winclaw 2026.3.21 → 2026.3.22

package/dist/fs-safe-Dha0DfFC.js

@@ -1,352 +0,0 @@
-import { ft as expandHomePrefix } from "./entry.js";
-import { d as hasNodeErrorCode, f as isNotFoundPathError, m as isSymlinkOpenError, p as isPathInside, s as sameFileIdentity } from "./winclaw-root-D0OUuGl7.js";
-import { i as logWarn } from "./logger-BcqRk323.js";
-import { n as assertNoPathAliasEscape } from "./path-alias-guards-9OJ1UBCd.js";
-import os from "node:os";
-import path from "node:path";
-import { constants } from "node:fs";
-import fsPromises from "node:fs/promises";
-import { randomUUID } from "node:crypto";
-import { pipeline } from "node:stream/promises";
-
-//#region src/infra/fs-safe.ts
-var SafeOpenError = class extends Error {
-	constructor(code, message, options) {
-		super(message, options);
-		this.code = code;
-		this.name = "SafeOpenError";
-	}
-};
-const SUPPORTS_NOFOLLOW = process.platform !== "win32" && "O_NOFOLLOW" in constants;
-const OPEN_READ_FLAGS = constants.O_RDONLY | (SUPPORTS_NOFOLLOW ? constants.O_NOFOLLOW : 0);
-const OPEN_WRITE_EXISTING_FLAGS = constants.O_WRONLY | (SUPPORTS_NOFOLLOW ? constants.O_NOFOLLOW : 0);
-const OPEN_WRITE_CREATE_FLAGS = constants.O_WRONLY | constants.O_CREAT | constants.O_EXCL | (SUPPORTS_NOFOLLOW ? constants.O_NOFOLLOW : 0);
-const ensureTrailingSep = (value) => value.endsWith(path.sep) ? value : value + path.sep;
-async function expandRelativePathWithHome(relativePath) {
-	let home = process.env.HOME || process.env.USERPROFILE || os.homedir();
-	try {
-		home = await fsPromises.realpath(home);
-	} catch {}
-	return expandHomePrefix(relativePath, { home });
-}
-async function openVerifiedLocalFile(filePath, options) {
-	try {
-		if ((await fsPromises.lstat(filePath)).isDirectory()) throw new SafeOpenError("not-file", "not a file");
-	} catch (err) {
-		if (err instanceof SafeOpenError) throw err;
-	}
-	let handle;
-	try {
-		handle = await fsPromises.open(filePath, OPEN_READ_FLAGS);
-	} catch (err) {
-		if (isNotFoundPathError(err)) throw new SafeOpenError("not-found", "file not found");
-		if (isSymlinkOpenError(err)) throw new SafeOpenError("symlink", "symlink open blocked", { cause: err });
-		if (hasNodeErrorCode(err, "EISDIR")) throw new SafeOpenError("not-file", "not a file");
-		throw err;
-	}
-	try {
-		const [stat, lstat] = await Promise.all([handle.stat(), fsPromises.lstat(filePath)]);
-		if (lstat.isSymbolicLink()) throw new SafeOpenError("symlink", "symlink not allowed");
-		if (!stat.isFile()) throw new SafeOpenError("not-file", "not a file");
-		if (options?.rejectHardlinks && stat.nlink > 1) throw new SafeOpenError("invalid-path", "hardlinked path not allowed");
-		if (!sameFileIdentity(stat, lstat)) throw new SafeOpenError("path-mismatch", "path changed during read");
-		const realPath = await fsPromises.realpath(filePath);
-		const realStat = await fsPromises.stat(realPath);
-		if (options?.rejectHardlinks && realStat.nlink > 1) throw new SafeOpenError("invalid-path", "hardlinked path not allowed");
-		if (!sameFileIdentity(stat, realStat)) throw new SafeOpenError("path-mismatch", "path mismatch");
-		return {
-			handle,
-			realPath,
-			stat
-		};
-	} catch (err) {
-		await handle.close().catch(() => {});
-		if (err instanceof SafeOpenError) throw err;
-		if (isNotFoundPathError(err)) throw new SafeOpenError("not-found", "file not found");
-		throw err;
-	}
-}
-async function resolvePathWithinRoot(params) {
-	let rootReal;
