npm - @poolzin/pool-bot - Versions diffs - 2026.2.11 → 2026.2.18 - Mend

@poolzin/pool-bot 2026.2.11 → 2026.2.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (535) hide show

package/CHANGELOG.md +34 -0
package/dist/agents/agent-scope.js +4 -0
package/dist/agents/announce-idempotency.js +14 -0
package/dist/agents/auth-profiles/usage.js +22 -0
package/dist/agents/auth-profiles.js +1 -1
package/dist/agents/auth-profiles.resolve-auth-profile-order.fixtures.js +23 -0
package/dist/agents/bash-tools.exec-runtime.js +438 -0
package/dist/agents/bash-tools.shared.js +6 -0
package/dist/agents/cli-runner/reliability.js +61 -0
package/dist/agents/cli-watchdog-defaults.js +11 -0
package/dist/agents/command-poll-backoff.js +63 -0
package/dist/agents/current-time.js +16 -0
package/dist/agents/glob-pattern.js +42 -0
package/dist/agents/memory-search.js +33 -0
package/dist/agents/model-alias-lines.js +18 -0
package/dist/agents/model-auth-label.js +61 -0
package/dist/agents/model-fallback.js +59 -8
package/dist/agents/models-config.e2e-harness.js +115 -0
package/dist/agents/ollama-stream.js +11 -3
package/dist/agents/openclaw-tools.js +135 -0
package/dist/agents/pi-auth-json.js +118 -0
package/dist/agents/pi-embedded-runner/run.overflow-compaction.mocks.shared.js +147 -0
package/dist/agents/pi-embedded-subscribe.e2e-harness.js +90 -0
package/dist/agents/pi-embedded-subscribe.handlers.compaction.js +63 -0
package/dist/agents/pi-embedded-subscribe.handlers.tools.media.test-helpers.js +30 -0
package/dist/agents/pi-extensions/session-manager-runtime-registry.js +23 -0
package/dist/agents/pi-tools.before-tool-call.js +145 -4
package/dist/agents/pi-tools.js +29 -9
package/dist/agents/pi-tools.policy.js +85 -92
package/dist/agents/pi-tools.schema.js +54 -27
package/dist/agents/queued-file-writer.js +22 -0
package/dist/agents/sandbox/docker.js +133 -40
package/dist/agents/sandbox/fs-bridge.js +146 -0
package/dist/agents/sandbox/fs-paths.js +205 -0
package/dist/agents/sandbox/hash.js +4 -0
package/dist/agents/sandbox/validate-sandbox-security.js +157 -0
package/dist/agents/sandbox-paths.js +3 -0
package/dist/agents/sandbox-tool-policy.js +26 -0
package/dist/agents/sanitize-for-prompt.js +18 -0
package/dist/agents/session-dirs.js +20 -0
package/dist/agents/session-write-lock.js +203 -39
package/dist/agents/skills/filter.js +24 -0
package/dist/agents/skills/tools-dir.js +9 -0
package/dist/agents/skills-install-download.js +290 -0
package/dist/agents/skills-install-output.js +30 -0
package/dist/agents/skills-install.download-test-utils.js +36 -0
package/dist/agents/skills.e2e-test-helpers.js +13 -0
package/dist/agents/subagent-announce-queue.js +59 -15
package/dist/agents/subagent-depth.js +137 -0
package/dist/agents/subagent-registry.js +448 -96
package/dist/agents/subagent-spawn.js +262 -0
package/dist/agents/system-prompt.js +52 -10
package/dist/agents/test-helpers/fast-tool-stubs.js +18 -0
package/dist/agents/test-helpers/host-sandbox-fs-bridge.js +74 -0
package/dist/agents/tool-display-common.js +782 -0
package/dist/agents/tool-loop-detection.js +466 -0
package/dist/agents/tool-policy.js +6 -0
package/dist/agents/tools/image-tool.js +1 -1
package/dist/agents/tools/sessions-access.js +178 -0
package/dist/agents/tools/sessions-resolution.js +206 -0
package/dist/agents/tools/subagents-tool.js +616 -0
package/dist/agents/workspace-dir.js +18 -0
package/dist/agents/workspace-dirs.js +14 -0
package/dist/agents/workspace.js +70 -0
package/dist/auto-reply/heartbeat-reply-payload.js +18 -0
package/dist/auto-reply/reply/commands-export-session.js +163 -0
package/dist/auto-reply/reply/commands-mesh.js +245 -0
package/dist/auto-reply/reply/commands-setunset.js +28 -0
package/dist/auto-reply/reply/commands-slash-parse.js +31 -0
package/dist/auto-reply/reply/commands-system-prompt.js +117 -0
package/dist/auto-reply/reply/directive-handling.levels.js +17 -0
package/dist/auto-reply/reply/directive-handling.params.js +1 -0
package/dist/auto-reply/reply/directive-parsing.js +36 -0
package/dist/auto-reply/reply/dispatcher-registry.js +43 -0
package/dist/auto-reply/reply/elevated-unavailable.js +20 -0
package/dist/auto-reply/reply/post-compaction-audit.js +96 -0
package/dist/auto-reply/reply/post-compaction-context.js +98 -0
package/dist/auto-reply/reply/reply-delivery.js +92 -0
package/dist/auto-reply/reply/session-reset-prompt.js +1 -0
package/dist/auto-reply/reply/session-run-accounting.js +33 -0
package/dist/auto-reply/reply.directive.directive-behavior.e2e-harness.js +115 -0
package/dist/auto-reply/reply.directive.directive-behavior.e2e-mocks.js +12 -0
package/dist/browser/bridge-auth-registry.js +26 -0
package/dist/browser/client-actions-url.js +10 -0
package/dist/browser/control-auth.js +73 -0
package/dist/browser/csrf.js +64 -0
package/dist/browser/http-auth.js +52 -0
package/dist/browser/paths.js +37 -0
package/dist/browser/proxy-files.js +32 -0
package/dist/browser/pw-ai-state.js +7 -0
package/dist/browser/resolved-config-refresh.js +42 -0
package/dist/browser/routes/path-output.js +1 -0
package/dist/browser/server-context.chrome-test-harness.js +20 -0
package/dist/browser/server-middleware.js +31 -0
package/dist/browser/test-port.js +16 -0
package/dist/build-info.json +3 -3
package/dist/canvas-host/file-resolver.js +43 -0
package/dist/channels/account-summary.js +19 -0
package/dist/channels/draft-stream-loop.js +77 -0
package/dist/channels/plugins/account-helpers.js +26 -0
package/dist/channels/telegram/allow-from.js +10 -0
package/dist/cli/browser-cli-resize.js +22 -0
package/dist/cli/browser-cli-shared.js +8 -0
package/dist/cli/clawbot-cli.js +5 -0
package/dist/cli/completion-cli.js +566 -0
package/dist/cli/config-cli.js +63 -5
package/dist/cli/daemon-cli/lifecycle-core.js +256 -0
package/dist/cli/daemon-cli/register-service-commands.js +60 -0
package/dist/cli/daemon-cli-compat.js +80 -0
package/dist/cli/nodes-cli/pairing-render.js +26 -0
package/dist/cli/program/action-reparse.js +17 -0
package/dist/cli/program/command-registry.js +17 -0
package/dist/cli/program/program-context.js +8 -0
package/dist/cli/program/register.subclis.js +7 -0
package/dist/cli/program/routes.js +233 -0
package/dist/cli/qr-cli.js +132 -0
package/dist/cli/requirements-test-fixtures.js +17 -0
package/dist/cli/respawn-policy.js +4 -0
package/dist/cli/shared/parse-port.js +18 -0
package/dist/cli/skills-cli.format.js +241 -0
