abtars 0.1.0-alpha.1

package/bundle/chunk-3B7BBE4F.js

@@ -0,0 +1,758 @@
+import { createRequire as __bundleCreateRequire } from 'node:module'; import { fileURLToPath as __bundleFileURLToPath } from 'node:url'; import { dirname as __bundleDirname } from 'node:path'; const require = __bundleCreateRequire(import.meta.url); const __chunk_filename = __bundleFileURLToPath(import.meta.url); const __chunk_dirname = __bundleDirname(__chunk_filename);
+import {
+  init_log_and_swallow,
+  logAndSwallow
+} from "./chunk-FMWKEPM7.js";
+import {
+  getEnv,
+  init_env_schema
+} from "./chunk-JCJS4ZIB.js";
+import {
+  init_logger,
+  logDebug,
+  logInfo,
+  logWarn
+} from "./chunk-BUUVFUPO.js";
+import {
+  abtarsHome,
+  init_paths
+} from "./chunk-X76UX47U.js";
+
+// src/capabilities/browser/browser-manager.ts
+init_log_and_swallow();
+init_logger();
+init_env_schema();
+import { chromium } from "patchright";
+import { execFileSync } from "node:child_process";
+var TAG = "browser_mgr";
+function readPositiveInt(key, fallback) {
+  const raw = process.env[key];
+  if (!raw) return fallback;
+  const n = Number(raw);
+  return Number.isFinite(n) && Number.isInteger(n) && n > 0 ? n : fallback;
+}
+var DEFAULTS = {
+  BROWSER_SESSION_TIMEOUT_MS: 3e5,
+  BROWSER_MAX_SESSIONS: 3,
+  WEB_SCRAPE_USER_AGENT: "Mozilla/5.0 (compatible; Abtars/1.0)"
+};
+function parseBrowserConfig() {
+  const sessionTimeoutMs = readPositiveInt(
+    "BROWSER_SESSION_TIMEOUT_MS",
+    DEFAULTS.BROWSER_SESSION_TIMEOUT_MS
+  );
+  const maxSessions = readPositiveInt(
+    "BROWSER_MAX_SESSIONS",
+    DEFAULTS.BROWSER_MAX_SESSIONS
+  );
+  const userAgent = process.env["WEB_SCRAPE_USER_AGENT"]?.trim() || DEFAULTS.WEB_SCRAPE_USER_AGENT;
+  const engine = "patchright";
+  return { sessionTimeoutMs, maxSessions, userAgent, engine };
+}
+var BrowserManager = class _BrowserManager {
+  static _instance = null;
+  _browser = null;
+  _launching = null;
+  _sessions = /* @__PURE__ */ new Map();
+  _idleTimer = null;
+  _config;
+  _lastActivityAt = 0;
+  _containerIdleStopMs;
+  constructor(config) {
+    this._config = config ?? parseBrowserConfig();
+    this._containerIdleStopMs = getEnv().browserIdleStopMin * 6e4;
+    this._startIdleCheck();
+  }
+  /** Get (or create) the singleton instance. */
+  static getInstance() {
+    if (!_BrowserManager._instance) {
+      _BrowserManager._instance = new _BrowserManager();
+    }
+    return _BrowserManager._instance;
+  }
+  /** Reset singleton — primarily for testing. */
+  static resetInstance() {
+    _BrowserManager._instance = null;
+  }
+  // -------------------------------------------------------------------------
+  // Browser lifecycle
+  // -------------------------------------------------------------------------
+  /** Lazily launch or return the existing browser instance. */
+  async _ensureBrowser() {
+    if (this._browser?.isConnected()) return this._browser;
+    if (this._launching) return this._launching;
+    this._launching = this._launchPatchright().then((browser) => {
+      this._browser = browser;
+      this._launching = null;
+      browser.on("disconnected", () => {
+        this._browser = null;
+        this._sessions.clear();
+      });
+      return browser;
+    }).catch((err) => {
+      this._launching = null;
+      throw err;
+    });
+    return this._launching;
+  }
+  async _launchPatchright() {
+    const headed = getEnv().browserHeaded;
+    const args = headed ? [] : ["--headless=new"];
+    if (getEnv().browserNoSandbox) args.push("--no-sandbox");
+    return chromium.launch({
+      headless: !headed,
+      channel: getEnv().browserChannel,
+      args
+    });
+  }
+  // -------------------------------------------------------------------------
+  // Named sessions
+  // -------------------------------------------------------------------------
+  /**
+   * Get or create a named browser session.
