@tachu/extensions 1.0.0-beta.1 → 1.0.0-rc.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +48 -65
- package/README.md +83 -708
- package/README_ZH.md +82 -696
- package/dist/backends/file.d.ts +6 -6
- package/dist/backends/file.d.ts.map +1 -1
- package/dist/backends/file.js +27 -11
- package/dist/backends/file.js.map +1 -1
- package/dist/backends/terminal.d.ts +6 -6
- package/dist/backends/terminal.d.ts.map +1 -1
- package/dist/backends/terminal.js +31 -7
- package/dist/backends/terminal.js.map +1 -1
- package/dist/backends/web.d.ts +6 -6
- package/dist/backends/web.d.ts.map +1 -1
- package/dist/backends/web.js +10 -8
- package/dist/backends/web.js.map +1 -1
- package/dist/common/net.d.ts +8 -0
- package/dist/common/net.d.ts.map +1 -1
- package/dist/common/net.js +39 -24
- package/dist/common/net.js.map +1 -1
- package/dist/common/path.d.ts +38 -5
- package/dist/common/path.d.ts.map +1 -1
- package/dist/common/path.js +55 -13
- package/dist/common/path.js.map +1 -1
- package/dist/common/process.js.map +1 -1
- package/dist/index.d.ts +7 -3
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +7 -3
- package/dist/index.js.map +1 -1
- package/dist/mcp/sse-adapter.d.ts +45 -33
- package/dist/mcp/sse-adapter.d.ts.map +1 -1
- package/dist/mcp/sse-adapter.js +59 -34
- package/dist/mcp/sse-adapter.js.map +1 -1
- package/dist/mcp/stdio-adapter.d.ts +45 -33
- package/dist/mcp/stdio-adapter.d.ts.map +1 -1
- package/dist/mcp/stdio-adapter.js +59 -34
- package/dist/mcp/stdio-adapter.js.map +1 -1
- package/dist/memory/fs-memory-system.d.ts +288 -0
- package/dist/memory/fs-memory-system.d.ts.map +1 -0
- package/dist/memory/fs-memory-system.js +482 -0
- package/dist/memory/fs-memory-system.js.map +1 -0
- package/dist/memory/index.d.ts +5 -0
- package/dist/memory/index.d.ts.map +1 -0
- package/dist/memory/index.js +5 -0
- package/dist/memory/index.js.map +1 -0
- package/dist/memory/projection-outbox.d.ts +69 -0
- package/dist/memory/projection-outbox.d.ts.map +1 -0
- package/dist/memory/projection-outbox.js +187 -0
- package/dist/memory/projection-outbox.js.map +1 -0
- package/dist/memory/projection-projector.d.ts +16 -0
- package/dist/memory/projection-projector.d.ts.map +1 -0
- package/dist/memory/projection-projector.js +56 -0
- package/dist/memory/projection-projector.js.map +1 -0
- package/dist/memory/projection-worker.d.ts +28 -0
- package/dist/memory/projection-worker.d.ts.map +1 -0
- package/dist/memory/projection-worker.js +84 -0
- package/dist/memory/projection-worker.js.map +1 -0
- package/dist/observability/jsonl-emitter.d.ts +25 -25
- package/dist/observability/jsonl-emitter.d.ts.map +1 -1
- package/dist/observability/jsonl-emitter.js +25 -25
- package/dist/observability/jsonl-emitter.js.map +1 -1
- package/dist/observability/otel-emitter.d.ts +23 -23
- package/dist/observability/otel-emitter.d.ts.map +1 -1
- package/dist/observability/otel-emitter.js +39 -30
- package/dist/observability/otel-emitter.js.map +1 -1
- package/dist/providers/anthropic.d.ts +51 -32
- package/dist/providers/anthropic.d.ts.map +1 -1
- package/dist/providers/anthropic.js +293 -58
- package/dist/providers/anthropic.js.map +1 -1
- package/dist/providers/gemini.d.ts +115 -0
- package/dist/providers/gemini.d.ts.map +1 -0
- package/dist/providers/gemini.js +901 -0
- package/dist/providers/gemini.js.map +1 -0
- package/dist/providers/index.d.ts +2 -0
- package/dist/providers/index.d.ts.map +1 -1
- package/dist/providers/index.js +2 -0
- package/dist/providers/index.js.map +1 -1
- package/dist/providers/mock.d.ts +67 -24
- package/dist/providers/mock.d.ts.map +1 -1
- package/dist/providers/mock.js +122 -41
- package/dist/providers/mock.js.map +1 -1
- package/dist/providers/openai.d.ts +70 -35
- package/dist/providers/openai.d.ts.map +1 -1
- package/dist/providers/openai.js +330 -50
- package/dist/providers/openai.js.map +1 -1
- package/dist/providers/qwen.d.ts +146 -0
- package/dist/providers/qwen.d.ts.map +1 -0
- package/dist/providers/qwen.js +672 -0
- package/dist/providers/qwen.js.map +1 -0
- package/dist/safety/default-gate.d.ts +112 -0
- package/dist/safety/default-gate.d.ts.map +1 -0
- package/dist/safety/default-gate.js +188 -0
- package/dist/safety/default-gate.js.map +1 -0
- package/dist/safety/index.d.ts +2 -0
- package/dist/safety/index.d.ts.map +1 -0
- package/dist/safety/index.js +2 -0
- package/dist/safety/index.js.map +1 -0
- package/dist/tools/_shared/web-client.d.ts +18 -0
- package/dist/tools/_shared/web-client.d.ts.map +1 -0
- package/dist/tools/_shared/web-client.js +46 -0
- package/dist/tools/_shared/web-client.js.map +1 -0
- package/dist/tools/apply-patch/executor.d.ts.map +1 -1
- package/dist/tools/apply-patch/executor.js +54 -4
- package/dist/tools/apply-patch/executor.js.map +1 -1
- package/dist/tools/edit-file/executor.d.ts +32 -0
- package/dist/tools/edit-file/executor.d.ts.map +1 -0
- package/dist/tools/edit-file/executor.js +84 -0
- package/dist/tools/edit-file/executor.js.map +1 -0
- package/dist/tools/fetch-url/descriptor.md +6 -0
- package/dist/tools/fetch-url/executor.d.ts +8 -0
- package/dist/tools/fetch-url/executor.d.ts.map +1 -1
- package/dist/tools/fetch-url/executor.js +83 -2
- package/dist/tools/fetch-url/executor.js.map +1 -1
- package/dist/tools/git-blame/executor.d.ts +24 -0
- package/dist/tools/git-blame/executor.d.ts.map +1 -0
- package/dist/tools/git-blame/executor.js +76 -0
- package/dist/tools/git-blame/executor.js.map +1 -0
- package/dist/tools/git-branch/executor.d.ts +22 -0
- package/dist/tools/git-branch/executor.d.ts.map +1 -0
- package/dist/tools/git-branch/executor.js +81 -0
- package/dist/tools/git-branch/executor.js.map +1 -0
- package/dist/tools/git-diff/executor.d.ts +37 -0
- package/dist/tools/git-diff/executor.d.ts.map +1 -0
- package/dist/tools/git-diff/executor.js +156 -0
- package/dist/tools/git-diff/executor.js.map +1 -0
- package/dist/tools/git-log/executor.d.ts +31 -0
- package/dist/tools/git-log/executor.d.ts.map +1 -0
- package/dist/tools/git-log/executor.js +65 -0
- package/dist/tools/git-log/executor.js.map +1 -0
- package/dist/tools/git-show/executor.d.ts +22 -0
- package/dist/tools/git-show/executor.d.ts.map +1 -0
- package/dist/tools/git-show/executor.js +74 -0
- package/dist/tools/git-show/executor.js.map +1 -0
- package/dist/tools/git-status/executor.d.ts +25 -0
- package/dist/tools/git-status/executor.d.ts.map +1 -0
- package/dist/tools/git-status/executor.js +120 -0
- package/dist/tools/git-status/executor.js.map +1 -0
