harborai 0.5.3 → 0.5.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/daemon/exec.d.ts +0 -1
- package/dist/daemon/exec.d.ts.map +1 -1
- package/dist/daemon/exec.js +17 -150
- package/dist/daemon/exec.js.map +1 -1
- package/dist/daemon/index.js +3 -2
- package/dist/daemon/index.js.map +1 -1
- package/dist/daemon/sandbox.d.ts +17 -0
- package/dist/daemon/sandbox.d.ts.map +1 -0
- package/dist/daemon/sandbox.js +92 -0
- package/dist/daemon/sandbox.js.map +1 -0
- package/dist/skills-embedded.js +2 -2
- package/dist/skills-embedded.js.map +1 -1
- package/package.json +1 -1
package/dist/daemon/exec.d.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"exec.d.ts","sourceRoot":"","sources":["../src/exec.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"exec.d.ts","sourceRoot":"","sources":["../src/exec.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAmEjC,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,IAAI,GAAG,IAAI,CAwIjD"}
|
package/dist/daemon/exec.js
CHANGED
|
@@ -1,23 +1,17 @@
|
|
|
1
|
-
import { execSync
|
|
2
|
-
import { existsSync, readdirSync, rmSync, statSync } from 'node:fs';
|
|
1
|
+
import { execSync } from 'node:child_process';
|
|
3
2
|
import { homedir } from 'node:os';
|
|
4
3
|
import { join } from 'node:path';
|
|
5
|
-
import {
|
|
4
|
+
import { orbitalUrl, loadProfile } from './config.js';
|
|
6
5
|
import { log } from './log.js';
|
|
7
6
|
import { onRunStop } from './presence.js';
|
|
8
|
-
|
|
7
|
+
import { runSandboxedPlugin } from './sandbox.js';
|
|
9
8
|
// cwd → git remote cache (daemon is long-lived, resolve once per directory)
|
|
10
9
|
const gitRemoteCache = new Map();
|
|
11
10
|
function resolveGitRemote(cwd) {
|
|
12
11
|
if (gitRemoteCache.has(cwd))
|
|
13
12
|
return gitRemoteCache.get(cwd);
|
|
14
13
|
try {
|
|
15
|
-
const remote = execSync('git remote get-url origin', {
|
|
16
|
-
cwd,
|
|
17
|
-
encoding: 'utf8',
|
|
18
|
-
timeout: 2000,
|
|
19
|
-
stdio: ['ignore', 'pipe', 'ignore'],
|
|
20
|
-
}).trim() || null;
|
|
14
|
+
const remote = execSync('git remote get-url origin', { cwd, encoding: 'utf8', timeout: 2000, stdio: ['ignore', 'pipe', 'ignore'] }).trim() || null;
|
|
21
15
|
gitRemoteCache.set(cwd, remote);
|
|
22
16
|
return remote;
|
|
23
17
|
}
|
|
@@ -39,8 +33,7 @@ function buildPluginEnv(envPrefix, orbitalEnv) {
|
|
|
39
33
|
TERM: process.env['TERM'] ?? 'xterm-256color',
|
|
40
34
|
};
|
|
41
35
|
}
|
|
42
|
-
|
|
43
|
-
log('info', 'daemon', 'using orbital env', { keys: pluginEnvEntries.map(([k]) => k) });
|
|
36
|
+
log('info', 'daemon', 'using orbital env', { keys: Object.keys(orbitalEnv) });
|
|
44
37
|
return {
|
|
45
38
|
PATH: process.env['PATH'] ?? '',
|
|
46
39
|
HOME: process.env['HOME'] ?? '',
|
|
@@ -49,54 +42,9 @@ function buildPluginEnv(envPrefix, orbitalEnv) {
|
|
|
49
42
|
TMPDIR: process.env['TMPDIR'] ?? '/tmp',
|
|
50
43
|
LANG: process.env['LANG'] ?? 'en_US.UTF-8',
|
|
51
44
|
TERM: process.env['TERM'] ?? 'xterm-256color',
|
|
52
|
-
...
|
|
45
|
+
...orbitalEnv,
|
|
53
46
|
};
|
|
54
47
|
}
|
|
55
|
-
function killProcessGroup(pid, signal) {
|
|
56
|
-
if (!pid)
|
|
57
|
-
return;
|
|
58
|
-
try {
|
|
59
|
-
process.kill(-pid, signal);
|
|
60
|
-
}
|
|
61
|
-
catch {
|
|
62
|
-
try {
|
|
63
|
-
process.kill(pid, signal);
|
|
64
|
-
}
|
|
65
|
-
catch { }
|
|
66
|
-
}
|
|
67
|
-
}
|
|
68
|
-
function stripAgentfsBanner(raw) {
|
|
69
|
-
let s = raw;
|
|
70
|
-
s = s.replace(/Welcome to AgentFS![\s\S]*?read-only\.\s*\n/i, '');
|
|
71
|
-
s = s.replace(/To join this session[\s\S]*?agentfs run --session\s+\S+\s+<command>\s*\n?/g, '');
|
|
72
|
-
s = s.replace(/^Delta layer saved to:.*\n?/gm, '');
|
|
73
|
-
s = s.replace(/^To see what changed:.*\n?/gm, '');
|
|
74
|
-
s = s.replace(/^\s*agentfs diff .*\n?/gm, '');
|
|
75
|
-
s = s.replace(/\n{3,}/g, '\n\n');
|
|
76
|
-
return s.trim();
|
|
77
|
-
}
|
|
78
|
-
export function cleanupStaleAgentfsSessions() {
|
|
79
|
-
const runDir = join(homedir(), '.agentfs', 'run');
|
|
80
|
-
if (!existsSync(runDir))
|
|
81
|
-
return;
|
|
82
|
-
const oneHourAgo = Date.now() - 60 * 60 * 1000;
|
|
83
|
-
let cleaned = 0;
|
|
84
|
-
for (const entry of readdirSync(runDir)) {
|
|
85
|
-
if (!entry.startsWith('harbor-'))
|
|
86
|
-
continue;
|
|
87
|
-
const entryPath = join(runDir, entry);
|
|
88
|
-
try {
|
|
89
|
-
const stat = statSync(entryPath);
|
|
90
|
-
if (stat.isDirectory() && stat.mtimeMs < oneHourAgo) {
|
|
91
|
-
rmSync(entryPath, { recursive: true, force: true });
|
|
92
|
-
cleaned++;
|
|
93
|
-
}
|
|
94
|
-
}
|
|
95
|
-
catch { }
|
|
96
|
-
}
|
|
97
|
-
if (cleaned > 0)
|
|
98
|
-
log('info', 'daemon', 'cleaned stale agentfs sessions', { count: cleaned });
|
|
99
|
-
}
|
|
100
48
|
function applyEnvMap(env, envMap) {
|
|
101
49
|
if (!envMap)
|
|
102
50
|
return env;
|
|
@@ -112,65 +60,7 @@ function resolveAllowPaths(paths) {
|
|
|
112
60
|
if (!paths || paths.length === 0)
|
|
113
61
|
return [];
|
|
114
62
|
const home = process.env['HOME'] ?? homedir();
|
|
115
|
-
return paths.map(
|
|
116
|
-
}
|
|
117
|
-
function runAgentfsPlugin(options) {
|
|
118
|
-
const sessionName = `harbor-${options.profile}-${options.runId.slice(0, 8)}`;
|
|
119
|
-
const extraAllows = resolveAllowPaths(options.allowPaths);
|
|
120
|
-
const allowArgs = [options.cwd, ...extraAllows].flatMap((p) => ['--allow', p]);
|
|
121
|
-
return new Promise((resolve, reject) => {
|
|
122
|
-
const child = spawn('agentfs', ['run', '--session', sessionName, ...allowArgs, '--', options.binary, ...options.argv], {
|
|
123
|
-
cwd: options.cwd,
|
|
124
|
-
env: applyEnvMap(buildPluginEnv(options.envPrefix, options.env), options.envMap),
|
|
125
|
-
detached: true,
|
|
126
|
-
});
|
|
127
|
-
let stdout = '';
|
|
128
|
-
let stderr = '';
|
|
129
|
-
let settled = false;
|
|
130
|
-
let stoppedByControl = false;
|
|
131
|
-
let killTimer = null;
|
|
132
|
-
const unsubscribe = onRunStop(options.runId, (reason) => {
|
|
133
|
-
if (stoppedByControl || child.killed)
|
|
134
|
-
return;
|
|
135
|
-
stoppedByControl = true;
|
|
136
|
-
stderr += `\n[harbor] stop requested by orbital: ${reason}\n`;
|
|
137
|
-
killProcessGroup(child.pid, 'SIGTERM');
|
|
138
|
-
killTimer = setTimeout(() => {
|
|
139
|
-
killProcessGroup(child.pid, 'SIGKILL');
|
|
140
|
-
}, CONTROL_KILL_GRACE_MS);
|
|
141
|
-
});
|
|
142
|
-
const clearAll = () => {
|
|
143
|
-
unsubscribe();
|
|
144
|
-
if (killTimer)
|
|
145
|
-
clearTimeout(killTimer);
|
|
146
|
-
};
|
|
147
|
-
child.stdout.on('data', (chunk) => {
|
|
148
|
-
stdout += chunk.toString();
|
|
149
|
-
});
|
|
150
|
-
child.stderr.on('data', (chunk) => {
|
|
151
|
-
stderr += chunk.toString();
|
|
152
|
-
});
|
|
153
|
-
child.on('error', (error) => {
|
|
154
|
-
if (settled)
|
|
155
|
-
return;
|
|
156
|
-
settled = true;
|
|
157
|
-
clearAll();
|
|
158
|
-
reject(error);
|
|
159
|
-
});
|
|
160
|
-
child.on('close', (code) => {
|
|
161
|
-
if (settled)
|
|
162
|
-
return;
|
|
163
|
-
settled = true;
|
|
164
|
-
clearAll();
|
|
165
|
-
try {
|
|
166
|
-
const sessionDir = join(homedir(), '.agentfs', 'run', sessionName);
|
|
167
|
-
rmSync(sessionDir, { recursive: true, force: true });
|
|
168
|
-
log('info', 'daemon', 'cleaned up agentfs session', { session: sessionName });
|
|
169
|
-
}
|
|
170
|
-
catch { }
|
|
171
|
-
resolve({ code: code ?? 1, stdout, stderr: stripAgentfsBanner(stderr), stoppedByControl });
|
|
172
|
-
});
|
|
173
|
-
});
|
|
63
|
+
return paths.map(p => p.startsWith('~/') ? join(home, p.slice(2)) : p);
|
|
174
64
|
}
|
|
175
65
|
export function registerExecRoute(app) {
|
|
176
66
|
app.post('/exec', async (c) => {
|
|
@@ -197,28 +87,15 @@ export function registerExecRoute(app) {
|
|
|
197
87
|
const createRes = await fetch(`${orbitalUrl}/api/runs`, {
|
|
198
88
|
method: 'POST',
|
|
199
89
|
headers: { 'content-type': 'application/json', authorization: `Bearer ${profile.daemonToken}` },
