npm - @sandagent/manager - Versions diffs - 0.9.9-beta.0 → 0.9.9-beta.2 - Mend

@sandagent/manager 0.9.9-beta.0 → 0.9.9-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/dist/coding-run.d.ts +8 -6
package/dist/coding-run.d.ts.map +1 -1
package/dist/coding-run.js +8 -6
package/dist/coding-run.js.map +1 -1
package/dist/index.d.ts +1 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js.map +1 -1
package/package.json +1 -1
package/dist/__tests__/runner-env-header.test.d.ts +0 -2
package/dist/__tests__/runner-env-header.test.d.ts.map +0 -1
package/dist/__tests__/runner-env-header.test.js +0 -27
package/dist/__tests__/runner-env-header.test.js.map +0 -1
package/dist/runner-env-header.d.ts +0 -31
package/dist/runner-env-header.d.ts.map +0 -1
package/dist/runner-env-header.js +0 -94
package/dist/runner-env-header.js.map +0 -1

package/dist/coding-run.d.ts CHANGED Viewed

@@ -14,14 +14,16 @@ export interface DaemonCodingRunExecParams {
 export declare function buildDefaultDaemonCodingRunExecCommand(params: DaemonCodingRunExecParams): string[];
 export declare function buildDefaultCodingRunExec(daemonBaseUrl: string, reqPath: string): string[];
 /**
- * Default daemon LLM proxy: write the JSON body into the sandbox, then stream
- * `curl -N POST …/api/coding/run` stdout. Requires `curl` in the sandbox image.
+ * Default daemon LLM proxy: write the JSON body into the sandbox under
+ * {@link SANDBOX_CODING_RUN_TMP_DIR}, then stream `curl -N POST …/api/coding/run`
+ * stdout, then `rm` the file. Requires `curl` in the sandbox image.
  *
- * Runner credentials and API keys belong in {@link SandAgentCodingRunBody.env} on
- * `body` (serialized into the POST JSON). {@link ExecOptions.env} is ignored here.
+ * A temp file is intentional: it can be removed from disk after the request.
+ * Embedding the body in the remote shell command (e.g. base64) often survives
+ * in platform command history and cannot be deleted like a file.
  *
- * The JSON file is written under {@link SANDBOX_CODING_RUN_TMP_DIR}, not the sandbox
- * workdir, and removed after the curl finishes.
+ * Runner credentials belong in {@link SandAgentCodingRunBody.env} on `body`.
+ * {@link ExecOptions.env} is not used for the POST JSON.
  */
 export declare function streamCodingRunFromSandbox(handle: SandboxHandle, daemonBaseUrl: string, body: SandAgentCodingRunBody, opts?: ExecOptions): AsyncIterable<Uint8Array>;
 //# sourceMappingURL=coding-run.d.ts.map

package/dist/coding-run.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"coding-run.d.ts","sourceRoot":"","sources":["../src/coding-run.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,WAAW,EACX,sBAAsB,EACtB,aAAa,EACd,MAAM,YAAY,CAAC;AAIpB,qEAAqE;AACrE,eAAO,MAAM,0BAA0B,SAAS,CAAC;AAEjD,MAAM,WAAW,yBAAyB;IACxC,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;CACjB;AAWD;;;;;GAKG;AACH,wBAAgB,sCAAsC,CACpD,MAAM,EAAE,yBAAyB,GAChC,MAAM,EAAE,CAcV;AAED,wBAAgB,yBAAyB,CACvC,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,GACd,MAAM,EAAE,CAKV;AAID~~;;;;;;;;;GASG~~;AACH,wBAAuB,0BAA0B,CAC/C,MAAM,EAAE,aAAa,EACrB,aAAa,EAAE,MAAM,EACrB,IAAI,EAAE,sBAAsB,EAC5B,IAAI,CAAC,EAAE,WAAW,GACjB,aAAa,CAAC,UAAU,CAAC,CAiC3B"}
1	+ {"version":3,"file":"coding-run.d.ts","sourceRoot":"","sources":["../src/coding-run.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,WAAW,EACX,sBAAsB,EACtB,aAAa,EACd,MAAM,YAAY,CAAC;AAIpB,qEAAqE;AACrE,eAAO,MAAM,0BAA0B,SAAS,CAAC;AAEjD,MAAM,WAAW,yBAAyB;IACxC,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;CACjB;AAWD;;;;;GAKG;AACH,wBAAgB,sCAAsC,CACpD,MAAM,EAAE,yBAAyB,GAChC,MAAM,EAAE,CAcV;AAED,wBAAgB,yBAAyB,CACvC,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,MAAM,GACd,MAAM,EAAE,CAKV;AAID;;;;;;;;;;;GAWG;AACH,wBAAuB,0BAA0B,CAC/C,MAAM,EAAE,aAAa,EACrB,aAAa,EAAE,MAAM,EACrB,IAAI,EAAE,sBAAsB,EAC5B,IAAI,CAAC,EAAE,WAAW,GACjB,aAAa,CAAC,UAAU,CAAC,CAiC3B"}

