@hasna/sandboxes 0.1.0

package/dist/server/index.js

@@ -0,0 +1,1552 @@
+#!/usr/bin/env bun
+// @bun
+var __defProp = Object.defineProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, {
+      get: all[name],
+      enumerable: true,
+      configurable: true,
+      set: (newValue) => all[name] = () => newValue
+    });
+};
+var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
+
+// src/types/index.ts
+var SandboxNotFoundError, SessionNotFoundError, ProviderError, AgentNotFoundError, ProjectNotFoundError, WebhookNotFoundError;
+var init_types = __esm(() => {
+  SandboxNotFoundError = class SandboxNotFoundError extends Error {
+    constructor(id) {
+      super(`Sandbox not found: ${id}`);
+      this.name = "SandboxNotFoundError";
+    }
+  };
+  SessionNotFoundError = class SessionNotFoundError extends Error {
+    constructor(id) {
+      super(`Session not found: ${id}`);
+      this.name = "SessionNotFoundError";
+    }
+  };
+  ProviderError = class ProviderError extends Error {
+    provider;
+    constructor(provider, message) {
+      super(`[${provider}] ${message}`);
+      this.name = "ProviderError";
+      this.provider = provider;
+    }
+  };
+  AgentNotFoundError = class AgentNotFoundError extends Error {
+    constructor(id) {
+      super(`Agent not found: ${id}`);
+      this.name = "AgentNotFoundError";
+    }
+  };
+  ProjectNotFoundError = class ProjectNotFoundError extends Error {
+    constructor(id) {
+      super(`Project not found: ${id}`);
+      this.name = "ProjectNotFoundError";
+    }
+  };
+  WebhookNotFoundError = class WebhookNotFoundError extends Error {
+    constructor(id) {
+      super(`Webhook not found: ${id}`);
+      this.name = "WebhookNotFoundError";
+    }
+  };
+});
+
+// src/providers/e2b.ts
+var exports_e2b = {};
+__export(exports_e2b, {
+  E2BProvider: () => E2BProvider
+});
+import { Sandbox as E2BSandbox } from "@e2b/code-interpreter";
+
+class E2BProvider {
+  name = "e2b";
+  apiKey;
+  constructor(apiKey) {
+    this.apiKey = apiKey;
+  }
+  async create(opts) {
+    try {
+      const sandbox = await E2BSandbox.create({
+        apiKey: this.apiKey,
+        timeoutMs: (opts?.timeout || 3600) * 1000
+      });
+      instanceCache.set(sandbox.sandboxId, sandbox);
+      return {
+        id: sandbox.sandboxId,
+        status: "running"
+      };
+    } catch (err) {
+      throw new ProviderError("e2b", `Failed to create sandbox: ${err.message}`);
+    }
+  }
+  async getInstance(sandboxId) {
+    const cached = instanceCache.get(sandboxId);
+    if (cached)
+      return cached;
+    try {
+      const sandbox = await E2BSandbox.connect(sandboxId, {
+        apiKey: this.apiKey
+      });
+      instanceCache.set(sandboxId, sandbox);
+      return sandbox;
+    } catch (err) {
+      throw new ProviderError("e2b", `Failed to connect to sandbox ${sandboxId}: ${err.message}`);
+    }
+  }
+  async exec(sandboxId, command, opts) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      if (opts?.background) {
+        const handle = await sandbox.commands.run(command, {
+          background: true,
+          onStdout: opts.onStdout ? (data) => opts.onStdout(data) : undefined,
+          onStderr: opts.onStderr ? (data) => opts.onStderr(data) : undefined,
+          envs: opts.env,
+          cwd: opts.cwd,
+          timeoutMs: opts.timeout ? opts.timeout * 1000 : undefined
+        });
+        return {
+          kill: async () => {
+            await handle.kill();
+          },
+          wait: async () => {
+            const result2 = await handle.wait();
+            return {
+              exit_code: result2.exitCode,
+              stdout: result2.stdout,
+              stderr: result2.stderr
+            };
+          }
+        };
+      }
+      const result = await sandbox.commands.run(command, {
+        onStdout: opts?.onStdout ? (data) => opts.onStdout(data) : undefined,
+        onStderr: opts?.onStderr ? (data) => opts.onStderr(data) : undefined,
+        envs: opts?.env,
+        cwd: opts?.cwd,
+        timeoutMs: opts?.timeout ? opts.timeout * 1000 : undefined
+      });
+      return {
+        exit_code: result.exitCode,
+        stdout: result.stdout,
+        stderr: result.stderr
+      };
+    } catch (err) {
+      throw new ProviderError("e2b", `Failed to exec command: ${err.message}`);
+    }
+  }
+  async readFile(sandboxId, path) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      return await sandbox.files.read(path, { format: "text" });
+    } catch (err) {
+      throw new ProviderError("e2b", `Failed to read file ${path}: ${err.message}`);
+    }
+  }
+  async writeFile(sandboxId, path, content) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      await sandbox.files.write(path, content);
+    } catch (err) {
+      throw new ProviderError("e2b", `Failed to write file ${path}: ${err.message}`);
+    }
+  }
+  async listFiles(sandboxId, path) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      const entries = await sandbox.files.list(path);
+      return entries.map((e) => ({
+        path: e.path,
+        name: e.name,
+        is_dir: e.type === "dir",
+        size: 0
+      }));
+    } catch (err) {
+      throw new ProviderError("e2b", `Failed to list files at ${path}: ${err.message}`);
+    }
+  }
+  async stop(sandboxId) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      await sandbox.kill();
+      instanceCache.delete(sandboxId);
+    } catch (err) {
+      throw new ProviderError("e2b", `Failed to stop sandbox: ${err.message}`);
+    }
+  }
+  async delete(sandboxId) {
+    await this.stop(sandboxId);
+  }
+  async keepAlive(sandboxId, durationMs) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      await sandbox.keepAlive(durationMs || 300000);
+    } catch (err) {
+      throw new ProviderError("e2b", `Failed to keep alive: ${err.message}`);
+    }
+  }
+}
+var instanceCache;
+var init_e2b = __esm(() => {
+  init_types();
+  instanceCache = new Map;
+});
+
+// src/providers/daytona.ts
+var exports_daytona = {};
+__export(exports_daytona, {
+  DaytonaProvider: () => DaytonaProvider
+});
+import { Daytona } from "@daytonaio/sdk";
+
+class DaytonaProvider {
+  name = "daytona";
