@yhyzgn/tikeo 0.1.911

package/dist/proto/worker.proto

@@ -0,0 +1,188 @@
+syntax = "proto3";
+
+package tikeo.worker.v1;
+
+option go_package = "github.com/yhyzgn/tikeo/sdks/go/tikeo/internal/workerpb;workerpb";
+
+service WorkerTunnelService {
+  rpc OpenTunnel(stream WorkerMessage) returns (stream ServerMessage);
+  rpc SubscribeTaskLogs(SubscribeTaskLogsRequest) returns (stream TaskLog);
+}
+
+message WorkerMessage {
+  oneof kind {
+    RegisterWorker register = 1;
+    Heartbeat heartbeat = 2;
+    TaskResult task_result = 3;
+    TaskLog task_log = 4;
+    UnregisterWorker unregister = 5;
+    TaskCheckpoint task_checkpoint = 6;
+  }
+}
+
+message ServerMessage {
+  oneof kind {
+    WorkerRegistered registered = 1;
+    Ping ping = 2;
+    DispatchTask dispatch_task = 3;
+  }
+}
+
+message RegisterWorker {
+  // Optional client-side stable instance hint. The tikeo still assigns the authoritative worker_id.
+  string client_instance_id = 1;
+  string app = 2;
+  string namespace = 3;
+  string cluster = 4;
+  string region = 5;
+  // Legacy free-form labels/capabilities. New routing must use structured_capabilities.
+  repeated string capabilities = 6;
+  map<string, string> labels = 7;
+  WorkerCapabilities structured_capabilities = 8;
+  WorkerClusterElection election = 9;
+}
+
+message WorkerCapabilities {
+  // Human/operator tags such as java or spring-boot. Not used for dispatch routing.
+  repeated string tags = 1;
+  repeated SdkProcessorCapability sdk_processors = 2;
+  repeated ScriptRunnerCapability script_runners = 3;
+  repeated PluginProcessorCapability plugin_processors = 4;
+}
+
+message SdkProcessorCapability {
+  string name = 1;
+}
+
+message ScriptRunnerCapability {
+  string language = 1;
+  string sandbox_backend = 2;
+}
+
+message PluginProcessorCapability {
+  string type = 1;
+  repeated string processor_names = 2;
+}
+
+message WorkerClusterElection {
+  bool enabled = 1;
+  // Stable election domain. Empty means namespace/app/cluster/region.
+  string domain = 2;
+  // Optional deterministic priority. Lower values win ties after health checks.
+  uint32 priority = 3;
+}
+
+message Heartbeat {
+  string worker_id = 1;
+  uint64 sequence = 2;
+  uint64 generation = 3;
+  string fencing_token = 4;
+}
+
+message WorkerRegistered {
+  string worker_id = 1;
+  uint64 lease_seconds = 2;
+  uint64 generation = 3;
+  string fencing_token = 4;
+}
+
+message UnregisterWorker {
+  string worker_id = 1;
+  uint64 generation = 2;
+  string fencing_token = 3;
+}
+
+message Ping {
+  uint64 sequence = 1;
+}
+
+message DispatchTask {
+  string instance_id = 1;
+  string job_id = 2;
+  bytes payload = 3;
+  // Explicit processor key used by SDK adapters. Defaults to job_id for backwards compatibility.
+  string processor_name = 4;
+  // Optional dynamic processor metadata. Empty for normal SDK processors.
+  TaskProcessorBinding processor_binding = 5;
+  // Server-issued opaque assignment authority bound to worker session generation/fencing.
+  string assignment_token = 6;
+}
+
+message TaskProcessorBinding {
+  oneof kind {
+    WasmProcessorBinding wasm = 1;
+    ScriptProcessorBinding script = 2;
+  }
+}
+
+message ScriptProcessorBinding {
+  string script_id = 1;
+  string version = 2;
+  string language = 3;
+  bytes content = 4;
+  string version_id = 5;
+  uint64 version_number = 6;
+  string content_sha256 = 7;
+  uint64 timeout_ms = 8;
+  uint64 max_memory_bytes = 9;
+  uint64 max_output_bytes = 10;
+  bool allow_network = 11;
+  repeated string allowed_env_vars = 12;
+  repeated string read_only_paths = 13;
+  repeated string writable_paths = 14;
+  repeated string secret_refs = 15;
+  repeated string allowed_network_hosts = 16;
+  string sandbox_backend = 17;
+}
+
+message WasmProcessorBinding {
+  string script_id = 1;
+  string version = 2;
+  bytes module = 3;
+  string runtime = 4;
+  string entrypoint = 5;
+  uint64 timeout_ms = 6;
+  uint64 max_memory_bytes = 7;
+  uint64 fuel = 8;
+  bool allow_network = 9;
+  repeated string allowed_env_vars = 10;
+  // Immutable script version snapshot identifier when available.
