npm - browxai - Versions diffs - 0.7.0 - Mend

browxai 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (520) hide show

package/LICENSE +21 -0
package/README.md +139 -0
package/THIRD_PARTY_NOTICES.md +45 -0
package/dist/cli/chrome.d.ts +1 -0
package/dist/cli/chrome.js +130 -0
package/dist/cli/command-registry.d.ts +15 -0
package/dist/cli/command-registry.js +35 -0
package/dist/cli/doctor-plugins.d.ts +18 -0
package/dist/cli/doctor-plugins.js +338 -0
package/dist/cli/doctor.d.ts +9 -0
package/dist/cli/doctor.js +407 -0
package/dist/cli/init.d.ts +1 -0
package/dist/cli/init.js +200 -0
package/dist/cli/register-commands.d.ts +1 -0
package/dist/cli/register-commands.js +22 -0
package/dist/cli/serve.d.ts +14 -0
package/dist/cli/serve.js +151 -0
package/dist/cli.d.ts +3 -0
package/dist/cli.js +129 -0
package/dist/engine/adapters/adb.d.ts +72 -0
package/dist/engine/adapters/adb.js +200 -0
package/dist/engine/adapters/android-cdp.d.ts +54 -0
package/dist/engine/adapters/android-cdp.js +110 -0
package/dist/engine/adapters/android.engine.d.ts +1 -0
package/dist/engine/adapters/android.engine.js +31 -0
package/dist/engine/adapters/chromium.engine.d.ts +1 -0
package/dist/engine/adapters/chromium.engine.js +44 -0
package/dist/engine/adapters/firefox.engine.d.ts +1 -0
package/dist/engine/adapters/firefox.engine.js +43 -0
package/dist/engine/adapters/playwright-chromium.d.ts +43 -0
package/dist/engine/adapters/playwright-chromium.js +56 -0
package/dist/engine/adapters/playwright-firefox.d.ts +52 -0
package/dist/engine/adapters/playwright-firefox.js +97 -0
package/dist/engine/adapters/playwright-webkit.d.ts +40 -0
package/dist/engine/adapters/playwright-webkit.js +79 -0
package/dist/engine/adapters/safari/bidi-client.d.ts +46 -0
package/dist/engine/adapters/safari/bidi-client.js +130 -0
package/dist/engine/adapters/safari/launch.d.ts +56 -0
package/dist/engine/adapters/safari/launch.js +104 -0
package/dist/engine/adapters/safari/webdriver-client.d.ts +102 -0
package/dist/engine/adapters/safari/webdriver-client.js +175 -0
package/dist/engine/adapters/safari.engine.d.ts +1 -0
package/dist/engine/adapters/safari.engine.js +52 -0
package/dist/engine/adapters/safaridriver-hybrid.d.ts +56 -0
package/dist/engine/adapters/safaridriver-hybrid.js +127 -0
package/dist/engine/adapters/webkit.engine.d.ts +1 -0
package/dist/engine/adapters/webkit.engine.js +47 -0
package/dist/engine/capabilities.d.ts +53 -0
package/dist/engine/capabilities.js +122 -0
package/dist/engine/capability-registry.d.ts +9 -0
package/dist/engine/capability-registry.js +20 -0
package/dist/engine/index.d.ts +18 -0
package/dist/engine/index.js +14 -0
package/dist/engine/register-engines.d.ts +5 -0
package/dist/engine/register-engines.js +16 -0
package/dist/engine/registry.d.ts +145 -0
package/dist/engine/registry.js +67 -0
package/dist/engine/select.d.ts +48 -0
package/dist/engine/select.js +128 -0
package/dist/engine/session-cdp.d.ts +13 -0
package/dist/engine/session-cdp.js +22 -0
package/dist/engine/tool-gate.d.ts +19 -0
package/dist/engine/tool-gate.js +226 -0
package/dist/engine/types.d.ts +71 -0
package/dist/engine/types.js +16 -0
package/dist/helper/bridge.d.ts +48 -0
package/dist/helper/bridge.js +200 -0
package/dist/helper/browx-page.d.ts +1 -0
package/dist/helper/browx-page.js +47 -0
package/dist/helper/overlay-hide.d.ts +9 -0
package/dist/helper/overlay-hide.js +49 -0
package/dist/helper/stealth.d.ts +10 -0
package/dist/helper/stealth.js +88 -0
package/dist/index.d.ts +7 -0
package/dist/index.js +15 -0
package/dist/page/a11y.d.ts +81 -0
package/dist/page/a11y.js +219 -0
package/dist/page/action-substrate.d.ts +64 -0
package/dist/page/action-substrate.js +118 -0
package/dist/page/actionresult-blocks.d.ts +99 -0
package/dist/page/actionresult-blocks.js +144 -0
package/dist/page/actionresult-shape.d.ts +48 -0
package/dist/page/actionresult-shape.js +155 -0
package/dist/page/actionresult-types.d.ts +368 -0
package/dist/page/actionresult-types.js +4 -0
package/dist/page/actionresult.d.ts +4 -0
package/dist/page/actionresult.js +299 -0
package/dist/page/actions-probe.d.ts +32 -0
package/dist/page/actions-probe.js +294 -0
package/dist/page/actions-scroll.d.ts +40 -0
package/dist/page/actions-scroll.js +53 -0
package/dist/page/actions.d.ts +132 -0
package/dist/page/actions.js +453 -0
package/dist/page/archive-assets.d.ts +39 -0
package/dist/page/archive-assets.js +187 -0
package/dist/page/archive.d.ts +47 -0
package/dist/page/archive.js +349 -0
package/dist/page/asset-export.d.ts +122 -0
package/dist/page/asset-export.js +376 -0
package/dist/page/await_network.d.ts +16 -0
package/dist/page/await_network.js +23 -0
package/dist/page/bbox.d.ts +37 -0
package/dist/page/bbox.js +115 -0
package/dist/page/canvas-capture.d.ts +82 -0
package/dist/page/canvas-capture.js +257 -0
package/dist/page/canvas-diff.d.ts +51 -0
package/dist/page/canvas-diff.js +131 -0
package/dist/page/canvas-gesture.d.ts +53 -0
package/dist/page/canvas-gesture.js +167 -0
package/dist/page/canvas-transform.d.ts +96 -0
package/dist/page/canvas-transform.js +150 -0
package/dist/page/canvas.d.ts +8 -0
package/dist/page/canvas.js +50 -0
package/dist/page/capture-substrate.d.ts +111 -0
package/dist/page/capture-substrate.js +139 -0
package/dist/page/clipboard.d.ts +25 -0
package/dist/page/clipboard.js +50 -0
package/dist/page/clock.d.ts +36 -0
package/dist/page/clock.js +167 -0
package/dist/page/compose.d.ts +55 -0
package/dist/page/compose.js +169 -0
package/dist/page/console.d.ts +39 -0
package/dist/page/console.js +73 -0
package/dist/page/coverage.d.ts +97 -0
package/dist/page/coverage.js +280 -0
package/dist/page/dom-export.d.ts +41 -0
package/dist/page/dom-export.js +193 -0
package/dist/page/dom-walk.d.ts +91 -0
package/dist/page/dom-walk.js +267 -0
package/dist/page/dom_diff.d.ts +48 -0
package/dist/page/dom_diff.js +121 -0
package/dist/page/downloads.d.ts +80 -0
package/dist/page/downloads.js +244 -0
package/dist/page/drop-files.d.ts +78 -0
package/dist/page/drop-files.js +310 -0
