il) dZddlZddlZddlZddlZddlZddlmZddlm Z m Z ddl m Z ddl Z ejeZehdZd/de d ed efd Zd0d ed ed efdZded dfdZdeddd dfdZde eefde eefd efdZddde eefde dede d df dZddddde eefde deded edzd df d!Zd1d"ed e d e fd#Zd2d$ed ed efd%Zd/d$ed ed efd&Zd'Z d(edzd edzfd)Z!d3d*Z"d+ed efd,Z#d+ed-ed efd.Z$dS)4z*Shared utility functions for hermes-agent.N)Path)AnyUnion)urlparse>1onyestrueFvaluedefaultreturnc||St|tr|St|tr-|t vSt|S)zDCoerce bool-ish values using the project's shared truthy string set.) isinstanceboolstrstriplowerTRUTHY_STRINGS)r r s */home/ubuntu/.hermes/hermes-agent/utils.pyis_truthy_valuers` }% %7{{}}""$$66 ;;namecJttj||dS)zBReturn True when an environment variable is set to a truthy value.Fr rosgetenv)rr s renv_var_enabledrs! 29T733U C C CCrpathz int | Nonec |r+tj|jndS#t$rYdSwxYw)zBCapture the permission bits of *path* if it exists, else ``None``.N)existsstatS_IMODEst_modeOSError)r s r_preserve_file_moder'$sV48KKMMKt|DIIKK/000tK ttsAA AAmodec\|dS tj||dS#t$rYdSwxYw)aRe-apply *mode* to *path* after an atomic replace. ``tempfile.mkstemp`` creates files with 0o600 (owner-only). After ``os.replace`` swaps the temp file into place the target inherits those restrictive permissions, breaking Docker / NAS volume mounts that rely on broader permissions set by the user. Calling this right after ``os.replace`` restores the original permissions. N)rchmodr&)r r(s r_restore_file_moder+,sM |  t      s  ++tmp_pathtargetct|}tj|rtj|n|}tjt|||S)u9Atomically move *tmp_path* onto *target*, preserving symlinks. ``os.replace(tmp, target)`` atomically swaps ``tmp`` into place at ``target``. When ``target`` is a symlink, the symlink itself is replaced with a regular file — silently detaching managed deployments that symlink ``config.yaml`` / ``SOUL.md`` / ``auth.json`` etc. from ``~/.hermes/`` to a git-tracked profile package or dotfiles repo (GitHub #16743). This helper resolves the symlink first so ``os.replace`` writes to the real file in-place while the symlink survives. For non-symlink and non-existent paths the behavior is identical to a plain ``os.replace`` call. Returns the resolved real path used for the replace, so callers that need to re-apply permissions can target it instead of the symlink. )rrr islinkrealpathreplace)r,r- target_str real_paths ratomic_replacer4=s[$VJ02z0J0JZ  ,,,PZIJs8}}i((( r)indentdatar6 dump_kwargsc t|}|jddt|}t jt |jd|jdd\}} tj |dd 5}tj ||f|d d || tj |d d d n #1swxYwYt||}t!||d S#t"$r( tj|n#t&$rYnwxYwwxYw) aWrite JSON data to a file atomically. Uses temp file + fsync + os.replace to ensure the target file is never left in a partially-written state. If the process crashes mid-write, the previous version of the file remains intact. Args: path: Target file path (will be created or overwritten). data: JSON-serializable data to write. indent: JSON indentation (default 2). **dump_kwargs: Additional keyword args forwarded to json.dump(), such as default=str for non-native types. Tparentsexist_ok._.tmpdirprefixsuffixwutf-8encodingF)r6 ensure_asciiN)rparentmkdirr'tempfilemkstemprstemrfdopenjsondumpflushfsyncfilenor4r+ BaseExceptionunlinkr&) r r7r6r8 original_modefdr,fr3s ratomic_json_writerYUs( ::DKdT222'--M#   49LB  Yr3 1 1 1 !Q I "         GGIII HQXXZZ  ! ! ! ! ! ! ! ! ! ! ! ! ! ! !#8T22 9m44444   Ih        D  sU1DAC% D%C))D,C)-#D ED21E2 D?<E>D??E)default_flow_style sort_keys extra_contentrZr[r\ct|}|jddt|}t jt |jd|jdd\}} tj |dd 5}tj |||| |r| || tj|d d d n #1swxYwYt!