npm - @phuetz/code-buddy - Versions diffs - 0.1.18 → 0.1.19 - Mend

@phuetz/code-buddy 0.1.18 → 0.1.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (273) hide show

package/dist/agent/background-tasks.d.ts +49 -0
package/dist/agent/background-tasks.js +153 -0
package/dist/agent/background-tasks.js.map +1 -0
package/dist/agent/definitions/agent-definition-loader.d.ts +21 -0
package/dist/agent/definitions/agent-definition-loader.js +161 -0
package/dist/agent/definitions/agent-definition-loader.js.map +1 -0
package/dist/agent/definitions/index.d.ts +1 -0
package/dist/agent/definitions/index.js +2 -0
package/dist/agent/definitions/index.js.map +1 -0
package/dist/agent/extended-thinking.d.ts +64 -0
package/dist/agent/extended-thinking.js +103 -0
package/dist/agent/extended-thinking.js.map +1 -0
package/dist/agent/prompt-suggestions.d.ts +55 -0
package/dist/agent/prompt-suggestions.js +125 -0
package/dist/agent/prompt-suggestions.js.map +1 -0
package/dist/agent/rewind-manager.d.ts +59 -0
package/dist/agent/rewind-manager.js +124 -0
package/dist/agent/rewind-manager.js.map +1 -0
package/dist/agent/teams/agent-team.d.ts +54 -0
package/dist/agent/teams/agent-team.js +114 -0
package/dist/agent/teams/agent-team.js.map +1 -0
package/dist/agent/teams/index.d.ts +1 -0
package/dist/agent/teams/index.js +2 -0
package/dist/agent/teams/index.js.map +1 -0
package/dist/agent/teams/team-v2.d.ts +166 -0
package/dist/agent/teams/team-v2.js +376 -0
package/dist/agent/teams/team-v2.js.map +1 -0
package/dist/channels/imessage/index.d.ts +40 -0
package/dist/channels/imessage/index.js +69 -0
package/dist/channels/imessage/index.js.map +1 -0
package/dist/channels/line/index.d.ts +36 -0
package/dist/channels/line/index.js +71 -0
package/dist/channels/line/index.js.map +1 -0
package/dist/channels/mattermost/index.d.ts +34 -0
package/dist/channels/mattermost/index.js +56 -0
package/dist/channels/mattermost/index.js.map +1 -0
package/dist/channels/nextcloud-talk/index.d.ts +37 -0
package/dist/channels/nextcloud-talk/index.js +67 -0
package/dist/channels/nextcloud-talk/index.js.map +1 -0
package/dist/channels/niche-channels.d.ts +61 -0
package/dist/channels/niche-channels.js +131 -0
package/dist/channels/niche-channels.js.map +1 -0
package/dist/channels/nostr/index.d.ts +30 -0
package/dist/channels/nostr/index.js +68 -0
package/dist/channels/nostr/index.js.map +1 -0
package/dist/channels/twilio-voice/index.d.ts +37 -0
package/dist/channels/twilio-voice/index.js +76 -0
package/dist/channels/twilio-voice/index.js.map +1 -0
package/dist/channels/whatsapp/index.js +0 -1
package/dist/channels/whatsapp/index.js.map +1 -1
package/dist/channels/zalo/index.d.ts +28 -0
package/dist/channels/zalo/index.js +53 -0
package/dist/channels/zalo/index.js.map +1 -0
package/dist/cloud/cloud-sessions.d.ts +56 -0
package/dist/cloud/cloud-sessions.js +187 -0
package/dist/cloud/cloud-sessions.js.map +1 -0
package/dist/codebuddy/tool-definitions/advanced-tools.d.ts +1 -0
package/dist/codebuddy/tool-definitions/advanced-tools.js +24 -0
package/dist/codebuddy/tool-definitions/advanced-tools.js.map +1 -1
package/dist/codebuddy/tool-definitions/index.d.ts +1 -1
package/dist/codebuddy/tool-definitions/index.js +1 -1
package/dist/codebuddy/tool-definitions/index.js.map +1 -1
package/dist/commands/handlers/auth-handler.d.ts +32 -0
package/dist/commands/handlers/auth-handler.js +137 -0
package/dist/commands/handlers/auth-handler.js.map +1 -0
package/dist/commands/handlers/context-handler.d.ts +46 -0
package/dist/commands/handlers/context-handler.js +102 -0
package/dist/commands/handlers/context-handler.js.map +1 -0
package/dist/commands/handlers/keybindings-handler.d.ts +30 -0
package/dist/commands/handlers/keybindings-handler.js +124 -0
package/dist/commands/handlers/keybindings-handler.js.map +1 -0
package/dist/commands/handlers/session-commands.d.ts +17 -0
package/dist/commands/handlers/session-commands.js +119 -0
package/dist/commands/handlers/session-commands.js.map +1 -0
package/dist/commands/slash/builtin-commands.js +1 -1
package/dist/commands/slash/builtin-commands.js.map +1 -1
package/dist/config/admin-config.d.ts +54 -0
package/dist/config/admin-config.js +144 -0
package/dist/config/admin-config.js.map +1 -0
package/dist/config/advanced-config.d.ts +118 -0
package/dist/config/advanced-config.js +364 -0
package/dist/config/advanced-config.js.map +1 -0
package/dist/config/managed-policies.d.ts +50 -0
package/dist/config/managed-policies.js +120 -0
package/dist/config/managed-policies.js.map +1 -0
package/dist/config/settings-hierarchy.d.ts +59 -0
package/dist/config/settings-hierarchy.js +188 -0
package/dist/config/settings-hierarchy.js.map +1 -0
package/dist/config/tool-profiles.d.ts +37 -0
package/dist/config/tool-profiles.js +150 -0
package/dist/config/tool-profiles.js.map +1 -0
package/dist/config/user-settings.d.ts +31 -0
package/dist/config/user-settings.js +66 -0
package/dist/config/user-settings.js.map +1 -0
package/dist/context/context-files.d.ts +1 -1
package/dist/context/context-files.js +2 -2
package/dist/context/context-files.js.map +1 -1
package/dist/context/partial-summarizer.d.ts +32 -0
package/dist/context/partial-summarizer.js +144 -0
package/dist/context/partial-summarizer.js.map +1 -0
package/dist/desktop/desktop-app.d.ts +44 -0
package/dist/desktop/desktop-app.js +136 -0
package/dist/desktop/desktop-app.js.map +1 -0
package/dist/git/worktree-sessions.d.ts +24 -0
package/dist/git/worktree-sessions.js +93 -0
package/dist/git/worktree-sessions.js.map +1 -0
package/dist/hooks/advanced-hooks.d.ts +110 -0
package/dist/hooks/advanced-hooks.js +256 -0
package/dist/hooks/advanced-hooks.js.map +1 -0
package/dist/hooks/async-hooks.d.ts +73 -0
package/dist/hooks/async-hooks.js +213 -0
package/dist/hooks/async-hooks.js.map +1 -0