+   * Reusing an existing session updates `lastActivityAt`.
+   */
+  async getSession(sessionId) {
+    const existing = this._sessions.get(sessionId);
+    if (existing) {
+      existing.lastActivityAt = Date.now();
+      return existing;
+    }
+    if (this._sessions.size >= this._config.maxSessions) {
+      const activeIds = [...this._sessions.keys()].join(", ");
+      throw new Error(
+        `Maximum concurrent sessions (${this._config.maxSessions}) reached. Close an existing session first. Active sessions: ${activeIds}`
+      );
+    }
+    const browser = await this._ensureBrowser();
+    const context = await browser.newContext({
+      userAgent: this._config.userAgent
+    });
+    const page = await context.newPage();
+    const now = Date.now();
+    const session = {
+      sessionId,
+      context,
+      page,
+      createdAt: now,
+      lastActivityAt: now
+    };
+    this._sessions.set(sessionId, session);
+    this._lastActivityAt = now;
+    return session;
+  }
+  /** Close a named session and release its resources. */
+  async closeSession(sessionId) {
+    const session = this._sessions.get(sessionId);
+    if (!session) return;
+    this._sessions.delete(sessionId);
+    try {
+      await session.context.close();
+    } catch (err) {
+      logAndSwallow(TAG, "closeSession context.close", err);
+    }
+  }
+  // -------------------------------------------------------------------------
+  // One-off contexts (ingestion scrapes)
+  // -------------------------------------------------------------------------
+  /** Create a disposable context + page for ingestion. No session tracking. */
+  async createOneOffContext() {
+    const browser = await this._ensureBrowser();
+    const context = await browser.newContext({
+      userAgent: this._config.userAgent
+    });
+    const page = await context.newPage();
+    return { context, page };
+  }
+  /** Close a one-off context after use. */
+  async closeContext(context) {
+    try {
+      await context.close();
+    } catch (err) {
+      logAndSwallow(TAG, "closeContext", err);
+    }
+  }
+  // -------------------------------------------------------------------------
+  // Shutdown & cleanup
+  // -------------------------------------------------------------------------
+  /** Shut down everything: all sessions, the browser, cleanup timers. */
+  async shutdown() {
+    this._stopIdleCheck();
+    const closePromises = [...this._sessions.keys()].map(
+      (id) => this.closeSession(id)
+    );
+    await Promise.all(closePromises);
+    if (this._browser) {
+      try {
+        await this._browser.close();
+      } catch (err) {
+        logAndSwallow(TAG, "browser.close shutdown", err);
+      }
+      this._browser = null;
+    }
+  }
+  // -------------------------------------------------------------------------
+  // Idle-check interval
+  // -------------------------------------------------------------------------
+  _startIdleCheck() {
+    this._idleTimer = setInterval(() => {
+      void this._sweepIdleSessions();
+    }, 3e4);
+    if (this._idleTimer && typeof this._idleTimer === "object" && "unref" in this._idleTimer) {
+      this._idleTimer.unref();
+    }
+  }
+  _stopIdleCheck() {
+    if (this._idleTimer) {
+      clearInterval(this._idleTimer);
+      this._idleTimer = null;
+    }
+  }
+  async _sweepIdleSessions() {
+    const now = Date.now();
+    const expired = [];
+    for (const [id, session] of this._sessions) {
+      if (now - session.lastActivityAt > this._config.sessionTimeoutMs) {
+        expired.push(id);
+      }
+    }
+    for (const id of expired) {
+      logWarn("browser", `Closing idle session "${id}".`);
+      await this.closeSession(id);
+    }
+    if (this._sessions.size === 0 && this._browser && this._lastActivityAt > 0 && now - this._lastActivityAt > this._containerIdleStopMs) {
