,jXUdZddlZddlZddlZddlZddlZddlZddlZddl Z ddl Z ddl Z ddl Z ddl mZddlmZmZmZmZddlmZejeZddlmZmZddlmZddlmZm Z m!Z!m"Z"m#Z#d e$d ed e$fd Z%e%d de&dZ'e%dde(dZ)dZ*iZ+e,e$e$fe-d<e j.Z/e j0Z1dZ2dZ3dZ4dZ5de$fdZ6de$fdZ7de$ddfdZ8ddZ9ddl:m;Z<d e$d!e$de,fd"Z=ej>d#Z?d$e$de$dzfd%Z@d&e$d!e$de$fd'ZAdd)e&de$fd*ZBdd ed,e&de$fd-ZCd.e$deDfd/ZEd e$d0e&deFe$e&ffd1ZGd e$deFe$eDffd2ZHdeDfd3ZId e$de$fd4ZJd e$dzdeFe$dze$dzffd5ZKdd6lLmMZNdd7lmOZPdd8lQmRZSdd9lTmUZVdd:lWmXZYdd;lZm[Z\dd<iZbee$e(fe-d?<e j.ZciZdee$e j.fe-d@<e j.ZedafdAagdAahe j.ZidBee$efddfdCZjiZkee$ee$effe-dD<dEe$dFee$effdGZldEe$fdHZmdEee$de$fdIZne&dfd e$d e$dJed e$fdKZode$fdLZpdee$effdMZqdNerdzdee$effdOZs dd!e$dPe$dQe$dRe&dSe,dBe,dTe,dEe$dUe$fdVZtddXe&fdYZudZZvd[Zwd\ZxdEe$fd]ZydEe$deDfd^Zzd_Z{dAd`dEe$daeDfdbZ|dcZ}e j~e}d e$dde&de$dzfdeZd e$deDfdfZej>dgejejzZej>dhZej>diZd e$de$fdjZej>dkejej>dlejej>dmejej>dnejej>doejej>dpejej>dqejej>drejfZd e$deDfdsZd e$de$dzfdtZdueDdveDdeFfdwZd$ee$dxedye$de$fdzZ dd e$dveDdRee&dEee$d{eDd$ee$d|eDdueDd}eee$de$fd~ZdeDfdZedkr\ededeqZededed!ededededededQededRdededXdesede_jdededededededededededdZedejdddedejdeedejddeedejdeedejdeedejdepddlmZedejdededejddedejddddlmZde`dddddddAddde'de'dddddddddAddddAddddiddƜdǜd gdȜdɜZdʄZej~ddeeedd̬ͦdS)a7 Terminal Tool Module A terminal tool that executes commands in local, Docker, Modal, SSH, Singularity, and Daytona environments. Supports local execution, containerized backends, and cloud sandboxes, including managed Modal mode. Supported environments: - "local": Execute directly on the host machine (default, fastest) - "docker": Execute in Docker containers (isolated, requires Docker) - "modal": Execute in Modal cloud sandboxes (direct Modal or managed gateway) Features: - Multiple execution backends (local, docker, modal) - Background task support - VM/container lifecycle management - Automatic cleanup after inactivity Cloud sandbox note: - Persistent filesystems preserve working state across sandbox recreation - Persistent filesystems do NOT guarantee the same live sandbox or long-running processes survive cleanup, idle reaping, or Hermes exit Usage: from terminal_tool import terminal_tool # Execute a simple command result = terminal_tool("ls -la") # Execute in background result = terminal_tool("python server.py", background=True) N)Path)OptionalDictAnyList)env_var_enabled)is_interrupted_interrupt_event)_get_scratch_dir)coerce_modal_modehas_direct_modal_credentialsmanaged_nous_tools_enabled%nous_tool_gateway_unavailable_messageresolve_modal_backend_statenamedefault type_labelctj|}||dkr|S ||S#ttf$r#td|||||cYSwxYw)zParse module-level numeric env vars without breaking import. Terminal tool is imported by CLI, ACP, tests, and tool discovery. A single malformed env var must not make the whole module unloadable at import time. Nz;Invalid value for %s: %r (expected %s). Falling back to %r.)osgetenv TypeError ValueErrorloggerwarningrr converterrraws 8/home/ubuntu/.hermes/hermes-agent/tools/terminal_tool.py_safe_parse_import_envr Os )D//C {cRii y~~ z " I        s +1AATERMINAL_MAX_FOREGROUND_TIMEOUTiXintegerTERMINAL_DISK_WARNING_GBg@@numbercd t}d}ddl}|t|dz D]}t|dD]g}|rQ ||jz }4#t$r&}t d||Yd}~_d}~wwxYwh|dz }|tkr#t d|tdSd S#t$r(}t d |d Yd}~d Sd}~wwxYw) z4Check if total disk usage exceeds warning threshold.rNhermes-**zCould not stat file %s: %si@z\Disk usage (%.1fGB) exceeds threshold (%.0fGB). Consider running cleanup_all_environments().TFz#Disk usage warning check failed: %sexc_info)r globstrrrglobis_filestatst_sizeOSErrorrdebugDISK_USAGE_WARNING_THRESHOLD_GBr Exception) scratch_dir total_bytesr*pathfetotal_gbs r_check_disk_usage_warningr:{s}&((   IIc+ ":;;<< I ID$ZZ%%c** I I99;;II#qvvxx'77 "III %A1aHHHHHHHHII I), 5 5 5 NNy#%D F F F4u  :A MMMuuuuusBA3C=6BC= CB>9C=>C6C== D/D**D/_sudo_password_cachec.ttddS)N sudo_passwordgetattr _callback_tlsr_get_sudo_password_callbackrCs =/4 8 88rBc.ttddS)Napprovalr>rArBr_get_approval_callbackrFs =*d 3 33rBc|t_dS)uRegister a callback for sudo password prompts (used by CLI). Per-thread scope — ACP sessions that run concurrently in a ThreadPoolExecutor each have their own callback slot. N)r@r=cbs rset_sudo_password_callbackrJs #%MrBc|t_dS)uRegister a callback for dangerous command approval prompts. Per-thread scope — ACP sessions that run concurrently in a ThreadPoolExecutor each have their own callback slot. See GHSA-qg5c-hvr5-hjgr. N)r@rErHs rset_approval_callbackrLs MrBreturnc ddlm}|dd}n%#t$rtjdd}YnwxYw|rd|St }|Zt |dd}t |dd}|$|"d t|d t|Sd t|Sd tj S) z6Return the cache scope for interactive sudo passwords.rget_session_envHERMES_SESSION_KEYrzsession:N__self____func__zcallback-owner::z callback:zthread:) gateway.session_contextrPr3rrrCr?id threading get_ident)rP session_keycallbackownerfuncs r_get_sudo_password_cache_scoper]s:;;;;;;%o&:B?? :::i 4b99 :('+'''*,,H*d33xT22  !1;RYY;;D;; ;)2h<<))) ,Y(** , ,,s 77ct}t5t|dcdddS#1swxYwYdS)z6Return the cached sudo password for the current scope.rN)r]_sudo_password_cache_lockr;get)scopes r_get_cached_sudo_passwordrbs * , ,E "33#''r22333333333333333333s>AApasswordct}t5|r |t|<nt|dddddS#1swxYwYdS)z.Persist a sudo password for the current scope.N)r]r_r;pop)rcras r_set_cached_sudo_passwordrfs * , ,E "22  2*2  ' ' $ $UD 1 1 1 222222222222222222s)A  AAcxt5tddddS#1swxYwYdS)z`Clear all cached sudo passwords. Internal helper for tests and process teardown paths. N)r_r;clearrArBr_reset_cached_sudo_passwordsris #%%""$$$%%%%%%%%%%%%%%%%%%s /33)check_all_command_guardscommandenv_typec>t||tS)zJDelegate to consolidated guard (tirith + dangerous cmd) with CLI callback.)approval_callback)_check_all_guards_implrF)rkrls r_check_all_guardsrps* !'84J4L4L N N NNrBz^[A-Za-z0-9/\\:_\-.