§
    FijØ5  ã                  óô   — U d Z ddlmZ ddlZddlZddlmZ ddlmZ ddl	m
Z
 dZ e¦   «         Zded	<   i Zd
ed<    e¦   «         Zded<   d+d„Zd,d„Zd-d„Zd.d/d„Zd,d„Zd0d„Zd1d „Zddd!œd2d&„Zd3d(„Zd4d*„ZdS )5zFHelpers for loading Hermes .env files consistently across entrypoints.é    )ÚannotationsN)ÚPath)Úload_dotenv)Úatomic_replace)Ú_API_KEYÚ_TOKENÚ_SECRETÚ_KEYzset[str]Ú_WARNED_KEYSzdict[str, str]Ú_SECRET_SOURCESÚ_APPLIED_HOMESÚenv_varÚstrÚreturnú
str | Nonec                ó6   — t                                | ¦  «        S )a  Return the label of the secret source that supplied ``env_var``, if any.

    Returns ``"bitwarden"`` for keys pulled from Bitwarden Secrets Manager
    during the current process's ``load_hermes_dotenv()`` call.  Returns
    ``None`` for keys that came from ``.env``, the shell environment, or
    aren't tracked.  The returned label is metadata only: credential-pool
    persistence may store it to explain the origin of a borrowed secret, but
    must never treat it as authorization to persist the raw value.
    )r   Úget)r   s    ú:/home/ubuntu/.hermes/hermes-agent/hermes_cli/env_loader.pyÚget_secret_sourcer   *   s   € õ ×Ò˜wÑ'Ô'Ð'ó    ÚNonec                 ó8   — t                                ¦   «          dS )u÷  Forget which HERMES_HOME paths have already had external secrets applied.

    The first call to ``_apply_external_secret_sources(home_path)`` in a
    process pulls from Bitwarden (or other configured backend), records the
    applied keys in ``_SECRET_SOURCES``, and remembers ``home_path`` so
    subsequent calls in the same process are no-ops.  Call this to force the
    next call to re-pull â€” useful for tests, and for long-running processes
    that want to refresh after a config change.
    N)r   Úclear© r   r   Úreset_secret_source_cacher   7   s   € õ ×ÒÑÔÐÐÐr   c                óD   — t          | ¦  «        }|sdS |dk    rdS d|› dS )u:  Return a human-readable suffix like ``" (from Bitwarden)"`` or ``""``.

    Use this when printing a detected credential so the user can see where
    it came from.  Empty string when the credential came from ``.env`` or
    the shell â€” those are the implicit / "default" cases users already
    understand.
    Ú Ú	bitwardenz (from Bitwarden)z (from ú))r   )r   Úsources     r   Úformat_secret_source_suffixr!   D   sB   € õ ˜wÑ'Ô'€FØð ØˆrØÒÐØ"Ð"ð VÐÐÐÐr   é   ÚvalueÚlimitÚintc                ó  — g }| D ]s}t          |¦  «        dk    r^dt          |¦  «        d›}|                     ¦   «         r	|d|›dz  }||vr|                     |¦  «         t          |¦  «        |k    r nŒtd                     |¦  «        S )zEReturn a compact 'U+XXXX ('c'), ...' summary of non-ASCII codepoints.é   zU+Ú04Xú (r   ú, )ÚordÚisprintableÚappendÚlenÚjoin)r#   r$   ÚseenÚchÚlabels        r   Ú_format_offending_charsr3   W   s£   € à€DØð ð ˆÝˆr‰7Œ7SŠ=ˆ=Ø&˜R™œÐ&Ð&Ð&ˆEØ~Š~ÑÔð &Ø˜˜b˜˜˜Ñ%Ø˜DÐ Ð Ø—’˜EÑ"Ô"Ð"Ý4‰yŒy˜EÒ!Ð!ØøØ9Š9T‰?Œ?Ðr   c                 ó®  ‡— t          t          j                             ¦   «         ¦  «        D ]&\  Š} t	          ˆfd„t
          D ¦   «         ¦  «        sŒ'	 |                      d¦  «         Œ># t          $ r Y nw xY w|                      dd¬¦  «                             d¦  «        }|t          j        ‰<   ‰t          v rŒ‘t           
                    ‰¦  «         t          | ¦  «        t          |¦  «        z
  }t          | ¦  «        pd}t          d‰› d|› d|d	k    rd
nd› d|› d	t          j        ¬¦  «         t          dt          j        ¬¦  «         Œ(dS )a!  Strip non-ASCII characters from credential env vars in os.environ.

