capgate 0.0.1

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Raju K.C
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,167 @@
+# capgate
+
+**Compile MCP tool manifests into sandbox policies.**
+
+`capgate` is a pure TypeScript library that reads [Model Context Protocol](https://modelcontextprotocol.io) server manifests and emits concrete sandbox policies — bubblewrap argv, egress allowlist rules, environment injection lists, and declared-but-unenforced assertions — suitable for consumption by a host runtime.
+
+It is a compiler, not a runtime. It does not execute tools, resolve secrets, or speak MCP on the wire.
+
+```
+manifest (JSON) → Capability[] (parsed) → NormalizedPolicy (merged) → adapter output
+```
+
+Status: **v0.0.1 — design partner preview.** The grammar, IR, and bwrap adapter are implemented and golden-tested. APIs may change before v0.1.
+
+---
+
+## Install
+
+```bash
+npm install capgate
+```
+
+Requires Node.js ≥ 18.
+
+## Quick example
+
+```ts
+import { compile, lowerToBwrap } from 'capgate';
+
+const manifest = {
+  name: 'filesystem',
+  version: '0.6.2',
+  tools: [
+    {
+      name: 'read_file',
+      description: 'Read a file from the workspace.',
+      inputSchema: { type: 'object' },
+      capabilities: ['fs:read:/workspace/**'],
+    },
+    {
+      name: 'write_file',
+      description: 'Write a file to the workspace.',
+      inputSchema: { type: 'object' },
+      capabilities: ['fs:read,write,create:/workspace/**'],
+    },
+  ],
+};
+
+const policy = compile(manifest);
+const artifact = lowerToBwrap(policy);
+
+// artifact.argv   — ready for execFile("bwrap", argv)
+// artifact.egress — host egress proxy rules (empty here)
+// artifact.notes  — audit-friendly diagnostics
+```
+
+See [`tests/fixtures/policy/`](tests/fixtures/policy) for worked examples covering filesystem, fetch, and puppeteer manifests.
+
+### CLI
+
+```bash
+capgate compile manifest.json --target bwrap --pretty
+cat manifest.json | capgate compile - --target bwrap
+```
+
+Exits non-zero on parse errors (3), unknown arguments (2), or `CompilationError` (4). See `capgate --help`.
+
+---
+
+## Why this exists
+
+MCP tool manifests declare *what* a tool does; they do not declare *what host resources it needs*. Today every runtime either trusts servers fully (Claude Desktop, most wrappers) or wraps them in a one-size-fits-all container (AIO Sandbox, E2B). Neither approach lets a security policy be *derived from the manifest*. capgate closes that gap: a pure function from `ServerManifest` to adapter-specific policies.
+
+## Scope for v0.1
+
+**In scope:**
+- Capability grammar covering `fs`, `net`, `exec`, `env`, `ipc`, `clock`, `assert`.
+- Lowering to three targets: `bwrap` (Linux namespace sandbox), egress-proxy rules (net allowlist), Worker `resourceLimits` (in-process JS isolation).
+- Golden-file tests from real MCP server manifests.
+
+**Out of scope (deferred):**
+- Firecracker / microVM adapter — needed for production but not for proving the abstraction.
+- E2B / Daytona / Blaxel adapters — API stability varies; wait for a design partner.
+- seccomp-bpf syscall filters — requires a separate IR; out of the capability model.
+- MCP client/server implementation — this library consumes manifests, it does not speak MCP on the wire.
+
+## Capability grammar
+
+Capabilities are strings of the form `<kind>:<actions>:<scope>[?refinement=value&...]`.
+
+```
+fs:read,write:/workspace/**
+fs:read:/usr/share/zoneinfo
+net:connect:api.github.com:443
+net:connect:*                         # any host, any port; implicit blockPrivate=true
+exec:spawn:git
+exec:spawn:chromium?nestedSandbox=true
+env:inject:GITHUB_PAT
+ipc:connect:x11
+clock:tzdata
+assert:postgres.read_only_txn:"all queries run in READ ONLY TRANSACTION"
+```
+
+The grammar rejects ambiguity (relative paths, bad ports, non-UPPER_SNAKE env vars) at parse time — fail-closed, always.
+
+## Design notes
+
+### Why capabilities are typed and discriminated
+
+Early drafts used `{ resource: string; actions: string[]; scope: object }`. That failed the go/no-go test: every adapter had to re-parse `resource` to know what kind of capability it was looking at. The current discriminated union (`kind: 'fs' | 'net' | ...`) makes adapter code a flat switch; no string parsing past the grammar layer.
+
+### Why enforceable vs declared
+
+The go/no-go exercise revealed two capabilities that cannot be enforced at the sandbox layer: `fetch`'s RFC1918 block (sandbox can only toggle net on/off) and `postgres`'s read-only transaction guarantee (lives inside the MCP server). Silently dropping them would be a security lie. Promoting them to a first-class `assert:` capability keeps them in the audit trail: adapters emit them as metadata, the host is expected to verify them out-of-band, and the compiler fails compilation if an assertion is unrecognized by any configured validator (deferred to v0.2).
+
+### Why the grammar is string-based
+
+JSON-object capabilities are verbose and bury the kind under keys. The string form `fs:read,write:/workspace/**` is one line in a manifest, greps cleanly, and round-trips losslessly through the grammar.
+
+### Why `nestedSandbox` is a refinement, not a kind
+
+Chromium carries its own sandbox that fights namespace isolation. Every production sandbox tool has a special case for this. Rather than a new capability kind, `nestedSandbox=true` is a refinement on an existing `exec:` capability — the adapter sees it during lowering and emits a different bwrap profile (user/pid/ipc namespaces kept for inner-sandbox compatibility). The IR stays small; the edge case is explicit and documented.
+
+## Non-goals that matter
+
+- **The compiler does not decide trust.** Capability declarations come from the manifest; the compiler does not infer them from tool descriptions. Inference belongs in a separate auditing tool. A manifest that under-declares is a bug in the manifest.
+- **The compiler does not execute.** It emits policy artifacts. Running bwrap, wiring proxies, and spawning Workers is the host's job.
+- **The compiler does not resolve secrets.** `env:inject:GITHUB_PAT` carries the name only. A secret store resolves the value at runtime, outside this library.
+
+## Failure modes
+
+- Unknown capability kind → `CompilationError('CAP_UNKNOWN_KIND')`.
+- Capability a configured adapter cannot lower → `CompilationError('ADAPTER_UNSUPPORTED')` *(impl. pending)*.
+- Manifest missing required fields → `CompilationError('MANIFEST_SHAPE')`.
+
+All compilation errors are fatal. There is no warning mode.
+
+## Validation
+
+Before committing to the capability-grammar abstraction, we ran a [go/no-go exercise](tests/fixtures/policy/GO_NO_GO.md) against 10 real MCP servers. 9/10 lowered mechanically to bwrap; 1 (puppeteer) surfaced the need for a `nestedSandbox` refinement; 2 (fetch, postgres) motivated the first-class `assert:` capability kind. That inventory is durable and names each server, its source, and the capability string set that should lower to it.
+
+## Test strategy
+
+Golden files. One fixture manifest → one expected policy per adapter. Every PR that changes grammar, IR, or an adapter must update the golden files in the same commit. Reviewers read the diff. This is the primary correctness mechanism; unit tests on the grammar are secondary.
+
+```bash
+npm test                      # run all tests
+npm run test:update-goldens   # regenerate golden files after intentional changes
+```
+
+## Open questions before v0.1
+
+1. **Egress proxy choice.** mitmproxy (great DX, slow, not prod-grade) vs nftables (hard to author, prod-grade, Linux-only) vs Envoy (prod-grade, ops-heavy). Current plan: ship a thin YAML spec the compiler emits, plus one reference binding to mitmproxy for dev. Let ops pick their own enforcement.
+2. **Path glob semantics.** bwrap binds directories, not globs. A `fs:read:/workspace/**` capability lowers to `--ro-bind /workspace /workspace`, which is a *superset* of the declared scope. Runtime enforcement of globs is an MCP-server concern.
+3. **Server-level vs tool-level capabilities.** v0.0 unions them. Finer-grained per-tool sandboxing (one sandbox per invocation) is possible but expensive — deferred until a user asks for it.
+
+## Contributing
+
+Design-partner stage. If you run MCP servers in production and have feedback on the grammar or adapter output, please open a [discussion](https://github.com/razukc/capgate/discussions) or file an issue with a concrete manifest and your expected output. See [CONTRIBUTING.md](CONTRIBUTING.md) for what's most useful right now.
+
+## Security
+
+capgate compiles declarations into sandbox policies downstream hosts trust — bugs here can silently over-grant. Please report privately per [SECURITY.md](SECURITY.md).
+
+## License
+
+MIT — see [LICENSE](LICENSE).

