@voratiq/sandbox-runtime 0.0.29-voratiq0

package/dist/sandbox/socks-proxy.d.ts

@@ -0,0 +1,14 @@
+import type { Socks5Server } from '@pondwader/socks5-server';
+import { type NetworkFilterResult } from './observability.js';
+export interface SocksProxyServerOptions {
+    filter(port: number, host: string): Promise<boolean | NetworkFilterResult> | boolean | NetworkFilterResult;
+}
+export interface SocksProxyWrapper {
+    server: Socks5Server;
+    getPort(): number | undefined;
+    listen(port: number, hostname: string): Promise<number>;
+    close(): Promise<void>;
+    unref(): void;
+}
+export declare function createSocksProxyServer(options: SocksProxyServerOptions): SocksProxyWrapper;
+//# sourceMappingURL=socks-proxy.d.ts.map

package/dist/sandbox/socks-proxy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"socks-proxy.d.ts","sourceRoot":"","sources":["../../src/sandbox/socks-proxy.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AAG5D,OAAO,EAEL,KAAK,mBAAmB,EACzB,MAAM,oBAAoB,CAAA;AAE3B,MAAM,WAAW,uBAAuB;IACtC,MAAM,CACJ,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,OAAO,GAAG,mBAAmB,CAAC,GAAG,OAAO,GAAG,mBAAmB,CAAA;CAC1E;AAED,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,YAAY,CAAA;IACpB,OAAO,IAAI,MAAM,GAAG,SAAS,CAAA;IAC7B,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IACvD,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAA;IACtB,KAAK,IAAI,IAAI,CAAA;CACd;AAED,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,uBAAuB,GAC/B,iBAAiB,CAwHnB"}

package/dist/sandbox/socks-proxy.js

@@ -0,0 +1,109 @@
+import { createServer } from '@pondwader/socks5-server';
+import { logForDebugging } from '../utils/debug.js';
+import { emitNetworkDecisionEvent, } from './observability.js';
+export function createSocksProxyServer(options) {
+    const socksServer = createServer();
+    const normalizeFilterResult = (result) => {
+        if (typeof result === 'boolean') {
+            return { allowed: result, reason: 'no-match' };
+        }
+        return result;
+    };
+    socksServer.setRulesetValidator(async (conn) => {
+        try {
+            const hostname = conn.destAddress;
+            const port = conn.destPort;
+            logForDebugging(`Connection request to ${hostname}:${port}`);
+            const filterResult = normalizeFilterResult(await options.filter(port, hostname));
+            emitNetworkDecisionEvent({
+                host: hostname,
+                port,
+                decision: filterResult.allowed ? 'allow' : 'deny',
+                reason: filterResult.reason,
+                route: 'direct',
+            });
+            if (!filterResult.allowed) {
+                logForDebugging(`Connection blocked to ${hostname}:${port}`, {
+                    level: 'error',
+                });
+                return false;
+            }
+            logForDebugging(`Connection allowed to ${hostname}:${port}`);
+            return true;
+        }
+        catch (error) {
+            logForDebugging(`Error validating connection: ${error}`, {
+                level: 'error',
+            });
+            return false;
+        }
+    });
+    return {
+        server: socksServer,
+        getPort() {
+            // Access the internal server to get the port
+            // We need to use type assertion here as the server property is private
+            try {
+                const serverInternal = socksServer?.server;
+                if (serverInternal && typeof serverInternal?.address === 'function') {
+                    const address = serverInternal.address();
+                    if (address && typeof address === 'object' && 'port' in address) {
+                        return address.port;
+                    }
+                }
+            }
+            catch (error) {
+                // Server might not be listening yet or property access failed
+                logForDebugging(`Error getting port: ${error}`, { level: 'error' });
+            }
+            return undefined;
+        },
+        listen(port, hostname) {
+            return new Promise((resolve, reject) => {
+                const listeningCallback = () => {
+                    const actualPort = this.getPort();
+                    if (actualPort) {
+                        logForDebugging(`SOCKS proxy listening on ${hostname}:${actualPort}`);
+                        resolve(actualPort);
+                    }
+                    else {
+                        reject(new Error('Failed to get SOCKS proxy server port'));
+                    }
+                };
+                socksServer.listen(port, hostname, listeningCallback);
+            });
+        },
+        async close() {
+            return new Promise((resolve, reject) => {
+                socksServer.close(error => {
+                    if (error) {
+                        // Only reject for actual errors, not for "already closed" states
+                        // Check for common "already closed" error patterns
+                        const errorMessage = error.message?.toLowerCase() || '';
+                        const isAlreadyClosed = errorMessage.includes('not running') ||
+                            errorMessage.includes('already closed') ||
+                            errorMessage.includes('not listening');
+                        if (!isAlreadyClosed) {
+                            reject(error);
+                            return;
+                        }
+                    }
+                    resolve();
+                });
+            });
+        },
+        unref() {
+            // Access the internal server to call unref
+            try {
+                const serverInternal = socksServer?.server;
+                if (serverInternal && typeof serverInternal?.unref === 'function') {
+                    serverInternal.unref();
+                }
+            }
+            catch (error) {
+                logForDebugging(`Error calling unref: ${error}`, { level: 'error' });
+            }
+        },
+    };
+}
+//# sourceMappingURL=socks-proxy.js.map

