@pixelzx/genesis 2026.6.28 → 2026.7.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +16 -0
- package/dist/.buildstamp +1 -1
- package/dist/abort-cutoff.runtime-Cfv6I4gf.js +20 -0
- package/dist/abort-cutoff.runtime.js +1 -1
- package/dist/abort-xF_zj8_u.js +201 -0
- package/dist/abort.runtime-JUukGuW3.js +2 -0
- package/dist/abort.runtime.js +1 -1
- package/dist/accounts-C0jW92It.js +104 -0
- package/dist/accounts-C2ZexWg6.js +107 -0
- package/dist/accounts-tEPx6Fnd.js +2 -0
- package/dist/acp-cli-De2oyz3e.js +2217 -0
- package/dist/acp-spawn-7VB8ie8I.js +1042 -0
- package/dist/acp-spawn-C6VfLE4o.js +2 -0
- package/dist/acp-stateful-target-driver-ctUymwnI.js +89 -0
- package/dist/action-agents-Dy45TQ9X.js +67 -0
- package/dist/action-focus-hzygEAz5.js +132 -0
- package/dist/action-help-D1h2Czko.js +7 -0
- package/dist/action-info-EDBi7fre.js +101 -0
- package/dist/action-kill-CBNgmCsz.js +33 -0
- package/dist/action-list-C6KC8Ulv.js +21 -0
- package/dist/action-log-C0R9AwnB.js +30 -0
- package/dist/action-send-DZw27QoS.js +39 -0
- package/dist/action-spawn-BXEOYBEH.js +47 -0
- package/dist/action-unfocus-DWFUpr-g.js +29 -0
- package/dist/actions.runtime-1HHNbwPa.js +5 -0
- package/dist/actions.runtime-GFSX3jST.js +18 -0
- package/dist/actions.runtime.js +1 -1
- package/dist/agent-CU42dfye.js +2 -0
- package/dist/agent-command-Baehh2jJ.js +874 -0
- package/dist/agent-harness-runtime-Bmln4mlS.js +144 -0
- package/dist/agent-runner-utils-xPwHxFwc.js +239 -0
- package/dist/agent-runner.runtime-BBx0eqAs.js +3443 -0
- package/dist/agent-runner.runtime.js +1 -1
- package/dist/agent-runtime-mKUGZmYk.js +18 -0
- package/dist/agents-C_kp6PcN.js +954 -0
- package/dist/agents-D7-4l9xG.js +5 -0
- package/dist/agents.command-shared-j4Ht1HMt.js +40 -0
- package/dist/aliases-BR-85AbT.js +96 -0
- package/dist/aliases-DH4MEghL.js +2 -0
- package/dist/api-7axT1c4t.js +4 -0
- package/dist/api-8dcgPyEO.js +139 -0
- package/dist/api-BWV-Ja5Y.js +48 -0
- package/dist/api-C6Dl-nsC.js +3 -0
- package/dist/api-CeoOTFsR.js +5 -0
- package/dist/apply-DFpc3-ic.js +508 -0
- package/dist/apply.runtime-BpuwcltB.js +166 -0
- package/dist/apply.runtime-CyFkfilC.js +2 -0
- package/dist/apply.runtime.js +1 -1
- package/dist/approval-gateway-resolver-B5iZVyl3.js +29 -0
- package/dist/approval-gateway-runtime-DJMhFL8_.js +2 -0
- package/dist/approval-handler-runtime-CvlNyTSd.js +439 -0
- package/dist/approval-native-runtime-DIP1UVwF.js +729 -0
- package/dist/attempt-execution.runtime-Dnj7Dunz.js +509 -0
- package/dist/attempt-execution.runtime.js +1 -1
- package/dist/attempt-execution.shared-CJLlmxzq.js +22 -0
- package/dist/attempt.prompt-helpers-yXlkhGj_.js +206 -0
- package/dist/attempt.tool-run-context-DplnP36r.js +933 -0
- package/dist/audit-CP153cHC.js +939 -0
- package/dist/audit-channel.collect.runtime.js +1 -1
- package/dist/audit-extra.async-B52PswlQ.js +971 -0
- package/dist/audit-tool-policy-CMwmd8Xs.js +3 -0
- package/dist/audit.deep.runtime-BC4XWNSr.js +2 -0
- package/dist/audit.deep.runtime.js +1 -1
- package/dist/audit.nondeep.runtime-Dvng3qfA.js +880 -0
- package/dist/audit.nondeep.runtime.js +1 -1
- package/dist/audit.runtime-BPEAdYYt.js +7 -0
- package/dist/audit.runtime.js +1 -1
- package/dist/auth-CGB_0fnH.js +550 -0
- package/dist/auth-DXk-SISv.js +56 -0
- package/dist/auth-_41Zyvnc.js +2 -0
- package/dist/auth-bH95QjyV.js +177 -0
- package/dist/auth-choice-Bn-ygZZg.js +3 -0
- package/dist/auth-choice-CmUhzrUA.js +85 -0
- package/dist/auth-order-Cnl7fD4m.js +2 -0
- package/dist/auth-order-DTEvHo9G.js +139 -0
- package/dist/bash-tools-E5RKIMX4.js +2853 -0
- package/dist/bash-tools-n2uf-L6x.js +3 -0
- package/dist/bash-tools.exec-runtime-BSErqAOv.js +823 -0
- package/dist/binding-routing-MxZZJi7B.js +85 -0
- package/dist/binding-targets-DOjf91v9.js +121 -0
- package/dist/bridge-server-C9sdVkxe.js +113 -0
- package/dist/browser-control-auth-Ds_CXo7-.js +2 -0
- package/dist/browser-node-runtime-CrrZhgmT.js +12 -0
- package/dist/browser-profiles-DSq_VuWU.js +2 -0
- package/dist/browser-runtime-D3bUe2ki.js +387 -0
- package/dist/browser-setup-tools-BzBeI9sr.js +13 -0
- package/dist/build-BQ7uMjfi.js +550 -0
- package/dist/build-info.json +3 -3
- package/dist/bundled/boot-md/handler.js +3 -3
- package/dist/bundled/session-memory/handler.js +1 -1
- package/dist/call-C5EHc2Ve.js +3 -0
- package/dist/call-DgFhP0IB.js +330 -0
- package/dist/call.runtime-CBWpY5ek.js +2 -0
- package/dist/call.runtime.js +1 -1
- package/dist/capability-cli-CF-5WxGW.js +1401 -0
- package/dist/catalog-provider-BefDFS32.js +40 -0
- package/dist/catchup-DEgTzUZf.js +300 -0
- package/dist/channel-B9Z1yOBL.js +1100 -0
- package/dist/channel-BQalh8q5.js +1320 -0
- package/dist/channel-B_D0qB8f.js +297 -0
- package/dist/channel-CveiiHEq.js +226 -0
- package/dist/channel-DPRWC_X5.js +1802 -0
- package/dist/channel-DTNwXKB7.js +350 -0
- package/dist/channel-DsWHOdeO.js +840 -0
- package/dist/channel-IYn5sG7l.js +453 -0
- package/dist/channel-MwEUOERy.js +1174 -0
- package/dist/channel-add-wizard-De4DNba-.js +125 -0
- package/dist/channel-add-wizard-v9JYw-20.js +2 -0
- package/dist/channel-core-C3RFVpjy.js +5 -0
- package/dist/channel-geAqqK_e.js +491 -0
- package/dist/channel-inbound-BRCAVWH1.js +31 -0
- package/dist/channel-plugin-resolution-BYpxL2mS.js +2 -0
- package/dist/channel-plugin-resolution-Jy5eA_cD.js +153 -0
- package/dist/channel-plugin-runtime-B7guFbbq.js +771 -0
- package/dist/channel-runtime-B2HmUto-.js +425 -0
- package/dist/channel-selection.runtime.js +1 -1
- package/dist/channel-setup-DmnWuvUU.js +1297 -0
- package/dist/channel-zfFLswBu.js +595 -0
- package/dist/channel.runtime-60XStiek.js +2364 -0
- package/dist/channel.runtime-BK8atBx7.js +430 -0
- package/dist/channel.runtime-CjfgGDJR.js +576 -0
- package/dist/channel.runtime-Cuc72hD3.js +89 -0
- package/dist/channel.runtime-D4i6q9PJ.js +4 -0
- package/dist/channel.runtime-mLdKu3mE.js +42398 -0
- package/dist/channel.runtime.js +1 -1
- package/dist/channel.setup-BxdBjfQG.js +10 -0
- package/dist/channel2.runtime-DhBM75gc.js +109 -0
- package/dist/channel2.runtime.js +1 -1
- package/dist/channels-YP0r9T7z.js +733 -0
- package/dist/channels-cli-BA8x-0ie.js +268 -0
- package/dist/chat-C-K_PnVS.js +2830 -0
- package/dist/clawbot-cli-CcTWZznd.js +9 -0
- package/dist/clawhub-Dg91MiOl.js +400 -0
- package/dist/cli/daemon-cli.js +3 -3
- package/dist/cli-B9pz-wec.js +2 -0
- package/dist/cli-BDqmMCNa.js +219 -0
- package/dist/cli-BnjgRW4w.js +154 -0
- package/dist/cli-C6O2LqdN.js +683 -0
- package/dist/cli-CFANcv9h.js +2 -0
- package/dist/cli-D9yBNX96.js +3726 -0
- package/dist/cli-e4V7ix51.js +2 -0
- package/dist/cli-oSszUBF4.js +72 -0
- package/dist/cli-runner-ziqCSXFY.js +286 -0
- package/dist/cli-runner.runtime-B-P8SxLi.js +4 -0
- package/dist/cli-runner.runtime-BmqwbMTX.js +3 -0
- package/dist/cli-runner.runtime.js +1 -1
- package/dist/cli-startup-metadata.json +2 -2
- package/dist/cli.runtime-4isBQRbc.js +1261 -0
- package/dist/cli.runtime.js +1 -1
- package/dist/client-CcimlPth.js +138 -0
- package/dist/client-DQsu_IXu.js +723 -0
- package/dist/command-auth-BWQO7kca.js +76 -0
- package/dist/command-config-resolution-ClTknI2S.js +2 -0
- package/dist/command-config-resolution-CrkcVij4.js +23 -0
- package/dist/command-config-resolution.runtime-D6B4s-Uv.js +2 -0
- package/dist/command-config-resolution.runtime.js +1 -1
- package/dist/command-execution-startup-CQcKEDhz.js +324 -0
- package/dist/command-registry-B_U-oRjT.js +4 -0
- package/dist/command-registry-CJ8y08cJ.js +9 -0
- package/dist/command-registry-core-CjYDA5Hb.js +106 -0
- package/dist/command-secret-gateway-BN5JN_4V.js +528 -0
- package/dist/command-status.runtime-BwGSaGwK.js +87 -0
- package/dist/command-status.runtime.js +1 -1
- package/dist/commands-acp-Di5EZJSo.js +77 -0
- package/dist/commands-compact.runtime-Dm1rBnbf.js +10 -0
- package/dist/commands-compact.runtime.js +1 -1
- package/dist/commands-core.runtime-DjL6pkWU.js +2 -0
- package/dist/commands-core.runtime.js +1 -1
- package/dist/commands-handlers.runtime-C8uzW3Za.js +4599 -0
- package/dist/commands-handlers.runtime.js +1 -1
- package/dist/commands-reset-hooks-7h-poKws.js +135 -0
- package/dist/commands-status-D_wsDlQe.js +16 -0
- package/dist/commands-status.runtime-BYT0Y8Xk.js +3 -0
- package/dist/commands-status.runtime.js +1 -1
- package/dist/commands-subagents-control.runtime-BozyiWar.js +3 -0
- package/dist/commands-subagents-control.runtime-DDCzt8Ub.js +2 -0
- package/dist/commands-subagents-control.runtime.js +1 -1
- package/dist/commands-system-prompt-ClkTGvNr.js +157 -0
- package/dist/commands-system-prompt-qRoqhQKL.js +2 -0
- package/dist/commands.runtime-DdZErCma.js +167 -0
- package/dist/commands.runtime.js +1 -1
- package/dist/compact-BCs9ORLb.js +1096 -0
- package/dist/compact.runtime-DvG7GWYV.js +12 -0
- package/dist/compact.runtime.js +1 -1
- package/dist/completion-cli-C4J7V5YR.js +328 -0
- package/dist/config-B0uPLzV0.js +252 -0
- package/dist/config-cli-Bt8euI41.js +1078 -0
- package/dist/config-guard-DUDovz1_.js +96 -0
- package/dist/config-runtime-BnYU3hOw.js +32 -0
- package/dist/configure-BIB6QKXD.js +2 -0
- package/dist/configure-DuXRvaw-.js +1252 -0
- package/dist/connect-options-DdLRs3mC.js +699 -0
- package/dist/control-auth-BboB6-Q9.js +125 -0
- package/dist/control-service-zISWiuJ_.js +156 -0
- package/dist/control-ui/assets/agents-JC5PtqrV.js +1125 -0
- package/dist/control-ui/assets/canvas-BOLwH2XE.js +274 -0
- package/dist/control-ui/assets/channel-config-extras-DndsWi2n.js +2 -0
- package/dist/control-ui/assets/channels-DehEkmqb.js +198 -0
- package/dist/control-ui/assets/contacts-CuFuG0IF.js +49 -0
- package/dist/control-ui/assets/cron-DOmGA0e5.js +250 -0
- package/dist/control-ui/assets/de-CJg8xmlK.js +2 -0
- package/dist/control-ui/assets/debug-BmuUKCSJ.js +94 -0
- package/dist/control-ui/assets/es-C4Q-2wY3.js +2 -0
- package/dist/control-ui/assets/fr-C8HMIYz8.js +2 -0
- package/dist/control-ui/assets/i18n-Cc8tlfvD.js +3 -0
- package/dist/control-ui/assets/id-Cfarvm3I.js +2 -0
- package/dist/control-ui/assets/index-rW3Q6M8T.js +5981 -0
- package/dist/control-ui/assets/instances-Cx7hEWzW.js +57 -0
- package/dist/control-ui/assets/ja-JP-F9ReJBkI.js +2 -0
- package/dist/control-ui/assets/ko-COLp1JKa.js +2 -0
- package/dist/control-ui/assets/logs-DB-Z5vcW.js +74 -0
- package/dist/control-ui/assets/mcp-Cpcduudl.js +417 -0
- package/dist/control-ui/assets/memory-DnzEGr6j.js +50 -0
- package/dist/control-ui/assets/memory-graph-DyR9Uhz0.js +30 -0
- package/dist/control-ui/assets/models-DiDA_80_.js +86 -0
- package/dist/control-ui/assets/nodes-DBKCXfee.js +654 -0
- package/dist/control-ui/assets/pl-BYPzLeb4.js +2 -0
- package/dist/control-ui/assets/plugins-CwfOfaNX.js +259 -0
- package/dist/control-ui/assets/presenter-5bq6-zJE.js +2 -0
- package/dist/control-ui/assets/pt-BR-DTBFbuCo.js +2 -0
- package/dist/control-ui/assets/sessions-B32pl2IK.js +56 -0
- package/dist/control-ui/assets/skills-UF7TyQK4.js +294 -0
- package/dist/control-ui/assets/skills-shared-B74z1P-E.js +11 -0
- package/dist/control-ui/assets/th-CIjDBcNT.js +2 -0
- package/dist/control-ui/assets/tr-NCpkXtTg.js +2 -0
- package/dist/control-ui/assets/uk-DvS1vsmH.js +2 -0
- package/dist/control-ui/assets/wallet-RKPn2MRs.js +302 -0
- package/dist/control-ui/assets/zh-CN-SfnMOQr0.js +2 -0
- package/dist/control-ui/assets/zh-TW-CkQgNjXi.js +2 -0
- package/dist/control-ui/index.html +2 -2
- package/dist/control-ui-CKQ17fcd.js +1043 -0
- package/dist/conversation-id-BzYtax7n.js +235 -0
- package/dist/conversation-id-HBz3v6j3.js +38 -0
- package/dist/conversation-runtime-CkcxSb_S.js +31 -0
- package/dist/core-DxVEjt5f.js +275 -0
- package/dist/create-B9OOGa90.js +80 -0
- package/dist/cron-cli-CAkqablA.js +713 -0
- package/dist/daemon-cli-CCC_5IkN.js +12 -0
- package/dist/dashboard-Bqpn6xD_.js +81 -0
- package/dist/dashboard-Cd6TkhpW.js +2 -0
- package/dist/delegate-D7D8iTtT.js +64 -0
- package/dist/deliver-I8Ifd1yR.js +3 -0
- package/dist/deliver-Zphc65zr.js +747 -0
- package/dist/deliver-runtime-DQyfYkCs.js +2 -0
- package/dist/delivery-outbound.runtime-Bs9x6LSS.js +6 -0
- package/dist/delivery-outbound.runtime.js +1 -1
- package/dist/delivery.runtime-Cx3qn7Hc.js +253 -0
- package/dist/delivery.runtime.js +1 -1
- package/dist/detached-task-runtime-D2jixP5C.js +73 -0
- package/dist/devices-cli-CMnaKl01.js +498 -0
- package/dist/diagnostics-B8Z9UWlG.js +154 -0
- package/dist/direct-dm-c4Qb2Nzg.js +64 -0
- package/dist/directive-handling.fast-lane-DuuCgCI2.js +66 -0
- package/dist/directive-handling.impl-BiJain1b.js +2 -0
- package/dist/directive-handling.impl-CYw76-Ag.js +703 -0
- package/dist/directive-handling.model-selection-BNnOIh0D.js +114 -0
- package/dist/directive-handling.persist.runtime-DWnMoAjn.js +215 -0
- package/dist/directive-handling.persist.runtime.js +1 -1
- package/dist/directory-cli-CinbUxv4.js +240 -0
- package/dist/dispatch-acp-BL2QahHP.js +981 -0
- package/dist/dispatch-acp-manager.runtime-CynWPlJS.js +3 -0
- package/dist/dispatch-acp-manager.runtime.js +1 -1
- package/dist/dispatch-acp-media.runtime-CrC5nXXy.js +4 -0
- package/dist/dispatch-acp-media.runtime.js +1 -1
- package/dist/dispatch-acp-session.runtime-C_GFMR0r.js +2 -0
- package/dist/dispatch-acp-session.runtime.js +1 -1
- package/dist/dispatch-acp.runtime-OwR8G8Qt.js +19 -0
- package/dist/dispatch-acp.runtime.js +1 -1
- package/dist/dispatch-r6Uv7puk.js +1131 -0
- package/dist/doctor-config-flow-BQjLEW5b.js +420 -0
- package/dist/doctor-config-preflight-B3VVSleh.js +63 -0
- package/dist/doctor-config-preflight-BBOEq7ti.js +2 -0
- package/dist/doctor-device-pairing-GsLelCah.js +307 -0
- package/dist/doctor-gateway-daemon-flow-Bj6Y5WoB.js +250 -0
- package/dist/doctor-gateway-health-D7WY6zgb.js +63 -0
- package/dist/doctor-health-C9GRQaPA.js +59 -0
- package/dist/doctor-health-contributions-Dk9ho6TO.js +493 -0
- package/dist/doctor-prompter-Ct6Jv52M.js +56 -0
- package/dist/doctor-sandbox-DAb-mQpy.js +194 -0
- package/dist/doctor-state-migrations-36dXc9ct.js +2 -0
- package/dist/doctor-workspace-status-CJCfWEI6.js +75 -0
- package/dist/dreaming-_hTKF5lN.js +1582 -0
- package/dist/dreaming-narrative-D5XTDttN.js +596 -0
- package/dist/embedded-gateway-stub.runtime-CEmoodA9.js +9 -0
- package/dist/embedded-gateway-stub.runtime.js +1 -1
- package/dist/embedding-provider-B9F-kCH3.js +118 -0
- package/dist/embeddings-BCVqTyaZ.js +215 -0
- package/dist/embeddings-http-CCsd7vWB.js +205 -0
- package/dist/entry.js +2 -2
- package/dist/exec-approval-forwarder.runtime-CMniJyXX.js +3 -0
- package/dist/exec-approval-forwarder.runtime.js +1 -1
- package/dist/exec-approvals-cli-ClDMlOmM.js +498 -0
- package/dist/exec-defaults-BWb7bhoE.js +2 -0
- package/dist/exec-defaults-CE8PArh-.js +67 -0
- package/dist/execute.runtime-Bhup95bB.js +1359 -0
- package/dist/execute.runtime.js +1 -1
- package/dist/extensionAPI.js +3 -3
- package/dist/extensions/active-memory/index.js +3 -3
- package/dist/extensions/alibaba/index.js +1 -1
- package/dist/extensions/alibaba/video-generation-provider.js +1 -1
- package/dist/extensions/arcee/index.js +2 -2
- package/dist/extensions/bluebubbles/api.js +3 -3
- package/dist/extensions/bluebubbles/channel-plugin-api.js +1 -1
- package/dist/extensions/browser/browser-bridge.js +1 -1
- package/dist/extensions/browser/browser-config.js +4 -4
- package/dist/extensions/browser/browser-control-auth.js +2 -2
- package/dist/extensions/browser/browser-doctor.js +2 -2
- package/dist/extensions/browser/browser-maintenance.js +2 -2
- package/dist/extensions/browser/browser-profiles.js +2 -2
- package/dist/extensions/browser/browser-runtime-api.js +10 -10
- package/dist/extensions/browser/index.js +1 -1
- package/dist/extensions/browser/plugin-registration.js +1 -1
- package/dist/extensions/browser/register.runtime.js +3 -3
- package/dist/extensions/browser/runtime-api.js +11 -11
- package/dist/extensions/browser/test-support.js +1 -1
- package/dist/extensions/byteplus/index.js +3 -3
- package/dist/extensions/byteplus/video-generation-provider.js +1 -1
- package/dist/extensions/chutes/index.js +4 -4
- package/dist/extensions/cloudflare-ai-gateway/api.js +1 -1
- package/dist/extensions/cloudflare-ai-gateway/catalog-provider.js +1 -1
- package/dist/extensions/cloudflare-ai-gateway/index.js +2 -2
- package/dist/extensions/comfy/image-generation-provider.js +2 -2
- package/dist/extensions/comfy/index.js +5 -5
- package/dist/extensions/comfy/music-generation-provider.js +1 -1
- package/dist/extensions/comfy/video-generation-provider.js +2 -2
- package/dist/extensions/comfy/workflow-runtime.js +1 -1
- package/dist/extensions/deepseek/index.js +1 -1
- package/dist/extensions/device-pair/api.js +2 -2
- package/dist/extensions/device-pair/index.js +4 -4
- package/dist/extensions/device-pair/notify.js +1 -1
- package/dist/extensions/device-pair/pair-command-approve.js +1 -1
- package/dist/extensions/device-pair/qr-image.js +2 -2
- package/dist/extensions/fal/image-generation-provider.js +1 -1
- package/dist/extensions/fal/index.js +3 -3
- package/dist/extensions/fal/provider-registration.js +1 -1
- package/dist/extensions/fal/test-api.js +2 -2
- package/dist/extensions/fal/video-generation-provider.js +1 -1
- package/dist/extensions/fireworks/index.js +1 -1
- package/dist/extensions/github-copilot/api.js +1 -1
- package/dist/extensions/github-copilot/auth.js +1 -1
- package/dist/extensions/github-copilot/embeddings.js +1 -1
- package/dist/extensions/github-copilot/index.js +4 -4
- package/dist/extensions/github-copilot/login.js +1 -1
- package/dist/extensions/github-copilot/register.runtime.js +2 -2
- package/dist/extensions/google-meet/index.js +6 -6
- package/dist/extensions/groq/index.js +1 -1
- package/dist/extensions/groq/media-understanding-provider.js +1 -1
- package/dist/extensions/groq/test-api.js +1 -1
- package/dist/extensions/huggingface/index.js +1 -1
- package/dist/extensions/image-generation-core/api.js +2 -2
- package/dist/extensions/imessage/api.js +4 -4
- package/dist/extensions/imessage/channel-plugin-api.js +1 -1
- package/dist/extensions/imessage/runtime-api.js +5 -5
- package/dist/extensions/imessage/test-api.js +1 -1
- package/dist/extensions/irc/api.js +2 -2
- package/dist/extensions/irc/channel-plugin-api.js +1 -1
- package/dist/extensions/kilocode/index.js +1 -1
- package/dist/extensions/kimi-coding/index.js +2 -2
- package/dist/extensions/line/api.js +2 -2
- package/dist/extensions/line/channel-plugin-api.js +1 -1
- package/dist/extensions/line/contract-api.js +1 -1
- package/dist/extensions/line/runtime-api.js +4 -4
- package/dist/extensions/line/setup-api.js +1 -1
- package/dist/extensions/litellm/index.js +1 -1
- package/dist/extensions/lmstudio/api.js +2 -2
- package/dist/extensions/lmstudio/index.js +3 -3
- package/dist/extensions/lmstudio/memory-embedding-adapter.js +1 -1
- package/dist/extensions/lmstudio/runtime-api.js +1 -1
- package/dist/extensions/lobster/runtime-api.js +1 -1
- package/dist/extensions/mattermost/api.js +1 -1
- package/dist/extensions/mattermost/channel-plugin-api.js +1 -1
- package/dist/extensions/mattermost/channel-plugin-runtime.js +1 -1
- package/dist/extensions/mattermost/policy-api.js +1 -1
- package/dist/extensions/mattermost/runtime-api.js +7 -7
- package/dist/extensions/mattermost/slash-route-api.js +1 -1
- package/dist/extensions/media-understanding-core/runtime-api.js +2 -2
- package/dist/extensions/memory-core/api.js +1 -1
- package/dist/extensions/memory-core/cli-metadata.js +2 -2
- package/dist/extensions/memory-core/index.js +3 -3
- package/dist/extensions/memory-lancedb/cli-metadata.js +1 -1
- package/dist/extensions/memory-lancedb/index.js +1 -1
- package/dist/extensions/memory-wiki/cli-metadata.js +1 -1
- package/dist/extensions/memory-wiki/index.js +1 -1
- package/dist/extensions/microsoft/index.js +1 -1
- package/dist/extensions/microsoft/speech-provider.js +1 -1
- package/dist/extensions/microsoft/test-api.js +1 -1
- package/dist/extensions/microsoft-foundry/auth.js +1 -1
- package/dist/extensions/microsoft-foundry/cli.js +1 -1
- package/dist/extensions/microsoft-foundry/index.js +1 -1
- package/dist/extensions/microsoft-foundry/onboard.js +2 -2
- package/dist/extensions/microsoft-foundry/provider.js +1 -1
- package/dist/extensions/microsoft-foundry/runtime.js +1 -1
- package/dist/extensions/microsoft-foundry/shared-runtime.js +2 -2
- package/dist/extensions/microsoft-foundry/shared.js +1 -1
- package/dist/extensions/minimax/image-generation-provider.js +1 -1
- package/dist/extensions/minimax/index.js +6 -6
- package/dist/extensions/minimax/media-understanding-provider.js +1 -1
- package/dist/extensions/minimax/music-generation-provider.js +1 -1
- package/dist/extensions/minimax/oauth.js +1 -1
- package/dist/extensions/minimax/oauth.runtime.js +1 -1
- package/dist/extensions/minimax/provider-registration.js +1 -1
- package/dist/extensions/minimax/speech-provider.js +1 -1
- package/dist/extensions/minimax/test-api.js +4 -4
- package/dist/extensions/minimax/video-generation-provider.js +1 -1
- package/dist/extensions/mistral/index.js +2 -2
- package/dist/extensions/mistral/media-understanding-provider.js +1 -1
- package/dist/extensions/mistral/test-api.js +1 -1
- package/dist/extensions/moonshot/index.js +2 -2
- package/dist/extensions/moonshot/media-understanding-provider.js +1 -1
- package/dist/extensions/moonshot/test-api.js +1 -1
- package/dist/extensions/msteams/api.js +1 -1
- package/dist/extensions/msteams/channel-plugin-api.js +1 -1
- package/dist/extensions/msteams/runtime-api.js +4 -4
- package/dist/extensions/msteams/test-api.js +1 -1
- package/dist/extensions/nextcloud-talk/api.js +1 -1
- package/dist/extensions/nextcloud-talk/channel-plugin-api.js +1 -1
- package/dist/extensions/nextcloud-talk/runtime-api.js +2 -2
- package/dist/extensions/nvidia/index.js +1 -1
- package/dist/extensions/ollama/api.js +3 -3
- package/dist/extensions/ollama/index.js +9 -9
- package/dist/extensions/ollama/runtime-api.js +2 -2
- package/dist/extensions/ollama/web-search-provider.js +1 -1
- package/dist/extensions/openai/api.js +2 -2
- package/dist/extensions/openai/image-generation-provider.js +1 -1
- package/dist/extensions/openai/index.js +6 -6
- package/dist/extensions/openai/media-understanding-provider.js +1 -1
- package/dist/extensions/openai/openai-codex-provider.js +1 -1
- package/dist/extensions/openai/openai-provider.js +1 -1
- package/dist/extensions/openai/register.runtime.js +4 -4
- package/dist/extensions/openai/test-api.js +3 -3
- package/dist/extensions/openai/video-generation-provider.js +1 -1
- package/dist/extensions/opencode/index.js +2 -2
- package/dist/extensions/opencode/media-understanding-provider.js +1 -1
- package/dist/extensions/opencode-go/index.js +2 -2
- package/dist/extensions/opencode-go/media-understanding-provider.js +1 -1
- package/dist/extensions/openrouter/api.js +1 -1
- package/dist/extensions/openrouter/image-generation-provider.js +1 -1
- package/dist/extensions/openrouter/index.js +4 -4
- package/dist/extensions/openrouter/media-understanding-provider.js +1 -1
- package/dist/extensions/openrouter/register.runtime.js +3 -3
- package/dist/extensions/openrouter/test-api.js +2 -2
- package/dist/extensions/openshell/index.js +3 -3
- package/dist/extensions/qianfan/index.js +1 -1
- package/dist/extensions/qwen/index.js +3 -3
- package/dist/extensions/qwen/media-understanding-provider.js +1 -1
- package/dist/extensions/qwen/test-api.js +2 -2
- package/dist/extensions/qwen/video-generation-provider.js +1 -1
- package/dist/extensions/runway/index.js +1 -1
- package/dist/extensions/runway/video-generation-provider.js +1 -1
- package/dist/extensions/signal/api.js +6 -6
- package/dist/extensions/signal/channel-plugin-api.js +1 -1
- package/dist/extensions/signal/reaction-runtime-api.js +1 -1
- package/dist/extensions/signal/runtime-api.js +9 -9
- package/dist/extensions/skill-workshop/api.js +1 -1
- package/dist/extensions/skill-workshop/index.js +2 -2
- package/dist/extensions/speech-core/runtime-api.js +1 -1
- package/dist/extensions/stepfun/index.js +2 -2
- package/dist/extensions/synology-chat/api.js +1 -1
- package/dist/extensions/synology-chat/channel-plugin-api.js +1 -1
- package/dist/extensions/synthetic/index.js +1 -1
- package/dist/extensions/talk-voice/index.js +1 -1
- package/dist/extensions/tencent/index.js +2 -2
- package/dist/extensions/thread-ownership/index.js +1 -1
- package/dist/extensions/tlon/api.js +2 -2
- package/dist/extensions/tlon/channel-plugin-api.js +1 -1
- package/dist/extensions/tlon/runtime-api.js +1 -1
- package/dist/extensions/tlon/test-api.js +1 -1
- package/dist/extensions/together/index.js +2 -2
- package/dist/extensions/together/video-generation-provider.js +1 -1
- package/dist/extensions/twitch/api.js +1 -1
- package/dist/extensions/twitch/channel-plugin-api.js +1 -1
- package/dist/extensions/twitch/setup-plugin-api.js +1 -1
- package/dist/extensions/venice/index.js +1 -1
- package/dist/extensions/vercel-ai-gateway/index.js +1 -1
- package/dist/extensions/voice-call/index.js +1 -1
- package/dist/extensions/voice-call/runtime-entry.js +1 -1
- package/dist/extensions/volcengine/index.js +2 -2
- package/dist/extensions/vydra/image-generation-provider.js +1 -1
- package/dist/extensions/vydra/index.js +4 -4
- package/dist/extensions/vydra/video-generation-provider.js +1 -1
- package/dist/extensions/xai/api.js +2 -2
- package/dist/extensions/xai/code-execution.js +2 -2
- package/dist/extensions/xai/image-generation-provider.js +1 -1
- package/dist/extensions/xai/index.js +6 -6
- package/dist/extensions/xai/speech-provider.js +1 -1
- package/dist/extensions/xai/tts.js +1 -1
- package/dist/extensions/xai/video-generation-provider.js +1 -1
- package/dist/extensions/xai/x-search.js +2 -2
- package/dist/extensions/xiaomi/index.js +1 -1
- package/dist/extensions/zai/index.js +2 -2
- package/dist/extensions/zai/media-understanding-provider.js +1 -1
- package/dist/extensions/zai/test-api.js +1 -1
- package/dist/extensions/zalo/api.js +3 -3
- package/dist/extensions/zalo/channel-plugin-api.js +1 -1
- package/dist/extensions/zalo/runtime-api.js +2 -2
- package/dist/extensions/zalo/setup-api.js +2 -2
- package/dist/extensions/zalouser/api.js +3 -3
- package/dist/extensions/zalouser/channel-plugin-api.js +1 -1
- package/dist/extensions/zalouser/runtime-api.js +7 -7
- package/dist/extensions/zalouser/setup-plugin-api.js +1 -1
- package/dist/extensions/zalouser/test-api.js +1 -1
- package/dist/fallbacks-7zSQjTV3.js +31 -0
- package/dist/fallbacks-CZiqVR5O.js +2 -0
- package/dist/fallbacks-shared-ChkX-wC9.js +111 -0
- package/dist/gateway-CHyZ16Py.js +115 -0
- package/dist/gateway-cli-Ddf-bjxV.js +1283 -0
- package/dist/gateway-rpc-DksPpMA7.js +14 -0
- package/dist/gateway-rpc.runtime-BKaQsdOu.js +23 -0
- package/dist/gateway-rpc.runtime.js +1 -1
- package/dist/gateway-runtime-Ca4l5F_e.js +15 -0
- package/dist/gateway-status-CTPWttLS.js +584 -0
- package/dist/genesis-tools-Bkxp7zlI.js +9435 -0
- package/dist/genesis-tools.runtime-BCkQJQBx.js +2 -0
- package/dist/genesis-tools.runtime.js +1 -1
- package/dist/get-reply-HzKdsGO7.js +3946 -0
- package/dist/get-reply-from-config.runtime-C5ISSvQ1.js +2 -0
- package/dist/get-reply-from-config.runtime.js +1 -1
- package/dist/gmail-watcher-lifecycle-BYRHDXCT.js +2 -0
- package/dist/graph-users-BVVUU02O.js +1337 -0
- package/dist/health-3Ot3RyLe.js +420 -0
- package/dist/health-B1Ww7M60.js +3 -0
- package/dist/health-route--L24U5vY.js +2 -0
- package/dist/health-route-DQ3RbNHQ.js +41 -0
- package/dist/hooks-cli-CsJbTM0O.js +433 -0
- package/dist/http-endpoint-helpers-D5HkMFwp.js +41 -0
- package/dist/http-utils-LFOvdepz.js +924 -0
- package/dist/image-fallbacks--ElXneWp.js +31 -0
- package/dist/image-fallbacks-D3vJILOu.js +2 -0
- package/dist/image-generation-core-DasXukAP.js +18 -0
- package/dist/image-generation-core.auth.runtime.js +1 -1
- package/dist/image-generation-provider-BUYDznhO.js +157 -0
- package/dist/image-generation-provider-CZsEm9qP.js +137 -0
- package/dist/image-generation-provider-DfAtOfEj.js +95 -0
- package/dist/image-generation-provider-Dksuo9OZ.js +529 -0
- package/dist/image-generation-provider-TlVk_XqK.js +63 -0
- package/dist/image-generation-provider-YwugArNw.js +274 -0
- package/dist/image-generation-provider-bWlq5yUE.js +228 -0
- package/dist/image-runtime-CswgJNvs.js +9 -0
- package/dist/inbound-reply-dispatch-B7wRXjgc.js +73 -0
- package/dist/inbound.runtime-Bw0JSbxR.js +4 -0
- package/dist/inbound.runtime-DjvZZHXI.js +3 -0
- package/dist/inbound.runtime.js +1 -1
- package/dist/index.js +2 -2
- package/dist/infra-runtime-CBfd1WMP.js +38 -0
- package/dist/init-D0hOJH3x.js +59 -0
- package/dist/install-CYvCH-s3.js +726 -0
- package/dist/install-security-scan-B7ZoC2Vw.js +26 -0
- package/dist/install-security-scan.runtime-iZsF-J1u.js +671 -0
- package/dist/install-security-scan.runtime.js +1 -1
- package/dist/install.runtime-BAqg9YWO.js +27 -0
- package/dist/install.runtime-Cc9Bf7A6.js +12 -0
- package/dist/install.runtime.js +1 -1
- package/dist/jobs-BIi6klWl.js +729 -0
- package/dist/library-oLeJ7WB2.js +45 -0
- package/dist/lifecycle-CeE5vcbI.js +571 -0
- package/dist/lifecycle-CqOQyQkN.js +229 -0
- package/dist/lifecycle.runtime-3bkEDR0o.js +2 -0
- package/dist/lifecycle.runtime.js +1 -1
- package/dist/list-C3cLeCpB.js +2 -0
- package/dist/list-CcZ_ONLT.js +2 -0
- package/dist/list-DUXsFAZJ.js +1212 -0
- package/dist/list-gnrIqPtd.js +131 -0
- package/dist/list.probe-BwRgShwM.js +419 -0
