npm - botmux - Versions diffs - 2.65.0 → 2.66.0-canary.1 - Mend

botmux 2.65.0 → 2.66.0-canary.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (342) hide show

package/README.en.md +1 -1
package/README.md +1 -1
package/dist/adapters/backend/sandbox.d.ts +119 -0
package/dist/adapters/backend/sandbox.d.ts.map +1 -0
package/dist/adapters/backend/sandbox.js +591 -0
package/dist/adapters/backend/sandbox.js.map +1 -0
package/dist/adapters/backend/types.d.ts +8 -0
package/dist/adapters/backend/types.d.ts.map +1 -1
package/dist/adapters/backend/types.js.map +1 -1
package/dist/adapters/backend/zellij-observe-backend.d.ts +5 -0
package/dist/adapters/backend/zellij-observe-backend.d.ts.map +1 -1
package/dist/adapters/backend/zellij-observe-backend.js +7 -0
package/dist/adapters/backend/zellij-observe-backend.js.map +1 -1
package/dist/adapters/cli/aiden.d.ts.map +1 -1
package/dist/adapters/cli/aiden.js +1 -3
package/dist/adapters/cli/aiden.js.map +1 -1
package/dist/adapters/cli/antigravity.d.ts.map +1 -1
package/dist/adapters/cli/antigravity.js +2 -4
package/dist/adapters/cli/antigravity.js.map +1 -1
package/dist/adapters/cli/claude-code.d.ts.map +1 -1
package/dist/adapters/cli/claude-code.js +12 -6
package/dist/adapters/cli/claude-code.js.map +1 -1
package/dist/adapters/cli/coco.d.ts.map +1 -1
package/dist/adapters/cli/coco.js +4 -4
package/dist/adapters/cli/coco.js.map +1 -1
package/dist/adapters/cli/codex.d.ts.map +1 -1
package/dist/adapters/cli/codex.js +2 -4
package/dist/adapters/cli/codex.js.map +1 -1
package/dist/adapters/cli/copilot.d.ts.map +1 -1
package/dist/adapters/cli/copilot.js +1 -3
package/dist/adapters/cli/copilot.js.map +1 -1
package/dist/adapters/cli/cursor.d.ts.map +1 -1
package/dist/adapters/cli/cursor.js +1 -3
package/dist/adapters/cli/cursor.js.map +1 -1
package/dist/adapters/cli/gemini.d.ts.map +1 -1
package/dist/adapters/cli/gemini.js +1 -3
package/dist/adapters/cli/gemini.js.map +1 -1
package/dist/adapters/cli/hermes.d.ts.map +1 -1
package/dist/adapters/cli/hermes.js +1 -3
package/dist/adapters/cli/hermes.js.map +1 -1
package/dist/adapters/cli/mtr.d.ts.map +1 -1
package/dist/adapters/cli/mtr.js +1 -3
package/dist/adapters/cli/mtr.js.map +1 -1
package/dist/adapters/cli/oh-my-pi.d.ts +5 -0
package/dist/adapters/cli/oh-my-pi.d.ts.map +1 -0
package/dist/adapters/cli/oh-my-pi.js +55 -0
package/dist/adapters/cli/oh-my-pi.js.map +1 -0
package/dist/adapters/cli/opencode.d.ts.map +1 -1
package/dist/adapters/cli/opencode.js +1 -3
package/dist/adapters/cli/opencode.js.map +1 -1
package/dist/adapters/cli/pi.d.ts.map +1 -1
package/dist/adapters/cli/pi.js +1 -3
package/dist/adapters/cli/pi.js.map +1 -1
package/dist/adapters/cli/registry.d.ts +2 -1
package/dist/adapters/cli/registry.d.ts.map +1 -1
package/dist/adapters/cli/registry.js +3 -1
package/dist/adapters/cli/registry.js.map +1 -1
package/dist/adapters/cli/traex.d.ts.map +1 -1
package/dist/adapters/cli/traex.js +1 -3
package/dist/adapters/cli/traex.js.map +1 -1
package/dist/adapters/cli/types.d.ts +1 -1
package/dist/adapters/cli/types.d.ts.map +1 -1
package/dist/bot-registry.d.ts +9 -1
package/dist/bot-registry.d.ts.map +1 -1
package/dist/bot-registry.js +1 -0
