@secure-exec/browser 0.0.0-agentos-dylib-base.edaa4a4

package/dist/converged-fs-bridge.d.ts

@@ -0,0 +1,42 @@
+import type { LiveGuestFilesystemStat, LiveRequestPayload, LiveResponsePayload } from "@secure-exec/core";
+import type { VirtualDirEntry, VirtualStat } from "./runtime.js";
+import { SYNC_BRIDGE_KIND_BINARY, SYNC_BRIDGE_KIND_JSON, SYNC_BRIDGE_KIND_NONE, SYNC_BRIDGE_KIND_TEXT } from "./sync-bridge.js";
+/** The wire `guest_filesystem_call` request payload. */
+export type GuestFilesystemRequestPayload = Extract<LiveRequestPayload, {
+    type: "guest_filesystem_call";
+}>;
+/** The wire `guest_filesystem_result` fields the response mapper consumes. */
+export type GuestFilesystemResult = Extract<LiveResponsePayload, {
+    type: "guest_filesystem_result";
+}>;
+/** The shape `runtime-driver` writes back to the sync-bridge SAB. */
+export type ConvergedSyncResponse = {
+    kind: typeof SYNC_BRIDGE_KIND_NONE;
+} | {
+    kind: typeof SYNC_BRIDGE_KIND_TEXT;
+    value: string;
+} | {
+    kind: typeof SYNC_BRIDGE_KIND_BINARY;
+    value: Uint8Array;
+} | {
+    kind: typeof SYNC_BRIDGE_KIND_JSON;
+    value: unknown;
+};
+export declare function isSingleCallFilesystemOperation(operation: string): boolean;
+/**
+ * Translate a sync-bridge `fs.*` operation + args into the wire
+ * `guest_filesystem_call` request payload. Throws for operations that are not a
+ * single-call mapping (e.g. `fs.readDir`, which the handler expands with
+ * per-entry `lstat` to recover Dirent types the wire does not carry).
+ */
+export declare function convergedFilesystemRequestPayload(operation: string, args: readonly unknown[]): GuestFilesystemRequestPayload;
+/**
+ * Translate a wire `guest_filesystem_result` back into the sync-bridge response
+ * the guest expects for `operation`. `fs.readDir` is intentionally NOT handled
+ * here (it requires multiple wire calls); the handler maps it separately.
+ */
+export declare function convergedFilesystemSyncResponse(operation: string, result: GuestFilesystemResult): ConvergedSyncResponse;
+/** Map a wire snake_case stat into the guest-facing camelCase `VirtualStat`. */
+export declare function wireStatToVirtualStat(stat: LiveGuestFilesystemStat): VirtualStat;
+/** Build a `VirtualDirEntry` from a directory child name and its lstat. */
+export declare function wireStatToDirEntry(name: string, stat: LiveGuestFilesystemStat): VirtualDirEntry;

