npm - @zigrivers/mmr - Versions diffs - 1.3.0 → 1.4.1 - Mend

@zigrivers/mmr 1.3.0 → 1.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (130) hide show

package/README.md +444 -0
package/dist/cli.d.ts.map +1 -1
package/dist/cli.js +4 -0
package/dist/cli.js.map +1 -1
package/dist/commands/ack.d.ts +11 -0
package/dist/commands/ack.d.ts.map +1 -0
package/dist/commands/ack.js +123 -0
package/dist/commands/ack.js.map +1 -0
package/dist/commands/config.d.ts +5 -0
package/dist/commands/config.d.ts.map +1 -1
package/dist/commands/config.js +248 -14
package/dist/commands/config.js.map +1 -1
package/dist/commands/jobs.d.ts.map +1 -1
package/dist/commands/jobs.js +3 -4
package/dist/commands/jobs.js.map +1 -1
package/dist/commands/reconcile.d.ts.map +1 -1
package/dist/commands/reconcile.js +12 -5
package/dist/commands/reconcile.js.map +1 -1
package/dist/commands/results.d.ts.map +1 -1
package/dist/commands/results.js +13 -5
package/dist/commands/results.js.map +1 -1
package/dist/commands/review.d.ts +25 -0
package/dist/commands/review.d.ts.map +1 -1
package/dist/commands/review.js +459 -44
package/dist/commands/review.js.map +1 -1
package/dist/commands/sessions.d.ts +58 -0
package/dist/commands/sessions.d.ts.map +1 -0
package/dist/commands/sessions.js +266 -0
package/dist/commands/sessions.js.map +1 -0
package/dist/commands/status.d.ts.map +1 -1
package/dist/commands/status.js +2 -3
package/dist/commands/status.js.map +1 -1
package/dist/config/defaults.d.ts +2 -2
package/dist/config/defaults.d.ts.map +1 -1
package/dist/config/defaults.js +76 -0
package/dist/config/defaults.js.map +1 -1
package/dist/config/loader.d.ts +22 -0
package/dist/config/loader.d.ts.map +1 -1
package/dist/config/loader.js +279 -36
package/dist/config/loader.js.map +1 -1
package/dist/config/schema.d.ts +897 -53
package/dist/config/schema.d.ts.map +1 -1
package/dist/config/schema.js +155 -4
package/dist/config/schema.js.map +1 -1
package/dist/core/ack-store.d.ts +109 -0
package/dist/core/ack-store.d.ts.map +1 -0
package/dist/core/ack-store.js +363 -0
package/dist/core/ack-store.js.map +1 -0
package/dist/core/auth.d.ts +10 -1
package/dist/core/auth.d.ts.map +1 -1
package/dist/core/auth.js +106 -35
package/dist/core/auth.js.map +1 -1
package/dist/core/compensator.d.ts +33 -4
package/dist/core/compensator.d.ts.map +1 -1
package/dist/core/compensator.js +120 -15
package/dist/core/compensator.js.map +1 -1
package/dist/core/diff-introspect.d.ts +21 -0
package/dist/core/diff-introspect.d.ts.map +1 -0
package/dist/core/diff-introspect.js +42 -0
package/dist/core/diff-introspect.js.map +1 -0
package/dist/core/dispatcher.d.ts +10 -0
package/dist/core/dispatcher.d.ts.map +1 -1
package/dist/core/dispatcher.js +91 -20
package/dist/core/dispatcher.js.map +1 -1
package/dist/core/git-show.d.ts +31 -0
package/dist/core/git-show.d.ts.map +1 -0
package/dist/core/git-show.js +72 -0
package/dist/core/git-show.js.map +1 -0
package/dist/core/host-isolation.d.ts +24 -0
package/dist/core/host-isolation.d.ts.map +1 -0
package/dist/core/host-isolation.js +107 -0
package/dist/core/host-isolation.js.map +1 -0
package/dist/core/http-dispatcher.d.ts +20 -0
package/dist/core/http-dispatcher.d.ts.map +1 -0
package/dist/core/http-dispatcher.js +125 -0
package/dist/core/http-dispatcher.js.map +1 -0
package/dist/core/job-store.d.ts +7 -1
package/dist/core/job-store.d.ts.map +1 -1
package/dist/core/job-store.js +21 -1
package/dist/core/job-store.js.map +1 -1
package/dist/core/jsonpath.d.ts +15 -0
package/dist/core/jsonpath.d.ts.map +1 -0
package/dist/core/jsonpath.js +63 -0
package/dist/core/jsonpath.js.map +1 -0
package/dist/core/oss-examples.d.ts +18 -0
package/dist/core/oss-examples.d.ts.map +1 -0
package/dist/core/oss-examples.js +66 -0
package/dist/core/oss-examples.js.map +1 -0
package/dist/core/parser.d.ts +8 -3
package/dist/core/parser.d.ts.map +1 -1
package/dist/core/parser.js +157 -6
package/dist/core/parser.js.map +1 -1
package/dist/core/project-root.d.ts +10 -0
package/dist/core/project-root.d.ts.map +1 -0
package/dist/core/project-root.js +23 -0
package/dist/core/project-root.js.map +1 -0
package/dist/core/reconciler.d.ts +1 -1
package/dist/core/reconciler.d.ts.map +1 -1
package/dist/core/reconciler.js +100 -18
package/dist/core/reconciler.js.map +1 -1
package/dist/core/redact.d.ts +17 -0
package/dist/core/redact.d.ts.map +1 -0
package/dist/core/redact.js +140 -0
package/dist/core/redact.js.map +1 -0
package/dist/core/results-pipeline.d.ts +8 -2
package/dist/core/results-pipeline.d.ts.map +1 -1
package/dist/core/results-pipeline.js +50 -3
package/dist/core/results-pipeline.js.map +1 -1
package/dist/core/runtime-probe.d.ts +14 -0
package/dist/core/runtime-probe.d.ts.map +1 -0
package/dist/core/runtime-probe.js +57 -0
package/dist/core/runtime-probe.js.map +1 -0
package/dist/core/stable-id.d.ts +19 -0
package/dist/core/stable-id.d.ts.map +1 -0
package/dist/core/stable-id.js +148 -0
package/dist/core/stable-id.js.map +1 -0
package/dist/core/trust-mode.d.ts +29 -0
package/dist/core/trust-mode.d.ts.map +1 -0
package/dist/core/trust-mode.js +103 -0
package/dist/core/trust-mode.js.map +1 -0
package/dist/formatters/markdown.d.ts.map +1 -1
package/dist/formatters/markdown.js +9 -0
package/dist/formatters/markdown.js.map +1 -1
package/dist/formatters/text.d.ts.map +1 -1
package/dist/formatters/text.js +9 -0
package/dist/formatters/text.js.map +1 -1
package/dist/types.d.ts +44 -1
package/dist/types.d.ts.map +1 -1
package/dist/types.js.map +1 -1
package/package.json +2 -2