|
|
200
|
-
body: JSON.stringify({
|
|
201
|
-
plugin: body.plugin,
|
|
202
|
-
input: {
|
|
203
|
-
argv: body.argv,
|
|
204
|
-
cwd: body.cwd,
|
|
205
|
-
profile: body.profile,
|
|
206
|
-
origin: body.origin,
|
|
207
|
-
gitRemote: resolveGitRemote(body.cwd),
|
|
208
|
-
},
|
|
209
|
-
}),
|
|
90
|
+
body: JSON.stringify({ plugin: body.plugin, input: { argv: body.argv, cwd: body.cwd, profile: body.profile, origin: body.origin, gitRemote: resolveGitRemote(body.cwd) } }),
|
|
210
91
|
});
|
|
211
92
|
if (!createRes.ok) {
|
|
212
93
|
return c.json({ error: 'create_failed', details: await createRes.text() }, 502);
|
|
213
94
|
}
|
|
214
|
-
const created =
|
|
95
|
+
const created = await createRes.json();
|
|
215
96
|
// API plugins complete inline on orbital — no daemon execution needed
|
|
216
97
|
if (created.completed) {
|
|
217
|
-
return c.json({
|
|
218
|
-
body: created.error ?? created.result?.body ?? '',
|
|
219
|
-
status: created.result?.status ?? 200,
|
|
220
|
-
runId: created.runId,
|
|
221
|
-
});
|
|
98
|
+
return c.json({ body: created.error ?? created.result?.body ?? '', status: created.result?.status ?? 200, runId: created.runId });
|
|
222
99
|
}
|
|
223
100
|
if (!created.assignment) {
|
|
224
101
|
return c.json({ error: 'no_assignment', details: 'Run created but no assignment returned' }, 502);
|
|
@@ -248,29 +125,19 @@ export function registerExecRoute(app) {
|
|
|
248
125
|
await fetch(`${orbitalUrl}/api/runs/${created.runId}/complete`, {
|
|
249
126
|
method: 'POST',
|
|
250
127
|
headers: { 'content-type': 'application/json', authorization: `Bearer ${profile.daemonToken}` },
|
|
251
|
-
body: JSON.stringify({
|
|
252
|
-
status: 'failed',
|
|
253
|
-
output: '',
|
|
254
|
-
error: stderr,
|
|
255
|
-
exitCode: 127,
|
|
256
|
-
durationMs: 0,
|
|
257
|
-
envKeys: [],
|
|
258
|
-
}),
|
|
128
|
+
body: JSON.stringify({ status: 'failed', output: '', error: stderr, exitCode: 127, durationMs: 0, envKeys: [] }),
|
|
259
129
|
});
|
|
260
130
|
return c.json({ ok: false, runId: created.runId, status: 'failed', stdout: '', stderr, stoppedByControl: false }, 500);
|
|
261
131
|
}
|
|
262
132
|
const startTime = Date.now();
|
|
263
|
-
const result = await
|
|
133
|
+
const result = await runSandboxedPlugin({
|
|
264
134
|
binary,
|
|
265
|
-
envPrefix,
|
|
266
|
-
cwd: created.assignment.cwd,
|
|
267
|
-
profile: created.assignment.profile,
|
|
268
135
|
argv: created.assignment.argv,
|
|
136
|
+
cwd: created.assignment.cwd,
|
|
137
|
+
env: applyEnvMap(buildPluginEnv(envPrefix, created.assignment.env), created.assignment.envMap),
|
|
138
|
+
allowPaths: resolveAllowPaths(created.assignment.sandbox?.allowPaths),
|
|
269
139
|
runId: created.runId,
|
|
270
|
-
|
|
271
|
-
env: created.assignment.env,
|
|
272
|
-
allowPaths: created.assignment.sandbox?.allowPaths,
|
|
273
|
-
envMap: created.assignment.envMap,
|
|
140
|
+
onStop: (cb) => onRunStop(created.runId, cb),
|
|
274
141
|
});
|
|
275
142
|
const status = result.code === 0 && !result.stoppedByControl ? 'completed' : 'failed';
|
|
276
143
|
const error = result.stoppedByControl
|
|
@@ -286,7 +153,7 @@ export function registerExecRoute(app) {
|
|
|
286
153
|
error,
|
|
287
154
|
exitCode: result.code,
|
|
288
155
|
durationMs: Date.now() - startTime,
|
|
289
|
-
envKeys: Object.keys(orbitalEnv).filter(
|
|
156
|
+
envKeys: Object.keys(orbitalEnv).filter(k => k.startsWith(envPrefix)),
|
|
290
157
|
}),
|
|
291
158
|
});
|
|
292
159
|
return c.json({
|
package/dist/daemon/exec.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"exec.js","sourceRoot":"","sources":["../src/exec.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACpE,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACtD,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAC/B,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAG1C,MAAM,qBAAqB,GAAG,IAAI,CAAC;AAEnC,4EAA4E;AAC5E,MAAM,cAAc,GAAG,IAAI,GAAG,EAAyB,CAAC;AAExD,SAAS,gBAAgB,CAAC,GAAW;IACpC,IAAI,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,OAAO,cAAc,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC;IAC7D,IAAI,CAAC;QACJ,MAAM,MAAM,GACX,QAAQ,CAAC,2BAA2B,EAAE;YACrC,GAAG;YACH,QAAQ,EAAE,MAAM;YAChB,OAAO,EAAE,IAAI;YACb,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC;SACnC,CAAC,CAAC,IAAI,EAAE,IAAI,IAAI,CAAC;QACnB,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAChC,OAAO,MAAM,CAAC;IACf,CAAC;IAAC,MAAM,CAAC;QACR,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC9B,OAAO,IAAI,CAAC;IACb,CAAC;AACF,CAAC;AAED,SAAS,cAAc,CAAC,SAAiB,EAAE,UAAmC;IAC7E,IAAI,CAAC,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzD,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,4EAA4E,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC;QACnH,OAAO;YACN,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;YAC/B,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;YAC/B,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;YAC/B,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE;YACjC,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,MAAM;YACvC,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,aAAa;YAC1C,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,gBAAgB;SAC7C,CAAC;IACH,CAAC;IAED,MAAM,gBAAgB,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC;IACjG,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,mBAAmB,EAAE,EAAE,IAAI,EAAE,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAEvF,OAAO;QACN,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;QAC/B,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;QAC/B,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;QAC/B,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE;QACjC,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,MAAM;QACvC,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,aAAa;QAC1C,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,gBAAgB;QAC7C,GAAG,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC;KACvC,CAAC;AACH,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAuB,EAAE,MAAsB;IACxE,IAAI,CAAC,GAAG;QAAE,OAAO;IACjB,IAAI,CAAC;QACJ,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACR,IAAI,CAAC;YACJ,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC,CAAA,CAAC;IACX,CAAC;AACF,CAAC;AAED,SAAS,kBAAkB,CAAC,GAAW;IACtC,IAAI,CAAC,GAAG,GAAG,CAAC;IACZ,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,8CAA8C,EAAE,EAAE,CAAC,CAAC;IAClE,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,4EAA4E,EAAE,EAAE,CAAC,CAAC;IAChG,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,+BAA+B,EAAE,EAAE,CAAC,CAAC;IACnD,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,8BAA8B,EAAE,EAAE,CAAC,CAAC;IAClD,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,0BAA0B,EAAE,EAAE,CAAC,CAAC;IAC9C,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IACjC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,2BAA2B;IAC1C,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC;IAClD,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC;QAAE,OAAO;IAChC,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IAC/C,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,MAAM,KAAK,IAAI,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC;QACzC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC;YAAE,SAAS;QAC3C,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACtC,IAAI,CAAC;YACJ,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC;YACjC,IAAI,IAAI,CAAC,WAAW,EAAE,IAAI,IAAI,CAAC,OAAO,GAAG,UAAU,EAAE,CAAC;gBACrD,MAAM,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;gBACpD,OAAO,EAAE,CAAC;YACX,CAAC;QACF,CAAC;QAAC,MAAM,CAAC,CAAA,CAAC;IACX,CAAC;IACD,IAAI,OAAO,GAAG,CAAC;QAAE,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,gCAAgC,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;AAC9F,CAAC;AAED,SAAS,WAAW,CAAC,GAA2B,EAAE,MAA+B;IAChF,IAAI,CAAC,MAAM;QAAE,OAAO,GAAG,CAAC;IACxB,