palaryn 0.1.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +243 -588
- package/dist/sdk/typescript/src/client.js +2 -2
- package/dist/sdk/typescript/src/client.js.map +1 -1
- package/dist/src/audit/logger.d.ts +10 -0
- package/dist/src/audit/logger.d.ts.map +1 -1
- package/dist/src/audit/logger.js +52 -38
- package/dist/src/audit/logger.js.map +1 -1
- package/dist/src/auth/routes.js.map +1 -1
- package/dist/src/budget/manager.d.ts +5 -0
- package/dist/src/budget/manager.d.ts.map +1 -1
- package/dist/src/budget/manager.js +32 -0
- package/dist/src/budget/manager.js.map +1 -1
- package/dist/src/budget/model-pricing.d.ts +20 -0
- package/dist/src/budget/model-pricing.d.ts.map +1 -0
- package/dist/src/budget/model-pricing.js +107 -0
- package/dist/src/budget/model-pricing.js.map +1 -0
- package/dist/src/budget/usage-extractor.d.ts +3 -1
- package/dist/src/budget/usage-extractor.d.ts.map +1 -1
- package/dist/src/budget/usage-extractor.js +47 -3
- package/dist/src/budget/usage-extractor.js.map +1 -1
- package/dist/src/config/defaults.d.ts.map +1 -1
- package/dist/src/config/defaults.js +65 -13
- package/dist/src/config/defaults.js.map +1 -1
- package/dist/src/dlp/tool-patterns.d.ts +7 -0
- package/dist/src/dlp/tool-patterns.d.ts.map +1 -0
- package/dist/src/dlp/tool-patterns.js +34 -0
- package/dist/src/dlp/tool-patterns.js.map +1 -0
- package/dist/src/executor/filesystem-executor.d.ts +28 -0
- package/dist/src/executor/filesystem-executor.d.ts.map +1 -0
- package/dist/src/executor/filesystem-executor.js +192 -0
- package/dist/src/executor/filesystem-executor.js.map +1 -0
- package/dist/src/executor/http-executor.d.ts.map +1 -1
- package/dist/src/executor/http-executor.js +4 -0
- package/dist/src/executor/http-executor.js.map +1 -1
- package/dist/src/executor/index.d.ts +4 -0
- package/dist/src/executor/index.d.ts.map +1 -1
- package/dist/src/executor/index.js +9 -1
- package/dist/src/executor/index.js.map +1 -1
- package/dist/src/executor/shell-executor.d.ts +22 -0
- package/dist/src/executor/shell-executor.d.ts.map +1 -0
- package/dist/src/executor/shell-executor.js +119 -0
- package/dist/src/executor/shell-executor.js.map +1 -0
- package/dist/src/executor/sql-executor.d.ts +29 -0
- package/dist/src/executor/sql-executor.d.ts.map +1 -0
- package/dist/src/executor/sql-executor.js +114 -0
- package/dist/src/executor/sql-executor.js.map +1 -0
- package/dist/src/executor/websocket-executor.d.ts +26 -0
- package/dist/src/executor/websocket-executor.d.ts.map +1 -0
- package/dist/src/executor/websocket-executor.js +205 -0
- package/dist/src/executor/websocket-executor.js.map +1 -0
- package/dist/src/interceptor/index.d.ts +2 -0
- package/dist/src/interceptor/index.d.ts.map +1 -0
- package/dist/src/interceptor/index.js +6 -0
- package/dist/src/interceptor/index.js.map +1 -0
- package/dist/src/interceptor/provider-interceptor.d.ts +36 -0
- package/dist/src/interceptor/provider-interceptor.d.ts.map +1 -0
- package/dist/src/interceptor/provider-interceptor.js +302 -0
- package/dist/src/interceptor/provider-interceptor.js.map +1 -0
- package/dist/src/mcp/auth-verifier.d.ts.map +1 -1
- package/dist/src/mcp/auth-verifier.js +3 -2
- package/dist/src/mcp/auth-verifier.js.map +1 -1
- package/dist/src/mcp/bridge.d.ts +14 -10
- package/dist/src/mcp/bridge.d.ts.map +1 -1
- package/dist/src/mcp/bridge.js +51 -227
- package/dist/src/mcp/bridge.js.map +1 -1
- package/dist/src/mcp/http-transport.d.ts.map +1 -1
- package/dist/src/mcp/http-transport.js +101 -65
- package/dist/src/mcp/http-transport.js.map +1 -1
- package/dist/src/mcp/tool-definitions.d.ts +41 -0
- package/dist/src/mcp/tool-definitions.d.ts.map +1 -0
- package/dist/src/mcp/tool-definitions.js +491 -0
- package/dist/src/mcp/tool-definitions.js.map +1 -0
- package/dist/src/middleware/auth.js.map +1 -1
- package/dist/src/middleware/session.js.map +1 -1
- package/dist/src/middleware/validate.d.ts +8 -0
- package/dist/src/middleware/validate.d.ts.map +1 -1
- package/dist/src/middleware/validate.js +45 -0
- package/dist/src/middleware/validate.js.map +1 -1
- package/dist/src/policy/engine.d.ts +4 -0
- package/dist/src/policy/engine.d.ts.map +1 -1
- package/dist/src/policy/engine.js +117 -0
- package/dist/src/policy/engine.js.map +1 -1
- package/dist/src/saas/routes.d.ts.map +1 -1
- package/dist/src/saas/routes.js +327 -10
- package/dist/src/saas/routes.js.map +1 -1
- package/dist/src/server/app.d.ts.map +1 -1
- package/dist/src/server/app.js +19 -2
- package/dist/src/server/app.js.map +1 -1
- package/dist/src/server/gateway.d.ts.map +1 -1
- package/dist/src/server/gateway.js +17 -0
- package/dist/src/server/gateway.js.map +1 -1
- package/dist/src/server/index.d.ts.map +1 -1
- package/dist/src/server/index.js +18 -0
- package/dist/src/server/index.js.map +1 -1
- package/dist/src/storage/interfaces.d.ts +14 -3
- package/dist/src/storage/interfaces.d.ts.map +1 -1
- package/dist/src/storage/memory.d.ts +2 -0
- package/dist/src/storage/memory.d.ts.map +1 -1
- package/dist/src/storage/memory.js +6 -0
- package/dist/src/storage/memory.js.map +1 -1
- package/dist/src/storage/postgres.d.ts +5 -0
- package/dist/src/storage/postgres.d.ts.map +1 -1
- package/dist/src/storage/postgres.js +16 -0
- package/dist/src/storage/postgres.js.map +1 -1
- package/dist/src/storage/redis.d.ts +10 -0
- package/dist/src/storage/redis.d.ts.map +1 -1
- package/dist/src/storage/redis.js +65 -0
- package/dist/src/storage/redis.js.map +1 -1
- package/dist/src/types/budget.d.ts +4 -0
- package/dist/src/types/budget.d.ts.map +1 -1
- package/dist/src/types/config.d.ts +58 -0
- package/dist/src/types/config.d.ts.map +1 -1
- package/dist/src/types/events.d.ts +1 -0
- package/dist/src/types/events.d.ts.map +1 -1
- package/dist/src/types/policy.d.ts +11 -1
- package/dist/src/types/policy.d.ts.map +1 -1
- package/dist/src/types/tool-result.d.ts +11 -0
- package/dist/src/types/tool-result.d.ts.map +1 -1
- package/dist/tests/unit/app-routes.test.d.ts +2 -0
- package/dist/tests/unit/app-routes.test.d.ts.map +1 -0
- package/dist/tests/unit/app-routes.test.js +715 -0
- package/dist/tests/unit/app-routes.test.js.map +1 -0
- package/dist/tests/unit/audit-logger.test.js +105 -0
- package/dist/tests/unit/audit-logger.test.js.map +1 -1
- package/dist/tests/unit/auth-providers.test.d.ts +2 -0
- package/dist/tests/unit/auth-providers.test.d.ts.map +1 -0
- package/dist/tests/unit/auth-providers.test.js +279 -0
- package/dist/tests/unit/auth-providers.test.js.map +1 -0
- package/dist/tests/unit/auth-routes-extended.test.d.ts +2 -0
- package/dist/tests/unit/auth-routes-extended.test.d.ts.map +1 -0
- package/dist/tests/unit/auth-routes-extended.test.js +993 -0
- package/dist/tests/unit/auth-routes-extended.test.js.map +1 -0
- package/dist/tests/unit/auth-verifier.test.d.ts +2 -0
- package/dist/tests/unit/auth-verifier.test.d.ts.map +1 -0
- package/dist/tests/unit/auth-verifier.test.js +505 -0
- package/dist/tests/unit/auth-verifier.test.js.map +1 -0
- package/dist/tests/unit/billing-routes.test.d.ts +2 -0
- package/dist/tests/unit/billing-routes.test.d.ts.map +1 -0
- package/dist/tests/unit/billing-routes.test.js +432 -0
- package/dist/tests/unit/billing-routes.test.js.map +1 -0
- package/dist/tests/unit/config-defaults.test.d.ts +2 -0
- package/dist/tests/unit/config-defaults.test.d.ts.map +1 -0
- package/dist/tests/unit/config-defaults.test.js +119 -0
- package/dist/tests/unit/config-defaults.test.js.map +1 -0
- package/dist/tests/unit/defaults.test.js +0 -10
- package/dist/tests/unit/defaults.test.js.map +1 -1
- package/dist/tests/unit/filesystem-executor.test.d.ts +2 -0
- package/dist/tests/unit/filesystem-executor.test.d.ts.map +1 -0
- package/dist/tests/unit/filesystem-executor.test.js +280 -0
- package/dist/tests/unit/filesystem-executor.test.js.map +1 -0
- package/dist/tests/unit/gateway-branches.test.d.ts +2 -0
- package/dist/tests/unit/gateway-branches.test.d.ts.map +1 -0
- package/dist/tests/unit/gateway-branches.test.js +1039 -0
- package/dist/tests/unit/gateway-branches.test.js.map +1 -0
- package/dist/tests/unit/http-executor-branches.test.d.ts +2 -0
- package/dist/tests/unit/http-executor-branches.test.d.ts.map +1 -0
- package/dist/tests/unit/http-executor-branches.test.js +495 -0
- package/dist/tests/unit/http-executor-branches.test.js.map +1 -0
- package/dist/tests/unit/logger.test.d.ts +2 -0
- package/dist/tests/unit/logger.test.d.ts.map +1 -0