package/dist/bot-registry.js.map +1 -1
package/dist/cli/send-dispatch.d.ts +22 -0
package/dist/cli/send-dispatch.d.ts.map +1 -1
package/dist/cli/send-dispatch.js +40 -0
package/dist/cli/send-dispatch.js.map +1 -1
package/dist/cli/workflow.d.ts.map +1 -1
package/dist/cli/workflow.js +11 -4
package/dist/cli/workflow.js.map +1 -1
package/dist/cli.d.ts.map +1 -1
package/dist/cli.js +311 -15
package/dist/cli.js.map +1 -1
package/dist/config.d.ts +1 -0
package/dist/config.d.ts.map +1 -1
package/dist/config.js +8 -0
package/dist/config.js.map +1 -1
package/dist/core/command-discovery.d.ts +9 -0
package/dist/core/command-discovery.d.ts.map +1 -1
package/dist/core/command-discovery.js +74 -14
package/dist/core/command-discovery.js.map +1 -1
package/dist/core/command-handler.d.ts.map +1 -1
package/dist/core/command-handler.js +86 -57
package/dist/core/command-handler.js.map +1 -1
package/dist/core/dashboard-ipc-server.d.ts.map +1 -1
package/dist/core/dashboard-ipc-server.js +56 -2
package/dist/core/dashboard-ipc-server.js.map +1 -1
package/dist/core/dashboard-rows.d.ts +14 -2
package/dist/core/dashboard-rows.d.ts.map +1 -1
package/dist/core/dashboard-rows.js +5 -2
package/dist/core/dashboard-rows.js.map +1 -1
package/dist/core/session-activity.d.ts +1 -0
package/dist/core/session-activity.d.ts.map +1 -1
package/dist/core/session-activity.js +12 -0
package/dist/core/session-activity.js.map +1 -1
package/dist/core/session-discovery.d.ts.map +1 -1
package/dist/core/session-discovery.js +1 -0
package/dist/core/session-discovery.js.map +1 -1
package/dist/core/terminal-url.d.ts +16 -0
package/dist/core/terminal-url.d.ts.map +1 -1
package/dist/core/terminal-url.js +19 -1
package/dist/core/terminal-url.js.map +1 -1
package/dist/core/types.d.ts +13 -0
package/dist/core/types.d.ts.map +1 -1
package/dist/core/types.js.map +1 -1
package/dist/core/worker-pool.d.ts +17 -7
package/dist/core/worker-pool.d.ts.map +1 -1
package/dist/core/worker-pool.js +46 -22
package/dist/core/worker-pool.js.map +1 -1
package/dist/daemon.d.ts.map +1 -1
package/dist/daemon.js +337 -13
package/dist/daemon.js.map +1 -1
package/dist/dashboard/auth.d.ts.map +1 -1
package/dist/dashboard/auth.js +7 -1
package/dist/dashboard/auth.js.map +1 -1
package/dist/dashboard/v3-runs-api.d.ts +26 -0
package/dist/dashboard/v3-runs-api.d.ts.map +1 -0
package/dist/dashboard/v3-runs-api.js +67 -0
package/dist/dashboard/v3-runs-api.js.map +1 -0
package/dist/dashboard/web/app.d.ts.map +1 -1
package/dist/dashboard/web/app.js +7 -4
package/dist/dashboard/web/app.js.map +1 -1
package/dist/dashboard/web/bot-defaults.d.ts.map +1 -1
package/dist/dashboard/web/bot-defaults.js +65 -0
package/dist/dashboard/web/bot-defaults.js.map +1 -1
package/dist/dashboard/web/connectors.js +66 -66
package/dist/dashboard/web/connectors.js.map +1 -1
package/dist/dashboard/web/i18n.d.ts.map +1 -1
package/dist/dashboard/web/i18n.js +386 -2
package/dist/dashboard/web/i18n.js.map +1 -1
package/dist/dashboard/web/overview.d.ts.map +1 -1
package/dist/dashboard/web/overview.js +4 -4
package/dist/dashboard/web/overview.js.map +1 -1
package/dist/dashboard/web/sessions.d.ts.map +1 -1
package/dist/dashboard/web/sessions.js +72 -9
