npm - @ekairos/sandbox - Versions diffs - 1.22.4-beta.feature-core-thread-registry-sync.0 → 1.22.5-beta.development.0 - Mend

@ekairos/sandbox 1.22.4-beta.feature-core-thread-registry-sync.0 → 1.22.5-beta.development.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/README.md CHANGED Viewed

@@ -1,492 +1,57 @@
 # @ekairos/sandbox
-Provider-agnostic helpers to provision and manage external sandboxes with durable IDs stored in InstantDB.
-This package is **independent** (no workflow runtime dependency). Other packages (e.g. `@ekairos/dataset`, `@ekairos/structure`)
-may depend on it, but `@ekairos/sandbox` does not depend on any workflow framework.
+Provider-agnostic sandbox service with durable sandbox ids stored in InstantDB.
----
+## What it does
-## Why this package exists
+- creates sandboxes and persists them in `sandbox_sandboxes`
+- reconnects by durable `sandboxId`
+- runs commands
+- reads and writes files
+- supports multiple providers behind one API
-We need a stable, provider-agnostic interface to:
-- Create and reconnect sandboxes by a durable `sandboxId`.
-- Run commands and read/write files in a consistent way.
-- Persist sandbox metadata in InstantDB for continuity across runs.
-- Support multiple providers (Vercel, Daytona, etc.) without changing callers.
+## Main APIs
----
+- `sandboxDomain`
+- `SandboxService`
+- `createVercelSandbox(...)`
+- `runCommandInSandbox(...)`
-## Installation (pnpm)
-```bash
-pnpm add @ekairos/sandbox
-```
----
-## Environment variables
-### InstantDB (admin)
-You must provide an InstantDB **admin** database client so sandbox actions can persist and query sandbox records.
-### Provider selection
-By default, provider is `sprites` unless overridden.
-You can set:
-- `SANDBOX_PROVIDER=sprites` or `SANDBOX_PROVIDER=daytona` or `SANDBOX_PROVIDER=vercel`
-- or pass `provider` in `SandboxConfig`
-### Sprites.dev
-- `SPRITES_API_TOKEN` (or `SPRITE_TOKEN`) - required
-- Optional:
-  - `SPRITES_API_BASE_URL` / `SPRITES_API_URL` (default: `https://api.sprites.dev`)
-### Daytona (current)
-`@daytonaio/sdk` supports these env vars:
-- `DAYTONA_API_URL` (required) - Daytona API base URL
-- `DAYTONA_API_KEY` (required if not using JWT)
-- `DAYTONA_JWT_TOKEN` + `DAYTONA_ORGANIZATION_ID` (optional auth mode)
-- `DAYTONA_TARGET` (optional)
-- `SANDBOX_DAYTONA_EPHEMERAL` (optional) - default ephemeral for Daytona sandboxes (true unless set to 0/false)
-### Vercel
-- `SANDBOX_VERCEL_TEAM_ID`
-- `SANDBOX_VERCEL_PROJECT_ID`
-- `SANDBOX_VERCEL_TOKEN`
----
-## Data model (InstantDB)
-### `sandboxDomain`
-Defines a single entity:
-- `sandbox_sandboxes`
-Fields (high-level):
-- `externalSandboxId` (string, indexed): provider sandbox id (Vercel `sandbox.sandboxId`, Daytona `sandbox.id`)
-- `provider` (string, indexed): e.g. `"vercel"`, `"daytona"`
-- `sandboxUrl` (string, optional): optional URL metadata
-- `status` (string, indexed): `"creating" | "active" | "shutdown" | "error" | ...`
-- `timeout` (number, optional): milliseconds
-- `runtime` (string, optional): `"node22" | "python3" | ...`
-- `vcpus` (number, optional)
-- `ports` (json, optional): array of ports
-- `purpose` (string, optional, indexed)
-- `params` (json, optional)
-- timestamps: `createdAt`, `updatedAt`, `shutdownAt`
----
-## ID semantics (important)
-There are two ids involved:
-### 1) `sandboxId` (internal, durable handle)
-- The **InstantDB record id**: `sandbox_sandboxes[sandboxId]`
-- This is the id you store in durable state and pass around.