package/dist/sandbox/socks-proxy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"socks-proxy.js","sourceRoot":"","sources":["../../src/sandbox/socks-proxy.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AACvD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACnD,OAAO,EACL,wBAAwB,GAEzB,MAAM,oBAAoB,CAAA;AAiB3B,MAAM,UAAU,sBAAsB,CACpC,OAAgC;IAEhC,MAAM,WAAW,GAAG,YAAY,EAAE,CAAA;IAElC,MAAM,qBAAqB,GAAG,CAC5B,MAAqC,EAChB,EAAE;QACvB,IAAI,OAAO,MAAM,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,CAAA;QAChD,CAAC;QACD,OAAO,MAAM,CAAA;IACf,CAAC,CAAA;IAED,WAAW,CAAC,mBAAmB,CAAC,KAAK,EAAC,IAAI,EAAC,EAAE;QAC3C,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAA;YACjC,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAA;YAE1B,eAAe,CAAC,yBAAyB,QAAQ,IAAI,IAAI,EAAE,CAAC,CAAA;YAE5D,MAAM,YAAY,GAAG,qBAAqB,CACxC,MAAM,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,CACrC,CAAA;YAED,wBAAwB,CAAC;gBACvB,IAAI,EAAE,QAAQ;gBACd,IAAI;gBACJ,QAAQ,EAAE,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM;gBACjD,MAAM,EAAE,YAAY,CAAC,MAAM;gBAC3B,KAAK,EAAE,QAAQ;aAChB,CAAC,CAAA;YAEF,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;gBAC1B,eAAe,CAAC,yBAAyB,QAAQ,IAAI,IAAI,EAAE,EAAE;oBAC3D,KAAK,EAAE,OAAO;iBACf,CAAC,CAAA;gBACF,OAAO,KAAK,CAAA;YACd,CAAC;YAED,eAAe,CAAC,yBAAyB,QAAQ,IAAI,IAAI,EAAE,CAAC,CAAA;YAC5D,OAAO,IAAI,CAAA;QACb,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,eAAe,CAAC,gCAAgC,KAAK,EAAE,EAAE;gBACvD,KAAK,EAAE,OAAO;aACf,CAAC,CAAA;YACF,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,OAAO;QACL,MAAM,EAAE,WAAW;QACnB,OAAO;YACL,6CAA6C;YAC7C,uEAAuE;YACvE,IAAI,CAAC;gBACH,MAAM,cAAc,GAClB,WACD,EAAE,MAAM,CAAA;gBACT,IAAI,cAAc,IAAI,OAAO,cAAc,EAAE,OAAO,KAAK,UAAU,EAAE,CAAC;oBACpE,MAAM,OAAO,GAAG,cAAc,CAAC,OAAO,EAAE,CAAA;oBACxC,IAAI,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,MAAM,IAAI,OAAO,EAAE,CAAC;wBAChE,OAAO,OAAO,CAAC,IAAI,CAAA;oBACrB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,8DAA8D;gBAC9D,eAAe,CAAC,uBAAuB,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAA;YACrE,CAAC;YACD,OAAO,SAAS,CAAA;QAClB,CAAC;QACD,MAAM,CAAC,IAAY,EAAE,QAAgB;YACnC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;gBACrC,MAAM,iBAAiB,GAAG,GAAS,EAAE;oBACnC,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,CAAA;oBACjC,IAAI,UAAU,EAAE,CAAC;wBACf,eAAe,CACb,4BAA4B,QAAQ,IAAI,UAAU,EAAE,CACrD,CAAA;wBACD,OAAO,CAAC,UAAU,CAAC,CAAA;oBACrB,CAAC;yBAAM,CAAC;wBACN,MAAM,CAAC,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC,CAAA;oBAC5D,CAAC;gBACH,CAAC,CAAA;gBACD,WAAW,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,EAAE,iBAAiB,CAAC,CAAA;YACvD,CAAC,CAAC,CAAA;QACJ,CAAC;QACD,KAAK,CAAC,KAAK;YACT,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;gBACrC,WAAW,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE;oBACxB,IAAI,KAAK,EAAE,CAAC;wBACV,iEAAiE;wBACjE,mDAAmD;wBACnD,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,CAAA;wBACvD,MAAM,eAAe,GACnB,YAAY,CAAC,QAAQ,CAAC,aAAa,CAAC;4BACpC,YAAY,CAAC,QAAQ,CAAC,gBAAgB,CAAC;4BACvC,YAAY,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAA;wBAExC,IAAI,CAAC,eAAe,EAAE,CAAC;4BACrB,MAAM,CAAC,KAAK,CAAC,CAAA;4BACb,OAAM;wBACR,CAAC;oBACH,CAAC;oBACD,OAAO,EAAE,CAAA;gBACX,CAAC,CAAC,CAAA;YACJ,CAAC,CAAC,CAAA;QACJ,CAAC;QACD,KAAK;YACH,2CAA2C;YAC3C,IAAI,CAAC;gBACH,MAAM,cAAc,GAClB,WACD,EAAE,MAAM,CAAA;gBACT,IAAI,cAAc,IAAI,OAAO,cAAc,EAAE,KAAK,KAAK,UAAU,EAAE,CAAC;oBAClE,cAAc,CAAC,KAAK,EAAE,CAAA;gBACxB,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,eAAe,CAAC,wBAAwB,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAA;YACtE,CAAC;QACH,CAAC;KACF,CAAA;AACH,CAAC"}

