@anthropic-ai/sandbox-runtime 0.0.1

package/dist/utils/exec.js

@@ -0,0 +1,38 @@
+import { execFile } from 'child_process';
+import { promisify } from 'util';
+const execFilePromise = promisify(execFile);
+/**
+ * Simple wrapper around execFile that doesn't throw on non-zero exit codes
+ * Simplified version for standalone sandbox use
+ */
+export async function execFileNoThrow(file, args, options = {}) {
+    try {
+        const result = await execFilePromise(file, args, {
+            timeout: options.timeout || 10000,
+            cwd: options.cwd,
+            maxBuffer: 10 * 1024 * 1024, // 10MB
+        });
+        return {
+            stdout: result.stdout,
+            stderr: result.stderr,
+            code: 0,
+        };
+    }
+    catch (error) {
+        // execFile throws on non-zero exit, but we want to return the result
+        if (error && typeof error === 'object' && 'code' in error) {
+            return {
+                stdout: error.stdout || '',
+                stderr: error.stderr || '',
+                code: typeof error.code === 'number' ? error.code : 1,
+            };
+        }
+        // For other errors (like ENOENT), return error info
+        return {
+            stdout: '',
+            stderr: error instanceof Error ? error.message : String(error),
+            code: 1,
+        };
+    }
+}
+//# sourceMappingURL=exec.js.map

package/dist/utils/exec.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"exec.js","sourceRoot":"","sources":["../../src/utils/exec.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AACxC,OAAO,EAAE,SAAS,EAAE,MAAM,MAAM,CAAA;AAEhC,MAAM,eAAe,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAA;AAE3C;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,IAAY,EACZ,IAAc,EACd,UAA8C,EAAE;IAEhD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,IAAI,EAAE,IAAI,EAAE;YAC/C,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,KAAK;YACjC,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,OAAO;SACrC,CAAC,CAAA;QACF,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,IAAI,EAAE,CAAC;SACR,CAAA;IACH,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,qEAAqE;QACrE,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;YAC1D,OAAO;gBACL,MAAM,EAAG,KAA6B,CAAC,MAAM,IAAI,EAAE;gBACnD,MAAM,EAAG,KAA6B,CAAC,MAAM,IAAI,EAAE;gBACnD,IAAI,EAAE,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;aACtD,CAAA;QACH,CAAC;QACD,oDAAoD;QACpD,OAAO;YACL,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;YAC9D,IAAI,EAAE,CAAC;SACR,CAAA;IACH,CAAC;AACH,CAAC"}

package/dist/utils/platform.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Platform detection utilities
+ */
+export type Platform = 'macos' | 'linux' | 'windows' | 'unknown';
+export declare function getPlatform(): Platform;
+//# sourceMappingURL=platform.d.ts.map

package/dist/utils/platform.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"platform.d.ts","sourceRoot":"","sources":["../../src/utils/platform.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,OAAO,GAAG,SAAS,GAAG,SAAS,CAAA;AAEhE,wBAAgB,WAAW,IAAI,QAAQ,CAWtC"}

package/dist/utils/platform.js

@@ -0,0 +1,16 @@
+/**
+ * Platform detection utilities
+ */
+export function getPlatform() {
+    switch (process.platform) {
+        case 'darwin':
+            return 'macos';
+        case 'linux':
+            return 'linux';
+        case 'win32':
+            return 'windows';
+        default:
+            return 'unknown';
+    }
+}
+//# sourceMappingURL=platform.js.map

package/dist/utils/platform.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"platform.js","sourceRoot":"","sources":["../../src/utils/platform.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,MAAM,UAAU,WAAW;IACzB,QAAQ,OAAO,CAAC,QAAQ,EAAE,CAAC;QACzB,KAAK,QAAQ;YACX,OAAO,OAAO,CAAA;QAChB,KAAK,OAAO;YACV,OAAO,OAAO,CAAA;QAChB,KAAK,OAAO;YACV,OAAO,SAAS,CAAA;QAClB;YACE,OAAO,SAAS,CAAA;IACpB,CAAC;AACH,CAAC"}

package/dist/utils/ripgrep.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Check if ripgrep (rg) is available synchronously
+ * Returns true if rg is installed, false otherwise
+ * Cached to avoid repeated system calls
+ */
+export declare function hasRipgrepSync(): boolean;
+/**
+ * Execute ripgrep with the given arguments
+ * @param args Command-line arguments to pass to rg
+ * @param target Target directory or file to search
+ * @param abortSignal AbortSignal to cancel the operation
+ * @returns Array of matching lines (one per line of output)
+ * @throws Error if ripgrep exits with non-zero status (except exit code 1 which means no matches)
+ */
+export declare function ripGrep(args: string[], target: string, abortSignal: AbortSignal): Promise<string[]>;
+//# sourceMappingURL=ripgrep.d.ts.map

