@isol8/core 0.14.6 → 0.15.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +16 -0
- package/dist/client/remote.d.ts +14 -1
- package/dist/client/remote.d.ts.map +1 -1
- package/dist/engine/docker.d.ts +3 -5
- package/dist/engine/docker.d.ts.map +1 -1
- package/dist/engine/managers/execution-manager.d.ts +23 -0
- package/dist/engine/managers/execution-manager.d.ts.map +1 -0
- package/dist/engine/managers/index.d.ts +7 -0
- package/dist/engine/managers/index.d.ts.map +1 -0
- package/dist/engine/managers/network-manager.d.ts +15 -0
- package/dist/engine/managers/network-manager.d.ts.map +1 -0
- package/dist/engine/managers/volume-manager.d.ts +17 -0
- package/dist/engine/managers/volume-manager.d.ts.map +1 -0
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +791 -641
- package/dist/index.js.map +9 -6
- package/dist/types.d.ts +25 -1
- package/dist/types.d.ts.map +1 -1
- package/package.json +10 -2
package/README.md
CHANGED
|
@@ -2,6 +2,8 @@
|
|
|
2
2
|
|
|
3
3
|
TypeScript SDK for secure, isolated code execution.
|
|
4
4
|
|
|
5
|
+
**isol8** is a secure execution system for untrusted code (especially LLM/agent-generated code) using sandboxed Docker containers.
|
|
6
|
+
|
|
5
7
|
`@isol8/core` is the engine package behind the isol8 CLI and server.
|
|
6
8
|
|
|
7
9
|
## When To Use
|
|
@@ -20,6 +22,9 @@ Use this package if you want to:
|
|
|
20
22
|
- File APIs (`putFile`, `getFile`) for sandbox sessions
|
|
21
23
|
- Network control with allow/deny filtering
|
|
22
24
|
- Limits for timeout, CPU, memory, PIDs, and output size
|
|
25
|
+
- Built-in secret masking/sanitization in execution paths
|
|
26
|
+
- Container pooling for faster repeat execution
|
|
27
|
+
- Runtime adapter architecture for extensibility
|
|
23
28
|
- Config loader + JSON schema export (`@isol8/core/schema`)
|
|
24
29
|
|
|
25
30
|
## Installation
|
|
@@ -63,6 +68,17 @@ const result = await remote.execute({ code: "console.log(42)", runtime: "node" }
|
|
|
63
68
|
await remote.stop();
|
|
64
69
|
```
|
|
65
70
|
|
|
71
|
+
## Agent/Automation Integration Pattern
|
|
72
|
+
|
|
73
|
+
Use `@isol8/core` when you need programmatic sandbox execution in an agent service:
|
|
74
|
+
1. Start engine (`DockerIsol8` or `RemoteIsol8`).
|
|
75
|
+
2. Execute untrusted code with explicit runtime/limits.
|
|
76
|
+
3. Consume structured result (`stdout`, `stderr`, `exitCode`, `durationMs`).
|
|
77
|
+
4. Optionally stream output using `executeStream`.
|
|
78
|
+
5. Stop engine during shutdown.
|
|
79
|
+
|
|
80
|
+
This keeps agent control logic in your app while isol8 enforces sandbox boundaries.
|
|
81
|
+
|
|
66
82
|
## Main Exports
|
|
67
83
|
|
|
68
84
|
- `DockerIsol8` - local Docker-backed sandbox engine
|
package/dist/client/remote.d.ts
CHANGED
|
@@ -35,6 +35,8 @@ export declare class RemoteIsol8 implements Isol8Engine {
|
|
|
35
35
|
private readonly apiKey;
|
|
36
36
|
private readonly sessionId?;
|
|
37
37
|
private readonly isol8Options?;
|
|
38
|
+
/** Whether WebSocket streaming is available on the server. `null` = unknown. */
|
|
39
|
+
private wsAvailable;
|
|
38
40
|
/**
|
|
39
41
|
* @param options - Connection options (host, API key, session ID).
|
|
40
42
|
* @param isol8Options - Isol8 configuration to send to the server.
|
|
@@ -47,10 +49,21 @@ export declare class RemoteIsol8 implements Isol8Engine {
|
|
|
47
49
|
/** Execute code on the remote server and return the result. */
|
|
48
50
|
execute(req: ExecutionRequest): Promise<ExecutionResult>;
|
|
49
51
|
/**
|
|
50
|
-
* Execute code on the remote server and stream output chunks
|
|
52
|
+
* Execute code on the remote server and stream output chunks.
