@cloudflare/sandbox 0.0.0-a04f6b6 → 0.0.0-a55a10c

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (81) hide show
  1. package/CHANGELOG.md +179 -0
  2. package/Dockerfile +112 -55
  3. package/README.md +162 -0
  4. package/dist/chunk-2P3MDMNJ.js +2367 -0
  5. package/dist/chunk-2P3MDMNJ.js.map +1 -0
  6. package/dist/chunk-BFVUNTP4.js +104 -0
  7. package/dist/chunk-BFVUNTP4.js.map +1 -0
  8. package/dist/chunk-EKSWCBCA.js +86 -0
  9. package/dist/chunk-EKSWCBCA.js.map +1 -0
  10. package/dist/chunk-JXZMAU2C.js +559 -0
  11. package/dist/chunk-JXZMAU2C.js.map +1 -0
  12. package/dist/chunk-Z532A7QC.js +78 -0
  13. package/dist/chunk-Z532A7QC.js.map +1 -0
  14. package/dist/file-stream.d.ts +43 -0
  15. package/dist/file-stream.js +9 -0
  16. package/dist/file-stream.js.map +1 -0
  17. package/dist/index.d.ts +9 -0
  18. package/dist/index.js +66 -0
  19. package/dist/index.js.map +1 -0
  20. package/dist/interpreter.d.ts +33 -0
  21. package/dist/interpreter.js +8 -0
  22. package/dist/interpreter.js.map +1 -0
  23. package/dist/request-handler.d.ts +18 -0
  24. package/dist/request-handler.js +12 -0
  25. package/dist/request-handler.js.map +1 -0
  26. package/dist/sandbox-CZTMzV2R.d.ts +587 -0
  27. package/dist/sandbox.d.ts +4 -0
  28. package/dist/sandbox.js +12 -0
  29. package/dist/sandbox.js.map +1 -0
  30. package/dist/security.d.ts +31 -0
  31. package/dist/security.js +13 -0
  32. package/dist/security.js.map +1 -0
  33. package/dist/sse-parser.d.ts +28 -0
  34. package/dist/sse-parser.js +11 -0
  35. package/dist/sse-parser.js.map +1 -0
  36. package/package.json +13 -4
  37. package/src/clients/base-client.ts +280 -0
  38. package/src/clients/command-client.ts +115 -0
  39. package/src/clients/file-client.ts +269 -0
  40. package/src/clients/git-client.ts +92 -0
  41. package/src/clients/index.ts +63 -0
  42. package/src/clients/interpreter-client.ts +329 -0
  43. package/src/clients/port-client.ts +105 -0
  44. package/src/clients/process-client.ts +177 -0
  45. package/src/clients/sandbox-client.ts +41 -0
  46. package/src/clients/types.ts +84 -0
  47. package/src/clients/utility-client.ts +94 -0
  48. package/src/errors/adapter.ts +180 -0
  49. package/src/errors/classes.ts +469 -0
  50. package/src/errors/index.ts +105 -0
  51. package/src/file-stream.ts +164 -0
  52. package/src/index.ts +85 -12
  53. package/src/interpreter.ts +159 -0
  54. package/src/request-handler.ts +69 -43
  55. package/src/sandbox.ts +579 -288
  56. package/src/security.ts +14 -23
  57. package/src/sse-parser.ts +4 -8
  58. package/startup.sh +3 -0
  59. package/tests/base-client.test.ts +328 -0
  60. package/tests/command-client.test.ts +407 -0
  61. package/tests/file-client.test.ts +643 -0
  62. package/tests/file-stream.test.ts +306 -0
  63. package/tests/git-client.test.ts +328 -0
  64. package/tests/port-client.test.ts +301 -0
  65. package/tests/process-client.test.ts +658 -0
  66. package/tests/sandbox.test.ts +465 -0
  67. package/tests/sse-parser.test.ts +290 -0
  68. package/tests/utility-client.test.ts +266 -0
  69. package/tests/wrangler.jsonc +35 -0
  70. package/tsconfig.json +9 -1
  71. package/vitest.config.ts +31 -0
  72. package/container_src/handler/exec.ts +0 -337
  73. package/container_src/handler/file.ts +0 -844
  74. package/container_src/handler/git.ts +0 -182
  75. package/container_src/handler/ports.ts +0 -314
  76. package/container_src/handler/process.ts +0 -640
  77. package/container_src/index.ts +0 -361
  78. package/container_src/package.json +0 -9
  79. package/container_src/types.ts +0 -103
  80. package/src/client.ts +0 -1038
  81. package/src/types.ts +0 -386
package/src/sandbox.ts CHANGED
@@ -1,66 +1,100 @@
1
+ import type { DurableObject } from 'cloudflare:workers';
1
2
  import { Container, getContainer } from "@cloudflare/containers";
2
- import { HttpClient } from "./client";
3
- import { isLocalhostPattern } from "./request-handler";
4
- import {
5
- logSecurityEvent,
6
- SecurityError,
7
- sanitizeSandboxId,
8
- validatePort
9
- } from "./security";
10
3
  import type {
4
+ CodeContext,
5
+ CreateContextOptions,
6
+ ExecEvent,
11
7
  ExecOptions,
12
8
  ExecResult,
9
+ ExecutionResult,
10
+ ExecutionSession,
13
11
  ISandbox,
14
12
  Process,
15
13
  ProcessOptions,
16
14
  ProcessStatus,
15
+ RunCodeOptions,
16
+ SessionOptions,
17
17
  StreamOptions
18
- } from "./types";
18
+ } from "@repo/shared";
19
+ import { createLogger, runWithLogger, TraceContext } from "@repo/shared";
20
+ import { type ExecuteResponse, SandboxClient } from "./clients";
21
+ import type { ErrorResponse } from './errors';
22
+ import { CustomDomainRequiredError, ErrorCode } from './errors';
23
+ import { CodeInterpreter } from "./interpreter";
24
+ import { isLocalhostPattern } from "./request-handler";
19
25
  import {
20
- ProcessNotFoundError,
21
- SandboxError
22
- } from "./types";
26
+ SecurityError,
27
+ sanitizeSandboxId,
28
+ validatePort
29
+ } from "./security";
30
+ import { parseSSEStream } from "./sse-parser";
23
31
 
24
- export function getSandbox(ns: DurableObjectNamespace<Sandbox>, id: string) {
32
+ export function getSandbox(ns: DurableObjectNamespace<Sandbox>, id: string, options?: {
33
+ baseUrl: string
34
+ }) {
25
35
  const stub = getContainer(ns, id);
26
36
 
