@wrongstack/tools 0.4.0 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. package/dist/bash.js +7 -7
  2. package/dist/bash.js.map +1 -1
  3. package/dist/builtin.js +27 -18
  4. package/dist/builtin.js.map +1 -1
  5. package/dist/diff.js +2 -1
  6. package/dist/diff.js.map +1 -1
  7. package/dist/exec.js +12 -4
  8. package/dist/exec.js.map +1 -1
  9. package/dist/git.js +2 -0
  10. package/dist/git.js.map +1 -1
  11. package/dist/grep.js +3 -3
  12. package/dist/grep.js.map +1 -1
  13. package/dist/index.js +27 -18
  14. package/dist/index.js.map +1 -1
  15. package/dist/logs.js +2 -1
  16. package/dist/logs.js.map +1 -1
  17. package/dist/outdated.js +2 -1
  18. package/dist/outdated.js.map +1 -1
  19. package/dist/pack.js +27 -18
  20. package/dist/pack.js.map +1 -1
  21. package/dist/replace.js +3 -3
  22. package/dist/replace.js.map +1 -1
  23. package/package.json +2 -2
package/dist/bash.js CHANGED
@@ -56,13 +56,6 @@ var bashTool = {
56
56
  const args = isWin ? ["/c", input.command] : ["-c", input.command];
57
57
  const env = buildChildEnv(ctx.session?.id);
58
58
  const detached = isWin ? !!input.background : true;
59
- const child = spawn(shell, args, {
60
- cwd: ctx.projectRoot,
61
- env,
62
- stdio: input.background ? "ignore" : ["ignore", "pipe", "pipe"],
63
- detached,
64
- signal: opts.signal
65
- });
66
59
  if (input.background) {
67
60
  let buf2 = "";
68
61
  let truncated = false;
@@ -106,6 +99,13 @@ var bashTool = {
106
99
  };
107
100
  return;
108
101
  }
102
+ const child = spawn(shell, args, {
103
+ cwd: ctx.projectRoot,
104
+ env,
105
+ stdio: ["ignore", "pipe", "pipe"],
106
+ detached,
107
+ signal: opts.signal
108
+ });
109
109
  let buf = "";
110
110
  let pending = "";
111
111
  let timedOut = false;
package/dist/bash.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/_util.ts","../src/bash.ts"],"names":["buf","child","resolve"],"mappings":";;;;;;AAqBO,SAAS,cAAA,CAAe,GAAW,GAAA,EAAqB;AAC7D,EAAA,IAAI,OAAO,UAAA,CAAW,CAAA,EAAG,MAAM,CAAA,IAAK,KAAK,OAAO,CAAA;AAChD,EAAA,MAAM,IAAA,GAAO,IAAA,CAAK,KAAA,CAAM,GAAA,GAAM,CAAC,CAAA;AAC/B,EAAA,OACE,CAAA,CAAE,KAAA,CAAM,CAAA,EAAG,IAAI,CAAA,GACf;AAAA,iBAAA,EAAiB,MAAA,CAAO,UAAA,CAAW,CAAA,EAAG,MAAM,IAAI,GAAG,CAAA;AAAA,CAAA,GACnD,CAAA,CAAE,KAAA,CAAM,CAAC,IAAI,CAAA;AAEjB;;;ACTA,IAAM,UAAA,GAAa,KAAA;AACnB,IAAM,eAAA,GAAkB,GAAA;AAIxB,IAAM,wBAAA,GAA2B,GAAA;AACjC,IAAM,qBAAqB,CAAA,GAAI,IAAA;AAExB,IAAM,QAAA,GAAwC;AAAA,EACnD,IAAA,EAAM,MAAA;AAAA,EACN,QAAA,EAAU,OAAA;AAAA,EACV,WAAA,EAAa,oDAAA;AAAA,EACb,SAAA,EACE,4KAAA;AAAA,EACF,UAAA,EAAY,SAAA;AAAA,EACZ,QAAA,EAAU,IAAA;AAAA;AAAA;AAAA;AAAA,EAIV,UAAA,EAAY,SAAA;AAAA,EACZ,SAAA,EAAW,GAAA;AAAA,EACX,cAAA,EAAgB,UAAA;AAAA,EAChB,mBAAA,EAAqB,GAAA;AAAA,EACrB,WAAA,EAAa;AAAA,IACX,IAAA,EAAM,QAAA;AAAA,IACN,UAAA,EAAY;AAAA,MACV,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAS;AAAA,MAC1B,UAAA,EAAY,EAAE,IAAA,EAAM,SAAA,EAAU;AAAA,MAC9B,UAAA,EAAY,EAAE,IAAA,EAAM,SAAA;AAAU,KAChC;AAAA,IACA,QAAA,EAAU,CAAC,SAAS;AAAA,GACtB;AAAA,EACA,MAAM,OAAA,CAAQ,KAAA,EAAO,GAAA,EAAK,IAAA,EAAM;AAC9B,IAAA,IAAI,KAAA;AACJ,IAAA,WAAA,MAAiB,MAAM,QAAA,CAAS,aAAA,CAAe,KAAA,EAAO,GAAA,EAAK,IAAI,CAAA,EAAG;AAChE,MAAA,IAAI,EAAA,CAAG,IAAA,KAAS,OAAA,EAAS,KAAA,GAAQ,EAAA,CAAG,MAAA;AAAA,IACtC;AACA,IAAA,IAAI,CAAC,KAAA,EAAO,MAAM,IAAI,MAAM,wCAAwC,CAAA;AACpE,IAAA,OAAO,KAAA;AAAA,EACT,CAAA;AAAA,EACA,OAAO,aAAA,CAAc,KAAA,EAAO,GAAA,EAAK,IAAA,EAAmD;AAClF,IAAA,IAAI,CAAC,KAAA,EAAO,OAAA,EAAS,MAAM,IAAI,MAAM,2BAA2B,CAAA;AAChE,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,GAAA,CAAI,CAAA,EAAG,IAAA,CAAK,IAAI,KAAA,CAAM,UAAA,IAAc,eAAA,EAAiB,GAAO,CAAC,CAAA;AAEpF,IAAA,MAAM,KAAA,GAAW,aAAS,KAAM,OAAA;AAChC,IAAA,MAAM,KAAA,GAAQ,KAAA,GACT,OAAA,CAAQ,GAAA,CAAI,SAAS,KAAK,SAAA,GAC1B,OAAA,CAAQ,GAAA,CAAI,OAAO,CAAA,IAAK,WAAA;AAC7B,IAAA,MAAM,IAAA,GAAO,KAAA,GAAQ,CAAC,IAAA,EAAM,KAAA,CAAM,OAAO,CAAA,GAAI,CAAC,IAAA,EAAM,KAAA,CAAM,OAAO,CAAA;AAEjE,IAAA,MAAM,GAAA,GAAM,aAAA,CAAc,GAAA,CAAI,OAAA,EAAS,EAAE,CAAA;AAQzC,IAAA,MAAM,QAAA,GAAW,KAAA,GAAQ,CAAC,CAAC,MAAM,UAAA,GAAa,IAAA;AAC9C,IAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,KAAA,EAAO,IAAA,EAAM;AAAA,MAC/B,KAAK,GAAA,CAAI,WAAA;AAAA,MACT,GAAA;AAAA,MACA,OAAO,KAAA,CAAM,UAAA,GAAa,WAAW,CAAC,QAAA,EAAU,QAAQ,MAAM,CAAA;AAAA,MAC9D,QAAA;AAAA,MACA,QAAQ,IAAA,CAAK;AAAA,KACd,CAAA;AAED,IAAA,IAAI,MAAM,UAAA,EAAY;AAGpB,MAAA,IAAIA,IAAAA,GAAM,EAAA;AACV,MAAA,IAAI,SAAA,GAAY,KAAA;AAChB,MAAA,MAAMC,MAAAA,GAAQ,KAAA,CAAM,KAAA,EAAO,IAAA,EAAM;AAAA,QAC/B,KAAK,GAAA,CAAI,WAAA;AAAA,QACT,GAAA;AAAA,QACA,KAAA,EAAO,CAAC,QAAA,EAAU,MAAA,EAAQ,MAAM,CAAA;AAAA,QAChC,QAAA,EAAU,IAAA;AAAA,QACV,QAAQ,IAAA,CAAK;AAAA,OACd,CAAA;AACD,MAAA,MAAM,MAAMA,MAAAA,CAAM,GAAA;AAClB,MAAAA,MAAAA,CAAM,MAAA,EAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,KAAA,KAAkB;AAC1C,QAAA,IAAI,CAAC,SAAA,EAAW;AACd,UAAA,MAAM,MAAA,GAAS,aAAaD,IAAAA,CAAI,MAAA;AAChC,UAAA,IAAI,SAAS,CAAA,EAAG;AACd,YAAAA,QAAO,KAAA,CAAM,QAAA,EAAS,CAAE,KAAA,CAAM,GAAG,MAAM,CAAA;AAAA,UACzC;AACA,UAAA,IAAIA,IAAAA,CAAI,MAAA,IAAU,UAAA,EAAY,SAAA,GAAY,IAAA;AAAA,QAC5C;AAAA,MACF,CAAC,CAAA;AACD,MAAAC,MAAAA,CAAM,MAAA,EAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,KAAA,KAAkB;AAC1C,QAAA,IAAI,CAAC,SAAA,EAAW;AACd,UAAA,MAAM,MAAA,GAAS,aAAaD,IAAAA,CAAI,MAAA;AAChC,UAAA,IAAI,SAAS,CAAA,EAAG;AACd,YAAAA,QAAO,KAAA,CAAM,QAAA,EAAS,CAAE,KAAA,CAAM,GAAG,MAAM,CAAA;AAAA,UACzC;AACA,UAAA,IAAIA,IAAAA,CAAI,MAAA,IAAU,UAAA,EAAY,SAAA,GAAY,IAAA;AAAA,QAC5C;AAAA,MACF,CAAC,CAAA;AACD,MAAAC,MAAAA,CAAM,EAAA,CAAG,OAAA,EAAS,MAAM;AAAA,MAExB,CAAC,CAAA;AACD,MAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,EAAUA,OAAM,KAAA,EAAM;AACzC,MAAA,MAAM;AAAA,QACJ,IAAA,EAAM,OAAA;AAAA,QACN,MAAA,EAAQ;AAAA,UACN,QAAQ,SAAA,GAAYD,IAAAA,CAAI,MAAM,CAAA,EAAG,UAAU,IAAI,mBAAA,GAAiBA,IAAAA;AAAA,UAChE,SAAA,EAAW,IAAA;AAAA,UACX,SAAA,EAAW,KAAA;AAAA,UACX;AAAA;AACF,OACF;AACA,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,GAAA,GAAM,EAAA;AACV,IAAA,IAAI,OAAA,GAAU,EAAA;AACd,IAAA,IAAI,QAAA,GAAW,KAAA;AACf,IAAA,MAAM,SAA2B,EAAC;AAClC,IAAA,MAAM,KAAA,GAAQ,WAAW,MAAM;AAC7B,MAAA,QAAA,GAAW,IAAA;AACX,MAAA,IAAI,KAAA,EAAO;AACT,QAAA,IAAI;AACF,UAAA,KAAA,CAAM,IAAA,EAAK;AAAA,QACb,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF,CAAA,MAAO;AACL,QAAA,IAAI;AAIF,UAAA,IAAI,OAAO,KAAA,CAAM,GAAA,KAAQ,QAAA,EAAU;AACjC,YAAA,IAAI;AACF,cAAA,OAAA,CAAQ,IAAA,CAAK,CAAC,KAAA,CAAM,GAAA,EAAK,SAAS,CAAA;AAAA,YACpC,CAAA,CAAA,MAAQ;AACN,cAAA,KAAA,CAAM,KAAK,SAAS,CAAA;AAAA,YACtB;AAAA,UACF,CAAA,MAAO;AACL,YAAA,KAAA,CAAM,KAAK,SAAS,CAAA;AAAA,UACtB;AACA,UAAA,MAAM,SAAA,GAAY,WAAW,MAAM;AACjC,YAAA,IAAI;AACF,cAAA,IAAI,OAAO,KAAA,CAAM,GAAA,KAAQ,QAAA,EAAU;AACjC,gBAAA,IAAI;AACF,kBAAA,OAAA,CAAQ,IAAA,CAAK,CAAC,KAAA,CAAM,GAAA,EAAK,SAAS,CAAA;AAAA,gBACpC,CAAA,CAAA,MAAQ;AACN,kBAAA,KAAA,CAAM,KAAK,SAAS,CAAA;AAAA,gBACtB;AAAA,cACF,CAAA,MAAO;AACL,gBAAA,KAAA,CAAM,KAAK,SAAS,CAAA;AAAA,cACtB;AAAA,YACF,CAAA,CAAA,MAAQ;AAAA,YAER;AAAA,UACF,GAAG,GAAI,CAAA;AACP,UAAA,MAAA,CAAO,KAAK,SAAS,CAAA;AACrB,UAAA,SAAA,CAAU,KAAA,IAAQ;AAAA,QACpB,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF,GAAG,SAAS,CAAA;AACZ,IAAA,MAAA,CAAO,KAAK,KAAK,CAAA;AACjB,IAAA,KAAA,CAAM,KAAA,IAAQ;AASd,IAAA,MAAM,QAAiB,EAAC;AACxB,IAAA,IAAI,WAAA,GAA2C,IAAA;AAC/C,IAAA,MAAM,IAAA,GAAO,CAAC,CAAA,KAAa;AAKzB,MAAA,IAAI,WAAA,EAAa;AACf,QAAA,MAAM,CAAA,GAAI,WAAA;AACV,QAAA,WAAA,GAAc,IAAA;AACd,QAAA,CAAA,CAAE,CAAC,CAAA;AAAA,MACL,CAAA,MAAO;AACL,QAAA,KAAA,CAAM,KAAK,CAAC,CAAA;AAAA,MACd;AAAA,IACF,CAAA;AACA,IAAA,MAAM,IAAA,GAAO,MACX,IAAI,OAAA,CAAQ,CAACE,QAAAA,KAAY;AACvB,MAAA,MAAM,CAAA,GAAI,MAAM,KAAA,EAAM;AACtB,MAAA,IAAI,CAAA,EAAGA,QAAAA,CAAQ,CAAC,CAAA;AAAA,WACX,WAAA,GAAcA,QAAAA;AAAA,IACrB,CAAC,CAAA;AAEH,IAAA,IAAI,SAAA,GAAY,KAAK,GAAA,EAAI;AACzB,IAAA,MAAM,QAAQ,MAAM;AAClB,MAAA,IAAI,OAAA,CAAQ,MAAA,KAAW,CAAA,EAAG,OAAO,IAAA;AACjC,MAAA,MAAM,IAAA,GAAO,OAAA;AACb,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,SAAA,GAAY,KAAK,GAAA,EAAI;AACrB,MAAA,OAAO,IAAA;AAAA,IACT,CAAA;AAEA,IAAA,KAAA,CAAM,MAAA,EAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,KAAA,KAAU;AAClC,MAAA,MAAM,IAAA,GAAO,MAAM,QAAA,EAAS;AAC5B,MAAA,GAAA,IAAO,IAAA;AACP,MAAA,OAAA,IAAW,IAAA;AACX,MAAA,IAAA,CAAK,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,CAAA;AAAA,IAC7B,CAAC,CAAA;AACD,IAAA,KAAA,CAAM,MAAA,EAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,KAAA,KAAU;AAClC,MAAA,MAAM,IAAA,GAAO,MAAM,QAAA,EAAS;AAC5B,MAAA,GAAA,IAAO,IAAA;AACP,MAAA,OAAA,IAAW,IAAA;AACX,MAAA,IAAA,CAAK,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,CAAA;AAAA,IAC7B,CAAC,CAAA;AACD,IAAA,KAAA,CAAM,EAAA,CAAG,OAAA,EAAS,CAAC,GAAA,KAAQ;AACzB,MAAA,KAAA,MAAW,CAAA,IAAK,MAAA,EAAQ,YAAA,CAAa,CAAC,CAAA;AACtC,MAAA,IAAA,CAAK,EAAE,IAAA,EAAM,OAAA,EAAS,GAAA,EAAK,CAAA;AAAA,IAC7B,CAAC,CAAA;AACD,IAAA,KAAA,CAAM,EAAA,CAAG,OAAA,EAAS,CAAC,IAAA,KAAS;AAC1B,MAAA,KAAA,MAAW,CAAA,IAAK,MAAA,EAAQ,YAAA,CAAa,CAAC,CAAA;AACtC,MAAA,IAAA,CAAK,EAAE,IAAA,EAAM,KAAA,EAAO,IAAA,EAAM,CAAA;AAAA,IAC5B,CAAC,CAAA;AAED,IAAA,IAAI;AACF,MAAA,OAAO,IAAA,EAAM;AACX,QAAA,MAAM,CAAA,GAAI,MAAM,IAAA,EAAK;AACrB,QAAA,IAAI,CAAA,CAAE,IAAA,KAAS,OAAA,EAAS,MAAM,CAAA,CAAE,GAAA;AAChC,QAAA,IAAI,CAAA,CAAE,SAAS,KAAA,EAAO;AACpB,UAAA,MAAM,YAAY,KAAA,EAAM;AACxB,UAAA,IAAI,cAAc,IAAA,EAAM;AACtB,YAAA,MAAM,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,SAAA,EAAU;AAAA,UAClD;AACA,UAAA,MAAM,UAAU,SAAA,CAAU,GAAG,CAAA,CAAE,OAAA,CAAQ,UAAU,IAAI,CAAA;AACrD,UAAA,MAAM;AAAA,YACJ,IAAA,EAAM,OAAA;AAAA,YACN,MAAA,EAAQ;AAAA,cACN,MAAA,EAAQ,cAAA,CAAe,OAAA,EAAS,UAAU,CAAA;AAAA,cAC1C,WAAW,CAAA,CAAE,IAAA;AAAA,cACb,SAAA,EAAW;AAAA;AACb,WACF;AACA,UAAA;AAAA,QACF;AAIA,QAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,QAAA,IAAI,OAAA,CAAQ,MAAA,IAAU,kBAAA,IAAsB,GAAA,GAAM,aAAa,wBAAA,EAA0B;AACvF,UAAA,MAAM,OAAO,KAAA,EAAM;AACnB,UAAA,IAAI,IAAA,EAAM,MAAM,EAAE,IAAA,EAAM,kBAAkB,IAAA,EAAK;AAAA,QACjD;AAAA,MACF;AAAA,IACF,CAAA,SAAE;AACA,MAAA,KAAA,MAAW,CAAA,IAAK,MAAA,EAAQ,YAAA,CAAa,CAAC,CAAA;AAAA,IACxC;AAAA,EACF;AACF","file":"bash.js","sourcesContent":["import * as path from 'node:path';\nimport type { Context } from '@wrongstack/core';\n\nexport function resolvePath(input: string, ctx: Context): string {\n return path.isAbsolute(input) ? path.normalize(input) : path.resolve(ctx.cwd, input);\n}\n\nexport function ensureInsideRoot(absPath: string, ctx: Context): string {\n const root = path.resolve(ctx.projectRoot);\n const target = path.resolve(absPath);\n const rel = path.relative(root, target);\n if (rel.startsWith('..') || path.isAbsolute(rel)) {\n throw new Error(`Path \"${absPath}\" is outside project root \"${root}\"`);\n }\n return target;\n}\n\nexport function safeResolve(input: string, ctx: Context): string {\n return ensureInsideRoot(resolvePath(input, ctx), ctx);\n}\n\nexport function truncateMiddle(s: string, max: number): string {\n if (Buffer.byteLength(s, 'utf8') <= max) return s;\n const half = Math.floor(max / 2);\n return (\n s.slice(0, half) +\n `\\n…[truncated ${Buffer.byteLength(s, 'utf8') - max} bytes from