|
|
53
|
+
* Attempts WebSocket first, falls back to SSE if WebSocket is unavailable.
|
|
51
54
|
* Yields {@link StreamEvent} objects as they arrive from the server.
|
|
52
55
|
*/
|
|
53
56
|
executeStream(req: ExecutionRequest): AsyncIterable<StreamEvent>;
|
|
57
|
+
/**
|
|
58
|
+
* Execute code on the remote server and stream output chunks via WebSocket.
|
|
59
|
+
* @internal
|
|
60
|
+
*/
|
|
61
|
+
private executeStreamWs;
|
|
62
|
+
/**
|
|
63
|
+
* Execute code on the remote server and stream output chunks via SSE.
|
|
64
|
+
* @internal
|
|
65
|
+
*/
|
|
66
|
+
private executeStreamSse;
|
|
54
67
|
/**
|
|
55
68
|
* Upload a file to the remote container (persistent mode only).
|
|
56
69
|
* Content is Base64-encoded for transport.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"remote.d.ts","sourceRoot":"","sources":["../../src/client/remote.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EACV,gBAAgB,EAChB,eAAe,EACf,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,WAAW,
|
|
1
|
+
{"version":3,"file":"remote.d.ts","sourceRoot":"","sources":["../../src/client/remote.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EACV,gBAAgB,EAChB,eAAe,EACf,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,WAAW,EAEZ,MAAM,UAAU,CAAC;AAElB,sDAAsD;AACtD,MAAM,WAAW,kBAAkB;IACjC,qEAAqE;IACrE,IAAI,EAAE,MAAM,CAAC;IACb,+CAA+C;IAC/C,MAAM,EAAE,MAAM,CAAC;IACf,0GAA0G;IAC1G,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;;;;;;;;;;;;;GAcG;AACH,qBAAa,WAAY,YAAW,WAAW;IAC7C,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAS;IAC9B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAS;IACpC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAe;IAC7C,gFAAgF;IAChF,OAAO,CAAC,WAAW,CAAwB;IAE3C;;;OAGG;gBACS,OAAO,EAAE,kBAAkB,EAAE,YAAY,CAAC,EAAE,YAAY;IAOpE,+EAA+E;IACzE,KAAK,CAAC,QAAQ,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAQnD,4EAA4E;IACtE,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAM3B,+DAA+D;IACzD,OAAO,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAkB9D;;;;OAIG;IACI,aAAa,CAAC,GAAG,EAAE,gBAAgB,GAAG,aAAa,CAAC,WAAW,CAAC;IAoBvE;;;OAGG;YACY,eAAe;IA+F9B;;;OAGG;YACY,gBAAgB;IA0D/B;;;OAGG;IACG,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAwBpE,wEAAwE;IAClE,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAgB5C,0EAA0E;YAC5D,KAAK;CAUpB"}
|
package/dist/engine/docker.d.ts
CHANGED
|
@@ -51,6 +51,9 @@ export declare class DockerIsol8 implements Isol8Engine {
|
|
|
51
51
|
private readonly dependencies;
|
|
52
52
|
private readonly auditLogger?;
|
|
53
53
|
private readonly remoteCodePolicy;
|
|
54
|
+
private readonly networkManager;
|
|
55
|
+
private readonly executionManager;
|
|
56
|
+
private readonly volumeManager;
|
|
54
57
|
private container;
|
|
55
58
|
private persistentRuntime;
|
|
56
59
|
private pool;
|
|
@@ -116,16 +119,11 @@ export declare class DockerIsol8 implements Isol8Engine {
|
|
|
116
119
|
private executeEphemeral;
|
|
117
120
|
private executePersistent;
|
|
118
121
|
private retrieveFiles;
|
|
119
|
-
private getFileFromContainer;
|
|
120
122
|
private startPersistentContainer;
|
|
121
123
|
private getAdapter;
|
|
122
124
|
private buildHostConfig;
|
|
123
125
|
private buildSecurityOpts;
|
|
124
126
|
private loadDefaultSeccompProfile;
|
|
125
|
-
private buildEnv;
|
|
126
|
-
private streamExecOutput;
|
|
127
|
-
private collectExecOutput;
|
|
128
|
-
private postProcessOutput;
|
|
129
127
|
/**
|
|
130
128
|
* Remove all isol8 containers (both running and stopped).