- package/dist/live-model-switch-CWgg2Ggb.js +336 -0
- package/dist/llm-slug-generator-BkDTThCe.js +79 -0
- package/dist/llm-slug-generator.js +1 -1
- package/dist/load-config-CfZQrUUz.js +35 -0
- package/dist/loader-DsEya2Rd.js +222 -0
- package/dist/local-dispatch.runtime-CtXGZ70F.js +8 -0
- package/dist/local-dispatch.runtime.js +1 -1
- package/dist/login-M0JiZwmc.js +108 -0
- package/dist/logs-cli-zd_9yCKn.js +265 -0
- package/dist/logs-cli.runtime-BWvHh5zg.js +2 -0
- package/dist/logs-cli.runtime.js +1 -1
- package/dist/main-session-restart-recovery-Bnvjo9E1.js +206 -0
- package/dist/managed-image-attachments-Cib67JTY.js +2 -0
- package/dist/managed-image-attachments-Pl-_Wh-s.js +635 -0
- package/dist/manager-CfFNGdWA.js +2057 -0
- package/dist/manager-TXSNaq3B.js +2 -0
- package/dist/markdown-to-line-C83mDLjZ.js +790 -0
- package/dist/mcp/plugin-tools-serve.js +1 -1
- package/dist/mcp-cli-CNy5N1fa.js +725 -0
- package/dist/mcp-http-Cp3nlyRC.js +529 -0
- package/dist/mcp-oauth-embedded.runtime-Bg_5jTnW.js +111 -0
- package/dist/mcp-oauth-embedded.runtime.js +1 -0
- package/dist/media-runtime-BetXjDy_.js +329 -0
- package/dist/media-understanding-PrCTBqs6.js +85 -0
- package/dist/media-understanding-provider-BOJyh6FF.js +85 -0
- package/dist/media-understanding-provider-BQqWS6FP.js +18 -0
- package/dist/media-understanding-provider-BVI5_wpJ.js +12 -0
- package/dist/media-understanding-provider-BvANUUsD.js +37 -0
- package/dist/media-understanding-provider-CmJsqky4.js +69 -0
- package/dist/media-understanding-provider-D160isav.js +28 -0
- package/dist/media-understanding-provider-DLdtS2i0.js +12 -0
- package/dist/media-understanding-provider-DbYma1pc.js +21 -0
- package/dist/media-understanding-provider-DgKlDcus.js +18 -0
- package/dist/media-understanding-provider-Dt4kGn2a.js +13 -0
- package/dist/media-understanding-runtime-7Pt0cFob.js +2 -0
- package/dist/memory-core-host-runtime-cli-BegfMQ60.js +9 -0
- package/dist/memory-embedding-adapter-bqPa42NQ.js +123 -0
- package/dist/memory-host-search-595fbsH5.js +12 -0
- package/dist/memory-host-search.runtime.js +1 -1
- package/dist/message-BEIYueeC.js +232 -0
- package/dist/message-action-runner-BMAw7gfU.js +2 -0
- package/dist/message-action-runner-DbqkVVXA.js +1407 -0
- package/dist/message-actions-CagfUya_.js +143 -0
- package/dist/message.config.runtime.js +1 -1
- package/dist/message.gateway.runtime-8N00rzUd.js +2 -0
- package/dist/message.gateway.runtime.js +1 -1
- package/dist/method-scopes-TWVLEUXZ.js +239 -0
- package/dist/model-picker-DJQ_lN5J.js +3 -0
- package/dist/model-picker-f_kmCGgt.js +559 -0
- package/dist/model-picker.runtime-Bua1ZV3T.js +15 -0
- package/dist/model-picker.runtime.js +1 -1
- package/dist/model-selection-DRe0f5zo.js +212 -0
- package/dist/models-auth-status-dUVFT_f1.js +217 -0
- package/dist/models-cli-VqeddndJ.js +271 -0
- package/dist/models-http-PC5-c2lS.js +92 -0
- package/dist/models.fetch-CsIbuvYn.js +518 -0
- package/dist/monitor-BgwZHXAs.js +2 -0
- package/dist/monitor-BrGXztev.js +1661 -0
- package/dist/monitor-DXqHkIkY.js +788 -0
- package/dist/monitor-DoS0pnRS.js +671 -0
- package/dist/monitor-SUo0OdqH.js +1459 -0
- package/dist/monitor-auth-BjLpAGxu.js +207 -0
- package/dist/monitor-hVTP1bQv.js +1237 -0
- package/dist/monitor-processing-CIokCAUz.js +1974 -0
- package/dist/monitor.runtime-BU4RKNXx.js +2 -0
- package/dist/monitor.runtime.js +1 -1
- package/dist/monitor.webhook-DaTTjWrL.js +180 -0
- package/dist/msteams-CmdWCuQl.js +35 -0
- package/dist/music-generation-provider-D1C-gv82.js +63 -0
- package/dist/music-generation-provider-Da4aNlMi.js +170 -0
- package/dist/native-hook-relay-Crk4McKb.js +519 -0
- package/dist/nextcloud-talk-D23cNPfx.js +17 -0
- package/dist/node-cli-DQ2FAUD5.js +2276 -0
- package/dist/nodes-cli-rSfhRw3_.js +1046 -0
- package/dist/nodes-utils-DlayGjaD.js +84 -0
- package/dist/nodes.helpers-DDUs18Tb.js +34 -0
- package/dist/notify-BSOvLWmd.js +315 -0
- package/dist/oauth-CMgJwuws.js +2 -0
- package/dist/oauth-CkVdnYWF.js +152 -0
- package/dist/oauth-DyK5hAZs.js +139 -0
- package/dist/oauth-OBOUymgi.js +75 -0
- package/dist/oauth.flow-BLoyN3lV.js +3 -0
- package/dist/oauth.flow-DH06lWCO.js +45 -0
- package/dist/onboard-C-WpjREP.js +316 -0
- package/dist/onboard-CpNpQ0N8.js +70 -0
- package/dist/onboard-channels-BeLqCc-3.js +2 -0
- package/dist/onboard-channels-DvKo0QB_.js +3 -0
- package/dist/onboard-custom-BXb7qIWz.js +3 -0
- package/dist/onboard-custom-ClkyPqIy.js +271 -0
- package/dist/onboard-helpers-BSqq4yEX.js +204 -0
- package/dist/onboard-helpers-Cw8cHMwk.js +6 -0
- package/dist/onboard-interactive-CIJMPUNi.js +24 -0
- package/dist/onboard-non-interactive-CCGFunM1.js +635 -0
- package/dist/onboard-remote-BIFjzB0v.js +193 -0
- package/dist/onboard-remote-DdfKS44K.js +2 -0
- package/dist/onboard-skills-C9Oz7pMM.js +134 -0
- package/dist/onboard-skills-DFZIuIBM.js +2 -0
- package/dist/onboard-ygfHgwjs.js +2 -0
- package/dist/onboarding-plugin-install-CSJX8VZv.js +406 -0
- package/dist/openai-codex-provider-ChrCVEw6.js +472 -0
- package/dist/openai-http-V8-EZ-Tx.js +500 -0
- package/dist/openai-provider-CBFc7f3l.js +313 -0
- package/dist/opencode-D8fX4akZ.js +35 -0
- package/dist/openresponses-http-B2Z5eD7p.js +1128 -0
- package/dist/operator-approvals-client-DcLaJSYz.js +68 -0
- package/dist/outbound-runtime-BcayPyTD.js +5 -0
- package/dist/outbound.runtime-BioZr0Xk.js +2 -0
- package/dist/outbound.runtime.js +1 -1
- package/dist/pair-command-approve-CKQ5PFPa.js +44 -0
- package/dist/persistent-bindings.lifecycle-Cc3nJyXl.js +2 -0
- package/dist/persistent-bindings.lifecycle-DMUm3wFX.js +85 -0
- package/dist/pi-bundle-mcp-runtime-BxuXFq8N.js +2 -0
- package/dist/pi-bundle-mcp-runtime-ZvnA7GLK.js +854 -0
- package/dist/pi-bundle-mcp-tools-Cq0oKMGx.js +108 -0
- package/dist/pi-embedded-DLQZrdL6.js +2905 -0
- package/dist/pi-embedded-kfFiSGXN.js +4 -0
- package/dist/pi-embedded-subscribe.handlers.compaction.runtime-DRkY_7mg.js +23 -0
- package/dist/pi-embedded-subscribe.handlers.compaction.runtime.js +1 -1
- package/dist/pi-embedded.runtime-DXAilonb.js +4 -0
- package/dist/pi-embedded.runtime.js +1 -1
- package/dist/pi-tool-definition-adapter-D5M4iVmd.js +229 -0
- package/dist/pi-tools-CymfaKhy.js +1118 -0
- package/dist/pi-tools.before-tool-call-CBjigYgQ.js +2 -0
- package/dist/pi-tools.before-tool-call-CrhLIm2q.js +433 -0
- package/dist/plugin-DJ_g-ddv.js +12195 -0
- package/dist/plugin-enabled-CqvTLQjg.js +140 -0
- package/dist/plugin-install-DwdyYiEf.js +115 -0
- package/dist/plugin-install-config-policy-BGQ3WzJO.js +137 -0
- package/dist/plugin-install-ldcXmOz8.js +2 -0
- package/dist/plugin-install-plan-DXvNElN2.js +50 -0
- package/dist/plugin-registration-awDDNZjN.js +23 -0
- package/dist/plugin-sdk/.boundary-entry-shims.stamp +1 -1
- package/dist/plugin-sdk/acp-binding-runtime.js +1 -1
- package/dist/plugin-sdk/acp-runtime.js +3 -3
- package/dist/plugin-sdk/agent-harness-runtime.js +6 -6
- package/dist/plugin-sdk/agent-harness.js +7 -7
- package/dist/plugin-sdk/agent-runtime.js +2 -2
- package/dist/plugin-sdk/approval-gateway-runtime.js +2 -2
- package/dist/plugin-sdk/approval-handler-runtime.js +3 -3
- package/dist/plugin-sdk/approval-runtime.js +1 -1
- package/dist/plugin-sdk/browser-node-runtime.js +4 -4
- package/dist/plugin-sdk/browser-setup-tools.js +3 -3
- package/dist/plugin-sdk/browser-support.js +7 -7
- package/dist/plugin-sdk/channel-core.js +2 -2
- package/dist/plugin-sdk/channel-inbound.js +3 -3
- package/dist/plugin-sdk/command-auth.js +2 -2
- package/dist/plugin-sdk/command-status-runtime.js +1 -1
- package/dist/plugin-sdk/compat.js +1 -1
- package/dist/plugin-sdk/config-runtime.js +3 -3
- package/dist/plugin-sdk/conversation-binding-runtime.js +1 -1
- package/dist/plugin-sdk/conversation-runtime.js +4 -4
- package/dist/plugin-sdk/core.js +2 -2
- package/dist/plugin-sdk/direct-dm.js +1 -1
- package/dist/plugin-sdk/gateway-runtime.js +3 -3
- package/dist/plugin-sdk/image-generation-core.js +2 -2
- package/dist/plugin-sdk/inbound-reply-dispatch.js +1 -1
- package/dist/plugin-sdk/index.js +1 -1
- package/dist/plugin-sdk/infra-runtime.js +2 -2
- package/dist/plugin-sdk/irc.js +2 -2
- package/dist/plugin-sdk/matrix.js +1 -1
- package/dist/plugin-sdk/mattermost.js +2 -2
- package/dist/plugin-sdk/media-runtime.js +5 -5
- package/dist/plugin-sdk/media-understanding-runtime.js +2 -2
- package/dist/plugin-sdk/media-understanding.js +2 -2
- package/dist/plugin-sdk/memory-core-host-runtime-cli.js +2 -2
- package/dist/plugin-sdk/memory-core.js +2 -2
- package/dist/plugin-sdk/memory-host-search.js +1 -1
- package/dist/plugin-sdk/msteams.js +3 -3
- package/dist/plugin-sdk/nextcloud-talk.js +2 -2
- package/dist/plugin-sdk/nostr.js +1 -1
- package/dist/plugin-sdk/opencode.js +1 -1
- package/dist/plugin-sdk/outbound-runtime.js +2 -2
- package/dist/plugin-sdk/provider-auth-api-key.js +2 -2
- package/dist/plugin-sdk/provider-auth-login.js +1 -1
- package/dist/plugin-sdk/provider-auth.js +2 -2
- package/dist/plugin-sdk/provider-entry.js +1 -1
- package/dist/plugin-sdk/reply-dispatch-runtime.js +1 -1
- package/dist/plugin-sdk/reply-runtime.js +4 -4
- package/dist/plugin-sdk/runtime-doctor.js +1 -1
- package/dist/plugin-sdk/runtime-secret-resolution.js +1 -1
- package/dist/plugin-sdk/runtime.js +3 -3
- package/dist/plugin-sdk/sandbox.js +1 -1
- package/dist/plugin-sdk/session-store-runtime.js +1 -1
- package/dist/plugin-sdk/session-visibility.js +1 -1
- package/dist/plugin-sdk/skill-commands-runtime.js +1 -1
- package/dist/plugin-sdk/src/config/types.mcp.d.ts +13 -0
- package/dist/plugin-sdk/src/gateway/protocol/index.d.ts +29 -3
- package/dist/plugin-sdk/src/gateway/protocol/schema/mcp.d.ts +52 -0
- package/dist/plugin-sdk/src/gateway/protocol/schema/protocol-schemas.d.ts +52 -0
- package/dist/plugin-sdk/src/gateway/protocol/schema/types.d.ts +8 -0
- package/dist/plugin-sdk/testing.js +4 -4
- package/dist/plugin-sdk/tlon.js +1 -1
- package/dist/plugin-sdk/zalo.js +1 -1
- package/dist/plugin-sdk/zalouser.js +1 -1
- package/dist/plugin-service-Bcg-shsL.js +2893 -0
- package/dist/plugins/runtime/index.js +1 -1
- package/dist/plugins-cli-CUZMkYFB.js +584 -0
- package/dist/plugins-command-helpers-BGFL7yp7.js +107 -0
- package/dist/plugins-install-persist-Cp8tSsno.js +133 -0
- package/dist/plugins-update-command-Ds_N9qES.js +1057 -0
- package/dist/policy-DIf26_n6.js +328 -0
- package/dist/postinstall-inventory.json +711 -709
- package/dist/prepare.runtime-DCLXK1uq.js +807 -0
- package/dist/prepare.runtime.js +1 -1
- package/dist/probe-0w9S79sF.js +45 -0
- package/dist/probe-B1L2nZVS.js +243 -0
- package/dist/probe-BQT29JH7.js +74 -0
- package/dist/probe-CB6KR9ri.js +240 -0
- package/dist/probe-CWtFr2jl.js +2 -0
- package/dist/probe-CcBuLmYT.js +2205 -0
- package/dist/probe-DYqlJBSk.js +2 -0
- package/dist/probe-_IUalbC8.js +1443 -0
- package/dist/program-sXJs6Lyj.js +111 -0
- package/dist/prompt-select-styled-jucMgA5f.js +20 -0
- package/dist/protocol-DgMCJAA_.js +2586 -0
- package/dist/provider-BSqWTcoz.js +70 -0
- package/dist/provider-api-key-auth-C92t3JTu.js +131 -0
- package/dist/provider-api-key-auth.runtime.js +1 -1
- package/dist/provider-auth-api-key-zf0PU9U_.js +5 -0
- package/dist/provider-auth-choice-palZRKPG.js +228 -0
- package/dist/provider-auth-hCEy91hA.js +46 -0
- package/dist/provider-auth-login-D4MC4bs_.js +8 -0
- package/dist/provider-auth-login.runtime.js +1 -1
- package/dist/provider-dispatcher-9z9Dw59_.js +2 -0
- package/dist/provider-dispatcher-DyQNST2Z.js +22 -0
- package/dist/provider-entry-DZDgzWTU.js +106 -0
- package/dist/provider-model-defaults-DC1PMV0H.js +6 -0
- package/dist/provider-registration-BSHUosM7.js +218 -0
- package/dist/provider-registration-CA9-PRDk.js +37 -0
- package/dist/qr-cli-Dwc3sjiV.js +2 -0
- package/dist/qr-cli-hTiyQbbK.js +349 -0
- package/dist/qr-image-BDoVY1GF.js +2 -0
- package/dist/queue-BljsBBtU.js +409 -0
- package/dist/reaction-runtime-api-Q9NHKbpw.js +116 -0
- package/dist/reactions-DGczAFsd.js +998 -0
- package/dist/read-capability-YFf_CDLF.js +412 -0
- package/dist/register-service-commands-Dxwl01rR.js +71 -0
- package/dist/register.agent-Drovpr_f.js +248 -0
- package/dist/register.configure-BzQtmjqp.js +15 -0
- package/dist/register.maintenance-PRykY6qq.js +363 -0
- package/dist/register.message-Dw6OLnap.js +329 -0
- package/dist/register.onboard-CB7aqo8I.js +88 -0
- package/dist/register.runtime-5QpZP1PI.js +81 -0
- package/dist/register.runtime.js +1 -1
- package/dist/register.setup-GLc__3H1.js +150 -0
- package/dist/register.status-health-sessions-DuQnS6V7.js +1215 -0
- package/dist/register.subclis-Bupq6ckp.js +3 -0
- package/dist/register.subclis-Df0YvsXg.js +29 -0
- package/dist/register.subclis-core-CK63Nor4.js +249 -0
- package/dist/reply-dispatch-runtime-D63ANCTQ.js +13 -0
- package/dist/reply-media-paths.runtime-C6-V86g1.js +146 -0
- package/dist/reply-media-paths.runtime-Cmms8y5S.js +2 -0
- package/dist/reply-media-paths.runtime.js +1 -1
- package/dist/reply-runtime-CLq8xugv.js +10 -0
- package/dist/reply.runtime-FitoWYiX.js +2 -0
- package/dist/reply.runtime.js +1 -1
- package/dist/resolve-BHmKuinY.js +259 -0
- package/dist/response-generator-BxzbAKHi.js +175 -0
- package/dist/restart-health-CNE6ENF8.js +202 -0
- package/dist/restart-health-DriNCEEo.js +2 -0
- package/dist/root-help-BsG62TUK.js +44 -0
- package/dist/route-reply-EPkWewCQ.js +162 -0
- package/dist/route-reply.runtime-Rem8ixbJ.js +2 -0
- package/dist/route-reply.runtime.js +1 -1
- package/dist/routes-B8SmZM_C.js +3341 -0
- package/dist/routes-CVtIuQaj.js +2 -0
- package/dist/rpc-AJw8-VEF.js +61 -0
- package/dist/rpc.runtime-NzXXr3IH.js +21 -0
- package/dist/rpc.runtime.js +1 -1
- package/dist/run-auth-profile.runtime-DrFMFMa5.js +2 -0
- package/dist/run-auth-profile.runtime.js +1 -1
- package/dist/run-delivery.runtime-DDc5pTuc.js +530 -0
- package/dist/run-delivery.runtime.js +1 -1
- package/dist/run-embedded.runtime-BlLE0DKl.js +4 -0
- package/dist/run-embedded.runtime.js +1 -1
- package/dist/run-execution-cli.runtime-Dx9bn2nL.js +4 -0
- package/dist/run-execution-cli.runtime.js +1 -1
- package/dist/run-executor.runtime-Bx0-xr66.js +277 -0
- package/dist/run-executor.runtime.js +1 -1
- package/dist/run-main-Q7WXDun9.js +567 -0
- package/dist/run-subagent-registry.runtime-DN441nGA.js +2 -0
- package/dist/run-subagent-registry.runtime.js +1 -1
- package/dist/run-wait-DOOBZLr5.js +135 -0
- package/dist/runner-B8D0Coak.js +966 -0
- package/dist/runner.entries-DZUGr24v.js +604 -0
- package/dist/runtime-B56xKFjA.js +9 -0
- package/dist/runtime-BshnyUPo.js +116 -0
- package/dist/runtime-CnTeeNB7.js +72 -0
- package/dist/runtime-D--xK0Me.js +961 -0
- package/dist/runtime-DFBduVee.js +2 -0
- package/dist/runtime-api-BGOAhjcp.js +9 -0
- package/dist/runtime-api-CcUMXjjy.js +14 -0
- package/dist/runtime-api-L9lB-rDz.js +4 -0
- package/dist/runtime-api-ap0gPIKQ.js +9 -0
- package/dist/runtime-co7Um4tt.js +263 -0
- package/dist/runtime-embedded-pi.runtime-CQ5TsVlh.js +2 -0
- package/dist/runtime-embedded-pi.runtime.js +1 -1
- package/dist/runtime-entry-g38-J35c.js +2769 -0
- package/dist/runtime-internal-DwAoh64o.js +2 -0
- package/dist/runtime-manifest.runtime.js +1 -1
- package/dist/runtime-options-CtF_gotz.js +275 -0
- package/dist/runtime-prepare.runtime-DAaAh4tU.js +80 -0
- package/dist/runtime-prepare.runtime.js +1 -1
- package/dist/runtime-schema-7aqYdEly.js +28599 -0
- package/dist/runtime-web-tools-DpTEm5uJ.js +1477 -0
- package/dist/runtime-web-tools-fallback.runtime.js +1 -1
- package/dist/runtime-web-tools-manifest.runtime.js +1 -1
- package/dist/runtime-web-tools-public-artifacts.runtime.js +1 -1
- package/dist/sandbox-DjUUwvID.js +3 -0
- package/dist/sandbox-IL2pQunA.js +1156 -0
- package/dist/sandbox-cli-C75oWfKU.js +450 -0
- package/dist/scan-BmfJ_GUd.js +2 -0
- package/dist/scan-BwUXPVa4.js +523 -0
- package/dist/secrets-cli-Byrmt5p3.js +2101 -0
- package/dist/security-cli-Cb_qzWSU.js +486 -0
- package/dist/selection-BaZ-7Sz6.js +2 -0
- package/dist/selection-C8rwxPqg.js +7743 -0
- package/dist/send-C3Ht9Buu.js +102 -0
- package/dist/send-NpRBz3rn.js +156 -0
- package/dist/send.runtime-Buvd_P2p.js +2 -0
- package/dist/send.runtime.js +1 -1
- package/dist/server-B8tim7RO.js +13 -0
- package/dist/server-ClAvfJJm.js +77 -0
- package/dist/server-context-Dl7OQ56d.js +2 -0
- package/dist/server-context-F2Jh0JBO.js +847 -0
- package/dist/server-node-events-Db8SbNO0.js +474 -0
- package/dist/server-plugin-bootstrap-DxpFA7AU.js +13703 -0
- package/dist/server-plugin-bootstrap-t6Z_tN0J.js +2 -0
- package/dist/server-restart-sentinel-VLhFJOy5.js +684 -0
- package/dist/server.impl-BNDZK6Lv.js +12804 -0
- package/dist/session-BThNEh5u.js +48 -0
- package/dist/session-archive.runtime.js +1 -1
- package/dist/session-envelope-tBfpcRRu.js +18 -0
- package/dist/session-key-De2wQZ8k.js +65 -0
- package/dist/session-kill-http-C35_XMK_.js +110 -0
- package/dist/session-meta-Bpv85XpZ.js +109 -0
- package/dist/session-override-dIx8boay.js +106 -0
- package/dist/session-reset-model.runtime-BY5KYxcY.js +133 -0
- package/dist/session-reset-model.runtime.js +1 -1
- package/dist/session-reset-service-Cs7o8vTZ.js +497 -0
- package/dist/session-route-DwjrtcvV.js +93 -0
- package/dist/session-status.runtime-Cp9hECfs.js +2 -0
- package/dist/session-status.runtime.js +1 -1
- package/dist/session-store-DT5H5NRv.js +126 -0
- package/dist/session-store.runtime-CoRuKMfZ.js +2 -0
- package/dist/session-store.runtime.js +1 -1
- package/dist/session-subagent-reactivation.runtime-3hC6cwVh.js +2 -0
- package/dist/session-subagent-reactivation.runtime.js +1 -1
- package/dist/session-tab-registry-BHn1P3lZ.js +581 -0
- package/dist/session-updates-CHKrFM9H.js +236 -0
- package/dist/session-updates.runtime-CqylTFnb.js +2 -0
- package/dist/session-updates.runtime.js +1 -1
- package/dist/session-utils-otyfumhD.js +1009 -0
- package/dist/session-visibility-C5yhLdDZ.js +147 -0
- package/dist/sessions-BjHLgqjt.js +2 -0
- package/dist/sessions-C1_80mqv.js +48 -0
- package/dist/sessions-DjIcw5uP.js +281 -0
- package/dist/sessions-helpers-C_xGZAo7.js +305 -0
- package/dist/sessions-history-http-CQ-Ga5H3.js +371 -0
- package/dist/sessions-patch-XzBTc4fY.js +309 -0
- package/dist/sessions-resolve-CF4QOXiX.js +174 -0
- package/dist/sessions-w6UJYMea.js +16 -0
- package/dist/sessions.runtime-CEV3VtEH.js +2 -0
- package/dist/sessions.runtime.js +1 -1
- package/dist/setup-BrkQiUrj.js +421 -0
- package/dist/setup-D218KRK6.js +636 -0
- package/dist/setup-api-BvHlVezg.js +29 -0
- package/dist/setup-core-BjceveVY.js +171 -0
- package/dist/setup-core-CxDIk2Qq.js +176 -0
- package/dist/setup-surface-6hnrFGJ3.js +286 -0
- package/dist/setup-surface-BBDyg26_.js +219 -0
- package/dist/setup-surface-HREO9zEo.js +403 -0
- package/dist/setup.finalize-CAJxf_Mm.js +547 -0
- package/dist/setup.gateway-config-g6JfCjT4.js +250 -0
- package/dist/shared-CJ2_38Ar.js +198 -0
- package/dist/shared-CecRnN5i.js +76 -0
- package/dist/shared-G254rWzJ.js +217 -0
- package/dist/shared-Zan1S92i.js +121 -0
- package/dist/shared-runtime-CKzUXuwN.js +7 -0
- package/dist/skill-commands-DWC_vZ-J.js +83 -0
- package/dist/skill-commands.runtime-BMmD4lyW.js +2 -0
- package/dist/skill-commands.runtime.js +1 -1
- package/dist/skills-install-Bpfq1PgX.js +605 -0
- package/dist/skills-snapshot.runtime-uSs9vmlj.js +7 -0
- package/dist/skills-snapshot.runtime.js +1 -1
- package/dist/slash-state-EXy1B2EX.js +1911 -0
- package/dist/speech-provider-CcbYv8ap.js +216 -0
- package/dist/speech-provider-Cr1h-_-X.js +170 -0
- package/dist/speech-provider-Gif_hcpc.js +209 -0
- package/dist/src-Dda8Fvmo.js +3974 -0
- package/dist/stage-sandbox-media.runtime-_FkeTCA0.js +232 -0
- package/dist/stage-sandbox-media.runtime.js +1 -1
- package/dist/startup-context-BLtyYbKu.js +312 -0
- package/dist/state-migrations-BXYrr3Hc.js +820 -0
- package/dist/status-B1RXiDvc.js +3 -0
- package/dist/status-B4tnoXkV.js +2 -0
- package/dist/status-BWXZC-dF.js +2 -0
- package/dist/status-CUZkKe39.js +62 -0
- package/dist/status-DNnTegVL.js +395 -0
- package/dist/status-G3Z29Cb_.js +190 -0
- package/dist/status-all-pjolmMGB.js +498 -0
- package/dist/status-json-BKR5uVlE.js +14 -0
- package/dist/status-json-command-DuIQ8dNz.js +82 -0
- package/dist/status-message-CZyHmUQr.js +466 -0
- package/dist/status-message.runtime-C1I59_ay.js +6 -0
- package/dist/status-message.runtime.js +1 -1
- package/dist/status-n2SrcSeP.js +209 -0
- package/dist/status-queue.runtime-k2kdii3C.js +2 -0
- package/dist/status-queue.runtime.js +1 -1
- package/dist/status-runtime-shared-9akPh3OB.js +241 -0
- package/dist/status-subagents.runtime-C-2-94r7.js +18 -0
- package/dist/status-subagents.runtime.js +1 -1
- package/dist/status-text-DY-AMW7D.js +237 -0
- package/dist/status.gateway-connection.runtime-CGwlyVSQ.js +2 -0
- package/dist/status.gateway-connection.runtime.js +1 -1
- package/dist/status.gather-C17tVkff.js +2 -0
- package/dist/status.gather-CGXwFKnq.js +292 -0
- package/dist/status.runtime-DdcRs0mC.js +2 -0
- package/dist/status.runtime-L3R8cOql.js +2 -0
- package/dist/status.runtime.js +1 -1
- package/dist/status.scan-BSIqJF_S.js +65 -0
- package/dist/status.scan-overview-CbwLYoIT.js +379 -0
- package/dist/status.scan.fast-json-BnpfFSN8.js +2 -0
- package/dist/status.scan.fast-json-W54JDFUy.js +132 -0
- package/dist/status.summary-CeaTG93y.js +2 -0
- package/dist/status.summary-LPaYBiqB.js +200 -0
- package/dist/store-BtHVDH2Q.js +910 -0
- package/dist/store-Qn6Vf7Ma.js +4 -0
- package/dist/store.runtime-Dd3L_GjJ.js +2 -0
- package/dist/store.runtime.js +1 -1
- package/dist/stream-CImPPcyN.js +664 -0
- package/dist/subagent-announce-Dn5xl49E.js +351 -0
- package/dist/subagent-announce-delivery-CpVHT0KZ.js +726 -0
- package/dist/subagent-announce-output-Ba8GDqQZ.js +364 -0
- package/dist/subagent-capabilities-DN1kjzNE.js +251 -0
- package/dist/subagent-control-Clm3gsra.js +506 -0
- package/dist/subagent-control.runtime-D9vrLexA.js +3 -0
- package/dist/subagent-control.runtime.js +1 -1
- package/dist/subagent-followup.runtime-OlILj5hg.js +68 -0
- package/dist/subagent-followup.runtime.js +1 -1
- package/dist/subagent-orphan-recovery-Dqi7ktSy.js +305 -0
- package/dist/subagent-registry-BfT1dA_H.js +3 -0
- package/dist/subagent-registry-DsOeyo6i.js +1753 -0
- package/dist/subagent-registry.runtime.js +1 -1
- package/dist/subagent-spawn-IMKDJ_Ai.js +1005 -0
- package/dist/supervisor-DgpKTzey.js +704 -0
- package/dist/supervisor-log.runtime.js +1 -1
- package/dist/system-cli-QcbUPgUP.js +43 -0
- package/dist/targets-rJXMe19f.js +67 -0
- package/dist/targets.runtime.js +1 -1
- package/dist/task-executor-CT_QfGPJ.js +360 -0
- package/dist/task-owner-access-Bm14vxJa.js +74 -0
- package/dist/task-registry-D6gK7iIt.js +2357 -0
- package/dist/task-registry-delivery-runtime-CDAeASdU.js +2 -0
- package/dist/task-registry-delivery-runtime-CeWw5kdc.js +3 -0
- package/dist/task-registry.maintenance-B5hpULqB.js +416 -0
- package/dist/task-registry.maintenance-DZFQCCjc.js +2 -0
- package/dist/telegram/token.js +2 -2
- package/dist/testing-B2Y0vJ76.js +575 -0
- package/dist/text-report-0Q8c04if.js +549 -0
- package/dist/tool-auth-shared-Ca0wddYT.js +90 -0
- package/dist/tool-policy-pipeline-BLtvEs31.js +109 -0
- package/dist/tool-resolution-CHcj9HdC.js +90 -0
- package/dist/tools-effective-inventory-Giuks2Dt.js +152 -0
- package/dist/tools-invoke-http-FlaWbmCS.js +206 -0
- package/dist/transcript-resolve.runtime-wnJiuCEb.js +2 -0
- package/dist/transcript-resolve.runtime.js +1 -1
- package/dist/transcript-yKXsllQ2.js +312 -0
- package/dist/transcript.runtime-CmcFZQq0.js +2 -0
- package/dist/transcript.runtime.js +1 -1
- package/dist/trash-BzlpkaUi.js +24 -0
- package/dist/tts-BG_1G2S6.js +64 -0
- package/dist/tui-cli-B9Emgd5Q.js +4585 -0
- package/dist/uninstall-B6U2msaD.js +185 -0
- package/dist/update-BjKPsXUk.js +1282 -0
- package/dist/update-cli-ln47pDmA.js +1759 -0
- package/dist/update-startup-Xs6Edz-d.js +2 -0
- package/dist/upgrade-Ctu4zfU3.js +1226 -0
- package/dist/video-generation-provider-B0W1RcQj.js +264 -0
- package/dist/video-generation-provider-B2XcJK8B.js +221 -0
- package/dist/video-generation-provider-BJt8-Jzh.js +254 -0
- package/dist/video-generation-provider-Bsz88Y8I.js +78 -0
- package/dist/video-generation-provider-CmN0n1aP.js +271 -0
- package/dist/video-generation-provider-DKFpHGWz.js +64 -0
- package/dist/video-generation-provider-LgYMFJAm.js +281 -0
- package/dist/video-generation-provider-j1OQMvjr2.js +77 -0
- package/dist/video-generation-provider-lI_tgIiA.js +287 -0
- package/dist/video-generation-provider-uVzVbp2s.js +118 -0
- package/dist/video-generation-provider-xQ4AZkeK.js +187 -0
- package/dist/video-generation-task-status-AzBxxMK4.js +163 -0
- package/dist/wait-for-idle-before-flush-D4a3dGVX.js +6025 -0
- package/dist/web-search-provider-Bt8NRG25.js +163 -0
- package/dist/wizard-models-DpLispoG.js +334 -0
- package/dist/workflow-runtime-C0jGj382.js +485 -0
- package/package.json +1 -1
- package/dist/abort-DUTWX49H.js +0 -201
- package/dist/abort-cutoff.runtime-oLWHRfE6.js +0 -20
- package/dist/abort.runtime-B1CZPj3m.js +0 -2
- package/dist/accounts-DFJuQd32.js +0 -107
- package/dist/accounts-VbCry_MV.js +0 -104
- package/dist/accounts-ZduaK0fO.js +0 -2
- package/dist/acp-cli-Cyqn8a7z.js +0 -2217
- package/dist/acp-spawn-B1O0qwkN.js +0 -2
- package/dist/acp-spawn-C2eEj7wR.js +0 -1042
- package/dist/acp-stateful-target-driver-BKL2flGw.js +0 -89
- package/dist/action-agents-C9zs0A_N.js +0 -67
- package/dist/action-focus-Dj2trHbP.js +0 -132
- package/dist/action-help-ENFS-VRC.js +0 -7
- package/dist/action-info-IKxta-Me.js +0 -101
- package/dist/action-kill-CJGjsHX-.js +0 -33
- package/dist/action-list-ChLdMXon.js +0 -21
- package/dist/action-log-CdeugqCO.js +0 -30
- package/dist/action-send-BvUjnmVw.js +0 -39
- package/dist/action-spawn-Xq0DpbW7.js +0 -47
- package/dist/action-unfocus-DfcihOhT.js +0 -29
- package/dist/actions.runtime-CTjuTpQ1.js +0 -18
- package/dist/actions.runtime-Dp93aqpg.js +0 -5
- package/dist/agent-DQZeYp3u.js +0 -2
- package/dist/agent-command-CynPQd5_.js +0 -874
- package/dist/agent-harness-runtime-D9PrghSe.js +0 -144
- package/dist/agent-runner-utils-CwDT31Pp.js +0 -239
- package/dist/agent-runner.runtime-kH3GCoKg.js +0 -3443
- package/dist/agent-runtime-BSwK1sup.js +0 -18
- package/dist/agents-C9BmPj-C.js +0 -954
- package/dist/agents-CQQ7cNF9.js +0 -5
- package/dist/agents.command-shared-cZa4UKga.js +0 -40
- package/dist/aliases-B92uAzO2.js +0 -2
- package/dist/aliases-BZsZGqVQ.js +0 -96
- package/dist/api-CU22wCTp.js +0 -139
- package/dist/api-DD_eTeli.js +0 -5
- package/dist/api-DIKi1Ni8.js +0 -4
- package/dist/api-i4W2Wwd4.js +0 -48
- package/dist/api-sngIL0OQ.js +0 -3
- package/dist/apply-oUSa2Pf0.js +0 -508
- package/dist/apply.runtime-BLCi2Ivv.js +0 -166
- package/dist/apply.runtime-D_hTG_Y0.js +0 -2
- package/dist/approval-gateway-resolver-KouhItZO.js +0 -29
- package/dist/approval-gateway-runtime-D7CzOIgq.js +0 -2
- package/dist/approval-handler-runtime-CFvI_pZS.js +0 -439
- package/dist/approval-native-runtime-rl6s6chH.js +0 -729
- package/dist/attempt-execution.runtime-Ba87IenS.js +0 -509
- package/dist/attempt-execution.shared-BY_ARPh1.js +0 -22
- package/dist/attempt.prompt-helpers-BbBNMjqU.js +0 -206
- package/dist/attempt.tool-run-context-CLlg_9Gq.js +0 -933
- package/dist/audit-CQJwJFWH.js +0 -939
- package/dist/audit-extra.async-BbZcluVr.js +0 -971
- package/dist/audit-tool-policy-C0lIM9Fp.js +0 -3
- package/dist/audit.deep.runtime-CXjulrWI.js +0 -2
- package/dist/audit.nondeep.runtime-nu5XTu7N.js +0 -880
- package/dist/audit.runtime-CW5CY88A.js +0 -7
- package/dist/auth-CzjcgD0-.js +0 -177
- package/dist/auth-DFhah4e4.js +0 -2
- package/dist/auth-DQw5zHDJ.js +0 -56
- package/dist/auth-choice-CXWHXiQK.js +0 -3
- package/dist/auth-choice-DGMF0dBk.js +0 -85
- package/dist/auth-order-CMWxvLX4.js +0 -2
- package/dist/auth-order-D6mEMqD7.js +0 -139
- package/dist/auth-s-3q__5n.js +0 -550
- package/dist/bash-tools-BCSXSkhx.js +0 -2853
- package/dist/bash-tools-D2NO8-ph.js +0 -3
- package/dist/bash-tools.exec-runtime-CVOp5fHn.js +0 -823
- package/dist/binding-routing-DROXsDQk.js +0 -85
- package/dist/binding-targets-D33MkugL.js +0 -121
- package/dist/bridge-server-3gO7JmL_.js +0 -113
- package/dist/browser-control-auth-DS3Wwm1z.js +0 -2
- package/dist/browser-node-runtime-DkVkb3tt.js +0 -12
- package/dist/browser-profiles-Bk9dcXzv.js +0 -2
- package/dist/browser-runtime-dGM3ZeLa.js +0 -387
- package/dist/browser-setup-tools-DSgChJEe.js +0 -13
- package/dist/build-CjLf_jQl.js +0 -550
- package/dist/call-BxIEVH5N.js +0 -3
- package/dist/call-Dwj7PrNe.js +0 -330
- package/dist/call.runtime-mZvFxL4G.js +0 -2
- package/dist/capability-cli-C-6omBAD.js +0 -1401
- package/dist/catalog-provider-RQJYkKkq.js +0 -40
- package/dist/catchup-Dfw4DEMS.js +0 -300
- package/dist/channel-4YVnFcIj.js +0 -297
- package/dist/channel-BajDSspb.js +0 -1320
- package/dist/channel-BcS5ghfF.js +0 -840
- package/dist/channel-BlU_cVm0.js +0 -491
- package/dist/channel-BmZ19q9d.js +0 -453
- package/dist/channel-C4KfOdTm.js +0 -226
- package/dist/channel-C7LNJi1M.js +0 -595
- package/dist/channel-CFxTIjzU.js +0 -1174
- package/dist/channel-CYDnIh3Z.js +0 -350
- package/dist/channel-DBUj2Ysq.js +0 -1802
- package/dist/channel-DwWdEu7o.js +0 -1100
- package/dist/channel-add-wizard-BLjklZ70.js +0 -2
- package/dist/channel-add-wizard-C3BysW2-.js +0 -125
- package/dist/channel-core-VlXrdyfV.js +0 -5