package/dist/page/element-export-discovery.d.ts +64 -0
package/dist/page/element-export-discovery.js +346 -0
package/dist/page/element-export.d.ts +46 -0
package/dist/page/element-export.js +251 -0
package/dist/page/emulation-substrate.d.ts +53 -0
package/dist/page/emulation-substrate.js +87 -0
package/dist/page/emulation.d.ts +60 -0
package/dist/page/emulation.js +162 -0
package/dist/page/export-playwright-script.d.ts +47 -0
package/dist/page/export-playwright-script.js +304 -0
package/dist/page/extract-resolve.d.ts +22 -0
package/dist/page/extract-resolve.js +341 -0
package/dist/page/extract-schema.d.ts +20 -0
package/dist/page/extract-schema.js +200 -0
package/dist/page/extract-types.d.ts +127 -0
package/dist/page/extract-types.js +8 -0
package/dist/page/extract-warnings.d.ts +8 -0
package/dist/page/extract-warnings.js +56 -0
package/dist/page/extract.d.ts +9 -0
package/dist/page/extract.js +174 -0
package/dist/page/fill-form.d.ts +58 -0
package/dist/page/fill-form.js +261 -0
package/dist/page/find.d.ts +158 -0
package/dist/page/find.js +470 -0
package/dist/page/frames.d.ts +45 -0
package/dist/page/frames.js +133 -0
package/dist/page/generate-locator.d.ts +57 -0
package/dist/page/generate-locator.js +136 -0
package/dist/page/gestures.d.ts +128 -0
package/dist/page/gestures.js +198 -0
package/dist/page/har.d.ts +91 -0
package/dist/page/har.js +174 -0
package/dist/page/heap.d.ts +97 -0
package/dist/page/heap.js +285 -0
package/dist/page/inspect.d.ts +34 -0
package/dist/page/inspect.js +75 -0
package/dist/page/layout-thrash.d.ts +34 -0
package/dist/page/layout-thrash.js +232 -0
package/dist/page/learning.d.ts +21 -0
package/dist/page/learning.js +84 -0
package/dist/page/locator.d.ts +54 -0
package/dist/page/locator.js +142 -0
package/dist/page/memory-diff.d.ts +48 -0
package/dist/page/memory-diff.js +105 -0
package/dist/page/network-mask.d.ts +8 -0
package/dist/page/network-mask.js +18 -0
package/dist/page/network-playwright.d.ts +96 -0
package/dist/page/network-playwright.js +353 -0
package/dist/page/network-substrate-select.d.ts +18 -0
package/dist/page/network-substrate-select.js +32 -0
package/dist/page/network-substrate.d.ts +109 -0
package/dist/page/network-substrate.js +161 -0
package/dist/page/network-ws.d.ts +46 -0
package/dist/page/network-ws.js +113 -0
package/dist/page/network.d.ts +194 -0
package/dist/page/network.js +415 -0
package/dist/page/overflow-detect.d.ts +102 -0
package/dist/page/overflow-detect.js +449 -0
package/dist/page/pdf.d.ts +69 -0
package/dist/page/pdf.js +109 -0
package/dist/page/perf-audit-analysers.d.ts +40 -0
package/dist/page/perf-audit-analysers.js +369 -0
package/dist/page/perf-audit-runner.d.ts +20 -0
package/dist/page/perf-audit-runner.js +195 -0
package/dist/page/perf-audit-types.d.ts +41 -0
package/dist/page/perf-audit-types.js +5 -0
package/dist/page/perf-audit.d.ts +37 -0
package/dist/page/perf-audit.js +377 -0
package/dist/page/perf.d.ts +127 -0
package/dist/page/perf.js +373 -0
package/dist/page/plan.d.ts +192 -0
package/dist/page/plan.js +308 -0
package/dist/page/point_probe.d.ts +46 -0
package/dist/page/point_probe.js +99 -0
package/dist/page/recording.d.ts +67 -0
package/dist/page/recording.js +172 -0
package/dist/page/refs.d.ts +92 -0
package/dist/page/refs.js +134 -0
package/dist/page/regions.d.ts +23 -0
package/dist/page/regions.js +32 -0
package/dist/page/routes.d.ts +40 -0
package/dist/page/routes.js +87 -0
package/dist/page/safari-actions.d.ts +12 -0
package/dist/page/safari-actions.js +144 -0
package/dist/page/sample.d.ts +64 -0
package/dist/page/sample.js +216 -0
package/dist/page/screenshot-on.d.ts +51 -0
package/dist/page/screenshot-on.js +150 -0
package/dist/page/screenshot-save.d.ts +36 -0
package/dist/page/screenshot-save.js +53 -0
package/dist/page/screenshot-schedule.d.ts +50 -0
package/dist/page/screenshot-schedule.js +155 -0
package/dist/page/script-substrate.d.ts +32 -0
package/dist/page/script-substrate.js +47 -0
package/dist/page/seed-random.d.ts +45 -0
package/dist/page/seed-random.js +144 -0
package/dist/page/set-of-marks.d.ts +96 -0
package/dist/page/set-of-marks.js +245 -0
package/dist/page/shadow.d.ts +136 -0
package/dist/page/shadow.js +400 -0
package/dist/page/shortcut.d.ts +50 -0
package/dist/page/shortcut.js +147 -0
package/dist/page/snapshot-substrate-safari.d.ts +30 -0
package/dist/page/snapshot-substrate-safari.js +84 -0
package/dist/page/snapshot-substrate-select.d.ts +24 -0
package/dist/page/snapshot-substrate-select.js +34 -0
package/dist/page/snapshot-substrate.d.ts +58 -0
package/dist/page/snapshot-substrate.js +135 -0
package/dist/page/snapshot.d.ts +24 -0
package/dist/page/snapshot.js +162 -0
package/dist/page/solve-captcha.d.ts +76 -0
package/dist/page/solve-captcha.js +286 -0
package/dist/page/storage-substrate-types.d.ts +221 -0
package/dist/page/storage-substrate-types.js +6 -0
package/dist/page/storage-substrate.d.ts +215 -0
package/dist/page/storage-substrate.js +280 -0
package/dist/page/structural.d.ts +9 -0
package/dist/page/structural.js +152 -0
package/dist/page/substrate-bundle-safari.d.ts +8 -0
package/dist/page/substrate-bundle-safari.js +42 -0
package/dist/page/substrate-bundle.d.ts +6 -0
package/dist/page/substrate-bundle.js +53 -0
package/dist/page/text_search.d.ts +44 -0
package/dist/page/text_search.js +90 -0
package/dist/page/upload.d.ts +28 -0
package/dist/page/upload.js +62 -0
package/dist/page/verify.d.ts +63 -0
package/dist/page/verify.js +451 -0
package/dist/page/video.d.ts +115 -0
package/dist/page/video.js +169 -0
package/dist/page/visibility.d.ts +22 -0
package/dist/page/visibility.js +94 -0
package/dist/page/watch.d.ts +29 -0
package/dist/page/watch.js +99 -0
package/dist/page/workers.d.ts +126 -0
package/dist/page/workers.js +490 -0
package/dist/page/ws-interactive.d.ts +82 -0
package/dist/page/ws-interactive.js +318 -0
package/dist/plugin/cli.d.ts +45 -0
package/dist/plugin/cli.js +496 -0
package/dist/plugin/command-registry.d.ts +9 -0