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,EAAE,CAAC;IAC1B,KAAK,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACjD,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,SAAS,EAAE,CAAC;YAChC,MAAM,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC;IACF,CAAC;IACD,OAAO,MAAM,CAAC;AACf,CAAC;AAED,SAAS,iBAAiB,CAAC,KAA2B;IACrD,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;IAC9C,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5E,CAAC;AAED,SAAS,gBAAgB,CAAC,OAWzB;IACA,MAAM,WAAW,GAAG,UAAU,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;IAC7E,MAAM,WAAW,GAAG,iBAAiB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC1D,MAAM,SAAS,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,CAAC;IAC/E,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACtC,MAAM,KAAK,GAAG,KAAK,CAClB,SAAS,EACT,CAAC,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,GAAG,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,EACtF;YACC,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,GAAG,EAAE,WAAW,CAAC,cAAc,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,EAAE,OAAO,CAAC,MAAM,CAAC;YAChF,QAAQ,EAAE,IAAI;SACd,CACD,CAAC;QAEF,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,IAAI,gBAAgB,GAAG,KAAK,CAAC;QAC7B,IAAI,SAAS,GAA0B,IAAI,CAAC;QAE5C,MAAM,WAAW,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YACvD,IAAI,gBAAgB,IAAI,KAAK,CAAC,MAAM;gBAAE,OAAO;YAC7C,gBAAgB,GAAG,IAAI,CAAC;YACxB,MAAM,IAAI,yCAAyC,MAAM,IAAI,CAAC;YAC9D,gBAAgB,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;YACvC,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;gBAC3B,gBAAgB,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;YACxC,CAAC,EAAE,qBAAqB,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,GAAG,EAAE;YACrB,WAAW,EAAE,CAAC;YACd,IAAI,SAAS;gBAAE,YAAY,CAAC,SAAS,CAAC,CAAC;QACxC,CAAC,CAAC;QAEF,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE;YACjC,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE;YACjC,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;YAC3B,IAAI,OAAO;gBAAE,OAAO;YACpB,OAAO,GAAG,IAAI,CAAC;YACf,QAAQ,EAAE,CAAC;YACX,MAAM,CAAC,KAAK,CAAC,CAAC;QACf,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;YAC1B,IAAI,OAAO;gBAAE,OAAO;YACpB,OAAO,GAAG,IAAI,CAAC;YACf,QAAQ,EAAE,CAAC;YACX,IAAI,CAAC;gBACJ,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,UAAU,EAAE,KAAK,EAAE,WAAW,CAAC,CAAC;gBACnE,MAAM,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;gBACrD,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,4BAA4B,EAAE,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;YAC/E,CAAC;YAAC,MAAM,CAAC,CAAA,CAAC;YACV,OAAO,CAAC,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,kBAAkB,CAAC,MAAM,CAAC,EAAE,gBAAgB,EAAE,CAAC,CAAC;QAC5F,CAAC,CAAC,CAAC;IACJ,CAAC,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,GAAS;IAC1C,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC7B,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAazB,CAAC;QAEL,IAAI,CAAC,IAAI,CAAC,OAAO;YAAE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,EAAE,GAAG,CAAC,CAAC;QACrE,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ;YAAE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,EAAE,GAAG,CAAC,CAAC;QACtG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,EAAE,GAAG,CAAC,CAAC;QAC9E,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,EAAE,GAAG,CAAC,CAAC;QAEzF,IAAI,OAAsB,CAAC;QAC3B,IAAI,CAAC;YACJ,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACrC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAChB,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,qBAAqB,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,GAAG,CAAC,CAAC;QACxE,CAAC;QAED,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;YAC1B,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,OAAO,EAAE,oCAAoC,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,GAAG,CAAC,CAAC;QAClH,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,WAAW,EAAE;YACvD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,WAAW,EAAE,EAAE;YAC/F,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACpB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,KAAK,EAAE;oBACN,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,GAAG,EAAE,IAAI,CAAC,GAAG;oBACb,OAAO,EAAE,IAAI,CAAC,OAAO;oBACrB,MAAM,EAAE,IAAI,CAAC,MAAM;oBACnB,SAAS,EAAE,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC;iBACrC;aACD,CAAC;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC;YACnB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC;QACjF,CAAC;QAED,MAAM,OAAO,GAAG,CAAC,MAAM,SAAS,CAAC,IAAI,EAAE,CAgBtC,CAAC;QAEF,sEAAsE;QACtE,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;YACvB,OAAO,CAAC,CAAC,IAAI,CAAC;gBACb,IAAI,EAAE,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,MAAM,EAAE,IAAI,IAAI,EAAE;gBACjD,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,MAAM,IAAI,GAAG;gBACrC,KAAK,EAAE,OAAO,CAAC,KAAK;aACpB,CAAC,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;YACzB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,OAAO,EAAE,wCAAwC,EAAE,EAAE,GAAG,CAAC,CAAC;QACnG,CAAC;QAED,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,EAAE,MAAM,IAAI,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC;QAC/E,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,EAAE,SAAS,IAAI,QAAQ,CAAC;QAEjE,sDAAsD;QACtD,IAAI,CAAC;YACJ,QAAQ,CAAC,SAAS,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QACjE,CAAC;QAAC,MAAM,CAAC;YACR,MAAM,MAAM,GAAG,KAAK,MAAM,2CAA2C,CAAC;YACtE,MAAM,YAAY,GAA2B;gBAC5C,KAAK,EAAE,oCAAoC;gBAC3C,OAAO,EAAE,qDAAqD;gBAC9D,MAAM,EAAE,mDAAmD;gBAC3D,MAAM,EAAE,qEAAqE;gBAC7E,KAAK,EAAE,gDAAgD;gBACvD,MAAM,EAAE,mBAAmB;gBAC3B,EAAE,EAAE,iDAAiD;gBACrD,QAAQ,EAAE,6BAA6B;gBACvC,QAAQ,EAAE,4EAA4E;gBACtF,MAAM,EAAE,0EAA0E;aAClF,CAAC;YACF,MAAM,IAAI,GAAG,YAAY,CAAC,MAAM,CAAC,IAAI,eAAe,IAAI,CAAC,MAAM,0CAA0C,CAAC;YAC1G,MAAM,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;YAE7B,MAAM,KAAK,CAAC,GAAG,UAAU,aAAa,OAAO,CAAC,KAAK,WAAW,EAAE;gBAC/D,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,WAAW,EAAE,EAAE;gBAC/F,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACpB,MAAM,EAAE,QAAQ;oBAChB,MAAM,EAAE,EAAE;oBACV,KAAK,EAAE,MAAM;oBACb,QAAQ,EAAE,GAAG;oBACb,UAAU,EAAE,CAAC;oBACb,OAAO,EAAE,EAAE;iBACX,CAAC;aACF,CAAC,CAAC;YAEH,OAAO,CAAC,CAAC,IAAI,CACZ,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,gBAAgB,EAAE,KAAK,EAAE,EAClG,GAAG,CACH,CAAC;QACH,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC;YACrC,MAAM;YACN,SAAS;YACT,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC,GAAG;YAC3B,OAAO,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO;YACnC,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI;YAC7B,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC,GAAG;YAC3B,UAAU,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO,EAAE,UAAU;YAClD,MAAM,EAAE,OAAO,CAAC,UAAU,CAAC,MAAM;SACjC,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC;QACtF,MAAM,KAAK,GAAG,MAAM,CAAC,gBAAgB;YACpC,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,kEAAkE,CAAC,IAAI,EAAE;YAC3F,CAAC,CAAC,MAAM,CAAC,MAAM,IAAI,SAAS,CAAC;QAE9B,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,CAAC;QAChD,MAAM,KAAK,CAAC,GAAG,UAAU,aAAa,OAAO,CAAC,KAAK,WAAW,EAAE;YAC/D,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,WAAW,EAAE,EAAE;YAC/F,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACpB,MAAM;gBACN,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,KAAK;gBACL,QAAQ,EAAE,MAAM,CAAC,IAAI;gBACrB,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;gBAClC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;aACvE,CAAC;SACF,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CACZ;YACC,EAAE,EAAE,MAAM,KAAK,WAAW;YAC1B,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,MAAM;YACN,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,MAAM,EAAE,KAAK,IAAI,EAAE;YACnB,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;SACzC,EACD,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAClC,CAAC;IACH,CAAC,CAAC,CAAC;AACJ,CAAC"}
|
|
1
|
+