- package/dist/channel-inbound-BzALE-tz.js +0 -31
- package/dist/channel-plugin-resolution-BNbz8s_s.js +0 -153
- package/dist/channel-plugin-resolution-Bey1o2RL.js +0 -2
- package/dist/channel-plugin-runtime-BMmEKuoC.js +0 -771
- package/dist/channel-runtime-BZXgyMUr.js +0 -425
- package/dist/channel-setup-BzbhDDrt.js +0 -1297
- package/dist/channel.runtime-2Kw88P7w.js +0 -576
- package/dist/channel.runtime-Bwnky7Bn.js +0 -2364
- package/dist/channel.runtime-CDvvT7UR.js +0 -4
- package/dist/channel.runtime-CgP4n1an.js +0 -430
- package/dist/channel.runtime-MJe9DoSG.js +0 -89
- package/dist/channel.runtime-f0WEEj3o.js +0 -42398
- package/dist/channel.setup-DaZBK_2E.js +0 -10
- package/dist/channel2.runtime-CfVIjEhU.js +0 -109
- package/dist/channels-Bq1GXmZX.js +0 -733
- package/dist/channels-cli-DzbssQ5L.js +0 -268
- package/dist/chat-CNZDzOWR.js +0 -2830
- package/dist/clawbot-cli-UIo3UVaj.js +0 -9
- package/dist/clawhub-DRNYT4Ih.js +0 -400
- package/dist/cli-2nlB-dHJ.js +0 -154
- package/dist/cli-7dTpJC3M.js +0 -2
- package/dist/cli-BGMFTnb1.js +0 -683
- package/dist/cli-BVKDWfwH.js +0 -72
- package/dist/cli-Bp52OQjs.js +0 -219
- package/dist/cli-C26tWLBw.js +0 -3726
- package/dist/cli-C_289Xdv.js +0 -2
- package/dist/cli-kOop_NSN.js +0 -2
- package/dist/cli-runner-CP51WTPf.js +0 -286
- package/dist/cli-runner.runtime-BtArNV63.js +0 -4
- package/dist/cli-runner.runtime-Dy1IJ7UX.js +0 -3
- package/dist/cli.runtime-2ilydgLb.js +0 -1261
- package/dist/client-BN8cDQr7.js +0 -723
- package/dist/client-Doc6u1up.js +0 -138
- package/dist/command-auth-oo_Iz0oe.js +0 -76
- package/dist/command-config-resolution-BNQbV_C6.js +0 -23
- package/dist/command-config-resolution-DIvkjwvj.js +0 -2
- package/dist/command-config-resolution.runtime-Dlk7LIJ8.js +0 -2
- package/dist/command-execution-startup-DtBNBU06.js +0 -324
- package/dist/command-registry-Dm8ohcSP.js +0 -4
- package/dist/command-registry-core-BxyHXEQ3.js +0 -106
- package/dist/command-registry-xVmA85-_.js +0 -9
- package/dist/command-secret-gateway-Dej2E5rP.js +0 -528
- package/dist/command-status.runtime-CWgNMJi1.js +0 -87
- package/dist/commands-acp-Ca0l7esb.js +0 -77
- package/dist/commands-compact.runtime-DBN1EALw.js +0 -10
- package/dist/commands-core.runtime-CXYQlfla.js +0 -2
- package/dist/commands-handlers.runtime-BrCljWio.js +0 -4599
- package/dist/commands-reset-hooks-C-P5vfWa.js +0 -135
- package/dist/commands-status-C0WYf99K.js +0 -16
- package/dist/commands-status.runtime-Czim-9LY.js +0 -3
- package/dist/commands-subagents-control.runtime-CgiW2mpD.js +0 -3
- package/dist/commands-subagents-control.runtime-oCqEcwa7.js +0 -2
- package/dist/commands-system-prompt-BQHZNtSZ.js +0 -157
- package/dist/commands-system-prompt-ClJDN8rr.js +0 -2
- package/dist/commands.runtime-DwmtsbUc.js +0 -167
- package/dist/compact-DDf0xr2o.js +0 -1096
- package/dist/compact.runtime-C4BZuDjJ.js +0 -12
- package/dist/completion-cli-85iaysB7.js +0 -328
- package/dist/config-CHPRDFh1.js +0 -252
- package/dist/config-cli-DSZ7DNtq.js +0 -1078
- package/dist/config-guard-Ca-1hhke.js +0 -96
- package/dist/config-runtime-AtYct3A3.js +0 -32
- package/dist/configure-BR6m0uoi.js +0 -1252
- package/dist/configure-CC09fyLr.js +0 -2
- package/dist/connect-options-HotLjDKX.js +0 -699
- package/dist/control-auth-CBtOUnsz.js +0 -125
- package/dist/control-service-D2A1PyZC.js +0 -156
- package/dist/control-ui/assets/agents-7cSPVJV0.js +0 -1125
- package/dist/control-ui/assets/canvas-IIhBIoAa.js +0 -274
- package/dist/control-ui/assets/channel-config-extras-sj_UXv9J.js +0 -2
- package/dist/control-ui/assets/channels-B4MTYg8u.js +0 -198
- package/dist/control-ui/assets/contacts-CSch1ckf.js +0 -49
- package/dist/control-ui/assets/cron-B548qeSj.js +0 -250
- package/dist/control-ui/assets/de-DOykxjSu.js +0 -2
- package/dist/control-ui/assets/debug-DERT6TQG.js +0 -94
- package/dist/control-ui/assets/es-BTwWEPGm.js +0 -2
- package/dist/control-ui/assets/fr-DVRwR98L.js +0 -2
- package/dist/control-ui/assets/i18n-BPOQLrbx.js +0 -3
- package/dist/control-ui/assets/id-BSBAUAzK.js +0 -2
- package/dist/control-ui/assets/index-C2CxJps0.js +0 -5981
- package/dist/control-ui/assets/instances-DwteyRRi.js +0 -57
- package/dist/control-ui/assets/ja-JP-BiD5eOfG.js +0 -2
- package/dist/control-ui/assets/ko-BNgLBJdW.js +0 -2
- package/dist/control-ui/assets/logs-GdE34D7D.js +0 -74
- package/dist/control-ui/assets/mcp-z76x2vB5.js +0 -380
- package/dist/control-ui/assets/memory-CsTbP2T4.js +0 -50
- package/dist/control-ui/assets/memory-graph-DbZEkTHJ.js +0 -30
- package/dist/control-ui/assets/models-j_tXq7Pe.js +0 -86
- package/dist/control-ui/assets/nodes-cxO9Enln.js +0 -654
- package/dist/control-ui/assets/pl-DrVcqC4t.js +0 -2
- package/dist/control-ui/assets/plugins-Rt--bQFn.js +0 -259
- package/dist/control-ui/assets/presenter-BiJsRhTg.js +0 -2
- package/dist/control-ui/assets/pt-BR-BXlBG1WX.js +0 -2
- package/dist/control-ui/assets/sessions-CP6r0JAQ.js +0 -56
- package/dist/control-ui/assets/skills-CMy2whFb.js +0 -294
- package/dist/control-ui/assets/skills-shared-B-3kgWg3.js +0 -11
- package/dist/control-ui/assets/th-DjtYmyBR.js +0 -2
- package/dist/control-ui/assets/tr-I0LYx0Ew.js +0 -2
- package/dist/control-ui/assets/uk-xilwRRzQ.js +0 -2
- package/dist/control-ui/assets/wallet-geRdfgso.js +0 -302
- package/dist/control-ui/assets/zh-CN-DHz_bYy_.js +0 -2
- package/dist/control-ui/assets/zh-TW-LvBbVYeU.js +0 -2
- package/dist/control-ui-Djt0XDNa.js +0 -1043
- package/dist/conversation-id-BwNpVXFJ.js +0 -235
- package/dist/conversation-id-CTAeVE9E.js +0 -38
- package/dist/conversation-runtime-D6miDW4s.js +0 -31
- package/dist/core-CYaV0wrq.js +0 -275
- package/dist/create-DN7NWqCZ.js +0 -80
- package/dist/cron-cli-BZacbTRu.js +0 -713
- package/dist/daemon-cli-BXtGpvAS.js +0 -12
- package/dist/dashboard-Ds7c6TJm.js +0 -2
- package/dist/dashboard-s1prqGuB.js +0 -81
- package/dist/delegate-nycMaKrd.js +0 -64
- package/dist/deliver-BedUVIQP.js +0 -747
- package/dist/deliver-DPvG5Qo8.js +0 -3
- package/dist/deliver-runtime-DZlx42y2.js +0 -2
- package/dist/delivery-outbound.runtime-Dyo6zcqN.js +0 -6
- package/dist/delivery.runtime-CmuJYXg1.js +0 -253
- package/dist/detached-task-runtime-DXFEjX_Y.js +0 -73
- package/dist/devices-cli-B2T4Rk-c.js +0 -498
- package/dist/diagnostics-669Ookpz.js +0 -154
- package/dist/direct-dm-Bwx0l0B5.js +0 -64
- package/dist/directive-handling.fast-lane-Vuy-nG2-.js +0 -66
- package/dist/directive-handling.impl-DrE_GeZR.js +0 -2
- package/dist/directive-handling.impl-KH2zUp6M.js +0 -703
- package/dist/directive-handling.model-selection-BiW8QHW-.js +0 -114
- package/dist/directive-handling.persist.runtime-VLCtMqO5.js +0 -215
- package/dist/directory-cli-DQRcL8xw.js +0 -240
- package/dist/dispatch-CVFq_KHF.js +0 -1131
- package/dist/dispatch-acp-AeVrqG1P.js +0 -981
- package/dist/dispatch-acp-manager.runtime-t90xTijh.js +0 -3
- package/dist/dispatch-acp-media.runtime-Bq9nReBk.js +0 -4
- package/dist/dispatch-acp-session.runtime-CKts6zqY.js +0 -2
- package/dist/dispatch-acp.runtime-CLS-txJr.js +0 -19
- package/dist/doctor-config-flow-C1S8B_sg.js +0 -420
- package/dist/doctor-config-preflight-DH_iBFHQ.js +0 -2
- package/dist/doctor-config-preflight-nRntMTIC.js +0 -63
- package/dist/doctor-device-pairing-rAiSum7F.js +0 -307
- package/dist/doctor-gateway-daemon-flow-BYlbRkfE.js +0 -250
- package/dist/doctor-gateway-health-DGaad6OP.js +0 -63
- package/dist/doctor-health-contributions-CYangAn3.js +0 -493
- package/dist/doctor-health-woICf2XW.js +0 -59
- package/dist/doctor-prompter-oNxd62XO.js +0 -56
- package/dist/doctor-sandbox-C9h2a5Uu.js +0 -194
- package/dist/doctor-state-migrations-BPuF54_Y.js +0 -2
- package/dist/doctor-workspace-status-DrOqBwKh.js +0 -75
- package/dist/dreaming-narrative-SeHukrla.js +0 -596
- package/dist/dreaming-qiznoCiH.js +0 -1582
- package/dist/embedded-gateway-stub.runtime-BiCMn9tm.js +0 -9
- package/dist/embedding-provider-QRMp19Ph.js +0 -118
- package/dist/embeddings-Cwg0dHC_.js +0 -215
- package/dist/embeddings-http-DbBwgwsH.js +0 -205
- package/dist/exec-approval-forwarder.runtime-BNGZQkhU.js +0 -3
- package/dist/exec-approvals-cli-BK9WM7tB.js +0 -498
- package/dist/exec-defaults-B5NE8OtM.js +0 -2
- package/dist/exec-defaults-Dy3ej-Rk.js +0 -67
- package/dist/execute.runtime-cy0XQXc7.js +0 -1359
- package/dist/fallbacks-BHahSac7.js +0 -31
- package/dist/fallbacks-CDP89dtv.js +0 -2
- package/dist/fallbacks-shared-h_ZN8Ugk.js +0 -111
- package/dist/gateway-ClYGJe6R.js +0 -115
- package/dist/gateway-cli-D5OEgdCv.js +0 -1283
- package/dist/gateway-rpc-Dk_z0RTG.js +0 -14
- package/dist/gateway-rpc.runtime-DcDI0Hq7.js +0 -23
- package/dist/gateway-runtime-BpOf_2ps.js +0 -15
- package/dist/gateway-status-BfT8gHrq.js +0 -584
- package/dist/genesis-tools-Dn3v15Cu.js +0 -9435
- package/dist/genesis-tools.runtime-BUKXOBx4.js +0 -2
- package/dist/get-reply-BOvlxgUu.js +0 -3946
- package/dist/get-reply-from-config.runtime-Cl8vSh_k.js +0 -2
- package/dist/gmail-watcher-lifecycle-JbKGb-1A.js +0 -2
- package/dist/graph-users-DvflifYV.js +0 -1337
- package/dist/health-B2xJjrkJ.js +0 -3
- package/dist/health-CWa-e_Y6.js +0 -420
- package/dist/health-route-CzxBmoPR.js +0 -41
- package/dist/health-route-Dhbg2HGJ.js +0 -2
- package/dist/hooks-cli-B08Wk2kj.js +0 -433
- package/dist/http-endpoint-helpers-CG3AcjuK.js +0 -41
- package/dist/http-utils-L02eBAVo.js +0 -924
- package/dist/image-fallbacks-DPTpHhw_.js +0 -2
- package/dist/image-fallbacks-DrcfSUln.js +0 -31
- package/dist/image-generation-core-CEg4KACr.js +0 -18
- package/dist/image-generation-provider-B4tW_Kj3.js +0 -274
- package/dist/image-generation-provider-B72nmoos.js +0 -157
- package/dist/image-generation-provider-D9v0PADz.js +0 -63
- package/dist/image-generation-provider-DLYGDzST.js +0 -228
- package/dist/image-generation-provider-DYu8ZWBs.js +0 -529
- package/dist/image-generation-provider-jp6l2Jls.js +0 -95
- package/dist/image-generation-provider-qr08iqKe.js +0 -137
- package/dist/image-runtime-DRQcRKzy.js +0 -9
- package/dist/inbound-reply-dispatch-D2K6Anyc.js +0 -73
- package/dist/inbound.runtime-CCnJwfdz.js +0 -3
- package/dist/inbound.runtime-DwsGti2x.js +0 -4
- package/dist/infra-runtime-Pu3jXc5f.js +0 -38
- package/dist/init-B2qJ52Z_.js +0 -59
- package/dist/install-DwDt01Fk.js +0 -726
- package/dist/install-security-scan-Cq0N2AQi.js +0 -26
- package/dist/install-security-scan.runtime-DWlSCQbQ.js +0 -671
- package/dist/install.runtime-CWnOXdy4.js +0 -27
- package/dist/install.runtime-DPA5lA9o.js +0 -12
- package/dist/jobs-D9IyaUDB.js +0 -729
- package/dist/library-JmPoINsm.js +0 -45
- package/dist/lifecycle-BRey6jez.js +0 -229
- package/dist/lifecycle-CvJT6tH9.js +0 -571
- package/dist/lifecycle.runtime-DJuQgwAu.js +0 -2
- package/dist/list-0KYh_6xs.js +0 -131
- package/dist/list-B1iP8wTX.js +0 -2
- package/dist/list-CewinhHi.js +0 -1212
- package/dist/list-DPm9exQP.js +0 -2
- package/dist/list.probe-M4jUIgk8.js +0 -419
- package/dist/live-model-switch-DqJLIA4J.js +0 -336
- package/dist/llm-slug-generator-CQiB4f0s.js +0 -79
- package/dist/load-config-oEWSSW5T.js +0 -35
- package/dist/loader-DlmWqYuM.js +0 -222
- package/dist/local-dispatch.runtime-rI2L9gZz.js +0 -8
- package/dist/login-DX18Qaag.js +0 -108
- package/dist/logs-cli-qUQbKPpd.js +0 -265
- package/dist/logs-cli.runtime-DZwxYUL2.js +0 -2
- package/dist/main-session-restart-recovery-Dw8zndAD.js +0 -206
- package/dist/managed-image-attachments-B_835Hjd.js +0 -635
- package/dist/managed-image-attachments-Dp_0diDL.js +0 -2
- package/dist/manager-CRmLomjS.js +0 -2
- package/dist/manager-yTOglQEH.js +0 -2057
- package/dist/markdown-to-line-D6Y5rN1y.js +0 -790
- package/dist/mcp-cli-DZi-FzRz.js +0 -725
- package/dist/mcp-http-DaXlqh6n.js +0 -529
- package/dist/media-runtime-awxrKlof.js +0 -329
- package/dist/media-understanding-CYk-TBlo.js +0 -85
- package/dist/media-understanding-provider-BFl9PvK0.js +0 -18
- package/dist/media-understanding-provider-BbHedlHI.js +0 -69
- package/dist/media-understanding-provider-C4hkphxA.js +0 -28
- package/dist/media-understanding-provider-CIJApc3Q.js +0 -85
- package/dist/media-understanding-provider-CMRfrvoW.js +0 -37
- package/dist/media-understanding-provider-D8MwbDYK.js +0 -12
- package/dist/media-understanding-provider-DPZ3M0zL.js +0 -21
- package/dist/media-understanding-provider-DnFHplle.js +0 -13
- package/dist/media-understanding-provider-O3o8RDTO.js +0 -12
- package/dist/media-understanding-provider-WmKhdAeP.js +0 -18
- package/dist/media-understanding-runtime-DiWkY8O9.js +0 -2
- package/dist/memory-core-host-runtime-cli-K2SeZLMj.js +0 -9
- package/dist/memory-embedding-adapter-Ll4TtjDC.js +0 -123
- package/dist/memory-host-search-BzpJFHpD.js +0 -12
- package/dist/message-Bk0q8DmN.js +0 -232
- package/dist/message-action-runner-BIi8DCoo.js +0 -2
- package/dist/message-action-runner-CmhjNg6K.js +0 -1407
- package/dist/message-actions-BDXFXc2E.js +0 -143
- package/dist/message.gateway.runtime-fPnMn6QV.js +0 -2
- package/dist/method-scopes-D_AZ7OsK.js +0 -235
- package/dist/model-picker-D20JpfyM.js +0 -559
- package/dist/model-picker-Dpin9dw4.js +0 -3
- package/dist/model-picker.runtime-B19j-xJa.js +0 -15
- package/dist/model-selection-BDK7dEju.js +0 -212
- package/dist/models-auth-status-0xcMbBhB.js +0 -217
- package/dist/models-cli-DuQZ09TC.js +0 -271
- package/dist/models-http-DruY6N81.js +0 -92
- package/dist/models.fetch-2geG13AQ.js +0 -518
- package/dist/monitor-2KbmBvHU.js +0 -2
- package/dist/monitor-B2yQJkAh.js +0 -1459
- package/dist/monitor-CD4mrtqF.js +0 -1661
- package/dist/monitor-CJ6A4Ro2.js +0 -788
- package/dist/monitor-D19pDt5p.js +0 -1237
- package/dist/monitor-GQtwMpZn.js +0 -671
- package/dist/monitor-auth-DJ9S4EQV.js +0 -207
- package/dist/monitor-processing-BMv5voti.js +0 -1974
- package/dist/monitor.runtime-GizvASio.js +0 -2
- package/dist/monitor.webhook-DzvH3io8.js +0 -180
- package/dist/msteams-7Jx25GW4.js +0 -35
- package/dist/music-generation-provider-Bac-UFIO.js +0 -63
- package/dist/music-generation-provider-fPGrO1gg.js +0 -170
- package/dist/native-hook-relay-DwgVW-el.js +0 -519
- package/dist/nextcloud-talk-gXnN0EKl.js +0 -17
- package/dist/node-cli-Bd8iT-US.js +0 -2276
- package/dist/nodes-cli-xAd3vxyV.js +0 -1046
- package/dist/nodes-utils-qg-Bmmy5.js +0 -84
- package/dist/nodes.helpers-B42Vi8VW.js +0 -34
- package/dist/notify-DArpzHFF.js +0 -315
- package/dist/oauth-B9WR0gWL.js +0 -75
- package/dist/oauth-BpJKd6mz.js +0 -2
- package/dist/oauth-BqiriUcs.js +0 -139
- package/dist/oauth-Dl3zSXWU.js +0 -152
- package/dist/oauth.flow-CIweZ0Wo.js +0 -45
- package/dist/oauth.flow-YT9WcJAP.js +0 -3
- package/dist/onboard-DKr9c-h5.js +0 -70
- package/dist/onboard-DrfmoxpG.js +0 -316
- package/dist/onboard-channels-B-jq5k4w.js +0 -2
- package/dist/onboard-channels-Dg4UVNnl.js +0 -3
- package/dist/onboard-custom-DDY7T8Mb.js +0 -3
- package/dist/onboard-custom-buJ3Vz5C.js +0 -271
- package/dist/onboard-f_tqlGVL.js +0 -2
- package/dist/onboard-helpers-Begz93UO.js +0 -6
- package/dist/onboard-helpers-Di14BUn2.js +0 -204
- package/dist/onboard-interactive-DjJo_FLY.js +0 -24
- package/dist/onboard-non-interactive-CgxwxSiw.js +0 -635
- package/dist/onboard-remote-BhcRxYvn.js +0 -2
- package/dist/onboard-remote-CEeT7hEZ.js +0 -193
- package/dist/onboard-skills-CTTUg6pf.js +0 -134
- package/dist/onboard-skills-DWTbOfH1.js +0 -2
- package/dist/onboarding-plugin-install-CNIcGqAI.js +0 -406
- package/dist/openai-codex-provider-6aTYk3jp.js +0 -472
- package/dist/openai-http-C2-8VSih.js +0 -500
- package/dist/openai-provider-w1PV_KGr.js +0 -313
- package/dist/opencode-SEOw9RYv.js +0 -35
- package/dist/openresponses-http-DgsTPUc1.js +0 -1128
- package/dist/operator-approvals-client-D1R6aLFV.js +0 -68
- package/dist/outbound-runtime-D7qdGq1B.js +0 -5
- package/dist/outbound.runtime-DDAlqr2n.js +0 -2
- package/dist/pair-command-approve-BqXU_u3_.js +0 -44
- package/dist/persistent-bindings.lifecycle-0cee5HeB.js +0 -85
- package/dist/persistent-bindings.lifecycle-DTgwTu9k.js +0 -2
- package/dist/pi-bundle-mcp-runtime-CEwlOt28.js +0 -2
- package/dist/pi-bundle-mcp-runtime-DS32_bKh.js +0 -829
- package/dist/pi-bundle-mcp-tools-MVePSeQp.js +0 -108
- package/dist/pi-embedded-BMKZLrrD.js +0 -2905
- package/dist/pi-embedded-C1_8L609.js +0 -4
- package/dist/pi-embedded-subscribe.handlers.compaction.runtime-61zYwcVi.js +0 -23
- package/dist/pi-embedded.runtime-CEcUCfnu.js +0 -4
- package/dist/pi-tool-definition-adapter-B1q4cAB_.js +0 -229
- package/dist/pi-tools-CE3UX10v.js +0 -1118
- package/dist/pi-tools.before-tool-call-BsMfbO7W.js +0 -433
- package/dist/pi-tools.before-tool-call-DGY-rj-6.js +0 -2
- package/dist/plugin-dDMX1n9i.js +0 -12195
- package/dist/plugin-enabled-CCcxlblr.js +0 -140
- package/dist/plugin-install-D9RUigrW.js +0 -2
- package/dist/plugin-install-DRc2KTWx.js +0 -115
- package/dist/plugin-install-config-policy-CtKZaMAw.js +0 -137
- package/dist/plugin-install-plan-BeNfwB5V.js +0 -50
- package/dist/plugin-registration-CTIg2xi-.js +0 -23
- package/dist/plugin-service-Byv2yfiX.js +0 -2893
- package/dist/plugins-cli-qkT7VGd9.js +0 -584
- package/dist/plugins-command-helpers-DvRgKfV0.js +0 -107
- package/dist/plugins-install-persist-CZWXaz5s.js +0 -133
- package/dist/plugins-update-command-qKTcfS44.js +0 -1057
- package/dist/policy-BK0iZFZM.js +0 -328
- package/dist/prepare.runtime-BMtgLZl1.js +0 -807
- package/dist/probe-Bj3sjcpc.js +0 -2205
- package/dist/probe-C6wNv6c4.js +0 -74
- package/dist/probe-CM5o3wKp.js +0 -240
- package/dist/probe-D3D0RoQl.js +0 -45
- package/dist/probe-DlY3dg7v.js +0 -2
- package/dist/probe-TN3P-dCa.js +0 -2
- package/dist/probe-pLHVFHK6.js +0 -243
- package/dist/probe-pZ61Idl1.js +0 -1443
- package/dist/program-TZ54mZzH.js +0 -111
- package/dist/prompt-select-styled-DFXPq9zJ.js +0 -20
- package/dist/protocol-CWEBsZbG.js +0 -2515
- package/dist/provider-D4RPFEas.js +0 -70
- package/dist/provider-api-key-auth-DxE3Ubaz.js +0 -131
- package/dist/provider-auth-94YJgYBI.js +0 -46
- package/dist/provider-auth-api-key-D9d3vpbu.js +0 -5
- package/dist/provider-auth-choice-C1kxCG8d.js +0 -228
- package/dist/provider-auth-login-DSy_0CmF.js +0 -8
- package/dist/provider-dispatcher-9FnI26kR.js +0 -2
- package/dist/provider-dispatcher-D30lsDyd.js +0 -22
- package/dist/provider-entry-CR0Z4V2Y.js +0 -106
- package/dist/provider-model-defaults-CY1F7Q3c.js +0 -6
- package/dist/provider-registration-C3cLloFb.js +0 -37
- package/dist/provider-registration-CU67AJCU.js +0 -218
- package/dist/qr-cli-CoEq74Fu.js +0 -2
- package/dist/qr-cli-DxaXK8T4.js +0 -349
- package/dist/qr-image-BQnl-2Hz.js +0 -2
- package/dist/queue-IehGWtWc.js +0 -409
- package/dist/reaction-runtime-api-CGWfmWqF.js +0 -116
- package/dist/reactions-D1tny1P_.js +0 -998
- package/dist/read-capability-w1W5sKua.js +0 -412
- package/dist/register-service-commands-D5181r0Q.js +0 -71
- package/dist/register.agent-DWwOD6q5.js +0 -248
- package/dist/register.configure-CZx6uXuU.js +0 -15
- package/dist/register.maintenance-1yV569VU.js +0 -363
- package/dist/register.message-DqosH9zI.js +0 -329
- package/dist/register.onboard-DBa5bh4F.js +0 -88
- package/dist/register.runtime-AUXvOvfy.js +0 -81
- package/dist/register.setup-1k0y27Bf.js +0 -150
- package/dist/register.status-health-sessions-3SuqckJe.js +0 -1215
- package/dist/register.subclis-1vwiREuy.js +0 -3
- package/dist/register.subclis-core-CoUcH7R2.js +0 -249
- package/dist/register.subclis-d6Uoake0.js +0 -29
- package/dist/reply-dispatch-runtime-B2jwG-ti.js +0 -13
- package/dist/reply-media-paths.runtime-Bv-VQY1O.js +0 -2
- package/dist/reply-media-paths.runtime-qZYIzFEg.js +0 -146
- package/dist/reply-runtime-BvyACHP_.js +0 -10
- package/dist/reply.runtime-B76FIMUm.js +0 -2
- package/dist/resolve-DxTN302S.js +0 -259
- package/dist/response-generator-Be1_-xjF.js +0 -175
- package/dist/restart-health-C1m4VgKE.js +0 -2
- package/dist/restart-health-CSxm-1Te.js +0 -202
- package/dist/root-help-Cw7ovqRO.js +0 -44
- package/dist/route-reply-Dn9zmIdM.js +0 -162
- package/dist/route-reply.runtime-DkwtG2qY.js +0 -2
- package/dist/routes-B9j5MeTj.js +0 -2
- package/dist/routes-BCJWRxzD.js +0 -3341
- package/dist/rpc-_zAZRj2-.js +0 -61
- package/dist/rpc.runtime-C3rwvN8O.js +0 -21
- package/dist/run-auth-profile.runtime-Bflh0AxI.js +0 -2
- package/dist/run-delivery.runtime-CXmj98lV.js +0 -530
- package/dist/run-embedded.runtime-yli8ukW0.js +0 -4
- package/dist/run-execution-cli.runtime-CjDLajis.js +0 -4
- package/dist/run-executor.runtime-SwHBKuy1.js +0 -277
- package/dist/run-main-DPHpfv1y.js +0 -567
- package/dist/run-subagent-registry.runtime-CWv2s5wn.js +0 -2
- package/dist/run-wait-CpSEiESO.js +0 -135
- package/dist/runner-Vhfg_kYp.js +0 -966
- package/dist/runner.entries-DWptWo_Q.js +0 -604
- package/dist/runtime-CMHLmvAl.js +0 -961
- package/dist/runtime-COXB-OZq.js +0 -263
- package/dist/runtime-Cfcvlsp1.js +0 -2
- package/dist/runtime-D9CBb5Na.js +0 -72
- package/dist/runtime-api-CLkOuqkP.js +0 -4
- package/dist/runtime-api-DgKObkOQ.js +0 -9
- package/dist/runtime-api-bWUB21Eg.js +0 -9
- package/dist/runtime-api-rryD3LXE.js +0 -14
- package/dist/runtime-embedded-pi.runtime-DuHPAbVt.js +0 -2
- package/dist/runtime-entry-BaLt5V4d.js +0 -2769
- package/dist/runtime-fF-k_rB8.js +0 -9
- package/dist/runtime-internal-By95Az_F.js +0 -2
- package/dist/runtime-l0B7QFL3.js +0 -116
- package/dist/runtime-options-BsxnM5Yt.js +0 -275
- package/dist/runtime-prepare.runtime-D6bMmoTn.js +0 -80
- package/dist/runtime-schema-P9TAqWy1.js +0 -28599
- package/dist/runtime-web-tools-DlattYEh.js +0 -1477
- package/dist/sandbox-B0HW_QP3.js +0 -1156
- package/dist/sandbox-D2w77M7D.js +0 -3
- package/dist/sandbox-cli-DhrLokzO.js +0 -450
- package/dist/scan-CKfozblZ.js +0 -2
- package/dist/scan-CVwpGz6x.js +0 -523
- package/dist/secrets-cli-pXjlA7bi.js +0 -2101
- package/dist/security-cli-ChIBksL4.js +0 -486
- package/dist/selection-CIX2NWC3.js +0 -7743
- package/dist/selection-FiKxtpP7.js +0 -2
- package/dist/send-13tmI7yl.js +0 -102
- package/dist/send-BudgB3Xv.js +0 -156
- package/dist/send.runtime-CWWkq3eQ.js +0 -2
- package/dist/server-CRbNiI2L.js +0 -13
- package/dist/server-DPwckotj.js +0 -77
- package/dist/server-context-DnmrGIHL.js +0 -847
- package/dist/server-context-GFvl1Fa1.js +0 -2
- package/dist/server-node-events-Boy823tY.js +0 -474
- package/dist/server-plugin-bootstrap-BEm4d2by.js +0 -2
- package/dist/server-plugin-bootstrap-BLp3Ri_D.js +0 -13355
- package/dist/server-restart-sentinel-D1dhBlz5.js +0 -684
- package/dist/server.impl-CuEQ_ANR.js +0 -12790
- package/dist/session-DQK4G2N-.js +0 -48
- package/dist/session-envelope-uG-4XV0X.js +0 -18
- package/dist/session-key-CTestOWs.js +0 -65
- package/dist/session-kill-http-CKkRPXTD.js +0 -110
- package/dist/session-meta-B_6JKgd3.js +0 -109
- package/dist/session-override-BJXIc7UA.js +0 -106
- package/dist/session-reset-model.runtime-DFT-FJW1.js +0 -133
- package/dist/session-reset-service-BI9uiJ1F.js +0 -497
- package/dist/session-route-Dy5b9CbY.js +0 -93
- package/dist/session-status.runtime-HByTPp-H.js +0 -2
- package/dist/session-store-COzyfYG2.js +0 -126
- package/dist/session-store.runtime-CQHXgM_Z.js +0 -2
- package/dist/session-subagent-reactivation.runtime-BOWBAfyc.js +0 -2
- package/dist/session-tab-registry-Ce31KjnI.js +0 -581
- package/dist/session-updates-Dl4GafMW.js +0 -236
- package/dist/session-updates.runtime-bHYRFXxm.js +0 -2
- package/dist/session-utils-Dkaj_4dZ.js +0 -1009
- package/dist/session-visibility-BB6i8ptT.js +0 -147
- package/dist/sessions-D3eFfsPH.js +0 -281
- package/dist/sessions-DAup1AeE.js +0 -16
- package/dist/sessions-helpers-DYP9dapI.js +0 -305
- package/dist/sessions-history-http-j8ZxsBAn.js +0 -371
- package/dist/sessions-kO7Dit6B.js +0 -48
- package/dist/sessions-patch-D4ye8mVh.js +0 -309
- package/dist/sessions-resolve-Bi2bj6c-.js +0 -174
- package/dist/sessions-uVaHa5mC.js +0 -2
- package/dist/sessions.runtime-VkodyiYI.js +0 -2
- package/dist/setup-DX-d8t6q.js +0 -421
- package/dist/setup-api-6GX_eeAs.js +0 -29
- package/dist/setup-core-BGUg4eV0.js +0 -171
- package/dist/setup-core-CpfGqHuS.js +0 -176
- package/dist/setup-hFAlSbTL.js +0 -636
- package/dist/setup-surface-DSvYQ0Mf.js +0 -219
- package/dist/setup-surface-DT8l0x7M.js +0 -403
- package/dist/setup-surface-gdmDKJFO.js +0 -286
- package/dist/setup.finalize-m_UzKyZ2.js +0 -547
- package/dist/setup.gateway-config-DHQ8eaxx.js +0 -250
- package/dist/shared-BY5yIWjE.js +0 -198
- package/dist/shared-BtY5n-4U.js +0 -76
- package/dist/shared-C-DELFhh.js +0 -217
- package/dist/shared-DPf8cDHL.js +0 -121
- package/dist/shared-runtime-lVwJld87.js +0 -7
- package/dist/skill-commands-Crg6g_xc.js +0 -83
- package/dist/skill-commands.runtime-Dx9JZPVm.js +0 -2
- package/dist/skills-install-B1RJkjel.js +0 -605
- package/dist/skills-snapshot.runtime-1fnPk6SF.js +0 -7
- package/dist/slash-state-j62N8ife.js +0 -1911
- package/dist/speech-provider-BEjGmdRi.js +0 -170
- package/dist/speech-provider-DU0xib0M.js +0 -209
- package/dist/speech-provider-jexKB2Fl.js +0 -216
- package/dist/src-BYHA6DRU.js +0 -3974
- package/dist/stage-sandbox-media.runtime-BzOf-LsJ.js +0 -232
- package/dist/startup-context-DZml_gZY.js +0 -312
- package/dist/state-migrations-DlUY4b3i.js +0 -820
- package/dist/status-BCr0D4CJ.js +0 -2
- package/dist/status-Bi8EbpXB.js +0 -395
- package/dist/status-CPAE20nX.js +0 -209
- package/dist/status-D-wIma3c.js +0 -3
- package/dist/status-DLmFJkIX.js +0 -2
- package/dist/status-DhpFLjkt.js +0 -190
- package/dist/status-Dql1aIFE.js +0 -62
- package/dist/status-all-AuiqtGQ-.js +0 -498
- package/dist/status-json-BUhA_seV.js +0 -14
- package/dist/status-json-command-Dk8RVvC9.js +0 -82
- package/dist/status-message-DuKO-hzh.js +0 -466
- package/dist/status-message.runtime-BnLXbVHh.js +0 -6
- package/dist/status-queue.runtime-DXdIwJaQ.js +0 -2
- package/dist/status-runtime-shared-BK7fklEl.js +0 -241
- package/dist/status-subagents.runtime-DkMpqnmP.js +0 -18
- package/dist/status-text-D71CoS-s.js +0 -237
- package/dist/status.gateway-connection.runtime-wWu8Kvt4.js +0 -2
- package/dist/status.gather-BlSA6D3i.js +0 -292
- package/dist/status.gather-akCtNgln.js +0 -2
- package/dist/status.runtime-BwFzOfxj.js +0 -2
- package/dist/status.runtime-tPHKyqSk.js +0 -2
- package/dist/status.scan-GF1UDZAB.js +0 -65
- package/dist/status.scan-overview-D1tTMWSi.js +0 -379
- package/dist/status.scan.fast-json-CoLBFhFk.js +0 -132
- package/dist/status.scan.fast-json-K69bqOGh.js +0 -2
- package/dist/status.summary-Bxh5WwsL.js +0 -200
- package/dist/status.summary-Cyr9PxeP.js +0 -2
- package/dist/store-DgajP9Em.js +0 -4
- package/dist/store-tuisxHpf.js +0 -910
- package/dist/store.runtime-Bw5wLKnD.js +0 -2
- package/dist/stream-CWqBQkS6.js +0 -664
- package/dist/subagent-announce-Dw7-i1-9.js +0 -351
- package/dist/subagent-announce-delivery-HYpoItCd.js +0 -726
- package/dist/subagent-announce-output-C7rcYYEc.js +0 -364
- package/dist/subagent-capabilities-DFXCYxt0.js +0 -251
- package/dist/subagent-control-Ds2GYpWL.js +0 -506
- package/dist/subagent-control.runtime-CgBRjo3Q.js +0 -3
- package/dist/subagent-followup.runtime-Cd8hCztp.js +0 -68
- package/dist/subagent-orphan-recovery-BgjubPqf.js +0 -305
- package/dist/subagent-registry-CgpGD3GV.js +0 -1753
- package/dist/subagent-registry-DxdVLcdG.js +0 -3
- package/dist/subagent-spawn-BWBNndsp.js +0 -1005
- package/dist/supervisor-DaRbw4Gw.js +0 -704
- package/dist/system-cli-DyBkQUQb.js +0 -43
- package/dist/targets-BadrXaG2.js +0 -67
- package/dist/task-executor-C7Wi33fD.js +0 -360
- package/dist/task-owner-access-yQv8xMco.js +0 -74
- package/dist/task-registry-W5mFPlZX.js +0 -2357
- package/dist/task-registry-delivery-runtime-cBNSvuGT.js +0 -3
- package/dist/task-registry-delivery-runtime-cJvq2BuY.js +0 -2
- package/dist/task-registry.maintenance-Buzo501v.js +0 -2
- package/dist/task-registry.maintenance-pJMW_7Am.js +0 -416
- package/dist/testing-Dw49ltmR.js +0 -575
- package/dist/text-report-CtyXY05r.js +0 -549
- package/dist/tool-auth-shared-DWrecN7g.js +0 -90
- package/dist/tool-policy-pipeline-CA61tNc_.js +0 -109
- package/dist/tool-resolution-BcUPtTtu.js +0 -90
- package/dist/tools-effective-inventory-CL0grjv4.js +0 -152
- package/dist/tools-invoke-http-BZ8xqe0f.js +0 -206
- package/dist/transcript-CEK104A6.js +0 -312
- package/dist/transcript-resolve.runtime-D4I8B--1.js +0 -2
- package/dist/transcript.runtime-ClNMqLSP.js +0 -2
- package/dist/trash-B6l1GwX9.js +0 -24
- package/dist/tts-vEtIfdGN.js +0 -64
- package/dist/tui-cli-BCn5UWwT.js +0 -4585
- package/dist/uninstall-BQ_d8nQ4.js +0 -185
- package/dist/update-D8foEnSw.js +0 -1282
- package/dist/update-cli-D8bMov5W.js +0 -1759
- package/dist/update-startup-D-n1C8A0.js +0 -2
- package/dist/upgrade-iRXz6ZP4.js +0 -1226
- package/dist/video-generation-provider-5v5lTL00.js +0 -287
- package/dist/video-generation-provider-BGtbUYJd.js +0 -64
- package/dist/video-generation-provider-BlOdvaLh.js +0 -118
- package/dist/video-generation-provider-CR_fRJ8m.js +0 -187
- package/dist/video-generation-provider-CVUs00hp.js +0 -264
- package/dist/video-generation-provider-CtstiCCO.js +0 -271
- package/dist/video-generation-provider-DDQjPRYO.js +0 -254
- package/dist/video-generation-provider-DLy7AvTJ.js +0 -281
- package/dist/video-generation-provider-DNnNMvS9.js +0 -221
- package/dist/video-generation-provider-vzf0PQXj2.js +0 -77
- package/dist/video-generation-provider-zINiw3aL.js +0 -78
- package/dist/video-generation-task-status-ESf4kR6F.js +0 -163
- package/dist/wait-for-idle-before-flush-C-_kVutK.js +0 -5985