~ +@=,]+$workdirc|sdSt|s6|D]1}t|sdt|dcS2dSdS)zReject workdir values that don't look like a filesystem path. Uses an allowlist of safe characters rather than a deny-list, so novel shell metacharacters can't slip through. Returns None if safe, or an error message string if dangerous. Nz/Blocked: workdir contains disallowed character z<. Use a simple filesystem path without shell metacharacters.z0Blocked: workdir contains disallowed characters.)_WORKDIR_SAFE_REmatchrepr)rqchs r_validate_workdirrws t  ! !' * *B  B#))"-- Qd2hhQQQ  BA 4rBoutputcxtd}|s|Sgd}|D]}||vrddlm}|d|dzcS |S)z Check for sudo failure and add helpful message for messaging contexts. Returns enhanced output if sudo failed in messaging context, else original. HERMES_GATEWAY_SESSION)zsudo: a password is requiredzsudo: no tty presentzsudo: a terminal is requiredrdisplay_hermes_homeu@ 💡 Tip: To enable sudo over messaging, add SUDO_PASSWORD to z/.env on the agent machine.)rhermes_constantsr|)rxrl is_gateway sudo_failuresfailure_dhhs r_handle_sudo_failurer's !!9::J  M !EE f   D D D D D DEaeaeagagEEEE E E E  MrB-timeout_secondscFddl}t}| |pdS#t$rYdSwxYwdddfd} dtjd<t jd ttd td td td tdtd|ddzdztdttdddtj |d}| | |dr~dpd}t|rtdntdt|j |dtjvrtjd=SStdtdt|j  dtjvrtjd=dSdS#ttf$rettdt|j Ydtjvrtjd=dSdSt$rT}td |d!|j Yd}~dtjvrtjd=dSdSd}~wwxYw#dtjvr tjd=wxYw)"a Prompt user for sudo password with timeout. Returns the password if entered, or empty string if: - User presses Enter without input (skip) - Timeout expires (45s default) - Any error occurs Only works in interactive mode (HERMES_INTERACTIVE=1). If a _sudo_password_callback is registered (by the CLI), delegates to it so the prompt integrates with prompt_toolkit's UI. Otherwise reads directly from /dev/tty with echo disabled. rNrF)rcdonecd}d} tjdkr\ddl}g} |}|dvrn#|dkrt||  rrcz/dev/tty>  rBzutf-8replace)errorsz)Failed to restore terminal attributes: %szFailed to close tty fd: %sr)platformsystemmsvcrtgetwchKeyboardInterruptappendjointermiosropenO_RDONLY tcgetattrECHO tcsetattr TCSAFLUSHreaddecodeEOFErrorr0r3rr1close) tty_fd old_attrsrcharscr new_attrsb_termiosr8results rread_password_threadz7_prompt_for_sudo_password..read_password_thread[s * "  I-- $ AL((F{{//LLOOO $&(WWU^^z""R[99#--f55 #--f55 (|w|m; ! !!&'*;YGGG$**A^ 3 3LLOOO $ &)XXe__%;%;GI%;%V%Vz"+W5 $ $ $!#F:    $ $ $!#F:    $!i&;Q....&&vx/A9MMMM QQQLL!LaPPPPPPPPQ!BHV$$$$ BBBLL!=qAAAAAAAAB!F6NNN!i&;Q....&&vx/A9MMMM QQQLL!LaPPPPPPPPQ!BHV$$$$ BBBLL!=qAAAAAAAAB!F6N ! ! ! !sEEH5F 6H58F H5F  H5 F22 G!<GG!'G<< H+H&&H+5K; IK J &JKJ  KJ&%K& K0K KK K1HERMES_SPINNER_PAUSEg?u┌──────────────────────────────────────────────────────────┐uA│ 🔐 SUDO PASSWORD REQUIRED │u├──────────────────────────────────────────────────────────┤u?│ Enter password below (input is hidden), or: │uA│ • Press Enter to skip (command fails gracefully) │u│ • Wait zs to auto-skipz u│u└──────────────────────────────────────────────────────────┘z Password (hidden): T)endflushtargetdaemontimeoutrrcu1 ✓ Password received (cached for this session)u' ⏭ Skipped - continuing without sudou( ⏱ Timeout - continuing without sudoz (Press Enter to dismiss)u) ⏭ Cancelled - continuing without sudoz [sudo prompt error: z] - continuing without sudo )sysrCr3renvirontimesleepprintrWThreadstartrstdoutrrr)rr_sudo_cbrpassword_threadrcr8rs @r_prompt_for_sudo_passwordrAsJJJ+,,H 8::# #   22  . .F."."."."."`03-0 )* 3  ())) CDDD ())) OPPP QRRR @@@@8KeSTTT ()))  %2T::::#*2FtTTT_555 &> j)/RH GGG AIJJJJ?@@@ GGG J     & "RZ / / 122 0# = > > > 0 1 1 1 GGG J      "RZ / / 1222 0 / ' (  9:::   "RZ / / 1222 0 /  IIIIJJJ rrr !RZ / / 1222 0 /  "RZ / / 12 2 2 2 2sJ # 11E-H. AH..ALL# L,,K;L;LLL limitc|dSt|tr |d|S t|d|S#t$rdt |jdcYSwxYw)z>Return a log-safe preview for possibly-invalid command values.Nz<>) isinstancer+rur3type__name__)rkrs r_safe_command_previewrsx'3vv-G}}VeV$$ ---,4==),,,,,,-s<"A! A!tokencd|vs|drdS|dd\}}ttjd|S)zCReturn True when *token* is a leading shell environment assignment.=Frz^[A-Za-z_][A-Za-z0-9_]*$) startswithsplitboolrert)rr_values r_looks_like_env_assignmentrsW %5++C00u;;sA&&LD& 4d;; < <> " MM!M a a%%d 773<< rBc6tjddpd}|dkrdS t jgdtjtjtjdd}|jdkS#t$rYdSwxYw)aNReturn True when local sudo currently works without prompting. Only probes for the `local` terminal backend; Docker/SSH/Modal/etc. must not inherit the host's sudo state. Re-probes every call (no process-level cache) so an expired sudo timestamp cannot make a later command silently block waiting for a password. TERMINAL_ENVlocalF)rz-ntruer)stdinrstderrrcheckr) rrstriplower subprocessrunDEVNULL returncoder3) terminal_envprobes r_sudo_nopasswd_worksr1s9^W55;;==CCEEPLwu  " " "$%%    1$$ uusAB BBcTt|}d}d}d}d}g}||krv||}|dkr|dkr|dkrd}|dz })|r|dz }C|dkr!