-- All sandbox actions and helpers take this `sandboxId`.
-### 2) `externalSandboxId` (provider id)
-- The id returned by the provider SDK (Vercel `sandbox.sandboxId`, Daytona `sandbox.id`)
-- Stored on the record as `externalSandboxId`
-- Used internally to reconnect via the provider SDK
----
-## Schema integration
-In your app schema, include `sandboxDomain` along with other domains, then initialize Instant with the composed schema.
-```ts
-import { domain } from "@ekairos/domain";
-import { sandboxDomain } from "@ekairos/sandbox";
-// import { storyDomain } from "@ekairos/story" (if you use stories)
-// import { datasetDomain } from "@ekairos/dataset" (if you use dataset)
-export const appDomain = domain("app")
-  .includes(sandboxDomain)
-  // .includes(storyDomain)
-  // .includes(datasetDomain)
-  .schema({
-    entities: {},
-    links: {},
-    rooms: {},
-  });
-export const schema = appDomain.toInstantSchema();
-```
----
-## Exports
+## Providers
-- `sandboxDomain` (schema domain + actions factory)
-- `SandboxService` (high-level service)
-- `runCommandInSandbox` (low-level helper for Vercel)
-- Types: `SandboxConfig`, `SandboxRecord`, `ServiceResult<T>`, `CommandResult`
+- `vercel`
+- `daytona`
+- `sprites`
----
+Provider selection:
-## Quickstart
+1. `config.provider`
+2. `SANDBOX_PROVIDER`
+3. default provider
-### 1) Instantiate the service
+## Quick example
 ```ts
-import { init } from "@instantdb/admin";
-import { sandboxDomain } from "@ekairos/sandbox";
-const db = init({
-  appId: process.env.NEXT_PUBLIC_INSTANT_APP_ID,
-  adminToken: process.env.INSTANT_APP_ADMIN_TOKEN,
-  schema: {}, // your composed schema that includes sandboxDomain
-});
+const service = new SandboxService(db);
-const sandboxes = sandboxDomain(db);
-```
-### 2) Create a persisted sandbox
-```ts
-const created = await sandboxes.createSandbox({
-  provider: "daytona", // or set SANDBOX_PROVIDER=daytona
+const created = await service.createSandbox({
+  provider: "vercel",
   runtime: "node22",
   timeoutMs: 10 * 60 * 1000,
-  resources: { vcpus: 2 },
-  purpose: "dataset-file-parse",
-  params: { datasetId: "..." },
 });
 if (!created.ok) throw new Error(created.error);
-const { sandboxId } = created.data;
-```
-### 3) Run commands by `sandboxId`
-```ts
-const sandbox = sandboxes.getSandbox(sandboxId);
-const res = await sandbox.runCommand("node", ["-e", "console.log('hello')"]);
-if (!res.ok) throw new Error(res.error);
-console.log(res.data.exitCode, res.data.output);
-```
-### 4) Reconnect (when you need the runtime object)
-```ts
-const sandbox = sandboxes.getSandbox(sandboxId);
-const rec = await sandbox.reconnect();
-if (!rec.ok) throw new Error(rec.error);
-const { sandbox: providerSandbox } = rec.data;
-// Use provider-specific SDK features on providerSandbox
-```
-### 5) Stop (optional)
-```ts
-const sandbox = sandboxes.getSandbox(sandboxId);
-await sandbox.stop();
+const run = await service.runCommand(created.data.sandboxId, "node", ["-v"]);
 ```
----
-## Provider selection rules
-Precedence:
-1) `SandboxConfig.provider`
-2) `SANDBOX_PROVIDER`
-3) default: `sprites`
----
-## Daytona provider details
+## Important ids
-### Config mapping
+- `sandboxId`: durable InstantDB record id
+- `externalSandboxId`: provider-native sandbox id
-`SandboxConfig` accepts Daytona-specific options via `config.daytona`:
-```ts
-{
-  provider: "daytona",
-  runtime: "node22", // used to infer language when daytona.language not set
-  daytona: {
-    language: "typescript" | "javascript" | "python",
-    snapshot: "snapshot-id",
-    image: "debian:12" | "...",
-    envVars: { KEY: "value" },
-    labels: { "app": "ekairos" },
-    public: false,
-    ephemeral: true,
-    autoStopIntervalMin: 30,
-    autoArchiveIntervalMin: 60,
-    user: "daytona",
-    volumes: [{ volumeId: "vol-123", mountPath: "/home/daytona/volume" }],
-  }
-}
-```
-### Command execution
-For Daytona, `runCommand` uses `sandbox.process.executeCommand(...)` and returns:
-- `exitCode`
-- `output` (stdout)
-- `error` (stderr if available)
-### File IO
-- `writeFiles` -> `sandbox.fs.uploadFiles(...)`
-- `readFile` -> `sandbox.fs.downloadFile(...)`
----
-## Volumes (Daytona)
-Volumes are persistent FUSE mounts that can be attached to multiple sandboxes.
