localant 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +290 -0
- package/SECURITY.md +87 -0
- package/examples/skills/hello-world/CHANGELOG.md +4 -0
- package/examples/skills/hello-world/LICENSE +1 -0
- package/examples/skills/hello-world/README.md +20 -0
- package/examples/skills/hello-world/examples/example.json +1 -0
- package/examples/skills/hello-world/package.json +9 -0
- package/examples/skills/hello-world/skill.json +32 -0
- package/examples/skills/hello-world/src/index.ts +19 -0
- package/examples/skills/hello-world/tests/index.test.ts +19 -0
- package/package.json +63 -0
- package/packages/cli/dist/bin.d.ts +3 -0
- package/packages/cli/dist/bin.d.ts.map +1 -0
- package/packages/cli/dist/bin.js +261 -0
- package/packages/cli/dist/bin.js.map +1 -0
- package/packages/cli/dist/doctor.d.ts +3 -0
- package/packages/cli/dist/doctor.d.ts.map +1 -0
- package/packages/cli/dist/doctor.js +35 -0
- package/packages/cli/dist/doctor.js.map +1 -0
- package/packages/cli/dist/index.d.ts +3 -0
- package/packages/cli/dist/index.d.ts.map +1 -0
- package/packages/cli/dist/index.js +3 -0
- package/packages/cli/dist/index.js.map +1 -0
- package/packages/cli/dist/runtime.d.ts +11 -0
- package/packages/cli/dist/runtime.d.ts.map +1 -0
- package/packages/cli/dist/runtime.js +82 -0
- package/packages/cli/dist/runtime.js.map +1 -0
- package/packages/cli/dist/util.d.ts +18 -0
- package/packages/cli/dist/util.d.ts.map +1 -0
- package/packages/cli/dist/util.js +47 -0
- package/packages/cli/dist/util.js.map +1 -0
- package/packages/cli/package.json +19 -0
- package/packages/dashboard/dist/index.d.ts +10 -0
- package/packages/dashboard/dist/index.d.ts.map +1 -0
- package/packages/dashboard/dist/index.js +178 -0
- package/packages/dashboard/dist/index.js.map +1 -0
- package/packages/dashboard/package.json +10 -0
- package/packages/gateway/dist/gateway.d.ts +85 -0
- package/packages/gateway/dist/gateway.d.ts.map +1 -0
- package/packages/gateway/dist/gateway.js +234 -0
- package/packages/gateway/dist/gateway.js.map +1 -0
- package/packages/gateway/dist/index.d.ts +13 -0
- package/packages/gateway/dist/index.d.ts.map +1 -0
- package/packages/gateway/dist/index.js +16 -0
- package/packages/gateway/dist/index.js.map +1 -0
- package/packages/gateway/dist/managers/coding-agent-manager.d.ts +71 -0
- package/packages/gateway/dist/managers/coding-agent-manager.d.ts.map +1 -0
- package/packages/gateway/dist/managers/coding-agent-manager.js +179 -0
- package/packages/gateway/dist/managers/coding-agent-manager.js.map +1 -0
- package/packages/gateway/dist/managers/fs-manager.d.ts +63 -0
- package/packages/gateway/dist/managers/fs-manager.d.ts.map +1 -0
- package/packages/gateway/dist/managers/fs-manager.js +229 -0
- package/packages/gateway/dist/managers/fs-manager.js.map +1 -0
- package/packages/gateway/dist/managers/git-manager.d.ts +21 -0
- package/packages/gateway/dist/managers/git-manager.d.ts.map +1 -0
- package/packages/gateway/dist/managers/git-manager.js +67 -0
- package/packages/gateway/dist/managers/git-manager.js.map +1 -0
- package/packages/gateway/dist/managers/mcp-bridge.d.ts +26 -0
- package/packages/gateway/dist/managers/mcp-bridge.d.ts.map +1 -0
- package/packages/gateway/dist/managers/mcp-bridge.js +92 -0
- package/packages/gateway/dist/managers/mcp-bridge.js.map +1 -0
- package/packages/gateway/dist/managers/project-registry.d.ts +17 -0
- package/packages/gateway/dist/managers/project-registry.d.ts.map +1 -0
- package/packages/gateway/dist/managers/project-registry.js +90 -0
- package/packages/gateway/dist/managers/project-registry.js.map +1 -0
- package/packages/gateway/dist/managers/shell-manager.d.ts +48 -0
- package/packages/gateway/dist/managers/shell-manager.d.ts.map +1 -0
- package/packages/gateway/dist/managers/shell-manager.js +132 -0
- package/packages/gateway/dist/managers/shell-manager.js.map +1 -0
- package/packages/gateway/dist/managers/skill-runtime.d.ts +37 -0
- package/packages/gateway/dist/managers/skill-runtime.d.ts.map +1 -0
- package/packages/gateway/dist/managers/skill-runtime.js +310 -0
- package/packages/gateway/dist/managers/skill-runtime.js.map +1 -0
- package/packages/gateway/dist/managers/tunnel-manager.d.ts +23 -0
- package/packages/gateway/dist/managers/tunnel-manager.d.ts.map +1 -0
- package/packages/gateway/dist/managers/tunnel-manager.js +106 -0
- package/packages/gateway/dist/managers/tunnel-manager.js.map +1 -0
- package/packages/gateway/dist/registry.d.ts +28 -0
- package/packages/gateway/dist/registry.d.ts.map +1 -0
- package/packages/gateway/dist/registry.js +20 -0
- package/packages/gateway/dist/registry.js.map +1 -0
- package/packages/gateway/dist/security/command-guard.d.ts +35 -0
- package/packages/gateway/dist/security/command-guard.d.ts.map +1 -0
- package/packages/gateway/dist/security/command-guard.js +105 -0
- package/packages/gateway/dist/security/command-guard.js.map +1 -0
- package/packages/gateway/dist/security/path-guard.d.ts +31 -0
- package/packages/gateway/dist/security/path-guard.d.ts.map +1 -0
- package/packages/gateway/dist/security/path-guard.js +101 -0
- package/packages/gateway/dist/security/path-guard.js.map +1 -0
- package/packages/gateway/dist/skill-runner.d.ts +2 -0
- package/packages/gateway/dist/skill-runner.d.ts.map +1 -0
- package/packages/gateway/dist/skill-runner.js +38 -0
- package/packages/gateway/dist/skill-runner.js.map +1 -0
- package/packages/gateway/dist/stores/approval-store.d.ts +34 -0
- package/packages/gateway/dist/stores/approval-store.d.ts.map +1 -0
- package/packages/gateway/dist/stores/approval-store.js +108 -0
- package/packages/gateway/dist/stores/approval-store.js.map +1 -0
- package/packages/gateway/dist/stores/audit-log.d.ts +23 -0
- package/packages/gateway/dist/stores/audit-log.d.ts.map +1 -0
- package/packages/gateway/dist/stores/audit-log.js +70 -0
- package/packages/gateway/dist/stores/audit-log.js.map +1 -0
- package/packages/gateway/dist/stores/config-store.d.ts +14 -0
- package/packages/gateway/dist/stores/config-store.d.ts.map +1 -0
- package/packages/gateway/dist/stores/config-store.js +57 -0
- package/packages/gateway/dist/stores/config-store.js.map +1 -0
- package/packages/gateway/dist/stores/secret-vault.d.ts +23 -0
- package/packages/gateway/dist/stores/secret-vault.d.ts.map +1 -0
- package/packages/gateway/dist/stores/secret-vault.js +74 -0