package/dist/core/compensator.js CHANGED Viewed

@@ -1,4 +1,5 @@
 import { dispatchChannel } from './dispatcher.js';
+import { dispatchHttpChannel } from './http-dispatcher.js';
 /** Focus areas for compensating passes, keyed by the channel being compensated */
 const COMPENSATING_FOCUS = {
     codex: 'Focus your review on: implementation correctness, security vulnerabilities,'
@@ -7,30 +8,115 @@ const COMPENSATING_FOCUS = {
     gemini: 'Focus your review on: architectural patterns, design consistency,'
         + ' broad-context reasoning, separation of concerns, and dependency analysis.'
         + ' You are compensating for a missing Gemini review.',
+    grok: 'Focus your review on: an independent second-opinion pass over correctness'
+        + ' and code quality — edge cases, logic errors, and risky assumptions other'
+        + ' reviewers may have anchored past. You are compensating for a missing Grok review.',
 };
-/** Channels that should NOT be compensated (e.g., claude can't compensate for itself) */
-const SKIP_COMPENSATION = new Set(['claude']);
+function defaultCompensatorDispatch(config) {
+    return {
+        command: 'claude',
+        flags: ['-p', '--output-format', 'json'],
+        env: {},
+        timeout: config.defaults.timeout,
+        prompt_wrapper: '{{prompt}}',
+        stderr: 'capture',
+        output_parser: 'default',
+    };
+}
+export function resolveCompensatorDispatch(config) {
+    const { defaults } = config;
+    const channelName = defaults.compensator?.channel;
+    if (!channelName) {
+        return defaultCompensatorDispatch(config);
+    }
+    const channelConfig = getDispatchableCompensatorChannel(config, channelName);
+    return {
+        command: channelConfig.command,
+        flags: channelConfig.flags,
+        env: channelConfig.env,
+        timeout: channelConfig.timeout ?? config.defaults.timeout,
+        prompt_wrapper: channelConfig.prompt_wrapper ?? '{{prompt}}',
+        stderr: channelConfig.stderr,
+        output_parser: channelConfig.output_parser,
+        prompt_delivery: channelConfig.prompt_delivery,
+        cwd: channelConfig.cwd,
+    };
+}
+export function resolveCompensatorChannelName(config) {
+    return config.defaults.compensator?.channel ?? 'claude';
+}
+/**
+ * Resolve the configured compensator channel config (any kind), or undefined
+ * when none is configured (the default `claude -p` subprocess fallback applies).
+ * Throws only for a missing / abstract reference. Unlike
+ * getDispatchableCompensatorChannel this does NOT require a `command`, so it is
+ * safe for http compensators.
+ */
+export function getCompensatorChannel(config) {
+    const channelName = config.defaults.compensator?.channel;
+    if (!channelName)
+        return undefined;
+    const channelConfig = config.channels[channelName];
+    if (!channelConfig) {
+        throw new Error(`Compensator channel "${channelName}" not found in config`);
+    }
+    if (channelConfig.abstract) {
+        throw new Error(`Compensator channel "${channelName}" is abstract and cannot be dispatched`);
+    }
+    return channelConfig;
+}
+/** Output parser for the configured compensator channel (any kind); 'default' when none. */
+export function resolveCompensatorOutputParser(config) {
+    return getCompensatorChannel(config)?.output_parser ?? 'default';
+}
+export function getDispatchableCompensatorChannel(config, channelName) {
+    const channelConfig = config.channels[channelName];
+    if (!channelConfig) {
+        throw new Error(`Compensator channel "${channelName}" not found in config`);
+    }
+    if (channelConfig.abstract) {
+        throw new Error(`Compensator channel "${channelName}" is abstract and cannot be dispatched`);
+    }
+    if (!channelConfig.command) {
+        throw new Error(`Compensator channel "${channelName}" has no command`);
+    }
+    return channelConfig;
+}
+function applyPromptWrapper(wrapper, prompt) {
+    return wrapper === '{{prompt}}'
+        ? prompt
+        : wrapper.replaceAll('{{prompt}}', () => prompt);
+}
+/**
+ * Resolve the focus-area prompt prefix for a compensating pass.
+ */
+export function resolveCompensatorFocus(config, originalChannel) {
+    const override = config.defaults.compensator?.channel_focus_map?.[originalChannel];
+    if (typeof override === 'string' && override.trim().length > 0)
+        return override;
+    const builtin = COMPENSATING_FOCUS[originalChannel];
+    if (builtin)
+        return builtin;
+    return `Focus your review on areas typically covered by ${originalChannel}.`
+        + ` You are compensating for a missing ${originalChannel} review.`;
+}
 /**
  * Determine which channels need compensating passes.
  * Returns a list of compensating channel descriptors.
  */
-export function getCompensatingChannels(channelStatuses) {
+export function getCompensatingChannels(channelStatuses, compensatorChannel) {
     const compensating = [];
     for (const [name, status] of Object.entries(channelStatuses)) {
-        if (SKIP_COMPENSATION.has(name))
+        if (name === compensatorChannel)
             continue;
         if (status === 'not_installed'
             || status === 'auth_failed'
             || status === 'timeout'
             || status === 'skipped'
             || status === 'failed') {
-            const focus = COMPENSATING_FOCUS[name]
-                ?? `Focus your review on areas typically covered by ${name}.`
-                    + ` You are compensating for a missing ${name} review.`;
             compensating.push({
                 originalChannel: name,
                 compensatingName: `compensating-${name}`,
-                focusPrompt: focus,
             });
         }
     }
@@ -40,16 +126,35 @@ export function getCompensatingChannels(channelStatuses) {
  * Dispatch compensating passes via claude CLI for unavailable channels.
  * Each compensating pass uses the same prompt but with a focused preamble.
  */
-export async function dispatchCompensatingPasses(store, jobId, prompt, compensatingChannels, timeout) {
+export async function dispatchCompensatingPasses(store, jobId, prompt, compensatingChannels, config) {
+    const compChannel = getCompensatorChannel(config);
+    // HTTP compensator: route each pass through the HTTP dispatcher.
+    if (compChannel && compChannel.kind === 'http') {
+        await Promise.all(compensatingChannels.map((comp) => {
+            const focus = resolveCompensatorFocus(config, comp.originalChannel);
+            const compensatingPrompt = applyPromptWrapper(compChannel.prompt_wrapper ?? '{{prompt}}', `${focus}\n\n${prompt}`);
+            return dispatchHttpChannel(store, jobId, comp.compensatingName, {
+                channel: compChannel,
+                prompt: compensatingPrompt,
+                timeout: compChannel.timeout ?? config.defaults.timeout,
+            });
+        }));
+        return;
+    }
+    // Subprocess compensator (default `claude -p` or a configured command).
+    const dispatch = resolveCompensatorDispatch(config);
     await Promise.all(compensatingChannels.map((comp) => {
-        const compensatingPrompt = `${comp.focusPrompt}\n\n${prompt}`;
+        const focus = resolveCompensatorFocus(config, comp.originalChannel);
+        const compensatingPrompt = applyPromptWrapper(dispatch.prompt_wrapper, `${focus}\n\n${prompt}`);
         return dispatchChannel(store, jobId, comp.compensatingName, {
-            command: 'claude -p',
+            command: dispatch.command,
             prompt: compensatingPrompt,
-            flags: ['--output-format', 'json'],
-            env: {},
-            timeout,
-            stderr: 'capture',
+            flags: dispatch.flags,
+            env: dispatch.env,
+            timeout: dispatch.timeout,
+            stderr: dispatch.stderr,
+            promptDelivery: dispatch.prompt_delivery,
+            cwd: dispatch.cwd,
         });
     }));
 }

