isol8 0.8.2 → 0.9.0

package/dist/docker/proxy-handler.sh

@@ -71,6 +71,10 @@ if [ "$method" = "CONNECT" ]; then
 
   if ! is_allowed "$host"; then
     msg="isol8: CONNECT to ${host} blocked by network filter"
+    # Log security event
+    if [ -d "/tmp/isol8-proxy" ]; then
+      printf '{"type":"network_blocked","timestamp":"%s","details":{"method":"CONNECT","host":"%s","reason":"filter_mismatch"}}\n' "$(date -Iseconds)" "$host" >> /tmp/isol8-proxy/security-events.jsonl
+    fi
     printf "HTTP/1.1 403 Forbidden\r\nContent-Type: text/plain\r\nContent-Length: %d\r\n\r\n%s" \
       "${#msg}" "$msg"
     exit 0
@@ -96,6 +100,10 @@ port="${hostport##*:}"
 
 if ! is_allowed "$host"; then
   msg="isol8: request to ${host} blocked by network filter"
+  # Log security event
+  if [ -d "/tmp/isol8-proxy" ]; then
+    printf '{"type":"network_blocked","timestamp":"%s","details":{"method":"%s","host":"%s","reason":"filter_mismatch"}}\n' "$(date -Iseconds)" "$method" "$host" >> /tmp/isol8-proxy/security-events.jsonl
+  fi
   printf "HTTP/1.1 403 Forbidden\r\nContent-Type: text/plain\r\nContent-Length: %d\r\n\r\n%s" \
     "${#msg}" "$msg"
   exit 0

package/dist/docker/proxy.sh

@@ -17,6 +17,9 @@ PORT="${ISOL8_PROXY_PORT:-8118}"
 PROXY_DIR="/tmp/isol8-proxy"
 mkdir -p "$PROXY_DIR"
 
+# Create security events log file
+touch "$PROXY_DIR/security-events.jsonl"
+
 WL_FILE="$PROXY_DIR/whitelist"
 BL_FILE="$PROXY_DIR/blacklist"
 

package/dist/index.js

@@ -198,6 +198,144 @@ var init_logger = __esm(() => {
   logger = new Logger;
 });
 
