@cloudflare/sandbox 0.4.11 → 0.4.14

package/.turbo/turbo-build.log

@@ -1,49 +1,15 @@
 
-> @cloudflare/sandbox@0.4.11 build
-> rm -rf dist && tsup src/*.ts --outDir dist --dts --sourcemap --format esm
+> @cloudflare/sandbox@0.4.14 build
+> rm -rf dist && tsdown --config tsdown.config.ts
 
-CLI Building entry: src/file-stream.ts, src/index.ts, src/interpreter.ts, src/request-handler.ts, src/sandbox.ts, src/security.ts, src/sse-parser.ts, src/version.ts
-CLI Using tsconfig: tsconfig.json
-CLI tsup v8.5.0
-CLI Target: es2022
-ESM Build start
-ESM dist/file-stream.js         146.00 B
-ESM dist/index.js               1.13 KB
-ESM dist/chunk-BFVUNTP4.js      2.76 KB
-ESM dist/interpreter.js         156.00 B
-ESM dist/sandbox.js             254.00 B
-ESM dist/request-handler.js     292.00 B
-ESM dist/chunk-JXZMAU2C.js      14.43 KB
-ESM dist/chunk-SVWLTRHD.js      75.12 KB
-ESM dist/security.js            233.00 B
-ESM dist/chunk-Z532A7QC.js      1.75 KB
-ESM dist/sse-parser.js          233.00 B
-ESM dist/chunk-EKSWCBCA.js      2.28 KB
-ESM dist/version.js             114.00 B
-ESM dist/chunk-FE4PJSRB.js      115.00 B
-ESM dist/file-stream.js.map     71.00 B
-ESM dist/index.js.map           71.00 B
-ESM dist/chunk-BFVUNTP4.js.map  6.71 KB
-ESM dist/interpreter.js.map     71.00 B
-ESM dist/sandbox.js.map         71.00 B
-ESM dist/request-handler.js.map 71.00 B
-ESM dist/chunk-JXZMAU2C.js.map  33.44 KB
-ESM dist/security.js.map        71.00 B
-ESM dist/chunk-Z532A7QC.js.map  3.96 KB
-ESM dist/sse-parser.js.map      71.00 B
-ESM dist/chunk-EKSWCBCA.js.map  5.61 KB
-ESM dist/version.js.map         71.00 B
-ESM dist/chunk-FE4PJSRB.js.map  391.00 B
-ESM dist/chunk-SVWLTRHD.js.map  154.76 KB
-ESM ⚡️ Build success in 108ms
-DTS Build start
-DTS ⚡️ Build success in 2440ms
-DTS dist/index.d.ts            1.46 KB
-DTS dist/file-stream.d.ts      1.34 KB
-DTS dist/interpreter.d.ts      1007.00 B
-DTS dist/request-handler.d.ts  565.00 B
-DTS dist/security.d.ts         1.05 KB
-DTS dist/sse-parser.d.ts       1.18 KB
-DTS dist/version.d.ts          303.00 B
-DTS dist/sandbox.d.ts          156.00 B
-DTS dist/sandbox-DWQVgVTY.d.ts 21.39 KB
+ℹ tsdown v0.15.11 powered by rolldown v1.0.0-beta.45
+ℹ Using tsdown config: /home/runner/work/sandbox-sdk/sandbox-sdk/packages/sandbox/tsdown.config.ts
+ℹ entry: src/index.ts
+ℹ tsconfig: tsconfig.json
+ℹ Build start
+ℹ dist/index.js         95.61 kB │ gzip: 21.55 kB
+ℹ dist/index.js.map    202.56 kB │ gzip: 44.33 kB
+ℹ dist/index.d.ts.map   72.31 kB │ gzip: 19.90 kB
+ℹ dist/index.d.ts       53.99 kB │ gzip: 11.70 kB
+ℹ 4 files, total: 424.47 kB
+✔ Build complete in 2229ms