package/dist/core/compensator.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"compensator.js","sourceRoot":"","sources":["../../src/core/compensator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAA;~~AAIjD~~,kFAAkF;AAClF,MAAM,kBAAkB,GAA2B;IACjD,KAAK,EACH,6EAA6E;UAC3E,iEAAiE;UACjE,mDAAmD;IACvD,MAAM,EACJ,mEAAmE;UACjE,4EAA4E;UAC5E,oDAAoD;~~CACzD~~,CAAA;AAED,~~yFAAyF~~;~~AACzF~~,MAAM,~~iBAAiB~~,GAAG,IAAI,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAA;~~AAW7C;;;GAGG;~~AACH,MAAM,UAAU,~~uBAAuB~~,~~CACrC~~,~~eAA8C~~;~~IAE9C~~,MAAM,~~YAAY~~,~~GAA0B~~,EAAE,CAAA;~~IAE9C~~,~~KAAK~~,MAAM,CAAC,~~IAAI~~,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,~~OAAO~~,CAAC,~~eAAe~~,CAAC,EAAE,CAAC;~~QAC7D~~,IAAI,~~iBAAiB~~,CAAC,~~GAAG~~,CAAC,IAAI,CAAC;~~YAAE~~,~~SAAQ~~;~~QACzC~~,~~IACE~~,MAAM,~~KAAK~~,~~eAAe~~;~~eACvB~~,MAAM,KAAK,aAAa;~~eACxB~~,MAAM,KAAK,~~SAAS~~;~~eACpB~~,MAAM,KAAK,SAAS;~~eACpB~~,MAAM,KAAK,QAAQ,~~EACtB~~,CAAC;~~YACD~~,MAAM,~~KAAK~~,GAAG,kBAAkB,CAAC,~~IAAI~~,CAAC;~~mBACjC~~,mDAAmD,~~IAAI~~,GAAG;~~sBAC3D~~,uCAAuC,~~IAAI~~,UAAU,CAAA;~~YACzD~~,YAAY,CAAC,IAAI,CAAC;gBAChB,eAAe,EAAE,IAAI;gBACrB,gBAAgB,EAAE,gBAAgB,IAAI,EAAE;~~gBACxC~~,~~WAAW,EAAE,KAAK;aACnB,~~CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAA;AACrB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,KAAe,EACf,KAAa,EACb,MAAc,EACd,oBAA2C,EAC3C,~~OAAe~~;~~IAEf~~,MAAM,OAAO,CAAC,GAAG,CACf,oBAAoB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;~~QAChC~~,MAAM,kBAAkB,GAAG,GAAG,IAAI,CAAC,WAAW,OAAO,MAAM,EAAE,CAAA;~~QAC7D~~,OAAO,eAAe,CAAC,KAAK,EAAE,KAAK,EAAE,IAAI,CAAC,gBAAgB,EAAE;YAC1D,OAAO,EAAE,~~WAAW~~;~~YACpB~~,MAAM,EAAE,kBAAkB;YAC1B,KAAK,EAAE,CAAC,~~iBAAiB~~,EAAE,~~MAAM~~,CAAC~~;YAClC~~,GAAG,~~EAAE~~,EAAE~~;YACP~~,OAAO;~~YACP~~,MAAM,EAAE,~~SAAS~~;SAClB,CAAC,CAAA;IACJ,CAAC,CAAC,CACH,CAAA;AACH,CAAC"}
1	+ {"version":3,"file":"compensator.js","sourceRoot":"","sources":["../../src/core/compensator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAA;AACjD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAA;AAK1D,kFAAkF;AAClF,MAAM,kBAAkB,GAA2B;IACjD,KAAK,EACH,6EAA6E;UAC3E,iEAAiE;UACjE,mDAAmD;IACvD,MAAM,EACJ,mEAAmE;UACjE,4EAA4E;UAC5E,oDAAoD;IACxD,IAAI,EACF,2EAA2E;UACzE,2EAA2E;UAC3E,oFAAoF;CACzF,CAAA;AAqBD,SAAS,0BAA0B,CAAC,MAAuB;IACzD,OAAO;QACL,OAAO,EAAE,QAAQ;QACjB,KAAK,EAAE,CAAC,IAAI,EAAE,iBAAiB,EAAE,MAAM,CAAC;QACxC,GAAG,EAAE,EAAE;QACP,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,OAAO;QAChC,cAAc,EAAE,YAAY;QAC5B,MAAM,EAAE,SAAS;QACjB,aAAa,EAAE,SAAS;KACzB,CAAA;AACH,CAAC;AAED,MAAM,UAAU,0BAA0B,CAAC,MAAuB;IAChE,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAA;IAC3B,MAAM,WAAW,GAAG,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAA;IACjD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,0BAA0B,CAAC,MAAM,CAAC,CAAA;IAC3C,CAAC;IAED,MAAM,aAAa,GAAG,iCAAiC,CAAC,MAAM,EAAE,WAAW,CAAC,CAAA;IAE5E,OAAO;QACL,OAAO,EAAE,aAAa,CAAC,OAAO;QAC9B,KAAK,EAAE,aAAa,CAAC,KAAK;QAC1B,GAAG,EAAE,aAAa,CAAC,GAAG;QACtB,OAAO,EAAE,aAAa,CAAC,OAAO,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO;QACzD,cAAc,EAAE,aAAa,CAAC,cAAc,IAAI,YAAY;QAC5D,MAAM,EAAE,aAAa,CAAC,MAAM;QAC5B,aAAa,EAAE,aAAa,CAAC,aAAa;QAC1C,eAAe,EAAE,aAAa,CAAC,eAAe;QAC9C,GAAG,EAAE,aAAa,CAAC,GAAG;KACvB,CAAA;AACH,CAAC;AAED,MAAM,UAAU,6BAA6B,CAAC,MAAuB;IACnE,OAAO,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,OAAO,IAAI,QAAQ,CAAA;AACzD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,qBAAqB,CAAC,MAAuB;IAC3D,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAA;IACxD,IAAI,CAAC,WAAW;QAAE,OAAO,SAAS,CAAA;IAClC,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;IAClD,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,wBAAwB,WAAW,uBAAuB,CAAC,CAAA;IAC7E,CAAC;IACD,IAAI,aAAa,CAAC,QAAQ,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,wBAAwB,WAAW,wCAAwC,CAAC,CAAA;IAC9F,CAAC;IACD,OAAO,aAAa,CAAA;AACtB,CAAC;AAED,4FAA4F;AAC5F,MAAM,UAAU,8BAA8B,CAAC,MAAuB;IACpE,OAAO,qBAAqB,CAAC,MAAM,CAAC,EAAE,aAAa,IAAI,SAAS,CAAA;AAClE,CAAC;AAED,MAAM,UAAU,iCAAiC,CAC/C,MAAuB,EACvB,WAAmB;IAEnB,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;IAClD,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,wBAAwB,WAAW,uBAAuB,CAAC,CAAA;IAC7E,CAAC;IACD,IAAI,aAAa,CAAC,QAAQ,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,wBAAwB,WAAW,wCAAwC,CAAC,CAAA;IAC9F,CAAC;IACD,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,wBAAwB,WAAW,kBAAkB,CAAC,CAAA;IACxE,CAAC;IACD,OAAO,aAA0D,CAAA;AACnE,CAAC;AAED,SAAS,kBAAkB,CAAC,OAAe,EAAE,MAAc;IACzD,OAAO,OAAO,KAAK,YAAY;QAC7B,CAAC,CAAC,MAAM;QACR,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,CAAA;AACpD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB,CACrC,MAAuB,EACvB,eAAuB;IAEvB,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,iBAAiB,EAAE,CAAC,eAAe,CAAC,CAAA;IAClF,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,QAAQ,CAAA;IAC/E,MAAM,OAAO,GAAG,kBAAkB,CAAC,eAAe,CAAC,CAAA;IACnD,IAAI,OAAO;QAAE,OAAO,OAAO,CAAA;IAC3B,OAAO,mDAAmD,eAAe,GAAG;UACxE,uCAAuC,eAAe,UAAU,CAAA;AACtE,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,uBAAuB,CACrC,eAA8C,EAC9C,kBAA0B;IAE1B,MAAM,YAAY,GAA0B,EAAE,CAAA;IAE9C,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC;QAC7D,IAAI,IAAI,KAAK,kBAAkB;YAAE,SAAQ;QACzC,IACE,MAAM,KAAK,eAAe;eACvB,MAAM,KAAK,aAAa;eACxB,MAAM,KAAK,SAAS;eACpB,MAAM,KAAK,SAAS;eACpB,MAAM,KAAK,QAAQ,EACtB,CAAC;YACD,YAAY,CAAC,IAAI,CAAC;gBAChB,eAAe,EAAE,IAAI;gBACrB,gBAAgB,EAAE,gBAAgB,IAAI,EAAE;aACzC,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAA;AACrB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,KAAe,EACf,KAAa,EACb,MAAc,EACd,oBAA2C,EAC3C,MAAuB;IAEvB,MAAM,WAAW,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAA;IAEjD,iEAAiE;IACjE,IAAI,WAAW,IAAI,WAAW,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QAC/C,MAAM,OAAO,CAAC,GAAG,CACf,oBAAoB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;YAChC,MAAM,KAAK,GAAG,uBAAuB,CAAC,MAAM,EAAE,IAAI,CAAC,eAAe,CAAC,CAAA;YACnE,MAAM,kBAAkB,GAAG,kBAAkB,CAC3C,WAAW,CAAC,cAAc,IAAI,YAAY,EAC1C,GAAG,KAAK,OAAO,MAAM,EAAE,CACxB,CAAA;YACD,OAAO,mBAAmB,CAAC,KAAK,EAAE,KAAK,EAAE,IAAI,CAAC,gBAAgB,EAAE;gBAC9D,OAAO,EAAE,WAAW;gBACpB,MAAM,EAAE,kBAAkB;gBAC1B,OAAO,EAAE,WAAW,CAAC,OAAO,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO;aACxD,CAAC,CAAA;QACJ,CAAC,CAAC,CACH,CAAA;QACD,OAAM;IACR,CAAC;IAED,wEAAwE;IACxE,MAAM,QAAQ,GAAG,0BAA0B,CAAC,MAAM,CAAC,CAAA;IACnD,MAAM,OAAO,CAAC,GAAG,CACf,oBAAoB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QAChC,MAAM,KAAK,GAAG,uBAAuB,CAAC,MAAM,EAAE,IAAI,CAAC,eAAe,CAAC,CAAA;QACnE,MAAM,kBAAkB,GAAG,kBAAkB,CAAC,QAAQ,CAAC,cAAc,EAAE,GAAG,KAAK,OAAO,MAAM,EAAE,CAAC,CAAA;QAC/F,OAAO,eAAe,CAAC,KAAK,EAAE,KAAK,EAAE,IAAI,CAAC,gBAAgB,EAAE;YAC1D,OAAO,EAAE,QAAQ,CAAC,OAAO;YACzB,MAAM,EAAE,kBAAkB;YAC1B,KAAK,EAAE,QAAQ,CAAC,KAAK;YACrB,GAAG,EAAE,QAAQ,CAAC,GAAG;YACjB,OAAO,EAAE,QAAQ,CAAC,OAAO;YACzB,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,cAAc,EAAE,QAAQ,CAAC,eAAe;YACxC,GAAG,EAAE,QAAQ,CAAC,GAAG;SAClB,CAAC,CAAA;IACJ,CAAC,CAAC,CACH,CAAA;AACH,CAAC"}

