iLdZddlZddlZddlZddlZddlZddlZddlZddlZddl Z ddl m Z m Z ej dkZejeZdedefdZdZdefd ZeZdd edzd edzdefd Zdefd ZeZdZdedefdZdeeee ffdZ!deefdZ"dedeedefdZ#Gdde Z$dS)uELocal execution environment — spawn-per-call with session snapshot.N)BaseEnvironment _pipe_stdinWindowscwdreturncN|r!tj|r|S|rtj|nd}|rKtj|r|Stj|}||krn|}|Kt jS)urReturn ``cwd`` if it exists as a directory, else the nearest existing ancestor. Falls back to ``tempfile.gettempdir()`` only if walking up the path can't find any existing directory (effectively never on a healthy filesystem, but cheap belt-and-braces). Used by ``_run_bash`` to recover when the configured cwd is gone — most commonly because a previous tool call deleted its own working directory (issue #17558). Without this guard, ``subprocess.Popen(..., cwd=...)`` raises ``FileNotFoundError`` before bash starts, wedging every subsequent terminal call until the gateway restarts. )ospathisdirdirnametempfile gettempdir)rparent next_parents =/home/piyush/.hermes/hermes-agent/tools/environments/local.py_resolve_safe_cwdrs rw}}S!! %( 0RW__S ! ! !bF  7==  Mgoof-- &       _HERMES_FORCE_c`t} ddlm}|D]=}||j|jr||j>n#t$rYnwxYw ddl m }| D]d\}}| d}|dvr||4|dkr*| dr||en#t$rYnwxYw|hdt|S) z=Derive the blocklist from provider, tool, and gateway config.r)PROVIDER_REGISTRY)OPTIONAL_ENV_VARScategory>tool messagingsettingpassword>?GH_TOKENHASS_URL LLM_MODEL HASS_TOKEN XAI_API_KEY GROQ_API_KEY VERCEL_TOKEN EMAIL_ADDRESS GITHUB_APP_ID OPENAI_ORG_ID WHATSAPP_MODECOHERE_API_KEYEMAIL_PASSWORDGOOGLE_API_KEYMODAL_TOKEN_IDOPENAI_API_KEYSIGNAL_ACCOUNTVERCEL_TEAM_IDANTHROPIC_TOKENDAYTONA_API_KEYEMAIL_IMAP_HOSTEMAIL_SMTP_HOSTMISTRAL_API_KEYOPENAI_API_BASEOPENAI_BASE_URLSIGNAL_HTTP_URLDEEPSEEK_API_KEYHELICONE_API_KEYPARALLEL_API_KEYTOGETHER_API_KEYWHATSAPP_ENABLEDFIRECRAWL_API_KEYFIRECRAWL_API_URLFIREWORKS_API_KEYVERCEL_OIDC_TOKENVERCEL_PROJECT_IDANTHROPIC_BASE_URLEMAIL_HOME_ADDRESSMODAL_TOKEN_SECRETOPENROUTER_API_KEYPERPLEXITY_API_KEYSLACK_HOME_CHANNELDISCORD_AUTO_THREADOPENAI_ORGANIZATIONSIGNAL_HOME_CHANNELSLACK_ALLOWED_USERSDISCORD_HOME_CHANNELSIGNAL_ALLOWED_USERSGATEWAY_ALLOWED_USERSSIGNAL_IGNORE_STORIESTELEGRAM_HOME_CHANNELWHATSAPP_ALLOWED_USERSCLAUDE_CODE_OAUTH_TOKENDISCORD_REQUIRE_MENTIONEMAIL_HOME_ADDRESS_NAMESLACK_HOME_CHANNEL_NAMESIGNAL_HOME_CHANNEL_NAMEDISCORD_HOME_CHANNEL_NAMEGITHUB_APP_INSTALLATION_IDSIGNAL_GROUP_ALLOWED_USERSTELEGRAM_HOME_CHANNEL_NAMEGITHUB_APP_PRIVATE_KEY_PATHDISCORD_FREE_RESPONSE_CHANNELS)sethermes_cli.authrvaluesupdateapi_key_env_varsbase_url_env_varadd ImportErrorhermes_cli.configritemsget frozenset)blockedrpconfigrnamemetadatars r_build_provider_env_blocklistrm3sG 555555(//11 6 6G NN73 4 4 4' 6 G4555 6        777777/5577 " "ND(||J//H000 D!!!!Y&&8<< +C+C& D!!!  "       NN@@@@@@B W  s%AA)) A65A6:A?C:: DDbase_env extra_envc ddlm}n#t$rd}YnwxYwi}|piD]9\}}|t r |t vs ||r|||<:|piD]Z\}}|t r"|tt d}|||<A|t vs ||r|||<[ddlm }|}|r||d<|S)zz*_sanitize_subprocess_env..ErNget_subprocess_homeHOME) tools.env_passthroughrr Exceptionrf startswith!_HERMES_PROVIDER_ENV_FORCE_PREFIX_HERMES_PROVIDER_ENV_BLOCKLISTlenhermes_constantsr{) rnro_is_passthrough sanitizedkeyvaluereal_keyr{ _profile_homes r_sanitize_subprocess_envrsf*OOOOOOO ***)/*!#I~2,,..