@sysid/sandbox-runtime-improved 0.0.56-sysid.1 → 0.0.61-sysid.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +43 -2
- package/dist/index.d.ts +3 -3
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/sandbox/credential-mask-files.d.ts +72 -0
- package/dist/sandbox/credential-mask-files.d.ts.map +1 -0
- package/dist/sandbox/credential-mask-files.js +146 -0
- package/dist/sandbox/credential-mask-files.js.map +1 -0
- package/dist/sandbox/credential-sentinel.d.ts +72 -0
- package/dist/sandbox/credential-sentinel.d.ts.map +1 -0
- package/dist/sandbox/credential-sentinel.js +130 -0
- package/dist/sandbox/credential-sentinel.js.map +1 -0
- package/dist/sandbox/domain-pattern.d.ts +36 -0
- package/dist/sandbox/domain-pattern.d.ts.map +1 -0
- package/dist/sandbox/domain-pattern.js +60 -0
- package/dist/sandbox/domain-pattern.js.map +1 -0
- package/dist/sandbox/http-proxy.d.ts +32 -1
- package/dist/sandbox/http-proxy.d.ts.map +1 -1
- package/dist/sandbox/http-proxy.js +10 -2
- package/dist/sandbox/http-proxy.js.map +1 -1
- package/dist/sandbox/linux-sandbox-utils.d.ts +15 -0
- package/dist/sandbox/linux-sandbox-utils.d.ts.map +1 -1
- package/dist/sandbox/linux-sandbox-utils.js +106 -47
- package/dist/sandbox/linux-sandbox-utils.js.map +1 -1
- package/dist/sandbox/listen-in-range.d.ts +12 -0
- package/dist/sandbox/listen-in-range.d.ts.map +1 -0
- package/dist/sandbox/listen-in-range.js +43 -0
- package/dist/sandbox/listen-in-range.js.map +1 -0
- package/dist/sandbox/macos-sandbox-utils.d.ts +11 -0
- package/dist/sandbox/macos-sandbox-utils.d.ts.map +1 -1
- package/dist/sandbox/macos-sandbox-utils.js +69 -14
- package/dist/sandbox/macos-sandbox-utils.js.map +1 -1
- package/dist/sandbox/mitm-ca.d.ts +18 -2
- package/dist/sandbox/mitm-ca.d.ts.map +1 -1
- package/dist/sandbox/mitm-ca.js +49 -9
- package/dist/sandbox/mitm-ca.js.map +1 -1
- package/dist/sandbox/mitm-leaf.d.ts.map +1 -1
- package/dist/sandbox/mitm-leaf.js +24 -6
- package/dist/sandbox/mitm-leaf.js.map +1 -1
- package/dist/sandbox/mux-proxy.d.ts +59 -0
- package/dist/sandbox/mux-proxy.d.ts.map +1 -0
- package/dist/sandbox/mux-proxy.js +159 -0
- package/dist/sandbox/mux-proxy.js.map +1 -0
- package/dist/sandbox/request-filter.d.ts +11 -1
- package/dist/sandbox/request-filter.d.ts.map +1 -1
- package/dist/sandbox/request-filter.js.map +1 -1
- package/dist/sandbox/sandbox-config.d.ts +254 -25
- package/dist/sandbox/sandbox-config.d.ts.map +1 -1
- package/dist/sandbox/sandbox-config.js +200 -13
- package/dist/sandbox/sandbox-config.js.map +1 -1
- package/dist/sandbox/sandbox-manager.d.ts +4 -0
- package/dist/sandbox/sandbox-manager.d.ts.map +1 -1
- package/dist/sandbox/sandbox-manager.js +601 -194
- package/dist/sandbox/sandbox-manager.js.map +1 -1
- package/dist/sandbox/sandbox-schemas.d.ts +15 -0
- package/dist/sandbox/sandbox-schemas.d.ts.map +1 -1
- package/dist/sandbox/sandbox-utils.d.ts +42 -6
- package/dist/sandbox/sandbox-utils.d.ts.map +1 -1
- package/dist/sandbox/sandbox-utils.js +115 -27
- package/dist/sandbox/sandbox-utils.js.map +1 -1
- package/dist/sandbox/socks-proxy.d.ts +11 -5
- package/dist/sandbox/socks-proxy.d.ts.map +1 -1
- package/dist/sandbox/socks-proxy.js +13 -81
- package/dist/sandbox/socks-proxy.js.map +1 -1
- package/dist/sandbox/tls-terminate-proxy.d.ts +2 -2
- package/dist/sandbox/tls-terminate-proxy.d.ts.map +1 -1
- package/dist/sandbox/tls-terminate-proxy.js +31 -5
- package/dist/sandbox/tls-terminate-proxy.js.map +1 -1
- package/dist/sandbox/windows-sandbox-utils.d.ts +347 -11
- package/dist/sandbox/windows-sandbox-utils.d.ts.map +1 -1
- package/dist/sandbox/windows-sandbox-utils.js +437 -45
- package/dist/sandbox/windows-sandbox-utils.js.map +1 -1
- package/package.json +7 -4
- package/vendor/seccomp/build.ts +8 -30
- package/vendor/srt-win/build.ts +21 -0
- package/dist/vendor/seccomp/Dockerfile.build +0 -6
- package/dist/vendor/seccomp/arm64/apply-seccomp +0 -0
- package/dist/vendor/seccomp/build.ts +0 -91
- package/dist/vendor/seccomp/x64/apply-seccomp +0 -0
- package/dist/vendor/seccomp-src/apply-seccomp.c +0 -280
- package/dist/vendor/seccomp-src/seccomp-unix-block.c +0 -148
- package/dist/vendor/srt-win/Cargo.lock +0 -361
- package/dist/vendor/srt-win/Cargo.toml +0 -46
- package/dist/vendor/srt-win/ci/cleanup.ps1 +0 -49
- package/dist/vendor/srt-win/ci/smoke-exec.ps1 +0 -446
- package/dist/vendor/srt-win/ci/smoke.ps1 +0 -307
- package/dist/vendor/srt-win/src/job.rs +0 -102