package/dist/core/diff-introspect.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+export interface ConfigChangeReport {
+    /** Whether the diff touches `./.mmr.yaml` at all. */
+    config_file_changed: boolean;
+    /** Paths under `./.mmr/acks/` touched by the diff (added/modified/removed). */
+    ack_files_changed: string[];
+}
+/**
+ * Inspect a unified diff for changes to MMR trust-relevant files: the project
+ * config (`.mmr.yaml`) and any project acks (`.mmr/acks/*`). Callers use this
+ * to force `needs-user-decision` when a diff under review proposes new
+ * config/acks, so an untrusted PR can't silently change channels or suppress
+ * its own findings.
+ *
+ * The diff is attacker-controllable (`--diff`/stdin), so detection is
+ * deliberately liberal: it matches across diff producers (git a/b, --no-prefix,
+ * raw diff -u, merge `--cc`, rename/copy) and is case-insensitive. Spurious
+ * over-detection only forces a (overridable) user decision — the safe
+ * direction — while a miss would silently trust attacker config/acks.
+ */
+export declare function detectConfigChanges(diff: string): ConfigChangeReport;
+//# sourceMappingURL=diff-introspect.d.ts.map

package/dist/core/diff-introspect.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"diff-introspect.d.ts","sourceRoot":"","sources":["../../src/core/diff-introspect.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,kBAAkB;IACjC,qDAAqD;IACrD,mBAAmB,EAAE,OAAO,CAAA;IAC5B,+EAA+E;IAC/E,iBAAiB,EAAE,MAAM,EAAE,CAAA;CAC5B;AAgBD;;;;;;;;;;;;GAYG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,kBAAkB,CAWpE"}

package/dist/core/diff-introspect.js ADDED Viewed

@@ -0,0 +1,42 @@
+// Lines that name files in a unified/combined diff, across producers:
+// `git diff` (a/ b/), `git diff --no-prefix`, raw `diff -u` (---/+++ only),
+// merge diffs (`diff --cc`), and rename/copy metadata. We inspect only these
+// header-ish lines (not hunk bodies) for the sentinel paths.
+const HEADER_RE = /^(?:diff --git |diff --cc |diff --combined |--- |\+\+\+ |rename (?:from|to) |copy (?:from|to) )/;
+// `.mmr.yaml` as a path component (start, separator, or quote on each side),
+// case-insensitive so a casing variant on case-insensitive filesystems still
+// trips the gate (over-detection is the safe failure mode here).
+const CONFIG_RE = /(?:^|[\s/"'])\.mmr\.yaml(?:["'\s]|$)/i;
+// Any `.mmr/acks/<file>` occurrence; the match starts at `.mmr` so a leading
+// a//b/ prefix is naturally excluded.
+const ACK_RE = /\.mmr\/acks\/[^\s"']+/gi;
+/**
+ * Inspect a unified diff for changes to MMR trust-relevant files: the project
+ * config (`.mmr.yaml`) and any project acks (`.mmr/acks/*`). Callers use this
+ * to force `needs-user-decision` when a diff under review proposes new
+ * config/acks, so an untrusted PR can't silently change channels or suppress
+ * its own findings.
+ *
+ * The diff is attacker-controllable (`--diff`/stdin), so detection is
+ * deliberately liberal: it matches across diff producers (git a/b, --no-prefix,
+ * raw diff -u, merge `--cc`, rename/copy) and is case-insensitive. Spurious
+ * over-detection only forces a (overridable) user decision — the safe
+ * direction — while a miss would silently trust attacker config/acks.
+ */
+export function detectConfigChanges(diff) {
+    const report = { config_file_changed: false, ack_files_changed: [] };
+    if (!diff)
+        return report;
+    const acks = new Set();
+    for (const line of diff.split('\n')) {
+        if (!HEADER_RE.test(line))
+            continue;
+        if (CONFIG_RE.test(line))
+            report.config_file_changed = true;
+        for (const m of line.matchAll(ACK_RE))
+            acks.add(m[0]);
+    }
+    report.ack_files_changed = [...acks];
+    return report;
+}
+//# sourceMappingURL=diff-introspect.js.map

package/dist/core/diff-introspect.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"diff-introspect.js","sourceRoot":"","sources":["../../src/core/diff-introspect.ts"],"names":[],"mappings":"AAOA,sEAAsE;AACtE,4EAA4E;AAC5E,6EAA6E;AAC7E,6DAA6D;AAC7D,MAAM,SAAS,GACb,iGAAiG,CAAA;AACnG,6EAA6E;AAC7E,6EAA6E;AAC7E,iEAAiE;AACjE,MAAM,SAAS,GAAG,uCAAuC,CAAA;AACzD,6EAA6E;AAC7E,sCAAsC;AACtC,MAAM,MAAM,GAAG,yBAAyB,CAAA;AAExC;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAC9C,MAAM,MAAM,GAAuB,EAAE,mBAAmB,EAAE,KAAK,EAAE,iBAAiB,EAAE,EAAE,EAAE,CAAA;IACxF,IAAI,CAAC,IAAI;QAAE,OAAO,MAAM,CAAA;IACxB,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAA;IAC9B,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACpC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,SAAQ;QACnC,IAAI,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,MAAM,CAAC,mBAAmB,GAAG,IAAI,CAAA;QAC3D,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;YAAE,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;IACvD,CAAC;IACD,MAAM,CAAC,iBAAiB,GAAG,CAAC,GAAG,IAAI,CAAC,CAAA;IACpC,OAAO,MAAM,CAAA;AACf,CAAC"}

package/dist/core/dispatcher.d.ts CHANGED Viewed

@@ -7,6 +7,16 @@ export interface DispatchOptions {
     env: Record<string, string>;
     timeout: number;
     stderr: 'capture' | 'suppress' | 'passthrough';
+    /**
+     * How to hand the prompt to the process. 'stdin' (default) pipes it to
+     * stdin. 'prompt-file' writes it to a file in the channel dir and passes
+     * the path via a {{prompt_file}} placeholder in flags (or appended when no
+     * placeholder is present), for CLIs that require the prompt as an arg.
+     */
+    promptDelivery?: 'stdin' | 'prompt-file';
+    /** Working directory for the spawned process. {{neutral_cwd}} is expanded
+     *  (with {{neutral_home}} in env) into a per-run isolated dir before spawn. */
+    cwd?: string;
 }
 /** Check whether a channel status represents a terminal (done) state */
 export declare function isChannelComplete(status: ChannelStatus): boolean;

package/dist/core/dispatcher.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"dispatcher.d.ts","sourceRoot":"","sources":["../../src/core/dispatcher.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAChD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;~~AAE9C~~,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,EAAE,MAAM,EAAE,CAAA;IACf,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAC3B,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,SAAS,GAAG,UAAU,GAAG,aAAa,CAAA;~~CAC~~/C;~~AAyBD~~,wEAAwE;AACxE,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,aAAa,GAAG,OAAO,CAEhE;AAED,qEAAqE;AACrE,wBAAsB,eAAe,CACnC,KAAK,EAAE,QAAQ,EACf,KAAK,EAAE,MAAM,EACb,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,eAAe,GACpB,OAAO,CAAC,IAAI,CAAC,~~CAqIf~~"}
1	+ {"version":3,"file":"dispatcher.d.ts","sourceRoot":"","sources":["../../src/core/dispatcher.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAChD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAG9C,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,EAAE,MAAM,EAAE,CAAA;IACf,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAC3B,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,SAAS,GAAG,UAAU,GAAG,aAAa,CAAA;IAC9C;;;;;OAKG;IACH,cAAc,CAAC,EAAE,OAAO,GAAG,aAAa,CAAA;IACxC;mFAC+E;IAC/E,GAAG,CAAC,EAAE,MAAM,CAAA;CACb;AAiDD,wEAAwE;AACxE,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,aAAa,GAAG,OAAO,CAEhE;AAED,qEAAqE;AACrE,wBAAsB,eAAe,CACnC,KAAK,EAAE,QAAQ,EACf,KAAK,EAAE,MAAM,EACb,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,eAAe,GACpB,OAAO,CAAC,IAAI,CAAC,CAgLf"}