middle]…\\n` +\n s.slice(-half)\n );\n}\n\nexport function isBinaryBuffer(buf: Buffer): boolean {\n const len = Math.min(buf.length, 8192);\n for (let i = 0; i < len; i++) {\n if (buf[i] === 0) return true;\n }\n return false;\n}\n","import { spawn } from 'node:child_process';\nimport * as os from 'node:os';\nimport type { Tool, ToolStreamEvent } from '@wrongstack/core';\nimport { stripAnsi } from '@wrongstack/core';\nimport { buildChildEnv } from './_env.js';\nimport { truncateMiddle } from './_util.js';\n\ninterface BashInput {\n command: string;\n timeout_ms?: number;\n background?: boolean;\n}\n\ninterface BashOutput {\n output: string;\n exit_code: number | null;\n timed_out: boolean;\n pid?: number;\n}\n\nconst MAX_OUTPUT = 32_768;\nconst DEFAULT_TIMEOUT = 30_000;\n// Flush partial_output every 200ms or when 4 KiB accumulates — whichever\n// comes first. Smaller batches make the TUI feel responsive; larger ones\n// keep EventBus traffic reasonable on chatty processes.\nconst STREAM_FLUSH_INTERVAL_MS = 200;\nconst STREAM_FLUSH_BYTES = 4 * 1024;\n\nexport const bashTool: Tool<BashInput, BashOutput> = {\n name: 'bash',\n category: 'Shell',\n description: 'Run a shell command. stdout and stderr are merged.',\n usageHint:\n 'Runs via `bash -c` (or `cmd /c` on Windows). Cwd is the project root. Default timeout 30s. Output truncated from the middle if oversized. Use for git, npm, builds, tests.',\n permission: 'confirm',\n mutating: true,\n // Trust rules match on the literal `command` string. Without subjectKey\n // the policy heuristic would have done the same here, but declaring it\n // explicitly removes the implicit cross-tool aliasing.\n subjectKey: 'command',\n timeoutMs: 30_000,\n maxOutputBytes: MAX_OUTPUT,\n estimatedDurationMs: 3_000,\n inputSchema: {\n type: 'object',\n properties: {\n command: { type: 'string' },\n timeout_ms: { type: 'integer' },\n background: { type: 'boolean' },\n },\n required: ['command'],\n },\n async execute(input, ctx, opts) {\n let final: BashOutput | undefined;\n for await (const ev of bashTool.executeStream!(input, ctx, opts)) {\n if (ev.type === 'final') final = ev.output;\n }\n if (!final) throw new Error('bash: stream ended without final event');\n return final;\n },\n async *executeStream(input, ctx, opts): AsyncGenerator<ToolStreamEvent<BashOutput>> {\n if (!input?.command) throw new Error('bash: command is required');\n const timeoutMs = Math.max(1, Math.min(input.timeout_ms ?? DEFAULT_TIMEOUT, 600_000));\n\n const isWin = os.platform() === 'win32';\n const shell = isWin\n ? (process.env['COMSPEC'] ?? 'cmd.exe')\n : (process.env['SHELL'] ?? '/bin/bash');\n const args = isWin ? ['/c', input.command] : ['-c', input.command];\n\n const env = buildChildEnv(ctx.session?.id);\n\n // On POSIX we put the shell in its own process group so that timeout /\n // abort can kill the entire group with `process.kill(-pid)`. Otherwise\n // `bash -c \"sleep 9999 & disown\"` would leave the grandchild running.\n // `detached: true` is also reused for the user-facing background mode;\n // we always want detached on POSIX, only on Windows is it tied to the\n // explicit background flag.\n const detached = isWin ? !!input.background : true;\n const child = spawn(shell, args, {\n cwd: ctx.projectRoot,\n env,\n stdio: input.background ? 'ignore' : ['ignore', 'pipe', 'pipe'],\n detached,\n signal: opts.signal,\n });\n\n if (input.background) {\n // Background mode: capture stdout/stderr with bounded buffers so a\n // malicious command can't write unbounded output. Apply MAX_OUTPUT cap.\n let buf = '';\n let truncated = false;\n const child = spawn(shell, args, {\n cwd: ctx.projectRoot,\n env,\n stdio: ['ignore', 'pipe', 'pipe'],\n detached: true,\n signal: opts.signal,\n });\n const pid = child.pid;\n child.stdout?.on('data', (chunk: Buffer) => {\n if (!truncated) {\n const remain = MAX_OUTPUT - buf.length;\n if (remain > 0) {\n buf += chunk.toString().slice(0, remain);\n }\n if (buf.length >= MAX_OUTPUT) truncated = true;\n }\n });\n child.stderr?.on('data', (chunk: Buffer) => {\n if (!truncated) {\n const remain = MAX_OUTPUT - buf.length;\n if (remain > 0) {\n buf += chunk.toString().slice(0, remain);\n }\n if (buf.length >= MAX_OUTPUT) truncated = true;\n }\n });\n child.on('close', () => {\n /* async generator — nothing to yield after close in background mode */\n });\n if (typeof pid === 'number') child.unref();\n yield {\n type: 'final',\n output: {\n output: truncated ? buf.slice(0, MAX_OUTPUT) + '…[truncated]' : buf,\n exit_code: null,\n timed_out: false,\n pid,\n },\n };\n return;\n }\n\n let buf = '';\n let pending = '';\n let timedOut = false;\n const timers: NodeJS.Timeout[] = [];\n const timer = setTimeout(() => {\n timedOut = true;\n if (isWin) {\n try {\n child.kill();\n } catch {\n /* ignore */\n }\n } else {\n try {\n // Kill the process group, not just the shell — pid is positive,\n // group id is the negated pid. Without this a runaway grandchild\n // ('sleep 9999 & disown') survives bash termination.\n if (typeof child.pid === 'number') {\n try {\n process.kill(-child.pid, 'SIGTERM');\n } catch {\n child.kill('SIGTERM');\n }\n } else {\n child.kill('SIGTERM');\n }\n const killTimer = setTimeout(() => {\n try {\n if (typeof child.pid === 'number') {\n try {\n process.kill(-child.pid, 'SIGKILL');\n } catch {\n child.kill('SIGKILL');\n }\n } else {\n child.kill('SIGKILL');\n }\n } catch {\n /* ignore */\n }\n }, 2000);\n timers.push(killTimer);\n killTimer.unref?.