package/dist/utils/config-loader.d.ts

@@ -0,0 +1,11 @@
+import { type SandboxRuntimeConfig } from '../sandbox/sandbox-config.js';
+/**
+ * Parse and validate sandbox configuration from a string
+ * Used for parsing config from control fd (JSON lines protocol)
+ */
+export declare function loadConfigFromString(content: string): SandboxRuntimeConfig | null;
+/**
+ * Load and validate sandbox configuration from a file
+ */
+export declare function loadConfig(filePath: string): SandboxRuntimeConfig | null;
+//# sourceMappingURL=config-loader.d.ts.map

package/dist/utils/config-loader.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config-loader.d.ts","sourceRoot":"","sources":["../../src/utils/config-loader.ts"],"names":[],"mappings":"AACA,OAAO,EAEL,KAAK,oBAAoB,EAC1B,MAAM,8BAA8B,CAAA;AAErC;;;GAGG;AACH,wBAAgB,oBAAoB,CAClC,OAAO,EAAE,MAAM,GACd,oBAAoB,GAAG,IAAI,CAe7B;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,oBAAoB,GAAG,IAAI,CAmCxE"}

package/dist/utils/config-loader.js

@@ -0,0 +1,60 @@
+import * as fs from 'fs';
+import { SandboxRuntimeConfigSchema, } from '../sandbox/sandbox-config.js';
+/**
+ * Parse and validate sandbox configuration from a string
+ * Used for parsing config from control fd (JSON lines protocol)
+ */
+export function loadConfigFromString(content) {
+    if (!content.trim()) {
+        return null;
+    }
+    try {
+        const parsed = JSON.parse(content);
+        const result = SandboxRuntimeConfigSchema.safeParse(parsed);
+        if (!result.success) {
+            return null;
+        }
+        return result.data;
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Load and validate sandbox configuration from a file
+ */
+export function loadConfig(filePath) {
+    try {
+        if (!fs.existsSync(filePath)) {
+            return null;
+        }
+        const content = fs.readFileSync(filePath, 'utf-8');
+        if (content.trim() === '') {
+            return null;
+        }
+        // Parse JSON
+        const parsed = JSON.parse(content);
+        // Validate with zod schema
+        const result = SandboxRuntimeConfigSchema.safeParse(parsed);
+        if (!result.success) {
+            console.error(`Invalid configuration in ${filePath}:`);
+            result.error.issues.forEach(issue => {
+                const path = issue.path.join('.');
+                console.error(`  - ${path}: ${issue.message}`);
+            });
+            return null;
+        }
+        return result.data;
+    }
+    catch (error) {
+        // Log parse errors to help users debug invalid config files
+        if (error instanceof SyntaxError) {
+            console.error(`Invalid JSON in config file ${filePath}: ${error.message}`);
+        }
+        else {
+            console.error(`Failed to load config from ${filePath}: ${error}`);
+        }
+        return null;
+    }
+}
+//# sourceMappingURL=config-loader.js.map