|d|}|dkrn|}j|dkr|dz|kr|dz }|dvr't||\} } t | |dz}|d kr |dz }|dz }|d krt d|dz }|dz }|d krA|dz|kr8||dzs||dzdkr |dz }|dz }!|d kr|dkr|dz}d}|dz };|dks|dkr|dz }N|d |s|d|r |dz}|dz }|dkr d}|dz }|dkr d}|dz }|dkr|dz|kr||dzdkr|dz }|dz } | dkr?|| r%| dz} | dkr|| %| dkr|| dvr|dz }*|dkr|||fd}|dz }Pt||\} } t | |dz}||kv|s|S|} t|D]{\} }| }||kr?| |r%|dz }||kr| |%| d|}| ||}| |dzd}|dz|zdz|z} || S)uWrap `A && B &` (or `A || B &`) to `A && { B & }` at depth 0. Bash parses ``A && B &`` with `&&` tighter than `&`, so it forks a subshell for the whole `A && B` compound and backgrounds it. Inside the subshell, `B` runs foreground, so the subshell waits for `B` to finish. When `B` is a long-running process (`python3 -m http.server`, `yes > /dev/null`, anything that doesn't naturally exit), the subshell never exits. It leaks as a process stuck in ``wait4`` forever — and on the way, its open stdout pipe can prevent the terminal tool from returning promptly. Rewriting the tail to `A && { B & }` preserves `&&`'s error semantics (skip B if A fails) while replacing the subshell with a brace group. The brace group runs in the current shell (no fork), backgrounds B as a simple command (bash doesn't wait for it in non-interactive mode), and exits immediately. B runs as a normal backgrounded child, orphaned when the parent shell exits. Handles redirects (``&>``, ``2>&1``) and skips content inside quoted strings and parenthesised subshells. Leaves simple ``cmd &`` alone — that construct doesn't have the subshell-wait bug. rrrrrrr>rr(r{}rr;|&rz<>Nz{ z& })rrrrmaxrrreversed)rkrr paren_depth brace_depthlast_chain_op_endrewritesrvnl_rjr chain_endamp_pos insert_posprefixmiddlesuffixs r_rewrite_compound_backgroundrKsg. G A AKK&(H a%% QZ ::+**{a/?/? "  FA  ::<<  FA  99dA&&BRxxA  ::!a%!)) FA    )'155IAvFAE""A  99 1 K FA  99aq11K FA  99QA(>(>(@(@GAPQENVZDZDZ 1 K FA  99q 1 K "  FA  ??kAoo FA    dA & & '*<*new_cwd container_idenvs rregister_task_env_overridesrFs( $- mmE""G'3 GMMOO  2'::  ^ ^&**733]7K7O7OP\7]7]C ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ?wsE488DCGGG     ?DDs5B  B$'B$c<t|ddS)z Clear environment overrides for a task after rollout completes. Called during cleanup to avoid stale entries accumulating. N)r<re)r=s rclear_task_env_overridesrHs GT*****rBcthd}|r<|tvr3t|}t||zr|SdS)u Map a tool-call ``task_id`` to the container/sandbox key used by ``_active_environments``. The top-level agent passes ``task_id=None`` and lands on ``"default"``. ``delegate_task`` children pass their own subagent ID so that file-state tracking, the active-subagents registry, and TUI events stay distinct per child -- but we deliberately collapse that ID back to ``"default"`` here so subagents share the parent's long-lived container (one bash, one /workspace, one set of installed packages). Exception: RL / benchmark environments (TerminalBench2, HermesSweEnv, ...) call ``register_task_env_overrides(task_id, {...})`` to request a per-task Docker/Modal image. When an override is registered for a task_id, we honour it by returning the task_id unchanged -- those rollouts need their own isolated sandbox, which is the whole point of the override. CWD-only overrides (registered by the ACP adapter for workspace tracking) are *not* isolation signals — they should not cause each session to spin up its own container. Only overrides containing backend-specific image keys or ``env_type`` trigger isolation. >rl modal_image docker_image daytona_imagesingularity_imager) frozensetr<setkeys)r=_ISOLATION_KEYSr>s rrArAsj0 !!!O7111'0 y~~ ? 2 N 9rBrc tj||} ||S#ttjf$rtd|d|d|dwxYw)zParse an environment variable with *converter*, raising a clear error on bad values. Without this wrapper, a single malformed env var (e.g. TERMINAL_TIMEOUT=5m) causes an unhandled ValueError that kills every terminal command. zInvalid value for : z (expected z1). Check ~/.hermes/.env or environment variables.)rrrjsonJSONDecodeErrorrs r_parse_env_varrVs )D' " "C y~~ , -    > > > > >: > > >    s "0Ac tjS#t$r6tjdptjdcYSwxYw)amReturn the current working directory, tolerating a deleted CWD. ``os.getcwd()`` raises FileNotFoundError when the process's working directory has been removed out from under it (e.g. a scratch workspace that was cleaned up mid-session). Fall back to TERMINAL_CWD, then the user's home directory, so terminal setup never crashes on a stale CWD. TERMINAL_CWD~)rgetcwdFileNotFoundErrorrr6 expanduserrArBr _safe_getcwdr]s^Dy{{ DDDy((CBG,>,>s,C,CCCCDs=AAcn d}tjdd}tjdddv}|dv}|dk}|r8td d td }td d }tdd}nd}d}d}|rqtddt jd}tddt jd} tddt jd} tddt jd} ng}g} i} g} |dkrt} n |dkrd} nd} tjd| rtj d} d}|dkr|rtjdp t}tj tj |tfd |DsStj r8tj rd!s} d"nj|dvrfrdtfd#|D}tj  }|s|r%| krtd$|| | id%|d&t#tjd'd(d)tjd*|d+|d,tjd-d.