    Called after dotenv loads so the rest of the codebase never sees
    non-ASCII API keys.  Only touches env vars whose names end with
    known credential suffixes (``_API_KEY``, ``_TOKEN``, etc.).

    Emits a one-line warning to stderr when characters are stripped.
    Silent stripping would mask copy-paste corruption (Unicode lookalike
    glyphs from PDFs / rich-text editors, ZWSP from web pages) as opaque
    provider-side "invalid API key" errors (see #6843).
    c              3  óB   •K  — | ]}‰                      |¦  «        V — Œd S )N)Úendswith)Ú.0ÚsuffixÚkeys     €r   ú	<genexpr>z/_sanitize_loaded_credentials.<locals>.<genexpr>s   s/   øè è € ÐKÐK¨F3—<’< Ñ'Ô'ÐKÐKÐKÐKÐKÐKr   ÚasciiÚignore)Úerrorsznon-printablez  Warning: z contained z non-ASCII characteré   Úsr   r)   u8   ) â€” stripped so the key can be sent as an HTTP header.©Úfilea@    This usually means the key was copy-pasted from a PDF, rich-text editor, or web page that substituted lookalike
  Unicode glyphs for ASCII letters. If authentication fails (e.g. "API key not valid"), re-copy the key from the
  provider's dashboard and run `hermes setup` (or edit the .env file in a plain-text editor).N)ÚlistÚosÚenvironÚitemsÚanyÚ_CREDENTIAL_SUFFIXESÚencodeÚUnicodeEncodeErrorÚdecoder   Úaddr.   r3   ÚprintÚsysÚstderr)r#   ÚcleanedÚstrippedÚdetailr9   s       @r   Ú_sanitize_loaded_credentialsrR   f   s£  ø€ õ 2œ:×+Ò+Ñ-Ô-Ñ.Ô.ð 
ñ 
‰
ˆˆUÝÐKÐKÐKÐKÕ6JÐKÑKÔKÑKÔKð 	Øð	ØLŠL˜Ñ!Ô!Ð!ØøÝ!ð 	ð 	ð 	ØˆDð	øøøà—,’,˜w¨x,Ñ8Ô8×?Ò?ÀÑHÔHˆØ!Œ
3‰Ø•,ÐÐØÝ×Ò˜ÑÔÐÝu‘:”:¥ G¡¤Ñ,ˆÝ(¨Ñ/Ô/ÐB°?ˆÝð2˜#ð 2ð 2¨(ð 2ð 2Ø !’mmˆsˆs¨ð2ð 2Ø/5ð2ð 2ð 2õ ”ð		
ñ 	
ô 	
ð 	
õ 	ð1õ ”ð	
ñ 	
ô 	
ð 	
ñ 	
ð+
ð 
s   ÁA+Á+
A8Á7A8Úpathr   ÚoverrideÚboolc               óŽ   — 	 t          | |d¬¦  «         n"# t          $ r t          | |d¬¦  «         Y nw xY wt          ¦   «          d S )Núutf-8)Údotenv_pathrT   Úencodingzlatin-1)r   ÚUnicodeDecodeErrorrR   )rS   rT   s     r   Ú_load_dotenv_with_fallbackr[   ’   sn   € ðMÝ ¨xÀ'ÐJÑJÔJÐJÐJøÝð Mð Mð MÝ ¨xÀ)ÐLÑLÔLÐLÐLÐLðMøøøõ !Ñ"Ô"Ð"Ð"Ð"s   ‚ •4³4c                ó,  — |                       ¦   «         sdS 	 ddlm} n# t          $ r Y dS w xY wdddœ}	 t	          | fi |¤Ž5 }|                     ¦   «         }ddd¦  «         n# 1 swxY w Y   d„ |D ¦   «         } ||¦  «        }||k    r÷ddl}|                     t          | j	        ¦  «        dd	¬
¦  «        \  }}		 t          j        |dd¬¦  «        5 }|                     |¦  «         |                     ¦   «          t          j        |                     ¦   «         ¦  «         ddd¦  «         n# 1 swxY w Y   t!          |	| ¦  «         dS # t"          $ r( 	 t          j        |	¦  «         n# t&          $ r Y nw xY w‚ w xY wdS # t(          $ r Y dS w xY w)u  Pre-sanitize a .env file before python-dotenv reads it.

    python-dotenv does not handle corrupted lines where multiple
    KEY=VALUE pairs are concatenated on a single line (missing newline).
    This produces mangled values â€” e.g. a bot token duplicated 8Ã—
    (see #8908).