+  string version_id = 11;
+  // Monotonic script version snapshot number when available.
+  uint64 version_number = 12;
+  // Lowercase hex SHA-256 digest of module bytes. Workers must verify when present.
+  string module_sha256 = 13;
+  // Reserved signature hook for future PKI-backed module verification.
+  string module_signature = 14;
+}
+
+message TaskResult {
+  string worker_id = 1;
+  string instance_id = 2;
+  bool success = 3;
+  string message = 4;
+  string assignment_token = 5;
+}
+
+message TaskLog {
+  string worker_id = 1;
+  string instance_id = 2;
+  string level = 3;
+  string message = 4;
+  int64 sequence = 5;
+  string assignment_token = 6;
+}
+
+message TaskCheckpoint {
+  string worker_id = 1;
+  string instance_id = 2;
+  string checkpoint_json = 3;
+  int64 sequence = 4;
+  string assignment_token = 5;
+}
+
+message SubscribeTaskLogsRequest {
+  string instance_id = 1;
+  int64 after_sequence = 2;
+  bool replay_existing = 3;
+}

package/dist/script/index.d.ts

@@ -0,0 +1,86 @@
+import type { WorkerConfig } from "../config.js";
+import type { TaskLogSink, TaskOutcome } from "../task.js";
+import { ScriptTaskRuntimeDirs } from "./runtimeDirs.js";
+export { SandboxToolResolver } from "./sandboxTools.js";
+export { ScriptTaskRuntimeDirs } from "./runtimeDirs.js";
+export interface ScriptRunnerTask {
+    scriptId: string;
+    versionId: string;
+    versionNumber: number;
+    language: string;
+    content: Uint8Array;
+    contentSha256: string;
+    timeoutMs?: number;
+    maxOutputBytes?: number;
+    allowNetwork?: boolean;
+    allowedEnvVars?: string[];
+    readOnlyPaths?: string[];
+    writablePaths?: string[];
+    secretRefs?: string[];
+    allowedNetworkHosts?: string[];
+    sandboxBackend?: string;
+    instanceId?: string;
+    jobId?: string;
+    log?: TaskLogSink;
+}
+export interface ScriptRunner {
+    language: string;
+    sandboxBackend: string;
+    run(task: ScriptRunnerTask): Promise<TaskOutcome> | TaskOutcome;
+    advertiseCapability?(): boolean;
+}
+export declare function normalizeScriptLanguage(language: string): string;
+export declare function defaultSandboxBackend(language: string): string;
+export declare function normalizeScriptSandboxBackend(backend: string, language: string): string;
+export declare function defaultScriptCommand(language: string): [string, string[]];
+export declare class ScriptRunnerRegistry {
+    private runners;
+    register(runner: ScriptRunner): ScriptRunnerRegistry;
+    get(language: string): ScriptRunner | undefined;
+    addCapabilities(config: WorkerConfig): void;
+}
+export declare class UnavailableScriptRunner implements ScriptRunner {
+    private reason;
+    language: string;
+    sandboxBackend: string;
+    constructor(language: string, sandboxBackend: string, reason: string);
+    advertiseCapability(): boolean;
+    run(task: ScriptRunnerTask): TaskOutcome;
+}
+export declare class LocalCommandScriptRunner implements ScriptRunner {
+    language: string;
+    sandboxBackend: string;
+    private command;
+    private args;
+    constructor(language: string, sandboxBackend?: string);
+    run(task: ScriptRunnerTask): TaskOutcome;
+}
+export declare class ContainerScriptRunner implements ScriptRunner {
+    private image;
+    private runtimeArgs;
+    language: string;
+    sandboxBackend: string;
+    constructor(language: string, runtimeCommand: string, image: string, runtimeArgs?: string[]);
+    run(task: ScriptRunnerTask): TaskOutcome;
+    private containerArgs;
+}
+export declare class SrtScriptRunner implements ScriptRunner {
+    private runtimeCommand;
+    private interpreter;
+    private extraPath;
+    sandboxBackend: string;
+    language: string;
+    constructor(language: string, runtimeCommand: string, interpreter: string, extraPath?: string[]);
+    run(task: ScriptRunnerTask): TaskOutcome;
+    private shellCommand;
+}
+export declare class DenoScriptRunner implements ScriptRunner {
+    private command;
+    sandboxBackend: string;
+    language: string;
+    constructor(language: string, command: string);
+    run(task: ScriptRunnerTask): TaskOutcome;
+}
+export declare function validateScriptTask(language: string, task: ScriptRunnerTask): void;