|d/tjd0|d1tjd2|d3d4| d5|d6td7d8d9td:d;dd?tjd@d>dAtdBdCdDtjdEd>dFtjdGtjdHdIdvtjdJddv|||tjdKdIdv| | tjdLddv| tjdMdIdvtjdNdIdvdO S)PzBGet terminal environment configuration from environment variables.*nikolaik/python-nodejs:python3.11-nodejs20rr&TERMINAL_DOCKER_MOUNT_CWD_TO_WORKSPACEfalse>ryesr>modaldockerdaytona singularityrdTERMINAL_CONTAINER_CPUrr$TERMINAL_CONTAINER_MEMORY5120TERMINAL_CONTAINER_DISK51200g?TERMINAL_DOCKER_FORWARD_ENVz[]z valid JSONTERMINAL_DOCKER_VOLUMESTERMINAL_DOCKER_ENVz{}TERMINAL_DOCKER_EXTRA_ARGSsshrY/rootrXN)z/Users/z/home/zC:\zC:/c3BK|]}|VdSNr).0p candidates r z"_get_env_config..fs1??A $$Q''??????rB) /workspacersr{c3BK|]}|VdSrurv)rwrxr@s rrzz"_get_env_config..ms/DD3>>!,,DDDDDDrBzeIgnoring TERMINAL_CWD=%r for %s backend (host/relative path won't work in sandbox). Using %r instead.rl modal_modeTERMINAL_MODAL_MODEautorKTERMINAL_DOCKER_IMAGEdocker_forward_envrMTERMINAL_SINGULARITY_IMAGE docker://rJTERMINAL_MODAL_IMAGErLTERMINAL_DAYTONA_IMAGEr@host_cwddocker_mount_cwd_to_workspacerTERMINAL_TIMEOUT180lifetime_secondsr)r*ssh_hostTERMINAL_SSH_HOSTrssh_userTERMINAL_SSH_USERssh_portTERMINAL_SSH_PORT22ssh_keyTERMINAL_SSH_KEYssh_persistentTERMINAL_SSH_PERSISTENTTERMINAL_PERSISTENT_SHELLrTERMINAL_LOCAL_PERSISTENTTERMINAL_CONTAINER_PERSISTENT TERMINAL_DOCKER_RUN_AS_HOST_USER(TERMINAL_DOCKER_PERSIST_ACROSS_PROCESSESTERMINAL_DOCKER_ORPHAN_REAPER) local_persistent container_cpucontainer_memorycontainer_diskcontainer_persistentdocker_volumes docker_envdocker_run_as_host_userdocker_extra_argsdocker_persist_across_processesr()rrrrVfloatrTloadsr]r6r\abspathanyisabsisdirrrr6r ) default_imagerlmount_docker_cwdcontainer_backenddocker_backendrrrrrrr default_cwdr host_prefixesdocker_cwd_source is_host_path is_relativeryr@s @@r_get_env_configr-s^AMy11Hy!I7SSYY[[_ss $QQ)N &'?eXVV )*EvNN'(A7KK  +,I4QUQ[]ijj'(A4Uabb#$94\ZZ *+Gtz[ghh  7"nn U    )NK 0 0C &g  %%H8M8 0In55GGOOBG$6$67H$I$IJJ ??????? ? ?  i(( -/W]]9-E-E NWNbNbczN{N{ !HC B B Bs BDDDDmDDDDD '--,,,  K SK-?-? KKXX{ 4 4 4C4 H4 ' 2G(P(PQQ4   "9=II4  0 4  RY'CE`Q^E`E`aa 4  ry!7GG 4  #;]KK4  s4  H4  ()94  >"4e<<4  N+FNN4  BI12664  BI12664  N#6==!4 " 29/44#4 * ") % I16 : :   %'')*+4 2I&A7KKQQSSWkk',( " *I6 R R X X Z Z^r r( #%9-OQX#Y#Y#_#_#a#aey#y.,.9 6, , %''),*!# +V! ! %'')!*c4 4 4 4rBr}cXt|ttdS)z2Resolve direct vs managed Modal backend selection.rc) has_direct managed_ready)rr r")r}s r_get_modal_backend_staters0 &/113G<<   rBimager@r ssh_config local_configrc 8|pi} | dd} | dd} | dd} | dd} | d g}| d g}| d i}| d g}|d krt||S|dkrt| tdEid|d|d|d| d| d| d| d|d|d|d| ddd|d|d| d dd!|d"| d#dS|d$krt |||| | | | |%S|d&krXi}| d'kr| |d<| d'kr| |d<| d'krE d'd(l}d'd(l}d)||jj j vr| |d)<n#t$rYnwxYwt| d*}|d+d,krt||||| |-S|d+d.kr|d/r"td0td1zd2z|d3d,krtd4td1z|d3d.krtd5d6}t!rd7}t|t#||||| |-S|d8kr&d'd9lm}||||t)| | | | |%S|d:kr|r*|d;r|d<std=t+|d;|d<|d>d?|d@dA||BStdC|dD)Fa Create an execution environment for sandboxed command execution. Args: env_type: One of "local", "docker", "singularity", "modal", "daytona", "ssh" image: Docker/Singularity/Modal image name (ignored for local/ssh) cwd: Working directory timeout: Default command timeout ssh_config: SSH connection config (for env_type="ssh") container_config: Resource config for container backends (cpu, memory, disk, persistent) task_id: Task identifier for environment reuse and snapshot keying host_cwd: Optional host working directory to bind into Docker when explicitly enabled Returns: Environment instance with execute() method rrrrlrrmrTrrrrr)r@rrdrr@rcpumemorydiskpersistent_filesystemr=volumesrauto_mount_cwdrF forward_envrErun_as_host_userr extra_argspersist_across_processesrrf)rr@rrrrrr=rcrNephemeral_diskr}selected_backendmanaged)rr@rmodal_sandbox_kwargsrr=directmanaged_mode_blockedzModal backend is configured for managed mode, but Nous Tool Gateway access is not currently available and no direct Modal credentials/config were found. managed Modal executionzH Choose TERMINAL_MODAL_MODE=direct/auto to use direct Modal credentials.modez[Modal backend is configured for managed mode, but the managed tool gateway is unavailable. z_Modal backend is configured for direct mode, but no direct Modal credentials/config were found.zHModal backend selected but no direct Modal credentials/config was found.z`Modal backend selected but no direct Modal credentials/config or managed tool gateway was found.re)DaytonaEnvironmentrrhostuserz?SSH environment requires ssh_host and ssh_user to be configuredportkeyr)rrrkey_pathr@rzUnknown environment type: zD. Use 'local', 'docker', 'singularity', 'modal', 'daytona', or 'ssh'rA)r`_LocalEnvironmentr;_DockerEnvironment_SingularityEnvironmentinspectrc signatureSandboxcreate parametersr3r_ManagedModalEnvironmentrrr_ModalEnvironmenttools.environments.daytonarr3_SSHEnvironment)rlrr@rrr&rr=rccrrr persistentrrrrsandbox_kwargsrrc modal_statemessage_DaytonaEnvironments r_create_environmentrsB,  RB &&! $ $C VV& - -F 66"E * *D.55Jff%r**G 4b99 b))J2B777 S':::: X   #2&&&!    %   S  *1'    "F  )-  #-*  7>g  G  X  66"A5III  +*      VV$=uEEE  )(  &(VV,Mt%T%T%T   ] " "&S'F",g    W   77$'N5 ! A::'-N8 $ !88 %%%%%%%%#w'8'89M'N'N'YYY7;N#34    /rvvl/C/CDD ) *i 7 7+g%3&0'  ) *h 6 612  <<1 a a6"i// q;1 6"h.. uaG)++ vW%% % S'!/",g    Y  XXXXXX""S'Cd",g    U   `!7!7 `z~~f?U?U `^__ _F#F#++^^E2..      ; ; ; ;   s3G GGr+rctj} ddlm}ttD]!}||r |t|<"n#t$rYnwxYwg}t5tt D]]\}}||z |krOt |d}t |d|| ||f^t5|D] \}}t |d! dddn #1swxYwYdddn #1swxYwY|D]+\}} ddlm}||n#t$rYnwxYw t#|dr|nIt#|dr|n$t#|dr|t*d|#t.$rl} t1| } d | vsd | vrt*d |nt*d || Yd} ~ %d} ~ wwxYwdS) zOClean up environments that have been inactive for longer than lifetime_seconds.rprocess_registryNclear_file_ops_cachecleanupstop terminatez,Cleaned up inactive environment for task: %s404 not found*Environment for task %s already cleaned up-Error cleaning up environment for task %s: %s)rtools.process_registryrlistr$rPhas_active_processesr5rBitemsr#rer_creation_locks_lockr%tools.file_toolsrhasattrrrrrr6r3r+rr) r current_timerr= envs_to_stop last_timerEr rr8 error_strs r_cleanup_inactive_envsrKsq9;;L ;;;;;;N//1122 7 7G44W== 7*6w' 7      L  3 3"&~';';'='=">"> 8 8 GYi'*:::*..w==""7D111? ''#777" 3 3* 3 3 ##GT2222 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3%\\   = = = = = =  ) ) ) )    D  \sI&&  f%%  k**   KKF P P P P \ \ \AI !![IOO4E4E%E%E H'RRRRNPWYZ[[[  \'\\suAA$$ A10A1=B E $D:. E:D> >ED> EEE%E77 FFB H JA!JJc6tr t}t|dn4#t$r'}td|dYd}~nd}~wwxYwt dD]}tsntjd tdSdS)zKBackground thread worker that periodically cleans up inactive environments.rzError in cleanup thread: %sTr(Nr,r) _cleanup_runningrrr3rrrangerr)configr8r s r_cleanup_thread_workerrs   L$&&F "6*<#= > > > > L L L NN8!dN K K K K K K K K Lr  A#  JqMMMM      s#- AAAct5tts6dat jt datddddS#1swxYwYdS)z;Start the background cleanup thread if not already running.NTr)rB_cleanup_threadis_aliverrWrrrrArBr_start_cleanup_threadr s $$  "/*B*B*D*D "# '.6LUYZZZO  ! ! # # # $$$$$$$$$$$$$$$$$$sAA,,A03A0cdat6 tddS#ttf$rYdSwxYwdS)z#Stop the background cleanup thread.FNr)rrr SystemExitrrArBr_stop_cleanup_threadrsb"    + + + + +-.    DD #"s (==ct|}t5t|pt|cdddS#1swxYwYdS)z9Return the active BaseEnvironment for *task_id*, or None.N)rArBr#r`)r=lookups rget_active_envrs ' 0 0F UU#''//T3G3K3KG3T3TUUUUUUUUUUUUUUUUUUs4AAAcdt|}|dStt|ddS)aReturn True if the active environment for task_id is configured for cross-turn persistence (``persistent_filesystem=True``). Used by the agent loop to skip per-turn teardown for backends whose whole point is to survive between turns (docker with ``container_persistent``, daytona, modal, etc.). Non-persistent backends (e.g. Morph) still get torn down at end-of-turn to prevent leakage. The idle reaper (``_cleanup_inactive_envs``) handles persistent envs once they exceed ``terminal.lifetime_seconds``. NF _persistent)rrr?)r=rEs ris_persistent_envrs5  ! !C {u ]E22 3 33rBcttt}d}|D]L} t||dz }#t$r(}t d||dYd}~Ed}~wwxYwt}ddl}|t|dz D]g} tj |dt d |5#t$r&}t d ||Yd}~`d}~wwxYw|dkrt d ||S) z3Clean up ALL active environments. Use with caution.rrzError cleaning %s: %sTr(Nr&) ignore_errorszRemoved orphaned: %sz%Failed to remove orphaned path %s: %szCleaned %d environments)rr#rP cleanup_vmr3rerrorr r*r+shutilrmtreer6r0r1)task_idscleanedr=r8r4r*r6s rcleanup_all_environmentsrs(--//00HGMM M w    qLGG M M M LL0'1tL L L L L L L L L M#$$KKKK #kJ67788KK K M$d 3 3 3 3 KK. 5 5 5 5 K K K LL@$ J J J J J J J J K{{ -w777 Ns/A A5 A00A521C$$ D.DD force_removercd}t5t|d}t|ddddn #1swxYwYt5t |ddddn #1swxYwY ddlm}||n#t$rYnwxYw|dS t|drSddl }| |j }d|j vr| |n^| nIt|dr|n$t|dr|t d |dS#t$$rr}t'|}d |vsd |vrt d |n"t d ||Yd}~dSYd}~dSd}~wwxYw)u$Manually clean up a specific environment by task_id. *force_remove* (default False) is forwarded to backends that accept it — currently only ``DockerEnvironment``. The default of False matches session-lifecycle semantics: this function is called from ``AIAgent.close()`` (TUI session close, gateway session teardown) and the per-turn cleanup branch for non-persistent envs, both of which should honor the user's persist-mode preference. Stopping the container here would defeat the "ONE long-lived container shared across sessions" contract — exactly the bug Ben reported when the container was killed on every TUI session close. Pass ``force_remove=True`` for actual user-initiated teardown (e.g. ``/reset``-style flows that haven't been wired yet, or future "destroy my sandbox" commands). The idle reaper passes the env through ``env.cleanup()`` directly (not via this function), so persist-mode idle envs are similarly no-op'd — only the orphan reaper at next startup reclaims them. Nrrrrrrrz,Manually cleaned up environment for task: %srrrr)rBr#rer$rr%rrr5rrrrrrrrr6r3r+rr)r=rrErrsigr8rs rrrs0 C **"&&w557D)))*************** ++GT***+++++++++++++++ 999999W%%%%       {X 3 " "  NNN##CK00C//  6666 S& ! !  