@nervekit/tools 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (267) hide show
  1. package/LICENSE +201 -0
  2. package/NOTICE +5 -0
  3. package/dist/catalog/core/filesystem.tools.d.ts +140 -0
  4. package/dist/catalog/core/filesystem.tools.d.ts.map +1 -0
  5. package/dist/catalog/core/filesystem.tools.js +221 -0
  6. package/dist/catalog/core/filesystem.tools.js.map +1 -0
  7. package/dist/catalog/core/interaction.tools.d.ts +37 -0
  8. package/dist/catalog/core/interaction.tools.d.ts.map +1 -0
  9. package/dist/catalog/core/interaction.tools.js +55 -0
  10. package/dist/catalog/core/interaction.tools.js.map +1 -0
  11. package/dist/catalog/core/python.tools.d.ts +17 -0
  12. package/dist/catalog/core/python.tools.d.ts.map +1 -0
  13. package/dist/catalog/core/python.tools.js +32 -0
  14. package/dist/catalog/core/python.tools.js.map +1 -0
  15. package/dist/catalog/core/shell.tools.d.ts +14 -0
  16. package/dist/catalog/core/shell.tools.d.ts.map +1 -0
  17. package/dist/catalog/core/shell.tools.js +22 -0
  18. package/dist/catalog/core/shell.tools.js.map +1 -0
  19. package/dist/catalog/core/web.tools.d.ts +23 -0
  20. package/dist/catalog/core/web.tools.d.ts.map +1 -0
  21. package/dist/catalog/core/web.tools.js +34 -0
  22. package/dist/catalog/core/web.tools.js.map +1 -0
  23. package/dist/catalog/descriptors.d.ts +4 -0
  24. package/dist/catalog/descriptors.d.ts.map +1 -0
  25. package/dist/catalog/descriptors.js +17 -0
  26. package/dist/catalog/descriptors.js.map +1 -0
  27. package/dist/catalog/index.d.ts +18 -0
  28. package/dist/catalog/index.d.ts.map +1 -0
  29. package/dist/catalog/index.js +44 -0
  30. package/dist/catalog/index.js.map +1 -0
  31. package/dist/catalog/orchestration/explore.tools.d.ts +20 -0
  32. package/dist/catalog/orchestration/explore.tools.d.ts.map +1 -0
  33. package/dist/catalog/orchestration/explore.tools.js +42 -0
  34. package/dist/catalog/orchestration/explore.tools.js.map +1 -0
  35. package/dist/catalog/orchestration/plan-mode.tools.d.ts +32 -0
  36. package/dist/catalog/orchestration/plan-mode.tools.d.ts.map +1 -0
  37. package/dist/catalog/orchestration/plan-mode.tools.js +43 -0
  38. package/dist/catalog/orchestration/plan-mode.tools.js.map +1 -0
  39. package/dist/catalog/orchestration/process.tools.d.ts +68 -0
  40. package/dist/catalog/orchestration/process.tools.d.ts.map +1 -0
  41. package/dist/catalog/orchestration/process.tools.js +96 -0
  42. package/dist/catalog/orchestration/process.tools.js.map +1 -0
  43. package/dist/catalog/orchestration/subagent.tools.d.ts +16 -0
  44. package/dist/catalog/orchestration/subagent.tools.d.ts.map +1 -0
  45. package/dist/catalog/orchestration/subagent.tools.js +25 -0
  46. package/dist/catalog/orchestration/subagent.tools.js.map +1 -0
  47. package/dist/catalog/orchestration/task.tools.d.ts +107 -0
  48. package/dist/catalog/orchestration/task.tools.d.ts.map +1 -0
  49. package/dist/catalog/orchestration/task.tools.js +170 -0
  50. package/dist/catalog/orchestration/task.tools.js.map +1 -0
  51. package/dist/catalog/risk.d.ts +3 -0
  52. package/dist/catalog/risk.d.ts.map +1 -0
  53. package/dist/catalog/risk.js +29 -0
  54. package/dist/catalog/risk.js.map +1 -0
  55. package/dist/catalog/types.d.ts +14 -0
  56. package/dist/catalog/types.d.ts.map +1 -0
  57. package/dist/catalog/types.js +2 -0
  58. package/dist/catalog/types.js.map +1 -0
  59. package/dist/definitions.d.ts +2 -0
  60. package/dist/definitions.d.ts.map +1 -0
  61. package/dist/definitions.js +2 -0
  62. package/dist/definitions.js.map +1 -0
  63. package/dist/execution/atomic-write.d.ts +2 -0
  64. package/dist/execution/atomic-write.d.ts.map +1 -0
  65. package/dist/execution/atomic-write.js +7 -0
  66. package/dist/execution/atomic-write.js.map +1 -0
  67. package/dist/execution/bash.d.ts +3 -0
  68. package/dist/execution/bash.d.ts.map +1 -0
  69. package/dist/execution/bash.js +133 -0
  70. package/dist/execution/bash.js.map +1 -0
  71. package/dist/execution/common/args.d.ts +2 -0
  72. package/dist/execution/common/args.d.ts.map +1 -0
  73. package/dist/execution/common/args.js +6 -0
  74. package/dist/execution/common/args.js.map +1 -0
  75. package/dist/execution/common/output-budget.d.ts +61 -0
  76. package/dist/execution/common/output-budget.d.ts.map +1 -0
  77. package/dist/execution/common/output-budget.js +140 -0
  78. package/dist/execution/common/output-budget.js.map +1 -0
  79. package/dist/execution/common/process-result.d.ts +44 -0
  80. package/dist/execution/common/process-result.d.ts.map +1 -0
  81. package/dist/execution/common/process-result.js +322 -0
  82. package/dist/execution/common/process-result.js.map +1 -0
  83. package/dist/execution/common/search-utils.d.ts +8 -0
  84. package/dist/execution/common/search-utils.d.ts.map +1 -0
  85. package/dist/execution/common/search-utils.js +110 -0
  86. package/dist/execution/common/search-utils.js.map +1 -0
  87. package/dist/execution/common/tool-error.d.ts +8 -0
  88. package/dist/execution/common/tool-error.d.ts.map +1 -0
  89. package/dist/execution/common/tool-error.js +14 -0
  90. package/dist/execution/common/tool-error.js.map +1 -0
  91. package/dist/execution/common/truncate.d.ts +27 -0
  92. package/dist/execution/common/truncate.d.ts.map +1 -0
  93. package/dist/execution/common/truncate.js +108 -0