- package/dist/vendor/srt-win/src/launch.rs +0 -732
- package/dist/vendor/srt-win/src/lib.rs +0 -20
- package/dist/vendor/srt-win/src/main.rs +0 -669
- package/dist/vendor/srt-win/src/self_protect.rs +0 -169
- package/dist/vendor/srt-win/src/sid.rs +0 -296
- package/dist/vendor/srt-win/src/token.rs +0 -341
- package/dist/vendor/srt-win/src/util.rs +0 -42
- package/dist/vendor/srt-win/src/wfp.rs +0 -992
- package/dist/vendor/srt-win/src/winsta.rs +0 -209
- package/dist/vendor/srt-win/tests/sd_access_check_matrix.rs +0 -259
- package/vendor/seccomp-src/apply-seccomp.c +0 -280
- package/vendor/seccomp-src/seccomp-unix-block.c +0 -148
- package/vendor/srt-win/Cargo.lock +0 -361
- package/vendor/srt-win/Cargo.toml +0 -46
- package/vendor/srt-win/ci/cleanup.ps1 +0 -49
- package/vendor/srt-win/ci/smoke-exec.ps1 +0 -446
- package/vendor/srt-win/ci/smoke.ps1 +0 -307
- package/vendor/srt-win/src/job.rs +0 -102
- package/vendor/srt-win/src/launch.rs +0 -732
- package/vendor/srt-win/src/lib.rs +0 -20
- package/vendor/srt-win/src/main.rs +0 -669
- package/vendor/srt-win/src/self_protect.rs +0 -169
- package/vendor/srt-win/src/sid.rs +0 -296
- package/vendor/srt-win/src/token.rs +0 -341
- package/vendor/srt-win/src/util.rs +0 -42
- package/vendor/srt-win/src/wfp.rs +0 -992
- package/vendor/srt-win/src/winsta.rs +0 -209
- package/vendor/srt-win/tests/sd_access_check_matrix.rs +0 -259
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
export { containsGlobCharsWin, stripExtendedPathPrefix, } from './sandbox-utils.js';
|
|
1
2
|
import type { SandboxDependencyCheck } from './linux-sandbox-utils.js';
|
|
2
3
|
/**
|
|
3
4
|
* Windows sandbox backend.
|
|
@@ -14,7 +15,12 @@ import type { SandboxDependencyCheck } from './linux-sandbox-utils.js';
|
|
|
14
15
|
* token-membership check; WFP via providerData-tag enumeration under
|
|
15
16
|
* the configured sublayer). There is no marker file.
|
|
16
17
|
*
|
|
17
|
-
* Filesystem
|
|
18
|
+
* Filesystem deny (`denyRead`/`denyWrite`) is enforced via
|
|
19
|
+
* `srt-win acl stamp` at session start: a broker-only DACL is
|
|
20
|
+
* applied to each listed file plus a `Modify`-minus-`FILE_DELETE_CHILD`
|
|
21
|
+
* allow-list on its immediate parent directory, with restore state
|
|
22
|
+
* sealed by an inert hash-ACE marker so the on-disk SD is
|
|
23
|
+
* self-authenticating. See {@link stampWindowsAcl}.
|
|
18
24
|
*/
|
|
19
25
|
export declare const DEFAULT_WINDOWS_GROUP_NAME = "sandbox-runtime-net";
|
|
20
26
|
export declare const DEFAULT_WINDOWS_PROXY_PORT_RANGE: readonly [number, number];
|
|
@@ -41,10 +47,97 @@ export interface WindowsWfpStatusResult {
|
|
|
41
47
|
filters: number;
|
|
42
48
|
/** `[low, high]` from the `permit-loopback` filter's tag, when present. */
|
|
43
49
|
portRange?: [number, number];
|
|
50
|
+
/**
|
|
51
|
+
* Number of user-SID-keyed filters present (subset of `filters`).
|
|
52
|
+
* Zero on installs that predate the sandbox-user provisioning
|
|
53
|
+
* step, or when only `wfp install` (group set) was run.
|
|
54
|
+
*/
|
|
55
|
+
userFilters: number;
|
|
56
|
+
/** Sandbox-user SID read from the first user-keyed filter tag. */
|
|
57
|
+
userSid?: string;
|
|
58
|
+
}
|
|
59
|
+
/**
|
|
60
|
+
* State of the `srt-sandbox` local account that `srt-win install`
|
|
61
|
+
* provisions. The sandboxed child eventually runs **as** this
|
|
62
|
+
* account; for now it is reported alongside the group/WFP status
|
|
63
|
+
* so callers can surface a "re-run install" diagnostic when the
|
|
64
|
+
* account is missing.
|
|
65
|
+
*/
|
|
66
|
+
export interface WindowsSandboxUserStatus {
|
|
67
|
+
/** The `srt-sandbox` local account exists. */
|
|
68
|
+
provisioned: boolean;
|
|
69
|
+
/** `S-1-5-21-…` of `srt-sandbox`, when provisioned. */
|
|
70
|
+
sid?: string;
|
|
71
|
+
/** The `sandbox-runtime-users` local group exists. */
|
|
72
|
+
groupExists: boolean;
|
|
73
|
+
/** `S-1-5-21-…` of `sandbox-runtime-users`, when it exists. */
|
|
74
|
+
groupSid?: string;
|
|
75
|
+
inBuiltinUsers: boolean;
|
|
76
|
+
inSandboxGroup: boolean;
|
|
77
|
+
hiddenFromLogon: boolean;
|
|
78
|
+
/**
|
|
79
|
+
* The credential row is present in `state.db` and readable by
|
|
80
|
+
* THIS process. False when not yet written, or when called from
|
|
81
|
+
* inside the sandbox (the state-DB directory carries an explicit
|
|
82
|
+
* DENY for `sandbox-runtime-users` — machine-scope DPAPI alone
|
|
83
|
+
* is not a confidentiality boundary).