27
37
  // Store the name on first access
28
38
  stub.setSandboxName?.(id);
29
39
 
40
+ if(options?.baseUrl) {
41
+ stub.setBaseUrl(options.baseUrl);
42
+ }
43
+
30
44
  return stub;
31
45
  }
32
46
 
33
47
  export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
48
+ defaultPort = 3000; // Default port for the container's Bun server
34
49
  sleepAfter = "3m"; // Sleep the sandbox if no requests are made in this timeframe
35
- client: HttpClient;
50
+
51
+ client: SandboxClient;
52
+ private codeInterpreter: CodeInterpreter;
36
53
  private sandboxName: string | null = null;
54
+ private baseUrl: string | null = null;
55
+ private portTokens: Map<number, string> = new Map();
56
+ private defaultSession: string | null = null;
57
+ envVars: Record<string, string> = {};
58
+ private logger: ReturnType<typeof createLogger>;
37
59
 
38
- constructor(ctx: DurableObjectState, env: Env) {
60
+ constructor(ctx: DurableObject['ctx'], env: Env) {
39
61
  super(ctx, env);
40
- this.client = new HttpClient({
41
- onCommandComplete: (success, exitCode, _stdout, _stderr, command) => {
42
- console.log(
43
- `[Container] Command completed: ${command}, Success: ${success}, Exit code: ${exitCode}`
44
- );
45
- },
46
- onCommandStart: (command) => {
47
- console.log(
48
- `[Container] Command started: ${command}`
49
- );
50
- },
51
- onError: (error, _command) => {
52
- console.error(`[Container] Command error: ${error}`);
53
- },
54
- onOutput: (stream, data, _command) => {
55
- console.log(`[Container] [${stream}] ${data}`);
56
- },
62
+
63
+ const envObj = env as any;
64
+ // Set sandbox environment variables from env object
65
+ const sandboxEnvKeys = ['SANDBOX_LOG_LEVEL', 'SANDBOX_LOG_FORMAT'] as const;
66
+ sandboxEnvKeys.forEach(key => {
67
+ if (envObj?.[key]) {
68
+ this.envVars[key] = envObj[key];
69
+ }
70
+ });
71
+
72
+ this.logger = createLogger({
73
+ component: 'sandbox-do',
74
+ sandboxId: this.ctx.id.toString()
75
+ });
76
+
77
+ this.client = new SandboxClient({
78
+ logger: this.logger,
57
79
  port: 3000, // Control plane port
58
80
  stub: this,
59
81
  });
60
82
 
61
- // Load the sandbox name from storage on initialization
83
+ // Initialize code interpreter - pass 'this' after client is ready
84
+ // The CodeInterpreter extracts client.interpreter from the sandbox
85
+ this.codeInterpreter = new CodeInterpreter(this);
86
+
87
+ // Load the sandbox name, port tokens, and default session from storage on initialization
62
88
  this.ctx.blockConcurrencyWhile(async () => {
63
89
  this.sandboxName = await this.ctx.storage.get<string>('sandboxName') || null;
90
+ this.defaultSession = await this.ctx.storage.get<string>('defaultSession') || null;
91
+ const storedTokens = await this.ctx.storage.get<Record<string, string>>('portTokens') || {};
92
+
93
+ // Convert stored tokens back to Map
94
+ this.portTokens = new Map();
95
+ for (const [portStr, token] of Object.entries(storedTokens)) {
96
+ this.portTokens.set(parseInt(portStr, 10), token);
97
+ }
64
98
  });
65
99
  }
66
100
 
@@ -69,55 +103,93 @@ export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
69
103
  if (!this.sandboxName) {
70
104
  this.sandboxName = name;
71
105
  await this.ctx.storage.put('sandboxName', name);
72
- console.log(`[Sandbox] Stored sandbox name via RPC: ${name}`);
106
+ }
107
+ }
108
+
109
+ // RPC method to set the base URL
110
+ async setBaseUrl(baseUrl: string): Promise<void> {
111
+ if (!this.baseUrl) {
112
+ this.baseUrl = baseUrl;
113
+ await this.ctx.storage.put('baseUrl', baseUrl);
114
+ } else {
115
+ if(this.baseUrl !== baseUrl) {
116
+ throw new Error('Base URL already set and different from one previously provided');
117
+ }
73
118
  }
74
119
  }
75
120
 
76
121
  // RPC method to set environment variables
77
122
  async setEnvVars(envVars: Record<string, string>): Promise<void> {
123
+ // Update local state for new sessions
78
124
  this.envVars = { ...this.envVars, ...envVars };
79
- console.log(`[Sandbox] Updated environment variables`);
125
+
126
+ // If default session already exists, update it directly
127
+ if (this.defaultSession) {
128
+ // Set environment variables by executing export commands in the existing session
129
+ for (const [key, value] of Object.entries(envVars)) {
130
+ const escapedValue = value.replace(/'/g, "'\\''");
131
+ const exportCommand = `export ${key}='${escapedValue}'`;
132
+
133
+ const result = await this.client.commands.execute(exportCommand, this.defaultSession);
134
+
135
+ if (result.exitCode !== 0) {
136
+ throw new Error(`Failed to set ${key}: ${result.stderr || 'Unknown error'}`);
137
+ }
138
+ }
139
+ }
140
+ }
141
+
142
+ /**
143
+ * Cleanup and destroy the sandbox container
144
+ */
145
+ override async destroy(): Promise<void> {
146
+ this.logger.info('Destroying sandbox container');
147
+ await super.destroy();
80
148
  }
81
149
 
82
150
  override onStart() {
83
- console.log("Sandbox successfully started");
151
+ this.logger.debug('Sandbox started');
84
152
  }
85
153
 
86
154
  override onStop() {
87
- console.log("Sandbox successfully shut down");
88
- if (this.client) {
89
- this.client.clearSession();
90
- }
155
+ this.logger.debug('Sandbox stopped');
91
156
  }
92
157
 
93
158
  override onError(error: unknown) {
94
- console.log("Sandbox error:", error);
159
+ this.logger.error('Sandbox error', error instanceof Error ? error : new Error(String(error)));
95
160
  }
96
161
 
97
162
  // Override fetch to route internal container requests to appropriate ports
98
163
  override async fetch(request: Request): Promise<Response> {
99
- const url = new URL(request.url);
164
+ // Extract or generate trace ID from request
165
+ const traceId = TraceContext.fromHeaders(request.headers) || TraceContext.generate();
100
166
 