-	try {
-		rootReal = await fsPromises.realpath(params.rootDir);
-	} catch (err) {
-		if (isNotFoundPathError(err)) throw new SafeOpenError("not-found", "root dir not found");
-		throw err;
-	}
-	const rootWithSep = ensureTrailingSep(rootReal);
-	const expanded = await expandRelativePathWithHome(params.relativePath);
-	const resolved = path.resolve(rootWithSep, expanded);
-	if (!isPathInside(rootWithSep, resolved)) throw new SafeOpenError("outside-workspace", "file is outside workspace root");
-	return {
-		rootReal,
-		rootWithSep,
-		resolved
-	};
-}
-async function openFileWithinRoot(params) {
-	const { rootWithSep, resolved } = await resolvePathWithinRoot(params);
-	let opened;
-	try {
-		opened = await openVerifiedLocalFile(resolved);
-	} catch (err) {
-		if (err instanceof SafeOpenError) {
-			if (err.code === "not-found") throw err;
-			throw new SafeOpenError("invalid-path", "path is not a regular file under root", { cause: err });
-		}
-		throw err;
-	}
-	if (params.rejectHardlinks !== false && opened.stat.nlink > 1) {
-		await opened.handle.close().catch(() => {});
-		throw new SafeOpenError("invalid-path", "hardlinked path not allowed");
-	}
-	if (!isPathInside(rootWithSep, opened.realPath)) {
-		await opened.handle.close().catch(() => {});
-		throw new SafeOpenError("outside-workspace", "file is outside workspace root");
-	}
-	return opened;
-}
-async function readFileWithinRoot(params) {
-	const opened = await openFileWithinRoot({
-		rootDir: params.rootDir,
-		relativePath: params.relativePath,
-		rejectHardlinks: params.rejectHardlinks
-	});
-	try {
-		return await readOpenedFileSafely({
-			opened,
-			maxBytes: params.maxBytes
-		});
-	} finally {
-		await opened.handle.close().catch(() => {});
-	}
-}
-async function readPathWithinRoot(params) {
-	const rootDir = path.resolve(params.rootDir);
-	const candidatePath = path.isAbsolute(params.filePath) ? path.resolve(params.filePath) : path.resolve(rootDir, params.filePath);
-	return await readFileWithinRoot({
-		rootDir,
-		relativePath: path.relative(rootDir, candidatePath),
-		rejectHardlinks: params.rejectHardlinks,
-		maxBytes: params.maxBytes
-	});
-}
-function createRootScopedReadFile(params) {
-	const rootDir = path.resolve(params.rootDir);
-	return async (filePath) => {
-		return (await readPathWithinRoot({
-			rootDir,
-			filePath,
-			rejectHardlinks: params.rejectHardlinks,
-			maxBytes: params.maxBytes
-		})).buffer;
-	};
-}
-async function readLocalFileSafely(params) {
-	const opened = await openVerifiedLocalFile(params.filePath);
-	try {
-		return await readOpenedFileSafely({
-			opened,
-			maxBytes: params.maxBytes
-		});
-	} finally {
-		await opened.handle.close().catch(() => {});
-	}
-}
-async function readOpenedFileSafely(params) {
-	if (params.maxBytes !== void 0 && params.opened.stat.size > params.maxBytes) throw new SafeOpenError("too-large", `file exceeds limit of ${params.maxBytes} bytes (got ${params.opened.stat.size})`);
-	return {
-		buffer: await params.opened.handle.readFile(),
-		realPath: params.opened.realPath,
-		stat: params.opened.stat
-	};
-}
-function emitWriteBoundaryWarning(reason) {
-	logWarn(`security: fs-safe write boundary warning (${reason})`);
-}
-function buildAtomicWriteTempPath(targetPath) {
-	const dir = path.dirname(targetPath);
-	const base = path.basename(targetPath);
-	return path.join(dir, `.${base}.${process.pid}.${randomUUID()}.tmp`);
-}
-async function writeTempFileForAtomicReplace(params) {