package/dist/.tsbuildinfo

@@ -0,0 +1 @@
+{"fileNames":["../node_modules/typescript/lib/lib.es5.d.ts","../node_modules/typescript/lib/lib.es2015.d.ts","../node_modules/typescript/lib/lib.es2016.d.ts","../node_modules/typescript/lib/lib.es2017.d.ts","../node_modules/typescript/lib/lib.es2018.d.ts","../node_modules/typescript/lib/lib.es2019.d.ts","../node_modules/typescript/lib/lib.es2020.d.ts","../node_modules/typescript/lib/lib.es2021.d.ts","../node_modules/typescript/lib/lib.es2022.d.ts","../node_modules/typescript/lib/lib.es2015.core.d.ts","../node_modules/typescript/lib/lib.es2015.collection.d.ts","../node_modules/typescript/lib/lib.es2015.generator.d.ts","../node_modules/typescript/lib/lib.es2015.iterable.d.ts","../node_modules/typescript/lib/lib.es2015.promise.d.ts","../node_modules/typescript/lib/lib.es2015.proxy.d.ts","../node_modules/typescript/lib/lib.es2015.reflect.d.ts","../node_modules/typescript/lib/lib.es2015.symbol.d.ts","../node_modules/typescript/lib/lib.es2015.symbol.wellknown.d.ts","../node_modules/typescript/lib/lib.es2016.array.include.d.ts","../node_modules/typescript/lib/lib.es2016.intl.d.ts","../node_modules/typescript/lib/lib.es2017.arraybuffer.d.ts","../node_modules/typescript/lib/lib.es2017.date.d.ts","../node_modules/typescript/lib/lib.es2017.object.d.ts","../node_modules/typescript/lib/lib.es2017.sharedmemory.d.ts","../node_modules/typescript/lib/lib.es2017.string.d.ts","../node_modules/typescript/lib/lib.es2017.intl.d.ts","../node_modules/typescript/lib/lib.es2017.typedarrays.d.ts","../node_modules/typescript/lib/lib.es2018.asyncgenerator.d.ts","../node_modules/typescript/lib/lib.es2018.asynciterable.d.ts","../node_modules/typescript/lib/lib.es2018.intl.d.ts","../node_modules/typescript/lib/lib.es2018.promise.d.ts","../node_modules/typescript/lib/lib.es2018.regexp.d.ts","../node_modules/typescript/lib/lib.es2019.array.d.ts","../node_modules/typescript/lib/lib.es2019.object.d.ts","../node_modules/typescript/lib/lib.es2019.string.d.ts","../node_modules/typescript/lib/lib.es2019.symbol.d.ts","../node_modules/typescript/lib/lib.es2019.intl.d.ts","../node_modules/typescript/lib/lib.es2020.bigint.d.ts","../node_modules/typescript/lib/lib.es2020.date.d.ts","../node_modules/typescript/lib/lib.es2020.promise.d.ts","../node_modules/typescript/lib/lib.es2020.sharedmemory.d.ts","../node_modules/typescript/lib/lib.es2020.string.d.ts","../node_modules/typescript/lib/lib.es2020.symbol.wellknown.d.ts","../node_modules/typescript/lib/lib.es2020.intl.d.ts","../node_modules/typescript/lib/lib.es2020.number.d.ts","../node_modules/typescript/lib/lib.es2021.promise.d.ts","../node_modules/typescript/lib/lib.es2021.string.d.ts","../node_modules/typescript/lib/lib.es2021.weakref.d.ts","../node_modules/typescript/lib/lib.es2021.intl.d.ts","../node_modules/typescript/lib/lib.es2022.array.d.ts","../node_modules/typescript/lib/lib.es2022.error.d.ts","../node_modules/typescript/lib/lib.es2022.intl.d.ts","../node_modules/typescript/lib/lib.es2022.object.d.ts","../node_modules/typescript/lib/lib.es2022.string.d.ts","../node_modules/typescript/lib/lib.es2022.regexp.d.ts","../node_modules/typescript/lib/lib.decorators.d.ts","../node_modules/typescript/lib/lib.decorators.legacy.d.ts","../src/policy/ir.ts","../src/policy/grammar.ts","../src/policy/compiler.ts","../src/policy/adapters/bwrap.ts","../src/policy/index.ts","../src/cli.ts","../src/index.ts","../node_modules/@types/deep-eql/index.d.ts","../node_modules/assertion-error/index.d.ts","../node_modules/@types/chai/index.d.ts","../node_modules/@types/estree/index.d.ts","../node_modules/@types/node/compatibility/disposable.d.ts","../node_modules/@types/node/compatibility/indexable.d.ts","../node_modules/@types/node/compatibility/iterators.d.ts","../node_modules/@types/node/compatibility/index.d.ts","../node_modules/@types/node/globals.typedarray.d.ts","../node_modules/@types/node/buffer.buffer.d.ts","../node_modules/@types/node/globals.d.ts","../node_modules/@types/node/web-globals/abortcontroller.d.ts","../node_modules/@types/node/web-globals/domexception.d.ts","../node_modules/@types/node/web-globals/events.d.ts","../node_modules/undici-types/header.d.ts","../node_modules/undici-types/readable.d.ts","../node_modules/undici-types/file.d.ts","../node_modules/undici-types/fetch.d.ts","../node_modules/undici-types/formdata.d.ts","../node_modules/undici-types/connector.d.ts","../node_modules/undici-types/client.d.ts","../node_modules/undici-types/errors.d.ts","../node_modules/undici-types/dispatcher.d.ts","../node_modules/undici-types/global-dispatcher.d.ts","../node_modules/undici-types/global-origin.d.ts","../node_modules/undici-types/pool-stats.d.ts","../node_modules/undici-types/pool.d.ts","../node_modules/undici-types/handlers.d.ts","../node_modules/undici-types/balanced-pool.d.ts","../node_modules/undici-types/agent.d.ts","../node_modules/undici-types/mock-interceptor.d.ts","../node_modules/undici-types/mock-agent.d.ts","../node_modules/undici-types/mock-client.d.ts","../node_modules/undici-types/mock-pool.d.ts","../node_modules/undici-types/mock-errors.d.ts","../node_modules/undici-types/proxy-agent.d.ts","../node_modules/undici-types/env-http-proxy-agent.d.ts","../node_modules/undici-types/retry-handler.d.ts","../node_modules/undici-types/retry-agent.d.ts","../node_modules/undici-types/api.d.ts","../node_modules/undici-types/interceptors.d.ts","../node_modules/undici-types/util.d.ts","../node_modules/undici-types/cookies.d.ts","../node_modules/undici-types/patch.d.ts","../node_modules/undici-types/websocket.d.ts","../node_modules/undici-types/eventsource.d.ts","../node_modules/undici-types/filereader.d.ts","../node_modules/undici-types/diagnostics-channel.d.ts","../node_modules/undici-types/content-type.d.ts","../node_modules/undici-types/cache.d.ts","../node_modules/undici-types/index.d.ts","../node_modules/@types/node/web-globals/fetch.d.ts","../node_modules/@types/node/assert.d.ts","../node_modules/@types/node/assert/strict.d.ts","../node_modules/@types/node/async_hooks.d.ts","../node_modules/@types/node/buffer.d.ts","../node_modules/@types/node/child_process.d.ts","../node_modules/@types/node/cluster.d.ts","../node_modules/@types/node/console.d.ts","../node_modules/@types/node/constants.d.ts","../node_modules/@types/node/crypto.d.ts","../node_modules/@types/node/dgram.d.ts","../node_modules/@types/node/diagnostics_channel.d.ts","../node_modules/@types/node/dns.d.ts","../node_modules/@types/node/dns/promises.d.ts","../node_modules/@types/node/domain.d.ts","../node_modules/@types/node/events.d.ts","../node_modules/@types/node/fs.d.ts","../node_modules/@types/node/fs/promises.d.ts","../node_modules/@types/node/http.d.ts","../node_modules/@types/node/http2.d.ts","../node_modules/@types/node/https.d.ts","../node_modules/@types/node/inspector.generated.d.ts","../node_modules/@types/node/module.d.ts","../node_modules/@types/node/net.d.ts","../node_modules/@types/node/os.d.ts","../node_modules/@types/node/path.d.ts","../node_modules/@types/node/perf_hooks.d.ts","../node_modules/@types/node/process.d.ts","../node_modules/@types/node/punycode.d.ts","../node_modules/@types/node/querystring.d.ts","../node_modules/@types/node/readline.d.ts","../node_modules/@types/node/readline/promises.d.ts","../node_modules/@types/node/repl.d.ts","../node_modules/@types/node/sea.d.ts","../node_modules/@types/node/stream.d.ts","../node_modules/@types/node/stream/promises.d.ts","../node_modules/@types/node/stream/consumers.d.ts","../node_modules/@types/node/stream/web.d.ts","../node_modules/@types/node/string_decoder.d.ts","../node_modules/@types/node