isol8 0.10.1 → 0.10.2-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/README.md +43 -12
  2. package/dist/cli.js +272 -113
  3. package/dist/index.js +231 -77
  4. package/dist/src/engine/docker.d.ts +3 -0
  5. package/dist/src/engine/docker.d.ts.map +1 -1
  6. package/dist/src/engine/pool.d.ts +48 -13
  7. package/dist/src/engine/pool.d.ts.map +1 -1
  8. package/dist/src/types.d.ts +17 -0
  9. package/dist/src/types.d.ts.map +1 -1
  10. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -375,47 +375,129 @@ class Semaphore {
375
375
  // src/engine/pool.ts
376
376
  class ContainerPool {
377
377
  docker;
378
- poolSize;
378
+ poolStrategy;
379
+ cleanPoolSize;
380
+ dirtyPoolSize;
379
381
  createOptions;
382
+ networkMode;
383
+ securityMode;
380
384
  pools = new Map;
381
385
  replenishing = new Set;
382
386
  pendingReplenishments = new Set;
387
+ cleaningInterval = null;
383
388
  constructor(options) {
384
389
  this.docker = options.docker;
385
- this.poolSize = options.poolSize ?? 2;
390
+ this.poolStrategy = options.poolStrategy ?? "fast";
386
391
  this.createOptions = options.createOptions;
392
+ this.networkMode = options.networkMode;
393
+ this.securityMode = options.securityMode;
394
+ if (typeof options.poolSize === "number") {
395
+ this.cleanPoolSize = options.poolSize;
396
+ this.dirtyPoolSize = options.poolSize;
397
+ } else if (options.poolSize) {
398
+ this.cleanPoolSize = options.poolSize.clean ?? 1;
399
+ this.dirtyPoolSize = options.poolSize.dirty ?? 1;
400
+ } else {
401
+ this.cleanPoolSize = 1;
402
+ this.dirtyPoolSize = 1;
403
+ }
404
+ if (this.poolStrategy === "fast") {
405
+ this.startBackgroundCleaning();
406
+ }
387
407
  }
388
408
  async acquire(image) {
389
- const pool = this.pools.get(image);
390
- if (pool && pool.length > 0) {
391
- const entry = pool.shift();
409
+ const pool = this.pools.get(image) ?? { clean: [], dirty: [] };
410
+ if (this.poolStrategy === "fast") {
411
+ if (pool.clean.length > 0) {
412
+ const entry = pool.clean.shift();
413
+ this.pools.set(image, pool);
414
+ this.replenish(image);
415
+ return entry.container;
416
+ }
417
+ if (pool.dirty.length > 0 && pool.clean.length < this.cleanPoolSize) {
418
+ await this.cleanDirtyImmediate(image);
419
+ const updatedPool = this.pools.get(image);
420
+ if (updatedPool && updatedPool.clean.length > 0) {
421
+ const entry = updatedPool.clean.shift();
422
+ this.pools.set(image, updatedPool);
423
+ this.replenish(image);
424
+ return entry.container;
425
+ }
426
+ }
427
+ return this.createContainer(image);
428
+ }
429
+ if (pool.clean && pool.clean.length > 0) {
430
+ const entry = pool.clean.shift();
431
+ this.pools.set(image, { clean: pool.clean, dirty: [] });
432
+ await this.cleanupContainer(entry.container);
392
433
  this.replenish(image);
393
434
  return entry.container;
394
435
  }
395
436
  return this.createContainer(image);
396
437
  }
397
438
  async release(container, image) {
398
- const pool = this.pools.get(image) ?? [];
399
- if (pool.length >= this.poolSize) {
400
- await container.remove({ force: true }).catch(() => {});
439
+ let pool = this.pools.get(image);
440
+ if (!pool) {
441
+ pool = { clean: [], dirty: [] };
442
+ this.pools.set(image, pool);
443
+ }
444
+ if (this.poolStrategy === "fast") {
445
+ if (pool.dirty.length >= this.dirtyPoolSize) {
446
+ await container.remove({ force: true }).catch(() => {});
447
+ return;
448
+ }
449
+ pool.dirty.push({ container, createdAt: Date.now() });
450
+ } else {
451
+ if (pool.clean.length >= this.cleanPoolSize) {
452
+ await container.remove({ force: true }).catch(() => {});
453
+ return;
454
+ }
455
+ if (!pool.clean) {
456
+ pool.clean = [];
457
+ }
458
+ pool.clean.push({ container, createdAt: Date.now() });
459
+ }
460
+ }
461
+ startBackgroundCleaning() {
462
+ this.cleaningInterval = setInterval(async () => {
463
+ for (const [_image, pool] of this.pools) {
464
+ for (let i = 0;i < this.dirtyPoolSize; i++) {
465
+ if (pool.dirty.length > 0 && pool.clean.length < this.cleanPoolSize) {
466
+ const entry = pool.dirty.shift();
467
+ try {
468
+ await this.cleanupContainer(entry.container);
469
+ pool.clean.push(entry);
470
+ } catch {
471
+ entry.container.remove({ force: true }).catch(() => {});
472
+ }
473
+ }
474
+ }
475
+ }
476
+ }, 5000);
477
+ }
478
+ async cleanDirtyImmediate(image) {
479
+ const pool = this.pools.get(image);
480
+ if (!pool || pool.dirty.length === 0 || pool.clean.length >= this.cleanPoolSize) {
401
481
  return;
402
482
  }
483
+ const entry = pool.dirty.shift();
403
484
  try {
404
- const killExec = await container.exec({
405
- Cmd: [
406
- "sh",
407
- "-c",
408
- "pkill -9 -u sandbox 2>/dev/null; /usr/sbin/iptables -F OUTPUT 2>/dev/null; true"
409
- ]
410
- });
411
- await killExec.start({ Detach: true });
412
- let killInfo = await killExec.inspect();
413
- while (killInfo.Running) {
414
- await new Promise((r) => setTimeout(r, 5));
415
- killInfo = await killExec.inspect();
416
- }
485
+ await this.cleanupContainer(entry.container);
486
+ pool.clean.push(entry);
487
+ } catch {
488
+ entry.container.remove({ force: true }).catch(() => {});
489
+ }
490
+ }
491
+ async cleanupContainer(container) {
492
+ const needsCleanup = this.securityMode === "strict";
493
+ const needsIptables = this.networkMode === "filtered" && needsCleanup;
494
+ if (!needsCleanup) {
495
+ return;
496
+ }
497
+ try {
498
+ const cleanupCmd = needsIptables ? "pkill -9 -u sandbox 2>/dev/null; /usr/sbin/iptables -F OUTPUT 2>/dev/null; rm -rf /sandbox/* /sandbox/.[!.]* 2>/dev/null; true" : "pkill -9 -u sandbox 2>/dev/null; rm -rf /sandbox/* /sandbox/.[!.]* 2>/dev/null; true";
417
499
  const cleanExec = await container.exec({
418