package/dist/plugin/command-registry.js +23 -0
package/dist/plugin/depgraph.d.ts +37 -0
package/dist/plugin/depgraph.js +186 -0
package/dist/plugin/manifest.d.ts +182 -0
package/dist/plugin/manifest.js +219 -0
package/dist/plugin/package-manager.d.ts +22 -0
package/dist/plugin/package-manager.js +40 -0
package/dist/plugin/resolver.d.ts +85 -0
package/dist/plugin/resolver.js +166 -0
package/dist/plugin/runtime.d.ts +77 -0
package/dist/plugin/runtime.js +402 -0
package/dist/plugin/types.d.ts +113 -0
package/dist/plugin/types.js +4 -0
package/dist/policy/confirm.d.ts +76 -0
package/dist/policy/confirm.js +162 -0
package/dist/policy/origin.d.ts +17 -0
package/dist/policy/origin.js +79 -0
package/dist/sdk/client.d.ts +21 -0
package/dist/sdk/client.js +174 -0
package/dist/sdk/index.d.ts +32 -0
package/dist/sdk/index.js +61 -0
package/dist/sdk/plugin-types.d.ts +33 -0
package/dist/sdk/plugin-types.js +22 -0
package/dist/sdk/registry.d.ts +17 -0
package/dist/sdk/registry.js +94 -0
package/dist/sdk/socket-transport.d.ts +20 -0
package/dist/sdk/socket-transport.js +90 -0
package/dist/sdk/tool-types.d.ts +634 -0
package/dist/sdk/tool-types.js +28 -0
package/dist/sdk/transport-in-process.d.ts +21 -0
package/dist/sdk/transport-in-process.js +44 -0
package/dist/sdk/transport-registry.d.ts +19 -0
package/dist/sdk/transport-registry.js +31 -0
package/dist/sdk/transport-socket.d.ts +12 -0
package/dist/sdk/transport-socket.js +77 -0
package/dist/sdk/transport-stdio-child.d.ts +10 -0
package/dist/sdk/transport-stdio-child.js +47 -0
package/dist/sdk/transport.d.ts +10 -0
package/dist/sdk/transport.js +35 -0
package/dist/sdk/types.d.ts +176 -0
package/dist/sdk/types.js +10 -0
package/dist/server.d.ts +33 -0
package/dist/server.js +327 -0
package/dist/session/artifacts.d.ts +52 -0
package/dist/session/artifacts.js +177 -0
package/dist/session/byob-attach.d.ts +26 -0
package/dist/session/byob-attach.js +187 -0
package/dist/session/byob.d.ts +8 -0
package/dist/session/byob.js +20 -0
package/dist/session/cache-storage.d.ts +100 -0
package/dist/session/cache-storage.js +166 -0
package/dist/session/device-emu.d.ts +149 -0
package/dist/session/device-emu.js +545 -0
package/dist/session/device.d.ts +14 -0
package/dist/session/device.js +44 -0
package/dist/session/dialog.d.ts +62 -0
package/dist/session/dialog.js +164 -0
package/dist/session/emulation.d.ts +69 -0
package/dist/session/emulation.js +168 -0
package/dist/session/extensions.d.ts +113 -0
package/dist/session/extensions.js +237 -0
package/dist/session/fs-picker.d.ts +144 -0
package/dist/session/fs-picker.js +666 -0
package/dist/session/idb-storage.d.ts +86 -0
package/dist/session/idb-storage.js +229 -0
package/dist/session/incognito.d.ts +3 -0
package/dist/session/incognito.js +20 -0
package/dist/session/launch-options.d.ts +41 -0
package/dist/session/launch-options.js +200 -0
package/dist/session/managed.d.ts +3 -0
package/dist/session/managed.js +16 -0
package/dist/session/metrics.d.ts +45 -0
package/dist/session/metrics.js +75 -0
package/dist/session/notification.d.ts +122 -0
package/dist/session/notification.js +426 -0
package/dist/session/permission.d.ts +144 -0
package/dist/session/permission.js +600 -0
package/dist/session/playwright-post-wire.d.ts +8 -0
package/dist/session/playwright-post-wire.js +148 -0
package/dist/session/policy-buffer.d.ts +21 -0
package/dist/session/policy-buffer.js +47 -0
package/dist/session/profile-snapshot.d.ts +11 -0
package/dist/session/profile-snapshot.js +53 -0
package/dist/session/registry.d.ts +365 -0
package/dist/session/registry.js +98 -0
package/dist/session/safari-post-wire.d.ts +8 -0
package/dist/session/safari-post-wire.js +28 -0
package/dist/session/safari-session.d.ts +10 -0
package/dist/session/safari-session.js +39 -0
package/dist/session/storage.d.ts +148 -0
package/dist/session/storage.js +350 -0
package/dist/session/types.d.ts +113 -0
package/dist/session/types.js +5 -0
package/dist/session/wedge.d.ts +15 -0
package/dist/session/wedge.js +41 -0
package/dist/tools/action-core-tools.d.ts +13 -0
package/dist/tools/action-core-tools.js +156 -0
package/dist/tools/action-form-tools.d.ts +12 -0
package/dist/tools/action-form-tools.js +179 -0
package/dist/tools/action-gesture-tools.d.ts +9 -0
package/dist/tools/action-gesture-tools.js +115 -0
package/dist/tools/action-history-tools.d.ts +8 -0
package/dist/tools/action-history-tools.js +67 -0
package/dist/tools/action-tool.d.ts +42 -0
package/dist/tools/action-tool.js +58 -0
package/dist/tools/action-tools.d.ts +20 -0
package/dist/tools/action-tools.js +28 -0
package/dist/tools/batch-act-tools.d.ts +10 -0
package/dist/tools/batch-act-tools.js +276 -0
package/dist/tools/batch-human-tools.d.ts +8 -0
package/dist/tools/batch-human-tools.js +148 -0
package/dist/tools/canvas-tools.d.ts +40 -0
package/dist/tools/canvas-tools.js +368 -0
package/dist/tools/capture-report-diagnostics-tools.d.ts +7 -0
package/dist/tools/capture-report-diagnostics-tools.js +318 -0
package/dist/tools/capture-report-element-export-tools.d.ts +8 -0
package/dist/tools/capture-report-element-export-tools.js +197 -0
package/dist/tools/capture-report-export-tools.d.ts +8 -0
package/dist/tools/capture-report-export-tools.js +246 -0
package/dist/tools/capture-report-marks-tools.d.ts +9 -0
package/dist/tools/capture-report-marks-tools.js +221 -0
package/dist/tools/capture-report-upload-tools.d.ts +8 -0
package/dist/tools/capture-report-upload-tools.js +277 -0
package/dist/tools/config-approval-tools.d.ts +8 -0
package/dist/tools/config-approval-tools.js +166 -0
package/dist/tools/deep-coverage-tools.d.ts +8 -0
package/dist/tools/deep-coverage-tools.js +325 -0
package/dist/tools/deep-determinism-tools.d.ts +8 -0
package/dist/tools/deep-determinism-tools.js +276 -0
package/dist/tools/deep-perf-tools.d.ts +19 -0
package/dist/tools/deep-perf-tools.js +324 -0
package/dist/tools/device-emulation-tools.d.ts +9 -0
package/dist/tools/device-emulation-tools.js +137 -0
package/dist/tools/extensions-batch-tools.d.ts +18 -0