package/dist/core/dispatcher.js CHANGED Viewed

@@ -2,8 +2,17 @@ import { spawn } from 'node:child_process';
 import fs from 'node:fs';
 import path from 'node:path';
 import { TERMINAL_STATUSES } from '../types.js';
+import { withNeutralPosture, sweepStaleNeutralDirs } from './host-isolation.js';
+/** Placeholder token replaced with the prompt-file path in prompt-file mode. */
+const PROMPT_FILE_PLACEHOLDER = '{{prompt_file}}';
 /** Track active child PIDs for cleanup on parent exit */
 const activeChildren = new Set();
+/**
+ * Track per-dispatch neutral-posture cleanups so a SIGINT/SIGTERM that
+ * terminates the run also removes the isolated HOME/cwd temp dirs (which hold a
+ * grok auth symlink). Each entry is removed once its own dispatch settles.
+ */
+const activePostureCleanups = new Set();
 function cleanupChildren() {
     for (const pid of activeChildren) {
         try {
@@ -14,6 +23,15 @@ function cleanupChildren() {
         }
     }
     activeChildren.clear();
+    // Remove any neutral-posture temp dirs from interrupted dispatches. Snapshot
+    // first: a cleanup callback (or a settling dispatch) could mutate the live Set.
+    for (const cleanup of [...activePostureCleanups]) {
+        try {
+            cleanup();
+        }
+        catch { /* best effort */ }
+    }
+    activePostureCleanups.clear();
 }
 // Register cleanup once
 let cleanupRegistered = false;
@@ -24,6 +42,17 @@ function ensureCleanupRegistered() {
     process.on('SIGINT', () => { cleanupChildren(); process.exit(130); });
     process.on('SIGTERM', () => { cleanupChildren(); process.exit(143); });
 }
+// Sweep stale neutral dirs once at process start
+let sweepDone = false;
+function ensureSweepOnce() {
+    if (sweepDone)
+        return;
+    sweepDone = true;
+    try {
+        sweepStaleNeutralDirs();
+    }
+    catch { /* best effort — never block dispatch */ }
+}
 /** Check whether a channel status represents a terminal (done) state */
 export function isChannelComplete(status) {
     return TERMINAL_STATUSES.has(status);
@@ -31,6 +60,7 @@ export function isChannelComplete(status) {
 /** Spawn a background process for a review channel and monitor it */
 export async function dispatchChannel(store, jobId, channelName, opts) {
     ensureCleanupRegistered();
+    ensureSweepOnce();
     if (!/^[a-zA-Z0-9._-]+$/.test(channelName)) {
         throw new Error(`Unsafe channel name: ${channelName}`);
     }
@@ -38,7 +68,20 @@ export async function dispatchChannel(store, jobId, channelName, opts) {
     const channelsDir = path.join(jobDir, 'channels');
     // Split multi-word commands (e.g. "claude -p" → ["claude", "-p"])
     const [cmd, ...cmdArgs] = opts.command.split(/\s+/);
-    const args = [...cmdArgs, ...opts.flags];
+    let args = [...cmdArgs, ...opts.flags];
+    // In prompt-file mode, write the prompt to a file in the channel dir and
+    // substitute its path for the {{prompt_file}} placeholder (or append it).
+    // The prompt is NOT piped to stdin in this mode.
+    const promptDelivery = opts.promptDelivery ?? 'stdin';
+    if (promptDelivery === 'prompt-file') {
+        const promptFile = path.join(channelsDir, `${channelName}.prompt.txt`);
+        // Async write: prompts can carry large diffs and channels dispatch in
+        // parallel, so avoid blocking the event loop.
+        await fs.promises.writeFile(promptFile, opts.prompt);
+        args = args.some((a) => a.includes(PROMPT_FILE_PLACEHOLDER))
+            ? args.map((a) => a.split(PROMPT_FILE_PLACEHOLDER).join(promptFile))
+            : [...args, promptFile];
+    }
     // Update channel to running
     store.updateChannel(jobId, channelName, {
         status: 'running',
@@ -48,25 +91,50 @@ export async function dispatchChannel(store, jobId, channelName, opts) {
     const stderrStdio = opts.stderr === 'passthrough' ? 'inherit'
         : opts.stderr === 'capture' ? 'pipe'
             : 'ignore'; // suppress
-    // Pipe prompt via stdin to avoid E2BIG on large diffs
-    const proc = spawn(cmd, args, {
-        detached: true,
-        stdio: ['pipe', 'pipe', stderrStdio],
-        env: { ...process.env, ...opts.env },
-    });
-    if (proc.pid)
-        activeChildren.add(proc.pid);
-    // Handle stdin pipe errors (child may close stdin early)
-    // stdin is always 'pipe' so proc.stdin is guaranteed non-null
-    proc.stdin.on('error', () => {
-        // Swallow EPIPE — the close handler will deal with the process exit
-    });
-    // Write prompt to stdin
-    proc.stdin.write(opts.prompt);
-    proc.stdin.end();
-    // Write PID file
-    const pidFile = path.join(channelsDir, `${channelName}.pid`);
-    fs.writeFileSync(pidFile, String(proc.pid));
+    // Expand neutral posture placeholders ({{neutral_home}}, {{neutral_cwd}});
+    // for channels without placeholders, withNeutralPosture is a passthrough.
+    const posture = withNeutralPosture(opts.env, opts.cwd);
+    // Register for SIGINT/SIGTERM cleanup, and remove + run once this dispatch
+    // settles. cleanup is idempotent, so a signal firing alongside a terminal
+    // handler is safe.
+    activePostureCleanups.add(posture.cleanup);
+    const runPostureCleanup = () => {
+        activePostureCleanups.delete(posture.cleanup);
+        posture.cleanup();
+    };
+    // Spawn + all synchronous setup (stdin, PID file) in one guarded block: any
+    // throw between dir creation and the async close/error handlers being armed
+    // would otherwise leak the per-run temp dir.
+    let proc;
+    try {
+        // Pipe prompt via stdin to avoid E2BIG on large diffs
+        proc = spawn(cmd, args, {
+            detached: true,
+            stdio: ['pipe', 'pipe', stderrStdio],
+            env: { ...process.env, ...posture.env },
+            cwd: posture.cwd, // undefined ⇒ inherit parent cwd (unchanged for non-isolated channels)
+        });
+        if (proc.pid)
+            activeChildren.add(proc.pid);
+        // Handle stdin pipe errors (child may close stdin early)
+        // stdin is always 'pipe' so proc.stdin is guaranteed non-null
+        proc.stdin.on('error', () => {
+            // Swallow EPIPE — the close handler will deal with the process exit
+        });
+        // Write prompt to stdin (stdin delivery only; prompt-file mode passes the
+        // prompt as an arg). Always end stdin so processes that read it don't hang.
+        if (promptDelivery === 'stdin') {
+            proc.stdin.write(opts.prompt);
+        }
+        proc.stdin.end();
+        // Write PID file
+        const pidFile = path.join(channelsDir, `${channelName}.pid`);
+        fs.writeFileSync(pidFile, String(proc.pid));
+    }
+    catch (err) {
+        runPostureCleanup();
+        throw err;
+    }
     // Collect stdout and stderr
     let stdout = '';
     let stderr = '';
@@ -107,6 +175,7 @@ export async function dispatchChannel(store, jobId, channelName, opts) {
             if (stderr) {
                 store.saveChannelLog(jobId, channelName, stderr);
             }
+            runPostureCleanup();
             resolve();
         }, timeoutMs);
         // Handle process close
@@ -134,6 +203,7 @@ export async function dispatchChannel(store, jobId, channelName, opts) {
                     completed_at: completedAt,
                 });
             }
+            runPostureCleanup();
             resolve();
         });
         // Handle spawn errors
@@ -149,6 +219,7 @@ export async function dispatchChannel(store, jobId, channelName, opts) {
                 completed_at: new Date().toISOString(),
             });
             store.saveChannelLog(jobId, channelName, err.message);
+            runPostureCleanup();
             resolve();
         });
     });