101
- // Capture and store the sandbox name from the header if present
102
- if (!this.sandboxName && request.headers.has('X-Sandbox-Name')) {
103
- const name = request.headers.get('X-Sandbox-Name')!;
104
- this.sandboxName = name;
105
- await this.ctx.storage.put('sandboxName', name);
106
- console.log(`[Sandbox] Stored sandbox name: ${this.sandboxName}`);
107
- }
167
+ // Create request-specific logger with trace ID
168
+ const requestLogger = this.logger.child({ traceId, operation: 'fetch' });
169
+
170
+ return await runWithLogger(requestLogger, async () => {
171
+ const url = new URL(request.url);
172
+
173
+ // Capture and store the sandbox name from the header if present
174
+ if (!this.sandboxName && request.headers.has('X-Sandbox-Name')) {
175
+ const name = request.headers.get('X-Sandbox-Name')!;
176
+ this.sandboxName = name;
177
+ await this.ctx.storage.put('sandboxName', name);
178
+ }
108
179
 
109
- // Determine which port to route to
110
- const port = this.determinePort(url);
180
+ // Determine which port to route to
181
+ const port = this.determinePort(url);
111
182
 
112
- // Route to the appropriate port
113
- return await this.containerFetch(request, port);
183
+ // Route to the appropriate port
184
+ return await this.containerFetch(request, port);
185
+ });
114
186
  }
115
187
 
116
188
  private determinePort(url: URL): number {
117
189
  // Extract port from proxy requests (e.g., /proxy/8080/*)
118
190
  const proxyMatch = url.pathname.match(/^\/proxy\/(\d+)/);
119
191
  if (proxyMatch) {
120
- return parseInt(proxyMatch[1]);
192
+ return parseInt(proxyMatch[1], 10);
121
193
  }
122
194
 
123
195
  // All other requests go to control plane on port 3000
@@ -125,9 +197,62 @@ export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
125
197
  return 3000;
126
198
  }
127
199
 
200
+ /**
201
+ * Ensure default session exists - lazy initialization
202
+ * This is called automatically by all public methods that need a session
203
+ *
204
+ * The session is persisted to Durable Object storage to survive hot reloads
205
+ * during development. If a session already exists in the container after reload,
206
+ * we reuse it instead of trying to create a new one.
207
+ */
208
+ private async ensureDefaultSession(): Promise<string> {
209
+ if (!this.defaultSession) {
210
+ const sessionId = `sandbox-${this.sandboxName || 'default'}`;
211
+
212
+ try {
213
+ // Try to create session in container
214
+ await this.client.utils.createSession({
215
+ id: sessionId,
216
+ env: this.envVars || {},
217
+ cwd: '/workspace',
218
+ });
219
+
220
+ this.defaultSession = sessionId;
221
+ // Persist to storage so it survives hot reloads
222
+ await this.ctx.storage.put('defaultSession', sessionId);
223
+ this.logger.debug('Default session initialized', { sessionId });
224
+ } catch (error: any) {
225
+ // If session already exists (e.g., after hot reload), reuse it
226
+ if (error?.message?.includes('already exists') || error?.message?.includes('Session')) {
227
+ this.logger.debug('Reusing existing session after reload', { sessionId });
228
+ this.defaultSession = sessionId;
229
+ // Persist to storage in case it wasn't saved before
230
+ await this.ctx.storage.put('defaultSession', sessionId);
231
+ } else {
232
+ // Re-throw other errors
233
+ throw error;
234
+ }
235
+ }
236
+ }
237
+ return this.defaultSession;
238
+ }
239
+
128
240
  // Enhanced exec method - always returns ExecResult with optional streaming
129
241
  // This replaces the old exec method to match ISandbox interface
130
242
  async exec(command: string, options?: ExecOptions): Promise<ExecResult> {
243
+ const session = await this.ensureDefaultSession();
244
+ return this.execWithSession(command, session, options);
245
+ }
246
+
247
+ /**
248
+ * Internal session-aware exec implementation
249
+ * Used by both public exec() and session wrappers
250
+ */
251
+ private async execWithSession(
252
+ command: string,
253
+ sessionId: string,
254
+ options?: ExecOptions
255
+ ): Promise<ExecResult> {
131
256
  const startTime = Date.now();
132
257
  const timestamp = new Date().toISOString();
133
258
 
@@ -144,16 +269,13 @@ export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
144
269
 
145
270
  if (options?.stream && options?.onOutput) {
146
271
  // Streaming with callbacks - we need to collect the final result
147
- result = await this.executeWithStreaming(command, options, startTime, timestamp);
272
+ result = await this.executeWithStreaming(command, sessionId, options, startTime, timestamp);
148
273
  } else {
149
- // Regular execution
150
- const response = await this.client.execute(
151
- command,
152
- options?.sessionId
153
- );
274
+ // Regular execution with session
275
+ const response = await this.client.commands.execute(command, sessionId);
154
276
 
155
277
  const duration = Date.now() - startTime;
156
- result = this.mapExecuteResponseToExecResult(response, duration, options?.sessionId);
278
+ result = this.mapExecuteResponseToExecResult(response, duration, sessionId);
157
279
  }
158
280
 
159
281
  // Call completion callback if provided
@@ -176,6 +298,7 @@ export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
176
298
 
177
299
  private async executeWithStreaming(
178
300
  command: string,
301
+ sessionId: string,
179
302
  options: ExecOptions,
180
303
  startTime: number,
181
304
  timestamp: string
@@ -184,10 +307,9 @@ export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
184
307
  let stderr = '';
185
308
 
186
309
  try {
187
- const stream = await this.client.executeCommandStream(command, options.sessionId);
188
- const { parseSSEStream } = await import('./sse-parser');
310
+ const stream = await this.client.commands.executeStream(command, sessionId);
189
311
 
190
- for await (const event of parseSSEStream<import('./types').ExecEvent>(stream)) {
312
+ for await (const event of parseSSEStream<ExecEvent>(stream)) {
191
313
  // Check for cancellation
192
314
  if (options.signal?.aborted) {
193
315
  throw new Error('Operation was aborted');
@@ -211,20 +333,20 @@ export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
211
333
  case 'complete': {
212
334
  // Use result from complete event if available
213
335
  const duration = Date.now() - startTime;
214
- return event.result || {
215
- success: event.exitCode === 0,
216
- exitCode: event.exitCode || 0,
336
+ return {
337
+ success: (event.exitCode ?? 0) === 0,
338
+ exitCode: event.exitCode ?? 0,
217
339
  stdout,
218
340
  stderr,
219
341
  command,
220
342
  duration,
221
343
  timestamp,
222
- sessionId: options.sessionId
344
+ sessionId
223
345
  };
224
346
  }
225
347
 