{"version":3,"file":"exec.js","sourceRoot":"","sources":["../src/exec.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAGjC,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AACtD,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAC/B,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC1C,OAAO,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAElD,4EAA4E;AAC5E,MAAM,cAAc,GAAG,IAAI,GAAG,EAAyB,CAAC;AAExD,SAAS,gBAAgB,CAAC,GAAW;IACnC,IAAI,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,OAAO,cAAc,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC;IAC7D,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,QAAQ,CAAC,2BAA2B,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,IAAI,CAAC;QACnJ,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAChC,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,MAAM,CAAC;QACP,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,SAAiB,EAAE,UAAmC;IAC5E,IAAI,CAAC,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxD,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,4EAA4E,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC;QACnH,OAAO;YACL,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;YAC/B,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;YAC/B,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;YAC/B,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE;YACjC,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,MAAM;YACvC,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,aAAa;YAC1C,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,gBAAgB;SAC9C,CAAC;IACJ,CAAC;IAED,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,mBAAmB,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IAE9E,OAAO;QACL,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;QAC/B,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;QAC/B,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;QAC/B,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE;QACjC,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,MAAM;QACvC,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,aAAa;QAC1C,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,gBAAgB;QAC7C,GAAG,UAAU;KACd,CAAC;AACJ,CAAC;AAED,SAAS,WAAW,CAAC,GAA2B,EAAE,MAA+B;IAC/E,IAAI,CAAC,MAAM;QAAE,OAAO,GAAG,CAAC;IACxB,MAAM,MAAM,GAAG,EAAE,GAAG,GAAG,EAAE,CAAC;IAC1B,KAAK,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAChD,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,SAAS,EAAE,CAAC;YAC/B,MAAM,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,iBAAiB,CAAC,KAA2B;IACpD,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;IAC9C,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACzE,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,GAAS;IACzC,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC5B,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAMzB,CAAC;QAEL,IAAI,CAAC,IAAI,CAAC,OAAO;YAAE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,EAAE,GAAG,CAAC,CAAC;QACrE,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ;YAAE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,EAAE,GAAG,CAAC,CAAC;QACtG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,EAAE,GAAG,CAAC,CAAC;QAC9E,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,EAAE,GAAG,CAAC,CAAC;QAEzF,IAAI,OAAsB,CAAC;QAC3B,IAAI,CAAC;YACH,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACtC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,qBAAqB,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,GAAG,CAAC,CAAC;QACzE,CAAC;QAED,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;YACzB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,OAAO,EAAE,oCAAoC,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,GAAG,CAAC,CAAC;QACnH,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,WAAW,EAAE;YACtD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,WAAW,EAAE,EAAE;YAC/F,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;SAC5K,CAAC,CAAC;QAEH,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC;YAClB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC;QAClF,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,IAAI,EAgBnC,CAAC;QAEF,sEAAsE;QACtE,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;YACtB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,MAAM,EAAE,IAAI,IAAI,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,MAAM,IAAI,GAAG,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;QACpI,CAAC;QAED,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;YACxB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,OAAO,EAAE,wCAAwC,EAAE,EAAE,GAAG,CAAC,CAAC;QACpG,CAAC;QAED,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,EAAE,MAAM,IAAI,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC;QAC/E,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,EAAE,SAAS,IAAI,QAAQ,CAAC;QAGjE,sDAAsD;QACtD,IAAI,CAAC;YACH,QAAQ,CAAC,SAAS,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QAClE,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,MAAM,GAAG,KAAK,MAAM,2CAA2C,CAAC;YACtE,MAAM,YAAY,GAA2B;gBAC3C,KAAK,EAAE,oCAAoC;gBAC3C,OAAO,EAAE,qDAAqD;gBAC9D,MAAM,EAAE,mDAAmD;gBAC3D,MAAM,EAAE,qEAAqE;gBAC7E,KAAK,EAAE,gDAAgD;gBACvD,MAAM,EAAE,mBAAmB;gBAC3B,EAAE,EAAE,iDAAiD;gBACrD,QAAQ,EAAE,6BAA6B;gBACvC,QAAQ,EAAE,4EAA4E;gBACtF,MAAM,EAAE,0EAA0E;aACnF,CAAC;YACF,MAAM,IAAI,GAAG,YAAY,CAAC,MAAM,CAAC,IAAI,eAAe,IAAI,CAAC,MAAM,0CAA0C,CAAC;YAC1G,MAAM,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;YAE7B,MAAM,KAAK,CAAC,GAAG,UAAU,aAAa,OAAO,CAAC,KAAK,WAAW,EAAE;gBAC9D,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,WAAW,EAAE,EAAE;gBAC/F,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;aACjH,CAAC,CAAC;YAEH,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,gBAAgB,EAAE,KAAK,EAAE,EAAE,GAAG,CAAC,CAAC;QACzH,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC;YACtC,MAAM;YACN,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI;YAC7B,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC,GAAG;YAC3B,GAAG,EAAE,WAAW,CAAC,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC;YAC9F,UAAU,EAAE,iBAAiB,CAAC,OAAO,CAAC,UAAU,CAAC,OAAO,EAAE,UAAU,CAAC;YACrE,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,MAAM,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;SAC7C,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC;QACtF,MAAM,KAAK,GAAG,MAAM,CAAC,gBAAgB;YACnC,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,kEAAkE,CAAC,IAAI,EAAE;YAC3F,CAAC,CAAC,MAAM,CAAC,MAAM,IAAI,SAAS,CAAC;QAE/B,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,GAAG,IAAI,EAAE,CAAC;QAChD,MAAM,KAAK,CAAC,GAAG,UAAU,aAAa,OAAO,CAAC,KAAK,WAAW,EAAE;YAC9D,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,UAAU,OAAO,CAAC,WAAW,EAAE,EAAE;YAC/F,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,MAAM;gBACN,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,KAAK;gBACL,QAAQ,EAAE,MAAM,CAAC,IAAI;gBACrB,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;gBAClC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;aACtE,CAAC;SACH,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,MAAM,KAAK,WAAW;YAC1B,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,MAAM;YACN,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,MAAM,EAAE,KAAK,IAAI,EAAE;YACnB,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;SAC1C,EAAE,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;AACL,CAAC"}
|
package/dist/daemon/index.js
CHANGED
|
@@ -6,7 +6,8 @@ import { dirname } from 'node:path';
|
|
|
6
6
|
import { SOCKET_PATH, IDLE_TIMEOUT_MS, TCP_PORT_START, loadAllProfiles } from './config.js';
|
|
7
7
|
import { log } from './log.js';
|
|
8
8
|
import { writeLockfile, cleanup, checkExistingDaemon, tryTcpFallback } from './ipc.js';
|
|
9
|
-
import { registerExecRoute
|
|
9
|
+
import { registerExecRoute } from './exec.js';
|
|
10
|
+
import { initSandbox } from './sandbox.js';
|
|
10
11
|
import { connectPresenceWs, refreshTokensIfNeeded } from './presence.js';
|
|
11
12
|