  94. package/dist/execution/common/truncate.js.map +1 -0
  95. package/dist/execution/common.d.ts +2 -0
  96. package/dist/execution/common.d.ts.map +1 -0
  97. package/dist/execution/common.js +6 -0
  98. package/dist/execution/common.js.map +1 -0
  99. package/dist/execution/core-dispatch.d.ts +4 -0
  100. package/dist/execution/core-dispatch.d.ts.map +1 -0
  101. package/dist/execution/core-dispatch.js +58 -0
  102. package/dist/execution/core-dispatch.js.map +1 -0
  103. package/dist/execution/dispatch.d.ts +4 -0
  104. package/dist/execution/dispatch.d.ts.map +1 -0
  105. package/dist/execution/dispatch.js +54 -0
  106. package/dist/execution/dispatch.js.map +1 -0
  107. package/dist/execution/edit.d.ts +9 -0
  108. package/dist/execution/edit.d.ts.map +1 -0
  109. package/dist/execution/edit.js +175 -0
  110. package/dist/execution/edit.js.map +1 -0
  111. package/dist/execution/file-mutation-queue.d.ts +2 -0
  112. package/dist/execution/file-mutation-queue.d.ts.map +1 -0
  113. package/dist/execution/file-mutation-queue.js +19 -0
  114. package/dist/execution/file-mutation-queue.js.map +1 -0
  115. package/dist/execution/filesystem/atomic-write.d.ts +2 -0
  116. package/dist/execution/filesystem/atomic-write.d.ts.map +1 -0
  117. package/dist/execution/filesystem/atomic-write.js +7 -0
  118. package/dist/execution/filesystem/atomic-write.js.map +1 -0
  119. package/dist/execution/filesystem/edit-args.d.ts +46 -0
  120. package/dist/execution/filesystem/edit-args.d.ts.map +1 -0
  121. package/dist/execution/filesystem/edit-args.js +212 -0
  122. package/dist/execution/filesystem/edit-args.js.map +1 -0
  123. package/dist/execution/filesystem/edit-errors.d.ts +4 -0
  124. package/dist/execution/filesystem/edit-errors.d.ts.map +1 -0
  125. package/dist/execution/filesystem/edit-errors.js +8 -0
  126. package/dist/execution/filesystem/edit-errors.js.map +1 -0
  127. package/dist/execution/filesystem/edit.d.ts +4 -0
  128. package/dist/execution/filesystem/edit.d.ts.map +1 -0
  129. package/dist/execution/filesystem/edit.js +330 -0
  130. package/dist/execution/filesystem/edit.js.map +1 -0
  131. package/dist/execution/filesystem/file-mutation-queue.d.ts +2 -0
  132. package/dist/execution/filesystem/file-mutation-queue.d.ts.map +1 -0
  133. package/dist/execution/filesystem/file-mutation-queue.js +19 -0
  134. package/dist/execution/filesystem/file-mutation-queue.js.map +1 -0
  135. package/dist/execution/filesystem/find.d.ts +3 -0
  136. package/dist/execution/filesystem/find.d.ts.map +1 -0
  137. package/dist/execution/filesystem/find.js +93 -0
  138. package/dist/execution/filesystem/find.js.map +1 -0
  139. package/dist/execution/filesystem/legacy-edit.d.ts +9 -0
  140. package/dist/execution/filesystem/legacy-edit.d.ts.map +1 -0
  141. package/dist/execution/filesystem/legacy-edit.js +122 -0
  142. package/dist/execution/filesystem/legacy-edit.js.map +1 -0
  143. package/dist/execution/filesystem/list.d.ts +3 -0
  144. package/dist/execution/filesystem/list.d.ts.map +1 -0
  145. package/dist/execution/filesystem/list.js +49 -0
  146. package/dist/execution/filesystem/list.js.map +1 -0
  147. package/dist/execution/filesystem/path.d.ts +7 -0
  148. package/dist/execution/filesystem/path.d.ts.map +1 -0
  149. package/dist/execution/filesystem/path.js +69 -0
  150. package/dist/execution/filesystem/path.js.map +1 -0
  151. package/dist/execution/filesystem/read.d.ts +3 -0
  152. package/dist/execution/filesystem/read.d.ts.map +1 -0
  153. package/dist/execution/filesystem/read.js +225 -0
  154. package/dist/execution/filesystem/read.js.map +1 -0
  155. package/dist/execution/filesystem/search.d.ts +3 -0
  156. package/dist/execution/filesystem/search.d.ts.map +1 -0
  157. package/dist/execution/filesystem/search.js +149 -0
  158. package/dist/execution/filesystem/search.js.map +1 -0
  159. package/dist/execution/filesystem/smart-match.d.ts +31 -0
  160. package/dist/execution/filesystem/smart-match.d.ts.map +1 -0
  161. package/dist/execution/filesystem/smart-match.js +309 -0
  162. package/dist/execution/filesystem/smart-match.js.map +1 -0
  163. package/dist/execution/filesystem/text-editing.d.ts +9 -0
  164. package/dist/execution/filesystem/text-editing.d.ts.map +1 -0
  165. package/dist/execution/filesystem/text-editing.js +43 -0
  166. package/dist/execution/filesystem/text-editing.js.map +1 -0
  167. package/dist/execution/filesystem/write.d.ts +3 -0
  168. package/dist/execution/filesystem/write.d.ts.map +1 -0
  169. package/dist/execution/filesystem/write.js +21 -0
  170. package/dist/execution/filesystem/write.js.map +1 -0
  171. package/dist/execution/find.d.ts +3 -0
  172. package/dist/execution/find.d.ts.map +1 -0
  173. package/dist/execution/find.js +90 -0
  174. package/dist/execution/find.js.map +1 -0
  175. package/dist/execution/index.d.ts +18 -0
  176. package/dist/execution/index.d.ts.map +1 -0
  177. package/dist/execution/index.js +17 -0
  178. package/dist/execution/index.js.map +1 -0
  179. package/dist/execution/list.d.ts +3 -0
  180. package/dist/execution/list.d.ts.map +1 -0
  181. package/dist/execution/list.js +46 -0
  182. package/dist/execution/list.js.map +1 -0
  183. package/dist/execution/path.d.ts +7 -0
  184. package/dist/execution/path.d.ts.map +1 -0
  185. package/dist/execution/path.js +69 -0
  186. package/dist/execution/path.js.map +1 -0