+  client;
+  constructor(apiKey) {
+    process.env.DAYTONA_API_KEY = apiKey;
+    this.client = new Daytona({ apiKey });
+  }
+  async create(opts) {
+    try {
+      const sandbox = await this.client.create({
+        language: "typescript",
+        image: opts?.image,
+        envVars: opts?.envVars,
+        autoStopInterval: 0
+      }, opts?.timeout || 60);
+      instanceCache2.set(sandbox.id, sandbox);
+      return {
+        id: sandbox.id,
+        status: "running"
+      };
+    } catch (err) {
+      throw new ProviderError("daytona", `Failed to create sandbox: ${err.message}`);
+    }
+  }
+  async getInstance(sandboxId) {
+    const cached = instanceCache2.get(sandboxId);
+    if (cached)
+      return cached;
+    try {
+      const sandbox = await this.client.get(sandboxId);
+      instanceCache2.set(sandboxId, sandbox);
+      return sandbox;
+    } catch (err) {
+      throw new ProviderError("daytona", `Failed to connect to sandbox ${sandboxId}: ${err.message}`);
+    }
+  }
+  async exec(sandboxId, command, opts) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      if (opts?.background) {
+        const sessionId = `bg-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+        await sandbox.process.createSession(sessionId);
+        const response = await sandbox.process.executeSessionCommand(sessionId, { command, runAsync: true }, opts.timeout);
+        const cmdId = response.cmdId;
+        if (opts.onStdout || opts.onStderr) {
+          const logCallback = (chunk) => {
+            if (opts.onStdout)
+              opts.onStdout(chunk);
+          };
+          sandbox.process.getSessionCommandLogs(sessionId, cmdId, logCallback).catch(() => {});
+        }
+        return {
+          kill: async () => {
+            try {
+              await sandbox.process.deleteSession(sessionId);
+            } catch {}
+          },
+          wait: async () => {
+            let exitCode;
+            let output = "";
+            while (true) {
+              const cmd = await sandbox.process.getSessionCommand(sessionId, cmdId);
+              if (cmd.exitCode !== undefined && cmd.exitCode !== null) {
+                exitCode = cmd.exitCode;
+                break;
+              }
+              await new Promise((r) => setTimeout(r, 500));
+            }
+            try {
+              output = await sandbox.process.getSessionCommandLogs(sessionId, cmdId);
+            } catch {}
+            return {
+              exit_code: exitCode,
+              stdout: output,
+              stderr: ""
+            };
+          }
+        };
+      }
+      const result = await sandbox.process.executeCommand(command, opts?.cwd, opts?.env, opts?.timeout);
+      return {
+        exit_code: result.exitCode,
+        stdout: result.result,
+        stderr: ""
+      };
+    } catch (err) {
+      throw new ProviderError("daytona", `Failed to exec command: ${err.message}`);
+    }
+  }
+  async readFile(sandboxId, path) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      const buffer = await sandbox.fs.downloadFile(path);
+      return buffer.toString("utf-8");
+    } catch (err) {
+      throw new ProviderError("daytona", `Failed to read file ${path}: ${err.message}`);
+    }
+  }
+  async writeFile(sandboxId, path, content) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      await sandbox.fs.uploadFile(Buffer.from(content, "utf-8"), path);
+    } catch (err) {
+      throw new ProviderError("daytona", `Failed to write file ${path}: ${err.message}`);
+    }
+  }
+  async listFiles(sandboxId, path) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      const entries = await sandbox.fs.listFiles(path);
+      return entries.map((e) => ({
+        path: `${path.replace(/\/$/, "")}/${e.name}`,
+        name: e.name,
+        is_dir: e.isDir,
+        size: e.size
+      }));
+    } catch (err) {
+      throw new ProviderError("daytona", `Failed to list files at ${path}: ${err.message}`);
+    }
+  }
+  async stop(sandboxId) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      await sandbox.stop();
+      instanceCache2.delete(sandboxId);
+    } catch (err) {
+      throw new ProviderError("daytona", `Failed to stop sandbox: ${err.message}`);
+    }
+  }
+  async delete(sandboxId) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      await sandbox.delete();
+      instanceCache2.delete(sandboxId);
+    } catch (err) {
+      throw new ProviderError("daytona", `Failed to delete sandbox: ${err.message}`);
+    }
+  }
+  async keepAlive(sandboxId, durationMs) {
+    const sandbox = await this.getInstance(sandboxId);
+    try {
+      const minutes = durationMs ? Math.ceil(durationMs / 60000) : 0;
+      await sandbox.setAutostopInterval(minutes);
+    } catch (err) {
+      throw new ProviderError("daytona", `Failed to keep alive: ${err.message}`);
+    }
+  }
+}
+var instanceCache2;
+var init_daytona = __esm(() => {
+  init_types();
+  instanceCache2 = new Map;
+});
+
+// src/providers/modal.ts
+var exports_modal = {};
+__export(exports_modal, {
+  ModalProvider: () => ModalProvider
+});
+import { ModalClient } from "modal";
+
+class ModalProvider {
+  name = "modal";
+  client;
+  constructor(apiKey) {
+    if (apiKey) {
+      process.env.MODAL_TOKEN_SECRET = apiKey;
+    }
+    this.client = new ModalClient;
+  }
+  async create(opts) {
+    try {
+      const app = await this.client.apps.fromName("open-sandboxes", {
+        createIfMissing: true
+      });
+      const imageName = opts?.image || "ubuntu:22.04";
+      const image = this.client.images.fromRegistry(imageName);
+      const timeout = opts?.timeout || 3600;
+      const createOpts = { timeout };
+      if (opts?.envVars && Object.keys(opts.envVars).length > 0) {
+        createOpts.envVars = opts.envVars;
+      }
+      const sandbox = await this.client.sandboxes.create(app, image, createOpts);
+      const sandboxId = sandbox.id || sandbox.sandboxId || String(sandbox);
+      sandboxCache.set(sandboxId, sandbox);
+      return {
+        id: sandboxId,
+        status: "running"
+      };
+    } catch (err) {
+      throw new ProviderError("modal", `Failed to create sandbox: ${err.message}`);
+    }
+  }
+  getSandbox(sandboxId) {