- package/dist/tools/glob/executor.d.ts +18 -0
- package/dist/tools/glob/executor.d.ts.map +1 -0
- package/dist/tools/glob/executor.js +47 -0
- package/dist/tools/glob/executor.js.map +1 -0
- package/dist/tools/index.d.ts +1 -1
- package/dist/tools/index.d.ts.map +1 -1
- package/dist/tools/index.js +459 -4
- package/dist/tools/index.js.map +1 -1
- package/dist/tools/list-dir/executor.d.ts.map +1 -1
- package/dist/tools/list-dir/executor.js +5 -3
- package/dist/tools/list-dir/executor.js.map +1 -1
- package/dist/tools/multi-edit/executor.d.ts +29 -0
- package/dist/tools/multi-edit/executor.d.ts.map +1 -0
- package/dist/tools/multi-edit/executor.js +37 -0
- package/dist/tools/multi-edit/executor.js.map +1 -0
- package/dist/tools/read-file/executor.d.ts +5 -0
- package/dist/tools/read-file/executor.d.ts.map +1 -1
- package/dist/tools/read-file/executor.js +49 -5
- package/dist/tools/read-file/executor.js.map +1 -1
- package/dist/tools/run-shell/executor.d.ts +12 -1
- package/dist/tools/run-shell/executor.d.ts.map +1 -1
- package/dist/tools/run-shell/executor.js +105 -9
- package/dist/tools/run-shell/executor.js.map +1 -1
- package/dist/tools/run-tests/executor.d.ts +28 -0
- package/dist/tools/run-tests/executor.d.ts.map +1 -0
- package/dist/tools/run-tests/executor.js +161 -0
- package/dist/tools/run-tests/executor.js.map +1 -0
- package/dist/tools/run-typecheck/executor.d.ts +25 -0
- package/dist/tools/run-typecheck/executor.d.ts.map +1 -0
- package/dist/tools/run-typecheck/executor.js +83 -0
- package/dist/tools/run-typecheck/executor.js.map +1 -0
- package/dist/tools/search-code/executor.d.ts.map +1 -1
- package/dist/tools/search-code/executor.js +60 -30
- package/dist/tools/search-code/executor.js.map +1 -1
- package/dist/tools/shared.d.ts +26 -0
- package/dist/tools/shared.d.ts.map +1 -1
- package/dist/tools/shared.js +15 -0
- package/dist/tools/shared.js.map +1 -1
- package/dist/tools/todo-read/executor.d.ts +20 -0
- package/dist/tools/todo-read/executor.d.ts.map +1 -0
- package/dist/tools/todo-read/executor.js +26 -0
- package/dist/tools/todo-read/executor.js.map +1 -0
- package/dist/tools/todo-write/executor.d.ts +21 -0
- package/dist/tools/todo-write/executor.d.ts.map +1 -0
- package/dist/tools/todo-write/executor.js +38 -0
- package/dist/tools/todo-write/executor.js.map +1 -0
- package/dist/tools/web-fetch/descriptor.md +198 -0
- package/dist/tools/web-fetch/errors.d.ts +32 -0
- package/dist/tools/web-fetch/errors.d.ts.map +1 -0
- package/dist/tools/web-fetch/errors.js +91 -0
- package/dist/tools/web-fetch/errors.js.map +1 -0
- package/dist/tools/web-fetch/executor.d.ts +10 -0
- package/dist/tools/web-fetch/executor.d.ts.map +1 -0
- package/dist/tools/web-fetch/executor.js +191 -0
- package/dist/tools/web-fetch/executor.js.map +1 -0
- package/dist/tools/web-fetch/index.d.ts +4 -0
- package/dist/tools/web-fetch/index.d.ts.map +1 -0
- package/dist/tools/web-fetch/index.js +3 -0
- package/dist/tools/web-fetch/index.js.map +1 -0
- package/dist/tools/web-fetch/types.d.ts +157 -0
- package/dist/tools/web-fetch/types.d.ts.map +1 -0
- package/dist/tools/web-fetch/types.js +7 -0
- package/dist/tools/web-fetch/types.js.map +1 -0
- package/dist/tools/web-search/descriptor.md +89 -0
- package/dist/tools/web-search/errors.d.ts +33 -0
- package/dist/tools/web-search/errors.d.ts.map +1 -0
- package/dist/tools/web-search/errors.js +45 -0
- package/dist/tools/web-search/errors.js.map +1 -0
- package/dist/tools/web-search/executor.d.ts +10 -0
- package/dist/tools/web-search/executor.d.ts.map +1 -0
- package/dist/tools/web-search/executor.js +185 -0
- package/dist/tools/web-search/executor.js.map +1 -0
- package/dist/tools/web-search/index.d.ts +4 -0
- package/dist/tools/web-search/index.d.ts.map +1 -0
- package/dist/tools/web-search/index.js +3 -0
- package/dist/tools/web-search/index.js.map +1 -0
- package/dist/tools/web-search/types.d.ts +86 -0
- package/dist/tools/web-search/types.d.ts.map +1 -0
- package/dist/tools/web-search/types.js +7 -0
- package/dist/tools/web-search/types.js.map +1 -0
- package/dist/tools/write-file/executor.js +3 -3
- package/dist/tools/write-file/executor.js.map +1 -1
- package/dist/transformers/document-to-text.d.ts +11 -11
- package/dist/transformers/document-to-text.d.ts.map +1 -1
- package/dist/transformers/document-to-text.js +11 -11
- package/dist/transformers/document-to-text.js.map +1 -1
- package/dist/transformers/image-to-text.d.ts +15 -15
- package/dist/transformers/image-to-text.d.ts.map +1 -1
- package/dist/transformers/image-to-text.js +22 -21
- package/dist/transformers/image-to-text.js.map +1 -1
- package/dist/vector/index.d.ts +4 -2
- package/dist/vector/index.d.ts.map +1 -1
- package/dist/vector/index.js +2 -2
- package/dist/vector/index.js.map +1 -1
- package/dist/vector/local-fs-index.d.ts +59 -0
- package/dist/vector/local-fs-index.d.ts.map +1 -0
- package/dist/vector/local-fs-index.js +216 -0
- package/dist/vector/local-fs-index.js.map +1 -0
- package/dist/vector/qdrant.d.ts +11 -52
- package/dist/vector/qdrant.d.ts.map +1 -1
- package/dist/vector/qdrant.js +39 -105
- package/dist/vector/qdrant.js.map +1 -1
- package/package.json +27 -6
- package/dist/vector/local-fs.d.ts +0 -76
- package/dist/vector/local-fs.d.ts.map +0 -1
- package/dist/vector/local-fs.js +0 -153
- package/dist/vector/local-fs.js.map +0 -1
package/dist/backends/file.d.ts
CHANGED
|
@@ -7,12 +7,12 @@ export declare class FileBackend implements ExecutionBackend {
|
|
|
7
7
|
readonly kind: "file";
|
|
8
8
|
readonly traits: ExecutionTraits;
|
|
9
9
|
/**
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
10
|
+
* 执行文件操作。
|
|
11
|
+
*
|
|
12
|
+
* @param input 后端输入
|
|
13
|
+
* @param context 执行上下文
|
|
14
|
+
* @returns 后端输出
|
|
15
|
+
*/
|
|
16
16
|
execute(input: BackendInput, context: ExecutionContext): Promise<BackendOutput>;
|
|
17
17
|
}
|
|
18
18
|
//# sourceMappingURL=file.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"file.d.ts","sourceRoot":"","sources":["../../src/backends/file.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,YAAY,EACZ,aAAa,EACb,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EAChB,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"file.d.ts","sourceRoot":"","sources":["../../src/backends/file.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,YAAY,EACZ,aAAa,EACb,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EAChB,MAAM,aAAa,CAAC;AAerB;;GAEG;AACH,qBAAa,WAAY,YAAW,gBAAgB;IAClD,QAAQ,CAAC,IAAI,UAAU;IACvB,QAAQ,CAAC,IAAI,EAAG,MAAM,CAAU;IAChC,QAAQ,CAAC,MAAM,EAAE,eAAe,CAK9B;IAEH;;;;;;MAME;IACK,OAAO,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,aAAa,CAAC;CA0DtF"}