-	const tempHandle = await fsPromises.open(params.tempPath, OPEN_WRITE_CREATE_FLAGS, params.mode);
-	try {
-		if (typeof params.data === "string") await tempHandle.writeFile(params.data, params.encoding ?? "utf8");
-		else await tempHandle.writeFile(params.data);
-		return await tempHandle.stat();
-	} finally {
-		await tempHandle.close().catch(() => {});
-	}
-}
-async function verifyAtomicWriteResult(params) {
-	const rootWithSep = ensureTrailingSep(await fsPromises.realpath(params.rootDir));
-	const opened = await openVerifiedLocalFile(params.targetPath, { rejectHardlinks: true });
-	try {
-		if (!sameFileIdentity(opened.stat, params.expectedStat)) throw new SafeOpenError("path-mismatch", "path changed during write");
-		if (!isPathInside(rootWithSep, opened.realPath)) throw new SafeOpenError("outside-workspace", "file is outside workspace root");
-	} finally {
-		await opened.handle.close().catch(() => {});
-	}
-}
-async function resolveOpenedFileRealPathForHandle(handle, ioPath) {
-	try {
-		return await fsPromises.realpath(ioPath);
-	} catch (err) {
-		if (!isNotFoundPathError(err)) throw err;
-	}
-	const fdCandidates = process.platform === "linux" ? [`/proc/self/fd/${handle.fd}`, `/dev/fd/${handle.fd}`] : process.platform === "win32" ? [] : [`/dev/fd/${handle.fd}`];
-	for (const fdPath of fdCandidates) try {
-		return await fsPromises.realpath(fdPath);
-	} catch {}
-	throw new SafeOpenError("path-mismatch", "unable to resolve opened file path");
-}
-async function openWritableFileWithinRoot(params) {
-	const { rootReal, rootWithSep, resolved } = await resolvePathWithinRoot(params);
-	try {
-		await assertNoPathAliasEscape({
-			absolutePath: resolved,
-			rootPath: rootReal,
-			boundaryLabel: "root"
-		});
-	} catch (err) {
-		throw new SafeOpenError("invalid-path", "path alias escape blocked", { cause: err });
-	}
-	if (params.mkdir !== false) await fsPromises.mkdir(path.dirname(resolved), { recursive: true });
-	let ioPath = resolved;
-	try {
-		const resolvedRealPath = await fsPromises.realpath(resolved);
-		if (!isPathInside(rootWithSep, resolvedRealPath)) throw new SafeOpenError("outside-workspace", "file is outside workspace root");
-		ioPath = resolvedRealPath;
-	} catch (err) {
-		if (err instanceof SafeOpenError) throw err;
-		if (!isNotFoundPathError(err)) throw err;
-	}
-	const fileMode = params.mode ?? 384;
-	let handle;
-	let createdForWrite = false;
-	try {
-		try {
-			handle = await fsPromises.open(ioPath, OPEN_WRITE_EXISTING_FLAGS, fileMode);
-		} catch (err) {
-			if (!isNotFoundPathError(err)) throw err;
-			handle = await fsPromises.open(ioPath, OPEN_WRITE_CREATE_FLAGS, fileMode);
-			createdForWrite = true;
-		}
-	} catch (err) {
-		if (isNotFoundPathError(err)) throw new SafeOpenError("not-found", "file not found");
-		if (isSymlinkOpenError(err)) throw new SafeOpenError("invalid-path", "symlink open blocked", { cause: err });
-		throw err;
-	}
-	let openedRealPath = null;
-	try {
-		const stat = await handle.stat();
-		if (!stat.isFile()) throw new SafeOpenError("invalid-path", "path is not a regular file under root");
-		if (stat.nlink > 1) throw new SafeOpenError("invalid-path", "hardlinked path not allowed");
-		try {
-			const lstat = await fsPromises.lstat(ioPath);
-			if (lstat.isSymbolicLink() || !lstat.isFile()) throw new SafeOpenError("invalid-path", "path is not a regular file under root");