package/dist/core/dispatcher.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"dispatcher.js","sourceRoot":"","sources":["../../src/core/dispatcher.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAA;AAC1C,OAAO,EAAE,MAAM,SAAS,CAAA;AACxB,OAAO,IAAI,MAAM,WAAW,CAAA;AAC5B,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;~~AAa~~/C,yDAAyD;AACzD,MAAM,cAAc,GAAG,IAAI,GAAG,EAAU,CAAA;AAExC,SAAS,eAAe;IACtB,KAAK,MAAM,GAAG,IAAI,cAAc,EAAE,CAAC;QACjC,IAAI,CAAC;YACH,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;QAC/B,CAAC;QAAC,MAAM,CAAC;YACP,kCAAkC;QACpC,CAAC;IACH,CAAC;IACD,cAAc,CAAC,KAAK,EAAE,CAAA;~~AACxB~~,CAAC;AAED,wBAAwB;AACxB,IAAI,iBAAiB,GAAG,KAAK,CAAA;AAC7B,SAAS,uBAAuB;IAC9B,IAAI,iBAAiB;QAAE,OAAM;IAC7B,iBAAiB,GAAG,IAAI,CAAA;IACxB,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,GAAG,eAAe,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA,CAAC,CAAC,CAAC,CAAA;IACpE,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,GAAG,eAAe,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA,CAAC,CAAC,CAAC,CAAA;AACvE,CAAC;AAED,wEAAwE;AACxE,MAAM,UAAU,iBAAiB,CAAC,MAAqB;IACrD,OAAO,iBAAiB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;AACtC,CAAC;AAED,qEAAqE;AACrE,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,KAAe,EACf,KAAa,EACb,WAAmB,EACnB,IAAqB;IAErB,uBAAuB,EAAE,CAAA;~~IAEzB~~,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,wBAAwB,WAAW,EAAE,CAAC,CAAA;IACxD,CAAC;IAED,MAAM,MAAM,GAAG,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;IACrC,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,UAAU,CAAC,CAAA;IAEjD,kEAAkE;IAClE,MAAM,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;IACnD,~~MAAM~~,IAAI,GAAG,CAAC,GAAG,OAAO,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,CAAA;~~IAExC~~,4BAA4B;IAC5B,KAAK,CAAC,aAAa,CAAC,KAAK,EAAE,WAAW,EAAE;QACtC,MAAM,EAAE,SAAS;QACjB,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACrC,CAAC,CAAA;IAEF,wCAAwC;IACxC,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,KAAK,aAAa,CAAC,CAAC,CAAC,SAAS;QAC3D,CAAC,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM;YAClC,CAAC,CAAC,QAAQ,CAAA,CAAE,WAAW;IAE3B,~~sDAAsD~~;IACtD,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE;~~QAC5B~~,QAAQ,EAAE,IAAI;~~QACd~~,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,CAAC;~~QACpC~~,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,GAAG,~~IAAI~~,CAAC,GAAG,EAAE;~~KACrC~~,CAAC,CAAA;~~IAEF~~,IAAI,IAAI,CAAC,GAAG;~~QAAE~~,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;~~IAE1C~~,yDAAyD;~~IACzD~~,8DAA8D;~~IAC9D~~,IAAI,CAAC,KAAM,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;~~QAC3B~~,oEAAoE;~~IACtE~~,CAAC,CAAC,CAAA;~~IAEF~~,~~wBAAwB~~;~~IACxB~~,IAAI,CAAC,KAAM,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;~~IAC9B~~,IAAI,CAAC,KAAM,CAAC,GAAG,EAAE,CAAA;~~IAEjB~~,iBAAiB;~~IACjB~~,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,WAAW,MAAM,CAAC,CAAA;~~IAC5D~~,EAAE,CAAC,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;~~IAE3C~~,4BAA4B;IAC5B,IAAI,MAAM,GAAG,EAAE,CAAA;IACf,IAAI,MAAM,GAAG,EAAE,CAAA;IAEf,gEAAgE;IAChE,IAAI,CAAC,MAAO,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAA;IAC5B,CAAC,CAAC,CAAA;IAEF,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAC7C,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YACvC,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAA;QAC5B,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,uDAAuD;IACvD,IAAI,OAAO,GAAG,KAAK,CAAA;IAEnB,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;QACnC,iBAAiB;QACjB,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,GAAG,IAAI,CAAA;QACrC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YAC5B,IAAI,OAAO;gBAAE,OAAM;YACnB,OAAO,GAAG,IAAI,CAAA;YACd,IAAI,IAAI,CAAC,GAAG;gBAAE,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAC7C,IAAI,CAAC;gBACH,wDAAwD;gBACxD,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;oBACb,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gBACpC,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,kCAAkC;YACpC,CAAC;YACD,MAAM,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;YAC5C,KAAK,CAAC,aAAa,CAAC,KAAK,EAAE,WAAW,EAAE;gBACtC,MAAM,EAAE,SAAS;gBACjB,YAAY,EAAE,WAAW;aAC1B,CAAC,CAAA;YACF,IAAI,MAAM,EAAE,CAAC;gBACX,KAAK,CAAC,cAAc,CAAC,KAAK,EAAE,WAAW,EAAE,MAAM,CAAC,CAAA;YAClD,CAAC;YACD,OAAO,EAAE,CAAA;QACX,CAAC,EAAE,SAAS,CAAC,CAAA;QAEb,uBAAuB;QACvB,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAmB,EAAE,EAAE;YACvC,YAAY,CAAC,KAAK,CAAC,CAAA;YACnB,IAAI,OAAO;gBAAE,OAAM;YACnB,OAAO,GAAG,IAAI,CAAA;YACd,IAAI,IAAI,CAAC,GAAG;gBAAE,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAE7C,MAAM,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;YAE5C,IAAI,IAAI,KAAK,CAAC,IAAI,MAAM,EAAE,CAAC;gBACzB,2DAA2D;gBAC3D,KAAK,CAAC,iBAAiB,CAAC,KAAK,EAAE,WAAW,EAAE,MAAM,CAAC,CAAA;gBACnD,KAAK,CAAC,aAAa,CAAC,KAAK,EAAE,WAAW,EAAE;oBACtC,MAAM,EAAE,WAAW;oBACnB,YAAY,EAAE,WAAW;iBAC1B,CAAC,CAAA;YACJ,CAAC;iBAAM,CAAC;gBACN,MAAM,QAAQ,GAAG,MAAM,IAAI,4BAA4B,IAAI,EAAE,CAAA;gBAC7D,KAAK,CAAC,cAAc,CAAC,KAAK,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAA;gBAClD,KAAK,CAAC,aAAa,CAAC,KAAK,EAAE,WAAW,EAAE;oBACtC,MAAM,EAAE,QAAQ;oBAChB,YAAY,EAAE,WAAW;iBAC1B,CAAC,CAAA;YACJ,CAAC;YACD,OAAO,EAAE,CAAA;QACX,CAAC,CAAC,CAAA;QAEF,sBAAsB;QACtB,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;YAC9B,YAAY,CAAC,KAAK,CAAC,CAAA;YACnB,IAAI,OAAO;gBAAE,OAAM;YACnB,OAAO,GAAG,IAAI,CAAA;YACd,IAAI,IAAI,CAAC,GAAG;gBAAE,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAC7C,KAAK,CAAC,aAAa,CAAC,KAAK,EAAE,WAAW,EAAE;gBACtC,MAAM,EAAE,QAAQ;gBAChB,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACvC,CAAC,CAAA;YACF,KAAK,CAAC,cAAc,CAAC,KAAK,EAAE,WAAW,EAAE,GAAG,CAAC,OAAO,CAAC,CAAA;YACrD,OAAO,EAAE,CAAA;QACX,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;AACJ,CAAC"}
1	+ {"version":3,"file":"dispatcher.js","sourceRoot":"","sources":["../../src/core/dispatcher.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAA;AAC1C,OAAO,EAAE,MAAM,SAAS,CAAA;AACxB,OAAO,IAAI,MAAM,WAAW,CAAA;AAC5B,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAG/C,OAAO,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAA;AAqB/E,gFAAgF;AAChF,MAAM,uBAAuB,GAAG,iBAAiB,CAAA;AAEjD,yDAAyD;AACzD,MAAM,cAAc,GAAG,IAAI,GAAG,EAAU,CAAA;AAExC;;;;GAIG;AACH,MAAM,qBAAqB,GAAG,IAAI,GAAG,EAAc,CAAA;AAEnD,SAAS,eAAe;IACtB,KAAK,MAAM,GAAG,IAAI,cAAc,EAAE,CAAC;QACjC,IAAI,CAAC;YACH,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;QAC/B,CAAC;QAAC,MAAM,CAAC;YACP,kCAAkC;QACpC,CAAC;IACH,CAAC;IACD,cAAc,CAAC,KAAK,EAAE,CAAA;IACtB,6EAA6E;IAC7E,gFAAgF;IAChF,KAAK,MAAM,OAAO,IAAI,CAAC,GAAG,qBAAqB,CAAC,EAAE,CAAC;QACjD,IAAI,CAAC;YAAC,OAAO,EAAE,CAAA;QAAC,CAAC;QAAC,MAAM,CAAC,CAAC,iBAAiB,CAAC,CAAC;IAC/C,CAAC;IACD,qBAAqB,CAAC,KAAK,EAAE,CAAA;AAC/B,CAAC;AAED,wBAAwB;AACxB,IAAI,iBAAiB,GAAG,KAAK,CAAA;AAC7B,SAAS,uBAAuB;IAC9B,IAAI,iBAAiB;QAAE,OAAM;IAC7B,iBAAiB,GAAG,IAAI,CAAA;IACxB,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,GAAG,eAAe,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA,CAAC,CAAC,CAAC,CAAA;IACpE,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,GAAG,eAAe,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA,CAAC,CAAC,CAAC,CAAA;AACvE,CAAC;AAED,iDAAiD;AACjD,IAAI,SAAS,GAAG,KAAK,CAAA;AACrB,SAAS,eAAe;IACtB,IAAI,SAAS;QAAE,OAAM;IACrB,SAAS,GAAG,IAAI,CAAA;IAChB,IAAI,CAAC;QAAC,qBAAqB,EAAE,CAAA;IAAC,CAAC;IAAC,MAAM,CAAC,CAAC,wCAAwC,CAAC,CAAC;AACpF,CAAC;AAED,wEAAwE;AACxE,MAAM,UAAU,iBAAiB,CAAC,MAAqB;IACrD,OAAO,iBAAiB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;AACtC,CAAC;AAED,qEAAqE;AACrE,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,KAAe,EACf,KAAa,EACb,WAAmB,EACnB,IAAqB;IAErB,uBAAuB,EAAE,CAAA;IACzB,eAAe,EAAE,CAAA;IAEjB,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,wBAAwB,WAAW,EAAE,CAAC,CAAA;IACxD,CAAC;IAED,MAAM,MAAM,GAAG,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;IACrC,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,UAAU,CAAC,CAAA;IAEjD,kEAAkE;IAClE,MAAM,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;IACnD,IAAI,IAAI,GAAG,CAAC,GAAG,OAAO,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,CAAA;IAEtC,yEAAyE;IACzE,0EAA0E;IAC1E,iDAAiD;IACjD,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,IAAI,OAAO,CAAA;IACrD,IAAI,cAAc,KAAK,aAAa,EAAE,CAAC;QACrC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,WAAW,aAAa,CAAC,CAAA;QACtE,sEAAsE;QACtE,8CAA8C;QAC9C,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAA;QACpD,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC;YAC1D,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACpE,CAAC,CAAC,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC,CAAA;IAC3B,CAAC;IAED,4BAA4B;IAC5B,KAAK,CAAC,aAAa,CAAC,KAAK,EAAE,WAAW,EAAE;QACtC,MAAM,EAAE,SAAS;QACjB,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACrC,CAAC,CAAA;IAEF,wCAAwC;IACxC,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,KAAK,aAAa,CAAC,CAAC,CAAC,SAAS;QAC3D,CAAC,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM;YAClC,CAAC,CAAC,QAAQ,CAAA,CAAE,WAAW;IAE3B,2EAA2E;IAC3E,0EAA0E;IAC1E,MAAM,OAAO,GAAG,kBAAkB,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IACtD,2EAA2E;IAC3E,0EAA0E;IAC1E,mBAAmB;IACnB,qBAAqB,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAC1C,MAAM,iBAAiB,GAAG,GAAS,EAAE;QACnC,qBAAqB,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;QAC7C,OAAO,CAAC,OAAO,EAAE,CAAA;IACnB,CAAC,CAAA;IAED,4EAA4E;IAC5E,4EAA4E;IAC5E,6CAA6C;IAC7C,IAAI,IAA8B,CAAA;IAClC,IAAI,CAAC;QACH,sDAAsD;QACtD,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE;YACtB,QAAQ,EAAE,IAAI;YACd,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,CAAC;YACpC,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE;YACvC,GAAG,EAAE,OAAO,CAAC,GAAG,EAAI,uEAAuE;SAC5F,CAAC,CAAA;QAEF,IAAI,IAAI,CAAC,GAAG;YAAE,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QAE1C,yDAAyD;QACzD,8DAA8D;QAC9D,IAAI,CAAC,KAAM,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;YAC3B,oEAAoE;QACtE,CAAC,CAAC,CAAA;QAEF,0EAA0E;QAC1E,4EAA4E;QAC5E,IAAI,cAAc,KAAK,OAAO,EAAE,CAAC;YAC/B,IAAI,CAAC,KAAM,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAChC,CAAC;QACD,IAAI,CAAC,KAAM,CAAC,GAAG,EAAE,CAAA;QAEjB,iBAAiB;QACjB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,WAAW,MAAM,CAAC,CAAA;QAC5D,EAAE,CAAC,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;IAC7C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,iBAAiB,EAAE,CAAA;QACnB,MAAM,GAAG,CAAA;IACX,CAAC;IAED,4BAA4B;IAC5B,IAAI,MAAM,GAAG,EAAE,CAAA;IACf,IAAI,MAAM,GAAG,EAAE,CAAA;IAEf,gEAAgE;IAChE,IAAI,CAAC,MAAO,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAA;IAC5B,CAAC,CAAC,CAAA;IAEF,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAC7C,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YACvC,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAA;QAC5B,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,uDAAuD;IACvD,IAAI,OAAO,GAAG,KAAK,CAAA;IAEnB,OAAO,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;QACnC,iBAAiB;QACjB,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,GAAG,IAAI,CAAA;QACrC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YAC5B,IAAI,OAAO;gBAAE,OAAM;YACnB,OAAO,GAAG,IAAI,CAAA;YACd,IAAI,IAAI,CAAC,GAAG;gBAAE,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAC7C,IAAI,CAAC;gBACH,wDAAwD;gBACxD,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;oBACb,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gBACpC,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,kCAAkC;YACpC,CAAC;YACD,MAAM,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;YAC5C,KAAK,CAAC,aAAa,CAAC,KAAK,EAAE,WAAW,EAAE;gBACtC,MAAM,EAAE,SAAS;gBACjB,YAAY,EAAE,WAAW;aAC1B,CAAC,CAAA;YACF,IAAI,MAAM,EAAE,CAAC;gBACX,KAAK,CAAC,cAAc,CAAC,KAAK,EAAE,WAAW,EAAE,MAAM,CAAC,CAAA;YAClD,CAAC;YACD,iBAAiB,EAAE,CAAA;YACnB,OAAO,EAAE,CAAA;QACX,CAAC,EAAE,SAAS,CAAC,CAAA;QAEb,uBAAuB;QACvB,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAmB,EAAE,EAAE;YACvC,YAAY,CAAC,KAAK,CAAC,CAAA;YACnB,IAAI,OAAO;gBAAE,OAAM;YACnB,OAAO,GAAG,IAAI,CAAA;YACd,IAAI,IAAI,CAAC,GAAG;gBAAE,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAE7C,MAAM,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;YAE5C,IAAI,IAAI,KAAK,CAAC,IAAI,MAAM,EAAE,CAAC;gBACzB,2DAA2D;gBAC3D,KAAK,CAAC,iBAAiB,CAAC,KAAK,EAAE,WAAW,EAAE,MAAM,CAAC,CAAA;gBACnD,KAAK,CAAC,aAAa,CAAC,KAAK,EAAE,WAAW,EAAE;oBACtC,MAAM,EAAE,WAAW;oBACnB,YAAY,EAAE,WAAW;iBAC1B,CAAC,CAAA;YACJ,CAAC;iBAAM,CAAC;gBACN,MAAM,QAAQ,GAAG,MAAM,IAAI,4BAA4B,IAAI,EAAE,CAAA;gBAC7D,KAAK,CAAC,cAAc,CAAC,KAAK,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAA;gBAClD,KAAK,CAAC,aAAa,CAAC,KAAK,EAAE,WAAW,EAAE;oBACtC,MAAM,EAAE,QAAQ;oBAChB,YAAY,EAAE,WAAW;iBAC1B,CAAC,CAAA;YACJ,CAAC;YACD,iBAAiB,EAAE,CAAA;YACnB,OAAO,EAAE,CAAA;QACX,CAAC,CAAC,CAAA;QAEF,sBAAsB;QACtB,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;YAC9B,YAAY,CAAC,KAAK,CAAC,CAAA;YACnB,IAAI,OAAO;gBAAE,OAAM;YACnB,OAAO,GAAG,IAAI,CAAA;YACd,IAAI,IAAI,CAAC,GAAG;gBAAE,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAC7C,KAAK,CAAC,aAAa,CAAC,KAAK,EAAE,WAAW,EAAE;gBACtC,MAAM,EAAE,QAAQ;gBAChB,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACvC,CAAC,CAAA;YACF,KAAK,CAAC,cAAc,CAAC,KAAK,EAAE,WAAW,EAAE,GAAG,CAAC,OAAO,CAAC,CAAA;YACrD,iBAAiB,EAAE,CAAA;YACnB,OAAO,EAAE,CAAA;QACX,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;AACJ,CAAC"}

