]) ^ (a & hash[2]) ^ (hash[1] & hash[2]));\n\t\t\t\n\t\t\thash = [(temp1 + temp2) | 0].concat(hash);\n\t\t\thash[4] = (hash[4] + temp1) | 0;\n\t\t}\n\t\t\n\t\tfor (i = 0; i < 8; i++) {\n\t\t\thash[i] = (hash[i] + oldHash[i]) | 0;\n\t\t}\n\t}\n\t\n\tfor (i = 0; i < 8; i++) {\n\t\tfor (j = 3; j + 1; j--) {\n\t\t\tconst b = (hash[i] >> (j * 8)) & 255;\n\t\t\tresult += ((b < 16) ? 0 : '') + b.toString(16);\n\t\t}\n\t}\n\t\n\t// Convert hex to base64url\n\tconst hex = result;\n\tconst bytes = [];\n\tfor (let i = 0; i < hex.length; i += 2) {\n\t\tbytes.push(parseInt(hex.substring(i, i + 2), 16));\n\t}\n\tlet binary = '';\n\tfor (let i = 0; i < bytes.length; i++) {\n\t\tbinary += String.fromCharCode(bytes[i]);\n\t}\n\tconst base64 = btoa(binary);\n\treturn base64.replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=/g, '');\n}\n\nconst __astTracker = {\n\tmetadata: new Map(),\n\tnextId: 0,\n\thints: new Map(globalThis.__provenance_hints || []),\n\thintValues: new Map(globalThis.__provenance_hint_values || []),\n\t\n\t// SHA-256 digest computation to match server-side\n\tcomputeDigest(value) {\n\t\ttry {\n\t\t\tconst str = JSON.stringify(value);\n\t\t\treturn sha256(str);\n\t\t} catch (e) {\n\t\t\treturn null;\n\t\t}\n\t},\n\t\n\tgetId(value) {\n\t\tif (typeof value === 'object' && value !== null) {\n\t\t\tif (!value.__prov_id__) {\n\t\t\t\tconst id = 'tracked_' + this.nextId++;\n\t\t\t\ttry {\n\t\t\t\t\tObject.defineProperty(value, '__prov_id__', {\n\t\t\t\t\t\tvalue: id,\n\t\t\t\t\t\twritable: false,\n\t\t\t\t\t\tenumerable: false,\n\t\t\t\t\t\tconfigurable: true\n\t\t\t\t\t});\n\t\t\t\t} catch (e) {\n\t\t\t\t\treturn 'temp_' + Date.now() + '_' + Math.random();\n\t\t\t\t}\n\t\t\t\treturn id;\n\t\t\t}\n\t\t\treturn value.__prov_id__;\n\t\t}\n\t\treturn 'primitive_' + Date.now() + '_' + Math.random();\n\t},\n\t\n\ttrack(value, source, deps) {\n\t\ttry {\n\t\t\tconst id = this.getId(value);\n\t\t\tthis.metadata.set(id, { id, source, deps: deps || [] });\n\t\t\tconsole.log('[__track] Stored metadata:', id, 'source:', source.type, 'metadataSize:', this.metadata.size);\n\t\t\treturn value;\n\t\t} catch (error) {\n\t\t\tconsole.error('[__track] Error:', error);\n\t\t\treturn value;\n\t\t}\n\t},\n\t\n\ttrackBinary(left, right, operator) {\n\t\t// Perform the actual operation\n\t\tlet result;\n\t\tswitch (operator) {\n\t\t\tcase '+': result = left + right; break;\n\t\t\tcase '-': result = left - right; break;\n\t\t\tcase '*': result = left * right; break;\n\t\t\tcase '/': result = left / right; break;\n\t\t\tcase '%': result = left % right; break;\n\t\t\tcase '==': result = left == right; break;\n\t\t\tcase '===': result = left === right; break;\n\t\t\tcase '!=': result = left != right; break;\n\t\t\tcase '!==': result = left !== right; break;\n\t\t\tcase '<': result = left < right; break;\n\t\t\tcase '>': result = left > right; break;\n\t\t\tcase '<=': result = left <= right; break;\n\t\t\tcase '>=': result = left >= right; break;\n\t\t\tcase '&&': result = left && right; break;\n\t\t\tcase '||': result = left || right; break;\n\t\t\tdefault: result = left;\n\t\t}\n\t\t\n\t\t// Check if either operand has provenance\n\t\tlet hasToolSource = false;\n\t\tlet toolMetadata = null;\n\t\t\n\t\t// Helper to check primitive provenance\n\t\tconst checkPrimitive = (value) => {\n\t\t\tif (typeof value !== 'string' && typeof value !