@cloudflare/sandbox 0.0.0-dc66e8e → 0.0.0-e1fa354

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (31) hide show
  1. package/CHANGELOG.md +137 -0
  2. package/Dockerfile +48 -24
  3. package/README.md +846 -0
  4. package/container_src/bun.lock +122 -0
  5. package/container_src/circuit-breaker.ts +121 -0
  6. package/container_src/control-process.ts +784 -0
  7. package/container_src/handler/exec.ts +99 -251
  8. package/container_src/handler/file.ts +204 -642
  9. package/container_src/handler/git.ts +28 -80
  10. package/container_src/handler/process.ts +443 -515
  11. package/container_src/handler/session.ts +92 -0
  12. package/container_src/index.ts +363 -123
  13. package/container_src/isolation.ts +1038 -0
  14. package/container_src/jupyter-server.ts +579 -0
  15. package/container_src/jupyter-service.ts +461 -0
  16. package/container_src/jupyter_config.py +48 -0
  17. package/container_src/mime-processor.ts +255 -0
  18. package/container_src/package.json +9 -0
  19. package/container_src/shell-escape.ts +42 -0
  20. package/container_src/startup.sh +84 -0
  21. package/container_src/types.ts +42 -14
  22. package/package.json +5 -4
  23. package/src/client.ts +206 -235
  24. package/src/errors.ts +218 -0
  25. package/src/index.ts +59 -15
  26. package/src/interpreter-types.ts +383 -0
  27. package/src/interpreter.ts +150 -0
  28. package/src/jupyter-client.ts +349 -0
  29. package/src/sandbox.ts +502 -400
  30. package/src/types.ts +140 -24
  31. package/tsconfig.json +1 -1
package/CHANGELOG.md CHANGED
@@ -1,5 +1,142 @@
1
1
  # @cloudflare/sandbox
2
2
 