HHJJJJ S+ & &  MMOOO BGLLLLL XXXFF I   0A0A!A!A KKDg N N N N NNJGUV W W W W W W W W W O N N N N NXsO7A  AABB B B%% B21B2:CF G? A!G::G?cttrtt}td|t t}t|D]W}t|dd}| |d$#t$r%}t d|Yd}~Nd}~wwxYwdSdS)zBStop cleanup thread and shut down all remaining sandboxes on exit.z)Shutting down %d remaining sandbox(es)...wait_for_cleanupNg.@rz#wait_for_cleanup raised on exit: %s) rr#rrr6rvaluesrr?r3r1)count envs_to_waitrEwait_fnr8s r_atexit_cleanupr('s G()) ?GGG07799::  """   G GCc#5t<>( # # <     4rBnotify_on_complete backgroundc"|r |r|rd}d|fS|dfS)uKDecide what to do when both notify_on_complete and watch_patterns are set. These flags produce duplicate, delayed notifications when combined — one notification per watch-pattern match AND one on process exit, with async delivery that can spam the user long after the process ends. When both are set, we drop watch_patterns in favor of notify_on_complete (the more useful "let me know when it's done" signal) and return a human-readable note. Returns: (watch_patterns_to_use, conflict_note). conflict_note is "" when there is no conflict. zuwatch_patterns ignored because notify_on_complete=True; these two flags produce duplicate notifications when combinedNrrA)rXwatch_patternsrYnotes r#_resolve_notification_flag_conflictr]s=$(^ L Tz 2 rBrErc|r|St|dd}t|tr|r|S|S)aReturn the cwd for a command, preferring the live session cwd. ``terminal_tool`` historically re-sent the init-time/config cwd on every call. That broke session-local ``cd`` state: the environment tracked the new directory in ``env.cwd``, but foreground/background calls kept forcing the old cwd back through ``env.execute(..., cwd=...)``. Explicit ``workdir=`` must still override everything. r@N)r?rr+r)rqrErlive_cwds r_resolve_command_cwdr`sPsE4((H(C  X^^%5%5 rBforceptyr[c  t|ts]tdt |jt jdddt |jdddSt} | d } t|} |rt |nd pt | i} | d kr| d p| d } nn| d kr| dp| d} nJ| dkr| dp| d} n&| dkr| dp| d} nd} | dp| d}| d}|p|}|s1|r/|tkr$t jdd|dtdidS|s,t|}|rt jdd|dddStt5| t vr| n|r |t vr|nd }|+t#jt$|<t |}d}nd}d d d n #1swxYwY|rt&5| t(vrt+jt(| <t(| }d d d n #1swxYwY|5t5| t vr| n|r |t vr|nd }|*t#jt$|<t |}d}d d d n #1swxYwY|r| d krt/td| | d d d }| dkrl| dd| dd| dd| d d| d!dd"}d }| d#vr| d$d%| d&d'| d(d)| d*d| d+d,| d-g| d.d| d/g| d0i| d1d| d2g| d3d| d4dd5 }d }| d6krd7| d8di}t3| | |||||| | d9: }nB#t4$r5}t jddd;|d<d=ddcYd }~cd d d Sd }~wwxYwt5|t | <t#jt$| <|}d d d n #1swxYwYtd>| | d dd d d n #1swxYwYd }|s:t7|| }|d?s| d@dAkr[t jddddAd| dB|| dCdD| dEddFdS| dCdD}dG|dH}t jdd| dI|dJddS| dKr| dCdL}dM|dN}n1| dOr| dCdL}dP|dQ}|r]t9|}|rLtdR|d dSt;|t jdd|dJddSd } |}!|rt=|rd}!dT} |rdUdVlm }"dUdWl!m"}#|"dX}$tG|||Y}% | d6kr3|#$||%| |$tK|dZr|j&nd |![}&n|#'|||%| |$\}&d]|&j(|&j)dUd d^}'|r||'d_<| r| |'d`<|r |s|sda|'db<|rG|rEdc|vpdd|v}(de|vpdf|vpdg|v})dh|vp|(o|)}*|*r'|' dbd}+di},|+r|+djz|,zn|,|'db<|r~|s|rzdUdkl*m+}-|-dld}.|.rf|-dmd}/|-dnd}0|-dod}1|-dpd}2|-dqd}3|.|&_,|/|&_-|1|&_.|2|&_/|0|&_0|3|&_1tetg||tg|r\}}4|4r&tds|&j(|4|4|'dt<|rd|rbd|&_4d|'du<|&j,rOdv|&_5|#j67|&j(dv|$|&j,|&j-|&j.|&j/|&j0|&j1ddw |r |rtq||&_9|&j9|'dx<t j|'dS#tt$r4}t jdddyt|dzdcYd }~Sd }~wwxYwd{}5dU}6d }7|6|5kro |tG|||Yd|}8|j;|fi|8}7nH#tt$r:}t|<}9d|9vr#t jdd}d~|ddzdcYd }~S|6|5krd|6d%z }6d|6z}:td|:|6|5t;|t |j|| | t#j=|:Yd }~t>d|5t;|t |j|| | t jdddt |jdt|dzdcYd }~Sd }~wwxYw |7 dd};|7 ddU}|>D]}?t|?tr|?};nn#tt$rYnwxYwdUdlBmC}@|@}At|;|Akr[t|Adz}B|A|Bz }Ct|;|Bz |Cz }Dd|Ddt|;d}E|;d |B|Ez|;|C d z};dUdlFmG}F|F|;};dUdlHmI}G|;r|G|;Jnd};t||<}H|;|d|Kt jdddt||KdddcYd }~Sd }~wwxYw)u. Execute a command in the configured terminal environment. Args: command: The command to execute background: Whether to run in background (default: False) timeout: Command timeout in seconds (default: from config) task_id: Unique identifier for environment isolation (optional) force: If True, skip dangerous command check (use after user confirms) workdir: Working directory for this command (optional, uses session cwd if not set) pty: If True, use pseudo-terminal for interactive CLI tools (local backend only) notify_on_complete: If True and background=True, you'll be notified exactly once when the process exits. The right choice for almost every long task. MUTUALLY EXCLUSIVE with watch_patterns. watch_patterns: List of strings to watch for in background output. HARD rate limit: 1 notification per 15s per process. After 3 strike windows in a row, watch_patterns is disabled and the session is auto-promoted to notify_on_complete. Use ONLY for rare, one-shot mid-process signals on long-lived processes (server readiness, migration-done markers). NEVER use in loops/batch jobs — error patterns there will hit the strike limit and get disabled. MUTUALLY EXCLUSIVE with notify_on_complete — set one, not both. Returns: str: JSON string with output, exit_code, and error fields Examples: # Execute a simple command >>> result = terminal_tool(command="ls -la /tmp") # Run a background task >>> result = terminal_tool(command="python server.py", background=True) # With custom timeout >>> result = terminal_tool(command="long_task.sh", timeout=300) # Force run after user confirmation # Note: force parameter is internal only, not exposed to model API