  187. package/dist/execution/python/python.d.ts +3 -0
  188. package/dist/execution/python/python.d.ts.map +1 -0
  189. package/dist/execution/python/python.js +566 -0
  190. package/dist/execution/python/python.js.map +1 -0
  191. package/dist/execution/python/runtime.d.ts +22 -0
  192. package/dist/execution/python/runtime.d.ts.map +1 -0
  193. package/dist/execution/python/runtime.js +178 -0
  194. package/dist/execution/python/runtime.js.map +1 -0
  195. package/dist/execution/read.d.ts +3 -0
  196. package/dist/execution/read.d.ts.map +1 -0
  197. package/dist/execution/read.js +97 -0
  198. package/dist/execution/read.js.map +1 -0
  199. package/dist/execution/search-utils.d.ts +8 -0
  200. package/dist/execution/search-utils.d.ts.map +1 -0
  201. package/dist/execution/search-utils.js +110 -0
  202. package/dist/execution/search-utils.js.map +1 -0
  203. package/dist/execution/search.d.ts +3 -0
  204. package/dist/execution/search.d.ts.map +1 -0
  205. package/dist/execution/search.js +131 -0
  206. package/dist/execution/search.js.map +1 -0
  207. package/dist/execution/shell/bash.d.ts +3 -0
  208. package/dist/execution/shell/bash.d.ts.map +1 -0
  209. package/dist/execution/shell/bash.js +134 -0
  210. package/dist/execution/shell/bash.js.map +1 -0
  211. package/dist/execution/truncate.d.ts +21 -0
  212. package/dist/execution/truncate.d.ts.map +1 -0
  213. package/dist/execution/truncate.js +94 -0
  214. package/dist/execution/truncate.js.map +1 -0
  215. package/dist/execution/web/web-fetch.d.ts +3 -0
  216. package/dist/execution/web/web-fetch.d.ts.map +1 -0
  217. package/dist/execution/web/web-fetch.js +132 -0
  218. package/dist/execution/web/web-fetch.js.map +1 -0
  219. package/dist/execution/web/web-search.d.ts +3 -0
  220. package/dist/execution/web/web-search.d.ts.map +1 -0
  221. package/dist/execution/web/web-search.js +59 -0
  222. package/dist/execution/web/web-search.js.map +1 -0
  223. package/dist/execution/web-fetch.d.ts +3 -0
  224. package/dist/execution/web-fetch.d.ts.map +1 -0
  225. package/dist/execution/web-fetch.js +132 -0
  226. package/dist/execution/web-fetch.js.map +1 -0
  227. package/dist/execution/web-search.d.ts +3 -0
  228. package/dist/execution/web-search.d.ts.map +1 -0
  229. package/dist/execution/web-search.js +59 -0
  230. package/dist/execution/web-search.js.map +1 -0
  231. package/dist/execution/write.d.ts +3 -0
  232. package/dist/execution/write.d.ts.map +1 -0
  233. package/dist/execution/write.js +21 -0
  234. package/dist/execution/write.js.map +1 -0
  235. package/dist/index.d.ts +9 -0
  236. package/dist/index.d.ts.map +1 -0
  237. package/dist/index.js +11 -0
  238. package/dist/index.js.map +1 -0
  239. package/dist/safety/command-policy-git.d.ts +2 -0
  240. package/dist/safety/command-policy-git.d.ts.map +1 -0
  241. package/dist/safety/command-policy-git.js +88 -0
  242. package/dist/safety/command-policy-git.js.map +1 -0
  243. package/dist/safety/command-policy-options.d.ts +6 -0
  244. package/dist/safety/command-policy-options.d.ts.map +1 -0
  245. package/dist/safety/command-policy-options.js +112 -0
  246. package/dist/safety/command-policy-options.js.map +1 -0
  247. package/dist/safety/command-policy-packages.d.ts +4 -0
  248. package/dist/safety/command-policy-packages.d.ts.map +1 -0
  249. package/dist/safety/command-policy-packages.js +161 -0
  250. package/dist/safety/command-policy-packages.js.map +1 -0
  251. package/dist/safety/command-policy-parser.d.ts +11 -0
  252. package/dist/safety/command-policy-parser.d.ts.map +1 -0
  253. package/dist/safety/command-policy-parser.js +121 -0
  254. package/dist/safety/command-policy-parser.js.map +1 -0
  255. package/dist/safety/command-policy-wrappers.d.ts +6 -0
  256. package/dist/safety/command-policy-wrappers.d.ts.map +1 -0
  257. package/dist/safety/command-policy-wrappers.js +95 -0
  258. package/dist/safety/command-policy-wrappers.js.map +1 -0
  259. package/dist/safety/command-policy.d.ts +6 -0
  260. package/dist/safety/command-policy.d.ts.map +1 -0
  261. package/dist/safety/command-policy.js +118 -0
  262. package/dist/safety/command-policy.js.map +1 -0
  263. package/dist/types.d.ts +78 -0
  264. package/dist/types.d.ts.map +1 -0
  265. package/dist/types.js +2 -0
  266. package/dist/types.js.map +1 -0
  267. package/package.json +48 -0
@@ -0,0 +1,121 @@
1
+ import { parse as shellParse } from "shell-quote";
2
+ function isOpEntry(entry) {
3
+ return typeof entry === "object" && typeof entry.op === "string";
4
+ }
5
+ function isCommentEntry(entry) {
6
+ return typeof entry === "object" && typeof entry.comment === "string";
7
+ }
8
+ export function parseCommand(command) {
9
+ try {
10
+ const result = shellParse(command, (key) => `$${key}`);
11
+ if (!Array.isArray(result))
12
+ return null;
13
+ return result;
14
+ }
15
+ catch {
16
+ return null;
17
+ }
18
+ }
19
+ /** Detect $() and backtick command substitution outside single quotes. */
20
+ export function hasCommandSubstitution(command) {
21
+ let inSingleQuote = false;
22
+ let inDoubleQuote = false;
23
+ let escaped = false;
24
+ for (let i = 0; i < command.length; i++) {
25
+ const char = command[i];
26
+ if (escaped) {
27
+ escaped = false;
28
+ continue;
29
+ }
30
+ if (char === "\\" && inDoubleQuote) {
31
+ escaped = true;
32
+ continue;
33
+ }
34
+ if (char === "'" && !inDoubleQuote) {