+export declare function emitScriptCommandOutput(log: TaskLogSink | undefined, level: string, output: Buffer): void;
+export declare function writeSrtSettings(task: ScriptRunnerTask, dirs: ScriptTaskRuntimeDirs, scriptFile?: string): string;

package/dist/script/index.js

@@ -0,0 +1,316 @@
+import { createHash } from "node:crypto";
+import { mkdtempSync, writeFileSync, rmSync } from "node:fs";
+import { tmpdir, homedir } from "node:os";
+import { isAbsolute, join } from "node:path";
+import { spawnSync } from "node:child_process";
+import { failed } from "../task.js";
+import { ScriptTaskRuntimeDirs, appendAllowedUnmanagedEnv } from "./runtimeDirs.js";
+export { SandboxToolResolver } from "./sandboxTools.js";
+export { ScriptTaskRuntimeDirs } from "./runtimeDirs.js";
+export function normalizeScriptLanguage(language) {
+    switch (language.trim().toLowerCase()) {
+        case "shell":
+        case "sh":
+        case "bash": return "shell";
+        case "python":
+        case "py": return "python";
+        case "node":
+        case "nodejs":
+        case "javascript":
+        case "js": return "javascript";
+        case "typescript":
+        case "ts": return "typescript";
+        case "powershell":
+        case "pwsh": return "powershell";
+        case "php": return "php";
+        case "groovy": return "groovy";
+        case "rhai": return "rhai";
+        default: return language.trim().toLowerCase();
+    }
+}
+export function defaultSandboxBackend(language) { return ["javascript", "typescript"].includes(normalizeScriptLanguage(language)) ? "deno" : "srt"; }
+export function normalizeScriptSandboxBackend(backend, language) {
+    let value = backend.trim().toLowerCase();
+    if (!value || value === "auto")
+        return defaultSandboxBackend(language);
+    const aliases = { "wasm_edge": "wasmedge", "wasm-edge": "wasmedge", "anthropic_srt": "srt", "anthropic-srt": "srt", "sandbox_runtime": "srt", "sandbox-runtime": "srt", "v8_isolate": "v8", "v8-isolate": "v8" };
+    value = aliases[value] ?? value;
+    if (!["wasmtime", "wasmedge", "srt", "deno", "v8", "docker", "podman", "custom"].includes(value))
+        throw new Error(`unsupported script sandbox backend: ${backend}`);
+    return value;
+}
+export function defaultScriptCommand(language) {
+    switch (normalizeScriptLanguage(language)) {
+        case "shell": return ["sh", ["-s"]];
+        case "python": return ["python3", ["-"]];
+        case "javascript":
+        case "typescript": return ["deno", ["run", "--no-prompt", "-"]];
+        case "powershell": return ["pwsh", ["-NoLogo", "-NoProfile", "-NonInteractive", "-Command", "-"]];
+        case "php": return ["php", []];
+        case "groovy": return ["groovy", []];
+        case "rhai": return ["rhai", []];
+        default: return ["sh", ["-s"]];
+    }
+}
+export class ScriptRunnerRegistry {
+    runners = new Map();
+    register(runner) {
+        this.runners.set(normalizeScriptLanguage(runner.language), runner);
+        return this;
+    }
+    get(language) { return this.runners.get(normalizeScriptLanguage(language)); }
+    addCapabilities(config) {
+        for (const language of [...this.runners.keys()].sort()) {
+            const runner = this.runners.get(language);
+            if (runner.advertiseCapability?.() === false)
+                continue;
+            config.addScriptRunner(runner.language, runner.sandboxBackend);
+        }
+    }
+}
+export class UnavailableScriptRunner {
+    reason;
+    language;
+    sandboxBackend;
+    constructor(language, sandboxBackend, reason) {
+        this.reason = reason;
+        this.language = normalizeScriptLanguage(language);
+        try {
+            this.sandboxBackend = normalizeScriptSandboxBackend(sandboxBackend, this.language);
+        }
+        catch (error) {
+            this.sandboxBackend = defaultSandboxBackend(this.language);
+            this.reason = `${reason}; ${error.message}`;
+        }
+    }
+    advertiseCapability() { return false; }
+    run(task) {
+        try {
+            validateScriptTask(this.language, task);
+        }
+        catch (error) {
+            return failed(error.message);