## U >>; < <   4 4 48L8L 4"IcN B--//## U >>; < < #3@AABBCH"'Ih   6 6 6//#:N:N 6"IcN544444''))M*) &   c ts{tjdpftjdrdndpCtjdrdndp tjdpdStjd}|r!tj|r|Stjd}|r|Stjtjdd d d d tjtjd dd d d tjtjdddd d d fD]'}|r#tj|r|cS(td)z Find bash for command execution.bashz /usr/bin/bashNz /bin/bashSHELLz/bin/shHERMES_GIT_BASH_PATH ProgramFileszC:\Program FilesGitbinzbash.exezProgramFiles(x86)zC:\Program Files (x86) LOCALAPPDATAr ProgramszGit Bash not found. Hermes Agent requires Git for Windows on Windows. Install it from: https://git-scm.com/download/win Or set HERMES_GIT_BASH_PATH to your bash.exe location.) _IS_WINDOWSshutilwhichr r isfileenvironrgjoin RuntimeError)customfound candidates r _find_bashrs  L  #%7>>/#B#BL !w~~k::D  z~~g&&   Z^^2 3 3F "'..(( L E    RZ^^N4GHH%QVXbcc  RZ^^$79RSSUZ\acmnn  RZ^^NB77UES]^^   22      A  rza/opt/homebrew/bin:/opt/homebrew/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/binenvc ddlm}n#t$rd}YnwxYwttj|z}i}|D]Z\}}|tr"|ttd}|||<A|tvs ||r|||<[| dd}d| dvr|r |dtnt|d<dd lm}|} | r| |d <|S) zDBuild a run environment with a sane PATH and provider-var stripping.rrqcdSrtrurvs rrxz_make_run_env..ryrNPATHr z/usr/bin:rzr|)r}rrr~dictr rrfrrrrrgsplit _SANE_PATHrr{) rrmergedrun_envkvr existing_pathr{rs r _make_run_envrs^*OOOOOOO ***)/*"*s" # #FG 1 <<9 : : >??@@AH !GH   4 4 48J8J 4GAJKK++M,,S1111=JZ]99Z999PZ 544444''))M(' Nrc< ddlm}|pi}|dpi}|dpg}t|tsg}t |dd}d|D|fS#t $rgdfcYSwxYw)uReturn (shell_init_files, auto_source_bashrc) from config.yaml. Best-effort — returns sensible defaults on any failure so terminal execution never breaks because the config file is unreadable. r) load_configterminalshell_init_filesauto_source_bashrcTc0g|]}|t|Sru)str).0fs r z4_read_terminal_shell_init_config.. s#+++1+A+++r)rerrg isinstancelistboolr~)rcfg terminal_cfgfiles auto_bashrcs r _read_terminal_shell_init_configrs 111111kmm!rwwz**0b   !344:%&& E<++,@$GGHH +++++[88 4xsBB BBct\}}g}|r||n |rts|gdg}|D]} tjtj|}n#t$rYLwxYw|r4tj|r| ||S)uhResolve the list of files to source before the login-shell snapshot. Expands ``~`` and ``${VAR}`` references and drops anything that doesn't exist on disk, so a missing ``~/.bashrc`` never breaks the snapshot. The ``auto_source_bashrc`` path runs only when the user hasn't supplied an explicit list — once they have, Hermes trusts them. )z ~/.profilez~/.bash_profilez ~/.bashrc) rextendrr r expandvars expanduserr~rappend)explicitr candidatesresolvedrawr s r_resolve_shell_init_filesrs=>>HkJJ(#### J[J HHHIIIH"" 7%%bg&8&8&=&=>>DD    H   "BGNN4(( " OOD ! ! ! Os`` lines (guarded + silent) to a bash script. Each file is wrapped so a failing rc file doesn't abort the whole bootstrap: ``set +e`` keeps going on errors, ``2>/dev/null`` hides noisy prompts, and ``|| true`` neutralises the exit status. zset +e'z'\''z[ -r 'z ' ] && . 'z' 2>/dev/null || true )replacerr)rr prelude_partsr safepreludes r_prepend_shell_initr:s JMSS||C))QdQQdQQQRRRRii &&-G Z rc eZdZdZddededeffd Zd efd Zd d dd dede dededzd e j f dZ dZ defdZdZxZS)LocalEnvironmentzRun commands directly on the host machine. Spawn-per-call: every execute() spawns a fresh bash process. Session snapshot preserves env vars across calls. CWD persists via file-based read after each command. r <Nrtimeoutrc|rtj|}t|ptj|||dS)N)rrr)r r rsuper__init__getcwd init_session)selfrrr __class__s rrzLocalEnvironment.__init__Wsb  *'$$S))C S/BIKKcJJJ rrcdD]k}|j|ptj|}|r.