package/CHANGELOG.md

@@ -1,5 +1,37 @@
 # @cloudflare/sandbox
 
+## 0.4.14
+
+### Patch Changes
+
+- [#172](https://github.com/cloudflare/sandbox-sdk/pull/172) [`1bf3576`](https://github.com/cloudflare/sandbox-sdk/commit/1bf35768b02532c77df6f30a2f2eb08cb2b12115) Thanks [@threepointone](https://github.com/threepointone)! - Update dependencies
+
+- [#176](https://github.com/cloudflare/sandbox-sdk/pull/176) [`7edbfa9`](https://github.com/cloudflare/sandbox-sdk/commit/7edbfa906668d75f540527f50b52483dc787192c) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Add cache mounts to Dockerfile for faster builds
+
+  Adds cache mounts for npm, apt, and pip package managers in the Dockerfile. This speeds up Docker image builds when dependencies change, particularly beneficial for users building from source.
+
+- [#172](https://github.com/cloudflare/sandbox-sdk/pull/172) [`1bf3576`](https://github.com/cloudflare/sandbox-sdk/commit/1bf35768b02532c77df6f30a2f2eb08cb2b12115) Thanks [@threepointone](https://github.com/threepointone)! - Fix type generation
+
+  We inline types from `@repo/shared` so that it includes the types we reexport. Fixes #165
+
+- [#175](https://github.com/cloudflare/sandbox-sdk/pull/175) [`77cb937`](https://github.com/cloudflare/sandbox-sdk/commit/77cb93762a619523758f769a10509e665ca819fe) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Move .connect to .wsConnect within DO stub
+
+## 0.4.13
+
+### Patch Changes
+
+- [#168](https://github.com/cloudflare/sandbox-sdk/pull/168) [`6b08f02`](https://github.com/cloudflare/sandbox-sdk/commit/6b08f02c061aef07cc98188abef2973ac92365f8) Thanks [@threepointone](https://github.com/threepointone)! - Fix type generation
+
+  We inline types from `@repo/shared` so that it includes the types we reexport. Fixes #165
+
+- [#162](https://github.com/cloudflare/sandbox-sdk/pull/162) [`c4db459`](https://github.com/cloudflare/sandbox-sdk/commit/c4db459389a7b86048a03410d67d4dd7bf4a6085) Thanks [@whoiskatrin](https://github.com/whoiskatrin)! - Add WebSocket support via connect() method for routing client WebSocket connections directly to container services
+
+## 0.4.12
+
+### Patch Changes
+
+- [#137](https://github.com/cloudflare/sandbox-sdk/pull/137) [`7f4442b`](https://github.com/cloudflare/sandbox-sdk/commit/7f4442b7a097587d8f8e8f9ff2f887df6943a3db) Thanks [@whoiskatrin](https://github.com/whoiskatrin)! - add keepAlive flag to prevent containers from shutting down
+
 ## 0.4.11
 
 ### Patch Changes
@@ -21,7 +53,6 @@
   This adds a new `exists()` method to the SDK that checks whether a file or directory exists at a given path. The method returns a boolean indicating existence, similar to Python's `os.path.exists()` and JavaScript's `fs.existsSync()`.
 
   The implementation is end-to-end:
-
   - New `FileExistsResult` and `FileExistsRequest` types in shared package
   - Handler endpoint at `/api/exists` in container layer
   - Client method in `FileClient` and `Sandbox` classes
@@ -120,50 +151,47 @@
   Implements PID namespace isolation to protect control plane processes (Jupyter, Bun) from sandboxed code. Commands executed via `exec()` now run in isolated namespaces that cannot see or interact with system processes.
 
   **Key security improvements:**
-
   - Control plane processes are hidden from sandboxed commands
   - Platform secrets in `/proc/1/environ` are inaccessible
   - Ports 8888 (Jupyter) and 3000 (Bun) are protected from hijacking
 
   **Breaking changes:**
-
   1. **Removed `sessionId` parameter**: The `sessionId` parameter has been removed from all methods (`exec()`, `execStream()`, `startProcess()`, etc.). Each sandbox now maintains its own persistent session automatically.
 
      ```javascript
      // Before: manual session management
-     await sandbox.exec("cd /app", { sessionId: "my-session" });
+     await sandbox.exec('cd /app', { sessionId: 'my-session' });
 
      // After: automatic session per sandbox
-     await sandbox.exec("cd /app");
+     await sandbox.exec('cd /app');
      ```
 
   2. **Commands now maintain state**: Commands within the same sandbox now share state (working directory, environment variables, background processes). Previously each command was stateless.
 