package/dist/dashboard/web/sessions.js.map +1 -1
package/dist/dashboard/web/team-federation.d.ts.map +1 -1
package/dist/dashboard/web/team-federation.js +131 -130
package/dist/dashboard/web/team-federation.js.map +1 -1
package/dist/dashboard/web/ui.d.ts +1 -0
package/dist/dashboard/web/ui.d.ts.map +1 -1
package/dist/dashboard/web/ui.js +11 -0
package/dist/dashboard/web/ui.js.map +1 -1
package/dist/dashboard/web/v3-terminal.d.ts +11 -0
package/dist/dashboard/web/v3-terminal.d.ts.map +1 -0
package/dist/dashboard/web/v3-terminal.js +143 -0
package/dist/dashboard/web/v3-terminal.js.map +1 -0
package/dist/dashboard/web/v3.d.ts +2 -0
package/dist/dashboard/web/v3.d.ts.map +1 -0
package/dist/dashboard/web/v3.js +538 -0
package/dist/dashboard/web/v3.js.map +1 -0
package/dist/dashboard-web/app.js +820 -618
package/dist/dashboard-web/index.html +2 -1
package/dist/dashboard-web/style.css +230 -3
package/dist/dashboard.js +47 -0
package/dist/dashboard.js.map +1 -1
package/dist/i18n/en.d.ts.map +1 -1
package/dist/i18n/en.js +22 -5
package/dist/i18n/en.js.map +1 -1
package/dist/i18n/zh.d.ts.map +1 -1
package/dist/i18n/zh.js +22 -5
package/dist/i18n/zh.js.map +1 -1
package/dist/im/lark/card-builder.d.ts +19 -2
package/dist/im/lark/card-builder.d.ts.map +1 -1
package/dist/im/lark/card-builder.js +50 -8
package/dist/im/lark/card-builder.js.map +1 -1
package/dist/im/lark/card-handler.d.ts +12 -0
package/dist/im/lark/card-handler.d.ts.map +1 -1
package/dist/im/lark/card-handler.js +88 -14
package/dist/im/lark/card-handler.js.map +1 -1
package/dist/im/lark/client.d.ts.map +1 -1
package/dist/im/lark/client.js +5 -2
package/dist/im/lark/client.js.map +1 -1
package/dist/im/lark/event-dispatcher.d.ts.map +1 -1
package/dist/im/lark/event-dispatcher.js +35 -1
package/dist/im/lark/event-dispatcher.js.map +1 -1
package/dist/im/lark/grant-pending.d.ts +1 -0
package/dist/im/lark/grant-pending.d.ts.map +1 -1
package/dist/im/lark/grant-pending.js +36 -4
package/dist/im/lark/grant-pending.js.map +1 -1
package/dist/im/lark/relay-target-routing.d.ts +18 -0
package/dist/im/lark/relay-target-routing.d.ts.map +1 -0
package/dist/im/lark/relay-target-routing.js +44 -0
package/dist/im/lark/relay-target-routing.js.map +1 -0
package/dist/im/lark/v3-blocked-card-handler.d.ts +28 -0
package/dist/im/lark/v3-blocked-card-handler.d.ts.map +1 -0
package/dist/im/lark/v3-blocked-card-handler.js +130 -0
package/dist/im/lark/v3-blocked-card-handler.js.map +1 -0
package/dist/im/lark/v3-blocked-card.d.ts +75 -0
package/dist/im/lark/v3-blocked-card.d.ts.map +1 -0
package/dist/im/lark/v3-blocked-card.js +206 -0
package/dist/im/lark/v3-blocked-card.js.map +1 -0
package/dist/im/lark/v3-gate-card-handler.d.ts +31 -0
package/dist/im/lark/v3-gate-card-handler.d.ts.map +1 -0
package/dist/im/lark/v3-gate-card-handler.js +97 -0
package/dist/im/lark/v3-gate-card-handler.js.map +1 -0
package/dist/im/lark/v3-gate-card.d.ts +47 -0
package/dist/im/lark/v3-gate-card.d.ts.map +1 -0
package/dist/im/lark/v3-gate-card.js +119 -0
package/dist/im/lark/v3-gate-card.js.map +1 -0
package/dist/im/lark/v3-loop-grant-card-handler.d.ts +28 -0
package/dist/im/lark/v3-loop-grant-card-handler.d.ts.map +1 -0
