@sysid/sandbox-runtime-improved 0.0.56-sysid.1 → 0.0.64-sysid.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (129) hide show
  1. package/README.md +106 -4
  2. package/dist/cli.js +12 -18
  3. package/dist/cli.js.map +1 -1
  4. package/dist/index.d.ts +5 -5
  5. package/dist/index.d.ts.map +1 -1
  6. package/dist/index.js +2 -2
  7. package/dist/index.js.map +1 -1
  8. package/dist/sandbox/credential-mask-files.d.ts +157 -0
  9. package/dist/sandbox/credential-mask-files.d.ts.map +1 -0
  10. package/dist/sandbox/credential-mask-files.js +298 -0
  11. package/dist/sandbox/credential-mask-files.js.map +1 -0
  12. package/dist/sandbox/credential-sentinel.d.ts +72 -0
  13. package/dist/sandbox/credential-sentinel.d.ts.map +1 -0
  14. package/dist/sandbox/credential-sentinel.js +130 -0
  15. package/dist/sandbox/credential-sentinel.js.map +1 -0
  16. package/dist/sandbox/domain-pattern.d.ts +36 -0
  17. package/dist/sandbox/domain-pattern.d.ts.map +1 -0
  18. package/dist/sandbox/domain-pattern.js +60 -0
  19. package/dist/sandbox/domain-pattern.js.map +1 -0
  20. package/dist/sandbox/http-proxy.d.ts +33 -2
  21. package/dist/sandbox/http-proxy.d.ts.map +1 -1
  22. package/dist/sandbox/http-proxy.js +30 -2
  23. package/dist/sandbox/http-proxy.js.map +1 -1
  24. package/dist/sandbox/linux-sandbox-utils.d.ts +20 -0
  25. package/dist/sandbox/linux-sandbox-utils.d.ts.map +1 -1
  26. package/dist/sandbox/linux-sandbox-utils.js +134 -65
  27. package/dist/sandbox/linux-sandbox-utils.js.map +1 -1
  28. package/dist/sandbox/linux-violation-monitor.d.ts +48 -0
  29. package/dist/sandbox/linux-violation-monitor.d.ts.map +1 -0
  30. package/dist/sandbox/linux-violation-monitor.js +156 -0
  31. package/dist/sandbox/linux-violation-monitor.js.map +1 -0
  32. package/dist/sandbox/listen-in-range.d.ts +12 -0
  33. package/dist/sandbox/listen-in-range.d.ts.map +1 -0
  34. package/dist/sandbox/listen-in-range.js +43 -0
  35. package/dist/sandbox/listen-in-range.js.map +1 -0
  36. package/dist/sandbox/macos-sandbox-utils.d.ts +11 -0
  37. package/dist/sandbox/macos-sandbox-utils.d.ts.map +1 -1
  38. package/dist/sandbox/macos-sandbox-utils.js +72 -17
  39. package/dist/sandbox/macos-sandbox-utils.js.map +1 -1
  40. package/dist/sandbox/mitm-ca.d.ts +69 -2
  41. package/dist/sandbox/mitm-ca.d.ts.map +1 -1
  42. package/dist/sandbox/mitm-ca.js +188 -16
  43. package/dist/sandbox/mitm-ca.js.map +1 -1
  44. package/dist/sandbox/mitm-leaf.d.ts +1 -1
  45. package/dist/sandbox/mitm-leaf.d.ts.map +1 -1
  46. package/dist/sandbox/mitm-leaf.js +26 -19
  47. package/dist/sandbox/mitm-leaf.js.map +1 -1
  48. package/dist/sandbox/mux-proxy.d.ts +59 -0
  49. package/dist/sandbox/mux-proxy.d.ts.map +1 -0
  50. package/dist/sandbox/mux-proxy.js +159 -0
  51. package/dist/sandbox/mux-proxy.js.map +1 -0
  52. package/dist/sandbox/request-filter.d.ts +11 -1
  53. package/dist/sandbox/request-filter.d.ts.map +1 -1
  54. package/dist/sandbox/request-filter.js.map +1 -1
  55. package/dist/sandbox/sandbox-config.d.ts +461 -41
  56. package/dist/sandbox/sandbox-config.d.ts.map +1 -1
  57. package/dist/sandbox/sandbox-config.js +342 -26
  58. package/dist/sandbox/sandbox-config.js.map +1 -1
  59. package/dist/sandbox/sandbox-manager.d.ts +5 -1
  60. package/dist/sandbox/sandbox-manager.d.ts.map +1 -1
  61. package/dist/sandbox/sandbox-manager.js +697 -211
  62. package/dist/sandbox/sandbox-manager.js.map +1 -1
  63. package/dist/sandbox/sandbox-schemas.d.ts +15 -0
  64. package/dist/sandbox/sandbox-schemas.d.ts.map +1 -1
  65. package/dist/sandbox/sandbox-utils.d.ts +55 -6
  66. package/dist/sandbox/sandbox-utils.d.ts.map +1 -1
  67. package/dist/sandbox/sandbox-utils.js +143 -30
  68. package/dist/sandbox/sandbox-utils.js.map +1 -1
  69. package/dist/sandbox/socks-proxy.d.ts +11 -5
  70. package/dist/sandbox/socks-proxy.d.ts.map +1 -1
  71. package/dist/sandbox/socks-proxy.js +13 -81
  72. package/dist/sandbox/socks-proxy.js.map +1 -1
  73. package/dist/sandbox/tls-terminate-proxy.d.ts +2 -2
  74. package/dist/sandbox/tls-terminate-proxy.d.ts.map +1 -1
  75. package/dist/sandbox/tls-terminate-proxy.js +31 -5
  76. package/dist/sandbox/tls-terminate-proxy.js.map +1 -1
  77. package/dist/sandbox/windows-sandbox-utils.d.ts +508 -116
  78. package/dist/sandbox/windows-sandbox-utils.d.ts.map +1 -1
  79. package/dist/sandbox/windows-sandbox-utils.js +721 -209
  80. package/dist/sandbox/windows-sandbox-utils.js.map +1 -1
  81. package/dist/utils/shell-quote.d.ts +27 -0
  82. package/dist/utils/shell-quote.d.ts.map +1 -0
  83. package/dist/utils/shell-quote.js +47 -0
  84. package/dist/utils/shell-quote.js.map +1 -0
  85. package/package.json +7 -6
  86. package/vendor/seccomp/arm64/apply-seccomp +0 -0
  87. package/vendor/seccomp/build.ts +8 -30
  88. package/vendor/seccomp/x64/apply-seccomp +0 -0
  89. package/vendor/srt-win/build.ts +21 -0
  90. package/dist/vendor/seccomp/Dockerfile.build +0 -6
  91. package/dist/vendor/seccomp/arm64/apply-seccomp +0 -0