package/dist/cli/update-cli/progress.js +121 -0
package/dist/cli/update-cli/restart-helper.js +108 -0
package/dist/cli/update-cli/shared.js +196 -0
package/dist/cli/update-cli/status.js +97 -0
package/dist/cli/update-cli/suppress-deprecations.js +17 -0
package/dist/cli/update-cli/update-command.js +506 -0
package/dist/cli/update-cli/wizard.js +130 -0
package/dist/cli/update-cli.js +3 -9
package/dist/cli/windows-argv.js +69 -0
package/dist/commands/auth-choice-legacy.js +20 -0
package/dist/commands/auth-choice.apply-helpers.js +8 -0
package/dist/commands/channel-test-helpers.js +19 -0
package/dist/commands/cleanup-plan.js +10 -0
package/dist/commands/cleanup-utils.js +7 -0
package/dist/commands/config-validation.js +15 -0
package/dist/commands/doctor-completion.js +112 -0
package/dist/commands/doctor-memory-search.js +119 -0
package/dist/commands/doctor-session-locks.js +73 -0
package/dist/commands/doctor.e2e-harness.js +364 -0
package/dist/commands/gateway-presence.js +19 -0
package/dist/commands/model-default.js +35 -0
package/dist/commands/models/fallbacks-shared.js +102 -0
package/dist/commands/models/shared.js +24 -0
package/dist/commands/onboard-auth.config-gateways.js +64 -0
package/dist/commands/onboard-auth.config-litellm.js +45 -0
package/dist/commands/onboard-auth.config-shared.js +116 -0
package/dist/commands/onboard-config.js +16 -0
package/dist/commands/onboard-non-interactive.test-helpers.js +31 -0
package/dist/commands/onboard-provider-auth-flags.js +136 -0
package/dist/commands/openai-codex-oauth.js +40 -0
package/dist/commands/test-runtime-config-helpers.js +21 -0
package/dist/commands/test-wizard-helpers.js +68 -0
package/dist/commands/vllm-setup.js +66 -0
package/dist/compat/legacy-names.js +2 -0
package/dist/config/backup-rotation.js +19 -0
package/dist/config/env-preserve.js +122 -0
package/dist/config/includes-scan.js +78 -0
package/dist/config/plugins-allowlist.js +13 -0
package/dist/config/schema.help.js +256 -0
package/dist/config/schema.hints.js +189 -0
package/dist/config/schema.irc.js +20 -0
package/dist/config/schema.labels.js +317 -0
package/dist/config/sessions/delivery-info.js +40 -0
package/dist/config/types.irc.js +1 -0
package/dist/config/zod-schema.agent-defaults.js +14 -0
package/dist/config/zod-schema.agent-model.js +10 -0
package/dist/config/zod-schema.agent-runtime.js +14 -0
package/dist/config/zod-schema.allowdeny.js +35 -0
package/dist/config/zod-schema.sensitive.js +4 -0
package/dist/control-ui/assets/index-HRr1grwl.js.map +1 -1
package/dist/cron/isolated-agent/skills-snapshot.js +26 -0
package/dist/cron/isolated-agent/subagent-followup.js +127 -0
package/dist/cron/isolated-agent.mocks.js +12 -0
package/dist/cron/isolated-agent.test-setup.js +22 -0
package/dist/cron/legacy-delivery.js +43 -0
package/dist/cron/webhook-url.js +22 -0
package/dist/daemon/arg-split.js +40 -0
package/dist/daemon/exec-file.js +23 -0
package/dist/daemon/output.js +6 -0
package/dist/daemon/runtime-format.js +31 -0
package/dist/daemon/schtasks-exec.js +4 -0
package/dist/daemon/service-audit.js +22 -0
package/dist/discord/client.js +41 -0
package/dist/discord/components-registry.js +57 -0
package/dist/discord/components.js +816 -0
package/dist/discord/guilds.js +12 -0
package/dist/discord/monitor/gateway-plugin.js +48 -0
package/dist/discord/monitor/presence.js +30 -0
package/dist/discord/send.components.js +115 -0
package/dist/discord/send.shared.js +4 -0
package/dist/discord/ui.js +26 -0
package/dist/discord/voice-message.js +254 -0
package/dist/gateway/agent-event-assistant-text.js +5 -0
package/dist/gateway/agent-prompt.js +33 -0
package/dist/gateway/auth-rate-limit.js +136 -0
package/dist/gateway/channel-health-monitor.js +114 -0
package/dist/gateway/control-ui-contract.js +1 -0
package/dist/gateway/control-ui-csp.js +15 -0
package/dist/gateway/gateway-config-prompts.shared.js +25 -0
package/dist/gateway/http-auth-helpers.js +18 -0
package/dist/gateway/http-common.js +18 -0
package/dist/gateway/http-endpoint-helpers.js +27 -0
package/dist/gateway/node-invoke-sanitize.js +11 -0
package/dist/gateway/node-invoke-system-run-approval.js +205 -0
package/dist/gateway/probe-auth.js +21 -0
package/dist/gateway/protocol/index.js +7 -2
package/dist/gateway/protocol/schema/mesh.js +54 -0
package/dist/gateway/protocol/schema/protocol-schemas.js +7 -0
package/dist/gateway/protocol/schema.js +1 -0
package/dist/gateway/server/ws-connection/auth-messages.js +54 -0
package/dist/gateway/server-channels.js +11 -0
package/dist/gateway/server-methods/attachment-normalize.js +16 -0
package/dist/gateway/server-methods/base-hash.js +8 -0
package/dist/gateway/server-methods/mesh.js +700 -0
package/dist/gateway/server-methods/nodes.handlers.invoke-result.js +55 -0
package/dist/gateway/server-methods/restart-request.js +13 -0
package/dist/gateway/server-methods/validation.js +8 -0
package/dist/gateway/server.agent.gateway-server-agent.mocks.js +35 -0
package/dist/gateway/server.e2e-registry-helpers.js +1 -0
package/dist/gateway/server.e2e-ws-harness.js +20 -0
package/dist/gateway/test-helpers.js +2 -0
package/dist/gateway/test-helpers.server.js +3 -1
package/dist/gateway/test-http-response.js +12 -0
package/dist/gateway/test-openai-responses-model.js +20 -0
package/dist/gateway/test-temp-config.js +30 -0
package/dist/gateway/test-with-server.js +32 -0
package/dist/hooks/bundled/bootstrap-extra-files/handler.js +46 -0
package/dist/imessage/monitor/abort-handler.js +23 -0
package/dist/imessage/monitor/inbound-processing.js +346 -0
package/dist/imessage/monitor/parse-notification.js +64 -0
package/dist/imessage/target-parsing-helpers.js +92 -0
package/dist/infra/archive.js +244 -20
package/dist/infra/detect-package-manager.js +26 -0
package/dist/infra/exec-approvals-allowlist.js +257 -0
package/dist/infra/exec-approvals-analysis.js +770 -0
package/dist/infra/exec-approvals.js +13 -0
package/dist/infra/file-lock.js +1 -0
package/dist/infra/gemini-auth.js +39 -0
package/dist/infra/heartbeat-active-hours.js +85 -0
package/dist/infra/heartbeat-events-filter.js +50 -0
package/dist/infra/heartbeat-runner.test-utils.js +39 -0
package/dist/infra/http-body.js +265 -0
package/dist/infra/install-package-dir.js +50 -0
package/dist/infra/install-safe-path.js +49 -0
package/dist/infra/json-files.js +49 -0
package/dist/infra/jsonl-socket.js +52 -0
package/dist/infra/map-size.js +14 -0