/test.d.ts","../node_modules/@types/node/timers.d.ts","../node_modules/@types/node/timers/promises.d.ts","../node_modules/@types/node/tls.d.ts","../node_modules/@types/node/trace_events.d.ts","../node_modules/@types/node/tty.d.ts","../node_modules/@types/node/url.d.ts","../node_modules/@types/node/util.d.ts","../node_modules/@types/node/v8.d.ts","../node_modules/@types/node/vm.d.ts","../node_modules/@types/node/wasi.d.ts","../node_modules/@types/node/worker_threads.d.ts","../node_modules/@types/node/zlib.d.ts","../node_modules/@types/node/index.d.ts"],"fileIdsList":[[65,66,74,120],[74,120],[74,117,120],[74,119,120],[120],[74,120,125,153],[74,120,121,126,131,139,150,161],[74,120,121,122,131,139],[69,70,71,74,120],[74,120,123,162],[74,120,124,125,132,140],[74,120,125,150,158],[74,120,126,128,131,139],[74,119,120,127],[74,120,128,129],[74,120,130,131],[74,119,120,131],[74,120,131,132,133,150,161],[74,120,131,132,133,146,150,153],[74,120,128,131,134,139,150,161],[74,120,131,132,134,135,139,150,158,161],[74,120,134,136,150,158,161],[72,73,74,75,76,77,78,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167],[74,120,131,137],[74,120,138,161,166],[74,120,128,131,139,150],[74,120,140],[74,120,141],[74,119,120,142],[74,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167],[74,120,144],[74,120,145],[74,120,131,146,147],[74,120,146,148,162,164],[74,120,131,150,151,153],[74,120,152,153],[74,120,150,151],[74,120,153],[74,120,154],[74,117,120,150,155],[74,120,131,156,157],[74,120,156,157],[74,120,125,139,150,158],[74,120,159],[74,120,139,160],[74,120,134,145,161],[74,120,125,162],[74,120,150,163],[74,120,138,164],[74,120,165],[74,115,120],[74,115,120,131,133,142,150,153,161,164,166],[74,120,150,167],[74,87,91,120,161],[74,87,120,150,161],[74,82,120],[74,84,87,120,158,161],[74,120,139,158],[74,120,168],[74,82,120,168],[74,84,87,120,139,161],[74,79,80,83,86,120,131,150,161],[74,87,94,120],[74,79,85,120],[74,87,108,109,120],[74,83,87,120,153,161,168],[74,108,120,168],[74,81,82,120,168],[74,87,120],[74,81,82,83,84,85,86,87,88,89,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,109,110,111,112,113,114,120],[74,87,102,120],[74,87,94,95,120],[74,85,87,95,96,120],[74,86,120],[74,79,82,87,120],[74,87,91,95,96,120],[74,91,120],[74,85,87,90,120,161],[74,79,84,87,94,120],[74,120,150],[74,82,87,108,120,166,168],[62,74,120,132],[62,74,120],[58,74,120],[58,59,74,120],[58,59,60,61,74,120]],"fileInfos":[{"version":"c430d44666289dae81f30fa7b2edebf186ecc91a2d4c71266ea6ae76388792e1","affectsGlobalScope":true,"impliedFormat":1},{"version":"45b7ab580deca34ae9729e97c13cfd999df04416a79116c3bfb483804f85ded4","impliedFormat":1},{"version":"3facaf05f0c5fc569c5649dd359892c98a85557e3e0c847964caeb67076f4d75","impliedFormat":1},{"version":"e44bb8bbac7f10ecc786703fe0a6a4b952189f908707980ba8f3c8975a760962","impliedFormat":1},{"version":"5e1c4c362065a6b95ff952c0eab010f04dcd2c3494e813b493ecfd4fcb9fc0d8","impliedFormat":1},{"version":"68d73b4a11549f9c0b7d352d10e91e5dca8faa3322bfb77b661839c42b1ddec7","impliedFormat":1},{"version":"5efce4fc3c29ea84e8928f97adec086e3dc876365e0982cc8479a07954a3efd4","impliedFormat":1},{"version":"feecb1be483ed332fad555aff858affd90a48ab19ba7272ee084704eb7167569","impliedFormat":1},{"version":"ee7bad0c15b58988daa84371e0b89d313b762ab83cb5b31b8a2d1162e8eb41c2","impliedFormat":1},{"version":"c57796738e7f83dbc4b8e65132f11a377649c00dd3eee333f672b8f0a6bea671","affectsGlobalScope":true,"impliedFormat":1},{"version":"dc2df20b1bcdc8c2d34af4926e2c3ab15ffe1160a63e58b7e09833f616efff44","affectsGlobalScope":true,"impliedFormat":1},{"version":"515d0b7b9bea2e31ea4ec968e9edd2c39d3eebf4a2d5cbd04e88639819ae3b71","affectsGlobalScope":true,"impliedFormat":1},{"version":"0559b1f683ac7505ae451f9a96ce4c3c92bdc71411651ca6ddb0e88baaaad6a3","affectsGlobalScope":true,"impliedFormat":1},{"version":"0dc1e7ceda9b8b9b455c3a2d67b0412feab00bd2f66656cd8850e8831b08b537","affectsGlobalScope":true,"impliedFormat":1},{"version":"ce691fb9e5c64efb9547083e4a34091bcbe5bdb41027e310ebba8f7d96a98671","affectsGlobalScope":true,"impliedFormat":1},{"version":"8d697a2a929a5fcb38b7a65594020fcef05ec1630804a33748829c5ff53640d0","affectsGlobalScope":true,"impliedFormat":1},{"version":"4ff2a353abf8a80ee399af572debb8faab2d33ad38c4b4474cff7f26e7653b8d","affectsGlobalScope":true,"impliedFormat":1},{"version":"fb0f136d372979348d59b3f5020b4cdb81b5504192b1cacff5d1fbba29378aa1","affectsGlobalScope":true,"impliedFormat":1},{"version":"d15bea3d62cbbdb9797079416b8ac375ae99162a7fba5de2c6c505446486ac0a","affectsGlobalScope":true,"impliedFormat":1},{"version":"68d18b664c9d32a7336a70235958b8997ebc1c3b8505f4f1ae2b7e7753b87618","affectsGlobalScope":true,"impliedFormat":1},{"version":"eb3d66c8327153d8fa7dd03f9c58d351107fe824c79e9b56b462935176cdf12a","affectsGlobalScope":true,"impliedFormat":1},{"version":"38f0219c9e23c915ef9790ab1d680440d95419ad264816fa15009a8851e79119","affectsGlobalScope":true,"impliedFormat":1},{"version":"69ab18c3b76cd9b1be3d188eaf8bba06112ebbe2f47f6c322b5105a6fbc45a2e","affectsGlobalScope":true,"impliedFormat":1},{"version":"a680117f487a4d2f30ea46f1b4b7f58bef1480456e18ba53ee85c2746eeca012","affectsGlobalScope":true,"impliedFormat":1},{"version":"2f11ff796926e0832f9ae148008138ad583bd181899ab7dd768a2666700b1893","affectsGlobalScope":true,"impliedFormat":1},{"version":"4de680d5bb41c17f7f68e0419412ca23c98d5749dcaaea1896172f06435891fc","affectsGlobalScope":true,"impliedFormat":1},{"version":"954296b30da6d508a104a3a0b5d96b76495c709785c1d11610908e63481ee667","affectsGlobalScope":true,"impliedFormat":1},{"version":"ac9538681b19688c8eae65811b329d3744af679e0bdfa5d842d0e32524c73e1c","affectsGlobalScope":true,"impliedFormat":1},{"version":"0a969edff4bd52585473d24995c5ef223f6652d6ef46193309b3921d65dd4376","affectsGlobalScope":true,"impliedFormat":1},{"version":"9e9fbd7030c440b33d021da145d3232984c8bb7916f277e8ffd3dc2e3eae2bdb","affectsGlobalScope":true,"impliedFormat":1},{"version":"811ec78f7fefcabbda4bfa93b3eb67d9ae166ef95f9bff989d964061cbf81a0c","affectsGlobalScope":true,"impliedFormat":1},{"version":"717937616a17072082152a2ef351cb51f98802fb4b2fdabd32399843875974ca","affectsGlobalScope":true,"impliedFormat":1},{"version":"d7e7d9b7b50e5f22c915b525acc5a49a7a6584cf8f62d0569e557c5cfc4b2ac2","affectsGlobalScope":true,"impliedFormat":1},{"version":"71c37f4c9543f31dfced6c7840e068c5a5aacb7b89111a4364b1d5276b852557","affectsGlobalScope":true,"impliedFormat":1},{"version":"576711e016cf4f1804676043e6a0a5414252560eb57de9faceee34d79798c850","affectsGlobalScope":true,"impliedFormat":1},{"version":"89c1b1281ba7b8a96efc676b11b264de7a8374c5ea1e6617f11880a13fc56dc6","affectsGlobalScope":true,"impliedFormat":1},{"version":"74f7fa2d027d5b33eb0471c8e82a6c87216223181ec31247c357a3e8e2fddc5b","affectsGlobalScope":true,"impliedFormat":1},{"version":"d6d7ae4d1f1f3772e2a3cde568ed08991a8ae34a080ff1151af28b7f798e22ca","affectsGlobalScope":true,"impliedFormat":1},{"version":"063600664504610fe3e99b717a1223f8b1900087fab0b4cad1496a114744f8df","affectsGlobalScope":true,"impliedFormat":1},{"version":"934019d7e3c81950f9a8426d093458b65d5aff2c7c1511233c0fd5b941e608ab","affectsGlobalScope":true,"impliedFormat":1},{"version":"52ada8e0b6e0482b728070b7639ee42e83a9b1c22d205992756fe020fd9f4a47","affectsGlobalScope":true,"impliedFormat":1},{"version":"3bdefe1bfd4d6dee0e26f928f93ccc128f1b64d5d501ff4a8cf3c6371200e5e6","affectsGlobalScope":true,"impliedFormat":1},{"version":"59fb2c069260b4ba00b5643b907ef5d5341b167e7d1dbf58dfd895658bda2867","affectsGlobalScope":true,"impliedFormat":1},{"version":"639e512c0dfc3fad96a84caad71b8834d66329a1f28dc95e3946c9b58176c73a","affectsGlobalScope":true,"impliedFormat":1},{"version":"368af93f74c9c932edd84c58883e736c9e3d53cec1fe24c0b0ff451f529ceab1","affectsGlobalScope":true,"impliedFormat":1},{"version":"af3dd424cf267428f30ccfc376f47a2c0114546b55c44d8c0f1d57d841e28d74","affectsGlobalScope":true,"impliedFormat":1},{"version":"995c005ab91a498455ea8dfb63aa9f83fa2ea793c3d8aa344be4a1678d06d399","affectsGlobalScope":true,"impliedFormat":1},{"version":"959d36cddf5e7d572a65045b876f2956c973a586da58e5d26cde519184fd9b8a","affectsGlobalScope":true,"impliedFormat":1},{"version":"965f36eae237dd74e6cca203a43e9ca801ce38824ead814728a2807b1910117d","affectsGlobalScope":true,"impliedFormat":1},{"version":"3925a6c820dcb1a06506c90b1577db1fdbf7705d65b62b99dce4be75c637e26b","affectsGlobalScope":true,"impliedFormat":1},{"version":"0a3d63ef2b853447ec4f749d3f368ce642264246e02911fcb1590d8c161b8005","affectsGlobalScope":true,"impliedFormat":1},{"version":"8cdf8847677ac7d20486e54dd3fcf09eda95812ac8ace44b4418da1bbbab6eb8","affectsGlobalScope":true,"impliedFormat":1},{"version":"8444af78980e3b20b49324f4a16ba35024fef3ee069a0eb67616ea6ca821c47a","affectsGlobalScope":true,"impliedFormat":1},{"version":"3287d9d085fbd618c3971944b65b4be57859f5415f495b33a6adc994edd2f004","affectsGlobalScope":true,"impliedFormat":1},{"version":"b4b67b1a91182421f5df999988c690f14d813b9850b40acd06ed44691f6727ad","affectsGlobalScope":true,"impliedFormat":1},{"version":"8e7f8264d0fb4c5339605a15daadb037bf238c10b654bb3eee14208f860a32ea","affectsGlobalScope":true,"impliedFormat":1},{"version":"782dec38049b92d4e85c1585fbea5474a219c6984a35b004963b00beb1aab538","affectsGlobalScope":true,"impliedFormat":1},{"version":"7d8d8d1c13e8cf045b846f2260e8525934696e06b729e09ef1ccd4fa004a420c","signature":"f1f76fba70cfd9ea94050567e1679fc58f8a4042bd38f2305a31c276ee2f9bf8","impliedFormat":99},{"version":"6c5aeed665c5fed8bf25e12597faa7e959873ec5bd93cef96944db527dae2fc6","signature":"4a9e2ca3b0d8615dd9720c56105980effe87bc46bf6fb3a7fb022fdce4ced178","impliedFormat":99},{"version":"03bec921d3681af3c419b13c7a88e4238c67b585ed1e5a9b0b242fec9ebc53f4","signature":"27371969b29b1d75874dfefa176fb4975f6589772b5909ea80b8c7916f9a85c4","impliedFormat":99},{"version":"3d962b2b695509d0f1601a91f5032a1e0668c603e1155df860dc9acc7011dd74","signature":"e7dba5cc3d7ab272e89e9e8d7376368149268461ba78e807cf510cb3e0e6614c","impliedFormat":99},{"version":"afa1f89a7e7c5b20b2a7a285a64a863144e164edd451566cc3fba09d832af029","signature":"de8e41faa46e65da78440506798ae81cfea8246d83132491055490e7711f3590","impliedFormat":99},{"version":"54cec5b2f1621434770d9db4a48637a97c57b499d8067e8a5e486ca0e424d61f","signature":"43e818adf60173644896298637f47b01d5819b17eda46eaa32d0c7d64724d012","impliedFormat":99},{"version":"4a6bdfff32fba6a5632b3e056fdc4568625ec0b91648e40d5636e42d66e47336","signature":"044d36ac72ef84f2d3639cbc25140d355f1016706c23fe48eb7744f27479c52d","impliedFormat":99},{"version":"427fe2004642504828c1476d0af4270e6ad4db6de78c0b5da3e4c5ca95052a99","impliedFormat":1},{"version":"2eeffcee5c1661ddca53353929558037b8cf305ffb86a803512982f99bcab50d","impliedFormat":99},{"version":"9afb4cb864d297e4092a79ee2871b5d3143ea14153f62ef0bb04ede25f432030","affectsGlobalScope":true,"impliedFormat":99},{"version":"151ff381ef9ff8da2da9b9663ebf657eac35c4c9a19183420c05728f31a6761d","impliedFormat":1},{"version":"70521b6ab0dcba37539e5303104f29b721bfb2940b2776da4cc818c07e1fefc1","affectsGlobalScope":true,"impliedFormat":1},{"version":"ab41ef1f2cdafb8df48be20cd969d875602483859dc194e9c97c8a576892c052","affectsGlobalScope":true,"impliedFormat":1},{"version":"d153a11543fd884b596587ccd97aebbeed950b26933ee000f94009f1ab142848","affectsGlobalScope":true,"impliedFormat":1},{"version":"21d819c173c0cf7cc3ce57c3276e77fd9a8a01d35a06ad87158781515c9a438a","impliedFormat":1},{"version":"98cffbf06d6bab333473c70a893770dbe990783904002c4f1a960447b4b53dca","affectsGlobalScope":true,"impliedFormat":1},{"version":"ba481bca06f37d3f2c137ce343c7d5937029b2468f8e26111f3c9d9963d6568d","affectsGlobalScope":true,"impliedFormat":1},{"version":"6d9ef24f9a22a88e3e9b3b3d8c40ab1ddb0853f1bfbd5c843c37800138437b61","affectsGlobalScope":true,"impliedFormat":1},{"version":"1db0b7dca579049ca4193d034d835f6bfe73096c73663e5ef9a0b5779939f3d0","affectsGlobalScope":true,"impliedFormat":1},{"version":"9798340ffb0d067d69b1ae5b32faa17ab31b82466a3fc00d8f2f2df0c8554aaa","affectsGlobalScope":true,"impliedFormat":1},{"version":"f26b11d8d8e4b8028f1c7d618b22274c892e4b0ef5b3678a8ccbad85419aef43","affectsGlobalScope":true,"impliedFormat":1},{"version":"5929864ce17fba74232584d90cb721a89b7ad277220627cc97054ba15a98ea8f","impliedFormat":1},{"version":"763fe0f42b3d79b440a9b6e51e9ba3f3f91352469c1e4b3b67bfa4ff6352f3f4","impliedFormat":1},{"version":"25c8056edf4314820382a5fdb4bb7816999acdcb929c8f75e3f39473b87e85bc","impliedFormat":1},{"version":"c464d66b20788266e5353b48dc4aa6bc0dc4a707276df1e7152ab0c9ae21fad8","impliedFormat":1},{"version":"78d0d27c130d35c60b5e5566c9f1e5be77caf39804636bc1a40133919a949f21","impliedFormat":1},{"version":"c6fd2c5a395f2432786c9cb8deb870b9b0e8ff7e22c029954fabdd692bff6195","impliedFormat":1},{"version":"1d6e127068ea8e104a912e42fc0a110e2aa5a66a356a917a163e8cf9a65e4a75","impliedFormat":1},{"version":"5ded6427296cdf3b9542de4471d2aa8d3983671d4cac0f4bf9c637208d1ced43","impliedFormat":1},{"version":"7f182617db458e98fc18dfb272d40aa2fff3a353c44a89b2c0ccb3937709bfb5","impliedFormat":1},{"version":"cadc8aced301244057c4e7e73fbcae534b0f5b12a37b150d80e5a45aa4bebcbd","impliedFormat":1},{"version":"385aab901643aa54e1c36f5ef3107913b10d1b5bb8cbcd933d4263b80a0d7f20","impliedFormat":1},{"version":"9670d44354bab9d9982eca21945686b5c24a3f893db73c0dae0fd74217a4c219","impliedFormat":1},{"version":"0b8a9268adaf4da35e7fa830c8981cfa22adbbe5b3f6f5ab91f6658899e657a7","impliedFormat":1},{"version":"11396ed8a44c02ab9798b7dca436009f866e8dae3c9c25e8c1fbc396880bf1bb","impliedFormat":1},{"version":"ba7bc87d01492633cb5a0e5da8a4a42a1c86270e7b3d2dea5d156828a84e4882","impliedFormat":1},{"version":"4893a895ea92c85345017a04ed427cbd6a1710453338df26881a6019432febdd","impliedFormat":1},{"version":"c21dc52e277bcfc75fac0436ccb75c204f9e1b3fa5e12729670910639f27343e","impliedFormat":1},{"version":"13f6f39e12b1518c6650bbb220c8985999020fe0f21d818e28f512b7771d00f9","impliedFormat":1},{"version":"9b5369969f6e7175740bf51223112ff209f94ba43ecd3bb09eefff9fd675624a","impliedFormat":1},{"version":"4fe9e626e7164748e8769bbf74b538e09607f07ed17c2f20af8d680ee49fc1da","impliedFormat":1},{"version":"24515859bc0b836719105bb6cc3d68255042a9f02a6022b3187948b204946bd2","impliedFormat":1},{"version":"ea0148f897b45a76544ae179784c95af1bd6721b8610af9ffa467a518a086a43","impliedFormat":1},{"version":"24c6a117721e606c9984335f71711877293a9651e44f59f3d21c1ea0856f9cc9","impliedFormat":1},{"version":"dd3273ead9fbde62a72949c97dbec2247ea08e0c6952e701a483d74ef92d6a17","impliedFormat":1},{"version":"405822be75ad3e4d162e07439bac80c6bcc6dbae1929e179cf467ec0b9ee4e2e","impliedFormat":1},{"version":"0db18c6e78ea846316c012478888f33c11ffadab9efd1cc8bcc12daded7a60b6","impliedFormat":1},{"version":"e61be3f894b41b7baa1fbd6a66893f2579bfad01d208b4ff61daef21493ef0a8","impliedFormat":1},{"version":"bd0532fd6556073727d28da0edfd1736417a3f9f394877b6d5ef6ad88fba1d1a","impliedFormat":1},{"version":"89167d696a849fce5ca508032aabfe901c0868f833a8625d5a9c6e861ef935d2","impliedFormat":1},{"version":"615ba88d0128ed16bf83ef8ccbb6aff05c3ee2db1cc0f89ab50a4939bfc1943f","impliedFormat":1},{"version":"a4d551dbf8746780194d550c88f26cf937caf8d56f102969a110cfaed4b06656","impliedFormat":1},{"version":"8bd86b8e8f6a6aa6c49b71e14c4ffe1211a0e97c80f08d2c8cc98838006e4b88","impliedFormat":1},{"version":"317e63deeb21ac07f3992f5b50cdca8338f