    Also strips embedded null bytes which crash ``os.environ[k] = v``
    with ``ValueError: embedded null byte`` â€” typically introduced by
    copy-pasting API keys from terminals or rich-text editors.

    We delegate to ``hermes_cli.config._sanitize_env_lines`` which
    already knows all valid Hermes env-var names and can split
    concatenated lines correctly.
    Nr   )Ú_sanitize_env_linesz	utf-8-sigÚreplace)rY   r=   c                ó:   — g | ]}|                      d d¦  «        ‘ŒS )ú r   )r^   )r7   Úlines     r   ú
<listcomp>z0_sanitize_env_file_if_needed.<locals>.<listcomp>½   s&   € ÐBÐBÐB°D—L’L ¨Ñ,Ô,ÐBÐBÐBr   z.tmpz.env_)Údirr8   ÚprefixÚwrW   ©rY   )ÚexistsÚhermes_cli.configr]   ÚImportErrorÚopenÚ	readlinesÚtempfileÚmkstempr   ÚparentrC   ÚfdopenÚ
writelinesÚflushÚfsyncÚfilenor   ÚBaseExceptionÚunlinkÚOSErrorÚ	Exception)
rS   r]   Úread_kwÚfÚoriginalrP   Ú	sanitizedrl   ÚfdÚtmps
             r   Ú_sanitize_env_file_if_neededr~   Ÿ   s‚  € ð  ;Š;‰=Œ=ð ØˆðØ9Ð9Ð9Ð9Ð9Ð9Ð9øÝð ð ð Øˆˆðøøøð '°)Ð<Ð<€GðÝ$Ð"Ð"˜'Ð"Ð"ð 	% aØ—{’{‘}”}ˆHð	%ð 	%ð 	%ñ 	%ô 	%ð 	%ð 	%ð 	%ð 	%ð 	%ð 	%øøøð 	%ð 	%ð 	%ð 	%ð
 CÐB¸ÐBÑBÔBˆØ'Ð'¨Ñ1Ô1ˆ	Ø˜Ò Ð ØˆOˆOˆOØ×&Ò&Ý˜œÑ$Ô$¨V¸Gð 'ñ ô ‰GˆBðÝ”Y˜r 3°Ð9Ñ9Ô9ð )¸QØ—L’L Ñ+Ô+Ð+Ø—G’G‘I”IIÝ”H˜QŸXšX™ZœZÑ(Ô(Ð(ð)ð )ð )ñ )ô )ð )ð )ð )ð )ð )ð )øøøð )ð )ð )ð )õ ˜s DÑ)Ô)Ð)Ð)Ð)øÝ ð ð ð ðÝ”I˜c‘N”NNNøÝð ð ð ØDðøøøàðøøøð !Ð øõ" ð ð ð Øˆˆðøøøs   ˜ Ÿ
-¬-¶F ÁA$ÁF Á$A(Á(F Á+A(Á,AF Â>E ÃAD1Ä%E Ä1D5Ä5E Ä8D5Ä9E Å
F ÅE.Å-F Å.
E;Å8F Å:E;Å;F Æ F Æ
FÆF)Úhermes_homeÚproject_envr   ústr | os.PathLike | Noner€   ú
list[Path]c                óF  — g }t          | p(t          j        dt          j        ¦   «         dz  ¦  «        ¦  «        }|dz  }|rt          |¦  «        nd}|                     ¦   «         rt          |¦  «         |r#|                     ¦   «         rt          |¦  «         |                     ¦   «         r&t          |d¬¦  «         |                     |¦  «         |r;|                     ¦   «         r't          || ¬¦  «         |                     |¦  «         t          |¦  «         |S )a[  Load Hermes environment files with user config taking precedence.