- package/dist/tests/unit/logger.test.js +97 -0
- package/dist/tests/unit/logger.test.js.map +1 -0
- package/dist/tests/unit/metrics.test.js +102 -0
- package/dist/tests/unit/metrics.test.js.map +1 -1
- package/dist/tests/unit/model-pricing.test.d.ts +2 -0
- package/dist/tests/unit/model-pricing.test.d.ts.map +1 -0
- package/dist/tests/unit/model-pricing.test.js +87 -0
- package/dist/tests/unit/model-pricing.test.js.map +1 -0
- package/dist/tests/unit/oauth-stores.test.d.ts +2 -0
- package/dist/tests/unit/oauth-stores.test.d.ts.map +1 -0
- package/dist/tests/unit/oauth-stores.test.js +260 -0
- package/dist/tests/unit/oauth-stores.test.js.map +1 -0
- package/dist/tests/unit/policy-engine.test.js +466 -0
- package/dist/tests/unit/policy-engine.test.js.map +1 -1
- package/dist/tests/unit/provider-interceptor.test.d.ts +2 -0
- package/dist/tests/unit/provider-interceptor.test.d.ts.map +1 -0
- package/dist/tests/unit/provider-interceptor.test.js +472 -0
- package/dist/tests/unit/provider-interceptor.test.js.map +1 -0
- package/dist/tests/unit/saas-routes-branches.test.d.ts +2 -0
- package/dist/tests/unit/saas-routes-branches.test.d.ts.map +1 -0
- package/dist/tests/unit/saas-routes-branches.test.js +2040 -0
- package/dist/tests/unit/saas-routes-branches.test.js.map +1 -0
- package/dist/tests/unit/saas-routes-crud.test.d.ts +2 -0
- package/dist/tests/unit/saas-routes-crud.test.d.ts.map +1 -0
- package/dist/tests/unit/saas-routes-crud.test.js +332 -0
- package/dist/tests/unit/saas-routes-crud.test.js.map +1 -0
- package/dist/tests/unit/saas-routes-data.test.d.ts +2 -0
- package/dist/tests/unit/saas-routes-data.test.d.ts.map +1 -0
- package/dist/tests/unit/saas-routes-data.test.js +405 -0
- package/dist/tests/unit/saas-routes-data.test.js.map +1 -0
- package/dist/tests/unit/saas-routes.test.js +3 -3
- package/dist/tests/unit/saas-routes.test.js.map +1 -1
- package/dist/tests/unit/shell-executor.test.d.ts +2 -0
- package/dist/tests/unit/shell-executor.test.d.ts.map +1 -0
- package/dist/tests/unit/shell-executor.test.js +145 -0
- package/dist/tests/unit/shell-executor.test.js.map +1 -0
- package/dist/tests/unit/sql-executor.test.d.ts +2 -0
- package/dist/tests/unit/sql-executor.test.d.ts.map +1 -0
- package/dist/tests/unit/sql-executor.test.js +177 -0
- package/dist/tests/unit/sql-executor.test.js.map +1 -0
- package/dist/tests/unit/stream-proxy.test.d.ts +2 -0
- package/dist/tests/unit/stream-proxy.test.d.ts.map +1 -0
- package/dist/tests/unit/stream-proxy.test.js +147 -0
- package/dist/tests/unit/stream-proxy.test.js.map +1 -0
- package/dist/tests/unit/tool-definitions.test.d.ts +2 -0
- package/dist/tests/unit/tool-definitions.test.d.ts.map +1 -0
- package/dist/tests/unit/tool-definitions.test.js +184 -0
- package/dist/tests/unit/tool-definitions.test.js.map +1 -0
- package/dist/tests/unit/usage-extractor.test.js +140 -0
- package/dist/tests/unit/usage-extractor.test.js.map +1 -1
- package/dist/tests/unit/webhook-handler.test.d.ts +2 -0
- package/dist/tests/unit/webhook-handler.test.d.ts.map +1 -0
- package/dist/tests/unit/webhook-handler.test.js +453 -0
- package/dist/tests/unit/webhook-handler.test.js.map +1 -0
- package/dist/tests/unit/webhook-routes.test.d.ts +2 -0
- package/dist/tests/unit/webhook-routes.test.d.ts.map +1 -0
- package/dist/tests/unit/webhook-routes.test.js +69 -0
- package/dist/tests/unit/webhook-routes.test.js.map +1 -0
- package/dist/tests/unit/websocket-executor.test.d.ts +2 -0
- package/dist/tests/unit/websocket-executor.test.d.ts.map +1 -0
- package/dist/tests/unit/websocket-executor.test.js +121 -0
- package/dist/tests/unit/websocket-executor.test.js.map +1 -0
- package/package.json +8 -2
- package/policy-packs/demo_fail.yaml +41 -0
- package/policy-packs/full_tools.yaml +136 -0
- package/src/admin/index.ts +1 -0
- package/src/admin/routes.ts +509 -0
- package/src/admin/templates.ts +572 -0
- package/src/anomaly/detector.ts +717 -0
- package/src/anomaly/index.ts +1 -0
- package/src/approval/manager.ts +569 -0
- package/src/approval/webhook.ts +133 -0
- package/src/audit/logger.ts +490 -0
- package/src/auth/index.ts +5 -0
- package/src/auth/password.ts +21 -0
- package/src/auth/pkce.ts +22 -0
- package/src/auth/providers.ts +208 -0
- package/src/auth/routes.ts +521 -0
- package/src/auth/session.ts +84 -0
- package/src/billing/index.ts +6 -0
- package/src/billing/plan-enforcer.ts +135 -0
- package/src/billing/routes.ts +229 -0
- package/src/billing/stripe-client.ts +58 -0
- package/src/billing/webhook-handler.ts +182 -0
- package/src/billing/webhook-routes.ts +28 -0
- package/src/budget/manager.ts +679 -0
- package/src/budget/model-pricing.ts +119 -0
- package/src/budget/usage-extractor.ts +214 -0
- package/src/cli.ts +91 -0
- package/src/config/defaults.ts +261 -0
- package/src/config/validate.ts +88 -0
- package/src/dlp/composite-scanner.ts +213 -0
- package/src/dlp/index.ts +9 -0
- package/src/dlp/interfaces.ts +34 -0
- package/src/dlp/patterns.ts +30 -0
- package/src/dlp/prompt-injection-backend.ts +181 -0
- package/src/dlp/prompt-injection-patterns.ts +302 -0
- package/src/dlp/regex-backend.ts +181 -0
- package/src/dlp/scanner.ts +502 -0
- package/src/dlp/text-normalizer.ts +225 -0
- package/src/dlp/tool-patterns.ts +35 -0
- package/src/dlp/trufflehog-backend.ts +190 -0
- package/src/executor/filesystem-executor.ts +196 -0
- package/src/executor/http-executor.ts +330 -0
- package/src/executor/index.ts +9 -0
- package/src/executor/interfaces.ts +11 -0
- package/src/executor/noop-executor.ts +23 -0
- package/src/executor/registry.ts +64 -0
- package/src/executor/shell-executor.ts +148 -0
- package/src/executor/slack-executor.ts +176 -0
- package/src/executor/sql-executor.ts +146 -0
- package/src/executor/websocket-executor.ts +211 -0
- package/src/index.ts +24 -0
- package/src/interceptor/index.ts +1 -0
- package/src/interceptor/provider-interceptor.ts +315 -0
- package/src/mcp/auth-verifier.ts +152 -0
- package/src/mcp/bridge.ts +703 -0
- package/src/mcp/http-transport.ts +672 -0
- package/src/mcp/index.ts +9 -0
- package/src/mcp/oauth-pages.ts +139 -0
- package/src/mcp/oauth-postgres-stores.ts +278 -0
- package/src/mcp/oauth-provider.ts +536 -0
- package/src/mcp/oauth-stores.ts +202 -0
- package/src/mcp/server.ts +55 -0
- package/src/mcp/tool-definitions.ts +562 -0
- package/src/metrics/collector.ts +357 -0
- package/src/metrics/index.ts +1 -0
- package/src/middleware/auth.ts +814 -0
- package/src/middleware/session.ts +85 -0
- package/src/middleware/validate.ts +130 -0
- package/src/policy/engine.ts +815 -0
- package/src/policy/index.ts +2 -0
- package/src/policy/opa-engine.ts +829 -0
- package/src/proxy/forward-proxy.ts +649 -0
- package/src/proxy/index.ts +1 -0
- package/src/ratelimit/limiter.ts +196 -0
- package/src/replay/engine.ts +142 -0
- package/src/replay/index.ts +1 -0
- package/src/saas/index.ts +1 -0
- package/src/saas/routes.ts +2161 -0
- package/src/server/app.ts +981 -0
- package/src/server/errors.ts +49 -0
- package/src/server/gateway.ts +1130 -0
- package/src/server/index.ts +307 -0
- package/src/server/logger.ts +255 -0
- package/src/server/stream-proxy.ts +202 -0
- package/src/storage/file-persistence.ts +315 -0
- package/src/storage/index.ts +4 -0
- package/src/storage/interfaces.ts +287 -0
- package/src/storage/memory.ts +686 -0
- package/src/storage/postgres.ts +1831 -0
- package/src/storage/redis.ts +835 -0
- package/src/tracing/index.ts +1 -0
- package/src/tracing/provider.ts +100 -0
- package/src/trust/calculator.ts +141 -0
- package/src/trust/index.ts +7 -0
- package/src/types/budget.ts +36 -0
- package/src/types/config.ts +278 -0
- package/src/types/events.ts +41 -0
- package/src/types/express.d.ts +14 -0
- package/src/types/index.ts +7 -0
- package/src/types/policy.ts +83 -0
- package/src/types/stripe-config.ts +11 -0
- package/src/types/subscription.ts +59 -0
- package/src/types/tool-call.ts +47 -0
- package/src/types/tool-result.ts +82 -0
- package/src/types/user.ts +125 -0
- package/tsconfig.json +24 -0
|
@@ -0,0 +1,107 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.MODEL_PRICING = void 0;
|
|
4
|
+
exports.resolveModelPricing = resolveModelPricing;
|
|
5
|
+
/**
|
|
6
|
+
* Built-in model pricing database.
|
|
7
|
+
* Prices are per TOKEN (not per million). Updated March 2026.
|
|
8
|
+
*
|
|
9
|
+
* Fallback chain: workspace config → built-in pricing → undefined (falls to DEFAULT_COST_TABLE).