z+Rejected invalid terminal command value: %srrz&Invalid command: expected string, got r)rxr)rstatusF) ensure_asciirlNrdrKrfrMrcrJrerLr@rzForeground timeout zs exceeds the maximum of zNs. Use background=true with notify_on_complete=true for long-running commands.Tz*Creating new %s environment for task %s...rrrrrrrr)rrrrr>rcrdrerfrrrrlrrmrr}rrrrrrrrr() rrrrr}rrrrrrrr(rrrr) rlrr@rrr&rr=rz5Terminal tool disabled: environment creation failed (rdisabledz %s environment ready for task %sapprovedrdpending_approvalrk descriptionzcommand flagged pattern_key)rxr)rrdapproval_pendingrkrjrkzCommand denied: z?. Use the approval prompt to allow it, or rephrase the command.rblocked user_approvedzflagged as dangerouszCommand required approval (z) and was approved by the user.smart_approvedzCommand was flagged (z&) and auto-approved by smart approval.z+Blocked dangerous workdir: %s (command: %s)rzPTY disabled for this command because it expects piped stdin/EOF (for example gh auth login --with-token). For local background processes, call process(action='close') after writing so it receives EOF.r)get_current_session_keyr)r)rqrErrE)rkr@r=rYenv_varsuse_pty)rErkr@r=rYzBackground process started)rx session_idpidr)rrEpty_noteubackground=true without notify_on_complete=true means this process runs SILENTLY — you will not be told when it exits. If this is a bounded task (test suite, build, CI poller, deploy, anything with a defined end), you almost certainly wanted notify_on_complete=true so the system pings you on exit. Re-launch with notify_on_complete=true, or call process(action='poll') / process(action='wait') yourself to learn the outcome. Only ignore this hint for genuine long-lived processes that never exit (servers, watchers, daemons).hintz gh pr viewz gh pr checksz jq z| jqz$(jqstatusCheckRollupuRThis looks like a homebrewed CI poller built from `gh pr view --json statusCheckRollup` and/or `gh pr checks | jq`. That shape has burned us repeatedly in hermes-agent dev work (PRs #31329, #31448, #31695, #31709, #31745, #32264, #33131) — stdout buffering kills output capture, jq null-key edge cases silently exit the loop, conclusion-vs-status field confusion exits early with bogus all-green verdicts, TTY-only summary banners never appear when piped. Use the canonical snippets in the green-ci-policy skill instead: the exit-code-driven `gh pr checks $PR >/dev/null` (rc 0 = green, 8 = pending, else fail) for exit-on-first-fail behavior, or the column-2 awk-on-tabs poller (`awk -F"\t" "$2==\"pending\""`) for sharded matrices. Load skill_view(name='github/hermes-agent-dev', file_path='references/green-ci-policy.md') for the verbatim snippets. If you must roll a custom loop with rich structured output, write each tick to a known file (`tee -a /tmp/ci.log`) and rely on `process(action='log')` to read THAT file — do not rely on background-process stdout capture for line-buffered shell loops.z rOHERMES_SESSION_PLATFORMHERMES_SESSION_CHAT_IDHERMES_SESSION_THREAD_IDHERMES_SESSION_USER_IDHERMES_SESSION_USER_NAMEHERMES_SESSION_MESSAGE_ID)rXr[rYzbackground proc %s: %swatch_patterns_ignoredrXr ) rscheck_intervalrYrchat_iduser_id user_name thread_id message_idrXr[z$Failed to start background process: )rxr)rr)rr@|zCommand timed out after z secondsrzfExecution error, retrying in %ds (attempt %d/%d) - Command: %s - Error: %s: %s - Task: %s, Backend: %szWExecution failed after %d retries - Command: %s - Error: %s: %s - Task: %s, Backend: %szCommand execution failed: rSrxr) invoke_hooktransform_terminal_output)rkrxrr=rl) get_max_bytesg?z ... [OUTPUT TRUNCATED - z chars omitted out of z total] ... ) strip_ansi)redact_sensitive_textexit_code_meaningzterminal_tool exception: %szFailed to execute command: )rxr)r tracebackrd)Nrr+rrrrrTdumpsrrAr<r`FOREGROUND_MAX_TIMEOUTrWr rBr#rr$rr%rWLockr:r6rr5rprwrrHtools.approvalrprrr` spawn_localrrE spawn_via_envrVrtrUrPwatcher_platformwatcher_chat_idwatcher_user_idwatcher_user_namewatcher_thread_idwatcher_message_idr]rrXwatcher_intervalpending_watchersrrr[r3executerrrrhermes_cli.pluginsrtools.tool_output_limitsrrr3tools.ansi_stripr agent.redactrrrCr format_exc)LrkrYrr=rarqrbrXr[rrleffective_task_idr>rr@default_timeouteffective_timeoutguidance _existing_keyrEneeds_creation task_lockrr&rnew_envr8 approval_noterEdesc fallback_msg workdir_errorpty_disabled_reason effective_ptyrprrY effective_cwd proc_session result_data_gh_has_jq _bad_shapeexistingcanonical_hint_gse _gw_platform _gw_chat_id _gw_thread_id _gw_user_id _gw_user_name_gw_message_id conflict_note max_retries retry_countrexecute_kwargsr wait_timerxrr hook_results hook_resultrMAX_OUTPUT_CHARS head_chars tail_charsomittedtruncated_noticerr exit_note result_dictrtb_strsL r terminal_toolrsRM '3'' # NN=W &   :Z$w--BXZZ!  " ### #!""*% 7w??29 B $ $W - - -d >"&&'8"==  x  MM.11KVN5KEE  & &MM"566U&AT:UEE  MM-00IF=4IEE  " "MM/22Mf_6MEEEmmE""3fUm +#6 #g #'4J*J*J:J'JJ-JJJ " ### # '6w??H 'z !#%% ## !& ''''   & &&7:N%N%N!!!(VW8L-L-LggRV (04 }-*=9!&!