package/dist/utils/config-loader.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config-loader.js","sourceRoot":"","sources":["../../src/utils/config-loader.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,IAAI,CAAA;AACxB,OAAO,EACL,0BAA0B,GAE3B,MAAM,8BAA8B,CAAA;AAErC;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAClC,OAAe;IAEf,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;QACpB,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;QAClC,MAAM,MAAM,GAAG,0BAA0B,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;QAC3D,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO,IAAI,CAAA;QACb,CAAC;QACD,OAAO,MAAM,CAAC,IAAI,CAAA;IACpB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,QAAgB;IACzC,IAAI,CAAC;QACH,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAA;QACb,CAAC;QACD,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;QAClD,IAAI,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC1B,OAAO,IAAI,CAAA;QACb,CAAC;QAED,aAAa;QACb,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;QAElC,2BAA2B;QAC3B,MAAM,MAAM,GAAG,0BAA0B,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;QAE3D,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,4BAA4B,QAAQ,GAAG,CAAC,CAAA;YACtD,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;gBAClC,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;gBACjC,OAAO,CAAC,KAAK,CAAC,OAAO,IAAI,KAAK,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;YAChD,CAAC,CAAC,CAAA;YACF,OAAO,IAAI,CAAA;QACb,CAAC;QAED,OAAO,MAAM,CAAC,IAAI,CAAA;IACpB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,4DAA4D;QAC5D,IAAI,KAAK,YAAY,WAAW,EAAE,CAAC;YACjC,OAAO,CAAC,KAAK,CAAC,+BAA+B,QAAQ,KAAK,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;QAC5E,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,8BAA8B,QAAQ,KAAK,KAAK,EAAE,CAAC,CAAA;QACnE,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC"}

package/dist/utils/debug.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Simple debug logging for standalone sandbox
+ */
+export declare function logForDebugging(message: string, options?: {
+    level?: 'info' | 'error' | 'warn';
+}): void;
+//# sourceMappingURL=debug.d.ts.map

package/dist/utils/debug.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"debug.d.ts","sourceRoot":"","sources":["../../src/utils/debug.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,wBAAgB,eAAe,CAC7B,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE;IAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,MAAM,CAAA;CAAE,GAC9C,IAAI,CAsBN"}

package/dist/utils/debug.js

@@ -0,0 +1,25 @@
+/**
+ * Simple debug logging for standalone sandbox
+ */
+export function logForDebugging(message, options) {
+    // Only log if SRT_DEBUG environment variable is set
+    // Using SRT_DEBUG instead of DEBUG to avoid conflicts with other tools
+    // (DEBUG is commonly used by Node.js debug libraries and VS Code)
+    if (!process.env.SRT_DEBUG) {
+        return;
+    }
+    const level = options?.level || 'info';
+    const prefix = '[SandboxDebug]';
+    // Always use stderr to avoid corrupting stdout JSON streams
+    switch (level) {
+        case 'error':
+            console.error(`${prefix} ${message}`);
+            break;
+        case 'warn':
+            console.warn(`${prefix} ${message}`);
+            break;
+        default:
+            console.error(`${prefix} ${message}`);
+    }
+}
+//# sourceMappingURL=debug.js.map