|
package/dist/backends/file.js
CHANGED
|
@@ -1,6 +1,17 @@
|
|
|
1
1
|
import { copyFile, mkdir, readFile, rename, rm, stat, writeFile } from "node:fs/promises";
|
|
2
2
|
import { dirname } from "node:path";
|
|
3
3
|
import { ValidationError } from "@tachu/core";
|
|
4
|
+
/**
|
|
5
|
+
* 如果 `context.abortSignal` 已触发,就立即抛出;否则 no-op。
|
|
6
|
+
*
|
|
7
|
+
* :Node fs 的 Promises API 并非每个方法都支持 `signal`,改用显式检查
|
|
8
|
+
* 在 backend 入口以及每个分支前完成"响应外部取消"的语义。
|
|
9
|
+
*/
|
|
10
|
+
const assertNotAborted = (context) => {
|
|
11
|
+
if (context.abortSignal?.aborted) {
|
|
12
|
+
throw context.abortSignal.reason ?? new Error("file backend aborted");
|
|
13
|
+
}
|
|
14
|
+
};
|
|
4
15
|
/**
|
|
5
16
|
* 文件系统执行后端。
|
|
6
17
|
*/
|
|
@@ -14,21 +25,23 @@ export class FileBackend {
|
|
|
14
25
|
timeout: 30_000,
|
|
15
26
|
};
|
|
16
27
|
/**
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
28
|
+
* 执行文件操作。
|
|
29
|
+
*
|
|
30
|
+
* @param input 后端输入
|
|
31
|
+
* @param context 执行上下文
|
|
32
|
+
* @returns 后端输出
|
|
33
|
+
*/
|
|
23
34
|
async execute(input, context) {
|
|
24
35
|
const payload = input.payload;
|
|
25
36
|
if (!payload.operation || !payload.path) {
|
|
26
37
|
throw new ValidationError("VALIDATION_FILE_OPERATION", "file backend 缺少 operation/path");
|
|
27
38
|
}
|
|
39
|
+
assertNotAborted(context);
|
|
28
40
|
switch (payload.operation) {
|
|
29
41
|
case "read": {
|
|
30
42
|
const data = await readFile(payload.path, payload.encoding ?? "utf8");
|
|
31
|
-
|
|
43
|
+
assertNotAborted(context);
|
|
44
|
+
return { success: true, result: { content: data, traceId: context.correlation.traceId } };
|
|
32
45
|
}
|
|
33
46
|
case "write": {
|
|
34
47
|
if (typeof payload.content !== "string") {
|
|
@@ -37,29 +50,32 @@ export class FileBackend {
|
|
|
37
50
|
if (payload.createDirs) {
|
|
38
51
|
await mkdir(dirname(payload.path), { recursive: true });
|
|
39
52
|
}
|
|
53
|
+
assertNotAborted(context);
|
|
40
54
|
await writeFile(payload.path, payload.content, payload.encoding ?? "utf8");
|
|
41
55
|
const fileStat = await stat(payload.path);
|
|
42
|
-
return { success: true, result: { bytesWritten: fileStat.size, traceId: context.traceId } };
|
|
56
|
+
return { success: true, result: { bytesWritten: fileStat.size, traceId: context.correlation.traceId } };
|
|
43
57
|
}
|
|
44
58
|
case "delete": {
|
|
45
59
|
await rm(payload.path, { force: true, recursive: true });
|
|
46
|
-
return { success: true, result: { deleted: true, traceId: context.traceId } };
|
|
60
|
+
return { success: true, result: { deleted: true, traceId: context.correlation.traceId } };
|
|
47
61
|
}
|
|
48
62
|
case "move": {
|
|
49
63
|
if (!payload.to) {
|
|
50
64
|
throw new ValidationError("VALIDATION_FILE_OPERATION", "move 操作缺少 to");
|
|
51
65
|
}
|
|
52
66
|
await mkdir(dirname(payload.to), { recursive: true });
|
|
67
|
+
assertNotAborted(context);
|
|
53
68
|
await rename(payload.path, payload.to);
|
|
54
|
-
return { success: true, result: { moved: true, traceId: context.traceId } };
|
|
69
|
+
return { success: true, result: { moved: true, traceId: context.correlation.traceId } };
|
|
55
70
|
}
|
|
56
71
|
case "copy": {
|
|
57
72
|
if (!payload.to) {
|
|
58
73
|
throw new ValidationError("VALIDATION_FILE_OPERATION", "copy 操作缺少 to");
|
|
59
74
|
}
|
|
60
75
|
await mkdir(dirname(payload.to), { recursive: true });
|
|
76
|
+
assertNotAborted(context);
|
|
61
77
|
await copyFile(payload.path, payload.to);
|
|
62
|
-
return { success: true, result: { copied: true, traceId: context.traceId } };
|
|
78
|
+
return { success: true, result: { copied: true, traceId: context.correlation.traceId } };
|
|
63
79
|
}
|
|
64
80
|
default:
|
|
65
81
|
throw new ValidationError("VALIDATION_FILE_OPERATION", `未知文件操作: ${payload.operation}`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"file.js","sourceRoot":"","sources":["../../src/backends/file.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC1F,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAQpC,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAE9C;;GAEG;AACH,MAAM,OAAO,WAAW;IACb,IAAI,GAAG,MAAM,CAAC;IACd,IAAI,GAAG,MAAe,CAAC;IACvB,MAAM,GAAoB;QACjC,UAAU,EAAE,OAAO;QACnB,UAAU,EAAE,KAAK;QACjB,gBAAgB,EAAE,IAAI;QACtB,OAAO,EAAE,MAAM;KAChB,CAAC;
|
|
1
|
+
{"version":3,"file":"file.js","sourceRoot":"","sources":["../../src/backends/file.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC1F,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAQpC,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAE9C;;;;;GAKG;AACH,MAAM,gBAAgB,GAAG,CAAC,OAAyB,EAAQ,EAAE;IAC3D,IAAI,OAAO,CAAC,WAAW,EAAE,OAAO,EAAE,CAAC;QACjC,MAAM,OAAO,CAAC,WAAW,CAAC,MAAM,IAAI,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IACxE,CAAC;AACH,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,OAAO,WAAW;IACb,IAAI,GAAG,MAAM,CAAC;IACd,IAAI,GAAG,MAAe,CAAC;IACvB,MAAM,GAAoB;QACjC,UAAU,EAAE,OAAO;QACnB,UAAU,EAAE,KAAK;QACjB,gBAAgB,EAAE,IAAI;QACtB,OAAO,EAAE,MAAM;KAChB,CAAC;IAEH;;;;;;MAME;IACD,KAAK,CAAC,OAAO,CAAC,KAAmB,EAAE,OAAyB;QAC1D,MAAM,OAAO,GAAG,KAAK,CAAC,OAOrB,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;YACxC,MAAM,IAAI,eAAe,CAAC,2BAA2B,EAAE,gCAAgC,CAAC,CAAC;QAC3F,CAAC;QAED,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAC1B,QAAQ,OAAO,CAAC,SAAS,EAAE,CAAC;YAC1B,KAAK,MAAM,CAAC,CAAC,CAAC;gBACZ,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,QAAQ,IAAI,MAAM,CAAC,CAAC;gBACtE,gBAAgB,CAAC,OAAO,CAAC,CAAC;gBAC1B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,CAAC;YAC5F,CAAC;YACD,KAAK,OAAO,CAAC,CAAC,CAAC;gBACb,IAAI,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;oBACxC,MAAM,IAAI,eAAe,CAAC,2BAA2B,EAAE,oBAAoB,CAAC,CAAC;gBAC/E,CAAC;gBACD,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;oBACvB,MAAM,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC1D,CAAC;gBACD,gBAAgB,CAAC,OAAO,CAAC,CAAC;gBAC1B,MAAM,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,QAAQ,IAAI,MAAM,CAAC,CAAC;gBAC3E,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;gBAC1C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,YAAY,EAAE,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,CAAC;YAC1G,CAAC;YACD,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,MAAM,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;gBACzD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,CAAC;YAC5F,CAAC;YACD,KAAK,MAAM,CAAC,CAAC,CAAC;gBACZ,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;oBAChB,MAAM,IAAI,eAAe,CAAC,2BAA2B,EAAE,cAAc,CAAC,CAAC;gBACzE,CAAC;gBACD,MAAM,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;gBACtD,gBAAgB,CAAC,OAAO,CAAC,CAAC;gBAC1B,MAAM,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;gBACvC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,CAAC;YAC1F,CAAC;YACD,KAAK,MAAM,CAAC,CAAC,CAAC;gBACZ,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;oBAChB,MAAM,IAAI,eAAe,CAAC,2BAA2B,EAAE,cAAc,CAAC,CAAC;gBACzE,CAAC;gBACD,MAAM,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;gBACtD,gBAAgB,CAAC,OAAO,CAAC,CAAC;gBAC1B,MAAM,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;gBACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,CAAC;YAC3F,CAAC;YACD;gBACE,MAAM,IAAI,eAAe,CAAC,2BAA2B,EAAE,WAAW,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;QAC3F,CAAC;IACH,CAAC;CACF"}