-			if (!sameFileIdentity(stat, lstat)) throw new SafeOpenError("path-mismatch", "path changed during write");
-		} catch (err) {
-			if (!isNotFoundPathError(err)) throw err;
-		}
-		const realPath = await resolveOpenedFileRealPathForHandle(handle, ioPath);
-		openedRealPath = realPath;
-		const realStat = await fsPromises.stat(realPath);
-		if (!sameFileIdentity(stat, realStat)) throw new SafeOpenError("path-mismatch", "path mismatch");
-		if (realStat.nlink > 1) throw new SafeOpenError("invalid-path", "hardlinked path not allowed");
-		if (!isPathInside(rootWithSep, realPath)) throw new SafeOpenError("outside-workspace", "file is outside workspace root");
-		if (params.truncateExisting !== false && !createdForWrite) await handle.truncate(0);
-		return {
-			handle,
-			createdForWrite,
-			openedRealPath: realPath,
-			openedStat: stat
-		};
-	} catch (err) {
-		const cleanupCreatedPath = createdForWrite && err instanceof SafeOpenError;
-		const cleanupPath = openedRealPath ?? ioPath;
-		await handle.close().catch(() => {});
-		if (cleanupCreatedPath) await fsPromises.rm(cleanupPath, { force: true }).catch(() => {});
-		throw err;
-	}
-}
-async function writeFileWithinRoot(params) {
-	const target = await openWritableFileWithinRoot({
-		rootDir: params.rootDir,
-		relativePath: params.relativePath,
-		mkdir: params.mkdir,
-		truncateExisting: false
-	});
-	const destinationPath = target.openedRealPath;
-	const targetMode = target.openedStat.mode & 511;
-	await target.handle.close().catch(() => {});
-	let tempPath = null;
-	try {
-		tempPath = buildAtomicWriteTempPath(destinationPath);
-		const writtenStat = await writeTempFileForAtomicReplace({
-			tempPath,
-			data: params.data,
-			encoding: params.encoding,
-			mode: targetMode || 384
-		});
-		await fsPromises.rename(tempPath, destinationPath);
-		tempPath = null;
-		try {
-			await verifyAtomicWriteResult({
-				rootDir: params.rootDir,
-				targetPath: destinationPath,
-				expectedStat: writtenStat
-			});
-		} catch (err) {
-			emitWriteBoundaryWarning(`post-write verification failed: ${String(err)}`);
-			throw err;
-		}
-	} finally {
-		if (tempPath) await fsPromises.rm(tempPath, { force: true }).catch(() => {});
-	}
-}
-async function copyFileWithinRoot(params) {
-	const source = await openVerifiedLocalFile(params.sourcePath, { rejectHardlinks: params.rejectSourceHardlinks });
-	if (params.maxBytes !== void 0 && source.stat.size > params.maxBytes) {
-		await source.handle.close().catch(() => {});
-		throw new SafeOpenError("too-large", `file exceeds limit of ${params.maxBytes} bytes (got ${source.stat.size})`);
-	}
-	let target = null;
-	let sourceClosedByStream = false;
-	let targetClosedByStream = false;
-	try {
-		target = await openWritableFileWithinRoot({
-			rootDir: params.rootDir,
-			relativePath: params.relativePath,
-			mkdir: params.mkdir
-		});
-		const sourceStream = source.handle.createReadStream();
-		const targetStream = target.handle.createWriteStream();
-		sourceStream.once("close", () => {
-			sourceClosedByStream = true;
-		});
-		targetStream.once("close", () => {
-			targetClosedByStream = true;
-		});
-		await pipeline(sourceStream, targetStream);
-	} catch (err) {
-		if (target?.createdForWrite) await fsPromises.rm(target.openedRealPath, { force: true }).catch(() => {});
-		throw err;
-	} finally {
-		if (!sourceClosedByStream) await source.handle.close().catch(() => {});
-		if (target && !targetClosedByStream) await target.handle.close().catch(() => {});
