npm - @polos/sdk - Versions diffs - 0.2.0 → 0.2.1 - Mend

@polos/sdk 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.cts CHANGED Viewed

@@ -4787,9 +4787,9 @@ declare function stripAnsi(text: string): string;
 declare function createExecTool(getEnv: () => Promise<ExecutionEnvironment>, config?: ExecToolConfig): ToolWorkflow;
 /**
- * Path-based approval for read-only sandbox tools.
+ * Path-based approval for sandbox tools.
  *
- * When pathRestriction is set, read-only tools (read, glob, grep) allow
+ * When pathRestriction is set, tools (read, write, edit, glob, grep) allow
  * operations within the restricted path without approval. Operations
  * outside the restriction suspend for user approval.
  */
@@ -4816,21 +4816,43 @@ declare function createReadTool(getEnv: () => Promise<ExecutionEnvironment>, pat
 /**
  * Write tool — create or overwrite files in the execution environment.
+ *
+ * When pathRestriction is set, writes within the restriction proceed
+ * without approval. Writes outside the restriction suspend for user approval.
+ * Set approval to 'always' to require approval for every write, or 'none'
+ * to skip approval entirely (overrides path restriction).
  */
+interface WriteToolConfig {
+    /** Explicit approval override. 'always' = approve every write, 'none' = never approve. */
+    approval?: ToolApproval;
+    /** Path restriction config — writes inside are allowed, outside require approval. */
+    pathConfig?: PathRestrictionConfig;
+}
 /**
  * Create the write tool for writing file contents.
  */
-declare function createWriteTool(getEnv: () => Promise<ExecutionEnvironment>, approval?: ToolApproval): ToolWorkflow;
+declare function createWriteTool(getEnv: () => Promise<ExecutionEnvironment>, config?: WriteToolConfig): ToolWorkflow;
 /**
  * Edit tool — find-and-replace text in files in the execution environment.
+ *
+ * When pathRestriction is set, edits within the restriction proceed
+ * without approval. Edits outside the restriction suspend for user approval.
+ * Set approval to 'always' to require approval for every edit, or 'none'
+ * to skip approval entirely (overrides path restriction).
  */
+interface EditToolConfig {
+    /** Explicit approval override. 'always' = approve every edit, 'none' = never approve. */
+    approval?: ToolApproval;
+    /** Path restriction config — edits inside are allowed, outside require approval. */
+    pathConfig?: PathRestrictionConfig;
+}
 /**
  * Create the edit tool for find-and-replace in files.
  */
-declare function createEditTool(getEnv: () => Promise<ExecutionEnvironment>, approval?: ToolApproval): ToolWorkflow;
+declare function createEditTool(getEnv: () => Promise<ExecutionEnvironment>, config?: EditToolConfig): ToolWorkflow;
 /**
  * Glob tool — find files by pattern in the execution environment.

package/dist/index.d.ts CHANGED Viewed

@@ -4787,9 +4787,9 @@ declare function stripAnsi(text: string): string;
 declare function createExecTool(getEnv: () => Promise<ExecutionEnvironment>, config?: ExecToolConfig): ToolWorkflow;
 /**
- * Path-based approval for read-only sandbox tools.
+ * Path-based approval for sandbox tools.
  *
- * When pathRestriction is set, read-only tools (read, glob, grep) allow
+ * When pathRestriction is set, tools (read, write, edit, glob, grep) allow
  * operations within the restricted path without approval. Operations
  * outside the restriction suspend for user approval.
  */
@@ -4816,21 +4816,43 @@ declare function createReadTool(getEnv: () => Promise<ExecutionEnvironment>, pat
 /**
  * Write tool — create or overwrite files in the execution environment.
+ *
+ * When pathRestriction is set, writes within the restriction proceed
+ * without approval. Writes outside the restriction suspend for user approval.
+ * Set approval to 'always' to require approval for every write, or 'none'
+ * to skip approval entirely (overrides path restriction).
  */
+interface WriteToolConfig {
+    /** Explicit approval override. 'always' = approve every write, 'none' = never approve. */
+    approval?: ToolApproval;
+    /** Path restriction config — writes inside are allowed, outside require approval. */
+    pathConfig?: PathRestrictionConfig;
+}
 /**
  * Create the write tool for writing file contents.
