@cloudflare/sandbox 0.4.1 → 0.4.3

package/.turbo/turbo-build.log

@@ -1,5 +1,5 @@
 
-> @cloudflare/sandbox@0.4.1 build
+> @cloudflare/sandbox@0.4.3 build
 > rm -rf dist && tsup src/*.ts --outDir dist --dts --sourcemap --format esm
 
 CLI Building entry: src/file-stream.ts, src/index.ts, src/interpreter.ts, src/request-handler.ts, src/sandbox.ts, src/security.ts, src/sse-parser.ts
@@ -8,32 +8,32 @@
 CLI Target: es2022
 ESM Build start
 ESM dist/file-stream.js         146.00 B
-ESM dist/index.js               946.00 B
+ESM dist/index.js               1.10 KB
 ESM dist/chunk-BFVUNTP4.js      2.76 KB
 ESM dist/interpreter.js         156.00 B
 ESM dist/request-handler.js     262.00 B
 ESM dist/sandbox.js             224.00 B
-ESM dist/chunk-HGF554LH.js      67.41 KB
-ESM dist/chunk-BCJ7SF3Q.js      3.26 KB
+ESM dist/chunk-EXQOIRZI.js      71.23 KB
+ESM dist/chunk-JXZMAU2C.js      14.43 KB
 ESM dist/security.js            233.00 B
 ESM dist/chunk-Z532A7QC.js      1.75 KB
 ESM dist/sse-parser.js          233.00 B
 ESM dist/chunk-EKSWCBCA.js      2.28 KB
 ESM dist/file-stream.js.map     71.00 B
-ESM dist/index.js.map           2.45 KB
+ESM dist/index.js.map           71.00 B
 ESM dist/chunk-BFVUNTP4.js.map  6.71 KB
 ESM dist/interpreter.js.map     71.00 B
 ESM dist/request-handler.js.map 71.00 B
 ESM dist/sandbox.js.map         71.00 B
-ESM dist/chunk-HGF554LH.js.map  142.71 KB
-ESM dist/chunk-BCJ7SF3Q.js.map  6.88 KB
+ESM dist/chunk-EXQOIRZI.js.map  146.89 KB
+ESM dist/chunk-JXZMAU2C.js.map  33.44 KB
 ESM dist/security.js.map        71.00 B
 ESM dist/chunk-Z532A7QC.js.map  3.96 KB
 ESM dist/sse-parser.js.map      71.00 B
 ESM dist/chunk-EKSWCBCA.js.map  5.61 KB
-ESM ⚡️ Build success in 96ms
+ESM ⚡️ Build success in 154ms
 DTS Build start
-DTS ⚡️ Build success in 2620ms
+DTS ⚡️ Build success in 2714ms
 DTS dist/index.d.ts            1.46 KB
 DTS dist/file-stream.d.ts      1.34 KB
 DTS dist/interpreter.d.ts      1007.00 B

package/CHANGELOG.md

@@ -1,5 +1,17 @@
 # @cloudflare/sandbox
 
+## 0.4.3
+
+### Patch Changes
+
+- [#114](https://github.com/cloudflare/sandbox-sdk/pull/114) [`8c1f440`](https://github.com/cloudflare/sandbox-sdk/commit/8c1f440ad6fd89a5c69f9ca9d055ad9b183dd1c3) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Debloat base docker image (2.63GB → 1.03GB)
+
+## 0.4.2
+
+### Patch Changes
+
+- [`e53d7e7`](https://github.com/cloudflare/sandbox-sdk/commit/e53d7e7ce185f79bdd899029bb532e9651ae7ba5) Thanks [@threepointone](https://github.com/threepointone)! - fix build by inlining repo/shared
+
 ## 0.4.1
 
 ### Patch Changes

package/Dockerfile

@@ -56,46 +56,27 @@ COPY --from=builder /app/tooling ./tooling
 RUN npm ci --production
 