|dr|dpdcSltjdr.tjdtj tj zrdStj }|dr|dpdSdS)a6Return a shell-safe writable temp dir for local execution. Termux does not provide /tmp by default, but exposes a POSIX TMPDIR. Prefer POSIX-style env vars when available, keep using /tmp on regular Unix systems, and only fall back to tempfile.gettempdir() when it also resolves to a POSIX path. Check the environment configured for this backend first so callers can override the temp root explicitly (for example via terminal.env or a custom TMPDIR), then fall back to the host process environment. )TMPDIRTMPTEMP/z/tmp) rrgr rrrstripr r accessW_OKX_OKrr)renv_varrs r get_temp_dirzLocalEnvironment.get_temp_dir]s1 4 4G W--H1H1HI 4Y11#66 4 '',,3333 7==  RYvrw7H%I%I 6'))    $ $ 0##C((/C /vrFx)loginr stdin_datarrrc Dt}|r t}|rt||}|r|dd|gn|d|g}t|j}t |j} | |jkr(td|j| | |_|j} trS| rQtj d| r<| d dz| dd dd z} tj|d |d d tjtj| tjn tjtrdn t&j| } ts0 t'j| j| _n#t0$rYnwxYw|t3| || S)Nz-lz-czaLocalEnvironment cwd %r is missing on disk; falling back to %r so terminal commands keep working.z ^/[a-zA-Z]/rr\Tzutf-8r) textrencodingerrorsstdoutstderrstdin preexec_fnr)rrrrrrrloggerwarningrrematchupperr subprocessPopenPIPESTDOUTDEVNULLr setsidgetpgidpid _hermes_pgidProcessLookupErrorr) rrrrrr init_filesargsrsafe_cwd _popen_cwdprocs r _run_bashzLocalEnvironment._run_bashws||  I244J I0ZHH 16TdD*--T4:*N*N Y#A,,..4z!""~7M7McSW7X7XXJ ?$%/%;*//AS*9tt       $&Jtx$8$8!!%      ! j ) ) ) sE>> F  F cdtdtfddtdtdtffd } trdS t jj}n$#t$rtdd}|YnwxYw t j |tj n#t$rYdSwxYw||drdS t j |tj n#t$rYdSwxYw||d  d dS#tjt"f$rYdSwxYw#tt$t"f$r+ YdS#t($rYYdSwxYwwxYw) z-Kill the entire process group (all children).pgidrcl tj|ddS#t$rYdSt$rYdSwxYw)NrTF)r killpgrPermissionError)r s r _group_alivez4LocalEnvironment._kill_process.._group_alivesY  $"""t%   uu"   tt s 3 33rc~tj|z}tj|kr^ n#t$rYnwxYw|sdStjdtj|k^ n#t$rYnwxYw| S)NTg?)time monotonicpollr~sleep)r rdeadlinerr s r_wait_for_group_exitz._wait_for_group_exits~'''1H.""X--IIKKKK D#|D)) 4 4   .""X--      #|D))) )s#A AAB## B0/B0rNg?g@g?)r)intrfloatr terminater rrrgetattrrsignalSIGTERMSIGKILLwaitrTimeoutExpiredOSErrorrkillr~)rr rr rs ` @r _kill_processzLocalEnvironment._kill_processs& s t     *s *U *t * * * * * * *$$       :dh//DD)"4>>D|$| IdFN3333)FF ('c22FIdFN3333)FF$$T3///IIcI*****"17;DD"OW=          sEA*)E*B E B  EB/.E/ B=9E<B==EC/.E/ C=9E<C==E D%%D?;E>D??EFE11 F;F?FFresultcV t|j5}|}dddn #1swxYwY|r&tj|r||_n#ttf$rYnwxYw| |dS)urRead CWD from temp file (local-only, no round-trip needed). Skip the assignment when the path no longer exists as a directory — ``pwd -P`` on a deleted cwd can leave a stale value in the marker file, and propagating it would re-wedge the next ``Popen``. The ``_run_bash`` recovery path will resolve a safe fallback if needed. N) open _cwd_filereadstripr r r rr"FileNotFoundError_extract_cwd_from_output)rr%rcwd_paths r _update_cwdzLocalEnvironment._update_cwds dn%% ,6688>>++ , , , , , , , , , , , , , , , $BGMM(33 $#*+    D  %%f-----s3A='A  A= A  A=A +A==BBcr|j|jfD]'} tj|#t$rY$wxYwdS)zClean up temp files.N)_snapshot_pathr(r unlinkr")rrs rcleanupzLocalEnvironment.cleanup sY%t~6  A  !       s ' 44)r rN)__name__ __module__ __qualname____doc__rrrrrrrrr r$r.r2 __classcell__)rs@rrrOsCsd c4;@!$+/;;;C;4;;!Dj;4>4D;;;;zDDDL.$....&rr)N)%r6loggingr platformrrrrrrtools.environments.baserrsystemr getLoggerr3rrrrrhrmrrrr _find_shellrrtuplerrrrrrrurrr?s3KK   @@@@@@@@ho9,  8 $ $!3!3!!!!8%5!YyYYYYx"?!>!@!@td{td{VZ>CF C t<%S 4*@('49''''T C S  c    *DDDDDDDDDDr