const app = new Hono();
|
|
12
13
|
const daemonSecret = crypto.randomUUID();
|
|
@@ -44,7 +45,7 @@ if (checkExistingDaemon()) {
|
|
|
44
45
|
log('error', 'daemon', 'another instance is already running');
|
|
45
46
|
process.exit(1);
|
|
46
47
|
}
|
|
47
|
-
|
|
48
|
+
await initSandbox();
|
|
48
49
|
// Clean up stale socket file
|
|
49
50
|
try {
|
|
50
51
|
unlinkSync(SOCKET_PATH);
|
package/dist/daemon/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AACvD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC5F,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAC/B,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AACvF,OAAO,EAAE,iBAAiB,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AACvD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC5F,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAC/B,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AACvF,OAAO,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AAEzE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;AACvB,MAAM,YAAY,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;AAEzC,IAAI,SAAS,GAA0B,IAAI,CAAC;AAE5C,SAAS,cAAc;IACrB,IAAI,SAAS;QAAE,YAAY,CAAC,SAAS,CAAC,CAAC;IACvC,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;QAC1B,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,qCAAqC,CAAC,CAAC;QAC7D,OAAO,EAAE,CAAC;QACV,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,EAAE,eAAe,CAAC,CAAC;AACtB,CAAC;AAED,mDAAmD;AACnD,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;IAC7B,cAAc,EAAE,CAAC;IACjB,MAAM,IAAI,EAAE,CAAC;AACf,CAAC,CAAC,CAAC;AAEH,6DAA6D;AAC7D,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;IAC7B,kDAAkD;IAClD,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC7B,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC;IAED,MAAM,cAAc,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,wBAAwB,CAAC,CAAC;IAC9D,IAAI,CAAC,cAAc,IAAI,cAAc,KAAK,YAAY,EAAE,CAAC;QACvD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE,GAAG,CAAC,CAAC;IAChD,CAAC;IAED,MAAM,IAAI,EAAE,CAAC;AACf,CAAC,CAAC,CAAC;AAEH,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AAEhD,iBAAiB,CAAC,GAAG,CAAC,CAAC;AAEvB,kBAAkB;AAElB,IAAI,mBAAmB,EAAE,EAAE,CAAC;IAC1B,GAAG,CAAC,OAAO,EAAE,QAAQ,EAAE,qCAAqC,CAAC,CAAC;IAC9D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,MAAM,WAAW,EAAE,CAAC;AAEpB,6BAA6B;AAC7B,IAAI,CAAC;IAAC,UAAU,CAAC,WAAW,CAAC,CAAC;AAAC,CAAC;AAAC,MAAM,CAAC,CAAA,CAAC;AAEzC,MAAM,MAAM,GAAG,YAAY,CAAC,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;AAE3D,SAAS,WAAW,CAAC,OAAe;IAClC,aAAa,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IACrC,cAAc,EAAE,CAAC;IACjB,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;IAChD,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAC;IACnC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,OAAO,CAAC,WAAW;YAAE,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACtD,CAAC;IACD,qBAAqB,CAAC,QAAQ,CAAC,CAAC;IAChC,WAAW,CAAC,GAAG,EAAE,CAAC,qBAAqB,CAAC,eAAe,EAAE,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;AAC9E,CAAC;AAED,KAAK,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAU,EAAE,CAAC;IACjD,OAAO,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE;QACnB,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,YAAY,GAAG,iBAAiB,CAAC,CAAC;QACxD,OAAO,EAAE,CAAC;QACV,MAAM,CAAC,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC;AAED,0CAA0C;AAC1C,SAAS,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;AACrD,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAA0B,EAAE,EAAE;IAChD,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,IAAI,GAAG,CAAC,IAAI,KAAK,qCAAqC,EAAE,CAAC;QAC1G,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,gDAAgD,CAAC,CAAC;QACxE,cAAc,CAAC,GAAG,EAAE,cAAc,EAAE,YAAY,EAAE,WAAW,CAAC,CAAC;IACjE,CAAC;SAAM,CAAC;QACN,GAAG,CAAC,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,GAAG,EAAE;IAC9B,WAAW,CAAC,WAAW,CAAC,CAAC;AAC3B,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
/** Initialize SandboxManager once at daemon startup. */
|
|
2
|
+
export declare function initSandbox(): Promise<void>;
|
|
3
|
+
export declare function runSandboxedPlugin(options: {
|
|
4
|
+
binary: string;
|
|
5
|
+
argv: string[];
|
|
6
|
+
cwd: string;
|
|
7
|
+
env: Record<string, string>;
|
|
8
|
+
allowPaths?: string[];
|
|
9
|
+
onStop: (cb: (reason: string) => void) => () => void;
|
|
10
|
+
runId: string;
|
|
11
|
+
}): Promise<{
|
|
12
|
+
code: number;
|
|
13
|
+
stdout: string;
|
|
14
|
+
stderr: string;
|
|
15
|
+
stoppedByControl: boolean;
|
|
16
|
+
}>;
|
|
17
|
+
//# sourceMappingURL=sandbox.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sandbox.d.ts","sourceRoot":"","sources":["../src/sandbox.ts"],"names":[],"mappings":"AAMA,wDAAwD;AACxD,wBAAsB,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC,CAiBjD;AAED,wBAAsB,kBAAkB,CAAC,OAAO,EAAE;IAChD,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,IAAI,KAAK,MAAM,IAAI,CAAC;IACrD,KAAK,EAAE,MAAM,CAAC;CACf,GAAG,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,gBAAgB,EAAE,OAAO,CAAA;CAAE,CAAC,CAoDvF"}
|
|
@@ -0,0 +1,92 @@
|
|
|
1
|
+
import { SandboxManager } from '@anthropic-ai/sandbox-runtime';
|
|
2
|
+
import { spawn } from 'node:child_process';
|
|
3
|
+
import { log } from './log.js';
|
|
4
|
+
let initialized = false;
|
|
5
|
+
/** Initialize SandboxManager once at daemon startup. */
|
|
6
|
+
export async function initSandbox() {
|
|
7
|
+
if (initialized)
|
|
8
|
+
return;
|
|
9
|
+
try {
|
|
10
|
+
await SandboxManager.initialize({
|
|
11
|
+
filesystem: {
|
|
12
|
+
denyRead: ['~/.ssh', '~/.gnupg'],
|
|
13
|
+
allowWrite: ['.', '/tmp'],
|
|
14
|
+
denyWrite: [],
|
|
15
|
+
},
|
|
16
|
+
});
|
|
17
|
+
initialized = true;
|
|
18
|
+
log('info', 'daemon', 'sandbox initialized (srt)');
|
|
19
|
+
}
|
|
20
|
+
catch (err) {
|
|
21
|
+
log('warn', 'daemon', 'sandbox init failed, falling back to unsandboxed execution', {
|
|
22
|
+
error: err instanceof Error ? err.message : String(err),
|
|
23
|
+
});
|
|
24
|
+
}
|
|
25
|
+
}
|
|
26
|
+
export async function runSandboxedPlugin(options) {
|
|
27
|
+
const KILL_GRACE_MS = 3000;
|
|
28
|
+
const cmd = [options.binary, ...options.argv].join(' ');
|
|
29
|
+
let sandboxedCmd;
|
|
30
|
+
if (initialized) {
|
|
31
|
+
try {
|
|
32
|
+
sandboxedCmd = await SandboxManager.wrapWithSandbox(cmd);
|
|
33
|
+
}
|
|
34
|
+
catch (err) {
|
|
35
|
+
log('warn', 'daemon', 'sandbox wrap failed, running unsandboxed', {
|
|
36
|
+
error: err instanceof Error ? err.message : String(err),
|
|
37
|
+
});
|
|
38
|
+
sandboxedCmd = cmd;
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
else {
|
|
42
|
+
sandboxedCmd = cmd;
|
|
43
|
+
}
|
|
44
|
+
return new Promise((resolve, reject) => {
|
|
45
|
+
const child = spawn(sandboxedCmd, {
|
|
46
|
+
shell: true,
|
|
47
|
+
cwd: options.cwd,
|
|
48
|
+
env: options.env,
|
|
49
|
+
detached: true,
|
|
50
|
+
});
|
|
51
|
+
let stdout = '';
|
|
52
|
+
let stderr = '';
|
|
53
|
+
let settled = false;
|
|
54
|
+
let stoppedByControl = false;
|
|
55
|
+
let killTimer = null;
|
|
56
|
+
const unsubscribe = options.onStop((reason) => {
|
|
57
|
+
if (stoppedByControl || child.killed)
|
|
58
|
+
return;
|
|
59
|
+
stoppedByControl = true;
|
|
60
|
+
stderr += `\n[harbor] stop requested by orbital: ${reason}\n`;
|
|
61
|
+
killProcessGroup(child.pid, 'SIGTERM');
|
|
62
|
+
killTimer = setTimeout(() => { killProcessGroup(child.pid, 'SIGKILL'); }, KILL_GRACE_MS);
|
|
63
|
+
});
|
|
64
|
+
const clearAll = () => { unsubscribe(); if (killTimer)
|
|
65
|
+
clearTimeout(killTimer); };
|
|
66
|
+
child.stdout?.on('data', (chunk) => { stdout += chunk.toString(); });
|
|
67
|
+
child.stderr?.on('data', (chunk) => { stderr += chunk.toString(); });
|
|
68
|
+
child.on('error', (error) => { if (settled)
|
|
69
|
+
return; settled = true; clearAll(); reject(error); });
|
|
70
|
+
child.on('close', (code) => {
|
|
71
|
+
if (settled)
|
|
72
|
+