package/dist/utils/ripgrep.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ripgrep.d.ts","sourceRoot":"","sources":["../../src/utils/ripgrep.ts"],"names":[],"mappings":"AAOA;;;;GAIG;AACH,wBAAgB,cAAc,IAAI,OAAO,CAiBxC;AAED;;;;;;;GAOG;AACH,wBAAsB,OAAO,CAC3B,IAAI,EAAE,MAAM,EAAE,EACd,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,GACvB,OAAO,CAAC,MAAM,EAAE,CAAC,CAgCnB"}

package/dist/utils/ripgrep.js

@@ -0,0 +1,57 @@
+import { spawnSync } from 'child_process';
+import { execFile } from 'child_process';
+// Cache for ripgrep availability check
+let ripgrepCache;
+/**
+ * Check if ripgrep (rg) is available synchronously
+ * Returns true if rg is installed, false otherwise
+ * Cached to avoid repeated system calls
+ */
+export function hasRipgrepSync() {
+    if (ripgrepCache !== undefined) {
+        return ripgrepCache;
+    }
+    try {
+        const result = spawnSync('which', ['rg'], {
+            stdio: 'ignore',
+            timeout: 1000,
+        });
+        ripgrepCache = result.status === 0;
+        return ripgrepCache;
+    }
+    catch {
+        ripgrepCache = false;
+        return false;
+    }
+}
+/**
+ * Execute ripgrep with the given arguments
+ * @param args Command-line arguments to pass to rg
+ * @param target Target directory or file to search
+ * @param abortSignal AbortSignal to cancel the operation
+ * @returns Array of matching lines (one per line of output)
+ * @throws Error if ripgrep exits with non-zero status (except exit code 1 which means no matches)
+ */
+export async function ripGrep(args, target, abortSignal) {
+    return new Promise((resolve, reject) => {
+        execFile('rg', [...args, target], {
+            maxBuffer: 20000000, // 20MB
+            signal: abortSignal,
+            timeout: 10000, // 10 second timeout
+        }, (error, stdout, stderr) => {
+            // Success case - exit code 0
+            if (!error) {
+                resolve(stdout.trim().split('\n').filter(Boolean));
+                return;
+            }
+            // Exit code 1 means "no matches found" - this is normal, return empty array
+            if (error.code === 1) {
+                resolve([]);
+                return;
+            }
+            // All other errors should fail
+            reject(new Error(`ripgrep failed with exit code ${error.code}: ${stderr || error.message}`));
+        });
+    });
+}
+//# sourceMappingURL=ripgrep.js.map

package/dist/utils/ripgrep.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ripgrep.js","sourceRoot":"","sources":["../../src/utils/ripgrep.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAA;AACzC,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AAGxC,uCAAuC;AACvC,IAAI,YAAiC,CAAA;AAErC;;;;GAIG;AACH,MAAM,UAAU,cAAc;IAC5B,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;QAC/B,OAAO,YAAY,CAAA;IACrB,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,EAAE;YACxC,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,IAAI;SACd,CAAC,CAAA;QAEF,YAAY,GAAG,MAAM,CAAC,MAAM,KAAK,CAAC,CAAA;QAClC,OAAO,YAAY,CAAA;IACrB,CAAC;IAAC,MAAM,CAAC;QACP,YAAY,GAAG,KAAK,CAAA;QACpB,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAC3B,IAAc,EACd,MAAc,EACd,WAAwB;IAExB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,QAAQ,CACN,IAAI,EACJ,CAAC,GAAG,IAAI,EAAE,MAAM,CAAC,EACjB;YACE,SAAS,EAAE,QAAU,EAAE,OAAO;YAC9B,MAAM,EAAE,WAAW;YACnB,OAAO,EAAE,KAAM,EAAE,oBAAoB;SACtC,EACD,CAAC,KAA+B,EAAE,MAAc,EAAE,MAAc,EAAE,EAAE;YAClE,6BAA6B;YAC7B,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAA;gBAClD,OAAM;YACR,CAAC;YAED,4EAA4E;YAC5E,IAAI,KAAK,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;gBACrB,OAAO,CAAC,EAAE,CAAC,CAAA;gBACX,OAAM;YACR,CAAC;YAED,+BAA+B;YAC/B,MAAM,CACJ,IAAI,KAAK,CACP,iCAAiC,KAAK,CAAC,IAAI,KAAK,MAAM,IAAI,KAAK,CAAC,OAAO,EAAE,CAC1E,CACF,CAAA;QACH,CAAC,CACF,CAAA;IACH,CAAC,CAAC,CAAA;AACJ,CAAC"}