|
|
84
|
+
*/
|
|
85
|
+
credPresent: boolean;
|
|
86
|
+
/** Setup marker schema version, when the marker row exists. */
|
|
87
|
+
markerVersion?: number;
|
|
88
|
+
/**
|
|
89
|
+
* SHA-1 thumbprint of the install-time CA, when one was
|
|
90
|
+
* installed via `srt-win user trust-ca`. Uppercase hex.
|
|
91
|
+
*/
|
|
92
|
+
caCertThumb?: string;
|
|
93
|
+
/** PEM-encoded install-time CA certificate, when present. */
|
|
94
|
+
caCertPem?: string;
|
|
44
95
|
}
|
|
96
|
+
/**
|
|
97
|
+
* Inner shell to run `command` under, inside the restricted-token
|
|
98
|
+
* sandbox. The discriminant picks both the executable and the flag
|
|
99
|
+
* shape (`/c` vs `-Command` vs `-c`); see
|
|
100
|
+
* {@link wrapCommandWithSandboxWindows}.
|
|
101
|
+
*
|
|
102
|
+
* For `kind: 'bash'`, `path` is the absolute Git Bash executable
|
|
103
|
+
* (no fixed install location). It MUST originate from trusted host
|
|
104
|
+
* configuration (user settings / install detection), NEVER from
|
|
105
|
+
* workspace or repository content — the inner shell runs INSIDE the
|
|
106
|
+
* restricted-token sandbox so an unexpected path is not a
|
|
107
|
+
* sandbox-escape vector, but it would still be an arbitrary-exec
|
|
108
|
+
* footgun if sourced from untrusted input.
|
|
109
|
+
*/
|
|
110
|
+
export type WindowsBinShell = {
|
|
111
|
+
kind: 'cmd';
|
|
112
|
+
} | {
|
|
113
|
+
kind: 'powershell';
|
|
114
|
+
} | {
|
|
115
|
+
kind: 'pwsh';
|
|
116
|
+
} | {
|
|
117
|
+
kind: 'bash';
|
|
118
|
+
path: string;
|
|
119
|
+
};
|
|
120
|
+
/**
|
|
121
|
+
* Adapter from the cross-platform `binShell?: string` surface
|
|
122
|
+
* ({@link SandboxManager.wrapWithSandboxArgv}) to the Windows
|
|
123
|
+
* discriminated union. Throws on any value outside the recognised
|
|
124
|
+
* set — there is no silent fallback to cmd.exe.
|
|
125
|
+
*
|
|
126
|
+
* Uses `path.win32` explicitly so the function (and its unit test)
|
|
127
|
+
* is platform-independent.
|
|
128
|
+
*/
|
|
129
|
+
export declare function parseWindowsBinShell(raw?: string): WindowsBinShell;
|
|
45
130
|
export interface WindowsSandboxParams {
|
|
46
131
|
command: string;
|
|
47
132
|
group: WindowsGroupRef;
|
|
133
|
+
/**
|
|
134
|
+
* Sublayer GUID under which the WFP filters were installed.
|
|
135
|
+
* `srt-win exec` checks `wfp status` against it and refuses to
|
|
136
|
+
* launch when no filter set is present (fail-closed network
|
|
137
|
+
* fence). When omitted, srt-win uses its compile-time default
|
|
138
|
+
* GUID — same as `srt-win install` with no `--sublayer-guid`.
|
|
139
|
+
*/
|
|
140
|
+
sublayerGuid?: string;
|
|
48
141
|
/** JS HTTP proxy port — fed to `generateProxyEnvVars` for the returned env. */
|
|
49
142
|
httpProxyPort?: number;
|
|
50
143
|
/** JS SOCKS proxy port — fed to `generateProxyEnvVars` for the returned env. */
|
|
@@ -52,20 +145,102 @@ export interface WindowsSandboxParams {
|
|
|
52
145
|
/** Per-session proxy auth token; embedded in proxy env URLs. */
|
|
53
146
|
proxyAuthToken?: string;
|
|
54
147
|
/**
|
|
55
|
-
*
|
|
56
|
-
*
|
|
57
|
-
*
|
|
58
|
-
*
|
|
59
|
-
*
|
|
148
|
+
* Credential env vars to drop from the inherited environment
|
|
149
|
+
* (`mode: 'deny'`). Applied BEFORE the proxy assignments so the
|
|
150
|
+
* sandbox's own proxy plumbing survives even if a caller lists
|
|
151
|
+
* one of those names here — same precedence as the macOS/Linux
|
|
152
|
+
* `env -u … VAR=… sandbox-exec` order.
|
|
153
|
+
*/
|
|
154
|
+
unsetEnvVars?: readonly string[];
|
|
155
|
+
/**
|
|
156
|
+
* Credential env vars to overwrite with a sentinel
|
|
157
|
+
* (`mode: 'mask'`). Applied BEFORE the proxy assignments for the
|
|
158
|
+
* same precedence reason as {@link unsetEnvVars}.
|
|
159
|
+
*/
|
|
160
|
+
setEnvVars?: Readonly<Record<string, string>>;
|
|
161
|
+
/**
|
|
162
|
+
* PID of the long-lived host whose `srt-win acl stamp` holds
|
|
163
|
+
* this exec should run under. When set, `srt-win exec` opens a
|
|
164
|
+
* no-`FILE_SHARE_DELETE` handle on each of that holder's stamped
|
|
165
|
+
* directories and fenced files before spawning the child — the
|
|
166
|
+
* OS then refuses delete/rename of those, which the file's DACL
|
|
167
|
+
* alone cannot prevent. Omit for an exec with no file-deny
|
|
168
|
+
* session active.