(); // Don't keep event loop alive on clean exit\n } catch {\n /* ignore */\n }\n }\n }, timeoutMs);\n timers.push(timer);\n timer.unref?.();\n\n // Bridge the EventEmitter-style child to an async iterator. We push\n // chunks into a queue and let the generator pull them; this lets us\n // yield 'partial_output' events to the executor at flush boundaries.\n type Chunk =\n | { kind: 'data'; text: string }\n | { kind: 'end'; code: number | null }\n | { kind: 'error'; err: Error };\n const queue: Chunk[] = [];\n let resolveNext: ((c: Chunk) => void) | null = null;\n const push = (c: Chunk) => {\n // Node.js EventEmitter guarantees no 'data' events fire after 'close',\n // so resolveNext can only be set when the consumer loop is alive.\n // Theoretically a custom stream could violate this, but the bash tool\n // only uses node:child_process streams which follow the contract.\n if (resolveNext) {\n const r = resolveNext;\n resolveNext = null;\n r(c);\n } else {\n queue.push(c);\n }\n };\n const next = (): Promise<Chunk> =>\n new Promise((resolve) => {\n const c = queue.shift();\n if (c) resolve(c);\n else resolveNext = resolve;\n });\n\n let lastFlush = Date.now();\n const flush = () => {\n if (pending.length === 0) return null;\n const text = pending;\n pending = '';\n lastFlush = Date.now();\n return text;\n };\n\n child.stdout?.on('data', (chunk) => {\n const text = chunk.toString();\n buf += text;\n pending += text;\n push({ kind: 'data', text });\n });\n child.stderr?.on('data', (chunk) => {\n const text = chunk.toString();\n buf += text;\n pending += text;\n push({ kind: 'data', text });\n });\n child.on('error', (err) => {\n for (const t of timers) clearTimeout(t);\n push({ kind: 'error', err });\n });\n child.on('close', (code) => {\n for (const t of timers) clearTimeout(t);\n push({ kind: 'end', code });\n });\n\n try {\n while (true) {\n const c = await next();\n if (c.kind === 'error') throw c.err;\n if (c.kind === 'end') {\n const remainder = flush();\n if (remainder !== null) {\n yield { type: 'partial_output', text: remainder };\n }\n const cleaned = stripAnsi(buf).replace(/\\r\\n?/g, '\\n');\n yield {\n type: 'final',\n output: {\n output: truncateMiddle(cleaned, MAX_OUTPUT),\n exit_code: c.code,\n timed_out: timedOut,\n },\n };\n return;\n }\n // Decide whether to flush. Time-based OR size-based to keep latency\n // low for slow-emitting commands without overwhelming the TUI for\n // chatty ones.\n const now = Date.now();\n if (pending.length >= STREAM_FLUSH_BYTES || now - lastFlush >= STREAM_FLUSH_INTERVAL_MS) {\n const text = flush();\n if (text) yield { type: 'partial_output', text };\n }\n }\n } finally {\n for (const t of timers) clearTimeout(t);\n }\n },\n};\n\n// Re-export types so consumers can narrow on stream events.\nexport type { BashInput, BashOutput };\n"]}
1
+ {"version":3,"sources":["../src/_util.ts","../src/bash.ts"],"names":["buf","child","resolve"],"mappings":";;;;;;AAqBO,SAAS,cAAA,CAAe,GAAW,GAAA,EAAqB;AAC7D,EAAA,IAAI,OAAO,UAAA,CAAW,CAAA,EAAG,MAAM,CAAA,IAAK,KAAK,OAAO,CAAA;AAChD,EAAA,MAAM,IAAA,GAAO,IAAA,CAAK,KAAA,CAAM,GAAA,GAAM,CAAC,CAAA;AAC/B,EAAA,OACE,CAAA,CAAE,KAAA,CAAM,CAAA,EAAG,IAAI,CAAA,GACf;AAAA,iBAAA,EAAiB,MAAA,CAAO,UAAA,CAAW,CAAA,EAAG,MAAM,IAAI,GAAG,CAAA;AAAA,CAAA,GACnD,CAAA,CAAE,KAAA,CAAM,CAAC,IAAI,CAAA;AAEjB;;;ACTA,IAAM,UAAA,GAAa,KAAA;AACnB,IAAM,eAAA,GAAkB,GAAA;AAIxB,IAAM,wBAAA,GAA2B,GAAA;AACjC,IAAM,qBAAqB,CAAA,GAAI,IAAA;AAExB,IAAM,QAAA,GAAwC;AAAA,EACnD,IAAA,EAAM,MAAA;AAAA,EACN,QAAA,EAAU,OAAA;AAAA,EACV,WAAA,EAAa,oDAAA;AAAA,EACb,SAAA,EACE,4KAAA;AAAA,EACF,UAAA,EAAY,SAAA;AAAA,EACZ,QAAA,EAAU,IAAA;AAAA;AAAA;AAAA;AAAA,EAIV,UAAA,EAAY,SAAA;AAAA,EACZ,SAAA,EAAW,GAAA;AAAA,EACX,cAAA,EAAgB,UAAA;AAAA,EAChB,mBAAA,EAAqB,GAAA;AAAA,EACrB,WAAA,EAAa;AAAA,IACX,IAAA,EAAM,QAAA;AAAA,IACN,UAAA,EAAY;AAAA,MACV,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAS;AAAA,MAC1B,UAAA,EAAY,EAAE,IAAA,EAAM,SAAA,EAAU;AAAA,MAC9B,UAAA,EAAY,EAAE,IAAA,EAAM,SAAA;AAAU,KAChC;AAAA,IACA,QAAA,EAAU,CAAC,SAAS;AAAA,GACtB;AAAA,EACA,MAAM,OAAA,CAAQ,KAAA,EAAO,GAAA,EAAK,IAAA,EAAM;AAC9B,IAAA,IAAI,KAAA;AACJ,IAAA,WAAA,MAAiB,MAAM,QAAA,CAAS,aAAA,CAAe,KAAA,EAAO,GAAA,EAAK,IAAI,CAAA,EAAG;AAChE,MAAA,IAAI,EAAA,CAAG,IAAA,KAAS,OAAA,EAAS,KAAA,GAAQ,EAAA,CAAG,MAAA;AAAA,IACtC;AACA,IAAA,IAAI,CAAC,KAAA,EAAO,MAAM,IAAI,MAAM,wCAAwC,CAAA;AACpE,IAAA,OAAO,KAAA;AAAA,EACT,CAAA;AAAA,EACA,OAAO,aAAA,CAAc,KAAA,EAAO,GAAA,EAAK,IAAA,EAAmD;AAClF,IAAA,IAAI,CAAC,KAAA,EAAO,OAAA,EAAS,MAAM,IAAI,MAAM,2BAA2B,CAAA;AAChE,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,GAAA,CAAI,CAAA,EAAG,IAAA,CAAK,IAAI,KAAA,CAAM,UAAA,IAAc,eAAA,EAAiB,GAAO,CAAC,CAAA;AAEpF,IAAA,MAAM,KAAA,GAAW,aAAS,KAAM,OAAA;AAChC,IAAA,MAAM,KAAA,GAAQ,KAAA,GACT,OAAA,CAAQ,GAAA,CAAI,SAAS,KAAK,SAAA,GAC1B,OAAA,CAAQ,GAAA,CAAI,OAAO,CAAA,IAAK,WAAA;AAC7B,IAAA,MAAM,IAAA,GAAO,KAAA,GAAQ,CAAC,IAAA,EAAM,KAAA,CAAM,OAAO,CAAA,GAAI,CAAC,IAAA,EAAM,KAAA,CAAM,OAAO,CAAA;AAEjE,IAAA,MAAM,GAAA,GAAM,aAAA,CAAc,GAAA,CAAI,OAAA,EAAS,EAAE,CAAA;AAQzC,IAAA,MAAM,QAAA,GAAW,KAAA,GAAQ,CAAC,CAAC,MAAM,UAAA,GAAa,IAAA;AAE9C,IAAA,IAAI,MAAM,UAAA,EAAY;AAGpB,MAAA,IAAIA,IAAAA,GAAM,EAAA;AACV,MAAA,IAAI,SAAA,GAAY,KAAA;AAChB,MAAA,MAAMC,MAAAA,GAAQ,KAAA,CAAM,KAAA,EAAO,IAAA,EAAM;AAAA,QAC/B,KAAK