  92. package/dist/vendor/seccomp/build.ts +0 -91
  93. package/dist/vendor/seccomp/x64/apply-seccomp +0 -0
  94. package/dist/vendor/seccomp-src/apply-seccomp.c +0 -280
  95. package/dist/vendor/seccomp-src/seccomp-unix-block.c +0 -148
  96. package/dist/vendor/srt-win/Cargo.lock +0 -361
  97. package/dist/vendor/srt-win/Cargo.toml +0 -46
  98. package/dist/vendor/srt-win/ci/cleanup.ps1 +0 -49
  99. package/dist/vendor/srt-win/ci/smoke-exec.ps1 +0 -446
  100. package/dist/vendor/srt-win/ci/smoke.ps1 +0 -307
  101. package/dist/vendor/srt-win/src/job.rs +0 -102
  102. package/dist/vendor/srt-win/src/launch.rs +0 -732
  103. package/dist/vendor/srt-win/src/lib.rs +0 -20
  104. package/dist/vendor/srt-win/src/main.rs +0 -669
  105. package/dist/vendor/srt-win/src/self_protect.rs +0 -169
  106. package/dist/vendor/srt-win/src/sid.rs +0 -296
  107. package/dist/vendor/srt-win/src/token.rs +0 -341
  108. package/dist/vendor/srt-win/src/util.rs +0 -42
  109. package/dist/vendor/srt-win/src/wfp.rs +0 -992
  110. package/dist/vendor/srt-win/src/winsta.rs +0 -209
  111. package/dist/vendor/srt-win/tests/sd_access_check_matrix.rs +0 -259
  112. package/vendor/seccomp-src/apply-seccomp.c +0 -280
  113. package/vendor/seccomp-src/seccomp-unix-block.c +0 -148
  114. package/vendor/srt-win/Cargo.lock +0 -361
  115. package/vendor/srt-win/Cargo.toml +0 -46
  116. package/vendor/srt-win/ci/cleanup.ps1 +0 -49
  117. package/vendor/srt-win/ci/smoke-exec.ps1 +0 -446
  118. package/vendor/srt-win/ci/smoke.ps1 +0 -307
  119. package/vendor/srt-win/src/job.rs +0 -102
  120. package/vendor/srt-win/src/launch.rs +0 -732
  121. package/vendor/srt-win/src/lib.rs +0 -20
  122. package/vendor/srt-win/src/main.rs +0 -669
  123. package/vendor/srt-win/src/self_protect.rs +0 -169
  124. package/vendor/srt-win/src/sid.rs +0 -296
  125. package/vendor/srt-win/src/token.rs +0 -341
  126. package/vendor/srt-win/src/util.rs +0 -42
  127. package/vendor/srt-win/src/wfp.rs +0 -992
  128. package/vendor/srt-win/src/winsta.rs +0 -209
  129. package/vendor/srt-win/tests/sd_access_check_matrix.rs +0 -259
@@ -41,36 +41,97 @@ declare const ParentProxyConfigSchema: z.ZodObject<{
41
41
  *
42
42
  * - `deny` — the sandboxed process cannot read the file / does not see the
43
43
  * environment variable.
44
- * - `mask` — reserved for credential masking; rejected until masking ships.
45
- *
46
- * Additional modes (e.g. a working `mask`) will be added in future releases.
44
+ * - `mask` — the sandboxed process sees a per-session sentinel value; the
45
+ * host proxy substitutes sentinel→real on egress to `injectHosts`.
46
+ * For files this is whole-file masking (Linux only; degrades to `deny`
47
+ * on macOS — see {@link CredentialFileConfigSchema}).
47
48
  */
48
- declare const credentialModeSchema: z.ZodEffects<z.ZodEnum<["deny", "mask"]>, "deny", "deny" | "mask">;
49
+ declare const credentialModeSchema: z.ZodEnum<["deny", "mask"]>;
49
50
  /**
50
51
  * Schema for a single credential file/directory entry.
52
+ *
53
+ * `mode: "mask"` without `extract` is **whole-file** masking: the entire
54
+ * file content is replaced inside the sandbox with one sentinel string,
55
+ * and the proxy substitutes that sentinel back to the real bytes on egress.
56
+ * This works for files whose content *is* the credential (a token file, a
57
+ * single-line secret).
58
+ *
59
+ * `mode: "mask"` with `extract` is **structured** masking: the regex is
60
+ * applied globally to the real file, capture group 1 of each match is a
61
+ * credential value, and only those captured spans are replaced with
62
+ * sentinels — the rest of the file is preserved byte-for-byte. This lets a
63
+ * tool that parses the file (`.netrc`, JSON/YAML configs) still succeed
64
+ * inside the sandbox while the credential values are protected. If the
65
+ * pattern matches nothing, behaviour is governed by `onExtractNoMatch`
66
+ * (default `"warn"` — the file is left readable as-is and a stderr
67
+ * warning is emitted).
68
+ *
69
+ * `maskDuplicates: true` (only meaningful with `extract`) additionally
70
+ * replaces every verbatim occurrence of each captured value *outside* the
71
+ * regex-matched spans — for a secret repeated where the regex does not
72
+ * reach (e.g. pasted into a comment). The scan is raw substring matching,
73
+ * so a short or common captured value may also hit unrelated content that
74
+ * happens to contain it; intended for long, high-entropy secrets.
75
+ *
76
+ * On macOS, SBPL cannot redirect reads, so `mode: "mask"` (with or without
77
+ * `extract`) currently degrades to `mode: "deny"` (the file is unreadable
78
+ * inside the sandbox).
51
79
  */
52
80
  export declare const CredentialFileConfigSchema: z.ZodObject<{
53
81
  path: z.ZodString;
54
- mode: z.ZodEffects<z.ZodEnum<["deny", "mask"]>, "deny", "deny" | "mask">;
82
+ mode: z.ZodEnum<["deny", "mask"]>;
83
+ extract: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
84
+ /**
85
+ * What to do when `extract` matches nothing in the file at runtime.