package/dist/utils/settings.d.ts

@@ -0,0 +1,147 @@
+import { z } from 'zod';
+export declare const WEB_FETCH_TOOL_NAME = "WebFetch";
+export declare const FILE_EDIT_TOOL_NAME = "Edit";
+export declare const FILE_READ_TOOL_NAME = "Read";
+/**
+ * Permission rule structure
+ */
+export type PermissionRule = {
+    toolName: string;
+    ruleContent?: string;
+};
+/**
+ * Zod schema for sandbox settings
+ */
+declare const SandboxSettingsSchema: z.ZodObject<{
+    permissions: z.ZodOptional<z.ZodObject<{
+        allow: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        deny: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        ask: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    }, "strip", z.ZodTypeAny, {
+        allow?: string[] | undefined;
+        deny?: string[] | undefined;
+        ask?: string[] | undefined;
+    }, {
+        allow?: string[] | undefined;
+        deny?: string[] | undefined;
+        ask?: string[] | undefined;
+    }>>;
+    sandbox: z.ZodOptional<z.ZodObject<{
+        network: z.ZodOptional<z.ZodObject<{
+            allowUnixSockets: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+            allowLocalBinding: z.ZodOptional<z.ZodBoolean>;
+            httpProxyPort: z.ZodOptional<z.ZodNumber>;
+            socksProxyPort: z.ZodOptional<z.ZodNumber>;
+        }, "strip", z.ZodTypeAny, {
+            allowUnixSockets?: string[] | undefined;
+            allowLocalBinding?: boolean | undefined;
+            httpProxyPort?: number | undefined;
+            socksProxyPort?: number | undefined;
+        }, {
+            allowUnixSockets?: string[] | undefined;
+            allowLocalBinding?: boolean | undefined;
+            httpProxyPort?: number | undefined;
+            socksProxyPort?: number | undefined;
+        }>>;
+        ignoreViolations: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodArray<z.ZodString, "many">>>;
+        enableWeakerNestedSandbox: z.ZodOptional<z.ZodBoolean>;
+    }, "strip", z.ZodTypeAny, {
+        network?: {
+            allowUnixSockets?: string[] | undefined;
+            allowLocalBinding?: boolean | undefined;
+            httpProxyPort?: number | undefined;
+            socksProxyPort?: number | undefined;
+        } | undefined;
+        ignoreViolations?: Record<string, string[]> | undefined;
+        enableWeakerNestedSandbox?: boolean | undefined;
+    }, {
+        network?: {
+            allowUnixSockets?: string[] | undefined;
+            allowLocalBinding?: boolean | undefined;
+            httpProxyPort?: number | undefined;
+            socksProxyPort?: number | undefined;
+        } | undefined;
+        ignoreViolations?: Record<string, string[]> | undefined;
+        enableWeakerNestedSandbox?: boolean | undefined;
+    }>>;
+}, "strip", z.ZodTypeAny, {
+    permissions?: {
+        allow?: string[] | undefined;
+        deny?: string[] | undefined;
+        ask?: string[] | undefined;
+    } | undefined;
+    sandbox?: {
+        network?: {
+            allowUnixSockets?: string[] | undefined;
+            allowLocalBinding?: boolean | undefined;
+            httpProxyPort?: number | undefined;
+            socksProxyPort?: number | undefined;
+        } | undefined;
+        ignoreViolations?: Record<string, string[]> | undefined;
+        enableWeakerNestedSandbox?: boolean | undefined;
+    } | undefined;
+}, {
+    permissions?: {
+        allow?: string[] | undefined;
+        deny?: string[] | undefined;
+        ask?: string[] | undefined;
+    } | undefined;
+    sandbox?: {
+        network?: {
+            allowUnixSockets?: string[] | undefined;
+            allowLocalBinding?: boolean | undefined;
+            httpProxyPort?: number | undefined;
+            socksProxyPort?: number | undefined;
+        } | undefined;
+        ignoreViolations?: Record<string, string[]> | undefined;
+        enableWeakerNestedSandbox?: boolean | undefined;
+    } | undefined;
+}>;
+/**
+ * Minimal settings structure for sandbox
+ */
+export type SandboxSettings = z.infer<typeof SandboxSettingsSchema>;
+/**
+ * Setting source types
+ */
+export type SettingSource = 'userSettings' | 'projectSettings' | 'localSettings' | 'policySettings' | 'flagSettings';
+export type EditableSettingSource = 'userSettings' | 'projectSettings' | 'localSettings';
+/**
+ * Set the path for flag-based settings (e.g., from --settings flag)
+ */
+export declare function setFlagSettingsPath(path: string | undefined): void;
+/**
+ * Get file path for a specific setting source
+ */
+export declare function getSettingsFilePathForSource(source: SettingSource): string | undefined;
+/**
+ * Parse permission rule string into structured format
+ * Format: "ToolName(rule)" or "ToolName"
+ */
+export declare function permissionRuleValueFromString(ruleString: string): PermissionRule;
+/**
+ * Reset the session-level settings cache
+ */
+export declare function resetSettingsCache(): void;
+/**
+ * Get settings for a specific source
+ */
+export declare function getSettingsForSource(source: SettingSource): SandboxSettings | null;
+/**
+ * Update settings for a specific source
+ */
+export declare function updateSettingsForSource(source: EditableSettingSource, settings: SandboxSettings): void;
+/**
+ * Get merged settings from all sources with session-level caching
+ * Merges in priority order:
+ * 1. User settings (~/.claude/settings.json)
+ * 2. Project settings ($CWD/.claude/settings.json)
+ * 3. Local settings ($CWD/.claude/settings.local.json)
+ * 4. Policy settings (platform-specific managed settings)
+ * 5. Flag settings (from --settings flag if provided)
+ *
+ * Settings are cached for the session. Call resetSettingsCache() to invalidate.
+ */
+export declare function getSettings(): SandboxSettings;
+export {};
+//# sourceMappingURL=settings.d.ts.map

