@cloudflare/sandbox 0.0.0-fddccfd → 0.0.0-ff2fa91

package/src/errors/index.ts

@@ -39,11 +39,13 @@
  */
 
 // Re-export context types for advanced usage
-export type { 
+export type {
   CodeExecutionContext,
   CommandErrorContext,
   CommandNotFoundContext,
-  ContextNotFoundContext,ErrorCodeType, ErrorResponse, 
+  ContextNotFoundContext,
+  ErrorCodeType,
+  ErrorResponse,
   FileExistsContext,
   FileNotFoundContext,
   FileSystemContext,
@@ -53,13 +55,15 @@ export type {
   GitRepositoryNotFoundContext,
   InternalErrorContext,
   InterpreterNotReadyContext,
-  InvalidPortContext,OperationType, 
+  InvalidPortContext,
+  OperationType,
   PortAlreadyExposedContext,
   PortErrorContext,
   PortNotExposedContext,
   ProcessErrorContext,
   ProcessNotFoundContext,
-  ValidationFailedContext,} from '@repo/shared/errors';
+  ValidationFailedContext
+} from '@repo/shared/errors';
 // Re-export shared types and constants
 export { ErrorCode, Operation } from '@repo/shared/errors';
 
@@ -101,5 +105,5 @@ export {
   SandboxError,
   ServiceNotRespondingError,
   // Validation Errors
-  ValidationFailedError,
+  ValidationFailedError
 } from './classes';

package/src/file-stream.ts

@@ -3,7 +3,9 @@ import type { FileChunk, FileMetadata, FileStreamEvent } from '@repo/shared';
 /**
  * Parse SSE (Server-Sent Events) lines from a stream
  */
-async function* parseSSE(stream: ReadableStream<Uint8Array>): AsyncGenerator<FileStreamEvent> {
+async function* parseSSE(
+  stream: ReadableStream<Uint8Array>
+): AsyncGenerator<FileStreamEvent> {
   const reader = stream.getReader();
   const decoder = new TextDecoder();
   let buffer = '';
@@ -59,7 +61,9 @@ async function* parseSSE(stream: ReadableStream<Uint8Array>): AsyncGenerator<Fil
  * }
  * ```
  */
-export async function* streamFile(stream: ReadableStream<Uint8Array>): AsyncGenerator<FileChunk, FileMetadata> {
+export async function* streamFile(
+  stream: ReadableStream<Uint8Array>
+): AsyncGenerator<FileChunk, FileMetadata> {
   let metadata: FileMetadata | null = null;
 
   for await (const event of parseSSE(stream)) {
@@ -69,7 +73,7 @@ export async function* streamFile(stream: ReadableStream<Uint8Array>): AsyncGene
           mimeType: event.mimeType,
           size: event.size,
           isBinary: event.isBinary,
-          encoding: event.encoding,
+          encoding: event.encoding
         };
         break;
 
@@ -144,8 +148,9 @@ export async function collectFile(stream: ReadableStream<Uint8Array>): Promise<{
   // Combine chunks based on type
   if (metadata.isBinary) {
     // Binary file - combine Uint8Arrays
-    const totalLength = chunks.reduce((sum, chunk) =>
-      sum + (chunk instanceof Uint8Array ? chunk.length : 0), 0
+    const totalLength = chunks.reduce(
+      (sum, chunk) => sum + (chunk instanceof Uint8Array ? chunk.length : 0),
+      0
     );
     const combined = new Uint8Array(totalLength);
     let offset = 0;
@@ -158,7 +163,7 @@ export async function collectFile(stream: ReadableStream<Uint8Array>): Promise<{
     return { content: combined, metadata };
   } else {
     // Text file - combine strings
-    const combined = chunks.filter(c => typeof c === 'string').join('');
+    const combined = chunks.filter((c) => typeof c === 'string').join('');
     return { content: combined, metadata };
   }
 }

package/src/index.ts

@@ -1,6 +1,5 @@
 // Export the main Sandbox class and utilities
 
-
 // Export the new client architecture
 export {
   CommandClient,
@@ -10,8 +9,8 @@ export {
   ProcessClient,
   SandboxClient,
   UtilityClient
-} from "./clients";
-export { getSandbox, Sandbox } from "./sandbox";