86
+ *
87
+ * - `"warn"` (default): emit a stderr warning and leave the file
88
+ * readable as-is inside the sandbox (fail-open). A non-matching
89
+ * pattern is treated as a config error to surface and fix, not a
90
+ * reason to break a tool that needs the file when the credential is
91
+ * legitimately absent.
92
+ * - `"deny"`: degrade the entry to `mode: "deny"` so the file is
93
+ * unreadable inside the sandbox (fail-closed). The operator declared
94
+ * this file as containing a credential; if the regex cannot find it,
95
+ * block access rather than expose it.
96
+ * - `"error"`: throw at wrap time so nothing runs until the operator
97
+ * fixes the regex.
98
+ *
99
+ * Only meaningful when `mode` is `"mask"` and `extract` is set;
100
+ * accepted but ignored otherwise.
101
+ */
102
+ onExtractNoMatch: z.ZodOptional<z.ZodEnum<["warn", "deny", "error"]>>;
103
+ maskDuplicates: z.ZodOptional<z.ZodBoolean>;
104
+ injectHosts: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, string, string>, "many">>;
55
105
  }, "strip", z.ZodTypeAny, {
56
- mode: "deny";
106
+ mode: "deny" | "mask";
57
107
  path: string;
108
+ extract?: string | undefined;
109
+ onExtractNoMatch?: "error" | "warn" | "deny" | undefined;
110
+ maskDuplicates?: boolean | undefined;
111
+ injectHosts?: string[] | undefined;
58
112
  }, {
59
113
  mode: "deny" | "mask";
60
114
  path: string;
115
+ extract?: string | undefined;
116
+ onExtractNoMatch?: "error" | "warn" | "deny" | undefined;
117
+ maskDuplicates?: boolean | undefined;
118
+ injectHosts?: string[] | undefined;
61
119
  }>;
62
120
  /**
63
121
  * Schema for a single credential environment variable entry.
64
122
  */
65
123
  export declare const CredentialEnvVarConfigSchema: z.ZodObject<{
66
124
  name: z.ZodString;
67
- mode: z.ZodEffects<z.ZodEnum<["deny", "mask"]>, "deny", "deny" | "mask">;
125
+ mode: z.ZodEnum<["deny", "mask"]>;
126
+ injectHosts: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, string, string>, "many">>;
68
127
  }, "strip", z.ZodTypeAny, {
69
- mode: "deny";
128
+ mode: "deny" | "mask";
70
129
  name: string;
130
+ injectHosts?: string[] | undefined;
71
131
  }, {
72
132
  mode: "deny" | "mask";
73
133
  name: string;
134
+ injectHosts?: string[] | undefined;
74
135
  }>;
75
136
  /**
76
137
  * Credentials configuration schema for validation.
@@ -88,42 +149,88 @@ export declare const CredentialEnvVarConfigSchema: z.ZodObject<{
88
149
  export declare const CredentialsConfigSchema: z.ZodObject<{
89
150
  files: z.ZodOptional<z.ZodArray<z.ZodObject<{
90
151
  path: z.ZodString;
91
- mode: z.ZodEffects<z.ZodEnum<["deny", "mask"]>, "deny", "deny" | "mask">;
152
+ mode: z.ZodEnum<["deny", "mask"]>;
153
+ extract: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
154
+ /**
155
+ * What to do when `extract` matches nothing in the file at runtime.
156
+ *
157
+ * - `"warn"` (default): emit a stderr warning and leave the file
158
+ * readable as-is inside the sandbox (fail-open). A non-matching
159
+ * pattern is treated as a config error to surface and fix, not a
160
+ * reason to break a tool that needs the file when the credential is
161
+ * legitimately absent.
162
+ * - `"deny"`: degrade the entry to `mode: "deny"` so the file is
163
+ * unreadable inside the sandbox (fail-closed). The operator declared
164
+ * this file as containing a credential; if the regex cannot find it,
165
+ * block access rather than expose it.
166
+ * - `"error"`: throw at wrap time so nothing runs until the operator
167
+ * fixes the regex.
168
+ *
169
+ * Only meaningful when `mode` is `"mask"` and `extract` is set;
170
+ * accepted but ignored otherwise.
171
+ */
172
+ onExtractNoMatch: z.ZodOptional<z.ZodEnum<["warn", "deny", "error"]>>;
173
+ maskDuplicates: z.ZodOptional<z.ZodBoolean>;
174
+ injectHosts: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, string, string>, "many">>;
92
175
  }, "strip", z.ZodTypeAny, {
93
- mode: "deny";
176
+ mode: "deny" | "mask";
94
177
  path: string;
178
+ extract?: string | undefined;
179
+ onExtractNoMatch?: "error" | "warn" | "deny" | undefined;
180
+ maskDuplicates?: boolean | undefined;
181
+ injectHosts?: string[] | undefined;
95
182
  }, {
96
183
  mode: "deny" | "mask";
97
184
  path: string;
185
+ extract?: string | undefined;
186
+ onExtractNoMatch?: "error" | "warn" | "deny" | undefined;
187
+ maskDuplicates?: boolean | undefined;
188
+ injectHosts?: string[] | undefined;
98
189
  }>, "many">>;
99
190
  envVars: z.ZodOptional<z.ZodArray<z.ZodObject<{
100
191
  name: z.ZodString;
101
- mode: z.ZodEffects<z.ZodEnum<["deny", "mask"]>, "deny", "deny" | "mask">;
192
+ mode: z.ZodEnum<["deny", "mask"]>;
193
+ injectHosts: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, string, string>, "many">>;
102
194
  }, "strip", z.ZodTypeAny, {
103
- mode: "deny";
195
+ mode: "deny" | "mask";
104
196
  name: string;
197
+ injectHosts?: string[] | undefined;
105
198
  }, {
106
199
  mode: "deny" | "mask";
107
200
  name: string;
201
+ injectHosts?: string[] | undefined;
108
202
  }>, "many">>;
109
- }, "strip", z.ZodTypeAny, {
203
+ allowPlaintextInject: z.ZodOptional<z.ZodBoolean>;
204
+ }, "strict", z.ZodTypeAny, {
110
205
  files?: {
111
- mode: "deny";
206
+ mode: "deny" | "mask";
112
207
  path: string;
208
+ extract?: string | undefined;
209
+ onExtractNoMatch?: "error" | "warn" | "deny" | undefined;
210
+ maskDuplicates?: boolean | undefined;
211