+    const cached = sandboxCache.get(sandboxId);
+    if (!cached) {
+      throw new ProviderError("modal", `Sandbox ${sandboxId} not found in cache. Modal sandboxes must be created via this provider.`);
+    }
+    return cached;
+  }
+  async exec(sandboxId, command, opts) {
+    const sandbox = this.getSandbox(sandboxId);
+    try {
+      const parts = this.parseCommand(command);
+      const program = parts[0];
+      const args = parts.slice(1);
+      if (opts?.background) {
+        const proc2 = await sandbox.exec(program, ...args);
+        return {
+          kill: async () => {
+            try {
+              if (proc2.kill)
+                await proc2.kill();
+              else if (proc2.terminate)
+                await proc2.terminate();
+            } catch {}
+          },
+          wait: async () => {
+            let stdout2 = "";
+            let stderr2 = "";
+            try {
+              if (proc2.stdout && proc2.stdout.read) {
+                stdout2 = await proc2.stdout.read();
+              }
+              if (proc2.stderr && proc2.stderr.read) {
+                stderr2 = await proc2.stderr.read();
+              }
+            } catch {}
+            const exitCode2 = proc2.exitCode ?? proc2.exit_code ?? proc2.returncode ?? 0;
+            if (opts?.onStdout && stdout2)
+              opts.onStdout(stdout2);
+            if (opts?.onStderr && stderr2)
+              opts.onStderr(stderr2);
+            return {
+              exit_code: exitCode2,
+              stdout: stdout2,
+              stderr: stderr2
+            };
+          }
+        };
+      }
+      const proc = await sandbox.exec(program, ...args);
+      let stdout = "";
+      let stderr = "";
+      if (proc.stdout && proc.stdout.read) {
+        stdout = await proc.stdout.read();
+      }
+      if (proc.stderr && proc.stderr.read) {
+        stderr = await proc.stderr.read();
+      }
+      const exitCode = proc.exitCode ?? proc.exit_code ?? proc.returncode ?? 0;
+      if (opts?.onStdout && stdout)
+        opts.onStdout(stdout);
+      if (opts?.onStderr && stderr)
+        opts.onStderr(stderr);
+      return {
+        exit_code: exitCode,
+        stdout,
+        stderr
+      };
+    } catch (err) {
+      throw new ProviderError("modal", `Failed to exec command: ${err.message}`);
+    }
+  }
+  async readFile(sandboxId, path) {
+    try {
+      const result = await this.exec(sandboxId, `cat ${this.shellEscape(path)}`);
+      const execResult = result;
+      if (execResult.exit_code !== 0) {
+        throw new Error(execResult.stderr || `cat exited with code ${execResult.exit_code}`);
+      }
+      return execResult.stdout;
+    } catch (err) {
+      if (err instanceof ProviderError)
+        throw err;
+      throw new ProviderError("modal", `Failed to read file ${path}: ${err.message}`);
+    }
+  }
+  async writeFile(sandboxId, path, content) {
+    try {
+      const encoded = Buffer.from(content).toString("base64");
+      const dirPath = path.substring(0, path.lastIndexOf("/")) || "/";
+      const cmd = `mkdir -p ${this.shellEscape(dirPath)} && echo ${encoded} | base64 -d > ${this.shellEscape(path)}`;
+      const result = await this.exec(sandboxId, `sh -c ${this.shellEscape(cmd)}`);
+      const execResult = result;
+      if (execResult.exit_code !== 0) {
+        throw new Error(execResult.stderr || `write exited with code ${execResult.exit_code}`);
+      }
+    } catch (err) {
+      if (err instanceof ProviderError)
+        throw err;
+      throw new ProviderError("modal", `Failed to write file ${path}: ${err.message}`);
+    }
+  }
+  async listFiles(sandboxId, path) {
+    try {
+      const result = await this.exec(sandboxId, `ls -la ${this.shellEscape(path)}`);
+      const execResult = result;
+      if (execResult.exit_code !== 0) {
+        throw new Error(execResult.stderr || `ls exited with code ${execResult.exit_code}`);
+      }
+      const lines = execResult.stdout.split(`
+`).filter((l) => l.trim());
+      const files = [];
+      for (const line of lines) {
+        if (line.startsWith("total "))
+          continue;
+        const parts = line.split(/\s+/);
+        if (parts.length < 9)
+          continue;
+        const permissions = parts[0] || "";
+        const size = parseInt(parts[4] || "0", 10) || 0;
+        const name = parts.slice(8).join(" ");
+        if (name === "." || name === "..")
+          continue;
+        const isDir = permissions.startsWith("d");
+        const normalizedPath = path.endsWith("/") ? path : path + "/";
+        files.push({
+          path: normalizedPath + name,
+          name,
+          is_dir: isDir,
+          size
+        });
+      }
+      return files;
+    } catch (err) {
+      if (err instanceof ProviderError)
+        throw err;
+      throw new ProviderError("modal", `Failed to list files at ${path}: ${err.message}`);
+    }
+  }
+  async stop(sandboxId) {
+    const sandbox = this.getSandbox(sandboxId);
+    try {
+      await sandbox.terminate();
+      sandboxCache.delete(sandboxId);
+    } catch (err) {
+      throw new ProviderError("modal", `Failed to stop sandbox: ${err.message}`);
+    }
+  }
+  async delete(sandboxId) {
+    await this.stop(sandboxId);
+  }
+  async keepAlive(_sandboxId, _durationMs) {}
+  parseCommand(command) {
+    const args = [];
+    let current = "";
+    let inSingle = false;
+    let inDouble = false;
+    let escape = false;
+    for (const char of command) {
+      if (escape) {
+        current += char;
+        escape = false;
+        continue;
+      }
+      if (char === "\\") {
+        escape = true;
+        continue;
+      }
+      if (char === "'" && !inDouble) {
+        inSingle = !inSingle;
+        continue;
+      }
+      if (char === '"' && !inSingle) {
+        inDouble = !inDouble;
+        continue;
+      }
+      if (char === " " && !inSingle && !inDouble) {
+        if (current) {
+          args.push(current);
+          current = "";
+        }
+        continue;
+      }
+      current += char;
+    }
+    if (current)
+      args.push(current);
+    return args;
+  }
+  shellEscape(str) {
+    return "'" + str.replace(/'/g, "'\\''") + "'";