package/dist/coding-run.js CHANGED Viewed

@@ -37,14 +37,16 @@ export function buildDefaultCodingRunExec(daemonBaseUrl, reqPath) {
 }
 // daemon health probe removed (see note above)
 /**
- * Default daemon LLM proxy: write the JSON body into the sandbox, then stream
- * `curl -N POST …/api/coding/run` stdout. Requires `curl` in the sandbox image.
+ * Default daemon LLM proxy: write the JSON body into the sandbox under
+ * {@link SANDBOX_CODING_RUN_TMP_DIR}, then stream `curl -N POST …/api/coding/run`
+ * stdout, then `rm` the file. Requires `curl` in the sandbox image.
  *
- * Runner credentials and API keys belong in {@link SandAgentCodingRunBody.env} on
- * `body` (serialized into the POST JSON). {@link ExecOptions.env} is ignored here.
+ * A temp file is intentional: it can be removed from disk after the request.
+ * Embedding the body in the remote shell command (e.g. base64) often survives
+ * in platform command history and cannot be deleted like a file.
  *
- * The JSON file is written under {@link SANDBOX_CODING_RUN_TMP_DIR}, not the sandbox
- * workdir, and removed after the curl finishes.
+ * Runner credentials belong in {@link SandAgentCodingRunBody.env} on `body`.
+ * {@link ExecOptions.env} is not used for the POST JSON.
  */
 export async function* streamCodingRunFromSandbox(handle, daemonBaseUrl, body, opts) {
     const workdir = opts?.cwd ?? handle.getWorkdir();

