@pixelzx/genesis 2026.6.29 → 2026.7.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +16 -0
- package/dist/.buildstamp +1 -1
- package/dist/abort-Cp36iDXn.js +201 -0
- package/dist/abort-cutoff.runtime-Cfv6I4gf.js +20 -0
- package/dist/abort-cutoff.runtime.js +1 -1
- package/dist/abort.runtime-BqMH4Ch0.js +2 -0
- package/dist/abort.runtime.js +1 -1
- package/dist/accounts-Cj71Cowh.js +107 -0
- package/dist/accounts-QWkosmHS.js +104 -0
- package/dist/accounts-WfCxilPE.js +2 -0
- package/dist/acp-cli-DR-AhXGk.js +2217 -0
- package/dist/acp-spawn--QIKNFAi.js +2 -0
- package/dist/acp-spawn-C6RL4_5_.js +1042 -0
- package/dist/acp-stateful-target-driver-Dhv06vdx.js +89 -0
- package/dist/action-agents-CIt7iEZU.js +67 -0
- package/dist/action-focus-opQp57IZ.js +132 -0
- package/dist/action-help-_OV2kuH9.js +7 -0
- package/dist/action-info-aoU6FqoU.js +101 -0
- package/dist/action-kill-DFlW_b4o.js +33 -0
- package/dist/action-list-CAYQg5qC.js +21 -0
- package/dist/action-log-COWtMTRe.js +30 -0
- package/dist/action-send-CzGaLKxg.js +39 -0
- package/dist/action-spawn-D0HNlqJQ.js +47 -0
- package/dist/action-unfocus-BA2c_9o-.js +29 -0
- package/dist/actions.runtime-C-MtRkM5.js +18 -0
- package/dist/actions.runtime-_O63acg1.js +5 -0
- package/dist/actions.runtime.js +1 -1
- package/dist/agent-D7gQ7Xo9.js +2 -0
- package/dist/agent-command-ByKQHVY7.js +874 -0
- package/dist/agent-harness-runtime-BMjFYW9y.js +144 -0
- package/dist/agent-runner-utils-DJds4BS5.js +239 -0
- package/dist/agent-runner.runtime-DIZ31zSD.js +3443 -0
- package/dist/agent-runner.runtime.js +1 -1
- package/dist/agent-runtime-CBfPv0EK.js +18 -0
- package/dist/agents-CV4vTeP8.js +5 -0
- package/dist/agents-imogqXBP.js +954 -0
- package/dist/agents.command-shared-j4Ht1HMt.js +40 -0
- package/dist/aliases-BTJj8BqV.js +2 -0
- package/dist/aliases-Bx--0eZ4.js +96 -0
- package/dist/api-7axT1c4t.js +4 -0
- package/dist/api-B2wEDg4s.js +139 -0
- package/dist/api-BWV-Ja5Y.js +48 -0
- package/dist/api-Bd2qlRZB.js +3 -0
- package/dist/api-C_BLyG0v.js +5 -0
- package/dist/apply-DFpc3-ic.js +508 -0
- package/dist/apply.runtime-BpuwcltB.js +166 -0
- package/dist/apply.runtime-CyFkfilC.js +2 -0
- package/dist/apply.runtime.js +1 -1
- package/dist/approval-gateway-resolver-L5mCgEE8.js +29 -0
- package/dist/approval-gateway-runtime-CzzYNVSz.js +2 -0
- package/dist/approval-handler-runtime-DGphch5Y.js +439 -0
- package/dist/approval-native-runtime-DiA39Qd-.js +729 -0
- package/dist/attempt-execution.runtime-BR_1bcQh.js +509 -0
- package/dist/attempt-execution.runtime.js +1 -1
- package/dist/attempt-execution.shared-CJLlmxzq.js +22 -0
- package/dist/attempt.prompt-helpers-BcjLCIQW.js +206 -0
- package/dist/attempt.tool-run-context-CCbj8Rx9.js +933 -0
- package/dist/audit-channel.collect.runtime.js +1 -1
- package/dist/audit-extra.async-B52PswlQ.js +971 -0
- package/dist/audit-gZVWGq5L.js +939 -0
- package/dist/audit-tool-policy-CMwmd8Xs.js +3 -0
- package/dist/audit.deep.runtime-BC4XWNSr.js +2 -0
- package/dist/audit.deep.runtime.js +1 -1
- package/dist/audit.nondeep.runtime-Dvng3qfA.js +880 -0
- package/dist/audit.nondeep.runtime.js +1 -1
- package/dist/audit.runtime-C24h5tOz.js +7 -0
- package/dist/audit.runtime.js +1 -1
- package/dist/auth-CVlSRgzI.js +2 -0
- package/dist/auth-DXk-SISv.js +56 -0
- package/dist/auth-MA9UN5hQ.js +550 -0
- package/dist/auth-bH95QjyV.js +177 -0
- package/dist/auth-choice-Bn-ygZZg.js +3 -0
- package/dist/auth-choice-CmUhzrUA.js +85 -0
- package/dist/auth-order-BTnSGQgv.js +139 -0
- package/dist/auth-order-BdoWVq-E.js +2 -0
- package/dist/bash-tools-ByIhi7m1.js +3 -0
- package/dist/bash-tools-CyEIAadh.js +2853 -0
- package/dist/bash-tools.exec-runtime-BSErqAOv.js +823 -0
- package/dist/binding-routing-ZcY40RZ4.js +85 -0
- package/dist/binding-targets-CNRFfBh-.js +121 -0
- package/dist/bridge-server-C7dKRq-V.js +113 -0
- package/dist/browser-control-auth-BWH3BUNZ.js +2 -0
- package/dist/browser-node-runtime-QLZUFybf.js +12 -0
- package/dist/browser-profiles-BBpvhLrT.js +2 -0
- package/dist/browser-runtime-DhpIPNIt.js +387 -0
- package/dist/browser-setup-tools-DHwGt1YE.js +13 -0
- package/dist/build-BGXvMkW_.js +550 -0
- package/dist/build-info.json +3 -3
- package/dist/bundled/boot-md/handler.js +3 -3
- package/dist/bundled/session-memory/handler.js +1 -1
- package/dist/call-CoL9QpLf.js +330 -0
- package/dist/call-DUTlBMzC.js +3 -0
- package/dist/call.runtime-CwonrfG0.js +2 -0
- package/dist/call.runtime.js +1 -1
- package/dist/capability-cli-n36Okw1e.js +1401 -0
- package/dist/catalog-provider-BefDFS32.js +40 -0
- package/dist/catchup-DKwaJXrj.js +300 -0
- package/dist/channel-BUjWV80s.js +491 -0
- package/dist/channel-Bqqe4ogf.js +1174 -0
- package/dist/channel-CUWOSF7I.js +1100 -0
- package/dist/channel-DO73puJq.js +840 -0
- package/dist/channel-DQb3yAT-.js +595 -0
- package/dist/channel-DonHeltj.js +1802 -0
- package/dist/channel-Dr3phGJH.js +350 -0
- package/dist/channel-OFr1VaIT.js +297 -0
- package/dist/channel-Q67N7Qga.js +453 -0
- package/dist/channel-QEIrCXvY.js +1320 -0
- package/dist/channel-TwbdYiU4.js +226 -0
- package/dist/channel-add-wizard-De4DNba-.js +125 -0
- package/dist/channel-add-wizard-v9JYw-20.js +2 -0
- package/dist/channel-core-DpS9ac5M.js +5 -0
- package/dist/channel-inbound-BN7-W5Mp.js +31 -0
- package/dist/channel-plugin-resolution-BYpxL2mS.js +2 -0
- package/dist/channel-plugin-resolution-Jy5eA_cD.js +153 -0
- package/dist/channel-plugin-runtime-Bpu2ATcW.js +771 -0
- package/dist/channel-runtime-DW0jiVp9.js +425 -0
- package/dist/channel-selection.runtime.js +1 -1
- package/dist/channel-setup-DmnWuvUU.js +1297 -0
- package/dist/channel.runtime-BIqZ_VoM.js +2364 -0
- package/dist/channel.runtime-BbeuZu_w.js +4 -0
- package/dist/channel.runtime-CUNubKGY.js +576 -0
- package/dist/channel.runtime-DVr4sNnj.js +42398 -0
- package/dist/channel.runtime-DuoIAiw0.js +89 -0
- package/dist/channel.runtime-FHKyPUs2.js +430 -0
- package/dist/channel.setup-DYQ46vWl.js +10 -0
- package/dist/channel2.runtime-45gwMiMC.js +109 -0
- package/dist/channel2.runtime.js +1 -1
- package/dist/channels-Cx87p2Mc.js +733 -0
- package/dist/channels-cli-Ch81ruvl.js +268 -0
- package/dist/chat-BvSWsydx.js +2830 -0
- package/dist/clawbot-cli-jsnS_FnN.js +9 -0
- package/dist/clawhub-Dg91MiOl.js +400 -0
- package/dist/cli/daemon-cli.js +3 -3
- package/dist/cli-BWZ_fxIG.js +72 -0
- package/dist/cli-BnjgRW4w.js +154 -0
- package/dist/cli-C6O2LqdN.js +683 -0
- package/dist/cli-CyvueCG9.js +219 -0
- package/dist/cli-D9yBNX96.js +3726 -0
- package/dist/cli-DRZG-g_Y.js +2 -0
- package/dist/cli-DqxnA2Tb.js +2 -0
- package/dist/cli-e4V7ix51.js +2 -0
- package/dist/cli-runner-DPw2qsP4.js +286 -0
- package/dist/cli-runner.runtime-B93gCaXR.js +4 -0
- package/dist/cli-runner.runtime-D3uL1Tqw.js +3 -0
- package/dist/cli-runner.runtime.js +1 -1
- package/dist/cli-startup-metadata.json +2 -2
- package/dist/cli.runtime-CJ-0cVHG.js +1261 -0
- package/dist/cli.runtime.js +1 -1
- package/dist/client-DZ9fRoos.js +723 -0
- package/dist/client-DaDWtov7.js +138 -0
- package/dist/command-auth-BNlTWl8C.js +76 -0
- package/dist/command-config-resolution-C5mMj3s6.js +2 -0
- package/dist/command-config-resolution-D_HiK2Df.js +23 -0
- package/dist/command-config-resolution.runtime-r_wK8SAB.js +2 -0
- package/dist/command-config-resolution.runtime.js +1 -1
- package/dist/command-execution-startup-CQcKEDhz.js +324 -0
- package/dist/command-registry-BwJMoAw8.js +9 -0
- package/dist/command-registry-CcPwbywf.js +4 -0
- package/dist/command-registry-core-BO-Zu0fZ.js +106 -0
- package/dist/command-secret-gateway-BOotrpN5.js +528 -0
- package/dist/command-status.runtime-Cnj5_5ga.js +87 -0
- package/dist/command-status.runtime.js +1 -1
- package/dist/commands-acp-Bp2GjOx3.js +77 -0
- package/dist/commands-compact.runtime-C3pOotHP.js +10 -0
- package/dist/commands-compact.runtime.js +1 -1
- package/dist/commands-core.runtime-DjL6pkWU.js +2 -0
- package/dist/commands-core.runtime.js +1 -1
- package/dist/commands-handlers.runtime-vaz_uwzA.js +4599 -0
- package/dist/commands-handlers.runtime.js +1 -1
- package/dist/commands-reset-hooks-7h-poKws.js +135 -0
- package/dist/commands-status-Vd07pidW.js +16 -0
- package/dist/commands-status.runtime-BEKT_jrn.js +3 -0
- package/dist/commands-status.runtime.js +1 -1
- package/dist/commands-subagents-control.runtime-B8iWwqJX.js +3 -0
- package/dist/commands-subagents-control.runtime-Rsy5Lnz2.js +2 -0
- package/dist/commands-subagents-control.runtime.js +1 -1
- package/dist/commands-system-prompt-Bq6ojpCi.js +157 -0
- package/dist/commands-system-prompt-C7C6i6nq.js +2 -0
- package/dist/commands.runtime-B7f6s9df.js +167 -0
- package/dist/commands.runtime.js +1 -1
- package/dist/compact-wrJq7Lu7.js +1096 -0
- package/dist/compact.runtime-LNHoeWuF.js +12 -0
- package/dist/compact.runtime.js +1 -1
- package/dist/completion-cli-CD7DN6ny.js +328 -0
- package/dist/config-cli-Dp5K4ftz.js +1078 -0
- package/dist/config-guard-DUDovz1_.js +96 -0
- package/dist/config-runtime-BnYU3hOw.js +32 -0
- package/dist/config-y_0ApyNl.js +252 -0
- package/dist/configure-D3mU878p.js +1252 -0
- package/dist/configure-wyGVTr5h.js +2 -0
- package/dist/connect-options-1DmmZpSB.js +699 -0
- package/dist/control-auth-BpLXdP_i.js +125 -0
- package/dist/control-service-Bsdg53R4.js +156 -0
- package/dist/control-ui/assets/agents-JC5PtqrV.js +1125 -0
- package/dist/control-ui/assets/canvas-BOLwH2XE.js +274 -0
- package/dist/control-ui/assets/channel-config-extras-DndsWi2n.js +2 -0
- package/dist/control-ui/assets/channels-DehEkmqb.js +198 -0
- package/dist/control-ui/assets/contacts-CuFuG0IF.js +49 -0
- package/dist/control-ui/assets/cron-DOmGA0e5.js +250 -0
- package/dist/control-ui/assets/de-CJg8xmlK.js +2 -0
- package/dist/control-ui/assets/debug-BmuUKCSJ.js +94 -0
- package/dist/control-ui/assets/es-C4Q-2wY3.js +2 -0
- package/dist/control-ui/assets/fr-C8HMIYz8.js +2 -0
- package/dist/control-ui/assets/i18n-Cc8tlfvD.js +3 -0
- package/dist/control-ui/assets/id-Cfarvm3I.js +2 -0
- package/dist/control-ui/assets/index-rW3Q6M8T.js +5981 -0
- package/dist/control-ui/assets/instances-Cx7hEWzW.js +57 -0
- package/dist/control-ui/assets/ja-JP-F9ReJBkI.js +2 -0
- package/dist/control-ui/assets/ko-COLp1JKa.js +2 -0
- package/dist/control-ui/assets/logs-DB-Z5vcW.js +74 -0
- package/dist/control-ui/assets/mcp-Cpcduudl.js +417 -0
- package/dist/control-ui/assets/memory-DnzEGr6j.js +50 -0
- package/dist/control-ui/assets/memory-graph-DyR9Uhz0.js +30 -0
- package/dist/control-ui/assets/models-DiDA_80_.js +86 -0
- package/dist/control-ui/assets/nodes-DBKCXfee.js +654 -0
- package/dist/control-ui/assets/pl-BYPzLeb4.js +2 -0
- package/dist/control-ui/assets/plugins-CwfOfaNX.js +259 -0
- package/dist/control-ui/assets/presenter-5bq6-zJE.js +2 -0
- package/dist/control-ui/assets/pt-BR-DTBFbuCo.js +2 -0
- package/dist/control-ui/assets/sessions-B32pl2IK.js +56 -0
- package/dist/control-ui/assets/skills-UF7TyQK4.js +294 -0
- package/dist/control-ui/assets/skills-shared-B74z1P-E.js +11 -0
- package/dist/control-ui/assets/th-CIjDBcNT.js +2 -0
- package/dist/control-ui/assets/tr-NCpkXtTg.js +2 -0
- package/dist/control-ui/assets/uk-DvS1vsmH.js +2 -0
- package/dist/control-ui/assets/wallet-RKPn2MRs.js +302 -0
- package/dist/control-ui/assets/zh-CN-SfnMOQr0.js +2 -0
- package/dist/control-ui/assets/zh-TW-CkQgNjXi.js +2 -0
- package/dist/control-ui/index.html +2 -2
- package/dist/control-ui-CKQ17fcd.js +1043 -0
- package/dist/conversation-id-BO0qFsIe.js +38 -0
- package/dist/conversation-id-KB5kfzff.js +235 -0
- package/dist/conversation-runtime-9HKKmLHt.js +31 -0
- package/dist/core-OPQr8UZ9.js +275 -0
- package/dist/create-B9OOGa90.js +80 -0
- package/dist/cron-cli-BvlxWG-0.js +713 -0
- package/dist/daemon-cli-C4rj1fY_.js +12 -0
- package/dist/dashboard-B_D8FKSf.js +2 -0
- package/dist/dashboard-DHcTfjq_.js +81 -0
- package/dist/delegate-D5OjBi3s.js +64 -0
- package/dist/deliver-I8Ifd1yR.js +3 -0
- package/dist/deliver-Zphc65zr.js +747 -0
- package/dist/deliver-runtime-DQyfYkCs.js +2 -0
- package/dist/delivery-outbound.runtime-Bs9x6LSS.js +6 -0
- package/dist/delivery-outbound.runtime.js +1 -1
- package/dist/delivery.runtime-Cx3qn7Hc.js +253 -0
- package/dist/delivery.runtime.js +1 -1
- package/dist/detached-task-runtime-DzyjU1m1.js +73 -0
- package/dist/devices-cli-DvMb9Y1g.js +498 -0
- package/dist/diagnostics-B6OHDp0s.js +154 -0
- package/dist/direct-dm-D6l72pHR.js +64 -0
- package/dist/directive-handling.fast-lane-DuuCgCI2.js +66 -0
- package/dist/directive-handling.impl-BiJain1b.js +2 -0
- package/dist/directive-handling.impl-CYw76-Ag.js +703 -0
- package/dist/directive-handling.model-selection-BNnOIh0D.js +114 -0
- package/dist/directive-handling.persist.runtime-DWnMoAjn.js +215 -0
- package/dist/directive-handling.persist.runtime.js +1 -1
- package/dist/directory-cli-CinbUxv4.js +240 -0
- package/dist/dispatch-MnxNMsTX.js +1131 -0
- package/dist/dispatch-acp-CkcF0OCD.js +981 -0
- package/dist/dispatch-acp-manager.runtime-C1nWu1uE.js +3 -0
- package/dist/dispatch-acp-manager.runtime.js +1 -1
- package/dist/dispatch-acp-media.runtime-CrC5nXXy.js +4 -0
- package/dist/dispatch-acp-media.runtime.js +1 -1
- package/dist/dispatch-acp-session.runtime-C_GFMR0r.js +2 -0
- package/dist/dispatch-acp-session.runtime.js +1 -1
- package/dist/dispatch-acp.runtime-CWcJoK7v.js +19 -0
- package/dist/dispatch-acp.runtime.js +1 -1
- package/dist/doctor-config-flow-BQjLEW5b.js +420 -0
- package/dist/doctor-config-preflight-B3VVSleh.js +63 -0
- package/dist/doctor-config-preflight-BBOEq7ti.js +2 -0
- package/dist/doctor-device-pairing-Ccd9bfi0.js +307 -0
- package/dist/doctor-gateway-daemon-flow-vXXN636C.js +250 -0
- package/dist/doctor-gateway-health-to-oUHeN.js +63 -0
- package/dist/doctor-health-C3ZtwUoH.js +59 -0
- package/dist/doctor-health-contributions-C6IlokOG.js +493 -0
- package/dist/doctor-prompter-DtNoFi2a.js +56 -0
- package/dist/doctor-sandbox-DAb-mQpy.js +194 -0
- package/dist/doctor-state-migrations-36dXc9ct.js +2 -0
- package/dist/doctor-workspace-status-CQB7xbnW.js +75 -0
- package/dist/dreaming-BbN5wJdM.js +1582 -0
- package/dist/dreaming-narrative-Dra5GiQh.js +596 -0
- package/dist/embedded-gateway-stub.runtime-B9NXS2Vr.js +9 -0
- package/dist/embedded-gateway-stub.runtime.js +1 -1
- package/dist/embedding-provider-B9F-kCH3.js +118 -0
- package/dist/embeddings-BCVqTyaZ.js +215 -0
- package/dist/embeddings-http-CCsd7vWB.js +205 -0
- package/dist/entry.js +2 -2
- package/dist/exec-approval-forwarder.runtime-CMniJyXX.js +3 -0
- package/dist/exec-approval-forwarder.runtime.js +1 -1
- package/dist/exec-approvals-cli-BMIvTLCd.js +498 -0
- package/dist/exec-defaults-BWb7bhoE.js +2 -0
- package/dist/exec-defaults-CE8PArh-.js +67 -0
- package/dist/execute.runtime-Bhup95bB.js +1359 -0
- package/dist/execute.runtime.js +1 -1
- package/dist/extensionAPI.js +3 -3
- package/dist/extensions/active-memory/index.js +3 -3
- package/dist/extensions/alibaba/index.js +1 -1
- package/dist/extensions/alibaba/video-generation-provider.js +1 -1
- package/dist/extensions/arcee/index.js +2 -2
- package/dist/extensions/bluebubbles/api.js +3 -3
- package/dist/extensions/bluebubbles/channel-plugin-api.js +1 -1
- package/dist/extensions/browser/browser-bridge.js +1 -1
- package/dist/extensions/browser/browser-config.js +4 -4
- package/dist/extensions/browser/browser-control-auth.js +2 -2
- package/dist/extensions/browser/browser-doctor.js +2 -2
- package/dist/extensions/browser/browser-maintenance.js +2 -2
- package/dist/extensions/browser/browser-profiles.js +2 -2
- package/dist/extensions/browser/browser-runtime-api.js +10 -10
- package/dist/extensions/browser/index.js +1 -1
- package/dist/extensions/browser/plugin-registration.js +1 -1
- package/dist/extensions/browser/register.runtime.js +3 -3
- package/dist/extensions/browser/runtime-api.js +11 -11
- package/dist/extensions/browser/test-support.js +1 -1
- package/dist/extensions/byteplus/index.js +3 -3
- package/dist/extensions/byteplus/video-generation-provider.js +1 -1
- package/dist/extensions/chutes/index.js +4 -4
- package/dist/extensions/cloudflare-ai-gateway/api.js +1 -1
- package/dist/extensions/cloudflare-ai-gateway/catalog-provider.js +1 -1
- package/dist/extensions/cloudflare-ai-gateway/index.js +2 -2
- package/dist/extensions/comfy/image-generation-provider.js +2 -2
- package/dist/extensions/comfy/index.js +5 -5
- package/dist/extensions/comfy/music-generation-provider.js +1 -1
- package/dist/extensions/comfy/video-generation-provider.js +2 -2
- package/dist/extensions/comfy/workflow-runtime.js +1 -1
- package/dist/extensions/deepseek/index.js +1 -1
- package/dist/extensions/device-pair/api.js +2 -2
- package/dist/extensions/device-pair/index.js +4 -4
- package/dist/extensions/device-pair/notify.js +1 -1
- package/dist/extensions/device-pair/pair-command-approve.js +1 -1
- package/dist/extensions/device-pair/qr-image.js +2 -2
- package/dist/extensions/fal/image-generation-provider.js +1 -1
- package/dist/extensions/fal/index.js +3 -3
- package/dist/extensions/fal/provider-registration.js +1 -1
- package/dist/extensions/fal/test-api.js +2 -2
- package/dist/extensions/fal/video-generation-provider.js +1 -1
- package/dist/extensions/fireworks/index.js +1 -1
- package/dist/extensions/github-copilot/api.js +1 -1
- package/dist/extensions/github-copilot/auth.js +1 -1
- package/dist/extensions/github-copilot/embeddings.js +1 -1
- package/dist/extensions/github-copilot/index.js +4 -4
- package/dist/extensions/github-copilot/login.js +1 -1
- package/dist/extensions/github-copilot/register.runtime.js +2 -2
- package/dist/extensions/google-meet/index.js +6 -6
- package/dist/extensions/groq/index.js +1 -1
- package/dist/extensions/groq/media-understanding-provider.js +1 -1
- package/dist/extensions/groq/test-api.js +1 -1
- package/dist/extensions/huggingface/index.js +1 -1
- package/dist/extensions/image-generation-core/api.js +2 -2
- package/dist/extensions/imessage/api.js +4 -4
- package/dist/extensions/imessage/channel-plugin-api.js +1 -1
- package/dist/extensions/imessage/runtime-api.js +5 -5
- package/dist/extensions/imessage/test-api.js +1 -1
- package/dist/extensions/irc/api.js +2 -2
- package/dist/extensions/irc/channel-plugin-api.js +1 -1
- package/dist/extensions/kilocode/index.js +1 -1
- package/dist/extensions/kimi-coding/index.js +2 -2
- package/dist/extensions/line/api.js +2 -2
- package/dist/extensions/line/channel-plugin-api.js +1 -1
- package/dist/extensions/line/contract-api.js +1 -1
- package/dist/extensions/line/runtime-api.js +4 -4
- package/dist/extensions/line/setup-api.js +1 -1
- package/dist/extensions/litellm/index.js +1 -1
- package/dist/extensions/lmstudio/api.js +2 -2
- package/dist/extensions/lmstudio/index.js +3 -3
- package/dist/extensions/lmstudio/memory-embedding-adapter.js +1 -1
- package/dist/extensions/lmstudio/runtime-api.js +1 -1
- package/dist/extensions/lobster/runtime-api.js +1 -1
- package/dist/extensions/mattermost/api.js +1 -1
- package/dist/extensions/mattermost/channel-plugin-api.js +1 -1
- package/dist/extensions/mattermost/channel-plugin-runtime.js +1 -1
- package/dist/extensions/mattermost/policy-api.js +1 -1
- package/dist/extensions/mattermost/runtime-api.js +7 -7
- package/dist/extensions/mattermost/slash-route-api.js +1 -1
- package/dist/extensions/media-understanding-core/runtime-api.js +2 -2
- package/dist/extensions/memory-core/api.js +1 -1
- package/dist/extensions/memory-core/cli-metadata.js +2 -2
- package/dist/extensions/memory-core/index.js +3 -3
- package/dist/extensions/memory-lancedb/cli-metadata.js +1 -1
- package/dist/extensions/memory-lancedb/index.js +1 -1
- package/dist/extensions/memory-wiki/cli-metadata.js +1 -1
- package/dist/extensions/memory-wiki/index.js +1 -1
- package/dist/extensions/microsoft/index.js +1 -1
- package/dist/extensions/microsoft/speech-provider.js +1 -1
- package/dist/extensions/microsoft/test-api.js +1 -1
- package/dist/extensions/microsoft-foundry/auth.js +1 -1
- package/dist/extensions/microsoft-foundry/cli.js +1 -1
- package/dist/extensions/microsoft-foundry/index.js +1 -1
- package/dist/extensions/microsoft-foundry/onboard.js +2 -2
- package/dist/extensions/microsoft-foundry/provider.js +1 -1
- package/dist/extensions/microsoft-foundry/runtime.js +1 -1
- package/dist/extensions/microsoft-foundry/shared-runtime.js +2 -2
- package/dist/extensions/microsoft-foundry/shared.js +1 -1
- package/dist/extensions/minimax/image-generation-provider.js +1 -1
- package/dist/extensions/minimax/index.js +6 -6
- package/dist/extensions/minimax/media-understanding-provider.js +1 -1
- package/dist/extensions/minimax/music-generation-provider.js +1 -1
- package/dist/extensions/minimax/oauth.js +1 -1
- package/dist/extensions/minimax/oauth.runtime.js +1 -1
- package/dist/extensions/minimax/provider-registration.js +1 -1
- package/dist/extensions/minimax/speech-provider.js +1 -1
- package/dist/extensions/minimax/test-api.js +4 -4
- package/dist/extensions/minimax/video-generation-provider.js +1 -1
- package/dist/extensions/mistral/index.js +2 -2
- package/dist/extensions/mistral/media-understanding-provider.js +1 -1
- package/dist/extensions/mistral/test-api.js +1 -1
- package/dist/extensions/moonshot/index.js +2 -2
- package/dist/extensions/moonshot/media-understanding-provider.js +1 -1
- package/dist/extensions/moonshot/test-api.js +1 -1
- package/dist/extensions/msteams/api.js +1 -1
- package/dist/extensions/msteams/channel-plugin-api.js +1 -1
- package/dist/extensions/msteams/runtime-api.js +4 -4
- package/dist/extensions/msteams/test-api.js +1 -1
- package/dist/extensions/nextcloud-talk/api.js +1 -1
- package/dist/extensions/nextcloud-talk/channel-plugin-api.js +1 -1
- package/dist/extensions/nextcloud-talk/runtime-api.js +2 -2
- package/dist/extensions/nvidia/index.js +1 -1
- package/dist/extensions/ollama/api.js +3 -3
- package/dist/extensions/ollama/index.js +9 -9
- package/dist/extensions/ollama/runtime-api.js +2 -2
- package/dist/extensions/ollama/web-search-provider.js +1 -1
- package/dist/extensions/openai/api.js +2 -2
- package/dist/extensions/openai/image-generation-provider.js +1 -1
- package/dist/extensions/openai/index.js +6 -6
- package/dist/extensions/openai/media-understanding-provider.js +1 -1
- package/dist/extensions/openai/openai-codex-provider.js +1 -1
- package/dist/extensions/openai/openai-provider.js +1 -1
- package/dist/extensions/openai/register.runtime.js +4 -4
- package/dist/extensions/openai/test-api.js +3 -3
- package/dist/extensions/openai/video-generation-provider.js +1 -1
- package/dist/extensions/opencode/index.js +2 -2
- package/dist/extensions/opencode/media-understanding-provider.js +1 -1
- package/dist/extensions/opencode-go/index.js +2 -2
- package/dist/extensions/opencode-go/media-understanding-provider.js +1 -1
- package/dist/extensions/openrouter/api.js +1 -1
- package/dist/extensions/openrouter/image-generation-provider.js +1 -1
- package/dist/extensions/openrouter/index.js +4 -4
- package/dist/extensions/openrouter/media-understanding-provider.js +1 -1
- package/dist/extensions/openrouter/register.runtime.js +3 -3
- package/dist/extensions/openrouter/test-api.js +2 -2
- package/dist/extensions/openshell/index.js +3 -3
- package/dist/extensions/qianfan/index.js +1 -1
- package/dist/extensions/qwen/index.js +3 -3
- package/dist/extensions/qwen/media-understanding-provider.js +1 -1
- package/dist/extensions/qwen/test-api.js +2 -2
- package/dist/extensions/qwen/video-generation-provider.js +1 -1
- package/dist/extensions/runway/index.js +1 -1
- package/dist/extensions/runway/video-generation-provider.js +1 -1
- package/dist/extensions/signal/api.js +6 -6
- package/dist/extensions/signal/channel-plugin-api.js +1 -1
- package/dist/extensions/signal/reaction-runtime-api.js +1 -1
- package/dist/extensions/signal/runtime-api.js +9 -9
- package/dist/extensions/skill-workshop/api.js +1 -1
- package/dist/extensions/skill-workshop/index.js +2 -2
- package/dist/extensions/speech-core/runtime-api.js +1 -1
- package/dist/extensions/stepfun/index.js +2 -2
- package/dist/extensions/synology-chat/api.js +1 -1
- package/dist/extensions/synology-chat/channel-plugin-api.js +1 -1
- package/dist/extensions/synthetic/index.js +1 -1
- package/dist/extensions/talk-voice/index.js +1 -1
- package/dist/extensions/tencent/index.js +2 -2
- package/dist/extensions/thread-ownership/index.js +1 -1
- package/dist/extensions/tlon/api.js +2 -2
- package/dist/extensions/tlon/channel-plugin-api.js +1 -1
- package/dist/extensions/tlon/runtime-api.js +1 -1
- package/dist/extensions/tlon/test-api.js +1 -1
- package/dist/extensions/together/index.js +2 -2
- package/dist/extensions/together/video-generation-provider.js +1 -1
- package/dist/extensions/twitch/api.js +1 -1
- package/dist/extensions/twitch/channel-plugin-api.js +1 -1
- package/dist/extensions/twitch/setup-plugin-api.js +1 -1
- package/dist/extensions/venice/index.js +1 -1
- package/dist/extensions/vercel-ai-gateway/index.js +1 -1
- package/dist/extensions/voice-call/index.js +1 -1
- package/dist/extensions/voice-call/runtime-entry.js +1 -1
- package/dist/extensions/volcengine/index.js +2 -2
- package/dist/extensions/vydra/image-generation-provider.js +1 -1
- package/dist/extensions/vydra/index.js +4 -4
- package/dist/extensions/vydra/video-generation-provider.js +1 -1
- package/dist/extensions/xai/api.js +2 -2
- package/dist/extensions/xai/code-execution.js +2 -2
- package/dist/extensions/xai/image-generation-provider.js +1 -1
- package/dist/extensions/xai/index.js +6 -6
- package/dist/extensions/xai/speech-provider.js +1 -1
- package/dist/extensions/xai/tts.js +1 -1
- package/dist/extensions/xai/video-generation-provider.js +1 -1
- package/dist/extensions/xai/x-search.js +2 -2
- package/dist/extensions/xiaomi/index.js +1 -1
- package/dist/extensions/zai/index.js +2 -2
- package/dist/extensions/zai/media-understanding-provider.js +1 -1
- package/dist/extensions/zai/test-api.js +1 -1
- package/dist/extensions/zalo/api.js +3 -3
- package/dist/extensions/zalo/channel-plugin-api.js +1 -1
- package/dist/extensions/zalo/runtime-api.js +2 -2
- package/dist/extensions/zalo/setup-api.js +2 -2
- package/dist/extensions/zalouser/api.js +3 -3
- package/dist/extensions/zalouser/channel-plugin-api.js +1 -1
- package/dist/extensions/zalouser/runtime-api.js +7 -7
- package/dist/extensions/zalouser/setup-plugin-api.js +1 -1
- package/dist/extensions/zalouser/test-api.js +1 -1
- package/dist/fallbacks-CNYcJGsI.js +31 -0
- package/dist/fallbacks-CpvN52vL.js +2 -0
- package/dist/fallbacks-shared-BMRmctbx.js +111 -0
- package/dist/gateway-_SCycjaN.js +115 -0
- package/dist/gateway-cli-CqpPxleQ.js +1283 -0
- package/dist/gateway-rpc-BsLYIv5w.js +14 -0
- package/dist/gateway-rpc.runtime-CyZZSmG_.js +23 -0
- package/dist/gateway-rpc.runtime.js +1 -1
- package/dist/gateway-runtime-BHDtRng9.js +15 -0
- package/dist/gateway-status-CZIozTnz.js +584 -0
- package/dist/genesis-tools-C0nPYE5t.js +9435 -0
- package/dist/genesis-tools.runtime-CY_LbvH7.js +2 -0
- package/dist/genesis-tools.runtime.js +1 -1
- package/dist/get-reply-from-config.runtime-BT7Vqesa.js +2 -0
- package/dist/get-reply-from-config.runtime.js +1 -1
- package/dist/get-reply-tZVDzC6p.js +3946 -0
- package/dist/gmail-watcher-lifecycle-BYRHDXCT.js +2 -0
- package/dist/graph-users-CeLSqImM.js +1337 -0
- package/dist/health-BWIRYEwF.js +3 -0
- package/dist/health-QMMhy2Dz.js +420 -0
- package/dist/health-route--sJRGxK7.js +41 -0
- package/dist/health-route-Nshh2-05.js +2 -0
- package/dist/hooks-cli-qlVfZ69O.js +433 -0
- package/dist/http-endpoint-helpers-D5HkMFwp.js +41 -0
- package/dist/http-utils-LFOvdepz.js +924 -0
- package/dist/image-fallbacks-DqJubFFl.js +2 -0
- package/dist/image-fallbacks-Dw2qDUfx.js +31 -0
- package/dist/image-generation-core-DasXukAP.js +18 -0
- package/dist/image-generation-core.auth.runtime.js +1 -1
- package/dist/image-generation-provider-BUYDznhO.js +157 -0
- package/dist/image-generation-provider-CZsEm9qP.js +137 -0
- package/dist/image-generation-provider-DfAtOfEj.js +95 -0
- package/dist/image-generation-provider-Dksuo9OZ.js +529 -0
- package/dist/image-generation-provider-TlVk_XqK.js +63 -0
- package/dist/image-generation-provider-YwugArNw.js +274 -0
- package/dist/image-generation-provider-bWlq5yUE.js +228 -0
- package/dist/image-runtime-CswgJNvs.js +9 -0
- package/dist/inbound-reply-dispatch-CACe9Tz8.js +73 -0
- package/dist/inbound.runtime-Bw0JSbxR.js +4 -0
- package/dist/inbound.runtime-DjvZZHXI.js +3 -0
- package/dist/inbound.runtime.js +1 -1
- package/dist/index.js +2 -2
- package/dist/infra-runtime-fiXnmsj0.js +38 -0
- package/dist/init-Biz2hP6-.js +59 -0
- package/dist/install-CYvCH-s3.js +726 -0
- package/dist/install-security-scan-B7ZoC2Vw.js +26 -0
- package/dist/install-security-scan.runtime-iZsF-J1u.js +671 -0
- package/dist/install-security-scan.runtime.js +1 -1
- package/dist/install.runtime-BAqg9YWO.js +27 -0
- package/dist/install.runtime-Cc9Bf7A6.js +12 -0
- package/dist/install.runtime.js +1 -1
- package/dist/jobs-BIi6klWl.js +729 -0
- package/dist/library-B1Qi-7is.js +45 -0
- package/dist/lifecycle-CwTeSNb3.js +571 -0
- package/dist/lifecycle-DTuqSjDi.js +229 -0
- package/dist/lifecycle.runtime-L87U4LxS.js +2 -0
- package/dist/lifecycle.runtime.js +1 -1
- package/dist/list-C9_Rnbic.js +131 -0
- package/dist/list-DhQ19wW5.js +2 -0
- package/dist/list-GcjeBBI7.js +2 -0
- package/dist/list-O4TnoMHO.js +1212 -0
- package/dist/list.probe-DYyzi71E.js +419 -0