% & & & & & & & & & & & & & & &" Q e% ? ?$O;;9B9I9IO$56+,=>  ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? J eJ e//->BV-V-V)))0^W@T5T5TggZ^"%08< }52=A).///////////////">e=001333KK LhXijlkljlXmnnn4/%) #u,,(. :r(B(B(. :r(B(B(. :r(B(B'-zz)R'@'@.4jj9I5.Q.Q **J,0(#'TTT17OQ1O1O4:JJ?QSW4X4X28**=Mu2U2U8> CY[_8`8`.4jjv.N.N28**=Mr2R2RAGLkmrAsAs6 CY[_8`8`00, (, #w.. ,fjj9KU.S.S,L#6%-"' #$5'1-=)5$5%+ZZ %;%; # # #'///#z&()+%a]^%a%a%a&0 ++ ).  / / //////J eJ eJ eJ eJ eJ eJ eJ e|/#&&BI,->?<@IKK'89%&&&&&&&&&&&&&&&KK BHN_`bab`bNcdddUJ eJ eJ eJ eJ eJ eJ eJ eJ eJ eJ eJ eJ eJ eJ e\ ! e((;;HJ' '<<))-???:"$%'!#"4,0#+<< 7#C#C'/||MCT'U'U'/||M2'F'F ' '%* + + + + ||M3DEETtTTTz !#%\\)\BB' ## !& ''''||O,, e||M3IJJ cd c c c .// e||M3IJJ d d d d   '-g66M 'L&tt}.CG.L.LNNNz !#*' ## !& ''''#  /88 !M  I ? ? > > > > > ? ? ? ? ? ?11"===K0M M 'w&#?#? ') 1$/,3C,?,?!IT - $@$$LL$4#A#A ') 1$/ $B$$L;"./'+!"!  !<.;K +&B.AK + &8   H 'T0'0'72On6OC')SVw->S&GBS,w6-  OG" #.??62#>#>='8CK0Hv->>!/$F+I#5IIOOOOOO#'4(A2#F#FL# I&*d+CR&H&H (,-G(L(L &*d+CR&H&H (,-G(L(L )-.I2)N)N8D 57B 47B 49F 69F 6:H 71T'+,>'?'?#1#J//111- !JNN#;\_m\\\N!Z!ZRUVWRXRX!Z!Z''%* +++++++++)+6ZZ"--FL!44J*&(;;F  ::::::*{/#!)-3%     $0K!+s33!,     ? > > > > >,} 6{{--- !1C!788 - : f++ 2Z?;7;;!&kk;;;!  ,/??&*BVV 4 3 3 3 3 3Z''F ; : : : : :>DL**6<<>>:::"F-WjAAI!'K  8*7 J' =3< /0:k>>> >    %%'' 3V<<<z;3q66;;           sA1u 4E u -u .u A I u Iu I! u .2J, u ,J00u 3J04u 9W.AL W.L W.L >W.GT65W.6 U5U0U5W.# u 0U55 W.?(V3' W.3V7 7W.:V7 ;'W." u .W22u 5W26Bu A u Cu Au H;h i$)i iu iu )#j u  oAoou !A%ou A=oo u oAu 7q u qu qC2u v?Av:4v?:v?cH t}|d}|dkrdS|dkr]ddlm}|}|stddSt j|d gdd t j }|jdkS|d kr[tj d ptj d }|r/t j|dgdd t j }|jdkSdS|dkrH| dr| dstddSdS|dkrwt| d}|ddkrdS|ddkr|dr*tdtddS|ddkr*tdtddS|ddkrEtrtdntddStrtdntd dStjdtd"dSdS|d#krdd$lm}t)jd%d!uStd&|dS#t,$r(}td'|d(Yd!}~dSd!}~wwxYw))z8Check if all requirements for the terminal tool are met.rlrTrdr) find_dockerz?Docker executable not found in PATH or common install locationsFversionr )capture_outputrrrf apptainerz --versionrrrrzSSH backend selected but TERMINAL_SSH_HOST and TERMINAL_SSH_USER are not both set. Configure both or switch TERMINAL_ENV to 'local'.rcr}rrrrzModal backend selected with TERMINAL_MODAL_MODE=managed, but Nous Tool Gateway access is not currently available and no direct Modal credentials/config were found. %s Choose TERMINAL_MODAL_MODE=direct/auto to use direct Modal credentials.rrzhModal backend selected with TERMINAL_MODAL_MODE=managed, but the managed tool gateway is unavailable. %szModal backend selected with TERMINAL_MODAL_MODE=direct, but no direct Modal credentials/config were found. Configure Modal or choose TERMINAL_MODAL_MODE=managed/auto.zModal backend selected with TERMINAL_MODAL_MODE=direct, but no direct Modal credentials/config were found. Configure Modal or choose TERMINAL_MODAL_MODE=auto.zModal backend selected but no direct Modal credentials/config or managed tool gateway was found. Configure Modal, set up the managed gateway, or choose a different TERMINAL_ENV.z|Modal backend selected but no direct Modal credentials/config was found. Configure Modal or choose a different TERMINAL_ENV.NzFmodal is required for direct modal terminal backend: pip install modalre)DaytonaDAYTONA_API_KEYzWUnknown TERMINAL_ENV '%s'. Use one of: local, docker, singularity, modal, daytona, ssh.z&Terminal requirements check failed: %sr()rr4rrrrrrrrwhichr`rrr importlibutil find_specrerrrr3) rrlrrdr executablerrr8s rcheck_terminal_requirementsr si ""*% w  4  ! ! = = = = = = []]F  ^___u^VY$7VW_i_qrrrF$) )  & &k22Qfl=6Q6QJ .#[(ARV`aisi{|||(A--5   ::j)) J1G1G  Zu4  26::l3K3KLLK-.);;t-.(::56 !LL[>5 !5v&)33LL:=5!5 (H44133  @  8 !5133  B  R!5~''008 efffu4  " " ' ' ' ' ' '9.//t; ; LL'    5  =q4 PPPuuuuusbK/2K/.K/AK/$A K/25K/)rs@    ,,,,,,,,,,,,!!!!!!  8 $ $=<<<<<<<<;;;;;   80/% #9"8   ##F(*d38n)))*IN,, !! 999444%%%   -----,333333222222%%%% NsNcNdNNNN2:=>>ssTz,4z3z3sz3Cz3z3z3z3x - -3 -s -S - - - -=c=d====!s!3!5c?!!!!H:C:E#t)4D::::zd4b#b#bbbbJFS4ZFE#*cDj:P4QFFFFTKJJJJJ\\\\\\DDDDDDMMMMMMJJJJJJ``````DDDDDD 0(*d38n)))#%S%Z %%% IN   -/c9>)*///%y~'' "+Y^-->;c3h>;D>;>;>;>;R24T#tCH~-.333&&c3h&&&&R+c++++  #    J>AT]     s  s  c     Dc D D D D|c3h||||~$4S>KO-1'0(, S S #S cS S cS $(S CGS &*S "%S #& S S S S l;\;\S;\;\;\;\|   $$$UCUUUU4s4t4444&66;AXAXAXAXdAXAXAXAXHGGG0 =#=#=#*====@ # $    (RZDbmVXVbFb'BJx00(bj);<< 3 3    "BJRTVTabbBJ+R];;BJ "-00BJ "-00BJ~r}--BJ~r}--BJ ..BJ6 FF #"S"S4Z""""J   6 c]    4!!!$*.v v  v v c]v c] v   v  c] v  v v T#Y'v  v v v v rkTkkkk\ z E !!! E(OOO _  F E $%%% E 5 !3 5 5666 E 5VN3 5 5666 E 3F=1 3 3444 E 1&- 1 1222 E 4y 1 4 4 4555 E 6 23 6 6 6777 & & ( ( LMMM  E '((( E  E IJJJ E  E !""" E 6777 E$KKK E %&&& E QRRR E $%%%>K E 7 29^W - - 7 7 7  E Wibi0G&U&U W WXXX E o9295QSl_jSlSl+m+m o oppp E UYRY/E{%S%S U UVVV E Yyry1I;'W'W Y YZZZ E HYRY~||~~FF H HIII<<<<<< E _YRY/E$$&&G\G\G\%]%] _ _``` E F+=t!D!D F FGGG E Y)")4OQV*W*W Y YZZZ $##### ,!A " U   " |Uk | |mC | | | ! " ~  " ` ##   (+ l;" " FKK&&**Z        ( !rB