@tangle-network/sandbox 0.5.0 → 0.6.1

package/dist/{sandbox-Dyf07Ckv.d.ts → sandbox-BQbq1EGP.d.ts}

@@ -668,6 +668,16 @@ interface CreateSandboxOptions {
    * ```
    */
   network?: NetworkConfig;
+  /**
+   * Egress firewall policy for controlling outbound internet access.
+   *
+   * When omitted on a team sandbox, the team's default egress policy is
+   * inherited. When omitted on a personal sandbox, the platform default
+   * (`{ mode: "open" }`) is used.
+   *
+   * @see {@link EgressPolicy}
+   */
+  egressPolicy?: EgressPolicy;
   /**
    * Git repository to clone at sandbox creation.
    *
@@ -956,6 +966,10 @@ interface SandboxInfo {
   expiresAt?: Date;
   /** Error message if status is 'failed' */
   error?: string;
+  /** Resolved egress policy */
+  egressPolicy?: EgressPolicy;
+  /** Source of the egress policy */
+  egressPolicySource?: "sandbox" | "team" | "platform";
 }
 /**
  * Raw TEE attestation evidence returned by the sandbox runtime.
@@ -1768,6 +1782,53 @@ interface DispatchedSession {
    * dispatch was a no-op (idempotency). */
   alreadyExisted: boolean;
 }
+/**
+ * Options for `box.driveTurn()` — one settle/poll/dispatch pass over a
+ * detached turn. Inherits the full prompt surface (`backend`, `model`,
+ * `turnId`, …) so the dispatch leg configures the run exactly like
+ * `box.dispatchPrompt()` would.
+ */
+interface DriveTurnOptions extends DispatchPromptOptions {
+  /** Deterministic session id — required, it is the resume key. Every
+   * tick for the same logical turn MUST pass the same id so a re-invoke
+   * after a crash finds the in-flight session instead of starting a
+   * second agent run. */
+  sessionId: string;
+  /** Turn idempotency key for the platform's completed-turn cache.
+   * Defaults to `sessionId`, which is correct for the one-turn-per-
+   * session shape detached drivers use. */
+  turnId?: string;
+  /** Wall-clock cap in milliseconds, measured from the session's
+   * `startedAt` (falling back to `createdAt`). When a still-running
+   * session exceeds it, `driveTurn` cancels the session and reports
+   * `state: "failed"` — bounding unattended runs that would otherwise
+   * stall forever (e.g. an interactive question nothing will answer).
+   * Omit for no cap. */
+  wallCapMs?: number;
+}
+/**
+ * Returned by `box.driveTurn()` — where the detached turn stands after
+ * one pass. Discriminated on `state`:
+ *   - `completed` — the turn finished with a text payload; `result` is
+ *     the full cached AgentExecutionResult-shape record.
+ *   - `running` — the session is queued or executing; re-invoke after a
+ *     delay of your choosing.
+ *   - `failed` — terminal and deterministic: a failed/cancelled session,
+ *     a wall-cap cancellation, or a completed turn that carried no text.
+ *     Re-invoking will not change the outcome.
+ */
+type TurnDriveResult = {
+  state: "completed"; /** Final assistant text of the turn. */
+  text: string; /** The full turn payload (text, toolInvocations, tokenUsage, etc.). */
+  result: Record<string, unknown>;
+} | {
+  state: "running"; /** When the session began executing, if the runtime reported it. */
+  startedAt?: Date; /** Milliseconds since `startedAt` at the moment of the poll. */
+  elapsedMs?: number;
+} | {
+  state: "failed"; /** Human-readable reason the turn is deterministically failed. */
+  error: string;
+};
 /**
  * Scope of a `box.mintScopedToken()` request. Each value narrows the
  * token's authority compared to the full sandbox bearer.
@@ -2669,13 +2730,14 @@ interface DriverInfo {
  * - `"hermes"` — Hermes inference-router agent.
  * - `"forge"` — Forge (forgecode.dev, tailcallhq) multi-provider coding agent.
  * - `"openclaw"` — OpenClaw dispatcher that routes to claude-cli/codex-cli/gemini-cli.
+ * - `"nanoclaw"` — NanoClaw local socket bridge backend.
  * - `"acp"` — Agent Client Protocol bridge — fronts any ACP-compliant
  *   agent binary (claude-agent-acp, codex-acp, gemini, openclaw acp).
  *   Pick the backing agent via config.subAgent.
  * - `"cursor"` — Cursor Agent SDK local/cloud backend.