10acd4fbb7257ebf56735bf52ab00","impliedFormat":1},{"version":"4732aec92b20fb28c5fe9ad99521fb59974289ed1e45aecb282616202184064f","impliedFormat":1},{"version":"2e85db9e6fd73cfa3d7f28e0ab6b55417ea18931423bd47b409a96e4a169e8e6","impliedFormat":1},{"version":"c46e079fe54c76f95c67fb89081b3e399da2c7d109e7dca8e4b58d83e332e605","impliedFormat":1},{"version":"bf67d53d168abc1298888693338cb82854bdb2e69ef83f8a0092093c2d562107","impliedFormat":1},{"version":"b52476feb4a0cbcb25e5931b930fc73cb6643fb1a5060bf8a3dda0eeae5b4b68","affectsGlobalScope":true,"impliedFormat":1},{"version":"e2677634fe27e87348825bb041651e22d50a613e2fdf6a4a3ade971d71bac37e","impliedFormat":1},{"version":"7394959e5a741b185456e1ef5d64599c36c60a323207450991e7a42e08911419","impliedFormat":1},{"version":"8c0bcd6c6b67b4b503c11e91a1fb91522ed585900eab2ab1f61bba7d7caa9d6f","impliedFormat":1},{"version":"8cd19276b6590b3ebbeeb030ac271871b9ed0afc3074ac88a94ed2449174b776","affectsGlobalScope":true,"impliedFormat":1},{"version":"696eb8d28f5949b87d894b26dc97318ef944c794a9a4e4f62360cd1d1958014b","impliedFormat":1},{"version":"3f8fa3061bd7402970b399300880d55257953ee6d3cd408722cb9ac20126460c","impliedFormat":1},{"version":"35ec8b6760fd7138bbf5809b84551e31028fb2ba7b6dc91d95d098bf212ca8b4","affectsGlobalScope":true,"impliedFormat":1},{"version":"5524481e56c48ff486f42926778c0a3cce1cc85dc46683b92b1271865bcf015a","impliedFormat":1},{"version":"68bd56c92c2bd7d2339457eb84d63e7de3bd56a69b25f3576e1568d21a162398","affectsGlobalScope":true,"impliedFormat":1},{"version":"3e93b123f7c2944969d291b35fed2af79a6e9e27fdd5faa99748a51c07c02d28","impliedFormat":1},{"version":"9d19808c8c291a9010a6c788e8532a2da70f811adb431c97520803e0ec649991","impliedFormat":1},{"version":"87aad3dd9752067dc875cfaa466fc44246451c0c560b820796bdd528e29bef40","impliedFormat":1},{"version":"4aacb0dd020eeaef65426153686cc639a78ec2885dc72ad220be1d25f1a439df","impliedFormat":1},{"version":"f0bd7e6d931657b59605c44112eaf8b980ba7f957a5051ed21cb93d978cf2f45","impliedFormat":1},{"version":"8db0ae9cb14d9955b14c214f34dae1b9ef2baee2fe4ce794a4cd3ac2531e3255","affectsGlobalScope":true,"impliedFormat":1},{"version":"15fc6f7512c86810273af28f224251a5a879e4261b4d4c7e532abfbfc3983134","impliedFormat":1},{"version":"58adba1a8ab2d10b54dc1dced4e41f4e7c9772cbbac40939c0dc8ce2cdb1d442","impliedFormat":1},{"version":"641942a78f9063caa5d6b777c99304b7d1dc7328076038c6d94d8a0b81fc95c1","impliedFormat":1},{"version":"714435130b9015fae551788df2a88038471a5a11eb471f27c4ede86552842bc9","impliedFormat":1},{"version":"855cd5f7eb396f5f1ab1bc0f8580339bff77b68a770f84c6b254e319bbfd1ac7","impliedFormat":1},{"version":"5650cf3dace09e7c25d384e3e6b818b938f68f4e8de96f52d9c5a1b3db068e86","impliedFormat":1},{"version":"1354ca5c38bd3fd3836a68e0f7c9f91f172582ba30ab15bb8c075891b91502b7","affectsGlobalScope":true,"impliedFormat":1},{"version":"7e20d899c28ca26a2a7afc98beaa69e63ff7fba0a8bc47b4e3bf3ede5e09e424","impliedFormat":1},{"version":"2d2fcaab481b31a5882065c7951255703ddbe1c0e507af56ea42d79ac3911201","impliedFormat":1},{"version":"a192fe8ec33f75edbc8d8f3ed79f768dfae11ff5735e7fe52bfa69956e46d78d","impliedFormat":1},{"version":"ca867399f7db82df981d6915bcbb2d81131d7d1ef683bc782b59f71dda59bc85","affectsGlobalScope":true,"impliedFormat":1},{"version":"372413016d17d804e1d139418aca0c68e47a83fb6669490857f4b318de8cccb3","affectsGlobalScope":true,"impliedFormat":1},{"version":"9e043a1bc8fbf2a255bccf9bf27e0f1caf916c3b0518ea34aa72357c0afd42ec","impliedFormat":1},{"version":"b4f70ec656a11d570e1a9edce07d118cd58d9760239e2ece99306ee9dfe61d02","impliedFormat":1},{"version":"3bc2f1e2c95c04048212c569ed38e338873f6a8593930cf5a7ef24ffb38fc3b6","impliedFormat":1},{"version":"6e70e9570e98aae2b825b533aa6292b6abd542e8d9f6e9475e88e1d7ba17c866","impliedFormat":1},{"version":"f9d9d753d430ed050dc1bf2667a1bab711ccbb1c1507183d794cc195a5b085cc","impliedFormat":1},{"version":"9eece5e586312581ccd106d4853e861aaaa1a39f8e3ea672b8c3847eedd12f6e","impliedFormat":1},{"version":"085f552d005479e2e6a7311cdbbe5d8c55c497b4d19274285df161ee9684cd9c","impliedFormat":1},{"version":"37ba7b45141a45ce6e80e66f2a96c8a5ab1bcef0fc2d0f56bb58df96ec67e972","impliedFormat":1},{"version":"45650f47bfb376c8a8ed39d4bcda5902ab899a3150029684ee4c10676d9fbaee","impliedFormat":1},{"version":"007faacc9268357caa21d24169f3f3f2497af3e9241308df2d89f6e6d9bb3f2e","affectsGlobalScope":true,"impliedFormat":1},{"version":"74cf591a0f63db318651e0e04cb55f8791385f86e987a67fd4d2eaab8191f730","impliedFormat":1},{"version":"5eab9b3dc9b34f185417342436ec3f106898da5f4801992d8ff38ab3aff346b5","impliedFormat":1},{"version":"12ed4559eba17cd977aa0db658d25c4047067444b51acfdcbf38470630642b23","affectsGlobalScope":true,"impliedFormat":1},{"version":"f3ffabc95802521e1e4bcba4c88d8615176dc6e09111d920c7a213bdda6e1d65","impliedFormat":1},{"version":"809821b8a065e3234a55b3a9d7846231ed18d66dd749f2494c66288d890daf7f","impliedFormat":1},{"version":"ae56f65caf3be91108707bd8dfbccc2a57a91feb5daabf7165a06a945545ed26","impliedFormat":1},{"version":"a136d5de521da20f31631a0a96bf712370779d1c05b7015d7019a9b2a0446ca9","impliedFormat":1},{"version":"c3b41e74b9a84b88b1dca61ec39eee25c0dbc8e7d519ba11bb070918cfacf656","affectsGlobalScope":true,"impliedFormat":1},{"version":"4737a9dc24d0e68b734e6cfbcea0c15a2cfafeb493485e27905f7856988c6b29","affectsGlobalScope":true,"impliedFormat":1},{"version":"36d8d3e7506b631c9582c251a2c0b8a28855af3f76719b12b534c6edf952748d","impliedFormat":1},{"version":"1ca69210cc42729e7ca97d3a9ad48f2e9cb0042bada4075b588ae5387debd318","impliedFormat":1},{"version":"f5ebe66baaf7c552cfa59d75f2bfba679f329204847db3cec385acda245e574e","impliedFormat":1},{"version":"ed59add13139f84da271cafd32e2171876b0a0af2f798d0c663e8eeb867732cf","affectsGlobalScope":true,"impliedFormat":1},{"version":"b7c5e2ea4a9749097c347454805e933844ed207b6eefec6b7cfd418b5f5f7b28","impliedFormat":1},{"version":"b1810689b76fd473bd12cc9ee219f8e62f54a7d08019a235d07424afbf074d25","impliedFormat":1}],"root":[[58,64]],"options":{"declaration":true,"declarationMap":true,"esModuleInterop":true,"module":100,"noFallthroughCasesInSwitch":true,"noImplicitReturns":true,"noUnusedLocals":true,"noUnusedParameters":true,"outDir":"./","rootDir":"../src","skipLibCheck":true,"sourceMap":true,"strict":true,"target":9,"tsBuildInfoFile":"./.tsbuildinfo"},"referencedMap":[[67,1],[65,2],[68,2],[117,3],[118,3],[119,4],[74,5],[120,6],[121,7],[122,8],[69,2],[72,9],[70,2],[71,2],[123,10],[124,11],[125,12],[126,13],[127,14],[128,15],[129,15],[130,16],[131,17],[132,18],[133,19],[75,2],[73,2],[134,20],[135,21],[136,22],[168,23],[137,24],[138,25],[139,26],[140,27],[141,28],[142,29],[143,30],[144,31],[145,32],[146,33],[147,33],[148,34],[149,2],[150,35],[152,36],[151,37],[153,38],[154,39],[155,40],[156,41],[157,42],[158,43],[159,44],[160,45],[161,46],[162,47],[163,48],[164,49],[165,50],[76,2],[77,2],[78,2],[116,51],[166,52],[167,53],[66,2],[56,2],[57,2],[11,2],[10,2],[2,2],[12,2],[13,2],[14,2],[15,2],[16,2],[17,2],[18,2],[19,2],[3,2],[20,2],[21,2],[4,2],[22,2],[26,2],[23,2],[24,2],[25,2],[27,2],[28,2],[29,2],[5,2],[30,2],[31,2],[32,2],[33,2],[6,2],[37,2],[34,2],[35,2],[36,2],[38,2],[7,2],[39,2],[44,2],[45,2],[40,2],[41,2],[42,2],[43,2],[8,2],[49,2],[46,2],[47,2],[48,2],[50,2],[9,2],[51,2],[52,2],[53,2],[55,2],[54,2],[1,2],[94,54],[104,55],[93,54],[114,56],[85,57],[84,58],[113,59],[107,60],[112,61],[87,62],[101,63],[86,64],[110,65],[82,66],[81,59],[111,67],[83,68],[88,69],[89,2],[92,69],[79,2],[115,70],[105,71],[96,72],[97,73],[99,74],[95,75],[98,76],[108,59],[90,77],[91,78],[100,79],[80,80],[103,71],[102,69],[106,2],[109,81],[63,82],[64,83],[61,84],[60,85],[59,84],[62,86],[58,2]],"version":"5.9.3"}