package/dist/converged-fs-bridge.js

@@ -0,0 +1,245 @@
+// Converged filesystem bridge translation layer.
+//
+// The legacy browser executor serviced guest `fs.*` sync-bridge operations
+// against an in-process TypeScript kernel (`runtime-driver.ts`'s
+// `handleSyncBridgeOperation`). The converged executor instead routes every
+// guest filesystem syscall to the wasm sidecar (`crates/sidecar-browser`) over
+// the wire protocol, so the kernel is the single enforcement point on both
+// native and browser.
+//
+// This module is the pure, backend-agnostic translation between a sync-bridge
+// `fs.*` operation (the guest-facing shape in `worker.ts`) and the wire
+// `guest_filesystem_call` request / `guest_filesystem_result` response. It is
+// unit-tested in Node without a wasm sidecar or a worker; the handler that owns
+// a `BrowserSidecarWasm` instance (and the multi-call `readDir`-with-types
+// expansion) builds on top of it.
+import { decodeBase64, encodeBase64 } from "./converged-base64.js";
+import { SYNC_BRIDGE_KIND_BINARY, SYNC_BRIDGE_KIND_JSON, SYNC_BRIDGE_KIND_NONE, SYNC_BRIDGE_KIND_TEXT, } from "./sync-bridge.js";
+/** Operations serviced by a single wire `guest_filesystem_call` round-trip. */
+const SINGLE_CALL_FS_OPERATIONS = new Set([
+    "fs.readFile",
+    "fs.writeFile",
+    "fs.readFileBinary",
+    "fs.writeFileBinary",
+    "fs.createDir",
+    "fs.mkdir",
+    "fs.rmdir",
+    "fs.exists",
+    "fs.stat",
+    "fs.lstat",
+    "fs.unlink",
+    "fs.rename",
+    "fs.realpath",
+    "fs.readlink",
+    "fs.symlink",
+    "fs.link",
+    "fs.chmod",
+    "fs.truncate",
+]);
+export function isSingleCallFilesystemOperation(operation) {
+    return SINGLE_CALL_FS_OPERATIONS.has(operation);
+}
+/**
+ * Translate a sync-bridge `fs.*` operation + args into the wire
+ * `guest_filesystem_call` request payload. Throws for operations that are not a
+ * single-call mapping (e.g. `fs.readDir`, which the handler expands with
+ * per-entry `lstat` to recover Dirent types the wire does not carry).
+ */
+export function convergedFilesystemRequestPayload(operation, args) {
+    const path = String(args[0]);
+    switch (operation) {
+        case "fs.readFile":
+        case "fs.readFileBinary":
+            return { type: "guest_filesystem_call", operation: "read_file", path };
+        case "fs.writeFile":
+            return {
+                type: "guest_filesystem_call",
+                operation: "write_file",
+                path,
+                content: String(args[1] ?? ""),
+                encoding: "utf8",
+            };
+        case "fs.writeFileBinary":
+            return {
+                type: "guest_filesystem_call",
+                operation: "write_file",
+                path,
+                content: encodeBase64(toUint8Array(args[1])),
+                encoding: "base64",
+            };
+        case "fs.createDir":
+            return { type: "guest_filesystem_call", operation: "create_dir", path };
+        case "fs.mkdir":
+            return {
+                type: "guest_filesystem_call",
+                operation: "mkdir",
+                path,
+                recursive: true,
+            };
+        case "fs.rmdir":
+            return { type: "guest_filesystem_call", operation: "remove_dir", path };
+        case "fs.exists":
+            return { type: "guest_filesystem_call", operation: "exists", path };
+        case "fs.stat":
+            return { type: "guest_filesystem_call", operation: "stat", path };
+        case "fs.lstat":
+            return { type: "guest_filesystem_call", operation: "lstat", path };
+        case "fs.unlink":
+            return { type: "guest_filesystem_call", operation: "remove_file", path };
+        case "fs.rename":
+            return {
+                type: "guest_filesystem_call",
+                operation: "rename",
+                path,
+                destination_path: String(args[1]),
+            };
+        case "fs.realpath":
+            return { type: "guest_filesystem_call", operation: "realpath", path };
+        case "fs.readlink":
+            return { type: "guest_filesystem_call", operation: "read_link", path };
+        case "fs.symlink":
+            // Legacy arg order is (target, linkPath); the wire `path` is the link.
+            return {
+                type: "guest_filesystem_call",
+                operation: "symlink",
+                path: String(args[1]),
+                target: String(args[0]),