package/dist/hooks/env-persistence.d.ts +58 -0
package/dist/hooks/env-persistence.js +195 -0
package/dist/hooks/env-persistence.js.map +1 -0
package/dist/hooks/hook-events.d.ts +36 -0
package/dist/hooks/hook-events.js +55 -0
package/dist/hooks/hook-events.js.map +1 -0
package/dist/hooks/smart-hooks.d.ts +85 -0
package/dist/hooks/smart-hooks.js +199 -0
package/dist/hooks/smart-hooks.js.map +1 -0
package/dist/ide/jetbrains-plugin.d.ts +55 -0
package/dist/ide/jetbrains-plugin.js +156 -0
package/dist/ide/jetbrains-plugin.js.map +1 -0
package/dist/ide/vscode-extension.d.ts +94 -0
package/dist/ide/vscode-extension.js +229 -0
package/dist/ide/vscode-extension.js.map +1 -0
package/dist/index.js +77 -3
package/dist/index.js.map +1 -1
package/dist/input/file-autocomplete.d.ts +42 -0
package/dist/input/file-autocomplete.js +154 -0
package/dist/input/file-autocomplete.js.map +1 -0
package/dist/integrations/chrome-bridge.d.ts +90 -0
package/dist/integrations/chrome-bridge.js +151 -0
package/dist/integrations/chrome-bridge.js.map +1 -0
package/dist/integrations/github-action-runner.d.ts +40 -0
package/dist/integrations/github-action-runner.js +163 -0
package/dist/integrations/github-action-runner.js.map +1 -0
package/dist/integrations/gitlab-ci-runner.d.ts +34 -0
package/dist/integrations/gitlab-ci-runner.js +104 -0
package/dist/integrations/gitlab-ci-runner.js.map +1 -0
package/dist/integrations/pr-session-linker.d.ts +44 -0
package/dist/integrations/pr-session-linker.js +103 -0
package/dist/integrations/pr-session-linker.js.map +1 -0
package/dist/integrations/tailscale.d.ts +36 -0
package/dist/integrations/tailscale.js +101 -0
package/dist/integrations/tailscale.js.map +1 -0
package/dist/lsp/lsp-client.d.ts +68 -0
package/dist/lsp/lsp-client.js +182 -0
package/dist/lsp/lsp-client.js.map +1 -0
package/dist/mcp/connectors.d.ts +28 -0
package/dist/mcp/connectors.js +148 -0
package/dist/mcp/connectors.js.map +1 -0
package/dist/mcp/index.d.ts +7 -4
package/dist/mcp/index.js +7 -4
package/dist/mcp/index.js.map +1 -1
package/dist/mcp/mcp-auto-discovery.d.ts +49 -0
package/dist/mcp/mcp-auto-discovery.js +104 -0
package/dist/mcp/mcp-auto-discovery.js.map +1 -0
package/dist/mcp/mcp-server.d.ts +70 -0
package/dist/mcp/mcp-server.js +374 -0
package/dist/mcp/mcp-server.js.map +1 -0
package/dist/memory/auto-memory.d.ts +53 -0
package/dist/memory/auto-memory.js +250 -0
package/dist/memory/auto-memory.js.map +1 -0
package/dist/memory/hybrid-search.d.ts +51 -0
package/dist/memory/hybrid-search.js +199 -0
package/dist/memory/hybrid-search.js.map +1 -0
package/dist/memory/memory-flush.d.ts +51 -0
package/dist/memory/memory-flush.js +102 -0
package/dist/memory/memory-flush.js.map +1 -0
package/dist/memory/subagent-memory.d.ts +73 -0
package/dist/memory/subagent-memory.js +172 -0
package/dist/memory/subagent-memory.js.map +1 -0
package/dist/nodes/device-node.d.ts +40 -0
package/dist/nodes/device-node.js +117 -0
package/dist/nodes/device-node.js.map +1 -0
package/dist/output/json-schema-output.d.ts +67 -0
package/dist/output/json-schema-output.js +273 -0
package/dist/output/json-schema-output.js.map +1 -0
package/dist/persistence/session-picker.d.ts +22 -0
package/dist/persistence/session-picker.js +47 -0
package/dist/persistence/session-picker.js.map +1 -0
package/dist/persistence/session-store.d.ts +11 -0
package/dist/persistence/session-store.js +17 -0
package/dist/persistence/session-store.js.map +1 -1
package/dist/plugins/git-pinned-marketplace.d.ts +39 -0
package/dist/plugins/git-pinned-marketplace.js +152 -0
package/dist/plugins/git-pinned-marketplace.js.map +1 -0
package/dist/plugins/plugin-manifest.d.ts +116 -0
package/dist/plugins/plugin-manifest.js +283 -0
package/dist/plugins/plugin-manifest.js.map +1 -0
package/dist/sandbox/os-sandbox.d.ts +49 -1
package/dist/sandbox/os-sandbox.js +347 -6
package/dist/sandbox/os-sandbox.js.map +1 -1
package/dist/sdk/agent-sdk.d.ts +61 -0
package/dist/sdk/agent-sdk.js +90 -0
package/dist/sdk/agent-sdk.js.map +1 -0
package/dist/security/permission-modes.d.ts +76 -0
package/dist/security/permission-modes.js +195 -0
package/dist/security/permission-modes.js.map +1 -0
package/dist/security/permission-patterns.d.ts +61 -0
package/dist/security/permission-patterns.js +171 -0
package/dist/security/permission-patterns.js.map +1 -0
package/dist/security/safe-binaries.d.ts +23 -0
package/dist/security/safe-binaries.js +96 -0
package/dist/security/safe-binaries.js.map +1 -0
package/dist/security/sender-policies.d.ts +46 -0
package/dist/security/sender-policies.js +90 -0
package/dist/security/sender-policies.js.map +1 -0
package/dist/server/dashboard.d.ts +53 -0
package/dist/server/dashboard.js +93 -0
package/dist/server/dashboard.js.map +1 -0
package/dist/services/system-prompt-override.d.ts +34 -0
package/dist/services/system-prompt-override.js +64 -0
package/dist/services/system-prompt-override.js.map +1 -0
package/dist/skills/skill-enhancements.d.ts +37 -0
package/dist/skills/skill-enhancements.js +69 -0
package/dist/skills/skill-enhancements.js.map +1 -0
package/dist/telemetry/otel-tracer.d.ts +98 -0
package/dist/telemetry/otel-tracer.js +245 -0
package/dist/telemetry/otel-tracer.js.map +1 -0
package/dist/tools/browser-stub.d.ts +61 -0
package/dist/tools/browser-stub.js +184 -0
package/dist/tools/browser-stub.js.map +1 -0
package/dist/tools/gateway-tool.d.ts +43 -0
package/dist/tools/gateway-tool.js +92 -0
package/dist/tools/gateway-tool.js.map +1 -0
package/dist/tools/image-stub.d.ts +32 -0
package/dist/tools/image-stub.js +97 -0
package/dist/tools/image-stub.js.map +1 -0
package/dist/tools/js-repl.d.ts +78 -0
package/dist/tools/js-repl.js +280 -0
package/dist/tools/js-repl.js.map +1 -0
package/dist/tools/message-tool.d.ts +42 -0
package/dist/tools/message-tool.js +113 -0
package/dist/tools/message-tool.js.map +1 -0