package/dist/utils/settings.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"settings.d.ts","sourceRoot":"","sources":["../../src/utils/settings.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAOvB,eAAO,MAAM,mBAAmB,aAAa,CAAA;AAC7C,eAAO,MAAM,mBAAmB,SAAS,CAAA;AACzC,eAAO,MAAM,mBAAmB,SAAS,CAAA;AAEzC;;GAEG;AACH,MAAM,MAAM,cAAc,GAAG;IAC3B,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,CAAC,EAAE,MAAM,CAAA;CACrB,CAAA;AAED;;GAEG;AACH,QAAA,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EASzB,CAAA;AAEF;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAA;AAEnE;;GAEG;AACH,MAAM,MAAM,aAAa,GACrB,cAAc,GACd,iBAAiB,GACjB,eAAe,GACf,gBAAgB,GAChB,cAAc,CAAA;AAElB,MAAM,MAAM,qBAAqB,GAC7B,cAAc,GACd,iBAAiB,GACjB,eAAe,CAAA;AAQnB;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,CAGlE;AAgBD;;GAEG;AACH,wBAAgB,4BAA4B,CAC1C,MAAM,EAAE,aAAa,GACpB,MAAM,GAAG,SAAS,CAgBpB;AAED;;;GAGG;AACH,wBAAgB,6BAA6B,CAC3C,UAAU,EAAE,MAAM,GACjB,cAAc,CAahB;AA0FD;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,IAAI,CAEzC;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,MAAM,EAAE,aAAa,GACpB,eAAe,GAAG,IAAI,CAMxB;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CACrC,MAAM,EAAE,qBAAqB,EAC7B,QAAQ,EAAE,eAAe,GACxB,IAAI,CA6BN;AAkCD;;;;;;;;;;GAUG;AACH,wBAAgB,WAAW,IAAI,eAAe,CAS7C"}

