@cloudflare/sandbox 0.0.0-aa00a75 → 0.0.0-aeba44f

package/CHANGELOG.md

@@ -1,5 +1,151 @@
 # @cloudflare/sandbox
 
+## 0.4.19
+
+### Patch Changes
+
+- [#203](https://github.com/cloudflare/sandbox-sdk/pull/203) [`63b07c0`](https://github.com/cloudflare/sandbox-sdk/commit/63b07c0895f3cb9bf44fc84df1b5671b27391152) Thanks [@whoiskatrin](https://github.com/whoiskatrin)! - Fix listFiles to work in hidden directories without includeHidden flag
+
+## 0.4.18
+
+### Patch Changes
+
+- [`228ef5b`](https://github.com/cloudflare/sandbox-sdk/commit/228ef5b6e57fa3c38dc8d90e006ae58d0815aaec) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Fix encoding parameter handling in file operations to enable MIME auto-detection. Previously, SDK and container handlers added default 'utf8' encoding, preventing MIME-based detection of binary files. Now encoding parameter is passed through as-is, allowing automatic detection when not explicitly specified.
+
+## 0.4.17
+
+### Patch Changes
+
+- [#198](https://github.com/cloudflare/sandbox-sdk/pull/198) [`93c6cc7`](https://github.com/cloudflare/sandbox-sdk/commit/93c6cc7c6b8df9e0a733fa852faf5d2f1c5758da) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Fix container startup failures when WORKDIR is changed in derived Dockerfiles
+
+## 0.4.16
+
+### Patch Changes
+
+- [#184](https://github.com/cloudflare/sandbox-sdk/pull/184) [`7989b61`](https://github.com/cloudflare/sandbox-sdk/commit/7989b6105cea8c381dd162be0bcb29db3e214fde) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Redact credentials from Git URLs in logs
+
+- [#186](https://github.com/cloudflare/sandbox-sdk/pull/186) [`c2e3384`](https://github.com/cloudflare/sandbox-sdk/commit/c2e3384b151ae3f430c2edc8c492921d0b6b8b1c) Thanks [@whoiskatrin](https://github.com/whoiskatrin)! - Expose deleteSession API with proper safeguards
+  - Add `deleteSession(sessionId)` method to public SDK API
+  - Prevent deletion of default session (throws error with guidance to use `sandbox.destroy()`)
+  - Session cleanup kills all running commands in parallel before destroying shell
+  - Return structured `SessionDeleteResult` with success status, sessionId, and timestamp
+
+## 0.4.15
+
+### Patch Changes
+
+- [#185](https://github.com/cloudflare/sandbox-sdk/pull/185) [`7897cdd`](https://github.com/cloudflare/sandbox-sdk/commit/7897cddefc366bbd640ea138b34a520a0b2ddf8c) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Fix foreground commands blocking on background processes
+
+- [#183](https://github.com/cloudflare/sandbox-sdk/pull/183) [`ff2fa91`](https://github.com/cloudflare/sandbox-sdk/commit/ff2fa91479357ef88cfb22418f88acb257462faa) Thanks [@whoiskatrin](https://github.com/whoiskatrin)! - update python to 3.11.14
+
+## 0.4.14
+
+### Patch Changes
+
+- [#172](https://github.com/cloudflare/sandbox-sdk/pull/172) [`1bf3576`](https://github.com/cloudflare/sandbox-sdk/commit/1bf35768b02532c77df6f30a2f2eb08cb2b12115) Thanks [@threepointone](https://github.com/threepointone)! - Update dependencies
+
+- [#176](https://github.com/cloudflare/sandbox-sdk/pull/176) [`7edbfa9`](https://github.com/cloudflare/sandbox-sdk/commit/7edbfa906668d75f540527f50b52483dc787192c) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Add cache mounts to Dockerfile for faster builds
+
+  Adds cache mounts for npm, apt, and pip package managers in the Dockerfile. This speeds up Docker image builds when dependencies change, particularly beneficial for users building from source.
+
+- [#172](https://github.com/cloudflare/sandbox-sdk/pull/172) [`1bf3576`](https://github.com/cloudflare/sandbox-sdk/commit/1bf35768b02532c77df6f30a2f2eb08cb2b12115) Thanks [@threepointone](https://github.com/threepointone)! - Fix type generation
+
+  We inline types from `@repo/shared` so that it includes the types we reexport. Fixes #165
+
+- [#175](https://github.com/cloudflare/sandbox-sdk/pull/175) [`77cb937`](https://github.com/cloudflare/sandbox-sdk/commit/77cb93762a619523758f769a10509e665ca819fe) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Move .connect to .wsConnect within DO stub
+
+## 0.4.13
+
+### Patch Changes
+
+- [#168](https://github.com/cloudflare/sandbox-sdk/pull/168) [`6b08f02`](https://github.com/cloudflare/sandbox-sdk/commit/6b08f02c061aef07cc98188abef2973ac92365f8) Thanks [@threepointone](https://github.com/threepointone)! - Fix type generation
+
+  We inline types from `@repo/shared` so that it includes the types we reexport. Fixes #165
+