  */
-declare function createWriteTool(getEnv: () => Promise<ExecutionEnvironment>, approval?: ToolApproval): ToolWorkflow;
+declare function createWriteTool(getEnv: () => Promise<ExecutionEnvironment>, config?: WriteToolConfig): ToolWorkflow;
 /**
  * Edit tool — find-and-replace text in files in the execution environment.
+ *
+ * When pathRestriction is set, edits within the restriction proceed
+ * without approval. Edits outside the restriction suspend for user approval.
+ * Set approval to 'always' to require approval for every edit, or 'none'
+ * to skip approval entirely (overrides path restriction).
  */
+interface EditToolConfig {
+    /** Explicit approval override. 'always' = approve every edit, 'none' = never approve. */
+    approval?: ToolApproval;
+    /** Path restriction config — edits inside are allowed, outside require approval. */
+    pathConfig?: PathRestrictionConfig;
+}
 /**
  * Create the edit tool for find-and-replace in files.
  */
-declare function createEditTool(getEnv: () => Promise<ExecutionEnvironment>, approval?: ToolApproval): ToolWorkflow;
+declare function createEditTool(getEnv: () => Promise<ExecutionEnvironment>, config?: EditToolConfig): ToolWorkflow;
 /**
  * Glob tool — find files by pattern in the execution environment.

package/dist/index.js CHANGED Viewed

@@ -292,7 +292,7 @@ var OrchestratorClient = class {
         }
         if (attempt < retries) {
           const delay = Math.min(1e3 * Math.pow(2, attempt), 16e3);
-          await new Promise((resolve8) => setTimeout(resolve8, delay));
+          await new Promise((resolve10) => setTimeout(resolve10, delay));
         }
       }
     }
@@ -744,7 +744,7 @@ var OrchestratorClient = class {
       if (execution.status === "completed" || execution.status === "failed" || execution.status === "cancelled") {
         return execution;
       }
-      await new Promise((resolve8) => setTimeout(resolve8, pollInterval));
+      await new Promise((resolve10) => setTimeout(resolve10, pollInterval));
     }
     throw new Error(`Execution ${executionId} timed out after ${String(timeout)}ms`);
   }
@@ -1670,7 +1670,7 @@ function calculateDelay(attempt, options) {
   return Math.round(delay);
 }
 function sleep(ms) {
-  return new Promise((resolve8) => setTimeout(resolve8, ms));
+  return new Promise((resolve10) => setTimeout(resolve10, ms));
 }
 async function retry(fn, options = {}) {
   const opts = { ...DEFAULT_OPTIONS, ...options };
@@ -1856,7 +1856,7 @@ function createStepHelper(options) {
       if (options2.days) totalSeconds += options2.days * 86400;
       if (options2.weeks) totalSeconds += options2.weeks * 604800;
       const totalMs = totalSeconds * 1e3;
-      await new Promise((resolve8) => setTimeout(resolve8, totalMs));
+      await new Promise((resolve10) => setTimeout(resolve10, totalMs));
       store.set(key, { wait_until: new Date(Date.now() + totalMs).toISOString() });
     },
     async waitUntil(key, date) {
@@ -1864,7 +1864,7 @@ function createStepHelper(options) {
       if (cached) return;
       const now = Date.now();
       const waitMs = Math.max(0, date.getTime() - now);
-      await new Promise((resolve8) => setTimeout(resolve8, waitMs));
+      await new Promise((resolve10) => setTimeout(resolve10, waitMs));
       store.set(key, { wait_until: date.toISOString() });
     },
     // eslint-disable-next-line @typescript-eslint/require-await -- stub implementation
@@ -4504,7 +4504,7 @@ function createOrchestratorStepHelper(orchestratorClient, cachedSteps, execCtx,
       });
       const waitThreshold = Number(process.env["POLOS_WAIT_THRESHOLD_SECONDS"] ?? "10");
       if (totalSeconds <= waitThreshold) {
-        await new Promise((resolve8) => setTimeout(resolve8, totalSeconds * 1e3));
+        await new Promise((resolve10) => setTimeout(resolve10, totalSeconds * 1e3));
         await saveStepOutput(key, { wait_until: waitUntil.toISOString() });