package/dist/im/lark/v3-loop-grant-card-handler.js +90 -0
package/dist/im/lark/v3-loop-grant-card-handler.js.map +1 -0
package/dist/im/lark/v3-loop-grant-card.d.ts +46 -0
package/dist/im/lark/v3-loop-grant-card.d.ts.map +1 -0
package/dist/im/lark/v3-loop-grant-card.js +119 -0
package/dist/im/lark/v3-loop-grant-card.js.map +1 -0
package/dist/im/lark/v3-revisit-grant-card-handler.d.ts +29 -0
package/dist/im/lark/v3-revisit-grant-card-handler.d.ts.map +1 -0
package/dist/im/lark/v3-revisit-grant-card-handler.js +88 -0
package/dist/im/lark/v3-revisit-grant-card-handler.js.map +1 -0
package/dist/im/lark/v3-revisit-grant-card.d.ts +52 -0
package/dist/im/lark/v3-revisit-grant-card.d.ts.map +1 -0
package/dist/im/lark/v3-revisit-grant-card.js +123 -0
package/dist/im/lark/v3-revisit-grant-card.js.map +1 -0
package/dist/im/lark/workflow-progress-card.d.ts +1 -1
package/dist/im/lark/workflow-progress-card.js +1 -1
package/dist/im/lark/workflow-slash-command.d.ts +28 -0
package/dist/im/lark/workflow-slash-command.d.ts.map +1 -1
package/dist/im/lark/workflow-slash-command.js +68 -12
package/dist/im/lark/workflow-slash-command.js.map +1 -1
package/dist/services/relay-picker.d.ts +6 -1
package/dist/services/relay-picker.d.ts.map +1 -1
package/dist/services/relay-picker.js +8 -2
package/dist/services/relay-picker.js.map +1 -1
package/dist/services/sandbox-land.d.ts +20 -0
package/dist/services/sandbox-land.d.ts.map +1 -0
package/dist/services/sandbox-land.js +78 -0
package/dist/services/sandbox-land.js.map +1 -0
package/dist/services/sandbox-store.d.ts +10 -0
package/dist/services/sandbox-store.d.ts.map +1 -0
package/dist/services/sandbox-store.js +40 -0
package/dist/services/sandbox-store.js.map +1 -0
package/dist/services/send-policy.d.ts +39 -0
package/dist/services/send-policy.d.ts.map +1 -1
package/dist/services/send-policy.js +43 -0
package/dist/services/send-policy.js.map +1 -1
package/dist/services/session-store.d.ts.map +1 -1
package/dist/services/session-store.js +16 -6
package/dist/services/session-store.js.map +1 -1
package/dist/setup/bot-config-editor.d.ts.map +1 -1
package/dist/setup/bot-config-editor.js +3 -1
package/dist/setup/bot-config-editor.js.map +1 -1
package/dist/skills/definitions.d.ts.map +1 -1
package/dist/skills/definitions.js +230 -5
package/dist/skills/definitions.js.map +1 -1
package/dist/types.d.ts +1 -0
package/dist/types.d.ts.map +1 -1
package/dist/utils/bounded-map.d.ts +15 -0
package/dist/utils/bounded-map.d.ts.map +1 -0
package/dist/utils/bounded-map.js +29 -0
package/dist/utils/bounded-map.js.map +1 -0
package/dist/utils/file-lock.d.ts +7 -1
package/dist/utils/file-lock.d.ts.map +1 -1
package/dist/utils/file-lock.js +5 -3
package/dist/utils/file-lock.js.map +1 -1
package/dist/utils/timing.d.ts +30 -0
package/dist/utils/timing.d.ts.map +1 -0
package/dist/utils/timing.js +41 -0
package/dist/utils/timing.js.map +1 -0
package/dist/utils/transient-snapshot.d.ts +24 -0
package/dist/utils/transient-snapshot.d.ts.map +1 -1
package/dist/utils/transient-snapshot.js +26 -0
package/dist/utils/transient-snapshot.js.map +1 -1
package/dist/worker.js +117 -30
package/dist/worker.js.map +1 -1