package/dist/infra/net/hostname.js +7 -0
package/dist/infra/npm-registry-spec.js +39 -0
package/dist/infra/openclaw-root.js +109 -0
package/dist/infra/outbound/delivery-queue.js +214 -0
package/dist/infra/outbound/identity.js +23 -0
package/dist/infra/outbound/message-action-params.js +307 -0
package/dist/infra/outbound/tool-payload.js +21 -0
package/dist/infra/package-json.js +23 -0
package/dist/infra/pairing-files.js +19 -0
package/dist/infra/pairing-token.js +9 -0
package/dist/infra/path-prepend.js +51 -0
package/dist/infra/path-safety.js +16 -0
package/dist/infra/process-respawn.js +49 -0
package/dist/infra/runtime-status.js +16 -0
package/dist/infra/session-cost-usage.types.js +1 -0
package/dist/infra/session-maintenance-warning.js +89 -0
package/dist/infra/system-run-command.js +78 -0
package/dist/infra/tmp-openclaw-dir.js +81 -0
package/dist/infra/tmp-poolbot-dir.js +2 -0
package/dist/infra/update-channels.js +19 -0
package/dist/line/actions.js +45 -0
package/dist/line/channel-access-token.js +9 -0
package/dist/line/flex-templates/basic-cards.js +332 -0
package/dist/line/flex-templates/common.js +18 -0
package/dist/line/flex-templates/media-control-cards.js +453 -0
package/dist/line/flex-templates/message.js +10 -0
package/dist/line/flex-templates/schedule-cards.js +399 -0
package/dist/line/flex-templates/types.js +1 -0
package/dist/line/webhook-node.js +100 -0
package/dist/line/webhook-utils.js +11 -0
package/dist/logging/diagnostic-session-state.js +73 -0
package/dist/logging/diagnostic.js +22 -0
package/dist/logging/timestamps.js +14 -0
package/dist/markdown/whatsapp.js +62 -0
package/dist/media/base64.js +34 -0
package/dist/media/local-roots.js +32 -0
package/dist/media/outbound-attachment.js +10 -0
package/dist/media/read-response-with-limit.js +41 -0
package/dist/media/sniff-mime-from-base64.js +19 -0
package/dist/media-understanding/audio-preflight.js +67 -0
package/dist/media-understanding/fs.js +13 -0
package/dist/media-understanding/output-extract.js +26 -0
package/dist/media-understanding/providers/audio.test-helpers.js +34 -0
package/dist/media-understanding/providers/google/inline-data.js +64 -0
package/dist/media-understanding/providers/shared.js +7 -0
package/dist/media-understanding/runner.entries.js +459 -0
package/dist/memory/batch-error-utils.js +11 -0
package/dist/memory/batch-http.js +27 -0
package/dist/memory/batch-output.js +29 -0
package/dist/memory/batch-runner.js +22 -0
package/dist/memory/batch-upload.js +23 -0
package/dist/memory/batch-utils.js +26 -0
package/dist/memory/embeddings-debug.js +11 -0
package/dist/memory/embeddings-remote-client.js +22 -0
package/dist/memory/embeddings-remote-fetch.js +14 -0
package/dist/memory/embeddings.js +36 -9
package/dist/memory/hybrid.js +24 -5
package/dist/memory/manager-embedding-ops.js +616 -0
package/dist/memory/manager-sync-ops.js +953 -0
package/dist/memory/manager.js +76 -28
package/dist/memory/mmr.js +164 -0
package/dist/memory/qmd-manager.js +1061 -0
package/dist/memory/qmd-query-parser.js +107 -0
package/dist/memory/qmd-scope.js +93 -0
package/dist/memory/query-expansion.js +331 -0
package/dist/memory/search-manager.js +0 -1
package/dist/memory/sync-index.js +21 -0
package/dist/memory/sync-progress.js +22 -0
package/dist/memory/sync-stale.js +30 -0
package/dist/memory/temporal-decay.js +119 -0
package/dist/memory/test-embeddings-mock.js +16 -0
package/dist/memory/test-manager-helpers.js +14 -0
package/dist/memory/test-runtime-mocks.js +11 -0
package/dist/node-host/invoke-browser.js +177 -0
package/dist/node-host/invoke.js +685 -0
package/dist/pairing/setup-code.js +285 -0
package/dist/plugin-sdk/account-id.js +1 -0
package/dist/plugin-sdk/agent-media-payload.js +13 -0
package/dist/plugin-sdk/allow-from.js +47 -0
package/dist/plugin-sdk/command-auth.js +23 -0
package/dist/plugin-sdk/config-paths.js +9 -0
package/dist/plugin-sdk/file-lock.js +116 -0
package/dist/plugin-sdk/json-store.js +31 -0
package/dist/plugin-sdk/onboarding.js +28 -0
package/dist/plugin-sdk/provider-auth-result.js +29 -0
package/dist/plugin-sdk/slack-message-actions.js +133 -0
package/dist/plugin-sdk/status-helpers.js +35 -0
package/dist/plugin-sdk/text-chunking.js +31 -0
package/dist/plugin-sdk/tool-send.js +12 -0
package/dist/plugin-sdk/webhook-path.js +27 -0
package/dist/plugin-sdk/webhook-targets.js +34 -0
package/dist/plugins/hooks.test-helpers.js +21 -0
package/dist/plugins/uninstall.js +171 -0
package/dist/process/kill-tree.js +98 -0
package/dist/process/supervisor/adapters/child.js +143 -0
package/dist/process/supervisor/adapters/env.js +13 -0
package/dist/process/supervisor/adapters/pty.js +148 -0
package/dist/process/supervisor/index.js +10 -0
package/dist/process/supervisor/registry.js +117 -0
package/dist/process/supervisor/supervisor.js +244 -0
package/dist/process/supervisor/types.js +1 -0
package/dist/providers/google-shared.test-helpers.js +75 -0
package/dist/security/audit-channel.js +419 -0
package/dist/security/audit-tool-policy.js +1 -0
package/dist/security/scan-paths.js +12 -0
package/dist/sessions/input-provenance.js +55 -0
package/dist/sessions/session-key-utils.js +7 -0
package/dist/shared/chat-content.js +31 -0
package/dist/shared/chat-envelope.js +45 -0
package/dist/shared/config-eval.js +117 -0
package/dist/shared/device-auth.js +16 -0
package/dist/shared/entry-metadata.js +9 -0
package/dist/shared/entry-status.js +25 -0
package/dist/shared/frontmatter.js +98 -0
package/dist/shared/model-param-b.js +19 -0
package/dist/shared/net/ipv4.js +17 -0
package/dist/shared/node-match.js +53 -0
package/dist/shared/pid-alive.js +12 -0
package/dist/shared/process-scoped-map.js +10 -0
package/dist/shared/requirements.js +128 -0
package/dist/shared/subagents-format.js +84 -0
package/dist/shared/usage-aggregates.js +28 -0
package/dist/signal/monitor/mentions.js +45 -0
package/dist/signal/rpc-context.js +19 -0
package/dist/slack/blocks-fallback.js +76 -0
package/dist/slack/blocks-input.js +40 -0
package/dist/slack/draft-stream.js +106 -0
package/dist/slack/message-actions.js +51 -0
package/dist/slack/modal-metadata.js +32 -0
package/dist/slack/monitor/events/interactions.js +462 -0
package/dist/slack/monitor/room-context.js +17 -0
package/dist/slack/stream-mode.js +41 -0
package/dist/telegram/bot-native-command-menu.js +64 -0
package/dist/telegram/bot.media.e2e-harness.js +81 -0
package/dist/telegram/button-types.js +1 -0