  * - `"cli-base"` — Minimal CLI-only (no AI agent).
  */
-type BackendType = "opencode" | "claude-code" | "kimi-code" | "codex" | "amp" | "factory-droids" | "pi" | "hermes" | "forge" | "openclaw" | "acp" | "cursor" | "cli-base";
+type BackendType = "opencode" | "claude-code" | "kimi-code" | "codex" | "amp" | "factory-droids" | "pi" | "hermes" | "forge" | "openclaw" | "nanoclaw" | "acp" | "cursor" | "cli-base";
 /**
  * MCP (Model Context Protocol) server configuration.
  */
@@ -2924,6 +2986,89 @@ interface NetworkConfig {
    */
   ports?: number[];
 }
+/**
+ * Egress firewall policy for controlling outbound internet access.
+ *
+ * Applied at sandbox creation and mutable at runtime via `box.egress.update()`.
+ * The policy is enforced by the sandbox-side iron-proxy (layer-7 HTTP/HTTPS
+ * filter) and is independent of `network` (which controls layer-3/4 rules).
+ *
+ * @example Open mode — default, all outbound allowed
+ * ```typescript
+ * egressPolicy: { mode: "open" }
+ * ```
+ *
+ * @example Strict mode — only allowlisted domains
+ * ```typescript
+ * egressPolicy: {
+ *   mode: "strict",
+ *   allowDomains: ["api.github.com", "pypi.org"],
+ * }
+ * ```
+ *
+ * @example Blocked mode — no outbound internet
+ * ```typescript
+ * egressPolicy: { mode: "blocked" }
+ * ```
+ */
+interface EgressPolicy {
+  /** Egress mode */
+  mode: "open" | "strict" | "blocked";
+  /**
+   * Additional allowed domains in strict mode.
+   * These are merged with the platform default allowlist.
+   * Ignored in `open` and `blocked` modes.
+   */
+  allowDomains?: string[];
+  /**
+   * Denied domains. Only enforced when the proxy supports denylist transforms.
+   * @deprecated Deferred — not supported by iron-proxy v0.41.
+   */
+  denyDomains?: string[];
+  /**
+   * Allowed CIDR ranges. Only enforced when the proxy supports CIDR passthrough.
+   * @deprecated Deferred — not supported by iron-proxy v0.41.
+   */
+  allowCidrs?: string[];
+}
+/**
+ * Egress policy manager for runtime egress configuration.
+ * Access via `sandbox.egress`.
+ *
+ * @example Read current egress policy
+ * ```typescript
+ * const policy = await box.egress.get();
+ * console.log(policy.mode); // "open" | "strict" | "blocked"
+ * ```
+ *
+ * @example Update egress policy at runtime
+ * ```typescript
+ * await box.egress.update({ mode: "strict", allowDomains: ["api.github.com"] });
+ * ```
+ */
+interface EgressManager {
+  /**
+   * Get the sandbox's current egress policy.
+   *
+   * @returns Resolved egress policy and its source
+   */
+  get(): Promise<{
+    policy: EgressPolicy;
+    source: "sandbox" | "team" | "platform";
+  }>;
+  /**
+   * Update the sandbox's egress policy at runtime.
+   *
+   * The proxy container is restarted to apply the new policy (~2–5s downtime).
+   *
+   * @param policy - New egress policy to apply
+   * @returns Updated policy and source
+   */
+  update(policy: EgressPolicy): Promise<{
+    policy: EgressPolicy;
+    source: "sandbox" | "team" | "platform";
+  }>;
+}
 /**
  * Network manager for runtime network configuration.
  * Access via `sandbox.network`.
@@ -4093,6 +4238,35 @@ declare function buildSandboxMcpConfig(options: BuildSandboxMcpConfigOptions): {
   serverName: string;
   config: SandboxMcpConfig;
 };
+/**
+ * Default name of the control-plane MCP server entry. Distinct from the per-
+ * sandbox runtime server (`SANDBOX_MCP_SERVER_NAME`): the sandbox surface
+ * operates INSIDE one sandbox (`run_code`/`exec`/`read`/`write`), while this one
+ * operates ACROSS the account (sandboxes, workflows, integrations, usage).
+ */
+declare const CONTROL_PLANE_MCP_SERVER_NAME = "tangle-control-plane";
+interface BuildControlPlaneMcpConfigOptions {
+  /** Public platform URL where `/mcp` is reachable. No trailing slash. */
+  platformUrl: string;
+  /**
+   * A Tangle account API key scoped to the control-plane operations you need
+   * (e.g. `read`, `workflows:write`). Sent on every request as a Bearer token.