+// src/engine/audit.ts
+import { spawn } from "node:child_process";
+import { appendFileSync, existsSync as existsSync2, mkdirSync, readdirSync, statSync, unlinkSync } from "node:fs";
+import { join as join2 } from "node:path";
+
+class AuditLogger {
+  config;
+  auditFile;
+  constructor(config) {
+    this.config = config;
+    const auditDir = config.logDir ?? process.env.ISOL8_AUDIT_DIR ?? join2(process.cwd(), "./.isol8_audit");
+    this.auditFile = join2(auditDir, "executions.log");
+    if (!existsSync2(auditDir)) {
+      try {
+        mkdirSync(auditDir, { recursive: true });
+      } catch (err) {
+        logger.error("Failed to create audit dir:", err);
+      }
+    }
+    this.cleanupOldLogs();
+  }
+  cleanupOldLogs() {
+    if (!this.config.enabled || this.config.retentionDays <= 0) {
+      return;
+    }
+    try {
+      const auditDir = join2(this.auditFile, "..");
+      if (!existsSync2(auditDir)) {
+        return;
+      }
+      const cutoffTime = Date.now() - this.config.retentionDays * 24 * 60 * 60 * 1000;
+      const files = readdirSync(auditDir);
+      let cleanedCount = 0;
+      for (const file of files) {
+        if (file.endsWith(".log") || file.endsWith(".jsonl")) {
+          const filePath = join2(auditDir, file);
+          try {
+            const stats = statSync(filePath);
+            if (stats.mtimeMs < cutoffTime) {
+              unlinkSync(filePath);
+              cleanedCount++;
+              logger.debug(`Cleaned up old audit log: ${file}`);
+            }
+          } catch (err) {
+            logger.debug(`Failed to check/remove old log file ${file}:`, err);
+          }
+        }
+      }
+      if (cleanedCount > 0) {
+        logger.info(`Audit log cleanup: removed ${cleanedCount} old log files`);
+      }
+    } catch (err) {
+      logger.error("Failed to cleanup old audit logs:", err);
+    }
+  }
+  record(audit) {
+    if (!this.config.enabled) {
+      return;
+    }
+    try {
+      const filteredAudit = this.filterAuditData(audit);
+      const line = `${JSON.stringify(filteredAudit)}
+`;
+      switch (this.config.destination) {
+        case "file":
+        case "filesystem":
+          appendFileSync(this.auditFile, line, { encoding: "utf-8" });
+          break;
+        case "stdout":
+          console.log("AUDIT_LOG:", filteredAudit);
+          break;
+        default:
+          logger.error(`Unsupported audit destination: ${this.config.destination}`);
+          return;
+      }
+      logger.debug("Audit record written:", audit.executionId);
+      if (this.config.postLogScript) {
+        this.runPostLogScript();
+      }
+    } catch (err) {
+      logger.error("Failed to write audit record:", err);
+    }
+  }
+  runPostLogScript() {
+    if (!this.config.postLogScript) {
+      return;
+    }
+    try {
+      const child = spawn(this.config.postLogScript, [this.auditFile], {
+        detached: true,
+        stdio: "ignore"
+      });
+      child.on("error", (err) => {
+        logger.error("Failed to run post-log script:", err);
+      });
+      child.unref();
+    } catch (err) {
+      logger.error("Failed to spawn post-log script:", err);
+    }
+  }
+  filterAuditData(audit) {
+    const result = {
+      executionId: audit.executionId,
+      userId: audit.userId,
+      timestamp: audit.timestamp,
+      runtime: audit.runtime,
+      codeHash: audit.codeHash,
+      containerId: audit.containerId,
+      exitCode: audit.exitCode,
+      durationMs: audit.durationMs
+    };
+    if (audit.resourceUsage !== undefined) {
+      result.resourceUsage = audit.resourceUsage;
+    }
+    if (audit.securityEvents !== undefined) {
+      result.securityEvents = audit.securityEvents;
+    }
+    if (audit.metadata !== undefined) {
+      result.metadata = audit.metadata;
+    }
+    if (this.config.includeCode && audit.code !== undefined) {
+      result.code = audit.code;
+    }
+    if (this.config.includeOutput) {
+      if (audit.stdout !== undefined) {
+        result.stdout = audit.stdout;
+      }
+      if (audit.stderr !== undefined) {
+        result.stderr = audit.stderr;
+      }
+    }
+    return result;
+  }
+}
+var init_audit = __esm(() => {
+  init_logger();
+});
+
 // src/engine/concurrency.ts
 class Semaphore {
   max;
@@ -356,6 +494,51 @@ var init_pool = __esm(() => {
   init_logger();
 });
 