package/dist/cli.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":""}

package/dist/cli.js

@@ -0,0 +1,102 @@
+#!/usr/bin/env node
+// capgate CLI — thin wrapper over compile() + adapters.
+//
+// Usage:
+//   capgate compile <manifest.json> [--target bwrap] [--pretty]
+//
+// Reads JSON from a file path (or "-" for stdin), lowers to the requested
+// target, writes JSON to stdout. Errors go to stderr with a non-zero exit.
+//
+// This is deliberately minimal. Anything fancier (watch mode, multi-target,
+// YAML output) belongs behind a feature flag, not here.
+import { readFileSync } from 'node:fs';
+import { compile, lowerToBwrap, CompilationError } from './policy/index.js';
+function parseArgs(argv) {
+    const args = {
+        command: undefined,
+        input: undefined,
+        target: 'bwrap',
+        pretty: false,
+        help: false,
+    };
+    const rest = argv.slice(2);
+    for (let i = 0; i < rest.length; i++) {
+        const a = rest[i];
+        if (a === '-h' || a === '--help')
+            args.help = true;
+        else if (a === '--pretty')
+            args.pretty = true;
+        else if (a === '--target')
+            args.target = rest[++i];
+        else if (!args.command)
+            args.command = a;
+        else if (!args.input)
+            args.input = a;
+    }
+    return args;
+}
+const USAGE = `capgate — compile MCP manifests into sandbox policies
+
+Usage:
+  capgate compile <manifest.json|-> [--target bwrap] [--pretty]
+
+Options:
+  --target <name>   Adapter to lower to. Default: bwrap. Supported: bwrap.
+  --pretty          Indent JSON output with 2 spaces.
+  -h, --help        Show this message.
+
+Examples:
+  capgate compile manifests/filesystem.json --pretty
+  cat manifest.json | capgate compile - --target bwrap
+`;
+function readInput(path) {
+    if (path === '-')
+        return readFileSync(0, 'utf8');
+    return readFileSync(path, 'utf8');
+}
+function main() {
+    const args = parseArgs(process.argv);
+    if (args.help || !args.command) {
+        process.stdout.write(USAGE);
+        process.exit(args.help ? 0 : 1);
+    }
+    if (args.command !== 'compile') {
+        process.stderr.write(`capgate: unknown command "${args.command}"\n\n${USAGE}`);
+        process.exit(2);
+    }
+    if (!args.input) {
+        process.stderr.write(`capgate: compile requires a manifest path (or "-" for stdin)\n\n${USAGE}`);
+        process.exit(2);
+    }
+    let raw;
+    try {
+        raw = JSON.parse(readInput(args.input));
+    }
+    catch (err) {
+        process.stderr.write(`capgate: failed to read or parse manifest: ${err.message}\n`);
+        process.exit(3);
+    }
+    try {
+        const policy = compile(raw);
+        let output;
+        switch (args.target) {
+            case 'bwrap':
+                output = lowerToBwrap(policy);
+                break;
+            default:
+                process.stderr.write(`capgate: unsupported --target "${args.target}" (supported: bwrap)\n`);
+                process.exit(2);
+        }
+        const indent = args.pretty ? 2 : 0;
+        process.stdout.write(JSON.stringify(output, null, indent) + '\n');
+    }
+    catch (err) {
+        if (err instanceof CompilationError) {
+            process.stderr.write(`capgate: ${err.code}: ${err.message}\n`);
+            process.exit(4);
+        }
+        throw err;
+    }
+}
+main();
+//# sourceMappingURL=cli.js.map

package/dist/cli.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA,wDAAwD;AACxD,EAAE;AACF,SAAS;AACT,gEAAgE;AAChE,EAAE;AACF,0EAA0E;AAC1E,2EAA2E;AAC3E,EAAE;AACF,4EAA4E;AAC5E,wDAAwD;AAExD,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAU5E,SAAS,SAAS,CAAC,IAAc;IAC/B,MAAM,IAAI,GAAS;QACjB,OAAO,EAAE,SAAS;QAClB,KAAK,EAAE,SAAS;QAChB,MAAM,EAAE,OAAO;QACf,MAAM,EAAE,KAAK;QACb,IAAI,EAAE,KAAK;KACZ,CAAC;IACF,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,QAAQ;YAAE,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;aAC9C,IAAI,CAAC,KAAK,UAAU;YAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;aACzC,IAAI,CAAC,KAAK,UAAU;YAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;aAC9C,IAAI,CAAC,IAAI,CAAC,OAAO;YAAE,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC;aACpC,IAAI,CAAC,IAAI,CAAC,KAAK;YAAE,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC;IACvC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,KAAK,GAAG;;;;;;;;;;;;;CAab,CAAC;AAEF,SAAS,SAAS,CAAC,IAAY;IAC7B,IAAI,IAAI,KAAK,GAAG;QAAE,OAAO,YAAY,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IACjD,OAAO,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;AACpC,CAAC;AAED,SAAS,IAAI;IACX,MAAM,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACrC,IAAI,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QAC/B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAC5B,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAClC,CAAC;IACD,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;QAC/B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,6BAA6B,IAAI,CAAC,OAAO,QAAQ,KAAK,EAAE,CAAC,CAAC;QAC/E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;QAChB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,mEAAmE,KAAK,EAAE,CAAC,CAAC;QACjG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,GAAY,CAAC;IACjB,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;IAC1C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,8CAA+C,GAAa,CAAC,OAAO,IAAI,CAAC,CAAC;QAC/F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,OAAO,CAAC,GAAoC,CAAC,CAAC;QAC7D,IAAI,MAAe,CAAC;QACpB,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;YACpB,KAAK,OAAO;gBACV,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;gBAC9B,MAAM;YACR;gBACE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,kCAAkC,IAAI,CAAC,MAAM,wBAAwB,CAAC,CAAC;gBAC5F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACnC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC;IACpE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,gBAAgB,EAAE,CAAC;YACpC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,OAAO,IAAI,CAAC,CAAC;YAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED,IAAI,EAAE,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+export * from './policy/index.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAKA,cAAc,mBAAmB,CAAC"}