package/dist/workflows/definition.d.ts +96 -96
package/dist/workflows/events/payloads.d.ts +6 -6
package/dist/workflows/events/schema.d.ts +24 -24
package/dist/workflows/v3/architect.d.ts +37 -0
package/dist/workflows/v3/architect.d.ts.map +1 -0
package/dist/workflows/v3/architect.js +220 -0
package/dist/workflows/v3/architect.js.map +1 -0
package/dist/workflows/v3/bot-resolve.d.ts +21 -0
package/dist/workflows/v3/bot-resolve.d.ts.map +1 -0
package/dist/workflows/v3/bot-resolve.js +47 -0
package/dist/workflows/v3/bot-resolve.js.map +1 -0
package/dist/workflows/v3/cli-run.d.ts +24 -0
package/dist/workflows/v3/cli-run.d.ts.map +1 -0
package/dist/workflows/v3/cli-run.js +265 -0
package/dist/workflows/v3/cli-run.js.map +1 -0
package/dist/workflows/v3/contract.d.ts +302 -0
package/dist/workflows/v3/contract.d.ts.map +1 -0
package/dist/workflows/v3/contract.js +91 -0
package/dist/workflows/v3/contract.js.map +1 -0
package/dist/workflows/v3/daemon-run.d.ts +311 -0
package/dist/workflows/v3/daemon-run.d.ts.map +1 -0
package/dist/workflows/v3/daemon-run.js +755 -0
package/dist/workflows/v3/daemon-run.js.map +1 -0
package/dist/workflows/v3/dag.d.ts +332 -0
package/dist/workflows/v3/dag.d.ts.map +1 -0
package/dist/workflows/v3/dag.js +1040 -0
package/dist/workflows/v3/dag.js.map +1 -0
package/dist/workflows/v3/ephemeral-pool.d.ts +29 -0
package/dist/workflows/v3/ephemeral-pool.d.ts.map +1 -0
package/dist/workflows/v3/ephemeral-pool.js +331 -0
package/dist/workflows/v3/ephemeral-pool.js.map +1 -0
package/dist/workflows/v3/grill-state.d.ts +92 -0
package/dist/workflows/v3/grill-state.d.ts.map +1 -0
package/dist/workflows/v3/grill-state.js +151 -0
package/dist/workflows/v3/grill-state.js.map +1 -0
package/dist/workflows/v3/host.d.ts +88 -0
package/dist/workflows/v3/host.d.ts.map +1 -0
package/dist/workflows/v3/host.js +352 -0
package/dist/workflows/v3/host.js.map +1 -0
package/dist/workflows/v3/human-gate.d.ts +85 -0
package/dist/workflows/v3/human-gate.d.ts.map +1 -0
package/dist/workflows/v3/human-gate.js +153 -0
package/dist/workflows/v3/human-gate.js.map +1 -0
package/dist/workflows/v3/journal.d.ts +205 -0
package/dist/workflows/v3/journal.d.ts.map +1 -0
package/dist/workflows/v3/journal.js +64 -0
package/dist/workflows/v3/journal.js.map +1 -0
package/dist/workflows/v3/manifest.d.ts +17 -0
package/dist/workflows/v3/manifest.d.ts.map +1 -0
package/dist/workflows/v3/manifest.js +266 -0
package/dist/workflows/v3/manifest.js.map +1 -0
package/dist/workflows/v3/ops-projection.d.ts +109 -0
package/dist/workflows/v3/ops-projection.d.ts.map +1 -0
package/dist/workflows/v3/ops-projection.js +0 -0
package/dist/workflows/v3/ops-projection.js.map +1 -0
package/dist/workflows/v3/orchestrator.d.ts +168 -0
package/dist/workflows/v3/orchestrator.d.ts.map +1 -0
package/dist/workflows/v3/orchestrator.js +417 -0
package/dist/workflows/v3/orchestrator.js.map +1 -0
package/dist/workflows/v3/runtime.d.ts +193 -0
package/dist/workflows/v3/runtime.d.ts.map +1 -0
package/dist/workflows/v3/runtime.js +1266 -0
package/dist/workflows/v3/runtime.js.map +1 -0
package/dist/workflows/v3/spec.d.ts +32 -0
package/dist/workflows/v3/spec.d.ts.map +1 -0
package/dist/workflows/v3/spec.js +173 -0