- package/dist/web-search-provider-BkIzoc2Y.js +0 -163
- package/dist/wizard-models-jPGu0o7K.js +0 -334
- package/dist/workflow-runtime-tvBeQSK9.js +0 -485
- /package/dist/{audit-channel.collect.runtime-BAKyzn52.js → audit-channel.collect.runtime-CevlIQ6K.js} +0 -0
- /package/dist/{audit-tool-policy-Ftr0W8Wl.js → audit-tool-policy-DTodxIZf.js} +0 -0
- /package/dist/{channel-selection.runtime-CsQ0qN21.js → channel-selection.runtime-DAkF_DgO.js} +0 -0
- /package/dist/{close-reason-DNwBM4qe.js → close-reason-BPuKI4th.js} +0 -0
- /package/dist/{configured-B8XGIYz-.js → configured-C-0r4Pk2.js} +0 -0
- /package/dist/{diagnostic-support-export-CuIJulCK.js → diagnostic-support-export-C8cpJRWi.js} +0 -0
- /package/dist/{gmail-watcher-lifecycle-BoWMgpeT.js → gmail-watcher-lifecycle-DrTbIr0m.js} +0 -0
- /package/dist/{image-BwAofy0f.js → image-LNALiqnF.js} +0 -0
- /package/dist/{image-generation-core.auth.runtime-B6BpHP6V.js → image-generation-core.auth.runtime-hzZbX1YD.js} +0 -0
- /package/dist/{input-allowlist-zDKNs6OG.js → input-allowlist-Bn8hssyM.js} +0 -0
- /package/dist/{install-target-FXMkL80i.js → install-target-C0Dg_4Un.js} +0 -0
- /package/dist/{memory-host-search.runtime-Vfck_NLf.js → memory-host-search.runtime-CAejVWZB.js} +0 -0
- /package/dist/{message.config.runtime-Df8nVSE4.js → message.config.runtime-CAG3eLmF.js} +0 -0
- /package/dist/{paths-BdDCK0XP.js → paths-BrPnd-v6.js} +0 -0
- /package/dist/{provider-api-key-auth.runtime-fT4D2dQt.js → provider-api-key-auth.runtime-YLpiRoM3.js} +0 -0
- /package/dist/{provider-auth-login.runtime-EnfK3WTr.js → provider-auth-login.runtime-BwDEPbY4.js} +0 -0
- /package/dist/{push-apns-DoMbCgqq.js → push-apns-UUwkJMxt.js} +0 -0
- /package/dist/{runtime-manifest.runtime-CuqWbJ5G.js → runtime-manifest.runtime-D8BuqQCR.js} +0 -0
- /package/dist/{runtime-web-channel-plugin-ChmPPl7a.js → runtime-web-channel-plugin-Dx1GGPSD.js} +0 -0
- /package/dist/{runtime-web-tools-fallback.runtime-B3fmu7s0.js → runtime-web-tools-fallback.runtime-_nNCUNAT.js} +0 -0
- /package/dist/{runtime-web-tools-manifest.runtime-CpiYM000.js → runtime-web-tools-manifest.runtime-BaeloEzn.js} +0 -0
- /package/dist/{runtime-web-tools-public-artifacts.runtime-BBNdsUv5.js → runtime-web-tools-public-artifacts.runtime-DOdl6CAd.js} +0 -0
- /package/dist/{server-startup-log-DXJn1EgH.js → server-startup-log-BUk3dEm6.js} +0 -0
- /package/dist/{server-startup-memory-C4d9ImgC.js → server-startup-memory-C3gdaomJ.js} +0 -0
- /package/dist/{server-tailscale-DeNCXYBr.js → server-tailscale-C0DsqL5N.js} +0 -0
- /package/dist/{services-m8_503l9.js → services-CiBabvAX.js} +0 -0
- /package/dist/{session-archive.runtime-DDhx1bOA.js → session-archive.runtime-BIqBKdzI.js} +0 -0
- /package/dist/{setup.node-config-BXET5GZk.js → setup.node-config-BlJDbu4T.js} +0 -0
- /package/dist/{setup.plugin-config-CgBJMtZ8.js → setup.plugin-config-CCP7nrfy.js} +0 -0
- /package/dist/{skill-scanner-cEm04-3B.js → skill-scanner-DnqZE6Fh.js} +0 -0
- /package/dist/{ssh-config-BfxhRhPu.js → ssh-config-wfp8-I37.js} +0 -0
- /package/dist/{supervisor-log.runtime-BdagMpUZ.js → supervisor-log.runtime-DYzbopV7.js} +0 -0
- /package/dist/{targets.runtime-BS4UWyk2.js → targets.runtime-1fn-rTlI.js} +0 -0
- /package/dist/{update-startup-D69inLEd.js → update-startup-DW61ftJW.js} +0 -0
|
@@ -1,2853 +0,0 @@
|
|
|
1
|
-
import { i as formatErrorMessage } from "./errors-CufR9eHH.js";
|
|
2
|
-
import { a as normalizeLowercaseStringOrEmpty, c as normalizeOptionalString, s as normalizeOptionalLowercaseString } from "./string-coerce-DPP_aYVc.js";
|
|
3
|
-
import { c as escapeRegExp } from "./utils-CWrkFsp0.js";
|
|
4
|
-
import { s as sanitizeHostExecEnvWithDiagnostics } from "./host-env-security-PtrzxCxY.js";
|
|
5
|
-
import { a as logWarn, r as logInfo } from "./logger-BbnBrdB_.js";
|
|
6
|
-
import { K as getShellPathFromLoginShell, q as resolveShellEnvFallbackTimeoutMs } from "./io-Cy5vajWd.js";
|
|
7
|
-
import { i as isCronSessionKey, o as isSubagentSessionKey, s as parseAgentSessionKey } from "./session-key-utils-DDwuwYKT.js";
|
|
8
|
-
import { u as resolveAgentIdFromSessionKey } from "./session-key-CI3KvTQC.js";
|
|
9
|
-
import { d as resolveApprovalAuditCandidatePath } from "./exec-safe-bin-trust-DMrCONj2.js";
|
|
10
|
-
import { t as killProcessTree } from "./kill-tree-BbGiB2xY.js";
|
|
11
|
-
import { c as isGatewayMessageChannel, u as normalizeMessageChannel } from "./message-channel-8hna3ogc.js";
|
|
12
|
-
import { i as normalizeDeliveryContext } from "./delivery-context.shared-DnaA0DbE.js";
|
|
13
|
-
import { b as EXEC_TOOL_DISPLAY_SUMMARY, x as PROCESS_TOOL_DISPLAY_SUMMARY } from "./tool-policy-BIGITEMh.js";
|
|
14
|
-
import { C as formatExecDeniedUserMessage, T as parseExecApprovalResultText, u as sanitizeUserFacingText, w as isExecDeniedResultText } from "./sanitize-user-facing-text-DKqUCgHB.js";
|
|
15
|
-
import { o as failedTextResult, v as textResult } from "./common-C4_5xEM_.js";
|
|
16
|
-
import { t as callGatewayTool } from "./gateway-ClYGJe6R.js";
|
|
17
|
-
import { t as splitShellArgs } from "./shell-argv-BaDMAO0_.js";
|
|
18
|
-
import { c as describeInterpreterInlineEval, f as analyzeShellCommand, l as detectInterpreterInlineEvalArgv, n as evaluateShellAllowlist, p as buildEnforcedShellCommand } from "./exec-approvals-allowlist-BBW7JMg0.js";
|
|
19
|
-
import { r as resolveExecSafeBinRuntimePolicy } from "./exec-safe-bin-runtime-policy-DUcKpnC_.js";
|
|
20
|
-
import { C as requiresExecApproval, D as resolveExecApprovalsFromFile, E as resolveExecApprovals, _ as normalizeExecTarget, a as addDurableCommandApproval, b as recordAllowlistMatchesUse, f as minSecurity, g as normalizeExecSecurity, l as loadExecApprovals, m as normalizeExecAsk, s as hasDurableExecApproval, u as maxAsk, v as persistAllowAlwaysPatterns, w as resolveExecApprovalAllowedDecisions } from "./exec-approvals-D0DTIzDT.js";
|
|
21
|
-
import { n as describeProcessTool, t as describeExecTool } from "./bash-tools.descriptions-DzPYV0Li.js";
|
|
22
|
-
import { n as processSchema, t as execSchema } from "./bash-tools.schemas-B8_wOdjn.js";
|
|
23
|
-
import "./delivery-context-Pj68kbuc.js";
|
|
24
|
-
import { n as getDiagnosticSessionState } from "./diagnostic-session-state-BzRMvtlj.js";
|
|
25
|
-
import { i as resolveNodeIdFromList, t as listNodes } from "./nodes-utils-qg-Bmmy5.js";
|
|
26
|
-
import { t as sendMessage } from "./message-Bk0q8DmN.js";
|
|
27
|
-
import { t as resolveExternalBestEffortDeliveryTarget } from "./best-effort-delivery-CPpGc0xQ.js";
|
|
28
|
-
import { t as formatDurationCompact } from "./format-duration-D7ua_Cv_.js";
|
|
29
|
-
import { a as coerceEnv, c as readEnvInt, d as sliceLogLines, f as truncateMiddle, i as clampWithDefault, l as resolveSandboxWorkdir, n as buildSandboxEnv, o as deriveSessionName, s as pad, u as resolveWorkdir } from "./bash-tools.shared-tggOw0Pu.js";
|
|
30
|
-
import { f as resolveExecApprovalInitiatingSurfaceState, s as buildExecApprovalUnavailableReplyPayload } from "./exec-approval-reply-BhbjoK1B.js";
|
|
31
|
-
import { i as normalizePathPrepend, t as applyPathPrepend } from "./path-prepend-DR8e0z7b.js";
|
|
32
|
-
import { t as getProcessSupervisor } from "./supervisor-DaRbw4Gw.js";
|
|
33
|
-
import { C as setJobTtlMs, S as markExited, _ as getFinishedSession, a as DEFAULT_PENDING_MAX_OUTPUT, b as listRunningSessions, c as createApprovalSlug, f as resolveApprovalRunningNoticeMs, g as drainSession, h as deleteSession, i as DEFAULT_PATH, m as runExecProcess, n as DEFAULT_APPROVAL_TIMEOUT_MS, o as applyShellPath, p as resolveExecTarget, r as DEFAULT_MAX_OUTPUT, s as buildApprovalPendingMessage, t as DEFAULT_APPROVAL_REQUEST_TIMEOUT_MS, u as normalizeNotifyOutput, v as getSession, w as tail, x as markBackgrounded, y as listFinishedSessions } from "./bash-tools.exec-runtime-CVOp5fHn.js";
|
|
34
|
-
import { a as parseModelRiskVerdict, i as mergeSafeguardVerdicts, n as evaluateExecSafeguard, r as isAmbiguousForModel } from "./exec-safeguard-DMM6KaOP.js";
|
|
35
|
-
import { t as parsePreparedSystemRunPayload } from "./system-run-approval-context-CmtECXC_.js";
|
|
36
|
-
import { n as recordCommandPoll, r as resetCommandPollCount } from "./command-poll-backoff-BzCxMvUa.js";
|
|
37
|
-
import path from "node:path";
|
|
38
|
-
import crypto from "node:crypto";
|
|
39
|
-
//#region src/agents/bash-tools.exec-approval-request.ts
|
|
40
|
-
function buildExecApprovalRequestToolParams(params) {
|
|
41
|
-
return {
|
|
42
|
-
id: params.id,
|
|
43
|
-
...params.command ? { command: params.command } : {},
|
|
44
|
-
...params.commandArgv ? { commandArgv: params.commandArgv } : {},
|
|
45
|
-
systemRunPlan: params.systemRunPlan,
|
|
46
|
-
env: params.env,
|
|
47
|
-
cwd: params.cwd,
|
|
48
|
-
nodeId: params.nodeId,
|
|
49
|
-
host: params.host,
|
|
50
|
-
security: params.security,
|
|
51
|
-
ask: params.ask,
|
|
52
|
-
agentId: params.agentId,
|
|
53
|
-
resolvedPath: params.resolvedPath,
|
|
54
|
-
sessionKey: params.sessionKey,
|
|
55
|
-
turnSourceChannel: params.turnSourceChannel,
|
|
56
|
-
turnSourceTo: params.turnSourceTo,
|
|
57
|
-
turnSourceAccountId: params.turnSourceAccountId,
|
|
58
|
-
turnSourceThreadId: params.turnSourceThreadId,
|
|
59
|
-
timeoutMs: DEFAULT_APPROVAL_TIMEOUT_MS,
|
|
60
|
-
twoPhase: true
|
|
61
|
-
};
|
|
62
|
-
}
|
|
63
|
-
function parseDecision(value) {
|
|
64
|
-
if (!value || typeof value !== "object") return {
|
|
65
|
-
present: false,
|
|
66
|
-
value: null
|
|
67
|
-
};
|
|
68
|
-
if (!Object.hasOwn(value, "decision")) return {
|
|
69
|
-
present: false,
|
|
70
|
-
value: null
|
|
71
|
-
};
|
|
72
|
-
const decision = value.decision;
|
|
73
|
-
return {
|
|
74
|
-
present: true,
|
|
75
|
-
value: typeof decision === "string" ? decision : null
|
|
76
|
-
};
|
|
77
|
-
}
|
|
78
|
-
function parseString(value) {
|
|
79
|
-
return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
|
|
80
|
-
}
|
|
81
|
-
function parseExpiresAtMs(value) {
|
|
82
|
-
return typeof value === "number" && Number.isFinite(value) ? value : void 0;
|
|
83
|
-
}
|
|
84
|
-
async function registerExecApprovalRequest(params) {
|
|
85
|
-
const registrationResult = await callGatewayTool("exec.approval.request", { timeoutMs: DEFAULT_APPROVAL_REQUEST_TIMEOUT_MS }, buildExecApprovalRequestToolParams(params), { expectFinal: false });
|
|
86
|
-
const decision = parseDecision(registrationResult);
|
|
87
|
-
const id = parseString(registrationResult?.id) ?? params.id;
|
|
88
|
-
const expiresAtMs = parseExpiresAtMs(registrationResult?.expiresAtMs) ?? Date.now() + DEFAULT_APPROVAL_TIMEOUT_MS;
|
|
89
|
-
if (decision.present) return {
|
|
90
|
-
id,
|
|
91
|
-
expiresAtMs,
|
|
92
|
-
finalDecision: decision.value
|
|
93
|
-
};
|
|
94
|
-
return {
|
|
95
|
-
id,
|
|
96
|
-
expiresAtMs
|
|
97
|
-
};
|
|
98
|
-
}
|
|
99
|
-
async function waitForExecApprovalDecision(id) {
|
|
100
|
-
try {
|
|
101
|
-
return parseDecision(await callGatewayTool("exec.approval.waitDecision", { timeoutMs: DEFAULT_APPROVAL_REQUEST_TIMEOUT_MS }, { id })).value;
|
|
102
|
-
} catch (err) {
|
|
103
|
-
if (normalizeLowercaseStringOrEmpty(String(err)).includes("approval expired or not found")) return null;
|
|
104
|
-
throw err;
|
|
105
|
-
}
|
|
106
|
-
}
|
|
107
|
-
async function resolveRegisteredExecApprovalDecision(params) {
|
|
108
|
-
if (params.preResolvedDecision !== void 0) return params.preResolvedDecision ?? null;
|
|
109
|
-
return await waitForExecApprovalDecision(params.approvalId);
|
|
110
|
-
}
|
|
111
|
-
function buildExecApprovalRequesterContext(params) {
|
|
112
|
-
return {
|
|
113
|
-
agentId: params.agentId,
|
|
114
|
-
sessionKey: params.sessionKey
|
|
115
|
-
};
|
|
116
|
-
}
|
|
117
|
-
function buildExecApprovalTurnSourceContext(params) {
|
|
118
|
-
return {
|
|
119
|
-
turnSourceChannel: params.turnSourceChannel,
|
|
120
|
-
turnSourceTo: params.turnSourceTo,
|
|
121
|
-
turnSourceAccountId: params.turnSourceAccountId,
|
|
122
|
-
turnSourceThreadId: params.turnSourceThreadId
|
|
123
|
-
};
|
|
124
|
-
}
|
|
125
|
-
function buildHostApprovalDecisionParams(params) {
|
|
126
|
-
return {
|
|
127
|
-
id: params.approvalId,
|
|
128
|
-
command: params.command,
|
|
129
|
-
commandArgv: params.commandArgv,
|
|
130
|
-
systemRunPlan: params.systemRunPlan,
|
|
131
|
-
env: params.env,
|
|
132
|
-
cwd: params.workdir,
|
|
133
|
-
nodeId: params.nodeId,
|
|
134
|
-
host: params.host,
|
|
135
|
-
security: params.security,
|
|
136
|
-
ask: params.ask,
|
|
137
|
-
...buildExecApprovalRequesterContext({
|
|
138
|
-
agentId: params.agentId,
|
|
139
|
-
sessionKey: params.sessionKey
|
|
140
|
-
}),
|
|
141
|
-
resolvedPath: params.resolvedPath,
|
|
142
|
-
...buildExecApprovalTurnSourceContext(params)
|
|
143
|
-
};
|
|
144
|
-
}
|
|
145
|
-
async function registerExecApprovalRequestForHost(params) {
|
|
146
|
-
return await registerExecApprovalRequest(buildHostApprovalDecisionParams(params));
|
|
147
|
-
}
|
|
148
|
-
async function registerExecApprovalRequestForHostOrThrow(params) {
|
|
149
|
-
try {
|
|
150
|
-
return await registerExecApprovalRequestForHost(params);
|
|
151
|
-
} catch (err) {
|
|
152
|
-
throw new Error(`Exec approval registration failed: ${String(err)}`, { cause: err });
|
|
153
|
-
}
|
|
154
|
-
}
|
|
155
|
-
//#endregion
|
|
156
|
-
//#region src/agents/bash-tools.exec-approval-followup.ts
|
|
157
|
-
function buildExecDeniedFollowupPrompt(resultText) {
|
|
158
|
-
return [
|
|
159
|
-
"An async command did not run.",
|
|
160
|
-
"Do not run the command again.",
|
|
161
|
-
"There is no new command output.",
|
|
162
|
-
"Do not mention, summarize, or reuse output from any earlier run in this session.",
|
|
163
|
-
"",
|
|
164
|
-
"Exact completion details:",
|
|
165
|
-
resultText.trim(),
|
|
166
|
-
"",
|
|
167
|
-
"Reply to the user in a helpful way.",
|
|
168
|
-
"Explain that the command did not run and why.",
|
|
169
|
-
"Do not claim there is new command output."
|
|
170
|
-
].join("\n");
|
|
171
|
-
}
|
|
172
|
-
function formatUnknownError(error) {
|
|
173
|
-
if (error instanceof Error) return error.message;
|
|
174
|
-
if (typeof error === "string") return error;
|
|
175
|
-
try {
|
|
176
|
-
return JSON.stringify(error);
|
|
177
|
-
} catch {
|
|
178
|
-
return "unknown error";
|
|
179
|
-
}
|
|
180
|
-
}
|
|
181
|
-
function buildExecApprovalFollowupPrompt(resultText) {
|
|
182
|
-
const trimmed = resultText.trim();
|
|
183
|
-
if (isExecDeniedResultText(trimmed)) return buildExecDeniedFollowupPrompt(trimmed);
|
|
184
|
-
return [
|
|
185
|
-
"An async command the user already approved has completed.",
|
|
186
|
-
"Do not run the command again.",
|
|
187
|
-
"If the task requires more steps, continue from this result before replying to the user.",
|
|
188
|
-
"Only ask the user for help if you are actually blocked.",
|
|
189
|
-
"",
|
|
190
|
-
"Exact completion details:",
|
|
191
|
-
trimmed,
|
|
192
|
-
"",
|
|
193
|
-
"Continue the task if needed, then reply to the user in a helpful way.",
|
|
194
|
-
"If it succeeded, share the relevant output.",
|
|
195
|
-
"If it failed, explain what went wrong."
|
|
196
|
-
].join("\n");
|
|
197
|
-
}
|
|
198
|
-
function shouldSuppressExecDeniedFollowup(sessionKey) {
|
|
199
|
-
return isSubagentSessionKey(sessionKey) || isCronSessionKey(sessionKey);
|
|
200
|
-
}
|
|
201
|
-
function formatDirectExecApprovalFollowupText(resultText, opts = {}) {
|
|
202
|
-
const parsed = parseExecApprovalResultText(resultText);
|
|
203
|
-
if (parsed.kind === "other" && !parsed.raw) return null;
|
|
204
|
-
if (parsed.kind === "denied") return opts.allowDenied ? formatExecDeniedUserMessage(parsed.raw) : null;
|
|
205
|
-
if (parsed.kind === "finished") {
|
|
206
|
-
const metadata = normalizeLowercaseStringOrEmpty(parsed.metadata);
|
|
207
|
-
const body = sanitizeUserFacingText(parsed.body, { errorContext: !metadata.includes("code 0") }).trim();
|
|
208
|
-
let prefix = "";
|
|
209
|
-
if (!body) prefix = metadata.includes("code 0") ? "Background command finished." : metadata.includes("signal") ? "Background command stopped unexpectedly." : "Background command finished with an error.";
|
|
210
|
-
return body ? `${prefix ? `${prefix}\n\n` : ""}${body}` : prefix || null;
|
|
211
|
-
}
|
|
212
|
-
if (parsed.kind === "completed") return sanitizeUserFacingText(parsed.body, { errorContext: true }).trim() || "Background command finished.";
|
|
213
|
-
return sanitizeUserFacingText(parsed.raw, { errorContext: true }).trim() || null;
|
|
214
|
-
}
|
|
215
|
-
function buildSessionResumeFallbackPrefix() {
|
|
216
|
-
return "Automatic session resume failed, so sending the status directly.\n\n";
|
|
217
|
-
}
|
|
218
|
-
function canDirectSendDeniedFollowup(sessionError) {
|
|
219
|
-
return sessionError !== null;
|
|
220
|
-
}
|
|
221
|
-
function buildAgentFollowupArgs(params) {
|
|
222
|
-
const { deliveryTarget, sessionOnlyOriginChannel } = params;
|
|
223
|
-
return {
|
|
224
|
-
sessionKey: params.sessionKey,
|
|
225
|
-
message: buildExecApprovalFollowupPrompt(params.resultText),
|
|
226
|
-
deliver: deliveryTarget.deliver,
|
|
227
|
-
...deliveryTarget.deliver ? { bestEffortDeliver: true } : {},
|
|
228
|
-
channel: deliveryTarget.deliver ? deliveryTarget.channel : sessionOnlyOriginChannel,
|
|
229
|
-
to: deliveryTarget.deliver ? deliveryTarget.to : sessionOnlyOriginChannel ? params.turnSourceTo : void 0,
|
|
230
|
-
accountId: deliveryTarget.deliver ? deliveryTarget.accountId : sessionOnlyOriginChannel ? params.turnSourceAccountId : void 0,
|
|
231
|
-
threadId: deliveryTarget.deliver ? deliveryTarget.threadId : sessionOnlyOriginChannel ? params.turnSourceThreadId : void 0,
|
|
232
|
-
idempotencyKey: `exec-approval-followup:${params.approvalId}`
|
|
233
|
-
};
|
|
234
|
-
}
|
|
235
|
-
async function sendDirectFollowupFallback(params) {
|
|
236
|
-
const directText = formatDirectExecApprovalFollowupText(params.resultText, { allowDenied: canDirectSendDeniedFollowup(params.sessionError) });
|
|
237
|
-
if (!params.deliveryTarget.deliver || !directText) return false;
|
|
238
|
-
const prefix = params.sessionError ? buildSessionResumeFallbackPrefix() : "";
|
|
239
|
-
await sendMessage({
|
|
240
|
-
channel: params.deliveryTarget.channel,
|
|
241
|
-
to: params.deliveryTarget.to ?? "",
|
|
242
|
-
accountId: params.deliveryTarget.accountId,
|
|
243
|
-
threadId: params.deliveryTarget.threadId,
|
|
244
|
-
content: `${prefix}${directText}`,
|
|
245
|
-
agentId: void 0,
|
|
246
|
-
idempotencyKey: `exec-approval-followup:${params.approvalId}`
|
|
247
|
-
});
|
|
248
|
-
return true;
|
|
249
|
-
}
|
|
250
|
-
async function sendExecApprovalFollowup(params) {
|
|
251
|
-
const sessionKey = params.sessionKey?.trim();
|
|
252
|
-
const resultText = params.resultText.trim();
|
|
253
|
-
if (!resultText) return false;
|
|
254
|
-
const isDenied = isExecDeniedResultText(resultText);
|
|
255
|
-
if (isDenied && shouldSuppressExecDeniedFollowup(sessionKey)) return false;
|
|
256
|
-
const deliveryTarget = resolveExternalBestEffortDeliveryTarget({
|
|
257
|
-
channel: params.turnSourceChannel,
|
|
258
|
-
to: params.turnSourceTo,
|
|
259
|
-
accountId: params.turnSourceAccountId,
|
|
260
|
-
threadId: params.turnSourceThreadId
|
|
261
|
-
});
|
|
262
|
-
const normalizedTurnSourceChannel = normalizeMessageChannel(params.turnSourceChannel);
|
|
263
|
-
const sessionOnlyOriginChannel = normalizedTurnSourceChannel && isGatewayMessageChannel(normalizedTurnSourceChannel) ? normalizedTurnSourceChannel : void 0;
|
|
264
|
-
let sessionError = null;
|
|
265
|
-
if (sessionKey) try {
|
|
266
|
-
await callGatewayTool("agent", { timeoutMs: 6e4 }, buildAgentFollowupArgs({
|
|
267
|
-
approvalId: params.approvalId,
|
|
268
|
-
sessionKey,
|
|
269
|
-
resultText,
|
|
270
|
-
deliveryTarget,
|
|
271
|
-
sessionOnlyOriginChannel,
|
|
272
|
-
turnSourceTo: params.turnSourceTo,
|
|
273
|
-
turnSourceAccountId: params.turnSourceAccountId,
|
|
274
|
-
turnSourceThreadId: params.turnSourceThreadId
|
|
275
|
-
}), { expectFinal: true });
|
|
276
|
-
return true;
|
|
277
|
-
} catch (err) {
|
|
278
|
-
sessionError = err;
|
|
279
|
-
}
|
|
280
|
-
if (await sendDirectFollowupFallback({
|
|
281
|
-
approvalId: params.approvalId,
|
|
282
|
-
deliveryTarget,
|
|
283
|
-
resultText,
|
|
284
|
-
sessionError
|
|
285
|
-
})) return true;
|
|
286
|
-
if (sessionError) throw new Error(`Session followup failed: ${formatUnknownError(sessionError)}`);
|
|
287
|
-
if (isDenied) return false;
|
|
288
|
-
throw new Error("Session key or deliverable origin route is required");
|
|
289
|
-
}
|
|
290
|
-
const loggedExecApprovalFollowupFailures = /* @__PURE__ */ new Set();
|
|
291
|
-
function rememberExecApprovalFollowupFailureKey(key) {
|
|
292
|
-
if (loggedExecApprovalFollowupFailures.has(key)) return false;
|
|
293
|
-
loggedExecApprovalFollowupFailures.add(key);
|
|
294
|
-
if (loggedExecApprovalFollowupFailures.size > 256) {
|
|
295
|
-
const oldestKey = loggedExecApprovalFollowupFailures.values().next().value;
|
|
296
|
-
if (typeof oldestKey === "string") loggedExecApprovalFollowupFailures.delete(oldestKey);
|
|
297
|
-
}
|
|
298
|
-
return true;
|
|
299
|
-
}
|
|
300
|
-
function isHeadlessExecTrigger(trigger) {
|
|
301
|
-
return trigger === "cron";
|
|
302
|
-
}
|
|
303
|
-
function createExecApprovalPendingState(params) {
|
|
304
|
-
return {
|
|
305
|
-
warningText: params.warnings.length ? `${params.warnings.join("\n")}\n\n` : "",
|
|
306
|
-
expiresAtMs: Date.now() + params.timeoutMs,
|
|
307
|
-
preResolvedDecision: void 0
|
|
308
|
-
};
|
|
309
|
-
}
|
|
310
|
-
function createExecApprovalRequestState(params) {
|
|
311
|
-
return {
|
|
312
|
-
...createExecApprovalPendingState({
|
|
313
|
-
warnings: params.warnings,
|
|
314
|
-
timeoutMs: params.timeoutMs
|
|
315
|
-
}),
|
|
316
|
-
noticeSeconds: Math.max(1, Math.round(params.approvalRunningNoticeMs / 1e3))
|
|
317
|
-
};
|
|
318
|
-
}
|
|
319
|
-
function createExecApprovalRequestContext(params) {
|
|
320
|
-
const approvalId = crypto.randomUUID();
|
|
321
|
-
return {
|
|
322
|
-
...createExecApprovalRequestState({
|
|
323
|
-
warnings: params.warnings,
|
|
324
|
-
timeoutMs: params.timeoutMs,
|
|
325
|
-
approvalRunningNoticeMs: params.approvalRunningNoticeMs
|
|
326
|
-
}),
|
|
327
|
-
approvalId,
|
|
328
|
-
approvalSlug: params.createApprovalSlug(approvalId),
|
|
329
|
-
contextKey: `exec:${approvalId}`
|
|
330
|
-
};
|
|
331
|
-
}
|
|
332
|
-
function createDefaultExecApprovalRequestContext(params) {
|
|
333
|
-
return createExecApprovalRequestContext({
|
|
334
|
-
warnings: params.warnings,
|
|
335
|
-
timeoutMs: DEFAULT_APPROVAL_TIMEOUT_MS,
|
|
336
|
-
approvalRunningNoticeMs: params.approvalRunningNoticeMs,
|
|
337
|
-
createApprovalSlug: params.createApprovalSlug
|
|
338
|
-
});
|
|
339
|
-
}
|
|
340
|
-
function resolveBaseExecApprovalDecision(params) {
|
|
341
|
-
if (params.decision === "deny") return {
|
|
342
|
-
approvedByAsk: false,
|
|
343
|
-
deniedReason: "user-denied",
|
|
344
|
-
timedOut: false
|
|
345
|
-
};
|
|
346
|
-
if (!params.decision) {
|
|
347
|
-
if (params.askFallback === "full") return {
|
|
348
|
-
approvedByAsk: true,
|
|
349
|
-
deniedReason: null,
|
|
350
|
-
timedOut: true
|
|
351
|
-
};
|
|
352
|
-
if (params.askFallback === "deny") return {
|
|
353
|
-
approvedByAsk: false,
|
|
354
|
-
deniedReason: "approval-timeout",
|
|
355
|
-
timedOut: true
|
|
356
|
-
};
|
|
357
|
-
return {
|
|
358
|
-
approvedByAsk: false,
|
|
359
|
-
deniedReason: null,
|
|
360
|
-
timedOut: true
|
|
361
|
-
};
|
|
362
|
-
}
|
|
363
|
-
return {
|
|
364
|
-
approvedByAsk: false,
|
|
365
|
-
deniedReason: null,
|
|
366
|
-
timedOut: false
|
|
367
|
-
};
|
|
368
|
-
}
|
|
369
|
-
function resolveExecHostApprovalContext(params) {
|
|
370
|
-
const approvals = resolveExecApprovals(params.agentId, {
|
|
371
|
-
security: params.security,
|
|
372
|
-
ask: params.ask
|
|
373
|
-
});
|
|
374
|
-
const hostSecurity = minSecurity(params.security, approvals.agent.security);
|
|
375
|
-
const hostAsk = maxAsk(params.ask, approvals.agent.ask);
|
|
376
|
-
const askFallback = minSecurity(hostSecurity, approvals.agent.askFallback);
|
|
377
|
-
if (hostSecurity === "deny") throw new Error(`exec denied: host=${params.host} security=deny`);
|
|
378
|
-
return {
|
|
379
|
-
approvals,
|
|
380
|
-
hostSecurity,
|
|
381
|
-
hostAsk,
|
|
382
|
-
askFallback
|
|
383
|
-
};
|
|
384
|
-
}
|
|
385
|
-
async function resolveApprovalDecisionOrUndefined(params) {
|
|
386
|
-
try {
|
|
387
|
-
return await resolveRegisteredExecApprovalDecision({
|
|
388
|
-
approvalId: params.approvalId,
|
|
389
|
-
preResolvedDecision: params.preResolvedDecision
|
|
390
|
-
});
|
|
391
|
-
} catch {
|
|
392
|
-
params.onFailure();
|
|
393
|
-
return;
|
|
394
|
-
}
|
|
395
|
-
}
|
|
396
|
-
function resolveExecApprovalUnavailableState(params) {
|
|
397
|
-
const initiatingSurface = resolveExecApprovalInitiatingSurfaceState({
|
|
398
|
-
channel: params.turnSourceChannel,
|
|
399
|
-
accountId: params.turnSourceAccountId
|
|
400
|
-
});
|
|
401
|
-
return {
|
|
402
|
-
initiatingSurface,
|
|
403
|
-
sentApproverDms: false,
|
|
404
|
-
unavailableReason: params.preResolvedDecision === null ? "no-approval-route" : initiatingSurface.kind === "disabled" ? "initiating-platform-disabled" : initiatingSurface.kind === "unsupported" ? "initiating-platform-unsupported" : null
|
|
405
|
-
};
|
|
406
|
-
}
|
|
407
|
-
async function createAndRegisterDefaultExecApprovalRequest(params) {
|
|
408
|
-
const { approvalId, approvalSlug, warningText, expiresAtMs: defaultExpiresAtMs, preResolvedDecision: defaultPreResolvedDecision } = createDefaultExecApprovalRequestContext({
|
|
409
|
-
warnings: params.warnings,
|
|
410
|
-
approvalRunningNoticeMs: params.approvalRunningNoticeMs,
|
|
411
|
-
createApprovalSlug: params.createApprovalSlug
|
|
412
|
-
});
|
|
413
|
-
const registration = await params.register(approvalId);
|
|
414
|
-
const preResolvedDecision = registration.finalDecision;
|
|
415
|
-
const { initiatingSurface, sentApproverDms, unavailableReason } = resolveExecApprovalUnavailableState({
|
|
416
|
-
turnSourceChannel: params.turnSourceChannel,
|
|
417
|
-
turnSourceAccountId: params.turnSourceAccountId,
|
|
418
|
-
preResolvedDecision
|
|
419
|
-
});
|
|
420
|
-
return {
|
|
421
|
-
approvalId,
|
|
422
|
-
approvalSlug,
|
|
423
|
-
warningText,
|
|
424
|
-
expiresAtMs: registration.expiresAtMs ?? defaultExpiresAtMs,
|
|
425
|
-
preResolvedDecision: registration.finalDecision === void 0 ? defaultPreResolvedDecision : registration.finalDecision,
|
|
426
|
-
initiatingSurface,
|
|
427
|
-
sentApproverDms,
|
|
428
|
-
unavailableReason
|
|
429
|
-
};
|
|
430
|
-
}
|
|
431
|
-
function buildDefaultExecApprovalRequestArgs(params) {
|
|
432
|
-
return {
|
|
433
|
-
warnings: params.warnings,
|
|
434
|
-
approvalRunningNoticeMs: params.approvalRunningNoticeMs,
|
|
435
|
-
createApprovalSlug: params.createApprovalSlug,
|
|
436
|
-
turnSourceChannel: params.turnSourceChannel,
|
|
437
|
-
turnSourceAccountId: params.turnSourceAccountId
|
|
438
|
-
};
|
|
439
|
-
}
|
|
440
|
-
function buildExecApprovalFollowupTarget(params) {
|
|
441
|
-
return {
|
|
442
|
-
approvalId: params.approvalId,
|
|
443
|
-
sessionKey: params.sessionKey,
|
|
444
|
-
turnSourceChannel: params.turnSourceChannel,
|
|
445
|
-
turnSourceTo: params.turnSourceTo,
|
|
446
|
-
turnSourceAccountId: params.turnSourceAccountId,
|
|
447
|
-
turnSourceThreadId: params.turnSourceThreadId
|
|
448
|
-
};
|
|
449
|
-
}
|
|
450
|
-
function createExecApprovalDecisionState(params) {
|
|
451
|
-
const baseDecision = resolveBaseExecApprovalDecision({
|
|
452
|
-
decision: params.decision ?? null,
|
|
453
|
-
askFallback: params.askFallback
|
|
454
|
-
});
|
|
455
|
-
return {
|
|
456
|
-
baseDecision,
|
|
457
|
-
approvedByAsk: baseDecision.approvedByAsk,
|
|
458
|
-
deniedReason: baseDecision.deniedReason
|
|
459
|
-
};
|
|
460
|
-
}
|
|
461
|
-
function enforceStrictInlineEvalApprovalBoundary(params) {
|
|
462
|
-
if (!params.baseDecision.timedOut || !params.requiresInlineEvalApproval || !params.approvedByAsk) return {
|
|
463
|
-
approvedByAsk: params.approvedByAsk,
|
|
464
|
-
deniedReason: params.deniedReason
|
|
465
|
-
};
|
|
466
|
-
return {
|
|
467
|
-
approvedByAsk: false,
|
|
468
|
-
deniedReason: params.deniedReason ?? "approval-timeout"
|
|
469
|
-
};
|
|
470
|
-
}
|
|
471
|
-
function shouldResolveExecApprovalUnavailableInline(params) {
|
|
472
|
-
return isHeadlessExecTrigger(params.trigger) && params.unavailableReason === "no-approval-route" && params.preResolvedDecision === null;
|
|
473
|
-
}
|
|
474
|
-
function buildHeadlessExecApprovalDeniedMessage(params) {
|
|
475
|
-
return [
|
|
476
|
-
`exec denied: ${params.trigger === "cron" ? "Cron runs" : "Headless runs"} cannot wait for interactive exec approval.`,
|
|
477
|
-
`Effective host exec policy: security=${params.security} ask=${params.ask} askFallback=${params.askFallback}`,
|
|
478
|
-
"Stricter values from tools.exec and ~/.genesis/exec-approvals.json both apply.",
|
|
479
|
-
"Fix one of these:",
|
|
480
|
-
"- align both files to security=\"full\" and ask=\"off\" for trusted local automation",
|
|
481
|
-
"- keep allowlist mode and add an explicit allowlist entry for this command",
|
|
482
|
-
"- enable Web UI, terminal UI, or chat exec approvals and rerun interactively",
|
|
483
|
-
"Tip: run \"genesis doctor\" and \"genesis approvals get --gateway\" to inspect the effective policy."