|
|
@@ -7,12 +7,12 @@ export declare class TerminalBackend implements ExecutionBackend {
|
|
|
7
7
|
readonly kind: "terminal";
|
|
8
8
|
readonly traits: ExecutionTraits;
|
|
9
9
|
/**
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
10
|
+
* 执行终端命令。
|
|
11
|
+
*
|
|
12
|
+
* @param input 后端输入
|
|
13
|
+
* @param context 执行上下文
|
|
14
|
+
* @returns 后端输出
|
|
15
|
+
*/
|
|
16
16
|
execute(input: BackendInput, context: ExecutionContext): Promise<BackendOutput>;
|
|
17
17
|
}
|
|
18
18
|
//# sourceMappingURL=terminal.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"terminal.d.ts","sourceRoot":"","sources":["../../src/backends/terminal.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,YAAY,EACZ,aAAa,EACb,gBAAgB,EAChB,eAAe,EACf,gBAAgB,EACjB,MAAM,aAAa,CAAC;AAMrB;;GAEG;AACH,qBAAa,eAAgB,YAAW,gBAAgB;IACtD,QAAQ,CAAC,IAAI,cAAc;IAC3B,QAAQ,CAAC,IAAI,EAAG,UAAU,CAAU;IACpC,QAAQ,CAAC,MAAM,EAAE,eAAe,CAK9B;
|
|
1
|
+
{"version":3,"file":"terminal.d.ts","sourceRoot":"","sources":["../../src/backends/terminal.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,YAAY,EACZ,aAAa,EACb,gBAAgB,EAChB,eAAe,EACf,gBAAgB,EACjB,MAAM,aAAa,CAAC;AAMrB;;GAEG;AACH,qBAAa,eAAgB,YAAW,gBAAgB;IACtD,QAAQ,CAAC,IAAI,cAAc;IAC3B,QAAQ,CAAC,IAAI,EAAG,UAAU,CAAU;IACpC,QAAQ,CAAC,MAAM,EAAE,eAAe,CAK9B;IAEH;;;;;;MAME;IACK,OAAO,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,aAAa,CAAC;CAqEtF"}
|
|
@@ -14,17 +14,34 @@ export class TerminalBackend {
|
|
|
14
14
|
timeout: 60_000,
|
|
15
15
|
};
|
|
16
16
|
/**
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
17
|
+
* 执行终端命令。
|
|
18
|
+
*
|
|
19
|
+
* @param input 后端输入
|
|
20
|
+
* @param context 执行上下文
|
|
21
|
+
* @returns 后端输出
|
|
22
|
+
*/
|
|
23
23
|
async execute(input, context) {
|
|
24
24
|
const payload = input.payload;
|
|
25
25
|
if (!payload.command) {
|
|
26
26
|
throw new ValidationError("VALIDATION_EMPTY_COMMAND", "terminal backend command 不能为空");
|
|
27
27
|
}
|
|
28
|
+
// :尊重宿主注入的 `context.abortSignal`。即便主干传入一个已取消的
|
|
29
|
+
// 信号,也直接返回失败,不再产生真实子进程,避免 "先 spawn 再 kill" 的开销。
|
|
30
|
+
if (context.abortSignal?.aborted) {
|
|
31
|
+
const reason = context.abortSignal.reason instanceof Error
|
|
32
|
+
? context.abortSignal.reason.message
|
|
33
|
+
: String(context.abortSignal.reason ?? "aborted");
|
|
34
|
+
return {
|
|
35
|
+
success: false,
|
|
36
|
+
result: {
|
|
37
|
+
stdout: "",
|
|
38
|
+
stderr: `terminal backend aborted before spawn: ${reason}`,
|
|
39
|
+
exitCode: -1,
|
|
40
|
+
traceId: context.correlation.traceId,
|
|
41
|
+
aborted: true,
|
|
42
|
+
},
|
|
43
|
+
};
|
|
44
|
+
}
|
|
28
45
|
const processRef = Bun.spawn({
|
|
29
46
|
cmd: [payload.command, ...(payload.args ?? [])],
|
|
30
47
|
...(payload.cwd ? { cwd: payload.cwd } : {}),
|
|
@@ -32,6 +49,12 @@ export class TerminalBackend {
|
|
|
32
49
|
stderr: "pipe",
|
|
33
50
|
env: process.env,
|
|
34
51
|
});
|
|
52
|
+
const onExternalAbort = () => {
|
|
53
|
+
if (processRef.pid) {
|
|
54
|
+
void terminateProcess(processRef.pid);
|
|
55
|
+
}
|
|
56
|
+
};
|
|
57
|
+
context.abortSignal?.addEventListener("abort", onExternalAbort, { once: true });
|
|
35
58
|
const timeoutId = setTimeout(() => {
|
|
36
59
|
if (processRef.pid) {
|
|
37
60
|
void terminateProcess(processRef.pid);
|
|
@@ -43,13 +66,14 @@ export class TerminalBackend {
|
|
|
43
66
|
processRef.exited,
|
|
44
67
|
]);
|
|
45
68
|
clearTimeout(timeoutId);
|
|
69
|
+
context.abortSignal?.removeEventListener("abort", onExternalAbort);
|
|
46
70
|
return {
|
|
47
71
|
success: exitCode === 0,
|
|
48
72
|
result: {
|
|
49
73
|
stdout: stdout.text,
|
|
50
74
|
stderr: stderr.text,
|
|
51
75
|
exitCode,
|
|
52
|
-
traceId: context.traceId,
|
|
76
|
+
traceId: context.correlation.traceId,
|
|
53
77
|
},
|
|
54
78
|
};
|
|
55
79
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"terminal.js","sourceRoot":"","sources":["../../src/backends/terminal.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAE1E,MAAM,kBAAkB,GAAG,IAAI,GAAG,IAAI,CAAC;AAEvC;;GAEG;AACH,MAAM,OAAO,eAAe;IACjB,IAAI,GAAG,UAAU,CAAC;IAClB,IAAI,GAAG,UAAmB,CAAC;IAC3B,MAAM,GAAoB;QACjC,UAAU,EAAE,cAAc;QAC1B,UAAU,EAAE,KAAK;QACjB,gBAAgB,EAAE,IAAI;QACtB,OAAO,EAAE,MAAM;KAChB,CAAC;
|
|
1
|
+
{"version":3,"file":"terminal.js","sourceRoot":"","sources":["../../src/backends/terminal.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAE1E,MAAM,kBAAkB,GAAG,IAAI,GAAG,IAAI,CAAC;AAEvC;;GAEG;AACH,MAAM,OAAO,eAAe;IACjB,IAAI,GAAG,UAAU,CAAC;IAClB,IAAI,GAAG,UAAmB,CAAC;IAC3B,MAAM,GAAoB;QACjC,UAAU,EAAE,cAAc;QAC1B,UAAU,EAAE,KAAK;QACjB,gBAAgB,EAAE,IAAI;QACtB,OAAO,EAAE,MAAM;KAChB,CAAC;IAEH;;;;;;MAME;IACD,KAAK,CAAC,OAAO,CAAC,KAAmB,EAAE,OAAyB;QAC1D,MAAM,OAAO,GAAG,KAAK,CAAC,OAKrB,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrB,MAAM,IAAI,eAAe,CAAC,0BAA0B,EAAE,+BAA+B,CAAC,CAAC;QACzF,CAAC;QAEJ,8CAA8C;QAC9C,gDAAgD;QAC7C,IAAI,OAAO,CAAC,WAAW,EAAE,OAAO,EAAE,CAAC;YACjC,MAAM,MAAM,GACV,OAAO,CAAC,WAAW,CAAC,MAAM,YAAY,KAAK;gBACzC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,OAAO;gBACpC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,MAAM,IAAI,SAAS,CAAC,CAAC;YACtD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE;oBACN,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,0CAA0C,MAAM,EAAE;oBAC1D,QAAQ,EAAE,CAAC,CAAC;oBACZ,OAAO,EAAE,OAAO,CAAC,WAAW,CAAC,OAAO;oBACpC,OAAO,EAAE,IAAI;iBACd;aACF,CAAC;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,GAAG,CAAC,KAAK,CAAC;YAC3B,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;YAC/C,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC5C,MAAM,EAAE,MAAM;YACd,MAAM,EAAE,MAAM;YACd,GAAG,EAAE,OAAO,CAAC,GAAG;SACjB,CAAC,CAAC;QAEH,MAAM,eAAe,GAAG,GAAS,EAAE;YACjC,IAAI,UAAU,CAAC,GAAG,EAAE,CAAC;gBACnB,KAAK,gBAAgB,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YACxC,CAAC;QACH,CAAC,CAAC;QACF,OAAO,CAAC,WAAW,EAAE,gBAAgB,CAAC,OAAO,EAAE,eAAe,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QAEhF,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;YAChC,IAAI,UAAU,CAAC,GAAG,EAAE,CAAC;gBACnB,KAAK,gBAAgB,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YACxC,CAAC;QACH,CAAC,EAAE,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAE7C,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YACnD,mBAAmB,CAAC,UAAU,CAAC,MAAM,EAAE,kBAAkB,CAAC;YAC1D,mBAAmB,CAAC,UAAU,CAAC,MAAM,EAAE,kBAAkB,CAAC;YAC1D,UAAU,CAAC,MAAM;SAClB,CAAC,CAAC;QACH,YAAY,CAAC,SAAS,CAAC,CAAC;QACxB,OAAO,CAAC,WAAW,EAAE,mBAAmB,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAEnE,OAAO;YACL,OAAO,EAAE,QAAQ,KAAK,CAAC;YACvB,MAAM,EAAE;gBACN,MAAM,EAAE,MAAM,CAAC,IAAI;gBACnB,MAAM,EAAE,MAAM,CAAC,IAAI;gBACnB,QAAQ;gBACR,OAAO,EAAE,OAAO,CAAC,WAAW,CAAC,OAAO;aACrC;SACF,CAAC;IACJ,CAAC;CACF"}
|
package/dist/backends/web.d.ts
CHANGED
|
@@ -7,12 +7,12 @@ export declare class WebBackend implements ExecutionBackend {
|
|
|
7
7
|
readonly kind: "web";
|
|
8
8
|
readonly traits: ExecutionTraits;
|
|
9
9
|
/**
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
10
|
+
* 执行 HTTP 请求。
|
|
11
|
+
*
|
|
12
|
+
* @param input 后端输入
|
|
13
|
+
* @param context 执行上下文
|
|
14
|
+
* @returns 后端输出
|
|
15
|
+
*/
|
|
16
16
|
execute(input: BackendInput, context: ExecutionContext): Promise<BackendOutput>;
|
|
17
17
|
}
|
|
18
18
|
//# sourceMappingURL=web.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"web.d.ts","sourceRoot":"","sources":["../../src/backends/web.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,YAAY,EACZ,aAAa,EACb,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EAChB,MAAM,aAAa,CAAC;AAMrB;;GAEG;AACH,qBAAa,UAAW,YAAW,gBAAgB;IACjD,QAAQ,CAAC,IAAI,SAAS;IACtB,QAAQ,CAAC,IAAI,EAAG,KAAK,CAAU;IAC/B,QAAQ,CAAC,MAAM,EAAE,eAAe,CAK9B;
|
|
1
|
+
{"version":3,"file":"web.d.ts","sourceRoot":"","sources":["../../src/backends/web.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,YAAY,EACZ,aAAa,EACb,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EAChB,MAAM,aAAa,CAAC;AAMrB;;GAEG;AACH,qBAAa,UAAW,YAAW,gBAAgB;IACjD,QAAQ,CAAC,IAAI,SAAS;IACtB,QAAQ,CAAC,IAAI,EAAG,KAAK,CAAU;IAC/B,QAAQ,CAAC,MAAM,EAAE,eAAe,CAK9B;IAEH;;;;;;MAME;IACK,OAAO,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,aAAa,CAAC;CAyCtF"}
|
package/dist/backends/web.js
CHANGED
|
@@ -14,19 +14,21 @@ export class WebBackend {
|
|
|
14
14
|
timeout: 30_000,
|
|
15
15
|
};
|
|
16
16
|
/**
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
17
|
+
* 执行 HTTP 请求。
|
|
18
|
+
*
|
|
19
|
+
* @param input 后端输入
|
|
20
|
+
* @param context 执行上下文
|
|
21
|
+
* @returns 后端输出
|
|
22
|
+
*/
|
|
23
23
|
async execute(input, context) {
|
|
24
24
|
const payload = input.payload;
|
|
25
25
|
if (!payload.url) {
|
|
26
26
|
throw new ValidationError("VALIDATION_INVALID_URL", "web backend 缺少 url");
|
|
27
27
|
}
|
|
28
28
|
const target = await assertPublicUrl(payload.url);
|
|
29
|
-
|
|
29
|
+
// :把宿主注入的 `context.abortSignal` 与本地超时信号合并,外部取消
|
|
30
|
+
// 能立即中断下游 fetch 请求,不必等到本 backend 的内建超时到期。
|
|
31
|
+
const timeout = withAbortTimeout(context.abortSignal, payload.timeoutMs ?? this.traits.timeout, "TIMEOUT_WEB_BACKEND");
|
|
30
32
|
try {
|
|
31
33
|
const response = await fetch(target, {
|
|
32
34
|
method: payload.method ?? "GET",
|
|
@@ -41,7 +43,7 @@ export class WebBackend {
|
|
|
41
43
|
status: response.status,
|
|
42
44
|
body: body.body,
|
|
43
45
|
truncated: body.truncated,
|
|
44
|
-
traceId: context.traceId,
|
|
46
|
+
traceId: context.correlation.traceId,
|
|
45
47
|
},
|
|
46
48
|
};
|
|
47
49
|
}
|
package/dist/backends/web.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"web.js","sourceRoot":"","sources":["../../src/backends/web.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,eAAe,EAAE,yBAAyB,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAE7F,MAAM,kBAAkB,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC;AAE3C;;GAEG;AACH,MAAM,OAAO,UAAU;IACZ,IAAI,GAAG,KAAK,CAAC;IACb,IAAI,GAAG,KAAc,CAAC;IACtB,MAAM,GAAoB;QACjC,UAAU,EAAE,UAAU;QACtB,UAAU,EAAE,KAAK;QACjB,gBAAgB,EAAE,KAAK;QACvB,OAAO,EAAE,MAAM;KAChB,CAAC;
|
|
1
|
+
{"version":3,"file":"web.js","sourceRoot":"","sources":["../../src/backends/web.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,eAAe,EAAE,yBAAyB,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAE7F,MAAM,kBAAkB,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC;AAE3C;;GAEG;AACH,MAAM,OAAO,UAAU;IACZ,IAAI,GAAG,KAAK,CAAC;IACb,IAAI,GAAG,KAAc,CAAC;IACtB,MAAM,GAAoB;QACjC,UAAU,EAAE,UAAU;QACtB,UAAU,EAAE,KAAK;QACjB,gBAAgB,EAAE,KAAK;QACvB,OAAO,EAAE,MAAM;KAChB,CAAC;IAEH;;;;;;MAME;IACD,KAAK,CAAC,OAAO,CAAC,KAAmB,EAAE,OAAyB;QAC1D,MAAM,OAAO,GAAG,KAAK,CAAC,OAMrB,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YACjB,MAAM,IAAI,eAAe,CAAC,wBAAwB,EAAE,oBAAoB,CAAC,CAAC;QAC5E,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACrD,+CAA+C;QAC/C,0CAA0C;QACvC,MAAM,OAAO,GAAG,gBAAgB,CAC9B,OAAO,CAAC,WAAW,EACnB,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EACxC,qBAAqB,CACtB,CAAC;QACF,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,MAAM,EAAE;gBACnC,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,KAAK;gBAC/B,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,MAAM,EAAE,OAAO,CAAC,MAAM;aACvB,CAAC,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,yBAAyB,CAAC,QAAQ,EAAE,kBAAkB,CAAC,CAAC;YAC3E,OAAO;gBACL,OAAO,EAAE,QAAQ,CAAC,EAAE;gBACpB,MAAM,EAAE;oBACN,MAAM,EAAE,QAAQ,CAAC,MAAM;oBACvB,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,OAAO,EAAE,OAAO,CAAC,WAAW,CAAC,OAAO;iBACrC;aACF,CAAC;QACJ,CAAC;gBAAS,CAAC;YACT,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,CAAC;IACH,CAAC;CACF"}
|
package/dist/common/net.d.ts
CHANGED
package/dist/common/net.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"net.d.ts","sourceRoot":"","sources":["../../src/common/net.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"net.d.ts","sourceRoot":"","sources":["../../src/common/net.ts"],"names":[],"mappings":"AAiBA;;;;GAIG;AACH,eAAO,MAAM,kBAAkB,GAAI,MAAM;IACvC,qBAAqB,CAAC,EAAE,OAAO,CAAC;CACjC,KAAG,IAIH,CAAC;AAyCF;;;;;GAKG;AACH,eAAO,MAAM,eAAe,GAAU,OAAO,MAAM,KAAG,OAAO,CAAC,GAAG,CAgDhE,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,gBAAgB,GAC3B,QAAQ,WAAW,GAAG,SAAS,EAC/B,WAAW,MAAM,EACjB,oBAAwC,KACvC;IAAE,MAAM,EAAE,WAAW,CAAC;IAAC,OAAO,EAAE,MAAM,IAAI,CAAA;CAsB5C,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,yBAAyB,GACpC,UAAU,QAAQ,EAClB,UAAU,MAAM,KACf,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,OAAO,CAAA;CAAE,CAwC9C,CAAC"}