package/dist/coding-run.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"coding-run.js","sourceRoot":"","sources":["../src/coding-run.ts"],"names":[],"mappings":"AAMA,qEAAqE;AAErE,qEAAqE;AACrE,MAAM,CAAC,MAAM,0BAA0B,GAAG,MAAM,CAAC;AAOjD,SAAS,eAAe,CAAC,OAAe,EAAE,IAAY;IACpD,MAAM,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACtC,OAAO,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;AAC7C,CAAC;AAED,SAAS,sBAAsB,CAAC,aAAqB;IACnD,OAAO,aAAa,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AAC1C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,sCAAsC,CACpD,MAAiC;IAEjC,OAAO;QACL,MAAM;QACN,QAAQ;QACR,KAAK;QACL,IAAI;QACJ,IAAI;QACJ,MAAM;QACN,MAAM,CAAC,GAAG;QACV,IAAI;QACJ,gCAAgC;QAChC,eAAe;QACf,IAAI,MAAM,CAAC,OAAO,EAAE;KACrB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,yBAAyB,CACvC,aAAqB,EACrB,OAAe;IAEf,OAAO,sCAAsC,CAAC;QAC5C,GAAG,EAAE,GAAG,sBAAsB,CAAC,aAAa,CAAC,iBAAiB;QAC9D,OAAO;KACR,CAAC,CAAC;AACL,CAAC;AAED,+CAA+C;AAE/C~~;;;;;;;;;GASG~~;AACH,MAAM,CAAC,KAAK,SAAS,CAAC,CAAC,0BAA0B,CAC/C,MAAqB,EACrB,aAAqB,EACrB,IAA4B,EAC5B,IAAkB;IAElB,MAAM,OAAO,GAAG,IAAI,EAAE,GAAG,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;IACjD,MAAM,MAAM,GAAG,0BAA0B,CAAC;IAE1C,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,IAAI,EAAE,CAAC;IAEpD,MAAM,OAAO,GAAG,yBAAyB,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC;IACtG,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAE/D,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC;IAEnE,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEjD,MAAM,QAAQ,GAAG,yBAAyB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;IAEnE,IAAI,CAAC;QACH,KAAK,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE;YAC3B,GAAG,EAAE,MAAM,IAAI,OAAO;YACtB,MAAM;YACN,OAAO;SACR,CAAC,CAAC;IACL,CAAC;YAAS,CAAC;QACT,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,CAAC,OAAO,CAAC,CAAC;YACxB,IAAI,KAAK,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC,EAAE;gBACxD,GAAG,EAAE,MAAM;aACZ,CAAC,EAAE,CAAC;gBACH,QAAQ;YACV,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,sBAAsB;QACxB,CAAC;IACH,CAAC;AACH,CAAC"}
1	+ {"version":3,"file":"coding-run.js","sourceRoot":"","sources":["../src/coding-run.ts"],"names":[],"mappings":"AAMA,qEAAqE;AAErE,qEAAqE;AACrE,MAAM,CAAC,MAAM,0BAA0B,GAAG,MAAM,CAAC;AAOjD,SAAS,eAAe,CAAC,OAAe,EAAE,IAAY;IACpD,MAAM,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACtC,OAAO,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;AAC7C,CAAC;AAED,SAAS,sBAAsB,CAAC,aAAqB;IACnD,OAAO,aAAa,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AAC1C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,sCAAsC,CACpD,MAAiC;IAEjC,OAAO;QACL,MAAM;QACN,QAAQ;QACR,KAAK;QACL,IAAI;QACJ,IAAI;QACJ,MAAM;QACN,MAAM,CAAC,GAAG;QACV,IAAI;QACJ,gCAAgC;QAChC,eAAe;QACf,IAAI,MAAM,CAAC,OAAO,EAAE;KACrB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,yBAAyB,CACvC,aAAqB,EACrB,OAAe;IAEf,OAAO,sCAAsC,CAAC;QAC5C,GAAG,EAAE,GAAG,sBAAsB,CAAC,aAAa,CAAC,iBAAiB;QAC9D,OAAO;KACR,CAAC,CAAC;AACL,CAAC;AAED,+CAA+C;AAE/C;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,SAAS,CAAC,CAAC,0BAA0B,CAC/C,MAAqB,EACrB,aAAqB,EACrB,IAA4B,EAC5B,IAAkB;IAElB,MAAM,OAAO,GAAG,IAAI,EAAE,GAAG,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;IACjD,MAAM,MAAM,GAAG,0BAA0B,CAAC;IAE1C,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,IAAI,EAAE,CAAC;IAEpD,MAAM,OAAO,GAAG,yBAAyB,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC;IACtG,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAE/D,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC;IAEnE,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEjD,MAAM,QAAQ,GAAG,yBAAyB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;IAEnE,IAAI,CAAC;QACH,KAAK,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE;YAC3B,GAAG,EAAE,MAAM,IAAI,OAAO;YACtB,MAAM;YACN,OAAO;SACR,CAAC,CAAC;IACL,CAAC;YAAS,CAAC;QACT,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,CAAC,OAAO,CAAC,CAAC;YACxB,IAAI,KAAK,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC,EAAE;gBACxD,GAAG,EAAE,MAAM;aACZ,CAAC,EAAE,CAAC;gBACH,QAAQ;YACV,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,sBAAsB;QACxB,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/index.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 export type { RunnerEnvParams, RunnerType } from "./env.js";
 export { buildRunnerEnv } from "./env.js";
-export { buildDefaultCodingRunExec, buildDefaultDaemonCodingRunExecCommand, SANDBOX_CODING_RUN_TMP_DIR, streamCodingRunFromSandbox, } from "./coding-run.js";
 export type { DaemonCodingRunExecParams } from "./coding-run.js";
+export { buildDefaultCodingRunExec, buildDefaultDaemonCodingRunExecCommand, SANDBOX_CODING_RUN_TMP_DIR, streamCodingRunFromSandbox, } from "./coding-run.js";
 export type { LocalSandboxOptions } from "./local-sandbox.js";
 export { LocalSandbox } from "./local-sandbox.js";
 export { SandAgent } from "./sand-agent.js";