|
|
169
|
+
*/
|
|
170
|
+
holderPid?: number;
|
|
171
|
+
/**
|
|
172
|
+
* Per-exec read-deny paths, stamped under the `srt-win exec`
|
|
173
|
+
* process's own PID and restored after the child exits. Same
|
|
174
|
+
* disk-first chokepoint as the session-level
|
|
175
|
+
* {@link stampWindowsAcl}; same fail-closed semantics (exec
|
|
176
|
+
* fails if any path cannot be stamped).
|
|
177
|
+
*
|
|
178
|
+
* Pass RAW normalized paths. Do NOT pre-filter or pre-expand
|
|
179
|
+
* via {@link expandWindowsFsDenyPaths} — `srt-win exec`'s
|
|
180
|
+
* `canonicalize_deny_targets` is the sole authority for
|
|
181
|
+
* glob/dir/nonexistent rejection (hard-fail). A missing path
|
|
182
|
+
* is a caller error, not a skip; pre-filtering would silently
|
|
183
|
+
* drop it and run the child with the file readable.
|
|
184
|
+
*/
|
|
185
|
+
denyRead?: readonly string[];
|
|
186
|
+
/** Per-exec write-deny paths — see {@link denyRead}. */
|
|
187
|
+
denyWrite?: readonly string[];
|
|
188
|
+
/**
|
|
189
|
+
* Run the child as the dedicated `srt-sandbox` user via the
|
|
190
|
+
* two-hop launch (broker → `CreateProcessWithLogonW(runner)` →
|
|
191
|
+
* runner → restricted-token child). Requires `srt-win install` to
|
|
192
|
+
* have provisioned the sandbox user. Opt-in — when `false` or
|
|
193
|
+
* omitted the same-user deny-only-group path is used. The
|
|
194
|
+
* separate-user path structurally closes the surrogate-spawn
|
|
195
|
+
* class (schtasks, `PROC_THREAD_ATTRIBUTE_PARENT_PROCESS`, BITS,
|
|
196
|
+
* RunAs="Interactive User" COM): the child's token carries a
|
|
197
|
+
* different user SID, so it cannot reach real-user processes,
|
|
198
|
+
* tasks register under `srt-sandbox`, and the user-SID WFP filter
|
|
199
|
+
* fences `srt-sandbox` egress regardless of how the child was
|
|
200
|
+
* spawned.
|
|
201
|
+
*/
|
|
202
|
+
asSandboxUser?: boolean;
|
|
203
|
+
/**
|
|
204
|
+
* PEM-encoded CA certificate file. Same parameter macOS/Linux
|
|
205
|
+
* thread to {@link generateProxyEnvVars} for the env-var trust
|
|
206
|
+
* layer (`NODE_EXTRA_CA_CERTS` etc.). NOT passed to `srt-win
|
|
207
|
+
* exec` — schannel-level trust under the sandbox user is set
|
|
208
|
+
* separately via `srt-win user trust-ca` /
|
|
209
|
+
* {@link windowsTrustCa}; per-exec only sets the env-var layer.
|
|
210
|
+
*
|
|
211
|
+
* **Under {@link asSandboxUser}**, this is currently NOT
|
|
212
|
+
* forwarded to the child: the bundle file lives in the broker's
|
|
213
|
+
* `%TEMP%`, which the `srt-sandbox` user cannot read, so OpenSSL
|
|
214
|
+
* clients (msys2 curl, openssl-backed git, node, python) would
|
|
215
|
+
* fail with `ACCESS_DENIED` on the bundle. The schannel-level
|
|
216
|
+
* trust set via {@link windowsTrustCa} is the only CA-trust path
|
|
217
|
+
* for the two-hop launch until working-tree/profile grants land.
|
|
60
218
|
*/
|
|
61
|
-
|
|
219
|
+
caCertPath?: string;
|
|
220
|
+
/**
|
|
221
|
+
* Inner shell. Defaults to `{ kind: 'cmd' }`. The child's post-`/c`
|
|
222
|
+
* (or `-Command` / `-c`) content is **passthrough** — `&` chains,
|
|
223
|
+
* `"…"`/`'…'` quotes exactly as written. The security boundary is at
|
|
224
|
+
* the OUTER spawn (this argv is spawned with `shell:false`); the
|
|
225
|
+
* inner shell runs INSIDE the sandbox so its metachars are the
|
|
226
|
+
* user's tool. See {@link parseWindowsBinShell} for the
|
|
227
|
+
* cross-platform string adapter.
|
|
228
|
+
*/
|
|
229
|
+
binShell?: WindowsBinShell;
|
|
62
230
|
}
|
|
63
231
|
/**
|
|
64
232
|
* Locate `srt-win.exe`. Resolution order:
|
|
65
233
|
* 1. `SRT_WIN_PATH` env var (CI sets this to the freshly-built binary).
|
|
66
|
-
* 2. `<
|
|
67
|
-
*
|
|
68
|
-
*
|
|
234
|
+
* 2. `<root>/vendor/srt-win/{arch}/srt-win.exe` (prebuilt — published npm
|
|
235
|
+
* package, or after `npm run build:srt-win` locally).
|
|
236
|
+
* 3. `<root>/vendor/srt-win-src/target/release/srt-win.exe` (local
|
|
237
|
+
* `cargo build --release` fallback for development).
|
|
238
|
+
* 4. `<root>/vendor/srt-win/target/release/srt-win.exe` (transitional:
|
|
239
|
+
* stale local build from before the srt-win-src rename).
|
|
240
|
+
*
|
|
241
|
+
* `<root>` is {@link repoRoot} — `__dirname/../..`, which resolves to the
|
|
242
|
+
* repo root from `src/sandbox/` and `dist/sandbox/` alike, and to the
|
|
243
|
+
* package root when installed under `node_modules`.
|
|
69
244
|
*
|
|
70
245
|
* Resolution via the optional `@anthropic-ai/sandbox-runtime-win32-*`
|
|
71
246
|
* platform packages is added separately.