-	}
-}
-async function writeFileFromPathWithinRoot(params) {
-	await copyFileWithinRoot({
-		sourcePath: params.sourcePath,
-		rootDir: params.rootDir,
-		relativePath: params.relativePath,
-		mkdir: params.mkdir,
-		rejectSourceHardlinks: true
-	});
-}
-
-//#endregion
-export { openWritableFileWithinRoot as a, writeFileFromPathWithinRoot as c, openFileWithinRoot as i, writeFileWithinRoot as l, copyFileWithinRoot as n, readFileWithinRoot as o, createRootScopedReadFile as r, readLocalFileSafely as s, SafeOpenError as t };

package/dist/image-runtime-CGAobfgI.js

@@ -1,51 +0,0 @@
-import "./auth-profiles-CmoHF97e.js";
-import "./agent-scope-D-i-vMLS.js";
-import "./utils-hiIKrqOK.js";
-import "./winclaw-root-D0OUuGl7.js";
-import "./logger-BcqRk323.js";
-import "./exec-CaapFZaD.js";
-import "./registry-BcRQUSsJ.js";
-import "./github-copilot-token-DHTToceK.js";
-import "./host-env-security-CIiLt2Mi.js";
-import "./version-TiOyTfO4.js";
-import "./env-vars-CE3cUIrz.js";
-import "./manifest-registry-CI-UuKUO.js";
-import "./dock-ClcGZ0LV.js";
-import "./frontmatter-BnXqzQr3.js";
-import "./skills-BpN5EUZU.js";
-import "./path-alias-guards-9OJ1UBCd.js";
-import "./message-channel-DINJBdD0.js";
-import "./sessions-Cvvux3S6.js";
-import "./plugins-C1OgLvb4.js";
-import "./accounts-cYG8442L.js";
-import "./accounts-CTJXIABG.js";
-import "./logging-CFvkxgcX.js";
-import "./accounts-CLKFSM00.js";
-import "./paths-ByCv35uy.js";
-import "./chat-envelope-DDCB7eZC.js";
-import "./net-DQYHvbkN.js";
-import "./tailnet-yScEfa2T.js";
-import "./image-ops-eFMqXMDE.js";
-import "./pi-embedded-helpers-BWpzwT6B.js";
-import "./sandbox-D19lOCVP.js";
-import "./tool-catalog-DN2kDDZk.js";
-import "./chrome-RAfAR4xV.js";
-import "./tailscale-CB_lUnsU.js";
-import "./auth-CU4HqNch.js";
-import "./server-context-FT_S05Zu.js";
-import "./paths-C5mR1YC-.js";
-import "./redact-D1OBirZT.js";
-import "./errors-Dt_4okVn.js";
-import "./fs-safe-Dha0DfFC.js";
-import "./proxy-env-B7GwrH5p.js";
-import "./store-LSg8jeyh.js";
-import "./ports-CfOim1GC.js";
-import "./trash-D9VuTy5D.js";
-import "./server-middleware-BPI-0Duw.js";
-import "./tool-images-Cp3hNFNZ.js";
-import "./thinking-BxCyPtl0.js";
-import "./models-config-DYJ-p9kt.js";
-import { t as describeImageWithModel } from "./image-EjGWXbei.js";
-import "./tool-display-DRwMjyJE.js";
-
-export { describeImageWithModel };

package/dist/manager-runtime-BifbXCuI.js

@@ -1,22 +0,0 @@
-import "./auth-profiles-CmoHF97e.js";
-import "./agent-scope-D-i-vMLS.js";
-import "./utils-hiIKrqOK.js";
-import "./winclaw-root-D0OUuGl7.js";
-import "./logger-BcqRk323.js";
-import "./exec-CaapFZaD.js";
-import "./registry-BcRQUSsJ.js";
-import "./github-copilot-token-DHTToceK.js";
-import "./host-env-security-CIiLt2Mi.js";
-import "./version-TiOyTfO4.js";
-import "./env-vars-CE3cUIrz.js";
-import "./manifest-registry-CI-UuKUO.js";
-import "./paths-ByCv35uy.js";
-import "./redact-D1OBirZT.js";
-import "./errors-Dt_4okVn.js";
-import "./proxy-env-B7GwrH5p.js";
-import "./fetch-guard-D-W6TRJN.js";
-import "./api-key-rotation-D_JdsLIl.js";
-import { t as MemoryIndexManager } from "./manager-f6tniCBN.js";
-import "./query-expansion-Cja4xprw.js";
-
-export { MemoryIndexManager };

package/dist/path-alias-guards-9OJ1UBCd.js

@@ -1,43 +0,0 @@
-import { c as BOUNDARY_PATH_ALIAS_POLICIES, f as isNotFoundPathError, l as resolveBoundaryPath } from "./winclaw-root-D0OUuGl7.js";
-import os from "node:os";