|
package/dist/common/net.js
CHANGED
|
@@ -2,6 +2,19 @@ import { lookup } from "node:dns/promises";
|
|
|
2
2
|
import { isIP } from "node:net";
|
|
3
3
|
import { SafetyError, TimeoutError } from "@tachu/core";
|
|
4
4
|
const LOCAL_HOSTNAMES = new Set(["localhost", "localhost.localdomain"]);
|
|
5
|
+
const netSafety = {
|
|
6
|
+
allowLoopbackForTests: false,
|
|
7
|
+
};
|
|
8
|
+
/**
|
|
9
|
+
* 配置网络安全开关。仅供集成测试在启动本地 HTTP 服务时临时放行 127.0.0.1 / localhost。
|
|
10
|
+
*
|
|
11
|
+
* 生产代码不应调用本函数。调用后请在用例结束时显式还原为 `false`,避免污染其它测试。
|
|
12
|
+
*/
|
|
13
|
+
export const configureNetSafety = (opts) => {
|
|
14
|
+
if (typeof opts.allowLoopbackForTests === "boolean") {
|
|
15
|
+
netSafety.allowLoopbackForTests = opts.allowLoopbackForTests;
|
|
16
|
+
}
|
|
17
|
+
};
|
|
5
18
|
const isPrivateIpv4 = (ip) => {
|
|
6
19
|
const [aRaw, bRaw] = ip.split(".");
|
|
7
20
|
const a = Number(aRaw);
|
|
@@ -57,30 +70,32 @@ export const assertPublicUrl = async (input) => {
|
|
|
57
70
|
throw new SafetyError("SAFETY_PROTOCOL_NOT_ALLOWED", `协议不允许: ${parsed.protocol}`);
|
|
58
71
|
}
|
|
59
72
|
const hostname = parsed.hostname.toLowerCase();
|
|
60
|
-
if (
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
(record.family ===
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
73
|
+
if (!netSafety.allowLoopbackForTests) {
|
|
74
|
+
if (LOCAL_HOSTNAMES.has(hostname) || hostname.endsWith(".local")) {
|
|
75
|
+
throw new SafetyError("SAFETY_PRIVATE_NETWORK_BLOCKED", `已阻止私网地址: ${hostname}`, {
|
|
76
|
+
context: { hostname },
|
|
77
|
+
});
|
|
78
|
+
}
|
|
79
|
+
const literalIpFamily = isIP(hostname);
|
|
80
|
+
if (literalIpFamily === 4 && isPrivateIpv4(hostname)) {
|
|
81
|
+
throw new SafetyError("SAFETY_PRIVATE_NETWORK_BLOCKED", `已阻止私网地址: ${hostname}`, {
|
|
82
|
+
context: { hostname },
|
|
83
|
+
});
|
|
84
|
+
}
|
|
85
|
+
if (literalIpFamily === 6 && isPrivateIpv6(hostname)) {
|
|
86
|
+
throw new SafetyError("SAFETY_PRIVATE_NETWORK_BLOCKED", `已阻止私网地址: ${hostname}`, {
|
|
87
|
+
context: { hostname },
|
|
88
|
+
});
|
|
89
|
+
}
|
|
90
|
+
if (literalIpFamily === 0) {
|
|
91
|
+
const records = await lookup(hostname, { all: true });
|
|
92
|
+
for (const record of records) {
|
|
93
|
+
if ((record.family === 4 && isPrivateIpv4(record.address)) ||
|
|
94
|
+
(record.family === 6 && isPrivateIpv6(record.address))) {
|
|
95
|
+
throw new SafetyError("SAFETY_PRIVATE_NETWORK_BLOCKED", `已阻止私网地址: ${hostname}`, {
|
|
96
|
+
context: { hostname, resolved: records.map((item) => item.address) },
|
|
97
|
+
});
|
|
98
|
+
}
|
|
84
99
|
}
|
|
85
100
|
}
|
|
86
101
|
}
|
package/dist/common/net.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"net.js","sourceRoot":"","sources":["../../src/common/net.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,UAAU,CAAC;AAChC,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAExD,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,uBAAuB,CAAC,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"net.js","sourceRoot":"","sources":["../../src/common/net.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,UAAU,CAAC;AAChC,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAExD,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,uBAAuB,CAAC,CAAC,CAAC;AASxE,MAAM,SAAS,GAAmB;IAChC,qBAAqB,EAAE,KAAK;CAC7B,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,IAElC,EAAQ,EAAE;IACT,IAAI,OAAO,IAAI,CAAC,qBAAqB,KAAK,SAAS,EAAE,CAAC;QACpD,SAAS,CAAC,qBAAqB,GAAG,IAAI,CAAC,qBAAqB,CAAC;IAC/D,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,aAAa,GAAG,CAAC,EAAU,EAAW,EAAE;IAC5C,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACnC,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;IACvB,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;QACvC,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;QAC3B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC;QACpC,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;QAC3B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QACZ,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAEF,MAAM,aAAa,GAAG,CAAC,EAAU,EAAW,EAAE;IAC5C,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,EAAE,CAAC;IAC/B,IAAI,KAAK,KAAK,KAAK,EAAE,CAAC;QACpB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACrD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,KAAK,EAAE,KAAa,EAAgB,EAAE;IACnE,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;IAC1B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,WAAW,CAAC,oBAAoB,EAAE,WAAW,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;IACpF,CAAC;IAED,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAChE,MAAM,IAAI,WAAW,CAAC,6BAA6B,EAAE,UAAU,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;IACpF,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;IAC/C,IAAI,CAAC,SAAS,CAAC,qBAAqB,EAAE,CAAC;QACrC,IAAI,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjE,MAAM,IAAI,WAAW,CAAC,gCAAgC,EAAE,YAAY,QAAQ,EAAE,EAAE;gBAC9E,OAAO,EAAE,EAAE,QAAQ,EAAE;aACtB,CAAC,CAAC;QACL,CAAC;QAED,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvC,IAAI,eAAe,KAAK,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC;YACrD,MAAM,IAAI,WAAW,CAAC,gCAAgC,EAAE,YAAY,QAAQ,EAAE,EAAE;gBAC9E,OAAO,EAAE,EAAE,QAAQ,EAAE;aACtB,CAAC,CAAC;QACL,CAAC;QACD,IAAI,eAAe,KAAK,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC;YACrD,MAAM,IAAI,WAAW,CAAC,gCAAgC,EAAE,YAAY,QAAQ,EAAE,EAAE;gBAC9E,OAAO,EAAE,EAAE,QAAQ,EAAE;aACtB,CAAC,CAAC;QACL,CAAC;QAED,IAAI,eAAe,KAAK,CAAC,EAAE,CAAC;YAC1B,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,QAAQ,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;YACtD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,IACE,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;oBACtD,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,EACtD,CAAC;oBACD,MAAM,IAAI,WAAW,CAAC,gCAAgC,EAAE,YAAY,QAAQ,EAAE,EAAE;wBAC9E,OAAO,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;qBACrE,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAC9B,MAA+B,EAC/B,SAAiB,EACjB,WAAW,GAAG,0BAA0B,EACM,EAAE;IAChD,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,IAAI,SAAoD,CAAC;IAEzD,MAAM,OAAO,GAAG,GAAS,EAAE;QACzB,UAAU,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,IAAI,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;IAC3D,CAAC,CAAC;IACF,MAAM,EAAE,gBAAgB,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;IAE3D,