package/dist/workflows/v3/spec.js.map +1 -0
package/dist/workflows/v3/state.d.ts +74 -0
package/dist/workflows/v3/state.d.ts.map +1 -0
package/dist/workflows/v3/state.js +353 -0
package/dist/workflows/v3/state.js.map +1 -0
package/package.json +11 -5

package/README.en.md CHANGED Viewed

@@ -64,7 +64,7 @@ Compared to OpenClaw-style approaches built on Agent SDKs:
 ## Prerequisites
 - **Node.js** >= 20
-- **AI coding CLI / local agent app** installed and authenticated (`claude`, `codex`, `coco`, `cursor-agent`, `gemini`, `opencode`, `hermes`, `seed` (Seed CLI, a Claude Code fork), `pi`, `copilot` (GitHub Copilot CLI), `traex` (TRAE CLI), or `agy` (Antigravity) in PATH)
+- **AI coding CLI / local agent app** installed and authenticated (`claude`, `codex`, `coco`, `cursor-agent`, `gemini`, `opencode`, `hermes`, `seed` (Seed CLI, a Claude Code fork), `pi`, `omp` (oh-my-pi, a Pi fork), `copilot` (GitHub Copilot CLI), `traex` (TRAE CLI), or `agy` (Antigravity) in PATH)
   - **CoCo requires `0.120.32+`**: type-ahead (sending a new message while a turn is still running, parked in CoCo's own message queue) relies on 0.120.32+ behavior; earlier versions may drop or serialize input while busy — upgrade before use
 - **tmux** >= 3.x (optional — auto-enabled when installed for persistent CLI sessions)
 - **CJK fonts** (only needed for screenshot rendering of Chinese text / emoji):

package/README.md CHANGED Viewed

@@ -199,7 +199,7 @@ CLI 进入 botmux 会话时自动获得 `~/.botmux/bin` 在 PATH 中，以及一
 ## 前置要求
 - **Node.js** >= 20
-- **AI 编程 CLI / 本地 Agent 应用** 已安装并完成认证（`claude`、`codex`、`coco`、`cursor-agent`、`gemini`、`opencode`、`hermes`、`seed`（Seed CLI，Claude Code 衍生）、`pi`、`copilot`（GitHub Copilot CLI）、`traex`（TRAE CLI）或 `agy`（Antigravity）在 PATH 中）
+- **AI 编程 CLI / 本地 Agent 应用** 已安装并完成认证（`claude`、`codex`、`coco`、`cursor-agent`、`gemini`、`opencode`、`hermes`、`seed`（Seed CLI，Claude Code 衍生）、`pi`、`omp`（oh-my-pi，Pi 衍生）、`copilot`（GitHub Copilot CLI）、`traex`（TRAE CLI）或 `agy`（Antigravity）在 PATH 中）
   - **CoCo 最低版本 `0.120.32`**：type-ahead（会话忙时即可发新消息，由 CoCo 自己的消息队列接住）依赖 0.120.32+ 的行为；更早版本忙时输入可能丢失或串行，请升级后再用
 - **tmux** >= 3.x（可选，安装后自动启用会话常驻）
 - **CJK 字体**（用于截图渲染中文/emoji）：

package/dist/adapters/backend/sandbox.d.ts ADDED Viewed

@@ -0,0 +1,119 @@
+export interface SandboxPlan {
+    /** Host path of the per-session writable project copy (a `git clone` of the
+     *  source). Mounted INSIDE the sandbox at `projectMount`, not at this path. */
+    workDir: string;
+    /** In-sandbox path the clone is mounted at — MUST equal the original
+     *  workingDir the CLI was given (e.g. codex `-C <dir>`), so the CLI's existing
+     *  args resolve to the clone. Also the child's chdir. */
+    projectMount: string;
+    /** Per-session scoped HOME — bound over the real home path so every CLI's
+     *  hardcoded `~/.<cli>` resolves into this de-identified area. */
+    scopedHome: string;
+    /** Daemon-mediated `botmux send` outbox — the ONLY IPC surface bound in, so
+     *  bots.json / Lark creds never enter the sandbox. */
+    outbox: string;
+    /** Extra read-only paths the toolchain lives under (node/CLI binaries via