package/dist/utils/settings.js

@@ -0,0 +1,244 @@
+import * as fs from 'fs';
+import * as path from 'path';
+import * as os from 'os';
+import { z } from 'zod';
+import { mergeWith } from 'lodash-es';
+import { SandboxConfigSchema } from '../sandbox/sandbox-schemas.js';
+import { getPlatform } from './platform.js';
+import { logForDebugging } from './debug.js';
+// Tool name constants
+export const WEB_FETCH_TOOL_NAME = 'WebFetch';
+export const FILE_EDIT_TOOL_NAME = 'Edit';
+export const FILE_READ_TOOL_NAME = 'Read';
+/**
+ * Zod schema for sandbox settings
+ */
+const SandboxSettingsSchema = z.object({
+    permissions: z
+        .object({
+        allow: z.array(z.string()).optional(),
+        deny: z.array(z.string()).optional(),
+        ask: z.array(z.string()).optional(),
+    })
+        .optional(),
+    sandbox: SandboxConfigSchema.optional(),
+});
+// Session-level cache for settings
+let sessionSettingsCache = null;
+// Store the --settings flag path
+let flagSettingsPath;
+/**
+ * Set the path for flag-based settings (e.g., from --settings flag)
+ */
+export function setFlagSettingsPath(path) {
+    flagSettingsPath = path;
+    resetSettingsCache();
+}
+/**
+ * Get the managed settings file path based on platform
+ */
+function getManagedSettingsFilePath() {
+    switch (getPlatform()) {
+        case 'macos':
+            return '/Library/Application Support/ClaudeCode/managed-settings.json';
+        case 'windows':
+            return 'C:\\ProgramData\\ClaudeCode\\managed-settings.json';
+        default:
+            return '/etc/claude-code/managed-settings.json';
+    }
+}
+/**
+ * Get file path for a specific setting source
+ */
+export function getSettingsFilePathForSource(source) {
+    const cwd = process.cwd();
+    const homeDir = os.homedir();
+    switch (source) {
+        case 'userSettings':
+            return path.join(homeDir, '.claude', 'settings.json');
+        case 'projectSettings':
+            return path.join(cwd, '.claude', 'settings.json');
+        case 'localSettings':
+            return path.join(cwd, '.claude', 'settings.local.json');
+        case 'policySettings':
+            return getManagedSettingsFilePath();
+        case 'flagSettings':
+            return flagSettingsPath;
+    }
+}
+/**
+ * Parse permission rule string into structured format
+ * Format: "ToolName(rule)" or "ToolName"
+ */
+export function permissionRuleValueFromString(ruleString) {
+    const match = ruleString.match(/^([^(]+)(?:\(([^)]*)\))?$/);
+    if (!match) {
+        throw new Error(`Invalid permission rule format: ${ruleString}`);
+    }
+    const [, toolName, ruleContent] = match;
+    return {
+        toolName: toolName?.trim() || '',
+        ruleContent: ruleContent?.trim(),
+    };
+}
+/**
+ * Load settings from a single file
+ */
+function loadSettingsFile(filePath) {
+    try {
+        if (!fs.existsSync(filePath)) {
+            return null;
+        }
+        const content = fs.readFileSync(filePath, 'utf-8');
+        if (content.trim() === '') {
+            return null;
+        }
+        const data = JSON.parse(content);
+        // Validate with Zod
+        const result = SandboxSettingsSchema.safeParse(data);
+        if (!result.success) {
+            // Loud error to stderr
+            console.error(`\n❌ Settings validation error in: ${filePath}`);
+            console.error('Details:');
+            result.error.issues.forEach(issue => {
+                const pathStr = issue.path.length > 0 ? issue.path.join('.') : 'root';
+                console.error(`  - ${pathStr}: ${issue.message}`);
+            });
+            console.error('');
+            // Also log for debugging
+            logForDebugging(`Validation failed for ${filePath}: ${result.error.message}`, { level: 'error' });
+            return null;
+        }
+        logForDebugging(`Loaded from ${filePath}: ${JSON.stringify(result.data, null, 2)}`);
+        return result.data;
+    }
+    catch (error) {
+        // Loud error to stderr
+        console.error(`\n❌ Failed to parse settings file: ${filePath}`);