|
|
10
|
+
*/
|
|
11
|
+
exports.MODEL_PRICING = {
|
|
12
|
+
// ── Anthropic ──────────────────────────────────────────────
|
|
13
|
+
'claude-opus-4-6': { input_per_token: 15 / 1e6, output_per_token: 75 / 1e6 },
|
|
14
|
+
'claude-sonnet-4-6': { input_per_token: 3 / 1e6, output_per_token: 15 / 1e6 },
|
|
15
|
+
'claude-haiku-4-5': { input_per_token: 1 / 1e6, output_per_token: 5 / 1e6 },
|
|
16
|
+
'claude-sonnet-4-5': { input_per_token: 3 / 1e6, output_per_token: 15 / 1e6 },
|
|
17
|
+
'claude-3-5-sonnet-20241022': { input_per_token: 3 / 1e6, output_per_token: 15 / 1e6 },
|
|
18
|
+
'claude-3-5-haiku-20241022': { input_per_token: 1 / 1e6, output_per_token: 5 / 1e6 },
|
|
19
|
+
'claude-3-opus-20240229': { input_per_token: 15 / 1e6, output_per_token: 75 / 1e6 },
|
|
20
|
+
'claude-3-sonnet-20240229': { input_per_token: 3 / 1e6, output_per_token: 15 / 1e6 },
|
|
21
|
+
'claude-3-haiku-20240307': { input_per_token: 0.25 / 1e6, output_per_token: 1.25 / 1e6 },
|
|
22
|
+
// ── OpenAI ─────────────────────────────────────────────────
|
|
23
|
+
'gpt-4.1': { input_per_token: 2 / 1e6, output_per_token: 8 / 1e6 },
|
|
24
|
+
'gpt-4.1-mini': { input_per_token: 0.4 / 1e6, output_per_token: 1.6 / 1e6 },
|
|
25
|
+
'gpt-4.1-nano': { input_per_token: 0.1 / 1e6, output_per_token: 0.4 / 1e6 },
|
|
26
|
+
'gpt-4o': { input_per_token: 2.5 / 1e6, output_per_token: 10 / 1e6 },
|
|
27
|
+
'gpt-4o-mini': { input_per_token: 0.15 / 1e6, output_per_token: 0.6 / 1e6 },
|
|
28
|
+
'gpt-4-turbo': { input_per_token: 10 / 1e6, output_per_token: 30 / 1e6 },
|
|
29
|
+
'o3': { input_per_token: 2 / 1e6, output_per_token: 8 / 1e6 },
|
|
30
|
+
'o3-mini': { input_per_token: 1.1 / 1e6, output_per_token: 4.4 / 1e6 },
|
|
31
|
+
'o1': { input_per_token: 15 / 1e6, output_per_token: 60 / 1e6 },
|
|
32
|
+
'o1-mini': { input_per_token: 3 / 1e6, output_per_token: 12 / 1e6 },
|
|
33
|
+
// ── Google ─────────────────────────────────────────────────
|
|
34
|
+
'gemini-2.5-pro': { input_per_token: 1.25 / 1e6, output_per_token: 10 / 1e6 },
|
|
35
|
+
'gemini-2.5-flash': { input_per_token: 0.15 / 1e6, output_per_token: 0.6 / 1e6 },
|
|
36
|
+
'gemini-2.0-flash': { input_per_token: 0.1 / 1e6, output_per_token: 0.4 / 1e6 },
|
|
37
|
+
'gemini-1.5-pro': { input_per_token: 1.25 / 1e6, output_per_token: 5 / 1e6 },
|
|
38
|
+
'gemini-1.5-flash': { input_per_token: 0.075 / 1e6, output_per_token: 0.3 / 1e6 },
|
|
39
|
+
// ── Mistral ────────────────────────────────────────────────
|
|
40
|
+
'mistral-large-latest': { input_per_token: 2 / 1e6, output_per_token: 6 / 1e6 },
|
|
41
|
+
'mistral-small-latest': { input_per_token: 0.2 / 1e6, output_per_token: 0.6 / 1e6 },
|
|
42
|
+
'codestral-latest': { input_per_token: 0.3 / 1e6, output_per_token: 0.9 / 1e6 },
|
|
43
|
+
// ── Meta (via API providers) ───────────────────────────────
|
|
44
|
+
'llama-3.3-70b': { input_per_token: 0.8 / 1e6, output_per_token: 0.8 / 1e6 },
|
|
45
|
+
'llama-3.1-405b': { input_per_token: 3 / 1e6, output_per_token: 3 / 1e6 },
|
|
46
|
+
'llama-3.1-70b': { input_per_token: 0.8 / 1e6, output_per_token: 0.8 / 1e6 },
|
|
47
|
+
'llama-3.1-8b': { input_per_token: 0.1 / 1e6, output_per_token: 0.1 / 1e6 },
|
|
48
|
+
// ── Cohere ─────────────────────────────────────────────────
|
|
49
|
+
'command-r-plus': { input_per_token: 2.5 / 1e6, output_per_token: 10 / 1e6 },
|
|
50
|
+
'command-r': { input_per_token: 0.15 / 1e6, output_per_token: 0.6 / 1e6 },
|
|
51
|
+
};
|
|
52
|
+
/**
|
|
53
|
+
* Alias map for model name normalization.
|
|
54
|
+
* Maps common variations/prefixes to canonical model names in MODEL_PRICING.
|
|
55
|
+
*/
|
|
56
|
+
const MODEL_ALIASES = {
|
|
57
|
+
// OpenAI versioned snapshots
|
|
58
|
+
'gpt-4o-2024-11-20': 'gpt-4o',
|
|
59
|
+
'gpt-4o-2024-08-06': 'gpt-4o',
|
|
60
|
+
'gpt-4o-mini-2024-07-18': 'gpt-4o-mini',
|
|
61
|
+
'gpt-4-turbo-2024-04-09': 'gpt-4-turbo',
|
|
62
|
+
// Anthropic shortcuts
|
|
63
|
+
'claude-3.5-sonnet': 'claude-sonnet-4-5',
|
|
64
|
+
'claude-3.5-haiku': 'claude-haiku-4-5',
|
|
65
|
+
};
|
|
66
|
+
/**
|
|
67
|
+
* Resolve token pricing for a model name.
|
|
68
|
+
*
|
|
69
|
+
* Lookup order:
|
|
70
|
+
* 1. Exact match in `overrides` (workspace-level config)
|
|
71
|
+
* 2. Exact match in built-in MODEL_PRICING
|
|
72
|
+
* 3. Alias lookup
|
|
73
|
+
* 4. Prefix match (e.g. "gpt-4o-2024-05-13" → "gpt-4o")
|
|
74
|
+
* 5. undefined — caller falls back to DEFAULT_COST_TABLE
|
|
75
|
+
*/
|
|
76
|
+
function resolveModelPricing(modelName, overrides) {
|
|
77
|
+
// 1. Workspace override (exact)
|
|
78
|
+
if (overrides?.[modelName])
|
|
79
|
+
return overrides[modelName];
|
|
80
|
+
// 2. Built-in exact match
|
|
81
|
+
if (exports.MODEL_PRICING[modelName])
|
|
82
|
+
return exports.MODEL_PRICING[modelName];
|
|
83
|
+
// 3. Alias lookup
|
|
84
|
+
const aliased = MODEL_ALIASES[modelName];
|
|
85
|
+
if (aliased) {
|
|
86
|
+
return overrides?.[aliased] ?? exports.MODEL_PRICING[aliased];
|
|
87
|
+
}
|
|
88
|
+
// 4. Prefix match — find the longest matching key
|
|
89
|
+
// e.g. "claude-3-5-sonnet-20241022-v2" matches "claude-3-5-sonnet-20241022"
|
|
90
|
+
let bestMatch;
|
|
91
|
+
let bestLen = 0;
|
|
92
|
+
const allKeys = new Set([
|
|
93
|
+
...Object.keys(exports.MODEL_PRICING),
|
|
94
|
+
...(overrides ? Object.keys(overrides) : []),
|
|
95
|
+
]);
|
|
96
|
+
for (const key of allKeys) {
|
|
97
|
+
if (modelName.startsWith(key) && key.length > bestLen) {
|
|
98
|
+
bestMatch = key;
|
|
99
|
+
bestLen = key.length;
|
|
100
|
+
}
|
|
101
|
+
}
|
|
102
|
+
if (bestMatch) {
|
|
103
|
+
return overrides?.[bestMatch] ?? exports.MODEL_PRICING[bestMatch];
|
|
104
|
+
}
|
|
105
|
+
return undefined;
|
|
106
|
+
}
|
|
107
|
+
//# sourceMappingURL=model-pricing.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"model-pricing.js","sourceRoot":"","sources":["../../../src/budget/model-pricing.ts"],"names":[],"mappings":";;;AAgFA,kDAsCC;AApHD;;;;;GAKG;AACU,QAAA,aAAa,GAAiC;IACzD,8DAA8D;IAC9D,iBAAiB,EAAoB,EAAE,eAAe,EAAE,EAAE,GAAG,GAAG,EAAG,gBAAgB,EAAE,EAAE,GAAG,GAAG,EAAE;IAC/F,mBAAmB,EAAkB,EAAE,eAAe,EAAE,CAAC,GAAG,GAAG,EAAI,gBAAgB,EAAE,EAAE,GAAG,GAAG,EAAE;IAC/F,kBAAkB,EAAmB,EAAE,eAAe,EAAE,CAAC,GAAG,GAAG,EAAI,gBAAgB,EAAE,CAAC,GAAG,GAAG,EAAE;IAC9F,mBAAmB,EAAkB,EAAE,eAAe,EAAE,CAAC,GAAG,GAAG,EAAI,gBAAgB,EAAE,EAAE,GAAG,GAAG,EAAE;IAC/F,4BAA4B,EAAS,EAAE,eAAe,EAAE,CAAC,GAAG,GAAG,EAAI,gBAAgB,EAAE,EAAE,GAAG,GAAG,EAAE;IAC/F,2BAA2B,EAAU,EAAE,eAAe,EAAE,CAAC,GAAG,GAAG,EAAI,gBAAgB,EAAE,CAAC,GAAG,GAAG,EAAE;IAC9F,wBAAwB,EAAa,EAAE,eAAe,EAAE,EAAE,GAAG,GAAG,EAAG,gBAAgB,EAAE,EAAE,GAAG,GAAG,EAAE;IAC/F,0BAA0B,EAAW,EAAE,eAAe,EAAE,CAAC,GAAG,GAAG,EAAI,gBAAgB,EAAE,EAAE,GAAG,GAAG,EAAE;IAC/F,yBAAyB,EAAY,EAAE,eAAe,EAAE,IAAI,GAAG,GAAG,EAAE,gBAAgB,EAAE,IAAI,GAAG,GAAG,EAAE;IAElG,8DAA8D;IAC9D,SAAS,EAA4B,EAAE,eAAe,EAAE,CAAC,GAAG,GAAG,EAAI,gBAAgB,EAAE,CAAC,GAAG,GAAG,EAAE;IAC9F,cAAc,EAAuB,EAAE,eAAe,EAAE,GAAG,GAAG,GAAG,EAAE,gBAAgB,EAAE,GAAG,GAAG,GAAG,EAAE;IAChG,cAAc,EAAuB,EAAE,eAAe,EAAE,GAAG,GAAG,GAAG,EAAE,gBAAgB,EAAE,GAAG,GAAG,GAAG,EAAE;IAChG,QAAQ,EAA6B,EAAE,eAAe,EAAE,GAAG,GAAG,GAAG,EAAE,gBAAgB,EAAE,EAAE,GAAG,GAAG,EAAE;IAC/F,aAAa,EAAwB,EAAE,eAAe,EAAE,IAAI,GAAG,GAAG,EAAE,gBAAgB,EAAE,GAAG,GAAG,GAAG,EAAE;IACjG,aAAa,EAAwB,EAAE,eAAe,EAAE,EAAE,GAAG,GAAG,EAAG,gBAAgB,EAAE,EAAE,GAAG,GAAG,EAAE;IAC/F,IAAI,EAAiC,EAAE,eAAe,EAAE,CAAC,GAAG,GAAG,EAAI,gBAAgB,EAAE,CAAC,GAAG,GAAG,EAAE;IAC9F,SAAS,EAA4B,EAAE,eAAe,EAAE,GAAG,GAAG,GAAG,EAAE,gBAAgB,EAAE,GAAG,GAAG,GAAG,EAAE;IAChG,IAAI,EAAiC,EAAE,eAAe,EAAE,EAAE,GAAG,GAAG,EAAG,gBAAgB,EAAE,EAAE,GAAG,GAAG,EAAE;IAC/F,SAAS,EAA4B,EAAE,eAAe,EAAE,CAAC,GAAG,GAAG,EAAI,gBAAgB,EAAE,EAAE,GAAG,GAAG,EAAE;IAE/F,8DAA8D;IAC9D,gBAAgB,EAAqB,EAAE,eAAe,EAAE,IAAI,GAAG,GAAG,EAAE,gBAAgB,EAAE,EAAE,GAAG,GAAG,EAAE;IAChG,kBAAkB,EAAmB,EAAE,eAAe,EAAE,IAAI,GAAG,GAAG,EAAE,gBAAgB,EAAE,GAAG,GAAG,GAAG,EAAE;IACjG,kBAAkB,EAAmB,EAAE,eAAe,EAAE,GAAG,GAAG,GAAG,EAAG,gBAAgB,EAAE,GAAG,GAAG,GAAG,EAAE;IACjG,gBAAgB,EAAqB,EAAE,eAAe,EAAE,IAAI,GAAG,GAAG,EAAE,gBAAgB,EAAE,CAAC,GAAG,GAAG,EAAE;IAC/F,kBAAkB,EAAmB,EAAE,eAAe,EAAE,KAAK,GAAG,GAAG,EAAE,gBAAgB,EAAE,GAAG,GAAG,GAAG,EAAE;IAElG,8DAA8D;IAC9D,sBAAsB,EAAe,EAAE,eAAe,EAAE,CAAC,GAAG,GAAG,EAAI,gBAAgB,EAAE,CAAC,GAAG,GAAG,EAAE;IAC9F,sBAAsB,EAAe,EAAE,eAAe,EAAE,GAAG,GAAG,GAAG,EAAE,gBAAgB,EAAE,GAAG,GAAG,GAAG,EAAE;IAChG,kBAAkB,EAAmB,EAAE,eAAe,EAAE,GAAG,GAAG,GAAG,EAAE,gBAAgB,EAAE,GAAG,GAAG,GAAG,EAAE;IAEhG,8DAA8D;IAC9D,eAAe,EAAsB,EAAE,eAAe,EAAE,GAAG,GAAG,GAAG,EAAE,gBAAgB,EAAE,GAAG,GAAG,GAAG,EAAE;IAChG,gBAAgB,EAAqB,EAAE,eAAe,EAAE,CAAC,GAAG,GAAG,EAAI,gBAAgB,EAAE,CAAC,GAAG,GAAG,EAAE;IAC9F,eAAe,EAAsB,EAAE,eAAe,EAAE,GAAG,GAAG,GAAG,EAAE,gBAAgB,EAAE,GAAG,GAAG,GAAG,EAAE;IAChG,cAAc,EAAuB,EAAE,eAAe,EAAE,GAAG,GAAG,GAAG,EAAE,gBAAgB,EAAE,GAAG,GAAG,GAAG,EAAE;IAEhG,8DAA8D;IAC9D,gBAAgB,EAAqB,EAAE,eAAe,EAAE,GAAG,GAAG,GAAG,EAAE,gBAAgB,EAAE,EAAE,GAAG,GAAG,EAAE;IAC/F,WAAW,EAA0B,EAAE,eAAe,EAAE,IAAI,GAAG,GAAG,EAAE,gBAAgB,EAAE,GAAG,GAAG,GAAG,EAAE;CAClG,CAAC;AAEF;;;GAGG;AACH,MAAM,aAAa,GAA2B;IAC5C,6BAA6B;IAC7B,mBAAmB,EAAE,QAAQ;IAC7B,mBAAmB,EAAE,QAAQ;IAC7B,wBAAwB,EAAE,aAAa;IACvC,wBAAwB,EAAE,aAAa;IACvC,sBAAsB;IACtB,mBAAmB,EAAE,mBAAmB;IACxC,kBAAkB,EAAE,kBAAkB;CACvC,CAAC;AAEF;;;;;;;;;GASG;AACH,SAAgB,mBAAmB,CACjC,SAAiB,EACjB,SAAwC;IAExC,gCAAgC;IAChC,IAAI,SAAS,EAAE,CAAC,SAAS,CAAC;QAAE,OAAO,SAAS,CAAC,SAAS,CAAC,CAAC;IAExD,0BAA0B;IAC1B,IAAI,qBAAa,CAAC,SAAS,CAAC;QAAE,OAAO,qBAAa,CAAC,SAAS,CAAC,CAAC;IAE9D,kBAAkB;IAClB,MAAM,OAAO,GAAG,aAAa,CAAC,SAAS,CAAC,CAAC;IACzC,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,SAAS,EAAE,CAAC,OAAO,CAAC,IAAI,qBAAa,CAAC,OAAO,CAAC,CAAC;IACxD,CAAC;IAED,kDAAkD;IAClD,+EAA+E;IAC/E,IAAI,SAA6B,CAAC;IAClC,IAAI,OAAO,GAAG,CAAC,CAAC;IAEhB,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC;QACtB,GAAG,MAAM,CAAC,IAAI,CAAC,qBAAa,CAAC;QAC7B,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;KAC7C,CAAC,CAAC;IAEH,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;QAC1B,IAAI,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,GAAG,OAAO,EAAE,CAAC;YACtD,SAAS,GAAG,GAAG,CAAC;YAChB,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC;QACvB,CAAC;IACH,CAAC;IAED,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,SAAS,EAAE,CAAC,SAAS,CAAC,IAAI,qBAAa,CAAC,SAAS,CAAC,CAAC;IAC5D,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC"}
|
|
@@ -10,11 +10,13 @@ export declare class UsageExtractor {
|
|
|
10
10
|
extractFromHeaders(headers?: Record<string, string>): UsageData | undefined;
|
|
11
11
|
/**
|
|
12
12
|
* Extract usage data from response body.
|
|
13
|
-
* Supports OpenAI-style `usage` object and Anthropic-style `usage` object
|
|
13
|
+
* Supports OpenAI-style `usage` object and Anthropic-style `usage` object,
|
|
14
|
+
* including cache tokens (Anthropic) and reasoning tokens (OpenAI o1/o3).
|
|
14
15
|
*/
|
|
15
16
|
extractFromBody(body: unknown): UsageData | undefined;
|
|
16
17
|
/**
|
|
17
18
|
* Compute cost from usage data using token pricing config.
|
|
19
|
+
* Falls back to built-in MODEL_PRICING when workspace config doesn't have the model.
|
|
18
20
|
* Returns the computed cost in USD, or undefined if pricing not available.
|
|
19
21
|
*/
|
|
20
22
|
computeCost(usage: UsageData, model?: string): number | undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"usage-extractor.d.ts","sourceRoot":"","sources":["../../../src/budget/usage-extractor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"usage-extractor.d.ts","sourceRoot":"","sources":["../../../src/budget/usage-extractor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAG/C,qBAAa,cAAc;IACzB,OAAO,CAAC,YAAY,CAA+B;gBAEvC,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,YAAY,CAAC;IAIvD;;;OAGG;IACH,kBAAkB,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,SAAS,GAAG,SAAS;IAkC3E;;;;OAIG;IACH,eAAe,CAAC,IAAI,EAAE,OAAO,GAAG,SAAS,GAAG,SAAS;IAsDrD;;;;OAIG;IACH,WAAW,CAAC,KAAK,EAAE,SAAS,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS;IAuCjE;;;OAGG;IACH,oBAAoB,CAAC,IAAI,EAAE,OAAO,GAAG,MAAM,GAAG,SAAS;IAOvD;;OAEG;IACH,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAUrC;;;OAGG;IACH,KAAK,CAAC,WAAW,CAAC,EAAE,SAAS,EAAE,QAAQ,CAAC,EAAE,SAAS,GAAG,SAAS,GAAG,SAAS;IAsB3E,OAAO,CAAC,cAAc;IAMtB,OAAO,CAAC,gBAAgB;CAKzB"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.UsageExtractor = void 0;
|
|
4
|
+
const model_pricing_1 = require("./model-pricing");
|
|
4
5
|
class UsageExtractor {
|
|
5
6
|
constructor(tokenPricing) {
|
|
6
7
|
this.tokenPricing = tokenPricing || {};
|
|
@@ -43,7 +44,8 @@ class UsageExtractor {
|
|
|
43
44
|
}
|
|
44
45
|
/**
|
|
45
46
|
* Extract usage data from response body.
|
|
46
|
-
* Supports OpenAI-style `usage` object and Anthropic-style `usage` object
|
|
47
|
+
* Supports OpenAI-style `usage` object and Anthropic-style `usage` object,
|
|
48
|
+
* including cache tokens (Anthropic) and reasoning tokens (OpenAI o1/o3).
|
|
47
49
|
*/
|
|
48
50
|
extractFromBody(body) {
|
|
49
51
|
if (!body || typeof body !== 'object')
|
|
@@ -59,6 +61,19 @@ class UsageExtractor {
|
|
|
59
61
|
// Anthropic format: usage.input_tokens, usage.output_tokens
|
|
60
62
|
const inputTokens = typeof usageObj.input_tokens === 'number' ? usageObj.input_tokens : promptTokens;
|
|
61
63
|
const outputTokens = typeof usageObj.output_tokens === 'number' ? usageObj.output_tokens : completionTokens;
|
|
64
|
+
// Anthropic cache tokens
|
|
65
|
+
const cacheCreationTokens = typeof usageObj.cache_creation_input_tokens === 'number'
|
|
66
|
+
? usageObj.cache_creation_input_tokens : undefined;
|
|
67
|
+
const cacheReadTokens = typeof usageObj.cache_read_input_tokens === 'number'
|
|
68
|
+
? usageObj.cache_read_input_tokens : undefined;
|
|
69
|
+
// OpenAI reasoning tokens (o1/o3 models)
|
|
70
|
+
// Located at usage.completion_tokens_details.reasoning_tokens
|
|
71
|
+
let reasoningTokens;
|
|
72
|
+
const completionDetails = usageObj.completion_tokens_details;
|
|
73
|
+
if (completionDetails && typeof completionDetails === 'object') {
|
|
74
|
+
reasoningTokens = typeof completionDetails.reasoning_tokens === 'number'
|
|
75
|
+
? completionDetails.reasoning_tokens : undefined;
|
|
76
|
+
}
|
|
62
77
|
if (inputTokens === undefined && outputTokens === undefined && totalTokens === undefined) {
|
|
63
78
|
return undefined;
|
|
64
79
|
}
|
|
@@ -75,23 +90,49 @@ class UsageExtractor {
|
|
|
75
90
|
else if (inputTokens !== undefined && outputTokens !== undefined) {
|
|
76
91
|
usage.total_tokens = inputTokens + outputTokens;
|
|
77
92
|
}
|
|
93
|
+
if (cacheCreationTokens !== undefined)
|
|
94
|
+
usage.cache_creation_tokens = cacheCreationTokens;
|
|
95
|
+
if (cacheReadTokens !== undefined)
|
|
96
|
+
usage.cache_read_tokens = cacheReadTokens;
|
|
97
|
+
if (reasoningTokens !== undefined)
|
|
98
|
+
usage.reasoning_tokens = reasoningTokens;
|
|
78
99
|
return usage;
|
|
79
100
|
}
|
|
80
101
|
/**
|
|
81
102
|
* Compute cost from usage data using token pricing config.