+   */
+  apiKey: string;
+  /** Override the entry name. Defaults to CONTROL_PLANE_MCP_SERVER_NAME. */
+  serverName?: string;
+}
+/**
+ * Build the canonical `mcpServers` config for the public control-plane MCP
+ * endpoint — the JSON a user pastes into Claude Desktop / Cursor / claude-code
+ * to drive their Tangle account from their own agent. Pure function; mirrors
+ * `buildSandboxMcpConfig` but carries an account API key instead of a per-
+ * sandbox capability token.
+ */
+declare function buildControlPlaneMcpConfig(options: BuildControlPlaneMcpConfigOptions): {
+  serverName: string;
+  config: SandboxMcpConfig;
+};
 //#endregion
 //#region src/session.d.ts
 /**
@@ -4777,10 +4951,27 @@ declare class SandboxInstance {
    * ```
    */
   get network(): NetworkManager;
+  /**
+   * Egress policy manager for controlling outbound internet access.
+   *
+   * @example Read current egress policy
+   * ```typescript
+   * const { policy, source } = await box.egress.get();
+   * console.log(policy.mode, source);
+   * ```
+   *
+   * @example Update egress policy at runtime
+   * ```typescript
+   * await box.egress.update({ mode: "strict", allowDomains: ["api.github.com"] });
+   * ```
+   */
+  get egress(): EgressManager;
   private networkUpdate;
   private networkExposePort;
   private networkListUrls;
   private networkGetConfig;
+  private egressGet;
+  private egressUpdate;
   /**
    * Validate CIDR notation (IPv4 and IPv6)
    */
@@ -5132,6 +5323,31 @@ declare class SandboxInstance {
   findCompletedTurn(turnId: string, opts: {
     sessionId: string;
   }): Promise<CompletedTurnResult | null>;
+  /**
+   * Drive a detached turn forward by exactly one settle → poll → dispatch
+   * pass and report where it stands. Built for tick-based callers —
+   * Cloudflare Workflows steps, queue consumers, crons — that re-invoke
+   * on their own schedule instead of holding a stream open. One
+   * invocation never loops, never sleeps, and never keeps a connection
+   * alive past the pass.
+   *
+   * The pass resolves to the first of:
+   *   1. The completed-turn cache has `turnId` → `completed`, or `failed`
+   *      when the cached payload carries no text — that result is final,
+   *      so a retry cannot improve it.
+   *   2. The session is queued/running → `running`, after enforcing
+   *      `wallCapMs`: a session past the cap is cancelled and reported
+   *      `failed`.
+   *   3. The session is terminal without a cached turn → settle from the
+   *      session result; an unsuccessful result is `failed`.
+   *   4. No session exists → dispatch fire-and-detach (idempotent on
+   *      `sessionId`, exactly like `dispatchPrompt`) → `running`.
+   *
+   * `failed` is always deterministic: re-invoking with the same ids
+   * returns the same outcome rather than starting a second agent run, so
+   * callers can treat it as terminal without their own retry bookkeeping.