|
|
131
129
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"docker.d.ts","sourceRoot":"","sources":["../../src/engine/docker.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;
|
|
1
|
+
{"version":3,"file":"docker.d.ts","sourceRoot":"","sources":["../../src/engine/docker.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,MAAM,MAAM,WAAW,CAAC;AAG/B,OAAO,KAAK,EACV,gBAAgB,EAChB,eAAe,EAEf,WAAW,EAEX,YAAY,EAKZ,YAAY,EACZ,WAAW,EACZ,MAAM,UAAU,CAAC;AAelB,2HAA2H;AAC3H,MAAM,WAAW,kBAAmB,SAAQ,YAAY;IACtD,oFAAoF;IACpF,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;;;;;;;;;;;;GAcG;AACH,qBAAa,WAAY,YAAW,WAAW;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAY;IACjC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAc;IACtC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAsB;IACrD,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAU;IACzC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;IACvC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAyB;IACjD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;IAC1C,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAS;IACxC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAY;IACtC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAiB;IAC1C,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAU;IAClC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAU;IACrC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAoB;IACjD,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAA4C;IACrE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAoB;IACjD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAc;IAC3C,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAmB;IAEpD,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAiB;IAChD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAmB;IACpD,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAgB;IAE9C,OAAO,CAAC,SAAS,CAAiC;IAClD,OAAO,CAAC,iBAAiB,CAA+B;IACxD,OAAO,CAAC,IAAI,CAA8B;IAC1C,OAAO,CAAC,QAAQ,CAAC,UAAU,CAA6B;YAE1C,uBAAuB;IA6BrC;;;OAGG;gBACS,OAAO,GAAE,kBAAuB,EAAE,aAAa,SAAK;IA4DhE;;;;;OAKG;IACG,KAAK,CAAC,OAAO,GAAE,YAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAsCtD,kFAAkF;IAC5E,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAuB3B;;;OAGG;IACG,OAAO,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAgB9D;;OAEG;YACW,WAAW;IAoDzB;;OAEG;YACW,qBAAqB;IA8CnC;;OAEG;YACW,kBAAkB;IA+DhC;;;;;;;OAOG;IACG,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOpE;;;;;;OAMG;IACG,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAQ5C,6GAA6G;IAC7G,IAAI,WAAW,IAAI,MAAM,GAAG,IAAI,CAE/B;IAED;;;OAGG;IACI,aAAa,CAAC,GAAG,EAAE,gBAAgB,GAAG,aAAa,CAAC,WAAW,CAAC;YAuGzD,YAAY;IAkE1B,OAAO,CAAC,UAAU;YA2BJ,gBAAgB;YA6KhB,iBAAiB;YA2IjB,aAAa;YAOb,wBAAwB;IA+BtC,OAAO,CAAC,UAAU;IAIlB,OAAO,CAAC,eAAe;IA2BvB,OAAO,CAAC,iBAAiB;IA+BzB,OAAO,CAAC,yBAAyB;IA6BjC;;;;;;;;;;;;;;;;;;;;OAoBG;WACU,OAAO,CAClB,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;IA0BjE;;;;;OAKG;WACU,aAAa,CACxB,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;CA2BlE"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import type Docker from "dockerode";
|
|
2
|
+
import type { NetworkFilterConfig, Runtime, StreamEvent } from "../../types";
|
|
3
|
+
export interface ExecutionManagerOptions {
|
|
4
|
+
secrets: Record<string, string>;
|
|
5
|
+
maxOutputSize: number;
|
|
6
|
+
}
|
|
7
|
+
export declare class ExecutionManager {
|
|
8
|
+
private readonly secrets;
|
|
9
|
+
private readonly maxOutputSize;
|
|
10
|
+
constructor(options: ExecutionManagerOptions);
|
|
11
|
+
wrapWithTimeout(cmd: string[], timeoutSec: number): string[];
|
|
12
|
+
getInstallCommand(runtime: Runtime, packages: string[]): string[];
|
|
13
|
+
installPackages(container: Docker.Container, runtime: Runtime, packages: string[], timeoutMs: number): Promise<void>;
|
|
14
|
+
streamExecOutput(stream: NodeJS.ReadableStream, exec: Docker.Exec, container: Docker.Container, timeoutMs: number): AsyncGenerator<StreamEvent>;
|
|
15
|
+
collectExecOutput(stream: NodeJS.ReadableStream, container: Docker.Container, timeoutMs: number): Promise<{
|
|
16
|
+
stdout: string;
|
|
17
|
+
stderr: string;
|
|
18
|
+
truncated: boolean;
|
|
19
|
+
}>;
|
|
20
|
+
postProcessOutput(output: string, _truncated: boolean): string;
|
|
21
|
+