+  }
+}
+var sandboxCache;
+var init_modal = __esm(() => {
+  init_types();
+  sandboxCache = new Map;
+});
+
+// src/server/index.ts
+import { parseArgs } from "util";
+
+// src/db/database.ts
+import { Database } from "bun:sqlite";
+import { existsSync, mkdirSync } from "fs";
+import { dirname, join, resolve } from "path";
+import { randomUUID } from "crypto";
+function isInMemoryDb(path) {
+  return path === ":memory:" || path.startsWith("file::memory:");
+}
+function findNearestDb(startDir) {
+  let dir = resolve(startDir);
+  while (true) {
+    const candidate = join(dir, ".sandboxes", "sandboxes.db");
+    if (existsSync(candidate))
+      return candidate;
+    const parent = dirname(dir);
+    if (parent === dir)
+      break;
+    dir = parent;
+  }
+  return null;
+}
+function getDbPath() {
+  if (process.env["SANDBOXES_DB_PATH"]) {
+    return process.env["SANDBOXES_DB_PATH"];
+  }
+  const cwd = process.cwd();
+  const nearest = findNearestDb(cwd);
+  if (nearest)
+    return nearest;
+  const home = process.env["HOME"] || process.env["USERPROFILE"] || "~";
+  return join(home, ".sandboxes", "sandboxes.db");
+}
+function ensureDir(filePath) {
+  if (isInMemoryDb(filePath))
+    return;
+  const dir = dirname(resolve(filePath));
+  if (!existsSync(dir)) {
+    mkdirSync(dir, { recursive: true });
+  }
+}
+var MIGRATIONS = [
+  `
+  CREATE TABLE IF NOT EXISTS projects (
+    id TEXT PRIMARY KEY,
+    name TEXT NOT NULL,
+    path TEXT UNIQUE NOT NULL,
+    description TEXT,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+  );
+
+  CREATE TABLE IF NOT EXISTS agents (
+    id TEXT PRIMARY KEY,
+    name TEXT NOT NULL UNIQUE,
+    description TEXT,
+    metadata TEXT DEFAULT '{}',
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    last_seen_at TEXT NOT NULL DEFAULT (datetime('now'))
+  );
+  CREATE INDEX IF NOT EXISTS idx_agents_name ON agents(name);
+
+  CREATE TABLE IF NOT EXISTS sandboxes (
+    id TEXT PRIMARY KEY,
+    provider TEXT NOT NULL CHECK(provider IN ('e2b', 'daytona', 'modal')),
+    provider_sandbox_id TEXT,
+    name TEXT,
+    status TEXT NOT NULL DEFAULT 'creating' CHECK(status IN ('creating', 'running', 'paused', 'stopped', 'deleted', 'error')),
+    image TEXT,
+    timeout INTEGER DEFAULT 3600,
+    config TEXT DEFAULT '{}',
+    env_vars TEXT DEFAULT '{}',
+    keep_alive_until TEXT,
+    project_id TEXT REFERENCES projects(id) ON DELETE SET NULL,
+    created_at TEXT NOT NULL DEFAULT (datetime('now')),
+    updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+  );
+  CREATE INDEX IF NOT EXISTS idx_sandboxes_status ON sandboxes(status);
+  CREATE INDEX IF NOT EXISTS idx_sandboxes_provider ON sandboxes(provider);
+  CREATE INDEX IF NOT EXISTS idx_sandboxes_project ON sandboxes(project_id);
+
+  CREATE TABLE IF NOT EXISTS sandbox_sessions (
+    id TEXT PRIMARY KEY,
+    sandbox_id TEXT NOT NULL REFERENCES sandboxes(id) ON DELETE CASCADE,
+    agent_name TEXT,
+    agent_type TEXT CHECK(agent_type IN ('claude', 'codex', 'gemini', 'custom')),
+    command TEXT,
+    status TEXT NOT NULL DEFAULT 'running' CHECK(status IN ('running', 'completed', 'failed', 'killed')),
+    exit_code INTEGER,
+    started_at TEXT NOT NULL DEFAULT (datetime('now')),
+    ended_at TEXT
+  );
+  CREATE INDEX IF NOT EXISTS idx_sessions_sandbox ON sandbox_sessions(sandbox_id);
+  CREATE INDEX IF NOT EXISTS idx_sessions_status ON sandbox_sessions(status);
+
+  CREATE TABLE IF NOT EXISTS sandbox_events (
+    id TEXT PRIMARY KEY,
+    sandbox_id TEXT NOT NULL REFERENCES sandboxes(id) ON DELETE CASCADE,
+    session_id TEXT REFERENCES sandbox_sessions(id) ON DELETE CASCADE,
+    type TEXT NOT NULL CHECK(type IN ('stdout', 'stderr', 'lifecycle', 'agent')),
+    data TEXT,
+    created_at TEXT NOT NULL DEFAULT (datetime('now'))
+  );
+  CREATE INDEX IF NOT EXISTS idx_events_sandbox ON sandbox_events(sandbox_id);
+  CREATE INDEX IF NOT EXISTS idx_events_session ON sandbox_events(session_id);
+  CREATE INDEX IF NOT EXISTS idx_events_type ON sandbox_events(type);
+
+  CREATE TABLE IF NOT EXISTS webhooks (
+    id TEXT PRIMARY KEY,
+    url TEXT NOT NULL,
+    events TEXT NOT NULL DEFAULT '[]',
+    secret TEXT,
+    active INTEGER NOT NULL DEFAULT 1,
+    created_at TEXT NOT NULL DEFAULT (datetime('now'))
+  );
+
+  CREATE TABLE IF NOT EXISTS _migrations (
+    id INTEGER PRIMARY KEY,
+    applied_at TEXT NOT NULL DEFAULT (datetime('now'))
+  );
+
+  INSERT OR IGNORE INTO _migrations (id) VALUES (1);
+  `
+];
+var db = null;
+function runMigrations(database) {
+  database.exec("CREATE TABLE IF NOT EXISTS _migrations (id INTEGER PRIMARY KEY, applied_at TEXT NOT NULL DEFAULT (datetime('now')))");
+  const applied = new Set(database.query("SELECT id FROM _migrations").all().map((r) => r.id));
+  for (let i = 0;i < MIGRATIONS.length; i++) {
+    const migrationId = i + 1;
+    if (!applied.has(migrationId)) {
+      database.exec(MIGRATIONS[i]);
+    }
+  }
+}
+function getDatabase() {
+  if (db)
+    return db;
+  const dbPath = getDbPath();
+  ensureDir(dbPath);
+  db = new Database(dbPath);
+  db.exec("PRAGMA journal_mode = WAL");
+  db.exec("PRAGMA foreign_keys = ON");
+  runMigrations(db);
+  return db;
+}
+function uuid() {
+  return randomUUID();
+}
+function now() {
+  return new Date().toISOString().replace("T", " ").replace("Z", "");
+}
+function resolvePartialId(table, partialId) {
+  const database = getDatabase();
+  const rows = database.query(`SELECT id FROM ${table} WHERE id LIKE ? || '%'`).all(partialId);
+  if (rows.length === 1)
+    return rows[0].id;
+  if (rows.length === 0)
+    return null;
+  const exact = rows.find((r) => r.id === partialId);
+  if (exact)
+    return exact.id;
+  return null;
+}
+
+// src/db/sandboxes.ts
+init_types();
+function rowToSandbox(row) {
+  return {
+    id: row.id,
+    provider: row.provider,
+    provider_sandbox_id: row.provider_sandbox_id,
+    name: row.name,
+    status: row.status,
+    image: row.image,
+    timeout: row.timeout,
+    config: JSON.parse(row.config),
+    env_vars: JSON.parse(row.env_vars),
+    keep_alive_until: row.keep_alive_until,
+    project_id: row.project_id,
+    created_at: row.created_at,
+    updated_at: row.updated_at