package/dist/ui/cli-enhancements.d.ts +178 -0
package/dist/ui/cli-enhancements.js +430 -0
package/dist/ui/cli-enhancements.js.map +1 -0
package/dist/ui/status-line.d.ts +90 -0
package/dist/ui/status-line.js +160 -0
package/dist/ui/status-line.js.map +1 -0
package/dist/ui/terminal-enhancements.d.ts +34 -0
package/dist/ui/terminal-enhancements.js +97 -0
package/dist/ui/terminal-enhancements.js.map +1 -0
package/dist/ui/ui-enhancements.d.ts +38 -0
package/dist/ui/ui-enhancements.js +116 -0
package/dist/ui/ui-enhancements.js.map +1 -0
package/dist/utils/custom-instructions.js +4 -1
package/dist/utils/custom-instructions.js.map +1 -1
package/dist/utils/init-project.d.ts +1 -1
package/dist/utils/init-project.js +20 -20
package/dist/utils/init-project.js.map +1 -1
package/dist/utils/output-schema-validator.d.ts +40 -0
package/dist/utils/output-schema-validator.js +137 -0
package/dist/utils/output-schema-validator.js.map +1 -0
package/dist/utils/safety-misc.d.ts +24 -0
package/dist/utils/safety-misc.js +91 -0
package/dist/utils/safety-misc.js.map +1 -0
package/dist/utils/session-enhancements.d.ts +40 -0
package/dist/utils/session-enhancements.js +118 -0
package/dist/utils/session-enhancements.js.map +1 -0
package/dist/utils/shell-snapshot.d.ts +38 -0
package/dist/utils/shell-snapshot.js +323 -0
package/dist/utils/shell-snapshot.js.map +1 -0
package/dist/utils/stream-json-formatter.d.ts +77 -0
package/dist/utils/stream-json-formatter.js +61 -0
package/dist/utils/stream-json-formatter.js.map +1 -0
package/dist/workflows/lobster-engine.d.ts +43 -0
package/dist/workflows/lobster-engine.js +167 -0
package/dist/workflows/lobster-engine.js.map +1 -0
package/package.json +3 -6

package/dist/plugins/git-pinned-marketplace.js ADDED Viewed

@@ -0,0 +1,152 @@
+/**
+ * Git-Pinned Plugin Marketplace
+ *
+ * Manages plugins pinned to specific Git commit SHAs for reproducible
+ * and auditable plugin installations.
+ */
+import * as fs from 'fs';
+import * as path from 'path';
+import * as os from 'os';
+import { logger } from '../utils/logger.js';
+// ============================================================================
+// GitPinnedMarketplace
+// ============================================================================
+let instance = null;
+export class GitPinnedMarketplace {
+    plugins = new Map();
+    configPath;
+    constructor(configDir) {
+        const dir = configDir || path.join(os.homedir(), '.codebuddy', 'plugins', 'git-pinned');
+        this.configPath = path.join(dir, 'plugins.json');
+        this.loadFromDisk();
+    }
+    static getInstance(configDir) {
+        if (!instance) {
+            instance = new GitPinnedMarketplace(configDir);
+        }
+        return instance;
+    }
+    static resetInstance() {
+        instance = null;
+    }
+    loadFromDisk() {
+        try {
+            if (fs.existsSync(this.configPath)) {
+                const data = JSON.parse(fs.readFileSync(this.configPath, 'utf-8'));
+                if (Array.isArray(data)) {
+                    for (const plugin of data) {
+                        this.plugins.set(plugin.name, plugin);
+                    }
+                }
+            }
+        }
+        catch (err) {
+            logger.warn('Failed to load git-pinned plugins', { error: err });
+        }
+    }
+    saveToDisk() {
+        try {
+            const dir = path.dirname(this.configPath);
+            if (!fs.existsSync(dir)) {
+                fs.mkdirSync(dir, { recursive: true });
+            }
+            fs.writeFileSync(this.configPath, JSON.stringify(Array.from(this.plugins.values()), null, 2));
+        }
+        catch (err) {
+            logger.warn('Failed to save git-pinned plugins', { error: err });
+        }
+    }
+    /**
+     * Parse repo spec like "org/repo" or "org/repo@sha"
+     */
+    parseRepoSpec(repoSpec) {
+        const atIndex = repoSpec.indexOf('@');
+        let repoPath;
+        let sha;
+        if (atIndex !== -1) {
+            repoPath = repoSpec.substring(0, atIndex);
+            sha = repoSpec.substring(atIndex + 1);
+        }
+        else {
+            repoPath = repoSpec;
+        }
+        const parts = repoPath.split('/');
+        if (parts.length !== 2 || !parts[0] || !parts[1]) {
+            throw new Error(`Invalid repo spec: ${repoSpec}. Expected format: org/repo or org/repo@sha`);
+        }
+        return { org: parts[0], repo: parts[1], sha };
+    }
+    install(repoSpec) {
+        const { org, repo, sha } = this.parseRepoSpec(repoSpec);
+        const name = `${org}/${repo}`;
+        const commitSha = sha || 'HEAD';
+        const plugin = {
+            name,
+            repo: `https://github.com/${name}`,
+            commitSha,
+            installedAt: Date.now(),
+            verified: false,
+            commands: [],
+            hooks: [],
+            mcpServers: [],
+        };
+        this.plugins.set(name, plugin);
+        this.saveToDisk();
+        logger.info(`Installed git-pinned plugin: ${name}@${commitSha}`);
+        return plugin;
+    }
+    uninstall(name) {
+        const existed = this.plugins.delete(name);
+        if (existed) {
+            this.saveToDisk();
+            logger.info(`Uninstalled git-pinned plugin: ${name}`);
+        }
+        return existed;
+    }
+    list() {
+        return Array.from(this.plugins.values());
+    }
+    verify(name) {
+        const plugin = this.plugins.get(name);
+        if (!plugin) {
+            return false;
+        }
+        // In a real implementation, we would check the remote SHA
+        // For now, mark as verified if SHA is not HEAD
+        const isVerified = plugin.commitSha !== 'HEAD';
+        plugin.verified = isVerified;
+        this.saveToDisk();
+        return isVerified;
+    }