-They are ideal for caching datasets or large artifacts across runs.
-### Create/get a volume
-```ts
-import { Daytona } from "@daytonaio/sdk";
-const daytona = new Daytona();
-const volume = await daytona.volume.get("ekairos-ds-123", true);
-```
-### Mount a volume when creating a sandbox
-```ts
-const created = await sandboxes.createSandbox({
-  provider: "daytona",
-  daytona: {
-    // Either volumeId or volumeName can be provided.
-    volumes: [{ volumeId: volume.id, mountPath: "/home/daytona/.ekairos" }],
-    // volumes: [{ volumeName: "ekairos-ds-123", mountPath: "/home/daytona/.ekairos" }],
-  },
-});
-```
-### Use the volume in the sandbox
-Once mounted, read/write like any other directory.
-Files written to a volume persist even after the sandbox is removed.
-### Limitations
-- Volumes are FUSE-based and **slower** than the local sandbox filesystem.
-- Volumes are **not** block storage and are not suitable for databases.
-- For heavy processing, consider copying from the volume to local FS first.
----
-## Volumes vs InstantDB files (how they relate)
-InstantDB storage (`$files`) is **durable object storage** (good for canonical datasets,
-outputs, and sharing data across services). Daytona volumes are **durable shared file mounts**
-optimized for **fast re-use inside sandboxes**.
-Think of it like this:
-- **InstantDB `$files`** is the source of truth and can be accessed by any service.
-- **Daytona volumes** are a performance layer to avoid re-downloading the same files into sandboxes.
-### Recommended pattern
-1) **Persist canonical files** in InstantDB `$files`.
-2) **On sandbox start**, check a manifest in the volume:
-   - If present and hashes match, **use volume data**.
-   - If not, **download from InstantDB** and refresh the volume + manifest.
-3) **Write output back to InstantDB** when you need durable sharing or indexing.
-### Example manifest layout
-```
-/home/daytona/.ekairos/datasets/{datasetId}/
-  manifest.json
-  raw/
-  normalized/
-  cache/
-```
-### Why both are needed
-- InstantDB guarantees durability, queryability, and cross-service access.
-- Volumes reduce cold-start and repeated downloads for sandbox workloads.
----
-## Ephemeral sandboxes (Daytona)
-Set `daytona.ephemeral = true` to auto-delete a sandbox after it stops.
-Pair this with `autoStopIntervalMin` to avoid quota exhaustion from idle sandboxes.
-```ts
-const created = await sandboxes.createSandbox({
-  provider: "daytona",
-  daytona: {
-    ephemeral: true,
-    autoStopIntervalMin: 5,
-  },
-});
-```
----
-## Behavioral notes
-### `createSandbox(config)`
-- Creates an InstantDB record `sandbox_sandboxes[sandboxId]` with status `"creating"`.
-- Provisions a provider sandbox (provider-specific).
-- Updates the record to status `"active"` and stores `externalSandboxId`.
-### `reconnectToSandbox(sandboxId)`
-- Loads the record by internal `sandboxId`.
-- Validates:
-  - record exists
-  - `externalSandboxId` exists
-- Reconnects using the provider SDK/client (provider-specific).
-- Returns `ok: false` if sandbox is not found/not running.
-- If reconnection fails and the record was `"active"`, it may mark the record as `"shutdown"`.