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;QAC1B,UAAU,CAAC,KAAK,CAAC,IAAI,YAAY,CAAC,WAAW,EAAE,SAAS,SAAS,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAC/F,CAAC,EAAE,SAAS,CAAC,CAAC;IAEd,OAAO;QACL,MAAM,EAAE,UAAU,CAAC,MAAM;QACzB,OAAO,EAAE,GAAG,EAAE;YACZ,IAAI,SAAS,EAAE,CAAC;gBACd,YAAY,CAAC,SAAS,CAAC,CAAC;YAC1B,CAAC;YACD,MAAM,EAAE,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAChD,CAAC;KACF,CAAC;AACJ,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,KAAK,EAC5C,QAAkB,EAClB,QAAgB,EAC+B,EAAE;IACjD,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,EAAE,SAAS,EAAE,CAAC;IAC1C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;IACxC,CAAC;IAED,MAAM,MAAM,GAAiB,EAAE,CAAC;IAChC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,SAAS,GAAG,KAAK,CAAC;IAEtB,OAAO,IAAI,EAAE,CAAC;QACZ,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;QAC5C,IAAI,IAAI,EAAE,CAAC;YACT,MAAM;QACR,CAAC;QACD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,SAAS;QACX,CAAC;QACD,MAAM,IAAI,GAAG,QAAQ,GAAG,KAAK,CAAC;QAC9B,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC;YACd,SAAS,GAAG,IAAI,CAAC;YACjB,MAAM;QACR,CAAC;QACD,IAAI,KAAK,CAAC,UAAU,GAAG,IAAI,EAAE,CAAC;YAC5B,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;YACrC,KAAK,IAAI,IAAI,CAAC;YACd,SAAS,GAAG,IAAI,CAAC;YACjB,MAAM;QACR,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACnB,KAAK,IAAI,KAAK,CAAC,UAAU,CAAC;IAC5B,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IACrC,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,UAAU,CAAC;IAC7B,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,SAAS,EAAE,CAAC;AAC/D,CAAC,CAAC"}
|
package/dist/common/path.d.ts
CHANGED
|
@@ -1,10 +1,43 @@
|
|
|
1
1
|
/**
|
|
2
|
-
*
|
|
2
|
+
* 解析一条工具输入路径的可选上下文。
|
|
3
|
+
*/
|
|
4
|
+
export interface ResolveAllowedPathOptions {
|
|
5
|
+
/**
|
|
6
|
+
* 允许访问的根目录列表(绝对路径)。相对路径会以第一个根为基准展开。
|
|
7
|
+
* 至少包含一个;通常是 `[workspaceRoot, ...extraRoots]`。
|
|
8
|
+
*/
|
|
9
|
+
allowedRoots: readonly string[];
|
|
10
|
+
/**
|
|
11
|
+
* 本次调用是否已经通过用户审批。
|
|
12
|
+
*
|
|
13
|
+
* 一旦为 `true`,路径校验会直接放行:语义上用户已经在审批提示里看过
|
|
14
|
+
* `argumentsPreview`(包括任何路径字段)并显式同意。这条通道只用于"本次
|
|
15
|
+
* 工具调用",不会污染后续调用的沙箱策略。
|
|
16
|
+
*
|
|
17
|
+
* 审批未触发或被拒绝时必须保持 `false`。
|
|
18
|
+
*/
|
|
19
|
+
sandboxWaived?: boolean;
|
|
20
|
+
}
|
|
21
|
+
/**
|
|
22
|
+
* 把用户输入路径规范化到允许的根目录集合之一。
|
|
3
23
|
*
|
|
4
|
-
*
|
|
5
|
-
*
|
|
6
|
-
*
|
|
7
|
-
*
|
|
24
|
+
* 沙箱层级自上而下:
|
|
25
|
+
* 1. `sandboxWaived === true` → 本次调用豁免,直接返回 `resolve(...)` 后的绝对路径;
|
|
26
|
+
* 2. 否则检查候选路径是否落在任意 `allowedRoots` 之下;全部不满足时抛出
|
|
27
|
+
* `ValidationError(VALIDATION_PATH_ESCAPE)`。
|
|
28
|
+
*
|
|
29
|
+
* 该函数对"同时传入了相对路径与绝对路径"的语义:相对路径基于
|
|
30
|
+
* `allowedRoots[0]` 展开(通常就是 workspaceRoot),因为模型给出相对路径时
|
|
31
|
+
* 默认意图"相对工作区";绝对路径则直接 resolve 后再做白名单判定。
|
|
32
|
+
*
|
|
33
|
+
* @throws ValidationError 当沙箱未豁免且候选路径不在任何允许的根下
|
|
34
|
+
*/
|
|
35
|
+
export declare const resolveAllowedPath: (targetPath: string, options: ResolveAllowedPathOptions) => string;
|
|
36
|
+
/**
|
|
37
|
+
* 旧签名兼容层:仅允许 `workspaceRoot` 一个根,不走审批豁免。
|
|
38
|
+
*
|
|
39
|
+
* @deprecated 新代码请改用 {@link resolveAllowedPath},通过 `ToolExecutionContext.allowedRoots`
|
|
40
|
+
* 和 `ToolExecutionContext.sandboxWaived` 传递完整的白名单/审批状态。
|
|
8
41
|
*/
|
|
9
42
|
export declare const resolveWorkspacePath: (workspaceRoot: string, targetPath: string) => string;
|
|
10
43
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"path.d.ts","sourceRoot":"","sources":["../../src/common/path.ts"],"names":[],"mappings":"AAGA
|
|
1
|
+
{"version":3,"file":"path.d.ts","sourceRoot":"","sources":["../../src/common/path.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACzC;;;MAGE;IACD,YAAY,EAAE,SAAS,MAAM,EAAE,CAAC;IACjC;;;;;;;;MAQE;IACD,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAID;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,kBAAkB,GAC7B,YAAY,MAAM,EAClB,SAAS,yBAAyB,KACjC,MAsCF,CAAC;AAUF;;;;;GAKG;AACH,eAAO,MAAM,oBAAoB,GAAI,eAAe,MAAM,EAAE,YAAY,MAAM,KAAG,MAEhF,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,uBAAuB,GAAI,eAAe,MAAM,EAAE,SAAS,MAAM,KAAG,MAGhF,CAAC"}
|
package/dist/common/path.js
CHANGED
|
@@ -1,24 +1,66 @@
|
|
|
1
1
|
import { resolve, relative, isAbsolute } from "node:path";
|
|
2
2
|
import { ValidationError } from "@tachu/core";
|
|
3
|
+
const PARENT_DIR_PREFIX = `..${"/"}`;
|
|
3
4
|
/**
|
|
4
|
-
*
|
|
5
|
+
* 把用户输入路径规范化到允许的根目录集合之一。
|
|
5
6
|
*
|
|
6
|
-
*
|
|
7
|
-
*
|
|
8
|
-
*
|
|
9
|
-
*
|
|
7
|
+
* 沙箱层级自上而下:
|
|
8
|
+
* 1. `sandboxWaived === true` → 本次调用豁免,直接返回 `resolve(...)` 后的绝对路径;
|
|
9
|
+
* 2. 否则检查候选路径是否落在任意 `allowedRoots` 之下;全部不满足时抛出
|
|
10
|
+
* `ValidationError(VALIDATION_PATH_ESCAPE)`。
|
|
11
|
+
*
|
|
12
|
+
* 该函数对"同时传入了相对路径与绝对路径"的语义:相对路径基于
|
|
13
|
+
* `allowedRoots[0]` 展开(通常就是 workspaceRoot),因为模型给出相对路径时
|
|
14
|
+
* 默认意图"相对工作区";绝对路径则直接 resolve 后再做白名单判定。
|
|
15
|
+
*
|
|
16
|
+
* @throws ValidationError 当沙箱未豁免且候选路径不在任何允许的根下
|
|
10
17
|
*/
|
|
11
|
-
export const
|
|
18
|
+
export const resolveAllowedPath = (targetPath, options) => {
|
|
19
|
+
const { allowedRoots, sandboxWaived } = options;
|
|
20
|
+
if (allowedRoots.length === 0) {
|
|
21
|
+
throw new ValidationError("VALIDATION_PATH_ESCAPE", "未配置任何允许的根目录:请检查宿主是否正确注入 allowedRoots。", { context: { targetPath } });
|
|
22
|
+
}
|
|
23
|
+
const primaryRoot = allowedRoots[0];
|
|
12
24
|
const candidate = isAbsolute(targetPath)
|
|
13
25
|
? resolve(targetPath)
|
|
14
|
-
: resolve(
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
26
|
+
: resolve(primaryRoot, targetPath);
|
|
27
|
+
if (sandboxWaived === true) {
|
|
28
|
+
return candidate;
|
|
29
|
+
}
|
|
30
|
+
for (const root of allowedRoots) {
|
|
31
|
+
if (isInsideRoot(root, candidate)) {
|
|
32
|
+
return candidate;
|
|
33
|
+
}
|
|
20
34
|
}
|
|
21
|
-
|
|
35
|
+
throw new ValidationError("VALIDATION_PATH_ESCAPE", [
|
|
36
|
+
`路径越界:${targetPath} 不在任何允许的根目录内。`,
|
|
37
|
+
`允许的根:${allowedRoots.join(", ")}。`,
|
|
38
|
+
"可按以下任一方式放开该路径:",
|
|
39
|
+
" 1) 把目标改为相对路径(如 ./cat.txt)或上述根下的绝对路径;",
|
|
40
|
+
" 2) 在 tachu.config.ts 的 safety.allowedWriteRoots 追加该位置(静态白名单);",
|
|
41
|
+
" 3) 如果该工具本身需要用户确认(requiresApproval),审批通过会一次性放行本次调用。",
|
|
42
|
+
].join("\n"), {
|
|
43
|
+
context: { allowedRoots: [...allowedRoots], targetPath, candidate },
|
|
44
|
+
});
|
|
45
|
+
};
|
|
46
|
+
const isInsideRoot = (root, candidate) => {
|
|
47
|
+
const rel = relative(root, candidate);
|
|
48
|
+
if (rel.length === 0)
|
|
49
|
+
return true; // candidate === root
|
|
50
|
+
if (rel.startsWith(".."))