package/dist/utils/debug.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"debug.js","sourceRoot":"","sources":["../../src/utils/debug.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,UAAU,eAAe,CAC7B,OAAe,EACf,OAA+C;IAE/C,oDAAoD;IACpD,uEAAuE;IACvE,kEAAkE;IAClE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC;QAC3B,OAAM;IACR,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,EAAE,KAAK,IAAI,MAAM,CAAA;IACtC,MAAM,MAAM,GAAG,gBAAgB,CAAA;IAE/B,4DAA4D;IAC5D,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,OAAO;YACV,OAAO,CAAC,KAAK,CAAC,GAAG,MAAM,IAAI,OAAO,EAAE,CAAC,CAAA;YACrC,MAAK;QACP,KAAK,MAAM;YACT,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,IAAI,OAAO,EAAE,CAAC,CAAA;YACpC,MAAK;QACP;YACE,OAAO,CAAC,KAAK,CAAC,GAAG,MAAM,IAAI,OAAO,EAAE,CAAC,CAAA;IACzC,CAAC;AACH,CAAC"}

package/dist/utils/platform.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Platform detection utilities
+ */
+export type Platform = 'macos' | 'linux' | 'windows' | 'unknown';
+/**
+ * Get the WSL version (1 or 2+) if running in WSL.
+ * Returns undefined if not running in WSL.
+ */
+export declare function getWslVersion(): string | undefined;
+/**
+ * Detect the current platform.
+ * Note: All Linux including WSL returns 'linux'. Use getWslVersion() to detect WSL1 (unsupported).
+ */
+export declare function getPlatform(): Platform;
+//# sourceMappingURL=platform.d.ts.map

package/dist/utils/platform.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"platform.d.ts","sourceRoot":"","sources":["../../src/utils/platform.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,OAAO,GAAG,SAAS,GAAG,SAAS,CAAA;AAEhE;;;GAGG;AACH,wBAAgB,aAAa,IAAI,MAAM,GAAG,SAAS,CAwBlD;AAED;;;GAGG;AACH,wBAAgB,WAAW,IAAI,QAAQ,CAatC"}

package/dist/utils/platform.js

@@ -0,0 +1,49 @@
+/**
+ * Platform detection utilities
+ */
+import * as fs from 'fs';
+/**
+ * Get the WSL version (1 or 2+) if running in WSL.
+ * Returns undefined if not running in WSL.
+ */
+export function getWslVersion() {
+    if (process.platform !== 'linux') {
+        return undefined;
+    }
+    try {
+        const procVersion = fs.readFileSync('/proc/version', { encoding: 'utf8' });
+        // Check for explicit WSL version markers (e.g., "WSL2", "WSL3", etc.)
+        const wslVersionMatch = procVersion.match(/WSL(\d+)/i);
+        if (wslVersionMatch && wslVersionMatch[1]) {
+            return wslVersionMatch[1];
+        }
+        // If no explicit WSL version but contains Microsoft, assume WSL1
+        // This handles the original WSL1 format: "4.4.0-19041-Microsoft"
+        if (procVersion.toLowerCase().includes('microsoft')) {
+            return '1';
+        }
+        return undefined;
+    }
+    catch {
+        return undefined;
+    }
+}
+/**
+ * Detect the current platform.
+ * Note: All Linux including WSL returns 'linux'. Use getWslVersion() to detect WSL1 (unsupported).
+ */
+export function getPlatform() {
+    switch (process.platform) {
+        case 'darwin':
+            return 'macos';
+        case 'linux':
+            // WSL2+ is treated as Linux (same sandboxing)
+            // WSL1 is also returned as 'linux' but will fail isSupportedPlatform check
+            return 'linux';
+        case 'win32':
+            return 'windows';
+        default:
+            return 'unknown';
+    }
+}
+//# sourceMappingURL=platform.js.map

package/dist/utils/platform.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"platform.js","sourceRoot":"","sources":["../../src/utils/platform.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,MAAM,IAAI,CAAA;AAIxB;;;GAGG;AACH,MAAM,UAAU,aAAa;IAC3B,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QACjC,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAA;QAE1E,sEAAsE;QACtE,MAAM,eAAe,GAAG,WAAW,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;QACtD,IAAI,eAAe,IAAI,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1C,OAAO,eAAe,CAAC,CAAC,CAAC,CAAA;QAC3B,CAAC;QAED,iEAAiE;QACjE,iEAAiE;QACjE,IAAI,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YACpD,OAAO,GAAG,CAAA;QACZ,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAA;IAClB,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,WAAW;IACzB,QAAQ,OAAO,CAAC,QAAQ,EAAE,CAAC;QACzB,KAAK,QAAQ;YACX,OAAO,OAAO,CAAA;QAChB,KAAK,OAAO;YACV,8CAA8C;YAC9C,2EAA2E;YAC3E,OAAO,OAAO,CAAA;QAChB,KAAK,OAAO;YACV,OAAO,SAAS,CAAA;QAClB;YACE,OAAO,SAAS,CAAA;IACpB,CAAC;AACH,CAAC"}