+      logInfo("browser", `No sessions for ${Math.round((now - this._lastActivityAt) / 6e4)}min \u2014 stopping container.`);
+      await this.shutdown();
+      this._stopContainer();
+    }
+  }
+  _stopContainer() {
+    try {
+      execFileSync("docker", ["stop", "abtars-browser"], { stdio: "pipe", timeout: 1e4 });
+    } catch (err) {
+      logAndSwallow("browser_manager", "op", err);
+    }
+  }
+  // -------------------------------------------------------------------------
+  // Accessors
+  // -------------------------------------------------------------------------
+  /** Number of active named sessions. */
+  get activeSessionCount() {
+    return this._sessions.size;
+  }
+  /** Exposed for testing — the resolved config. */
+  get config() {
+    return this._config;
+  }
+};
+
+// src/capabilities/browser/browser-tool.ts
+init_logger();
+init_log_and_swallow();
+init_env_schema();
+import * as os from "node:os";
+import * as path from "node:path";
+import { readFileSync } from "node:fs";
+
+// src/components/content-extractor.ts
+var BROWSER_EXTRACT_FN = `
+(sel) => {
+  const TAGS = ["script", "style", "nav", "footer", "header", "aside"];
+  const ROLES = ["navigation", "banner"];
+
+  const root = sel ? document.querySelector(sel) : document.body;
+  if (!root) return "";
+
+  const clone = root.cloneNode(true);
+
+  for (const tag of TAGS) {
+    for (const el of clone.querySelectorAll(tag)) el.remove();
+  }
+  for (const role of ROLES) {
+    for (const el of clone.querySelectorAll('[role="' + role + '"]')) el.remove();
+  }
+
+  let text = clone.textContent || "";
+  text = text.replace(/\\u00a0/g, " ");
+  text = text.replace(/[ \\t]+/g, " ");
+  text = text.replace(/\\n[ ]+/g, "\\n");
+  text = text.replace(/[ ]+\\n/g, "\\n");
+  text = text.replace(/\\n{2,}/g, "\\n");
+  return text.trim();
+}
+`;
+async function extractTextFromPage(page, selector) {
+  const text = await page.evaluate(
+    new Function("sel", `return (${BROWSER_EXTRACT_FN})(sel)`),
+    selector ?? null
+  );
+  return text ?? "";
+}
+
+// src/capabilities/browser/browser-tool.ts
+var TAG2 = "browser_tool";
+var LOG_PREFIX = "[browser-tool]";
+var TEXT_TRUNCATION_LIMIT = 4e3;
+var MAX_PAGE_ELEMENTS = 50;
+function getNavigationTimeout() {
+  const raw = String(getEnv().webScrapePlaywrightTimeoutMs);
+  if (raw === void 0 || raw === "") return 3e4;
+  const n = Number(raw);
+  if (!Number.isFinite(n) || n <= 0) return 3e4;
+  return n;
+}
+var BrowserTool = class {
+  _browserManager;
+  _domainAllowlist;
+  constructor(browserManager, domainAllowlist) {
+    this._browserManager = browserManager;
+    this._domainAllowlist = domainAllowlist;
+  }
+  /** Execute a browser action and return a JSON-serializable result. */
+  async execute(action) {
+    try {
+      switch (action.action) {
+        case "navigate":
+          return await this._handleNavigate(action);
+        case "click":
+          return await this._handleClick(action);
+        case "fill":
+          return await this._handleFill(action);
+        case "extract_text":
+          return await this._handleExtractText(action);
+        case "screenshot":
+          return await this._handleScreenshot(action);
+        case "get_page_info":
+          return await this._handleGetPageInfo(action);
+        case "close_session":
+          return await this._handleCloseSession(action);
+        case "set_cookie":
+          return await this._handleSetCookie(action);
+        default:
+          return { success: false, error: `Unknown action: ${String(action.action)}` };
+      }
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      return { success: false, error: message };
+    }
+  }
+  // -------------------------------------------------------------------------
+  // navigate
+  // -------------------------------------------------------------------------
+  async _handleNavigate(action) {
+    const url = action.url;