+    update(name) {
+        const plugin = this.plugins.get(name);
+        if (!plugin) {
+            return null;
+        }
+        // Simulate updating to a new SHA
+        plugin.commitSha = `updated-${Date.now().toString(16)}`;
+        plugin.verified = false;
+        plugin.installedAt = Date.now();
+        this.saveToDisk();
+        logger.info(`Updated git-pinned plugin: ${name}`);
+        return plugin;
+    }
+    getPlugin(name) {
+        return this.plugins.get(name);
+    }
+    getTrustWarning(repo) {
+        return `WARNING: Plugin from '${repo}' is not verified. ` +
+            'Unverified plugins may contain malicious code. ' +
+            'Review the source code and pin to a specific commit SHA before using.';
+    }
+    isInstalled(name) {
+        return this.plugins.has(name);
+    }
+}
+export function getGitPinnedMarketplace(configDir) {
+    return GitPinnedMarketplace.getInstance(configDir);
+}
+export function resetGitPinnedMarketplace() {
+    GitPinnedMarketplace.resetInstance();
+}
+//# sourceMappingURL=git-pinned-marketplace.js.map

package/dist/plugins/git-pinned-marketplace.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"git-pinned-marketplace.js","sourceRoot":"","sources":["../../src/plugins/git-pinned-marketplace.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAiB5C,+EAA+E;AAC/E,uBAAuB;AACvB,+EAA+E;AAE/E,IAAI,QAAQ,GAAgC,IAAI,CAAC;AAEjD,MAAM,OAAO,oBAAoB;IACvB,OAAO,GAAiC,IAAI,GAAG,EAAE,CAAC;IAClD,UAAU,CAAS;IAE3B,YAAY,SAAkB;QAC5B,MAAM,GAAG,GAAG,SAAS,IAAI,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,YAAY,EAAE,SAAS,EAAE,YAAY,CAAC,CAAC;QACxF,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;QACjD,IAAI,CAAC,YAAY,EAAE,CAAC;IACtB,CAAC;IAED,MAAM,CAAC,WAAW,CAAC,SAAkB;QACnC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,QAAQ,GAAG,IAAI,oBAAoB,CAAC,SAAS,CAAC,CAAC;QACjD,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,CAAC,aAAa;QAClB,QAAQ,GAAG,IAAI,CAAC;IAClB,CAAC;IAEO,YAAY;QAClB,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;gBACnC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;gBACnE,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;oBACxB,KAAK,MAAM,MAAM,IAAI,IAAI,EAAE,CAAC;wBAC1B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;oBACxC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,mCAAmC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAEO,UAAU;QAChB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC1C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACzC,CAAC;YACD,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAChG,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,mCAAmC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,QAAgB;QACpC,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACtC,IAAI,QAAgB,CAAC;QACrB,IAAI,GAAuB,CAAC;QAE5B,IAAI,OAAO,KAAK,CAAC,CAAC,EAAE,CAAC;YACnB,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;YAC1C,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC;QACxC,CAAC;aAAM,CAAC;YACN,QAAQ,GAAG,QAAQ,CAAC;QACtB,CAAC;QAED,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAClC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;YACjD,MAAM,IAAI,KAAK,CAAC,sBAAsB,QAAQ,6CAA6C,CAAC,CAAC;QAC/F,CAAC;QAED,OAAO,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC;IAChD,CAAC;IAED,OAAO,CAAC,QAAgB;QACtB,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;QACxD,MAAM,IAAI,GAAG,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QAC9B,MAAM,SAAS,GAAG,GAAG,IAAI,MAAM,CAAC;QAEhC,MAAM,MAAM,GAAoB;YAC9B,IAAI;YACJ,IAAI,EAAE,sBAAsB,IAAI,EAAE;YAClC,SAAS;YACT,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE;YACvB,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,EAAE;YACZ,KAAK,EAAE,EAAE;YACT,UAAU,EAAE,EAAE;SACf,CAAC;QAEF,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC/B,IAAI,CAAC,UAAU,EAAE,CAAC;QAClB,MAAM,CAAC,IAAI,CAAC,gCAAgC,IAAI,IAAI,SAAS,EAAE,CAAC,CAAC;QACjE,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,SAAS,CAAC,IAAY;QACpB,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC1C,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC,UAAU,EAAE,CAAC;YAClB,MAAM,CAAC,IAAI,CAAC,kCAAkC,IAAI,EAAE,CAAC,CAAC;QACxD,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,IAAI;QACF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAC3C,CAAC;IAED,MAAM,CAAC,IAAY;QACjB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACtC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,KAAK,CAAC;QACf,CAAC;QACD,0DAA0D;QAC1D,+CAA+C;QAC/C,MAAM,UAAU,GAAG,MAAM,CAAC,SAAS,KAAK,MAAM,CAAC;QAC/C,MAAM,CAAC,QAAQ,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,UAAU,EAAE,CAAC;QAClB,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,MAAM,CAAC,IAAY;QACjB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACtC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,IAAI,CAAC;QACd,CAAC;QACD,iCAAiC;QACjC,MAAM,CAAC,SAAS,GAAG,WAAW,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;QACxD,MAAM,CAAC,QAAQ,GAAG,KAAK,CAAC;QACxB,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAChC,IAAI,CAAC,UAAU,EAAE,CAAC;QAClB,MAAM,CAAC,IAAI,CAAC,8BAA8B,IAAI,EAAE,CAAC,CAAC;QAClD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,SAAS,CAAC,IAAY;QACpB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAChC,CAAC;IAED,eAAe,CAAC,IAAY;QAC1B,OAAO,yBAAyB,IAAI,qBAAqB;YACvD,iDAAiD;YACjD,uEAAuE,CAAC;IAC5E,CAAC;IAED,WAAW,CAAC,IAAY;QACtB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAChC,CAAC;CACF;AAED,MAAM,UAAU,uBAAuB,CAAC,SAAkB;IACxD,OAAO,oBAAoB,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;AACrD,CAAC;AAED,MAAM,UAAU,yBAAyB;IACvC,oBAAoB,CAAC,aAAa,EAAE,CAAC;AACvC,CAAC"}

package/dist/plugins/plugin-manifest.d.ts ADDED Viewed

@@ -0,0 +1,116 @@
+/**
+ * Plugin Manifest System
+ *
+ * Extended manifest format with components, marketplace sources,
+ * namespaced skill resolution, and marketplace restrictions.