-### `runCommand(sandboxId, command, args?)`
-- Durable-friendly command execution.
-- Attempts to reconnect; if unavailable it may recreate the sandbox from the stored record configuration and retry.
-- Returns a capped output payload suitable for storing in logs.
-### `stopSandbox(sandboxId)`
-- Attempts to reconnect and stop the provider sandbox.
-- Marks the record as `"shutdown"` regardless (the provider sandbox may already be gone).
----
-## Providers
-### Daytona (current)
-Environment variables:
-- `DAYTONA_API_URL`
-- `DAYTONA_API_KEY` or `DAYTONA_JWT_TOKEN + DAYTONA_ORGANIZATION_ID`
-- `DAYTONA_TARGET` (optional)
-Behavior notes:
-- `externalSandboxId` maps to Daytona `sandbox.id`.
-- Reconnect uses `daytona.get(id)` and starts if not running.
-- File IO uses `sandbox.fs`.
-- Command execution uses `sandbox.process.executeCommand`.
-### Local Daytona OSS (Docker Desktop / Windows)
-We keep the Daytona OSS repo **outside** this workspace to avoid nested repos.
-Use the helper script in `./scripts/daytona-local.ps1` to clone and run the official
-Docker Compose stack.
-```powershell
-# clone once (pin a ref for repeatability)
-powershell -ExecutionPolicy Bypass -File .\scripts\daytona-local.ps1 init -Ref <tag-or-commit>
-# start / stop
-powershell -ExecutionPolicy Bypass -File .\scripts\daytona-local.ps1 up
-powershell -ExecutionPolicy Bypass -File .\scripts\daytona-local.ps1 down
-```
-Defaults and overrides:
-- Default clone path: `%USERPROFILE%\.ekairos\daytona-oss`
-- Override with `DAYTONA_OSS_HOME`
-- Pin a specific version with `DAYTONA_OSS_REF`
-Environment variables for local usage:
-```bash
-SANDBOX_PROVIDER=daytona
-DAYTONA_API_URL=http://localhost:3000/api
-DAYTONA_API_KEY=... # create in the local Daytona dashboard (http://localhost:3000)
-```
-Optional: if you need proxy/preview URLs, Windows needs wildcard DNS for `*.proxy.localhost`.
-You can run Daytona's `scripts/setup-proxy-dns.sh` inside WSL or use a local DNS tool.
-This is not required for API-only usage.
-### Vercel
-Environment variables:
-- `SANDBOX_VERCEL_TEAM_ID`
-- `SANDBOX_VERCEL_PROJECT_ID`
-- `SANDBOX_VERCEL_TOKEN`
-Behavior notes:
-- `externalSandboxId` maps to Vercel `sandbox.sandboxId`.
-- Reconnect is done via `Sandbox.get(...)` using the stored `externalSandboxId`.
----
-## Dev local (Daytona OSS en Docker Desktop)
-### 1) Levantar Daytona local
-Usa el helper para clonar el repo de Daytona (fuera del workspace) y levantar el stack:
-```powershell
-powershell -ExecutionPolicy Bypass -File .\scripts\daytona-local.ps1 init
-powershell -ExecutionPolicy Bypass -File .\scripts\daytona-local.ps1 up
-```
-Dashboard local: `http://localhost:3000`
-Credenciales (dev):
-- usuario: `dev@daytona.io`
-- password: `password`
-### 2) Crear API key manualmente
-En el dashboard, ve a **API Keys** y crea una key. Luego configura tu app:
+## Tests
-```bash
-SANDBOX_PROVIDER=daytona
-DAYTONA_API_URL=http://localhost:3000/api
-DAYTONA_API_KEY=...tu_api_key_local...
-```
-Notas:
-- Guarda la key localmente; **no la comitees**.
-- Si necesitas proxy/preview en Windows, configura `*.proxy.localhost` (ver README de Daytona OSS).
----
-## Development notes
-- Prefer `runCommand(sandboxId, ...)` for provider-agnostic usage.
-- Only `reconnect()` when you need direct provider SDK features.
-- Avoid storing secrets in `params`.
-- When using volumes, include a manifest/versioning strategy.