- package/dist/live-model-switch-CWgg2Ggb.js +336 -0
- package/dist/llm-slug-generator-yBet6xOg.js +79 -0
- package/dist/llm-slug-generator.js +1 -1
- package/dist/load-config-Cp-DUOb2.js +35 -0
- package/dist/loader-DsEya2Rd.js +222 -0
- package/dist/local-dispatch.runtime-RVsdeP5H.js +8 -0
- package/dist/local-dispatch.runtime.js +1 -1
- package/dist/login-M0JiZwmc.js +108 -0
- package/dist/logs-cli-D9A-A-9o.js +265 -0
- package/dist/logs-cli.runtime-IDuSVdCP.js +2 -0
- package/dist/logs-cli.runtime.js +1 -1
- package/dist/main-session-restart-recovery-Ck4FVNm4.js +206 -0
- package/dist/managed-image-attachments-C5QQL-vS.js +2 -0
- package/dist/managed-image-attachments-XoAQCwbd.js +635 -0
- package/dist/manager-CSBGjyBv.js +2057 -0
- package/dist/manager-wkR4Iytv.js +2 -0
- package/dist/markdown-to-line-BTkqph9t.js +790 -0
- package/dist/mcp/plugin-tools-serve.js +1 -1
- package/dist/mcp-cli-BYatxokX.js +725 -0
- package/dist/mcp-http-D5Jg_G_4.js +529 -0
- package/dist/mcp-oauth-embedded.runtime-Bg_5jTnW.js +111 -0
- package/dist/mcp-oauth-embedded.runtime.js +1 -0
- package/dist/media-runtime-BetXjDy_.js +329 -0
- package/dist/media-understanding-PrCTBqs6.js +85 -0
- package/dist/media-understanding-provider-BOJyh6FF.js +85 -0
- package/dist/media-understanding-provider-BQqWS6FP.js +18 -0
- package/dist/media-understanding-provider-BVI5_wpJ.js +12 -0
- package/dist/media-understanding-provider-BvANUUsD.js +37 -0
- package/dist/media-understanding-provider-CmJsqky4.js +69 -0
- package/dist/media-understanding-provider-D160isav.js +28 -0
- package/dist/media-understanding-provider-DLdtS2i0.js +12 -0
- package/dist/media-understanding-provider-DbYma1pc.js +21 -0
- package/dist/media-understanding-provider-DgKlDcus.js +18 -0
- package/dist/media-understanding-provider-Dt4kGn2a.js +13 -0
- package/dist/media-understanding-runtime-7Pt0cFob.js +2 -0
- package/dist/memory-core-host-runtime-cli-D5FBfgB5.js +9 -0
- package/dist/memory-embedding-adapter-bqPa42NQ.js +123 -0
- package/dist/memory-host-search-595fbsH5.js +12 -0
- package/dist/memory-host-search.runtime.js +1 -1
- package/dist/message-DYkh5sOP.js +232 -0
- package/dist/message-action-runner-CJGAC14u.js +1407 -0
- package/dist/message-action-runner-DEc3L86w.js +2 -0
- package/dist/message-actions-Dh0dkVuL.js +143 -0
- package/dist/message.config.runtime.js +1 -1
- package/dist/message.gateway.runtime-C66L1TQ8.js +2 -0
- package/dist/message.gateway.runtime.js +1 -1
- package/dist/method-scopes-TWVLEUXZ.js +239 -0
- package/dist/model-picker-DJQ_lN5J.js +3 -0
- package/dist/model-picker-f_kmCGgt.js +559 -0
- package/dist/model-picker.runtime-Bua1ZV3T.js +15 -0
- package/dist/model-picker.runtime.js +1 -1
- package/dist/model-selection-DRe0f5zo.js +212 -0
- package/dist/models-auth-status-hLHyMRg4.js +217 -0
- package/dist/models-cli-A3K5ngLW.js +271 -0
- package/dist/models-http-PC5-c2lS.js +92 -0
- package/dist/models.fetch-CsIbuvYn.js +518 -0
- package/dist/monitor-BGPc6S-l.js +788 -0
- package/dist/monitor-C8edroDo.js +671 -0
- package/dist/monitor-CFsyjwnu.js +1661 -0
- package/dist/monitor-Dl0w1_43.js +1237 -0
- package/dist/monitor-DlxT-Knr.js +2 -0
- package/dist/monitor-auth-ke97RkAT.js +207 -0
- package/dist/monitor-c-H6NZB1.js +1459 -0
- package/dist/monitor-processing-B39UHhPl.js +1974 -0
- package/dist/monitor.runtime-bk4_-UQP.js +2 -0
- package/dist/monitor.runtime.js +1 -1
- package/dist/monitor.webhook-h5bgSJwm.js +180 -0
- package/dist/msteams-ISVbP_K_.js +35 -0
- package/dist/music-generation-provider-D1C-gv82.js +63 -0
- package/dist/music-generation-provider-Da4aNlMi.js +170 -0
- package/dist/native-hook-relay-Bc5mlw9g.js +519 -0
- package/dist/nextcloud-talk-CbYNP-yd.js +17 -0
- package/dist/node-cli-0u8AZQyg.js +2276 -0
- package/dist/nodes-cli-CQMWvWMg.js +1046 -0
- package/dist/nodes-utils-DOQtMWOk.js +84 -0
- package/dist/nodes.helpers-C4kSQFC6.js +34 -0
- package/dist/notify-nTgfrNiE.js +315 -0
- package/dist/oauth-CMgJwuws.js +2 -0
- package/dist/oauth-CkVdnYWF.js +152 -0
- package/dist/oauth-DyK5hAZs.js +139 -0
- package/dist/oauth-OBOUymgi.js +75 -0
- package/dist/oauth.flow-BLoyN3lV.js +3 -0
- package/dist/oauth.flow-DH06lWCO.js +45 -0
- package/dist/onboard-C-WpjREP.js +316 -0
- package/dist/onboard-C3joem4P.js +2 -0
- package/dist/onboard-CLxVG_dm.js +70 -0
- package/dist/onboard-channels-BeLqCc-3.js +2 -0
- package/dist/onboard-channels-DvKo0QB_.js +3 -0
- package/dist/onboard-custom-BXb7qIWz.js +3 -0
- package/dist/onboard-custom-ClkyPqIy.js +271 -0
- package/dist/onboard-helpers-CzWgl6b5.js +204 -0
- package/dist/onboard-helpers-DN7Wm9fW.js +6 -0
- package/dist/onboard-interactive-BGd6aTeV.js +24 -0
- package/dist/onboard-non-interactive-CtThtPt1.js +635 -0
- package/dist/onboard-remote-C-N2VHxH.js +2 -0
- package/dist/onboard-remote-C8Pd_O6i.js +193 -0
- package/dist/onboard-skills-CVLAHKbc.js +2 -0
- package/dist/onboard-skills-Dfyg3uoq.js +134 -0
- package/dist/onboarding-plugin-install-CSJX8VZv.js +406 -0
- package/dist/openai-codex-provider-ChrCVEw6.js +472 -0
- package/dist/openai-http-BEKA7a56.js +500 -0
- package/dist/openai-provider-CBFc7f3l.js +313 -0
- package/dist/opencode-D8fX4akZ.js +35 -0
- package/dist/openresponses-http-CXR1xS4b.js +1128 -0
- package/dist/operator-approvals-client-Cbb5L4kC.js +68 -0
- package/dist/outbound-runtime-BcayPyTD.js +5 -0
- package/dist/outbound.runtime-BfwyPtqz.js +2 -0
- package/dist/outbound.runtime.js +1 -1
- package/dist/pair-command-approve-DxGuoQgs.js +44 -0
- package/dist/persistent-bindings.lifecycle-Cm2JgJ1m.js +2 -0
- package/dist/persistent-bindings.lifecycle-G6-GKVJ-.js +85 -0
- package/dist/pi-bundle-mcp-runtime-BxuXFq8N.js +2 -0
- package/dist/pi-bundle-mcp-runtime-ZvnA7GLK.js +854 -0
- package/dist/pi-bundle-mcp-tools-Cq0oKMGx.js +108 -0
- package/dist/pi-embedded-BhegMC8S.js +4 -0
- package/dist/pi-embedded-DSK_Kmte.js +2905 -0
- package/dist/pi-embedded-subscribe.handlers.compaction.runtime-DRkY_7mg.js +23 -0
- package/dist/pi-embedded-subscribe.handlers.compaction.runtime.js +1 -1
- package/dist/pi-embedded.runtime-De_h6P_Z.js +4 -0
- package/dist/pi-embedded.runtime.js +1 -1
- package/dist/pi-tool-definition-adapter-NXBjo73N.js +229 -0
- package/dist/pi-tools-DZSC_w6D.js +1118 -0
- package/dist/pi-tools.before-tool-call-BwU95vEl.js +433 -0
- package/dist/pi-tools.before-tool-call-D_7nYeEk.js +2 -0
- package/dist/plugin-Buwbxy6j.js +12195 -0
- package/dist/plugin-enabled-K5XYrDLJ.js +140 -0
- package/dist/plugin-install-DwdyYiEf.js +115 -0
- package/dist/plugin-install-config-policy-BGQ3WzJO.js +137 -0
- package/dist/plugin-install-ldcXmOz8.js +2 -0
- package/dist/plugin-install-plan-DXvNElN2.js +50 -0
- package/dist/plugin-registration-BCJ8Erq-.js +23 -0
- package/dist/plugin-sdk/.boundary-entry-shims.stamp +1 -1
- package/dist/plugin-sdk/acp-binding-runtime.js +1 -1
- package/dist/plugin-sdk/acp-runtime.js +3 -3
- package/dist/plugin-sdk/agent-harness-runtime.js +6 -6
- package/dist/plugin-sdk/agent-harness.js +7 -7
- package/dist/plugin-sdk/agent-runtime.js +2 -2
- package/dist/plugin-sdk/approval-gateway-runtime.js +2 -2
- package/dist/plugin-sdk/approval-handler-runtime.js +3 -3
- package/dist/plugin-sdk/approval-runtime.js +1 -1
- package/dist/plugin-sdk/browser-node-runtime.js +4 -4
- package/dist/plugin-sdk/browser-setup-tools.js +3 -3
- package/dist/plugin-sdk/browser-support.js +7 -7
- package/dist/plugin-sdk/channel-core.js +2 -2
- package/dist/plugin-sdk/channel-inbound.js +3 -3
- package/dist/plugin-sdk/command-auth.js +2 -2
- package/dist/plugin-sdk/command-status-runtime.js +1 -1
- package/dist/plugin-sdk/compat.js +1 -1
- package/dist/plugin-sdk/config-runtime.js +3 -3
- package/dist/plugin-sdk/conversation-binding-runtime.js +1 -1
- package/dist/plugin-sdk/conversation-runtime.js +4 -4
- package/dist/plugin-sdk/core.js +2 -2
- package/dist/plugin-sdk/direct-dm.js +1 -1
- package/dist/plugin-sdk/gateway-runtime.js +3 -3
- package/dist/plugin-sdk/image-generation-core.js +2 -2
- package/dist/plugin-sdk/inbound-reply-dispatch.js +1 -1
- package/dist/plugin-sdk/index.js +1 -1
- package/dist/plugin-sdk/infra-runtime.js +2 -2
- package/dist/plugin-sdk/irc.js +2 -2
- package/dist/plugin-sdk/matrix.js +1 -1
- package/dist/plugin-sdk/mattermost.js +2 -2
- package/dist/plugin-sdk/media-runtime.js +5 -5
- package/dist/plugin-sdk/media-understanding-runtime.js +2 -2
- package/dist/plugin-sdk/media-understanding.js +2 -2
- package/dist/plugin-sdk/memory-core-host-runtime-cli.js +2 -2
- package/dist/plugin-sdk/memory-core.js +2 -2
- package/dist/plugin-sdk/memory-host-search.js +1 -1
- package/dist/plugin-sdk/msteams.js +3 -3
- package/dist/plugin-sdk/nextcloud-talk.js +2 -2
- package/dist/plugin-sdk/nostr.js +1 -1
- package/dist/plugin-sdk/opencode.js +1 -1
- package/dist/plugin-sdk/outbound-runtime.js +2 -2
- package/dist/plugin-sdk/provider-auth-api-key.js +2 -2
- package/dist/plugin-sdk/provider-auth-login.js +1 -1
- package/dist/plugin-sdk/provider-auth.js +2 -2
- package/dist/plugin-sdk/provider-entry.js +1 -1
- package/dist/plugin-sdk/reply-dispatch-runtime.js +1 -1
- package/dist/plugin-sdk/reply-runtime.js +4 -4
- package/dist/plugin-sdk/runtime-doctor.js +1 -1
- package/dist/plugin-sdk/runtime-secret-resolution.js +1 -1
- package/dist/plugin-sdk/runtime.js +3 -3
- package/dist/plugin-sdk/sandbox.js +1 -1
- package/dist/plugin-sdk/session-store-runtime.js +1 -1
- package/dist/plugin-sdk/session-visibility.js +1 -1
- package/dist/plugin-sdk/skill-commands-runtime.js +1 -1
- package/dist/plugin-sdk/src/config/types.mcp.d.ts +13 -0
- package/dist/plugin-sdk/src/gateway/protocol/index.d.ts +29 -3
- package/dist/plugin-sdk/src/gateway/protocol/schema/mcp.d.ts +52 -0
- package/dist/plugin-sdk/src/gateway/protocol/schema/protocol-schemas.d.ts +52 -0
- package/dist/plugin-sdk/src/gateway/protocol/schema/types.d.ts +8 -0
- package/dist/plugin-sdk/testing.js +4 -4
- package/dist/plugin-sdk/tlon.js +1 -1
- package/dist/plugin-sdk/zalo.js +1 -1
- package/dist/plugin-sdk/zalouser.js +1 -1
- package/dist/plugin-service-O0Nka2ql.js +2893 -0
- package/dist/plugins/runtime/index.js +1 -1
- package/dist/plugins-cli-CUZMkYFB.js +584 -0
- package/dist/plugins-command-helpers-BGFL7yp7.js +107 -0
- package/dist/plugins-install-persist-Cp8tSsno.js +133 -0
- package/dist/plugins-update-command-Ds_N9qES.js +1057 -0
- package/dist/policy-BcEBQrBb.js +328 -0
- package/dist/postinstall-inventory.json +711 -709
- package/dist/prepare.runtime-4-4zFPyi.js +807 -0
- package/dist/prepare.runtime.js +1 -1
- package/dist/probe-B1L2nZVS.js +243 -0
- package/dist/probe-Bj5TYODu.js +2 -0
- package/dist/probe-CM64ZU4h.js +2205 -0
- package/dist/probe-D-WslSkr.js +1443 -0
- package/dist/probe-DDW3LKLY.js +240 -0
- package/dist/probe-DIojWUct.js +45 -0
- package/dist/probe-DUvHddgr.js +2 -0
- package/dist/probe-DcVkQ45O.js +74 -0
- package/dist/program-C2WMGRGS.js +111 -0
- package/dist/prompt-select-styled-DyuhVmKx.js +20 -0
- package/dist/protocol-D-HTtPao.js +2586 -0
- package/dist/provider-BSqWTcoz.js +70 -0
- package/dist/provider-api-key-auth-C92t3JTu.js +131 -0
- package/dist/provider-api-key-auth.runtime.js +1 -1
- package/dist/provider-auth-api-key-zf0PU9U_.js +5 -0
- package/dist/provider-auth-choice-palZRKPG.js +228 -0
- package/dist/provider-auth-hCEy91hA.js +46 -0
- package/dist/provider-auth-login-D4MC4bs_.js +8 -0
- package/dist/provider-auth-login.runtime.js +1 -1
- package/dist/provider-dispatcher-B9Bi64PF.js +2 -0
- package/dist/provider-dispatcher-W0BQ6JBa.js +22 -0
- package/dist/provider-entry-DZDgzWTU.js +106 -0
- package/dist/provider-model-defaults-DC1PMV0H.js +6 -0
- package/dist/provider-registration-BSHUosM7.js +218 -0
- package/dist/provider-registration-CA9-PRDk.js +37 -0
- package/dist/qr-cli-CuHAMWri.js +349 -0
- package/dist/qr-cli-XFbmt6Yy.js +2 -0
- package/dist/qr-image-BDoVY1GF.js +2 -0
- package/dist/queue-BljsBBtU.js +409 -0
- package/dist/reaction-runtime-api-BVLM-96j.js +116 -0
- package/dist/reactions-C1FEqLK1.js +998 -0
- package/dist/read-capability-YFf_CDLF.js +412 -0
- package/dist/register-service-commands-BfHk7oaS.js +71 -0
- package/dist/register.agent-DXzxIclN.js +248 -0
- package/dist/register.configure-CXufs_DG.js +15 -0
- package/dist/register.maintenance-WJgi56ww.js +363 -0
- package/dist/register.message-D644NowA.js +329 -0
- package/dist/register.onboard-Dts_81Kq.js +88 -0
- package/dist/register.runtime-BGFNAs1W.js +81 -0
- package/dist/register.runtime.js +1 -1
- package/dist/register.setup-xdxtWT9Z.js +150 -0
- package/dist/register.status-health-sessions-cA5f30SV.js +1215 -0
- package/dist/register.subclis-BC8Xib58.js +29 -0
- package/dist/register.subclis-DMX7WW9_.js +3 -0
- package/dist/register.subclis-core-BQwVVxk1.js +249 -0
- package/dist/reply-dispatch-runtime-B8XDaURF.js +13 -0
- package/dist/reply-media-paths.runtime-C6-V86g1.js +146 -0
- package/dist/reply-media-paths.runtime-Cmms8y5S.js +2 -0
- package/dist/reply-media-paths.runtime.js +1 -1
- package/dist/reply-runtime-NyMLCW3E.js +10 -0
- package/dist/reply.runtime-edT3K6N7.js +2 -0
- package/dist/reply.runtime.js +1 -1
- package/dist/resolve-BHmKuinY.js +259 -0
- package/dist/response-generator-BxzbAKHi.js +175 -0
- package/dist/restart-health-1UMkTis9.js +202 -0
- package/dist/restart-health-DOVEX2Dr.js +2 -0
- package/dist/root-help-DOab9o7V.js +44 -0
- package/dist/route-reply-EPkWewCQ.js +162 -0
- package/dist/route-reply.runtime-Rem8ixbJ.js +2 -0
- package/dist/route-reply.runtime.js +1 -1
- package/dist/routes-C6KcWOET.js +3341 -0
- package/dist/routes-YiOyu7uC.js +2 -0
- package/dist/rpc-D58sqWd5.js +61 -0
- package/dist/rpc.runtime-B7TMomww.js +21 -0
- package/dist/rpc.runtime.js +1 -1
- package/dist/run-auth-profile.runtime-DrFMFMa5.js +2 -0
- package/dist/run-auth-profile.runtime.js +1 -1
- package/dist/run-delivery.runtime-unYfe21X.js +530 -0
- package/dist/run-delivery.runtime.js +1 -1
- package/dist/run-embedded.runtime-zHl2AfPi.js +4 -0
- package/dist/run-embedded.runtime.js +1 -1
- package/dist/run-execution-cli.runtime-Dz1dsRHM.js +4 -0
- package/dist/run-execution-cli.runtime.js +1 -1
- package/dist/run-executor.runtime-KX7eaa3W.js +277 -0
- package/dist/run-executor.runtime.js +1 -1
- package/dist/run-main-DDIezO6z.js +567 -0
- package/dist/run-subagent-registry.runtime-DJC3g4ZR.js +2 -0
- package/dist/run-subagent-registry.runtime.js +1 -1
- package/dist/run-wait-CpiyL2yQ.js +135 -0
- package/dist/runner-B8D0Coak.js +966 -0
- package/dist/runner.entries-DZUGr24v.js +604 -0
- package/dist/runtime-BshnyUPo.js +116 -0
- package/dist/runtime-CnTeeNB7.js +72 -0
- package/dist/runtime-DFBduVee.js +2 -0
- package/dist/runtime-DFsWYp04.js +961 -0
- package/dist/runtime-api-B-Rvnz8K.js +9 -0
- package/dist/runtime-api-BGjsjeDs.js +4 -0
- package/dist/runtime-api-BLmoQDr9.js +9 -0
- package/dist/runtime-api-C7sFkqAw.js +14 -0
- package/dist/runtime-co7Um4tt.js +263 -0
- package/dist/runtime-cvZCV2Ia.js +9 -0
- package/dist/runtime-embedded-pi.runtime-DhHN3TPm.js +2 -0
- package/dist/runtime-embedded-pi.runtime.js +1 -1
- package/dist/runtime-entry-g38-J35c.js +2769 -0
- package/dist/runtime-internal-BgtZ9qQE.js +2 -0
- package/dist/runtime-manifest.runtime.js +1 -1
- package/dist/runtime-options-DP77Ol0F.js +275 -0
- package/dist/runtime-prepare.runtime-DAaAh4tU.js +80 -0
- package/dist/runtime-prepare.runtime.js +1 -1
- package/dist/runtime-schema-UykYqADC.js +28599 -0
- package/dist/runtime-web-tools-DpTEm5uJ.js +1477 -0
- package/dist/runtime-web-tools-fallback.runtime.js +1 -1
- package/dist/runtime-web-tools-manifest.runtime.js +1 -1
- package/dist/runtime-web-tools-public-artifacts.runtime.js +1 -1
- package/dist/sandbox-DjUUwvID.js +3 -0
- package/dist/sandbox-IL2pQunA.js +1156 -0
- package/dist/sandbox-cli-C75oWfKU.js +450 -0
- package/dist/scan-DFZp_kSW.js +523 -0
- package/dist/scan-DGA0ZzcA.js +2 -0
- package/dist/secrets-cli-ea7rK5BG.js +2101 -0
- package/dist/security-cli-ho4WnkD2.js +486 -0
- package/dist/selection-9k1d9_Da.js +7743 -0
- package/dist/selection-Cp3CrNux.js +2 -0
- package/dist/send-CBwqDOfQ.js +156 -0
- package/dist/send-DpYdCf3A.js +102 -0
- package/dist/send.runtime-DPgv2Lc5.js +2 -0
- package/dist/send.runtime.js +1 -1
- package/dist/server-D7iFLwV2.js +13 -0
- package/dist/server-context-B8N_gqtd.js +2 -0
- package/dist/server-context-LNf4RJwd.js +847 -0
- package/dist/server-node-events-B0Jy5ges.js +474 -0
- package/dist/server-plugin-bootstrap-C50m7eyR.js +2 -0
- package/dist/server-plugin-bootstrap-CLJHt826.js +13703 -0
- package/dist/server-restart-sentinel--uTnlfGF.js +684 -0
- package/dist/server-yVgPsLY3.js +77 -0
- package/dist/server.impl-BlCJe-26.js +12804 -0
- package/dist/session-BThNEh5u.js +48 -0
- package/dist/session-archive.runtime.js +1 -1
- package/dist/session-envelope-tBfpcRRu.js +18 -0
- package/dist/session-key-De2wQZ8k.js +65 -0
- package/dist/session-kill-http-CGcsBC5N.js +110 -0
- package/dist/session-meta-Bpv85XpZ.js +109 -0
- package/dist/session-override-dIx8boay.js +106 -0
- package/dist/session-reset-model.runtime-BY5KYxcY.js +133 -0
- package/dist/session-reset-model.runtime.js +1 -1
- package/dist/session-reset-service-BdvoF6l9.js +497 -0
- package/dist/session-route-C6YYamP7.js +93 -0
- package/dist/session-status.runtime-DpxWfh54.js +2 -0
- package/dist/session-status.runtime.js +1 -1
- package/dist/session-store-DT5H5NRv.js +126 -0
- package/dist/session-store.runtime-CoRuKMfZ.js +2 -0
- package/dist/session-store.runtime.js +1 -1
- package/dist/session-subagent-reactivation.runtime-Ddt2B8nq.js +2 -0
- package/dist/session-subagent-reactivation.runtime.js +1 -1
- package/dist/session-tab-registry-Bwj7OJds.js +581 -0
- package/dist/session-updates-CHKrFM9H.js +236 -0
- package/dist/session-updates.runtime-CqylTFnb.js +2 -0
- package/dist/session-updates.runtime.js +1 -1
- package/dist/session-utils-otyfumhD.js +1009 -0
- package/dist/session-visibility-CMeipx_x.js +147 -0
- package/dist/sessions-BjHLgqjt.js +2 -0
- package/dist/sessions-C1_80mqv.js +48 -0
- package/dist/sessions-DjIcw5uP.js +281 -0
- package/dist/sessions-helpers-Crbc2V-c.js +305 -0
- package/dist/sessions-history-http-B1jARJH5.js +371 -0
- package/dist/sessions-patch-C1oxNf4r.js +309 -0
- package/dist/sessions-resolve-D8eCbDqe.js +174 -0
- package/dist/sessions-w6UJYMea.js +16 -0
- package/dist/sessions.runtime-Dh0ghDyO.js +2 -0
- package/dist/sessions.runtime.js +1 -1
- package/dist/setup-BrkQiUrj.js +421 -0
- package/dist/setup-DoOZ7cOr.js +636 -0
- package/dist/setup-api-COR0Hcnk.js +29 -0
- package/dist/setup-core-C5-HYDHu.js +176 -0
- package/dist/setup-core-Q7Gtw1Ov.js +171 -0
- package/dist/setup-surface-CBScP5vZ.js +219 -0
- package/dist/setup-surface-CPW1hR9X.js +286 -0
- package/dist/setup-surface-w8AJYpAw.js +403 -0
- package/dist/setup.finalize-CFQ5dk9P.js +547 -0
- package/dist/setup.gateway-config-CevZkqsU.js +250 -0
- package/dist/shared-BJOo71CE.js +121 -0
- package/dist/shared-C9DEgBKO.js +76 -0
- package/dist/shared-DWeIx7H_.js +198 -0
- package/dist/shared-G254rWzJ.js +217 -0
- package/dist/shared-runtime-CKzUXuwN.js +7 -0
- package/dist/skill-commands-DWC_vZ-J.js +83 -0
- package/dist/skill-commands.runtime-BMmD4lyW.js +2 -0
- package/dist/skill-commands.runtime.js +1 -1
- package/dist/skills-install-Bpfq1PgX.js +605 -0
- package/dist/skills-snapshot.runtime-uSs9vmlj.js +7 -0
- package/dist/skills-snapshot.runtime.js +1 -1
- package/dist/slash-state-DfyIhVQa.js +1911 -0
- package/dist/speech-provider-CcbYv8ap.js +216 -0
- package/dist/speech-provider-Cr1h-_-X.js +170 -0
- package/dist/speech-provider-Gif_hcpc.js +209 -0
- package/dist/src-D_pOANWx.js +3974 -0
- package/dist/stage-sandbox-media.runtime-_FkeTCA0.js +232 -0
- package/dist/stage-sandbox-media.runtime.js +1 -1
- package/dist/startup-context-u6H-cGD5.js +312 -0
- package/dist/state-migrations-BXYrr3Hc.js +820 -0
- package/dist/status-Bax-CYIA.js +2 -0
- package/dist/status-Bm_lDIZA.js +2 -0
- package/dist/status-C41OfbgU.js +209 -0
- package/dist/status-CJA5y0Ot.js +190 -0
- package/dist/status-CUZkKe39.js +62 -0
- package/dist/status-JI5DGJgd.js +395 -0
- package/dist/status-all-CyMiAz9D.js +498 -0
- package/dist/status-json-command-D3gfSQpJ.js +82 -0
- package/dist/status-json-wAtoMvEU.js +14 -0
- package/dist/status-liaGeQBF.js +3 -0
- package/dist/status-message-CZyHmUQr.js +466 -0
- package/dist/status-message.runtime-C1I59_ay.js +6 -0
- package/dist/status-message.runtime.js +1 -1
- package/dist/status-queue.runtime-k2kdii3C.js +2 -0
- package/dist/status-queue.runtime.js +1 -1
- package/dist/status-runtime-shared-BHVKTX8F.js +241 -0
- package/dist/status-subagents.runtime-Dqn8rGt3.js +18 -0
- package/dist/status-subagents.runtime.js +1 -1
- package/dist/status-text-XpgxLRUx.js +237 -0
- package/dist/status.gateway-connection.runtime-CAujaH_M.js +2 -0
- package/dist/status.gateway-connection.runtime.js +1 -1
- package/dist/status.gather-DABnWYhg.js +2 -0
- package/dist/status.gather-DvP7veWJ.js +292 -0
- package/dist/status.runtime-BNG-ykFb.js +2 -0
- package/dist/status.runtime-L3R8cOql.js +2 -0
- package/dist/status.runtime.js +1 -1
- package/dist/status.scan-CPCLfxhs.js +65 -0
- package/dist/status.scan-overview-cd-sFbN_.js +379 -0
- package/dist/status.scan.fast-json-BlK1NH9B.js +2 -0
- package/dist/status.scan.fast-json-RzD6XYyb.js +132 -0
- package/dist/status.summary-BzdECSg9.js +200 -0
- package/dist/status.summary-D5HGi7Bf.js +2 -0
- package/dist/store-BtHVDH2Q.js +910 -0
- package/dist/store-Qn6Vf7Ma.js +4 -0
- package/dist/store.runtime-Dd3L_GjJ.js +2 -0
- package/dist/store.runtime.js +1 -1
- package/dist/stream-CImPPcyN.js +664 -0
- package/dist/subagent-announce-Cs_FbejL.js +351 -0
- package/dist/subagent-announce-delivery-DMwYIqZg.js +726 -0
- package/dist/subagent-announce-output-B9tl5MCY.js +364 -0
- package/dist/subagent-capabilities-DN1kjzNE.js +251 -0
- package/dist/subagent-control-CJBFHJGn.js +506 -0
- package/dist/subagent-control.runtime-D9vrLexA.js +3 -0
- package/dist/subagent-control.runtime.js +1 -1
- package/dist/subagent-followup.runtime-Bn5iFlY5.js +68 -0
- package/dist/subagent-followup.runtime.js +1 -1
- package/dist/subagent-orphan-recovery-Bd_lhKXg.js +305 -0
- package/dist/subagent-registry-ChyubSrS.js +3 -0
- package/dist/subagent-registry-gH5jdXLj.js +1753 -0
- package/dist/subagent-registry.runtime.js +1 -1
- package/dist/subagent-spawn-CGEv7PUE.js +1005 -0
- package/dist/supervisor-DgpKTzey.js +704 -0
- package/dist/supervisor-log.runtime.js +1 -1
- package/dist/system-cli-BXWEki_N.js +43 -0
- package/dist/targets-Df5NUAMJ.js +67 -0
- package/dist/targets.runtime.js +1 -1
- package/dist/task-executor-CNDdWsuX.js +360 -0
- package/dist/task-owner-access-DxjrTxvr.js +74 -0
- package/dist/task-registry-CdNs7r4r.js +2357 -0
- package/dist/task-registry-delivery-runtime-BDu6uG2H.js +3 -0
- package/dist/task-registry-delivery-runtime-DOWKFjeQ.js +2 -0
- package/dist/task-registry.maintenance-DASywxLv.js +416 -0
- package/dist/task-registry.maintenance-NbdyYsF6.js +2 -0
- package/dist/telegram/token.js +2 -2
- package/dist/testing-DSzznIMh.js +575 -0
- package/dist/text-report-C5TiNkIC.js +549 -0
- package/dist/tool-auth-shared-Ca0wddYT.js +90 -0
- package/dist/tool-policy-pipeline-BLtvEs31.js +109 -0
- package/dist/tool-resolution-BpN_yXJT.js +90 -0
- package/dist/tools-effective-inventory-DzZfmONO.js +152 -0
- package/dist/tools-invoke-http-Cc5lWdVY.js +206 -0
- package/dist/transcript-resolve.runtime-wnJiuCEb.js +2 -0
- package/dist/transcript-resolve.runtime.js +1 -1
- package/dist/transcript-yKXsllQ2.js +312 -0
- package/dist/transcript.runtime-CmcFZQq0.js +2 -0
- package/dist/transcript.runtime.js +1 -1
- package/dist/trash-gujb8L0g.js +24 -0
- package/dist/tts-BG_1G2S6.js +64 -0
- package/dist/tui-cli-5Sm6YmJ7.js +4585 -0
- package/dist/uninstall-B6U2msaD.js +185 -0
- package/dist/update-BjKPsXUk.js +1282 -0
- package/dist/update-cli-BcUEQuiM.js +1759 -0
- package/dist/update-startup-Xs6Edz-d.js +2 -0
- package/dist/upgrade-uEpCTUNv.js +1226 -0
- package/dist/video-generation-provider-B0W1RcQj.js +264 -0
- package/dist/video-generation-provider-B2XcJK8B.js +221 -0
- package/dist/video-generation-provider-BJt8-Jzh.js +254 -0
- package/dist/video-generation-provider-Bsz88Y8I.js +78 -0
- package/dist/video-generation-provider-CmN0n1aP.js +271 -0
- package/dist/video-generation-provider-DKFpHGWz.js +64 -0
- package/dist/video-generation-provider-LgYMFJAm.js +281 -0
- package/dist/video-generation-provider-j1OQMvjr2.js +77 -0
- package/dist/video-generation-provider-lI_tgIiA.js +287 -0
- package/dist/video-generation-provider-uVzVbp2s.js +118 -0
- package/dist/video-generation-provider-xQ4AZkeK.js +187 -0
- package/dist/video-generation-task-status-Ch4hR1ge.js +163 -0
- package/dist/wait-for-idle-before-flush-D9yKEs2F.js +6025 -0
- package/dist/web-search-provider-Bt8NRG25.js +163 -0
- package/dist/wizard-models-DQ9CKzTp.js +334 -0
- package/dist/workflow-runtime-C0jGj382.js +485 -0
- package/package.json +4 -1
- package/dist/abort-CvJN6IMd.js +0 -201
- package/dist/abort-cutoff.runtime-oLWHRfE6.js +0 -20
- package/dist/abort.runtime-DAzGHIa2.js +0 -2
- package/dist/accounts-B3aTKIO4.js +0 -104
- package/dist/accounts-BwigO-9Q.js +0 -2
- package/dist/accounts-CdLNyXHa.js +0 -107
- package/dist/acp-cli-DQz79rl7.js +0 -2217
- package/dist/acp-spawn-Bbs_m3VF.js +0 -2
- package/dist/acp-spawn-CTMewMbn.js +0 -1042
- package/dist/acp-stateful-target-driver-D4VaoZPV.js +0 -89
- package/dist/action-agents-DFmhHVfJ.js +0 -67
- package/dist/action-focus-Dx08tcy-.js +0 -132
- package/dist/action-help-hQl_vyPP.js +0 -7
- package/dist/action-info-JmXoHEPD.js +0 -101
- package/dist/action-kill-BcGm94a1.js +0 -33
- package/dist/action-list-BtDTTljd.js +0 -21
- package/dist/action-log-CzNEUTkF.js +0 -30
- package/dist/action-send-BVjcdCrr.js +0 -39
- package/dist/action-spawn-Cn0JgaO1.js +0 -47
- package/dist/action-unfocus-c1Uu4T8u.js +0 -29
- package/dist/actions.runtime-Cmrr3s-z.js +0 -5
- package/dist/actions.runtime-XCeILsBA.js +0 -18
- package/dist/agent-CS1XdimC.js +0 -2
- package/dist/agent-command-BiLxDWtx.js +0 -874
- package/dist/agent-harness-runtime-bunUaGg7.js +0 -144
- package/dist/agent-runner-utils-BFkEZbb9.js +0 -239
- package/dist/agent-runner.runtime-DUtejeBt.js +0 -3443
- package/dist/agent-runtime-CQG_IBlM.js +0 -18
- package/dist/agents-DArnaFQV.js +0 -954
- package/dist/agents-jSVdSQr5.js +0 -5
- package/dist/agents.command-shared-cZa4UKga.js +0 -40
- package/dist/aliases-BrquU2aa.js +0 -96
- package/dist/aliases-OQzPD6Kz.js +0 -2
- package/dist/api-BXtBpymk.js +0 -5
- package/dist/api-CGMqDBcv.js +0 -3
- package/dist/api-CNr0UyHW.js +0 -139
- package/dist/api-DIKi1Ni8.js +0 -4
- package/dist/api-i4W2Wwd4.js +0 -48
- package/dist/apply-oUSa2Pf0.js +0 -508
- package/dist/apply.runtime-BLCi2Ivv.js +0 -166
- package/dist/apply.runtime-D_hTG_Y0.js +0 -2
- package/dist/approval-gateway-resolver-D2iqmJiq.js +0 -29
- package/dist/approval-gateway-runtime-C1pBe7Fx.js +0 -2
- package/dist/approval-handler-runtime-Zf1fCWk1.js +0 -439
- package/dist/approval-native-runtime-C0zvGwfB.js +0 -729
- package/dist/attempt-execution.runtime-Cu16wO9j.js +0 -509
- package/dist/attempt-execution.shared-BY_ARPh1.js +0 -22
- package/dist/attempt.prompt-helpers-C3qMNvxE.js +0 -206
- package/dist/attempt.tool-run-context-M11pca0b.js +0 -933
- package/dist/audit-DF-0hnr9.js +0 -939
- package/dist/audit-extra.async-BbZcluVr.js +0 -971
- package/dist/audit-tool-policy-C0lIM9Fp.js +0 -3
- package/dist/audit.deep.runtime-CXjulrWI.js +0 -2
- package/dist/audit.nondeep.runtime-nu5XTu7N.js +0 -880
- package/dist/audit.runtime-DYyjmKuk.js +0 -7
- package/dist/auth-CzjcgD0-.js +0 -177
- package/dist/auth-DE-yY2QL.js +0 -550
- package/dist/auth-DLmN64Y_.js +0 -2
- package/dist/auth-DQw5zHDJ.js +0 -56
- package/dist/auth-choice-CXWHXiQK.js +0 -3
- package/dist/auth-choice-DGMF0dBk.js +0 -85
- package/dist/auth-order-CP3BJeex.js +0 -2
- package/dist/auth-order-DQHJAKY8.js +0 -139
- package/dist/bash-tools-DUxUia5q.js +0 -3
- package/dist/bash-tools-_AgECrXf.js +0 -2853
- package/dist/bash-tools.exec-runtime-CVOp5fHn.js +0 -823
- package/dist/binding-routing-D7ruDbx0.js +0 -85
- package/dist/binding-targets-BZWuOcR0.js +0 -121
- package/dist/bridge-server-C4WpUTaE.js +0 -113
- package/dist/browser-control-auth-CmYxtkaH.js +0 -2
- package/dist/browser-node-runtime-BLHYH8YL.js +0 -12
- package/dist/browser-profiles-Cawo818z.js +0 -2
- package/dist/browser-runtime-LzhODwuG.js +0 -387
- package/dist/browser-setup-tools-CTgOb29b.js +0 -13
- package/dist/build-AqzTQK3J.js +0 -550
- package/dist/call-J2wbwzLi.js +0 -330
- package/dist/call-S0AZ899k.js +0 -3
- package/dist/call.runtime-CyP2bdv0.js +0 -2
- package/dist/capability-cli-6jHIuGQe.js +0 -1401
- package/dist/catalog-provider-RQJYkKkq.js +0 -40
- package/dist/catchup-CN5lM9nn.js +0 -300
- package/dist/channel-4jggmldw.js +0 -453
- package/dist/channel-8osltyJD.js +0 -840
- package/dist/channel-B-P45jvy.js +0 -595
- package/dist/channel-BIV8BnjO.js +0 -1802
- package/dist/channel-CXUPhx7m.js +0 -297
- package/dist/channel-ChWfDzLg.js +0 -226
- package/dist/channel-DMCOcmaZ.js +0 -491
- package/dist/channel-DT5I65Xv.js +0 -1174
- package/dist/channel-_mt8OaDA.js +0 -1320
- package/dist/channel-add-wizard-BLjklZ70.js +0 -2
- package/dist/channel-add-wizard-C3BysW2-.js +0 -125
- package/dist/channel-cbqIqIvi.js +0 -1100
- package/dist/channel-core-CcHrOJQl.js +0 -5
- package/dist/channel-inbound-gJZ5fy8s.js +0 -31