|
|
103
|
+
* Falls back to built-in MODEL_PRICING when workspace config doesn't have the model.
|
|
82
104
|
* Returns the computed cost in USD, or undefined if pricing not available.
|
|
83
105
|
*/
|
|
84
106
|
computeCost(usage, model) {
|
|
85
|
-
if (!model
|
|
107
|
+
if (!model)
|
|
108
|
+
return undefined;
|
|
109
|
+
// Resolve pricing: workspace config → built-in pricing → undefined
|
|
110
|
+
const pricing = (0, model_pricing_1.resolveModelPricing)(model, this.tokenPricing);
|
|
111
|
+
if (!pricing)
|
|
86
112
|
return undefined;
|
|
87
|
-
const pricing = this.tokenPricing[model];
|
|
88
113
|
let cost = 0;
|
|
114
|
+
// Base input tokens (excluding cache tokens which are billed differently)
|
|
89
115
|
if (usage.input_tokens !== undefined) {
|
|
90
116
|
cost += usage.input_tokens * pricing.input_per_token;
|
|
91
117
|
}
|
|
118
|
+
// Base output tokens
|
|
92
119
|
if (usage.output_tokens !== undefined) {
|
|
93
120
|
cost += usage.output_tokens * pricing.output_per_token;
|
|
94
121
|
}
|
|
122
|
+
// Cache creation tokens: billed at cache_creation_multiplier × input price (default 1.25x)
|
|
123
|
+
if (usage.cache_creation_tokens !== undefined && usage.cache_creation_tokens > 0) {
|
|
124
|
+
const multiplier = pricing.cache_creation_multiplier ?? 1.25;
|
|
125
|
+
cost += usage.cache_creation_tokens * pricing.input_per_token * multiplier;
|
|
126
|
+
}
|
|
127
|
+
// Cache read tokens: billed at cache_read_multiplier × input price (default 0.1x)
|
|
128
|
+
if (usage.cache_read_tokens !== undefined && usage.cache_read_tokens > 0) {
|
|
129
|
+
const multiplier = pricing.cache_read_multiplier ?? 0.1;
|
|
130
|
+
cost += usage.cache_read_tokens * pricing.input_per_token * multiplier;
|
|
131
|
+
}
|
|
132
|
+
// Reasoning tokens (o1/o3): billed at output price
|
|
133
|
+
if (usage.reasoning_tokens !== undefined && usage.reasoning_tokens > 0) {
|
|
134
|
+
cost += usage.reasoning_tokens * pricing.output_per_token;
|
|
135
|
+
}
|
|
95
136
|
return cost;
|
|
96
137
|
}
|
|
97
138
|
/**
|
|
@@ -139,6 +180,9 @@ class UsageExtractor {
|
|
|
139
180
|
input_tokens: fromBody.input_tokens ?? fromHeaders.input_tokens,
|
|
140
181
|
output_tokens: fromBody.output_tokens ?? fromHeaders.output_tokens,
|
|
141
182
|
total_tokens: fromBody.total_tokens ?? fromHeaders.total_tokens,
|
|
183
|
+
cache_creation_tokens: fromBody.cache_creation_tokens ?? fromHeaders.cache_creation_tokens,
|
|
184
|
+
cache_read_tokens: fromBody.cache_read_tokens ?? fromHeaders.cache_read_tokens,
|
|
185
|
+
reasoning_tokens: fromBody.reasoning_tokens ?? fromHeaders.reasoning_tokens,
|
|
142
186
|
provider_cost_usd: fromHeaders.provider_cost_usd ?? fromBody.provider_cost_usd,
|
|
143
187
|
computed_cost_usd: fromHeaders.computed_cost_usd ?? fromBody.computed_cost_usd,
|
|
144
188
|
source: fromBody.source && fromHeaders.source
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"usage-extractor.js","sourceRoot":"","sources":["../../../src/budget/usage-extractor.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"usage-extractor.js","sourceRoot":"","sources":["../../../src/budget/usage-extractor.ts"],"names":[],"mappings":";;;AAEA,mDAAsD;AAEtD,MAAa,cAAc;IAGzB,YAAY,YAA2C;QACrD,IAAI,CAAC,YAAY,GAAG,YAAY,IAAI,EAAE,CAAC;IACzC,CAAC;IAED;;;OAGG;IACH,kBAAkB,CAAC,OAAgC;QACjD,IAAI,CAAC,OAAO;YAAE,OAAO,SAAS,CAAC;QAE/B,mEAAmE;QACnE,MAAM,UAAU,GAA2B,EAAE,CAAC;QAC9C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YACnD,UAAU,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,GAAG,KAAK,CAAC;QACxC,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,sBAAsB,CAAC,CAAC,CAAC;QAC5E,MAAM,YAAY,GAAG,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,uBAAuB,CAAC,CAAC,CAAC;QAC9E,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,sBAAsB,CAAC,CAAC,CAAC;QAC5E,MAAM,YAAY,GAAG,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC;QAE3E,IAAI,WAAW,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,WAAW,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;YACvH,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,KAAK,GAAc;YACvB,MAAM,EAAE,SAAS;SAClB,CAAC;QAEF,IAAI,WAAW,KAAK,SAAS;YAAE,KAAK,CAAC,YAAY,GAAG,WAAW,CAAC;QAChE,IAAI,YAAY,KAAK,SAAS;YAAE,KAAK,CAAC,aAAa,GAAG,YAAY,CAAC;QACnE,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,KAAK,CAAC,YAAY,GAAG,WAAW,CAAC;QACnC,CAAC;aAAM,IAAI,WAAW,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;YACnE,KAAK,CAAC,YAAY,GAAG,WAAW,GAAG,YAAY,CAAC;QAClD,CAAC;QACD,IAAI,YAAY,KAAK,SAAS;YAAE,KAAK,CAAC,iBAAiB,GAAG,YAAY,CAAC;QAEvE,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;;OAIG;IACH,eAAe,CAAC,IAAa;QAC3B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;YAAE,OAAO,SAAS,CAAC;QAExD,MAAM,OAAO,GAAG,IAA+B,CAAC;QAChD,MAAM,QAAQ,GAAG,OAAO,CAAC,KAA4C,CAAC;QAEtE,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ;YAAE,OAAO,SAAS,CAAC;QAEhE,kFAAkF;QAClF,MAAM,YAAY,GAAG,OAAO,QAAQ,CAAC,aAAa,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;QACrG,MAAM,gBAAgB,GAAG,OAAO,QAAQ,CAAC,iBAAiB,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;QACjH,MAAM,WAAW,GAAG,OAAO,QAAQ,CAAC,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;QAElG,4DAA4D;QAC5D,MAAM,WAAW,GAAG,OAAO,QAAQ,CAAC,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC;QACrG,MAAM,YAAY,GAAG,OAAO,QAAQ,CAAC,aAAa,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,gBAAgB,CAAC;QAE5G,yBAAyB;QACzB,MAAM,mBAAmB,GAAG,OAAO,QAAQ,CAAC,2BAA2B,KAAK,QAAQ;YAClF,CAAC,CAAC,QAAQ,CAAC,2BAA2B,CAAC,CAAC,CAAC,SAAS,CAAC;QACrD,MAAM,eAAe,GAAG,OAAO,QAAQ,CAAC,uBAAuB,KAAK,QAAQ;YAC1E,CAAC,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;QAEjD,yCAAyC;QACzC,8DAA8D;QAC9D,IAAI,eAAmC,CAAC;QACxC,MAAM,iBAAiB,GAAG,QAAQ,CAAC,yBAAgE,CAAC;QACpG,IAAI,iBAAiB,IAAI,OAAO,iBAAiB,KAAK,QAAQ,EAAE,CAAC;YAC/D,eAAe,GAAG,OAAO,iBAAiB,CAAC,gBAAgB,KAAK,QAAQ;gBACtE,CAAC,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;QACrD,CAAC;QAED,IAAI,WAAW,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YACzF,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,MAAM,KAAK,GAAc;YACvB,MAAM,EAAE,MAAM;SACf,CAAC;QAEF,IAAI,WAAW,KAAK,SAAS;YAAE,KAAK,CAAC,YAAY,GAAG,WAAW,CAAC;QAChE,IAAI,YAAY,KAAK,SAAS;YAAE,KAAK,CAAC,aAAa,GAAG,YAAY,CAAC;QACnE,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,KAAK,CAAC,YAAY,GAAG,WAAW,CAAC;QACnC,CAAC;aAAM,IAAI,WAAW,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;YACnE,KAAK,CAAC,YAAY,GAAG,WAAW,GAAG,YAAY,CAAC;QAClD,CAAC;QACD,IAAI,mBAAmB,KAAK,SAAS;YAAE,KAAK,CAAC,qBAAqB,GAAG,mBAAmB,CAAC;QACzF,IAAI,eAAe,KAAK,SAAS;YAAE,KAAK,CAAC,iBAAiB,GAAG,eAAe,CAAC;QAC7E,IAAI,eAAe,KAAK,SAAS;YAAE,KAAK,CAAC,gBAAgB,GAAG,eAAe,CAAC;QAE5E,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;;OAIG;IACH,WAAW,CAAC,KAAgB,EAAE,KAAc;QAC1C,IAAI,CAAC,KAAK;YAAE,OAAO,SAAS,CAAC;QAE7B,mEAAmE;QACnE,MAAM,OAAO,GAAG,IAAA,mCAAmB,EAAC,KAAK,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;QAC9D,IAAI,CAAC,OAAO;YAAE,OAAO,SAAS,CAAC;QAE/B,IAAI,IAAI,GAAG,CAAC,CAAC;QAEb,0EAA0E;QAC1E,IAAI,KAAK,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YACrC,IAAI,IAAI,KAAK,CAAC,YAAY,GAAG,OAAO,CAAC,eAAe,CAAC;QACvD,CAAC;QAED,qBAAqB;QACrB,IAAI,KAAK,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;YACtC,IAAI,IAAI,KAAK,CAAC,aAAa,GAAG,OAAO,CAAC,gBAAgB,CAAC;QACzD,CAAC;QAED,2FAA2F;QAC3F,IAAI,KAAK,CAAC,qBAAqB,KAAK,SAAS,IAAI,KAAK,CAAC,qBAAqB,GAAG,CAAC,EAAE,CAAC;YACjF,MAAM,UAAU,GAAG,OAAO,CAAC,yBAAyB,IAAI,IAAI,CAAC;YAC7D,IAAI,IAAI,KAAK,CAAC,qBAAqB,GAAG,OAAO,CAAC,eAAe,GAAG,UAAU,CAAC;QAC7E,CAAC;QAED,kFAAkF;QAClF,IAAI,KAAK,CAAC,iBAAiB,KAAK,SAAS,IAAI,KAAK,CAAC,iBAAiB,GAAG,CAAC,EAAE,CAAC;YACzE,MAAM,UAAU,GAAG,OAAO,CAAC,qBAAqB,IAAI,GAAG,CAAC;YACxD,IAAI,IAAI,KAAK,CAAC,iBAAiB,GAAG,OAAO,CAAC,eAAe,GAAG,UAAU,CAAC;QACzE,CAAC;QAED,mDAAmD;QACnD,IAAI,KAAK,CAAC,gBAAgB,KAAK,SAAS,IAAI,KAAK,CAAC,gBAAgB,GAAG,CAAC,EAAE,CAAC;YACvE,IAAI,IAAI,KAAK,CAAC,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC;QAC5D,