35
+ inSingleQuote = !inSingleQuote;
36
+ continue;
37
+ }
38
+ if (char === '"' && !inSingleQuote) {
39
+ inDoubleQuote = !inDoubleQuote;
40
+ continue;
41
+ }
42
+ if (!inSingleQuote) {
43
+ if (char === "$" && command[i + 1] === "(")
44
+ return true;
45
+ if (char === "`")
46
+ return true;
47
+ }
48
+ }
49
+ return false;
50
+ }
51
+ export function hasUnsafeConstructs(entries) {
52
+ for (let i = 0; i < entries.length; i++) {
53
+ const entry = entries[i];
54
+ if (!isOpEntry(entry))
55
+ continue;
56
+ const op = entry.op;
57
+ if (op === "<(" || op === ">(")
58
+ return true;
59
+ if (op === "(" || op === ")")
60
+ return true;
61
+ if (op === "<<<")
62
+ return true;
63
+ if (op === "&") {
64
+ const next = entries[i + 1];
65
+ if (i + 2 < entries.length &&
66
+ isOpEntry(next) &&
67
+ next.op === ">" &&
68
+ entries[i + 2] === "/dev/null") {
69
+ continue;
70
+ }
71
+ return true;
72
+ }
73
+ }
74
+ return false;
75
+ }
76
+ export function hasUnsafeRedirects(entries) {
77
+ for (let i = 0; i < entries.length; i++) {
78
+ const entry = entries[i];
79
+ if (!isOpEntry(entry))
80
+ continue;
81
+ const op = entry.op;
82
+ if (op === ">" || op === ">>") {
83
+ const target = entries[i + 1];
84
+ if (typeof target === "string" && target === "/dev/null") {
85
+ i++;
86
+ continue;
87
+ }
88
+ return true;
89
+ }
90
+ if (op === "<")
91
+ return true;
92
+ if (op === ">&") {
93
+ const target = entries[i + 1];
94
+ if (typeof target === "string" && /^\d$/.test(target)) {
95
+ i++;
96
+ continue;
97
+ }
98
+ return true;
99
+ }
100
+ }
101
+ return false;
102
+ }
103
+ export function extractSegments(entries) {
104
+ const segments = [[]];
105
+ for (const entry of entries) {
106
+ if (isCommentEntry(entry))
107
+ continue;
108
+ if (typeof entry === "string") {
109
+ segments[segments.length - 1].push(entry);
110
+ continue;
111
+ }
112
+ if (!isOpEntry(entry))
113
+ continue;
114
+ if (["|", "||", "&&", ";"].includes(entry.op)) {
115
+ if (segments[segments.length - 1].length > 0)
116
+ segments.push([]);
117
+ }
118
+ }
119
+ return segments.filter((segment) => segment.length > 0);
120
+ }
121
+ //# sourceMappingURL=command-policy-parser.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"command-policy-parser.js","sourceRoot":"","sources":["../../src/safety/command-policy-parser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,IAAI,UAAU,EAAE,MAAM,aAAa,CAAC;AAIlD,SAAS,SAAS,CAAC,KAAiB;IAClC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,CAAC,EAAE,KAAK,QAAQ,CAAC;AACnE,CAAC;AAED,SAAS,cAAc,CAAC,KAAiB;IACvC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,CAAC;AACxE,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,OAAe;IAC1C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,EAAE,CAAC,GAAW,EAAE,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,CAAC;QAC/D,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;YAAE,OAAO,IAAI,CAAC;QACxC,OAAO,MAAsB,CAAC;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,0EAA0E;AAC1E,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,IAAI,aAAa,GAAG,KAAK,CAAC;IAC1B,IAAI,aAAa,GAAG,KAAK,CAAC;IAC1B,IAAI,OAAO,GAAG,KAAK,CAAC;IAEpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAExB,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,GAAG,KAAK,CAAC;YAChB,SAAS;QACX,CAAC;QAED,IAAI,IAAI,KAAK,IAAI,IAAI,aAAa,EAAE,CAAC;YACnC,OAAO,GAAG,IAAI,CAAC;YACf,SAAS;QACX,CAAC;QAED,IAAI,IAAI,KAAK,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;YACnC,aAAa,GAAG,CAAC,aAAa,CAAC;YAC/B,SAAS;QACX,CAAC;QAED,IAAI,IAAI,KAAK,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;YACnC,aAAa,GAAG,CAAC,aAAa,CAAC;YAC/B,SAAS;QACX,CAAC;QAED,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,IAAI,IAAI,KAAK,GAAG,IAAI,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YACxD,IAAI,IAAI,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;QAChC,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,OAAqB;IACvD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACzB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC;YAAE,SAAS;QAEhC,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;QAEpB,IAAI,EAAE,KAAK,IAAI,IAAI,EAAE,KAAK,IAAI;YAAE,OAAO,IAAI,CAAC;QAC5C,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;QAC1C,IAAI,EAAE,KAAK,KAAK;YAAE,OAAO,IAAI,CAAC;QAE9B,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC5B,IACE,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,MAAM;gBACtB,SAAS,CAAC,IAAI,CAAC;gBACf,IAAI,CAAC,EAAE,KAAK,GAAG;gBACf,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,WAAW,EAC9B,CAAC;gBACD,SAAS;YACX,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,OAAqB;IACtD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACzB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC;YAAE,SAAS;QAEhC,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;QAEpB,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;YAC9B,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC9B,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,WAAW,EAAE,CAAC;gBACzD,CAAC,EAAE,CAAC;gBACJ,SAAS;YACX,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,EAAE,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;QAE5B,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;YAChB,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC9B,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACtD,CAAC,EAAE,CAAC;gBACJ,SAAS;YACX,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,OAAqB;IACnD,MAAM,QAAQ,GAAe,CAAC,EAAE,CAAC,CAAC;IAElC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,cAAc,CAAC,KAAK,CAAC;YAAE,SAAS;QAEpC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC1C,SAAS;QACX,CAAC;QAED,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC;YAAE,SAAS;QAEhC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC;YAC9C,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC;gBAAE,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAClE,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AAC1D,CAAC"}