- Cmd: ["sh", "-c", "rm -rf /sandbox/* /sandbox/.[!.]* 2>/dev/null; true"]
500
+ Cmd: ["sh", "-c", cleanupCmd]
419
501
  });
420
502
  await cleanExec.start({ Detach: true });
421
503
  let info = await cleanExec.inspect();
@@ -423,29 +505,45 @@ class ContainerPool {
423
505
  await new Promise((r) => setTimeout(r, 5));
424
506
  info = await cleanExec.inspect();
425
507
  }
426
- pool.push({ container, createdAt: Date.now() });
427
- this.pools.set(image, pool);
428
- } catch {
429
- await container.remove({ force: true }).catch(() => {});
430
- }
508
+ } catch {}
431
509
  }
432
510
  async warm(image) {
433
- const pool = this.pools.get(image) ?? [];
511
+ const pool = this.pools.get(image) ?? { clean: [], dirty: [] };
434
512
  this.pools.set(image, pool);
435
- const needed = this.poolSize - pool.length;
513
+ const needed = this.poolStrategy === "fast" ? this.cleanPoolSize - pool.clean.length : this.cleanPoolSize - (pool.clean?.length ?? 0);
514
+ if (needed <= 0) {
515
+ return;
516
+ }
436
517
  const promises = [];
437
518
  for (let i = 0;i < needed; i++) {
438
519
  promises.push(this.createContainer(image).then((container) => {
439
- pool.push({ container, createdAt: Date.now() });
520
+ if (this.poolStrategy === "fast") {
521
+ pool.clean.push({ container, createdAt: Date.now() });
522
+ } else {
523
+ if (!pool.clean) {
524
+ pool.clean = [];
525
+ }
526
+ pool.clean.push({ container, createdAt: Date.now() });
527
+ }
440
528
  }));
441
529
  }
442
530
  await Promise.all(promises);
443
531
  }
532
+ async stop() {
533
+ return this.drain();
534
+ }
444
535
  async drain() {
536
+ if (this.cleaningInterval) {
537
+ clearInterval(this.cleaningInterval);
538
+ this.cleaningInterval = null;
539
+ }
445
540
  await Promise.all(this.pendingReplenishments);
446
541
  const promises = [];
447
542
  for (const [, pool] of this.pools) {
448
- for (const entry of pool) {
543
+ for (const entry of pool.clean ?? []) {
544
+ promises.push(entry.container.remove({ force: true }).catch(() => {}));
545
+ }
546
+ for (const entry of pool.dirty) {
449
547
  promises.push(entry.container.remove({ force: true }).catch(() => {}));
450
548
  }
451
549
  }
@@ -464,30 +562,46 @@ class ContainerPool {
464
562
  }
465
563
  replenish(image) {
466
564
  if (this.replenishing.has(image)) {
467
- logger.debug(`[Pool] Replenishment for ${image} already in progress`);
468
- return;
469
- }
470
- this.replenishing.add(image);
471
- logger.debug(`[Pool] Starting background replenishment for image: ${image}`);
472
- const promise = this.createContainer(image).then((container) => {
473
- const pool = this.pools.get(image) ?? [];
474
- if (pool.length < this.poolSize) {
475
- pool.push({ container, createdAt: Date.now() });
476
- this.pools.set(image, pool);
477
- logger.debug(`[Pool] Replenished container ${container.id} added to pool for ${image}. Pool size: ${pool.length}`);
478
- } else {
479
- logger.debug(`[Pool] Replenished container ${container.id} not needed (pool for ${image} is full), destroying`);
480
- container.remove({ force: true }).catch((err) => {
481
- logger.error(`[Pool] Error destroying unneeded replenished container ${container.id}:`, err);
482
- });
565
+ if (this.replenishing.has(image)) {
566
+ return;
483
567
  }
484
- }).catch((err) => {
485
- logger.error(`[Pool] Error during replenishment for ${image}:`, err);
486
- }).finally(() => {
487
- this.replenishing.delete(image);
488
- this.pendingReplenishments.delete(promise);
489
- });
490
- this.pendingReplenishments.add(promise);
568
+ const pool = this.pools.get(image);
569
+ const currentSize = pool ? this.poolStrategy === "fast" ? pool.clean.length : pool.clean?.length ?? 0 : 0;
570
+ const targetSize = this.poolStrategy === "fast" ? this.cleanPoolSize : this.cleanPoolSize;
571
+ if (currentSize >= targetSize) {
572
+ return;
573
+ }
574
+ this.replenishing.add(image);
575
+ const promise = this.createContainer(image).then((container) => {
576
+ const p = this.pools.get(image);
577
+ if (!p) {
578
+ container.remove({ force: true }).catch(() => {});
579
+ return;
580
+ }
581
+ if (this.poolStrategy === "fast") {
582
+ if (p.clean.length < this.cleanPoolSize) {
583
+ p.clean.push({ container, createdAt: Date.now() });
584
+ } else {
585
+ container.remove({ force: true }).catch(() => {});
586
+ }
587
+ } else {
588
+ if (!p.clean) {
589
+ p.clean = [];
590
+ }
591
+ if (p.clean.length < this.cleanPoolSize) {
592
+ p.clean.push({ container, createdAt: Date.now() });
593
+ } else {
594
+ container.remove({ force: true }).catch(() => {});
595
+ }
596
+ }
597
+ }).catch((err) => {
598
+ logger.error(`[Pool] Error during replenishment for ${image}:`, err);
599
+ }).finally(() => {
600
+ this.replenishing.delete(image);
601
+ this.pendingReplenishments.delete(promise);
602
+ });
603
+ this.pendingReplenishments.add(promise);
604
+ }
491
605
  }
492
606
  }
493
607
  var init_pool = __esm(() => {
@@ -634,32 +748,53 @@ var exports_docker = {};
634
748
  __export(exports_docker, {
635
749
  DockerIsol8: () => DockerIsol8
636
750
  });
637
- import { spawn as spawn2 } from "node:child_process";
638
751
  import { randomUUID } from "node:crypto";
639
752
  import { existsSync as existsSync3, readFileSync as readFileSync2 } from "node:fs";
640
753
  import { PassThrough } from "node:stream";
641
754
  import Docker from "dockerode";
642
755
  async function writeFileViaExec(container, filePath, content) {
643
756
  const data = typeof content === "string" ? Buffer.from(content, "utf-8") : content;
644
- return new Promise((resolve2, reject) => {
645
- const child = spawn2("docker", ["exec", "-i", "-u", "sandbox", container.id, "sh", "-c", `cat > ${filePath}`], {
646
- stdio: ["pipe", "ignore", "pipe"]
647
- });
648
