seclaw-agent 0.1.0

package/dist/agent/security/snapshot_and_rollback/docker_snapshot.js

@@ -0,0 +1,358 @@
+"use strict";
+/**
+ * Docker snapshot manager
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DockerSnapshotManager = void 0;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
+const child_process_1 = require("child_process");
+const logger_1 = __importDefault(require("../../../utils/logger"));
+const MAX_SNAPSHOTS = 10;
+class DockerSnapshotManager {
+    containerName;
+    workspace;
+    imagePrefix;
+    maxSnapshots;
+    hostBackend;
+    hostDirs;
+    manifestDir;
+    manifestPath;
+    legacyManifestPath;
+    constructor(opts) {
+        this.containerName = opts.containerName;
+        this.workspace = opts.workspace;
+        this.imagePrefix = opts.imagePrefix ?? "snapshot";
+        this.maxSnapshots = opts.maxSnapshots ?? MAX_SNAPSHOTS;
+        this.hostBackend = opts.hostBackend;
+        this.hostDirs = opts.hostDirs ?? [];
+        this.manifestDir = path.join(os.homedir(), ".seclaw", "snapshots");
+        this.manifestPath = path.join(this.manifestDir, "docker_snapshots.json");
+        this.legacyManifestPath = path.join(path.dirname(this.workspace), "snapshots", "docker_snapshots.json");
+    }
+    _runCommandAsync(command, args, timeoutMs = 0) {
+        return new Promise((resolve) => {
+            let settled = false;
+            let stdout = "";
+            let stderr = "";
+            let timedOut = false;
+            let timer = null;
+            const child = (0, child_process_1.spawn)(command, args, { stdio: ["ignore", "pipe", "pipe"] });
+            const finish = (result) => {
+                if (settled)
+                    return;
+                settled = true;
+                if (timer)
+                    clearTimeout(timer);
+                resolve(result);
+            };
+            if (timeoutMs > 0) {
+                timer = setTimeout(() => {
+                    timedOut = true;
+                    try {
+                        child.kill("SIGTERM");
+                    }
+                    catch {
+                        // ignore
+                    }
+                    const killTimer = setTimeout(() => {
+                        if (child.killed)
+                            return;
+                        try {
+                            child.kill("SIGKILL");
+                        }
+                        catch {
+                            // ignore
+                        }
+                    }, 1000);
+                    killTimer.unref();
+                }, timeoutMs);
+                timer.unref();
+            }
+            child.stdout?.on("data", (chunk) => {
+                stdout += chunk.toString();
+            });
+            child.stderr?.on("data", (chunk) => {
+                stderr += chunk.toString();
+            });
+            child.on("error", (err) => {
+                const nextErr = stderr ? `${stderr}\n${String(err)}` : String(err);
+                finish({ status: null, stdout, stderr: nextErr, timedOut, signal: null });
+            });
+            child.on("close", (code, signal) => {
+                finish({ status: code, stdout, stderr, timedOut, signal });
+            });
+        });
+    }
+    _appendSnapshotEntry(opts) {
+        const manifest = this._loadManifest();
+        manifest.push({
+            tag: opts.tag,
+            imageId: opts.imageId,
+            timestamp: opts.timestamp,
+            label: opts.label,
+            restoreCmd: opts.runCmd,
+            restore_cmd: opts.runCmd,
+            hostSnapId: opts.hostSnapId,
+            host_snap_id: opts.hostSnapId,
+            hostDirs: this.hostDirs,
+            host_dirs: this.hostDirs,
+        });
+        this._prune(manifest);
+        this._saveManifest(manifest);
+    }