+        if (error instanceof SyntaxError) {
+            console.error(`JSON syntax error: ${error.message}`);
+        }
+        else {
+            console.error(`Error: ${error instanceof Error ? error.message : String(error)}`);
+        }
+        console.error('');
+        // Also log for debugging
+        logForDebugging(`Failed to read ${filePath}: ${error}`, {
+            level: 'error',
+        });
+        return null;
+    }
+}
+/**
+ * Merge two arrays and deduplicate
+ */
+function mergeArrays(arr1, arr2) {
+    return Array.from(new Set([...arr1, ...arr2]));
+}
+/**
+ * Deep merge two settings objects using lodash mergeWith
+ * Arrays are concatenated and deduplicated
+ * Objects are recursively deep merged
+ */
+function mergeSettings(base, override) {
+    return mergeWith(base, override, (objValue, srcValue) => {
+        // Custom merge for arrays: concatenate and deduplicate
+        if (Array.isArray(objValue) && Array.isArray(srcValue)) {
+            return mergeArrays(objValue, srcValue);
+        }
+        // For non-arrays, let lodash handle the default deep merge behavior
+        return undefined;
+    });
+}
+/**
+ * Reset the session-level settings cache
+ */
+export function resetSettingsCache() {
+    sessionSettingsCache = null;
+}
+/**
+ * Get settings for a specific source
+ */
+export function getSettingsForSource(source) {
+    const settingsFilePath = getSettingsFilePathForSource(source);
+    if (!settingsFilePath) {
+        return null;
+    }
+    return loadSettingsFile(settingsFilePath);
+}
+/**
+ * Update settings for a specific source
+ */
+export function updateSettingsForSource(source, settings) {
+    const filePath = getSettingsFilePathForSource(source);
+    if (!filePath) {
+        return;
+    }
+    try {
+        // Create the directory if needed
+        const dir = path.dirname(filePath);
+        if (!fs.existsSync(dir)) {
+            fs.mkdirSync(dir, { recursive: true });
+        }
+        // Load existing settings
+        const existingSettings = loadSettingsFile(filePath) || {};
+        // Merge with new settings
+        const updatedSettings = mergeSettings(existingSettings, settings);
+        // Write to file
+        fs.writeFileSync(filePath, JSON.stringify(updatedSettings, null, 2) + '\n');
+        // Invalidate cache
+        resetSettingsCache();
+    }
+    catch (error) {
+        logForDebugging(`Failed to write ${filePath}: ${error}`, {
+            level: 'error',
+        });
+    }
+}
+/**
+ * Load settings from disk without using cache
+ */
+function loadSettingsFromDisk() {
+    // Define setting sources in priority order (lowest to highest)
+    const sources = [
+        'userSettings',
+        'projectSettings',
+        'localSettings',
+        'policySettings',
+    ];
+    // Add flagSettings if a path was provided
+    if (flagSettingsPath) {
+        sources.push('flagSettings');
+    }
+    let merged = {};
+    // Merge settings from each source
+    for (const source of sources) {
+        const settings = getSettingsForSource(source);
+        if (settings) {
+            merged = mergeSettings(merged, settings);
+        }
+    }
+    logForDebugging(`Final merged settings: ${JSON.stringify(merged, null, 2)}`);
+    return merged;
+}
+/**
+ * Get merged settings from all sources with session-level caching
+ * Merges in priority order:
+ * 1. User settings (~/.claude/settings.json)
+ * 2. Project settings ($CWD/.claude/settings.json)
+ * 3. Local settings ($CWD/.claude/settings.local.json)
+ * 4. Policy settings (platform-specific managed settings)
+ * 5. Flag settings (from --settings flag if provided)
+ *
+ * Settings are cached for the session. Call resetSettingsCache() to invalidate.
+ */
+export function getSettings() {
+    // Use cached result if available
+    if (sessionSettingsCache !== null) {
+        return sessionSettingsCache;
+    }
+    // Load from disk and cache the result
+    sessionSettingsCache = loadSettingsFromDisk();
+    return sessionSettingsCache;
+}
+//# sourceMappingURL=settings.js.map