package/dist/tools/extensions-batch-tools.js +24 -0
package/dist/tools/extensions-rebuild.d.ts +22 -0
package/dist/tools/extensions-rebuild.js +208 -0
package/dist/tools/extensions-tools.d.ts +2 -0
package/dist/tools/extensions-tools.js +331 -0
package/dist/tools/forms-fill-tools.d.ts +8 -0
package/dist/tools/forms-fill-tools.js +109 -0
package/dist/tools/forms-plan-tools.d.ts +7 -0
package/dist/tools/forms-plan-tools.js +159 -0
package/dist/tools/forms-recording-mode-tools.d.ts +8 -0
package/dist/tools/forms-recording-mode-tools.js +71 -0
package/dist/tools/forms-recording-tools.d.ts +14 -0
package/dist/tools/forms-recording-tools.js +22 -0
package/dist/tools/forms-refs-tools.d.ts +8 -0
package/dist/tools/forms-refs-tools.js +90 -0
package/dist/tools/gesture-coord-tools.d.ts +8 -0
package/dist/tools/gesture-coord-tools.js +168 -0
package/dist/tools/gesture-emulation-tools.d.ts +8 -0
package/dist/tools/gesture-emulation-tools.js +135 -0
package/dist/tools/gesture-network-tools.d.ts +17 -0
package/dist/tools/gesture-network-tools.js +27 -0
package/dist/tools/gesture-route-tools.d.ts +8 -0
package/dist/tools/gesture-route-tools.js +142 -0
package/dist/tools/gesture-websocket-tools.d.ts +8 -0
package/dist/tools/gesture-websocket-tools.js +122 -0
package/dist/tools/gesture-worker-tools.d.ts +9 -0
package/dist/tools/gesture-worker-tools.js +200 -0
package/dist/tools/host-build.d.ts +76 -0
package/dist/tools/host-build.js +516 -0
package/dist/tools/host.d.ts +287 -0
package/dist/tools/host.js +1 -0
package/dist/tools/input-tools.d.ts +10 -0
package/dist/tools/input-tools.js +176 -0
package/dist/tools/live-emulation-tools.d.ts +9 -0
package/dist/tools/live-emulation-tools.js +353 -0
package/dist/tools/plugin-runtime.d.ts +36 -0
package/dist/tools/plugin-runtime.js +274 -0
package/dist/tools/read-observe-buffer-tools.d.ts +9 -0
package/dist/tools/read-observe-buffer-tools.js +385 -0
package/dist/tools/read-observe-capture-tools.d.ts +12 -0
package/dist/tools/read-observe-capture-tools.js +376 -0
package/dist/tools/read-observe-dom-tools.d.ts +8 -0
package/dist/tools/read-observe-dom-tools.js +308 -0
package/dist/tools/read-observe-extract-tools.d.ts +8 -0
package/dist/tools/read-observe-extract-tools.js +232 -0
package/dist/tools/read-observe-verify-tools.d.ts +8 -0
package/dist/tools/read-observe-verify-tools.js +316 -0
package/dist/tools/schemas.d.ts +29 -0
package/dist/tools/schemas.js +58 -0
package/dist/tools/secrets-captcha-tools.d.ts +9 -0
package/dist/tools/secrets-captcha-tools.js +231 -0
package/dist/tools/session-dialog-permission-tools.d.ts +9 -0
package/dist/tools/session-dialog-permission-tools.js +287 -0
package/dist/tools/session-lifecycle-tools.d.ts +8 -0
package/dist/tools/session-lifecycle-tools.js +314 -0
package/dist/tools/session-notification-device-tools.d.ts +9 -0
package/dist/tools/session-notification-device-tools.js +156 -0
package/dist/tools/session-policy-tools.d.ts +16 -0
package/dist/tools/session-policy-tools.js +22 -0
package/dist/tools/session-registry.d.ts +28 -0
package/dist/tools/session-registry.js +427 -0
package/dist/tools/storage-artifact-har-video-tools.d.ts +8 -0
package/dist/tools/storage-artifact-har-video-tools.js +311 -0
package/dist/tools/storage-cache-idb-tools.d.ts +8 -0
package/dist/tools/storage-cache-idb-tools.js +347 -0
package/dist/tools/storage-state-cookies-tools.d.ts +8 -0
package/dist/tools/storage-state-cookies-tools.js +223 -0
package/dist/tools/storage-tools.d.ts +17 -0
package/dist/tools/storage-tools.js +25 -0
package/dist/tools/storage-web-auth-tools.d.ts +10 -0
package/dist/tools/storage-web-auth-tools.js +230 -0
package/dist/tools/tool-metadata.d.ts +8 -0
package/dist/tools/tool-metadata.js +185 -0
package/dist/util/batch.d.ts +83 -0
package/dist/util/batch.js +191 -0
package/dist/util/capabilities.d.ts +504 -0
package/dist/util/capabilities.js +254 -0
package/dist/util/config-store.d.ts +103 -0
package/dist/util/config-store.js +206 -0
package/dist/util/config.d.ts +11 -0
package/dist/util/config.js +28 -0
package/dist/util/credentials.d.ts +136 -0
package/dist/util/credentials.js +622 -0
package/dist/util/deadline.d.ts +22 -0
package/dist/util/deadline.js +62 -0
package/dist/util/diagnostics.d.ts +161 -0
package/dist/util/diagnostics.js +579 -0
package/dist/util/egress-sanitiser.d.ts +29 -0
package/dist/util/egress-sanitiser.js +52 -0
package/dist/util/failure.d.ts +8 -0
package/dist/util/failure.js +50 -0
package/dist/util/flake-check.d.ts +109 -0
package/dist/util/flake-check.js +342 -0
package/dist/util/invariant.d.ts +25 -0
package/dist/util/invariant.js +66 -0
package/dist/util/logging.d.ts +6 -0
package/dist/util/logging.js +12 -0
package/dist/util/predicates.d.ts +62 -0
package/dist/util/predicates.js +340 -0
package/dist/util/secrets.d.ts +104 -0
package/dist/util/secrets.js +219 -0
package/dist/util/tokens.d.ts +6 -0
package/dist/util/tokens.js +24 -0
package/dist/util/url-sanitizer.d.ts +19 -0
package/dist/util/url-sanitizer.js +70 -0
package/dist/util/version.d.ts +2 -0
package/dist/util/version.js +21 -0
package/dist/util/workspace.d.ts +7 -0
package/dist/util/workspace.js +22 -0
package/package.json +120 -0

package/dist/session/permission.js ADDED Viewed

@@ -0,0 +1,600 @@
+// Per-session permission policy. Sibling of `dialog_policy`. Plugs the
+// runtime-permission blind spot: camera / microphone / geolocation / clipboard /
+// notification (and the long tail of sensor permissions) requests fire from the
+// page asynchronously; without a server-side interceptor the request either
+// silently sits forever (default Chromium policy in headless: "denied" via no
+// user-gesture infobar) or — worse — pre-grants from `grant_permissions` change
+// app behavior silently. This module wires a four-mode policy mirroring
+// `dialog_policy`'s posture:
+//
+//   - "allow"     — pre-grant via CDP `Browser.setPermission`; in-page wrappers
+//                   call through. The app sees a granted permission.