|
|
@@ -90,6 +265,51 @@ export declare function getWindowsGroupStatus(ref: WindowsGroupRef): WindowsGrou
|
|
|
90
265
|
export declare function getWindowsWfpStatus(opts?: {
|
|
91
266
|
sublayerGuid?: string;
|
|
92
267
|
}): WindowsWfpStatusResult;
|
|
268
|
+
/**
|
|
269
|
+
* Query the sandbox user account's provisioning state. Each field
|
|
270
|
+
* is independently observed so a half-provisioned install (e.g.
|
|
271
|
+
* user exists but credential file missing) is distinguishable.
|
|
272
|
+
* Does not require elevation.
|
|
273
|
+
*/
|
|
274
|
+
export declare function getWindowsSandboxUserStatus(): WindowsSandboxUserStatus;
|
|
275
|
+
/**
|
|
276
|
+
* Read back the persistent MITM CA the sandbox was installed with
|
|
277
|
+
* (via `srt-win user trust-ca` / {@link windowsTrustCa}).
|
|
278
|
+
* Returns `null` when no CA was installed. The PEM is what `srt-win
|
|
279
|
+
* user status` reconstructs from the DER stored in `state.db`.
|
|
280
|
+
*
|
|
281
|
+
* On Windows with `windows.asSandboxUser`, `tlsTerminate` requires
|
|
282
|
+
* this CA to be present in the sandbox user's `CurrentUser\Root`
|
|
283
|
+
* (schannel-level trust is an install-time concern, not
|
|
284
|
+
* per-session); the host calls this from `initialize()` to fail
|
|
285
|
+
* early with an actionable message when it isn't.
|
|
286
|
+
*
|
|
287
|
+
* @param status pass an already-fetched
|
|
288
|
+
* {@link getWindowsSandboxUserStatus} result to avoid a second
|
|
289
|
+
* `srt-win user status` spawn.
|
|
290
|
+
*/
|
|
291
|
+
export declare function getWindowsSandboxCaCert(status?: WindowsSandboxUserStatus): {
|
|
292
|
+
pem: string;
|
|
293
|
+
thumb: string;
|
|
294
|
+
} | null;
|
|
295
|
+
/**
|
|
296
|
+
* Install (or replace) the MITM CA in the **sandbox user's**
|
|
297
|
+
* `CurrentUser\Root` and record it in `state.db` (so
|
|
298
|
+
* {@link getWindowsSandboxCaCert} surfaces its thumbprint + PEM).
|
|
299
|
+
* Thin wrapper around `srt-win user trust-ca <path>`. Does NOT
|
|
300
|
+
* require elevation. Persistent until {@link uninstallWindowsSandbox}
|
|
301
|
+
* deletes the sandbox user's profile.
|
|
302
|
+
*
|
|
303
|
+
* The CA has a separate lifecycle from {@link installWindowsSandbox}
|
|
304
|
+
* — install provisions the account/filters and never touches the CA;
|
|
305
|
+
* call this AFTER install when `tlsTerminate` will be used with
|
|
306
|
+
* `windows.asSandboxUser`.
|
|
307
|
+
*
|
|
308
|
+
* @throws when the sandbox user is not provisioned, the file is not a
|
|
309
|
+
* parseable X.509 certificate, or the registry write into the
|
|
310
|
+
* sandbox user's hive fails.
|
|
311
|
+
*/
|
|
312
|
+
export declare function windowsTrustCa(caCertPath: string): void;
|
|
93
313
|
export interface WindowsInstallOptions extends WindowsGroupRef {
|
|
94
314
|
/** Add this user (instead of the current user) to the group. */
|
|
95
315
|
userSid?: string;
|
|
@@ -114,6 +334,8 @@ export interface WindowsInstallResult {
|
|
|
114
334
|
group: WindowsGroupStatusResult;
|
|
115
335
|
/** Post-install WFP state. */
|
|
116
336
|
wfp: WindowsWfpStatusResult;
|
|
337
|
+
/** Post-install sandbox-user state. */
|
|
338
|
+
user: WindowsSandboxUserStatus;
|
|
117
339
|
/**
|
|
118
340
|
* `true` if the user dismissed the UAC prompt. Not an error —
|
|
119
341
|
* the install simply didn't happen. Re-run when the user is
|
|
@@ -153,10 +375,16 @@ export declare function installWindowsSandbox(opts?: WindowsInstallOptions): Win
|
|
|
153
375
|
* re-do the logout dance on the next install. Call
|
|
154
376
|
* {@link deleteWindowsGroup} explicitly if you want full teardown.
|
|
155
377
|
*
|
|
378
|
+
* **Does** remove the `srt-sandbox` account, its credential file,
|
|
379
|
+
* and the setup marker, unless `keepUser` is set — the credential
|
|
380
|
+
* is useless without the account and vice versa, so they're
|
|
381
|
+
* treated as one unit.
|
|
382
|
+
*
|
|
156
383
|
* @returns `{cancelled: true}` if the user dismissed UAC.
|
|
157
384
|
*/
|
|
158
385
|
export declare function uninstallWindowsSandbox(opts?: {
|
|
159
386
|
sublayerGuid?: string;
|
|
387
|
+
keepUser?: boolean;
|
|
160
388
|
}): {
|
|
161
389
|
cancelled?: true;
|
|
162
390
|
};
|
|
@@ -189,6 +417,114 @@ export declare function createWindowsWfp(ref: WindowsGroupRef & {
|
|
|
189
417
|
sublayerGuid?: string;
|
|
190
418
|
proxyPortRange?: readonly [number, number];
|
|
191
419
|
}): void;
|
|
420
|
+
/**
|
|
421
|
+
* Per-file outcome from `srt-win acl restore --json`. `status:
|
|
422
|
+
* "restored"` covers both `Restored` and `AlreadyOriginal` on the
|
|
423
|
+
* Rust side (the host doesn't need to distinguish them); every
|
|
424
|
+
* other status keeps the snapshot row (fail-closed) and is
|
|
425
|
+
* surfaced to the user as an anomaly to investigate. Mirrors
|
|
426
|
+
* `restore_entry()` in `vendor/srt-win-src/src/main.rs`.