|
|
484
|
-
].join("\n");
|
|
485
|
-
}
|
|
486
|
-
async function sendExecApprovalFollowupResult(target, resultText, deps = {}) {
|
|
487
|
-
const send = deps.sendExecApprovalFollowup ?? sendExecApprovalFollowup;
|
|
488
|
-
const warn = deps.logWarn ?? logWarn;
|
|
489
|
-
await send({
|
|
490
|
-
approvalId: target.approvalId,
|
|
491
|
-
sessionKey: target.sessionKey,
|
|
492
|
-
turnSourceChannel: target.turnSourceChannel,
|
|
493
|
-
turnSourceTo: target.turnSourceTo,
|
|
494
|
-
turnSourceAccountId: target.turnSourceAccountId,
|
|
495
|
-
turnSourceThreadId: target.turnSourceThreadId,
|
|
496
|
-
resultText
|
|
497
|
-
}).catch((error) => {
|
|
498
|
-
const message = formatErrorMessage(error);
|
|
499
|
-
if (!rememberExecApprovalFollowupFailureKey(`${target.approvalId}:${message}`)) return;
|
|
500
|
-
warn(`exec approval followup dispatch failed (id=${target.approvalId}): ${message}`);
|
|
501
|
-
});
|
|
502
|
-
}
|
|
503
|
-
function buildExecApprovalPendingToolResult(params) {
|
|
504
|
-
const allowedDecisions = params.allowedDecisions ?? resolveExecApprovalAllowedDecisions();
|
|
505
|
-
return {
|
|
506
|
-
content: [{
|
|
507
|
-
type: "text",
|
|
508
|
-
text: params.unavailableReason !== null ? buildExecApprovalUnavailableReplyPayload({
|
|
509
|
-
warningText: params.warningText,
|
|
510
|
-
reason: params.unavailableReason,
|
|
511
|
-
channel: params.initiatingSurface.channel,
|
|
512
|
-
channelLabel: params.initiatingSurface.channelLabel,
|
|
513
|
-
accountId: params.initiatingSurface.accountId,
|
|
514
|
-
sentApproverDms: params.sentApproverDms
|
|
515
|
-
}).text ?? "" : buildApprovalPendingMessage({
|
|
516
|
-
warningText: params.warningText,
|
|
517
|
-
approvalSlug: params.approvalSlug,
|
|
518
|
-
approvalId: params.approvalId,
|
|
519
|
-
allowedDecisions,
|
|
520
|
-
command: params.command,
|
|
521
|
-
cwd: params.cwd,
|
|
522
|
-
host: params.host,
|
|
523
|
-
nodeId: params.nodeId
|
|
524
|
-
})
|
|
525
|
-
}],
|
|
526
|
-
details: params.unavailableReason !== null ? {
|
|
527
|
-
status: "approval-unavailable",
|
|
528
|
-
reason: params.unavailableReason,
|
|
529
|
-
channel: params.initiatingSurface.channel,
|
|
530
|
-
channelLabel: params.initiatingSurface.channelLabel,
|
|
531
|
-
accountId: params.initiatingSurface.accountId,
|
|
532
|
-
sentApproverDms: params.sentApproverDms,
|
|
533
|
-
host: params.host,
|
|
534
|
-
command: params.command,
|
|
535
|
-
cwd: params.cwd,
|
|
536
|
-
nodeId: params.nodeId,
|
|
537
|
-
warningText: params.warningText
|
|
538
|
-
} : {
|
|
539
|
-
status: "approval-pending",
|
|
540
|
-
approvalId: params.approvalId,
|
|
541
|
-
approvalSlug: params.approvalSlug,
|
|
542
|
-
expiresAtMs: params.expiresAtMs,
|
|
543
|
-
allowedDecisions,
|
|
544
|
-
host: params.host,
|
|
545
|
-
command: params.command,
|
|
546
|
-
cwd: params.cwd,
|
|
547
|
-
nodeId: params.nodeId,
|
|
548
|
-
warningText: params.warningText
|
|
549
|
-
}
|
|
550
|
-
};
|
|
551
|
-
}
|
|
552
|
-
//#endregion
|
|
553
|
-
//#region src/agents/bash-tools.exec-host-gateway.ts
|
|
554
|
-
function hasGatewayAllowlistMiss(params) {
|
|
555
|
-
return params.hostSecurity === "allowlist" && (!params.analysisOk || !params.allowlistSatisfied) && !params.durableApprovalSatisfied;
|
|
556
|
-
}
|
|
557
|
-
async function processGatewayAllowlist(params) {
|
|
558
|
-
const { approvals, hostSecurity, hostAsk, askFallback } = resolveExecHostApprovalContext({
|
|
559
|
-
agentId: params.agentId,
|
|
560
|
-
security: params.security,
|
|
561
|
-
ask: params.ask,
|
|
562
|
-
host: "gateway"
|
|
563
|
-
});
|
|
564
|
-
const allowlistEval = evaluateShellAllowlist({
|
|
565
|
-
command: params.command,
|
|
566
|
-
allowlist: approvals.allowlist,
|
|
567
|
-
safeBins: params.safeBins,
|
|
568
|
-
safeBinProfiles: params.safeBinProfiles,
|
|
569
|
-
cwd: params.workdir,
|
|
570
|
-
env: params.env,
|
|
571
|
-
platform: process.platform,
|
|
572
|
-
trustedSafeBinDirs: params.trustedSafeBinDirs
|
|
573
|
-
});
|
|
574
|
-
const allowlistMatches = allowlistEval.allowlistMatches;
|
|
575
|
-
const analysisOk = allowlistEval.analysisOk;
|
|
576
|
-
const allowlistSatisfied = hostSecurity === "allowlist" && analysisOk ? allowlistEval.allowlistSatisfied : false;
|
|
577
|
-
const durableApprovalSatisfied = hasDurableExecApproval({
|
|
578
|
-
analysisOk,
|
|
579
|
-
segmentAllowlistEntries: allowlistEval.segmentAllowlistEntries,
|
|
580
|
-
allowlist: approvals.allowlist,
|
|
581
|
-
commandText: params.command
|
|
582
|
-
});
|
|
583
|
-
const inlineEvalHit = params.strictInlineEval === true ? allowlistEval.segments.map((segment) => detectInterpreterInlineEvalArgv(segment.resolution?.effectiveArgv ?? segment.argv)).find((entry) => entry !== null) ?? null : null;
|
|
584
|
-
if (inlineEvalHit) params.warnings.push(`Warning: strict inline-eval mode requires explicit approval for ${describeInterpreterInlineEval(inlineEvalHit)}.`);
|
|
585
|
-
let enforcedCommand;
|
|
586
|
-
let allowlistPlanUnavailableReason = null;
|
|
587
|
-
if (hostSecurity === "allowlist" && analysisOk && allowlistSatisfied) {
|
|
588
|
-
const enforced = buildEnforcedShellCommand({
|
|
589
|
-
command: params.command,
|
|
590
|
-
segments: allowlistEval.segments,
|
|
591
|
-
platform: process.platform
|
|
592
|
-
});
|
|
593
|
-
if (!enforced.ok || !enforced.command) allowlistPlanUnavailableReason = enforced.reason ?? "unsupported platform";
|
|
594
|
-
else enforcedCommand = enforced.command;
|
|
595
|
-
}
|
|
596
|
-
const recordMatchedAllowlistUse = (resolvedPath) => recordAllowlistMatchesUse({
|
|
597
|
-
approvals: approvals.file,
|
|
598
|
-
agentId: params.agentId,
|
|
599
|
-
matches: allowlistMatches,
|
|
600
|
-
command: params.command,
|
|
601
|
-
resolvedPath
|
|
602
|
-
});
|
|
603
|
-
const hasHeredocSegment = allowlistEval.segments.some((segment) => segment.argv.some((token) => token.startsWith("<<")));
|
|
604
|
-
const requiresHeredocApproval = hostSecurity === "allowlist" && analysisOk && allowlistSatisfied && hasHeredocSegment;
|
|
605
|
-
const requiresInlineEvalApproval = inlineEvalHit !== null;
|
|
606
|
-
const requiresAllowlistPlanApproval = hostSecurity === "allowlist" && analysisOk && allowlistSatisfied && !enforcedCommand && allowlistPlanUnavailableReason !== null;
|
|
607
|
-
const requiresAsk = requiresExecApproval({
|
|
608
|
-
ask: hostAsk,
|
|
609
|
-
security: hostSecurity,
|
|
610
|
-
analysisOk,
|
|
611
|
-
allowlistSatisfied,
|
|
612
|
-
durableApprovalSatisfied
|
|
613
|
-
}) || requiresAllowlistPlanApproval || requiresHeredocApproval || requiresInlineEvalApproval;
|
|
614
|
-
if (requiresHeredocApproval) params.warnings.push("Warning: heredoc execution requires explicit approval in allowlist mode.");
|
|
615
|
-
if (requiresAllowlistPlanApproval) params.warnings.push(`Warning: allowlist auto-execution is unavailable on ${process.platform}; explicit approval is required.`);
|
|
616
|
-
if (requiresAsk) {
|
|
617
|
-
const requestArgs = buildDefaultExecApprovalRequestArgs({
|
|
618
|
-
warnings: params.warnings,
|
|
619
|
-
approvalRunningNoticeMs: params.approvalRunningNoticeMs,
|
|
620
|
-
createApprovalSlug,
|
|
621
|
-
turnSourceChannel: params.turnSourceChannel,
|
|
622
|
-
turnSourceAccountId: params.turnSourceAccountId
|
|
623
|
-
});
|
|
624
|
-
const registerGatewayApproval = async (approvalId) => await registerExecApprovalRequestForHostOrThrow({
|
|
625
|
-
approvalId,
|
|
626
|
-
command: params.command,
|
|
627
|
-
env: params.requestedEnv,
|
|
628
|
-
workdir: params.workdir,
|
|
629
|
-
host: "gateway",
|
|
630
|
-
security: hostSecurity,
|
|
631
|
-
ask: hostAsk,
|
|
632
|
-
...buildExecApprovalRequesterContext({
|
|
633
|
-
agentId: params.agentId,
|
|
634
|
-
sessionKey: params.sessionKey
|
|
635
|
-
}),
|
|
636
|
-
resolvedPath: resolveApprovalAuditCandidatePath(allowlistEval.segments[0]?.resolution ?? null, params.workdir),
|
|
637
|
-
...buildExecApprovalTurnSourceContext(params)
|
|
638
|
-
});
|
|
639
|
-
const { approvalId, approvalSlug, warningText, expiresAtMs, preResolvedDecision, initiatingSurface, sentApproverDms, unavailableReason } = await createAndRegisterDefaultExecApprovalRequest({
|
|
640
|
-
...requestArgs,
|
|
641
|
-
register: registerGatewayApproval
|
|
642
|
-
});
|
|
643
|
-
if (shouldResolveExecApprovalUnavailableInline({
|
|
644
|
-
trigger: params.trigger,
|
|
645
|
-
unavailableReason,
|
|
646
|
-
preResolvedDecision
|
|
647
|
-
})) {
|
|
648
|
-
const { baseDecision, approvedByAsk, deniedReason } = createExecApprovalDecisionState({
|
|
649
|
-
decision: preResolvedDecision,
|
|
650
|
-
askFallback
|
|
651
|
-
});
|
|
652
|
-
const strictInlineEvalDecision = enforceStrictInlineEvalApprovalBoundary({
|
|
653
|
-
baseDecision,
|
|
654
|
-
approvedByAsk,
|
|
655
|
-
deniedReason,
|
|
656
|
-
requiresInlineEvalApproval
|
|
657
|
-
});
|
|
658
|
-
if (strictInlineEvalDecision.deniedReason || !strictInlineEvalDecision.approvedByAsk) throw new Error(buildHeadlessExecApprovalDeniedMessage({
|
|
659
|
-
trigger: params.trigger,
|
|
660
|
-
host: "gateway",
|
|
661
|
-
security: hostSecurity,
|
|
662
|
-
ask: hostAsk,
|
|
663
|
-
askFallback
|
|
664
|
-
}));
|
|
665
|
-
recordMatchedAllowlistUse(resolveApprovalAuditCandidatePath(allowlistEval.segments[0]?.resolution ?? null, params.workdir));
|
|
666
|
-
return {
|
|
667
|
-
execCommandOverride: enforcedCommand,
|
|
668
|
-
allowWithoutEnforcedCommand: enforcedCommand === void 0
|
|
669
|
-
};
|
|
670
|
-
}
|
|
671
|
-
const resolvedPath = resolveApprovalAuditCandidatePath(allowlistEval.segments[0]?.resolution ?? null, params.workdir);
|
|
672
|
-
const effectiveTimeout = typeof params.timeoutSec === "number" ? params.timeoutSec : params.defaultTimeoutSec;
|
|
673
|
-
const followupTarget = buildExecApprovalFollowupTarget({
|
|
674
|
-
approvalId,
|
|
675
|
-
sessionKey: params.notifySessionKey ?? params.sessionKey,
|
|
676
|
-
turnSourceChannel: params.turnSourceChannel,
|
|
677
|
-
turnSourceTo: params.turnSourceTo,
|
|
678
|
-
turnSourceAccountId: params.turnSourceAccountId,
|
|
679
|
-
turnSourceThreadId: params.turnSourceThreadId
|
|
680
|
-
});
|
|
681
|
-
(async () => {
|
|
682
|
-
const decision = await resolveApprovalDecisionOrUndefined({
|
|
683
|
-
approvalId,
|
|
684
|
-
preResolvedDecision,
|
|
685
|
-
onFailure: () => void sendExecApprovalFollowupResult(followupTarget, `Exec denied (gateway id=${approvalId}, approval-request-failed): ${params.command}`)
|
|
686
|
-
});
|
|
687
|
-
if (decision === void 0) return;
|
|
688
|
-
const { baseDecision, approvedByAsk: initialApprovedByAsk, deniedReason: initialDeniedReason } = createExecApprovalDecisionState({
|
|
689
|
-
decision,
|
|
690
|
-
askFallback
|
|
691
|
-
});
|
|
692
|
-
let approvedByAsk = initialApprovedByAsk;
|
|
693
|
-
let deniedReason = initialDeniedReason;
|
|
694
|
-
if (baseDecision.timedOut && askFallback === "allowlist") if (!analysisOk || !allowlistSatisfied) deniedReason = "approval-timeout (allowlist-miss)";
|
|
695
|
-
else approvedByAsk = true;
|
|
696
|
-
else if (decision === "allow-once") approvedByAsk = true;
|
|
697
|
-
else if (decision === "allow-always") {
|
|
698
|
-
approvedByAsk = true;
|
|
699
|
-
if (!requiresInlineEvalApproval) {
|
|
700
|
-
if (persistAllowAlwaysPatterns({
|
|
701
|
-
approvals: approvals.file,
|
|
702
|
-
agentId: params.agentId,
|
|
703
|
-
segments: allowlistEval.segments,
|
|
704
|
-
cwd: params.workdir,
|
|
705
|
-
env: params.env,
|
|
706
|
-
platform: process.platform,
|
|
707
|
-
strictInlineEval: params.strictInlineEval === true
|
|
708
|
-
}).length === 0) addDurableCommandApproval(approvals.file, params.agentId, params.command);
|
|
709
|
-
}
|
|
710
|
-
}
|
|
711
|
-
({approvedByAsk, deniedReason} = enforceStrictInlineEvalApprovalBoundary({
|
|
712
|
-
baseDecision,
|
|
713
|
-
approvedByAsk,
|
|
714
|
-
deniedReason,
|
|
715
|
-
requiresInlineEvalApproval
|
|
716
|
-
}));
|
|
717
|
-
if (!approvedByAsk && hasGatewayAllowlistMiss({
|
|
718
|
-
hostSecurity,
|
|
719
|
-
analysisOk,
|
|
720
|
-
allowlistSatisfied,
|
|
721
|
-
durableApprovalSatisfied
|
|
722
|
-
})) deniedReason = deniedReason ?? "allowlist-miss";
|
|
723
|
-
if (deniedReason) {
|
|
724
|
-
await sendExecApprovalFollowupResult(followupTarget, `Exec denied (gateway id=${approvalId}, ${deniedReason}): ${params.command}`);
|
|
725
|
-
return;
|
|
726
|
-
}
|
|
727
|
-
recordMatchedAllowlistUse(resolvedPath ?? void 0);
|
|
728
|
-
let run = null;
|
|
729
|
-
try {
|
|
730
|
-
run = await runExecProcess({
|
|
731
|
-
command: params.command,
|
|
732
|
-
execCommand: enforcedCommand,
|
|
733
|
-
workdir: params.workdir,
|
|
734
|
-
env: params.env,
|
|
735
|
-
sandbox: void 0,
|
|
736
|
-
containerWorkdir: null,
|
|
737
|
-
usePty: params.pty,
|
|
738
|
-
warnings: params.warnings,
|
|
739
|
-
maxOutput: params.maxOutput,
|
|
740
|
-
pendingMaxOutput: params.pendingMaxOutput,
|
|
741
|
-
notifyOnExit: false,
|
|
742
|
-
notifyOnExitEmptySuccess: false,
|
|
743
|
-
scopeKey: params.scopeKey,
|
|
744
|
-
sessionKey: params.notifySessionKey ?? params.sessionKey,
|
|
745
|
-
timeoutSec: effectiveTimeout
|
|
746
|
-
});
|
|
747
|
-
} catch {
|
|
748
|
-
await sendExecApprovalFollowupResult(followupTarget, `Exec denied (gateway id=${approvalId}, spawn-failed): ${params.command}`);
|
|
749
|
-
return;
|
|
750
|
-
}
|
|
751
|
-
markBackgrounded(run.session);
|
|
752
|
-
const outcome = await run.promise;
|
|
753
|
-
const output = normalizeNotifyOutput(tail(outcome.aggregated || "", 400));
|
|
754
|
-
const exitLabel = outcome.timedOut ? "timeout" : `code ${outcome.exitCode ?? "?"}`;
|
|
755
|
-
await sendExecApprovalFollowupResult(followupTarget, output ? `Exec finished (gateway id=${approvalId}, session=${run.session.id}, ${exitLabel})\n${output}` : `Exec finished (gateway id=${approvalId}, session=${run.session.id}, ${exitLabel})`);
|
|
756
|
-
})();
|
|
757
|
-
return { pendingResult: buildExecApprovalPendingToolResult({
|
|
758
|
-
host: "gateway",
|
|
759
|
-
command: params.command,
|
|
760
|
-
cwd: params.workdir,
|
|
761
|
-
warningText,
|
|
762
|
-
approvalId,
|
|
763
|
-
approvalSlug,
|
|
764
|
-
expiresAtMs,
|
|
765
|
-
initiatingSurface,
|
|
766
|
-
sentApproverDms,
|
|
767
|
-
unavailableReason,
|
|
768
|
-
allowedDecisions: resolveExecApprovalAllowedDecisions({ ask: hostAsk })
|
|
769
|
-
}) };
|
|
770
|
-
}
|
|
771
|
-
if (hasGatewayAllowlistMiss({
|
|
772
|
-
hostSecurity,
|
|
773
|
-
analysisOk,
|
|
774
|
-
allowlistSatisfied,
|
|
775
|
-
durableApprovalSatisfied
|
|
776
|
-
})) throw new Error("exec denied: allowlist miss");
|
|
777
|
-
recordMatchedAllowlistUse(resolveApprovalAuditCandidatePath(allowlistEval.segments[0]?.resolution ?? null, params.workdir));
|
|
778
|
-
return { execCommandOverride: enforcedCommand };
|
|
779
|
-
}
|
|
780
|
-
//#endregion
|
|
781
|
-
//#region src/infra/node-shell.ts
|
|
782
|
-
function buildNodeShellCommand(command, platform) {
|
|
783
|
-
if (normalizeLowercaseStringOrEmpty((platform ?? "").trim()).startsWith("win")) return [
|
|
784
|
-
"cmd.exe",
|
|
785
|
-
"/d",
|
|
786
|
-
"/s",
|
|
787
|
-
"/c",
|
|
788
|
-
command
|
|
789
|
-
];
|
|
790
|
-
return [
|
|
791
|
-
"/bin/sh",
|
|
792
|
-
"-lc",
|
|
793
|
-
command
|
|
794
|
-
];
|
|
795
|
-
}
|
|
796
|
-
//#endregion
|
|
797
|
-
//#region src/agents/bash-tools.exec-host-node.ts
|
|
798
|
-
async function executeNodeHostCommand(params) {
|
|
799
|
-
const { hostSecurity, hostAsk, askFallback } = resolveExecHostApprovalContext({
|
|
800
|
-
agentId: params.agentId,
|
|
801
|
-
security: params.security,
|
|
802
|
-
ask: params.ask,
|
|
803
|
-
host: "node"
|
|
804
|
-
});
|
|
805
|
-
if (params.boundNode && params.requestedNode && params.boundNode !== params.requestedNode) throw new Error(`exec node not allowed (bound to ${params.boundNode})`);
|
|
806
|
-
const nodeQuery = params.boundNode || params.requestedNode;
|
|
807
|
-
const nodes = await listNodes({});
|
|
808
|
-
if (nodes.length === 0) throw new Error("exec host=node requires a paired node (none available). This requires a companion app or node host.");
|
|
809
|
-
let nodeId;
|
|
810
|
-
try {
|
|
811
|
-
nodeId = resolveNodeIdFromList(nodes, nodeQuery, !nodeQuery);
|
|
812
|
-
} catch (err) {
|
|
813
|
-
if (!nodeQuery && String(err).includes("node required")) throw new Error("exec host=node requires a node id when multiple nodes are available (set tools.exec.node or exec.node).", { cause: err });
|
|
814
|
-
throw err;
|
|
815
|
-
}
|
|
816
|
-
const nodeInfo = nodes.find((entry) => entry.nodeId === nodeId);
|
|
817
|
-
if (!(Array.isArray(nodeInfo?.commands) ? nodeInfo?.commands?.includes("system.run") : false)) throw new Error("exec host=node requires a node that supports system.run (companion app or node host).");
|
|
818
|
-
const argv = buildNodeShellCommand(params.command, nodeInfo?.platform);
|
|
819
|
-
const prepared = parsePreparedSystemRunPayload((await callGatewayTool("node.invoke", { timeoutMs: 15e3 }, {
|
|
820
|
-
nodeId,
|
|
821
|
-
command: "system.run.prepare",
|
|
822
|
-
params: {
|
|
823
|
-
command: argv,
|
|
824
|
-
rawCommand: params.command,
|
|
825
|
-
...params.workdir != null ? { cwd: params.workdir } : {},
|
|
826
|
-
agentId: params.agentId,
|
|
827
|
-
sessionKey: params.sessionKey
|
|
828
|
-
},
|
|
829
|
-
idempotencyKey: crypto.randomUUID()
|
|
830
|
-
}))?.payload);
|
|
831
|
-
if (!prepared) throw new Error("invalid system.run.prepare response");
|
|
832
|
-
const runArgv = prepared.plan.argv;
|
|
833
|
-
const runRawCommand = prepared.plan.commandText;
|
|
834
|
-
const runCwd = prepared.plan.cwd ?? params.workdir;
|
|
835
|
-
const runAgentId = prepared.plan.agentId ?? params.agentId;
|
|
836
|
-
const runSessionKey = prepared.plan.sessionKey ?? params.sessionKey;
|
|
837
|
-
const nodeEnv = params.requestedEnv ? { ...params.requestedEnv } : void 0;
|
|
838
|
-
const baseAllowlistEval = evaluateShellAllowlist({
|
|
839
|
-
command: params.command,
|
|
840
|
-
allowlist: [],
|
|
841
|
-
safeBins: /* @__PURE__ */ new Set(),
|
|
842
|
-
cwd: params.workdir,
|
|
843
|
-
env: params.env,
|
|
844
|
-
platform: nodeInfo?.platform,
|
|
845
|
-
trustedSafeBinDirs: params.trustedSafeBinDirs
|
|
846
|
-
});
|
|
847
|
-
let analysisOk = baseAllowlistEval.analysisOk;
|
|
848
|
-
let allowlistSatisfied = false;
|
|
849
|
-
let durableApprovalSatisfied = false;
|
|
850
|
-
const inlineEvalHit = params.strictInlineEval === true ? baseAllowlistEval.segments.map((segment) => detectInterpreterInlineEvalArgv(segment.resolution?.effectiveArgv ?? segment.argv)).find((entry) => entry !== null) ?? null : null;
|
|
851
|
-
if (inlineEvalHit) params.warnings.push(`Warning: strict inline-eval mode requires explicit approval for ${describeInterpreterInlineEval(inlineEvalHit)}.`);
|
|
852
|
-
if ((hostAsk === "always" || hostSecurity === "allowlist") && analysisOk) try {
|
|
853
|
-
const approvalsSnapshot = await callGatewayTool("exec.approvals.node.get", { timeoutMs: 1e4 }, { nodeId });
|
|
854
|
-
const approvalsFile = approvalsSnapshot && typeof approvalsSnapshot === "object" ? approvalsSnapshot.file : void 0;
|
|
855
|
-
if (approvalsFile && typeof approvalsFile === "object") {
|
|
856
|
-
const resolved = resolveExecApprovalsFromFile({
|
|
857
|
-
file: approvalsFile,
|
|
858
|
-
agentId: params.agentId,
|
|
859
|
-
overrides: { security: "full" }
|
|
860
|
-
});
|
|
861
|
-
const allowlistEval = evaluateShellAllowlist({
|
|
862
|
-
command: params.command,
|
|
863
|
-
allowlist: resolved.allowlist,
|
|
864
|
-
safeBins: /* @__PURE__ */ new Set(),
|
|
865
|
-
cwd: params.workdir,
|
|
866
|
-
env: params.env,
|
|
867
|
-
platform: nodeInfo?.platform,
|
|
868
|
-
trustedSafeBinDirs: params.trustedSafeBinDirs
|
|
869
|
-
});
|
|
870
|
-
durableApprovalSatisfied = hasDurableExecApproval({
|
|
871
|
-
analysisOk: allowlistEval.analysisOk,
|
|
872
|
-
segmentAllowlistEntries: allowlistEval.segmentAllowlistEntries,
|
|
873
|
-
allowlist: resolved.allowlist,
|
|
874
|
-
commandText: runRawCommand
|
|
875
|
-
});
|
|
876
|
-
allowlistSatisfied = allowlistEval.allowlistSatisfied;
|
|
877
|
-
analysisOk = allowlistEval.analysisOk;
|
|
878
|
-
}
|
|
879
|
-
} catch {}
|
|
880
|
-
const requiresAsk = requiresExecApproval({
|
|
881
|
-
ask: hostAsk,
|
|
882
|
-
security: hostSecurity,
|
|
883
|
-
analysisOk,
|
|
884
|
-
allowlistSatisfied,
|
|
885
|
-
durableApprovalSatisfied
|
|
886
|
-
}) || inlineEvalHit !== null;
|
|
887
|
-
const invokeTimeoutMs = Math.max(1e4, (typeof params.timeoutSec === "number" ? params.timeoutSec : params.defaultTimeoutSec) * 1e3 + 5e3);
|
|
888
|
-
const buildInvokeParams = (approvedByAsk, approvalDecision, runId, suppressNotifyOnExit) => ({
|
|
889
|
-
nodeId,
|
|
890
|
-
command: "system.run",
|
|
891
|
-
params: {
|
|
892
|
-
command: runArgv,
|
|
893
|
-
rawCommand: runRawCommand,
|
|
894
|
-
systemRunPlan: prepared.plan,
|
|
895
|
-
cwd: runCwd,
|
|
896
|
-
env: nodeEnv,
|
|
897
|
-
timeoutMs: typeof params.timeoutSec === "number" ? params.timeoutSec * 1e3 : void 0,
|
|
898
|
-
agentId: runAgentId,
|
|
899
|
-
sessionKey: runSessionKey,
|
|
900
|
-
approved: approvedByAsk,
|
|
901
|
-
approvalDecision: approvalDecision === "allow-always" && inlineEvalHit !== null ? "allow-once" : approvalDecision ?? void 0,
|
|
902
|
-
runId: runId ?? void 0,
|
|
903
|
-
suppressNotifyOnExit: suppressNotifyOnExit === true || params.notifyOnExit === false ? true : void 0
|
|
904
|
-
},
|
|
905
|
-
idempotencyKey: crypto.randomUUID()
|
|
906
|
-
});
|
|
907
|
-
let inlineApprovedByAsk = false;
|
|
908
|
-
let inlineApprovalDecision = null;
|
|
909
|
-
let inlineApprovalId;
|
|
910
|
-
if (requiresAsk) {
|
|
911
|
-
const requestArgs = buildDefaultExecApprovalRequestArgs({
|
|
912
|
-
warnings: params.warnings,
|
|
913
|
-
approvalRunningNoticeMs: params.approvalRunningNoticeMs,
|
|
914
|
-
createApprovalSlug,
|
|
915
|
-
turnSourceChannel: params.turnSourceChannel,
|
|
916
|
-
turnSourceAccountId: params.turnSourceAccountId
|
|
917
|
-
});
|
|
918
|
-
const registerNodeApproval = async (approvalId) => await registerExecApprovalRequestForHostOrThrow({
|
|
919
|
-
approvalId,
|
|
920
|
-
systemRunPlan: prepared.plan,
|
|
921
|
-
env: nodeEnv,
|
|
922
|
-
workdir: runCwd,
|
|
923
|
-
host: "node",
|
|
924
|
-
nodeId,
|
|
925
|
-
security: hostSecurity,
|
|
926
|
-
ask: hostAsk,
|
|
927
|
-
...buildExecApprovalRequesterContext({
|
|
928
|
-
agentId: runAgentId,
|
|
929
|
-
sessionKey: runSessionKey
|
|
930
|
-
}),
|
|
931
|
-
...buildExecApprovalTurnSourceContext(params)
|
|
932
|
-
});
|
|
933
|
-
const { approvalId, approvalSlug, warningText, expiresAtMs, preResolvedDecision, initiatingSurface, sentApproverDms, unavailableReason } = await createAndRegisterDefaultExecApprovalRequest({
|
|
934
|
-
...requestArgs,
|
|
935
|
-
register: registerNodeApproval
|
|
936
|
-
});
|
|
937
|
-
if (shouldResolveExecApprovalUnavailableInline({
|
|
938
|
-
trigger: params.trigger,
|
|
939
|
-
unavailableReason,
|
|
940
|
-
preResolvedDecision
|
|
941
|
-
})) {
|
|
942
|
-
const { baseDecision, approvedByAsk, deniedReason } = createExecApprovalDecisionState({
|
|
943
|
-
decision: preResolvedDecision,
|
|
944
|
-
askFallback
|
|
945
|
-
});
|
|
946
|
-
const strictInlineEvalDecision = enforceStrictInlineEvalApprovalBoundary({
|
|
947
|
-
baseDecision,
|
|
948
|
-
approvedByAsk,
|
|
949
|
-
deniedReason,
|
|
950
|
-
requiresInlineEvalApproval: inlineEvalHit !== null
|
|
951
|
-
});
|
|
952
|
-
if (strictInlineEvalDecision.deniedReason || !strictInlineEvalDecision.approvedByAsk) throw new Error(buildHeadlessExecApprovalDeniedMessage({
|
|
953
|
-
trigger: params.trigger,
|
|
954
|
-
host: "node",
|
|
955
|
-
security: hostSecurity,
|
|
956
|
-
ask: hostAsk,
|
|
957
|
-
askFallback
|
|
958
|
-
}));
|
|
959
|
-
inlineApprovedByAsk = strictInlineEvalDecision.approvedByAsk;
|
|
960
|
-
inlineApprovalDecision = strictInlineEvalDecision.approvedByAsk ? "allow-once" : null;
|
|
961
|
-
inlineApprovalId = approvalId;
|
|
962
|
-
} else {
|
|
963
|
-
const followupTarget = buildExecApprovalFollowupTarget({
|
|
964
|
-
approvalId,
|
|
965
|
-
sessionKey: params.notifySessionKey ?? params.sessionKey,
|
|
966
|
-
turnSourceChannel: params.turnSourceChannel,
|
|
967
|
-
turnSourceTo: params.turnSourceTo,
|
|
968
|
-
turnSourceAccountId: params.turnSourceAccountId,
|
|
969
|
-
turnSourceThreadId: params.turnSourceThreadId
|
|
970
|
-
});
|
|
971
|
-
(async () => {
|
|
972
|
-
const decision = await resolveApprovalDecisionOrUndefined({
|
|
973
|
-
approvalId,
|
|
974
|
-
preResolvedDecision,
|
|
975
|
-
onFailure: () => void sendExecApprovalFollowupResult(followupTarget, `Exec denied (node=${nodeId} id=${approvalId}, approval-request-failed): ${params.command}`)
|
|
976
|
-
});
|
|
977
|
-
if (decision === void 0) return;
|
|
978
|
-
const { baseDecision, approvedByAsk: initialApprovedByAsk, deniedReason: initialDeniedReason } = createExecApprovalDecisionState({
|
|
979
|
-
decision,
|
|
980
|
-
askFallback
|
|
981
|
-
});
|
|
982
|
-
let approvedByAsk = initialApprovedByAsk;
|
|
983
|
-
let approvalDecision = null;
|
|
984
|
-
let deniedReason = initialDeniedReason;
|
|
985
|
-
if (baseDecision.timedOut && askFallback === "full" && approvedByAsk) approvalDecision = "allow-once";
|
|
986
|
-
else if (decision === "allow-once") {
|
|
987
|
-
approvedByAsk = true;
|
|
988
|
-
approvalDecision = "allow-once";
|
|
989
|
-
} else if (decision === "allow-always") {
|
|
990
|
-
approvedByAsk = true;
|
|
991
|
-
approvalDecision = "allow-always";
|
|
992
|
-
}
|
|
993
|
-
({approvedByAsk, deniedReason} = enforceStrictInlineEvalApprovalBoundary({
|
|
994
|
-
baseDecision,
|
|
995
|
-
approvedByAsk,
|
|
996
|
-
deniedReason,
|
|
997
|
-
requiresInlineEvalApproval: inlineEvalHit !== null
|
|
998
|
-
}));
|
|
999
|
-
if (deniedReason) approvalDecision = null;
|
|
1000
|
-
if (deniedReason) {
|
|
1001
|
-
await sendExecApprovalFollowupResult(followupTarget, `Exec denied (node=${nodeId} id=${approvalId}, ${deniedReason}): ${params.command}`);
|
|
1002
|
-
return;
|
|
1003
|
-
}
|
|
1004
|
-
try {
|
|
1005
|
-
const raw = await callGatewayTool("node.invoke", { timeoutMs: invokeTimeoutMs }, buildInvokeParams(approvedByAsk, approvalDecision, approvalId, true));
|
|
1006
|
-
const payload = raw?.payload && typeof raw.payload === "object" ? raw.payload : {};
|
|
1007
|
-
const output = normalizeNotifyOutput([
|
|
1008
|
-
payload.stdout,
|
|
1009
|
-
payload.stderr,
|
|
1010
|
-
payload.error
|
|
1011
|
-
].filter(Boolean).join("\n").slice(-400));
|
|
1012
|
-
const exitLabel = payload.timedOut ? "timeout" : `code ${payload.exitCode ?? "?"}`;
|
|
1013
|
-
await sendExecApprovalFollowupResult(followupTarget, output ? `Exec finished (node=${nodeId} id=${approvalId}, ${exitLabel})\n${output}` : `Exec finished (node=${nodeId} id=${approvalId}, ${exitLabel})`);
|
|
1014
|
-
} catch {
|
|
1015
|
-
await sendExecApprovalFollowupResult(followupTarget, `Exec denied (node=${nodeId} id=${approvalId}, invoke-failed): ${params.command}`);
|
|
1016
|
-
}
|
|
1017
|
-
})();
|
|
1018
|
-
return buildExecApprovalPendingToolResult({
|
|
1019
|
-
host: "node",
|
|
1020
|
-
command: params.command,
|
|
1021
|
-
cwd: params.workdir,
|
|
1022
|
-
warningText,
|
|
1023
|
-
approvalId,
|
|
1024
|
-
approvalSlug,
|
|
1025
|
-
expiresAtMs,
|
|
1026
|
-
initiatingSurface,
|
|
1027
|
-
sentApproverDms,
|
|
1028
|
-
unavailableReason,
|
|
1029
|
-
allowedDecisions: resolveExecApprovalAllowedDecisions({ ask: hostAsk }),
|
|
1030
|
-
nodeId
|
|
1031
|
-
});
|
|
1032
|
-
}
|
|
1033
|
-
}
|
|
1034
|
-
const startedAt = Date.now();
|
|
1035
|
-
const raw = await callGatewayTool("node.invoke", { timeoutMs: invokeTimeoutMs }, buildInvokeParams(inlineApprovedByAsk, inlineApprovalDecision, inlineApprovalId));
|
|
1036
|
-
const payload = raw && typeof raw === "object" ? raw.payload : void 0;
|
|
1037
|
-
const payloadObj = payload && typeof payload === "object" ? payload : {};
|
|
1038
|
-
const stdout = typeof payloadObj.stdout === "string" ? payloadObj.stdout : "";
|
|
1039
|
-
const stderr = typeof payloadObj.stderr === "string" ? payloadObj.stderr : "";
|
|
1040
|
-
const errorText = typeof payloadObj.error === "string" ? payloadObj.error : "";
|
|
1041
|
-
const success = typeof payloadObj.success === "boolean" ? payloadObj.success : false;
|
|
1042
|
-