package/dist/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,eAAe,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAE5D,OAAO,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAC1C,OAAO,EACL,yBAAyB,EACzB,sCAAsC,EACtC,0BAA0B,EAC1B,0BAA0B,GAC3B,MAAM,iBAAiB,CAAC;AACzB,YAAY,EAAE,~~yBAAyB,EAAE,MAAM,iBAAiB,CAAC;AACjE,YAAY,EAAE,~~mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAG9D,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EACL,uBAAuB,EACvB,qBAAqB,EACrB,sBAAsB,EACtB,qBAAqB,GACtB,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,WAAW,EACX,OAAO,EACP,UAAU,EACV,sBAAsB,EACtB,gBAAgB,EAChB,cAAc,EACd,aAAa,EACb,WAAW,EACX,eAAe,EACf,gBAAgB,EAChB,MAAM,GACP,MAAM,YAAY,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,eAAe,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAE5D,OAAO,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAC1C,YAAY,EAAE,yBAAyB,EAAE,MAAM,iBAAiB,CAAC;AACjE,OAAO,EACL,yBAAyB,EACzB,sCAAsC,EACtC,0BAA0B,EAC1B,0BAA0B,GAC3B,MAAM,iBAAiB,CAAC;AACzB,YAAY,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAG9D,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EACL,uBAAuB,EACvB,qBAAqB,EACrB,sBAAsB,EACtB,qBAAqB,GACtB,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,WAAW,EACX,OAAO,EACP,UAAU,EACV,sBAAsB,EACtB,gBAAgB,EAChB,cAAc,EACd,aAAa,EACb,WAAW,EACX,eAAe,EACf,gBAAgB,EAChB,MAAM,GACP,MAAM,YAAY,CAAC"}

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,cAAc;AACd,OAAO,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;~~AAC1C~~,OAAO,EACL,yBAAyB,EACzB,sCAAsC,EACtC,0BAA0B,EAC1B,0BAA0B,GAC3B,MAAM,iBAAiB,CAAC;~~AAIzB~~,qCAAqC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EACL,uBAAuB,EACvB,qBAAqB,EACrB,sBAAsB,EACtB,qBAAqB,GACtB,MAAM,iBAAiB,CAAC"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,cAAc;AACd,OAAO,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAE1C,OAAO,EACL,yBAAyB,EACzB,sCAAsC,EACtC,0BAA0B,EAC1B,0BAA0B,GAC3B,MAAM,iBAAiB,CAAC;AAGzB,qCAAqC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EACL,uBAAuB,EACvB,qBAAqB,EACrB,sBAAsB,EACtB,qBAAqB,GACtB,MAAM,iBAAiB,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@sandagent/manager",
-  "version": "0.9.9-beta.0",
+  "version": "0.9.9-beta.2",
   "description": "SandAgent Manager - Manages sandbox and runner lifecycle, defines core interfaces",
   "type": "module",
   "main": "./dist/index.js",

package/dist/__tests__/runner-env-header.test.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export {};
2	- //# sourceMappingURL=runner-env-header.test.d.ts.map

package/dist/__tests__/runner-env-header.test.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"runner-env-header.test.d.ts","sourceRoot":"","sources":["../../src/__tests__/runner-env-header.test.ts"],"names":[],"mappings":""}