 # ============================================================================
-# Stage 4: Runtime - Ubuntu 22.04 with full development environment
+# Stage 4: Runtime - Ubuntu 22.04 with only runtime dependencies
 # ============================================================================
 FROM ubuntu:22.04 AS runtime
 
 # Prevent interactive prompts during package installation
 ENV DEBIAN_FRONTEND=noninteractive
 
-# Install essential system packages and development tools
-RUN apt-get update && apt-get install -y \
-    # Basic utilities
+# Install essential runtime packages
+RUN apt-get update && apt-get install -y --no-install-recommends \
     curl \
     wget \
+    ca-certificates \
+    python3.11 \
+    python3-pip \
+    python3.11-venv \
+    procps \
     git \
     unzip \
     zip \
-    file \
-    # Process management
-    procps \
-    htop \
-    # Build tools
-    build-essential \
-    pkg-config \
-    # Network tools
-    net-tools \
-    iputils-ping \
-    dnsutils \
-    # Text processing
     jq \
-    vim \
-    nano \
-    # Python dependencies
-    python3.11 \
-    python3.11-dev \
-    python3-pip \
-    python3.11-venv \
-    # Other useful tools
-    ca-certificates \
-    gnupg \
-    lsb-release \
-    strace \
+    file \
     && rm -rf /var/lib/apt/lists/*
 
 # Set Python 3.11 as default python3
@@ -108,13 +89,6 @@ RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
 
 # Install Bun runtime from official image
 COPY --from=oven/bun:1 /usr/local/bin/bun /usr/local/bin/bun
-COPY --from=oven/bun:1 /usr/local/bin/bunx /usr/local/bin/bunx
-
-# Install development tools globally
-RUN npm install -g \
-    wrangler \
-    vite \
-    opencode-ai
 
 # Install essential Python packages for code execution
 RUN pip3 install --no-cache-dir \
@@ -123,12 +97,6 @@ RUN pip3 install --no-cache-dir \
     pandas \
     ipython
 
-# Verify installations
-RUN python3 --version && \
-    node --version && \
-    npm --version && \
-    bun --version
-
 # Set up runtime container server directory
 WORKDIR /container-server
 
@@ -143,10 +111,9 @@ COPY --from=builder /app/packages/sandbox-container/src/runtime/executors/python
 # Includes: @repo/shared, zod, esbuild (runtime dependencies)
 COPY --from=prod-deps /app/node_modules ./node_modules
 
-# Copy workspace packages so node_modules symlinks work
-# @repo/shared and @repo/typescript-config are symlinked in node_modules
-COPY --from=prod-deps /app/packages/shared ./packages/shared
-COPY --from=prod-deps /app/tooling/typescript-config ./tooling/typescript-config
+# Copy workspace packages
+COPY --from=prod-deps /app/packages/shared/dist ./packages/shared/dist
+COPY --from=prod-deps /app/packages/shared/package.json ./packages/shared/package.json
 
 # Configure process pool sizes (can be overridden at runtime)
 ENV PYTHON_POOL_MIN_SIZE=3
@@ -157,9 +124,6 @@ ENV TYPESCRIPT_POOL_MIN_SIZE=3
 ENV TYPESCRIPT_POOL_MAX_SIZE=10
 
 # Create clean workspace directory for user code
-# Architecture:
-#   /container-server/ - SDK infrastructure (server, executors, dependencies)
-#   /workspace/ - User's clean workspace for their code
 RUN mkdir -p /workspace
 
 # Expose the application port (3000 for control)

package/dist/{chunk-HGF554LH.js → chunk-EXQOIRZI.js}

@@ -1,6 +1,11 @@
 import {
-  CodeInterpreter
-} from "./chunk-BCJ7SF3Q.js";
+  CodeInterpreter,
+  ResultImpl,
+  TraceContext,
+  createLogger,
+  createNoOpLogger,
+  runWithLogger
+} from "./chunk-JXZMAU2C.js";
 import {
   SecurityError,
   sanitizeSandboxId,
@@ -10,21 +15,135 @@ import {
   parseSSEStream
 } from "./chunk-EKSWCBCA.js";
 