+   */
+  driveTurn(message: string | PromptInputPart[], opts: DriveTurnOptions): Promise<TurnDriveResult>;
   /**
    * Mint a scoped, time-bounded JWT for direct browser access to this
    * sandbox (Issue #913 Gap 1). Authority is the caller's
@@ -5154,4 +5370,4 @@ declare class SandboxInstance {
   _sessionCancel(id: string): Promise<void>;
 }
 //#endregion
-export { DriverConfig as $, SandboxTraceExport as $n, PromptResult as $t, BatchTask as A, SandboxFleetMachineRecord as An, UploadProgress as Ar, IntelligenceReportWindow as At, CompletedTurnResult as B, SandboxFleetTraceOptions as Bn, AgentProfilePrompt as Br, PermissionLevel as Bt, BackendInfo as C, SandboxFleetDispatchResponse as Cn, TeeAttestationResponse as Cr, GitStatus as Ct, BatchEvent as D, SandboxFleetIntelligenceEnvelope as Dn, ToolsConfig as Dr, IntelligenceReportBudget as Dt, BackendType as E, SandboxFleetInfo as En, TokenRefreshHandler as Er, IntelligenceReport as Et, CodeExecutionOptions as F, SandboxFleetPolicy as Fn, AgentProfileConfidential as Fr, McpServerConfig as Ft, CreateSandboxFleetWithCoordinatorOptions as G, SandboxFleetWorkspaceSnapshotResult as Gn, AgentSubagentProfile as Gr, ProcessInfo as Gt, CreateRequestOptions as H, SandboxFleetWorkspace as Hn, AgentProfileResources as Hr, PreviewLinkInfo as Ht, CodeExecutionResult as I, SandboxFleetToken as In, AgentProfileFileMount as Ir, MintScopedTokenOptions as It, DirectoryPermission as J, SandboxPermissionsConfig as Jn, defineInlineResource as Jr, ProcessSignal as Jt, CreateSandboxOptions as K, SandboxInfo as Kn, defineAgentProfile as Kr, ProcessLogEntry as Kt, CodeLanguage as L, SandboxFleetTraceBundle as Ln, AgentProfileMcpServer as Lr, MkdirOptions as Lt, CheckpointInfo as M, SandboxFleetManifest as Mn, WaitForOptions as Mr, ListOptions as Mt, CheckpointOptions as N, SandboxFleetManifestMachine as Nn, AgentProfile as Nr, ListSandboxFleetOptions as Nt, BatchOptions as O, SandboxFleetMachine as On, UpdateUserOptions as Or, IntelligenceReportCompareTo as Ot, CheckpointResult as P, SandboxFleetOperationsSummary as Pn, AgentProfileCapabilities as Pr, ListSandboxOptions as Pt, DownloadProgress as Q, SandboxTraceEvent as Qn, PromptOptions as Qt, CodeResult as R, SandboxFleetTraceEvent as Rn, AgentProfileModelHints as Rr, NetworkConfig as Rt, BackendConfig as S, SandboxFleetDispatchFailureClass as Sn, TeeAttestationReport as Sr, GitDiff as St, BackendStatus as T, SandboxFleetDriverTimings as Tn, TeePublicKeyResponse as Tr, InstalledTool as Tt, CreateSandboxFleetOptions as U, SandboxFleetWorkspaceReconcileResult as Un, AgentProfileValidationIssue as Ur, PreviewLinkManager as Ut, CreateIntelligenceReportOptions as V, SandboxFleetUsage as Vn, AgentProfileResourceRef as Vr, PermissionsManager as Vt, CreateSandboxFleetTokenOptions as W, SandboxFleetWorkspaceRestoreResult as Wn, AgentProfileValidationResult as Wr, Process as Wt, DispatchedSession as X, SandboxStatus as Xn, ProcessStatus as Xt, DispatchPromptOptions as Y, SandboxResources as Yn, mergeAgentProfiles as Yr, ProcessSpawnOptions as Yt, DownloadOptions as Z, SandboxTraceBundle as Zn, PromptInputPart as Zt, AcceleratorKind as _, SandboxEnvironment as _n, StorageConfig as _r, ForkResult as _t, TraceExportSink as a, PublicTemplateVersionInfo as an, SearchOptions as ar, FileInfo as at, AttachSandboxFleetMachineOptions as b, SandboxFleetArtifactSpec as bn, TaskResult as br, GitCommit as bt, otelTraceIdForTangleTrace as c, ReapExpiredSandboxFleetsOptions as cn, SessionEventStreamOptions as cr, FleetDispatchResultBuffer as ct, BuildSandboxMcpConfigOptions as d, ReconcileSandboxFleetsResult as dn, SessionMessage as dr, FleetExecDispatchOptions as dt, ProvisionEvent as en, SandboxTraceOptions as er, DriverInfo as et, SANDBOX_MCP_SERVER_NAME as f, RunCodeOptions as fn, SessionStatus as fr, FleetExecDispatchResult