buildEnv(extra?: Record<string, string>, proxyPort?: number, networkMode?: string, networkFilter?: NetworkFilterConfig): string[];
|
|
22
|
+
}
|
|
23
|
+
//# sourceMappingURL=execution-manager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"execution-manager.d.ts","sourceRoot":"","sources":["../../../src/engine/managers/execution-manager.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,MAAM,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,EAAE,mBAAmB,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAI7E,MAAM,WAAW,uBAAuB;IACtC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAyB;IACjD,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;gBAE3B,OAAO,EAAE,uBAAuB;IAK5C,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM,EAAE;IAI5D,iBAAiB,CAAC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE;IA6B3D,eAAe,CACnB,SAAS,EAAE,MAAM,CAAC,SAAS,EAC3B,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,MAAM,EAAE,EAClB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,IAAI,CAAC;IA0ET,gBAAgB,CACrB,MAAM,EAAE,MAAM,CAAC,cAAc,EAC7B,IAAI,EAAE,MAAM,CAAC,IAAI,EACjB,SAAS,EAAE,MAAM,CAAC,SAAS,EAC3B,SAAS,EAAE,MAAM,GAChB,cAAc,CAAC,WAAW,CAAC;IAuExB,iBAAiB,CACrB,MAAM,EAAE,MAAM,CAAC,cAAc,EAC7B,SAAS,EAAE,MAAM,CAAC,SAAS,EAC3B,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,OAAO,CAAA;KAAE,CAAC;IAwFlE,iBAAiB,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,GAAG,MAAM;IAQ9D,QAAQ,CACN,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EAC9B,SAAS,CAAC,EAAE,MAAM,EAClB,WAAW,CAAC,EAAE,MAAM,EACpB,aAAa,CAAC,EAAE,mBAAmB,GAClC,MAAM,EAAE;CAmCZ"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
export type { ExecutionManagerOptions } from "./execution-manager.js";
|
|
2
|
+
export { ExecutionManager } from "./execution-manager.js";
|
|
3
|
+
export type { NetworkManagerOptions } from "./network-manager.js";
|
|
4
|
+
export { NetworkManager } from "./network-manager.js";
|
|
5
|
+
export type { VolumeManagerOptions } from "./volume-manager.js";
|
|
6
|
+
export { VolumeManager } from "./volume-manager.js";
|
|
7
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/engine/managers/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,uBAAuB,EAAE,MAAM,wBAAwB,CAAC;AACtE,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAC1D,YAAY,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAClE,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,YAAY,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import type Docker from "dockerode";
|
|
2
|
+
import type { NetworkFilterConfig, NetworkMode } from "../../types";
|
|
3
|
+
export interface NetworkManagerOptions {
|
|
4
|
+
network: NetworkMode;
|
|
5
|
+
networkFilter?: NetworkFilterConfig;
|
|
6
|
+
}
|
|
7
|
+
export declare class NetworkManager {
|
|
8
|
+
private readonly network;
|
|
9
|
+
private readonly networkFilter?;
|
|
10
|
+
constructor(options: NetworkManagerOptions);
|
|
11
|
+
startProxy(container: Docker.Container): Promise<void>;
|
|
12
|
+
setupIptables(container: Docker.Container): Promise<void>;
|
|
13
|
+
get proxyPort(): number;
|
|
14
|
+
}
|
|
15
|
+
//# sourceMappingURL=network-manager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"network-manager.d.ts","sourceRoot":"","sources":["../../../src/engine/managers/network-manager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAOpE,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,WAAW,CAAC;IACrB,aAAa,CAAC,EAAE,mBAAmB,CAAC;CACrC;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAc;IACtC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAsB;gBAEzC,OAAO,EAAE,qBAAqB;IAKpC,UAAU,CAAC,SAAS,EAAE,MAAM,CAAC,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;IAwCtD,aAAa,CAAC,SAAS,EAAE,MAAM,CAAC,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;IA8B/D,IAAI,SAAS,IAAI,MAAM,CAEtB;CACF"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
import type Docker from "dockerode";
|
|
2
|
+
export interface VolumeManagerOptions {
|
|
3
|
+
readonlyRootFs: boolean;
|
|
4
|
+
sandboxWorkdir?: string;
|
|
5
|
+
}
|
|
6
|
+
export declare class VolumeManager {
|
|
7
|
+
private readonly readonlyRootFs;
|
|
8
|
+
private readonly sandboxWorkdir;
|
|
9
|
+
constructor(options: VolumeManagerOptions);
|
|
10
|
+
writeFileViaExec(container: Docker.Container, filePath: string, content: Buffer | string): Promise<void>;
