npm - @probelabs/visor - Versions diffs - 0.1.152-ee → 0.1.153-ee - Mend

@probelabs/visor 0.1.152-ee → 0.1.153-ee

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (57) hide show

package/dist/sdk/{chunk-FYK2DJK6.mjs → chunk-CPYQDJ27.mjs} RENAMED Viewed

@@ -1352,7 +1352,7 @@ var init_config_schema = __esm({
               description: "Arguments/inputs for the workflow"
             },
             overrides: {
-              $ref: "#/definitions/Record%3Cstring%2CPartial%3Cinterface-src_types_config.ts-13509-28103-src_types_config.ts-0-55255%3E%3E",
+              $ref: "#/definitions/Record%3Cstring%2CPartial%3Cinterface-src_types_config.ts-13519-28113-src_types_config.ts-0-55265%3E%3E",
               description: "Override specific step configurations in the workflow"
             },
             output_mapping: {
@@ -1368,7 +1368,7 @@ var init_config_schema = __esm({
               description: "Config file path - alternative to workflow ID (loads a Visor config file as workflow)"
             },
             workflow_overrides: {
-              $ref: "#/definitions/Record%3Cstring%2CPartial%3Cinterface-src_types_config.ts-13509-28103-src_types_config.ts-0-55255%3E%3E",
+              $ref: "#/definitions/Record%3Cstring%2CPartial%3Cinterface-src_types_config.ts-13519-28113-src_types_config.ts-0-55265%3E%3E",
               description: "Alias for overrides - workflow step overrides (backward compatibility)"
             },
             ref: {
@@ -1789,11 +1789,11 @@ var init_config_schema = __esm({
               },
               description: "Array of blocked command patterns (e.g., ['rm -rf', 'sudo'])"
             },
-            noDefaultAllow: {
+            disableDefaultAllow: {
               type: "boolean",
               description: "Disable default safe command list (use with caution)"
             },
-            noDefaultDeny: {
+            disableDefaultDeny: {
               type: "boolean",
               description: "Disable default dangerous command blocklist (use with extreme caution)"
             },
@@ -2057,7 +2057,7 @@ var init_config_schema = __esm({
               description: "Custom output name (defaults to workflow name)"
             },
             overrides: {
-              $ref: "#/definitions/Record%3Cstring%2CPartial%3Cinterface-src_types_config.ts-13509-28103-src_types_config.ts-0-55255%3E%3E",
+              $ref: "#/definitions/Record%3Cstring%2CPartial%3Cinterface-src_types_config.ts-13519-28113-src_types_config.ts-0-55265%3E%3E",
               description: "Step overrides"
             },
             output_mapping: {
@@ -2072,13 +2072,13 @@ var init_config_schema = __esm({
             "^x-": {}
           }
         },
-        "Record<string,Partial<interface-src_types_config.ts-13509-28103-src_types_config.ts-0-55255>>": {
+        "Record<string,Partial<interface-src_types_config.ts-13519-28113-src_types_config.ts-0-55265>>": {
           type: "object",
           additionalProperties: {
-            $ref: "#/definitions/Partial%3Cinterface-src_types_config.ts-13509-28103-src_types_config.ts-0-55255%3E"
+            $ref: "#/definitions/Partial%3Cinterface-src_types_config.ts-13519-28113-src_types_config.ts-0-55265%3E"
           }
         },
-        "Partial<interface-src_types_config.ts-13509-28103-src_types_config.ts-0-55255>": {
+        "Partial<interface-src_types_config.ts-13519-28113-src_types_config.ts-0-55265>": {
           type: "object",
           additionalProperties: false
         },
@@ -2784,6 +2784,13 @@ var init_config_schema = __esm({
             cache: {
               $ref: "#/definitions/SandboxCacheConfig",
               description: "Cache volume configuration"
+            },
+            bind_paths: {
+              type: "array",
+              items: {
+                $ref: "#/definitions/SandboxBindPath"
+              },
+              description: "Additional host paths to bind-mount into the sandbox"
             }
           },
           additionalProperties: false,
@@ -2844,6 +2851,29 @@ var init_config_schema = __esm({
             "^x-": {}
           }
         },
+        SandboxBindPath: {
+          type: "object",
+          properties: {
+            host: {
+              type: "string",
+              description: "Host path (supports ~ prefix for home directory)"
+            },
+            container: {
+              type: "string",
+              description: "Container path (defaults to resolved host path)"
+            },
+            read_only: {
+              type: "boolean",