package/dist/telegram/group-access.js +65 -0
package/dist/telegram/outbound-params.js +21 -0
package/dist/telegram/poll-vote-cache.js +21 -0
package/dist/terminal/health-style.js +36 -0
package/dist/test-utils/chunk-test-helpers.js +21 -0
package/dist/test-utils/env.js +72 -0
package/dist/test-utils/exec-assertions.js +12 -0
package/dist/test-utils/imessage-test-plugin.js +54 -0
package/dist/test-utils/mock-http-response.js +17 -0
package/dist/test-utils/vitest-mock-fn.js +1 -0
package/dist/tts/tts-core.js +550 -0
package/dist/utils/chunk-items.js +10 -0
package/dist/utils/reaction-level.js +52 -0
package/dist/utils/safe-json.js +22 -0
package/dist/utils/with-timeout.js +14 -0
package/dist/web/media.js +17 -5
package/dist/whatsapp/resolve-outbound-target.js +42 -0
package/dist/wizard/onboarding.completion.js +74 -0
package/extensions/bluebubbles/package.json +1 -1
package/extensions/bluebubbles/src/account-resolve.ts +29 -0
package/extensions/bluebubbles/src/monitor-normalize.ts +796 -0
package/extensions/bluebubbles/src/monitor-processing.ts +1007 -0
package/extensions/bluebubbles/src/monitor-reply-cache.ts +185 -0
package/extensions/bluebubbles/src/monitor-shared.ts +51 -0
package/extensions/bluebubbles/src/multipart.ts +32 -0
package/extensions/bluebubbles/src/send-helpers.ts +53 -0
package/extensions/bluebubbles/src/test-harness.ts +50 -0
package/extensions/bluebubbles/src/test-mocks.ts +11 -0
package/extensions/copilot-proxy/package.json +1 -1
package/extensions/device-pair/index.ts +554 -0
package/extensions/diagnostics-otel/package.json +1 -1
package/extensions/discord/package.json +1 -1
package/extensions/discord/src/channel.js +366 -0
package/extensions/discord/src/runtime.js +10 -0
package/extensions/feishu/index.ts +63 -0
package/extensions/feishu/src/accounts.ts +114 -0
package/extensions/feishu/src/bitable.ts +739 -0
package/extensions/feishu/src/bot.ts +965 -0
package/extensions/feishu/src/channel.ts +351 -0
package/extensions/feishu/src/client.ts +118 -0
package/extensions/feishu/src/config-schema.ts +206 -0
package/extensions/feishu/src/dedup.ts +33 -0
package/extensions/feishu/src/directory.ts +177 -0
package/extensions/feishu/src/doc-schema.ts +47 -0
package/extensions/feishu/src/docx.ts +536 -0
package/extensions/feishu/src/drive-schema.ts +46 -0
package/extensions/feishu/src/drive.ts +227 -0
package/extensions/feishu/src/dynamic-agent.ts +131 -0
package/extensions/feishu/src/media.ts +449 -0
package/extensions/feishu/src/mention.ts +126 -0
package/extensions/feishu/src/monitor.ts +330 -0
package/extensions/feishu/src/onboarding.ts +359 -0
package/extensions/feishu/src/outbound.ts +55 -0
package/extensions/feishu/src/perm-schema.ts +52 -0
package/extensions/feishu/src/perm.ts +173 -0
package/extensions/feishu/src/policy.ts +84 -0
package/extensions/feishu/src/probe.ts +44 -0
package/extensions/feishu/src/reactions.ts +160 -0
package/extensions/feishu/src/reply-dispatcher.ts +239 -0
package/extensions/feishu/src/runtime.ts +14 -0
package/extensions/feishu/src/send-result.ts +29 -0
package/extensions/feishu/src/send.ts +335 -0
package/extensions/feishu/src/streaming-card.ts +223 -0
package/extensions/feishu/src/targets.ts +78 -0
package/extensions/feishu/src/tools-config.ts +21 -0
package/extensions/feishu/src/types.ts +81 -0
package/extensions/feishu/src/typing.ts +80 -0
package/extensions/feishu/src/wiki-schema.ts +55 -0
package/extensions/feishu/src/wiki.ts +232 -0
package/extensions/google-antigravity-auth/package.json +1 -1
package/extensions/google-gemini-cli-auth/package.json +1 -1
package/extensions/googlechat/package.json +1 -1
package/extensions/imessage/package.json +1 -1
package/extensions/imessage/src/channel.js +253 -0
package/extensions/imessage/src/runtime.js +10 -0
package/extensions/irc/index.ts +17 -0
package/extensions/irc/src/accounts.ts +268 -0
package/extensions/irc/src/channel.ts +367 -0
package/extensions/irc/src/client.ts +439 -0
package/extensions/irc/src/config-schema.ts +97 -0
package/extensions/irc/src/connect-options.ts +30 -0
package/extensions/irc/src/control-chars.ts +22 -0
package/extensions/irc/src/inbound.ts +334 -0
package/extensions/irc/src/monitor.ts +147 -0
package/extensions/irc/src/normalize.ts +117 -0
package/extensions/irc/src/onboarding.ts +479 -0
package/extensions/irc/src/policy.ts +157 -0
package/extensions/irc/src/probe.ts +53 -0
package/extensions/irc/src/protocol.ts +169 -0
package/extensions/irc/src/runtime.ts +14 -0
package/extensions/irc/src/send.ts +88 -0
package/extensions/irc/src/types.ts +93 -0
package/extensions/line/package.json +1 -1
package/extensions/llm-task/package.json +1 -1
package/extensions/lobster/package.json +1 -1
package/extensions/matrix/CHANGELOG.md +5 -0
package/extensions/matrix/package.json +1 -1
package/extensions/matrix/src/matrix/client-bootstrap.ts +39 -0
package/extensions/mattermost/package.json +1 -1
package/extensions/mattermost/src/mattermost/monitor-onchar.ts +25 -0
package/extensions/mattermost/src/mattermost/monitor-websocket.ts +221 -0
package/extensions/mattermost/src/mattermost/reactions.ts +130 -0
package/extensions/mattermost/src/mattermost/reconnect.ts +103 -0
package/extensions/memory-core/package.json +1 -1
package/extensions/memory-lancedb/package.json +1 -1
package/extensions/minimax-portal-auth/index.ts +161 -0
package/extensions/minimax-portal-auth/oauth.ts +247 -0
package/extensions/msteams/CHANGELOG.md +5 -0
package/extensions/msteams/package.json +1 -1
package/extensions/msteams/src/file-lock.ts +1 -0
package/extensions/msteams/src/graph.ts +92 -0
package/extensions/msteams/src/mentions.ts +114 -0
package/extensions/msteams/src/test-runtime.ts +16 -0
package/extensions/nextcloud-talk/package.json +1 -1
package/extensions/nostr/CHANGELOG.md +5 -0
package/extensions/nostr/package.json +1 -1
package/extensions/open-prose/package.json +1 -1
package/extensions/openai-codex-auth/index.ts +177 -0
package/extensions/phone-control/index.ts +421 -0
package/extensions/shared/resolve-target-test-helpers.ts +66 -0
package/extensions/signal/package.json +1 -1
package/extensions/signal/src/channel.js +273 -0
package/extensions/signal/src/runtime.js +10 -0
package/extensions/slack/package.json +1 -1
package/extensions/slack/src/channel.js +489 -0
package/extensions/slack/src/runtime.js +10 -0
package/extensions/talk-voice/index.ts +150 -0