+            };
+        case "fs.link":
+            return {
+                type: "guest_filesystem_call",
+                operation: "link",
+                path,
+                destination_path: String(args[1]),
+            };
+        case "fs.chmod":
+            return {
+                type: "guest_filesystem_call",
+                operation: "chmod",
+                path,
+                mode: Number(args[1]),
+            };
+        case "fs.truncate":
+            return {
+                type: "guest_filesystem_call",
+                operation: "truncate",
+                path,
+                len: Number(args[1]),
+            };
+        default:
+            throw new Error(`converged filesystem bridge has no single-call mapping for ${operation}`);
+    }
+}
+/**
+ * Translate a wire `guest_filesystem_result` back into the sync-bridge response
+ * the guest expects for `operation`. `fs.readDir` is intentionally NOT handled
+ * here (it requires multiple wire calls); the handler maps it separately.
+ */
+export function convergedFilesystemSyncResponse(operation, result) {
+    switch (operation) {
+        case "fs.readFile":
+            return {
+                kind: SYNC_BRIDGE_KIND_TEXT,
+                value: decodeTextContent(result),
+            };
+        case "fs.readFileBinary":
+            return {
+                kind: SYNC_BRIDGE_KIND_BINARY,
+                value: decodeBinaryContent(result),
+            };
+        case "fs.realpath":
+        case "fs.readlink":
+            return {
+                kind: SYNC_BRIDGE_KIND_TEXT,
+                value: result.target ?? "",
+            };
+        case "fs.exists":
+            return {
+                kind: SYNC_BRIDGE_KIND_JSON,
+                value: result.exists ?? false,
+            };
+        case "fs.stat":
+        case "fs.lstat":
+            return {
+                kind: SYNC_BRIDGE_KIND_JSON,
+                value: wireStatToVirtualStat(requireStat(result)),
+            };
+        case "fs.writeFile":
+        case "fs.writeFileBinary":
+        case "fs.createDir":
+        case "fs.mkdir":
+        case "fs.rmdir":
+        case "fs.unlink":
+        case "fs.rename":
+        case "fs.symlink":
+        case "fs.link":
+        case "fs.chmod":
+        case "fs.truncate":
+            return { kind: SYNC_BRIDGE_KIND_NONE };
+        default:
+            throw new Error(`converged filesystem bridge has no response mapping for ${operation}`);
+    }
+}
+/** Map a wire snake_case stat into the guest-facing camelCase `VirtualStat`. */
+export function wireStatToVirtualStat(stat) {
+    return {
+        mode: stat.mode,
+        size: stat.size,
+        blocks: stat.blocks,
+        dev: stat.dev,
+        rdev: stat.rdev,
+        isDirectory: stat.is_directory,
+        isSymbolicLink: stat.is_symbolic_link,
+        atimeMs: stat.atime_ms,
+        mtimeMs: stat.mtime_ms,
+        ctimeMs: stat.ctime_ms,
+        birthtimeMs: stat.birthtime_ms,
+        ino: stat.ino,
+        nlink: stat.nlink,
+        uid: stat.uid,
+        gid: stat.gid,
+    };
+}
+/** Build a `VirtualDirEntry` from a directory child name and its lstat. */
+export function wireStatToDirEntry(name, stat) {
+    return {
+        name,
+        isDirectory: stat.is_directory,
+        isSymbolicLink: stat.is_symbolic_link,
+    };
+}
+function requireStat(result) {
+    if (!result.stat) {
+        throw new Error(`guest_filesystem_result for ${result.operation} is missing stat`);
+    }
+    return result.stat;
+}
+function decodeTextContent(result) {
+    const content = result.content ?? "";
+    if (result.encoding === "base64") {
+        return new TextDecoder().decode(decodeBase64(content));
+    }
+    return content;
+}
+function decodeBinaryContent(result) {
+    const content = result.content ?? "";
+    if (result.encoding === "base64") {
+        return decodeBase64(content);
+    }
+    return new TextEncoder().encode(content);
+}
+function toUint8Array(value) {
+    if (value instanceof Uint8Array) {
+        return value;
+    }
+    if (value instanceof ArrayBuffer) {
+        return new Uint8Array(value);
+    }
+    if (ArrayBuffer.isView(value)) {
+        return new Uint8Array(value.buffer, value.byteOffset, value.byteLength);
+    }
+    if (Array.isArray(value)) {
+        return Uint8Array.from(value);
+    }
+    throw new Error("converged filesystem bridge expected binary content");
+}