+//   - "deny"      — pre-deny via CDP; in-page wrappers reject with the standard
+//                   `NotAllowedError`. The app sees a denied permission.
+//   - "raise"     — DEFAULT (deterministic anti-deadlock). Pre-deny via CDP +
+//                   in-page wrappers reject AND RECORD the request as
+//                   `handledAs:"raised"`. The next ActionResult flips `ok:false`
+//                   with a stable hint pointing at `set_permission_policy`.
+//                   Mirrors `dialog_policy`'s `raise` — the page never blocks,
+//                   but a permission request never silently changes app state
+//                   under an unaware caller either.
+//   - "ask-human" — server records the request, blocks on
+//                   `bridge.awaitSignal("respond")` (the `await_human({kind:
+//                   "confirm"})` mechanism), then calls through or rejects per
+//                   the human's answer.
+//
+// Per-permission override map. The top-level `mode` is the default; the
+// per-permission map (`perPermission: { camera: "allow", … }`) overrides it for
+// a specific permission name. Mirrors how Playwright's permission set is
+// per-name. The `current(name)` accessor handles the fallback chain.
+//
+// Per-action capture. Every page-side request is appended to a buffer with a
+// timestamp. `since(ts)` slices for the action window — same pattern as
+// `dialog_policy`'s buffer; the `raisedSince(ts)` flag drives the
+// ok:false flip.
+//
+// Why two layers (CDP setPermission + init-script wrappers) ?
+//   - CDP `Browser.setPermission` controls the *state* the browser reports
+//     (granted / denied) — `navigator.permissions.query({name:"camera"})`
+//     reads this state without ever invoking our wrappers; without setting it
+//     we get the wrong reading. But CDP can't record *when* the page asked.
+//   - Init-script wrappers around `getUserMedia`, `getCurrentPosition`,
+//     etc. capture the request moment for `permissionRequests[]` AND let
+//     `ask-human` block until the human responds (CDP setPermission has no
+//     await-human integration).
+//   - For `allow` the wrapper calls through (CDP already granted); for
+//     `deny`/`raise` it throws (CDP denial backstops it if the wrapper is
+//     somehow bypassed); for `ask-human` it consults the server, which blocks
+//     until the human answers and then returns allow/deny.
+import { log } from "../util/logging.js";
+import { PolicyRecordBuffer } from "./policy-buffer.js";
+/** Canonical name set for v1. Aligned with Playwright/Chromium permission names.
+ *  USB/Bluetooth/HID are deliberately NOT in v1 ('s `device-emulation`).
+ *  Re-exported in `permission_state` tool docs + tool-reference.md. */
+export const SUPPORTED_PERMISSIONS = [
+    "camera",
+    "microphone",
+    "geolocation",
+    "notifications",
+    "clipboard-read",
+    "clipboard-write",
+    "midi",
+    "midi-sysex",
+    "payment-handler",
+    "background-sync",
+    "accelerometer",
+    "gyroscope",
+    "magnetometer",
+];
+/** Subset of names CDP `Browser.setPermission` accepts. Maps our canonical
+ *  names to the CDP descriptor names (most are 1:1; midi vs midi-sysex,
+ *  notifications vs background-sync etc. all match CDP's permission enum). */
+const CDP_PERMISSION_NAME = {
+    camera: "videoCapture",
+    microphone: "audioCapture",
+    geolocation: "geolocation",
+    notifications: "notifications",
+    "clipboard-read": "clipboardReadWrite",
+    "clipboard-write": "clipboardSanitizedWrite",
+    midi: "midi",
+    "midi-sysex": "midiSysex",
+    "payment-handler": "paymentHandler",
+    "background-sync": "backgroundSync",
+    accelerometer: "sensors",
+    gyroscope: "sensors",
+    magnetometer: "sensors",
+};
+/** Hint emitted on `ActionResult.failure.hint` when `raise` mode fired.
+ *  Stable, agent-facing string — referenced in docs/tool-reference.md. */
+export const UNHANDLED_PERMISSION_HINT = "unhandled permission request — set permissionPolicy (open_session/set_permission_policy) " +
+    'to "allow", "deny", or "ask-human" before driving an action that may trigger one. ' +
+    "The request was rejected page-side (NotAllowedError) so the page is not deadlocked, but " +
+    "the app effect is the deny branch.";
+/** BYOB warning surfaced when policy is set on `attached` sessions. CDP
+ *  `Browser.setPermission` mutates the human's Chrome and is not cleanly
+ *  revertable on detach — same posture class as the BYOB emulation warning. */
+export const BYOB_PERMISSION_WARNING = "BYOB caveat: this permission policy is enforced via CDP `Browser.setPermission` " +
+    "on an attached (not-owned) Chrome. The override PERSISTS on that browser after " +
+    "browxai detaches; the human's Chrome must navigate / restart to fully clear it.";
+/** Mutable per-session state. The page-side check binding reads `current(name)`
+ *  on every request, so a `set_permission_policy` call takes effect on the
+ *  very next request without page reload. */
+export class PermissionPolicyState {
+    policy;
+    /** Bounded record ring (shared `PolicyRecordBuffer` — the hard cap so a chatty
+     *  page can't grow this without bound; the per-action slice is the only
+     *  consumer, older records are noise). */
+    records;
+    /** Contexts we've already installed the init-script + binding on. Idempotent
+     *  install guard — BYOB reconnect / context rebuild MUST not double-wire. */
+    wired = new WeakSet();
+    constructor(initial = { mode: "raise" }, cap = 200) {
+        this.policy = normalise(initial);
+        this.records = new PolicyRecordBuffer(cap);
+    }
+    /** Resolved policy snapshot. */
+    current() {
+        return {
+            mode: this.policy.mode,
+            ...(this.policy.perPermission ? { perPermission: { ...this.policy.perPermission } } : {}),
+        };
+    }
+    /** Effective mode for a single permission — per-permission map wins, else
+     *  top-level. Unknown permissions fall through to top-level (we still want
+     *  a deterministic answer for whatever the page asked for). */
+    modeFor(name) {
+        const override = this.policy.perPermission?.[name];
+        return override ?? this.policy.mode;
+    }
+    set(next) {
+        this.policy = normalise(next);
+        return this.current();
+    }
+    /** Append a request record. Caps the buffer at `cap`. */
+    record(rec) {
+        this.records.record(rec);
+    }
+    /** Slice records with `ts >= since`. Used by the action-window. */
+    since(since) {
+        return this.records.since(since);
+    }
+    /** True if any record in `[since, now]` was handled in `raise` mode.