+- [#162](https://github.com/cloudflare/sandbox-sdk/pull/162) [`c4db459`](https://github.com/cloudflare/sandbox-sdk/commit/c4db459389a7b86048a03410d67d4dd7bf4a6085) Thanks [@whoiskatrin](https://github.com/whoiskatrin)! - Add WebSocket support via connect() method for routing client WebSocket connections directly to container services
+
+## 0.4.12
+
+### Patch Changes
+
+- [#137](https://github.com/cloudflare/sandbox-sdk/pull/137) [`7f4442b`](https://github.com/cloudflare/sandbox-sdk/commit/7f4442b7a097587d8f8e8f9ff2f887df6943a3db) Thanks [@whoiskatrin](https://github.com/whoiskatrin)! - add keepAlive flag to prevent containers from shutting down
+
+## 0.4.11
+
+### Patch Changes
+
+- [#159](https://github.com/cloudflare/sandbox-sdk/pull/159) [`e16659a`](https://github.com/cloudflare/sandbox-sdk/commit/e16659a1815923f1cd1176f51a052725d820ee16) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Use latest containers package version
+
+## 0.4.10
+
+### Patch Changes
+
+- [#156](https://github.com/cloudflare/sandbox-sdk/pull/156) [`b61841c`](https://github.com/cloudflare/sandbox-sdk/commit/b61841cfb3248022ee8136311e54955ed9faa1ee) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Fix WebSocket upgrade requests through exposed ports
+
+## 0.4.9
+
+### Patch Changes
+
+- [#152](https://github.com/cloudflare/sandbox-sdk/pull/152) [`8e7773e`](https://github.com/cloudflare/sandbox-sdk/commit/8e7773ec9571a5f968cbbc5f48e38e01d7d13b77) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Add exists() method to check if a file or directory exists
+
+  This adds a new `exists()` method to the SDK that checks whether a file or directory exists at a given path. The method returns a boolean indicating existence, similar to Python's `os.path.exists()` and JavaScript's `fs.existsSync()`.
+
+  The implementation is end-to-end:
+  - New `FileExistsResult` and `FileExistsRequest` types in shared package
+  - Handler endpoint at `/api/exists` in container layer
+  - Client method in `FileClient` and `Sandbox` classes
+  - Full test coverage (unit tests and E2E tests)
+
+## 0.4.8
+
+### Patch Changes
+
+- [#153](https://github.com/cloudflare/sandbox-sdk/pull/153) [`f6a5c3e`](https://github.com/cloudflare/sandbox-sdk/commit/f6a5c3e1607fce5fc26f816e9206ae437898d5af) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Fix token extraction regex causing Invalid token errors
+
+## 0.4.7
+
+### Patch Changes
+
+- [#141](https://github.com/cloudflare/sandbox-sdk/pull/141) [`c39674b`](https://github.com/cloudflare/sandbox-sdk/commit/c39674b8fe2e986e59a794b6bb3a5f51a87bae89) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Fix commands hanging when reading stdin by redirecting stdin to /dev/null
+
+- [#143](https://github.com/cloudflare/sandbox-sdk/pull/143) [`276efc0`](https://github.com/cloudflare/sandbox-sdk/commit/276efc0ca8776bcc8de79e7e58dd24d9f418cc5c) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Remove unnecessary existing session check
+
+## 0.4.6
+
+### Patch Changes
+
+- [#133](https://github.com/cloudflare/sandbox-sdk/pull/133) [`da2cfb8`](https://github.com/cloudflare/sandbox-sdk/commit/da2cfb876675eb3445970c90b4d70d00288a7c74) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - feat: Add version sync detection between npm package and Docker image
+
+## 0.4.5
+
+### Patch Changes
+
+- [#127](https://github.com/cloudflare/sandbox-sdk/pull/127) [`e79ac80`](https://github.com/cloudflare/sandbox-sdk/commit/e79ac80bc855a3ec527d44cc14585794b23cb129) Thanks [@whoiskatrin](https://github.com/whoiskatrin)! - configurable sleepAfter
+
+## 0.4.4
+
+### Patch Changes
+
+- [#125](https://github.com/cloudflare/sandbox-sdk/pull/125) [`fddccfd`](https://github.com/cloudflare/sandbox-sdk/commit/fddccfdce8204ce2aa7dadc0ad9fb2acbdeaec51) Thanks [@whoiskatrin](https://github.com/whoiskatrin)! - add docker image to pkg workflow
+
+## 0.4.3
+
+### Patch Changes
+
+- [#114](https://github.com/cloudflare/sandbox-sdk/pull/114) [`8c1f440`](https://github.com/cloudflare/sandbox-sdk/commit/8c1f440ad6fd89a5c69f9ca9d055ad9b183dd1c3) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Debloat base docker image (2.63GB → 1.03GB)
+
+## 0.4.2
+
+### Patch Changes
+
+- [`e53d7e7`](https://github.com/cloudflare/sandbox-sdk/commit/e53d7e7ce185f79bdd899029bb532e9651ae7ba5) Thanks [@threepointone](https://github.com/threepointone)! - fix build by inlining repo/shared
+
+## 0.4.1
+
+### Patch Changes
+
+- [#111](https://github.com/cloudflare/sandbox-sdk/pull/111) [`1b5496b`](https://github.com/cloudflare/sandbox-sdk/commit/1b5496bfceaee53c31911b409476ea87bebffe4c) Thanks [@threepointone](https://github.com/threepointone)! - trigger a release
+
 ## 0.4.0
 