|
|
427
|
+
*/
|
|
428
|
+
export interface WindowsAclPathOutcome {
|
|
429
|
+
path: string;
|
|
430
|
+
status: 'restored' | 'relocated' | 'missing' | 'leftChanged' | 'leftUnreadable' | 'originalSdTampered' | 'originalSdLost' | 'stampedUnrecognized';
|
|
431
|
+
/** Hex `FILE_ID_INFO` recorded at stamp time. Present when `status ≠ "restored"`. */
|
|
432
|
+
expectedFileId?: string;
|
|
433
|
+
/** Where the protected file was found by `file_id`. Only on `relocated`. */
|
|
434
|
+
movedTo?: string;
|
|
435
|
+
/** `true` whenever `status ≠ "restored"` — the snapshot row was kept (restore not confirmed). */
|
|
436
|
+
leftStamped?: boolean;
|
|
437
|
+
}
|
|
438
|
+
/**
|
|
439
|
+
* Per-parent-directory outcome from `srt-win acl restore --json`.
|
|
440
|
+
* `stillHeld` is normal (another active session still references
|
|
441
|
+
* a file under this directory). Mirrors `parent_entries_from()` +
|
|
442
|
+
* `ParentRestoreOutcome::as_str()` in `vendor/srt-win-src/src/`.
|
|
443
|
+
*/
|
|
444
|
+
export interface WindowsAclParentOutcome {
|
|
445
|
+
path: string;
|
|
446
|
+
status: 'restored' | 'alreadyOriginal' | 'stillHeld' | 'leftChanged' | 'missing' | 'leftStamped';
|
|
447
|
+
/** Underlying error for `leftStamped`. */
|
|
448
|
+
error?: string;
|
|
449
|
+
}
|
|
450
|
+
/** Top-level shape of `srt-win acl restore --json`. */
|
|
451
|
+
export interface WindowsAclRestoreResult {
|
|
452
|
+
paths: WindowsAclPathOutcome[];
|
|
453
|
+
parents: WindowsAclParentOutcome[];
|
|
454
|
+
}
|
|
455
|
+
/**
|
|
456
|
+
* Expand the `denyRead`/`denyWrite` input set to a flat list of
|
|
457
|
+
* existing FILE paths for `srt-win acl stamp`.
|
|
458
|
+
*
|
|
459
|
+
* Every input goes through {@link normalizePathForSandbox} (the
|
|
460
|
+
* single Windows-aware chokepoint: `\\?\`/UNC-strip, drive-letter
|
|
461
|
+
* case-fold, ~-expand, realpath). Globs (`*`/`?` only — `[`/`]`
|
|
462
|
+
* are legal Win32 filename chars) expand via the shared walker
|
|
463
|
+
* with case-insensitive matching (point-in-time: a file appearing
|
|
464
|
+
* after this returns is NOT covered). Each candidate is checked
|
|
465
|
+
* with one `statSync({throwIfNoEntry:false})`: missing → drop
|
|
466
|
+
* (the protection model covers files present at session start);
|
|
467
|
+
* directory → reject (the file stamp applies a per-file DACL plus
|
|
468
|
+
* a per-parent-directory allow-list; stamping a directory itself
|
|
469
|
+
* would touch every child); file → keep.
|
|
470
|
+
*/
|
|
471
|
+
export declare function expandWindowsFsDenyPaths(patterns: readonly string[]): string[];
|
|
472
|
+
export interface WindowsAclStampOptions {
|
|
473
|
+
group: WindowsGroupRef;
|
|
474
|
+
/** Files the sandboxed child must not read. */
|
|
475
|
+
denyRead: readonly string[];
|
|
476
|
+
/** Files the sandboxed child must not write (read stays allowed). */
|
|
477
|
+
denyWrite: readonly string[];
|
|
478
|
+
/** Long-lived host PID the holds are tied to. Default: this process. */
|
|
479
|
+
holderPid?: number;
|
|
480
|
+
}
|
|
481
|
+
/**
|
|
482
|
+
* Apply the file-deny stamp set for one host session. Idempotent
|
|
483
|
+
* via `srt-win`'s disk-first `ensure_stamped` chokepoint — calling
|
|
484
|
+
* this again with overlapping paths re-verifies the on-disk DACL
|
|
485
|
+
* against the hash-ACE marker rather than trusting state-DB rows.
|
|
486
|
+
*
|
|
487
|
+
* Inputs are passed verbatim to `srt-win` (which canonicalizes,
|
|
488
|
+
* rejects directories and globs, and stamps each file plus its
|
|
489
|
+
* immediate parent directory). Callers that accept globs should
|
|
490
|
+
* pre-expand via {@link expandWindowsFsDenyPaths}.
|
|
491
|
+
*
|
|
492
|
+
* @throws on exit ≠ 0 — including exit 2 (one or more inputs
|
|
493
|
+
* skipped). srt-win stamps the resolvable inputs before exiting
|
|
494
|
+
* 2, so on throw the caller should call {@link restoreWindowsAcl}
|
|
495
|
+
* to release whatever WAS stamped (fail-closed at session start
|
|
496
|
+
* means tearing down a partial setup).
|
|
497
|
+
*/
|
|
498
|
+
export declare function stampWindowsAcl(opts: WindowsAclStampOptions): void;
|
|
499
|
+
export interface WindowsAclRestoreOptions {
|
|
500
|
+
group: WindowsGroupRef;
|
|
501
|
+
/** Long-lived host PID whose holds to release. Default: this process. */
|
|
502
|
+
holderPid?: number;
|
|
503
|
+
}
|
|
504
|
+
/**
|
|
505
|
+
* Release this holder's file-deny stamps and return per-path /
|
|
506
|
+
* per-parent outcomes. Best-effort: a non-`restored` entry means
|
|
507
|
+
* the file's stamp was LEFT in place (fail-closed) — see
|
|
508
|
+
* {@link WindowsAclPathOutcome} for the cases. Does not throw on
|
|
509
|
+
* anomalies; the caller decides whether to surface them.