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;OAGG;IACH,oBAAoB,CAAC,IAAa;QAChC,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;YAAE,OAAO,SAAS,CAAC;QACxD,MAAM,OAAO,GAAG,IAA+B,CAAC;QAChD,IAAI,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ;YAAE,OAAO,OAAO,CAAC,KAAK,CAAC;QAC5D,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,KAAa;QAC1B,IAAI,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC;YAAE,OAAO,WAAW,CAAC;QAC/C,IAAI,uBAAuB,CAAC,IAAI,CAAC,KAAK,CAAC;YAAE,OAAO,QAAQ,CAAC;QACzD,IAAI,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC;YAAE,OAAO,QAAQ,CAAC;QAC5C,IAAI,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC;YAAE,OAAO,SAAS,CAAC;QACvD,IAAI,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC;YAAE,OAAO,MAAM,CAAC;QACzC,IAAI,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC;YAAE,OAAO,QAAQ,CAAC;QAC7C,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,WAAuB,EAAE,QAAoB;QACjD,IAAI,CAAC,WAAW,IAAI,CAAC,QAAQ;YAAE,OAAO,SAAS,CAAC;QAChD,IAAI,CAAC,WAAW;YAAE,OAAO,QAAQ,CAAC;QAClC,IAAI,CAAC,QAAQ;YAAE,OAAO,WAAW,CAAC;QAElC,OAAO;YACL,YAAY,EAAE,QAAQ,CAAC,YAAY,IAAI,WAAW,CAAC,YAAY;YAC/D,aAAa,EAAE,QAAQ,CAAC,aAAa,IAAI,WAAW,CAAC,aAAa;YAClE,YAAY,EAAE,QAAQ,CAAC,YAAY,IAAI,WAAW,CAAC,YAAY;YAC/D,qBAAqB,EAAE,QAAQ,CAAC,qBAAqB,IAAI,WAAW,CAAC,qBAAqB;YAC1F,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB,IAAI,WAAW,CAAC,iBAAiB;YAC9E,gBAAgB,EAAE,QAAQ,CAAC,gBAAgB,IAAI,WAAW,CAAC,gBAAgB;YAC3E,iBAAiB,EAAE,WAAW,CAAC,iBAAiB,IAAI,QAAQ,CAAC,iBAAiB;YAC9E,iBAAiB,EAAE,WAAW,CAAC,iBAAiB,IAAI,QAAQ,CAAC,iBAAiB;YAC9E,MAAM,EAAE,QAAQ,CAAC,MAAM,IAAI,WAAW,CAAC,MAAM;gBAC3C,CAAC,CAAC,GAAG,WAAW,CAAC,MAAM,IAAI,QAAQ,CAAC,MAAM,EAAE;gBAC5C,CAAC,CAAC,QAAQ,CAAC,MAAM,IAAI,WAAW,CAAC,MAAM;YACzC,KAAK,EAAE,QAAQ,CAAC,KAAK,IAAI,WAAW,CAAC,KAAK;YAC1C,QAAQ,EAAE,QAAQ,CAAC,QAAQ,IAAI,WAAW,CAAC,QAAQ;SACpD,CAAC;IACJ,CAAC;IAEO,cAAc,CAAC,KAAc;QACnC,IAAI,KAAK,KAAK,SAAS;YAAE,OAAO,SAAS,CAAC;QAC1C,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACnC,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC;IAC5C,CAAC;IAEO,gBAAgB,CAAC,KAAc;QACrC,IAAI,KAAK,KAAK,SAAS;YAAE,OAAO,SAAS,CAAC;QAC1C,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;QACjC,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC;IAC5C,CAAC;CACF;AAjND,wCAiNC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"defaults.d.ts","sourceRoot":"","sources":["../../../src/config/defaults.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"defaults.d.ts","sourceRoot":"","sources":["../../../src/config/defaults.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAuChD,eAAO,MAAM,cAAc,EAAE,aA2N5B,CAAC"}
|
|
@@ -36,6 +36,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
36
36
|
exports.DEFAULT_CONFIG = void 0;
|
|
37
37
|
const crypto = __importStar(require("crypto"));
|
|
38
38
|
const fs = __importStar(require("fs"));
|
|
39
|
+
const model_pricing_1 = require("../budget/model-pricing");
|
|
39
40
|
const isProduction = process.env.NODE_ENV === 'production';
|
|
40
41
|
/**
|
|
41
42
|
* Read a secret from a file path or env var.
|
|
@@ -144,6 +145,7 @@ exports.DEFAULT_CONFIG = {
|
|
|
144
145
|
? parseInt(process.env.BUDGET_MAX_STEPS, 10) : 50,
|
|
145
146
|
max_retries_per_call: 3,
|
|
146
147
|
max_wall_clock_ms: 300000,
|
|
148
|
+
token_pricing: model_pricing_1.MODEL_PRICING,
|
|
147
149
|
},
|
|
148
150
|
audit: {
|
|
149
151
|
enabled: true,
|
|
@@ -161,6 +163,66 @@ exports.DEFAULT_CONFIG = {
|
|
|
161
163
|
enabled: true,
|
|
162
164
|
ttl_ms: 300000,
|
|
163
165
|
},
|
|
166
|
+
filesystem: process.env.PALARYN_FILE_ENABLED === 'true' ? {
|
|
167
|
+
enabled: true,
|
|
168
|
+
base_dir: process.env.PALARYN_FILE_BASE_DIR || './sandbox',
|
|
169
|
+
allowed_extensions: process.env.PALARYN_FILE_EXTENSIONS
|
|
170
|
+
? process.env.PALARYN_FILE_EXTENSIONS.split(',').map(s => s.trim())
|
|
171
|
+
: undefined,
|
|
172
|
+
max_file_size_bytes: process.env.PALARYN_FILE_MAX_SIZE
|
|
173
|
+
? parseInt(process.env.PALARYN_FILE_MAX_SIZE, 10)
|
|
174
|
+
: 10 * 1024 * 1024,
|
|
175
|
+
} : undefined,
|
|
176
|
+
sql: process.env.PALARYN_SQL_ENABLED === 'true' ? {
|
|
177
|
+
enabled: true,
|
|
178
|
+
connection_string: process.env.PALARYN_SQL_CONNECTION || '',
|
|
179
|
+
timeout_ms: process.env.PALARYN_SQL_TIMEOUT
|
|
180
|
+
? parseInt(process.env.PALARYN_SQL_TIMEOUT, 10)
|
|
181
|
+
: 30000,
|
|
182
|
+
read_only: process.env.PALARYN_SQL_READONLY !== 'false',
|
|
183
|
+
max_rows: process.env.PALARYN_SQL_MAX_ROWS
|
|
184
|
+
? parseInt(process.env.PALARYN_SQL_MAX_ROWS, 10)
|
|
185
|
+
: 1000,
|
|
186
|
+
blocked_tables: process.env.PALARYN_SQL_BLOCKED_TABLES
|
|
187
|
+
? process.env.PALARYN_SQL_BLOCKED_TABLES.split(',').map(s => s.trim())
|
|
188
|
+
: undefined,
|
|
189
|
+
} : undefined,
|
|
190
|
+
shell: process.env.PALARYN_SHELL_ENABLED === 'true' ? {
|
|
191
|
+
enabled: true,
|
|
192
|
+
allowed_commands: process.env.PALARYN_SHELL_ALLOWED
|
|
193
|
+
? process.env.PALARYN_SHELL_ALLOWED.split(',').map(s => s.trim())
|
|
194
|
+
: [],
|
|
195
|
+
blocked_commands: process.env.PALARYN_SHELL_BLOCKED
|
|
196
|
+
? process.env.PALARYN_SHELL_BLOCKED.split(',').map(s => s.trim())
|
|
197
|
+
: undefined,
|
|
198
|
+
timeout_ms: process.env.PALARYN_SHELL_TIMEOUT
|
|
199
|
+
? parseInt(process.env.PALARYN_SHELL_TIMEOUT, 10)
|
|
200
|
+
: 30000,
|
|
201
|
+
cwd: process.env.PALARYN_SHELL_CWD,
|
|
202
|
+
max_output_bytes: process.env.PALARYN_SHELL_MAX_OUTPUT
|
|
203
|
+
? parseInt(process.env.PALARYN_SHELL_MAX_OUTPUT, 10)
|
|
204
|
+
: 1024 * 1024,
|
|
205
|
+
} : undefined,
|
|
206
|
+
websocket: process.env.PALARYN_WS_ENABLED === 'true' ? {
|
|
207
|
+
enabled: true,
|
|
208
|
+
allowed_urls: process.env.PALARYN_WS_ALLOWED_URLS
|
|
209
|
+
? process.env.PALARYN_WS_ALLOWED_URLS.split(',').map(s => s.trim())
|
|
210
|
+
: [],
|
|
211
|
+
connect_timeout_ms: process.env.PALARYN_WS_CONNECT_TIMEOUT
|
|
212
|
+
? parseInt(process.env.PALARYN_WS_CONNECT_TIMEOUT, 10)
|
|
213
|
+
: 10000,
|
|
214
|
+
max_message_size_bytes: process.env.PALARYN_WS_MAX_MSG_SIZE
|
|
215
|
+
? parseInt(process.env.PALARYN_WS_MAX_MSG_SIZE, 10)
|
|
216
|
+
: 1024 * 1024,
|
|
217
|
+
} : undefined,
|
|
218
|
+
provider_intercept: process.env.PALARYN_PROVIDER_INTERCEPT_ENABLED === 'true' ? {
|
|
219
|
+
enabled: true,
|
|
220
|
+
provider_url_patterns: process.env.PALARYN_PROVIDER_URL_PATTERNS
|
|
221
|
+
? process.env.PALARYN_PROVIDER_URL_PATTERNS.split(',').map(s => s.trim())
|
|
222
|
+
: ['api\\.anthropic\\.com', 'api\\.openai\\.com', 'generativelanguage\\.googleapis\\.com'],
|
|
223
|
+
scan_inputs: process.env.PALARYN_PROVIDER_SCAN_INPUTS !== 'false',
|
|
224
|
+
scan_outputs: process.env.PALARYN_PROVIDER_SCAN_OUTPUTS !== 'false',
|
|
225
|
+
} : undefined,
|
|
164
226
|
},
|
|
165
227
|
approval: {
|
|
166
228
|
enabled: true,
|
|
@@ -200,19 +262,9 @@ exports.DEFAULT_CONFIG = {
|
|
|
200
262
|
? process.env.CORS_ORIGINS.split(',').map(s => s.trim())
|
|
201
263
|
: undefined,
|
|
202
264
|
oauth: {
|
|
203
|
-
enabled:
|
|
204
|
-
session_secret:
|
|
205
|
-
session_ttl_seconds:
|
|
206
|
-
google: process.env.GOOGLE_CLIENT_ID ? {
|
|
207
|
-
client_id: process.env.GOOGLE_CLIENT_ID,
|
|
208
|
-
client_secret: readSecret('GOOGLE_CLIENT_SECRET') || '',
|
|
209
|
-
redirect_uri: process.env.GOOGLE_REDIRECT_URI,
|
|
210
|
-
} : undefined,
|
|
211
|
-
github: process.env.GITHUB_CLIENT_ID ? {
|
|
212
|
-
client_id: process.env.GITHUB_CLIENT_ID,
|
|
213
|
-
client_secret: readSecret('GITHUB_CLIENT_SECRET') || '',
|
|
214
|
-
redirect_uri: process.env.GITHUB_REDIRECT_URI,
|
|
215
|
-
} : undefined,
|
|
265
|
+
enabled: false,
|
|
266
|
+
session_secret: '',
|
|
267
|
+
session_ttl_seconds: 604800,
|
|
216
268
|
},
|
|
217
269
|
stripe: readSecret('STRIPE_SECRET_KEY') ? {
|
|
218
270
|