+} from './clients';
+export { getSandbox, Sandbox } from './sandbox';
 
 // Legacy types are now imported from the new client architecture
 
@@ -20,21 +19,20 @@ export type {
   BaseExecOptions,
   ExecEvent,
   ExecOptions,
-  ExecResult,FileChunk, FileMetadata, FileStreamEvent, 
+  ExecResult,
+  FileChunk,
+  FileMetadata,
+  FileStreamEvent,
   ISandbox,
   LogEvent,
   Process,
   ProcessOptions,
   ProcessStatus,
-  StreamOptions 
-} from "@repo/shared";
+  StreamOptions
+} from '@repo/shared';
 export * from '@repo/shared';
 // Export type guards for runtime validation
-export {
-  isExecResult,
-  isProcess,
-  isProcessStatus
-} from "@repo/shared";
+export { isExecResult, isProcess, isProcessStatus } from '@repo/shared';
 // Export all client types from new architecture
 export type {
   BaseApiResponse,
@@ -79,15 +77,24 @@ export type {
   StartProcessRequest,
   UnexposePortRequest,
   WriteFileRequest
-} from "./clients";
-export type { ExecutionCallbacks, InterpreterClient } from './clients/interpreter-client.js';
+} from './clients';
+export type {
+  ExecutionCallbacks,
+  InterpreterClient
+} from './clients/interpreter-client.js';
 // Export file streaming utilities for binary file support
 export { collectFile, streamFile } from './file-stream';
 // Export interpreter functionality
 export { CodeInterpreter } from './interpreter.js';
 // Re-export request handler utilities
 export {
-  proxyToSandbox, type RouteInfo, type SandboxEnv
+  proxyToSandbox,
+  type RouteInfo,
+  type SandboxEnv
 } from './request-handler';
 // Export SSE parser for converting ReadableStream to AsyncIterable
-export { asyncIterableToSSEStream, parseSSEStream, responseToAsyncIterable } from "./sse-parser";
+export {
+  asyncIterableToSSEStream,
+  parseSSEStream,
+  responseToAsyncIterable
+} from './sse-parser';

package/src/interpreter.ts

@@ -6,11 +6,11 @@ import {
   type OutputMessage,
   type Result,
   ResultImpl,
-  type RunCodeOptions,
-} from "@repo/shared";
-import type { InterpreterClient } from "./clients/interpreter-client.js";
-import type { Sandbox } from "./sandbox.js";
-import { validateLanguage } from "./security.js";
+  type RunCodeOptions
+} from '@repo/shared';
+import type { InterpreterClient } from './clients/interpreter-client.js';
+import type { Sandbox } from './sandbox.js';
+import { validateLanguage } from './security.js';
 
 export class CodeInterpreter {
   private interpreterClient: InterpreterClient;
@@ -18,7 +18,8 @@ export class CodeInterpreter {
 
   constructor(sandbox: Sandbox) {
     // In init-testing architecture, client is a SandboxClient with an interpreter property
-    this.interpreterClient = (sandbox.client as any).interpreter as InterpreterClient;
+    this.interpreterClient = (sandbox.client as any)
+      .interpreter as InterpreterClient;
   }
 
   /**
@@ -46,7 +47,7 @@ export class CodeInterpreter {
     let context = options.context;
     if (!context) {
       // Try to find or create a default context for the language
-      const language = options.language || "python";
+      const language = options.language || 'python';
       context = await this.getOrCreateDefaultContext(language);
     }
 
@@ -54,24 +55,29 @@ export class CodeInterpreter {
     const execution = new Execution(code, context);
 
     // Stream execution
-    await this.interpreterClient.runCodeStream(context.id, code, options.language, {
-      onStdout: (output: OutputMessage) => {
-        execution.logs.stdout.push(output.text);
-        if (options.onStdout) return options.onStdout(output);
-      },
-      onStderr: (output: OutputMessage) => {