,GAAA,CAAI,WAAA;AAAA,QACT,GAAA;AAAA,QACA,KAAA,EAAO,CAAC,QAAA,EAAU,MAAA,EAAQ,MAAM,CAAA;AAAA,QAChC,QAAA,EAAU,IAAA;AAAA,QACV,QAAQ,IAAA,CAAK;AAAA,OACd,CAAA;AACD,MAAA,MAAM,MAAMA,MAAAA,CAAM,GAAA;AAClB,MAAAA,MAAAA,CAAM,MAAA,EAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,KAAA,KAAkB;AAC1C,QAAA,IAAI,CAAC,SAAA,EAAW;AACd,UAAA,MAAM,MAAA,GAAS,aAAaD,IAAAA,CAAI,MAAA;AAChC,UAAA,IAAI,SAAS,CAAA,EAAG;AACd,YAAAA,QAAO,KAAA,CAAM,QAAA,EAAS,CAAE,KAAA,CAAM,GAAG,MAAM,CAAA;AAAA,UACzC;AACA,UAAA,IAAIA,IAAAA,CAAI,MAAA,IAAU,UAAA,EAAY,SAAA,GAAY,IAAA;AAAA,QAC5C;AAAA,MACF,CAAC,CAAA;AACD,MAAAC,MAAAA,CAAM,MAAA,EAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,KAAA,KAAkB;AAC1C,QAAA,IAAI,CAAC,SAAA,EAAW;AACd,UAAA,MAAM,MAAA,GAAS,aAAaD,IAAAA,CAAI,MAAA;AAChC,UAAA,IAAI,SAAS,CAAA,EAAG;AACd,YAAAA,QAAO,KAAA,CAAM,QAAA,EAAS,CAAE,KAAA,CAAM,GAAG,MAAM,CAAA;AAAA,UACzC;AACA,UAAA,IAAIA,IAAAA,CAAI,MAAA,IAAU,UAAA,EAAY,SAAA,GAAY,IAAA;AAAA,QAC5C;AAAA,MACF,CAAC,CAAA;AACD,MAAAC,MAAAA,CAAM,EAAA,CAAG,OAAA,EAAS,MAAM;AAAA,MAExB,CAAC,CAAA;AACD,MAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,EAAUA,OAAM,KAAA,EAAM;AACzC,MAAA,MAAM;AAAA,QACJ,IAAA,EAAM,OAAA;AAAA,QACN,MAAA,EAAQ;AAAA,UACN,QAAQ,SAAA,GAAYD,IAAAA,CAAI,MAAM,CAAA,EAAG,UAAU,IAAI,mBAAA,GAAiBA,IAAAA;AAAA,UAChE,SAAA,EAAW,IAAA;AAAA,UACX,SAAA,EAAW,KAAA;AAAA,UACX;AAAA;AACF,OACF;AACA,MAAA;AAAA,IACF;AAGA,IAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,KAAA,EAAO,IAAA,EAAM;AAAA,MAC/B,KAAK,GAAA,CAAI,WAAA;AAAA,MACT,GAAA;AAAA,MACA,KAAA,EAAO,CAAC,QAAA,EAAU,MAAA,EAAQ,MAAM,CAAA;AAAA,MAChC,QAAA;AAAA,MACA,QAAQ,IAAA,CAAK;AAAA,KACd,CAAA;AAED,IAAA,IAAI,GAAA,GAAM,EAAA;AACV,IAAA,IAAI,OAAA,GAAU,EAAA;AACd,IAAA,IAAI,QAAA,GAAW,KAAA;AACf,IAAA,MAAM,SAA2B,EAAC;AAClC,IAAA,MAAM,KAAA,GAAQ,WAAW,MAAM;AAC7B,MAAA,QAAA,GAAW,IAAA;AACX,MAAA,IAAI,KAAA,EAAO;AACT,QAAA,IAAI;AACF,UAAA,KAAA,CAAM,IAAA,EAAK;AAAA,QACb,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF,CAAA,MAAO;AACL,QAAA,IAAI;AAIF,UAAA,IAAI,OAAO,KAAA,CAAM,GAAA,KAAQ,QAAA,EAAU;AACjC,YAAA,IAAI;AACF,cAAA,OAAA,CAAQ,IAAA,CAAK,CAAC,KAAA,CAAM,GAAA,EAAK,SAAS,CAAA;AAAA,YACpC,CAAA,CAAA,MAAQ;AACN,cAAA,KAAA,CAAM,KAAK,SAAS,CAAA;AAAA,YACtB;AAAA,UACF,CAAA,MAAO;AACL,YAAA,KAAA,CAAM,KAAK,SAAS,CAAA;AAAA,UACtB;AACA,UAAA,MAAM,SAAA,GAAY,WAAW,MAAM;AACjC,YAAA,IAAI;AACF,cAAA,IAAI,OAAO,KAAA,CAAM,GAAA,KAAQ,QAAA,EAAU;AACjC,gBAAA,IAAI;AACF,kBAAA,OAAA,CAAQ,IAAA,CAAK,CAAC,KAAA,CAAM,GAAA,EAAK,SAAS,CAAA;AAAA,gBACpC,CAAA,CAAA,MAAQ;AACN,kBAAA,KAAA,CAAM,KAAK,SAAS,CAAA;AAAA,gBACtB;AAAA,cACF,CAAA,MAAO;AACL,gBAAA,KAAA,CAAM,KAAK,SAAS,CAAA;AAAA,cACtB;AAAA,YACF,CAAA,CAAA,MAAQ;AAAA,YAER;AAAA,UACF,GAAG,GAAI,CAAA;AACP,UAAA,MAAA,CAAO,KAAK,SAAS,CAAA;AACrB,UAAA,SAAA,CAAU,KAAA,IAAQ;AAAA,QACpB,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF,GAAG,SAAS,CAAA;AACZ,IAAA,MAAA,CAAO,KAAK,KAAK,CAAA;AACjB,IAAA,KAAA,CAAM,KAAA,IAAQ;AASd,IAAA,MAAM,QAAiB,EAAC;AACxB,IAAA,IAAI,WAAA,GAA2C,IAAA;AAC/C,IAAA,MAAM,IAAA,GAAO,CAAC,CAAA,KAAa;AAKzB,MAAA,IAAI,WAAA,EAAa;AACf,QAAA,MAAM,CAAA,GAAI,WAAA;AACV,QAAA,WAAA,GAAc,IAAA;AACd,QAAA,CAAA,CAAE,CAAC,CAAA;AAAA,MACL,CAAA,MAAO;AACL,QAAA,KAAA,CAAM,KAAK,CAAC,CAAA;AAAA,MACd;AAAA,IACF,CAAA;AACA,IAAA,MAAM,IAAA,GAAO,MACX,IAAI,OAAA,CAAQ,CAACE,QAAAA,KAAY;AACvB,MAAA,MAAM,CAAA,GAAI,MAAM,KAAA,EAAM;AACtB,MAAA,IAAI,CAAA,EAAGA,QAAAA,CAAQ,CAAC,CAAA;AAAA,WACX,WAAA,GAAcA,QAAAA;AAAA,IACrB,CAAC,CAAA;AAEH,IAAA,IAAI,SAAA,GAAY,KAAK,GAAA,EAAI;AACzB,IAAA,MAAM,QAAQ,MAAM;AAClB,MAAA,IAAI,OAAA,CAAQ,MAAA,KAAW,CAAA,EAAG,OAAO,IAAA;AACjC,MAAA,MAAM,IAAA,GAAO,OAAA;AACb,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,SAAA,GAAY,KAAK,GAAA,EAAI;AACrB,MAAA,OAAO,IAAA;AAAA,IACT,CAAA;AAEA,IAAA,KAAA,CAAM,MAAA,EAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,KAAA,KAAU;AAClC,MAAA,MAAM,IAAA,GAAO,MAAM,QAAA,EAAS;AAC5B,MAAA,GAAA,IAAO,IAAA;AACP,MAAA,OAAA,IAAW,IAAA;AACX,MAAA,IAAA,CAAK,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,CAAA;AAAA,IAC7B,CAAC,CAAA;AACD,IAAA,KAAA,CAAM,MAAA,EAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,KAAA,KAAU;AAClC,MAAA,MAAM,IAAA,GAAO,MAAM,QAAA,EAAS;AAC5B,MAAA,GAAA,IAAO,IAAA;AACP,MAAA,OAAA,IAAW,IAAA;AACX,MAAA,IAAA,CAAK,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,CAAA;AAAA,IAC7B,CAAC,CAAA;AACD,IAAA,KAAA,CAAM,EAAA,CAAG,OAAA,EAAS,CAAC,GAAA,KAAQ;AACzB,MAAA,KAAA,MAAW,CAAA,IAAK,MAAA,EAAQ,YAAA,CAAa,CAAC,CAAA;AACtC,MAAA,IAAA,CAAK,EAAE,IAAA,EAAM,OAAA,EAAS,GAAA,EAAK,CAAA;AAAA,IAC7B,CAAC,CAAA;AACD,IAAA,KAAA,CAAM,EAAA,CAAG,OAAA,EAAS,CAAC,IAAA,KAAS;AAC1B,MAAA,KAAA,MAAW,CAAA,IAAK,MAAA,EAAQ,YAAA,CAAa,CAAC,CAAA;AACtC,MAAA,IAAA,CAAK,EAAE,IAAA,EAAM,KAAA,EAAO,IAAA,EAAM,CAAA;AAAA,IAC5B,CAAC,CAAA;AAED,IAAA,IAAI;AACF,MAAA,OAAO,IAAA,EAAM;AACX,QAAA,MAAM,CAAA,GAAI,MAAM,IAAA,EAAK;AACrB,QAAA,IAAI,CAAA,CAAE,IAAA,KAAS,OAAA,EAAS,MAAM,CAAA,CAAE,GAAA;AAChC,QAAA,IAAI,CAAA,CAAE,SAAS,KAAA,EAAO;AACpB,UAAA,MAAM,YAAY,KAAA,EAAM;AACxB,UAAA,IAAI,cAAc,IAAA,EAAM;AACtB,YAAA,MAAM,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,SAAA,EAAU;AAAA,UAClD;AACA,UAAA,MAAM,UAAU,SAAA,CAAU,GAAG,CAAA,CAAE,OAAA,CAAQ,UAAU,IAAI,CAAA;AACrD,UAAA,MAAM;AAAA,YACJ,IAAA,EAAM,OAAA;AAAA,YACN,MAAA,EAAQ;AAAA,cACN,MAAA,EAAQ,cAAA,CAAe,OAAA,EAAS,UAAU,CAAA;AAAA,cAC1C,WAAW,CAAA,CAAE,IAAA;AAAA,cACb,SAAA,EAAW;AAAA;AACb,WACF;AACA,UAAA;AAAA,QACF;AAIA,QAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,QAAA,IAAI,OAAA,CAAQ,MAAA,IAAU,kBAAA,IAAsB,GAAA,GAAM,aAAa,wBAAA,EAA0B;AACvF,UAAA,MAAM,OAAO,KAAA,EAAM;AACnB,UAAA,IAAI,IAAA,EAAM,MAAM,EAAE,IAAA,EAAM,kBAAkB,IAAA,EAAK;AAAA,QACjD;AAAA,MACF;AAAA,IACF,CAAA,SAAE;AACA,MAAA,KAAA,MAAW,CAAA,IAAK,MAAA,EAAQ,YAAA,CAAa,CAAC,CAAA;AAAA,IACxC;AAAA,EACF;AACF","file":"bash.js","sourcesContent":["import * as path from 'node:path';\nimport type { Context } from '@wrongstack/core';\n\nexport function resolvePath(input: string, ctx: Context): string {\n return path.isAbsolute(input) ? path.normalize(input) : path.resolve(ctx.cwd, input);\n}\n\nexport function ensureInsideRoot(absPath: string, ctx: Context): string {\n const root = path.resolve(ctx.projectRoot);\n const target = path.resolve(absPath);\n const rel = path.relative(root, target);\n if (rel.startsWith('..') || path.isAbsolute(rel)) {\n throw new Error(`Path \"${absPath}\" is outside project root \"${root}\"`);\n }\n return target;\n}\n\nexport function safeResolve(input: string, ctx: Context): string {\n return ensureInsideRoot(resolvePath(input, ctx), ctx);\n}\n\nexport function truncateMiddle(s: string, max: number): string {\n if (Buffer.byteLength(s, 'utf8') <= max) return s;\n const half = Math.floor(max / 2);\n return (\n s.slice(0, half) +\n `\\n…[truncated ${Buffer.byteLength(s, 'utf8') - max} bytes from middle]…\\n` +\n s.slice(-half)\n );\n}\n\nexport function isBinaryBuffer(buf: Buffer): boolean {\n const len = Math.min(buf.length, 8192);\n for (let i = 0; i < len; i++) {\n if (buf[i] === 0) return true;\n }\n return false;\n}\n","import { spawn } from 'node:child_process';\nimport * as os from 'node:os';\nimport type { Tool, ToolStreamEvent } from '@wrongstack/core';\nimport { stripAnsi } from '@wrongstack/core';\nimport { buildChildEnv } from './_env.js';\nimport { truncateMiddle } from './_util.js';\n\ninterface BashInput {\n command: string;\n timeout_ms?: number;\n background?: boolean;\n}\n\ninterface BashOutput {\n output: string;\n exit_code: number | null;\n timed_out: boolean;\n pid?: number;\n}\n\nconst MAX_OUTPUT = 32_768;\nconst DEFAULT_TIMEOUT = 30_000;\n// Flush partial_output every 200ms or when 4 KiB accumulates — whichever\n// comes first. Smaller batches make the TUI feel responsive; larger ones\n// keep EventBus traffic reasonable on chatty processes.\nconst STREAM_FLUSH_INTERVAL_MS = 200;\nconst STREAM_FLUSH_BYTES = 4 * 1024;\n\nexport const bashTool: Tool<BashInput, BashOutput> = {\n name: 'bash',\n category: 'Shell',\n description: 'Run a shell command. stdout and stderr are merged.',\n usageHint:\n 'Runs via `bash -c` (or `cmd /c` on Windows). Cwd is the project root. Default timeout 30s. Output truncated from the middle if oversized. Use for git, npm, builds, tests.',\n permission: 'confirm',\n mutating: true,\n // Trust rules match on the literal `command` string. Without subjectKey\n // the policy heuristic would have done the same here, but declaring it\n // explicitly removes the implicit cross-tool aliasing.\n subjectKey: 'command',\n timeoutMs: 30_000,\n maxOutputBytes: MAX_OUTPUT,\n estimatedDurationMs: 3_000,\n inputSchema: {\n type: 'object',\n properties: {\n command: { type: 'string' },\n timeout_ms: { type: 'integer' },\n background: { type: 'boolean' },\n },\n required: ['command'],\n },\n async execute(input, ctx, opts) {\n let final: BashOutput | undefined;\n for await (const ev of bashTool.executeStream!(input, ctx, opts)) {\n if (ev.type === 'final') final = ev.output;\n }\n if (!final) throw new Error('bash: stream ended without final event');\n return final;\n },\n async *executeStream(input, ctx, opts): AsyncGenerator<ToolStreamEvent<BashOutput>> {\n if (!input?.command) throw new Error('bash: command is required');\n const timeoutMs = Math.max(1, Math.min(input.timeout_ms ?? DEFAULT_TIMEOUT, 600_000));\n\n const isWin = os.platform() === 'win32';\n const shell = isWin\n ? (process.env['COMSPEC'] ?? 'cmd.exe')\n : (process.env['SHELL'] ?? '/bin/bash');\n const args = isWin ? ['/c', input.command] : ['-c', input.command];\n\n const env = buildChildEnv(ctx.session?.id);\n\n // On POSIX we put the shell in its own process group so that timeout /\n // abort can kill the entire group with `process.kill(-pid)`. Otherwise\n // `bash -c \"sleep 9999 & disown\"` would leave the grandchild running.\n // `detached: true` is also reused for the user-facing background mode;\n // we always want detached on POSIX, only on Windows is it tied to the\n // explicit background flag.\n const detached = isWin ? !!input.background : true;\n\n if (input.background) {\n // Background mode: capture stdout/stderr with bounded buffers so a\n // malicious command can't write unbounded output. Apply MAX_OUTPUT cap.\n let buf = '';\n let truncated = false;\n const child = spawn(shell, args, {\n cwd: ctx.projectRoot,\n env,\n stdio: ['ignore', 'pipe', 'pipe'],\n detached: true,\n signal: opts.signal,\n });\n const pid = child.pid;\n child.stdout?.on('data', (chunk: Buffer) => {\n if (!truncated) {\n const remain = MAX_OUTPUT - buf.length;\n if (remain > 0) {\n buf += chunk.toString().slice(0, remain);\n }\n if (buf.length >= MAX_OUTPUT) truncated = true;\n }\n });\n child.stderr?.on('data', (chunk: Buffer) => {\n if (!truncated) {\n const remain = MAX_OUTPUT - buf.length;\n if (remain > 0) {\n buf += chunk.toString().slice(0, remain);\n }\n if (buf.length >= MAX_OUTPUT) truncated = true;\n }\n });\n child.on('close', () => {\n /* async generator — nothing to yield after close in background mode */\n });\n if (typeof pid === 'number') child.unref();\n yield {\n type: 'final',\n output: {\n output: truncated ? buf.slice(0, MAX_OUTPUT) + '…[truncated]' : buf,\n exit_code: null,\n timed_out: false,\n pid,\n },\n };\n return;\n }\n\n // Foreground mode: pipe stdout/stderr for streaming output.