    Behavior:
    - `~/.hermes/.env` overrides stale shell-exported values when present.
    - project `.env` acts as a dev fallback and only fills missing values when
      the user env exists.
    - if no user env exists, the project `.env` also overrides stale shell vars.
    ÚHERMES_HOMEz.hermesz.envNT)rT   )	r   rC   ÚgetenvÚhomerg   r~   r[   r-   Ú_apply_external_secret_sources)r   r€   ÚloadedÚ	home_pathÚuser_envÚproject_env_paths         r   Úload_hermes_dotenvrŒ   Ô   s0  € ð €Få[ÐU¥B¤I¨m½T¼Y¹[¼[È9Ñ=TÑ$UÔ$UÑVÔV€IØ˜6Ñ!€HØ,7ÐA•t˜KÑ(Ô(Ð(¸TÐð ‡‚ÑÔð /Ý$ XÑ.Ô.Ð.Øð 7Ð,×3Ò3Ñ5Ô5ð 7Ý$Ð%5Ñ6Ô6Ð6à‡‚ÑÔð  Ý" 8°dÐ;Ñ;Ô;Ð;ØŠhÑÔÐàð (Ð,×3Ò3Ñ5Ô5ð (Ý"Ð#3À&¸jÐIÑIÔIÐIØŠÐ&Ñ'Ô'Ð'å" 9Ñ-Ô-Ð-à€Mr   r‰   c                ó
  — t          t          | ¦  «                             ¦   «         ¦  «        }|t          v rdS t                               |¦  «         	 t          | ¦  «        }n# t          $ r Y dS w xY w|pi                      d¦  «        pi }|                     d¦  «        sdS 	 ddlm	} n# t          $ r Y dS w xY w |d|                     dd¦  «        |                     d	d
¦  «        t          |                     dd¦  «        ¦  «        t          |                     dd¦  «        ¦  «        t          |                     dd¦  «        ¦  «        t          |                     dd
¦  «        pd
¦  «                             ¦   «         | ¬¦  «        }|j        r˜t          ¦   «          |j        D ]}dt           |<   Œt#          dt%          |j        ¦  «        › dt%          |j        ¦  «        dk    rdnd
› dd                     t)          |j        ¦  «        ¦  «        › dt*          j        ¬¦  «         |j        r#t#          d|j        › t*          j        ¬¦  «         |j        D ] }t#          d|› t*          j        ¬¦  «         Œ!dS )uE  Pull secrets from external sources (currently Bitwarden) into env.

    Runs AFTER dotenv loads so .env values are visible (we use them to
    locate the access token) but BEFORE the rest of Hermes reads
    ``os.environ`` for credentials.  Any failure here is logged and
    swallowed â€” external secret sources must never block startup.

    Idempotent within a process: subsequent calls for the same
    ``home_path`` are no-ops.  ``load_hermes_dotenv()`` runs at import
    time from several hot modules (cli.py, hermes_cli/main.py,
    run_agent.py, trajectory_compressor.py, ...), so without this guard
    the Bitwarden status line would print 3-5x per CLI startup.  Use
    ``reset_secret_source_cache()`` if you need to force a re-pull
    (tests, future ``hermes secrets bitwarden sync`` from a long-running
    process).
    Nr   Úenabledr   )Úapply_bitwarden_secretsTÚaccess_token_envÚBWS_ACCESS_TOKENÚ
project_idr   Úoverride_existingFÚcache_ttl_secondsi,  Úauto_installÚ
server_url)rŽ   r   r’   r“   r”   r•   r–   r‰   z%  Bitwarden Secrets Manager: applied z secretr>   r?   r)   r*   r   r@   z  Bitwarden Secrets Manager: )r   r   Úresolver   rK   Ú_load_secrets_configrw   r   Úagent.secret_sources.bitwardenr   ri   rU   ÚfloatÚstripÚappliedrR   r   rL   r.   r/   ÚsortedrM   rN   ÚerrorÚwarnings)r‰   Úhome_keyÚcfgÚbw_cfgr   ÚresultÚnameÚwarns           r   r‡   r‡   ú   sæ  € õ" •4˜	‘?”?×*Ò*Ñ,Ô,Ñ-Ô-€HØ•>Ð!Ð!ØˆÝ×ÒxÑ Ô Ð ðÝ" 9Ñ-Ô-ˆˆøÝð ð ð Øˆˆðøøøð ˆiR_Š_˜[Ñ)Ô)Ð/¨R€FØ:Š:iÑ Ô ð ØˆðØJÐJÐJÐJÐJÐJÐJøÝð ð ð Øˆˆðøøøð %Ð$ØØŸšÐ$6Ð8JÑKÔKØ—:’:˜l¨BÑ/Ô/Ý˜vŸzšzÐ*=¸uÑEÔEÑFÔFÝ §
¢
Ð+>ÀÑ DÔ DÑEÔEÝ˜&Ÿ*š* ^°TÑ:Ô:Ñ;Ô;Ýv—z’z ,°Ñ3Ô3Ð9°rÑ:Ô:×@Ò@ÑBÔBØð	ñ 	ô 	€Fð „~ð 
õ 	%Ñ&Ô&Ð&ð
 ”Nð 	0ð 	0ˆDØ$/O˜DÑ!Ð!Ýð5µC¸¼Ñ4GÔ4Gð 5ð 5Ý ¤Ñ/Ô/°1Ò4Ð4SS¸"ð5ð 5à—	’	& ¤Ñ0Ô0Ñ1Ô1ð5ð 5ð 5õ ”ð		
ñ 	
ô 	
ð 	
ð „|ð 
ÝØ:¨F¬LÐ:Ð:Ý”ð	
ñ 	
ô 	
ð 	
ð ”ð 
ð 
ˆÝØ2¨DÐ2Ð2Ý”ð	
ñ 	
ô 	
ð 	
ð 	
ð
ð 
s$   ÁA% Á%
A3Á2A3Â'B. Â.
B<Â;B<Údictc                ó@  — | dz  }|                      ¦   «         si S 	 ddl}n# t          $ r i cY S w xY w	 t          |dd¬¦  «        5 }|                     |¦  «        pi }ddd¦  «         n# 1 swxY w Y   n# t
          $ r i cY S w xY w|                     d¦  «        pi S )z¼Read just the ``secrets:`` section out of config.yaml.