|
|
510
|
+
*
|
|
511
|
+
* Returns `undefined` when `srt-win acl restore` itself failed
|
|
512
|
+
* (no JSON to parse) — the caller should log and move on rather
|
|
513
|
+
* than block teardown.
|
|
514
|
+
*/
|
|
515
|
+
export declare function restoreWindowsAcl(opts: WindowsAclRestoreOptions): WindowsAclRestoreResult | undefined;
|
|
516
|
+
/**
|
|
517
|
+
* Per-path outcomes that mean the file's DACL was returned to its
|
|
518
|
+
* pre-stamp state (or was already there). Anything else left the
|
|
519
|
+
* stamp in place and should be surfaced to the user.
|
|
520
|
+
*/
|
|
521
|
+
export declare const WINDOWS_ACL_PATH_OK: Set<"restored" | "relocated" | "missing" | "leftChanged" | "leftUnreadable" | "originalSdTampered" | "originalSdLost" | "stampedUnrecognized">;
|
|
522
|
+
/**
|
|
523
|
+
* Per-parent-directory outcomes that are expected during normal
|
|
524
|
+
* teardown. `stillHeld` is normal when another active session
|
|
525
|
+
* still references a file under this directory.
|
|
526
|
+
*/
|
|
527
|
+
export declare const WINDOWS_ACL_PARENT_OK: Set<"restored" | "missing" | "leftChanged" | "alreadyOriginal" | "stillHeld" | "leftStamped">;
|
|
192
528
|
/**
|
|
193
529
|
* Build the spawn descriptor for running `command` inside the Windows
|
|
194
530
|
* sandbox: an `argv` array plus the `env` to spawn it with.
|
|
@@ -196,7 +532,7 @@ export declare function createWindowsWfp(ref: WindowsGroupRef & {
|
|
|
196
532
|
* Caller MUST spawn the result with `{shell: false}` — that is the
|
|
197
533
|
* security boundary that keeps untrusted bytes off the host's shell
|
|
198
534
|
* (the inner `cmd.exe /c` runs INSIDE the sandbox; see
|
|
199
|
-
* `vendor/srt-win/src/launch.rs` `build_cmdline` for the passthrough
|
|
535
|
+
* `vendor/srt-win-src/src/launch.rs` `build_cmdline` for the passthrough
|
|
200
536
|
* rationale) — AND with the returned `env`.
|
|
201
537
|
*
|
|
202
538
|
* Proxy configuration is single-sourced by {@link generateProxyEnvVars}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"windows-sandbox-utils.d.ts","sourceRoot":"","sources":["../../src/sandbox/windows-sandbox-utils.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"windows-sandbox-utils.d.ts","sourceRoot":"","sources":["../../src/sandbox/windows-sandbox-utils.ts"],"names":[],"mappings":"AAaA,OAAO,EACL,oBAAoB,EACpB,uBAAuB,GACxB,MAAM,oBAAoB,CAAA;AAC3B,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAA;AAEtE;;;;;;;;;;;;;;;;;;;;;GAqBG;AAMH,eAAO,MAAM,0BAA0B,wBAAwB,CAAA;AAC/D,eAAO,MAAM,gCAAgC,EAAE,SAAS,CAAC,MAAM,EAAE,MAAM,CAEtE,CAAA;AAED,mEAAmE;AACnE,MAAM,WAAW,eAAe;IAC9B,kEAAkE;IAClE,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,MAAM,kBAAkB,GAAG,QAAQ,GAAG,sBAAsB,GAAG,OAAO,CAAA;AAE5E,MAAM,WAAW,wBAAwB;IACvC,KAAK,EAAE,kBAAkB,CAAA;IACzB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,MAAM,MAAM,gBAAgB,GAAG,QAAQ,GAAG,WAAW,CAAA;AAErD,MAAM,WAAW,sBAAsB;IACrC,KAAK,EAAE,gBAAgB,CAAA;IACvB,OAAO,EAAE,MAAM,CAAA;IACf,2EAA2E;IAC3E,SAAS,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAC5B;;;;OAIG;IACH,WAAW,EAAE,MAAM,CAAA;IACnB,kEAAkE;IAClE,OAAO,CAAC,EAAE,MAAM,CAAA;CACjB;AAED;;;;;;GAMG;AACH,MAAM,WAAW,wBAAwB;IACvC,8CAA8C;IAC9C,WAAW,EAAE,OAAO,CAAA;IACpB,uDAAuD;IACvD,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,sDAAsD;IACtD,WAAW,EAAE,OAAO,CAAA;IACpB,+DAA+D;IAC/D,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,cAAc,EAAE,OAAO,CAAA;IACvB,cAAc,EAAE,OAAO,CAAA;IACvB,eAAe,EAAE,OAAO,CAAA;IACxB;;;;;;OAMG;IACH,WAAW,EAAE,OAAO,CAAA;IACpB,+DAA+D;IAC/D,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,6DAA6D;IAC7D,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,MAAM,eAAe,GACvB;IAAE,IAAI,EAAE,KAAK,CAAA;CAAE,GACf;IAAE,IAAI,EAAE,YAAY,CAAA;CAAE,GACtB;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,GAChB;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,CAAA;AAElC;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAAC,GAAG,CAAC,EAAE,MAAM,GAAG,eAAe,CAuClE;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,MAAM,CAAA;IACf,KAAK,EAAE,eAAe,CAAA;IACtB;;;;;;OAMG;IACH,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,+EAA+E;IAC/E,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,gFAAgF;IAChF,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