const exitCode = typeof payloadObj.exitCode === "number" ? payloadObj.exitCode : null;
|
|
1043
|
-
return {
|
|
1044
|
-
content: [{
|
|
1045
|
-
type: "text",
|
|
1046
|
-
text: stdout || stderr || errorText || ""
|
|
1047
|
-
}],
|
|
1048
|
-
details: {
|
|
1049
|
-
status: success ? "completed" : "failed",
|
|
1050
|
-
exitCode,
|
|
1051
|
-
durationMs: Date.now() - startedAt,
|
|
1052
|
-
aggregated: [
|
|
1053
|
-
stdout,
|
|
1054
|
-
stderr,
|
|
1055
|
-
errorText
|
|
1056
|
-
].filter(Boolean).join("\n"),
|
|
1057
|
-
cwd: params.workdir
|
|
1058
|
-
}
|
|
1059
|
-
};
|
|
1060
|
-
}
|
|
1061
|
-
//#endregion
|
|
1062
|
-
//#region src/agents/bash-tools.exec.ts
|
|
1063
|
-
function buildExecForegroundResult(params) {
|
|
1064
|
-
const warningText = params.warningText?.trim() ? `${params.warningText}\n\n` : "";
|
|
1065
|
-
if (params.outcome.status === "failed") return failedTextResult(`${warningText}${params.outcome.reason}`, {
|
|
1066
|
-
status: "failed",
|
|
1067
|
-
exitCode: params.outcome.exitCode ?? null,
|
|
1068
|
-
durationMs: params.outcome.durationMs,
|
|
1069
|
-
aggregated: params.outcome.aggregated,
|
|
1070
|
-
timedOut: params.outcome.timedOut,
|
|
1071
|
-
cwd: params.cwd
|
|
1072
|
-
});
|
|
1073
|
-
return textResult(`${warningText}${params.outcome.aggregated || "(no output)"}`, {
|
|
1074
|
-
status: "completed",
|
|
1075
|
-
exitCode: params.outcome.exitCode,
|
|
1076
|
-
durationMs: params.outcome.durationMs,
|
|
1077
|
-
aggregated: params.outcome.aggregated,
|
|
1078
|
-
cwd: params.cwd
|
|
1079
|
-
});
|
|
1080
|
-
}
|
|
1081
|
-
const PREFLIGHT_ENV_OPTIONS_WITH_VALUES = new Set([
|
|
1082
|
-
"-C",
|
|
1083
|
-
"-S",
|
|
1084
|
-
"-u",
|
|
1085
|
-
"--argv0",
|
|
1086
|
-
"--block-signal",
|
|
1087
|
-
"--chdir",
|
|
1088
|
-
"--default-signal",
|
|
1089
|
-
"--ignore-signal",
|
|
1090
|
-
"--split-string",
|
|
1091
|
-
"--unset"
|
|
1092
|
-
]);
|
|
1093
|
-
const SKIPPABLE_SCRIPT_PREFLIGHT_FS_ERROR_CODES = new Set([
|
|
1094
|
-
"EACCES",
|
|
1095
|
-
"EISDIR",
|
|
1096
|
-
"ELOOP",
|
|
1097
|
-
"EINVAL",
|
|
1098
|
-
"ENAMETOOLONG",
|
|
1099
|
-
"ENOENT",
|
|
1100
|
-
"ENOTDIR",
|
|
1101
|
-
"EPERM"
|
|
1102
|
-
]);
|
|
1103
|
-
function getNodeErrorCode(error) {
|
|
1104
|
-
if (typeof error !== "object" || error === null || !("code" in error)) return;
|
|
1105
|
-
return String(error.code);
|
|
1106
|
-
}
|
|
1107
|
-
let fsSafeModulePromise;
|
|
1108
|
-
async function loadFsSafeModule() {
|
|
1109
|
-
fsSafeModulePromise ??= import("./fs-safe-BKyLKWBX.js");
|
|
1110
|
-
return await fsSafeModulePromise;
|
|
1111
|
-
}
|
|
1112
|
-
function shouldSkipScriptPreflightPathError(error, SafeOpenError) {
|
|
1113
|
-
if (error instanceof SafeOpenError) return true;
|
|
1114
|
-
const errorCode = getNodeErrorCode(error);
|
|
1115
|
-
return !!(errorCode && SKIPPABLE_SCRIPT_PREFLIGHT_FS_ERROR_CODES.has(errorCode));
|
|
1116
|
-
}
|
|
1117
|
-
function resolvePreflightRelativePath(params) {
|
|
1118
|
-
const root = path.resolve(params.rootDir);
|
|
1119
|
-
const candidate = path.resolve(params.absPath);
|
|
1120
|
-
const relative = path.relative(root, candidate);
|
|
1121
|
-
if (/^\.\.(?:[\\/]|$)/u.test(relative) || path.isAbsolute(relative)) return null;
|
|
1122
|
-
return /^~(?:$|[\\/])/u.test(relative) ? `.${path.sep}${relative}` : relative;
|
|
1123
|
-
}
|
|
1124
|
-
function isShellEnvAssignmentToken(token) {
|
|
1125
|
-
return /^[A-Za-z_][A-Za-z0-9_]*=.*$/u.test(token);
|
|
1126
|
-
}
|
|
1127
|
-
function isEnvExecutableToken(token) {
|
|
1128
|
-
if (!token) return false;
|
|
1129
|
-
const base = normalizeOptionalLowercaseString(token.split(/[\\/]/u).at(-1)) ?? "";
|
|
1130
|
-
return (base.endsWith(".exe") ? base.slice(0, -4) : base) === "env";
|
|
1131
|
-
}
|
|
1132
|
-
function stripPreflightEnvPrefix(argv) {
|
|
1133
|
-
if (argv.length === 0) return argv;
|
|
1134
|
-
let idx = 0;
|
|
1135
|
-
while (idx < argv.length && isShellEnvAssignmentToken(argv[idx])) idx += 1;
|
|
1136
|
-
if (!isEnvExecutableToken(argv[idx])) return argv;
|
|
1137
|
-
idx += 1;
|
|
1138
|
-
while (idx < argv.length) {
|
|
1139
|
-
const token = argv[idx];
|
|
1140
|
-
if (token === "--") {
|
|
1141
|
-
idx += 1;
|
|
1142
|
-
break;
|
|
1143
|
-
}
|
|
1144
|
-
if (isShellEnvAssignmentToken(token)) {
|
|
1145
|
-
idx += 1;
|
|
1146
|
-
continue;
|
|
1147
|
-
}
|
|
1148
|
-
if (!token.startsWith("-") || token === "-") break;
|
|
1149
|
-
idx += 1;
|
|
1150
|
-
const option = token.split("=", 1)[0];
|
|
1151
|
-
if (PREFLIGHT_ENV_OPTIONS_WITH_VALUES.has(option) && !token.includes("=") && idx < argv.length) idx += 1;
|
|
1152
|
-
}
|
|
1153
|
-
return argv.slice(idx);
|
|
1154
|
-
}
|
|
1155
|
-
function findFirstPythonScriptArg(tokens) {
|
|
1156
|
-
const optionsWithSeparateValue = new Set([
|
|
1157
|
-
"-W",
|
|
1158
|
-
"-X",
|
|
1159
|
-
"-Q",
|
|
1160
|
-
"--check-hash-based-pycs"
|
|
1161
|
-
]);
|
|
1162
|
-
for (let i = 0; i < tokens.length; i += 1) {
|
|
1163
|
-
const token = tokens[i];
|
|
1164
|
-
if (token === "--") {
|
|
1165
|
-
const next = tokens[i + 1];
|
|
1166
|
-
return normalizeLowercaseStringOrEmpty(next).endsWith(".py") ? next : null;
|
|
1167
|
-
}
|
|
1168
|
-
if (token === "-") return null;
|
|
1169
|
-
if (token === "-c" || token === "-m") return null;
|
|
1170
|
-
if ((token.startsWith("-c") || token.startsWith("-m")) && token.length > 2) return null;
|
|
1171
|
-
if (optionsWithSeparateValue.has(token)) {
|
|
1172
|
-
i += 1;
|
|
1173
|
-
continue;
|
|
1174
|
-
}
|
|
1175
|
-
if (token.startsWith("-")) continue;
|
|
1176
|
-
return normalizeLowercaseStringOrEmpty(token).endsWith(".py") ? token : null;
|
|
1177
|
-
}
|
|
1178
|
-
return null;
|
|
1179
|
-
}
|
|
1180
|
-
function findNodeScriptArgs(tokens) {
|
|
1181
|
-
const optionsWithSeparateValue = new Set([
|
|
1182
|
-
"-r",
|
|
1183
|
-
"--require",
|
|
1184
|
-
"--import"
|
|
1185
|
-
]);
|
|
1186
|
-
const preloadScripts = [];
|
|
1187
|
-
let entryScript = null;
|
|
1188
|
-
let hasInlineEvalOrPrint = false;
|
|
1189
|
-
for (let i = 0; i < tokens.length; i += 1) {
|
|
1190
|
-
const token = tokens[i];
|
|
1191
|
-
if (token === "--") {
|
|
1192
|
-
if (!hasInlineEvalOrPrint && !entryScript) {
|
|
1193
|
-
const next = tokens[i + 1];
|
|
1194
|
-
if (normalizeLowercaseStringOrEmpty(next).endsWith(".js")) entryScript = next;
|
|
1195
|
-
}
|
|
1196
|
-
break;
|
|
1197
|
-
}
|
|
1198
|
-
if (token === "-e" || token === "-p" || token === "--eval" || token === "--print" || token.startsWith("--eval=") || token.startsWith("--print=") || (token.startsWith("-e") || token.startsWith("-p")) && token.length > 2) {
|
|
1199
|
-
hasInlineEvalOrPrint = true;
|
|
1200
|
-
if (token === "-e" || token === "-p" || token === "--eval" || token === "--print") i += 1;
|
|
1201
|
-
continue;
|
|
1202
|
-
}
|
|
1203
|
-
if (optionsWithSeparateValue.has(token)) {
|
|
1204
|
-
const next = tokens[i + 1];
|
|
1205
|
-
if (normalizeLowercaseStringOrEmpty(next).endsWith(".js")) preloadScripts.push(next);
|
|
1206
|
-
i += 1;
|
|
1207
|
-
continue;
|
|
1208
|
-
}
|
|
1209
|
-
if (token.startsWith("-r") && token.length > 2 || token.startsWith("--require=") || token.startsWith("--import=")) {
|
|
1210
|
-
const inlineValue = token.startsWith("-r") ? token.slice(2) : token.slice(token.indexOf("=") + 1);
|
|
1211
|
-
if (normalizeLowercaseStringOrEmpty(inlineValue).endsWith(".js")) preloadScripts.push(inlineValue);
|
|
1212
|
-
continue;
|
|
1213
|
-
}
|
|
1214
|
-
if (token.startsWith("-")) continue;
|
|
1215
|
-
if (!hasInlineEvalOrPrint && !entryScript && normalizeLowercaseStringOrEmpty(token).endsWith(".js")) entryScript = token;
|
|
1216
|
-
break;
|
|
1217
|
-
}
|
|
1218
|
-
const targets = [...preloadScripts];
|
|
1219
|
-
if (entryScript) targets.push(entryScript);
|
|
1220
|
-
return targets;
|
|
1221
|
-
}
|
|
1222
|
-
function extractInterpreterScriptTargetFromArgv(argv) {
|
|
1223
|
-
if (!argv || argv.length === 0) return null;
|
|
1224
|
-
let commandIdx = 0;
|
|
1225
|
-
while (commandIdx < argv.length && /^[A-Za-z_][A-Za-z0-9_]*=.*$/u.test(argv[commandIdx])) commandIdx += 1;
|
|
1226
|
-
const executable = normalizeOptionalLowercaseString(argv[commandIdx]);
|
|
1227
|
-
if (!executable) return null;
|
|
1228
|
-
const args = argv.slice(commandIdx + 1);
|
|
1229
|
-
if (/^python(?:3(?:\.\d+)?)?$/i.test(executable)) {
|
|
1230
|
-
const script = findFirstPythonScriptArg(args);
|
|
1231
|
-
if (script) return {
|
|
1232
|
-
kind: "python",
|
|
1233
|
-
relOrAbsPaths: [script]
|
|
1234
|
-
};
|
|
1235
|
-
return null;
|
|
1236
|
-
}
|
|
1237
|
-
if (executable === "node") {
|
|
1238
|
-
const scripts = findNodeScriptArgs(args);
|
|
1239
|
-
if (scripts.length > 0) return {
|
|
1240
|
-
kind: "node",
|
|
1241
|
-
relOrAbsPaths: scripts
|
|
1242
|
-
};
|
|
1243
|
-
return null;
|
|
1244
|
-
}
|
|
1245
|
-
return null;
|
|
1246
|
-
}
|
|
1247
|
-
function extractInterpreterScriptPathsFromSegment(rawSegment) {
|
|
1248
|
-
const argv = splitShellArgs(rawSegment.trim());
|
|
1249
|
-
if (!argv || argv.length === 0) return [];
|
|
1250
|
-
return extractInterpreterScriptTargetFromArgv(stripPreflightEnvPrefix(/^(?:if|then|do|elif|else|while|until|time)$/i.test(argv[0] ?? "") ? argv.slice(1) : argv))?.relOrAbsPaths ?? [];
|
|
1251
|
-
}
|
|
1252
|
-
function extractScriptTargetFromCommand(command) {
|
|
1253
|
-
const raw = command.trim();
|
|
1254
|
-
const splitShellArgsPreservingBackslashes = (value) => {
|
|
1255
|
-
const tokens = [];
|
|
1256
|
-
let buf = "";
|
|
1257
|
-
let inSingle = false;
|
|
1258
|
-
let inDouble = false;
|
|
1259
|
-
const pushToken = () => {
|
|
1260
|
-
if (buf.length > 0) {
|
|
1261
|
-
tokens.push(buf);
|
|
1262
|
-
buf = "";
|
|
1263
|
-
}
|
|
1264
|
-
};
|
|
1265
|
-
for (let i = 0; i < value.length; i += 1) {
|
|
1266
|
-
const ch = value[i];
|
|
1267
|
-
if (inSingle) {
|
|
1268
|
-
if (ch === "'") inSingle = false;
|
|
1269
|
-
else buf += ch;
|
|
1270
|
-
continue;
|
|
1271
|
-
}
|
|
1272
|
-
if (inDouble) {
|
|
1273
|
-
if (ch === "\"") inDouble = false;
|
|
1274
|
-
else buf += ch;
|
|
1275
|
-
continue;
|
|
1276
|
-
}
|
|
1277
|
-
if (ch === "'") {
|
|
1278
|
-
inSingle = true;
|
|
1279
|
-
continue;
|
|
1280
|
-
}
|
|
1281
|
-
if (ch === "\"") {
|
|
1282
|
-
inDouble = true;
|
|
1283
|
-
continue;
|
|
1284
|
-
}
|
|
1285
|
-
if (/\s/.test(ch)) {
|
|
1286
|
-
pushToken();
|
|
1287
|
-
continue;
|
|
1288
|
-
}
|
|
1289
|
-
buf += ch;
|
|
1290
|
-
}
|
|
1291
|
-
if (inSingle || inDouble) return null;
|
|
1292
|
-
pushToken();
|
|
1293
|
-
return tokens;
|
|
1294
|
-
};
|
|
1295
|
-
const candidateArgv = process.platform === "win32" && /(?:^|[\s"'`])(?:[A-Za-z]:\\|\\\\|[^\s"'`|&;()<>]+\\[^\s"'`|&;()<>]+)/.test(raw) ? [splitShellArgsPreservingBackslashes(raw)] : [splitShellArgs(raw)];
|
|
1296
|
-
for (const argv of candidateArgv) {
|
|
1297
|
-
const attempts = [argv, argv ? stripPreflightEnvPrefix(argv) : null];
|
|
1298
|
-
for (const attempt of attempts) {
|
|
1299
|
-
const target = extractInterpreterScriptTargetFromArgv(attempt);
|
|
1300
|
-
if (target) return target;
|
|
1301
|
-
}
|
|
1302
|
-
}
|
|
1303
|
-
return null;
|
|
1304
|
-
}
|
|
1305
|
-
function extractUnquotedShellText(raw) {
|
|
1306
|
-
let out = "";
|
|
1307
|
-
let inSingle = false;
|
|
1308
|
-
let inDouble = false;
|
|
1309
|
-
let escaped = false;
|
|
1310
|
-
for (let i = 0; i < raw.length; i += 1) {
|
|
1311
|
-
const ch = raw[i];
|
|
1312
|
-
if (escaped) {
|
|
1313
|
-
if (!inSingle && !inDouble) out += `\\${ch}`;
|
|
1314
|
-
escaped = false;
|
|
1315
|
-
continue;
|
|
1316
|
-
}
|
|
1317
|
-
if (!inSingle && ch === "\\") {
|
|
1318
|
-
escaped = true;
|
|
1319
|
-
continue;
|
|
1320
|
-
}
|
|
1321
|
-
if (inSingle) {
|
|
1322
|
-
if (ch === "'") inSingle = false;
|
|
1323
|
-
continue;
|
|
1324
|
-
}
|
|
1325
|
-
if (inDouble) {
|
|
1326
|
-
const next = raw[i + 1];
|
|
1327
|
-
if (ch === "\\" && next && /[\\'"$`\n\r]/.test(next)) {
|
|
1328
|
-
i += 1;
|
|
1329
|
-
continue;
|
|
1330
|
-
}
|
|
1331
|
-
if (ch === "\"") inDouble = false;
|
|
1332
|
-
continue;
|
|
1333
|
-
}
|
|
1334
|
-
if (ch === "'") {
|
|
1335
|
-
inSingle = true;
|
|
1336
|
-
continue;
|
|
1337
|
-
}
|
|
1338
|
-
if (ch === "\"") {
|
|
1339
|
-
inDouble = true;
|
|
1340
|
-
continue;
|
|
1341
|
-
}
|
|
1342
|
-
out += ch;
|
|
1343
|
-
}
|
|
1344
|
-
if (escaped || inSingle || inDouble) return null;
|
|
1345
|
-
return out;
|
|
1346
|
-
}
|
|
1347
|
-
function splitShellSegmentsOutsideQuotes(rawText, params) {
|
|
1348
|
-
const segments = [];
|
|
1349
|
-
let buf = "";
|
|
1350
|
-
let inSingle = false;
|
|
1351
|
-
let inDouble = false;
|
|
1352
|
-
let escaped = false;
|
|
1353
|
-
const pushSegment = () => {
|
|
1354
|
-
if (buf.trim().length > 0) segments.push(buf);
|
|
1355
|
-
buf = "";
|
|
1356
|
-
};
|
|
1357
|
-
for (let i = 0; i < rawText.length; i += 1) {
|
|
1358
|
-
const ch = rawText[i];
|
|
1359
|
-
const next = rawText[i + 1];
|
|
1360
|
-
if (escaped) {
|
|
1361
|
-
buf += ch;
|
|
1362
|
-
escaped = false;
|
|
1363
|
-
continue;
|
|
1364
|
-
}
|
|
1365
|
-
if (!inSingle && ch === "\\") {
|
|
1366
|
-
buf += ch;
|
|
1367
|
-
escaped = true;
|
|
1368
|
-
continue;
|
|
1369
|
-
}
|
|
1370
|
-
if (inSingle) {
|
|
1371
|
-
buf += ch;
|
|
1372
|
-
if (ch === "'") inSingle = false;
|
|
1373
|
-
continue;
|
|
1374
|
-
}
|
|
1375
|
-
if (inDouble) {
|
|
1376
|
-
buf += ch;
|
|
1377
|
-
if (ch === "\"") inDouble = false;
|
|
1378
|
-
continue;
|
|
1379
|
-
}
|
|
1380
|
-
if (ch === "'") {
|
|
1381
|
-
inSingle = true;
|
|
1382
|
-
buf += ch;
|
|
1383
|
-
continue;
|
|
1384
|
-
}
|
|
1385
|
-
if (ch === "\"") {
|
|
1386
|
-
inDouble = true;
|
|
1387
|
-
buf += ch;
|
|
1388
|
-
continue;
|
|
1389
|
-
}
|
|
1390
|
-
if (ch === "\n" || ch === "\r") {
|
|
1391
|
-
pushSegment();
|
|
1392
|
-
continue;
|
|
1393
|
-
}
|
|
1394
|
-
if (ch === ";") {
|
|
1395
|
-
pushSegment();
|
|
1396
|
-
continue;
|
|
1397
|
-
}
|
|
1398
|
-
if (ch === "&" && next === "&") {
|
|
1399
|
-
pushSegment();
|
|
1400
|
-
i += 1;
|
|
1401
|
-
continue;
|
|
1402
|
-
}
|
|
1403
|
-
if (ch === "|" && next === "|") {
|
|
1404
|
-
pushSegment();
|
|
1405
|
-
i += 1;
|
|
1406
|
-
continue;
|
|
1407
|
-
}
|
|
1408
|
-
if (params.splitPipes && ch === "|") {
|
|
1409
|
-
pushSegment();
|
|
1410
|
-
continue;
|
|
1411
|
-
}
|
|
1412
|
-
buf += ch;
|
|
1413
|
-
}
|
|
1414
|
-
pushSegment();
|
|
1415
|
-
return segments;
|
|
1416
|
-
}
|
|
1417
|
-
function isInterpreterExecutable(executable) {
|
|
1418
|
-
if (!executable) return false;
|
|
1419
|
-
return /^python(?:3(?:\.\d+)?)?$/i.test(executable) || executable === "node";
|
|
1420
|
-
}
|
|
1421
|
-
function hasUnescapedSequence(raw, sequence) {
|
|
1422
|
-
if (sequence.length === 0) return false;
|
|
1423
|
-
let escaped = false;
|
|
1424
|
-
for (let i = 0; i < raw.length; i += 1) {
|
|
1425
|
-
const ch = raw[i];
|
|
1426
|
-
if (escaped) {
|
|
1427
|
-
escaped = false;
|
|
1428
|
-
continue;
|
|
1429
|
-
}
|
|
1430
|
-
if (ch === "\\") {
|
|
1431
|
-
escaped = true;
|
|
1432
|
-
continue;
|
|
1433
|
-
}
|
|
1434
|
-
if (raw.startsWith(sequence, i)) return true;
|
|
1435
|
-
}
|
|
1436
|
-
return false;
|
|
1437
|
-
}
|
|
1438
|
-
function hasUnquotedScriptHint(raw) {
|
|
1439
|
-
let inSingle = false;
|
|
1440
|
-
let inDouble = false;
|
|
1441
|
-
let escaped = false;
|
|
1442
|
-
let token = "";
|
|
1443
|
-
const flushToken = () => {
|
|
1444
|
-
const normalizedToken = normalizeLowercaseStringOrEmpty(token);
|
|
1445
|
-
if (normalizedToken.endsWith(".py") || normalizedToken.endsWith(".js")) return true;
|
|
1446
|
-
token = "";
|
|
1447
|
-
return false;
|
|
1448
|
-
};
|
|
1449
|
-
for (let i = 0; i < raw.length; i += 1) {
|
|
1450
|
-
const ch = raw[i];
|
|
1451
|
-
if (escaped) {
|
|
1452
|
-
if (!inSingle && !inDouble) token += ch;
|
|
1453
|
-
escaped = false;
|
|
1454
|
-
continue;
|
|
1455
|
-
}
|
|
1456
|
-
if (!inSingle && ch === "\\") {
|
|
1457
|
-
escaped = true;
|
|
1458
|
-
continue;
|
|
1459
|
-
}
|
|
1460
|
-
if (inSingle) {
|
|
1461
|
-
if (ch === "'") inSingle = false;
|
|
1462
|
-
continue;
|
|
1463
|
-
}
|
|
1464
|
-
if (inDouble) {
|
|
1465
|
-
if (ch === "\"") inDouble = false;
|
|
1466
|
-
continue;
|
|
1467
|
-
}
|
|
1468
|
-
if (ch === "'") {
|
|
1469
|
-
if (flushToken()) return true;
|
|
1470
|
-
inSingle = true;
|
|
1471
|
-
continue;
|
|
1472
|
-
}
|
|
1473
|
-
if (ch === "\"") {
|
|
1474
|
-
if (flushToken()) return true;
|
|
1475
|
-
inDouble = true;
|
|
1476
|
-
continue;
|
|
1477
|
-
}
|
|
1478
|
-
if (/\s/u.test(ch) || "|&;()<>".includes(ch)) {
|
|
1479
|
-
if (flushToken()) return true;
|
|
1480
|
-
continue;
|
|
1481
|
-
}
|
|
1482
|
-
token += ch;
|
|
1483
|
-
}
|
|
1484
|
-
return flushToken();
|
|
1485
|
-
}
|
|
1486
|
-
function resolveLeadingShellSegmentExecutable(rawSegment) {
|
|
1487
|
-
const argv = splitShellArgs((extractUnquotedShellText(rawSegment) ?? rawSegment).trim());
|
|
1488
|
-
if (!argv || argv.length === 0) return;
|
|
1489
|
-
const withoutLeadingKeyword = /^(?:if|then|do|elif|else|while|until|time)$/i.test(argv[0] ?? "") ? argv.slice(1) : argv;
|
|
1490
|
-
if (withoutLeadingKeyword.length === 0) return;
|
|
1491
|
-
const normalizedArgv = stripPreflightEnvPrefix(withoutLeadingKeyword);
|
|
1492
|
-
let commandIdx = 0;
|
|
1493
|
-
while (commandIdx < normalizedArgv.length && /^[A-Za-z_][A-Za-z0-9_]*=.*$/u.test(normalizedArgv[commandIdx] ?? "")) commandIdx += 1;
|
|
1494
|
-
return normalizeOptionalLowercaseString(normalizedArgv[commandIdx]);
|
|
1495
|
-
}
|
|
1496
|
-
function analyzeInterpreterHeuristicsFromUnquoted(raw) {
|
|
1497
|
-
const hasPython = splitShellSegmentsOutsideQuotes(raw, { splitPipes: true }).some((segment) => /^python(?:3(?:\.\d+)?)?$/i.test(resolveLeadingShellSegmentExecutable(segment) ?? ""));
|
|
1498
|
-
const hasNode = splitShellSegmentsOutsideQuotes(raw, { splitPipes: true }).some((segment) => resolveLeadingShellSegmentExecutable(segment) === "node");
|
|
1499
|
-
const hasProcessSubstitution = hasUnescapedSequence(raw, "<(") || hasUnescapedSequence(raw, ">(");
|
|
1500
|
-
return {
|
|
1501
|
-
hasPython,
|
|
1502
|
-
hasNode,
|
|
1503
|
-
hasComplexSyntax: hasUnescapedSequence(raw, "|") || hasUnescapedSequence(raw, "&&") || hasUnescapedSequence(raw, "||") || hasUnescapedSequence(raw, ";") || raw.includes("\n") || raw.includes("\r") || hasUnescapedSequence(raw, "$(") || hasUnescapedSequence(raw, "`") || hasProcessSubstitution,
|
|
1504
|
-
hasProcessSubstitution,
|
|
1505
|
-
hasScriptHint: hasUnquotedScriptHint(raw)
|
|
1506
|
-
};
|
|
1507
|
-
}
|
|
1508
|
-
function extractShellWrappedCommandPayload(executable, args) {
|
|
1509
|
-
if (!executable) return null;
|
|
1510
|
-
const executableBase = normalizeOptionalLowercaseString(executable.split(/[\\/]/u).at(-1)) ?? "";
|
|
1511
|
-
const normalizedExecutable = executableBase.endsWith(".exe") ? executableBase.slice(0, -4) : executableBase;
|
|
1512
|
-
if (!/^(?:bash|dash|fish|ksh|sh|zsh)$/i.test(normalizedExecutable)) return null;
|
|
1513
|
-
const shortOptionsWithSeparateValue = new Set(["-O", "-o"]);
|
|
1514
|
-
for (let i = 0; i < args.length; i += 1) {
|
|
1515
|
-
const arg = args[i];
|
|
1516
|
-
if (arg === "--") return null;
|
|
1517
|
-
if (arg === "-c") return args[i + 1] ?? null;
|
|
1518
|
-
if (/^-[A-Za-z]+$/u.test(arg)) {
|
|
1519
|
-
if (arg.includes("c")) return args[i + 1] ?? null;
|
|
1520
|
-
if (shortOptionsWithSeparateValue.has(arg)) i += 1;
|
|
1521
|
-
continue;
|
|
1522
|
-
}
|
|
1523
|
-
if (/^--[A-Za-z0-9][A-Za-z0-9-]*(?:=.*)?$/u.test(arg)) {
|
|
1524
|
-
if (!arg.includes("=")) {
|
|
1525
|
-
const next = args[i + 1];
|
|
1526
|
-
if (next && next !== "--" && !next.startsWith("-")) i += 1;
|
|
1527
|
-
}
|
|
1528
|
-
continue;
|
|
1529
|
-
}
|
|
1530
|
-
return null;
|
|
1531
|
-
}
|
|
1532
|
-
return null;
|
|
1533
|
-
}
|
|
1534
|
-
function shouldFailClosedInterpreterPreflight(command) {
|
|
1535
|
-
const raw = command.trim();
|
|
1536
|
-
const rawArgv = splitShellArgs(raw);
|
|
1537
|
-
const argv = rawArgv ? stripPreflightEnvPrefix(rawArgv) : null;
|
|
1538
|
-
let commandIdx = 0;
|
|
1539
|
-
if (argv) while (commandIdx < argv.length && /^[A-Za-z_][A-Za-z0-9_]*=.*$/u.test(argv[commandIdx] ?? "")) commandIdx += 1;
|
|
1540
|
-
const directExecutable = normalizeOptionalLowercaseString(argv?.[commandIdx]);
|
|
1541
|
-
const args = argv ? argv.slice(commandIdx + 1) : [];
|
|
1542
|
-
const isDirectInterpreterCommand = Boolean(directExecutable && /^python(?:3(?:\.\d+)?)?$/i.test(directExecutable)) || directExecutable === "node";
|
|
1543
|
-
const topLevel = analyzeInterpreterHeuristicsFromUnquoted(extractUnquotedShellText(raw) ?? raw);
|
|
1544
|
-
const shellWrappedPayload = extractShellWrappedCommandPayload(directExecutable, args);
|
|
1545
|
-
const nestedUnquoted = shellWrappedPayload ? extractUnquotedShellText(shellWrappedPayload) ?? shellWrappedPayload : "";
|
|
1546
|
-
const nested = shellWrappedPayload ? analyzeInterpreterHeuristicsFromUnquoted(nestedUnquoted) : {
|
|
1547
|
-
hasPython: false,
|
|
1548
|
-
hasNode: false,
|
|
1549
|
-
hasComplexSyntax: false,
|
|
1550
|
-
hasProcessSubstitution: false,
|
|
1551
|
-
hasScriptHint: false
|
|
1552
|
-
};
|
|
1553
|
-
const hasInterpreterInvocationInSegment = (rawSegment) => isInterpreterExecutable(resolveLeadingShellSegmentExecutable(rawSegment));
|
|
1554
|
-
const isScriptExecutingInterpreterCommand = (rawCommand) => {
|
|
1555
|
-
const argv = splitShellArgs(rawCommand.trim());
|
|
1556
|
-
if (!argv || argv.length === 0) return false;
|
|
1557
|
-
const withoutLeadingKeyword = /^(?:if|then|do|elif|else|while|until|time)$/i.test(argv[0] ?? "") ? argv.slice(1) : argv;
|
|
1558
|
-
if (withoutLeadingKeyword.length === 0) return false;
|
|
1559
|
-
const normalizedArgv = stripPreflightEnvPrefix(withoutLeadingKeyword);
|
|
1560
|
-
let commandIdx = 0;
|
|
1561
|
-
while (commandIdx < normalizedArgv.length && /^[A-Za-z_][A-Za-z0-9_]*=.*$/u.test(normalizedArgv[commandIdx] ?? "")) commandIdx += 1;
|
|
1562
|
-
const executable = normalizeOptionalLowercaseString(normalizedArgv[commandIdx]);
|
|
1563
|
-
if (!executable) return false;
|
|
1564
|
-
const args = normalizedArgv.slice(commandIdx + 1);
|
|
1565
|
-
if (/^python(?:3(?:\.\d+)?)?$/i.test(executable)) {
|
|
1566
|
-
const pythonInfoOnlyFlags = new Set([
|
|
1567
|
-
"-V",
|
|
1568
|
-
"--version",
|
|
1569
|
-
"-h",
|
|
1570
|
-
"--help"
|
|
1571
|
-
]);
|
|
1572
|
-
if (args.some((arg) => pythonInfoOnlyFlags.has(arg))) return false;
|
|
1573
|
-
if (args.some((arg) => arg === "-c" || arg === "-m" || arg.startsWith("-c") || arg.startsWith("-m") || arg === "--check-hash-based-pycs")) return false;
|
|
1574
|
-
return true;
|
|
1575
|
-
}
|
|
1576
|
-
if (executable === "node") {
|
|
1577
|
-
const nodeInfoOnlyFlags = new Set([
|
|
1578
|
-
"-v",
|
|
1579
|
-
"--version",
|
|
1580
|
-
"-h",
|
|
1581
|
-
"--help",
|
|
1582
|
-
"-c",
|
|
1583
|
-
"--check"
|
|
1584
|
-
]);
|
|
1585
|
-
if (args.some((arg) => nodeInfoOnlyFlags.has(arg))) return false;
|
|
1586
|
-
if (args.some((arg) => arg === "-e" || arg === "-p" || arg === "--eval" || arg === "--print" || arg.startsWith("--eval=") || arg.startsWith("--print=") || (arg.startsWith("-e") || arg.startsWith("-p")) && arg.length > 2)) return false;
|
|
1587
|
-
return true;
|
|
1588
|
-
}
|
|
1589
|
-
return false;
|
|
1590
|
-
};
|
|
1591
|
-
const hasScriptHintInSegment = (segment) => extractInterpreterScriptPathsFromSegment(segment).length > 0 || hasUnquotedScriptHint(segment);
|
|
1592
|
-
const hasInterpreterAndScriptHintInSameSegment = (rawText) => {
|
|
1593
|
-
return splitShellSegmentsOutsideQuotes(rawText, { splitPipes: true }).some((segment) => {
|
|
1594
|
-
if (!isScriptExecutingInterpreterCommand(segment)) return false;
|
|
1595
|
-
return hasScriptHintInSegment(segment);
|
|
1596
|
-
});
|
|
1597
|
-
};
|
|
1598
|
-
const hasInterpreterPipelineScriptHintInSameSegment = (rawText) => {
|
|
1599
|
-
return splitShellSegmentsOutsideQuotes(rawText, { splitPipes: false }).some((segment) => {
|
|
1600
|
-
if (!splitShellSegmentsOutsideQuotes(segment, { splitPipes: true }).slice(1).some((pipelineCommand) => isScriptExecutingInterpreterCommand(pipelineCommand))) return false;
|
|
1601
|
-
return hasScriptHintInSegment(segment);
|
|
1602
|
-
});
|
|
1603
|
-
};
|
|
1604
|
-
const hasInterpreterSegmentScriptHint = hasInterpreterAndScriptHintInSameSegment(raw) || shellWrappedPayload !== null && hasInterpreterAndScriptHintInSameSegment(shellWrappedPayload);
|
|
1605
|
-
const hasInterpreterPipelineScriptHint = hasInterpreterPipelineScriptHintInSameSegment(raw) || shellWrappedPayload !== null && hasInterpreterPipelineScriptHintInSameSegment(shellWrappedPayload);
|
|
1606
|
-
const hasShellWrappedInterpreterSegmentScriptHint = shellWrappedPayload !== null && hasInterpreterAndScriptHintInSameSegment(shellWrappedPayload);
|
|
1607
|
-
const hasShellWrappedInterpreterInvocation = (nested.hasPython || nested.hasNode) && (hasShellWrappedInterpreterSegmentScriptHint || nested.hasScriptHint || nested.hasComplexSyntax || nested.hasProcessSubstitution);
|
|
1608
|
-
const hasTopLevelInterpreterInvocation = splitShellSegmentsOutsideQuotes(raw, { splitPipes: true }).some((segment) => hasInterpreterInvocationInSegment(segment));
|
|
1609
|
-
return {
|
|
1610
|
-
hasInterpreterInvocation: isDirectInterpreterCommand || hasShellWrappedInterpreterInvocation || hasTopLevelInterpreterInvocation,
|
|
1611
|
-
hasComplexSyntax: topLevel.hasComplexSyntax || hasShellWrappedInterpreterInvocation,
|
|
1612
|
-
hasProcessSubstitution: topLevel.hasProcessSubstitution || nested.hasProcessSubstitution,
|
|
1613
|
-
hasInterpreterSegmentScriptHint,
|
|
1614
|
-
hasInterpreterPipelineScriptHint,
|
|
1615
|
-
isDirectInterpreterCommand
|
|
1616
|
-
};
|
|
1617
|
-
}
|
|
1618
|
-
async function validateScriptFileForShellBleed(params) {
|
|
1619
|
-
const target = extractScriptTargetFromCommand(params.command);
|
|
1620
|
-
if (!target) {
|
|
1621
|
-
const { hasInterpreterInvocation, hasComplexSyntax, hasProcessSubstitution, hasInterpreterSegmentScriptHint, hasInterpreterPipelineScriptHint, isDirectInterpreterCommand } = shouldFailClosedInterpreterPreflight(params.command);
|
|
1622
|
-
if (hasInterpreterInvocation && hasComplexSyntax && (hasInterpreterSegmentScriptHint || hasInterpreterPipelineScriptHint || hasProcessSubstitution && isDirectInterpreterCommand)) throw new Error("exec preflight: complex interpreter invocation detected; refusing to run without script preflight validation. Use a direct `python <file>.py` or `node <file>.js` command.");
|
|
1623
|
-
return;
|
|
1624
|
-
}
|
|
1625
|
-
const { SafeOpenError, readFileWithinRoot } = await loadFsSafeModule();
|
|
1626
|
-
for (const relOrAbsPath of target.relOrAbsPaths) {
|
|
1627
|
-
const absPath = path.isAbsolute(relOrAbsPath) ? path.resolve(relOrAbsPath) : path.resolve(params.workdir, relOrAbsPath);
|
|
1628
|
-
const relativePath = resolvePreflightRelativePath({
|
|
1629
|
-
rootDir: params.workdir,
|
|
1630
|
-
absPath
|
|
1631
|
-
});
|
|
1632
|
-
if (!relativePath) continue;
|
|
1633
|
-
let content;
|
|
1634
|
-
try {
|
|
1635
|
-
content = (await readFileWithinRoot({
|
|
1636
|
-
rootDir: params.workdir,
|
|
1637
|
-
relativePath,
|
|
1638
|
-
nonBlockingRead: true,
|
|
1639
|
-
allowSymlinkTargetWithinRoot: true,
|
|
1640
|
-
maxBytes: 512 * 1024
|
|
1641
|
-
})).buffer.toString("utf-8");
|
|
1642
|
-
} catch (error) {
|
|
1643
|
-
if (shouldSkipScriptPreflightPathError(error, SafeOpenError)) continue;
|
|
1644
|
-
throw error;
|
|
1645
|
-
}
|
|
1646
|
-
const first = /\$[A-Z_][A-Z0-9_]{1,}/g.exec(content);
|
|
1647
|
-
if (first) {
|
|
1648
|
-
const idx = first.index;
|
|
1649
|
-
const line = content.slice(0, idx).split("\n").length;
|
|
1650
|
-
const token = first[0];
|
|
1651
|
-
throw new Error([
|
|
1652
|
-
`exec preflight: detected likely shell variable injection (${token}) in ${target.kind} script: ${path.basename(absPath)}:${line}.`,
|
|
1653
|
-
target.kind === "python" ? `In Python, use os.environ.get(${JSON.stringify(token.slice(1))}) instead of raw ${token}.` : `In Node.js, use process.env[${JSON.stringify(token.slice(1))}] instead of raw ${token}.`,
|
|
1654
|
-
"(If this is inside a string literal on purpose, escape it or restructure the code.)"