3
+ ## 0.3.0
4
+
5
+ ### Minor Changes
6
+
7
+ - [#59](https://github.com/cloudflare/sandbox-sdk/pull/59) [`b6757f7`](https://github.com/cloudflare/sandbox-sdk/commit/b6757f730c34381d5a70d513944bbf9840f598ab) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Add process isolation for sandbox commands
8
+
9
+ Implements PID namespace isolation to protect control plane processes (Jupyter, Bun) from sandboxed code. Commands executed via `exec()` now run in isolated namespaces that cannot see or interact with system processes.
10
+
11
+ **Key security improvements:**
12
+
13
+ - Control plane processes are hidden from sandboxed commands
14
+ - Platform secrets in `/proc/1/environ` are inaccessible
15
+ - Ports 8888 (Jupyter) and 3000 (Bun) are protected from hijacking
16
+
17
+ **Breaking changes:**
18
+
19
+ 1. **Removed `sessionId` parameter**: The `sessionId` parameter has been removed from all methods (`exec()`, `execStream()`, `startProcess()`, etc.). Each sandbox now maintains its own persistent session automatically.
20
+
21
+ ```javascript
22
+ // Before: manual session management
23
+ await sandbox.exec("cd /app", { sessionId: "my-session" });
24
+
25
+ // After: automatic session per sandbox
26
+ await sandbox.exec("cd /app");
27
+ ```
28
+
29
+ 2. **Commands now maintain state**: Commands within the same sandbox now share state (working directory, environment variables, background processes). Previously each command was stateless.
30
+
31
+ ```javascript
32
+ // Before: each exec was independent
33
+ await sandbox.exec("cd /app");
34
+ await sandbox.exec("pwd"); // Output: /workspace
35
+
36
+ // After: state persists in session
37
+ await sandbox.exec("cd /app");
38
+ await sandbox.exec("pwd"); // Output: /app
39
+ ```
40
+
41
+ **Migration guide:**
42
+
43
+ - Remove `sessionId` from all method calls - each sandbox maintains its own session
44
+ - If you need isolated execution contexts within the same sandbox, use `sandbox.createSession()`:
45
+ ```javascript
46
+ // Create independent sessions with different environments
47
+ const buildSession = await sandbox.createSession({
48
+ name: "build",
49
+ env: { NODE_ENV: "production" },
50
+ cwd: "/build",
51
+ });
52
+ const testSession = await sandbox.createSession({
53
+ name: "test",
54
+ env: { NODE_ENV: "test" },
55
+ cwd: "/test",
56
+ });
57
+ ```
58
+ - Environment variables set in one command persist to the next
59
+ - Background processes remain active until explicitly killed
60
+ - Requires CAP_SYS_ADMIN (available in production, falls back gracefully in dev)
61
+
62
+ ### Patch Changes
63
+
64
+ - [#62](https://github.com/cloudflare/sandbox-sdk/pull/62) [`4bedc3a`](https://github.com/cloudflare/sandbox-sdk/commit/4bedc3aba347f3d4090a6efe2c9778bac00ce74a) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Fix broken build due to bun lockfile not being used
65
+
66
+ ## 0.2.4
67
+
68
+ ### Patch Changes
69
+
70
+ - [#57](https://github.com/cloudflare/sandbox-sdk/pull/57) [`12bbd12`](https://github.com/cloudflare/sandbox-sdk/commit/12bbd1229c07ef8c1c0bf58a4235a27938155b08) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Add listFiles method
71
+
72
+ ## 0.2.3
73
+
74
+ ### Patch Changes
75
+
76
+ - [#53](https://github.com/cloudflare/sandbox-sdk/pull/53) [`c87db11`](https://github.com/cloudflare/sandbox-sdk/commit/c87db117693a86cfb667bf09fb7720d6a6e0524d) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Improve jupyterlab config to speed up startup
77
+
78
+ ## 0.2.2
79
+
80
+ ### Patch Changes
81
+
82
+ - [#51](https://github.com/cloudflare/sandbox-sdk/pull/51) [`4aceb32`](https://github.com/cloudflare/sandbox-sdk/commit/4aceb3215c836f59afcb88b2b325016b3f623f46) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Handle intermittent interpreter failures and decouple jupyter startup
83
+
84
+ ## 0.2.1
85
+
86
+ ### Patch Changes
87
+
88
+ - [#49](https://github.com/cloudflare/sandbox-sdk/pull/49) [`d81d2a5`](https://github.com/cloudflare/sandbox-sdk/commit/d81d2a563c9af8947d5444019ed4d6156db563e3) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Implement code interpreter API
89
+
90
+ ## 0.2.0
91
+
92
+ ### Minor Changes
93
+
94
+ - [#47](https://github.com/cloudflare/sandbox-sdk/pull/47) [`8a93d0c`](https://github.com/cloudflare/sandbox-sdk/commit/8a93d0cae18a25bda6506b8b0a08d9e9eb3bb290) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Change default directory to a clean /workspace
95
+
96
+ ## 0.1.4
97
+
98
+ ### Patch Changes
99
+
100
+ - [#46](https://github.com/cloudflare/sandbox-sdk/pull/46) [`7de28be`](https://github.com/cloudflare/sandbox-sdk/commit/7de28be482d9634551572d548c7c4b5842df812d) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Update README
101
+
102
+ - [#44](https://github.com/cloudflare/sandbox-sdk/pull/44) [`215ab49`](https://github.com/cloudflare/sandbox-sdk/commit/215ab494427d7e2a92bb9a25384cb493a221c200) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Update example to use env & cwd
103
+
104
+ - [#42](https://github.com/cloudflare/sandbox-sdk/pull/42) [`bb72193`](https://github.com/cloudflare/sandbox-sdk/commit/bb72193ad75695979bd1132206f481e91fe37325) Thanks [@jonasnobile](https://github.com/jonasnobile)! - Propagate `cwd` and `env` options in `executeCommand`
105
+
106
+ - [#27](https://github.com/cloudflare/sandbox-sdk/pull/27) [`fd5ec7f`](https://github.com/cloudflare/sandbox-sdk/commit/fd5ec7f34bc12b06320a89356c4af07801f52d64) Thanks [@threepointone](https://github.com/threepointone)! - remove yarn and pnpm from the image
107
+
108
+ ## 0.1.3
109
+
110
+ ### Patch Changes
111
+
112
+ - [#32](https://github.com/cloudflare/sandbox-sdk/pull/32) [`1a42464`](https://github.com/cloudflare/sandbox-sdk/commit/1a4246479369c5d0160705caf192aa1816540d52) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Bring back package README
113
+
114
+ ## 0.1.2
115
+
116
+ ### Patch Changes
117
+
118
+ - [#30](https://github.com/cloudflare/sandbox-sdk/pull/30) [`30e5c25`](https://github.com/cloudflare/sandbox-sdk/commit/30e5c25cf7d4b07f9049724206c531e2d5d29d5c) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Remove actions timeout
119
+
120
+ - [#29](https://github.com/cloudflare/sandbox-sdk/pull/29) [`d78508f`](https://github.com/cloudflare/sandbox-sdk/commit/d78508f7287a59e0423edd2999c2c83e9e34ccfd) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Create multi-platform Docker image and switch to Cloudflare official repo
121
+
122
+ ## 0.1.1
123
+
124
+ ### Patch Changes
125
+
126
+ - [`157dde9`](https://github.com/cloudflare/sandbox-sdk/commit/157dde9b1f23e9bb6f3e9c3f0514b639a8813897) Thanks [@threepointone](https://github.com/threepointone)! - update deps
127
+
128
+ - [`a04f6b6`](https://github.com/cloudflare/sandbox-sdk/commit/a04f6b6c0b2ef9e3ce0851b53769f1c10d8c6de6) Thanks [@threepointone](https://github.com/threepointone)! - trigger a build with updated deps
129
+
130
+ ## 0.1.0
131
+
132
+ ### Minor Changes
133
+
134
+ - [#24](https://github.com/cloudflare/sandbox-sdk/pull/24) [`cecde0a`](https://github.com/cloudflare/sandbox-sdk/commit/cecde0a7530a87deffd8562fb8b01d66ee80ee19) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Redesign command execution API
135
+
136
+ ### Patch Changes
137
+
138
+ - [#22](https://github.com/cloudflare/sandbox-sdk/pull/22) [`f5fcd52`](https://github.com/cloudflare/sandbox-sdk/commit/f5fcd52025d1f7958a374e69d75e3fc590275f3f) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Allow setting env variables dynamically and remove command restrictions
139
+
3
140
  ## 0.0.9
4
141
 