-// src/request-handler.ts
-import { createLogger as createLogger2, TraceContext as TraceContext2 } from "@repo/shared";
-
 // src/sandbox.ts
 import { Container, getContainer } from "@cloudflare/containers";
-import { createLogger, runWithLogger, TraceContext } from "@repo/shared";
-
-// src/clients/base-client.ts
-import { createNoOpLogger } from "@repo/shared";
 
-// src/errors/index.ts
-import { ErrorCode as ErrorCode2, Operation } from "@repo/shared/errors";
+// ../shared/dist/errors/codes.js
+var ErrorCode = {
+  // File System Errors (404)
+  FILE_NOT_FOUND: "FILE_NOT_FOUND",
+  // Permission Errors (403)
+  PERMISSION_DENIED: "PERMISSION_DENIED",
+  // File System Errors (409)
+  FILE_EXISTS: "FILE_EXISTS",
+  // File System Errors (400)
+  IS_DIRECTORY: "IS_DIRECTORY",
+  NOT_DIRECTORY: "NOT_DIRECTORY",
+  // File System Errors (500)
+  NO_SPACE: "NO_SPACE",
+  TOO_MANY_FILES: "TOO_MANY_FILES",
+  RESOURCE_BUSY: "RESOURCE_BUSY",
+  READ_ONLY: "READ_ONLY",
+  NAME_TOO_LONG: "NAME_TOO_LONG",
+  TOO_MANY_LINKS: "TOO_MANY_LINKS",
+  FILESYSTEM_ERROR: "FILESYSTEM_ERROR",
+  // Command Errors (404)
+  COMMAND_NOT_FOUND: "COMMAND_NOT_FOUND",
+  // Command Errors (403/400)
+  COMMAND_PERMISSION_DENIED: "COMMAND_PERMISSION_DENIED",
+  INVALID_COMMAND: "INVALID_COMMAND",
+  // Command Errors (500)
+  COMMAND_EXECUTION_ERROR: "COMMAND_EXECUTION_ERROR",
+  STREAM_START_ERROR: "STREAM_START_ERROR",
+  // Process Errors (404)
+  PROCESS_NOT_FOUND: "PROCESS_NOT_FOUND",
+  // Process Errors (403/500)
+  PROCESS_PERMISSION_DENIED: "PROCESS_PERMISSION_DENIED",
+  PROCESS_ERROR: "PROCESS_ERROR",
+  // Port Errors (409)
+  PORT_ALREADY_EXPOSED: "PORT_ALREADY_EXPOSED",
+  PORT_IN_USE: "PORT_IN_USE",
+  // Port Errors (404)
+  PORT_NOT_EXPOSED: "PORT_NOT_EXPOSED",
+  // Port Errors (400)
+  INVALID_PORT_NUMBER: "INVALID_PORT_NUMBER",
+  INVALID_PORT: "INVALID_PORT",
+  // Port Errors (502/500)
+  SERVICE_NOT_RESPONDING: "SERVICE_NOT_RESPONDING",
+  PORT_OPERATION_ERROR: "PORT_OPERATION_ERROR",
+  // Port Errors (400)
+  CUSTOM_DOMAIN_REQUIRED: "CUSTOM_DOMAIN_REQUIRED",
+  // Git Errors (404)
+  GIT_REPOSITORY_NOT_FOUND: "GIT_REPOSITORY_NOT_FOUND",
+  GIT_BRANCH_NOT_FOUND: "GIT_BRANCH_NOT_FOUND",
+  // Git Errors (401)
+  GIT_AUTH_FAILED: "GIT_AUTH_FAILED",
+  // Git Errors (502)
+  GIT_NETWORK_ERROR: "GIT_NETWORK_ERROR",
+  // Git Errors (400)
+  INVALID_GIT_URL: "INVALID_GIT_URL",
+  // Git Errors (500)
+  GIT_CLONE_FAILED: "GIT_CLONE_FAILED",
+  GIT_CHECKOUT_FAILED: "GIT_CHECKOUT_FAILED",
+  GIT_OPERATION_FAILED: "GIT_OPERATION_FAILED",
+  // Code Interpreter Errors (503)
+  INTERPRETER_NOT_READY: "INTERPRETER_NOT_READY",
+  // Code Interpreter Errors (404)
+  CONTEXT_NOT_FOUND: "CONTEXT_NOT_FOUND",
+  // Code Interpreter Errors (500)
+  CODE_EXECUTION_ERROR: "CODE_EXECUTION_ERROR",
+  // Validation Errors (400)
+  VALIDATION_FAILED: "VALIDATION_FAILED",
+  // Generic Errors (400/500)
+  INVALID_JSON_RESPONSE: "INVALID_JSON_RESPONSE",
+  UNKNOWN_ERROR: "UNKNOWN_ERROR",
+  INTERNAL_ERROR: "INTERNAL_ERROR"
+};
 