+    takeSnapshot(label = "", runCmdFactory) {
+        const now = new Date();
+        const pad = (value) => String(value).padStart(2, "0");
+        const ts = `${now.getFullYear()}${pad(now.getMonth() + 1)}${pad(now.getDate())}_${pad(now.getHours())}${pad(now.getMinutes())}${pad(now.getSeconds())}`;
+        const tag = `${this.imagePrefix}:snap_${ts}`;
+        logger_1.default.info(`Taking Docker snapshot: docker commit ${this.containerName} ${tag}`);
+        const result = (0, child_process_1.spawnSync)("docker", ["commit", this.containerName, tag], {
+            encoding: "utf-8",
+            timeout: 60000,
+        });
+        if (result.status !== 0) {
+            logger_1.default.error(`docker commit failed (exit ${result.status}): ${result.stderr?.trim()}`);
+            return null;
+        }
+        const imageId = result.stdout.trim();
+        logger_1.default.info(`Snapshot created: ${tag} (${imageId.slice(0, 12) || "unknown"})`);
+        const runCmd = runCmdFactory ? runCmdFactory(tag) : undefined;
+        let hostSnapId;
+        if (this.hostBackend && this.hostDirs.length > 0) {
+            try {
+                hostSnapId = this.hostBackend.takeSnapshot(this.hostDirs) ?? undefined;
+                if (hostSnapId)
+                    logger_1.default.info(`Host snapshot created: ${hostSnapId}`);
+                else
+                    logger_1.default.warn("Host snapshot failed; docker snapshot still saved");
+            }
+            catch (e) {
+                logger_1.default.warn(`Host snapshot raised an exception: ${e}`);
+            }
+        }
+        this._appendSnapshotEntry({
+            tag,
+            imageId,
+            timestamp: ts,
+            label,
+            runCmd,
+            hostSnapId,
+        });
+        return tag;
+    }
+    async takeSnapshotAsync(label = "", runCmdFactory) {
+        const now = new Date();
+        const pad = (value) => String(value).padStart(2, "0");
+        const ts = `${now.getFullYear()}${pad(now.getMonth() + 1)}${pad(now.getDate())}_${pad(now.getHours())}${pad(now.getMinutes())}${pad(now.getSeconds())}`;
+        const tag = `${this.imagePrefix}:snap_${ts}`;
+        logger_1.default.info(`Taking Docker snapshot: docker commit ${this.containerName} ${tag}`);
+        const result = await this._runCommandAsync("docker", ["commit", this.containerName, tag], 60000);
+        if (result.status !== 0) {
+            const reason = result.timedOut ? "timeout" : `exit ${result.status}`;
+            logger_1.default.error(`docker commit failed (${reason}): ${result.stderr?.trim()}`);
+            return null;
+        }
+        const imageId = result.stdout.trim();
+        logger_1.default.info(`Snapshot created: ${tag} (${imageId.slice(0, 12) || "unknown"})`);
+        const runCmd = runCmdFactory ? runCmdFactory(tag) : undefined;
+        let hostSnapId;
+        if (this.hostBackend && this.hostDirs.length > 0) {
+            try {
+                hostSnapId = this.hostBackend.takeSnapshot(this.hostDirs) ?? undefined;
+                if (hostSnapId)
+                    logger_1.default.info(`Host snapshot created: ${hostSnapId}`);
+                else
+                    logger_1.default.warn("Host snapshot failed; docker snapshot still saved");
+            }
+            catch (e) {
+                logger_1.default.warn(`Host snapshot raised an exception: ${e}`);
+            }
+        }
+        this._appendSnapshotEntry({
+            tag,
+            imageId,
+            timestamp: ts,
+            label,
+            runCmd,
+            hostSnapId,
+        });
+        return tag;
+    }
+    restoreSnapshot(tag, restoreCmdFactory) {
+        const manifest = this._loadManifest();
+        const normalizedTag = tag.trim();
+        let entry = manifest.find((e) => e.tag === normalizedTag);