== 'number') {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\t\n\t\t\t// Check tainted key first\n\t\t\tconst taintedKey = 'tainted:' + String(value);\n\t\t\tconst taintedMeta = this.metadata.get(taintedKey);\n\t\t\tif (taintedMeta && taintedMeta.source && taintedMeta.source.type === 'tool') {\n\t\t\t\treturn taintedMeta;\n\t\t\t}\n\t\t\t\n\t\t\t// Check hint-based tracking\n\t\t\tconst digest = this.computeDigest(value);\n\t\t\tconst hintMeta = this.hints.get(digest);\n\t\t\tif (hintMeta && hintMeta.source && hintMeta.source.type === 'tool') {\n\t\t\t\treturn hintMeta;\n\t\t\t}\n\t\t\t\n\t\t\t// Check primitive map (id:key:value format)\n\t\t\tfor (const [key, meta] of this.metadata.entries()) {\n\t\t\t\tif (!key.startsWith('tainted:') && key.includes(':')) {\n\t\t\t\t\tconst parts = key.split(':');\n\t\t\t\t\tif (parts.length >= 3) {\n\t\t\t\t\t\tconst primitiveValue = parts.slice(2).join(':');\n\t\t\t\t\t\tif (primitiveValue === String(value) && meta.source && meta.source.type === 'tool') {\n\t\t\t\t\t\t\treturn meta;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t\t\n\t\t\treturn null;\n\t\t};\n\t\t\n\t\t// Check left operand\n\t\tif (typeof left === 'object' && left && left.__prov_id__) {\n\t\t\tconst leftMeta = this.metadata.get(left.__prov_id__);\n\t\t\tif (leftMeta && leftMeta.source && leftMeta.source.type === 'tool') {\n\t\t\t\thasToolSource = true;\n\t\t\t\ttoolMetadata = leftMeta;\n\t\t\t}\n\t\t} else {\n\t\t\tconst primMeta = checkPrimitive(left);\n\t\t\tif (primMeta) {\n\t\t\t\thasToolSource = true;\n\t\t\t\ttoolMetadata = primMeta;\n\t\t\t}\n\t\t}\n\t\t\n\t\t// Check right operand\n\t\tif (!hasToolSource) {\n\t\t\tif (typeof right === 'object' && right && right.__prov_id__) {\n\t\t\t\tconst rightMeta = this.metadata.get(right.__prov_id__);\n\t\t\t\tif (rightMeta && rightMeta.source && rightMeta.source.type === 'tool') {\n\t\t\t\t\thasToolSource = true;\n\t\t\t\t\ttoolMetadata = rightMeta;\n\t\t\t\t}\n\t\t\t} else {\n\t\t\t\tconst primMeta = checkPrimitive(right);\n\t\t\t\tif (primMeta) {\n\t\t\t\t\thasToolSource = true;\n\t\t\t\t\ttoolMetadata = primMeta;\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\t\n\t\t// If result is a string and has tool-sourced operand, mark it as tainted\n\t\tif (hasToolSource && toolMetadata && (typeof result === 'string' || typeof result === 'number')) {\n\t\t\tconst taintedKey = 'tainted:' + String(result);\n\t\t\t// Ensure metadata has all required fields, preserving readers from source\n\t\t\tconst fullMetadata = {\n\t\t\t\t...toolMetadata,\n\t\t\t\treaders: toolMetadata.readers || { type: 'restricted', readers: [] },\n\t\t\t\tdependencies: toolMetadata.dependencies || toolMetadata.deps || []\n\t\t\t};\n\t\t\tthis.metadata.set(taintedKey, fullMetadata);\n\t\t}\n\t\t\n\t\treturn result;\n\t},\n\t\n\ttrackAssign(name, value) {\n\t\treturn value;\n\t},\n\t\n\tasync trackMethod(object, method, args) {\n\t\t// Recursively wrap tainted primitives in arguments before calling the method\n\t\tfunction wrapTaintedInArgs(val, visited = new WeakSet()) {\n\t\t\tif (val === null || val === undefined) return val;\n\t\t\t\n\t\t\t// Check if this value has provenance\n\t\t\tconst prov = this.checkProvenance(val);\n\t\t\tif (prov && (typeof val === 'string' || typeof val === 'number')) {\n\t\t\t\t// Wrap tainted primitive\n\t\t\t\treturn { __tainted_value: val, __prov_meta: prov };\n\t\t\t}\n\t\t\t\n\t\t\t// Recursively process objects/arrays\n\t\t\tif (typeof val === 'object') {\n\t\t\t\tif (visited.has(val)) return val;\n\t\t\t\tvisited.add(val);\n\t\t\t\t\n\t\t\t\tif (Array.isArray(val)) {\n\t\t\t\t\treturn val.map(item => wrapTaintedInArgs.call(this, item, visited));\n\t\t\t\t} else {\n\t\t\t\t\tconst wrapped = {};\n\t\t\t\t\tfor (const [key, v] of Object.entries(val)) {\n\t\t\t\t\t\twrapped[key] = wrapTaintedInArgs.call(this, v, visited);\n\t\t\t\t\t}\n\t\t\t\t\treturn wrapped;\n\t\t\t\t}\n\t\t\t}\n\t\t\t\n\t\t\treturn val;\n\t\t}\n\t\t\n\t\t// Wrap arguments\n\t\tconst wrappedArgs = args.map(arg => wrapTaintedInArgs.call(this, arg));\n\t\t\n\t\t// Call the method with wrapped arguments\n\t\tif (typeof object === 'object' && object !