- package/dist/channel-plugin-resolution-BNbz8s_s.js +0 -153
- package/dist/channel-plugin-resolution-Bey1o2RL.js +0 -2
- package/dist/channel-plugin-runtime-CFVplMXF.js +0 -771
- package/dist/channel-runtime-D2fhnXNT.js +0 -425
- package/dist/channel-setup-BzbhDDrt.js +0 -1297
- package/dist/channel-twNI9g5j.js +0 -350
- package/dist/channel.runtime-B7RAHQNT.js +0 -430
- package/dist/channel.runtime-BIcoI6bq.js +0 -2364
- package/dist/channel.runtime-Ci_26egi.js +0 -576
- package/dist/channel.runtime-CzTNZfZz.js +0 -89
- package/dist/channel.runtime-D0qkeWVB.js +0 -4
- package/dist/channel.runtime-D_9taoyr.js +0 -42398
- package/dist/channel.setup-Ck6-6alN.js +0 -10
- package/dist/channel2.runtime-CzLs-yVz.js +0 -109
- package/dist/channels-C3tEEndo.js +0 -733
- package/dist/channels-cli-1vvCRqai.js +0 -268
- package/dist/chat-9N_9QPkq.js +0 -2830
- package/dist/clawbot-cli-CySj7xP4.js +0 -9
- package/dist/clawhub-DRNYT4Ih.js +0 -400
- package/dist/cli-2nlB-dHJ.js +0 -154
- package/dist/cli-7dTpJC3M.js +0 -2
- package/dist/cli-BGMFTnb1.js +0 -683
- package/dist/cli-BNYLM-n-.js +0 -219
- package/dist/cli-Bj3CMawx.js +0 -2
- package/dist/cli-C26tWLBw.js +0 -3726
- package/dist/cli-dB2d6i0x.js +0 -72
- package/dist/cli-fZ6nZozk.js +0 -2
- package/dist/cli-runner-DkUWaw3u.js +0 -286
- package/dist/cli-runner.runtime-Bdu8GaIU.js +0 -4
- package/dist/cli-runner.runtime-D35_WwIC.js +0 -3
- package/dist/cli.runtime-D0ZdkRoZ.js +0 -1261
- package/dist/client-BLrVaUap.js +0 -723
- package/dist/client-JSnNx9t8.js +0 -138
- package/dist/command-auth-vH98jyU8.js +0 -76
- package/dist/command-config-resolution-B-U-WZy5.js +0 -23
- package/dist/command-config-resolution-ByjKlaVl.js +0 -2
- package/dist/command-config-resolution.runtime-Wv85AlQo.js +0 -2
- package/dist/command-execution-startup-DtBNBU06.js +0 -324
- package/dist/command-registry-Bu9yJGC5.js +0 -4
- package/dist/command-registry-CuME9hky.js +0 -9
- package/dist/command-registry-core-Bk9WAOxq.js +0 -106
- package/dist/command-secret-gateway-BWnLmfo1.js +0 -528
- package/dist/command-status.runtime-DHRozViO.js +0 -87
- package/dist/commands-acp-CnxVcX4s.js +0 -77
- package/dist/commands-compact.runtime-DKZYaee9.js +0 -10
- package/dist/commands-core.runtime-CXYQlfla.js +0 -2
- package/dist/commands-handlers.runtime-BFqsQ9UV.js +0 -4599
- package/dist/commands-reset-hooks-C-P5vfWa.js +0 -135
- package/dist/commands-status-DBC5I7yG.js +0 -16
- package/dist/commands-status.runtime-BgK6raz4.js +0 -3
- package/dist/commands-subagents-control.runtime-CY4xaq28.js +0 -3
- package/dist/commands-subagents-control.runtime-z9tchzCP.js +0 -2
- package/dist/commands-system-prompt-BNtFvxmr.js +0 -157
- package/dist/commands-system-prompt-CHVjFzQO.js +0 -2
- package/dist/commands.runtime-BAsTu7s5.js +0 -167
- package/dist/compact-Ddu8hZfc.js +0 -1096
- package/dist/compact.runtime-GpkxTJxx.js +0 -12
- package/dist/completion-cli-BNte3Dj6.js +0 -328
- package/dist/config-Cvu5tnrW.js +0 -252
- package/dist/config-cli-BlZB5tV-.js +0 -1078
- package/dist/config-guard-Ca-1hhke.js +0 -96
- package/dist/config-runtime-AtYct3A3.js +0 -32
- package/dist/configure-CiGtXggx.js +0 -2
- package/dist/configure-DDqC8LYD.js +0 -1252
- package/dist/connect-options-BbJfh_Oy.js +0 -699
- package/dist/control-auth-B2Jsq2zv.js +0 -125
- package/dist/control-service-B5OxTjPP.js +0 -156
- package/dist/control-ui/assets/agents-CfLnBH4t.js +0 -1125
- package/dist/control-ui/assets/canvas-pj-aGbeH.js +0 -274
- package/dist/control-ui/assets/channel-config-extras-sj_UXv9J.js +0 -2
- package/dist/control-ui/assets/channels-BelCW9hw.js +0 -198
- package/dist/control-ui/assets/contacts-B-2gb_ua.js +0 -49
- package/dist/control-ui/assets/cron-B6-26cyp.js +0 -250
- package/dist/control-ui/assets/de-DOykxjSu.js +0 -2
- package/dist/control-ui/assets/debug-B5MO5d0M.js +0 -94
- package/dist/control-ui/assets/es-BTwWEPGm.js +0 -2
- package/dist/control-ui/assets/fr-DVRwR98L.js +0 -2
- package/dist/control-ui/assets/i18n-BPOQLrbx.js +0 -3
- package/dist/control-ui/assets/id-BSBAUAzK.js +0 -2
- package/dist/control-ui/assets/index-CmdvEIGH.js +0 -5981
- package/dist/control-ui/assets/instances-uygO1ZKq.js +0 -57
- package/dist/control-ui/assets/ja-JP-BiD5eOfG.js +0 -2
- package/dist/control-ui/assets/ko-BNgLBJdW.js +0 -2
- package/dist/control-ui/assets/logs-GdE34D7D.js +0 -74
- package/dist/control-ui/assets/mcp-472P8M4F.js +0 -380
- package/dist/control-ui/assets/memory-Dvp5YUvN.js +0 -50
- package/dist/control-ui/assets/memory-graph-B27rN_e7.js +0 -30
- package/dist/control-ui/assets/models-C88CYx1F.js +0 -86
- package/dist/control-ui/assets/nodes-CUXTunGj.js +0 -654
- package/dist/control-ui/assets/pl-DrVcqC4t.js +0 -2
- package/dist/control-ui/assets/plugins-D3upvVMU.js +0 -259
- package/dist/control-ui/assets/presenter-DSvbCagf.js +0 -2
- package/dist/control-ui/assets/pt-BR-BXlBG1WX.js +0 -2
- package/dist/control-ui/assets/sessions-BzVDlJpI.js +0 -56
- package/dist/control-ui/assets/skills-DQD9wvlO.js +0 -294
- package/dist/control-ui/assets/skills-shared-B-3kgWg3.js +0 -11
- package/dist/control-ui/assets/th-DjtYmyBR.js +0 -2
- package/dist/control-ui/assets/tr-I0LYx0Ew.js +0 -2
- package/dist/control-ui/assets/uk-xilwRRzQ.js +0 -2
- package/dist/control-ui/assets/wallet-DWa9gqqg.js +0 -302
- package/dist/control-ui/assets/zh-CN-DHz_bYy_.js +0 -2
- package/dist/control-ui/assets/zh-TW-LvBbVYeU.js +0 -2
- package/dist/control-ui-Djt0XDNa.js +0 -1043
- package/dist/conversation-id-BTqKksIo.js +0 -38
- package/dist/conversation-id-DzarUmXD.js +0 -235
- package/dist/conversation-runtime-DbbmwXgr.js +0 -31
- package/dist/core-CYiHLgHk.js +0 -275
- package/dist/create-DN7NWqCZ.js +0 -80
- package/dist/cron-cli-Dyd_7f_N.js +0 -713
- package/dist/daemon-cli-DT5GXTxV.js +0 -12
- package/dist/dashboard-BtYlqUpN.js +0 -2
- package/dist/dashboard-DwroM17M.js +0 -81
- package/dist/delegate-CBLxnP3N.js +0 -64
- package/dist/deliver-BedUVIQP.js +0 -747
- package/dist/deliver-DPvG5Qo8.js +0 -3
- package/dist/deliver-runtime-DZlx42y2.js +0 -2
- package/dist/delivery-outbound.runtime-Dyo6zcqN.js +0 -6
- package/dist/delivery.runtime-CmuJYXg1.js +0 -253
- package/dist/detached-task-runtime-DWSrAiuI.js +0 -73
- package/dist/devices-cli-CrGc8ckS.js +0 -498
- package/dist/diagnostics-CzNM2oo3.js +0 -154
- package/dist/direct-dm-Cy7dY7RF.js +0 -64
- package/dist/directive-handling.fast-lane-Vuy-nG2-.js +0 -66
- package/dist/directive-handling.impl-DrE_GeZR.js +0 -2
- package/dist/directive-handling.impl-KH2zUp6M.js +0 -703
- package/dist/directive-handling.model-selection-BiW8QHW-.js +0 -114
- package/dist/directive-handling.persist.runtime-VLCtMqO5.js +0 -215
- package/dist/directory-cli-DQRcL8xw.js +0 -240
- package/dist/dispatch-Dew5dCZ_.js +0 -1131
- package/dist/dispatch-acp-CvCVNtsu.js +0 -981
- package/dist/dispatch-acp-manager.runtime-DBTAUi2i.js +0 -3
- package/dist/dispatch-acp-media.runtime-Bq9nReBk.js +0 -4
- package/dist/dispatch-acp-session.runtime-CKts6zqY.js +0 -2
- package/dist/dispatch-acp.runtime-Cw1tjQKP.js +0 -19
- package/dist/doctor-config-flow-C1S8B_sg.js +0 -420
- package/dist/doctor-config-preflight-DH_iBFHQ.js +0 -2
- package/dist/doctor-config-preflight-nRntMTIC.js +0 -63
- package/dist/doctor-device-pairing-C9OfTAUh.js +0 -307
- package/dist/doctor-gateway-daemon-flow-CS1gl0S3.js +0 -250
- package/dist/doctor-gateway-health-DzKV435y.js +0 -63
- package/dist/doctor-health-DNiEej9S.js +0 -59
- package/dist/doctor-health-contributions-BxgcjAL5.js +0 -493
- package/dist/doctor-prompter-T7JdMaQG.js +0 -56
- package/dist/doctor-sandbox-C9h2a5Uu.js +0 -194
- package/dist/doctor-state-migrations-BPuF54_Y.js +0 -2
- package/dist/doctor-workspace-status-C3jLUkHt.js +0 -75
- package/dist/dreaming-CiOm27X0.js +0 -1582
- package/dist/dreaming-narrative-C8m64g44.js +0 -596
- package/dist/embedded-gateway-stub.runtime-Di2s5bLl.js +0 -9
- package/dist/embedding-provider-QRMp19Ph.js +0 -118
- package/dist/embeddings-Cwg0dHC_.js +0 -215
- package/dist/embeddings-http-DbBwgwsH.js +0 -205
- package/dist/exec-approval-forwarder.runtime-BNGZQkhU.js +0 -3
- package/dist/exec-approvals-cli-DiBWd6eL.js +0 -498
- package/dist/exec-defaults-B5NE8OtM.js +0 -2
- package/dist/exec-defaults-Dy3ej-Rk.js +0 -67
- package/dist/execute.runtime-cy0XQXc7.js +0 -1359
- package/dist/fallbacks-Bjq0H75u.js +0 -31
- package/dist/fallbacks-C3dys5Ff.js +0 -2
- package/dist/fallbacks-shared-4iQjz5v5.js +0 -111
- package/dist/gateway-BxIfReRV.js +0 -115
- package/dist/gateway-cli-Czx2Ub57.js +0 -1283
- package/dist/gateway-rpc-CdXoDE6_.js +0 -14
- package/dist/gateway-rpc.runtime-DXFVTu-I.js +0 -23
- package/dist/gateway-runtime-DoElJuBU.js +0 -15
- package/dist/gateway-status-DtdmlnK6.js +0 -584
- package/dist/genesis-tools-vU91jnMS.js +0 -9435
- package/dist/genesis-tools.runtime-Dfpi37K0.js +0 -2
- package/dist/get-reply-DTtxw9Xp.js +0 -3946
- package/dist/get-reply-from-config.runtime-CB9EeF1Q.js +0 -2
- package/dist/gmail-watcher-lifecycle-JbKGb-1A.js +0 -2
- package/dist/graph-users-CoF5XRS_.js +0 -1337
- package/dist/health-CLRWQEVB.js +0 -3
- package/dist/health-DvTtpVIw.js +0 -420
- package/dist/health-route-8H3Sy8RI.js +0 -41
- package/dist/health-route-CHLAMCYm.js +0 -2
- package/dist/hooks-cli-D2AeKlrf.js +0 -433
- package/dist/http-endpoint-helpers-CG3AcjuK.js +0 -41
- package/dist/http-utils-L02eBAVo.js +0 -924
- package/dist/image-fallbacks-Cy-kcJR5.js +0 -2
- package/dist/image-fallbacks-DoQoUiR7.js +0 -31
- package/dist/image-generation-core-CEg4KACr.js +0 -18
- package/dist/image-generation-provider-B4tW_Kj3.js +0 -274
- package/dist/image-generation-provider-B72nmoos.js +0 -157
- package/dist/image-generation-provider-D9v0PADz.js +0 -63
- package/dist/image-generation-provider-DLYGDzST.js +0 -228
- package/dist/image-generation-provider-DYu8ZWBs.js +0 -529
- package/dist/image-generation-provider-jp6l2Jls.js +0 -95
- package/dist/image-generation-provider-qr08iqKe.js +0 -137
- package/dist/image-runtime-DRQcRKzy.js +0 -9
- package/dist/inbound-reply-dispatch-jQhsUF0f.js +0 -73
- package/dist/inbound.runtime-CCnJwfdz.js +0 -3
- package/dist/inbound.runtime-DwsGti2x.js +0 -4
- package/dist/infra-runtime-DwRkDuXF.js +0 -38
- package/dist/init-DwpSUAfi.js +0 -59
- package/dist/install-DwDt01Fk.js +0 -726
- package/dist/install-security-scan-Cq0N2AQi.js +0 -26
- package/dist/install-security-scan.runtime-DWlSCQbQ.js +0 -671
- package/dist/install.runtime-CWnOXdy4.js +0 -27
- package/dist/install.runtime-DPA5lA9o.js +0 -12
- package/dist/jobs-D9IyaUDB.js +0 -729
- package/dist/library-mAKEzoAM.js +0 -45
- package/dist/lifecycle-BUTglQLK.js +0 -229
- package/dist/lifecycle-Csd_mbv2.js +0 -571
- package/dist/lifecycle.runtime-1wfzPGwQ.js +0 -2
- package/dist/list-5rTtE3qu.js +0 -2
- package/dist/list-BCYNIOw6.js +0 -2
- package/dist/list-DyQGXU4h.js +0 -1212
- package/dist/list-DzN4dO0z.js +0 -131
- package/dist/list.probe-BQZZbfvC.js +0 -419
- package/dist/live-model-switch-DqJLIA4J.js +0 -336
- package/dist/llm-slug-generator-BWH-YxyP.js +0 -79
- package/dist/load-config-CISXosI1.js +0 -35
- package/dist/loader-DlmWqYuM.js +0 -222
- package/dist/local-dispatch.runtime-BdXedbsx.js +0 -8
- package/dist/login-DX18Qaag.js +0 -108
- package/dist/logs-cli-YcX3NrQk.js +0 -265
- package/dist/logs-cli.runtime-4RNOEP9S.js +0 -2
- package/dist/main-session-restart-recovery-DxOWdFCG.js +0 -206
- package/dist/managed-image-attachments-BjnlRyZi.js +0 -2
- package/dist/managed-image-attachments-CgE1Q1Bu.js +0 -635
- package/dist/manager-CvrwzOap.js +0 -2
- package/dist/manager-DIyzKDRT.js +0 -2057
- package/dist/markdown-to-line-BzCikJ_W.js +0 -790
- package/dist/mcp-cli-HFkNRDTk.js +0 -725
- package/dist/mcp-http-BpymCnig.js +0 -529
- package/dist/media-runtime-awxrKlof.js +0 -329
- package/dist/media-understanding-CYk-TBlo.js +0 -85
- package/dist/media-understanding-provider-BFl9PvK0.js +0 -18
- package/dist/media-understanding-provider-BbHedlHI.js +0 -69
- package/dist/media-understanding-provider-C4hkphxA.js +0 -28
- package/dist/media-understanding-provider-CIJApc3Q.js +0 -85
- package/dist/media-understanding-provider-CMRfrvoW.js +0 -37
- package/dist/media-understanding-provider-D8MwbDYK.js +0 -12
- package/dist/media-understanding-provider-DPZ3M0zL.js +0 -21
- package/dist/media-understanding-provider-DnFHplle.js +0 -13
- package/dist/media-understanding-provider-O3o8RDTO.js +0 -12
- package/dist/media-understanding-provider-WmKhdAeP.js +0 -18
- package/dist/media-understanding-runtime-DiWkY8O9.js +0 -2
- package/dist/memory-core-host-runtime-cli-D1OEhnrF.js +0 -9
- package/dist/memory-embedding-adapter-Ll4TtjDC.js +0 -123
- package/dist/memory-host-search-BzpJFHpD.js +0 -12
- package/dist/message-action-runner-CMY-upve.js +0 -1407
- package/dist/message-action-runner-DySHa6EF.js +0 -2
- package/dist/message-actions-B9LTXVEy.js +0 -143
- package/dist/message-kmB-ZdwF.js +0 -232
- package/dist/message.gateway.runtime-CKp6wO2c.js +0 -2
- package/dist/method-scopes-D_AZ7OsK.js +0 -235
- package/dist/model-picker-D20JpfyM.js +0 -559
- package/dist/model-picker-Dpin9dw4.js +0 -3
- package/dist/model-picker.runtime-B19j-xJa.js +0 -15
- package/dist/model-selection-BDK7dEju.js +0 -212
- package/dist/models-auth-status-CWD5blQY.js +0 -217
- package/dist/models-cli-qKl_DDX9.js +0 -271
- package/dist/models-http-DruY6N81.js +0 -92
- package/dist/models.fetch-2geG13AQ.js +0 -518
- package/dist/monitor-Ba7ejkS8.js +0 -671
- package/dist/monitor-BaVaWrC7.js +0 -2
- package/dist/monitor-C35OWSe9.js +0 -1661
- package/dist/monitor-Cl9di7UV.js +0 -788
- package/dist/monitor-CyNHlr3x.js +0 -1237
- package/dist/monitor-DfSNLX9p.js +0 -1459
- package/dist/monitor-auth-Bar1iwPD.js +0 -207
- package/dist/monitor-processing-DOC1o7D2.js +0 -1974
- package/dist/monitor.runtime-CzFqZGY2.js +0 -2
- package/dist/monitor.webhook-Bim0zewE.js +0 -180
- package/dist/msteams-BqQ_sRgm.js +0 -35
- package/dist/music-generation-provider-Bac-UFIO.js +0 -63
- package/dist/music-generation-provider-fPGrO1gg.js +0 -170
- package/dist/native-hook-relay-CiXmqOtV.js +0 -519
- package/dist/nextcloud-talk-ByistOQj.js +0 -17
- package/dist/node-cli-BWtbe5nd.js +0 -2276
- package/dist/nodes-cli-DuzsL0Gb.js +0 -1046
- package/dist/nodes-utils-oVtp9rVI.js +0 -84
- package/dist/nodes.helpers-DJ1lCjQx.js +0 -34
- package/dist/notify-Xz011HiU.js +0 -315
- package/dist/oauth-B9WR0gWL.js +0 -75
- package/dist/oauth-BpJKd6mz.js +0 -2
- package/dist/oauth-BqiriUcs.js +0 -139
- package/dist/oauth-Dl3zSXWU.js +0 -152
- package/dist/oauth.flow-CIweZ0Wo.js +0 -45
- package/dist/oauth.flow-YT9WcJAP.js +0 -3
- package/dist/onboard-CJcg9WIT.js +0 -2
- package/dist/onboard-DrfmoxpG.js +0 -316
- package/dist/onboard-SSBg2BsM.js +0 -70
- package/dist/onboard-channels-B-jq5k4w.js +0 -2
- package/dist/onboard-channels-Dg4UVNnl.js +0 -3
- package/dist/onboard-custom-DDY7T8Mb.js +0 -3
- package/dist/onboard-custom-buJ3Vz5C.js +0 -271
- package/dist/onboard-helpers-D-z22ggH.js +0 -204
- package/dist/onboard-helpers-DU-hRKeY.js +0 -6
- package/dist/onboard-interactive-C8tFz_EJ.js +0 -24
- package/dist/onboard-non-interactive-ZnR63QNa.js +0 -635
- package/dist/onboard-remote-B6KxBZY_.js +0 -193
- package/dist/onboard-remote-BrblbI6u.js +0 -2
- package/dist/onboard-skills-BaEg-lmj.js +0 -2
- package/dist/onboard-skills-BuFtX13Z.js +0 -134
- package/dist/onboarding-plugin-install-CNIcGqAI.js +0 -406
- package/dist/openai-codex-provider-6aTYk3jp.js +0 -472
- package/dist/openai-http-Wkidi3o4.js +0 -500
- package/dist/openai-provider-w1PV_KGr.js +0 -313
- package/dist/opencode-SEOw9RYv.js +0 -35
- package/dist/openresponses-http-BkPjGHMn.js +0 -1128
- package/dist/operator-approvals-client-xj8FFWPH.js +0 -68
- package/dist/outbound-runtime-D7qdGq1B.js +0 -5
- package/dist/outbound.runtime-riknu3Rg.js +0 -2
- package/dist/pair-command-approve-CRig33Ea.js +0 -44
- package/dist/persistent-bindings.lifecycle-BhVLGVlI.js +0 -2
- package/dist/persistent-bindings.lifecycle-CVWzaSA9.js +0 -85
- package/dist/pi-bundle-mcp-runtime-CEwlOt28.js +0 -2
- package/dist/pi-bundle-mcp-runtime-DS32_bKh.js +0 -829
- package/dist/pi-bundle-mcp-tools-MVePSeQp.js +0 -108
- package/dist/pi-embedded-Dh5naw-j.js +0 -4
- package/dist/pi-embedded-S0ld6lbd.js +0 -2905
- package/dist/pi-embedded-subscribe.handlers.compaction.runtime-61zYwcVi.js +0 -23
- package/dist/pi-embedded.runtime-BeWYEwSt.js +0 -4
- package/dist/pi-tool-definition-adapter-MgnP-0c4.js +0 -229
- package/dist/pi-tools-DyVcSRei.js +0 -1118
- package/dist/pi-tools.before-tool-call-BZ1PLh46.js +0 -433
- package/dist/pi-tools.before-tool-call-DSgr_Sjd.js +0 -2
- package/dist/plugin-DoXrlTHe.js +0 -12195
- package/dist/plugin-enabled-CCAWKL0j.js +0 -140
- package/dist/plugin-install-D9RUigrW.js +0 -2
- package/dist/plugin-install-DRc2KTWx.js +0 -115
- package/dist/plugin-install-config-policy-CtKZaMAw.js +0 -137
- package/dist/plugin-install-plan-BeNfwB5V.js +0 -50
- package/dist/plugin-registration-COZcclAr.js +0 -23
- package/dist/plugin-service-Cu_nlZmO.js +0 -2893
- package/dist/plugins-cli-qkT7VGd9.js +0 -584
- package/dist/plugins-command-helpers-DvRgKfV0.js +0 -107
- package/dist/plugins-install-persist-CZWXaz5s.js +0 -133
- package/dist/plugins-update-command-qKTcfS44.js +0 -1057
- package/dist/policy-CxwHwL56.js +0 -328
- package/dist/prepare.runtime-BhO3ot9P.js +0 -807
- package/dist/probe-4IiQQG_7.js +0 -2
- package/dist/probe-89jd9VHi.js +0 -1443
- package/dist/probe-B2Uw_PN-.js +0 -2205
- package/dist/probe-B4ekJ-Xv.js +0 -74
- package/dist/probe-B9hiEFIU.js +0 -2
- package/dist/probe-CDrkDwhe.js +0 -240
- package/dist/probe-Ct62B_e4.js +0 -45
- package/dist/probe-pLHVFHK6.js +0 -243
- package/dist/program-HFwaDGDa.js +0 -111
- package/dist/prompt-select-styled-BL_pKMTB.js +0 -20
- package/dist/protocol-C9LrRIRp.js +0 -2515
- package/dist/provider-D4RPFEas.js +0 -70
- package/dist/provider-api-key-auth-DxE3Ubaz.js +0 -131
- package/dist/provider-auth-94YJgYBI.js +0 -46
- package/dist/provider-auth-api-key-D9d3vpbu.js +0 -5
- package/dist/provider-auth-choice-C1kxCG8d.js +0 -228
- package/dist/provider-auth-login-DSy_0CmF.js +0 -8
- package/dist/provider-dispatcher-C81eCA-H.js +0 -22
- package/dist/provider-dispatcher-puinwYaq.js +0 -2
- package/dist/provider-entry-CR0Z4V2Y.js +0 -106
- package/dist/provider-model-defaults-CY1F7Q3c.js +0 -6
- package/dist/provider-registration-C3cLloFb.js +0 -37
- package/dist/provider-registration-CU67AJCU.js +0 -218
- package/dist/qr-cli-BdX_FFlu.js +0 -349
- package/dist/qr-cli-C5253ud8.js +0 -2
- package/dist/qr-image-BQnl-2Hz.js +0 -2
- package/dist/queue-IehGWtWc.js +0 -409
- package/dist/reaction-runtime-api-95Ou_vSC.js +0 -116
- package/dist/reactions-DZizt8LI.js +0 -998
- package/dist/read-capability-w1W5sKua.js +0 -412
- package/dist/register-service-commands-DMNQ-id4.js +0 -71
- package/dist/register.agent-CQOBdXob.js +0 -248
- package/dist/register.configure-C8yC_SYa.js +0 -15
- package/dist/register.maintenance-CSIY47OO.js +0 -363
- package/dist/register.message-g5yjxPxU.js +0 -329
- package/dist/register.onboard-U3SrMpHb.js +0 -88
- package/dist/register.runtime-BMuRf7KD.js +0 -81
- package/dist/register.setup-DOBsdUvr.js +0 -150
- package/dist/register.status-health-sessions-p_3FnJtp.js +0 -1215
- package/dist/register.subclis-CNkq2TdW.js +0 -29
- package/dist/register.subclis-P3ru4E6I.js +0 -3
- package/dist/register.subclis-core-D5N5ewgp.js +0 -249
- package/dist/reply-dispatch-runtime-B8TMhGSo.js +0 -13
- package/dist/reply-media-paths.runtime-Bv-VQY1O.js +0 -2
- package/dist/reply-media-paths.runtime-qZYIzFEg.js +0 -146
- package/dist/reply-runtime-Ba_5YKEX.js +0 -10
- package/dist/reply.runtime-CvlE6uYh.js +0 -2
- package/dist/resolve-DxTN302S.js +0 -259
- package/dist/response-generator-Be1_-xjF.js +0 -175
- package/dist/restart-health-CV-Nm1lw.js +0 -202
- package/dist/restart-health-DywY1594.js +0 -2
- package/dist/root-help-oR4nv8N9.js +0 -44
- package/dist/route-reply-Dn9zmIdM.js +0 -162
- package/dist/route-reply.runtime-DkwtG2qY.js +0 -2
- package/dist/routes-ClkLAuU2.js +0 -3341
- package/dist/routes-cv4VrQu1.js +0 -2
- package/dist/rpc-05cw0vNh.js +0 -61
- package/dist/rpc.runtime-DhFlfCMB.js +0 -21
- package/dist/run-auth-profile.runtime-Bflh0AxI.js +0 -2
- package/dist/run-delivery.runtime-B_9TxqQA.js +0 -530
- package/dist/run-embedded.runtime-V68HvJT8.js +0 -4
- package/dist/run-execution-cli.runtime-9NpwQ1uu.js +0 -4
- package/dist/run-executor.runtime-CX2Emb4e.js +0 -277
- package/dist/run-main-xnrI4i-W.js +0 -567
- package/dist/run-subagent-registry.runtime-CEgCR8-w.js +0 -2
- package/dist/run-wait-By6jGhn0.js +0 -135
- package/dist/runner-Vhfg_kYp.js +0 -966
- package/dist/runner.entries-DWptWo_Q.js +0 -604
- package/dist/runtime-COXB-OZq.js +0 -263
- package/dist/runtime-Cfcvlsp1.js +0 -2
- package/dist/runtime-D0MD5Uyv.js +0 -9
- package/dist/runtime-D2DhV36f.js +0 -961
- package/dist/runtime-D9CBb5Na.js +0 -72
- package/dist/runtime-api-C_o5iE1W.js +0 -9
- package/dist/runtime-api-Cws6dHRG.js +0 -14
- package/dist/runtime-api-D8EKRzzw.js +0 -4
- package/dist/runtime-api-DUw04nys.js +0 -9
- package/dist/runtime-embedded-pi.runtime-Ckdld_Ij.js +0 -2
- package/dist/runtime-entry-BaLt5V4d.js +0 -2769
- package/dist/runtime-internal-Dga3dvsC.js +0 -2
- package/dist/runtime-l0B7QFL3.js +0 -116
- package/dist/runtime-options-DwYzxb7U.js +0 -275
- package/dist/runtime-prepare.runtime-D6bMmoTn.js +0 -80
- package/dist/runtime-schema-BDGFtL0_.js +0 -28599
- package/dist/runtime-web-tools-DlattYEh.js +0 -1477
- package/dist/sandbox-B0HW_QP3.js +0 -1156
- package/dist/sandbox-D2w77M7D.js +0 -3
- package/dist/sandbox-cli-DhrLokzO.js +0 -450
- package/dist/scan-BWFQXm24.js +0 -523
- package/dist/scan-CrfOpA-h.js +0 -2
- package/dist/secrets-cli-TxHWzJzS.js +0 -2101
- package/dist/security-cli-DIvsGk3X.js +0 -486
- package/dist/selection-CHTqBz4F.js +0 -2
- package/dist/selection-D_K-9r-x.js +0 -7743
- package/dist/send-DE7hu875.js +0 -156
- package/dist/send-TkldUWcX.js +0 -102
- package/dist/send.runtime-CZI1JWw8.js +0 -2
- package/dist/server-B8xhfNfn.js +0 -77
- package/dist/server-Cz40q0g2.js +0 -13
- package/dist/server-context-B7rWJ2gB.js +0 -847
- package/dist/server-context-yutVechl.js +0 -2
- package/dist/server-node-events-VPwgJoKG.js +0 -474
- package/dist/server-plugin-bootstrap-Dy78XA3J.js +0 -2
- package/dist/server-plugin-bootstrap-N59qJvH4.js +0 -13355
- package/dist/server-restart-sentinel-Zjl16hJh.js +0 -684
- package/dist/server.impl-DpFPnl5_.js +0 -12798
- package/dist/session-DQK4G2N-.js +0 -48
- package/dist/session-envelope-uG-4XV0X.js +0 -18
- package/dist/session-key-CTestOWs.js +0 -65
- package/dist/session-kill-http-o34Xk0D1.js +0 -110
- package/dist/session-meta-B_6JKgd3.js +0 -109
- package/dist/session-override-BJXIc7UA.js +0 -106
- package/dist/session-reset-model.runtime-DFT-FJW1.js +0 -133
- package/dist/session-reset-service-C0ScpWIE.js +0 -497
- package/dist/session-route-UusYWQ_M.js +0 -93
- package/dist/session-status.runtime-DJV2WJZM.js +0 -2
- package/dist/session-store-COzyfYG2.js +0 -126
- package/dist/session-store.runtime-CQHXgM_Z.js +0 -2
- package/dist/session-subagent-reactivation.runtime-yyMT_MgO.js +0 -2
- package/dist/session-tab-registry-Bkd33PY1.js +0 -581
- package/dist/session-updates-Dl4GafMW.js +0 -236
- package/dist/session-updates.runtime-bHYRFXxm.js +0 -2
- package/dist/session-utils-Dkaj_4dZ.js +0 -1009
- package/dist/session-visibility-BOYOn-Gu.js +0 -147
- package/dist/sessions-D3eFfsPH.js +0 -281
- package/dist/sessions-DAup1AeE.js +0 -16
- package/dist/sessions-helpers-DlsDzSXL.js +0 -305
- package/dist/sessions-history-http--8biogY1.js +0 -371
- package/dist/sessions-kO7Dit6B.js +0 -48
- package/dist/sessions-patch-BlUpBepz.js +0 -309
- package/dist/sessions-resolve-DPWviaDr.js +0 -174
- package/dist/sessions-uVaHa5mC.js +0 -2
- package/dist/sessions.runtime-CHJDx6Rg.js +0 -2
- package/dist/setup-COcb42YZ.js +0 -636
- package/dist/setup-DX-d8t6q.js +0 -421
- package/dist/setup-api-Ddfd033_.js +0 -29
- package/dist/setup-core-Bsasst9Y.js +0 -176
- package/dist/setup-core-CWmsLaJv.js +0 -171
- package/dist/setup-surface-CTZ5CnX4.js +0 -219
- package/dist/setup-surface-D2c6jlaM.js +0 -403
- package/dist/setup-surface-Dazv-gzK.js +0 -286
- package/dist/setup.finalize-DSSoTSsd.js +0 -547
- package/dist/setup.gateway-config-bJqXJA3E.js +0 -250
- package/dist/shared-C-DELFhh.js +0 -217
- package/dist/shared-DOOnkgfw.js +0 -198
- package/dist/shared-DfVOpp8r.js +0 -121
- package/dist/shared-nGZZHrFV.js +0 -76
- package/dist/shared-runtime-lVwJld87.js +0 -7
- package/dist/skill-commands-Crg6g_xc.js +0 -83
- package/dist/skill-commands.runtime-Dx9JZPVm.js +0 -2
- package/dist/skills-install-B1RJkjel.js +0 -605
- package/dist/skills-snapshot.runtime-1fnPk6SF.js +0 -7
- package/dist/slash-state-CwgTzmc8.js +0 -1911
- package/dist/speech-provider-BEjGmdRi.js +0 -170
- package/dist/speech-provider-DU0xib0M.js +0 -209
- package/dist/speech-provider-jexKB2Fl.js +0 -216
- package/dist/src-CbfkGwGz.js +0 -3974
- package/dist/stage-sandbox-media.runtime-BzOf-LsJ.js +0 -232
- package/dist/startup-context-acV-bzAJ.js +0 -312
- package/dist/state-migrations-DlUY4b3i.js +0 -820
- package/dist/status-0ozKjOYe.js +0 -190
- package/dist/status-BFMr1TH_.js +0 -395
- package/dist/status-C0tUFjWh.js +0 -2
- package/dist/status-DgyADd4G.js +0 -209
- package/dist/status-Dql1aIFE.js +0 -62
- package/dist/status-L2NtbOry.js +0 -3
- package/dist/status-all-DK98dFQa.js +0 -498
- package/dist/status-json-OEukc0cF.js +0 -14
- package/dist/status-json-command-BWv0zt8E.js +0 -82
- package/dist/status-message-DuKO-hzh.js +0 -466
- package/dist/status-message.runtime-BnLXbVHh.js +0 -6
- package/dist/status-queue.runtime-DXdIwJaQ.js +0 -2
- package/dist/status-runtime-shared-DBMTXWTZ.js +0 -241
- package/dist/status-subagents.runtime-VTEVgOJj.js +0 -18
- package/dist/status-text-Cx0Esdj6.js +0 -237
- package/dist/status-xjF4vxou.js +0 -2
- package/dist/status.gateway-connection.runtime-BT6XfoLV.js +0 -2
- package/dist/status.gather-CF5qlFAG.js +0 -292
- package/dist/status.gather-L0QGMaC4.js +0 -2
- package/dist/status.runtime-BwFzOfxj.js +0 -2
- package/dist/status.runtime-DYi_nOHT.js +0 -2
- package/dist/status.scan-CflamBc9.js +0 -65
- package/dist/status.scan-overview-pGpvYksm.js +0 -379
- package/dist/status.scan.fast-json-BbMvHncK.js +0 -132
- package/dist/status.scan.fast-json-D39u21tI.js +0 -2
- package/dist/status.summary-CKh5Legf.js +0 -2
- package/dist/status.summary-DVdS-4Fj.js +0 -200
- package/dist/store-DgajP9Em.js +0 -4
- package/dist/store-tuisxHpf.js +0 -910
- package/dist/store.runtime-Bw5wLKnD.js +0 -2
- package/dist/stream-CWqBQkS6.js +0 -664
- package/dist/subagent-announce-Df9ABEaq.js +0 -351
- package/dist/subagent-announce-delivery-B5xYlVwu.js +0 -726
- package/dist/subagent-announce-output-JQ-I1Kmk.js +0 -364
- package/dist/subagent-capabilities-DFXCYxt0.js +0 -251
- package/dist/subagent-control-CMaKDVuG.js +0 -506
- package/dist/subagent-control.runtime-CgBRjo3Q.js +0 -3
- package/dist/subagent-followup.runtime-Be2c3jkr.js +0 -68
- package/dist/subagent-orphan-recovery-B4jHKSis.js +0 -305
- package/dist/subagent-registry-CjLI6fcV.js +0 -3
- package/dist/subagent-registry-CruvknDh.js +0 -1753
- package/dist/subagent-spawn-C-9kmYik.js +0 -1005
- package/dist/supervisor-DaRbw4Gw.js +0 -704
- package/dist/system-cli-Cmv7YV3z.js +0 -43
- package/dist/targets-DGdlJYMl.js +0 -67
- package/dist/task-executor-DbusuL0w.js +0 -360
- package/dist/task-owner-access-DNC_BT5l.js +0 -74
- package/dist/task-registry-CKDRlfmp.js +0 -2357
- package/dist/task-registry-delivery-runtime-DX6tjuwQ.js +0 -3
- package/dist/task-registry-delivery-runtime-Ge4fS1Fa.js +0 -2
- package/dist/task-registry.maintenance-DhjCTf6L.js +0 -416
- package/dist/task-registry.maintenance-DyX6m_7s.js +0 -2
- package/dist/testing-BecnXPE0.js +0 -575
- package/dist/text-report-BW3t_i75.js +0 -549
- package/dist/tool-auth-shared-DWrecN7g.js +0 -90
- package/dist/tool-policy-pipeline-CA61tNc_.js +0 -109
- package/dist/tool-resolution-BRHtzc7Q.js +0 -90
- package/dist/tools-effective-inventory-CLJ3nPbB.js +0 -152
- package/dist/tools-invoke-http-DWbJzMo3.js +0 -206
- package/dist/transcript-CEK104A6.js +0 -312
- package/dist/transcript-resolve.runtime-D4I8B--1.js +0 -2
- package/dist/transcript.runtime-ClNMqLSP.js +0 -2
- package/dist/trash-CvOmDpdP.js +0 -24
- package/dist/tts-vEtIfdGN.js +0 -64
- package/dist/tui-cli-BuQzKTYR.js +0 -4585
- package/dist/uninstall-BQ_d8nQ4.js +0 -185
- package/dist/update-D8foEnSw.js +0 -1282
- package/dist/update-cli-DB-VQaie.js +0 -1759
- package/dist/update-startup-D-n1C8A0.js +0 -2
- package/dist/upgrade-DPhvhHXF.js +0 -1226
- package/dist/video-generation-provider-5v5lTL00.js +0 -287
- package/dist/video-generation-provider-BGtbUYJd.js +0 -64
- package/dist/video-generation-provider-BlOdvaLh.js +0 -118
- package/dist/video-generation-provider-CR_fRJ8m.js +0 -187
- package/dist/video-generation-provider-CVUs00hp.js +0 -264
- package/dist/video-generation-provider-CtstiCCO.js +0 -271
- package/dist/video-generation-provider-DDQjPRYO.js +0 -254
- package/dist/video-generation-provider-DLy7AvTJ.js +0 -281
- package/dist/video-generation-provider-DNnNMvS9.js +0 -221
- package/dist/video-generation-provider-vzf0PQXj2.js +0 -77
- package/dist/video-generation-provider-zINiw3aL.js +0 -78
- package/dist/video-generation-task-status-DWUrjc4T.js +0 -163
- package/dist/wait-for-idle-before-flush-BBwcUWtb.js +0 -5985