5
142
  ### Patch Changes
package/Dockerfile CHANGED
@@ -1,4 +1,5 @@
1
1
  # Sandbox base image with development tools, Python, Node.js, and Bun
2
+ FROM oven/bun:latest AS bun-source
2
3
  FROM ubuntu:22.04
3
4
 
4
5
  # Prevent interactive prompts during package installation
@@ -30,51 +31,74 @@ RUN apt-get update && apt-get install -y \
30
31
  python3.11 \
31
32
  python3.11-dev \
32
33
  python3-pip \
34
+ python3.11-venv \
33
35
  # Other useful tools
34
- sudo \
35
36
  ca-certificates \
36
37
  gnupg \
37
38
  lsb-release \
39
+ strace \
38
40
  && rm -rf /var/lib/apt/lists/*
39
41
 
40
42
  # Set Python 3.11 as default python3
41
43
  RUN update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.11 1
42
44
 
43
- # Install Node.js 22 LTS
44
- # Using the official NodeSource repository setup script
45
- RUN apt-get update && apt-get install -y ca-certificates curl gnupg \
46
- && mkdir -p /etc/apt/keyrings \
47
- && curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \
48
- && echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_22.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list \
49
- && apt-get update \
45
+ # Install Node.js 20 LTS using official NodeSource setup script
46
+ RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
50
47
  && apt-get install -y nodejs \
51
48
  && rm -rf /var/lib/apt/lists/*
52
49
 
53
- # Install Bun using the official installation script
54
- RUN curl -fsSL https://bun.sh/install | bash \
55
- && mv /root/.bun/bin/bun /usr/local/bin/bun \
56
- && mv /root/.bun/bin/bunx /usr/local/bin/bunx \
57
- && rm -rf /root/.bun
50
+ # Install Bun from official image (avoids architecture compatibility issues)
51
+ COPY --from=bun-source /usr/local/bin/bun /usr/local/bin/bun
52
+ COPY --from=bun-source /usr/local/bin/bunx /usr/local/bin/bunx
58
53
 
59
- # Install global npm packages as root
60
- RUN npm install -g yarn pnpm
54
+ # Install minimal Jupyter components
55
+ RUN pip3 install --no-cache-dir \
56
+ jupyter-server \
57
+ jupyter-client \
58
+ ipykernel \
59
+ orjson \
60
+ && python3 -m ipykernel install --user --name python3
61
61
 
62
- # Set up working directory
63
- WORKDIR /app
62
+ # Install scientific packages
63
+ RUN pip3 install --no-cache-dir \
64
+ matplotlib \
65
+ numpy \
66
+ pandas \
67
+ seaborn
68
+
69
+ # Install JavaScript kernel (ijavascript) - using E2B's fork
70
+ RUN npm install -g git+https://github.com/e2b-dev/ijavascript.git \
71
+ && ijsinstall --install=global
72
+
73
+ # Set up container server directory
74
+ WORKDIR /container-server
64
75
 
65
76
  # Verify installations
66
77
  RUN python3 --version && \
67
78
  node --version && \
68
79
  npm --version && \
69
80
  bun --version && \
70
- yarn --version && \
71
- pnpm --version
81
+ jupyter --version && \
82
+ jupyter kernelspec list
83
+
84
+ # Copy container source files to server directory
85
+ COPY container_src/package.json container_src/bun.lock ./
86
+ RUN bun install --frozen-lockfile
72
87
 
73
- # Copy container source files
74
88
  COPY container_src/ ./
75
89
 
76
- # Expose the application port
77
- EXPOSE 3000
90
+ # Compile TypeScript control process
91
+ # Use npx -p typescript to ensure we get the right tsc command
92
+ RUN npx -p typescript tsc control-process.ts --outDir . --module commonjs --target es2020 --esModuleInterop --skipLibCheck
93
+
94
+ # Create clean workspace directory for users
95
+ RUN mkdir -p /workspace
96
+
97
+ # Expose the application port (3000 for control, 8888 for Jupyter)
98
+ EXPOSE 3000 8888
99
+
100
+ # Make startup script executable
101
+ RUN chmod +x startup.sh
78
102
 
79
- # Run the application
80
- CMD ["bun", "index.ts"]
103
+ # Use startup script
104
+ CMD ["./startup.sh"]