- child.on("error", (err) => {
649
- reject(new Error(`Failed to spawn docker exec: ${err.message}`));
757
+ const b64 = data.toString("base64");
758
+ if (b64.length < 20000) {
759
+ const exec = await container.exec({
760
+ Cmd: ["sh", "-c", `printf '%s' '${b64}' | base64 -d > ${filePath}`],
761
+ User: "sandbox"
650
762
  });
651
- let stderr = "";
652
- child.stderr.on("data", (chunk) => stderr += chunk.toString());
653
- child.stdin.write(data);
654
- child.stdin.end();
655
- child.on("close", (code) => {
656
- if (code !== 0) {
657
- reject(new Error(`Failed to write file ${filePath}: ${stderr} (exit code ${code})`));
658
- } else {
659
- resolve2();
660
- }
763
+ await exec.start({ Detach: true });
764
+ let info2 = await exec.inspect();
765
+ while (info2.Running) {
766
+ await new Promise((r) => setTimeout(r, 5));
767
+ info2 = await exec.inspect();
768
+ }
769
+ if (info2.ExitCode !== 0) {
770
+ throw new Error(`Failed to write file ${filePath} in container (exit code ${info2.ExitCode})`);
771
+ }
772
+ return;
773
+ }
774
+ const tempPath = `/tmp/b64_${Date.now()}.tmp`;
775
+ const chunkSize = 8000;
776
+ for (let i = 0;i < b64.length; i += chunkSize) {
777
+ const chunk = b64.slice(i, i + chunkSize);
778
+ const exec = await container.exec({
779
+ Cmd: ["sh", "-c", `printf '%s' '${chunk}' >> ${tempPath}`],
780
+ User: "sandbox"
661
781
  });
782
+ await exec.start({ Detach: true });
783
+ await exec.inspect();
784
+ }
785
+ const decodeExec = await container.exec({
786
+ Cmd: ["sh", "-c", `base64 -d ${tempPath} > ${filePath} && rm ${tempPath}`],
787
+ User: "sandbox"
662
788
  });
789
+ await decodeExec.start({ Detach: true });
790
+ let info = await decodeExec.inspect();
791
+ while (info.Running) {
792
+ await new Promise((r) => setTimeout(r, 5));
793
+ info = await decodeExec.inspect();
794
+ }
795
+ if (info.ExitCode !== 0) {
796
+ throw new Error(`Failed to write file ${filePath} in container (exit code ${info.ExitCode})`);
797
+ }
663
798
  }
664
799
  async function readFileViaExec(container, filePath) {
665
800
  const exec = await container.exec({
@@ -829,10 +964,13 @@ class DockerIsol8 {
829
964
  security;
830
965
  persist;
831
966
  logNetwork;
967
+ poolStrategy;
968
+ poolSize;
832
969
  auditLogger;
833
970
  container = null;
834
971
  persistentRuntime = null;
835
972
  pool = null;
973
+ imageCache = new Map;
836
974
  constructor(options = {}, maxConcurrent = 10) {
837
975
  this.docker = options.docker ?? new Docker;
838
976
  this.mode = options.mode ?? "ephemeral";
@@ -852,6 +990,8 @@ class DockerIsol8 {
852
990
  this.persist = options.persist ?? false;
853
991
  this.security = options.security ?? { seccomp: "strict" };
854
992
  this.logNetwork = options.logNetwork ?? false;
993
+ this.poolStrategy = options.poolStrategy ?? "fast";
994
+ this.poolSize = options.poolSize ?? { clean: 1, dirty: 1 };
855
995
  if (options.audit) {
856
996
  this.auditLogger = new AuditLogger(options.audit);
857
997
  }
@@ -1101,13 +1241,21 @@ class DockerIsol8 {
1101
1241
  if (this.overrideImage) {
1102
1242
  return this.overrideImage;
1103
1243
  }
1244
+ const cacheKey = adapter.image;
1245
+ const cached = this.imageCache.get(cacheKey);
1246
+ if (cached) {
1247
+ return cached;
1248
+ }
1104
1249
  const customTag = `${adapter.image}-custom`;
1250
+ let resolvedImage;
1105
1251
  try {
1106
1252
  await this.docker.getImage(customTag).inspect();
1107
- return customTag;
1253
+ resolvedImage = customTag;
1108
1254
  } catch {
1109
- return adapter.image;
1255
+ resolvedImage = adapter.image;
1110
1256
  }
1257
+ this.imageCache.set(cacheKey, resolvedImage);
1258
+ return resolvedImage;
1111
1259
  }
1112
1260
  async executeEphemeral(req, startTime) {
1113
1261
  const adapter = this.getAdapter(req.runtime);
@@ -1116,7 +1264,10 @@ class DockerIsol8 {
1116
1264
  if (!this.pool) {
1117
1265
  this.pool = new ContainerPool({
1118
1266
  docker: this.docker,
1119
- poolSize: 2,
1267
+ poolStrategy: this.poolStrategy,
1268
+ poolSize: this.poolSize,
1269
+ networkMode: this.network,
1270
+ securityMode: this.security.seccomp ?? "strict",
1120
1271
  createOptions: {
1121
1272
  Cmd: ["sleep", "infinity"],
1122
1273
  WorkingDir: SANDBOX_WORKDIR,
@@ -1218,7 +1369,10 @@ class DockerIsol8 {
1218
1369
  if (this.persist) {
1219
1370
  logger.debug(`[Persist] Leaving container running for inspection: ${container.id}`);
1220
1371
  } else {
1221
- await this.pool.release(container, image);
1372
+ this.pool.release(container, image).catch((err) => {
1373
+ logger.debug(`[Pool] release failed: ${err}`);
1374
+ container.remove({ force: true }).catch(() => {});
1375
+ });
1222
1376
  }
1223
1377
  }
1224
1378
  }
@@ -1844,7 +1998,7 @@ init_logger();
1844
1998
  // package.json
1845
1999
  var package_default = {
1846
2000
  name: "isol8",
1847
- version: "0.10.0",
2001
+ version: "0.10.2-alpha.0",
1848
2002
  description: "Secure code execution engine for AI agents",
1849
2003
  author: "Illusion47586",
1850
2004
  license: "MIT",
@@ -2182,4 +2336,4 @@ export {
2182
2336
  BunAdapter
2183
2337
  };
2184
2338
 
2185
- //# debugId=C11E47C76FBC0D2364756E2164756E21
2339
+ //# debugId=254BC488982F064964756E2164756E21
package/dist/src/engine/docker.d.ts CHANGED
@@ -46,10 +46,13 @@ export declare class DockerIsol8 implements Isol8Engine {
46
46
  private readonly security;
47
47
  private readonly persist;
48
48
  private readonly logNetwork;
49
+ private readonly poolStrategy;
50
+ private readonly poolSize;
49
51
  private readonly auditLogger?;
50
52
  private container;
51
53
  private persistentRuntime;
52
54
  private pool;
55
+ private readonly imageCache;
53
56
  /**
54
57
  * @param options - Sandbox configuration options.