+        if (!entry && !normalizedTag.endsWith(".")) {
+            entry = manifest.find((e) => e.tag === `${normalizedTag}.`);
+        }
+        if (!entry)
+            throw new Error(`Snapshot '${normalizedTag}' not found in manifest`);
+        const restoreCmd = this._getRestoreCmd(entry) ?? restoreCmdFactory?.(entry.tag);
+        if (!restoreCmd) {
+            throw new Error(`Snapshot '${entry.tag}' has no restore_cmd stored. Snapshots taken before this fix must be restored manually.`);
+        }
+        if (!this._getRestoreCmd(entry)) {
+            entry.restoreCmd = restoreCmd;
+            entry.restore_cmd = restoreCmd;
+            this._saveManifest(manifest);
+        }
+        let containerName = "seclaw";
+        const nameIdx = restoreCmd.indexOf("--name");
+        if (nameIdx >= 0 && restoreCmd[nameIdx + 1]) {
+            containerName = restoreCmd[nameIdx + 1];
+        }
+        logger_1.default.info(`Restoring snapshot: stopping and removing container '${containerName}'`);
+        (0, child_process_1.spawnSync)("docker", ["stop", containerName], { encoding: "utf-8" });
+        (0, child_process_1.spawnSync)("docker", ["rm", "-f", containerName], { encoding: "utf-8" });
+        const hostSnapId = this._getHostSnapId(entry);
+        const hostDirs = this._getHostDirs(entry);
+        if (this.hostBackend && hostSnapId && hostDirs?.length) {
+            const currentManifest = this._loadManifest();
+            const ok = this.hostBackend.restoreSnapshot(hostSnapId, hostDirs);
+            if (ok)
+                logger_1.default.info(`Host snapshot '${hostSnapId}' restored`);
+            else
+                logger_1.default.warn(`Host snapshot '${hostSnapId}' restore failed`);
+            this._saveManifest(currentManifest);
+        }
+        logger_1.default.info(`Restoring snapshot: running ${entry.tag}`);
+        const result = (0, child_process_1.spawnSync)(restoreCmd[0], restoreCmd.slice(1), { encoding: "utf-8" });
+        if (result.status !== 0)
+            throw new Error(`Failed to restore snapshot '${entry.tag}': ${result.stderr?.trim()}`);
+        logger_1.default.info(`Snapshot '${entry.tag}' restored successfully as container '${containerName}'`);
+    }
+    listSnapshots() {
+        return [...this._loadManifest()].reverse();
+    }
+    getManifestPath() {
+        return this.manifestPath;
+    }
+    deleteSnapshot(tag) {
+        const manifest = this._loadManifest();
+        const entry = manifest.find((e) => e.tag === tag);
+        if (!entry)
+            return false;
+        if (entry.tag) {
+            (0, child_process_1.spawnSync)("docker", ["rmi", entry.tag], { encoding: "utf-8", timeout: 30000 });
+            logger_1.default.info(`Deleted docker image: ${entry.tag}`);
+        }
+        const hostSnapId = this._getHostSnapId(entry);
+        const hostDirs = this._getHostDirs(entry);
+        if (this.hostBackend && hostSnapId) {
+            this.hostBackend.deleteSnapshot(hostSnapId, hostDirs);
+            logger_1.default.info(`Deleted host snapshot: ${hostSnapId}`);
+        }
+        this._saveManifest(manifest.filter((e) => e.tag !== tag));
+        return true;
+    }
+    _loadManifest() {
+        const primary = this._readManifest(this.manifestPath);
+        const legacy = this._readManifest(this.legacyManifestPath);
+        if (primary.length === 0 && legacy.length > 0) {
+            this._saveManifest(legacy);
+            logger_1.default.info(`Migrated snapshot manifest to ${this.manifestPath}`);
+            return legacy;
+        }
+        if (primary.length > 0 && legacy.length > 0) {
+            const mergedByTag = new Map();
+            for (const item of legacy)
+                mergedByTag.set(item.tag, item);
+            for (const item of primary)