secret_key: readSecret('STRIPE_SECRET_KEY'),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"defaults.js","sourceRoot":"","sources":["../../../src/config/defaults.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAiC;AACjC,uCAAyB;
|
|
1
|
+
{"version":3,"file":"defaults.js","sourceRoot":"","sources":["../../../src/config/defaults.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAiC;AACjC,uCAAyB;AAEzB,2DAAwD;AAExD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;AAE3D;;;;;;;;;GASG;AACH,SAAS,UAAU,CAAC,MAAc;IAChC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,OAAO,CAAC,CAAC;IAC/C,IAAI,QAAQ,EAAE,CAAC;QACb,IAAI,CAAC;YACH,OAAO,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;QACnD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,MAAM,IAAI,KAAK,CAAC,kCAAkC,MAAM,UAAU,QAAQ,MAAM,GAAG,EAAE,CAAC,CAAC;QACzF,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,aAAa,CAAC,MAAc;IACnC,MAAM,KAAK,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;IACjC,IAAI,KAAK;QAAE,OAAO,KAAK,CAAC;IACxB,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,QAAQ,MAAM,kCAAkC,CAAC,CAAC;IAC7E,CAAC;IACD,MAAM,SAAS,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,qBAAqB,MAAM,+CAA+C,MAAM,OAAO,MAAM,4BAA4B,CAAC,CAAC;IACxI,OAAO,SAAS,CAAC;AACnB,CAAC;AAEY,QAAA,cAAc,GAAkB;IAC3C,IAAI,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,MAAM,EAAE,EAAE,CAAC;IAC9C,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,SAAS;IACnC,IAAI,EAAE;QACJ,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,KAAK,OAAO;QAC7C,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC5B,aAAa,EAAE,EAAE,YAAY,EAAE,YAAY,EAAE,WAAW,EAAE,iBAAiB,EAAE;YAC7E,qEAAqE,EAAE,EAAE,YAAY,EAAE,sCAAsC,EAAE,WAAW,EAAE,iBAAiB,EAAE;SAChK;QACD,UAAU,EAAE,aAAa,CAAC,YAAY,CAAC;QACvC,GAAG,EAAE;YACH,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU;YAC9B,UAAU,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;YAC9B,eAAe,EAAE,cAAc;YAC/B,WAAW,EAAE,OAAO;YACpB,WAAW,EAAE,KAAK;SACnB;QACD,IAAI,EAAE;YACJ,OAAO,EAAE,KAAK,EAAG,sCAAsC;YACvD,KAAK,EAAE;gBACL,KAAK,EAAE;oBACL,WAAW,EAAE,mBAAmB;oBAChC,WAAW,EAAE,CAAC,YAAY,CAAC;iBAC5B;gBACD,QAAQ,EAAE;oBACR,WAAW,EAAE,wCAAwC;oBACrD,WAAW,EAAE,CAAC,cAAc,EAAE,iBAAiB,EAAE,YAAY,EAAE,aAAa,CAAC;iBAC9E;gBACD,QAAQ,EAAE;oBACR,WAAW,EAAE,kBAAkB;oBAC/B,WAAW,EAAE,CAAC,mBAAmB,EAAE,YAAY,EAAE,aAAa,CAAC;iBAChE;gBACD,KAAK,EAAE;oBACL,WAAW,EAAE,8BAA8B;oBAC3C,WAAW,EAAE,CAAC,cAAc,CAAC;iBAC9B;aACF;YACD,YAAY,EAAE,OAAO;SACtB;KACF;IACD,MAAM,EAAE;QACN,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,6BAA6B;QACxE,cAAc,EAAE,MAAM;QACtB,UAAU,EAAE,IAAI;KACjB;IACD,GAAG,EAAE;QACH,OAAO,EAAE,IAAI;QACb,SAAS,EAAE,IAAI;QACf,WAAW,EAAE,IAAI;QACjB,iBAAiB,EAAE,IAAI;QACvB,aAAa,EAAE,IAAI;QACnB,0BAA0B,EAAE,IAAI;QAChC,uBAAuB,EAAE,KAAK;QAC9B,gCAAgC,EAAE,MAAM;QACxC,yBAAyB,EAAE,MAAM;QACjC,wBAAwB,EAAE,MAAM;KACjC;IACD,MAAM,EAAE;QACN,eAAe,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe;YAC1C,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,GAAG;QACjD,qBAAqB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;YACtD,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC,IAAI;QACxD,uBAAuB,EAAE,OAAO,CAAC,GAAG,CAAC,uBAAuB;YAC1D,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,KAAK;QAC3D,0BAA0B,EAAE,OAAO,CAAC,GAAG,CAAC,0BAA0B;YAChE,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC,CAAC,CAAC,KAAK;QAC9D,4BAA4B,EAAE,OAAO,CAAC,GAAG,CAAC,4BAA4B;YACpE,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC,CAAC,CAAC,MAAM;QACjE,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB;YAC9C,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE;QACnD,oBAAoB,EAAE,CAAC;QACvB,iBAAiB,EAAE,MAAM;QACzB,aAAa,EAAE,6BAAa;KAC7B;IACD,KAAK,EAAE;QACL,OAAO,EAAE,IAAI;QACb,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,QAAQ;QAC9C,cAAc,EAAE,CAAC,YAAY;QAC7B,cAAc,EAAE,EAAE;KACnB;IACD,QAAQ,EAAE;QACR,IAAI,EAAE;YACJ,UAAU,EAAE,KAAK;YACjB,WAAW,EAAE,CAAC;YACd,eAAe,EAAE,IAAI;SACtB;QACD,KAAK,EAAE;YACL,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,MAAM;SACf;QACD,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,MAAM,CAAC,CAAC,CAAC;YACxD,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,WAAW;YAC1D,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,uBAAuB;gBACrD,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBACnE,CAAC,CAAC,SAAS;YACb,mBAAmB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;gBACpD,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,EAAE,CAAC;gBACjD,CAAC,CAAC,EAAE,GAAG,IAAI,GAAG,IAAI;SACrB,CAAC,CAAC,CAAC,SAAS;QACb,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB,KAAK,MAAM,CAAC,CAAC,CAAC;YAChD,OAAO,EAAE,IAAI;YACb,iBAAiB,EAAE,OAAO,CAAC,GAAG,CAAC,sBAAsB,IAAI,EAAE;YAC3D,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB;gBACzC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,EAAE,CAAC;gBAC/C,CAAC,CAAC,KAAK;YACT,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,OAAO;YACvD,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB;gBACxC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,EAAE,CAAC;gBAChD,CAAC,CAAC,IAAI;YACR,cAAc,EAAE,OAAO,CAAC,GAAG,CAAC,0BAA0B;gBACpD,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBACtE,CAAC,CAAC,SAAS;SACd,CAAC,CAAC,CAAC,SAAS;QACb,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB,KAAK,MAAM,CAAC,CAAC,CAAC;YACpD,OAAO,EAAE,IAAI;YACb,gBAAgB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;gBACjD,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBACjE,CAAC,CAAC,EAAE;YACN,gBAAgB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;gBACjD,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBACjE,CAAC,CAAC,SAAS;YACb,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;gBAC3C,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,EAAE,CAAC;gBACjD,CAAC,CAAC,KAAK;YACT,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB;YAClC,gBAAgB,EAAE,OAAO,CAAC,GAAG,CAAC,wBAAwB;gBACpD,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,EAAE,EAAE,CAAC;gBACpD,CAAC,CAAC,IAAI,GAAG,IAAI;SAChB,CAAC,CAAC,CAAC,SAAS;QACb,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,MAAM,CAAC,CAAC,CAAC;YACrD,OAAO,EAAE,IAAI;YACb,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,uBAAuB;gBAC/C,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBACnE,CAAC,CAAC,EAAE;YACN,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,0BAA0B;gBACxD,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,0BAA0B,EAAE,EAAE,CAAC;gBACtD,CAAC,CAAC,KAAK;YACT,sBAAsB,EAAE,OAAO,CAAC,GAAG,CAAC,uBAAuB;gBACzD,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,EAAE,EAAE,CAAC;gBACnD,CAAC,CAAC,IAAI,GAAG,IAAI;SAChB,CAAC,CAAC,CAAC,SAAS;QACb,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,kCAAkC,KAAK,MAAM,CAAC,CAAC,CAAC;YAC9E,OAAO,EAAE,IAAI;YACb,qBAAqB,EAAE,OAAO,CAAC,GAAG,CAAC,6BAA6B;gBAC9D,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBACzE,CAAC,CAAC,CAAC,uBAAuB,EAAE,oBAAoB,EAAE,uCAAuC,CAAC;YAC5F,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,4BAA4B,KAAK,OAAO;YACjE,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,6BAA6B,KAAK,OAAO;SACpE,CAAC,CAAC,CAAC,SAAS;KACd;IACD,QAAQ,EAAE;QACR,OAAO,EAAE,IAAI;QACb,YAAY,EAAE,aAAa,CAAC,iBAAiB,CAAC;QAC9C,mBAAmB,EAAE,IAAI;KAC1B;IACD,UAAU,EAAE;QACV,OAAO,EAAE,IAAI;QACb,oBAAoB,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB;YACpD,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG;QACxD,wBAAwB,EAAE,OAAO,CAAC,GAAG,CAAC,wBAAwB;YAC5D,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG;QAC5D,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB;YACzC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK;KAC3D;IACD,OAAO,EAAE;QACP,OAAO,EAAE,IAAI;QACb,SAAS,EAAE,MAAM,EAAE,sCAAsC;QACzD,iBAAiB,EAAE,CAAC,EAAE,qCAAqC;QAC3D,WAAW,EAAE,CAAC,EAAQ,qDAAqD;QAC3E,MAAM,EAAE,MAAM,EAAQ,4DAA4D;QAClF,YAAY,EAAE,IAAI;QAClB,WAAW,EAAE,IAAI;QACjB,gBAAgB,EAAE,IAAI;KACvB;IACD,KAAK,EAAE;QACL,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,MAAM;QAC7C,IAAI,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,MAAM,EAAE,EAAE,CAAC;QACpD,mBAAmB,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB;YACxD,