package/dist/utils/ripgrep.d.ts

@@ -0,0 +1,20 @@
+export interface RipgrepConfig {
+    command: string;
+    args?: string[];
+}
+/**
+ * Check if ripgrep (rg) is available synchronously
+ * Returns true if rg is installed, false otherwise
+ */
+export declare function hasRipgrepSync(): boolean;
+/**
+ * Execute ripgrep with the given arguments
+ * @param args Command-line arguments to pass to rg
+ * @param target Target directory or file to search
+ * @param abortSignal AbortSignal to cancel the operation
+ * @param config Ripgrep configuration (command and optional args)
+ * @returns Array of matching lines (one per line of output)
+ * @throws Error if ripgrep exits with non-zero status (except exit code 1 which means no matches)
+ */
+export declare function ripGrep(args: string[], target: string, abortSignal: AbortSignal, config?: RipgrepConfig): Promise<string[]>;
+//# sourceMappingURL=ripgrep.d.ts.map

package/dist/utils/ripgrep.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ripgrep.d.ts","sourceRoot":"","sources":["../../src/utils/ripgrep.ts"],"names":[],"mappings":"AAIA,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;CAChB;AAED;;;GAGG;AACH,wBAAgB,cAAc,IAAI,OAAO,CAWxC;AAED;;;;;;;;GAQG;AACH,wBAAsB,OAAO,CAC3B,IAAI,EAAE,MAAM,EAAE,EACd,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,MAAM,GAAE,aAAiC,GACxC,OAAO,CAAC,MAAM,EAAE,CAAC,CAkCnB"}

package/dist/utils/ripgrep.js

@@ -0,0 +1,51 @@
+import { spawnSync } from 'child_process';
+import { execFile } from 'child_process';
+/**
+ * Check if ripgrep (rg) is available synchronously
+ * Returns true if rg is installed, false otherwise
+ */
+export function hasRipgrepSync() {
+    try {
+        const result = spawnSync('which', ['rg'], {
+            stdio: 'ignore',
+            timeout: 1000,
+        });
+        return result.status === 0;
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Execute ripgrep with the given arguments
+ * @param args Command-line arguments to pass to rg
+ * @param target Target directory or file to search
+ * @param abortSignal AbortSignal to cancel the operation
+ * @param config Ripgrep configuration (command and optional args)
+ * @returns Array of matching lines (one per line of output)
+ * @throws Error if ripgrep exits with non-zero status (except exit code 1 which means no matches)
+ */
+export async function ripGrep(args, target, abortSignal, config = { command: 'rg' }) {
+    const { command, args: commandArgs = [] } = config;
+    return new Promise((resolve, reject) => {
+        execFile(command, [...commandArgs, ...args, target], {
+            maxBuffer: 20000000, // 20MB
+            signal: abortSignal,
+            timeout: 10000, // 10 second timeout
+        }, (error, stdout, stderr) => {
+            // Success case - exit code 0
+            if (!error) {
+                resolve(stdout.trim().split('\n').filter(Boolean));
+                return;
+            }
+            // Exit code 1 means "no matches found" - this is normal, return empty array
+            if (error.code === 1) {
+                resolve([]);
+                return;
+            }
+            // All other errors should fail
+            reject(new Error(`ripgrep failed with exit code ${error.code}: ${stderr || error.message}`));
+        });
+    });
+}
+//# sourceMappingURL=ripgrep.js.map