\n const child = spawn(shell, args, {\n cwd: ctx.projectRoot,\n env,\n stdio: ['ignore', 'pipe', 'pipe'],\n detached,\n signal: opts.signal,\n });\n\n let buf = '';\n let pending = '';\n let timedOut = false;\n const timers: NodeJS.Timeout[] = [];\n const timer = setTimeout(() => {\n timedOut = true;\n if (isWin) {\n try {\n child.kill();\n } catch {\n /* ignore */\n }\n } else {\n try {\n // Kill the process group, not just the shell — pid is positive,\n // group id is the negated pid. Without this a runaway grandchild\n // ('sleep 9999 & disown') survives bash termination.\n if (typeof child.pid === 'number') {\n try {\n process.kill(-child.pid, 'SIGTERM');\n } catch {\n child.kill('SIGTERM');\n }\n } else {\n child.kill('SIGTERM');\n }\n const killTimer = setTimeout(() => {\n try {\n if (typeof child.pid === 'number') {\n try {\n process.kill(-child.pid, 'SIGKILL');\n } catch {\n child.kill('SIGKILL');\n }\n } else {\n child.kill('SIGKILL');\n }\n } catch {\n /* ignore */\n }\n }, 2000);\n timers.push(killTimer);\n killTimer.unref?.(); // Don't keep event loop alive on clean exit\n } catch {\n /* ignore */\n }\n }\n }, timeoutMs);\n timers.push(timer);\n timer.unref?.();\n\n // Bridge the EventEmitter-style child to an async iterator. We push\n // chunks into a queue and let the generator pull them; this lets us\n // yield 'partial_output' events to the executor at flush boundaries.\n type Chunk =\n | { kind: 'data'; text: string }\n | { kind: 'end'; code: number | null }\n | { kind: 'error'; err: Error };\n const queue: Chunk[] = [];\n let resolveNext: ((c: Chunk) => void) | null = null;\n const push = (c: Chunk) => {\n // Node.js EventEmitter guarantees no 'data' events fire after 'close',\n // so resolveNext can only be set when the consumer loop is alive.\n // Theoretically a custom stream could violate this, but the bash tool\n // only uses node:child_process streams which follow the contract.\n if (resolveNext) {\n const r = resolveNext;\n resolveNext = null;\n r(c);\n } else {\n queue.push(c);\n }\n };\n const next = (): Promise<Chunk> =>\n new Promise((resolve) => {\n const c = queue.shift();\n if (c) resolve(c);\n else resolveNext = resolve;\n });\n\n let lastFlush = Date.now();\n const flush = () => {\n if (pending.length === 0) return null;\n const text = pending;\n pending = '';\n lastFlush = Date.now();\n return text;\n };\n\n child.stdout?.on('data', (chunk) => {\n const text = chunk.toString();\n buf += text;\n pending += text;\n push({ kind: 'data', text });\n });\n child.stderr?.on('data', (chunk) => {\n const text = chunk.toString();\n buf += text;\n pending += text;\n push({ kind: 'data', text });\n });\n child.on('error', (err) => {\n for (const t of timers) clearTimeout(t);\n push({ kind: 'error', err });\n });\n child.on('close', (code) => {\n for (const t of timers) clearTimeout(t);\n push({ kind: 'end', code });\n });\n\n try {\n while (true) {\n const c = await next();\n if (c.kind === 'error') throw c.err;\n if (c.kind === 'end') {\n const remainder = flush();\n if (remainder !== null) {\n yield { type: 'partial_output', text: remainder };\n }\n const cleaned = stripAnsi(buf).replace(/\\r\\n?/g, '\\n');\n yield {\n type: 'final',\n output: {\n output: truncateMiddle(cleaned, MAX_OUTPUT),\n exit_code: c.code,\n timed_out: timedOut,\n },\n };\n return;\n }\n // Decide whether to flush. Time-based OR size-based to keep latency\n // low for slow-emitting commands without overwhelming the TUI for\n // chatty ones.\n const now = Date.now();\n if (pending.length >= STREAM_FLUSH_BYTES || now - lastFlush >= STREAM_FLUSH_INTERVAL_MS) {\n const text = flush();\n if (text) yield { type: 'partial_output', text };\n }\n }\n } finally {\n for (const t of timers) clearTimeout(t);\n }\n },\n};\n\n// Re-export types so consumers can narrow on stream events.\nexport type { BashInput, BashOutput };\n"]}
package/dist/builtin.js CHANGED
@@ -276,13 +276,6 @@ var bashTool = {
276
276
  const args = isWin ? ["/c", input.command] : ["-c", input.command];
277
277
  const env = buildChildEnv(ctx.session?.id);
278
278
  const detached = isWin ? !!input.background : true;
279
- const child = spawn(shell, args, {
280
- cwd: ctx.projectRoot,
281
- env,
282
- stdio: input.background ? "ignore" : ["ignore", "pipe", "pipe"],
283
- detached,
284
- signal: opts.signal
285
- });
286
279
  if (input.background) {
287
280
  let buf2 = "";
288
281
  let truncated = false;
@@ -326,6 +319,13 @@ var bashTool = {
326
319
  };
327
320
  return;
328
321
  }
322
+ const child = spawn(shell, args, {
323
+ cwd: ctx.projectRoot,
324
+ env,
325
+ stdio: ["ignore", "pipe", "pipe"],
326
+ detached,
327
+ signal: opts.signal
328
+ });
329
329
  let buf = "";
330
330
  let pending = "";
331
331
  let timedOut = false;
@@ -622,7 +622,7 @@ function runGit(args, cwd, signal) {
622
622
  return new Promise((resolve5) => {
623
623
  let stdout = "";
624
624
  let stderr = "";
625
- const child = spawn("git", args, { cwd, signal, stdio: ["ignore", "pipe", "pipe"] });