|
|
11
|
+
readFileViaExec(container: Docker.Container, filePath: string): Promise<Buffer>;
|
|
12
|
+
getFileFromContainer(container: Docker.Container, path: string): Promise<Buffer>;
|
|
13
|
+
retrieveFiles(container: Docker.Container, paths: string[]): Promise<Record<string, string>>;
|
|
14
|
+
putFile(container: Docker.Container, path: string, content: Buffer | string): Promise<void>;
|
|
15
|
+
getFile(container: Docker.Container, path: string): Promise<Buffer>;
|
|
16
|
+
}
|
|
17
|
+
//# sourceMappingURL=volume-manager.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"volume-manager.d.ts","sourceRoot":"","sources":["../../../src/engine/managers/volume-manager.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,MAAM,MAAM,WAAW,CAAC;AAGpC,MAAM,WAAW,oBAAoB;IACnC,cAAc,EAAE,OAAO,CAAC;IACxB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,qBAAa,aAAa;IACxB,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAU;IACzC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAS;gBAE5B,OAAO,EAAE,oBAAoB;IAKnC,gBAAgB,CACpB,SAAS,EAAE,MAAM,CAAC,SAAS,EAC3B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,GAAG,MAAM,GACvB,OAAO,CAAC,IAAI,CAAC;IAwDV,eAAe,CAAC,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAqC/E,oBAAoB,CAAC,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAShF,aAAa,CACjB,SAAS,EAAE,MAAM,CAAC,SAAS,EAC3B,KAAK,EAAE,MAAM,EAAE,GACd,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAe5B,OAAO,CACX,SAAS,EAAE,MAAM,CAAC,SAAS,EAC3B,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,GAAG,MAAM,GACvB,OAAO,CAAC,IAAI,CAAC;IASV,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAM1E"}
|
package/dist/index.d.ts
CHANGED
|
@@ -13,7 +13,7 @@ export { DockerIsol8 } from "./engine/docker";
|
|
|
13
13
|
export { buildBaseImages, buildCustomImage, buildCustomImages, getCustomImageTag, } from "./engine/image-builder";
|
|
14
14
|
export { BunAdapter, bashAdapter, DenoAdapter, NodeAdapter, PythonAdapter, RuntimeRegistry, } from "./runtime";
|
|
15
15
|
export type { RuntimeAdapter } from "./runtime/adapter";
|
|
16
|
-
export type { ExecutionRequest, ExecutionResult, Isol8Config, Isol8Engine, Isol8Mode, Isol8Options, NetworkFilterConfig, NetworkMode, RemoteCodePolicy, Runtime, StreamEvent, } from "./types";
|
|
16
|
+
export type { ExecutionRequest, ExecutionResult, Isol8Config, Isol8Engine, Isol8Mode, Isol8Options, NetworkFilterConfig, NetworkMode, RemoteCodePolicy, Runtime, StreamEvent, WsClientMessage, WsServerMessage, } from "./types";
|
|
17
17
|
export { logger } from "./utils/logger";
|
|
18
18
|
export { VERSION } from "./version";
|
|
19
19
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,YAAY,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAE1D,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAE9C,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjD,YAAY,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAE1D,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAC9C,OAAO,EACL,eAAe,EACf,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,wBAAwB,CAAC;AAEhC,OAAO,EACL,UAAU,EACV,WAAW,EACX,WAAW,EACX,WAAW,EACX,aAAa,EACb,eAAe,GAChB,MAAM,WAAW,CAAC;AACnB,YAAY,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAExD,YAAY,EACV,gBAAgB,EAChB,eAAe,EACf,WAAW,EACX,WAAW,EACX,SAAS,EACT,YAAY,EACZ,mBAAmB,EACnB,WAAW,EACX,gBAAgB,EAChB,OAAO,EACP,WAAW,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,YAAY,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAE1D,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAE9C,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjD,YAAY,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAE1D,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAC9C,OAAO,EACL,eAAe,EACf,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,wBAAwB,CAAC;AAEhC,OAAO,EACL,UAAU,EACV,WAAW,EACX,WAAW,EACX,WAAW,EACX,aAAa,EACb,eAAe,GAChB,MAAM,WAAW,CAAC;AACnB,YAAY,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAExD,YAAY,EACV,gBAAgB,EAChB,eAAe,EACf,WAAW,EACX,WAAW,EACX,SAAS,EACT,YAAY,EACZ,mBAAmB,EACnB,WAAW,EACX,gBAAgB,EAChB,OAAO,EACP,WAAW,EACX,eAAe,EACf,eAAe,GAChB,MAAM,SAAS,CAAC;AAEjB,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAExC,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC"}
|