return;
|
|
73
|
+
settled = true;
|
|
74
|
+
clearAll();
|
|
75
|
+
resolve({ code: code ?? 1, stdout, stderr: stderr.trim(), stoppedByControl });
|
|
76
|
+
});
|
|
77
|
+
});
|
|
78
|
+
}
|
|
79
|
+
function killProcessGroup(pid, signal) {
|
|
80
|
+
if (!pid)
|
|
81
|
+
return;
|
|
82
|
+
try {
|
|
83
|
+
process.kill(-pid, signal);
|
|
84
|
+
}
|
|
85
|
+
catch {
|
|
86
|
+
try {
|
|
87
|
+
process.kill(pid, signal);
|
|
88
|
+
}
|
|
89
|
+
catch { }
|
|
90
|
+
}
|
|
91
|
+
}
|
|
92
|
+
//# sourceMappingURL=sandbox.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sandbox.js","sourceRoot":"","sources":["../src/sandbox.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAA6B,MAAM,+BAA+B,CAAC;AAC1F,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC3C,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAE/B,IAAI,WAAW,GAAG,KAAK,CAAC;AAExB,wDAAwD;AACxD,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,IAAI,WAAW;QAAE,OAAO;IACxB,IAAI,CAAC;QACH,MAAM,cAAc,CAAC,UAAU,CAAC;YAC9B,UAAU,EAAE;gBACV,QAAQ,EAAE,CAAC,QAAQ,EAAE,UAAU,CAAC;gBAChC,UAAU,EAAE,CAAC,GAAG,EAAE,MAAM,CAAC;gBACzB,SAAS,EAAE,EAAE;aACd;SACK,CAAC,CAAC;QACV,WAAW,GAAG,IAAI,CAAC;QACnB,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,2BAA2B,CAAC,CAAC;IACrD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,4DAA4D,EAAE;YAClF,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACxD,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,OAQxC;IACC,MAAM,aAAa,GAAG,IAAI,CAAC;IAC3B,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAExD,IAAI,YAAoB,CAAC;IACzB,IAAI,WAAW,EAAE,CAAC;QAChB,IAAI,CAAC;YACH,YAAY,GAAG,MAAM,cAAc,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QAC3D,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,0CAA0C,EAAE;gBAChE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;aACxD,CAAC,CAAC;YACH,YAAY,GAAG,GAAG,CAAC;QACrB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,YAAY,GAAG,GAAG,CAAC;IACrB,CAAC;IAED,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,KAAK,GAAG,KAAK,CAAC,YAAY,EAAE;YAChC,KAAK,EAAE,IAAI;YACX,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,QAAQ,EAAE,IAAI;SACf,CAAC,CAAC;QAEH,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,IAAI,gBAAgB,GAAG,KAAK,CAAC;QAC7B,IAAI,SAAS,GAA0B,IAAI,CAAC;QAE5C,MAAM,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE;YAC5C,IAAI,gBAAgB,IAAI,KAAK,CAAC,MAAM;gBAAE,OAAO;YAC7C,gBAAgB,GAAG,IAAI,CAAC;YACxB,MAAM,IAAI,yCAAyC,MAAM,IAAI,CAAC;YAC9D,gBAAgB,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;YACvC,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,GAAG,gBAAgB,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC;QAC3F,CAAC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,GAAG,EAAE,GAAG,WAAW,EAAE,CAAC,CAAC,IAAI,SAAS;YAAE,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;QAElF,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,GAAG,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC7E,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,GAAG,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC7E,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,GAAG,IAAI,OAAO;YAAE,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAClG,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;YACzB,IAAI,OAAO;gBAAE,OAAO;YACpB,OAAO,GAAG,IAAI,CAAC;YACf,QAAQ,EAAE,CAAC;YACX,OAAO,CAAC,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,IAAI,EAAE,EAAE,gBAAgB,EAAE,CAAC,CAAC;QAChF,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAuB,EAAE,MAAsB;IACvE,IAAI,CAAC,GAAG;QAAE,OAAO;IACjB,IAAI,CAAC;QAAC,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAAC,CAAC;IAAC,MAAM,CAAC;QACzC,IAAI,CAAC;YAAC,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC,CAAA,CAAC;IAC7C,CAAC;AACH,CAAC"}
|
package/dist/skills-embedded.js
CHANGED
|
@@ -18,12 +18,12 @@ export const SKILLS = [
|
|
|
18
18
|
{
|
|
19
19
|
name: "discovery",
|
|
20
20
|
description: "Discover what plugins an agent can use through Harbor, check readiness, and understand what's blocking access. Use when asked what Harbor can do, what tools are available, or why a plugin isn't working.",
|
|
21
|
-
content: "---\nname: discovery\ndescription: Discover what plugins an agent can use through Harbor, check readiness, and understand what's blocking access. Use when asked what Harbor can do, what tools are available, or why a plugin isn't working.\n---\n\nUse this skill when the agent needs to understand what tools and services it can access through Harbor.\n\n## Rules\n\n- Use `harbor` CLI commands only. Never access Harbor internals.\n- A plugin being listed does not mean the agent has access — check lease status.\n- If access is missing, use `harbor request` to ask the operator — but only for plugins you need right now. Never bulk-request all available plugins.\n- Prefer routing tool use through Harbor when available — it gives the operator observability into what the agent is doing and why.\n\n## Discovery\n\n```bash\n# What plugins exist in the Harbor catalog?\nharbor plugins\n\n# What tools does a specific plugin expose?\nharbor plugins tools search.exa\nharbor plugins tools search.exa --json # machine-readable\n\n# What's my current access status?\nharbor status\n\n# Read the skill for a specific plugin\nharbor skills get harbor-plugin-exa\n```\n\n`harbor status` shows each plugin the operator has configured, whether there's an active lease, and whether required secrets are set:\n\n```\nPlugins (3 ready, 2 available, 10 missing secrets):\n ready (can run now):\n ✓ infra.modal lease: active (expires in 23h)\n ✓ services.gh lease: active (expires in 6d)\n ✓ search.exa lease: active (expires in 23h)\n available (operator has secrets, needs lease):\n ○ ai.openrouter → harbor request ai.openrouter\n ○ media.replicate → harbor request media.replicate\n```\n\n## Running a plugin\n\n```bash\n# Infrastructure (runs locally via daemon)\nharbor p.infra.modal volume list\nharbor p.services.gh issue list --repo owner/repo\nharbor p.infra.flyio status\n\n# Search (runs remotely on orbital — secrets never leave the server)\nharbor p.search.exa search --query \"latest AI safety research\"\nharbor p.search.brave search --query \"kubernetes networking\"\n\n# AI (routed through orbital)\nharbor p.ai.openrouter chat --model anthropic/claude-sonnet-4 --prompt \"Summarize this\"\n\n# Media generation (runs remotely)\nharbor p.media.replicate run stability-ai/sdxl --prompt \"a harbor at sunset\"\n```\n\nThe `p.<slug>` pattern works for all plugin types. The daemon handles routing — CLI plugins run locally in a sandbox, API plugins execute remotely on orbital with operator-managed secrets.\n\n## When access is denied\n\nIf a plugin run fails with `lease_required` or `plugin_setup_required`:\n\n```bash\n# Ask the operator for access\nharbor request search.exa\n\n# Explain the context\nharbor msg \"I need search.exa to research the user's question about distributed systems\"\n```\n\nThe operator sees the request in their dashboard and can approve with one click. Every request and approval is logged.\n\n## Why use Harbor for tool access\n\nHarbor routes all tool use through a single control plane:\n- **Observability** — the operator sees every run, its duration, exit code, and which agent triggered it\n- **Lease control** — the operator can revoke access at any time, and active runs are killed\n- **Secret management** — API keys are stored server-side and injected at runtime, never exposed to the agent\n- **Audit trail** — every run creates 4-6 events with full timeline\n- **Sandbox isolation** — CLI plugins run in
|
|
21
|
+