----
-## Testing
-A smoke test exists in:
-- `packages/sandbox/src/tests/sandbox.temp-app.test.ts`
-It:
-- Creates a temporary Instant app via `instant-cli`.
-- Pushes a minimal schema with `sandboxDomain`.
-- Creates a sandbox (Daytona) and runs a simple command.
-Run:
 ```bash
 pnpm --filter @ekairos/sandbox test
 ```
----
-## Roadmap
-- Snapshot/image presets for faster cold-start.
-- Volume GC policy.
-- Preview proxy on custom domain.

package/dist/schema.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AACA,OAAO,EAAU,KAAK,kBAAkB,EAAE,MAAM,iBAAiB,CAAA;AAGjE,eAAO,MAAM,aAAa,EAAE,~~kBAoB1B~~,CAAA"}
1	+ {"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AACA,OAAO,EAAU,KAAK,kBAAkB,EAAE,MAAM,iBAAiB,CAAA;AAGjE,eAAO,MAAM,aAAa,EAAE,kBAkC1B,CAAA"}

package/dist/schema.js CHANGED Viewed

@@ -5,6 +5,7 @@ export const sandboxDomain = domain("sandbox").schema({
     entities: {
         sandbox_sandboxes: i.entity({
             externalSandboxId: i.string().optional().indexed(),
+            sandboxUserId: i.string().optional().indexed(),
             provider: i.string().indexed(),
             sandboxUrl: i.string().optional(),
             status: i.string().indexed(),
@@ -19,7 +20,20 @@ export const sandboxDomain = domain("sandbox").schema({
             shutdownAt: i.number().optional().indexed(),
         }),
     },
-    links: {},
+    links: {
+        sandbox_user: {
+            forward: {
+                on: "sandbox_sandboxes",
+                has: "one",
+                label: "user",
+            },
+            reverse: {
+                on: "$users",
+                has: "many",
+                label: "sandboxes",
+            },
+        },
+    },
     rooms: {},
 });
 //# sourceMappingURL=schema.js.map

package/dist/schema.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"schema.js","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,iBAAiB,CAAA;AACnC,OAAO,EAAE,MAAM,EAA2B,MAAM,iBAAiB,CAAA;AAEjE,0DAA0D;AAC1D,MAAM,CAAC,MAAM,aAAa,GAAuB,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC;IACxE,QAAQ,EAAE;QACR,iBAAiB,EAAE,CAAC,CAAC,MAAM,CAAC;YAC1B,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,EAAE;YAClD,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE;YAC9B,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YACjC,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE;YAC5B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YAC9B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YAC9B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YAC5B,KAAK,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,QAAQ,EAAE;YAC1B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,EAAE;YACxC,MAAM,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,QAAQ,EAAE;YAC3B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE;YAC/B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,EAAE;YAC1C,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,EAAE;SAC5C,CAAC;KACH;IACD,KAAK,EAAE,EAAE;~~IACT~~,KAAK,EAAE,EAAE;CACV,CAAC,CAAA"}