 ### Minor Changes
@@ -43,50 +189,47 @@
   Implements PID namespace isolation to protect control plane processes (Jupyter, Bun) from sandboxed code. Commands executed via `exec()` now run in isolated namespaces that cannot see or interact with system processes.
 
   **Key security improvements:**
-
   - Control plane processes are hidden from sandboxed commands
   - Platform secrets in `/proc/1/environ` are inaccessible
   - Ports 8888 (Jupyter) and 3000 (Bun) are protected from hijacking
 
   **Breaking changes:**
-
   1. **Removed `sessionId` parameter**: The `sessionId` parameter has been removed from all methods (`exec()`, `execStream()`, `startProcess()`, etc.). Each sandbox now maintains its own persistent session automatically.
 
      ```javascript
      // Before: manual session management
-     await sandbox.exec("cd /app", { sessionId: "my-session" });
+     await sandbox.exec('cd /app', { sessionId: 'my-session' });
 
      // After: automatic session per sandbox
-     await sandbox.exec("cd /app");
+     await sandbox.exec('cd /app');
      ```
 
   2. **Commands now maintain state**: Commands within the same sandbox now share state (working directory, environment variables, background processes). Previously each command was stateless.
 
      ```javascript
      // Before: each exec was independent
-     await sandbox.exec("cd /app");
-     await sandbox.exec("pwd"); // Output: /workspace
+     await sandbox.exec('cd /app');
+     await sandbox.exec('pwd'); // Output: /workspace
 
      // After: state persists in session
-     await sandbox.exec("cd /app");
-     await sandbox.exec("pwd"); // Output: /app
+     await sandbox.exec('cd /app');
+     await sandbox.exec('pwd'); // Output: /app
      ```
 
   **Migration guide:**
-
   - Remove `sessionId` from all method calls - each sandbox maintains its own session
   - If you need isolated execution contexts within the same sandbox, use `sandbox.createSession()`:
     ```javascript
     // Create independent sessions with different environments
     const buildSession = await sandbox.createSession({
-      name: "build",
-      env: { NODE_ENV: "production" },
-      cwd: "/build",
+      name: 'build',
+      env: { NODE_ENV: 'production' },
+      cwd: '/build'
     });
     const testSession = await sandbox.createSession({
-      name: "test",
-      env: { NODE_ENV: "test" },
-      cwd: "/test",
+      name: 'test',
+      env: { NODE_ENV: 'test' },
+      cwd: '/test'
     });
     ```
   - Environment variables set in one command persist to the next

package/Dockerfile

@@ -29,8 +29,9 @@ WORKDIR /app
 COPY --from=pruner /app/out/json/ .
 COPY --from=pruner /app/out/package-lock.json ./package-lock.json
 