content: "---\nname: discovery\ndescription: Discover what plugins an agent can use through Harbor, check readiness, and understand what's blocking access. Use when asked what Harbor can do, what tools are available, or why a plugin isn't working.\n---\n\nUse this skill when the agent needs to understand what tools and services it can access through Harbor.\n\n## Rules\n\n- Use `harbor` CLI commands only. Never access Harbor internals.\n- A plugin being listed does not mean the agent has access — check lease status.\n- If access is missing, use `harbor request` to ask the operator — but only for plugins you need right now. Never bulk-request all available plugins.\n- Prefer routing tool use through Harbor when available — it gives the operator observability into what the agent is doing and why.\n\n## Discovery\n\n```bash\n# What plugins exist in the Harbor catalog?\nharbor plugins\n\n# What tools does a specific plugin expose?\nharbor plugins tools search.exa\nharbor plugins tools search.exa --json # machine-readable\n\n# What's my current access status?\nharbor status\n\n# Read the skill for a specific plugin\nharbor skills get harbor-plugin-exa\n```\n\n`harbor status` shows each plugin the operator has configured, whether there's an active lease, and whether required secrets are set:\n\n```\nPlugins (3 ready, 2 available, 10 missing secrets):\n ready (can run now):\n ✓ infra.modal lease: active (expires in 23h)\n ✓ services.gh lease: active (expires in 6d)\n ✓ search.exa lease: active (expires in 23h)\n available (operator has secrets, needs lease):\n ○ ai.openrouter → harbor request ai.openrouter\n ○ media.replicate → harbor request media.replicate\n```\n\n## Running a plugin\n\n```bash\n# Infrastructure (runs locally via daemon)\nharbor p.infra.modal volume list\nharbor p.services.gh issue list --repo owner/repo\nharbor p.infra.flyio status\n\n# Search (runs remotely on orbital — secrets never leave the server)\nharbor p.search.exa search --query \"latest AI safety research\"\nharbor p.search.brave search --query \"kubernetes networking\"\n\n# AI (routed through orbital)\nharbor p.ai.openrouter chat --model anthropic/claude-sonnet-4 --prompt \"Summarize this\"\n\n# Media generation (runs remotely)\nharbor p.media.replicate run stability-ai/sdxl --prompt \"a harbor at sunset\"\n```\n\nThe `p.<slug>` pattern works for all plugin types. The daemon handles routing — CLI plugins run locally in a sandbox, API plugins execute remotely on orbital with operator-managed secrets.\n\n## When access is denied\n\nIf a plugin run fails with `lease_required` or `plugin_setup_required`:\n\n```bash\n# Ask the operator for access\nharbor request search.exa\n\n# Explain the context\nharbor msg \"I need search.exa to research the user's question about distributed systems\"\n```\n\nThe operator sees the request in their dashboard and can approve with one click. Every request and approval is logged.\n\n## Why use Harbor for tool access\n\nHarbor routes all tool use through a single control plane:\n- **Observability** — the operator sees every run, its duration, exit code, and which agent triggered it\n- **Lease control** — the operator can revoke access at any time, and active runs are killed\n- **Secret management** — API keys are stored server-side and injected at runtime, never exposed to the agent\n- **Audit trail** — every run creates 4-6 events with full timeline\n- **Sandbox isolation** — CLI plugins run in a sandbox (Anthropic Sandbox Runtime) with restricted filesystem and network access\n\nWhen both Harbor and a direct tool path exist, prefer Harbor — it's the same tool with observability and safety built in.\n\n## Plugin categories\n\n| Category | Examples | How they run |\n|----------|----------|--------------|\n| infra | modal, flyio, railway, vercel, do | CLI binary locally via srt sandbox |\n| services | gh, linear, composio | CLI binary locally (linear: `brew install schpet/tap/linear` on macOS, `npm i -g @schpet/linear-cli` on Linux) |\n| search | exa, brave, serper, tavily | HTTP from orbital (secrets server-side) |\n| media | replicate, fal | HTTP from orbital |\n| ai | openrouter, grok | HTTP from orbital |\n| mcp | any MCP server | MCP protocol via gateway |\n\n## Checking messages from operator\n\n```bash\nharbor messages\n```\n\nThe operator can send instructions, context, or approvals through the messaging system.\n",
|
|
22
22
|
},
|
|
23
23
|
{
|
|
24
24
|
name: "execution",
|
|
25
25
|
description: "Execute plugin commands through Harbor with proper error handling, lease awareness, and operator communication. Use when running Harbor plugins, handling plugin failures, or coordinating with the operator during execution.",
|
|
26
|
-
content: "---\nname: execution\ndescription: Execute plugin commands through Harbor with proper error handling, lease awareness, and operator communication. Use when running Harbor plugins, handling plugin failures, or coordinating with the operator during execution.\n---\n\nUse this skill when the agent needs to execute tools through Harbor and handle the results properly.\n\n## Rules\n\n- Always check `harbor status` before first plugin use in a session.\n- If a run fails, read the error before retrying — don't retry blindly.\n- If access is denied, request it — don't work around Harbor.\n- **Only request plugins you actually need for the current task.** Never bulk-request all available plugins. Request one at a time, only when you have a concrete reason to use it.\n- Use `harbor msg` to communicate context to the operator when needed.\n- Prefer routing all external tool use through Harbor — it provides observability, sandboxing, and operator control that direct tool access doesn't.\n\n## Execution pattern\n\n```bash\n# 1. Check access first\nharbor status\n\n# 2. Run the plugin\nharbor p.infra.modal volume list\nharbor p.services.gh issue create --repo owner/repo --title \"Bug fix\" --body \"Details...\"\nharbor p.search.exa search --query \"kubernetes best practices\"\n\n# 3. If denied, request access\nharbor request infra.modal\nharbor msg \"I need modal access to deploy the user's GPU workload\"\n```\n\n## Handling failures\n\n| Error | What happened | What to do |\n|-------|---------------|------------|\n| `plugin_setup_required` | Operator hasn't enabled this plugin | `harbor request <plugin>` |\n| `lease_required` | No active lease for this plugin | `harbor request <plugin>` |\n| `lease_expired` | Lease timed out | `harbor request <plugin>` |\n| `Token missing` | Secrets not configured by operator | `harbor msg \"Plugin needs API keys configured in the dashboard\"` |\n| `unauthorized` | Daemon token expired | `harbor setup status` to refresh |\n| Run killed mid-execution | Operator revoked the lease | Stop and report — the operator intentionally stopped you |\n\n## Operator communication\n\n```bash\n# Send a message to the operator\nharbor msg \"Starting deployment to modal — this will take ~2 minutes\"\n\n# Check for messages from the operator\nharbor messages\n\n# Request a specific plugin\nharbor request search.exa\n```\n\nMessages give the operator context about what the agent is doing and why. More context = faster approvals and better trust.\n\n## Multi-step workflows\n\nFor complex tasks that need multiple plugins, request only the ones you need:\n\n```bash\n# Check access first\nharbor status\n\n# Request only the specific plugins your task requires — never request all available plugins\nharbor request search.exa --reason \"Need to research distributed consensus for the user's question\"\n\n# Execute, then request the next plugin when you actually need it\nharbor p.search.exa search --query \"distributed consensus algorithms 2026\"\n# ... process results ...\nharbor request services.gh --reason \"Need to file research findings as issues\"\nharbor p.services.gh issue create --repo team/research --title \"Consensus survey\" --body \"$SUMMARY\"\n```\n\n**Do not** loop through `harbor status` output and request every plugin. Only request what you need, when you need it.\n\n## Run inspection\n\n```bash\n# Check what happened in a run\nharbor runs get <run-id>\n```\n\nShows the full event timeline: created → lease_authorized → assigned → completed/failed, plus origin metadata (which agent, from which repo, PID chain) and any stop signals from the operator.\n\n## Why Harbor over direct tool access\n\nWhen you have both options — e.g. you could call the Exa API directly or use `harbor p.search.exa` — prefer Harbor:\n\n1. **No secret handling** — you never see API keys. Orbital injects them server-side.\n2. **Automatic audit** — every call is logged with timing, agent identity, and outcome.\n3. **Lease control** — the operator can revoke at any time if something goes wrong.\n4. **Sandbox isolation** — CLI plugins run in a