+                mergedByTag.set(item.tag, item);
+            const merged = Array.from(mergedByTag.values());
+            if (merged.length !== primary.length) {
+                this._saveManifest(merged);
+                logger_1.default.info(`Merged legacy snapshot entries into ${this.manifestPath}`);
+            }
+            return merged;
+        }
+        return primary;
+    }
+    _readManifest(manifestPath) {
+        if (!fs.existsSync(manifestPath))
+            return [];
+        try {
+            return JSON.parse(fs.readFileSync(manifestPath, "utf-8"));
+        }
+        catch (e) {
+            logger_1.default.warn(`Failed to load snapshot manifest ${manifestPath}: ${e}`);
+            return [];
+        }
+    }
+    _saveManifest(manifest) {
+        try {
+            fs.mkdirSync(this.manifestDir, { recursive: true });
+            fs.writeFileSync(this.manifestPath, JSON.stringify(manifest, null, 2), "utf-8");
+        }
+        catch (e) {
+            logger_1.default.warn(`Failed to save snapshot manifest: ${e}`);
+        }
+    }
+    _prune(manifest) {
+        while (manifest.length > this.maxSnapshots) {
+            const oldest = manifest.shift();
+            if (oldest.tag) {
+                try {
+                    (0, child_process_1.spawnSync)("docker", ["rmi", oldest.tag], { encoding: "utf-8", timeout: 30000 });
+                }
+                catch (e) {
+                    logger_1.default.warn(`Failed to remove old snapshot image ${oldest.tag}: ${e}`);
+                }
+            }
+            const hostSnapId = this._getHostSnapId(oldest);
+            const hostDirs = this._getHostDirs(oldest);
+            if (this.hostBackend && hostSnapId) {
+                this.hostBackend.deleteSnapshot(hostSnapId, hostDirs);
+            }
+        }
+    }
+    _getRestoreCmd(entry) {
+        return entry.restoreCmd ?? entry.restore_cmd;
+    }
+    _getHostSnapId(entry) {
+        return entry.hostSnapId ?? entry.host_snap_id;
+    }
+    _getHostDirs(entry) {
+        return entry.hostDirs ?? entry.host_dirs;
+    }
+}
+exports.DockerSnapshotManager = DockerSnapshotManager;
+//# sourceMappingURL=docker_snapshot.js.map

package/dist/agent/security/snapshot_and_rollback/docker_snapshot.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"docker_snapshot.js","sourceRoot":"","sources":["../../../../src/agent/security/snapshot_and_rollback/docker_snapshot.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAC7B,uCAAyB;AACzB,iDAAiD;AACjD,mEAA2C;AAG3C,MAAM,aAAa,GAAG,EAAE,CAAC;AAuBzB,MAAa,qBAAqB;IACxB,aAAa,CAAS;IACtB,SAAS,CAAS;IAClB,WAAW,CAAS;IACpB,YAAY,CAAS;IACrB,WAAW,CAA8B;IACzC,QAAQ,CAAW;IACnB,WAAW,CAAS;IACpB,YAAY,CAAS;IACrB,kBAAkB,CAAS;IAEnC,YAAY,IAOX;QACC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC;QACxC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAChC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,UAAU,CAAC;QAClD,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,IAAI,aAAa,CAAC;QACvD,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;QACpC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC;QACpC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;QACnE,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,uBAAuB,CAAC,CAAC;QACzE,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,WAAW,EAAE,uBAAuB,CAAC,CAAC;IAC1G,CAAC;IAEO,gBAAgB,CAAC,OAAe,EAAE,IAAc,EAAE,SAAS,GAAG,CAAC;QACrE,OAAO,IAAI,OAAO,CAAqB,CAAC,OAAO,EAAE,EAAE;YACjD,IAAI,OAAO,GAAG,KAAK,CAAC;YACpB,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,QAAQ,GAAG,KAAK,CAAC;YACrB,IAAI,KAAK,GAA0B,IAAI,CAAC;YAExC,MAAM,KAAK,GAAG,IAAA,qBAAK,EAAC,OAAO,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;YAE1E,MAAM,MAAM,GAAG,CAAC,MAA0B,EAAQ,EAAE;gBAClD,IAAI,OAAO;oBAAE,OAAO;gBACpB,OAAO,GAAG,IAAI,CAAC;gBACf,IAAI,KAAK;oBAAE,YAAY,CAAC,KAAK,CAAC,CAAC;gBAC/B,OAAO,CAAC,MAAM,CAAC,CAAC;YAClB,CAAC,CAAC;YAEF,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;gBAClB,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;oBACtB,QAAQ,GAAG,IAAI,CAAC;oBAChB,IAAI,CAAC;wBACH,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;oBACxB,CAAC;oBAAC,MAAM,CAAC;wBACP,SAAS;oBACX,CAAC;oBACD,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;wBAChC,IAAI,KAAK,CAAC,MAAM;4BAAE,OAAO;wBACzB,IAAI,CAAC;4BACH,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;wBACxB,CAAC;wBAAC,MAAM,CAAC;4BACP,SAAS;wBACX,CAAC;oBACH,CAAC,EAAE,IAAI,CAAC,CAAC;oBACT,SAAS,CAAC,KAAK,EAAE,CAAC;gBACpB,CAAC,EAAE,SAAS,CAAC,CAAC;gBACd,KAAK,CAAC,KAAK,EAAE,CAAC;YAChB,CAAC;YAED,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,KAAsB,EAAE,EAAE;gBAClD,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC7B,CAAC,CAAC,CAAC;YACH,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,KAAsB,EAAE,EAAE;gBAClD,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC7B,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;gBAC/B,MAAM,OAAO,GAAG,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,KAAK,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBACnE,MAAM,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;YAC5E,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAmB,EAAE,MAA6B,EAAE,EAAE;gBACvE,MAAM,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;YAC7D,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,oBAAoB,CAAC,IAO5B;QACC,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACtC,QAAQ,CAAC,IAAI,CAAC;YACZ,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,UAAU,EAAE,IAAI,CAAC,MAAM;YACvB,WAAW,EAAE,IAAI,CAAC,MAAM;YACxB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,YAAY,EAAE,IAAI,CAAC,UAAU;YAC7B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,SAAS,EAAE,IAAI,CAAC,QAAQ;SACzB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACtB,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;IAC/B,CAAC;IAED,YAAY,CAAC,KAAK,GAAG,EAAE,EAAE,aAAyC;QAChE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,CAAC,KAAa,EAAU,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACtE,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,EAAE,CAAC;QACxJ,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,WAAW,SAAS,EAAE,EAAE,CAAC;QAE7C,gBAAM,CAAC,IAAI,CAAC,yCAAyC,IAAI,CAAC,aAAa,IAAI,GAAG,EAAE,CAAC,CAAC;QAClF,MAAM,MAAM,GAAG,IAAA,yBAAS,EAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG,CAAC,EAAE;YACtE,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,KAAK;SACf,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,gBAAM,CAAC,KAAK,CAAC,8BAA8B,MAAM,CAAC,MAAM,MAAM,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;YACvF,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACrC,gBAAM,CAAC,IAAI,CAAC,qBAAqB,GAAG,KAAK,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,SAAS,GAAG,CAAC,CAAC;QAE/E,MAAM,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE9D,IAAI,UAA8B,CAAC;QACnC,IAAI,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjD,IAAI,CAAC;gBACH,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC;gBACvE,IAAI,UAAU;oBAAE,gBAAM,CAAC,IAAI,CAAC,0BAA0B,UAAU,EAAE,CAAC,CAAC;;oBAC/D,gBAAM,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;YACxE,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,gBAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,EAAE,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;QAED,IAAI,CAAC,oBAAoB,CAAC;YACxB,GAAG;YACH,OAAO;YACP,SAAS,EAAE,EAAE;YACb,KAAK;YACL,MAAM;YACN,UAAU;SACX,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAAK,GAAG,EAAE,EAAE,aAAyC;QAC3E,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,CAAC,KAAa,EAAU,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACtE,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,GAAG,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,EAAE,CAAC;QACxJ,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,WAAW,SAAS,EAAE,EAAE,CAAC;