226
348
  case 'error':
227
- throw new Error(event.error || 'Command execution failed');
349
+ throw new Error(event.data || 'Command execution failed');
228
350
  }
229
351
  }
230
352
 
@@ -240,7 +362,7 @@ export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
240
362
  }
241
363
 
242
364
  private mapExecuteResponseToExecResult(
243
- response: import('./client').ExecuteResponse,
365
+ response: ExecuteResponse,
244
366
  duration: number,
245
367
  sessionId?: string
246
368
  ): ExecResult {
@@ -256,57 +378,68 @@ export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
256
378
  };
257
379
  }
258
380
 
381
+ /**
382
+ * Create a Process domain object from HTTP client DTO
383
+ * Centralizes process object creation with bound methods
384
+ * This eliminates duplication across startProcess, listProcesses, getProcess, and session wrappers
385
+ */
386
+ private createProcessFromDTO(
387
+ data: {
388
+ id: string;
389
+ pid?: number;
390
+ command: string;
391
+ status: ProcessStatus;
392
+ startTime: string | Date;
393
+ endTime?: string | Date;
394
+ exitCode?: number;
395
+ },
396
+ sessionId: string
397
+ ): Process {
398
+ return {
399
+ id: data.id,
400
+ pid: data.pid,
401
+ command: data.command,
402
+ status: data.status,
403
+ startTime: typeof data.startTime === 'string' ? new Date(data.startTime) : data.startTime,
404
+ endTime: data.endTime ? (typeof data.endTime === 'string' ? new Date(data.endTime) : data.endTime) : undefined,
405
+ exitCode: data.exitCode,
406
+ sessionId,
407
+
408
+ kill: async (signal?: string) => {
409
+ await this.killProcess(data.id, signal);
410
+ },
411
+
412
+ getStatus: async () => {
413
+ const current = await this.getProcess(data.id);
414
+ return current?.status || 'error';
415
+ },
416
+
417
+ getLogs: async () => {
418
+ const logs = await this.getProcessLogs(data.id);
419
+ return { stdout: logs.stdout, stderr: logs.stderr };
420
+ }
421
+ };
422
+ }
423
+
259
424
 
260
425
  // Background process management
261
- async startProcess(command: string, options?: ProcessOptions): Promise<Process> {
426
+ async startProcess(command: string, options?: ProcessOptions, sessionId?: string): Promise<Process> {
262
427
  // Use the new HttpClient method to start the process
263
428
  try {
264
- const response = await this.client.startProcess(command, {
265
- processId: options?.processId,
266
- sessionId: options?.sessionId,
267
- timeout: options?.timeout,
268
- env: options?.env,
269
- cwd: options?.cwd,
270
- encoding: options?.encoding,
271
- autoCleanup: options?.autoCleanup
429
+ const session = sessionId ?? await this.ensureDefaultSession();
430
+ const response = await this.client.processes.startProcess(command, session, {
431
+ processId: options?.processId
272
432
  });
273
433
 
274
- const process = response.process;
275
- const processObj: Process = {
276
- id: process.id,
277
- pid: process.pid,
278
- command: process.command,
279
- status: process.status as ProcessStatus,
280
- startTime: new Date(process.startTime),
434
+ const processObj = this.createProcessFromDTO({
435
+ id: response.processId,
436
+ pid: response.pid,
437
+ command: response.command,
438
+ status: 'running' as ProcessStatus,
439
+ startTime: new Date(),
281
440
  endTime: undefined,
282
- exitCode: undefined,
283
- sessionId: process.sessionId,
284
-
285
- async kill(): Promise<void> {
286
- throw new Error('Method will be replaced');
287
- },
288
- async getStatus(): Promise<ProcessStatus> {
289
- throw new Error('Method will be replaced');
290
- },
291
- async getLogs(): Promise<{ stdout: string; stderr: string }> {
292
- throw new Error('Method will be replaced');
293
- }
294
- };
295
-
296
- // Bind context properly
297
- processObj.kill = async (signal?: string) => {
298
- await this.killProcess(process.id, signal);
299
- };
300
-
301
- processObj.getStatus = async () => {
302
- const current = await this.getProcess(process.id);
303
- return current?.status || 'error';
304
- };
305
-
306
- processObj.getLogs = async () => {
307
- const logs = await this.getProcessLogs(process.id);
308
- return { stdout: logs.stdout, stderr: logs.stderr };
309
- };
441
+ exitCode: undefined
442
+ }, session);
310
443
 
311
444
  // Call onStart callback if provided
312
445
  if (options?.onStart) {
@@ -324,108 +457,68 @@ export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
324
457
  }
325
458
  }
326
459
 
327
- async listProcesses(): Promise<Process[]> {
328
- const response = await this.client.listProcesses();
329
-
330
- return response.processes.map(processData => ({
331
- id: processData.id,
332
- pid: processData.pid,
333
- command: processData.command,
334
- status: processData.status,
335
- startTime: new Date(processData.startTime),
336
- endTime: processData.endTime ? new Date(processData.endTime) : undefined,
337
- exitCode: processData.exitCode,
338
- sessionId: processData.sessionId,
339
-
340
- kill: async (signal?: string) => {
341
- await this.killProcess(processData.id, signal);
342
- },
343
-
344
- getStatus: async () => {
345
- const current = await this.getProcess(processData.id);
346
- return current?.status || 'error';
347
- },
348
-
349
- getLogs: async () => {
350
- const logs = await this.getProcessLogs(processData.id);
351
- return { stdout: logs.stdout, stderr: logs.stderr };
352
- }
353
- }));
460
+ async listProcesses(sessionId?: string): Promise<Process[]> {
461
+ const session = sessionId ?? await this.ensureDefaultSession();
462
+ const response = await this.client.processes.listProcesses();
463
+
464
+ return response.processes.map(processData =>
465
+ this.createProcessFromDTO({
466
+ id: processData.id,
467
+ pid: processData.pid,
468
+ command: processData.command,
469
+ status: processData.status,
470
+ startTime: processData.startTime,
471
+ endTime: processData.endTime,
472
+ exitCode: processData.exitCode
473
+ }, session)
474
+ );
354
475
  }
355
476
 