-# Install ALL dependencies (including devDependencies for build)
-RUN npm ci
+# Install ALL dependencies with cache mount for npm packages
+RUN --mount=type=cache,target=/root/.npm \
+    CI=true npm ci
 
 # Copy pruned source code
 COPY --from=pruner /app/out/full/ .
@@ -53,81 +54,101 @@ COPY --from=builder /app/packages ./packages
 COPY --from=builder /app/tooling ./tooling
 
 # Install ONLY production dependencies (excludes typescript, @types/*, etc.)
-RUN npm ci --production
+RUN --mount=type=cache,target=/root/.npm \
+    CI=true npm ci --production
 
 # ============================================================================
-# Stage 4: Runtime - Ubuntu 22.04 with full development environment
+# Stage 4: Download pre-built Python 3.11.14
+# ============================================================================
+FROM ubuntu:22.04 AS python-builder
+
+# Prevent interactive prompts during package installation
+ENV DEBIAN_FRONTEND=noninteractive
+
+# Accept architecture from Docker BuildKit (for multi-arch builds)
+ARG TARGETARCH
+
+# Install minimal dependencies for downloading
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+    --mount=type=cache,target=/var/lib/apt,sharing=locked \
+    rm -f /etc/apt/apt.conf.d/docker-clean && \
+    echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' >/etc/apt/apt.conf.d/keep-cache && \
+    apt-get update && apt-get install -y --no-install-recommends \
+    wget ca-certificates
+
+# Download and extract pre-built Python 3.11.14 from python-build-standalone
+# Using PGO+LTO optimized builds for better performance
+# Supports multi-arch: amd64 (x86_64) and arm64 (aarch64)
+RUN --mount=type=cache,target=/tmp/python-cache \
+    # Map Docker TARGETARCH to python-build-standalone arch naming
+    if [ "$TARGETARCH" = "amd64" ]; then \
+        PYTHON_ARCH="x86_64-unknown-linux-gnu"; \
+        EXPECTED_SHA256="edd8d11aa538953d12822fab418359a692fd1ee4ca2675579fbf0fa31e3688f1"; \
+    elif [ "$TARGETARCH" = "arm64" ]; then \
+        PYTHON_ARCH="aarch64-unknown-linux-gnu"; \
+        EXPECTED_SHA256="08141d31f95d86a23f23e4c741b726de0055f12f83200d1d4867b4e8e6e967c5"; \
+    else \
+        echo "Unsupported architecture: $TARGETARCH" && exit 1; \
+    fi && \
+    cd /tmp/python-cache && \
+    wget -nc https://github.com/indygreg/python-build-standalone/releases/download/20251028/cpython-3.11.14+20251028-${PYTHON_ARCH}-install_only.tar.gz && \
+    # Verify SHA256 checksum for security
+    echo "${EXPECTED_SHA256}  cpython-3.11.14+20251028-${PYTHON_ARCH}-install_only.tar.gz" | sha256sum -c - && \
+    cd /tmp && \
+    tar -xzf /tmp/python-cache/cpython-3.11.14+20251028-${PYTHON_ARCH}-install_only.tar.gz && \
+    mv python /usr/local/ && \
+    rm -rf /tmp/cpython-*
+
+# ============================================================================
+# Stage 5: Runtime - Ubuntu 22.04 with only runtime dependencies
 # ============================================================================
 FROM ubuntu:22.04 AS runtime
 
+# Accept version as build argument (passed from npm_package_version)
+ARG SANDBOX_VERSION=unknown
+
 # Prevent interactive prompts during package installation
 ENV DEBIAN_FRONTEND=noninteractive
 