+// src/engine/stats.ts
+function calculateCPUPercent(stats) {
+  const cpuDelta = stats.cpu_stats.cpu_usage.total_usage - stats.precpu_stats.cpu_usage.total_usage;
+  const systemDelta = stats.cpu_stats.system_cpu_usage - stats.precpu_stats.system_cpu_usage;
+  if (systemDelta === 0 || cpuDelta === 0) {
+    return 0;
+  }
+  const numCores = stats.cpu_stats.online_cpus ?? stats.cpu_stats.cpu_usage.percpu_usage?.length ?? 1;
+  return cpuDelta / systemDelta * numCores * 100;
+}
+function calculateNetworkStats(stats) {
+  if (!stats.networks) {
+    return { in: 0, out: 0 };
+  }
+  let rxBytes = 0;
+  let txBytes = 0;
+  for (const iface of Object.values(stats.networks)) {
+    rxBytes += iface.rx_bytes;
+    txBytes += iface.tx_bytes;
+  }
+  return { in: rxBytes, out: txBytes };
+}
+async function getContainerStats(container) {
+  const stats = await container.stats({
+    stream: false
+  });
+  const cpuPercent = calculateCPUPercent(stats);
+  const memoryBytes = stats.memory_stats.usage;
+  const network = calculateNetworkStats(stats);
+  return {
+    cpuPercent: Math.round(cpuPercent * 100) / 100,
+    memoryMB: Math.round(memoryBytes / (1024 * 1024)),
+    networkBytesIn: network.in,
+    networkBytesOut: network.out
+  };
+}
+function calculateResourceDelta(before, after) {
+  return {
+    cpuPercent: after.cpuPercent,
+    memoryMB: after.memoryMB,
+    networkBytesIn: after.networkBytesIn - before.networkBytesIn,
+    networkBytesOut: after.networkBytesOut - before.networkBytesOut
+  };
+}
+
 // src/engine/utils.ts
 function parseMemoryLimit(limit) {
   const match = limit.match(/^(\d+(?:\.\d+)?)\s*([kmgt]?)b?$/i);
@@ -451,15 +634,15 @@ var exports_docker = {};
 __export(exports_docker, {
   DockerIsol8: () => DockerIsol8
 });
-import { spawn } from "node:child_process";
+import { spawn as spawn2 } from "node:child_process";
 import { randomUUID } from "node:crypto";
-import { existsSync as existsSync2, readFileSync as readFileSync2 } from "node:fs";
+import { existsSync as existsSync3, readFileSync as readFileSync2 } from "node:fs";
 import { PassThrough } from "node:stream";
 import Docker from "dockerode";
 async function writeFileViaExec(container, filePath, content) {
   const data = typeof content === "string" ? Buffer.from(content, "utf-8") : content;
   return new Promise((resolve2, reject) => {
-    const child = spawn("docker", ["exec", "-i", "-u", "sandbox", container.id, "sh", "-c", `cat > ${filePath}`], {
+    const child = spawn2("docker", ["exec", "-i", "-u", "sandbox", container.id, "sh", "-c", `cat > ${filePath}`], {
       stdio: ["pipe", "ignore", "pipe"]
     });
     child.on("error", (err) => {
@@ -645,6 +828,7 @@ class DockerIsol8 {
   tmpSize;
   security;
   persist;
+  auditLogger;
   container = null;
   persistentRuntime = null;
   pool = null;
@@ -666,6 +850,9 @@ class DockerIsol8 {
     this.tmpSize = options.tmpSize ?? "256m";
     this.persist = options.persist ?? false;
     this.security = options.security ?? { seccomp: "strict" };
+    if (options.audit) {
+      this.auditLogger = new AuditLogger(options.audit);
+    }
     if (options.debug) {
       logger.setDebug(true);
     }
@@ -689,12 +876,79 @@ class DockerIsol8 {
   }
   async execute(req) {
     await this.semaphore.acquire();
+    const startTime = Date.now();
     try {
-      return this.mode === "persistent" ? await this.executePersistent(req) : await this.executeEphemeral(req);
+      const result = this.mode === "persistent" ? await this.executePersistent(req, startTime) : await this.executeEphemeral(req, startTime);
+      return result;
     } finally {
       this.semaphore.release();
     }
   }
+  async recordAudit(req, result, startTime, container) {
+    try {
+      const enc = new TextEncoder;
+      const data = enc.encode(req.code);
+      const digest = await crypto.subtle.digest("SHA-256", data);
+      const codeHash = Array.from(new Uint8Array(digest)).map((b) => b.toString(16).padStart(2, "0")).join("");
+      let securityEvents;
+      if (container && this.network === "filtered") {
+        securityEvents = await this.collectSecurityEvents(container);
+        if (securityEvents.length === 0) {
+          securityEvents = undefined;
+        }
+      }
+      const audit = {
+        executionId: result.executionId,
+        userId: req.metadata?.userId || "",
+        timestamp: new Date(startTime).toISOString(),
+        runtime: result.runtime,
+        codeHash,
+        containerId: result.containerId || "",
+        exitCode: result.exitCode,
+        durationMs: result.durationMs,
+        resourceUsage: result.resourceUsage,
+        securityEvents,
+        metadata: req.metadata
+      };
+      this.auditLogger.record(audit);
+    } catch (err) {
+      logger.error("Failed to record audit log:", err);
+    }
+  }
+  async collectSecurityEvents(container) {
+    const events = [];
+    try {
+      const exec = await container.exec({
+        Cmd: ["cat", "/tmp/isol8-proxy/security-events.jsonl"],
+        AttachStdout: true,
+        AttachStderr: false,
+        User: "root"
+      });
+      const stream = await exec.start({ Tty: false });
+      const chunks = [];
+      for await (const chunk of stream) {
+        chunks.push(chunk);
+      }
+      const output = Buffer.concat(chunks).toString("utf-8").trim();
+      if (output) {
+        for (const line of output.split(`
+`)) {
+          if (line.trim()) {
+            try {
+              const event = JSON.parse(line);
+              events.push({
+                type: event.type || "unknown",
+                message: `Security event: ${event.type}`,
+                details: event.details || {},
+                timestamp: event.timestamp || new Date().toISOString()
+              });
+            } catch {}
+          }
+        }
+      }
+    } catch {}
+    return events;
+  }
   async putFile(path, content) {
     if (!this.container) {
       throw new Error("No active container. Call execute() first in persistent mode.");
@@ -802,7 +1056,7 @@ class DockerIsol8 {