||} t#| |d S#t$$r( tj|n#t($rYnwxYwwxYw) anWrite YAML data to a file atomically. Uses temp file + fsync + os.replace to ensure the target file is never left in a partially-written state. If the process crashes mid-write, the previous version of the file remains intact. Args: path: Target file path (will be created or overwritten). data: YAML-serializable data to write. default_flow_style: YAML flow style (default False). sort_keys: Whether to sort dict keys (default False). extra_content: Optional string to append after the YAML dump (e.g. commented-out sections for user reference). Tr:r=r>r?r@rDrErF)rZr[N)rrIrJr'rKrLrrMrrNyamlrPwriterQrRrSr4r+rTrUr&) r r7rZr[r\rVrWr,rXr3s ratomic_yaml_writer`s, ::DKdT222'--M#   49LB  Yr3 1 1 1 !Q IdA2DPY Z Z Z Z ' &&& GGIII HQXXZZ  ! ! ! ! ! ! ! ! ! ! ! ! ! ! !#8T22 9m44444   Ih        D  sU1D+A*C>2 D+>DD+D#D++ E6E  E EEEEtextct tj|S#tjttf$r|cYSwxYw)zParse JSON, returning *default* on any parse error. Replaces the ``try: json.loads(x) except (JSONDecodeError, TypeError)`` pattern duplicated across display.py, anthropic_adapter.py, auxiliary_client.py, and others. )rOloadsJSONDecodeError TypeError ValueError)rar s rsafe_json_loadsrgsEz$  )Z 8s 77keyctj|d}|s|S t|S#tt f$r|cYSwxYw)z:Read an environment variable as an integer, with fallback.r)rrrintrfre)rhr raws renv_intrlse )C   " " $ $C 3xx  "s<AAcJttj|d|S)z*Read an environment variable as a boolean.rrr)rhr s renv_boolrns! 29S"--w ? ? ??r) HTTPS_PROXY HTTP_PROXY ALL_PROXY https_proxy http_proxy all_proxy proxy_urlct|pd}|sdS|drd|t ddS|S)zNormalize proxy URLs for httpx/aiohttp compatibility. WSL/Clash-style environments often export SOCKS proxies as ``socks://127.0.0.1:PORT``. httpx rejects that alias and expects the explicit ``socks5://`` scheme instead. rNzsocks://z socks5://)rrr startswithlen)ru candidates rnormalize_proxy_urlrzssIO$$**,,I t##J//989S__%5%56888 rctD]=}tj|d}t|}|r||kr|tj|<>dS)zARewrite supported proxy env vars to canonical URL forms in-place.rN)_PROXY_ENV_KEYSrrrzenviron)rhr normalizeds rnormalize_proxy_env_varsrsW)) #r""(//  )*--(BJsO ))rbase_urlc|pd}|sdStd|vr|nd|}|jpddS)aReturn the lowercased hostname for a base URL, or ``""`` if absent. Use exact-hostname comparisons against known provider hosts (``api.openai.com``, ``api.x.ai``, ``api.anthropic.com``) instead of substring matches on the raw URL. Substring checks treat attacker- or proxy-controlled paths/hosts like ``https://api.openai.com.example/v1`` or ``https://proxy.test/api.openai.com/v1`` as native endpoints, which leads to wrong api_mode / auth routing. rz://z//r=)rrhostnamerrstrip)rrkparseds rbase_url_hostnamersl >r " "C r Uc\\cczCzz : :F O !r ( ( * * 1 1# 6 66rdomainct|}|sdS|pdd}|sdS||kp|d|zS)acReturn True when the base URL's hostname is ``domain`` or a subdomain. Safer counterpart to ``domain in base_url``, which is the substring false-positive class documented on ``base_url_hostname``. Accepts bare hosts, full URLs, and URLs with paths. base_url_host_matches("https://api.moonshot.ai/v1", "moonshot.ai") == True base_url_host_matches("https://moonshot.ai", "moonshot.ai") == True base_url_host_matches("https://evil.com/moonshot.ai/v1", "moonshot.ai") == False base_url_host_matches("https://moonshot.ai.evil/v1", "moonshot.ai") == False Frr=)rrrrendswith)rrrs rbase_url_host_matchesrs|!**H ul ! ! # # ) ) + + 2 23 7 7F u v  @!2!23rs00  !!!!!!  8 $ $555663$DD#DDTDDDD d| T  $    "U39-uS$Y7GC8 333 T 3 3  3  3  3333t % $ 111 T 1 1 1  1 : 1 1111n  #  s     s3@@#@@@@@@ 3: #*    ))))777777"ACAAAAAAAAr