-        execution.logs.stderr.push(output.text);
-        if (options.onStderr) return options.onStderr(output);
-      },
-      onResult: async (result: Result) => {
-        execution.results.push(new ResultImpl(result) as any);
-        if (options.onResult) return options.onResult(result);
-      },
-      onError: (error: ExecutionError) => {
-        execution.error = error;
-        if (options.onError) return options.onError(error);
-      },
-    });
+    await this.interpreterClient.runCodeStream(
+      context.id,
+      code,
+      options.language,
+      {
+        onStdout: (output: OutputMessage) => {
+          execution.logs.stdout.push(output.text);
+          if (options.onStdout) return options.onStdout(output);
+        },
+        onStderr: (output: OutputMessage) => {
+          execution.logs.stderr.push(output.text);
+          if (options.onStderr) return options.onStderr(output);
+        },
+        onResult: async (result: Result) => {
+          execution.results.push(new ResultImpl(result) as any);
+          if (options.onResult) return options.onResult(result);
+        },
+        onError: (error: ExecutionError) => {
+          execution.error = error;
+          if (options.onError) return options.onError(error);
+        }
+      }
+    );
 
     return execution;
   }
@@ -86,36 +92,39 @@ export class CodeInterpreter {
     // Get or create context
     let context = options.context;
     if (!context) {
-      const language = options.language || "python";
+      const language = options.language || 'python';
       context = await this.getOrCreateDefaultContext(language);
     }
 
     // Create streaming response
     // Note: doFetch is protected but we need direct access for raw stream response
-    const response = await (this.interpreterClient as any).doFetch("/api/execute/code", {
-      method: "POST",
-      headers: {
-        "Content-Type": "application/json",
-        Accept: "text/event-stream",
-      },
-      body: JSON.stringify({
-        context_id: context.id,
-        code,
-        language: options.language,
-      }),
-    });
+    const response = await (this.interpreterClient as any).doFetch(
+      '/api/execute/code',
+      {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          Accept: 'text/event-stream'
+        },
+        body: JSON.stringify({
+          context_id: context.id,
+          code,
+          language: options.language
+        })
+      }
+    );
 
     if (!response.ok) {
       const errorData = (await response
         .json()
-        .catch(() => ({ error: "Unknown error" }))) as { error?: string };
+        .catch(() => ({ error: 'Unknown error' }))) as { error?: string };
       throw new Error(
         errorData.error || `Failed to execute code: ${response.status}`
       );
     }
 
     if (!response.body) {
-      throw new Error("No response body for streaming execution");
+      throw new Error('No response body for streaming execution');
     }
 
     return response.body;
@@ -144,7 +153,7 @@ export class CodeInterpreter {
   }
 
   private async getOrCreateDefaultContext(
-    language: "python" | "javascript" | "typescript"
+    language: 'python' | 'javascript' | 'typescript'
   ): Promise<CodeContext> {
     // Check if we have a cached context for this language
     for (const context of this.contexts.values()) {

package/src/request-handler.ts

@@ -1,9 +1,7 @@
-import { createLogger, type LogContext, TraceContext } from "@repo/shared";
-import { getSandbox, type Sandbox } from "./sandbox";
-import {
-  sanitizeSandboxId,
-  validatePort