+ */
+export type PluginSourceType = 'github' | 'git' | 'url' | 'npm' | 'file' | 'directory' | 'host-pattern';
+export interface PluginManifest {
+    name: string;
+    version: string;
+    author?: string;
+    license?: string;
+    description?: string;
+    schema?: number;
+    components: {
+        skills?: string[];
+        agents?: string[];
+        hooks?: string;
+        mcpServers?: string[];
+        lspServers?: string[];
+    };
+    dependencies?: Record<string, string>;
+    marketplace?: {
+        source: PluginSourceType;
+        url?: string;
+        registry?: string;
+    };
+}
+export interface InstalledPlugin {
+    manifest: PluginManifest;
+    path: string;
+    enabled: boolean;
+    installedAt: number;
+    namespace: string;
+}
+export declare class PluginManifestManager {
+    private plugins;
+    private pluginDirs;
+    private strictKnownMarketplaces;
+    private extraKnownMarketplaces;
+    constructor(pluginDirs?: string[]);
+    /**
+     * Load plugin from manifest at a given path
+     */
+    loadPlugin(pluginPath: string): InstalledPlugin;
+    /**
+     * Read manifest from plugin path (stub - returns parsed JSON-like object)
+     */
+    private readManifest;
+    /**
+     * Load a plugin directly from a manifest object (for programmatic use)
+     */
+    loadPluginDirect(manifest: PluginManifest, pluginPath: string): InstalledPlugin;
+    /**
+     * Validate a plugin manifest
+     */
+    validateManifest(manifest: PluginManifest): {
+        valid: boolean;
+        errors: string[];
+    };
+    /**
+     * Install from various sources (stub implementation)
+     */
+    installFromSource(source: PluginSourceType, location: string): Promise<InstalledPlugin>;
+    /**
+     * Extract a plugin name from source type and location
+     */
+    private extractPluginName;
+    /**
+     * Resolve namespaced skill: "plugin-name:skill-name"
+     */
+    resolveSkill(namespacedName: string): {
+        pluginName: string;
+        skillName: string;
+    } | null;
+    /**
+     * List all plugins
+     */
+    listPlugins(): InstalledPlugin[];
+    /**
+     * Get a specific plugin by name
+     */
+    getPlugin(name: string): InstalledPlugin | null;
+    /**
+     * Enable a plugin
+     */
+    enablePlugin(name: string): boolean;
+    /**
+     * Disable a plugin
+     */
+    disablePlugin(name: string): boolean;
+    /**
+     * Uninstall a plugin
+     */
+    uninstallPlugin(name: string): boolean;
+    /**
+     * Check if a marketplace URL is allowed
+     */
+    isMarketplaceAllowed(url: string): boolean;
+    /**
+     * Set strict marketplace mode
+     */
+    setStrictMarketplaces(strict: boolean): void;
+    /**
+     * Add a known marketplace URL
+     */
+    addKnownMarketplace(url: string): void;
+    /**
+     * Get total plugin count
+     */
+    getPluginCount(): number;
+    /**
+     * Get enabled plugin count
+     */
+    getEnabledCount(): number;
+}

package/dist/plugins/plugin-manifest.js ADDED Viewed

@@ -0,0 +1,283 @@
+/**
+ * Plugin Manifest System
+ *
+ * Extended manifest format with components, marketplace sources,
+ * namespaced skill resolution, and marketplace restrictions.