+        }
+        return failed(`${this.language} script runner backend is unavailable: ${this.reason}`);
+    }
+}
+export class LocalCommandScriptRunner {
+    language;
+    sandboxBackend;
+    command;
+    args;
+    constructor(language, sandboxBackend = "custom") {
+        this.language = normalizeScriptLanguage(language);
+        this.sandboxBackend = normalizeScriptSandboxBackend(sandboxBackend, this.language);
+        if (this.sandboxBackend !== "custom")
+            throw new Error(`local command script runner must use custom sandbox backend, got ${this.sandboxBackend}`);
+        [this.command, this.args] = defaultScriptCommand(this.language);
+    }
+    run(task) {
+        try {
+            validateScriptTask(this.language, task);
+            if (task.allowNetwork || task.allowedNetworkHosts?.length)
+                throw new Error("local script runner rejects network access");
+            if (task.secretRefs?.length)
+                throw new Error("local script runner rejects secret refs");
+            if (task.readOnlyPaths?.length || task.writablePaths?.length)
+                throw new Error("local script runner rejects filesystem grants");
+        }
+        catch (error) {
+            return failed(error.message);
+        }
+        return runCommand([this.command, ...this.args], task, Buffer.from(task.content));
+    }
+}
+export class ContainerScriptRunner {
+    image;
+    runtimeArgs;
+    language;
+    sandboxBackend;
+    constructor(language, runtimeCommand, image, runtimeArgs = []) {
+        this.image = image;
+        this.runtimeArgs = runtimeArgs;
+        this.language = normalizeScriptLanguage(language);
+        this.sandboxBackend = normalizeScriptSandboxBackend(runtimeCommand, this.language);
+        if (!["docker", "podman"].includes(this.sandboxBackend))
+            throw new Error(`container script runner requires docker or podman backend, got ${this.sandboxBackend}`);
+        if (!image.trim())
+            throw new Error(`container script runner requires an image for ${this.language}`);
+    }
+    run(task) {
+        try {
+            validateScriptTask(this.language, task);
+            if (task.allowNetwork || task.allowedNetworkHosts?.length)
+                throw new Error("container script runner rejects network grants without host-level filtering");
+            if (task.secretRefs?.length)
+                throw new Error("container script runner rejects secret refs without a worker-local secret provider");
+            return runCommand([this.sandboxBackend, ...this.containerArgs(task)], task, Buffer.from(task.content));
+        }
+        catch (error) {
+            return failed(error.message);
+        }
+    }
+    containerArgs(task) {
+        const args = ["run", "--rm", "-i", "--network=none", "--read-only", "--tmpfs", "/tmp:rw,noexec,nosuid,size=16m", "--memory", "67108864", ...this.runtimeArgs];
+        for (const path of task.readOnlyPaths ?? [])
+            args.push("--mount", containerMount(path, true));
+        for (const path of task.writablePaths ?? [])
+            args.push("--mount", containerMount(path, false));
+        args.push("--env", `TIKEO_SCRIPT_ID=${task.scriptId}`, "--env", `TIKEO_SCRIPT_VERSION_ID=${task.versionId}`, "--env", `TIKEO_SCRIPT_VERSION_NUMBER=${task.versionNumber}`, this.image);
+        const [cmd, cmdArgs] = defaultScriptCommand(this.language);
+        return [...args, cmd, ...cmdArgs];
+    }
+}
+export class SrtScriptRunner {
+    runtimeCommand;
+    interpreter;
+    extraPath;
+    sandboxBackend = "srt";
+    language;
+    constructor(language, runtimeCommand, interpreter, extraPath = []) {
+        this.runtimeCommand = runtimeCommand;
+        this.interpreter = interpreter;
+        this.extraPath = extraPath;
+        this.language = normalizeScriptLanguage(language);
+        if (!runtimeCommand.trim() || !interpreter.trim())
+            throw new Error("SRT runner requires runtime and interpreter commands");
+    }
+    run(task) {
+        try {
+            validateScriptTask(this.language, task);
+            if (task.secretRefs?.length)