@@ -0,0 +1,6 @@
1
+ export declare function stripEnvVarAssignments(tokens: string[]): string[];
2
+ export declare function normalizeCommandName(command: string): string;
3
+ export declare function unwrapCommandTokens(tokens: string[]): string[];
4
+ export declare function getXargsInvokedCommandIndex(tokens: string[]): number | undefined;
5
+ export declare function hasAnyToken(tokens: string[], blocked: Set<string>): boolean;
6
+ //# sourceMappingURL=command-policy-wrappers.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"command-policy-wrappers.d.ts","sourceRoot":"","sources":["../../src/safety/command-policy-wrappers.ts"],"names":[],"mappings":"AAAA,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CASjE;AAED,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAE5D;AAiBD,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CAgD9D;AAED,wBAAgB,2BAA2B,CACzC,MAAM,EAAE,MAAM,EAAE,GACf,MAAM,GAAG,SAAS,CAmBpB;AAED,wBAAgB,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,OAAO,CAE3E"}
@@ -0,0 +1,95 @@
1
+ export function stripEnvVarAssignments(tokens) {
2
+ let index = 0;
3
+ while (index < tokens.length &&
4
+ /^[A-Za-z_][A-Za-z0-9_]*=/.test(tokens[index] ?? "")) {
5
+ index++;
6
+ }
7
+ return tokens.slice(index);
8
+ }
9
+ export function normalizeCommandName(command) {
10
+ return (command.split("/").pop() ?? command).trim();
11
+ }
12
+ function stripLeadingOptions(tokens) {
13
+ let index = 0;
14
+ while (tokens[index]?.startsWith("-"))
15
+ index++;
16
+ return tokens.slice(index);
17
+ }
18
+ const WRAPPER_ROOT_COMMANDS = new Set([
19
+ "command",
20
+ "env",
21
+ "nice",
22
+ "nohup",
23
+ "time",
24
+ "timeout",
25
+ ]);
26
+ export function unwrapCommandTokens(tokens) {
27
+ let current = tokens;
28
+ for (let depth = 0; depth < 5; depth++) {
29
+ const rootCommand = normalizeCommandName(current[0] ?? "");
30
+ if (!WRAPPER_ROOT_COMMANDS.has(rootCommand))
31
+ break;
32
+ if (rootCommand === "env") {
33
+ let index = 1;
34
+ while (index < current.length) {
35
+ const token = current[index];
36
+ if (token === "-u" || token === "--unset" || token === "-S") {
37
+ index += 2;
38
+ continue;
39
+ }
40
+ if (token.startsWith("-")) {
41
+ index++;
42
+ continue;
43
+ }
44
+ if (/^[A-Za-z_][A-Za-z0-9_]*=/.test(token)) {
45
+ index++;
46
+ continue;
47
+ }
48
+ break;
49
+ }
50
+ current = current.slice(index);
51
+ continue;
52
+ }
53
+ if (rootCommand === "timeout") {
54
+ const withoutOptions = stripLeadingOptions(current.slice(1));
55
+ current = withoutOptions.slice(1);
56
+ continue;
57
+ }
58
+ if (rootCommand === "nice") {
59
+ let index = 1;
60
+ if (current[index] === "-n")
61
+ index += 2;
62
+ else if (current[index]?.startsWith("-n"))
63
+ index++;
64
+ while (current[index]?.startsWith("-"))
65
+ index++;
66
+ current = current.slice(index);
67
+ continue;
68
+ }
69
+ current = stripLeadingOptions(current.slice(1));
70
+ }
71
+ return current;
72
+ }
73
+ export function getXargsInvokedCommandIndex(tokens) {
74
+ for (let i = 1; i < tokens.length; i++) {
75
+ const token = tokens[i];
76
+ if (token === "-E" ||
77
+ token === "-I" ||
78
+ token === "-L" ||
79
+ token === "-P" ||
80
+ token === "-d" ||
81
+ token === "-n" ||
82
+ token === "-s") {
83
+ i++;
84
+ continue;
85
+ }
86
+ if (token.startsWith("-"))
87
+ continue;
88
+ return i;
89
+ }
90
+ return undefined;
91
+ }
92
+ export function hasAnyToken(tokens, blocked) {
93
+ return tokens.some((token) => blocked.has(token));
94
+ }
95
+ //# sourceMappingURL=command-policy-wrappers.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"command-policy-wrappers.js","sourceRoot":"","sources":["../../src/safety/command-policy-wrappers.ts"],"names":[],"mappings":"AAAA,MAAM,UAAU,sBAAsB,CAAC,MAAgB;IACrD,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,OACE,KAAK,GAAG,MAAM,CAAC,MAAM;QACrB,0BAA0B,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,EACpD,CAAC;QACD,KAAK,EAAE,CAAC;IACV,CAAC;IACD,OAAO,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;AAC7B,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,OAAe;IAClD,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;AACtD,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAgB;IAC3C,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,OAAO,MAAM,CAAC,KAAK,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC;QAAE,KAAK,EAAE,CAAC;IAC/C,OAAO,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;AAC7B,CAAC;AAED,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC;IACpC,SAAS;IACT,KAAK;IACL,MAAM;IACN,OAAO;IACP,MAAM;IACN,SAAS;CACV,CAAC,CAAC;AAEH,MAAM,UAAU,mBAAmB,CAAC,MAAgB;IAClD,IAAI,OAAO,GAAG,MAAM,CAAC;IAErB,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,EAAE,KAAK,EAAE,EAAE,CAAC;QACvC,MAAM,WAAW,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,WAAW,CAAC;YAAE,MAAM;