+     *  fnm, the botmux dist) — re-exposed AFTER the scoped-home mask because on
+     *  this host they sit under $HOME (e.g. ~/.local/share/fnm, ~/iserver/botmux). */
+    toolchainRo: string[];
+    /** Keep network egress. File-only scope ⇒ default true (npm/pip/git work). */
+    net?: boolean;
+}
+/**
+ * Build the bwrap argv prefix. Final spawn becomes:
+ *   bwrap <these args> -- <cliBin> <cliArgs...>
+ *
+ * Mount order matters: the scoped HOME is bound over the real home FIRST, then
+ * toolchain/work/outbox paths (some under home) are re-bound on top — bwrap
+ * applies binds in order, so the later, more specific mounts win.
+ */
+export declare function buildSandboxArgs(plan: SandboxPlan): string[];
+/**
+ * Materialise a de-identified config dir inside `scopedHome`: copy ONLY the
+ * auth/config files from the host's real config, never history/sessions.
+ * `dereference` resolves symlinks (codex's config.toml → config.toml.old) into
+ * real files, since the symlink target won't exist inside the masked home.
+ *
+ * Returns false if this CLI has no persistent config to scope (hermes/aiden/…).
+ */
+export declare function seedScopedConfig(cliId: string, scopedHome: string, projectMount?: string): boolean;
+/** Is file-sandbox enabled for this session? Spike gate = env; the real
+ *  per-bot BotConfig.sandbox flag is a follow-up. */
+export declare function sandboxEnabled(): boolean;
+export interface SandboxSpawn {
+    /** Replace the CLI binary with this (always 'bwrap'). */
+    bin: string;
+    /** bwrap args + '--' + original (bin, ...args). */
+    args: string[];
+    /** Env overrides to merge into childEnv (HOME, PATH, BOTMUX_SEND_RELAY). */
+    env: Record<string, string>;
+    /** Outbox dir the daemon watcher must service. */
+    outbox: string;
+    /** Per-session project copy (for logging / landing). */
+    workDir: string;
+    /** Remove the per-session sandbox tree. */
+    cleanup: () => void;
+}
+/**
+ * Build the sandboxed spawn for a CLI session, or return null when sandboxing
+ * is off / unsupported. Creates per-session dirs under
+ * <dataDir>/sandboxes/<sessionId>/, clones the source project, seeds a
+ * de-identified config dir, and installs a `botmux` shim on PATH.
+ */
+export declare function prepareSandbox(opts: {
+    /** Whether the sandbox is on for THIS session (per-bot BotConfig.sandbox OR
+     *  the BOTMUX_SANDBOX env force). Decided by the caller — prepareSandbox does
+     *  NOT re-read the env, so the dashboard per-bot toggle actually takes effect. */
+    enabled: boolean;
+    cliId: string;
+    sessionId: string;
+    sourceWorkingDir: string;
+    dataDir: string;
+    cliBin: string;
+    cliArgs: string[];
+}): SandboxSpawn | null;
+export interface RelayRequest {
+    contentFile?: unknown;
+    attachments?: unknown;
+    flags?: unknown;
+}
+export interface ValidatedRelay {
+    contentName: string;
+    attachmentNames: string[];
+    flags: string[];
+}
+/**
+ * PURE validation of an outbox relay request (schema + flag allowlist only — no
+ * filesystem access, so it's deterministically testable):
+ *  - contentFile/attachments must be plain basenames (no `/`, `\`, `..`).