- package/dist/web-search-provider-BkIzoc2Y.js +0 -163
- package/dist/wizard-models-B5HIywox.js +0 -334
- package/dist/workflow-runtime-tvBeQSK9.js +0 -485
- /package/dist/{audit-channel.collect.runtime-BAKyzn52.js → audit-channel.collect.runtime-CevlIQ6K.js} +0 -0
- /package/dist/{audit-tool-policy-Ftr0W8Wl.js → audit-tool-policy-DTodxIZf.js} +0 -0
- /package/dist/{channel-selection.runtime-CsQ0qN21.js → channel-selection.runtime-DAkF_DgO.js} +0 -0
- /package/dist/{close-reason-DNwBM4qe.js → close-reason-BPuKI4th.js} +0 -0
- /package/dist/{configured-B8XGIYz-.js → configured-C-0r4Pk2.js} +0 -0
- /package/dist/{diagnostic-support-export-CuIJulCK.js → diagnostic-support-export-C8cpJRWi.js} +0 -0
- /package/dist/{gmail-watcher-lifecycle-BoWMgpeT.js → gmail-watcher-lifecycle-DrTbIr0m.js} +0 -0
- /package/dist/{image-BwAofy0f.js → image-LNALiqnF.js} +0 -0
- /package/dist/{image-generation-core.auth.runtime-B6BpHP6V.js → image-generation-core.auth.runtime-hzZbX1YD.js} +0 -0
- /package/dist/{input-allowlist-zDKNs6OG.js → input-allowlist-Bn8hssyM.js} +0 -0
- /package/dist/{install-target-FXMkL80i.js → install-target-C0Dg_4Un.js} +0 -0
- /package/dist/{memory-host-search.runtime-Vfck_NLf.js → memory-host-search.runtime-CAejVWZB.js} +0 -0
- /package/dist/{message.config.runtime-Df8nVSE4.js → message.config.runtime-CAG3eLmF.js} +0 -0
- /package/dist/{paths-BdDCK0XP.js → paths-BrPnd-v6.js} +0 -0
- /package/dist/{provider-api-key-auth.runtime-fT4D2dQt.js → provider-api-key-auth.runtime-YLpiRoM3.js} +0 -0
- /package/dist/{provider-auth-login.runtime-EnfK3WTr.js → provider-auth-login.runtime-BwDEPbY4.js} +0 -0
- /package/dist/{push-apns-DoMbCgqq.js → push-apns-UUwkJMxt.js} +0 -0
- /package/dist/{runtime-manifest.runtime-CuqWbJ5G.js → runtime-manifest.runtime-D8BuqQCR.js} +0 -0
- /package/dist/{runtime-web-channel-plugin-ChmPPl7a.js → runtime-web-channel-plugin-Dx1GGPSD.js} +0 -0
- /package/dist/{runtime-web-tools-fallback.runtime-B3fmu7s0.js → runtime-web-tools-fallback.runtime-_nNCUNAT.js} +0 -0
- /package/dist/{runtime-web-tools-manifest.runtime-CpiYM000.js → runtime-web-tools-manifest.runtime-BaeloEzn.js} +0 -0
- /package/dist/{runtime-web-tools-public-artifacts.runtime-BBNdsUv5.js → runtime-web-tools-public-artifacts.runtime-DOdl6CAd.js} +0 -0
- /package/dist/{server-startup-log-DXJn1EgH.js → server-startup-log-BUk3dEm6.js} +0 -0
- /package/dist/{server-startup-memory-C4d9ImgC.js → server-startup-memory-C3gdaomJ.js} +0 -0
- /package/dist/{server-tailscale-DeNCXYBr.js → server-tailscale-C0DsqL5N.js} +0 -0
- /package/dist/{services-m8_503l9.js → services-CiBabvAX.js} +0 -0
- /package/dist/{session-archive.runtime-DDhx1bOA.js → session-archive.runtime-BIqBKdzI.js} +0 -0
- /package/dist/{setup.node-config-BXET5GZk.js → setup.node-config-BlJDbu4T.js} +0 -0
- /package/dist/{setup.plugin-config-CgBJMtZ8.js → setup.plugin-config-CCP7nrfy.js} +0 -0
- /package/dist/{skill-scanner-cEm04-3B.js → skill-scanner-DnqZE6Fh.js} +0 -0
- /package/dist/{ssh-config-BfxhRhPu.js → ssh-config-wfp8-I37.js} +0 -0
- /package/dist/{supervisor-log.runtime-BdagMpUZ.js → supervisor-log.runtime-DYzbopV7.js} +0 -0
- /package/dist/{targets.runtime-BS4UWyk2.js → targets.runtime-1fn-rTlI.js} +0 -0
- /package/dist/{update-startup-D69inLEd.js → update-startup-DW61ftJW.js} +0 -0
|
@@ -0,0 +1,2853 @@
|
|
|
1
|
+
import { i as formatErrorMessage } from "./errors-CufR9eHH.js";
|
|
2
|
+
import { a as normalizeLowercaseStringOrEmpty, c as normalizeOptionalString, s as normalizeOptionalLowercaseString } from "./string-coerce-DPP_aYVc.js";
|
|
3
|
+
import { c as escapeRegExp } from "./utils-CWrkFsp0.js";
|
|
4
|
+
import { s as sanitizeHostExecEnvWithDiagnostics } from "./host-env-security-PtrzxCxY.js";
|
|
5
|
+
import { a as logWarn, r as logInfo } from "./logger-BbnBrdB_.js";
|
|
6
|
+
import { K as getShellPathFromLoginShell, q as resolveShellEnvFallbackTimeoutMs } from "./io-Cy5vajWd.js";
|
|
7
|
+
import { i as isCronSessionKey, o as isSubagentSessionKey, s as parseAgentSessionKey } from "./session-key-utils-DDwuwYKT.js";
|
|
8
|
+
import { u as resolveAgentIdFromSessionKey } from "./session-key-CI3KvTQC.js";
|
|
9
|
+
import { d as resolveApprovalAuditCandidatePath } from "./exec-safe-bin-trust-DMrCONj2.js";
|
|
10
|
+
import { t as killProcessTree } from "./kill-tree-BbGiB2xY.js";
|
|
11
|
+
import { c as isGatewayMessageChannel, u as normalizeMessageChannel } from "./message-channel-8hna3ogc.js";
|
|
12
|
+
import { i as normalizeDeliveryContext } from "./delivery-context.shared-DnaA0DbE.js";
|
|
13
|
+
import { b as EXEC_TOOL_DISPLAY_SUMMARY, x as PROCESS_TOOL_DISPLAY_SUMMARY } from "./tool-policy-BIGITEMh.js";
|
|
14
|
+
import { C as formatExecDeniedUserMessage, T as parseExecApprovalResultText, u as sanitizeUserFacingText, w as isExecDeniedResultText } from "./sanitize-user-facing-text-DKqUCgHB.js";
|
|
15
|
+
import { o as failedTextResult, v as textResult } from "./common-C4_5xEM_.js";
|
|
16
|
+
import { t as callGatewayTool } from "./gateway-_SCycjaN.js";
|
|
17
|
+
import { t as splitShellArgs } from "./shell-argv-BaDMAO0_.js";
|
|
18
|
+
import { c as describeInterpreterInlineEval, f as analyzeShellCommand, l as detectInterpreterInlineEvalArgv, n as evaluateShellAllowlist, p as buildEnforcedShellCommand } from "./exec-approvals-allowlist-BBW7JMg0.js";
|
|
19
|
+
import { r as resolveExecSafeBinRuntimePolicy } from "./exec-safe-bin-runtime-policy-DUcKpnC_.js";
|
|
20
|
+
import { C as requiresExecApproval, D as resolveExecApprovalsFromFile, E as resolveExecApprovals, _ as normalizeExecTarget, a as addDurableCommandApproval, b as recordAllowlistMatchesUse, f as minSecurity, g as normalizeExecSecurity, l as loadExecApprovals, m as normalizeExecAsk, s as hasDurableExecApproval, u as maxAsk, v as persistAllowAlwaysPatterns, w as resolveExecApprovalAllowedDecisions } from "./exec-approvals-D0DTIzDT.js";
|
|
21
|
+
import { n as describeProcessTool, t as describeExecTool } from "./bash-tools.descriptions-DzPYV0Li.js";
|
|
22
|
+
import { n as processSchema, t as execSchema } from "./bash-tools.schemas-B8_wOdjn.js";
|
|
23
|
+
import "./delivery-context-Pj68kbuc.js";
|
|
24
|
+
import { n as getDiagnosticSessionState } from "./diagnostic-session-state-BzRMvtlj.js";
|
|
25
|
+
import { i as resolveNodeIdFromList, t as listNodes } from "./nodes-utils-DOQtMWOk.js";
|
|
26
|
+
import { t as sendMessage } from "./message-DYkh5sOP.js";
|
|
27
|
+
import { t as resolveExternalBestEffortDeliveryTarget } from "./best-effort-delivery-CPpGc0xQ.js";
|
|
28
|
+
import { t as formatDurationCompact } from "./format-duration-D7ua_Cv_.js";
|
|
29
|
+
import { a as coerceEnv, c as readEnvInt, d as sliceLogLines, f as truncateMiddle, i as clampWithDefault, l as resolveSandboxWorkdir, n as buildSandboxEnv, o as deriveSessionName, s as pad, u as resolveWorkdir } from "./bash-tools.shared-tggOw0Pu.js";
|
|
30
|
+
import { f as resolveExecApprovalInitiatingSurfaceState, s as buildExecApprovalUnavailableReplyPayload } from "./exec-approval-reply-BhbjoK1B.js";
|
|
31
|
+
import { i as normalizePathPrepend, t as applyPathPrepend } from "./path-prepend-DR8e0z7b.js";
|
|
32
|
+
import { t as getProcessSupervisor } from "./supervisor-DgpKTzey.js";
|
|
33
|
+
import { C as setJobTtlMs, S as markExited, _ as getFinishedSession, a as DEFAULT_PENDING_MAX_OUTPUT, b as listRunningSessions, c as createApprovalSlug, f as resolveApprovalRunningNoticeMs, g as drainSession, h as deleteSession, i as DEFAULT_PATH, m as runExecProcess, n as DEFAULT_APPROVAL_TIMEOUT_MS, o as applyShellPath, p as resolveExecTarget, r as DEFAULT_MAX_OUTPUT, s as buildApprovalPendingMessage, t as DEFAULT_APPROVAL_REQUEST_TIMEOUT_MS, u as normalizeNotifyOutput, v as getSession, w as tail, x as markBackgrounded, y as listFinishedSessions } from "./bash-tools.exec-runtime-BSErqAOv.js";
|
|
34
|
+
import { a as parseModelRiskVerdict, i as mergeSafeguardVerdicts, n as evaluateExecSafeguard, r as isAmbiguousForModel } from "./exec-safeguard-DMM6KaOP.js";
|
|
35
|
+
import { t as parsePreparedSystemRunPayload } from "./system-run-approval-context-CmtECXC_.js";
|
|
36
|
+
import { n as recordCommandPoll, r as resetCommandPollCount } from "./command-poll-backoff-BzCxMvUa.js";
|
|
37
|
+
import path from "node:path";
|
|
38
|
+
import crypto from "node:crypto";
|
|
39
|
+
//#region src/agents/bash-tools.exec-approval-request.ts
|
|
40
|
+
function buildExecApprovalRequestToolParams(params) {
|
|
41
|
+
return {
|
|
42
|
+
id: params.id,
|
|
43
|
+
...params.command ? { command: params.command } : {},
|
|
44
|
+
...params.commandArgv ? { commandArgv: params.commandArgv } : {},
|
|
45
|
+
systemRunPlan: params.systemRunPlan,
|
|
46
|
+
env: params.env,
|
|
47
|
+
cwd: params.cwd,
|
|
48
|
+
nodeId: params.nodeId,
|
|
49
|
+
host: params.host,
|
|
50
|
+
security: params.security,
|
|
51
|
+
ask: params.ask,
|
|
52
|
+
agentId: params.agentId,
|
|
53
|
+
resolvedPath: params.resolvedPath,
|
|
54
|
+
sessionKey: params.sessionKey,
|
|
55
|
+
turnSourceChannel: params.turnSourceChannel,
|
|
56
|
+
turnSourceTo: params.turnSourceTo,
|
|
57
|
+
turnSourceAccountId: params.turnSourceAccountId,
|
|
58
|
+
turnSourceThreadId: params.turnSourceThreadId,
|
|
59
|
+
timeoutMs: DEFAULT_APPROVAL_TIMEOUT_MS,
|
|
60
|
+
twoPhase: true
|
|
61
|
+
};
|
|
62
|
+
}
|
|
63
|
+
function parseDecision(value) {
|
|
64
|
+
if (!value || typeof value !== "object") return {
|
|
65
|
+
present: false,
|
|
66
|
+
value: null
|
|
67
|
+
};
|
|
68
|
+
if (!Object.hasOwn(value, "decision")) return {
|
|
69
|
+
present: false,
|
|
70
|
+
value: null
|
|
71
|
+
};
|
|
72
|
+
const decision = value.decision;
|
|
73
|
+
return {
|
|
74
|
+
present: true,
|
|
75
|
+
value: typeof decision === "string" ? decision : null
|
|
76
|
+
};
|
|
77
|
+
}
|
|
78
|
+
function parseString(value) {
|
|
79
|
+
return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
|
|
80
|
+
}
|
|
81
|
+
function parseExpiresAtMs(value) {
|
|
82
|
+
return typeof value === "number" && Number.isFinite(value) ? value : void 0;
|
|
83
|
+
}
|
|
84
|
+
async function registerExecApprovalRequest(params) {
|
|
85
|
+
const registrationResult = await callGatewayTool("exec.approval.request", { timeoutMs: DEFAULT_APPROVAL_REQUEST_TIMEOUT_MS }, buildExecApprovalRequestToolParams(params), { expectFinal: false });
|
|
86
|
+
const decision = parseDecision(registrationResult);
|
|
87
|
+
const id = parseString(registrationResult?.id) ?? params.id;
|
|
88
|
+
const expiresAtMs = parseExpiresAtMs(registrationResult?.expiresAtMs) ?? Date.now() + DEFAULT_APPROVAL_TIMEOUT_MS;
|
|
89
|
+
if (decision.present) return {
|
|
90
|
+
id,
|
|
91
|
+
expiresAtMs,
|
|
92
|
+
finalDecision: decision.value
|
|
93
|
+
};
|
|
94
|
+
return {
|
|
95
|
+
id,
|
|
96
|
+
expiresAtMs
|
|
97
|
+
};
|
|
98
|
+
}
|
|
99
|
+
async function waitForExecApprovalDecision(id) {
|
|
100
|
+
try {
|
|
101
|
+
return parseDecision(await callGatewayTool("exec.approval.waitDecision", { timeoutMs: DEFAULT_APPROVAL_REQUEST_TIMEOUT_MS }, { id })).value;
|
|
102
|
+
} catch (err) {
|
|
103
|
+
if (normalizeLowercaseStringOrEmpty(String(err)).includes("approval expired or not found")) return null;
|
|
104
|
+
throw err;
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
async function resolveRegisteredExecApprovalDecision(params) {
|
|
108
|
+
if (params.preResolvedDecision !== void 0) return params.preResolvedDecision ?? null;
|
|
109
|
+
return await waitForExecApprovalDecision(params.approvalId);
|
|
110
|
+
}
|
|
111
|
+
function buildExecApprovalRequesterContext(params) {
|
|
112
|
+
return {
|
|
113
|
+
agentId: params.agentId,
|
|
114
|
+
sessionKey: params.sessionKey
|
|
115
|
+
};
|
|
116
|
+
}
|
|
117
|
+
function buildExecApprovalTurnSourceContext(params) {
|
|
118
|
+
return {
|
|
119
|
+
turnSourceChannel: params.turnSourceChannel,
|
|
120
|
+
turnSourceTo: params.turnSourceTo,
|
|
121
|
+
turnSourceAccountId: params.turnSourceAccountId,
|
|
122
|
+
turnSourceThreadId: params.turnSourceThreadId
|
|
123
|
+
};
|
|
124
|
+
}
|
|
125
|
+
function buildHostApprovalDecisionParams(params) {
|
|
126
|
+
return {
|
|
127
|
+
id: params.approvalId,
|
|
128
|
+
command: params.command,
|
|
129
|
+
commandArgv: params.commandArgv,
|
|
130
|
+
systemRunPlan: params.systemRunPlan,
|
|
131
|
+
env: params.env,
|
|
132
|
+
cwd: params.workdir,
|
|
133
|
+
nodeId: params.nodeId,
|
|
134
|
+
host: params.host,
|
|
135
|
+
security: params.security,
|
|
136
|
+
ask: params.ask,
|
|
137
|
+
...buildExecApprovalRequesterContext({
|
|
138
|
+
agentId: params.agentId,
|
|
139
|
+
sessionKey: params.sessionKey
|
|
140
|
+
}),
|
|
141
|
+
resolvedPath: params.resolvedPath,
|
|
142
|
+
...buildExecApprovalTurnSourceContext(params)
|
|
143
|
+
};
|
|
144
|
+
}
|
|
145
|
+
async function registerExecApprovalRequestForHost(params) {
|
|
146
|
+
return await registerExecApprovalRequest(buildHostApprovalDecisionParams(params));
|
|
147
|
+
}
|
|
148
|
+
async function registerExecApprovalRequestForHostOrThrow(params) {
|
|
149
|
+
try {
|
|
150
|
+
return await registerExecApprovalRequestForHost(params);
|
|
151
|
+
} catch (err) {
|
|
152
|
+
throw new Error(`Exec approval registration failed: ${String(err)}`, { cause: err });
|
|
153
|
+
}
|
|
154
|
+
}
|
|
155
|
+
//#endregion
|
|
156
|
+
//#region src/agents/bash-tools.exec-approval-followup.ts
|
|
157
|
+
function buildExecDeniedFollowupPrompt(resultText) {
|
|
158
|
+
return [
|
|
159
|
+
"An async command did not run.",
|
|
160
|
+
"Do not run the command again.",
|
|
161
|
+
"There is no new command output.",
|
|
162
|
+
"Do not mention, summarize, or reuse output from any earlier run in this session.",
|
|
163
|
+
"",
|
|
164
|
+
"Exact completion details:",
|
|
165
|
+
resultText.trim(),
|
|
166
|
+
"",
|
|
167
|
+
"Reply to the user in a helpful way.",
|
|
168
|
+
"Explain that the command did not run and why.",
|
|
169
|
+
"Do not claim there is new command output."
|
|
170
|
+
].join("\n");
|
|
171
|
+
}
|
|
172
|
+
function formatUnknownError(error) {
|
|
173
|
+
if (error instanceof Error) return error.message;
|
|
174
|
+
if (typeof error === "string") return error;
|
|
175
|
+
try {
|
|
176
|
+
return JSON.stringify(error);
|
|
177
|
+
} catch {
|
|
178
|
+
return "unknown error";
|
|
179
|
+
}
|
|
180
|
+
}
|
|
181
|
+
function buildExecApprovalFollowupPrompt(resultText) {
|
|
182
|
+
const trimmed = resultText.trim();
|
|
183
|
+
if (isExecDeniedResultText(trimmed)) return buildExecDeniedFollowupPrompt(trimmed);
|
|
184
|
+
return [
|
|
185
|
+
"An async command the user already approved has completed.",
|
|
186
|
+
"Do not run the command again.",
|
|
187
|
+
"If the task requires more steps, continue from this result before replying to the user.",
|
|
188
|
+
"Only ask the user for help if you are actually blocked.",
|
|
189
|
+
"",
|
|
190
|
+
"Exact completion details:",
|
|
191
|
+
trimmed,
|
|
192
|
+
"",
|
|
193
|
+
"Continue the task if needed, then reply to the user in a helpful way.",
|
|
194
|
+
"If it succeeded, share the relevant output.",
|
|
195
|
+
"If it failed, explain what went wrong."
|
|
196
|
+
].join("\n");
|
|
197
|
+
}
|
|
198
|
+
function shouldSuppressExecDeniedFollowup(sessionKey) {
|
|
199
|
+
return isSubagentSessionKey(sessionKey) || isCronSessionKey(sessionKey);
|
|
200
|
+
}
|
|
201
|
+
function formatDirectExecApprovalFollowupText(resultText, opts = {}) {
|
|
202
|
+
const parsed = parseExecApprovalResultText(resultText);
|
|
203
|
+
if (parsed.kind === "other" && !parsed.raw) return null;
|
|
204
|
+
if (parsed.kind === "denied") return opts.allowDenied ? formatExecDeniedUserMessage(parsed.raw) : null;
|
|
205
|
+
if (parsed.kind === "finished") {
|
|
206
|
+
const metadata = normalizeLowercaseStringOrEmpty(parsed.metadata);
|
|
207
|
+
const body = sanitizeUserFacingText(parsed.body, { errorContext: !metadata.includes("code 0") }).trim();
|
|
208
|
+
let prefix = "";
|
|
209
|
+
if (!body) prefix = metadata.includes("code 0") ? "Background command finished." : metadata.includes("signal") ? "Background command stopped unexpectedly." : "Background command finished with an error.";
|
|
210
|
+
return body ? `${prefix ? `${prefix}\n\n` : ""}${body}` : prefix || null;
|
|
211
|
+
}
|
|
212
|
+
if (parsed.kind === "completed") return sanitizeUserFacingText(parsed.body, { errorContext: true }).trim() || "Background command finished.";
|
|
213
|
+
return sanitizeUserFacingText(parsed.raw, { errorContext: true }).trim() || null;
|
|
214
|
+
}
|
|
215
|
+
function buildSessionResumeFallbackPrefix() {
|
|
216
|
+
return "Automatic session resume failed, so sending the status directly.\n\n";
|
|
217
|
+
}
|
|
218
|
+
function canDirectSendDeniedFollowup(sessionError) {
|
|
219
|
+
return sessionError !== null;
|
|
220
|
+
}
|
|
221
|
+
function buildAgentFollowupArgs(params) {
|
|
222
|
+
const { deliveryTarget, sessionOnlyOriginChannel } = params;
|
|
223
|
+
return {
|
|
224
|
+
sessionKey: params.sessionKey,
|
|
225
|
+
message: buildExecApprovalFollowupPrompt(params.resultText),
|
|
226
|
+
deliver: deliveryTarget.deliver,
|
|
227
|
+
...deliveryTarget.deliver ? { bestEffortDeliver: true } : {},
|
|
228
|
+
channel: deliveryTarget.deliver ? deliveryTarget.channel : sessionOnlyOriginChannel,
|
|
229
|
+
to: deliveryTarget.deliver ? deliveryTarget.to : sessionOnlyOriginChannel ? params.turnSourceTo : void 0,
|
|
230
|
+
accountId: deliveryTarget.deliver ? deliveryTarget.accountId : sessionOnlyOriginChannel ? params.turnSourceAccountId : void 0,
|
|
231
|
+
threadId: deliveryTarget.deliver ? deliveryTarget.threadId : sessionOnlyOriginChannel ? params.turnSourceThreadId : void 0,
|
|
232
|
+
idempotencyKey: `exec-approval-followup:${params.approvalId}`
|
|
233
|
+
};
|
|
234
|
+
}
|
|
235
|
+
async function sendDirectFollowupFallback(params) {
|
|
236
|
+
const directText = formatDirectExecApprovalFollowupText(params.resultText, { allowDenied: canDirectSendDeniedFollowup(params.sessionError) });
|
|
237
|
+
if (!params.deliveryTarget.deliver || !directText) return false;
|
|
238
|
+
const prefix = params.sessionError ? buildSessionResumeFallbackPrefix() : "";
|
|
239
|
+
await sendMessage({
|
|
240
|
+
channel: params.deliveryTarget.channel,
|
|
241
|
+
to: params.deliveryTarget.to ?? "",
|
|
242
|
+
accountId: params.deliveryTarget.accountId,
|
|
243
|
+
threadId: params.deliveryTarget.threadId,
|
|
244
|
+
content: `${prefix}${directText}`,
|
|
245
|
+
agentId: void 0,
|
|
246
|
+
idempotencyKey: `exec-approval-followup:${params.approvalId}`
|
|
247
|
+
});
|
|
248
|
+
return true;
|
|
249
|
+
}
|
|
250
|
+
async function sendExecApprovalFollowup(params) {
|
|
251
|
+
const sessionKey = params.sessionKey?.trim();
|
|
252
|
+
const resultText = params.resultText.trim();
|
|
253
|
+
if (!resultText) return false;
|
|
254
|
+
const isDenied = isExecDeniedResultText(resultText);
|
|
255
|
+
if (isDenied && shouldSuppressExecDeniedFollowup(sessionKey)) return false;
|
|
256
|
+
const deliveryTarget = resolveExternalBestEffortDeliveryTarget({
|
|
257
|
+
channel: params.turnSourceChannel,
|
|
258
|
+
to: params.turnSourceTo,
|
|
259
|
+
accountId: params.turnSourceAccountId,
|
|
260
|
+
threadId: params.turnSourceThreadId
|
|
261
|
+
});
|
|
262
|
+
const normalizedTurnSourceChannel = normalizeMessageChannel(params.turnSourceChannel);
|
|
263
|
+
const sessionOnlyOriginChannel = normalizedTurnSourceChannel && isGatewayMessageChannel(normalizedTurnSourceChannel) ? normalizedTurnSourceChannel : void 0;
|
|
264
|
+
let sessionError = null;
|
|
265
|
+
if (sessionKey) try {
|
|
266
|
+
await callGatewayTool("agent", { timeoutMs: 6e4 }, buildAgentFollowupArgs({
|
|
267
|
+
approvalId: params.approvalId,
|
|
268
|
+
sessionKey,
|
|
269
|
+
resultText,
|
|
270
|
+
deliveryTarget,
|
|
271
|
+
sessionOnlyOriginChannel,
|
|
272
|
+
turnSourceTo: params.turnSourceTo,
|
|
273
|
+
turnSourceAccountId: params.turnSourceAccountId,
|
|
274
|
+
turnSourceThreadId: params.turnSourceThreadId
|
|
275
|
+
}), { expectFinal: true });
|
|
276
|
+
return true;
|
|
277
|
+
} catch (err) {
|
|
278
|
+
sessionError = err;
|
|
279
|
+
}
|
|
280
|
+
if (await sendDirectFollowupFallback({
|
|
281
|
+
approvalId: params.approvalId,
|
|
282
|
+
deliveryTarget,
|
|
283
|
+
resultText,
|
|
284
|
+
sessionError
|
|
285
|
+
})) return true;
|
|
286
|
+
if (sessionError) throw new Error(`Session followup failed: ${formatUnknownError(sessionError)}`);
|
|
287
|
+
if (isDenied) return false;
|
|
288
|
+
throw new Error("Session key or deliverable origin route is required");
|
|
289
|
+
}
|
|
290
|
+
const loggedExecApprovalFollowupFailures = /* @__PURE__ */ new Set();
|
|
291
|
+
function rememberExecApprovalFollowupFailureKey(key) {
|
|
292
|
+
if (loggedExecApprovalFollowupFailures.has(key)) return false;
|
|
293
|
+
loggedExecApprovalFollowupFailures.add(key);
|
|
294
|
+
if (loggedExecApprovalFollowupFailures.size > 256) {
|
|
295
|
+
const oldestKey = loggedExecApprovalFollowupFailures.values().next().value;
|
|
296
|
+
if (typeof oldestKey === "string") loggedExecApprovalFollowupFailures.delete(oldestKey);
|
|
297
|
+
}
|
|
298
|
+
return true;
|
|
299
|
+
}
|
|
300
|
+
function isHeadlessExecTrigger(trigger) {
|
|
301
|
+
return trigger === "cron";
|
|
302
|
+
}
|
|
303
|
+
function createExecApprovalPendingState(params) {
|
|
304
|
+
return {
|
|
305
|
+
warningText: params.warnings.length ? `${params.warnings.join("\n")}\n\n` : "",
|
|
306
|
+
expiresAtMs: Date.now() + params.timeoutMs,
|
|
307
|
+
preResolvedDecision: void 0
|
|
308
|
+
};
|
|
309
|
+
}
|
|
310
|
+
function createExecApprovalRequestState(params) {
|
|
311
|
+
return {
|
|
312
|
+
...createExecApprovalPendingState({
|
|
313
|
+
warnings: params.warnings,
|
|
314
|
+
timeoutMs: params.timeoutMs
|
|
315
|
+
}),
|
|
316
|
+
noticeSeconds: Math.max(1, Math.round(params.approvalRunningNoticeMs / 1e3))
|
|
317
|
+
};
|
|
318
|
+
}
|
|
319
|
+
function createExecApprovalRequestContext(params) {
|
|
320
|
+
const approvalId = crypto.randomUUID();
|
|
321
|
+
return {
|
|
322
|
+
...createExecApprovalRequestState({
|
|
323
|
+
warnings: params.warnings,
|
|
324
|
+
timeoutMs: params.timeoutMs,
|
|
325
|
+
approvalRunningNoticeMs: params.approvalRunningNoticeMs
|
|
326
|
+
}),
|
|
327
|
+
approvalId,
|
|
328
|
+
approvalSlug: params.createApprovalSlug(approvalId),
|
|
329
|
+
contextKey: `exec:${approvalId}`
|
|
330
|
+
};
|
|
331
|
+
}
|
|
332
|
+
function createDefaultExecApprovalRequestContext(params) {
|
|
333
|
+
return createExecApprovalRequestContext({
|
|
334
|
+
warnings: params.warnings,
|
|
335
|
+
timeoutMs: DEFAULT_APPROVAL_TIMEOUT_MS,
|
|
336
|
+
approvalRunningNoticeMs: params.approvalRunningNoticeMs,
|
|
337
|
+
createApprovalSlug: params.createApprovalSlug
|
|
338
|
+
});
|
|
339
|
+
}
|
|
340
|
+
function resolveBaseExecApprovalDecision(params) {
|
|
341
|
+
if (params.decision === "deny") return {
|
|
342
|
+
approvedByAsk: false,
|
|
343
|
+
deniedReason: "user-denied",
|
|
344
|
+
timedOut: false
|
|
345
|
+
};
|
|
346
|
+
if (!params.decision) {
|
|
347
|
+
if (params.askFallback === "full") return {
|
|
348
|
+
approvedByAsk: true,
|
|
349
|
+
deniedReason: null,
|
|
350
|
+
timedOut: true
|
|
351
|
+
};
|
|
352
|
+
if (params.askFallback === "deny") return {
|
|
353
|
+
approvedByAsk: false,
|
|
354
|
+
deniedReason: "approval-timeout",
|
|
355
|
+
timedOut: true
|
|
356
|
+
};
|
|
357
|
+
return {
|
|
358
|
+
approvedByAsk: false,
|
|
359
|
+
deniedReason: null,
|
|
360
|
+
timedOut: true
|
|
361
|
+
};
|
|
362
|
+
}
|
|
363
|
+
return {
|
|
364
|
+
approvedByAsk: false,
|
|
365
|
+
deniedReason: null,
|
|
366
|
+
timedOut: false
|
|
367
|
+
};
|
|
368
|
+
}
|
|
369
|
+
function resolveExecHostApprovalContext(params) {
|
|
370
|
+
const approvals = resolveExecApprovals(params.agentId, {
|
|
371
|
+
security: params.security,
|
|
372
|
+
ask: params.ask
|
|
373
|
+
});
|
|
374
|
+
const hostSecurity = minSecurity(params.security, approvals.agent.security);
|
|
375
|
+
const hostAsk = maxAsk(params.ask, approvals.agent.ask);
|
|
376
|
+
const askFallback = minSecurity(hostSecurity, approvals.agent.askFallback);
|
|
377
|
+
if (hostSecurity === "deny") throw new Error(`exec denied: host=${params.host} security=deny`);
|
|
378
|
+
return {
|
|
379
|
+
approvals,
|
|
380
|
+
hostSecurity,
|
|
381
|
+
hostAsk,
|
|
382
|
+
askFallback
|
|
383
|
+
};
|
|
384
|
+
}
|
|
385
|
+
async function resolveApprovalDecisionOrUndefined(params) {
|
|
386
|
+
try {
|
|
387
|
+
return await resolveRegisteredExecApprovalDecision({
|
|
388
|
+
approvalId: params.approvalId,
|
|
389
|
+
preResolvedDecision: params.preResolvedDecision
|
|
390
|
+
});
|
|
391
|
+
} catch {
|
|
392
|
+
params.onFailure();
|
|
393
|
+
return;
|
|
394
|
+
}
|
|
395
|
+
}
|
|
396
|
+
function resolveExecApprovalUnavailableState(params) {
|
|
397
|
+
const initiatingSurface = resolveExecApprovalInitiatingSurfaceState({
|
|
398
|
+
channel: params.turnSourceChannel,
|
|
399
|
+
accountId: params.turnSourceAccountId
|
|
400
|
+
});
|
|
401
|
+
return {
|
|
402
|
+
initiatingSurface,
|
|
403
|
+
sentApproverDms: false,
|
|
404
|
+
unavailableReason: params.preResolvedDecision === null ? "no-approval-route" : initiatingSurface.kind === "disabled" ? "initiating-platform-disabled" : initiatingSurface.kind === "unsupported" ? "initiating-platform-unsupported" : null
|
|
405
|
+
};
|
|
406
|
+
}
|
|
407
|
+
async function createAndRegisterDefaultExecApprovalRequest(params) {
|
|
408
|
+
const { approvalId, approvalSlug, warningText, expiresAtMs: defaultExpiresAtMs, preResolvedDecision: defaultPreResolvedDecision } = createDefaultExecApprovalRequestContext({
|
|
409
|
+
warnings: params.warnings,
|
|
410
|
+
approvalRunningNoticeMs: params.approvalRunningNoticeMs,
|
|
411
|
+
createApprovalSlug: params.createApprovalSlug
|
|
412
|
+
});
|
|
413
|
+
const registration = await params.register(approvalId);
|
|
414
|
+
const preResolvedDecision = registration.finalDecision;
|
|
415
|
+
const { initiatingSurface, sentApproverDms, unavailableReason } = resolveExecApprovalUnavailableState({
|
|
416
|
+
turnSourceChannel: params.turnSourceChannel,
|
|
417
|
+
turnSourceAccountId: params.turnSourceAccountId,
|
|
418
|
+
preResolvedDecision
|
|
419
|
+
});
|
|
420
|
+
return {
|
|
421
|
+
approvalId,
|
|
422
|
+
approvalSlug,
|
|
423
|
+
warningText,
|
|
424
|
+
expiresAtMs: registration.expiresAtMs ?? defaultExpiresAtMs,
|
|
425
|
+
preResolvedDecision: registration.finalDecision === void 0 ? defaultPreResolvedDecision : registration.finalDecision,
|
|
426
|
+
initiatingSurface,
|
|
427
|
+
sentApproverDms,
|
|
428
|
+
unavailableReason
|
|
429
|
+
};
|
|
430
|
+
}
|
|
431
|
+
function buildDefaultExecApprovalRequestArgs(params) {
|
|
432
|
+
return {
|
|
433
|
+
warnings: params.warnings,
|
|
434
|
+
approvalRunningNoticeMs: params.approvalRunningNoticeMs,
|
|
435
|
+
createApprovalSlug: params.createApprovalSlug,
|
|
436
|
+
turnSourceChannel: params.turnSourceChannel,
|
|
437
|
+
turnSourceAccountId: params.turnSourceAccountId
|
|
438
|
+
};
|
|
439
|
+
}
|
|
440
|
+
function buildExecApprovalFollowupTarget(params) {
|
|
441
|
+
return {
|
|
442
|
+
approvalId: params.approvalId,
|
|
443
|
+
sessionKey: params.sessionKey,
|
|
444
|
+
turnSourceChannel: params.turnSourceChannel,
|
|
445
|
+
turnSourceTo: params.turnSourceTo,
|
|
446
|
+
turnSourceAccountId: params.turnSourceAccountId,
|
|
447
|
+
turnSourceThreadId: params.turnSourceThreadId
|
|
448
|
+
};
|
|
449
|
+
}
|
|
450
|
+
function createExecApprovalDecisionState(params) {
|
|
451
|
+
const baseDecision = resolveBaseExecApprovalDecision({
|
|
452
|
+
decision: params.decision ?? null,
|
|
453
|
+
askFallback: params.askFallback
|
|
454
|
+
});
|
|
455
|
+
return {
|
|
456
|
+
baseDecision,
|
|
457
|
+
approvedByAsk: baseDecision.approvedByAsk,
|
|
458
|
+
deniedReason: baseDecision.deniedReason
|
|
459
|
+
};
|
|
460
|
+
}
|
|
461
|
+
function enforceStrictInlineEvalApprovalBoundary(params) {
|
|
462
|
+
if (!params.baseDecision.timedOut || !params.requiresInlineEvalApproval || !params.approvedByAsk) return {
|
|
463
|
+
approvedByAsk: params.approvedByAsk,
|
|
464
|
+
deniedReason: params.deniedReason
|
|
465
|
+
};
|
|
466
|
+
return {
|
|
467
|
+
approvedByAsk: false,
|
|
468
|
+
deniedReason: params.deniedReason ?? "approval-timeout"
|
|
469
|
+
};
|
|
470
|
+
}
|
|
471
|
+
function shouldResolveExecApprovalUnavailableInline(params) {
|
|
472
|
+
return isHeadlessExecTrigger(params.trigger) && params.unavailableReason === "no-approval-route" && params.preResolvedDecision === null;
|
|
473
|
+
}
|
|
474
|
+
function buildHeadlessExecApprovalDeniedMessage(params) {
|
|
475
|
+
return [
|
|
476
|
+
`exec denied: ${params.trigger === "cron" ? "Cron runs" : "Headless runs"} cannot wait for interactive exec approval.`,
|
|
477
|
+
`Effective host exec policy: security=${params.security} ask=${params.ask} askFallback=${params.askFallback}`,
|
|
478
|
+
"Stricter values from tools.exec and ~/.genesis/exec-approvals.json both apply.",
|
|
479
|
+
"Fix one of these:",
|
|
480
|
+
"- align both files to security=\"full\" and ask=\"off\" for trusted local automation",
|
|
481
|
+
"- keep allowlist mode and add an explicit allowlist entry for this command",
|
|
482
|
+
"- enable Web UI, terminal UI, or chat exec approvals and rerun interactively",
|
|
483
|
+
"Tip: run \"genesis doctor\" and \"genesis approvals get --gateway\" to inspect the effective policy."