-# Install essential system packages and development tools
-RUN apt-get update && apt-get install -y \
-    # Basic utilities
-    curl \
-    wget \
-    git \
-    unzip \
-    zip \
-    file \
-    # Process management
-    procps \
-    htop \
-    # Build tools
-    build-essential \
-    pkg-config \
-    # Network tools
-    net-tools \
-    iputils-ping \
-    dnsutils \
-    # Text processing
-    jq \
-    vim \
-    nano \
-    # Python dependencies
-    python3.11 \
-    python3.11-dev \
-    python3-pip \
-    python3.11-venv \
-    # Other useful tools
-    ca-certificates \
-    gnupg \
-    lsb-release \
-    strace \
-    && rm -rf /var/lib/apt/lists/*
+# Set the sandbox version as an environment variable for version checking
+ENV SANDBOX_VERSION=${SANDBOX_VERSION}
+
+# Install runtime packages and Python runtime libraries
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+    --mount=type=cache,target=/var/lib/apt,sharing=locked \
+    rm -f /etc/apt/apt.conf.d/docker-clean && \
+    echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' >/etc/apt/apt.conf.d/keep-cache && \
+    apt-get update && apt-get install -y --no-install-recommends \
+    ca-certificates curl wget procps git unzip zip jq file \
+    libssl3 zlib1g libbz2-1.0 libreadline8 libsqlite3-0 \
+    libncursesw6 libtinfo6 libxml2 libxmlsec1 libffi8 liblzma5 libtk8.6 && \
+    update-ca-certificates
+
+# Copy pre-built Python from python-builder stage
+COPY --from=python-builder /usr/local/python /usr/local/python
+
+# Create symlinks and update shared library cache
+RUN ln -s /usr/local/python/bin/python3.11 /usr/local/bin/python3.11 && \
+    ln -s /usr/local/python/bin/python3 /usr/local/bin/python3 && \
+    ln -s /usr/local/python/bin/pip3 /usr/local/bin/pip3 && \
+    echo "/usr/local/python/lib" > /etc/ld.so.conf.d/python.conf && \
+    ldconfig
 
 # Set Python 3.11 as default python3
-RUN update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.11 1
+RUN update-alternatives --install /usr/bin/python3 python3 /usr/local/bin/python3.11 1
+
+# Install Python packages
+RUN --mount=type=cache,target=/root/.cache/pip \
+    pip3 install --no-cache-dir matplotlib numpy pandas ipython
 
-# Install Node.js 20 LTS using official NodeSource setup script
-RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
-    && apt-get install -y nodejs \
-    && rm -rf /var/lib/apt/lists/*
+# Install Node.js 20 LTS from official Node image
+COPY --from=node:20-slim /usr/local/bin/node /usr/local/bin/node
+COPY --from=node:20-slim /usr/local/lib/node_modules /usr/local/lib/node_modules
+RUN ln -s /usr/local/lib/node_modules/npm/bin/npm-cli.js /usr/local/bin/npm && \
+    ln -s /usr/local/lib/node_modules/npm/bin/npx-cli.js /usr/local/bin/npx
 
 # Install Bun runtime from official image
 COPY --from=oven/bun:1 /usr/local/bin/bun /usr/local/bin/bun
-COPY --from=oven/bun:1 /usr/local/bin/bunx /usr/local/bin/bunx
-
-# Install development tools globally
-RUN npm install -g \
-    wrangler \
-    vite \
-    opencode-ai
-
-# Install essential Python packages for code execution
-RUN pip3 install --no-cache-dir \
-    matplotlib \
-    numpy \
-    pandas \
-    ipython
-
-# Verify installations
-RUN python3 --version && \
-    node --version && \
-    npm --version && \
-    bun --version
 
 # Set up runtime container server directory
 WORKDIR /container-server
@@ -143,10 +164,9 @@ COPY --from=builder /app/packages/sandbox-container/src/runtime/executors/python
 # Includes: @repo/shared, zod, esbuild (runtime dependencies)
 COPY --from=prod-deps /app/node_modules ./node_modules
 
-# Copy workspace packages so node_modules symlinks work
-# @repo/shared and @repo/typescript-config are symlinked in node_modules
-COPY --from=prod-deps /app/packages/shared ./packages/shared
-COPY --from=prod-deps /app/tooling/typescript-config ./tooling/typescript-config
+# Copy workspace packages
+COPY --from=prod-deps /app/packages/shared/dist ./packages/shared/dist
+COPY --from=prod-deps /app/packages/shared/package.json ./packages/shared/package.json
 
 # Configure process pool sizes (can be overridden at runtime)
 ENV PYTHON_POOL_MIN_SIZE=3
@@ -157,9 +177,6 @@ ENV TYPESCRIPT_POOL_MIN_SIZE=3
 ENV TYPESCRIPT_POOL_MAX_SIZE=10
 
 # Create clean workspace directory for user code
-# Architecture:
-#   /container-server/ - SDK infrastructure (server, executors, dependencies)
-#   /workspace/ - User's clean workspace for their code
 RUN mkdir -p /workspace
 