+                throw new Error("SRT script runner rejects secret refs without a worker-local secret provider");
+        }
+        catch (error) {
+            return failed(error.message);
+        }
+        const dirs = ScriptTaskRuntimeDirs.create(`tikeo-srt-${this.language}-runtime`);
+        let settings = "";
+        try {
+            let scriptFile = "";
+            if (this.language === "rhai") {
+                scriptFile = dirs.scriptFile("rhai");
+                writeFileSync(scriptFile, task.content);
+            }
+            settings = writeSrtSettings(task, dirs, scriptFile);
+            let env = dirs.srtEnvironment(this.extraPath);
+            if (this.language === "powershell")
+                env = dirs.powerShellEnvironment(env);
+            addScriptEnv(env, task);
+            appendAllowedUnmanagedEnv(env, task.allowedEnvVars ?? []);
+            return runCommand([this.runtimeCommand, "--settings", settings, "-c", this.shellCommand(Buffer.from(task.content).toString(), scriptFile)], task, undefined, dirs.workingDir(), env);
+        }
+        finally {
+            if (settings)
+                rmSync(settings, { force: true });
+            dirs.cleanup();
+        }
+    }
+    shellCommand(source, scriptFile) {
+        switch (this.language) {
+            case "shell": return source;
+            case "python": return heredoc(`${this.interpreter} -`, "PY", source);
+            case "powershell": return heredoc(`${this.interpreter} -NoLogo -NoProfile -NonInteractive -InputFormat Text -OutputFormat Text -Command -`, "PWSH", source);
+            case "php":
+            case "groovy": return heredoc(this.interpreter, this.language.toUpperCase(), source);
+            case "rhai": return scriptFile ? `${this.interpreter} '${scriptFile.replace(/'/g, `'\\''`)}'` : heredoc(this.interpreter, "RHAI", source);
+            default: return heredoc(this.interpreter, "SCRIPT", source);
+        }
+    }
+}
+export class DenoScriptRunner {
+    command;
+    sandboxBackend = "deno";
+    language;
+    constructor(language, command) {
+        this.command = command;
+        this.language = normalizeScriptLanguage(language);
+        if (!["javascript", "typescript"].includes(this.language))
+            throw new Error("Deno runner supports JavaScript and TypeScript only");
+        if (!command.trim())
+            throw new Error("Deno runner requires a command");
+    }
+    run(task) {
+        try {
+            validateScriptTask(this.language, task);
+            if (task.secretRefs?.length)
+                throw new Error("Deno script runner rejects secret refs without a worker-local secret provider");
+        }
+        catch (error) {
+            return failed(error.message);
+        }
+        const dirs = ScriptTaskRuntimeDirs.create(`tikeo-deno-${this.language}-runtime`);
+        try {
+            const args = [this.command, "run", "--no-prompt"];
+            if (task.allowNetwork)
+                args.push("--allow-net");
+            else if (task.allowedNetworkHosts?.length)
+                args.push(`--allow-net=${task.allowedNetworkHosts.join(",")}`);
+            if (task.allowedEnvVars?.length)
+                args.push(`--allow-env=${task.allowedEnvVars.join(",")}`);
+            if (task.readOnlyPaths?.length)
+                args.push(`--allow-read=${task.readOnlyPaths.join(",")}`);
+            const writable = [...(task.writablePaths ?? []), ...dirs.writablePaths()];
+            if (writable.length)
+                args.push(`--allow-write=${writable.join(",")}`);
+            args.push("-");
+            const env = dirs.denoEnvironment();
+            addScriptEnv(env, task);
+            appendAllowedUnmanagedEnv(env, task.allowedEnvVars ?? []);
+            return runCommand(args, task, Buffer.from(task.content), dirs.workingDir(), env);
+        }
+        finally {
+            dirs.cleanup();
+        }
+    }
+}
+export function validateScriptTask(language, task) {
+    if (normalizeScriptLanguage(task.language) !== language)
+        throw new Error(`script runner language mismatch: task=${task.language} runner=${language}`);
+    if (!task.scriptId || !task.versionNumber || !task.content?.length)