package/dist/converged-module-servicer.d.ts

@@ -0,0 +1,8 @@
+import type { ConvergedSyncResponse } from "./converged-fs-bridge.js";
+import type { VirtualFileSystem } from "./runtime.js";
+export declare class ConvergedModuleServicer {
+    private readonly filesystem;
+    constructor(filesystem: VirtualFileSystem);
+    handles(operation: string): boolean;
+    handle(operation: string, args: readonly unknown[]): Promise<ConvergedSyncResponse>;
+}

package/dist/converged-module-servicer.js

@@ -0,0 +1,79 @@
+// Converged module-resolution servicer.
+//
+// Reuses the shared naive-Node resolver (`resolveModule`/`loadFile`/
+// `moduleFormat` from runtime.ts) unchanged, backed by a kernel-backed
+// filesystem so resolution reads the kernel's exact view (mounts, symlinks,
+// exports/conditions) on the converged path — satisfying convergence item K
+// (one module resolver) without forking it. Async because the resolver walks
+// the filesystem; the router awaits it.
+import { loadFile, moduleFormat, resolveModule } from "./runtime.js";
+import { SYNC_BRIDGE_KIND_JSON, SYNC_BRIDGE_KIND_NONE, SYNC_BRIDGE_KIND_TEXT, } from "./sync-bridge.js";
+const MODULE_OPERATIONS = new Set([
+    "module.resolve",
+    "module.loadFile",
+    "module.format",
+    "module.batchResolve",
+]);
+export class ConvergedModuleServicer {
+    filesystem;
+    constructor(filesystem) {
+        this.filesystem = filesystem;
+    }
+    handles(operation) {
+        return MODULE_OPERATIONS.has(operation);
+    }
+    async handle(operation, args) {
+        switch (operation) {
+            case "module.resolve": {
+                const mode = args[2] === "import" || args[2] === "require" ? args[2] : "require";
+                const resolved = await resolveModule(String(args[0]), String(args[1]), this.filesystem, mode);
+                return resolved === null
+                    ? { kind: SYNC_BRIDGE_KIND_NONE }
+                    : { kind: SYNC_BRIDGE_KIND_TEXT, value: resolved };
+            }
+            case "module.loadFile": {
+                const source = await loadFile(String(args[0]), this.filesystem);
+                return source === null
+                    ? { kind: SYNC_BRIDGE_KIND_NONE }
+                    : { kind: SYNC_BRIDGE_KIND_TEXT, value: source };
+            }
+            case "module.format": {
+                const format = await moduleFormat(String(args[0]), this.filesystem);
+                return format === null
+                    ? { kind: SYNC_BRIDGE_KIND_NONE }
+                    : { kind: SYNC_BRIDGE_KIND_TEXT, value: format };
+            }
+            case "module.batchResolve": {
+                const requests = parseModuleBatchRequests(args[0]);
+                const results = [];
+                for (const [specifier, referrer] of requests) {
+                    const resolved = await resolveModule(specifier, referrer, this.filesystem, "import");
+                    if (resolved === null) {
+                        results.push(null);
+                        continue;
+                    }
+                    const source = await loadFile(resolved, this.filesystem);
+                    results.push(source === null ? null : { resolved, source });
+                }
+                return { kind: SYNC_BRIDGE_KIND_JSON, value: results };
+            }
+            default:
+                throw new Error(`converged module servicer does not handle ${operation}`);
+        }
+    }
+}
+function parseModuleBatchRequests(value) {
+    const parsed = typeof value === "string" ? JSON.parse(value) : value;
+    if (!Array.isArray(parsed)) {
+        throw new Error("module.batchResolve requests must be an array");
+    }
+    return parsed.map((entry) => {
+        if (!Array.isArray(entry) ||
+            entry.length < 2 ||
+            typeof entry[0] !== "string" ||
+            typeof entry[1] !== "string") {
+            throw new Error("module.batchResolve requests must be [specifier, referrer] pairs");
+        }
+        return [entry[0], entry[1]];
+    });
+}