QAEnD,IAAI,WAAW,KAAK,KAAK,EAAE,CAAC;YAC1B,IAAI,KAAK,GAAG,CAAC,CAAC;YACd,OAAO,KAAK,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;gBAC9B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;gBAC7B,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;oBAC5D,KAAK,IAAI,CAAC,CAAC;oBACX,SAAS;gBACX,CAAC;gBACD,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC1B,KAAK,EAAE,CAAC;oBACR,SAAS;gBACX,CAAC;gBACD,IAAI,0BAA0B,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC3C,KAAK,EAAE,CAAC;oBACR,SAAS;gBACX,CAAC;gBACD,MAAM;YACR,CAAC;YACD,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAC/B,SAAS;QACX,CAAC;QAED,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,MAAM,cAAc,GAAG,mBAAmB,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC7D,OAAO,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAClC,SAAS;QACX,CAAC;QAED,IAAI,WAAW,KAAK,MAAM,EAAE,CAAC;YAC3B,IAAI,KAAK,GAAG,CAAC,CAAC;YACd,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,IAAI;gBAAE,KAAK,IAAI,CAAC,CAAC;iBACnC,IAAI,OAAO,CAAC,KAAK,CAAC,EAAE,UAAU,CAAC,IAAI,CAAC;gBAAE,KAAK,EAAE,CAAC;YACnD,OAAO,OAAO,CAAC,KAAK,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC;gBAAE,KAAK,EAAE,CAAC;YAChD,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAC/B,SAAS;QACX,CAAC;QAED,OAAO,GAAG,mBAAmB,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAClD,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,2BAA2B,CACzC,MAAgB;IAEhB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QACxB,IACE,KAAK,KAAK,IAAI;YACd,KAAK,KAAK,IAAI;YACd,KAAK,KAAK,IAAI;YACd,KAAK,KAAK,IAAI;YACd,KAAK,KAAK,IAAI;YACd,KAAK,KAAK,IAAI;YACd,KAAK,KAAK,IAAI,EACd,CAAC;YACD,CAAC,EAAE,CAAC;YACJ,SAAS;QACX,CAAC;QACD,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS;QACpC,OAAO,CAAC,CAAC;IACX,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,MAAgB,EAAE,OAAoB;IAChE,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;AACpD,CAAC"}
@@ -0,0 +1,6 @@
1
+ export declare function hasShellControlOperator(command: string): boolean;
2
+ export declare function isKnownReadOnlyCommand(command: string): boolean;
3
+ export declare function hasDangerousCommandPattern(command: string): boolean;
4
+ export declare function isLikelyLongRunningCommand(command: string): boolean;
5
+ export declare function isAllowedPlanModeBashCommand(command: string): boolean;
6
+ //# sourceMappingURL=command-policy.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"command-policy.d.ts","sourceRoot":"","sources":["../../src/safety/command-policy.ts"],"names":[],"mappings":"AAuBA,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAMhE;AAED,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAe/D;AAED,wBAAgB,0BAA0B,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAInE;AAED,wBAAgB,0BAA0B,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAWnE;AA8DD,wBAAgB,4BAA4B,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAcrE"}
@@ -0,0 +1,118 @@
1
+ import { isBlockedGitInvocation } from "./command-policy-git.js";
2
+ import { isBlockedByCommandOptions, isBlockedLongRunningInvocation, } from "./command-policy-options.js";
3
+ import { isBlockedPackageManagerInvocation, isBlockedSystemPackageManagerInvocation, } from "./command-policy-packages.js";
4
+ import { extractSegments, hasCommandSubstitution, hasUnsafeConstructs, hasUnsafeRedirects, parseCommand, } from "./command-policy-parser.js";
5
+ import { getXargsInvokedCommandIndex, normalizeCommandName, stripEnvVarAssignments, unwrapCommandTokens, } from "./command-policy-wrappers.js";
6
+ export function hasShellControlOperator(command) {
7
+ return (/[><|`$();]/.test(command) ||
8
+ command.includes("&&") ||
9
+ command.includes("||"));
10
+ }
11
+ export function isKnownReadOnlyCommand(command) {
12
+ const normalized = command.trim().replace(/\s+/g, " ");
13
+ if (!normalized || hasShellControlOperator(normalized))
14
+ return false;
15
+ const first = normalized.split(" ")[0];
16
+ if (["pwd", "ls", "find", "rg", "grep", "which", "cat"].includes(first))
17
+ return true;
18
+ if (normalized === "git status" || normalized.startsWith("git status "))
19
+ return true;
20
+ if (normalized === "git diff" || normalized.startsWith("git diff "))
21
+ return true;
22
+ if (normalized === "git log" || normalized.startsWith("git log "))
23
+ return true;
24
+ if (normalized === "git show" || normalized.startsWith("git show "))
25
+ return true;
26
+ return false;
27
+ }
28
+ export function hasDangerousCommandPattern(command) {
29
+ return /(^|\s)(rm\s+-rf|sudo|mkfs|dd\s+if=|chmod\s+-R|chown\s+-R|git\s+reset\s+--hard|git\s+clean\s+-fd|docker\s+system\s+prune|kubectl\s+delete)(\s|$)/.test(command);
30
+ }
31
+ export function isLikelyLongRunningCommand(command) {
32
+ const normalized = command.trim().replace(/\s+/g, " ");
33
+ if (!normalized)
34
+ return false;
35
+ return (/(^|\s)(npm|pnpm|yarn|bun)\s+(run\s+)?(dev|start|serve|preview|watch)(\s|$)/.test(normalized) ||
36
+ /(^|\s)(vite|next\s+dev|svelte-kit\s+dev|astro\s+dev|webpack\s+serve|nodemon|tsx\s+watch|tsc\s+--watch|cargo\s+watch)(\s|$)/.test(normalized));
37
+ }
38
+ const BLOCKED_BASH_ROOT_COMMANDS = new Set([
39
+ "chmod",
40
+ "chgrp",
41
+ "chown",
42
+ "code",
43
+ "cp",
44
+ "dash",
45
+ "dd",
46
+ "doas",
47
+ "emacs",
48
+ "eval",
49
+ "exec",
50
+ "fish",
51
+ "function",
52
+ "kill",
53
+ "killall",
54
+ "ln",
55
+ "mkdir",
56
+ "mkfs",
57
+ "mount",
58
+ "mv",
59