as ft, buildSandboxMcpConfig as g, SandboxConnection as gn, SshKeysManager as gr, ForkOptions as gt, SandboxMcpServerEntry as h, SandboxClientConfig as hn, SnapshotResult as hr, FleetPromptDispatchResult as ht, TraceExportResult as i, PublicTemplateInfo as in, SearchMatch as ir, ExecResult as it, BatchTaskResult as j, SandboxFleetMachineSpec as jn, UsageInfo as jr, ListMessagesOptions as jt, BatchResult as k, SandboxFleetMachineMeteredUsage as kn, UploadOptions as kr, IntelligenceReportSubjectType as kt, toOtelJson as l, ReapExpiredSandboxFleetsResult as ln, SessionInfo as lr, FleetDispatchResultBufferOptions as lt, SandboxMcpEndpoint as m, SSHCredentials as mn, SnapshotOptions as mr, FleetPromptDispatchOptions as mt, SandboxInstance as n, ProvisionStatus as nn, ScopedToken as nr, EventStreamOptions as nt, buildTraceExportPayload as o, PublishPublicTemplateOptions as on, SecretInfo as or, FileSystem as ot, SandboxMcpConfig as p, SSHCommandDescriptor as pn, SnapshotInfo as pr, FleetMachineId as pt, DeleteOptions as q, SandboxIntelligenceEnvelope as qn, defineGitHubResource as qr, ProcessManager as qt, TraceExportFormat as r, ProvisionStep as rn, ScopedTokenScope as rr, ExecOptions as rt, exportTraceBundle as s, PublishPublicTemplateVersionOptions as sn, SecretsManager as sr, FleetDispatchCancelResult as st, HttpClient as t, ProvisionResult as tn, SandboxUser as tr, DriverType as tt, SandboxSession as u, ReconcileSandboxFleetsOptions as un, SessionListOptions as ur, FleetDispatchStreamOptions as ut, AccessPolicyRule as v, SandboxEvent as vn, SubscriptionInfo as vr, GitAuth as vt, BackendManager as w, SandboxFleetDriverCapability as wn, TeePublicKey as wr, GpuType as wt, BackendCapabilities as x, SandboxFleetCostEstimate as xn, TeeAttestationOptions as xr, GitConfig as xt, AddUserOptions as y, SandboxFleetArtifact as yn, TaskOptions as yr, GitBranch as yt, CodeResultPart as z, SandboxFleetTraceExport as zn, AgentProfilePermissionValue as zr, NetworkManager as zt };
+export { DispatchedSession as $, SandboxIntelligenceEnvelope as $n, defineAgentProfile as $r, ProcessManager as $t, BatchEvent as A, SandboxFleetDriverCapability as An, TeePublicKey as Ar, GpuType as At, CodeLanguage as B, SandboxFleetOperationsSummary as Bn, AgentProfile as Br, ListSandboxOptions as Bt, AttachSandboxFleetMachineOptions as C, SandboxEnvironment as Cn, StorageConfig as Cr, ForkResult as Ct, BackendManager as D, SandboxFleetCostEstimate as Dn, TeeAttestationOptions as Dr, GitConfig as Dt, BackendInfo as E, SandboxFleetArtifactSpec as En, TaskResult as Er, GitCommit as Et, CheckpointInfo as F, SandboxFleetMachineMeteredUsage as Fn, UpdateUserOptions as Fr, IntelligenceReportSubjectType as Ft, CreateRequestOptions as G, SandboxFleetTraceExport as Gn, AgentProfileModelHints as Gr, NetworkManager as Gt, CodeResultPart as H, SandboxFleetToken as Hn, AgentProfileConfidential as Hr, MintScopedTokenOptions as Ht, CheckpointOptions as I, SandboxFleetMachineRecord as In, UploadOptions as Ir, IntelligenceReportWindow as It, CreateSandboxFleetWithCoordinatorOptions as J, SandboxFleetWorkspace as Jn, AgentProfileResourceRef as Jr, PreviewLinkInfo as Jt, CreateSandboxFleetOptions as K, SandboxFleetTraceOptions as Kn, AgentProfilePermissionValue as Kr, PermissionLevel as Kt, CheckpointResult as L, SandboxFleetMachineSpec as Ln, UploadProgress as Lr, ListMessagesOptions as Lt, BatchResult as M, SandboxFleetInfo as Mn, TokenRefreshHandler as Mr, IntelligenceReport as Mt, BatchTask as N, SandboxFleetIntelligenceEnvelope as Nn, ToolsConfig as Nr, IntelligenceReportBudget as Nt, BackendStatus as O, SandboxFleetDispatchFailureClass as On, TeeAttestationReport as Or, GitDiff as Ot, BatchTaskResult as P, SandboxFleetMachine as Pn, TurnDriveResult as Pr, IntelligenceReportCompareTo as Pt, DispatchPromptOptions as