package/dist/index.js

@@ -0,0 +1,6 @@
+// capgate — MCP manifest → sandbox policy compiler.
+//
+// Public surface is re-exported from ./policy. This file is a single entry
+// point so consumers can do `import { compile, lowerToBwrap } from 'capgate'`.
+export * from './policy/index.js';
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,oDAAoD;AACpD,EAAE;AACF,2EAA2E;AAC3E,+EAA+E;AAE/E,cAAc,mBAAmB,CAAC"}

package/dist/policy/adapters/bwrap.d.ts

@@ -0,0 +1,29 @@
+import { NormalizedPolicy } from '../ir.js';
+export interface BwrapArtifact {
+    /** argv, ready for execFile("bwrap", argv). Binary and command are appended by caller. */
+    argv: string[];
+    /** Network egress rules. Empty = no net allowed. */
+    egress: EgressRule[];
+    /** Env vars the host must inject (names only; values resolved out-of-band). */
+    envInjections: string[];
+    /** Declared assertions — emitted as metadata, not enforced here. */
+    assertions: {
+        id: string;
+        description: string;
+    }[];
+    /** Human-readable diagnostics for audit logs / PR review. */
+    notes: string[];
+}
+export interface EgressRule {
+    host: string;
+    port: number | null;
+    blockPrivate: boolean;
+}
+export interface BwrapOptions {
+    /** Base read-only system mounts. Defaults cover the common Linux userspace. */
+    systemMounts?: string[];
+    /** Whether to expose /dev (true when nestedSandbox, false otherwise). */
+    exposeDev?: boolean;
+}
+export declare function lowerToBwrap(policy: NormalizedPolicy, opts?: BwrapOptions): BwrapArtifact;
+//# sourceMappingURL=bwrap.d.ts.map

package/dist/policy/adapters/bwrap.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bwrap.d.ts","sourceRoot":"","sources":["../../../src/policy/adapters/bwrap.ts"],"names":[],"mappings":"AAgBA,OAAO,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAE5C,MAAM,WAAW,aAAa;IAC5B,0FAA0F;IAC1F,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,oDAAoD;IACpD,MAAM,EAAE,UAAU,EAAE,CAAC;IACrB,+EAA+E;IAC/E,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,oEAAoE;IACpE,UAAU,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAClD,6DAA6D;IAC7D,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,YAAY,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,YAAY;IAC3B,+EAA+E;IAC/E,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,yEAAyE;IACzE,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAID,wBAAgB,YAAY,CAAC,MAAM,EAAE,gBAAgB,EAAE,IAAI,GAAE,YAAiB,GAAG,aAAa,CAoH7F"}

package/dist/policy/adapters/bwrap.js

@@ -0,0 +1,144 @@
+// bwrap adapter: NormalizedPolicy → bubblewrap argv + companion artifacts.
+//
+// bwrap (bubblewrap) is a Linux user-namespace sandbox. It handles:
+//   - filesystem bind mounts (--bind / --ro-bind)
+//   - process/IPC/net namespace toggles (--unshare-*)
+//   - env var pruning (--clearenv + explicit --setenv)
+//
+// It does NOT handle:
+//   - host-level network allowlisting  → EgressRule[] (companion proxy)
+//   - seccomp syscall filters          → out of scope for v0.1
+//   - secret value resolution          → caller pulls from secret store
+//
+// This adapter emits a BwrapArtifact: argv for bwrap itself plus companion
+// data the host must honor. The host decides how to wire EgressRule — mitmproxy,
+// nftables, Envoy; the adapter stays policy-layer only.
+const DEFAULT_SYSTEM_MOUNTS = ['/usr', '/lib', '/lib64', '/bin', '/sbin', '/etc/ssl', '/etc/ca-certificates'];
+export function lowerToBwrap(policy, opts = {}) {
+    const argv = [];
+    const notes = [];
+    const systemMounts = opts.systemMounts ?? DEFAULT_SYSTEM_MOUNTS;
+    const exposeDev = opts.exposeDev ?? policy.nestedSandbox;
+    // ---------- base namespaces ----------
+    // We build the unshare set explicitly instead of using --unshare-all so the
+    // net flag is a single decision point. Net is only shared when policy.net
+    // is non-empty; nestedSandbox additionally keeps user/pid/ipc for inner
+    // sandboxes (Chromium, QEMU) that re-namespace themselves.
+    const shareNet = policy.net.length > 0;
+    argv.push('--unshare-uts', '--unshare-cgroup-try');
+    if (!shareNet)
+        argv.push('--unshare-net');
+    if (!policy.nestedSandbox) {
+        argv.push('--unshare-user-try', '--unshare-pid', '--unshare-ipc');
+    }
+    else {
+        notes.push('nestedSandbox: keeping user/pid/ipc namespaces for inner sandbox compatibility');
+    }
+    argv.push('--die-with-parent', '--new-session');
+    // ---------- system mounts ----------
+    for (const m of systemMounts) {
+        argv.push('--ro-bind-try', m, m);
+    }
+    argv.push('--proc', '/proc');
+    // Only emit tmpfs /tmp if no declared fs root covers /tmp. A real bind on
+    // /tmp implies the tool needs persistent host files there (e.g. X11 socket,
+    // browser downloads dir); a tmpfs would either shadow the bind or race it.
+    const tmpCovered = policy.fs.some((fs) => {
+        const host = dirForBind(fs.path);
+        return host === '/tmp' || host.startsWith('/tmp/');
+    });
+    if (!tmpCovered)
+        argv.push('--tmpfs', '/tmp');
+    if (exposeDev)
+        argv.push('--dev', '/dev');
+    // ---------- clock ----------
+    if (policy.clock === 'tzdata') {
+        argv.push('--ro-bind-try', '/usr/share/zoneinfo', '/usr/share/zoneinfo');
+        argv.push('--ro-bind-try', '/etc/localtime', '/etc/localtime');
+    }
+    // ---------- fs roots ----------
+    for (const fs of policy.fs) {
+        const hostPath = dirForBind(fs.path);
+        const writable = fs.actions.includes('write') || fs.actions.includes('create') || fs.actions.includes('delete');
+        argv.push(writable ? '--bind' : '--ro-bind', hostPath, hostPath);
+        if (fs.isGlob) {
+            notes.push(`fs: "${fs.path}" lowered to directory bind "${hostPath}" — bwrap binds directories, not globs. Fine-grained glob enforcement is the server's job.`);
+        }
+        if (hostPath === '/tmp') {
+            notes.push('fs: binding host /tmp exposes all user tmpfiles to the sandbox; prefer a scoped subdirectory like /tmp/<server-name>.');
+        }
+    }
+    // ---------- exec binaries ----------
+    // No extra mounts needed — covered by /usr /bin /sbin above. We record the
+    // declaration for audit and warn if an unusual binary was requested.
+    for (const e of policy.exec) {
+        notes.push(`exec: ${e.binary} (resolved from PATH inside sandbox)`);
+    }
+    // ---------- env (declared first so ipc handlers can push injections) ----------
+    const envInjections = [];
+    for (const e of policy.env)
+        envInjections.push(e.name);
+    // ---------- ipc ----------
+    for (const i of policy.ipc) {
+        if (i.endpoint === 'x11') {
+            argv.push('--bind-try', '/tmp/.X11-unix', '/tmp/.X11-unix');
+            // DISPLAY is resolved by the host at exec time; we record the need.
+            envInjections.push('DISPLAY');
+        }
+        else if (i.endpoint.startsWith('unix:')) {
+            const sock = i.endpoint.slice('unix:'.length);
+            argv.push('--bind-try', sock, sock);
+        }
+        else if (i.endpoint === 'dbus:session') {
+            notes.push('ipc: dbus:session declared — host must bind DBUS_SESSION_BUS_ADDRESS socket');
+        }
+        else if (i.endpoint === 'dbus:system') {
+            argv.push('--bind-try', '/run/dbus/system_bus_socket', '/run/dbus/system_bus_socket');
+        }
+        else {
+            notes.push(`ipc: unrecognized endpoint "${i.endpoint}" — no mount emitted`);
+        }
+    }
+    // ---------- env ----------
+    argv.push('--clearenv');
+    // Always preserve a minimal safe floor.
+    argv.push('--setenv', 'PATH', '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin');
+    argv.push('--setenv', 'HOME', '/tmp');
+    // Values for envInjections are injected by the caller via --setenv at exec time.
+    // ---------- net ----------
+    // bwrap has only binary share/unshare. Host-level allowlists live in the
+    // egress proxy. We emit rules either way so a deny-all proxy is a valid host.
+    const egress = policy.net.map((n) => ({
+        host: n.host,
+        port: n.port,
+        blockPrivate: n.blockPrivate,
+    }));
+    if (policy.net.length > 0) {
+        notes.push(`net: ${policy.net.length} endpoint(s) declared — host MUST route outbound traffic through an egress proxy honoring egress[]`);
+    }
+    return {
+        argv,
+        egress,
+        envInjections,
+        assertions: policy.assertions.map((a) => ({ id: a.id, description: a.description })),
+        notes,
+    };
+}
+/**
+ * Return the directory portion bwrap should bind. For a glob like
+ * "/workspace/**" we bind "/workspace". For a bare file we bind the parent.
+ * bwrap binds directories; file-granularity is out of scope.
+ */
+function dirForBind(path) {
+    const stripped = path.replace(/\/\*\*?$/, '').replace(/\/\*$/, '');
+    if (stripped.endsWith('/'))
+        return stripped.slice(0, -1) || '/';
+    // If the path looks like a file (has an extension after the last slash), bind parent.
+    const lastSlash = stripped.lastIndexOf('/');
+    const tail = stripped.slice(lastSlash + 1);
+    if (tail.includes('.') && !tail.startsWith('.')) {
+        return stripped.slice(0, lastSlash) || '/';
+    }
+    return stripped || '/';
+}
+//# sourceMappingURL=bwrap.js.map