+ injectHosts?: string[] | undefined;
113
212
  }[] | undefined;
114
213
  envVars?: {
115
- mode: "deny";
214
+ mode: "deny" | "mask";
116
215
  name: string;
216
+ injectHosts?: string[] | undefined;
117
217
  }[] | undefined;
218
+ allowPlaintextInject?: boolean | undefined;
118
219
  }, {
119
220
  files?: {
120
221
  mode: "deny" | "mask";
121
222
  path: string;
223
+ extract?: string | undefined;
224
+ onExtractNoMatch?: "error" | "warn" | "deny" | undefined;
225
+ maskDuplicates?: boolean | undefined;
226
+ injectHosts?: string[] | undefined;
122
227
  }[] | undefined;
123
228
  envVars?: {
124
229
  mode: "deny" | "mask";
125
230
  name: string;
231
+ injectHosts?: string[] | undefined;
126
232
  }[] | undefined;
233
+ allowPlaintextInject?: boolean | undefined;
127
234
  }>;
128
235
  /**
129
236
  * Network configuration schema for validation
@@ -152,18 +259,28 @@ export declare const NetworkConfigSchema: z.ZodObject<{
152
259
  tlsTerminate: z.ZodOptional<z.ZodEffects<z.ZodObject<{
153
260
  caCertPath: z.ZodOptional<z.ZodString>;
154
261
  caKeyPath: z.ZodOptional<z.ZodString>;
262
+ excludeDomains: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, string, string>, "many">>;
263
+ extraCaCertPaths: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
155
264
  }, "strip", z.ZodTypeAny, {
156
265
  caCertPath?: string | undefined;
157
266
  caKeyPath?: string | undefined;
267
+ excludeDomains?: string[] | undefined;
268
+ extraCaCertPaths?: string[] | undefined;
158
269
  }, {
159
270
  caCertPath?: string | undefined;
160
271
  caKeyPath?: string | undefined;
272
+ excludeDomains?: string[] | undefined;
273
+ extraCaCertPaths?: string[] | undefined;
161
274
  }>, {
162
275
  caCertPath?: string | undefined;
163
276
  caKeyPath?: string | undefined;
277
+ excludeDomains?: string[] | undefined;
278
+ extraCaCertPaths?: string[] | undefined;
164
279
  }, {
165
280
  caCertPath?: string | undefined;
166
281
  caKeyPath?: string | undefined;
282
+ excludeDomains?: string[] | undefined;
283
+ extraCaCertPaths?: string[] | undefined;
167
284
  }>>;
168
285
  parentProxy: z.ZodOptional<z.ZodObject<{
169
286
  http: z.ZodOptional<z.ZodString>;
@@ -196,6 +313,8 @@ export declare const NetworkConfigSchema: z.ZodObject<{
196
313
  tlsTerminate?: {
197
314
  caCertPath?: string | undefined;
198
315
  caKeyPath?: string | undefined;
316
+ excludeDomains?: string[] | undefined;
317
+ extraCaCertPaths?: string[] | undefined;
199
318
  } | undefined;
200
319
  parentProxy?: {
201
320
  http?: string | undefined;
@@ -220,6 +339,8 @@ export declare const NetworkConfigSchema: z.ZodObject<{
220
339
  tlsTerminate?: {
221
340
  caCertPath?: string | undefined;
222
341
  caKeyPath?: string | undefined;
342
+ excludeDomains?: string[] | undefined;
343
+ extraCaCertPaths?: string[] | undefined;
223
344
  } | undefined;
224
345
  parentProxy?: {
225
346
  http?: string | undefined;
@@ -231,6 +352,7 @@ export declare const NetworkConfigSchema: z.ZodObject<{
231
352
  * Filesystem configuration schema for validation
232
353
  */
233
354
  export declare const FilesystemConfigSchema: z.ZodObject<{
355
+ disabled: z.ZodOptional<z.ZodBoolean>;
234
356
  denyRead: z.ZodArray<z.ZodString, "many">;
235
357
  allowRead: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
236
358
  allowWrite: z.ZodArray<z.ZodString, "many">;
@@ -240,12 +362,14 @@ export declare const FilesystemConfigSchema: z.ZodObject<{
240
362
  denyRead: string[];
241
363
  allowWrite: string[];
242
364
  denyWrite: string[];
365
+ disabled?: boolean | undefined;
243
366
  allowRead?: string[] | undefined;
244
367
  allowGitConfig?: boolean | undefined;
245
368
  }, {
246
369
  denyRead: string[];
247
370
  allowWrite: string[];
248
371
  denyWrite: string[];
372
+ disabled?: boolean | undefined;
249
373
  allowRead?: string[] | undefined;
250
374
  allowGitConfig?: boolean | undefined;
251
375
  }>;
@@ -270,26 +394,63 @@ export declare const RipgrepConfigSchema: z.ZodObject<{
270
394
  args?: string[] | undefined;
271
395
  argv0?: string | undefined;
272
396
  }>;
397
+ /**
398
+ * Configuration for locating/invoking the `srt-win` helper (Windows
399
+ * only). An embedder that links `srt-win`'s CLI into its own
400
+ * multicall binary points `path` at that binary; spawns then pass
401
+ * `--srt-win` as `argv[1]` (see `SRT_WIN_DISPATCH_ARG1` in
402
+ * `windows-sandbox-utils.ts` / `srt_win::SRT_WIN_DISPATCH_ARG1`) so
403
+ * the embedder's dispatcher can route to `srt_win::run_from_args`.
404
+ * Windows cannot reliably preserve a spoofed `argv[0]` across
405
+ * `CreateProcessWithLogonW` / `ShellExecuteExW(runas)`, so dispatch
406
+ * keys on `argv[1]`, not on `argv[0]` like
407
+ * {@link SeccompConfigSchema} does on Linux.
408
+ */
409
+ export declare const SrtWinConfigSchema: z.ZodObject<{
410
+ path: z.ZodOptional<z.ZodString>;
411
+ }, "strip", z.ZodTypeAny, {
412
+ path?: string | undefined;
413
+ }, {
414
+ path?: string | undefined;
415
+ }>;
273
416
  /**
274
417
  * Windows-specific configuration schema. See
275
418
  * `windows-sandbox-utils.ts` for the install flow these settings
276
419
  * must agree with.
420
+ *
421
+ * Canonical: `sublayerGuid`; the `wfpSublayerGuid` alias is resolved
422
+ * at read sites (`sublayerGuid ?? wfpSublayerGuid`) rather than via
423
+ * `.transform()` so this stays a plain `ZodObject` for consumers that
424
+ * `.extend()`/`.shape` it.