|
|
484
|
+
].join("\n");
|
|
485
|
+
}
|
|
486
|
+
async function sendExecApprovalFollowupResult(target, resultText, deps = {}) {
|
|
487
|
+
const send = deps.sendExecApprovalFollowup ?? sendExecApprovalFollowup;
|
|
488
|
+
const warn = deps.logWarn ?? logWarn;
|
|
489
|
+
await send({
|
|
490
|
+
approvalId: target.approvalId,
|
|
491
|
+
sessionKey: target.sessionKey,
|
|
492
|
+
turnSourceChannel: target.turnSourceChannel,
|
|
493
|
+
turnSourceTo: target.turnSourceTo,
|
|
494
|
+
turnSourceAccountId: target.turnSourceAccountId,
|
|
495
|
+
turnSourceThreadId: target.turnSourceThreadId,
|
|
496
|
+
resultText
|
|
497
|
+
}).catch((error) => {
|
|
498
|
+
const message = formatErrorMessage(error);
|
|
499
|
+
if (!rememberExecApprovalFollowupFailureKey(`${target.approvalId}:${message}`)) return;
|
|
500
|
+
warn(`exec approval followup dispatch failed (id=${target.approvalId}): ${message}`);
|
|
501
|
+
});
|
|
502
|
+
}
|
|
503
|
+
function buildExecApprovalPendingToolResult(params) {
|
|
504
|
+
const allowedDecisions = params.allowedDecisions ?? resolveExecApprovalAllowedDecisions();
|
|
505
|
+
return {
|
|
506
|
+
content: [{
|
|
507
|
+
type: "text",
|
|
508
|
+
text: params.unavailableReason !== null ? buildExecApprovalUnavailableReplyPayload({
|
|
509
|
+
warningText: params.warningText,
|
|
510
|
+
reason: params.unavailableReason,
|
|
511
|
+
channel: params.initiatingSurface.channel,
|
|
512
|
+
channelLabel: params.initiatingSurface.channelLabel,
|
|
513
|
+
accountId: params.initiatingSurface.accountId,
|
|
514
|
+
sentApproverDms: params.sentApproverDms
|
|
515
|
+
}).text ?? "" : buildApprovalPendingMessage({
|
|
516
|
+
warningText: params.warningText,
|
|
517
|
+
approvalSlug: params.approvalSlug,
|
|
518
|
+
approvalId: params.approvalId,
|
|
519
|
+
allowedDecisions,
|
|
520
|
+
command: params.command,
|
|
521
|
+
cwd: params.cwd,
|
|
522
|
+
host: params.host,
|
|
523
|
+
nodeId: params.nodeId
|
|
524
|
+
})
|
|
525
|
+
}],
|
|
526
|
+
details: params.unavailableReason !== null ? {
|
|
527
|
+
status: "approval-unavailable",
|
|
528
|
+
reason: params.unavailableReason,
|
|
529
|
+
channel: params.initiatingSurface.channel,
|
|
530
|
+
channelLabel: params.initiatingSurface.channelLabel,
|
|
531
|
+
accountId: params.initiatingSurface.accountId,
|
|
532
|
+
sentApproverDms: params.sentApproverDms,
|
|
533
|
+
host: params.host,
|
|
534
|
+
command: params.command,
|
|
535
|
+
cwd: params.cwd,
|
|
536
|
+
nodeId: params.nodeId,
|
|
537
|
+
warningText: params.warningText
|
|
538
|
+
} : {
|
|
539
|
+
status: "approval-pending",
|
|
540
|
+
approvalId: params.approvalId,
|
|
541
|
+
approvalSlug: params.approvalSlug,
|
|
542
|
+
expiresAtMs: params.expiresAtMs,
|
|
543
|
+
allowedDecisions,
|
|
544
|
+
host: params.host,
|
|
545
|
+
command: params.command,
|
|
546
|
+
cwd: params.cwd,
|
|
547
|
+
nodeId: params.nodeId,
|
|
548
|
+
warningText: params.warningText
|
|
549
|
+
}
|
|
550
|
+
};
|
|
551
|
+
}
|
|
552
|
+
//#endregion
|
|
553
|
+
//#region src/agents/bash-tools.exec-host-gateway.ts
|
|
554
|
+
function hasGatewayAllowlistMiss(params) {
|
|
555
|
+
return params.hostSecurity === "allowlist" && (!params.analysisOk || !params.allowlistSatisfied) && !params.durableApprovalSatisfied;
|
|
556
|
+
}
|
|
557
|
+
async function processGatewayAllowlist(params) {
|
|
558
|
+
const { approvals, hostSecurity, hostAsk, askFallback } = resolveExecHostApprovalContext({
|
|
559
|
+
agentId: params.agentId,
|
|
560
|
+
security: params.security,
|
|
561
|
+
ask: params.ask,
|
|
562
|
+
host: "gateway"
|
|
563
|
+
});
|
|
564
|
+
const allowlistEval = evaluateShellAllowlist({
|
|
565
|
+
command: params.command,
|
|
566
|
+
allowlist: approvals.allowlist,
|
|
567
|
+
safeBins: params.safeBins,
|
|
568
|
+
safeBinProfiles: params.safeBinProfiles,
|
|
569
|
+
cwd: params.workdir,
|
|
570
|
+
env: params.env,
|
|
571
|
+
platform: process.platform,
|
|
572
|
+
trustedSafeBinDirs: params.trustedSafeBinDirs
|
|
573
|
+
});
|
|
574
|
+
const allowlistMatches = allowlistEval.allowlistMatches;
|
|
575
|
+
const analysisOk = allowlistEval.analysisOk;
|
|
576
|
+
const allowlistSatisfied = hostSecurity === "allowlist" && analysisOk ? allowlistEval.allowlistSatisfied : false;
|
|
577
|
+
const durableApprovalSatisfied = hasDurableExecApproval({
|
|
578
|
+
analysisOk,
|
|
579
|
+
segmentAllowlistEntries: allowlistEval.segmentAllowlistEntries,
|
|
580
|
+
allowlist: approvals.allowlist,
|
|
581
|
+
commandText: params.command
|
|
582
|
+
});
|
|
583
|
+
const inlineEvalHit = params.strictInlineEval === true ? allowlistEval.segments.map((segment) => detectInterpreterInlineEvalArgv(segment.resolution?.effectiveArgv ?? segment.argv)).find((entry) => entry !== null) ?? null : null;
|
|
584
|
+
if (inlineEvalHit) params.warnings.push(`Warning: strict inline-eval mode requires explicit approval for ${describeInterpreterInlineEval(inlineEvalHit)}.`);
|
|
585
|
+
let enforcedCommand;
|
|
586
|
+
let allowlistPlanUnavailableReason = null;
|
|
587
|
+
if (hostSecurity === "allowlist" && analysisOk && allowlistSatisfied) {
|
|
588
|
+
const enforced = buildEnforcedShellCommand({
|
|
589
|
+
command: params.command,
|
|
590
|
+
segments: allowlistEval.segments,
|
|
591
|
+
platform: process.platform
|
|
592
|
+
});
|
|
593
|
+
if (!enforced.ok || !enforced.command) allowlistPlanUnavailableReason = enforced.reason ?? "unsupported platform";
|
|
594
|
+
else enforcedCommand = enforced.command;
|
|
595
|
+
}
|
|
596
|
+
const recordMatchedAllowlistUse = (resolvedPath) => recordAllowlistMatchesUse({
|
|
597
|
+
approvals: approvals.file,
|
|
598
|
+
agentId: params.agentId,
|
|
599
|
+
matches: allowlistMatches,
|
|
600
|
+
command: params.command,
|
|
601
|
+
resolvedPath
|
|
602
|
+
});
|
|
603
|
+
const hasHeredocSegment = allowlistEval.segments.some((segment) => segment.argv.some((token) => token.startsWith("<<")));
|
|
604
|
+
const requiresHeredocApproval = hostSecurity === "allowlist" && analysisOk && allowlistSatisfied && hasHeredocSegment;
|
|
605
|
+
const requiresInlineEvalApproval = inlineEvalHit !== null;
|
|
606
|
+
const requiresAllowlistPlanApproval = hostSecurity === "allowlist" && analysisOk && allowlistSatisfied && !enforcedCommand && allowlistPlanUnavailableReason !== null;
|
|
607
|
+
const requiresAsk = requiresExecApproval({
|
|
608
|
+
ask: hostAsk,
|
|
609
|
+
security: hostSecurity,
|
|
610
|
+
analysisOk,
|
|
611
|
+
allowlistSatisfied,
|
|
612
|
+
durableApprovalSatisfied
|
|
613
|
+
}) || requiresAllowlistPlanApproval || requiresHeredocApproval || requiresInlineEvalApproval;
|
|
614
|
+
if (requiresHeredocApproval) params.warnings.push("Warning: heredoc execution requires explicit approval in allowlist mode.");
|
|
615
|
+
if (requiresAllowlistPlanApproval) params.warnings.push(`Warning: allowlist auto-execution is unavailable on ${process.platform}; explicit approval is required.`);
|
|
616
|
+
if (requiresAsk) {
|
|
617
|
+
const requestArgs = buildDefaultExecApprovalRequestArgs({
|
|
618
|
+
warnings: params.warnings,
|
|
619
|
+
approvalRunningNoticeMs: params.approvalRunningNoticeMs,
|
|
620
|
+
createApprovalSlug,
|
|
621
|
+
turnSourceChannel: params.turnSourceChannel,
|
|
622
|
+
turnSourceAccountId: params.turnSourceAccountId
|
|
623
|
+
});
|
|
624
|
+
const registerGatewayApproval = async (approvalId) => await registerExecApprovalRequestForHostOrThrow({
|
|
625
|
+
approvalId,
|
|
626
|
+
command: params.command,
|
|
627
|
+
env: params.requestedEnv,
|
|
628
|
+
workdir: params.workdir,
|
|
629
|
+
host: "gateway",
|
|
630
|
+
security: hostSecurity,
|
|
631
|
+
ask: hostAsk,
|
|
632
|
+
...buildExecApprovalRequesterContext({
|
|
633
|
+
agentId: params.agentId,
|
|
634
|
+
sessionKey: params.sessionKey
|
|
635
|
+
}),
|
|
636
|
+
resolvedPath: resolveApprovalAuditCandidatePath(allowlistEval.segments[0]?.resolution ?? null, params.workdir),
|
|
637
|
+
...buildExecApprovalTurnSourceContext(params)
|
|
638
|
+
});
|
|
639
|
+
const { approvalId, approvalSlug, warningText, expiresAtMs, preResolvedDecision, initiatingSurface, sentApproverDms, unavailableReason } = await createAndRegisterDefaultExecApprovalRequest({
|
|
640
|
+
...requestArgs,
|
|
641
|
+
register: registerGatewayApproval
|
|
642
|
+
});
|
|
643
|
+
if (shouldResolveExecApprovalUnavailableInline({
|
|
644
|
+
trigger: params.trigger,
|
|
645
|
+
unavailableReason,
|
|
646
|
+
preResolvedDecision
|
|
647
|
+
})) {
|
|
648
|
+
const { baseDecision, approvedByAsk, deniedReason } = createExecApprovalDecisionState({
|
|
649
|
+
decision: preResolvedDecision,
|
|
650
|
+
askFallback
|
|
651
|
+
});
|
|
652
|
+
const strictInlineEvalDecision = enforceStrictInlineEvalApprovalBoundary({
|
|
653
|
+
baseDecision,
|
|
654
|
+
approvedByAsk,
|
|
655
|
+
deniedReason,
|
|
656
|
+
requiresInlineEvalApproval
|
|
657
|
+
});
|
|
658
|
+
if (strictInlineEvalDecision.deniedReason || !strictInlineEvalDecision.approvedByAsk) throw new Error(buildHeadlessExecApprovalDeniedMessage({
|
|
659
|
+
trigger: params.trigger,
|
|
660
|
+
host: "gateway",
|
|
661
|
+
security: hostSecurity,
|
|
662
|
+
ask: hostAsk,
|
|
663
|
+
askFallback
|
|
664
|
+
}));
|
|
665
|
+
recordMatchedAllowlistUse(resolveApprovalAuditCandidatePath(allowlistEval.segments[0]?.resolution ?? null, params.workdir));
|
|
666
|
+
return {
|
|
667
|
+
execCommandOverride: enforcedCommand,
|
|
668
|
+
allowWithoutEnforcedCommand: enforcedCommand === void 0
|
|
669
|
+
};
|
|
670
|
+
}
|
|
671
|
+
const resolvedPath = resolveApprovalAuditCandidatePath(allowlistEval.segments[0]?.resolution ?? null, params.workdir);
|
|
672
|
+
const effectiveTimeout = typeof params.timeoutSec === "number" ? params.timeoutSec : params.defaultTimeoutSec;
|
|
673
|
+
const followupTarget = buildExecApprovalFollowupTarget({
|
|
674
|
+
approvalId,
|
|
675
|
+
sessionKey: params.notifySessionKey ?? params.sessionKey,
|
|
676
|
+
turnSourceChannel: params.turnSourceChannel,
|
|
677
|
+
turnSourceTo: params.turnSourceTo,
|
|
678
|
+
turnSourceAccountId: params.turnSourceAccountId,
|
|
679
|
+
turnSourceThreadId: params.turnSourceThreadId
|
|
680
|
+
});
|
|
681
|
+
(async () => {
|
|
682
|
+
const decision = await resolveApprovalDecisionOrUndefined({
|
|
683
|
+
approvalId,
|
|
684
|
+
preResolvedDecision,
|
|
685
|
+
onFailure: () => void sendExecApprovalFollowupResult(followupTarget, `Exec denied (gateway id=${approvalId}, approval-request-failed): ${params.command}`)
|
|
686
|
+
});
|
|
687
|
+
if (decision === void 0) return;
|
|
688
|
+
const { baseDecision, approvedByAsk: initialApprovedByAsk, deniedReason: initialDeniedReason } = createExecApprovalDecisionState({
|
|
689
|
+
decision,
|
|
690
|
+
askFallback
|
|
691
|
+
});
|
|
692
|
+
let approvedByAsk = initialApprovedByAsk;
|
|
693
|
+
let deniedReason = initialDeniedReason;
|
|
694
|
+
if (baseDecision.timedOut && askFallback === "allowlist") if (!analysisOk || !allowlistSatisfied) deniedReason = "approval-timeout (allowlist-miss)";
|
|
695
|
+
else approvedByAsk = true;
|
|
696
|
+
else if (decision === "allow-once") approvedByAsk = true;
|
|
697
|
+
else if (decision === "allow-always") {
|
|
698
|
+
approvedByAsk = true;
|
|
699
|
+
if (!requiresInlineEvalApproval) {
|
|
700
|
+
if (persistAllowAlwaysPatterns({
|
|
701
|
+
approvals: approvals.file,
|
|
702
|
+
agentId: params.agentId,
|
|
703
|
+
segments: allowlistEval.segments,
|
|
704
|
+
cwd: params.workdir,
|
|
705
|
+
env: params.env,
|
|
706
|
+
platform: process.platform,
|
|
707
|
+
strictInlineEval: params.strictInlineEval === true
|
|
708
|
+
}).length === 0) addDurableCommandApproval(approvals.file, params.agentId, params.command);
|
|
709
|
+
}
|
|
710
|
+
}
|
|
711
|
+
({approvedByAsk, deniedReason} = enforceStrictInlineEvalApprovalBoundary({
|
|
712
|
+
baseDecision,
|
|
713
|
+
approvedByAsk,
|
|
714
|
+
deniedReason,
|
|
715
|
+
requiresInlineEvalApproval
|
|
716
|
+
}));
|
|
717
|
+
if (!approvedByAsk && hasGatewayAllowlistMiss({
|
|
718
|
+
hostSecurity,
|
|
719
|
+
analysisOk,
|
|
720
|
+
allowlistSatisfied,
|
|
721
|
+
durableApprovalSatisfied
|
|
722
|
+
})) deniedReason = deniedReason ?? "allowlist-miss";
|
|
723
|
+
if (deniedReason) {
|
|
724
|
+
await sendExecApprovalFollowupResult(followupTarget, `Exec denied (gateway id=${approvalId}, ${deniedReason}): ${params.command}`);
|
|
725
|
+
return;
|
|
726
|
+
}
|
|
727
|
+
recordMatchedAllowlistUse(resolvedPath ?? void 0);
|
|
728
|
+
let run = null;
|
|
729
|
+
try {
|
|
730
|
+
run = await runExecProcess({
|
|
731
|
+
command: params.command,
|
|
732
|
+
execCommand: enforcedCommand,
|
|
733
|
+
workdir: params.workdir,
|
|
734
|
+
env: params.env,
|
|
735
|
+
sandbox: void 0,
|
|
736
|
+
containerWorkdir: null,
|
|
737
|
+
usePty: params.pty,
|
|
738
|
+
warnings: params.warnings,
|
|
739
|
+
maxOutput: params.maxOutput,
|
|
740
|
+
pendingMaxOutput: params.pendingMaxOutput,
|
|
741
|
+
notifyOnExit: false,
|
|
742
|
+
notifyOnExitEmptySuccess: false,
|
|
743
|
+
scopeKey: params.scopeKey,
|
|
744
|
+
sessionKey: params.notifySessionKey ?? params.sessionKey,
|
|
745
|
+
timeoutSec: effectiveTimeout
|
|
746
|
+
});
|
|
747
|
+
} catch {
|
|
748
|
+
await sendExecApprovalFollowupResult(followupTarget, `Exec denied (gateway id=${approvalId}, spawn-failed): ${params.command}`);
|
|
749
|
+
return;
|
|
750
|
+
}
|
|
751
|
+
markBackgrounded(run.session);
|
|
752
|
+
const outcome = await run.promise;
|
|
753
|
+
const output = normalizeNotifyOutput(tail(outcome.aggregated || "", 400));
|
|
754
|
+
const exitLabel = outcome.timedOut ? "timeout" : `code ${outcome.exitCode ?? "?"}`;
|
|
755
|
+
await sendExecApprovalFollowupResult(followupTarget, output ? `Exec finished (gateway id=${approvalId}, session=${run.session.id}, ${exitLabel})\n${output}` : `Exec finished (gateway id=${approvalId}, session=${run.session.id}, ${exitLabel})`);
|
|
756
|
+
})();
|
|
757
|
+
return { pendingResult: buildExecApprovalPendingToolResult({
|
|
758
|
+
host: "gateway",
|
|
759
|
+
command: params.command,
|
|
760
|
+
cwd: params.workdir,
|
|
761
|
+
warningText,
|
|
762
|
+
approvalId,
|
|
763
|
+
approvalSlug,
|
|
764
|
+
expiresAtMs,
|
|
765
|
+
initiatingSurface,
|
|
766
|
+
sentApproverDms,
|
|
767
|
+
unavailableReason,
|
|
768
|
+
allowedDecisions: resolveExecApprovalAllowedDecisions({ ask: hostAsk })
|
|
769
|
+
}) };
|
|
770
|
+
}
|
|
771
|
+
if (hasGatewayAllowlistMiss({
|
|
772
|
+
hostSecurity,
|
|
773
|
+
analysisOk,
|
|
774
|
+
allowlistSatisfied,
|
|
775
|
+
durableApprovalSatisfied
|
|
776
|
+
})) throw new Error("exec denied: allowlist miss");
|
|
777
|
+
recordMatchedAllowlistUse(resolveApprovalAuditCandidatePath(allowlistEval.segments[0]?.resolution ?? null, params.workdir));
|
|
778
|
+
return { execCommandOverride: enforcedCommand };
|
|
779
|
+
}
|
|
780
|
+
//#endregion
|
|
781
|
+
//#region src/infra/node-shell.ts
|
|
782
|
+
function buildNodeShellCommand(command, platform) {
|
|
783
|
+
if (normalizeLowercaseStringOrEmpty((platform ?? "").trim()).startsWith("win")) return [
|
|
784
|
+
"cmd.exe",
|
|
785
|
+
"/d",
|
|
786
|
+
"/s",
|
|
787
|
+
"/c",
|
|
788
|
+
command
|
|
789
|
+
];
|
|
790
|
+
return [
|
|
791
|
+
"/bin/sh",
|
|
792
|
+
"-lc",
|
|
793
|
+
command
|
|
794
|
+
];
|
|
795
|
+
}
|
|
796
|
+
//#endregion
|
|
797
|
+
//#region src/agents/bash-tools.exec-host-node.ts
|
|
798
|
+
async function executeNodeHostCommand(params) {
|
|
799
|
+
const { hostSecurity, hostAsk, askFallback } = resolveExecHostApprovalContext({
|
|
800
|
+
agentId: params.agentId,
|
|
801
|
+
security: params.security,
|
|
802
|
+
ask: params.ask,
|
|
803
|
+
host: "node"
|
|
804
|
+
});
|
|
805
|
+
if (params.boundNode && params.requestedNode && params.boundNode !== params.requestedNode) throw new Error(`exec node not allowed (bound to ${params.boundNode})`);
|
|
806
|
+
const nodeQuery = params.boundNode || params.requestedNode;
|
|
807
|
+
const nodes = await listNodes({});
|
|
808
|
+
if (nodes.length === 0) throw new Error("exec host=node requires a paired node (none available). This requires a companion app or node host.");
|
|
809
|
+
let nodeId;
|
|
810
|
+
try {
|
|
811
|
+
nodeId = resolveNodeIdFromList(nodes, nodeQuery, !nodeQuery);
|
|
812
|
+
} catch (err) {
|
|
813
|
+
if (!nodeQuery && String(err).includes("node required")) throw new Error("exec host=node requires a node id when multiple nodes are available (set tools.exec.node or exec.node).", { cause: err });
|
|
814
|
+
throw err;
|
|
815
|
+
}
|
|
816
|
+
const nodeInfo = nodes.find((entry) => entry.nodeId === nodeId);
|
|
817
|
+
if (!(Array.isArray(nodeInfo?.commands) ? nodeInfo?.commands?.includes("system.run") : false)) throw new Error("exec host=node requires a node that supports system.run (companion app or node host).");
|
|
818
|
+
const argv = buildNodeShellCommand(params.command, nodeInfo?.platform);
|
|
819
|
+
const prepared = parsePreparedSystemRunPayload((await callGatewayTool("node.invoke", { timeoutMs: 15e3 }, {
|
|
820
|
+
nodeId,
|
|
821
|
+
command: "system.run.prepare",
|
|
822
|
+
params: {
|
|
823
|
+
command: argv,
|
|
824
|
+
rawCommand: params.command,
|
|
825
|
+
...params.workdir != null ? { cwd: params.workdir } : {},
|
|
826
|
+
agentId: params.agentId,
|
|
827
|
+
sessionKey: params.sessionKey
|
|
828
|
+
},
|
|
829
|
+
idempotencyKey: crypto.randomUUID()
|
|
830
|
+
}))?.payload);
|
|
831
|
+
if (!prepared) throw new Error("invalid system.run.prepare response");
|
|
832
|
+
const runArgv = prepared.plan.argv;
|
|
833
|
+
const runRawCommand = prepared.plan.commandText;
|
|
834
|
+
const runCwd = prepared.plan.cwd ?? params.workdir;
|
|
835
|
+
const runAgentId = prepared.plan.agentId ?? params.agentId;
|
|
836
|
+
const runSessionKey = prepared.plan.sessionKey ?? params.sessionKey;
|
|
837
|
+
const nodeEnv = params.requestedEnv ? { ...params.requestedEnv } : void 0;
|
|
838
|
+
const baseAllowlistEval = evaluateShellAllowlist({
|
|
839
|
+
command: params.command,
|
|
840
|
+
allowlist: [],
|
|
841
|
+
safeBins: /* @__PURE__ */ new Set(),
|
|
842
|
+
cwd: params.workdir,
|
|
843
|
+
env: params.env,
|
|
844
|
+
platform: nodeInfo?.platform,
|
|
845
|
+
trustedSafeBinDirs: params.trustedSafeBinDirs
|
|
846
|
+
});
|
|
847
|
+
let analysisOk = baseAllowlistEval.analysisOk;
|
|
848
|
+
let allowlistSatisfied = false;
|
|
849
|
+
let durableApprovalSatisfied = false;
|
|
850
|
+
const inlineEvalHit = params.strictInlineEval === true ? baseAllowlistEval.segments.map((segment) => detectInterpreterInlineEvalArgv(segment.resolution?.effectiveArgv ?? segment.argv)).find((entry) => entry !== null) ?? null : null;
|
|
851
|
+
if (inlineEvalHit) params.warnings.push(`Warning: strict inline-eval mode requires explicit approval for ${describeInterpreterInlineEval(inlineEvalHit)}.`);
|
|
852
|
+
if ((hostAsk === "always" || hostSecurity === "allowlist") && analysisOk) try {
|
|
853
|
+
const approvalsSnapshot = await callGatewayTool("exec.approvals.node.get", { timeoutMs: 1e4 }, { nodeId });
|
|
854
|
+
const approvalsFile = approvalsSnapshot && typeof approvalsSnapshot === "object" ? approvalsSnapshot.file : void 0;
|
|
855
|
+
if (approvalsFile && typeof approvalsFile === "object") {
|
|
856
|
+
const resolved = resolveExecApprovalsFromFile({
|
|
857
|
+
file: approvalsFile,
|
|
858
|
+
agentId: params.agentId,
|
|
859
|
+
overrides: { security: "full" }
|
|
860
|
+
});
|
|
861
|
+
const allowlistEval = evaluateShellAllowlist({
|
|
862
|
+
command: params.command,
|
|
863
|
+
allowlist: resolved.allowlist,
|
|
864
|
+
safeBins: /* @__PURE__ */ new Set(),
|
|
865
|
+
cwd: params.workdir,
|
|
866
|
+
env: params.env,
|
|
867
|
+
platform: nodeInfo?.platform,
|
|
868
|
+
trustedSafeBinDirs: params.trustedSafeBinDirs
|
|
869
|
+
});
|
|
870
|
+
durableApprovalSatisfied = hasDurableExecApproval({
|
|
871
|
+
analysisOk: allowlistEval.analysisOk,
|
|
872
|
+
segmentAllowlistEntries: allowlistEval.segmentAllowlistEntries,
|
|
873
|
+
allowlist: resolved.allowlist,
|
|
874
|
+
commandText: runRawCommand
|
|
875
|
+
});
|
|
876
|
+
allowlistSatisfied = allowlistEval.allowlistSatisfied;
|
|
877
|
+
analysisOk = allowlistEval.analysisOk;
|
|
878
|
+
}
|
|
879
|
+
} catch {}
|
|
880
|
+
const requiresAsk = requiresExecApproval({
|
|
881
|
+
ask: hostAsk,
|
|
882
|
+
security: hostSecurity,
|
|
883
|
+
analysisOk,
|
|
884
|
+
allowlistSatisfied,
|
|
885
|
+
durableApprovalSatisfied
|
|
886
|
+
}) || inlineEvalHit !== null;
|
|
887
|
+
const invokeTimeoutMs = Math.max(1e4, (typeof params.timeoutSec === "number" ? params.timeoutSec : params.defaultTimeoutSec) * 1e3 + 5e3);
|
|
888
|
+
const buildInvokeParams = (approvedByAsk, approvalDecision, runId, suppressNotifyOnExit) => ({
|
|
889
|
+
nodeId,
|
|
890
|
+
command: "system.run",
|
|
891
|
+
params: {
|
|
892
|
+
command: runArgv,
|
|
893
|
+
rawCommand: runRawCommand,
|
|
894
|
+
systemRunPlan: prepared.plan,
|
|
895
|
+
cwd: runCwd,
|
|
896
|
+
env: nodeEnv,
|
|
897
|
+
timeoutMs: typeof params.timeoutSec === "number" ? params.timeoutSec * 1e3 : void 0,
|
|
898
|
+
agentId: runAgentId,
|
|
899
|
+
sessionKey: runSessionKey,
|
|
900
|
+
approved: approvedByAsk,
|
|
901
|
+
approvalDecision: approvalDecision === "allow-always" && inlineEvalHit !== null ? "allow-once" : approvalDecision ?? void 0,
|
|
902
|
+
runId: runId ?? void 0,
|
|
903
|
+
suppressNotifyOnExit: suppressNotifyOnExit === true || params.notifyOnExit === false ? true : void 0
|
|
904
|
+
},
|
|
905
|
+
idempotencyKey: crypto.randomUUID()
|
|
906
|
+
});
|
|
907
|
+
let inlineApprovedByAsk = false;
|
|
908
|
+
let inlineApprovalDecision = null;
|
|
909
|
+
let inlineApprovalId;
|
|
910
|
+
if (requiresAsk) {
|
|
911
|
+
const requestArgs = buildDefaultExecApprovalRequestArgs({
|
|
912
|
+
warnings: params.warnings,
|
|
913
|
+
approvalRunningNoticeMs: params.approvalRunningNoticeMs,
|
|
914
|
+
createApprovalSlug,
|
|
915
|
+
turnSourceChannel: params.turnSourceChannel,
|
|
916
|
+
turnSourceAccountId: params.turnSourceAccountId
|
|
917
|
+
});
|
|
918
|
+
const registerNodeApproval = async (approvalId) => await registerExecApprovalRequestForHostOrThrow({
|
|
919
|
+
approvalId,
|
|
920
|
+
systemRunPlan: prepared.plan,
|
|
921
|
+
env: nodeEnv,
|
|
922
|
+
workdir: runCwd,
|
|
923
|
+
host: "node",
|
|
924
|
+
nodeId,
|
|
925
|
+
security: hostSecurity,
|
|
926
|
+
ask: hostAsk,
|
|
927
|
+
...buildExecApprovalRequesterContext({
|
|
928
|
+
agentId: runAgentId,
|
|
929
|
+
sessionKey: runSessionKey
|
|
930
|
+
}),
|
|
931
|
+
...buildExecApprovalTurnSourceContext(params)
|
|
932
|
+
});
|
|
933
|
+
const { approvalId, approvalSlug, warningText, expiresAtMs, preResolvedDecision, initiatingSurface, sentApproverDms, unavailableReason } = await createAndRegisterDefaultExecApprovalRequest({
|
|
934
|
+
...requestArgs,
|
|
935
|
+
register: registerNodeApproval
|
|
936
|
+
});
|
|
937
|
+
if (shouldResolveExecApprovalUnavailableInline({
|
|
938
|
+
trigger: params.trigger,
|
|
939
|
+
unavailableReason,
|
|
940
|
+
preResolvedDecision
|
|
941
|
+
})) {
|
|
942
|
+
const { baseDecision, approvedByAsk, deniedReason } = createExecApprovalDecisionState({
|
|
943
|
+
decision: preResolvedDecision,
|
|
944
|
+
askFallback
|
|
945
|
+
});
|
|
946
|
+
const strictInlineEvalDecision = enforceStrictInlineEvalApprovalBoundary({
|
|
947
|
+
baseDecision,
|
|
948
|
+
approvedByAsk,
|
|
949
|
+
deniedReason,
|
|
950
|
+
requiresInlineEvalApproval: inlineEvalHit !== null
|
|
951
|
+
});
|
|
952
|
+
if (strictInlineEvalDecision.deniedReason || !strictInlineEvalDecision.approvedByAsk) throw new Error(buildHeadlessExecApprovalDeniedMessage({
|
|
953
|
+
trigger: params.trigger,
|
|
954
|
+
host: "node",
|
|
955
|
+
security: hostSecurity,
|
|
956
|
+
ask: hostAsk,
|
|
957
|
+
askFallback
|
|
958
|
+
}));
|
|
959
|
+
inlineApprovedByAsk = strictInlineEvalDecision.approvedByAsk;
|
|
960
|
+
inlineApprovalDecision = strictInlineEvalDecision.approvedByAsk ? "allow-once" : null;
|
|
961
|
+
inlineApprovalId = approvalId;
|
|
962
|
+
} else {
|
|
963
|
+
const followupTarget = buildExecApprovalFollowupTarget({
|
|
964
|
+
approvalId,
|
|
965
|
+
sessionKey: params.notifySessionKey ?? params.sessionKey,
|
|
966
|
+
turnSourceChannel: params.turnSourceChannel,
|
|
967
|
+
turnSourceTo: params.turnSourceTo,
|
|
968
|
+
turnSourceAccountId: params.turnSourceAccountId,
|
|
969
|
+
turnSourceThreadId: params.turnSourceThreadId
|
|
970
|
+
});
|
|
971
|
+
(async () => {
|
|
972
|
+
const decision = await resolveApprovalDecisionOrUndefined({
|
|
973
|
+
approvalId,
|
|
974
|
+
preResolvedDecision,
|
|
975
|
+
onFailure: () => void sendExecApprovalFollowupResult(followupTarget, `Exec denied (node=${nodeId} id=${approvalId}, approval-request-failed): ${params.command}`)
|
|
976
|
+
});
|
|
977
|
+
if (decision === void 0) return;
|
|
978
|
+
const { baseDecision, approvedByAsk: initialApprovedByAsk, deniedReason: initialDeniedReason } = createExecApprovalDecisionState({
|
|
979
|
+
decision,
|
|
980
|
+
askFallback
|
|
981
|
+
});
|
|
982
|
+
let approvedByAsk = initialApprovedByAsk;
|
|
983
|
+
let approvalDecision = null;
|
|
984
|
+
let deniedReason = initialDeniedReason;
|
|
985
|
+
if (baseDecision.timedOut && askFallback === "full" && approvedByAsk) approvalDecision = "allow-once";
|
|
986
|
+
else if (decision === "allow-once") {
|
|
987
|
+
approvedByAsk = true;
|
|
988
|
+
approvalDecision = "allow-once";
|
|
989
|
+
} else if (decision === "allow-always") {
|
|
990
|
+
approvedByAsk = true;
|
|
991
|
+
approvalDecision = "allow-always";
|
|
992
|
+
}
|
|
993
|
+
({approvedByAsk, deniedReason} = enforceStrictInlineEvalApprovalBoundary({
|
|
994
|
+
baseDecision,
|
|
995
|
+
approvedByAsk,
|
|
996
|
+
deniedReason,
|
|
997
|
+
requiresInlineEvalApproval: inlineEvalHit !== null
|
|
998
|
+
}));
|
|
999
|
+
if (deniedReason) approvalDecision = null;
|
|
1000
|
+
if (deniedReason) {
|
|
1001
|
+
await sendExecApprovalFollowupResult(followupTarget, `Exec denied (node=${nodeId} id=${approvalId}, ${deniedReason}): ${params.command}`);
|
|
1002
|
+
return;
|
|
1003
|
+
}
|
|
1004
|
+
try {
|
|
1005
|
+
const raw = await callGatewayTool("node.invoke", { timeoutMs: invokeTimeoutMs }, buildInvokeParams(approvedByAsk, approvalDecision, approvalId, true));
|
|
1006
|
+
const payload = raw?.payload && typeof raw.payload === "object" ? raw.payload : {};
|
|
1007
|
+
const output = normalizeNotifyOutput([
|
|
1008
|
+
payload.stdout,
|
|
1009
|
+
payload.stderr,
|
|
1010
|
+
payload.error
|
|
1011
|
+
].filter(Boolean).join("\n").slice(-400));
|
|
1012
|
+
const exitLabel = payload.timedOut ? "timeout" : `code ${payload.exitCode ?? "?"}`;
|
|
1013
|
+
await sendExecApprovalFollowupResult(followupTarget, output ? `Exec finished (node=${nodeId} id=${approvalId}, ${exitLabel})\n${output}` : `Exec finished (node=${nodeId} id=${approvalId}, ${exitLabel})`);
|
|
1014
|
+
} catch {
|
|
1015
|
+
await sendExecApprovalFollowupResult(followupTarget, `Exec denied (node=${nodeId} id=${approvalId}, invoke-failed): ${params.command}`);
|
|
1016
|
+
}
|
|
1017
|
+
})();
|
|
1018
|
+
return buildExecApprovalPendingToolResult({
|
|
1019
|
+
host: "node",
|
|
1020
|
+
command: params.command,
|
|
1021
|
+
cwd: params.workdir,
|
|
1022
|
+
warningText,
|
|
1023
|
+
approvalId,
|
|
1024
|
+
approvalSlug,
|
|
1025
|
+
expiresAtMs,
|
|
1026
|
+
initiatingSurface,
|
|
1027
|
+
sentApproverDms,
|
|
1028
|
+
unavailableReason,
|
|
1029
|
+
allowedDecisions: resolveExecApprovalAllowedDecisions({ ask: hostAsk }),
|
|
1030
|
+
nodeId
|
|
1031
|
+
});
|
|
1032
|
+
}
|
|
1033
|
+
}
|
|
1034
|
+
const startedAt = Date.now();
|
|
1035
|
+
const raw = await callGatewayTool("node.invoke", { timeoutMs: invokeTimeoutMs }, buildInvokeParams(inlineApprovedByAsk, inlineApprovalDecision, inlineApprovalId));
|
|
1036
|
+
const payload = raw && typeof raw === "object" ? raw.payload : void 0;
|
|
1037
|
+
const payloadObj = payload && typeof payload === "object" ? payload : {};
|
|
1038
|
+
const stdout = typeof payloadObj.stdout === "string" ? payloadObj.stdout : "";
|
|
1039
|
+
const stderr = typeof payloadObj.stderr === "string" ? payloadObj.stderr : "";
|
|
1040
|
+
const errorText = typeof payloadObj.error === "string" ? payloadObj.error : "";
|
|
1041
|
+
const success = typeof payloadObj.success === "boolean" ? payloadObj.success : false;
|
|
1042
|
+