+ "nano",
60
+ "pkill",
61
+ "rm",
62
+ "rmdir",
63
+ "sh",
64
+ "shred",
65
+ "sudo",
66
+ "tee",
67
+ "touch",
68
+ "truncate",
69
+ "umount",
70
+ "vi",
71
+ "vim",
72
+ "zsh",
73
+ ]);
74
+ function isBlockedCommandSegment(tokens) {
75
+ const stripped = stripEnvVarAssignments(tokens);
76
+ const unwrapped = unwrapCommandTokens(stripped);
77
+ if (unwrapped.length === 0)
78
+ return false;
79
+ const rootCommand = normalizeCommandName(unwrapped[0]);
80
+ if (rootCommand === "xargs") {
81
+ const invokedIndex = getXargsInvokedCommandIndex(unwrapped);
82
+ if (invokedIndex === undefined)
83
+ return false;
84
+ return isBlockedCommandSegment(unwrapped.slice(invokedIndex));
85
+ }
86
+ if (BLOCKED_BASH_ROOT_COMMANDS.has(rootCommand))
87
+ return true;
88
+ if (isBlockedLongRunningInvocation(unwrapped))
89
+ return true;
90
+ if (isBlockedGitInvocation(unwrapped))
91
+ return true;
92
+ if (isBlockedPackageManagerInvocation(unwrapped, isBlockedCommandSegment)) {
93
+ return true;
94
+ }
95
+ if (isBlockedSystemPackageManagerInvocation(unwrapped))
96
+ return true;
97
+ return isBlockedByCommandOptions(unwrapped, isBlockedCommandSegment);
98
+ }
99
+ export function isAllowedPlanModeBashCommand(command) {
100
+ if (!command.trim())
101
+ return false;
102
+ if (isLikelyLongRunningCommand(command))
103
+ return false;
104
+ if (hasCommandSubstitution(command))
105
+ return false;
106
+ const entries = parseCommand(command);
107
+ if (!entries || entries.length === 0)
108
+ return false;
109
+ if (hasUnsafeConstructs(entries))
110
+ return false;
111
+ if (hasUnsafeRedirects(entries))
112
+ return false;
113
+ const segments = extractSegments(entries);
114
+ if (segments.length === 0)
115
+ return false;
116
+ return segments.every((segment) => !isBlockedCommandSegment(segment));
117
+ }
118
+ //# sourceMappingURL=command-policy.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"command-policy.js","sourceRoot":"","sources":["../../src/safety/command-policy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EACL,yBAAyB,EACzB,8BAA8B,GAC/B,MAAM,6BAA6B,CAAC;AACrC,OAAO,EACL,iCAAiC,EACjC,uCAAuC,GACxC,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACL,eAAe,EACf,sBAAsB,EACtB,mBAAmB,EACnB,kBAAkB,EAClB,YAAY,GACb,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACL,2BAA2B,EAC3B,oBAAoB,EACpB,sBAAsB,EACtB,mBAAmB,GACpB,MAAM,8BAA8B,CAAC;AAEtC,MAAM,UAAU,uBAAuB,CAAC,OAAe;IACrD,OAAO,CACL,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC;QAC1B,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;QACtB,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CACvB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACvD,IAAI,CAAC,UAAU,IAAI,uBAAuB,CAAC,UAAU,CAAC;QAAE,OAAO,KAAK,CAAC;IACrE,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACvC,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;QACrE,OAAO,IAAI,CAAC;IACd,IAAI,UAAU,KAAK,YAAY,IAAI,UAAU,CAAC,UAAU,CAAC,aAAa,CAAC;QACrE,OAAO,IAAI,CAAC;IACd,IAAI,UAAU,KAAK,UAAU,IAAI,UAAU,CAAC,UAAU,CAAC,WAAW,CAAC;QACjE,OAAO,IAAI,CAAC;IACd,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,CAAC,UAAU,CAAC,UAAU,CAAC;QAC/D,OAAO,IAAI,CAAC;IACd,IAAI,UAAU,KAAK,UAAU,IAAI,UAAU,CAAC,UAAU,CAAC,WAAW,CAAC;QACjE,OAAO,IAAI,CAAC;IACd,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,0BAA0B,CAAC,OAAe;IACxD,OAAO,iJAAiJ,CAAC,IAAI,CAC3J,OAAO,CACR,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,0BAA0B,CAAC,OAAe;IACxD,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACvD,IAAI,CAAC,UAAU;QAAE,OAAO,KAAK,CAAC;IAC9B,OAAO,CACL,4EAA4E,CAAC,IAAI,CAC/E,UAAU,CACX;QACD,4HAA4H,CAAC,IAAI,CAC/H,UAAU,CACX,CACF,CAAC;AACJ,CAAC;AAED,MAAM,0BAA0B,GAAG,IAAI,GAAG,CAAC;IACzC,OAAO;IACP,OAAO;IACP,OAAO;IACP,MAAM;IACN,IAAI;IACJ,MAAM;IACN,IAAI;IACJ,MAAM;IACN,OAAO;IACP,MAAM;IACN,MAAM;IACN,MAAM;IACN,UAAU;IACV,MAAM;IACN,SAAS;IACT,IAAI;IACJ,OAAO;IACP,MAAM;IACN,OAAO;IACP,IAAI;IACJ,MAAM;IACN,OAAO;IACP,IAAI;IACJ,OAAO;IACP,IAAI;IACJ,OAAO;IACP,MAAM;IACN,KAAK;IACL,OAAO;IACP,UAAU;IACV,QAAQ;IACR,IAAI;IACJ,KAAK;IACL,KAAK;CACN,CAAC,CAAC;AAEH,SAAS,uBAAuB,CAAC,MAAgB;IAC/C,MAAM,QAAQ,GAAG,sBAAsB,CAAC,MAAM,CAAC,CAAC;IAChD,MAAM,SAAS,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IAChD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAEzC,MAAM,WAAW,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;IAEvD,IAAI,WAAW,KAAK,OAAO,EAAE,CAAC;QAC5B,MAAM,YAAY,GAAG,2BAA2B,CAAC,SAAS,CAAC,CAAC;QAC5D,IAAI,YAAY,KAAK,SAAS;YAAE,OAAO,KAAK,CAAC;QAC7C,OAAO,uBAAuB,CAAC,SAAS,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC;IAChE,CAAC;IAED,IAAI,0BAA0B,CAAC,GAAG,CAAC,WAAW,CAAC;QAAE,OAAO,IAAI,CAAC;IAC7D,IAAI,8BAA8B,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IAC3D,IAAI,sBAAsB,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IACnD,IAAI,iCAAiC,CAAC,SAAS,EAAE,uBAAuB,CAAC,EAAE,CAAC;QAC1E,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,uCAAuC,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IACpE,OAAO,yBAAyB,CAAC,SAAS,EAAE,uBAAuB,CAAC,CAAC;AACvE,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,OAAe;IAC1D,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE;QAAE,OAAO,KAAK,CAAC;IAClC,IAAI,0BAA0B,CAAC,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IACtD,IAAI,sBAAsB,CAAC,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IAElD,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IACtC,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACnD,IAAI,mBAAmB,CAAC,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IAC/C,IAAI,kBAAkB,CAAC,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IAE9C,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IAC1C,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAExC,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC,CAAC;AACxE,CAAC"}