package/extensions/telegram/package.json +1 -1
package/extensions/telegram/src/channel.js +424 -0
package/extensions/telegram/src/runtime.js +10 -0
package/extensions/thread-ownership/index.ts +133 -0
package/extensions/tlon/package.json +1 -1
package/extensions/tlon/src/account-fields.ts +25 -0
package/extensions/tlon/src/urbit/base-url.ts +57 -0
package/extensions/tlon/src/urbit/channel-client.ts +157 -0
package/extensions/tlon/src/urbit/channel-ops.ts +164 -0
package/extensions/tlon/src/urbit/context.ts +47 -0
package/extensions/tlon/src/urbit/errors.ts +51 -0
package/extensions/tlon/src/urbit/fetch.ts +39 -0
package/extensions/twitch/CHANGELOG.md +5 -0
package/extensions/twitch/package.json +1 -1
package/extensions/twitch/src/test-fixtures.ts +30 -0
package/extensions/voice-call/CHANGELOG.md +5 -0
package/extensions/voice-call/package.json +1 -1
package/extensions/voice-call/src/allowlist.ts +19 -0
package/extensions/whatsapp/package.json +1 -1
package/extensions/whatsapp/src/channel.js +429 -0
package/extensions/whatsapp/src/runtime.js +10 -0
package/extensions/zalo/CHANGELOG.md +5 -0
package/extensions/zalo/package.json +1 -1
package/extensions/zalouser/CHANGELOG.md +5 -0
package/extensions/zalouser/package.json +1 -1
package/package.json +1 -1

package/dist/agents/sandbox/docker.js CHANGED Viewed

@@ -1,44 +1,118 @@
 import { spawn } from "node:child_process";
-import { defaultRuntime } from "../../runtime.js";
-import { formatCliCommand } from "../../cli/command-format.js";
-import { DEFAULT_SANDBOX_IMAGE, SANDBOX_AGENT_WORKSPACE_MOUNT } from "./constants.js";
-import { readRegistry, updateRegistry } from "./registry.js";
-import { computeSandboxConfigHash } from "./config-hash.js";
-import { resolveSandboxAgentId, resolveSandboxScopeKey, slugifySessionKey } from "./shared.js";
-const HOT_CONTAINER_WINDOW_MS = 5 * 60 * 1000;
-export function execDocker(args, opts) {
+function createAbortError() {
+    const err = new Error("Aborted");
+    err.name = "AbortError";
+    return err;
+}
+export function execDockerRaw(args, opts) {
     return new Promise((resolve, reject) => {
         const child = spawn("docker", args, {
-            stdio: ["ignore", "pipe", "pipe"],
+            stdio: ["pipe", "pipe", "pipe"],
         });
-        let stdout = "";
-        let stderr = "";
+        const stdoutChunks = [];
+        const stderrChunks = [];
+        let aborted = false;
+        const signal = opts?.signal;
+        const handleAbort = () => {
+            if (aborted) {
+                return;
+            }
+            aborted = true;
+            child.kill("SIGTERM");
+        };
+        if (signal) {
+            if (signal.aborted) {
+                handleAbort();
+            }
+            else {
+                signal.addEventListener("abort", handleAbort);
+            }
+        }
         child.stdout?.on("data", (chunk) => {
-            stdout += chunk.toString();
+            stdoutChunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk));
         });
         child.stderr?.on("data", (chunk) => {
-            stderr += chunk.toString();
+            stderrChunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk));
+        });
+        child.on("error", (error) => {
+            if (signal) {
+                signal.removeEventListener("abort", handleAbort);
+            }
+            reject(error);
         });
         child.on("close", (code) => {
+            if (signal) {
+                signal.removeEventListener("abort", handleAbort);
+            }
+            const stdout = Buffer.concat(stdoutChunks);
+            const stderr = Buffer.concat(stderrChunks);
+            if (aborted || signal?.aborted) {
+                reject(createAbortError());
+                return;
+            }
             const exitCode = code ?? 0;
             if (exitCode !== 0 && !opts?.allowFailure) {
-                reject(new Error(stderr.trim() || `docker ${args.join(" ")} failed`));
+                const message = stderr.length > 0 ? stderr.toString("utf8").trim() : "";
+                const error = Object.assign(new Error(message || `docker ${args.join(" ")} failed`), {
+                    code: exitCode,
+                    stdout,
+                    stderr,
+                });
+                reject(error);
                 return;
             }
             resolve({ stdout, stderr, code: exitCode });
         });
+        const stdin = child.stdin;
+        if (stdin) {
+            if (opts?.input !== undefined) {
+                stdin.end(opts.input);
+            }
+            else {
+                stdin.end();
+            }
+        }
     });
 }
+import { formatCliCommand } from "../../cli/command-format.js";
+import { defaultRuntime } from "../../runtime.js";
+import { computeSandboxConfigHash } from "./config-hash.js";
+import { DEFAULT_SANDBOX_IMAGE, SANDBOX_AGENT_WORKSPACE_MOUNT } from "./constants.js";
+import { readRegistry, updateRegistry } from "./registry.js";
+import { resolveSandboxAgentId, resolveSandboxScopeKey, slugifySessionKey } from "./shared.js";
+import { validateSandboxSecurity } from "./validate-sandbox-security.js";
+const HOT_CONTAINER_WINDOW_MS = 5 * 60 * 1000;
+export async function execDocker(args, opts) {
+    const result = await execDockerRaw(args, opts);
+    return {
+        stdout: result.stdout.toString("utf8"),
+        stderr: result.stderr.toString("utf8"),
+        code: result.code,
+    };
+}
+export async function readDockerContainerLabel(containerName, label) {
+    const result = await execDocker(["inspect", "-f", `{{ index .Config.Labels "${label}" }}`, containerName], { allowFailure: true });
+    if (result.code !== 0) {
+        return null;
+    }
+    const raw = result.stdout.trim();
+    if (!raw || raw === "<no value>") {
+        return null;
+    }
+    return raw;
+}
 export async function readDockerPort(containerName, port) {
     const result = await execDocker(["port", containerName, `${port}/tcp`], {
         allowFailure: true,
     });
-    if (result.code !== 0)
+    if (result.code !== 0) {
         return null;
+    }
     const line = result.stdout.trim().split(/\r?\n/)[0] ?? "";
     const match = line.match(/:(\d+)\s*$/);
-    if (!match)
+    if (!match) {
         return null;
+    }
     const mapped = Number.parseInt(match[1] ?? "", 10);