const exitCode = typeof payloadObj.exitCode === "number" ? payloadObj.exitCode : null;
|
|
1043
|
+
return {
|
|
1044
|
+
content: [{
|
|
1045
|
+
type: "text",
|
|
1046
|
+
text: stdout || stderr || errorText || ""
|
|
1047
|
+
}],
|
|
1048
|
+
details: {
|
|
1049
|
+
status: success ? "completed" : "failed",
|
|
1050
|
+
exitCode,
|
|
1051
|
+
durationMs: Date.now() - startedAt,
|
|
1052
|
+
aggregated: [
|
|
1053
|
+
stdout,
|
|
1054
|
+
stderr,
|
|
1055
|
+
errorText
|
|
1056
|
+
].filter(Boolean).join("\n"),
|
|
1057
|
+
cwd: params.workdir
|
|
1058
|
+
}
|
|
1059
|
+
};
|
|
1060
|
+
}
|
|
1061
|
+
//#endregion
|
|
1062
|
+
//#region src/agents/bash-tools.exec.ts
|
|
1063
|
+
function buildExecForegroundResult(params) {
|
|
1064
|
+
const warningText = params.warningText?.trim() ? `${params.warningText}\n\n` : "";
|
|
1065
|
+
if (params.outcome.status === "failed") return failedTextResult(`${warningText}${params.outcome.reason}`, {
|
|
1066
|
+
status: "failed",
|
|
1067
|
+
exitCode: params.outcome.exitCode ?? null,
|
|
1068
|
+
durationMs: params.outcome.durationMs,
|
|
1069
|
+
aggregated: params.outcome.aggregated,
|
|
1070
|
+
timedOut: params.outcome.timedOut,
|
|
1071
|
+
cwd: params.cwd
|
|
1072
|
+
});
|
|
1073
|
+
return textResult(`${warningText}${params.outcome.aggregated || "(no output)"}`, {
|
|
1074
|
+
status: "completed",
|
|
1075
|
+
exitCode: params.outcome.exitCode,
|
|
1076
|
+
durationMs: params.outcome.durationMs,
|
|
1077
|
+
aggregated: params.outcome.aggregated,
|
|
1078
|
+
cwd: params.cwd
|
|
1079
|
+
});
|
|
1080
|
+
}
|
|
1081
|
+
const PREFLIGHT_ENV_OPTIONS_WITH_VALUES = new Set([
|
|
1082
|
+
"-C",
|
|
1083
|
+
"-S",
|
|
1084
|
+
"-u",
|
|
1085
|
+
"--argv0",
|
|
1086
|
+
"--block-signal",
|
|
1087
|
+
"--chdir",
|
|
1088
|
+
"--default-signal",
|
|
1089
|
+
"--ignore-signal",
|
|
1090
|
+
"--split-string",
|
|
1091
|
+
"--unset"
|
|
1092
|
+
]);
|
|
1093
|
+
const SKIPPABLE_SCRIPT_PREFLIGHT_FS_ERROR_CODES = new Set([
|
|
1094
|
+
"EACCES",
|
|
1095
|
+
"EISDIR",
|
|
1096
|
+
"ELOOP",
|
|
1097
|
+
"EINVAL",
|
|
1098
|
+
"ENAMETOOLONG",
|
|
1099
|
+
"ENOENT",
|
|
1100
|
+
"ENOTDIR",
|
|
1101
|
+
"EPERM"
|
|
1102
|
+
]);
|
|
1103
|
+
function getNodeErrorCode(error) {
|
|
1104
|
+
if (typeof error !== "object" || error === null || !("code" in error)) return;
|
|
1105
|
+
return String(error.code);
|
|
1106
|
+
}
|
|
1107
|
+
let fsSafeModulePromise;
|
|
1108
|
+
async function loadFsSafeModule() {
|
|
1109
|
+
fsSafeModulePromise ??= import("./fs-safe-BKyLKWBX.js");
|
|
1110
|
+
return await fsSafeModulePromise;
|
|
1111
|
+
}
|
|
1112
|
+
function shouldSkipScriptPreflightPathError(error, SafeOpenError) {
|
|
1113
|
+
if (error instanceof SafeOpenError) return true;
|
|
1114
|
+
const errorCode = getNodeErrorCode(error);
|
|
1115
|
+
return !!(errorCode && SKIPPABLE_SCRIPT_PREFLIGHT_FS_ERROR_CODES.has(errorCode));
|
|
1116
|
+
}
|
|
1117
|
+
function resolvePreflightRelativePath(params) {
|
|
1118
|
+
const root = path.resolve(params.rootDir);
|
|
1119
|
+
const candidate = path.resolve(params.absPath);
|
|
1120
|
+
const relative = path.relative(root, candidate);
|
|
1121
|
+
if (/^\.\.(?:[\\/]|$)/u.test(relative) || path.isAbsolute(relative)) return null;
|
|
1122
|
+
return /^~(?:$|[\\/])/u.test(relative) ? `.${path.sep}${relative}` : relative;
|
|
1123
|
+
}
|
|
1124
|
+
function isShellEnvAssignmentToken(token) {
|
|
1125
|
+
return /^[A-Za-z_][A-Za-z0-9_]*=.*$/u.test(token);
|
|
1126
|
+
}
|
|
1127
|
+
function isEnvExecutableToken(token) {
|
|
1128
|
+
if (!token) return false;
|
|
1129
|
+
const base = normalizeOptionalLowercaseString(token.split(/[\\/]/u).at(-1)) ?? "";
|
|
1130
|
+
return (base.endsWith(".exe") ? base.slice(0, -4) : base) === "env";
|
|
1131
|
+
}
|
|
1132
|
+
function stripPreflightEnvPrefix(argv) {
|
|
1133
|
+
if (argv.length === 0) return argv;
|
|
1134
|
+
let idx = 0;
|
|
1135
|
+
while (idx < argv.length && isShellEnvAssignmentToken(argv[idx])) idx += 1;
|
|
1136
|
+
if (!isEnvExecutableToken(argv[idx])) return argv;
|
|
1137
|
+
idx += 1;
|
|
1138
|
+
while (idx < argv.length) {
|
|
1139
|
+
const token = argv[idx];
|
|
1140
|
+
if (token === "--") {
|
|
1141
|
+
idx += 1;
|
|
1142
|
+
break;
|
|
1143
|
+
}
|
|
1144
|
+
if (isShellEnvAssignmentToken(token)) {
|
|
1145
|
+
idx += 1;
|
|
1146
|
+
continue;
|
|
1147
|
+
}
|
|
1148
|
+
if (!token.startsWith("-") || token === "-") break;
|
|
1149
|
+
idx += 1;
|
|
1150
|
+
const option = token.split("=", 1)[0];
|
|
1151
|
+
if (PREFLIGHT_ENV_OPTIONS_WITH_VALUES.has(option) && !token.includes("=") && idx < argv.length) idx += 1;
|
|
1152
|
+
}
|
|
1153
|
+
return argv.slice(idx);
|
|
1154
|
+
}
|
|
1155
|
+
function findFirstPythonScriptArg(tokens) {
|
|
1156
|
+
const optionsWithSeparateValue = new Set([
|
|
1157
|
+
"-W",
|
|
1158
|
+
"-X",
|
|
1159
|
+
"-Q",
|
|
1160
|
+
"--check-hash-based-pycs"
|
|
1161
|
+
]);
|
|
1162
|
+
for (let i = 0; i < tokens.length; i += 1) {
|
|
1163
|
+
const token = tokens[i];
|
|
1164
|
+
if (token === "--") {
|
|
1165
|
+
const next = tokens[i + 1];
|
|
1166
|
+
return normalizeLowercaseStringOrEmpty(next).endsWith(".py") ? next : null;
|
|
1167
|
+
}
|
|
1168
|
+
if (token === "-") return null;
|
|
1169
|
+
if (token === "-c" || token === "-m") return null;
|
|
1170
|
+
if ((token.startsWith("-c") || token.startsWith("-m")) && token.length > 2) return null;
|
|
1171
|
+
if (optionsWithSeparateValue.has(token)) {
|
|
1172
|
+
i += 1;
|
|
1173
|
+
continue;
|
|
1174
|
+
}
|
|
1175
|
+
if (token.startsWith("-")) continue;
|
|
1176
|
+
return normalizeLowercaseStringOrEmpty(token).endsWith(".py") ? token : null;
|
|
1177
|
+
}
|
|
1178
|
+
return null;
|
|
1179
|
+
}
|
|
1180
|
+
function findNodeScriptArgs(tokens) {
|
|
1181
|
+
const optionsWithSeparateValue = new Set([
|
|
1182
|
+
"-r",
|
|
1183
|
+
"--require",
|
|
1184
|
+
"--import"
|
|
1185
|
+
]);
|
|
1186
|
+
const preloadScripts = [];
|
|
1187
|
+
let entryScript = null;
|
|
1188
|
+
let hasInlineEvalOrPrint = false;
|
|
1189
|
+
for (let i = 0; i < tokens.length; i += 1) {
|
|
1190
|
+
const token = tokens[i];
|
|
1191
|
+
if (token === "--") {
|
|
1192
|
+
if (!hasInlineEvalOrPrint && !entryScript) {
|
|
1193
|
+
const next = tokens[i + 1];
|
|
1194
|
+
if (normalizeLowercaseStringOrEmpty(next).endsWith(".js")) entryScript = next;
|
|
1195
|
+
}
|
|
1196
|
+
break;
|
|
1197
|
+
}
|
|
1198
|
+
if (token === "-e" || token === "-p" || token === "--eval" || token === "--print" || token.startsWith("--eval=") || token.startsWith("--print=") || (token.startsWith("-e") || token.startsWith("-p")) && token.length > 2) {
|
|
1199
|
+
hasInlineEvalOrPrint = true;
|
|
1200
|
+
if (token === "-e" || token === "-p" || token === "--eval" || token === "--print") i += 1;
|
|
1201
|
+
continue;
|
|
1202
|
+
}
|
|
1203
|
+
if (optionsWithSeparateValue.has(token)) {
|
|
1204
|
+
const next = tokens[i + 1];
|
|
1205
|
+
if (normalizeLowercaseStringOrEmpty(next).endsWith(".js")) preloadScripts.push(next);
|
|
1206
|
+
i += 1;
|
|
1207
|
+
continue;
|
|
1208
|
+
}
|
|
1209
|
+
if (token.startsWith("-r") && token.length > 2 || token.startsWith("--require=") || token.startsWith("--import=")) {
|
|
1210
|
+
const inlineValue = token.startsWith("-r") ? token.slice(2) : token.slice(token.indexOf("=") + 1);
|
|
1211
|
+
if (normalizeLowercaseStringOrEmpty(inlineValue).endsWith(".js")) preloadScripts.push(inlineValue);
|
|
1212
|
+
continue;
|
|
1213
|
+
}
|
|
1214
|
+
if (token.startsWith("-")) continue;
|
|
1215
|
+
if (!hasInlineEvalOrPrint && !entryScript && normalizeLowercaseStringOrEmpty(token).endsWith(".js")) entryScript = token;
|
|
1216
|
+
break;
|
|
1217
|
+
}
|
|
1218
|
+
const targets = [...preloadScripts];
|
|
1219
|
+
if (entryScript) targets.push(entryScript);
|
|
1220
|
+
return targets;
|
|
1221
|
+
}
|
|
1222
|
+
function extractInterpreterScriptTargetFromArgv(argv) {
|
|
1223
|
+
if (!argv || argv.length === 0) return null;
|
|
1224
|
+
let commandIdx = 0;
|
|
1225
|
+
while (commandIdx < argv.length && /^[A-Za-z_][A-Za-z0-9_]*=.*$/u.test(argv[commandIdx])) commandIdx += 1;
|
|
1226
|
+
const executable = normalizeOptionalLowercaseString(argv[commandIdx]);
|
|
1227
|
+
if (!executable) return null;
|
|
1228
|
+
const args = argv.slice(commandIdx + 1);
|
|
1229
|
+
if (/^python(?:3(?:\.\d+)?)?$/i.test(executable)) {
|
|
1230
|
+
const script = findFirstPythonScriptArg(args);
|
|
1231
|
+
if (script) return {
|
|
1232
|
+
kind: "python",
|
|
1233
|
+
relOrAbsPaths: [script]
|
|
1234
|
+
};
|
|
1235
|
+
return null;
|
|
1236
|
+
}
|
|
1237
|
+
if (executable === "node") {
|
|
1238
|
+
const scripts = findNodeScriptArgs(args);
|
|
1239
|
+
if (scripts.length > 0) return {
|
|
1240
|
+
kind: "node",
|
|
1241
|
+
relOrAbsPaths: scripts
|
|
1242
|
+
};
|
|
1243
|
+
return null;
|
|
1244
|
+
}
|
|
1245
|
+
return null;
|
|
1246
|
+
}
|
|
1247
|
+
function extractInterpreterScriptPathsFromSegment(rawSegment) {
|
|
1248
|
+
const argv = splitShellArgs(rawSegment.trim());
|
|
1249
|
+
if (!argv || argv.length === 0) return [];
|
|
1250
|
+
return extractInterpreterScriptTargetFromArgv(stripPreflightEnvPrefix(/^(?:if|then|do|elif|else|while|until|time)$/i.test(argv[0] ?? "") ? argv.slice(1) : argv))?.relOrAbsPaths ?? [];
|
|
1251
|
+
}
|
|
1252
|
+
function extractScriptTargetFromCommand(command) {
|
|
1253
|
+
const raw = command.trim();
|
|
1254
|
+
const splitShellArgsPreservingBackslashes = (value) => {
|
|
1255
|
+
const tokens = [];
|
|
1256
|
+
let buf = "";
|
|
1257
|
+
let inSingle = false;
|
|
1258
|
+
let inDouble = false;
|
|
1259
|
+
const pushToken = () => {
|
|
1260
|
+
if (buf.length > 0) {
|
|
1261
|
+
tokens.push(buf);
|
|
1262
|
+
buf = "";
|
|
1263
|
+
}
|
|
1264
|
+
};
|
|
1265
|
+
for (let i = 0; i < value.length; i += 1) {
|
|
1266
|
+
const ch = value[i];
|
|
1267
|
+
if (inSingle) {
|
|
1268
|
+
if (ch === "'") inSingle = false;
|
|
1269
|
+
else buf += ch;
|
|
1270
|
+
continue;
|
|
1271
|
+
}
|
|
1272
|
+
if (inDouble) {
|
|
1273
|
+
if (ch === "\"") inDouble = false;
|
|
1274
|
+
else buf += ch;
|
|
1275
|
+
continue;
|
|
1276
|
+
}
|
|
1277
|
+
if (ch === "'") {
|
|
1278
|
+
inSingle = true;
|
|
1279
|
+
continue;
|
|
1280
|
+
}
|
|
1281
|
+
if (ch === "\"") {
|
|
1282
|
+
inDouble = true;
|
|
1283
|
+
continue;
|
|
1284
|
+
}
|
|
1285
|
+
if (/\s/.test(ch)) {
|
|
1286
|
+
pushToken();
|
|
1287
|
+
continue;
|
|
1288
|
+
}
|
|
1289
|
+
buf += ch;
|
|
1290
|
+
}
|
|
1291
|
+
if (inSingle || inDouble) return null;
|
|
1292
|
+
pushToken();
|
|
1293
|
+
return tokens;
|
|
1294
|
+
};
|
|
1295
|
+
const candidateArgv = process.platform === "win32" && /(?:^|[\s"'`])(?:[A-Za-z]:\\|\\\\|[^\s"'`|&;()<>]+\\[^\s"'`|&;()<>]+)/.test(raw) ? [splitShellArgsPreservingBackslashes(raw)] : [splitShellArgs(raw)];
|
|
1296
|
+
for (const argv of candidateArgv) {
|
|
1297
|
+
const attempts = [argv, argv ? stripPreflightEnvPrefix(argv) : null];
|
|
1298
|
+
for (const attempt of attempts) {
|
|
1299
|
+
const target = extractInterpreterScriptTargetFromArgv(attempt);
|
|
1300
|
+
if (target) return target;
|
|
1301
|
+
}
|
|
1302
|
+
}
|
|
1303
|
+
return null;
|
|
1304
|
+
}
|
|
1305
|
+
function extractUnquotedShellText(raw) {
|
|
1306
|
+
let out = "";
|
|
1307
|
+
let inSingle = false;
|
|
1308
|
+
let inDouble = false;
|
|
1309
|
+
let escaped = false;
|
|
1310
|
+
for (let i = 0; i < raw.length; i += 1) {
|
|
1311
|
+
const ch = raw[i];
|
|
1312
|
+
if (escaped) {
|
|
1313
|
+
if (!inSingle && !inDouble) out += `\\${ch}`;
|
|
1314
|
+
escaped = false;
|
|
1315
|
+
continue;
|
|
1316
|
+
}
|
|
1317
|
+
if (!inSingle && ch === "\\") {
|
|
1318
|
+
escaped = true;
|
|
1319
|
+
continue;
|
|
1320
|
+
}
|
|
1321
|
+
if (inSingle) {
|
|
1322
|
+
if (ch === "'") inSingle = false;
|
|
1323
|
+
continue;
|
|
1324
|
+
}
|
|
1325
|
+
if (inDouble) {
|
|
1326
|
+
const next = raw[i + 1];
|
|
1327
|
+
if (ch === "\\" && next && /[\\'"$`\n\r]/.test(next)) {
|
|
1328
|
+
i += 1;
|
|
1329
|
+
continue;
|
|
1330
|
+
}
|
|
1331
|
+
if (ch === "\"") inDouble = false;
|
|
1332
|
+
continue;
|
|
1333
|
+
}
|
|
1334
|
+
if (ch === "'") {
|
|
1335
|
+
inSingle = true;
|
|
1336
|
+
continue;
|
|
1337
|
+
}
|
|
1338
|
+
if (ch === "\"") {
|
|
1339
|
+
inDouble = true;
|
|
1340
|
+
continue;
|
|
1341
|
+
}
|
|
1342
|
+
out += ch;
|
|
1343
|
+
}
|
|
1344
|
+
if (escaped || inSingle || inDouble) return null;
|
|
1345
|
+
return out;
|
|
1346
|
+
}
|
|
1347
|
+
function splitShellSegmentsOutsideQuotes(rawText, params) {
|
|
1348
|
+
const segments = [];
|
|
1349
|
+
let buf = "";
|
|
1350
|
+
let inSingle = false;
|
|
1351
|
+
let inDouble = false;
|
|
1352
|
+
let escaped = false;
|
|
1353
|
+
const pushSegment = () => {
|
|
1354
|
+
if (buf.trim().length > 0) segments.push(buf);
|
|
1355
|
+
buf = "";
|
|
1356
|
+
};
|
|
1357
|
+
for (let i = 0; i < rawText.length; i += 1) {
|
|
1358
|
+
const ch = rawText[i];
|
|
1359
|
+
const next = rawText[i + 1];
|
|
1360
|
+
if (escaped) {
|
|
1361
|
+
buf += ch;
|
|
1362
|
+
escaped = false;
|
|
1363
|
+
continue;
|
|
1364
|
+
}
|
|
1365
|
+
if (!inSingle && ch === "\\") {
|
|
1366
|
+
buf += ch;
|
|
1367
|
+
escaped = true;
|
|
1368
|
+
continue;
|
|
1369
|
+
}
|
|
1370
|
+
if (inSingle) {
|
|
1371
|
+
buf += ch;
|
|
1372
|
+
if (ch === "'") inSingle = false;
|
|
1373
|
+
continue;
|
|
1374
|
+
}
|
|
1375
|
+
if (inDouble) {
|
|
1376
|
+
buf += ch;
|
|
1377
|
+
if (ch === "\"") inDouble = false;
|
|
1378
|
+
continue;
|
|
1379
|
+
}
|
|
1380
|
+
if (ch === "'") {
|
|
1381
|
+
inSingle = true;
|
|
1382
|
+
buf += ch;
|
|
1383
|
+
continue;
|
|
1384
|
+
}
|
|
1385
|
+
if (ch === "\"") {
|
|
1386
|
+
inDouble = true;
|
|
1387
|
+
buf += ch;
|
|
1388
|
+
continue;
|
|
1389
|
+
}
|
|
1390
|
+
if (ch === "\n" || ch === "\r") {
|
|
1391
|
+
pushSegment();
|
|
1392
|
+
continue;
|
|
1393
|
+
}
|
|
1394
|
+
if (ch === ";") {
|
|
1395
|
+
pushSegment();
|
|
1396
|
+
continue;
|
|
1397
|
+
}
|
|
1398
|
+
if (ch === "&" && next === "&") {
|
|
1399
|
+
pushSegment();
|
|
1400
|
+
i += 1;
|
|
1401
|
+
continue;
|
|
1402
|
+
}
|
|
1403
|
+
if (ch === "|" && next === "|") {
|
|
1404
|
+
pushSegment();
|
|
1405
|
+
i += 1;
|
|
1406
|
+
continue;
|
|
1407
|
+
}
|
|
1408
|
+
if (params.splitPipes && ch === "|") {
|
|
1409
|
+
pushSegment();
|
|
1410
|
+
continue;
|
|
1411
|
+
}
|
|
1412
|
+
buf += ch;
|
|
1413
|
+
}
|
|
1414
|
+
pushSegment();
|
|
1415
|
+
return segments;
|
|
1416
|
+
}
|
|
1417
|
+
function isInterpreterExecutable(executable) {
|
|
1418
|
+
if (!executable) return false;
|
|
1419
|
+
return /^python(?:3(?:\.\d+)?)?$/i.test(executable) || executable === "node";
|
|
1420
|
+
}
|
|
1421
|
+
function hasUnescapedSequence(raw, sequence) {
|
|
1422
|
+
if (sequence.length === 0) return false;
|
|
1423
|
+
let escaped = false;
|
|
1424
|
+
for (let i = 0; i < raw.length; i += 1) {
|
|
1425
|
+
const ch = raw[i];
|
|
1426
|
+
if (escaped) {
|
|
1427
|
+
escaped = false;
|
|
1428
|
+
continue;
|
|
1429
|
+
}
|
|
1430
|
+
if (ch === "\\") {
|
|
1431
|
+
escaped = true;
|
|
1432
|
+
continue;
|
|
1433
|
+
}
|
|
1434
|
+
if (raw.startsWith(sequence, i)) return true;
|
|
1435
|
+
}
|
|
1436
|
+
return false;
|
|
1437
|
+
}
|
|
1438
|
+
function hasUnquotedScriptHint(raw) {
|
|
1439
|
+
let inSingle = false;
|
|
1440
|
+
let inDouble = false;
|
|
1441
|
+
let escaped = false;
|
|
1442
|
+
let token = "";
|
|
1443
|
+
const flushToken = () => {
|
|
1444
|
+
const normalizedToken = normalizeLowercaseStringOrEmpty(token);
|
|
1445
|
+
if (normalizedToken.endsWith(".py") || normalizedToken.endsWith(".js")) return true;
|
|
1446
|
+
token = "";
|
|
1447
|
+
return false;
|
|
1448
|
+
};
|
|
1449
|
+
for (let i = 0; i < raw.length; i += 1) {
|
|
1450
|
+
const ch = raw[i];
|
|
1451
|
+
if (escaped) {
|
|
1452
|
+
if (!inSingle && !inDouble) token += ch;
|
|
1453
|
+
escaped = false;
|
|
1454
|
+
continue;
|
|
1455
|
+
}
|
|
1456
|
+
if (!inSingle && ch === "\\") {
|
|
1457
|
+
escaped = true;
|
|
1458
|
+
continue;
|
|
1459
|
+
}
|
|
1460
|
+
if (inSingle) {
|
|
1461
|
+
if (ch === "'") inSingle = false;
|
|
1462
|
+
continue;
|
|
1463
|
+
}
|
|
1464
|
+
if (inDouble) {
|
|
1465
|
+
if (ch === "\"") inDouble = false;
|
|
1466
|
+
continue;
|
|
1467
|
+
}
|
|
1468
|
+
if (ch === "'") {
|
|
1469
|
+
if (flushToken()) return true;
|
|
1470
|
+
inSingle = true;
|
|
1471
|
+
continue;
|
|
1472
|
+
}
|
|
1473
|
+
if (ch === "\"") {
|
|
1474
|
+
if (flushToken()) return true;
|
|
1475
|
+
inDouble = true;
|
|
1476
|
+
continue;
|
|
1477
|
+
}
|
|
1478
|
+
if (/\s/u.test(ch) || "|&;()<>".includes(ch)) {
|
|
1479
|
+
if (flushToken()) return true;
|
|
1480
|
+
continue;
|
|
1481
|
+
}
|
|
1482
|
+
token += ch;
|
|
1483
|
+
}
|
|
1484
|
+
return flushToken();
|
|
1485
|
+
}
|
|
1486
|
+
function resolveLeadingShellSegmentExecutable(rawSegment) {
|
|
1487
|
+
const argv = splitShellArgs((extractUnquotedShellText(rawSegment) ?? rawSegment).trim());
|
|
1488
|
+
if (!argv || argv.length === 0) return;
|
|
1489
|
+
const withoutLeadingKeyword = /^(?:if|then|do|elif|else|while|until|time)$/i.test(argv[0] ?? "") ? argv.slice(1) : argv;
|
|
1490
|
+
if (withoutLeadingKeyword.length === 0) return;
|
|
1491
|
+
const normalizedArgv = stripPreflightEnvPrefix(withoutLeadingKeyword);
|
|
1492
|
+
let commandIdx = 0;
|
|
1493
|
+
while (commandIdx < normalizedArgv.length && /^[A-Za-z_][A-Za-z0-9_]*=.*$/u.test(normalizedArgv[commandIdx] ?? "")) commandIdx += 1;
|
|
1494
|
+
return normalizeOptionalLowercaseString(normalizedArgv[commandIdx]);
|
|
1495
|
+
}
|
|
1496
|
+
function analyzeInterpreterHeuristicsFromUnquoted(raw) {
|
|
1497
|
+
const hasPython = splitShellSegmentsOutsideQuotes(raw, { splitPipes: true }).some((segment) => /^python(?:3(?:\.\d+)?)?$/i.test(resolveLeadingShellSegmentExecutable(segment) ?? ""));
|
|
1498
|
+
const hasNode = splitShellSegmentsOutsideQuotes(raw, { splitPipes: true }).some((segment) => resolveLeadingShellSegmentExecutable(segment) === "node");
|
|
1499
|
+
const hasProcessSubstitution = hasUnescapedSequence(raw, "<(") || hasUnescapedSequence(raw, ">(");
|
|
1500
|
+
return {
|
|
1501
|
+
hasPython,
|
|
1502
|
+
hasNode,
|
|
1503
|
+
hasComplexSyntax: hasUnescapedSequence(raw, "|") || hasUnescapedSequence(raw, "&&") || hasUnescapedSequence(raw, "||") || hasUnescapedSequence(raw, ";") || raw.includes("\n") || raw.includes("\r") || hasUnescapedSequence(raw, "$(") || hasUnescapedSequence(raw, "`") || hasProcessSubstitution,
|
|
1504
|
+
hasProcessSubstitution,
|
|
1505
|
+
hasScriptHint: hasUnquotedScriptHint(raw)
|
|
1506
|
+
};
|
|
1507
|
+
}
|
|
1508
|
+
function extractShellWrappedCommandPayload(executable, args) {
|
|
1509
|
+
if (!executable) return null;
|
|
1510
|
+
const executableBase = normalizeOptionalLowercaseString(executable.split(/[\\/]/u).at(-1)) ?? "";
|
|
1511
|
+
const normalizedExecutable = executableBase.endsWith(".exe") ? executableBase.slice(0, -4) : executableBase;
|
|
1512
|
+
if (!/^(?:bash|dash|fish|ksh|sh|zsh)$/i.test(normalizedExecutable)) return null;
|
|
1513
|
+
const shortOptionsWithSeparateValue = new Set(["-O", "-o"]);
|
|
1514
|
+
for (let i = 0; i < args.length; i += 1) {
|
|
1515
|
+
const arg = args[i];
|
|
1516
|
+
if (arg === "--") return null;
|
|
1517
|
+
if (arg === "-c") return args[i + 1] ?? null;
|
|
1518
|
+
if (/^-[A-Za-z]+$/u.test(arg)) {
|
|
1519
|
+
if (arg.includes("c")) return args[i + 1] ?? null;
|
|
1520
|
+
if (shortOptionsWithSeparateValue.has(arg)) i += 1;
|
|
1521
|
+
continue;
|
|
1522
|
+
}
|
|
1523
|
+
if (/^--[A-Za-z0-9][A-Za-z0-9-]*(?:=.*)?$/u.test(arg)) {
|
|
1524
|
+
if (!arg.includes("=")) {
|
|
1525
|
+
const next = args[i + 1];
|
|
1526
|
+
if (next && next !== "--" && !next.startsWith("-")) i += 1;
|
|
1527
|
+
}
|
|
1528
|
+
continue;
|
|
1529
|
+
}
|
|
1530
|
+
return null;
|
|
1531
|
+
}
|
|
1532
|
+
return null;
|
|
1533
|
+
}
|
|
1534
|
+
function shouldFailClosedInterpreterPreflight(command) {
|
|
1535
|
+
const raw = command.trim();
|
|
1536
|
+
const rawArgv = splitShellArgs(raw);
|
|
1537
|
+
const argv = rawArgv ? stripPreflightEnvPrefix(rawArgv) : null;
|
|
1538
|
+
let commandIdx = 0;
|
|
1539
|
+
if (argv) while (commandIdx < argv.length && /^[A-Za-z_][A-Za-z0-9_]*=.*$/u.test(argv[commandIdx] ?? "")) commandIdx += 1;
|
|
1540
|
+
const directExecutable = normalizeOptionalLowercaseString(argv?.[commandIdx]);
|
|
1541
|
+
const args = argv ? argv.slice(commandIdx + 1) : [];
|
|
1542
|
+
const isDirectInterpreterCommand = Boolean(directExecutable && /^python(?:3(?:\.\d+)?)?$/i.test(directExecutable)) || directExecutable === "node";
|
|
1543
|
+
const topLevel = analyzeInterpreterHeuristicsFromUnquoted(extractUnquotedShellText(raw) ?? raw);
|
|
1544
|
+
const shellWrappedPayload = extractShellWrappedCommandPayload(directExecutable, args);
|
|
1545
|
+
const nestedUnquoted = shellWrappedPayload ? extractUnquotedShellText(shellWrappedPayload) ?? shellWrappedPayload : "";
|
|
1546
|
+
const nested = shellWrappedPayload ? analyzeInterpreterHeuristicsFromUnquoted(nestedUnquoted) : {
|
|
1547
|
+
hasPython: false,
|
|
1548
|
+
hasNode: false,
|
|
1549
|
+
hasComplexSyntax: false,
|
|
1550
|
+
hasProcessSubstitution: false,
|
|
1551
|
+
hasScriptHint: false
|
|
1552
|
+
};
|
|
1553
|
+
const hasInterpreterInvocationInSegment = (rawSegment) => isInterpreterExecutable(resolveLeadingShellSegmentExecutable(rawSegment));
|
|
1554
|
+
const isScriptExecutingInterpreterCommand = (rawCommand) => {
|
|
1555
|
+
const argv = splitShellArgs(rawCommand.trim());
|
|
1556
|
+
if (!argv || argv.length === 0) return false;
|
|
1557
|
+
const withoutLeadingKeyword = /^(?:if|then|do|elif|else|while|until|time)$/i.test(argv[0] ?? "") ? argv.slice(1) : argv;
|
|
1558
|
+
if (withoutLeadingKeyword.length === 0) return false;
|
|
1559
|
+
const normalizedArgv = stripPreflightEnvPrefix(withoutLeadingKeyword);
|
|
1560
|
+
let commandIdx = 0;
|
|
1561
|
+
while (commandIdx < normalizedArgv.length && /^[A-Za-z_][A-Za-z0-9_]*=.*$/u.test(normalizedArgv[commandIdx] ?? "")) commandIdx += 1;
|
|
1562
|
+
const executable = normalizeOptionalLowercaseString(normalizedArgv[commandIdx]);
|
|
1563
|
+
if (!executable) return false;
|
|
1564
|
+
const args = normalizedArgv.slice(commandIdx + 1);
|
|
1565
|
+
if (/^python(?:3(?:\.\d+)?)?$/i.test(executable)) {
|
|
1566
|
+
const pythonInfoOnlyFlags = new Set([
|
|
1567
|
+
"-V",
|
|
1568
|
+
"--version",
|
|
1569
|
+
"-h",
|
|
1570
|
+
"--help"
|
|
1571
|
+
]);
|
|
1572
|
+
if (args.some((arg) => pythonInfoOnlyFlags.has(arg))) return false;
|
|
1573
|
+
if (args.some((arg) => arg === "-c" || arg === "-m" || arg.startsWith("-c") || arg.startsWith("-m") || arg === "--check-hash-based-pycs")) return false;
|
|
1574
|
+
return true;
|
|
1575
|
+
}
|
|
1576
|
+
if (executable === "node") {
|
|
1577
|
+
const nodeInfoOnlyFlags = new Set([
|
|
1578
|
+
"-v",
|
|
1579
|
+
"--version",
|
|
1580
|
+
"-h",
|
|
1581
|
+
"--help",
|
|
1582
|
+
"-c",
|
|
1583
|
+
"--check"
|
|
1584
|
+
]);
|
|
1585
|
+
if (args.some((arg) => nodeInfoOnlyFlags.has(arg))) return false;
|
|
1586
|
+
if (args.some((arg) => arg === "-e" || arg === "-p" || arg === "--eval" || arg === "--print" || arg.startsWith("--eval=") || arg.startsWith("--print=") || (arg.startsWith("-e") || arg.startsWith("-p")) && arg.length > 2)) return false;
|
|
1587
|
+
return true;
|
|
1588
|
+
}
|
|
1589
|
+
return false;
|
|
1590
|
+
};
|
|
1591
|
+
const hasScriptHintInSegment = (segment) => extractInterpreterScriptPathsFromSegment(segment).length > 0 || hasUnquotedScriptHint(segment);
|
|
1592
|
+
const hasInterpreterAndScriptHintInSameSegment = (rawText) => {
|
|
1593
|
+
return splitShellSegmentsOutsideQuotes(rawText, { splitPipes: true }).some((segment) => {
|
|
1594
|
+
if (!isScriptExecutingInterpreterCommand(segment)) return false;
|
|
1595
|
+
return hasScriptHintInSegment(segment);
|
|
1596
|
+
});
|
|
1597
|
+
};
|
|
1598
|
+
const hasInterpreterPipelineScriptHintInSameSegment = (rawText) => {
|
|
1599
|
+
return splitShellSegmentsOutsideQuotes(rawText, { splitPipes: false }).some((segment) => {
|
|
1600
|
+
if (!splitShellSegmentsOutsideQuotes(segment, { splitPipes: true }).slice(1).some((pipelineCommand) => isScriptExecutingInterpreterCommand(pipelineCommand))) return false;
|
|
1601
|
+
return hasScriptHintInSegment(segment);
|
|
1602
|
+
});
|
|
1603
|
+
};
|
|
1604
|
+
const hasInterpreterSegmentScriptHint = hasInterpreterAndScriptHintInSameSegment(raw) || shellWrappedPayload !== null && hasInterpreterAndScriptHintInSameSegment(shellWrappedPayload);
|
|
1605
|
+
const hasInterpreterPipelineScriptHint = hasInterpreterPipelineScriptHintInSameSegment(raw) || shellWrappedPayload !== null && hasInterpreterPipelineScriptHintInSameSegment(shellWrappedPayload);
|
|
1606
|
+
const hasShellWrappedInterpreterSegmentScriptHint = shellWrappedPayload !== null && hasInterpreterAndScriptHintInSameSegment(shellWrappedPayload);
|
|
1607
|
+
const hasShellWrappedInterpreterInvocation = (nested.hasPython || nested.hasNode) && (hasShellWrappedInterpreterSegmentScriptHint || nested.hasScriptHint || nested.hasComplexSyntax || nested.hasProcessSubstitution);
|
|
1608
|
+
const hasTopLevelInterpreterInvocation = splitShellSegmentsOutsideQuotes(raw, { splitPipes: true }).some((segment) => hasInterpreterInvocationInSegment(segment));
|
|
1609
|
+
return {
|
|
1610
|
+
hasInterpreterInvocation: isDirectInterpreterCommand || hasShellWrappedInterpreterInvocation || hasTopLevelInterpreterInvocation,
|
|
1611
|
+
hasComplexSyntax: topLevel.hasComplexSyntax || hasShellWrappedInterpreterInvocation,
|
|
1612
|
+
hasProcessSubstitution: topLevel.hasProcessSubstitution || nested.hasProcessSubstitution,
|
|
1613
|
+
hasInterpreterSegmentScriptHint,
|
|
1614
|
+
hasInterpreterPipelineScriptHint,
|
|
1615
|
+
isDirectInterpreterCommand
|
|
1616
|
+
};
|
|
1617
|
+
}
|
|
1618
|
+
async function validateScriptFileForShellBleed(params) {
|
|
1619
|
+
const target = extractScriptTargetFromCommand(params.command);
|
|
1620
|
+
if (!target) {
|
|
1621
|
+
const { hasInterpreterInvocation, hasComplexSyntax, hasProcessSubstitution, hasInterpreterSegmentScriptHint, hasInterpreterPipelineScriptHint, isDirectInterpreterCommand } = shouldFailClosedInterpreterPreflight(params.command);
|
|
1622
|
+
if (hasInterpreterInvocation && hasComplexSyntax && (hasInterpreterSegmentScriptHint || hasInterpreterPipelineScriptHint || hasProcessSubstitution && isDirectInterpreterCommand)) throw new Error("exec preflight: complex interpreter invocation detected; refusing to run without script preflight validation. Use a direct `python <file>.py` or `node <file>.js` command.");
|
|
1623
|
+
return;
|
|
1624
|
+
}
|
|
1625
|
+
const { SafeOpenError, readFileWithinRoot } = await loadFsSafeModule();
|
|
1626
|
+
for (const relOrAbsPath of target.relOrAbsPaths) {
|
|
1627
|
+
const absPath = path.isAbsolute(relOrAbsPath) ? path.resolve(relOrAbsPath) : path.resolve(params.workdir, relOrAbsPath);
|
|
1628
|
+
const relativePath = resolvePreflightRelativePath({
|
|
1629
|
+
rootDir: params.workdir,
|
|
1630
|
+
absPath
|
|
1631
|
+
});
|
|
1632
|
+
if (!relativePath) continue;
|
|
1633
|
+
let content;
|
|
1634
|
+
try {
|
|
1635
|
+
content = (await readFileWithinRoot({
|
|
1636
|
+
rootDir: params.workdir,
|
|
1637
|
+
relativePath,
|
|
1638
|
+
nonBlockingRead: true,
|
|
1639
|
+
allowSymlinkTargetWithinRoot: true,
|
|
1640
|
+
maxBytes: 512 * 1024
|
|
1641
|
+
})).buffer.toString("utf-8");
|
|
1642
|
+
} catch (error) {
|
|
1643
|
+
if (shouldSkipScriptPreflightPathError(error, SafeOpenError)) continue;
|
|
1644
|
+
throw error;
|
|
1645
|
+
}
|
|
1646
|
+
const first = /\$[A-Z_][A-Z0-9_]{1,}/g.exec(content);
|
|
1647
|
+
if (first) {
|
|
1648
|
+
const idx = first.index;
|
|
1649
|
+
const line = content.slice(0, idx).split("\n").length;
|
|
1650
|
+
const token = first[0];
|
|
1651
|
+
throw new Error([
|
|
1652
|
+
`exec preflight: detected likely shell variable injection (${token}) in ${target.kind} script: ${path.basename(absPath)}:${line}.`,
|
|
1653
|
+
target.kind === "python" ? `In Python, use os.environ.get(${JSON.stringify(token.slice(1))}) instead of raw ${token}.` : `In Node.js, use process.env[${JSON.stringify(token.slice(1))}] instead of raw ${token}.`,
|
|
1654
|
+
"(If this is inside a string literal on purpose, escape it or restructure the code.)"