,gEAAgE;IAChE,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB;;;;;;OAMG;IACH,YAAY,CAAC,EAAE,SAAS,MAAM,EAAE,CAAA;IAChC;;;;OAIG;IACH,UAAU,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAA;IAC7C;;;;;;;;OAQG;IACH,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB;;;;;;;;;;;;;OAaG;IACH,QAAQ,CAAC,EAAE,SAAS,MAAM,EAAE,CAAA;IAC5B,wDAAwD;IACxD,SAAS,CAAC,EAAE,SAAS,MAAM,EAAE,CAAA;IAC7B;;;;;;;;;;;;;OAaG;IACH,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB;;;;;;;;;;;;;;;OAeG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB;;;;;;;;OAQG;IACH,QAAQ,CAAC,EAAE,eAAe,CAAA;CAC3B;AAcD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,aAAa,IAAI,MAAM,CA+BtC;AAmFD;;;;;;GAMG;AACH,wBAAgB,qBAAqB,CACnC,GAAG,EAAE,eAAe,GACnB,wBAAwB,CAE1B;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CACjC,IAAI,GAAE;IAAE,YAAY,CAAC,EAAE,MAAM,CAAA;CAAO,GACnC,sBAAsB,CAiBxB;AAED;;;;;GAKG;AACH,wBAAgB,2BAA2B,IAAI,wBAAwB,CA+BtE;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,uBAAuB,CACrC,MAAM,CAAC,EAAE,wBAAwB,GAChC;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAIvC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,cAAc,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAavD;AAED,MAAM,WAAW,qBAAsB,SAAQ,eAAe;IAC5D,gEAAgE;IAChE,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,kEAAkE;IAClE,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB;;;;OAIG;IACH,cAAc,CAAC,EAAE,SAAS,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAC1C;;;;;OAKG;IACH,KAAK,CAAC,EAAE,OAAO,CAAA;CAChB;AAED,MAAM,WAAW,oBAAoB;IACnC,gCAAgC;IAChC,KAAK,EAAE,wBAAwB,CAAA;IAC/B,8BAA8B;IAC9B,GAAG,EAAE,sBAAsB,CAAA;IAC3B,uCAAuC;IACvC,IAAI,EAAE,wBAAwB,CAAA;IAC9B;;;;OAIG;IACH,SAAS,CAAC,EAAE,IAAI,CAAA;CACjB;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAgB,qBAAqB,CACnC,IAAI,GAAE,qBAA0B,GAC/B,oBAAoB,CA4DtB;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,uBAAuB,CACrC,IAAI,GAAE;IAAE,YAAY,CAAC,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,OAAO,CAAA;CAAO,GACvD;IACD,SAAS,CAAC,EAAE,IAAI,CAAA;CACjB,CAeA;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,eAAe,GAAG,IAAI,CAS7D;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,eAAe,GAAG;IAAE,OAAO,CAAC,EAAE,MAAM,CAAA;CAAE,GAC1C,IAAI,CAYN;AAED;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAC9B,GAAG,EAAE,eAAe,GAAG;IACrB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,cAAc,CAAC,EAAE,SAAS,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAC3C,GACA,IAAI,CAkBN;AAMD;;;;;;;GAOG;AACH,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,MAAM,CAAA;IACZ,MAAM,EACF,UAAU,GACV,WAAW,GACX,SAAS,GACT,aAAa,GACb,gBAAgB,GAChB,oBAAoB,GACpB,gBAAgB,GAChB,qBAAqB,CAAA;IACzB,qFAAqF;IACrF,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,4EAA4E;IAC5E,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,iGAAiG;IACjG,WAAW,CAAC,EAAE,OAAO,CAAA;CACtB;AAED;;;;;GAKG;AACH,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE,MAAM,CAAA;IACZ,MAAM,EACF,UAAU,GACV,iBAAiB,GACjB,WAAW,GACX,aAAa,GACb,SAAS,GACT,aAAa,CAAA;IACjB,0CAA0C;IAC1C,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,uDAAuD;AACvD,MAAM,WAAW,uBAAuB;IACtC,KAAK,EAAE,qBAAqB,EAAE,CAAA;IAC9B,OAAO,EAAE,uBAAuB,EAAE,CAAA;CACnC;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,wBAAwB,CACtC,QAAQ,EAAE,SAAS,MAAM,EAAE,GAC1B,MAAM,EAAE,CAqBV;AAED,MAAM,WAAW,sBAAsB;IACrC,KAAK,EAAE,eAAe,CAAA;IACtB,+CAA+C;IAC/C,QAAQ,EAAE,SAAS,MAAM,EAAE,CAAA;IAC3B,qEAAqE;IACrE,SAAS,EAAE,SAAS,MAAM,EAAE,CAAA;IAC5B,wEAAwE;IACxE,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,eAAe,CAAC,IAAI,EAAE,sBAAsB,GAAG,IAAI,CAuBlE;AAED,MAAM,WAAW,wBAAwB;IACvC,KAAK,EAAE,eAAe,CAAA;IACtB,yEAAyE;IACzE,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,iBAAiB,CAC/B,IAAI,EAAE,wBAAwB,GAC7B,uBAAuB,GAAG,SAAS,CAoCrC;AAED;;;;GAIG;AACH,eAAO,MAAM,mBAAmB,gJAE9B,CAAA;AAEF;;;;GAIG;AACH,eAAO,MAAM,qBAAqB,+FAEjC,CAAA;AAMD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,6BAA6B,CAAC,CAAC,EAAE,oBAAoB,GAAG;IACtE,IAAI,EAAE,MAAM,EAAE,CAAA;IACd,GAAG,EAAE,MAAM,CAAC,UAAU,CAAA;CACvB,CAyJA;AAqBD;;;;GAIG;AACH,wBAAgB,0BAA0B,CACxC,GAAG,EAAE,eAAe,EACpB,YAAY,EAAE,MAAM,GAAG,SAAS,EAChC,UAAU,EAAE,kBAAkB,GAC7B,MAAM,CAuBR;AAED;;;GAGG;AACH,wBAAgB,wBAAwB,CACtC,GAAG,EAAE,eAAe,EACpB,YAAY,CAAC,EAAE,MAAM,GACpB,sBAAsB,CA2DxB"}
|