package/dist/utils/ripgrep.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ripgrep.js","sourceRoot":"","sources":["../../src/utils/ripgrep.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAA;AACzC,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AAQxC;;;GAGG;AACH,MAAM,UAAU,cAAc;IAC5B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,EAAE;YACxC,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,IAAI;SACd,CAAC,CAAA;QAEF,OAAO,MAAM,CAAC,MAAM,KAAK,CAAC,CAAA;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAC3B,IAAc,EACd,MAAc,EACd,WAAwB,EACxB,SAAwB,EAAE,OAAO,EAAE,IAAI,EAAE;IAEzC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,WAAW,GAAG,EAAE,EAAE,GAAG,MAAM,CAAA;IAElD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,QAAQ,CACN,OAAO,EACP,CAAC,GAAG,WAAW,EAAE,GAAG,IAAI,EAAE,MAAM,CAAC,EACjC;YACE,SAAS,EAAE,QAAU,EAAE,OAAO;YAC9B,MAAM,EAAE,WAAW;YACnB,OAAO,EAAE,KAAM,EAAE,oBAAoB;SACtC,EACD,CAAC,KAA+B,EAAE,MAAc,EAAE,MAAc,EAAE,EAAE;YAClE,6BAA6B;YAC7B,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAA;gBAClD,OAAM;YACR,CAAC;YAED,4EAA4E;YAC5E,IAAI,KAAK,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;gBACrB,OAAO,CAAC,EAAE,CAAC,CAAA;gBACX,OAAM;YACR,CAAC;YAED,+BAA+B;YAC/B,MAAM,CACJ,IAAI,KAAK,CACP,iCAAiC,KAAK,CAAC,IAAI,KAAK,MAAM,IAAI,KAAK,CAAC,OAAO,EAAE,CAC1E,CACF,CAAA;QACH,CAAC,CACF,CAAA;IACH,CAAC,CAAC,CAAA;AACJ,CAAC"}

package/dist/vendor/seccomp-src/apply-seccomp.c

@@ -0,0 +1,98 @@
+/*
+ * apply-seccomp.c - Apply seccomp BPF filter and exec command
+ *
+ * Usage: apply-seccomp <filter.bpf> <command> [args...]
+ *
+ * This program reads a pre-compiled BPF filter from a file, applies it
+ * using prctl(PR_SET_SECCOMP), and then execs the specified command.
+ *
+ * The BPF filter must be in the format expected by SECCOMP_MODE_FILTER:
+ * - struct sock_fprog { unsigned short len; struct sock_filter *filter; }
+ * - Each filter instruction is 8 bytes (BPF instruction format)
+ *
+ * Compile: gcc -static -O2 -o apply-seccomp apply-seccomp.c
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/prctl.h>
+#include <linux/seccomp.h>
+#include <linux/filter.h>
+#include <errno.h>
+
+#ifndef PR_SET_NO_NEW_PRIVS
+#define PR_SET_NO_NEW_PRIVS 38
+#endif
+
+#ifndef SECCOMP_MODE_FILTER
+#define SECCOMP_MODE_FILTER 2
+#endif
+
+#define MAX_FILTER_SIZE 4096  // Maximum BPF filter size in bytes
+
+int main(int argc, char *argv[], char *envp[]) {
+    if (argc < 3) {
+        fprintf(stderr, "Usage: %s <filter.bpf> <command> [args...]\n", argv[0]);
+        return 1;
+    }
+
+    const char *filter_path = argv[1];
+    char **command_argv = &argv[2];
+
+    // Open and read BPF filter file
+    int fd = open(filter_path, O_RDONLY);
+    if (fd < 0) {
+        perror("Failed to open BPF filter file");
+        return 1;
+    }
+
+    // Read filter into memory
+    unsigned char filter_bytes[MAX_FILTER_SIZE];
+    ssize_t filter_size = read(fd, filter_bytes, MAX_FILTER_SIZE);
+    close(fd);
+
+    if (filter_size < 0) {
+        perror("Failed to read BPF filter");
+        return 1;
+    }
+    if (filter_size == 0) {
+        fprintf(stderr, "BPF filter file is empty\n");
+        return 1;
+    }
+    if (filter_size % 8 != 0) {
+        fprintf(stderr, "Invalid BPF filter size: %zd (must be multiple of 8)\n", filter_size);
+        return 1;
+    }
+
+    // Convert bytes to sock_filter instructions
+    unsigned short filter_len = filter_size / 8;
+    struct sock_filter *filter = (struct sock_filter *)filter_bytes;
+
+    // Set up sock_fprog structure
+    struct sock_fprog prog = {
+        .len = filter_len,
+        .filter = filter,
+    };
+
+    // Set NO_NEW_PRIVS to allow seccomp without CAP_SYS_ADMIN
+    if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) != 0) {
+        perror("prctl(PR_SET_NO_NEW_PRIVS) failed");
+        return 1;
+    }
+
+    // Apply seccomp filter
+    if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog) != 0) {
+        perror("prctl(PR_SET_SECCOMP) failed");
+        return 1;
+    }
+
+    // Exec the command with seccomp filter active
+    execvp(command_argv[0], command_argv);
+
+    // If we get here, exec failed
+    perror("execvp failed");
+    return 1;
+}