+    if (!url) {
+      return { success: false, error: "navigate action requires a url" };
+    }
+    if (!this._domainAllowlist.isAllowed(url)) {
+      let hostname;
+      try {
+        hostname = new URL(url).hostname;
+      } catch (err) {
+        logAndSwallow(TAG2, "parse URL hostname", err);
+        hostname = url;
+      }
+      return {
+        success: false,
+        error: `Domain "${hostname}" is not in the allowed list. Allowed patterns: ${this._domainAllowlist.patterns.join(", ")}`
+      };
+    }
+    if (getEnv().ssrfCheck) {
+      try {
+        const { hostname } = new URL(url);
+        const { isPrivateHost } = await import("./ssrf-guard-FZCBYIVW.js");
+        if (await isPrivateHost(hostname)) {
+          return { success: false, error: `Blocked: "${hostname}" resolves to a private/internal IP address` };
+        }
+      } catch (err) {
+        logAndSwallow(TAG2, "SSRF check", err);
+        return { success: false, error: "Invalid URL" };
+      }
+    }
+    const session = await this._browserManager.getSession(action.sessionId);
+    const timeout = getNavigationTimeout();
+    logDebug("browser", `${LOG_PREFIX} navigate session="${action.sessionId}" url="${url}"`);
+    try {
+      const response = await session.page.goto(url, {
+        waitUntil: "domcontentloaded",
+        timeout
+      });
+      const title = await session.page.title();
+      const finalUrl = session.page.url();
+      const status = response?.status();
+      return { success: true, title, url: finalUrl, status };
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      return { success: false, error: `Navigation failed for ${url}: ${message}` };
+    }
+  }
+  // -------------------------------------------------------------------------
+  // click
+  // -------------------------------------------------------------------------
+  async _handleClick(action) {
+    const selector = action.selector;
+    if (!selector) {
+      return { success: false, error: "click action requires a selector" };
+    }
+    const session = await this._browserManager.getSession(action.sessionId);
+    logDebug("browser", `${LOG_PREFIX} click session="${action.sessionId}" selector="${selector}"`);
+    try {
+      const navigationPromise = session.page.waitForNavigation({ waitUntil: "domcontentloaded", timeout: 5e3 }).catch((err) => {
+        logAndSwallow(TAG2, "waitForNavigation click", err);
+        return null;
+      });
+      await session.page.click(selector);
+      const navResult = await navigationPromise;
+      if (navResult) {
+        const title = await session.page.title();
+        const url = session.page.url();
+        return { success: true, navigated: true, title, url };
+      }
+      return { success: true, navigated: false };
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      if (message.includes("waiting for selector") || message.includes("No element")) {
+        return { success: false, error: `Selector not found: "${selector}"` };
+      }
+      return { success: false, error: `Click failed for selector "${selector}": ${message}` };
+    }
+  }
+  // -------------------------------------------------------------------------
+  // fill
+  // -------------------------------------------------------------------------
+  async _handleFill(action) {
+    const selector = action.selector;
+    const value = action.value;
+    if (!selector) {
+      return { success: false, error: "fill action requires a selector" };
+    }
+    if (value === void 0) {
+      return { success: false, error: "fill action requires a value" };
+    }
+    const session = await this._browserManager.getSession(action.sessionId);
+    let isPassword = false;
+    try {
+      isPassword = await session.page.evaluate(
+        `(sel) => { const el = document.querySelector(sel); return el instanceof HTMLInputElement && el.type === "password"; }`,