package/dist/converged-net-bridge.d.ts

@@ -0,0 +1,28 @@
+import type { LiveRequestPayload, LiveResponsePayload } from "@secure-exec/core";
+import { SYNC_BRIDGE_KIND_JSON } from "./sync-bridge.js";
+export type GuestKernelCallRequestPayload = Extract<LiveRequestPayload, {
+    type: "guest_kernel_call";
+}>;
+export type GuestKernelResult = Extract<LiveResponsePayload, {
+    type: "guest_kernel_result";
+}>;
+/** Guest network/DNS sync-bridge operations serviced by the wasm sidecar. */
+export declare const CONVERGED_NET_BRIDGE_OPERATIONS: readonly ["net.connect", "net.listen", "net.accept", "net.read", "net.write", "net.poll", "net.shutdown", "net.close", "net.udp_bind", "net.send_to", "net.recv_from", "dns.lookup"];
+export declare function isConvergedNetBridgeOperation(operation: string): boolean;
+/**
+ * Translate a guest `net.*` / `dns.*` sync-bridge call into a
+ * `guest_kernel_call` request payload. `args[0]` is the structured request
+ * object (the guest net module passes a typed options object); binary `data`
+ * fields are base64-encoded into the JSON the kernel dispatcher expects.
+ */
+export declare function convergedNetRequestPayload(operation: string, args: readonly unknown[], executionId: string): GuestKernelCallRequestPayload;
+/**
+ * Decode a `guest_kernel_result` into the sync-bridge response the guest net
+ * module consumes. The kernel dispatcher already returns JSON; binary read
+ * payloads stay base64 strings (the guest module decodes them), so this is a
+ * JSON passthrough.
+ */
+export declare function convergedNetSyncResponse(result: GuestKernelResult): {
+    kind: typeof SYNC_BRIDGE_KIND_JSON;
+    value: unknown;
+};