         return;
       }
@@ -4540,7 +4540,7 @@ function createOrchestratorStepHelper(orchestratorClient, cachedSteps, execCtx,
       });
       const waitThreshold = Number(process.env["POLOS_WAIT_THRESHOLD_SECONDS"] ?? "10");
       if (waitSeconds <= waitThreshold) {
-        await new Promise((resolve8) => setTimeout(resolve8, waitSeconds * 1e3));
+        await new Promise((resolve10) => setTimeout(resolve10, waitSeconds * 1e3));
         await saveStepOutput(key, { wait_until: date.toISOString() });
         return;
       }
@@ -5293,7 +5293,7 @@ var DEFAULT_CONTAINER_WORKDIR = "/workspace";
 var DEFAULT_TIMEOUT_SECONDS = 300;
 var DEFAULT_MAX_OUTPUT_CHARS = 1e5;
 function spawnCommand(command, args, options) {
-  return new Promise((resolve8, reject) => {
+  return new Promise((resolve10, reject) => {
     let settled = false;
     const settle = (fn) => {
       if (!settled) {
@@ -5326,13 +5326,13 @@ function spawnCommand(command, args, options) {
       clearTimeout(timer);
       settle(() => {
         if (killed) {
-          resolve8({
+          resolve10({
             exitCode: 137,
             stdout,
             stderr: stderr + "\n[Process killed: timeout exceeded]"
           });
         } else {
-          resolve8({ exitCode: code ?? 1, stdout, stderr });
+          resolve10({ exitCode: code ?? 1, stdout, stderr });
         }
       });
     });
@@ -5549,7 +5549,7 @@ var DockerEnvironment = class {
 var DEFAULT_TIMEOUT_SECONDS2 = 300;
 var DEFAULT_MAX_OUTPUT_CHARS2 = 1e5;
 function spawnLocal(command, options) {
-  return new Promise((resolve8, reject) => {
+  return new Promise((resolve10, reject) => {
     let settled = false;
     const settle = (fn) => {
       if (!settled) {
@@ -5586,13 +5586,13 @@ function spawnLocal(command, options) {
       clearTimeout(timer);
       settle(() => {
         if (killed) {
-          resolve8({
+          resolve10({
             exitCode: 137,
             stdout,
             stderr: stderr + "\n[Process killed: timeout exceeded]"
           });
         } else {
-          resolve8({ exitCode: code ?? 1, stdout, stderr });
+          resolve10({ exitCode: code ?? 1, stdout, stderr });
         }
       });
     });
@@ -6000,8 +6000,8 @@ var SandboxManager = class {
       }
       let resolveLock;
       let rejectLock;
-      const lockPromise = new Promise((resolve8, reject) => {
-        resolveLock = resolve8;
+      const lockPromise = new Promise((resolve10, reject) => {
+        resolveLock = resolve10;
         rejectLock = reject;
       });
       this.sessionCreationLocks.set(ctx.sessionId, lockPromise);
@@ -6193,7 +6193,7 @@ var SandboxManager = class {
   }
 };
 function spawnSimple(command, args) {
-  return new Promise((resolve8, reject) => {
+  return new Promise((resolve10, reject) => {
     const proc = spawn(command, args, { stdio: ["pipe", "pipe", "pipe"] });
     let stdout = "";
     let stderr = "";
@@ -6204,7 +6204,7 @@ function spawnSimple(command, args) {
       stderr += data.toString();
     });
     proc.on("close", (code) => {
-      resolve8({ exitCode: code ?? 1, stdout, stderr });
+      resolve10({ exitCode: code ?? 1, stdout, stderr });
     });
     proc.on("error", reject);
   });
@@ -6339,10 +6339,10 @@ var Worker = class {
     process.on("SIGINT", signalHandler);
     process.on("SIGTERM", signalHandler);
     this.signalHandler = signalHandler;
-    await new Promise((resolve8) => {
+    await new Promise((resolve10) => {
       const checkState = () => {
         if (this.state === "stopping" || this.state === "stopped") {
-          resolve8();
+          resolve10();
         } else {
           setTimeout(checkState, 100);
         }
@@ -6376,7 +6376,7 @@ var Worker = class {
     const waitTimeout = 3e4;
     const waitStart = Date.now();
     while (this.activeExecutions.size > 0 && Date.now() - waitStart < waitTimeout) {