+        selector
+      );
+    } catch (err) {
+      logAndSwallow(TAG2, "evaluate isPassword", err);
+    }
+    const logValue = isPassword ? "***" : value;
+    logDebug(
+      "browser",
+      `${LOG_PREFIX} fill session="${action.sessionId}" selector="${selector}" value="${logValue}"`
+    );
+    try {
+      await session.page.fill(selector, value);
+      return { success: true };
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      if (message.includes("waiting for selector") || message.includes("No element")) {
+        return { success: false, error: `Selector not found: "${selector}"` };
+      }
+      return { success: false, error: `Fill failed for selector "${selector}": ${message}` };
+    }
+  }
+  // -------------------------------------------------------------------------
+  // extract_text
+  // -------------------------------------------------------------------------
+  async _handleExtractText(action) {
+    const session = await this._browserManager.getSession(action.sessionId);
+    logDebug(
+      "browser",
+      `${LOG_PREFIX} extract_text session="${action.sessionId}" selector="${action.selector ?? "(full page)"}"`
+    );
+    try {
+      const text = await extractTextFromPage(session.page, action.selector ?? void 0);
+      if (!text || text.trim().length === 0) {
+        return { success: false, error: "No text content found on the page" };
+      }
+      const truncated = text.length > TEXT_TRUNCATION_LIMIT;
+      const resultText = truncated ? text.slice(0, TEXT_TRUNCATION_LIMIT) : text;
+      return { success: true, text: resultText, truncated };
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      if (message.includes("waiting for selector") || message.includes("No element")) {
+        return { success: false, error: `Selector not found: "${action.selector}"` };
+      }
+      return { success: false, error: `Text extraction failed: ${message}` };
+    }
+  }
+  // -------------------------------------------------------------------------
+  // screenshot
+  // -------------------------------------------------------------------------
+  async _handleScreenshot(action) {
+    const session = await this._browserManager.getSession(action.sessionId);
+    const tmpFile = path.join(
+      os.tmpdir(),
+      `abtars-screenshot-${Date.now()}.png`
+    );
+    logDebug(
+      "browser",
+      `${LOG_PREFIX} screenshot session="${action.sessionId}" fullPage=${action.fullPage ?? false} path="${tmpFile}"`
+    );
+    await session.page.screenshot({
+      fullPage: action.fullPage ?? false,
+      path: tmpFile
+    });
+    return { success: true, filePath: tmpFile };
+  }
+  // -------------------------------------------------------------------------
+  // get_page_info
+  // -------------------------------------------------------------------------
+  async _handleGetPageInfo(action) {
+    const session = await this._browserManager.getSession(action.sessionId);
+    logDebug("browser", `${LOG_PREFIX} get_page_info session="${action.sessionId}"`);
+    const title = await session.page.title();
+    const url = session.page.url();
+    const elements = await session.page.evaluate(`(maxElements) => {
+      const selectors = "a, button, input, select, textarea, [role='button'], [role='link']";
+      const nodes = document.querySelectorAll(selectors);
+      const results = [];
+
+      for (let i = 0; i < nodes.length && results.length < maxElements; i++) {
+        const el = nodes[i];
+        if (!el || !(el instanceof HTMLElement)) continue;
+
+        const style = window.getComputedStyle(el);
+        if (style.display === "none" || style.visibility === "hidden") continue;
+
+        let selector = el.tagName.toLowerCase();
+        if (el.id) {
+          selector = "#" + el.id;
+        } else if (el.className && typeof el.className === "string" && el.className.trim()) {