Q, SandboxInfo as Qn, AgentSubagentProfile as Qr, ProcessLogEntry as Qt, CodeExecutionOptions as R, SandboxFleetManifest as Rn, UsageInfo as Rr, ListOptions as Rt, AddUserOptions as S, SandboxConnection as Sn, SshKeysManager as Sr, ForkOptions as St, BackendConfig as T, SandboxFleetArtifact as Tn, TaskOptions as Tr, GitBranch as Tt, CompletedTurnResult as U, SandboxFleetTraceBundle as Un, AgentProfileFileMount as Ur, MkdirOptions as Ut, CodeResult as V, SandboxFleetPolicy as Vn, AgentProfileCapabilities as Vr, McpServerConfig as Vt, CreateIntelligenceReportOptions as W, SandboxFleetTraceEvent as Wn, AgentProfileMcpServer as Wr, NetworkConfig as Wt, DeleteOptions as X, SandboxFleetWorkspaceRestoreResult as Xn, AgentProfileValidationIssue as Xr, Process as Xt, CreateSandboxOptions as Y, SandboxFleetWorkspaceReconcileResult as Yn, AgentProfileResources as Yr, PreviewLinkManager as Yt, DirectoryPermission as Z, SandboxFleetWorkspaceSnapshotResult as Zn, AgentProfileValidationResult as Zr, ProcessInfo as Zt, SandboxMcpServerEntry as _, ReconcileSandboxFleetsResult as _n, SessionMessage as _r, FleetExecDispatchOptions as _t, TraceExportSink as a, PromptResult as an, SandboxTraceExport as ar, DriverType as at, AcceleratorKind as b, SSHCredentials as bn, SnapshotOptions as br, FleetPromptDispatchOptions as bt, otelTraceIdForTangleTrace as c, ProvisionStatus as cn, ScopedToken as cr, EventStreamOptions as ct, BuildControlPlaneMcpConfigOptions as d, PublicTemplateVersionInfo as dn, SearchOptions as dr, FileInfo as dt, defineGitHubResource as ei, ProcessSignal as en, SandboxPermissionsConfig as er, DownloadOptions as et, BuildSandboxMcpConfigOptions as f, PublishPublicTemplateOptions as fn, SecretInfo as fr, FileSystem as ft, SandboxMcpEndpoint as g, ReconcileSandboxFleetsOptions as gn, SessionListOptions as gr, FleetDispatchStreamOptions as gt, SandboxMcpConfig as h, ReapExpiredSandboxFleetsResult as hn, SessionInfo as hr, FleetDispatchResultBufferOptions as ht, TraceExportResult as i, PromptOptions as in, SandboxTraceEvent as ir, DriverInfo as it, BatchOptions as j, SandboxFleetDriverTimings as jn, TeePublicKeyResponse as jr, InstalledTool as jt, BackendType as k, SandboxFleetDispatchResponse as kn, TeeAttestationResponse as kr, GitStatus as kt, toOtelJson as l, ProvisionStep as ln, ScopedTokenScope as lr, ExecOptions as lt, SANDBOX_MCP_SERVER_NAME as m, ReapExpiredSandboxFleetsOptions as mn, SessionEventStreamOptions as mr, FleetDispatchResultBuffer as mt, SandboxInstance as n, mergeAgentProfiles as ni, ProcessStatus as nn, SandboxStatus as nr, DriveTurnOptions as nt, buildTraceExportPayload as o, ProvisionEvent as on, SandboxTraceOptions as or, EgressManager as ot, CONTROL_PLANE_MCP_SERVER_NAME as p, PublishPublicTemplateVersionOptions as pn, SecretsManager as pr, FleetDispatchCancelResult as pt, CreateSandboxFleetTokenOptions as q, SandboxFleetUsage as qn, AgentProfilePrompt as qr, PermissionsManager as qt, TraceExportFormat as r, PromptInputPart as rn, SandboxTraceBundle as rr, DriverConfig as rt, exportTraceBundle as s, ProvisionResult as sn, SandboxUser as sr, EgressPolicy as st, HttpClient as t, defineInlineResource as ti, ProcessSpawnOptions as tn, SandboxResources as tr, DownloadProgress as tt, SandboxSession as u, PublicTemplateInfo as un, SearchMatch as ur, ExecResult as ut, buildControlPlaneMcpConfig as v, RunCodeOptions as vn, SessionStatus as vr, FleetExecDispatchResult as vt, BackendCapabilities as w, SandboxEvent as wn, SubscriptionInfo as wr, GitAuth as wt, AccessPolicyRule as x, SandboxClientConfig as xn, SnapshotResult as xr, FleetPromptDispatchResult as xt, buildSandboxMcpConfig as y, SSHCommandDescriptor as yn, SnapshotInfo as yr, FleetMachineId as yt, CodeExecutionResult as z, SandboxFleetManifestMachine as zn, WaitForOptions as zr, ListSandboxFleetOptions as zt };