       return adapter.image;
     }
   }
-  async executeEphemeral(req) {
+  async executeEphemeral(req, startTime) {
     const adapter = this.getAdapter(req.runtime);
     const timeoutMs = req.timeoutMs ?? this.defaultTimeoutMs;
     const image = await this.resolveImage(adapter);
@@ -821,6 +1075,14 @@ class DockerIsol8 {
       });
     }
     const container = await this.pool.acquire(image);
+    let startStats;
+    if (this.auditLogger) {
+      try {
+        startStats = await getContainerStats(container);
+      } catch (err) {
+        logger.debug("Failed to collect baseline stats:", err);
+      }
+    }
     try {
       if (this.network === "filtered") {
         await startProxy(container, this.networkFilter);
@@ -861,7 +1123,16 @@ class DockerIsol8 {
       const { stdout, stderr, truncated } = await this.collectExecOutput(execStream, container, timeoutMs);
       const durationMs = Math.round(performance.now() - start);
       const inspectResult = await exec.inspect();
-      return {
+      let resourceUsage;
+      if (startStats) {
+        try {
+          const endStats = await getContainerStats(container);
+          resourceUsage = calculateResourceDelta(startStats, endStats);
+        } catch (err) {
+          logger.debug("Failed to collect final stats:", err);
+        }
+      }
+      const result = {
         stdout: this.postProcessOutput(stdout, truncated),
         stderr: this.postProcessOutput(stderr, false),
         exitCode: inspectResult.ExitCode ?? 1,
@@ -871,8 +1142,13 @@ class DockerIsol8 {
         runtime: req.runtime,
         timestamp: new Date().toISOString(),
         containerId: container.id,
+        ...resourceUsage ? { resourceUsage } : {},
         ...req.outputPaths ? { files: await this.retrieveFiles(container, req.outputPaths) } : {}
       };
+      if (this.auditLogger) {
+        await this.recordAudit(req, result, startTime, container);
+      }
+      return result;
     } finally {
       if (this.persist) {
         logger.debug(`[Persist] Leaving container running for inspection: ${container.id}`);
@@ -881,7 +1157,7 @@ class DockerIsol8 {
       }
     }
   }
-  async executePersistent(req) {
+  async executePersistent(req, startTime) {
     const adapter = this.getAdapter(req.runtime);
     const timeoutMs = req.timeoutMs ?? this.defaultTimeoutMs;
     if (!this.container) {
@@ -935,7 +1211,21 @@ class DockerIsol8 {
     const { stdout, stderr, truncated } = await this.collectExecOutput(execStream, this.container, timeoutMs);
     const durationMs = Math.round(performance.now() - start);
     const inspectResult = await exec.inspect();
-    return {
+    let resourceUsage;
+    if (this.auditLogger) {
+      try {
+        const endStats = await getContainerStats(this.container);
+        resourceUsage = {
+          cpuPercent: endStats.cpuPercent,
+          memoryMB: endStats.memoryMB,
+          networkBytesIn: endStats.networkBytesIn,
+          networkBytesOut: endStats.networkBytesOut
+        };
+      } catch (err) {
+        logger.debug("Failed to collect resource stats:", err);
+      }
+    }
+    const result = {
       stdout: this.postProcessOutput(stdout, truncated),
       stderr: this.postProcessOutput(stderr, false),
       exitCode: inspectResult.ExitCode ?? 1,
@@ -945,8 +1235,13 @@ class DockerIsol8 {
       runtime: req.runtime,
       timestamp: new Date().toISOString(),
       containerId: this.container?.id,
+      ...resourceUsage ? { resourceUsage } : {},
       ...req.outputPaths ? { files: await this.retrieveFiles(this.container, req.outputPaths) } : {}
     };
+    if (this.auditLogger) {
+      await this.recordAudit(req, result, startTime, this.container);
+    }
+    return result;
   }
   async retrieveFiles(container, paths) {
     const files = {};
@@ -1038,11 +1333,11 @@ class DockerIsol8 {
   }
   loadDefaultSeccompProfile() {
     const devPath = new URL("../../docker/seccomp-profile.json", import.meta.url);
-    if (existsSync2(devPath)) {
+    if (existsSync3(devPath)) {
       return readFileSync2(devPath, "utf-8");
     }
     const prodPath = new URL("./docker/seccomp-profile.json", import.meta.url);
-    if (existsSync2(prodPath)) {
+    if (existsSync3(prodPath)) {
       return readFileSync2(prodPath, "utf-8");
     }
     logger.warn("Could not locate default seccomp profile. Running without seccomp filter.");
@@ -1248,6 +1543,7 @@ var SANDBOX_WORKDIR = "/sandbox", MAX_OUTPUT_BYTES, PROXY_PORT = 8118, PROXY_STA
 var init_docker = __esm(() => {
   init_runtime();
   init_logger();
+  init_audit();
   init_pool();
   MAX_OUTPUT_BYTES = 1024 * 1024;
 });
@@ -1404,6 +1700,16 @@ var DEFAULT_CONFIG = {
   security: {
     seccomp: "strict"
   },
+  audit: {
+    enabled: false,
+    destination: "filesystem",
+    logDir: undefined,
+    postLogScript: undefined,
+    trackResources: true,
+    retentionDays: 90,
+    includeCode: false,
+    includeOutput: false
+  },
   debug: false
 };
 function loadConfig(cwd) {
@@ -1443,6 +1749,10 @@ function mergeConfig(defaults, overrides) {
       seccomp: overrides.security?.seccomp ?? defaults.security.seccomp,
       customProfilePath: overrides.security?.customProfilePath ?? defaults.security.customProfilePath
     },
+    audit: {
+      ...defaults.audit,
+      ...overrides.audit
+    },
     debug: overrides.debug ?? defaults.debug
   };
 }
@@ -1457,7 +1767,7 @@ init_logger();
 // package.json
 var package_default = {
   name: "isol8",
-  version: "0.8.1",
+  version: "0.8.3",
   description: "Secure code execution engine for AI agents",
   author: "Illusion47586",
   license: "MIT",
@@ -1619,7 +1929,8 @@ async function createServer(options) {
       sandboxSize: config.defaults.sandboxSize,
       tmpSize: config.defaults.tmpSize,
       ...body.options,
-      mode: body.sessionId ? "persistent" : "ephemeral"
+      mode: body.sessionId ? "persistent" : "ephemeral",
+      audit: config.audit
     };
     let engine;
     if (body.sessionId) {
@@ -1792,4 +2103,4 @@ export {
   BunAdapter
 };
 