|
|
51
|
+
return false;
|
|
52
|
+
if (rel.includes(PARENT_DIR_PREFIX))
|
|
53
|
+
return false;
|
|
54
|
+
return true;
|
|
55
|
+
};
|
|
56
|
+
/**
|
|
57
|
+
* 旧签名兼容层:仅允许 `workspaceRoot` 一个根,不走审批豁免。
|
|
58
|
+
*
|
|
59
|
+
* @deprecated 新代码请改用 {@link resolveAllowedPath},通过 `ToolExecutionContext.allowedRoots`
|
|
60
|
+
* 和 `ToolExecutionContext.sandboxWaived` 传递完整的白名单/审批状态。
|
|
61
|
+
*/
|
|
62
|
+
export const resolveWorkspacePath = (workspaceRoot, targetPath) => {
|
|
63
|
+
return resolveAllowedPath(targetPath, { allowedRoots: [workspaceRoot] });
|
|
22
64
|
};
|
|
23
65
|
/**
|
|
24
66
|
* 将绝对路径转换为相对工作区路径。
|
package/dist/common/path.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"path.js","sourceRoot":"","sources":["../../src/common/path.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"path.js","sourceRoot":"","sources":["../../src/common/path.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAuB9C,MAAM,iBAAiB,GAAG,KAAK,GAAG,EAAE,CAAC;AAErC;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAChC,UAAkB,EAClB,OAAkC,EAC1B,EAAE;IACV,MAAM,EAAE,YAAY,EAAE,aAAa,EAAE,GAAG,OAAO,CAAC;IAChD,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,eAAe,CACvB,wBAAwB,EACxB,uCAAuC,EACvC,EAAE,OAAO,EAAE,EAAE,UAAU,EAAE,EAAE,CAC5B,CAAC;IACJ,CAAC;IACD,MAAM,WAAW,GAAG,YAAY,CAAC,CAAC,CAAE,CAAC;IACrC,MAAM,SAAS,GAAG,UAAU,CAAC,UAAU,CAAC;QACtC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC;QACrB,CAAC,CAAC,OAAO,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;IAErC,IAAI,aAAa,KAAK,IAAI,EAAE,CAAC;QAC3B,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;QAChC,IAAI,YAAY,CAAC,IAAI,EAAE,SAAS,CAAC,EAAE,CAAC;YAClC,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAED,MAAM,IAAI,eAAe,CACvB,wBAAwB,EACxB;QACE,QAAQ,UAAU,eAAe;QACjC,QAAQ,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;QAClC,gBAAgB;QAChB,wCAAwC;QACxC,iEAAiE;QACjE,sDAAsD;KACvD,CAAC,IAAI,CAAC,IAAI,CAAC,EACZ;QACE,OAAO,EAAE,EAAE,YAAY,EAAE,CAAC,GAAG,YAAY,CAAC,EAAE,UAAU,EAAE,SAAS,EAAE;KACpE,CACF,CAAC;AACJ,CAAC,CAAC;AAEF,MAAM,YAAY,GAAG,CAAC,IAAY,EAAE,SAAiB,EAAW,EAAE;IAChE,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;IACtC,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC,CAAC,qBAAqB;IACxD,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IACvC,IAAI,GAAG,CAAC,QAAQ,CAAC,iBAAiB,CAAC;QAAE,OAAO,KAAK,CAAC;IAClD,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,aAAqB,EAAE,UAAkB,EAAU,EAAE;IACxF,OAAO,kBAAkB,CAAC,UAAU,EAAE,EAAE,YAAY,EAAE,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC;AAC3E,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,aAAqB,EAAE,OAAe,EAAU,EAAE;IACxF,MAAM,GAAG,GAAG,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC,UAAU,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACnE,OAAO,GAAG,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;AACtC,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"process.js","sourceRoot":"","sources":["../../src/common/process.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,KAAK,EACtC,MAAqD,EACrD,QAAgB,EAC+B,EAAE;IACjD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;IACxC,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC;IAClC,MAAM,MAAM,GAAiB,EAAE,CAAC;IAChC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,SAAS,GAAG,KAAK,CAAC;IAEtB,OAAO,IAAI,EAAE,CAAC;QACZ,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;QAC5C,IAAI,IAAI,EAAE,CAAC;YACT,MAAM;QACR,CAAC;QACD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,SAAS;QACX,CAAC;QACD,MAAM,IAAI,GAAG,QAAQ,GAAG,KAAK,CAAC;QAC9B,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC;YACd,SAAS,GAAG,IAAI,CAAC;YACjB,MAAM;QACR,CAAC;QACD,IAAI,KAAK,CAAC,UAAU,GAAG,IAAI,EAAE,CAAC;YAC5B,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;YACrC,KAAK,IAAI,IAAI,CAAC;YACd,SAAS,GAAG,IAAI,CAAC;YACjB,MAAM;QACR,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACnB,KAAK,IAAI,KAAK,CAAC,UAAU,CAAC;IAC5B,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IACrC,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,UAAU,CAAC;IAC7B,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,SAAS,EAAE,CAAC;AAC/D,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,EAAE,GAAW,EAAE,OAAO,GAAG,IAAI,EAAiB,EAAE;IACnF,IAAI,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;IACT,CAAC;IACD,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IACnE,IAAI,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"process.js","sourceRoot":"","sources":["../../src/common/process.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,KAAK,EACtC,MAAqD,EACrD,QAAgB,EAC+B,EAAE;IACjD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;IACxC,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC;IAClC,MAAM,MAAM,GAAiB,EAAE,CAAC;IAChC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,SAAS,GAAG,KAAK,CAAC;IAEtB,OAAO,IAAI,EAAE,CAAC;QACZ,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;QAC5C,IAAI,IAAI,EAAE,CAAC;YACT,MAAM;QACR,CAAC;QACD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,SAAS;QACX,CAAC;QACD,MAAM,IAAI,GAAG,QAAQ,GAAG,KAAK,CAAC;QAC9B,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC;YACd,SAAS,GAAG,IAAI,CAAC;YACjB,MAAM;QACR,CAAC;QACD,IAAI,KAAK,CAAC,UAAU,GAAG,IAAI,EAAE,CAAC;YAC5B,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;YACrC,KAAK,IAAI,IAAI,CAAC;YACd,SAAS,GAAG,IAAI,CAAC;YACjB,MAAM;QACR,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACnB,KAAK,IAAI,KAAK,CAAC,UAAU,CAAC;IAC5B,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IACrC,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,UAAU,CAAC;IAC7B,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,SAAS,EAAE,CAAC;AAC/D,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,EAAE,GAAW,EAAE,OAAO,GAAG,IAAI,EAAiB,EAAE;IACnF,IAAI,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;IACT,CAAC;IACD,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IACnE,IAAI,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACV,QAAQ;IACP,CAAC;AACH,CAAC,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -1,9 +1,13 @@
|
|
|
1
|
-
export { OpenAIProviderAdapter, AnthropicProviderAdapter, MockProviderAdapter, } from "./providers";
|
|
2
|
-
export { toolDescriptors, toolExecutors, type ToolExecutor } from "./tools";
|
|
1
|
+
export { OpenAIProviderAdapter, AnthropicProviderAdapter, GeminiProviderAdapter, MockProviderAdapter, QwenProviderAdapter, type GeminiChatRequest, type GeminiProviderOptions, type QwenChatRequest, type QwenImageParameters, } from "./providers";
|
|
2
|
+
export { toolDescriptors, toolExecutors, type ToolExecutor, type ToolExecutionContext, } from "./tools";
|
|
3
3
|
export { TerminalBackend, FileBackend, WebBackend } from "./backends";
|
|
4
|
-
export {
|
|
4
|
+
export { LocalFsVectorIndexAdapter, type LocalFsVectorIndexAdapterOptions, QdrantVectorIndexAdapter, QdrantVectorStore, type QdrantVectorIndexAdapterOptions, } from "./vector";
|
|
5
5
|
export { ImageToTextTransformer, DocumentToTextTransformer } from "./transformers";
|
|
6
6
|
export { McpStdioAdapter, McpSseAdapter } from "./mcp";
|
|
7
7
|
export { OtelEmitter, JsonlEmitter } from "./observability";
|
|
8
8
|
export { BUILTIN_RULE_DESCRIPTOR_PATHS } from "./rules";
|
|
9
|
+
export { FsMemorySystem, sanitizeSessionId, type FsMemorySystemOptions, ProjectionOutbox, type ProjectionOutboxOptions, type ProjectionRecord, type ProjectionState, ProjectionWorker, type ProjectionWorkerFlushResult, type ProjectionWorkerOptions, type ProjectionWorkerProjectResult, projectMemoryRefs, type ProjectionProjectorDeps, } from "./memory";
|
|
10
|
+
export { DEFAULT_SHELL_COMMAND_DENYLIST, matchesShellDenylist, withDefaultGate, type ApprovalProvider, type DefaultGatePolicies, type GateViolation, type GateViolationReason, type ShellCommandCheckInput, } from "./safety";
|
|
11
|
+
export { configureNetSafety } from "./common/net";
|
|
12
|
+
export { resolveAllowedPath, resolveWorkspacePath, toWorkspaceRelativePath, type ResolveAllowedPathOptions, } from "./common/path";
|
|
9
13
|
//# sourceMappingURL=index.d.ts.map
|