+ */
+import { logger } from '../utils/logger.js';
+// ============================================================================
+// Known Marketplaces
+// ============================================================================
+const DEFAULT_KNOWN_MARKETPLACES = [
+    'https://marketplace.codebuddy.dev',
+    'https://registry.npmjs.org',
+    'https://github.com',
+];
+// ============================================================================
+// Plugin Manifest Manager
+// ============================================================================
+export class PluginManifestManager {
+    plugins = new Map();
+    pluginDirs;
+    strictKnownMarketplaces = false;
+    extraKnownMarketplaces = [];
+    constructor(pluginDirs) {
+        this.pluginDirs = pluginDirs || [];
+    }
+    /**
+     * Load plugin from manifest at a given path
+     */
+    loadPlugin(pluginPath) {
+        const manifest = this.readManifest(pluginPath);
+        const validation = this.validateManifest(manifest);
+        if (!validation.valid) {
+            throw new Error(`Invalid manifest at ${pluginPath}: ${validation.errors.join(', ')}`);
+        }
+        const installed = {
+            manifest,
+            path: pluginPath,
+            enabled: true,
+            installedAt: Date.now(),
+            namespace: manifest.name,
+        };
+        this.plugins.set(manifest.name, installed);
+        logger.info(`Loaded plugin: ${manifest.name}@${manifest.version}`);
+        return installed;
+    }
+    /**
+     * Read manifest from plugin path (stub - returns parsed JSON-like object)
+     */
+    readManifest(pluginPath) {
+        // In real implementation this would read from disk
+        // For now we expect the pluginPath to be a manifest object serialized
+        throw new Error(`Cannot read manifest from ${pluginPath} - use installFromSource or loadPluginDirect`);
+    }
+    /**
+     * Load a plugin directly from a manifest object (for programmatic use)
+     */
+    loadPluginDirect(manifest, pluginPath) {
+        const validation = this.validateManifest(manifest);
+        if (!validation.valid) {
+            throw new Error(`Invalid manifest: ${validation.errors.join(', ')}`);
+        }
+        const installed = {
+            manifest,
+            path: pluginPath,
+            enabled: true,
+            installedAt: Date.now(),
+            namespace: manifest.name,
+        };
+        this.plugins.set(manifest.name, installed);
+        logger.info(`Loaded plugin: ${manifest.name}@${manifest.version}`);
+        return installed;
+    }
+    /**
+     * Validate a plugin manifest
+     */
+    validateManifest(manifest) {
+        const errors = [];
+        if (!manifest || typeof manifest !== 'object') {
+            return { valid: false, errors: ['Manifest must be a valid object'] };
+        }
+        // Required fields
+        if (!manifest.name || typeof manifest.name !== 'string') {
+            errors.push('Missing or invalid required field: name');
+        }
+        if (!manifest.version || typeof manifest.version !== 'string') {
+            errors.push('Missing or invalid required field: version');
+        }
+        // Version format
+        if (manifest.version && typeof manifest.version === 'string') {
+            if (!/^\d+\.\d+\.\d+(-[\w.]+)?$/.test(manifest.version)) {
+                errors.push('Version must be in semver format (e.g., 1.0.0)');
+            }
+        }
+        // Components must be an object
+        if (!manifest.components || typeof manifest.components !== 'object') {
+            errors.push('Missing or invalid required field: components');
+        }
+        else {
+            // Validate component arrays
+            const arrayFields = ['skills', 'agents', 'mcpServers', 'lspServers'];
+            for (const field of arrayFields) {
+                const val = manifest.components[field];
+                if (val !== undefined && !Array.isArray(val)) {
+                    errors.push(`components.${field} must be an array`);
+                }
+            }
+            if (manifest.components.hooks !== undefined && typeof manifest.components.hooks !== 'string') {
+                errors.push('components.hooks must be a string path');
+            }
+        }
+        // Schema version
+        if (manifest.schema !== undefined && typeof manifest.schema !== 'number') {
+            errors.push('schema must be a number');
+        }
+        // Dependencies
+        if (manifest.dependencies !== undefined) {
+            if (typeof manifest.dependencies !== 'object' || Array.isArray(manifest.dependencies)) {
+                errors.push('dependencies must be an object');
+            }
+        }
+        // Marketplace
+        if (manifest.marketplace !== undefined) {
+            if (typeof manifest.marketplace !== 'object') {
+                errors.push('marketplace must be an object');
+            }
+            else {
+                const validSources = ['github', 'git', 'url', 'npm', 'file', 'directory', 'host-pattern'];
+                if (!validSources.includes(manifest.marketplace.source)) {
+                    errors.push(`marketplace.source must be one of: ${validSources.join(', ')}`);
+                }
+            }
+        }
+        return { valid: errors.length === 0, errors };
+    }
+    /**
+     * Install from various sources (stub implementation)
+     */
+    async installFromSource(source, location) {
+        // Check marketplace restrictions
+        if (this.strictKnownMarketplaces && (source === 'url' || source === 'github' || source === 'git')) {
+            if (!this.isMarketplaceAllowed(location)) {
+                throw new Error(`Marketplace URL not allowed: ${location}`);
+            }
+        }
+        const pluginName = this.extractPluginName(source, location);
+        const manifest = {
+            name: pluginName,
+            version: '0.0.0',
+            components: {},
+            marketplace: { source, url: location },
+        };
+        const installed = {
+            manifest,
+            path: location,
+            enabled: true,
+            installedAt: Date.now(),
+            namespace: pluginName,
+        };
+        this.plugins.set(pluginName, installed);
+        logger.info(`Installed plugin from ${source}: ${pluginName}`);
+        return installed;
+    }
+    /**
+     * Extract a plugin name from source type and location
+     */
+    extractPluginName(source, location) {
+        switch (source) {
+            case 'github':
+                return location.replace(/^https?:\/\/github\.com\//, '').replace(/\.git$/, '');
+            case 'npm':
+                return location.replace(/^@/, '').replace(/\//, '-');
+            default:
+                // Use last path segment
+                const segments = location.split('/').filter(Boolean);
+                return segments[segments.length - 1] || location;
+        }
+    }
+    /**
+     * Resolve namespaced skill: "plugin-name:skill-name"
+     */
+    resolveSkill(namespacedName) {
+        const parts = namespacedName.split(':');