- package/packages/gateway/dist/stores/secret-vault.js.map +1 -0
- package/packages/gateway/dist/tools/adapters.d.ts +8 -0
- package/packages/gateway/dist/tools/adapters.d.ts.map +1 -0
- package/packages/gateway/dist/tools/adapters.js +178 -0
- package/packages/gateway/dist/tools/adapters.js.map +1 -0
- package/packages/gateway/dist/tools/adb.d.ts +3 -0
- package/packages/gateway/dist/tools/adb.d.ts.map +1 -0
- package/packages/gateway/dist/tools/adb.js +60 -0
- package/packages/gateway/dist/tools/adb.js.map +1 -0
- package/packages/gateway/dist/tools/article.d.ts +3 -0
- package/packages/gateway/dist/tools/article.d.ts.map +1 -0
- package/packages/gateway/dist/tools/article.js +230 -0
- package/packages/gateway/dist/tools/article.js.map +1 -0
- package/packages/gateway/dist/tools/audit-approval.d.ts +4 -0
- package/packages/gateway/dist/tools/audit-approval.d.ts.map +1 -0
- package/packages/gateway/dist/tools/audit-approval.js +64 -0
- package/packages/gateway/dist/tools/audit-approval.js.map +1 -0
- package/packages/gateway/dist/tools/browser.d.ts +3 -0
- package/packages/gateway/dist/tools/browser.d.ts.map +1 -0
- package/packages/gateway/dist/tools/browser.js +55 -0
- package/packages/gateway/dist/tools/browser.js.map +1 -0
- package/packages/gateway/dist/tools/coding-agent.d.ts +3 -0
- package/packages/gateway/dist/tools/coding-agent.d.ts.map +1 -0
- package/packages/gateway/dist/tools/coding-agent.js +103 -0
- package/packages/gateway/dist/tools/coding-agent.js.map +1 -0
- package/packages/gateway/dist/tools/filesystem.d.ts +3 -0
- package/packages/gateway/dist/tools/filesystem.d.ts.map +1 -0
- package/packages/gateway/dist/tools/filesystem.js +141 -0
- package/packages/gateway/dist/tools/filesystem.js.map +1 -0
- package/packages/gateway/dist/tools/git.d.ts +3 -0
- package/packages/gateway/dist/tools/git.d.ts.map +1 -0
- package/packages/gateway/dist/tools/git.js +92 -0
- package/packages/gateway/dist/tools/git.js.map +1 -0
- package/packages/gateway/dist/tools/index.d.ts +4 -0
- package/packages/gateway/dist/tools/index.d.ts.map +1 -0
- package/packages/gateway/dist/tools/index.js +29 -0
- package/packages/gateway/dist/tools/index.js.map +1 -0
- package/packages/gateway/dist/tools/project.d.ts +3 -0
- package/packages/gateway/dist/tools/project.d.ts.map +1 -0
- package/packages/gateway/dist/tools/project.js +86 -0
- package/packages/gateway/dist/tools/project.js.map +1 -0
- package/packages/gateway/dist/tools/shell.d.ts +3 -0
- package/packages/gateway/dist/tools/shell.d.ts.map +1 -0
- package/packages/gateway/dist/tools/shell.js +98 -0
- package/packages/gateway/dist/tools/shell.js.map +1 -0
- package/packages/gateway/dist/tools/skill.d.ts +3 -0
- package/packages/gateway/dist/tools/skill.d.ts.map +1 -0
- package/packages/gateway/dist/tools/skill.js +231 -0
- package/packages/gateway/dist/tools/skill.js.map +1 -0
- package/packages/gateway/dist/tools/system.d.ts +3 -0
- package/packages/gateway/dist/tools/system.d.ts.map +1 -0
- package/packages/gateway/dist/tools/system.js +78 -0
- package/packages/gateway/dist/tools/system.js.map +1 -0
- package/packages/gateway/dist/util/exec.d.ts +21 -0
- package/packages/gateway/dist/util/exec.d.ts.map +1 -0
- package/packages/gateway/dist/util/exec.js +50 -0
- package/packages/gateway/dist/util/exec.js.map +1 -0
- package/packages/gateway/package.json +18 -0
- package/packages/mcp/dist/http-server.d.ts +16 -0
- package/packages/mcp/dist/http-server.d.ts.map +1 -0
- package/packages/mcp/dist/http-server.js +138 -0
- package/packages/mcp/dist/http-server.js.map +1 -0
- package/packages/mcp/dist/index.d.ts +4 -0
- package/packages/mcp/dist/index.d.ts.map +1 -0
- package/packages/mcp/dist/index.js +3 -0
- package/packages/mcp/dist/index.js.map +1 -0
- package/packages/mcp/dist/mcp-server.d.ts +9 -0
- package/packages/mcp/dist/mcp-server.d.ts.map +1 -0
- package/packages/mcp/dist/mcp-server.js +26 -0
- package/packages/mcp/dist/mcp-server.js.map +1 -0
- package/packages/mcp/package.json +18 -0
- package/packages/shared/dist/config.d.ts +314 -0
- package/packages/shared/dist/config.d.ts.map +1 -0
- package/packages/shared/dist/config.js +146 -0
- package/packages/shared/dist/config.js.map +1 -0
- package/packages/shared/dist/index.d.ts +8 -0
- package/packages/shared/dist/index.d.ts.map +1 -0
- package/packages/shared/dist/index.js +8 -0
- package/packages/shared/dist/index.js.map +1 -0
- package/packages/shared/dist/logger.d.ts +8 -0
- package/packages/shared/dist/logger.d.ts.map +1 -0
- package/packages/shared/dist/logger.js +26 -0
- package/packages/shared/dist/logger.js.map +1 -0
- package/packages/shared/dist/net.d.ts +10 -0
- package/packages/shared/dist/net.d.ts.map +1 -0
- package/packages/shared/dist/net.js +35 -0
- package/packages/shared/dist/net.js.map +1 -0
- package/packages/shared/dist/paths.d.ts +30 -0
- package/packages/shared/dist/paths.d.ts.map +1 -0
- package/packages/shared/dist/paths.js +70 -0
- package/packages/shared/dist/paths.js.map +1 -0
- package/packages/shared/dist/redaction.d.ts +15 -0
- package/packages/shared/dist/redaction.d.ts.map +1 -0
- package/packages/shared/dist/redaction.js +58 -0
- package/packages/shared/dist/redaction.js.map +1 -0
- package/packages/shared/dist/risk.d.ts +23 -0
- package/packages/shared/dist/risk.d.ts.map +1 -0
- package/packages/shared/dist/risk.js +28 -0
- package/packages/shared/dist/risk.js.map +1 -0
- package/packages/shared/dist/types.d.ts +94 -0
- package/packages/shared/dist/types.d.ts.map +1 -0
- package/packages/shared/dist/types.js +2 -0
- package/packages/shared/dist/types.js.map +1 -0
- package/packages/shared/package.json +13 -0
- package/packages/skill-sdk/dist/index.d.ts +36 -0
- package/packages/skill-sdk/dist/index.d.ts.map +1 -0
- package/packages/skill-sdk/dist/index.js +20 -0
- package/packages/skill-sdk/dist/index.js.map +1 -0
- package/packages/skill-sdk/package.json +14 -0
|
@@ -0,0 +1,178 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Self-contained local dashboard. Returns a single HTML document that talks to
|
|
3
|
+
* the gateway's /api/* endpoints on the same origin. Local-only by default.
|
|
4
|
+
*
|
|
5
|
+
* (A full React/Vite/Tailwind build lives under a future `web/` workspace; this
|
|
6
|
+
* dependency-free version ships in v1.0 so the dashboard works with zero build
|
|
7
|
+
* steps and no CDN requirement.)