     return Number.isFinite(mapped) ? mapped : null;
 }
@@ -46,8 +120,9 @@ async function dockerImageExists(image) {
     const result = await execDocker(["image", "inspect", image], {
         allowFailure: true,
     });
-    if (result.code === 0)
+    if (result.code === 0) {
         return true;
+    }
     const stderr = result.stderr.trim();
     if (stderr.includes("No such image")) {
         return false;
@@ -56,8 +131,9 @@ async function dockerImageExists(image) {
 }
 export async function ensureDockerImage(image) {
     const exists = await dockerImageExists(image);
-    if (exists)
+    if (exists) {
         return;
+    }
     if (image === DEFAULT_SANDBOX_IMAGE) {
         await execDocker(["pull", "debian:bookworm-slim"]);
         await execDocker(["tag", "debian:bookworm-slim", DEFAULT_SANDBOX_IMAGE]);
@@ -69,13 +145,15 @@ export async function dockerContainerState(name) {
     const result = await execDocker(["inspect", "-f", "{{.State.Running}}", name], {
         allowFailure: true,
     });
-    if (result.code !== 0)
+    if (result.code !== 0) {
         return { exists: false, running: false };
+    }
     return { exists: true, running: result.stdout.trim() === "true" };
 }
 function normalizeDockerLimit(value) {
-    if (value === undefined || value === null)
+    if (value === undefined || value === null) {
         return undefined;
+    }
     if (typeof value === "number") {
         return Number.isFinite(value) ? String(value) : undefined;
     }
@@ -83,23 +161,29 @@ function normalizeDockerLimit(value) {
     return trimmed ? trimmed : undefined;
 }
 function formatUlimitValue(name, value) {
-    if (!name.trim())
+    if (!name.trim()) {
         return null;
+    }
     if (typeof value === "number" || typeof value === "string") {
         const raw = String(value).trim();
         return raw ? `${name}=${raw}` : null;
     }
     const soft = typeof value.soft === "number" ? Math.max(0, value.soft) : undefined;
     const hard = typeof value.hard === "number" ? Math.max(0, value.hard) : undefined;
-    if (soft === undefined && hard === undefined)
+    if (soft === undefined && hard === undefined) {
         return null;
-    if (soft === undefined)
+    }
+    if (soft === undefined) {
         return `${name}=${hard}`;
-    if (hard === undefined)
+    }
+    if (hard === undefined) {
         return `${name}=${soft}`;
+    }
     return `${name}=${soft}:${hard}`;
 }
 export function buildSandboxCreateArgs(params) {
+    // Runtime security validation: blocks dangerous bind mounts, network modes, and profiles.
+    validateSandboxSecurity(params.cfg);
     const createdAtMs = params.createdAtMs ?? Date.now();
     const args = ["create", "--name", params.name];
     args.push("--label", "poolbot.sandbox=1");
@@ -109,18 +193,28 @@ export function buildSandboxCreateArgs(params) {
         args.push("--label", `poolbot.configHash=${params.configHash}`);
     }
     for (const [key, value] of Object.entries(params.labels ?? {})) {
-        if (key && value)
+        if (key && value) {
             args.push("--label", `${key}=${value}`);
+        }
     }
-    if (params.cfg.readOnlyRoot)
+    if (params.cfg.readOnlyRoot) {
         args.push("--read-only");
+    }
     for (const entry of params.cfg.tmpfs) {
         args.push("--tmpfs", entry);
     }
-    if (params.cfg.network)
+    if (params.cfg.network) {
         args.push("--network", params.cfg.network);
-    if (params.cfg.user)
+    }
+    if (params.cfg.user) {
         args.push("--user", params.cfg.user);
+    }
+    for (const [key, value] of Object.entries(params.cfg.env ?? {})) {
+        if (!key.trim()) {
+            continue;
+        }
+        args.push("--env", key + "=" + value);
+    }
     for (const cap of params.cfg.capDrop) {
         args.push("--cap-drop", cap);
     }
@@ -132,29 +226,34 @@ export function buildSandboxCreateArgs(params) {
         args.push("--security-opt", `apparmor=${params.cfg.apparmorProfile}`);
     }
     for (const entry of params.cfg.dns ?? []) {
-        if (entry.trim())
+        if (entry.trim()) {
             args.push("--dns", entry);
+        }
     }
     for (const entry of params.cfg.extraHosts ?? []) {
-        if (entry.trim())
+        if (entry.trim()) {
             args.push("--add-host", entry);
+        }
     }
     if (typeof params.cfg.pidsLimit === "number" && params.cfg.pidsLimit > 0) {
         args.push("--pids-limit", String(params.cfg.pidsLimit));
     }
     const memory = normalizeDockerLimit(params.cfg.memory);
-    if (memory)
+    if (memory) {
         args.push("--memory", memory);
+    }
     const memorySwap = normalizeDockerLimit(params.cfg.memorySwap);
-    if (memorySwap)
+    if (memorySwap) {
         args.push("--memory-swap", memorySwap);
+    }
     if (typeof params.cfg.cpus === "number" && params.cfg.cpus > 0) {
         args.push("--cpus", String(params.cfg.cpus));
     }
     for (const [name, value] of Object.entries(params.cfg.ulimits ?? {})) {
         const formatted = formatUlimitValue(name, value);
-        if (formatted)
+        if (formatted) {
             args.push("--ulimit", formatted);
+        }
     }
     if (params.cfg.binds?.length) {
         for (const bind of params.cfg.binds) {
@@ -187,13 +286,7 @@ async function createSandboxContainer(params) {
     }
 }
 async function readContainerConfigHash(containerName) {
-    const result = await execDocker(["inspect", "-f", '{{ index .Config.Labels "poolbot.configHash" }}', containerName], { allowFailure: true });
-    if (result.code !== 0)
-        return null;
-    const raw = result.stdout.trim();
-    if (!raw || raw === "<no value>")
-        return null;
-    return raw;
+    return await readDockerContainerLabel(containerName, "poolbot.configHash");
 }
 function formatSandboxRecreateHint(params) {
     if (params.scope === "session") {

package/dist/agents/sandbox/fs-bridge.js ADDED Viewed

@@ -0,0 +1,146 @@
+import { execDockerRaw } from "./docker.js";
+import { buildSandboxFsMounts, resolveSandboxFsPathWithMounts, } from "./fs-paths.js";
+export function createSandboxFsBridge(params) {
+    return new SandboxFsBridgeImpl(params.sandbox);
+}
+class SandboxFsBridgeImpl {
+    sandbox;
+    mounts;
+    constructor(sandbox) {
+        this.sandbox = sandbox;
+        this.mounts = buildSandboxFsMounts(sandbox);
+    }