package/dist/__tests__/runner-env-header.test.js DELETED Viewed

@@ -1,27 +0,0 @@
-import { describe, expect, it } from "vitest";
-import { decodeRunnerEnvFromHeader, encodeRunnerEnvForHeader, mergeDaemonEnvWithRunnerHeader, RUNNER_ENV_HEADER_NAME, } from "../runner-env-header.js";
-describe("runner-env-header", () => {
-    it("round-trips env", () => {
-        const env = { OPENAI_BASE_URL: "https://example.com", OPENAI_API_KEY: "sk-test" };
-        const encoded = encodeRunnerEnvForHeader(env);
-        expect(decodeRunnerEnvFromHeader(encoded)).toEqual(env);
-    });
-    it("drops invalid keys when encoding", () => {
-        const env = {
-            VALID_KEY: "a",
-            "bad-key": "b",
-            "": "c",
-        };
-        const decoded = decodeRunnerEnvFromHeader(encodeRunnerEnvForHeader(env));
-        expect(decoded).toEqual({ VALID_KEY: "a" });
-    });
-    it("mergeDaemonEnvWithRunnerHeader overlays Web Headers", () => {
-        const daemon = { PATH: "/usr/bin", HOME: "/x" };
-        const h = new Headers();
-        h.set(RUNNER_ENV_HEADER_NAME, encodeRunnerEnvForHeader({ OPENAI_BASE_URL: "https://proxy" }));
-        const merged = mergeDaemonEnvWithRunnerHeader(daemon, h);
-        expect(merged.PATH).toBe("/usr/bin");
-        expect(merged.OPENAI_BASE_URL).toBe("https://proxy");
-    });
-});
-//# sourceMappingURL=runner-env-header.test.js.map

package/dist/__tests__/runner-env-header.test.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"runner-env-header.test.js","sourceRoot":"","sources":["../../src/__tests__/runner-env-header.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EACL,yBAAyB,EACzB,wBAAwB,EACxB,8BAA8B,EAC9B,sBAAsB,GACvB,MAAM,yBAAyB,CAAC;AAEjC,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,EAAE,CAAC,iBAAiB,EAAE,GAAG,EAAE;QACzB,MAAM,GAAG,GAAG,EAAE,eAAe,EAAE,qBAAqB,EAAE,cAAc,EAAE,SAAS,EAAE,CAAC;QAClF,MAAM,OAAO,GAAG,wBAAwB,CAAC,GAAG,CAAC,CAAC;QAC9C,MAAM,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,GAAG,GAAG;YACV,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,GAAG;YACd,EAAE,EAAE,GAAG;SACkB,CAAC;QAC5B,MAAM,OAAO,GAAG,yBAAyB,CAAC,wBAAwB,CAAC,GAAG,CAAC,CAAC,CAAC;QACzE,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;QAC7D,MAAM,MAAM,GAAG,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QAChD,MAAM,CAAC,GAAG,IAAI,OAAO,EAAE,CAAC;QACxB,CAAC,CAAC,GAAG,CACH,sBAAsB,EACtB,wBAAwB,CAAC,EAAE,eAAe,EAAE,eAAe,EAAE,CAAC,CAC/D,CAAC;QACF,MAAM,MAAM,GAAG,8BAA8B,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QACzD,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/runner-env-header.d.ts DELETED Viewed

@@ -1,31 +0,0 @@
-/**
- * Legacy helpers for `x-sandagent-runner-env` (base64url JSON).
- *
- * **Not used for coding-run secrets:** base64 is encoding, not encryption — anyone
- * who sees the HTTP header can decode API keys. The supported path is
- * Request `env` on `POST /api/coding/run` is merged by `@sandagent/daemon`
- * (`mergeCodingRunProcessEnv` in `coding-run-env.ts`).
- *
- * These exports remain for tests and any custom tooling that accepts the tradeoff.
- */
-import type * as http from "node:http";
-/** HTTP header carrying base64url-encoded JSON env (string values only). */
-export declare const RUNNER_ENV_HEADER_NAME = "x-sandagent-runner-env";
-/**
- * Normalize a parsed JSON value into runner env (string values, valid keys only).
- */
-export declare function sanitizeRunnerEnvJson(parsed: unknown): Record<string, string> | undefined;
-/**
- * Encode runner env for the {@link RUNNER_ENV_HEADER_NAME} header value.
- */
-export declare function encodeRunnerEnvForHeader(env: Record<string, string>): string;
-/**
- * Decode header value(s) into a runner env object, or undefined if missing/invalid.
- */
-export declare function decodeRunnerEnvFromHeader(value: string | string[] | undefined | null): Record<string, string> | undefined;
-/**
- * Merge daemon `process.env` with optional per-request runner env from headers.
- * Supports Node `IncomingHttpHeaders` or Web `Headers`.
- */
-export declare function mergeDaemonEnvWithRunnerHeader(daemonEnv: Record<string, string>, headers: http.IncomingHttpHeaders | Headers): Record<string, string>;
-//# sourceMappingURL=runner-env-header.d.ts.map