277
425
  */
278
426
  export declare const WindowsConfigSchema: z.ZodObject<{
279
- groupName: z.ZodDefault<z.ZodString>;
280
- groupSid: z.ZodOptional<z.ZodString>;
427
+ sandboxUser: z.ZodOptional<z.ZodString>;
428
+ sublayerGuid: z.ZodOptional<z.ZodString>;
281
429
  wfpSublayerGuid: z.ZodOptional<z.ZodString>;
282
430
  proxyPortRange: z.ZodOptional<z.ZodEffects<z.ZodTuple<[z.ZodNumber, z.ZodNumber], null>, [number, number], [number, number]>>;
431
+ srtWin: z.ZodOptional<z.ZodObject<{
432
+ path: z.ZodOptional<z.ZodString>;
433
+ }, "strip", z.ZodTypeAny, {
434
+ path?: string | undefined;
435
+ }, {
436
+ path?: string | undefined;
437
+ }>>;
283
438
  }, "strip", z.ZodTypeAny, {
284
- groupName: string;
285
- groupSid?: string | undefined;
439
+ sandboxUser?: string | undefined;
440
+ sublayerGuid?: string | undefined;
286
441
  wfpSublayerGuid?: string | undefined;
287
442
  proxyPortRange?: [number, number] | undefined;
443
+ srtWin?: {
444
+ path?: string | undefined;
445
+ } | undefined;
288
446
  }, {
289
- groupName?: string | undefined;
290
- groupSid?: string | undefined;
447
+ sandboxUser?: string | undefined;
448
+ sublayerGuid?: string | undefined;
291
449
  wfpSublayerGuid?: string | undefined;
292
450
  proxyPortRange?: [number, number] | undefined;
451
+ srtWin?: {
452
+ path?: string | undefined;
453
+ } | undefined;
293
454
  }>;
294
455
  /**
295
456
  * Seccomp configuration schema (Linux only)
@@ -307,7 +468,7 @@ export declare const SeccompConfigSchema: z.ZodObject<{
307
468
  /**
308
469
  * Main configuration schema for Sandbox Runtime validation
309
470
  */
310
- export declare const SandboxRuntimeConfigSchema: z.ZodObject<{
471
+ export declare const SandboxRuntimeConfigSchema: z.ZodEffects<z.ZodObject<{
311
472
  network: z.ZodObject<{
312
473
  allowedDomains: z.ZodArray<z.ZodEffects<z.ZodString, string, string>, "many">;
313
474
  deniedDomains: z.ZodArray<z.ZodUnion<[z.ZodLiteral<"*">, z.ZodEffects<z.ZodString, string, string>]>, "many">;
@@ -332,18 +493,28 @@ export declare const SandboxRuntimeConfigSchema: z.ZodObject<{
332
493
  tlsTerminate: z.ZodOptional<z.ZodEffects<z.ZodObject<{
333
494
  caCertPath: z.ZodOptional<z.ZodString>;
334
495
  caKeyPath: z.ZodOptional<z.ZodString>;
496
+ excludeDomains: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, string, string>, "many">>;
497
+ extraCaCertPaths: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
335
498
  }, "strip", z.ZodTypeAny, {
336
499
  caCertPath?: string | undefined;
337
500
  caKeyPath?: string | undefined;
501
+ excludeDomains?: string[] | undefined;
502
+ extraCaCertPaths?: string[] | undefined;
338
503
  }, {
339
504
  caCertPath?: string | undefined;
340
505
  caKeyPath?: string | undefined;
506
+ excludeDomains?: string[] | undefined;
507
+ extraCaCertPaths?: string[] | undefined;
341
508
  }>, {
342
509
  caCertPath?: string | undefined;
343
510
  caKeyPath?: string | undefined;
511
+ excludeDomains?: string[] | undefined;
512
+ extraCaCertPaths?: string[] | undefined;
344
513
  }, {
345
514
  caCertPath?: string | undefined;
346
515
  caKeyPath?: string | undefined;
516
+ excludeDomains?: string[] | undefined;
517
+ extraCaCertPaths?: string[] | undefined;
347
518
  }>>;
348
519
  parentProxy: z.ZodOptional<z.ZodObject<{
349
520
  http: z.ZodOptional<z.ZodString>;
@@ -376,6 +547,8 @@ export declare const SandboxRuntimeConfigSchema: z.ZodObject<{
376
547
  tlsTerminate?: {
377
548
  caCertPath?: string | undefined;
378
549
  caKeyPath?: string | undefined;
550
+ excludeDomains?: string[] | undefined;
551
+ extraCaCertPaths?: string[] | undefined;
379
552
  } | undefined;
380
553
  parentProxy?: {
381
554
  http?: string | undefined;
@@ -400,6 +573,8 @@ export declare const SandboxRuntimeConfigSchema: z.ZodObject<{
400
573
  tlsTerminate?: {
401
574
  caCertPath?: string | undefined;
402
575
  caKeyPath?: string | undefined;
576
+ excludeDomains?: string[] | undefined;
577
+ extraCaCertPaths?: string[] | undefined;
403
578
  } | undefined;
404
579
  parentProxy?: {
405
580
  http?: string | undefined;
@@ -408,6 +583,7 @@ export declare const SandboxRuntimeConfigSchema: z.ZodObject<{
408
583
  } | undefined;
409
584
  }>;
410
585
  filesystem: z.ZodObject<{
586
+ disabled: z.ZodOptional<z.ZodBoolean>;
411
587
  denyRead: z.ZodArray<z.ZodString, "many">;
412
588
  allowRead: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
413
589
  allowWrite: z.ZodArray<z.ZodString, "many">;
@@ -417,54 +593,102 @@ export declare const SandboxRuntimeConfigSchema: z.ZodObject<{
417
593
  denyRead: string[];
418
594
  allowWrite: string[];
419
595
  denyWrite: string[];
596
+ disabled?: boolean | undefined;
420
597
  allowRead?: string[] | undefined;
421
598
  allowGitConfig?: boolean | undefined;
422
599
  }, {
423
600
  denyRead: string[];
424
601
  allowWrite: string[];
425
602
  denyWrite: string[];
603
+ disabled?: boolean | undefined;
426
604
  allowRead?: string[] | undefined;
427
605
  allowGitConfig?: boolean | undefined;
428
606
  }>;
429
607
  credentials: z.ZodOptional<z.ZodObject<{
430
608
  files: z.ZodOptional<z.ZodArray<z.ZodObject<{
431
609
  path: z.ZodString;
432
- mode: z.ZodEffects<z.ZodEnum<["deny", "mask"]>, "deny", "deny" | "mask">;
610
+ mode: z.ZodEnum<["deny", "mask"]>;
611
+ extract: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
612
+ /**
613
+ * What to do when `extract` matches nothing in the file at runtime.