55
58
  * @param maxConcurrent - Maximum number of concurrent executions (controls the internal semaphore).
package/dist/src/engine/docker.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"docker.d.ts","sourceRoot":"","sources":["../../../src/engine/docker.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAMH,OAAO,MAAM,MAAM,WAAW,CAAC;AAG/B,OAAO,KAAK,EACV,gBAAgB,EAChB,eAAe,EACf,WAAW,EAEX,YAAY,EAIZ,WAAW,EACZ,MAAM,UAAU,CAAC;AAmTlB,2HAA2H;AAC3H,MAAM,WAAW,kBAAmB,SAAQ,YAAY;IACtD,oFAAoF;IACpF,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;;;;;;;;;;;;GAcG;AACH,qBAAa,WAAY,YAAW,WAAW;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAY;IACjC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAc;IACtC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAsB;IACrD,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAU;IACzC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;IACvC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAyB;IACjD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;IAC1C,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAS;IACxC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAY;IACtC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAiB;IAC1C,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAU;IAClC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAU;IACrC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAc;IAE3C,OAAO,CAAC,SAAS,CAAiC;IAClD,OAAO,CAAC,iBAAiB,CAA+B;IACxD,OAAO,CAAC,IAAI,CAA8B;IAE1C;;;OAGG;gBACS,OAAO,GAAE,kBAAuB,EAAE,aAAa,SAAK;IA8BhE;;;OAGG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAK5B,kFAAkF;IAC5E,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAuB3B;;;OAGG;IACG,OAAO,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAe9D;;OAEG;YACW,WAAW;IAoDzB;;OAEG;YACW,qBAAqB;IA8CnC;;OAEG;YACW,kBAAkB;IA+DhC;;;;;;;OAOG;IACG,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAYpE;;;;;;OAMG;IACG,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAmB5C,6GAA6G;IAC7G,IAAI,WAAW,IAAI,MAAM,GAAG,IAAI,CAE/B;IAED;;;OAGG;IACI,aAAa,CAAC,GAAG,EAAE,gBAAgB,GAAG,aAAa,CAAC,WAAW,CAAC;YAsFzD,YAAY;YAcZ,gBAAgB;YAwJhB,iBAAiB;YAwIjB,aAAa;YAkBb,oBAAoB;YASpB,wBAAwB;IA4BtC,OAAO,CAAC,UAAU;IAIlB,OAAO,CAAC,eAAe;IA2BvB,OAAO,CAAC,iBAAiB;IA+BzB,OAAO,CAAC,yBAAyB;IAyBjC,OAAO,CAAC,QAAQ;YAwCD,gBAAgB;YA8EjB,iBAAiB;IAiG/B,OAAO,CAAC,iBAAiB;IAYzB;;;;;;;;;;;;;;;;;;;;OAoBG;WACU,OAAO,CAClB,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;CA2BlE"}
1
+ {"version":3,"file":"docker.d.ts","sourceRoot":"","sources":["../../../src/engine/docker.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAKH,OAAO,MAAM,MAAM,WAAW,CAAC;AAG/B,OAAO,KAAK,EACV,gBAAgB,EAChB,eAAe,EACf,WAAW,EAEX,YAAY,EAIZ,WAAW,EACZ,MAAM,UAAU,CAAC;AAyUlB,2HAA2H;AAC3H,MAAM,WAAW,kBAAmB,SAAQ,YAAY;IACtD,oFAAoF;IACpF,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;;;;;;;;;;;;GAcG;AACH,qBAAa,WAAY,YAAW,WAAW;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAY;IACjC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAc;IACtC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAsB;IACrD,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAU;IACzC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;IACvC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAyB;IACjD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;IAC1C,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAS;IACxC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAY;IACtC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAiB;IAC1C,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAU;IAClC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAU;IACrC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAoB;IACjD,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAA4C;IACrE,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAc;IAE3C,OAAO,CAAC,SAAS,CAAiC;IAClD,OAAO,CAAC,iBAAiB,CAA+B;IACxD,OAAO,CAAC,IAAI,CAA8B;IAC1C,OAAO,CAAC,QAAQ,CAAC,UAAU,CAA6B;IAExD;;;OAGG;gBACS,OAAO,GAAE,kBAAuB,EAAE,aAAa,SAAK;IAgChE;;;OAGG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAK5B,kFAAkF;IAC5E,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAuB3B;;;OAGG;IACG,OAAO,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAe9D;;OAEG;YACW,WAAW;IAoDzB;;OAEG;YACW,qBAAqB;IA8CnC;;OAEG;YACW,kBAAkB;IA+DhC;;;;;;;OAOG;IACG,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAYpE;;;;;;OAMG;IACG,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAmB5C,6GAA6G;IAC7G,IAAI,WAAW,IAAI,MAAM,GAAG,IAAI,CAE/B;IAED;;;OAGG;IACI,aAAa,CAAC,GAAG,EAAE,gBAAgB,GAAG,aAAa,CAAC,WAAW,CAAC;YAsFzD,YAAY;YAwBZ,gBAAgB;YA8JhB,iBAAiB;YAwIjB,aAAa;YAkBb,oBAAoB;YASpB,wBAAwB;IA4BtC,OAAO,CAAC,UAAU;IAIlB,OAAO,CAAC,eAAe;IA2BvB,OAAO,CAAC,iBAAiB;IA+BzB,OAAO,CAAC,yBAAyB;IAyBjC,OAAO,CAAC,QAAQ;YAwCD,gBAAgB;YA8EjB,iBAAiB;IAiG/B,OAAO,CAAC,iBAAiB;IAYzB;;;;;;;;;;;;;;;;;;;;OAoBG;WACU,OAAO,CAClB,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;CA2BlE"}
package/dist/src/engine/pool.d.ts CHANGED
@@ -5,55 +5,90 @@
5
5
  * starts containers so they're ready for immediate use, eliminating
6
6
  * the create+start overhead (~100-200ms per execution).
7
7
  *
8
- * After execution, containers are cleaned (sandbox wiped) and returned
9
- * to the pool for reuse rather than destroyed.