package/dist/converged-net-bridge.js

@@ -0,0 +1,155 @@
+// Converged networking bridge translation layer.
+//
+// Unlike `fs.*`, legacy guest networking never went through the SAB sync-bridge
+// (it used an async network adapter), so there is no legacy op to mirror. The
+// converged executor introduces synchronous guest `net.*` / `dns.*` sync-bridge
+// operations that route to the wasm sidecar's generic guest-kernel-call wire
+// payload (`guest_kernel_call` -> `secure_exec_sidecar_core::guest_net`), which
+// drives the kernel socket table (the single network-policy enforcement point,
+// S1) over loopback.
+//
+// This module is the pure translation between a guest net/dns sync-bridge call
+// and the `guest_kernel_call` request / `guest_kernel_result` response. The
+// wire `operation` string is identical to the sync-bridge op string, and the
+// `payload` is the JSON request body the Rust dispatcher decodes. Binary socket
+// payloads are base64-encoded (the wire `payload` is opaque JSON). Unit-tested
+// in Node without a wasm sidecar.
+import { encodeBase64 } from "./converged-base64.js";
+import { SYNC_BRIDGE_KIND_JSON } from "./sync-bridge.js";
+/** Guest network/DNS sync-bridge operations serviced by the wasm sidecar. */
+export const CONVERGED_NET_BRIDGE_OPERATIONS = [
+    "net.connect",
+    "net.listen",
+    "net.accept",
+    "net.read",
+    "net.write",
+    "net.poll",
+    "net.shutdown",
+    "net.close",
+    "net.udp_bind",
+    "net.send_to",
+    "net.recv_from",
+    "dns.lookup",
+];
+const CONVERGED_NET_BRIDGE_OPERATION_SET = new Set(CONVERGED_NET_BRIDGE_OPERATIONS);
+export function isConvergedNetBridgeOperation(operation) {
+    return CONVERGED_NET_BRIDGE_OPERATION_SET.has(operation);
+}
+/**
+ * Translate a guest `net.*` / `dns.*` sync-bridge call into a
+ * `guest_kernel_call` request payload. `args[0]` is the structured request
+ * object (the guest net module passes a typed options object); binary `data`
+ * fields are base64-encoded into the JSON the kernel dispatcher expects.
+ */
+export function convergedNetRequestPayload(operation, args, executionId) {
+    if (!isConvergedNetBridgeOperation(operation)) {
+        throw new Error(`converged net bridge has no mapping for ${operation}`);
+    }
+    const options = (args[0] ?? {});
+    const request = buildKernelRequest(operation, options);
+    return {
+        type: "guest_kernel_call",
+        execution_id: executionId,
+        operation,
+        payload: encodeJsonBytes(request),
+    };
+}
+/**
+ * Decode a `guest_kernel_result` into the sync-bridge response the guest net
+ * module consumes. The kernel dispatcher already returns JSON; binary read
+ * payloads stay base64 strings (the guest module decodes them), so this is a
+ * JSON passthrough.
+ */
+export function convergedNetSyncResponse(result) {
+    return {
+        kind: SYNC_BRIDGE_KIND_JSON,
+        value: decodeJsonBytes(result.payload),
+    };
+}
+function buildKernelRequest(operation, options) {
+    switch (operation) {
+        case "net.connect":
+        case "net.listen":
+        case "net.udp_bind":
+            return stripUndefined({
+                host: options.host,
+                port: options.port,
+                backlog: options.backlog,
+            });
+        case "net.accept":
+        case "net.close":
+            return { socketId: requireSocketId(options) };
+        case "net.read":
+        case "net.recv_from":
+            return stripUndefined({
+                socketId: requireSocketId(options),
+                maxBytes: options.maxBytes,
+            });
+        case "net.write":
+            return {
+                socketId: requireSocketId(options),
+                data: encodeBase64(requireData(options)),
+            };
+        case "net.send_to":
+            return stripUndefined({
+                socketId: requireSocketId(options),
+                host: options.host,
+                port: options.port,
+                data: encodeBase64(requireData(options)),
+            });
+        case "net.poll":
+            return stripUndefined({
+                socketId: requireSocketId(options),
+                events: options.events,
+                timeoutMs: options.timeoutMs,
+            });
+        case "net.shutdown":
+            return {
+                socketId: requireSocketId(options),
+                how: options.how ?? "both",
+            };
+        case "dns.lookup":
+            return { hostname: String(options.hostname ?? "") };
+        default:
+            throw new Error(`converged net bridge has no mapping for ${operation}`);
+    }
+}
+function requireSocketId(options) {
+    const socketId = options.socketId;
+    if (typeof socketId !== "number") {
+        throw new Error("converged net bridge call requires numeric socketId");
+    }
+    return socketId;
+}
+function requireData(options) {
+    const data = options.data;
+    if (data instanceof Uint8Array) {
+        return data;
+    }
+    if (data instanceof ArrayBuffer) {
+        return new Uint8Array(data);
+    }
+    if (ArrayBuffer.isView(data)) {
+        return new Uint8Array(data.buffer, data.byteOffset, data.byteLength);
+    }
+    throw new Error("converged net bridge write/send requires binary data");
+}
+function stripUndefined(record) {
+    const result = {};
+    for (const [key, value] of Object.entries(record)) {
+        if (value !== undefined) {
+            result[key] = value;
+        }
+    }
+    return result;
+}
+function encodeJsonBytes(value) {
+    const bytes = new TextEncoder().encode(JSON.stringify(value));
+    return bytes.buffer.slice(bytes.byteOffset, bytes.byteOffset + bytes.byteLength);
+}
+function decodeJsonBytes(payload) {
+    if (payload.byteLength === 0) {
+        return null;
+    }
+    return JSON.parse(new TextDecoder().decode(new Uint8Array(payload)));
+}

package/dist/converged-permissions.d.ts

@@ -0,0 +1,9 @@
+import type { PermissionsPolicy } from "@secure-exec/core/vm-config";
+export interface ConvergedPermissionDenials {
+    denyFsRead?: boolean;
+    denyChildProcess?: boolean;
+    denyNetwork?: boolean;
+    denyNetworkPort?: number;
+}
+/** Build a kernel PermissionsPolicy from the harness's declarative denials. */
+export declare function convergedPermissionsPolicy(denials?: ConvergedPermissionDenials): PermissionsPolicy;