|
|
1655
|
-
].join("\n"));
|
|
1656
|
-
}
|
|
1657
|
-
if (target.kind === "node") {
|
|
1658
|
-
const firstNonEmpty = content.split(/\r?\n/).map((l) => l.trim()).find((l) => l.length > 0);
|
|
1659
|
-
if (firstNonEmpty && /^NODE\b/.test(firstNonEmpty)) throw new Error(`exec preflight: JS file starts with shell syntax (${firstNonEmpty}). This looks like a shell command, not JavaScript.`);
|
|
1660
|
-
}
|
|
1661
|
-
}
|
|
1662
|
-
}
|
|
1663
|
-
function shouldSkipExecScriptPreflight(params) {
|
|
1664
|
-
return params.host === "gateway" && params.security === "full" && params.ask === "off";
|
|
1665
|
-
}
|
|
1666
|
-
function parseExecApprovalShellCommand(raw) {
|
|
1667
|
-
const match = raw.trimStart().match(/^\/approve(?:@[^\s]+)?\s+([A-Za-z0-9][A-Za-z0-9._:-]*)\s+(allow-once|allow-always|always|deny)\b/i);
|
|
1668
|
-
if (!match) return null;
|
|
1669
|
-
return {
|
|
1670
|
-
approvalId: match[1],
|
|
1671
|
-
decision: normalizeLowercaseStringOrEmpty(match[2]) === "always" ? "allow-always" : normalizeLowercaseStringOrEmpty(match[2])
|
|
1672
|
-
};
|
|
1673
|
-
}
|
|
1674
|
-
function rejectExecApprovalShellCommand(command) {
|
|
1675
|
-
const isEnvAssignmentToken = (token) => /^[A-Za-z_][A-Za-z0-9_]*=.*$/u.test(token);
|
|
1676
|
-
const shellWrappers = new Set([
|
|
1677
|
-
"bash",
|
|
1678
|
-
"dash",
|
|
1679
|
-
"fish",
|
|
1680
|
-
"ksh",
|
|
1681
|
-
"sh",
|
|
1682
|
-
"zsh"
|
|
1683
|
-
]);
|
|
1684
|
-
const commandStandaloneOptions = new Set([
|
|
1685
|
-
"-p",
|
|
1686
|
-
"-v",
|
|
1687
|
-
"-V"
|
|
1688
|
-
]);
|
|
1689
|
-
const envOptionsWithValues = new Set([
|
|
1690
|
-
"-C",
|
|
1691
|
-
"-S",
|
|
1692
|
-
"-u",
|
|
1693
|
-
"--argv0",
|
|
1694
|
-
"--block-signal",
|
|
1695
|
-
"--chdir",
|
|
1696
|
-
"--default-signal",
|
|
1697
|
-
"--ignore-signal",
|
|
1698
|
-
"--split-string",
|
|
1699
|
-
"--unset"
|
|
1700
|
-
]);
|
|
1701
|
-
const execOptionsWithValues = new Set(["-a"]);
|
|
1702
|
-
const execStandaloneOptions = new Set(["-c", "-l"]);
|
|
1703
|
-
const sudoOptionsWithValues = new Set([
|
|
1704
|
-
"-C",
|
|
1705
|
-
"-D",
|
|
1706
|
-
"-g",
|
|
1707
|
-
"-p",
|
|
1708
|
-
"-R",
|
|
1709
|
-
"-T",
|
|
1710
|
-
"-U",
|
|
1711
|
-
"-u",
|
|
1712
|
-
"--chdir",
|
|
1713
|
-
"--close-from",
|
|
1714
|
-
"--group",
|
|
1715
|
-
"--host",
|
|
1716
|
-
"--other-user",
|
|
1717
|
-
"--prompt",
|
|
1718
|
-
"--role",
|
|
1719
|
-
"--type",
|
|
1720
|
-
"--user"
|
|
1721
|
-
]);
|
|
1722
|
-
const sudoStandaloneOptions = new Set([
|
|
1723
|
-
"-A",
|
|
1724
|
-
"-E",
|
|
1725
|
-
"--askpass",
|
|
1726
|
-
"--preserve-env"
|
|
1727
|
-
]);
|
|
1728
|
-
const extractEnvSplitStringPayload = (argv) => {
|
|
1729
|
-
const remaining = [...argv];
|
|
1730
|
-
while (remaining[0] && isEnvAssignmentToken(remaining[0])) remaining.shift();
|
|
1731
|
-
if (remaining[0] !== "env") return [];
|
|
1732
|
-
remaining.shift();
|
|
1733
|
-
const payloads = [];
|
|
1734
|
-
while (remaining.length > 0) {
|
|
1735
|
-
while (remaining[0] && isEnvAssignmentToken(remaining[0])) remaining.shift();
|
|
1736
|
-
const token = remaining[0];
|
|
1737
|
-
if (!token) break;
|
|
1738
|
-
if (token === "--") {
|
|
1739
|
-
remaining.shift();
|
|
1740
|
-
continue;
|
|
1741
|
-
}
|
|
1742
|
-
if (!token.startsWith("-") || token === "-") break;
|
|
1743
|
-
const option = remaining.shift();
|
|
1744
|
-
const normalized = option.split("=", 1)[0];
|
|
1745
|
-
if (normalized === "-S" || normalized === "--split-string") {
|
|
1746
|
-
const value = option.includes("=") ? option.slice(option.indexOf("=") + 1) : remaining.shift();
|
|
1747
|
-
if (value?.trim()) payloads.push(value);
|
|
1748
|
-
continue;
|
|
1749
|
-
}
|
|
1750
|
-
if (envOptionsWithValues.has(normalized) && !option.includes("=") && remaining[0]) remaining.shift();
|
|
1751
|
-
}
|
|
1752
|
-
return payloads;
|
|
1753
|
-
};
|
|
1754
|
-
const stripApprovalCommandPrefixes = (argv) => {
|
|
1755
|
-
const remaining = [...argv];
|
|
1756
|
-
while (remaining.length > 0) {
|
|
1757
|
-
while (remaining[0] && isEnvAssignmentToken(remaining[0])) remaining.shift();
|
|
1758
|
-
const token = remaining[0];
|
|
1759
|
-
if (!token) break;
|
|
1760
|
-
if (token === "--") {
|
|
1761
|
-
remaining.shift();
|
|
1762
|
-
continue;
|
|
1763
|
-
}
|
|
1764
|
-
if (token === "env") {
|
|
1765
|
-
remaining.shift();
|
|
1766
|
-
while (remaining.length > 0) {
|
|
1767
|
-
while (remaining[0] && isEnvAssignmentToken(remaining[0])) remaining.shift();
|
|
1768
|
-
const envToken = remaining[0];
|
|
1769
|
-
if (!envToken) break;
|
|
1770
|
-
if (envToken === "--") {
|
|
1771
|
-
remaining.shift();
|
|
1772
|
-
continue;
|
|
1773
|
-
}
|
|
1774
|
-
if (!envToken.startsWith("-") || envToken === "-") break;
|
|
1775
|
-
const option = remaining.shift();
|
|
1776
|
-
const normalized = option.split("=", 1)[0];
|
|
1777
|
-
if (envOptionsWithValues.has(normalized) && !option.includes("=") && remaining[0]) remaining.shift();
|
|
1778
|
-
}
|
|
1779
|
-
continue;
|
|
1780
|
-
}
|
|
1781
|
-
if (token === "command" || token === "builtin") {
|
|
1782
|
-
remaining.shift();
|
|
1783
|
-
while (remaining[0]?.startsWith("-")) {
|
|
1784
|
-
const option = remaining.shift();
|
|
1785
|
-
if (option === "--") break;
|
|
1786
|
-
if (!commandStandaloneOptions.has(option.split("=", 1)[0])) continue;
|
|
1787
|
-
}
|
|
1788
|
-
continue;
|
|
1789
|
-
}
|
|
1790
|
-
if (token === "exec") {
|
|
1791
|
-
remaining.shift();
|
|
1792
|
-
while (remaining[0]?.startsWith("-")) {
|
|
1793
|
-
const option = remaining.shift();
|
|
1794
|
-
if (option === "--") break;
|
|
1795
|
-
const normalized = option.split("=", 1)[0];
|
|
1796
|
-
if (execStandaloneOptions.has(normalized)) continue;
|
|
1797
|
-
if (execOptionsWithValues.has(normalized) && !option.includes("=") && remaining[0]) remaining.shift();
|
|
1798
|
-
}
|
|
1799
|
-
continue;
|
|
1800
|
-
}
|
|
1801
|
-
if (token === "sudo") {
|
|
1802
|
-
remaining.shift();
|
|
1803
|
-
while (remaining[0]?.startsWith("-")) {
|
|
1804
|
-
const option = remaining.shift();
|
|
1805
|
-
if (option === "--") break;
|
|
1806
|
-
const normalized = option.split("=", 1)[0];
|
|
1807
|
-
if (sudoStandaloneOptions.has(normalized)) continue;
|
|
1808
|
-
if (sudoOptionsWithValues.has(normalized) && !option.includes("=") && remaining[0]) remaining.shift();
|
|
1809
|
-
}
|
|
1810
|
-
continue;
|
|
1811
|
-
}
|
|
1812
|
-
break;
|
|
1813
|
-
}
|
|
1814
|
-
return remaining;
|
|
1815
|
-
};
|
|
1816
|
-
const extractShellWrapperPayload = (argv) => {
|
|
1817
|
-
const [commandName, ...rest] = argv;
|
|
1818
|
-
if (!commandName || !shellWrappers.has(path.basename(commandName))) return [];
|
|
1819
|
-
for (let i = 0; i < rest.length; i += 1) {
|
|
1820
|
-
const token = rest[i];
|
|
1821
|
-
if (!token) continue;
|
|
1822
|
-
if (token === "-c" || token === "-lc" || token === "-ic" || token === "-xc") return rest[i + 1] ? [rest[i + 1]] : [];
|
|
1823
|
-
if (/^-[^-]*c[^-]*$/u.test(token)) return rest[i + 1] ? [rest[i + 1]] : [];
|
|
1824
|
-
}
|
|
1825
|
-
return [];
|
|
1826
|
-
};
|
|
1827
|
-
const buildCandidates = (argv) => {
|
|
1828
|
-
const envSplitCandidates = extractEnvSplitStringPayload(argv).flatMap((payload) => {
|
|
1829
|
-
const innerArgv = splitShellArgs(payload);
|
|
1830
|
-
return innerArgv ? buildCandidates(innerArgv) : [payload];
|
|
1831
|
-
});
|
|
1832
|
-
const stripped = stripApprovalCommandPrefixes(argv);
|
|
1833
|
-
const shellWrapperCandidates = extractShellWrapperPayload(stripped).flatMap((payload) => {
|
|
1834
|
-
const innerArgv = splitShellArgs(payload);
|
|
1835
|
-
return innerArgv ? buildCandidates(innerArgv) : [payload];
|
|
1836
|
-
});
|
|
1837
|
-
return [
|
|
1838
|
-
...stripped.length > 0 ? [stripped.join(" ")] : [],
|
|
1839
|
-
...envSplitCandidates,
|
|
1840
|
-
...shellWrapperCandidates
|
|
1841
|
-
];
|
|
1842
|
-
};
|
|
1843
|
-
const rawCommand = command.trim();
|
|
1844
|
-
const analysis = analyzeShellCommand({ command: rawCommand });
|
|
1845
|
-
const candidates = analysis.ok ? analysis.segments.flatMap((segment) => buildCandidates(segment.argv)) : rawCommand.split(/\r?\n/).map((line) => line.trim()).filter(Boolean).flatMap((line) => {
|
|
1846
|
-
const argv = splitShellArgs(line);
|
|
1847
|
-
return argv ? buildCandidates(argv) : [line];
|
|
1848
|
-
});
|
|
1849
|
-
for (const candidate of candidates) {
|
|
1850
|
-
if (!parseExecApprovalShellCommand(candidate)) continue;
|
|
1851
|
-
throw new Error(["exec cannot run /approve commands.", "Show the /approve command to the user as chat text, or route it through the approval command handler instead of shell execution."].join(" "));
|
|
1852
|
-
}
|
|
1853
|
-
}
|
|
1854
|
-
function createExecTool(defaults) {
|
|
1855
|
-
const defaultBackgroundMs = clampWithDefault(defaults?.backgroundMs ?? readEnvInt("PI_BASH_YIELD_MS"), 1e4, 10, 12e4);
|
|
1856
|
-
const allowBackground = defaults?.allowBackground ?? true;
|
|
1857
|
-
const defaultTimeoutSec = typeof defaults?.timeoutSec === "number" && defaults.timeoutSec > 0 ? defaults.timeoutSec : 1800;
|
|
1858
|
-
const defaultPathPrepend = normalizePathPrepend(defaults?.pathPrepend);
|
|
1859
|
-
const { safeBins, safeBinProfiles, trustedSafeBinDirs, unprofiledSafeBins, unprofiledInterpreterSafeBins } = resolveExecSafeBinRuntimePolicy({
|
|
1860
|
-
local: {
|
|
1861
|
-
safeBins: defaults?.safeBins,
|
|
1862
|
-
safeBinTrustedDirs: defaults?.safeBinTrustedDirs,
|
|
1863
|
-
safeBinProfiles: defaults?.safeBinProfiles
|
|
1864
|
-
},
|
|
1865
|
-
onWarning: (message) => {
|
|
1866
|
-
logInfo(message);
|
|
1867
|
-
}
|
|
1868
|
-
});
|
|
1869
|
-
if (unprofiledSafeBins.length > 0) logInfo(`exec: ignoring unprofiled safeBins entries (${unprofiledSafeBins.toSorted().join(", ")}); use allowlist or define tools.exec.safeBinProfiles.<bin>`);
|
|
1870
|
-
if (unprofiledInterpreterSafeBins.length > 0) logInfo(`exec: interpreter/runtime binaries in safeBins (${unprofiledInterpreterSafeBins.join(", ")}) are unsafe without explicit hardened profiles; prefer allowlist entries`);
|
|
1871
|
-
const notifyOnExit = defaults?.notifyOnExit !== false;
|
|
1872
|
-
const notifyOnExitEmptySuccess = defaults?.notifyOnExitEmptySuccess === true;
|
|
1873
|
-
const notifySessionKey = normalizeOptionalString(defaults?.sessionKey);
|
|
1874
|
-
const notifyDeliveryContext = normalizeDeliveryContext({
|
|
1875
|
-
channel: defaults?.messageProvider,
|
|
1876
|
-
to: defaults?.currentChannelId,
|
|
1877
|
-
accountId: defaults?.accountId,
|
|
1878
|
-
threadId: defaults?.currentThreadTs
|
|
1879
|
-
});
|
|
1880
|
-
const approvalRunningNoticeMs = resolveApprovalRunningNoticeMs(defaults?.approvalRunningNoticeMs);
|
|
1881
|
-
const parsedAgentSession = parseAgentSessionKey(defaults?.sessionKey);
|
|
1882
|
-
const agentId = defaults?.agentId ?? (parsedAgentSession ? resolveAgentIdFromSessionKey(defaults?.sessionKey) : void 0);
|
|
1883
|
-
return {
|
|
1884
|
-
name: "exec",
|
|
1885
|
-
label: "exec",
|
|
1886
|
-
displaySummary: EXEC_TOOL_DISPLAY_SUMMARY,
|
|
1887
|
-
get description() {
|
|
1888
|
-
return describeExecTool({
|
|
1889
|
-
agentId,
|
|
1890
|
-
hasCronTool: defaults?.hasCronTool === true
|
|
1891
|
-
});
|
|
1892
|
-
},
|
|
1893
|
-
parameters: execSchema,
|
|
1894
|
-
execute: async (_toolCallId, args, signal, onUpdate) => {
|
|
1895
|
-
const params = args;
|
|
1896
|
-
if (!params.command) throw new Error("Provide a command to start.");
|
|
1897
|
-
const maxOutput = DEFAULT_MAX_OUTPUT;
|
|
1898
|
-
const pendingMaxOutput = DEFAULT_PENDING_MAX_OUTPUT;
|
|
1899
|
-
const warnings = [];
|
|
1900
|
-
let execCommandOverride;
|
|
1901
|
-
const backgroundRequested = params.background === true;
|
|
1902
|
-
const yieldRequested = typeof params.yieldMs === "number";
|
|
1903
|
-
if (!allowBackground && (backgroundRequested || yieldRequested)) warnings.push("Warning: background execution is disabled; running synchronously.");
|
|
1904
|
-
const yieldWindow = allowBackground ? backgroundRequested ? 0 : clampWithDefault(params.yieldMs ?? defaultBackgroundMs, defaultBackgroundMs, 10, 12e4) : null;
|
|
1905
|
-
const elevatedDefaults = defaults?.elevated;
|
|
1906
|
-
const elevatedAllowed = Boolean(elevatedDefaults?.enabled && elevatedDefaults.allowed);
|
|
1907
|
-
const elevatedDefaultMode = elevatedDefaults?.defaultLevel === "full" ? "full" : elevatedDefaults?.defaultLevel === "ask" ? "ask" : elevatedDefaults?.defaultLevel === "on" ? "ask" : "off";
|
|
1908
|
-
const effectiveDefaultMode = elevatedAllowed ? elevatedDefaultMode : "off";
|
|
1909
|
-
const elevatedMode = typeof params.elevated === "boolean" ? params.elevated ? elevatedDefaultMode === "full" ? "full" : "ask" : "off" : effectiveDefaultMode;
|
|
1910
|
-
const elevatedRequested = elevatedMode !== "off";
|
|
1911
|
-
if (elevatedRequested) {
|
|
1912
|
-
if (!elevatedDefaults?.enabled || !elevatedDefaults.allowed) {
|
|
1913
|
-
const runtime = defaults?.sandbox ? "sandboxed" : "direct";
|
|
1914
|
-
const gates = [];
|
|
1915
|
-
const contextParts = [];
|
|
1916
|
-
const provider = normalizeOptionalString(defaults?.messageProvider);
|
|
1917
|
-
const sessionKey = normalizeOptionalString(defaults?.sessionKey);
|
|
1918
|
-
if (provider) contextParts.push(`provider=${provider}`);
|
|
1919
|
-
if (sessionKey) contextParts.push(`session=${sessionKey}`);
|
|
1920
|
-
if (!elevatedDefaults?.enabled) gates.push("enabled (tools.elevated.enabled / agents.list[].tools.elevated.enabled)");
|
|
1921
|
-
else gates.push("allowFrom (tools.elevated.allowFrom.<provider> / agents.list[].tools.elevated.allowFrom.<provider>)");
|
|
1922
|
-
throw new Error([
|
|
1923
|
-
`elevated is not available right now (runtime=${runtime}).`,
|
|
1924
|
-
`Failing gates: ${gates.join(", ")}`,
|
|
1925
|
-
contextParts.length > 0 ? `Context: ${contextParts.join(" ")}` : void 0,
|
|
1926
|
-
"Fix-it keys:",
|
|
1927
|
-
"- tools.elevated.enabled",
|
|
1928
|
-
"- tools.elevated.allowFrom.<provider>",
|
|
1929
|
-
"- agents.list[].tools.elevated.enabled",
|
|
1930
|
-
"- agents.list[].tools.elevated.allowFrom.<provider>"
|
|
1931
|
-
].filter(Boolean).join("\n"));
|
|
1932
|
-
}
|
|
1933
|
-
}
|
|
1934
|
-
if (elevatedRequested) logInfo(`exec: elevated command ${truncateMiddle(params.command, 120)}`);
|
|
1935
|
-
const target = resolveExecTarget({
|
|
1936
|
-
configuredTarget: defaults?.host,
|
|
1937
|
-
requestedTarget: normalizeExecTarget(params.host),
|
|
1938
|
-
elevatedRequested,
|
|
1939
|
-
sandboxAvailable: Boolean(defaults?.sandbox)
|
|
1940
|
-
});
|
|
1941
|
-
const host = target.effectiveHost;
|
|
1942
|
-
const approvalDefaults = loadExecApprovals().defaults;
|
|
1943
|
-
const configuredSecurity = defaults?.security ?? approvalDefaults?.security ?? (host === "sandbox" ? "deny" : "full");
|
|
1944
|
-
let security = minSecurity(configuredSecurity, normalizeExecSecurity(params.security) ?? configuredSecurity);
|
|
1945
|
-
if (elevatedRequested && elevatedMode === "full") security = "full";
|
|
1946
|
-
const configuredAsk = defaults?.ask ?? approvalDefaults?.ask ?? "off";
|
|
1947
|
-
let ask = maxAsk(configuredAsk, normalizeExecAsk(params.ask) ?? configuredAsk);
|
|
1948
|
-
const bypassApprovals = elevatedRequested && elevatedMode === "full";
|
|
1949
|
-
if (bypassApprovals) ask = "off";
|
|
1950
|
-
if (defaults?.safeguard?.enabled !== false) {
|
|
1951
|
-
const safeguardAnalysis = analyzeShellCommand({ command: params.command });
|
|
1952
|
-
let verdict = evaluateExecSafeguard(safeguardAnalysis, { rawCommand: params.command });
|
|
1953
|
-
const evaluateModel = defaults?.safeguard?.evaluateCommandImpact;
|
|
1954
|
-
if (evaluateModel && verdict.risk !== "high" && isAmbiguousForModel(safeguardAnalysis)) {
|
|
1955
|
-
const timeoutMs = Math.max(1, Math.floor(defaults?.safeguard?.timeoutSeconds ?? 20)) * 1e3;
|
|
1956
|
-
const controller = new AbortController();
|
|
1957
|
-
const onOuterAbort = () => controller.abort();
|
|
1958
|
-
signal?.addEventListener("abort", onOuterAbort, { once: true });
|
|
1959
|
-
const timer = setTimeout(() => controller.abort(), timeoutMs);
|
|
1960
|
-
try {
|
|
1961
|
-
const modelVerdict = parseModelRiskVerdict(await evaluateModel(params.command, controller.signal));
|
|
1962
|
-
if (modelVerdict) verdict = mergeSafeguardVerdicts(verdict, modelVerdict);
|
|
1963
|
-
} catch {} finally {
|
|
1964
|
-
clearTimeout(timer);
|
|
1965
|
-
signal?.removeEventListener("abort", onOuterAbort);
|
|
1966
|
-
}
|
|
1967
|
-
}
|
|
1968
|
-
if (verdict.risk === "high") throw new Error([
|
|
1969
|
-
"Safeguard blocked this command: predicted high system impact.",
|
|
1970
|
-
`Reasons: ${verdict.reasons.join("; ")}`,
|
|
1971
|
-
"This command was not run. If it is genuinely required, run it yourself or adjust tools.exec.safeguard."
|
|
1972
|
-
].join("\n"));
|
|
1973
|
-
if (verdict.risk === "medium" && !bypassApprovals) {
|
|
1974
|
-
ask = "always";
|
|
1975
|
-
warnings.push(`Safeguard: medium-risk command requires approval (${verdict.reasons.join("; ")}).`);
|
|
1976
|
-
}
|
|
1977
|
-
}
|
|
1978
|
-
const sandbox = host === "sandbox" ? defaults?.sandbox : void 0;
|
|
1979
|
-
if (target.selectedTarget === "sandbox" && !sandbox) throw new Error(["exec host=sandbox requires a sandbox runtime for this session.", "Enable sandbox mode (`agents.defaults.sandbox.mode=\"non-main\"` or `\"all\"`) or use host=auto/gateway/node."].join("\n"));
|
|
1980
|
-
const explicitWorkdir = normalizeOptionalString(params.workdir);
|
|
1981
|
-
const defaultWorkdir = normalizeOptionalString(defaults?.cwd);
|
|
1982
|
-
let workdir;
|
|
1983
|
-
let containerWorkdir = sandbox?.containerWorkdir;
|
|
1984
|
-
if (sandbox) {
|
|
1985
|
-
const resolved = await resolveSandboxWorkdir({
|
|
1986
|
-
workdir: explicitWorkdir ?? defaultWorkdir ?? process.cwd(),
|
|
1987
|
-
sandbox,
|
|
1988
|
-
warnings
|
|
1989
|
-
});
|
|
1990
|
-
workdir = resolved.hostWorkdir;
|
|
1991
|
-
containerWorkdir = resolved.containerWorkdir;
|
|
1992
|
-
} else if (host === "node") workdir = explicitWorkdir;
|
|
1993
|
-
else workdir = resolveWorkdir(explicitWorkdir ?? defaultWorkdir ?? process.cwd(), warnings);
|
|
1994
|
-
rejectExecApprovalShellCommand(params.command);
|
|
1995
|
-
const inheritedBaseEnv = coerceEnv(process.env);
|
|
1996
|
-
const hostEnvResult = host === "sandbox" ? null : sanitizeHostExecEnvWithDiagnostics({
|
|
1997
|
-
baseEnv: inheritedBaseEnv,
|
|
1998
|
-
overrides: params.env,
|
|
1999
|
-
blockPathOverrides: true
|
|
2000
|
-
});
|
|
2001
|
-
if (hostEnvResult && params.env && (hostEnvResult.rejectedOverrideBlockedKeys.length > 0 || hostEnvResult.rejectedOverrideInvalidKeys.length > 0)) {
|
|
2002
|
-
const blockedKeys = hostEnvResult.rejectedOverrideBlockedKeys;
|
|
2003
|
-
const invalidKeys = hostEnvResult.rejectedOverrideInvalidKeys;
|
|
2004
|
-
const pathBlocked = blockedKeys.includes("PATH");
|
|
2005
|
-
if (pathBlocked && blockedKeys.length === 1 && invalidKeys.length === 0) throw new Error("Security Violation: Custom 'PATH' variable is forbidden during host execution.");
|
|
2006
|
-
if (blockedKeys.length === 1 && invalidKeys.length === 0) throw new Error(`Security Violation: Environment variable '${blockedKeys[0]}' is forbidden during host execution.`);
|
|
2007
|
-
const details = [];
|
|
2008
|
-
if (blockedKeys.length > 0) details.push(`blocked override keys: ${blockedKeys.join(", ")}`);
|
|
2009
|
-
if (invalidKeys.length > 0) details.push(`invalid non-portable override keys: ${invalidKeys.join(", ")}`);
|
|
2010
|
-
const suffix = details.join("; ");
|
|
2011
|
-
if (pathBlocked) throw new Error(`Security Violation: Custom 'PATH' variable is forbidden during host execution (${suffix}).`);
|
|
2012
|
-
throw new Error(`Security Violation: ${suffix}.`);
|
|
2013
|
-
}
|
|
2014
|
-
const env = sandbox && host === "sandbox" ? buildSandboxEnv({
|
|
2015
|
-
defaultPath: DEFAULT_PATH,
|
|
2016
|
-
paramsEnv: params.env,
|
|
2017
|
-
sandboxEnv: sandbox.env,
|
|
2018
|
-
containerWorkdir: containerWorkdir ?? sandbox.containerWorkdir
|
|
2019
|
-
}) : hostEnvResult?.env ?? inheritedBaseEnv;
|
|
2020
|
-
if (!sandbox && host === "gateway" && !params.env?.PATH) applyShellPath(env, getShellPathFromLoginShell({
|
|
2021
|
-
env: process.env,
|
|
2022
|
-
timeoutMs: resolveShellEnvFallbackTimeoutMs(process.env)
|
|
2023
|
-
}));
|
|
2024
|
-
if (host === "node" && defaultPathPrepend.length > 0) warnings.push("Warning: tools.exec.pathPrepend is ignored for host=node. Configure PATH on the node host/service instead.");
|
|
2025
|
-
else applyPathPrepend(env, defaultPathPrepend);
|
|
2026
|
-
if (host === "node") return executeNodeHostCommand({
|
|
2027
|
-
command: params.command,
|
|
2028
|
-
workdir,
|
|
2029
|
-
env,
|
|
2030
|
-
requestedEnv: params.env,
|
|
2031
|
-
requestedNode: params.node?.trim(),
|
|
2032
|
-
boundNode: defaults?.node?.trim(),
|
|
2033
|
-
sessionKey: defaults?.sessionKey,
|
|
2034
|
-
turnSourceChannel: defaults?.messageProvider,
|
|
2035
|
-
turnSourceTo: defaults?.currentChannelId,
|
|
2036
|
-
turnSourceAccountId: defaults?.accountId,
|
|
2037
|
-
turnSourceThreadId: defaults?.currentThreadTs,
|
|
2038
|
-
agentId,
|
|
2039
|
-
security,
|
|
2040
|
-
ask,
|
|
2041
|
-
strictInlineEval: defaults?.strictInlineEval,
|
|
2042
|
-
trigger: defaults?.trigger,
|
|
2043
|
-
timeoutSec: params.timeout,
|
|
2044
|
-
defaultTimeoutSec,
|
|
2045
|
-
approvalRunningNoticeMs,
|
|
2046
|
-
warnings,
|
|
2047
|
-
notifySessionKey,
|
|
2048
|
-
notifyOnExit,
|
|
2049
|
-
trustedSafeBinDirs
|
|
2050
|
-
});
|
|
2051
|
-
if (!workdir) throw new Error("exec internal error: local execution requires a resolved workdir");
|
|
2052
|
-
if (host === "gateway" && !bypassApprovals) {
|
|
2053
|
-
const gatewayResult = await processGatewayAllowlist({
|
|
2054
|
-
command: params.command,
|
|
2055
|
-
workdir,
|
|
2056
|
-
env,
|
|
2057
|
-
requestedEnv: params.env,
|
|
2058
|
-
pty: params.pty === true && !sandbox,
|
|
2059
|
-
timeoutSec: params.timeout,
|
|
2060
|
-
defaultTimeoutSec,
|
|
2061
|
-
security,
|
|
2062
|
-
ask,
|
|
2063
|
-
safeBins,
|
|
2064
|
-
safeBinProfiles,
|
|
2065
|
-
strictInlineEval: defaults?.strictInlineEval,
|
|
2066
|
-
trigger: defaults?.trigger,
|
|
2067
|
-
agentId,
|
|
2068
|
-
sessionKey: defaults?.sessionKey,
|
|
2069
|
-
turnSourceChannel: defaults?.messageProvider,
|
|
2070
|
-
turnSourceTo: defaults?.currentChannelId,
|
|
2071
|
-
turnSourceAccountId: defaults?.accountId,
|
|
2072
|
-
turnSourceThreadId: defaults?.currentThreadTs,
|
|
2073
|
-
scopeKey: defaults?.scopeKey,
|
|
2074
|
-
warnings,
|
|
2075
|
-
notifySessionKey,
|
|
2076
|
-
approvalRunningNoticeMs,
|
|
2077
|
-
maxOutput,
|
|
2078
|
-
pendingMaxOutput,
|
|
2079
|
-
trustedSafeBinDirs
|
|
2080
|
-
});
|
|
2081
|
-
if (gatewayResult.pendingResult) return gatewayResult.pendingResult;
|
|
2082
|
-
execCommandOverride = gatewayResult.execCommandOverride;
|
|
2083
|
-
if (gatewayResult.allowWithoutEnforcedCommand) execCommandOverride = void 0;
|
|
2084
|
-
}
|
|
2085
|
-
const explicitTimeoutSec = typeof params.timeout === "number" ? params.timeout : null;
|
|
2086
|
-
const effectiveTimeout = allowBackground && explicitTimeoutSec === null && (backgroundRequested || yieldRequested) ? null : explicitTimeoutSec ?? defaultTimeoutSec;
|
|
2087
|
-
const getWarningText = () => warnings.length ? `${warnings.join("\n")}\n\n` : "";
|
|
2088
|
-
const usePty = params.pty === true && !sandbox;
|
|
2089
|
-
if (!shouldSkipExecScriptPreflight({
|
|
2090
|
-
host,
|
|
2091
|
-
security,
|
|
2092
|
-
ask
|
|
2093
|
-
})) await validateScriptFileForShellBleed({
|
|
2094
|
-
command: params.command,
|
|
2095
|
-
workdir
|
|
2096
|
-
});
|
|
2097
|
-
const run = await runExecProcess({
|
|
2098
|
-
command: params.command,
|
|
2099
|
-
execCommand: execCommandOverride,
|
|
2100
|
-
workdir,
|
|
2101
|
-
env,
|
|
2102
|
-
sandbox,
|
|
2103
|
-
containerWorkdir,
|
|
2104
|
-
usePty,
|
|
2105
|
-
warnings,
|
|
2106
|
-
maxOutput,
|
|
2107
|
-
pendingMaxOutput,
|
|
2108
|
-
notifyOnExit,
|
|
2109
|
-
notifyOnExitEmptySuccess,
|
|
2110
|
-
scopeKey: defaults?.scopeKey,
|
|
2111
|
-
sessionKey: notifySessionKey,
|
|
2112
|
-
notifyDeliveryContext,
|
|
2113
|
-
timeoutSec: effectiveTimeout,
|
|
2114
|
-
onUpdate
|
|
2115
|
-
});
|
|
2116
|
-
let yielded = false;
|
|
2117
|
-
let yieldTimer = null;
|
|
2118
|
-
const onAbortSignal = () => {
|
|
2119
|
-
run.disableUpdates();
|
|
2120
|
-
if (yielded || run.session.backgrounded) return;
|
|
2121
|
-
run.kill();
|
|
2122
|
-
};
|
|
2123
|
-
if (signal?.aborted) onAbortSignal();
|
|
2124
|
-
else if (signal) signal.addEventListener("abort", onAbortSignal, { once: true });
|
|
2125
|
-
return new Promise((resolve, reject) => {
|
|
2126
|
-
const resolveRunning = () => resolve({
|
|
2127
|
-
content: [{
|
|
2128
|
-
type: "text",
|
|
2129
|
-
text: `${getWarningText()}Command still running (session ${run.session.id}, pid ${run.session.pid ?? "n/a"}). Use process (list/poll/log/write/kill/clear/remove) for follow-up.`
|
|
2130
|
-
}],
|
|
2131
|
-
details: {
|
|
2132
|
-
status: "running",
|
|
2133
|
-
sessionId: run.session.id,
|
|
2134
|
-
pid: run.session.pid ?? void 0,
|
|
2135
|
-
startedAt: run.startedAt,
|
|
2136
|
-
cwd: run.session.cwd,
|
|
2137
|
-
tail: run.session.tail
|
|
2138
|
-
}
|
|
2139
|
-
});
|
|
2140
|
-
const onYieldNow = () => {
|
|
2141
|
-
if (yieldTimer) clearTimeout(yieldTimer);
|
|
2142
|
-
if (yielded) return;
|
|
2143
|
-
yielded = true;
|
|
2144
|
-
markBackgrounded(run.session);
|
|
2145
|
-
resolveRunning();
|
|
2146
|
-
};
|
|
2147
|
-
if (allowBackground && yieldWindow !== null) if (yieldWindow === 0) onYieldNow();
|
|
2148
|
-
else yieldTimer = setTimeout(() => {
|
|
2149
|
-
if (yielded) return;
|
|
2150
|
-
yielded = true;
|
|
2151
|
-
markBackgrounded(run.session);
|
|
2152
|
-
resolveRunning();
|
|
2153
|
-
}, yieldWindow);
|
|
2154
|
-
run.promise.then((outcome) => {
|
|
2155
|
-
if (yieldTimer) clearTimeout(yieldTimer);
|
|
2156
|
-
if (yielded || run.session.backgrounded) return;
|
|
2157
|
-
resolve(buildExecForegroundResult({
|
|
2158
|
-
outcome,
|
|
2159
|
-
cwd: run.session.cwd,
|
|
2160
|
-
warningText: getWarningText()
|
|
2161
|
-
}));
|
|
2162
|
-
}).catch((err) => {
|
|
2163
|
-
if (yieldTimer) clearTimeout(yieldTimer);
|
|
2164
|
-
if (yielded || run.session.backgrounded) return;
|
|
2165
|
-
reject(err);
|
|
2166
|
-
});
|
|
2167
|
-
});
|
|
2168
|
-
}
|
|
2169
|
-
};
|
|
2170
|
-
}
|
|
2171
|
-
const execTool = createExecTool();
|
|
2172
|
-
//#endregion
|
|
2173
|
-
//#region src/agents/pty-keys.ts
|
|
2174
|
-
const ESC = "\x1B";
|
|
2175
|
-
const CR = "\r";
|
|
2176
|
-
const TAB = " ";
|
|
2177
|
-
const BACKSPACE = "";
|
|
2178
|
-
const BRACKETED_PASTE_START = `${ESC}[200~`;
|
|
2179
|
-
const BRACKETED_PASTE_END = `${ESC}[201~`;
|
|
2180
|
-
/** SS3 sequences for DECCKM application cursor key mode (smkx). */
|
|
2181
|
-
const DECCKM_SS3_KEYS = {
|
|
2182
|
-
up: `${ESC}OA`,
|
|
2183
|
-
down: `${ESC}OB`,
|
|
2184
|
-
right: `${ESC}OC`,
|
|
2185
|
-
left: `${ESC}OD`,
|
|
2186
|
-
home: `${ESC}OH`,
|
|
2187
|
-
end: `${ESC}OF`
|
|
2188
|
-
};
|
|
2189
|
-
const namedKeyMap = new Map([
|
|
2190
|
-
["enter", CR],
|
|
2191
|
-
["return", CR],
|
|
2192
|
-
["tab", TAB],
|
|
2193
|
-
["escape", ESC],
|
|
2194
|
-
["esc", ESC],
|
|
2195
|
-
["space", " "],
|
|
2196
|
-
["bspace", BACKSPACE],
|
|
2197
|
-
["backspace", BACKSPACE],
|
|
2198
|
-
["up", `${ESC}[A`],
|
|
2199
|
-
["down", `${ESC}[B`],
|
|
2200
|
-
["right", `${ESC}[C`],
|
|
2201
|
-
["left", `${ESC}[D`],
|
|
2202
|
-
["home", `${ESC}[1~`],
|
|
2203