|
|
8
|
+
*/
|
|
9
|
+
export function dashboardHtml() {
|
|
10
|
+
return `<!doctype html>
|
|
11
|
+
<html lang="en">
|
|
12
|
+
<head>
|
|
13
|
+
<meta charset="utf-8" />
|
|
14
|
+
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
|
15
|
+
<title>LocalAnt — Dashboard</title>
|
|
16
|
+
<style>
|
|
17
|
+
:root { --bg:#0b0f17; --panel:#131a26; --panel2:#1b2433; --text:#e6edf3; --muted:#8b98a9; --accent:#4f8cff; --danger:#ff5f56; --ok:#3fb950; --warn:#d29922; --border:#243049; }
|
|
18
|
+
* { box-sizing:border-box; }
|
|
19
|
+
body { margin:0; font-family:ui-sans-serif,system-ui,-apple-system,Segoe UI,Roboto,sans-serif; background:var(--bg); color:var(--text); }
|
|
20
|
+
header { padding:16px 24px; border-bottom:1px solid var(--border); display:flex; align-items:center; gap:12px; }
|
|
21
|
+
header h1 { font-size:16px; margin:0; font-weight:600; }
|
|
22
|
+
.pill { font-size:11px; padding:2px 8px; border-radius:999px; background:var(--panel2); color:var(--muted); }
|
|
23
|
+
.layout { display:flex; min-height:calc(100vh - 53px); }
|
|
24
|
+
nav { width:190px; border-right:1px solid var(--border); padding:12px; }
|
|
25
|
+
nav button { display:block; width:100%; text-align:left; background:none; border:none; color:var(--muted); padding:9px 12px; border-radius:8px; cursor:pointer; font-size:14px; }
|
|
26
|
+
nav button.active, nav button:hover { background:var(--panel); color:var(--text); }
|
|
27
|
+
main { flex:1; padding:24px; overflow:auto; }
|
|
28
|
+
.card { background:var(--panel); border:1px solid var(--border); border-radius:12px; padding:16px; margin-bottom:16px; }
|
|
29
|
+
.card h2 { margin:0 0 12px; font-size:14px; }
|
|
30
|
+
.row { display:flex; gap:8px; align-items:center; flex-wrap:wrap; }
|
|
31
|
+
code, pre { font-family:ui-monospace,SFMono-Regular,Menlo,monospace; }
|
|
32
|
+
pre { background:var(--panel2); padding:12px; border-radius:8px; overflow:auto; font-size:12px; max-height:380px; }
|
|
33
|
+
button.btn { background:var(--accent); color:#fff; border:none; padding:8px 14px; border-radius:8px; cursor:pointer; font-size:13px; }
|
|
34
|
+
button.btn.ghost { background:var(--panel2); color:var(--text); }
|
|
35
|
+
button.btn.danger { background:var(--danger); }
|
|
36
|
+
button.btn.ok { background:var(--ok); }
|
|
37
|
+
table { width:100%; border-collapse:collapse; font-size:13px; }
|
|
38
|
+
th,td { text-align:left; padding:8px; border-bottom:1px solid var(--border); vertical-align:top; }
|
|
39
|
+
th { color:var(--muted); font-weight:500; }
|
|
40
|
+
input,textarea { background:var(--panel2); border:1px solid var(--border); color:var(--text); border-radius:8px; padding:8px; font-size:13px; }
|
|
41
|
+
.muted { color:var(--muted); }
|
|
42
|
+
.tag { font-size:11px; padding:2px 6px; border-radius:6px; background:var(--panel2); }
|
|
43
|
+
.risk0{color:var(--ok)} .risk1{color:#7fd} .risk2{color:var(--warn)} .risk3{color:#ff9} .risk4{color:var(--danger)}
|
|
44
|
+
.warnbox { background:rgba(210,153,34,.12); border:1px solid var(--warn); color:#f0d590; padding:10px 12px; border-radius:8px; font-size:13px; }
|
|
45
|
+
</style>
|
|
46
|
+
</head>
|
|
47
|
+
<body>
|
|
48
|
+
<header>
|
|
49
|
+
<h1>LocalAnt</h1>
|
|
50
|
+
<span class="pill" id="statusPill">connecting…</span>
|
|
51
|
+
<span class="pill" id="tunnelPill"></span>
|
|
52
|
+
</header>
|
|
53
|
+
<div class="layout">
|
|
54
|
+
<nav id="nav"></nav>
|
|
55
|
+
<main id="main"></main>
|
|
56
|
+
</div>
|
|
57
|
+
<script>
|
|
58
|
+
const TABS = ["Home","Security","Approvals","Audit","Skills","Projects","Secrets","Agents","Settings"];
|
|
59
|
+
let current = "Home";
|
|
60
|
+
const api = (p, opts) => fetch("/api/"+p, opts).then(r => r.json());
|
|
61
|
+
const el = (h) => { const d=document.createElement('div'); d.innerHTML=h; return d.firstElementChild; };
|
|
62
|
+
function riskClass(r){ return "risk"+r; }
|
|
63
|
+
function esc(s){ return String(s??"").replace(/[&<>]/g, c=>({"&":"&","<":"<",">":">"}[c])); }
|
|
64
|
+
|
|
65
|
+
function renderNav(){
|
|
66
|
+
const nav=document.getElementById('nav'); nav.innerHTML='';
|
|
67
|
+
for(const t of TABS){ const b=el('<button>'+t+'</button>'); if(t===current)b.className='active'; b.onclick=()=>{current=t;renderNav();render();}; nav.appendChild(b); }
|
|
68
|
+
}
|
|
69
|
+
|
|
70
|
+
async function render(){
|
|
71
|
+
const m=document.getElementById('main'); m.innerHTML='<p class="muted">Loading…</p>';
|
|
72
|
+
try { await VIEWS[current](m); } catch(e){ m.innerHTML='<div class="card">Error: '+esc(e.message)+'</div>'; }
|
|
73
|
+
}
|
|
74
|
+
|
|
75
|
+
const VIEWS = {
|
|
76
|
+
async Home(m){
|
|
77
|
+
const s=await api('status');
|
|
78
|
+
const mcp=await api('mcp-endpoint');
|
|
79
|
+
m.innerHTML='';
|
|
80
|
+
const endpoint = mcp.endpoint || '(tunnel not running — start it from the CLI)';
|
|
81
|
+
m.appendChild(el('<div class="card"><h2>Gateway</h2>'
|
|
82
|
+
+'<div class="row"><span class="tag">'+esc(s.platform)+'</span><span class="tag">node '+esc(s.node)+'</span><span class="tag">pid '+s.pid+'</span></div>'
|
|
83
|
+
+'<p class="muted">Started '+esc(s.startedAt)+'</p>'
|
|
84
|
+
+'<p>Gateway: <code>'+esc(s.gateway)+'</code></p>'
|
|
85
|
+
+'<p>Dashboard: <code>'+esc(s.dashboard||'')+'</code></p></div>'));
|
|
86
|
+
const card=el('<div class="card"><h2>ChatGPT MCP endpoint</h2>'
|
|
87
|
+
+'<pre id="ep">'+esc(endpoint)+'</pre>'
|
|
88
|
+
+'<div class="row"><button class="btn" id="copyEp">Copy</button></div>'
|
|
89
|
+
+'<ol class="muted"><li>ChatGPT → Settings → Apps & Connectors</li><li>Advanced settings → Developer Mode ON</li><li>Connectors → Create</li><li>Paste the URL above, name it LocalAnt</li><li>Ask ChatGPT: "Run health check on my local app"</li></ol></div>');
|
|
90
|
+
m.appendChild(card);
|
|
91
|
+
document.getElementById('copyEp').onclick=()=>navigator.clipboard.writeText(endpoint);
|
|
92
|
+
const hc=el('<div class="card"><h2>Health check</h2><button class="btn ghost" id="hcBtn">Run</button><pre id="hcOut" style="display:none"></pre></div>');
|
|
93
|
+
m.appendChild(hc);
|
|
94
|
+
document.getElementById('hcBtn').onclick=async()=>{ const o=document.getElementById('hcOut'); o.style.display='block'; o.textContent=JSON.stringify(await api('health'),null,2); };