+  };
+}
+function createSandbox(input) {
+  const db2 = getDatabase();
+  const id = uuid();
+  const timestamp = now();
+  const provider = input.provider ?? "e2b";
+  const name = input.name ?? null;
+  const image = input.image ?? null;
+  const timeout = input.timeout ?? 3600;
+  const config = JSON.stringify(input.config ?? {});
+  const env_vars = JSON.stringify(input.env_vars ?? {});
+  const project_id = input.project_id ?? null;
+  db2.query(`INSERT INTO sandboxes (id, provider, name, status, image, timeout, config, env_vars, project_id, created_at, updated_at)
+     VALUES (?, ?, ?, 'creating', ?, ?, ?, ?, ?, ?, ?)`).run(id, provider, name, image, timeout, config, env_vars, project_id, timestamp, timestamp);
+  return getSandbox(id);
+}
+function getSandbox(id) {
+  const db2 = getDatabase();
+  const resolvedId = resolvePartialId("sandboxes", id);
+  if (!resolvedId)
+    throw new SandboxNotFoundError(id);
+  const row = db2.query("SELECT * FROM sandboxes WHERE id = ?").get(resolvedId);
+  if (!row)
+    throw new SandboxNotFoundError(id);
+  return rowToSandbox(row);
+}
+function listSandboxes(opts) {
+  const db2 = getDatabase();
+  const conditions = [];
+  const params = [];
+  if (opts?.status) {
+    conditions.push("status = ?");
+    params.push(opts.status);
+  }
+  if (opts?.provider) {
+    conditions.push("provider = ?");
+    params.push(opts.provider);
+  }
+  if (opts?.project_id) {
+    conditions.push("project_id = ?");
+    params.push(opts.project_id);
+  }
+  const where = conditions.length > 0 ? ` WHERE ${conditions.join(" AND ")}` : "";
+  const rows = db2.query(`SELECT * FROM sandboxes${where} ORDER BY created_at DESC`).all(...params);
+  return rows.map(rowToSandbox);
+}
+function updateSandbox(id, updates) {
+  const db2 = getDatabase();
+  const resolvedId = resolvePartialId("sandboxes", id);
+  if (!resolvedId)
+    throw new SandboxNotFoundError(id);
+  const setClauses = [];
+  const params = [];
+  if (updates.status !== undefined) {
+    setClauses.push("status = ?");
+    params.push(updates.status);
+  }
+  if (updates.provider_sandbox_id !== undefined) {
+    setClauses.push("provider_sandbox_id = ?");
+    params.push(updates.provider_sandbox_id);
+  }
+  if (updates.name !== undefined) {
+    setClauses.push("name = ?");
+    params.push(updates.name);
+  }
+  if (updates.image !== undefined) {
+    setClauses.push("image = ?");
+    params.push(updates.image);
+  }
+  if (updates.timeout !== undefined) {
+    setClauses.push("timeout = ?");
+    params.push(updates.timeout);
+  }
+  if (updates.config !== undefined) {
+    setClauses.push("config = ?");
+    params.push(JSON.stringify(updates.config));
+  }
+  if (updates.env_vars !== undefined) {
+    setClauses.push("env_vars = ?");
+    params.push(JSON.stringify(updates.env_vars));
+  }
+  if (updates.keep_alive_until !== undefined) {
+    setClauses.push("keep_alive_until = ?");
+    params.push(updates.keep_alive_until);
+  }
+  if (setClauses.length === 0) {
+    return getSandbox(resolvedId);
+  }
+  setClauses.push("updated_at = ?");
+  params.push(now());
+  params.push(resolvedId);
+  db2.query(`UPDATE sandboxes SET ${setClauses.join(", ")} WHERE id = ?`).run(...params);
+  return getSandbox(resolvedId);
+}
+function deleteSandbox(id) {
+  const db2 = getDatabase();
+  const resolvedId = resolvePartialId("sandboxes", id);
+  if (!resolvedId)
+    throw new SandboxNotFoundError(id);
+  db2.query("DELETE FROM sandboxes WHERE id = ?").run(resolvedId);
+}
+
+// src/db/sessions.ts
+init_types();
+function rowToSession(row) {
+  return {
+    ...row,
+    agent_type: row.agent_type,
+    status: row.status
+  };
+}
+function createSession(input) {
+  const db2 = getDatabase();
+  const id = uuid();
+  const startedAt = now();
+  db2.query(`INSERT INTO sandbox_sessions (id, sandbox_id, agent_name, agent_type, command, status, started_at)
+     VALUES (?, ?, ?, ?, ?, 'running', ?)`).run(id, input.sandbox_id, input.agent_name ?? null, input.agent_type ?? null, input.command ?? null, startedAt);
+  return getSession(id);
+}
+function getSession(id) {
+  const db2 = getDatabase();
+  const resolvedId = resolvePartialId("sandbox_sessions", id) ?? id;
+  const row = db2.query("SELECT * FROM sandbox_sessions WHERE id = ?").get(resolvedId);
+  if (!row)
+    throw new SessionNotFoundError(id);
+  return rowToSession(row);
+}
+function listSessions(opts) {
+  const db2 = getDatabase();
+  const conditions = [];
+  const params = [];
+  if (opts?.sandbox_id) {
+    conditions.push("sandbox_id = ?");
+    params.push(opts.sandbox_id);
+  }
+  if (opts?.status) {
+    conditions.push("status = ?");
+    params.push(opts.status);
+  }
+  const where = conditions.length > 0 ? `WHERE ${conditions.join(" AND ")}` : "";
+  const rows = db2.query(`SELECT * FROM sandbox_sessions ${where} ORDER BY started_at DESC`).all(...params);
+  return rows.map(rowToSession);
+}
+function endSession(id, exit_code, status) {
+  const session = getSession(id);
+  const endedAt = now();
+  const finalStatus = status ?? "completed";
+  const db2 = getDatabase();
+  db2.query(`UPDATE sandbox_sessions SET status = ?, exit_code = ?, ended_at = ? WHERE id = ?`).run(finalStatus, exit_code, endedAt, session.id);
+  return getSession(session.id);
+}
+
+// src/db/events.ts
+function rowToEvent(row) {
+  return {
+    id: row.id,
+    sandbox_id: row.sandbox_id,
+    session_id: row.session_id,
+    type: row.type,
+    data: row.data,
+    created_at: row.created_at
+  };
+}
+function addEvent(input) {
+  const db2 = getDatabase();
+  const id = uuid();
+  db2.query(`INSERT INTO sandbox_events (id, sandbox_id, session_id, type, data)
+     VALUES (?, ?, ?, ?, ?)`).run(id, input.sandbox_id, input.session_id ?? null, input.type, input.data ?? null);
+  const row = db2.query("SELECT * FROM sandbox_events WHERE id = ?").get(id);
+  return rowToEvent(row);
+}
+function listEvents(opts) {
+  const db2 = getDatabase();
+  const conditions = [];
+  const params = [];
+  if (opts?.sandbox_id) {
+    conditions.push("sandbox_id = ?");
+    params.push(opts.sandbox_id);
+  }
+  if (opts?.session_id) {
+    conditions.push("session_id = ?");
+    params.push(opts.session_id);