|
|
1655
|
+
].join("\n"));
|
|
1656
|
+
}
|
|
1657
|
+
if (target.kind === "node") {
|
|
1658
|
+
const firstNonEmpty = content.split(/\r?\n/).map((l) => l.trim()).find((l) => l.length > 0);
|
|
1659
|
+
if (firstNonEmpty && /^NODE\b/.test(firstNonEmpty)) throw new Error(`exec preflight: JS file starts with shell syntax (${firstNonEmpty}). This looks like a shell command, not JavaScript.`);
|
|
1660
|
+
}
|
|
1661
|
+
}
|
|
1662
|
+
}
|
|
1663
|
+
function shouldSkipExecScriptPreflight(params) {
|
|
1664
|
+
return params.host === "gateway" && params.security === "full" && params.ask === "off";
|
|
1665
|
+
}
|
|
1666
|
+
function parseExecApprovalShellCommand(raw) {
|
|
1667
|
+
const match = raw.trimStart().match(/^\/approve(?:@[^\s]+)?\s+([A-Za-z0-9][A-Za-z0-9._:-]*)\s+(allow-once|allow-always|always|deny)\b/i);
|
|
1668
|
+
if (!match) return null;
|
|
1669
|
+
return {
|
|
1670
|
+
approvalId: match[1],
|
|
1671
|
+
decision: normalizeLowercaseStringOrEmpty(match[2]) === "always" ? "allow-always" : normalizeLowercaseStringOrEmpty(match[2])
|
|
1672
|
+
};
|
|
1673
|
+
}
|
|
1674
|
+
function rejectExecApprovalShellCommand(command) {
|
|
1675
|
+
const isEnvAssignmentToken = (token) => /^[A-Za-z_][A-Za-z0-9_]*=.*$/u.test(token);
|
|
1676
|
+
const shellWrappers = new Set([
|
|
1677
|
+
"bash",
|
|
1678
|
+
"dash",
|
|
1679
|
+
"fish",
|
|
1680
|
+
"ksh",
|
|
1681
|
+
"sh",
|
|
1682
|
+
"zsh"
|
|
1683
|
+
]);
|
|
1684
|
+
const commandStandaloneOptions = new Set([
|
|
1685
|
+
"-p",
|
|
1686
|
+
"-v",
|
|
1687
|
+
"-V"
|
|
1688
|
+
]);
|
|
1689
|
+
const envOptionsWithValues = new Set([
|
|
1690
|
+
"-C",
|
|
1691
|
+
"-S",
|
|
1692
|
+
"-u",
|
|
1693
|
+
"--argv0",
|
|
1694
|
+
"--block-signal",
|
|
1695
|
+
"--chdir",
|
|
1696
|
+
"--default-signal",
|
|
1697
|
+
"--ignore-signal",
|
|
1698
|
+
"--split-string",
|
|
1699
|
+
"--unset"
|
|
1700
|
+
]);
|
|
1701
|
+
const execOptionsWithValues = new Set(["-a"]);
|
|
1702
|
+
const execStandaloneOptions = new Set(["-c", "-l"]);
|
|
1703
|
+
const sudoOptionsWithValues = new Set([
|
|
1704
|
+
"-C",
|
|
1705
|
+
"-D",
|
|
1706
|
+
"-g",
|
|
1707
|
+
"-p",
|
|
1708
|
+
"-R",
|
|
1709
|
+
"-T",
|
|
1710
|
+
"-U",
|
|
1711
|
+
"-u",
|
|
1712
|
+
"--chdir",
|
|
1713
|
+
"--close-from",
|
|
1714
|
+
"--group",
|
|
1715
|
+
"--host",
|
|
1716
|
+
"--other-user",
|
|
1717
|
+
"--prompt",
|
|
1718
|
+
"--role",
|
|
1719
|
+
"--type",
|
|
1720
|
+
"--user"
|
|
1721
|
+
]);
|
|
1722
|
+
const sudoStandaloneOptions = new Set([
|
|
1723
|
+
"-A",
|
|
1724
|
+
"-E",
|
|
1725
|
+
"--askpass",
|
|
1726
|
+
"--preserve-env"
|
|
1727
|
+
]);
|
|
1728
|
+
const extractEnvSplitStringPayload = (argv) => {
|
|
1729
|
+
const remaining = [...argv];
|
|
1730
|
+
while (remaining[0] && isEnvAssignmentToken(remaining[0])) remaining.shift();
|
|
1731
|
+
if (remaining[0] !== "env") return [];
|
|
1732
|
+
remaining.shift();
|
|
1733
|
+
const payloads = [];
|
|
1734
|
+
while (remaining.length > 0) {
|
|
1735
|
+
while (remaining[0] && isEnvAssignmentToken(remaining[0])) remaining.shift();
|
|
1736
|
+
const token = remaining[0];
|
|
1737
|
+
if (!token) break;
|
|
1738
|
+
if (token === "--") {
|
|
1739
|
+
remaining.shift();
|
|
1740
|
+
continue;
|
|
1741
|
+
}
|
|
1742
|
+
if (!token.startsWith("-") || token === "-") break;
|
|
1743
|
+
const option = remaining.shift();
|
|
1744
|
+
const normalized = option.split("=", 1)[0];
|
|
1745
|
+
if (normalized === "-S" || normalized === "--split-string") {
|
|
1746
|
+
const value = option.includes("=") ? option.slice(option.indexOf("=") + 1) : remaining.shift();
|
|
1747
|
+
if (value?.trim()) payloads.push(value);
|
|
1748
|
+
continue;
|
|
1749
|
+
}
|
|
1750
|
+
if (envOptionsWithValues.has(normalized) && !option.includes("=") && remaining[0]) remaining.shift();
|
|
1751
|
+
}
|
|
1752
|
+
return payloads;
|
|
1753
|
+
};
|
|
1754
|
+
const stripApprovalCommandPrefixes = (argv) => {
|
|
1755
|
+
const remaining = [...argv];
|
|
1756
|
+
while (remaining.length > 0) {
|
|
1757
|
+
while (remaining[0] && isEnvAssignmentToken(remaining[0])) remaining.shift();
|
|
1758
|
+
const token = remaining[0];
|
|
1759
|
+
if (!token) break;
|
|
1760
|
+
if (token === "--") {
|
|
1761
|
+
remaining.shift();
|
|
1762
|
+
continue;
|
|
1763
|
+
}
|
|
1764
|
+
if (token === "env") {
|
|
1765
|
+
remaining.shift();
|
|
1766
|
+
while (remaining.length > 0) {
|
|
1767
|
+
while (remaining[0] && isEnvAssignmentToken(remaining[0])) remaining.shift();
|
|
1768
|
+
const envToken = remaining[0];
|
|
1769
|
+
if (!envToken) break;
|
|
1770
|
+
if (envToken === "--") {
|
|
1771
|
+
remaining.shift();
|
|
1772
|
+
continue;
|
|
1773
|
+
}
|
|
1774
|
+
if (!envToken.startsWith("-") || envToken === "-") break;
|
|
1775
|
+
const option = remaining.shift();
|
|
1776
|
+
const normalized = option.split("=", 1)[0];
|
|
1777
|
+
if (envOptionsWithValues.has(normalized) && !option.includes("=") && remaining[0]) remaining.shift();
|
|
1778
|
+
}
|
|
1779
|
+
continue;
|
|
1780
|
+
}
|
|
1781
|
+
if (token === "command" || token === "builtin") {
|
|
1782
|
+
remaining.shift();
|
|
1783
|
+
while (remaining[0]?.startsWith("-")) {
|
|
1784
|
+
const option = remaining.shift();
|
|
1785
|
+
if (option === "--") break;
|
|
1786
|
+
if (!commandStandaloneOptions.has(option.split("=", 1)[0])) continue;
|
|
1787
|
+
}
|
|
1788
|
+
continue;
|
|
1789
|
+
}
|
|
1790
|
+
if (token === "exec") {
|
|
1791
|
+
remaining.shift();
|
|
1792
|
+
while (remaining[0]?.startsWith("-")) {
|
|
1793
|
+
const option = remaining.shift();
|
|
1794
|
+
if (option === "--") break;
|
|
1795
|
+
const normalized = option.split("=", 1)[0];
|
|
1796
|
+
if (execStandaloneOptions.has(normalized)) continue;
|
|
1797
|
+
if (execOptionsWithValues.has(normalized) && !option.includes("=") && remaining[0]) remaining.shift();
|
|
1798
|
+
}
|
|
1799
|
+
continue;
|
|
1800
|
+
}
|
|
1801
|
+
if (token === "sudo") {
|
|
1802
|
+
remaining.shift();
|
|
1803
|
+
while (remaining[0]?.startsWith("-")) {
|
|
1804
|
+
const option = remaining.shift();
|
|
1805
|
+
if (option === "--") break;
|
|
1806
|
+
const normalized = option.split("=", 1)[0];
|
|
1807
|
+
if (sudoStandaloneOptions.has(normalized)) continue;
|
|
1808
|
+
if (sudoOptionsWithValues.has(normalized) && !option.includes("=") && remaining[0]) remaining.shift();
|
|
1809
|
+
}
|
|
1810
|
+
continue;
|
|
1811
|
+
}
|
|
1812
|
+
break;
|
|
1813
|
+
}
|
|
1814
|
+
return remaining;
|
|
1815
|
+
};
|
|
1816
|
+
const extractShellWrapperPayload = (argv) => {
|
|
1817
|
+
const [commandName, ...rest] = argv;
|
|
1818
|
+
if (!commandName || !shellWrappers.has(path.basename(commandName))) return [];
|
|
1819
|
+
for (let i = 0; i < rest.length; i += 1) {
|
|
1820
|
+
const token = rest[i];
|
|
1821
|
+
if (!token) continue;
|
|
1822
|
+
if (token === "-c" || token === "-lc" || token === "-ic" || token === "-xc") return rest[i + 1] ? [rest[i + 1]] : [];
|
|
1823
|
+
if (/^-[^-]*c[^-]*$/u.test(token)) return rest[i + 1] ? [rest[i + 1]] : [];
|
|
1824
|
+
}
|
|
1825
|
+
return [];
|
|
1826
|
+
};
|
|
1827
|
+
const buildCandidates = (argv) => {
|
|
1828
|
+
const envSplitCandidates = extractEnvSplitStringPayload(argv).flatMap((payload) => {
|
|
1829
|
+
const innerArgv = splitShellArgs(payload);
|
|
1830
|
+
return innerArgv ? buildCandidates(innerArgv) : [payload];
|
|
1831
|
+
});
|
|
1832
|
+
const stripped = stripApprovalCommandPrefixes(argv);
|
|
1833
|
+
const shellWrapperCandidates = extractShellWrapperPayload(stripped).flatMap((payload) => {
|
|
1834
|
+
const innerArgv = splitShellArgs(payload);
|
|
1835
|
+
return innerArgv ? buildCandidates(innerArgv) : [payload];
|
|
1836
|
+
});
|
|
1837
|
+
return [
|
|
1838
|
+
...stripped.length > 0 ? [stripped.join(" ")] : [],
|
|
1839
|
+
...envSplitCandidates,
|
|
1840
|
+
...shellWrapperCandidates
|
|
1841
|
+
];
|
|
1842
|
+
};
|
|
1843
|
+
const rawCommand = command.trim();
|
|
1844
|
+
const analysis = analyzeShellCommand({ command: rawCommand });
|
|
1845
|
+
const candidates = analysis.ok ? analysis.segments.flatMap((segment) => buildCandidates(segment.argv)) : rawCommand.split(/\r?\n/).map((line) => line.trim()).filter(Boolean).flatMap((line) => {
|
|
1846
|
+
const argv = splitShellArgs(line);
|
|
1847
|
+
return argv ? buildCandidates(argv) : [line];
|
|
1848
|
+
});
|
|
1849
|
+
for (const candidate of candidates) {
|
|
1850
|
+
if (!parseExecApprovalShellCommand(candidate)) continue;
|
|
1851
|
+
throw new Error(["exec cannot run /approve commands.", "Show the /approve command to the user as chat text, or route it through the approval command handler instead of shell execution."].join(" "));
|
|
1852
|
+
}
|
|
1853
|
+
}
|
|
1854
|
+
function createExecTool(defaults) {
|
|
1855
|
+
const defaultBackgroundMs = clampWithDefault(defaults?.backgroundMs ?? readEnvInt("PI_BASH_YIELD_MS"), 1e4, 10, 12e4);
|
|
1856
|
+
const allowBackground = defaults?.allowBackground ?? true;
|
|
1857
|
+
const defaultTimeoutSec = typeof defaults?.timeoutSec === "number" && defaults.timeoutSec > 0 ? defaults.timeoutSec : 1800;
|
|
1858
|
+
const defaultPathPrepend = normalizePathPrepend(defaults?.pathPrepend);
|
|
1859
|
+
const { safeBins, safeBinProfiles, trustedSafeBinDirs, unprofiledSafeBins, unprofiledInterpreterSafeBins } = resolveExecSafeBinRuntimePolicy({
|
|
1860
|
+
local: {
|
|
1861
|
+
safeBins: defaults?.safeBins,
|
|
1862
|
+
safeBinTrustedDirs: defaults?.safeBinTrustedDirs,
|
|
1863
|
+
safeBinProfiles: defaults?.safeBinProfiles
|
|
1864
|
+
},
|
|
1865
|
+
onWarning: (message) => {
|
|
1866
|
+
logInfo(message);
|
|
1867
|
+
}
|
|
1868
|
+
});
|
|
1869
|
+
if (unprofiledSafeBins.length > 0) logInfo(`exec: ignoring unprofiled safeBins entries (${unprofiledSafeBins.toSorted().join(", ")}); use allowlist or define tools.exec.safeBinProfiles.<bin>`);
|
|
1870
|
+
if (unprofiledInterpreterSafeBins.length > 0) logInfo(`exec: interpreter/runtime binaries in safeBins (${unprofiledInterpreterSafeBins.join(", ")}) are unsafe without explicit hardened profiles; prefer allowlist entries`);
|
|
1871
|
+
const notifyOnExit = defaults?.notifyOnExit !== false;
|
|
1872
|
+
const notifyOnExitEmptySuccess = defaults?.notifyOnExitEmptySuccess === true;
|
|
1873
|
+
const notifySessionKey = normalizeOptionalString(defaults?.sessionKey);
|
|
1874
|
+
const notifyDeliveryContext = normalizeDeliveryContext({
|
|
1875
|
+
channel: defaults?.messageProvider,
|
|
1876
|
+
to: defaults?.currentChannelId,
|
|
1877
|
+
accountId: defaults?.accountId,
|
|
1878
|
+
threadId: defaults?.currentThreadTs
|
|
1879
|
+
});
|
|
1880
|
+
const approvalRunningNoticeMs = resolveApprovalRunningNoticeMs(defaults?.approvalRunningNoticeMs);
|
|
1881
|
+
const parsedAgentSession = parseAgentSessionKey(defaults?.sessionKey);
|
|
1882
|
+
const agentId = defaults?.agentId ?? (parsedAgentSession ? resolveAgentIdFromSessionKey(defaults?.sessionKey) : void 0);
|
|
1883
|
+
return {
|
|
1884
|
+
name: "exec",
|
|
1885
|
+
label: "exec",
|
|
1886
|
+
displaySummary: EXEC_TOOL_DISPLAY_SUMMARY,
|
|
1887
|
+
get description() {
|
|
1888
|
+
return describeExecTool({
|
|
1889
|
+
agentId,
|
|
1890
|
+
hasCronTool: defaults?.hasCronTool === true
|
|
1891
|
+
});
|
|
1892
|
+
},
|
|
1893
|
+
parameters: execSchema,
|
|
1894
|
+
execute: async (_toolCallId, args, signal, onUpdate) => {
|
|
1895
|
+
const params = args;
|
|
1896
|
+
if (!params.command) throw new Error("Provide a command to start.");
|
|
1897
|
+
const maxOutput = DEFAULT_MAX_OUTPUT;
|
|
1898
|
+
const pendingMaxOutput = DEFAULT_PENDING_MAX_OUTPUT;
|
|
1899
|
+
const warnings = [];
|
|
1900
|
+
let execCommandOverride;
|
|
1901
|
+
const backgroundRequested = params.background === true;
|
|
1902
|
+
const yieldRequested = typeof params.yieldMs === "number";
|
|
1903
|
+
if (!allowBackground && (backgroundRequested || yieldRequested)) warnings.push("Warning: background execution is disabled; running synchronously.");
|
|
1904
|
+
const yieldWindow = allowBackground ? backgroundRequested ? 0 : clampWithDefault(params.yieldMs ?? defaultBackgroundMs, defaultBackgroundMs, 10, 12e4) : null;
|
|
1905
|
+
const elevatedDefaults = defaults?.elevated;
|
|
1906
|
+
const elevatedAllowed = Boolean(elevatedDefaults?.enabled && elevatedDefaults.allowed);
|
|
1907
|
+
const elevatedDefaultMode = elevatedDefaults?.defaultLevel === "full" ? "full" : elevatedDefaults?.defaultLevel === "ask" ? "ask" : elevatedDefaults?.defaultLevel === "on" ? "ask" : "off";
|
|
1908
|
+
const effectiveDefaultMode = elevatedAllowed ? elevatedDefaultMode : "off";
|
|
1909
|
+
const elevatedMode = typeof params.elevated === "boolean" ? params.elevated ? elevatedDefaultMode === "full" ? "full" : "ask" : "off" : effectiveDefaultMode;
|
|
1910
|
+
const elevatedRequested = elevatedMode !== "off";
|
|
1911
|
+
if (elevatedRequested) {
|
|
1912
|
+
if (!elevatedDefaults?.enabled || !elevatedDefaults.allowed) {
|
|
1913
|
+
const runtime = defaults?.sandbox ? "sandboxed" : "direct";
|
|
1914
|
+
const gates = [];
|
|
1915
|
+
const contextParts = [];
|
|
1916
|
+
const provider = normalizeOptionalString(defaults?.messageProvider);
|
|
1917
|
+
const sessionKey = normalizeOptionalString(defaults?.sessionKey);
|
|
1918
|
+
if (provider) contextParts.push(`provider=${provider}`);
|
|
1919
|
+
if (sessionKey) contextParts.push(`session=${sessionKey}`);
|
|
1920
|
+
if (!elevatedDefaults?.enabled) gates.push("enabled (tools.elevated.enabled / agents.list[].tools.elevated.enabled)");
|
|
1921
|
+
else gates.push("allowFrom (tools.elevated.allowFrom.<provider> / agents.list[].tools.elevated.allowFrom.<provider>)");
|
|
1922
|
+
throw new Error([
|
|
1923
|
+
`elevated is not available right now (runtime=${runtime}).`,
|
|
1924
|
+
`Failing gates: ${gates.join(", ")}`,
|
|
1925
|
+
contextParts.length > 0 ? `Context: ${contextParts.join(" ")}` : void 0,
|
|
1926
|
+
"Fix-it keys:",
|
|
1927
|
+
"- tools.elevated.enabled",
|
|
1928
|
+
"- tools.elevated.allowFrom.<provider>",
|
|
1929
|
+
"- agents.list[].tools.elevated.enabled",
|
|
1930
|
+
"- agents.list[].tools.elevated.allowFrom.<provider>"
|
|
1931
|
+
].filter(Boolean).join("\n"));
|
|
1932
|
+
}
|
|
1933
|
+
}
|
|
1934
|
+
if (elevatedRequested) logInfo(`exec: elevated command ${truncateMiddle(params.command, 120)}`);
|
|
1935
|
+
const target = resolveExecTarget({
|
|
1936
|
+
configuredTarget: defaults?.host,
|
|
1937
|
+
requestedTarget: normalizeExecTarget(params.host),
|
|
1938
|
+
elevatedRequested,
|
|
1939
|
+
sandboxAvailable: Boolean(defaults?.sandbox)
|
|
1940
|
+
});
|
|
1941
|
+
const host = target.effectiveHost;
|
|
1942
|
+
const approvalDefaults = loadExecApprovals().defaults;
|
|
1943
|
+
const configuredSecurity = defaults?.security ?? approvalDefaults?.security ?? (host === "sandbox" ? "deny" : "full");
|
|
1944
|
+
let security = minSecurity(configuredSecurity, normalizeExecSecurity(params.security) ?? configuredSecurity);
|
|
1945
|
+
if (elevatedRequested && elevatedMode === "full") security = "full";
|
|
1946
|
+
const configuredAsk = defaults?.ask ?? approvalDefaults?.ask ?? "off";
|
|
1947
|
+
let ask = maxAsk(configuredAsk, normalizeExecAsk(params.ask) ?? configuredAsk);
|
|
1948
|
+
const bypassApprovals = elevatedRequested && elevatedMode === "full";
|
|
1949
|
+
if (bypassApprovals) ask = "off";
|
|
1950
|
+
if (defaults?.safeguard?.enabled !== false) {
|
|
1951
|
+
const safeguardAnalysis = analyzeShellCommand({ command: params.command });
|
|
1952
|
+
let verdict = evaluateExecSafeguard(safeguardAnalysis, { rawCommand: params.command });
|
|
1953
|
+
const evaluateModel = defaults?.safeguard?.evaluateCommandImpact;
|
|
1954
|
+
if (evaluateModel && verdict.risk !== "high" && isAmbiguousForModel(safeguardAnalysis)) {
|
|
1955
|
+
const timeoutMs = Math.max(1, Math.floor(defaults?.safeguard?.timeoutSeconds ?? 20)) * 1e3;
|
|
1956
|
+
const controller = new AbortController();
|
|
1957
|
+
const onOuterAbort = () => controller.abort();
|
|
1958
|
+
signal?.addEventListener("abort", onOuterAbort, { once: true });
|
|
1959
|
+
const timer = setTimeout(() => controller.abort(), timeoutMs);
|
|
1960
|
+
try {
|
|
1961
|
+
const modelVerdict = parseModelRiskVerdict(await evaluateModel(params.command, controller.signal));
|
|
1962
|
+
if (modelVerdict) verdict = mergeSafeguardVerdicts(verdict, modelVerdict);
|
|
1963
|
+
} catch {} finally {
|
|
1964
|
+
clearTimeout(timer);
|
|
1965
|
+
signal?.removeEventListener("abort", onOuterAbort);
|
|
1966
|
+
}
|
|
1967
|
+
}
|
|
1968
|
+
if (verdict.risk === "high") throw new Error([
|
|
1969
|
+
"Safeguard blocked this command: predicted high system impact.",
|
|
1970
|
+
`Reasons: ${verdict.reasons.join("; ")}`,
|
|
1971
|
+
"This command was not run. If it is genuinely required, run it yourself or adjust tools.exec.safeguard."
|
|
1972
|
+
].join("\n"));
|
|
1973
|
+
if (verdict.risk === "medium" && !bypassApprovals) {
|
|
1974
|
+
ask = "always";
|
|
1975
|
+
warnings.push(`Safeguard: medium-risk command requires approval (${verdict.reasons.join("; ")}).`);
|
|
1976
|
+
}
|
|
1977
|
+
}
|
|
1978
|
+
const sandbox = host === "sandbox" ? defaults?.sandbox : void 0;
|
|
1979
|
+
if (target.selectedTarget === "sandbox" && !sandbox) throw new Error(["exec host=sandbox requires a sandbox runtime for this session.", "Enable sandbox mode (`agents.defaults.sandbox.mode=\"non-main\"` or `\"all\"`) or use host=auto/gateway/node."].join("\n"));
|
|
1980
|
+
const explicitWorkdir = normalizeOptionalString(params.workdir);
|
|
1981
|
+
const defaultWorkdir = normalizeOptionalString(defaults?.cwd);
|
|
1982
|
+
let workdir;
|
|
1983
|
+
let containerWorkdir = sandbox?.containerWorkdir;
|
|
1984
|
+
if (sandbox) {
|
|
1985
|
+
const resolved = await resolveSandboxWorkdir({
|
|
1986
|
+
workdir: explicitWorkdir ?? defaultWorkdir ?? process.cwd(),
|
|
1987
|
+
sandbox,
|
|
1988
|
+
warnings
|
|
1989
|
+
});
|
|
1990
|
+
workdir = resolved.hostWorkdir;
|
|
1991
|
+
containerWorkdir = resolved.containerWorkdir;
|
|
1992
|
+
} else if (host === "node") workdir = explicitWorkdir;
|
|
1993
|
+
else workdir = resolveWorkdir(explicitWorkdir ?? defaultWorkdir ?? process.cwd(), warnings);
|
|
1994
|
+
rejectExecApprovalShellCommand(params.command);
|
|
1995
|
+
const inheritedBaseEnv = coerceEnv(process.env);
|
|
1996
|
+
const hostEnvResult = host === "sandbox" ? null : sanitizeHostExecEnvWithDiagnostics({
|
|
1997
|
+
baseEnv: inheritedBaseEnv,
|
|
1998
|
+
overrides: params.env,
|
|
1999
|
+
blockPathOverrides: true
|
|
2000
|
+
});
|
|
2001
|
+
if (hostEnvResult && params.env && (hostEnvResult.rejectedOverrideBlockedKeys.length > 0 || hostEnvResult.rejectedOverrideInvalidKeys.length > 0)) {
|
|
2002
|
+
const blockedKeys = hostEnvResult.rejectedOverrideBlockedKeys;
|
|
2003
|
+
const invalidKeys = hostEnvResult.rejectedOverrideInvalidKeys;
|
|
2004
|
+
const pathBlocked = blockedKeys.includes("PATH");
|
|
2005
|
+
if (pathBlocked && blockedKeys.length === 1 && invalidKeys.length === 0) throw new Error("Security Violation: Custom 'PATH' variable is forbidden during host execution.");
|
|
2006
|
+
if (blockedKeys.length === 1 && invalidKeys.length === 0) throw new Error(`Security Violation: Environment variable '${blockedKeys[0]}' is forbidden during host execution.`);
|
|
2007
|
+
const details = [];
|
|
2008
|
+
if (blockedKeys.length > 0) details.push(`blocked override keys: ${blockedKeys.join(", ")}`);
|
|
2009
|
+
if (invalidKeys.length > 0) details.push(`invalid non-portable override keys: ${invalidKeys.join(", ")}`);
|
|
2010
|
+
const suffix = details.join("; ");
|
|
2011
|
+
if (pathBlocked) throw new Error(`Security Violation: Custom 'PATH' variable is forbidden during host execution (${suffix}).`);
|
|
2012
|
+
throw new Error(`Security Violation: ${suffix}.`);
|
|
2013
|
+
}
|
|
2014
|
+
const env = sandbox && host === "sandbox" ? buildSandboxEnv({
|
|
2015
|
+
defaultPath: DEFAULT_PATH,
|
|
2016
|
+
paramsEnv: params.env,
|
|
2017
|
+
sandboxEnv: sandbox.env,
|
|
2018
|
+
containerWorkdir: containerWorkdir ?? sandbox.containerWorkdir
|
|
2019
|
+
}) : hostEnvResult?.env ?? inheritedBaseEnv;
|
|
2020
|
+
if (!sandbox && host === "gateway" && !params.env?.PATH) applyShellPath(env, getShellPathFromLoginShell({
|
|
2021
|
+
env: process.env,
|
|
2022
|
+
timeoutMs: resolveShellEnvFallbackTimeoutMs(process.env)
|
|
2023
|
+
}));
|
|
2024
|
+
if (host === "node" && defaultPathPrepend.length > 0) warnings.push("Warning: tools.exec.pathPrepend is ignored for host=node. Configure PATH on the node host/service instead.");
|
|
2025
|
+
else applyPathPrepend(env, defaultPathPrepend);
|
|
2026
|
+
if (host === "node") return executeNodeHostCommand({
|
|
2027
|
+
command: params.command,
|
|
2028
|
+
workdir,
|
|
2029
|
+
env,
|
|
2030
|
+
requestedEnv: params.env,
|
|
2031
|
+
requestedNode: params.node?.trim(),
|
|
2032
|
+
boundNode: defaults?.node?.trim(),
|
|
2033
|
+
sessionKey: defaults?.sessionKey,
|
|
2034
|
+
turnSourceChannel: defaults?.messageProvider,
|
|
2035
|
+
turnSourceTo: defaults?.currentChannelId,
|
|
2036
|
+
turnSourceAccountId: defaults?.accountId,
|
|
2037
|
+
turnSourceThreadId: defaults?.currentThreadTs,
|
|
2038
|
+
agentId,
|
|
2039
|
+
security,
|
|
2040
|
+
ask,
|
|
2041
|
+
strictInlineEval: defaults?.strictInlineEval,
|
|
2042
|
+
trigger: defaults?.trigger,
|
|
2043
|
+
timeoutSec: params.timeout,
|
|
2044
|
+
defaultTimeoutSec,
|
|
2045
|
+
approvalRunningNoticeMs,
|
|
2046
|
+
warnings,
|
|
2047
|
+
notifySessionKey,
|
|
2048
|
+
notifyOnExit,
|
|
2049
|
+
trustedSafeBinDirs
|
|
2050
|
+
});
|
|
2051
|
+
if (!workdir) throw new Error("exec internal error: local execution requires a resolved workdir");
|
|
2052
|
+
if (host === "gateway" && !bypassApprovals) {
|
|
2053
|
+
const gatewayResult = await processGatewayAllowlist({
|
|
2054
|
+
command: params.command,
|
|
2055
|
+
workdir,
|
|
2056
|
+
env,
|
|
2057
|
+
requestedEnv: params.env,
|
|
2058
|
+
pty: params.pty === true && !sandbox,
|
|
2059
|
+
timeoutSec: params.timeout,
|
|
2060
|
+
defaultTimeoutSec,
|
|
2061
|
+
security,
|
|
2062
|
+
ask,
|
|
2063
|
+
safeBins,
|
|
2064
|
+
safeBinProfiles,
|
|
2065
|
+
strictInlineEval: defaults?.strictInlineEval,
|
|
2066
|
+
trigger: defaults?.trigger,
|
|
2067
|
+
agentId,
|
|
2068
|
+
sessionKey: defaults?.sessionKey,
|
|
2069
|
+
turnSourceChannel: defaults?.messageProvider,
|
|
2070
|
+
turnSourceTo: defaults?.currentChannelId,
|
|
2071
|
+
turnSourceAccountId: defaults?.accountId,
|
|
2072
|
+
turnSourceThreadId: defaults?.currentThreadTs,
|
|
2073
|
+
scopeKey: defaults?.scopeKey,
|
|
2074
|
+
warnings,
|
|
2075
|
+
notifySessionKey,
|
|
2076
|
+
approvalRunningNoticeMs,
|
|
2077
|
+
maxOutput,
|
|
2078
|
+
pendingMaxOutput,
|
|
2079
|
+
trustedSafeBinDirs
|
|
2080
|
+
});
|
|
2081
|
+
if (gatewayResult.pendingResult) return gatewayResult.pendingResult;
|
|
2082
|
+
execCommandOverride = gatewayResult.execCommandOverride;
|
|
2083
|
+
if (gatewayResult.allowWithoutEnforcedCommand) execCommandOverride = void 0;
|
|
2084
|
+
}
|
|
2085
|
+
const explicitTimeoutSec = typeof params.timeout === "number" ? params.timeout : null;
|
|
2086
|
+
const effectiveTimeout = allowBackground && explicitTimeoutSec === null && (backgroundRequested || yieldRequested) ? null : explicitTimeoutSec ?? defaultTimeoutSec;
|
|
2087
|
+
const getWarningText = () => warnings.length ? `${warnings.join("\n")}\n\n` : "";
|
|
2088
|
+
const usePty = params.pty === true && !sandbox;
|
|
2089
|
+
if (!shouldSkipExecScriptPreflight({
|
|
2090
|
+
host,
|
|
2091
|
+
security,
|
|
2092
|
+
ask
|
|
2093
|
+
})) await validateScriptFileForShellBleed({
|
|
2094
|
+
command: params.command,
|
|
2095
|
+
workdir
|
|
2096
|
+
});
|
|
2097
|
+
const run = await runExecProcess({
|
|
2098
|
+
command: params.command,
|
|
2099
|
+
execCommand: execCommandOverride,
|
|
2100
|
+
workdir,
|
|
2101
|
+
env,
|
|
2102
|
+
sandbox,
|
|
2103
|
+
containerWorkdir,
|
|
2104
|
+
usePty,
|
|
2105
|
+
warnings,
|
|
2106
|
+
maxOutput,
|
|
2107
|
+
pendingMaxOutput,
|
|
2108
|
+
notifyOnExit,
|
|
2109
|
+
notifyOnExitEmptySuccess,
|
|
2110
|
+
scopeKey: defaults?.scopeKey,
|
|
2111
|
+
sessionKey: notifySessionKey,
|
|
2112
|
+
notifyDeliveryContext,
|
|
2113
|
+
timeoutSec: effectiveTimeout,
|
|
2114
|
+
onUpdate
|
|
2115
|
+
});
|
|
2116
|
+
let yielded = false;
|
|
2117
|
+
let yieldTimer = null;
|
|
2118
|
+
const onAbortSignal = () => {
|
|
2119
|
+
run.disableUpdates();
|
|
2120
|
+
if (yielded || run.session.backgrounded) return;
|
|
2121
|
+
run.kill();
|
|
2122
|
+
};
|
|
2123
|
+
if (signal?.aborted) onAbortSignal();
|
|
2124
|
+
else if (signal) signal.addEventListener("abort", onAbortSignal, { once: true });
|
|
2125
|
+
return new Promise((resolve, reject) => {
|
|
2126
|
+
const resolveRunning = () => resolve({
|
|
2127
|
+
content: [{
|
|
2128
|
+
type: "text",
|
|
2129
|
+
text: `${getWarningText()}Command still running (session ${run.session.id}, pid ${run.session.pid ?? "n/a"}). Use process (list/poll/log/write/kill/clear/remove) for follow-up.`
|
|
2130
|
+
}],
|
|
2131
|
+
details: {
|
|
2132
|
+
status: "running",
|
|
2133
|
+
sessionId: run.session.id,
|
|
2134
|
+
pid: run.session.pid ?? void 0,
|
|
2135
|
+
startedAt: run.startedAt,
|
|
2136
|
+
cwd: run.session.cwd,
|
|
2137
|
+
tail: run.session.tail
|
|
2138
|
+
}
|
|
2139
|
+
});
|
|
2140
|
+
const onYieldNow = () => {
|
|
2141
|
+
if (yieldTimer) clearTimeout(yieldTimer);
|
|
2142
|
+
if (yielded) return;
|
|
2143
|
+
yielded = true;
|
|
2144
|
+
markBackgrounded(run.session);
|
|
2145
|
+
resolveRunning();
|
|
2146
|
+
};
|
|
2147
|
+
if (allowBackground && yieldWindow !== null) if (yieldWindow === 0) onYieldNow();
|
|
2148
|
+
else yieldTimer = setTimeout(() => {
|
|
2149
|
+
if (yielded) return;
|
|
2150
|
+
yielded = true;
|
|
2151
|
+
markBackgrounded(run.session);
|
|
2152
|
+
resolveRunning();
|
|
2153
|
+
}, yieldWindow);
|
|
2154
|
+
run.promise.then((outcome) => {
|
|
2155
|
+
if (yieldTimer) clearTimeout(yieldTimer);
|
|
2156
|
+
if (yielded || run.session.backgrounded) return;
|
|
2157
|
+
resolve(buildExecForegroundResult({
|
|
2158
|
+
outcome,
|
|
2159
|
+
cwd: run.session.cwd,
|
|
2160
|
+
warningText: getWarningText()
|
|
2161
|
+
}));
|
|
2162
|
+
}).catch((err) => {
|
|
2163
|
+
if (yieldTimer) clearTimeout(yieldTimer);
|
|
2164
|
+
if (yielded || run.session.backgrounded) return;
|
|
2165
|
+
reject(err);
|
|
2166
|
+
});
|
|
2167
|
+
});
|
|
2168
|
+
}
|
|
2169
|
+
};
|
|
2170
|
+
}
|
|
2171
|
+
const execTool = createExecTool();
|
|
2172
|
+
//#endregion
|
|
2173
|
+
//#region src/agents/pty-keys.ts
|
|
2174
|
+
const ESC = "\x1B";
|
|
2175
|
+
const CR = "\r";
|
|
2176
|
+
const TAB = " ";
|
|
2177
|
+
const BACKSPACE = "";
|
|
2178
|
+
const BRACKETED_PASTE_START = `${ESC}[200~`;
|
|
2179
|
+
const BRACKETED_PASTE_END = `${ESC}[201~`;
|
|
2180
|
+
/** SS3 sequences for DECCKM application cursor key mode (smkx). */
|
|
2181
|
+
const DECCKM_SS3_KEYS = {
|
|
2182
|
+
up: `${ESC}OA`,
|
|
2183
|
+
down: `${ESC}OB`,
|
|
2184
|
+
right: `${ESC}OC`,
|
|
2185
|
+
left: `${ESC}OD`,
|
|
2186
|
+
home: `${ESC}OH`,
|
|
2187
|
+
end: `${ESC}OF`
|
|
2188
|
+
};
|
|
2189
|
+
const namedKeyMap = new Map([
|
|
2190
|
+
["enter", CR],
|
|
2191
|
+
["return", CR],
|
|
2192
|
+
["tab", TAB],
|
|
2193
|
+
["escape", ESC],
|
|
2194
|
+
["esc", ESC],
|
|
2195
|
+
["space", " "],
|
|
2196
|
+
["bspace", BACKSPACE],
|
|
2197
|
+
["backspace", BACKSPACE],
|
|
2198
|
+
["up", `${ESC}[A`],
|
|
2199
|
+
["down", `${ESC}[B`],
|
|
2200
|
+
["right", `${ESC}[C`],
|
|
2201
|
+
["left", `${ESC}[D`],
|
|
2202
|
+
["home", `${ESC}[1~`],
|
|
2203