package/dist/vendor/seccomp-src/seccomp-unix-block.c

@@ -0,0 +1,97 @@
+/*
+ * Seccomp BPF filter generator to block Unix domain socket creation
+ *
+ * This program generates a seccomp-bpf filter that blocks the socket() syscall
+ * when called with AF_UNIX as the domain argument. This prevents creation of
+ * Unix domain sockets while allowing all other socket types (AF_INET, AF_INET6, etc.)
+ * and all other syscalls.
+ *
+ * The filter is exported in a format compatible with bubblewrap's --seccomp flag.
+ *
+ * SECURITY LIMITATION - 32-bit x86 (ia32):
+ * TODO: This filter does NOT block socketcall() syscall, which is a security issue
+ * on 32-bit x86 systems. On ia32, the socket() syscall doesn't exist - instead,
+ * all socket operations are multiplexed through socketcall():
+ *   - socketcall(SYS_SOCKET, [AF_UNIX, ...]) - can bypass this filter
+ *   - socketcall(SYS_SOCKETPAIR, [AF_UNIX, ...]) - can bypass this filter
+ *
+ * To fix this, we need to add conditional rules that:
+ * 1. Check if socketcall() exists on the current architecture (32-bit x86 only)
+ * 2. Block socketcall(SYS_SOCKET, ...) when first arg of sub-call is AF_UNIX
+ * 3. Block socketcall(SYS_SOCKETPAIR, ...) when first arg of sub-call is AF_UNIX
+ *
+ * This requires inspecting the arguments passed to socketcall, which is more
+ * complex BPF logic. For now, 32-bit x86 is not supported.
+ *
+ * Compilation:
+ *   gcc -o seccomp-unix-block seccomp-unix-block.c -lseccomp
+ *
+ * Usage:
+ *   ./seccomp-unix-block <output-file>
+ *
+ * Dependencies:
+ *   - libseccomp (libseccomp-dev package on Debian/Ubuntu)
+ */
+
+#include <errno.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <seccomp.h>
+#include <sys/socket.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+
+int main(int argc, char *argv[]) {
+    scmp_filter_ctx ctx;
+    int rc;
+
+    if (argc != 2) {
+        fprintf(stderr, "Usage: %s <output-file>\n", argv[0]);
+        return 1;
+    }
+
+    const char *output_file = argv[1];
+
+    /* Create seccomp context with default action ALLOW */
+    ctx = seccomp_init(SCMP_ACT_ALLOW);
+    if (ctx == NULL) {
+        fprintf(stderr, "Error: Failed to initialize seccomp context\n");
+        return 1;
+    }
+
+    /* Add rule to block socket(AF_UNIX, ...) */
+    /* socket() syscall signature: int socket(int domain, int type, int protocol) */
+    /* arg0 = domain (AF_UNIX = 1) */
+    rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(EPERM), SCMP_SYS(socket), 1,
+                          SCMP_A0(SCMP_CMP_EQ, AF_UNIX));
+    if (rc < 0) {
+        fprintf(stderr, "Error: Failed to add seccomp rule: %s\n", strerror(-rc));
+        seccomp_release(ctx);
+        return 1;
+    }
+
+    /* Export the filter to a file */
+    int fd = open(output_file, O_CREAT | O_WRONLY | O_TRUNC, 0600);
+    if (fd < 0) {
+        fprintf(stderr, "Error: Failed to open output file: %s\n", strerror(errno));
+        seccomp_release(ctx);
+        return 1;
+    }
+
+    rc = seccomp_export_bpf(ctx, fd);
+    if (rc < 0) {
+        fprintf(stderr, "Error: Failed to export seccomp filter: %s\n", strerror(-rc));
+        close(fd);
+        seccomp_release(ctx);
+        return 1;
+    }
+
+    /* Clean up */
+    close(fd);
+    seccomp_release(ctx);
+
+    return 0;
+}