+          const cls = el.className.trim().split(/\\s+/).slice(0, 2).join(".");
+          selector = el.tagName.toLowerCase() + "." + cls;
+        } else {
+          const parent = el.parentElement;
+          if (parent) {
+            const siblings = parent.querySelectorAll(":scope > " + el.tagName.toLowerCase());
+            if (siblings.length > 1) {
+              const idx = Array.from(siblings).indexOf(el) + 1;
+              selector = el.tagName.toLowerCase() + ":nth-of-type(" + idx + ")";
+            }
+          }
+        }
+
+        const entry = { tag: el.tagName.toLowerCase(), selector };
+        const text = (el.textContent || "").trim().slice(0, 100);
+        if (text) entry.text = text;
+
+        if (el instanceof HTMLInputElement || el instanceof HTMLSelectElement || el instanceof HTMLTextAreaElement) {
+          if (el instanceof HTMLInputElement && el.type) entry.type = el.type;
+          if (el.name) entry.name = el.name;
+          if (el instanceof HTMLInputElement && el.placeholder) entry.placeholder = el.placeholder;
+          if (el instanceof HTMLTextAreaElement && el.placeholder) entry.placeholder = el.placeholder;
+        }
+
+        if (el instanceof HTMLAnchorElement && el.href) {
+          entry.href = el.href;
+        }
+
+        results.push(entry);
+      }
+
+      return results;
+    }`, MAX_PAGE_ELEMENTS);
+    return {
+      success: true,
+      url,
+      title,
+      elements
+    };
+  }
+  // -------------------------------------------------------------------------
+  // close_session
+  // -------------------------------------------------------------------------
+  async _handleCloseSession(action) {
+    logDebug("browser", `${LOG_PREFIX} close_session session="${action.sessionId}"`);
+    await this._browserManager.closeSession(action.sessionId);
+    return { success: true };
+  }
+  // -------------------------------------------------------------------------
+  // set_cookie
+  // -------------------------------------------------------------------------
+  async _handleSetCookie(action) {
+    const file = action.cookieFile;
+    if (!file) return { success: false, error: "set_cookie requires --cookie-file" };
+    const COOKIES_DIR = "/run/browser/cookies";
+    const resolved = path.resolve(file);
+    if (!resolved.startsWith(COOKIES_DIR)) {
+      return { success: false, error: `cookie file must be under ${COOKIES_DIR}` };
+    }
+    const raw = readFileSync(resolved, "utf-8");
+    const json = JSON.parse(raw);
+    const session = await this._browserManager.getSession(action.sessionId);
+    const url = action.url ?? session.page.url();
+    let domain;
+    try {
+      domain = new URL(url).hostname;
+    } catch (err) {
+      logAndSwallow(TAG2, "parse cookie domain", err);
+      domain = "";
+    }
+    const cookies = Object.entries(json).map(([name, value]) => ({
+      name,
+      value: String(value),
+      domain,
+      path: "/"
+    }));
+    await session.context.addCookies(cookies);
+    logDebug("browser", `${LOG_PREFIX} set_cookie session="${action.sessionId}" loaded ${cookies.length} cookies for ${domain}`);
+    return { success: true, text: `Loaded ${cookies.length} cookies for ${domain}` };
+  }
+};
+
+// src/capabilities/browser/browser-ipc-server.ts
+init_logger();
+init_log_and_swallow();
+init_paths();
+import * as net from "node:net";
+import * as fs from "node:fs";
+import * as path2 from "node:path";
+var TAG3 = "browser_ipc";
+var LOG_PREFIX2 = "[browser-ipc]";
+function getDefaultSocketPath() {
+  return path2.join(abtarsHome(), "browser-socket", "browser.sock");
+}
+var BrowserIpcServer = class {
+  _server = null;
+  _tool;
+  _socketPath;
+  constructor(tool, socketPath) {
+    this._tool = tool;
+    this._socketPath = socketPath ?? getDefaultSocketPath();
+  }
+  get socketPath() {
+    return this._socketPath;
+  }
+  get isListening() {