625
+ const child = spawn("git", args, { cwd, signal, env: buildChildEnv(), stdio: ["ignore", "pipe", "pipe"] });
626
626
  child.stdout?.on("data", (c) => {
627
627
  stdout += c.toString();
628
628
  });
@@ -966,7 +966,7 @@ var ALLOWED_COMMANDS = {
966
966
  go: ["version", "run", "build", "test"],
967
967
  python: ["--version"],
968
968
  pip: ["--version", "install", "list"],
969
- docker: ["--version", "ps", "images", "build"],
969
+ docker: ["--version", "ps", "images"],
970
970
  kubectl: ["version", "get", "describe", "logs"]
971
971
  };
972
972
  var MAX_ARGS = 20;
@@ -975,14 +975,22 @@ var TIMEOUT_MS = 3e4;
975
975
  var BLOCKED_ARG_PATTERNS = {
976
976
  // python -c/--command executes arbitrary code; python -m runs modules
977
977
  python: [/-c$/, /^--command$/, /^-m$/, /^--module$/],
978
- // git --exec=<cmd> runs arbitrary commands via upload-pack/receive-pack
979
- git: [/^--exec=/, /^--upload-pack=/, /^--receive-pack=/],
978
+ // git --exec=<cmd> runs arbitrary commands via upload-pack/receive-pack;
979
+ // -C <dir> changes working directory, bypassing cwd sandbox
980
+ git: [/^--exec=/, /^--upload-pack=/, /^--receive-pack=/, /^-C$/],
980
981
  // node -r/--require preloads arbitrary modules; --eval executes code
981
982
  node: [/^-r$/, /^--require$/, /^-e$/, /^--eval$/, /^--prof-process$/],
982
983
  // go run could execute arbitrary .go files; -ldflags could inject build-time code
983
984
  go: [/^-ldflags$/],
984
985
  // bun --preload is similar to node --require
985
- bun: [/^--preload$/]
986
+ bun: [/^--preload$/],
987
+ // docker build/run can create containers with host access;
988
+ // only allow read-only commands (ps, images, version)
989
+ docker: [/^build$/, /^run$/, /^exec$/, /^push$/, /^pull$/],
990
+ // find -exec/-ok/-execdir execute arbitrary commands
991
+ find: [/^-exec$/, /^-exec;$/, /^-ok$/, /^-ok;$/, /^-execdir$/, /^-execdir;$/, /^-exec=/, /^-ok=/, /^-execdir=/],
992
+ // rm -rf / is catastrophic — block root and home targets
993
+ rm: [/^\/$/, /^\/\*$/, /^~$/]
986
994
  };
987
995
  function validateArgs(cmd, args) {
988
996
  const blocked = BLOCKED_ARG_PATTERNS[cmd];
@@ -1637,6 +1645,7 @@ function runGit2(args, cwd, signal) {
1637
1645
  const child = spawn("git", args, {
1638
1646
  cwd,
1639
1647
  signal,
1648
+ env: buildChildEnv(),
1640
1649
  stdio: ["ignore", "pipe", "pipe"]
1641
1650
  });
1642
1651
  child.stdout?.on("data", (chunk) => {
@@ -1842,7 +1851,7 @@ var grepTool = {
1842
1851
  async function detectRg(signal) {
1843
1852
  return new Promise((resolve5) => {
1844
1853
  try {
1845
- const p = spawn("rg", ["--version"], { stdio: "ignore", signal });
1854
+ const p = spawn("rg", ["--version"], { env: buildChildEnv(), stdio: "ignore", signal });
1846
1855
  p.on("error", () => resolve5(false));
1847
1856
  p.on("close", (code) => resolve5(code === 0));
1848
1857
  } catch {
@@ -1872,7 +1881,7 @@ async function* runRgStream(input, base, mode, limit, signal) {
1872
1881
  const FLUSH_AT = 16;
1873
1882
  const MAX_BUF_BYTES = 1e6;
1874
1883
  let bufOverflow = false;
1875
- const child = spawn("rg", args, { signal, stdio: ["ignore", "pipe", "pipe"] });
1884
+ const child = spawn("rg", args, { signal, env: buildChildEnv(), stdio: ["ignore", "pipe", "pipe"] });
1876
1885
  const queue = [];
1877
1886
  let waiter;
1878
1887
  const wake = () => {
@@ -2457,7 +2466,7 @@ async function dockerLogs(service, lines, filterRe, cwd, signal, since) {
2457
2466
  let stdout = "";
2458
2467
  let stderr = "";
2459
2468
  const MAX = 2e5;
2460
- const child = spawn("docker", args, { cwd, signal, stdio: ["ignore", "pipe", "pipe"] });
2469
+ const child = spawn("docker", args, { cwd, signal, env: buildChildEnv(), stdio: ["ignore", "pipe", "pipe"] });
2461
2470
  child.stdout?.on("data", (c) => {
2462
2471
  if (stdout.length < MAX) stdout += c.toString();
2463
2472
  });
@@ -2615,7 +2624,7 @@ function runOutdated(manager, args, cwd, signal) {
2615
2624
  let stdout = "";
2616
2625
  let stderr = "";
2617
2626
  const MAX = 1e5;
2618
- const child = spawn(manager, args, { cwd, signal, stdio: ["ignore", "pipe", "pipe"] });
2627
+ const child = spawn(manager, args, { cwd, signal, env: buildChildEnv(), stdio: ["ignore", "pipe", "pipe"] });
2619
2628
  child.stdout?.on("data", (c) => {
2620
2629
  if (stdout.length < MAX) stdout += c.toString();
2621
2630
  });
@@ -3075,7 +3084,7 @@ async function globFiles(pattern, base, extraGlob) {
3075
3084
  function checkRg() {
3076
3085
  return new Promise((resolve5) => {
3077
3086
  try {
3078
- const p = spawn("rg", ["--version"], { stdio: "ignore" });
3087
+ const p = spawn("rg", ["--version"], { env: buildChildEnv(), stdio: "ignore" });
3079
3088
  p.on("error", () => resolve5(false));
3080
3089
  p.on("close", (code) => resolve5(code === 0));
3081
3090
  } catch {
@@ -3085,7 +3094,7 @@ function checkRg() {
3085
3094
  }
3086
3095
  function spawnRgFind(pattern, base) {
3087
3096
  const args = ["--files", "--glob", pattern, base];
3088
- const child = spawn("rg", args, { stdio: ["ignore", "pipe", "pipe"] });
3097
+ const child = spawn("rg", args, { env: buildChildEnv(), stdio: ["ignore", "pipe", "pipe"] });
3089
3098
  let buf = "";
3090
3099
  child.stdout?.on("data", (chunk) => {
3091
3100
  buf += chunk.toString();