QAE7C,gBAAM,CAAC,IAAI,CAAC,yCAAyC,IAAI,CAAC,aAAa,IAAI,GAAG,EAAE,CAAC,CAAC;QAClF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC;QAEjG,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,MAAM,CAAC,MAAM,EAAE,CAAC;YACrE,gBAAM,CAAC,KAAK,CAAC,yBAAyB,MAAM,MAAM,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;YAC3E,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACrC,gBAAM,CAAC,IAAI,CAAC,qBAAqB,GAAG,KAAK,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,SAAS,GAAG,CAAC,CAAC;QAE/E,MAAM,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE9D,IAAI,UAA8B,CAAC;QACnC,IAAI,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjD,IAAI,CAAC;gBACH,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC;gBACvE,IAAI,UAAU;oBAAE,gBAAM,CAAC,IAAI,CAAC,0BAA0B,UAAU,EAAE,CAAC,CAAC;;oBAC/D,gBAAM,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;YACxE,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,gBAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,EAAE,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;QAED,IAAI,CAAC,oBAAoB,CAAC;YACxB,GAAG;YACH,OAAO;YACP,SAAS,EAAE,EAAE;YACb,KAAK;YACL,MAAM;YACN,UAAU;SACX,CAAC,CAAC;QACH,OAAO,GAAG,CAAC;IACb,CAAC;IAED,eAAe,CAAC,GAAW,EAAE,iBAA6C;QACxE,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACtC,MAAM,aAAa,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;QACjC,IAAI,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,aAAa,CAAC,CAAC;QAC1D,IAAI,CAAC,KAAK,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC3C,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,aAAa,GAAG,CAAC,CAAC;QAC9D,CAAC;QACD,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,aAAa,aAAa,yBAAyB,CAAC,CAAC;QAEjF,MAAM,UAAU,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,IAAI,iBAAiB,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAChF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CACb,aAAa,KAAK,CAAC,GAAG,yFAAyF,CAChH,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,EAAE,CAAC;YAChC,KAAK,CAAC,UAAU,GAAG,UAAU,CAAC;YAC9B,KAAK,CAAC,WAAW,GAAG,UAAU,CAAC;YAC/B,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;QAC/B,CAAC;QAED,IAAI,aAAa,GAAG,QAAQ,CAAC;QAC7B,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC7C,IAAI,OAAO,IAAI,CAAC,IAAI,UAAU,CAAC,OAAO,GAAG,CAAC,CAAC,EAAE,CAAC;YAC5C,aAAa,GAAG,UAAU,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC;QAC1C,CAAC;QAED,gBAAM,CAAC,IAAI,CAAC,wDAAwD,aAAa,GAAG,CAAC,CAAC;QACtF,IAAA,yBAAS,EAAC,QAAQ,EAAE,CAAC,MAAM,EAAE,aAAa,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;QACpE,IAAA,yBAAS,EAAC,QAAQ,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,aAAa,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;QAExE,MAAM,UAAU,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;QAC9C,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;QAC1C,IAAI,IAAI,CAAC,WAAW,IAAI,UAAU,IAAI,QAAQ,EAAE,MAAM,EAAE,CAAC;YACvD,MAAM,eAAe,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;YAC7C,MAAM,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;YAClE,IAAI,EAAE;gBAAE,gBAAM,CAAC,IAAI,CAAC,kBAAkB,UAAU,YAAY,CAAC,CAAC;;gBACzD,gBAAM,CAAC,IAAI,CAAC,kBAAkB,UAAU,kBAAkB,CAAC,CAAC;YACjE,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;QACtC,CAAC;QAED,gBAAM,CAAC,IAAI,CAAC,+BAA+B,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;QACxD,MAAM,MAAM,GAAG,IAAA,yBAAS,EAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;QACpF,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,KAAK,CAAC,GAAG,MAAM,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;QAChH,gBAAM,CAAC,IAAI,CAAC,aAAa,KAAK,CAAC,GAAG,yCAAyC,aAAa,GAAG,CAAC,CAAC;IAC/F,CAAC;IAED,aAAa;QACX,OAAO,CAAC,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;IAC7C,CAAC;IAED,eAAe;QACb,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAED,cAAc,CAAC,GAAW;QACxB,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACtC,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;QAClD,