356
- async getProcess(id: string): Promise<Process | null> {
357
- const response = await this.client.getProcess(id);
477
+ async getProcess(id: string, sessionId?: string): Promise<Process | null> {
478
+ const session = sessionId ?? await this.ensureDefaultSession();
479
+ const response = await this.client.processes.getProcess(id);
358
480
  if (!response.process) {
359
481
  return null;
360
482
  }
361
483
 
362
484
  const processData = response.process;
363
- return {
485
+ return this.createProcessFromDTO({
364
486
  id: processData.id,
365
487
  pid: processData.pid,
366
488
  command: processData.command,
367
489
  status: processData.status,
368
- startTime: new Date(processData.startTime),
369
- endTime: processData.endTime ? new Date(processData.endTime) : undefined,
370
- exitCode: processData.exitCode,
371
- sessionId: processData.sessionId,
372
-
373
- kill: async (signal?: string) => {
374
- await this.killProcess(processData.id, signal);
375
- },
376
-
377
- getStatus: async () => {
378
- const current = await this.getProcess(processData.id);
379
- return current?.status || 'error';
380
- },
381
-
382
- getLogs: async () => {
383
- const logs = await this.getProcessLogs(processData.id);
384
- return { stdout: logs.stdout, stderr: logs.stderr };
385
- }
386
- };
490
+ startTime: processData.startTime,
491
+ endTime: processData.endTime,
492
+ exitCode: processData.exitCode
493
+ }, session);
387
494
  }
388
495
 
389
- async killProcess(id: string, _signal?: string): Promise<void> {
390
- try {
391
- // Note: signal parameter is not currently supported by the HttpClient implementation
392
- await this.client.killProcess(id);
393
- } catch (error) {
394
- if (error instanceof Error && error.message.includes('Process not found')) {
395
- throw new ProcessNotFoundError(id);
396
- }
397
- throw new SandboxError(
398
- `Failed to kill process ${id}: ${error instanceof Error ? error.message : 'Unknown error'}`,
399
- 'KILL_PROCESS_FAILED'
400
- );
401
- }
496
+ async killProcess(id: string, signal?: string, sessionId?: string): Promise<void> {
497
+ // Note: signal parameter is not currently supported by the HttpClient implementation
498
+ // The HTTP client already throws properly typed errors, so we just let them propagate
499
+ await this.client.processes.killProcess(id);
402
500
  }
403
501
 
404
- async killAllProcesses(): Promise<number> {
405
- const response = await this.client.killAllProcesses();
406
- return response.killedCount;
502
+ async killAllProcesses(sessionId?: string): Promise<number> {
503
+ const response = await this.client.processes.killAllProcesses();
504
+ return response.cleanedCount;
407
505
  }
408
506
 
409
- async cleanupCompletedProcesses(): Promise<number> {
507
+ async cleanupCompletedProcesses(sessionId?: string): Promise<number> {
410
508
  // For now, this would need to be implemented as a container endpoint
411
509
  // as we no longer maintain local process storage
412
510
  // We'll return 0 as a placeholder until the container endpoint is added
413
511
  return 0;
414
512
  }
415
513
 
416
- async getProcessLogs(id: string): Promise<{ stdout: string; stderr: string }> {
417
- try {
418
- const response = await this.client.getProcessLogs(id);
419
- return {
420
- stdout: response.stdout,
421
- stderr: response.stderr
422
- };
423
- } catch (error) {
424
- if (error instanceof Error && error.message.includes('Process not found')) {
425
- throw new ProcessNotFoundError(id);
426
- }
427
- throw error;
428
- }
514
+ async getProcessLogs(id: string, sessionId?: string): Promise<{ stdout: string; stderr: string; processId: string }> {
515
+ // The HTTP client already throws properly typed errors, so we just let them propagate
516
+ const response = await this.client.processes.getProcessLogs(id);
517
+ return {
518
+ stdout: response.stdout,
519
+ stderr: response.stderr,
520
+ processId: response.processId
521
+ };
429
522
  }
430
523
 
431
524
 
@@ -436,11 +529,21 @@ export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
436
529
  throw new Error('Operation was aborted');
437
530
  }
438
531
 
439
- // Get the stream from HttpClient (need to add this method)
440
- const stream = await this.client.executeCommandStream(command, options?.sessionId);
532
+ const session = await this.ensureDefaultSession();
533
+ // Get the stream from CommandClient
534
+ return this.client.commands.executeStream(command, session);
535
+ }
536
+
537
+ /**
538
+ * Internal session-aware execStream implementation
539
+ */
540
+ private async execStreamWithSession(command: string, sessionId: string, options?: StreamOptions): Promise<ReadableStream<Uint8Array>> {
541
+ // Check for cancellation
542
+ if (options?.signal?.aborted) {
543
+ throw new Error('Operation was aborted');
544
+ }
441
545
 
442
- // Return the ReadableStream directly - can be converted to AsyncIterable by consumers
443
- return stream;
546
+ return this.client.commands.executeStream(command, sessionId);
444
547
  }
445
548
 
446
549
  async streamProcessLogs(processId: string, options?: { signal?: AbortSignal }): Promise<ReadableStream<Uint8Array>> {
@@ -449,69 +552,117 @@ export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
449
552
  throw new Error('Operation was aborted');
450
553
  }
451
554
 
452
- // Get the stream from HttpClient
453
- const stream = await this.client.streamProcessLogs(processId);
454
-
455
- // Return the ReadableStream directly - can be converted to AsyncIterable by consumers
456
- return stream;
555
+ return this.client.processes.streamProcessLogs(processId);
457
556
  }
458
557
 
459
558
  async gitCheckout(
460
559
  repoUrl: string,
461
- options: { branch?: string; targetDir?: string }
560
+ options: { branch?: string; targetDir?: string; sessionId?: string }
462
561
  ) {
463
- return this.client.gitCheckout(repoUrl, options.branch, options.targetDir);
562
+ const session = options.sessionId ?? await this.ensureDefaultSession();
563
+ return this.client.git.checkout(repoUrl, session, {
564
+ branch: options.branch,
565
+ targetDir: options.targetDir
566
+ });
464
567
  }
465
568
 