package/dist/core/git-show.d.ts ADDED Viewed

@@ -0,0 +1,31 @@
+/** Whether a git ref is safe to embed in `git show <ref>:<path>`. */
+export declare function isSafeRef(ref: string): boolean;
+export interface ReadFileAtRefOptions {
+    cwd: string;
+    ref: string;
+    /** Path relative to the repo root, with leading `./` allowed. */
+    filePath: string;
+}
+/**
+ * Read file contents at a specific Git ref via `git show <ref>:<path>`.
+ * Returns `undefined` when the ref or the path does not exist at the ref.
+ * Never throws; callers must handle the undefined-fallback case.
+ *
+ * Fails closed (returns undefined) on an unsafe ref or path rather than
+ * trusting callers to pre-validate — this is the §5-decision-1 trust boundary,
+ * so the guard lives at the boundary itself.
+ */
+export declare function readFileAtRef(opts: ReadFileAtRefOptions): string | undefined;
+export interface ListFilesAtRefOptions {
+    cwd: string;
+    ref: string;
+    /** Repo-relative directory to list, with leading `./` allowed. */
+    dirPath: string;
+}
+/**
+ * List the file paths (repo-root-relative) under a directory at a Git ref via
+ * `git ls-tree`. Returns `[]` on an unsafe ref/path, a missing ref/dir, or any
+ * git error. Never throws.
+ */
+export declare function listFilesAtRef(opts: ListFilesAtRefOptions): string[];
+//# sourceMappingURL=git-show.d.ts.map