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QAEzB,IAAI,KAAK,CAAC,GAAG,EAAE,CAAC;YACd,IAAA,yBAAS,EAAC,QAAQ,EAAE,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;YAC/E,gBAAM,CAAC,IAAI,CAAC,yBAAyB,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;QAC9C,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;QAC1C,IAAI,IAAI,CAAC,WAAW,IAAI,UAAU,EAAE,CAAC;YACnC,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;YACtD,gBAAM,CAAC,IAAI,CAAC,0BAA0B,UAAU,EAAE,CAAC,CAAC;QACtD,CAAC;QAED,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC,CAAC;QAC1D,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,aAAa;QACnB,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QACtD,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAE3D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9C,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;YAC3B,gBAAM,CAAC,IAAI,CAAC,iCAAiC,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;YAClE,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5C,MAAM,WAAW,GAAG,IAAI,GAAG,EAAyB,CAAC;YACrD,KAAK,MAAM,IAAI,IAAI,MAAM;gBAAE,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAC3D,KAAK,MAAM,IAAI,IAAI,OAAO;gBAAE,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAC5D,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC;YAChD,IAAI,MAAM,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC;gBACrC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;gBAC3B,gBAAM,CAAC,IAAI,CAAC,uCAAuC,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;YAC1E,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,aAAa,CAAC,YAAoB;QACxC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC;YAAE,OAAO,EAAE,CAAC;QAC5C,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAoB,CAAC;QAC/E,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,gBAAM,CAAC,IAAI,CAAC,oCAAoC,YAAY,KAAK,CAAC,EAAE,CAAC,CAAC;YACtE,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAEO,aAAa,CAAC,QAAyB;QAC7C,IAAI,CAAC;YACH,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACpD,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;QAClF,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,gBAAM,CAAC,IAAI,CAAC,qCAAqC,CAAC,EAAE,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,QAAyB;QACtC,OAAO,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;YAC3C,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,EAAG,CAAC;YACjC,IAAI,MAAM,CAAC,GAAG,EAAE,CAAC;gBACf,IAAI,CAAC;oBACH,IAAA,yBAAS,EAAC,QAAQ,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;gBAClF,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,gBAAM,CAAC,IAAI,CAAC,uCAAuC,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC;gBACzE,CAAC;YACH,CAAC;YACD,MAAM,UAAU,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;YAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YAC3C,IAAI,IAAI,CAAC,WAAW,IAAI,UAAU,EAAE,CAAC;gBACnC,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;YACxD,CAAC;QACH,CAAC;IACH,CAAC;IAEO,cAAc,CAAC,KAAoB;QACzC,OAAO,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,WAAW,CAAC;IAC/C,CAAC;IAEO,cAAc,CAAC,KAAoB;QACzC,OAAO,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,YAAY,CAAC;IAChD,CAAC;IAEO,YAAY,CAAC,KAAoB;QACvC,OAAO,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,SAAS,CAAC;IAC3C,CAAC;CACF;AA3VD,sDA2VC"}

package/dist/agent/security/snapshot_and_rollback/index.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Snapshot backend factory
+ */
+import { HostSnapshotBackend } from "./base";
+export declare function getBackend(): HostSnapshotBackend | null;
+export { HostSnapshotBackend };
+//# sourceMappingURL=index.d.ts.map

package/dist/agent/security/snapshot_and_rollback/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/agent/security/snapshot_and_rollback/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,mBAAmB,EAAE,MAAM,QAAQ,CAAC;AAkc7C,wBAAgB,UAAU,IAAI,mBAAmB,GAAG,IAAI,CAavD;AAED,OAAO,EAAE,mBAAmB,EAAE,CAAC"}