466
569
  async mkdir(
467
570
  path: string,
468
- options: { recursive?: boolean } = {}
571
+ options: { recursive?: boolean; sessionId?: string } = {}
469
572
  ) {
470
- return this.client.mkdir(path, options.recursive);
573
+ const session = options.sessionId ?? await this.ensureDefaultSession();
574
+ return this.client.files.mkdir(path, session, { recursive: options.recursive });
471
575
  }
472
576
 
473
577
  async writeFile(
474
578
  path: string,
475
579
  content: string,
476
- options: { encoding?: string } = {}
580
+ options: { encoding?: string; sessionId?: string } = {}
477
581
  ) {
478
- return this.client.writeFile(path, content, options.encoding);
582
+ const session = options.sessionId ?? await this.ensureDefaultSession();
583
+ return this.client.files.writeFile(path, content, session, { encoding: options.encoding });
479
584
  }
480
585
 
481
- async deleteFile(path: string) {
482
- return this.client.deleteFile(path);
586
+ async deleteFile(path: string, sessionId?: string) {
587
+ const session = sessionId ?? await this.ensureDefaultSession();
588
+ return this.client.files.deleteFile(path, session);
483
589
  }
484
590
 
485
591
  async renameFile(
486
592
  oldPath: string,
487
- newPath: string
593
+ newPath: string,
594
+ sessionId?: string
488
595
  ) {
489
- return this.client.renameFile(oldPath, newPath);
596
+ const session = sessionId ?? await this.ensureDefaultSession();
597
+ return this.client.files.renameFile(oldPath, newPath, session);
490
598
  }
491
599
 
492
600
  async moveFile(
493
601
  sourcePath: string,
494
- destinationPath: string
602
+ destinationPath: string,
603
+ sessionId?: string
495
604
  ) {
496
- return this.client.moveFile(sourcePath, destinationPath);
605
+ const session = sessionId ?? await this.ensureDefaultSession();
606
+ return this.client.files.moveFile(sourcePath, destinationPath, session);
497
607
  }
498
608
 
499
609
  async readFile(
500
610
  path: string,
501
- options: { encoding?: string } = {}
611
+ options: { encoding?: string; sessionId?: string } = {}
612
+ ) {
613
+ const session = options.sessionId ?? await this.ensureDefaultSession();
614
+ return this.client.files.readFile(path, session, { encoding: options.encoding });
615
+ }
616
+
617
+ /**
618
+ * Stream a file from the sandbox using Server-Sent Events
619
+ * Returns a ReadableStream that can be consumed with streamFile() or collectFile() utilities
620
+ * @param path - Path to the file to stream
621
+ * @param options - Optional session ID
622
+ */
623
+ async readFileStream(
624
+ path: string,
625
+ options: { sessionId?: string } = {}
626
+ ): Promise<ReadableStream<Uint8Array>> {
627
+ const session = options.sessionId ?? await this.ensureDefaultSession();
628
+ return this.client.files.readFileStream(path, session);
629
+ }
630
+
631
+ async listFiles(
632
+ path: string,
633
+ options?: { recursive?: boolean; includeHidden?: boolean }
502
634
  ) {
503
- return this.client.readFile(path, options.encoding);
635
+ const session = await this.ensureDefaultSession();
636
+ return this.client.files.listFiles(path, session, options);
504
637
  }
505
638
 
506
639
  async exposePort(port: number, options: { name?: string; hostname: string }) {
507
- await this.client.exposePort(port, options?.name);
640
+ // Check if hostname is workers.dev domain (doesn't support wildcard subdomains)
641
+ if (options.hostname.endsWith('.workers.dev')) {
642
+ const errorResponse: ErrorResponse = {
643
+ code: ErrorCode.CUSTOM_DOMAIN_REQUIRED,
644
+ message: `Port exposure requires a custom domain. .workers.dev domains do not support wildcard subdomains required for port proxying.`,
645
+ context: { originalError: options.hostname },
646
+ httpStatus: 400,
647
+ timestamp: new Date().toISOString()
648
+ };
649
+ throw new CustomDomainRequiredError(errorResponse);
650
+ }
651
+
652
+ const sessionId = await this.ensureDefaultSession();
653
+ await this.client.ports.exposePort(port, sessionId, options?.name);
508
654
 
509
655
  // We need the sandbox name to construct preview URLs
510
656
  if (!this.sandboxName) {
511
657
  throw new Error('Sandbox name not available. Ensure sandbox is accessed through getSandbox()');
512
658
  }
513
659
 
514
- const url = this.constructPreviewUrl(port, this.sandboxName, options.hostname);
660
+ // Generate and store token for this port
661
+ const token = this.generatePortToken();
662
+ this.portTokens.set(port, token);
663
+ await this.persistPortTokens();
664
+
665
+ const url = this.constructPreviewUrl(port, this.sandboxName, options.hostname, token);
515
666
 
516
667
  return {
517
668
  url,
@@ -522,58 +673,101 @@ export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
522
673
 
523
674
  async unexposePort(port: number) {
524
675
  if (!validatePort(port)) {
525
- logSecurityEvent('INVALID_PORT_UNEXPOSE', {
526
- port
527
- }, 'high');
528
676
  throw new SecurityError(`Invalid port number: ${port}. Must be between 1024-65535 and not reserved.`);
529
677
  }
530
678
 
531
- await this.client.unexposePort(port);
679
+ const sessionId = await this.ensureDefaultSession();
680
+ await this.client.ports.unexposePort(port, sessionId);
532
681
 
533
- logSecurityEvent('PORT_UNEXPOSED', {
534
- port
535
- }, 'low');
682
+ // Clean up token for this port
683
+ if (this.portTokens.has(port)) {
684
+ this.portTokens.delete(port);
685
+ await this.persistPortTokens();
686
+ }
536
687
  }
537
688
 
538
689
  async getExposedPorts(hostname: string) {
539
- const response = await this.client.getExposedPorts();
690
+ const sessionId = await this.ensureDefaultSession();
691
+ const response = await this.client.ports.getExposedPorts(sessionId);
540
692
 
541
693
  // We need the sandbox name to construct preview URLs
542
694
  if (!this.sandboxName) {
543
695
  throw new Error('Sandbox name not available. Ensure sandbox is accessed through getSandbox()');
544
696
  }
545
697
 