+              description: "Mount as read-only (default: true)"
+            }
+          },
+          required: ["host"],
+          additionalProperties: false,
+          description: "Additional host path to bind-mount into the sandbox",
+          patternProperties: {
+            "^x-": {}
+          }
+        },
         SandboxDefaults: {
           type: "object",
           properties: {
@@ -4216,7 +4246,6 @@ ${errors}`);
             ["compose", config.compose],
             ["service", config.service],
             ["cache", config.cache],
-            ["visor_path", config.visor_path],
             ["resources", config.resources]
           ];
           for (const [field, value] of dockerOnlyFields) {
@@ -4262,20 +4291,6 @@ ${errors}`);
               message: `Compose file path '${config.compose}' in sandbox '${name}' must not contain '..' path traversal`
             });
           }
-          if (config.visor_path) {
-            if (!config.visor_path.startsWith("/")) {
-              errors.push({
-                field: `sandboxes.${name}.visor_path`,
-                message: `visor_path '${config.visor_path}' in sandbox '${name}' must be an absolute path (start with /)`
-              });
-            }
-            if (/\.\./.test(config.visor_path)) {
-              errors.push({
-                field: `sandboxes.${name}.visor_path`,
-                message: `visor_path '${config.visor_path}' in sandbox '${name}' must not contain '..' path traversal`
-              });
-            }
-          }
           if (config.cache?.paths) {
             for (const p of config.cache.paths) {
               if (!p.startsWith("/")) {
@@ -4304,11 +4319,25 @@ ${errors}`);
             }
           }
         }
-        if (config.workdir) {
+        if (config.visor_path) {
+          if (!config.visor_path.startsWith("/")) {
+            errors.push({
+              field: `sandboxes.${name}.visor_path`,
+              message: `visor_path '${config.visor_path}' in sandbox '${name}' must be an absolute path (start with /)`
+            });
+          }
+          if (/\.\./.test(config.visor_path)) {
+            errors.push({
+              field: `sandboxes.${name}.visor_path`,
+              message: `visor_path '${config.visor_path}' in sandbox '${name}' must not contain '..' path traversal`
+            });
+          }
+        }
+        if (config.workdir && config.workdir !== "host") {
           if (!config.workdir.startsWith("/")) {
             errors.push({
               field: `sandboxes.${name}.workdir`,
-              message: `Workdir '${config.workdir}' in sandbox '${name}' must be an absolute path (start with /)`
+              message: `Workdir '${config.workdir}' in sandbox '${name}' must be an absolute path (start with /) or the literal "host"`
             });
           }
           if (/\.\./.test(config.workdir)) {
@@ -4318,6 +4347,37 @@ ${errors}`);
             });
           }
         }
+        if (config.bind_paths) {
+          for (let i = 0; i < config.bind_paths.length; i++) {
+            const bp = config.bind_paths[i];
+            if (!bp.host) {
+              errors.push({
+                field: `sandboxes.${name}.bind_paths[${i}].host`,
+                message: `bind_paths[${i}] in sandbox '${name}' is missing required 'host' field`
+              });
+            }
+            if (bp.host && /\.\./.test(bp.host)) {
+              errors.push({
+                field: `sandboxes.${name}.bind_paths[${i}].host`,
+                message: `bind_paths[${i}].host '${bp.host}' in sandbox '${name}' must not contain '..' path traversal`
+              });
+            }
+            if (bp.container) {
+              if (!bp.container.startsWith("/")) {
+                errors.push({
+                  field: `sandboxes.${name}.bind_paths[${i}].container`,
+                  message: `bind_paths[${i}].container '${bp.container}' in sandbox '${name}' must be an absolute path (start with /)`
+                });
+              }
+              if (/\.\./.test(bp.container)) {
+                errors.push({
+                  field: `sandboxes.${name}.bind_paths[${i}].container`,
+                  message: `bind_paths[${i}].container '${bp.container}' in sandbox '${name}' must not contain '..' path traversal`
+                });
+              }
+            }
+          }
+        }
       }
       /**
        * Validate individual check configuration
@@ -5058,4 +5118,4 @@ export {
   config_exports,
   init_config
 };
-//# sourceMappingURL=chunk-FYK2DJK6.mjs.map
+//# sourceMappingURL=chunk-CPYQDJ27.mjs.map