|
-
["end", `${ESC}[4~`],
|
|
2204
|
-
["pageup", `${ESC}[5~`],
|
|
2205
|
-
["pgup", `${ESC}[5~`],
|
|
2206
|
-
["ppage", `${ESC}[5~`],
|
|
2207
|
-
["pagedown", `${ESC}[6~`],
|
|
2208
|
-
["pgdn", `${ESC}[6~`],
|
|
2209
|
-
["npage", `${ESC}[6~`],
|
|
2210
|
-
["insert", `${ESC}[2~`],
|
|
2211
|
-
["ic", `${ESC}[2~`],
|
|
2212
|
-
["delete", `${ESC}[3~`],
|
|
2213
|
-
["del", `${ESC}[3~`],
|
|
2214
|
-
["dc", `${ESC}[3~`],
|
|
2215
|
-
["btab", `${ESC}[Z`],
|
|
2216
|
-
["f1", `${ESC}OP`],
|
|
2217
|
-
["f2", `${ESC}OQ`],
|
|
2218
|
-
["f3", `${ESC}OR`],
|
|
2219
|
-
["f4", `${ESC}OS`],
|
|
2220
|
-
["f5", `${ESC}[15~`],
|
|
2221
|
-
["f6", `${ESC}[17~`],
|
|
2222
|
-
["f7", `${ESC}[18~`],
|
|
2223
|
-
["f8", `${ESC}[19~`],
|
|
2224
|
-
["f9", `${ESC}[20~`],
|
|
2225
|
-
["f10", `${ESC}[21~`],
|
|
2226
|
-
["f11", `${ESC}[23~`],
|
|
2227
|
-
["f12", `${ESC}[24~`],
|
|
2228
|
-
["kp/", `${ESC}Oo`],
|
|
2229
|
-
["kp*", `${ESC}Oj`],
|
|
2230
|
-
["kp-", `${ESC}Om`],
|
|
2231
|
-
["kp+", `${ESC}Ok`],
|
|
2232
|
-
["kp7", `${ESC}Ow`],
|
|
2233
|
-
["kp8", `${ESC}Ox`],
|
|
2234
|
-
["kp9", `${ESC}Oy`],
|
|
2235
|
-
["kp4", `${ESC}Ot`],
|
|
2236
|
-
["kp5", `${ESC}Ou`],
|
|
2237
|
-
["kp6", `${ESC}Ov`],
|
|
2238
|
-
["kp1", `${ESC}Oq`],
|
|
2239
|
-
["kp2", `${ESC}Or`],
|
|
2240
|
-
["kp3", `${ESC}Os`],
|
|
2241
|
-
["kp0", `${ESC}Op`],
|
|
2242
|
-
["kp.", `${ESC}On`],
|
|
2243
|
-
["kpenter", `${ESC}OM`]
|
|
2244
|
-
]);
|
|
2245
|
-
const modifiableNamedKeys = new Set([
|
|
2246
|
-
"up",
|
|
2247
|
-
"down",
|
|
2248
|
-
"left",
|
|
2249
|
-
"right",
|
|
2250
|
-
"home",
|
|
2251
|
-
"end",
|
|
2252
|
-
"pageup",
|
|
2253
|
-
"pgup",
|
|
2254
|
-
"ppage",
|
|
2255
|
-
"pagedown",
|
|
2256
|
-
"pgdn",
|
|
2257
|
-
"npage",
|
|
2258
|
-
"insert",
|
|
2259
|
-
"ic",
|
|
2260
|
-
"delete",
|
|
2261
|
-
"del",
|
|
2262
|
-
"dc"
|
|
2263
|
-
]);
|
|
2264
|
-
function hasCursorModeSensitiveKeys(request) {
|
|
2265
|
-
return request.keys?.some((raw) => {
|
|
2266
|
-
const token = raw.trim();
|
|
2267
|
-
if (!token) return false;
|
|
2268
|
-
const parsed = parseModifiers(token);
|
|
2269
|
-
if (hasAnyModifier(parsed.mods)) return false;
|
|
2270
|
-
return normalizeLowercaseStringOrEmpty(parsed.base) in DECCKM_SS3_KEYS;
|
|
2271
|
-
}) ?? false;
|
|
2272
|
-
}
|
|
2273
|
-
function encodeKeySequence(request, cursorKeyMode) {
|
|
2274
|
-
const warnings = [];
|
|
2275
|
-
let data = "";
|
|
2276
|
-
if (request.literal) data += request.literal;
|
|
2277
|
-
if (request.hex?.length) for (const raw of request.hex) {
|
|
2278
|
-
const byte = parseHexByte(raw);
|
|
2279
|
-
if (byte === null) {
|
|
2280
|
-
warnings.push(`Invalid hex byte: ${raw}`);
|
|
2281
|
-
continue;
|
|
2282
|
-
}
|
|
2283
|
-
data += String.fromCharCode(byte);
|
|
2284
|
-
}
|
|
2285
|
-
if (request.keys?.length) for (const token of request.keys) data += encodeKeyToken(token, warnings, cursorKeyMode);
|
|
2286
|
-
return {
|
|
2287
|
-
data,
|
|
2288
|
-
warnings
|
|
2289
|
-
};
|
|
2290
|
-
}
|
|
2291
|
-
function encodePaste(text, bracketed = true) {
|
|
2292
|
-
if (!bracketed) return text;
|
|
2293
|
-
return `${BRACKETED_PASTE_START}${text}${BRACKETED_PASTE_END}`;
|
|
2294
|
-
}
|
|
2295
|
-
function encodeKeyToken(raw, warnings, cursorKeyMode) {
|
|
2296
|
-
const token = raw.trim();
|
|
2297
|
-
if (!token) return "";
|
|
2298
|
-
if (token.length === 2 && token.startsWith("^")) {
|
|
2299
|
-
const ctrl = toCtrlChar(token[1]);
|
|
2300
|
-
if (ctrl) return ctrl;
|
|
2301
|
-
}
|
|
2302
|
-
const parsed = parseModifiers(token);
|
|
2303
|
-
const base = parsed.base;
|
|
2304
|
-
const baseLower = normalizeLowercaseStringOrEmpty(base);
|
|
2305
|
-
if (baseLower === "tab" && parsed.mods.shift) return `${ESC}[Z`;
|
|
2306
|
-
if (modifiableNamedKeys.has(baseLower) && cursorKeyMode === "application" && !hasAnyModifier(parsed.mods)) {
|
|
2307
|
-
const ss3Seq = DECCKM_SS3_KEYS[baseLower];
|
|
2308
|
-
if (ss3Seq) return ss3Seq;
|
|
2309
|
-
}
|
|
2310
|
-
const baseSeq = namedKeyMap.get(baseLower);
|
|
2311
|
-
if (baseSeq) {
|
|
2312
|
-
let seq = baseSeq;
|
|
2313
|
-
if (modifiableNamedKeys.has(baseLower) && hasAnyModifier(parsed.mods)) {
|
|
2314
|
-
const mod = xtermModifier(parsed.mods);
|
|
2315
|
-
if (mod > 1) {
|
|
2316
|
-
const modified = applyXtermModifier(seq, mod);
|
|
2317
|
-
if (modified) {
|
|
2318
|
-
seq = modified;
|
|
2319
|
-
return seq;
|
|
2320
|
-
}
|
|
2321
|
-
}
|
|
2322
|
-
}
|
|
2323
|
-
if (parsed.mods.alt) return `${ESC}${seq}`;
|
|
2324
|
-
return seq;
|
|
2325
|
-
}
|
|
2326
|
-
if (base.length === 1) return applyCharModifiers(base, parsed.mods);
|
|
2327
|
-
if (parsed.hasModifiers) warnings.push(`Unknown key "${base}" for modifiers; sending literal.`);
|
|
2328
|
-
return base;
|
|
2329
|
-
}
|
|
2330
|
-
function parseModifiers(token) {
|
|
2331
|
-
const mods = {
|
|
2332
|
-
ctrl: false,
|
|
2333
|
-
alt: false,
|
|
2334
|
-
shift: false
|
|
2335
|
-
};
|
|
2336
|
-
let rest = token;
|
|
2337
|
-
let sawModifiers = false;
|
|
2338
|
-
while (rest.length > 2 && rest[1] === "-") {
|
|
2339
|
-
const mod = normalizeLowercaseStringOrEmpty(rest[0]);
|
|
2340
|
-
if (mod === "c") mods.ctrl = true;
|
|
2341
|
-
else if (mod === "m") mods.alt = true;
|
|
2342
|
-
else if (mod === "s") mods.shift = true;
|
|
2343
|
-
else break;
|
|
2344
|
-
sawModifiers = true;
|
|
2345
|
-
rest = rest.slice(2);
|
|
2346
|
-
}
|
|
2347
|
-
return {
|
|
2348
|
-
mods,
|
|
2349
|
-
base: rest,
|
|
2350
|
-
hasModifiers: sawModifiers
|
|
2351
|
-
};
|
|
2352
|
-
}
|
|
2353
|
-
function applyCharModifiers(char, mods) {
|
|
2354
|
-
let value = char;
|
|
2355
|
-
if (mods.shift && value.length === 1 && /[a-z]/.test(value)) value = value.toUpperCase();
|
|
2356
|
-
if (mods.ctrl) {
|
|
2357
|
-
const ctrl = toCtrlChar(value);
|
|
2358
|
-
if (ctrl) value = ctrl;
|
|
2359
|
-
}
|
|
2360
|
-
if (mods.alt) value = `${ESC}${value}`;
|
|
2361
|
-
return value;
|
|
2362
|
-
}
|
|
2363
|
-
function toCtrlChar(char) {
|
|
2364
|
-
if (char.length !== 1) return null;
|
|
2365
|
-
if (char === "?") return "";
|
|
2366
|
-
const code = char.toUpperCase().charCodeAt(0);
|
|
2367
|
-
if (code >= 64 && code <= 95) return String.fromCharCode(code & 31);
|
|
2368
|
-
return null;
|
|
2369
|
-
}
|
|
2370
|
-
function xtermModifier(mods) {
|
|
2371
|
-
let mod = 1;
|
|
2372
|
-
if (mods.shift) mod += 1;
|
|
2373
|
-
if (mods.alt) mod += 2;
|
|
2374
|
-
if (mods.ctrl) mod += 4;
|
|
2375
|
-
return mod;
|
|
2376
|
-
}
|
|
2377
|
-
function applyXtermModifier(sequence, modifier) {
|
|
2378
|
-
const escPattern = escapeRegExp(ESC);
|
|
2379
|
-
const csiNumber = new RegExp(`^${escPattern}\\[(\\d+)([~A-Z])$`);
|
|
2380
|
-
const csiArrow = new RegExp(`^${escPattern}\\[(A|B|C|D|H|F)$`);
|
|
2381
|
-
const numberMatch = sequence.match(csiNumber);
|
|
2382
|
-
if (numberMatch) return `${ESC}[${numberMatch[1]};${modifier}${numberMatch[2]}`;
|
|
2383
|
-
const arrowMatch = sequence.match(csiArrow);
|
|
2384
|
-
if (arrowMatch) return `${ESC}[1;${modifier}${arrowMatch[1]}`;
|
|
2385
|
-
return null;
|
|
2386
|
-
}
|
|
2387
|
-
function hasAnyModifier(mods) {
|
|
2388
|
-
return mods.ctrl || mods.alt || mods.shift;
|
|
2389
|
-
}
|
|
2390
|
-
function parseHexByte(raw) {
|
|
2391
|
-
const lower = normalizeLowercaseStringOrEmpty(raw);
|
|
2392
|
-
const normalized = lower.startsWith("0x") ? lower.slice(2) : lower;
|
|
2393
|
-
if (!/^[0-9a-f]{1,2}$/.test(normalized)) return null;
|
|
2394
|
-
const value = Number.parseInt(normalized, 16);
|
|
2395
|
-
if (Number.isNaN(value) || value < 0 || value > 255) return null;
|
|
2396
|
-
return value;
|
|
2397
|
-
}
|
|
2398
|
-
//#endregion
|
|
2399
|
-
//#region src/agents/bash-tools.process-send-keys.ts
|
|
2400
|
-
function failText$1(text) {
|
|
2401
|
-
return {
|
|
2402
|
-
content: [{
|
|
2403
|
-
type: "text",
|
|
2404
|
-
text
|
|
2405
|
-
}],
|
|
2406
|
-
details: { status: "failed" }
|
|
2407
|
-
};
|
|
2408
|
-
}
|
|
2409
|
-
async function writeToStdin(stdin, data) {
|
|
2410
|
-
await new Promise((resolve, reject) => {
|
|
2411
|
-
stdin.write(data, (err) => {
|
|
2412
|
-
if (err) reject(err);
|
|
2413
|
-
else resolve();
|
|
2414
|
-
});
|
|
2415
|
-
});
|
|
2416
|
-
}
|
|
2417
|
-
async function handleProcessSendKeys(params) {
|
|
2418
|
-
const request = {
|
|
2419
|
-
keys: params.keys,
|
|
2420
|
-
hex: params.hex,
|
|
2421
|
-
literal: params.literal
|
|
2422
|
-
};
|
|
2423
|
-
if (params.session.cursorKeyMode === "unknown" && hasCursorModeSensitiveKeys(request)) return failText$1(`Session ${params.sessionId} cursor key mode is not known yet. Poll or log until startup output appears, then retry send-keys.`);
|
|
2424
|
-
const { data, warnings } = encodeKeySequence(request, params.session.cursorKeyMode === "unknown" ? void 0 : params.session.cursorKeyMode);
|
|
2425
|
-
if (!data) return failText$1("No key data provided.");
|
|
2426
|
-
await writeToStdin(params.stdin, data);
|
|
2427
|
-
return {
|
|
2428
|
-
content: [{
|
|
2429
|
-
type: "text",
|
|
2430
|
-
text: `Sent ${data.length} bytes to session ${params.sessionId}.` + (warnings.length ? `\nWarnings:\n- ${warnings.join("\n- ")}` : "")
|
|
2431
|
-
}],
|
|
2432
|
-
details: {
|
|
2433
|
-
status: "running",
|
|
2434
|
-
sessionId: params.sessionId,
|
|
2435
|
-
name: deriveSessionName(params.session.command)
|
|
2436
|
-
}
|
|
2437
|
-
};
|
|
2438
|
-
}
|
|
2439
|
-
//#endregion
|
|
2440
|
-
//#region src/agents/bash-tools.process.ts
|
|
2441
|
-
const DEFAULT_LOG_TAIL_LINES = 200;
|
|
2442
|
-
function resolveLogSliceWindow(offset, limit) {
|
|
2443
|
-
const usingDefaultTail = offset === void 0 && limit === void 0;
|
|
2444
|
-
return {
|
|
2445
|
-
effectiveOffset: offset,
|
|
2446
|
-
effectiveLimit: typeof limit === "number" && Number.isFinite(limit) ? limit : usingDefaultTail ? DEFAULT_LOG_TAIL_LINES : void 0,
|
|
2447
|
-
usingDefaultTail
|
|
2448
|
-
};
|
|
2449
|
-
}
|
|
2450
|
-
function defaultTailNote(totalLines, usingDefaultTail) {
|
|
2451
|
-
if (!usingDefaultTail || totalLines <= DEFAULT_LOG_TAIL_LINES) return "";
|
|
2452
|
-
return `\n\n[showing last ${DEFAULT_LOG_TAIL_LINES} of ${totalLines} lines; pass offset/limit to page]`;
|
|
2453
|
-
}
|
|
2454
|
-
const MAX_POLL_WAIT_MS = 12e4;
|
|
2455
|
-
function resolvePollWaitMs(value) {
|
|
2456
|
-
if (typeof value === "number" && Number.isFinite(value)) return Math.max(0, Math.min(MAX_POLL_WAIT_MS, Math.floor(value)));
|
|
2457
|
-
if (typeof value === "string") {
|
|
2458
|
-
const parsed = Number.parseInt(value.trim(), 10);
|
|
2459
|
-
if (Number.isFinite(parsed)) return Math.max(0, Math.min(MAX_POLL_WAIT_MS, parsed));
|
|
2460
|
-
}
|
|
2461
|
-
return 0;
|
|
2462
|
-
}
|
|
2463
|
-
function failText(text) {
|
|
2464
|
-
return {
|
|
2465
|
-
content: [{
|
|
2466
|
-
type: "text",
|
|
2467
|
-
text
|
|
2468
|
-
}],
|
|
2469
|
-
details: { status: "failed" }
|
|
2470
|
-
};
|
|
2471
|
-
}
|
|
2472
|
-
function recordPollRetrySuggestion(sessionId, hasNewOutput) {
|
|
2473
|
-
try {
|
|
2474
|
-
return recordCommandPoll(getDiagnosticSessionState({ sessionId }), sessionId, hasNewOutput);
|
|
2475
|
-
} catch {
|
|
2476
|
-
return;
|
|
2477
|
-
}
|
|
2478
|
-
}
|
|
2479
|
-
function resetPollRetrySuggestion(sessionId) {
|
|
2480
|
-
try {
|
|
2481
|
-
resetCommandPollCount(getDiagnosticSessionState({ sessionId }), sessionId);
|
|
2482
|
-
} catch {}
|
|
2483
|
-
}
|
|
2484
|
-
function createProcessTool(defaults) {
|
|
2485
|
-
if (defaults?.cleanupMs !== void 0) setJobTtlMs(defaults.cleanupMs);
|
|
2486
|
-
const scopeKey = defaults?.scopeKey;
|
|
2487
|
-
const supervisor = getProcessSupervisor();
|
|
2488
|
-
const isInScope = (session) => !scopeKey || session?.scopeKey === scopeKey;
|
|
2489
|
-
const cancelManagedSession = (sessionId) => {
|
|
2490
|
-
const record = supervisor.getRecord(sessionId);
|
|
2491
|
-
if (!record || record.state === "exited") return false;
|
|
2492
|
-
supervisor.cancel(sessionId, "manual-cancel");
|
|
2493
|
-
return true;
|
|
2494
|
-
};
|
|
2495
|
-
const terminateSessionFallback = (session) => {
|
|
2496
|
-
const pid = session.pid ?? session.child?.pid;
|
|
2497
|
-
if (typeof pid !== "number" || !Number.isFinite(pid) || pid <= 0) return false;
|
|
2498
|
-
killProcessTree(pid);
|
|
2499
|
-
return true;
|
|
2500
|
-
};
|
|
2501
|
-
return {
|
|
2502
|
-
name: "process",
|
|
2503
|
-
label: "process",
|
|
2504
|
-
displaySummary: PROCESS_TOOL_DISPLAY_SUMMARY,
|
|
2505
|
-
description: describeProcessTool({ hasCronTool: defaults?.hasCronTool === true }),
|
|
2506
|
-
parameters: processSchema,
|
|
2507
|
-
execute: async (_toolCallId, args, _signal, _onUpdate) => {
|
|
2508
|
-
const params = args;
|
|
2509
|
-
if (params.action === "list") {
|
|
2510
|
-
const running = listRunningSessions().filter((s) => isInScope(s)).map((s) => ({
|
|
2511
|
-
sessionId: s.id,
|
|
2512
|
-
status: "running",
|
|
2513
|
-
pid: s.pid ?? void 0,
|
|
2514
|
-
startedAt: s.startedAt,
|
|
2515
|
-
runtimeMs: Date.now() - s.startedAt,
|
|
2516
|
-
cwd: s.cwd,
|
|
2517
|
-
command: s.command,
|
|
2518
|
-
name: deriveSessionName(s.command),
|
|
2519
|
-
tail: s.tail,
|
|
2520
|
-
truncated: s.truncated
|
|
2521
|
-
}));
|
|
2522
|
-
const finished = listFinishedSessions().filter((s) => isInScope(s)).map((s) => ({
|
|
2523
|
-
sessionId: s.id,
|
|
2524
|
-
status: s.status,
|
|
2525
|
-
startedAt: s.startedAt,
|
|
2526
|
-
endedAt: s.endedAt,
|
|
2527
|
-
runtimeMs: s.endedAt - s.startedAt,
|
|
2528
|
-
cwd: s.cwd,
|
|
2529
|
-
command: s.command,
|
|
2530
|
-
name: deriveSessionName(s.command),
|
|
2531
|
-
tail: s.tail,
|
|
2532
|
-
truncated: s.truncated,
|
|
2533
|
-
exitCode: s.exitCode ?? void 0,
|
|
2534
|
-
exitSignal: s.exitSignal ?? void 0
|
|
2535
|
-
}));
|
|
2536
|
-
return {
|
|
2537
|
-
content: [{
|
|
2538
|
-
type: "text",
|
|
2539
|
-
text: [...running, ...finished].toSorted((a, b) => b.startedAt - a.startedAt).map((s) => {
|
|
2540
|
-
const label = s.name ? truncateMiddle(s.name, 80) : truncateMiddle(s.command, 120);
|
|
2541
|
-
return `${s.sessionId} ${pad(s.status, 9)} ${formatDurationCompact(s.runtimeMs) ?? "n/a"} :: ${label}`;
|
|
2542
|
-
}).join("\n") || "No running or recent sessions."
|
|
2543
|
-
}],
|
|
2544
|
-
details: {
|
|
2545
|
-
status: "completed",
|
|
2546
|
-
sessions: [...running, ...finished]
|
|
2547
|
-
}
|
|
2548
|
-
};
|
|
2549
|
-
}
|
|
2550
|
-
if (!params.sessionId) return {
|
|
2551
|
-
content: [{
|
|
2552
|
-
type: "text",
|
|
2553
|
-
text: "sessionId is required for this action."
|
|
2554
|
-
}],
|
|
2555
|
-
details: { status: "failed" }
|
|
2556
|
-
};
|
|
2557
|
-
const session = getSession(params.sessionId);
|
|
2558
|
-
const finished = getFinishedSession(params.sessionId);
|
|
2559
|
-
const scopedSession = isInScope(session) ? session : void 0;
|
|
2560
|
-
const scopedFinished = isInScope(finished) ? finished : void 0;
|
|
2561
|
-
const failedResult = (text) => ({
|
|
2562
|
-
content: [{
|
|
2563
|
-
type: "text",
|
|
2564
|
-
text
|
|
2565
|
-
}],
|
|
2566
|
-
details: { status: "failed" }
|
|
2567
|
-
});
|
|
2568
|
-
const resolveBackgroundedWritableStdin = () => {
|
|
2569
|
-
if (!scopedSession) return {
|
|
2570
|
-
ok: false,
|
|
2571
|
-
result: failedResult(`No active session found for ${params.sessionId}`)
|
|
2572
|
-
};
|
|
2573
|
-
if (!scopedSession.backgrounded) return {
|
|
2574
|
-
ok: false,
|
|
2575
|
-
result: failedResult(`Session ${params.sessionId} is not backgrounded.`)
|
|
2576
|
-
};
|
|
2577
|
-
const stdin = scopedSession.stdin ?? scopedSession.child?.stdin;
|
|
2578
|
-
if (!stdin || stdin.destroyed) return {
|
|
2579
|
-
ok: false,
|
|
2580
|
-
result: failedResult(`Session ${params.sessionId} stdin is not writable.`)
|
|
2581
|
-
};
|
|
2582
|
-
return {
|
|
2583
|
-
ok: true,
|
|
2584
|
-
session: scopedSession,
|
|
2585
|
-
stdin
|
|
2586
|
-
};
|
|
2587
|
-
};
|
|
2588
|
-
const writeToStdin = async (stdin, data) => {
|
|
2589
|
-
await new Promise((resolve, reject) => {
|
|
2590
|
-
stdin.write(data, (err) => {
|
|
2591
|
-
if (err) reject(err);
|
|
2592
|
-
else resolve();
|
|
2593
|
-
});
|
|
2594
|
-
});
|
|
2595
|
-
};
|
|
2596
|
-
const runningSessionResult = (session, text) => ({
|
|
2597
|
-
content: [{
|
|
2598
|
-
type: "text",
|
|
2599
|
-
text
|
|
2600
|
-
}],
|
|
2601
|
-
details: {
|
|
2602
|
-
status: "running",
|
|
2603
|
-
sessionId: params.sessionId,
|
|
2604
|
-
name: deriveSessionName(session.command)
|
|
2605
|
-
}
|
|
2606
|
-
});
|
|
2607
|
-
switch (params.action) {
|
|
2608
|
-
case "poll": {
|
|
2609
|
-
if (!scopedSession) {
|
|
2610
|
-
if (scopedFinished) {
|
|
2611
|
-
resetPollRetrySuggestion(params.sessionId);
|
|
2612
|
-
return {
|
|
2613
|
-
content: [{
|
|
2614
|
-
type: "text",
|
|
2615
|
-
text: (scopedFinished.tail || `(no output recorded${scopedFinished.truncated ? " — truncated to cap" : ""})`) + `\n\nProcess exited with ${scopedFinished.exitSignal ? `signal ${scopedFinished.exitSignal}` : `code ${scopedFinished.exitCode ?? 0}`}.`
|
|
2616
|
-
}],
|
|
2617
|
-
details: {
|
|
2618
|
-
status: scopedFinished.status === "completed" ? "completed" : "failed",
|
|
2619
|
-
sessionId: params.sessionId,
|
|
2620
|
-
exitCode: scopedFinished.exitCode ?? void 0,
|
|
2621
|
-
aggregated: scopedFinished.aggregated,
|
|
2622
|
-
name: deriveSessionName(scopedFinished.command)
|
|
2623
|
-
}
|
|
2624
|
-
};
|
|
2625
|
-
}
|
|
2626
|
-
resetPollRetrySuggestion(params.sessionId);
|
|
2627
|
-
return failText(`No session found for ${params.sessionId}`);
|
|
2628
|
-
}
|
|
2629
|
-
if (!scopedSession.backgrounded) return failText(`Session ${params.sessionId} is not backgrounded.`);
|
|
2630
|
-
const pollWaitMs = resolvePollWaitMs(params.timeout);
|
|
2631
|
-
if (pollWaitMs > 0 && !scopedSession.exited) {
|
|
2632
|
-
const deadline = Date.now() + pollWaitMs;
|
|
2633
|
-
while (!scopedSession.exited && Date.now() < deadline) await new Promise((resolve) => setTimeout(resolve, Math.max(0, Math.min(250, deadline - Date.now()))));
|
|
2634
|
-
}
|
|
2635
|
-
const { stdout, stderr } = drainSession(scopedSession);
|
|
2636
|
-
const exited = scopedSession.exited;
|
|
2637
|
-
const exitCode = scopedSession.exitCode ?? 0;
|
|
2638
|
-
const exitSignal = scopedSession.exitSignal ?? void 0;
|
|
2639
|
-
if (exited) {
|
|
2640
|
-
const status = exitCode === 0 && exitSignal == null ? "completed" : "failed";
|
|
2641
|
-
markExited(scopedSession, scopedSession.exitCode ?? null, scopedSession.exitSignal ?? null, status);
|
|
2642
|
-
}
|
|
2643
|
-
const status = exited ? exitCode === 0 && exitSignal == null ? "completed" : "failed" : "running";
|
|
2644
|
-
const output = [stdout.trimEnd(), stderr.trimEnd()].filter(Boolean).join("\n").trim();
|
|
2645
|
-
const hasNewOutput = output.length > 0;
|
|
2646
|
-
const retryInMs = exited ? void 0 : recordPollRetrySuggestion(params.sessionId, hasNewOutput);
|
|
2647
|
-
if (exited) resetPollRetrySuggestion(params.sessionId);
|
|
2648
|
-
return {
|
|
2649
|
-
content: [{
|
|
2650
|
-
type: "text",
|
|
2651
|
-
text: (output || "(no new output)") + (exited ? `\n\nProcess exited with ${exitSignal ? `signal ${exitSignal}` : `code ${exitCode}`}.` : "\n\nProcess still running.")
|
|
2652
|
-
}],
|
|
2653
|
-
details: {
|
|
2654
|
-
status,
|
|
2655
|
-
sessionId: params.sessionId,
|
|
2656
|
-
exitCode: exited ? exitCode : void 0,
|
|
2657
|
-
aggregated: scopedSession.aggregated,
|
|
2658
|
-
name: deriveSessionName(scopedSession.command),
|
|
2659
|
-
...typeof retryInMs === "number" ? { retryInMs } : {}
|
|
2660
|
-
}
|
|
2661
|
-
};
|
|
2662
|
-
}
|
|
2663
|
-
case "log":
|
|
2664
|
-
if (scopedSession) {
|
|
2665
|
-
if (!scopedSession.backgrounded) return {
|
|
2666
|
-
content: [{
|
|
2667
|
-
type: "text",
|
|
2668
|
-
text: `Session ${params.sessionId} is not backgrounded.`
|
|
2669
|
-
}],
|
|
2670
|
-
details: { status: "failed" }
|
|
2671
|
-
};
|
|
2672
|
-
const window = resolveLogSliceWindow(params.offset, params.limit);
|
|
2673
|
-
const { slice, totalLines, totalChars } = sliceLogLines(scopedSession.aggregated, window.effectiveOffset, window.effectiveLimit);
|
|
2674
|
-
const logDefaultTailNote = defaultTailNote(totalLines, window.usingDefaultTail);
|
|
2675
|
-
return {
|
|
2676
|
-
content: [{
|
|
2677
|
-
type: "text",
|
|
2678
|
-
text: (slice || "(no output yet)") + logDefaultTailNote
|
|
2679
|
-
}],
|
|
2680
|
-
details: {
|
|
2681
|
-
status: scopedSession.exited ? "completed" : "running",
|
|
2682
|
-
sessionId: params.sessionId,
|
|
2683
|
-
total: totalLines,
|
|
2684
|
-
totalLines,
|
|
2685
|
-
totalChars,
|
|
2686
|
-
truncated: scopedSession.truncated,
|
|
2687
|
-
name: deriveSessionName(scopedSession.command)
|
|
2688
|
-
}
|
|
2689
|
-
};
|
|
2690
|
-
}
|
|
2691
|
-
if (scopedFinished) {
|
|
2692
|
-
const window = resolveLogSliceWindow(params.offset, params.limit);
|
|
2693
|
-
const { slice, totalLines, totalChars } = sliceLogLines(scopedFinished.aggregated, window.effectiveOffset, window.effectiveLimit);
|
|
2694
|
-
const status = scopedFinished.status === "completed" ? "completed" : "failed";
|
|
2695
|
-
const logDefaultTailNote = defaultTailNote(totalLines, window.usingDefaultTail);
|
|
2696
|
-
return {
|
|
2697
|
-
content: [{
|
|
2698
|
-
type: "text",
|
|
2699
|
-
text: (slice || "(no output recorded)") + logDefaultTailNote
|
|
2700
|
-
}],
|
|
2701
|
-
details: {
|
|
2702
|
-
status,
|
|
2703
|
-
sessionId: params.sessionId,
|
|
2704
|
-
total: totalLines,
|
|
2705
|
-
totalLines,
|
|
2706
|
-
totalChars,
|
|
2707
|
-
truncated: scopedFinished.truncated,
|
|
2708
|
-
exitCode: scopedFinished.exitCode ?? void 0,
|
|
2709
|
-
exitSignal: scopedFinished.exitSignal ?? void 0,
|
|
2710
|
-
name: deriveSessionName(scopedFinished.command)
|
|
2711
|
-
}
|
|
2712
|
-
};
|
|
2713
|
-
}
|
|
2714
|
-
return {
|
|
2715
|
-
content: [{
|
|
2716
|
-
type: "text",
|
|
2717
|
-
text: `No session found for ${params.sessionId}`
|
|
2718
|
-
}],
|
|
2719
|
-
details: { status: "failed" }
|
|
2720
|
-
};
|
|
2721
|
-
case "write": {
|
|
2722
|
-
const resolved = resolveBackgroundedWritableStdin();
|
|
2723
|
-
if (!resolved.ok) return resolved.result;
|
|
2724
|
-
await writeToStdin(resolved.stdin, params.data ?? "");
|
|
2725
|
-
if (params.eof) resolved.stdin.end();
|
|
2726
|
-
return runningSessionResult(resolved.session, `Wrote ${(params.data ?? "").length} bytes to session ${params.sessionId}${params.eof ? " (stdin closed)" : ""}.`);
|
|
2727
|
-
}
|
|
2728
|
-
case "send-keys": {
|
|
2729
|
-
const resolved = resolveBackgroundedWritableStdin();
|
|
2730
|
-
if (!resolved.ok) return resolved.result;
|
|
2731
|
-
return await handleProcessSendKeys({
|
|
2732
|
-
sessionId: params.sessionId,
|
|
2733
|
-
session: resolved.session,
|
|
2734
|
-
stdin: resolved.stdin,
|
|
2735
|
-
keys: params.keys,
|
|
2736
|
-
hex: params.hex,
|
|
2737
|
-
literal: params.literal
|
|
2738
|
-
});
|
|
2739
|
-
}
|
|
2740
|
-
case "submit": {
|
|
2741
|
-
const resolved = resolveBackgroundedWritableStdin();
|
|
2742
|
-
if (!resolved.ok) return resolved.result;
|
|
2743
|
-
await writeToStdin(resolved.stdin, "\r");
|
|
2744
|
-
return runningSessionResult(resolved.session, `Submitted session ${params.sessionId} (sent CR).`);
|
|
2745
|
-
}
|
|
2746
|
-
case "paste": {
|
|
2747
|
-
const resolved = resolveBackgroundedWritableStdin();
|
|
2748
|
-
if (!resolved.ok) return resolved.result;
|
|
2749
|
-
const payload = encodePaste(params.text ?? "", params.bracketed !== false);
|
|
2750
|
-
if (!payload) return {
|
|
2751
|
-
content: [{
|
|
2752
|
-
type: "text",
|
|
2753
|
-
text: "No paste text provided."
|
|
2754
|
-
}],
|
|
2755
|
-
details: { status: "failed" }
|
|
2756
|
-
};
|
|
2757
|
-
await writeToStdin(resolved.stdin, payload);
|
|
2758
|
-
return runningSessionResult(resolved.session, `Pasted ${params.text?.length ?? 0} chars to session ${params.sessionId}.`);
|
|
2759
|
-
}
|
|
2760
|
-
case "kill": {
|
|
2761
|
-
if (!scopedSession) return failText(`No active session found for ${params.sessionId}`);
|
|
2762
|
-
if (!scopedSession.backgrounded) return failText(`Session ${params.sessionId} is not backgrounded.`);
|
|
2763
|
-
const canceled = cancelManagedSession(scopedSession.id);
|
|
2764
|
-
if (!canceled) {
|
|
2765
|
-
if (!terminateSessionFallback(scopedSession)) return failText(`Unable to terminate session ${params.sessionId}: no active supervisor run or process id.`);
|
|
2766
|
-
markExited(scopedSession, null, "SIGKILL", "failed");
|
|
2767
|
-
}
|
|
2768
|
-
resetPollRetrySuggestion(params.sessionId);
|
|
2769
|
-
return {
|
|
2770
|
-
content: [{
|
|
2771
|
-
type: "text",
|
|
2772
|
-
text: canceled ? `Termination requested for session ${params.sessionId}.` : `Killed session ${params.sessionId}.`
|
|
2773
|
-
}],
|
|
2774
|
-
details: {
|
|
2775
|
-
status: "failed",
|
|
2776
|
-
name: scopedSession ? deriveSessionName(scopedSession.command) : void 0
|
|
2777
|
-
}
|
|
2778
|
-
};
|
|
2779
|
-
}
|
|
2780
|
-
case "clear":
|
|
2781
|
-
if (scopedFinished) {
|
|
2782
|
-
resetPollRetrySuggestion(params.sessionId);
|
|
2783
|
-
deleteSession(params.sessionId);
|
|
2784
|
-
return {
|
|
2785
|
-
content: [{
|
|
2786
|
-
type: "text",
|
|
2787
|
-
text: `Cleared session ${params.sessionId}.`
|
|
2788
|
-
}],
|
|
2789
|
-
details: { status: "completed" }
|
|
2790
|
-
};
|
|
2791
|
-
}
|
|
2792
|
-
return {
|
|
2793
|
-
content: [{
|
|
2794
|
-
type: "text",
|
|
2795
|
-
text: `No finished session found for ${params.sessionId}`
|
|
2796
|
-
}],
|
|
2797
|
-
details: { status: "failed" }
|
|
2798
|
-
};
|
|
2799
|
-
case "remove":
|
|
2800
|
-
if (scopedSession) {
|
|
2801
|
-
const canceled = cancelManagedSession(scopedSession.id);
|
|
2802
|
-
if (canceled) {
|
|
2803
|
-
scopedSession.backgrounded = false;
|
|
2804
|
-
deleteSession(params.sessionId);
|
|
2805
|
-
} else {
|
|
2806
|
-
if (!terminateSessionFallback(scopedSession)) return failText(`Unable to remove session ${params.sessionId}: no active supervisor run or process id.`);
|
|
2807
|
-
markExited(scopedSession, null, "SIGKILL", "failed");
|
|
2808
|
-
deleteSession(params.sessionId);
|
|
2809
|
-
}
|
|
2810
|
-
resetPollRetrySuggestion(params.sessionId);
|
|
2811
|
-
return {
|
|
2812
|
-
content: [{
|
|
2813
|
-
type: "text",
|
|
2814
|
-
text: canceled ? `Removed session ${params.sessionId} (termination requested).` : `Removed session ${params.sessionId}.`
|
|
2815
|
-
}],
|
|
2816
|
-
details: {
|
|
2817
|
-
status: "failed",
|
|
2818
|
-
name: scopedSession ? deriveSessionName(scopedSession.command) : void 0
|
|
2819
|
-
}
|
|
2820
|
-
};
|
|
2821
|
-
}
|
|
2822
|
-
if (scopedFinished) {
|
|
2823
|
-
resetPollRetrySuggestion(params.sessionId);
|
|
2824
|
-
deleteSession(params.sessionId);
|
|
2825
|
-
return {
|
|
2826
|
-
content: [{
|
|
2827
|
-
type: "text",
|
|
2828
|
-
text: `Removed session ${params.sessionId}.`
|
|
2829
|
-
}],
|
|
2830
|
-
details: { status: "completed" }
|
|
2831
|
-
};
|
|
2832
|
-
}
|
|
2833
|
-
return {
|
|
2834
|
-
content: [{
|
|
2835
|
-
type: "text",
|
|
2836
|
-
text: `No session found for ${params.sessionId}`
|
|
2837
|
-
}],
|
|
2838
|
-
details: { status: "failed" }
|
|
2839
|
-
};
|
|
2840
|
-
}
|
|
2841
|
-
return {
|
|
2842
|
-
content: [{
|
|
2843
|
-
type: "text",
|
|
2844
|
-
text: `Unknown action ${params.action}`
|
|
2845
|
-
}],
|
|
2846
|
-
details: { status: "failed" }
|
|
2847
|
-
};
|
|
2848
|
-
}
|
|
2849
|
-
};
|
|
2850
|
-
}
|
|
2851
|
-
const processTool = createProcessTool();
|
|
2852
|
-
//#endregion
|
|
2853
|
-
export { execTool as i, processTool as n, createExecTool as r, createProcessTool as t };
|