-// src/errors/adapter.ts
-import { ErrorCode } from "@repo/shared/errors";
+// ../shared/dist/errors/status-map.js
+var ERROR_STATUS_MAP = {
+  // 404 Not Found
+  [ErrorCode.FILE_NOT_FOUND]: 404,
+  [ErrorCode.COMMAND_NOT_FOUND]: 404,
+  [ErrorCode.PROCESS_NOT_FOUND]: 404,
+  [ErrorCode.PORT_NOT_EXPOSED]: 404,
+  [ErrorCode.GIT_REPOSITORY_NOT_FOUND]: 404,
+  [ErrorCode.GIT_BRANCH_NOT_FOUND]: 404,
+  [ErrorCode.CONTEXT_NOT_FOUND]: 404,
+  // 400 Bad Request
+  [ErrorCode.IS_DIRECTORY]: 400,
+  [ErrorCode.NOT_DIRECTORY]: 400,
+  [ErrorCode.INVALID_COMMAND]: 400,
+  [ErrorCode.INVALID_PORT_NUMBER]: 400,
+  [ErrorCode.INVALID_PORT]: 400,
+  [ErrorCode.INVALID_GIT_URL]: 400,
+  [ErrorCode.CUSTOM_DOMAIN_REQUIRED]: 400,
+  [ErrorCode.INVALID_JSON_RESPONSE]: 400,
+  [ErrorCode.NAME_TOO_LONG]: 400,
+  [ErrorCode.VALIDATION_FAILED]: 400,
+  // 401 Unauthorized
+  [ErrorCode.GIT_AUTH_FAILED]: 401,
+  // 403 Forbidden
+  [ErrorCode.PERMISSION_DENIED]: 403,
+  [ErrorCode.COMMAND_PERMISSION_DENIED]: 403,
+  [ErrorCode.PROCESS_PERMISSION_DENIED]: 403,
+  [ErrorCode.READ_ONLY]: 403,
+  // 409 Conflict
+  [ErrorCode.FILE_EXISTS]: 409,
+  [ErrorCode.PORT_ALREADY_EXPOSED]: 409,
+  [ErrorCode.PORT_IN_USE]: 409,
+  [ErrorCode.RESOURCE_BUSY]: 409,
+  // 502 Bad Gateway
+  [ErrorCode.SERVICE_NOT_RESPONDING]: 502,
+  [ErrorCode.GIT_NETWORK_ERROR]: 502,
+  // 503 Service Unavailable
+  [ErrorCode.INTERPRETER_NOT_READY]: 503,
+  // 500 Internal Server Error
+  [ErrorCode.NO_SPACE]: 500,
+  [ErrorCode.TOO_MANY_FILES]: 500,
+  [ErrorCode.TOO_MANY_LINKS]: 500,
+  [ErrorCode.FILESYSTEM_ERROR]: 500,
+  [ErrorCode.COMMAND_EXECUTION_ERROR]: 500,
+  [ErrorCode.STREAM_START_ERROR]: 500,
+  [ErrorCode.PROCESS_ERROR]: 500,
+  [ErrorCode.PORT_OPERATION_ERROR]: 500,
+  [ErrorCode.GIT_CLONE_FAILED]: 500,
+  [ErrorCode.GIT_CHECKOUT_FAILED]: 500,
+  [ErrorCode.GIT_OPERATION_FAILED]: 500,
+  [ErrorCode.CODE_EXECUTION_ERROR]: 500,
+  [ErrorCode.UNKNOWN_ERROR]: 500,
+  [ErrorCode.INTERNAL_ERROR]: 500
+};
 