|
+
["end", `${ESC}[4~`],
|
|
2204
|
+
["pageup", `${ESC}[5~`],
|
|
2205
|
+
["pgup", `${ESC}[5~`],
|
|
2206
|
+
["ppage", `${ESC}[5~`],
|
|
2207
|
+
["pagedown", `${ESC}[6~`],
|
|
2208
|
+
["pgdn", `${ESC}[6~`],
|
|
2209
|
+
["npage", `${ESC}[6~`],
|
|
2210
|
+
["insert", `${ESC}[2~`],
|
|
2211
|
+
["ic", `${ESC}[2~`],
|
|
2212
|
+
["delete", `${ESC}[3~`],
|
|
2213
|
+
["del", `${ESC}[3~`],
|
|
2214
|
+
["dc", `${ESC}[3~`],
|
|
2215
|
+
["btab", `${ESC}[Z`],
|
|
2216
|
+
["f1", `${ESC}OP`],
|
|
2217
|
+
["f2", `${ESC}OQ`],
|
|
2218
|
+
["f3", `${ESC}OR`],
|
|
2219
|
+
["f4", `${ESC}OS`],
|
|
2220
|
+
["f5", `${ESC}[15~`],
|
|
2221
|
+
["f6", `${ESC}[17~`],
|
|
2222
|
+
["f7", `${ESC}[18~`],
|
|
2223
|
+
["f8", `${ESC}[19~`],
|
|
2224
|
+
["f9", `${ESC}[20~`],
|
|
2225
|
+
["f10", `${ESC}[21~`],
|
|
2226
|
+
["f11", `${ESC}[23~`],
|
|
2227
|
+
["f12", `${ESC}[24~`],
|
|
2228
|
+
["kp/", `${ESC}Oo`],
|
|
2229
|
+
["kp*", `${ESC}Oj`],
|
|
2230
|
+
["kp-", `${ESC}Om`],
|
|
2231
|
+
["kp+", `${ESC}Ok`],
|
|
2232
|
+
["kp7", `${ESC}Ow`],
|
|
2233
|
+
["kp8", `${ESC}Ox`],
|
|
2234
|
+
["kp9", `${ESC}Oy`],
|
|
2235
|
+
["kp4", `${ESC}Ot`],
|
|
2236
|
+
["kp5", `${ESC}Ou`],
|
|
2237
|
+
["kp6", `${ESC}Ov`],
|
|
2238
|
+
["kp1", `${ESC}Oq`],
|
|
2239
|
+
["kp2", `${ESC}Or`],
|
|
2240
|
+
["kp3", `${ESC}Os`],
|
|
2241
|
+
["kp0", `${ESC}Op`],
|
|
2242
|
+
["kp.", `${ESC}On`],
|
|
2243
|
+
["kpenter", `${ESC}OM`]
|
|
2244
|
+
]);
|
|
2245
|
+
const modifiableNamedKeys = new Set([
|
|
2246
|
+
"up",
|
|
2247
|
+
"down",
|
|
2248
|
+
"left",
|
|
2249
|
+
"right",
|
|
2250
|
+
"home",
|
|
2251
|
+
"end",
|
|
2252
|
+
"pageup",
|
|
2253
|
+
"pgup",
|
|
2254
|
+
"ppage",
|
|
2255
|
+
"pagedown",
|
|
2256
|
+
"pgdn",
|
|
2257
|
+
"npage",
|
|
2258
|
+
"insert",
|
|
2259
|
+
"ic",
|
|
2260
|
+
"delete",
|
|
2261
|
+
"del",
|
|
2262
|
+
"dc"
|
|
2263
|
+
]);
|
|
2264
|
+
function hasCursorModeSensitiveKeys(request) {
|
|
2265
|
+
return request.keys?.some((raw) => {
|
|
2266
|
+
const token = raw.trim();
|
|
2267
|
+
if (!token) return false;
|
|
2268
|
+
const parsed = parseModifiers(token);
|
|
2269
|
+
if (hasAnyModifier(parsed.mods)) return false;
|
|
2270
|
+
return normalizeLowercaseStringOrEmpty(parsed.base) in DECCKM_SS3_KEYS;
|
|
2271
|
+
}) ?? false;
|
|
2272
|
+
}
|
|
2273
|
+
function encodeKeySequence(request, cursorKeyMode) {
|
|
2274
|
+
const warnings = [];
|
|
2275
|
+
let data = "";
|
|
2276
|
+
if (request.literal) data += request.literal;
|
|
2277
|
+
if (request.hex?.length) for (const raw of request.hex) {
|
|
2278
|
+
const byte = parseHexByte(raw);
|
|
2279
|
+
if (byte === null) {
|
|
2280
|
+
warnings.push(`Invalid hex byte: ${raw}`);
|
|
2281
|
+
continue;
|
|
2282
|
+
}
|
|
2283
|
+
data += String.fromCharCode(byte);
|
|
2284
|
+
}
|
|
2285
|
+
if (request.keys?.length) for (const token of request.keys) data += encodeKeyToken(token, warnings, cursorKeyMode);
|
|
2286
|
+
return {
|
|
2287
|
+
data,
|
|
2288
|
+
warnings
|
|
2289
|
+
};
|
|
2290
|
+
}
|
|
2291
|
+
function encodePaste(text, bracketed = true) {
|
|
2292
|
+
if (!bracketed) return text;
|
|
2293
|
+
return `${BRACKETED_PASTE_START}${text}${BRACKETED_PASTE_END}`;
|
|
2294
|
+
}
|
|
2295
|
+
function encodeKeyToken(raw, warnings, cursorKeyMode) {
|
|
2296
|
+
const token = raw.trim();
|
|
2297
|
+
if (!token) return "";
|
|
2298
|
+
if (token.length === 2 && token.startsWith("^")) {
|
|
2299
|
+
const ctrl = toCtrlChar(token[1]);
|
|
2300
|
+
if (ctrl) return ctrl;
|
|
2301
|
+
}
|
|
2302
|
+
const parsed = parseModifiers(token);
|
|
2303
|
+
const base = parsed.base;
|
|
2304
|
+
const baseLower = normalizeLowercaseStringOrEmpty(base);
|
|
2305
|
+
if (baseLower === "tab" && parsed.mods.shift) return `${ESC}[Z`;
|
|
2306
|
+
if (modifiableNamedKeys.has(baseLower) && cursorKeyMode === "application" && !hasAnyModifier(parsed.mods)) {
|
|
2307
|
+
const ss3Seq = DECCKM_SS3_KEYS[baseLower];
|
|
2308
|
+
if (ss3Seq) return ss3Seq;
|
|
2309
|
+
}
|
|
2310
|
+
const baseSeq = namedKeyMap.get(baseLower);
|
|
2311
|
+
if (baseSeq) {
|
|
2312
|
+
let seq = baseSeq;
|
|
2313
|
+
if (modifiableNamedKeys.has(baseLower) && hasAnyModifier(parsed.mods)) {
|
|
2314
|
+
const mod = xtermModifier(parsed.mods);
|
|
2315
|
+
if (mod > 1) {
|
|
2316
|
+
const modified = applyXtermModifier(seq, mod);
|
|
2317
|
+
if (modified) {
|
|
2318
|
+
seq = modified;
|
|
2319
|
+
return seq;
|
|
2320
|
+
}
|
|
2321
|
+
}
|
|
2322
|
+
}
|
|
2323
|
+
if (parsed.mods.alt) return `${ESC}${seq}`;
|
|
2324
|
+
return seq;
|
|
2325
|
+
}
|
|
2326
|
+
if (base.length === 1) return applyCharModifiers(base, parsed.mods);
|
|
2327
|
+
if (parsed.hasModifiers) warnings.push(`Unknown key "${base}" for modifiers; sending literal.`);
|
|
2328
|
+
return base;
|
|
2329
|
+
}
|
|
2330
|
+
function parseModifiers(token) {
|
|
2331
|
+
const mods = {
|
|
2332
|
+
ctrl: false,
|
|
2333
|
+
alt: false,
|
|
2334
|
+
shift: false
|
|
2335
|
+
};
|
|
2336
|
+
let rest = token;
|
|
2337
|
+
let sawModifiers = false;
|
|
2338
|
+
while (rest.length > 2 && rest[1] === "-") {
|
|
2339
|
+
const mod = normalizeLowercaseStringOrEmpty(rest[0]);
|
|
2340
|
+
if (mod === "c") mods.ctrl = true;
|
|
2341
|
+
else if (mod === "m") mods.alt = true;
|
|
2342
|
+
else if (mod === "s") mods.shift = true;
|
|
2343
|
+
else break;
|
|
2344
|
+
sawModifiers = true;
|
|
2345
|
+
rest = rest.slice(2);
|
|
2346
|
+
}
|
|
2347
|
+
return {
|
|
2348
|
+
mods,
|
|
2349
|
+
base: rest,
|
|
2350
|
+
hasModifiers: sawModifiers
|
|
2351
|
+
};
|
|
2352
|
+
}
|
|
2353
|
+
function applyCharModifiers(char, mods) {
|
|
2354
|
+
let value = char;
|
|
2355
|
+
if (mods.shift && value.length === 1 && /[a-z]/.test(value)) value = value.toUpperCase();
|
|
2356
|
+
if (mods.ctrl) {
|
|
2357
|
+
const ctrl = toCtrlChar(value);
|
|
2358
|
+
if (ctrl) value = ctrl;
|
|
2359
|
+
}
|
|
2360
|
+
if (mods.alt) value = `${ESC}${value}`;
|
|
2361
|
+
return value;
|
|
2362
|
+
}
|
|
2363
|
+
function toCtrlChar(char) {
|
|
2364
|
+
if (char.length !== 1) return null;
|
|
2365
|
+
if (char === "?") return "";
|
|
2366
|
+
const code = char.toUpperCase().charCodeAt(0);
|
|
2367
|
+
if (code >= 64 && code <= 95) return String.fromCharCode(code & 31);
|
|
2368
|
+
return null;
|
|
2369
|
+
}
|
|
2370
|
+
function xtermModifier(mods) {
|
|
2371
|
+
let mod = 1;
|
|
2372
|
+
if (mods.shift) mod += 1;
|
|
2373
|
+
if (mods.alt) mod += 2;
|
|
2374
|
+
if (mods.ctrl) mod += 4;
|
|
2375
|
+
return mod;
|
|
2376
|
+
}
|
|
2377
|
+
function applyXtermModifier(sequence, modifier) {
|
|
2378
|
+
const escPattern = escapeRegExp(ESC);
|
|
2379
|
+
const csiNumber = new RegExp(`^${escPattern}\\[(\\d+)([~A-Z])$`);
|
|
2380
|
+
const csiArrow = new RegExp(`^${escPattern}\\[(A|B|C|D|H|F)$`);
|
|
2381
|
+
const numberMatch = sequence.match(csiNumber);
|
|
2382
|
+
if (numberMatch) return `${ESC}[${numberMatch[1]};${modifier}${numberMatch[2]}`;
|
|
2383
|
+
const arrowMatch = sequence.match(csiArrow);
|
|
2384
|
+
if (arrowMatch) return `${ESC}[1;${modifier}${arrowMatch[1]}`;
|
|
2385
|
+
return null;
|
|
2386
|
+
}
|
|
2387
|
+
function hasAnyModifier(mods) {
|
|
2388
|
+
return mods.ctrl || mods.alt || mods.shift;
|
|
2389
|
+
}
|
|
2390
|
+
function parseHexByte(raw) {
|
|
2391
|
+
const lower = normalizeLowercaseStringOrEmpty(raw);
|
|
2392
|
+
const normalized = lower.startsWith("0x") ? lower.slice(2) : lower;
|
|
2393
|
+
if (!/^[0-9a-f]{1,2}$/.test(normalized)) return null;
|
|
2394
|
+
const value = Number.parseInt(normalized, 16);
|
|
2395
|
+
if (Number.isNaN(value) || value < 0 || value > 255) return null;
|
|
2396
|
+
return value;
|
|
2397
|
+
}
|
|
2398
|
+
//#endregion
|
|
2399
|
+
//#region src/agents/bash-tools.process-send-keys.ts
|
|
2400
|
+
function failText$1(text) {
|
|
2401
|
+
return {
|
|
2402
|
+
content: [{
|
|
2403
|
+
type: "text",
|
|
2404
|
+
text
|
|
2405
|
+
}],
|
|
2406
|
+
details: { status: "failed" }
|
|
2407
|
+
};
|
|
2408
|
+
}
|
|
2409
|
+
async function writeToStdin(stdin, data) {
|
|
2410
|
+
await new Promise((resolve, reject) => {
|
|
2411
|
+
stdin.write(data, (err) => {
|
|
2412
|
+
if (err) reject(err);
|
|
2413
|
+
else resolve();
|
|
2414
|
+
});
|
|
2415
|
+
});
|
|
2416
|
+
}
|
|
2417
|
+
async function handleProcessSendKeys(params) {
|
|
2418
|
+
const request = {
|
|
2419
|
+
keys: params.keys,
|
|
2420
|
+
hex: params.hex,
|
|
2421
|
+
literal: params.literal
|
|
2422
|
+
};
|
|
2423
|
+
if (params.session.cursorKeyMode === "unknown" && hasCursorModeSensitiveKeys(request)) return failText$1(`Session ${params.sessionId} cursor key mode is not known yet. Poll or log until startup output appears, then retry send-keys.`);
|
|
2424
|
+
const { data, warnings } = encodeKeySequence(request, params.session.cursorKeyMode === "unknown" ? void 0 : params.session.cursorKeyMode);
|
|
2425
|
+
if (!data) return failText$1("No key data provided.");
|
|
2426
|
+
await writeToStdin(params.stdin, data);
|
|
2427
|
+
return {
|
|
2428
|
+
content: [{
|
|
2429
|
+
type: "text",
|
|
2430
|
+
text: `Sent ${data.length} bytes to session ${params.sessionId}.` + (warnings.length ? `\nWarnings:\n- ${warnings.join("\n- ")}` : "")
|
|
2431
|
+
}],
|
|
2432
|
+
details: {
|
|
2433
|
+
status: "running",
|
|
2434
|
+
sessionId: params.sessionId,
|
|
2435
|
+
name: deriveSessionName(params.session.command)
|
|
2436
|
+
}
|
|
2437
|
+
};
|
|
2438
|
+
}
|
|
2439
|
+
//#endregion
|
|
2440
|
+
//#region src/agents/bash-tools.process.ts
|
|
2441
|
+
const DEFAULT_LOG_TAIL_LINES = 200;
|
|
2442
|
+
function resolveLogSliceWindow(offset, limit) {
|
|
2443
|
+
const usingDefaultTail = offset === void 0 && limit === void 0;
|
|
2444
|
+
return {
|
|
2445
|
+
effectiveOffset: offset,
|
|
2446
|
+
effectiveLimit: typeof limit === "number" && Number.isFinite(limit) ? limit : usingDefaultTail ? DEFAULT_LOG_TAIL_LINES : void 0,
|
|
2447
|
+
usingDefaultTail
|
|
2448
|
+
};
|
|
2449
|
+
}
|
|
2450
|
+
function defaultTailNote(totalLines, usingDefaultTail) {
|
|
2451
|
+
if (!usingDefaultTail || totalLines <= DEFAULT_LOG_TAIL_LINES) return "";
|
|
2452
|
+
return `\n\n[showing last ${DEFAULT_LOG_TAIL_LINES} of ${totalLines} lines; pass offset/limit to page]`;
|
|
2453
|
+
}
|
|
2454
|
+
const MAX_POLL_WAIT_MS = 12e4;
|
|
2455
|
+
function resolvePollWaitMs(value) {
|
|
2456
|
+
if (typeof value === "number" && Number.isFinite(value)) return Math.max(0, Math.min(MAX_POLL_WAIT_MS, Math.floor(value)));
|
|
2457
|
+
if (typeof value === "string") {
|
|
2458
|
+
const parsed = Number.parseInt(value.trim(), 10);
|
|
2459
|
+
if (Number.isFinite(parsed)) return Math.max(0, Math.min(MAX_POLL_WAIT_MS, parsed));
|
|
2460
|
+
}
|
|
2461
|
+
return 0;
|
|
2462
|
+
}
|
|
2463
|
+
function failText(text) {
|
|
2464
|
+
return {
|
|
2465
|
+
content: [{
|
|
2466
|
+
type: "text",
|
|
2467
|
+
text
|
|
2468
|
+
}],
|
|
2469
|
+
details: { status: "failed" }
|
|
2470
|
+
};
|
|
2471
|
+
}
|
|
2472
|
+
function recordPollRetrySuggestion(sessionId, hasNewOutput) {
|
|
2473
|
+
try {
|
|
2474
|
+
return recordCommandPoll(getDiagnosticSessionState({ sessionId }), sessionId, hasNewOutput);
|
|
2475
|
+
} catch {
|
|
2476
|
+
return;
|
|
2477
|
+
}
|
|
2478
|
+
}
|
|
2479
|
+
function resetPollRetrySuggestion(sessionId) {
|
|
2480
|
+
try {
|
|
2481
|
+
resetCommandPollCount(getDiagnosticSessionState({ sessionId }), sessionId);
|
|
2482
|
+
} catch {}
|
|
2483
|
+
}
|
|
2484
|
+
function createProcessTool(defaults) {
|
|
2485
|
+
if (defaults?.cleanupMs !== void 0) setJobTtlMs(defaults.cleanupMs);
|
|
2486
|
+
const scopeKey = defaults?.scopeKey;
|
|
2487
|
+
const supervisor = getProcessSupervisor();
|
|
2488
|
+
const isInScope = (session) => !scopeKey || session?.scopeKey === scopeKey;
|
|
2489
|
+
const cancelManagedSession = (sessionId) => {
|
|
2490
|
+
const record = supervisor.getRecord(sessionId);
|
|
2491
|
+
if (!record || record.state === "exited") return false;
|
|
2492
|
+
supervisor.cancel(sessionId, "manual-cancel");
|
|
2493
|
+
return true;
|
|
2494
|
+
};
|
|
2495
|
+
const terminateSessionFallback = (session) => {
|
|
2496
|
+
const pid = session.pid ?? session.child?.pid;
|
|
2497
|
+
if (typeof pid !== "number" || !Number.isFinite(pid) || pid <= 0) return false;
|
|
2498
|
+
killProcessTree(pid);
|
|
2499
|
+
return true;
|
|
2500
|
+
};
|
|
2501
|
+
return {
|
|
2502
|
+
name: "process",
|
|
2503
|
+
label: "process",
|
|
2504
|
+
displaySummary: PROCESS_TOOL_DISPLAY_SUMMARY,
|
|
2505
|
+
description: describeProcessTool({ hasCronTool: defaults?.hasCronTool === true }),
|
|
2506
|
+
parameters: processSchema,
|
|
2507
|
+
execute: async (_toolCallId, args, _signal, _onUpdate) => {
|
|
2508
|
+
const params = args;
|
|
2509
|
+
if (params.action === "list") {
|
|
2510
|
+
const running = listRunningSessions().filter((s) => isInScope(s)).map((s) => ({
|
|
2511
|
+
sessionId: s.id,
|
|
2512
|
+
status: "running",
|
|
2513
|
+
pid: s.pid ?? void 0,
|
|
2514
|
+
startedAt: s.startedAt,
|
|
2515
|
+
runtimeMs: Date.now() - s.startedAt,
|
|
2516
|
+
cwd: s.cwd,
|
|
2517
|
+
command: s.command,
|
|
2518
|
+
name: deriveSessionName(s.command),
|
|
2519
|
+
tail: s.tail,
|
|
2520
|
+
truncated: s.truncated
|
|
2521
|
+
}));
|
|
2522
|
+
const finished = listFinishedSessions().filter((s) => isInScope(s)).map((s) => ({
|
|
2523
|
+
sessionId: s.id,
|
|
2524
|
+
status: s.status,
|
|
2525
|
+
startedAt: s.startedAt,
|
|
2526
|
+
endedAt: s.endedAt,
|
|
2527
|
+
runtimeMs: s.endedAt - s.startedAt,
|
|
2528
|
+
cwd: s.cwd,
|
|
2529
|
+
command: s.command,
|
|
2530
|
+
name: deriveSessionName(s.command),
|
|
2531
|
+
tail: s.tail,
|
|
2532
|
+
truncated: s.truncated,
|
|
2533
|
+
exitCode: s.exitCode ?? void 0,
|
|
2534
|
+
exitSignal: s.exitSignal ?? void 0
|
|
2535
|
+
}));
|
|
2536
|
+
return {
|
|
2537
|
+
content: [{
|
|
2538
|
+
type: "text",
|
|
2539
|
+
text: [...running, ...finished].toSorted((a, b) => b.startedAt - a.startedAt).map((s) => {
|
|
2540
|
+
const label = s.name ? truncateMiddle(s.name, 80) : truncateMiddle(s.command, 120);
|
|
2541
|
+
return `${s.sessionId} ${pad(s.status, 9)} ${formatDurationCompact(s.runtimeMs) ?? "n/a"} :: ${label}`;
|
|
2542
|
+
}).join("\n") || "No running or recent sessions."
|
|
2543
|
+
}],
|
|
2544
|
+
details: {
|
|
2545
|
+
status: "completed",
|
|
2546
|
+
sessions: [...running, ...finished]
|
|
2547
|
+
}
|
|
2548
|
+
};
|
|
2549
|
+
}
|
|
2550
|
+
if (!params.sessionId) return {
|
|
2551
|
+
content: [{
|
|
2552
|
+
type: "text",
|
|
2553
|
+
text: "sessionId is required for this action."
|
|
2554
|
+
}],
|
|
2555
|
+
details: { status: "failed" }
|
|
2556
|
+
};
|
|
2557
|
+
const session = getSession(params.sessionId);
|
|
2558
|
+
const finished = getFinishedSession(params.sessionId);
|
|
2559
|
+
const scopedSession = isInScope(session) ? session : void 0;
|
|
2560
|
+
const scopedFinished = isInScope(finished) ? finished : void 0;
|
|
2561
|
+
const failedResult = (text) => ({
|
|
2562
|
+
content: [{
|
|
2563
|
+
type: "text",
|
|
2564
|
+
text
|
|
2565
|
+
}],
|
|
2566
|
+
details: { status: "failed" }
|
|
2567
|
+
});
|
|
2568
|
+
const resolveBackgroundedWritableStdin = () => {
|
|
2569
|
+
if (!scopedSession) return {
|
|
2570
|
+
ok: false,
|
|
2571
|
+
result: failedResult(`No active session found for ${params.sessionId}`)
|
|
2572
|
+
};
|
|
2573
|
+
if (!scopedSession.backgrounded) return {
|
|
2574
|
+
ok: false,
|
|
2575
|
+
result: failedResult(`Session ${params.sessionId} is not backgrounded.`)
|
|
2576
|
+
};
|
|
2577
|
+
const stdin = scopedSession.stdin ?? scopedSession.child?.stdin;
|
|
2578
|
+
if (!stdin || stdin.destroyed) return {
|
|
2579
|
+
ok: false,
|
|
2580
|
+
result: failedResult(`Session ${params.sessionId} stdin is not writable.`)
|
|
2581
|
+
};
|
|
2582
|
+
return {
|
|
2583
|
+
ok: true,
|
|
2584
|
+
session: scopedSession,
|
|
2585
|
+
stdin
|
|
2586
|
+
};
|
|
2587
|
+
};
|
|
2588
|
+
const writeToStdin = async (stdin, data) => {
|
|
2589
|
+
await new Promise((resolve, reject) => {
|
|
2590
|
+
stdin.write(data, (err) => {
|
|
2591
|
+
if (err) reject(err);
|
|
2592
|
+
else resolve();
|
|
2593
|
+
});
|
|
2594
|
+
});
|
|
2595
|
+
};
|
|
2596
|
+
const runningSessionResult = (session, text) => ({
|
|
2597
|
+
content: [{
|
|
2598
|
+
type: "text",
|
|
2599
|
+
text
|
|
2600
|
+
}],
|
|
2601
|
+
details: {
|
|
2602
|
+
status: "running",
|
|
2603
|
+
sessionId: params.sessionId,
|
|
2604
|
+
name: deriveSessionName(session.command)
|
|
2605
|
+
}
|
|
2606
|
+
});
|
|
2607
|
+
switch (params.action) {
|
|
2608
|
+
case "poll": {
|
|
2609
|
+
if (!scopedSession) {
|
|
2610
|
+
if (scopedFinished) {
|
|
2611
|
+
resetPollRetrySuggestion(params.sessionId);
|
|
2612
|
+
return {
|
|
2613
|
+
content: [{
|
|
2614
|
+
type: "text",
|
|
2615
|
+
text: (scopedFinished.tail || `(no output recorded${scopedFinished.truncated ? " — truncated to cap" : ""})`) + `\n\nProcess exited with ${scopedFinished.exitSignal ? `signal ${scopedFinished.exitSignal}` : `code ${scopedFinished.exitCode ?? 0}`}.`
|
|
2616
|
+
}],
|
|
2617
|
+
details: {
|
|
2618
|
+
status: scopedFinished.status === "completed" ? "completed" : "failed",
|
|
2619
|
+
sessionId: params.sessionId,
|
|
2620
|
+
exitCode: scopedFinished.exitCode ?? void 0,
|
|
2621
|
+
aggregated: scopedFinished.aggregated,
|
|
2622
|
+
name: deriveSessionName(scopedFinished.command)
|
|
2623
|
+
}
|
|
2624
|
+
};
|
|
2625
|
+
}
|
|
2626
|
+
resetPollRetrySuggestion(params.sessionId);
|
|
2627
|
+
return failText(`No session found for ${params.sessionId}`);
|
|
2628
|
+
}
|
|
2629
|
+
if (!scopedSession.backgrounded) return failText(`Session ${params.sessionId} is not backgrounded.`);
|
|
2630
|
+
const pollWaitMs = resolvePollWaitMs(params.timeout);
|
|
2631
|
+
if (pollWaitMs > 0 && !scopedSession.exited) {
|
|
2632
|
+
const deadline = Date.now() + pollWaitMs;
|
|
2633
|
+
while (!scopedSession.exited && Date.now() < deadline) await new Promise((resolve) => setTimeout(resolve, Math.max(0, Math.min(250, deadline - Date.now()))));
|
|
2634
|
+
}
|
|
2635
|
+
const { stdout, stderr } = drainSession(scopedSession);
|
|
2636
|
+
const exited = scopedSession.exited;
|
|
2637
|
+
const exitCode = scopedSession.exitCode ?? 0;
|
|
2638
|
+
const exitSignal = scopedSession.exitSignal ?? void 0;
|
|
2639
|
+
if (exited) {
|
|
2640
|
+
const status = exitCode === 0 && exitSignal == null ? "completed" : "failed";
|
|
2641
|
+
markExited(scopedSession, scopedSession.exitCode ?? null, scopedSession.exitSignal ?? null, status);
|
|
2642
|
+
}
|
|
2643
|
+
const status = exited ? exitCode === 0 && exitSignal == null ? "completed" : "failed" : "running";
|
|
2644
|
+
const output = [stdout.trimEnd(), stderr.trimEnd()].filter(Boolean).join("\n").trim();
|
|
2645
|
+
const hasNewOutput = output.length > 0;
|
|
2646
|
+
const retryInMs = exited ? void 0 : recordPollRetrySuggestion(params.sessionId, hasNewOutput);
|
|
2647
|
+
if (exited) resetPollRetrySuggestion(params.sessionId);
|
|
2648
|
+
return {
|
|
2649
|
+
content: [{
|
|
2650
|
+
type: "text",
|
|
2651
|
+
text: (output || "(no new output)") + (exited ? `\n\nProcess exited with ${exitSignal ? `signal ${exitSignal}` : `code ${exitCode}`}.` : "\n\nProcess still running.")
|
|
2652
|
+
}],
|
|
2653
|
+
details: {
|
|
2654
|
+
status,
|
|
2655
|
+
sessionId: params.sessionId,
|
|
2656
|
+
exitCode: exited ? exitCode : void 0,
|
|
2657
|
+
aggregated: scopedSession.aggregated,
|
|
2658
|
+
name: deriveSessionName(scopedSession.command),
|
|
2659
|
+
...typeof retryInMs === "number" ? { retryInMs } : {}
|
|
2660
|
+
}
|
|
2661
|
+
};
|
|
2662
|
+
}
|
|
2663
|
+
case "log":
|
|
2664
|
+
if (scopedSession) {
|
|
2665
|
+
if (!scopedSession.backgrounded) return {
|
|
2666
|
+
content: [{
|
|
2667
|
+
type: "text",
|
|
2668
|
+
text: `Session ${params.sessionId} is not backgrounded.`
|
|
2669
|
+
}],
|
|
2670
|
+
details: { status: "failed" }
|
|
2671
|
+
};
|
|
2672
|
+
const window = resolveLogSliceWindow(params.offset, params.limit);
|
|
2673
|
+
const { slice, totalLines, totalChars } = sliceLogLines(scopedSession.aggregated, window.effectiveOffset, window.effectiveLimit);
|
|
2674
|
+
const logDefaultTailNote = defaultTailNote(totalLines, window.usingDefaultTail);
|
|
2675
|
+
return {
|
|
2676
|
+
content: [{
|
|
2677
|
+
type: "text",
|
|
2678
|
+
text: (slice || "(no output yet)") + logDefaultTailNote
|
|
2679
|
+
}],
|
|
2680
|
+
details: {
|
|
2681
|
+
status: scopedSession.exited ? "completed" : "running",
|
|
2682
|
+
sessionId: params.sessionId,
|
|
2683
|
+
total: totalLines,
|
|
2684
|
+
totalLines,
|
|
2685
|
+
totalChars,
|
|
2686
|
+
truncated: scopedSession.truncated,
|
|
2687
|
+
name: deriveSessionName(scopedSession.command)
|
|
2688
|
+
}
|
|
2689
|
+
};
|
|
2690
|
+
}
|
|
2691
|
+
if (scopedFinished) {
|
|
2692
|
+
const window = resolveLogSliceWindow(params.offset, params.limit);
|
|
2693
|
+
const { slice, totalLines, totalChars } = sliceLogLines(scopedFinished.aggregated, window.effectiveOffset, window.effectiveLimit);
|
|
2694
|
+
const status = scopedFinished.status === "completed" ? "completed" : "failed";
|
|
2695
|
+
const logDefaultTailNote = defaultTailNote(totalLines, window.usingDefaultTail);
|
|
2696
|
+
return {
|
|
2697
|
+
content: [{
|
|
2698
|
+
type: "text",
|
|
2699
|
+
text: (slice || "(no output recorded)") + logDefaultTailNote
|
|
2700
|
+
}],
|
|
2701
|
+
details: {
|
|
2702
|
+
status,
|
|
2703
|
+
sessionId: params.sessionId,
|
|
2704
|
+
total: totalLines,
|
|
2705
|
+
totalLines,
|
|
2706
|
+
totalChars,
|
|
2707
|
+
truncated: scopedFinished.truncated,
|
|
2708
|
+
exitCode: scopedFinished.exitCode ?? void 0,
|
|
2709
|
+
exitSignal: scopedFinished.exitSignal ?? void 0,
|
|
2710
|
+
name: deriveSessionName(scopedFinished.command)
|
|
2711
|
+
}
|
|
2712
|
+
};
|
|
2713
|
+
}
|
|
2714
|
+
return {
|
|
2715
|
+
content: [{
|
|
2716
|
+
type: "text",
|
|
2717
|
+
text: `No session found for ${params.sessionId}`
|
|
2718
|
+
}],
|
|
2719
|
+
details: { status: "failed" }
|
|
2720
|
+
};
|
|
2721
|
+
case "write": {
|
|
2722
|
+
const resolved = resolveBackgroundedWritableStdin();
|
|
2723
|
+
if (!resolved.ok) return resolved.result;
|
|
2724
|
+
await writeToStdin(resolved.stdin, params.data ?? "");
|
|
2725
|
+
if (params.eof) resolved.stdin.end();
|
|
2726
|
+
return runningSessionResult(resolved.session, `Wrote ${(params.data ?? "").length} bytes to session ${params.sessionId}${params.eof ? " (stdin closed)" : ""}.`);
|
|
2727
|
+
}
|
|
2728
|
+
case "send-keys": {
|
|
2729
|
+
const resolved = resolveBackgroundedWritableStdin();
|
|
2730
|
+
if (!resolved.ok) return resolved.result;
|
|
2731
|
+
return await handleProcessSendKeys({
|
|
2732
|
+
sessionId: params.sessionId,
|
|
2733
|
+
session: resolved.session,
|
|
2734
|
+
stdin: resolved.stdin,
|
|
2735
|
+
keys: params.keys,
|
|
2736
|
+
hex: params.hex,
|
|
2737
|
+
literal: params.literal
|
|
2738
|
+
});
|
|
2739
|
+
}
|
|
2740
|
+
case "submit": {
|
|
2741
|
+
const resolved = resolveBackgroundedWritableStdin();
|
|
2742
|
+
if (!resolved.ok) return resolved.result;
|
|
2743
|
+
await writeToStdin(resolved.stdin, "\r");
|
|
2744
|
+
return runningSessionResult(resolved.session, `Submitted session ${params.sessionId} (sent CR).`);
|
|
2745
|
+
}
|
|
2746
|
+
case "paste": {
|
|
2747
|
+
const resolved = resolveBackgroundedWritableStdin();
|
|
2748
|
+
if (!resolved.ok) return resolved.result;
|
|
2749
|
+
const payload = encodePaste(params.text ?? "", params.bracketed !== false);
|
|
2750
|
+
if (!payload) return {
|
|
2751
|
+
content: [{
|
|
2752
|
+
type: "text",
|
|
2753
|
+
text: "No paste text provided."
|
|
2754
|
+
}],
|
|
2755
|
+
details: { status: "failed" }
|
|
2756
|
+
};
|
|
2757
|
+
await writeToStdin(resolved.stdin, payload);
|
|
2758
|
+
return runningSessionResult(resolved.session, `Pasted ${params.text?.length ?? 0} chars to session ${params.sessionId}.`);
|
|
2759
|
+
}
|
|
2760
|
+
case "kill": {
|
|
2761
|
+
if (!scopedSession) return failText(`No active session found for ${params.sessionId}`);
|
|
2762
|
+
if (!scopedSession.backgrounded) return failText(`Session ${params.sessionId} is not backgrounded.`);
|
|
2763
|
+
const canceled = cancelManagedSession(scopedSession.id);
|
|
2764
|
+
if (!canceled) {
|
|
2765
|
+
if (!terminateSessionFallback(scopedSession)) return failText(`Unable to terminate session ${params.sessionId}: no active supervisor run or process id.`);
|
|
2766
|
+
markExited(scopedSession, null, "SIGKILL", "failed");
|
|
2767
|
+
}
|
|
2768
|
+
resetPollRetrySuggestion(params.sessionId);
|
|
2769
|
+
return {
|
|
2770
|
+
content: [{
|
|
2771
|
+
type: "text",
|
|
2772
|
+
text: canceled ? `Termination requested for session ${params.sessionId}.` : `Killed session ${params.sessionId}.`
|
|
2773
|
+
}],
|
|
2774
|
+
details: {
|
|
2775
|
+
status: "failed",
|
|
2776
|
+
name: scopedSession ? deriveSessionName(scopedSession.command) : void 0
|
|
2777
|
+
}
|
|
2778
|
+
};
|
|
2779
|
+
}
|
|
2780
|
+
case "clear":
|
|
2781
|
+
if (scopedFinished) {
|
|
2782
|
+
resetPollRetrySuggestion(params.sessionId);
|
|
2783
|
+
deleteSession(params.sessionId);
|
|
2784
|
+
return {
|
|
2785
|
+
content: [{
|
|
2786
|
+
type: "text",
|
|
2787
|
+
text: `Cleared session ${params.sessionId}.`
|
|
2788
|
+
}],
|
|
2789
|
+
details: { status: "completed" }
|
|
2790
|
+
};
|
|
2791
|
+
}
|
|
2792
|
+
return {
|
|
2793
|
+
content: [{
|
|
2794
|
+
type: "text",
|
|
2795
|
+
text: `No finished session found for ${params.sessionId}`
|
|
2796
|
+
}],
|
|
2797
|
+
details: { status: "failed" }
|
|
2798
|
+
};
|
|
2799
|
+
case "remove":
|
|
2800
|
+
if (scopedSession) {
|
|
2801
|
+
const canceled = cancelManagedSession(scopedSession.id);
|
|
2802
|
+
if (canceled) {
|
|
2803
|
+
scopedSession.backgrounded = false;
|
|
2804
|
+
deleteSession(params.sessionId);
|
|
2805
|
+
} else {
|
|
2806
|
+
if (!terminateSessionFallback(scopedSession)) return failText(`Unable to remove session ${params.sessionId}: no active supervisor run or process id.`);
|
|
2807
|
+
markExited(scopedSession, null, "SIGKILL", "failed");
|
|
2808
|
+
deleteSession(params.sessionId);
|
|
2809
|
+
}
|
|
2810
|
+
resetPollRetrySuggestion(params.sessionId);
|
|
2811
|
+
return {
|
|
2812
|
+
content: [{
|
|
2813
|
+
type: "text",
|
|
2814
|
+
text: canceled ? `Removed session ${params.sessionId} (termination requested).` : `Removed session ${params.sessionId}.`
|
|
2815
|
+
}],
|
|
2816
|
+
details: {
|
|
2817
|
+
status: "failed",
|
|
2818
|
+
name: scopedSession ? deriveSessionName(scopedSession.command) : void 0
|
|
2819
|
+
}
|
|
2820
|
+
};
|
|
2821
|
+
}
|
|
2822
|
+
if (scopedFinished) {
|
|
2823
|
+
resetPollRetrySuggestion(params.sessionId);
|
|
2824
|
+
deleteSession(params.sessionId);
|
|
2825
|
+
return {
|
|
2826
|
+
content: [{
|
|
2827
|
+
type: "text",
|
|
2828
|
+
text: `Removed session ${params.sessionId}.`
|
|
2829
|
+
}],
|
|
2830
|
+
details: { status: "completed" }
|
|
2831
|
+
};
|
|
2832
|
+
}
|
|
2833
|
+
return {
|
|
2834
|
+
content: [{
|
|
2835
|
+
type: "text",
|
|
2836
|
+
text: `No session found for ${params.sessionId}`
|
|
2837
|
+
}],
|
|
2838
|
+
details: { status: "failed" }
|
|
2839
|
+
};
|
|
2840
|
+
}
|
|
2841
|
+
return {
|
|
2842
|
+
content: [{
|
|
2843
|
+
type: "text",
|
|
2844
|
+
text: `Unknown action ${params.action}`
|
|
2845
|
+
}],
|
|
2846
|
+
details: { status: "failed" }
|
|
2847
|
+
};
|
|
2848
|
+
}
|
|
2849
|
+
};
|
|
2850
|
+
}
|
|
2851
|
+
const processTool = createProcessTool();
|
|
2852
|
+
//#endregion
|
|
2853
|
+
export { execTool as i, processTool as n, createExecTool as r, createProcessTool as t };
|