614
+ *
615
+ * - `"warn"` (default): emit a stderr warning and leave the file
616
+ * readable as-is inside the sandbox (fail-open). A non-matching
617
+ * pattern is treated as a config error to surface and fix, not a
618
+ * reason to break a tool that needs the file when the credential is
619
+ * legitimately absent.
620
+ * - `"deny"`: degrade the entry to `mode: "deny"` so the file is
621
+ * unreadable inside the sandbox (fail-closed). The operator declared
622
+ * this file as containing a credential; if the regex cannot find it,
623
+ * block access rather than expose it.
624
+ * - `"error"`: throw at wrap time so nothing runs until the operator
625
+ * fixes the regex.
626
+ *
627
+ * Only meaningful when `mode` is `"mask"` and `extract` is set;
628
+ * accepted but ignored otherwise.
629
+ */
630
+ onExtractNoMatch: z.ZodOptional<z.ZodEnum<["warn", "deny", "error"]>>;
631
+ maskDuplicates: z.ZodOptional<z.ZodBoolean>;
632
+ injectHosts: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, string, string>, "many">>;
433
633
  }, "strip", z.ZodTypeAny, {
434
- mode: "deny";
634
+ mode: "deny" | "mask";
435
635
  path: string;
636
+ extract?: string | undefined;
637
+ onExtractNoMatch?: "error" | "warn" | "deny" | undefined;
638
+ maskDuplicates?: boolean | undefined;
639
+ injectHosts?: string[] | undefined;
436
640
  }, {
437
641
  mode: "deny" | "mask";
438
642
  path: string;
643
+ extract?: string | undefined;
644
+ onExtractNoMatch?: "error" | "warn" | "deny" | undefined;
645
+ maskDuplicates?: boolean | undefined;
646
+ injectHosts?: string[] | undefined;
439
647
  }>, "many">>;
440
648
  envVars: z.ZodOptional<z.ZodArray<z.ZodObject<{
441
649
  name: z.ZodString;
442
- mode: z.ZodEffects<z.ZodEnum<["deny", "mask"]>, "deny", "deny" | "mask">;
650
+ mode: z.ZodEnum<["deny", "mask"]>;
651
+ injectHosts: z.ZodOptional<z.ZodArray<z.ZodEffects<z.ZodString, string, string>, "many">>;
443
652
  }, "strip", z.ZodTypeAny, {
444
- mode: "deny";
653
+ mode: "deny" | "mask";
445
654
  name: string;
655
+ injectHosts?: string[] | undefined;
446
656
  }, {
447
657
  mode: "deny" | "mask";
448
658
  name: string;
659
+ injectHosts?: string[] | undefined;
449
660
  }>, "many">>;
450
- }, "strip", z.ZodTypeAny, {
661
+ allowPlaintextInject: z.ZodOptional<z.ZodBoolean>;
662
+ }, "strict", z.ZodTypeAny, {
451
663
  files?: {
452
- mode: "deny";
664
+ mode: "deny" | "mask";
453
665
  path: string;
666
+ extract?: string | undefined;
667
+ onExtractNoMatch?: "error" | "warn" | "deny" | undefined;
668
+ maskDuplicates?: boolean | undefined;
669
+ injectHosts?: string[] | undefined;
454
670
  }[] | undefined;
455
671
  envVars?: {
456
- mode: "deny";
672
+ mode: "deny" | "mask";
457
673
  name: string;
674
+ injectHosts?: string[] | undefined;
458
675
  }[] | undefined;
676
+ allowPlaintextInject?: boolean | undefined;
459
677
  }, {
460
678
  files?: {
461
679
  mode: "deny" | "mask";
462
680
  path: string;
681
+ extract?: string | undefined;
682
+ onExtractNoMatch?: "error" | "warn" | "deny" | undefined;
683
+ maskDuplicates?: boolean | undefined;
684
+ injectHosts?: string[] | undefined;
463
685
  }[] | undefined;
464
686
  envVars?: {
465
687
  mode: "deny" | "mask";
466
688
  name: string;
689
+ injectHosts?: string[] | undefined;
467
690
  }[] | undefined;
691
+ allowPlaintextInject?: boolean | undefined;
468
692
  }>>;
469
693
  ignoreViolations: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodArray<z.ZodString, "many">>>;
470
694
  enableWeakerNestedSandbox: z.ZodOptional<z.ZodBoolean>;
@@ -499,20 +723,33 @@ export declare const SandboxRuntimeConfigSchema: z.ZodObject<{
499
723
  bwrapPath: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
500
724
  socatPath: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
501
725
  windows: z.ZodOptional<z.ZodObject<{
502
- groupName: z.ZodDefault<z.ZodString>;
503
- groupSid: z.ZodOptional<z.ZodString>;
726
+ sandboxUser: z.ZodOptional<z.ZodString>;
727
+ sublayerGuid: z.ZodOptional<z.ZodString>;
504
728
  wfpSublayerGuid: z.ZodOptional<z.ZodString>;
505
729
  proxyPortRange: z.ZodOptional<z.ZodEffects<z.ZodTuple<[z.ZodNumber, z.ZodNumber], null>, [number, number], [number, number]>>;
730
+ srtWin: z.ZodOptional<z.ZodObject<{
731
+ path: z.ZodOptional<z.ZodString>;
732
+ }, "strip", z.ZodTypeAny, {
733
+ path?: string | undefined;
734
+ }, {
735
+ path?: string | undefined;
736
+ }>>;
506
737
  }, "strip", z.ZodTypeAny, {
507
- groupName: string;
508
- groupSid?: string | undefined;
738
+ sandboxUser?: string | undefined;
739
+ sublayerGuid?: string | undefined;
509
740
  wfpSublayerGuid?: string | undefined;
510
741
  proxyPortRange?: [number, number] | undefined;
742
+ srtWin?: {
743
+ path?: string | undefined;
744
+ } | undefined;
511
745
  }, {
512
- groupName?: string | undefined;
513
- groupSid?: string | undefined;
746
+ sandboxUser?: string | undefined;
747
+ sublayerGuid?: string | undefined;
514
748
  wfpSublayerGuid?: string | undefined;
515
749
  proxyPortRange?: [number, number] | undefined;