-      await new Promise((resolve8) => setTimeout(resolve8, 100));
+      await new Promise((resolve10) => setTimeout(resolve10, 100));
     }
     if (this.activeExecutions.size > 0) {
       logger9.warn(`${String(this.activeExecutions.size)} executions did not complete in time`);
@@ -7481,7 +7481,7 @@ function createReadTool(getEnv, pathConfig) {
     }
   );
 }
-function createWriteTool(getEnv, approval) {
+function createWriteTool(getEnv, config) {
   return defineTool(
     {
       id: "write",
@@ -7490,16 +7490,23 @@ function createWriteTool(getEnv, approval) {
         path: z.string().describe("Path to the file to write"),
         content: z.string().describe("Content to write to the file")
       }),
-      approval
+      // Only use blanket approval if explicitly set to 'always'
+      approval: config?.approval === "always" ? "always" : void 0
     },
-    async (_ctx, input) => {
+    async (ctx, input) => {
       const env = await getEnv();
+      if (!config?.approval && config?.pathConfig?.pathRestriction) {
+        const resolved = resolve(env.getCwd(), input.path);
+        if (!isPathAllowed(resolved, config.pathConfig.pathRestriction)) {
+          await requirePathApproval(ctx, "write", resolved, config.pathConfig.pathRestriction);
+        }
+      }
       await env.writeFile(input.path, input.content);
       return { success: true, path: input.path };
     }
   );
 }
-function createEditTool(getEnv, approval) {
+function createEditTool(getEnv, config) {
   return defineTool(
     {
       id: "edit",
@@ -7509,10 +7516,17 @@ function createEditTool(getEnv, approval) {
         old_text: z.string().describe("Exact text to find and replace"),
         new_text: z.string().describe("Text to replace the old_text with")
       }),
-      approval
+      // Only use blanket approval if explicitly set to 'always'
+      approval: config?.approval === "always" ? "always" : void 0
     },
-    async (_ctx, input) => {
+    async (ctx, input) => {
       const env = await getEnv();
+      if (!config?.approval && config?.pathConfig?.pathRestriction) {
+        const resolved = resolve(env.getCwd(), input.path);
+        if (!isPathAllowed(resolved, config.pathConfig.pathRestriction)) {
+          await requirePathApproval(ctx, "edit", resolved, config.pathConfig.pathRestriction);
+        }
+      }
       const content = await env.readFile(input.path);
       if (!content.includes(input.old_text)) {
         throw new Error(
@@ -7617,16 +7631,17 @@ function sandboxTools(config) {
     throw new Error("E2B environment is not yet implemented.");
   }
   const effectiveExecConfig = envType === "local" && !config?.exec?.security ? { ...config?.exec, security: "approval-always" } : config?.exec;
-  const fileApproval = config?.fileApproval ?? (envType === "local" ? "always" : void 0);
   const pathConfig = config?.local?.pathRestriction ? { pathRestriction: config.local.pathRestriction } : void 0;
+  const fileApproval = config?.fileApproval;
+  const writeEditConfig = fileApproval ? { approval: fileApproval } : pathConfig ? { pathConfig } : void 0;
   const include = new Set(
     config?.tools ?? ["exec", "read", "write", "edit", "glob", "grep"]
   );
   const tools = [];
   if (include.has("exec")) tools.push(createExecTool(getEnv, effectiveExecConfig));
   if (include.has("read")) tools.push(createReadTool(getEnv, pathConfig));
-  if (include.has("write")) tools.push(createWriteTool(getEnv, fileApproval));
-  if (include.has("edit")) tools.push(createEditTool(getEnv, fileApproval));
+  if (include.has("write")) tools.push(createWriteTool(getEnv, writeEditConfig));
+  if (include.has("edit")) tools.push(createEditTool(getEnv, writeEditConfig));
   if (include.has("glob")) tools.push(createGlobTool(getEnv, pathConfig));
   if (include.has("grep")) tools.push(createGrepTool(getEnv, pathConfig));
   return tools;