|
|
95
|
+
},
|
|
96
|
+
async Security(m){
|
|
97
|
+
const c=await api('config');
|
|
98
|
+
m.innerHTML='';
|
|
99
|
+
const t=c.tunnel||{};
|
|
100
|
+
if(t.provider && t.provider!=='none'){ m.appendChild(el('<div class="warnbox">⚠️ A public tunnel exposes this gateway to the internet. Anyone with the URL + token can reach your tools. Keep the token secret and stop the tunnel when not in use.</div>')); }
|
|
101
|
+
m.appendChild(el('<div class="card"><h2>Allowed directories</h2><pre>'+esc(JSON.stringify(c.security.allowedDirectories,null,2))+'</pre></div>'));
|
|
102
|
+
m.appendChild(el('<div class="card"><h2>Allowed commands</h2><pre>'+esc(JSON.stringify(c.security.allowedCommands,null,2))+'</pre></div>'));
|
|
103
|
+
m.appendChild(el('<div class="card"><h2>Blocked command tokens</h2><pre>'+esc(JSON.stringify(c.security.blockedCommandTokens,null,2))+'</pre></div>'));
|
|
104
|
+
m.appendChild(el('<div class="card"><h2>Risk policy</h2><p class="muted">risk 0 read-only · 1 draft · 2 file-mod · 3 shell/agent · 4 destructive/publish</p><p>approveRisk1: <code>'+c.security.approveRisk1+'</code></p></div>'));
|
|
105
|
+
},
|
|
106
|
+
async Approvals(m){
|
|
107
|
+
const list=await api('approvals');
|
|
108
|
+
m.innerHTML='<div class="card"><h2>Pending approvals</h2><div id="ap"></div></div>';
|
|
109
|
+
const ap=document.getElementById('ap');
|
|
110
|
+
if(!list.length){ ap.innerHTML='<p class="muted">No pending approvals.</p>'; return; }
|
|
111
|
+
for(const a of list){
|
|
112
|
+
const d=el('<div class="card" style="background:var(--panel2)"><div class="row"><b>'+esc(a.tool)+'</b> <span class="tag '+riskClass(a.risk)+'">risk '+a.risk+'</span> <span class="tag">'+esc(a.requirement)+'</span></div>'
|
|
113
|
+
+'<p class="muted">'+esc(a.summary)+'</p><p class="muted">'+esc(a.reason)+'</p>'
|
|
114
|
+
+'<div class="row"><button class="btn ok">Approve once</button><button class="btn">Approve for session</button><button class="btn danger">Deny</button></div></div>');
|
|
115
|
+
const [once,sess,deny]=d.querySelectorAll('button');
|
|
116
|
+
once.onclick=async()=>{await api('approvals/'+a.id+'/approve',{method:'POST',headers:{'content-type':'application/json'},body:JSON.stringify({scope:'once'})});render();};
|
|
117
|
+
sess.onclick=async()=>{await api('approvals/'+a.id+'/approve',{method:'POST',headers:{'content-type':'application/json'},body:JSON.stringify({scope:'session'})});render();};
|
|
118
|
+
deny.onclick=async()=>{await api('approvals/'+a.id+'/deny',{method:'POST'});render();};
|
|
119
|
+
ap.appendChild(d);
|
|
120
|
+
}
|
|
121
|
+
},
|
|
122
|
+
async Audit(m){
|
|
123
|
+
const logs=await api('audit');
|
|
124
|
+
m.innerHTML='<div class="card"><h2>Audit log</h2><table><thead><tr><th>Time</th><th>Tool</th><th>Risk</th><th>Approval</th><th>ms</th><th>In</th></tr></thead><tbody id="lg"></tbody></table></div>';
|
|
125
|
+
const tb=document.getElementById('lg');
|
|
126
|
+
for(const e of logs){ tb.appendChild(el('<tr><td class="muted">'+esc(e.timestamp.replace("T"," ").slice(0,19))+'</td><td>'+esc(e.tool)+'</td><td class="'+riskClass(e.risk)+'">'+e.risk+'</td><td>'+esc(e.approval)+(e.error?' <span class="risk4">err</span>':'')+'</td><td>'+e.durationMs+'</td><td class="muted">'+esc(e.inputSummary).slice(0,80)+'</td></tr>')); }
|
|
127
|
+
},
|
|
128
|
+
async Skills(m){
|
|
129
|
+
const skills=await api('skills');
|
|
130
|
+
m.innerHTML='<div class="card"><h2>Skills</h2><table><thead><tr><th>Name</th><th>Ver</th><th>Risk</th><th>State</th><th>Tools</th><th></th></tr></thead><tbody id="sk"></tbody></table></div>';
|
|
131
|
+
const tb=document.getElementById('sk');
|
|
132
|
+
for(const s of skills){
|
|
133
|
+
const tr=el('<tr><td><b>'+esc(s.name)+'</b>'+(s.generated?' <span class="tag">generated</span>':'')+'<br><span class="muted">'+esc(s.description)+'</span></td><td>'+esc(s.version)+'</td><td class="'+riskClass(s.riskLevel)+'">'+s.riskLevel+'</td><td>'+(s.enabled?'<span class="risk0">enabled</span>':'<span class="muted">disabled</span>')+(s.valid?'':' <span class="risk4">invalid</span>')+'</td><td class="muted">'+esc((s.tools||[]).join(", "))+'</td><td></td></tr>');
|
|
134
|
+
const btn=el('<button class="btn ghost">'+(s.enabled?'Disable':'Enable')+'</button>');
|
|
135
|
+
btn.onclick=async()=>{await api('skills/'+s.name+'/'+(s.enabled?'disable':'enable'),{method:'POST'});render();};
|
|
136
|
+
tr.lastElementChild.appendChild(btn);
|
|
137
|
+
tb.appendChild(tr);
|
|
138
|
+
}
|
|
139
|
+
},
|
|
140
|
+
async Projects(m){
|
|
141
|
+
const ps=await api('projects');
|
|
142
|
+
m.innerHTML='<div class="card"><h2>Projects</h2><table><thead><tr><th>Name</th><th>Path</th><th>Stack</th></tr></thead><tbody id="pj"></tbody></table></div>';
|
|
143
|
+
const tb=document.getElementById('pj');
|
|
144
|
+
for(const p of ps){ tb.appendChild(el('<tr><td><b>'+esc(p.name)+'</b></td><td class="muted">'+esc(p.path)+'</td><td>'+esc((p.stack||[]).join(", "))+'</td></tr>')); }
|
|
145
|
+
if(!ps.length) tb.appendChild(el('<tr><td colspan=3 class="muted">No projects registered.</td></tr>'));
|
|
146
|
+
},
|
|
147
|
+
async Secrets(m){
|
|
148
|
+
const s=await api('secrets');
|
|
149
|
+
m.innerHTML='<div class="card"><h2>Secrets</h2><p class="muted">Names only — values are never displayed.</p><ul id="sl"></ul></div>';
|
|
150
|
+
const ul=document.getElementById('sl');
|
|
151
|
+
for(const n of s.names){ ul.appendChild(el('<li><code>'+esc(n)+'</code></li>')); }
|
|
152
|
+
if(!s.names.length) ul.appendChild(el('<li class="muted">No secrets stored.</li>'));
|
|
153
|
+
},
|
|
154
|
+
async Agents(m){
|
|
155
|
+
const a=await api('agents');
|
|
156
|
+
m.innerHTML='<div class="card"><h2>Coding agents</h2><table><thead><tr><th>Agent</th><th>Enabled</th><th>CLI available</th><th>Command</th></tr></thead><tbody id="ag"></tbody></table></div>';
|
|
157
|
+
const tb=document.getElementById('ag');
|
|
158
|
+
for(const x of a){ tb.appendChild(el('<tr><td><b>'+esc(x.agent)+'</b></td><td>'+(x.enabled?'yes':'no')+'</td><td>'+(x.available?'<span class="risk0">yes</span>':'<span class="muted">no</span>')+'</td><td class="muted"><code>'+esc(x.command)+'</code></td></tr>')); }