package/dist/utils/settings.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"settings.js","sourceRoot":"","sources":["../../src/utils/settings.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,IAAI,CAAA;AACxB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAA;AAC5B,OAAO,KAAK,EAAE,MAAM,IAAI,CAAA;AACxB,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AACvB,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAA;AACrC,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAA;AACnE,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAA;AAC3C,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAA;AAE5C,sBAAsB;AACtB,MAAM,CAAC,MAAM,mBAAmB,GAAG,UAAU,CAAA;AAC7C,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAA;AACzC,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAA;AAUzC;;GAEG;AACH,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAAC;IACrC,WAAW,EAAE,CAAC;SACX,MAAM,CAAC;QACN,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QACrC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;QACpC,GAAG,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;KACpC,CAAC;SACD,QAAQ,EAAE;IACb,OAAO,EAAE,mBAAmB,CAAC,QAAQ,EAAE;CACxC,CAAC,CAAA;AAsBF,mCAAmC;AACnC,IAAI,oBAAoB,GAA2B,IAAI,CAAA;AAEvD,iCAAiC;AACjC,IAAI,gBAAoC,CAAA;AAExC;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAAwB;IAC1D,gBAAgB,GAAG,IAAI,CAAA;IACvB,kBAAkB,EAAE,CAAA;AACtB,CAAC;AAED;;GAEG;AACH,SAAS,0BAA0B;IACjC,QAAQ,WAAW,EAAE,EAAE,CAAC;QACtB,KAAK,OAAO;YACV,OAAO,+DAA+D,CAAA;QACxE,KAAK,SAAS;YACZ,OAAO,oDAAoD,CAAA;QAC7D;YACE,OAAO,wCAAwC,CAAA;IACnD,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,4BAA4B,CAC1C,MAAqB;IAErB,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAA;IACzB,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,EAAE,CAAA;IAE5B,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,cAAc;YACjB,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,eAAe,CAAC,CAAA;QACvD,KAAK,iBAAiB;YACpB,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,eAAe,CAAC,CAAA;QACnD,KAAK,eAAe;YAClB,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,qBAAqB,CAAC,CAAA;QACzD,KAAK,gBAAgB;YACnB,OAAO,0BAA0B,EAAE,CAAA;QACrC,KAAK,cAAc;YACjB,OAAO,gBAAgB,CAAA;IAC3B,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,6BAA6B,CAC3C,UAAkB;IAElB,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAA;IAE3D,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,mCAAmC,UAAU,EAAE,CAAC,CAAA;IAClE,CAAC;IAED,MAAM,CAAC,EAAE,QAAQ,EAAE,WAAW,CAAC,GAAG,KAAK,CAAA;IAEvC,OAAO;QACL,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE;QAChC,WAAW,EAAE,WAAW,EAAE,IAAI,EAAE;KACjC,CAAA;AACH,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,QAAgB;IACxC,IAAI,CAAC;QACH,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAA;QACb,CAAC;QAED,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;QAClD,IAAI,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC1B,OAAO,IAAI,CAAA;QACb,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;QAEhC,oBAAoB;QACpB,MAAM,MAAM,GAAG,qBAAqB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAA;QAEpD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,uBAAuB;YACvB,OAAO,CAAC,KAAK,CAAC,qCAAqC,QAAQ,EAAE,CAAC,CAAA;YAC9D,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;YACzB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;gBAClC,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAA;gBACrE,OAAO,CAAC,KAAK,CAAC,OAAO,OAAO,KAAK,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;YACnD,CAAC,CAAC,CAAA;YACF,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAA;YAEjB,yBAAyB;YACzB,eAAe,CACb,yBAAyB,QAAQ,KAAK,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,EAC5D,EAAE,KAAK,EAAE,OAAO,EAAE,CACnB,CAAA;YACD,OAAO,IAAI,CAAA;QACb,CAAC;QAED,eAAe,CACb,eAAe,QAAQ,KAAK,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CACnE,CAAA;QAED,OAAO,MAAM,CAAC,IAAI,CAAA;IACpB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,uBAAuB;QACvB,OAAO,CAAC,KAAK,CAAC,sCAAsC,QAAQ,EAAE,CAAC,CAAA;QAC/D,IAAI,KAAK,YAAY,WAAW,EAAE,CAAC;YACjC,OAAO,CAAC,KAAK,CAAC,sBAAsB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;QACtD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CACX,UAAU,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CACnE,CAAA;QACH,CAAC;QACD,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAA;QAEjB,yBAAyB;QACzB,eAAe,CAAC,kBAAkB,QAAQ,KAAK,KAAK,EAAE,EAAE;YACtD,KAAK,EAAE,OAAO;SACf,CAAC,CAAA;QACF,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAI,IAAS,EAAE,IAAS;IAC1C,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAA;AAChD,CAAC;AAED;;;;GAIG;AACH,SAAS,aAAa,CACpB,IAAqB,EACrB,QAAyB;IAEzB,OAAO,SAAS,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC,QAAiB,EAAE,QAAiB,EAAE,EAAE;QACxE,uDAAuD;QACvD,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvD,OAAO,WAAW,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAA;QACxC,CAAC;QACD,oEAAoE;QACpE,OAAO,SAAS,CAAA;IAClB,CAAC,CAAC,CAAA;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB;IAChC,oBAAoB,GAAG,IAAI,CAAA;AAC7B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAClC,MAAqB;IAErB,MAAM,gBAAgB,GAAG,4BAA4B,CAAC,MAAM,CAAC,CAAA;IAC7D,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,OAAO,IAAI,CAAA;IACb,CAAC;IACD,OAAO,gBAAgB,CAAC,gBAAgB,CAAC,CAAA;AAC3C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB,CACrC,MAA6B,EAC7B,QAAyB;IAEzB,MAAM,QAAQ,GAAG,4BAA4B,CAAC,MAAM,CAAC,CAAA;IACrD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAM;IACR,CAAC;IAED,IAAI,CAAC;QACH,iCAAiC;QACjC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;QAClC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;QACxC,CAAC;QAED,yBAAyB;QACzB,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAA;QAEzD,0BAA0B;QAC1B,MAAM,eAAe,GAAG,aAAa,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAAA;QAEjE,gBAAgB;QAChB,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAA;QAE3E,mBAAmB;QACnB,kBAAkB,EAAE,CAAA;IACtB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,eAAe,CAAC,mBAAmB,QAAQ,KAAK,KAAK,EAAE,EAAE;YACvD,KAAK,EAAE,OAAO;SACf,CAAC,CAAA;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB;IAC3B,+DAA+D;IAC/D,MAAM,OAAO,GAAoB;QAC/B,cAAc;QACd,iBAAiB;QACjB,eAAe;QACf,gBAAgB;KACjB,CAAA;IAED,0CAA0C;IAC1C,IAAI,gBAAgB,EAAE,CAAC;QACrB,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IAC9B,CAAC;IAED,IAAI,MAAM,GAAoB,EAAE,CAAA;IAEhC,kCAAkC;IAClC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,MAAM,QAAQ,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAA;QAC7C,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAA;QAC1C,CAAC;IACH,CAAC;IAED,eAAe,CAAC,0BAA0B,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAA;IAE5E,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,WAAW;IACzB,iCAAiC;IACjC,IAAI,oBAAoB,KAAK,IAAI,EAAE,CAAC;QAClC,OAAO,oBAAoB,CAAA;IAC7B,CAAC;IAED,sCAAsC;IACtC,oBAAoB,GAAG,oBAAoB,EAAE,CAAA;IAC7C,OAAO,oBAAoB,CAAA;AAC7B,CAAC"}