    Imported lazily and isolated from the main config loader so a
    malformed config can't take down dotenv loading entirely.
    zconfig.yamlr   NÚrrW   rf   Úsecrets)rg   Úyamlri   rj   Ú	safe_loadrw   r   )r‰   Úconfig_pathrª   ry   Údatas        r   r˜   r˜   F  s  € ð ˜mÑ+€KØ×ÒÑÔð Øˆ	ðØˆˆˆˆøÝð ð ð Øˆ	ˆ	ˆ	ðøøøðÝ+˜s¨WÐ5Ñ5Ô5ð 	+¸Ø—>’> !Ñ$Ô$Ð*¨ˆDð	+ð 	+ð 	+ñ 	+ô 	+ð 	+ð 	+ð 	+ð 	+ð 	+ð 	+øøøð 	+ð 	+ð 	+ð 	+øøåð ð ð Øˆ	ˆ	ˆ	ðøøøà8Š8IÑÔÐ$ "Ð$sA   " ¢1°1µA7 ÁA+ÁA7 Á+A/Á/A7 Á2A/Á3A7 Á7BÂB)r   r   r   r   )r   r   )r   r   r   r   )r"   )r#   r   r$   r%   r   r   )rS   r   rT   rU   r   r   )rS   r   r   r   )r   r   r€   r   r   r‚   )r‰   r   r   r   )r‰   r   r   r¦   )Ú__doc__Ú
__future__r   rC   rM   Úpathlibr   Údotenvr   Úutilsr   rG   Úsetr   Ú__annotations__r   r   r   r   r!   r3   rR   r[   r~   rŒ   r‡   r˜   r   r   r   ú<module>rµ      s§  ðØ LÐ LÐ Là "Ð "Ð "Ð "Ð "Ð "à 	€	€	€	Ø 
€
€
€
Ø Ð Ð Ð Ð Ð à Ð Ð Ð Ð Ð Ø  Ð  Ð  Ð  Ð  Ð  ð AÐ ð
 ˜™œ€Ð Ð Ð Ñ ð #%€Ð $Ð $Ð $Ñ $ð ˜3™5œ5€Ð  Ð  Ð  Ñ  ð
(ð 
(ð 
(ð 
(ð
ð 
ð 
ð 
ðð ð ð ð&ð ð ð ð ð)
ð )
ð )
ð )
ðX
#ð 
#ð 
#ð 
#ð2ð 2ð 2ð 2ðn -1Ø,0ð#ð #ð #ð #ð #ð #ðLI
ð I
ð I
ð I
ðX%ð %ð %ð %ð %ð %r   