8
+ * Supports two strategies:
9
+ * - "secure": Clean container before returning (slower but ensures clean state)
10
+ * - "fast": Dual-pool system - instant acquire from clean pool, background cleanup
10
11
  */
11
12
  import type Docker from "dockerode";
12
13
  /** Configuration for the container pool. */
13
14
  export interface PoolOptions {
14
15
  /** Docker client instance. */
15
16
  docker: Docker;
16
- /** Max containers to keep warm per image. @default 2 */
17
- poolSize?: number;
17
+ /** Pool strategy: "secure" or "fast". @default "fast" */
18
+ poolStrategy?: "secure" | "fast";
19
+ /** Pool size configuration.
20
+ * For "secure" mode: number of containers to keep warm
21
+ * For "fast" mode: { clean: ready containers, dirty: being cleaned }
22
+ * @default 1 (for fast mode: { clean: 1, dirty: 1 })
23
+ */
24
+ poolSize?: number | {
25
+ clean: number;
26
+ dirty: number;
27
+ };
18
28
  /** Container creation options (HostConfig, Env, etc). */
19
29
  createOptions: Omit<Docker.ContainerCreateOptions, "Image">;
30
+ /** Network mode to determine if iptables cleanup is needed. */
31
+ networkMode: "none" | "host" | "filtered";
32
+ /** Security mode - if strict, run process cleanup between executions */
33
+ securityMode: "strict" | "unconfined" | "custom";
20
34
  }
21
35
  /**
22
36
  * A per-image warm container pool. Maintains pre-started containers
23
37
  * ready for immediate exec, recycling them after use.
38
+ *
39
+ * Supports two strategies:
40
+ * - "secure": Single pool, cleanup in acquire (current behavior)
41
+ * - "fast": Dual pools (clean/dirty), instant acquire, background cleanup
24
42
  */
25
43
  export declare class ContainerPool {
26
44
  private readonly docker;
27
- private readonly poolSize;
45
+ private readonly poolStrategy;
46
+ private readonly cleanPoolSize;
47
+ private readonly dirtyPoolSize;
28
48
  private readonly createOptions;
49
+ private readonly networkMode;
50
+ private readonly securityMode;
29
51
  private readonly pools;
30
52
  private readonly replenishing;
31
53
  private readonly pendingReplenishments;
54
+ private cleaningInterval;
32
55
  constructor(options: PoolOptions);
33
56
  /**
34
57
  * Acquire a started container for the given image.
35
- * Returns a warm container from the pool if available,
36
- * otherwise creates and starts a new one.
58
+ * - "secure" mode: Clean container before returning
59
+ * - "fast" mode: Instant return from clean pool, create new if empty
37
60
  */
38
61
  acquire(image: string): Promise<Docker.Container>;
39
62
  /**
40
- * Return a container to the pool after use. All processes owned by the
41
- * `sandbox` user are killed, and the `/sandbox` tmpfs is wiped clean
42
- * so the container is ready for the next execution.
43
- * If the pool is full, the container is destroyed instead.
63
+ * Return a container to the pool.
64
+ * - "secure" mode: Add to pool, cleanup happens on next acquire
65
+ * - "fast" mode: Add to dirty pool for background cleaning
44
66
  */
45
67
  release(container: Docker.Container, image: string): Promise<void>;
68
+ /**
69
+ * Start background cleaning for fast mode.
70
+ * Runs every 5 seconds to clean dirty containers.
71
+ */
72
+ private startBackgroundCleaning;
73
+ /**
74
+ * Clean a dirty container immediately and add to clean pool.
75
+ */
76
+ private cleanDirtyImmediate;
77
+ private cleanupContainer;
46
78
  /**
47
79
  * Pre-warm the pool for a specific image.
48
- * Creates containers up to poolSize.
49
80
  */
50
81
  warm(image: string): Promise<void>;
82
+ /**
83
+ * Stop the pool and clean up resources.
84
+ * Alias for drain() - destroys all containers and stops background cleaning.
85
+ */
86
+ stop(): Promise<void>;
51
87
  /**
52
88
  * Destroy all pooled containers and clear the pool.
53
89
  */
54
90
  drain(): Promise<void>;
55
91
  private createContainer;
56
- /** Replenish the pool in the background (non-blocking). */
57
92
  private replenish;
58
93
  }
59
94
  //# sourceMappingURL=pool.d.ts.map
package/dist/src/engine/pool.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"pool.d.ts","sourceRoot":"","sources":["../../../src/engine/pool.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,MAAM,MAAM,WAAW,CAAC;AAGpC,4CAA4C;AAC5C,MAAM,WAAW,WAAW;IAC1B,8BAA8B;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,wDAAwD;IACxD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,yDAAyD;IACzD,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,OAAO,CAAC,CAAC;CAC7D;AAOD;;;GAGG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAA+C;IAC7E,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAkC;IACxD,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAqB;IAClD,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAA4B;gBAEtD,OAAO,EAAE,WAAW;IAMhC;;;;OAIG;IACG,OAAO,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC;IAcvD;;;;;OAKG;IACG,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkDxE;;;OAGG;IACG,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkBxC;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;YAgBd,eAAe;IAW7B,2DAA2D;IAC3D,OAAO,CAAC,SAAS;CAuClB"}
1
+ {"version":3,"file":"pool.d.ts","sourceRoot":"","sources":["../../../src/engine/pool.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,MAAM,MAAM,WAAW,CAAC;AAGpC,4CAA4C;AAC5C,MAAM,WAAW,WAAW;IAC1B,8BAA8B;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,yDAAyD;IACzD,YAAY,CAAC,EAAE,QAAQ,GAAG,MAAM,CAAC;IACjC;;;;OAIG;IACH,QAAQ,CAAC,EAAE,MAAM,GAAG;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IACrD,yDAAyD;IACzD,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,OAAO,CAAC,CAAC;IAC5D,+DAA+D;IAC/D,WAAW,EAAE,MAAM,GAAG,MAAM,GAAG,UAAU,CAAC;IAC1C,wEAAwE;IACxE,YAAY,EAAE,QAAQ,GAAG,YAAY,GAAG,QAAQ,CAAC;CAClD;AAYD;;;;;;;GAOG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAoB;IACjD,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;IACvC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;IACvC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAA+C;IAC7E,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA+B;IAC3D,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAqC;IAClE,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAgC;IACtD,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAqB;IAClD,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAA4B;IAClE,OAAO,CAAC,gBAAgB,CAA+C;gBAE3D,OAAO,EAAE,WAAW;IA0BhC;;;;OAIG;IACG,OAAO,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC;IAkDvD;;;;OAIG;IACG,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAgCxE;;;OAGG;IACH,OAAO,CAAC,uBAAuB;IAoB/B;;OAEG;YACW,mBAAmB;YAenB,gBAAgB;IA4B9B;;OAEG;IACG,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAiCxC;;;OAGG;IACG,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAI3B;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;YAyBd,eAAe;IAW7B,OAAO,CAAC,SAAS;CAwDlB"}
package/dist/src/types.d.ts CHANGED
@@ -248,6 +248,23 @@ export interface Isol8Options {
248
248
  security?: SecurityConfig;
249
249
  /** Audit logging configuration. */
250
250
  audit?: AuditConfig;
251
+ /**
252
+ * Pool strategy for container reuse.