package/dist/runner-env-header.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"runner-env-header.d.ts","sourceRoot":"","sources":["../src/runner-env-header.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,KAAK,IAAI,MAAM,WAAW,CAAC;AAEvC,4EAA4E;AAC5E,eAAO,MAAM,sBAAsB,2BAA2B,CAAC;AAQ/D;;GAEG;AACH,wBAAgB,qBAAqB,CACnC,MAAM,EAAE,OAAO,GACd,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,SAAS,CAUpC;AAUD;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,MAAM,CAc5E;AAED;;GAEG;AACH,wBAAgB,yBAAyB,CACvC,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,GAAG,IAAI,GAC1C,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,SAAS,CAUpC;AAED;;;GAGG;AACH,wBAAgB,8BAA8B,CAC5C,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EACjC,OAAO,EAAE,IAAI,CAAC,mBAAmB,GAAG,OAAO,GAC1C,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAYxB"}

package/dist/runner-env-header.js DELETED Viewed

@@ -1,94 +0,0 @@
-/**
- * Legacy helpers for `x-sandagent-runner-env` (base64url JSON).
- *
- * **Not used for coding-run secrets:** base64 is encoding, not encryption — anyone
- * who sees the HTTP header can decode API keys. The supported path is
- * Request `env` on `POST /api/coding/run` is merged by `@sandagent/daemon`
- * (`mergeCodingRunProcessEnv` in `coding-run-env.ts`).
- *
- * These exports remain for tests and any custom tooling that accepts the tradeoff.
- */
-/** HTTP header carrying base64url-encoded JSON env (string values only). */
-export const RUNNER_ENV_HEADER_NAME = "x-sandagent-runner-env";
-const MAX_HEADER_PAYLOAD_BYTES = 24_576;
-function isValidEnvKey(key) {
-    return /^[A-Za-z_][A-Za-z0-9_]*$/.test(key);
-}
-/**
- * Normalize a parsed JSON value into runner env (string values, valid keys only).
- */
-export function sanitizeRunnerEnvJson(parsed) {
-    if (parsed === null || typeof parsed !== "object" || Array.isArray(parsed)) {
-        return undefined;
-    }
-    const out = {};
-    for (const [k, v] of Object.entries(parsed)) {
-        if (!isValidEnvKey(k))
-            continue;
-        if (typeof v === "string")
-            out[k] = v;
-    }
-    return Object.keys(out).length > 0 ? out : undefined;
-}
-function parseRunnerEnvJsonText(json) {
-    try {
-        return sanitizeRunnerEnvJson(JSON.parse(json));
-    }
-    catch {
-        return undefined;
-    }
-}
-/**
- * Encode runner env for the {@link RUNNER_ENV_HEADER_NAME} header value.
- */
-export function encodeRunnerEnvForHeader(env) {
-    const sanitized = {};
-    for (const [k, v] of Object.entries(env)) {
-        if (!isValidEnvKey(k))
-            continue;
-        sanitized[k] = v;
-    }
-    const json = JSON.stringify(sanitized);
-    const encoded = Buffer.from(json, "utf8").toString("base64url");
-    if (encoded.length > MAX_HEADER_PAYLOAD_BYTES) {
-        throw new Error(`Runner env header exceeds ${MAX_HEADER_PAYLOAD_BYTES} bytes after encoding; reduce keys or use fewer credentials.`);
-    }
-    return encoded;
-}
-/**
- * Decode header value(s) into a runner env object, or undefined if missing/invalid.
- */
-export function decodeRunnerEnvFromHeader(value) {
-    if (value == null)
-        return undefined;
-    const raw = Array.isArray(value) ? value[0] : value;
-    if (typeof raw !== "string" || raw.trim() === "")
-        return undefined;
-    try {
-        const json = Buffer.from(raw, "base64url").toString("utf8");
-        return parseRunnerEnvJsonText(json);
-    }
-    catch {
-        return undefined;
-    }
-}
-/**
- * Merge daemon `process.env` with optional per-request runner env from headers.
- * Supports Node `IncomingHttpHeaders` or Web `Headers`.
- */
-export function mergeDaemonEnvWithRunnerHeader(daemonEnv, headers) {
-    let raw;
-    if (typeof headers.get === "function") {
-        raw = headers.get(RUNNER_ENV_HEADER_NAME) ?? undefined;
-    }
-    else {
-        const h = headers;
-        const lower = RUNNER_ENV_HEADER_NAME.toLowerCase();
-        raw = h[lower] ?? h[RUNNER_ENV_HEADER_NAME];
-    }
-    const parsed = decodeRunnerEnvFromHeader(raw);
-    if (!parsed)
-        return { ...daemonEnv };
-    return { ...daemonEnv, ...parsed };
-}
-//# sourceMappingURL=runner-env-header.js.map