package/dist/policy/adapters/bwrap.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"bwrap.js","sourceRoot":"","sources":["../../../src/policy/adapters/bwrap.ts"],"names":[],"mappings":"AAAA,2EAA2E;AAC3E,EAAE;AACF,oEAAoE;AACpE,kDAAkD;AAClD,sDAAsD;AACtD,uDAAuD;AACvD,EAAE;AACF,sBAAsB;AACtB,wEAAwE;AACxE,+DAA+D;AAC/D,wEAAwE;AACxE,EAAE;AACF,2EAA2E;AAC3E,iFAAiF;AACjF,wDAAwD;AA8BxD,MAAM,qBAAqB,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,sBAAsB,CAAC,CAAC;AAE9G,MAAM,UAAU,YAAY,CAAC,MAAwB,EAAE,OAAqB,EAAE;IAC5E,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,IAAI,qBAAqB,CAAC;IAChE,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,MAAM,CAAC,aAAa,CAAC;IAEzD,wCAAwC;IACxC,4EAA4E;IAC5E,0EAA0E;IAC1E,wEAAwE;IACxE,2DAA2D;IAC3D,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC;IACvC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,sBAAsB,CAAC,CAAC;IACnD,IAAI,CAAC,QAAQ;QAAE,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IAC1C,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;QAC1B,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,eAAe,EAAE,eAAe,CAAC,CAAC;IACpE,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,gFAAgF,CAAC,CAAC;IAC/F,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,eAAe,CAAC,CAAC;IAEhD,sCAAsC;IACtC,KAAK,MAAM,CAAC,IAAI,YAAY,EAAE,CAAC;QAC7B,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC7B,0EAA0E;IAC1E,4EAA4E;IAC5E,2EAA2E;IAC3E,MAAM,UAAU,GAAG,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE;QACvC,MAAM,IAAI,GAAG,UAAU,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;QACjC,OAAO,IAAI,KAAK,MAAM,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IACH,IAAI,CAAC,UAAU;QAAE,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IAC9C,IAAI,SAAS;QAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAE1C,8BAA8B;IAC9B,IAAI,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,qBAAqB,EAAE,qBAAqB,CAAC,CAAC;QACzE,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,CAAC;IACjE,CAAC;IAED,iCAAiC;IACjC,KAAK,MAAM,EAAE,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC;QAC3B,MAAM,QAAQ,GAAG,UAAU,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;QACrC,MAAM,QAAQ,GAAG,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAChH,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACjE,IAAI,EAAE,CAAC,MAAM,EAAE,CAAC;YACd,KAAK,CAAC,IAAI,CACR,QAAQ,EAAE,CAAC,IAAI,gCAAgC,QAAQ,4FAA4F,CACpJ,CAAC;QACJ,CAAC;QACD,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;YACxB,KAAK,CAAC,IAAI,CACR,uHAAuH,CACxH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,sCAAsC;IACtC,2EAA2E;IAC3E,qEAAqE;IACrE,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;QAC5B,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,sCAAsC,CAAC,CAAC;IACtE,CAAC;IAED,iFAAiF;IACjF,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,GAAG;QAAE,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAEvD,4BAA4B;IAC5B,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,GAAG,EAAE,CAAC;QAC3B,IAAI,CAAC,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;YACzB,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,CAAC;YAC5D,oEAAoE;YACpE,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAChC,CAAC;aAAM,IAAI,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,GAAG,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YAC9C,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;QACtC,CAAC;aAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,cAAc,EAAE,CAAC;YACzC,KAAK,CAAC,IAAI,CAAC,6EAA6E,CAAC,CAAC;QAC5F,CAAC;aAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,aAAa,EAAE,CAAC;YACxC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,6BAA6B,EAAE,6BAA6B,CAAC,CAAC;QACxF,CAAC;aAAM,CAAC;YACN,KAAK,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC,QAAQ,sBAAsB,CAAC,CAAC;QAC9E,CAAC;IACH,CAAC;IAED,4BAA4B;IAC5B,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACxB,wCAAwC;IACxC,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,8DAA8D,CAAC,CAAC;IAC9F,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;IACtC,iFAAiF;IAEjF,4BAA4B;IAC5B,yEAAyE;IACzE,8EAA8E;IAC9E,MAAM,MAAM,GAAiB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAClD,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,YAAY,EAAE,CAAC,CAAC,YAAY;KAC7B,CAAC,CAAC,CAAC;IACJ,IAAI,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,KAAK,CAAC,IAAI,CACR,QAAQ,MAAM,CAAC,GAAG,CAAC,MAAM,oGAAoG,CAC9H,CAAC;IACJ,CAAC;IAED,OAAO;QACL,IAAI;QACJ,MAAM;QACN,aAAa;QACb,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,WAAW,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;QACpF,KAAK;KACN,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,SAAS,UAAU,CAAC,IAAY;IAC9B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;IACnE,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC;IAChE,sFAAsF;IACtF,MAAM,SAAS,GAAG,QAAQ,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,QAAQ,CAAC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;IAC3C,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAChD,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,IAAI,GAAG,CAAC;IAC7C,CAAC;IACD,OAAO,QAAQ,IAAI,GAAG,CAAC;AACzB,CAAC"}

package/dist/policy/compiler.d.ts

@@ -0,0 +1,22 @@
+import { Capability, NormalizedPolicy, ServerManifest, ToolManifest } from './ir.js';
+export interface RawToolManifest extends Omit<ToolManifest, 'capabilities'> {
+    capabilities: string[];
+}
+export interface RawServerManifest extends Omit<ServerManifest, 'tools' | 'serverCapabilities'> {
+    /**
+     * Optional grammar version pin (e.g. "0.0"). If present, must match the
+     * compiler's GRAMMAR_VERSION. Absent = accept under any version (forward
+     * compat for manifests written before this field existed).
+     */
+    grammar?: string;
+    serverCapabilities?: string[];
+    tools: RawToolManifest[];
+}
+export declare function compile(raw: RawServerManifest): NormalizedPolicy;
+/** Parse a RawServerManifest into a ServerManifest with typed Capability[]. */
+export declare function parseManifest(raw: RawServerManifest): ServerManifest;
+export declare function normalize(server: {
+    name: string;
+    version: string;
+}, caps: Capability[]): NormalizedPolicy;
+//# sourceMappingURL=compiler.d.ts.map

package/dist/policy/compiler.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"compiler.d.ts","sourceRoot":"","sources":["../../src/policy/compiler.ts"],"names":[],"mappings":"AAYA,OAAO,EAEL,UAAU,EAIV,gBAAgB,EAChB,cAAc,EACd,YAAY,EACb,MAAM,SAAS,CAAC;AAQjB,MAAM,WAAW,eAAgB,SAAQ,IAAI,CAAC,YAAY,EAAE,cAAc,CAAC;IACzE,YAAY,EAAE,MAAM,EAAE,CAAC;CACxB;AAED,MAAM,WAAW,iBAAkB,SAAQ,IAAI,CAAC,cAAc,EAAE,OAAO,GAAG,oBAAoB,CAAC;IAC7F;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,KAAK,EAAE,eAAe,EAAE,CAAC;CAC1B;AAMD,wBAAgB,OAAO,CAAC,GAAG,EAAE,iBAAiB,GAAG,gBAAgB,CAahE;AAED,+EAA+E;AAC/E,wBAAgB,aAAa,CAAC,GAAG,EAAE,iBAAiB,GAAG,cAAc,CAUpE;AAMD,wBAAgB,SAAS,CACvB,MAAM,EAAE;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,EACzC,IAAI,EAAE,UAAU,EAAE,GACjB,gBAAgB,CAwFlB"}