750
+ srtWin?: {
751
+ path?: string | undefined;
752
+ } | undefined;
516
753
  }>>;
517
754
  }, "strip", z.ZodTypeAny, {
518
755
  network: {
@@ -533,6 +770,166 @@ export declare const SandboxRuntimeConfigSchema: z.ZodObject<{
533
770
  tlsTerminate?: {
534
771
  caCertPath?: string | undefined;
535
772
  caKeyPath?: string | undefined;
773
+ excludeDomains?: string[] | undefined;
774
+ extraCaCertPaths?: string[] | undefined;
775
+ } | undefined;
776
+ parentProxy?: {
777
+ http?: string | undefined;
778
+ https?: string | undefined;
779
+ noProxy?: string | undefined;
780
+ } | undefined;
781
+ };
782
+ filesystem: {
783
+ denyRead: string[];
784
+ allowWrite: string[];
785
+ denyWrite: string[];
786
+ disabled?: boolean | undefined;
787
+ allowRead?: string[] | undefined;
788
+ allowGitConfig?: boolean | undefined;
789
+ };
790
+ credentials?: {
791
+ files?: {
792
+ mode: "deny" | "mask";
793
+ path: string;
794
+ extract?: string | undefined;
795
+ onExtractNoMatch?: "error" | "warn" | "deny" | undefined;
796
+ maskDuplicates?: boolean | undefined;
797
+ injectHosts?: string[] | undefined;
798
+ }[] | undefined;
799
+ envVars?: {
800
+ mode: "deny" | "mask";
801
+ name: string;
802
+ injectHosts?: string[] | undefined;
803
+ }[] | undefined;
804
+ allowPlaintextInject?: boolean | undefined;
805
+ } | undefined;
806
+ ignoreViolations?: Record<string, string[]> | undefined;
807
+ enableWeakerNestedSandbox?: boolean | undefined;
808
+ enableWeakerNetworkIsolation?: boolean | undefined;
809
+ allowAppleEvents?: boolean | undefined;
810
+ ripgrep?: {
811
+ command: string;
812
+ args?: string[] | undefined;
813
+ argv0?: string | undefined;
814
+ } | undefined;
815
+ mandatoryDenySearchDepth?: number | undefined;
816
+ allowPty?: boolean | undefined;
817
+ allowBrowserProcess?: boolean | undefined;
818
+ seccomp?: {
819
+ argv0?: string | undefined;
820
+ applyPath?: string | undefined;
821
+ } | undefined;
822
+ bwrapPath?: string | undefined;
823
+ socatPath?: string | undefined;
824
+ windows?: {
825
+ sandboxUser?: string | undefined;
826
+ sublayerGuid?: string | undefined;
827
+ wfpSublayerGuid?: string | undefined;
828
+ proxyPortRange?: [number, number] | undefined;
829
+ srtWin?: {
830
+ path?: string | undefined;
831
+ } | undefined;
832
+ } | undefined;
833
+ }, {
834
+ network: {
835
+ allowedDomains: string[];
836
+ deniedDomains: string[];
837
+ strictAllowlist?: boolean | undefined;
838
+ allowUnixSockets?: string[] | undefined;
839
+ allowAllUnixSockets?: boolean | undefined;
840
+ allowLocalBinding?: boolean | undefined;
841
+ allowMachLookup?: string[] | undefined;
842
+ httpProxyPort?: number | undefined;
843
+ socksProxyPort?: number | undefined;
844
+ mitmProxy?: {
845
+ socketPath: string;
846
+ domains: string[];
847
+ } | undefined;
848
+ filterRequest?: FilterRequestCallback | undefined;
849
+ tlsTerminate?: {
850
+ caCertPath?: string | undefined;
851
+ caKeyPath?: string | undefined;
852
+ excludeDomains?: string[] | undefined;
853
+ extraCaCertPaths?: string[] | undefined;
854
+ } | undefined;
855
+ parentProxy?: {
856
+ http?: string | undefined;
857
+ https?: string | undefined;
858
+ noProxy?: string | undefined;
859
+ } | undefined;
860
+ };
861
+ filesystem: {
862
+ denyRead: string[];
863
+ allowWrite: string[];
864
+ denyWrite: string[];
865
+ disabled?: boolean | undefined;
866
+ allowRead?: string[] | undefined;
867
+ allowGitConfig?: boolean | undefined;
868
+ };
869
+ credentials?: {
870
+ files?: {
871
+ mode: "deny" | "mask";
872
+ path: string;
873
+ extract?: string | undefined;
874
+ onExtractNoMatch?: "error" | "warn" | "deny" | undefined;
875
+ maskDuplicates?: boolean | undefined;
876
+ injectHosts?: string[] | undefined;
877
+ }[] | undefined;
878
+ envVars?: {
879
+ mode: "deny" | "mask";
880
+ name: string;
881
+ injectHosts?: string[] | undefined;
882
+ }[] | undefined;
883
+ allowPlaintextInject?: boolean | undefined;
884
+ } | undefined;
885
+ ignoreViolations?: Record<string, string[]> | undefined;
886
+ enableWeakerNestedSandbox?: boolean | undefined;
887
+ enableWeakerNetworkIsolation?: boolean | undefined;
888
+ allowAppleEvents?: boolean | undefined;
889
+ ripgrep?: {
890
+ command: string;
891
+ args?: string[] | undefined;
892
+ argv0?: string | undefined;
893
+ } | undefined;
894
+ mandatoryDenySearchDepth?: number | undefined;
895
+ allowPty?: boolean | undefined;
896
+ allowBrowserProcess?: boolean | undefined;
897
+ seccomp?: {
898
+ argv0?: string | undefined;
899
+ applyPath?: string | undefined;
900
+ } | undefined;
901
+ bwrapPath?: string | undefined;
902
+ socatPath?: string | undefined;
903
+ windows?: {
904
+ sandboxUser?: string | undefined;
905
+ sublayerGuid?: string | undefined;
906
+ wfpSublayerGuid?: string | undefined;
907
+ proxyPortRange?: [number, number] | undefined;
908
+ srtWin?: {
909
+ path?: string | undefined;
910
+ } | undefined;
911
+ } | undefined;
912
+ }>, {
913
+ network: {
914
+ allowedDomains: string[];
915
+ deniedDomains: string[];