package/dist/converged-permissions.js

@@ -0,0 +1,46 @@
+// Declarative kernel permission policies for the converged conformance harness.
+//
+// The legacy browser harness expressed permission tests as TS callbacks on the
+// in-process kernel (e.g. deny fs reads, deny a network port). The converged
+// path enforces permissions in the wasm kernel via a declarative
+// `PermissionsPolicy` on `CreateVmConfig`, so those test intents are translated
+// here into rule sets the kernel evaluates. Operation names match the kernel's
+// (`crates/kernel/src/permissions.rs`).
+// Kernel fs read-family operation names (mirrors FilesystemOperation::as_str).
+const FS_READ_OPERATIONS = ["read", "readdir"];
+/** Build a kernel PermissionsPolicy from the harness's declarative denials. */
+export function convergedPermissionsPolicy(denials = {}) {
+    const policy = {
+        fs: "allow",
+        network: "allow",
+        childProcess: "allow",
+        process: "allow",
+        env: "allow",
+        tool: "allow",
+    };
+    if (denials.denyFsRead) {
+        policy.fs = {
+            default: "allow",
+            rules: [{ mode: "deny", operations: FS_READ_OPERATIONS, paths: ["**"] }],
+        };
+    }
+    if (denials.denyChildProcess) {
+        policy.childProcess = "deny";
+    }
+    if (denials.denyNetwork) {
+        policy.network = "deny";
+    }
+    if (denials.denyNetworkPort !== undefined) {
+        policy.network = {
+            default: "allow",
+            rules: [
+                {
+                    mode: "deny",
+                    operations: ["listen", "http", "fetch"],
+                    patterns: [`tcp://*:${denials.denyNetworkPort}`],
+                },
+            ],
+        };
+    }
+    return policy;
+}

package/dist/converged-sync-bridge-handler.d.ts

@@ -0,0 +1,47 @@
+import type { LiveOwnershipScope } from "@secure-exec/core/ownership";
+import { type ProtocolFramePayloadCodec } from "@secure-exec/core/protocol-frames";
+import type { LiveRequestPayload } from "@secure-exec/core/request-payloads";
+import type { LiveResponsePayload } from "@secure-exec/core/response-payloads";
+import { type ConvergedSyncResponse } from "./converged-fs-bridge.js";
+/** Synchronous wasm sidecar frame dispatcher (`BrowserSidecarWasm.pushFrame`). */
+export type ConvergedPushFrame = (frame: Uint8Array) => Uint8Array;
+/**
+ * Synchronous request transport seam between the handler and the wasm sidecar.
+ * Splitting this out keeps the handler's translation logic unit-testable without
+ * the directional wire codec (the host can only encode request frames, and the
+ * JSON codec does not round-trip binary `data` payloads).
+ */
+export interface ConvergedSidecarRequestTransport {
+    sendRequest(payload: LiveRequestPayload): LiveResponsePayload;
+}
+/**
+ * Production transport: encodes a request frame, calls the synchronous wasm
+ * `pushFrame`, and decodes the response frame.
+ */
+export declare class PushFrameSidecarTransport implements ConvergedSidecarRequestTransport {
+    private readonly frames;
+    private readonly pushFrame;
+    private readonly ownership;
+    private readonly codec;
+    constructor(options: {
+        pushFrame: ConvergedPushFrame;
+        ownership: LiveOwnershipScope;
+        codec?: ProtocolFramePayloadCodec;
+    });
+    sendRequest(payload: LiveRequestPayload): LiveResponsePayload;
+}
+export interface ConvergedSyncBridgeHandlerOptions {
+    transport: ConvergedSidecarRequestTransport;
+    executionId: string;
+}
+export declare class ConvergedSyncBridgeHandler {
+    private readonly transport;
+    private readonly executionId;
+    constructor(options: ConvergedSyncBridgeHandlerOptions);
+    /** True if this handler services `operation` against the wasm sidecar. */
+    handles(operation: string): boolean;
+    handle(operation: string, args: readonly unknown[]): ConvergedSyncResponse;
+    private readDir;
+    private callFilesystem;
+    private callKernel;
+}