1	+ {"version":3,"file":"schema.js","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,iBAAiB,CAAA;AACnC,OAAO,EAAE,MAAM,EAA2B,MAAM,iBAAiB,CAAA;AAEjE,0DAA0D;AAC1D,MAAM,CAAC,MAAM,aAAa,GAAuB,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC;IACxE,QAAQ,EAAE;QACR,iBAAiB,EAAE,CAAC,CAAC,MAAM,CAAC;YAC1B,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,EAAE;YAClD,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,EAAE;YAC9C,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE;YAC9B,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YACjC,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE;YAC5B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YAC9B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YAC9B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YAC5B,KAAK,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,QAAQ,EAAE;YAC1B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,EAAE;YACxC,MAAM,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,QAAQ,EAAE;YAC3B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,EAAE;YAC/B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,EAAE;YAC1C,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,EAAE;SAC5C,CAAC;KACH;IACD,KAAK,EAAE;QACL,YAAY,EAAE;YACZ,OAAO,EAAE;gBACP,EAAE,EAAE,mBAAmB;gBACvB,GAAG,EAAE,KAAK;gBACV,KAAK,EAAE,MAAM;aACd;YACD,OAAO,EAAE;gBACP,EAAE,EAAE,QAAQ;gBACZ,GAAG,EAAE,MAAM;gBACX,KAAK,EAAE,WAAW;aACnB;SACF;KACF;IACD,KAAK,EAAE,EAAE;CACV,CAAC,CAAA"}

package/dist/service.d.ts CHANGED Viewed

@@ -9,6 +9,7 @@ type SandboxSchemaType = SchemaOf<typeof sandboxDomain>;
 export interface SandboxRecord {
     id: string;
     externalSandboxId?: string;
+    sandboxUserId?: string;
     provider: string;
     sandboxUrl?: string;
     status: "creating" | "active" | "shutdown" | "error" | "recreating";
@@ -44,6 +45,23 @@ export declare class SandboxService {
     private adminDb;
     constructor(db: InstantAdminDatabase<SandboxSchemaType>);
     private static getVercelCredentials;
+    private static getDomainName;
+    private static getDomainContextString;
+    private static cloneJson;
+    private static buildEkairosNetworkPolicy;
+    private static buildEkairosManifest;
+    private static buildEkairosRuntimeFiles;
+    private static resolveInstantUserIdByRefreshToken;
+    private static resolveEkairosBootstrap;
+    private static bootstrapEkairosFiles;
+    private static safeMkDir;
+    private static buildSkillInstallSet;
+    private static bootstrapSkills;
+    private static resolveVercelWorkingDirectory;
+    private static findLinkedVercelProjectFile;
+    private static readLinkedVercelProject;
+    private static pullVercelOidcToken;
+    private static resolveVercelCredentials;
     private static provisionVercelSandbox;
     private static getDaytonaConfig;
     private static normalizeBaseUrl;
@@ -71,7 +89,9 @@ export declare class SandboxService {
     reconnectToSandbox(sandboxId: string): Promise<ServiceResult<{
         sandbox: ProviderSandbox;
     }>>;
+    private getSandboxRecord;
     stopSandbox(sandboxId: string): Promise<ServiceResult<void>>;
+    query(sandboxId: string, query: Record<string, any>): Promise<ServiceResult<any>>;
     runCommand(sandboxId: string, command: string, args?: string[]): Promise<ServiceResult<CommandResult>>;
     writeFiles(sandboxId: string, files: Array<{
         path: string;