916
+ strictAllowlist?: boolean | undefined;
917
+ allowUnixSockets?: string[] | undefined;
918
+ allowAllUnixSockets?: boolean | undefined;
919
+ allowLocalBinding?: boolean | undefined;
920
+ allowMachLookup?: string[] | undefined;
921
+ httpProxyPort?: number | undefined;
922
+ socksProxyPort?: number | undefined;
923
+ mitmProxy?: {
924
+ socketPath: string;
925
+ domains: string[];
926
+ } | undefined;
927
+ filterRequest?: FilterRequestCallback | undefined;
928
+ tlsTerminate?: {
929
+ caCertPath?: string | undefined;
930
+ caKeyPath?: string | undefined;
931
+ excludeDomains?: string[] | undefined;
932
+ extraCaCertPaths?: string[] | undefined;
536
933
  } | undefined;
537
934
  parentProxy?: {
538
935
  http?: string | undefined;
@@ -544,18 +941,25 @@ export declare const SandboxRuntimeConfigSchema: z.ZodObject<{
544
941
  denyRead: string[];
545
942
  allowWrite: string[];
546
943
  denyWrite: string[];
944
+ disabled?: boolean | undefined;
547
945
  allowRead?: string[] | undefined;
548
946
  allowGitConfig?: boolean | undefined;
549
947
  };
550
948
  credentials?: {
551
949
  files?: {
552
- mode: "deny";
950
+ mode: "deny" | "mask";
553
951
  path: string;
952
+ extract?: string | undefined;
953
+ onExtractNoMatch?: "error" | "warn" | "deny" | undefined;
954
+ maskDuplicates?: boolean | undefined;
955
+ injectHosts?: string[] | undefined;
554
956
  }[] | undefined;
555
957
  envVars?: {
556
- mode: "deny";
958
+ mode: "deny" | "mask";
557
959
  name: string;
960
+ injectHosts?: string[] | undefined;
558
961
  }[] | undefined;
962
+ allowPlaintextInject?: boolean | undefined;
559
963
  } | undefined;
560
964
  ignoreViolations?: Record<string, string[]> | undefined;
561
965
  enableWeakerNestedSandbox?: boolean | undefined;
@@ -576,10 +980,13 @@ export declare const SandboxRuntimeConfigSchema: z.ZodObject<{
576
980
  bwrapPath?: string | undefined;
577
981
  socatPath?: string | undefined;
578
982
  windows?: {
579
- groupName: string;
580
- groupSid?: string | undefined;
983
+ sandboxUser?: string | undefined;
984
+ sublayerGuid?: string | undefined;
581
985
  wfpSublayerGuid?: string | undefined;
582
986
  proxyPortRange?: [number, number] | undefined;
987
+ srtWin?: {
988
+ path?: string | undefined;
989
+ } | undefined;
583
990
  } | undefined;
584
991
  }, {
585
992
  network: {
@@ -600,6 +1007,8 @@ export declare const SandboxRuntimeConfigSchema: z.ZodObject<{
600
1007
  tlsTerminate?: {
601
1008
  caCertPath?: string | undefined;
602
1009
  caKeyPath?: string | undefined;
1010
+ excludeDomains?: string[] | undefined;
1011
+ extraCaCertPaths?: string[] | undefined;
603
1012
  } | undefined;
604
1013
  parentProxy?: {
605
1014
  http?: string | undefined;
@@ -611,6 +1020,7 @@ export declare const SandboxRuntimeConfigSchema: z.ZodObject<{
611
1020
  denyRead: string[];
612
1021
  allowWrite: string[];
613
1022
  denyWrite: string[];
1023
+ disabled?: boolean | undefined;
614
1024
  allowRead?: string[] | undefined;
615
1025
  allowGitConfig?: boolean | undefined;
616
1026
  };
@@ -618,11 +1028,17 @@ export declare const SandboxRuntimeConfigSchema: z.ZodObject<{
618
1028
  files?: {
619
1029
  mode: "deny" | "mask";
620
1030
  path: string;
1031
+ extract?: string | undefined;
1032
+ onExtractNoMatch?: "error" | "warn" | "deny" | undefined;
1033
+ maskDuplicates?: boolean | undefined;
1034
+ injectHosts?: string[] | undefined;
621
1035
  }[] | undefined;
622
1036
  envVars?: {
623
1037
  mode: "deny" | "mask";
624
1038
  name: string;
1039
+ injectHosts?: string[] | undefined;
625
1040
  }[] | undefined;
1041
+ allowPlaintextInject?: boolean | undefined;
626
1042
  } | undefined;
627
1043
  ignoreViolations?: Record<string, string[]> | undefined;
628
1044
  enableWeakerNestedSandbox?: boolean | undefined;
@@ -643,10 +1059,13 @@ export declare const SandboxRuntimeConfigSchema: z.ZodObject<{
643
1059
  bwrapPath?: string | undefined;
644
1060
  socatPath?: string | undefined;
645
1061
  windows?: {
646
- groupName?: string | undefined;
647
- groupSid?: string | undefined;
1062
+ sandboxUser?: string | undefined;
1063
+ sublayerGuid?: string | undefined;
648
1064
  wfpSublayerGuid?: string | undefined;
649
1065
  proxyPortRange?: [number, number] | undefined;
1066
+ srtWin?: {
1067
+ path?: string | undefined;
1068
+ } | undefined;
650
1069
  } | undefined;
651
1070
  }>;
652
1071
  export type MitmProxyConfig = z.infer<typeof MitmProxyConfigSchema>;
@@ -660,6 +1079,7 @@ export type CredentialsConfig = z.infer<typeof CredentialsConfigSchema>;
660
1079
  export type IgnoreViolationsConfig = z.infer<typeof IgnoreViolationsConfigSchema>;
661
1080
  export type RipgrepConfig = z.infer<typeof RipgrepConfigSchema>;
662
1081
  export type SeccompConfig = z.infer<typeof SeccompConfigSchema>;
1082
+ export type SrtWinConfig = z.infer<typeof SrtWinConfigSchema>;
663
1083
  export type WindowsConfig = z.infer<typeof WindowsConfigSchema>;
664
1084
  export type SandboxRuntimeConfig = z.infer<typeof SandboxRuntimeConfigSchema>;
665
1085
  export {};