+     *  When true, the action-window flips the result to `ok:false`. */
+    raisedSince(since) {
+        return this.records.matchedSince(since, (r) => r.handledAs === "raised");
+    }
+    /** Has this context already been wired? Idempotent install guard. */
+    hasContext(c) {
+        return this.wired.has(c);
+    }
+    /** Mark a context as wired. */
+    markContext(c) {
+        this.wired.add(c);
+    }
+}
+/** Idempotent normaliser. Rejects unknown top-level modes; per-permission map
+ *  is validated per-entry (an unknown permission name in the map throws so the
+ *  caller gets a fast error instead of silent fallthrough). */
+function normalise(p) {
+    if (!isPolicyMode(p.mode)) {
+        throw new Error(`permissionPolicy: invalid mode "${String(p.mode)}" — expected "allow" | "deny" | "raise" | "ask-human"`);
+    }
+    if (p.perPermission) {
+        const cleaned = {};
+        for (const [name, mode] of Object.entries(p.perPermission)) {
+            if (!SUPPORTED_PERMISSIONS.includes(name)) {
+                throw new Error(`permissionPolicy.perPermission: unknown permission "${name}" — supported: ${SUPPORTED_PERMISSIONS.join(", ")}`);
+            }
+            if (mode === undefined)
+                continue;
+            if (!isPolicyMode(mode)) {
+                throw new Error(`permissionPolicy.perPermission["${name}"]: invalid mode "${String(mode)}" — expected "allow" | "deny" | "raise" | "ask-human"`);
+            }
+            cleaned[name] = mode;
+        }
+        return { mode: p.mode, perPermission: cleaned };
+    }
+    return { mode: p.mode };
+}
+function isPolicyMode(m) {
+    return m === "allow" || m === "deny" || m === "raise" || m === "ask-human";
+}
+/** Parse the spec's compact string form for the top-level mode, or accept the
+ *  object form. Idempotent. */
+export function parsePermissionPolicyArg(v) {
+    if (!v)
+        return { mode: "raise" };
+    if (typeof v === "object")
+        return normalise(v);
+    if (isPolicyMode(v))
+        return { mode: v };
+    throw new Error(`permissionPolicy: invalid value "${v}" — expected "allow" | "deny" | "raise" | "ask-human"`);
+}
+/** Map a canonical permission name to the CDP `Browser.setPermission`
+ *  descriptor name. */
+export function cdpPermissionName(p) {
+    return CDP_PERMISSION_NAME[p];
+}
+/** Compute the CDP setting (granted/denied) for a permission given the active
+ *  policy. `raise` / `deny` → "denied"; `allow` → "granted"; `ask-human` →
+ *  "prompt" (CDP returns to the page-script wrapper which then asks the human).
+ *
+ *  Kept as a pure function so registry.test.ts can assert the mapping without
+ *  launching Chromium. */
+export function cdpSettingFor(mode) {
+    switch (mode) {
+        case "allow":
+            return "granted";
+        case "ask-human":
+            return "prompt";
+        case "deny":
+        case "raise":
+        default:
+            return "denied";
+    }
+}
+/** Init script that wraps the page-side permission APIs. Stringified so it can
+ *  be passed to `addInitScript` and `page.evaluate`. Keep browser-only JS — no
+ *  TS-only syntax. Re-injected on `framenavigated` (idempotent: guards on
+ *  `window.__browx_permission_installed`).
+ *
+ *  The wrappers consult `window.__browx_permission_check({permission, origin})`
+ *  (an exposeBinding callable from page context) — it returns `"allow" |
+ *  "deny"`. The server's binding implementation records the request + (for
+ *  `ask-human`) blocks on the bridge before answering. */
+export const PERMISSION_PAGE_SCRIPT = `(() => {
+  if (window.__browx_permission_installed) return;
+  window.__browx_permission_installed = true;
+  // Detect whether the exposeBinding is available. If not (BYOB multi-attach
+  // clobber, or the binding install failed), the wrappers fall back to
+  // call-through — the CDP setPermission baseline still enforces grant/deny.
+  function check(permission) {
+    try {
+      if (typeof window.__browx_permission_check === "function") {
+        return Promise.resolve(window.__browx_permission_check(JSON.stringify({
+          permission: permission, origin: location.origin,
+        })));
+      }
+    } catch (_) {}
+    return Promise.resolve("allow");
+  }
+  function notAllowed(msg) {
+    var e = new Error(msg || "permission denied by browxai permissionPolicy");
+    try { e.name = "NotAllowedError"; } catch (_) {}
+    return e;
+  }
+  // --- navigator.mediaDevices.getUserMedia (camera + microphone) ---
+  try {
+    var md = navigator.mediaDevices;
+    if (md && typeof md.getUserMedia === "function") {
+      var origGUM = md.getUserMedia.bind(md);
+      md.getUserMedia = function (constraints) {
+        var wantsVideo = !!(constraints && constraints.video);
+        var wantsAudio = !!(constraints && constraints.audio);
+        var perm = wantsVideo ? "camera" : (wantsAudio ? "microphone" : "camera");
+        return check(perm).then(function (decision) {
+          if (decision === "deny") return Promise.reject(notAllowed("Permission denied"));
+          return origGUM(constraints);
+        });
+      };
+    }
+  } catch (_) {}
+  // --- navigator.geolocation (getCurrentPosition + watchPosition) ---
+  // watchPosition is long-lived (the callback may fire many times) — we gate
+  // the *initial* permission check at watch-installation time, then if allowed
+  // pass through to the native API which itself manages the callback stream.