-//# debugId=3E8DBF80E2D1D77264756E2164756E21
+//# debugId=B0E8FAABBC51985364756E2164756E21

package/dist/src/config.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/config.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAKH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAE3C;;;GAGG;AACH,QAAA,MAAM,cAAc,EAAE,WAuBrB,CAAC;AAEF;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,UAAU,CAAC,GAAG,CAAC,EAAE,MAAM,GAAG,WAAW,CAepD;AAmCD,OAAO,EAAE,cAAc,EAAE,CAAC"}
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/config.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAKH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAE3C;;;GAGG;AACH,QAAA,MAAM,cAAc,EAAE,WAiCrB,CAAC;AAEF;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,UAAU,CAAC,GAAG,CAAC,EAAE,MAAM,GAAG,WAAW,CAepD;AAuCD,OAAO,EAAE,cAAc,EAAE,CAAC"}

package/dist/src/engine/audit.d.ts

@@ -0,0 +1,31 @@
+/**
+ * Pluggable audit logger for execution provenance.
+ *
+ * Records ExecutionAudit objects to various destinations based on configuration.
+ * Supports filesystem and stdout logging, with extensibility for cloud services.
+ */
+import type { AuditConfig, ExecutionAudit } from "../types";
+export declare class AuditLogger {
+    private readonly config;
+    private readonly auditFile;
+    constructor(config: AuditConfig);
+    /**
+     * Clean up audit log files older than retentionDays.
+     * Checks both the main executions.log and any rotated/archived logs.
+     */
+    private cleanupOldLogs;
+    /**
+     * Record an audit entry based on the current configuration.
+     */
+    record(audit: ExecutionAudit): void;
+    /**
+     * Run the configured post-log script.
+     * The script receives the audit file path as its first argument.
+     */
+    private runPostLogScript;
+    /**
+     * Apply privacy filtering to audit data based on configuration.
+     */
+    private filterAuditData;
+}
+//# sourceMappingURL=audit.d.ts.map

package/dist/src/engine/audit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../../../src/engine/audit.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH,OAAO,KAAK,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAG5D,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAc;IACrC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;gBAEvB,MAAM,EAAE,WAAW;IAqB/B;;;OAGG;IACH,OAAO,CAAC,cAAc;IAwCtB;;OAEG;IACH,MAAM,CAAC,KAAK,EAAE,cAAc,GAAG,IAAI;IAoCnC;;;OAGG;IACH,OAAO,CAAC,gBAAgB;IAuBxB;;OAEG;IACH,OAAO,CAAC,eAAe;CAuCxB"}