+    resolvePath(params) {
+        const target = this.resolveResolvedPath(params);
+        return {
+            hostPath: target.hostPath,
+            relativePath: target.relativePath,
+            containerPath: target.containerPath,
+        };
+    }
+    async readFile(params) {
+        const target = this.resolveResolvedPath(params);
+        const result = await this.runCommand('set -eu; cat -- "$1"', {
+            args: [target.containerPath],
+            signal: params.signal,
+        });
+        return result.stdout;
+    }
+    async writeFile(params) {
+        const target = this.resolveResolvedPath(params);
+        this.ensureWriteAccess(target, "write files");
+        const buffer = Buffer.isBuffer(params.data)
+            ? params.data
+            : Buffer.from(params.data, params.encoding ?? "utf8");
+        const script = params.mkdir === false
+            ? 'set -eu; cat >"$1"'
+            : 'set -eu; dir=$(dirname -- "$1"); if [ "$dir" != "." ]; then mkdir -p -- "$dir"; fi; cat >"$1"';
+        await this.runCommand(script, {
+            args: [target.containerPath],
+            stdin: buffer,
+            signal: params.signal,
+        });
+    }
+    async mkdirp(params) {
+        const target = this.resolveResolvedPath(params);
+        this.ensureWriteAccess(target, "create directories");
+        await this.runCommand('set -eu; mkdir -p -- "$1"', {
+            args: [target.containerPath],
+            signal: params.signal,
+        });
+    }
+    async remove(params) {
+        const target = this.resolveResolvedPath(params);
+        this.ensureWriteAccess(target, "remove files");
+        const flags = [params.force === false ? "" : "-f", params.recursive ? "-r" : ""].filter(Boolean);
+        const rmCommand = flags.length > 0 ? `rm ${flags.join(" ")}` : "rm";
+        await this.runCommand(`set -eu; ${rmCommand} -- "$1"`, {
+            args: [target.containerPath],
+            signal: params.signal,
+        });
+    }
+    async rename(params) {
+        const from = this.resolveResolvedPath({ filePath: params.from, cwd: params.cwd });
+        const to = this.resolveResolvedPath({ filePath: params.to, cwd: params.cwd });
+        this.ensureWriteAccess(from, "rename files");
+        this.ensureWriteAccess(to, "rename files");
+        await this.runCommand('set -eu; dir=$(dirname -- "$2"); if [ "$dir" != "." ]; then mkdir -p -- "$dir"; fi; mv -- "$1" "$2"', {
+            args: [from.containerPath, to.containerPath],
+            signal: params.signal,
+        });
+    }
+    async stat(params) {
+        const target = this.resolveResolvedPath(params);
+        const result = await this.runCommand('set -eu; stat -c "%F|%s|%Y" -- "$1"', {
+            args: [target.containerPath],
+            signal: params.signal,
+            allowFailure: true,
+        });
+        if (result.code !== 0) {
+            const stderr = result.stderr.toString("utf8");
+            if (stderr.includes("No such file or directory")) {
+                return null;
+            }
+            const message = stderr.trim() || `stat failed with code ${result.code}`;
+            throw new Error(`stat failed for ${target.containerPath}: ${message}`);
+        }
+        const text = result.stdout.toString("utf8").trim();
+        const [typeRaw, sizeRaw, mtimeRaw] = text.split("|");
+        const size = Number.parseInt(sizeRaw ?? "0", 10);
+        const mtime = Number.parseInt(mtimeRaw ?? "0", 10) * 1000;
+        return {
+            type: coerceStatType(typeRaw),
+            size: Number.isFinite(size) ? size : 0,
+            mtimeMs: Number.isFinite(mtime) ? mtime : 0,
+        };
+    }
+    async runCommand(script, options = {}) {
+        const dockerArgs = [
+            "exec",
+            "-i",
+            this.sandbox.containerName,
+            "sh",
+            "-c",
+            script,
+            "moltbot-sandbox-fs",
+        ];
+        if (options.args?.length) {
+            dockerArgs.push(...options.args);
+        }
+        return execDockerRaw(dockerArgs, {
+            input: options.stdin,
+            allowFailure: options.allowFailure,
+            signal: options.signal,
+        });
+    }
+    ensureWriteAccess(target, action) {
+        if (!allowsWrites(this.sandbox.workspaceAccess) || !target.writable) {
+            throw new Error(`Sandbox path is read-only; cannot ${action}: ${target.containerPath}`);
+        }
+    }
+    resolveResolvedPath(params) {
+        return resolveSandboxFsPathWithMounts({
+            filePath: params.filePath,
+            cwd: params.cwd ?? this.sandbox.workspaceDir,
+            defaultWorkspaceRoot: this.sandbox.workspaceDir,
+            defaultContainerRoot: this.sandbox.containerWorkdir,
+            mounts: this.mounts,
+        });
+    }
+}
+function allowsWrites(access) {
+    return access === "rw";
+}
+function coerceStatType(typeRaw) {
+    if (!typeRaw) {
+        return "other";
+    }
+    const normalized = typeRaw.trim().toLowerCase();
+    if (normalized.includes("directory")) {
+        return "directory";
+    }
+    if (normalized.includes("file")) {
+        return "file";
+    }
+    return "other";
+}

package/dist/agents/sandbox/fs-paths.js ADDED Viewed

@@ -0,0 +1,205 @@
+import path from "node:path";
+import { resolveSandboxInputPath, resolveSandboxPath } from "../sandbox-paths.js";
+import { SANDBOX_AGENT_WORKSPACE_MOUNT } from "./constants.js";
+export function parseSandboxBindMount(spec) {
+    const trimmed = spec.trim();
+    if (!trimmed) {
+        return null;
+    }
+    const parsed = splitBindSpec(trimmed);
+    if (!parsed) {
+        return null;
+    }
+    const hostToken = parsed.host.trim();
+    const containerToken = parsed.container.trim();
+    if (!hostToken || !containerToken || !path.posix.isAbsolute(containerToken)) {
+        return null;
+    }
+    const optionsToken = parsed.options.trim().toLowerCase();
+    const optionParts = optionsToken
+        ? optionsToken
+            .split(",")
+            .map((entry) => entry.trim())
+            .filter(Boolean)
+        : [];
+    const writable = !optionParts.includes("ro");
+    return {
+        hostRoot: path.resolve(hostToken),
+        containerRoot: normalizeContainerPath(containerToken),
+        writable,
+    };
+}
+function splitBindSpec(spec) {