+  try {
+    var geo = navigator.geolocation;
+    if (geo && typeof geo.getCurrentPosition === "function") {
+      var origGet = geo.getCurrentPosition.bind(geo);
+      geo.getCurrentPosition = function (success, error, options) {
+        check("geolocation").then(function (decision) {
+          if (decision === "deny") {
+            if (typeof error === "function") {
+              try { error({ code: 1, message: "User denied geolocation", PERMISSION_DENIED: 1, POSITION_UNAVAILABLE: 2, TIMEOUT: 3 }); } catch (_) {}
+            }
+            return;
+          }
+          try { origGet(success, error, options); } catch (e) {
+            if (typeof error === "function") { try { error(e); } catch (_) {} }
+          }
+        });
+      };
+    }
+    if (geo && typeof geo.watchPosition === "function") {
+      var origWatch = geo.watchPosition.bind(geo);
+      // Return a synthetic watch id when denied so callers calling
+      // clearWatch(id) still see a valid (no-op) integer. Native ids are
+      // small positive integers; we use negatives starting at -1 to avoid
+      // colliding with any in-flight native watch.
+      var synthCounter = 0;
+      geo.watchPosition = function (success, error, options) {
+        var pending = true;
+        var synthId = --synthCounter;
+        check("geolocation").then(function (decision) {
+          pending = false;
+          if (decision === "deny") {
+            if (typeof error === "function") {
+              try { error({ code: 1, message: "User denied geolocation", PERMISSION_DENIED: 1, POSITION_UNAVAILABLE: 2, TIMEOUT: 3 }); } catch (_) {}
+            }
+            return;
+          }
+          // Allowed — install the native watch. We've already returned the
+          // synthetic id to the caller; the native id is held internally and
+          // proxied through clearWatch below.
+          try {
+            var nativeId = origWatch(success, error, options);
+            geo.__browx_watch_map = geo.__browx_watch_map || {};
+            geo.__browx_watch_map[synthId] = nativeId;
+          } catch (e) {
+            if (typeof error === "function") { try { error(e); } catch (_) {} }
+          }
+        });
+        return synthId;
+      };
+      var origClear = typeof geo.clearWatch === "function" ? geo.clearWatch.bind(geo) : null;
+      if (origClear) {
+        geo.clearWatch = function (id) {
+          var map = geo.__browx_watch_map || {};
+          if (id in map) {
+            try { origClear(map[id]); } catch (_) {}
+            delete map[id];
+            return;
+          }
+          try { origClear(id); } catch (_) {}
+        };
+      }
+    }
+  } catch (_) {}
+  // --- Notification.requestPermission ---
+  try {
+    if (typeof Notification !== "undefined" && typeof Notification.requestPermission === "function") {
+      var origReq = Notification.requestPermission.bind(Notification);
+      Notification.requestPermission = function (cb) {
+        return check("notifications").then(function (decision) {
+          var result = decision === "deny" ? "denied" : "granted";
+          if (decision === "deny") {
+            try { Object.defineProperty(Notification, "permission", { get: function () { return "denied"; }, configurable: true }); } catch (_) {}
+            if (typeof cb === "function") { try { cb(result); } catch (_) {} }
+            return result;
+          }
+          // Allowed — delegate to native; the CDP setPermission baseline has
+          // already pre-granted, so the native call resolves immediately.
+          try {
+            var r = origReq(cb);
+            return r && typeof r.then === "function" ? r : Promise.resolve(result);
+          } catch (_) {
+            return result;
+          }
+        });
+      };
+    }
+  } catch (_) {}
+  // --- navigator.clipboard (read / write / readText / writeText) ---
+  try {
+    var clip = navigator.clipboard;
+    if (clip) {
+      var wrap = function (name, perm) {
+        var orig = typeof clip[name] === "function" ? clip[name].bind(clip) : null;
+        if (!orig) return;
+        clip[name] = function () {
+          var args = arguments;
+          return check(perm).then(function (decision) {
+            if (decision === "deny") return Promise.reject(notAllowed("Clipboard " + name + " denied"));
+            return orig.apply(null, args);
+          });
+        };
+      };
+      wrap("read", "clipboard-read");
+      wrap("readText", "clipboard-read");
+      wrap("write", "clipboard-write");
+      wrap("writeText", "clipboard-write");
+    }
+  } catch (_) {}
+  // --- navigator.permissions.query — read-side. Force the wrapper's view of
+  // state through us so a query() honoured a "raise" policy returns "denied"
+  // (matching the wrapper rejection) and a "ask-human" returns "prompt" (the
+  // native query would otherwise see the CDP "prompt" setting and skip our
+  // recording). Falls back to native when the queried name isn't one we govern.
+  try {
+    var permsApi = navigator.permissions;
+    if (permsApi && typeof permsApi.query === "function") {
+      var origQuery = permsApi.query.bind(permsApi);
+      permsApi.query = function (desc) {
+        var name = desc && desc.name;
+        // pass through to native — we don't override the query result, just
+        // record that the page asked, so the next ActionResult shows it. The
+        // native value still reflects the CDP-set state (granted/denied/prompt).
+        if (typeof window.__browx_permission_observe === "function") {
+          try { window.__browx_permission_observe(JSON.stringify({ permission: name, origin: location.origin })); } catch (_) {}
+        }
+        return origQuery(desc);
+      };
+    }
+  } catch (_) {}
+})();`;
+/** Server-side wire-up. Installs:
+ *   - `__browx_permission_check` exposeBinding: synchronous-from-page consult
+ *     that records the request, runs the ask-human handler if the policy is
+ *     `ask-human`, and returns the resolved decision (`"allow"` / `"deny"`).
+ *   - `__browx_permission_observe` exposeBinding: read-side notice that the
+ *     page called `navigator.permissions.query` (no decision returned).
+ *   - The page-side init script (see above), re-injected by Playwright on
+ *     every new document via `addInitScript`.
+ *
+ * Idempotent on the same context (the state's `WeakSet<BrowserContext>` guard).
+ * Errors during install are logged and swallowed — the CDP setPermission baseline
+ * still enforces grant/deny even when the in-page wrappers fail to wire.
+ */
+export async function attachPermissionPolicy(context, state, askHandler) {
+    if (state.hasContext(context))
+        return;
+    state.markContext(context);
+    // exposeBinding — synchronous-from-page from Playwright's perspective:
+    // page-side awaits the Promise the binding returns. Errors thrown here
+    // bubble back to the page as a rejected promise; the wrapper script catches
+    // and falls back to "allow" (CDP backstop still enforces).
+    try {
+        await context.exposeBinding("__browx_permission_check", async (_source, payload) => {
+            try {
+                const o = JSON.parse(payload);
+                const name = o.permission;
+                const origin = o.origin;
+                const cdpName = name && SUPPORTED_PERMISSIONS.includes(name)
+                    ? name
+                    : undefined;
+                if (!cdpName) {
+                    // Unknown permission name — record under "geolocation" sentinel? No:
+                    // just allow through. Anything outside the v1 set is best-effort.