package/dist/src/engine/docker.d.ts

@@ -45,6 +45,7 @@ export declare class DockerIsol8 implements Isol8Engine {
     private readonly tmpSize;
     private readonly security;
     private readonly persist;
+    private readonly auditLogger?;
     private container;
     private persistentRuntime;
     private pool;
@@ -65,6 +66,14 @@ export declare class DockerIsol8 implements Isol8Engine {
      * the concurrency limit, then delegates to ephemeral or persistent execution.
      */
     execute(req: ExecutionRequest): Promise<ExecutionResult>;
+    /**
+     * Record an audit entry for the execution.
+     */
+    private recordAudit;
+    /**
+     * Collect security events from the container (e.g., network filter blocks).
+     */
+    private collectSecurityEvents;
     /**
      * Upload a file into the running container via a tar archive.
      * Only available in persistent mode after at least one `execute()` call.

package/dist/src/engine/docker.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"docker.d.ts","sourceRoot":"","sources":["../../../src/engine/docker.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAMH,OAAO,MAAM,MAAM,WAAW,CAAC;AAG/B,OAAO,KAAK,EACV,gBAAgB,EAChB,eAAe,EACf,WAAW,EAEX,YAAY,EAIZ,WAAW,EACZ,MAAM,UAAU,CAAC;AAiTlB,2HAA2H;AAC3H,MAAM,WAAW,kBAAmB,SAAQ,YAAY;IACtD,oFAAoF;IACpF,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;;;;;;;;;;;;GAcG;AACH,qBAAa,WAAY,YAAW,WAAW;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAY;IACjC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAc;IACtC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAsB;IACrD,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAU;IACzC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;IACvC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAyB;IACjD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;IAC1C,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAS;IACxC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAY;IACtC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IAEjC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAiB;IAC1C,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAU;IAElC,OAAO,CAAC,SAAS,CAAiC;IAClD,OAAO,CAAC,iBAAiB,CAA+B;IACxD,OAAO,CAAC,IAAI,CAA8B;IAE1C;;;OAGG;gBACS,OAAO,GAAE,kBAAuB,EAAE,aAAa,SAAK;IAwBhE;;;OAGG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAK5B,kFAAkF;IAC5E,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAuB3B;;;OAGG;IACG,OAAO,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAW9D;;;;;;;OAOG;IACG,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAYpE;;;;;;OAMG;IACG,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAmB5C,6GAA6G;IAC7G,IAAI,WAAW,IAAI,MAAM,GAAG,IAAI,CAE/B;IAED;;;OAGG;IACI,aAAa,CAAC,GAAG,EAAE,gBAAgB,GAAG,aAAa,CAAC,WAAW,CAAC;YAsFzD,YAAY;YAcZ,gBAAgB;YA0GhB,iBAAiB;YA8FjB,aAAa;YAkBb,oBAAoB;YASpB,wBAAwB;IA4BtC,OAAO,CAAC,UAAU;IAIlB,OAAO,CAAC,eAAe;IA2BvB,OAAO,CAAC,iBAAiB;IA+BzB,OAAO,CAAC,yBAAyB;IAyBjC,OAAO,CAAC,QAAQ;YAwCD,gBAAgB;YA8EjB,iBAAiB;IAiG/B,OAAO,CAAC,iBAAiB;IAYzB;;;;;;;;;;;;;;;;;;;;OAoBG;WACU,OAAO,CAClB,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;CA2BlE"}
+{"version":3,"file":"docker.d.ts","sourceRoot":"","sources":["../../../src/engine/docker.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAMH,OAAO,MAAM,MAAM,WAAW,CAAC;AAG/B,OAAO,KAAK,EACV,gBAAgB,EAChB,eAAe,EACf,WAAW,EAEX,YAAY,EAIZ,WAAW,EACZ,MAAM,UAAU,CAAC;AAmTlB,2HAA2H;AAC3H,MAAM,WAAW,kBAAmB,SAAQ,YAAY;IACtD,oFAAoF;IACpF,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;;;;;;;;;;;;GAcG;AACH,qBAAa,WAAY,YAAW,WAAW;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAY;IACjC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAc;IACtC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAsB;IACrD,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAU;IACzC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;IACvC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAyB;IACjD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;IAC1C,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAS;IACxC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAY;IACtC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAiB;IAC1C,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAU;IAClC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAc;IAE3C,OAAO,CAAC,SAAS,CAAiC;IAClD,OAAO,CAAC,iBAAiB,CAA+B;IACxD,OAAO,CAAC,IAAI,CAA8B;IAE1C;;;OAGG;gBACS,OAAO,GAAE,kBAAuB,EAAE,aAAa,SAAK;IA6BhE;;;OAGG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAK5B,kFAAkF;IAC5E,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAuB3B;;;OAGG;IACG,OAAO,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAe9D;;OAEG;YACW,WAAW;IA6CzB;;OAEG;YACW,qBAAqB;IA8CnC;;;;;;;OAOG;IACG,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAYpE;;;;;;OAMG;IACG,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAmB5C,6GAA6G;IAC7G,IAAI,WAAW,IAAI,MAAM,GAAG,IAAI,CAE/B;IAED;;;OAGG;IACI,aAAa,CAAC,GAAG,EAAE,gBAAgB,GAAG,aAAa,CAAC,WAAW,CAAC;YAsFzD,YAAY;YAcZ,gBAAgB;YA0IhB,iBAAiB;YA0HjB,aAAa;YAkBb,oBAAoB;YASpB,wBAAwB;IA4BtC,OAAO,CAAC,UAAU;IAIlB,OAAO,CAAC,eAAe;IA2BvB,OAAO,CAAC,iBAAiB;IA+BzB,OAAO,CAAC,yBAAyB;IAyBjC,OAAO,CAAC,QAAQ;YAwCD,gBAAgB;YA8EjB,iBAAiB;IAiG/B,OAAO,CAAC,iBAAiB;IAYzB;;;;;;;;;;;;;;;;;;;;OAoBG;WACU,OAAO,CAClB,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;CA2BlE"}