 # Expose the application port (3000 for control)
@@ -170,4 +187,4 @@ COPY packages/sandbox/startup.sh ./
 RUN chmod +x startup.sh
 
 # Use startup script
-CMD ["./startup.sh"]
+CMD ["/container-server/startup.sh"]

package/LICENSE

@@ -0,0 +1,176 @@
+                              Apache License
+                        Version 2.0, January 2004
+                     http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+   "License" shall mean the terms and conditions for use, reproduction,
+   and distribution as defined by Sections 1 through 9 of this document.
+
+   "Licensor" shall mean the copyright owner or entity authorized by
+   the copyright owner that is granting the License.
+
+   "Legal Entity" shall mean the union of the acting entity and all
+   other entities that control, are controlled by, or are under common
+   control with that entity. For the purposes of this definition,
+   "control" means (i) the power, direct or indirect, to cause the
+   direction or management of such entity, whether by contract or
+   otherwise, or (ii) ownership of fifty percent (50%) or more of the
+   outstanding shares, or (iii) beneficial ownership of such entity.
+
+   "You" (or "Your") shall mean an individual or Legal Entity
+   exercising permissions granted by this License.
+
+   "Source" form shall mean the preferred form for making modifications,
+   including but not limited to software source code, documentation
+   source, and configuration files.
+
+   "Object" form shall mean any form resulting from mechanical
+   transformation or translation of a Source form, including but
+   not limited to compiled object code, generated documentation,
+   and conversions to other media types.
+
+   "Work" shall mean the work of authorship, whether in Source or
+   Object form, made available under the License, as indicated by a
+   copyright notice that is included in or attached to the work
+   (an example is provided in the Appendix below).
+
+   "Derivative Works" shall mean any work, whether in Source or Object
+   form, that is based on (or derived from) the Work and for which the
+   editorial revisions, annotations, elaborations, or other modifications
+   represent, as a whole, an original work of authorship. For the purposes
+   of this License, Derivative Works shall not include works that remain
+   separable from, or merely link (or bind by name) to the interfaces of,
+   the Work and Derivative Works thereof.
+
+   "Contribution" shall mean any work of authorship, including
+   the original version of the Work and any modifications or additions
+   to that Work or Derivative Works thereof, that is intentionally
+   submitted to Licensor for inclusion in the Work by the copyright owner
+   or by an individual or Legal Entity authorized to submit on behalf of
+   the copyright owner. For the purposes of this definition, "submitted"
+   means any form of electronic, verbal, or written communication sent
+   to the Licensor or its representatives, including but not limited to
+   communication on electronic mailing lists, source code control systems,
+   and issue tracking systems that are managed by, or on behalf of, the
+   Licensor for the purpose of discussing and improving the Work, but
+   excluding communication that is conspicuously marked or otherwise
+   designated in writing by the copyright owner as "Not a Contribution."
+
+   "Contributor" shall mean Licensor and any individual or Legal Entity
+   on behalf of whom a Contribution has been received by Licensor and
+   subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   copyright license to reproduce, prepare Derivative Works of,
+   publicly display, publicly perform, sublicense, and distribute the
+   Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   (except as stated in this section) patent license to make, have made,
+   use, offer to sell, sell, import, and otherwise transfer the Work,
+   where such license applies only to those patent claims licensable
+   by such Contributor that are necessarily infringed by their
+   Contribution(s) alone or by combination of their Contribution(s)
+   with the Work to which such Contribution(s) was submitted. If You
+   institute patent litigation against any entity (including a
+   cross-claim or counterclaim in a lawsuit) alleging that the Work
+   or a Contribution incorporated within the Work constitutes direct
+   or contributory patent infringement, then any patent licenses
+   granted to You under this License for that Work shall terminate
+   as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the
+   Work or Derivative Works thereof in any medium, with or without
+   modifications, and in Source or Object form, provided that You
+   meet the following conditions:
+
+   (a) You must give any other recipients of the Work or
+       Derivative Works a copy of this License; and
+
+   (b) You must cause any modified files to carry prominent notices
+       stating that You changed the files; and
+
+   (c) You must retain, in the Source form of any Derivative Works
+       that You distribute, all copyright, patent, trademark, and
+       attribution notices from the Source form of the Work,
+       excluding those notices that do not pertain to any part of
+       the Derivative Works; and
+
+   (d) If the Work includes a "NOTICE" text file as part of its
+       distribution, then any Derivative Works that You distribute must
+       include a readable copy of the attribution notices contained
+       within such NOTICE file, excluding those notices that do not
+       pertain to any part of the Derivative Works, in at least one
+       of the following places: within a NOTICE text file distributed
+       as part of the Derivative Works; within the Source form or
+       documentation, if provided along with the Derivative Works; or,
+       within a display generated by the Derivative Works, if and
+       wherever such third-party notices normally appear. The contents
+       of the NOTICE file are for informational purposes only and
+       do not modify the License. You may add Your own attribution
+       notices within Derivative Works that You distribute, alongside
+       or as an addendum to the NOTICE text from the Work, provided
+       that such additional attribution notices cannot be construed
+       as modifying the License.
+
+   You may add Your own copyright statement to Your modifications and
+   may provide additional or different license terms and conditions
+   for use, reproduction, or distribution of Your modifications, or
+   for any such Derivative Works as a whole, provided Your use,
+   reproduction, and distribution of the Work otherwise complies with
+   the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+   any Contribution intentionally submitted for inclusion in the Work
+   by You to the Licensor shall be under the terms and conditions of
+   this License, without any additional terms or conditions.
+   Notwithstanding the above, nothing herein shall supersede or modify
+   the terms of any separate license agreement you may have executed
+   with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade
+   names, trademarks, service marks, or product names of the Licensor,
+   except as required for reasonable and customary use in describing the
+   origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or
+   agreed to in writing, Licensor provides the Work (and each
+   Contributor provides its Contributions) on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied, including, without limitation, any warranties or conditions
+   of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+   PARTICULAR PURPOSE. You are solely responsible for determining the
+   appropriateness of using or redistributing the Work and assume any
+   risks associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory,
+   whether in tort (including negligence), contract, or otherwise,
+   unless required by applicable law (such as deliberate and grossly
+   negligent acts) or agreed to in writing, shall any Contributor be
+   liable to You for damages, including any direct, indirect, special,
+   incidental, or consequential damages of any character arising as a
+   result of this License or out of the use or inability to use the
+   Work (including but not limited to damages for loss of goodwill,
+   work stoppage, computer failure or malfunction, or any and all
+   other commercial damages or losses), even if such Contributor
+   has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing
+   the Work or Derivative Works thereof, You may choose to offer,
+   and charge a fee for, acceptance of support, warranty, indemnity,
+   or other liability obligations and/or rights consistent with this
+   License. However, in accepting such obligations, You may act only
+   on Your own behalf and on Your sole responsibility, not on behalf
+   of any other Contributor, and only if You agree to indemnify,
+   defend, and hold each Contributor harmless for any liability
+   incurred by, or claims asserted against, such Contributor by reason
+   of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS

package/README.md

@@ -10,8 +10,6 @@ The Sandbox SDK lets you run untrusted code safely in isolated containers. Execu
 
 Perfect for AI code execution, interactive development environments, data analysis platforms, CI/CD systems, and any application that needs secure code execution at the edge.
 
-> **Note:** The latest published version of the SDK is on the [v03 branch](https://github.com/cloudflare/sandbox-sdk/tree/v03). This main branch is currently the development version and is not yet published.
-
 ## Getting Started
 
 ### Prerequisites
@@ -118,9 +116,17 @@ export default {
 - **Preview URLs** - Expose services with public URLs
 - **Git Integration** - Clone repositories directly
 
+## Contributing
+
+We welcome contributions from the community! See [CONTRIBUTING.md](./CONTRIBUTING.md) for guidelines on:
+
+- Setting up your development environment
+- Creating pull requests
+- Code style and testing requirements
+
 ## Development
 
-This repository contains the SDK source code. To contribute:
+This repository contains the SDK source code. Quick start:
 
 ```bash
 # Clone the repo
@@ -146,7 +152,6 @@ See the [examples directory](./examples) for complete working examples:
 
 - [Minimal](./examples/minimal) - Basic sandbox setup
 - [Code Interpreter](./examples/code-interpreter) - Use sandbox as an interpreter tool with gpt-oss
-- [Complete](./examples/basic) - Huge example integrated with every sandbox feature
 
 ## Status
 
@@ -154,7 +159,7 @@ See the [examples directory](./examples) for complete working examples:
 
 ## License
 
-[MIT License](LICENSE)
+[Apache License 2.0](LICENSE)
 
 ## Links