-} from "./security";
+import { switchPort } from '@cloudflare/containers';
+import { createLogger, type LogContext, TraceContext } from '@repo/shared';
+import { getSandbox, type Sandbox } from './sandbox';
+import { sanitizeSandboxId, validatePort } from './security';
 
 export interface SandboxEnv {
   Sandbox: DurableObjectNamespace<Sandbox>;
@@ -21,7 +19,8 @@ export async function proxyToSandbox<E extends SandboxEnv>(
   env: E
 ): Promise<Response | null> {
   // Create logger context for this request
-  const traceId = TraceContext.fromHeaders(request.headers) || TraceContext.generate();
+  const traceId =
+    TraceContext.fromHeaders(request.headers) || TraceContext.generate();
   const logger = createLogger({
     component: 'sandbox-do',
     traceId,
@@ -70,6 +69,14 @@ export async function proxyToSandbox<E extends SandboxEnv>(
       }
     }
 
+    // Detect WebSocket upgrade request
+    const upgradeHeader = request.headers.get('Upgrade');
+    if (upgradeHeader?.toLowerCase() === 'websocket') {
+      // WebSocket path: Must use fetch() not containerFetch()
+      // This bypasses JSRPC serialization boundary which cannot handle WebSocket upgrades
+      return await sandbox.fetch(switchPort(request, port));
+    }
+
     // Build proxy request with proper headers
     let proxyUrl: string;
 
@@ -89,23 +96,29 @@ export async function proxyToSandbox<E extends SandboxEnv>(
         'X-Original-URL': request.url,
         'X-Forwarded-Host': url.hostname,
         'X-Forwarded-Proto': url.protocol.replace(':', ''),
-        'X-Sandbox-Name': sandboxId, // Pass the friendly name
+        'X-Sandbox-Name': sandboxId // Pass the friendly name
       },
       body: request.body,
       // @ts-expect-error - duplex required for body streaming in modern runtimes
-      duplex: 'half',
+      duplex: 'half'
     });
 
-    return sandbox.containerFetch(proxyRequest, port);
+    return await sandbox.containerFetch(proxyRequest, port);
   } catch (error) {
-    logger.error('Proxy routing error', error instanceof Error ? error : new Error(String(error)));
+    logger.error(
+      'Proxy routing error',
+      error instanceof Error ? error : new Error(String(error))
+    );
     return new Response('Proxy routing error', { status: 500 });
   }
 }
 
 function extractSandboxRoute(url: URL): RouteInfo | null {
   // Parse subdomain pattern: port-sandboxId-token.domain (tokens mandatory)
-  const subdomainMatch = url.hostname.match(/^(\d{4,5})-([^.-][^.]*[^.-]|[^.-])-([a-zA-Z0-9_-]{12,20})\.(.+)$/);
+  // Token is always exactly 16 chars (generated by generatePortToken)
+  const subdomainMatch = url.hostname.match(
+    /^(\d{4,5})-([^.-][^.]*?[^.-]|[^.-])-([a-z0-9_-]{16})\.(.+)$/
+  );
 
   if (!subdomainMatch) {
     return null;
@@ -136,8 +149,8 @@ function extractSandboxRoute(url: URL): RouteInfo | null {
   return {
     port,
     sandboxId: sanitizedSandboxId,
-    path: url.pathname || "/",
-    token,
+    path: url.pathname || '/',
+    token
   };
 }
 
@@ -153,18 +166,18 @@ export function isLocalhostPattern(hostname: string): boolean {
       return hostname === '[::1]';
     }
   }
-  
+
   // Handle bare IPv6 without brackets
   if (hostname === '::1') {
     return true;
   }
-  
+
   // For IPv4 and regular hostnames, split on colon to remove port
-  const hostPart = hostname.split(":")[0];
-  
+  const hostPart = hostname.split(':')[0];
+
   return (
-    hostPart === "localhost" ||
-    hostPart === "127.0.0.1" ||
-    hostPart === "0.0.0.0"
+    hostPart === 'localhost' ||
+    hostPart === '127.0.0.1' ||
+    hostPart === '0.0.0.0'
   );
 }