package/dist/core/git-show.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"git-show.d.ts","sourceRoot":"","sources":["../../src/core/git-show.ts"],"names":[],"mappings":"AAQA,qEAAqE;AACrE,wBAAgB,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAS9C;AAQD,MAAM,WAAW,oBAAoB;IACnC,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,iEAAiE;IACjE,QAAQ,EAAE,MAAM,CAAA;CACjB;AAED;;;;;;;;GAQG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,oBAAoB,GAAG,MAAM,GAAG,SAAS,CAa5E;AAED,MAAM,WAAW,qBAAqB;IACpC,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,kEAAkE;IAClE,OAAO,EAAE,MAAM,CAAA;CAChB;AAED;;;;GAIG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,qBAAqB,GAAG,MAAM,EAAE,CAiBpE"}

package/dist/core/git-show.js ADDED Viewed

@@ -0,0 +1,72 @@
+import { execFileSync } from 'node:child_process';
+// Conservative git refname allow-list: letters, digits, . _ - / and the safe
+// relative-rev modifiers ~ ^. Rejects the constructs that could smuggle
+// surprising rev/path syntax into `git show <ref>:<path>` — ':' (the rev:path
+// separator), '..' (ranges), '@{' (reflog), and leading '-'/'/'.
+const SAFE_REF_RE = /^[A-Za-z0-9._/~^-]+$/;
+/** Whether a git ref is safe to embed in `git show <ref>:<path>`. */
+export function isSafeRef(ref) {
+    return (SAFE_REF_RE.test(ref) &&
+        !ref.includes('..') &&
+        !ref.includes('@{') &&
+        !ref.startsWith('-') &&
+        !ref.startsWith('/') &&
+        !ref.endsWith('/'));
+}
+/** Whether a repo-relative path is safe (no rev separator, no traversal). */
+function isSafePath(p) {
+    if (p.length === 0 || p.includes(':'))
+        return false;
+    return !p.split('/').includes('..');
+}
+/**
+ * Read file contents at a specific Git ref via `git show <ref>:<path>`.
+ * Returns `undefined` when the ref or the path does not exist at the ref.
+ * Never throws; callers must handle the undefined-fallback case.
+ *
+ * Fails closed (returns undefined) on an unsafe ref or path rather than
+ * trusting callers to pre-validate — this is the §5-decision-1 trust boundary,
+ * so the guard lives at the boundary itself.
+ */
+export function readFileAtRef(opts) {
+    const cleanedPath = opts.filePath.replace(/^\.\//, '');
+    if (!isSafeRef(opts.ref) || !isSafePath(cleanedPath))
+        return undefined;
+    try {
+        return execFileSync('git', ['-C', opts.cwd, 'show', `${opts.ref}:${cleanedPath}`], {
+            encoding: 'utf-8',
+            stdio: ['ignore', 'pipe', 'ignore'],
+            maxBuffer: 10 * 1024 * 1024,
+            timeout: 10000,
+        });
+    }
+    catch {
+        return undefined;
+    }
+}
+/**
+ * List the file paths (repo-root-relative) under a directory at a Git ref via
+ * `git ls-tree`. Returns `[]` on an unsafe ref/path, a missing ref/dir, or any
+ * git error. Never throws.
+ */
+export function listFilesAtRef(opts) {
+    const cleaned = opts.dirPath.replace(/^\.\//, '').replace(/\/$/, '');
+    if (!isSafeRef(opts.ref) || !isSafePath(cleaned))
+        return [];
+    try {
+        const out = execFileSync('git', ['-C', opts.cwd, 'ls-tree', '--name-only', opts.ref, '--', `${cleaned}/`], {
+            encoding: 'utf-8',
+            stdio: ['ignore', 'pipe', 'ignore'],
+            maxBuffer: 10 * 1024 * 1024,
+            timeout: 10000,
+        });
+        return out
+            .split('\n')
+            .map((line) => line.trim())
+            .filter((line) => line.length > 0);
+    }
+    catch {
+        return [];
+    }
+}
+//# sourceMappingURL=git-show.js.map

package/dist/core/git-show.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"git-show.js","sourceRoot":"","sources":["../../src/core/git-show.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAEjD,6EAA6E;AAC7E,wEAAwE;AACxE,8EAA8E;AAC9E,iEAAiE;AACjE,MAAM,WAAW,GAAG,sBAAsB,CAAA;AAE1C,qEAAqE;AACrE,MAAM,UAAU,SAAS,CAAC,GAAW;IACnC,OAAO,CACL,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC;QACrB,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC;QACnB,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC;QACnB,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC;QACpB,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC;QACpB,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CACnB,CAAA;AACH,CAAC;AAED,6EAA6E;AAC7E,SAAS,UAAU,CAAC,CAAS;IAC3B,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAA;IACnD,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;AACrC,CAAC;AASD;;;;;;;;GAQG;AACH,MAAM,UAAU,aAAa,CAAC,IAA0B;IACtD,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;IACtD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC;QAAE,OAAO,SAAS,CAAA;IACtE,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,WAAW,EAAE,CAAC,EAAE;YACjF,QAAQ,EAAE,OAAO;YACjB,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC;YACnC,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI;YAC3B,OAAO,EAAE,KAAK;SACf,CAAC,CAAA;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAA;IAClB,CAAC;AACH,CAAC;AASD;;;;GAIG;AACH,MAAM,UAAU,cAAc,CAAC,IAA2B;IACxD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;IACpE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,EAAE,CAAA;IAC3D,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,YAAY,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,aAAa,EAAE,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,GAAG,OAAO,GAAG,CAAC,EAAE;YACzG,QAAQ,EAAE,OAAO;YACjB,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC;YACnC,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI;YAC3B,OAAO,EAAE,KAAK;SACf,CAAC,CAAA;QACF,OAAO,GAAG;aACP,KAAK,CAAC,IAAI,CAAC;aACX,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;aAC1B,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;IACtC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAA;IACX,CAAC;AACH,CAAC"}

package/dist/core/host-isolation.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+export declare const NEUTRAL_HOME_PLACEHOLDER = "{{neutral_home}}";
+export declare const NEUTRAL_CWD_PLACEHOLDER = "{{neutral_cwd}}";
+export interface NeutralPosture {
+    env: Record<string, string>;
+    cwd?: string;
+    /** Synchronous, idempotent removal of any dir this call created. */
+    cleanup: () => void;
+}
+/**
+ * Expand {{neutral_home}}/{{neutral_cwd}} placeholders into a single fresh
+ * per-call temp directory (unique → safe for parallel channel runs; each call
+ * owns its dir lifetime). Returns the concrete env/cwd plus a synchronous
+ * cleanup fn. When no placeholder is present, returns the inputs unchanged with
+ * a no-op cleanup.
+ */
+export declare function withNeutralPosture(env: Record<string, string>, cwd?: string): NeutralPosture;
+/**
+ * Backstop for dirs orphaned by SIGKILL/crashes: remove stale mmr-grok-* temp
+ * dirs older than `maxAgeMs`. Call once at process start. Best-effort/sync.
+ * Default is 24h — comfortably longer than any plausible review timeout, so the
+ * sweep never reaps the HOME/cwd of a still-running long review.
+ */
+export declare function sweepStaleNeutralDirs(maxAgeMs?: number): void;
+//# sourceMappingURL=host-isolation.d.ts.map

package/dist/core/host-isolation.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"host-isolation.d.ts","sourceRoot":"","sources":["../../src/core/host-isolation.ts"],"names":[],"mappings":"AAIA,eAAO,MAAM,wBAAwB,qBAAqB,CAAA;AAC1D,eAAO,MAAM,uBAAuB,oBAAoB,CAAA;AAQxD,MAAM,WAAW,cAAc;IAC7B,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAC3B,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,oEAAoE;IACpE,OAAO,EAAE,MAAM,IAAI,CAAA;CACpB;AAOD;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,cAAc,CAgD5F;AAED;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,QAAQ,SAAsB,GAAG,IAAI,CAa1E"}