package/package.json

@@ -0,0 +1,72 @@
+{
+  "name": "@anthropic-ai/sandbox-runtime",
+  "version": "0.0.1",
+  "description": "Anthropic Sandbox Runtime (ASRT) - A general-purpose tool for wrapping security boundaries around arbitrary processes",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "bin": {
+    "srt": "dist/cli.js"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "scripts": {
+    "build": "tsc",
+    "clean": "rm -rf dist",
+    "typecheck": "tsc --noEmit",
+    "lint": "eslint 'src/**/*.ts' --fix --cache --cache-location=node_modules/.cache/.eslintcache",
+    "lint:check": "eslint 'src/**/*.ts' --cache --cache-location=node_modules/.cache/.eslintcache",
+    "format": "prettier --write 'src/**/*.ts' --cache --log-level warn",
+    "prepublishOnly": "npm run clean && npm run build"
+  },
+  "dependencies": {
+    "@pondwader/socks5-server": "^1.0.10",
+    "@types/lodash-es": "^4.17.12",
+    "commander": "^12.1.0",
+    "lodash-es": "^4.17.21",
+    "shell-quote": "^1.8.3",
+    "zod": "^3.24.1"
+  },
+  "devDependencies": {
+    "@eslint/js": "^9.14.0",
+    "@types/node": "^18",
+    "@types/shell-quote": "^1.7.5",
+    "eslint": "^9.14.0",
+    "eslint-config-prettier": "^8.10.0",
+    "eslint-import-resolver-typescript": "^3.6.3",
+    "eslint-plugin-import": "^2.31.0",
+    "eslint-plugin-n": "^17.16.2",
+    "eslint-plugin-prettier": "^5.1.3",
+    "globals": "^15.12.0",
+    "prettier": "3.3.3",
+    "typescript": "^5.6.3",
+    "typescript-eslint": "^8.13.0"
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "keywords": [
+    "sandbox",
+    "seatbelt",
+    "sandbox-exec",
+    "anthropic",
+    "claude",
+    "security",
+    "bubblewrap",
+    "network-filtering",
+    "filesystem-restrictions"
+  ],
+  "author": "Anthropic PBC",
+  "license": "Apache-2.0",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/anthropics/sandbox-runtime.git"
+  },
+  "bugs": {
+    "url": "https://github.com/anthropics/sandbox-runtime/issues"
+  },
+  "homepage": "https://github.com/anthropics/sandbox-runtime#readme"
+}