+        if (parts.length !== 2) {
+            return null;
+        }
+        const [pluginName, skillName] = parts;
+        if (!pluginName || !skillName) {
+            return null;
+        }
+        const plugin = this.plugins.get(pluginName);
+        if (!plugin || !plugin.enabled) {
+            return null;
+        }
+        return { pluginName, skillName };
+    }
+    /**
+     * List all plugins
+     */
+    listPlugins() {
+        return Array.from(this.plugins.values());
+    }
+    /**
+     * Get a specific plugin by name
+     */
+    getPlugin(name) {
+        return this.plugins.get(name) || null;
+    }
+    /**
+     * Enable a plugin
+     */
+    enablePlugin(name) {
+        const plugin = this.plugins.get(name);
+        if (!plugin)
+            return false;
+        plugin.enabled = true;
+        logger.info(`Enabled plugin: ${name}`);
+        return true;
+    }
+    /**
+     * Disable a plugin
+     */
+    disablePlugin(name) {
+        const plugin = this.plugins.get(name);
+        if (!plugin)
+            return false;
+        plugin.enabled = false;
+        logger.info(`Disabled plugin: ${name}`);
+        return true;
+    }
+    /**
+     * Uninstall a plugin
+     */
+    uninstallPlugin(name) {
+        const existed = this.plugins.delete(name);
+        if (existed) {
+            logger.info(`Uninstalled plugin: ${name}`);
+        }
+        return existed;
+    }
+    /**
+     * Check if a marketplace URL is allowed
+     */
+    isMarketplaceAllowed(url) {
+        const allKnown = [...DEFAULT_KNOWN_MARKETPLACES, ...this.extraKnownMarketplaces];
+        return allKnown.some(known => url.startsWith(known));
+    }
+    /**
+     * Set strict marketplace mode
+     */
+    setStrictMarketplaces(strict) {
+        this.strictKnownMarketplaces = strict;
+        logger.info(`Strict marketplaces: ${strict}`);
+    }
+    /**
+     * Add a known marketplace URL
+     */
+    addKnownMarketplace(url) {
+        if (!this.extraKnownMarketplaces.includes(url)) {
+            this.extraKnownMarketplaces.push(url);
+            logger.info(`Added known marketplace: ${url}`);
+        }
+    }
+    /**
+     * Get total plugin count
+     */
+    getPluginCount() {
+        return this.plugins.size;
+    }
+    /**
+     * Get enabled plugin count
+     */
+    getEnabledCount() {
+        let count = 0;
+        const plugins = Array.from(this.plugins.values());
+        for (const plugin of plugins) {
+            if (plugin.enabled)
+                count++;
+        }
+        return count;
+    }
+}
+//# sourceMappingURL=plugin-manifest.js.map

package/dist/plugins/plugin-manifest.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"plugin-manifest.js","sourceRoot":"","sources":["../../src/plugins/plugin-manifest.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAsC5C,+EAA+E;AAC/E,qBAAqB;AACrB,+EAA+E;AAE/E,MAAM,0BAA0B,GAAG;IACjC,mCAAmC;IACnC,4BAA4B;IAC5B,oBAAoB;CACrB,CAAC;AAEF,+EAA+E;AAC/E,0BAA0B;AAC1B,+EAA+E;AAE/E,MAAM,OAAO,qBAAqB;IACxB,OAAO,GAAiC,IAAI,GAAG,EAAE,CAAC;IAClD,UAAU,CAAW;IACrB,uBAAuB,GAAY,KAAK,CAAC;IACzC,sBAAsB,GAAa,EAAE,CAAC;IAE9C,YAAY,UAAqB;QAC/B,IAAI,CAAC,UAAU,GAAG,UAAU,IAAI,EAAE,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,UAAkB;QAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;QAC/C,MAAM,UAAU,GAAG,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAEnD,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,uBAAuB,UAAU,KAAK,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACxF,CAAC;QAED,MAAM,SAAS,GAAoB;YACjC,QAAQ;YACR,IAAI,EAAE,UAAU;YAChB,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE;YACvB,SAAS,EAAE,QAAQ,CAAC,IAAI;SACzB,CAAC;QAEF,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC,kBAAkB,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC;QACnE,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACK,YAAY,CAAC,UAAkB;QACrC,mDAAmD;QACnD,sEAAsE;QACtE,MAAM,IAAI,KAAK,CAAC,6BAA6B,UAAU,8CAA8C,CAAC,CAAC;IACzG,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,QAAwB,EAAE,UAAkB;QAC3D,MAAM,UAAU,GAAG,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QACnD,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,qBAAqB,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACvE,CAAC;QAED,MAAM,SAAS,GAAoB;YACjC,QAAQ;YACR,IAAI,EAAE,UAAU;YAChB,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE;YACvB,SAAS,EAAE,QAAQ,CAAC,IAAI;SACzB,CAAC;QAEF,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC,kBAAkB,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC;QACnE,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,QAAwB;QACvC,MAAM,MAAM,GAAa,EAAE,CAAC;QAE5B,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC9C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,iCAAiC,CAAC,EAAE,CAAC;QACvE,CAAC;QAED,kBAAkB;QAClB,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,OAAO,QAAQ,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YACxD,MAAM,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;QACzD,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,OAAO,IAAI,OAAO,QAAQ,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;YAC9D,MAAM,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC5D,CAAC;QAED,iBAAiB;QACjB,IAAI,QAAQ,CAAC,OAAO,IAAI,OAAO,QAAQ,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;YAC7D,IAAI,CAAC,2BAA2B,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBACxD,MAAM,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;YAChE,CAAC;QACH,CAAC;QAED,+BAA+B;QAC/B,IAAI,CAAC,QAAQ,CAAC,UAAU,IAAI,OAAO,QAAQ,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;YACpE,MAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;QAC/D,CAAC;aAAM,CAAC;YACN,4BAA4B;YAC5B,MAAM,WAAW,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,YAAY,CAAU,CAAC;YAC9E,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE,CAAC;gBAChC,MAAM,GAAG,GAAG,QAAQ,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;gBACvC,IAAI,GAAG,KAAK,SAAS,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC7C,MAAM,CAAC,IAAI,CAAC,cAAc,KAAK,mBAAmB,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;YACD,IAAI,QAAQ,CAAC,UAAU,CAAC,KAAK,KAAK,SAAS,IAAI,OAAO,QAAQ,CAAC,UAAU,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC7F,MAAM,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;YACxD,CAAC;QACH,CAAC;QAED,iBAAiB;QACjB,IAAI,QAAQ,CAAC,MAAM,KAAK,SAAS,IAAI,OAAO,QAAQ,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;YACzE,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QACzC,CAAC;QAED,eAAe;QACf,IAAI,QAAQ,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YACxC,IAAI,OAAO,QAAQ,CAAC,YAAY,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;gBACtF,MAAM,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;YAChD,CAAC;QACH,CAAC;QAED,cAAc;QACd,IAAI,QAAQ,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YACvC,IAAI,OAAO,QAAQ,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;gBAC7C,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;YAC/C,CAAC;iBAAM,CAAC;gBACN,MAAM,YAAY,GAAuB,CAAC,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC;gBAC9G,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC;oBACxD,MAAM,CAAC,IAAI,CAAC,sCAAsC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAC/E,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IAChD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB,CAAC,MAAwB,EAAE,QAAgB;QAChE,iCAAiC;QACjC,IAAI,IAAI,CAAC,uBAAuB,IAAI,CAAC,MAAM,KAAK,KAAK,IAAI,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,KAAK,CAAC,EAAE,CAAC;YAClG,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACzC,MAAM,IAAI,KAAK,CAAC,gCAAgC,QAAQ,EAAE,CAAC,CAAC;YAC9D,CAAC;QACH,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAC5D,MAAM,QAAQ,GAAmB;YAC/B,IAAI,EAAE,UAAU;YAChB,OAAO,EAAE,OAAO;YAChB,UAAU,EAAE,EAAE;YACd,WAAW,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE;SACvC,CAAC;QAEF,MAAM,SAAS,GAAoB;YACjC,QAAQ;YACR,IAAI,EAAE,QAAQ;YACd,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE;YACvB,SAAS,EAAE,UAAU;SACtB,CAAC;QAEF,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;QACxC,MAAM,CAAC,IAAI,CAAC,yBAAyB,MAAM,KAAK,UAAU,EAAE,CAAC,CAAC;QAC9D,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,MAAwB,EAAE,QAAgB;QAClE,QAAQ,MAAM,EAAE,CAAC;YACf,KAAK,QAAQ;gBACX,OAAO,QAAQ,CAAC,OAAO,CAAC,2BAA2B,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YACjF,KAAK,KAAK;gBACR,OAAO,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;YACvD;gBACE,wBAAwB;gBACxB,MAAM,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;gBACrD,OAAO,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,QAAQ,CAAC;QACrD,CAAC;IACH,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,cAAsB;QACjC,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACxC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,CAAC,UAAU,EAAE,SAAS,CAAC,GAAG,KAAK,CAAC;QACtC,IAAI,CAAC,UAAU,IAAI,CAAC,SAAS,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAC5C,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YAC/B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC;IACnC,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAC3C,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,IAAY;QACpB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC;IACxC,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,IAAY;QACvB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACtC,IAAI,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QAC1B,MAAM,CAAC,OAAO,GAAG,IAAI,CAAC;QACtB,MAAM,CAAC,IAAI,CAAC,mBAAmB,IAAI,EAAE,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,IAAY;QACxB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACtC,IAAI,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QAC1B,MAAM,CAAC,OAAO,GAAG,KAAK,CAAC;QACvB,MAAM,CAAC,IAAI,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC;QACxC,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,IAAY;QAC1B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC1C,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,CAAC,IAAI,CAAC,uBAAuB,IAAI,EAAE,CAAC,CAAC;QAC7C,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,oBAAoB,CAAC,GAAW;QAC9B,MAAM,QAAQ,GAAG,CAAC,GAAG,0BAA0B,EAAE,GAAG,IAAI,CAAC,sBAAsB,CAAC,CAAC;QACjF,OAAO,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;IACvD,CAAC;IAED;;OAEG;IACH,qBAAqB,CAAC,MAAe;QACnC,IAAI,CAAC,uBAAuB,GAAG,MAAM,CAAC;QACtC,MAAM,CAAC,IAAI,CAAC,wBAAwB,MAAM,EAAE,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,GAAW;QAC7B,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/C,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACtC,MAAM,CAAC,IAAI,CAAC,4BAA4B,GAAG,EAAE,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,eAAe;QACb,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;QAClD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,IAAI,MAAM,CAAC,OAAO;gBAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;CACF"}

package/dist/sandbox/os-sandbox.d.ts CHANGED Viewed

@@ -2,6 +2,7 @@
  * OS-Level Sandbox
  *
  * Native sandboxing using OS-level isolation:
+ * - Linux: Landlock + seccomp (bwrap with seccomp BPF filters, strongest)
  * - Linux: bubblewrap (bwrap)
  * - macOS: sandbox-exec (seatbelt)
  * - Windows: Not yet supported (falls back to Docker)
@@ -9,7 +10,7 @@
  * Inspired by Codex CLI's execpolicy and sandbox implementation.
  */
 import { EventEmitter } from 'events';
-export type SandboxBackend = 'bubblewrap' | 'seatbelt' | 'docker' | 'none';
+export type SandboxBackend = 'landlock' | 'bubblewrap' | 'seatbelt' | 'docker' | 'none';
 export interface OSSandboxConfig {
     /** Sandbox backend to use (auto-detected if not specified) */
     backend?: SandboxBackend;
@@ -38,6 +39,12 @@ export interface OSSandboxConfig {
         /** Max file size in bytes */
         maxFileSize?: number;
     };
+    /** Domain allowlist when network is enabled */
+    allowedDomains: string[];
+    /** Commands that bypass the sandbox */
+    excludedCommands: string[];
+    /** Allow running unsandboxed as fallback (default: true) */
+    allowUnsandboxed: boolean;
 }
 export interface OSSandboxResult {
     exitCode: number;
@@ -49,11 +56,17 @@ export interface OSSandboxResult {
     sandboxed: boolean;
 }
 export interface SandboxCapabilities {
+    landlock: boolean;
     bubblewrap: boolean;
     seatbelt: boolean;
     docker: boolean;
     recommended: SandboxBackend;
 }
+export interface OSSandboxStats {
+    commandsRun: number;
+    commandsSandboxed: number;
+    commandsBypassed: number;
+}
 /**
  * Detect available sandbox backends
  */
@@ -62,10 +75,29 @@ export declare function detectCapabilities(): Promise<SandboxCapabilities>;
  * Clear cached capabilities
  */
 export declare function clearCapabilitiesCache(): void;
+/**
+ * Check if the Linux kernel supports Landlock LSM.
+ * Returns true if /proc/sys/kernel/unprivileged_landlock_restrict exists
+ * or kernel version >= 5.13.
+ */
+export declare function checkLandlockSupport(): boolean;
+/**
+ * Generate a seccomp BPF filter file that blocks dangerous syscalls.
+ *
+ * The filter is a minimal BPF program in binary format:
+ * - Load syscall number (BPF_LD | BPF_W | BPF_ABS, offset 0 for seccomp data)
+ * - For each blocked syscall: compare and jump to KILL if matched
+ * - Default action: ALLOW
+ *
+ * Format: each BPF instruction is 8 bytes (struct sock_filter):
+ *   uint16 code, uint8 jt, uint8 jf, uint32 k
+ */
+export declare function generateSeccompFilter(): Buffer;
 export declare class OSSandbox extends EventEmitter {
     private config;
     private backend;
     private initialized;
+    private stats;
     constructor(config?: Partial<OSSandboxConfig>);
     /**
      * Initialize sandbox and detect backend
@@ -95,6 +127,22 @@ export declare class OSSandbox extends EventEmitter {
      * Get current configuration
      */
     getConfig(): OSSandboxConfig;
+    /**
+     * Check if a domain should be allowed through the network filter
+     */
+    shouldAllowDomain(domain: string): boolean;
+    /**
+     * Check if a command should bypass the sandbox
+     */
+    isCommandExcluded(command: string): boolean;
+    /**
+     * Get execution statistics
+     */
+    getStats(): OSSandboxStats;
+    /**
+     * Execute a shell command with exclusion and stats tracking
+     */
+    execShellTracked(shellCommand: string): Promise<OSSandboxResult>;
 }
 export declare function getOSSandbox(config?: Partial<OSSandboxConfig>): OSSandbox;
 export declare function resetOSSandbox(): void;