package/dist/src/engine/image-builder.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"image-builder.d.ts","sourceRoot":"","sources":["../../../src/engine/image-builder.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,KAAK,MAAM,MAAM,WAAW,CAAC;AAEpC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AAmB5C,mDAAmD;AACnD,UAAU,aAAa;IACrB,6CAA6C;IAC7C,OAAO,EAAE,MAAM,CAAC;IAChB,4BAA4B;IAC5B,MAAM,EAAE,UAAU,GAAG,MAAM,GAAG,OAAO,CAAC;IACtC,+DAA+D;IAC/D,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,KAAK,gBAAgB,GAAG,CAAC,QAAQ,EAAE,aAAa,KAAK,IAAI,CAAC;AAE1D;;;;;;GAMG;AACH,wBAAsB,eAAe,CACnC,MAAM,EAAE,MAAM,EACd,UAAU,CAAC,EAAE,gBAAgB,GAC5B,OAAO,CAAC,IAAI,CAAC,CAmCf;AAED;;;;;;;GAOG;AACH,wBAAsB,iBAAiB,CACrC,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,WAAW,EACnB,UAAU,CAAC,EAAE,gBAAgB,GAC5B,OAAO,CAAC,IAAI,CAAC,CAkBf;AA4DD;;GAEG;AACH,wBAAsB,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAOrF;AAED;;GAEG;AACH,wBAAsB,YAAY,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,CAa/F"}
+{"version":3,"file":"image-builder.d.ts","sourceRoot":"","sources":["../../../src/engine/image-builder.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,KAAK,MAAM,MAAM,WAAW,CAAC;AAEpC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AAmB5C,mDAAmD;AACnD,UAAU,aAAa;IACrB,6CAA6C;IAC7C,OAAO,EAAE,MAAM,CAAC;IAChB,4BAA4B;IAC5B,MAAM,EAAE,UAAU,GAAG,MAAM,GAAG,OAAO,CAAC;IACtC,+DAA+D;IAC/D,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,KAAK,gBAAgB,GAAG,CAAC,QAAQ,EAAE,aAAa,KAAK,IAAI,CAAC;AAE1D;;;;;;GAMG;AACH,wBAAsB,eAAe,CACnC,MAAM,EAAE,MAAM,EACd,UAAU,CAAC,EAAE,gBAAgB,GAC5B,OAAO,CAAC,IAAI,CAAC,CAmCf;AAED;;;;;;;GAOG;AACH,wBAAsB,iBAAiB,CACrC,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,WAAW,EACnB,UAAU,CAAC,EAAE,gBAAgB,GAC5B,OAAO,CAAC,IAAI,CAAC,CAkBf;AAgED;;GAEG;AACH,wBAAsB,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAOrF;AAED;;GAEG;AACH,wBAAsB,YAAY,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,CAa/F"}