 // src/errors/classes.ts
 var SandboxError = class extends Error {
@@ -600,7 +719,7 @@ var BaseHttpClient = class {
       return await response.json();
     } catch (error) {
       const errorResponse = {
-        code: ErrorCode2.INVALID_JSON_RESPONSE,
+        code: ErrorCode.INVALID_JSON_RESPONSE,
         message: `Invalid JSON response: ${error instanceof Error ? error.message : "Unknown parsing error"}`,
         context: {},
         httpStatus: response.status,
@@ -618,7 +737,7 @@ var BaseHttpClient = class {
       errorData = await response.json();
     } catch {
       errorData = {
-        code: ErrorCode2.INTERNAL_ERROR,
+        code: ErrorCode.INTERNAL_ERROR,
         message: `HTTP error! status: ${response.status}`,
         context: { statusText: response.statusText },
         httpStatus: response.status,
@@ -995,9 +1114,6 @@ var GitClient = class extends BaseHttpClient {
 };
 
 // src/clients/interpreter-client.ts
-import {
-  ResultImpl
-} from "@repo/shared";
 var InterpreterClient = class extends BaseHttpClient {
   maxRetries = 3;
   retryDelayMs = 1e3;
@@ -1129,7 +1245,7 @@ var InterpreterClient = class extends BaseHttpClient {
       return createErrorFromResponse(errorData);
     } catch {
       const errorResponse = {
-        code: ErrorCode2.INTERNAL_ERROR,
+        code: ErrorCode.INTERNAL_ERROR,
         message: `HTTP ${response.status}: ${response.statusText}`,
         context: {},
         httpStatus: response.status,
@@ -1535,7 +1651,6 @@ var Sandbox = class extends Container {
     if (!this.baseUrl) {
       this.baseUrl = baseUrl;
       await this.ctx.storage.put("baseUrl", baseUrl);
-      console.log(`[Sandbox] Stored base URL: ${baseUrl}`);
     } else {
       if (this.baseUrl !== baseUrl) {
         throw new Error("Base URL already set and different from one previously provided");
@@ -1885,7 +2000,7 @@ var Sandbox = class extends Container {
   async exposePort(port, options) {
     if (options.hostname.endsWith(".workers.dev")) {
       const errorResponse = {
-        code: ErrorCode2.CUSTOM_DOMAIN_REQUIRED,
+        code: ErrorCode.CUSTOM_DOMAIN_REQUIRED,
         message: `Port exposure requires a custom domain. .workers.dev domains do not support wildcard subdomains required for port proxying.`,
         context: { originalError: options.hostname },
         httpStatus: 400,
@@ -2109,8 +2224,8 @@ var Sandbox = class extends Container {
 
 // src/request-handler.ts
 async function proxyToSandbox(request, env) {
-  const traceId = TraceContext2.fromHeaders(request.headers) || TraceContext2.generate();
-  const logger = createLogger2({
+  const traceId = TraceContext.fromHeaders(request.headers) || TraceContext.generate();
+  const logger = createLogger({
     component: "sandbox-do",
     traceId,
     operation: "proxy"
@@ -2233,4 +2348,4 @@ export {
   getSandbox,
   Sandbox
 };
-//# sourceMappingURL=chunk-HGF554LH.js.map
+//# sourceMappingURL=chunk-EXQOIRZI.js.map