-import fsPromises from "node:fs/promises";
-
-//#region src/infra/hardlink-guards.ts
-async function assertNoHardlinkedFinalPath(params) {
-	if (params.allowFinalHardlinkForUnlink) return;
-	let stat;
-	try {
-		stat = await fsPromises.stat(params.filePath);
-	} catch (err) {
-		if (isNotFoundPathError(err)) return;
-		throw err;
-	}
-	if (!stat.isFile()) return;
-	if (stat.nlink > 1) throw new Error(`Hardlinked path is not allowed under ${params.boundaryLabel} (${shortPath(params.root)}): ${shortPath(params.filePath)}`);
-}
-function shortPath(value) {
-	if (value.startsWith(os.homedir())) return `~${value.slice(os.homedir().length)}`;
-	return value;
-}
-
-//#endregion
-//#region src/infra/path-alias-guards.ts
-const PATH_ALIAS_POLICIES = BOUNDARY_PATH_ALIAS_POLICIES;
-async function assertNoPathAliasEscape(params) {
-	const resolved = await resolveBoundaryPath({
-		absolutePath: params.absolutePath,
-		rootPath: params.rootPath,
-		boundaryLabel: params.boundaryLabel,
-		policy: params.policy
-	});
-	if (params.policy?.allowFinalSymlinkForUnlink === true && resolved.kind === "symlink") return;
-	await assertNoHardlinkedFinalPath({
-		filePath: resolved.absolutePath,
-		root: resolved.rootPath,
-		boundaryLabel: params.boundaryLabel,
-		allowFinalHardlinkForUnlink: params.policy?.allowFinalHardlinkForUnlink
-	});
-}
-
-//#endregion
-export { assertNoPathAliasEscape as n, PATH_ALIAS_POLICIES as t };

package/dist/plugin-sdk/accounts-B9lBByhz.js

@@ -1,35 +0,0 @@
-import { ot as normalizeAccountId } from "./run-with-concurrency-BcPenaKJ.js";
-import { v as resolveAccountEntry, y as createAccountListHelpers } from "./accounts-Bl6fp04N.js";
-
-//#region src/imessage/accounts.ts
-const { listAccountIds, resolveDefaultAccountId } = createAccountListHelpers("imessage");
-const listIMessageAccountIds = listAccountIds;
-const resolveDefaultIMessageAccountId = resolveDefaultAccountId;
-function resolveAccountConfig(cfg, accountId) {
-	return resolveAccountEntry(cfg.channels?.imessage?.accounts, accountId);
-}
-function mergeIMessageAccountConfig(cfg, accountId) {
-	const { accounts: _ignored, ...base } = cfg.channels?.imessage ?? {};
-	const account = resolveAccountConfig(cfg, accountId) ?? {};
-	return {
-		...base,
-		...account
-	};
-}
-function resolveIMessageAccount(params) {
-	const accountId = normalizeAccountId(params.accountId);
-	const baseEnabled = params.cfg.channels?.imessage?.enabled !== false;
-	const merged = mergeIMessageAccountConfig(params.cfg, accountId);
-	const accountEnabled = merged.enabled !== false;
-	const configured = Boolean(merged.cliPath?.trim() || merged.dbPath?.trim() || merged.service || merged.region?.trim() || merged.allowFrom && merged.allowFrom.length > 0 || merged.groupAllowFrom && merged.groupAllowFrom.length > 0 || merged.dmPolicy || merged.groupPolicy || typeof merged.includeAttachments === "boolean" || merged.attachmentRoots && merged.attachmentRoots.length > 0 || merged.remoteAttachmentRoots && merged.remoteAttachmentRoots.length > 0 || typeof merged.mediaMaxMb === "number" || typeof merged.textChunkLimit === "number" || merged.groups && Object.keys(merged.groups).length > 0);
-	return {
-		accountId,
-		enabled: baseEnabled && accountEnabled,
-		name: merged.name?.trim() || void 0,
-		config: merged,
-		configured
-	};
-}
-
-//#endregion
-export { resolveDefaultIMessageAccountId as n, resolveIMessageAccount as r, listIMessageAccountIds as t };