package/dist/service.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"service.d.ts","sourceRoot":"","sources":["../src/service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,IAAI,aAAa,~~EAAE~~,MAAM,iBAAiB,CAAA;~~AAC1D~~,OAAO,EAAsC,KAAK,OAAO,IAAI,cAAc,EAAE,MAAM,gBAAgB,CAAA;AACnG,OAAO,EAAM,KAAK,oBAAoB,EAAE,MAAM,kBAAkB,CAAA;AAChE,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAA;~~AAC1C~~,OAAO,EAAuB,KAAK,aAAa,EAAE,MAAM,eAAe,CAAA;AACvE,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAC3C,OAAO,KAAK,EAAE,aAAa,~~EAAmB~~,MAAM,YAAY,CAAA;~~AAEhE~~,KAAK,iBAAiB,GAAG,QAAQ,CAAC,OAAO,aAAa,CAAC,CAAA;~~AAEvD~~,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAA;IACV,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,QAAQ,EAAE,MAAM,CAAA;IAChB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,MAAM,EAAE,UAAU,GAAG,QAAQ,GAAG,UAAU,GAAG,OAAO,GAAG,YAAY,CAAA;IACnE,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IAC5B,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB;AAED,MAAM,MAAM,aAAa,CAAC,CAAC,GAAG,GAAG,IAAI;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,IAAI,EAAE,CAAC,CAAA;CAAE,GAAG;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAA;AAEzF,KAAK,cAAc,GAAG;IACpB,UAAU,EAAE,SAAS,CAAA;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,EAAE,CAAC,EAAE,MAAM,CAAA;IACX,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,cAAc,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC;QAAE,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;IAC3D,MAAM,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;CAC3C,CAAA;AAED,KAAK,eAAe,GAAG,aAAa,GAAG,cAAc,GAAG,cAAc,CAAA;~~AA4BtE~~,qBAAa,cAAc;IACzB,OAAO,CAAC,OAAO,CAAyC;gBAE5C,EAAE,EAAE,oBAAoB,CAAC,iBAAiB,CAAC;IAIvD,OAAO,CAAC,MAAM,CAAC,oBAAoB;~~mBAYd~~,sBAAsB;~~IAgB3C~~,OAAO,CAAC,MAAM,CAAC,gBAAgB;IA2B/B,OAAO,CAAC,MAAM,CAAC,gBAAgB;IAM/B,OAAO,CAAC,MAAM,CAAC,gBAAgB;mBAcV,YAAY;mBAmBZ,WAAW;mBAiBX,WAAW;IAMhC,OAAO,CAAC,MAAM,CAAC,mBAAmB;IAiBlC,OAAO,CAAC,MAAM,CAAC,gBAAgB;mBAoBV,gBAAgB;mBAgBhB,uBAAuB;IAoC5C,OAAO,CAAC,MAAM,CAAC,0BAA0B;mBAuCpB,WAAW;IAgDhC,OAAO,CAAC,MAAM,CAAC,eAAe;IAc9B,OAAO,CAAC,MAAM,CAAC,sBAAsB;mBAShB,qBAAqB;IAgE1C,OAAO,CAAC,MAAM,CAAC,cAAc;IAM7B,OAAO,CAAC,MAAM,CAAC,oBAAoB;IAQnC,OAAO,CAAC,MAAM,CAAC,YAAY;IAO3B,OAAO,CAAC,MAAM,CAAC,oBAAoB;IAUnC,OAAO,CAAC,MAAM,CAAC,qBAAqB;IAoC9B,aAAa,CAAC,MAAM,EAAE,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;QAAE,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;~~IAmJnF~~,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;QAAE,OAAO,EAAE,eAAe,CAAA;KAAE,CAAC,CAAC;~~IAgJ3F~~,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IAyD5D,UAAU,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,GAAE,MAAM,EAAO,GAAG,OAAO,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;IAkD1G,UAAU,CACd,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,MAAM,CAAA;KAAE,CAAC,GACpD,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IA6CzB,QAAQ,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;QAAE,aAAa,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAqDlG,OAAO,CAAC,MAAM,CAAC,kCAAkC;IA0B3C,gBAAgB,CACpB,SAAS,EAAE,MAAM,EACjB,MAAM,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,GAC5B,OAAO,CAAC,aAAa,CAAC;QAAE,YAAY,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAiD7C,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;QAAE,aAAa,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC,CAAC;IA2BvF,iBAAiB,CAAC,SAAS,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;CA0C/F"}