package/dist/runner-env-header.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"runner-env-header.js","sourceRoot":"","sources":["../src/runner-env-header.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAIH,4EAA4E;AAC5E,MAAM,CAAC,MAAM,sBAAsB,GAAG,wBAAwB,CAAC;AAE/D,MAAM,wBAAwB,GAAG,MAAM,CAAC;AAExC,SAAS,aAAa,CAAC,GAAW;IAChC,OAAO,0BAA0B,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CACnC,MAAe;IAEf,IAAI,MAAM,KAAK,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3E,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,MAAM,GAAG,GAA2B,EAAE,CAAC;IACvC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAiC,CAAC,EAAE,CAAC;QACvE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;YAAE,SAAS;QAChC,IAAI,OAAO,CAAC,KAAK,QAAQ;YAAE,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACxC,CAAC;IACD,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;AACvD,CAAC;AAED,SAAS,sBAAsB,CAAC,IAAY;IAC1C,IAAI,CAAC;QACH,OAAO,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;IACjD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,wBAAwB,CAAC,GAA2B;IAClE,MAAM,SAAS,GAA2B,EAAE,CAAC;IAC7C,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACzC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;YAAE,SAAS;QAChC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACnB,CAAC;IACD,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IACvC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAChE,IAAI,OAAO,CAAC,MAAM,GAAG,wBAAwB,EAAE,CAAC;QAC9C,MAAM,IAAI,KAAK,CACb,6BAA6B,wBAAwB,8DAA8D,CACpH,CAAC;IACJ,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,yBAAyB,CACvC,KAA2C;IAE3C,IAAI,KAAK,IAAI,IAAI;QAAE,OAAO,SAAS,CAAC;IACpC,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IACpD,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE;QAAE,OAAO,SAAS,CAAC;IACnE,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC5D,OAAO,sBAAsB,CAAC,IAAI,CAAC,CAAC;IACtC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,8BAA8B,CAC5C,SAAiC,EACjC,OAA2C;IAE3C,IAAI,GAAkC,CAAC;IACvC,IAAI,OAAQ,OAAmB,CAAC,GAAG,KAAK,UAAU,EAAE,CAAC;QACnD,GAAG,GAAI,OAAmB,CAAC,GAAG,CAAC,sBAAsB,CAAC,IAAI,SAAS,CAAC;IACtE,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,GAAG,OAAmC,CAAC;QAC9C,MAAM,KAAK,GAAG,sBAAsB,CAAC,WAAW,EAAE,CAAC;QACnD,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,sBAAsB,CAAC,CAAC;IAC9C,CAAC;IACD,MAAM,MAAM,GAAG,yBAAyB,CAAC,GAAG,CAAC,CAAC;IAC9C,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,GAAG,SAAS,EAAE,CAAC;IACrC,OAAO,EAAE,GAAG,SAAS,EAAE,GAAG,MAAM,EAAE,CAAC;AACrC,CAAC"}