546
- return response.ports.map(port => ({
547
- url: this.constructPreviewUrl(port.port, this.sandboxName!, hostname),
548
- port: port.port,
549
- name: port.name,
550
- exposedAt: port.exposedAt,
551
- }));
698
+ return response.ports.map(port => {
699
+ // Get token for this port - must exist for all exposed ports
700
+ const token = this.portTokens.get(port.port);
701
+ if (!token) {
702
+ throw new Error(`Port ${port.port} is exposed but has no token. This should not happen.`);
703
+ }
704
+
705
+ return {
706
+ url: this.constructPreviewUrl(port.port, this.sandboxName!, hostname, token),
707
+ port: port.port,
708
+ status: port.status,
709
+ };
710
+ });
552
711
  }
553
712
 
554
713
 
555
- private constructPreviewUrl(port: number, sandboxId: string, hostname: string): string {
714
+ async isPortExposed(port: number): Promise<boolean> {
715
+ try {
716
+ const sessionId = await this.ensureDefaultSession();
717
+ const response = await this.client.ports.getExposedPorts(sessionId);
718
+ return response.ports.some(exposedPort => exposedPort.port === port);
719
+ } catch (error) {
720
+ this.logger.error('Error checking if port is exposed', error instanceof Error ? error : new Error(String(error)), { port });
721
+ return false;
722
+ }
723
+ }
724
+
725
+ async validatePortToken(port: number, token: string): Promise<boolean> {
726
+ // First check if port is exposed
727
+ const isExposed = await this.isPortExposed(port);
728
+ if (!isExposed) {
729
+ return false;
730
+ }
731
+
732
+ // Get stored token for this port - must exist for all exposed ports
733
+ const storedToken = this.portTokens.get(port);
734
+ if (!storedToken) {
735
+ // This should not happen - all exposed ports must have tokens
736
+ this.logger.error('Port is exposed but has no token - bug detected', undefined, { port });
737
+ return false;
738
+ }
739
+
740
+ // Constant-time comparison to prevent timing attacks
741
+ return storedToken === token;
742
+ }
743
+
744
+ private generatePortToken(): string {
745
+ // Generate cryptographically secure 16-character token using Web Crypto API
746
+ // Available in Cloudflare Workers runtime
747
+ const array = new Uint8Array(12); // 12 bytes = 16 base64url chars (after padding removal)
748
+ crypto.getRandomValues(array);
749
+
750
+ // Convert to base64url format (URL-safe, no padding, lowercase)
751
+ const base64 = btoa(String.fromCharCode(...array));
752
+ return base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '').toLowerCase();
753
+ }
754
+
755
+ private async persistPortTokens(): Promise<void> {
756
+ // Convert Map to plain object for storage
757
+ const tokensObj: Record<string, string> = {};
758
+ for (const [port, token] of this.portTokens.entries()) {
759
+ tokensObj[port.toString()] = token;
760
+ }
761
+ await this.ctx.storage.put('portTokens', tokensObj);
762
+ }
763
+
764
+ private constructPreviewUrl(port: number, sandboxId: string, hostname: string, token: string): string {
556
765
  if (!validatePort(port)) {
557
- logSecurityEvent('INVALID_PORT_REJECTED', {
558
- port,
559
- sandboxId,
560
- hostname
561
- }, 'high');
562
766
  throw new SecurityError(`Invalid port number: ${port}. Must be between 1024-65535 and not reserved.`);
563
767
  }
564
768
 
565
- let sanitizedSandboxId: string;
566
- try {
567
- sanitizedSandboxId = sanitizeSandboxId(sandboxId);
568
- } catch (error) {
569
- logSecurityEvent('INVALID_SANDBOX_ID_REJECTED', {
570
- sandboxId,
571
- port,
572
- hostname,
573
- error: error instanceof Error ? error.message : 'Unknown error'
574
- }, 'high');
575
- throw error;
576
- }
769
+ // Validate sandbox ID (will throw SecurityError if invalid)
770
+ const sanitizedSandboxId = sanitizeSandboxId(sandboxId);
577
771
 
578
772
  const isLocalhost = isLocalhostPattern(hostname);
579
773
 
@@ -585,28 +779,12 @@ export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
585
779
  // Use URL constructor for safe URL building
586
780
  try {
587
781
  const baseUrl = new URL(`http://${host}:${mainPort}`);
588
- // Construct subdomain safely
589
- const subdomainHost = `${port}-${sanitizedSandboxId}.${host}`;
782
+ // Construct subdomain safely with mandatory token
783
+ const subdomainHost = `${port}-${sanitizedSandboxId}-${token}.${host}`;
590
784
  baseUrl.hostname = subdomainHost;
591
785
 
592
- const finalUrl = baseUrl.toString();
593
-
594
- logSecurityEvent('PREVIEW_URL_CONSTRUCTED', {
595
- port,
596
- sandboxId: sanitizedSandboxId,
597
- hostname,
598
- resultUrl: finalUrl,
599
- environment: 'localhost'
600
- }, 'low');
601
-
602
- return finalUrl;
786
+ return baseUrl.toString();
603
787
  } catch (error) {
604
- logSecurityEvent('URL_CONSTRUCTION_FAILED', {
605
- port,
606
- sandboxId: sanitizedSandboxId,
607
- hostname,
608
- error: error instanceof Error ? error.message : 'Unknown error'
609
- }, 'high');
610
788
  throw new SecurityError(`Failed to construct preview URL: ${error instanceof Error ? error.message : 'Unknown error'}`);
611
789
  }
612
790
  }
@@ -617,29 +795,142 @@ export class Sandbox<Env = unknown> extends Container<Env> implements ISandbox {
617
795
  const protocol = "https";
618
796
  const baseUrl = new URL(`${protocol}://${hostname}`);
619
797
 
620
- // Construct subdomain safely
621
- const subdomainHost = `${port}-${sanitizedSandboxId}.${hostname}`;
798
+ // Construct subdomain safely with mandatory token
799
+ const subdomainHost = `${port}-${sanitizedSandboxId}-${token}.${hostname}`;
622
800
  baseUrl.hostname = subdomainHost;
623
801
 