== null && method in object) {\n\t\t\tconst result = await object[method](...wrappedArgs);\n\t\t\t\n\t\t\t// Track the result\n\t\t\tif (result && typeof result === 'object') {\n\t\t\t\tconst id = this.getId(result);\n\t\t\t\t\n\t\t\t\t// Extract authorized readers from common param patterns (email, userId, username, user)\n\t\t\t\t// Match server-side logic in sandbox-builder.ts (lines 459-470)\n\t\t\t\tlet authorizedReaders = [];\n\t\t\t\tfor (const arg of args) {\n\t\t\t\t\tif (arg && typeof arg === 'object') {\n\t\t\t\t\t\t// Check for user identifier fields (email, user, userId only - no generic 'id')\n\t\t\t\t\t\tconst value = arg.email || arg.user || arg.userId;\n\t\t\t\t\t\tif (typeof value === 'string' && value.length > 0) {\n\t\t\t\t\t\t\tauthorizedReaders.push(value);\n\t\t\t\t\t\t\tbreak; // Only take first identifier\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\t\n\t\t\t\t// If no email found, use tool-scoped authorization (matches server logic line 467-470)\n\t\t\t\tif (authorizedReaders.length === 0) {\n\t\t\t\t\tauthorizedReaders = ['tool:' + method];\n\t\t\t\t}\n\t\t\t\t\n\t\t\t\t// Tool data should be restricted by default to prevent exfiltration\n\t\t\t\tconst metadata = { \n\t\t\t\t\tid, \n\t\t\t\t\tsource: { \n\t\t\t\t\t\ttype: 'tool', \n\t\t\t\t\t\toperation: method, \n\t\t\t\t\t\ttoolName: method, \n\t\t\t\t\t\ttimestamp: Date.now() \n\t\t\t\t\t},\n\t\t\t\t\treaders: { type: 'restricted', readers: authorizedReaders },\n\t\t\t\t\tdeps: [this.getId(object), ...args.map(a => this.getId(a))],\n\t\t\t\t\tdependencies: []\n\t\t\t\t};\n\t\t\t\tthis.metadata.set(id, metadata);\n\t\t\t\t\n\t\t\t\t\t\t// Track primitive properties for token emission\n\t\t\t\t\t\tfor (const key in result) {\n\t\t\t\t\t\t\tif (Object.prototype.hasOwnProperty.call(result, key)) {\n\t\t\t\t\t\t\t\tconst value = result[key];\n\t\t\t\t\t\t\t\tif (typeof value === 'string' || typeof value === 'number') {\n\t\t\t\t\t\t\t\t\t// Check if this primitive matches any hints\n\t\t\t\t\t\t\t\t\tconst digest = this.computeDigest(value);\n\t\t\t\t\t\t\t\t\tconst hintMeta = this.hints.get(digest);\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\tconst primitiveKey = id + ':' + key + ':' + String(value);\n\t\t\t\t\t\t\t\t\t// Use hint metadata if available, otherwise use result metadata\n\t\t\t\t\t\t\t\t\tthis.metadata.set(primitiveKey, hintMeta || metadata);\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t// Also store by digest for cross-execution matching\n\t\t\t\t\t\t\t\t\tif (hintMeta) {\n\t\t\t\t\t\t\t\t\t\tconst taintedKey = 'tainted:' + String(value);\n\t\t\t\t\t\t\t\t\t\tthis.metadata.set(taintedKey, hintMeta);\n\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t}\n\t\t\t\n\t\t\treturn result;\n\t\t}\n\t\treturn undefined;\n\t},\n\t\n\ttrackTemplate(expressions, quasis) {\n\t\tlet result = '';\n\t\tlet hasToolSource = false;\n\t\tlet toolMetadata = null;\n\t\t\n\t\t// Helper to check primitive provenance\n\t\tconst checkPrimitive = (value) => {\n\t\t\tif (typeof value !