+ *  - only allowlisted presentation flags pass; any other flag → reject (this
+ *    rejects raw `--content-file`/`--session-id`/path flags etc.).
+ * The TOCTOU-safe filesystem read is handled separately by materializeOutboxFile,
+ * NOT here — this function deliberately resolves no paths.
+ */
+export declare function validateRelayRequest(req: RelayRequest): {
+    ok: true;
+    value: ValidatedRelay;
+} | {
+    ok: false;
+    error: string;
+};
+/**
+ * TOCTOU-safe copy of an outbox file (`outbox/<name>`, name already validated as
+ * a plain basename) into a host-private `dest`. Opens with O_NOFOLLOW so a
+ * symlink swapped in by the sandbox AFTER validation is rejected at open time;
+ * reads from the fd (not the path), so the inode can't be swapped under us.
+ * Returns false (reject) on symlink / non-regular / any error.
+ */
+export declare function materializeOutboxFile(outbox: string, name: string, dest: string): boolean;
+/**
+ * Daemon/worker-side outbox watcher. The sandboxed `botmux send` (relay mode)
+ * drops `<id>.req.json`; we validate (validateRelayRequest) and then MATERIALIZE
+ * the content/attachments into a host-private staging dir that is NOT bound into
+ * the sandbox — closing the TOCTOU window where the sandbox could swap an outbox
+ * file for a symlink between check and the host-side read. We then re-exec THIS
+ * build's `send` OUTSIDE the sandbox (full creds) against the private copies,
+ * with the session-id FORCED. This keeps every Lark credential out of the sandbox.
+ */
+export declare function startOutboxWatcher(outbox: string, baseEnv: NodeJS.ProcessEnv, sessionId: string): () => void;
+//# sourceMappingURL=sandbox.d.ts.map

package/dist/adapters/backend/sandbox.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sandbox.d.ts","sourceRoot":"","sources":["../../../src/adapters/backend/sandbox.ts"],"names":[],"mappings":"AAsBA,MAAM,WAAW,WAAW;IAC1B;mFAC+E;IAC/E,OAAO,EAAE,MAAM,CAAC;IAChB;;6DAEyD;IACzD,YAAY,EAAE,MAAM,CAAC;IACrB;sEACkE;IAClE,UAAU,EAAE,MAAM,CAAC;IACnB;0DACsD;IACtD,MAAM,EAAE,MAAM,CAAC;IACf;;sFAEkF;IAClF,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,8EAA8E;IAC9E,GAAG,CAAC,EAAE,OAAO,CAAC;CACf;AAMD;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,WAAW,GAAG,MAAM,EAAE,CAmB5D;AA2CD;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,GAAG,OAAO,CA0BlG;AA4ED;qDACqD;AACrD,wBAAgB,cAAc,IAAI,OAAO,CAExC;AAED,MAAM,WAAW,YAAY;IAC3B,yDAAyD;IACzD,GAAG,EAAE,MAAM,CAAC;IACZ,mDAAmD;IACnD,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,4EAA4E;IAC5E,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC5B,kDAAkD;IAClD,MAAM,EAAE,MAAM,CAAC;IACf,wDAAwD;IACxD,OAAO,EAAE,MAAM,CAAC;IAChB,2CAA2C;IAC3C,OAAO,EAAE,MAAM,IAAI,CAAC;CACrB;AAoDD;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE;IACnC;;sFAEkF;IAClF,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,gBAAgB,EAAE,MAAM,CAAC;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,EAAE,CAAC;CACnB,GAAG,YAAY,GAAG,IAAI,CA2FtB;AAOD,MAAM,WAAW,YAAY;IAC3B,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAQD,MAAM,WAAW,cAAc;IAAG,WAAW,EAAE,MAAM,CAAC;IAAC,eAAe,EAAE,MAAM,EAAE,CAAC;IAAC,KAAK,EAAE,MAAM,EAAE,CAAC;CAAE;AAEpG;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,YAAY,GAAG;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,KAAK,EAAE,cAAc,CAAA;CAAE,GAAG;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAwB1H;AAED;;;;;;GAMG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAiBzF;AAED;;;;;;;;GAQG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,UAAU,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,IAAI,CAkE5G"}