|
|
159
|
+
},
|
|
160
|
+
async Settings(m){
|
|
161
|
+
const c=await api('config');
|
|
162
|
+
m.innerHTML='<div class="card"><h2>Configuration</h2><pre>'+esc(JSON.stringify(c,null,2))+'</pre><p class="muted">Edit config via the CLI or update_config tool.</p></div>';
|
|
163
|
+
},
|
|
164
|
+
};
|
|
165
|
+
|
|
166
|
+
async function boot(){
|
|
167
|
+
renderNav();
|
|
168
|
+
try{ const s=await api('status'); document.getElementById('statusPill').textContent='● online'; document.getElementById('statusPill').style.color='var(--ok)';
|
|
169
|
+
const t=s.tunnel||{}; document.getElementById('tunnelPill').textContent = t.url? ('tunnel: '+t.provider) : 'tunnel: off'; }
|
|
170
|
+
catch{ document.getElementById('statusPill').textContent='● offline'; }
|
|
171
|
+
render();
|
|
172
|
+
}
|
|
173
|
+
boot();
|
|
174
|
+
</script>
|
|
175
|
+
</body>
|
|
176
|
+
</html>`;
|
|
177
|
+
}
|
|
178
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,MAAM,UAAU,aAAa;IAC3B,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QAsKD,CAAC;AACT,CAAC"}
|
|
@@ -0,0 +1,85 @@
|
|
|
1
|
+
import { type Config, type AppPaths } from "@localant/shared";
|
|
2
|
+
import { ConfigStore } from "./stores/config-store.js";
|
|
3
|
+
import { SecretVault } from "./stores/secret-vault.js";
|
|
4
|
+
import { AuditLog } from "./stores/audit-log.js";
|
|
5
|
+
import { ApprovalStore } from "./stores/approval-store.js";
|
|
6
|
+
import { PathGuard } from "./security/path-guard.js";
|
|
7
|
+
import { CommandGuard } from "./security/command-guard.js";
|
|
8
|
+
import { FsManager } from "./managers/fs-manager.js";
|
|
9
|
+
import { GitManager } from "./managers/git-manager.js";
|
|
10
|
+
import { ShellManager } from "./managers/shell-manager.js";
|
|
11
|
+
import { ProjectRegistry } from "./managers/project-registry.js";
|
|
12
|
+
import { SkillRuntime } from "./managers/skill-runtime.js";
|
|
13
|
+
import { CodingAgentManager } from "./managers/coding-agent-manager.js";
|
|
14
|
+
import { TunnelManager } from "./managers/tunnel-manager.js";
|
|
15
|
+
import { McpBridge } from "./managers/mcp-bridge.js";
|
|
16
|
+
import { ToolRegistry, type ToolCallContext } from "./registry.js";
|
|
17
|
+
export declare class ApprovalRequiredError extends Error {
|
|
18
|
+
readonly approvalId: string;
|
|
19
|
+
readonly requirement: "single" | "double";
|
|
20
|
+
constructor(message: string, approvalId: string, requirement: "single" | "double");
|
|
21
|
+
}
|
|
22
|
+
/** Result envelope returned to MCP for every tool call. */
|
|
23
|
+
export interface ToolResult {
|
|
24
|
+
ok: boolean;
|
|
25
|
+
data?: unknown;
|
|
26
|
+
approvalRequired?: {
|
|
27
|
+
approvalId: string;
|
|
28
|
+
risk: number;
|
|
29
|
+
requirement: string;
|
|
30
|
+
message: string;
|
|
31
|
+
};
|
|
32
|
+
error?: string;
|
|
33
|
+
}
|
|
34
|
+
/** Central object wiring stores, guards, managers and the tool registry. */
|
|
35
|
+
export declare class Gateway {
|
|
36
|
+
readonly configStore: ConfigStore;
|
|
37
|
+
readonly paths: AppPaths;
|
|
38
|
+
readonly vault: SecretVault;
|
|
39
|
+
readonly audit: AuditLog;
|
|
40
|
+
readonly approvals: ApprovalStore;
|
|
41
|
+
readonly pathGuard: PathGuard;
|
|
42
|
+
readonly commandGuard: CommandGuard;
|
|
43
|
+
readonly fs: FsManager;
|
|
44
|
+
readonly git: GitManager;
|
|
45
|
+
readonly shell: ShellManager;
|
|
46
|
+
readonly projects: ProjectRegistry;
|
|
47
|
+
readonly skills: SkillRuntime;
|
|
48
|
+
readonly agents: CodingAgentManager;
|
|
49
|
+
readonly tunnel: TunnelManager;
|
|
50
|
+
readonly bridge: McpBridge;
|
|
51
|
+
readonly registry: ToolRegistry;
|
|
52
|
+
private cfg;
|
|
53
|
+
readonly startedAt: string;
|
|
54
|
+
/** Ports the servers actually bound to (may differ from config if the
|
|
55
|
+
* preferred port was busy and we fell back to a free one). */
|
|
56
|
+
private boundGatewayPort?;
|
|
57
|
+
private boundDashboardPort?;
|
|
58
|
+
setBoundPorts(gatewayPort: number, dashboardPort?: number): void;
|
|
59
|
+
/** The gateway port in effect right now (bound port if started, else config). */
|
|
60
|
+
gatewayPort(): number;
|
|
61
|
+
constructor(base?: string);
|
|
62
|
+
config(): Config;
|
|
63
|
+
reloadConfig(): Config;
|
|
64
|
+
saveConfig(next: Config): Config;
|
|
65
|
+
private applyConfig;
|
|
66
|
+
/** Resolve only the named secrets (used by skill runtime after permission check). */
|
|
67
|
+
private resolveSecrets;
|
|
68
|
+
/**
|
|
69
|
+
* Execute a registered tool with the full safety pipeline:
|
|
70
|
+
* input validation → approval gate → execution → redaction → audit.
|
|
71
|
+
*/
|
|
72
|
+
executeTool(name: string, rawInput: unknown, ctx: ToolCallContext): Promise<ToolResult>;
|
|
73
|
+
private checkApproval;
|
|
74
|
+
runtimeInfo(): {
|
|
75
|
+
startedAt: string;
|
|
76
|
+
pid: number;
|
|
77
|
+
host: string;
|
|
78
|
+
platform: NodeJS.Platform;
|
|
79
|
+
node: string;
|
|
80
|
+
gateway: string;
|
|
81
|
+
dashboard: string | undefined;
|
|
82
|
+
tunnel: import("./managers/tunnel-manager.js").TunnelInfo;
|
|
83
|
+
};
|
|
84
|
+
}
|
|
85
|
+
//# sourceMappingURL=gateway.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"gateway.d.ts","sourceRoot":"","sources":["../src/gateway.ts"],"names":[],"mappings":"AACA,OAAO,EAKL,KAAK,MAAM,EACX,KAAK,QAAQ,EACd,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AACxE,OAAO,EAAE,aAAa,EAAE,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,KAAK,eAAe,EAAE,MAAM,eAAe,CAAC;AAInE,qBAAa,qBAAsB,SAAQ,KAAK;aAG5B,UAAU,EAAE,MAAM;aAClB,WAAW,EAAE,QAAQ,GAAG,QAAQ;gBAFhD,OAAO,EAAE,MAAM,EACC,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,QAAQ,GAAG,QAAQ;CAKnD;AAED,2DAA2D;AAC3D,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,OAAO,CAAC;IACZ,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,gBAAgB,CAAC,EAAE;QAAE,UAAU,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IAC9F,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,4EAA4E;AAC5E,qBAAa,OAAO;IAClB,QAAQ,CAAC,WAAW,EAAE,WAAW,CAAC;IAClC,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC;IACzB,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC;IACzB,QAAQ,CAAC,SAAS,EAAE,aAAa,CAAC;IAClC,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC;IAC9B,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IACpC,QAAQ,CAAC,EAAE,EAAE,SAAS,CAAC;IACvB,QAAQ,CAAC,GAAG,EAAE,UAAU,CAAC;IACzB,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC;IAC7B,QAAQ,CAAC,QAAQ,EAAE,eAAe,CAAC;IACnC,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC;IAC9B,QAAQ,CAAC,MAAM,EAAE,kBAAkB,CAAC;IACpC,QAAQ,CAAC,MAAM,EAAE,aAAa,CAAC;IAC/B,QAAQ,CAAC,MAAM,EAAE,SAAS,CAAC;IAC3B,QAAQ,CAAC,QAAQ,eAAsB;IAEvC,OAAO,CAAC,GAAG,CAAS;IACpB,QAAQ,CAAC,SAAS,SAA4B;IAE9C;kEAC8D;IAC9D,OAAO,CAAC,gBAAgB,CAAC,CAAS;IAClC,OAAO,CAAC,kBAAkB,CAAC,CAAS;IAEpC,aAAa,CAAC,WAAW,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI;IAKhE,iFAAiF;IACjF,WAAW,IAAI,MAAM;gBAIT,IAAI,CAAC,EAAE,MAAM;IAyBzB,MAAM,IAAI,MAAM;IAIhB,YAAY,IAAI,MAAM;IAMtB,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;IAMhC,OAAO,CAAC,WAAW;IAMnB,qFAAqF;IACrF,OAAO,CAAC,cAAc;IAStB;;;OAGG;IACG,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,EAAE,eAAe,GAAG,OAAO,CAAC,UAAU,CAAC;IAkE7F,OAAO,CAAC,aAAa;IAoCrB,WAAW;;;;;;;;;;CAaZ"}
|
|
@@ -0,0 +1,234 @@
|
|
|
1
|
+
import os from "node:os";
|
|
2
|
+
import { approvalFor, redactDeep, createLogger, RISK_LABELS, } from "@localant/shared";
|
|
3
|
+
import { ConfigStore } from "./stores/config-store.js";
|
|
4
|
+
import { SecretVault } from "./stores/secret-vault.js";
|
|
5
|
+
import { AuditLog } from "./stores/audit-log.js";
|
|
6
|
+
import { ApprovalStore } from "./stores/approval-store.js";
|
|
7
|
+
import { PathGuard } from "./security/path-guard.js";
|
|
8
|
+
import { CommandGuard } from "./security/command-guard.js";
|
|
9
|
+
import { FsManager } from "./managers/fs-manager.js";
|
|
10
|
+
import { GitManager } from "./managers/git-manager.js";
|
|
11
|
+
import { ShellManager } from "./managers/shell-manager.js";
|
|
12
|
+
import { ProjectRegistry } from "./managers/project-registry.js";
|
|
13
|
+
import { SkillRuntime } from "./managers/skill-runtime.js";
|
|
14
|
+
import { CodingAgentManager } from "./managers/coding-agent-manager.js";
|
|
15
|
+
import { TunnelManager } from "./managers/tunnel-manager.js";
|
|
16
|
+
import { McpBridge } from "./managers/mcp-bridge.js";
|
|
17
|
+
import { ToolRegistry } from "./registry.js";
|
|
18
|
+
const log = createLogger("gateway");
|
|
19
|
+
export class ApprovalRequiredError extends Error {
|
|
20
|
+
approvalId;
|
|
21
|
+
requirement;
|
|
22
|
+
constructor(message, approvalId, requirement) {
|
|
23
|
+
super(message);
|
|
24
|
+
this.approvalId = approvalId;
|
|
25
|
+
this.requirement = requirement;
|
|
26
|
+
this.name = "ApprovalRequiredError";
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
/** Central object wiring stores, guards, managers and the tool registry. */
|
|
30
|
+
export class Gateway {
|
|
31
|
+
configStore;
|
|
32
|
+
paths;
|
|
33
|
+
vault;
|
|
34
|
+
audit;
|
|
35
|
+
approvals;
|
|
36
|
+
pathGuard;
|
|
37
|
+
commandGuard;
|
|
38
|
+
fs;
|
|
39
|
+
git;
|
|
40
|
+
shell;
|
|
41
|
+
projects;
|
|
42
|
+
skills;
|
|
43
|
+
agents;
|
|
44
|
+
tunnel;
|
|
45
|
+
bridge;
|
|
46
|
+
registry = new ToolRegistry();
|
|
47
|
+
cfg;
|
|
48
|
+
startedAt = new Date().toISOString();
|
|
49
|
+
/** Ports the servers actually bound to (may differ from config if the
|
|
50
|
+
* preferred port was busy and we fell back to a free one). */
|
|
51
|
+
boundGatewayPort;
|
|
52
|
+
boundDashboardPort;
|
|
53
|
+
setBoundPorts(gatewayPort, dashboardPort) {
|
|
54
|
+
this.boundGatewayPort = gatewayPort;
|
|
55
|
+
this.boundDashboardPort = dashboardPort;
|
|
56
|
+
}
|
|
57
|
+
/** The gateway port in effect right now (bound port if started, else config). */
|
|
58
|
+
gatewayPort() {
|
|
59
|
+
return this.boundGatewayPort ?? this.cfg.gateway.port;
|
|
60
|
+
}
|
|
61
|
+
constructor(base) {
|
|
62
|
+
this.configStore = new ConfigStore(base);
|
|
63
|
+
this.configStore.ensureInitialized();
|
|
64
|
+
this.paths = this.configStore.paths;
|
|
65
|
+
this.cfg = this.configStore.load();
|
|
66
|
+
const token = this.configStore.getToken();
|
|
67
|
+
this.vault = new SecretVault(this.paths, token);
|
|
68
|
+
this.audit = new AuditLog(this.paths);
|
|
69
|
+
this.audit.setSecretsProvider(() => this.vault.allValues());
|
|
70
|
+
this.approvals = new ApprovalStore(this.paths);
|
|
71
|
+
this.pathGuard = new PathGuard(this.cfg.security.allowedDirectories);
|
|
72
|
+
this.commandGuard = new CommandGuard(this.cfg.security.allowedCommands, this.cfg.security.blockedCommandTokens);
|
|
73
|
+
this.fs = new FsManager(this.pathGuard, this.paths, () => this.cfg);
|
|
74
|
+
this.git = new GitManager(this.pathGuard);
|
|
75
|
+
this.shell = new ShellManager(this.commandGuard, this.pathGuard, () => this.cfg);
|
|
76
|
+
this.projects = new ProjectRegistry(this.paths, this.pathGuard);
|
|
77
|
+
this.skills = new SkillRuntime(this.paths, (names) => this.resolveSecrets(names));
|
|
78
|
+
this.agents = new CodingAgentManager(() => this.cfg, this.projects, this.git);
|
|
79
|
+
this.tunnel = new TunnelManager(() => this.cfg);
|
|
80
|
+
this.bridge = new McpBridge(() => this.cfg);
|
|
81
|
+
}
|
|
82
|
+
config() {
|
|
83
|
+
return this.cfg;
|
|
84
|
+
}
|
|
85
|
+
reloadConfig() {
|
|
86
|
+
this.cfg = this.configStore.load();
|
|
87
|
+
this.applyConfig();
|
|
88
|
+
return this.cfg;
|
|
89
|
+
}
|
|
90
|
+
saveConfig(next) {
|
|
91
|
+
this.cfg = this.configStore.save(next);
|
|
92
|
+
this.applyConfig();
|
|
93
|
+
return this.cfg;
|
|
94
|
+
}
|
|
95
|
+
applyConfig() {
|
|
96
|
+
this.pathGuard.setAllowedDirectories(this.cfg.security.allowedDirectories);
|
|
97
|
+
this.commandGuard.setAllowed(this.cfg.security.allowedCommands);
|
|
98
|
+
this.commandGuard.setBlocked(this.cfg.security.blockedCommandTokens);
|
|
99
|
+
}
|
|
100
|
+
/** Resolve only the named secrets (used by skill runtime after permission check). */
|
|
101
|
+
resolveSecrets(names) {
|
|
102
|
+
const out = {};
|
|
103
|
+
for (const name of names) {
|
|
104
|
+
const v = this.vault.get(name);
|
|
105
|
+
if (v !== undefined)
|
|
106
|
+
out[name] = v;
|
|
107
|
+
}
|
|
108
|
+
return out;
|
|
109
|
+
}
|
|
110
|
+
/**
|
|
111
|
+
* Execute a registered tool with the full safety pipeline:
|
|
112
|
+
* input validation → approval gate → execution → redaction → audit.