+        throw new Error("script runner requires a released immutable script version snapshot");
+    if (!task.contentSha256)
+        throw new Error("script runner requires a content sha256 digest");
+    const digest = createHash("sha256").update(task.content).digest("hex");
+    if (digest !== task.contentSha256.toLowerCase())
+        throw new Error("script content digest mismatch");
+}
+export function emitScriptCommandOutput(log, level, output) {
+    if (!log || output.length === 0)
+        return;
+    for (const line of output.toString().replace(/\r\n/g, "\n").split("\n")) {
+        const item = line.trim();
+        if (item)
+            log(level, `[script] ${item}`);
+    }
+}
+function runCommand(command, task, input, cwd, env) {
+    const result = spawnSync(command[0], command.slice(1), { input, cwd, env, encoding: "buffer", timeout: task.timeoutMs ?? 30_000 });
+    if (result.error)
+        return failed(result.error.message.includes("ETIMEDOUT") ? "script runner timed out" : result.error.message);
+    const stdout = result.stdout ? Buffer.from(result.stdout) : Buffer.alloc(0);
+    const stderr = result.stderr ? Buffer.from(result.stderr) : Buffer.alloc(0);
+    emitScriptCommandOutput(task.log, "info", stdout);
+    emitScriptCommandOutput(task.log, "error", stderr);
+    const message = stdout.toString().trim() || stderr.toString().trim();
+    if (result.status !== 0)
+        return failed(limitOutput(message || `script runner exited with status ${result.status}`, task.maxOutputBytes ?? 1024 * 1024));
+    return { success: true, message: limitOutput(message, task.maxOutputBytes ?? 1024 * 1024) };
+}
+export function writeSrtSettings(task, dirs, scriptFile = "") {
+    const allowRead = [...(task.readOnlyPaths ?? []), ...(scriptFile ? [scriptFile] : [])];
+    const settings = {
+        network: { allowUnixSocket: false, allowedDomains: task.allowedNetworkHosts ?? [], deniedDomains: [] },
+        filesystem: { allowRead, allowWrite: [...(task.writablePaths ?? []), ...dirs.writablePaths()], denyRead: sensitiveReadDenies(), denyWrite: [] },
+    };
+    const file = join(mkdtempSync(join(tmpdir(), "tikeo-srt-settings-dir-")), "settings.json");
+    writeFileSync(file, JSON.stringify(settings));
+    return file;
+}
+function sensitiveReadDenies() { return [".ssh", ".gnupg", ".aws", ".kube", ".docker", join(".config", "tikeo")].map((path) => join(homedir(), path)); }
+function heredoc(command, marker, content) { let delimiter = marker; while (content.includes(delimiter))
+    delimiter += "_TIKEO"; return `${command} <<'${delimiter}'\n${content}\n${delimiter}`; }
+function containerMount(path, readOnly) { const trimmed = path.trim(); if (!trimmed || trimmed !== path || !isAbsolute(trimmed) || trimmed.split(/[\\/]/).includes(".."))
+    throw new Error(`script file grant path must be clean and absolute: ${path}`); return `type=bind,src=${trimmed},dst=${trimmed}${readOnly ? ",readonly" : ""}`; }
+function addScriptEnv(env, task) { env.TIKEO_SCRIPT_ID = task.scriptId; env.TIKEO_SCRIPT_VERSION_ID = task.versionId; env.TIKEO_SCRIPT_VERSION_NUMBER = String(task.versionNumber); }
+function limitOutput(message, max) { return Buffer.byteLength(message) <= max ? message : Buffer.from(message).subarray(0, max).toString(); }

package/dist/script/runtimeDirs.d.ts

@@ -0,0 +1,24 @@
+export declare class ScriptTaskRuntimeDirs {
+    root: string;
+    home: string;
+    config: string;
+    cache: string;
+    data: string;
+    modules: string;
+    dotnetHome: string;
+    powerShellCache: string;
+    tmp: string;
+    denoDir: string;
+    private constructor();
+    static create(prefix: string): ScriptTaskRuntimeDirs;
+    requiredDirectories(): string[];
+    writablePaths(): string[];
+    workingDir(): string;
+    scriptFile(extension: string): string;
+    baseEnvironment(extraPath?: string[]): NodeJS.ProcessEnv;
+    srtEnvironment(extraPath?: string[]): NodeJS.ProcessEnv;
+    powerShellEnvironment(env: NodeJS.ProcessEnv): NodeJS.ProcessEnv;
+    denoEnvironment(): NodeJS.ProcessEnv;
+    cleanup(): void;
+}
+export declare function appendAllowedUnmanagedEnv(env: NodeJS.ProcessEnv, allowed: string[]): NodeJS.ProcessEnv;