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YACrE,CAAC,CAAC,SAAS;QACb,oBAAoB,EAAE,OAAO,CAAC,GAAG,CAAC,oBAAoB;QACtD,gBAAgB,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC9C,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,OAAO;KACzD;IACD,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY;QACpC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACxD,CAAC,CAAC,SAAS;IACb,KAAK,EAAE;QACL,OAAO,EAAE,KAAK;QACd,cAAc,EAAE,EAAE;QAClB,mBAAmB,EAAE,MAAM;KAC5B;IACD,MAAM,EAAE,UAAU,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC;QACxC,UAAU,EAAE,UAAU,CAAC,mBAAmB,CAAE;QAC5C,cAAc,EAAE,UAAU,CAAC,uBAAuB,CAAC,IAAI,EAAE;QACzD,SAAS,EAAE;YACT,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,wBAAwB,IAAI,EAAE;YACvD,gBAAgB,EAAE,OAAO,CAAC,GAAG,CAAC,6BAA6B,IAAI,EAAE;SAClE;QACD,oBAAoB,EAAE,OAAO,CAAC,GAAG,CAAC,2BAA2B;QAC7D,mBAAmB,EAAE,OAAO,CAAC,GAAG,CAAC,0BAA0B;QAC3D,iBAAiB,EAAE,OAAO,CAAC,GAAG,CAAC,wBAAwB;KACxD,CAAC,CAAC,CAAC,SAAS;IACb,QAAQ,EAAE;QACR,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,MAAM;QAChD,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,YAAY;KAC5D;IACD,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,MAAM,CAAC,CAAC,CAAC;QACpD,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB;QACxC,gBAAgB,EAAE,OAAO,CAAC,GAAG,CAAC,0BAA0B;YACtD,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,0BAA0B,EAAE,EAAE,CAAC;YACtD,CAAC,CAAC,SAAS;QACb,iBAAiB,EAAE,OAAO,CAAC,GAAG,CAAC,2BAA2B;YACxD,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,EAAE,CAAC;YACvD,CAAC,CAAC,SAAS;KACd,CAAC,CAAC,CAAC,SAAS;CACd,CAAC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { DLPPattern } from './patterns';
|
|
2
|
+
export declare const SHELL_INJECTION_PATTERNS: DLPPattern[];
|
|
3
|
+
export declare const PATH_TRAVERSAL_PATTERNS: DLPPattern[];
|
|
4
|
+
export declare const SQL_INJECTION_PATTERNS: DLPPattern[];
|
|
5
|
+
/** All tool-specific DLP patterns combined */
|
|
6
|
+
export declare const TOOL_DLP_PATTERNS: DLPPattern[];
|
|
7
|
+
//# sourceMappingURL=tool-patterns.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tool-patterns.d.ts","sourceRoot":"","sources":["../../../src/dlp/tool-patterns.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAGxC,eAAO,MAAM,wBAAwB,EAAE,UAAU,EAOhD,CAAC;AAGF,eAAO,MAAM,uBAAuB,EAAE,UAAU,EAK/C,CAAC;AAGF,eAAO,MAAM,sBAAsB,EAAE,UAAU,EAM9C,CAAC;AAEF,8CAA8C;AAC9C,eAAO,MAAM,iBAAiB,EAAE,UAAU,EAIzC,CAAC"}
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.TOOL_DLP_PATTERNS = exports.SQL_INJECTION_PATTERNS = exports.PATH_TRAVERSAL_PATTERNS = exports.SHELL_INJECTION_PATTERNS = void 0;
|
|
4
|
+
// Shell injection patterns
|
|
5
|
+
exports.SHELL_INJECTION_PATTERNS = [
|
|
6
|
+
{ name: 'shell_pipe', pattern: /\|/g, severity: 'medium' },
|
|
7
|
+
{ name: 'shell_subshell', pattern: /\$\(|\`/g, severity: 'high' },
|
|
8
|
+
{ name: 'shell_redirect', pattern: /[><]{1,2}/g, severity: 'medium' },
|
|
9
|
+
{ name: 'shell_semicolon', pattern: /;\s*\w/g, severity: 'high' },
|
|
10
|
+
{ name: 'shell_background', pattern: /&\s*$/g, severity: 'medium' },
|
|
11
|
+
{ name: 'shell_env_expansion', pattern: /\$\{[^}]+\}/g, severity: 'medium' },
|
|
12
|
+
];
|
|
13
|
+
// Path traversal patterns
|
|
14
|
+
exports.PATH_TRAVERSAL_PATTERNS = [
|
|
15
|
+
{ name: 'path_traversal', pattern: /\.\.\//g, severity: 'high' },
|
|
16
|
+
{ name: 'path_traversal_encoded', pattern: /%2e%2e%2f/gi, severity: 'high' },
|
|
17
|
+
{ name: 'path_null_byte', pattern: /%00/g, severity: 'high' },
|
|
18
|
+
{ name: 'path_absolute_unix', pattern: /^\/(?:etc|proc|sys|dev|root|var\/log)\//g, severity: 'high' },
|
|
19
|
+
];
|
|
20
|
+
// SQL injection patterns
|
|
21
|
+
exports.SQL_INJECTION_PATTERNS = [
|
|
22
|
+
{ name: 'sql_union_select', pattern: /UNION\s+(?:ALL\s+)?SELECT/gi, severity: 'high' },
|
|
23
|
+
{ name: 'sql_stacked_query', pattern: /;\s*(?:SELECT|INSERT|UPDATE|DELETE|DROP|ALTER|CREATE)\b/gi, severity: 'high' },
|
|
24
|
+
{ name: 'sql_comment_injection', pattern: /(?:--|#|\/\*)/g, severity: 'medium' },
|
|
25
|
+
{ name: 'sql_sleep_benchmark', pattern: /(?:SLEEP|BENCHMARK|WAITFOR\s+DELAY)\s*\(/gi, severity: 'high' },
|
|
26
|
+
{ name: 'sql_info_schema', pattern: /INFORMATION_SCHEMA/gi, severity: 'high' },
|
|
27
|
+
];
|
|
28
|
+
/** All tool-specific DLP patterns combined */
|
|
29
|
+
exports.TOOL_DLP_PATTERNS = [
|
|
30
|
+
...exports.SHELL_INJECTION_PATTERNS,
|
|
31
|
+
...exports.PATH_TRAVERSAL_PATTERNS,
|
|
32
|
+
...exports.SQL_INJECTION_PATTERNS,
|
|
33
|
+
];
|
|
34
|
+
//# sourceMappingURL=tool-patterns.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tool-patterns.js","sourceRoot":"","sources":["../../../src/dlp/tool-patterns.ts"],"names":[],"mappings":";;;AAEA,2BAA2B;AACd,QAAA,wBAAwB,GAAiB;IACpD,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAC1D,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE;IACjE,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,QAAQ,EAAE;IACrE,EAAE,IAAI,EAAE,iBAAiB,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE;IACjE,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE;IACnE,EAAE,IAAI,EAAE,qBAAqB,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,QAAQ,EAAE;CAC7E,CAAC;AAEF,0BAA0B;AACb,QAAA,uBAAuB,GAAiB;IACnD,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE;IAChE,EAAE,IAAI,EAAE,wBAAwB,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC5E,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC7D,EAAE,IAAI,EAAE,oBAAoB,EAAE,OAAO,EAAE,0CAA0C,EAAE,QAAQ,EAAE,MAAM,EAAE;CACtG,CAAC;AAEF,yBAAyB;AACZ,QAAA,sBAAsB,GAAiB;IAClD,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,6BAA6B,EAAE,QAAQ,EAAE,MAAM,EAAE;IACtF,EAAE,IAAI,EAAE,mBAAmB,EAAE,OAAO,EAAE,2DAA2D,EAAE,QAAQ,EAAE,MAAM,EAAE;IACrH,EAAE,IAAI,EAAE,uBAAuB,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAChF,EAAE,IAAI,EAAE,qBAAqB,EAAE,OAAO,EAAE,4CAA4C,EAAE,QAAQ,EAAE,MAAM,EAAE;IACxG,EAAE,IAAI,EAAE,iBAAiB,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,MAAM,EAAE;CAC/E,CAAC;AAEF,8CAA8C;AACjC,QAAA,iBAAiB,GAAiB;IAC7C,GAAG,gCAAwB;IAC3B,GAAG,+BAAuB;IAC1B,GAAG,8BAAsB;CAC1B,CAAC"}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import { ToolCall } from '../types/tool-call';
|
|
2
|
+
import { ToolOutput } from '../types/tool-result';
|
|
3
|
+
import { ToolExecutor } from './interfaces';
|
|
4
|
+
import { FilesystemExecutorConfig } from '../types/config';
|
|
5
|
+
/**
|
|
6
|
+
* Filesystem executor for sandboxed file operations.
|
|
7
|
+
* Handles tool calls with tool name `file.*` (e.g., file.read, file.write).
|
|
8
|
+
* All paths are resolved relative to and contained within base_dir.
|
|
9
|
+
*/
|
|
10
|
+
export declare class FilesystemExecutor implements ToolExecutor {
|
|
11
|
+
private config;
|
|
12
|
+
private resolvedBaseDir;
|
|
13
|
+
constructor(config: FilesystemExecutorConfig);
|
|
14
|
+
execute(toolCall: ToolCall): Promise<ToolOutput>;
|
|
15
|
+
private resolveAction;
|
|
16
|
+
/**
|
|
17
|
+
* Resolve and validate a path, ensuring it stays within base_dir.
|
|
18
|
+
* Prevents path traversal attacks.
|
|
19
|
+
*/
|
|
20
|
+
private resolveSafePath;
|
|
21
|
+
private checkExtension;
|
|
22
|
+
private read;
|
|
23
|
+
private write;
|
|
24
|
+
private delete;
|
|
25
|
+
private list;
|
|
26
|
+
private stat;
|
|
27
|
+
}
|
|
28
|
+
//# sourceMappingURL=filesystem-executor.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"filesystem-executor.d.ts","sourceRoot":"","sources":["../../../src/executor/filesystem-executor.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,wBAAwB,EAAE,MAAM,iBAAiB,CAAC;AAE3D;;;;GAIG;AACH,qBAAa,kBAAmB,YAAW,YAAY;IACrD,OAAO,CAAC,MAAM,CAA2B;IACzC,OAAO,CAAC,eAAe,CAAS;gBAEpB,MAAM,EAAE,wBAAwB;IAKtC,OAAO,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC;IAmBtD,OAAO,CAAC,aAAa;IAcrB;;;OAGG;IACH,OAAO,CAAC,eAAe;IAQvB,OAAO,CAAC,cAAc;YAUR,IAAI;YAsBJ,KAAK;YAmCL,MAAM;YAmBN,IAAI;YAqBJ,IAAI;CAsBnB"}
|