|
|
113
|
+
*/
|
|
114
|
+
async executeTool(name, rawInput, ctx) {
|
|
115
|
+
const tool = this.registry.get(name);
|
|
116
|
+
if (!tool)
|
|
117
|
+
return { ok: false, error: `Unknown tool: ${name}` };
|
|
118
|
+
const start = Date.now();
|
|
119
|
+
let input;
|
|
120
|
+
try {
|
|
121
|
+
input = tool.inputSchema.parse(rawInput ?? {});
|
|
122
|
+
}
|
|
123
|
+
catch (e) {
|
|
124
|
+
return { ok: false, error: `Invalid input for ${name}: ${describeError(e)}` };
|
|
125
|
+
}
|
|
126
|
+
const requirement = approvalFor(tool.risk, { approveRisk1: this.cfg.security.approveRisk1 });
|
|
127
|
+
if (requirement !== "none") {
|
|
128
|
+
const gate = this.checkApproval(name, tool.risk, requirement, ctx, summarize(tool, input));
|
|
129
|
+
if (!gate.allowed) {
|
|
130
|
+
this.audit.record({
|
|
131
|
+
tool: name,
|
|
132
|
+
caller: ctx.caller,
|
|
133
|
+
risk: tool.risk,
|
|
134
|
+
input,
|
|
135
|
+
output: { approvalRequired: gate.approvalId },
|
|
136
|
+
approval: "denied",
|
|
137
|
+
durationMs: Date.now() - start,
|
|
138
|
+
});
|
|
139
|
+
return {
|
|
140
|
+
ok: false,
|
|
141
|
+
approvalRequired: {
|
|
142
|
+
approvalId: gate.approvalId,
|
|
143
|
+
risk: tool.risk,
|
|
144
|
+
requirement,
|
|
145
|
+
message: gate.message,
|
|
146
|
+
},
|
|
147
|
+
};
|
|
148
|
+
}
|
|
149
|
+
}
|
|
150
|
+
try {
|
|
151
|
+
const result = await tool.handler(input, ctx);
|
|
152
|
+
const safe = redactDeep(result, this.vault.allValues());
|
|
153
|
+
this.audit.record({
|
|
154
|
+
tool: name,
|
|
155
|
+
caller: ctx.caller,
|
|
156
|
+
risk: tool.risk,
|
|
157
|
+
input,
|
|
158
|
+
output: safe,
|
|
159
|
+
approval: requirement === "none" ? "not-required" : "approved",
|
|
160
|
+
durationMs: Date.now() - start,
|
|
161
|
+
});
|
|
162
|
+
return { ok: true, data: safe };
|
|
163
|
+
}
|
|
164
|
+
catch (e) {
|
|
165
|
+
const msg = describeError(e);
|
|
166
|
+
this.audit.record({
|
|
167
|
+
tool: name,
|
|
168
|
+
caller: ctx.caller,
|
|
169
|
+
risk: tool.risk,
|
|
170
|
+
input,
|
|
171
|
+
output: null,
|
|
172
|
+
approval: requirement === "none" ? "not-required" : "approved",
|
|
173
|
+
durationMs: Date.now() - start,
|
|
174
|
+
error: msg,
|
|
175
|
+
});
|
|
176
|
+
return { ok: false, error: msg };
|
|
177
|
+
}
|
|
178
|
+
}
|
|
179
|
+
checkApproval(tool, risk, requirement, ctx, summary) {
|
|
180
|
+
if (this.approvals.hasSessionGrant(ctx.sessionId, tool)) {
|
|
181
|
+
return { allowed: true };
|
|
182
|
+
}
|
|
183
|
+
const approved = this.approvals.findApprovedForTool(tool);
|
|
184
|
+
if (approved) {
|
|
185
|
+
this.approvals.consume(approved.id);
|
|
186
|
+
log.info(`consumed approval ${approved.id} for ${tool}`);
|
|
187
|
+
return { allowed: true };
|
|
188
|
+
}
|
|
189
|
+
const req = this.approvals.create({
|
|
190
|
+
tool,
|
|
191
|
+
risk,
|
|
192
|
+
requirement,
|
|
193
|
+
reason: `Risk ${risk} (${RISK_LABELS[risk]}). Requires ${requirement} approval.`,
|
|
194
|
+
summary,
|
|
195
|
+
caller: ctx.caller,
|
|
196
|
+
sessionId: ctx.sessionId,
|
|
197
|
+
});
|
|
198
|
+
return {
|
|
199
|
+
allowed: false,
|
|
200
|
+
approvalId: req.id,
|
|
201
|
+
message: `Approval required (risk ${risk}, ${requirement}). ` +
|
|
202
|
+
`Ask the user to approve in the dashboard or run: ` +
|
|
203
|
+
`localant approvals approve ${req.id}. ` +
|
|
204
|
+
`Then call this tool again.`,
|
|
205
|
+
};
|
|
206
|
+
}
|
|
207
|
+
runtimeInfo() {
|
|
208
|
+
const dashPort = this.boundDashboardPort ?? this.cfg.dashboard.port;
|
|
209
|
+
return {
|
|
210
|
+
startedAt: this.startedAt,
|
|
211
|
+
pid: process.pid,
|
|
212
|
+
host: os.hostname(),
|
|
213
|
+
platform: process.platform,
|
|
214
|
+
node: process.version,
|
|
215
|
+
gateway: `http://${this.cfg.gateway.host}:${this.gatewayPort()}`,
|
|
216
|
+
dashboard: this.cfg.dashboard.enabled ? `http://127.0.0.1:${dashPort}` : undefined,
|
|
217
|
+
tunnel: this.tunnel.current(),
|
|
218
|
+
};
|
|
219
|
+
}
|
|
220
|
+
}
|
|
221
|
+
function summarize(tool, input) {
|
|
222
|
+
try {
|
|
223
|
+
return tool.summarize ? tool.summarize(input) : JSON.stringify(input).slice(0, 200);
|
|
224
|
+
}
|
|
225
|
+
catch {
|
|
226
|
+
return "(input)";
|
|
227
|
+
}
|
|
228
|
+
}
|
|
229
|
+
function describeError(e) {
|
|
230
|
+
if (e instanceof Error)
|
|
231
|
+
return e.message;
|
|
232
|
+
return String(e);
|
|
233
|
+
}
|
|
234
|
+
//# sourceMappingURL=gateway.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"gateway.js","sourceRoot":"","sources":["../src/gateway.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EACL,WAAW,EACX,UAAU,EACV,YAAY,EACZ,WAAW,GAGZ,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AACxE,OAAO,EAAE,aAAa,EAAE,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AACrD,OAAO,EAAE,YAAY,EAAwB,MAAM,eAAe,CAAC;AAEnE,MAAM,GAAG,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;AAEpC,MAAM,OAAO,qBAAsB,SAAQ,KAAK;IAG5B;IACA;IAHlB,YACE,OAAe,EACC,UAAkB,EAClB,WAAgC;QAEhD,KAAK,CAAC,OAAO,CAAC,CAAC;QAHC,eAAU,GAAV,UAAU,CAAQ;QAClB,gBAAW,GAAX,WAAW,CAAqB;QAGhD,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;IACtC,CAAC;CACF;AAUD,4EAA4E;AAC5E,MAAM,OAAO,OAAO;IACT,WAAW,CAAc;IACzB,KAAK,CAAW;IAChB,KAAK,CAAc;IACnB,KAAK,CAAW;IAChB,SAAS,CAAgB;IACzB,SAAS,CAAY;IACrB,YAAY,CAAe;IAC3B,EAAE,CAAY;IACd,GAAG,CAAa;IAChB,KAAK,CAAe;IACpB,QAAQ,CAAkB;IAC1B,MAAM,CAAe;IACrB,MAAM,CAAqB;IAC3B,MAAM,CAAgB;IACtB,MAAM,CAAY;IAClB,QAAQ,GAAG,IAAI,YAAY,EAAE,CAAC;IAE/B,GAAG,CAAS;IACX,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAE9C;kEAC8D;IACtD,gBAAgB,CAAU;IAC1B,kBAAkB,CAAU;IAEpC,aAAa,CAAC,WAAmB,EAAE,aAAsB;QACvD,IAAI,CAAC,gBAAgB,GAAG,WAAW,CAAC;QACpC,IAAI,CAAC,kBAAkB,GAAG,aAAa,CAAC;IAC1C,CAAC;IAED,iFAAiF;IACjF,WAAW;QACT,OAAO,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC;IACxD,CAAC;IAED,YAAY,IAAa;QACvB,IAAI,CAAC,WAAW,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC;QACzC,IAAI,CAAC,WAAW,CAAC,iBAAiB,EAAE,CAAC;QACrC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC;QACpC,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;QAE1C,IAAI,CAAC,KAAK,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAChD,IAAI,CAAC,KAAK,GAAG,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtC,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC,CAAC;QAC5D,IAAI,CAAC,SAAS,GAAG,IAAI,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAE/C,IAAI,CAAC,SAAS,GAAG,IAAI,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;QACrE,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,eAAe,EAAE,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;QAEhH,IAAI,CAAC,EAAE,GAAG,IAAI,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACpE,IAAI,CAAC,GAAG,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC1C,IAAI,CAAC,KAAK,GAAG,IAAI,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACjF,IAAI,CAAC,QAAQ,GAAG,IAAI,eAAe,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QAChE,IAAI,CAAC,MAAM,GAAG,IAAI,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC;QAClF,IAAI,CAAC,MAAM,GAAG,IAAI,kBAAkB,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;QAC9E,IAAI,CAAC,MAAM,GAAG,IAAI,aAAa,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAChD,IAAI,CAAC,MAAM,GAAG,IAAI,SAAS,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC9C,CAAC;IAED,MAAM;QACJ,OAAO,IAAI,CAAC,GAAG,CAAC;IAClB,CAAC;IAED,YAAY;QACV,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;QACnC,IAAI,CAAC,WAAW,EAAE,CAAC;QACnB,OAAO,IAAI,CAAC,GAAG,CAAC;IAClB,CAAC;IAED,UAAU,CAAC,IAAY;QACrB,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvC,IAAI,CAAC,WAAW,EAAE,CAAC;QACnB,OAAO,IAAI,CAAC,GAAG,CAAC;IAClB,CAAC;IAEO,WAAW;QACjB,IAAI,CAAC,SAAS,CAAC,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;QAC3E,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;QAChE,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IACvE,CAAC;IAED,qFAAqF;IAC7E,cAAc,CAAC,KAAe;QACpC,MAAM,GAAG,GAA2B,EAAE,CAAC;QACvC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC/B,IAAI,CAAC,KAAK,SAAS;gBAAE,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACrC,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,WAAW,CAAC,IAAY,EAAE,QAAiB,EAAE,GAAoB;QACrE,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACrC,IAAI,CAAC,IAAI;YAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,iBAAiB,IAAI,EAAE,EAAE,CAAC;QAEhE,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,IAAI,KAAc,CAAC;QACnB,IAAI,CAAC;YACH,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC;QACjD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,qBAAqB,IAAI,KAAK,aAAa,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;QAChF,CAAC;QAED,MAAM,WAAW,GAAG,WAAW,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,YAAY,EAAE,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC,CAAC;QAC7F,IAAI,WAAW,KAAK,MAAM,EAAE,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,WAAW,EAAE,GAAG,EAAE,SAAS,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC;YAC3F,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAClB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;oBAChB,IAAI,EAAE,IAAI;oBACV,MAAM,EAAE,GAAG,CAAC,MAAM;oBAClB,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,KAAK;oBACL,MAAM,EAAE,EAAE,gBAAgB,EAAE,IAAI,CAAC,UAAU,EAAE;oBAC7C,QAAQ,EAAE,QAAQ;oBAClB,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;iBAC/B,CAAC,CAAC;gBACH,OAAO;oBACL,EAAE,EAAE,KAAK;oBACT,gBAAgB,EAAE;wBAChB,UAAU,EAAE,IAAI,CAAC,UAAW;wBAC5B,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,WAAW;wBACX,OAAO,EAAE,IAAI,CAAC,OAAQ;qBACvB;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YAC9C,MAAM,IAAI,GAAG,UAAU,CAAC,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC,CAAC;YACxD,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;gBAChB,IAAI,EAAE,IAAI;gBACV,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,KAAK;gBACL,MAAM,EAAE,IAAI;gBACZ,QAAQ,EAAE,WAAW,KAAK,MAAM,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,UAAU;gBAC9D,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;aAC/B,CAAC,CAAC;YACH,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QAClC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;YAC7B,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;gBAChB,IAAI,EAAE,IAAI;gBACV,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,KAAK;gBACL,MAAM,EAAE,IAAI;gBACZ,QAAQ,EAAE,WAAW,KAAK,MAAM,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,UAAU;gBAC9D,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;gBAC9B,KAAK,EAAE,GAAG;aACX,CAAC,CAAC;YACH,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;QACnC,CAAC;IACH,CAAC;IAEO,aAAa,CACnB,IAAY,EACZ,IAAuB,EACvB,WAAgC,EAChC,GAAoB,EACpB,OAAe;QAEf,IAAI,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC;YACxD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;QAC1D,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;YACpC,GAAG,CAAC,IAAI,CAAC,qBAAqB,QAAQ,CAAC,EAAE,QAAQ,IAAI,EAAE,CAAC,CAAC;YACzD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QACD,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;YAChC,IAAI;YACJ,IAAI;YACJ,WAAW;YACX,MAAM,EAAE,QAAQ,IAAI,KAAK,WAAW,CAAC,IAAI,CAAC,eAAe,WAAW,YAAY;YAChF,OAAO;YACP,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,SAAS,EAAE,GAAG,CAAC,SAAS;SACzB,CAAC,CAAC;QACH,OAAO;YACL,OAAO,EAAE,KAAK;YACd,UAAU,EAAE,GAAG,CAAC,EAAE;YAClB,OAAO,EACL,2BAA2B,IAAI,KAAK,WAAW,KAAK;gBACpD,mDAAmD;gBACnD,8BAA8B,GAAG,CAAC,EAAE,IAAI;gBACxC,4BAA4B;SAC/B,CAAC;IACJ,CAAC;IAED,WAAW;QACT,MAAM,QAAQ,GAAG,IAAI,CAAC,kBAAkB,IAAI,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC;QACpE,OAAO;YACL,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,IAAI,EAAE,EAAE,CAAC,QAAQ,EAAE;YACnB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,IAAI,EAAE,OAAO,CAAC,OAAO;YACrB,OAAO,EAAE,UAAU,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE;YAChE,SAAS,EAAE,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,oBAAoB,QAAQ,EAAE,CAAC,CAAC,CAAC,SAAS;YAClF,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE;SAC9B,CAAC;IACJ,CAAC;CACF;AAED,SAAS,SAAS,CAAC,IAAwC,EAAE,KAAc;IACzE,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACtF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,CAAU;IAC/B,IAAI,CAAC,YAAY,KAAK;QAAE,OAAO,CAAC,CAAC,OAAO,CAAC;IACzC,OAAO,MAAM,CAAC,CAAC,CAAC,CAAC;AACnB,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
export { Gateway, ApprovalRequiredError } from "./gateway.js";
|
|
2
|
+
export type { ToolResult } from "./gateway.js";
|
|
3
|
+
export { ToolRegistry } from "./registry.js";
|
|
4
|
+
export type { ToolDefinition, ToolCallContext } from "./registry.js";
|
|
5
|
+
export { registerAllTools } from "./tools/index.js";
|
|
6
|
+
export { McpBridge } from "./managers/mcp-bridge.js";
|
|
7
|
+
export { PathGuard, PathAccessError } from "./security/path-guard.js";
|
|
8
|
+
export { CommandGuard, CommandRejectedError, parseCommand } from "./security/command-guard.js";
|
|
9
|
+
export { commandExists, execFileSafe } from "./util/exec.js";
|
|
10
|
+
import { Gateway } from "./gateway.js";
|
|
11
|
+
/** Convenience factory: construct a gateway and register all built-in tools. */
|
|
12
|
+
export declare function createGateway(base?: string): Gateway;
|
|
13
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAC9D,YAAY,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,YAAY,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AACrE,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AACrD,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AACtE,OAAO,EAAE,YAAY,EAAE,oBAAoB,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC/F,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE7D,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAGvC,gFAAgF;AAChF,wBAAgB,aAAa,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG,OAAO,CAIpD"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
export { Gateway, ApprovalRequiredError } from "./gateway.js";
|
|
2
|
+
export { ToolRegistry } from "./registry.js";
|
|
3
|
+
export { registerAllTools } from "./tools/index.js";
|
|
4
|
+
export { McpBridge } from "./managers/mcp-bridge.js";
|
|
5
|
+
export { PathGuard, PathAccessError } from "./security/path-guard.js";
|
|
6
|
+
export { CommandGuard, CommandRejectedError, parseCommand } from "./security/command-guard.js";
|
|
7
|
+
export { commandExists, execFileSafe } from "./util/exec.js";
|
|
8
|
+
import { Gateway } from "./gateway.js";
|
|
9
|
+
import { registerAllTools } from "./tools/index.js";
|
|
10
|
+
/** Convenience factory: construct a gateway and register all built-in tools. */
|
|
11
|
+
export function createGateway(base) {
|
|
12
|
+
const gw = new Gateway(base);
|
|
13
|
+
registerAllTools(gw);
|
|
14
|
+
return gw;
|
|
15
|
+
}
|
|
16
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAE9D,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAE7C,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AACrD,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AACtE,OAAO,EAAE,YAAY,EAAE,oBAAoB,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC/F,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE7D,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAEpD,gFAAgF;AAChF,MAAM,UAAU,aAAa,CAAC,IAAa;IACzC,MAAM,EAAE,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7B,gBAAgB,CAAC,EAAE,CAAC,CAAC;IACrB,OAAO,EAAE,CAAC;AACZ,CAAC"}
|