package/dist/src/engine/stats.d.ts

@@ -0,0 +1,35 @@
+/**
+ * @module engine/stats
+ *
+ * Resource usage statistics collection from Docker containers.
+ * Uses dockerode's container.stats() API to get CPU, memory, and network metrics.
+ */
+import type Docker from "dockerode";
+/**
+ * Resource usage metrics for a container execution.
+ */
+export interface ContainerResourceUsage {
+    /** CPU usage as percentage (0-100 * num_cores) */
+    cpuPercent: number;
+    /** Current memory usage in megabytes */
+    memoryMB: number;
+    /** Peak memory usage in megabytes (if tracked) */
+    peakMemoryMB?: number;
+    /** Bytes received during execution */
+    networkBytesIn: number;
+    /** Bytes sent during execution */
+    networkBytesOut: number;
+}
+/**
+ * Get resource usage snapshot for a container.
+ *
+ * @param container - Docker container instance
+ * @returns Resource usage metrics
+ */
+export declare function getContainerStats(container: Docker.Container): Promise<ContainerResourceUsage>;
+/**
+ * Calculate resource usage delta between two stat snapshots.
+ * Useful for getting per-execution metrics.
+ */
+export declare function calculateResourceDelta(before: ContainerResourceUsage, after: ContainerResourceUsage): ContainerResourceUsage;
+//# sourceMappingURL=stats.d.ts.map

package/dist/src/engine/stats.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"stats.d.ts","sourceRoot":"","sources":["../../../src/engine/stats.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,MAAM,MAAM,WAAW,CAAC;AAEpC;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,kDAAkD;IAClD,UAAU,EAAE,MAAM,CAAC;IACnB,wCAAwC;IACxC,QAAQ,EAAE,MAAM,CAAC;IACjB,kDAAkD;IAClD,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,sCAAsC;IACtC,cAAc,EAAE,MAAM,CAAC;IACvB,kCAAkC;IAClC,eAAe,EAAE,MAAM,CAAC;CACzB;AA+ED;;;;;GAKG;AACH,wBAAsB,iBAAiB,CACrC,SAAS,EAAE,MAAM,CAAC,SAAS,GAC1B,OAAO,CAAC,sBAAsB,CAAC,CAgBjC;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CACpC,MAAM,EAAE,sBAAsB,EAC9B,KAAK,EAAE,sBAAsB,GAC5B,sBAAsB,CAUxB"}

package/dist/src/engine/utils.d.ts

@@ -59,4 +59,13 @@ export declare function createTarBuffer(filePath: string, content: Buffer | stri
  * @throws {Error} If the file is not found in the archive.
  */
 export declare function extractFromTar(tarBuffer: Buffer, targetPath: string): Buffer;
+/**
+ * Validates a package name to prevent command injection.
+ * allow alphanumeric, dash, underscore, dot, @, / (for scoped packages), and = (for versions)
+ *
+ * @param name - The package name to validate.
+ * @returns The name if valid.
+ * @throws {Error} If the name contains invalid characters.
+ */
+export declare function validatePackageName(name: string): string;
 //# sourceMappingURL=utils.d.ts.map

package/dist/src/engine/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/engine/utils.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;;;;;;;;;;;GAYG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAiBtD;AAED;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAC5B,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,GACf;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,OAAO,CAAA;CAAE,CAetC;AAED;;;;;;;GAOG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,MAAM,CAQjF;AAED;;;;;;;;;GASG;AACH,wBAAgB,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,CA8ClF;AAED;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM,CAoC5E"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/engine/utils.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;;;;;;;;;;;GAYG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAiBtD;AAED;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAC5B,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,GACf;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,OAAO,CAAA;CAAE,CAetC;AAED;;;;;;;GAOG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,MAAM,CAQjF;AAED;;;;;;;;;GASG;AACH,wBAAgB,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,CA8ClF;AAED;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM,CAoC5E;AAED;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAQxD"}

package/dist/src/server/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/server/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAS5B,+CAA+C;AAC/C,MAAM,WAAW,aAAa;IAC5B,yBAAyB;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,wDAAwD;IACxD,MAAM,EAAE,MAAM,CAAC;IACf,2DAA2D;IAC3D,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAWD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE,aAAa;;;;GA+OxD"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/server/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAS5B,+CAA+C;AAC/C,MAAM,WAAW,aAAa;IAC5B,yBAAyB;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,wDAAwD;IACxD,MAAM,EAAE,MAAM,CAAC;IACf,2DAA2D;IAC3D,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAWD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE,aAAa;;;;GAgPxD"}