|
|
26
|
+
content: "---\nname: execution\ndescription: Execute plugin commands through Harbor with proper error handling, lease awareness, and operator communication. Use when running Harbor plugins, handling plugin failures, or coordinating with the operator during execution.\n---\n\nUse this skill when the agent needs to execute tools through Harbor and handle the results properly.\n\n## Rules\n\n- Always check `harbor status` before first plugin use in a session.\n- If a run fails, read the error before retrying — don't retry blindly.\n- If access is denied, request it — don't work around Harbor.\n- **Only request plugins you actually need for the current task.** Never bulk-request all available plugins. Request one at a time, only when you have a concrete reason to use it.\n- Use `harbor msg` to communicate context to the operator when needed.\n- Prefer routing all external tool use through Harbor — it provides observability, sandboxing, and operator control that direct tool access doesn't.\n\n## Execution pattern\n\n```bash\n# 1. Check access first\nharbor status\n\n# 2. Run the plugin\nharbor p.infra.modal volume list\nharbor p.services.gh issue create --repo owner/repo --title \"Bug fix\" --body \"Details...\"\nharbor p.search.exa search --query \"kubernetes best practices\"\n\n# 3. If denied, request access\nharbor request infra.modal\nharbor msg \"I need modal access to deploy the user's GPU workload\"\n```\n\n## Handling failures\n\n| Error | What happened | What to do |\n|-------|---------------|------------|\n| `plugin_setup_required` | Operator hasn't enabled this plugin | `harbor request <plugin>` |\n| `lease_required` | No active lease for this plugin | `harbor request <plugin>` |\n| `lease_expired` | Lease timed out | `harbor request <plugin>` |\n| `Token missing` | Secrets not configured by operator | `harbor msg \"Plugin needs API keys configured in the dashboard\"` |\n| `unauthorized` | Daemon token expired | `harbor setup status` to refresh |\n| Run killed mid-execution | Operator revoked the lease | Stop and report — the operator intentionally stopped you |\n\n## Operator communication\n\n```bash\n# Send a message to the operator\nharbor msg \"Starting deployment to modal — this will take ~2 minutes\"\n\n# Check for messages from the operator\nharbor messages\n\n# Request a specific plugin\nharbor request search.exa\n```\n\nMessages give the operator context about what the agent is doing and why. More context = faster approvals and better trust.\n\n## Multi-step workflows\n\nFor complex tasks that need multiple plugins, request only the ones you need:\n\n```bash\n# Check access first\nharbor status\n\n# Request only the specific plugins your task requires — never request all available plugins\nharbor request search.exa --reason \"Need to research distributed consensus for the user's question\"\n\n# Execute, then request the next plugin when you actually need it\nharbor p.search.exa search --query \"distributed consensus algorithms 2026\"\n# ... process results ...\nharbor request services.gh --reason \"Need to file research findings as issues\"\nharbor p.services.gh issue create --repo team/research --title \"Consensus survey\" --body \"$SUMMARY\"\n```\n\n**Do not** loop through `harbor status` output and request every plugin. Only request what you need, when you need it.\n\n## Run inspection\n\n```bash\n# Check what happened in a run\nharbor runs get <run-id>\n```\n\nShows the full event timeline: created → lease_authorized → assigned → completed/failed, plus origin metadata (which agent, from which repo, PID chain) and any stop signals from the operator.\n\n## Why Harbor over direct tool access\n\nWhen you have both options — e.g. you could call the Exa API directly or use `harbor p.search.exa` — prefer Harbor:\n\n1. **No secret handling** — you never see API keys. Orbital injects them server-side.\n2. **Automatic audit** — every call is logged with timing, agent identity, and outcome.\n3. **Lease control** — the operator can revoke at any time if something goes wrong.\n4. **Sandbox isolation** — CLI plugins run in a sandbox (Anthropic Sandbox Runtime) with restricted filesystem and network access.\n5. **Operator trust** — the more the operator sees in Harbor's dashboard, the more access they'll grant.\n",
|
|
27
27
|
},
|
|
28
28
|
{
|
|
29
29
|
name: "infra-do",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"skills-embedded.js","sourceRoot":"","sources":["../src/skills-embedded.ts"],"names":[],"mappings":"AAAA,2EAA2E;AAI3E,MAAM,CAAC,MAAM,MAAM,GAAoB;IACrC;QACE,IAAI,EAAE,SAAS;QACf,WAAW,EAAE,6FAA6F;QAC1G,OAAO,EAAE,80EAA80E;KACx1E;IACD;QACE,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,gHAAgH;QAC7H,OAAO,EAAE,6/EAA6/E;KACvgF;IACD;QACE,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,yLAAyL;QACtM,OAAO,EAAE,guIAAguI;KAC1uI;IACD;QACE,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,4MAA4M;QACzN,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"skills-embedded.js","sourceRoot":"","sources":["../src/skills-embedded.ts"],"names":[],"mappings":"AAAA,2EAA2E;AAI3E,MAAM,CAAC,MAAM,MAAM,GAAoB;IACrC;QACE,IAAI,EAAE,SAAS;QACf,WAAW,EAAE,6FAA6F;QAC1G,OAAO,EAAE,80EAA80E;KACx1E;IACD;QACE,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,gHAAgH;QAC7H,OAAO,EAAE,6/EAA6/E;KACvgF;IACD;QACE,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,yLAAyL;QACtM,OAAO,EAAE,guIAAguI;KAC1uI;IACD;QACE,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,4MAA4M;QACzN,OAAO,EAAE,g2IAAg2I;KAC12I;IACD;QACE,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,gOAAgO;QAC7O,OAAO,EAAE,gsIAAgsI;KAC1sI;IACD;QACE,IAAI,EAAE,UAAU;QAChB,WAAW,EAAE,sGAAsG;QACnH,OAAO,EAAE,y9DAAy9D;KACn+D;IACD;QACE,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,mGAAmG;QAChH,OAAO,EAAE,m3DAAm3D;KAC73D;IACD;QACE,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,iGAAiG;QAC9G,OAAO,EAAE,4+DAA4+D;KACt/D;IACD;QACE,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,wFAAwF;QACrG,OAAO,EAAE,8qDAA8qD;KACxrD;IACD;QACE,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,4GAA4G;QACzH,OAAO,EAAE,k6DAAk6D;KAC56D;IACD;QACE,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,sHAAsH;QACnI,OAAO,EAAE,ogEAAogE;KAC9gE;IACD;QACE,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,0GAA0G;QACvH,OAAO,EAAE,8gFAA8gF;KACxhF;IACD;QACE,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,+FAA+F;QAC5G,OAAO,EAAE,wjDAAwjD;KAClkD;IACD;QACE,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,sHAAsH;QACnI,OAAO,EAAE,q7EAAq7E;KAC/7E;IACD;QACE,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,6GAA6G;QAC1H,OAAO,EAAE,w9DAAw9D;KACl+D;IACD;QACE,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,uHAAuH;QACpI,OAAO,EAAE,4kEAA4kE;KACtlE;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,6FAA6F;QAC1G,OAAO,EAAE,63DAA63D;KACv4D;IACD;QACE,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,mFAAmF;QAChG,OAAO,EAAE,gjEAAgjE;KAC1jE;IACD;QACE,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,iGAAiG;QAC9G,OAAO,EAAE,ylMAAylM;KACnmM;IACD;QACE,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,gVAAgV;QAC7V,OAAO,EAAE,6qSAA6qS;KACvrS;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC"}
|