+                    return "allow";
+                }
+                const mode = state.modeFor(cdpName);
+                const ts = Date.now();
+                switch (mode) {
+                    case "allow":
+                        state.record({ permission: cdpName, origin, handledAs: "allowed", ts });
+                        return "allow";
+                    case "deny":
+                        state.record({ permission: cdpName, origin, handledAs: "denied", ts });
+                        return "deny";
+                    case "ask-human": {
+                        const decision = await askHandler(cdpName, origin).catch(() => "deny");
+                        state.record({ permission: cdpName, origin, handledAs: "asked-human", ts });
+                        return decision;
+                    }
+                    case "raise":
+                    default:
+                        state.record({ permission: cdpName, origin, handledAs: "raised", ts });
+                        return "deny";
+                }
+            }
+            catch (err) {
+                log.warn("session.permission: check handler error", {
+                    error: err instanceof Error ? err.message : String(err),
+                });
+                return "allow";
+            }
+        });
+        await context.exposeBinding("__browx_permission_observe", (_source, _payload) => {
+            // Read-side breadcrumb only — no decision, no record (the page calling
+            // permissions.query() is too noisy to record per-call).
+            return undefined;
+        });
+    }
+    catch (err) {
+        log.warn("session.permission: exposeBinding install failed; CDP baseline still enforces", {
+            error: err instanceof Error ? err.message : String(err),
+        });
+    }
+    // Init-script — Playwright re-runs it on every new document, including the
+    // post-`framenavigated` reload of the same page. Idempotent via the
+    // `__browx_permission_installed` guard inside the script.
+    try {
+        await context.addInitScript({ content: PERMISSION_PAGE_SCRIPT });
+        for (const page of context.pages()) {
+            await page.evaluate(PERMISSION_PAGE_SCRIPT).catch(() => undefined);
+        }
+    }
+    catch (err) {
+        log.warn("session.permission: addInitScript failed", {
+            error: err instanceof Error ? err.message : String(err),
+        });
+    }
+}
+/** Apply the policy's baseline by computing the set of permissions that should
+ *  be GRANTED (mode `allow`) and routing them through Playwright's
+ *  `context.grantPermissions`. Permissions in `deny`/`raise`/`ask-human` are
+ *  NOT granted — the in-page wrapper rejects them at request time before the
+ *  native code runs.
+ *
+ *  Why not CDP `Browser.setPermission` directly: the underlying CDP method
+ *  takes a W3C PermissionDescriptor name (e.g. `geolocation`, `camera`) and
+ *  the descriptor schema varies by Chromium build. Playwright's
+ *  `grantPermissions` carries the canonical mapping (see Playwright's
+ *  `webPermissionToProtocol`) and falls back across Chromium versions —
+ *  delegating means we don't have to track the protocol versions ourselves.
+ *
+ *  Note: `clearPermissions` first then `grantPermissions` is the Playwright
+ *  idiom for "REPLACE the granted set" (the underlying CDP call is
+ *  `Browser.resetPermissions` + `Browser.grantPermissions`). Both are
+ *  context-wide on Chromium so the policy applies to every page.
+ *
+ *  Best-effort: errors are logged and don't throw — the in-page wrapper still
+ *  enforces grant/deny even if the baseline application fails. Re-applied on
+ *  `set_permission_policy` and re-attach paths. */
+export async function applyCdpBaseline(context, state) {
+    const allowList = [];
+    for (const name of SUPPORTED_PERMISSIONS) {
+        if (state.modeFor(name) === "allow")
+            allowList.push(name);
+    }
+    try {
+        // Clear first so a previous policy's grants don't leak when the next
+        // policy reduces the allow list.
+        await context.clearPermissions();
+    }
+    catch (err) {
+        log.warn("session.permission: clearPermissions failed", {
+            error: err instanceof Error ? err.message : String(err),
+        });
+    }
+    if (allowList.length === 0)
+        return;
+    try {
+        await context.grantPermissions(allowList);
+    }
+    catch (err) {
+        log.warn("session.permission: grantPermissions failed", {
+            permissions: allowList,
+            error: err instanceof Error ? err.message : String(err),
+        });
+    }
+}
+/** Read-side via the page's native `navigator.permissions.query` (W3C
+ *  Permissions API). Returns `{ [name]: "granted"|"denied"|"prompt"|"unknown" }`.
+ *  Per-permission errors populate the entry with `"unknown"` so the caller
+ *  sees a deterministic shape.
+ *
+ *  Why the Permissions API and not CDP `Browser.getPermissionState`: the CDP
+ *  method's PermissionDescriptor schema varies across Chromium builds and
+ *  several of our supported names (e.g. `clipboard-write` → `clipboardSan…`)
+ *  don't map cleanly. The Permissions API takes the canonical web spec name
+ *  directly and is supported across versions. The state it reports reflects
+ *  whatever the CDP-level baseline set, so it's the right read-side mirror
+ *  for `applyCdpBaseline`.
+ *
+ *  Note: the in-page wrapper script is a no-op for query() (passes through);
+ *  it doesn't override the resulting state, so this read is the canonical
+ *  browser-reported state, not a wrapper-side guess. */
+export async function readPermissionStates(context, page, names, origin) {
+    const out = {};
+    // origin parameter: for now we only support querying the current page's
+    // origin (Permissions API has no cross-origin query). When origin is set
+    // but doesn't match the page, return unknown for the whole set — the
+    // caller can navigate / open a new tab if they need cross-origin state.
+    if (origin) {
+        try {
+            const pageOrigin = new URL(page.url()).origin;
+            if (pageOrigin !== origin) {
+                for (const n of names)
+                    out[n] = "unknown";
+                return out;
+            }
+        }
+        catch {
+            for (const n of names)
+                out[n] = "unknown";
+            return out;
+        }
+    }
+    void context; // signature-compat: takes context so a future cross-origin
+    // CDP path can adopt it without breaking callers.
+    for (const n of names) {
+        try {
+            const state = await page
+                .evaluate(async (perm) => {
+                try {
+                    const perms = globalThis.navigator?.permissions;
+                    if (!perms?.query)
+                        return "unknown";
+                    const res = await perms.query({ name: perm });
+                    return res.state;
+                }
+                catch {
+                    return "unknown";
+                }
+            }, n)
+                .catch(() => "unknown");
+            out[n] = state === "granted" || state === "denied" || state === "prompt" ? state : "unknown";
+        }
+        catch {
+            out[n] = "unknown";
+        }
+    }
+    return out;
+}

package/dist/session/playwright-post-wire.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import type { SessionEntry } from "./registry.js";
+import type { PostWireDeps } from "../engine/registry.js";
+/** Attach the full Playwright post-creation bookkeeping to a freshly-built
+ *  SessionEntry, using the per-server `deps` (caps / configStore / workspace) the
+ *  composition root threads in. Returns the promise the session factory awaits, so
+ *  every context attach completes before the session is handed to a tool call —
+ *  byte-identical to the pre-relocation inline awaits. */
+export declare function playwrightPostWire(entry: SessionEntry, deps: PostWireDeps): Promise<void>;