== 'string' && typeof value !== 'number') {\n\t\t\t\treturn null;\n\t\t\t}\n\t\t\t\n\t\t\t// Check tainted key first\n\t\t\tconst taintedKey = 'tainted:' + String(value);\n\t\t\tconst taintedMeta = this.metadata.get(taintedKey);\n\t\t\tif (taintedMeta && taintedMeta.source && taintedMeta.source.type === 'tool') {\n\t\t\t\treturn taintedMeta;\n\t\t\t}\n\t\t\t\n\t\t\t// Check hint-based tracking\n\t\t\tconst digest = this.computeDigest(value);\n\t\t\tconst hintMeta = this.hints.get(digest);\n\t\t\tif (hintMeta && hintMeta.source && hintMeta.source.type === 'tool') {\n\t\t\t\treturn hintMeta;\n\t\t\t}\n\t\t\t\n\t\t\t// Check primitive map (id:key:value format)\n\t\t\tfor (const [key, meta] of this.metadata.entries()) {\n\t\t\t\tif (!key.startsWith('tainted:') && key.includes(':')) {\n\t\t\t\t\tconst parts = key.split(':');\n\t\t\t\t\tif (parts.length >= 3) {\n\t\t\t\t\t\tconst primitiveValue = parts.slice(2).join(':');\n\t\t\t\t\t\tif (primitiveValue === String(value) && meta.source && meta.source.type === 'tool') {\n\t\t\t\t\t\t\treturn meta;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t\t\n\t\t\treturn null;\n\t\t};\n\t\t\n\t\tfor (let i = 0; i < quasis.length; i++) {\n\t\t\tresult += quasis[i] || '';\n\t\t\tif (i < expressions.length) {\n\t\t\t\tconst expr = expressions[i];\n\t\t\t\tresult += String(expr);\n\t\t\t\t\n\t\t\t\t// Check if expression has provenance\n\t\t\t\tif (!hasToolSource) {\n\t\t\t\t\t// Check object provenance\n\t\t\t\t\tif (typeof expr === 'object' && expr && expr.__prov_id__) {\n\t\t\t\t\t\tconst exprMeta = this.metadata.get(expr.__prov_id__);\n\t\t\t\t\t\tif (exprMeta && exprMeta.source && exprMeta.source.type === 'tool') {\n\t\t\t\t\t\t\thasToolSource = true;\n\t\t\t\t\t\t\ttoolMetadata = exprMeta;\n\t\t\t\t\t\t}\n\t\t\t\t\t} else {\n\t\t\t\t\t\tconst primMeta = checkPrimitive(expr);\n\t\t\t\t\t\tif (primMeta) {\n\t\t\t\t\t\t\thasToolSource = true;\n\t\t\t\t\t\t\ttoolMetadata = primMeta;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\t\n\t\t// If template contains tool-sourced data, mark result as tainted\n\t\tif (hasToolSource && toolMetadata) {\n\t\t\tconst taintedKey = 'tainted:' + result;\n\t\t\t// Ensure metadata has all required fields, preserving readers from source\n\t\t\tconst fullMetadata = {\n\t\t\t\t...toolMetadata,\n\t\t\t\treaders: toolMetadata.readers || { type: 'restricted', readers: [] },\n\t\t\t\tdependencies: toolMetadata.dependencies || toolMetadata.deps || []\n\t\t\t};\n\t\t\tthis.metadata.set(taintedKey, fullMetadata);\n\t\t}\n\t\t\n\t\treturn result;\n\t},\n\t\n\tgetMetadata(value) {\n\t\tconst id = typeof value === 'object' && value && value.__prov_id__;\n\t\treturn id ? this.metadata.get(id) : null;\n\t},\n\t\n\tgetAllMetadata() {\n\t\treturn Array.from(this.metadata.entries());\n\t},\n\t\n\t// Check if a value or any nested value has tool-sourced provenance\n\tcheckProvenance(value) {\n\t\tif (value === null || value === undefined) {\n\t\t\treturn null;\n\t\t}\n\t\t\n\t\t// Check if it's an object with __prov_id__\n\t\tif (typeof value === 'object' && value.__prov_id__) {\n\t\t\tconst meta = this.metadata.get(value.