@@ -0,0 +1,78 @@
1
+ import type { ToolContentBlockPayload, ToolExecutionResultPayload, ToolImageContentPayload, ToolTextContentPayload } from "@nervekit/shared";
2
+ import type { PythonRuntime } from "./execution/python/runtime.js";
3
+ export type ToolExecutionOutputUpdate = {
4
+ kind: "output";
5
+ stream: "stdout" | "stderr" | "combined";
6
+ chunk: string;
7
+ };
8
+ export type ToolExecutionContext = {
9
+ cwd: string;
10
+ signal?: AbortSignal;
11
+ dataDir?: string;
12
+ getApiKey?: (provider: string) => Promise<string | undefined>;
13
+ pythonRuntime?: PythonRuntime;
14
+ pythonPolicy?: {
15
+ allowNetwork: boolean;
16
+ allowFileWrite: boolean;
17
+ };
18
+ onUpdate?: (update: ToolExecutionOutputUpdate) => void;
19
+ };
20
+ export type ToolTextContent = ToolTextContentPayload;
21
+ export type ToolImageContent = ToolImageContentPayload;
22
+ export type ToolContentBlock = ToolContentBlockPayload;
23
+ export type ToolExecutionResult = ToolExecutionResultPayload;
24
+ export type ToolPathArgs = {
25
+ path?: unknown;
26
+ };
27
+ export type ReadToolArgs = ToolPathArgs & {
28
+ offset?: unknown;
29
+ limit?: unknown;
30
+ byteOffset?: unknown;
31
+ byteLimit?: unknown;
32
+ };
33
+ export type WriteToolArgs = ToolPathArgs & {
34
+ content?: unknown;
35
+ };
36
+ export type EditToolArgs = ToolPathArgs & {
37
+ dryRun?: unknown;
38
+ replacements?: unknown;
39
+ insertions?: unknown;
40
+ lineReplacements?: unknown;
41
+ lineInsertions?: unknown;
42
+ patch?: unknown;
43
+ };
44
+ export type BashToolArgs = {
45
+ command?: unknown;
46
+ timeout?: unknown;
47
+ };
48
+ export type PythonToolArgs = {
49
+ code?: unknown;
50
+ path?: unknown;
51
+ cwd?: unknown;
52
+ timeout?: unknown;
53
+ env?: unknown;
54
+ };
55
+ export type LsToolArgs = ToolPathArgs & {
56
+ limit?: unknown;
57
+ };
58
+ export type FindToolArgs = ToolPathArgs & {
59
+ pattern?: unknown;
60
+ limit?: unknown;
61
+ };
62
+ export type GrepToolArgs = ToolPathArgs & {
63
+ pattern?: unknown;
64
+ glob?: unknown;
65
+ ignoreCase?: unknown;
66
+ literal?: unknown;
67
+ context?: unknown;
68
+ limit?: unknown;
69
+ };
70
+ export type WebSearchToolArgs = {
71
+ query?: unknown;
72
+ max_results?: unknown;
73
+ };
74
+ export type WebFetchToolArgs = {
75
+ url?: unknown;
76
+ raw?: unknown;
77
+ };
78
+ //# sourceMappingURL=types.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,uBAAuB,EACvB,0BAA0B,EAC1B,uBAAuB,EACvB,sBAAsB,EACvB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAEnE,MAAM,MAAM,yBAAyB,GAAG;IACtC,IAAI,EAAE,QAAQ,CAAC;IACf,MAAM,EAAE,QAAQ,GAAG,QAAQ,GAAG,UAAU,CAAC;IACzC,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IACjC,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAAC;IAC9D,aAAa,CAAC,EAAE,aAAa,CAAC;IAC9B,YAAY,CAAC,EAAE;QACb,YAAY,EAAE,OAAO,CAAC;QACtB,cAAc,EAAE,OAAO,CAAC;KACzB,CAAC;IACF,QAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,yBAAyB,KAAK,IAAI,CAAC;CACxD,CAAC;AAGF,MAAM,MAAM,eAAe,GAAG,sBAAsB,CAAC;AACrD,MAAM,MAAM,gBAAgB,GAAG,uBAAuB,CAAC;AACvD,MAAM,MAAM,gBAAgB,GAAG,uBAAuB,CAAC;AACvD,MAAM,MAAM,mBAAmB,GAAG,0BAA0B,CAAC;AAE7D,MAAM,MAAM,YAAY,GAAG;IACzB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG;IACxC,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG,YAAY,GAAG;IACzC,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG;IACxC,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,GAAG,CAAC,EAAE,OAAO,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,UAAU,GAAG,YAAY,GAAG;IACtC,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG;IACxC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG;IACxC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG;IAC9B,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,GAAG,CAAC,EAAE,OAAO,CAAC;CACf,CAAC"}
package/dist/types.js ADDED
@@ -0,0 +1,2 @@
1
+ export {};
2
+ //# sourceMappingURL=types.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}
package/package.json ADDED
@@ -0,0 +1,48 @@
1
+ {
2
+ "name": "@nervekit/tools",
3
+ "version": "0.1.0",
4
+ "author": "ThilinaTLM",
5
+ "license": "Apache-2.0",
6
+ "type": "module",
7
+ "publishConfig": {
8
+ "access": "public",
9
+ "registry": "https://registry.npmjs.org"
10
+ },
11
+ "repository": {
12
+ "type": "git",
13
+ "url": "git+https://github.com/ThilinaTLM/nerve.git",
14
+ "directory": "packages/tools"
15
+ },
16
+ "homepage": "https://github.com/ThilinaTLM/nerve#readme",
17
+ "files": [
18
+ "dist/**",
19
+ "LICENSE",
20
+ "NOTICE"
21
+ ],
22
+ "exports": {
23
+ ".": {
24
+ "types": "./dist/index.d.ts",
25
+ "import": "./dist/index.js"
26
+ }
27
+ },
28
+ "dependencies": {
29
+ "diff": "^8.0.4",
30
+ "node-html-markdown": "^2.0.0",
31
+ "shell-quote": "^1.8.4",
32
+ "typebox": "1.1.38",
33
+ "@nervekit/shared": "0.1.0"
34
+ },
35
+ "devDependencies": {
36
+ "@types/node": "24.10.1",
37
+ "@types/shell-quote": "^1.7.5",
38
+ "typescript": "5.9.3"
39
+ },
40
+ "engines": {
41
+ "node": ">=24.0.0"
42
+ },
43
+ "scripts": {
44
+ "build": "tsc -b",
45
+ "check": "tsc -b --pretty false",
46
+ "test": "tsx --test test/*.test.ts"
47
+ }
48
+ }