+  }
+  if (opts?.type) {
+    conditions.push("type = ?");
+    params.push(opts.type);
+  }
+  const where = conditions.length > 0 ? ` WHERE ${conditions.join(" AND ")}` : "";
+  const limit = opts?.limit ?? 100;
+  const offset = opts?.offset ?? 0;
+  const rows = db2.query(`SELECT * FROM sandbox_events${where} ORDER BY created_at ASC LIMIT ? OFFSET ?`).all(...[...params, limit, offset]);
+  return rows.map(rowToEvent);
+}
+
+// src/db/agents.ts
+init_types();
+function rowToAgent(row) {
+  return {
+    id: row.id,
+    name: row.name,
+    description: row.description,
+    metadata: JSON.parse(row.metadata),
+    created_at: row.created_at,
+    last_seen_at: row.last_seen_at
+  };
+}
+function registerAgent(input) {
+  const db2 = getDatabase();
+  const timestamp = now();
+  const existing = getAgentByName(input.name);
+  if (existing) {
+    db2.query("UPDATE agents SET last_seen_at = ? WHERE id = ?").run(timestamp, existing.id);
+    return getAgent(existing.id);
+  }
+  const id = uuid();
+  const description = input.description ?? null;
+  db2.query(`INSERT OR IGNORE INTO agents (id, name, description, metadata, created_at, last_seen_at)
+     VALUES (?, ?, ?, '{}', ?, ?)`).run(id, input.name, description, timestamp, timestamp);
+  return getAgent(id);
+}
+function getAgent(id) {
+  const db2 = getDatabase();
+  const resolvedId = resolvePartialId("agents", id);
+  if (!resolvedId)
+    throw new AgentNotFoundError(id);
+  const row = db2.query("SELECT * FROM agents WHERE id = ?").get(resolvedId);
+  if (!row)
+    throw new AgentNotFoundError(id);
+  return rowToAgent(row);
+}
+function getAgentByName(name) {
+  const db2 = getDatabase();
+  const row = db2.query("SELECT * FROM agents WHERE name = ?").get(name);
+  if (!row)
+    return null;
+  return rowToAgent(row);
+}
+function listAgents() {
+  const db2 = getDatabase();
+  const rows = db2.query("SELECT * FROM agents ORDER BY last_seen_at DESC").all();
+  return rows.map(rowToAgent);
+}
+
+// src/db/projects.ts
+init_types();
+function rowToProject(row) {
+  return {
+    id: row.id,
+    name: row.name,
+    path: row.path,
+    description: row.description,
+    created_at: row.created_at,
+    updated_at: row.updated_at
+  };
+}
+function createProject(input) {
+  const db2 = getDatabase();
+  const id = uuid();
+  const timestamp = now();
+  const description = input.description ?? null;
+  db2.query(`INSERT INTO projects (id, name, path, description, created_at, updated_at)
+     VALUES (?, ?, ?, ?, ?, ?)`).run(id, input.name, input.path, description, timestamp, timestamp);
+  return getProject(id);
+}
+function getProject(id) {
+  const db2 = getDatabase();
+  const resolvedId = resolvePartialId("projects", id);
+  if (!resolvedId)
+    throw new ProjectNotFoundError(id);
+  const row = db2.query("SELECT * FROM projects WHERE id = ?").get(resolvedId);
+  if (!row)
+    throw new ProjectNotFoundError(id);
+  return rowToProject(row);
+}
+function getProjectByPath(path) {
+  const db2 = getDatabase();
+  const row = db2.query("SELECT * FROM projects WHERE path = ?").get(path);
+  if (!row)
+    return null;
+  return rowToProject(row);
+}
+function listProjects() {
+  const db2 = getDatabase();
+  const rows = db2.query("SELECT * FROM projects ORDER BY created_at DESC").all();
+  return rows.map(rowToProject);
+}
+function ensureProject(name, path) {
+  const existing = getProjectByPath(path);
+  if (existing)
+    return existing;
+  return createProject({ name, path });
+}
+
+// src/db/webhooks.ts
+import { randomBytes } from "crypto";
+init_types();
+function rowToWebhook(row) {
+  return {
+    id: row.id,
+    url: row.url,
+    events: JSON.parse(row.events),
+    secret: row.secret,
+    active: row.active === 1,
+    created_at: row.created_at
+  };
+}
+function createWebhook(input) {
+  const db2 = getDatabase();
+  const id = uuid();
+  const timestamp = now();
+  const events = JSON.stringify(input.events ?? []);
+  const secret = input.secret ?? randomBytes(32).toString("hex");
+  db2.query(`INSERT INTO webhooks (id, url, events, secret, active, created_at)
+     VALUES (?, ?, ?, ?, 1, ?)`).run(id, input.url, events, secret, timestamp);
+  return getWebhook(id);
+}
+function getWebhook(id) {
+  const db2 = getDatabase();
+  const resolvedId = resolvePartialId("webhooks", id);
+  if (!resolvedId)
+    throw new WebhookNotFoundError(id);
+  const row = db2.query("SELECT * FROM webhooks WHERE id = ?").get(resolvedId);
+  if (!row)
+    throw new WebhookNotFoundError(id);
+  return rowToWebhook(row);
+}
+function listWebhooks() {
+  const db2 = getDatabase();
+  const rows = db2.query("SELECT * FROM webhooks ORDER BY created_at DESC").all();
+  return rows.map(rowToWebhook);
+}
+function deleteWebhook(id) {
+  const db2 = getDatabase();
+  const resolvedId = resolvePartialId("webhooks", id);
+  if (!resolvedId)
+    throw new WebhookNotFoundError(id);
+  db2.query("DELETE FROM webhooks WHERE id = ?").run(resolvedId);
+}
+
+// src/providers/index.ts
+init_types();
+
+// src/lib/config.ts
+import { existsSync as existsSync2, readFileSync, writeFileSync, mkdirSync as mkdirSync2 } from "fs";
+import { dirname as dirname2, join as join2 } from "path";
+var ENV_KEYS = {
+  e2b: "E2B_API_KEY",
+  daytona: "DAYTONA_API_KEY",
+  modal: "MODAL_TOKEN_ID"
+};
+function getConfigPath() {
+  const home = process.env["HOME"] || process.env["USERPROFILE"] || "~";
+  return join2(home, ".sandboxes", "config.json");
+}
+function loadConfig() {
+  const configPath = getConfigPath();
+  if (!existsSync2(configPath))
+    return {};
+  try {
+    const raw = readFileSync(configPath, "utf-8");
+    return JSON.parse(raw);
+  } catch {
+    return {};
+  }
+}
+function getDefaultProvider() {
+  const config = loadConfig();
+  return config.default_provider || "e2b";
+}
+function getDefaultTimeout() {
+  const config = loadConfig();
+  return config.default_timeout || 3600;
+}
+function getProviderApiKey(provider) {
+  const config = loadConfig();
+  const providerConfig = config.providers?.[provider];
+  if (providerConfig?.api_key)
+    return providerConfig.api_key;
+  const envKey = ENV_KEYS[provider];
+  if (envKey)
+    return process.env[envKey];
+  return;
+}