624
- const finalUrl = baseUrl.toString();
625
-
626
- logSecurityEvent('PREVIEW_URL_CONSTRUCTED', {
627
- port,
628
- sandboxId: sanitizedSandboxId,
629
- hostname,
630
- resultUrl: finalUrl,
631
- environment: 'production'
632
- }, 'low');
633
-
634
- return finalUrl;
802
+ return baseUrl.toString();
635
803
  } catch (error) {
636
- logSecurityEvent('URL_CONSTRUCTION_FAILED', {
637
- port,
638
- sandboxId: sanitizedSandboxId,
639
- hostname,
640
- error: error instanceof Error ? error.message : 'Unknown error'
641
- }, 'high');
642
804
  throw new SecurityError(`Failed to construct preview URL: ${error instanceof Error ? error.message : 'Unknown error'}`);
643
805
  }
644
806
  }
807
+
808
+ // ============================================================================
809
+ // Session Management - Advanced Use Cases
810
+ // ============================================================================
811
+
812
+ /**
813
+ * Create isolated execution session for advanced use cases
814
+ * Returns ExecutionSession with full sandbox API bound to specific session
815
+ */
816
+ async createSession(options?: SessionOptions): Promise<ExecutionSession> {
817
+ const sessionId = options?.id || `session-${Date.now()}`;
818
+
819
+ // Create session in container
820
+ await this.client.utils.createSession({
821
+ id: sessionId,
822
+ env: options?.env,
823
+ cwd: options?.cwd,
824
+ });
825
+
826
+ // Return wrapper that binds sessionId to all operations
827
+ return this.getSessionWrapper(sessionId);
828
+ }
829
+
830
+ /**
831
+ * Get an existing session by ID
832
+ * Returns ExecutionSession wrapper bound to the specified session
833
+ *
834
+ * This is useful for retrieving sessions across different requests/contexts
835
+ * without storing the ExecutionSession object (which has RPC lifecycle limitations)
836
+ *
837
+ * @param sessionId - The ID of an existing session
838
+ * @returns ExecutionSession wrapper bound to the session
839
+ */
840
+ async getSession(sessionId: string): Promise<ExecutionSession> {
841
+ // No need to verify session exists in container - operations will fail naturally if it doesn't
842
+ return this.getSessionWrapper(sessionId);
843
+ }
844
+
845
+ /**
846
+ * Internal helper to create ExecutionSession wrapper for a given sessionId
847
+ * Used by both createSession and getSession
848
+ */
849
+ private getSessionWrapper(sessionId: string): ExecutionSession {
850
+ return {
851
+ id: sessionId,
852
+
853
+ // Command execution - delegate to internal session-aware methods
854
+ exec: (command, options) => this.execWithSession(command, sessionId, options),
855
+ execStream: (command, options) => this.execStreamWithSession(command, sessionId, options),
856
+
857
+ // Process management
858
+ startProcess: (command, options) => this.startProcess(command, options, sessionId),
859
+ listProcesses: () => this.listProcesses(sessionId),
860
+ getProcess: (id) => this.getProcess(id, sessionId),
861
+ killProcess: (id, signal) => this.killProcess(id, signal),
862
+ killAllProcesses: () => this.killAllProcesses(),
863
+ cleanupCompletedProcesses: () => this.cleanupCompletedProcesses(),
864
+ getProcessLogs: (id) => this.getProcessLogs(id),
865
+ streamProcessLogs: (processId, options) => this.streamProcessLogs(processId, options),
866
+
867
+ // File operations - pass sessionId via options or parameter
868
+ writeFile: (path, content, options) => this.writeFile(path, content, { ...options, sessionId }),
869
+ readFile: (path, options) => this.readFile(path, { ...options, sessionId }),
870
+ readFileStream: (path) => this.readFileStream(path, { sessionId }),
871
+ mkdir: (path, options) => this.mkdir(path, { ...options, sessionId }),
872
+ deleteFile: (path) => this.deleteFile(path, sessionId),
873
+ renameFile: (oldPath, newPath) => this.renameFile(oldPath, newPath, sessionId),
874
+ moveFile: (sourcePath, destPath) => this.moveFile(sourcePath, destPath, sessionId),
875
+ listFiles: (path, options) => this.client.files.listFiles(path, sessionId, options),
876
+
877
+ // Git operations
878
+ gitCheckout: (repoUrl, options) => this.gitCheckout(repoUrl, { ...options, sessionId }),
879
+
880
+ // Environment management - needs special handling
881
+ setEnvVars: async (envVars: Record<string, string>) => {
882
+ try {
883
+ // Set environment variables by executing export commands
884
+ for (const [key, value] of Object.entries(envVars)) {
885
+ const escapedValue = value.replace(/'/g, "'\\''");
886
+ const exportCommand = `export ${key}='${escapedValue}'`;
887
+
888
+ const result = await this.client.commands.execute(exportCommand, sessionId);
889
+
890
+ if (result.exitCode !== 0) {
891
+ throw new Error(`Failed to set ${key}: ${result.stderr || 'Unknown error'}`);
892
+ }
893
+ }
894
+ } catch (error) {
895
+ this.logger.error('Failed to set environment variables', error instanceof Error ? error : new Error(String(error)), { sessionId });
896
+ throw error;
897
+ }
898
+ },
899
+
900
+ // Code interpreter methods - delegate to sandbox's code interpreter
901
+ createCodeContext: (options) => this.codeInterpreter.createCodeContext(options),
902
+ runCode: async (code, options) => {
903
+ const execution = await this.codeInterpreter.runCode(code, options);
904
+ return execution.toJSON();
905
+ },
906
+ runCodeStream: (code, options) => this.codeInterpreter.runCodeStream(code, options),
907
+ listCodeContexts: () => this.codeInterpreter.listCodeContexts(),
908
+ deleteCodeContext: (contextId) => this.codeInterpreter.deleteCodeContext(contextId),
909
+ };
910
+ }
911
+
912
+ // ============================================================================
913
+ // Code interpreter methods - delegate to CodeInterpreter wrapper
914
+ // ============================================================================
915
+
916
+ async createCodeContext(options?: CreateContextOptions): Promise<CodeContext> {
917
+ return this.codeInterpreter.createCodeContext(options);
918
+ }
919
+
920
+ async runCode(code: string, options?: RunCodeOptions): Promise<ExecutionResult> {
921
+ const execution = await this.codeInterpreter.runCode(code, options);
922
+ return execution.toJSON();
923
+ }
924
+
925
+ async runCodeStream(code: string, options?: RunCodeOptions): Promise<ReadableStream> {
926
+ return this.codeInterpreter.runCodeStream(code, options);
927
+ }
928
+
929
+ async listCodeContexts(): Promise<CodeContext[]> {
930
+ return this.codeInterpreter.listCodeContexts();
931
+ }
932
+
933
+ async deleteCodeContext(contextId: string): Promise<void> {
934
+ return this.codeInterpreter.deleteCodeContext(contextId);
935
+ }
645
936
  }