__prov_id__);\n\t\t\tif (meta && meta.source && meta.source.type === 'tool') {\n\t\t\t\treturn meta;\n\t\t\t}\n\t\t}\n\t\t\n\t\t// Check if it's a primitive with tainted metadata\n\t\tif (typeof value === 'string' || typeof value === 'number') {\n\t\t\tconst taintedKey = 'tainted:' + String(value);\n\t\t\tconst taintedMeta = this.metadata.get(taintedKey);\n\t\t\tif (taintedMeta && taintedMeta.source && taintedMeta.source.type === 'tool') {\n\t\t\t\treturn taintedMeta;\n\t\t\t}\n\t\t\t\n\t\t\t// Check primitive map\n\t\t\tfor (const [key, meta] of this.metadata.entries()) {\n\t\t\t\tif (!key.startsWith('tainted:') && key.includes(':')) {\n\t\t\t\t\tconst parts = key.split(':');\n\t\t\t\t\tif (parts.length >= 3) {\n\t\t\t\t\t\tconst primitiveValue = parts.slice(2).join(':');\n\t\t\t\t\t\tif (primitiveValue === String(value) && meta.source && meta.source.type === 'tool') {\n\t\t\t\t\t\t\treturn meta;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t\t\n\t\t\t// Check hints\n\t\t\tconst digest = this.computeDigest(value);\n\t\t\tconst hintMeta = this.hints.get(digest);\n\t\t\tif (hintMeta && hintMeta.source && hintMeta.source.type === 'tool') {\n\t\t\t\treturn hintMeta;\n\t\t\t}\n\t\t}\n\t\t\n\t\t// For objects/arrays, recursively check all values\n\t\tif (typeof value === 'object') {\n\t\t\tfor (const key in value) {\n\t\t\t\tif (Object.prototype.hasOwnProperty.call(value, key)) {\n\t\t\t\t\tconst nestedMeta = this.checkProvenance(value[key]);\n\t\t\t\t\tif (nestedMeta) {\n\t\t\t\t\t\treturn nestedMeta;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\t\n\t\treturn null;\n\t}\n};\n\n// Expose tracking functions globally\nglobalThis.__track = (v, s, d) => __astTracker.track(v, s, d);\nglobalThis.__track_binary = (l, r, o) => __astTracker.trackBinary(l, r, o);\nglobalThis.__track_assign = (n, v) => __astTracker.trackAssign(n, v);\nglobalThis.__track_method = (o, m, a) => __astTracker.trackMethod(o, m, a);\nglobalThis.__track_template = (e, q) => __astTracker.trackTemplate(e, q);\nglobalThis.__get_provenance = (v) => __astTracker.getMetadata(v);\nglobalThis.__get_all_metadata = () => __astTracker.getAllMetadata();\nglobalThis.__check_provenance = (v) => __astTracker.checkProvenance(v);\n\n// Mark a string literal as tainted (for cross-execution tracking)\nglobalThis.__mark_tainted = (value) => {\n\t// Check if this value matches a hint by exact digest\n\tconst digest = __astTracker.computeDigest(value);\n\tconst hintMeta = __astTracker.hints.get(digest);\n\tif (hintMeta) {\n\t\tconst taintedKey = 'tainted:' + String(value);\n\t\t__astTracker.metadata.set(taintedKey, hintMeta);\n\t\treturn value;\n\t}\n\t\n\t// ALSO check if this value CONTAINS any hint values (substring match)\n\t// This enables cross-execution tracking for template literals/concatenation\n\tif (typeof value === 'string' && __astTracker.hintValues && __astTracker.hintValues.size > 0) {\n\t\tfor (const [hintValue, metadata] of __astTracker.hintValues.entries()) {\n\t\t\tif (value.includes(hintValue)) {\n\t\t\t\tconst taintedKey = 'tainted:' + String(value);\n\t\t\t\t// Ensure metadata has all required fields, use restricted readers for tool data\n\t\t\t\tconst fullMetadata = {\n\t\t\t\t\t...metadata,\n\t\t\t\t\treaders: metadata.readers || { type: 'restricted', readers: [] },\n\t\t\t\t\tdependencies: metadata.dependencies || metadata.deps || []\n\t\t\t\t};\n\t\t\t\t__astTracker.metadata.set(taintedKey, fullMetadata);\n\t\t\t\treturn value;\n\t\t\t}\n\t\t}\n\t}\n\t\n\treturn value;\n};\n";
+//# sourceMappingURL=ast-tracking-runtime.d.ts.map

package/dist/executor/ast-tracking-runtime.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ast-tracking-runtime.d.ts","sourceRoot":"","sources":["../../src/executor/ast-tracking-runtime.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,eAAO,MAAM,oBAAoB,6xlBAuiBhC,CAAC"}