+
+// src/providers/index.ts
+var providerCache = new Map;
+async function getProvider(name, apiKey) {
+  const key = apiKey || getProviderApiKey(name);
+  const cacheKey = `${name}:${key || "default"}`;
+  const cached = providerCache.get(cacheKey);
+  if (cached)
+    return cached;
+  let provider;
+  switch (name) {
+    case "e2b": {
+      if (!key)
+        throw new ProviderError("e2b", "API key required. Set E2B_API_KEY or configure via `sandboxes config set providers.e2b.api_key <key>`");
+      const { E2BProvider: E2BProvider2 } = await Promise.resolve().then(() => (init_e2b(), exports_e2b));
+      provider = new E2BProvider2(key);
+      break;
+    }
+    case "daytona": {
+      if (!key)
+        throw new ProviderError("daytona", "API key required. Set DAYTONA_API_KEY or configure via `sandboxes config set providers.daytona.api_key <key>`");
+      const { DaytonaProvider: DaytonaProvider2 } = await Promise.resolve().then(() => (init_daytona(), exports_daytona));
+      provider = new DaytonaProvider2(key);
+      break;
+    }
+    case "modal": {
+      const { ModalProvider: ModalProvider2 } = await Promise.resolve().then(() => (init_modal(), exports_modal));
+      provider = new ModalProvider2(key);
+      break;
+    }
+    default:
+      throw new ProviderError(name, `Unknown provider: ${name}`);
+  }
+  providerCache.set(cacheKey, provider);
+  return provider;
+}
+
+// src/lib/stream.ts
+var listeners = new Map;
+function addStreamListener(sandboxId, listener) {
+  if (!listeners.has(sandboxId)) {
+    listeners.set(sandboxId, new Set);
+  }
+  listeners.get(sandboxId).add(listener);
+  return () => {
+    listeners.get(sandboxId)?.delete(listener);
+    if (listeners.get(sandboxId)?.size === 0) {
+      listeners.delete(sandboxId);
+    }
+  };
+}
+function notifyListeners(sandboxId, type, data) {
+  const sandboxListeners = listeners.get(sandboxId);
+  if (sandboxListeners) {
+    for (const listener of sandboxListeners) {
+      try {
+        listener(type, data);
+      } catch {}
+    }
+  }
+}
+function createStreamCollector(sandboxId, sessionId) {
+  let stdout = "";
+  let stderr = "";
+  return {
+    onStdout: (data) => {
+      stdout += data;
+      addEvent({
+        sandbox_id: sandboxId,
+        session_id: sessionId,
+        type: "stdout",
+        data
+      });
+      notifyListeners(sandboxId, "stdout", data);
+    },
+    onStderr: (data) => {
+      stderr += data;
+      addEvent({
+        sandbox_id: sandboxId,
+        session_id: sessionId,
+        type: "stderr",
+        data
+      });
+      notifyListeners(sandboxId, "stderr", data);
+    },
+    getOutput: () => ({ stdout, stderr })
+  };
+}
+function emitLifecycleEvent(sandboxId, message) {
+  addEvent({
+    sandbox_id: sandboxId,
+    type: "lifecycle",
+    data: message
+  });
+  notifyListeners(sandboxId, "lifecycle", message);
+}
+
+// src/server/serve.ts
+function json(data, status = 200) {
+  return new Response(JSON.stringify(data), {
+    status,
+    headers: {
+      "Content-Type": "application/json",
+      "Access-Control-Allow-Origin": "*",
+      "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
+      "Access-Control-Allow-Headers": "Content-Type"
+    }
+  });
+}
+function error(message, status = 400) {
+  return json({ error: message }, status);
+}
+async function body(req) {
+  return await req.json();
+}
+function matchRoute(pathname, method, pattern, expectedMethod) {
+  if (method !== expectedMethod)
+    return null;
+  const patternParts = pattern.split("/");
+  const pathParts = pathname.split("/");
+  if (patternParts.length !== pathParts.length)
+    return null;
+  const params = {};
+  for (let i = 0;i < patternParts.length; i++) {
+    const pp = patternParts[i];
+    const pathPart = pathParts[i];
+    if (pp.startsWith(":")) {
+      params[pp.slice(1)] = pathPart;
+    } else if (pp !== pathPart) {
+      return null;
+    }
+  }
+  return params;
+}
+async function handleRequest(req) {
+  const url = new URL(req.url);
+  const { pathname } = url;
+  const method = req.method;
+  if (method === "OPTIONS") {
+    return json({ ok: true });
+  }
+  if (pathname === "/api/health" && method === "GET") {
+    return json({ status: "ok", version: "0.1.0" });
+  }
+  if (pathname === "/api/sandboxes" && method === "GET") {
+    const status = url.searchParams.get("status") || undefined;
+    const provider = url.searchParams.get("provider") || undefined;
+    const result = listSandboxes({
+      status,
+      provider
+    });
+    return json(result);
+  }
+  if (pathname === "/api/sandboxes" && method === "POST") {
+    try {
+      const input = await body(req);
+      const providerName = input.provider || getDefaultProvider();
+      const timeout = input.timeout || getDefaultTimeout();
+      const sandbox = createSandbox({ ...input, provider: providerName, timeout });
+      const provider = await getProvider(providerName);
+      const providerSandbox = await provider.create({
+        image: input.image,
+        timeout,
+        envVars: input.env_vars
+      });
+      const updated = updateSandbox(sandbox.id, {
+        provider_sandbox_id: providerSandbox.id,
+        status: "running"
+      });
+      emitLifecycleEvent(sandbox.id, `Sandbox created with provider ${providerName}`);
+      return json(updated, 201);
+    } catch (err) {
+      return error(err.message, 500);
+    }
+  }
+  let params = matchRoute(pathname, method, "/api/sandboxes/:id", "GET");
+  if (params) {
+    try {
+      return json(getSandbox(params["id"]));
+    } catch (err) {
+      return error(err.message, 404);
+    }
+  }
+  params = matchRoute(pathname, method, "/api/sandboxes/:id", "DELETE");
+  if (params) {
+    try {
+      const sandbox = getSandbox(params["id"]);
+      if (sandbox.provider_sandbox_id) {
+        const provider = await getProvider(sandbox.provider);
+        await provider.delete(sandbox.provider_sandbox_id);
+      }
+      deleteSandbox(sandbox.id);
+      emitLifecycleEvent(sandbox.id, "Sandbox deleted");
+      return json({ ok: true });
+    } catch (err) {
+      return error(err.message, 500);
+    }
+  }
+  params = matchRoute(pathname, method, "/api/sandboxes/:id/stop", "POST");