1	+ {"version":3,"file":"service.d.ts","sourceRoot":"","sources":["../src/service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,IAAI,aAAa,EAAsB,MAAM,iBAAiB,CAAA;AAC9E,OAAO,EAAsC,KAAK,OAAO,IAAI,cAAc,EAAE,MAAM,gBAAgB,CAAA;AACnG,OAAO,EAAM,KAAK,oBAAoB,EAAE,MAAM,kBAAkB,CAAA;AAChE,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAA;AAE1C,OAAO,EAAuB,KAAK,aAAa,EAAE,MAAM,eAAe,CAAA;AACvE,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAC3C,OAAO,KAAK,EAAE,aAAa,EAA4C,MAAM,YAAY,CAAA;AAQzF,KAAK,iBAAiB,GAAG,QAAQ,CAAC,OAAO,aAAa,CAAC,CAAA;AAGvD,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAA;IACV,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,QAAQ,EAAE,MAAM,CAAA;IAChB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,MAAM,EAAE,UAAU,GAAG,QAAQ,GAAG,UAAU,GAAG,OAAO,GAAG,YAAY,CAAA;IACnE,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,KAAK,CAAC,EAAE,MAAM,EAAE,CAAA;IAChB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IAC5B,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB;AAED,MAAM,MAAM,aAAa,CAAC,CAAC,GAAG,GAAG,IAAI;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,IAAI,EAAE,CAAC,CAAA;CAAE,GAAG;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAA;AAEzF,KAAK,cAAc,GAAG;IACpB,UAAU,EAAE,SAAS,CAAA;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,EAAE,CAAC,EAAE,MAAM,CAAA;IACX,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,cAAc,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC;QAAE,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;IAC3D,MAAM,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;CAC3C,CAAA;AAED,KAAK,eAAe,GAAG,aAAa,GAAG,cAAc,GAAG,cAAc,CAAA;AA+EtE,qBAAa,cAAc;IACzB,OAAO,CAAC,OAAO,CAAyC;gBAE5C,EAAE,EAAE,oBAAoB,CAAC,iBAAiB,CAAC;IAIvD,OAAO,CAAC,MAAM,CAAC,oBAAoB;IAYnC,OAAO,CAAC,MAAM,CAAC,aAAa;IAM5B,OAAO,CAAC,MAAM,CAAC,sBAAsB;IASrC,OAAO,CAAC,MAAM,CAAC,SAAS;IAIxB,OAAO,CAAC,MAAM,CAAC,yBAAyB;IA0BxC,OAAO,CAAC,MAAM,CAAC,oBAAoB;IA0BnC,OAAO,CAAC,MAAM,CAAC,wBAAwB;mBA8FlB,kCAAkC;mBAmClC,uBAAuB;mBAsDvB,qBAAqB;mBAOrB,SAAS;IAY9B,OAAO,CAAC,MAAM,CAAC,oBAAoB;mBA2Bd,eAAe;IA+BpC,OAAO,CAAC,MAAM,CAAC,6BAA6B;IAQ5C,OAAO,CAAC,MAAM,CAAC,2BAA2B;mBAWrB,uBAAuB;mBAwBvB,mBAAmB;mBAoCnB,wBAAwB;mBAyBxB,sBAAsB;IAqB3C,OAAO,CAAC,MAAM,CAAC,gBAAgB;IA2B/B,OAAO,CAAC,MAAM,CAAC,gBAAgB;IAM/B,OAAO,CAAC,MAAM,CAAC,gBAAgB;mBAcV,YAAY;mBAmBZ,WAAW;mBAiBX,WAAW;IAMhC,OAAO,CAAC,MAAM,CAAC,mBAAmB;IAiBlC,OAAO,CAAC,MAAM,CAAC,gBAAgB;mBAoBV,gBAAgB;mBAgBhB,uBAAuB;IAoC5C,OAAO,CAAC,MAAM,CAAC,0BAA0B;mBAuCpB,WAAW;IAgDhC,OAAO,CAAC,MAAM,CAAC,eAAe;IAc9B,OAAO,CAAC,MAAM,CAAC,sBAAsB;mBAShB,qBAAqB;IAgE1C,OAAO,CAAC,MAAM,CAAC,cAAc;IAM7B,OAAO,CAAC,MAAM,CAAC,oBAAoB;IAQnC,OAAO,CAAC,MAAM,CAAC,YAAY;IAO3B,OAAO,CAAC,MAAM,CAAC,oBAAoB;IAUnC,OAAO,CAAC,MAAM,CAAC,qBAAqB;IAoC9B,aAAa,CAAC,MAAM,EAAE,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;QAAE,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAsOnF,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;QAAE,OAAO,EAAE,eAAe,CAAA;KAAE,CAAC,CAAC;YAgJnF,gBAAgB;IAOxB,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IAyD5D,KAAK,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;IAyCjF,UAAU,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,GAAE,MAAM,EAAO,GAAG,OAAO,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;IAkD1G,UAAU,CACd,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,MAAM,CAAA;KAAE,CAAC,GACpD,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;IA6CzB,QAAQ,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;QAAE,aAAa,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAqDlG,OAAO,CAAC,MAAM,CAAC,kCAAkC;IA0B3C,gBAAgB,CACpB,SAAS,EAAE,MAAM,EACjB,MAAM,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,GAC5B,OAAO,CAAC,aAAa,CAAC;QAAE,YAAY,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAiD7C,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;QAAE,aAAa,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC,CAAC;IA2BvF,iBAAiB,CAAC,SAAS,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;CA0C/F"}