253
+ * - "secure": Clean container before returning (slower but ensures clean state)
254
+ * - "fast": Use dual-pool system - instant acquire, background cleanup (faster)
255
+ * @default "fast"
256
+ */
257
+ poolStrategy?: "secure" | "fast";
258
+ /**
259
+ * Pool size configuration.
260
+ * For "secure" mode: number of containers to keep warm
261
+ * For "fast" mode: { clean: number of ready containers, dirty: number being cleaned }
262
+ * @default 1 (for fast mode: { clean: 1, dirty: 1 })
263
+ */
264
+ poolSize?: number | {
265
+ clean: number;
266
+ dirty: number;
267
+ };
251
268
  }
252
269
  /**
253
270
  * The core isol8 engine abstraction. Both {@link DockerIsol8} and {@link RemoteIsol8}
package/dist/src/types.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH;;;;;;;;GAQG;AACH,MAAM,MAAM,OAAO,GAAG,QAAQ,GAAG,MAAM,GAAG,KAAK,GAAG,MAAM,GAAG,MAAM,CAAC;AAElE;;;;;;;GAOG;AACH,MAAM,MAAM,WAAW,GAAG,MAAM,GAAG,MAAM,GAAG,UAAU,CAAC;AAEvD;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,8BAA8B;IAC9B,IAAI,EAAE,MAAM,CAAC;IAEb,sEAAsE;IACtE,OAAO,EAAE,OAAO,CAAC;IAEjB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAE7B;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC,CAAC;IAExC;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IAEvB;;;OAGG;IACH,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAE3B;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,mDAAmD;IACnD,MAAM,EAAE,MAAM,CAAC;IAEf,+BAA+B;IAC/B,MAAM,EAAE,MAAM,CAAC;IAEf,gDAAgD;IAChD,QAAQ,EAAE,MAAM,CAAC;IAEjB,iDAAiD;IACjD,UAAU,EAAE,MAAM,CAAC;IAEnB,0FAA0F;IAC1F,SAAS,EAAE,OAAO,CAAC;IAEnB,4CAA4C;IAC5C,WAAW,EAAE,MAAM,CAAC;IAEpB,uCAAuC;IACvC,OAAO,EAAE,OAAO,CAAC;IAEjB,oDAAoD;IACpD,SAAS,EAAE,MAAM,CAAC;IAElB,0CAA0C;IAC1C,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;;OAIG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAE/B;;;OAGG;IACH,aAAa,CAAC,EAAE;QACd,kDAAkD;QAClD,UAAU,EAAE,MAAM,CAAC;QACnB,wCAAwC;QACxC,QAAQ,EAAE,MAAM,CAAC;QACjB,kDAAkD;QAClD,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,sCAAsC;QACtC,cAAc,EAAE,MAAM,CAAC;QACvB,kCAAkC;QAClC,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;IAEF;;;OAGG;IACH,WAAW,CAAC,EAAE,eAAe,EAAE,CAAC;CACjC,CAAC;;;;GAIC;AACH,MAAM,WAAW,WAAW;IAC1B,wDAAwD;IACxD,IAAI,EAAE,QAAQ,GAAG,QAAQ,GAAG,MAAM,GAAG,OAAO,CAAC;IAC7C,0FAA0F;IAC1F,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,uDAAuD;IACvD,SAAS,EAAE,MAAM,CAAC;IAClB,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;IACf,uBAAuB;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,sEAAsE;IACtE,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,wEAAwE;IACxE,MAAM,EAAE,OAAO,GAAG,OAAO,CAAC;IAC1B,wDAAwD;IACxD,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,CAAC,EAAE;QACd,kDAAkD;QAClD,UAAU,EAAE,MAAM,CAAC;QACnB,wCAAwC;QACxC,QAAQ,EAAE,MAAM,CAAC;QACjB,kDAAkD;QAClD,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,sCAAsC;QACtC,cAAc,EAAE,MAAM,CAAC;QACvB,kCAAkC;QAClC,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;IACF,cAAc,CAAC,EAAE,aAAa,EAAE,CAAC;IACjC,WAAW,CAAC,EAAE,eAAe,EAAE,CAAC;IAEhC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACnC;AAID;;;;;;GAMG;AACH,MAAM,MAAM,SAAS,GAAG,WAAW,GAAG,YAAY,CAAC;AAEnD;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,2CAA2C;IAC3C,IAAI,CAAC,EAAE,SAAS,CAAC;IAEjB,2CAA2C;IAC3C,OAAO,CAAC,EAAE,WAAW,CAAC;IAEtB,yFAAyF;IACzF,aAAa,CAAC,EAAE,mBAAmB,CAAC;IAEpC,mFAAmF;IACnF,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,mEAAmE;IACnE,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,4EAA4E;IAC5E,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,4DAA4D;IAC5D,cAAc,CAAC,EAAE,OAAO,CAAC;IAEzB,6EAA6E;IAC7E,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAEjC,gEAAgE;IAChE,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,iEAAiE;IACjE,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,wIAAwI;IACxI,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,+EAA+E;IAC/E,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,2CAA2C;IAC3C,KAAK,CAAC,EAAE,OAAO,CAAC;IAEhB;;;;OAIG;IACH,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;IAErB,yBAAyB;IACzB,QAAQ,CAAC,EAAE,cAAc,CAAC;IAE1B,mCAAmC;IACnC,KAAK,CAAC,EAAE,WAAW,CAAC;CACrB;AAED;;;GAGG;AACH,MAAM,WAAW,WAAW;IAC1B,gEAAgE;IAChE,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAEvB,kEAAkE;IAClE,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAEtB,0CAA0C;IAC1C,OAAO,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;IAEzD;;;;;;OAMG;IACH,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE/D;;;;;;OAMG;IACH,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAEvC;;;;;OAKG;IACH,aAAa,CAAC,GAAG,EAAE,gBAAgB,GAAG,aAAa,CAAC,WAAW,CAAC,CAAC;CAClE;AAID;;;;;;;;GAQG;AACH,MAAM,WAAW,mBAAmB;IAClC,2FAA2F;IAC3F,SAAS,EAAE,MAAM,EAAE,CAAC;IAEpB,mGAAmG;IACnG,SAAS,EAAE,MAAM,EAAE,CAAC;CACrB;AAID,oDAAoD;AACpD,MAAM,WAAW,aAAa;IAC5B,sDAAsD;IACtD,SAAS,EAAE,MAAM,CAAC;IAClB,4CAA4C;IAC5C,WAAW,EAAE,MAAM,CAAC;IACpB,4DAA4D;IAC5D,QAAQ,EAAE,MAAM,CAAC;IACjB,4CAA4C;IAC5C,OAAO,EAAE,WAAW,CAAC;IACrB,kEAAkE;IAClE,WAAW,EAAE,MAAM,CAAC;IACpB,8DAA8D;IAC9D,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,yDAAyD;AACzD,MAAM,WAAW,YAAY;IAC3B,oEAAoE;IACpE,SAAS,EAAE,OAAO,CAAC;IACnB,kFAAkF;IAClF,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAChC,0CAA0C;IAC1C,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,oDAAoD;IACpD,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,wCAAwC;IACxC,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,qCAAqC;IACrC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,iDAAiD;IACjD,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;;OAKG;IACH,OAAO,CAAC,EAAE,QAAQ,GAAG,YAAY,GAAG,QAAQ,CAAC;IAC7C,mFAAmF;IACnF,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,uCAAuC;AACvC,MAAM,WAAW,WAAW;IAC1B,2CAA2C;IAC3C,OAAO,EAAE,OAAO,CAAC;IACjB,4EAA4E;IAC5E,WAAW,EAAE,YAAY,GAAG,QAAQ,GAAG,MAAM,CAAC;IAC9C,oFAAoF;IACpF,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,6FAA6F;IAC7F,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,gEAAgE;IAChE,cAAc,EAAE,OAAO,CAAC;IACxB,0DAA0D;IAC1D,aAAa,EAAE,MAAM,CAAC;IACtB,sEAAsE;IACtE,WAAW,EAAE,OAAO,CAAC;IACrB,6EAA6E;IAC7E,aAAa,EAAE,OAAO,CAAC;CACxB;AAED;;;;;;;;GAQG;AACH,MAAM,WAAW,WAAW;IAC1B,0EAA0E;IAC1E,aAAa,EAAE,MAAM,CAAC;IAEtB,sDAAsD;IACtD,QAAQ,EAAE,aAAa,CAAC;IAExB,4DAA4D;IAC5D,OAAO,EAAE,mBAAmB,CAAC;IAE7B,gDAAgD;IAChD,OAAO,EAAE,YAAY,CAAC;IAEtB,mEAAmE;IACnE,YAAY,EAAE,iBAAiB,CAAC;IAEhC,yBAAyB;IACzB,QAAQ,EAAE,cAAc,CAAC;IAEzB,mCAAmC;IACnC,KAAK,EAAE,WAAW,CAAC;IAEnB,2CAA2C;IAC3C,KAAK,EAAE,OAAO,CAAC;CAChB;AAED;;;GAGG;AACH,MAAM,WAAW,eAAe;IAC9B,wDAAwD;IACxD,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,2CAA2C;IAC3C,KAAK,CAAC,EAAE,OAAO,CAAC;IAEhB,0EAA0E;IAC1E,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB,kFAAkF;IAClF,QAAQ,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAElC,4DAA4D;IAC5D,OAAO,CAAC,EAAE,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAEvC,4EAA4E;IAC5E,OAAO,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;IAEhC,mEAAmE;IACnE,YAAY,CAAC,EAAE,iBAAiB,CAAC;IAEjC,yBAAyB;IACzB,QAAQ,CAAC,EAAE,cAAc,CAAC;IAE1B,mCAAmC;IACnC,KAAK,CAAC,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;CAC9B"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH;;;;;;;;GAQG;AACH,MAAM,MAAM,OAAO,GAAG,QAAQ,GAAG,MAAM,GAAG,KAAK,GAAG,MAAM,GAAG,MAAM,CAAC;AAElE;;;;;;;GAOG;AACH,MAAM,MAAM,WAAW,GAAG,MAAM,GAAG,MAAM,GAAG,UAAU,CAAC;AAEvD;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,8BAA8B;IAC9B,IAAI,EAAE,MAAM,CAAC;IAEb,sEAAsE;IACtE,OAAO,EAAE,OAAO,CAAC;IAEjB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAE7B;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC,CAAC;IAExC;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IAEvB;;;OAGG;IACH,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAE3B;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,mDAAmD;IACnD,MAAM,EAAE,MAAM,CAAC;IAEf,+BAA+B;IAC/B,MAAM,EAAE,MAAM,CAAC;IAEf,gDAAgD;IAChD,QAAQ,EAAE,MAAM,CAAC;IAEjB,iDAAiD;IACjD,UAAU,EAAE,MAAM,CAAC;IAEnB,0FAA0F;IAC1F,SAAS,EAAE,OAAO,CAAC;IAEnB,4CAA4C;IAC5C,WAAW,EAAE,MAAM,CAAC;IAEpB,uCAAuC;IACvC,OAAO,EAAE,OAAO,CAAC;IAEjB,oDAAoD;IACpD,SAAS,EAAE,MAAM,CAAC;IAElB,0CAA0C;IAC1C,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;;OAIG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAE/B;;;OAGG;IACH,aAAa,CAAC,EAAE;QACd,kDAAkD;QAClD,UAAU,EAAE,MAAM,CAAC;QACnB,wCAAwC;QACxC,QAAQ,EAAE,MAAM,CAAC;QACjB,kDAAkD;QAClD,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,sCAAsC;QACtC,cAAc,EAAE,MAAM,CAAC;QACvB,kCAAkC;QAClC,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;IAEF;;;OAGG;IACH,WAAW,CAAC,EAAE,eAAe,EAAE,CAAC;CACjC,CAAC;;;;GAIC;AACH,MAAM,WAAW,WAAW;IAC1B,wDAAwD;IACxD,IAAI,EAAE,QAAQ,GAAG,QAAQ,GAAG,MAAM,GAAG,OAAO,CAAC;IAC7C,0FAA0F;IAC1F,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,uDAAuD;IACvD,SAAS,EAAE,MAAM,CAAC;IAClB,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;IACf,uBAAuB;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,sEAAsE;IACtE,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,wEAAwE;IACxE,MAAM,EAAE,OAAO,GAAG,OAAO,CAAC;IAC1B,wDAAwD;IACxD,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,CAAC,EAAE;QACd,kDAAkD;QAClD,UAAU,EAAE,MAAM,CAAC;QACnB,wCAAwC;QACxC,QAAQ,EAAE,MAAM,CAAC;QACjB,kDAAkD;QAClD,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,sCAAsC;QACtC,cAAc,EAAE,MAAM,CAAC;QACvB,kCAAkC;QAClC,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;IACF,cAAc,CAAC,EAAE,aAAa,EAAE,CAAC;IACjC,WAAW,CAAC,EAAE,eAAe,EAAE,CAAC;IAEhC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACnC;AAID;;;;;;GAMG;AACH,MAAM,MAAM,SAAS,GAAG,WAAW,GAAG,YAAY,CAAC;AAEnD;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,2CAA2C;IAC3C,IAAI,CAAC,EAAE,SAAS,CAAC;IAEjB,2CAA2C;IAC3C,OAAO,CAAC,EAAE,WAAW,CAAC;IAEtB,yFAAyF;IACzF,aAAa,CAAC,EAAE,mBAAmB,CAAC;IAEpC,mFAAmF;IACnF,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,mEAAmE;IACnE,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,4EAA4E;IAC5E,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,4DAA4D;IAC5D,cAAc,CAAC,EAAE,OAAO,CAAC;IAEzB,6EAA6E;IAC7E,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAEjC,gEAAgE;IAChE,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,iEAAiE;IACjE,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,wIAAwI;IACxI,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,+EAA+E;IAC/E,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,2CAA2C;IAC3C,KAAK,CAAC,EAAE,OAAO,CAAC;IAEhB;;;;OAIG;IACH,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;IAErB,yBAAyB;IACzB,QAAQ,CAAC,EAAE,cAAc,CAAC;IAE1B,mCAAmC;IACnC,KAAK,CAAC,EAAE,WAAW,CAAC;IAEpB;;;;;OAKG;IACH,YAAY,CAAC,EAAE,QAAQ,GAAG,MAAM,CAAC;IAEjC;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,MAAM,GAAG;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;CACtD;AAED;;;GAGG;AACH,MAAM,WAAW,WAAW;IAC1B,gEAAgE;IAChE,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAEvB,kEAAkE;IAClE,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAEtB,0CAA0C;IAC1C,OAAO,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;IAEzD;;;;;;OAMG;IACH,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE/D;;;;;;OAMG;IACH,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAEvC;;;;;OAKG;IACH,aAAa,CAAC,GAAG,EAAE,gBAAgB,GAAG,aAAa,CAAC,WAAW,CAAC,CAAC;CAClE;AAID;;;;;;;;GAQG;AACH,MAAM,WAAW,mBAAmB;IAClC,2FAA2F;IAC3F,SAAS,EAAE,MAAM,EAAE,CAAC;IAEpB,mGAAmG;IACnG,SAAS,EAAE,MAAM,EAAE,CAAC;CACrB;AAID,oDAAoD;AACpD,MAAM,WAAW,aAAa;IAC5B,sDAAsD;IACtD,SAAS,EAAE,MAAM,CAAC;IAClB,4CAA4C;IAC5C,WAAW,EAAE,MAAM,CAAC;IACpB,4DAA4D;IAC5D,QAAQ,EAAE,MAAM,CAAC;IACjB,4CAA4C;IAC5C,OAAO,EAAE,WAAW,CAAC;IACrB,kEAAkE;IAClE,WAAW,EAAE,MAAM,CAAC;IACpB,8DAA8D;IAC9D,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,yDAAyD;AACzD,MAAM,WAAW,YAAY;IAC3B,oEAAoE;IACpE,SAAS,EAAE,OAAO,CAAC;IACnB,kFAAkF;IAClF,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAChC,0CAA0C;IAC1C,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,oDAAoD;IACpD,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,wCAAwC;IACxC,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,qCAAqC;IACrC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,iDAAiD;IACjD,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;;OAKG;IACH,OAAO,CAAC,EAAE,QAAQ,GAAG,YAAY,GAAG,QAAQ,CAAC;IAC7C,mFAAmF;IACnF,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,uCAAuC;AACvC,MAAM,WAAW,WAAW;IAC1B,2CAA2C;IAC3C,OAAO,EAAE,OAAO,CAAC;IACjB,4EAA4E;IAC5E,WAAW,EAAE,YAAY,GAAG,QAAQ,GAAG,MAAM,CAAC;IAC9C,oFAAoF;IACpF,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,6FAA6F;IAC7F,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,gEAAgE;IAChE,cAAc,EAAE,OAAO,CAAC;IACxB,0DAA0D;IAC1D,aAAa,EAAE,MAAM,CAAC;IACtB,sEAAsE;IACtE,WAAW,EAAE,OAAO,CAAC;IACrB,6EAA6E;IAC7E,aAAa,EAAE,OAAO,CAAC;CACxB;AAED;;;;;;;;GAQG;AACH,MAAM,WAAW,WAAW;IAC1B,0EAA0E;IAC1E,aAAa,EAAE,MAAM,CAAC;IAEtB,sDAAsD;IACtD,QAAQ,EAAE,aAAa,CAAC;IAExB,4DAA4D;IAC5D,OAAO,EAAE,mBAAmB,CAAC;IAE7B,gDAAgD;IAChD,OAAO,EAAE,YAAY,CAAC;IAEtB,mEAAmE;IACnE,YAAY,EAAE,iBAAiB,CAAC;IAEhC,yBAAyB;IACzB,QAAQ,EAAE,cAAc,CAAC;IAEzB,mCAAmC;IACnC,KAAK,EAAE,WAAW,CAAC;IAEnB,2CAA2C;IAC3C,KAAK,EAAE,OAAO,CAAC;CAChB;AAED;;;GAGG;AACH,MAAM,WAAW,eAAe;IAC9B,wDAAwD;IACxD,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,2CAA2C;IAC3C,KAAK,CAAC,EAAE,OAAO,CAAC;IAEhB,0EAA0E;IAC1E,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB,kFAAkF;IAClF,QAAQ,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAElC,4DAA4D;IAC5D,OAAO,CAAC,EAAE,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAEvC,4EAA4E;IAC5E,OAAO,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;IAEhC,mEAAmE;IACnE,YAAY,CAAC,EAAE,iBAAiB,CAAC;IAEjC,yBAAyB;IACzB,QAAQ,CAAC,EAAE,cAAc,CAAC;IAE1B,mCAAmC;IACnC,KAAK,CAAC,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;CAC9B"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "isol8",
3
- "version": "0.10.1",
3
+ "version": "0.10.2-alpha.0",
4
4
  "description": "Secure code execution engine for AI agents",
5
5
  "author": "Illusion47586",
6
6
  "license": "MIT",