+  if (params) {
+    try {
+      const sandbox = getSandbox(params["id"]);
+      if (sandbox.provider_sandbox_id) {
+        const provider = await getProvider(sandbox.provider);
+        await provider.stop(sandbox.provider_sandbox_id);
+      }
+      const updated = updateSandbox(sandbox.id, { status: "stopped" });
+      emitLifecycleEvent(sandbox.id, "Sandbox stopped");
+      return json(updated);
+    } catch (err) {
+      return error(err.message, 500);
+    }
+  }
+  params = matchRoute(pathname, method, "/api/sandboxes/:id/exec", "POST");
+  if (params) {
+    try {
+      const sandbox = getSandbox(params["id"]);
+      if (!sandbox.provider_sandbox_id) {
+        return error("Sandbox has no provider instance", 400);
+      }
+      const { command } = await body(req);
+      const session = createSession({ sandbox_id: sandbox.id, command });
+      const collector = createStreamCollector(sandbox.id, session.id);
+      const provider = await getProvider(sandbox.provider);
+      const result = await provider.exec(sandbox.provider_sandbox_id, command, {
+        onStdout: collector.onStdout,
+        onStderr: collector.onStderr
+      });
+      if ("exit_code" in result) {
+        endSession(session.id, result.exit_code);
+        return json({ session_id: session.id, ...result });
+      }
+      return json({ session_id: session.id, status: "running" });
+    } catch (err) {
+      return error(err.message, 500);
+    }
+  }
+  params = matchRoute(pathname, method, "/api/sandboxes/:id/keep-alive", "POST");
+  if (params) {
+    try {
+      const sandbox = getSandbox(params["id"]);
+      if (!sandbox.provider_sandbox_id) {
+        return error("Sandbox has no provider instance", 400);
+      }
+      const { duration_seconds } = await body(req);
+      const provider = await getProvider(sandbox.provider);
+      await provider.keepAlive(sandbox.provider_sandbox_id, (duration_seconds || 300) * 1000);
+      return json({ ok: true });
+    } catch (err) {
+      return error(err.message, 500);
+    }
+  }
+  params = matchRoute(pathname, method, "/api/sandboxes/:id/logs", "GET");
+  if (params) {
+    const sessionId = url.searchParams.get("session_id") || undefined;
+    const limit = parseInt(url.searchParams.get("limit") || "100", 10);
+    const events = listEvents({
+      sandbox_id: params["id"],
+      session_id: sessionId,
+      limit
+    });
+    return json(events);
+  }
+  params = matchRoute(pathname, method, "/api/sandboxes/:id/sessions", "GET");
+  if (params) {
+    const sessions = listSessions({ sandbox_id: params["id"] });
+    return json(sessions);
+  }
+  params = matchRoute(pathname, method, "/api/sandboxes/:id/files", "GET");
+  if (params) {
+    try {
+      const sandbox = getSandbox(params["id"]);
+      if (!sandbox.provider_sandbox_id)
+        return error("No provider instance", 400);
+      const path = url.searchParams.get("path") || "/";
+      const provider = await getProvider(sandbox.provider);
+      const files = await provider.listFiles(sandbox.provider_sandbox_id, path);
+      return json(files);
+    } catch (err) {
+      return error(err.message, 500);
+    }
+  }
+  if (pathname === "/api/agents" && method === "GET") {
+    return json(listAgents());
+  }
+  if (pathname === "/api/agents" && method === "POST") {
+    try {
+      const input = await body(req);
+      return json(registerAgent(input), 201);
+    } catch (err) {
+      return error(err.message, 500);
+    }
+  }
+  if (pathname === "/api/projects" && method === "GET") {
+    return json(listProjects());
+  }
+  if (pathname === "/api/projects" && method === "POST") {
+    try {
+      const input = await body(req);
+      return json(ensureProject(input.name, input.path), 201);
+    } catch (err) {
+      return error(err.message, 500);
+    }
+  }
+  if (pathname === "/api/webhooks" && method === "GET") {
+    return json(listWebhooks());
+  }
+  if (pathname === "/api/webhooks" && method === "POST") {
+    try {
+      const input = await body(req);
+      return json(createWebhook(input), 201);
+    } catch (err) {
+      return error(err.message, 500);
+    }
+  }
+  params = matchRoute(pathname, method, "/api/webhooks/:id", "DELETE");
+  if (params) {
+    try {
+      deleteWebhook(params["id"]);
+      return json({ ok: true });
+    } catch (err) {
+      return error(err.message, 500);
+    }
+  }
+  params = matchRoute(pathname, method, "/api/sandboxes/:id/stream", "GET");
+  if (params) {
+    try {
+      const sandbox = getSandbox(params["id"]);
+      const stream = new ReadableStream({
+        start(controller) {
+          const encoder = new TextEncoder;
+          const send = (type, data) => {
+            controller.enqueue(encoder.encode(`event: ${type}
+data: ${JSON.stringify(data)}
+
+`));
+          };
+          const removeListener = addStreamListener(sandbox.id, (type, data) => {
+            send(type, data);
+          });
+          const heartbeat = setInterval(() => {
+            controller.enqueue(encoder.encode(`: heartbeat
+
+`));
+          }, 30000);
+          const cleanup = () => {
+            removeListener();
+            clearInterval(heartbeat);
+          };
+          setTimeout(() => {
+            cleanup();
+            try {
+              controller.close();
+            } catch {}
+          }, 3600000);
+        }
+      });
+      return new Response(stream, {
+        headers: {
+          "Content-Type": "text/event-stream",
+          "Cache-Control": "no-cache",
+          Connection: "keep-alive",
+          "Access-Control-Allow-Origin": "*"
+        }
+      });
+    } catch (err) {
+      return error(err.message, 404);
+    }
+  }
+  return error("Not found", 404);
+}
+function startServer(port) {
+  const server = Bun.serve({
+    port,
+    fetch: handleRequest
+  });
+  console.log(`sandboxes-serve listening on http://localhost:${server.port}`);
+}
+
+// src/server/index.ts
+var { values } = parseArgs({
+  args: process.argv.slice(2),
+  options: {
+    port: { type: "string", short: "p", default: "19430" }
+  }
+});
+var port = parseInt(values.port || "19430", 10);
+startServer(port);