+    return this._server?.listening ?? false;
+  }
+  /** Start listening. Removes stale socket file if present. */
+  async start() {
+    const dir = path2.dirname(this._socketPath);
+    if (!fs.existsSync(dir)) {
+      fs.mkdirSync(dir, { recursive: true });
+    }
+    this._removeSocketFile();
+    return new Promise((resolve2, reject) => {
+      const server = net.createServer({ allowHalfOpen: true }, (conn) => {
+        this._handleConnection(conn);
+      });
+      server.on("error", (err) => {
+        console.error(`${LOG_PREFIX2} Server error: ${err.message}`);
+        reject(err);
+      });
+      server.listen(this._socketPath, () => {
+        this._server = server;
+        logDebug("browser", `${LOG_PREFIX2} Listening on ${this._socketPath}`);
+        resolve2();
+      });
+    });
+  }
+  /** Stop the server and remove the socket file. */
+  async shutdown() {
+    return new Promise((resolve2) => {
+      if (!this._server) {
+        this._removeSocketFile();
+        resolve2();
+        return;
+      }
+      this._server.close(() => {
+        this._server = null;
+        this._removeSocketFile();
+        logDebug("browser", `${LOG_PREFIX2} Shut down`);
+        resolve2();
+      });
+    });
+  }
+  // ── Connection handler ──────────────────────────────────────────────
+  _handleConnection(conn) {
+    let data = "";
+    conn.on("data", (chunk) => {
+      data += chunk.toString();
+    });
+    conn.on("end", () => {
+      void this._processRequest(data, conn);
+    });
+    conn.on("error", (err) => {
+      console.error(`${LOG_PREFIX2} Connection error: ${err.message}`);
+    });
+  }
+  async _processRequest(raw, conn) {
+    let result;
+    try {
+      const action = JSON.parse(raw.trim());
+      result = await this._tool.execute(action);
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      result = { success: false, error: `IPC parse/execute error: ${message}` };
+    }
+    conn.end(JSON.stringify(result) + "\n");
+  }
+  // ── Helpers ─────────────────────────────────────────────────────────
+  _removeSocketFile() {
+    try {
+      if (fs.existsSync(this._socketPath)) {
+        fs.unlinkSync(this._socketPath);
+      }
+    } catch (err) {
+      logAndSwallow(TAG3, "unlink socket", err);
+    }
+  }
+};
+
+// src/capabilities/browser/domain-allowlist.ts
+init_env_schema();
+init_log_and_swallow();
+var TAG4 = "domain_allowlist";
+var DomainAllowlist = class _DomainAllowlist {
+  _patterns;
+  constructor(patterns) {
+    this._patterns = patterns.map((p) => p.trim().toLowerCase()).filter((p) => p.length > 0);
+  }
+  /** Check if a URL's hostname matches the allowlist. Returns true if allowed. */
+  isAllowed(url) {
+    if (this._patterns.length === 0) return true;
+    let hostname;
+    try {
+      hostname = new URL(url).hostname.toLowerCase();
+    } catch (err) {
+      logAndSwallow(TAG4, "parse URL", err);
+      return false;
+    }
+    return this._patterns.some((pattern) => {
+      if (pattern.startsWith("*.")) {
+        const suffix = pattern.slice(2);
+        return hostname === suffix || hostname.endsWith(`.${suffix}`);
+      }
+      return hostname === pattern;
+    });
+  }
+  /** Get the list of configured patterns (for error messages). */
+  get patterns() {
+    return [...this._patterns];
+  }
+  /** True if no patterns configured (open mode). */
+  get isOpenMode() {
+    return this._patterns.length === 0;
+  }
+  /** Create a DomainAllowlist from the BROWSER_ALLOWED_DOMAINS env var. */
+  static fromEnv() {
+    const raw = getEnv().browserAllowedDomains;
+    const patterns = raw.split(",").map((s) => s.trim()).filter((s) => s.length > 0);
+    return new _DomainAllowlist(patterns);
+  }
+};
+
+export {
+  BrowserManager,
+  BrowserTool,
+  getDefaultSocketPath,
+  BrowserIpcServer,
+  DomainAllowlist
+};
+//# sourceMappingURL=chunk-3B7BBE4F.js.map