+    const separator = getHostContainerSeparatorIndex(spec);
+    if (separator === -1) {
+        return null;
+    }
+    const host = spec.slice(0, separator);
+    const rest = spec.slice(separator + 1);
+    const optionsStart = rest.indexOf(":");
+    if (optionsStart === -1) {
+        return { host, container: rest, options: "" };
+    }
+    return {
+        host,
+        container: rest.slice(0, optionsStart),
+        options: rest.slice(optionsStart + 1),
+    };
+}
+function getHostContainerSeparatorIndex(spec) {
+    const hasDriveLetterPrefix = /^[A-Za-z]:[\\/]/.test(spec);
+    for (let i = hasDriveLetterPrefix ? 2 : 0; i < spec.length; i += 1) {
+        if (spec[i] === ":") {
+            return i;
+        }
+    }
+    return -1;
+}
+export function buildSandboxFsMounts(sandbox) {
+    const mounts = [
+        {
+            hostRoot: path.resolve(sandbox.workspaceDir),
+            containerRoot: normalizeContainerPath(sandbox.containerWorkdir),
+            writable: sandbox.workspaceAccess === "rw",
+            source: "workspace",
+        },
+    ];
+    if (sandbox.workspaceAccess !== "none" &&
+        path.resolve(sandbox.agentWorkspaceDir) !== path.resolve(sandbox.workspaceDir)) {
+        mounts.push({
+            hostRoot: path.resolve(sandbox.agentWorkspaceDir),
+            containerRoot: SANDBOX_AGENT_WORKSPACE_MOUNT,
+            writable: sandbox.workspaceAccess === "rw",
+            source: "agent",
+        });
+    }
+    for (const bind of sandbox.docker.binds ?? []) {
+        const parsed = parseSandboxBindMount(bind);
+        if (!parsed) {
+            continue;
+        }
+        mounts.push({
+            hostRoot: parsed.hostRoot,
+            containerRoot: parsed.containerRoot,
+            writable: parsed.writable,
+            source: "bind",
+        });
+    }
+    return dedupeMounts(mounts);
+}
+export function resolveSandboxFsPathWithMounts(params) {
+    const mountsByContainer = [...params.mounts].toSorted((a, b) => b.containerRoot.length - a.containerRoot.length);
+    const mountsByHost = [...params.mounts].toSorted((a, b) => b.hostRoot.length - a.hostRoot.length);
+    const input = params.filePath;
+    const inputPosix = normalizePosixInput(input);
+    if (path.posix.isAbsolute(inputPosix)) {
+        const containerMount = findMountByContainerPath(mountsByContainer, inputPosix);
+        if (containerMount) {
+            const rel = path.posix.relative(containerMount.containerRoot, inputPosix);
+            const hostPath = rel
+                ? path.resolve(containerMount.hostRoot, ...toHostSegments(rel))
+                : containerMount.hostRoot;
+            return {
+                hostPath,
+                containerPath: rel
+                    ? path.posix.join(containerMount.containerRoot, rel)
+                    : containerMount.containerRoot,
+                relativePath: toDisplayRelative({
+                    containerPath: rel
+                        ? path.posix.join(containerMount.containerRoot, rel)
+                        : containerMount.containerRoot,
+                    defaultContainerRoot: params.defaultContainerRoot,
+                }),
+                writable: containerMount.writable,
+            };
+        }
+    }
+    const hostResolved = resolveSandboxInputPath(input, params.cwd);
+    const hostMount = findMountByHostPath(mountsByHost, hostResolved);
+    if (hostMount) {
+        const relHost = path.relative(hostMount.hostRoot, hostResolved);
+        const relPosix = relHost ? relHost.split(path.sep).join(path.posix.sep) : "";
+        const containerPath = relPosix
+            ? path.posix.join(hostMount.containerRoot, relPosix)
+            : hostMount.containerRoot;
+        return {
+            hostPath: hostResolved,
+            containerPath,
+            relativePath: toDisplayRelative({
+                containerPath,
+                defaultContainerRoot: params.defaultContainerRoot,
+            }),
+            writable: hostMount.writable,
+        };
+    }
+    // Preserve legacy error wording for out-of-sandbox paths.
+    resolveSandboxPath({
+        filePath: input,
+        cwd: params.cwd,
+        root: params.defaultWorkspaceRoot,
+    });
+    throw new Error(`Path escapes sandbox root (${params.defaultWorkspaceRoot}): ${input}`);
+}
+function dedupeMounts(mounts) {
+    const seen = new Set();
+    const deduped = [];
+    for (const mount of mounts) {
+        const key = `${mount.hostRoot}=>${mount.containerRoot}`;
+        if (seen.has(key)) {
+            continue;
+        }
+        seen.add(key);
+        deduped.push(mount);
+    }
+    return deduped;
+}
+function findMountByContainerPath(mounts, target) {
+    for (const mount of mounts) {
+        if (isPathInsidePosix(mount.containerRoot, target)) {
+            return mount;
+        }
+    }
+    return null;
+}
+function findMountByHostPath(mounts, target) {
+    for (const mount of mounts) {
+        if (isPathInsideHost(mount.hostRoot, target)) {
+            return mount;
+        }
+    }
+    return null;
+}
+function isPathInsidePosix(root, target) {
+    const rel = path.posix.relative(root, target);
+    if (!rel) {
+        return true;
+    }
+    return !(rel.startsWith("..") || path.posix.isAbsolute(rel));
+}
+function isPathInsideHost(root, target) {
+    const rel = path.relative(root, target);
+    if (!rel) {
+        return true;
+    }
+    return !(rel.startsWith("..") || path.isAbsolute(rel));
+}
+function toHostSegments(relativePosix) {
+    return relativePosix.split("/").filter(Boolean);
+}
+function toDisplayRelative(params) {
+    const rel = path.posix.relative(params.defaultContainerRoot, params.containerPath);
+    if (!rel) {
+        return "";
+    }
+    if (!rel.startsWith("..") && !path.posix.isAbsolute(rel)) {
+        return rel;
+    }
+    return params.containerPath;
+}
+function normalizeContainerPath(value) {
+    const normalized = path.posix.normalize(value);
+    return normalized === "." ? "/" : normalized;
+}
+function normalizePosixInput(value) {
+    return value.replace(/\\/g, "/").trim();
+}

package/dist/agents/sandbox/hash.js ADDED Viewed

@@ -0,0 +1,4 @@
+import crypto from "node:crypto";
+export function hashTextSha256(value) {
+    return crypto.createHash("sha256").update(value).digest("hex");
+}