      ```javascript
      // Before: each exec was independent
-     await sandbox.exec("cd /app");
-     await sandbox.exec("pwd"); // Output: /workspace
+     await sandbox.exec('cd /app');
+     await sandbox.exec('pwd'); // Output: /workspace
 
      // After: state persists in session
-     await sandbox.exec("cd /app");
-     await sandbox.exec("pwd"); // Output: /app
+     await sandbox.exec('cd /app');
+     await sandbox.exec('pwd'); // Output: /app
      ```
 
   **Migration guide:**
-
   - Remove `sessionId` from all method calls - each sandbox maintains its own session
   - If you need isolated execution contexts within the same sandbox, use `sandbox.createSession()`:
     ```javascript
     // Create independent sessions with different environments
     const buildSession = await sandbox.createSession({
-      name: "build",
-      env: { NODE_ENV: "production" },
-      cwd: "/build",
+      name: 'build',
+      env: { NODE_ENV: 'production' },
+      cwd: '/build'
     });
     const testSession = await sandbox.createSession({
-      name: "test",
-      env: { NODE_ENV: "test" },
-      cwd: "/test",
+      name: 'test',
+      env: { NODE_ENV: 'test' },
+      cwd: '/test'
     });
     ```
   - Environment variables set in one command persist to the next

package/Dockerfile

@@ -29,8 +29,9 @@ WORKDIR /app
 COPY --from=pruner /app/out/json/ .
 COPY --from=pruner /app/out/package-lock.json ./package-lock.json
 
-# Install ALL dependencies (including devDependencies for build)
-RUN npm ci
+# Install ALL dependencies with cache mount for npm packages
+RUN --mount=type=cache,target=/root/.npm \
+    npm ci
 
 # Copy pruned source code
 COPY --from=pruner /app/out/full/ .
@@ -53,7 +54,8 @@ COPY --from=builder /app/packages ./packages
 COPY --from=builder /app/tooling ./tooling
 
 # Install ONLY production dependencies (excludes typescript, @types/*, etc.)
-RUN npm ci --production
+RUN --mount=type=cache,target=/root/.npm \
+    npm ci --production
 
 # ============================================================================
 # Stage 4: Runtime - Ubuntu 22.04 with only runtime dependencies
@@ -69,8 +71,12 @@ ENV DEBIAN_FRONTEND=noninteractive
 # Set the sandbox version as an environment variable for version checking
 ENV SANDBOX_VERSION=${SANDBOX_VERSION}
 
-# Install essential runtime packages
-RUN apt-get update && apt-get install -y --no-install-recommends \
+# Install essential runtime packages with cache mounts
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+    --mount=type=cache,target=/var/lib/apt,sharing=locked \
+    rm -f /etc/apt/apt.conf.d/docker-clean && \
+    echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' >/etc/apt/apt.conf.d/keep-cache && \
+    apt-get update && apt-get install -y --no-install-recommends \
     curl \
     wget \
     ca-certificates \
@@ -82,8 +88,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     unzip \
     zip \
     jq \
-    file \
-    && rm -rf /var/lib/apt/lists/*
+    file
 
 # Set Python 3.11 as default python3
 RUN update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.11 1
@@ -96,8 +101,9 @@ RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
 # Install Bun runtime from official image
 COPY --from=oven/bun:1 /usr/local/bin/bun /usr/local/bin/bun
 
-# Install essential Python packages for code execution
-RUN pip3 install --no-cache-dir \
+# Install essential Python packages with cache mount
+RUN --mount=type=cache,target=/root/.cache/pip \
+    pip3 install \
     matplotlib \
     numpy \
     pandas \

package/README.md

@@ -144,7 +144,6 @@ See the [examples directory](./examples) for complete working examples:
 
 - [Minimal](./examples/minimal) - Basic sandbox setup
 - [Code Interpreter](./examples/code-interpreter) - Use sandbox as an interpreter tool with gpt-oss
-- [Complete](./examples/basic) - Huge example integrated with every sandbox feature
 
 ## Status